[Status update] sysctlreg project

John Baldwin jhb at freebsd.org
Mon Jun 14 20:50:01 UTC 2010

On Monday 14 June 2010 4:03:24 pm Ilya Bakulin wrote:
> On Mon, 14 Jun 2010 08:55:53 -0400
> John Baldwin <jhb at freebsd.org> wrote:
> > > This week (14.06 -- 21.06) I will continue to add more and more 
> > plan is to finish adding Netgraph-related features by the end of this 
> > Also I plan to do some research work to understand how to handle sysctl 
> > attempts in the kernel. This will be required to implement systcl change 
> > handler.
> > 
> > Hmm, what are you planning to do in regards to a sysctl change handler?  I 
> > believe the kern.feature.* sysctls should be read-only by design.
> There should be a way to change their state (to allow "spoof-off" of these 
values). In the simpliest case, invoking "sysctl kern.feature.foo=0" should 
hide feature "foo", and it won't be listed any more, but "sysctl 
kern.feature.foo=1" should bring it back. Changing the state of these sysctls 
may only be allowed for root, and only if securelevel is lower than X (To Be 
> If such scenario is possible, then it's not nessesary to bring new entities 
in the base system, we'll use existing "sysctl" application.

Hmmm, is this spoofing a desired feature?  If so, perhaps it should be done in 
userland via environment options that affect the feature_present(3) API in 
libc?  (In that case you would write a little feature_present(1) util that 
uses the userland API and use this instead of direct sysctls in ports, etc.)

John Baldwin

More information about the soc-status mailing list