1.\" 2.\" Copyright (c) 2006 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $FreeBSD$ 27.\" 28.Dd September 15, 2014 29.Dt SYSCTL 9 30.Os 31.Sh NAME 32.Nm SYSCTL_DECL , 33.Nm SYSCTL_ADD_INT , 34.Nm SYSCTL_ADD_LONG , 35.Nm SYSCTL_ADD_NODE , 36.Nm SYSCTL_ADD_OPAQUE , 37.Nm SYSCTL_ADD_PROC , 38.Nm SYSCTL_ADD_QUAD , 39.Nm SYSCTL_ADD_ROOT_NODE , 40.Nm SYSCTL_ADD_STRING , 41.Nm SYSCTL_ADD_STRUCT , 42.Nm SYSCTL_ADD_UINT , 43.Nm SYSCTL_ADD_ULONG , 44.Nm SYSCTL_ADD_UQUAD , 45.Nm SYSCTL_CHILDREN , 46.Nm SYSCTL_STATIC_CHILDREN , 47.Nm SYSCTL_NODE_CHILDREN , 48.Nm SYSCTL_PARENT , 49.Nm SYSCTL_INT , 50.Nm SYSCTL_LONG , 51.Nm SYSCTL_NODE , 52.Nm SYSCTL_OPAQUE , 53.Nm SYSCTL_PROC , 54.Nm SYSCTL_QUAD , 55.Nm SYSCTL_ROOT_NODE , 56.Nm SYSCTL_STRING , 57.Nm SYSCTL_STRUCT , 58.Nm SYSCTL_UINT , 59.Nm SYSCTL_ULONG , 60.Nm SYSCTL_UQUAD 61.Nd Dynamic and static sysctl MIB creation functions 62.Sh SYNOPSIS 63.In sys/types.h 64.In sys/sysctl.h 65.Fn SYSCTL_DECL name 66.Ft struct sysctl_oid * 67.Fo SYSCTL_ADD_INT 68.Fa "struct sysctl_ctx_list *ctx" 69.Fa "struct sysctl_oid_list *parent" 70.Fa "int number" 71.Fa "const char *name" 72.Fa "int ctlflags" 73.Fa "int *ptr" 74.Fa "intptr_t val" 75.Fa "const char *descr" 76.Fc 77.Ft struct sysctl_oid * 78.Fo SYSCTL_ADD_LONG 79.Fa "struct sysctl_ctx_list *ctx" 80.Fa "struct sysctl_oid_list *parent" 81.Fa "int number" 82.Fa "const char *name" 83.Fa "int ctlflags" 84.Fa "long *ptr" 85.Fa "intptr_t val" 86.Fa "const char *descr" 87.Fc 88.Ft struct sysctl_oid * 89.Fo SYSCTL_ADD_NODE 90.Fa "struct sysctl_ctx_list *ctx" 91.Fa "struct sysctl_oid_list *parent" 92.Fa "int number" 93.Fa "const char *name" 94.Fa "int ctlflags" 95.Fa "int (*handler)(SYSCTL_HANDLER_ARGS)" 96.Fa "const char *descr" 97.Fc 98.Ft struct sysctl_oid * 99.Fo SYSCTL_ADD_OPAQUE 100.Fa "struct sysctl_ctx_list *ctx" 101.Fa "struct sysctl_oid_list *parent" 102.Fa "int number" 103.Fa "const char *name" 104.Fa "int ctlflags" 105.Fa "void *ptr" 106.Fa "intptr_t len" 107.Fa "const char *format" 108.Fa "const char *descr" 109.Fc 110.Ft struct sysctl_oid * 111.Fo SYSCTL_ADD_PROC 112.Fa "struct sysctl_ctx_list *ctx" 113.Fa "struct sysctl_oid_list *parent" 114.Fa "int number" 115.Fa "const char *name" 116.Fa "int ctlflags" 117.Fa "void *arg1" 118.Fa "intptr_t arg2" 119.Fa "int (*handler) (SYSCTL_HANDLERARGS)" 120.Fa "const char *format" 121.Fa "const char *descr" 122.Fc 123.Ft struct sysctl_oid * 124.Fo SYSCTL_ADD_QUAD 125.Fa "struct sysctl_ctx_list *ctx" 126.Fa "struct sysctl_oid_list *parent" 127.Fa "int number" 128.Fa "const char *name" 129.Fa "int ctlflags" 130.Fa "quad_t *ptr" 131.Fa "intptr_t val" 132.Fa "const char *descr" 133.Fc 134.Ft struct sysctl_oid * 135.Fo SYSCTL_ADD_ROOT_NODE 136.Fa "struct sysctl_ctx_list *ctx" 137.Fa "int number" 138.Fa "const char *name" 139.Fa "int ctlflags" 140.Fa "int (*handler)(SYSCTL_HANDLER_ARGS)" 141.Fa "const char *descr" 142.Fc 143.Ft struct sysctl_oid * 144.Fo SYSCTL_ADD_STRING 145.Fa "struct sysctl_ctx_list *ctx" 146.Fa "struct sysctl_oid_list *parent" 147.Fa "int number" 148.Fa "const char *name" 149.Fa "int ctlflags" 150.Fa "char *ptr" 151.Fa "intptr_t len" 152.Fa "const char *descr" 153.Fc 154.Ft struct sysctl_oid * 155.Fo SYSCTL_ADD_STRUCT 156.Fa "struct sysctl_ctx_list *ctx" 157.Fa "struct sysctl_oid_list *parent" 158.Fa "int number" 159.Fa "const char *name" 160.Fa "int ctlflags" 161.Fa "void *ptr" 162.Fa struct_type 163.Fa "const char *descr" 164.Fc 165.Ft struct sysctl_oid * 166.Fo SYSCTL_ADD_UINT 167.Fa "struct sysctl_ctx_list *ctx" 168.Fa "struct sysctl_oid_list *parent" 169.Fa "int number" 170.Fa "const char *name" 171.Fa "int ctlflags" 172.Fa "unsigned int *ptr" 173.Fa "intptr_t val" 174.Fa "const char *descr" 175.Fc 176.Ft struct sysctl_oid * 177.Fo SYSCTL_ADD_ULONG 178.Fa "struct sysctl_ctx_list *ctx" 179.Fa "struct sysctl_oid_list *parent" 180.Fa "int number" 181.Fa "const char *name" 182.Fa "int ctlflags" 183.Fa "unsigned long *ptr" 184.Fa "intptr_t val" 185.Fa "const char *descr" 186.Fc 187.Ft struct sysctl_oid * 188.Fo SYSCTL_ADD_UQUAD 189.Fa "struct sysctl_ctx_list *ctx" 190.Fa "struct sysctl_oid_list *parent" 191.Fa "int number" 192.Fa "const char *name" 193.Fa "int ctlflags" 194.Fa "u_quad_t *ptr" 195.Fa "intptr_t val" 196.Fa "const char *descr" 197.Fc 198.Ft struct sysctl_oid_list * 199.Fo SYSCTL_CHILDREN 200.Fa "struct sysctl_oid *oidp" 201.Fc 202.Ft struct sysctl_oid_list * 203.Fo SYSCTL_STATIC_CHILDREN 204.Fa "struct sysctl_oid_list OID_NAME" 205.Fc 206.Ft struct sysctl_oid_list * 207.Fo SYSCTL_NODE_CHILDREN 208.Fa "parent" 209.Fa "name" 210.Fc 211.Ft struct sysctl_oid * 212.Fo SYSCTL_PARENT 213.Fa "struct sysctl_oid *oid" 214.Fc 215.Fn SYSCTL_INT parent number name ctlflags ptr val descr 216.Fn SYSCTL_LONG parent number name ctlflags ptr val descr 217.Fn SYSCTL_NODE parent number name ctlflags handler descr 218.Fn SYSCTL_OPAQUE parent number name ctlflags ptr len format descr 219.Fn SYSCTL_PROC parent number name ctlflags arg1 arg2 handler format descr 220.Fn SYSCTL_QUAD parent number name ctlflags ptr val descr 221.Fn SYSCTL_STRING parent number name ctlflags arg len descr 222.Fn SYSCTL_STRUCT parent number name ctlflags ptr struct_type descr 223.Fn SYSCTL_ROOT_NODE number name ctlflags handler descr 224.Fn SYSCTL_UINT parent number name ctlflags ptr val descr 225.Fn SYSCTL_ULONG parent number name ctlflags ptr val descr 226.Fn SYSCTL_UQUAD parent number name ctlflags ptr val descr 227.Sh DESCRIPTION 228The 229.Nm SYSCTL 230kernel interface allows dynamic or static creation of 231.Xr sysctl 8 232MIB entries. 233All static sysctls are automatically destroyed when the module which 234they are part of is unloaded. 235Most top level categories are created statically and are available to 236all kernel code and its modules. 237.Sh DESCRIPTION OF ARGUMENTS 238.Bl -tag -width ctlflags 239.It Fa ctx 240Pointer to sysctl context or NULL, if no context. 241See 242.Xr sysctl_ctx_init 9 243for how to create a new sysctl context. 244Programmers are strongly advised to use contexts to organize the 245dynamic OIDs which they create because when a context is destroyed all 246belonging sysctls are destroyed as well. 247This makes the sysctl cleanup code much simpler. 248Else deletion of all created OIDs is required at module unload. 249.It Fa parent 250A pointer to a 251.Li struct sysctl_oid_list , 252which is the head of the parent's list of children. 253This pointer is retrieved using the 254.Fn SYSCTL_STATIC_CHILDREN 255macro for static sysctls and the 256.Fn SYSCTL_CHILDREN 257macro for dynamic sysctls. 258The 259.Fn SYSCTL_PARENT 260macro can be used to get the parent of an OID. 261The macro returns NULL if there is no parent. 262.It Fa number 263The OID number that will be assigned to this OID. 264In almost all cases this should be set to 265.Dv OID_AUTO , 266which will result in the assignment of the next available OID number. 267.It Fa name 268The name of the OID. 269The newly created OID will contain a copy of the name. 270.It Fa ctlflags 271A bit mask of sysctl control flags. 272See the section below describing all the control flags. 273.It Fa arg1 274First callback argument for procedure sysctls. 275.It Fa arg2 276Second callback argument for procedure sysctls. 277.It Fa len 278The length of the data pointed to by the 279.Fa ptr 280argument. 281For string type OIDs a length of zero means that 282.Xr strlen 3 283will be used to get the length of the string at each access to the OID. 284.It Fa ptr 285Pointer to sysctl variable or string data. 286For sysctl values the pointer can be NULL which means the OID is read-only and the returned value should be taken from the 287.Fa val 288argument. 289.It Fa val 290If the 291.Fa ptr 292argument is NULL, gives the constant value returned by this OID. 293Else this argument is not used. 294.It Fa struct_type 295Name of structure type. 296.It Fa handler 297A pointer to the function 298that is responsible for handling read and write requests 299to this OID. 300There are several standard handlers 301that support operations on nodes, 302integers, strings and opaque objects. 303It is possible to define custom handlers using the 304.Fn SYSCTL_PROC 305macro or the 306.Fn SYSCTL_ADD_PROC 307function. 308.It Fa format 309A pointer to a string 310which specifies the format of the OID in a symbolic way. 311This format is used as a hint by 312.Xr sysctl 8 313to apply proper data formatting for display purposes. 314Currently used format names are: 315.Dq N 316for node, 317.Dq A 318for 319.Li "char *" , 320.Dq I 321for 322.Li "int" , 323.Dq IU 324for 325.Li "unsigned int" , 326.Dq L 327for 328.Li "long" , 329.Dq LU 330for 331.Li "unsigned long" , 332.Dq Q 333for 334.Li "quad_t" , 335.Dq QU 336for 337.Li "u_quad_t" 338and 339.Dq S,TYPE 340for 341.Li "struct TYPE" 342structures. 343.It Fa descr 344A pointer to a textual description of the OID. 345.El 346.Sh CREATING ROOT NODES 347Sysctl MIBs or OIDs are created in a hierarchical tree. 348The nodes at the bottom of the tree are called root nodes, and have no 349parent OID. 350To create bottom tree nodes the 351.Fn SYSCTL_ROOT_NODE 352macro or the 353.Fn SYSCTL_ADD_ROOT_NODE 354function needs to be used. 355By default all static sysctl node OIDs are global and need a 356.Fn SYSCTL_DECL 357statement prior to their 358.Fn SYSCTL_NODE 359definition statement, typically in a so-called header file. 360.Sh CREATING SYSCTL STRINGS 361Zero terminated character strings sysctls are created either using the 362.Fn SYSCTL_STRING 363macro or the 364.Fn SYSCTL_ADD_STRING 365function. 366If the 367.Fa len 368argument in zero, the string length is computed at every access to the OID using 369.Xr strlen 3 . 370.Sh CREATING OPAQUE SYSCTLS 371The 372.Fn SYSCTL_OPAQUE 373or 374.Fn SYSCTL_STRUCT 375macros or the 376.Fn SYSCTL_ADD_OPAQUE 377or 378.Fn SYSCTL_ADD_STRUCT 379functions create an OID that handle any chunk of data 380of the size specified by the 381.Fa len 382argument and data pointed to by the 383.Fa ptr 384argument. 385When using the structure version the type is encoded as part of the 386created sysctl. 387.Sh CREATING CUSTOM SYSCTLS 388The 389.Fn SYSCTL_PROC 390macro and the 391.Fn SYSCTL_ADD_PROC 392function 393create OIDs with the specified 394.Pa handler 395function. 396The handler is responsible for handling all read and write requests to 397the OID. 398This OID type is especially useful if the kernel data is not easily 399accessible, or needs to be processed before exporting. 400.Sh CREATING A STATIC SYSCTL 401Static sysctls are declared using one of the 402.Fn SYSCTL_INT , 403.Fn SYSCTL_LONG , 404.Fn SYSCTL_NODE , 405.Fn SYSCTL_OPAQUE , 406.Fn SYSCTL_PROC , 407.Fn SYSCTL_QUAD , 408.Fn SYSCTL_ROOT_NODE , 409.Fn SYSCTL_STRING , 410.Fn SYSCTL_STRUCT , 411.Fn SYSCTL_UINT , 412.Fn SYSCTL_ULONG 413or 414.Fn SYSCTL_UQUAD 415macros. 416.Sh CREATING A DYNAMIC SYSCTL 417Dynamic nodes are created using one of the 418.Fn SYSCTL_ADD_INT , 419.Fn SYSCTL_ADD_LONG , 420.Fn SYSCTL_ADD_NODE , 421.Fn SYSCTL_ADD_OPAQUE , 422.Fn SYSCTL_ADD_PROC , 423.Fn SYSCTL_ADD_QUAD , 424.Fn SYSCTL_ADD_ROOT_NODE , 425.Fn SYSCTL_ADD_STRING , 426.Fn SYSCTL_ADD_STRUCT , 427.Fn SYSCTL_ADD_UINT , 428.Fn SYSCTL_ADD_ULONG 429or 430.Fn SYSCTL_UQUAD 431functions. 432See 433.Xr sysctl_remove_oid 9 434or 435.Xr sysctl_ctx_free 9 436for more information on how to destroy a dynamically created OID. 437.Sh CONTROL FLAGS 438For most of the above functions and macros, declaring a type as part 439of the access flags is not necessary \[em] however, when declaring a 440sysctl implemented by a function, including a type in the access mask 441is required: 442.Bl -tag -width ".Dv CTLTYPE_NOFETCH" 443.It Dv CTLTYPE_NODE 444This is a node intended to be a parent for other nodes. 445.It Dv CTLTYPE_INT 446This is a signed integer. 447.It Dv CTLTYPE_STRING 448This is a nul-terminated string stored in a character array. 449.It Dv CTLTYPE_S64 450This is a 64-bit signed integer. 451.It Dv CTLTYPE_OPAQUE 452This is an opaque data structure. 453.It Dv CTLTYPE_STRUCT 454Alias for 455.Dv CTLTYPE_OPAQUE . 456.It Dv CTLTYPE_UINT 457This is an unsigned integer. 458.It Dv CTLTYPE_LONG 459This is a signed long. 460.It Dv CTLTYPE_ULONG 461This is an unsigned long. 462.It Dv CTLTYPE_U64 463This is a 64-bit unsigned integer. 464.El 465.Pp 466All sysctl types except for new node declarations require one of the following 467flags to be set indicating the read and write disposition of the sysctl: 468.Bl -tag -width ".Dv CTLFLAG_ANYBODY" 469.It Dv CTLFLAG_RD 470This is a read-only sysctl. 471.It Dv CTLFLAG_RDTUN 472This is a read-only sysctl and tunable which is tried fetched once 473from the system enviroment early during module load or system boot. 474.It Dv CTLFLAG_WR 475This is a writable sysctl. 476.It Dv CTLFLAG_RW 477This sysctl is readable and writable. 478.It Dv CTLFLAG_RWTUN 479This is a readable and writeable sysctl and tunable which is tried 480fetched once from the system enviroment early during module load or 481system boot. 482.It Dv CTLFLAG_NOFETCH 483In case the node is marked as a tunable using the CTLFLAG_[XX]TUN, 484this flag will prevent fetching the initial value from the system 485environment. Typically this flag should only be used for very early 486low level system setup code, and not by common drivers and modules. 487.El 488.Pp 489Additionally, any of the following optional flags may also be specified: 490.Bl -tag -width ".Dv CTLFLAG_ANYBODY" 491.It Dv CTLFLAG_ANYBODY 492Any user or process can write to this sysctl. 493.It Dv CTLFLAG_SECURE 494This sysctl can be written to only if the effective securelevel of the 495process is \[<=] 0. 496.It Dv CTLFLAG_PRISON 497This sysctl can be written to by processes in 498.Xr jail 2 . 499.It Dv CTLFLAG_SKIP 500When iterating the sysctl name space, do not list this sysctl. 501.It Dv CTLFLAG_TUN 502Advisory flag that a system tunable also exists for this variable. 503The initial sysctl value is tried fetched once from the system 504enviroment early during module load or system boot. 505.It Dv CTLFLAG_DYN 506Dynamically created OIDs automatically get this flag set. 507.It Dv CTLFLAG_VNET 508OID references a VIMAGE-enabled variable. 509.El 510.Sh EXAMPLES 511Sample use of 512.Fn SYSCTL_DECL 513to declare the 514.Va security 515sysctl tree for use by new nodes: 516.Bd -literal -offset indent 517SYSCTL_DECL(_security); 518.Ed 519.Pp 520Examples of integer, opaque, string, and procedure sysctls follow: 521.Bd -literal -offset indent 522/* 523 * Example of a constant integer value. Notice that the control 524 * flags are CTLFLAG_RD, the variable pointer is NULL, and the 525 * value is declared. 526 */ 527SYSCTL_INT(_debug_sizeof, OID_AUTO, bio, CTLFLAG_RD, NULL, 528 sizeof(struct bio), "sizeof(struct bio)"); 529 530/* 531 * Example of a variable integer value. Notice that the control 532 * flags are CTLFLAG_RW, the variable pointer is set, and the 533 * value is 0. 534 */ 535static int doingcache = 1; /* 1 => enable the cache */ 536SYSCTL_INT(_debug, OID_AUTO, vfscache, CTLFLAG_RW, &doingcache, 0, 537 "Enable name cache"); 538 539/* 540 * Example of a variable string value. Notice that the control 541 * flags are CTLFLAG_RW, that the variable pointer and string 542 * size are set. Unlike newer sysctls, this older sysctl uses a 543 * static oid number. 544 */ 545char kernelname[MAXPATHLEN] = "/kernel"; /* XXX bloat */ 546SYSCTL_STRING(_kern, KERN_BOOTFILE, bootfile, CTLFLAG_RW, 547 kernelname, sizeof(kernelname), "Name of kernel file booted"); 548 549/* 550 * Example of an opaque data type exported by sysctl. Notice that 551 * the variable pointer and size are provided, as well as a format 552 * string for sysctl(8). 553 */ 554static l_fp pps_freq; /* scaled frequence offset (ns/s) */ 555SYSCTL_OPAQUE(_kern_ntp_pll, OID_AUTO, pps_freq, CTLFLAG_RD, 556 &pps_freq, sizeof(pps_freq), "I", ""); 557 558/* 559 * Example of a procedure based sysctl exporting string 560 * information. Notice that the data type is declared, the NULL 561 * variable pointer and 0 size, the function pointer, and the 562 * format string for sysctl(8). 563 */ 564SYSCTL_PROC(_kern_timecounter, OID_AUTO, hardware, CTLTYPE_STRING | 565 CTLFLAG_RW, NULL, 0, sysctl_kern_timecounter_hardware, "A", 566 ""); 567.Ed 568.Pp 569The following is an example of 570how to create a new top-level category 571and how to hook up another subtree to an existing static node. 572This example does not use contexts, 573which results in tedious management of all intermediate oids, 574as they need to be freed later on: 575.Bd -literal -offset indent 576#include <sys/sysctl.h> 577 ... 578/* 579 * Need to preserve pointers to newly created subtrees, 580 * to be able to free them later: 581 */ 582static struct sysctl_oid *root1; 583static struct sysctl_oid *root2; 584static struct sysctl_oid *oidp; 585static int a_int; 586static char *string = "dynamic sysctl"; 587 ... 588 589root1 = SYSCTL_ADD_ROOT_NODE(NULL, 590 OID_AUTO, "newtree", CTLFLAG_RW, 0, "new top level tree"); 591oidp = SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(root1), 592 OID_AUTO, "newint", CTLFLAG_RW, &a_int, 0, "new int leaf"); 593 ... 594root2 = SYSCTL_ADD_NODE(NULL, SYSCTL_STATIC_CHILDREN(_debug), 595 OID_AUTO, "newtree", CTLFLAG_RW, 0, "new tree under debug"); 596oidp = SYSCTL_ADD_STRING(NULL, SYSCTL_CHILDREN(root2), 597 OID_AUTO, "newstring", CTLFLAG_RD, string, 0, "new string leaf"); 598.Ed 599.Pp 600This example creates the following subtrees: 601.Bd -literal -offset indent 602debug.newtree.newstring 603newtree.newint 604.Ed 605.Pp 606.Em "Care should be taken to free all OIDs once they are no longer needed!" 607.Sh SYSCTL NAMING 608When adding, modifying, or removing sysctl names, it is important to be 609aware that these interfaces may be used by users, libraries, applications, 610or documentation (such as published books), and are implicitly published application interfaces. 611As with other application interfaces, caution must be taken not to break 612existing applications, and to think about future use of new name spaces so as 613to avoid the need to rename or remove interfaces that might be depended on in 614the future. 615.Pp 616The semantics chosen for a new sysctl should be as clear as possible, 617and the name of the sysctl must closely reflect its semantics. 618Therefore the sysctl name deserves a fair amount of consideration. 619It should be short but yet representative of the sysctl meaning. 620If the name consists of several words, they should be separated by 621underscore characters, as in 622.Va compute_summary_at_mount . 623Underscore characters may be omitted only if the name consists of not more 624than two words, each being not longer than four characters, as in 625.Va bootfile . 626For boolean sysctls, negative logic should be totally avoided. 627That is, do not use names like 628.Va no_foobar 629or 630.Va foobar_disable . 631They are confusing and lead to configuration errors. 632Use positive logic instead: 633.Va foobar , 634.Va foobar_enable . 635.Pp 636A temporary sysctl node OID that should not be relied upon must be designated 637as such by a leading underscore character in its name. For example: 638.Va _dirty_hack . 639.Sh SEE ALSO 640.Xr sysctl 3 , 641.Xr sysctl 8 , 642.Xr sysctl_add_oid 9 , 643.Xr sysctl_ctx_free 9 , 644.Xr sysctl_ctx_init 9 , 645.Xr sysctl_remove_oid 9 646.Sh HISTORY 647The 648.Xr sysctl 8 649utility first appeared in 650.Bx 4.4 . 651.Sh AUTHORS 652.An -nosplit 653The 654.Nm sysctl 655implementation originally found in 656.Bx 657has been extensively rewritten by 658.An Poul-Henning Kamp 659in order to add support for name lookups, name space iteration, and dynamic 660addition of MIB nodes. 661.Pp 662This man page was written by 663.An Robert N. M. Watson . 664.Sh SECURITY CONSIDERATIONS 665When creating new sysctls, careful attention should be paid to the security 666implications of the monitoring or management interface being created. 667Most sysctls present in the kernel are read-only or writable only by the 668superuser. 669Sysctls exporting extensive information on system data structures and 670operation, especially those implemented using procedures, will wish to 671implement access control to limit the undesired exposure of information about 672other processes, network connections, etc. 673.Pp 674The following top level sysctl name spaces are commonly used: 675.Bl -tag -width ".Va regression" 676.It Va compat 677Compatibility layer information. 678.It Va debug 679Debugging information. 680Various name spaces exist under 681.Va debug . 682.It Va hw 683Hardware and device driver information. 684.It Va kern 685Kernel behavior tuning; generally deprecated in favor of more specific 686name spaces. 687.It Va machdep 688Machine-dependent configuration parameters. 689.It Va net 690Network subsystem. 691Various protocols have name spaces under 692.Va net . 693.It Va regression 694Regression test configuration and information. 695.It Va security 696Security and security-policy configuration and information. 697.It Va sysctl 698Reserved name space for the implementation of sysctl. 699.It Va user 700Configuration settings relating to user application behavior. 701Generally, configuring applications using kernel sysctls is discouraged. 702.It Va vfs 703Virtual file system configuration and information. 704.It Va vm 705Virtual memory subsystem configuration and information. 706.El 707