Author: gnn Date: Wed Nov 23 22:50:20 2016 New Revision: 309069 URL: https://svnweb.freebsd.org/changeset/base/309069
Log: Add tunable to disable destructive dtrace Submitted by: Joerg Pernfuss <code....@gmail.com> Reviewed by: rstone, markj MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D8624 Modified: head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c head/sys/cddl/dev/dtrace/dtrace_load.c head/sys/cddl/dev/dtrace/dtrace_sysctl.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c ============================================================================== --- head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c Wed Nov 23 20:21:53 2016 (r309068) +++ head/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c Wed Nov 23 22:50:20 2016 (r309069) @@ -157,6 +157,10 @@ * /etc/system. */ int dtrace_destructive_disallow = 0; +#ifndef illumos +/* Positive logic version of dtrace_destructive_disallow for loader tunable */ +int dtrace_allow_destructive = 1; +#endif dtrace_optval_t dtrace_nonroot_maxsize = (16 * 1024 * 1024); size_t dtrace_difo_maxsize = (256 * 1024); dtrace_optval_t dtrace_dof_maxsize = (8 * 1024 * 1024); Modified: head/sys/cddl/dev/dtrace/dtrace_load.c ============================================================================== --- head/sys/cddl/dev/dtrace/dtrace_load.c Wed Nov 23 20:21:53 2016 (r309068) +++ head/sys/cddl/dev/dtrace/dtrace_load.c Wed Nov 23 22:50:20 2016 (r309069) @@ -52,6 +52,17 @@ dtrace_load(void *dummy) int i; #endif +#ifndef illumos + /* + * DTrace uses negative logic for the destructive mode switch, so it + * is required to translate from the sysctl which uses positive logic. + */ + if (dtrace_allow_destructive) + dtrace_destructive_disallow = 0; + else + dtrace_destructive_disallow = 1; +#endif + /* Hook into the trap handler. */ dtrace_trap_func = dtrace_trap; Modified: head/sys/cddl/dev/dtrace/dtrace_sysctl.c ============================================================================== --- head/sys/cddl/dev/dtrace/dtrace_sysctl.c Wed Nov 23 20:21:53 2016 (r309068) +++ head/sys/cddl/dev/dtrace/dtrace_sysctl.c Wed Nov 23 22:50:20 2016 (r309069) @@ -92,3 +92,6 @@ SYSCTL_QUAD(_kern_dtrace, OID_AUTO, dof_ SYSCTL_QUAD(_kern_dtrace, OID_AUTO, helper_actions_max, CTLFLAG_RW, &dtrace_helper_actions_max, 0, "maximum number of allowed helper actions"); + +SYSCTL_INT(_security_bsd, OID_AUTO, allow_destructive_dtrace, CTLFLAG_RDTUN, + &dtrace_allow_destructive, 1, "Allow destructive mode DTrace scripts"); _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"