Date: Tue, 1 Mar 2011 13:32:08 +0000 (UTC) From: Robert Watson <rwatson@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r219133 - head/sys/kern Message-ID: <201103011332.p21DW854028357@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rwatson Date: Tue Mar 1 13:32:07 2011 New Revision: 219133 URL: http://svn.freebsd.org/changeset/base/219133 Log: Continue introducing Capsicum capability mode support: If a system call wasn't listed in capabilities.conf, return ECAPMODE at syscall entry. Reviewed by: anderson Discussed with: benl, kris, pjd Sponsored by: Google, Inc. Obtained from: Capsicum Project MFC after: 3 months Modified: head/sys/kern/subr_trap.c Modified: head/sys/kern/subr_trap.c ============================================================================== --- head/sys/kern/subr_trap.c Tue Mar 1 13:30:23 2011 (r219132) +++ head/sys/kern/subr_trap.c Tue Mar 1 13:32:07 2011 (r219133) @@ -44,12 +44,14 @@ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); +#include "opt_capabilities.h" #include "opt_ktrace.h" #include "opt_kdtrace.h" #include "opt_sched.h" #include <sys/param.h> #include <sys/bus.h> +#include <sys/capability.h> #include <sys/kernel.h> #include <sys/lock.h> #include <sys/mutex.h> @@ -310,6 +312,19 @@ syscallenter(struct thread *td, struct s if (error != 0) goto retval; } + +#ifdef CAPABILITIES + /* + * In capability mode, we only allow access to system calls + * flagged with SYF_CAPENABLED. + */ + if (IN_CAPABILITY_MODE(td) && + !(sa->callp->sy_flags & SYF_CAPENABLED)) { + error = ECAPMODE; + goto retval; + } +#endif + error = syscall_thread_enter(td, sa->callp); if (error != 0) goto retval;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201103011332.p21DW854028357>