From: Alexander Bluhm Subject: Re: sysctl: unlock IPCTL_MRTPROTO To: Vitaliy Makkoveev Cc: tech@openbsd.org Date: Mon, 23 Jun 2025 16:30:06 +0200 On Mon, Jun 23, 2025 at 04:14:22PM +0300, Vitaliy Makkoveev wrote: > Read-only access from sysctl(2) interface. Maybe IPCTL_MRTPROTO is a leftover from routing daemon support in kernel that was deleted. As we might revive that code from attic some day, let's keep that sysctl. I remember fixing something in netstat for the IPv6 case. Your unlocking code is correct. Could you add a [I] comment in ip_mroute.c? OK bluhm@ > Index: sys/netinet/ip_input.c > =================================================================== > RCS file: /cvs/src/sys/netinet/ip_input.c,v > diff -u -p -r1.411 ip_input.c > --- sys/netinet/ip_input.c 23 Jun 2025 09:16:32 -0000 1.411 > +++ sys/netinet/ip_input.c 23 Jun 2025 13:12:21 -0000 > @@ -116,12 +116,12 @@ const struct sysctl_bounded_args ipctl_v > { IPCTL_FORWARDING, &ip_forwarding, 0, 2 }, > { IPCTL_SENDREDIRECTS, &ip_sendredirects, 0, 1 }, > { IPCTL_DIRECTEDBCAST, &ip_directedbcast, 0, 1 }, > -}; > - > -const struct sysctl_bounded_args ipctl_vars[] = { > #ifdef MROUTING > { IPCTL_MRTPROTO, &ip_mrtproto, SYSCTL_INT_READONLY }, > #endif > +}; > + > +const struct sysctl_bounded_args ipctl_vars[] = { > { IPCTL_DEFTTL, &ip_defttl, 0, 255 }, > { IPCTL_IPPORT_FIRSTAUTO, &ipport_firstauto, 0, 65535 }, > { IPCTL_IPPORT_LASTAUTO, &ipport_lastauto, 0, 65535 }, > @@ -1830,6 +1830,9 @@ ip_sysctl(int *name, u_int namelen, void > case IPCTL_FORWARDING: > case IPCTL_SENDREDIRECTS: > case IPCTL_DIRECTEDBCAST: > +#ifdef MROUTING > + case IPCTL_MRTPROTO: > +#endif > return (sysctl_bounded_arr( > ipctl_vars_unlocked, nitems(ipctl_vars_unlocked), > name, namelen, oldp, oldlenp, newp, newlen));