Section 5.5.10. Enhancements to proc(4) and Core Dumps | Solaris Internals: Solaris 10 and OpenSolaris Kernel Architecture (2nd Edition)

5.5.10. Enhancements to `proc(4)` and Core Dumps

The process privileges and flags are made visible as a new entry in the /proc/ <pid> directory, priv. A new utility, ppriv(1) examines and sets process privileges. The same information is made available in the ELF note section of core dumps. Additionally, core dumps contain the annotated information returned by getprivimplinfo(3c) in order to allow ppriv(1) and debuggers to interpret the privilege set information included in core dumps.

Two new ELF notes are introduced, NT_PRPRIV and NT_PRPRIVINFO, and gcore(1) and the kernel are enhanced to add these notes to core dumps. This allows ppriv and other utilities to show the appropriate number of properly sized sets and to correctly map the bits in the bit sets to privilege names. Private interfaces in libc allow libproc to leverage the libc privilege set conversion routines for core dumps. The data structure used for PCSPRI V is another example of a self-describing data structure; the header expresses some fixed quantities from which the header size can be derived and the size of the multiple instances of priv information that can follow it.

#define PCSPRIV 29L /* set process privileges from prpriv_t argument */ /*  * Process privileges.  PCSPRIV and /proc/<pid>/priv  */ typedef struct prpriv {         uint32_t        pr_nsets;               /* number of privilege set */         uint32_t        pr_setsize;             /* size of privilege set */         uint32_t        pr_infosize;            /* size of supplementary data */         priv_chunk_t    pr_sets[1];             /* array of sets */ } prpriv_t;

Since standards dictate that we cannot change error codes returned in errno, those codes remain the same. But the lwpstatus t structure defined in <sys/ procfs.h>, which is used by truss(1) to report system call return values, can be extended. We added a pr_errpriv field in place of one of the filler fields. It is set to PRIV_NONE if there are no missing privileges, to the missing privilege if there is only one, to PRIV_ALL when all privileges are required, or to PRIV_MULTIPLE when more than one privilege is required.