From owner-dev-commits-src-all@freebsd.org  Wed Sep  1 20:59:48 2021
Return-Path: <owner-dev-commits-src-all@freebsd.org>
Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9C638671CC5;
 Wed,  1 Sep 2021 20:59:48 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4H0Gdw41XVz3t9G;
 Wed,  1 Sep 2021 20:59:48 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6E0413FBE;
 Wed,  1 Sep 2021 20:59:48 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 181KxmY8047558;
 Wed, 1 Sep 2021 20:59:48 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 181KxmMN047557;
 Wed, 1 Sep 2021 20:59:48 GMT (envelope-from git)
Date: Wed, 1 Sep 2021 20:59:48 GMT
Message-Id: <202109012059.181KxmMN047557@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-main@FreeBSD.org
From: Brooks Davis <brooks@FreeBSD.org>
Subject: git: 6945df3fff57 - main - makesyscalls.lua: add a CAPENABLED flag
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: brooks
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 6945df3fff57a9606f8c8a4e3865def3a0e915e7
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-all@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commit messages for all branches of the src repository
 <dev-commits-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-all/>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Help: <mailto:dev-commits-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Sep 2021 20:59:48 -0000

The branch main has been updated by brooks:

URL: https://cgit.FreeBSD.org/src/commit/?id=6945df3fff57a9606f8c8a4e3865def3a0e915e7

commit 6945df3fff57a9606f8c8a4e3865def3a0e915e7
Author:     Brooks Davis <brooks@FreeBSD.org>
AuthorDate: 2021-09-01 20:54:38 +0000
Commit:     Brooks Davis <brooks@FreeBSD.org>
CommitDate: 2021-09-01 20:58:06 +0000

    makesyscalls.lua: add a CAPENABLED flag
    
    The CAPENABLED flag indicates that the syscall can be used in capsicum
    capability mode.  It is intended to replace capabilities.conf.
    
    Reviewed by:    kevans, emaste
    MFC after:      1 week
    Sponsored by:   DARPA
    Differential Revision:  https://reviews.freebsd.org/D31349
---
 sys/kern/syscalls.master   | 2 ++
 sys/tools/makesyscalls.lua | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/sys/kern/syscalls.master b/sys/kern/syscalls.master
index 11247aed8fd6..6cc462a206c9 100644
--- a/sys/kern/syscalls.master
+++ b/sys/kern/syscalls.master
@@ -17,6 +17,7 @@
 ;		COMPAT7, COMPAT11, COMPAT12, NODEF, NOARGS, NOPROTO, NOSTD
 ;		The COMPAT* options may be combined with one or more NO*
 ;		options separated by '|' with no spaces (e.g. COMPAT|NOARGS)
+;		The CAPENABLED option may be ORed into a type.
 ;	name	pseudo-prototype of syscall routine
 ;		If one of the following alts is different, then all appear:
 ;	altname	name of system call if different
@@ -47,6 +48,7 @@
 ;		function prototype in sys/sysproto.h.  Does add a
 ;		definition to syscall.h besides adding a sysent.
 ;	NOTSTATIC syscall is loadable
+;	CAPENABLED syscall is allowed in capability mode
 
 ; annotations:
 ;	SAL 2.0 annotations are used to specify how system calls treat
diff --git a/sys/tools/makesyscalls.lua b/sys/tools/makesyscalls.lua
index dab8e0e01f82..55fb8de63526 100644
--- a/sys/tools/makesyscalls.lua
+++ b/sys/tools/makesyscalls.lua
@@ -151,6 +151,7 @@ local known_flags = {
 	NOPROTO		= 0x00000040,
 	NOSTD		= 0x00000080,
 	NOTSTATIC	= 0x00000100,
+	CAPENABLED	= 0x00000200,
 
 	-- Compat flags start from here.  We have plenty of space.
 }
@@ -1059,7 +1060,8 @@ process_syscall_def = function(line)
 	-- If applicable; strip the ABI prefix from the name
 	local stripped_name = strip_abi_prefix(funcname)
 
-	if config["capenabled"][funcname] ~= nil or
+	if flags & known_flags['CAPENABLED'] ~= 0 or
+	    config["capenabled"][funcname] ~= nil or
 	    config["capenabled"][stripped_name] ~= nil then
 		sysflags = "SYF_CAPENABLED"
 	end