tuxillo's projects / dragonfly.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2f4c700) | patch
systat - Restrict %rip sampling to root
authorMatthew Dillon <dillon@apollo.backplane.com>
Wed, 27 Jul 2016 23:22:11 +0000 (16:22 -0700)
committerMatthew Dillon <dillon@apollo.backplane.com>
Wed, 27 Jul 2016 23:24:09 +0000 (16:24 -0700)
commite40d86e596b00f78af2d9fbc5631bb04adea6b83
tree8811705a2233240b52efb5ec1483c8f7dbc40abctree | snapshot
parent2f4c700a11691e8ab31cb43e8ff1b4254822a094commit | diff
systat - Restrict %rip sampling to root

* Only allow root to sample the %rip and %rsp on all cpus.  The sysctl will
  not sample and return 0 for these fields if the uid is not root.

  This is for security, as %rip sampling can be used to break cryptographic
  keys.

* systat -pv 1 will not display the sampling columns if the sample value
  is 0.
sys/kern/kern_clock.c diff | blob | blame | history
usr.bin/systat/vmmeter.c diff | blob | blame | history
WIP repository