From nobody Wed Nov 12 14:52:22 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4d65wR2MrZz6H5Lg; Wed, 12 Nov 2025 14:52:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4d65wQ3HSzz46Mc; Wed, 12 Nov 2025 14:52:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1762959142; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=e+dvPpbkZBeY6O9neN3VskwSVCnCC5MBMnlgNk4iPtE=; b=gmwxT2Wo9OJjkaNPGOl6nAwtLugYidOicIJHCqxXLvVD5VKU9tfyTs5YTe/svj6Z6BsFxM TK8CDUgsAFU+6I7/64Q/vZBJ7DgOr7GjDv6zavi0pQIskqZtXw2Sb4jhT3GLhQ08CBWcKN k720f2Nnpe4M73GBfEKX7MsSuVoZNRfHYEyFBFZ721C7/xHIfCpeyGbbcV5c1GODa+3dUe F/kO5Qw/JsMAeA32pY+MvgNwtaUPHJmS+bsuLyvvClPQlnv9fR7Xz3R1u5WiOMJ38mG8Wk TXaTzLZ8qO/cakLtJA391vfA/1Z0B7eTa40t4OoErXZad5Z4WWFr9mnINhcXyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1762959142; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=e+dvPpbkZBeY6O9neN3VskwSVCnCC5MBMnlgNk4iPtE=; b=OpB69RhMoNbr4yhFEX+kp8+sxNKM42xpH/T94nOat1fJO0i6NlQYM8WR0aXHjkZRA1cc3X RwtOXJ4Dd0xRTzEWI2naW85Vb01GDloyT65+Gh7cbxHsxRqTkbEIsuhL0C4/CXcsY9QwR9 SMbT9qHZuQDKE5X/UYvPbDmEqMN+HUgno0zrT/JnAUWzHWNA/i+FB6XHFJEN0JQzROFgD2 zLj+Q36yTv+jNExVT7sZ46DfmQeCBzMjoxrCmv7YX5h988bjjUKb4NkTb0UNvYkYLmkBBj uwCoO7MG8hvgqu7lRutEKjEctUo8z2mThnltDTboSJf6mHhHfAWSQW6qQSZFdQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1762959142; a=rsa-sha256; cv=none; b=Nf1BsVET3gAUOKE8tzQDTLd7kyp5XCluHFHVA/iNEJuBMe1+kCeVBeij4Z5809/4KPaLAX 8qDv/lFJgHw3KmRiDo6yyIIShlzPTA5CYFBwALuRf5nfmvTS7Uk3uKEwMZD0AuJgvDXWz0 tCqX/KYMe5sQ+yxqyTNawzW9Onogj8jBiabA+Qv7N053NkjYxMoXP1/rD+plXkR1GCDW1X 937nMEqbdFRvHZeJ2LxbBNZhLTh9nlU/dZXpQyhkGy4W94rjp1ktAhbcAchWxjdT84Y8qN 7TTMEuDtUTaRybMI5BfBDfNEsziSE89wYsGTbqMLDJpvwfTXjGQ2XK/Vow1uVQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4d65wQ2nM1zgG2; Wed, 12 Nov 2025 14:52:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 5ACEqMdQ063097; Wed, 12 Nov 2025 14:52:22 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 5ACEqMGg063094; Wed, 12 Nov 2025 14:52:22 GMT (envelope-from git) Date: Wed, 12 Nov 2025 14:52:22 GMT Message-Id: <202511121452.5ACEqMGg063094@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mateusz Piotrowski <0mp@FreeBSD.org> Subject: git: 7bcd3a04c869 - main - dtrace_priv.4: Document the DTrace priv provider List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: 0mp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 7bcd3a04c8695d797665289ed48ff2d84afb8ac4 Auto-Submitted: auto-generated The branch main has been updated by 0mp: URL: https://cgit.FreeBSD.org/src/commit/?id=7bcd3a04c8695d797665289ed48ff2d84afb8ac4 commit 7bcd3a04c8695d797665289ed48ff2d84afb8ac4 Author: Mateusz Piotrowski <0mp@FreeBSD.org> AuthorDate: 2025-11-06 23:43:19 +0000 Commit: Mateusz Piotrowski <0mp@FreeBSD.org> CommitDate: 2025-11-12 14:51:37 +0000 dtrace_priv.4: Document the DTrace priv provider Fixes: 6efcc2f26ab0 Add static tracing for privilege checking MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D53630 --- cddl/contrib/opensolaris/cmd/dtrace/dtrace.1 | 3 +- share/man/man4/Makefile | 1 + share/man/man4/dtrace_priv.4 | 59 ++++++++++++++++++++++++++++ share/man/man9/priv.9 | 3 +- 4 files changed, 64 insertions(+), 2 deletions(-) diff --git a/cddl/contrib/opensolaris/cmd/dtrace/dtrace.1 b/cddl/contrib/opensolaris/cmd/dtrace/dtrace.1 index 5115d16a1286..86887bbe8dd9 100644 --- a/cddl/contrib/opensolaris/cmd/dtrace/dtrace.1 +++ b/cddl/contrib/opensolaris/cmd/dtrace/dtrace.1 @@ -20,7 +20,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 8, 2025 +.Dd November 12, 2025 .Dt DTRACE 1 .Os .Sh NAME @@ -1309,6 +1309,7 @@ in .Xr dtrace_lockstat 4 , .Xr dtrace_pid 4 , .Xr dtrace_proc 4 , +.Xr dtrace_priv 4 , .Xr dtrace_profile 4 , .Xr dtrace_sched 4 , .Xr dtrace_sctp 4 , diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile index 752ae9f165ca..31e3d67e93eb 100644 --- a/share/man/man4/Makefile +++ b/share/man/man4/Makefile @@ -1014,6 +1014,7 @@ _dtrace_provs= dtrace_audit.4 \ dtrace_kinst.4 \ dtrace_lockstat.4 \ dtrace_pid.4 \ + dtrace_priv.4 \ dtrace_proc.4 \ dtrace_profile.4 \ dtrace_sched.4 \ diff --git a/share/man/man4/dtrace_priv.4 b/share/man/man4/dtrace_priv.4 new file mode 100644 index 000000000000..97bd4c20eb2c --- /dev/null +++ b/share/man/man4/dtrace_priv.4 @@ -0,0 +1,59 @@ +.\" +.\" Copyright (c) 2025 Mateusz Piotrowski <0mp@FreeBSD.org> +.\" +.\" SPDX-License-Identifier: BSD-2-Clause +.\" +.Dd November 12, 2025 +.Dt DTRACE_PRIV 4 +.Os +.Sh NAME +.Nm dtrace_priv +.Nd a DTrace provider for the kernel privilege checking API +.Sh SYNOPSIS +.Nm priv Ns Cm :kernel:priv_check:priv-ok +.Nm priv Ns Cm :kernel:priv_check:priv-err +.Sh DESCRIPTION +The +.Nm priv +provider allows for tracing the +.Xr priv 9 +API. +.Pp +The +.Nm priv Ns Cm :kernel:priv_check:priv-ok +probe fires upon a successful kernel privilege check. +.Pp +The +.Nm priv Ns Cm :kernel:priv_check:priv-err +probe fires upon a failed kernel privilege check. +.Pp +The only argument to the +.Nm priv +probes, +.Fa args[0] , +is the requested privilege number +.Ft int priv . +.Sh EXAMPLES +.Ss Example 1: Tracing Kernel Privilege Check Failures +The following script captures an array of counters, +one for each stack trace leading to a failed kernel privilege check: +.Bd -literal -offset 2n +priv:::priv-err +{ + @traces[stack()] = count(); +} +.Ed +.Sh SEE ALSO +.Xr dtrace 1 , +.Xr tracing 7 , +.Xr priv 9 , +.Xr SDT 9 +.Sh AUTHORS +.An -nosplit +The +.Nm priv +provider was written by +.An Robert N. M. Watson Aq Mt rwatson@FreeBSD.org . +.Pp +This manual page was written by +.An Mateusz Piotrowski Aq Mt 0mp@FreeBSD.org . diff --git a/share/man/man9/priv.9 b/share/man/man9/priv.9 index 80d0542e9bdf..6343940c89fb 100644 --- a/share/man/man9/priv.9 +++ b/share/man/man9/priv.9 @@ -26,7 +26,7 @@ .\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS .\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd December 19, 2018 +.Dd November 12, 2025 .Dt PRIV 9 .Os .Sh NAME @@ -106,6 +106,7 @@ privilege checks, and the caller is unable to tell if an access control failure occurred. .Sh SEE ALSO .Xr jail 2 , +.Xr dtrace_priv 4 , .Xr mac 9 , .Xr ucred 9 .Sh AUTHORS