PERFORCE change 156693 for review
Robert Watson
rwatson at FreeBSD.org
Mon Jan 26 07:58:35 PST 2009
http://perforce.freebsd.org/chv.cgi?CH=156693
Change 156693 by rwatson at rwatson_freebsd_capabilities on 2009/01/26 15:57:58
Implement closefrom(2) based on a combination of bits from Ighighi,
NetBSD, DragonflyBSD, and in consideration of the implementation on
OpenSolaris. Audit behavior here needs more work: the advantage of
the Solaris userspace implementation is that we get one audit event
for each fd closed.
While here, add missing cap_getmode symbol to the libc symbol table,
add missing mlinks for cap calls.
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/Makefile.inc#6 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/Symbol.map#13 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#28 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_descrip.c#17 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#28 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.master#17 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#28 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#28 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#28 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#28 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/Makefile.inc#6 (text+ko) ====
@@ -102,6 +102,8 @@
MLINKS+=access.2 eaccess.2 access.2 faccessat.2
MLINKS+=brk.2 sbrk.2
+MLINKS+=cap_enter.2 cap_getmode.2
+MLINKS+=cap_new.2 cap_getrights.2
MLINKS+=chdir.2 fchdir.2
MLINKS+=chflags.2 fchflags.2 chflags.2 lchflags.2
MLINKS+=chmod.2 fchmod.2 chmod.2 fchmodat.2 chmod.2 lchmod.2
==== //depot/projects/trustedbsd/capabilities/src/lib/libc/sys/Symbol.map#13 (text) ====
@@ -331,9 +331,11 @@
};
FBSD_1.1 {
+ cap_enter;
+ cap_getmode;
+ cap_getrights;
cap_new;
- cap_getrights;
- cap_enter;
+ closefrom;
cpuset;
cpuset_getid;
cpuset_setid;
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#28 (text+ko) ====
@@ -542,4 +542,5 @@
{ AS(pdkill_args), (sy_call_t *)pdkill, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 511 = pdkill */
{ AS(pdgetpid_args), (sy_call_t *)pdgetpid, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED }, /* 512 = pdgetpid */
{ AS(pdwait_args), (sy_call_t *)pdwait, AUE_NULL, NULL, 0, 0, 0 }, /* 513 = pdwait */
+ { AS(closefrom_args), (sy_call_t *)closefrom, AUE_CLOSEFROM, NULL, 0, 0, 0 }, /* 514 = closefrom */
};
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_descrip.c#17 (text+ko) ====
@@ -1124,6 +1124,33 @@
return (error);
}
+static int
+kern_closefrom(struct thread *td, int lowfd)
+{
+ struct filedesc *fdp;
+ int fd;
+
+ if (lowfd < 0)
+ return (EBADF);
+ fdp = td->td_proc->p_fd;
+ FILEDESC_SLOCK(fdp);
+ while ((fd = fdp->fd_lastfile) >= lowfd) {
+ FILEDESC_SUNLOCK(fdp);
+ if (kern_close(td, fd) == EINTR)
+ return (EINTR);
+ FILEDESC_SLOCK(fdp);
+ }
+ FILEDESC_SUNLOCK(fdp);
+ return (0);
+}
+
+int
+closefrom(struct thread *td, struct closefrom_args *uap)
+{
+
+ return (kern_closefrom(td, uap->lowfd));
+}
+
#if defined(COMPAT_43)
/*
* Return status information about a file descriptor.
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#28 (text+ko) ====
@@ -521,4 +521,5 @@
"pdkill", /* 511 = pdkill */
"pdgetpid", /* 512 = pdgetpid */
"pdwait", /* 513 = pdwait */
+ "closefrom", /* 514 = closefrom */
};
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.master#17 (text+ko) ====
@@ -916,5 +916,7 @@
513 AUE_NULL STD { int pdwait(int fd, int *status, \
int options, struct rusage *rusage); }
+514 AUE_CLOSEFROM STD { int closefrom(int lowfd); }
+
; Please copy any additions and changes to the following compatability tables:
; sys/compat/freebsd32/syscalls.master
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#28 (text+ko) ====
@@ -3101,6 +3101,13 @@
*n_args = 4;
break;
}
+ /* closefrom */
+ case 514: {
+ struct closefrom_args *p = params;
+ iarg[0] = p->lowfd; /* int */
+ *n_args = 1;
+ break;
+ }
default:
*n_args = 0;
break;
@@ -8225,6 +8232,16 @@
break;
};
break;
+ /* closefrom */
+ case 514:
+ switch(ndx) {
+ case 0:
+ p = "int";
+ break;
+ default:
+ break;
+ };
+ break;
default:
break;
};
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#28 (text+ko) ====
@@ -429,4 +429,5 @@
#define SYS_pdkill 511
#define SYS_pdgetpid 512
#define SYS_pdwait 513
-#define SYS_MAXSYSCALL 514
+#define SYS_closefrom 514
+#define SYS_MAXSYSCALL 515
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#28 (text+ko) ====
@@ -377,4 +377,5 @@
pdfork.o \
pdkill.o \
pdgetpid.o \
- pdwait.o
+ pdwait.o \
+ closefrom.o
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#28 (text+ko) ====
@@ -1656,6 +1656,9 @@
char options_l_[PADL_(int)]; int options; char options_r_[PADR_(int)];
char rusage_l_[PADL_(struct rusage *)]; struct rusage * rusage; char rusage_r_[PADR_(struct rusage *)];
};
+struct closefrom_args {
+ char lowfd_l_[PADL_(int)]; int lowfd; char lowfd_r_[PADR_(int)];
+};
int nosys(struct thread *, struct nosys_args *);
void sys_exit(struct thread *, struct sys_exit_args *);
int fork(struct thread *, struct fork_args *);
@@ -2018,6 +2021,7 @@
int pdkill(struct thread *, struct pdkill_args *);
int pdgetpid(struct thread *, struct pdgetpid_args *);
int pdwait(struct thread *, struct pdwait_args *);
+int closefrom(struct thread *, struct closefrom_args *);
#ifdef COMPAT_43
@@ -2619,6 +2623,7 @@
#define SYS_AUE_pdkill AUE_NULL
#define SYS_AUE_pdgetpid AUE_NULL
#define SYS_AUE_pdwait AUE_NULL
+#define SYS_AUE_closefrom AUE_CLOSEFROM
#undef PAD_
#undef PADL_
More information about the p4-projects
mailing list