svn commit: r219133 - head/sys/kern
Robert Watson
rwatson at FreeBSD.org
Tue Mar 1 13:32:08 UTC 2011
Author: rwatson
Date: Tue Mar 1 13:32:07 2011
New Revision: 219133
URL: http://svn.freebsd.org/changeset/base/219133
Log:
Continue introducing Capsicum capability mode support:
If a system call wasn't listed in capabilities.conf, return ECAPMODE at
syscall entry.
Reviewed by: anderson
Discussed with: benl, kris, pjd
Sponsored by: Google, Inc.
Obtained from: Capsicum Project
MFC after: 3 months
Modified:
head/sys/kern/subr_trap.c
Modified: head/sys/kern/subr_trap.c
==============================================================================
--- head/sys/kern/subr_trap.c Tue Mar 1 13:30:23 2011 (r219132)
+++ head/sys/kern/subr_trap.c Tue Mar 1 13:32:07 2011 (r219133)
@@ -44,12 +44,14 @@
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
+#include "opt_capabilities.h"
#include "opt_ktrace.h"
#include "opt_kdtrace.h"
#include "opt_sched.h"
#include <sys/param.h>
#include <sys/bus.h>
+#include <sys/capability.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/mutex.h>
@@ -310,6 +312,19 @@ syscallenter(struct thread *td, struct s
if (error != 0)
goto retval;
}
+
+#ifdef CAPABILITIES
+ /*
+ * In capability mode, we only allow access to system calls
+ * flagged with SYF_CAPENABLED.
+ */
+ if (IN_CAPABILITY_MODE(td) &&
+ !(sa->callp->sy_flags & SYF_CAPENABLED)) {
+ error = ECAPMODE;
+ goto retval;
+ }
+#endif
+
error = syscall_thread_enter(td, sa->callp);
if (error != 0)
goto retval;
More information about the svn-src-head
mailing list