From owner-freebsd-hackers@FreeBSD.ORG Fri Oct 7 14:48:44 2011 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E7294106567C for ; Fri, 7 Oct 2011 14:48:44 +0000 (UTC) (envelope-from s@samu.pl) Received: from samu.pl (samu.pl [IPv6:2001:41d0:1:f0cf::1]) by mx1.freebsd.org (Postfix) with ESMTP id 89F3E8FC16 for ; Fri, 7 Oct 2011 14:48:44 +0000 (UTC) Received: by samu.pl (Postfix, from userid 1001) id B3D24CDBBD; Fri, 7 Oct 2011 16:48:43 +0200 (CEST) To: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Date: Fri, 07 Oct 2011 16:48:43 +0200 From: s Message-ID: <7a4b6f4b2366333f640027303870e0e6@samu.pl> X-Sender: s@samu.pl User-Agent: RoundCube Webmail/0.5.1 Subject: MAC Framework, retreiving information from sysctl X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Oct 2011 14:48:45 -0000 Hi, Once again I would like to ask some question about kernel module programming using the MAC framework - but this time it may not be strictly related to MAC. So, I have made a simple security module (which I will publish as soon as I'll finish it), and now I'd like to have some nice tool to modify it's "rules" from the userland. Exactly the same thing is done by ugidfw, to modify bsdextended rules. But, here the problem appears - I don't know how to perform that. I've got a simple, two-dimensional array which contains these "rules" (if I can call them that way), and I would like to modify that array from the userland. So, I guess the best way to do so would be sysctl(3). This is what I've created, after reading mac_bsdextended source: kernel module: static int sysctl_rule(SYSCTL_HANDLER_ARGS) { // ... some code to parse what has been sent ... return (0); } SYSCTL_NODE(_security_somemodule, OID_AUTO, rules, CTLFLAG_MPSAFE | CTLFLAG_RW, sysctl_rule, "Some description"); And now I should be able to send some data using sysctl(3). But I really don't know how - and here my question comes. How should I send this data? How should I parse SYSCTL_HANDLER_ARGS (from struct.h: #define SYSCTL_HANDLER_ARGS struct sysctl_oid *oidp, void *arg1, int arg2, struct sysctl_req *req */) to edit my array? I will be grateful for any help - this is the only thing that remained in this project... ;) -- Pozdrawiam, Jakub 'samu' SzafraƄski