Print this page
2917 DTrace in a zone should have limited provider access
@@ -21,10 +21,13 @@
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
+/*
+ * Copyright (c) 2012, Joyent, Inc. All rights reserved.
+ */
#include <sys/modctl.h>
#include <sys/sunddi.h>
#include <sys/dtrace.h>
#include <sys/kobj.h>
@@ -417,13 +420,23 @@
sdt_probetab =
kmem_zalloc(sdt_probetab_size * sizeof (sdt_probe_t *), KM_SLEEP);
dtrace_invop_add(sdt_invop);
for (prov = sdt_providers; prov->sdtp_name != NULL; prov++) {
+ uint32_t priv;
+
+ if (prov->sdtp_priv == DTRACE_PRIV_NONE) {
+ priv = DTRACE_PRIV_KERNEL;
+ sdt_pops.dtps_mode = NULL;
+ } else {
+ priv = prov->sdtp_priv;
+ ASSERT(priv == DTRACE_PRIV_USER);
+ sdt_pops.dtps_mode = sdt_mode;
+ }
+
if (dtrace_register(prov->sdtp_name, prov->sdtp_attr,
- DTRACE_PRIV_KERNEL, NULL,
- &sdt_pops, prov, &prov->sdtp_id) != 0) {
+ priv, NULL, &sdt_pops, prov, &prov->sdtp_id) != 0) {
cmn_err(CE_WARN, "failed to register sdt provider %s",
prov->sdtp_name);
}
}