PERFORCE change 134790 for review

Robert Watson rwatson at FreeBSD.org
Mon Feb 4 09:00:47 PST 2008 

http://perforce.freebsd.org/chv.cgi?CH=134790

Change 134790 by rwatson at rwatson_freebsd_capabilities on 2008/02/04 17:00:10

	Remove CAP_AIO since aio_fsync(), aio_read(), and aio_write()
	are basically juse fsync(), read(), and write().  Check them
	as such.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/sys/kern/vfs_aio.c#5 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#11 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/vfs_aio.c#5 (text+ko) ====

@@ -1412,16 +1412,16 @@
 	fd = aiocbe->uaiocb.aio_fildes;
 	switch (opcode) {
 	case LIO_WRITE:
-		error = fget_write(td, fd, CAP_WRITE | CAP_AIO, &fp);
+		error = fget_write(td, fd, CAP_WRITE, &fp);
 		break;
 	case LIO_READ:
-		error = fget_read(td, fd, CAP_READ | CAP_AIO, &fp);
+		error = fget_read(td, fd, CAP_READ, &fp);
 		break;
 	case LIO_SYNC:
-		error = fget(td, fd, CAP_FSYNC | CAP_AIO, &fp);
+		error = fget(td, fd, CAP_FSYNC, &fp);
 		break;
 	case LIO_NOP:
-		error = fget(td, fd, CAP_AIO, &fp);
+		error = fget(td, fd, 0, &fp);
 		break;
 	default:
 		error = EINVAL;
@@ -1799,7 +1799,7 @@
 	struct vnode *vp;
 
 	/* Lookup file object. */
-	error = fget(td, uap->fd, CAP_AIO, &fp);
+	error = fget(td, uap->fd, 0, &fp);
 	if (error)
 		return (error);
 

==== //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#11 (text+ko) ====

@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#10 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#11 $
  */
 
 /*
@@ -39,45 +39,44 @@
  */
 #define	CAP_READ		0x0000000000000001ULL	/* read/recv */
 #define	CAP_WRITE		0x0000000000000002ULL	/* write/send */
-#define	CAP_SEEK		0x0000000000000008ULL	/* lseek, various io */
-#define	CAP_GETPEERNAME		0x0000000000000010ULL	/* getpeername */
-#define	CAP_GETSOCKNAME		0x0000000000000020ULL	/* getsockname */
-#define	CAP_FCHFLAGS		0x0000000000000040ULL	/* fchflags */
-#define	CAP_IOCTL		0x0000000000000080ULL	/* ioctl */
-#define	CAP_FSTAT		0x0000000000000100ULL	/* fstat */
-#define	CAP_MMAP		0x0000000000000200ULL	/* mmap */
-#define	CAP_FCNTL		0x0000000000000400ULL	/* fcntl */
-#define	CAP_EVENT		0x0000000000000800ULL	/* select/poll */
-#define	CAP_FSYNC		0x0000000000001000ULL	/* fsync */
-#define	CAP_FCHOWN		0x0000000000002000ULL	/* fchown */
-#define	CAP_FCHMOD		0x0000000000004000ULL	/* fchmod */
-#define	CAP_FTRUNCATE		0x0000000000008000ULL	/* ftruncate */
-#define	CAP_FLOCK		0x0000000000010000ULL	/* flock */
-#define	CAP_FSTATFS		0x0000000000040000ULL	/* fstatfs */
-#define	CAP_REVOKE		0x0000000000080000ULL	/* revoke */
-#define	CAP_FEXECVE		0x0000000000100000ULL	/* fexecve */
-#define	CAP_FPATHCONF		0x0000000000200000ULL	/* fpathconf */
-#define	CAP_FUTIMES		0x0000000000400000ULL	/* futimes */
-#define	CAP_AIO			0x0000000000800000ULL	/* aio_* */
-#define	CAP_ACL_GET		0x0000000001000000ULL	/* acl_get_fd */
-#define	CAP_ACL_SET		0x0000000002000000ULL	/* acl_set_fd */
-#define	CAP_ACL_DELETE		0x0000000004000000ULL	/* acl_delete_fd */
-#define	CAP_ACL_CHECK		0x0000000008000000ULL	/* acl_list_fd */
-#define	CAP_EXTATTR_GET		0x0000000010000000ULL	/* extattr_get_fd */
-#define	CAP_EXTATTR_SET		0x0000000020000000ULL	/* extattr_set_fd */
-#define	CAP_EXTATTR_DELETE	0x0000000040000000ULL	/* extattr_delete_fd */
-#define	CAP_EXTATTR_LIST	0x0000000080000000ULL	/* extattr_list_fd */
-#define	CAP_MAC_GET		0x0000000100000000ULL	/* mac_get_fd */
-#define	CAP_MAC_SET		0x0000000200000000ULL	/* mac_set_fd */
-#define	CAP_ACCEPT		0x0000000400000000ULL	/* accept */
-#define	CAP_CONNECT		0x0000000800000000ULL	/* connect/sendto */
-#define	CAP_BIND		0x0000001000000000ULL	/* bind */
-#define	CAP_GETSOCKOPT		0x0000002000000000ULL	/* getsockopt */
-#define	CAP_SETSOCKOPT		0x0000004000000000ULL	/* setsockopt */
-#define	CAP_LISTEN		0x0000008000000000ULL	/* listen */
-#define	CAP_SHUTDOWN		0x0000010000000000ULL	/* shutdown */
-#define	CAP_PEELOFF		0x0000020000000000ULL	/* sctp_peeloff */
-#define	CAP_MASK_VALID		0x000003fffffdfffbULL
+#define	CAP_SEEK		0x0000000000000004ULL	/* lseek, various io */
+#define	CAP_GETPEERNAME		0x0000000000000008ULL	/* getpeername */
+#define	CAP_GETSOCKNAME		0x0000000000000010ULL	/* getsockname */
+#define	CAP_FCHFLAGS		0x0000000000000020ULL	/* fchflags */
+#define	CAP_IOCTL		0x0000000000000040ULL	/* ioctl */
+#define	CAP_FSTAT		0x0000000000000080ULL	/* fstat */
+#define	CAP_MMAP		0x0000000000000100ULL	/* mmap */
+#define	CAP_FCNTL		0x0000000000000200ULL	/* fcntl */
+#define	CAP_EVENT		0x0000000000000400ULL	/* select/poll */
+#define	CAP_FSYNC		0x0000000000000800ULL	/* fsync */
+#define	CAP_FCHOWN		0x0000000000001000ULL	/* fchown */
+#define	CAP_FCHMOD		0x0000000000002000ULL	/* fchmod */
+#define	CAP_FTRUNCATE		0x0000000000004000ULL	/* ftruncate */
+#define	CAP_FLOCK		0x0000000000008000ULL	/* flock */
+#define	CAP_FSTATFS		0x0000000000010000ULL	/* fstatfs */
+#define	CAP_REVOKE		0x0000000000020000ULL	/* revoke */
+#define	CAP_FEXECVE		0x0000000000040000ULL	/* fexecve */
+#define	CAP_FPATHCONF		0x0000000000080000ULL	/* fpathconf */
+#define	CAP_FUTIMES		0x0000000000100000ULL	/* futimes */
+#define	CAP_ACL_GET		0x0000000000200000ULL	/* acl_get_fd */
+#define	CAP_ACL_SET		0x0000000000400000ULL	/* acl_set_fd */
+#define	CAP_ACL_DELETE		0x0000000000800000ULL	/* acl_delete_fd */
+#define	CAP_ACL_CHECK		0x0000000001000000ULL	/* acl_list_fd */
+#define	CAP_EXTATTR_GET		0x0000000002000000ULL	/* extattr_get_fd */
+#define	CAP_EXTATTR_SET		0x0000000004000000ULL	/* extattr_set_fd */
+#define	CAP_EXTATTR_DELETE	0x0000000008000000ULL	/* extattr_delete_fd */
+#define	CAP_EXTATTR_LIST	0x0000000010000000ULL	/* extattr_list_fd */
+#define	CAP_MAC_GET		0x0000000020000000ULL	/* mac_get_fd */
+#define	CAP_MAC_SET		0x0000000040000000ULL	/* mac_set_fd */
+#define	CAP_ACCEPT		0x0000000080000000ULL	/* accept */
+#define	CAP_CONNECT		0x0000000100000000ULL	/* connect/sendto */
+#define	CAP_BIND		0x0000000200000000ULL	/* bind */
+#define	CAP_GETSOCKOPT		0x0000000400000000ULL	/* getsockopt */
+#define	CAP_SETSOCKOPT		0x0000000800000000ULL	/* setsockopt */
+#define	CAP_LISTEN		0x0000001000000000ULL	/* listen */
+#define	CAP_SHUTDOWN		0x0000002000000000ULL	/* shutdown */
+#define	CAP_PEELOFF		0x0000004000000000ULL	/* sctp_peeloff */
+#define	CAP_MASK_VALID		0x0000007fffffffffULL
 
 /*
  * Notes:
@@ -92,9 +91,6 @@
  *
  * CAP_EVENT covers select, poll, and kqueue registration for a capability.
  *
- * CAP_AIO is combined with other capabilities to authorize specific AIO
- * operations, such as AIO_READ.  aio_cancel just requires CAP_AIO.
- *
  * sendfile is authorized using CAP_READ on the file and CAP_WRITE on the
  * socket.
  *

More information about the p4-projects mailing list