xref: /freebsd-14-stable/sys/kern/kern_sysctl.c (revision 4f3ce62ff7ef930eddaf3c7de59195092eee3e00)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1982, 1986, 1989, 1993
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * This code is derived from software contributed to Berkeley by
8  * Mike Karels at Berkeley Software Design, Inc.
9  *
10  * Quite extensively rewritten by Poul-Henning Kamp of the FreeBSD
11  * project, to make these variables more userfriendly.
12  *
13  * Redistribution and use in source and binary forms, with or without
14  * modification, are permitted provided that the following conditions
15  * are met:
16  * 1. Redistributions of source code must retain the above copyright
17  *    notice, this list of conditions and the following disclaimer.
18  * 2. Redistributions in binary form must reproduce the above copyright
19  *    notice, this list of conditions and the following disclaimer in the
20  *    documentation and/or other materials provided with the distribution.
21  * 3. Neither the name of the University nor the names of its contributors
22  *    may be used to endorse or promote products derived from this software
23  *    without specific prior written permission.
24  *
25  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
26  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
29  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35  * SUCH DAMAGE.
36  *
37  *	@(#)kern_sysctl.c	8.4 (Berkeley) 4/14/94
38  */
39 
40 #include <sys/cdefs.h>
41 #include "opt_capsicum.h"
42 #include "opt_ddb.h"
43 #include "opt_ktrace.h"
44 #include "opt_sysctl.h"
45 
46 #include <sys/param.h>
47 #include <sys/fail.h>
48 #include <sys/systm.h>
49 #include <sys/capsicum.h>
50 #include <sys/kernel.h>
51 #include <sys/limits.h>
52 #include <sys/sysctl.h>
53 #include <sys/malloc.h>
54 #include <sys/priv.h>
55 #include <sys/proc.h>
56 #include <sys/jail.h>
57 #include <sys/kdb.h>
58 #include <sys/lock.h>
59 #include <sys/mutex.h>
60 #include <sys/rmlock.h>
61 #include <sys/sbuf.h>
62 #include <sys/sx.h>
63 #include <sys/sysproto.h>
64 #include <sys/uio.h>
65 #ifdef KTRACE
66 #include <sys/ktrace.h>
67 #endif
68 
69 #ifdef DDB
70 #include <ddb/ddb.h>
71 #include <ddb/db_lex.h>
72 #endif
73 
74 #include <net/vnet.h>
75 
76 #include <security/mac/mac_framework.h>
77 
78 #include <vm/vm.h>
79 #include <vm/vm_extern.h>
80 
81 static MALLOC_DEFINE(M_SYSCTL, "sysctl", "sysctl internal magic");
82 static MALLOC_DEFINE(M_SYSCTLOID, "sysctloid", "sysctl dynamic oids");
83 static MALLOC_DEFINE(M_SYSCTLTMP, "sysctltmp", "sysctl temp output buffer");
84 
85 RB_GENERATE(sysctl_oid_list, sysctl_oid, oid_link, cmp_sysctl_oid);
86 
87 /*
88  * The sysctllock protects the MIB tree.  It also protects sysctl
89  * contexts used with dynamic sysctls.  The sysctl_register_oid() and
90  * sysctl_unregister_oid() routines require the sysctllock to already
91  * be held, so the sysctl_wlock() and sysctl_wunlock() routines are
92  * provided for the few places in the kernel which need to use that
93  * API rather than using the dynamic API.  Use of the dynamic API is
94  * strongly encouraged for most code.
95  *
96  * The sysctlmemlock is used to limit the amount of user memory wired for
97  * sysctl requests.  This is implemented by serializing any userland
98  * sysctl requests larger than a single page via an exclusive lock.
99  *
100  * The sysctlstringlock is used to protect concurrent access to writable
101  * string nodes in sysctl_handle_string().
102  */
103 static struct rmlock sysctllock;
104 static struct sx __exclusive_cache_line sysctlmemlock;
105 static struct sx sysctlstringlock;
106 
107 #define	SYSCTL_WLOCK()		rm_wlock(&sysctllock)
108 #define	SYSCTL_WUNLOCK()	rm_wunlock(&sysctllock)
109 #define	SYSCTL_RLOCK(tracker)	rm_rlock(&sysctllock, (tracker))
110 #define	SYSCTL_RUNLOCK(tracker)	rm_runlock(&sysctllock, (tracker))
111 #define	SYSCTL_WLOCKED()	rm_wowned(&sysctllock)
112 #define	SYSCTL_ASSERT_LOCKED()	rm_assert(&sysctllock, RA_LOCKED)
113 #define	SYSCTL_ASSERT_WLOCKED()	rm_assert(&sysctllock, RA_WLOCKED)
114 #define	SYSCTL_ASSERT_RLOCKED()	rm_assert(&sysctllock, RA_RLOCKED)
115 #define	SYSCTL_INIT()		rm_init_flags(&sysctllock, "sysctl lock", \
116 				    RM_SLEEPABLE)
117 #define	SYSCTL_SLEEP(ch, wmesg, timo)					\
118 				rm_sleep(ch, &sysctllock, 0, wmesg, timo)
119 
120 static int sysctl_root(SYSCTL_HANDLER_ARGS);
121 
122 /* Root list */
123 struct sysctl_oid_list sysctl__children = RB_INITIALIZER(&sysctl__children);
124 
125 static char*	sysctl_escape_name(const char*);
126 static int	sysctl_remove_oid_locked(struct sysctl_oid *oidp, int del,
127 		    int recurse);
128 static int	sysctl_old_kernel(struct sysctl_req *, const void *, size_t);
129 static int	sysctl_new_kernel(struct sysctl_req *, void *, size_t);
130 static int	name2oid(const char *, int *, int *, struct sysctl_oid **);
131 
132 static struct sysctl_oid *
sysctl_find_oidname(const char * name,struct sysctl_oid_list * list)133 sysctl_find_oidname(const char *name, struct sysctl_oid_list *list)
134 {
135 	struct sysctl_oid *oidp;
136 
137 	SYSCTL_ASSERT_LOCKED();
138 	SYSCTL_FOREACH(oidp, list) {
139 		if (strcmp(oidp->oid_name, name) == 0) {
140 			return (oidp);
141 		}
142 	}
143 	return (NULL);
144 }
145 
146 static struct sysctl_oid *
sysctl_find_oidnamelen(const char * name,size_t len,struct sysctl_oid_list * list)147 sysctl_find_oidnamelen(const char *name, size_t len,
148     struct sysctl_oid_list *list)
149 {
150 	struct sysctl_oid *oidp;
151 
152 	SYSCTL_ASSERT_LOCKED();
153 	SYSCTL_FOREACH(oidp, list) {
154 		if (strncmp(oidp->oid_name, name, len) == 0 &&
155 		    oidp->oid_name[len] == '\0')
156 			return (oidp);
157 	}
158 	return (NULL);
159 }
160 
161 /*
162  * Initialization of the MIB tree.
163  *
164  * Order by number in each list.
165  */
166 void
sysctl_wlock(void)167 sysctl_wlock(void)
168 {
169 
170 	SYSCTL_WLOCK();
171 }
172 
173 void
sysctl_wunlock(void)174 sysctl_wunlock(void)
175 {
176 
177 	SYSCTL_WUNLOCK();
178 }
179 
180 static int
sysctl_root_handler_locked(struct sysctl_oid * oid,void * arg1,intmax_t arg2,struct sysctl_req * req,struct rm_priotracker * tracker)181 sysctl_root_handler_locked(struct sysctl_oid *oid, void *arg1, intmax_t arg2,
182     struct sysctl_req *req, struct rm_priotracker *tracker)
183 {
184 	int error;
185 
186 	if (oid->oid_kind & CTLFLAG_DYN)
187 		atomic_add_int(&oid->oid_running, 1);
188 
189 	if (tracker != NULL)
190 		SYSCTL_RUNLOCK(tracker);
191 	else
192 		SYSCTL_WUNLOCK();
193 
194 	/*
195 	 * Treat set CTLFLAG_NEEDGIANT and unset CTLFLAG_MPSAFE flags the same,
196 	 * untill we're ready to remove all traces of Giant from sysctl(9).
197 	 */
198 	if ((oid->oid_kind & CTLFLAG_NEEDGIANT) ||
199 	    (!(oid->oid_kind & CTLFLAG_MPSAFE)))
200 		mtx_lock(&Giant);
201 	error = oid->oid_handler(oid, arg1, arg2, req);
202 	if ((oid->oid_kind & CTLFLAG_NEEDGIANT) ||
203 	    (!(oid->oid_kind & CTLFLAG_MPSAFE)))
204 		mtx_unlock(&Giant);
205 
206 	KFAIL_POINT_ERROR(_debug_fail_point, sysctl_running, error);
207 
208 	if (tracker != NULL)
209 		SYSCTL_RLOCK(tracker);
210 	else
211 		SYSCTL_WLOCK();
212 
213 	if (oid->oid_kind & CTLFLAG_DYN) {
214 		if (atomic_fetchadd_int(&oid->oid_running, -1) == 1 &&
215 		    (oid->oid_kind & CTLFLAG_DYING) != 0)
216 			wakeup(&oid->oid_running);
217 	}
218 
219 	return (error);
220 }
221 
222 static void
sysctl_load_tunable_by_oid_locked(struct sysctl_oid * oidp)223 sysctl_load_tunable_by_oid_locked(struct sysctl_oid *oidp)
224 {
225 	struct sysctl_req req;
226 	struct sysctl_oid *curr;
227 	char *penv = NULL;
228 	char path[96];
229 	ssize_t rem = sizeof(path);
230 	ssize_t len;
231 	uint8_t data[512] __aligned(sizeof(uint64_t));
232 	int size;
233 	int error;
234 
235 	path[--rem] = 0;
236 
237 	for (curr = oidp; curr != NULL; curr = SYSCTL_PARENT(curr)) {
238 		len = strlen(curr->oid_name);
239 		rem -= len;
240 		if (curr != oidp)
241 			rem -= 1;
242 		if (rem < 0) {
243 			printf("OID path exceeds %d bytes\n", (int)sizeof(path));
244 			return;
245 		}
246 		memcpy(path + rem, curr->oid_name, len);
247 		if (curr != oidp)
248 			path[rem + len] = '.';
249 	}
250 
251 	memset(&req, 0, sizeof(req));
252 
253 	req.td = curthread;
254 	req.oldfunc = sysctl_old_kernel;
255 	req.newfunc = sysctl_new_kernel;
256 	req.lock = REQ_UNWIRED;
257 
258 	switch (oidp->oid_kind & CTLTYPE) {
259 	case CTLTYPE_INT:
260 		if (getenv_array(path + rem, data, sizeof(data), &size,
261 		    sizeof(int), GETENV_SIGNED) == 0)
262 			return;
263 		req.newlen = size;
264 		req.newptr = data;
265 		break;
266 	case CTLTYPE_UINT:
267 		if (getenv_array(path + rem, data, sizeof(data), &size,
268 		    sizeof(int), GETENV_UNSIGNED) == 0)
269 			return;
270 		req.newlen = size;
271 		req.newptr = data;
272 		break;
273 	case CTLTYPE_LONG:
274 		if (getenv_array(path + rem, data, sizeof(data), &size,
275 		    sizeof(long), GETENV_SIGNED) == 0)
276 			return;
277 		req.newlen = size;
278 		req.newptr = data;
279 		break;
280 	case CTLTYPE_ULONG:
281 		if (getenv_array(path + rem, data, sizeof(data), &size,
282 		    sizeof(long), GETENV_UNSIGNED) == 0)
283 			return;
284 		req.newlen = size;
285 		req.newptr = data;
286 		break;
287 	case CTLTYPE_S8:
288 		if (getenv_array(path + rem, data, sizeof(data), &size,
289 		    sizeof(int8_t), GETENV_SIGNED) == 0)
290 			return;
291 		req.newlen = size;
292 		req.newptr = data;
293 		break;
294 	case CTLTYPE_S16:
295 		if (getenv_array(path + rem, data, sizeof(data), &size,
296 		    sizeof(int16_t), GETENV_SIGNED) == 0)
297 			return;
298 		req.newlen = size;
299 		req.newptr = data;
300 		break;
301 	case CTLTYPE_S32:
302 		if (getenv_array(path + rem, data, sizeof(data), &size,
303 		    sizeof(int32_t), GETENV_SIGNED) == 0)
304 			return;
305 		req.newlen = size;
306 		req.newptr = data;
307 		break;
308 	case CTLTYPE_S64:
309 		if (getenv_array(path + rem, data, sizeof(data), &size,
310 		    sizeof(int64_t), GETENV_SIGNED) == 0)
311 			return;
312 		req.newlen = size;
313 		req.newptr = data;
314 		break;
315 	case CTLTYPE_U8:
316 		if (getenv_array(path + rem, data, sizeof(data), &size,
317 		    sizeof(uint8_t), GETENV_UNSIGNED) == 0)
318 			return;
319 		req.newlen = size;
320 		req.newptr = data;
321 		break;
322 	case CTLTYPE_U16:
323 		if (getenv_array(path + rem, data, sizeof(data), &size,
324 		    sizeof(uint16_t), GETENV_UNSIGNED) == 0)
325 			return;
326 		req.newlen = size;
327 		req.newptr = data;
328 		break;
329 	case CTLTYPE_U32:
330 		if (getenv_array(path + rem, data, sizeof(data), &size,
331 		    sizeof(uint32_t), GETENV_UNSIGNED) == 0)
332 			return;
333 		req.newlen = size;
334 		req.newptr = data;
335 		break;
336 	case CTLTYPE_U64:
337 		if (getenv_array(path + rem, data, sizeof(data), &size,
338 		    sizeof(uint64_t), GETENV_UNSIGNED) == 0)
339 			return;
340 		req.newlen = size;
341 		req.newptr = data;
342 		break;
343 	case CTLTYPE_STRING:
344 		penv = kern_getenv(path + rem);
345 		if (penv == NULL)
346 			return;
347 		req.newlen = strlen(penv);
348 		req.newptr = penv;
349 		break;
350 	default:
351 		return;
352 	}
353 	error = sysctl_root_handler_locked(oidp, oidp->oid_arg1,
354 	    oidp->oid_arg2, &req, NULL);
355 	if (error != 0)
356 		printf("Setting sysctl %s failed: %d\n", path + rem, error);
357 	if (penv != NULL)
358 		freeenv(penv);
359 }
360 
361 /*
362  * Locate the path to a given oid.  Returns the length of the resulting path,
363  * or -1 if the oid was not found.  nodes must have room for CTL_MAXNAME
364  * elements.
365  */
366 static int
sysctl_search_oid(struct sysctl_oid ** nodes,struct sysctl_oid * needle)367 sysctl_search_oid(struct sysctl_oid **nodes, struct sysctl_oid *needle)
368 {
369 	int indx;
370 
371 	SYSCTL_ASSERT_LOCKED();
372 	indx = 0;
373 	/*
374 	 * Do a depth-first search of the oid tree, looking for 'needle'. Start
375 	 * with the first child of the root.
376 	 */
377 	nodes[indx] = RB_MIN(sysctl_oid_list, &sysctl__children);
378 	for (;;) {
379 		if (nodes[indx] == needle)
380 			return (indx + 1);
381 
382 		if (nodes[indx] == NULL) {
383 			/* Node has no more siblings, so back up to parent. */
384 			if (indx-- == 0) {
385 				/* Retreat to root, so give up. */
386 				break;
387 			}
388 		} else if ((nodes[indx]->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
389 			/* Node has children. */
390 			if (++indx == CTL_MAXNAME) {
391 				/* Max search depth reached, so give up. */
392 				break;
393 			}
394 			/* Start with the first child. */
395 			nodes[indx] = RB_MIN(sysctl_oid_list,
396 			    &nodes[indx - 1]->oid_children);
397 			continue;
398 		}
399 		/* Consider next sibling. */
400 		nodes[indx] = RB_NEXT(sysctl_oid_list, NULL, nodes[indx]);
401 	}
402 	return (-1);
403 }
404 
405 static void
sysctl_warn_reuse(const char * func,struct sysctl_oid * leaf)406 sysctl_warn_reuse(const char *func, struct sysctl_oid *leaf)
407 {
408 	struct sysctl_oid *nodes[CTL_MAXNAME];
409 	char buf[128];
410 	struct sbuf sb;
411 	int rc, i;
412 
413 	(void)sbuf_new(&sb, buf, sizeof(buf), SBUF_FIXEDLEN | SBUF_INCLUDENUL);
414 	sbuf_set_drain(&sb, sbuf_printf_drain, NULL);
415 
416 	sbuf_printf(&sb, "%s: can't re-use a leaf (", func);
417 
418 	rc = sysctl_search_oid(nodes, leaf);
419 	if (rc > 0) {
420 		for (i = 0; i < rc; i++)
421 			sbuf_printf(&sb, "%s%.*s", nodes[i]->oid_name,
422 			    i != (rc - 1), ".");
423 	} else {
424 		sbuf_printf(&sb, "%s", leaf->oid_name);
425 	}
426 	sbuf_printf(&sb, ")!\n");
427 
428 	(void)sbuf_finish(&sb);
429 }
430 
431 #ifdef SYSCTL_DEBUG
432 static int
sysctl_reuse_test(SYSCTL_HANDLER_ARGS)433 sysctl_reuse_test(SYSCTL_HANDLER_ARGS)
434 {
435 	struct rm_priotracker tracker;
436 
437 	SYSCTL_RLOCK(&tracker);
438 	sysctl_warn_reuse(__func__, oidp);
439 	SYSCTL_RUNLOCK(&tracker);
440 	return (0);
441 }
442 SYSCTL_PROC(_sysctl, OID_AUTO, reuse_test,
443     CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, 0, 0, sysctl_reuse_test, "-",
444     "");
445 #endif
446 
447 void
sysctl_register_oid(struct sysctl_oid * oidp)448 sysctl_register_oid(struct sysctl_oid *oidp)
449 {
450 	struct sysctl_oid_list *parent = oidp->oid_parent;
451 	struct sysctl_oid *p, key;
452 	int oid_number;
453 	int timeout = 2;
454 
455 	/*
456 	 * First check if another oid with the same name already
457 	 * exists in the parent's list.
458 	 */
459 	SYSCTL_ASSERT_WLOCKED();
460 	p = sysctl_find_oidname(oidp->oid_name, parent);
461 	if (p != NULL) {
462 		if ((p->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
463 			p->oid_refcnt++;
464 			return;
465 		} else {
466 			sysctl_warn_reuse(__func__, p);
467 			return;
468 		}
469 	}
470 	/* get current OID number */
471 	oid_number = oidp->oid_number;
472 
473 #if (OID_AUTO >= 0)
474 #error "OID_AUTO is expected to be a negative value"
475 #endif
476 	/*
477 	 * Any negative OID number qualifies as OID_AUTO. Valid OID
478 	 * numbers should always be positive.
479 	 *
480 	 * NOTE: DO NOT change the starting value here, change it in
481 	 * <sys/sysctl.h>, and make sure it is at least 256 to
482 	 * accommodate e.g. net.inet.raw as a static sysctl node.
483 	 */
484 	if (oid_number < 0) {
485 		static int newoid;
486 
487 		/*
488 		 * By decrementing the next OID number we spend less
489 		 * time inserting the OIDs into a sorted list.
490 		 */
491 		if (--newoid < CTL_AUTO_START)
492 			newoid = 0x7fffffff;
493 
494 		oid_number = newoid;
495 	}
496 
497 	/*
498 	 * Insert the OID into the parent's list sorted by OID number.
499 	 */
500 	key.oid_number = oid_number;
501 	p = RB_NFIND(sysctl_oid_list, parent, &key);
502 	while (p != NULL && oid_number == p->oid_number) {
503 		/* get the next valid OID number */
504 		if (oid_number < CTL_AUTO_START ||
505 		    oid_number == 0x7fffffff) {
506 			/* wraparound - restart */
507 			oid_number = CTL_AUTO_START;
508 			/* don't loop forever */
509 			if (!timeout--)
510 				panic("sysctl: Out of OID numbers\n");
511 			key.oid_number = oid_number;
512 			p = RB_NFIND(sysctl_oid_list, parent, &key);
513 			continue;
514 		}
515 		p = RB_NEXT(sysctl_oid_list, NULL, p);
516 		oid_number++;
517 	}
518 	/* check for non-auto OID number collision */
519 	if (oidp->oid_number >= 0 && oidp->oid_number < CTL_AUTO_START &&
520 	    oid_number >= CTL_AUTO_START) {
521 		panic("sysctl: OID number(%d) is already in use for '%s'\n",
522 		    oidp->oid_number, oidp->oid_name);
523 	}
524 	/* update the OID number, if any */
525 	oidp->oid_number = oid_number;
526 	RB_INSERT(sysctl_oid_list, parent, oidp);
527 
528 	if ((oidp->oid_kind & CTLTYPE) != CTLTYPE_NODE &&
529 	    (oidp->oid_kind & CTLFLAG_TUN) != 0 &&
530 	    (oidp->oid_kind & CTLFLAG_NOFETCH) == 0) {
531 		/* only fetch value once */
532 		oidp->oid_kind |= CTLFLAG_NOFETCH;
533 		/* try to fetch value from kernel environment */
534 		sysctl_load_tunable_by_oid_locked(oidp);
535 	}
536 }
537 
538 void
sysctl_register_disabled_oid(struct sysctl_oid * oidp)539 sysctl_register_disabled_oid(struct sysctl_oid *oidp)
540 {
541 
542 	/*
543 	 * Mark the leaf as dormant if it's not to be immediately enabled.
544 	 * We do not disable nodes as they can be shared between modules
545 	 * and it is always safe to access a node.
546 	 */
547 	KASSERT((oidp->oid_kind & CTLFLAG_DORMANT) == 0,
548 	    ("internal flag is set in oid_kind"));
549 	if ((oidp->oid_kind & CTLTYPE) != CTLTYPE_NODE)
550 		oidp->oid_kind |= CTLFLAG_DORMANT;
551 	sysctl_register_oid(oidp);
552 }
553 
554 void
sysctl_enable_oid(struct sysctl_oid * oidp)555 sysctl_enable_oid(struct sysctl_oid *oidp)
556 {
557 
558 	SYSCTL_ASSERT_WLOCKED();
559 	if ((oidp->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
560 		KASSERT((oidp->oid_kind & CTLFLAG_DORMANT) == 0,
561 		    ("sysctl node is marked as dormant"));
562 		return;
563 	}
564 	KASSERT((oidp->oid_kind & CTLFLAG_DORMANT) != 0,
565 	    ("enabling already enabled sysctl oid"));
566 	oidp->oid_kind &= ~CTLFLAG_DORMANT;
567 }
568 
569 void
sysctl_unregister_oid(struct sysctl_oid * oidp)570 sysctl_unregister_oid(struct sysctl_oid *oidp)
571 {
572 	int error;
573 
574 	SYSCTL_ASSERT_WLOCKED();
575 	if (oidp->oid_number == OID_AUTO) {
576 		error = EINVAL;
577 	} else {
578 		error = ENOENT;
579 		if (RB_REMOVE(sysctl_oid_list, oidp->oid_parent, oidp))
580 			error = 0;
581 	}
582 
583 	/*
584 	 * This can happen when a module fails to register and is
585 	 * being unloaded afterwards.  It should not be a panic()
586 	 * for normal use.
587 	 */
588 	if (error) {
589 		printf("%s: failed(%d) to unregister sysctl(%s)\n",
590 		    __func__, error, oidp->oid_name);
591 	}
592 }
593 
594 /* Initialize a new context to keep track of dynamically added sysctls. */
595 int
sysctl_ctx_init(struct sysctl_ctx_list * c)596 sysctl_ctx_init(struct sysctl_ctx_list *c)
597 {
598 
599 	if (c == NULL) {
600 		return (EINVAL);
601 	}
602 
603 	/*
604 	 * No locking here, the caller is responsible for not adding
605 	 * new nodes to a context until after this function has
606 	 * returned.
607 	 */
608 	TAILQ_INIT(c);
609 	return (0);
610 }
611 
612 /* Free the context, and destroy all dynamic oids registered in this context */
613 int
sysctl_ctx_free(struct sysctl_ctx_list * clist)614 sysctl_ctx_free(struct sysctl_ctx_list *clist)
615 {
616 	struct sysctl_ctx_entry *e, *e1;
617 	int error;
618 
619 	error = 0;
620 	/*
621 	 * First perform a "dry run" to check if it's ok to remove oids.
622 	 * XXX FIXME
623 	 * XXX This algorithm is a hack. But I don't know any
624 	 * XXX better solution for now...
625 	 */
626 	SYSCTL_WLOCK();
627 	TAILQ_FOREACH(e, clist, link) {
628 		error = sysctl_remove_oid_locked(e->entry, 0, 0);
629 		if (error)
630 			break;
631 	}
632 	/*
633 	 * Restore deregistered entries, either from the end,
634 	 * or from the place where error occurred.
635 	 * e contains the entry that was not unregistered
636 	 */
637 	if (error)
638 		e1 = TAILQ_PREV(e, sysctl_ctx_list, link);
639 	else
640 		e1 = TAILQ_LAST(clist, sysctl_ctx_list);
641 	while (e1 != NULL) {
642 		sysctl_register_oid(e1->entry);
643 		e1 = TAILQ_PREV(e1, sysctl_ctx_list, link);
644 	}
645 	if (error) {
646 		SYSCTL_WUNLOCK();
647 		return(EBUSY);
648 	}
649 	/* Now really delete the entries */
650 	TAILQ_FOREACH_SAFE(e, clist, link, e1) {
651 		error = sysctl_remove_oid_locked(e->entry, 1, 0);
652 		if (error)
653 			panic("sysctl_remove_oid: corrupt tree, entry: %s",
654 			    e->entry->oid_name);
655 		free(e, M_SYSCTLOID);
656 	}
657 	SYSCTL_WUNLOCK();
658 	TAILQ_INIT(clist);
659 	return (error);
660 }
661 
662 /* Add an entry to the context */
663 struct sysctl_ctx_entry *
sysctl_ctx_entry_add(struct sysctl_ctx_list * clist,struct sysctl_oid * oidp)664 sysctl_ctx_entry_add(struct sysctl_ctx_list *clist, struct sysctl_oid *oidp)
665 {
666 	struct sysctl_ctx_entry *e;
667 
668 	SYSCTL_ASSERT_WLOCKED();
669 	if (clist == NULL || oidp == NULL)
670 		return(NULL);
671 	e = malloc(sizeof(struct sysctl_ctx_entry), M_SYSCTLOID, M_WAITOK);
672 	e->entry = oidp;
673 	TAILQ_INSERT_HEAD(clist, e, link);
674 	return (e);
675 }
676 
677 /* Find an entry in the context */
678 struct sysctl_ctx_entry *
sysctl_ctx_entry_find(struct sysctl_ctx_list * clist,struct sysctl_oid * oidp)679 sysctl_ctx_entry_find(struct sysctl_ctx_list *clist, struct sysctl_oid *oidp)
680 {
681 	struct sysctl_ctx_entry *e;
682 
683 	SYSCTL_ASSERT_WLOCKED();
684 	if (clist == NULL || oidp == NULL)
685 		return(NULL);
686 	TAILQ_FOREACH(e, clist, link) {
687 		if (e->entry == oidp)
688 			return(e);
689 	}
690 	return (e);
691 }
692 
693 /*
694  * Delete an entry from the context.
695  * NOTE: this function doesn't free oidp! You have to remove it
696  * with sysctl_remove_oid().
697  */
698 int
sysctl_ctx_entry_del(struct sysctl_ctx_list * clist,struct sysctl_oid * oidp)699 sysctl_ctx_entry_del(struct sysctl_ctx_list *clist, struct sysctl_oid *oidp)
700 {
701 	struct sysctl_ctx_entry *e;
702 
703 	if (clist == NULL || oidp == NULL)
704 		return (EINVAL);
705 	SYSCTL_WLOCK();
706 	e = sysctl_ctx_entry_find(clist, oidp);
707 	if (e != NULL) {
708 		TAILQ_REMOVE(clist, e, link);
709 		SYSCTL_WUNLOCK();
710 		free(e, M_SYSCTLOID);
711 		return (0);
712 	} else {
713 		SYSCTL_WUNLOCK();
714 		return (ENOENT);
715 	}
716 }
717 
718 /*
719  * Remove dynamically created sysctl trees.
720  * oidp - top of the tree to be removed
721  * del - if 0 - just deregister, otherwise free up entries as well
722  * recurse - if != 0 traverse the subtree to be deleted
723  */
724 int
sysctl_remove_oid(struct sysctl_oid * oidp,int del,int recurse)725 sysctl_remove_oid(struct sysctl_oid *oidp, int del, int recurse)
726 {
727 	int error;
728 
729 	SYSCTL_WLOCK();
730 	error = sysctl_remove_oid_locked(oidp, del, recurse);
731 	SYSCTL_WUNLOCK();
732 	return (error);
733 }
734 
735 int
sysctl_remove_name(struct sysctl_oid * parent,const char * name,int del,int recurse)736 sysctl_remove_name(struct sysctl_oid *parent, const char *name,
737     int del, int recurse)
738 {
739 	struct sysctl_oid *p;
740 	int error;
741 
742 	error = ENOENT;
743 	SYSCTL_WLOCK();
744 	p = sysctl_find_oidname(name, &parent->oid_children);
745 	if (p)
746 		error = sysctl_remove_oid_locked(p, del, recurse);
747 	SYSCTL_WUNLOCK();
748 
749 	return (error);
750 }
751 
752 /*
753  * Duplicate the provided string, escaping any illegal characters.  The result
754  * must be freed when no longer in use.
755  *
756  * The list of illegal characters is ".".
757  */
758 static char*
sysctl_escape_name(const char * orig)759 sysctl_escape_name(const char* orig)
760 {
761 	int i, s = 0, d = 0, nillegals = 0;
762 	char *new;
763 
764 	/* First count the number of illegal characters */
765 	for (i = 0; orig[i] != '\0'; i++) {
766 		if (orig[i] == '.')
767 			nillegals++;
768 	}
769 
770 	/* Allocate storage for new string */
771 	new = malloc(i + 2 * nillegals + 1, M_SYSCTLOID, M_WAITOK);
772 
773 	/* Copy the name, escaping characters as we go */
774 	while (orig[s] != '\0') {
775 		if (orig[s] == '.') {
776 			/* %25 is the hexadecimal representation of '.' */
777 			new[d++] = '%';
778 			new[d++] = '2';
779 			new[d++] = '5';
780 			s++;
781 		} else {
782 			new[d++] = orig[s++];
783 		}
784 	}
785 
786 	/* Finally, nul-terminate */
787 	new[d] = '\0';
788 
789 	return (new);
790 }
791 
792 static int
sysctl_remove_oid_locked(struct sysctl_oid * oidp,int del,int recurse)793 sysctl_remove_oid_locked(struct sysctl_oid *oidp, int del, int recurse)
794 {
795 	struct sysctl_oid *p, *tmp;
796 	int error;
797 
798 	SYSCTL_ASSERT_WLOCKED();
799 	if (oidp == NULL)
800 		return(EINVAL);
801 	if ((oidp->oid_kind & CTLFLAG_DYN) == 0) {
802 		printf("Warning: can't remove non-dynamic nodes (%s)!\n",
803 		    oidp->oid_name);
804 		return (EINVAL);
805 	}
806 	/*
807 	 * WARNING: normal method to do this should be through
808 	 * sysctl_ctx_free(). Use recursing as the last resort
809 	 * method to purge your sysctl tree of leftovers...
810 	 * However, if some other code still references these nodes,
811 	 * it will panic.
812 	 */
813 	if ((oidp->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
814 		if (oidp->oid_refcnt == 1) {
815 			for(p = RB_MIN(sysctl_oid_list, &oidp->oid_children);
816 			    p != NULL; p = tmp) {
817 				if (!recurse) {
818 					printf("Warning: failed attempt to "
819 					    "remove oid %s with child %s\n",
820 					    oidp->oid_name, p->oid_name);
821 					return (ENOTEMPTY);
822 				}
823 				tmp = RB_NEXT(sysctl_oid_list,
824 				    &oidp->oid_children, p);
825 				error = sysctl_remove_oid_locked(p, del,
826 				    recurse);
827 				if (error)
828 					return (error);
829 			}
830 		}
831 	}
832 	if (oidp->oid_refcnt > 1 ) {
833 		oidp->oid_refcnt--;
834 	} else {
835 		if (oidp->oid_refcnt == 0) {
836 			printf("Warning: bad oid_refcnt=%u (%s)!\n",
837 				oidp->oid_refcnt, oidp->oid_name);
838 			return (EINVAL);
839 		}
840 		sysctl_unregister_oid(oidp);
841 		if (del) {
842 			/*
843 			 * Wait for all threads running the handler to drain.
844 			 * This preserves the previous behavior when the
845 			 * sysctl lock was held across a handler invocation,
846 			 * and is necessary for module unload correctness.
847 			 */
848 			while (oidp->oid_running > 0) {
849 				oidp->oid_kind |= CTLFLAG_DYING;
850 				SYSCTL_SLEEP(&oidp->oid_running, "oidrm", 0);
851 			}
852 			if (oidp->oid_descr)
853 				free(__DECONST(char *, oidp->oid_descr),
854 				    M_SYSCTLOID);
855 			if (oidp->oid_label)
856 				free(__DECONST(char *, oidp->oid_label),
857 				    M_SYSCTLOID);
858 			free(__DECONST(char *, oidp->oid_name), M_SYSCTLOID);
859 			free(oidp, M_SYSCTLOID);
860 		}
861 	}
862 	return (0);
863 }
864 /*
865  * Create new sysctls at run time.
866  * clist may point to a valid context initialized with sysctl_ctx_init().
867  */
868 struct sysctl_oid *
sysctl_add_oid(struct sysctl_ctx_list * clist,struct sysctl_oid_list * parent,int number,const char * name,int kind,void * arg1,intmax_t arg2,int (* handler)(SYSCTL_HANDLER_ARGS),const char * fmt,const char * descr,const char * label)869 sysctl_add_oid(struct sysctl_ctx_list *clist, struct sysctl_oid_list *parent,
870 	int number, const char *name, int kind, void *arg1, intmax_t arg2,
871 	int (*handler)(SYSCTL_HANDLER_ARGS), const char *fmt, const char *descr,
872 	const char *label)
873 {
874 	struct sysctl_oid *oidp;
875 	char *escaped;
876 
877 	/* You have to hook up somewhere.. */
878 	if (parent == NULL)
879 		return(NULL);
880 	escaped = sysctl_escape_name(name);
881 	/* Check if the node already exists, otherwise create it */
882 	SYSCTL_WLOCK();
883 	oidp = sysctl_find_oidname(escaped, parent);
884 	if (oidp != NULL) {
885 		free(escaped, M_SYSCTLOID);
886 		if ((oidp->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
887 			oidp->oid_refcnt++;
888 			/* Update the context */
889 			if (clist != NULL)
890 				sysctl_ctx_entry_add(clist, oidp);
891 			SYSCTL_WUNLOCK();
892 			return (oidp);
893 		} else {
894 			sysctl_warn_reuse(__func__, oidp);
895 			SYSCTL_WUNLOCK();
896 			return (NULL);
897 		}
898 	}
899 	oidp = malloc(sizeof(struct sysctl_oid), M_SYSCTLOID, M_WAITOK|M_ZERO);
900 	oidp->oid_parent = parent;
901 	RB_INIT(&oidp->oid_children);
902 	oidp->oid_number = number;
903 	oidp->oid_refcnt = 1;
904 	oidp->oid_name = escaped;
905 	oidp->oid_handler = handler;
906 	oidp->oid_kind = CTLFLAG_DYN | kind;
907 	oidp->oid_arg1 = arg1;
908 	oidp->oid_arg2 = arg2;
909 	oidp->oid_fmt = fmt;
910 	if (descr != NULL)
911 		oidp->oid_descr = strdup(descr, M_SYSCTLOID);
912 	if (label != NULL)
913 		oidp->oid_label = strdup(label, M_SYSCTLOID);
914 	/* Update the context, if used */
915 	if (clist != NULL)
916 		sysctl_ctx_entry_add(clist, oidp);
917 	/* Register this oid */
918 	sysctl_register_oid(oidp);
919 	SYSCTL_WUNLOCK();
920 	return (oidp);
921 }
922 
923 /*
924  * Rename an existing oid.
925  */
926 void
sysctl_rename_oid(struct sysctl_oid * oidp,const char * name)927 sysctl_rename_oid(struct sysctl_oid *oidp, const char *name)
928 {
929 	char *newname;
930 	char *oldname;
931 
932 	newname = strdup(name, M_SYSCTLOID);
933 	SYSCTL_WLOCK();
934 	oldname = __DECONST(char *, oidp->oid_name);
935 	oidp->oid_name = newname;
936 	SYSCTL_WUNLOCK();
937 	free(oldname, M_SYSCTLOID);
938 }
939 
940 /*
941  * Reparent an existing oid.
942  */
943 int
sysctl_move_oid(struct sysctl_oid * oid,struct sysctl_oid_list * parent)944 sysctl_move_oid(struct sysctl_oid *oid, struct sysctl_oid_list *parent)
945 {
946 	struct sysctl_oid *oidp;
947 
948 	SYSCTL_WLOCK();
949 	if (oid->oid_parent == parent) {
950 		SYSCTL_WUNLOCK();
951 		return (0);
952 	}
953 	oidp = sysctl_find_oidname(oid->oid_name, parent);
954 	if (oidp != NULL) {
955 		SYSCTL_WUNLOCK();
956 		return (EEXIST);
957 	}
958 	sysctl_unregister_oid(oid);
959 	oid->oid_parent = parent;
960 	oid->oid_number = OID_AUTO;
961 	sysctl_register_oid(oid);
962 	SYSCTL_WUNLOCK();
963 	return (0);
964 }
965 
966 /*
967  * Register the kernel's oids on startup.
968  */
969 SET_DECLARE(sysctl_set, struct sysctl_oid);
970 
971 static void
sysctl_register_all(void * arg)972 sysctl_register_all(void *arg)
973 {
974 	struct sysctl_oid **oidp;
975 
976 	sx_init(&sysctlmemlock, "sysctl mem");
977 	sx_init(&sysctlstringlock, "sysctl string handler");
978 	SYSCTL_INIT();
979 	SYSCTL_WLOCK();
980 	SET_FOREACH(oidp, sysctl_set)
981 		sysctl_register_oid(*oidp);
982 	SYSCTL_WUNLOCK();
983 }
984 SYSINIT(sysctl, SI_SUB_KMEM, SI_ORDER_FIRST, sysctl_register_all, NULL);
985 
986 /*
987  * "Staff-functions"
988  *
989  * These functions implement a presently undocumented interface
990  * used by the sysctl program to walk the tree, and get the type
991  * so it can print the value.
992  * This interface is under work and consideration, and should probably
993  * be killed with a big axe by the first person who can find the time.
994  * (be aware though, that the proper interface isn't as obvious as it
995  * may seem, there are various conflicting requirements.
996  *
997  * {CTL_SYSCTL, CTL_SYSCTL_DEBUG}		printf the entire MIB-tree.
998  * {CTL_SYSCTL, CTL_SYSCTL_NAME, ...}		return the name of the "..."
999  *						OID.
1000  * {CTL_SYSCTL, CTL_SYSCTL_NEXT, ...}		return the next OID, honoring
1001  *						CTLFLAG_SKIP.
1002  * {CTL_SYSCTL, CTL_SYSCTL_NAME2OID}		return the OID of the name in
1003  *						"new"
1004  * {CTL_SYSCTL, CTL_SYSCTL_OIDFMT, ...}		return the kind & format info
1005  *						for the "..." OID.
1006  * {CTL_SYSCTL, CTL_SYSCTL_OIDDESCR, ...}	return the description of the
1007  *						"..." OID.
1008  * {CTL_SYSCTL, CTL_SYSCTL_OIDLABEL, ...}	return the aggregation label of
1009  *						the "..." OID.
1010  * {CTL_SYSCTL, CTL_SYSCTL_NEXTNOSKIP, ...}	return the next OID, ignoring
1011  *						CTLFLAG_SKIP.
1012  */
1013 
1014 #ifdef SYSCTL_DEBUG
1015 static void
sysctl_sysctl_debug_dump_node(struct sysctl_oid_list * l,int i)1016 sysctl_sysctl_debug_dump_node(struct sysctl_oid_list *l, int i)
1017 {
1018 	int k;
1019 	struct sysctl_oid *oidp;
1020 
1021 	SYSCTL_ASSERT_LOCKED();
1022 	SYSCTL_FOREACH(oidp, l) {
1023 		for (k=0; k<i; k++)
1024 			printf(" ");
1025 
1026 		printf("%d %s ", oidp->oid_number, oidp->oid_name);
1027 
1028 		printf("%c%c",
1029 			oidp->oid_kind & CTLFLAG_RD ? 'R':' ',
1030 			oidp->oid_kind & CTLFLAG_WR ? 'W':' ');
1031 
1032 		if (oidp->oid_handler)
1033 			printf(" *Handler");
1034 
1035 		switch (oidp->oid_kind & CTLTYPE) {
1036 			case CTLTYPE_NODE:
1037 				printf(" Node\n");
1038 				if (!oidp->oid_handler) {
1039 					sysctl_sysctl_debug_dump_node(
1040 					    SYSCTL_CHILDREN(oidp), i + 2);
1041 				}
1042 				break;
1043 			case CTLTYPE_INT:    printf(" Int\n"); break;
1044 			case CTLTYPE_UINT:   printf(" u_int\n"); break;
1045 			case CTLTYPE_LONG:   printf(" Long\n"); break;
1046 			case CTLTYPE_ULONG:  printf(" u_long\n"); break;
1047 			case CTLTYPE_STRING: printf(" String\n"); break;
1048 			case CTLTYPE_S8:     printf(" int8_t\n"); break;
1049 			case CTLTYPE_S16:    printf(" int16_t\n"); break;
1050 			case CTLTYPE_S32:    printf(" int32_t\n"); break;
1051 			case CTLTYPE_S64:    printf(" int64_t\n"); break;
1052 			case CTLTYPE_U8:     printf(" uint8_t\n"); break;
1053 			case CTLTYPE_U16:    printf(" uint16_t\n"); break;
1054 			case CTLTYPE_U32:    printf(" uint32_t\n"); break;
1055 			case CTLTYPE_U64:    printf(" uint64_t\n"); break;
1056 			case CTLTYPE_OPAQUE: printf(" Opaque/struct\n"); break;
1057 			default:	     printf("\n");
1058 		}
1059 	}
1060 }
1061 
1062 static int
sysctl_sysctl_debug(SYSCTL_HANDLER_ARGS)1063 sysctl_sysctl_debug(SYSCTL_HANDLER_ARGS)
1064 {
1065 	struct rm_priotracker tracker;
1066 	int error;
1067 
1068 	error = priv_check(req->td, PRIV_SYSCTL_DEBUG);
1069 	if (error)
1070 		return (error);
1071 	SYSCTL_RLOCK(&tracker);
1072 	sysctl_sysctl_debug_dump_node(&sysctl__children, 0);
1073 	SYSCTL_RUNLOCK(&tracker);
1074 	return (ENOENT);
1075 }
1076 
1077 SYSCTL_PROC(_sysctl, CTL_SYSCTL_DEBUG, debug, CTLTYPE_STRING | CTLFLAG_RD |
1078     CTLFLAG_MPSAFE, 0, 0, sysctl_sysctl_debug, "-", "");
1079 #endif
1080 
1081 static int
sysctl_sysctl_name(SYSCTL_HANDLER_ARGS)1082 sysctl_sysctl_name(SYSCTL_HANDLER_ARGS)
1083 {
1084 	int *name = (int *) arg1;
1085 	u_int namelen = arg2;
1086 	int error;
1087 	struct sysctl_oid *oid, key;
1088 	struct sysctl_oid_list *lsp = &sysctl__children, *lsp2;
1089 	struct rm_priotracker tracker;
1090 	char buf[10];
1091 
1092 	error = sysctl_wire_old_buffer(req, 0);
1093 	if (error)
1094 		return (error);
1095 
1096 	SYSCTL_RLOCK(&tracker);
1097 	while (namelen) {
1098 		if (!lsp) {
1099 			snprintf(buf,sizeof(buf),"%d",*name);
1100 			if (req->oldidx)
1101 				error = SYSCTL_OUT(req, ".", 1);
1102 			if (!error)
1103 				error = SYSCTL_OUT(req, buf, strlen(buf));
1104 			if (error)
1105 				goto out;
1106 			namelen--;
1107 			name++;
1108 			continue;
1109 		}
1110 		lsp2 = NULL;
1111 		key.oid_number = *name;
1112 		oid = RB_FIND(sysctl_oid_list, lsp, &key);
1113 		if (oid) {
1114 			if (req->oldidx)
1115 				error = SYSCTL_OUT(req, ".", 1);
1116 			if (!error)
1117 				error = SYSCTL_OUT(req, oid->oid_name,
1118 					strlen(oid->oid_name));
1119 			if (error)
1120 				goto out;
1121 
1122 			namelen--;
1123 			name++;
1124 
1125 			if ((oid->oid_kind & CTLTYPE) == CTLTYPE_NODE &&
1126 				!oid->oid_handler)
1127 				lsp2 = SYSCTL_CHILDREN(oid);
1128 		}
1129 		lsp = lsp2;
1130 	}
1131 	error = SYSCTL_OUT(req, "", 1);
1132  out:
1133 	SYSCTL_RUNLOCK(&tracker);
1134 	return (error);
1135 }
1136 
1137 /*
1138  * XXXRW/JA: Shouldn't return name data for nodes that we don't permit in
1139  * capability mode.
1140  */
1141 static SYSCTL_NODE(_sysctl, CTL_SYSCTL_NAME, name, CTLFLAG_RD |
1142     CTLFLAG_MPSAFE | CTLFLAG_CAPRD, sysctl_sysctl_name, "");
1143 
1144 enum sysctl_iter_action {
1145 	ITER_SIBLINGS,	/* Not matched, continue iterating siblings */
1146 	ITER_CHILDREN,	/* Node has children we need to iterate over them */
1147 	ITER_FOUND,	/* Matching node was found */
1148 };
1149 
1150 /*
1151  * Tries to find the next node for @name and @namelen.
1152  *
1153  * Returns next action to take.
1154  */
1155 static enum sysctl_iter_action
sysctl_sysctl_next_node(struct sysctl_oid * oidp,int * name,unsigned int namelen,bool honor_skip)1156 sysctl_sysctl_next_node(struct sysctl_oid *oidp, int *name, unsigned int namelen,
1157     bool honor_skip)
1158 {
1159 
1160 	if ((oidp->oid_kind & CTLFLAG_DORMANT) != 0)
1161 		return (ITER_SIBLINGS);
1162 
1163 	if (honor_skip && (oidp->oid_kind & CTLFLAG_SKIP) != 0)
1164 		return (ITER_SIBLINGS);
1165 
1166 	if (namelen == 0) {
1167 		/*
1168 		 * We have reached a node with a full name match and are
1169 		 * looking for the next oid in its children.
1170 		 *
1171 		 * For CTL_SYSCTL_NEXTNOSKIP we are done.
1172 		 *
1173 		 * For CTL_SYSCTL_NEXT we skip CTLTYPE_NODE (unless it
1174 		 * has a handler) and move on to the children.
1175 		 */
1176 		if (!honor_skip)
1177 			return (ITER_FOUND);
1178 		if ((oidp->oid_kind & CTLTYPE) != CTLTYPE_NODE)
1179 			return (ITER_FOUND);
1180 		/* If node does not have an iterator, treat it as leaf */
1181 		if (oidp->oid_handler)
1182 			return (ITER_FOUND);
1183 
1184 		/* Report oid as a node to iterate */
1185 		return (ITER_CHILDREN);
1186 	}
1187 
1188 	/*
1189 	 * No match yet. Continue seeking the given name.
1190 	 *
1191 	 * We are iterating in order by oid_number, so skip oids lower
1192 	 * than the one we are looking for.
1193 	 *
1194 	 * When the current oid_number is higher than the one we seek,
1195 	 * that means we have reached the next oid in the sequence and
1196 	 * should return it.
1197 	 *
1198 	 * If the oid_number matches the name at this level then we
1199 	 * have to find a node to continue searching at the next level.
1200 	 */
1201 	if (oidp->oid_number < *name)
1202 		return (ITER_SIBLINGS);
1203 	if (oidp->oid_number > *name) {
1204 		/*
1205 		 * We have reached the next oid.
1206 		 *
1207 		 * For CTL_SYSCTL_NEXTNOSKIP we are done.
1208 		 *
1209 		 * For CTL_SYSCTL_NEXT we skip CTLTYPE_NODE (unless it
1210 		 * has a handler) and move on to the children.
1211 		 */
1212 		if (!honor_skip)
1213 			return (ITER_FOUND);
1214 		if ((oidp->oid_kind & CTLTYPE) != CTLTYPE_NODE)
1215 			return (ITER_FOUND);
1216 		/* If node does not have an iterator, treat it as leaf */
1217 		if (oidp->oid_handler)
1218 			return (ITER_FOUND);
1219 		return (ITER_CHILDREN);
1220 	}
1221 
1222 	/* match at a current level */
1223 	if ((oidp->oid_kind & CTLTYPE) != CTLTYPE_NODE)
1224 		return (ITER_SIBLINGS);
1225 	if (oidp->oid_handler)
1226 		return (ITER_SIBLINGS);
1227 
1228 	return (ITER_CHILDREN);
1229 }
1230 
1231 /*
1232  * Recursively walk the sysctl subtree at lsp until we find the given name.
1233  * Returns true and fills in next oid data in @next and @len if oid is found.
1234  */
1235 static bool
sysctl_sysctl_next_action(struct sysctl_oid_list * lsp,int * name,u_int namelen,int * next,int * len,int level,bool honor_skip)1236 sysctl_sysctl_next_action(struct sysctl_oid_list *lsp, int *name, u_int namelen,
1237     int *next, int *len, int level, bool honor_skip)
1238 {
1239 	struct sysctl_oid_list *next_lsp;
1240 	struct sysctl_oid *oidp = NULL, key;
1241 	bool success = false;
1242 	enum sysctl_iter_action action;
1243 
1244 	SYSCTL_ASSERT_LOCKED();
1245 	/*
1246 	 * Start the search at the requested oid.  But if not found, then scan
1247 	 * through all children.
1248 	 */
1249 	if (namelen > 0) {
1250 		key.oid_number = *name;
1251 		oidp = RB_FIND(sysctl_oid_list, lsp, &key);
1252 	}
1253 	if (!oidp)
1254 		oidp = RB_MIN(sysctl_oid_list, lsp);
1255 	for(; oidp != NULL; oidp = RB_NEXT(sysctl_oid_list, lsp, oidp)) {
1256 		action = sysctl_sysctl_next_node(oidp, name, namelen,
1257 		    honor_skip);
1258 		if (action == ITER_SIBLINGS)
1259 			continue;
1260 		if (action == ITER_FOUND) {
1261 			success = true;
1262 			break;
1263 		}
1264 		KASSERT((action== ITER_CHILDREN), ("ret(%d)!=ITER_CHILDREN", action));
1265 
1266 		next_lsp = SYSCTL_CHILDREN(oidp);
1267 		if (namelen == 0) {
1268 			success = sysctl_sysctl_next_action(next_lsp, NULL, 0,
1269 			    next + 1, len, level + 1, honor_skip);
1270 		} else {
1271 			success = sysctl_sysctl_next_action(next_lsp, name + 1,
1272 			    namelen - 1, next + 1, len, level + 1, honor_skip);
1273 			if (!success) {
1274 
1275 				/*
1276 				 * We maintain the invariant that current node oid
1277 				 * is >= the oid provided in @name.
1278 				 * As there are no usable children at this node,
1279 				 *  current node oid is strictly > than the requested
1280 				 *  oid.
1281 				 * Hence, reduce namelen to 0 to allow for picking first
1282 				 *  nodes/leafs in the next node in list.
1283 				 */
1284 				namelen = 0;
1285 			}
1286 		}
1287 		if (success)
1288 			break;
1289 	}
1290 
1291 	if (success) {
1292 		*next = oidp->oid_number;
1293 		if (level > *len)
1294 			*len = level;
1295 	}
1296 
1297 	return (success);
1298 }
1299 
1300 static int
sysctl_sysctl_next(SYSCTL_HANDLER_ARGS)1301 sysctl_sysctl_next(SYSCTL_HANDLER_ARGS)
1302 {
1303 	int *name = (int *) arg1;
1304 	u_int namelen = arg2;
1305 	int len, error;
1306 	bool success;
1307 	struct sysctl_oid_list *lsp = &sysctl__children;
1308 	struct rm_priotracker tracker;
1309 	int next[CTL_MAXNAME];
1310 
1311 	len = 0;
1312 	SYSCTL_RLOCK(&tracker);
1313 	success = sysctl_sysctl_next_action(lsp, name, namelen, next, &len, 1,
1314 	    oidp->oid_number == CTL_SYSCTL_NEXT);
1315 	SYSCTL_RUNLOCK(&tracker);
1316 	if (!success)
1317 		return (ENOENT);
1318 	error = SYSCTL_OUT(req, next, len * sizeof (int));
1319 	return (error);
1320 }
1321 
1322 /*
1323  * XXXRW/JA: Shouldn't return next data for nodes that we don't permit in
1324  * capability mode.
1325  */
1326 static SYSCTL_NODE(_sysctl, CTL_SYSCTL_NEXT, next, CTLFLAG_RD |
1327     CTLFLAG_MPSAFE | CTLFLAG_CAPRD, sysctl_sysctl_next, "");
1328 
1329 static SYSCTL_NODE(_sysctl, CTL_SYSCTL_NEXTNOSKIP, nextnoskip, CTLFLAG_RD |
1330     CTLFLAG_MPSAFE | CTLFLAG_CAPRD, sysctl_sysctl_next, "");
1331 
1332 static int
name2oid(const char * name,int * oid,int * len,struct sysctl_oid ** oidpp)1333 name2oid(const char *name, int *oid, int *len, struct sysctl_oid **oidpp)
1334 {
1335 	struct sysctl_oid *oidp;
1336 	struct sysctl_oid_list *lsp = &sysctl__children;
1337 	const char *n;
1338 
1339 	SYSCTL_ASSERT_LOCKED();
1340 
1341 	for (*len = 0; *len < CTL_MAXNAME;) {
1342 		n = strchrnul(name, '.');
1343 		oidp = sysctl_find_oidnamelen(name, n - name, lsp);
1344 		if (oidp == NULL)
1345 			return (ENOENT);
1346 		*oid++ = oidp->oid_number;
1347 		(*len)++;
1348 
1349 		name = n;
1350 		if (*name == '.')
1351 			name++;
1352 		if (*name == '\0') {
1353 			if (oidpp)
1354 				*oidpp = oidp;
1355 			return (0);
1356 		}
1357 
1358 		if ((oidp->oid_kind & CTLTYPE) != CTLTYPE_NODE)
1359 			break;
1360 
1361 		if (oidp->oid_handler)
1362 			break;
1363 
1364 		lsp = SYSCTL_CHILDREN(oidp);
1365 	}
1366 	return (ENOENT);
1367 }
1368 
1369 static int
sysctl_sysctl_name2oid(SYSCTL_HANDLER_ARGS)1370 sysctl_sysctl_name2oid(SYSCTL_HANDLER_ARGS)
1371 {
1372 	char *p;
1373 	int error, oid[CTL_MAXNAME], len = 0;
1374 	struct sysctl_oid *op = NULL;
1375 	struct rm_priotracker tracker;
1376 	char buf[32];
1377 
1378 	if (!req->newlen)
1379 		return (ENOENT);
1380 	if (req->newlen >= MAXPATHLEN)	/* XXX arbitrary, undocumented */
1381 		return (ENAMETOOLONG);
1382 
1383 	p = buf;
1384 	if (req->newlen >= sizeof(buf))
1385 		p = malloc(req->newlen+1, M_SYSCTL, M_WAITOK);
1386 
1387 	error = SYSCTL_IN(req, p, req->newlen);
1388 	if (error) {
1389 		if (p != buf)
1390 			free(p, M_SYSCTL);
1391 		return (error);
1392 	}
1393 
1394 	p [req->newlen] = '\0';
1395 
1396 	SYSCTL_RLOCK(&tracker);
1397 	error = name2oid(p, oid, &len, &op);
1398 	SYSCTL_RUNLOCK(&tracker);
1399 
1400 	if (p != buf)
1401 		free(p, M_SYSCTL);
1402 
1403 	if (error)
1404 		return (error);
1405 
1406 	error = SYSCTL_OUT(req, oid, len * sizeof *oid);
1407 	return (error);
1408 }
1409 
1410 /*
1411  * XXXRW/JA: Shouldn't return name2oid data for nodes that we don't permit in
1412  * capability mode.
1413  */
1414 SYSCTL_PROC(_sysctl, CTL_SYSCTL_NAME2OID, name2oid, CTLTYPE_INT | CTLFLAG_RW |
1415     CTLFLAG_ANYBODY | CTLFLAG_MPSAFE | CTLFLAG_CAPRW, 0, 0,
1416     sysctl_sysctl_name2oid, "I", "");
1417 
1418 static int
sysctl_sysctl_oidfmt(SYSCTL_HANDLER_ARGS)1419 sysctl_sysctl_oidfmt(SYSCTL_HANDLER_ARGS)
1420 {
1421 	struct sysctl_oid *oid;
1422 	struct rm_priotracker tracker;
1423 	int error;
1424 
1425 	error = sysctl_wire_old_buffer(req, 0);
1426 	if (error)
1427 		return (error);
1428 
1429 	SYSCTL_RLOCK(&tracker);
1430 	error = sysctl_find_oid(arg1, arg2, &oid, NULL, req);
1431 	if (error)
1432 		goto out;
1433 
1434 	if (oid->oid_fmt == NULL) {
1435 		error = ENOENT;
1436 		goto out;
1437 	}
1438 	error = SYSCTL_OUT(req, &oid->oid_kind, sizeof(oid->oid_kind));
1439 	if (error)
1440 		goto out;
1441 	error = SYSCTL_OUT(req, oid->oid_fmt, strlen(oid->oid_fmt) + 1);
1442  out:
1443 	SYSCTL_RUNLOCK(&tracker);
1444 	return (error);
1445 }
1446 
1447 static SYSCTL_NODE(_sysctl, CTL_SYSCTL_OIDFMT, oidfmt, CTLFLAG_RD |
1448     CTLFLAG_MPSAFE | CTLFLAG_CAPRD, sysctl_sysctl_oidfmt, "");
1449 
1450 static int
sysctl_sysctl_oiddescr(SYSCTL_HANDLER_ARGS)1451 sysctl_sysctl_oiddescr(SYSCTL_HANDLER_ARGS)
1452 {
1453 	struct sysctl_oid *oid;
1454 	struct rm_priotracker tracker;
1455 	int error;
1456 
1457 	error = sysctl_wire_old_buffer(req, 0);
1458 	if (error)
1459 		return (error);
1460 
1461 	SYSCTL_RLOCK(&tracker);
1462 	error = sysctl_find_oid(arg1, arg2, &oid, NULL, req);
1463 	if (error)
1464 		goto out;
1465 
1466 	if (oid->oid_descr == NULL) {
1467 		error = ENOENT;
1468 		goto out;
1469 	}
1470 	error = SYSCTL_OUT(req, oid->oid_descr, strlen(oid->oid_descr) + 1);
1471  out:
1472 	SYSCTL_RUNLOCK(&tracker);
1473 	return (error);
1474 }
1475 
1476 static SYSCTL_NODE(_sysctl, CTL_SYSCTL_OIDDESCR, oiddescr, CTLFLAG_RD |
1477     CTLFLAG_MPSAFE|CTLFLAG_CAPRD, sysctl_sysctl_oiddescr, "");
1478 
1479 static int
sysctl_sysctl_oidlabel(SYSCTL_HANDLER_ARGS)1480 sysctl_sysctl_oidlabel(SYSCTL_HANDLER_ARGS)
1481 {
1482 	struct sysctl_oid *oid;
1483 	struct rm_priotracker tracker;
1484 	int error;
1485 
1486 	error = sysctl_wire_old_buffer(req, 0);
1487 	if (error)
1488 		return (error);
1489 
1490 	SYSCTL_RLOCK(&tracker);
1491 	error = sysctl_find_oid(arg1, arg2, &oid, NULL, req);
1492 	if (error)
1493 		goto out;
1494 
1495 	if (oid->oid_label == NULL) {
1496 		error = ENOENT;
1497 		goto out;
1498 	}
1499 	error = SYSCTL_OUT(req, oid->oid_label, strlen(oid->oid_label) + 1);
1500  out:
1501 	SYSCTL_RUNLOCK(&tracker);
1502 	return (error);
1503 }
1504 
1505 static SYSCTL_NODE(_sysctl, CTL_SYSCTL_OIDLABEL, oidlabel, CTLFLAG_RD |
1506     CTLFLAG_MPSAFE | CTLFLAG_CAPRD, sysctl_sysctl_oidlabel, "");
1507 
1508 /*
1509  * Default "handler" functions.
1510  */
1511 
1512 /*
1513  * Handle a bool.
1514  * Two cases:
1515  *     a variable:  point arg1 at it.
1516  *     a constant:  pass it in arg2.
1517  */
1518 
1519 int
sysctl_handle_bool(SYSCTL_HANDLER_ARGS)1520 sysctl_handle_bool(SYSCTL_HANDLER_ARGS)
1521 {
1522 	uint8_t temp;
1523 	int error;
1524 
1525 	/*
1526 	 * Attempt to get a coherent snapshot by making a copy of the data.
1527 	 */
1528 	if (arg1)
1529 		temp = *(bool *)arg1 ? 1 : 0;
1530 	else
1531 		temp = arg2 ? 1 : 0;
1532 
1533 	error = SYSCTL_OUT(req, &temp, sizeof(temp));
1534 	if (error || !req->newptr)
1535 		return (error);
1536 
1537 	if (!arg1)
1538 		error = EPERM;
1539 	else {
1540 		error = SYSCTL_IN(req, &temp, sizeof(temp));
1541 		if (!error)
1542 			*(bool *)arg1 = temp ? 1 : 0;
1543 	}
1544 	return (error);
1545 }
1546 
1547 /*
1548  * Handle an int8_t, signed or unsigned.
1549  * Two cases:
1550  *     a variable:  point arg1 at it.
1551  *     a constant:  pass it in arg2.
1552  */
1553 
1554 int
sysctl_handle_8(SYSCTL_HANDLER_ARGS)1555 sysctl_handle_8(SYSCTL_HANDLER_ARGS)
1556 {
1557 	int8_t tmpout;
1558 	int error = 0;
1559 
1560 	/*
1561 	 * Attempt to get a coherent snapshot by making a copy of the data.
1562 	 */
1563 	if (arg1)
1564 		tmpout = *(int8_t *)arg1;
1565 	else
1566 		tmpout = arg2;
1567 	error = SYSCTL_OUT(req, &tmpout, sizeof(tmpout));
1568 
1569 	if (error || !req->newptr)
1570 		return (error);
1571 
1572 	if (!arg1)
1573 		error = EPERM;
1574 	else
1575 		error = SYSCTL_IN(req, arg1, sizeof(tmpout));
1576 	return (error);
1577 }
1578 
1579 /*
1580  * Handle an int16_t, signed or unsigned.
1581  * Two cases:
1582  *     a variable:  point arg1 at it.
1583  *     a constant:  pass it in arg2.
1584  */
1585 
1586 int
sysctl_handle_16(SYSCTL_HANDLER_ARGS)1587 sysctl_handle_16(SYSCTL_HANDLER_ARGS)
1588 {
1589 	int16_t tmpout;
1590 	int error = 0;
1591 
1592 	/*
1593 	 * Attempt to get a coherent snapshot by making a copy of the data.
1594 	 */
1595 	if (arg1)
1596 		tmpout = *(int16_t *)arg1;
1597 	else
1598 		tmpout = arg2;
1599 	error = SYSCTL_OUT(req, &tmpout, sizeof(tmpout));
1600 
1601 	if (error || !req->newptr)
1602 		return (error);
1603 
1604 	if (!arg1)
1605 		error = EPERM;
1606 	else
1607 		error = SYSCTL_IN(req, arg1, sizeof(tmpout));
1608 	return (error);
1609 }
1610 
1611 /*
1612  * Handle an int32_t, signed or unsigned.
1613  * Two cases:
1614  *     a variable:  point arg1 at it.
1615  *     a constant:  pass it in arg2.
1616  */
1617 
1618 int
sysctl_handle_32(SYSCTL_HANDLER_ARGS)1619 sysctl_handle_32(SYSCTL_HANDLER_ARGS)
1620 {
1621 	int32_t tmpout;
1622 	int error = 0;
1623 
1624 	/*
1625 	 * Attempt to get a coherent snapshot by making a copy of the data.
1626 	 */
1627 	if (arg1)
1628 		tmpout = *(int32_t *)arg1;
1629 	else
1630 		tmpout = arg2;
1631 	error = SYSCTL_OUT(req, &tmpout, sizeof(tmpout));
1632 
1633 	if (error || !req->newptr)
1634 		return (error);
1635 
1636 	if (!arg1)
1637 		error = EPERM;
1638 	else
1639 		error = SYSCTL_IN(req, arg1, sizeof(tmpout));
1640 	return (error);
1641 }
1642 
1643 /*
1644  * Handle an int, signed or unsigned.
1645  * Two cases:
1646  *     a variable:  point arg1 at it.
1647  *     a constant:  pass it in arg2.
1648  */
1649 
1650 int
sysctl_handle_int(SYSCTL_HANDLER_ARGS)1651 sysctl_handle_int(SYSCTL_HANDLER_ARGS)
1652 {
1653 	int tmpout, error = 0;
1654 
1655 	/*
1656 	 * Attempt to get a coherent snapshot by making a copy of the data.
1657 	 */
1658 	if (arg1)
1659 		tmpout = *(int *)arg1;
1660 	else
1661 		tmpout = arg2;
1662 	error = SYSCTL_OUT(req, &tmpout, sizeof(int));
1663 
1664 	if (error || !req->newptr)
1665 		return (error);
1666 
1667 	if (!arg1)
1668 		error = EPERM;
1669 	else
1670 		error = SYSCTL_IN(req, arg1, sizeof(int));
1671 	return (error);
1672 }
1673 
1674 /*
1675  * Based on sysctl_handle_int() convert milliseconds into ticks.
1676  * Note: this is used by TCP.
1677  */
1678 
1679 int
sysctl_msec_to_ticks(SYSCTL_HANDLER_ARGS)1680 sysctl_msec_to_ticks(SYSCTL_HANDLER_ARGS)
1681 {
1682 	int error, s, tt;
1683 
1684 	tt = *(int *)arg1;
1685 	s = (int)((int64_t)tt * 1000 / hz);
1686 
1687 	error = sysctl_handle_int(oidp, &s, 0, req);
1688 	if (error || !req->newptr)
1689 		return (error);
1690 
1691 	tt = (int)((int64_t)s * hz / 1000);
1692 	if (tt < 1)
1693 		return (EINVAL);
1694 
1695 	*(int *)arg1 = tt;
1696 	return (0);
1697 }
1698 
1699 /*
1700  * Handle a long, signed or unsigned.
1701  * Two cases:
1702  *     a variable:  point arg1 at it.
1703  *     a constant:  pass it in arg2.
1704  */
1705 
1706 int
sysctl_handle_long(SYSCTL_HANDLER_ARGS)1707 sysctl_handle_long(SYSCTL_HANDLER_ARGS)
1708 {
1709 	int error = 0;
1710 	long tmplong;
1711 #ifdef SCTL_MASK32
1712 	int tmpint;
1713 #endif
1714 
1715 	/*
1716 	 * Attempt to get a coherent snapshot by making a copy of the data.
1717 	 */
1718 	if (arg1)
1719 		tmplong = *(long *)arg1;
1720 	else
1721 		tmplong = arg2;
1722 #ifdef SCTL_MASK32
1723 	if (req->flags & SCTL_MASK32) {
1724 		tmpint = tmplong;
1725 		error = SYSCTL_OUT(req, &tmpint, sizeof(int));
1726 	} else
1727 #endif
1728 		error = SYSCTL_OUT(req, &tmplong, sizeof(long));
1729 
1730 	if (error || !req->newptr)
1731 		return (error);
1732 
1733 	if (!arg1)
1734 		error = EPERM;
1735 #ifdef SCTL_MASK32
1736 	else if (req->flags & SCTL_MASK32) {
1737 		error = SYSCTL_IN(req, &tmpint, sizeof(int));
1738 		*(long *)arg1 = (long)tmpint;
1739 	}
1740 #endif
1741 	else
1742 		error = SYSCTL_IN(req, arg1, sizeof(long));
1743 	return (error);
1744 }
1745 
1746 /*
1747  * Handle a 64 bit int, signed or unsigned.
1748  * Two cases:
1749  *     a variable:  point arg1 at it.
1750  *     a constant:  pass it in arg2.
1751  */
1752 int
sysctl_handle_64(SYSCTL_HANDLER_ARGS)1753 sysctl_handle_64(SYSCTL_HANDLER_ARGS)
1754 {
1755 	int error = 0;
1756 	uint64_t tmpout;
1757 
1758 	/*
1759 	 * Attempt to get a coherent snapshot by making a copy of the data.
1760 	 */
1761 	if (arg1)
1762 		tmpout = *(uint64_t *)arg1;
1763 	else
1764 		tmpout = arg2;
1765 	error = SYSCTL_OUT(req, &tmpout, sizeof(uint64_t));
1766 
1767 	if (error || !req->newptr)
1768 		return (error);
1769 
1770 	if (!arg1)
1771 		error = EPERM;
1772 	else
1773 		error = SYSCTL_IN(req, arg1, sizeof(uint64_t));
1774 	return (error);
1775 }
1776 
1777 /*
1778  * Handle our generic '\0' terminated 'C' string.
1779  * Two cases:
1780  * 	a variable string:  point arg1 at it, arg2 is max length.
1781  * 	a constant string:  point arg1 at it, arg2 is zero.
1782  */
1783 
1784 int
sysctl_handle_string(SYSCTL_HANDLER_ARGS)1785 sysctl_handle_string(SYSCTL_HANDLER_ARGS)
1786 {
1787 	char *tmparg;
1788 	int error = 0;
1789 
1790 	/*
1791 	 * If the sysctl isn't writable and isn't a preallocated tunable that
1792 	 * can be modified by kenv(2), microoptimise and treat it as a
1793 	 * read-only string.
1794 	 * A zero-length buffer indicates a fixed size read-only
1795 	 * string.  In ddb, don't worry about trying to make a malloced
1796 	 * snapshot.
1797 	 */
1798 	if ((oidp->oid_kind & (CTLFLAG_WR | CTLFLAG_TUN)) == 0 ||
1799 	    arg2 == 0 || kdb_active) {
1800 		size_t outlen;
1801 
1802 		if (arg2 == 0)
1803 			outlen = arg2 = strlen(arg1) + 1;
1804 		else
1805 			outlen = strnlen(arg1, arg2 - 1) + 1;
1806 
1807 		tmparg = req->oldptr != NULL ? arg1 : NULL;
1808 		error = SYSCTL_OUT(req, tmparg, outlen);
1809 	} else {
1810 		size_t outlen;
1811 
1812 		if (req->oldptr != NULL) {
1813 			tmparg = malloc(arg2, M_SYSCTLTMP, M_WAITOK);
1814 			sx_slock(&sysctlstringlock);
1815 			memcpy(tmparg, arg1, arg2);
1816 			sx_sunlock(&sysctlstringlock);
1817 			outlen = strnlen(tmparg, arg2 - 1) + 1;
1818 		} else {
1819 			tmparg = NULL;
1820 			sx_slock(&sysctlstringlock);
1821 			outlen = strnlen(arg1, arg2 - 1) + 1;
1822 			sx_sunlock(&sysctlstringlock);
1823 		}
1824 		error = SYSCTL_OUT(req, tmparg, outlen);
1825 		free(tmparg, M_SYSCTLTMP);
1826 	}
1827 	if (error || !req->newptr)
1828 		return (error);
1829 
1830 	if (req->newlen - req->newidx >= arg2 ||
1831 	    req->newlen - req->newidx < 0) {
1832 		error = EINVAL;
1833 	} else if (req->newlen - req->newidx == 0) {
1834 		sx_xlock(&sysctlstringlock);
1835 		((char *)arg1)[0] = '\0';
1836 		sx_xunlock(&sysctlstringlock);
1837 	} else if (req->newfunc == sysctl_new_kernel) {
1838 		arg2 = req->newlen - req->newidx;
1839 		sx_xlock(&sysctlstringlock);
1840 		error = SYSCTL_IN(req, arg1, arg2);
1841 		if (error == 0) {
1842 			((char *)arg1)[arg2] = '\0';
1843 			req->newidx += arg2;
1844 		}
1845 		sx_xunlock(&sysctlstringlock);
1846 	} else {
1847 		arg2 = req->newlen - req->newidx;
1848 		tmparg = malloc(arg2, M_SYSCTLTMP, M_WAITOK);
1849 
1850 		error = SYSCTL_IN(req, tmparg, arg2);
1851 		if (error) {
1852 			free(tmparg, M_SYSCTLTMP);
1853 			return (error);
1854 		}
1855 
1856 		sx_xlock(&sysctlstringlock);
1857 		memcpy(arg1, tmparg, arg2);
1858 		((char *)arg1)[arg2] = '\0';
1859 		sx_xunlock(&sysctlstringlock);
1860 		free(tmparg, M_SYSCTLTMP);
1861 		req->newidx += arg2;
1862 	}
1863 	return (error);
1864 }
1865 
1866 /*
1867  * Handle any kind of opaque data.
1868  * arg1 points to it, arg2 is the size.
1869  */
1870 
1871 int
sysctl_handle_opaque(SYSCTL_HANDLER_ARGS)1872 sysctl_handle_opaque(SYSCTL_HANDLER_ARGS)
1873 {
1874 	int error, tries;
1875 	u_int generation;
1876 	struct sysctl_req req2;
1877 
1878 	/*
1879 	 * Attempt to get a coherent snapshot, by using the thread
1880 	 * pre-emption counter updated from within mi_switch() to
1881 	 * determine if we were pre-empted during a bcopy() or
1882 	 * copyout(). Make 3 attempts at doing this before giving up.
1883 	 * If we encounter an error, stop immediately.
1884 	 */
1885 	tries = 0;
1886 	req2 = *req;
1887 retry:
1888 	generation = curthread->td_generation;
1889 	error = SYSCTL_OUT(req, arg1, arg2);
1890 	if (error)
1891 		return (error);
1892 	tries++;
1893 	if (generation != curthread->td_generation && tries < 3) {
1894 		*req = req2;
1895 		goto retry;
1896 	}
1897 
1898 	error = SYSCTL_IN(req, arg1, arg2);
1899 
1900 	return (error);
1901 }
1902 
1903 /*
1904  * Based on sysctl_handle_64() convert microseconds to a sbintime.
1905  */
1906 int
sysctl_usec_to_sbintime(SYSCTL_HANDLER_ARGS)1907 sysctl_usec_to_sbintime(SYSCTL_HANDLER_ARGS)
1908 {
1909 	int error;
1910 	int64_t usec;
1911 
1912 	usec = sbttous(*(sbintime_t *)arg1);
1913 
1914 	error = sysctl_handle_64(oidp, &usec, 0, req);
1915 	if (error || !req->newptr)
1916 		return (error);
1917 
1918 	*(sbintime_t *)arg1 = ustosbt(usec);
1919 
1920 	return (0);
1921 }
1922 
1923 /*
1924  * Based on sysctl_handle_64() convert milliseconds to a sbintime.
1925  */
1926 int
sysctl_msec_to_sbintime(SYSCTL_HANDLER_ARGS)1927 sysctl_msec_to_sbintime(SYSCTL_HANDLER_ARGS)
1928 {
1929 	int error;
1930 	int64_t msec;
1931 
1932 	msec = sbttoms(*(sbintime_t *)arg1);
1933 
1934 	error = sysctl_handle_64(oidp, &msec, 0, req);
1935 	if (error || !req->newptr)
1936 		return (error);
1937 
1938 	*(sbintime_t *)arg1 = mstosbt(msec);
1939 
1940 	return (0);
1941 }
1942 
1943 /*
1944  * Convert seconds to a struct timeval.  Intended for use with
1945  * intervals and thus does not permit negative seconds.
1946  */
1947 int
sysctl_sec_to_timeval(SYSCTL_HANDLER_ARGS)1948 sysctl_sec_to_timeval(SYSCTL_HANDLER_ARGS)
1949 {
1950 	struct timeval *tv;
1951 	int error, secs;
1952 
1953 	tv = arg1;
1954 	secs = tv->tv_sec;
1955 
1956 	error = sysctl_handle_int(oidp, &secs, 0, req);
1957 	if (error || req->newptr == NULL)
1958 		return (error);
1959 
1960 	if (secs < 0)
1961 		return (EINVAL);
1962 	tv->tv_sec = secs;
1963 
1964 	return (0);
1965 }
1966 
1967 /*
1968  * Transfer functions to/from kernel space.
1969  * XXX: rather untested at this point
1970  */
1971 static int
sysctl_old_kernel(struct sysctl_req * req,const void * p,size_t l)1972 sysctl_old_kernel(struct sysctl_req *req, const void *p, size_t l)
1973 {
1974 	size_t i = 0;
1975 
1976 	if (req->oldptr) {
1977 		i = l;
1978 		if (req->oldlen <= req->oldidx)
1979 			i = 0;
1980 		else
1981 			if (i > req->oldlen - req->oldidx)
1982 				i = req->oldlen - req->oldidx;
1983 		if (i > 0)
1984 			bcopy(p, (char *)req->oldptr + req->oldidx, i);
1985 	}
1986 	req->oldidx += l;
1987 	if (req->oldptr && i != l)
1988 		return (ENOMEM);
1989 	return (0);
1990 }
1991 
1992 static int
sysctl_new_kernel(struct sysctl_req * req,void * p,size_t l)1993 sysctl_new_kernel(struct sysctl_req *req, void *p, size_t l)
1994 {
1995 	if (!req->newptr)
1996 		return (0);
1997 	if (req->newlen - req->newidx < l)
1998 		return (EINVAL);
1999 	bcopy((const char *)req->newptr + req->newidx, p, l);
2000 	req->newidx += l;
2001 	return (0);
2002 }
2003 
2004 int
kernel_sysctl(struct thread * td,int * name,u_int namelen,void * old,size_t * oldlenp,void * new,size_t newlen,size_t * retval,int flags)2005 kernel_sysctl(struct thread *td, int *name, u_int namelen, void *old,
2006     size_t *oldlenp, void *new, size_t newlen, size_t *retval, int flags)
2007 {
2008 	int error = 0;
2009 	struct sysctl_req req;
2010 
2011 	bzero(&req, sizeof req);
2012 
2013 	req.td = td;
2014 	req.flags = flags;
2015 
2016 	if (oldlenp) {
2017 		req.oldlen = *oldlenp;
2018 	}
2019 	req.validlen = req.oldlen;
2020 
2021 	if (old) {
2022 		req.oldptr= old;
2023 	}
2024 
2025 	if (new != NULL) {
2026 		req.newlen = newlen;
2027 		req.newptr = new;
2028 	}
2029 
2030 	req.oldfunc = sysctl_old_kernel;
2031 	req.newfunc = sysctl_new_kernel;
2032 	req.lock = REQ_UNWIRED;
2033 
2034 	error = sysctl_root(0, name, namelen, &req);
2035 
2036 	if (req.lock == REQ_WIRED && req.validlen > 0)
2037 		vsunlock(req.oldptr, req.validlen);
2038 
2039 	if (error && error != ENOMEM)
2040 		return (error);
2041 
2042 	if (retval) {
2043 		if (req.oldptr && req.oldidx > req.validlen)
2044 			*retval = req.validlen;
2045 		else
2046 			*retval = req.oldidx;
2047 	}
2048 	return (error);
2049 }
2050 
2051 int
kernel_sysctlbyname(struct thread * td,char * name,void * old,size_t * oldlenp,void * new,size_t newlen,size_t * retval,int flags)2052 kernel_sysctlbyname(struct thread *td, char *name, void *old, size_t *oldlenp,
2053     void *new, size_t newlen, size_t *retval, int flags)
2054 {
2055         int oid[CTL_MAXNAME];
2056         size_t oidlen, plen;
2057 	int error;
2058 
2059 	oid[0] = CTL_SYSCTL;
2060 	oid[1] = CTL_SYSCTL_NAME2OID;
2061 	oidlen = sizeof(oid);
2062 
2063 	error = kernel_sysctl(td, oid, 2, oid, &oidlen,
2064 	    (void *)name, strlen(name), &plen, flags);
2065 	if (error)
2066 		return (error);
2067 
2068 	error = kernel_sysctl(td, oid, plen / sizeof(int), old, oldlenp,
2069 	    new, newlen, retval, flags);
2070 	return (error);
2071 }
2072 
2073 /*
2074  * Transfer function to/from user space.
2075  */
2076 static int
sysctl_old_user(struct sysctl_req * req,const void * p,size_t l)2077 sysctl_old_user(struct sysctl_req *req, const void *p, size_t l)
2078 {
2079 	size_t i, len, origidx;
2080 	int error;
2081 
2082 	origidx = req->oldidx;
2083 	req->oldidx += l;
2084 	if (req->oldptr == NULL)
2085 		return (0);
2086 	/*
2087 	 * If we have not wired the user supplied buffer and we are currently
2088 	 * holding locks, drop a witness warning, as it's possible that
2089 	 * write operations to the user page can sleep.
2090 	 */
2091 	if (req->lock != REQ_WIRED)
2092 		WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
2093 		    "sysctl_old_user()");
2094 	i = l;
2095 	len = req->validlen;
2096 	if (len <= origidx)
2097 		i = 0;
2098 	else {
2099 		if (i > len - origidx)
2100 			i = len - origidx;
2101 		if (req->lock == REQ_WIRED) {
2102 			error = copyout_nofault(p, (char *)req->oldptr +
2103 			    origidx, i);
2104 		} else
2105 			error = copyout(p, (char *)req->oldptr + origidx, i);
2106 		if (error != 0)
2107 			return (error);
2108 	}
2109 	if (i < l)
2110 		return (ENOMEM);
2111 	return (0);
2112 }
2113 
2114 static int
sysctl_new_user(struct sysctl_req * req,void * p,size_t l)2115 sysctl_new_user(struct sysctl_req *req, void *p, size_t l)
2116 {
2117 	int error;
2118 
2119 	if (!req->newptr)
2120 		return (0);
2121 	if (req->newlen - req->newidx < l)
2122 		return (EINVAL);
2123 	WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
2124 	    "sysctl_new_user()");
2125 	error = copyin((const char *)req->newptr + req->newidx, p, l);
2126 	req->newidx += l;
2127 	return (error);
2128 }
2129 
2130 /*
2131  * Wire the user space destination buffer.  If set to a value greater than
2132  * zero, the len parameter limits the maximum amount of wired memory.
2133  */
2134 int
sysctl_wire_old_buffer(struct sysctl_req * req,size_t len)2135 sysctl_wire_old_buffer(struct sysctl_req *req, size_t len)
2136 {
2137 	int ret;
2138 	size_t wiredlen;
2139 
2140 	wiredlen = (len > 0 && len < req->oldlen) ? len : req->oldlen;
2141 	ret = 0;
2142 	if (req->lock != REQ_WIRED && req->oldptr &&
2143 	    req->oldfunc == sysctl_old_user) {
2144 		if (wiredlen != 0) {
2145 			ret = vslock(req->oldptr, wiredlen);
2146 			if (ret != 0) {
2147 				if (ret != ENOMEM)
2148 					return (ret);
2149 				wiredlen = 0;
2150 			}
2151 		}
2152 		req->lock = REQ_WIRED;
2153 		req->validlen = wiredlen;
2154 	}
2155 	return (0);
2156 }
2157 
2158 int
sysctl_find_oid(int * name,u_int namelen,struct sysctl_oid ** noid,int * nindx,struct sysctl_req * req)2159 sysctl_find_oid(int *name, u_int namelen, struct sysctl_oid **noid,
2160     int *nindx, struct sysctl_req *req)
2161 {
2162 	struct sysctl_oid_list *lsp;
2163 	struct sysctl_oid *oid;
2164 	struct sysctl_oid key;
2165 	int indx;
2166 
2167 	SYSCTL_ASSERT_LOCKED();
2168 	lsp = &sysctl__children;
2169 	indx = 0;
2170 	while (indx < CTL_MAXNAME) {
2171 		key.oid_number = name[indx];
2172 		oid = RB_FIND(sysctl_oid_list, lsp, &key);
2173 		if (oid == NULL)
2174 			return (ENOENT);
2175 
2176 		indx++;
2177 		if ((oid->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
2178 			if (oid->oid_handler != NULL || indx == namelen) {
2179 				*noid = oid;
2180 				if (nindx != NULL)
2181 					*nindx = indx;
2182 				KASSERT((oid->oid_kind & CTLFLAG_DYING) == 0,
2183 				    ("%s found DYING node %p", __func__, oid));
2184 				return (0);
2185 			}
2186 			lsp = SYSCTL_CHILDREN(oid);
2187 		} else if (indx == namelen) {
2188 			if ((oid->oid_kind & CTLFLAG_DORMANT) != 0)
2189 				return (ENOENT);
2190 			*noid = oid;
2191 			if (nindx != NULL)
2192 				*nindx = indx;
2193 			KASSERT((oid->oid_kind & CTLFLAG_DYING) == 0,
2194 			    ("%s found DYING node %p", __func__, oid));
2195 			return (0);
2196 		} else {
2197 			return (ENOTDIR);
2198 		}
2199 	}
2200 	return (ENOENT);
2201 }
2202 
2203 /*
2204  * Traverse our tree, and find the right node, execute whatever it points
2205  * to, and return the resulting error code.
2206  */
2207 
2208 static int
sysctl_root(SYSCTL_HANDLER_ARGS)2209 sysctl_root(SYSCTL_HANDLER_ARGS)
2210 {
2211 	struct sysctl_oid *oid;
2212 	struct rm_priotracker tracker;
2213 	int error, indx, lvl;
2214 
2215 	SYSCTL_RLOCK(&tracker);
2216 
2217 	error = sysctl_find_oid(arg1, arg2, &oid, &indx, req);
2218 	if (error)
2219 		goto out;
2220 
2221 	if ((oid->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
2222 		/*
2223 		 * You can't call a sysctl when it's a node, but has
2224 		 * no handler.  Inform the user that it's a node.
2225 		 * The indx may or may not be the same as namelen.
2226 		 */
2227 		if (oid->oid_handler == NULL) {
2228 			error = EISDIR;
2229 			goto out;
2230 		}
2231 	}
2232 
2233 	/* Is this sysctl writable? */
2234 	if (req->newptr && !(oid->oid_kind & CTLFLAG_WR)) {
2235 		error = EPERM;
2236 		goto out;
2237 	}
2238 
2239 	KASSERT(req->td != NULL, ("sysctl_root(): req->td == NULL"));
2240 
2241 #ifdef CAPABILITY_MODE
2242 	/*
2243 	 * If the process is in capability mode, then don't permit reading or
2244 	 * writing unless specifically granted for the node.
2245 	 */
2246 	if (IN_CAPABILITY_MODE(req->td)) {
2247 		if ((req->oldptr && !(oid->oid_kind & CTLFLAG_CAPRD)) ||
2248 		    (req->newptr && !(oid->oid_kind & CTLFLAG_CAPWR))) {
2249 			error = EPERM;
2250 			goto out;
2251 		}
2252 	}
2253 #endif
2254 
2255 	/* Is this sysctl sensitive to securelevels? */
2256 	if (req->newptr && (oid->oid_kind & CTLFLAG_SECURE)) {
2257 		lvl = (oid->oid_kind & CTLMASK_SECURE) >> CTLSHIFT_SECURE;
2258 		error = securelevel_gt(req->td->td_ucred, lvl);
2259 		if (error)
2260 			goto out;
2261 	}
2262 
2263 	/* Is this sysctl writable by only privileged users? */
2264 	if (req->newptr && !(oid->oid_kind & CTLFLAG_ANYBODY)) {
2265 		int priv;
2266 
2267 		if (oid->oid_kind & CTLFLAG_PRISON)
2268 			priv = PRIV_SYSCTL_WRITEJAIL;
2269 #ifdef VIMAGE
2270 		else if ((oid->oid_kind & CTLFLAG_VNET) &&
2271 		     prison_owns_vnet(req->td->td_ucred))
2272 			priv = PRIV_SYSCTL_WRITEJAIL;
2273 #endif
2274 		else
2275 			priv = PRIV_SYSCTL_WRITE;
2276 		error = priv_check(req->td, priv);
2277 		if (error)
2278 			goto out;
2279 	}
2280 
2281 	if (!oid->oid_handler) {
2282 		error = EINVAL;
2283 		goto out;
2284 	}
2285 
2286 	if ((oid->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
2287 		arg1 = (int *)arg1 + indx;
2288 		arg2 -= indx;
2289 	} else {
2290 		arg1 = oid->oid_arg1;
2291 		arg2 = oid->oid_arg2;
2292 	}
2293 #ifdef MAC
2294 	error = mac_system_check_sysctl(req->td->td_ucred, oid, arg1, arg2,
2295 	    req);
2296 	if (error != 0)
2297 		goto out;
2298 #endif
2299 #ifdef VIMAGE
2300 	if ((oid->oid_kind & CTLFLAG_VNET) && arg1 != NULL)
2301 		arg1 = (void *)(curvnet->vnet_data_base + (uintptr_t)arg1);
2302 #endif
2303 	error = sysctl_root_handler_locked(oid, arg1, arg2, req, &tracker);
2304 
2305 out:
2306 	SYSCTL_RUNLOCK(&tracker);
2307 	return (error);
2308 }
2309 
2310 #ifndef _SYS_SYSPROTO_H_
2311 struct __sysctl_args {
2312 	int	*name;
2313 	u_int	namelen;
2314 	void	*old;
2315 	size_t	*oldlenp;
2316 	void	*new;
2317 	size_t	newlen;
2318 };
2319 #endif
2320 int
sys___sysctl(struct thread * td,struct __sysctl_args * uap)2321 sys___sysctl(struct thread *td, struct __sysctl_args *uap)
2322 {
2323 	int error, i, name[CTL_MAXNAME];
2324 	size_t j;
2325 
2326 	if (uap->namelen > CTL_MAXNAME || uap->namelen < 2)
2327 		return (EINVAL);
2328 
2329  	error = copyin(uap->name, &name, uap->namelen * sizeof(int));
2330  	if (error)
2331 		return (error);
2332 
2333 	error = userland_sysctl(td, name, uap->namelen,
2334 		uap->old, uap->oldlenp, 0,
2335 		uap->new, uap->newlen, &j, 0);
2336 	if (error && error != ENOMEM)
2337 		return (error);
2338 	if (uap->oldlenp) {
2339 		i = copyout(&j, uap->oldlenp, sizeof(j));
2340 		if (i)
2341 			return (i);
2342 	}
2343 	return (error);
2344 }
2345 
2346 int
kern___sysctlbyname(struct thread * td,const char * oname,size_t namelen,void * old,size_t * oldlenp,void * new,size_t newlen,size_t * retval,int flags,bool inkernel)2347 kern___sysctlbyname(struct thread *td, const char *oname, size_t namelen,
2348     void *old, size_t *oldlenp, void *new, size_t newlen, size_t *retval,
2349     int flags, bool inkernel)
2350 {
2351 	int oid[CTL_MAXNAME];
2352 	char namebuf[16];
2353 	char *name;
2354 	size_t oidlen;
2355 	int error;
2356 
2357 	if (namelen > MAXPATHLEN || namelen == 0)
2358 		return (EINVAL);
2359 	name = namebuf;
2360 	if (namelen > sizeof(namebuf))
2361 		name = malloc(namelen, M_SYSCTL, M_WAITOK);
2362 	error = copyin(oname, name, namelen);
2363 	if (error != 0)
2364 		goto out;
2365 
2366 	oid[0] = CTL_SYSCTL;
2367 	oid[1] = CTL_SYSCTL_NAME2OID;
2368 	oidlen = sizeof(oid);
2369 	error = kernel_sysctl(td, oid, 2, oid, &oidlen, (void *)name, namelen,
2370 	    retval, flags);
2371 	if (error != 0)
2372 		goto out;
2373 	error = userland_sysctl(td, oid, *retval / sizeof(int), old, oldlenp,
2374 	    inkernel, new, newlen, retval, flags);
2375 
2376 out:
2377 	if (namelen > sizeof(namebuf))
2378 		free(name, M_SYSCTL);
2379 	return (error);
2380 }
2381 
2382 #ifndef	_SYS_SYSPROTO_H_
2383 struct __sysctlbyname_args {
2384 	const char	*name;
2385 	size_t	namelen;
2386 	void	*old;
2387 	size_t	*oldlenp;
2388 	void	*new;
2389 	size_t	newlen;
2390 };
2391 #endif
2392 int
sys___sysctlbyname(struct thread * td,struct __sysctlbyname_args * uap)2393 sys___sysctlbyname(struct thread *td, struct __sysctlbyname_args *uap)
2394 {
2395 	size_t rv;
2396 	int error;
2397 
2398 	error = kern___sysctlbyname(td, uap->name, uap->namelen, uap->old,
2399 	    uap->oldlenp, uap->new, uap->newlen, &rv, 0, 0);
2400 	if (error != 0)
2401 		return (error);
2402 	if (uap->oldlenp != NULL)
2403 		error = copyout(&rv, uap->oldlenp, sizeof(rv));
2404 
2405 	return (error);
2406 }
2407 
2408 /*
2409  * This is used from various compatibility syscalls too.  That's why name
2410  * must be in kernel space.
2411  */
2412 int
userland_sysctl(struct thread * td,int * name,u_int namelen,void * old,size_t * oldlenp,int inkernel,const void * new,size_t newlen,size_t * retval,int flags)2413 userland_sysctl(struct thread *td, int *name, u_int namelen, void *old,
2414     size_t *oldlenp, int inkernel, const void *new, size_t newlen,
2415     size_t *retval, int flags)
2416 {
2417 	struct sysctl_req req;
2418 	int error = 0;
2419 	bool memlocked;
2420 
2421 	bzero(&req, sizeof req);
2422 
2423 	req.td = td;
2424 	req.flags = flags;
2425 
2426 	if (oldlenp) {
2427 		if (inkernel) {
2428 			req.oldlen = *oldlenp;
2429 		} else {
2430 			error = copyin(oldlenp, &req.oldlen, sizeof(*oldlenp));
2431 			if (error)
2432 				return (error);
2433 		}
2434 	}
2435 	req.validlen = req.oldlen;
2436 	req.oldptr = old;
2437 
2438 	if (new != NULL) {
2439 		req.newlen = newlen;
2440 		req.newptr = new;
2441 	}
2442 
2443 	req.oldfunc = sysctl_old_user;
2444 	req.newfunc = sysctl_new_user;
2445 	req.lock = REQ_UNWIRED;
2446 
2447 #ifdef KTRACE
2448 	if (KTRPOINT(curthread, KTR_SYSCTL))
2449 		ktrsysctl(name, namelen);
2450 #endif
2451 	memlocked = false;
2452 	if (priv_check(td, PRIV_SYSCTL_MEMLOCK) != 0 &&
2453 	    req.oldptr != NULL && req.oldlen > 4 * PAGE_SIZE) {
2454 		memlocked = true;
2455 		sx_xlock(&sysctlmemlock);
2456 	}
2457 	CURVNET_SET(TD_TO_VNET(td));
2458 
2459 	for (;;) {
2460 		req.oldidx = 0;
2461 		req.newidx = 0;
2462 		error = sysctl_root(0, name, namelen, &req);
2463 		if (error != EAGAIN)
2464 			break;
2465 		kern_yield(PRI_USER);
2466 	}
2467 
2468 	CURVNET_RESTORE();
2469 
2470 	if (req.lock == REQ_WIRED && req.validlen > 0)
2471 		vsunlock(req.oldptr, req.validlen);
2472 	if (memlocked)
2473 		sx_xunlock(&sysctlmemlock);
2474 
2475 	if (error && error != ENOMEM)
2476 		return (error);
2477 
2478 	if (retval) {
2479 		if (req.oldptr && req.oldidx > req.validlen)
2480 			*retval = req.validlen;
2481 		else
2482 			*retval = req.oldidx;
2483 	}
2484 	return (error);
2485 }
2486 
2487 /*
2488  * Drain into a sysctl struct.  The user buffer should be wired if a page
2489  * fault would cause issue.
2490  */
2491 static int
sbuf_sysctl_drain(void * arg,const char * data,int len)2492 sbuf_sysctl_drain(void *arg, const char *data, int len)
2493 {
2494 	struct sysctl_req *req = arg;
2495 	int error;
2496 
2497 	error = SYSCTL_OUT(req, data, len);
2498 	KASSERT(error >= 0, ("Got unexpected negative value %d", error));
2499 	return (error == 0 ? len : -error);
2500 }
2501 
2502 struct sbuf *
sbuf_new_for_sysctl(struct sbuf * s,char * buf,int length,struct sysctl_req * req)2503 sbuf_new_for_sysctl(struct sbuf *s, char *buf, int length,
2504     struct sysctl_req *req)
2505 {
2506 
2507 	/* Supply a default buffer size if none given. */
2508 	if (buf == NULL && length == 0)
2509 		length = 64;
2510 	s = sbuf_new(s, buf, length, SBUF_FIXEDLEN | SBUF_INCLUDENUL);
2511 	sbuf_set_drain(s, sbuf_sysctl_drain, req);
2512 	return (s);
2513 }
2514 
2515 #ifdef DDB
2516 
2517 /* The current OID the debugger is working with */
2518 static struct sysctl_oid *g_ddb_oid;
2519 
2520 /* The current flags specified by the user */
2521 static int g_ddb_sysctl_flags;
2522 
2523 /* Check to see if the last sysctl printed */
2524 static int g_ddb_sysctl_printed;
2525 
2526 static const int ctl_sign[CTLTYPE+1] = {
2527 	[CTLTYPE_INT] = 1,
2528 	[CTLTYPE_LONG] = 1,
2529 	[CTLTYPE_S8] = 1,
2530 	[CTLTYPE_S16] = 1,
2531 	[CTLTYPE_S32] = 1,
2532 	[CTLTYPE_S64] = 1,
2533 };
2534 
2535 static const int ctl_size[CTLTYPE+1] = {
2536 	[CTLTYPE_INT] = sizeof(int),
2537 	[CTLTYPE_UINT] = sizeof(u_int),
2538 	[CTLTYPE_LONG] = sizeof(long),
2539 	[CTLTYPE_ULONG] = sizeof(u_long),
2540 	[CTLTYPE_S8] = sizeof(int8_t),
2541 	[CTLTYPE_S16] = sizeof(int16_t),
2542 	[CTLTYPE_S32] = sizeof(int32_t),
2543 	[CTLTYPE_S64] = sizeof(int64_t),
2544 	[CTLTYPE_U8] = sizeof(uint8_t),
2545 	[CTLTYPE_U16] = sizeof(uint16_t),
2546 	[CTLTYPE_U32] = sizeof(uint32_t),
2547 	[CTLTYPE_U64] = sizeof(uint64_t),
2548 };
2549 
2550 #define DB_SYSCTL_NAME_ONLY	0x001	/* Compare with -N */
2551 #define DB_SYSCTL_VALUE_ONLY	0x002	/* Compare with -n */
2552 #define DB_SYSCTL_OPAQUE	0x004	/* Compare with -o */
2553 #define DB_SYSCTL_HEX		0x008	/* Compare with -x */
2554 
2555 #define DB_SYSCTL_SAFE_ONLY	0x100	/* Only simple types */
2556 
2557 static const char db_sysctl_modifs[] = {
2558 	'N', 'n', 'o', 'x',
2559 };
2560 
2561 static const int db_sysctl_modif_values[] = {
2562 	DB_SYSCTL_NAME_ONLY, DB_SYSCTL_VALUE_ONLY,
2563 	DB_SYSCTL_OPAQUE, DB_SYSCTL_HEX,
2564 };
2565 
2566 /* Handlers considered safe to print while recursing */
2567 static int (* const db_safe_handlers[])(SYSCTL_HANDLER_ARGS) = {
2568 	sysctl_handle_bool,
2569 	sysctl_handle_8,
2570 	sysctl_handle_16,
2571 	sysctl_handle_32,
2572 	sysctl_handle_64,
2573 	sysctl_handle_int,
2574 	sysctl_handle_long,
2575 	sysctl_handle_string,
2576 	sysctl_handle_opaque,
2577 };
2578 
2579 /*
2580  * Use in place of sysctl_old_kernel to print sysctl values.
2581  *
2582  * Compare to the output handling in show_var from sbin/sysctl/sysctl.c
2583  */
2584 static int
sysctl_old_ddb(struct sysctl_req * req,const void * ptr,size_t len)2585 sysctl_old_ddb(struct sysctl_req *req, const void *ptr, size_t len)
2586 {
2587 	const u_char *val, *p;
2588 	const char *sep1;
2589 	size_t intlen, slen;
2590 	uintmax_t umv;
2591 	intmax_t mv;
2592 	int sign, ctltype, hexlen, xflag, error;
2593 
2594 	/* Suppress false-positive GCC uninitialized variable warnings */
2595 	mv = 0;
2596 	umv = 0;
2597 
2598 	slen = len;
2599 	val = p = ptr;
2600 
2601 	if (ptr == NULL) {
2602 		error = 0;
2603 		goto out;
2604 	}
2605 
2606 	/* We are going to print */
2607 	g_ddb_sysctl_printed = 1;
2608 
2609 	xflag = g_ddb_sysctl_flags & DB_SYSCTL_HEX;
2610 
2611 	ctltype = (g_ddb_oid->oid_kind & CTLTYPE);
2612 	sign = ctl_sign[ctltype];
2613 	intlen = ctl_size[ctltype];
2614 
2615 	switch (ctltype) {
2616 	case CTLTYPE_NODE:
2617 	case CTLTYPE_STRING:
2618 		db_printf("%.*s", (int) len, (const char *) p);
2619 		error = 0;
2620 		goto out;
2621 
2622 	case CTLTYPE_INT:
2623 	case CTLTYPE_UINT:
2624 	case CTLTYPE_LONG:
2625 	case CTLTYPE_ULONG:
2626 	case CTLTYPE_S8:
2627 	case CTLTYPE_S16:
2628 	case CTLTYPE_S32:
2629 	case CTLTYPE_S64:
2630 	case CTLTYPE_U8:
2631 	case CTLTYPE_U16:
2632 	case CTLTYPE_U32:
2633 	case CTLTYPE_U64:
2634 		hexlen = 2 + (intlen * CHAR_BIT + 3) / 4;
2635 		sep1 = "";
2636 		while (len >= intlen) {
2637 			switch (ctltype) {
2638 			case CTLTYPE_INT:
2639 			case CTLTYPE_UINT:
2640 				umv = *(const u_int *)p;
2641 				mv = *(const int *)p;
2642 				break;
2643 			case CTLTYPE_LONG:
2644 			case CTLTYPE_ULONG:
2645 				umv = *(const u_long *)p;
2646 				mv = *(const long *)p;
2647 				break;
2648 			case CTLTYPE_S8:
2649 			case CTLTYPE_U8:
2650 				umv = *(const uint8_t *)p;
2651 				mv = *(const int8_t *)p;
2652 				break;
2653 			case CTLTYPE_S16:
2654 			case CTLTYPE_U16:
2655 				umv = *(const uint16_t *)p;
2656 				mv = *(const int16_t *)p;
2657 				break;
2658 			case CTLTYPE_S32:
2659 			case CTLTYPE_U32:
2660 				umv = *(const uint32_t *)p;
2661 				mv = *(const int32_t *)p;
2662 				break;
2663 			case CTLTYPE_S64:
2664 			case CTLTYPE_U64:
2665 				umv = *(const uint64_t *)p;
2666 				mv = *(const int64_t *)p;
2667 				break;
2668 			}
2669 
2670 			db_printf("%s", sep1);
2671 			if (xflag)
2672 				db_printf("%#0*jx", hexlen, umv);
2673 			else if (!sign)
2674 				db_printf("%ju", umv);
2675 			else if (g_ddb_oid->oid_fmt[1] == 'K') {
2676 				/* Kelvins are currently unsupported. */
2677 				error = EOPNOTSUPP;
2678 				goto out;
2679 			} else
2680 				db_printf("%jd", mv);
2681 
2682 			sep1 = " ";
2683 			len -= intlen;
2684 			p += intlen;
2685 		}
2686 		error = 0;
2687 		goto out;
2688 
2689 	case CTLTYPE_OPAQUE:
2690 		/* TODO: Support struct functions. */
2691 
2692 		/* FALLTHROUGH */
2693 	default:
2694 		db_printf("Format:%s Length:%zu Dump:0x",
2695 		    g_ddb_oid->oid_fmt, len);
2696 		while (len-- && (xflag || p < val + 16))
2697 			db_printf("%02x", *p++);
2698 		if (!xflag && len > 16)
2699 			db_printf("...");
2700 		error = 0;
2701 		goto out;
2702 	}
2703 
2704 out:
2705 	req->oldidx += slen;
2706 	return (error);
2707 }
2708 
2709 /*
2710  * Avoid setting new sysctl values from the debugger
2711  */
2712 static int
sysctl_new_ddb(struct sysctl_req * req,void * p,size_t l)2713 sysctl_new_ddb(struct sysctl_req *req, void *p, size_t l)
2714 {
2715 
2716 	if (!req->newptr)
2717 		return (0);
2718 
2719 	/* Changing sysctls from the debugger is currently unsupported */
2720 	return (EPERM);
2721 }
2722 
2723 /*
2724  * Run a sysctl handler with the DDB oldfunc and newfunc attached.
2725  * Instead of copying any output to a buffer we'll dump it right to
2726  * the console.
2727  */
2728 static int
db_sysctl(struct sysctl_oid * oidp,int * name,u_int namelen,void * old,size_t * oldlenp,size_t * retval,int flags)2729 db_sysctl(struct sysctl_oid *oidp, int *name, u_int namelen,
2730     void *old, size_t *oldlenp, size_t *retval, int flags)
2731 {
2732 	struct sysctl_req req;
2733 	int error;
2734 
2735 	/* Setup the request */
2736 	bzero(&req, sizeof req);
2737 	req.td = kdb_thread;
2738 	req.oldfunc = sysctl_old_ddb;
2739 	req.newfunc = sysctl_new_ddb;
2740 	req.lock = REQ_UNWIRED;
2741 	if (oldlenp) {
2742 		req.oldlen = *oldlenp;
2743 	}
2744 	req.validlen = req.oldlen;
2745 	if (old) {
2746 		req.oldptr = old;
2747 	}
2748 
2749 	/* Setup our globals for sysctl_old_ddb */
2750 	g_ddb_oid = oidp;
2751 	g_ddb_sysctl_flags = flags;
2752 	g_ddb_sysctl_printed = 0;
2753 
2754 	error = sysctl_root(0, name, namelen, &req);
2755 
2756 	/* Reset globals */
2757 	g_ddb_oid = NULL;
2758 	g_ddb_sysctl_flags = 0;
2759 
2760 	if (retval) {
2761 		if (req.oldptr && req.oldidx > req.validlen)
2762 			*retval = req.validlen;
2763 		else
2764 			*retval = req.oldidx;
2765 	}
2766 	return (error);
2767 }
2768 
2769 /*
2770  * Show a sysctl's name
2771  */
2772 static void
db_show_oid_name(int * oid,size_t nlen)2773 db_show_oid_name(int *oid, size_t nlen)
2774 {
2775 	struct sysctl_oid *oidp;
2776 	int qoid[CTL_MAXNAME + 2];
2777 	int error;
2778 
2779 	qoid[0] = CTL_SYSCTL;
2780 	qoid[1] = CTL_SYSCTL_NAME;
2781 	memcpy(qoid + 2, oid, nlen * sizeof(int));
2782 
2783 	error = sysctl_find_oid(qoid, nlen + 2, &oidp, NULL, NULL);
2784 	if (error)
2785 		db_error("sysctl name oid");
2786 
2787 	error = db_sysctl(oidp, qoid, nlen + 2, NULL, NULL, NULL, 0);
2788 	if (error)
2789 		db_error("sysctl name");
2790 }
2791 
2792 /*
2793  * Check to see if an OID is safe to print from ddb.
2794  */
2795 static bool
db_oid_safe(const struct sysctl_oid * oidp)2796 db_oid_safe(const struct sysctl_oid *oidp)
2797 {
2798 	for (unsigned int i = 0; i < nitems(db_safe_handlers); ++i) {
2799 		if (oidp->oid_handler == db_safe_handlers[i])
2800 			return (true);
2801 	}
2802 
2803 	return (false);
2804 }
2805 
2806 /*
2807  * Show a sysctl at a specific OID
2808  * Compare to the input handling in show_var from sbin/sysctl/sysctl.c
2809  */
2810 static int
db_show_oid(struct sysctl_oid * oidp,int * oid,size_t nlen,int flags)2811 db_show_oid(struct sysctl_oid *oidp, int *oid, size_t nlen, int flags)
2812 {
2813 	int error, xflag, oflag, Nflag, nflag;
2814 	size_t len;
2815 
2816 	xflag = flags & DB_SYSCTL_HEX;
2817 	oflag = flags & DB_SYSCTL_OPAQUE;
2818 	nflag = flags & DB_SYSCTL_VALUE_ONLY;
2819 	Nflag = flags & DB_SYSCTL_NAME_ONLY;
2820 
2821 	if ((oidp->oid_kind & CTLTYPE) == CTLTYPE_OPAQUE &&
2822 	    (!xflag && !oflag))
2823 		return (0);
2824 
2825 	if (Nflag) {
2826 		db_show_oid_name(oid, nlen);
2827 		error = 0;
2828 		goto out;
2829 	}
2830 
2831 	if (!nflag) {
2832 		db_show_oid_name(oid, nlen);
2833 		db_printf(": ");
2834 	}
2835 
2836 	if ((flags & DB_SYSCTL_SAFE_ONLY) && !db_oid_safe(oidp)) {
2837 		db_printf("Skipping, unsafe to print while recursing.");
2838 		error = 0;
2839 		goto out;
2840 	}
2841 
2842 	/* Try once, and ask about the size */
2843 	len = 0;
2844 	error = db_sysctl(oidp, oid, nlen,
2845 	    NULL, NULL, &len, flags);
2846 	if (error)
2847 		goto out;
2848 
2849 	if (!g_ddb_sysctl_printed)
2850 		/* Lie about the size */
2851 		error = db_sysctl(oidp, oid, nlen,
2852 		    (void *) 1, &len, NULL, flags);
2853 
2854 out:
2855 	db_printf("\n");
2856 	return (error);
2857 }
2858 
2859 /*
2860  * Show all sysctls under a specific OID
2861  * Compare to sysctl_all from sbin/sysctl/sysctl.c
2862  */
2863 static int
db_show_sysctl_all(int * oid,size_t len,int flags)2864 db_show_sysctl_all(int *oid, size_t len, int flags)
2865 {
2866 	struct sysctl_oid *oidp;
2867 	int qoid[CTL_MAXNAME + 2], next[CTL_MAXNAME];
2868 	size_t nlen;
2869 
2870 	qoid[0] = CTL_SYSCTL;
2871 	qoid[1] = CTL_SYSCTL_NEXT;
2872 	if (len) {
2873 		nlen = len;
2874 		memcpy(&qoid[2], oid, nlen * sizeof(int));
2875 	} else {
2876 		nlen = 1;
2877 		qoid[2] = CTL_KERN;
2878 	}
2879 	for (;;) {
2880 		int error;
2881 		size_t nextsize = sizeof(next);
2882 
2883 		error = kernel_sysctl(kdb_thread, qoid, nlen + 2,
2884 		    next, &nextsize, NULL, 0, &nlen, 0);
2885 		if (error != 0) {
2886 			if (error == ENOENT)
2887 				return (0);
2888 			else
2889 				db_error("sysctl(next)");
2890 		}
2891 
2892 		nlen /= sizeof(int);
2893 
2894 		if (nlen < (unsigned int)len)
2895 			return (0);
2896 
2897 		if (memcmp(&oid[0], &next[0], len * sizeof(int)) != 0)
2898 			return (0);
2899 
2900 		/* Find the OID in question */
2901 		error = sysctl_find_oid(next, nlen, &oidp, NULL, NULL);
2902 		if (error)
2903 			return (error);
2904 
2905 		(void)db_show_oid(oidp, next, nlen, flags | DB_SYSCTL_SAFE_ONLY);
2906 
2907 		if (db_pager_quit)
2908 			return (0);
2909 
2910 		memcpy(&qoid[2 + len], &next[len], (nlen - len) * sizeof(int));
2911 	}
2912 }
2913 
2914 /*
2915  * Show a sysctl by its user facing string
2916  */
2917 static int
db_sysctlbyname(const char * name,int flags)2918 db_sysctlbyname(const char *name, int flags)
2919 {
2920 	struct sysctl_oid *oidp;
2921 	int oid[CTL_MAXNAME];
2922 	int error, nlen;
2923 
2924 	error = name2oid(name, oid, &nlen, &oidp);
2925 	if (error) {
2926 		return (error);
2927 	}
2928 
2929 	if ((oidp->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
2930 		db_show_sysctl_all(oid, nlen, flags);
2931 	} else {
2932 		error = db_show_oid(oidp, oid, nlen, flags);
2933 	}
2934 
2935 	return (error);
2936 }
2937 
2938 static void
db_sysctl_cmd_usage(void)2939 db_sysctl_cmd_usage(void)
2940 {
2941 	db_printf(
2942 	    " sysctl [/Nnox] <sysctl>					    \n"
2943 	    "								    \n"
2944 	    " <sysctl> The name of the sysctl to show.			    \n"
2945 	    "								    \n"
2946 	    " Show a sysctl by hooking into SYSCTL_IN and SYSCTL_OUT.	    \n"
2947 	    " This will work for most sysctls, but should not be used	    \n"
2948 	    " with sysctls that are known to malloc.			    \n"
2949 	    "								    \n"
2950 	    " While recursing any \"unsafe\" sysctls will be skipped.	    \n"
2951 	    " Call sysctl directly on the sysctl to try printing the	    \n"
2952 	    " skipped sysctl. This is unsafe and may make the ddb	    \n"
2953 	    " session unusable.						    \n"
2954 	    "								    \n"
2955 	    " Arguments:						    \n"
2956 	    "	/N	Display only the name of the sysctl.		    \n"
2957 	    "	/n	Display only the value of the sysctl.		    \n"
2958 	    "	/o	Display opaque values.				    \n"
2959 	    "	/x	Display the sysctl in hex.			    \n"
2960 	    "								    \n"
2961 	    "For example:						    \n"
2962 	    "sysctl vm.v_free_min					    \n"
2963 	    "vn.v_free_min: 12669					    \n"
2964 	    );
2965 }
2966 
2967 /*
2968  * Show a specific sysctl similar to sysctl (8).
2969  */
DB_COMMAND_FLAGS(sysctl,db_sysctl_cmd,CS_OWN)2970 DB_COMMAND_FLAGS(sysctl, db_sysctl_cmd, CS_OWN)
2971 {
2972 	char name[TOK_STRING_SIZE];
2973 	int error, i, t, flags;
2974 
2975 	/* Parse the modifiers */
2976 	t = db_read_token();
2977 	if (t == tSLASH || t == tMINUS) {
2978 		t = db_read_token();
2979 		if (t != tIDENT) {
2980 			db_printf("Bad modifier\n");
2981 			error = EINVAL;
2982 			goto out;
2983 		}
2984 		db_strcpy(modif, db_tok_string);
2985 	}
2986 	else {
2987 		db_unread_token(t);
2988 		modif[0] = '\0';
2989 	}
2990 
2991 	flags = 0;
2992 	for (i = 0; i < nitems(db_sysctl_modifs); i++) {
2993 		if (strchr(modif, db_sysctl_modifs[i])) {
2994 			flags |= db_sysctl_modif_values[i];
2995 		}
2996 	}
2997 
2998 	/* Parse the sysctl names */
2999 	t = db_read_token();
3000 	if (t != tIDENT) {
3001 		db_printf("Need sysctl name\n");
3002 		error = EINVAL;
3003 		goto out;
3004 	}
3005 
3006 	/* Copy the name into a temporary buffer */
3007 	db_strcpy(name, db_tok_string);
3008 
3009 	/* Ensure there is no trailing cruft */
3010 	t = db_read_token();
3011 	if (t != tEOL) {
3012 		db_printf("Unexpected sysctl argument\n");
3013 		error = EINVAL;
3014 		goto out;
3015 	}
3016 
3017 	error = db_sysctlbyname(name, flags);
3018 	if (error == ENOENT) {
3019 		db_printf("unknown oid: '%s'\n", db_tok_string);
3020 		goto out;
3021 	} else if (error) {
3022 		db_printf("%s: error: %d\n", db_tok_string, error);
3023 		goto out;
3024 	}
3025 
3026 out:
3027 	/* Ensure we eat all of our text */
3028 	db_flush_lex();
3029 
3030 	if (error == EINVAL) {
3031 		db_sysctl_cmd_usage();
3032 	}
3033 }
3034 
3035 #endif /* DDB */
3036