Date: Fri, 25 Jan 2008 21:35:54 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 134102 for review Message-ID: <200801252135.m0PLZsHI078985@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=134102 Change 134102 by rwatson@rwatson_freebsd_capabilities on 2008/01/25 21:35:40 Add more syscalls to capabilities.conf, fix a few existing ones, and comment cases where more work is needed. Of particular importance is scoping pid-related calls, which are needed to implement most POSIX process-related things, but imply a global namespace. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#3 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#8 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#8 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#8 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#8 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#8 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#8 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#3 (text+ko) ==== @@ -5,13 +5,29 @@ # - sys_exit() and close() are very important. # - Sorted alphabeetically, please keep it that way. # -# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#2 $ +# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#3 $ +# +__acl_aclcheck_fd +__acl_delete_fd +__acl_get_fd +__acl_set_fd +__mac_get_fd +# +# __mac_get_pid need scoping +# +__mac_get_pid +__mac_get_proc +__mac_set_fd +__mac_set_proc +# +# Certain sysctls need more scoping # +__sysctl +_umtx_lock +_umtx_op +_umtx_unlock +abort2 accept -acl_check_fd -acl_delete_fd -acl_get_fd -acl_set_fd aio_cancel aio_error aio_fsync @@ -20,20 +36,38 @@ aio_suspend aio_waitcomplete aio_write +# +# What to do about audit()? +# +#audit bind cap_enter cap_getmode +cap_getrights cap_new +clock_gettime +clock_getres close connect -extattr_check_fd +dup +dup2 +eaccess +extattr_delete_fd extattr_get_fd extattr_list_fd extattr_set_fd +# +# Possibly fchdir() should be excluded on the basis that this implies access +# to the global namespace, and isn't really useful without it. +# fchdir fchflags fchmod fchown +# +# Need to review fcntl operations for global affects that might need to be +# scoped. +# fcntl flock fork @@ -48,22 +82,118 @@ fsync ftruncate futimes +getaudit +getaudit_addr +getauid +getcontext +getdents getdirentries +getdomainname +getegid +geteuid +gethostid +gethostname +getitimer +getgid +getgroups +# +# Should we allow getlogin? +# +#getlogin +getpagesize getpeername +# +# getpgid needs scoping. +# +getpgid +getpgrp +getpid +# +# getppid might or might not need scoping. +# +getppid +getpriority +getresgid +getresuid +getrlimit +# +# getrusage needs scoping. +# +getrusage +# +# getsid needs scoping. +# +getsid getsockname getsockopt +gettimeofday +getuid +# +# ioctl is dangerous. +# ioctl +issetugid kevent +kmq_notify +kmq_setattr +kmq_timedreceive +kmq_timedsend +# +# kill needs scoping +# +#kill +#killpg kqueue +kse_create +kse_exit +kse_release +kse_switchin +kse_thr_interrupt +kse_wakeup +ktimer_create +ktimer_delete +ktimer_getoverrun +ktimer_gettime +ktimer_settime +# +# ktrace needs scoping +# +#ktrace +lio_listio listen lseek mac_get_fd mac_set_fd +madvise +mincore +minherit +mlock +mlockall +# +# mmap needs scoping +# mmap +mprotect +msync +munlock +munlockall +munmap +nanosleep +ntp_gettime +oaio_read +oaio_write +obreak +olio_listio +openbsd_poll pipe poll pread preadv +profil +# +# ptrace needs scoping. +# +#ptrace pwrite pwritev read @@ -71,17 +201,107 @@ recv recvfrom recvmsg +rfork +# +# rtprio needs scoping. +# +rtprio +rtprio_thread +sbrk +sched_get_priority_max +sched_get_priority_mind +# +# sched_{get,set}* need scoping. +# +sched_getparam +sched_getscheduler +sched_rr_getinterval +sched_setparam +sched_setscheduler +sched_yield sctp_generic_recvmsg sctp_generic_sendmsg +sctp_generic_sendmsg_iov sctp_peeloff select send +sendfile sendmsg sendto +setaudit +setaudit_addr +setauid +setcontext +setegid +seteuid +setgid +setitimer +# +# Need to think about setpriority and capabilities. +# +setpriority +setregid +setresgid +setresuid +setreuid +setrlimit +setsid +# +# Need to review socket options and decide what to do about ones that manage +# globally visible stack properties. +# setsockopt +# +# Need to think hard about the safety of credential manipulation calls where +# the capability model and UNIX model intersect. +# +setuid +# +# shm_open needs scoping (just anonymous memory). +# +#shm_open shutdown +sigaction +sigaltstack +sigblock +sigpending +sigprocmask +sigqueue +sigreturn +sigsetmask +sigstack +sigsuspend +sigtimedwait +sigvec +sigwaitinfo socketpair +sstk +# +# sync isn't all that harmful, but is global. +# +sync sys_exit -__sysctl +thr_create +thr_exit +thr_kill +# +# thr_kill2 needs scoping. +# +#thr_kill2 +thr_new +thr_self +thr_set_name +thr_suspend +thr_wake +umask +utrace +uuidgen +vfork +# +# wait and wait4 needs process scoping work +# +wait +wait4 write writev +yield ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#8 (text+ko) ==== @@ -36,7 +36,7 @@ { AS(write_args), (sy_call_t *)write, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 4 = write */ { AS(open_args), (sy_call_t *)open, AUE_OPEN_RWTC, NULL, 0, 0, 0 }, /* 5 = open */ { AS(close_args), (sy_call_t *)close, AUE_CLOSE, NULL, 0, 0, SYF_CAPENABLED }, /* 6 = close */ - { AS(wait_args), (sy_call_t *)wait4, AUE_WAIT4, NULL, 0, 0, 0 }, /* 7 = wait4 */ + { AS(wait_args), (sy_call_t *)wait4, AUE_WAIT4, NULL, 0, 0, SYF_CAPENABLED }, /* 7 = wait4 */ { compat(AS(ocreat_args),creat), AUE_CREAT, NULL, 0, 0, 0 }, /* 8 = old creat */ { AS(link_args), (sy_call_t *)link, AUE_LINK, NULL, 0, 0, 0 }, /* 9 = link */ { AS(unlink_args), (sy_call_t *)unlink, AUE_UNLINK, NULL, 0, 0, 0 }, /* 10 = unlink */ @@ -46,13 +46,13 @@ { AS(mknod_args), (sy_call_t *)mknod, AUE_MKNOD, NULL, 0, 0, 0 }, /* 14 = mknod */ { AS(chmod_args), (sy_call_t *)chmod, AUE_CHMOD, NULL, 0, 0, 0 }, /* 15 = chmod */ { AS(chown_args), (sy_call_t *)chown, AUE_CHOWN, NULL, 0, 0, 0 }, /* 16 = chown */ - { AS(obreak_args), (sy_call_t *)obreak, AUE_NULL, NULL, 0, 0, 0 }, /* 17 = break */ + { AS(obreak_args), (sy_call_t *)obreak, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 17 = break */ { compat4(AS(freebsd4_getfsstat_args),getfsstat), AUE_GETFSSTAT, NULL, 0, 0, 0 }, /* 18 = old getfsstat */ { compat(AS(olseek_args),lseek), AUE_LSEEK, NULL, 0, 0, SYF_CAPENABLED }, /* 19 = old lseek */ { 0, (sy_call_t *)getpid, AUE_GETPID, NULL, 0, 0, 0 }, /* 20 = getpid */ { AS(mount_args), (sy_call_t *)mount, AUE_MOUNT, NULL, 0, 0, 0 }, /* 21 = mount */ { AS(unmount_args), (sy_call_t *)unmount, AUE_UMOUNT, NULL, 0, 0, 0 }, /* 22 = unmount */ - { AS(setuid_args), (sy_call_t *)setuid, AUE_SETUID, NULL, 0, 0, 0 }, /* 23 = setuid */ + { AS(setuid_args), (sy_call_t *)setuid, AUE_SETUID, NULL, 0, 0, SYF_CAPENABLED }, /* 23 = setuid */ { 0, (sy_call_t *)getuid, AUE_GETUID, NULL, 0, 0, 0 }, /* 24 = getuid */ { 0, (sy_call_t *)geteuid, AUE_GETEUID, NULL, 0, 0, 0 }, /* 25 = geteuid */ { AS(ptrace_args), (sy_call_t *)ptrace, AUE_PTRACE, NULL, 0, 0, 0 }, /* 26 = ptrace */ @@ -70,83 +70,83 @@ { compat(AS(ostat_args),stat), AUE_STAT, NULL, 0, 0, 0 }, /* 38 = old stat */ { 0, (sy_call_t *)getppid, AUE_GETPPID, NULL, 0, 0, 0 }, /* 39 = getppid */ { compat(AS(olstat_args),lstat), AUE_LSTAT, NULL, 0, 0, 0 }, /* 40 = old lstat */ - { AS(dup_args), (sy_call_t *)dup, AUE_DUP, NULL, 0, 0, 0 }, /* 41 = dup */ + { AS(dup_args), (sy_call_t *)dup, AUE_DUP, NULL, 0, 0, SYF_CAPENABLED }, /* 41 = dup */ { 0, (sy_call_t *)pipe, AUE_PIPE, NULL, 0, 0, 0 }, /* 42 = pipe */ { 0, (sy_call_t *)getegid, AUE_GETEGID, NULL, 0, 0, 0 }, /* 43 = getegid */ - { AS(profil_args), (sy_call_t *)profil, AUE_PROFILE, NULL, 0, 0, 0 }, /* 44 = profil */ + { AS(profil_args), (sy_call_t *)profil, AUE_PROFILE, NULL, 0, 0, SYF_CAPENABLED }, /* 44 = profil */ { AS(ktrace_args), (sy_call_t *)ktrace, AUE_KTRACE, NULL, 0, 0, 0 }, /* 45 = ktrace */ - { compat(AS(osigaction_args),sigaction), AUE_SIGACTION, NULL, 0, 0, 0 }, /* 46 = old sigaction */ + { compat(AS(osigaction_args),sigaction), AUE_SIGACTION, NULL, 0, 0, SYF_CAPENABLED }, /* 46 = old sigaction */ { 0, (sy_call_t *)getgid, AUE_GETGID, NULL, 0, 0, 0 }, /* 47 = getgid */ - { compat(AS(osigprocmask_args),sigprocmask), AUE_SIGPROCMASK, NULL, 0, 0, 0 }, /* 48 = old sigprocmask */ + { compat(AS(osigprocmask_args),sigprocmask), AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED }, /* 48 = old sigprocmask */ { AS(getlogin_args), (sy_call_t *)getlogin, AUE_GETLOGIN, NULL, 0, 0, 0 }, /* 49 = getlogin */ { AS(setlogin_args), (sy_call_t *)setlogin, AUE_SETLOGIN, NULL, 0, 0, 0 }, /* 50 = setlogin */ { AS(acct_args), (sy_call_t *)acct, AUE_ACCT, NULL, 0, 0, 0 }, /* 51 = acct */ { compat(0,sigpending), AUE_SIGPENDING, NULL, 0, 0, 0 }, /* 52 = old sigpending */ - { AS(sigaltstack_args), (sy_call_t *)sigaltstack, AUE_SIGALTSTACK, NULL, 0, 0, 0 }, /* 53 = sigaltstack */ + { AS(sigaltstack_args), (sy_call_t *)sigaltstack, AUE_SIGALTSTACK, NULL, 0, 0, SYF_CAPENABLED }, /* 53 = sigaltstack */ { AS(ioctl_args), (sy_call_t *)ioctl, AUE_IOCTL, NULL, 0, 0, SYF_CAPENABLED }, /* 54 = ioctl */ { AS(reboot_args), (sy_call_t *)reboot, AUE_REBOOT, NULL, 0, 0, 0 }, /* 55 = reboot */ { AS(revoke_args), (sy_call_t *)revoke, AUE_REVOKE, NULL, 0, 0, 0 }, /* 56 = revoke */ { AS(symlink_args), (sy_call_t *)symlink, AUE_SYMLINK, NULL, 0, 0, 0 }, /* 57 = symlink */ { AS(readlink_args), (sy_call_t *)readlink, AUE_READLINK, NULL, 0, 0, 0 }, /* 58 = readlink */ { AS(execve_args), (sy_call_t *)execve, AUE_EXECVE, NULL, 0, 0, 0 }, /* 59 = execve */ - { AS(umask_args), (sy_call_t *)umask, AUE_UMASK, NULL, 0, 0, 0 }, /* 60 = umask */ + { AS(umask_args), (sy_call_t *)umask, AUE_UMASK, NULL, 0, 0, SYF_CAPENABLED }, /* 60 = umask */ { AS(chroot_args), (sy_call_t *)chroot, AUE_CHROOT, NULL, 0, 0, 0 }, /* 61 = chroot */ { compat(AS(ofstat_args),fstat), AUE_FSTAT, NULL, 0, 0, SYF_CAPENABLED }, /* 62 = old fstat */ { compat(AS(getkerninfo_args),getkerninfo), AUE_NULL, NULL, 0, 0, 0 }, /* 63 = old getkerninfo */ { compat(0,getpagesize), AUE_NULL, NULL, 0, 0, 0 }, /* 64 = old getpagesize */ - { AS(msync_args), (sy_call_t *)msync, AUE_MSYNC, NULL, 0, 0, 0 }, /* 65 = msync */ + { AS(msync_args), (sy_call_t *)msync, AUE_MSYNC, NULL, 0, 0, SYF_CAPENABLED }, /* 65 = msync */ { 0, (sy_call_t *)vfork, AUE_VFORK, NULL, 0, 0, 0 }, /* 66 = vfork */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 67 = obsolete vread */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 68 = obsolete vwrite */ - { AS(sbrk_args), (sy_call_t *)sbrk, AUE_SBRK, NULL, 0, 0, 0 }, /* 69 = sbrk */ - { AS(sstk_args), (sy_call_t *)sstk, AUE_SSTK, NULL, 0, 0, 0 }, /* 70 = sstk */ + { AS(sbrk_args), (sy_call_t *)sbrk, AUE_SBRK, NULL, 0, 0, SYF_CAPENABLED }, /* 69 = sbrk */ + { AS(sstk_args), (sy_call_t *)sstk, AUE_SSTK, NULL, 0, 0, SYF_CAPENABLED }, /* 70 = sstk */ { compat(AS(ommap_args),mmap), AUE_MMAP, NULL, 0, 0, SYF_CAPENABLED }, /* 71 = old mmap */ { AS(ovadvise_args), (sy_call_t *)ovadvise, AUE_O_VADVISE, NULL, 0, 0, 0 }, /* 72 = vadvise */ - { AS(munmap_args), (sy_call_t *)munmap, AUE_MUNMAP, NULL, 0, 0, 0 }, /* 73 = munmap */ - { AS(mprotect_args), (sy_call_t *)mprotect, AUE_MPROTECT, NULL, 0, 0, 0 }, /* 74 = mprotect */ - { AS(madvise_args), (sy_call_t *)madvise, AUE_MADVISE, NULL, 0, 0, 0 }, /* 75 = madvise */ + { AS(munmap_args), (sy_call_t *)munmap, AUE_MUNMAP, NULL, 0, 0, SYF_CAPENABLED }, /* 73 = munmap */ + { AS(mprotect_args), (sy_call_t *)mprotect, AUE_MPROTECT, NULL, 0, 0, SYF_CAPENABLED }, /* 74 = mprotect */ + { AS(madvise_args), (sy_call_t *)madvise, AUE_MADVISE, NULL, 0, 0, SYF_CAPENABLED }, /* 75 = madvise */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 76 = obsolete vhangup */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 77 = obsolete vlimit */ - { AS(mincore_args), (sy_call_t *)mincore, AUE_MINCORE, NULL, 0, 0, 0 }, /* 78 = mincore */ - { AS(getgroups_args), (sy_call_t *)getgroups, AUE_GETGROUPS, NULL, 0, 0, 0 }, /* 79 = getgroups */ + { AS(mincore_args), (sy_call_t *)mincore, AUE_MINCORE, NULL, 0, 0, SYF_CAPENABLED }, /* 78 = mincore */ + { AS(getgroups_args), (sy_call_t *)getgroups, AUE_GETGROUPS, NULL, 0, 0, SYF_CAPENABLED }, /* 79 = getgroups */ { AS(setgroups_args), (sy_call_t *)setgroups, AUE_SETGROUPS, NULL, 0, 0, 0 }, /* 80 = setgroups */ { 0, (sy_call_t *)getpgrp, AUE_GETPGRP, NULL, 0, 0, 0 }, /* 81 = getpgrp */ { AS(setpgid_args), (sy_call_t *)setpgid, AUE_SETPGRP, NULL, 0, 0, 0 }, /* 82 = setpgid */ - { AS(setitimer_args), (sy_call_t *)setitimer, AUE_SETITIMER, NULL, 0, 0, 0 }, /* 83 = setitimer */ + { AS(setitimer_args), (sy_call_t *)setitimer, AUE_SETITIMER, NULL, 0, 0, SYF_CAPENABLED }, /* 83 = setitimer */ { compat(0,wait), AUE_WAIT4, NULL, 0, 0, 0 }, /* 84 = old wait */ { AS(swapon_args), (sy_call_t *)swapon, AUE_SWAPON, NULL, 0, 0, 0 }, /* 85 = swapon */ - { AS(getitimer_args), (sy_call_t *)getitimer, AUE_GETITIMER, NULL, 0, 0, 0 }, /* 86 = getitimer */ - { compat(AS(gethostname_args),gethostname), AUE_SYSCTL, NULL, 0, 0, 0 }, /* 87 = old gethostname */ + { AS(getitimer_args), (sy_call_t *)getitimer, AUE_GETITIMER, NULL, 0, 0, SYF_CAPENABLED }, /* 86 = getitimer */ + { compat(AS(gethostname_args),gethostname), AUE_SYSCTL, NULL, 0, 0, SYF_CAPENABLED }, /* 87 = old gethostname */ { compat(AS(sethostname_args),sethostname), AUE_SYSCTL, NULL, 0, 0, 0 }, /* 88 = old sethostname */ { 0, (sy_call_t *)getdtablesize, AUE_GETDTABLESIZE, NULL, 0, 0, 0 }, /* 89 = getdtablesize */ - { AS(dup2_args), (sy_call_t *)dup2, AUE_DUP2, NULL, 0, 0, 0 }, /* 90 = dup2 */ + { AS(dup2_args), (sy_call_t *)dup2, AUE_DUP2, NULL, 0, 0, SYF_CAPENABLED }, /* 90 = dup2 */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 91 = getdopt */ { AS(fcntl_args), (sy_call_t *)fcntl, AUE_FCNTL, NULL, 0, 0, SYF_CAPENABLED }, /* 92 = fcntl */ { AS(select_args), (sy_call_t *)select, AUE_SELECT, NULL, 0, 0, SYF_CAPENABLED }, /* 93 = select */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 94 = setdopt */ { AS(fsync_args), (sy_call_t *)fsync, AUE_FSYNC, NULL, 0, 0, SYF_CAPENABLED }, /* 95 = fsync */ - { AS(setpriority_args), (sy_call_t *)setpriority, AUE_SETPRIORITY, NULL, 0, 0, 0 }, /* 96 = setpriority */ + { AS(setpriority_args), (sy_call_t *)setpriority, AUE_SETPRIORITY, NULL, 0, 0, SYF_CAPENABLED }, /* 96 = setpriority */ { AS(socket_args), (sy_call_t *)socket, AUE_SOCKET, NULL, 0, 0, 0 }, /* 97 = socket */ { AS(connect_args), (sy_call_t *)connect, AUE_CONNECT, NULL, 0, 0, SYF_CAPENABLED }, /* 98 = connect */ { compat(AS(accept_args),accept), AUE_ACCEPT, NULL, 0, 0, SYF_CAPENABLED }, /* 99 = old accept */ - { AS(getpriority_args), (sy_call_t *)getpriority, AUE_GETPRIORITY, NULL, 0, 0, 0 }, /* 100 = getpriority */ + { AS(getpriority_args), (sy_call_t *)getpriority, AUE_GETPRIORITY, NULL, 0, 0, SYF_CAPENABLED }, /* 100 = getpriority */ { compat(AS(osend_args),send), AUE_SEND, NULL, 0, 0, SYF_CAPENABLED }, /* 101 = old send */ { compat(AS(orecv_args),recv), AUE_RECV, NULL, 0, 0, SYF_CAPENABLED }, /* 102 = old recv */ - { compat(AS(osigreturn_args),sigreturn), AUE_SIGRETURN, NULL, 0, 0, 0 }, /* 103 = old sigreturn */ + { compat(AS(osigreturn_args),sigreturn), AUE_SIGRETURN, NULL, 0, 0, SYF_CAPENABLED }, /* 103 = old sigreturn */ { AS(bind_args), (sy_call_t *)bind, AUE_BIND, NULL, 0, 0, SYF_CAPENABLED }, /* 104 = bind */ { AS(setsockopt_args), (sy_call_t *)setsockopt, AUE_SETSOCKOPT, NULL, 0, 0, SYF_CAPENABLED }, /* 105 = setsockopt */ { AS(listen_args), (sy_call_t *)listen, AUE_LISTEN, NULL, 0, 0, SYF_CAPENABLED }, /* 106 = listen */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 107 = obsolete vtimes */ - { compat(AS(osigvec_args),sigvec), AUE_NULL, NULL, 0, 0, 0 }, /* 108 = old sigvec */ - { compat(AS(osigblock_args),sigblock), AUE_NULL, NULL, 0, 0, 0 }, /* 109 = old sigblock */ - { compat(AS(osigsetmask_args),sigsetmask), AUE_NULL, NULL, 0, 0, 0 }, /* 110 = old sigsetmask */ - { compat(AS(osigsuspend_args),sigsuspend), AUE_NULL, NULL, 0, 0, 0 }, /* 111 = old sigsuspend */ - { compat(AS(osigstack_args),sigstack), AUE_NULL, NULL, 0, 0, 0 }, /* 112 = old sigstack */ + { compat(AS(osigvec_args),sigvec), AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 108 = old sigvec */ + { compat(AS(osigblock_args),sigblock), AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 109 = old sigblock */ + { compat(AS(osigsetmask_args),sigsetmask), AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 110 = old sigsetmask */ + { compat(AS(osigsuspend_args),sigsuspend), AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 111 = old sigsuspend */ + { compat(AS(osigstack_args),sigstack), AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 112 = old sigstack */ { compat(AS(orecvmsg_args),recvmsg), AUE_RECVMSG, NULL, 0, 0, SYF_CAPENABLED }, /* 113 = old recvmsg */ { compat(AS(osendmsg_args),sendmsg), AUE_SENDMSG, NULL, 0, 0, SYF_CAPENABLED }, /* 114 = old sendmsg */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 115 = obsolete vtrace */ - { AS(gettimeofday_args), (sy_call_t *)gettimeofday, AUE_GETTIMEOFDAY, NULL, 0, 0, 0 }, /* 116 = gettimeofday */ - { AS(getrusage_args), (sy_call_t *)getrusage, AUE_GETRUSAGE, NULL, 0, 0, 0 }, /* 117 = getrusage */ + { AS(gettimeofday_args), (sy_call_t *)gettimeofday, AUE_GETTIMEOFDAY, NULL, 0, 0, SYF_CAPENABLED }, /* 116 = gettimeofday */ + { AS(getrusage_args), (sy_call_t *)getrusage, AUE_GETRUSAGE, NULL, 0, 0, SYF_CAPENABLED }, /* 117 = getrusage */ { AS(getsockopt_args), (sy_call_t *)getsockopt, AUE_GETSOCKOPT, NULL, 0, 0, SYF_CAPENABLED }, /* 118 = getsockopt */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 119 = resuba */ { AS(readv_args), (sy_call_t *)readv, AUE_READV, NULL, 0, 0, SYF_CAPENABLED }, /* 120 = readv */ @@ -155,8 +155,8 @@ { AS(fchown_args), (sy_call_t *)fchown, AUE_FCHOWN, NULL, 0, 0, SYF_CAPENABLED }, /* 123 = fchown */ { AS(fchmod_args), (sy_call_t *)fchmod, AUE_FCHMOD, NULL, 0, 0, SYF_CAPENABLED }, /* 124 = fchmod */ { compat(AS(recvfrom_args),recvfrom), AUE_RECVFROM, NULL, 0, 0, SYF_CAPENABLED }, /* 125 = old recvfrom */ - { AS(setreuid_args), (sy_call_t *)setreuid, AUE_SETREUID, NULL, 0, 0, 0 }, /* 126 = setreuid */ - { AS(setregid_args), (sy_call_t *)setregid, AUE_SETREGID, NULL, 0, 0, 0 }, /* 127 = setregid */ + { AS(setreuid_args), (sy_call_t *)setreuid, AUE_SETREUID, NULL, 0, 0, SYF_CAPENABLED }, /* 126 = setreuid */ + { AS(setregid_args), (sy_call_t *)setregid, AUE_SETREGID, NULL, 0, 0, SYF_CAPENABLED }, /* 127 = setregid */ { AS(rename_args), (sy_call_t *)rename, AUE_RENAME, NULL, 0, 0, 0 }, /* 128 = rename */ { compat(AS(otruncate_args),truncate), AUE_TRUNCATE, NULL, 0, 0, 0 }, /* 129 = old truncate */ { compat(AS(oftruncate_args),ftruncate), AUE_FTRUNCATE, NULL, 0, 0, SYF_CAPENABLED }, /* 130 = old ftruncate */ @@ -173,8 +173,8 @@ { compat(AS(ogetpeername_args),getpeername), AUE_GETPEERNAME, NULL, 0, 0, SYF_CAPENABLED }, /* 141 = old getpeername */ { compat(0,gethostid), AUE_SYSCTL, NULL, 0, 0, 0 }, /* 142 = old gethostid */ { compat(AS(osethostid_args),sethostid), AUE_SYSCTL, NULL, 0, 0, 0 }, /* 143 = old sethostid */ - { compat(AS(ogetrlimit_args),getrlimit), AUE_GETRLIMIT, NULL, 0, 0, 0 }, /* 144 = old getrlimit */ - { compat(AS(osetrlimit_args),setrlimit), AUE_SETRLIMIT, NULL, 0, 0, 0 }, /* 145 = old setrlimit */ + { compat(AS(ogetrlimit_args),getrlimit), AUE_GETRLIMIT, NULL, 0, 0, SYF_CAPENABLED }, /* 144 = old getrlimit */ + { compat(AS(osetrlimit_args),setrlimit), AUE_SETRLIMIT, NULL, 0, 0, SYF_CAPENABLED }, /* 145 = old setrlimit */ { compat(AS(okillpg_args),killpg), AUE_KILLPG, NULL, 0, 0, 0 }, /* 146 = old killpg */ { 0, (sy_call_t *)setsid, AUE_SETSID, NULL, 0, 0, 0 }, /* 147 = setsid */ { AS(quotactl_args), (sy_call_t *)quotactl, AUE_QUOTACTL, NULL, 0, 0, 0 }, /* 148 = quotactl */ @@ -191,11 +191,11 @@ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 159 = nosys */ { AS(lgetfh_args), (sy_call_t *)lgetfh, AUE_LGETFH, NULL, 0, 0, 0 }, /* 160 = lgetfh */ { AS(getfh_args), (sy_call_t *)getfh, AUE_NFS_GETFH, NULL, 0, 0, 0 }, /* 161 = getfh */ - { AS(getdomainname_args), (sy_call_t *)getdomainname, AUE_SYSCTL, NULL, 0, 0, 0 }, /* 162 = getdomainname */ + { AS(getdomainname_args), (sy_call_t *)getdomainname, AUE_SYSCTL, NULL, 0, 0, SYF_CAPENABLED }, /* 162 = getdomainname */ { AS(setdomainname_args), (sy_call_t *)setdomainname, AUE_SYSCTL, NULL, 0, 0, 0 }, /* 163 = setdomainname */ { AS(uname_args), (sy_call_t *)uname, AUE_NULL, NULL, 0, 0, 0 }, /* 164 = uname */ { AS(sysarch_args), (sy_call_t *)sysarch, AUE_SYSARCH, NULL, 0, 0, 0 }, /* 165 = sysarch */ - { AS(rtprio_args), (sy_call_t *)rtprio, AUE_RTPRIO, NULL, 0, 0, 0 }, /* 166 = rtprio */ + { AS(rtprio_args), (sy_call_t *)rtprio, AUE_RTPRIO, NULL, 0, 0, SYF_CAPENABLED }, /* 166 = rtprio */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 167 = nosys */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 168 = nosys */ { AS(semsys_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 169 = semsys */ @@ -210,9 +210,9 @@ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 178 = getdescriptor */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 179 = setdescriptor */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 180 = nosys */ - { AS(setgid_args), (sy_call_t *)setgid, AUE_SETGID, NULL, 0, 0, 0 }, /* 181 = setgid */ - { AS(setegid_args), (sy_call_t *)setegid, AUE_SETEGID, NULL, 0, 0, 0 }, /* 182 = setegid */ - { AS(seteuid_args), (sy_call_t *)seteuid, AUE_SETEUID, NULL, 0, 0, 0 }, /* 183 = seteuid */ + { AS(setgid_args), (sy_call_t *)setgid, AUE_SETGID, NULL, 0, 0, SYF_CAPENABLED }, /* 181 = setgid */ + { AS(setegid_args), (sy_call_t *)setegid, AUE_SETEGID, NULL, 0, 0, SYF_CAPENABLED }, /* 182 = setegid */ + { AS(seteuid_args), (sy_call_t *)seteuid, AUE_SETEUID, NULL, 0, 0, SYF_CAPENABLED }, /* 183 = seteuid */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 184 = lfs_bmapv */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 185 = lfs_markv */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 186 = lfs_segclean */ @@ -223,8 +223,8 @@ { AS(pathconf_args), (sy_call_t *)pathconf, AUE_PATHCONF, NULL, 0, 0, 0 }, /* 191 = pathconf */ { AS(fpathconf_args), (sy_call_t *)fpathconf, AUE_FPATHCONF, NULL, 0, 0, SYF_CAPENABLED }, /* 192 = fpathconf */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 193 = nosys */ - { AS(__getrlimit_args), (sy_call_t *)getrlimit, AUE_GETRLIMIT, NULL, 0, 0, 0 }, /* 194 = getrlimit */ - { AS(__setrlimit_args), (sy_call_t *)setrlimit, AUE_SETRLIMIT, NULL, 0, 0, 0 }, /* 195 = setrlimit */ + { AS(__getrlimit_args), (sy_call_t *)getrlimit, AUE_GETRLIMIT, NULL, 0, 0, SYF_CAPENABLED }, /* 194 = getrlimit */ + { AS(__setrlimit_args), (sy_call_t *)setrlimit, AUE_SETRLIMIT, NULL, 0, 0, SYF_CAPENABLED }, /* 195 = setrlimit */ { AS(getdirentries_args), (sy_call_t *)getdirentries, AUE_GETDIRENTRIES, NULL, 0, 0, SYF_CAPENABLED }, /* 196 = getdirentries */ { AS(freebsd6_mmap_args), (sy_call_t *)freebsd6_mmap, AUE_MMAP, NULL, 0, 0, SYF_CAPENABLED }, /* 197 = freebsd6_mmap */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 198 = __syscall */ @@ -232,11 +232,11 @@ { AS(freebsd6_truncate_args), (sy_call_t *)freebsd6_truncate, AUE_TRUNCATE, NULL, 0, 0, 0 }, /* 200 = freebsd6_truncate */ { AS(freebsd6_ftruncate_args), (sy_call_t *)freebsd6_ftruncate, AUE_FTRUNCATE, NULL, 0, 0, SYF_CAPENABLED }, /* 201 = freebsd6_ftruncate */ { AS(sysctl_args), (sy_call_t *)__sysctl, AUE_SYSCTL, NULL, 0, 0, SYF_CAPENABLED }, /* 202 = __sysctl */ - { AS(mlock_args), (sy_call_t *)mlock, AUE_MLOCK, NULL, 0, 0, 0 }, /* 203 = mlock */ - { AS(munlock_args), (sy_call_t *)munlock, AUE_MUNLOCK, NULL, 0, 0, 0 }, /* 204 = munlock */ + { AS(mlock_args), (sy_call_t *)mlock, AUE_MLOCK, NULL, 0, 0, SYF_CAPENABLED }, /* 203 = mlock */ + { AS(munlock_args), (sy_call_t *)munlock, AUE_MUNLOCK, NULL, 0, 0, SYF_CAPENABLED }, /* 204 = munlock */ { AS(undelete_args), (sy_call_t *)undelete, AUE_UNDELETE, NULL, 0, 0, 0 }, /* 205 = undelete */ { AS(futimes_args), (sy_call_t *)futimes, AUE_FUTIMES, NULL, 0, 0, SYF_CAPENABLED }, /* 206 = futimes */ - { AS(getpgid_args), (sy_call_t *)getpgid, AUE_GETPGID, NULL, 0, 0, 0 }, /* 207 = getpgid */ + { AS(getpgid_args), (sy_call_t *)getpgid, AUE_GETPGID, NULL, 0, 0, SYF_CAPENABLED }, /* 207 = getpgid */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 208 = newreboot */ { AS(poll_args), (sy_call_t *)poll, AUE_POLL, NULL, 0, 0, SYF_CAPENABLED }, /* 209 = poll */ { AS(nosys_args), (sy_call_t *)lkmnosys, AUE_NULL, NULL, 0, 0, 0 }, /* 210 = lkmnosys */ @@ -261,15 +261,15 @@ { AS(shmctl_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 229 = shmctl */ { AS(shmdt_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 230 = shmdt */ { AS(shmget_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 231 = shmget */ - { AS(clock_gettime_args), (sy_call_t *)clock_gettime, AUE_NULL, NULL, 0, 0, 0 }, /* 232 = clock_gettime */ + { AS(clock_gettime_args), (sy_call_t *)clock_gettime, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 232 = clock_gettime */ { AS(clock_settime_args), (sy_call_t *)clock_settime, AUE_CLOCK_SETTIME, NULL, 0, 0, 0 }, /* 233 = clock_settime */ - { AS(clock_getres_args), (sy_call_t *)clock_getres, AUE_NULL, NULL, 0, 0, 0 }, /* 234 = clock_getres */ - { AS(ktimer_create_args), (sy_call_t *)ktimer_create, AUE_NULL, NULL, 0, 0, 0 }, /* 235 = ktimer_create */ - { AS(ktimer_delete_args), (sy_call_t *)ktimer_delete, AUE_NULL, NULL, 0, 0, 0 }, /* 236 = ktimer_delete */ - { AS(ktimer_settime_args), (sy_call_t *)ktimer_settime, AUE_NULL, NULL, 0, 0, 0 }, /* 237 = ktimer_settime */ - { AS(ktimer_gettime_args), (sy_call_t *)ktimer_gettime, AUE_NULL, NULL, 0, 0, 0 }, /* 238 = ktimer_gettime */ - { AS(ktimer_getoverrun_args), (sy_call_t *)ktimer_getoverrun, AUE_NULL, NULL, 0, 0, 0 }, /* 239 = ktimer_getoverrun */ - { AS(nanosleep_args), (sy_call_t *)nanosleep, AUE_NULL, NULL, 0, 0, 0 }, /* 240 = nanosleep */ + { AS(clock_getres_args), (sy_call_t *)clock_getres, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 234 = clock_getres */ + { AS(ktimer_create_args), (sy_call_t *)ktimer_create, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 235 = ktimer_create */ + { AS(ktimer_delete_args), (sy_call_t *)ktimer_delete, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 236 = ktimer_delete */ + { AS(ktimer_settime_args), (sy_call_t *)ktimer_settime, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 237 = ktimer_settime */ + { AS(ktimer_gettime_args), (sy_call_t *)ktimer_gettime, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 238 = ktimer_gettime */ + { AS(ktimer_getoverrun_args), (sy_call_t *)ktimer_getoverrun, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 239 = ktimer_getoverrun */ + { AS(nanosleep_args), (sy_call_t *)nanosleep, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 240 = nanosleep */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 241 = nosys */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 242 = nosys */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 243 = nosys */ @@ -277,11 +277,11 @@ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 245 = nosys */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 246 = nosys */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 247 = nosys */ - { AS(ntp_gettime_args), (sy_call_t *)ntp_gettime, AUE_NULL, NULL, 0, 0, 0 }, /* 248 = ntp_gettime */ + { AS(ntp_gettime_args), (sy_call_t *)ntp_gettime, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 248 = ntp_gettime */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 249 = nosys */ - { AS(minherit_args), (sy_call_t *)minherit, AUE_MINHERIT, NULL, 0, 0, 0 }, /* 250 = minherit */ - { AS(rfork_args), (sy_call_t *)rfork, AUE_RFORK, NULL, 0, 0, 0 }, /* 251 = rfork */ - { AS(openbsd_poll_args), (sy_call_t *)openbsd_poll, AUE_POLL, NULL, 0, 0, 0 }, /* 252 = openbsd_poll */ + { AS(minherit_args), (sy_call_t *)minherit, AUE_MINHERIT, NULL, 0, 0, SYF_CAPENABLED }, /* 250 = minherit */ + { AS(rfork_args), (sy_call_t *)rfork, AUE_RFORK, NULL, 0, 0, SYF_CAPENABLED }, /* 251 = rfork */ + { AS(openbsd_poll_args), (sy_call_t *)openbsd_poll, AUE_POLL, NULL, 0, 0, SYF_CAPENABLED }, /* 252 = openbsd_poll */ { 0, (sy_call_t *)issetugid, AUE_ISSETUGID, NULL, 0, 0, 0 }, /* 253 = issetugid */ { AS(lchown_args), (sy_call_t *)lchown, AUE_LCHOWN, NULL, 0, 0, 0 }, /* 254 = lchown */ { AS(aio_read_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 255 = aio_read */ @@ -301,12 +301,12 @@ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 269 = nosys */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 270 = nosys */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 271 = nosys */ - { AS(getdents_args), (sy_call_t *)getdents, AUE_O_GETDENTS, NULL, 0, 0, 0 }, /* 272 = getdents */ + { AS(getdents_args), (sy_call_t *)getdents, AUE_O_GETDENTS, NULL, 0, 0, SYF_CAPENABLED }, /* 272 = getdents */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 273 = nosys */ { AS(lchmod_args), (sy_call_t *)lchmod, AUE_LCHMOD, NULL, 0, 0, 0 }, /* 274 = lchmod */ { AS(lchown_args), (sy_call_t *)lchown, AUE_LCHOWN, NULL, 0, 0, 0 }, /* 275 = netbsd_lchown */ { AS(lutimes_args), (sy_call_t *)lutimes, AUE_LUTIMES, NULL, 0, 0, 0 }, /* 276 = lutimes */ - { AS(msync_args), (sy_call_t *)msync, AUE_MSYNC, NULL, 0, 0, 0 }, /* 277 = netbsd_msync */ + { AS(msync_args), (sy_call_t *)msync, AUE_MSYNC, NULL, 0, 0, SYF_CAPENABLED }, /* 277 = netbsd_msync */ { AS(nstat_args), (sy_call_t *)nstat, AUE_STAT, NULL, 0, 0, 0 }, /* 278 = nstat */ { AS(nfstat_args), (sy_call_t *)nfstat, AUE_FSTAT, NULL, 0, 0, 0 }, /* 279 = nfstat */ { AS(nlstat_args), (sy_call_t *)nlstat, AUE_LSTAT, NULL, 0, 0, 0 }, /* 280 = nlstat */ @@ -339,9 +339,9 @@ { AS(kldnext_args), (sy_call_t *)kldnext, AUE_NULL, NULL, 0, 0, 0 }, /* 307 = kldnext */ { AS(kldstat_args), (sy_call_t *)kldstat, AUE_NULL, NULL, 0, 0, 0 }, /* 308 = kldstat */ { AS(kldfirstmod_args), (sy_call_t *)kldfirstmod, AUE_NULL, NULL, 0, 0, 0 }, /* 309 = kldfirstmod */ - { AS(getsid_args), (sy_call_t *)getsid, AUE_GETSID, NULL, 0, 0, 0 }, /* 310 = getsid */ - { AS(setresuid_args), (sy_call_t *)setresuid, AUE_SETRESUID, NULL, 0, 0, 0 }, /* 311 = setresuid */ - { AS(setresgid_args), (sy_call_t *)setresgid, AUE_SETRESGID, NULL, 0, 0, 0 }, /* 312 = setresgid */ + { AS(getsid_args), (sy_call_t *)getsid, AUE_GETSID, NULL, 0, 0, SYF_CAPENABLED }, /* 310 = getsid */ + { AS(setresuid_args), (sy_call_t *)setresuid, AUE_SETRESUID, NULL, 0, 0, SYF_CAPENABLED }, /* 311 = setresuid */ + { AS(setresgid_args), (sy_call_t *)setresgid, AUE_SETRESGID, NULL, 0, 0, SYF_CAPENABLED }, /* 312 = setresgid */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 313 = obsolete signanosleep */ { AS(aio_return_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 314 = aio_return */ { AS(aio_suspend_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 315 = aio_suspend */ @@ -353,44 +353,44 @@ { 0, (sy_call_t *)yield, AUE_NULL, NULL, 0, 0, 0 }, /* 321 = yield */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 322 = obsolete thr_sleep */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 323 = obsolete thr_wakeup */ - { AS(mlockall_args), (sy_call_t *)mlockall, AUE_MLOCKALL, NULL, 0, 0, 0 }, /* 324 = mlockall */ + { AS(mlockall_args), (sy_call_t *)mlockall, AUE_MLOCKALL, NULL, 0, 0, SYF_CAPENABLED }, /* 324 = mlockall */ { 0, (sy_call_t *)munlockall, AUE_MUNLOCKALL, NULL, 0, 0, 0 }, /* 325 = munlockall */ { AS(__getcwd_args), (sy_call_t *)__getcwd, AUE_GETCWD, NULL, 0, 0, 0 }, /* 326 = __getcwd */ - { AS(sched_setparam_args), (sy_call_t *)sched_setparam, AUE_NULL, NULL, 0, 0, 0 }, /* 327 = sched_setparam */ - { AS(sched_getparam_args), (sy_call_t *)sched_getparam, AUE_NULL, NULL, 0, 0, 0 }, /* 328 = sched_getparam */ - { AS(sched_setscheduler_args), (sy_call_t *)sched_setscheduler, AUE_NULL, NULL, 0, 0, 0 }, /* 329 = sched_setscheduler */ - { AS(sched_getscheduler_args), (sy_call_t *)sched_getscheduler, AUE_NULL, NULL, 0, 0, 0 }, /* 330 = sched_getscheduler */ + { AS(sched_setparam_args), (sy_call_t *)sched_setparam, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 327 = sched_setparam */ + { AS(sched_getparam_args), (sy_call_t *)sched_getparam, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 328 = sched_getparam */ + { AS(sched_setscheduler_args), (sy_call_t *)sched_setscheduler, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 329 = sched_setscheduler */ + { AS(sched_getscheduler_args), (sy_call_t *)sched_getscheduler, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 330 = sched_getscheduler */ { 0, (sy_call_t *)sched_yield, AUE_NULL, NULL, 0, 0, 0 }, /* 331 = sched_yield */ - { AS(sched_get_priority_max_args), (sy_call_t *)sched_get_priority_max, AUE_NULL, NULL, 0, 0, 0 }, /* 332 = sched_get_priority_max */ + { AS(sched_get_priority_max_args), (sy_call_t *)sched_get_priority_max, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 332 = sched_get_priority_max */ { AS(sched_get_priority_min_args), (sy_call_t *)sched_get_priority_min, AUE_NULL, NULL, 0, 0, 0 }, /* 333 = sched_get_priority_min */ { AS(sched_rr_get_interval_args), (sy_call_t *)sched_rr_get_interval, AUE_NULL, NULL, 0, 0, 0 }, /* 334 = sched_rr_get_interval */ - { AS(utrace_args), (sy_call_t *)utrace, AUE_NULL, NULL, 0, 0, 0 }, /* 335 = utrace */ - { compat4(AS(freebsd4_sendfile_args),sendfile), AUE_SENDFILE, NULL, 0, 0, 0 }, /* 336 = old sendfile */ + { AS(utrace_args), (sy_call_t *)utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 335 = utrace */ + { compat4(AS(freebsd4_sendfile_args),sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED }, /* 336 = old sendfile */ { AS(kldsym_args), (sy_call_t *)kldsym, AUE_NULL, NULL, 0, 0, 0 }, /* 337 = kldsym */ { AS(jail_args), (sy_call_t *)jail, AUE_JAIL, NULL, 0, 0, 0 }, /* 338 = jail */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 339 = pioctl */ - { AS(sigprocmask_args), (sy_call_t *)sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, 0 }, /* 340 = sigprocmask */ - { AS(sigsuspend_args), (sy_call_t *)sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, 0 }, /* 341 = sigsuspend */ - { compat4(AS(freebsd4_sigaction_args),sigaction), AUE_SIGACTION, NULL, 0, 0, 0 }, /* 342 = old sigaction */ - { AS(sigpending_args), (sy_call_t *)sigpending, AUE_SIGPENDING, NULL, 0, 0, 0 }, /* 343 = sigpending */ - { compat4(AS(freebsd4_sigreturn_args),sigreturn), AUE_SIGRETURN, NULL, 0, 0, 0 }, /* 344 = old sigreturn */ - { AS(sigtimedwait_args), (sy_call_t *)sigtimedwait, AUE_SIGWAIT, NULL, 0, 0, 0 }, /* 345 = sigtimedwait */ - { AS(sigwaitinfo_args), (sy_call_t *)sigwaitinfo, AUE_NULL, NULL, 0, 0, 0 }, /* 346 = sigwaitinfo */ + { AS(sigprocmask_args), (sy_call_t *)sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED }, /* 340 = sigprocmask */ + { AS(sigsuspend_args), (sy_call_t *)sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED }, /* 341 = sigsuspend */ + { compat4(AS(freebsd4_sigaction_args),sigaction), AUE_SIGACTION, NULL, 0, 0, SYF_CAPENABLED }, /* 342 = old sigaction */ + { AS(sigpending_args), (sy_call_t *)sigpending, AUE_SIGPENDING, NULL, 0, 0, SYF_CAPENABLED }, /* 343 = sigpending */ + { compat4(AS(freebsd4_sigreturn_args),sigreturn), AUE_SIGRETURN, NULL, 0, 0, SYF_CAPENABLED }, /* 344 = old sigreturn */ + { AS(sigtimedwait_args), (sy_call_t *)sigtimedwait, AUE_SIGWAIT, NULL, 0, 0, SYF_CAPENABLED }, /* 345 = sigtimedwait */ + { AS(sigwaitinfo_args), (sy_call_t *)sigwaitinfo, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 346 = sigwaitinfo */ { AS(__acl_get_file_args), (sy_call_t *)__acl_get_file, AUE_NULL, NULL, 0, 0, 0 }, /* 347 = __acl_get_file */ { AS(__acl_set_file_args), (sy_call_t *)__acl_set_file, AUE_NULL, NULL, 0, 0, 0 }, /* 348 = __acl_set_file */ - { AS(__acl_get_fd_args), (sy_call_t *)__acl_get_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 349 = __acl_get_fd */ - { AS(__acl_set_fd_args), (sy_call_t *)__acl_set_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 350 = __acl_set_fd */ + { AS(__acl_get_fd_args), (sy_call_t *)__acl_get_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 349 = __acl_get_fd */ + { AS(__acl_set_fd_args), (sy_call_t *)__acl_set_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 350 = __acl_set_fd */ { AS(__acl_delete_file_args), (sy_call_t *)__acl_delete_file, AUE_NULL, NULL, 0, 0, 0 }, /* 351 = __acl_delete_file */ - { AS(__acl_delete_fd_args), (sy_call_t *)__acl_delete_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 352 = __acl_delete_fd */ + { AS(__acl_delete_fd_args), (sy_call_t *)__acl_delete_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 352 = __acl_delete_fd */ { AS(__acl_aclcheck_file_args), (sy_call_t *)__acl_aclcheck_file, AUE_NULL, NULL, 0, 0, 0 }, /* 353 = __acl_aclcheck_file */ - { AS(__acl_aclcheck_fd_args), (sy_call_t *)__acl_aclcheck_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 354 = __acl_aclcheck_fd */ + { AS(__acl_aclcheck_fd_args), (sy_call_t *)__acl_aclcheck_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 354 = __acl_aclcheck_fd */ { AS(extattrctl_args), (sy_call_t *)extattrctl, AUE_EXTATTRCTL, NULL, 0, 0, 0 }, /* 355 = extattrctl */ { AS(extattr_set_file_args), (sy_call_t *)extattr_set_file, AUE_EXTATTR_SET_FILE, NULL, 0, 0, 0 }, /* 356 = extattr_set_file */ { AS(extattr_get_file_args), (sy_call_t *)extattr_get_file, AUE_EXTATTR_GET_FILE, NULL, 0, 0, 0 }, /* 357 = extattr_get_file */ { AS(extattr_delete_file_args), (sy_call_t *)extattr_delete_file, AUE_EXTATTR_DELETE_FILE, NULL, 0, 0, 0 }, /* 358 = extattr_delete_file */ { AS(aio_waitcomplete_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 359 = aio_waitcomplete */ - { AS(getresuid_args), (sy_call_t *)getresuid, AUE_GETRESUID, NULL, 0, 0, 0 }, /* 360 = getresuid */ - { AS(getresgid_args), (sy_call_t *)getresgid, AUE_GETRESGID, NULL, 0, 0, 0 }, /* 361 = getresgid */ + { AS(getresuid_args), (sy_call_t *)getresuid, AUE_GETRESUID, NULL, 0, 0, SYF_CAPENABLED }, /* 360 = getresuid */ + { AS(getresgid_args), (sy_call_t *)getresgid, AUE_GETRESGID, NULL, 0, 0, SYF_CAPENABLED }, /* 361 = getresgid */ { 0, (sy_call_t *)kqueue, AUE_KQUEUE, NULL, 0, 0, 0 }, /* 362 = kqueue */ { AS(kevent_args), (sy_call_t *)kevent, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 363 = kevent */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 364 = __cap_get_proc */ @@ -402,27 +402,27 @@ { AS(nosys_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 370 = lkmressys */ { AS(extattr_set_fd_args), (sy_call_t *)extattr_set_fd, AUE_EXTATTR_SET_FD, NULL, 0, 0, SYF_CAPENABLED }, /* 371 = extattr_set_fd */ { AS(extattr_get_fd_args), (sy_call_t *)extattr_get_fd, AUE_EXTATTR_GET_FD, NULL, 0, 0, SYF_CAPENABLED }, /* 372 = extattr_get_fd */ - { AS(extattr_delete_fd_args), (sy_call_t *)extattr_delete_fd, AUE_EXTATTR_DELETE_FD, NULL, 0, 0, 0 }, /* 373 = extattr_delete_fd */ + { AS(extattr_delete_fd_args), (sy_call_t *)extattr_delete_fd, AUE_EXTATTR_DELETE_FD, NULL, 0, 0, SYF_CAPENABLED }, /* 373 = extattr_delete_fd */ { AS(__setugid_args), (sy_call_t *)__setugid, AUE_NULL, NULL, 0, 0, 0 }, /* 374 = __setugid */ { AS(nfsclnt_args), (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 375 = nfsclnt */ - { AS(eaccess_args), (sy_call_t *)eaccess, AUE_EACCESS, NULL, 0, 0, 0 }, /* 376 = eaccess */ + { AS(eaccess_args), (sy_call_t *)eaccess, AUE_EACCESS, NULL, 0, 0, SYF_CAPENABLED }, /* 376 = eaccess */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 377 = afs_syscall */ { AS(nmount_args), (sy_call_t *)nmount, AUE_NMOUNT, NULL, 0, 0, 0 }, /* 378 = nmount */ { 0, (sy_call_t *)kse_exit, AUE_NULL, NULL, 0, 0, 0 }, /* 379 = kse_exit */ - { AS(kse_wakeup_args), (sy_call_t *)kse_wakeup, AUE_NULL, NULL, 0, 0, 0 }, /* 380 = kse_wakeup */ - { AS(kse_create_args), (sy_call_t *)kse_create, AUE_NULL, NULL, 0, 0, 0 }, /* 381 = kse_create */ - { AS(kse_thr_interrupt_args), (sy_call_t *)kse_thr_interrupt, AUE_NULL, NULL, 0, 0, 0 }, /* 382 = kse_thr_interrupt */ - { AS(kse_release_args), (sy_call_t *)kse_release, AUE_NULL, NULL, 0, 0, 0 }, /* 383 = kse_release */ - { AS(__mac_get_proc_args), (sy_call_t *)__mac_get_proc, AUE_NULL, NULL, 0, 0, 0 }, /* 384 = __mac_get_proc */ - { AS(__mac_set_proc_args), (sy_call_t *)__mac_set_proc, AUE_NULL, NULL, 0, 0, 0 }, /* 385 = __mac_set_proc */ - { AS(__mac_get_fd_args), (sy_call_t *)__mac_get_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 386 = __mac_get_fd */ + { AS(kse_wakeup_args), (sy_call_t *)kse_wakeup, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 380 = kse_wakeup */ + { AS(kse_create_args), (sy_call_t *)kse_create, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 381 = kse_create */ + { AS(kse_thr_interrupt_args), (sy_call_t *)kse_thr_interrupt, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 382 = kse_thr_interrupt */ + { AS(kse_release_args), (sy_call_t *)kse_release, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 383 = kse_release */ + { AS(__mac_get_proc_args), (sy_call_t *)__mac_get_proc, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 384 = __mac_get_proc */ + { AS(__mac_set_proc_args), (sy_call_t *)__mac_set_proc, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 385 = __mac_set_proc */ + { AS(__mac_get_fd_args), (sy_call_t *)__mac_get_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 386 = __mac_get_fd */ { AS(__mac_get_file_args), (sy_call_t *)__mac_get_file, AUE_NULL, NULL, 0, 0, 0 }, /* 387 = __mac_get_file */ - { AS(__mac_set_fd_args), (sy_call_t *)__mac_set_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 388 = __mac_set_fd */ + { AS(__mac_set_fd_args), (sy_call_t *)__mac_set_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 388 = __mac_set_fd */ { AS(__mac_set_file_args), (sy_call_t *)__mac_set_file, AUE_NULL, NULL, 0, 0, 0 }, /* 389 = __mac_set_file */ { AS(kenv_args), (sy_call_t *)kenv, AUE_NULL, NULL, 0, 0, 0 }, /* 390 = kenv */ { AS(lchflags_args), (sy_call_t *)lchflags, AUE_LCHFLAGS, NULL, 0, 0, 0 }, /* 391 = lchflags */ - { AS(uuidgen_args), (sy_call_t *)uuidgen, AUE_NULL, NULL, 0, 0, 0 }, /* 392 = uuidgen */ - { AS(sendfile_args), (sy_call_t *)sendfile, AUE_SENDFILE, NULL, 0, 0, 0 }, /* 393 = sendfile */ + { AS(uuidgen_args), (sy_call_t *)uuidgen, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 392 = uuidgen */ + { AS(sendfile_args), (sy_call_t *)sendfile, AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED }, /* 393 = sendfile */ { AS(mac_syscall_args), (sy_call_t *)mac_syscall, AUE_NULL, NULL, 0, 0, 0 }, /* 394 = mac_syscall */ { AS(getfsstat_args), (sy_call_t *)getfsstat, AUE_GETFSSTAT, NULL, 0, 0, 0 }, /* 395 = getfsstat */ { AS(statfs_args), (sy_call_t *)statfs, AUE_STATFS, NULL, 0, 0, 0 }, /* 396 = statfs */ @@ -438,20 +438,20 @@ { AS(ksem_unlink_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 406 = ksem_unlink */ { AS(ksem_getvalue_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 407 = ksem_getvalue */ { AS(ksem_destroy_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 408 = ksem_destroy */ - { AS(__mac_get_pid_args), (sy_call_t *)__mac_get_pid, AUE_NULL, NULL, 0, 0, 0 }, /* 409 = __mac_get_pid */ + { AS(__mac_get_pid_args), (sy_call_t *)__mac_get_pid, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 409 = __mac_get_pid */ { AS(__mac_get_link_args), (sy_call_t *)__mac_get_link, AUE_NULL, NULL, 0, 0, 0 }, /* 410 = __mac_get_link */ { AS(__mac_set_link_args), (sy_call_t *)__mac_set_link, AUE_NULL, NULL, 0, 0, 0 }, /* 411 = __mac_set_link */ { AS(extattr_set_link_args), (sy_call_t *)extattr_set_link, AUE_EXTATTR_SET_LINK, NULL, 0, 0, 0 }, /* 412 = extattr_set_link */ { AS(extattr_get_link_args), (sy_call_t *)extattr_get_link, AUE_EXTATTR_GET_LINK, NULL, 0, 0, 0 }, /* 413 = extattr_get_link */ { AS(extattr_delete_link_args), (sy_call_t *)extattr_delete_link, AUE_EXTATTR_DELETE_LINK, NULL, 0, 0, 0 }, /* 414 = extattr_delete_link */ { AS(__mac_execve_args), (sy_call_t *)__mac_execve, AUE_NULL, NULL, 0, 0, 0 }, /* 415 = __mac_execve */ - { AS(sigaction_args), (sy_call_t *)sigaction, AUE_SIGACTION, NULL, 0, 0, 0 }, /* 416 = sigaction */ - { AS(sigreturn_args), (sy_call_t *)sigreturn, AUE_SIGRETURN, NULL, 0, 0, 0 }, /* 417 = sigreturn */ + { AS(sigaction_args), (sy_call_t *)sigaction, AUE_SIGACTION, NULL, 0, 0, SYF_CAPENABLED }, /* 416 = sigaction */ + { AS(sigreturn_args), (sy_call_t *)sigreturn, AUE_SIGRETURN, NULL, 0, 0, SYF_CAPENABLED }, /* 417 = sigreturn */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 418 = __xstat */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 419 = __xfstat */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 420 = __xlstat */ - { AS(getcontext_args), (sy_call_t *)getcontext, AUE_NULL, NULL, 0, 0, 0 }, /* 421 = getcontext */ - { AS(setcontext_args), (sy_call_t *)setcontext, AUE_NULL, NULL, 0, 0, 0 }, /* 422 = setcontext */ + { AS(getcontext_args), (sy_call_t *)getcontext, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 421 = getcontext */ + { AS(setcontext_args), (sy_call_t *)setcontext, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 422 = setcontext */ { AS(swapcontext_args), (sy_call_t *)swapcontext, AUE_NULL, NULL, 0, 0, 0 }, /* 423 = swapcontext */ { AS(swapoff_args), (sy_call_t *)swapoff, AUE_SWAPOFF, NULL, 0, 0, 0 }, /* 424 = swapoff */ { AS(__acl_get_link_args), (sy_call_t *)__acl_get_link, AUE_NULL, NULL, 0, 0, 0 }, /* 425 = __acl_get_link */ @@ -459,50 +459,50 @@ { AS(__acl_delete_link_args), (sy_call_t *)__acl_delete_link, AUE_NULL, NULL, 0, 0, 0 }, /* 427 = __acl_delete_link */ { AS(__acl_aclcheck_link_args), (sy_call_t *)__acl_aclcheck_link, AUE_NULL, NULL, 0, 0, 0 }, /* 428 = __acl_aclcheck_link */ { AS(sigwait_args), (sy_call_t *)sigwait, AUE_SIGWAIT, NULL, 0, 0, 0 }, /* 429 = sigwait */ - { AS(thr_create_args), (sy_call_t *)thr_create, AUE_NULL, NULL, 0, 0, 0 }, /* 430 = thr_create */ - { AS(thr_exit_args), (sy_call_t *)thr_exit, AUE_NULL, NULL, 0, 0, 0 }, /* 431 = thr_exit */ - { AS(thr_self_args), (sy_call_t *)thr_self, AUE_NULL, NULL, 0, 0, 0 }, /* 432 = thr_self */ - { AS(thr_kill_args), (sy_call_t *)thr_kill, AUE_NULL, NULL, 0, 0, 0 }, /* 433 = thr_kill */ - { AS(_umtx_lock_args), (sy_call_t *)_umtx_lock, AUE_NULL, NULL, 0, 0, 0 }, /* 434 = _umtx_lock */ - { AS(_umtx_unlock_args), (sy_call_t *)_umtx_unlock, AUE_NULL, NULL, 0, 0, 0 }, /* 435 = _umtx_unlock */ + { AS(thr_create_args), (sy_call_t *)thr_create, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 430 = thr_create */ + { AS(thr_exit_args), (sy_call_t *)thr_exit, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 431 = thr_exit */ + { AS(thr_self_args), (sy_call_t *)thr_self, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 432 = thr_self */ + { AS(thr_kill_args), (sy_call_t *)thr_kill, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 433 = thr_kill */ + { AS(_umtx_lock_args), (sy_call_t *)_umtx_lock, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 434 = _umtx_lock */ + { AS(_umtx_unlock_args), (sy_call_t *)_umtx_unlock, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 435 = _umtx_unlock */ { AS(jail_attach_args), (sy_call_t *)jail_attach, AUE_NULL, NULL, 0, 0, 0 }, /* 436 = jail_attach */ { AS(extattr_list_fd_args), (sy_call_t *)extattr_list_fd, AUE_EXTATTR_LIST_FD, NULL, 0, 0, SYF_CAPENABLED }, /* 437 = extattr_list_fd */ { AS(extattr_list_file_args), (sy_call_t *)extattr_list_file, AUE_EXTATTR_LIST_FILE, NULL, 0, 0, 0 }, /* 438 = extattr_list_file */ { AS(extattr_list_link_args), (sy_call_t *)extattr_list_link, AUE_EXTATTR_LIST_LINK, NULL, 0, 0, 0 }, /* 439 = extattr_list_link */ - { AS(kse_switchin_args), (sy_call_t *)kse_switchin, AUE_NULL, NULL, 0, 0, 0 }, /* 440 = kse_switchin */ + { AS(kse_switchin_args), (sy_call_t *)kse_switchin, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 440 = kse_switchin */ { AS(ksem_timedwait_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 441 = ksem_timedwait */ - { AS(thr_suspend_args), (sy_call_t *)thr_suspend, AUE_NULL, NULL, 0, 0, 0 }, /* 442 = thr_suspend */ - { AS(thr_wake_args), (sy_call_t *)thr_wake, AUE_NULL, NULL, 0, 0, 0 }, /* 443 = thr_wake */ + { AS(thr_suspend_args), (sy_call_t *)thr_suspend, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 442 = thr_suspend */ + { AS(thr_wake_args), (sy_call_t *)thr_wake, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 443 = thr_wake */ { AS(kldunloadf_args), (sy_call_t *)kldunloadf, AUE_MODUNLOAD, NULL, 0, 0, 0 }, /* 444 = kldunloadf */ { AS(audit_args), (sy_call_t *)audit, AUE_AUDIT, NULL, 0, 0, 0 }, /* 445 = audit */ { AS(auditon_args), (sy_call_t *)auditon, AUE_AUDITON, NULL, 0, 0, 0 }, /* 446 = auditon */ - { AS(getauid_args), (sy_call_t *)getauid, AUE_GETAUID, NULL, 0, 0, 0 }, /* 447 = getauid */ - { AS(setauid_args), (sy_call_t *)setauid, AUE_SETAUID, NULL, 0, 0, 0 }, /* 448 = setauid */ - { AS(getaudit_args), (sy_call_t *)getaudit, AUE_GETAUDIT, NULL, 0, 0, 0 }, /* 449 = getaudit */ - { AS(setaudit_args), (sy_call_t *)setaudit, AUE_SETAUDIT, NULL, 0, 0, 0 }, /* 450 = setaudit */ - { AS(getaudit_addr_args), (sy_call_t *)getaudit_addr, AUE_GETAUDIT_ADDR, NULL, 0, 0, 0 }, /* 451 = getaudit_addr */ - { AS(setaudit_addr_args), (sy_call_t *)setaudit_addr, AUE_SETAUDIT_ADDR, NULL, 0, 0, 0 }, /* 452 = setaudit_addr */ + { AS(getauid_args), (sy_call_t *)getauid, AUE_GETAUID, NULL, 0, 0, SYF_CAPENABLED }, /* 447 = getauid */ + { AS(setauid_args), (sy_call_t *)setauid, AUE_SETAUID, NULL, 0, 0, SYF_CAPENABLED }, /* 448 = setauid */ + { AS(getaudit_args), (sy_call_t *)getaudit, AUE_GETAUDIT, NULL, 0, 0, SYF_CAPENABLED }, /* 449 = getaudit */ + { AS(setaudit_args), (sy_call_t *)setaudit, AUE_SETAUDIT, NULL, 0, 0, SYF_CAPENABLED }, /* 450 = setaudit */ + { AS(getaudit_addr_args), (sy_call_t *)getaudit_addr, AUE_GETAUDIT_ADDR, NULL, 0, 0, SYF_CAPENABLED }, /* 451 = getaudit_addr */ + { AS(setaudit_addr_args), (sy_call_t *)setaudit_addr, AUE_SETAUDIT_ADDR, NULL, 0, 0, SYF_CAPENABLED }, /* 452 = setaudit_addr */ { AS(auditctl_args), (sy_call_t *)auditctl, AUE_AUDITCTL, NULL, 0, 0, 0 }, /* 453 = auditctl */ - { AS(_umtx_op_args), (sy_call_t *)_umtx_op, AUE_NULL, NULL, 0, 0, 0 }, /* 454 = _umtx_op */ - { AS(thr_new_args), (sy_call_t *)thr_new, AUE_NULL, NULL, 0, 0, 0 }, /* 455 = thr_new */ - { AS(sigqueue_args), (sy_call_t *)sigqueue, AUE_NULL, NULL, 0, 0, 0 }, /* 456 = sigqueue */ + { AS(_umtx_op_args), (sy_call_t *)_umtx_op, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 454 = _umtx_op */ + { AS(thr_new_args), (sy_call_t *)thr_new, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 455 = thr_new */ + { AS(sigqueue_args), (sy_call_t *)sigqueue, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 456 = sigqueue */ { AS(kmq_open_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 457 = kmq_open */ { AS(kmq_setattr_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 458 = kmq_setattr */ { AS(kmq_timedreceive_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 459 = kmq_timedreceive */ { AS(kmq_timedsend_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 460 = kmq_timedsend */ { AS(kmq_notify_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 461 = kmq_notify */ { AS(kmq_unlink_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 462 = kmq_unlink */ - { AS(abort2_args), (sy_call_t *)abort2, AUE_NULL, NULL, 0, 0, 0 }, /* 463 = abort2 */ - { AS(thr_set_name_args), (sy_call_t *)thr_set_name, AUE_NULL, NULL, 0, 0, 0 }, /* 464 = thr_set_name */ + { AS(abort2_args), (sy_call_t *)abort2, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 463 = abort2 */ + { AS(thr_set_name_args), (sy_call_t *)thr_set_name, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 464 = thr_set_name */ { AS(aio_fsync_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 465 = aio_fsync */ - { AS(rtprio_thread_args), (sy_call_t *)rtprio_thread, AUE_RTPRIO, NULL, 0, 0, 0 }, /* 466 = rtprio_thread */ + { AS(rtprio_thread_args), (sy_call_t *)rtprio_thread, AUE_RTPRIO, NULL, 0, 0, SYF_CAPENABLED }, /* 466 = rtprio_thread */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 467 = nosys */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 468 = nosys */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 469 = __getpath_fromfd */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 470 = __getpath_fromaddr */ { AS(sctp_peeloff_args), (sy_call_t *)sctp_peeloff, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 471 = sctp_peeloff */ { AS(sctp_generic_sendmsg_args), (sy_call_t *)sctp_generic_sendmsg, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 472 = sctp_generic_sendmsg */ - { AS(sctp_generic_sendmsg_iov_args), (sy_call_t *)sctp_generic_sendmsg_iov, AUE_NULL, NULL, 0, 0, 0 }, /* 473 = sctp_generic_sendmsg_iov */ + { AS(sctp_generic_sendmsg_iov_args), (sy_call_t *)sctp_generic_sendmsg_iov, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 473 = sctp_generic_sendmsg_iov */ { AS(sctp_generic_recvmsg_args), (sy_call_t *)sctp_generic_recvmsg, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 474 = sctp_generic_recvmsg */ { AS(pread_args), (sy_call_t *)pread, AUE_PREAD, NULL, 0, 0, SYF_CAPENABLED }, /* 475 = pread */ { AS(pwrite_args), (sy_call_t *)pwrite, AUE_PWRITE, NULL, 0, 0, SYF_CAPENABLED }, /* 476 = pwrite */ @@ -514,7 +514,7 @@ { AS(shm_open_args), (sy_call_t *)shm_open, AUE_SHMOPEN, NULL, 0, 0, 0 }, /* 482 = shm_open */ { AS(shm_unlink_args), (sy_call_t *)shm_unlink, AUE_SHMUNLINK, NULL, 0, 0, 0 }, /* 483 = shm_unlink */ { AS(cap_new_args), (sy_call_t *)cap_new, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 484 = cap_new */ - { AS(cap_getrights_args), (sy_call_t *)cap_getrights, AUE_NULL, NULL, 0, 0, 0 }, /* 485 = cap_getrights */ + { AS(cap_getrights_args), (sy_call_t *)cap_getrights, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 485 = cap_getrights */ { 0, (sy_call_t *)cap_enter, AUE_NULL, NULL, 0, 0, 0 }, /* 486 = cap_enter */ { AS(cap_getmode_args), (sy_call_t *)cap_getmode, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 487 = cap_getmode */ }; ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#8 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#8 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#8 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#8 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#8 (text+ko) ====
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801252135.m0PLZsHI078985>