From owner-p4-projects@FreeBSD.ORG  Mon Feb  4 13:18:48 2008
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 9CFE516A478; Mon,  4 Feb 2008 13:18:48 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 620C316A475
	for <perforce@freebsd.org>; Mon,  4 Feb 2008 13:18:48 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 4811313C4F4
	for <perforce@freebsd.org>; Mon,  4 Feb 2008 13:18:48 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id m14DImwu079744
	for <perforce@freebsd.org>; Mon, 4 Feb 2008 13:18:48 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.1/8.14.1/Submit) id m14DIlJU079741
	for perforce@freebsd.org; Mon, 4 Feb 2008 13:18:47 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Mon, 4 Feb 2008 13:18:47 GMT
Message-Id: <200802041318.m14DIlJU079741@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 134778 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Feb 2008 13:18:48 -0000

http://perforce.freebsd.org/chv.cgi?CH=134778

Change 134778 by rwatson@rwatson_freebsd_capabilities on 2008/02/04 13:17:51

	Remove fchdir(2) from set if system calls allowed in capability
	mode.  Regenreate.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#6 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#12 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#12 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#12 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#12 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#12 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#12 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#6 (text+ko) ====

@@ -5,7 +5,7 @@
 # - sys_exit() and close() are very important.
 # - Sorted alphabeetically, please keep it that way.
 #
-# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#5 $
+# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#6 $
 #
 __acl_aclcheck_fd
 __acl_delete_fd
@@ -56,11 +56,6 @@
 extattr_get_fd
 extattr_list_fd
 extattr_set_fd
-#
-# Possibly fchdir() should be excluded on the basis that this implies access
-# to the global namespace, and isn't really useful without it.
-#
-fchdir
 fchflags
 fchmod
 fchown

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#12 (text+ko) ====

@@ -42,7 +42,7 @@
 	{ AS(unlink_args), (sy_call_t *)unlink, AUE_UNLINK, NULL, 0, 0, 0 },	/* 10 = unlink */
 	{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 },			/* 11 = obsolete execv */
 	{ AS(chdir_args), (sy_call_t *)chdir, AUE_CHDIR, NULL, 0, 0, 0 },	/* 12 = chdir */
-	{ AS(fchdir_args), (sy_call_t *)fchdir, AUE_FCHDIR, NULL, 0, 0, SYF_CAPENABLED },	/* 13 = fchdir */
+	{ AS(fchdir_args), (sy_call_t *)fchdir, AUE_FCHDIR, NULL, 0, 0, 0 },	/* 13 = fchdir */
 	{ AS(mknod_args), (sy_call_t *)mknod, AUE_MKNOD, NULL, 0, 0, 0 },	/* 14 = mknod */
 	{ AS(chmod_args), (sy_call_t *)chmod, AUE_CHMOD, NULL, 0, 0, 0 },	/* 15 = chmod */
 	{ AS(chown_args), (sy_call_t *)chown, AUE_CHOWN, NULL, 0, 0, 0 },	/* 16 = chown */

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#12 (text+ko) ====


==== //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#12 (text+ko) ====


==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#12 (text+ko) ====


==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#12 (text+ko) ====


==== //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#12 (text+ko) ====