illumos-gate Cdiff usr/src/uts/common/sys/dtrace.h

Print this page

2917 DTrace in a zone should have limited provider access


*** 23,33 ****
   * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
   * Use is subject to license terms.
   */
  
  /*
!  * Copyright (c) 2011, Joyent, Inc. All rights reserved.
   */
  
  #ifndef _SYS_DTRACE_H
  #define _SYS_DTRACE_H
  
--- 23,33 ----
   * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
   * Use is subject to license terms.
   */
  
  /*
!  * Copyright (c) 2012, Joyent, Inc. All rights reserved.
   */
  
  #ifndef _SYS_DTRACE_H
  #define _SYS_DTRACE_H
  
*** 1623,1639 ****
   *
   * 1.10.3  Return value
   *
   *   A bitwise OR that encapsulates both the mode (either DTRACE_MODE_KERNEL
   *   or DTRACE_MODE_USER) and the policy when the privilege of the enabling
!  *   is insufficient for that mode (either DTRACE_MODE_NOPRIV_DROP or
!  *   DTRACE_MODE_NOPRIV_RESTRICT).  If the policy is DTRACE_MODE_NOPRIV_DROP,
!  *   insufficient privilege will result in the probe firing being silently
!  *   ignored for the enabling; if the policy is DTRACE_NODE_NOPRIV_RESTRICT,
!  *   insufficient privilege will not prevent probe processing for the
!  *   enabling, but restrictions will be in place that induce a UPRIV fault
!  *   upon attempt to examine probe arguments or current process state.
   *
   * 1.10.4  Caller's context
   *
   *   This is called from within dtrace_probe() meaning that interrupts
   *   are disabled. No locks should be taken within this entry point.
--- 1623,1646 ----
   *
   * 1.10.3  Return value
   *
   *   A bitwise OR that encapsulates both the mode (either DTRACE_MODE_KERNEL
   *   or DTRACE_MODE_USER) and the policy when the privilege of the enabling
!  *   is insufficient for that mode (a combination of DTRACE_MODE_NOPRIV_DROP,
!  *   DTRACE_MODE_NOPRIV_RESTRICT, and DTRACE_MODE_LIMITEDPRIV_RESTRICT).  If
!  *   DTRACE_MODE_NOPRIV_DROP bit is set, insufficient privilege will result
!  *   in the probe firing being silently ignored for the enabling; if the
!  *   DTRACE_NODE_NOPRIV_RESTRICT bit is set, insufficient privilege will not
!  *   prevent probe processing for the enabling, but restrictions will be in
!  *   place that induce a UPRIV fault upon attempt to examine probe arguments
!  *   or current process state.  If the DTRACE_MODE_LIMITEDPRIV_RESTRICT bit
!  *   is set, similar restrictions will be placed upon operation if the
!  *   privilege is sufficient to process the enabling, but does not otherwise
!  *   entitle the enabling to all zones.  The DTRACE_MODE_NOPRIV_DROP and
!  *   DTRACE_MODE_NOPRIV_RESTRICT are mutually exclusive (and one of these
!  *   two policies must be specified), but either may be combined (or not)
!  *   with DTRACE_MODE_LIMITEDPRIV_RESTRICT.
   *
   * 1.10.4  Caller's context
   *
   *   This is called from within dtrace_probe() meaning that interrupts
   *   are disabled. No locks should be taken within this entry point.
*** 2028,2037 ****
--- 2035,2045 ----
  
  #define DTRACE_MODE_KERNEL                      0x01
  #define DTRACE_MODE_USER                        0x02
  #define DTRACE_MODE_NOPRIV_DROP                 0x10
  #define DTRACE_MODE_NOPRIV_RESTRICT             0x20
+ #define DTRACE_MODE_LIMITEDPRIV_RESTRICT        0x40
  
  typedef uintptr_t       dtrace_provider_id_t;
  
  extern int dtrace_register(const char *, const dtrace_pattr_t *, uint32_t,
      cred_t *, const dtrace_pops_t *, void *, dtrace_provider_id_t *);