From nobody Mon Nov 17 16:39:54 2025 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4d9D4B3L1Lz6GXBf; Mon, 17 Nov 2025 16:39:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4d9D4B1lRNz3TJ3; Mon, 17 Nov 2025 16:39:54 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1763397594; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MxBkOt9WDNS3vOyzBZH0IMjgvuxvCj6ux3I6JX/JDrU=; b=cBTu1pI6kXEaOcFVUBnivTpOwIvbWEMXYlJ7nBarifnyrxYtIw5Zl0I/yNDMf8G3K6AXkv PJKUGNm14e8AxZXm2cUTs1F01bODoTP99F1XOmyz/hh7J7IPVz55F6kN6G7UixMvDj9VAy xDlfxIGNqjvwDWcUjDFJfoGBSurl1pdEY61VEdfF49XO6I1P3pSNFbV227cCR1ATHENsNE nIIXEbsAi6F8WJrrbHtKPkGTidgyBopmC6ojz9T3KSOgIOxm5sZc3h0zu2L0qspe5VYmF7 R1fAEqzKDLp5bgiacT628nOUulYSZvnLQc73rGqtN7v5oD1CngwzKF55e7YYcw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1763397594; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MxBkOt9WDNS3vOyzBZH0IMjgvuxvCj6ux3I6JX/JDrU=; b=T9myU2+o3Hne7cIBa3qpLSkldWmsicsltRJGhuUnt8eYAPelBa/rI2yA6+jAO3q1P8kfBS 5LiEWM/sV9F1PJx6/KrbbFa1XfXGevYddsT6CkkNInWXpQVNmJMobhsm6XHiKVmNkzkXxF o17TpbhfstivPymx7s/6u2xFddrlXAJE8Toll2KLNnypHNb9hxEQ4WcolkZjlYXmmFoGcJ ADyoMhZGuGPjpKUOt5zRTu+/WJxx6TkQlXR4mGdqwHcKDhOskkJBGLhbrV2NnuThAyxlUH S8rDyCenP9F/VrlqEMohxYJAfA3UHMVrBlqMt2rM97dkO6O6CNlufBzKBAAcmw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1763397594; a=rsa-sha256; cv=none; b=c5mn85beJn9BnoGBLtOtOdJWdPXgWj8HAj0FG/sWUexfx6nys+MDK+eQmkyLm0jLi4UamU cz0KrgGXaMMMFqSmeP03fHNa9dxRwiq7KccM9IlzX+kLFpYjYEKdqPOneB8uCLOLiMJZBX 7JcigrerZZLWum+Y6aeNJconb7UXeFz3d+nvizcu4AHedDbgG6ms+XQr9I5TuzhgsQSLVH c6EQs7855Jo9ej9i87X/BSxpE0Dp2V9P00JvZurAPVJMI2AHGi3g3a1on3ClfG48cUmUyv SjPs74bDNmBcvO9CcvTKqXYjrvZ35SfYEbzm/y5rqpL++s6HgQCcFP31P84LkQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4d9D4B1K5Pz1RN; Mon, 17 Nov 2025 16:39:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 5AHGdsac008870; Mon, 17 Nov 2025 16:39:54 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 5AHGdspa008867; Mon, 17 Nov 2025 16:39:54 GMT (envelope-from git) Date: Mon, 17 Nov 2025 16:39:54 GMT Message-Id: <202511171639.5AHGdspa008867@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: ecc1e61d3140 - stable/13 - file: Qualify pointers to capsicum rights as const List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: ecc1e61d31407680c9acee9c7adcf2ca2aa21432 Auto-Submitted: auto-generated The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=ecc1e61d31407680c9acee9c7adcf2ca2aa21432 commit ecc1e61d31407680c9acee9c7adcf2ca2aa21432 Author: Mark Johnston AuthorDate: 2025-05-20 20:19:30 +0000 Commit: Mark Johnston CommitDate: 2025-11-17 15:06:28 +0000 file: Qualify pointers to capsicum rights as const File descriptor lookup routines typically take a set of capsicum rights as input to the lookup, so that the fd's rights can be atomically checked. This set should be qualified with const. No functional change intended. Reviewed by: olce, oshogbo, brooks, kib MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D50419 (cherry picked from commit 5319cb21610ad947c56fd0cd4f18ef5b58bc8db7) --- sys/kern/kern_descrip.c | 48 +++++++++++++++++++++++++++--------------------- sys/kern/sys_procdesc.c | 5 +++-- sys/kern/uipc_mqueue.c | 5 +++-- sys/kern/uipc_sem.c | 6 +++--- sys/kern/uipc_syscalls.c | 4 ++-- sys/kern/vfs_syscalls.c | 5 +++-- sys/sys/file.h | 21 +++++++++++---------- sys/sys/filedesc.h | 19 ++++++++++--------- sys/sys/namei.h | 4 ++-- sys/sys/procdesc.h | 6 ++++-- sys/sys/socketvar.h | 2 +- 11 files changed, 69 insertions(+), 56 deletions(-) diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index 57ecf253f5be..f073fc64e0bc 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -114,7 +114,8 @@ static void fdgrowtable_exp(struct filedesc *fdp, int nfd); static void fdunused(struct filedesc *fdp, int fd); static void fdused(struct filedesc *fdp, int fd); static int fget_unlocked_seq(struct filedesc *fdp, int fd, - cap_rights_t *needrightsp, struct file **fpp, seqc_t *seqp); + const cap_rights_t *needrightsp, struct file **fpp, + seqc_t *seqp); static int getmaxfd(struct thread *td); static u_long *filecaps_copy_prep(const struct filecaps *src); static void filecaps_copy_finish(const struct filecaps *src, @@ -2978,7 +2979,7 @@ finit_vnode(struct file *fp, u_int flag, void *data, struct fileops *ops) } int -fget_cap_locked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, +fget_cap_locked(struct filedesc *fdp, int fd, const cap_rights_t *needrightsp, struct file **fpp, struct filecaps *havecapsp) { struct filedescent *fde; @@ -3010,7 +3011,7 @@ out: } int -fget_cap(struct thread *td, int fd, cap_rights_t *needrightsp, +fget_cap(struct thread *td, int fd, const cap_rights_t *needrightsp, struct file **fpp, struct filecaps *havecapsp) { struct filedesc *fdp = td->td_proc->p_fd; @@ -3256,7 +3257,7 @@ out_free: } static int -fget_unlocked_seq(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, +fget_unlocked_seq(struct filedesc *fdp, int fd, const cap_rights_t *needrightsp, struct file **fpp, seqc_t *seqp) { #ifdef CAPABILITIES @@ -3339,7 +3340,7 @@ fget_unlocked_seq(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, * racing with itself. */ int -fget_unlocked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, +fget_unlocked(struct filedesc *fdp, int fd, const cap_rights_t *needrightsp, struct file **fpp) { #ifdef CAPABILITIES @@ -3406,7 +3407,7 @@ out_fallback: */ #ifdef CAPABILITIES int -fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, +fget_only_user(struct filedesc *fdp, int fd, const cap_rights_t *needrightsp, struct file **fpp) { const struct filedescent *fde; @@ -3436,7 +3437,7 @@ fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, } #else int -fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, +fget_only_user(struct filedesc *fdp, int fd, const cap_rights_t *needrightsp, struct file **fpp) { struct file *fp; @@ -3472,7 +3473,7 @@ fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, */ static __inline int _fget(struct thread *td, int fd, struct file **fpp, int flags, - cap_rights_t *needrightsp) + const cap_rights_t *needrightsp) { struct filedesc *fdp; struct file *fp; @@ -3520,15 +3521,15 @@ _fget(struct thread *td, int fd, struct file **fpp, int flags, } int -fget(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp) +fget(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp) { return (_fget(td, fd, fpp, 0, rightsp)); } int -fget_mmap(struct thread *td, int fd, cap_rights_t *rightsp, vm_prot_t *maxprotp, - struct file **fpp) +fget_mmap(struct thread *td, int fd, const cap_rights_t *rightsp, + vm_prot_t *maxprotp, struct file **fpp) { int error; #ifndef CAPABILITIES @@ -3571,22 +3572,24 @@ fget_mmap(struct thread *td, int fd, cap_rights_t *rightsp, vm_prot_t *maxprotp, } int -fget_read(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp) +fget_read(struct thread *td, int fd, const cap_rights_t *rightsp, + struct file **fpp) { return (_fget(td, fd, fpp, FREAD, rightsp)); } int -fget_write(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp) +fget_write(struct thread *td, int fd, const cap_rights_t *rightsp, + struct file **fpp) { return (_fget(td, fd, fpp, FWRITE, rightsp)); } int -fget_fcntl(struct thread *td, int fd, cap_rights_t *rightsp, int needfcntl, - struct file **fpp) +fget_fcntl(struct thread *td, int fd, const cap_rights_t *rightsp, + int needfcntl, struct file **fpp) { struct filedesc *fdp = td->td_proc->p_fd; #ifndef CAPABILITIES @@ -3624,7 +3627,7 @@ fget_fcntl(struct thread *td, int fd, cap_rights_t *rightsp, int needfcntl, * XXX: what about the unused flags ? */ static __inline int -_fgetvp(struct thread *td, int fd, int flags, cap_rights_t *needrightsp, +_fgetvp(struct thread *td, int fd, int flags, const cap_rights_t *needrightsp, struct vnode **vpp) { struct file *fp; @@ -3646,14 +3649,15 @@ _fgetvp(struct thread *td, int fd, int flags, cap_rights_t *needrightsp, } int -fgetvp(struct thread *td, int fd, cap_rights_t *rightsp, struct vnode **vpp) +fgetvp(struct thread *td, int fd, const cap_rights_t *rightsp, + struct vnode **vpp) { return (_fgetvp(td, fd, 0, rightsp, vpp)); } int -fgetvp_rights(struct thread *td, int fd, cap_rights_t *needrightsp, +fgetvp_rights(struct thread *td, int fd, const cap_rights_t *needrightsp, struct filecaps *havecaps, struct vnode **vpp) { struct filecaps caps; @@ -3685,14 +3689,16 @@ out: } int -fgetvp_read(struct thread *td, int fd, cap_rights_t *rightsp, struct vnode **vpp) +fgetvp_read(struct thread *td, int fd, const cap_rights_t *rightsp, + struct vnode **vpp) { return (_fgetvp(td, fd, FREAD, rightsp, vpp)); } int -fgetvp_exec(struct thread *td, int fd, cap_rights_t *rightsp, struct vnode **vpp) +fgetvp_exec(struct thread *td, int fd, const cap_rights_t *rightsp, + struct vnode **vpp) { return (_fgetvp(td, fd, FEXEC, rightsp, vpp)); @@ -3700,7 +3706,7 @@ fgetvp_exec(struct thread *td, int fd, cap_rights_t *rightsp, struct vnode **vpp #ifdef notyet int -fgetvp_write(struct thread *td, int fd, cap_rights_t *rightsp, +fgetvp_write(struct thread *td, int fd, const cap_rights_t *rightsp, struct vnode **vpp) { diff --git a/sys/kern/sys_procdesc.c b/sys/kern/sys_procdesc.c index aab7b1616594..4665dc2c0421 100644 --- a/sys/kern/sys_procdesc.c +++ b/sys/kern/sys_procdesc.c @@ -121,7 +121,7 @@ static struct fileops procdesc_ops = { * died. */ int -procdesc_find(struct thread *td, int fd, cap_rights_t *rightsp, +procdesc_find(struct thread *td, int fd, const cap_rights_t *rightsp, struct proc **p) { struct procdesc *pd; @@ -168,7 +168,8 @@ procdesc_pid(struct file *fp_procdesc) * Retrieve the PID associated with a process descriptor. */ int -kern_pdgetpid(struct thread *td, int fd, cap_rights_t *rightsp, pid_t *pidp) +kern_pdgetpid(struct thread *td, int fd, const cap_rights_t *rightsp, + pid_t *pidp) { struct file *fp; int error; diff --git a/sys/kern/uipc_mqueue.c b/sys/kern/uipc_mqueue.c index be3e3fefa749..14fbe9a7f281 100644 --- a/sys/kern/uipc_mqueue.c +++ b/sys/kern/uipc_mqueue.c @@ -2159,13 +2159,14 @@ sys_kmq_unlink(struct thread *td, struct kmq_unlink_args *uap) return (error); } -typedef int (*_fgetf)(struct thread *, int, cap_rights_t *, struct file **); +typedef int (*_fgetf)(struct thread *, int, const cap_rights_t *, + struct file **); /* * Get message queue by giving file slot */ static int -_getmq(struct thread *td, int fd, cap_rights_t *rightsp, _fgetf func, +_getmq(struct thread *td, int fd, const cap_rights_t *rightsp, _fgetf func, struct file **fpp, struct mqfs_node **ppn, struct mqueue **pmq) { struct mqfs_node *pn; diff --git a/sys/kern/uipc_sem.c b/sys/kern/uipc_sem.c index 7cb25749ad9c..9871c0528338 100644 --- a/sys/kern/uipc_sem.c +++ b/sys/kern/uipc_sem.c @@ -123,8 +123,8 @@ static int ksem_create(struct thread *td, const char *path, semid_t *semidp, mode_t mode, unsigned int value, int flags, int compat32); static void ksem_drop(struct ksem *ks); -static int ksem_get(struct thread *td, semid_t id, cap_rights_t *rightsp, - struct file **fpp); +static int ksem_get(struct thread *td, semid_t id, + const cap_rights_t *rightsp, struct file **fpp); static struct ksem *ksem_hold(struct ksem *ks); static void ksem_insert(char *path, Fnv32_t fnv, struct ksem *ks); static struct ksem *ksem_lookup(char *path, Fnv32_t fnv); @@ -588,7 +588,7 @@ ksem_create(struct thread *td, const char *name, semid_t *semidp, mode_t mode, } static int -ksem_get(struct thread *td, semid_t id, cap_rights_t *rightsp, +ksem_get(struct thread *td, semid_t id, const cap_rights_t *rightsp, struct file **fpp) { struct ksem *ks; diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c index ef3ebeb58176..336a0dd77d5c 100644 --- a/sys/kern/uipc_syscalls.c +++ b/sys/kern/uipc_syscalls.c @@ -91,7 +91,7 @@ static int sockargs(struct mbuf **, char *, socklen_t, int); * A reference on the file entry is held upon returning. */ int -getsock_cap(struct thread *td, int fd, cap_rights_t *rightsp, +getsock_cap(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp, u_int *fflagp, struct filecaps *havecapsp) { struct file *fp; @@ -727,7 +727,7 @@ kern_sendit(struct thread *td, int s, struct msghdr *mp, int flags, struct uio auio; struct iovec *iov; struct socket *so; - cap_rights_t *rights; + const cap_rights_t *rights; #ifdef KTRACE struct uio *ktruio = NULL; #endif diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 7dcdaa66adb8..51f26b843c45 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -4315,7 +4315,7 @@ out: * semantics. */ int -getvnode_path(struct thread *td, int fd, cap_rights_t *rightsp, +getvnode_path(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp) { struct file *fp; @@ -4353,7 +4353,8 @@ getvnode_path(struct thread *td, int fd, cap_rights_t *rightsp, * A reference on the file entry is held upon returning. */ int -getvnode(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp) +getvnode(struct thread *td, int fd, const cap_rights_t *rightsp, + struct file **fpp) { int error; diff --git a/sys/sys/file.h b/sys/sys/file.h index 9ae31974745a..4c0ec276c700 100644 --- a/sys/sys/file.h +++ b/sys/sys/file.h @@ -251,14 +251,15 @@ extern struct fileops socketops; extern int maxfiles; /* kernel limit on number of open files */ extern int maxfilesperproc; /* per process limit on number of open files */ -int fget(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp); -int fget_mmap(struct thread *td, int fd, cap_rights_t *rightsp, +int fget(struct thread *td, int fd, const cap_rights_t *rightsp, + struct file **fpp); +int fget_mmap(struct thread *td, int fd, const cap_rights_t *rightsp, vm_prot_t *maxprotp, struct file **fpp); -int fget_read(struct thread *td, int fd, cap_rights_t *rightsp, +int fget_read(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp); -int fget_write(struct thread *td, int fd, cap_rights_t *rightsp, +int fget_write(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp); -int fget_fcntl(struct thread *td, int fd, cap_rights_t *rightsp, +int fget_fcntl(struct thread *td, int fd, const cap_rights_t *rightsp, int needfcntl, struct file **fpp); int _fdrop(struct file *fp, struct thread *td); int fget_remote(struct thread *td, struct proc *p, int fd, struct file **fpp); @@ -281,15 +282,15 @@ int file_kcmp_generic(struct file *fp1, struct file *fp2, struct thread *td); void finit(struct file *, u_int, short, void *, struct fileops *); void finit_vnode(struct file *, u_int, void *, struct fileops *); -int fgetvp(struct thread *td, int fd, cap_rights_t *rightsp, +int fgetvp(struct thread *td, int fd, const cap_rights_t *rightsp, struct vnode **vpp); -int fgetvp_exec(struct thread *td, int fd, cap_rights_t *rightsp, +int fgetvp_exec(struct thread *td, int fd, const cap_rights_t *rightsp, struct vnode **vpp); -int fgetvp_rights(struct thread *td, int fd, cap_rights_t *needrightsp, +int fgetvp_rights(struct thread *td, int fd, const cap_rights_t *needrightsp, struct filecaps *havecaps, struct vnode **vpp); -int fgetvp_read(struct thread *td, int fd, cap_rights_t *rightsp, +int fgetvp_read(struct thread *td, int fd, const cap_rights_t *rightsp, struct vnode **vpp); -int fgetvp_write(struct thread *td, int fd, cap_rights_t *rightsp, +int fgetvp_write(struct thread *td, int fd, const cap_rights_t *rightsp, struct vnode **vpp); int fgetvp_lookup_smr(int fd, struct nameidata *ndp, struct vnode **vpp, bool *fsearch); int fgetvp_lookup(int fd, struct nameidata *ndp, struct vnode **vpp); diff --git a/sys/sys/filedesc.h b/sys/sys/filedesc.h index 9055f0a785e7..bf7a27e37161 100644 --- a/sys/sys/filedesc.h +++ b/sys/sys/filedesc.h @@ -267,22 +267,23 @@ struct filedesc_to_leader * struct filedesc_to_leader * filedesc_to_leader_share(struct filedesc_to_leader *fdtol, struct filedesc *fdp); -int getvnode(struct thread *td, int fd, cap_rights_t *rightsp, +int getvnode(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp); -int getvnode_path(struct thread *td, int fd, cap_rights_t *rightsp, +int getvnode_path(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp); void mountcheckdirs(struct vnode *olddp, struct vnode *newdp); -int fget_cap_locked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, - struct file **fpp, struct filecaps *havecapsp); -int fget_cap(struct thread *td, int fd, cap_rights_t *needrightsp, +int fget_cap_locked(struct filedesc *fdp, int fd, + const cap_rights_t *needrightsp, struct file **fpp, + struct filecaps *havecapsp); +int fget_cap(struct thread *td, int fd, const cap_rights_t *needrightsp, struct file **fpp, struct filecaps *havecapsp); /* Return a referenced file from an unlocked descriptor. */ -int fget_unlocked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, - struct file **fpp); +int fget_unlocked(struct filedesc *fdp, int fd, + const cap_rights_t *needrightsp, struct file **fpp); /* Return a file pointer without a ref. FILEDESC_IS_ONLY_USER must be true. */ -int fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, - struct file **fpp); +int fget_only_user(struct filedesc *fdp, int fd, + const cap_rights_t *needrightsp, struct file **fpp); #define fput_only_user(fdp, fp) ({ \ MPASS(FILEDESC_IS_ONLY_USER(fdp)); \ MPASS(refcount_load(&fp->f_count) > 0); \ diff --git a/sys/sys/namei.h b/sys/sys/namei.h index e8369867c6b8..1d0fd1c96449 100644 --- a/sys/sys/namei.h +++ b/sys/sys/namei.h @@ -72,7 +72,7 @@ struct nameidata { */ const char *ni_dirp; /* pathname pointer */ enum uio_seg ni_segflg; /* location of pathname */ - cap_rights_t *ni_rightsneeded; /* rights required to look up vnode */ + const cap_rights_t *ni_rightsneeded; /* rights needed to look up vnode */ /* * Arguments to lookup. */ @@ -249,7 +249,7 @@ int cache_fplookup(struct nameidata *ndp, enum cache_fpl_status *status, #define NDINIT_ALL(ndp, op, flags, segflg, namep, dirfd, startdir, rightsp, td) \ do { \ struct nameidata *_ndp = (ndp); \ - cap_rights_t *_rightsp = (rightsp); \ + const cap_rights_t *_rightsp = (rightsp); \ MPASS(_rightsp != NULL); \ NDINIT_PREFILL(_ndp); \ NDINIT_DBG(_ndp); \ diff --git a/sys/sys/procdesc.h b/sys/sys/procdesc.h index ca26d65d5417..4e8b06fb7377 100644 --- a/sys/sys/procdesc.h +++ b/sys/sys/procdesc.h @@ -94,8 +94,10 @@ struct procdesc { * In-kernel interfaces to process descriptors. */ int procdesc_exit(struct proc *); -int procdesc_find(struct thread *, int fd, cap_rights_t *, struct proc **); -int kern_pdgetpid(struct thread *, int fd, cap_rights_t *, pid_t *pidp); +int procdesc_find(struct thread *, int fd, const cap_rights_t *, + struct proc **); +int kern_pdgetpid(struct thread *, int fd, const cap_rights_t *, + pid_t *pidp); void procdesc_new(struct proc *, int); void procdesc_finit(struct procdesc *, struct file *); pid_t procdesc_pid(struct file *); diff --git a/sys/sys/socketvar.h b/sys/sys/socketvar.h index e7ad086818f4..d2b5ac867a46 100644 --- a/sys/sys/socketvar.h +++ b/sys/sys/socketvar.h @@ -418,7 +418,7 @@ struct uio; */ int getsockaddr(struct sockaddr **namp, const struct sockaddr *uaddr, size_t len); -int getsock_cap(struct thread *td, int fd, cap_rights_t *rightsp, +int getsock_cap(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp, u_int *fflagp, struct filecaps *havecaps); void soabort(struct socket *so); int soaccept(struct socket *so, struct sockaddr **nam);