PERFORCE change 148371 for review

Robert Watson rwatson at FreeBSD.org
Mon Aug 25 10:47:36 UTC 2008 

http://perforce.freebsd.org/chv.cgi?CH=148371

Change 148371 by rwatson at rwatson_freebsd_capabilities on 2008/08/25 10:46:43

	Add a new right, CAP_KEVENT, which controls use of a kqueue, to be
	disinguished from CAP_EVENT, which control use of a kqueue/select/	
	poll to monitor another descriptor.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_event.c#5 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#17 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_event.c#5 (text+ko) ====

@@ -702,7 +702,7 @@
 	struct file *fp;
 	int i, n, nerrors, error;
 
-	if ((error = fget(td, fd, CAP_EVENT, &fp)) != 0)
+	if ((error = fget(td, fd, CAP_KEVENT, &fp)) != 0)
 		return (error);
 	if ((error = kqueue_acquire(fp, &kq)) != 0)
 		goto done_norel;
@@ -2016,7 +2016,7 @@
 	struct file *fp;
 	int error;
 
-	if ((error = fget(td, fd, CAP_EVENT, &fp)) != 0)
+	if ((error = fget(td, fd, CAP_KEVENT, &fp)) != 0)
 		return (error);
 	if ((error = kqueue_acquire(fp, &kq)) != 0)
 		goto noacquire;

==== //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#17 (text+ko) ====

@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#16 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/sys/sys/capability.h#17 $
  */
 
 /*
@@ -87,7 +87,8 @@
 #define	CAP_SEM_POST		0x0000010000000000ULL	/* ksem_post */
 #define	CAP_SEM_WAIT		0x0000020000000000ULL	/* ksem_wait */
 #define	CAP_SEM_GETVALUE	0x0000040000000000ULL	/* ksem_getvalue */
-#define	CAP_MASK_VALID		0x000007ffffffffffULL
+#define	CAP_KEVENT		0x0000080000000000ULL	/* kevent(2) */
+#define	CAP_MASK_VALID		0x00000fffffffffffULL
 
 /*
  * Notes:
@@ -100,7 +101,8 @@
  *
  * pread and pwrite will not use CAP_SEEK.
  *
- * CAP_EVENT covers select, poll, and kqueue registration for a capability.
+ * CAP_EVENT covers select, poll, and kqueue registration for a capability;
+ * CAP_KEVENT controls the use of a kqueue(2) description.
  *
  * sendfile is authorized using CAP_READ on the file and CAP_WRITE on the
  * socket.

More information about the p4-projects mailing list