Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
db06aa87ca
NetBSD/lib/libc/gen/sysctl.3

2577 lines
84 KiB
Groff
Raw Blame History

.\" $NetBSD: sysctl.3,v 1.182 2006/09/06 18:59:21 wiz Exp $
.\"
.\" Copyright (c) 1993
.\" The Regents of the University of California. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)sysctl.3 8.4 (Berkeley) 5/9/95
.\"
.Dd September 6, 2006
.Dt SYSCTL 3
.Os
.Sh NAME
.Nm sysctl ,
.Nm sysctlbyname ,
.Nm sysctlgetmibinfo ,
.Nm sysctlnametomib
.Nd get or set system information
.Sh LIBRARY
.Lb libc
.Sh SYNOPSIS
.In sys/param.h
.In sys/sysctl.h
.Ft int
.Fn sysctl "const int *name" "u_int namelen" "void *oldp" "size_t *oldlenp" \
"const void *newp" "size_t newlen"
.Ft int
.Fn sysctlbyname "const char *sname" "void *oldp" "size_t *oldlenp" \
"void *newp" "size_t newlen"
.Ft int
.Fn sysctlgetmibinfo "const char *sname" "int *name" "u_int *namelenp" \
"char *cname" "size_t *csz" "struct sysctlnode **rnode" "int v"
.Ft int
.Fn sysctlnametomib "const char *sname" "int *name" "size_t *namelenp"
.Sh DESCRIPTION
The
.Nm
function retrieves system information and allows processes with
appropriate privileges to set system information.
The information available from
.Nm
consists of integers, strings, and tables.
Information may be retrieved and set from the command interface
using the
.Xr sysctl 8
utility.
.Pp
Unless explicitly noted below,
.Nm
returns a consistent snapshot of the data requested.
Consistency is obtained by locking the destination
buffer into memory so that the data may be copied out without blocking.
Calls to
.Nm
are serialized to avoid deadlock.
.Pp
The state is described using a ``Management Information Base'' (MIB)
style name, listed in
.Fa name ,
which is a
.Fa namelen
length array of integers.
.Pp
The
.Fn sysctlbyname
function accepts a string representation of a MIB entry and internally
maps it to the appropriate numeric MIB representation.
Its semantics are otherwise no different from
.Fn sysctl .
.Pp
The information is copied into the buffer specified by
.Fa oldp .
The size of the buffer is given by the location specified by
.Fa oldlenp
before the call,
and that location gives the amount of data copied after a successful call.
If the amount of data available is greater
than the size of the buffer supplied,
the call supplies as much data as fits in the buffer provided
and returns with the error code ENOMEM.
If the old value is not desired,
.Fa oldp
and
.Fa oldlenp
should be set to
.Dv NULL .
.Pp
The size of the available data can be determined by calling
.Nm
with a
.Dv NULL
parameter for
.Fa oldp .
The size of the available data will be returned in the location pointed to by
.Fa oldlenp .
For some operations, the amount of space may change often.
For these operations,
the system attempts to round up so that the returned size is
large enough for a call to return the data shortly thereafter.
.Pp
To set a new value,
.Fa newp
is set to point to a buffer of length
.Fa newlen
from which the requested value is to be taken.
If a new value is not to be set,
.Fa newp
should be set to
.Dv NULL
and
.Fa newlen
set to 0.
.Pp
The
.Fn sysctlnametomib
function can be used to map the string representation of a MIB entry
to the numeric version.
The
.Fa name
argument should point to an array of integers large enough to hold the
MIB, and
.Fa namelenp
should indicate the number of integer slots available.
Following a successful translation, the size_t indicated by
.Fa namelenp
will be changed to show the number of slots consumed.
.Pp
The
.Fn sysctlgetmibinfo
function performs name translation similar to
.Fn sysctlnametomib ,
but also canonicalizes the name (or returns the first erroneous token
from the string being parsed) into the space indicated by
.Fa cname
and
.Fa csz .
.Fa csz
should indicate the size of the buffer pointed to by
.Fa cname
and on return, will indicate the size of the returned string including
the trailing
.Sq nul
character.
.Pp
The
.Fa rnode
and
.Fa v
arguments to
.Fn sysctlgetmibinfo
are used to provide a tree for it to parse into, and to get back
either a pointer to, or a copy of, the terminal node.
If
.Fa rnode
is
.Dv NULL ,
.Fn sysctlgetmibinfo
uses its own internal tree for parsing, and checks it against the
kernel at each call, to make sure that the name-to-number mapping is
kept up to date.
The
.Fa v
argument is ignored in this case.
If
.Fa rnode
is not
.Dv NULL
but the pointer it references is, on a successful return,
.Fa rnode
will be adjusted to point to a copy of the terminal node.
The
.Fa v
argument indicates which version of the
.Nm
node structure the caller wants.
The application must later
.Fn free
this copy.
If neither
.Fa rnode
nor the pointer it references are
.Dv NULL ,
the pointer is used as the address of a tree over which the parsing is
done.
In this last case, the tree is not checked against the kernel, no
refreshing of the mappings is performed, and the value given by
.Fa v
must agree with the version indicated by the tree.
It is recommended that applications always use
.Dv SYSCTL_VERSION
as the value for
.Fa v ,
as defined in the include file
.Pa sys/sysctl.h .
.Pp
The top level names are defined with a CTL_ prefix in
.Aq Pa sys/sysctl.h ,
and are as follows.
The next and subsequent levels down are found in the include files
listed here, and described in separate sections below.
.Pp
.Bl -column CTLXMACHDEPXXX "Next level namesXXXXXX" -offset indent
.It Sy Name Next level names Description
.It CTL\_KERN sys/sysctl.h High kernel limits
.It CTL\_VM uvm/uvm_param.h Virtual memory
.It CTL\_VFS sys/mount.h Filesystem
.It CTL\_NET sys/socket.h Networking
.It CTL\_DEBUG sys/sysctl.h Debugging
.It CTL\_HW sys/sysctl.h Generic CPU, I/O
.It CTL\_MACHDEP sys/sysctl.h Machine dependent
.It CTL\_USER sys/sysctl.h User-level
.It CTL\_DDB sys/sysctl.h In-kernel debugger
.It CTL\_PROC sys/sysctl.h Per-process
.It CTL\_VENDOR ? Vendor specific
.It CTL\_EMUL sys/sysctl.h Emulation settings
.It CTL\_SECURITY sys/sysctl.h Security settings
.El
.Pp
For example, the following retrieves the maximum number of processes allowed
in the system:
.Bd -literal -offset indent -compact
int mib[2], maxproc;
size_t len;
.sp
mib[0] = CTL_KERN;
mib[1] = KERN_MAXPROC;
len = sizeof(maxproc);
sysctl(mib, 2, \*[Am]maxproc, \*[Am]len, NULL, 0);
.Ed
.sp
To retrieve the standard search path for the system utilities:
.Bd -literal -offset indent -compact
int mib[2];
size_t len;
char *p;
.sp
mib[0] = CTL_USER;
mib[1] = USER_CS_PATH;
sysctl(mib, 2, NULL, \*[Am]len, NULL, 0);
p = malloc(len);
sysctl(mib, 2, p, \*[Am]len, NULL, 0);
.Ed
.Sh CTL_DEBUG
The debugging variables vary from system to system.
A debugging variable may be added or deleted without need to recompile
.Nm
to know about it.
Each time it runs,
.Nm
gets the list of debugging variables from the kernel and
displays their current values.
The system defines twenty
.Va ( struct ctldebug )
variables named
.Dv debug0
through
.Dv debug19 .
They are declared as separate variables so that they can be
individually initialized at the location of their associated variable.
The loader prevents multiple use of the same variable by issuing errors
if a variable is initialized in more than one place.
For example, to export the variable
.Dv dospecialcheck
as a debugging variable, the following declaration would be used:
.Bd -literal -offset indent -compact
int dospecialcheck = 1;
struct ctldebug debug5 = { "dospecialcheck", \*[Am]dospecialcheck };
.Ed
.Pp
Note that the dynamic implementation of
.Nm
currently in use largely makes this particular
.Nm
interface obsolete.
See
.Xr sysctl 8
.\" and
.\" .Xr sysctl 9
for more information.
.Sh CTL_VFS
A distinguished second level name, VFS_GENERIC,
is used to get general information about all filesystems.
One of its third level identifiers is VFS_MAXTYPENUM
that gives the highest valid filesystem type number.
Its other third level identifier is VFS_CONF that
returns configuration information about the filesystem
type given as a fourth level identifier.
The remaining second level identifiers are the
filesystem type number returned by a
.Xr statvfs 2
call or from VFS_CONF.
The third level identifiers available for each filesystem
are given in the header file that defines the mount
argument structure for that filesystem.
.Sh CTL_HW
The string and integer information available for the CTL_HW level
is detailed below.
The changeable column shows whether a process with appropriate
privilege may change the value.
.Bl -column "Second level nameXXXXXX" "struct disk_sysctlXXX" -offset indent
.It Sy Second level name Type Changeable
.It HW\_ALIGNBYTES integer no
.It HW\_BYTEORDER integer no
.It HW\_CNMAGIC string yes
.It HW\_DISKNAMES string no
.It HW\_DISKSTATS struct no
.It HW\_MACHINE string no
.It HW\_MACHINE\_ARCH string no
.It HW\_MODEL string no
.It HW\_NCPU integer no
.It HW\_PAGESIZE integer no
.It HW\_PHYSMEM integer no
.It HW\_PHYSMEM64 quad no
.It HW\_USERMEM integer no
.It HW\_USERMEM64 quad no
.El
.Pp
.Bl -tag -width "123456"
.It Li HW_ALIGNBYTES
Alignment constraint for all possible data types.
This shows the value
.Dv ALIGNBYTES
in
.Pa /usr/include/machine/param.h ,
at the kernel compilation time.
.It Li HW_BYTEORDER
The byteorder (4,321, or 1,234).
.It Li HW_CNMAGIC
The console magic key sequence.
.It Li HW_DISKNAMES
The list of (space separated) disk device and NFS mount names on the system.
.It Li HW_IOSTATNAMES
A space separated list of devices that will have I/O statistics
collected on them.
.It Li HW_IOSTATS
Return statistical information on the NFS mounts, disk and tape
devices on the system.
An array of
.Va struct io_sysctl
structures is returned,
whose size depends on the current number of such objects in the system.
The third level name is the size of the
.Va struct io_sysctl .
The type of object can be determined by examining the
.Va type
element of
.Va struct io_sysctl .
Which can be
.Dv IOSTAT_DISK
(disk drive),
.Dv IOSTAT_TAPE
(tape drive), or
.Dv IOSTAT_NFS
(NFS mount).
.It Li HW_MACHINE
The machine class.
.It Li HW_MACHINE_ARCH
The machine CPU class.
.It Li HW_MODEL
The machine model.
.It Li HW_NCPU
The number of CPUs.
.ne 1i
.It Li HW_PAGESIZE
The software page size.
.It Li HW_PHYSMEM
The bytes of physical memory as a 32-bit integer.
.It Li HW_PHYSMEM64
The bytes of physical memory as a 64-bit integer.
.It Li HW_USERMEM
The bytes of non-kernel memory as a 32-bit integer.
.It Li HW_USERMEM64
The bytes of non-kernel memory as a 64-bit integer.
.El
.Sh CTL_KERN
The string and integer information available for the CTL_KERN level
is detailed below.
The changeable column shows whether a process with appropriate
privilege may change the value.
The types of data currently available are process information,
system vnodes, the open file entries, routing table entries,
virtual memory statistics, load average history, and clock rate
information.
.Bl -column "KERNXPOSIXXREADERXWRITERXLOCKS" "struct clockrateXXX" -offset indent
.It Sy Second level name Type Changeable
.It KERN\_ARGMAX integer no
.It KERN\_AUTONICETIME integer yes
.It KERN\_AUTONICEVAL integer yes
.It KERN\_BOOTTIME struct timeval no
.It KERN\_BUFQ node not applicable
.It KERN\_CCPU integer no
.It KERN\_CLOCKRATE struct clockinfo no
.It KERN\_CONSDEV integer no
.It KERN\_CP\_ID struct no
.It KERN\_CP\_TIME uint64_t[\|] no
.It KERN\_DEFCORENAME string yes
.It KERN\_DOMAINNAME string yes
.It KERN\_DRIVERS struct kinfo_drivers no
.It KERN\_FILE struct file no
.It KERN\_FORKFSLEEP integer yes
.It KERN\_FSCALE integer no
.It KERN\_FSYNC integer no
.It KERN\_HARDCLOCK\_TICKS integer no
.It KERN\_HOSTID integer yes
.It KERN\_HOSTNAME string yes
.It KERN\_IOV\_MAX integer no
.It KERN\_JOB\_CONTROL integer no
.It KERN\_LABELOFFSET integer no
.It KERN\_LABELSECTOR integer no
.It KERN\_LOGIN\_NAME\_MAX integer no
.It KERN\_LOGSIGEXIT integer yes
.It KERN\_MAPPED\_FILES integer no
.It KERN\_MAXFILES integer yes
.It KERN\_MAXPARTITIONS integer no
.It KERN\_MAXPHYS integer no
.It KERN\_MAXPROC integer yes
.It KERN\_MAXPTYS integer yes
.It KERN\_MAXVNODES integer yes
.It KERN\_MBUF node not applicable
.It KERN\_MEMLOCK integer no
.It KERN\_MEMLOCK\_RANGE integer no
.It KERN\_MEMORY\_PROTECTION integer no
.It KERN\_MONOTONIC\_CLOCK integer no
.It KERN\_MSGBUF integer no
.It KERN\_MSGBUFSIZE integer no
.It KERN\_NGROUPS integer no
.It KERN\_NTPTIME struct ntptimeval no
.It KERN\_OSRELEASE string no
.It KERN\_OSREV integer no
.It KERN\_OSTYPE string no
.It KERN\_PIPE node not applicable
.It KERN\_POSIX1 integer no
.It KERN\_POSIX\_BARRIERS integer no
.It KERN\_POSIX\_READER\_WRITER\_LOCKS integer no
.It KERN\_POSIX\_SEMAPHORES integer no
.It KERN\_POSIX\_SPIN\_LOCKS integer no
.It KERN\_POSIX\_THREADS integer no
.It KERN\_POSIX\_TIMERS integer no
.It KERN\_PROC struct kinfo_proc no
.It KERN\_PROC2 struct kinfo_proc2 no
.It KERN\_PROC\_ARGS string no
.It KERN\_PROF node not applicable
.It KERN\_RAWPARTITION integer no
.It KERN\_ROOT\_DEVICE string no
.It KERN\_ROOT\_PARTITION integer no
.It KERN\_RTC\_OFFSET integer yes
.It KERN\_SAVED\_IDS integer no
.It KERN\_SECURELVL integer raise only
.It KERN\_SYNCHRONIZED\_IO integer no
.It KERN\_SYSVIPC\_INFO node not applicable
.It KERN\_SYSVMSG integer no
.It KERN\_SYSVSEM integer no
.It KERN\_SYSVSHM integer no
.It KERN\_TIMEX struct no
.It KERN\_TKSTAT node not applicable
.It KERN\_URANDOM integer no
.It KERN\_VERIEXEC node not applicable
.It KERN\_VERSION string no
.It KERN\_VNODE struct vnode no
.El
.ne 1i
.Pp
.Bl -tag -width "123456"
.It Li KERN_ARGMAX
The maximum bytes of argument to
.Xr execve 2 .
.It Li KERN_AUTONICETIME
The number of seconds of CPU-time a non-root process may accumulate before
having its priority lowered from the default to the value of KERN_AUTONICEVAL.
If set to 0, automatic lowering of priority is not performed, and if set to \-1
all non-root processes are immediately lowered.
.It Li KERN_AUTONICEVAL
The priority assigned for automatically niced processes.
.It Li KERN_BOOTTIME
A
.Va struct timeval
structure is returned.
This structure contains the time that the system was booted.
.It Li KERN_CCPU
The scheduler exponential decay value.
.It Li KERN_CLOCKRATE
A
.Va struct clockinfo
structure is returned.
This structure contains the clock, statistics clock and profiling clock
frequencies, the number of micro-seconds per hz tick, and the clock
skew rate.
.It Li KERN_CONSDEV
Console device.
.It Li KERN_CP_ID
Mapping of CPU number to CPU id.
.It Li KERN_CP_TIME
Returns an array of CPUSTATES uint64_ts.
This array contains the
number of clock ticks spent in different CPU states.
On multi-processor systems, the sum across all CPUs is returned unless
appropriate space is given for one data set for each CPU.
Data for a specific CPU can also be obtained by adding the number of the
CPU at the end of the MIB, enlarging it by one.
.It Li KERN_DEFCORENAME
Default template for the name of core dump files (see also PROC_PID_CORENAME
in the per-process variables CTL_PROC, and
.Xr core 5
for format of this template).
The default value is
.Nm %n.core
and can be changed with the kernel configuration option
.Cd options DEFCORENAME
(see
.Xr options 4
).
.It Li KERN_DOMAINNAME
Get or set the YP domain name.
.It Li KERN_DUMP_ON_PANIC
Perform a crash dump on system panic.
.It Li KERN_DRIVERS
Return an array of
.Va struct kinfo_drivers
that contains the name and major device numbers of all the device drivers
in the current kernel.
The
.Va d_name
field is always a NUL terminated string.
The
.Va d_bmajor
field will be set to \-1 if the driver doesn't have a block device.
.It Li KERN_FILE
Return the entire file table.
The returned data consists of a single
.Va struct filelist
followed by an array of
.Va struct file ,
whose size depends on the current number of such objects in the system.
.It Li KERN_FORKFSLEEP
If
.Xr fork 2
system call fails due to limit on number of processes (either
the global maxproc limit or user's one), wait for this many
milliseconds before returning
.Er EAGAIN
error to process.
Useful to keep heavily forking runaway processes in bay.
Default zero (no sleep).
Maximum is 20 seconds.
.It Li KERN_FSCALE
The kernel fixed-point scale factor.
.It Li KERN_FSYNC
Return 1 if the POSIX 1003.1b File Synchronization Option is available
on this system,
otherwise 0.
.It Li KERN_HARDCLOCK_TICKS
Returns the number of
.Xr hardclock 9
ticks.
.It Li KERN_HOSTID
Get or set the host id.
.It Li KERN_HOSTNAME
Get or set the hostname.
.It Li KERN_IOV_MAX
Return the maximum number of
.Va iovec
structures that a process has available for use with
.Xr preadv 2 ,
.Xr pwritev 2 ,
.Xr readv 2 ,
.Xr recvmsg 2 ,
.Xr sendmsg 2
and
.Xr writev 2 .
.It Li KERN_JOB_CONTROL
Return 1 if job control is available on this system, otherwise 0.
.It Li KERN_LABELOFFSET
The offset within the sector specified by KERN_LABELSECTOR of the
.Xr disklabel 5 .
.It Li KERN_LABELSECTOR
The sector number containing the
.Xr disklabel 5 .
.It Li KERN_LOGIN_NAME_MAX
The size of the storage required for a login name, in bytes,
including the terminating NUL.
.It Li KERN_LOGSIGEXIT
If this flag is non-zero, the kernel will
.Xr log 9
all process exits due to signals which create a
.Xr core 5
file, and whether the coredump was created.
.It Li KERN_MAPPED_FILES
Returns 1 if the POSIX 1003.1b Memory Mapped Files Option is available
on this system,
otherwise 0.
.It Li KERN_MAXFILES
The maximum number of open files that may be open in the system.
.It Li KERN_MAXPARTITIONS
The maximum number of partitions allowed per disk.
.It Li KERN_MAXPHYS
Maximum raw I/O transfer size.
.It Li KERN_MAXPROC
The maximum number of simultaneous processes the system will allow.
.It Li KERN_MAXPTYS
The maximum number of pseudo terminals.
This value can be both raised and lowered, though it cannot
be set lower than number of currently used ptys.
See also
.Xr pty 4 .
.It Li KERN_MAXVNODES
The maximum number of vnodes available on the system.
This can only be raised.
.It Li KERN_MBUF
Return information about the mbuf control variables.
the third level names for the mbuf variables are detailed below.
The changeable column shows whether a process with appropriate
privilege may change the value.
.Bl -column "MBUFXNMBCLUSTERSXXX" "struct integerXXX" -offset indent
.It Sy Third level name Type Changeable
.It MBUF\_MBLOWAT integer yes
.It MBUF\_MCLBYTES integer yes
.It MBUF\_MCLLOWAT integer yes
.It MBUF\_MSIZE integer yes
.It MBUF\_NMBCLUSTERS integer yes
.El
.Pp
The variables are as follows:
.Bl -tag -width "123456"
.It Li MBUF_MBLOWAT
The mbuf low water mark.
.It Li MBUF_MCLBYTES
The mbuf cluster size.
.It Li MBUF_MCLLOWAT
The mbuf cluster low water mark.
.It Li MBUF_MSIZE
The mbuf base size.
.It Li MBUF_NMBCLUSTERS
The limit on the number of mbuf clusters.
The variable can only be increased, and only increased on machines with
direct-mapped pool pages.
.El
.It Li KERN_MEMLOCK
Returns 1 if the POSIX 1003.1b Process Memory Locking Option is available
on this system,
otherwise 0.
.It Li KERN_MEMLOCK_RANGE
Returns 1 if the POSIX 1003.1b Range Memory Locking Option is available
on this system,
otherwise 0.
.It Li KERN_MEMORY_PROTECTION
Returns 1 if the POSIX 1003.1b Memory Protection Option is available
on this system,
otherwise 0.
.It Li KERN_MONOTONIC_CLOCK
Returns the standard version the implementation of the POSIX 1003.1b
Monotonic Clock Option conforms to,
otherwise 0.
.It Li KERN_MSGBUF
The kernel message buffer, rotated so that the head of the circular kernel
message buffer is returned at the start of the buffer specified by
.Fa oldp .
The returned data may contain NUL bytes.
.It Li KERN_MSGBUFSIZE
The maximum number of characters that the kernel message buffer can hold.
.It Li KERN_NGROUPS
The maximum number of supplemental groups.
.It Li KERN_NTPTIME
A
.Va struct ntptimeval
structure is returned.
This structure contains data used by the
.Xr ntpd 8
program.
.It Li KERN_OSRELEASE
The system release string.
.It Li KERN_OSREV
The system revision string.
.It Li KERN_OSTYPE
The system type string.
.It Li KERN_PIPE
Pipe settings.
The third level names for the integer pipe settings is detailed below.
The changeable column shows whether a process with appropriate
privilege may change the value.
.Bl -column "KERNXPIPEXFOOXXX" "integerXXX" -offset indent
.It Sy Third level name Type Changeable
.It KERN\_PIPE\_KVASIZ integer yes
.It KERN\_PIPE\_MAXBIGPIPES integer yes
.It KERN\_PIPE\_MAXKVASZ integer yes
.It KERN\_PIPE\_LIMITKVA integer yes
.It KERN\_PIPE\_NBIGPIPES integer yes
.El
.Pp
The variables are as follows:
.Bl -tag -width "123456"
.It Li KERN_PIPE_KVASIZ
Amount of kernel memory consumed by pipe buffers.
.It Li KERN_PIPE_MAXBIGPIPES
Maximum number of "big" pipes.
.It Li KERN_PIPE_MAXKVASZ
Maximum amount of kernel memory to be used for pipes.
.It Li KERN_PIPE_LIMITKVA
Limit for direct transfers via page loan.
.It Li KERN_PIPE_NBIGPIPES
Number of "big" pipes.
.El
.It Li KERN_POSIX1
The version of ISO/IEC 9945 (POSIX 1003.1) with which the system
attempts to comply.
.It Li KERN_POSIX_BARRIERS
The version of
.St -p1003.1
and its
Barriers
option to which the system attempts to conform,
otherwise 0.
.It Li KERN_POSIX_READER_WRITER_LOCKS
The version of
.St -p1003.1
and its
Read-Write Locks
option to which the system attempts to conform,
otherwise 0.
.It Li KERN_POSIX_SEMAPHORES
The version of
.St -p1003.1
and its
Semaphores
option to which the system attempts to conform,
otherwise 0.
.It Li KERN_POSIX_SPIN_LOCKS
The version of
.St -p1003.1
and its
Spin Locks
option to which the system attempts to conform,
otherwise 0.
.It Li KERN_POSIX_THREADS
The version of
.St -p1003.1
and its
Threads
option to which the system attempts to conform,
otherwise 0.
.It Li KERN_POSIX_TIMERS
The version of
.St -p1003.1
and its
Timers
option to which the system attempts to conform,
otherwise 0.
.It Li KERN_PROC
Return the entire process table, or a subset of it.
An array of
.Va struct kinfo_proc
structures is returned,
whose size depends on the current number of such objects in the system.
The third and fourth level names are as follows:
.Bl -column "Third level nameXXXXXX" "Fourth level is:XXXXXX" -offset indent
.It Sy Third level name Fourth level is:
.It KERN\_PROC\_ALL None
.It KERN\_PROC\_GID A group ID
.It KERN\_PROC\_PID A process ID
.It KERN\_PROC\_PGRP A process group
.It KERN\_PROC\_RGID A real group ID
.It KERN\_PROC\_RUID A real user ID
.It KERN\_PROC\_SESSION A session ID
.It KERN\_PROC\_TTY A tty device
.It KERN\_PROC\_UID A user ID
.El
.It Li KERN_PROC2
As for KERN_PROC, but an array of
.Va struct kinfo_proc2
structures are returned.
The fifth level name is the size of the
.Va struct kinfo_proc2
and the sixth level name is the number of structures to return.
.It Li KERN_PROC_ARGS
Return the argv or environment strings (or the number thereof)
of a process.
Multiple strings are returned separated by NUL characters.
The third level name is the process ID.
The fourth level name is as follows:
.Bl -column "Third level nameXXXXXX" -offset indent
.It KERN\_PROC\_ARGV The argv strings
.It KERN\_PROC\_ENV The environ strings
.It KERN\_PROC\_NARGV The number of argv strings
.It KERN\_PROC\_NENV The number of environ strings
.El
.It Li KERN_PROF
Return profiling information about the kernel.
If the kernel is not compiled for profiling,
attempts to retrieve any of the KERN_PROF values will
fail with EOPNOTSUPP.
The third level names for the string and integer profiling information
is detailed below.
The changeable column shows whether a process with appropriate
privilege may change the value.
.Bl -column "GPROFXGMONPARAMXXX" "struct gmonparamXXX" -offset indent
.It Sy Third level name Type Changeable
.It GPROF\_COUNT u_short[\|] yes
.It GPROF\_FROMS u_short[\|] yes
.It GPROF\_GMONPARAM struct gmonparam no
.It GPROF\_STATE integer yes
.It GPROF\_TOS struct tostruct yes
.El
.Pp
The variables are as follows:
.Bl -tag -width "123456"
.It Li GPROF_COUNT
Array of statistical program counter counts.
.It Li GPROF_FROMS
Array indexed by program counter of call-from points.
.It Li GPROF_GMONPARAM
Structure giving the sizes of the above arrays.
.It Li GPROF_STATE
Profiling state.
If set to GMON_PROF_ON, starts profiling.
If set to GMON_PROF_OFF, stops profiling.
.It Li GPROF_TOS
Array of
.Va struct tostruct
describing destination of calls and their counts.
.El
.It Li KERN_RAWPARTITION
The raw partition of a disk (a == 0).
.It Li KERN_ROOT_DEVICE
The name of the root device (e.g.,
.Dq wd0 ) .
.It Li KERN_ROOT_PARTITION
The root partition on the root device (a == 0).
.It Li KERN_RTC_OFFSET
Return the offset of real time clock from UTC in minutes.
.It Li KERN_SAVED_IDS
Returns 1 if saved set-group and saved set-user ID is available.
.It Li KERN_SBMAX
Maximum socket buffer size.
.It Li KERN_SECURELVL
The system security level.
This level may be raised by processes with appropriate privilege.
It may only be lowered by process 1.
.It Li KERN_SOMAXKVA
Maximum amount of kernel memory to be used for socket buffers.
.It Li KERN_SYNCHRONIZED_IO
Returns 1 if the POSIX 1003.1b Synchronized I/O Option is available
on this system,
otherwise 0.
.It Li KERN_SYSVIPC_INFO
Return System V style IPC configuration and run-time information.
The third level name selects the System V style IPC facility.
.Bl -column "KERN_SYSVIPC_MSG_INFOXXX" "struct shm_sysctl_infoXXX" -offset indent
.It Sy Third level name Type
.It KERN\_SYSVIPC\_MSG\_INFO struct msg_sysctl_info
.It KERN\_SYSVIPC\_SEM\_INFO struct sem_sysctl_info
.It KERN\_SYSVIPC\_SHM\_INFO struct shm_sysctl_info
.El
.Pp
.Bl -tag -width "123456"
.It Li KERN_SYSVIPC_MSG_INFO
Return information on the System V style message facility.
The
.Sy msg_sysctl_info
structure is defined in
.Aq Pa sys/msg.h .
.It Li KERN_SYSVIPC_SEM_INFO
Return information on the System V style semaphore facility.
The
.Sy sem_sysctl_info
structure is defined in
.Aq Pa sys/sem.h .
.It Li KERN_SYSVIPC_SHM_INFO
Return information on the System V style shared memory facility.
The
.Sy shm_sysctl_info
structure is defined in
.Aq Pa sys/shm.h .
.El
.It Li KERN_SYSVMSG
Returns 1 if System V style message queue functionality is available
on this system,
otherwise 0.
.It Li KERN_SYSVSEM
Returns 1 if System V style semaphore functionality is available
on this system,
otherwise 0.
.It Li KERN_SYSVSHM
Returns 1 if System V style share memory functionality is available
on this system,
otherwise 0.
.It Li KERN_TIMEX
Not available.
.It Li KERN_TKSTAT
Return information about the number of characters sent and received
on ttys.
The third level names for the tty statistic variables are detailed below.
The changeable column shows whether a process
with appropriate privilege may change the value.
.Bl -column "KERNXTKSTATXRAWCCXXX" "struct integerXXX" -offset indent
.It Sy Third level name Type Changeable
.It KERN\_TKSTAT\_CANCC quad no
.It KERN\_TKSTAT\_NIN quad no
.It KERN\_TKSTAT\_NOUT quad no
.It KERN\_TKSTAT\_RAWCC quad no
.El
.Pp
The variables are as follows:
.Bl -tag -width "123456"
.It Li KERN_TKSTAT_CANCC
The number of canonical input characters.
.It Li KERN_TKSTAT_NIN
The total number of input characters.
.It Li KERN_TKSTAT_NOUT
The total number of output characters.
.It Li KERN_TKSTAT_RAWCC
The number of raw input characters.
.El
.It Li KERN_URND
Random integer value.
.It Li KERN_VERIEXEC
Tunings for Verixec.
Third level names for the Veriexec variables are detailed below.
The changeable column shows whether a process with appropriate privilege may
change the value or only raise it.
Only the superuser can modify these variables.
.Bl -column "VERIEXECXALGORITHMSXXX" "struct integerXXX" -offset indent
.It Sy Third level name Type Changeable
.It VERIEXEC\_ALGORITHMS string no
.It VERIEXEC\_COUNT node not applicable
.It VERIEXEC\_STRICT integer raise only
.It VERIEXEC\_VERBOSE integer yes
.El
.Pp
The variables are as follows:
.Bl -tag -width "123456"
.It Li VERIEXEC_ALGORITHMS
Returns a string with the supported algorithms in Veriexec.
.It Li VERIEXEC_COUNT
Sub-nodes are added to this node as new mounts are monitored by Veriexec.
Each mount will be under its own
.No tableN
node.
Under each node there will be three variables, indicating the mount
point, the file-system type, and the number of entries.
.It Li VERIEXEC_STRICT
Controls the strict level of Veriexec.
The strict level defines how Veriexec will treat various situations.
.Pp
In strict level 0, the system is in learning mode and will only warn about
fingerprint mismatches, as well as allow removal of fingerprinted files.
It is the only level where fingerprints can be loaded.
.Pp
In strict level 1, the system is in IDS mode.
It will deny access to files with mismatched fingerprints.
Write access to monitored files will be permitted, but once modified, further
access to them will be denied.
Monitored files cannot be removed.
If a disk will be opened for raw writing, Veriexec will invalidate all
fingerprints on that disk, if it is monitored.
.Pp
In strict level 2, the system is in IPS mode.
It has all effects of
strict level 1, plus it will deny write access to monitored files and enforce
access type (direct, indirect, file).
Execution of non-monitored files is denied.
Opening of raw disks for writing will be denied if the disk is monitored.
Attempts to write to kernel memory, either via
.Pa /dev/mem
or
.Pa /dev/kmem ,
will be denied to protect Veriexec's internal data-structures.
.Pp
Strict level 3 operates as lockdown mode.
It will have all effects of
strict level 2, but it will also prevent access to non-monitored files.
Furthermore, it will prevent addition of new files to the system, and
allow writing only to files opened before the strict level was raised.
All attempts to open a disk for raw writing will be denied.
.It Li VERIEXEC_VERBOSE
Controls the verbosity level of Veriexec.
If 0, only the minimal
indication required will be given about what's happening - fingerprint
mismatches, removal of entries from the tables, modification of a
fingerprinted file.
If 1, more messages will be printed (ie., when a file with a valid
fingerprint is accessed).
Verbose level 2 is debug mode.
.El
.It Li KERN_VERSION
The system version string.
.It Li KERN_VNODE
Return the entire vnode table.
Note, the vnode table is not necessarily a consistent snapshot of
the system.
The returned data consists of an array whose size depends on the
current number of such objects in the system.
Each element of the array contains the kernel address of a vnode
.Va struct vnode *
followed by the vnode itself
.Va struct vnode .
.It Li kern.coredump.setid
Settings related to set-id processes coredumps.
By default, set-id processes do not dump core in situations where
other processes would.
The settings in this node allows an administrator to change this
behavior.
.Pp
.Bl -tag -width "123456"
.It Li kern.coredump.setid.dump
If non-zero, set-id processes will dump core.
.It Li kern.coredump.setid.group
The group-id for the set-id processes' coredump.
.It Li kern.coredump.setid.mode
The mode for the set-id processes' coredump.
See
.Xr chmod 1 .
.It Li kern.coredump.setid.owner
The user-id that will be used as the owner of the set-id processes'
coredump.
.It Li kern.coredump.setid.path
The path to which set-id processes' coredumps will be saved to.
Same syntax as kern.defcorename.
.El
.El
.Sh CTL_MACHDEP
The set of variables defined is architecture dependent.
Most architectures define at least the following variables.
.Bl -column "CONSOLE_DEVICEXXX" "integerXXX" -offset indent
.It Sy Second level name Type Changeable
.It Li CPU_CONSDEV dev_t no
.El
.Sh CTL_NET
The string and integer information available for the CTL_NET level
is detailed below.
The changeable column shows whether a process with appropriate
privilege may change the value.
The second and third levels are typically the protocol family and
protocol number, though this is not always the case.
.Bl -column "Second level nameXXXXXX" "routing messagesXXX" -offset indent
.It Sy Second level name Type Changeable
.It PF\_ROUTE routing messages no
.It PF\_INET IPv4 values yes
.It PF\_INET6 IPv6 values yes
.It PF\_KEY IPsec key management values yes
.El
.Pp
.Bl -tag -width "123456"
.It Li PF_ROUTE
Return the entire routing table or a subset of it.
The data is returned as a sequence of routing messages (see
.Xr route 4
for the header file, format and meaning).
The length of each message is contained in the message header.
.Pp
The third level name is a protocol number, which is currently always 0.
The fourth level name is an address family, which may be set to 0 to
select all address families.
The fifth and sixth level names are as follows:
.Bl -column "Fifth level nameXXXXXX" "Sixth level is:XXX" -offset indent
.It Sy Fifth level name Sixth level is:
.It NET\_RT\_FLAGS rtflags
.It NET\_RT\_DUMP None
.It NET\_RT\_IFLIST None
.El
.It Li PF_INET
Get or set various global information about the IPv4
.Pq Internet Protocol version 4 .
The third level name is the protocol.
The fourth level name is the variable name.
The currently defined protocols and names are:
.Bl -column "Protocol name" "Variable nameXX" "integer" "yes" -offset indent
.It Sy Protocol name Variable name Type Changeable
.It arp down integer yes
.It arp keep integer yes
.It arp prune integer yes
.It arp refresh integer yes
.It carp allow integer yes
.It carp preempt integer yes
.It carp log integer yes
.It carp arpbalance integer yes
.It icmp errppslimit integer yes
.It icmp maskrepl integer yes
.It icmp rediraccept integer yes
.It icmp redirtimeout integer yes
.It ip allowsrcrt integer yes
.It ip anonportmax integer yes
.It ip anonportmin integer yes
.It ip checkinterface integer yes
.It ip directed-broadcast integer yes
.It ip do_loopback_cksum integer yes
.It ip forwarding integer yes
.It ip forwsrcrt integer yes
.It ip gifttl integer yes
.It ip grettl integer yes
.It ip hostzerobroadcast integer yes
.It ip lowportmin integer yes
.It ip lowportmax integer yes
.It ip maxflows integer yes
.It ip maxfragpackets integer yes
.It ip mtudisc integer yes
.It ip mtudisctimeout integer yes
.It ip random_id integer yes
.It ip redirect integer yes
.It ip subnetsarelocal integer yes
.It ip ttl integer yes
.It tcp rfc1323 integer yes
.It tcp sendspace integer yes
.It tcp recvspace integer yes
.It tcp mssdflt integer yes
.It tcp syn_cache_limit integer yes
.It tcp syn_bucket_limit integer yes
.It tcp syn_cache_interval integer yes
.It tcp init_win integer yes
.It tcp init_win_local integer yes
.It tcp mss_ifmtu integer yes
.It tcp sack integer yes
.It tcp win_scale integer yes
.It tcp timestamps integer yes
.It tcp compat_42 integer yes
.It tcp cwm integer yes
.It tcp cwm_burstsize integer yes
.It tcp ack_on_push integer yes
.It tcp keepidle integer yes
.It tcp keepintvl integer yes
.It tcp keepcnt integer yes
.It tcp slowhz integer no
.It tcp newreno integer yes
.It tcp log_refused integer yes
.It tcp rstppslimit integer yes
.It tcp ident struct no
.It udp checksum integer yes
.It udp do_loopback_cksum integer yes
.It udp recvspace integer yes
.It udp sendspace integer yes
.El
.Pp
The variables are as follows:
.Bl -tag -width "123456"
.It Li arp.down
Failed ARP entry lifetime.
.It Li arp.keep
Valid ARP entry lifetime.
.It Li arp.prune
ARP cache pruning interval.
.It Li arp.refresh
ARP entry refresh interval.
.It Li carp.allow
If set to 0, incoming
.Xr carp 4
packets will not be processed.
If set to any other value, processing will occur.
Enabled by default.
.It Li carp.arpbalance
If set to any value other than 0, the ARP balancing functionality of
.Xr carp 4
is enabled.
When ARP requests are received for an IP address which is part of any virtual
host, carp will hash the source IP in the ARP request to select one of the
virtual hosts from the set of all the virtual hosts which have that IP address.
The master of that host will respond with the correct virtual MAC address.
Disabled by default.
.It Li carp.log
If set to any value other than 0,
.Xr carp 4
will log errors.
Disabled by default.
.It Li carp.preempt
If set to 0,
.Xr carp 4
will not attempt to become master if it is receiving advertisements from
another active master.
If set to any other value, carp will become master of the virtual host if it
believes it can send advertisements more frequently than the current master.
Disabled by default.
.It Li ip.allowsrcrt
If set to 1, the host accepts source routed packets.
.It Li ip.anonportmax
The highest port number to use for TCP and UDP ephemeral port allocation.
This cannot be set to less than 1024 or greater than 65535, and must
be greater than
.Li ip.anonportmin .
.It Li ip.anonportmin
The lowest port number to use for TCP and UDP ephemeral port allocation.
This cannot be set to less than 1024 or greater than 65535.
.It Li ip.checkinterface
If set to non-zero, the host will reject packets addressed to it
that arrive on an interface not bound to that address.
Currently, this must be disabled if ipnat is used to translate the
destination address to another local interface, or if addresses
are added to the loopback interface instead of the interface where
the packets for those packets are received.
.It Li ip.directed-broadcast
If set to 1, enables directed broadcast behavior for the host.
.It Li ip.do_loopback_cksum
Perform IP checksum on loopback.
.It Li ip.forwarding
If set to 1, enables IP forwarding for the host,
meaning that the host is acting as a router.
.It Li ip.forwsrcrt
If set to 1, enables forwarding of source-routed packets for the host.
This value may only be changed if the kernel security level is less than 1.
.It Li ip.gifttl
The maximum time-to-live (hop count) value for an IPv4 packet generated by
.Xr gif 4
tunnel interface.
.It Li ip.grettl
The maximum time-to-live (hop count) value for an IPv4 packet generated by
.Xr gre 4
tunnel interface.
.It Li ip.hostzerobroadcast
All zeroes address is broadcast address.
.It Li ip.lowportmax
The highest port number to use for TCP and UDP reserved port allocation.
This cannot be set to less than 0 or greater than 1024, and must
be greater than
.Li ip.lowportmin .
.It Li ip.lowportmin
The lowest port number to use for TCP and UDP reserved port allocation.
This cannot be set to less than 0 or greater than 1024, and must
be smaller than
.Li ip.lowportmax .
.It Li ip.maxflows
IP Fast Forwarding is enabled by default.
If set to 0, IP Fast Forwarding is disabled.
.Li ip.maxflows
controls the maximum amount of flows which can be created.
The default value is 256.
.It Li ip.maxfragpackets
The maximum number of fragmented packets the node will accept.
0 means that the node will not accept any fragmented packets.
\-1 means that the node will accept as many fragmented packets as it receives.
The flag is provided basically for avoiding possible DoS attacks.
.It Li ip.mtudisc
If set to 1, enables Path MTU Discovery (RFC 1191).
When Path MTU Discovery is enabled, the transmitted TCP segment
size will be determined by the advertised maximum segment size
(MSS) from the remote end, as constrained by the path MTU.
If MTU Discovery is disabled, the transmitted segment size will
never be greater than
.Li tcp.mssdflt
(the local maximum segment size).
.It Li ip.mtudisctimeout
The number of seconds in which a route added by the Path MTU
Discovery engine will time out.
When the route times out, the Path
MTU Discovery engine will attempt to probe a larger path MTU.
.It Li ip.random_id
Assign random ip_id values.
.It Li ip.redirect
If set to 1, ICMP redirects may be sent by the host.
This option is ignored unless the host is routing IP packets,
and should normally be enabled on all systems.
.It Li ip.subnetsarelocal
If set to 1, subnets are to be considered local addresses.
.It Li ip.ttl
The maximum time-to-live (hop count) value for an IP packet sourced by
the system.
This value applies to normal transport protocols, not to ICMP.
.It Li icmp.errppslimit
The variable specifies the maximum number of outgoing ICMP error messages,
per second.
ICMP error messages that exceeded the value are subject to rate limitation
and will not go out from the node.
Negative value disables rate limitation.
.It Li icmp.maskrepl
If set to 1, ICMP network mask requests are to be answered.
.It Li icmp.rediraccept
If set to non-zero, the host will accept ICMP redirect packets.
Note that routers will never accept ICMP redirect packets,
and the variable is meaningful on IP hosts only.
.It Li icmp.redirtimeout
The variable specifies lifetime of routing entries generated by incoming
ICMP redirect.
This defaults to 600 seconds.
.It Li icmp.returndatabytes
Number of bytes to return in an ICMP error message.
.It Li tcp.ack_on_push
If set to 1, TCP is to immediately transmit an ACK upon reception of
a packet with PUSH set.
This can avoid losing a round trip time in some rare situations,
but has the caveat of potentially defeating TCP's delayed ACK algorithm.
Use of this option is generally not recommended, but
the variable exists in case your configuration really needs it.
.It Li tcp.compat_42
If set to 1, enables work-arounds for bugs in the 4.2BSD TCP implementation.
Use of this option is not recommended, although it may be
required in order to communicate with extremely old TCP implementations.
.It Li tcp.cwm
If set to 1, enables use of the Hughes/Touch/Heidemann Congestion Window
Monitoring algorithm.
This algorithm prevents line-rate bursts of packets that could
otherwise occur when data begins flowing on an idle TCP connection.
These line-rate bursts can contribute to network and router congestion.
This can be particularly useful on World Wide Web servers
which support HTTP/1.1, which has lingering connections.
.It Li tcp.cwm_burstsize
The Congestion Window Monitoring allowed burst size, in terms
of packet count.
.It Li tcp.delack_ticks
Number of ticks to delay sending an ACK.
.It Li tcp.do_loopback_cksum
Perform TCP checksum on loopback.
.It Li tcp.init_win
A value indicating the TCP initial congestion window.
If this value is 0, an auto-tuning algorithm designed to use an initial
window of approximately 4K bytes is in use.
Otherwise, this value indicates a fixed number of packets.
.It Li tcp.init_win_local
Like
.Li tcp.init_win ,
but used when communicating with hosts on a local network.
.It Li tcp.keepcnt
Number of keepalive probes sent before declaring a connection dead.
If set to zero, there is no limit;
keepalives will be sent until some kind of
response is received from the peer.
.It Li tcp.keepidle
Time a connection must be idle before keepalives are sent (if keepalives
are enabled for the connection).
See also tcp.slowhz.
.It Li tcp.keepintvl
Time after a keepalive probe is sent until, in the absence of any response,
another probe is sent.
See also tcp.slowhz.
.It Li tcp.log_refused
If set to 1, refused TCP connections to the host will be logged.
.It Li tcp.mss_ifmtu
If set to 1, TCP calculates the outgoing maximum segment size based on
the MTU of the appropriate interface.
If set to 0, it is calculated based on the greater of the MTU of the
interface, and the largest (non-loopback) interface MTU on the system.
.It Li tcp.mssdflt
The default maximum segment size both advertised to the peer
and to use when either the peer does not advertise a maximum segment size to
us during connection setup or Path MTU Discovery
.Li ( ip.mtudisc )
is disabled.
Do not change this value unless you really know what you are doing.
.It Li tcp.newreno
If set to 1, enables the use of J.
Hoe's NewReno congestion control algorithm.
This algorithm improves the start-up behavior of TCP connections.
.It Li tcp.recvspace
The default TCP receive buffer size.
.It Li tcp.rfc1323
If set to 1, enables RFC 1323 extensions to TCP.
.It Li tcp.rstppslimit
The variable specifies the maximum number of outgoing TCP RST packets,
per second.
TCP RST packet that exceeded the value are subject to rate limitation
and will not go out from the node.
Negative value disables rate limitation.
.It Li tcp.sack.enable
If set to 1, enables RFC 2018 Selective ACKnowledgement.
.It Li tcp.sack.globalholes
Global number of TCP SACK holes.
.It Li tcp.sack.globalmaxholes
Global maximum number of TCP SACK holes.
.It Li tcp.sack.maxholes
Maximum number of TCP SACK holes allowed per connection.
.It Li tcp.ecn.enable
If set to 1, enables RFC 3168 Explicit Congestion Notification.
.It Li tcp.ecn.maxretries
Number of times to retry sending the ECN-setup packet.
.It Li tcp.sendspace
The default TCP send buffer size.
.It Li tcp.slowhz
The units for tcp.keepidle and tcp.keepintvl; those variables are in ticks
of a clock that ticks tcp.slowhz times per second.
(That is, their values
must be divided by the tcp.slowhz value to get times in seconds.)
.It Li tcp.syn_bucket_limit
The maximum number of entries allowed per hash bucket in the TCP
compressed state engine.
.It Li tcp.syn_cache_limit
The maximum number of entries allowed in the TCP compressed state
engine.
.It Li tcp.timestamps
If rfc1323 is enabled, a value of 1 indicates RFC 1323 time stamp options,
used for measuring TCP round trip times, are enabled.
.It Li tcp.win_scale
If rfc1323 is enabled, a value of 1 indicates RFC 1323 window scale options,
for increasing the TCP window size, are enabled.
.It Li udp.checksum
If set to 1, UDP checksums are being computed.
Received non-zero UDP checksums are always checked.
Disabling UDP checksums is strongly discouraged.
.It Li udp.sendspace
The default UDP send buffer size.
.It Li udp.recvspace
The default UDP receive buffer size.
.El
.Pp
For variables net.*.ipsec, please refer to
.Xr ipsec 4 .
.It Li PF_INET6
Get or set various global information about the IPv6
.Pq Internet Protocol version 6 .
The third level name is the protocol.
The fourth level name is the variable name.
The currently defined protocols and names are:
.Bl -column "Protocol name" "Variable nameXX" "integer" "yes" -offset indent
.It Sy Protocol name Variable name Type Changeable
.It icmp6 errppslimit integer yes
.It icmp6 mtudisc_hiwat integer yes
.It icmp6 mtudisc_lowat integer yes
.It icmp6 nd6_debug integer yes
.It icmp6 nd6_delay integer yes
.It icmp6 nd6_maxnudhint integer yes
.It icmp6 nd6_mmaxtries integer yes
.It icmp6 nd6_prune integer yes
.It icmp6 nd6_umaxtries integer yes
.It icmp6 nd6_useloopback integer yes
.It icmp6 nodeinfo integer yes
.It icmp6 rediraccept integer yes
.It icmp6 redirtimeout integer yes
.It ip6 accept_rtadv integer yes
.It ip6 anonportmax integer yes
.It ip6 anonportmin integer yes
.It ip6 auto_flowlabel integer yes
.It ip6 dad_count integer yes
.It ip6 defmcasthlim integer yes
.It ip6 forwarding integer yes
.It ip6 gifhlim integer yes
.It ip6 hlim integer yes
.It ip6 hdrnestlimit integer yes
.It ip6 kame_version string no
.It ip6 keepfaith integer yes
.It ip6 log_interval integer yes
.It ip6 lowportmax integer yes
.It ip6 lowportmin integer yes
.It ip6 maxfragpackets integer yes
.It ip6 maxfrags integer yes
.It ip6 redirect integer yes
.It ip6 rr_prune integer yes
.It ip6 use_deprecated integer yes
.It ip6 v6only integer yes
.It udp6 do_loopback_cksum integer yes
.It udp6 recvspace integer yes
.It udp6 sendspace integer yes
.El
.Pp
The variables are as follows:
.Bl -tag -width "123456"
.It Li ip6.accept_rtadv
If set to non-zero, the node will accept ICMPv6 router advertisement packets
and autoconfigures address prefixes and default routers.
The node must be a host
.Pq not a router
for the option to be meaningful.
.It Li ip6.anonportmax
The highest port number to use for TCP and UDP ephemeral port allocation.
This cannot be set to less than 1024 or greater than 65535, and must
be greater than
.Li ip6.anonportmin .
.It Li ip6.anonportmin
The lowest port number to use for TCP and UDP ephemeral port allocation.
This cannot be set to less than 1024 or greater than 65535.
.It Li ip6.auto_flowlabel
On connected transport protocol packets,
fill IPv6 flowlabel field to help intermediate routers to identify packet flows.
.It Li ip6.dad_count
The variable configures number of IPv6 DAD
.Pq duplicated address detection
probe packets.
The packets will be generated when IPv6 interface addresses are configured.
.It Li ip6.defmcasthlim
The default hop limit value for an IPv6 multicast packet sourced by the node.
This value applies to all the transport protocols on top of IPv6.
There are APIs to override the value, as documented in
.Xr ip6 4 .
.It Li ip6.forwarding
If set to 1, enables IPv6 forwarding for the node,
meaning that the node is acting as a router.
If set to 0, disables IPv6 forwarding for the node,
meaning that the node is acting as a host.
IPv6 specification defines node behavior for
.Dq router
case and
.Dq host
case quite differently, and changing this variable during operation
may cause serious trouble.
It is recommended to configure the variable at bootstrap time,
and bootstrap time only.
.It Li ip6.gifhlim
The maximum hop limit value for an IPv6 packet generated by
.Xr gif 4
tunnel interface.
.It Li ip6.hdrnestlimit
The number of IPv6 extension headers permitted on incoming IPv6 packets.
If set to 0, the node will accept as many extension headers as possible.
.It Li ip6.hlim
The default hop limit value for an IPv6 unicast packet sourced by the node.
This value applies to all the transport protocols on top of IPv6.
There are APIs to override the value, as documented in
.Xr ip6 4 .
.It Li ip6.kame_version
The string identifies the version of KAME IPv6 stack implemented in the kernel.
.It Li ip6.keepfaith
If set to non-zero, it enables
.Dq FAITH
TCP relay IPv6-to-IPv4 translator code in the kernel.
Refer
.Xr faith 4
and
.Xr faithd 8
for detail.
.It Li ip6.log_interval
The variable controls amount of logs generated by IPv6 packet
forwarding engine, by setting interval between log output
.Pq in seconds .
.It Li ip6.lowportmax
The highest port number to use for TCP and UDP reserved port allocation.
This cannot be set to less than 0 or greater than 1024, and must
be greater than
.Li ip6.lowportmin .
.It Li ip6.lowportmin
The lowest port number to use for TCP and UDP reserved port allocation.
This cannot be set to less than 0 or greater than 1024, and must
be smaller than
.Li ip6.lowportmax .
.It Li ip6.maxfragpackets
The maximum number of fragmented packets the node will accept.
0 means that the node will not accept any fragmented packets.
\-1 means that the node will accept as many fragmented packets as it receives.
The flag is provided basically for avoiding possible DoS attacks.
.It Li ip6.maxfrags
The maximum number of fragments the node will accept.
0 means that the node will not accept any fragments.
\-1 means that the node will accept as many fragments as it receives.
The flag is provided basically for avoiding possible DoS attacks.
.It Li ip6.redirect
If set to 1, ICMPv6 redirects may be sent by the node.
This option is ignored unless the node is routing IP packets,
and should normally be enabled on all systems.
.It Li ip6.rr_prune
The variable specifies interval between IPv6 router renumbering prefix
babysitting, in seconds.
.It Li ip6.use_deprecated
The variable controls use of deprecated address, specified in RFC 2462 5.5.4.
.It Li ip6.v6only
The variable specifies initial value for
.Dv IPV6_V6ONLY
socket option for
.Dv AF_INET6
socket.
Please refer to
.Xr ip6 4
for detail.
.It Li icmp6.errppslimit
The variable specifies the maximum number of outgoing ICMPv6 error messages,
per second.
ICMPv6 error messages that exceeded the value are subject to rate limitation
and will not go out from the node.
Negative value disables rate limitation.
.It Li icmp6.mtudisc_hiwat
.It Li icmp6.mtudisc_lowat
The variables define the maximum number of routing table entries,
created due to path MTU discovery
.Pq prevents denial-of-service attacks with ICMPv6 too big messages .
When IPv6 path MTU discovery happens, we keep path MTU information into
the routing table.
If the number of routing table entries exceed the value,
the kernel will not attempt to keep the path MTU information.
.Li icmp6.mtudisc_hiwat
is used when we have verified ICMPv6 too big messages.
.Li icmp6.mtudisc_lowat
is used when we have unverified ICMPv6 too big messages.
Verification is performed by using address/port pairs kept in connected pcbs.
Negative value disables the upper limit.
.It Li icmp6.nd6_debug
If set to non-zero, kernel IPv6 neighbor discovery code will generate
debugging messages.
The debug outputs are useful to diagnose IPv6 interoperability issues.
The flag must be set to 0 for normal operation.
.It Li icmp6.nd6_delay
The variable specifies
.Dv DELAY_FIRST_PROBE_TIME
timing constant in IPv6 neighbor discovery specification
.Pq RFC 2461 ,
in seconds.
.It Li icmp6.nd6_maxnudhint
IPv6 neighbor discovery permits upper layer protocols to supply reachability
hints, to avoid unnecessary neighbor discovery exchanges.
The variable defines the number of consecutive hints the neighbor discovery
layer will take.
For example, by setting the variable to 3, neighbor discovery layer
will take 3 consecutive hints in maximum.
After receiving 3 hints, neighbor discovery layer will perform
normal neighbor discovery process.
.It Li icmp6.nd6_mmaxtries
The variable specifies
.Dv MAX_MULTICAST_SOLICIT
constant in IPv6 neighbor discovery specification
.Pq RFC 2461 .
.It Li icmp6.nd6_prune
The variable specifies interval between IPv6 neighbor cache babysitting,
in seconds.
.It Li icmp6.nd6_umaxtries
The variable specifies
.Dv MAX_UNICAST_SOLICIT
constant in IPv6 neighbor discovery specification
.Pq RFC 2461 .
.It Li icmp6.nd6_useloopback
If set to non-zero, kernel IPv6 stack will use loopback interface for
local traffic.
.It Li icmp6.nodeinfo
The variable enables responses to ICMPv6 node information queries.
If you set the variable to 0, responses will not be generated for
ICMPv6 node information queries.
Since node information queries can have a security impact, it is
possible to fine tune which responses should be answered.
Two separate bits can be set.
.Bl -tag -width "12345"
.It 1
Respond to ICMPv6 FQDN queries, e.g.
.Li ping6 -w .
.It 2
Respond to ICMPv6 node addresses queries, e.g.
.Li ping6 -a .
.El
.It Li icmp6.rediraccept
If set to non-zero, the host will accept ICMPv6 redirect packets.
Note that IPv6 routers will never accept ICMPv6 redirect packets,
and the variable is meaningful on IPv6 hosts
.Pq non-router
only.
.It Li icmp6.redirtimeout
The variable specifies lifetime of routing entries generated by incoming
ICMPv6 redirect.
.It Li udp6.do_loopback_cksum
Perform UDP checksum on loopback.
.It Li udp6.recvspace
Default UDP receive buffer size.
.It Li udp6.sendspace
Default UDP send buffer size.
.El
.Pp
We reuse net.*.tcp for
.Tn TCP
over
.Tn IPv6 ,
and therefore we do not have variables net.*.tcp6.
Variables net.inet6.udp6 have identical meaning to net.inet.udp.
Please refer to
.Li PF_INET
section above.
For variables net.*.ipsec6, please refer to
.Xr ipsec 4 .
.It Li PF_KEY
Get or set various global information about the IPsec key management.
The third level name is the variable name.
The currently defined variable and names are:
.Bl -column "blockacq_lifetime" "integer" "yes" -offset indent
.It Sy Variable name Type Changeable
.It debug integer yes
.It spi_try integer yes
.It spi_min_value integer yes
.It spi_max_value integer yes
.It larval_lifetime integer yes
.It blockacq_count integer yes
.It blockacq_lifetime integer yes
.It esp_keymin integer yes
.It esp_auth integer yes
.It ah_keymin integer yes
.El
The variables are as follows:
.Bl -tag -width "123456"
.It Li debug
Turn on debugging message from within the kernel.
The value is a bitmap, as defined in
.Pa /usr/include/netkey/key_debug.h .
.It Li spi_try
The number of times the kernel will try to obtain an unique SPI
when it generates it from random number generator.
.It Li spi_min_value
Minimum SPI value when generating it within the kernel.
.It Li spi_max_value
Maximum SPI value when generating it within the kernel.
.It Li larval_lifetime
Lifetime for LARVAL SAD entries, in seconds.
.It Li blockacq_count
Number of ACQUIRE PF_KEY messages to be blocked after an ACQUIRE message.
It avoids flood of ACQUIRE PF_KEY from being sent from the kernel to the
key management daemon.
.It Li blockacq_lifetime
Lifetime of ACQUIRE PF_KEY message.
.It Li esp_keymin
Minimum ESP key length, in bits.
The value is used when the kernel creates proposal payload
on ACQUIRE PF_KEY message.
.It Li esp_auth
Whether ESP authentication should be used or not.
Non-zero value indicates that ESP authentication should be used.
The value is used when the kernel creates proposal payload
on ACQUIRE PF_KEY message.
.It Li ah_keymin
Minimum AH key length, in bits,
The value is used when the kernel creates proposal payload
on ACQUIRE PF_KEY message.
.El
.El
.Sh CTL_PROC
The string and integer information available for the CTL_PROC
is detailed below.
The changeable column shows whether a process with appropriate
privilege may change the value.
These values are per-process,
and as such may change from one process to another.
When a process is created,
the default values are inherited from its parent.
When a set-user-ID or set-group-ID binary is executed, the
value of PROC_PID_CORENAME is reset to the system default value.
The second level name is either the magic value PROC_CURPROC, which
points to the current process, or the PID of the target process.
.Bl -column "USER_COLL_WEIGHTS_MAXXXX" "integerXXX" "yes" -offset indent
.It Sy Third level name Type Changeable
.It PROC\_PID\_CORENAME string yes
.It PROC\_PID\_LIMIT node not applicable
.It PROC\_PID\_STOPFORK int yes
.It PROC\_PID\_STOPEXEC int yes
.It PROC\_PID\_STOPEXIT int yes
.El
.Bl -tag -width "123456"
.Pp
.It Li PROC_PID_CORENAME
The template used for the core dump file name (see
.Xr core 5
for details).
The base name must either be
.Nm core
or end with the suffix ``.core'' (the super-user may set arbitrary names).
By default it points to KERN_DEFCORENAME.
.It Li PROC_PID_LIMIT
Return resources limits, as defined for the
.Xr getrlimit 2
and
.Xr setrlimit 2
system calls.
The fourth level name is one of:
.Bl -tag -width PROC_PID_LIMIT_MEMLOCKAA
.It Li PROC_PID_LIMIT_CPU
The maximum amount of CPU time (in seconds) to be used by each process.
.It Li PROC_PID_LIMIT_FSIZE
The largest size (in bytes) file that may be created.
.It Li PROC_PID_LIMIT_DATA
The maximum size (in bytes) of the data segment for a process;
this defines how far a program may extend its break with the
.Xr sbrk 2
system call.
.It Li PROC_PID_LIMIT_STACK
The maximum size (in bytes) of the stack segment for a process;
this defines how far a program's stack segment may be extended.
Stack extension is performed automatically by the system.
.It Li PROC_PID_LIMIT_CORE
The largest size (in bytes)
.Pa core
file that may be created.
.It Li PROC_PID_LIMIT_RSS
The maximum size (in bytes) to which a process's resident set size may
grow.
This imposes a limit on the amount of physical memory to be given to
a process; if memory is tight, the system will prefer to take memory
from processes that are exceeding their declared resident set size.
.It Li PROC_PID_LIMIT_MEMLOCK
The maximum size (in bytes) which a process may lock into memory
using the
.Xr mlock 2
function.
.It Li PROC_PID_LIMIT_NPROC
The maximum number of simultaneous processes for this user id.
.It Li PROC_PID_LIMIT_NOFILE
The maximum number of open files for this process.
.El
.Pp
The fifth level name is one of PROC_PID_LIMIT_TYPE_SOFT or
PROC_PID_LIMIT_TYPE_HARD, to select respectively the soft or hard limit.
Both are of type integer.
.It Li PROC_PID_STOPFORK
If non zero, the process' children will be stopped after
.Xr fork 2
calls.
The children is created in the SSTOP state and is never scheduled
for running before being stopped.
This feature helps attaching a process with a debugger such as
.Xr gdb 1
before it had the opportunity to actually do anything.
.Pp
This value is inherited by the process's children, and it also
apply to emulation specific system calls that fork a new process, such as
.Fn sproc
or
.Fn clone .
.It Li PROC_PID_STOPEXEC
If non zero, the process will be stopped on next
.Xr exec 3
call.
The process created by
.Xr exec 3
is created in the SSTOP state and is never scheduled for running
before being stopped.
This feature helps attaching a process with a debugger such as
.Xr gdb 1
before it had the opportunity to actually do anything.
.Pp
This value is inherited by the process's children.
.It Li PROC_PID_STOPEXIT
If non zero, the process will be stopped on when it has cause to exit,
either by way of calling
.Xr exit 3 ,
.Xr _exit 2 ,
or by the receipt of a specific signal.
The process is stopped before any of its resources or vm space is
released allowing examination of the termination state of a process
before it disappears.
This feature can be used to examine the final conditions of the
process's vmspace via
.Xr pmap 1
or its resource settings with
.Xr sysctl 8
before it disappears.
.Pp
This value is also inherited by the process's children.
.El
.Sh CTL_USER
The string and integer information available for the CTL_USER level
is detailed below.
The changeable column shows whether a process with appropriate
privilege may change the value.
.Bl -column "USER_COLL_WEIGHTS_MAXXXX" "integerXXX" -offset indent
.It Sy Second level name Type Changeable
.It USER\_BC\_BASE\_MAX integer no
.It USER\_BC\_DIM\_MAX integer no
.It USER\_BC\_SCALE\_MAX integer no
.It USER\_BC\_STRING\_MAX integer no
.It USER\_COLL\_WEIGHTS\_MAX integer no
.It USER\_CS\_PATH string no
.It USER\_EXPR\_NEST\_MAX integer no
.It USER\_LINE\_MAX integer no
.It USER\_POSIX2\_CHAR\_TERM integer no
.It USER\_POSIX2\_C\_BIND integer no
.It USER\_POSIX2\_C\_DEV integer no
.It USER\_POSIX2\_FORT\_DEV integer no
.It USER\_POSIX2\_FORT\_RUN integer no
.It USER\_POSIX2\_LOCALEDEF integer no
.It USER\_POSIX2\_SW\_DEV integer no
.It USER\_POSIX2\_UPE integer no
.It USER\_POSIX2\_VERSION integer no
.It USER\_RE\_DUP\_MAX integer no
.It USER\_STREAM\_MAX integer no
.It USER\_TZNAME\_MAX integer no
.It USER\_ATEXIT\_MAX integer no
.El
.Bl -tag -width "123456"
.Pp
.It Li USER_BC_BASE_MAX
The maximum ibase/obase values in the
.Xr bc 1
utility.
.It Li USER_BC_DIM_MAX
The maximum array size in the
.Xr bc 1
utility.
.It Li USER_BC_SCALE_MAX
The maximum scale value in the
.Xr bc 1
utility.
.It Li USER_BC_STRING_MAX
The maximum string length in the
.Xr bc 1
utility.
.It Li USER_COLL_WEIGHTS_MAX
The maximum number of weights that can be assigned to any entry of
the LC_COLLATE order keyword in the locale definition file.
.It Li USER_CS_PATH
Return a value for the
.Ev PATH
environment variable that finds all the standard utilities.
.It Li USER_EXPR_NEST_MAX
The maximum number of expressions that can be nested within
parenthesis by the
.Xr expr 1
utility.
.It Li USER_LINE_MAX
The maximum length in bytes of a text-processing utility's input
line.
.It Li USER_POSIX2_CHAR_TERM
Return 1 if the system supports at least one terminal type capable of
all operations described in POSIX 1003.2, otherwise 0.
.It Li USER_POSIX2_C_BIND
Return 1 if the system's C-language development facilities support the
C-Language Bindings Option, otherwise 0.
.It Li USER_POSIX2_C_DEV
Return 1 if the system supports the C-Language Development Utilities Option,
otherwise 0.
.It Li USER_POSIX2_FORT_DEV
Return 1 if the system supports the FORTRAN Development Utilities Option,
otherwise 0.
.It Li USER_POSIX2_FORT_RUN
Return 1 if the system supports the FORTRAN Runtime Utilities Option,
otherwise 0.
.It Li USER_POSIX2_LOCALEDEF
Return 1 if the system supports the creation of locales, otherwise 0.
.It Li USER_POSIX2_SW_DEV
Return 1 if the system supports the Software Development Utilities Option,
otherwise 0.
.It Li USER_POSIX2_UPE
Return 1 if the system supports the User Portability Utilities Option,
otherwise 0.
.It Li USER_POSIX2_VERSION
The version of POSIX 1003.2 with which the system attempts to comply.
.It Li USER_RE_DUP_MAX
The maximum number of repeated occurrences of a regular expression
permitted when using interval notation.
.ne 1i
.It Li USER_STREAM_MAX
The minimum maximum number of streams that a process may have open
at any one time.
.It Li USER_TZNAME_MAX
The minimum maximum number of types supported for the name of a
timezone.
.It Li USER_ATEXIT_MAX
The maximum number of functions that may be registered with
.Xr atexit 3 .
.El
.Sh CTL_VM
The string and integer information available for the CTL_VM level
is detailed below.
The changeable column shows whether a process with appropriate
privilege may change the value.
.Bl -column "Second level nameXXXXXX" "struct loadavgXXX" -offset indent
.It Sy Second level name Type Changeable
.It VM\_ANONMAX int yes
.It VM\_ANONMIN int yes
.It VM\_BUFCACHE int yes
.It VM\_BUFMEM int no
.It VM\_BUFMEM_HIWATER int yes
.It VM\_BUFMEM_LOWATER int yes
.It VM\_EXECMAX int yes
.It VM\_EXECMIN int yes
.It VM\_FILEMAX int yes
.It VM\_FILEMIN int yes
.It VM\_LOADAVG struct loadavg no
.It VM\_MAXSLP int no
.It VM\_METER struct vmtotal no
.It VM\_NKMEMPAGES int no
.It VM\_USPACE int no
.It VM\_UVMEXP struct uvmexp no
.It VM\_UVMEXP2 struct uvmexp_sysctl no
.El
.Pp
.Bl -tag -width "123456"
.It Li VM_ANONMAX
The percentage of physical memory which will be reclaimed
from other types of memory usage to store anonymous application data.
.It Li VM_ANONMIN
The percentage of physical memory which will be always be available for
anonymous application data.
.It Li VM_BUFCACHE
The percentage of kernel memory which will be available
for the buffer cache.
.It Li VM_BUFMEM
The amount of kernel memory that is being used by the buffer cache.
.It Li VM_BUFMEM_LOWATER
The minimum amount of kernel memory to reserve for the
buffer cache.
.It Li VM_BUFMEM_HIWATER
The maximum amount of kernel memory to be used for the
buffer cache.
.It Li VM_EXECMAX
The percentage of physical memory which will be reclaimed
from other types of memory usage to store cached executable data.
.It Li VM_EXECMIN
The percentage of physical memory which will be always be available for
cached executable data.
.It Li VM_FILEMAX
The percentage of physical memory which will be reclaimed
from other types of memory usage to store cached file data.
.It Li VM_FILEMIN
The percentage of physical memory which will be always be available for
cached file data.
.It Li VM_LOADAVG
Return the load average history.
The returned data consists of a
.Va struct loadavg .
.It Li VM_MAXSLP
The value of the maxslp kernel global variable.
.It Li VM_METER
Return system wide virtual memory statistics.
The returned data consists of a
.Va struct vmtotal .
.It Li VM_USPACE
The number of bytes allocated for each kernel stack.
.It Li VM_UVMEXP
Return system wide virtual memory statistics.
The returned data consists of a
.Va struct uvmexp .
.It Li VM_UVMEXP2
Return system wide virtual memory statistics.
The returned data consists of a
.Va struct uvmexp_sysctl .
.El
.Sh CTL_DDB
The integer information available for the CTL_DDB level is detailed below.
The changeable column shows whether a process with appropriate
privilege may change the value.
.Bl -column "DBCTL_TABSTOPSXXX" "integerXXX" -offset indent
.It Sy Second level name Type Changeable
.It DBCTL\_RADIX integer yes
.It DBCTL\_MAXOFF integer yes
.It DBCTL\_LINES integer yes
.It DBCTL\_TABSTOPS integer yes
.It DBCTL\_ONPANIC integer yes
.It DBCTL\_FROMCONSOLE integer yes
.El
.Pp
.Bl -tag -width "123456"
.It Li DBCTL_RADIX
The input and output radix.
.It Li DBCTL_MAXOFF
The maximum symbol offset.
.It Li DBCTL_LINES
Number of display lines.
.It Li DBCTL_TABSTOPS
Tab width.
.It Li DBCTL_ONPANIC
If non-zero, DDB will be entered when the kernel panics.
.It Li DBCTL_FROMCONSOLE
If not zero, DDB may be entered by sending a break on a serial
console or by a special key sequence on a graphics console.
.El
.Pp
These MIB nodes are also available as variables from within the DDB.
See
.Xr ddb 4
for more details.
.Sh CTL_SECURITY
The security level contains various security-related settings for
the system. Available settings are detailed below.
.Pp
.Bl -tag -width "123456"
.It Li security.curtain
If non-zero, will filter return objects according to the user-id
requesting information about them, preventing from users any
access to objects they don't own.
.Pp
At the moment, it affects
.Xr ps 1 ,
.Xr netstat 1
(for
.Dv PF_INET ,
.Dv PF_INET6 ,
and
.Dv PF_UNIX
PCBs), and
.Xr w 1 .
.It Li security.pax
Settings for PaX -- exploit mitigation features.
.Pp
.Bl -tag -width "123456"
.It Li security.pax.mprotect.enable
Enable PaX MPROTECT restrictions.
.Pp
These are
.Xr mprotect 2
restrictions to better enforce a W^X policy. The value of this
knob must be non-zero for PaX MPROTECT to be enabled, even if a
process is already marked with
.Em P_PAXMPROTECT .
.It Li security.pax.mprotect.global_protection
Specifies the default global policy for programs without an
explicit enable/disable flag.
.Pp
When non-zero, all programs will get the PaX MPROTECT restrictions,
except those exempted with
.Xr paxctl 1 .
Otherwise, all programs will not get the PaX MPROTECT restrictions,
except those specifically marked as such with
.Xr paxctl 1 .
.El
.El
.Sh CTL_VENDOR
The "vendor" toplevel name is reserved to be used by vendors who wish to
have their own private MIB tree.
Intended use is to store values under
.Dq vendor.\*[Lt]yourname\*[Gt].* .
.Sh DYNAMIC OPERATIONS
Several meta-identifiers are provided to perform operations on the
.Nm
tree itself, or support alternate means of accessing the data
instrumented by the
.Nm
tree.
.Bl -column CTLXCREATESYMXXX
.It Sy Name Description
.It CTL\_QUERY Retrieve a mapping of names to numbers below a given node
.It CTL\_CREATE Create a new node
.It CTL\_CREATESYM Create a new node by its kernel symbol
.It CTL\_DESTROY Destroy a node
.It CTL\_DESCRIBE Retrieve node descriptions
.El
.Pp
The core interface to all of these meta-functions is the structure
that the kernel uses to describe the tree internally, as defined in
.Aq Pa sys/sysctl.h
as:
.Pp
.Bd -literal
struct sysctlnode {
uint32_t sysctl_flags; /* flags and type */
int32_t sysctl_num; /* mib number */
char sysctl_name[SYSCTL_NAMELEN]; /* node name */
uint32_t sysctl_ver; /* node's version vs. rest of tree */
uint32_t __rsvd;
union {
struct {
uint32_t suc_csize; /* size of child node array */
uint32_t suc_clen; /* number of valid children */
struct sysctlnode* suc_child; /* array of child nodes */
} scu_child;
struct {
void *sud_data; /* pointer to external data */
size_t sud_offset; /* offset to data */
} scu_data;
int32_t scu_alias; /* node this node refers to */
int32_t scu_idata; /* immediate "int" data */
u_quad_t scu_qdata; /* immediate "u_quad_t" data */
} sysctl_un;
size_t _sysctl_size; /* size of instrumented data */
sysctlfn _sysctl_func; /* access helper function */
struct sysctlnode *sysctl_parent; /* parent of this node */
const char *sysctl_desc; /* description of node */
};
#define sysctl_csize sysctl_un.scu_child.suc_csize
#define sysctl_clen sysctl_un.scu_child.suc_clen
#define sysctl_child sysctl_un.scu_child.suc_child
#define sysctl_data sysctl_un.scu_data.sud_data
#define sysctl_offset sysctl_un.scu_data.sud_offset
#define sysctl_alias sysctl_un.scu_alias
#define sysctl_idata sysctl_un.scu_idata
#define sysctl_qdata sysctl_un.scu_qdata
.Ed
.Pp
Querying the tree to discover the name to number mapping permits
dynamic discovery of all the data that the tree currently has
instrumented.
For example, to discover all the nodes below the
CTL_VFS node:
.Pp
.Bd -literal -offset indent -compact
struct sysctlnode query, vfs[128];
int mib[2];
size_t len;
.sp
mib[0] = CTL_VFS;
mib[1] = CTL_QUERY;
memset(\*[Am]query, 0, sizeof(query));
query.sysctl_flags = SYSCTL_VERSION;
len = sizeof(vfs);
sysctl(mib, 2, \*[Am]vfs[0], \*[Am]len, \*[Am]query, sizeof(query));
.Ed
.Pp
Note that a reference to an empty node with
.Fa sysctl_flags
set to
.Dv SYSCTL_VERSION
is passed to sysctl in order to indicate the version that the program
is using.
All dynamic operations passing nodes into sysctl require that the
version be explicitly specified.
.Pp
Creation and destruction of nodes works by constructing part of a new
node description (or a description of the existing node) and invoking
CTL_CREATE (or CTL_CREATESYM) or CTL_DESTROY at the parent of the new
node, with a pointer to the new node passed via the
.Fa new
and
.Fa newlen
arguments.
If valid values for
.Fa old
and
.Fa oldlenp
are passed, a copy of the new node once in the tree will be returned.
If the create operation fails because a node with the same name or MIB
number exists, a copy of the conflicting node will be returned.
.Pp
The minimum requirements for creating a node are setting the
.Fa sysctl_flags
to indicate the new node's type,
.Fa sysctl_num
to either the new node's number (or CTL_CREATE or CTL_CREATESYM if a
dynamically allocated MIB number is acceptable),
.Fa sysctl_size
to the size of the data to be instrumented (which must agree with the
given type), and
.Fa sysctl_name
must be set to the new node's name.
Nodes that are not of type
.Dq node
must also have some description of the data to be instrumented, which
will vary depending on what is to be instrumented.
.Pp
If existing kernel data is to be covered by this new node, its address
should be given in
.Fa sysctl_data
or, if CTL_CREATESYM is used,
.Fa sysctl_data
should be set to a string containing its name from the kernel's symbol
table.
If new data is to be instrumented and an initial value is available,
the new integer or quad type data should be placed into either
.Fa sysctl_idata
or
.Fa sysctl_qdata ,
respectively, along with the SYSCTL_IMMEDIATE flag being set, or
.Fa sysctl_data
should be set to point to a copy of the new data, and the
SYSCTL_OWNDATA flag must be set.
This latter method is the only way that new string and struct type
nodes can be initialized.
Invalid kernel addresses are accepted, but any attempt to access those
nodes will return an error.
.Pp
The
.Fa sysctl_csize ,
.Fa sysctl_clen ,
.Fa sysctl_child ,
.Fa sysctl_parent ,
and
.Fa sysctl_alias
members are used by the kernel to link the tree together and must be
.Dv NULL
or 0.
Nodes created in this manner cannot have helper functions, so
.Fa sysctl_func
must also be
.Dv NULL .
If the
.Fa sysctl_ver
member is non-zero, it must match either the version of the parent or
the version at the root of the MIB or an error is returned.
This can be used to ensure that nodes are only added or removed from a
known state of the tree.
Note: It may not be possible to determine the version at the root
of the tree.
.Pp
This example creates a new subtree and adds a node to it that controls the
.Fa audiodebug
kernel variable, thereby making it tunable at at any time, without
needing to use
.Xr ddb 4
or
.Xr kvm 3
to alter the kernel's memory directly.
.Pp
.Bd -literal -offset indent -compact
struct sysctlnode node;
int mib[2];
size_t len;
.sp
mib[0] = CTL_CREATE; /* create at top-level */
len = sizeof(node);
memset(\*[Am]node, 0, len);
node.sysctl_flags = SYSCTL_VERSION|CTLFLAG_READWRITE|CTLTYPE_NODE;
snprintf(node.sysctl_name, sizeof(node.sysctl_name), "local");
node.sysctl_num = CTL_CREATE; /* request dynamic MIB number */
sysctl(\*[Am]mib[0], 1, \*[Am]node, \*[Am]len, \*[Am]node, len);
.sp
mib[0] = node.sysctl_num; /* use new MIB number */
mib[1] = CTL_CREATESYM; /* create at second level */
len = sizeof(node);
memset(\*[Am]node, 0, len);
node.sysctl_flags = SYSCTL_VERSION|CTLFLAG_READWRITE|CTLTYPE_INT;
snprintf(node.sysctl_name, sizeof(node.sysctl_name), "audiodebug");
node.sysctl_num = CTL_CREATE;
node.sysctl_data = "audiodebug"; /* kernel symbol to be used */
sysctl(\*[Am]mib[0], 2, NULL, NULL, \*[Am]node, len);
.Ed
.Pp
The process for deleting nodes is similar, but less data needs to
be supplied.
Only the
.Fa sysctl_num
field
needs to be filled in; almost all other fields must be left blank.
The
.Fa sysctl_name
and/or
.Fa sysctl_ver
fields can be filled in with the name and version of the existing node
as additional checks on what will be deleted.
If all the given data fail to match any node, nothing will be deleted.
If valid values for
.Fa old
and
.Fa oldlenp
are supplied and a node is deleted, a copy of what was in the MIB tree
will be returned.
.Pp
This sample code shows the deletion of the two nodes created in the
above example:
.Pp
.Bd -literal -offset indent -compact
int mib[2];
.sp
len = sizeof(node);
memset(\*[Am]node, 0, len);
node.sysctl_flags = SYSCTL_VERSION;
.sp
mib[0] = 3214; /* assumed number for "local" */
mib[1] = CTL_DESTROY;
node.sysctl_num = 3215; /* assumed number for "audiodebug" */
sysctl(\*[Am]mib[0], 2, NULL, NULL, \*[Am]node, len);
.sp
mib[0] = CTL_DESTROY;
node.sysctl_num = 3214; /* now deleting "local" */
sysctl(\*[Am]mib[0], 1, NULL, NULL, \*[Am]node, len);
.Ed
.Pp
Descriptions of each of the nodes can also be retrieved, if they are
available.
Descriptions can be retrieved in bulk at each level or on a per-node
basis.
The layout of the buffer into which the descriptions are returned is a
series of variable length structures, each of which describes its own
size.
The length indicated includes the terminating
.Sq nul
character.
Nodes that have no description or where the description is not
available are indicated by an empty string.
The
.Fa descr_ver
will match the
.Fa sysctl_ver
value for a given node, so that descriptions for nodes whose number
have been recycled can be detected and ignored or discarded.
.Pp
.Bd -literal
struct sysctldesc {
int32_t descr_num; /* mib number of node */
uint32_t descr_ver; /* version of node */
uint32_t descr_len; /* length of description string */
char descr_str[1]; /* not really 1...see above */
};
.Ed
.Pp
The
.Fn NEXT_DESCR
macro can be used to skip to the next description in the retrieved
list.
.Pp
.Bd -literal -offset indent -compact
struct sysctlnode desc;
struct sysctldesc *d;
char buf[1024];
int mib[2];
size_t len;
.sp
/* retrieve kern-level descriptions */
mib[0] = CTL_KERN;
mib[1] = CTL_DESCRIBE;
d = (struct sysctldesc *)\*[Am]buf[0];
len = sizeof(buf);
sysctl(mib, 2, d, \*[Am]len, NULL, 0);
while ((caddr_t)d \*[Lt] (caddr_t)\*[Am]buf[len]) {
printf("node %d: %.*s\\n", d-\*[Gt]descr_num, d-\*[Gt]descr_len,
d-\*[Gt]descr_str);
d = NEXT_DESCR(d);
}
.sp
/* retrieve description for kern.securelevel */
memset(\*[Am]desc, 0, sizeof(desc));
desc.sysctl_flags = SYSCTL_VERSION;
desc.sysctl_num = KERN_SECURELEVEL;
d = (struct sysctldesc *)\*[Am]buf[0];
len = sizeof(buf);
sysctl(mib, 2, d, \*[Am]len, \*[Am]desc, sizeof(desc));
printf("kern.securelevel: %.*s\\n", d-\*[Gt]descr_len, d-\*[Gt]descr_str);
.Ed
.Pp
Descriptions can also be set as follows, subject to the following rules:
.Pp
.Bl -bullet -compact
.It
The kernel securelevel is at zero or lower
.It
The caller has super-user privileges
.It
The node does not currently have a description
.It
The node is not marked as
.Dq permanent
.El
.Pp
.Bd -literal -offset indent -compact
struct sysctlnode desc;
int mib[2];
.sp
/* presuming the given top-level node was just added... */
mib[0] = 3214; /* mib numbers taken from previous examples */
mib[1] = CTL_DESCRIBE;
memset(\*[Am]desc, 0, sizeof(desc));
desc.sysctl_flags = SYSCTL_VERSION;
desc.sysctl_num = 3215;
desc.sysctl_desc = "audio debug control knob";
sysctl(mib, 2, NULL, NULL, \*[Am]desc, sizeof(desc));
.Ed
.Pp
Upon successfully setting a description, the new description will be
returned in the space indicated by the
.Fa oldp
and
.Fa oldlenp
arguments.
.Pp
The
.Fa sysctl_flags
field in the struct sysctlnode contains the sysctl version, node type
information, and a number of flags.
The macros
.Fn SYSCTL_VERS ,
.Fn SYSCTL_TYPE ,
and
.Fn SYSCTL_FLAGS
can be used to access the different fields.
Valid flags are:
.Bl -column CTLFLAGXPERMANENTXXX
.It Sy Name Description
.It CTLFLAG\_READONLY Node is read-only
.It CTLFLAG\_READONLY1 Node becomes read-only at securelevel 1
.It CTLFLAG\_READONLY2 Node becomes read-only at securelevel 2
.It CTLFLAG\_READWRITE Node is writable by the superuser
.It CTLFLAG\_ANYWRITE Node is writable by anyone
.It CTLFLAG\_PRIVATE Node is readable only by the superuser
.It CTLFLAG\_PERMANENT Node cannot be removed (cannot be set by
processes)
.It CTLFLAG\_OWNDATA Node owns data and does not instrument
existing data
.It CTLFLAG\_IMMEDIATE Node contains instrumented data and does not
instrument existing data
.It CTLFLAG\_HEX Node's contents should be displayed in a hexadecimal
form
.It CTLFLAG\_ROOT Node is the root of a tree (cannot be set at
any time)
.It CTLFLAG\_ANYNUMBER Node matches any MIB number (cannot be set by
processes)
.It CTLFLAG\_HIDDEN Node not displayed by default
.It CTLFLAG\_ALIAS Node refers to a sibling node (cannot be set
by processes)
.It CTLFLAG\_OWNDESC Node owns its own description string space
.El
.Sh RETURN VALUES
If the call to
.Nm
is successful, the number of bytes copied out is returned.
Otherwise \-1 is returned and
.Va errno
is set appropriately.
.Sh FILES
.Bl -tag -width \*[Lt]netinet6/udp6Xvar.h\*[Gt] -compact
.It Aq Pa sys/sysctl.h
definitions for top level identifiers, second level kernel and hardware
identifiers, and user level identifiers
.It Aq Pa sys/socket.h
definitions for second level network identifiers
.It Aq Pa sys/gmon.h
definitions for third level profiling identifiers
.It Aq Pa uvm/uvm_param.h
definitions for second level virtual memory identifiers
.It Aq Pa netinet/in.h
definitions for third level IPv4/v6 identifiers and
fourth level IPv4/v6 identifiers
.It Aq Pa netinet/icmp_var.h
definitions for fourth level ICMP identifiers
.It Aq Pa netinet/icmp6.h
definitions for fourth level ICMPv6 identifiers
.It Aq Pa netinet/tcp_var.h
definitions for fourth level TCP identifiers
.It Aq Pa netinet/udp_var.h
definitions for fourth level UDP identifiers
.It Aq Pa netinet6/udp6_var.h
definitions for fourth level IPv6 UDP identifiers
.It Aq Pa netinet6/ipsec.h
definitions for fourth level IPsec identifiers
.It Aq Pa netkey/key_var.h
definitions for third level PF_KEY identifiers
.It Aq Pa machine/cpu.h
definitions for second level machdep identifiers
.El
.Sh ERRORS
The following errors may be reported:
.Bl -tag -width Er
.It Bq Er EFAULT
The buffer
.Fa name ,
.Fa oldp ,
.Fa newp ,
or length pointer
.Fa oldlenp
contains an invalid address, or the requested value is temporarily
unavailable.
.It Bq Er EINVAL
The
.Fa name
array is zero or greater than CTL_MAXNAME.
.It Bq Er EINVAL
A non-null
.Fa newp
is given and its specified length in
.Fa newlen
is too large or too small, or the given value is not acceptable for
the given node.
.It Bq Er ENOMEM
The length pointed to by
.Fa oldlenp
is too short to hold the requested value.
.It Bq Er EISDIR
The
.Fa name
array specifies an intermediate rather than terminal name.
.It Bq Er ENOTDIR
The
.Fa name
array specifies a node below a node that addresses data.
.It Bq Er ENOENT
The
.Fa name
array specifies a node that does not exist in the tree.
.It Bq Er ENOENT
An attempt was made to destroy a node that does not exist, or to
create or destroy a node below a node that does not exist.
.It Bq Er ENOTEMPTY
An attempt was made to destroy a node that still has children.
.It Bq Er EOPNOTSUPP
The
.Fa name
array specifies a value that is unknown or a meta-operation was
attempted that the requested node does not support.
.It Bq Er EPERM
An attempt is made to set a read-only value.
.It Bq Er EPERM
A process without appropriate privilege attempts to set a value or to
create or destroy a node.
.It Bq Er EPERM
An attempt to change a value protected by the current kernel security
level is made.
.El
.Sh SEE ALSO
.Xr ipsec 4 ,
.Xr tcp 4 ,
.Xr sysctl 8
.\" .Xr sysctl 9
.Sh HISTORY
The
.Nm
function first appeared in
.Bx 4.4 .
Reference in New Issue View Git Blame Copy Permalink