From owner-svn-src-head@FreeBSD.ORG  Thu Feb 26 12:49:50 2009
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DC143106566B;
	Thu, 26 Feb 2009 12:49:50 +0000 (UTC)
	(envelope-from alexander@leidinger.net)
Received: from redbull.bpaserver.net (redbullneu.bpaserver.net
	[213.198.78.217])
	by mx1.freebsd.org (Postfix) with ESMTP id 61FC38FC08;
	Thu, 26 Feb 2009 12:49:50 +0000 (UTC)
	(envelope-from alexander@leidinger.net)
Received: from outgoing.leidinger.net (pD9E2CC5D.dip.t-dialin.net
	[217.226.204.93])
	by redbull.bpaserver.net (Postfix) with ESMTP id F41112E1F9;
	Thu, 26 Feb 2009 13:49:45 +0100 (CET)
Received: from webmail.leidinger.net (webmail.leidinger.net [192.168.1.102])
	by outgoing.leidinger.net (Postfix) with ESMTP id 96222AA7F0;
	Thu, 26 Feb 2009 13:49:38 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=Leidinger.net;
	s=outgoing-alex; t=1235652578; bh=aVwRdPHaF9vN+UILJNpXRXTNHO2b0kSTv
	Vj9hzevxFE=; h=Message-ID:Date:From:To:Cc:Subject:References:
	In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
	b=s7U25HwJ9BQ7jyc/NoOFPWlJOpdpGBYL3Ygw0oKCX0V+6/lVgtgMmaB+mzDDStTx1
	a9QtqNsnFzfwBba0pxS29Dgs470I6B75wPcuJwHjDnxDYFsmql7NDdkt00RVAkRIV+V
	ElZdWeicQCZdcqYo66SiT6TLcp8CBZQ4sb2u1NekigMbqEkaqO7bQKTyLu62Sqo1jqu
	drmMc8VsgZOaM0ga/zEGmxNdZz6ZCT29tIBhxYLx/C35jP+5280/ObxH+iUH8sJx4Qv
	dJkwvpk7jOGF+8enMJKzksd1fAUGAnLo5kChHtM2C6o7xy8RLXV0I0uzHlJLMLr6U5k
	PfPpU7LTg==
Received: (from www@localhost)
	by webmail.leidinger.net (8.14.3/8.13.8/Submit) id n1QCnbbv003376;
	Thu, 26 Feb 2009 13:49:37 +0100 (CET)
	(envelope-from Alexander@Leidinger.net)
Received: from pslux.cec.eu.int (pslux.cec.eu.int [158.169.9.14]) by
	webmail.leidinger.net (Horde Framework) with HTTP; Thu, 26 Feb 2009
	13:49:37 +0100
Message-ID: <20090226134937.13523qtfgxc9ik7k@webmail.leidinger.net>
X-Priority: 3 (Normal)
Date: Thu, 26 Feb 2009 13:49:37 +0100
From: Alexander Leidinger <Alexander@Leidinger.net>
To: Robert Watson <rwatson@FreeBSD.org>
References: <200902261056.n1QAuDTL025375@svn.freebsd.org>
	<alpine.BSF.2.00.0902261056280.16988@fledge.watson.org>
In-Reply-To: <alpine.BSF.2.00.0902261056280.16988@fledge.watson.org>
MIME-Version: 1.0
Content-Type: text/plain;
	charset=UTF-8;
	DelSp="Yes";
	format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
User-Agent: Internet Messaging Program (IMP) H3 (4.3) / FreeBSD-8.0
X-BPAnet-MailScanner-Information: Please contact the ISP for more information
X-MailScanner-ID: F41112E1F9.F2B98
X-BPAnet-MailScanner: Found to be clean
X-BPAnet-MailScanner-SpamCheck: not spam, ORDB-RBL, SpamAssassin (not cached, 
	score=-14.823, required 6, BAYES_00 -15.00,
	DKIM_SIGNED 0.00, 
	DKIM_VERIFIED -0.00, RDNS_DYNAMIC 0.10, TW_SV 0.08)
X-BPAnet-MailScanner-From: alexander@leidinger.net
X-Spam-Status: No
Cc: svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org,
	src-committers@FreeBSD.org
Subject: Re: svn commit: r189063 - head/sys/kern
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
	<svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Feb 2009 12:49:51 -0000

Quoting Robert Watson <rwatson@FreeBSD.org> (from Thu, 26 Feb 2009 =20
10:57:13 +0000 (GMT)):

> On Thu, 26 Feb 2009, Robert Watson wrote:
>
>> Log:
>> Add static tracing for privilege checking:
>>
>>   priv:kernel:priv_check:priv_ok fires for granted privileges
>>   priv:kernel:priv_check:priv_errr fires for denied privileges
>>
>> The first argument is the requested privilege number.  The naming
>> convention is a little different from the OpenSolaris equivilent
>> because we can't have '-' in probefunc names, and our privilege
>> namespace is different.
>
> A typical tracing command might be:
>
>   dtrace -n 'priv:::priv_ok { trace(execname); trace(arg0);}'
>
> arg0 requires manual interpretation using /usr/include/sys/priv.h.

Theoretically it is possible to write a little script which takes =20
priv.h and generates a little bit of dtrace stuff which allows to =20
print out strings instead of numbers. But I think this is a matter of =20
motivation...

I would also use printf("program: %s, priv: $d\n", execname, arg0) or =20
something similar with printf, but this is cosmetics.

Should we create a repository of dtrace scripts in /usr/share or =20
wherever? For the linuxulator I have several scripts in my =20
linuxulator-dtrace branch (some more, some less useful for =20
non-developers).

Bye,
Alexander.

--=20
Never trust anybody whose arm is bigger than your leg.

http://www.Leidinger.net    Alexander @ Leidinger.net: PGP ID =3D B0063FE7
http://www.FreeBSD.org       netchild @ FreeBSD.org  : PGP ID =3D 72077137