diff options
| author | Kyle Evans <kevans@FreeBSD.org> | 2026-01-11 11:12:49 -0600 |
|---|---|---|
| committer | Kyle Evans <kevans@FreeBSD.org> | 2026-01-15 18:23:39 -0600 |
| commit | 92b7366e438d8422a9e453aed02ca365da25bf62 (patch) | |
| tree | 0c4c1948111228d6fc37e993b86c46d50d124c46 /sys | |
| parent | 11d6ea47f06a38f66536b173e85ddf2674da6aff (diff) | |
mac: add macros for 5-argument SDT probes
A last-minute change to the jail MAC entry points in D53954 is going to
pass the jail_[gs]et(2) flags to mac_prison_check_[gs]et() so that a
policy can, e.g., reject or allow a change if the intent is to
immediately attach, or disallow some fetching of dying jails.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D54658
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/security/mac/mac_internal.h | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/sys/security/mac/mac_internal.h b/sys/security/mac/mac_internal.h index a882a476d1b0..a07bf01da6f6 100644 --- a/sys/security/mac/mac_internal.h +++ b/sys/security/mac/mac_internal.h @@ -64,6 +64,12 @@ SDT_PROVIDER_DECLARE(mac); /* MAC Framework-level events. */ SDT_PROVIDER_DECLARE(mac_framework); /* Entry points to MAC. */ +#define MAC_CHECK_PROBE_DEFINE5(name, arg0, arg1, arg2, arg3, arg4) \ + SDT_PROBE_DEFINE6(mac_framework, , name, mac__check__err, \ + "int", arg0, arg1, arg2, arg3, arg4); \ + SDT_PROBE_DEFINE6(mac_framework, , name, mac__check__ok, \ + "int", arg0, arg1, arg2, arg3, arg4); + #define MAC_CHECK_PROBE_DEFINE4(name, arg0, arg1, arg2, arg3) \ SDT_PROBE_DEFINE5(mac_framework, , name, mac__check__err, \ "int", arg0, arg1, arg2, arg3); \ @@ -88,18 +94,20 @@ SDT_PROVIDER_DECLARE(mac_framework); /* Entry points to MAC. */ SDT_PROBE_DEFINE2(mac_framework, , name, mac__check__ok, \ "int", arg0); -#define MAC_CHECK_PROBE4(name, error, arg0, arg1, arg2, arg3) do { \ +#define MAC_CHECK_PROBE5(name, error, arg0, arg1, arg2, arg3, arg4) do { \ if (SDT_PROBES_ENABLED()) { \ if (error) { \ - SDT_PROBE5(mac_framework, , name, mac__check__err,\ - error, arg0, arg1, arg2, arg3); \ + SDT_PROBE6(mac_framework, , name, mac__check__err,\ + error, arg0, arg1, arg2, arg3, arg4); \ } else { \ - SDT_PROBE5(mac_framework, , name, mac__check__ok,\ - 0, arg0, arg1, arg2, arg3); \ + SDT_PROBE6(mac_framework, , name, mac__check__ok,\ + 0, arg0, arg1, arg2, arg3, arg4); \ } \ } \ } while (0) +#define MAC_CHECK_PROBE4(name, error, arg0, arg1, arg2, arg3) \ + MAC_CHECK_PROBE5(name, error, arg0, arg1, arg2, arg3, 0) #define MAC_CHECK_PROBE3(name, error, arg0, arg1, arg2) \ MAC_CHECK_PROBE4(name, error, arg0, arg1, arg2, 0) #define MAC_CHECK_PROBE2(name, error, arg0, arg1) \ |