Date: Mon, 4 Jul 2011 14:40:32 +0000 (UTC) From: Jonathan Anderson <jonathan@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/sys/kern sys_capability.c src/sys/sys capability.h Message-ID: <201107041440.p64EeonY043663@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
jonathan 2011-07-04 14:40:32 UTC
FreeBSD src repository
Modified files:
sys/kern sys_capability.c
sys/sys capability.h
Log:
SVN rev 223762 on 2011-07-04 14:40:32Z by jonathan
Add kernel functions to unwrap capabilities.
cap_funwrap() and cap_funwrap_mmap() unwrap capabilities, exposing the
underlying object. Attempting to unwrap a capability with an inadequate
rights mask (e.g. calling cap_funwrap(fp, CAP_WRITE | CAP_MMAP, &result)
on a capability whose rights mask is CAP_READ | CAP_MMAP) will result in
ENOTCAPABLE.
Unwrapping a non-capability is effectively a no-op.
These functions will be used by Capsicum-aware versions of _fget(), etc.
Approved by: mentor (rwatson), re (Capsicum blanket)
Sponsored by: Google Inc
Revision Changes Path
1.5 +122 -0 src/sys/kern/sys_capability.c
1.16 +40 -0 src/sys/sys/capability.h
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201107041440.p64EeonY043663>