git: systat - Restrict %rip sampling to root
Matthew Dillon
dillon at crater.dragonflybsd.org
Wed Jul 27 16:23:54 PDT 2016
commit 82f8b5503d1e2e68370f695614715258208e67b5
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Wed Jul 27 16:22:11 2016 -0700
systat - Restrict %rip sampling to root
* Only allow root to sample the %rip and %rsp on all cpus. The sysctl will
not sample and return 0 for these fields if the uid is not root.
This is for security, as %rip sampling can be used to break cryptographic
keys.
* systat -pv 1 will not display the sampling columns if the sample value
is 0.
Summary of changes:
sys/kern/kern_clock.c | 19 ++++++++++++++++---
usr.bin/systat/vmmeter.c | 27 +++++++++++++++++++--------
2 files changed, 35 insertions(+), 11 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/82f8b5503d1e2e68370f695614715258208e67b5
--
DragonFly BSD source repository
More information about the Commits
mailing list