PERFORCE change 156387 for review

Mon Jan 19 06:56:36 PST 2009

http://perforce.freebsd.org/chv.cgi?CH=156387

Change 156387 by rwatson at rwatson_freebsd_capabilities on 2009/01/19 14:55:53

	Teach procstat to print out the mask of rights on a capability in
	file descriptor mode.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/usr.bin/procstat/procstat_files.c#10 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/usr.bin/procstat/procstat_files.c#10 (text+ko) ====

@@ -27,6 +27,7 @@
  */
 
 #include <sys/param.h>
+#include <sys/capability.h>
 #include <sys/socket.h>
 #include <sys/sysctl.h>
 #include <sys/un.h>
@@ -131,6 +132,74 @@
 	printf("%s", addr);
 }
 
+static struct cap_desc {
+	cap_rights_t	 cd_right;
+	const char	*cd_desc;
+} cap_desc[] = {
+	{ CAP_READ,		"rd" },
+	{ CAP_WRITE,		"wr" },
+	{ CAP_SEEK,		"se" },
+	{ CAP_GETPEERNAME,	"pn" },
+	{ CAP_GETSOCKNAME,	"sn" },
+	{ CAP_FCHFLAGS,		"cf" },
+	{ CAP_IOCTL,		"io" },
+	{ CAP_FSTAT,		"fs" },
+	{ CAP_MMAP,		"mm" },
+	{ CAP_FCNTL,		"fc" },
+	{ CAP_EVENT,		"ev" },
+	{ CAP_FSYNC,		"fy" },
+	{ CAP_FCHOWN,		"cn" },
+	{ CAP_FCHMOD,		"cm" },
+	{ CAP_FTRUNCATE,	"ft" },
+	{ CAP_FLOCK,		"fl" },
+	{ CAP_FSTATFS,		"sf" },
+	{ CAP_REVOKE,		"rv" },
+	{ CAP_FEXECVE,		"fe" },
+	{ CAP_FPATHCONF,	"fp" },
+	{ CAP_FUTIMES,		"fu" },
+	{ CAP_ACL_GET,		"ag" },
+	{ CAP_ACL_SET,		"as" },
+	{ CAP_ACL_DELETE,	"ad" },
+	{ CAP_ACL_CHECK,	"ac" },
+	{ CAP_EXTATTR_GET,	"eg" },
+	{ CAP_EXTATTR_SET,	"es" },
+	{ CAP_EXTATTR_DELETE,	"ed" },
+	{ CAP_EXTATTR_LIST,	"el" },
+	{ CAP_MAC_GET,		"mg" },
+	{ CAP_MAC_SET,		"ms" },
+	{ CAP_ACCEPT,		"at" },
+	{ CAP_BIND,		"bd" },
+	{ CAP_GETSOCKOPT,	"gs" },
+	{ CAP_SETSOCKOPT,	"ss" },
+	{ CAP_LISTEN,		"ln" },
+	{ CAP_SHUTDOWN,		"sh" },
+	{ CAP_PEELOFF,		"pf" },
+	{ CAP_LOOKUP,		"lo" },
+	{ CAP_SEM_POST,		"sp" },
+	{ CAP_SEM_WAIT,		"sw" },
+	{ CAP_SEM_GETVALUE,	"sg" },
+	{ CAP_KEVENT,		"ke" },
+	{ CAP_PDGETPID,		"pg" },
+	{ CAP_PDWAIT,		"pw" },
+	{ CAP_PDKILL,		"pk" },
+};
+static const int	cap_desc_count = sizeof(cap_desc) /
+			    sizeof(cap_desc[0]);
+
+static void
+print_capability(cap_rights_t rights)
+{
+	int count, i;
+
+	count = 0;
+	for (i = 0; i < cap_desc_count; i++) {
+		if (rights & cap_desc[i].cd_right) {
+			printf("%s%s", count ? "," : "", cap_desc[i].cd_desc);
+			count++;
+		}
+	}
+}
+
 void
 procstat_files(pid_t pid, struct kinfo_proc *kipp)
 {
@@ -323,6 +392,11 @@
 			}
 			break;
 
+		case KF_TYPE_CAPABILITY:
+			printf("%-4s ", "-");
+			print_capability(kif->kf_cap_rights);
+			break;
+
 		case KF_TYPE_PROCDESC:
 			printf("%-3s %d", "-", kif->kf_pid);
 			break;
