diff options
author | rwatson <rwatson@FreeBSD.org> | 2009-01-24 10:57:32 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2009-01-24 10:57:32 +0000 |
commit | f6d46136a4ef3a0c7c8587c290cfcebe68a43d66 (patch) | |
tree | c72716b15f122e9e01d63f0bfe6211268464192e /sys | |
parent | aaaff3620bd78568076acb0874f8d89e7e1a348f (diff) | |
download | FreeBSD-src-f6d46136a4ef3a0c7c8587c290cfcebe68a43d66.zip FreeBSD-src-f6d46136a4ef3a0c7c8587c290cfcebe68a43d66.tar.gz |
Begin to add SDT tracing of the MAC Framework: add policy modevent,
register, and unregister hooks that give access to the mac_policy_conf
for the policy.
Obtained from: TrustedBSD Project
MFC after: 3 days
Diffstat (limited to 'sys')
-rw-r--r-- | sys/security/mac/mac_framework.c | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c index d18f3e5..26d391c 100644 --- a/sys/security/mac/mac_framework.c +++ b/sys/security/mac/mac_framework.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1999-2002, 2006 Robert N. M. Watson + * Copyright (c) 1999-2002, 2006, 2009 Robert N. M. Watson * Copyright (c) 2001 Ilmar S. Habibulin * Copyright (c) 2001-2005 Networks Associates Technology, Inc. * Copyright (c) 2005-2006 SPARTA, Inc. @@ -63,6 +63,7 @@ * src/sys/security/mac_*. */ +#include "opt_kdtrace.h" #include "opt_mac.h" #include <sys/cdefs.h> @@ -75,6 +76,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mutex.h> #include <sys/mac.h> #include <sys/module.h> +#include <sys/sdt.h> #include <sys/systm.h> #include <sys/sysctl.h> @@ -83,6 +85,24 @@ __FBSDID("$FreeBSD$"); #include <security/mac/mac_policy.h> /* + * DTrace SDT provider for MAC. + */ +SDT_PROVIDER_DEFINE(mac); + +SDT_PROBE_DEFINE(mac, kernel, policy, modevent); +SDT_PROBE_ARGTYPE(mac, kernel, policy, modevent, 0, "int"); +SDT_PROBE_ARGTYPE(mac, kernel, policy, modevent, 1, + "struct mac_policy_conf *mpc"); + +SDT_PROBE_DEFINE(mac, kernel, policy, register); +SDT_PROBE_ARGTYPE(mac, kernel, policy, register, 0, + "struct mac_policy_conf *"); + +SDT_PROBE_DEFINE(mac, kernel, policy, unregister); +SDT_PROBE_ARGTYPE(mac, kernel, policy, unregister, 0, + "struct mac_policy_conf *"); + +/* * Root sysctl node for all MAC and MAC policy controls. */ SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, @@ -458,6 +478,7 @@ mac_policy_register(struct mac_policy_conf *mpc) (*(mpc->mpc_ops->mpo_init))(mpc); mac_policy_updateflags(); + SDT_PROBE(mac, kernel, policy, register, mpc, 0, 0, 0, 0); printf("Security policy loaded: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); @@ -505,6 +526,7 @@ mac_policy_unregister(struct mac_policy_conf *mpc) mac_policy_release_exclusive(); + SDT_PROBE(mac, kernel, policy, unregister, mpc, 0, 0, 0, 0); printf("Security policy unload: %s (%s)\n", mpc->mpc_fullname, mpc->mpc_name); @@ -530,6 +552,7 @@ mac_policy_modevent(module_t mod, int type, void *data) } #endif + SDT_PROBE(mac, kernel, policy, modevent, type, mpc, 0, 0, 0); switch (type) { case MOD_LOAD: if (mpc->mpc_loadtime_flags & MPC_LOADTIME_FLAG_NOTLATE && |