summaryrefslogtreecommitdiffstats
path: root/sys/kern/kern_sysctl.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Rename tame() to pledge(). This fairly interface has evolved to be morederaadt2015-10-091-4/+4
| | | | | | strict than anticipated. It allows a programmer to pledge/promise/covenant that their program will operate within an easily defined subset of the Unix environment, or it pays the price.
* track sizes for free in sysctl_diskinit(); ok krwderaadt2015-09-281-3/+7
|
* Rename __sysctl syscall to just sysctl, as the userland wrapper is no longerguenther2015-09-131-3/+3
| | | | | | necessary ok deraadt@ jsing@
* Convert _TM_ flags to TAME_ flags, collapsing the entire mappingderaadt2015-09-111-2/+2
| | | | | | layer because the strings select the right options. Mechanical conversion. ok guenther
* Only include <sys/tame.h> in the .c files that need itguenther2015-09-111-1/+2
| | | | ok deraadt@ miod@
* sizes for free(); ok sthenderaadt2015-09-101-4/+5
|
* Fix !INET6 build.mpi2015-09-031-2/+5
|
* Rework the UNIX domain socket garbage collector, including ideas fromguenther2015-08-281-2/+2
| | | | | | | | | | | | | {Free,Net}BSD - when a socket is closed with fds in its input, defer closing them to a task to avoid recursing. This eliminates the complicated extra reference taking which had a 37 line(!) comment explanation - move flags, counts, and links only needed for this from struct file to struct unpcb - document the flow of the mark/sweep collector much help from claudio@ who made me explain the GC to him until we trusted it ok claudio@ mpi@ deraadt@
* Move to tame(int flags, char *paths[]) API/ABI.deraadt2015-08-221-2/+1
| | | | | | | | | | | | The pathlist is a whitelist of dirs and files; anything else returns ENOENT. Recommendation is to use a narrowly defined list. Also add TAME_FATTR, which permits explicit change operations against "struct stat" fields. Some other TAME_ flags are refined slightly. Not cranking libc now, since nothing commited in base uses this and the timing is uncomfortable for others. Discussed with many; thanks for a few bug fixes from semarie, doug, guenther. ok guenther
* Unfortunately netstat did not show sockets without file descriptorsbluhm2015-08-031-19/+59
| | | | | | | | | since it had been converted from kvm to sysctl. This was hiding a bunch of TCP states which are important for network debugging. Loop over the internet PCB tables to fill the network information into the KERN_FILE_BYFILE sysctl result. Skip internet sockets when looping over the file desciptors. From markus@; OK guenther@; Go for it deraadt@
* tame(2) is a subsystem which restricts programs into a "reduced featurederaadt2015-07-191-1/+5
| | | | | | operating model". This is the kernel component; various changes should proceed in-tree for a while before userland programs start using it. ok miod, discussions and help from many
* For each file in sysctl(KERN_FILE_BYFILE), FILLIT() calls fill_file(),bluhm2015-05-181-9/+21
| | | | | | | | | | | | which calls VOP_GETATTR(). For NFS, that leads to nfs_getattr(). If the node's attributes are not in NFS's cache, nfs_getattr() will invoke nfs_request() and the latter will sleep, allowing the file pointer to disappear while we traverse the list. This results in kernel crashes while running netstat or pstat -f. Grab a reference to the file descriptor before calling FILLIT(), and release it afterwards. This way the file descriptor cannot disappear while we sleep in nfs_getattr(). Analysis and fix from Pedro Martelletto; input and OK guenther@ mpi@
* Replace the hand-crafted list of datagram unix domain sockets withbluhm2015-03-281-3/+5
| | | | | a SLIST. OK mpi@ benno@
* Extend struct kinfo_file a bit so that netstat has all the info it needs.claudio2015-02-111-1/+21
| | | | OK guenther@
* Prefer arg != 0 over arg for non-boolean. nitted kettenis@guenther2015-02-111-2/+2
|
* sysctl({CTL_KERN, KERN_FILE, KERN_FILE_BYFILE}) previously requiredguenther2015-02-111-6/+3
| | | | | | | the extra argument to be zero; instead, make it filter on the file type (DTYPE_*) when non-zero to make claudio's netstat work easier. ok claudio@
* Change the way stackgap_random is applied. Instead of applying it within themiod2015-02-091-2/+1
| | | | | | fixed stack area of the exec'd image, and risking hitting process limits, should we want to increase stackgap_random, the randomness is applied to the stack region in the process' vmspace.
* Move ps_strings "after" the random stackgap. This makes its location akettenis2015-01-201-3/+5
| | | | | | | | per-process value, and therefpore turns the VM_PSSTRINGS sysctl into a per-process one as well. This gets rid of a pointer to the bottom of the stack at a fixed location. Also clears the road for unmapping the stackgap. ok deraadt@
* Add dmesg -s support, to view the output of rc(8) system startup messages.mpf2015-01-131-7/+18
| | | | | Help and feedback by Theo and Miod. OK deraadt@, manpage-ok jmc@
* sysctl kern.global_ptrace.tedu2014-12-121-1/+8
| | | | | | controls whether you can ptrace any process with appropriate privileges or only one own's children. ok deraadt
* sysctl_proc_vmmap(): Allow retrieving "self" VM mapping without privilege.uebayasi2014-12-121-7/+11
| | | | Previous version OK'ed by tedu@ deraadt@
* convert bcopy to memcpy. ok millerttedu2014-12-101-3/+3
|
* Allow only root to use KERN_PROC_VMMAP until it is really proven safe.uebayasi2014-12-051-1/+6
| | | | OK deraadt@
* Introduce a new sysctl to retrieve VM map entriesuebayasi2014-12-051-1/+101
| | | | | | | | | | | | | | | | This adds a new sysctl KERN_PROC_VMMAP, which returns an array of VM map entries of a specified process. This prevents debuggers from iterating vm_map_entry RB tree via kvm(3). The name KERN_PROC_VMMAP and struct kinfo_vmentry are chosen from the same function in FreeBSD. struct kinfo_vmentry is revised to reduce size, because OpenBSD does not keep track of filepaths. The semantic is also changed to return max buffer size as a hint, and start iteration at the specified base address. Much valuable input from deraadt@, guenther@, tedu@ OK tedu@ deraadt@
* missed a file when removing KERN_VNODE.tedu2014-11-191-3/+1
|
* delete the KERN_VNODE sysctl. it fails to provide any isolation from thetedu2014-11-191-3/+1
| | | | | | | kernel struct vnode defintion, and the only consumer (pstat) still needs kvm to read much of the required information. no great loss to always use kvm until there's a better replacement interface. ok deraadt millert uebayasi
* Replace a plethora of historical protection options with justderaadt2014-11-161-2/+2
| | | | | | | PROT_NONE, PROT_READ, PROT_WRITE, and PROT_EXEC from mman.h. PROT_MASK is introduced as the one true way of extracting those bits. Remove UVM_ADV_* wrapper, using the standard names. ok doug guenther kettenis
* Put the socket splicing fields into a seperate struct sosplice thatbluhm2014-11-031-5/+6
| | | | | | | gets only allocated when needed. This way struct socket shrinks from 472 to 392 bytes on amd64. When splicing gets active, another 88 bytes are allocated for struct sosplice. OK dlg@
* add a few sizes to freetedu2014-11-011-7/+7
|
* redo the performance throttling in the kernel.tedu2014-10-171-20/+9
| | | | | | introduce a new sysctl, hw.perfpolicy, that governs the policy. when set to anything other than manual, hw.setperf then becomes read only. phessler was heading in this direction, but this is slightly different. :)
* back out; does not even compilederaadt2014-10-111-83/+9
|
* resurrect a many year old diff. move CPU throttling into the kernel,tedu2014-10-111-9/+83
| | | | | | enabled by setting hw.setperf=-1. some other bugs preventing this from going in before have been fixed. my thanks to phessler for keeping the diff alive in the mean time. tested by several to not regress.
* Remove non-standard <sys/dkstat.h> header. It has not contained anythingmiod2014-09-151-3/+2
| | | | | | | | | | related to disk stastics for almost 17 years, and the remaining userland-visible defines duplicate those found in <sys/sched.h>. Move the remaining _KERNEL defines to <sys/tty.h> where they belong, and update all users to cope with this. ok kettenis@
* Remove global cp_time[] array; no longer used now that all arches implementmiod2014-09-041-2/+2
| | | | cpu_info.
* Bye bye /dev/cryptomikeb2014-08-201-16/+1
| | | | | | | The interface has been disabled by default for about 4 years and currently there's not much value in having it around at all. ok deraadt
* dont rely on mbuf.h to provide pool.h.dlg2014-08-181-1/+2
| | | | | ok miod@, who has offerred to help with any MD fallout ok guenther@
* Fewer <netinet/in_systm.h> !mpi2014-07-221-2/+1
|
* zero random buf for sysctl too, just in casetedu2014-07-171-1/+2
|
* Introduce PS_NOBROADCASTKILL a process flag that excludes processes fromclaudio2014-07-131-1/+48
| | | | | | | receiving broadcast signals (kill -1). The flag can be set via a new sysctl KERN_PROC_NOBROADCASTKILL. This will be used by iscsid to survive the mass killing by init(8) when terminating multi-user operations. With and OK guenther@
* use mallocarray where arguments are multipled. ok deraadttedu2014-07-131-2/+2
|
* add a size argument to free. will be used soon, but for now default to 0.tedu2014-07-121-10/+10
| | | | after discussions with beck deraadt kettenis.
* decouple struct uvmexp into a new file, so that uvm_extern.h and sysctl.hderaadt2014-07-081-2/+1
| | | | | don't need to be married. ok guenther miod beck jsing kettenis
* pull the rx ring accounting out of the mbuf layer now that its all donedlg2014-07-081-3/+3
| | | | | | | | | | via if_rxring things. this effectively deprecates the third argument for MCLGETI and m_clget and makes the mbuf layer no longer care about interfaces and simplifies the allocation paths. the timeout used to measure livelock has been moved to net/if.c. ok mpi@
* Track whether a process is a zombie or not yet fully built via flagsguenther2014-07-041-50/+59
| | | | | | | | | | | PS_{ZOMBIE,EMBRYO} on the process instead of peeking into the process's thread data. This eliminates the need for the thread-level SDEAD state. Change kvm_getprocs() (both the sysctl() and kvm backends) to report the "most active" scheduler state for the process's threads. tweaks kettenis@ feedback and ok matthew@
* Rather than truncating KERN_ARND requests silently, return EINVALderaadt2014-06-141-2/+2
| | | | ok miod
* temporarily (maybe 3 weeks?) crank KERN_ARND maximum buffer from 256deraadt2014-06-141-2/+2
| | | | | to 512, to make it easier for people to build to -current. ok miod
* Add bounds checks for CTL_DEBUG sysctl variable.matthew2014-06-111-1/+3
|
* When looking at another process, use the data from struct processguenther2014-05-171-21/+21
| | | | | | instead of peeking into the thread level ok tedu@
* Add PS_SYSTEM, the process-level mirror of the thread-level P_SYSTEM,guenther2014-05-041-15/+9
| | | | | | | and FORK_SYSTEM as a flag to set them. This eliminates needing to peek into other processes threads in various places. Inspired by NetBSD ok miod@ matthew@
* If P_ZOMBIE(pr->ps_mainproc) is true, then (pr->ps_flags & PS_EXITING)guenther2014-05-031-8/+8
| | | | | | | | is, so eliminate the check of the former and instead use the EINVAL error for the latter. Also, consistently check for PS_EXITING before check creds. suggestion to split this from another diff miod@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.