PERFORCE change 133768 for review

Robert Watson rwatson at FreeBSD.org
Mon Jan 21 02:23:44 PST 2008 

http://perforce.freebsd.org/chv.cgi?CH=133768

Change 133768 by rwatson at rwatson_freebsd_capabilities on 2008/01/21 10:23:27

	Add more capabilities relating to sockets, comment.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#2 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#2 (text+ko) ====

@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#1 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#2 $
  */
 
 /*
@@ -42,56 +42,66 @@
 /*
  * Possibly rights on capabilities.
  */
-#define	CAP_READ		0x0000000000000001
-#define	CAP_WRITE		0x0000000000000002
-#define	CAP_FCHDIR		0x0000000000000004
-#define	CAP_LSEEK		0x0000000000000008
-#define	CAP_GETPEERNAME		0x0000000000000010
-#define	CAP_GETSOCKNAME		0x0000000000000020
-#define	CAP_FCHFLAGS		0x0000000000000040
-#define	CAP_IOCTL		0x0000000000000080
-#define	CAP_FSTAT		0x0000000000000100
-#define	CAP_MMAP		0x0000000000000200
-#define	CAP_FCNTL		0x0000000000000400
-#define	CAP_EVENT		0x0000000000000800	/* XXX? */
-#define	CAP_FSYNC		0x0000000000001000	/* XXX? */
-#define	CAP_FCHOWN		0x0000000000002000
-#define	CAP_FCHMOD		0x0000000000004000
-#define	CAP_FTRUNCATE		0x0000000000008000
-#define	CAP_FLOCK		0x0000000000010000
-#define	CAP_GETDIRENTRIES	0x0000000000020000
-#define	CAP_FSTATFS		0x0000000000040000
-#define	CAP_PREAD		0x0000000000080000
-#define	CAP_PWRITE		0x0000000000100000
-#define	CAP_FPATHCONF		0x0000000000200000
-#define	CAP_FUTIMES		0x0000000000400000
-#define	CAP_AIO			0x0000000000800000
-#define	CAP_ACL_GET		0x0000000001000000
-#define	CAP_ACL_SET		0x0000000002000000
-#define	CAP_ACL_DELETE		0x0000000004000000
-#define	CAP_ACL_CHECK		0x0000000008000000
-#define	CAP_EXTATTR_GET		0x0000000010000000
-#define	CAP_EXTATTR_SET		0x0000000020000000
-#define	CAP_EXTATTR_DELETE	0x0000000040000000
-#define	CAP_EXTATTR_LIST	0x0000000080000000
-#define	CAP_MAC_GET		0x0000000100000000
-#define	CAP_MAC_SET		0x0000000200000000
-#define	CAP_MASK_VALID		0x00000003ffffffff
+#define	CAP_READ		0x0000000000000001	/* read/recv */
+#define	CAP_WRITE		0x0000000000000002	/* write/send */
+#define	CAP_FCHDIR		0x0000000000000004	/* fchdir */
+#define	CAP_LSEEK		0x0000000000000008	/* lseek */
+#define	CAP_GETPEERNAME		0x0000000000000010	/* getpeername */
+#define	CAP_GETSOCKNAME		0x0000000000000020	/* getsockname */
+#define	CAP_FCHFLAGS		0x0000000000000040	/* fchflags */
+#define	CAP_IOCTL		0x0000000000000080	/* ioctl */
+#define	CAP_FSTAT		0x0000000000000100	/* fstat */
+#define	CAP_MMAP		0x0000000000000200	/* mmap */
+#define	CAP_FCNTL		0x0000000000000400	/* fcntl */
+#define	CAP_EVENT		0x0000000000000800	/* select/poll */
+#define	CAP_FSYNC		0x0000000000001000	/* fsync */
+#define	CAP_FCHOWN		0x0000000000002000	/* fchown */
+#define	CAP_FCHMOD		0x0000000000004000	/* fchmod */
+#define	CAP_FTRUNCATE		0x0000000000008000	/* ftruncate */
+#define	CAP_FLOCK		0x0000000000010000	/* flock */
+#define	CAP_GETDIRENTRIES	0x0000000000020000	/* getdirentries */
+#define	CAP_FSTATFS		0x0000000000040000	/* fstatfs */
+#define	CAP_PREAD		0x0000000000080000	/* pread */
+#define	CAP_PWRITE		0x0000000000100000	/* pwrite */
+#define	CAP_FPATHCONF		0x0000000000200000	/* fpathconf */
+#define	CAP_FUTIMES		0x0000000000400000	/* futimes */
+#define	CAP_AIO			0x0000000000800000	/* aio_* */
+#define	CAP_ACL_GET		0x0000000001000000	/* acl_get_fd */
+#define	CAP_ACL_SET		0x0000000002000000	/* acl_set_fd */
+#define	CAP_ACL_DELETE		0x0000000004000000	/* acl_delete_fd */
+#define	CAP_ACL_CHECK		0x0000000008000000	/* acl_list_fd */
+#define	CAP_EXTATTR_GET		0x0000000010000000	/* extattr_get_fd */
+#define	CAP_EXTATTR_SET		0x0000000020000000	/* extattr_set_fd */
+#define	CAP_EXTATTR_DELETE	0x0000000040000000	/* extattr_delete_fd */
+#define	CAP_EXTATTR_LIST	0x0000000080000000	/* extattr_list_fd */
+#define	CAP_MAC_GET		0x0000000100000000	/* mac_get_fd */
+#define	CAP_MAC_SET		0x0000000200000000	/* mac_set_fd */
+#define	CAP_ACCEPT		0x0000000400000000	/* accept */
+#define	CAP_CONNECT		0x0000000800000000	/* connect/sendto */
+#define	CAP_BIND		0x0000001000000000	/* bind */
+#define	CAP_GETSOCKOPT		0x0000002000000000	/* getsockopt */
+#define	CAP_SETSOCKOPT		0x0000004000000000	/* setsockopt */
+#define	CAP_LISTEN		0x0000008000000000	/* listen */
+#define	CAP_SHUTDOWN		0x0000010000000000	/* shutdown */
+#define	CAP_PEELOFF		0x0000020000000000	/* sctp_peeloff */
+#define	CAP_MASK_VALID		0x000003ffffffffff
 
 /*
  * Notes:
  *
  * Some system calls don't require a capability in order to perform an
- * operation on an fd.  These include: close(), dup(), dup2().
+ * operation on an fd.  These include: close, dup, dup2.
  *
- * CAP_EVENT covers select(), poll(), and kqueue() registration for a
- * capability.
+ * CAP_EVENT covers select, poll, and kqueue registration for a capability.
  *
  * CAP_AIO is combined with other capabilities to authorize specific AIO
- * operations, such as AIO_READ.  aio_cancel() just requires CAP_AIO.
+ * operations, such as AIO_READ.  aio_cancel just requires CAP_AIO.
  *
- * sendfile() is authorized using CAP_READ on the file and CAP_WRITE on the
+ * sendfile is authorized using CAP_READ on the file and CAP_WRITE on the
  * socket.
+ *
+ * sendto should check CAP_CONNECT as well as CAP_WRITE if an address is
+ * specified.
  */
 
 #ifdef _KERNEL

More information about the p4-projects mailing list