From owner-p4-projects@FreeBSD.ORG  Tue Jan 22 16:14:02 2008
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 3E69816A419; Tue, 22 Jan 2008 16:14:02 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C51E316A46B
	for <perforce@freebsd.org>; Tue, 22 Jan 2008 16:14:01 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id CC72013C458
	for <perforce@freebsd.org>; Tue, 22 Jan 2008 16:14:01 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id m0MGE18B054793
	for <perforce@freebsd.org>; Tue, 22 Jan 2008 16:14:01 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.1/8.14.1/Submit) id m0MGE1jE054790
	for perforce@freebsd.org; Tue, 22 Jan 2008 16:14:01 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Tue, 22 Jan 2008 16:14:01 GMT
Message-Id: <200801221614.m0MGE1jE054790@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 133868 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jan 2008 16:14:02 -0000

http://perforce.freebsd.org/chv.cgi?CH=133868

Change 133868 by rwatson@rwatson_freebsd_capabilities on 2008/01/22 16:13:50

	Add a flags field to the process credential and define a flag for
	capability mode.
	
	Add a new system call, cap_getmode() that returns whether or not
	the process is in capability mode.
	
	Implement cap_enter() system call to set that flag.  The call is
	a no-op if the process is already in capability mode.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#5 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.master#5 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/ucred.h#2 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#5 (text+ko) ====

@@ -58,16 +58,19 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#4 $");
+__FBSDID("$P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#5 $");
 
 #include <sys/param.h>
 #include <sys/capability.h>
 #include <sys/file.h>
 #include <sys/filedesc.h>
 #include <sys/kernel.h>
+#include <sys/lock.h>
+#include <sys/mutex.h>
 #include <sys/proc.h>
 #include <sys/sysproto.h>
 #include <sys/systm.h>
+#include <sys/ucred.h>
 
 #include <vm/uma.h>
 
@@ -162,20 +165,44 @@
 }
 
 /*
- * Enter capability mode for the process.
+ * System call to enter capability mode for the process.
  */
 int
 cap_enter(struct thread *td, struct cap_enter_args *uap)
 {
+	struct ucred *newcred, *oldcred;
+	struct proc *p;
 
-	/* XXXRW: Not implemented. */
+	if (td->td_ucred->cr_flags & CRED_FLAG_CAPMODE)
+		return (0);
 
+	newcred = crget();
+	p = td->td_proc;
+	PROC_LOCK(p);
+	oldcred = p->p_ucred;
+	crcopy(newcred, oldcred);
+	newcred->cr_flags |= CRED_FLAG_CAPMODE;
+	p->p_ucred = newcred;
+	PROC_UNLOCK(p);
+	crfree(oldcred);
 	return (0);
 }
 
 /*
- * Create a new capability reference to either an existing file object or an
- * an existing capability.
+ * System call to query whether the process is in capability mode.
+ */
+int
+cap_getmode(struct thread *td, struct cap_getmode_args *uap)
+{
+	u_int i;
+
+	i = (td->td_ucred->cr_flags & CRED_FLAG_CAPMODE) ? 1 : 0;
+	return (copyout(&i, uap->modep, sizeof(i)));
+}
+
+/*
+ * System call to create a new capability reference to either an existing
+ * file object or an an existing capability.
  */
 int
 cap_new(struct thread *td, struct cap_new_args *uap)

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.master#5 (text+ko) ====

@@ -854,5 +854,6 @@
 485	AUE_NULL	STD	{ int cap_getrights(int fd, \
 				    u_int64_t *rightsp); }
 486	AUE_NULL	STD	{ int cap_enter(void); }
+487	AUE_NULL	STD	{ int cap_getmode(u_int *modep); }
 ; Please copy any additions and changes to the following compatability tables:
 ; sys/compat/freebsd32/syscalls.master

==== //depot/projects/trustedbsd/capabilities/src/sys/sys/ucred.h#2 (text+ko) ====

@@ -55,13 +55,19 @@
 	struct uidinfo	*cr_uidinfo;	/* per euid resource consumption */
 	struct uidinfo	*cr_ruidinfo;	/* per ruid resource consumption */
 	struct prison	*cr_prison;	/* jail(2) */
-	void 		*cr_pspare[3];	/* vimage 2; general use 1 */
+	u_int	cr_flags;		/* Flags. */
+	void 	*cr_pspare[3];		/* vimage 2; general use 1 */
 #define	cr_endcopy	cr_label
 	struct label	*cr_label;	/* MAC label */
 	struct auditinfo_addr	cr_audit;	/* Audit properties. */
 };
 #define	NOCRED	((struct ucred *)0)	/* no credential available */
 #define	FSCRED	((struct ucred *)-1)	/* filesystem credential */
+
+/*
+ * Flags for cr_flags.
+ */
+#define	CRED_FLAG_CAPMODE	0x00000001	/* In capability mode. */
 #endif /* _KERNEL || _WANT_UCRED */
 
 /*