Mercurial > illumos > illumos-gate
changeset 11569:4fc0a82e09f7
6918265 priv_debug is too noisy to allow enabling it by default even in DEBUG builds
author | Casper H.S. Dik <Casper.Dik@Sun.COM> |
---|---|
date | Thu, 21 Jan 2010 13:54:02 +0100 |
parents | 73d521803f1a |
children | 7dac6be29184 |
files | usr/src/uts/common/os/exec.c usr/src/uts/common/os/policy.c usr/src/uts/common/os/priv.c usr/src/uts/common/syscall/ppriv.c |
diffstat | 4 files changed, 11 insertions(+), 9 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/uts/common/os/exec.c Tue Jan 19 23:02:22 2010 -0800 +++ b/usr/src/uts/common/os/exec.c Thu Jan 21 13:54:02 2010 +0100 @@ -732,7 +732,7 @@ curthread->t_cred = cred; crfree(oldcred); - if (priv_debug && priv_basic_test >= 0 && + if (priv_basic_test >= 0 && !PRIV_ISASSERT(&CR_IPRIV(newcred), priv_basic_test)) { pid_t pid = pp->p_pid;
--- a/usr/src/uts/common/os/policy.c Tue Jan 19 23:02:22 2010 -0800 +++ b/usr/src/uts/common/os/policy.c Thu Jan 21 13:54:02 2010 +0100 @@ -63,11 +63,7 @@ */ #define MAXPRIVSTACK 6 -#ifdef DEBUG -int priv_debug = 1; -#else int priv_debug = 0; -#endif int priv_basic_test = -1; /*
--- a/usr/src/uts/common/os/priv.c Tue Jan 19 23:02:22 2010 -0800 +++ b/usr/src/uts/common/os/priv.c Thu Jan 21 13:54:02 2010 +0100 @@ -82,6 +82,11 @@ void priv_init(void) { +#ifdef DEBUG + int alloc_test_priv = 1; +#else + int alloc_test_priv = priv_debug; +#endif rw_init(&privinfo_lock, NULL, RW_DRIVER, NULL); PRIV_BASIC_ASSERT(priv_basic); @@ -89,10 +94,11 @@ priv_fillset(&priv_fullset); /* - * When booting with priv_debug set, then we'll add an additional - * basic privilege and we verify that it is always present in E. + * When booting with priv_debug set or in a DEBUG kernel, then we'll + * add an additional basic privilege and we verify that it is always + * present in E. */ - if (priv_debug == 1 && + if (alloc_test_priv != 0 && (priv_basic_test = priv_getbyname("basic_test", PRIV_ALLOC)) >= 0) { priv_addset(priv_basic, priv_basic_test); }
--- a/usr/src/uts/common/syscall/ppriv.c Tue Jan 19 23:02:22 2010 -0800 +++ b/usr/src/uts/common/syscall/ppriv.c Thu Jan 21 13:54:02 2010 +0100 @@ -187,7 +187,7 @@ * if that has happened, then some programmer typically set the E/P to * empty. That is not portable. */ - if ((type == PRIV_EFFECTIVE || type == PRIV_PERMITTED) && priv_debug && + if ((type == PRIV_EFFECTIVE || type == PRIV_PERMITTED) && priv_basic_test >= 0 && !PRIV_ISASSERT(target, priv_basic_test)) { proc_t *p = curproc; pid_t pid = p->p_pid;