From owner-svn-src-head@freebsd.org  Mon Aug  3 13:41:48 2015
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 85B569B2ECF;
 Mon,  3 Aug 2015 13:41:48 +0000 (UTC) (envelope-from ed@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 74A1F1647;
 Mon,  3 Aug 2015 13:41:48 +0000 (UTC) (envelope-from ed@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.70])
 by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t73Dfmv4026946;
 Mon, 3 Aug 2015 13:41:48 GMT (envelope-from ed@FreeBSD.org)
Received: (from ed@localhost)
 by repo.freebsd.org (8.14.9/8.14.9/Submit) id t73Dflee026942;
 Mon, 3 Aug 2015 13:41:47 GMT (envelope-from ed@FreeBSD.org)
Message-Id: <201508031341.t73Dflee026942@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: ed set sender to ed@FreeBSD.org
 using -f
From: Ed Schouten <ed@FreeBSD.org>
Date: Mon, 3 Aug 2015 13:41:47 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r286229 - in head/sys: kern sys
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Aug 2015 13:41:48 -0000

Author: ed
Date: Mon Aug  3 13:41:47 2015
New Revision: 286229
URL: https://svnweb.freebsd.org/changeset/base/286229

Log:
  Add sysent flag to switch to capabilities mode on startup.
  
  CloudABI processes should run in capabilities mode automatically. There
  is no need to switch manually (e.g., by calling cap_enter()). Add a
  flag, SV_CAPSICUM, that can be used to call into cap_enter() during
  execve().
  
  Reviewed by:	kib

Modified:
  head/sys/kern/kern_exec.c
  head/sys/sys/sysent.h

Modified: head/sys/kern/kern_exec.c
==============================================================================
--- head/sys/kern/kern_exec.c	Mon Aug  3 12:14:42 2015	(r286228)
+++ head/sys/kern/kern_exec.c	Mon Aug  3 13:41:47 2015	(r286229)
@@ -562,6 +562,10 @@ interpret:
 		goto exec_fail_dealloc;
 	}
 
+	/* ABI enforces the use of Capsicum. Switch into capabilities mode. */
+	if (SV_PROC_FLAG(p, SV_CAPSICUM))
+		sys_cap_enter(td, NULL);
+
 	/*
 	 * Copy out strings (args and env) and initialize stack base
 	 */

Modified: head/sys/sys/sysent.h
==============================================================================
--- head/sys/sys/sysent.h	Mon Aug  3 12:14:42 2015	(r286228)
+++ head/sys/sys/sysent.h	Mon Aug  3 13:41:47 2015	(r286229)
@@ -139,11 +139,12 @@ struct sysentvec {
 	void		(*sv_thread_detach)(struct thread *);
 };
 
-#define	SV_ILP32	0x000100
-#define	SV_LP64		0x000200
-#define	SV_IA32		0x004000
-#define	SV_AOUT		0x008000
-#define	SV_SHP		0x010000
+#define	SV_ILP32	0x000100	/* 32-bit executable. */
+#define	SV_LP64		0x000200	/* 64-bit executable. */
+#define	SV_IA32		0x004000	/* Intel 32-bit executable. */
+#define	SV_AOUT		0x008000	/* a.out executable. */
+#define	SV_SHP		0x010000	/* Shared page. */
+#define	SV_CAPSICUM	0x020000	/* Force cap_enter() on startup. */
 
 #define	SV_ABI_MASK	0xff
 #define	SV_PROC_FLAG(p, x)	((p)->p_sysent->sv_flags & (x))