DTrace in a zone should see "cpu", "curpsinfo", et al
Users in zones cannot have the dtrace_kernel privilege, and thus cannot presently gain access to potentially interesting members of the DTrace variables curpsinfo, curlwpsinfo and curcpu.
Users with only dtrace_proc (and thus users in appropriately configured non-global zones) should be able to read any members of these variables that do not represent privilege escalation. This change enables that behaviour by allowing loads from restricted ranges within the current thread's proc_t, cred_t, etc.
commit 557678d88bab59034685d166fa3f1337176cfce3 Author: Bryan Cantrill <firstname.lastname@example.org> Date: Thu May 31 08:16:34 2012 +0000 OS-430 dtrace in a zone can't see "cpu" OS-535 want curpsinfo->pr_dmodel inside zones
Updated by Electric Monk about 6 years ago
Author: Bryan Cantrill <email@example.com> 2915 DTrace in a zone should see "cpu", "curpsinfo", et al 2916 DTrace in a zone should be able to access fds 2917 DTrace in a zone should have limited provider access Reviewed by: Joshua M. Clulow <firstname.lastname@example.org> Reviewed by: Adam Leventhal <email@example.com> Approved by: Gordon Ross <firstname.lastname@example.org>