From: Vitaliy Makkoveev Subject: sysctl: unlock IPCTL_DEFTTL case of ip_sysctl() To: Alexander Bluhm , tech@openbsd.org Date: Tue, 24 Jun 2025 21:53:52 +0300 Read-only access at initialization time of interfaces, PCBs and IP packets. Index: sys/net/if_etherip.c =================================================================== RCS file: /cvs/src/sys/net/if_etherip.c,v retrieving revision 1.57 diff -u -p -r1.57 if_etherip.c --- sys/net/if_etherip.c 2 Mar 2025 21:28:31 -0000 1.57 +++ sys/net/if_etherip.c 24 Jun 2025 18:50:15 -0000 @@ -148,7 +148,7 @@ etherip_clone_create(struct if_clone *if snprintf(ifp->if_xname, sizeof(ifp->if_xname), "%s%d", ifc->ifc_name, unit); - sc->sc_ttl = ip_defttl; + sc->sc_ttl = atomic_load_int(&ip_defttl); sc->sc_txhprio = IFQ_TOS2PRIO(IPTOS_PREC_ROUTINE); /* 0 */ sc->sc_rxhprio = IF_HDRPRIO_PACKET; sc->sc_df = htons(0); Index: sys/net/if_gif.c =================================================================== RCS file: /cvs/src/sys/net/if_gif.c,v retrieving revision 1.139 diff -u -p -r1.139 if_gif.c --- sys/net/if_gif.c 2 Mar 2025 21:28:31 -0000 1.139 +++ sys/net/if_gif.c 24 Jun 2025 18:50:15 -0000 @@ -152,7 +152,7 @@ gif_clone_create(struct if_clone *ifc, i ifp = &sc->sc_if; sc->sc_df = htons(0); - sc->sc_ttl = ip_defttl; + sc->sc_ttl = atomic_load_int(&ip_defttl); sc->sc_txhprio = IF_HDRPRIO_PAYLOAD; sc->sc_rxhprio = IF_HDRPRIO_PAYLOAD; sc->sc_ecn = ECN_ALLOWED; Index: sys/net/if_gre.c =================================================================== RCS file: /cvs/src/sys/net/if_gre.c,v retrieving revision 1.188 diff -u -p -r1.188 if_gre.c --- sys/net/if_gre.c 5 Jun 2025 04:30:49 -0000 1.188 +++ sys/net/if_gre.c 24 Jun 2025 18:50:15 -0000 @@ -659,7 +659,7 @@ gre_clone_create(struct if_clone *ifc, i ifp->if_ioctl = gre_ioctl; ifp->if_rtrequest = p2p_rtrequest; - sc->sc_tunnel.t_ttl = ip_defttl; + sc->sc_tunnel.t_ttl = atomic_load_int(&ip_defttl); sc->sc_tunnel.t_txhprio = IF_HDRPRIO_PAYLOAD; sc->sc_tunnel.t_rxhprio = IF_HDRPRIO_PACKET; sc->sc_tunnel.t_df = htons(0); @@ -730,7 +730,7 @@ mgre_clone_create(struct if_clone *ifc, ifp->if_start = mgre_start; ifp->if_ioctl = mgre_ioctl; - sc->sc_tunnel.t_ttl = ip_defttl; + sc->sc_tunnel.t_ttl = atomic_load_int(&ip_defttl); sc->sc_tunnel.t_txhprio = IF_HDRPRIO_PAYLOAD; sc->sc_tunnel.t_rxhprio = IF_HDRPRIO_PACKET; sc->sc_tunnel.t_df = htons(0); @@ -784,7 +784,7 @@ egre_clone_create(struct if_clone *ifc, ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; ether_fakeaddr(ifp); - sc->sc_tunnel.t_ttl = ip_defttl; + sc->sc_tunnel.t_ttl = atomic_load_int(&ip_defttl); sc->sc_tunnel.t_txhprio = 0; sc->sc_tunnel.t_rxhprio = IF_HDRPRIO_PACKET; sc->sc_tunnel.t_df = htons(0); @@ -919,7 +919,7 @@ eoip_clone_create(struct if_clone *ifc, ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; ether_fakeaddr(ifp); - sc->sc_tunnel.t_ttl = ip_defttl; + sc->sc_tunnel.t_ttl = atomic_load_int(&ip_defttl); sc->sc_tunnel.t_txhprio = 0; sc->sc_tunnel.t_rxhprio = IF_HDRPRIO_PACKET; sc->sc_tunnel.t_df = htons(0); @@ -3098,7 +3098,8 @@ gre_keepalive_send(void *arg) SipHash24_Update(&ctx, &gk->gk_random, sizeof(gk->gk_random)); SipHash24_Final(gk->gk_digest, &ctx); - ttl = sc->sc_tunnel.t_ttl == -1 ? ip_defttl : sc->sc_tunnel.t_ttl; + ttl = sc->sc_tunnel.t_ttl == -1 ? + atomic_load_int(&ip_defttl) : sc->sc_tunnel.t_ttl; m->m_pkthdr.pf.prio = sc->sc_if.if_llprio; tos = gre_l3_tos(&sc->sc_tunnel, m, IFQ_PRIO2TOS(m->m_pkthdr.pf.prio)); @@ -4461,7 +4462,7 @@ erspan_clone_create(struct if_clone *ifc ether_fakeaddr(ifp); sc->sc_tunnel.t_key = ~0; - sc->sc_tunnel.t_ttl = ip_defttl; + sc->sc_tunnel.t_ttl = atomic_load_int(&ip_defttl); sc->sc_tunnel.t_txhprio = IF_HDRPRIO_PACKET; /* XXX */ sc->sc_tunnel.t_rxhprio = IF_HDRPRIO_PAYLOAD; sc->sc_tunnel.t_df = htons(0); Index: sys/net/pf.c =================================================================== RCS file: /cvs/src/sys/net/pf.c,v retrieving revision 1.1216 diff -u -p -r1.1216 pf.c --- sys/net/pf.c 23 Jun 2025 20:59:25 -0000 1.1216 +++ sys/net/pf.c 24 Jun 2025 18:50:17 -0000 @@ -3326,7 +3326,7 @@ pf_build_tcp(const struct pf_rule *r, sa h->ip_tos = IPTOS_LOWDELAY; h->ip_len = htons(len); h->ip_off = htons(atomic_load_int(&ip_mtudisc) ? IP_DF : 0); - h->ip_ttl = ttl ? ttl : ip_defttl; + h->ip_ttl = ttl ? ttl : atomic_load_int(&ip_defttl); h->ip_sum = 0; h->ip_src.s_addr = saddr->v4.s_addr; h->ip_dst.s_addr = daddr->v4.s_addr; Index: sys/netinet/ip_input.c =================================================================== RCS file: /cvs/src/sys/netinet/ip_input.c,v retrieving revision 1.414 diff -u -p -r1.414 ip_input.c --- sys/netinet/ip_input.c 24 Jun 2025 18:05:51 -0000 1.414 +++ sys/netinet/ip_input.c 24 Jun 2025 18:50:19 -0000 @@ -96,7 +96,7 @@ int ipmforwarding = 0; int ipmultipath = 0; /* [a] */ int ip_sendredirects = 1; /* [a] */ int ip_dosourceroute = 0; /* [a] */ -int ip_defttl = IPDEFTTL; +int ip_defttl = IPDEFTTL; /* [a] */ int ip_mtudisc = 1; /* [a] */ int ip_mtudisc_timeout = IPMTUDISCTIMEOUT; /* [a] */ int ip_directedbcast = 0; /* [a] */ @@ -119,6 +119,7 @@ const struct sysctl_bounded_args ipctl_v #ifdef MROUTING { IPCTL_MRTPROTO, &ip_mrtproto, SYSCTL_INT_READONLY }, #endif + { IPCTL_DEFTTL, &ip_defttl, 0, 255 }, { IPCTL_IPPORT_FIRSTAUTO, &ipport_firstauto, 0, 65535 }, { IPCTL_IPPORT_LASTAUTO, &ipport_lastauto, 0, 65535 }, { IPCTL_IPPORT_HIFIRSTAUTO, &ipport_hifirstauto, 0, 65535 }, @@ -126,7 +127,6 @@ const struct sysctl_bounded_args ipctl_v }; const struct sysctl_bounded_args ipctl_vars[] = { - { IPCTL_DEFTTL, &ip_defttl, 0, 255 }, { IPCTL_IPPORT_MAXQUEUE, &ip_maxqueue, 0, 10000 }, { IPCTL_MFORWARDING, &ipmforwarding, 0, 1 }, { IPCTL_ARPTIMEOUT, &arpt_keep, 0, INT_MAX }, @@ -1839,6 +1839,7 @@ ip_sysctl(int *name, u_int namelen, void #ifdef MROUTING case IPCTL_MRTPROTO: #endif + case IPCTL_DEFTTL: case IPCTL_IPPORT_FIRSTAUTO: case IPCTL_IPPORT_LASTAUTO: case IPCTL_IPPORT_HIFIRSTAUTO: Index: sys/netinet/ip_ipip.c =================================================================== RCS file: /cvs/src/sys/netinet/ip_ipip.c,v retrieving revision 1.108 diff -u -p -r1.108 ip_ipip.c --- sys/netinet/ip_ipip.c 12 Jun 2025 20:37:59 -0000 1.108 +++ sys/netinet/ip_ipip.c 24 Jun 2025 18:50:19 -0000 @@ -387,7 +387,7 @@ ipip_output(struct mbuf **mp, struct tdb ipo->ip_v = IPVERSION; ipo->ip_hl = 5; ipo->ip_len = htons(m->m_pkthdr.len); - ipo->ip_ttl = ip_defttl; + ipo->ip_ttl = atomic_load_int(&ip_defttl); ipo->ip_sum = 0; ipo->ip_src = tdb->tdb_src.sin.sin_addr; ipo->ip_dst = tdb->tdb_dst.sin.sin_addr; Index: sys/netinet/ip_output.c =================================================================== RCS file: /cvs/src/sys/netinet/ip_output.c,v retrieving revision 1.410 diff -u -p -r1.410 ip_output.c --- sys/netinet/ip_output.c 23 Jun 2025 20:59:25 -0000 1.410 +++ sys/netinet/ip_output.c 24 Jun 2025 18:50:19 -0000 @@ -909,7 +909,8 @@ ip_ctloutput(int op, struct socket *so, if (optval > 0 && optval <= MAXTTL) inp->inp_ip.ip_ttl = optval; else if (optval == -1) - inp->inp_ip.ip_ttl = ip_defttl; + inp->inp_ip.ip_ttl = + atomic_load_int(&ip_defttl); else error = EINVAL; break; @@ -1125,7 +1126,7 @@ ip_ctloutput(int op, struct socket *so, break; case IP_IPDEFTTL: - optval = ip_defttl; + optval = atomic_load_int(&ip_defttl); break; #define OPTBIT(bit) (inp->inp_flags & bit ? 1 : 0) Index: sys/netinet/tcp_input.c =================================================================== RCS file: /cvs/src/sys/netinet/tcp_input.c,v retrieving revision 1.454 diff -u -p -r1.454 tcp_input.c --- sys/netinet/tcp_input.c 23 Jun 2025 20:59:25 -0000 1.454 +++ sys/netinet/tcp_input.c 24 Jun 2025 18:50:23 -0000 @@ -4279,7 +4279,8 @@ syn_cache_respond(struct syn_cache *sc, switch (sc->sc_src.sa.sa_family) { case AF_INET: ip->ip_len = htons(tlen); - ip->ip_ttl = inp ? inp->inp_ip.ip_ttl : ip_defttl; + ip->ip_ttl = inp ? + inp->inp_ip.ip_ttl : atomic_load_int(&ip_defttl); if (inp != NULL) ip->ip_tos = inp->inp_ip.ip_tos; Index: sys/netinet/tcp_subr.c =================================================================== RCS file: /cvs/src/sys/netinet/tcp_subr.c,v retrieving revision 1.213 diff -u -p -r1.213 tcp_subr.c --- sys/netinet/tcp_subr.c 23 Jun 2025 20:59:25 -0000 1.213 +++ sys/netinet/tcp_subr.c 24 Jun 2025 18:50:24 -0000 @@ -408,7 +408,7 @@ tcp_respond(struct tcpcb *tp, caddr_t te #endif /* INET6 */ case AF_INET: ip->ip_len = htons(tlen); - ip->ip_ttl = ip_defttl; + ip->ip_ttl = atomic_load_int(&ip_defttl); ip->ip_tos = 0; ip_output(m, NULL, tp ? &tp->t_inpcb->inp_route : NULL, @@ -469,7 +469,7 @@ tcp_newtcpcb(struct inpcb *inp, int wait #endif { tp->pf = PF_INET; - inp->inp_ip.ip_ttl = ip_defttl; + inp->inp_ip.ip_ttl = atomic_load_int(&ip_defttl); } inp->inp_ppcb = (caddr_t)tp; Index: sys/netinet/udp_usrreq.c =================================================================== RCS file: /cvs/src/sys/netinet/udp_usrreq.c,v retrieving revision 1.345 diff -u -p -r1.345 udp_usrreq.c --- sys/netinet/udp_usrreq.c 23 Jun 2025 20:59:25 -0000 1.345 +++ sys/netinet/udp_usrreq.c 24 Jun 2025 18:50:24 -0000 @@ -1141,7 +1141,7 @@ udp_attach(struct socket *so, int proto, sotoinpcb(so)->inp_ipv6.ip6_hlim = ip6_defhlim; else #endif - sotoinpcb(so)->inp_ip.ip_ttl = ip_defttl; + sotoinpcb(so)->inp_ip.ip_ttl = atomic_load_int(&ip_defttl); return 0; }