1.\" 2.\" Copyright (c) 2006 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $FreeBSD$ 27.\" 28.Dd October 20, 2014 29.Dt SYSCTL 9 30.Os 31.Sh NAME 32.Nm SYSCTL_DECL , 33.Nm SYSCTL_ADD_INT , 34.Nm SYSCTL_ADD_LONG , 35.Nm SYSCTL_ADD_NODE , 36.Nm SYSCTL_ADD_OPAQUE , 37.Nm SYSCTL_ADD_PROC , 38.Nm SYSCTL_ADD_QUAD , 39.Nm SYSCTL_ADD_ROOT_NODE , 40.Nm SYSCTL_ADD_STRING , 41.Nm SYSCTL_ADD_STRUCT , 42.Nm SYSCTL_ADD_UAUTO , 43.Nm SYSCTL_ADD_UINT , 44.Nm SYSCTL_ADD_ULONG , 45.Nm SYSCTL_ADD_UQUAD , 46.Nm SYSCTL_CHILDREN , 47.Nm SYSCTL_STATIC_CHILDREN , 48.Nm SYSCTL_NODE_CHILDREN , 49.Nm SYSCTL_PARENT , 50.Nm SYSCTL_INT , 51.Nm SYSCTL_LONG , 52.Nm SYSCTL_NODE , 53.Nm SYSCTL_OPAQUE , 54.Nm SYSCTL_PROC , 55.Nm SYSCTL_QUAD , 56.Nm SYSCTL_ROOT_NODE , 57.Nm SYSCTL_STRING , 58.Nm SYSCTL_STRUCT , 59.Nm SYSCTL_UINT , 60.Nm SYSCTL_ULONG , 61.Nm SYSCTL_UQUAD 62.Nd Dynamic and static sysctl MIB creation functions 63.Sh SYNOPSIS 64.In sys/types.h 65.In sys/sysctl.h 66.Fn SYSCTL_DECL name 67.Ft struct sysctl_oid * 68.Fo SYSCTL_ADD_INT 69.Fa "struct sysctl_ctx_list *ctx" 70.Fa "struct sysctl_oid_list *parent" 71.Fa "int number" 72.Fa "const char *name" 73.Fa "int ctlflags" 74.Fa "int *ptr" 75.Fa "intptr_t val" 76.Fa "const char *descr" 77.Fc 78.Ft struct sysctl_oid * 79.Fo SYSCTL_ADD_LONG 80.Fa "struct sysctl_ctx_list *ctx" 81.Fa "struct sysctl_oid_list *parent" 82.Fa "int number" 83.Fa "const char *name" 84.Fa "int ctlflags" 85.Fa "long *ptr" 86.Fa "const char *descr" 87.Fc 88.Ft struct sysctl_oid * 89.Fo SYSCTL_ADD_NODE 90.Fa "struct sysctl_ctx_list *ctx" 91.Fa "struct sysctl_oid_list *parent" 92.Fa "int number" 93.Fa "const char *name" 94.Fa "int ctlflags" 95.Fa "int (*handler)(SYSCTL_HANDLER_ARGS)" 96.Fa "const char *descr" 97.Fc 98.Ft struct sysctl_oid * 99.Fo SYSCTL_ADD_OPAQUE 100.Fa "struct sysctl_ctx_list *ctx" 101.Fa "struct sysctl_oid_list *parent" 102.Fa "int number" 103.Fa "const char *name" 104.Fa "int ctlflags" 105.Fa "void *ptr" 106.Fa "intptr_t len" 107.Fa "const char *format" 108.Fa "const char *descr" 109.Fc 110.Ft struct sysctl_oid * 111.Fo SYSCTL_ADD_PROC 112.Fa "struct sysctl_ctx_list *ctx" 113.Fa "struct sysctl_oid_list *parent" 114.Fa "int number" 115.Fa "const char *name" 116.Fa "int ctlflags" 117.Fa "void *arg1" 118.Fa "intptr_t arg2" 119.Fa "int (*handler) (SYSCTL_HANDLERARGS)" 120.Fa "const char *format" 121.Fa "const char *descr" 122.Fc 123.Ft struct sysctl_oid * 124.Fo SYSCTL_ADD_QUAD 125.Fa "struct sysctl_ctx_list *ctx" 126.Fa "struct sysctl_oid_list *parent" 127.Fa "int number" 128.Fa "const char *name" 129.Fa "int ctlflags" 130.Fa "quad_t *ptr" 131.Fa "const char *descr" 132.Fc 133.Ft struct sysctl_oid * 134.Fo SYSCTL_ADD_ROOT_NODE 135.Fa "struct sysctl_ctx_list *ctx" 136.Fa "int number" 137.Fa "const char *name" 138.Fa "int ctlflags" 139.Fa "int (*handler)(SYSCTL_HANDLER_ARGS)" 140.Fa "const char *descr" 141.Fc 142.Ft struct sysctl_oid * 143.Fo SYSCTL_ADD_STRING 144.Fa "struct sysctl_ctx_list *ctx" 145.Fa "struct sysctl_oid_list *parent" 146.Fa "int number" 147.Fa "const char *name" 148.Fa "int ctlflags" 149.Fa "char *ptr" 150.Fa "intptr_t len" 151.Fa "const char *descr" 152.Fc 153.Ft struct sysctl_oid * 154.Fo SYSCTL_ADD_STRUCT 155.Fa "struct sysctl_ctx_list *ctx" 156.Fa "struct sysctl_oid_list *parent" 157.Fa "int number" 158.Fa "const char *name" 159.Fa "int ctlflags" 160.Fa "void *ptr" 161.Fa struct_type 162.Fa "const char *descr" 163.Fc 164.Ft struct sysctl_oid * 165.Fo SYSCTL_ADD_UINT 166.Fa "struct sysctl_ctx_list *ctx" 167.Fa "struct sysctl_oid_list *parent" 168.Fa "int number" 169.Fa "const char *name" 170.Fa "int ctlflags" 171.Fa "unsigned int *ptr" 172.Fa "intptr_t val" 173.Fa "const char *descr" 174.Fc 175.Ft struct sysctl_oid * 176.Fo SYSCTL_ADD_ULONG 177.Fa "struct sysctl_ctx_list *ctx" 178.Fa "struct sysctl_oid_list *parent" 179.Fa "int number" 180.Fa "const char *name" 181.Fa "int ctlflags" 182.Fa "unsigned long *ptr" 183.Fa "const char *descr" 184.Fc 185.Ft struct sysctl_oid * 186.Fo SYSCTL_ADD_UQUAD 187.Fa "struct sysctl_ctx_list *ctx" 188.Fa "struct sysctl_oid_list *parent" 189.Fa "int number" 190.Fa "const char *name" 191.Fa "int ctlflags" 192.Fa "u_quad_t *ptr" 193.Fa "const char *descr" 194.Fc 195.Ft struct sysctl_oid * 196.Fo SYSCTL_ADD_UAUTO 197.Fa "struct sysctl_ctx_list *ctx" 198.Fa "struct sysctl_oid_list *parent" 199.Fa "int number" 200.Fa "const char *name" 201.Fa "int ctlflags" 202.Fa "void *ptr" 203.Fa "const char *descr" 204.Fc 205.Ft struct sysctl_oid_list * 206.Fo SYSCTL_CHILDREN 207.Fa "struct sysctl_oid *oidp" 208.Fc 209.Ft struct sysctl_oid_list * 210.Fo SYSCTL_STATIC_CHILDREN 211.Fa "struct sysctl_oid_list OID_NAME" 212.Fc 213.Ft struct sysctl_oid_list * 214.Fo SYSCTL_NODE_CHILDREN 215.Fa "parent" 216.Fa "name" 217.Fc 218.Ft struct sysctl_oid * 219.Fo SYSCTL_PARENT 220.Fa "struct sysctl_oid *oid" 221.Fc 222.Fn SYSCTL_INT parent number name ctlflags ptr val descr 223.Fn SYSCTL_LONG parent number name ctlflags ptr val descr 224.Fn SYSCTL_NODE parent number name ctlflags handler descr 225.Fn SYSCTL_OPAQUE parent number name ctlflags ptr len format descr 226.Fn SYSCTL_PROC parent number name ctlflags arg1 arg2 handler format descr 227.Fn SYSCTL_QUAD parent number name ctlflags ptr val descr 228.Fn SYSCTL_STRING parent number name ctlflags arg len descr 229.Fn SYSCTL_STRUCT parent number name ctlflags ptr struct_type descr 230.Fn SYSCTL_ROOT_NODE number name ctlflags handler descr 231.Fn SYSCTL_UINT parent number name ctlflags ptr val descr 232.Fn SYSCTL_ULONG parent number name ctlflags ptr val descr 233.Fn SYSCTL_UQUAD parent number name ctlflags ptr val descr 234.Sh DESCRIPTION 235The 236.Nm SYSCTL 237kernel interface allows dynamic or static creation of 238.Xr sysctl 8 239MIB entries. 240All static sysctls are automatically destroyed when the module which 241they are part of is unloaded. 242Most top level categories are created statically and are available to 243all kernel code and its modules. 244.Sh DESCRIPTION OF ARGUMENTS 245.Bl -tag -width ctlflags 246.It Fa ctx 247Pointer to sysctl context or NULL, if no context. 248See 249.Xr sysctl_ctx_init 9 250for how to create a new sysctl context. 251Programmers are strongly advised to use contexts to organize the 252dynamic OIDs which they create because when a context is destroyed all 253belonging sysctls are destroyed as well. 254This makes the sysctl cleanup code much simpler. 255Else deletion of all created OIDs is required at module unload. 256.It Fa parent 257A pointer to a 258.Li struct sysctl_oid_list , 259which is the head of the parent's list of children. 260This pointer is retrieved using the 261.Fn SYSCTL_STATIC_CHILDREN 262macro for static sysctls and the 263.Fn SYSCTL_CHILDREN 264macro for dynamic sysctls. 265The 266.Fn SYSCTL_PARENT 267macro can be used to get the parent of an OID. 268The macro returns NULL if there is no parent. 269.It Fa number 270The OID number that will be assigned to this OID. 271In almost all cases this should be set to 272.Dv OID_AUTO , 273which will result in the assignment of the next available OID number. 274.It Fa name 275The name of the OID. 276The newly created OID will contain a copy of the name. 277.It Fa ctlflags 278A bit mask of sysctl control flags. 279See the section below describing all the control flags. 280.It Fa arg1 281First callback argument for procedure sysctls. 282.It Fa arg2 283Second callback argument for procedure sysctls. 284.It Fa len 285The length of the data pointed to by the 286.Fa ptr 287argument. 288For string type OIDs a length of zero means that 289.Xr strlen 3 290will be used to get the length of the string at each access to the OID. 291.It Fa ptr 292Pointer to sysctl variable or string data. 293For sysctl values the pointer can be SYSCTL_NULL_XXX_PTR which means the OID is read-only and the returned value should be taken from the 294.Fa val 295argument. 296.It Fa val 297If the 298.Fa ptr 299argument is SYSCTL_NULL_XXX_PTR, gives the constant value returned by this OID. 300Else this argument is not used. 301.It Fa struct_type 302Name of structure type. 303.It Fa handler 304A pointer to the function 305that is responsible for handling read and write requests 306to this OID. 307There are several standard handlers 308that support operations on nodes, 309integers, strings and opaque objects. 310It is possible to define custom handlers using the 311.Fn SYSCTL_PROC 312macro or the 313.Fn SYSCTL_ADD_PROC 314function. 315.It Fa format 316A pointer to a string 317which specifies the format of the OID in a symbolic way. 318This format is used as a hint by 319.Xr sysctl 8 320to apply proper data formatting for display purposes. 321Currently used format names are: 322.Dq N 323for node, 324.Dq A 325for 326.Li "char *" , 327.Dq I 328for 329.Li "int" , 330.Dq IU 331for 332.Li "unsigned int" , 333.Dq L 334for 335.Li "long" , 336.Dq LU 337for 338.Li "unsigned long" , 339.Dq Q 340for 341.Li "quad_t" , 342.Dq QU 343for 344.Li "u_quad_t" 345and 346.Dq S,TYPE 347for 348.Li "struct TYPE" 349structures. 350.It Fa descr 351A pointer to a textual description of the OID. 352.El 353.Sh CREATING ROOT NODES 354Sysctl MIBs or OIDs are created in a hierarchical tree. 355The nodes at the bottom of the tree are called root nodes, and have no 356parent OID. 357To create bottom tree nodes the 358.Fn SYSCTL_ROOT_NODE 359macro or the 360.Fn SYSCTL_ADD_ROOT_NODE 361function needs to be used. 362By default all static sysctl node OIDs are global and need a 363.Fn SYSCTL_DECL 364statement prior to their 365.Fn SYSCTL_NODE 366definition statement, typically in a so-called header file. 367.Sh CREATING SYSCTL STRINGS 368Zero terminated character strings sysctls are created either using the 369.Fn SYSCTL_STRING 370macro or the 371.Fn SYSCTL_ADD_STRING 372function. 373If the 374.Fa len 375argument in zero, the string length is computed at every access to the OID using 376.Xr strlen 3 . 377.Sh CREATING OPAQUE SYSCTLS 378The 379.Fn SYSCTL_OPAQUE 380or 381.Fn SYSCTL_STRUCT 382macros or the 383.Fn SYSCTL_ADD_OPAQUE 384or 385.Fn SYSCTL_ADD_STRUCT 386functions create an OID that handle any chunk of data 387of the size specified by the 388.Fa len 389argument and data pointed to by the 390.Fa ptr 391argument. 392When using the structure version the type is encoded as part of the 393created sysctl. 394.Sh CREATING CUSTOM SYSCTLS 395The 396.Fn SYSCTL_PROC 397macro and the 398.Fn SYSCTL_ADD_PROC 399function 400create OIDs with the specified 401.Pa handler 402function. 403The handler is responsible for handling all read and write requests to 404the OID. 405This OID type is especially useful if the kernel data is not easily 406accessible, or needs to be processed before exporting. 407.Sh CREATING A STATIC SYSCTL 408Static sysctls are declared using one of the 409.Fn SYSCTL_INT , 410.Fn SYSCTL_LONG , 411.Fn SYSCTL_NODE , 412.Fn SYSCTL_OPAQUE , 413.Fn SYSCTL_PROC , 414.Fn SYSCTL_QUAD , 415.Fn SYSCTL_ROOT_NODE , 416.Fn SYSCTL_STRING , 417.Fn SYSCTL_STRUCT , 418.Fn SYSCTL_UINT , 419.Fn SYSCTL_ULONG 420or 421.Fn SYSCTL_UQUAD 422macros. 423.Sh CREATING A DYNAMIC SYSCTL 424Dynamic nodes are created using one of the 425.Fn SYSCTL_ADD_INT , 426.Fn SYSCTL_ADD_LONG , 427.Fn SYSCTL_ADD_NODE , 428.Fn SYSCTL_ADD_OPAQUE , 429.Fn SYSCTL_ADD_PROC , 430.Fn SYSCTL_ADD_QUAD , 431.Fn SYSCTL_ADD_ROOT_NODE , 432.Fn SYSCTL_ADD_STRING , 433.Fn SYSCTL_ADD_STRUCT , 434.Fn SYSCTL_ADD_UAUTO , 435.Fn SYSCTL_ADD_UINT , 436.Fn SYSCTL_ADD_ULONG , 437or 438.Fn SYSCTL_UQUAD 439functions. 440See 441.Xr sysctl_remove_oid 9 442or 443.Xr sysctl_ctx_free 9 444for more information on how to destroy a dynamically created OID. 445.Sh CONTROL FLAGS 446For most of the above functions and macros, declaring a type as part 447of the access flags is not necessary \[em] however, when declaring a 448sysctl implemented by a function, including a type in the access mask 449is required: 450.Bl -tag -width ".Dv CTLTYPE_NOFETCH" 451.It Dv CTLTYPE_NODE 452This is a node intended to be a parent for other nodes. 453.It Dv CTLTYPE_INT 454This is a signed integer. 455.It Dv CTLTYPE_STRING 456This is a nul-terminated string stored in a character array. 457.It Dv CTLTYPE_S64 458This is a 64-bit signed integer. 459.It Dv CTLTYPE_OPAQUE 460This is an opaque data structure. 461.It Dv CTLTYPE_STRUCT 462Alias for 463.Dv CTLTYPE_OPAQUE . 464.It Dv CTLTYPE_UINT 465This is an unsigned integer. 466.It Dv CTLTYPE_LONG 467This is a signed long. 468.It Dv CTLTYPE_ULONG 469This is an unsigned long. 470.It Dv CTLTYPE_U64 471This is a 64-bit unsigned integer. 472.El 473.Pp 474All sysctl types except for new node declarations require one of the following 475flags to be set indicating the read and write disposition of the sysctl: 476.Bl -tag -width ".Dv CTLFLAG_ANYBODY" 477.It Dv CTLFLAG_RD 478This is a read-only sysctl. 479.It Dv CTLFLAG_RDTUN 480This is a read-only sysctl and tunable which is tried fetched once 481from the system enviroment early during module load or system boot. 482.It Dv CTLFLAG_WR 483This is a writable sysctl. 484.It Dv CTLFLAG_RW 485This sysctl is readable and writable. 486.It Dv CTLFLAG_RWTUN 487This is a readable and writeable sysctl and tunable which is tried 488fetched once from the system enviroment early during module load or 489system boot. 490.It Dv CTLFLAG_NOFETCH 491In case the node is marked as a tunable using the CTLFLAG_[XX]TUN, 492this flag will prevent fetching the initial value from the system 493environment. Typically this flag should only be used for very early 494low level system setup code, and not by common drivers and modules. 495.El 496.Pp 497Additionally, any of the following optional flags may also be specified: 498.Bl -tag -width ".Dv CTLFLAG_ANYBODY" 499.It Dv CTLFLAG_ANYBODY 500Any user or process can write to this sysctl. 501.It Dv CTLFLAG_SECURE 502This sysctl can be written to only if the effective securelevel of the 503process is \[<=] 0. 504.It Dv CTLFLAG_PRISON 505This sysctl can be written to by processes in 506.Xr jail 2 . 507.It Dv CTLFLAG_SKIP 508When iterating the sysctl name space, do not list this sysctl. 509.It Dv CTLFLAG_TUN 510Advisory flag that a system tunable also exists for this variable. 511The initial sysctl value is tried fetched once from the system 512enviroment early during module load or system boot. 513.It Dv CTLFLAG_DYN 514Dynamically created OIDs automatically get this flag set. 515.It Dv CTLFLAG_VNET 516OID references a VIMAGE-enabled variable. 517.El 518.Sh EXAMPLES 519Sample use of 520.Fn SYSCTL_DECL 521to declare the 522.Va security 523sysctl tree for use by new nodes: 524.Bd -literal -offset indent 525SYSCTL_DECL(_security); 526.Ed 527.Pp 528Examples of integer, opaque, string, and procedure sysctls follow: 529.Bd -literal -offset indent 530/* 531 * Example of a constant integer value. Notice that the control 532 * flags are CTLFLAG_RD, the variable pointer is SYSCTL_NULL_INT_PTR, 533 * and the value is declared. 534 */ 535SYSCTL_INT(_debug_sizeof, OID_AUTO, bio, CTLFLAG_RD, SYSCTL_NULL_INT_PTR, 536 sizeof(struct bio), "sizeof(struct bio)"); 537 538/* 539 * Example of a variable integer value. Notice that the control 540 * flags are CTLFLAG_RW, the variable pointer is set, and the 541 * value is 0. 542 */ 543static int doingcache = 1; /* 1 => enable the cache */ 544SYSCTL_INT(_debug, OID_AUTO, vfscache, CTLFLAG_RW, &doingcache, 0, 545 "Enable name cache"); 546 547/* 548 * Example of a variable string value. Notice that the control 549 * flags are CTLFLAG_RW, that the variable pointer and string 550 * size are set. Unlike newer sysctls, this older sysctl uses a 551 * static oid number. 552 */ 553char kernelname[MAXPATHLEN] = "/kernel"; /* XXX bloat */ 554SYSCTL_STRING(_kern, KERN_BOOTFILE, bootfile, CTLFLAG_RW, 555 kernelname, sizeof(kernelname), "Name of kernel file booted"); 556 557/* 558 * Example of an opaque data type exported by sysctl. Notice that 559 * the variable pointer and size are provided, as well as a format 560 * string for sysctl(8). 561 */ 562static l_fp pps_freq; /* scaled frequence offset (ns/s) */ 563SYSCTL_OPAQUE(_kern_ntp_pll, OID_AUTO, pps_freq, CTLFLAG_RD, 564 &pps_freq, sizeof(pps_freq), "I", ""); 565 566/* 567 * Example of a procedure based sysctl exporting string 568 * information. Notice that the data type is declared, the NULL 569 * variable pointer and 0 size, the function pointer, and the 570 * format string for sysctl(8). 571 */ 572SYSCTL_PROC(_kern_timecounter, OID_AUTO, hardware, CTLTYPE_STRING | 573 CTLFLAG_RW, NULL, 0, sysctl_kern_timecounter_hardware, "A", 574 ""); 575.Ed 576.Pp 577The following is an example of 578how to create a new top-level category 579and how to hook up another subtree to an existing static node. 580This example does not use contexts, 581which results in tedious management of all intermediate oids, 582as they need to be freed later on: 583.Bd -literal -offset indent 584#include <sys/sysctl.h> 585 ... 586/* 587 * Need to preserve pointers to newly created subtrees, 588 * to be able to free them later: 589 */ 590static struct sysctl_oid *root1; 591static struct sysctl_oid *root2; 592static struct sysctl_oid *oidp; 593static int a_int; 594static char *string = "dynamic sysctl"; 595 ... 596 597root1 = SYSCTL_ADD_ROOT_NODE(NULL, 598 OID_AUTO, "newtree", CTLFLAG_RW, 0, "new top level tree"); 599oidp = SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(root1), 600 OID_AUTO, "newint", CTLFLAG_RW, &a_int, 0, "new int leaf"); 601 ... 602root2 = SYSCTL_ADD_NODE(NULL, SYSCTL_STATIC_CHILDREN(_debug), 603 OID_AUTO, "newtree", CTLFLAG_RW, 0, "new tree under debug"); 604oidp = SYSCTL_ADD_STRING(NULL, SYSCTL_CHILDREN(root2), 605 OID_AUTO, "newstring", CTLFLAG_RD, string, 0, "new string leaf"); 606.Ed 607.Pp 608This example creates the following subtrees: 609.Bd -literal -offset indent 610debug.newtree.newstring 611newtree.newint 612.Ed 613.Pp 614.Em "Care should be taken to free all OIDs once they are no longer needed!" 615.Sh SYSCTL NAMING 616When adding, modifying, or removing sysctl names, it is important to be 617aware that these interfaces may be used by users, libraries, applications, 618or documentation (such as published books), and are implicitly published application interfaces. 619As with other application interfaces, caution must be taken not to break 620existing applications, and to think about future use of new name spaces so as 621to avoid the need to rename or remove interfaces that might be depended on in 622the future. 623.Pp 624The semantics chosen for a new sysctl should be as clear as possible, 625and the name of the sysctl must closely reflect its semantics. 626Therefore the sysctl name deserves a fair amount of consideration. 627It should be short but yet representative of the sysctl meaning. 628If the name consists of several words, they should be separated by 629underscore characters, as in 630.Va compute_summary_at_mount . 631Underscore characters may be omitted only if the name consists of not more 632than two words, each being not longer than four characters, as in 633.Va bootfile . 634For boolean sysctls, negative logic should be totally avoided. 635That is, do not use names like 636.Va no_foobar 637or 638.Va foobar_disable . 639They are confusing and lead to configuration errors. 640Use positive logic instead: 641.Va foobar , 642.Va foobar_enable . 643.Pp 644A temporary sysctl node OID that should not be relied upon must be designated 645as such by a leading underscore character in its name. For example: 646.Va _dirty_hack . 647.Sh SEE ALSO 648.Xr sysctl 3 , 649.Xr sysctl 8 , 650.Xr sysctl_add_oid 9 , 651.Xr sysctl_ctx_free 9 , 652.Xr sysctl_ctx_init 9 , 653.Xr sysctl_remove_oid 9 654.Sh HISTORY 655The 656.Xr sysctl 8 657utility first appeared in 658.Bx 4.4 . 659.Sh AUTHORS 660.An -nosplit 661The 662.Nm sysctl 663implementation originally found in 664.Bx 665has been extensively rewritten by 666.An Poul-Henning Kamp 667in order to add support for name lookups, name space iteration, and dynamic 668addition of MIB nodes. 669.Pp 670This man page was written by 671.An Robert N. M. Watson . 672.Sh SECURITY CONSIDERATIONS 673When creating new sysctls, careful attention should be paid to the security 674implications of the monitoring or management interface being created. 675Most sysctls present in the kernel are read-only or writable only by the 676superuser. 677Sysctls exporting extensive information on system data structures and 678operation, especially those implemented using procedures, will wish to 679implement access control to limit the undesired exposure of information about 680other processes, network connections, etc. 681.Pp 682The following top level sysctl name spaces are commonly used: 683.Bl -tag -width ".Va regression" 684.It Va compat 685Compatibility layer information. 686.It Va debug 687Debugging information. 688Various name spaces exist under 689.Va debug . 690.It Va hw 691Hardware and device driver information. 692.It Va kern 693Kernel behavior tuning; generally deprecated in favor of more specific 694name spaces. 695.It Va machdep 696Machine-dependent configuration parameters. 697.It Va net 698Network subsystem. 699Various protocols have name spaces under 700.Va net . 701.It Va regression 702Regression test configuration and information. 703.It Va security 704Security and security-policy configuration and information. 705.It Va sysctl 706Reserved name space for the implementation of sysctl. 707.It Va user 708Configuration settings relating to user application behavior. 709Generally, configuring applications using kernel sysctls is discouraged. 710.It Va vfs 711Virtual file system configuration and information. 712.It Va vm 713Virtual memory subsystem configuration and information. 714.El 715