svn commit: r219128 - in head/sys: bsm security/audit sys
Robert Watson
rwatson at FreeBSD.org
Tue Mar 1 13:14:29 UTC 2011
Author: rwatson
Date: Tue Mar 1 13:14:28 2011
New Revision: 219128
URL: http://svn.freebsd.org/changeset/base/219128
Log:
Add ECAPMODE, "Not permitted in capability mode", a new kernel errno
constant to indicate that a system call (or perhaps an operation requested
via a system call) is not permitted for a capability mode process.
Submitted by: anderson
Sponsored by: Google, Inc.
Obtained from: Capsicum Project
MFC after: 1 week
Modified:
head/sys/bsm/audit_errno.h
head/sys/security/audit/audit_bsm_errno.c
head/sys/sys/errno.h
Modified: head/sys/bsm/audit_errno.h
==============================================================================
--- head/sys/bsm/audit_errno.h Tue Mar 1 13:10:56 2011 (r219127)
+++ head/sys/bsm/audit_errno.h Tue Mar 1 13:14:28 2011 (r219128)
@@ -205,6 +205,8 @@
#define BSM_ERRNO_EKEYEXPIRED 220 /* Linux-specific. */
#define BSM_ERRNO_EKEYREVOKED 221 /* Linux-specific. */
#define BSM_ERRNO_EKEYREJECTED 222 /* Linux-specific. */
+#define BSM_ERRNO_ENOTCAPABLE 223 /* FreeBSD-specific. */
+#define BSM_ERRNO_ECAPMODE 224 /* FreeBSD-specific. */
/*
* In the event that OpenBSM doesn't have a file representation of a local
Modified: head/sys/security/audit/audit_bsm_errno.c
==============================================================================
--- head/sys/security/audit/audit_bsm_errno.c Tue Mar 1 13:10:56 2011 (r219127)
+++ head/sys/security/audit/audit_bsm_errno.c Tue Mar 1 13:14:28 2011 (r219128)
@@ -686,6 +686,20 @@ static const struct bsm_errno bsm_errnos
ERRNO_NO_LOCAL_MAPPING,
#endif
ES("Key was rejected by service") },
+ { BSM_ERRNO_ENOTCAPABLE,
+#ifdef ENOTCAPABLE
+ ENOTCAPABLE,
+#else
+ ERRNO_NO_LOCAL_MAPPING,
+#endif
+ ES("Capabilities insufficient") },
+ { BSM_ERRNO_ECAPMODE,
+#ifdef ECAPMODE
+ ECAPMODE,
+#else
+ ERRNO_NO_LOCAL_MAPPING,
+#endif
+ ES("Not permitted in capability mode") },
};
static const int bsm_errnos_count = sizeof(bsm_errnos) / sizeof(bsm_errnos[0]);
Modified: head/sys/sys/errno.h
==============================================================================
--- head/sys/sys/errno.h Tue Mar 1 13:10:56 2011 (r219127)
+++ head/sys/sys/errno.h Tue Mar 1 13:14:28 2011 (r219128)
@@ -175,10 +175,11 @@ __END_DECLS
#ifndef _POSIX_SOURCE
#define ENOTCAPABLE 93 /* Capabilities insufficient */
+#define ECAPMODE 94 /* Not permitted in capability mode */
#endif /* _POSIX_SOURCE */
#ifndef _POSIX_SOURCE
-#define ELAST 93 /* Must be equal largest errno */
+#define ELAST 94 /* Must be equal largest errno */
#endif /* _POSIX_SOURCE */
#ifdef _KERNEL
More information about the svn-src-all
mailing list