init_sysctl.c revision 1.220
1 /* $NetBSD: init_sysctl.c,v 1.220 2018/12/03 00:11:02 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 2003, 2007, 2008, 2009 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Andrew Brown, and by Andrew Doran. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: init_sysctl.c,v 1.220 2018/12/03 00:11:02 christos Exp $"); 34 35 #include "opt_sysv.h" 36 #include "opt_compat_netbsd.h" 37 #include "opt_modular.h" 38 #include "opt_gprof.h" 39 #include "opt_kaslr.h" 40 #include "pty.h" 41 42 #include <sys/types.h> 43 #include <sys/param.h> 44 #include <sys/sysctl.h> 45 #include <sys/cpu.h> 46 #include <sys/errno.h> 47 #include <sys/systm.h> 48 #include <sys/kernel.h> 49 #include <sys/unistd.h> 50 #include <sys/disklabel.h> 51 #include <sys/cprng.h> 52 #include <sys/vnode_impl.h> /* For vfs_drainvnodes(). */ 53 #include <sys/mount.h> 54 #include <sys/namei.h> 55 #include <dev/cons.h> 56 #include <sys/socketvar.h> 57 #include <sys/file.h> 58 #include <sys/filedesc.h> 59 #include <sys/tty.h> 60 #include <sys/kmem.h> 61 #include <sys/reboot.h> 62 #include <sys/resource.h> 63 #include <sys/resourcevar.h> 64 #include <sys/exec.h> 65 #include <sys/conf.h> 66 #include <sys/device.h> 67 #include <sys/stat.h> 68 #include <sys/kauth.h> 69 #include <sys/ktrace.h> 70 71 #include <sys/cpu.h> 72 73 int security_setidcore_dump; 74 char security_setidcore_path[MAXPATHLEN] = "/var/crash/%n.core"; 75 uid_t security_setidcore_owner = 0; 76 gid_t security_setidcore_group = 0; 77 mode_t security_setidcore_mode = (S_IRUSR|S_IWUSR); 78 79 /* 80 * Current status of SysV IPC capability. Initially, these are 81 * 0 if the capability is not built-in to the kernel, but can 82 * be updated if the appropriate kernel module is (auto)loaded. 83 */ 84 85 int kern_has_sysvmsg = 0; 86 int kern_has_sysvshm = 0; 87 int kern_has_sysvsem = 0; 88 89 #ifdef KASLR 90 int kern_expose_address = 0; 91 #else 92 int kern_expose_address = 1; 93 #endif 94 95 static const u_int sysctl_lwpprflagmap[] = { 96 LPR_DETACHED, L_DETACHED, 97 0 98 }; 99 100 /* 101 * try over estimating by 5 procs/lwps 102 */ 103 #define KERN_LWPSLOP (5 * sizeof(struct kinfo_lwp)) 104 105 static int dcopyout(struct lwp *, const void *, void *, size_t); 106 107 static int 108 dcopyout(struct lwp *l, const void *kaddr, void *uaddr, size_t len) 109 { 110 int error; 111 112 error = copyout(kaddr, uaddr, len); 113 ktrmibio(-1, UIO_READ, uaddr, len, error); 114 115 return error; 116 } 117 118 #ifdef DIAGNOSTIC 119 static int sysctl_kern_trigger_panic(SYSCTLFN_PROTO); 120 #endif 121 static int sysctl_kern_maxvnodes(SYSCTLFN_PROTO); 122 static int sysctl_kern_messages(SYSCTLFN_PROTO); 123 static int sysctl_kern_rtc_offset(SYSCTLFN_PROTO); 124 static int sysctl_kern_maxproc(SYSCTLFN_PROTO); 125 static int sysctl_kern_hostid(SYSCTLFN_PROTO); 126 static int sysctl_kern_defcorename(SYSCTLFN_PROTO); 127 static int sysctl_kern_cptime(SYSCTLFN_PROTO); 128 #if NPTY > 0 129 static int sysctl_kern_maxptys(SYSCTLFN_PROTO); 130 #endif /* NPTY > 0 */ 131 static int sysctl_kern_lwp(SYSCTLFN_PROTO); 132 static int sysctl_kern_forkfsleep(SYSCTLFN_PROTO); 133 static int sysctl_kern_root_partition(SYSCTLFN_PROTO); 134 static int sysctl_kern_drivers(SYSCTLFN_PROTO); 135 static int sysctl_security_setidcore(SYSCTLFN_PROTO); 136 static int sysctl_security_setidcorename(SYSCTLFN_PROTO); 137 static int sysctl_security_expose_address(SYSCTLFN_PROTO); 138 static int sysctl_kern_cpid(SYSCTLFN_PROTO); 139 static int sysctl_hw_usermem(SYSCTLFN_PROTO); 140 static int sysctl_hw_cnmagic(SYSCTLFN_PROTO); 141 142 static void fill_lwp(struct lwp *l, struct kinfo_lwp *kl); 143 144 /* 145 * ******************************************************************** 146 * section 1: setup routines 147 * ******************************************************************** 148 * These functions are stuffed into a link set for sysctl setup 149 * functions. They're never called or referenced from anywhere else. 150 * ******************************************************************** 151 */ 152 153 /* 154 * this setup routine is a replacement for kern_sysctl() 155 */ 156 SYSCTL_SETUP(sysctl_kern_setup, "sysctl kern subtree setup") 157 { 158 extern int kern_logsigexit; /* defined in kern/kern_sig.c */ 159 extern fixpt_t ccpu; /* defined in kern/kern_synch.c */ 160 extern int dumponpanic; /* defined in kern/subr_prf.c */ 161 const struct sysctlnode *rnode; 162 163 sysctl_createv(clog, 0, NULL, NULL, 164 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 165 CTLTYPE_INT, "maxvnodes", 166 SYSCTL_DESCR("Maximum number of vnodes"), 167 sysctl_kern_maxvnodes, 0, NULL, 0, 168 CTL_KERN, KERN_MAXVNODES, CTL_EOL); 169 sysctl_createv(clog, 0, NULL, NULL, 170 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 171 CTLTYPE_INT, "maxproc", 172 SYSCTL_DESCR("Maximum number of simultaneous processes"), 173 sysctl_kern_maxproc, 0, NULL, 0, 174 CTL_KERN, KERN_MAXPROC, CTL_EOL); 175 sysctl_createv(clog, 0, NULL, NULL, 176 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 177 CTLTYPE_INT, "maxfiles", 178 SYSCTL_DESCR("Maximum number of open files"), 179 NULL, 0, &maxfiles, 0, 180 CTL_KERN, KERN_MAXFILES, CTL_EOL); 181 sysctl_createv(clog, 0, NULL, NULL, 182 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 183 CTLTYPE_INT, "argmax", 184 SYSCTL_DESCR("Maximum number of bytes of arguments to " 185 "execve(2)"), 186 NULL, ARG_MAX, NULL, 0, 187 CTL_KERN, KERN_ARGMAX, CTL_EOL); 188 sysctl_createv(clog, 0, NULL, NULL, 189 CTLFLAG_PERMANENT|CTLFLAG_READWRITE|CTLFLAG_HEX, 190 CTLTYPE_INT, "hostid", 191 SYSCTL_DESCR("System host ID number"), 192 sysctl_kern_hostid, 0, NULL, 0, 193 CTL_KERN, KERN_HOSTID, CTL_EOL); 194 sysctl_createv(clog, 0, NULL, NULL, 195 CTLFLAG_PERMANENT, 196 CTLTYPE_STRUCT, "vnode", 197 SYSCTL_DESCR("System vnode table"), 198 sysctl_kern_vnode, 0, NULL, 0, 199 CTL_KERN, KERN_VNODE, CTL_EOL); 200 #ifndef GPROF 201 sysctl_createv(clog, 0, NULL, NULL, 202 CTLFLAG_PERMANENT, 203 CTLTYPE_NODE, "profiling", 204 SYSCTL_DESCR("Profiling information (not available)"), 205 sysctl_notavail, 0, NULL, 0, 206 CTL_KERN, KERN_PROF, CTL_EOL); 207 #endif 208 sysctl_createv(clog, 0, NULL, NULL, 209 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 210 CTLTYPE_INT, "posix1version", 211 SYSCTL_DESCR("Version of ISO/IEC 9945 (POSIX 1003.1) " 212 "with which the operating system attempts " 213 "to comply"), 214 NULL, _POSIX_VERSION, NULL, 0, 215 CTL_KERN, KERN_POSIX1, CTL_EOL); 216 sysctl_createv(clog, 0, NULL, NULL, 217 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 218 CTLTYPE_INT, "ngroups", 219 SYSCTL_DESCR("Maximum number of supplemental groups"), 220 NULL, NGROUPS_MAX, NULL, 0, 221 CTL_KERN, KERN_NGROUPS, CTL_EOL); 222 sysctl_createv(clog, 0, NULL, NULL, 223 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 224 CTLTYPE_INT, "job_control", 225 SYSCTL_DESCR("Whether job control is available"), 226 NULL, 1, NULL, 0, 227 CTL_KERN, KERN_JOB_CONTROL, CTL_EOL); 228 sysctl_createv(clog, 0, NULL, NULL, 229 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 230 CTLTYPE_INT, "saved_ids", 231 SYSCTL_DESCR("Whether POSIX saved set-group/user ID is " 232 "available"), NULL, 233 #ifdef _POSIX_SAVED_IDS 234 1, 235 #else /* _POSIX_SAVED_IDS */ 236 0, 237 #endif /* _POSIX_SAVED_IDS */ 238 NULL, 0, CTL_KERN, KERN_SAVED_IDS, CTL_EOL); 239 sysctl_createv(clog, 0, NULL, NULL, 240 CTLFLAG_PERMANENT|CTLFLAG_HEX, 241 CTLTYPE_INT, "boothowto", 242 SYSCTL_DESCR("Flags from boot loader"), 243 NULL, 0, &boothowto, sizeof(boothowto), 244 CTL_KERN, CTL_CREATE, CTL_EOL); 245 sysctl_createv(clog, 0, NULL, NULL, 246 CTLFLAG_PERMANENT, 247 CTLTYPE_STRUCT, "boottime", 248 SYSCTL_DESCR("System boot time"), 249 NULL, 0, &boottime, sizeof(boottime), 250 CTL_KERN, KERN_BOOTTIME, CTL_EOL); 251 sysctl_createv(clog, 0, NULL, NULL, 252 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 253 CTLTYPE_INT, "maxpartitions", 254 SYSCTL_DESCR("Maximum number of partitions allowed per " 255 "disk"), 256 NULL, MAXPARTITIONS, NULL, 0, 257 CTL_KERN, KERN_MAXPARTITIONS, CTL_EOL); 258 sysctl_createv(clog, 0, NULL, NULL, 259 CTLFLAG_PERMANENT, 260 CTLTYPE_STRUCT, "timex", NULL, 261 sysctl_notavail, 0, NULL, 0, 262 CTL_KERN, KERN_TIMEX, CTL_EOL); 263 sysctl_createv(clog, 0, NULL, NULL, 264 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 265 CTLTYPE_INT, "rtc_offset", 266 SYSCTL_DESCR("Offset of real time clock from UTC in " 267 "minutes"), 268 sysctl_kern_rtc_offset, 0, &rtc_offset, 0, 269 CTL_KERN, KERN_RTC_OFFSET, CTL_EOL); 270 sysctl_createv(clog, 0, NULL, NULL, 271 CTLFLAG_PERMANENT, 272 CTLTYPE_STRING, "root_device", 273 SYSCTL_DESCR("Name of the root device"), 274 sysctl_root_device, 0, NULL, 0, 275 CTL_KERN, KERN_ROOT_DEVICE, CTL_EOL); 276 sysctl_createv(clog, 0, NULL, NULL, 277 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 278 CTLTYPE_INT, "fsync", 279 SYSCTL_DESCR("Whether the POSIX 1003.1b File " 280 "Synchronization Option is available on " 281 "this system"), 282 NULL, 1, NULL, 0, 283 CTL_KERN, KERN_FSYNC, CTL_EOL); 284 sysctl_createv(clog, 0, NULL, NULL, 285 CTLFLAG_PERMANENT, 286 CTLTYPE_NODE, "ipc", 287 SYSCTL_DESCR("SysV IPC options"), 288 NULL, 0, NULL, 0, 289 CTL_KERN, KERN_SYSVIPC, CTL_EOL); 290 sysctl_createv(clog, 0, NULL, NULL, 291 CTLFLAG_PERMANENT|CTLFLAG_READONLY, 292 CTLTYPE_INT, "sysvmsg", 293 SYSCTL_DESCR("System V style message support available"), 294 NULL, 0, &kern_has_sysvmsg, sizeof(int), 295 CTL_KERN, KERN_SYSVIPC, KERN_SYSVIPC_MSG, CTL_EOL); 296 sysctl_createv(clog, 0, NULL, NULL, 297 CTLFLAG_PERMANENT|CTLFLAG_READONLY, 298 CTLTYPE_INT, "sysvsem", 299 SYSCTL_DESCR("System V style semaphore support " 300 "available"), 301 NULL, 0, &kern_has_sysvsem, sizeof(int), 302 CTL_KERN, KERN_SYSVIPC, KERN_SYSVIPC_SEM, CTL_EOL); 303 sysctl_createv(clog, 0, NULL, NULL, 304 CTLFLAG_PERMANENT|CTLFLAG_READONLY, 305 CTLTYPE_INT, "sysvshm", 306 SYSCTL_DESCR("System V style shared memory support " 307 "available"), 308 NULL, 0, &kern_has_sysvshm, sizeof(int), 309 CTL_KERN, KERN_SYSVIPC, KERN_SYSVIPC_SHM, CTL_EOL); 310 sysctl_createv(clog, 0, NULL, NULL, 311 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 312 CTLTYPE_INT, "synchronized_io", 313 SYSCTL_DESCR("Whether the POSIX 1003.1b Synchronized " 314 "I/O Option is available on this system"), 315 NULL, 1, NULL, 0, 316 CTL_KERN, KERN_SYNCHRONIZED_IO, CTL_EOL); 317 sysctl_createv(clog, 0, NULL, NULL, 318 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 319 CTLTYPE_INT, "iov_max", 320 SYSCTL_DESCR("Maximum number of iovec structures per " 321 "process"), 322 NULL, IOV_MAX, NULL, 0, 323 CTL_KERN, KERN_IOV_MAX, CTL_EOL); 324 sysctl_createv(clog, 0, NULL, NULL, 325 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 326 CTLTYPE_INT, "mapped_files", 327 SYSCTL_DESCR("Whether the POSIX 1003.1b Memory Mapped " 328 "Files Option is available on this system"), 329 NULL, 1, NULL, 0, 330 CTL_KERN, KERN_MAPPED_FILES, CTL_EOL); 331 sysctl_createv(clog, 0, NULL, NULL, 332 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 333 CTLTYPE_INT, "memlock", 334 SYSCTL_DESCR("Whether the POSIX 1003.1b Process Memory " 335 "Locking Option is available on this " 336 "system"), 337 NULL, 1, NULL, 0, 338 CTL_KERN, KERN_MEMLOCK, CTL_EOL); 339 sysctl_createv(clog, 0, NULL, NULL, 340 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 341 CTLTYPE_INT, "memlock_range", 342 SYSCTL_DESCR("Whether the POSIX 1003.1b Range Memory " 343 "Locking Option is available on this " 344 "system"), 345 NULL, 1, NULL, 0, 346 CTL_KERN, KERN_MEMLOCK_RANGE, CTL_EOL); 347 sysctl_createv(clog, 0, NULL, NULL, 348 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 349 CTLTYPE_INT, "memory_protection", 350 SYSCTL_DESCR("Whether the POSIX 1003.1b Memory " 351 "Protection Option is available on this " 352 "system"), 353 NULL, 1, NULL, 0, 354 CTL_KERN, KERN_MEMORY_PROTECTION, CTL_EOL); 355 sysctl_createv(clog, 0, NULL, NULL, 356 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 357 CTLTYPE_INT, "login_name_max", 358 SYSCTL_DESCR("Maximum login name length"), 359 NULL, LOGIN_NAME_MAX, NULL, 0, 360 CTL_KERN, KERN_LOGIN_NAME_MAX, CTL_EOL); 361 sysctl_createv(clog, 0, NULL, NULL, 362 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 363 CTLTYPE_STRING, "defcorename", 364 SYSCTL_DESCR("Default core file name"), 365 sysctl_kern_defcorename, 0, defcorename, MAXPATHLEN, 366 CTL_KERN, KERN_DEFCORENAME, CTL_EOL); 367 sysctl_createv(clog, 0, NULL, NULL, 368 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 369 CTLTYPE_INT, "logsigexit", 370 SYSCTL_DESCR("Log process exit when caused by signals"), 371 NULL, 0, &kern_logsigexit, 0, 372 CTL_KERN, KERN_LOGSIGEXIT, CTL_EOL); 373 sysctl_createv(clog, 0, NULL, NULL, 374 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 375 CTLTYPE_INT, "fscale", 376 SYSCTL_DESCR("Kernel fixed-point scale factor"), 377 NULL, FSCALE, NULL, 0, 378 CTL_KERN, KERN_FSCALE, CTL_EOL); 379 sysctl_createv(clog, 0, NULL, NULL, 380 CTLFLAG_PERMANENT, 381 CTLTYPE_INT, "ccpu", 382 SYSCTL_DESCR("Scheduler exponential decay value"), 383 NULL, 0, &ccpu, 0, 384 CTL_KERN, KERN_CCPU, CTL_EOL); 385 sysctl_createv(clog, 0, NULL, NULL, 386 CTLFLAG_PERMANENT, 387 CTLTYPE_STRUCT, "cp_time", 388 SYSCTL_DESCR("Clock ticks spent in different CPU states"), 389 sysctl_kern_cptime, 0, NULL, 0, 390 CTL_KERN, KERN_CP_TIME, CTL_EOL); 391 sysctl_createv(clog, 0, NULL, NULL, 392 CTLFLAG_PERMANENT, 393 CTLTYPE_STRUCT, "consdev", 394 SYSCTL_DESCR("Console device"), 395 sysctl_consdev, 0, NULL, sizeof(dev_t), 396 CTL_KERN, KERN_CONSDEV, CTL_EOL); 397 #if NPTY > 0 398 sysctl_createv(clog, 0, NULL, NULL, 399 CTLFLAG_PERMANENT, 400 CTLTYPE_INT, "maxptys", 401 SYSCTL_DESCR("Maximum number of pseudo-ttys"), 402 sysctl_kern_maxptys, 0, NULL, 0, 403 CTL_KERN, KERN_MAXPTYS, CTL_EOL); 404 #endif /* NPTY > 0 */ 405 sysctl_createv(clog, 0, NULL, NULL, 406 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 407 CTLTYPE_INT, "maxphys", 408 SYSCTL_DESCR("Maximum raw I/O transfer size"), 409 NULL, MAXPHYS, NULL, 0, 410 CTL_KERN, KERN_MAXPHYS, CTL_EOL); 411 sysctl_createv(clog, 0, NULL, NULL, 412 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 413 CTLTYPE_INT, "monotonic_clock", 414 SYSCTL_DESCR("Implementation version of the POSIX " 415 "1003.1b Monotonic Clock Option"), 416 /* XXX _POSIX_VERSION */ 417 NULL, _POSIX_MONOTONIC_CLOCK, NULL, 0, 418 CTL_KERN, KERN_MONOTONIC_CLOCK, CTL_EOL); 419 sysctl_createv(clog, 0, NULL, NULL, 420 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 421 CTLTYPE_INT, "labelsector", 422 SYSCTL_DESCR("Sector number containing the disklabel"), 423 NULL, LABELSECTOR, NULL, 0, 424 CTL_KERN, KERN_LABELSECTOR, CTL_EOL); 425 sysctl_createv(clog, 0, NULL, NULL, 426 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 427 CTLTYPE_INT, "labeloffset", 428 SYSCTL_DESCR("Offset of the disklabel within the " 429 "sector"), 430 NULL, LABELOFFSET, NULL, 0, 431 CTL_KERN, KERN_LABELOFFSET, CTL_EOL); 432 sysctl_createv(clog, 0, NULL, NULL, 433 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 434 CTLTYPE_INT, "labelusesmbr", 435 SYSCTL_DESCR("disklabel is inside MBR partition"), 436 NULL, LABELUSESMBR, NULL, 0, 437 CTL_KERN, CTL_CREATE, CTL_EOL); 438 sysctl_createv(clog, 0, NULL, NULL, 439 CTLFLAG_PERMANENT, 440 CTLTYPE_NODE, "lwp", 441 SYSCTL_DESCR("System-wide LWP information"), 442 sysctl_kern_lwp, 0, NULL, 0, 443 CTL_KERN, KERN_LWP, CTL_EOL); 444 sysctl_createv(clog, 0, NULL, NULL, 445 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 446 CTLTYPE_INT, "forkfsleep", 447 SYSCTL_DESCR("Milliseconds to sleep on fork failure due " 448 "to process limits"), 449 sysctl_kern_forkfsleep, 0, NULL, 0, 450 CTL_KERN, KERN_FORKFSLEEP, CTL_EOL); 451 sysctl_createv(clog, 0, NULL, NULL, 452 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 453 CTLTYPE_INT, "posix_threads", 454 SYSCTL_DESCR("Version of IEEE Std 1003.1 and its " 455 "Threads option to which the system " 456 "attempts to conform"), 457 /* XXX _POSIX_VERSION */ 458 NULL, _POSIX_THREADS, NULL, 0, 459 CTL_KERN, KERN_POSIX_THREADS, CTL_EOL); 460 sysctl_createv(clog, 0, NULL, NULL, 461 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 462 CTLTYPE_INT, "posix_semaphores", 463 SYSCTL_DESCR("Version of IEEE Std 1003.1 and its " 464 "Semaphores option to which the system " 465 "attempts to conform"), NULL, 466 200112, NULL, 0, 467 CTL_KERN, KERN_POSIX_SEMAPHORES, CTL_EOL); 468 sysctl_createv(clog, 0, NULL, NULL, 469 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 470 CTLTYPE_INT, "posix_barriers", 471 SYSCTL_DESCR("Version of IEEE Std 1003.1 and its " 472 "Barriers option to which the system " 473 "attempts to conform"), 474 /* XXX _POSIX_VERSION */ 475 NULL, _POSIX_BARRIERS, NULL, 0, 476 CTL_KERN, KERN_POSIX_BARRIERS, CTL_EOL); 477 sysctl_createv(clog, 0, NULL, NULL, 478 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 479 CTLTYPE_INT, "posix_timers", 480 SYSCTL_DESCR("Version of IEEE Std 1003.1 and its " 481 "Timers option to which the system " 482 "attempts to conform"), 483 /* XXX _POSIX_VERSION */ 484 NULL, _POSIX_TIMERS, NULL, 0, 485 CTL_KERN, KERN_POSIX_TIMERS, CTL_EOL); 486 sysctl_createv(clog, 0, NULL, NULL, 487 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 488 CTLTYPE_INT, "posix_spin_locks", 489 SYSCTL_DESCR("Version of IEEE Std 1003.1 and its Spin " 490 "Locks option to which the system attempts " 491 "to conform"), 492 /* XXX _POSIX_VERSION */ 493 NULL, _POSIX_SPIN_LOCKS, NULL, 0, 494 CTL_KERN, KERN_POSIX_SPIN_LOCKS, CTL_EOL); 495 sysctl_createv(clog, 0, NULL, NULL, 496 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE, 497 CTLTYPE_INT, "posix_reader_writer_locks", 498 SYSCTL_DESCR("Version of IEEE Std 1003.1 and its " 499 "Read-Write Locks option to which the " 500 "system attempts to conform"), 501 /* XXX _POSIX_VERSION */ 502 NULL, _POSIX_READER_WRITER_LOCKS, NULL, 0, 503 CTL_KERN, KERN_POSIX_READER_WRITER_LOCKS, CTL_EOL); 504 sysctl_createv(clog, 0, NULL, NULL, 505 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 506 CTLTYPE_INT, "dump_on_panic", 507 SYSCTL_DESCR("Perform a crash dump on system panic"), 508 NULL, 0, &dumponpanic, 0, 509 CTL_KERN, KERN_DUMP_ON_PANIC, CTL_EOL); 510 #ifdef DIAGNOSTIC 511 sysctl_createv(clog, 0, NULL, NULL, 512 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 513 CTLTYPE_INT, "panic_now", 514 SYSCTL_DESCR("Trigger a panic"), 515 sysctl_kern_trigger_panic, 0, NULL, 0, 516 CTL_KERN, CTL_CREATE, CTL_EOL); 517 #endif 518 sysctl_createv(clog, 0, NULL, NULL, 519 CTLFLAG_PERMANENT, 520 CTLTYPE_INT, "root_partition", 521 SYSCTL_DESCR("Root partition on the root device"), 522 sysctl_kern_root_partition, 0, NULL, 0, 523 CTL_KERN, KERN_ROOT_PARTITION, CTL_EOL); 524 sysctl_createv(clog, 0, NULL, NULL, 525 CTLFLAG_PERMANENT, 526 CTLTYPE_STRUCT, "drivers", 527 SYSCTL_DESCR("List of all drivers with block and " 528 "character device numbers"), 529 sysctl_kern_drivers, 0, NULL, 0, 530 CTL_KERN, KERN_DRIVERS, CTL_EOL); 531 sysctl_createv(clog, 0, NULL, NULL, 532 CTLFLAG_PERMANENT, 533 CTLTYPE_STRUCT, "cp_id", 534 SYSCTL_DESCR("Mapping of CPU number to CPU id"), 535 sysctl_kern_cpid, 0, NULL, 0, 536 CTL_KERN, KERN_CP_ID, CTL_EOL); 537 sysctl_createv(clog, 0, NULL, &rnode, 538 CTLFLAG_PERMANENT, 539 CTLTYPE_NODE, "coredump", 540 SYSCTL_DESCR("Coredump settings."), 541 NULL, 0, NULL, 0, 542 CTL_KERN, CTL_CREATE, CTL_EOL); 543 sysctl_createv(clog, 0, &rnode, &rnode, 544 CTLFLAG_PERMANENT, 545 CTLTYPE_NODE, "setid", 546 SYSCTL_DESCR("Set-id processes' coredump settings."), 547 NULL, 0, NULL, 0, 548 CTL_CREATE, CTL_EOL); 549 sysctl_createv(clog, 0, &rnode, NULL, 550 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 551 CTLTYPE_INT, "dump", 552 SYSCTL_DESCR("Allow set-id processes to dump core."), 553 sysctl_security_setidcore, 0, &security_setidcore_dump, 554 sizeof(security_setidcore_dump), 555 CTL_CREATE, CTL_EOL); 556 sysctl_createv(clog, 0, &rnode, NULL, 557 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 558 CTLTYPE_STRING, "path", 559 SYSCTL_DESCR("Path pattern for set-id coredumps."), 560 sysctl_security_setidcorename, 0, 561 security_setidcore_path, 562 sizeof(security_setidcore_path), 563 CTL_CREATE, CTL_EOL); 564 sysctl_createv(clog, 0, &rnode, NULL, 565 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 566 CTLTYPE_INT, "owner", 567 SYSCTL_DESCR("Owner id for set-id processes' cores."), 568 sysctl_security_setidcore, 0, &security_setidcore_owner, 569 0, 570 CTL_CREATE, CTL_EOL); 571 sysctl_createv(clog, 0, &rnode, NULL, 572 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 573 CTLTYPE_INT, "group", 574 SYSCTL_DESCR("Group id for set-id processes' cores."), 575 sysctl_security_setidcore, 0, &security_setidcore_group, 576 0, 577 CTL_CREATE, CTL_EOL); 578 sysctl_createv(clog, 0, &rnode, NULL, 579 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 580 CTLTYPE_INT, "mode", 581 SYSCTL_DESCR("Mode for set-id processes' cores."), 582 sysctl_security_setidcore, 0, &security_setidcore_mode, 583 0, 584 CTL_CREATE, CTL_EOL); 585 sysctl_createv(clog, 0, NULL, NULL, 586 CTLFLAG_IMMEDIATE|CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 587 CTLTYPE_INT, "no_sa_support", 588 SYSCTL_DESCR("0 if the kernel supports SA, otherwise " 589 "it doesn't"), 590 NULL, 1, NULL, 0, 591 CTL_KERN, CTL_CREATE, CTL_EOL); 592 sysctl_createv(clog, 0, NULL, NULL, 593 CTLFLAG_PERMANENT, 594 CTLTYPE_STRING, "configname", 595 SYSCTL_DESCR("Name of config file"), 596 NULL, 0, __UNCONST(kernel_ident), 0, 597 CTL_KERN, CTL_CREATE, CTL_EOL); 598 sysctl_createv(clog, 0, NULL, NULL, 599 CTLFLAG_PERMANENT, 600 CTLTYPE_STRING, "buildinfo", 601 SYSCTL_DESCR("Information from build environment"), 602 NULL, 0, __UNCONST(buildinfo), 0, 603 CTL_KERN, CTL_CREATE, CTL_EOL); 604 sysctl_createv(clog, 0, NULL, NULL, 605 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 606 CTLTYPE_INT, "messages", 607 SYSCTL_DESCR("Kernel message verbosity"), 608 sysctl_kern_messages, 0, NULL, 0, 609 CTL_KERN, CTL_CREATE, CTL_EOL); 610 sysctl_createv(clog, 0, NULL, NULL, 611 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 612 CTLTYPE_INT, "expose_address", 613 SYSCTL_DESCR("Expose kernel addresses to userland"), 614 sysctl_security_expose_address, 0, &kern_expose_address, 615 0, CTL_KERN, CTL_CREATE, CTL_EOL); 616 } 617 618 SYSCTL_SETUP(sysctl_hw_misc_setup, "sysctl hw subtree misc setup") 619 { 620 621 sysctl_createv(clog, 0, NULL, NULL, 622 CTLFLAG_PERMANENT, 623 CTLTYPE_INT, "usermem", 624 SYSCTL_DESCR("Bytes of non-kernel memory"), 625 sysctl_hw_usermem, 0, NULL, 0, 626 CTL_HW, HW_USERMEM, CTL_EOL); 627 sysctl_createv(clog, 0, NULL, NULL, 628 CTLFLAG_PERMANENT|CTLFLAG_READWRITE|CTLFLAG_HEX, 629 CTLTYPE_STRING, "cnmagic", 630 SYSCTL_DESCR("Console magic key sequence"), 631 sysctl_hw_cnmagic, 0, NULL, CNS_LEN, 632 CTL_HW, HW_CNMAGIC, CTL_EOL); 633 sysctl_createv(clog, 0, NULL, NULL, 634 CTLFLAG_PERMANENT, 635 CTLTYPE_QUAD, "usermem64", 636 SYSCTL_DESCR("Bytes of non-kernel memory"), 637 sysctl_hw_usermem, 0, NULL, 0, 638 CTL_HW, HW_USERMEM64, CTL_EOL); 639 } 640 641 #ifdef DEBUG 642 /* 643 * Debugging related system variables. 644 */ 645 struct ctldebug /* debug0, */ /* debug1, */ debug2, debug3, debug4; 646 struct ctldebug debug5, debug6, debug7, debug8, debug9; 647 struct ctldebug debug10, debug11, debug12, debug13, debug14; 648 struct ctldebug debug15, debug16, debug17, debug18, debug19; 649 static struct ctldebug *debugvars[] = { 650 &debug0, &debug1, &debug2, &debug3, &debug4, 651 &debug5, &debug6, &debug7, &debug8, &debug9, 652 &debug10, &debug11, &debug12, &debug13, &debug14, 653 &debug15, &debug16, &debug17, &debug18, &debug19, 654 }; 655 656 /* 657 * this setup routine is a replacement for debug_sysctl() 658 * 659 * note that it creates several nodes per defined debug variable 660 */ 661 SYSCTL_SETUP(sysctl_debug_setup, "sysctl debug subtree setup") 662 { 663 struct ctldebug *cdp; 664 char nodename[20]; 665 int i; 666 667 /* 668 * two ways here: 669 * 670 * the "old" way (debug.name -> value) which was emulated by 671 * the sysctl(8) binary 672 * 673 * the new way, which the sysctl(8) binary was actually using 674 675 node debug 676 node debug.0 677 string debug.0.name 678 int debug.0.value 679 int debug.name 680 681 */ 682 683 for (i = 0; i < __arraycount(debugvars); i++) { 684 cdp = debugvars[i]; 685 if (cdp->debugname == NULL || cdp->debugvar == NULL) 686 continue; 687 688 snprintf(nodename, sizeof(nodename), "debug%d", i); 689 sysctl_createv(clog, 0, NULL, NULL, 690 CTLFLAG_PERMANENT|CTLFLAG_HIDDEN, 691 CTLTYPE_NODE, nodename, NULL, 692 NULL, 0, NULL, 0, 693 CTL_DEBUG, i, CTL_EOL); 694 sysctl_createv(clog, 0, NULL, NULL, 695 CTLFLAG_PERMANENT|CTLFLAG_HIDDEN, 696 CTLTYPE_STRING, "name", NULL, 697 /*XXXUNCONST*/ 698 NULL, 0, __UNCONST(cdp->debugname), 0, 699 CTL_DEBUG, i, CTL_DEBUG_NAME, CTL_EOL); 700 sysctl_createv(clog, 0, NULL, NULL, 701 CTLFLAG_PERMANENT|CTLFLAG_HIDDEN, 702 CTLTYPE_INT, "value", NULL, 703 NULL, 0, cdp->debugvar, 0, 704 CTL_DEBUG, i, CTL_DEBUG_VALUE, CTL_EOL); 705 sysctl_createv(clog, 0, NULL, NULL, 706 CTLFLAG_PERMANENT, 707 CTLTYPE_INT, cdp->debugname, NULL, 708 NULL, 0, cdp->debugvar, 0, 709 CTL_DEBUG, CTL_CREATE, CTL_EOL); 710 } 711 } 712 #endif /* DEBUG */ 713 714 /* 715 * ******************************************************************** 716 * section 2: private node-specific helper routines. 717 * ******************************************************************** 718 */ 719 720 #ifdef DIAGNOSTIC 721 static int 722 sysctl_kern_trigger_panic(SYSCTLFN_ARGS) 723 { 724 int newtrig, error; 725 struct sysctlnode node; 726 727 newtrig = 0; 728 node = *rnode; 729 node.sysctl_data = &newtrig; 730 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 731 if (error || newp == NULL) 732 return (error); 733 734 if (newtrig != 0) 735 panic("Panic triggered"); 736 737 return (error); 738 } 739 #endif 740 741 /* 742 * sysctl helper routine for kern.maxvnodes. Drain vnodes if 743 * new value is lower than desiredvnodes and then calls reinit 744 * routines that needs to adjust to the new value. 745 */ 746 static int 747 sysctl_kern_maxvnodes(SYSCTLFN_ARGS) 748 { 749 int error, new_vnodes, old_vnodes, new_max; 750 struct sysctlnode node; 751 752 new_vnodes = desiredvnodes; 753 node = *rnode; 754 node.sysctl_data = &new_vnodes; 755 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 756 if (error || newp == NULL) 757 return (error); 758 759 /* 760 * sysctl passes down unsigned values, require them 761 * to be positive 762 */ 763 if (new_vnodes <= 0) 764 return (EINVAL); 765 766 /* Limits: 75% of kmem and physical memory. */ 767 new_max = calc_cache_size(vmem_size(kmem_arena, VMEM_FREE|VMEM_ALLOC), 768 75, 75) / VNODE_COST; 769 if (new_vnodes > new_max) 770 new_vnodes = new_max; 771 772 old_vnodes = desiredvnodes; 773 desiredvnodes = new_vnodes; 774 error = vfs_drainvnodes(); 775 if (error) { 776 desiredvnodes = old_vnodes; 777 return (error); 778 } 779 vfs_reinit(); 780 nchreinit(); 781 782 return (0); 783 } 784 785 /* 786 * sysctl helper routine for kern.messages. 787 * Alters boothowto to display kernel messages in increasing verbosity 788 * from 0 to 4. 789 */ 790 791 #define MAXMESSAGES 4 792 static int 793 sysctl_kern_messages(SYSCTLFN_ARGS) 794 { 795 int error, messageverbose, messagemask, newboothowto; 796 struct sysctlnode node; 797 798 messagemask = (AB_NORMAL|AB_QUIET|AB_SILENT|AB_VERBOSE|AB_DEBUG); 799 switch (boothowto & messagemask) { 800 case AB_SILENT: 801 messageverbose = 0; 802 break; 803 case AB_QUIET: 804 messageverbose = 1; 805 break; 806 case AB_VERBOSE: 807 messageverbose = 3; 808 break; 809 case AB_DEBUG: 810 messageverbose = 4; 811 break; 812 case AB_NORMAL: 813 default: 814 messageverbose = 2; 815 } 816 817 node = *rnode; 818 node.sysctl_data = &messageverbose; 819 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 820 if (error || newp == NULL) 821 return (error); 822 if (messageverbose < 0 || messageverbose > MAXMESSAGES) 823 return EINVAL; 824 825 /* Set boothowto */ 826 newboothowto = boothowto & ~messagemask; 827 828 switch (messageverbose) { 829 case 0: 830 newboothowto |= AB_SILENT; 831 break; 832 case 1: 833 newboothowto |= AB_QUIET; 834 break; 835 case 3: 836 newboothowto |= AB_VERBOSE; 837 break; 838 case 4: 839 newboothowto |= AB_DEBUG; 840 break; 841 case 2: 842 default: /* Messages default to normal. */ 843 break; 844 } 845 846 boothowto = newboothowto; 847 848 return (0); 849 } 850 851 /* 852 * sysctl helper routine for rtc_offset - set time after changes 853 */ 854 static int 855 sysctl_kern_rtc_offset(SYSCTLFN_ARGS) 856 { 857 struct timespec ts, delta; 858 int error, new_rtc_offset; 859 struct sysctlnode node; 860 861 new_rtc_offset = rtc_offset; 862 node = *rnode; 863 node.sysctl_data = &new_rtc_offset; 864 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 865 if (error || newp == NULL) 866 return (error); 867 868 if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_TIME, 869 KAUTH_REQ_SYSTEM_TIME_RTCOFFSET, 870 KAUTH_ARG(new_rtc_offset), NULL, NULL)) 871 return (EPERM); 872 if (rtc_offset == new_rtc_offset) 873 return (0); 874 875 /* if we change the offset, adjust the time */ 876 nanotime(&ts); 877 delta.tv_sec = 60 * (new_rtc_offset - rtc_offset); 878 delta.tv_nsec = 0; 879 timespecadd(&ts, &delta, &ts); 880 rtc_offset = new_rtc_offset; 881 return (settime(l->l_proc, &ts)); 882 } 883 884 /* 885 * sysctl helper routine for kern.maxproc. Ensures that the new 886 * values are not too low or too high. 887 */ 888 static int 889 sysctl_kern_maxproc(SYSCTLFN_ARGS) 890 { 891 int error, nmaxproc; 892 struct sysctlnode node; 893 894 nmaxproc = maxproc; 895 node = *rnode; 896 node.sysctl_data = &nmaxproc; 897 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 898 if (error || newp == NULL) 899 return (error); 900 901 if (nmaxproc < 0 || nmaxproc >= PID_MAX) 902 return (EINVAL); 903 #ifdef __HAVE_CPU_MAXPROC 904 if (nmaxproc > cpu_maxproc()) 905 return (EINVAL); 906 #endif 907 maxproc = nmaxproc; 908 909 return (0); 910 } 911 912 /* 913 * sysctl helper function for kern.hostid. The hostid is a long, but 914 * we export it as an int, so we need to give it a little help. 915 */ 916 static int 917 sysctl_kern_hostid(SYSCTLFN_ARGS) 918 { 919 int error, inthostid; 920 struct sysctlnode node; 921 922 inthostid = hostid; /* XXX assumes sizeof int <= sizeof long */ 923 node = *rnode; 924 node.sysctl_data = &inthostid; 925 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 926 if (error || newp == NULL) 927 return (error); 928 929 hostid = (unsigned)inthostid; 930 931 return (0); 932 } 933 934 /* 935 * sysctl helper routine for kern.defcorename. In the case of a new 936 * string being assigned, check that it's not a zero-length string. 937 * (XXX the check in -current doesn't work, but do we really care?) 938 */ 939 static int 940 sysctl_kern_defcorename(SYSCTLFN_ARGS) 941 { 942 int error; 943 char *newcorename; 944 struct sysctlnode node; 945 946 newcorename = PNBUF_GET(); 947 node = *rnode; 948 node.sysctl_data = &newcorename[0]; 949 memcpy(node.sysctl_data, rnode->sysctl_data, MAXPATHLEN); 950 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 951 if (error || newp == NULL) { 952 goto done; 953 } 954 955 /* 956 * when sysctl_lookup() deals with a string, it's guaranteed 957 * to come back nul terminated. So there. :) 958 */ 959 if (strlen(newcorename) == 0) { 960 error = EINVAL; 961 } else { 962 memcpy(rnode->sysctl_data, node.sysctl_data, MAXPATHLEN); 963 error = 0; 964 } 965 done: 966 PNBUF_PUT(newcorename); 967 return error; 968 } 969 970 /* 971 * sysctl helper routine for kern.cp_time node. Adds up cpu time 972 * across all cpus. 973 */ 974 static int 975 sysctl_kern_cptime(SYSCTLFN_ARGS) 976 { 977 struct sysctlnode node = *rnode; 978 uint64_t *cp_time = NULL; 979 int error, n = ncpu, i; 980 struct cpu_info *ci; 981 CPU_INFO_ITERATOR cii; 982 983 /* 984 * if you specifically pass a buffer that is the size of the 985 * sum, or if you are probing for the size, you get the "sum" 986 * of cp_time (and the size thereof) across all processors. 987 * 988 * alternately, you can pass an additional mib number and get 989 * cp_time for that particular processor. 990 */ 991 switch (namelen) { 992 case 0: 993 if (*oldlenp == sizeof(uint64_t) * CPUSTATES || oldp == NULL) { 994 node.sysctl_size = sizeof(uint64_t) * CPUSTATES; 995 n = -1; /* SUM */ 996 } 997 else { 998 node.sysctl_size = n * sizeof(uint64_t) * CPUSTATES; 999 n = -2; /* ALL */ 1000 } 1001 break; 1002 case 1: 1003 if (name[0] < 0 || name[0] >= n) 1004 return (ENOENT); /* ENOSUCHPROCESSOR */ 1005 node.sysctl_size = sizeof(uint64_t) * CPUSTATES; 1006 n = name[0]; 1007 /* 1008 * adjust these so that sysctl_lookup() will be happy 1009 */ 1010 name++; 1011 namelen--; 1012 break; 1013 default: 1014 return (EINVAL); 1015 } 1016 1017 cp_time = kmem_alloc(node.sysctl_size, KM_SLEEP); 1018 node.sysctl_data = cp_time; 1019 memset(cp_time, 0, node.sysctl_size); 1020 1021 for (CPU_INFO_FOREACH(cii, ci)) { 1022 if (n <= 0) { 1023 for (i = 0; i < CPUSTATES; i++) { 1024 cp_time[i] += ci->ci_schedstate.spc_cp_time[i]; 1025 } 1026 } 1027 /* 1028 * if a specific processor was requested and we just 1029 * did it, we're done here 1030 */ 1031 if (n == 0) 1032 break; 1033 /* 1034 * if doing "all", skip to next cp_time set for next processor 1035 */ 1036 if (n == -2) 1037 cp_time += CPUSTATES; 1038 /* 1039 * if we're doing a specific processor, we're one 1040 * processor closer 1041 */ 1042 if (n > 0) 1043 n--; 1044 } 1045 1046 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1047 kmem_free(node.sysctl_data, node.sysctl_size); 1048 return (error); 1049 } 1050 1051 #if NPTY > 0 1052 /* 1053 * sysctl helper routine for kern.maxptys. Ensures that any new value 1054 * is acceptable to the pty subsystem. 1055 */ 1056 static int 1057 sysctl_kern_maxptys(SYSCTLFN_ARGS) 1058 { 1059 int pty_maxptys(int, int); /* defined in kern/tty_pty.c */ 1060 int error, xmax; 1061 struct sysctlnode node; 1062 1063 /* get current value of maxptys */ 1064 xmax = pty_maxptys(0, 0); 1065 1066 node = *rnode; 1067 node.sysctl_data = &xmax; 1068 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1069 if (error || newp == NULL) 1070 return (error); 1071 1072 if (xmax != pty_maxptys(xmax, 1)) 1073 return (EINVAL); 1074 1075 return (0); 1076 } 1077 #endif /* NPTY > 0 */ 1078 1079 /* 1080 * sysctl helper routine to do kern.lwp.* work. 1081 */ 1082 static int 1083 sysctl_kern_lwp(SYSCTLFN_ARGS) 1084 { 1085 struct kinfo_lwp klwp; 1086 struct proc *p; 1087 struct lwp *l2, *l3; 1088 char *where, *dp; 1089 int pid, elem_size, elem_count; 1090 int buflen, needed, error; 1091 bool gotit; 1092 1093 if (namelen == 1 && name[0] == CTL_QUERY) 1094 return (sysctl_query(SYSCTLFN_CALL(rnode))); 1095 1096 dp = where = oldp; 1097 buflen = where != NULL ? *oldlenp : 0; 1098 error = needed = 0; 1099 1100 if (newp != NULL || namelen != 3) 1101 return (EINVAL); 1102 pid = name[0]; 1103 elem_size = name[1]; 1104 elem_count = name[2]; 1105 1106 sysctl_unlock(); 1107 if (pid == -1) { 1108 mutex_enter(proc_lock); 1109 PROCLIST_FOREACH(p, &allproc) { 1110 /* Grab a hold on the process. */ 1111 if (!rw_tryenter(&p->p_reflock, RW_READER)) { 1112 continue; 1113 } 1114 mutex_exit(proc_lock); 1115 1116 mutex_enter(p->p_lock); 1117 LIST_FOREACH(l2, &p->p_lwps, l_sibling) { 1118 if (buflen >= elem_size && elem_count > 0) { 1119 lwp_lock(l2); 1120 fill_lwp(l2, &klwp); 1121 lwp_unlock(l2); 1122 mutex_exit(p->p_lock); 1123 1124 /* 1125 * Copy out elem_size, but not 1126 * larger than the size of a 1127 * struct kinfo_proc2. 1128 */ 1129 error = dcopyout(l, &klwp, dp, 1130 uimin(sizeof(klwp), elem_size)); 1131 if (error) { 1132 rw_exit(&p->p_reflock); 1133 goto cleanup; 1134 } 1135 mutex_enter(p->p_lock); 1136 LIST_FOREACH(l3, &p->p_lwps, 1137 l_sibling) { 1138 if (l2 == l3) 1139 break; 1140 } 1141 if (l3 == NULL) { 1142 mutex_exit(p->p_lock); 1143 rw_exit(&p->p_reflock); 1144 error = EAGAIN; 1145 goto cleanup; 1146 } 1147 dp += elem_size; 1148 buflen -= elem_size; 1149 elem_count--; 1150 } 1151 needed += elem_size; 1152 } 1153 mutex_exit(p->p_lock); 1154 1155 /* Drop reference to process. */ 1156 mutex_enter(proc_lock); 1157 rw_exit(&p->p_reflock); 1158 } 1159 mutex_exit(proc_lock); 1160 } else { 1161 mutex_enter(proc_lock); 1162 p = proc_find(pid); 1163 if (p == NULL) { 1164 error = ESRCH; 1165 mutex_exit(proc_lock); 1166 goto cleanup; 1167 } 1168 /* Grab a hold on the process. */ 1169 gotit = rw_tryenter(&p->p_reflock, RW_READER); 1170 mutex_exit(proc_lock); 1171 if (!gotit) { 1172 error = ESRCH; 1173 goto cleanup; 1174 } 1175 1176 mutex_enter(p->p_lock); 1177 LIST_FOREACH(l2, &p->p_lwps, l_sibling) { 1178 if (buflen >= elem_size && elem_count > 0) { 1179 lwp_lock(l2); 1180 fill_lwp(l2, &klwp); 1181 lwp_unlock(l2); 1182 mutex_exit(p->p_lock); 1183 /* 1184 * Copy out elem_size, but not larger than 1185 * the size of a struct kinfo_proc2. 1186 */ 1187 error = dcopyout(l, &klwp, dp, 1188 uimin(sizeof(klwp), elem_size)); 1189 if (error) { 1190 rw_exit(&p->p_reflock); 1191 goto cleanup; 1192 } 1193 mutex_enter(p->p_lock); 1194 LIST_FOREACH(l3, &p->p_lwps, l_sibling) { 1195 if (l2 == l3) 1196 break; 1197 } 1198 if (l3 == NULL) { 1199 mutex_exit(p->p_lock); 1200 rw_exit(&p->p_reflock); 1201 error = EAGAIN; 1202 goto cleanup; 1203 } 1204 dp += elem_size; 1205 buflen -= elem_size; 1206 elem_count--; 1207 } 1208 needed += elem_size; 1209 } 1210 mutex_exit(p->p_lock); 1211 1212 /* Drop reference to process. */ 1213 rw_exit(&p->p_reflock); 1214 } 1215 1216 if (where != NULL) { 1217 *oldlenp = dp - where; 1218 if (needed > *oldlenp) { 1219 sysctl_relock(); 1220 return (ENOMEM); 1221 } 1222 } else { 1223 needed += KERN_LWPSLOP; 1224 *oldlenp = needed; 1225 } 1226 error = 0; 1227 cleanup: 1228 sysctl_relock(); 1229 return (error); 1230 } 1231 1232 /* 1233 * sysctl helper routine for kern.forkfsleep node. Ensures that the 1234 * given value is not too large or two small, and is at least one 1235 * timer tick if not zero. 1236 */ 1237 static int 1238 sysctl_kern_forkfsleep(SYSCTLFN_ARGS) 1239 { 1240 /* userland sees value in ms, internally is in ticks */ 1241 extern int forkfsleep; /* defined in kern/kern_fork.c */ 1242 int error, timo, lsleep; 1243 struct sysctlnode node; 1244 1245 lsleep = forkfsleep * 1000 / hz; 1246 node = *rnode; 1247 node.sysctl_data = &lsleep; 1248 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1249 if (error || newp == NULL) 1250 return (error); 1251 1252 /* refuse negative values, and overly 'long time' */ 1253 if (lsleep < 0 || lsleep > MAXSLP * 1000) 1254 return (EINVAL); 1255 1256 timo = mstohz(lsleep); 1257 1258 /* if the interval is >0 ms && <1 tick, use 1 tick */ 1259 if (lsleep != 0 && timo == 0) 1260 forkfsleep = 1; 1261 else 1262 forkfsleep = timo; 1263 1264 return (0); 1265 } 1266 1267 /* 1268 * sysctl helper routine for kern.root_partition 1269 */ 1270 static int 1271 sysctl_kern_root_partition(SYSCTLFN_ARGS) 1272 { 1273 int rootpart = DISKPART(rootdev); 1274 struct sysctlnode node = *rnode; 1275 1276 node.sysctl_data = &rootpart; 1277 return (sysctl_lookup(SYSCTLFN_CALL(&node))); 1278 } 1279 1280 /* 1281 * sysctl helper function for kern.drivers 1282 */ 1283 static int 1284 sysctl_kern_drivers(SYSCTLFN_ARGS) 1285 { 1286 int error; 1287 size_t buflen; 1288 struct kinfo_drivers kd; 1289 char *start, *where; 1290 const char *dname; 1291 int i; 1292 extern struct devsw_conv *devsw_conv; 1293 extern int max_devsw_convs; 1294 1295 start = where = oldp; 1296 buflen = *oldlenp; 1297 if (where == NULL) { 1298 *oldlenp = max_devsw_convs * sizeof kd; 1299 return 0; 1300 } 1301 1302 /* 1303 * An array of kinfo_drivers structures 1304 */ 1305 error = 0; 1306 sysctl_unlock(); 1307 mutex_enter(&device_lock); 1308 for (i = 0; i < max_devsw_convs; i++) { 1309 dname = devsw_conv[i].d_name; 1310 if (dname == NULL) 1311 continue; 1312 if (buflen < sizeof kd) { 1313 error = ENOMEM; 1314 break; 1315 } 1316 memset(&kd, 0, sizeof(kd)); 1317 kd.d_bmajor = devsw_conv[i].d_bmajor; 1318 kd.d_cmajor = devsw_conv[i].d_cmajor; 1319 strlcpy(kd.d_name, dname, sizeof kd.d_name); 1320 mutex_exit(&device_lock); 1321 error = dcopyout(l, &kd, where, sizeof kd); 1322 mutex_enter(&device_lock); 1323 if (error != 0) 1324 break; 1325 buflen -= sizeof kd; 1326 where += sizeof kd; 1327 } 1328 mutex_exit(&device_lock); 1329 sysctl_relock(); 1330 *oldlenp = where - start; 1331 return error; 1332 } 1333 1334 static int 1335 sysctl_security_setidcore(SYSCTLFN_ARGS) 1336 { 1337 int newsize, error; 1338 struct sysctlnode node; 1339 1340 node = *rnode; 1341 node.sysctl_data = &newsize; 1342 newsize = *(int *)rnode->sysctl_data; 1343 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1344 if (error || newp == NULL) 1345 return error; 1346 1347 if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_SETIDCORE, 1348 0, NULL, NULL, NULL)) 1349 return (EPERM); 1350 1351 *(int *)rnode->sysctl_data = newsize; 1352 1353 return 0; 1354 } 1355 1356 static int 1357 sysctl_security_expose_address(SYSCTLFN_ARGS) 1358 { 1359 int expose_address, error; 1360 struct sysctlnode node; 1361 1362 node = *rnode; 1363 node.sysctl_data = &expose_address; 1364 expose_address = *(int *)rnode->sysctl_data; 1365 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1366 if (error || newp == NULL) 1367 return error; 1368 1369 if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_KERNADDR, 1370 0, NULL, NULL, NULL)) 1371 return (EPERM); 1372 1373 *(int *)rnode->sysctl_data = expose_address; 1374 1375 return 0; 1376 } 1377 1378 bool 1379 get_expose_address(struct proc *p) 1380 { 1381 /* allow only if sysctl variable is set or privileged */ 1382 return kern_expose_address || kauth_authorize_process(kauth_cred_get(), 1383 KAUTH_PROCESS_CANSEE, p, 1384 KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_KPTR), NULL, NULL) == 0; 1385 } 1386 1387 static int 1388 sysctl_security_setidcorename(SYSCTLFN_ARGS) 1389 { 1390 int error; 1391 char *newsetidcorename; 1392 struct sysctlnode node; 1393 1394 newsetidcorename = PNBUF_GET(); 1395 node = *rnode; 1396 node.sysctl_data = newsetidcorename; 1397 memcpy(node.sysctl_data, rnode->sysctl_data, MAXPATHLEN); 1398 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1399 if (error || newp == NULL) { 1400 goto out; 1401 } 1402 if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_SETIDCORE, 1403 0, NULL, NULL, NULL)) { 1404 error = EPERM; 1405 goto out; 1406 } 1407 if (strlen(newsetidcorename) == 0) { 1408 error = EINVAL; 1409 goto out; 1410 } 1411 memcpy(rnode->sysctl_data, node.sysctl_data, MAXPATHLEN); 1412 out: 1413 PNBUF_PUT(newsetidcorename); 1414 return error; 1415 } 1416 1417 /* 1418 * sysctl helper routine for kern.cp_id node. Maps cpus to their 1419 * cpuids. 1420 */ 1421 static int 1422 sysctl_kern_cpid(SYSCTLFN_ARGS) 1423 { 1424 struct sysctlnode node = *rnode; 1425 uint64_t *cp_id = NULL; 1426 int error, n = ncpu; 1427 struct cpu_info *ci; 1428 CPU_INFO_ITERATOR cii; 1429 1430 /* 1431 * Here you may either retrieve a single cpu id or the whole 1432 * set. The size you get back when probing depends on what 1433 * you ask for. 1434 */ 1435 switch (namelen) { 1436 case 0: 1437 node.sysctl_size = n * sizeof(uint64_t); 1438 n = -2; /* ALL */ 1439 break; 1440 case 1: 1441 if (name[0] < 0 || name[0] >= n) 1442 return (ENOENT); /* ENOSUCHPROCESSOR */ 1443 node.sysctl_size = sizeof(uint64_t); 1444 n = name[0]; 1445 /* 1446 * adjust these so that sysctl_lookup() will be happy 1447 */ 1448 name++; 1449 namelen--; 1450 break; 1451 default: 1452 return (EINVAL); 1453 } 1454 1455 cp_id = kmem_alloc(node.sysctl_size, KM_SLEEP); 1456 node.sysctl_data = cp_id; 1457 memset(cp_id, 0, node.sysctl_size); 1458 1459 for (CPU_INFO_FOREACH(cii, ci)) { 1460 if (n <= 0) 1461 cp_id[0] = cpu_index(ci); 1462 /* 1463 * if a specific processor was requested and we just 1464 * did it, we're done here 1465 */ 1466 if (n == 0) 1467 break; 1468 /* 1469 * if doing "all", skip to next cp_id slot for next processor 1470 */ 1471 if (n == -2) 1472 cp_id++; 1473 /* 1474 * if we're doing a specific processor, we're one 1475 * processor closer 1476 */ 1477 if (n > 0) 1478 n--; 1479 } 1480 1481 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1482 kmem_free(node.sysctl_data, node.sysctl_size); 1483 return (error); 1484 } 1485 1486 /* 1487 * sysctl helper routine for hw.usermem and hw.usermem64. Values are 1488 * calculate on the fly taking into account integer overflow and the 1489 * current wired count. 1490 */ 1491 static int 1492 sysctl_hw_usermem(SYSCTLFN_ARGS) 1493 { 1494 u_int ui; 1495 u_quad_t uq; 1496 struct sysctlnode node; 1497 1498 node = *rnode; 1499 switch (rnode->sysctl_num) { 1500 case HW_USERMEM: 1501 if ((ui = physmem - uvmexp.wired) > (UINT_MAX / PAGE_SIZE)) 1502 ui = UINT_MAX; 1503 else 1504 ui *= PAGE_SIZE; 1505 node.sysctl_data = &ui; 1506 break; 1507 case HW_USERMEM64: 1508 uq = (u_quad_t)(physmem - uvmexp.wired) * PAGE_SIZE; 1509 node.sysctl_data = &uq; 1510 break; 1511 default: 1512 return (EINVAL); 1513 } 1514 1515 return (sysctl_lookup(SYSCTLFN_CALL(&node))); 1516 } 1517 1518 /* 1519 * sysctl helper routine for kern.cnmagic node. Pulls the old value 1520 * out, encoded, and stuffs the new value in for decoding. 1521 */ 1522 static int 1523 sysctl_hw_cnmagic(SYSCTLFN_ARGS) 1524 { 1525 char magic[CNS_LEN]; 1526 int error; 1527 struct sysctlnode node; 1528 1529 if (oldp) 1530 cn_get_magic(magic, CNS_LEN); 1531 node = *rnode; 1532 node.sysctl_data = &magic[0]; 1533 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1534 if (error || newp == NULL) 1535 return (error); 1536 1537 return (cn_set_magic(magic)); 1538 } 1539 1540 /* 1541 * ******************************************************************** 1542 * section 3: public helper routines that are used for more than one 1543 * node 1544 * ******************************************************************** 1545 */ 1546 1547 /* 1548 * sysctl helper routine for the kern.root_device node and some ports' 1549 * machdep.root_device nodes. 1550 */ 1551 int 1552 sysctl_root_device(SYSCTLFN_ARGS) 1553 { 1554 struct sysctlnode node; 1555 1556 node = *rnode; 1557 node.sysctl_data = __UNCONST(device_xname(root_device)); 1558 node.sysctl_size = strlen(device_xname(root_device)) + 1; 1559 return (sysctl_lookup(SYSCTLFN_CALL(&node))); 1560 } 1561 1562 /* 1563 * sysctl helper routine for kern.consdev, dependent on the current 1564 * state of the console. Also used for machdep.console_device on some 1565 * ports. 1566 */ 1567 int 1568 sysctl_consdev(SYSCTLFN_ARGS) 1569 { 1570 dev_t consdev; 1571 uint32_t oconsdev; 1572 struct sysctlnode node; 1573 1574 if (cn_tab != NULL) 1575 consdev = cn_tab->cn_dev; 1576 else 1577 consdev = NODEV; 1578 node = *rnode; 1579 switch (*oldlenp) { 1580 case sizeof(consdev): 1581 node.sysctl_data = &consdev; 1582 node.sysctl_size = sizeof(consdev); 1583 break; 1584 case sizeof(oconsdev): 1585 oconsdev = (uint32_t)consdev; 1586 node.sysctl_data = &oconsdev; 1587 node.sysctl_size = sizeof(oconsdev); 1588 break; 1589 default: 1590 return EINVAL; 1591 } 1592 return (sysctl_lookup(SYSCTLFN_CALL(&node))); 1593 } 1594 1595 /* 1596 * ******************************************************************** 1597 * section 4: support for some helpers 1598 * ******************************************************************** 1599 */ 1600 1601 1602 /* 1603 * Fill in a kinfo_lwp structure for the specified lwp. 1604 */ 1605 static void 1606 fill_lwp(struct lwp *l, struct kinfo_lwp *kl) 1607 { 1608 const bool allowaddr = get_expose_address(curproc); 1609 struct proc *p = l->l_proc; 1610 struct timeval tv; 1611 1612 KASSERT(lwp_locked(l, NULL)); 1613 1614 memset(kl, 0, sizeof(*kl)); 1615 1616 kl->l_forw = 0; 1617 kl->l_back = 0; 1618 COND_SET_VALUE(kl->l_laddr, PTRTOUINT64(l), allowaddr); 1619 COND_SET_VALUE(kl->l_addr, PTRTOUINT64(l->l_addr), allowaddr); 1620 kl->l_stat = l->l_stat; 1621 kl->l_lid = l->l_lid; 1622 kl->l_flag = L_INMEM; 1623 kl->l_flag |= sysctl_map_flags(sysctl_lwpprflagmap, l->l_prflag); 1624 kl->l_flag |= sysctl_map_flags(sysctl_lwpflagmap, l->l_flag); 1625 1626 kl->l_swtime = l->l_swtime; 1627 kl->l_slptime = l->l_slptime; 1628 if (l->l_stat == LSONPROC) 1629 kl->l_schedflags = l->l_cpu->ci_schedstate.spc_flags; 1630 else 1631 kl->l_schedflags = 0; 1632 kl->l_priority = lwp_eprio(l); 1633 kl->l_usrpri = l->l_priority; 1634 if (l->l_wchan) 1635 strncpy(kl->l_wmesg, l->l_wmesg, sizeof(kl->l_wmesg)); 1636 COND_SET_VALUE(kl->l_wchan, PTRTOUINT64(l->l_wchan), allowaddr); 1637 kl->l_cpuid = cpu_index(l->l_cpu); 1638 bintime2timeval(&l->l_rtime, &tv); 1639 kl->l_rtime_sec = tv.tv_sec; 1640 kl->l_rtime_usec = tv.tv_usec; 1641 kl->l_cpticks = l->l_cpticks; 1642 kl->l_pctcpu = l->l_pctcpu; 1643 kl->l_pid = p->p_pid; 1644 if (l->l_name == NULL) 1645 kl->l_name[0] = '\0'; 1646 else 1647 strlcpy(kl->l_name, l->l_name, sizeof(kl->l_name)); 1648 } 1649
Indexes created Wed Oct 01 15:09:59 GMT 2025