Date: Wed, 21 Jan 2009 00:26:58 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 156454 for review Message-ID: <200901210026.n0L0Qwra077924@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=156454 Change 156454 by rwatson@rwatson_freebsd_capabilities on 2009/01/21 00:26:55 When exporting file descriptor data via the filedesc sysctl for procstat, rather than exporting the capability, export the underlying object information and just set a flag indicating it is wrapped by a capability. Export the rights mask as well. Modify procstat to handle this by adding a new file descriptor flag field; for now, don't print capability rights as that is really too wide for the -f display by default, but in the future we may want to add a -C to enable capability mask printing. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_descrip.c#16 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/user.h#11 edit .. //depot/projects/trustedbsd/capabilities/src/usr.bin/procstat/procstat_files.c#11 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_descrip.c#16 (text+ko) ==== @@ -2675,6 +2675,17 @@ so = NULL; tp = NULL; kif->kf_fd = i; + + /* + * When reporting a capability, most fields will be from the + * underlying object, but do mark as a capability. With + * ofiledesc, we don't have a field to export the + * cap_rights_t, but we do with the new filedesc. + */ + if (fp->f_type == DTYPE_CAPABILITY) { + kif->kf_flags |= KF_FLAG_CAPABILITY; + (void)cap_fextract(fp, 0, &fp); + } switch (fp->f_type) { case DTYPE_VNODE: kif->kf_type = KF_TYPE_VNODE; @@ -2721,10 +2732,6 @@ tp = fp->f_data; break; - case DTYPE_CAPABILITY: - kif->kf_type = KF_TYPE_CAPABILITY; - break; - case DTYPE_PROCDESC: kif->kf_type = KF_TYPE_PROCDESC; break; @@ -2933,6 +2940,17 @@ so = NULL; tp = NULL; kif->kf_fd = i; + + /* + * When reporting a capability, most fields will be from the + * underlying object, but do mark as a capability and export + * the capability rights mask. + */ + if (fp->f_type == DTYPE_CAPABILITY) { + kif->kf_flags |= KF_FLAG_CAPABILITY; + kif->kf_cap_rights = cap_rights(fp); + (void)cap_fextract(fp, 0, &fp); + } switch (fp->f_type) { case DTYPE_VNODE: kif->kf_type = KF_TYPE_VNODE; @@ -2977,10 +2995,6 @@ case DTYPE_PTS: kif->kf_type = KF_TYPE_PTS; tp = fp->f_data; - - case DTYPE_CAPABILITY: - kif->kf_type = KF_TYPE_CAPABILITY; - kif->kf_cap_rights = cap_rights(fp); break; case DTYPE_PROCDESC: ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/user.h#11 (text+ko) ==== @@ -252,7 +252,6 @@ #define KF_TYPE_SHM 8 #define KF_TYPE_SEM 9 #define KF_TYPE_PTS 10 -#define KF_TYPE_CAPABILITY 11 #define KF_TYPE_PROCDESC 12 #define KF_TYPE_UNKNOWN 255 @@ -279,6 +278,7 @@ #define KF_FLAG_NONBLOCK 0x00000020 #define KF_FLAG_DIRECT 0x00000040 #define KF_FLAG_HASLOCK 0x00000080 +#define KF_FLAG_CAPABILITY 0x00000100 /* * Old format. Has variable hidden padding due to alignment. ==== //depot/projects/trustedbsd/capabilities/src/usr.bin/procstat/procstat_files.c#11 (text+ko) ==== @@ -132,6 +132,7 @@ printf("%s", addr); } +#if notyet static struct cap_desc { cap_rights_t cd_right; const char *cd_desc; @@ -199,6 +200,7 @@ } } } +#endif void procstat_files(pid_t pid, struct kinfo_proc *kipp) @@ -208,7 +210,7 @@ const char *str; if (!hflag) - printf("%5s %-16s %4s %1s %1s %-8s %3s %7s %-3s %-12s\n", + printf("%5s %-16s %4s %1s %1s %-9s %3s %7s %-3s %-12s\n", "PID", "COMM", "FD", "T", "V", "FLAGS", "REF", "OFFSET", "PRO", "NAME"); @@ -278,15 +280,6 @@ str = "e"; break; - case KF_TYPE_CAPABILITY: - /* - * XXXRW: Ideally, we'd display detailed information - * on the object behind the capability, and the - * rights on the capability. - */ - str = "a"; - break; - case KF_TYPE_PROCDESC: str = "P"; break; @@ -348,7 +341,8 @@ printf("%s", kif->kf_flags & KF_FLAG_FSYNC ? "f" : "-"); printf("%s", kif->kf_flags & KF_FLAG_NONBLOCK ? "n" : "-"); printf("%s", kif->kf_flags & KF_FLAG_DIRECT ? "d" : "-"); - printf("%s ", kif->kf_flags & KF_FLAG_HASLOCK ? "l" : "-"); + printf("%s", kif->kf_flags & KF_FLAG_HASLOCK ? "l" : "-"); + printf("%s ", kif->kf_flags & KF_FLAG_CAPABILITY ? "c" : "-"); if (kif->kf_ref_count > -1) printf("%3d ", kif->kf_ref_count); else @@ -392,11 +386,6 @@ } break; - case KF_TYPE_CAPABILITY: - printf("%-4s ", "-"); - print_capability(kif->kf_cap_rights); - break; - case KF_TYPE_PROCDESC: printf("%-3s %d", "-", kif->kf_pid); break;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901210026.n0L0Qwra077924>