From nobody Sun Dec 7 21:18:10 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dPdJ26zCPz6HqP4 for ; Sun, 07 Dec 2025 21:18:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4dPdJ26JlCz3h2Q for ; Sun, 07 Dec 2025 21:18:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1765142290; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nWXOYQoTHmtI4tMC0lP7goKpUKeiT8P4xf8/so588Yk=; b=VUXHQTgZP9DWRJAoqSIRe8LslkyQ8Y5Dc/s/SRnul6bACc5a8E0EjLafwu0gkFE5Js0oEg C5nyJndjG8c10mcmmnktxlianZ1DKJbfQJhAaAN1yvRTo/gweV38zwFbNUwAypaSSXBDrh yjcYwRfov0J8/7kVVfFm8GdJ6U5fR1Bp43qXHvNcauVG0Smt4xkV1/zvGPic3+9ARmz4/5 UlzHlZgR8YCsdLscNeDQ6hLTh+Jxf+drqFxWsNy80SoKURrWWKXmCrgxHxGpD1WxPQeDEq nOI97UJIqtKApdK7Ju0Fx8ZK9gd6f0dDu8SECHmQeDKeBpKR2sSpXbWiek76UQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1765142290; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nWXOYQoTHmtI4tMC0lP7goKpUKeiT8P4xf8/so588Yk=; b=jznltCsGIM12eVWw05bNfirILROdO/kiPNsp+4ldwjnrXkfCZNEWspU7TwgCqyG/vReb8y vYQI9WuFtwQDwEWDRgeDaEYocg4l9Z7nU0F5fY7lVWURcVAaoCWYmmFezCzgrm1xPwmA00 H/6JKeh5XXZe+eqiF/eZHJDCXJ0Dqnr9OCR9CtzV3OgpPjPMdWbaP7VqmKg6oMJMer0xbj +3Mc5cEkv3VpUHIrIrzFnX9RGaO9wEy9HaRr/de0tWBSg/FJ2fCW3c+fqb0TpmUG/0dfjd kDw95m2u4UdbU5WaFCMdkCkDs7X8KZLsKn1a2I5HO45x7oz3YE5+gClD0CIb/g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1765142290; a=rsa-sha256; cv=none; b=AdY7BqU4LbrYizE6MrqbjEbH0AgjJAp3eYefh3FVcy60CVE8ZMNKMNK77uJrAHKXv3DRfe I6btuiAYnad5g3+TSkkgHcvMkBtHQ+73VWmEGeOiNUjfnoUTCi5ocWn87xwvAQGz5AmVlG KheeL44t+xElWOWxd5WnlvBvahEQs4/RBHkL21sB8trbSwz0NCBUIzTKzHPX7WnLTzk82k 6uguhVPVQd65gkj16xi2gp77SWel6QHabZTJu6mDHMhyl08RiI6IGQpL7KTqoARwX8Ligv stTlVfjqbHNjU1fLrsGPhmQLw0/xj8sCnliXACWkudfoRB6yansRf5e77Yo2qw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4dPdJ25VFFz109V for ; Sun, 07 Dec 2025 21:18:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2f752 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Sun, 07 Dec 2025 21:18:10 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mateusz Piotrowski <0mp@FreeBSD.org> Subject: git: 09af13403983 - stable/15 - dtrace_priv.4: Document the DTrace priv provider List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: 0mp X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 09af13403983b0ee17b8c02433bcd5774f378633 Auto-Submitted: auto-generated Date: Sun, 07 Dec 2025 21:18:10 +0000 Message-Id: <6935ef12.2f752.2820c81d@gitrepo.freebsd.org> The branch stable/15 has been updated by 0mp: URL: https://cgit.FreeBSD.org/src/commit/?id=09af13403983b0ee17b8c02433bcd5774f378633 commit 09af13403983b0ee17b8c02433bcd5774f378633 Author: Mateusz Piotrowski <0mp@FreeBSD.org> AuthorDate: 2025-11-06 23:43:19 +0000 Commit: Mateusz Piotrowski <0mp@FreeBSD.org> CommitDate: 2025-12-07 21:17:17 +0000 dtrace_priv.4: Document the DTrace priv provider Fixes: 6efcc2f26ab0 Add static tracing for privilege checking MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D53630 (cherry picked from commit 7bcd3a04c8695d797665289ed48ff2d84afb8ac4) --- cddl/contrib/opensolaris/cmd/dtrace/dtrace.1 | 3 +- share/man/man4/Makefile | 1 + share/man/man4/dtrace_priv.4 | 59 ++++++++++++++++++++++++++++ share/man/man9/priv.9 | 3 +- 4 files changed, 64 insertions(+), 2 deletions(-) diff --git a/cddl/contrib/opensolaris/cmd/dtrace/dtrace.1 b/cddl/contrib/opensolaris/cmd/dtrace/dtrace.1 index 6b0c3d3c2dee..66f0e432a3b0 100644 --- a/cddl/contrib/opensolaris/cmd/dtrace/dtrace.1 +++ b/cddl/contrib/opensolaris/cmd/dtrace/dtrace.1 @@ -20,7 +20,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 8, 2025 +.Dd November 12, 2025 .Dt DTRACE 1 .Os .Sh NAME @@ -1308,6 +1308,7 @@ in .Xr dtrace_kinst 4 , .Xr dtrace_lockstat 4 , .Xr dtrace_proc 4 , +.Xr dtrace_priv 4 , .Xr dtrace_profile 4 , .Xr dtrace_sched 4 , .Xr dtrace_sctp 4 , diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile index a04e20dfea27..316e1263b843 100644 --- a/share/man/man4/Makefile +++ b/share/man/man4/Makefile @@ -1011,6 +1011,7 @@ _dtrace_provs= dtrace_audit.4 \ dtrace_ip.4 \ dtrace_kinst.4 \ dtrace_lockstat.4 \ + dtrace_priv.4 \ dtrace_proc.4 \ dtrace_profile.4 \ dtrace_sched.4 \ diff --git a/share/man/man4/dtrace_priv.4 b/share/man/man4/dtrace_priv.4 new file mode 100644 index 000000000000..97bd4c20eb2c --- /dev/null +++ b/share/man/man4/dtrace_priv.4 @@ -0,0 +1,59 @@ +.\" +.\" Copyright (c) 2025 Mateusz Piotrowski <0mp@FreeBSD.org> +.\" +.\" SPDX-License-Identifier: BSD-2-Clause +.\" +.Dd November 12, 2025 +.Dt DTRACE_PRIV 4 +.Os +.Sh NAME +.Nm dtrace_priv +.Nd a DTrace provider for the kernel privilege checking API +.Sh SYNOPSIS +.Nm priv Ns Cm :kernel:priv_check:priv-ok +.Nm priv Ns Cm :kernel:priv_check:priv-err +.Sh DESCRIPTION +The +.Nm priv +provider allows for tracing the +.Xr priv 9 +API. +.Pp +The +.Nm priv Ns Cm :kernel:priv_check:priv-ok +probe fires upon a successful kernel privilege check. +.Pp +The +.Nm priv Ns Cm :kernel:priv_check:priv-err +probe fires upon a failed kernel privilege check. +.Pp +The only argument to the +.Nm priv +probes, +.Fa args[0] , +is the requested privilege number +.Ft int priv . +.Sh EXAMPLES +.Ss Example 1: Tracing Kernel Privilege Check Failures +The following script captures an array of counters, +one for each stack trace leading to a failed kernel privilege check: +.Bd -literal -offset 2n +priv:::priv-err +{ + @traces[stack()] = count(); +} +.Ed +.Sh SEE ALSO +.Xr dtrace 1 , +.Xr tracing 7 , +.Xr priv 9 , +.Xr SDT 9 +.Sh AUTHORS +.An -nosplit +The +.Nm priv +provider was written by +.An Robert N. M. Watson Aq Mt rwatson@FreeBSD.org . +.Pp +This manual page was written by +.An Mateusz Piotrowski Aq Mt 0mp@FreeBSD.org . diff --git a/share/man/man9/priv.9 b/share/man/man9/priv.9 index 80d0542e9bdf..6343940c89fb 100644 --- a/share/man/man9/priv.9 +++ b/share/man/man9/priv.9 @@ -26,7 +26,7 @@ .\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS .\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd December 19, 2018 +.Dd November 12, 2025 .Dt PRIV 9 .Os .Sh NAME @@ -106,6 +106,7 @@ privilege checks, and the caller is unable to tell if an access control failure occurred. .Sh SEE ALSO .Xr jail 2 , +.Xr dtrace_priv 4 , .Xr mac 9 , .Xr ucred 9 .Sh AUTHORS