1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1982, 1986, 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Mike Karels at Berkeley Software Design, Inc. 9 * 10 * Quite extensively rewritten by Poul-Henning Kamp of the FreeBSD 11 * project, to make these variables more userfriendly. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 3. Neither the name of the University nor the names of its contributors 22 * may be used to endorse or promote products derived from this software 23 * without specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 */ 37 38 #include <sys/cdefs.h> 39 #include "opt_posix.h" 40 #include "opt_config.h" 41 42 #include <sys/param.h> 43 #include <sys/boot.h> 44 #include <sys/elf.h> 45 #include <sys/jail.h> 46 #include <sys/kernel.h> 47 #include <sys/limits.h> 48 #include <sys/lock.h> 49 #include <sys/mutex.h> 50 #include <sys/proc.h> 51 #include <sys/random.h> 52 #include <sys/sbuf.h> 53 #include <sys/smp.h> 54 #include <sys/sx.h> 55 #include <sys/sysent.h> 56 #include <sys/vmmeter.h> 57 #include <sys/sysctl.h> 58 #include <sys/systm.h> 59 #include <sys/unistd.h> 60 61 SYSCTL_ROOT_NODE(0, sysctl, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 62 "Sysctl internal magic"); 63 SYSCTL_ROOT_NODE(CTL_KERN, kern, CTLFLAG_RW | CTLFLAG_CAPRD | CTLFLAG_MPSAFE, 0, 64 "High kernel, proc, limits &c"); 65 SYSCTL_ROOT_NODE(CTL_VM, vm, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 66 "Virtual memory"); 67 SYSCTL_ROOT_NODE(CTL_VFS, vfs, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 68 "File system"); 69 SYSCTL_ROOT_NODE(CTL_NET, net, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 70 "Network, (see socket.h)"); 71 SYSCTL_ROOT_NODE(CTL_DEBUG, debug, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 72 "Debugging"); 73 SYSCTL_NODE(_debug, OID_AUTO, sizeof, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 74 "Sizeof various things"); 75 SYSCTL_ROOT_NODE(CTL_HW, hw, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 76 "hardware"); 77 SYSCTL_ROOT_NODE(CTL_MACHDEP, machdep, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 78 "machine dependent"); 79 SYSCTL_NODE(_machdep, OID_AUTO, mitigations, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 80 "Machine dependent platform mitigations."); 81 SYSCTL_ROOT_NODE(CTL_USER, user, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 82 "user-level"); 83 SYSCTL_ROOT_NODE(CTL_P1003_1B, p1003_1b, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 84 "p1003_1b, (see p1003_1b.h)"); 85 86 SYSCTL_ROOT_NODE(OID_AUTO, compat, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 87 "Compatibility code"); 88 SYSCTL_ROOT_NODE(OID_AUTO, security, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 89 "Security"); 90 #ifdef REGRESSION 91 SYSCTL_ROOT_NODE(OID_AUTO, regression, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 92 "Regression test MIB"); 93 #endif 94 95 SYSCTL_STRING(_kern, OID_AUTO, ident, CTLFLAG_RD, 96 kern_ident, 0, "Kernel identifier"); 97 98 SYSCTL_INT(_kern, KERN_OSREV, osrevision, CTLFLAG_RD | CTLFLAG_CAPRD, 99 SYSCTL_NULL_INT_PTR, BSD, "Operating system revision"); 100 101 SYSCTL_STRING(_kern, KERN_VERSION, version, CTLFLAG_RD, 102 version, 0, "Kernel version"); 103 104 SYSCTL_STRING(_kern, OID_AUTO, compiler_version, CTLFLAG_RD, 105 compiler_version, 0, "Version of compiler used to compile kernel"); 106 107 SYSCTL_STRING(_kern, KERN_OSTYPE, ostype, CTLFLAG_RD | CTLFLAG_CAPRD, 108 ostype, 0, "Operating system type"); 109 110 SYSCTL_INT(_kern, KERN_MAXPROC, maxproc, CTLFLAG_RDTUN | CTLFLAG_NOFETCH, 111 &maxproc, 0, "Maximum number of processes"); 112 113 SYSCTL_INT(_kern, KERN_MAXPROCPERUID, maxprocperuid, CTLFLAG_RW, 114 &maxprocperuid, 0, "Maximum processes allowed per userid"); 115 116 SYSCTL_INT(_kern, OID_AUTO, maxusers, CTLFLAG_RDTUN | CTLFLAG_NOFETCH, 117 &maxusers, 0, "Hint for kernel tuning"); 118 119 SYSCTL_INT(_kern, KERN_ARGMAX, argmax, CTLFLAG_RD|CTLFLAG_CAPRD, 120 SYSCTL_NULL_INT_PTR, ARG_MAX, "Maximum bytes of argument to execve(2)"); 121 122 SYSCTL_INT(_kern, KERN_POSIX1, posix1version, CTLFLAG_RD|CTLFLAG_CAPRD, 123 SYSCTL_NULL_INT_PTR, _POSIX_VERSION, "Version of POSIX attempting to comply to"); 124 125 SYSCTL_INT(_kern, KERN_NGROUPS, ngroups, CTLFLAG_RDTUN | 126 CTLFLAG_NOFETCH | CTLFLAG_CAPRD, &ngroups_max, 0, 127 "Maximum number of supplemental groups a user can belong to"); 128 129 SYSCTL_INT(_kern, KERN_JOB_CONTROL, job_control, CTLFLAG_RD|CTLFLAG_CAPRD, 130 SYSCTL_NULL_INT_PTR, 1, "Whether job control is available"); 131 132 #ifdef _POSIX_SAVED_IDS 133 SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD|CTLFLAG_CAPRD, 134 SYSCTL_NULL_INT_PTR, 1, "Whether saved set-group/user ID is available"); 135 #else 136 SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD|CTLFLAG_CAPRD, 137 SYSCTL_NULL_INT_PTR, 0, "Whether saved set-group/user ID is available"); 138 #endif 139 140 char kernelname[MAXPATHLEN] = PATH_KERNEL; /* XXX bloat */ 141 142 SYSCTL_STRING(_kern, KERN_BOOTFILE, bootfile, CTLFLAG_RW, 143 kernelname, sizeof kernelname, "Name of kernel file booted"); 144 145 #ifdef COMPAT_FREEBSD12 146 static int 147 sysctl_maxphys(SYSCTL_HANDLER_ARGS) 148 { 149 u_long lvalue; 150 int ivalue; 151 152 lvalue = maxphys; 153 if (sizeof(int) == sizeof(u_long) || req->oldlen >= sizeof(u_long)) 154 return (sysctl_handle_long(oidp, &lvalue, 0, req)); 155 if (lvalue > INT_MAX) 156 return (sysctl_handle_long(oidp, &lvalue, 0, req)); 157 ivalue = lvalue; 158 return (sysctl_handle_int(oidp, &ivalue, 0, req)); 159 } 160 SYSCTL_PROC(_kern, KERN_MAXPHYS, maxphys, CTLTYPE_LONG | CTLFLAG_RDTUN | 161 CTLFLAG_NOFETCH | CTLFLAG_CAPRD | CTLFLAG_MPSAFE, 162 NULL, 0, sysctl_maxphys, "UL", "Maximum block I/O access size"); 163 #else 164 SYSCTL_ULONG(_kern, KERN_MAXPHYS, maxphys, 165 CTLFLAG_RDTUN | CTLFLAG_NOFETCH | CTLFLAG_CAPRD, 166 &maxphys, 0, "Maximum block I/O access size"); 167 #endif 168 169 SYSCTL_INT(_hw, HW_NCPU, ncpu, CTLFLAG_RD|CTLFLAG_CAPRD, 170 &mp_ncpus, 0, "Number of active CPUs"); 171 172 SYSCTL_INT(_hw, HW_BYTEORDER, byteorder, CTLFLAG_RD|CTLFLAG_CAPRD, 173 SYSCTL_NULL_INT_PTR, BYTE_ORDER, "System byte order"); 174 175 SYSCTL_INT(_hw, HW_PAGESIZE, pagesize, CTLFLAG_RD|CTLFLAG_CAPRD, 176 SYSCTL_NULL_INT_PTR, PAGE_SIZE, "System memory page size"); 177 178 static int 179 sysctl_kern_arnd(SYSCTL_HANDLER_ARGS) 180 { 181 char buf[256]; 182 size_t len; 183 184 len = MIN(req->oldlen, sizeof(buf)); 185 read_random(buf, len); 186 return (SYSCTL_OUT(req, buf, len)); 187 } 188 189 SYSCTL_PROC(_kern, KERN_ARND, arandom, 190 CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE | CTLFLAG_CAPRD, NULL, 0, 191 sysctl_kern_arnd, "", "arc4rand"); 192 193 static int 194 sysctl_hw_physmem(SYSCTL_HANDLER_ARGS) 195 { 196 u_long val, p; 197 198 p = SIZE_T_MAX >> PAGE_SHIFT; 199 if (physmem < p) 200 p = physmem; 201 val = ctob(p); 202 return (sysctl_handle_long(oidp, &val, 0, req)); 203 } 204 SYSCTL_PROC(_hw, HW_PHYSMEM, physmem, 205 CTLTYPE_ULONG | CTLFLAG_RD | CTLFLAG_MPSAFE, 0, 0, 206 sysctl_hw_physmem, "LU", 207 "Amount of physical memory (in bytes)"); 208 209 static int 210 sysctl_hw_realmem(SYSCTL_HANDLER_ARGS) 211 { 212 u_long val, p; 213 214 p = SIZE_T_MAX >> PAGE_SHIFT; 215 if (realmem < p) 216 p = realmem; 217 val = ctob(p); 218 return (sysctl_handle_long(oidp, &val, 0, req)); 219 } 220 SYSCTL_PROC(_hw, HW_REALMEM, realmem, 221 CTLTYPE_ULONG | CTLFLAG_RD | CTLFLAG_MPSAFE, 0, 0, 222 sysctl_hw_realmem, "LU", 223 "Amount of memory (in bytes) reported by the firmware"); 224 225 static int 226 sysctl_hw_usermem(SYSCTL_HANDLER_ARGS) 227 { 228 u_long val, p, p1; 229 230 p1 = physmem - vm_wire_count(); 231 p = SIZE_T_MAX >> PAGE_SHIFT; 232 if (p1 < p) 233 p = p1; 234 val = ctob(p); 235 return (sysctl_handle_long(oidp, &val, 0, req)); 236 } 237 SYSCTL_PROC(_hw, HW_USERMEM, usermem, 238 CTLTYPE_ULONG | CTLFLAG_RD | CTLFLAG_MPSAFE, 0, 0, 239 sysctl_hw_usermem, "LU", 240 "Amount of memory (in bytes) which is not wired"); 241 242 SYSCTL_LONG(_hw, OID_AUTO, availpages, CTLFLAG_RD, &physmem, 0, 243 "Amount of physical memory (in pages)"); 244 245 u_long pagesizes[MAXPAGESIZES] = { PAGE_SIZE }; 246 247 static int 248 sysctl_hw_pagesizes(SYSCTL_HANDLER_ARGS) 249 { 250 int error; 251 size_t len; 252 #ifdef SCTL_MASK32 253 int i; 254 uint32_t pagesizes32[MAXPAGESIZES]; 255 256 if (req->flags & SCTL_MASK32) { 257 /* 258 * Recreate the "pagesizes" array with 32-bit elements. 259 * Truncate any page size greater than UINT32_MAX to zero, 260 * which assumes that page sizes are powers of two. 261 */ 262 for (i = 0; i < MAXPAGESIZES; i++) 263 pagesizes32[i] = (uint32_t)pagesizes[i]; 264 265 len = sizeof(pagesizes32); 266 if (len > req->oldlen && req->oldptr != NULL) 267 len = req->oldlen; 268 error = SYSCTL_OUT(req, pagesizes32, len); 269 } else 270 #endif 271 { 272 len = sizeof(pagesizes); 273 if (len > req->oldlen && req->oldptr != NULL) 274 len = req->oldlen; 275 error = SYSCTL_OUT(req, pagesizes, len); 276 } 277 return (error); 278 } 279 SYSCTL_PROC(_hw, OID_AUTO, pagesizes, 280 CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, 281 sysctl_hw_pagesizes, "S,pagesizes", 282 "Supported page sizes"); 283 284 int adaptive_machine_arch = 1; 285 SYSCTL_INT(_debug, OID_AUTO, adaptive_machine_arch, CTLFLAG_RW, 286 &adaptive_machine_arch, 1, 287 "Adapt reported machine architecture to the ABI of the binary"); 288 289 static const char * 290 proc_machine_arch(struct proc *p) 291 { 292 293 if (p->p_sysent->sv_machine_arch != NULL) 294 return (p->p_sysent->sv_machine_arch(p)); 295 #ifdef COMPAT_FREEBSD32 296 if (SV_PROC_FLAG(p, SV_ILP32)) 297 return (MACHINE_ARCH32); 298 #endif 299 return (MACHINE_ARCH); 300 } 301 302 static int 303 sysctl_hw_machine_arch(SYSCTL_HANDLER_ARGS) 304 { 305 const char *machine_arch; 306 307 if (adaptive_machine_arch) 308 machine_arch = proc_machine_arch(curproc); 309 else 310 machine_arch = MACHINE_ARCH; 311 return (SYSCTL_OUT(req, machine_arch, strlen(machine_arch) + 1)); 312 } 313 SYSCTL_PROC(_hw, HW_MACHINE_ARCH, machine_arch, CTLTYPE_STRING | CTLFLAG_RD | 314 CTLFLAG_CAPRD | CTLFLAG_MPSAFE, NULL, 0, sysctl_hw_machine_arch, "A", 315 "System architecture"); 316 317 #ifdef COMPAT_FREEBSD32 318 #include <compat/freebsd32/freebsd32_util.h> 319 #endif 320 321 static int 322 sysctl_kern_supported_archs(SYSCTL_HANDLER_ARGS) 323 { 324 const char *supported_archs; 325 326 supported_archs = 327 #ifdef COMPAT_FREEBSD32 328 compat_freebsd_32bit ? MACHINE_ARCH " " MACHINE_ARCH32 : 329 #endif 330 MACHINE_ARCH; 331 return (SYSCTL_OUT(req, supported_archs, strlen(supported_archs) + 1)); 332 } 333 SYSCTL_PROC(_kern, OID_AUTO, supported_archs, CTLFLAG_RD | CTLFLAG_MPSAFE | 334 CTLFLAG_CAPRD | CTLTYPE_STRING, NULL, 0, sysctl_kern_supported_archs, "A", 335 "Supported architectures for binaries"); 336 337 static int 338 sysctl_hostname(SYSCTL_HANDLER_ARGS) 339 { 340 struct prison *pr, *cpr; 341 size_t pr_offset; 342 char tmpname[MAXHOSTNAMELEN]; 343 int descend, error, len; 344 345 /* 346 * This function can set: hostname domainname hostuuid. 347 * Keep that in mind when comments say "hostname". 348 */ 349 pr_offset = (size_t)arg1; 350 len = arg2; 351 KASSERT(len <= sizeof(tmpname), 352 ("length %d too long for %s", len, __func__)); 353 354 /* 355 * Make a local copy of hostname to get/set so we don't have to hold 356 * the jail mutex during the sysctl copyin/copyout activities. 357 */ 358 pr = req->td->td_ucred->cr_prison; 359 mtx_lock(&pr->pr_mtx); 360 bcopy((char *)pr + pr_offset, tmpname, len); 361 mtx_unlock(&pr->pr_mtx); 362 363 error = sysctl_handle_string(oidp, tmpname, len, req); 364 if (error != 0 || req->newptr == NULL) 365 return (error); 366 367 /* 368 * Copy the locally set hostname to all jails that share 369 * this host info. 370 */ 371 sx_slock(&allprison_lock); 372 if (!(pr->pr_allow & PR_ALLOW_SET_HOSTNAME)) 373 error = EPERM; 374 else { 375 while (!(pr->pr_flags & PR_HOST)) 376 pr = pr->pr_parent; 377 mtx_lock(&pr->pr_mtx); 378 bcopy(tmpname, (char *)pr + pr_offset, len); 379 FOREACH_PRISON_DESCENDANT_LOCKED(pr, cpr, descend) 380 if (cpr->pr_flags & PR_HOST) 381 descend = 0; 382 else 383 bcopy(tmpname, (char *)cpr + pr_offset, len); 384 mtx_unlock(&pr->pr_mtx); 385 } 386 sx_sunlock(&allprison_lock); 387 return (error); 388 } 389 390 SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname, 391 CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE, 392 (void *)(offsetof(struct prison, pr_hostname)), MAXHOSTNAMELEN, 393 sysctl_hostname, "A", "Hostname"); 394 SYSCTL_PROC(_kern, KERN_NISDOMAINNAME, domainname, 395 CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE, 396 (void *)(offsetof(struct prison, pr_domainname)), MAXHOSTNAMELEN, 397 sysctl_hostname, "A", "Name of the current YP/NIS domain"); 398 SYSCTL_PROC(_kern, KERN_HOSTUUID, hostuuid, 399 CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE, 400 (void *)(offsetof(struct prison, pr_hostuuid)), HOSTUUIDLEN, 401 sysctl_hostname, "A", "Host UUID"); 402 403 static int regression_securelevel_nonmonotonic = 0; 404 405 #ifdef REGRESSION 406 SYSCTL_INT(_regression, OID_AUTO, securelevel_nonmonotonic, CTLFLAG_RW, 407 ®ression_securelevel_nonmonotonic, 0, "securelevel may be lowered"); 408 #endif 409 410 static int 411 sysctl_kern_securelvl(SYSCTL_HANDLER_ARGS) 412 { 413 struct prison *pr, *cpr; 414 int descend, error, level; 415 416 pr = req->td->td_ucred->cr_prison; 417 418 /* 419 * Reading the securelevel is easy, since the current jail's level 420 * is known to be at least as secure as any higher levels. Perform 421 * a lockless read since the securelevel is an integer. 422 */ 423 level = pr->pr_securelevel; 424 error = sysctl_handle_int(oidp, &level, 0, req); 425 if (error || !req->newptr) 426 return (error); 427 /* Permit update only if the new securelevel exceeds the old. */ 428 sx_slock(&allprison_lock); 429 mtx_lock(&pr->pr_mtx); 430 if (!regression_securelevel_nonmonotonic && 431 level < pr->pr_securelevel) { 432 mtx_unlock(&pr->pr_mtx); 433 sx_sunlock(&allprison_lock); 434 return (EPERM); 435 } 436 pr->pr_securelevel = level; 437 /* 438 * Set all child jails to be at least this level, but do not lower 439 * them (even if regression_securelevel_nonmonotonic). 440 */ 441 FOREACH_PRISON_DESCENDANT_LOCKED(pr, cpr, descend) { 442 if (cpr->pr_securelevel < level) 443 cpr->pr_securelevel = level; 444 } 445 mtx_unlock(&pr->pr_mtx); 446 sx_sunlock(&allprison_lock); 447 return (error); 448 } 449 450 SYSCTL_PROC(_kern, KERN_SECURELVL, securelevel, 451 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 0, 0, 452 sysctl_kern_securelvl, "I", 453 "Current secure level"); 454 455 #ifdef INCLUDE_CONFIG_FILE 456 /* Actual kernel configuration options. */ 457 extern char kernconfstring[]; 458 459 SYSCTL_STRING(_kern, OID_AUTO, conftxt, CTLFLAG_RD, 460 kernconfstring, 0, "Kernel configuration file"); 461 #endif 462 463 static int 464 sysctl_hostid(SYSCTL_HANDLER_ARGS) 465 { 466 struct prison *pr, *cpr; 467 u_long tmpid; 468 int descend, error; 469 470 /* 471 * Like sysctl_hostname, except it operates on a u_long 472 * instead of a string, and is used only for hostid. 473 */ 474 pr = req->td->td_ucred->cr_prison; 475 mtx_lock(&pr->pr_mtx); 476 tmpid = pr->pr_hostid; 477 mtx_unlock(&pr->pr_mtx); 478 479 error = sysctl_handle_long(oidp, &tmpid, 0, req); 480 if (error != 0 || req->newptr == NULL) 481 return (error); 482 483 sx_slock(&allprison_lock); 484 if (!(pr->pr_allow & PR_ALLOW_SET_HOSTNAME)) 485 error = EPERM; 486 else { 487 while (!(pr->pr_flags & PR_HOST)) 488 pr = pr->pr_parent; 489 mtx_lock(&pr->pr_mtx); 490 pr->pr_hostid = tmpid; 491 FOREACH_PRISON_DESCENDANT_LOCKED(pr, cpr, descend) 492 if (cpr->pr_flags & PR_HOST) 493 descend = 0; 494 else 495 cpr->pr_hostid = tmpid; 496 mtx_unlock(&pr->pr_mtx); 497 } 498 sx_sunlock(&allprison_lock); 499 return (error); 500 } 501 502 SYSCTL_PROC(_kern, KERN_HOSTID, hostid, 503 CTLTYPE_ULONG | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE | CTLFLAG_CAPRD, 504 NULL, 0, sysctl_hostid, "LU", "Host ID"); 505 506 static struct mtx bootid_lk; 507 MTX_SYSINIT(bootid_lock, &bootid_lk, "bootid generator lock", MTX_DEF); 508 509 static int 510 sysctl_bootid(SYSCTL_HANDLER_ARGS) 511 { 512 static uint8_t boot_id[16]; 513 static bool initialized = false; 514 515 mtx_lock(&bootid_lk); 516 if (!initialized) { 517 if (!is_random_seeded()) { 518 mtx_unlock(&bootid_lk); 519 return (ENXIO); 520 } 521 arc4random_buf(boot_id, sizeof(boot_id)); 522 initialized = true; 523 } 524 mtx_unlock(&bootid_lk); 525 526 return (SYSCTL_OUT(req, boot_id, sizeof(boot_id))); 527 } 528 SYSCTL_PROC(_kern, OID_AUTO, boot_id, 529 CTLTYPE_STRUCT | CTLFLAG_RD | CTLFLAG_MPSAFE | CTLFLAG_CAPRD, 530 NULL, 0, sysctl_bootid, "", "Random boot ID"); 531 532 /* 533 * The osrelease string is copied from the global (osrelease in vers.c) into 534 * prison0 by a sysinit and is inherited by child jails if not changed at jail 535 * creation, so we always return the copy from the current prison data. 536 */ 537 static int 538 sysctl_osrelease(SYSCTL_HANDLER_ARGS) 539 { 540 struct prison *pr; 541 542 pr = req->td->td_ucred->cr_prison; 543 return (SYSCTL_OUT(req, pr->pr_osrelease, strlen(pr->pr_osrelease) + 1)); 544 545 } 546 547 SYSCTL_PROC(_kern, KERN_OSRELEASE, osrelease, 548 CTLTYPE_STRING | CTLFLAG_CAPRD | CTLFLAG_RD | CTLFLAG_MPSAFE, 549 NULL, 0, sysctl_osrelease, "A", "Operating system release"); 550 551 /* 552 * The osreldate number is copied from the global (osreldate in vers.c) into 553 * prison0 by a sysinit and is inherited by child jails if not changed at jail 554 * creation, so we always return the value from the current prison data. 555 */ 556 static int 557 sysctl_osreldate(SYSCTL_HANDLER_ARGS) 558 { 559 struct prison *pr; 560 561 pr = req->td->td_ucred->cr_prison; 562 return (SYSCTL_OUT(req, &pr->pr_osreldate, sizeof(pr->pr_osreldate))); 563 564 } 565 566 /* 567 * NOTICE: The *userland* release date is available in 568 * /usr/include/osreldate.h 569 */ 570 SYSCTL_PROC(_kern, KERN_OSRELDATE, osreldate, 571 CTLTYPE_INT | CTLFLAG_CAPRD | CTLFLAG_RD | CTLFLAG_MPSAFE, 572 NULL, 0, sysctl_osreldate, "I", "Kernel release date"); 573 574 /* 575 * The build-id is copied from the ELF section .note.gnu.build-id. The linker 576 * script defines two variables to expose the beginning and end. LLVM 577 * currently uses a SHA-1 hash, but other formats can be supported by checking 578 * the length of the section. 579 */ 580 581 extern char __build_id_start[]; 582 extern char __build_id_end[]; 583 584 #define BUILD_ID_HEADER_LEN 0x10 585 #define BUILD_ID_HASH_MAXLEN 0x14 586 587 static int 588 sysctl_build_id(SYSCTL_HANDLER_ARGS) 589 { 590 uintptr_t sectionlen = (uintptr_t)(__build_id_end - __build_id_start); 591 int hashlen; 592 char buf[2*BUILD_ID_HASH_MAXLEN+1]; 593 594 /* 595 * The ELF note section has a four byte length for the vendor name, 596 * four byte length for the value, and a four byte vendor specific 597 * type. The name for the build id is "GNU\0". We skip the first 16 598 * bytes to read the build hash. We will return the remaining bytes up 599 * to 20 (SHA-1) hash size. If the hash happens to be a custom number 600 * of bytes we will pad the value with zeros, as the section should be 601 * four byte aligned. 602 */ 603 if (sectionlen <= BUILD_ID_HEADER_LEN || 604 sectionlen > (BUILD_ID_HEADER_LEN + BUILD_ID_HASH_MAXLEN)) { 605 return (ENOENT); 606 } 607 608 hashlen = sectionlen - BUILD_ID_HEADER_LEN; 609 for (int i = 0; i < hashlen; i++) { 610 uint8_t c = __build_id_start[i+BUILD_ID_HEADER_LEN]; 611 snprintf(&buf[2*i], 3, "%02x", c); 612 } 613 614 return (SYSCTL_OUT(req, buf, strlen(buf) + 1)); 615 } 616 617 SYSCTL_PROC(_kern, OID_AUTO, build_id, 618 CTLTYPE_STRING | CTLFLAG_CAPRD | CTLFLAG_RD | CTLFLAG_MPSAFE, 619 NULL, 0, sysctl_build_id, "A", "Operating system build-id"); 620 621 SYSCTL_NODE(_kern, OID_AUTO, features, CTLFLAG_RD | CTLFLAG_MPSAFE, 0, 622 "Kernel Features"); 623 624 #ifdef COMPAT_FREEBSD4 625 FEATURE(compat_freebsd4, "Compatible with FreeBSD 4"); 626 #endif 627 628 #ifdef COMPAT_FREEBSD5 629 FEATURE(compat_freebsd5, "Compatible with FreeBSD 5"); 630 #endif 631 632 #ifdef COMPAT_FREEBSD6 633 FEATURE(compat_freebsd6, "Compatible with FreeBSD 6"); 634 #endif 635 636 #ifdef COMPAT_FREEBSD7 637 FEATURE(compat_freebsd7, "Compatible with FreeBSD 7"); 638 #endif 639 640 #ifdef COMPAT_FREEBSD8 641 FEATURE(compat_freebsd8, "Compatible with FreeBSD 8"); 642 #endif 643 644 #ifdef COMPAT_FREEBSD9 645 FEATURE(compat_freebsd9, "Compatible with FreeBSD 9"); 646 #endif 647 648 #ifdef COMPAT_FREEBSD10 649 FEATURE(compat_freebsd10, "Compatible with FreeBSD 10"); 650 #endif 651 652 #ifdef COMPAT_FREEBSD11 653 FEATURE(compat_freebsd11, "Compatible with FreeBSD 11"); 654 #endif 655 656 #ifdef COMPAT_FREEBSD12 657 FEATURE(compat_freebsd12, "Compatible with FreeBSD 12"); 658 #endif 659 660 #ifdef COMPAT_FREEBSD13 661 FEATURE(compat_freebsd13, "Compatible with FreeBSD 13"); 662 #endif 663 664 #ifdef COMPAT_FREEBSD14 665 FEATURE(compat_freebsd14, "Compatible with FreeBSD 14"); 666 #endif 667 668 /* 669 * This is really cheating. These actually live in the libc, something 670 * which I'm not quite sure is a good idea anyway, but in order for 671 * getnext and friends to actually work, we define dummies here. 672 * 673 * XXXRW: These probably should be CTLFLAG_CAPRD. 674 */ 675 SYSCTL_STRING(_user, USER_CS_PATH, cs_path, CTLFLAG_RD, 676 "", 0, "PATH that finds all the standard utilities"); 677 SYSCTL_INT(_user, USER_BC_BASE_MAX, bc_base_max, CTLFLAG_RD, 678 SYSCTL_NULL_INT_PTR, 0, "Max ibase/obase values in bc(1)"); 679 SYSCTL_INT(_user, USER_BC_DIM_MAX, bc_dim_max, CTLFLAG_RD, 680 SYSCTL_NULL_INT_PTR, 0, "Max array size in bc(1)"); 681 SYSCTL_INT(_user, USER_BC_SCALE_MAX, bc_scale_max, CTLFLAG_RD, 682 SYSCTL_NULL_INT_PTR, 0, "Max scale value in bc(1)"); 683 SYSCTL_INT(_user, USER_BC_STRING_MAX, bc_string_max, CTLFLAG_RD, 684 SYSCTL_NULL_INT_PTR, 0, "Max string length in bc(1)"); 685 SYSCTL_INT(_user, USER_COLL_WEIGHTS_MAX, coll_weights_max, CTLFLAG_RD, 686 SYSCTL_NULL_INT_PTR, 0, "Maximum number of weights assigned to an LC_COLLATE locale entry"); 687 SYSCTL_INT(_user, USER_EXPR_NEST_MAX, expr_nest_max, CTLFLAG_RD, 688 SYSCTL_NULL_INT_PTR, 0, ""); 689 SYSCTL_INT(_user, USER_LINE_MAX, line_max, CTLFLAG_RD, 690 SYSCTL_NULL_INT_PTR, 0, "Max length (bytes) of a text-processing utility's input line"); 691 SYSCTL_INT(_user, USER_RE_DUP_MAX, re_dup_max, CTLFLAG_RD, 692 SYSCTL_NULL_INT_PTR, 0, "Maximum number of repeats of a regexp permitted"); 693 SYSCTL_INT(_user, USER_POSIX2_VERSION, posix2_version, CTLFLAG_RD, 694 SYSCTL_NULL_INT_PTR, 0, 695 "The version of POSIX 1003.2 with which the system attempts to comply"); 696 SYSCTL_INT(_user, USER_POSIX2_C_BIND, posix2_c_bind, CTLFLAG_RD, 697 SYSCTL_NULL_INT_PTR, 0, "Whether C development supports the C bindings option"); 698 SYSCTL_INT(_user, USER_POSIX2_C_DEV, posix2_c_dev, CTLFLAG_RD, 699 SYSCTL_NULL_INT_PTR, 0, "Whether system supports the C development utilities option"); 700 SYSCTL_INT(_user, USER_POSIX2_CHAR_TERM, posix2_char_term, CTLFLAG_RD, 701 SYSCTL_NULL_INT_PTR, 0, ""); 702 SYSCTL_INT(_user, USER_POSIX2_FORT_DEV, posix2_fort_dev, CTLFLAG_RD, 703 SYSCTL_NULL_INT_PTR, 0, "Whether system supports FORTRAN development utilities"); 704 SYSCTL_INT(_user, USER_POSIX2_FORT_RUN, posix2_fort_run, CTLFLAG_RD, 705 SYSCTL_NULL_INT_PTR, 0, "Whether system supports FORTRAN runtime utilities"); 706 SYSCTL_INT(_user, USER_POSIX2_LOCALEDEF, posix2_localedef, CTLFLAG_RD, 707 SYSCTL_NULL_INT_PTR, 0, "Whether system supports creation of locales"); 708 SYSCTL_INT(_user, USER_POSIX2_SW_DEV, posix2_sw_dev, CTLFLAG_RD, 709 SYSCTL_NULL_INT_PTR, 0, "Whether system supports software development utilities"); 710 SYSCTL_INT(_user, USER_POSIX2_UPE, posix2_upe, CTLFLAG_RD, 711 SYSCTL_NULL_INT_PTR, 0, "Whether system supports the user portability utilities"); 712 SYSCTL_INT(_user, USER_STREAM_MAX, stream_max, CTLFLAG_RD, 713 SYSCTL_NULL_INT_PTR, 0, "Min Maximum number of streams a process may have open at one time"); 714 SYSCTL_INT(_user, USER_TZNAME_MAX, tzname_max, CTLFLAG_RD, 715 SYSCTL_NULL_INT_PTR, 0, "Min Maximum number of types supported for timezone names"); 716 717 static char localbase[MAXPATHLEN] = ""; 718 719 SYSCTL_STRING(_user, USER_LOCALBASE, localbase, CTLFLAG_RWTUN, 720 localbase, sizeof(localbase), "Prefix used to install and locate add-on packages"); 721 722 #include <sys/vnode.h> 723 SYSCTL_INT(_debug_sizeof, OID_AUTO, vnode, CTLFLAG_RD, 724 SYSCTL_NULL_INT_PTR, sizeof(struct vnode), "sizeof(struct vnode)"); 725 726 SYSCTL_INT(_debug_sizeof, OID_AUTO, proc, CTLFLAG_RD, 727 SYSCTL_NULL_INT_PTR, sizeof(struct proc), "sizeof(struct proc)"); 728 729 static int 730 sysctl_kern_pid_max(SYSCTL_HANDLER_ARGS) 731 { 732 int error, pm; 733 734 pm = pid_max; 735 error = sysctl_handle_int(oidp, &pm, 0, req); 736 if (error || !req->newptr) 737 return (error); 738 sx_xlock(&proctree_lock); 739 sx_xlock(&allproc_lock); 740 741 /* 742 * Only permit the values less then PID_MAX. 743 * As a safety measure, do not allow to limit the pid_max too much. 744 */ 745 if (pm < 300 || pm > PID_MAX) 746 error = EINVAL; 747 else 748 pid_max = pm; 749 sx_xunlock(&allproc_lock); 750 sx_xunlock(&proctree_lock); 751 return (error); 752 } 753 SYSCTL_PROC(_kern, OID_AUTO, pid_max, CTLTYPE_INT | 754 CTLFLAG_RWTUN | CTLFLAG_NOFETCH | CTLFLAG_MPSAFE, 755 0, 0, sysctl_kern_pid_max, "I", "Maximum allowed pid"); 756 757 SYSCTL_INT(_kern, OID_AUTO, pid_max_limit, CTLFLAG_RD, 758 SYSCTL_NULL_INT_PTR, PID_MAX, 759 "Maximum allowed pid (kern.pid_max) top limit"); 760 761 #include <sys/bio.h> 762 #include <sys/buf.h> 763 SYSCTL_INT(_debug_sizeof, OID_AUTO, bio, CTLFLAG_RD, 764 SYSCTL_NULL_INT_PTR, sizeof(struct bio), "sizeof(struct bio)"); 765 SYSCTL_INT(_debug_sizeof, OID_AUTO, buf, CTLFLAG_RD, 766 SYSCTL_NULL_INT_PTR, sizeof(struct buf), "sizeof(struct buf)"); 767 768 #include <sys/user.h> 769 SYSCTL_INT(_debug_sizeof, OID_AUTO, kinfo_proc, CTLFLAG_RD, 770 SYSCTL_NULL_INT_PTR, sizeof(struct kinfo_proc), "sizeof(struct kinfo_proc)"); 771 772 /* Used by kernel debuggers. */ 773 const int pcb_size = sizeof(struct pcb); 774 SYSCTL_INT(_debug_sizeof, OID_AUTO, pcb, CTLFLAG_RD, 775 SYSCTL_NULL_INT_PTR, sizeof(struct pcb), "sizeof(struct pcb)"); 776 777 /* XXX compatibility, remove for 6.0 */ 778 #include <sys/imgact.h> 779 #include <sys/imgact_elf.h> 780 SYSCTL_INT(_kern, OID_AUTO, fallback_elf_brand, CTLFLAG_RW, 781 &__elfN(fallback_brand), sizeof(__elfN(fallback_brand)), 782 "compatibility for kern.fallback_elf_brand"); 783