PERFORCE change 134102 for review
Robert Watson
rwatson at FreeBSD.org
Fri Jan 25 13:35:55 PST 2008
http://perforce.freebsd.org/chv.cgi?CH=134102
Change 134102 by rwatson at rwatson_freebsd_capabilities on 2008/01/25 21:35:40
Add more syscalls to capabilities.conf, fix a few existing ones,
and comment cases where more work is needed. Of particular
importance is scoping pid-related calls, which are needed to
implement most POSIX process-related things, but imply a global
namespace.
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#3 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#8 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#8 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#8 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#8 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#8 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#8 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#3 (text+ko) ====
@@ -5,13 +5,29 @@
# - sys_exit() and close() are very important.
# - Sorted alphabeetically, please keep it that way.
#
-# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#2 $
+# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#3 $
+#
+__acl_aclcheck_fd
+__acl_delete_fd
+__acl_get_fd
+__acl_set_fd
+__mac_get_fd
+#
+# __mac_get_pid need scoping
+#
+__mac_get_pid
+__mac_get_proc
+__mac_set_fd
+__mac_set_proc
+#
+# Certain sysctls need more scoping
#
+__sysctl
+_umtx_lock
+_umtx_op
+_umtx_unlock
+abort2
accept
-acl_check_fd
-acl_delete_fd
-acl_get_fd
-acl_set_fd
aio_cancel
aio_error
aio_fsync
@@ -20,20 +36,38 @@
aio_suspend
aio_waitcomplete
aio_write
+#
+# What to do about audit()?
+#
+#audit
bind
cap_enter
cap_getmode
+cap_getrights
cap_new
+clock_gettime
+clock_getres
close
connect
-extattr_check_fd
+dup
+dup2
+eaccess
+extattr_delete_fd
extattr_get_fd
extattr_list_fd
extattr_set_fd
+#
+# Possibly fchdir() should be excluded on the basis that this implies access
+# to the global namespace, and isn't really useful without it.
+#
fchdir
fchflags
fchmod
fchown
+#
+# Need to review fcntl operations for global affects that might need to be
+# scoped.
+#
fcntl
flock
fork
@@ -48,22 +82,118 @@
fsync
ftruncate
futimes
+getaudit
+getaudit_addr
+getauid
+getcontext
+getdents
getdirentries
+getdomainname
+getegid
+geteuid
+gethostid
+gethostname
+getitimer
+getgid
+getgroups
+#
+# Should we allow getlogin?
+#
+#getlogin
+getpagesize
getpeername
+#
+# getpgid needs scoping.
+#
+getpgid
+getpgrp
+getpid
+#
+# getppid might or might not need scoping.
+#
+getppid
+getpriority
+getresgid
+getresuid
+getrlimit
+#
+# getrusage needs scoping.
+#
+getrusage
+#
+# getsid needs scoping.
+#
+getsid
getsockname
getsockopt
+gettimeofday
+getuid
+#
+# ioctl is dangerous.
+#
ioctl
+issetugid
kevent
+kmq_notify
+kmq_setattr
+kmq_timedreceive
+kmq_timedsend
+#
+# kill needs scoping
+#
+#kill
+#killpg
kqueue
+kse_create
+kse_exit
+kse_release
+kse_switchin
+kse_thr_interrupt
+kse_wakeup
+ktimer_create
+ktimer_delete
+ktimer_getoverrun
+ktimer_gettime
+ktimer_settime
+#
+# ktrace needs scoping
+#
+#ktrace
+lio_listio
listen
lseek
mac_get_fd
mac_set_fd
+madvise
+mincore
+minherit
+mlock
+mlockall
+#
+# mmap needs scoping
+#
mmap
+mprotect
+msync
+munlock
+munlockall
+munmap
+nanosleep
+ntp_gettime
+oaio_read
+oaio_write
+obreak
+olio_listio
+openbsd_poll
pipe
poll
pread
preadv
+profil
+#
+# ptrace needs scoping.
+#
+#ptrace
pwrite
pwritev
read
@@ -71,17 +201,107 @@
recv
recvfrom
recvmsg
+rfork
+#
+# rtprio needs scoping.
+#
+rtprio
+rtprio_thread
+sbrk
+sched_get_priority_max
+sched_get_priority_mind
+#
+# sched_{get,set}* need scoping.
+#
+sched_getparam
+sched_getscheduler
+sched_rr_getinterval
+sched_setparam
+sched_setscheduler
+sched_yield
sctp_generic_recvmsg
sctp_generic_sendmsg
+sctp_generic_sendmsg_iov
sctp_peeloff
select
send
+sendfile
sendmsg
sendto
+setaudit
+setaudit_addr
+setauid
+setcontext
+setegid
+seteuid
+setgid
+setitimer
+#
+# Need to think about setpriority and capabilities.
+#
+setpriority
+setregid
+setresgid
+setresuid
+setreuid
+setrlimit
+setsid
+#
+# Need to review socket options and decide what to do about ones that manage
+# globally visible stack properties.
+#
setsockopt
+#
+# Need to think hard about the safety of credential manipulation calls where
+# the capability model and UNIX model intersect.
+#
+setuid
+#
+# shm_open needs scoping (just anonymous memory).
+#
+#shm_open
shutdown
+sigaction
+sigaltstack
+sigblock
+sigpending
+sigprocmask
+sigqueue
+sigreturn
+sigsetmask
+sigstack
+sigsuspend
+sigtimedwait
+sigvec
+sigwaitinfo
socketpair
+sstk
+#
+# sync isn't all that harmful, but is global.
+#
+sync
sys_exit
-__sysctl
+thr_create
+thr_exit
+thr_kill
+#
+# thr_kill2 needs scoping.
+#
+#thr_kill2
+thr_new
+thr_self
+thr_set_name
+thr_suspend
+thr_wake
+umask
+utrace
+uuidgen
+vfork
+#
+# wait and wait4 needs process scoping work
+#
+wait
+wait4
write
writev
+yield
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#8 (text+ko) ====
@@ -36,7 +36,7 @@
{ AS(write_args), (sy_call_t *)write, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 4 = write */
{ AS(open_args), (sy_call_t *)open, AUE_OPEN_RWTC, NULL, 0, 0, 0 }, /* 5 = open */
{ AS(close_args), (sy_call_t *)close, AUE_CLOSE, NULL, 0, 0, SYF_CAPENABLED }, /* 6 = close */
- { AS(wait_args), (sy_call_t *)wait4, AUE_WAIT4, NULL, 0, 0, 0 }, /* 7 = wait4 */
+ { AS(wait_args), (sy_call_t *)wait4, AUE_WAIT4, NULL, 0, 0, SYF_CAPENABLED }, /* 7 = wait4 */
{ compat(AS(ocreat_args),creat), AUE_CREAT, NULL, 0, 0, 0 }, /* 8 = old creat */
{ AS(link_args), (sy_call_t *)link, AUE_LINK, NULL, 0, 0, 0 }, /* 9 = link */
{ AS(unlink_args), (sy_call_t *)unlink, AUE_UNLINK, NULL, 0, 0, 0 }, /* 10 = unlink */
@@ -46,13 +46,13 @@
{ AS(mknod_args), (sy_call_t *)mknod, AUE_MKNOD, NULL, 0, 0, 0 }, /* 14 = mknod */
{ AS(chmod_args), (sy_call_t *)chmod, AUE_CHMOD, NULL, 0, 0, 0 }, /* 15 = chmod */
{ AS(chown_args), (sy_call_t *)chown, AUE_CHOWN, NULL, 0, 0, 0 }, /* 16 = chown */
- { AS(obreak_args), (sy_call_t *)obreak, AUE_NULL, NULL, 0, 0, 0 }, /* 17 = break */
+ { AS(obreak_args), (sy_call_t *)obreak, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 17 = break */
{ compat4(AS(freebsd4_getfsstat_args),getfsstat), AUE_GETFSSTAT, NULL, 0, 0, 0 }, /* 18 = old getfsstat */
{ compat(AS(olseek_args),lseek), AUE_LSEEK, NULL, 0, 0, SYF_CAPENABLED }, /* 19 = old lseek */
{ 0, (sy_call_t *)getpid, AUE_GETPID, NULL, 0, 0, 0 }, /* 20 = getpid */
{ AS(mount_args), (sy_call_t *)mount, AUE_MOUNT, NULL, 0, 0, 0 }, /* 21 = mount */
{ AS(unmount_args), (sy_call_t *)unmount, AUE_UMOUNT, NULL, 0, 0, 0 }, /* 22 = unmount */
- { AS(setuid_args), (sy_call_t *)setuid, AUE_SETUID, NULL, 0, 0, 0 }, /* 23 = setuid */
+ { AS(setuid_args), (sy_call_t *)setuid, AUE_SETUID, NULL, 0, 0, SYF_CAPENABLED }, /* 23 = setuid */
{ 0, (sy_call_t *)getuid, AUE_GETUID, NULL, 0, 0, 0 }, /* 24 = getuid */
{ 0, (sy_call_t *)geteuid, AUE_GETEUID, NULL, 0, 0, 0 }, /* 25 = geteuid */
{ AS(ptrace_args), (sy_call_t *)ptrace, AUE_PTRACE, NULL, 0, 0, 0 }, /* 26 = ptrace */
@@ -70,83 +70,83 @@
{ compat(AS(ostat_args),stat), AUE_STAT, NULL, 0, 0, 0 }, /* 38 = old stat */
{ 0, (sy_call_t *)getppid, AUE_GETPPID, NULL, 0, 0, 0 }, /* 39 = getppid */
{ compat(AS(olstat_args),lstat), AUE_LSTAT, NULL, 0, 0, 0 }, /* 40 = old lstat */
- { AS(dup_args), (sy_call_t *)dup, AUE_DUP, NULL, 0, 0, 0 }, /* 41 = dup */
+ { AS(dup_args), (sy_call_t *)dup, AUE_DUP, NULL, 0, 0, SYF_CAPENABLED }, /* 41 = dup */
{ 0, (sy_call_t *)pipe, AUE_PIPE, NULL, 0, 0, 0 }, /* 42 = pipe */
{ 0, (sy_call_t *)getegid, AUE_GETEGID, NULL, 0, 0, 0 }, /* 43 = getegid */
- { AS(profil_args), (sy_call_t *)profil, AUE_PROFILE, NULL, 0, 0, 0 }, /* 44 = profil */
+ { AS(profil_args), (sy_call_t *)profil, AUE_PROFILE, NULL, 0, 0, SYF_CAPENABLED }, /* 44 = profil */
{ AS(ktrace_args), (sy_call_t *)ktrace, AUE_KTRACE, NULL, 0, 0, 0 }, /* 45 = ktrace */
- { compat(AS(osigaction_args),sigaction), AUE_SIGACTION, NULL, 0, 0, 0 }, /* 46 = old sigaction */
+ { compat(AS(osigaction_args),sigaction), AUE_SIGACTION, NULL, 0, 0, SYF_CAPENABLED }, /* 46 = old sigaction */
{ 0, (sy_call_t *)getgid, AUE_GETGID, NULL, 0, 0, 0 }, /* 47 = getgid */
- { compat(AS(osigprocmask_args),sigprocmask), AUE_SIGPROCMASK, NULL, 0, 0, 0 }, /* 48 = old sigprocmask */
+ { compat(AS(osigprocmask_args),sigprocmask), AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED }, /* 48 = old sigprocmask */
{ AS(getlogin_args), (sy_call_t *)getlogin, AUE_GETLOGIN, NULL, 0, 0, 0 }, /* 49 = getlogin */
{ AS(setlogin_args), (sy_call_t *)setlogin, AUE_SETLOGIN, NULL, 0, 0, 0 }, /* 50 = setlogin */
{ AS(acct_args), (sy_call_t *)acct, AUE_ACCT, NULL, 0, 0, 0 }, /* 51 = acct */
{ compat(0,sigpending), AUE_SIGPENDING, NULL, 0, 0, 0 }, /* 52 = old sigpending */
- { AS(sigaltstack_args), (sy_call_t *)sigaltstack, AUE_SIGALTSTACK, NULL, 0, 0, 0 }, /* 53 = sigaltstack */
+ { AS(sigaltstack_args), (sy_call_t *)sigaltstack, AUE_SIGALTSTACK, NULL, 0, 0, SYF_CAPENABLED }, /* 53 = sigaltstack */
{ AS(ioctl_args), (sy_call_t *)ioctl, AUE_IOCTL, NULL, 0, 0, SYF_CAPENABLED }, /* 54 = ioctl */
{ AS(reboot_args), (sy_call_t *)reboot, AUE_REBOOT, NULL, 0, 0, 0 }, /* 55 = reboot */
{ AS(revoke_args), (sy_call_t *)revoke, AUE_REVOKE, NULL, 0, 0, 0 }, /* 56 = revoke */
{ AS(symlink_args), (sy_call_t *)symlink, AUE_SYMLINK, NULL, 0, 0, 0 }, /* 57 = symlink */
{ AS(readlink_args), (sy_call_t *)readlink, AUE_READLINK, NULL, 0, 0, 0 }, /* 58 = readlink */
{ AS(execve_args), (sy_call_t *)execve, AUE_EXECVE, NULL, 0, 0, 0 }, /* 59 = execve */
- { AS(umask_args), (sy_call_t *)umask, AUE_UMASK, NULL, 0, 0, 0 }, /* 60 = umask */
+ { AS(umask_args), (sy_call_t *)umask, AUE_UMASK, NULL, 0, 0, SYF_CAPENABLED }, /* 60 = umask */
{ AS(chroot_args), (sy_call_t *)chroot, AUE_CHROOT, NULL, 0, 0, 0 }, /* 61 = chroot */
{ compat(AS(ofstat_args),fstat), AUE_FSTAT, NULL, 0, 0, SYF_CAPENABLED }, /* 62 = old fstat */
{ compat(AS(getkerninfo_args),getkerninfo), AUE_NULL, NULL, 0, 0, 0 }, /* 63 = old getkerninfo */
{ compat(0,getpagesize), AUE_NULL, NULL, 0, 0, 0 }, /* 64 = old getpagesize */
- { AS(msync_args), (sy_call_t *)msync, AUE_MSYNC, NULL, 0, 0, 0 }, /* 65 = msync */
+ { AS(msync_args), (sy_call_t *)msync, AUE_MSYNC, NULL, 0, 0, SYF_CAPENABLED }, /* 65 = msync */
{ 0, (sy_call_t *)vfork, AUE_VFORK, NULL, 0, 0, 0 }, /* 66 = vfork */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 67 = obsolete vread */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 68 = obsolete vwrite */
- { AS(sbrk_args), (sy_call_t *)sbrk, AUE_SBRK, NULL, 0, 0, 0 }, /* 69 = sbrk */
- { AS(sstk_args), (sy_call_t *)sstk, AUE_SSTK, NULL, 0, 0, 0 }, /* 70 = sstk */
+ { AS(sbrk_args), (sy_call_t *)sbrk, AUE_SBRK, NULL, 0, 0, SYF_CAPENABLED }, /* 69 = sbrk */
+ { AS(sstk_args), (sy_call_t *)sstk, AUE_SSTK, NULL, 0, 0, SYF_CAPENABLED }, /* 70 = sstk */
{ compat(AS(ommap_args),mmap), AUE_MMAP, NULL, 0, 0, SYF_CAPENABLED }, /* 71 = old mmap */
{ AS(ovadvise_args), (sy_call_t *)ovadvise, AUE_O_VADVISE, NULL, 0, 0, 0 }, /* 72 = vadvise */
- { AS(munmap_args), (sy_call_t *)munmap, AUE_MUNMAP, NULL, 0, 0, 0 }, /* 73 = munmap */
- { AS(mprotect_args), (sy_call_t *)mprotect, AUE_MPROTECT, NULL, 0, 0, 0 }, /* 74 = mprotect */
- { AS(madvise_args), (sy_call_t *)madvise, AUE_MADVISE, NULL, 0, 0, 0 }, /* 75 = madvise */
+ { AS(munmap_args), (sy_call_t *)munmap, AUE_MUNMAP, NULL, 0, 0, SYF_CAPENABLED }, /* 73 = munmap */
+ { AS(mprotect_args), (sy_call_t *)mprotect, AUE_MPROTECT, NULL, 0, 0, SYF_CAPENABLED }, /* 74 = mprotect */
+ { AS(madvise_args), (sy_call_t *)madvise, AUE_MADVISE, NULL, 0, 0, SYF_CAPENABLED }, /* 75 = madvise */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 76 = obsolete vhangup */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 77 = obsolete vlimit */
- { AS(mincore_args), (sy_call_t *)mincore, AUE_MINCORE, NULL, 0, 0, 0 }, /* 78 = mincore */
- { AS(getgroups_args), (sy_call_t *)getgroups, AUE_GETGROUPS, NULL, 0, 0, 0 }, /* 79 = getgroups */
+ { AS(mincore_args), (sy_call_t *)mincore, AUE_MINCORE, NULL, 0, 0, SYF_CAPENABLED }, /* 78 = mincore */
+ { AS(getgroups_args), (sy_call_t *)getgroups, AUE_GETGROUPS, NULL, 0, 0, SYF_CAPENABLED }, /* 79 = getgroups */
{ AS(setgroups_args), (sy_call_t *)setgroups, AUE_SETGROUPS, NULL, 0, 0, 0 }, /* 80 = setgroups */
{ 0, (sy_call_t *)getpgrp, AUE_GETPGRP, NULL, 0, 0, 0 }, /* 81 = getpgrp */
{ AS(setpgid_args), (sy_call_t *)setpgid, AUE_SETPGRP, NULL, 0, 0, 0 }, /* 82 = setpgid */
- { AS(setitimer_args), (sy_call_t *)setitimer, AUE_SETITIMER, NULL, 0, 0, 0 }, /* 83 = setitimer */
+ { AS(setitimer_args), (sy_call_t *)setitimer, AUE_SETITIMER, NULL, 0, 0, SYF_CAPENABLED }, /* 83 = setitimer */
{ compat(0,wait), AUE_WAIT4, NULL, 0, 0, 0 }, /* 84 = old wait */
{ AS(swapon_args), (sy_call_t *)swapon, AUE_SWAPON, NULL, 0, 0, 0 }, /* 85 = swapon */
- { AS(getitimer_args), (sy_call_t *)getitimer, AUE_GETITIMER, NULL, 0, 0, 0 }, /* 86 = getitimer */
- { compat(AS(gethostname_args),gethostname), AUE_SYSCTL, NULL, 0, 0, 0 }, /* 87 = old gethostname */
+ { AS(getitimer_args), (sy_call_t *)getitimer, AUE_GETITIMER, NULL, 0, 0, SYF_CAPENABLED }, /* 86 = getitimer */
+ { compat(AS(gethostname_args),gethostname), AUE_SYSCTL, NULL, 0, 0, SYF_CAPENABLED }, /* 87 = old gethostname */
{ compat(AS(sethostname_args),sethostname), AUE_SYSCTL, NULL, 0, 0, 0 }, /* 88 = old sethostname */
{ 0, (sy_call_t *)getdtablesize, AUE_GETDTABLESIZE, NULL, 0, 0, 0 }, /* 89 = getdtablesize */
- { AS(dup2_args), (sy_call_t *)dup2, AUE_DUP2, NULL, 0, 0, 0 }, /* 90 = dup2 */
+ { AS(dup2_args), (sy_call_t *)dup2, AUE_DUP2, NULL, 0, 0, SYF_CAPENABLED }, /* 90 = dup2 */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 91 = getdopt */
{ AS(fcntl_args), (sy_call_t *)fcntl, AUE_FCNTL, NULL, 0, 0, SYF_CAPENABLED }, /* 92 = fcntl */
{ AS(select_args), (sy_call_t *)select, AUE_SELECT, NULL, 0, 0, SYF_CAPENABLED }, /* 93 = select */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 94 = setdopt */
{ AS(fsync_args), (sy_call_t *)fsync, AUE_FSYNC, NULL, 0, 0, SYF_CAPENABLED }, /* 95 = fsync */
- { AS(setpriority_args), (sy_call_t *)setpriority, AUE_SETPRIORITY, NULL, 0, 0, 0 }, /* 96 = setpriority */
+ { AS(setpriority_args), (sy_call_t *)setpriority, AUE_SETPRIORITY, NULL, 0, 0, SYF_CAPENABLED }, /* 96 = setpriority */
{ AS(socket_args), (sy_call_t *)socket, AUE_SOCKET, NULL, 0, 0, 0 }, /* 97 = socket */
{ AS(connect_args), (sy_call_t *)connect, AUE_CONNECT, NULL, 0, 0, SYF_CAPENABLED }, /* 98 = connect */
{ compat(AS(accept_args),accept), AUE_ACCEPT, NULL, 0, 0, SYF_CAPENABLED }, /* 99 = old accept */
- { AS(getpriority_args), (sy_call_t *)getpriority, AUE_GETPRIORITY, NULL, 0, 0, 0 }, /* 100 = getpriority */
+ { AS(getpriority_args), (sy_call_t *)getpriority, AUE_GETPRIORITY, NULL, 0, 0, SYF_CAPENABLED }, /* 100 = getpriority */
{ compat(AS(osend_args),send), AUE_SEND, NULL, 0, 0, SYF_CAPENABLED }, /* 101 = old send */
{ compat(AS(orecv_args),recv), AUE_RECV, NULL, 0, 0, SYF_CAPENABLED }, /* 102 = old recv */
- { compat(AS(osigreturn_args),sigreturn), AUE_SIGRETURN, NULL, 0, 0, 0 }, /* 103 = old sigreturn */
+ { compat(AS(osigreturn_args),sigreturn), AUE_SIGRETURN, NULL, 0, 0, SYF_CAPENABLED }, /* 103 = old sigreturn */
{ AS(bind_args), (sy_call_t *)bind, AUE_BIND, NULL, 0, 0, SYF_CAPENABLED }, /* 104 = bind */
{ AS(setsockopt_args), (sy_call_t *)setsockopt, AUE_SETSOCKOPT, NULL, 0, 0, SYF_CAPENABLED }, /* 105 = setsockopt */
{ AS(listen_args), (sy_call_t *)listen, AUE_LISTEN, NULL, 0, 0, SYF_CAPENABLED }, /* 106 = listen */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 107 = obsolete vtimes */
- { compat(AS(osigvec_args),sigvec), AUE_NULL, NULL, 0, 0, 0 }, /* 108 = old sigvec */
- { compat(AS(osigblock_args),sigblock), AUE_NULL, NULL, 0, 0, 0 }, /* 109 = old sigblock */
- { compat(AS(osigsetmask_args),sigsetmask), AUE_NULL, NULL, 0, 0, 0 }, /* 110 = old sigsetmask */
- { compat(AS(osigsuspend_args),sigsuspend), AUE_NULL, NULL, 0, 0, 0 }, /* 111 = old sigsuspend */
- { compat(AS(osigstack_args),sigstack), AUE_NULL, NULL, 0, 0, 0 }, /* 112 = old sigstack */
+ { compat(AS(osigvec_args),sigvec), AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 108 = old sigvec */
+ { compat(AS(osigblock_args),sigblock), AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 109 = old sigblock */
+ { compat(AS(osigsetmask_args),sigsetmask), AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 110 = old sigsetmask */
+ { compat(AS(osigsuspend_args),sigsuspend), AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 111 = old sigsuspend */
+ { compat(AS(osigstack_args),sigstack), AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 112 = old sigstack */
{ compat(AS(orecvmsg_args),recvmsg), AUE_RECVMSG, NULL, 0, 0, SYF_CAPENABLED }, /* 113 = old recvmsg */
{ compat(AS(osendmsg_args),sendmsg), AUE_SENDMSG, NULL, 0, 0, SYF_CAPENABLED }, /* 114 = old sendmsg */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 115 = obsolete vtrace */
- { AS(gettimeofday_args), (sy_call_t *)gettimeofday, AUE_GETTIMEOFDAY, NULL, 0, 0, 0 }, /* 116 = gettimeofday */
- { AS(getrusage_args), (sy_call_t *)getrusage, AUE_GETRUSAGE, NULL, 0, 0, 0 }, /* 117 = getrusage */
+ { AS(gettimeofday_args), (sy_call_t *)gettimeofday, AUE_GETTIMEOFDAY, NULL, 0, 0, SYF_CAPENABLED }, /* 116 = gettimeofday */
+ { AS(getrusage_args), (sy_call_t *)getrusage, AUE_GETRUSAGE, NULL, 0, 0, SYF_CAPENABLED }, /* 117 = getrusage */
{ AS(getsockopt_args), (sy_call_t *)getsockopt, AUE_GETSOCKOPT, NULL, 0, 0, SYF_CAPENABLED }, /* 118 = getsockopt */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 119 = resuba */
{ AS(readv_args), (sy_call_t *)readv, AUE_READV, NULL, 0, 0, SYF_CAPENABLED }, /* 120 = readv */
@@ -155,8 +155,8 @@
{ AS(fchown_args), (sy_call_t *)fchown, AUE_FCHOWN, NULL, 0, 0, SYF_CAPENABLED }, /* 123 = fchown */
{ AS(fchmod_args), (sy_call_t *)fchmod, AUE_FCHMOD, NULL, 0, 0, SYF_CAPENABLED }, /* 124 = fchmod */
{ compat(AS(recvfrom_args),recvfrom), AUE_RECVFROM, NULL, 0, 0, SYF_CAPENABLED }, /* 125 = old recvfrom */
- { AS(setreuid_args), (sy_call_t *)setreuid, AUE_SETREUID, NULL, 0, 0, 0 }, /* 126 = setreuid */
- { AS(setregid_args), (sy_call_t *)setregid, AUE_SETREGID, NULL, 0, 0, 0 }, /* 127 = setregid */
+ { AS(setreuid_args), (sy_call_t *)setreuid, AUE_SETREUID, NULL, 0, 0, SYF_CAPENABLED }, /* 126 = setreuid */
+ { AS(setregid_args), (sy_call_t *)setregid, AUE_SETREGID, NULL, 0, 0, SYF_CAPENABLED }, /* 127 = setregid */
{ AS(rename_args), (sy_call_t *)rename, AUE_RENAME, NULL, 0, 0, 0 }, /* 128 = rename */
{ compat(AS(otruncate_args),truncate), AUE_TRUNCATE, NULL, 0, 0, 0 }, /* 129 = old truncate */
{ compat(AS(oftruncate_args),ftruncate), AUE_FTRUNCATE, NULL, 0, 0, SYF_CAPENABLED }, /* 130 = old ftruncate */
@@ -173,8 +173,8 @@
{ compat(AS(ogetpeername_args),getpeername), AUE_GETPEERNAME, NULL, 0, 0, SYF_CAPENABLED }, /* 141 = old getpeername */
{ compat(0,gethostid), AUE_SYSCTL, NULL, 0, 0, 0 }, /* 142 = old gethostid */
{ compat(AS(osethostid_args),sethostid), AUE_SYSCTL, NULL, 0, 0, 0 }, /* 143 = old sethostid */
- { compat(AS(ogetrlimit_args),getrlimit), AUE_GETRLIMIT, NULL, 0, 0, 0 }, /* 144 = old getrlimit */
- { compat(AS(osetrlimit_args),setrlimit), AUE_SETRLIMIT, NULL, 0, 0, 0 }, /* 145 = old setrlimit */
+ { compat(AS(ogetrlimit_args),getrlimit), AUE_GETRLIMIT, NULL, 0, 0, SYF_CAPENABLED }, /* 144 = old getrlimit */
+ { compat(AS(osetrlimit_args),setrlimit), AUE_SETRLIMIT, NULL, 0, 0, SYF_CAPENABLED }, /* 145 = old setrlimit */
{ compat(AS(okillpg_args),killpg), AUE_KILLPG, NULL, 0, 0, 0 }, /* 146 = old killpg */
{ 0, (sy_call_t *)setsid, AUE_SETSID, NULL, 0, 0, 0 }, /* 147 = setsid */
{ AS(quotactl_args), (sy_call_t *)quotactl, AUE_QUOTACTL, NULL, 0, 0, 0 }, /* 148 = quotactl */
@@ -191,11 +191,11 @@
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 159 = nosys */
{ AS(lgetfh_args), (sy_call_t *)lgetfh, AUE_LGETFH, NULL, 0, 0, 0 }, /* 160 = lgetfh */
{ AS(getfh_args), (sy_call_t *)getfh, AUE_NFS_GETFH, NULL, 0, 0, 0 }, /* 161 = getfh */
- { AS(getdomainname_args), (sy_call_t *)getdomainname, AUE_SYSCTL, NULL, 0, 0, 0 }, /* 162 = getdomainname */
+ { AS(getdomainname_args), (sy_call_t *)getdomainname, AUE_SYSCTL, NULL, 0, 0, SYF_CAPENABLED }, /* 162 = getdomainname */
{ AS(setdomainname_args), (sy_call_t *)setdomainname, AUE_SYSCTL, NULL, 0, 0, 0 }, /* 163 = setdomainname */
{ AS(uname_args), (sy_call_t *)uname, AUE_NULL, NULL, 0, 0, 0 }, /* 164 = uname */
{ AS(sysarch_args), (sy_call_t *)sysarch, AUE_SYSARCH, NULL, 0, 0, 0 }, /* 165 = sysarch */
- { AS(rtprio_args), (sy_call_t *)rtprio, AUE_RTPRIO, NULL, 0, 0, 0 }, /* 166 = rtprio */
+ { AS(rtprio_args), (sy_call_t *)rtprio, AUE_RTPRIO, NULL, 0, 0, SYF_CAPENABLED }, /* 166 = rtprio */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 167 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 168 = nosys */
{ AS(semsys_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 169 = semsys */
@@ -210,9 +210,9 @@
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 178 = getdescriptor */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 179 = setdescriptor */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 180 = nosys */
- { AS(setgid_args), (sy_call_t *)setgid, AUE_SETGID, NULL, 0, 0, 0 }, /* 181 = setgid */
- { AS(setegid_args), (sy_call_t *)setegid, AUE_SETEGID, NULL, 0, 0, 0 }, /* 182 = setegid */
- { AS(seteuid_args), (sy_call_t *)seteuid, AUE_SETEUID, NULL, 0, 0, 0 }, /* 183 = seteuid */
+ { AS(setgid_args), (sy_call_t *)setgid, AUE_SETGID, NULL, 0, 0, SYF_CAPENABLED }, /* 181 = setgid */
+ { AS(setegid_args), (sy_call_t *)setegid, AUE_SETEGID, NULL, 0, 0, SYF_CAPENABLED }, /* 182 = setegid */
+ { AS(seteuid_args), (sy_call_t *)seteuid, AUE_SETEUID, NULL, 0, 0, SYF_CAPENABLED }, /* 183 = seteuid */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 184 = lfs_bmapv */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 185 = lfs_markv */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 186 = lfs_segclean */
@@ -223,8 +223,8 @@
{ AS(pathconf_args), (sy_call_t *)pathconf, AUE_PATHCONF, NULL, 0, 0, 0 }, /* 191 = pathconf */
{ AS(fpathconf_args), (sy_call_t *)fpathconf, AUE_FPATHCONF, NULL, 0, 0, SYF_CAPENABLED }, /* 192 = fpathconf */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 193 = nosys */
- { AS(__getrlimit_args), (sy_call_t *)getrlimit, AUE_GETRLIMIT, NULL, 0, 0, 0 }, /* 194 = getrlimit */
- { AS(__setrlimit_args), (sy_call_t *)setrlimit, AUE_SETRLIMIT, NULL, 0, 0, 0 }, /* 195 = setrlimit */
+ { AS(__getrlimit_args), (sy_call_t *)getrlimit, AUE_GETRLIMIT, NULL, 0, 0, SYF_CAPENABLED }, /* 194 = getrlimit */
+ { AS(__setrlimit_args), (sy_call_t *)setrlimit, AUE_SETRLIMIT, NULL, 0, 0, SYF_CAPENABLED }, /* 195 = setrlimit */
{ AS(getdirentries_args), (sy_call_t *)getdirentries, AUE_GETDIRENTRIES, NULL, 0, 0, SYF_CAPENABLED }, /* 196 = getdirentries */
{ AS(freebsd6_mmap_args), (sy_call_t *)freebsd6_mmap, AUE_MMAP, NULL, 0, 0, SYF_CAPENABLED }, /* 197 = freebsd6_mmap */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 198 = __syscall */
@@ -232,11 +232,11 @@
{ AS(freebsd6_truncate_args), (sy_call_t *)freebsd6_truncate, AUE_TRUNCATE, NULL, 0, 0, 0 }, /* 200 = freebsd6_truncate */
{ AS(freebsd6_ftruncate_args), (sy_call_t *)freebsd6_ftruncate, AUE_FTRUNCATE, NULL, 0, 0, SYF_CAPENABLED }, /* 201 = freebsd6_ftruncate */
{ AS(sysctl_args), (sy_call_t *)__sysctl, AUE_SYSCTL, NULL, 0, 0, SYF_CAPENABLED }, /* 202 = __sysctl */
- { AS(mlock_args), (sy_call_t *)mlock, AUE_MLOCK, NULL, 0, 0, 0 }, /* 203 = mlock */
- { AS(munlock_args), (sy_call_t *)munlock, AUE_MUNLOCK, NULL, 0, 0, 0 }, /* 204 = munlock */
+ { AS(mlock_args), (sy_call_t *)mlock, AUE_MLOCK, NULL, 0, 0, SYF_CAPENABLED }, /* 203 = mlock */
+ { AS(munlock_args), (sy_call_t *)munlock, AUE_MUNLOCK, NULL, 0, 0, SYF_CAPENABLED }, /* 204 = munlock */
{ AS(undelete_args), (sy_call_t *)undelete, AUE_UNDELETE, NULL, 0, 0, 0 }, /* 205 = undelete */
{ AS(futimes_args), (sy_call_t *)futimes, AUE_FUTIMES, NULL, 0, 0, SYF_CAPENABLED }, /* 206 = futimes */
- { AS(getpgid_args), (sy_call_t *)getpgid, AUE_GETPGID, NULL, 0, 0, 0 }, /* 207 = getpgid */
+ { AS(getpgid_args), (sy_call_t *)getpgid, AUE_GETPGID, NULL, 0, 0, SYF_CAPENABLED }, /* 207 = getpgid */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 208 = newreboot */
{ AS(poll_args), (sy_call_t *)poll, AUE_POLL, NULL, 0, 0, SYF_CAPENABLED }, /* 209 = poll */
{ AS(nosys_args), (sy_call_t *)lkmnosys, AUE_NULL, NULL, 0, 0, 0 }, /* 210 = lkmnosys */
@@ -261,15 +261,15 @@
{ AS(shmctl_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 229 = shmctl */
{ AS(shmdt_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 230 = shmdt */
{ AS(shmget_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 231 = shmget */
- { AS(clock_gettime_args), (sy_call_t *)clock_gettime, AUE_NULL, NULL, 0, 0, 0 }, /* 232 = clock_gettime */
+ { AS(clock_gettime_args), (sy_call_t *)clock_gettime, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 232 = clock_gettime */
{ AS(clock_settime_args), (sy_call_t *)clock_settime, AUE_CLOCK_SETTIME, NULL, 0, 0, 0 }, /* 233 = clock_settime */
- { AS(clock_getres_args), (sy_call_t *)clock_getres, AUE_NULL, NULL, 0, 0, 0 }, /* 234 = clock_getres */
- { AS(ktimer_create_args), (sy_call_t *)ktimer_create, AUE_NULL, NULL, 0, 0, 0 }, /* 235 = ktimer_create */
- { AS(ktimer_delete_args), (sy_call_t *)ktimer_delete, AUE_NULL, NULL, 0, 0, 0 }, /* 236 = ktimer_delete */
- { AS(ktimer_settime_args), (sy_call_t *)ktimer_settime, AUE_NULL, NULL, 0, 0, 0 }, /* 237 = ktimer_settime */
- { AS(ktimer_gettime_args), (sy_call_t *)ktimer_gettime, AUE_NULL, NULL, 0, 0, 0 }, /* 238 = ktimer_gettime */
- { AS(ktimer_getoverrun_args), (sy_call_t *)ktimer_getoverrun, AUE_NULL, NULL, 0, 0, 0 }, /* 239 = ktimer_getoverrun */
- { AS(nanosleep_args), (sy_call_t *)nanosleep, AUE_NULL, NULL, 0, 0, 0 }, /* 240 = nanosleep */
+ { AS(clock_getres_args), (sy_call_t *)clock_getres, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 234 = clock_getres */
+ { AS(ktimer_create_args), (sy_call_t *)ktimer_create, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 235 = ktimer_create */
+ { AS(ktimer_delete_args), (sy_call_t *)ktimer_delete, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 236 = ktimer_delete */
+ { AS(ktimer_settime_args), (sy_call_t *)ktimer_settime, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 237 = ktimer_settime */
+ { AS(ktimer_gettime_args), (sy_call_t *)ktimer_gettime, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 238 = ktimer_gettime */
+ { AS(ktimer_getoverrun_args), (sy_call_t *)ktimer_getoverrun, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 239 = ktimer_getoverrun */
+ { AS(nanosleep_args), (sy_call_t *)nanosleep, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 240 = nanosleep */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 241 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 242 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 243 = nosys */
@@ -277,11 +277,11 @@
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 245 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 246 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 247 = nosys */
- { AS(ntp_gettime_args), (sy_call_t *)ntp_gettime, AUE_NULL, NULL, 0, 0, 0 }, /* 248 = ntp_gettime */
+ { AS(ntp_gettime_args), (sy_call_t *)ntp_gettime, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 248 = ntp_gettime */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 249 = nosys */
- { AS(minherit_args), (sy_call_t *)minherit, AUE_MINHERIT, NULL, 0, 0, 0 }, /* 250 = minherit */
- { AS(rfork_args), (sy_call_t *)rfork, AUE_RFORK, NULL, 0, 0, 0 }, /* 251 = rfork */
- { AS(openbsd_poll_args), (sy_call_t *)openbsd_poll, AUE_POLL, NULL, 0, 0, 0 }, /* 252 = openbsd_poll */
+ { AS(minherit_args), (sy_call_t *)minherit, AUE_MINHERIT, NULL, 0, 0, SYF_CAPENABLED }, /* 250 = minherit */
+ { AS(rfork_args), (sy_call_t *)rfork, AUE_RFORK, NULL, 0, 0, SYF_CAPENABLED }, /* 251 = rfork */
+ { AS(openbsd_poll_args), (sy_call_t *)openbsd_poll, AUE_POLL, NULL, 0, 0, SYF_CAPENABLED }, /* 252 = openbsd_poll */
{ 0, (sy_call_t *)issetugid, AUE_ISSETUGID, NULL, 0, 0, 0 }, /* 253 = issetugid */
{ AS(lchown_args), (sy_call_t *)lchown, AUE_LCHOWN, NULL, 0, 0, 0 }, /* 254 = lchown */
{ AS(aio_read_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 255 = aio_read */
@@ -301,12 +301,12 @@
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 269 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 270 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 271 = nosys */
- { AS(getdents_args), (sy_call_t *)getdents, AUE_O_GETDENTS, NULL, 0, 0, 0 }, /* 272 = getdents */
+ { AS(getdents_args), (sy_call_t *)getdents, AUE_O_GETDENTS, NULL, 0, 0, SYF_CAPENABLED }, /* 272 = getdents */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 273 = nosys */
{ AS(lchmod_args), (sy_call_t *)lchmod, AUE_LCHMOD, NULL, 0, 0, 0 }, /* 274 = lchmod */
{ AS(lchown_args), (sy_call_t *)lchown, AUE_LCHOWN, NULL, 0, 0, 0 }, /* 275 = netbsd_lchown */
{ AS(lutimes_args), (sy_call_t *)lutimes, AUE_LUTIMES, NULL, 0, 0, 0 }, /* 276 = lutimes */
- { AS(msync_args), (sy_call_t *)msync, AUE_MSYNC, NULL, 0, 0, 0 }, /* 277 = netbsd_msync */
+ { AS(msync_args), (sy_call_t *)msync, AUE_MSYNC, NULL, 0, 0, SYF_CAPENABLED }, /* 277 = netbsd_msync */
{ AS(nstat_args), (sy_call_t *)nstat, AUE_STAT, NULL, 0, 0, 0 }, /* 278 = nstat */
{ AS(nfstat_args), (sy_call_t *)nfstat, AUE_FSTAT, NULL, 0, 0, 0 }, /* 279 = nfstat */
{ AS(nlstat_args), (sy_call_t *)nlstat, AUE_LSTAT, NULL, 0, 0, 0 }, /* 280 = nlstat */
@@ -339,9 +339,9 @@
{ AS(kldnext_args), (sy_call_t *)kldnext, AUE_NULL, NULL, 0, 0, 0 }, /* 307 = kldnext */
{ AS(kldstat_args), (sy_call_t *)kldstat, AUE_NULL, NULL, 0, 0, 0 }, /* 308 = kldstat */
{ AS(kldfirstmod_args), (sy_call_t *)kldfirstmod, AUE_NULL, NULL, 0, 0, 0 }, /* 309 = kldfirstmod */
- { AS(getsid_args), (sy_call_t *)getsid, AUE_GETSID, NULL, 0, 0, 0 }, /* 310 = getsid */
- { AS(setresuid_args), (sy_call_t *)setresuid, AUE_SETRESUID, NULL, 0, 0, 0 }, /* 311 = setresuid */
- { AS(setresgid_args), (sy_call_t *)setresgid, AUE_SETRESGID, NULL, 0, 0, 0 }, /* 312 = setresgid */
+ { AS(getsid_args), (sy_call_t *)getsid, AUE_GETSID, NULL, 0, 0, SYF_CAPENABLED }, /* 310 = getsid */
+ { AS(setresuid_args), (sy_call_t *)setresuid, AUE_SETRESUID, NULL, 0, 0, SYF_CAPENABLED }, /* 311 = setresuid */
+ { AS(setresgid_args), (sy_call_t *)setresgid, AUE_SETRESGID, NULL, 0, 0, SYF_CAPENABLED }, /* 312 = setresgid */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 313 = obsolete signanosleep */
{ AS(aio_return_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 314 = aio_return */
{ AS(aio_suspend_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 315 = aio_suspend */
@@ -353,44 +353,44 @@
{ 0, (sy_call_t *)yield, AUE_NULL, NULL, 0, 0, 0 }, /* 321 = yield */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 322 = obsolete thr_sleep */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 323 = obsolete thr_wakeup */
- { AS(mlockall_args), (sy_call_t *)mlockall, AUE_MLOCKALL, NULL, 0, 0, 0 }, /* 324 = mlockall */
+ { AS(mlockall_args), (sy_call_t *)mlockall, AUE_MLOCKALL, NULL, 0, 0, SYF_CAPENABLED }, /* 324 = mlockall */
{ 0, (sy_call_t *)munlockall, AUE_MUNLOCKALL, NULL, 0, 0, 0 }, /* 325 = munlockall */
{ AS(__getcwd_args), (sy_call_t *)__getcwd, AUE_GETCWD, NULL, 0, 0, 0 }, /* 326 = __getcwd */
- { AS(sched_setparam_args), (sy_call_t *)sched_setparam, AUE_NULL, NULL, 0, 0, 0 }, /* 327 = sched_setparam */
- { AS(sched_getparam_args), (sy_call_t *)sched_getparam, AUE_NULL, NULL, 0, 0, 0 }, /* 328 = sched_getparam */
- { AS(sched_setscheduler_args), (sy_call_t *)sched_setscheduler, AUE_NULL, NULL, 0, 0, 0 }, /* 329 = sched_setscheduler */
- { AS(sched_getscheduler_args), (sy_call_t *)sched_getscheduler, AUE_NULL, NULL, 0, 0, 0 }, /* 330 = sched_getscheduler */
+ { AS(sched_setparam_args), (sy_call_t *)sched_setparam, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 327 = sched_setparam */
+ { AS(sched_getparam_args), (sy_call_t *)sched_getparam, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 328 = sched_getparam */
+ { AS(sched_setscheduler_args), (sy_call_t *)sched_setscheduler, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 329 = sched_setscheduler */
+ { AS(sched_getscheduler_args), (sy_call_t *)sched_getscheduler, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 330 = sched_getscheduler */
{ 0, (sy_call_t *)sched_yield, AUE_NULL, NULL, 0, 0, 0 }, /* 331 = sched_yield */
- { AS(sched_get_priority_max_args), (sy_call_t *)sched_get_priority_max, AUE_NULL, NULL, 0, 0, 0 }, /* 332 = sched_get_priority_max */
+ { AS(sched_get_priority_max_args), (sy_call_t *)sched_get_priority_max, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 332 = sched_get_priority_max */
{ AS(sched_get_priority_min_args), (sy_call_t *)sched_get_priority_min, AUE_NULL, NULL, 0, 0, 0 }, /* 333 = sched_get_priority_min */
{ AS(sched_rr_get_interval_args), (sy_call_t *)sched_rr_get_interval, AUE_NULL, NULL, 0, 0, 0 }, /* 334 = sched_rr_get_interval */
- { AS(utrace_args), (sy_call_t *)utrace, AUE_NULL, NULL, 0, 0, 0 }, /* 335 = utrace */
- { compat4(AS(freebsd4_sendfile_args),sendfile), AUE_SENDFILE, NULL, 0, 0, 0 }, /* 336 = old sendfile */
+ { AS(utrace_args), (sy_call_t *)utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 335 = utrace */
+ { compat4(AS(freebsd4_sendfile_args),sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED }, /* 336 = old sendfile */
{ AS(kldsym_args), (sy_call_t *)kldsym, AUE_NULL, NULL, 0, 0, 0 }, /* 337 = kldsym */
{ AS(jail_args), (sy_call_t *)jail, AUE_JAIL, NULL, 0, 0, 0 }, /* 338 = jail */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 339 = pioctl */
- { AS(sigprocmask_args), (sy_call_t *)sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, 0 }, /* 340 = sigprocmask */
- { AS(sigsuspend_args), (sy_call_t *)sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, 0 }, /* 341 = sigsuspend */
- { compat4(AS(freebsd4_sigaction_args),sigaction), AUE_SIGACTION, NULL, 0, 0, 0 }, /* 342 = old sigaction */
- { AS(sigpending_args), (sy_call_t *)sigpending, AUE_SIGPENDING, NULL, 0, 0, 0 }, /* 343 = sigpending */
- { compat4(AS(freebsd4_sigreturn_args),sigreturn), AUE_SIGRETURN, NULL, 0, 0, 0 }, /* 344 = old sigreturn */
- { AS(sigtimedwait_args), (sy_call_t *)sigtimedwait, AUE_SIGWAIT, NULL, 0, 0, 0 }, /* 345 = sigtimedwait */
- { AS(sigwaitinfo_args), (sy_call_t *)sigwaitinfo, AUE_NULL, NULL, 0, 0, 0 }, /* 346 = sigwaitinfo */
+ { AS(sigprocmask_args), (sy_call_t *)sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED }, /* 340 = sigprocmask */
+ { AS(sigsuspend_args), (sy_call_t *)sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED }, /* 341 = sigsuspend */
+ { compat4(AS(freebsd4_sigaction_args),sigaction), AUE_SIGACTION, NULL, 0, 0, SYF_CAPENABLED }, /* 342 = old sigaction */
+ { AS(sigpending_args), (sy_call_t *)sigpending, AUE_SIGPENDING, NULL, 0, 0, SYF_CAPENABLED }, /* 343 = sigpending */
+ { compat4(AS(freebsd4_sigreturn_args),sigreturn), AUE_SIGRETURN, NULL, 0, 0, SYF_CAPENABLED }, /* 344 = old sigreturn */
+ { AS(sigtimedwait_args), (sy_call_t *)sigtimedwait, AUE_SIGWAIT, NULL, 0, 0, SYF_CAPENABLED }, /* 345 = sigtimedwait */
+ { AS(sigwaitinfo_args), (sy_call_t *)sigwaitinfo, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 346 = sigwaitinfo */
{ AS(__acl_get_file_args), (sy_call_t *)__acl_get_file, AUE_NULL, NULL, 0, 0, 0 }, /* 347 = __acl_get_file */
{ AS(__acl_set_file_args), (sy_call_t *)__acl_set_file, AUE_NULL, NULL, 0, 0, 0 }, /* 348 = __acl_set_file */
- { AS(__acl_get_fd_args), (sy_call_t *)__acl_get_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 349 = __acl_get_fd */
- { AS(__acl_set_fd_args), (sy_call_t *)__acl_set_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 350 = __acl_set_fd */
+ { AS(__acl_get_fd_args), (sy_call_t *)__acl_get_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 349 = __acl_get_fd */
+ { AS(__acl_set_fd_args), (sy_call_t *)__acl_set_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 350 = __acl_set_fd */
{ AS(__acl_delete_file_args), (sy_call_t *)__acl_delete_file, AUE_NULL, NULL, 0, 0, 0 }, /* 351 = __acl_delete_file */
- { AS(__acl_delete_fd_args), (sy_call_t *)__acl_delete_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 352 = __acl_delete_fd */
+ { AS(__acl_delete_fd_args), (sy_call_t *)__acl_delete_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 352 = __acl_delete_fd */
{ AS(__acl_aclcheck_file_args), (sy_call_t *)__acl_aclcheck_file, AUE_NULL, NULL, 0, 0, 0 }, /* 353 = __acl_aclcheck_file */
- { AS(__acl_aclcheck_fd_args), (sy_call_t *)__acl_aclcheck_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 354 = __acl_aclcheck_fd */
+ { AS(__acl_aclcheck_fd_args), (sy_call_t *)__acl_aclcheck_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 354 = __acl_aclcheck_fd */
{ AS(extattrctl_args), (sy_call_t *)extattrctl, AUE_EXTATTRCTL, NULL, 0, 0, 0 }, /* 355 = extattrctl */
{ AS(extattr_set_file_args), (sy_call_t *)extattr_set_file, AUE_EXTATTR_SET_FILE, NULL, 0, 0, 0 }, /* 356 = extattr_set_file */
{ AS(extattr_get_file_args), (sy_call_t *)extattr_get_file, AUE_EXTATTR_GET_FILE, NULL, 0, 0, 0 }, /* 357 = extattr_get_file */
{ AS(extattr_delete_file_args), (sy_call_t *)extattr_delete_file, AUE_EXTATTR_DELETE_FILE, NULL, 0, 0, 0 }, /* 358 = extattr_delete_file */
{ AS(aio_waitcomplete_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 359 = aio_waitcomplete */
- { AS(getresuid_args), (sy_call_t *)getresuid, AUE_GETRESUID, NULL, 0, 0, 0 }, /* 360 = getresuid */
- { AS(getresgid_args), (sy_call_t *)getresgid, AUE_GETRESGID, NULL, 0, 0, 0 }, /* 361 = getresgid */
+ { AS(getresuid_args), (sy_call_t *)getresuid, AUE_GETRESUID, NULL, 0, 0, SYF_CAPENABLED }, /* 360 = getresuid */
+ { AS(getresgid_args), (sy_call_t *)getresgid, AUE_GETRESGID, NULL, 0, 0, SYF_CAPENABLED }, /* 361 = getresgid */
{ 0, (sy_call_t *)kqueue, AUE_KQUEUE, NULL, 0, 0, 0 }, /* 362 = kqueue */
{ AS(kevent_args), (sy_call_t *)kevent, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 363 = kevent */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 364 = __cap_get_proc */
@@ -402,27 +402,27 @@
{ AS(nosys_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 370 = lkmressys */
{ AS(extattr_set_fd_args), (sy_call_t *)extattr_set_fd, AUE_EXTATTR_SET_FD, NULL, 0, 0, SYF_CAPENABLED }, /* 371 = extattr_set_fd */
{ AS(extattr_get_fd_args), (sy_call_t *)extattr_get_fd, AUE_EXTATTR_GET_FD, NULL, 0, 0, SYF_CAPENABLED }, /* 372 = extattr_get_fd */
- { AS(extattr_delete_fd_args), (sy_call_t *)extattr_delete_fd, AUE_EXTATTR_DELETE_FD, NULL, 0, 0, 0 }, /* 373 = extattr_delete_fd */
+ { AS(extattr_delete_fd_args), (sy_call_t *)extattr_delete_fd, AUE_EXTATTR_DELETE_FD, NULL, 0, 0, SYF_CAPENABLED }, /* 373 = extattr_delete_fd */
{ AS(__setugid_args), (sy_call_t *)__setugid, AUE_NULL, NULL, 0, 0, 0 }, /* 374 = __setugid */
{ AS(nfsclnt_args), (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 375 = nfsclnt */
- { AS(eaccess_args), (sy_call_t *)eaccess, AUE_EACCESS, NULL, 0, 0, 0 }, /* 376 = eaccess */
+ { AS(eaccess_args), (sy_call_t *)eaccess, AUE_EACCESS, NULL, 0, 0, SYF_CAPENABLED }, /* 376 = eaccess */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 377 = afs_syscall */
{ AS(nmount_args), (sy_call_t *)nmount, AUE_NMOUNT, NULL, 0, 0, 0 }, /* 378 = nmount */
{ 0, (sy_call_t *)kse_exit, AUE_NULL, NULL, 0, 0, 0 }, /* 379 = kse_exit */
- { AS(kse_wakeup_args), (sy_call_t *)kse_wakeup, AUE_NULL, NULL, 0, 0, 0 }, /* 380 = kse_wakeup */
- { AS(kse_create_args), (sy_call_t *)kse_create, AUE_NULL, NULL, 0, 0, 0 }, /* 381 = kse_create */
- { AS(kse_thr_interrupt_args), (sy_call_t *)kse_thr_interrupt, AUE_NULL, NULL, 0, 0, 0 }, /* 382 = kse_thr_interrupt */
- { AS(kse_release_args), (sy_call_t *)kse_release, AUE_NULL, NULL, 0, 0, 0 }, /* 383 = kse_release */
- { AS(__mac_get_proc_args), (sy_call_t *)__mac_get_proc, AUE_NULL, NULL, 0, 0, 0 }, /* 384 = __mac_get_proc */
- { AS(__mac_set_proc_args), (sy_call_t *)__mac_set_proc, AUE_NULL, NULL, 0, 0, 0 }, /* 385 = __mac_set_proc */
- { AS(__mac_get_fd_args), (sy_call_t *)__mac_get_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 386 = __mac_get_fd */
+ { AS(kse_wakeup_args), (sy_call_t *)kse_wakeup, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 380 = kse_wakeup */
+ { AS(kse_create_args), (sy_call_t *)kse_create, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 381 = kse_create */
+ { AS(kse_thr_interrupt_args), (sy_call_t *)kse_thr_interrupt, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 382 = kse_thr_interrupt */
+ { AS(kse_release_args), (sy_call_t *)kse_release, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 383 = kse_release */
+ { AS(__mac_get_proc_args), (sy_call_t *)__mac_get_proc, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 384 = __mac_get_proc */
+ { AS(__mac_set_proc_args), (sy_call_t *)__mac_set_proc, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 385 = __mac_set_proc */
+ { AS(__mac_get_fd_args), (sy_call_t *)__mac_get_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 386 = __mac_get_fd */
{ AS(__mac_get_file_args), (sy_call_t *)__mac_get_file, AUE_NULL, NULL, 0, 0, 0 }, /* 387 = __mac_get_file */
- { AS(__mac_set_fd_args), (sy_call_t *)__mac_set_fd, AUE_NULL, NULL, 0, 0, 0 }, /* 388 = __mac_set_fd */
+ { AS(__mac_set_fd_args), (sy_call_t *)__mac_set_fd, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 388 = __mac_set_fd */
{ AS(__mac_set_file_args), (sy_call_t *)__mac_set_file, AUE_NULL, NULL, 0, 0, 0 }, /* 389 = __mac_set_file */
{ AS(kenv_args), (sy_call_t *)kenv, AUE_NULL, NULL, 0, 0, 0 }, /* 390 = kenv */
{ AS(lchflags_args), (sy_call_t *)lchflags, AUE_LCHFLAGS, NULL, 0, 0, 0 }, /* 391 = lchflags */
- { AS(uuidgen_args), (sy_call_t *)uuidgen, AUE_NULL, NULL, 0, 0, 0 }, /* 392 = uuidgen */
- { AS(sendfile_args), (sy_call_t *)sendfile, AUE_SENDFILE, NULL, 0, 0, 0 }, /* 393 = sendfile */
+ { AS(uuidgen_args), (sy_call_t *)uuidgen, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 392 = uuidgen */
+ { AS(sendfile_args), (sy_call_t *)sendfile, AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED }, /* 393 = sendfile */
{ AS(mac_syscall_args), (sy_call_t *)mac_syscall, AUE_NULL, NULL, 0, 0, 0 }, /* 394 = mac_syscall */
{ AS(getfsstat_args), (sy_call_t *)getfsstat, AUE_GETFSSTAT, NULL, 0, 0, 0 }, /* 395 = getfsstat */
{ AS(statfs_args), (sy_call_t *)statfs, AUE_STATFS, NULL, 0, 0, 0 }, /* 396 = statfs */
@@ -438,20 +438,20 @@
{ AS(ksem_unlink_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 406 = ksem_unlink */
{ AS(ksem_getvalue_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 407 = ksem_getvalue */
{ AS(ksem_destroy_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 408 = ksem_destroy */
- { AS(__mac_get_pid_args), (sy_call_t *)__mac_get_pid, AUE_NULL, NULL, 0, 0, 0 }, /* 409 = __mac_get_pid */
+ { AS(__mac_get_pid_args), (sy_call_t *)__mac_get_pid, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 409 = __mac_get_pid */
{ AS(__mac_get_link_args), (sy_call_t *)__mac_get_link, AUE_NULL, NULL, 0, 0, 0 }, /* 410 = __mac_get_link */
{ AS(__mac_set_link_args), (sy_call_t *)__mac_set_link, AUE_NULL, NULL, 0, 0, 0 }, /* 411 = __mac_set_link */
{ AS(extattr_set_link_args), (sy_call_t *)extattr_set_link, AUE_EXTATTR_SET_LINK, NULL, 0, 0, 0 }, /* 412 = extattr_set_link */
{ AS(extattr_get_link_args), (sy_call_t *)extattr_get_link, AUE_EXTATTR_GET_LINK, NULL, 0, 0, 0 }, /* 413 = extattr_get_link */
{ AS(extattr_delete_link_args), (sy_call_t *)extattr_delete_link, AUE_EXTATTR_DELETE_LINK, NULL, 0, 0, 0 }, /* 414 = extattr_delete_link */
{ AS(__mac_execve_args), (sy_call_t *)__mac_execve, AUE_NULL, NULL, 0, 0, 0 }, /* 415 = __mac_execve */
- { AS(sigaction_args), (sy_call_t *)sigaction, AUE_SIGACTION, NULL, 0, 0, 0 }, /* 416 = sigaction */
- { AS(sigreturn_args), (sy_call_t *)sigreturn, AUE_SIGRETURN, NULL, 0, 0, 0 }, /* 417 = sigreturn */
+ { AS(sigaction_args), (sy_call_t *)sigaction, AUE_SIGACTION, NULL, 0, 0, SYF_CAPENABLED }, /* 416 = sigaction */
+ { AS(sigreturn_args), (sy_call_t *)sigreturn, AUE_SIGRETURN, NULL, 0, 0, SYF_CAPENABLED }, /* 417 = sigreturn */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 418 = __xstat */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 419 = __xfstat */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 420 = __xlstat */
- { AS(getcontext_args), (sy_call_t *)getcontext, AUE_NULL, NULL, 0, 0, 0 }, /* 421 = getcontext */
- { AS(setcontext_args), (sy_call_t *)setcontext, AUE_NULL, NULL, 0, 0, 0 }, /* 422 = setcontext */
+ { AS(getcontext_args), (sy_call_t *)getcontext, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 421 = getcontext */
+ { AS(setcontext_args), (sy_call_t *)setcontext, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 422 = setcontext */
{ AS(swapcontext_args), (sy_call_t *)swapcontext, AUE_NULL, NULL, 0, 0, 0 }, /* 423 = swapcontext */
{ AS(swapoff_args), (sy_call_t *)swapoff, AUE_SWAPOFF, NULL, 0, 0, 0 }, /* 424 = swapoff */
{ AS(__acl_get_link_args), (sy_call_t *)__acl_get_link, AUE_NULL, NULL, 0, 0, 0 }, /* 425 = __acl_get_link */
@@ -459,50 +459,50 @@
{ AS(__acl_delete_link_args), (sy_call_t *)__acl_delete_link, AUE_NULL, NULL, 0, 0, 0 }, /* 427 = __acl_delete_link */
{ AS(__acl_aclcheck_link_args), (sy_call_t *)__acl_aclcheck_link, AUE_NULL, NULL, 0, 0, 0 }, /* 428 = __acl_aclcheck_link */
{ AS(sigwait_args), (sy_call_t *)sigwait, AUE_SIGWAIT, NULL, 0, 0, 0 }, /* 429 = sigwait */
- { AS(thr_create_args), (sy_call_t *)thr_create, AUE_NULL, NULL, 0, 0, 0 }, /* 430 = thr_create */
- { AS(thr_exit_args), (sy_call_t *)thr_exit, AUE_NULL, NULL, 0, 0, 0 }, /* 431 = thr_exit */
- { AS(thr_self_args), (sy_call_t *)thr_self, AUE_NULL, NULL, 0, 0, 0 }, /* 432 = thr_self */
- { AS(thr_kill_args), (sy_call_t *)thr_kill, AUE_NULL, NULL, 0, 0, 0 }, /* 433 = thr_kill */
- { AS(_umtx_lock_args), (sy_call_t *)_umtx_lock, AUE_NULL, NULL, 0, 0, 0 }, /* 434 = _umtx_lock */
- { AS(_umtx_unlock_args), (sy_call_t *)_umtx_unlock, AUE_NULL, NULL, 0, 0, 0 }, /* 435 = _umtx_unlock */
+ { AS(thr_create_args), (sy_call_t *)thr_create, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 430 = thr_create */
+ { AS(thr_exit_args), (sy_call_t *)thr_exit, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 431 = thr_exit */
+ { AS(thr_self_args), (sy_call_t *)thr_self, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 432 = thr_self */
+ { AS(thr_kill_args), (sy_call_t *)thr_kill, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 433 = thr_kill */
+ { AS(_umtx_lock_args), (sy_call_t *)_umtx_lock, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 434 = _umtx_lock */
+ { AS(_umtx_unlock_args), (sy_call_t *)_umtx_unlock, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 435 = _umtx_unlock */
{ AS(jail_attach_args), (sy_call_t *)jail_attach, AUE_NULL, NULL, 0, 0, 0 }, /* 436 = jail_attach */
{ AS(extattr_list_fd_args), (sy_call_t *)extattr_list_fd, AUE_EXTATTR_LIST_FD, NULL, 0, 0, SYF_CAPENABLED }, /* 437 = extattr_list_fd */
{ AS(extattr_list_file_args), (sy_call_t *)extattr_list_file, AUE_EXTATTR_LIST_FILE, NULL, 0, 0, 0 }, /* 438 = extattr_list_file */
{ AS(extattr_list_link_args), (sy_call_t *)extattr_list_link, AUE_EXTATTR_LIST_LINK, NULL, 0, 0, 0 }, /* 439 = extattr_list_link */
- { AS(kse_switchin_args), (sy_call_t *)kse_switchin, AUE_NULL, NULL, 0, 0, 0 }, /* 440 = kse_switchin */
+ { AS(kse_switchin_args), (sy_call_t *)kse_switchin, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 440 = kse_switchin */
{ AS(ksem_timedwait_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 441 = ksem_timedwait */
- { AS(thr_suspend_args), (sy_call_t *)thr_suspend, AUE_NULL, NULL, 0, 0, 0 }, /* 442 = thr_suspend */
- { AS(thr_wake_args), (sy_call_t *)thr_wake, AUE_NULL, NULL, 0, 0, 0 }, /* 443 = thr_wake */
+ { AS(thr_suspend_args), (sy_call_t *)thr_suspend, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 442 = thr_suspend */
+ { AS(thr_wake_args), (sy_call_t *)thr_wake, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 443 = thr_wake */
{ AS(kldunloadf_args), (sy_call_t *)kldunloadf, AUE_MODUNLOAD, NULL, 0, 0, 0 }, /* 444 = kldunloadf */
{ AS(audit_args), (sy_call_t *)audit, AUE_AUDIT, NULL, 0, 0, 0 }, /* 445 = audit */
{ AS(auditon_args), (sy_call_t *)auditon, AUE_AUDITON, NULL, 0, 0, 0 }, /* 446 = auditon */
- { AS(getauid_args), (sy_call_t *)getauid, AUE_GETAUID, NULL, 0, 0, 0 }, /* 447 = getauid */
- { AS(setauid_args), (sy_call_t *)setauid, AUE_SETAUID, NULL, 0, 0, 0 }, /* 448 = setauid */
- { AS(getaudit_args), (sy_call_t *)getaudit, AUE_GETAUDIT, NULL, 0, 0, 0 }, /* 449 = getaudit */
- { AS(setaudit_args), (sy_call_t *)setaudit, AUE_SETAUDIT, NULL, 0, 0, 0 }, /* 450 = setaudit */
- { AS(getaudit_addr_args), (sy_call_t *)getaudit_addr, AUE_GETAUDIT_ADDR, NULL, 0, 0, 0 }, /* 451 = getaudit_addr */
- { AS(setaudit_addr_args), (sy_call_t *)setaudit_addr, AUE_SETAUDIT_ADDR, NULL, 0, 0, 0 }, /* 452 = setaudit_addr */
+ { AS(getauid_args), (sy_call_t *)getauid, AUE_GETAUID, NULL, 0, 0, SYF_CAPENABLED }, /* 447 = getauid */
+ { AS(setauid_args), (sy_call_t *)setauid, AUE_SETAUID, NULL, 0, 0, SYF_CAPENABLED }, /* 448 = setauid */
+ { AS(getaudit_args), (sy_call_t *)getaudit, AUE_GETAUDIT, NULL, 0, 0, SYF_CAPENABLED }, /* 449 = getaudit */
+ { AS(setaudit_args), (sy_call_t *)setaudit, AUE_SETAUDIT, NULL, 0, 0, SYF_CAPENABLED }, /* 450 = setaudit */
+ { AS(getaudit_addr_args), (sy_call_t *)getaudit_addr, AUE_GETAUDIT_ADDR, NULL, 0, 0, SYF_CAPENABLED }, /* 451 = getaudit_addr */
+ { AS(setaudit_addr_args), (sy_call_t *)setaudit_addr, AUE_SETAUDIT_ADDR, NULL, 0, 0, SYF_CAPENABLED }, /* 452 = setaudit_addr */
{ AS(auditctl_args), (sy_call_t *)auditctl, AUE_AUDITCTL, NULL, 0, 0, 0 }, /* 453 = auditctl */
- { AS(_umtx_op_args), (sy_call_t *)_umtx_op, AUE_NULL, NULL, 0, 0, 0 }, /* 454 = _umtx_op */
- { AS(thr_new_args), (sy_call_t *)thr_new, AUE_NULL, NULL, 0, 0, 0 }, /* 455 = thr_new */
- { AS(sigqueue_args), (sy_call_t *)sigqueue, AUE_NULL, NULL, 0, 0, 0 }, /* 456 = sigqueue */
+ { AS(_umtx_op_args), (sy_call_t *)_umtx_op, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 454 = _umtx_op */
+ { AS(thr_new_args), (sy_call_t *)thr_new, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 455 = thr_new */
+ { AS(sigqueue_args), (sy_call_t *)sigqueue, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 456 = sigqueue */
{ AS(kmq_open_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 457 = kmq_open */
{ AS(kmq_setattr_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 458 = kmq_setattr */
{ AS(kmq_timedreceive_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 459 = kmq_timedreceive */
{ AS(kmq_timedsend_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 460 = kmq_timedsend */
{ AS(kmq_notify_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 461 = kmq_notify */
{ AS(kmq_unlink_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 462 = kmq_unlink */
- { AS(abort2_args), (sy_call_t *)abort2, AUE_NULL, NULL, 0, 0, 0 }, /* 463 = abort2 */
- { AS(thr_set_name_args), (sy_call_t *)thr_set_name, AUE_NULL, NULL, 0, 0, 0 }, /* 464 = thr_set_name */
+ { AS(abort2_args), (sy_call_t *)abort2, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 463 = abort2 */
+ { AS(thr_set_name_args), (sy_call_t *)thr_set_name, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 464 = thr_set_name */
{ AS(aio_fsync_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0 }, /* 465 = aio_fsync */
- { AS(rtprio_thread_args), (sy_call_t *)rtprio_thread, AUE_RTPRIO, NULL, 0, 0, 0 }, /* 466 = rtprio_thread */
+ { AS(rtprio_thread_args), (sy_call_t *)rtprio_thread, AUE_RTPRIO, NULL, 0, 0, SYF_CAPENABLED }, /* 466 = rtprio_thread */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 467 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 468 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 469 = __getpath_fromfd */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 470 = __getpath_fromaddr */
{ AS(sctp_peeloff_args), (sy_call_t *)sctp_peeloff, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 471 = sctp_peeloff */
{ AS(sctp_generic_sendmsg_args), (sy_call_t *)sctp_generic_sendmsg, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 472 = sctp_generic_sendmsg */
- { AS(sctp_generic_sendmsg_iov_args), (sy_call_t *)sctp_generic_sendmsg_iov, AUE_NULL, NULL, 0, 0, 0 }, /* 473 = sctp_generic_sendmsg_iov */
+ { AS(sctp_generic_sendmsg_iov_args), (sy_call_t *)sctp_generic_sendmsg_iov, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 473 = sctp_generic_sendmsg_iov */
{ AS(sctp_generic_recvmsg_args), (sy_call_t *)sctp_generic_recvmsg, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 474 = sctp_generic_recvmsg */
{ AS(pread_args), (sy_call_t *)pread, AUE_PREAD, NULL, 0, 0, SYF_CAPENABLED }, /* 475 = pread */
{ AS(pwrite_args), (sy_call_t *)pwrite, AUE_PWRITE, NULL, 0, 0, SYF_CAPENABLED }, /* 476 = pwrite */
@@ -514,7 +514,7 @@
{ AS(shm_open_args), (sy_call_t *)shm_open, AUE_SHMOPEN, NULL, 0, 0, 0 }, /* 482 = shm_open */
{ AS(shm_unlink_args), (sy_call_t *)shm_unlink, AUE_SHMUNLINK, NULL, 0, 0, 0 }, /* 483 = shm_unlink */
{ AS(cap_new_args), (sy_call_t *)cap_new, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 484 = cap_new */
- { AS(cap_getrights_args), (sy_call_t *)cap_getrights, AUE_NULL, NULL, 0, 0, 0 }, /* 485 = cap_getrights */
+ { AS(cap_getrights_args), (sy_call_t *)cap_getrights, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 485 = cap_getrights */
{ 0, (sy_call_t *)cap_enter, AUE_NULL, NULL, 0, 0, 0 }, /* 486 = cap_enter */
{ AS(cap_getmode_args), (sy_call_t *)cap_getmode, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 487 = cap_getmode */
};
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#8 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#8 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#8 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#8 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#8 (text+ko) ====
More information about the p4-projects
mailing list