PERFORCE change 134086 for review
Robert Watson
rwatson at FreeBSD.org
Fri Jan 25 06:29:19 PST 2008
http://perforce.freebsd.org/chv.cgi?CH=134086
Change 134086 by rwatson at rwatson_freebsd_capabilities on 2008/01/25 14:28:25
Expose some more system calls in capabilities mode, and fix the
spelling of the sysctl system call.
Regenerate.
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#2 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#7 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#7 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#7 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#7 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#7 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#7 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#2 (text+ko) ====
@@ -1,11 +1,11 @@
#
-# List of system calls enabled in capability mode.
+# List of system calls enabled in capability mode, one name per line.
#
# Notes:
# - sys_exit() and close() are very important.
# - Sorted alphabeetically, please keep it that way.
#
-# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#1 $
+# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#2 $
#
accept
acl_check_fd
@@ -33,10 +33,16 @@
fchdir
fchflags
fchmod
+fchown
fcntl
flock
fork
fpathconf
+freebsd6_ftruncate
+freebsd6_lseek
+freebsd6_mmap
+freebsd6_pread
+freebsd6_pwrite
fstat
fstatfs
fsync
@@ -76,7 +82,6 @@
shutdown
socketpair
sys_exit
-sysctl
-sysctl
+__sysctl
write
writev
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#7 (text+ko) ====
@@ -152,7 +152,7 @@
{ AS(readv_args), (sy_call_t *)readv, AUE_READV, NULL, 0, 0, SYF_CAPENABLED }, /* 120 = readv */
{ AS(writev_args), (sy_call_t *)writev, AUE_WRITEV, NULL, 0, 0, SYF_CAPENABLED }, /* 121 = writev */
{ AS(settimeofday_args), (sy_call_t *)settimeofday, AUE_SETTIMEOFDAY, NULL, 0, 0, 0 }, /* 122 = settimeofday */
- { AS(fchown_args), (sy_call_t *)fchown, AUE_FCHOWN, NULL, 0, 0, 0 }, /* 123 = fchown */
+ { AS(fchown_args), (sy_call_t *)fchown, AUE_FCHOWN, NULL, 0, 0, SYF_CAPENABLED }, /* 123 = fchown */
{ AS(fchmod_args), (sy_call_t *)fchmod, AUE_FCHMOD, NULL, 0, 0, SYF_CAPENABLED }, /* 124 = fchmod */
{ compat(AS(recvfrom_args),recvfrom), AUE_RECVFROM, NULL, 0, 0, SYF_CAPENABLED }, /* 125 = old recvfrom */
{ AS(setreuid_args), (sy_call_t *)setreuid, AUE_SETREUID, NULL, 0, 0, 0 }, /* 126 = setreuid */
@@ -202,8 +202,8 @@
{ AS(msgsys_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 170 = msgsys */
{ AS(shmsys_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 171 = shmsys */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 172 = nosys */
- { AS(freebsd6_pread_args), (sy_call_t *)freebsd6_pread, AUE_PREAD, NULL, 0, 0, 0 }, /* 173 = freebsd6_pread */
- { AS(freebsd6_pwrite_args), (sy_call_t *)freebsd6_pwrite, AUE_PWRITE, NULL, 0, 0, 0 }, /* 174 = freebsd6_pwrite */
+ { AS(freebsd6_pread_args), (sy_call_t *)freebsd6_pread, AUE_PREAD, NULL, 0, 0, SYF_CAPENABLED }, /* 173 = freebsd6_pread */
+ { AS(freebsd6_pwrite_args), (sy_call_t *)freebsd6_pwrite, AUE_PWRITE, NULL, 0, 0, SYF_CAPENABLED }, /* 174 = freebsd6_pwrite */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 175 = nosys */
{ AS(ntp_adjtime_args), (sy_call_t *)ntp_adjtime, AUE_NTP_ADJTIME, NULL, 0, 0, 0 }, /* 176 = ntp_adjtime */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 177 = sfork */
@@ -226,12 +226,12 @@
{ AS(__getrlimit_args), (sy_call_t *)getrlimit, AUE_GETRLIMIT, NULL, 0, 0, 0 }, /* 194 = getrlimit */
{ AS(__setrlimit_args), (sy_call_t *)setrlimit, AUE_SETRLIMIT, NULL, 0, 0, 0 }, /* 195 = setrlimit */
{ AS(getdirentries_args), (sy_call_t *)getdirentries, AUE_GETDIRENTRIES, NULL, 0, 0, SYF_CAPENABLED }, /* 196 = getdirentries */
- { AS(freebsd6_mmap_args), (sy_call_t *)freebsd6_mmap, AUE_MMAP, NULL, 0, 0, 0 }, /* 197 = freebsd6_mmap */
+ { AS(freebsd6_mmap_args), (sy_call_t *)freebsd6_mmap, AUE_MMAP, NULL, 0, 0, SYF_CAPENABLED }, /* 197 = freebsd6_mmap */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 198 = __syscall */
- { AS(freebsd6_lseek_args), (sy_call_t *)freebsd6_lseek, AUE_LSEEK, NULL, 0, 0, 0 }, /* 199 = freebsd6_lseek */
+ { AS(freebsd6_lseek_args), (sy_call_t *)freebsd6_lseek, AUE_LSEEK, NULL, 0, 0, SYF_CAPENABLED }, /* 199 = freebsd6_lseek */
{ AS(freebsd6_truncate_args), (sy_call_t *)freebsd6_truncate, AUE_TRUNCATE, NULL, 0, 0, 0 }, /* 200 = freebsd6_truncate */
- { AS(freebsd6_ftruncate_args), (sy_call_t *)freebsd6_ftruncate, AUE_FTRUNCATE, NULL, 0, 0, 0 }, /* 201 = freebsd6_ftruncate */
- { AS(sysctl_args), (sy_call_t *)__sysctl, AUE_SYSCTL, NULL, 0, 0, 0 }, /* 202 = __sysctl */
+ { AS(freebsd6_ftruncate_args), (sy_call_t *)freebsd6_ftruncate, AUE_FTRUNCATE, NULL, 0, 0, SYF_CAPENABLED }, /* 201 = freebsd6_ftruncate */
+ { AS(sysctl_args), (sy_call_t *)__sysctl, AUE_SYSCTL, NULL, 0, 0, SYF_CAPENABLED }, /* 202 = __sysctl */
{ AS(mlock_args), (sy_call_t *)mlock, AUE_MLOCK, NULL, 0, 0, 0 }, /* 203 = mlock */
{ AS(munlock_args), (sy_call_t *)munlock, AUE_MUNLOCK, NULL, 0, 0, 0 }, /* 204 = munlock */
{ AS(undelete_args), (sy_call_t *)undelete, AUE_UNDELETE, NULL, 0, 0, 0 }, /* 205 = undelete */
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#7 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#7 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#7 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#7 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#7 (text+ko) ====
More information about the p4-projects
mailing list