Diffusion FreeBSD src repository 9bec84131215

ktrace: Record detailed ECAPMODE violations
9bec84131215
Actions

Description

ktrace: Record detailed ECAPMODE violations

When a Capsicum violation occurs in the kernel, ktrace will now record
detailed information pertaining to the violation.

For example:

When a namei lookup violation occurs, ktrace will record the path.
When a signal violation occurs, ktrace will record the signal number.
When a sendto(2) violation occurs, ktrace will record the recipient sockaddr.

For all violations, the syscall and ABI is recorded.

kdump is also modified to display this new information to the user.

Reviewed by: oshogbo, markj
Approved by: markj (mentor)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D40676

Details

Provenance

jfree

Authored on Apr 6 2024, 6:29 PM

Reviewer

oshogbo

Differential Revision

D40676: ktrace: Record detailed ECAPMODE violations

Parents

rG401c0f8aa1ce: exports.5: Add RFC number for NFS over TLS

Branches

Unknown

Tags

Unknown

Event Timeline

jfree committed rG9bec84131215: ktrace: Record detailed ECAPMODE violations (authored by jfree).Apr 7 2024, 11:52 PM

jfree added an edge: D40676: ktrace: Record detailed ECAPMODE violations.Apr 7 2024, 11:58 PM

jfree mentioned this in rG34791f4ac79e: capsicum.h: Include ktrace.h only in kernel.Apr 8 2024, 2:47 PM

Changes (5)

Path

Size

sys/

kern/

sys/

usr.bin/

kdump/

kdump.c

rG9bec84131215

View Options

sys/kern/kern_ktrace.c

View Options

sys/kern/sys_capability.c

View Options

sys/sys/capsicum.h

View Options

sys/sys/ktrace.h

View Options

ktrace: Record detailed ECAPMODE violations9bec84131215Actions

Description

Details

Event Timeline

Changes (5)

rG9bec84131215

sys/kern/kern_ktrace.c

sys/kern/sys_capability.c

sys/sys/capsicum.h

sys/sys/ktrace.h

usr.bin/kdump/kdump.c

ktrace: Record detailed ECAPMODE violations
9bec84131215
Actions