git: DragonFly_RELEASE_4_6 systat - Restrict %rip sampling to root
Matthew Dillon
dillon at crater.dragonflybsd.org
Wed Jul 27 16:24:10 PDT 2016
commit e40d86e596b00f78af2d9fbc5631bb04adea6b83
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Wed Jul 27 16:22:11 2016 -0700
systat - Restrict %rip sampling to root
* Only allow root to sample the %rip and %rsp on all cpus. The sysctl will
not sample and return 0 for these fields if the uid is not root.
This is for security, as %rip sampling can be used to break cryptographic
keys.
* systat -pv 1 will not display the sampling columns if the sample value
is 0.
Summary of changes:
sys/kern/kern_clock.c | 19 ++++++++++++++++---
usr.bin/systat/vmmeter.c | 27 +++++++++++++++++++--------
2 files changed, 35 insertions(+), 11 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e40d86e596b00f78af2d9fbc5631bb04adea6b83
--
DragonFly BSD source repository
More information about the Commits
mailing list