diff options
| author | rwatson <rwatson@FreeBSD.org> | 2011-07-17 23:05:24 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2011-07-17 23:05:24 +0000 |
| commit | 7c21db8ed3ea76933360bc701c1cfe99e080cdb5 (patch) | |
| tree | c4ed35a8f34e303ea8f9aaebd4a5bb9199dfb0dc /sys/kern/subr_smp.c | |
| parent | 8c65d0122a45d4d6c8d002377782ad53a7a76d91 (diff) | |
| download | FreeBSD-src-7c21db8ed3ea76933360bc701c1cfe99e080cdb5.zip FreeBSD-src-7c21db8ed3ea76933360bc701c1cfe99e080cdb5.tar.gz | |
Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which
may be jointly referenced via the mask CTLFLAG_CAPRW. Sysctls with these
flags are available in Capsicum's capability mode; other sysctl nodes are
not.
Flag several useful sysctls as available in capability mode, such as memory
layout sysctls required by the run-time linker and malloc(3). Also expose
access to randomness and available kernel features.
A few sysctls are enabled to support name->MIB conversion; these may leak
information to capability mode by virtue of providing resolution on names
not flagged for access in capability mode. This is, generally, not a huge
problem, but might be something to resolve in the future. Flag these cases
with XXX comments.
Submitted by: jonathan
Sponsored by: Google, Inc.
Diffstat (limited to 'sys/kern/subr_smp.c')
| -rw-r--r-- | sys/kern/subr_smp.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/sys/kern/subr_smp.c b/sys/kern/subr_smp.c index caec965..d0c5def 100644 --- a/sys/kern/subr_smp.c +++ b/sys/kern/subr_smp.c @@ -70,25 +70,25 @@ int mp_maxcpus = MAXCPU; volatile int smp_started; u_int mp_maxid; -SYSCTL_NODE(_kern, OID_AUTO, smp, CTLFLAG_RD, NULL, "Kernel SMP"); +SYSCTL_NODE(_kern, OID_AUTO, smp, CTLFLAG_RD|CTLFLAG_CAPRD, NULL, "Kernel SMP"); -SYSCTL_UINT(_kern_smp, OID_AUTO, maxid, CTLFLAG_RD, &mp_maxid, 0, +SYSCTL_INT(_kern_smp, OID_AUTO, maxid, CTLFLAG_RD|CTLFLAG_CAPRD, &mp_maxid, 0, "Max CPU ID."); -SYSCTL_INT(_kern_smp, OID_AUTO, maxcpus, CTLFLAG_RD, &mp_maxcpus, 0, - "Max number of CPUs that the system was compiled for."); +SYSCTL_INT(_kern_smp, OID_AUTO, maxcpus, CTLFLAG_RD|CTLFLAG_CAPRD, &mp_maxcpus, + 0, "Max number of CPUs that the system was compiled for."); int smp_active = 0; /* are the APs allowed to run? */ SYSCTL_INT(_kern_smp, OID_AUTO, active, CTLFLAG_RW, &smp_active, 0, "Number of Auxillary Processors (APs) that were successfully started"); int smp_disabled = 0; /* has smp been disabled? */ -SYSCTL_INT(_kern_smp, OID_AUTO, disabled, CTLFLAG_RDTUN, &smp_disabled, 0, - "SMP has been disabled from the loader"); +SYSCTL_INT(_kern_smp, OID_AUTO, disabled, CTLFLAG_RDTUN|CTLFLAG_CAPRD, + &smp_disabled, 0, "SMP has been disabled from the loader"); TUNABLE_INT("kern.smp.disabled", &smp_disabled); int smp_cpus = 1; /* how many cpu's running */ -SYSCTL_INT(_kern_smp, OID_AUTO, cpus, CTLFLAG_RD, &smp_cpus, 0, +SYSCTL_INT(_kern_smp, OID_AUTO, cpus, CTLFLAG_RD|CTLFLAG_CAPRD, &smp_cpus, 0, "Number of CPUs online"); int smp_topology = 0; /* Which topology we're using. */ |
