dtrace_priv.4: Document the DTrace priv provider

Fixes:	6efcc2f26a Add static tracing for privilege checking
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D53630
This commit is contained in:
Mateusz Piotrowski
2025-11-07 00:43:19 +01:00
parent 6bf611ada2
commit 7bcd3a04c8
4 changed files with 64 additions and 2 deletions
+1
View File
@@ -1014,6 +1014,7 @@ _dtrace_provs= dtrace_audit.4 \
dtrace_kinst.4 \
dtrace_lockstat.4 \
dtrace_pid.4 \
dtrace_priv.4 \
dtrace_proc.4 \
dtrace_profile.4 \
dtrace_sched.4 \
+59
View File
@@ -0,0 +1,59 @@
.\"
.\" Copyright (c) 2025 Mateusz Piotrowski <0mp@FreeBSD.org>
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd November 12, 2025
.Dt DTRACE_PRIV 4
.Os
.Sh NAME
.Nm dtrace_priv
.Nd a DTrace provider for the kernel privilege checking API
.Sh SYNOPSIS
.Nm priv Ns Cm :kernel:priv_check:priv-ok
.Nm priv Ns Cm :kernel:priv_check:priv-err
.Sh DESCRIPTION
The
.Nm priv
provider allows for tracing the
.Xr priv 9
API.
.Pp
The
.Nm priv Ns Cm :kernel:priv_check:priv-ok
probe fires upon a successful kernel privilege check.
.Pp
The
.Nm priv Ns Cm :kernel:priv_check:priv-err
probe fires upon a failed kernel privilege check.
.Pp
The only argument to the
.Nm priv
probes,
.Fa args[0] ,
is the requested privilege number
.Ft int priv .
.Sh EXAMPLES
.Ss Example 1: Tracing Kernel Privilege Check Failures
The following script captures an array of counters,
one for each stack trace leading to a failed kernel privilege check:
.Bd -literal -offset 2n
priv:::priv-err
{
@traces[stack()] = count();
}
.Ed
.Sh SEE ALSO
.Xr dtrace 1 ,
.Xr tracing 7 ,
.Xr priv 9 ,
.Xr SDT 9
.Sh AUTHORS
.An -nosplit
The
.Nm priv
provider was written by
.An Robert N. M. Watson Aq Mt rwatson@FreeBSD.org .
.Pp
This manual page was written by
.An Mateusz Piotrowski Aq Mt 0mp@FreeBSD.org .
+2 -1
View File
@@ -26,7 +26,7 @@
.\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
.\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd December 19, 2018
.Dd November 12, 2025
.Dt PRIV 9
.Os
.Sh NAME
@@ -106,6 +106,7 @@ privilege checks, and the caller is unable to tell if an access control
failure occurred.
.Sh SEE ALSO
.Xr jail 2 ,
.Xr dtrace_priv 4 ,
.Xr mac 9 ,
.Xr ucred 9
.Sh AUTHORS