2 .\" Copyright (c) 2006 Robert N. M. Watson
3 .\" All rights reserved.
5 .\" Redistribution and use in source and binary forms, with or without
6 .\" modification, are permitted provided that the following conditions
8 .\" 1. Redistributions of source code must retain the above copyright
9 .\" notice, this list of conditions and the following disclaimer.
10 .\" 2. Redistributions in binary form must reproduce the above copyright
11 .\" notice, this list of conditions and the following disclaimer in the
12 .\" documentation and/or other materials provided with the distribution.
14 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .Dd September 15, 2014
36 .Nm SYSCTL_ADD_OPAQUE ,
39 .Nm SYSCTL_ADD_ROOT_NODE ,
40 .Nm SYSCTL_ADD_STRING ,
41 .Nm SYSCTL_ADD_STRUCT ,
43 .Nm SYSCTL_ADD_ULONG ,
44 .Nm SYSCTL_ADD_UQUAD ,
46 .Nm SYSCTL_STATIC_CHILDREN ,
47 .Nm SYSCTL_NODE_CHILDREN ,
55 .Nm SYSCTL_ROOT_NODE ,
61 .Nd Dynamic and static sysctl MIB creation functions
66 .Ft struct sysctl_oid *
68 .Fa "struct sysctl_ctx_list *ctx"
69 .Fa "struct sysctl_oid_list *parent"
71 .Fa "const char *name"
75 .Fa "const char *descr"
77 .Ft struct sysctl_oid *
79 .Fa "struct sysctl_ctx_list *ctx"
80 .Fa "struct sysctl_oid_list *parent"
82 .Fa "const char *name"
86 .Fa "const char *descr"
88 .Ft struct sysctl_oid *
90 .Fa "struct sysctl_ctx_list *ctx"
91 .Fa "struct sysctl_oid_list *parent"
93 .Fa "const char *name"
95 .Fa "int (*handler)(SYSCTL_HANDLER_ARGS)"
96 .Fa "const char *descr"
98 .Ft struct sysctl_oid *
100 .Fa "struct sysctl_ctx_list *ctx"
101 .Fa "struct sysctl_oid_list *parent"
103 .Fa "const char *name"
107 .Fa "const char *format"
108 .Fa "const char *descr"
110 .Ft struct sysctl_oid *
112 .Fa "struct sysctl_ctx_list *ctx"
113 .Fa "struct sysctl_oid_list *parent"
115 .Fa "const char *name"
119 .Fa "int (*handler) (SYSCTL_HANDLERARGS)"
120 .Fa "const char *format"
121 .Fa "const char *descr"
123 .Ft struct sysctl_oid *
125 .Fa "struct sysctl_ctx_list *ctx"
126 .Fa "struct sysctl_oid_list *parent"
128 .Fa "const char *name"
132 .Fa "const char *descr"
134 .Ft struct sysctl_oid *
135 .Fo SYSCTL_ADD_ROOT_NODE
136 .Fa "struct sysctl_ctx_list *ctx"
138 .Fa "const char *name"
140 .Fa "int (*handler)(SYSCTL_HANDLER_ARGS)"
141 .Fa "const char *descr"
143 .Ft struct sysctl_oid *
144 .Fo SYSCTL_ADD_STRING
145 .Fa "struct sysctl_ctx_list *ctx"
146 .Fa "struct sysctl_oid_list *parent"
148 .Fa "const char *name"
152 .Fa "const char *descr"
154 .Ft struct sysctl_oid *
155 .Fo SYSCTL_ADD_STRUCT
156 .Fa "struct sysctl_ctx_list *ctx"
157 .Fa "struct sysctl_oid_list *parent"
159 .Fa "const char *name"
163 .Fa "const char *descr"
165 .Ft struct sysctl_oid *
167 .Fa "struct sysctl_ctx_list *ctx"
168 .Fa "struct sysctl_oid_list *parent"
170 .Fa "const char *name"
172 .Fa "unsigned int *ptr"
174 .Fa "const char *descr"
176 .Ft struct sysctl_oid *
178 .Fa "struct sysctl_ctx_list *ctx"
179 .Fa "struct sysctl_oid_list *parent"
181 .Fa "const char *name"
183 .Fa "unsigned long *ptr"
185 .Fa "const char *descr"
187 .Ft struct sysctl_oid *
189 .Fa "struct sysctl_ctx_list *ctx"
190 .Fa "struct sysctl_oid_list *parent"
192 .Fa "const char *name"
196 .Fa "const char *descr"
198 .Ft struct sysctl_oid_list *
200 .Fa "struct sysctl_oid *oidp"
202 .Ft struct sysctl_oid_list *
203 .Fo SYSCTL_STATIC_CHILDREN
204 .Fa "struct sysctl_oid_list OID_NAME"
206 .Ft struct sysctl_oid_list *
207 .Fo SYSCTL_NODE_CHILDREN
211 .Ft struct sysctl_oid *
213 .Fa "struct sysctl_oid *oid"
215 .Fn SYSCTL_INT parent number name ctlflags ptr val descr
216 .Fn SYSCTL_LONG parent number name ctlflags ptr val descr
217 .Fn SYSCTL_NODE parent number name ctlflags handler descr
218 .Fn SYSCTL_OPAQUE parent number name ctlflags ptr len format descr
219 .Fn SYSCTL_PROC parent number name ctlflags arg1 arg2 handler format descr
220 .Fn SYSCTL_QUAD parent number name ctlflags ptr val descr
221 .Fn SYSCTL_STRING parent number name ctlflags arg len descr
222 .Fn SYSCTL_STRUCT parent number name ctlflags ptr struct_type descr
223 .Fn SYSCTL_ROOT_NODE number name ctlflags handler descr
224 .Fn SYSCTL_UINT parent number name ctlflags ptr val descr
225 .Fn SYSCTL_ULONG parent number name ctlflags ptr val descr
226 .Fn SYSCTL_UQUAD parent number name ctlflags ptr val descr
230 kernel interface allows dynamic or static creation of
233 All static sysctls are automatically destroyed when the module which
234 they are part of is unloaded.
235 Most top level categories are created statically and are available to
236 all kernel code and its modules.
237 .Sh DESCRIPTION OF ARGUMENTS
238 .Bl -tag -width ctlflags
240 Pointer to sysctl context or NULL, if no context.
242 .Xr sysctl_ctx_init 9
243 for how to create a new sysctl context.
244 Programmers are strongly advised to use contexts to organize the
245 dynamic OIDs which they create because when a context is destroyed all
246 belonging sysctls are destroyed as well.
247 This makes the sysctl cleanup code much simpler.
248 Else deletion of all created OIDs is required at module unload.
251 .Li struct sysctl_oid_list ,
252 which is the head of the parent's list of children.
253 This pointer is retrieved using the
254 .Fn SYSCTL_STATIC_CHILDREN
255 macro for static sysctls and the
257 macro for dynamic sysctls.
260 macro can be used to get the parent of an OID.
261 The macro returns NULL if there is no parent.
263 The OID number that will be assigned to this OID.
264 In almost all cases this should be set to
266 which will result in the assignment of the next available OID number.
269 The newly created OID will contain a copy of the name.
271 A bit mask of sysctl control flags.
272 See the section below describing all the control flags.
274 First callback argument for procedure sysctls.
276 Second callback argument for procedure sysctls.
278 The length of the data pointed to by the
281 For string type OIDs a length of zero means that
283 will be used to get the length of the string at each access to the OID.
285 Pointer to sysctl variable or string data.
286 For sysctl values the pointer can be NULL which means the OID is read-only and the returned value should be taken from the
292 argument is NULL, gives the constant value returned by this OID.
293 Else this argument is not used.
295 Name of structure type.
297 A pointer to the function
298 that is responsible for handling read and write requests
300 There are several standard handlers
301 that support operations on nodes,
302 integers, strings and opaque objects.
303 It is possible to define custom handlers using the
309 A pointer to a string
310 which specifies the format of the OID in a symbolic way.
311 This format is used as a hint by
313 to apply proper data formatting for display purposes.
314 Currently used format names are:
331 .Li "unsigned long" ,
344 A pointer to a textual description of the OID.
346 .Sh CREATING ROOT NODES
347 Sysctl MIBs or OIDs are created in a hierarchical tree.
348 The nodes at the bottom of the tree are called root nodes, and have no
350 To create bottom tree nodes the
353 .Fn SYSCTL_ADD_ROOT_NODE
354 function needs to be used.
355 By default all static sysctl node OIDs are global and need a
357 statement prior to their
359 definition statement, typically in a so-called header file.
360 .Sh CREATING SYSCTL STRINGS
361 Zero terminated character strings sysctls are created either using the
364 .Fn SYSCTL_ADD_STRING
368 argument in zero, the string length is computed at every access to the OID using
370 .Sh CREATING OPAQUE SYSCTLS
376 .Fn SYSCTL_ADD_OPAQUE
378 .Fn SYSCTL_ADD_STRUCT
379 functions create an OID that handle any chunk of data
380 of the size specified by the
382 argument and data pointed to by the
385 When using the structure version the type is encoded as part of the
387 .Sh CREATING CUSTOM SYSCTLS
393 create OIDs with the specified
396 The handler is responsible for handling all read and write requests to
398 This OID type is especially useful if the kernel data is not easily
399 accessible, or needs to be processed before exporting.
400 .Sh CREATING A STATIC SYSCTL
401 Static sysctls are declared using one of the
408 .Fn SYSCTL_ROOT_NODE ,
416 .Sh CREATING A DYNAMIC SYSCTL
417 Dynamic nodes are created using one of the
419 .Fn SYSCTL_ADD_LONG ,
420 .Fn SYSCTL_ADD_NODE ,
421 .Fn SYSCTL_ADD_OPAQUE ,
422 .Fn SYSCTL_ADD_PROC ,
423 .Fn SYSCTL_ADD_QUAD ,
424 .Fn SYSCTL_ADD_ROOT_NODE ,
425 .Fn SYSCTL_ADD_STRING ,
426 .Fn SYSCTL_ADD_STRUCT ,
427 .Fn SYSCTL_ADD_UINT ,
433 .Xr sysctl_remove_oid 9
435 .Xr sysctl_ctx_free 9
436 for more information on how to destroy a dynamically created OID.
438 For most of the above functions and macros, declaring a type as part
439 of the access flags is not necessary \[em] however, when declaring a
440 sysctl implemented by a function, including a type in the access mask
442 .Bl -tag -width ".Dv CTLTYPE_NOFETCH"
444 This is a node intended to be a parent for other nodes.
446 This is a signed integer.
447 .It Dv CTLTYPE_STRING
448 This is a nul-terminated string stored in a character array.
450 This is a 64-bit signed integer.
451 .It Dv CTLTYPE_OPAQUE
452 This is an opaque data structure.
453 .It Dv CTLTYPE_STRUCT
457 This is an unsigned integer.
459 This is a signed long.
461 This is an unsigned long.
463 This is a 64-bit unsigned integer.
466 All sysctl types except for new node declarations require one of the following
467 flags to be set indicating the read and write disposition of the sysctl:
468 .Bl -tag -width ".Dv CTLFLAG_ANYBODY"
470 This is a read-only sysctl.
472 This is a read-only sysctl and tunable which is tried fetched once
473 from the system enviroment early during module load or system boot.
475 This is a writable sysctl.
477 This sysctl is readable and writable.
479 This is a readable and writeable sysctl and tunable which is tried
480 fetched once from the system enviroment early during module load or
482 .It Dv CTLFLAG_NOFETCH
483 In case the node is marked as a tunable using the CTLFLAG_[XX]TUN,
484 this flag will prevent fetching the initial value from the system
485 environment. Typically this flag should only be used for very early
486 low level system setup code, and not by common drivers and modules.
489 Additionally, any of the following optional flags may also be specified:
490 .Bl -tag -width ".Dv CTLFLAG_ANYBODY"
491 .It Dv CTLFLAG_ANYBODY
492 Any user or process can write to this sysctl.
493 .It Dv CTLFLAG_SECURE
494 This sysctl can be written to only if the effective securelevel of the
496 .It Dv CTLFLAG_PRISON
497 This sysctl can be written to by processes in
500 When iterating the sysctl name space, do not list this sysctl.
502 Advisory flag that a system tunable also exists for this variable.
503 The initial sysctl value is tried fetched once from the system
504 enviroment early during module load or system boot.
506 Dynamically created OIDs automatically get this flag set.
508 OID references a VIMAGE-enabled variable.
515 sysctl tree for use by new nodes:
516 .Bd -literal -offset indent
517 SYSCTL_DECL(_security);
520 Examples of integer, opaque, string, and procedure sysctls follow:
521 .Bd -literal -offset indent
523 * Example of a constant integer value. Notice that the control
524 * flags are CTLFLAG_RD, the variable pointer is NULL, and the
527 SYSCTL_INT(_debug_sizeof, OID_AUTO, bio, CTLFLAG_RD, NULL,
528 sizeof(struct bio), "sizeof(struct bio)");
531 * Example of a variable integer value. Notice that the control
532 * flags are CTLFLAG_RW, the variable pointer is set, and the
535 static int doingcache = 1; /* 1 => enable the cache */
536 SYSCTL_INT(_debug, OID_AUTO, vfscache, CTLFLAG_RW, &doingcache, 0,
537 "Enable name cache");
540 * Example of a variable string value. Notice that the control
541 * flags are CTLFLAG_RW, that the variable pointer and string
542 * size are set. Unlike newer sysctls, this older sysctl uses a
545 char kernelname[MAXPATHLEN] = "/kernel"; /* XXX bloat */
546 SYSCTL_STRING(_kern, KERN_BOOTFILE, bootfile, CTLFLAG_RW,
547 kernelname, sizeof(kernelname), "Name of kernel file booted");
550 * Example of an opaque data type exported by sysctl. Notice that
551 * the variable pointer and size are provided, as well as a format
552 * string for sysctl(8).
554 static l_fp pps_freq; /* scaled frequence offset (ns/s) */
555 SYSCTL_OPAQUE(_kern_ntp_pll, OID_AUTO, pps_freq, CTLFLAG_RD,
556 &pps_freq, sizeof(pps_freq), "I", "");
559 * Example of a procedure based sysctl exporting string
560 * information. Notice that the data type is declared, the NULL
561 * variable pointer and 0 size, the function pointer, and the
562 * format string for sysctl(8).
564 SYSCTL_PROC(_kern_timecounter, OID_AUTO, hardware, CTLTYPE_STRING |
565 CTLFLAG_RW, NULL, 0, sysctl_kern_timecounter_hardware, "A",
569 The following is an example of
570 how to create a new top-level category
571 and how to hook up another subtree to an existing static node.
572 This example does not use contexts,
573 which results in tedious management of all intermediate oids,
574 as they need to be freed later on:
575 .Bd -literal -offset indent
576 #include <sys/sysctl.h>
579 * Need to preserve pointers to newly created subtrees,
580 * to be able to free them later:
582 static struct sysctl_oid *root1;
583 static struct sysctl_oid *root2;
584 static struct sysctl_oid *oidp;
586 static char *string = "dynamic sysctl";
589 root1 = SYSCTL_ADD_ROOT_NODE(NULL,
590 OID_AUTO, "newtree", CTLFLAG_RW, 0, "new top level tree");
591 oidp = SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(root1),
592 OID_AUTO, "newint", CTLFLAG_RW, &a_int, 0, "new int leaf");
594 root2 = SYSCTL_ADD_NODE(NULL, SYSCTL_STATIC_CHILDREN(_debug),
595 OID_AUTO, "newtree", CTLFLAG_RW, 0, "new tree under debug");
596 oidp = SYSCTL_ADD_STRING(NULL, SYSCTL_CHILDREN(root2),
597 OID_AUTO, "newstring", CTLFLAG_RD, string, 0, "new string leaf");
600 This example creates the following subtrees:
601 .Bd -literal -offset indent
602 debug.newtree.newstring
606 .Em "Care should be taken to free all OIDs once they are no longer needed!"
608 When adding, modifying, or removing sysctl names, it is important to be
609 aware that these interfaces may be used by users, libraries, applications,
610 or documentation (such as published books), and are implicitly published application interfaces.
611 As with other application interfaces, caution must be taken not to break
612 existing applications, and to think about future use of new name spaces so as
613 to avoid the need to rename or remove interfaces that might be depended on in
616 The semantics chosen for a new sysctl should be as clear as possible,
617 and the name of the sysctl must closely reflect its semantics.
618 Therefore the sysctl name deserves a fair amount of consideration.
619 It should be short but yet representative of the sysctl meaning.
620 If the name consists of several words, they should be separated by
621 underscore characters, as in
622 .Va compute_summary_at_mount .
623 Underscore characters may be omitted only if the name consists of not more
624 than two words, each being not longer than four characters, as in
626 For boolean sysctls, negative logic should be totally avoided.
627 That is, do not use names like
631 They are confusing and lead to configuration errors.
632 Use positive logic instead:
636 A temporary sysctl node OID that should not be relied upon must be designated
637 as such by a leading underscore character in its name. For example:
642 .Xr sysctl_add_oid 9 ,
643 .Xr sysctl_ctx_free 9 ,
644 .Xr sysctl_ctx_init 9 ,
645 .Xr sysctl_remove_oid 9
649 utility first appeared in
655 implementation originally found in
657 has been extensively rewritten by
658 .An Poul-Henning Kamp
659 in order to add support for name lookups, name space iteration, and dynamic
660 addition of MIB nodes.
662 This man page was written by
663 .An Robert N. M. Watson .
664 .Sh SECURITY CONSIDERATIONS
665 When creating new sysctls, careful attention should be paid to the security
666 implications of the monitoring or management interface being created.
667 Most sysctls present in the kernel are read-only or writable only by the
669 Sysctls exporting extensive information on system data structures and
670 operation, especially those implemented using procedures, will wish to
671 implement access control to limit the undesired exposure of information about
672 other processes, network connections, etc.
674 The following top level sysctl name spaces are commonly used:
675 .Bl -tag -width ".Va regression"
677 Compatibility layer information.
679 Debugging information.
680 Various name spaces exist under
683 Hardware and device driver information.
685 Kernel behavior tuning; generally deprecated in favor of more specific
688 Machine-dependent configuration parameters.
691 Various protocols have name spaces under
694 Regression test configuration and information.
696 Security and security-policy configuration and information.
698 Reserved name space for the implementation of sysctl.
700 Configuration settings relating to user application behavior.
701 Generally, configuring applications using kernel sysctls is discouraged.
703 Virtual file system configuration and information.
705 Virtual memory subsystem configuration and information.