From owner-svn-src-all@freebsd.org  Wed Nov 14 00:46:04 2018
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 36E5711029B2;
 Wed, 14 Nov 2018 00:46:04 +0000 (UTC)
 (envelope-from brooks@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id B9F4683E77;
 Wed, 14 Nov 2018 00:46:03 +0000 (UTC)
 (envelope-from brooks@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9AE5117DB3;
 Wed, 14 Nov 2018 00:46:03 +0000 (UTC)
 (envelope-from brooks@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAE0k3tH021223;
 Wed, 14 Nov 2018 00:46:03 GMT (envelope-from brooks@FreeBSD.org)
Received: (from brooks@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAE0k3sD021218;
 Wed, 14 Nov 2018 00:46:03 GMT (envelope-from brooks@FreeBSD.org)
Message-Id: <201811140046.wAE0k3sD021218@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: brooks set sender to
 brooks@FreeBSD.org using -f
From: Brooks Davis <brooks@FreeBSD.org>
Date: Wed, 14 Nov 2018 00:46:03 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r340424 - in head/sys: compat/freebsd32 kern
X-SVN-Group: head
X-SVN-Commit-Author: brooks
X-SVN-Commit-Paths: in head/sys: compat/freebsd32 kern
X-SVN-Commit-Revision: 340424
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: B9F4683E77
X-Spamd-Result: default: False [-106.88 / 200.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 ALLOW_DOMAIN_WHITELIST(-100.00)[FreeBSD.org];
 FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0];
 MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[];
 HAS_XAW(0.00)[]; R_SPF_SOFTFAIL(0.00)[~all];
 DMARC_NA(0.00)[FreeBSD.org]; RCVD_COUNT_THREE(0.00)[4];
 MX_GOOD(-0.01)[cached: mx1.FreeBSD.org];
 NEURAL_HAM_SHORT(-1.00)[-0.999,0]; FROM_EQ_ENVFROM(0.00)[];
 R_DKIM_NA(0.00)[]; RCVD_TLS_LAST(0.00)[];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
 IP_SCORE(-3.77)[ip: (-9.91), ipnet: 2610:1c1:1::/48(-4.93), asn: 11403(-3.91),
 country: US(-0.09)]
X-Rspamd-Server: mx1.freebsd.org
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Nov 2018 00:46:04 -0000

Author: brooks
Date: Wed Nov 14 00:46:02 2018
New Revision: 340424
URL: https://svnweb.freebsd.org/changeset/base/340424

Log:
  Use the main capabilities.conf for freebsd32.
  
  Allow the location of capabilities.conf to be configured.
  
  Also allow a per-abi syscall prefix to be configured with the
  abi_func_prefix syscalls.conf variable and check syscalls against
  entries in capabilities.conf with and without the prefix amended.
  
  Take advantage of these two features to allow use shared capabilities.conf
  between the default syscall vector and the freebsd32 compatability
  layer.  We've been inconsistent about keeping the two in sync as
  evidenced by the bugs fixed in r340294.  This eliminates that problem
  going forward.
  
  Reviewed by:	kib
  Obtained from:	CheriBSD
  Sponsored by:	DARPA, AFRL
  Differential Revision:	https://reviews.freebsd.org/D17932

Deleted:
  head/sys/compat/freebsd32/capabilities.conf
Modified:
  head/sys/compat/freebsd32/Makefile
  head/sys/compat/freebsd32/syscalls.conf
  head/sys/kern/makesyscalls.sh

Modified: head/sys/compat/freebsd32/Makefile
==============================================================================
--- head/sys/compat/freebsd32/Makefile	Wed Nov 14 00:33:03 2018	(r340423)
+++ head/sys/compat/freebsd32/Makefile	Wed Nov 14 00:46:02 2018	(r340424)
@@ -11,7 +11,7 @@ all:
 sysent:  freebsd32_sysent.c freebsd32_syscall.h freebsd32_proto.h freebsd32_systrace_args.c
 
 freebsd32_sysent.c freebsd32_syscalls.c freebsd32_syscall.h freebsd32_proto.h freebsd32_systrace_args.c : \
-	    ../../kern/makesyscalls.sh syscalls.master syscalls.conf capabilities.conf
+	    ../../kern/makesyscalls.sh syscalls.master syscalls.conf ../../kern/capabilities.conf
 	sh ../../kern/makesyscalls.sh syscalls.master syscalls.conf
 
 clean:

Modified: head/sys/compat/freebsd32/syscalls.conf
==============================================================================
--- head/sys/compat/freebsd32/syscalls.conf	Wed Nov 14 00:33:03 2018	(r340423)
+++ head/sys/compat/freebsd32/syscalls.conf	Wed Nov 14 00:46:02 2018	(r340424)
@@ -9,3 +9,5 @@ syscallprefix="FREEBSD32_SYS_"
 switchname="freebsd32_sysent"
 namesname="freebsd32_syscallnames"
 systrace="freebsd32_systrace_args.c"
+abi_func_prefix="freebsd32_"
+capabilities_conf="../../kern/capabilities.conf"

Modified: head/sys/kern/makesyscalls.sh
==============================================================================
--- head/sys/kern/makesyscalls.sh	Wed Nov 14 00:33:03 2018	(r340423)
+++ head/sys/kern/makesyscalls.sh	Wed Nov 14 00:46:02 2018	(r340424)
@@ -45,14 +45,8 @@ sysarg="sysarg.switch.$$"
 sysprotoend="sysprotoend.$$"
 systracetmp="systrace.$$"
 systraceret="systraceret.$$"
+capabilities_conf="capabilities.conf"
 
-if [ -r capabilities.conf ]; then
-	capenabled=`egrep -v '^#|^$' capabilities.conf`
-	capenabled=`echo $capenabled | sed 's/ /,/g'`
-else
-	capenabled=""
-fi
-
 trap "rm $sysaue $sysdcl $syscompat $syscompatdcl $syscompat4 $syscompat4dcl $syscompat6 $syscompat6dcl $syscompat7 $syscompat7dcl $syscompat10 $syscompat10dcl $syscompat11 $syscompat11dcl $sysent $sysinc $sysarg $sysprotoend $systracetmp $systraceret" 0
 
 touch $sysaue $sysdcl $syscompat $syscompatdcl $syscompat4 $syscompat4dcl $syscompat6 $syscompat6dcl $syscompat7 $syscompat7dcl $syscompat10 $syscompat10dcl $syscompat11 $syscompat11dcl $sysent $sysinc $sysarg $sysprotoend $systracetmp $systraceret
@@ -67,6 +61,13 @@ if [ -n "$2" ]; then
 	. $2
 fi
 
+if [ -r $capabilities_conf ]; then
+	capenabled=`egrep -v '^#|^$' $capabilities_conf`
+	capenabled=`echo $capenabled | sed 's/ /,/g'`
+else
+	capenabled=""
+fi
+
 sed -e '
 	# FreeBSD ID, includes, comments, and blank lines
 	/.*\$FreeBSD/b done_joining
@@ -137,6 +138,7 @@ sed -e '
 		switchname = \"$switchname\"
 		namesname = \"$namesname\"
 		infile = \"$1\"
+		abi_func_prefix = \"$abi_func_prefix\"
 		capenabled_string = \"$capenabled\"
 		"'
 
@@ -381,7 +383,8 @@ sed -e '
 		# from it.
 		#
 		for (cap in capenabled) {
-			if (funcname == capenabled[cap]) {
+			if (funcname == capenabled[cap] ||
+			    funcname == abi_func_prefix capenabled[cap]) {
 				flags = "SYF_CAPENABLED";
 				break;
 			}