From nobody Tue Oct 19 23:20:34 2021
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id AA35417F7683;
	Tue, 19 Oct 2021 23:20:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4HYqVB3ztTz4bsQ;
	Tue, 19 Oct 2021 23:20:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 68EC21CBBF;
	Tue, 19 Oct 2021 23:20:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 19JNKYot031249;
	Tue, 19 Oct 2021 23:20:34 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 19JNKY8x031248;
	Tue, 19 Oct 2021 23:20:34 GMT
	(envelope-from git)
Date: Tue, 19 Oct 2021 23:20:34 GMT
Message-Id: <202110192320.19JNKY8x031248@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Brooks Davis <brooks@FreeBSD.org>
Subject: git: fe388671ac85 - stable/13 - makesyscalls.lua: add a CAPENABLED flag
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: brooks
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: fe388671ac851292f59926e96f2c86e6e46ea218
Auto-Submitted: auto-generated
X-ThisMailContainsUnwantedMimeParts: N

The branch stable/13 has been updated by brooks:

URL: https://cgit.FreeBSD.org/src/commit/?id=fe388671ac851292f59926e96f2c86e6e46ea218

commit fe388671ac851292f59926e96f2c86e6e46ea218
Author:     Brooks Davis <brooks@FreeBSD.org>
AuthorDate: 2021-10-19 23:19:56 +0000
Commit:     Brooks Davis <brooks@FreeBSD.org>
CommitDate: 2021-10-19 23:19:56 +0000

    makesyscalls.lua: add a CAPENABLED flag
    
    The CAPENABLED flag indicates that the syscall can be used in capsicum
    capability mode.  It is intended to replace capabilities.conf.
    
    Reviewed by:    kevans, emaste
    Sponsored by:   DARPA
    Differential Revision:  https://reviews.freebsd.org/D31349
    
    (cherry picked from commit 6945df3fff57a9606f8c8a4e3865def3a0e915e7)
---
 sys/kern/syscalls.master   | 2 ++
 sys/tools/makesyscalls.lua | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/sys/kern/syscalls.master b/sys/kern/syscalls.master
index 81f016a0c073..51ff07f8deed 100644
--- a/sys/kern/syscalls.master
+++ b/sys/kern/syscalls.master
@@ -15,6 +15,7 @@
 ;		COMPAT7, COMPAT11, COMPAT12, NODEF, NOARGS, NOPROTO, NOSTD
 ;		The COMPAT* options may be combined with one or more NO*
 ;		options separated by '|' with no spaces (e.g. COMPAT|NOARGS)
+;		The CAPENABLED option may be ORed into a type.
 ;	name	pseudo-prototype of syscall routine
 ;		If one of the following alts is different, then all appear:
 ;	altname	name of system call if different
@@ -45,6 +46,7 @@
 ;		function prototype in sys/sysproto.h.  Does add a
 ;		definition to syscall.h besides adding a sysent.
 ;	NOTSTATIC syscall is loadable
+;	CAPENABLED syscall is allowed in capability mode
 
 ; annotations:
 ;	SAL 2.0 annotations are used to specify how system calls treat
diff --git a/sys/tools/makesyscalls.lua b/sys/tools/makesyscalls.lua
index 49a9e283e646..dba9488b11a8 100644
--- a/sys/tools/makesyscalls.lua
+++ b/sys/tools/makesyscalls.lua
@@ -155,6 +155,7 @@ local known_flags = {
 	NOPROTO		= 0x00000040,
 	NOSTD		= 0x00000080,
 	NOTSTATIC	= 0x00000100,
+	CAPENABLED	= 0x00000200,
 
 	-- Compat flags start from here.  We have plenty of space.
 }
@@ -1060,7 +1061,8 @@ process_syscall_def = function(line)
 	-- If applicable; strip the ABI prefix from the name
 	local stripped_name = strip_abi_prefix(funcname)
 
-	if config["capenabled"][funcname] ~= nil or
+	if flags & known_flags['CAPENABLED'] ~= 0 or
+	    config["capenabled"][funcname] ~= nil or
 	    config["capenabled"][stripped_name] ~= nil then
 		sysflags = "SYF_CAPENABLED"
 	end