40 41#include "opt_compat.h" 42#include "opt_posix.h" 43#include "opt_config.h" 44 45#include <sys/param.h> 46#include <sys/kernel.h> 47#include <sys/sbuf.h> 48#include <sys/systm.h> 49#include <sys/sysctl.h> 50#include <sys/proc.h> 51#include <sys/lock.h> 52#include <sys/mutex.h> 53#include <sys/jail.h> 54#include <sys/smp.h> 55#include <sys/sx.h> 56#include <sys/unistd.h> 57 58SYSCTL_NODE(, 0, sysctl, CTLFLAG_RW, 0, 59 "Sysctl internal magic"); 60SYSCTL_NODE(, CTL_KERN, kern, CTLFLAG_RW, 0, 61 "High kernel, proc, limits &c"); 62SYSCTL_NODE(, CTL_VM, vm, CTLFLAG_RW, 0, 63 "Virtual memory"); 64SYSCTL_NODE(, CTL_VFS, vfs, CTLFLAG_RW, 0, 65 "File system"); 66SYSCTL_NODE(, CTL_NET, net, CTLFLAG_RW, 0, 67 "Network, (see socket.h)"); 68SYSCTL_NODE(, CTL_DEBUG, debug, CTLFLAG_RW, 0, 69 "Debugging"); 70SYSCTL_NODE(_debug, OID_AUTO, sizeof, CTLFLAG_RW, 0, 71 "Sizeof various things"); 72SYSCTL_NODE(, CTL_HW, hw, CTLFLAG_RW, 0, 73 "hardware"); 74SYSCTL_NODE(, CTL_MACHDEP, machdep, CTLFLAG_RW, 0, 75 "machine dependent"); 76SYSCTL_NODE(, CTL_USER, user, CTLFLAG_RW, 0, 77 "user-level"); 78SYSCTL_NODE(, CTL_P1003_1B, p1003_1b, CTLFLAG_RW, 0, 79 "p1003_1b, (see p1003_1b.h)"); 80 81SYSCTL_NODE(, OID_AUTO, compat, CTLFLAG_RW, 0, 82 "Compatibility code"); 83SYSCTL_NODE(, OID_AUTO, security, CTLFLAG_RW, 0, 84 "Security"); 85#ifdef REGRESSION 86SYSCTL_NODE(, OID_AUTO, regression, CTLFLAG_RW, 0, 87 "Regression test MIB"); 88#endif 89 90SYSCTL_STRING(_kern, OID_AUTO, ident, CTLFLAG_RD|CTLFLAG_MPSAFE, 91 kern_ident, 0, "Kernel identifier"); 92 93SYSCTL_STRING(_kern, KERN_OSRELEASE, osrelease, CTLFLAG_RD|CTLFLAG_MPSAFE, 94 osrelease, 0, "Operating system release"); 95 96SYSCTL_INT(_kern, KERN_OSREV, osrevision, CTLFLAG_RD, 97 0, BSD, "Operating system revision"); 98 99SYSCTL_STRING(_kern, KERN_VERSION, version, CTLFLAG_RD|CTLFLAG_MPSAFE, 100 version, 0, "Kernel version"); 101 102SYSCTL_STRING(_kern, KERN_OSTYPE, ostype, CTLFLAG_RD|CTLFLAG_MPSAFE, 103 ostype, 0, "Operating system type"); 104 105/* 106 * NOTICE: The *userland* release date is available in 107 * /usr/include/osreldate.h 108 */ 109SYSCTL_INT(_kern, KERN_OSRELDATE, osreldate, CTLFLAG_RD, 110 &osreldate, 0, "Kernel release date"); 111 112SYSCTL_INT(_kern, KERN_MAXPROC, maxproc, CTLFLAG_RDTUN, 113 &maxproc, 0, "Maximum number of processes"); 114 115SYSCTL_INT(_kern, KERN_MAXPROCPERUID, maxprocperuid, CTLFLAG_RW, 116 &maxprocperuid, 0, "Maximum processes allowed per userid"); 117 118SYSCTL_INT(_kern, OID_AUTO, maxusers, CTLFLAG_RDTUN, 119 &maxusers, 0, "Hint for kernel tuning"); 120 121SYSCTL_INT(_kern, KERN_ARGMAX, argmax, CTLFLAG_RD, 122 0, ARG_MAX, "Maximum bytes of argument to execve(2)"); 123 124SYSCTL_INT(_kern, KERN_POSIX1, posix1version, CTLFLAG_RD, 125 0, _POSIX_VERSION, "Version of POSIX attempting to comply to"); 126
| 40 41#include "opt_compat.h" 42#include "opt_posix.h" 43#include "opt_config.h" 44 45#include <sys/param.h> 46#include <sys/kernel.h> 47#include <sys/sbuf.h> 48#include <sys/systm.h> 49#include <sys/sysctl.h> 50#include <sys/proc.h> 51#include <sys/lock.h> 52#include <sys/mutex.h> 53#include <sys/jail.h> 54#include <sys/smp.h> 55#include <sys/sx.h> 56#include <sys/unistd.h> 57 58SYSCTL_NODE(, 0, sysctl, CTLFLAG_RW, 0, 59 "Sysctl internal magic"); 60SYSCTL_NODE(, CTL_KERN, kern, CTLFLAG_RW, 0, 61 "High kernel, proc, limits &c"); 62SYSCTL_NODE(, CTL_VM, vm, CTLFLAG_RW, 0, 63 "Virtual memory"); 64SYSCTL_NODE(, CTL_VFS, vfs, CTLFLAG_RW, 0, 65 "File system"); 66SYSCTL_NODE(, CTL_NET, net, CTLFLAG_RW, 0, 67 "Network, (see socket.h)"); 68SYSCTL_NODE(, CTL_DEBUG, debug, CTLFLAG_RW, 0, 69 "Debugging"); 70SYSCTL_NODE(_debug, OID_AUTO, sizeof, CTLFLAG_RW, 0, 71 "Sizeof various things"); 72SYSCTL_NODE(, CTL_HW, hw, CTLFLAG_RW, 0, 73 "hardware"); 74SYSCTL_NODE(, CTL_MACHDEP, machdep, CTLFLAG_RW, 0, 75 "machine dependent"); 76SYSCTL_NODE(, CTL_USER, user, CTLFLAG_RW, 0, 77 "user-level"); 78SYSCTL_NODE(, CTL_P1003_1B, p1003_1b, CTLFLAG_RW, 0, 79 "p1003_1b, (see p1003_1b.h)"); 80 81SYSCTL_NODE(, OID_AUTO, compat, CTLFLAG_RW, 0, 82 "Compatibility code"); 83SYSCTL_NODE(, OID_AUTO, security, CTLFLAG_RW, 0, 84 "Security"); 85#ifdef REGRESSION 86SYSCTL_NODE(, OID_AUTO, regression, CTLFLAG_RW, 0, 87 "Regression test MIB"); 88#endif 89 90SYSCTL_STRING(_kern, OID_AUTO, ident, CTLFLAG_RD|CTLFLAG_MPSAFE, 91 kern_ident, 0, "Kernel identifier"); 92 93SYSCTL_STRING(_kern, KERN_OSRELEASE, osrelease, CTLFLAG_RD|CTLFLAG_MPSAFE, 94 osrelease, 0, "Operating system release"); 95 96SYSCTL_INT(_kern, KERN_OSREV, osrevision, CTLFLAG_RD, 97 0, BSD, "Operating system revision"); 98 99SYSCTL_STRING(_kern, KERN_VERSION, version, CTLFLAG_RD|CTLFLAG_MPSAFE, 100 version, 0, "Kernel version"); 101 102SYSCTL_STRING(_kern, KERN_OSTYPE, ostype, CTLFLAG_RD|CTLFLAG_MPSAFE, 103 ostype, 0, "Operating system type"); 104 105/* 106 * NOTICE: The *userland* release date is available in 107 * /usr/include/osreldate.h 108 */ 109SYSCTL_INT(_kern, KERN_OSRELDATE, osreldate, CTLFLAG_RD, 110 &osreldate, 0, "Kernel release date"); 111 112SYSCTL_INT(_kern, KERN_MAXPROC, maxproc, CTLFLAG_RDTUN, 113 &maxproc, 0, "Maximum number of processes"); 114 115SYSCTL_INT(_kern, KERN_MAXPROCPERUID, maxprocperuid, CTLFLAG_RW, 116 &maxprocperuid, 0, "Maximum processes allowed per userid"); 117 118SYSCTL_INT(_kern, OID_AUTO, maxusers, CTLFLAG_RDTUN, 119 &maxusers, 0, "Hint for kernel tuning"); 120 121SYSCTL_INT(_kern, KERN_ARGMAX, argmax, CTLFLAG_RD, 122 0, ARG_MAX, "Maximum bytes of argument to execve(2)"); 123 124SYSCTL_INT(_kern, KERN_POSIX1, posix1version, CTLFLAG_RD, 125 0, _POSIX_VERSION, "Version of POSIX attempting to comply to"); 126
|
128 &ngroups_max, 0, 129 "Maximum number of supplemental groups a user can belong to"); 130 131SYSCTL_INT(_kern, KERN_JOB_CONTROL, job_control, CTLFLAG_RD, 132 0, 1, "Whether job control is available"); 133 134#ifdef _POSIX_SAVED_IDS 135SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD, 136 0, 1, "Whether saved set-group/user ID is available"); 137#else 138SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD, 139 0, 0, "Whether saved set-group/user ID is available"); 140#endif 141 142char kernelname[MAXPATHLEN] = "/kernel"; /* XXX bloat */ 143 144SYSCTL_STRING(_kern, KERN_BOOTFILE, bootfile, CTLFLAG_RW, 145 kernelname, sizeof kernelname, "Name of kernel file booted"); 146 147SYSCTL_INT(_hw, HW_NCPU, ncpu, CTLFLAG_RD, 148 &mp_ncpus, 0, "Number of active CPUs"); 149 150SYSCTL_INT(_hw, HW_BYTEORDER, byteorder, CTLFLAG_RD, 151 0, BYTE_ORDER, "System byte order"); 152 153SYSCTL_INT(_hw, HW_PAGESIZE, pagesize, CTLFLAG_RD, 154 0, PAGE_SIZE, "System memory page size"); 155 156static int 157sysctl_kern_arnd(SYSCTL_HANDLER_ARGS) 158{ 159 char buf[256]; 160 size_t len; 161 162 len = req->oldlen; 163 if (len > sizeof(buf)) 164 len = sizeof(buf); 165 arc4rand(buf, len, 0); 166 return (SYSCTL_OUT(req, buf, len)); 167} 168 169SYSCTL_PROC(_kern, KERN_ARND, arandom, 170 CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, 171 sysctl_kern_arnd, "", "arc4rand"); 172 173static int 174sysctl_hw_physmem(SYSCTL_HANDLER_ARGS) 175{ 176 u_long val; 177 178 val = ctob(physmem); 179 return (sysctl_handle_long(oidp, &val, 0, req)); 180} 181 182SYSCTL_PROC(_hw, HW_PHYSMEM, physmem, CTLTYPE_ULONG | CTLFLAG_RD, 183 0, 0, sysctl_hw_physmem, "LU", ""); 184 185static int 186sysctl_hw_realmem(SYSCTL_HANDLER_ARGS) 187{ 188 u_long val; 189 val = ctob(realmem); 190 return (sysctl_handle_long(oidp, &val, 0, req)); 191} 192SYSCTL_PROC(_hw, HW_REALMEM, realmem, CTLTYPE_ULONG | CTLFLAG_RD, 193 0, 0, sysctl_hw_realmem, "LU", ""); 194static int 195sysctl_hw_usermem(SYSCTL_HANDLER_ARGS) 196{ 197 u_long val; 198 199 val = ctob(physmem - cnt.v_wire_count); 200 return (sysctl_handle_long(oidp, &val, 0, req)); 201} 202 203SYSCTL_PROC(_hw, HW_USERMEM, usermem, CTLTYPE_ULONG | CTLFLAG_RD, 204 0, 0, sysctl_hw_usermem, "LU", ""); 205 206SYSCTL_ULONG(_hw, OID_AUTO, availpages, CTLFLAG_RD, &physmem, 0, ""); 207 208u_long pagesizes[MAXPAGESIZES] = { PAGE_SIZE }; 209 210static int 211sysctl_hw_pagesizes(SYSCTL_HANDLER_ARGS) 212{ 213 int error; 214#ifdef SCTL_MASK32 215 int i; 216 uint32_t pagesizes32[MAXPAGESIZES]; 217 218 if (req->flags & SCTL_MASK32) { 219 /* 220 * Recreate the "pagesizes" array with 32-bit elements. Truncate 221 * any page size greater than UINT32_MAX to zero. 222 */ 223 for (i = 0; i < MAXPAGESIZES; i++) 224 pagesizes32[i] = (uint32_t)pagesizes[i]; 225 226 error = SYSCTL_OUT(req, pagesizes32, sizeof(pagesizes32)); 227 } else 228#endif 229 error = SYSCTL_OUT(req, pagesizes, sizeof(pagesizes)); 230 return (error); 231} 232SYSCTL_PROC(_hw, OID_AUTO, pagesizes, CTLTYPE_ULONG | CTLFLAG_RD, 233 NULL, 0, sysctl_hw_pagesizes, "LU", "Supported page sizes"); 234 235static char machine_arch[] = MACHINE_ARCH; 236SYSCTL_STRING(_hw, HW_MACHINE_ARCH, machine_arch, CTLFLAG_RD, 237 machine_arch, 0, "System architecture"); 238 239static int 240sysctl_hostname(SYSCTL_HANDLER_ARGS) 241{ 242 struct prison *pr, *cpr; 243 size_t pr_offset; 244 char tmpname[MAXHOSTNAMELEN]; 245 int descend, error, len; 246 247 /* 248 * This function can set: hostname domainname hostuuid. 249 * Keep that in mind when comments say "hostname". 250 */ 251 pr_offset = (size_t)arg1; 252 len = arg2; 253 KASSERT(len <= sizeof(tmpname), 254 ("length %d too long for %s", len, __func__)); 255 256 pr = req->td->td_ucred->cr_prison; 257 if (!(pr->pr_allow & PR_ALLOW_SET_HOSTNAME) && req->newptr) 258 return (EPERM); 259 /* 260 * Make a local copy of hostname to get/set so we don't have to hold 261 * the jail mutex during the sysctl copyin/copyout activities. 262 */ 263 mtx_lock(&pr->pr_mtx); 264 bcopy((char *)pr + pr_offset, tmpname, len); 265 mtx_unlock(&pr->pr_mtx); 266 267 error = sysctl_handle_string(oidp, tmpname, len, req); 268 269 if (req->newptr != NULL && error == 0) { 270 /* 271 * Copy the locally set hostname to all jails that share 272 * this host info. 273 */ 274 sx_slock(&allprison_lock); 275 while (!(pr->pr_flags & PR_HOST)) 276 pr = pr->pr_parent; 277 mtx_lock(&pr->pr_mtx); 278 bcopy(tmpname, (char *)pr + pr_offset, len); 279 FOREACH_PRISON_DESCENDANT_LOCKED(pr, cpr, descend) 280 if (cpr->pr_flags & PR_HOST) 281 descend = 0; 282 else 283 bcopy(tmpname, (char *)cpr + pr_offset, len); 284 mtx_unlock(&pr->pr_mtx); 285 sx_sunlock(&allprison_lock); 286 } 287 return (error); 288} 289 290SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname, 291 CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 292 (void *)(offsetof(struct prison, pr_hostname)), MAXHOSTNAMELEN, 293 sysctl_hostname, "A", "Hostname"); 294SYSCTL_PROC(_kern, KERN_NISDOMAINNAME, domainname, 295 CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 296 (void *)(offsetof(struct prison, pr_domainname)), MAXHOSTNAMELEN, 297 sysctl_hostname, "A", "Name of the current YP/NIS domain"); 298SYSCTL_PROC(_kern, KERN_HOSTUUID, hostuuid, 299 CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 300 (void *)(offsetof(struct prison, pr_hostuuid)), HOSTUUIDLEN, 301 sysctl_hostname, "A", "Host UUID"); 302 303static int regression_securelevel_nonmonotonic = 0; 304 305#ifdef REGRESSION 306SYSCTL_INT(_regression, OID_AUTO, securelevel_nonmonotonic, CTLFLAG_RW, 307 ®ression_securelevel_nonmonotonic, 0, "securelevel may be lowered"); 308#endif 309 310static int 311sysctl_kern_securelvl(SYSCTL_HANDLER_ARGS) 312{ 313 struct prison *pr, *cpr; 314 int descend, error, level; 315 316 pr = req->td->td_ucred->cr_prison; 317 318 /* 319 * Reading the securelevel is easy, since the current jail's level 320 * is known to be at least as secure as any higher levels. Perform 321 * a lockless read since the securelevel is an integer. 322 */ 323 level = pr->pr_securelevel; 324 error = sysctl_handle_int(oidp, &level, 0, req); 325 if (error || !req->newptr) 326 return (error); 327 /* Permit update only if the new securelevel exceeds the old. */ 328 sx_slock(&allprison_lock); 329 mtx_lock(&pr->pr_mtx); 330 if (!regression_securelevel_nonmonotonic && 331 level < pr->pr_securelevel) { 332 mtx_unlock(&pr->pr_mtx); 333 sx_sunlock(&allprison_lock); 334 return (EPERM); 335 } 336 pr->pr_securelevel = level; 337 /* 338 * Set all child jails to be at least this level, but do not lower 339 * them (even if regression_securelevel_nonmonotonic). 340 */ 341 FOREACH_PRISON_DESCENDANT_LOCKED(pr, cpr, descend) { 342 if (cpr->pr_securelevel < level) 343 cpr->pr_securelevel = level; 344 } 345 mtx_unlock(&pr->pr_mtx); 346 sx_sunlock(&allprison_lock); 347 return (error); 348} 349 350SYSCTL_PROC(_kern, KERN_SECURELVL, securelevel, 351 CTLTYPE_INT|CTLFLAG_RW|CTLFLAG_PRISON, 0, 0, sysctl_kern_securelvl, 352 "I", "Current secure level"); 353 354#ifdef INCLUDE_CONFIG_FILE 355/* Actual kernel configuration options. */ 356extern char kernconfstring[]; 357 358static int 359sysctl_kern_config(SYSCTL_HANDLER_ARGS) 360{ 361 return (sysctl_handle_string(oidp, kernconfstring, 362 strlen(kernconfstring), req)); 363} 364 365SYSCTL_PROC(_kern, OID_AUTO, conftxt, CTLTYPE_STRING|CTLFLAG_RW, 366 0, 0, sysctl_kern_config, "", "Kernel configuration file"); 367#endif 368 369static int 370sysctl_hostid(SYSCTL_HANDLER_ARGS) 371{ 372 struct prison *pr, *cpr; 373 u_long tmpid; 374 int descend, error; 375 376 /* 377 * Like sysctl_hostname, except it operates on a u_long 378 * instead of a string, and is used only for hostid. 379 */ 380 pr = req->td->td_ucred->cr_prison; 381 if (!(pr->pr_allow & PR_ALLOW_SET_HOSTNAME) && req->newptr) 382 return (EPERM); 383 tmpid = pr->pr_hostid; 384 error = sysctl_handle_long(oidp, &tmpid, 0, req); 385 386 if (req->newptr != NULL && error == 0) { 387 sx_slock(&allprison_lock); 388 while (!(pr->pr_flags & PR_HOST)) 389 pr = pr->pr_parent; 390 mtx_lock(&pr->pr_mtx); 391 pr->pr_hostid = tmpid; 392 FOREACH_PRISON_DESCENDANT_LOCKED(pr, cpr, descend) 393 if (cpr->pr_flags & PR_HOST) 394 descend = 0; 395 else 396 cpr->pr_hostid = tmpid; 397 mtx_unlock(&pr->pr_mtx); 398 sx_sunlock(&allprison_lock); 399 } 400 return (error); 401} 402 403SYSCTL_PROC(_kern, KERN_HOSTID, hostid, 404 CTLTYPE_ULONG | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 405 NULL, 0, sysctl_hostid, "LU", "Host ID"); 406 407SYSCTL_NODE(_kern, OID_AUTO, features, CTLFLAG_RD, 0, "Kernel Features"); 408 409#ifdef COMPAT_FREEBSD4 410FEATURE(compat_freebsd4, "Compatible with FreeBSD 4"); 411#endif 412 413#ifdef COMPAT_FREEBSD5 414FEATURE(compat_freebsd5, "Compatible with FreeBSD 5"); 415#endif 416 417#ifdef COMPAT_FREEBSD6 418FEATURE(compat_freebsd6, "Compatible with FreeBSD 6"); 419#endif 420 421#ifdef COMPAT_FREEBSD7 422FEATURE(compat_freebsd7, "Compatible with FreeBSD 7"); 423#endif 424 425/* 426 * This is really cheating. These actually live in the libc, something 427 * which I'm not quite sure is a good idea anyway, but in order for 428 * getnext and friends to actually work, we define dummies here. 429 */ 430SYSCTL_STRING(_user, USER_CS_PATH, cs_path, CTLFLAG_RD, 431 "", 0, "PATH that finds all the standard utilities"); 432SYSCTL_INT(_user, USER_BC_BASE_MAX, bc_base_max, CTLFLAG_RD, 433 0, 0, "Max ibase/obase values in bc(1)"); 434SYSCTL_INT(_user, USER_BC_DIM_MAX, bc_dim_max, CTLFLAG_RD, 435 0, 0, "Max array size in bc(1)"); 436SYSCTL_INT(_user, USER_BC_SCALE_MAX, bc_scale_max, CTLFLAG_RD, 437 0, 0, "Max scale value in bc(1)"); 438SYSCTL_INT(_user, USER_BC_STRING_MAX, bc_string_max, CTLFLAG_RD, 439 0, 0, "Max string length in bc(1)"); 440SYSCTL_INT(_user, USER_COLL_WEIGHTS_MAX, coll_weights_max, CTLFLAG_RD, 441 0, 0, "Maximum number of weights assigned to an LC_COLLATE locale entry"); 442SYSCTL_INT(_user, USER_EXPR_NEST_MAX, expr_nest_max, CTLFLAG_RD, 0, 0, ""); 443SYSCTL_INT(_user, USER_LINE_MAX, line_max, CTLFLAG_RD, 444 0, 0, "Max length (bytes) of a text-processing utility's input line"); 445SYSCTL_INT(_user, USER_RE_DUP_MAX, re_dup_max, CTLFLAG_RD, 446 0, 0, "Maximum number of repeats of a regexp permitted"); 447SYSCTL_INT(_user, USER_POSIX2_VERSION, posix2_version, CTLFLAG_RD, 448 0, 0, 449 "The version of POSIX 1003.2 with which the system attempts to comply"); 450SYSCTL_INT(_user, USER_POSIX2_C_BIND, posix2_c_bind, CTLFLAG_RD, 451 0, 0, "Whether C development supports the C bindings option"); 452SYSCTL_INT(_user, USER_POSIX2_C_DEV, posix2_c_dev, CTLFLAG_RD, 453 0, 0, "Whether system supports the C development utilities option"); 454SYSCTL_INT(_user, USER_POSIX2_CHAR_TERM, posix2_char_term, CTLFLAG_RD, 455 0, 0, ""); 456SYSCTL_INT(_user, USER_POSIX2_FORT_DEV, posix2_fort_dev, CTLFLAG_RD, 457 0, 0, "Whether system supports FORTRAN development utilities"); 458SYSCTL_INT(_user, USER_POSIX2_FORT_RUN, posix2_fort_run, CTLFLAG_RD, 459 0, 0, "Whether system supports FORTRAN runtime utilities"); 460SYSCTL_INT(_user, USER_POSIX2_LOCALEDEF, posix2_localedef, CTLFLAG_RD, 461 0, 0, "Whether system supports creation of locales"); 462SYSCTL_INT(_user, USER_POSIX2_SW_DEV, posix2_sw_dev, CTLFLAG_RD, 463 0, 0, "Whether system supports software development utilities"); 464SYSCTL_INT(_user, USER_POSIX2_UPE, posix2_upe, CTLFLAG_RD, 465 0, 0, "Whether system supports the user portability utilities"); 466SYSCTL_INT(_user, USER_STREAM_MAX, stream_max, CTLFLAG_RD, 467 0, 0, "Min Maximum number of streams a process may have open at one time"); 468SYSCTL_INT(_user, USER_TZNAME_MAX, tzname_max, CTLFLAG_RD, 469 0, 0, "Min Maximum number of types supported for timezone names"); 470 471#include <sys/vnode.h> 472SYSCTL_INT(_debug_sizeof, OID_AUTO, vnode, CTLFLAG_RD, 473 0, sizeof(struct vnode), "sizeof(struct vnode)"); 474 475SYSCTL_INT(_debug_sizeof, OID_AUTO, proc, CTLFLAG_RD, 476 0, sizeof(struct proc), "sizeof(struct proc)"); 477 478#include <sys/bio.h> 479#include <sys/buf.h> 480SYSCTL_INT(_debug_sizeof, OID_AUTO, bio, CTLFLAG_RD, 481 0, sizeof(struct bio), "sizeof(struct bio)"); 482SYSCTL_INT(_debug_sizeof, OID_AUTO, buf, CTLFLAG_RD, 483 0, sizeof(struct buf), "sizeof(struct buf)"); 484 485#include <sys/user.h> 486SYSCTL_INT(_debug_sizeof, OID_AUTO, kinfo_proc, CTLFLAG_RD, 487 0, sizeof(struct kinfo_proc), "sizeof(struct kinfo_proc)"); 488 489/* XXX compatibility, remove for 6.0 */ 490#include <sys/imgact.h> 491#include <sys/imgact_elf.h> 492SYSCTL_INT(_kern, OID_AUTO, fallback_elf_brand, CTLFLAG_RW, 493 &__elfN(fallback_brand), sizeof(__elfN(fallback_brand)), 494 "compatibility for kern.fallback_elf_brand");
| 128 &ngroups_max, 0, 129 "Maximum number of supplemental groups a user can belong to"); 130 131SYSCTL_INT(_kern, KERN_JOB_CONTROL, job_control, CTLFLAG_RD, 132 0, 1, "Whether job control is available"); 133 134#ifdef _POSIX_SAVED_IDS 135SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD, 136 0, 1, "Whether saved set-group/user ID is available"); 137#else 138SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD, 139 0, 0, "Whether saved set-group/user ID is available"); 140#endif 141 142char kernelname[MAXPATHLEN] = "/kernel"; /* XXX bloat */ 143 144SYSCTL_STRING(_kern, KERN_BOOTFILE, bootfile, CTLFLAG_RW, 145 kernelname, sizeof kernelname, "Name of kernel file booted"); 146 147SYSCTL_INT(_hw, HW_NCPU, ncpu, CTLFLAG_RD, 148 &mp_ncpus, 0, "Number of active CPUs"); 149 150SYSCTL_INT(_hw, HW_BYTEORDER, byteorder, CTLFLAG_RD, 151 0, BYTE_ORDER, "System byte order"); 152 153SYSCTL_INT(_hw, HW_PAGESIZE, pagesize, CTLFLAG_RD, 154 0, PAGE_SIZE, "System memory page size"); 155 156static int 157sysctl_kern_arnd(SYSCTL_HANDLER_ARGS) 158{ 159 char buf[256]; 160 size_t len; 161 162 len = req->oldlen; 163 if (len > sizeof(buf)) 164 len = sizeof(buf); 165 arc4rand(buf, len, 0); 166 return (SYSCTL_OUT(req, buf, len)); 167} 168 169SYSCTL_PROC(_kern, KERN_ARND, arandom, 170 CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, 171 sysctl_kern_arnd, "", "arc4rand"); 172 173static int 174sysctl_hw_physmem(SYSCTL_HANDLER_ARGS) 175{ 176 u_long val; 177 178 val = ctob(physmem); 179 return (sysctl_handle_long(oidp, &val, 0, req)); 180} 181 182SYSCTL_PROC(_hw, HW_PHYSMEM, physmem, CTLTYPE_ULONG | CTLFLAG_RD, 183 0, 0, sysctl_hw_physmem, "LU", ""); 184 185static int 186sysctl_hw_realmem(SYSCTL_HANDLER_ARGS) 187{ 188 u_long val; 189 val = ctob(realmem); 190 return (sysctl_handle_long(oidp, &val, 0, req)); 191} 192SYSCTL_PROC(_hw, HW_REALMEM, realmem, CTLTYPE_ULONG | CTLFLAG_RD, 193 0, 0, sysctl_hw_realmem, "LU", ""); 194static int 195sysctl_hw_usermem(SYSCTL_HANDLER_ARGS) 196{ 197 u_long val; 198 199 val = ctob(physmem - cnt.v_wire_count); 200 return (sysctl_handle_long(oidp, &val, 0, req)); 201} 202 203SYSCTL_PROC(_hw, HW_USERMEM, usermem, CTLTYPE_ULONG | CTLFLAG_RD, 204 0, 0, sysctl_hw_usermem, "LU", ""); 205 206SYSCTL_ULONG(_hw, OID_AUTO, availpages, CTLFLAG_RD, &physmem, 0, ""); 207 208u_long pagesizes[MAXPAGESIZES] = { PAGE_SIZE }; 209 210static int 211sysctl_hw_pagesizes(SYSCTL_HANDLER_ARGS) 212{ 213 int error; 214#ifdef SCTL_MASK32 215 int i; 216 uint32_t pagesizes32[MAXPAGESIZES]; 217 218 if (req->flags & SCTL_MASK32) { 219 /* 220 * Recreate the "pagesizes" array with 32-bit elements. Truncate 221 * any page size greater than UINT32_MAX to zero. 222 */ 223 for (i = 0; i < MAXPAGESIZES; i++) 224 pagesizes32[i] = (uint32_t)pagesizes[i]; 225 226 error = SYSCTL_OUT(req, pagesizes32, sizeof(pagesizes32)); 227 } else 228#endif 229 error = SYSCTL_OUT(req, pagesizes, sizeof(pagesizes)); 230 return (error); 231} 232SYSCTL_PROC(_hw, OID_AUTO, pagesizes, CTLTYPE_ULONG | CTLFLAG_RD, 233 NULL, 0, sysctl_hw_pagesizes, "LU", "Supported page sizes"); 234 235static char machine_arch[] = MACHINE_ARCH; 236SYSCTL_STRING(_hw, HW_MACHINE_ARCH, machine_arch, CTLFLAG_RD, 237 machine_arch, 0, "System architecture"); 238 239static int 240sysctl_hostname(SYSCTL_HANDLER_ARGS) 241{ 242 struct prison *pr, *cpr; 243 size_t pr_offset; 244 char tmpname[MAXHOSTNAMELEN]; 245 int descend, error, len; 246 247 /* 248 * This function can set: hostname domainname hostuuid. 249 * Keep that in mind when comments say "hostname". 250 */ 251 pr_offset = (size_t)arg1; 252 len = arg2; 253 KASSERT(len <= sizeof(tmpname), 254 ("length %d too long for %s", len, __func__)); 255 256 pr = req->td->td_ucred->cr_prison; 257 if (!(pr->pr_allow & PR_ALLOW_SET_HOSTNAME) && req->newptr) 258 return (EPERM); 259 /* 260 * Make a local copy of hostname to get/set so we don't have to hold 261 * the jail mutex during the sysctl copyin/copyout activities. 262 */ 263 mtx_lock(&pr->pr_mtx); 264 bcopy((char *)pr + pr_offset, tmpname, len); 265 mtx_unlock(&pr->pr_mtx); 266 267 error = sysctl_handle_string(oidp, tmpname, len, req); 268 269 if (req->newptr != NULL && error == 0) { 270 /* 271 * Copy the locally set hostname to all jails that share 272 * this host info. 273 */ 274 sx_slock(&allprison_lock); 275 while (!(pr->pr_flags & PR_HOST)) 276 pr = pr->pr_parent; 277 mtx_lock(&pr->pr_mtx); 278 bcopy(tmpname, (char *)pr + pr_offset, len); 279 FOREACH_PRISON_DESCENDANT_LOCKED(pr, cpr, descend) 280 if (cpr->pr_flags & PR_HOST) 281 descend = 0; 282 else 283 bcopy(tmpname, (char *)cpr + pr_offset, len); 284 mtx_unlock(&pr->pr_mtx); 285 sx_sunlock(&allprison_lock); 286 } 287 return (error); 288} 289 290SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname, 291 CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 292 (void *)(offsetof(struct prison, pr_hostname)), MAXHOSTNAMELEN, 293 sysctl_hostname, "A", "Hostname"); 294SYSCTL_PROC(_kern, KERN_NISDOMAINNAME, domainname, 295 CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 296 (void *)(offsetof(struct prison, pr_domainname)), MAXHOSTNAMELEN, 297 sysctl_hostname, "A", "Name of the current YP/NIS domain"); 298SYSCTL_PROC(_kern, KERN_HOSTUUID, hostuuid, 299 CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 300 (void *)(offsetof(struct prison, pr_hostuuid)), HOSTUUIDLEN, 301 sysctl_hostname, "A", "Host UUID"); 302 303static int regression_securelevel_nonmonotonic = 0; 304 305#ifdef REGRESSION 306SYSCTL_INT(_regression, OID_AUTO, securelevel_nonmonotonic, CTLFLAG_RW, 307 ®ression_securelevel_nonmonotonic, 0, "securelevel may be lowered"); 308#endif 309 310static int 311sysctl_kern_securelvl(SYSCTL_HANDLER_ARGS) 312{ 313 struct prison *pr, *cpr; 314 int descend, error, level; 315 316 pr = req->td->td_ucred->cr_prison; 317 318 /* 319 * Reading the securelevel is easy, since the current jail's level 320 * is known to be at least as secure as any higher levels. Perform 321 * a lockless read since the securelevel is an integer. 322 */ 323 level = pr->pr_securelevel; 324 error = sysctl_handle_int(oidp, &level, 0, req); 325 if (error || !req->newptr) 326 return (error); 327 /* Permit update only if the new securelevel exceeds the old. */ 328 sx_slock(&allprison_lock); 329 mtx_lock(&pr->pr_mtx); 330 if (!regression_securelevel_nonmonotonic && 331 level < pr->pr_securelevel) { 332 mtx_unlock(&pr->pr_mtx); 333 sx_sunlock(&allprison_lock); 334 return (EPERM); 335 } 336 pr->pr_securelevel = level; 337 /* 338 * Set all child jails to be at least this level, but do not lower 339 * them (even if regression_securelevel_nonmonotonic). 340 */ 341 FOREACH_PRISON_DESCENDANT_LOCKED(pr, cpr, descend) { 342 if (cpr->pr_securelevel < level) 343 cpr->pr_securelevel = level; 344 } 345 mtx_unlock(&pr->pr_mtx); 346 sx_sunlock(&allprison_lock); 347 return (error); 348} 349 350SYSCTL_PROC(_kern, KERN_SECURELVL, securelevel, 351 CTLTYPE_INT|CTLFLAG_RW|CTLFLAG_PRISON, 0, 0, sysctl_kern_securelvl, 352 "I", "Current secure level"); 353 354#ifdef INCLUDE_CONFIG_FILE 355/* Actual kernel configuration options. */ 356extern char kernconfstring[]; 357 358static int 359sysctl_kern_config(SYSCTL_HANDLER_ARGS) 360{ 361 return (sysctl_handle_string(oidp, kernconfstring, 362 strlen(kernconfstring), req)); 363} 364 365SYSCTL_PROC(_kern, OID_AUTO, conftxt, CTLTYPE_STRING|CTLFLAG_RW, 366 0, 0, sysctl_kern_config, "", "Kernel configuration file"); 367#endif 368 369static int 370sysctl_hostid(SYSCTL_HANDLER_ARGS) 371{ 372 struct prison *pr, *cpr; 373 u_long tmpid; 374 int descend, error; 375 376 /* 377 * Like sysctl_hostname, except it operates on a u_long 378 * instead of a string, and is used only for hostid. 379 */ 380 pr = req->td->td_ucred->cr_prison; 381 if (!(pr->pr_allow & PR_ALLOW_SET_HOSTNAME) && req->newptr) 382 return (EPERM); 383 tmpid = pr->pr_hostid; 384 error = sysctl_handle_long(oidp, &tmpid, 0, req); 385 386 if (req->newptr != NULL && error == 0) { 387 sx_slock(&allprison_lock); 388 while (!(pr->pr_flags & PR_HOST)) 389 pr = pr->pr_parent; 390 mtx_lock(&pr->pr_mtx); 391 pr->pr_hostid = tmpid; 392 FOREACH_PRISON_DESCENDANT_LOCKED(pr, cpr, descend) 393 if (cpr->pr_flags & PR_HOST) 394 descend = 0; 395 else 396 cpr->pr_hostid = tmpid; 397 mtx_unlock(&pr->pr_mtx); 398 sx_sunlock(&allprison_lock); 399 } 400 return (error); 401} 402 403SYSCTL_PROC(_kern, KERN_HOSTID, hostid, 404 CTLTYPE_ULONG | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 405 NULL, 0, sysctl_hostid, "LU", "Host ID"); 406 407SYSCTL_NODE(_kern, OID_AUTO, features, CTLFLAG_RD, 0, "Kernel Features"); 408 409#ifdef COMPAT_FREEBSD4 410FEATURE(compat_freebsd4, "Compatible with FreeBSD 4"); 411#endif 412 413#ifdef COMPAT_FREEBSD5 414FEATURE(compat_freebsd5, "Compatible with FreeBSD 5"); 415#endif 416 417#ifdef COMPAT_FREEBSD6 418FEATURE(compat_freebsd6, "Compatible with FreeBSD 6"); 419#endif 420 421#ifdef COMPAT_FREEBSD7 422FEATURE(compat_freebsd7, "Compatible with FreeBSD 7"); 423#endif 424 425/* 426 * This is really cheating. These actually live in the libc, something 427 * which I'm not quite sure is a good idea anyway, but in order for 428 * getnext and friends to actually work, we define dummies here. 429 */ 430SYSCTL_STRING(_user, USER_CS_PATH, cs_path, CTLFLAG_RD, 431 "", 0, "PATH that finds all the standard utilities"); 432SYSCTL_INT(_user, USER_BC_BASE_MAX, bc_base_max, CTLFLAG_RD, 433 0, 0, "Max ibase/obase values in bc(1)"); 434SYSCTL_INT(_user, USER_BC_DIM_MAX, bc_dim_max, CTLFLAG_RD, 435 0, 0, "Max array size in bc(1)"); 436SYSCTL_INT(_user, USER_BC_SCALE_MAX, bc_scale_max, CTLFLAG_RD, 437 0, 0, "Max scale value in bc(1)"); 438SYSCTL_INT(_user, USER_BC_STRING_MAX, bc_string_max, CTLFLAG_RD, 439 0, 0, "Max string length in bc(1)"); 440SYSCTL_INT(_user, USER_COLL_WEIGHTS_MAX, coll_weights_max, CTLFLAG_RD, 441 0, 0, "Maximum number of weights assigned to an LC_COLLATE locale entry"); 442SYSCTL_INT(_user, USER_EXPR_NEST_MAX, expr_nest_max, CTLFLAG_RD, 0, 0, ""); 443SYSCTL_INT(_user, USER_LINE_MAX, line_max, CTLFLAG_RD, 444 0, 0, "Max length (bytes) of a text-processing utility's input line"); 445SYSCTL_INT(_user, USER_RE_DUP_MAX, re_dup_max, CTLFLAG_RD, 446 0, 0, "Maximum number of repeats of a regexp permitted"); 447SYSCTL_INT(_user, USER_POSIX2_VERSION, posix2_version, CTLFLAG_RD, 448 0, 0, 449 "The version of POSIX 1003.2 with which the system attempts to comply"); 450SYSCTL_INT(_user, USER_POSIX2_C_BIND, posix2_c_bind, CTLFLAG_RD, 451 0, 0, "Whether C development supports the C bindings option"); 452SYSCTL_INT(_user, USER_POSIX2_C_DEV, posix2_c_dev, CTLFLAG_RD, 453 0, 0, "Whether system supports the C development utilities option"); 454SYSCTL_INT(_user, USER_POSIX2_CHAR_TERM, posix2_char_term, CTLFLAG_RD, 455 0, 0, ""); 456SYSCTL_INT(_user, USER_POSIX2_FORT_DEV, posix2_fort_dev, CTLFLAG_RD, 457 0, 0, "Whether system supports FORTRAN development utilities"); 458SYSCTL_INT(_user, USER_POSIX2_FORT_RUN, posix2_fort_run, CTLFLAG_RD, 459 0, 0, "Whether system supports FORTRAN runtime utilities"); 460SYSCTL_INT(_user, USER_POSIX2_LOCALEDEF, posix2_localedef, CTLFLAG_RD, 461 0, 0, "Whether system supports creation of locales"); 462SYSCTL_INT(_user, USER_POSIX2_SW_DEV, posix2_sw_dev, CTLFLAG_RD, 463 0, 0, "Whether system supports software development utilities"); 464SYSCTL_INT(_user, USER_POSIX2_UPE, posix2_upe, CTLFLAG_RD, 465 0, 0, "Whether system supports the user portability utilities"); 466SYSCTL_INT(_user, USER_STREAM_MAX, stream_max, CTLFLAG_RD, 467 0, 0, "Min Maximum number of streams a process may have open at one time"); 468SYSCTL_INT(_user, USER_TZNAME_MAX, tzname_max, CTLFLAG_RD, 469 0, 0, "Min Maximum number of types supported for timezone names"); 470 471#include <sys/vnode.h> 472SYSCTL_INT(_debug_sizeof, OID_AUTO, vnode, CTLFLAG_RD, 473 0, sizeof(struct vnode), "sizeof(struct vnode)"); 474 475SYSCTL_INT(_debug_sizeof, OID_AUTO, proc, CTLFLAG_RD, 476 0, sizeof(struct proc), "sizeof(struct proc)"); 477 478#include <sys/bio.h> 479#include <sys/buf.h> 480SYSCTL_INT(_debug_sizeof, OID_AUTO, bio, CTLFLAG_RD, 481 0, sizeof(struct bio), "sizeof(struct bio)"); 482SYSCTL_INT(_debug_sizeof, OID_AUTO, buf, CTLFLAG_RD, 483 0, sizeof(struct buf), "sizeof(struct buf)"); 484 485#include <sys/user.h> 486SYSCTL_INT(_debug_sizeof, OID_AUTO, kinfo_proc, CTLFLAG_RD, 487 0, sizeof(struct kinfo_proc), "sizeof(struct kinfo_proc)"); 488 489/* XXX compatibility, remove for 6.0 */ 490#include <sys/imgact.h> 491#include <sys/imgact_elf.h> 492SYSCTL_INT(_kern, OID_AUTO, fallback_elf_brand, CTLFLAG_RW, 493 &__elfN(fallback_brand), sizeof(__elfN(fallback_brand)), 494 "compatibility for kern.fallback_elf_brand");
|