From owner-svn-src-user@FreeBSD.ORG Sat Mar 2 14:28:35 2013 Return-Path: Delivered-To: svn-src-user@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 7BD59DBD; Sat, 2 Mar 2013 14:28:35 +0000 (UTC) (envelope-from attilio@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 69D54DFF; Sat, 2 Mar 2013 14:28:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id r22ESZKo014944; Sat, 2 Mar 2013 14:28:35 GMT (envelope-from attilio@svn.freebsd.org) Received: (from attilio@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id r22ESWZ0014921; Sat, 2 Mar 2013 14:28:32 GMT (envelope-from attilio@svn.freebsd.org) Message-Id: <201303021428.r22ESWZ0014921@svn.freebsd.org> From: Attilio Rao Date: Sat, 2 Mar 2013 14:28:32 +0000 (UTC) To: src-committers@freebsd.org, svn-src-user@freebsd.org Subject: svn commit: r247623 - in user/attilio/vmcontention: . cddl/contrib/opensolaris/cmd/zfs cddl/contrib/opensolaris/lib/libzfs/common contrib/openbsm/bin/auditdistd contrib/openbsm/etc lib/libc/gen lib... X-SVN-Group: user MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-user@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the experimental " user" src tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Mar 2013 14:28:35 -0000 Author: attilio Date: Sat Mar 2 14:28:31 2013 New Revision: 247623 URL: http://svnweb.freebsd.org/changeset/base/247623 Log: MFC Added: user/attilio/vmcontention/lib/libc/gen/cap_sandboxed.3 - copied unchanged from r247622, head/lib/libc/gen/cap_sandboxed.3 user/attilio/vmcontention/lib/libc/gen/cap_sandboxed.c - copied unchanged from r247622, head/lib/libc/gen/cap_sandboxed.c user/attilio/vmcontention/lib/libc/sys/cap_fcntls_limit.2 - copied unchanged from r247622, head/lib/libc/sys/cap_fcntls_limit.2 user/attilio/vmcontention/lib/libc/sys/cap_ioctls_limit.2 - copied unchanged from r247622, head/lib/libc/sys/cap_ioctls_limit.2 user/attilio/vmcontention/lib/libc/sys/cap_rights_limit.2 - copied unchanged from r247622, head/lib/libc/sys/cap_rights_limit.2 user/attilio/vmcontention/sys/arm/broadcom/bcm2835/bcm2835_dma.c - copied unchanged from r247622, head/sys/arm/broadcom/bcm2835/bcm2835_dma.c user/attilio/vmcontention/sys/arm/broadcom/bcm2835/bcm2835_dma.h - copied unchanged from r247622, head/sys/arm/broadcom/bcm2835/bcm2835_dma.h user/attilio/vmcontention/tools/regression/capsicum/ - copied from r247622, head/tools/regression/capsicum/ Deleted: user/attilio/vmcontention/lib/libc/sys/cap_new.2 Modified: user/attilio/vmcontention/UPDATING user/attilio/vmcontention/cddl/contrib/opensolaris/cmd/zfs/zfs.8 user/attilio/vmcontention/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_impl.h user/attilio/vmcontention/contrib/openbsm/bin/auditdistd/sender.c user/attilio/vmcontention/contrib/openbsm/etc/audit_event user/attilio/vmcontention/lib/libc/gen/Makefile.inc user/attilio/vmcontention/lib/libc/include/compat.h user/attilio/vmcontention/lib/libc/regex/regcomp.c user/attilio/vmcontention/lib/libc/rpc/clnt_vc.c user/attilio/vmcontention/lib/libc/sys/Makefile.inc user/attilio/vmcontention/lib/libc/sys/Symbol.map user/attilio/vmcontention/lib/libc/sys/cap_enter.2 user/attilio/vmcontention/lib/libc/sys/dup.2 user/attilio/vmcontention/lib/libprocstat/libprocstat.c user/attilio/vmcontention/lib/libprocstat/libprocstat.h user/attilio/vmcontention/lib/libstand/nandfs.c user/attilio/vmcontention/lib/libutil/kinfo_getproc.3 user/attilio/vmcontention/share/man/man4/arcmsr.4 user/attilio/vmcontention/share/man/man9/eventtimers.9 user/attilio/vmcontention/share/mk/bsd.compiler.mk user/attilio/vmcontention/sys/amd64/amd64/machdep.c user/attilio/vmcontention/sys/amd64/amd64/pmap.c user/attilio/vmcontention/sys/amd64/conf/GENERIC user/attilio/vmcontention/sys/arm/allwinner/files.a10 user/attilio/vmcontention/sys/arm/allwinner/timer.c user/attilio/vmcontention/sys/arm/arm/locore.S user/attilio/vmcontention/sys/arm/arm/mpcore_timer.c user/attilio/vmcontention/sys/arm/broadcom/bcm2835/bcm2835_sdhci.c user/attilio/vmcontention/sys/arm/broadcom/bcm2835/bcm2835_systimer.c user/attilio/vmcontention/sys/arm/broadcom/bcm2835/files.bcm2835 user/attilio/vmcontention/sys/arm/conf/CUBIEBOARD user/attilio/vmcontention/sys/arm/conf/RPI-B user/attilio/vmcontention/sys/arm/econa/econa_machdep.c user/attilio/vmcontention/sys/arm/include/vmparam.h user/attilio/vmcontention/sys/arm/lpc/lpc_timer.c user/attilio/vmcontention/sys/arm/mv/timer.c user/attilio/vmcontention/sys/arm/s3c2xx0/s3c24x0_machdep.c user/attilio/vmcontention/sys/arm/ti/am335x/am335x_dmtimer.c user/attilio/vmcontention/sys/arm/versatile/sp804.c user/attilio/vmcontention/sys/arm/xscale/i80321/ep80219_machdep.c user/attilio/vmcontention/sys/arm/xscale/i80321/iq31244_machdep.c user/attilio/vmcontention/sys/arm/xscale/i8134x/crb_machdep.c user/attilio/vmcontention/sys/arm/xscale/ixp425/avila_machdep.c user/attilio/vmcontention/sys/arm/xscale/pxa/pxa_machdep.c user/attilio/vmcontention/sys/boot/fdt/dts/cubieboard.dts user/attilio/vmcontention/sys/bsm/audit_kevents.h user/attilio/vmcontention/sys/cddl/compat/opensolaris/sys/file.h user/attilio/vmcontention/sys/cddl/contrib/opensolaris/common/zfs/zfs_ioctl_compat.c user/attilio/vmcontention/sys/cddl/contrib/opensolaris/common/zfs/zfs_ioctl_compat.h user/attilio/vmcontention/sys/cddl/contrib/opensolaris/common/zfs/zfs_prop.c user/attilio/vmcontention/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dsl_dataset.c user/attilio/vmcontention/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dsl_dir.c user/attilio/vmcontention/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa.c user/attilio/vmcontention/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ioctl.c user/attilio/vmcontention/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_onexit.c user/attilio/vmcontention/sys/cddl/contrib/opensolaris/uts/common/sys/fs/zfs.h user/attilio/vmcontention/sys/compat/freebsd32/freebsd32_proto.h user/attilio/vmcontention/sys/compat/freebsd32/freebsd32_syscall.h user/attilio/vmcontention/sys/compat/freebsd32/freebsd32_syscalls.c user/attilio/vmcontention/sys/compat/freebsd32/freebsd32_sysent.c user/attilio/vmcontention/sys/compat/freebsd32/freebsd32_systrace_args.c user/attilio/vmcontention/sys/compat/freebsd32/syscalls.master user/attilio/vmcontention/sys/compat/linux/linux_file.c user/attilio/vmcontention/sys/compat/ndis/kern_ndis.c user/attilio/vmcontention/sys/compat/svr4/svr4_fcntl.c user/attilio/vmcontention/sys/compat/svr4/svr4_filio.c user/attilio/vmcontention/sys/compat/svr4/svr4_misc.c user/attilio/vmcontention/sys/compat/svr4/svr4_stream.c user/attilio/vmcontention/sys/conf/options.sparc64 user/attilio/vmcontention/sys/dev/aac/aac.c user/attilio/vmcontention/sys/dev/aac/aac_cam.c user/attilio/vmcontention/sys/dev/aac/aac_disk.c user/attilio/vmcontention/sys/dev/aac/aac_pci.c user/attilio/vmcontention/sys/dev/aac/aac_tables.h user/attilio/vmcontention/sys/dev/aac/aacvar.h user/attilio/vmcontention/sys/dev/acpica/acpi_cpu.c user/attilio/vmcontention/sys/dev/acpica/acpi_hpet.c user/attilio/vmcontention/sys/dev/arcmsr/arcmsr.c user/attilio/vmcontention/sys/dev/arcmsr/arcmsr.h user/attilio/vmcontention/sys/dev/ath/if_ath_tx_ht.c user/attilio/vmcontention/sys/dev/ath/if_athrate.h user/attilio/vmcontention/sys/dev/bce/if_bce.c user/attilio/vmcontention/sys/dev/bce/if_bcereg.h user/attilio/vmcontention/sys/dev/cas/if_cas.c user/attilio/vmcontention/sys/dev/ic/ns16550.h user/attilio/vmcontention/sys/dev/iscsi/initiator/iscsi.c user/attilio/vmcontention/sys/dev/mfi/mfi.c user/attilio/vmcontention/sys/dev/mps/mps.c user/attilio/vmcontention/sys/dev/pci/pci.c user/attilio/vmcontention/sys/dev/puc/pucdata.c user/attilio/vmcontention/sys/dev/sdhci/sdhci.c user/attilio/vmcontention/sys/dev/sdhci/sdhci.h user/attilio/vmcontention/sys/dev/sdhci/sdhci_if.m user/attilio/vmcontention/sys/dev/tws/tws_hdm.c user/attilio/vmcontention/sys/dev/uart/uart_dev_ns8250.c user/attilio/vmcontention/sys/fs/fdescfs/fdesc_vfsops.c user/attilio/vmcontention/sys/fs/fdescfs/fdesc_vnops.c user/attilio/vmcontention/sys/fs/nfs/nfsdport.h user/attilio/vmcontention/sys/fs/nfsclient/nfs_clport.c user/attilio/vmcontention/sys/fs/nfsserver/nfs_nfsdport.c user/attilio/vmcontention/sys/fs/nullfs/null_vfsops.c user/attilio/vmcontention/sys/i386/conf/GENERIC user/attilio/vmcontention/sys/i386/i386/machdep.c user/attilio/vmcontention/sys/i386/ibcs2/ibcs2_misc.c user/attilio/vmcontention/sys/i386/xen/clock.c user/attilio/vmcontention/sys/ia64/ia64/clock.c user/attilio/vmcontention/sys/ia64/ia64/machdep.c user/attilio/vmcontention/sys/kern/capabilities.conf user/attilio/vmcontention/sys/kern/init_sysent.c user/attilio/vmcontention/sys/kern/kern_clocksource.c user/attilio/vmcontention/sys/kern/kern_descrip.c user/attilio/vmcontention/sys/kern/kern_et.c user/attilio/vmcontention/sys/kern/kern_exec.c user/attilio/vmcontention/sys/kern/kern_exit.c user/attilio/vmcontention/sys/kern/kern_fork.c user/attilio/vmcontention/sys/kern/kern_sysctl.c user/attilio/vmcontention/sys/kern/kern_timeout.c user/attilio/vmcontention/sys/kern/subr_sleepqueue.c user/attilio/vmcontention/sys/kern/subr_trap.c user/attilio/vmcontention/sys/kern/sys_capability.c user/attilio/vmcontention/sys/kern/sys_generic.c user/attilio/vmcontention/sys/kern/syscalls.c user/attilio/vmcontention/sys/kern/syscalls.master user/attilio/vmcontention/sys/kern/systrace_args.c user/attilio/vmcontention/sys/kern/tty.c user/attilio/vmcontention/sys/kern/uipc_mqueue.c user/attilio/vmcontention/sys/kern/uipc_sem.c user/attilio/vmcontention/sys/kern/uipc_shm.c user/attilio/vmcontention/sys/kern/uipc_syscalls.c user/attilio/vmcontention/sys/kern/uipc_usrreq.c user/attilio/vmcontention/sys/kern/vfs_aio.c user/attilio/vmcontention/sys/kern/vfs_default.c user/attilio/vmcontention/sys/kern/vfs_lookup.c user/attilio/vmcontention/sys/kern/vfs_syscalls.c user/attilio/vmcontention/sys/kern/vfs_vnops.c user/attilio/vmcontention/sys/mips/mips/tick.c user/attilio/vmcontention/sys/mips/nlm/tick.c user/attilio/vmcontention/sys/mips/rmi/tick.c user/attilio/vmcontention/sys/modules/ixgbe/Makefile user/attilio/vmcontention/sys/netsmb/smb_dev.c user/attilio/vmcontention/sys/nfsserver/nfs_srvkrpc.c user/attilio/vmcontention/sys/ofed/include/linux/file.h user/attilio/vmcontention/sys/pc98/pc98/machdep.c user/attilio/vmcontention/sys/powerpc/aim/clock.c user/attilio/vmcontention/sys/powerpc/booke/clock.c user/attilio/vmcontention/sys/powerpc/powerpc/cpu.c user/attilio/vmcontention/sys/powerpc/ps3/platform_ps3.c user/attilio/vmcontention/sys/powerpc/wii/platform_wii.c user/attilio/vmcontention/sys/security/audit/audit.h user/attilio/vmcontention/sys/security/audit/audit_arg.c user/attilio/vmcontention/sys/security/audit/audit_bsm.c user/attilio/vmcontention/sys/security/audit/audit_private.h user/attilio/vmcontention/sys/sparc64/pci/ofw_pcib.c user/attilio/vmcontention/sys/sparc64/pci/psycho.c user/attilio/vmcontention/sys/sparc64/pci/sbbc.c user/attilio/vmcontention/sys/sparc64/sbus/sbus.c user/attilio/vmcontention/sys/sparc64/sparc64/tick.c user/attilio/vmcontention/sys/sys/capability.h user/attilio/vmcontention/sys/sys/file.h user/attilio/vmcontention/sys/sys/filedesc.h user/attilio/vmcontention/sys/sys/namei.h user/attilio/vmcontention/sys/sys/proc.h user/attilio/vmcontention/sys/sys/rmlock.h user/attilio/vmcontention/sys/sys/syscall.h user/attilio/vmcontention/sys/sys/syscall.mk user/attilio/vmcontention/sys/sys/sysproto.h user/attilio/vmcontention/sys/sys/systm.h user/attilio/vmcontention/sys/sys/time.h user/attilio/vmcontention/sys/sys/timeet.h user/attilio/vmcontention/sys/sys/types.h user/attilio/vmcontention/sys/sys/user.h user/attilio/vmcontention/sys/vm/vm_mmap.c user/attilio/vmcontention/sys/x86/isa/atrtc.c user/attilio/vmcontention/sys/x86/isa/clock.c user/attilio/vmcontention/sys/x86/x86/local_apic.c user/attilio/vmcontention/tools/regression/security/cap_test/cap_test_capabilities.c user/attilio/vmcontention/tools/regression/security/cap_test/cap_test_relative.c user/attilio/vmcontention/usr.bin/dc/dc.c user/attilio/vmcontention/usr.bin/kdump/kdump.c user/attilio/vmcontention/usr.bin/kdump/mksubr user/attilio/vmcontention/usr.bin/procstat/procstat_files.c user/attilio/vmcontention/usr.sbin/bhyve/acpi.c user/attilio/vmcontention/usr.sbin/bhyve/bhyverun.c user/attilio/vmcontention/usr.sbin/bhyve/bhyverun.h user/attilio/vmcontention/usr.sbin/bhyve/mptbl.c user/attilio/vmcontention/usr.sbin/bhyve/pci_virtio_block.c user/attilio/vmcontention/usr.sbin/bhyve/pci_virtio_net.c user/attilio/vmcontention/usr.sbin/bhyve/virtio.h Directory Properties: user/attilio/vmcontention/ (props changed) user/attilio/vmcontention/cddl/contrib/opensolaris/ (props changed) user/attilio/vmcontention/cddl/contrib/opensolaris/cmd/zfs/ (props changed) user/attilio/vmcontention/cddl/contrib/opensolaris/lib/libzfs/ (props changed) user/attilio/vmcontention/contrib/openbsm/ (props changed) user/attilio/vmcontention/lib/libc/ (props changed) user/attilio/vmcontention/lib/libutil/ (props changed) user/attilio/vmcontention/share/man/man4/ (props changed) user/attilio/vmcontention/sys/ (props changed) user/attilio/vmcontention/sys/boot/ (props changed) user/attilio/vmcontention/sys/cddl/contrib/opensolaris/ (props changed) user/attilio/vmcontention/sys/conf/ (props changed) user/attilio/vmcontention/usr.bin/procstat/ (props changed) user/attilio/vmcontention/usr.sbin/bhyve/ (props changed) Modified: user/attilio/vmcontention/UPDATING ============================================================================== --- user/attilio/vmcontention/UPDATING Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/UPDATING Sat Mar 2 14:28:31 2013 (r247623) @@ -26,6 +26,13 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 10 disable the most expensive debugging functionality run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) +20130301: + The ctl device has been disabled in GENERIC for i386 and amd64. + This was done due to the extra memory being allocated at system + initialisation time by the ctl driver which was only used if + a CAM target device was created. This makes a FreeBSD system + unusable on 128MB or less of RAM. + 20130208: A new compression method (lz4) has been merged to -HEAD. Please refer to zpool-features(7) for more information. @@ -46,8 +53,8 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 10 unlikely event that -M was the last option on the command line and the command line contained at least two files and a target directory the first file will have logs appended to it. The -M - option served little practical purpose in the last decade so it's - used expected to be extremely rare. + option served little practical purpose in the last decade so its + use is expected to be extremely rare. 20121223: After switching to Clang as the default compiler some users of ZFS Modified: user/attilio/vmcontention/cddl/contrib/opensolaris/cmd/zfs/zfs.8 ============================================================================== --- user/attilio/vmcontention/cddl/contrib/opensolaris/cmd/zfs/zfs.8 Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/cddl/contrib/opensolaris/cmd/zfs/zfs.8 Sat Mar 2 14:28:31 2013 (r247623) @@ -526,6 +526,39 @@ if the snapshot has been marked for defe .Qq Nm Cm destroy -d command. Otherwise, the property is .Cm off . +.It Sy logicalreferenced +The amount of space that is +.Qq logically +accessible by this dataset. +See the +.Sy referenced +property. +The logical space ignores the effect of the +.Sy compression +and +.Sy copies +properties, giving a quantity closer to the amount of data that applications +see. +However, it does include space consumed by metadata. +.Pp +This property can also be referred to by its shortened column name, +.Sy lrefer . +.It Sy logicalused +The amount of space that is +.Qq logically +consumed by this dataset and all its descendents. +See the +.Sy used +property. +The logical space ignores the effect of the +.Sy compression +and +.Sy copies +properties, giving a quantity closer to the amount of data that applications +see. +.Pp +This property can also be referred to by its shortened column name, +.Sy lused . .It Sy mounted For file systems, indicates whether the file system is currently mounted. This property can be either Modified: user/attilio/vmcontention/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_impl.h ============================================================================== --- user/attilio/vmcontention/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_impl.h Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_impl.h Sat Mar 2 14:28:31 2013 (r247623) @@ -24,6 +24,7 @@ * Copyright (c) 2011 Pawel Jakub Dawidek . * All rights reserved. * Copyright (c) 2011 by Delphix. All rights reserved. + * Copyright (c) 2013 Martin Matuska . All rights reserved. */ #ifndef _LIBFS_IMPL_H @@ -216,6 +217,7 @@ extern void libzfs_fru_clear(libzfs_hand #ifndef sun static int zfs_kernel_version = 0; +static int zfs_ioctl_version = 0; /* * This is FreeBSD version of ioctl, because Solaris' ioctl() updates @@ -225,19 +227,34 @@ static int zfs_kernel_version = 0; static __inline int zcmd_ioctl(int fd, unsigned long cmd, zfs_cmd_t *zc) { - size_t oldsize, zfs_kernel_version_size; + size_t oldsize, zfs_kernel_version_size, zfs_ioctl_version_size; int version, ret, cflag = ZFS_CMD_COMPAT_NONE; - zfs_kernel_version_size = sizeof(zfs_kernel_version); - if (zfs_kernel_version == 0) { - sysctlbyname("vfs.zfs.version.spa", &zfs_kernel_version, - &zfs_kernel_version_size, NULL, 0); + zfs_ioctl_version_size = sizeof(zfs_ioctl_version); + if (zfs_ioctl_version == 0) { + sysctlbyname("vfs.zfs.version.ioctl", &zfs_ioctl_version, + &zfs_ioctl_version_size, NULL, 0); } - if (zfs_kernel_version == SPA_VERSION_15 || - zfs_kernel_version == SPA_VERSION_14 || - zfs_kernel_version == SPA_VERSION_13) - cflag = ZFS_CMD_COMPAT_V15; + /* + * If vfs.zfs.version.ioctl is not defined, assume we have v28 + * compatible binaries and use vfs.zfs.version.spa to test for v15 + */ + if (zfs_ioctl_version < ZFS_IOCVER_DEADMAN) { + cflag = ZFS_CMD_COMPAT_V28; + zfs_kernel_version_size = sizeof(zfs_kernel_version); + + if (zfs_kernel_version == 0) { + sysctlbyname("vfs.zfs.version.spa", + &zfs_kernel_version, + &zfs_kernel_version_size, NULL, 0); + } + + if (zfs_kernel_version == SPA_VERSION_15 || + zfs_kernel_version == SPA_VERSION_14 || + zfs_kernel_version == SPA_VERSION_13) + cflag = ZFS_CMD_COMPAT_V15; + } oldsize = zc->zc_nvlist_dst_size; ret = zcmd_ioctl_compat(fd, cmd, zc, cflag); Modified: user/attilio/vmcontention/contrib/openbsm/bin/auditdistd/sender.c ============================================================================== --- user/attilio/vmcontention/contrib/openbsm/bin/auditdistd/sender.c Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/contrib/openbsm/bin/auditdistd/sender.c Sat Mar 2 14:28:31 2013 (r247623) @@ -394,6 +394,7 @@ read_thread_wait(void) mtx_lock(&adist_remote_mtx); if (adhost->adh_reset) { +reset: adhost->adh_reset = false; if (trail_filefd(adist_trail) != -1) trail_close(adist_trail); @@ -408,6 +409,14 @@ read_thread_wait(void) while (trail_filefd(adist_trail) == -1) { newfile = true; wait_for_dir(); + /* + * We may have been disconnected and reconnected in the + * meantime, check if reset is set. + */ + mtx_lock(&adist_remote_mtx); + if (adhost->adh_reset) + goto reset; + mtx_unlock(&adist_remote_mtx); if (trail_filefd(adist_trail) == -1) trail_next(adist_trail); } Modified: user/attilio/vmcontention/contrib/openbsm/etc/audit_event ============================================================================== --- user/attilio/vmcontention/contrib/openbsm/etc/audit_event Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/contrib/openbsm/etc/audit_event Sat Mar 2 14:28:31 2013 (r247623) @@ -548,7 +548,7 @@ 43184:AUE_OPENAT:openat(2) - attr only:fa 43185:AUE_POSIX_OPENPT:posix_openpt(2):ip 43186:AUE_CAP_NEW:cap_new(2):fm -43187:AUE_CAP_GETRIGHTS:cap_getrights(2):fm +43187:AUE_CAP_RIGHTS_GET:cap_rights_get(2):fm 43188:AUE_CAP_ENTER:cap_enter(2):pc 43189:AUE_CAP_GETMODE:cap_getmode(2):pc 43190:AUE_POSIX_SPAWN:posix_spawn(2):pc @@ -563,6 +563,11 @@ 43199:AUE_PDGETPID:pdgetpid(2):pc 43200:AUE_PDWAIT:pdwait(2):pc 43201:AUE_WAIT6:wait6(2):pc +43202:AUE_CAP_RIGHTS_LIMIT:cap_rights_limit(2):fm +43203:AUE_CAP_IOCTLS_LIMIT:cap_ioctls_limit(2):fm +43204:AUE_CAP_IOCTLS_GET:cap_ioctls_get(2):fm +43205:AUE_CAP_FCNTLS_LIMIT:cap_fcntls_limit(2):fm +43206:AUE_CAP_FCNTLS_GET:cap_fcntls_get(2):fm # # Solaris userspace events. # Modified: user/attilio/vmcontention/lib/libc/gen/Makefile.inc ============================================================================== --- user/attilio/vmcontention/lib/libc/gen/Makefile.inc Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/lib/libc/gen/Makefile.inc Sat Mar 2 14:28:31 2013 (r247623) @@ -16,6 +16,7 @@ SRCS+= __getosreldate.c \ assert.c \ auxv.c \ basename.c \ + cap_sandboxed.c \ check_utility_compat.c \ clock.c \ clock_getcpuclockid.c \ @@ -168,6 +169,7 @@ SYM_MAPS+=${.CURDIR}/gen/Symbol.map MAN+= alarm.3 \ arc4random.3 \ basename.3 \ + cap_sandboxed.3 \ check_utility_compat.3 \ clock.3 \ clock_getcpuclockid.3 \ Copied: user/attilio/vmcontention/lib/libc/gen/cap_sandboxed.3 (from r247622, head/lib/libc/gen/cap_sandboxed.3) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/attilio/vmcontention/lib/libc/gen/cap_sandboxed.3 Sat Mar 2 14:28:31 2013 (r247623, copy of r247622, head/lib/libc/gen/cap_sandboxed.3) @@ -0,0 +1,70 @@ +.\" Copyright (c) 2012 The FreeBSD Foundation +.\" All rights reserved. +.\" +.\" This documentation was written by Pawel Jakub Dawidek under sponsorship +.\" from the FreeBSD Foundation. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd September 18, 2012 +.Dt CAP_SANDBOXED 3 +.Os +.Sh NAME +.Nm cap_sandboxed +.Nd Check if in a capability mode sandbox +.Sh LIBRARY +.Lb libc +.Sh SYNOPSIS +.In sys/capability.h +.In stdbool.h +.Ft bool +.Fn cap_sandboxed "void" +.Sh DESCRIPTION +.Fn cap_sandboxed +returns +.Va true +if the process is in a capability mode sandbox or +.Va false +if it is not. +This function is a more handy alternative to the +.Xr cap_getmode 2 +system call as it always succeeds, so there is no need for error checking. +If the support for capability mode is not compiled into the kernel, +.Fn cap_sandboxed +will always return +.Va false . +.Sh RETURN VALUES +Function +.Fn cap_sandboxed +is always successful and will return either +.Va true +or +.Va false . +.Sh SEE ALSO +.Xr cap_enter 2 , +.Xr capsicum 4 +.Sh AUTHORS +This function was implemented and manual page was written by +.An Pawel Jakub Dawidek Aq pawel@dawidek.net +under sponsorship of the FreeBSD Foundation. Copied: user/attilio/vmcontention/lib/libc/gen/cap_sandboxed.c (from r247622, head/lib/libc/gen/cap_sandboxed.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/attilio/vmcontention/lib/libc/gen/cap_sandboxed.c Sat Mar 2 14:28:31 2013 (r247623, copy of r247622, head/lib/libc/gen/cap_sandboxed.c) @@ -0,0 +1,50 @@ +/*- + * Copyright (c) 2012 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include + +#include +#include +#include + +bool +cap_sandboxed(void) +{ + u_int mode; + + if (cap_getmode(&mode) != 0) { + assert(errno == ENOSYS); + return (false); + } + assert(mode == 0 || mode == 1); + return (mode == 1); +} Modified: user/attilio/vmcontention/lib/libc/include/compat.h ============================================================================== --- user/attilio/vmcontention/lib/libc/include/compat.h Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/lib/libc/include/compat.h Sat Mar 2 14:28:31 2013 (r247623) @@ -42,6 +42,8 @@ __sym_compat(__semctl, freebsd7___semctl __sym_compat(msgctl, freebsd7_msgctl, FBSD_1.0); __sym_compat(shmctl, freebsd7_shmctl, FBSD_1.0); +__sym_compat(cap_getrights, cap_rights_get, FBSD_1.2); + #undef __sym_compat #endif /* __LIBC_COMPAT_H__ */ Modified: user/attilio/vmcontention/lib/libc/regex/regcomp.c ============================================================================== --- user/attilio/vmcontention/lib/libc/regex/regcomp.c Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/lib/libc/regex/regcomp.c Sat Mar 2 14:28:31 2013 (r247623) @@ -1212,7 +1212,7 @@ CHaddrange(struct parse *p, cset *cs, wi } cs->ranges = newranges; cs->ranges[cs->nranges].min = min; - cs->ranges[cs->nranges].min = max; + cs->ranges[cs->nranges].max = max; cs->nranges++; } Modified: user/attilio/vmcontention/lib/libc/rpc/clnt_vc.c ============================================================================== --- user/attilio/vmcontention/lib/libc/rpc/clnt_vc.c Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/lib/libc/rpc/clnt_vc.c Sat Mar 2 14:28:31 2013 (r247623) @@ -260,7 +260,7 @@ clnt_vc_create(fd, raddr, prog, vers, se if (ct->ct_addr.buf == NULL) goto err; memcpy(ct->ct_addr.buf, raddr->buf, raddr->len); - ct->ct_addr.len = raddr->maxlen; + ct->ct_addr.len = raddr->len; ct->ct_addr.maxlen = raddr->maxlen; /* Modified: user/attilio/vmcontention/lib/libc/sys/Makefile.inc ============================================================================== --- user/attilio/vmcontention/lib/libc/sys/Makefile.inc Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/lib/libc/sys/Makefile.inc Sat Mar 2 14:28:31 2013 (r247623) @@ -93,7 +93,9 @@ MAN+= abort2.2 \ bind.2 \ brk.2 \ cap_enter.2 \ - cap_new.2 \ + cap_fcntls_limit.2 \ + cap_ioctls_limit.2 \ + cap_rights_limit.2 \ chdir.2 \ chflags.2 \ chmod.2 \ @@ -270,7 +272,9 @@ MLINKS+=access.2 eaccess.2 \ access.2 faccessat.2 MLINKS+=brk.2 sbrk.2 MLINKS+=cap_enter.2 cap_getmode.2 -MLINKS+=cap_new.2 cap_getrights.2 +MLINKS+=cap_fcntls_limit.2 cap_fcntls_get.2 +MLINKS+=cap_ioctls_limit.2 cap_ioctls_get.2 +MLINKS+=cap_rights_limit.2 cap_rights_get.2 MLINKS+=chdir.2 fchdir.2 MLINKS+=chflags.2 fchflags.2 \ chflags.2 lchflags.2 Modified: user/attilio/vmcontention/lib/libc/sys/Symbol.map ============================================================================== --- user/attilio/vmcontention/lib/libc/sys/Symbol.map Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/lib/libc/sys/Symbol.map Sat Mar 2 14:28:31 2013 (r247623) @@ -364,7 +364,6 @@ FBSD_1.2 { cap_enter; cap_getmode; cap_new; - cap_getrights; getloginclass; pdfork; pdgetpid; @@ -379,6 +378,13 @@ FBSD_1.2 { }; FBSD_1.3 { + cap_fcntls_get; + cap_fcntls_limit; + cap_ioctls_get; + cap_ioctls_limit; + cap_rights_get; + cap_rights_limit; + cap_sandboxed; clock_getcpuclockid2; ffclock_getcounter; ffclock_getestimate; Modified: user/attilio/vmcontention/lib/libc/sys/cap_enter.2 ============================================================================== --- user/attilio/vmcontention/lib/libc/sys/cap_enter.2 Sat Mar 2 14:19:08 2013 (r247622) +++ user/attilio/vmcontention/lib/libc/sys/cap_enter.2 Sat Mar 2 14:28:31 2013 (r247623) @@ -58,8 +58,10 @@ or .Xr pdfork 2 will be placed in capability mode from inception. .Pp -When combined with capabilities created with -.Xr cap_new 2 , +When combined with +.Xr cap_rights_limit 2 , +.Xr cap_ioctls_limit 2 , +.Xr cap_fcntls_limit 2 , .Fn cap_enter may be used to create kernel-enforced sandboxes in which appropriately-crafted applications or application components may be run. @@ -71,11 +73,6 @@ sandbox. Creating effective process sandboxes is a tricky process that involves identifying the least possible rights required by the process and then passing those rights into the process in a safe manner. -See the CAVEAT -section of -.Xr cap_new 2 -for why this is particularly tricky with UNIX file descriptors as the -canonical representation of a right. Consumers of .Fn cap_enter should also be aware of other inherited rights, such as access to VM @@ -87,9 +84,35 @@ to create a runtime environment inside t acquired rights as possible. .Sh RETURN VALUES .Rv -std cap_enter cap_getmode +.Sh ERRORS +The +.Fn cap_enter +and +.Fn cap_getmode +system calls +will fail if: +.Bl -tag -width Er +.It Bq Er ENOSYS +The kernel is compiled without: +.Pp +.Cd "options CAPABILITY_MODE" +.El +.Pp +The +.Fn cap_getmode +system call may also return the following error: +.Bl -tag -width Er +.It Bq Er EFAULT +Pointer +.Fa modep +points outside the process's allocated address space. +.El .Sh SEE ALSO -.Xr cap_new 2 , +.Xr cap_fcntls_limit 2 , +.Xr cap_ioctls_limit 2 , +.Xr cap_rights_limit 2 , .Xr fexecve 2 , +.Xr cap_sandboxed 3 , .Xr capsicum 4 .Sh HISTORY Support for capabilities and capabilities mode was developed as part of the Copied: user/attilio/vmcontention/lib/libc/sys/cap_fcntls_limit.2 (from r247622, head/lib/libc/sys/cap_fcntls_limit.2) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/attilio/vmcontention/lib/libc/sys/cap_fcntls_limit.2 Sat Mar 2 14:28:31 2013 (r247623, copy of r247622, head/lib/libc/sys/cap_fcntls_limit.2) @@ -0,0 +1,126 @@ +.\" +.\" Copyright (c) 2012 The FreeBSD Foundation +.\" All rights reserved. +.\" +.\" This documentation was written by Pawel Jakub Dawidek under sponsorship +.\" the FreeBSD Foundation. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd September 20, 2012 +.Dt CAP_FCNTLS_LIMIT 2 +.Os +.Sh NAME +.Nm cap_fcntls_limit , +.Nm cap_fcntls_get +.Nd manage allowed fcntl commands +.Sh LIBRARY +.Lb libc +.Sh SYNOPSIS +.In sys/capability.h +.Ft int +.Fn cap_fcntls_limit "int fd" "uint32_t fcntlrights" +.Ft int +.Fn cap_fcntls_get "int fd" "uint32_t *fcntlrightsp" +.Sh DESCRIPTION +If a file descriptor is granted the +.Dv CAP_FCNTL +capability right, the list of allowed +.Xr fcntl 2 +commands can be selectively reduced (but never expanded) with the +.Fn cap_fcntls_limit +system call. +.Pp +A bitmask of allowed fcntls commands for a given file descriptor can be obtained +with the +.Fn cap_fcntls_get +system call. +.Sh FLAGS +The following flags may be specified in the +.Fa fcntlrights +argument or returned in the +.Fa fcntlrightsp +argument: +.Bl -tag -width CAP_FCNTL_GETOWN +.It Dv CAP_FCNTL_GETFL +Permit +.Dv F_GETFL +command. +.It Dv CAP_FCNTL_SETFL +Permit +.Dv F_SETFL +command. +.It Dv CAP_FCNTL_GETOWN +Permit +.Dv F_GETOWN +command. +.It Dv CAP_FCNTL_SETOWN +Permit +.Dv F_SETOWN +command. +.El +.Sh RETURN VALUES +.Rv -std +.Sh ERRORS +.Fn cap_fcntls_limit +succeeds unless: +.Bl -tag -width Er +.It Bq Er EBADF +The +.Fa fd +argument is not a valid descriptor. +.It Bq Er EINVAL +An invalid flag has been passed in +.Fa fcntlrights . +.It Bq Er ENOTCAPABLE +.Fa fcntlrights +would expand the list of allowed +.Xr fcntl 2 +commands. +.El +.Pp +.Fn cap_fcntls_get +succeeds unless: +.Bl -tag -width Er +.It Bq Er EBADF +The +.Fa fd +argument is not a valid descriptor. +.It Bq Er EFAULT +The +.Fa fcntlrightsp +argument points at an invalid address. +.El +.Sh SEE ALSO +.Xr cap_ioctls_limit 2 , +.Xr cap_rights_limit 2 , +.Xr fcntl 2 +.Sh HISTORY +Support for capabilities and capabilities mode was developed as part of the +.Tn TrustedBSD +Project. +.Sh AUTHORS +This function was created by +.An Pawel Jakub Dawidek Aq pawel@dawidek.net +under sponsorship of the FreeBSD Foundation. Copied: user/attilio/vmcontention/lib/libc/sys/cap_ioctls_limit.2 (from r247622, head/lib/libc/sys/cap_ioctls_limit.2) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/attilio/vmcontention/lib/libc/sys/cap_ioctls_limit.2 Sat Mar 2 14:28:31 2013 (r247623, copy of r247622, head/lib/libc/sys/cap_ioctls_limit.2) @@ -0,0 +1,157 @@ +.\" +.\" Copyright (c) 2012 The FreeBSD Foundation +.\" All rights reserved. +.\" +.\" This documentation was written by Pawel Jakub Dawidek under sponsorship +.\" the FreeBSD Foundation. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd September 20, 2012 +.Dt CAP_IOCTLS_LIMIT 2 +.Os +.Sh NAME +.Nm cap_ioctls_limit , +.Nm cap_ioctls_get +.Nd manage allowed ioctl commands +.Sh LIBRARY +.Lb libc +.Sh SYNOPSIS +.In sys/capability.h +.Ft int +.Fn cap_ioctls_limit "int fd" "const unsigned long *cmds" "size_t ncmds" +.Ft ssize_t +.Fn cap_ioctls_get "int fd" "unsigned long *cmds" "size_t maxcmds" +.Sh DESCRIPTION +If a file descriptor is granted the +.Dv CAP_IOCTL +capability right, the list of allowed +.Xr ioctl 2 +commands can be selectively reduced (but never expanded) with the +.Fn cap_ioctls_limit +system call. +The +.Fa cmds +argument is an array of +.Xr ioctl 2 +commands and the +.Fa ncmds +argument specifies the number of elements in the array. +There might be up to +.Va 256 +elements in the array. +.Pp +The list of allowed ioctl commands for a given file descriptor can be obtained +with the +.Fn cap_ioctls_get +system call. +The +.Fa cmds +argument points at memory that can hold up to +.Fa maxcmds +values. +The function populates the provided buffer with up to +.Fa maxcmds +elements, but always returns the total number of ioctl commands allowed for the +given file descriptor. +The total number of ioctls commands for the given file descriptor can be +obtained by passing +.Dv NULL as the +.Fa cmds +argument and +.Va 0 +as the +.Fa maxcmds +argument. +If all ioctl commands are allowed +.Dv ( CAP_IOCTL +capability right is assigned to the file descriptor and the +.Fn cap_ioctls_limit +system call was never called for this file descriptor), the +.Fn cap_ioctls_get +system call will return +.Dv CAP_IOCTLS_ALL +and won't modify the buffer pointed out by the +.Fa cmds +argument. +.Sh RETURN VALUES +.Rv -std cap_ioctls_limit +.Pp +The +.Fn cap_ioctls_limit +function, if successfull, returns the total number of allowed ioctl commands or +the value +.Dv INT_MAX +if all ioctls commands are allowed. +On failure the value +.Va -1 +is returned and the global variable errno is set to indicate the error. +.Sh ERRORS +.Fn cap_ioctls_limit +succeeds unless: +.Bl -tag -width Er +.It Bq Er EBADF +The +.Fa fd +argument is not a valid descriptor. +.It Bq Er EFAULT +The +.Fa cmds +argument points at an invalid address. +.It Bq Er EINVAL +The +.Fa ncmds +argument is greater than +.Va 256 . +.It Bq Er ENOTCAPABLE +.Fa cmds +would expand the list of allowed +.Xr ioctl 2 +commands. +.El +.Pp +.Fn cap_ioctls_get +succeeds unless: +.Bl -tag -width Er +.It Bq Er EBADF +The +.Fa fd +argument is not a valid descriptor. +.It Bq Er EFAULT +The +.Fa cmds +argument points at invalid address. +.El +.Sh SEE ALSO +.Xr cap_fcntls_limit 2 , +.Xr cap_rights_limit 2 , +.Xr ioctl 2 +.Sh HISTORY +Support for capabilities and capabilities mode was developed as part of the +.Tn TrustedBSD +Project. +.Sh AUTHORS +This function was created by +.An Pawel Jakub Dawidek Aq pawel@dawidek.net +under sponsorship of the FreeBSD Foundation. Copied: user/attilio/vmcontention/lib/libc/sys/cap_rights_limit.2 (from r247622, head/lib/libc/sys/cap_rights_limit.2) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ user/attilio/vmcontention/lib/libc/sys/cap_rights_limit.2 Sat Mar 2 14:28:31 2013 (r247623, copy of r247622, head/lib/libc/sys/cap_rights_limit.2) @@ -0,0 +1,602 @@ +.\" +.\" Copyright (c) 2008-2010 Robert N. M. Watson +.\" Copyright (c) 2012-2013 The FreeBSD Foundation +.\" All rights reserved. +.\" +.\" This software was developed at the University of Cambridge Computer +.\" Laboratory with support from a grant from Google, Inc. +.\" +.\" Portions of this documentation were written by Pawel Jakub Dawidek +.\" under sponsorship from the FreeBSD Foundation. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd February 23, 2013 +.Dt CAP_RIGHTS_LIMIT 2 +.Os +.Sh NAME +.Nm cap_rights_limit , +.Nm cap_rights_get +.Nd manage capability rights +.Sh LIBRARY +.Lb libc +.Sh SYNOPSIS +.In sys/capability.h +.Ft int +.Fn cap_rights_limit "int fd" "cap_rights_t rights" +.Ft int +.Fn cap_rights_get "int fd" "cap_rights_t *rightsp" +.Sh DESCRIPTION +When a file descriptor is created by a function such as +.Xr fhopen 2 , +.Xr kqueue 2 , +.Xr mq_open 2 , +.Xr open 2 , +.Xr openat 2 , +.Xr pdfork 2 , +.Xr pipe 2 , +.Xr shm_open 2 , +.Xr socket 2 , +or +.Xr socketpair 2 , +it is assigned all capability rights. +Those rights can be reduced (but never expanded) by using the +.Fn cap_rights_limit +system call. +Once capability rights are reduced, operations on the file descriptor will be +limited to those permitted by +.Fa rights . +.Pp +A bitmask of capability rights assigned to a file descriptor can be obtained with +the +.Fn cap_rights_get +system call. +.Sh RIGHTS +The following rights may be specified in a rights mask: +.Bl -tag -width CAP_EXTATTR_DELETE +.It Dv CAP_ACCEPT +Permit +.Xr accept 2 . +.It Dv CAP_ACL_CHECK +Permit checking of an ACL on a file descriptor; there is no cross-reference +for this system call. +.It Dv CAP_ACL_DELETE +Permit +.Xr acl_delete_fd_np 3 . +.It Dv CAP_ACL_GET +Permit +.Xr acl_get_fd 3 +and +.Xr acl_get_fd_np 3 . +.It Dv CAP_ACL_SET +Permit +.Xr acl_set_fd 3 +and +.Xr acl_set_fd_np 3 . +.It Dv CAP_BIND +Permit +.Xr bind 2 . +Note that sockets can also become bound implicitly as a result of +.Xr connect 2 +or +.Xr send 2 , +and that socket options set with +.Xr setsockopt 2 +may also affect binding behavior. +.It Dv CAP_CONNECT +Permit +.Xr connect 2 ; +also required for +.Xr sendto 2 +with a non-NULL destination address. +.It Dv CAP_CREATE +Permit +.Xr openat 2 +with the +.Dv O_CREAT +flag. +.\" XXXPJD: Doesn't exist anymore. +.It Dv CAP_EVENT +Permit +.Xr select 2 , +.Xr poll 2 , +and +.Xr kevent 2 +to be used in monitoring the file descriptor for events. +.It Dv CAP_FEXECVE +Permit +.Xr fexecve 2 +and +.Xr openat 2 +with the +.Dv O_EXEC +flag; +.Dv CAP_READ +will also be required. +.It Dv CAP_EXTATTR_DELETE +Permit +.Xr extattr_delete_fd 2 . +.It Dv CAP_EXTATTR_GET +Permit +.Xr extattr_get_fd 2 . +.It Dv CAP_EXTATTR_LIST +Permit +.Xr extattr_list_fd 2 . +.It Dv CAP_EXTATTR_SET +Permit +.Xr extattr_set_fd 2 . +.It Dv CAP_FCHDIR +Permit +.Xr fchdir 2 . +.It Dv CAP_FCHFLAGS +Permit +.Xr fchflags 2 . +.It Dv CAP_FCHMOD +Permit +.Xr fchmod 2 +and +.Xr fchmodat 2 . +.It Dv CAP_FCHMODAT +An alias to +.Dv CAP_FCHMOD . +.It Dv CAP_FCHOWN +Permit +.Xr fchown 2 +and +.Xr fchownat 2 . +.It Dv CAP_FCHOWNAT +An alias to +.Dv CAP_FCHOWN . +.It Dv CAP_FCNTL +Permit +.Xr fcntl 2 . +Note that only the +.Dv F_GETFL , +.Dv F_SETFL , +.Dv F_GETOWN +and +.Dv F_SETOWN +commands require this capability right. +Also note that the list of permitted commands can be further limited with the +.Xr cap_fcntls_limit 2 +system call. +.It Dv CAP_FLOCK +Permit +.Xr flock 2 , +.Xr fcntl 2 +(with +.Dv F_GETLK , +.Dv F_SETLK +or +.Dv F_SETLKW +flag) and +.Xr openat 2 +(with +.Dv O_EXLOCK +or +.Dv O_SHLOCK +flag). +.It Dv CAP_FPATHCONF +Permit +.Xr fpathconf 2 . +.It Dv CAP_FSCK +Permit UFS background-fsck operations on the descriptor. +.It Dv CAP_FSTAT +Permit +.Xr fstat 2 +and +.Xr fstatat 2 . +.It Dv CAP_FSTATAT +An alias to +.Dv CAP_FSTAT . +.It Dv CAP_FSTATFS +Permit +.Xr fstatfs 2 . +.It Dv CAP_FSYNC +Permit +.Xr aio_fsync 2 , +.Xr fsync 2 +and +.Xr openat 2 +with +.Dv O_FSYNC +or +.Dv O_SYNC +flag. +.It Dv CAP_FTRUNCATE +Permit +.Xr ftruncate 2 +and +.Xr openat 2 +with the +.Dv O_TRUNC +flag. +.It Dv CAP_FUTIMES +Permit +.Xr futimes 2 +and +.Xr futimesat 2 . +.It Dv CAP_FUTIMESAT *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***