built-in module. If we do this, don't try to call devsw_attach() as
our device structures will already have been included via ioconf.[ch].
This avoids calling the init routine twice (once for CLASS_DRIVER and
then later for CLASS_ANY), which in turn avoids trying to initialize
an already initialized lock.
pointers. Ensure that we have the correct "old" values before setting
new values, for both "intall" and "deinstall".
XXX This is NOT intended to encourage additional cases of hijacking! If
XXX some other hijack feature ever gets committed, this code should be
XXX moved to (most likely) kern/kern_syscall.c.
We cannot rely on using copyinstr() to retrieve the pathname from
user mode after a successful exec, since the user mode address space
is no longer valid (and may not even be accessible). This worked in
earlier code but was broken by rev 1.7.
is ENOTTY, not EOPNOTSUPP! The former will allow the module to be
auto-unloaded, while the latter will prevent it.
Note that manual unloading of the filemon module is unaffected, as
that is controlled by actual usage of the module.
For the simple cases where path is absolute or dirfd is for cwd
we can handle this just like open.
For the remaining case we output an 'A' record to offer a clue that
a search for open dir is needed (earlier in the trace).
designated initializers.
I have not built every extant kernel so I have probably broken at
least one build; however I've also found and fixed some wrong
cdevsw/bdevsw entries so even if so I think we come out ahead.
Avoid recursion, and hold a reader lock on p_reflock while we
check for filemon, and until we have p_pptr.
filemon_ioctl:
Do not allow FILEMON_SET_PID unless caller would be allowed
to ptrace the target pid.
filemon_wrapper_deinstall:
Do not touch syscalls if they no longer point to us, return EBUSY.
filemon_unload:
return EBUSY if filemon_wrapper_deinstall() fails.
