PERFORCE change 133871 for review
Robert Watson
rwatson at FreeBSD.org
Tue Jan 22 08:42:33 PST 2008
http://perforce.freebsd.org/chv.cgi?CH=133871
Change 133871 by rwatson at rwatson_freebsd_capabilities on 2008/01/22 16:42:12
Expose some minimal sysctls to capability mode. More will need to
be exposed.
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_mib.c#2 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_mib.c#2 (text+ko) ====
@@ -89,23 +89,23 @@
SYSCTL_STRING(_kern, OID_AUTO, ident, CTLFLAG_RD,
kern_ident, 0, "Kernel identifier");
-SYSCTL_STRING(_kern, KERN_OSRELEASE, osrelease, CTLFLAG_RD,
+SYSCTL_STRING(_kern, KERN_OSRELEASE, osrelease, CTLFLAG_RD | CTLFLAG_CAPRD,
osrelease, 0, "Operating system release");
-SYSCTL_INT(_kern, KERN_OSREV, osrevision, CTLFLAG_RD,
+SYSCTL_INT(_kern, KERN_OSREV, osrevision, CTLFLAG_RD | CTLFLAG_CAPRD,
0, BSD, "Operating system revision");
SYSCTL_STRING(_kern, KERN_VERSION, version, CTLFLAG_RD,
version, 0, "Kernel version");
-SYSCTL_STRING(_kern, KERN_OSTYPE, ostype, CTLFLAG_RD,
+SYSCTL_STRING(_kern, KERN_OSTYPE, ostype, CTLFLAG_RD | CTLFLAG_CAPRD,
ostype, 0, "Operating system type");
/*
* NOTICE: The *userland* release date is available in
* /usr/include/osreldate.h
*/
-SYSCTL_INT(_kern, KERN_OSRELDATE, osreldate, CTLFLAG_RD,
+SYSCTL_INT(_kern, KERN_OSRELDATE, osreldate, CTLFLAG_RD | CTLFLAG_CAPRD,
&osreldate, 0, "Kernel release date");
SYSCTL_INT(_kern, KERN_MAXPROC, maxproc, CTLFLAG_RDTUN,
@@ -117,23 +117,23 @@
SYSCTL_INT(_kern, OID_AUTO, maxusers, CTLFLAG_RDTUN,
&maxusers, 0, "Hint for kernel tuning");
-SYSCTL_INT(_kern, KERN_ARGMAX, argmax, CTLFLAG_RD,
+SYSCTL_INT(_kern, KERN_ARGMAX, argmax, CTLFLAG_RD | CTLFLAG_CAPRD,
0, ARG_MAX, "Maximum bytes of argument to execve(2)");
-SYSCTL_INT(_kern, KERN_POSIX1, posix1version, CTLFLAG_RD,
+SYSCTL_INT(_kern, KERN_POSIX1, posix1version, CTLFLAG_RD | CTLFLAG_CAPRD,
0, _POSIX_VERSION, "Version of POSIX attempting to comply to");
-SYSCTL_INT(_kern, KERN_NGROUPS, ngroups, CTLFLAG_RD,
+SYSCTL_INT(_kern, KERN_NGROUPS, ngroups, CTLFLAG_RD | CTLFLAG_CAPRD,
0, NGROUPS_MAX, "Maximum number of groups a user can belong to");
-SYSCTL_INT(_kern, KERN_JOB_CONTROL, job_control, CTLFLAG_RD,
+SYSCTL_INT(_kern, KERN_JOB_CONTROL, job_control, CTLFLAG_RD | CTLFLAG_CAPRD,
0, 1, "Whether job control is available");
#ifdef _POSIX_SAVED_IDS
-SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD,
+SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD | CTLFLAG_CAPRD,
0, 1, "Whether saved set-group/user ID is available");
#else
-SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD,
+SYSCTL_INT(_kern, KERN_SAVED_IDS, saved_ids, CTLFLAG_RD | CTLFLAG_CAPRD,
0, 0, "Whether saved set-group/user ID is available");
#endif
@@ -142,13 +142,13 @@
SYSCTL_STRING(_kern, KERN_BOOTFILE, bootfile, CTLFLAG_RW,
kernelname, sizeof kernelname, "Name of kernel file booted");
-SYSCTL_INT(_hw, HW_NCPU, ncpu, CTLFLAG_RD,
+SYSCTL_INT(_hw, HW_NCPU, ncpu, CTLFLAG_RD | CTLFLAG_CAPRD,
&mp_ncpus, 0, "Number of active CPUs");
-SYSCTL_INT(_hw, HW_BYTEORDER, byteorder, CTLFLAG_RD,
+SYSCTL_INT(_hw, HW_BYTEORDER, byteorder, CTLFLAG_RD | CTLFLAG_CAPRD,
0, BYTE_ORDER, "System byte order");
-SYSCTL_INT(_hw, HW_PAGESIZE, pagesize, CTLFLAG_RD,
+SYSCTL_INT(_hw, HW_PAGESIZE, pagesize, CTLFLAG_RD | CTLFLAG_CAPRD,
0, PAGE_SIZE, "System memory page size");
static int
@@ -160,7 +160,7 @@
return (sysctl_handle_long(oidp, &val, 0, req));
}
-SYSCTL_PROC(_kern, KERN_ARND, arandom, CTLFLAG_RD,
+SYSCTL_PROC(_kern, KERN_ARND, arandom, CTLFLAG_RD | CTLFLAG_CAPRD,
0, 0, sysctl_kern_arnd, "L", "arc4rand");
static int
@@ -356,6 +356,8 @@
* This is really cheating. These actually live in the libc, something
* which I'm not quite sure is a good idea anyway, but in order for
* getnext and friends to actually work, we define dummies here.
+ *
+ * XXXRW: These probably should be CTLFLAG_CAPRD.
*/
SYSCTL_STRING(_user, USER_CS_PATH, cs_path, CTLFLAG_RD,
"", 0, "PATH that finds all the standard utilities");
More information about the p4-projects
mailing list