From owner-svn-src-head@freebsd.org  Tue Aug 11 08:43:51 2015
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6CF7499FBC3;
 Tue, 11 Aug 2015 08:43:51 +0000 (UTC) (envelope-from ed@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 54C07C6B;
 Tue, 11 Aug 2015 08:43:51 +0000 (UTC) (envelope-from ed@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.70])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id t7B8hpnJ026666;
 Tue, 11 Aug 2015 08:43:51 GMT (envelope-from ed@FreeBSD.org)
Received: (from ed@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id t7B8hov6026664;
 Tue, 11 Aug 2015 08:43:50 GMT (envelope-from ed@FreeBSD.org)
Message-Id: <201508110843.t7B8hov6026664@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: ed set sender to ed@FreeBSD.org
 using -f
From: Ed Schouten <ed@FreeBSD.org>
Date: Tue, 11 Aug 2015 08:43:50 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r286618 - in head/sys: kern sys
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2015 08:43:51 -0000

Author: ed
Date: Tue Aug 11 08:43:50 2015
New Revision: 286618
URL: https://svnweb.freebsd.org/changeset/base/286618

Log:
  Introduce kern_cap_rights_limit().
  
  The existing sys_cap_rights_limit() expects that a cap_rights_t object
  lives in userspace. It is therefore hard to call into it from
  kernelspace.
  
  Move the interesting bits of sys_cap_rights_limit() into
  kern_cap_rights_limit(), so that we can call into it from the CloudABI
  compatibility layer.
  
  Obtained from:	https://github.com/NuxiNL/freebsd
  Differential Revision:	https://reviews.freebsd.org/D3314

Modified:
  head/sys/kern/sys_capability.c
  head/sys/sys/syscallsubr.h

Modified: head/sys/kern/sys_capability.c
==============================================================================
--- head/sys/kern/sys_capability.c	Tue Aug 11 05:58:33 2015	(r286617)
+++ head/sys/kern/sys_capability.c	Tue Aug 11 08:43:50 2015	(r286618)
@@ -213,15 +213,41 @@ cap_rights(struct filedesc *fdp, int fd)
 	return (cap_rights_fde(&fdp->fd_ofiles[fd]));
 }
 
+int
+kern_cap_rights_limit(struct thread *td, int fd, cap_rights_t *rights)
+{
+	struct filedesc *fdp;
+	int error;
+
+	fdp = td->td_proc->p_fd;
+	FILEDESC_XLOCK(fdp);
+	if (fget_locked(fdp, fd) == NULL) {
+		FILEDESC_XUNLOCK(fdp);
+		return (EBADF);
+	}
+	error = _cap_check(cap_rights(fdp, fd), rights, CAPFAIL_INCREASE);
+	if (error == 0) {
+		fdp->fd_ofiles[fd].fde_rights = *rights;
+		if (!cap_rights_is_set(rights, CAP_IOCTL)) {
+			free(fdp->fd_ofiles[fd].fde_ioctls, M_FILECAPS);
+			fdp->fd_ofiles[fd].fde_ioctls = NULL;
+			fdp->fd_ofiles[fd].fde_nioctls = 0;
+		}
+		if (!cap_rights_is_set(rights, CAP_FCNTL))
+			fdp->fd_ofiles[fd].fde_fcntls = 0;
+	}
+	FILEDESC_XUNLOCK(fdp);
+	return (error);
+}
+
 /*
  * System call to limit rights of the given capability.
  */
 int
 sys_cap_rights_limit(struct thread *td, struct cap_rights_limit_args *uap)
 {
-	struct filedesc *fdp;
 	cap_rights_t rights;
-	int error, fd, version;
+	int error, version;
 
 	cap_rights_init(&rights);
 
@@ -252,30 +278,9 @@ sys_cap_rights_limit(struct thread *td, 
 		ktrcaprights(&rights);
 #endif
 
-	fd = uap->fd;
-
-	AUDIT_ARG_FD(fd);
+	AUDIT_ARG_FD(uap->fd);
 	AUDIT_ARG_RIGHTS(&rights);
-
-	fdp = td->td_proc->p_fd;
-	FILEDESC_XLOCK(fdp);
-	if (fget_locked(fdp, fd) == NULL) {
-		FILEDESC_XUNLOCK(fdp);
-		return (EBADF);
-	}
-	error = _cap_check(cap_rights(fdp, fd), &rights, CAPFAIL_INCREASE);
-	if (error == 0) {
-		fdp->fd_ofiles[fd].fde_rights = rights;
-		if (!cap_rights_is_set(&rights, CAP_IOCTL)) {
-			free(fdp->fd_ofiles[fd].fde_ioctls, M_FILECAPS);
-			fdp->fd_ofiles[fd].fde_ioctls = NULL;
-			fdp->fd_ofiles[fd].fde_nioctls = 0;
-		}
-		if (!cap_rights_is_set(&rights, CAP_FCNTL))
-			fdp->fd_ofiles[fd].fde_fcntls = 0;
-	}
-	FILEDESC_XUNLOCK(fdp);
-	return (error);
+	return (kern_cap_rights_limit(td, uap->fd, &rights));
 }
 
 /*

Modified: head/sys/sys/syscallsubr.h
==============================================================================
--- head/sys/sys/syscallsubr.h	Tue Aug 11 05:58:33 2015	(r286617)
+++ head/sys/sys/syscallsubr.h	Tue Aug 11 08:43:50 2015	(r286618)
@@ -74,6 +74,7 @@ int	kern_alternate_path(struct thread *t
 int	kern_bindat(struct thread *td, int dirfd, int fd, struct sockaddr *sa);
 int	kern_cap_ioctls_limit(struct thread *td, int fd, u_long *cmds,
 	    size_t ncmds);
+int	kern_cap_rights_limit(struct thread *td, int fd, cap_rights_t *rights);
 int	kern_chdir(struct thread *td, char *path, enum uio_seg pathseg);
 int	kern_clock_getcpuclockid2(struct thread *td, id_t id, int which,
 	    clockid_t *clk_id);