Date: Mon, 4 Feb 2008 17:00:46 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 134790 for review Message-ID: <200802041700.m14H0kDr006825@repoman.freebsd.org>
index | next in thread | raw e-mail
http://perforce.freebsd.org/chv.cgi?CH=134790 Change 134790 by rwatson@rwatson_freebsd_capabilities on 2008/02/04 17:00:10 Remove CAP_AIO since aio_fsync(), aio_read(), and aio_write() are basically juse fsync(), read(), and write(). Check them as such. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/sys/kern/vfs_aio.c#5 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#11 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/vfs_aio.c#5 (text+ko) ==== @@ -1412,16 +1412,16 @@ fd = aiocbe->uaiocb.aio_fildes; switch (opcode) { case LIO_WRITE: - error = fget_write(td, fd, CAP_WRITE | CAP_AIO, &fp); + error = fget_write(td, fd, CAP_WRITE, &fp); break; case LIO_READ: - error = fget_read(td, fd, CAP_READ | CAP_AIO, &fp); + error = fget_read(td, fd, CAP_READ, &fp); break; case LIO_SYNC: - error = fget(td, fd, CAP_FSYNC | CAP_AIO, &fp); + error = fget(td, fd, CAP_FSYNC, &fp); break; case LIO_NOP: - error = fget(td, fd, CAP_AIO, &fp); + error = fget(td, fd, 0, &fp); break; default: error = EINVAL; @@ -1799,7 +1799,7 @@ struct vnode *vp; /* Lookup file object. */ - error = fget(td, uap->fd, CAP_AIO, &fp); + error = fget(td, uap->fd, 0, &fp); if (error) return (error); ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#11 (text+ko) ==== @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#10 $ + * $P4: //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#11 $ */ /* @@ -39,45 +39,44 @@ */ #define CAP_READ 0x0000000000000001ULL /* read/recv */ #define CAP_WRITE 0x0000000000000002ULL /* write/send */ -#define CAP_SEEK 0x0000000000000008ULL /* lseek, various io */ -#define CAP_GETPEERNAME 0x0000000000000010ULL /* getpeername */ -#define CAP_GETSOCKNAME 0x0000000000000020ULL /* getsockname */ -#define CAP_FCHFLAGS 0x0000000000000040ULL /* fchflags */ -#define CAP_IOCTL 0x0000000000000080ULL /* ioctl */ -#define CAP_FSTAT 0x0000000000000100ULL /* fstat */ -#define CAP_MMAP 0x0000000000000200ULL /* mmap */ -#define CAP_FCNTL 0x0000000000000400ULL /* fcntl */ -#define CAP_EVENT 0x0000000000000800ULL /* select/poll */ -#define CAP_FSYNC 0x0000000000001000ULL /* fsync */ -#define CAP_FCHOWN 0x0000000000002000ULL /* fchown */ -#define CAP_FCHMOD 0x0000000000004000ULL /* fchmod */ -#define CAP_FTRUNCATE 0x0000000000008000ULL /* ftruncate */ -#define CAP_FLOCK 0x0000000000010000ULL /* flock */ -#define CAP_FSTATFS 0x0000000000040000ULL /* fstatfs */ -#define CAP_REVOKE 0x0000000000080000ULL /* revoke */ -#define CAP_FEXECVE 0x0000000000100000ULL /* fexecve */ -#define CAP_FPATHCONF 0x0000000000200000ULL /* fpathconf */ -#define CAP_FUTIMES 0x0000000000400000ULL /* futimes */ -#define CAP_AIO 0x0000000000800000ULL /* aio_* */ -#define CAP_ACL_GET 0x0000000001000000ULL /* acl_get_fd */ -#define CAP_ACL_SET 0x0000000002000000ULL /* acl_set_fd */ -#define CAP_ACL_DELETE 0x0000000004000000ULL /* acl_delete_fd */ -#define CAP_ACL_CHECK 0x0000000008000000ULL /* acl_list_fd */ -#define CAP_EXTATTR_GET 0x0000000010000000ULL /* extattr_get_fd */ -#define CAP_EXTATTR_SET 0x0000000020000000ULL /* extattr_set_fd */ -#define CAP_EXTATTR_DELETE 0x0000000040000000ULL /* extattr_delete_fd */ -#define CAP_EXTATTR_LIST 0x0000000080000000ULL /* extattr_list_fd */ -#define CAP_MAC_GET 0x0000000100000000ULL /* mac_get_fd */ -#define CAP_MAC_SET 0x0000000200000000ULL /* mac_set_fd */ -#define CAP_ACCEPT 0x0000000400000000ULL /* accept */ -#define CAP_CONNECT 0x0000000800000000ULL /* connect/sendto */ -#define CAP_BIND 0x0000001000000000ULL /* bind */ -#define CAP_GETSOCKOPT 0x0000002000000000ULL /* getsockopt */ -#define CAP_SETSOCKOPT 0x0000004000000000ULL /* setsockopt */ -#define CAP_LISTEN 0x0000008000000000ULL /* listen */ -#define CAP_SHUTDOWN 0x0000010000000000ULL /* shutdown */ -#define CAP_PEELOFF 0x0000020000000000ULL /* sctp_peeloff */ -#define CAP_MASK_VALID 0x000003fffffdfffbULL +#define CAP_SEEK 0x0000000000000004ULL /* lseek, various io */ +#define CAP_GETPEERNAME 0x0000000000000008ULL /* getpeername */ +#define CAP_GETSOCKNAME 0x0000000000000010ULL /* getsockname */ +#define CAP_FCHFLAGS 0x0000000000000020ULL /* fchflags */ +#define CAP_IOCTL 0x0000000000000040ULL /* ioctl */ +#define CAP_FSTAT 0x0000000000000080ULL /* fstat */ +#define CAP_MMAP 0x0000000000000100ULL /* mmap */ +#define CAP_FCNTL 0x0000000000000200ULL /* fcntl */ +#define CAP_EVENT 0x0000000000000400ULL /* select/poll */ +#define CAP_FSYNC 0x0000000000000800ULL /* fsync */ +#define CAP_FCHOWN 0x0000000000001000ULL /* fchown */ +#define CAP_FCHMOD 0x0000000000002000ULL /* fchmod */ +#define CAP_FTRUNCATE 0x0000000000004000ULL /* ftruncate */ +#define CAP_FLOCK 0x0000000000008000ULL /* flock */ +#define CAP_FSTATFS 0x0000000000010000ULL /* fstatfs */ +#define CAP_REVOKE 0x0000000000020000ULL /* revoke */ +#define CAP_FEXECVE 0x0000000000040000ULL /* fexecve */ +#define CAP_FPATHCONF 0x0000000000080000ULL /* fpathconf */ +#define CAP_FUTIMES 0x0000000000100000ULL /* futimes */ +#define CAP_ACL_GET 0x0000000000200000ULL /* acl_get_fd */ +#define CAP_ACL_SET 0x0000000000400000ULL /* acl_set_fd */ +#define CAP_ACL_DELETE 0x0000000000800000ULL /* acl_delete_fd */ +#define CAP_ACL_CHECK 0x0000000001000000ULL /* acl_list_fd */ +#define CAP_EXTATTR_GET 0x0000000002000000ULL /* extattr_get_fd */ +#define CAP_EXTATTR_SET 0x0000000004000000ULL /* extattr_set_fd */ +#define CAP_EXTATTR_DELETE 0x0000000008000000ULL /* extattr_delete_fd */ +#define CAP_EXTATTR_LIST 0x0000000010000000ULL /* extattr_list_fd */ +#define CAP_MAC_GET 0x0000000020000000ULL /* mac_get_fd */ +#define CAP_MAC_SET 0x0000000040000000ULL /* mac_set_fd */ +#define CAP_ACCEPT 0x0000000080000000ULL /* accept */ +#define CAP_CONNECT 0x0000000100000000ULL /* connect/sendto */ +#define CAP_BIND 0x0000000200000000ULL /* bind */ +#define CAP_GETSOCKOPT 0x0000000400000000ULL /* getsockopt */ +#define CAP_SETSOCKOPT 0x0000000800000000ULL /* setsockopt */ +#define CAP_LISTEN 0x0000001000000000ULL /* listen */ +#define CAP_SHUTDOWN 0x0000002000000000ULL /* shutdown */ +#define CAP_PEELOFF 0x0000004000000000ULL /* sctp_peeloff */ +#define CAP_MASK_VALID 0x0000007fffffffffULL /* * Notes: @@ -92,9 +91,6 @@ * * CAP_EVENT covers select, poll, and kqueue registration for a capability. * - * CAP_AIO is combined with other capabilities to authorize specific AIO - * operations, such as AIO_READ. aio_cancel just requires CAP_AIO. - * * sendfile is authorized using CAP_READ on the file and CAP_WRITE on the * socket. *help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200802041700.m14H0kDr006825>