From owner-svn-src-all@freebsd.org  Wed Aug 28 07:53:11 2019
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D9F77D45CE;
 Wed, 28 Aug 2019 07:53:11 +0000 (UTC)
 (envelope-from brooks@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 46JHzW5BpKz3Nyd;
 Wed, 28 Aug 2019 07:53:11 +0000 (UTC)
 (envelope-from brooks@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9374942FD;
 Wed, 28 Aug 2019 07:53:11 +0000 (UTC)
 (envelope-from brooks@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x7S7rBg9024836;
 Wed, 28 Aug 2019 07:53:11 GMT (envelope-from brooks@FreeBSD.org)
Received: (from brooks@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x7S7rB29024833;
 Wed, 28 Aug 2019 07:53:11 GMT (envelope-from brooks@FreeBSD.org)
Message-Id: <201908280753.x7S7rB29024833@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: brooks set sender to
 brooks@FreeBSD.org using -f
From: Brooks Davis <brooks@FreeBSD.org>
Date: Wed, 28 Aug 2019 07:53:11 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org
Subject: svn commit: r351566 - in stable/12/sys: compat/freebsd32 kern
X-SVN-Group: stable-12
X-SVN-Commit-Author: brooks
X-SVN-Commit-Paths: in stable/12/sys: compat/freebsd32 kern
X-SVN-Commit-Revision: 351566
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Aug 2019 07:53:11 -0000

Author: brooks
Date: Wed Aug 28 07:53:10 2019
New Revision: 351566
URL: https://svnweb.freebsd.org/changeset/base/351566

Log:
  MFC r340424:
  
  Use the main capabilities.conf for freebsd32.
  
  Allow the location of capabilities.conf to be configured.
  
  Also allow a per-abi syscall prefix to be configured with the
  abi_func_prefix syscalls.conf variable and check syscalls against
  entries in capabilities.conf with and without the prefix amended.
  
  Take advantage of these two features to allow use shared
  capabilities.conf
  between the default syscall vector and the freebsd32 compatability
  layer.  We've been inconsistent about keeping the two in sync as
  evidenced by the bugs fixed in r340294.  This eliminates that problem
  going forward.
  
  Reviewed by:	kib
  Obtained from:	CheriBSD
  Sponsored by:	DARPA, AFRL
  Differential Revision:	https://reviews.freebsd.org/D17932

Deleted:
  stable/12/sys/compat/freebsd32/capabilities.conf
Modified:
  stable/12/sys/compat/freebsd32/Makefile
  stable/12/sys/compat/freebsd32/syscalls.conf
  stable/12/sys/kern/makesyscalls.sh
Directory Properties:
  stable/12/   (props changed)

Modified: stable/12/sys/compat/freebsd32/Makefile
==============================================================================
--- stable/12/sys/compat/freebsd32/Makefile	Wed Aug 28 07:43:31 2019	(r351565)
+++ stable/12/sys/compat/freebsd32/Makefile	Wed Aug 28 07:53:10 2019	(r351566)
@@ -11,7 +11,7 @@ all:
 sysent:  freebsd32_sysent.c freebsd32_syscall.h freebsd32_proto.h freebsd32_systrace_args.c
 
 freebsd32_sysent.c freebsd32_syscalls.c freebsd32_syscall.h freebsd32_proto.h freebsd32_systrace_args.c : \
-	    ../../kern/makesyscalls.sh syscalls.master syscalls.conf capabilities.conf
+	    ../../kern/makesyscalls.sh syscalls.master syscalls.conf ../../kern/capabilities.conf
 	sh ../../kern/makesyscalls.sh syscalls.master syscalls.conf
 
 clean:

Modified: stable/12/sys/compat/freebsd32/syscalls.conf
==============================================================================
--- stable/12/sys/compat/freebsd32/syscalls.conf	Wed Aug 28 07:43:31 2019	(r351565)
+++ stable/12/sys/compat/freebsd32/syscalls.conf	Wed Aug 28 07:53:10 2019	(r351566)
@@ -9,3 +9,5 @@ syscallprefix="FREEBSD32_SYS_"
 switchname="freebsd32_sysent"
 namesname="freebsd32_syscallnames"
 systrace="freebsd32_systrace_args.c"
+abi_func_prefix="freebsd32_"
+capabilities_conf="../../kern/capabilities.conf"

Modified: stable/12/sys/kern/makesyscalls.sh
==============================================================================
--- stable/12/sys/kern/makesyscalls.sh	Wed Aug 28 07:43:31 2019	(r351565)
+++ stable/12/sys/kern/makesyscalls.sh	Wed Aug 28 07:53:10 2019	(r351566)
@@ -45,14 +45,8 @@ sysarg="sysarg.switch.$$"
 sysprotoend="sysprotoend.$$"
 systracetmp="systrace.$$"
 systraceret="systraceret.$$"
+capabilities_conf="capabilities.conf"
 
-if [ -r capabilities.conf ]; then
-	capenabled=`egrep -v '^#|^$' capabilities.conf`
-	capenabled=`echo $capenabled | sed 's/ /,/g'`
-else
-	capenabled=""
-fi
-
 trap "rm $sysaue $sysdcl $syscompat $syscompatdcl $syscompat4 $syscompat4dcl $syscompat6 $syscompat6dcl $syscompat7 $syscompat7dcl $syscompat10 $syscompat10dcl $syscompat11 $syscompat11dcl $sysent $sysinc $sysarg $sysprotoend $systracetmp $systraceret" 0
 
 touch $sysaue $sysdcl $syscompat $syscompatdcl $syscompat4 $syscompat4dcl $syscompat6 $syscompat6dcl $syscompat7 $syscompat7dcl $syscompat10 $syscompat10dcl $syscompat11 $syscompat11dcl $sysent $sysinc $sysarg $sysprotoend $systracetmp $systraceret
@@ -67,6 +61,13 @@ if [ -n "$2" ]; then
 	. $2
 fi
 
+if [ -r $capabilities_conf ]; then
+	capenabled=`egrep -v '^#|^$' $capabilities_conf`
+	capenabled=`echo $capenabled | sed 's/ /,/g'`
+else
+	capenabled=""
+fi
+
 sed -e '
 	# FreeBSD ID, includes, comments, and blank lines
 	/.*\$FreeBSD/b done_joining
@@ -137,6 +138,7 @@ sed -e '
 		switchname = \"$switchname\"
 		namesname = \"$namesname\"
 		infile = \"$1\"
+		abi_func_prefix = \"$abi_func_prefix\"
 		capenabled_string = \"$capenabled\"
 		"'
 
@@ -375,7 +377,8 @@ sed -e '
 		# from it.
 		#
 		for (cap in capenabled) {
-			if (funcname == capenabled[cap]) {
+			if (funcname == capenabled[cap] ||
+			    funcname == abi_func_prefix capenabled[cap]) {
 				flags = "SYF_CAPENABLED";
 				break;
 			}