Date: Fri, 25 Jan 2008 14:29:18 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 134086 for review Message-ID: <200801251429.m0PETIf1040678@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=134086 Change 134086 by rwatson@rwatson_freebsd_capabilities on 2008/01/25 14:28:25 Expose some more system calls in capabilities mode, and fix the spelling of the sysctl system call. Regenerate. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#2 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#7 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#7 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#7 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#7 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#7 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#7 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#2 (text+ko) ==== @@ -1,11 +1,11 @@ # -# List of system calls enabled in capability mode. +# List of system calls enabled in capability mode, one name per line. # # Notes: # - sys_exit() and close() are very important. # - Sorted alphabeetically, please keep it that way. # -# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#1 $ +# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#2 $ # accept acl_check_fd @@ -33,10 +33,16 @@ fchdir fchflags fchmod +fchown fcntl flock fork fpathconf +freebsd6_ftruncate +freebsd6_lseek +freebsd6_mmap +freebsd6_pread +freebsd6_pwrite fstat fstatfs fsync @@ -76,7 +82,6 @@ shutdown socketpair sys_exit -sysctl -sysctl +__sysctl write writev ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#7 (text+ko) ==== @@ -152,7 +152,7 @@ { AS(readv_args), (sy_call_t *)readv, AUE_READV, NULL, 0, 0, SYF_CAPENABLED }, /* 120 = readv */ { AS(writev_args), (sy_call_t *)writev, AUE_WRITEV, NULL, 0, 0, SYF_CAPENABLED }, /* 121 = writev */ { AS(settimeofday_args), (sy_call_t *)settimeofday, AUE_SETTIMEOFDAY, NULL, 0, 0, 0 }, /* 122 = settimeofday */ - { AS(fchown_args), (sy_call_t *)fchown, AUE_FCHOWN, NULL, 0, 0, 0 }, /* 123 = fchown */ + { AS(fchown_args), (sy_call_t *)fchown, AUE_FCHOWN, NULL, 0, 0, SYF_CAPENABLED }, /* 123 = fchown */ { AS(fchmod_args), (sy_call_t *)fchmod, AUE_FCHMOD, NULL, 0, 0, SYF_CAPENABLED }, /* 124 = fchmod */ { compat(AS(recvfrom_args),recvfrom), AUE_RECVFROM, NULL, 0, 0, SYF_CAPENABLED }, /* 125 = old recvfrom */ { AS(setreuid_args), (sy_call_t *)setreuid, AUE_SETREUID, NULL, 0, 0, 0 }, /* 126 = setreuid */ @@ -202,8 +202,8 @@ { AS(msgsys_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 170 = msgsys */ { AS(shmsys_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 171 = shmsys */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 172 = nosys */ - { AS(freebsd6_pread_args), (sy_call_t *)freebsd6_pread, AUE_PREAD, NULL, 0, 0, 0 }, /* 173 = freebsd6_pread */ - { AS(freebsd6_pwrite_args), (sy_call_t *)freebsd6_pwrite, AUE_PWRITE, NULL, 0, 0, 0 }, /* 174 = freebsd6_pwrite */ + { AS(freebsd6_pread_args), (sy_call_t *)freebsd6_pread, AUE_PREAD, NULL, 0, 0, SYF_CAPENABLED }, /* 173 = freebsd6_pread */ + { AS(freebsd6_pwrite_args), (sy_call_t *)freebsd6_pwrite, AUE_PWRITE, NULL, 0, 0, SYF_CAPENABLED }, /* 174 = freebsd6_pwrite */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 175 = nosys */ { AS(ntp_adjtime_args), (sy_call_t *)ntp_adjtime, AUE_NTP_ADJTIME, NULL, 0, 0, 0 }, /* 176 = ntp_adjtime */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 177 = sfork */ @@ -226,12 +226,12 @@ { AS(__getrlimit_args), (sy_call_t *)getrlimit, AUE_GETRLIMIT, NULL, 0, 0, 0 }, /* 194 = getrlimit */ { AS(__setrlimit_args), (sy_call_t *)setrlimit, AUE_SETRLIMIT, NULL, 0, 0, 0 }, /* 195 = setrlimit */ { AS(getdirentries_args), (sy_call_t *)getdirentries, AUE_GETDIRENTRIES, NULL, 0, 0, SYF_CAPENABLED }, /* 196 = getdirentries */ - { AS(freebsd6_mmap_args), (sy_call_t *)freebsd6_mmap, AUE_MMAP, NULL, 0, 0, 0 }, /* 197 = freebsd6_mmap */ + { AS(freebsd6_mmap_args), (sy_call_t *)freebsd6_mmap, AUE_MMAP, NULL, 0, 0, SYF_CAPENABLED }, /* 197 = freebsd6_mmap */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 198 = __syscall */ - { AS(freebsd6_lseek_args), (sy_call_t *)freebsd6_lseek, AUE_LSEEK, NULL, 0, 0, 0 }, /* 199 = freebsd6_lseek */ + { AS(freebsd6_lseek_args), (sy_call_t *)freebsd6_lseek, AUE_LSEEK, NULL, 0, 0, SYF_CAPENABLED }, /* 199 = freebsd6_lseek */ { AS(freebsd6_truncate_args), (sy_call_t *)freebsd6_truncate, AUE_TRUNCATE, NULL, 0, 0, 0 }, /* 200 = freebsd6_truncate */ - { AS(freebsd6_ftruncate_args), (sy_call_t *)freebsd6_ftruncate, AUE_FTRUNCATE, NULL, 0, 0, 0 }, /* 201 = freebsd6_ftruncate */ - { AS(sysctl_args), (sy_call_t *)__sysctl, AUE_SYSCTL, NULL, 0, 0, 0 }, /* 202 = __sysctl */ + { AS(freebsd6_ftruncate_args), (sy_call_t *)freebsd6_ftruncate, AUE_FTRUNCATE, NULL, 0, 0, SYF_CAPENABLED }, /* 201 = freebsd6_ftruncate */ + { AS(sysctl_args), (sy_call_t *)__sysctl, AUE_SYSCTL, NULL, 0, 0, SYF_CAPENABLED }, /* 202 = __sysctl */ { AS(mlock_args), (sy_call_t *)mlock, AUE_MLOCK, NULL, 0, 0, 0 }, /* 203 = mlock */ { AS(munlock_args), (sy_call_t *)munlock, AUE_MUNLOCK, NULL, 0, 0, 0 }, /* 204 = munlock */ { AS(undelete_args), (sy_call_t *)undelete, AUE_UNDELETE, NULL, 0, 0, 0 }, /* 205 = undelete */ ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#7 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#7 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#7 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#7 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#7 (text+ko) ====
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801251429.m0PETIf1040678>