From owner-p4-projects@FreeBSD.ORG  Fri Jan 25 14:29:19 2008
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 1C7BF16A469; Fri, 25 Jan 2008 14:29:19 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D3A8616A419
	for <perforce@freebsd.org>; Fri, 25 Jan 2008 14:29:18 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id CE41413C45A
	for <perforce@freebsd.org>; Fri, 25 Jan 2008 14:29:18 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id m0PETI4A040682
	for <perforce@freebsd.org>; Fri, 25 Jan 2008 14:29:18 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.1/8.14.1/Submit) id m0PETIf1040678
	for perforce@freebsd.org; Fri, 25 Jan 2008 14:29:18 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Fri, 25 Jan 2008 14:29:18 GMT
Message-Id: <200801251429.m0PETIf1040678@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 134086 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jan 2008 14:29:19 -0000

http://perforce.freebsd.org/chv.cgi?CH=134086

Change 134086 by rwatson@rwatson_freebsd_capabilities on 2008/01/25 14:28:25

	Expose some more system calls in capabilities mode, and fix the
	spelling of the sysctl system call.
	
	Regenerate.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#2 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#7 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#7 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#7 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#7 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#7 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#7 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#2 (text+ko) ====

@@ -1,11 +1,11 @@
 #
-# List of system calls enabled in capability mode.
+# List of system calls enabled in capability mode, one name per line.
 #
 # Notes:
 # - sys_exit() and close() are very important.
 # - Sorted alphabeetically, please keep it that way.
 #
-# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#1 $
+# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#2 $
 #
 accept
 acl_check_fd
@@ -33,10 +33,16 @@
 fchdir
 fchflags
 fchmod
+fchown
 fcntl
 flock
 fork
 fpathconf
+freebsd6_ftruncate
+freebsd6_lseek
+freebsd6_mmap
+freebsd6_pread
+freebsd6_pwrite
 fstat
 fstatfs
 fsync
@@ -76,7 +82,6 @@
 shutdown
 socketpair
 sys_exit
-sysctl
-sysctl
+__sysctl
 write
 writev

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#7 (text+ko) ====

@@ -152,7 +152,7 @@
 	{ AS(readv_args), (sy_call_t *)readv, AUE_READV, NULL, 0, 0, SYF_CAPENABLED },	/* 120 = readv */
 	{ AS(writev_args), (sy_call_t *)writev, AUE_WRITEV, NULL, 0, 0, SYF_CAPENABLED },	/* 121 = writev */
 	{ AS(settimeofday_args), (sy_call_t *)settimeofday, AUE_SETTIMEOFDAY, NULL, 0, 0, 0 },	/* 122 = settimeofday */
-	{ AS(fchown_args), (sy_call_t *)fchown, AUE_FCHOWN, NULL, 0, 0, 0 },	/* 123 = fchown */
+	{ AS(fchown_args), (sy_call_t *)fchown, AUE_FCHOWN, NULL, 0, 0, SYF_CAPENABLED },	/* 123 = fchown */
 	{ AS(fchmod_args), (sy_call_t *)fchmod, AUE_FCHMOD, NULL, 0, 0, SYF_CAPENABLED },	/* 124 = fchmod */
 	{ compat(AS(recvfrom_args),recvfrom), AUE_RECVFROM, NULL, 0, 0, SYF_CAPENABLED },	/* 125 = old recvfrom */
 	{ AS(setreuid_args), (sy_call_t *)setreuid, AUE_SETREUID, NULL, 0, 0, 0 },	/* 126 = setreuid */
@@ -202,8 +202,8 @@
 	{ AS(msgsys_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 },	/* 170 = msgsys */
 	{ AS(shmsys_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 },	/* 171 = shmsys */
 	{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 },			/* 172 = nosys */
-	{ AS(freebsd6_pread_args), (sy_call_t *)freebsd6_pread, AUE_PREAD, NULL, 0, 0, 0 },	/* 173 = freebsd6_pread */
-	{ AS(freebsd6_pwrite_args), (sy_call_t *)freebsd6_pwrite, AUE_PWRITE, NULL, 0, 0, 0 },	/* 174 = freebsd6_pwrite */
+	{ AS(freebsd6_pread_args), (sy_call_t *)freebsd6_pread, AUE_PREAD, NULL, 0, 0, SYF_CAPENABLED },	/* 173 = freebsd6_pread */
+	{ AS(freebsd6_pwrite_args), (sy_call_t *)freebsd6_pwrite, AUE_PWRITE, NULL, 0, 0, SYF_CAPENABLED },	/* 174 = freebsd6_pwrite */
 	{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 },			/* 175 = nosys */
 	{ AS(ntp_adjtime_args), (sy_call_t *)ntp_adjtime, AUE_NTP_ADJTIME, NULL, 0, 0, 0 },	/* 176 = ntp_adjtime */
 	{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 },			/* 177 = sfork */
@@ -226,12 +226,12 @@
 	{ AS(__getrlimit_args), (sy_call_t *)getrlimit, AUE_GETRLIMIT, NULL, 0, 0, 0 },	/* 194 = getrlimit */
 	{ AS(__setrlimit_args), (sy_call_t *)setrlimit, AUE_SETRLIMIT, NULL, 0, 0, 0 },	/* 195 = setrlimit */
 	{ AS(getdirentries_args), (sy_call_t *)getdirentries, AUE_GETDIRENTRIES, NULL, 0, 0, SYF_CAPENABLED },	/* 196 = getdirentries */
-	{ AS(freebsd6_mmap_args), (sy_call_t *)freebsd6_mmap, AUE_MMAP, NULL, 0, 0, 0 },	/* 197 = freebsd6_mmap */
+	{ AS(freebsd6_mmap_args), (sy_call_t *)freebsd6_mmap, AUE_MMAP, NULL, 0, 0, SYF_CAPENABLED },	/* 197 = freebsd6_mmap */
 	{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 },		/* 198 = __syscall */
-	{ AS(freebsd6_lseek_args), (sy_call_t *)freebsd6_lseek, AUE_LSEEK, NULL, 0, 0, 0 },	/* 199 = freebsd6_lseek */
+	{ AS(freebsd6_lseek_args), (sy_call_t *)freebsd6_lseek, AUE_LSEEK, NULL, 0, 0, SYF_CAPENABLED },	/* 199 = freebsd6_lseek */
 	{ AS(freebsd6_truncate_args), (sy_call_t *)freebsd6_truncate, AUE_TRUNCATE, NULL, 0, 0, 0 },	/* 200 = freebsd6_truncate */
-	{ AS(freebsd6_ftruncate_args), (sy_call_t *)freebsd6_ftruncate, AUE_FTRUNCATE, NULL, 0, 0, 0 },	/* 201 = freebsd6_ftruncate */
-	{ AS(sysctl_args), (sy_call_t *)__sysctl, AUE_SYSCTL, NULL, 0, 0, 0 },	/* 202 = __sysctl */
+	{ AS(freebsd6_ftruncate_args), (sy_call_t *)freebsd6_ftruncate, AUE_FTRUNCATE, NULL, 0, 0, SYF_CAPENABLED },	/* 201 = freebsd6_ftruncate */
+	{ AS(sysctl_args), (sy_call_t *)__sysctl, AUE_SYSCTL, NULL, 0, 0, SYF_CAPENABLED },	/* 202 = __sysctl */
 	{ AS(mlock_args), (sy_call_t *)mlock, AUE_MLOCK, NULL, 0, 0, 0 },	/* 203 = mlock */
 	{ AS(munlock_args), (sy_call_t *)munlock, AUE_MUNLOCK, NULL, 0, 0, 0 },	/* 204 = munlock */
 	{ AS(undelete_args), (sy_call_t *)undelete, AUE_UNDELETE, NULL, 0, 0, 0 },	/* 205 = undelete */

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#7 (text+ko) ====


==== //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#7 (text+ko) ====


==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#7 (text+ko) ====


==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#7 (text+ko) ====


==== //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#7 (text+ko) ====