Date: Mon, 26 Jan 2009 15:58:33 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 156693 for review Message-ID: <200901261558.n0QFwXgU036861@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=156693 Change 156693 by rwatson@rwatson_freebsd_capabilities on 2009/01/26 15:57:58 Implement closefrom(2) based on a combination of bits from Ighighi, NetBSD, DragonflyBSD, and in consideration of the implementation on OpenSolaris. Audit behavior here needs more work: the advantage of the Solaris userspace implementation is that we get one audit event for each fd closed. While here, add missing cap_getmode symbol to the libc symbol table, add missing mlinks for cap calls. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/Makefile.inc#6 edit .. //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/Symbol.map#13 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#28 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_descrip.c#17 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#28 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.master#17 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#28 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#28 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#28 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#28 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/Makefile.inc#6 (text+ko) ==== @@ -102,6 +102,8 @@ MLINKS+=access.2 eaccess.2 access.2 faccessat.2 MLINKS+=brk.2 sbrk.2 +MLINKS+=cap_enter.2 cap_getmode.2 +MLINKS+=cap_new.2 cap_getrights.2 MLINKS+=chdir.2 fchdir.2 MLINKS+=chflags.2 fchflags.2 chflags.2 lchflags.2 MLINKS+=chmod.2 fchmod.2 chmod.2 fchmodat.2 chmod.2 lchmod.2 ==== //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/Symbol.map#13 (text) ==== @@ -331,9 +331,11 @@ }; FBSD_1.1 { + cap_enter; + cap_getmode; + cap_getrights; cap_new; - cap_getrights; - cap_enter; + closefrom; cpuset; cpuset_getid; cpuset_setid; ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#28 (text+ko) ==== @@ -542,4 +542,5 @@ { AS(pdkill_args), (sy_call_t *)pdkill, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 511 = pdkill */ { AS(pdgetpid_args), (sy_call_t *)pdgetpid, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 512 = pdgetpid */ { AS(pdwait_args), (sy_call_t *)pdwait, AUE_NULL, NULL, 0, 0, 0 }, /* 513 = pdwait */ + { AS(closefrom_args), (sy_call_t *)closefrom, AUE_CLOSEFROM, NULL, 0, 0, 0 }, /* 514 = closefrom */ }; ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_descrip.c#17 (text+ko) ==== @@ -1124,6 +1124,33 @@ return (error); } +static int +kern_closefrom(struct thread *td, int lowfd) +{ + struct filedesc *fdp; + int fd; + + if (lowfd < 0) + return (EBADF); + fdp = td->td_proc->p_fd; + FILEDESC_SLOCK(fdp); + while ((fd = fdp->fd_lastfile) >= lowfd) { + FILEDESC_SUNLOCK(fdp); + if (kern_close(td, fd) == EINTR) + return (EINTR); + FILEDESC_SLOCK(fdp); + } + FILEDESC_SUNLOCK(fdp); + return (0); +} + +int +closefrom(struct thread *td, struct closefrom_args *uap) +{ + + return (kern_closefrom(td, uap->lowfd)); +} + #if defined(COMPAT_43) /* * Return status information about a file descriptor. ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#28 (text+ko) ==== @@ -521,4 +521,5 @@ "pdkill", /* 511 = pdkill */ "pdgetpid", /* 512 = pdgetpid */ "pdwait", /* 513 = pdwait */ + "closefrom", /* 514 = closefrom */ }; ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.master#17 (text+ko) ==== @@ -916,5 +916,7 @@ 513 AUE_NULL STD { int pdwait(int fd, int *status, \ int options, struct rusage *rusage); } +514 AUE_CLOSEFROM STD { int closefrom(int lowfd); } + ; Please copy any additions and changes to the following compatability tables: ; sys/compat/freebsd32/syscalls.master ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#28 (text+ko) ==== @@ -3101,6 +3101,13 @@ *n_args = 4; break; } + /* closefrom */ + case 514: { + struct closefrom_args *p = params; + iarg[0] = p->lowfd; /* int */ + *n_args = 1; + break; + } default: *n_args = 0; break; @@ -8225,6 +8232,16 @@ break; }; break; + /* closefrom */ + case 514: + switch(ndx) { + case 0: + p = "int"; + break; + default: + break; + }; + break; default: break; }; ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#28 (text+ko) ==== @@ -429,4 +429,5 @@ #define SYS_pdkill 511 #define SYS_pdgetpid 512 #define SYS_pdwait 513 -#define SYS_MAXSYSCALL 514 +#define SYS_closefrom 514 +#define SYS_MAXSYSCALL 515 ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#28 (text+ko) ==== @@ -377,4 +377,5 @@ pdfork.o \ pdkill.o \ pdgetpid.o \ - pdwait.o + pdwait.o \ + closefrom.o ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#28 (text+ko) ==== @@ -1656,6 +1656,9 @@ char options_l_[PADL_(int)]; int options; char options_r_[PADR_(int)]; char rusage_l_[PADL_(struct rusage *)]; struct rusage * rusage; char rusage_r_[PADR_(struct rusage *)]; }; +struct closefrom_args { + char lowfd_l_[PADL_(int)]; int lowfd; char lowfd_r_[PADR_(int)]; +}; int nosys(struct thread *, struct nosys_args *); void sys_exit(struct thread *, struct sys_exit_args *); int fork(struct thread *, struct fork_args *); @@ -2018,6 +2021,7 @@ int pdkill(struct thread *, struct pdkill_args *); int pdgetpid(struct thread *, struct pdgetpid_args *); int pdwait(struct thread *, struct pdwait_args *); +int closefrom(struct thread *, struct closefrom_args *); #ifdef COMPAT_43 @@ -2619,6 +2623,7 @@ #define SYS_AUE_pdkill AUE_NULL #define SYS_AUE_pdgetpid AUE_NULL #define SYS_AUE_pdwait AUE_NULL +#define SYS_AUE_closefrom AUE_CLOSEFROM #undef PAD_ #undef PADL_
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901261558.n0QFwXgU036861>