svn commit: r224225 - in head/sys: kern sys
Jonathan Anderson
jonathan at FreeBSD.org
Wed Jul 20 09:53:35 UTC 2011
Author: jonathan
Date: Wed Jul 20 09:53:35 2011
New Revision: 224225
URL: http://svn.freebsd.org/changeset/base/224225
Log:
Export capability information via sysctls.
When reporting on a capability, flag the fact that it is a capability,
but also unwrap to report all of the usual information about the
underlying file.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
Modified:
head/sys/kern/kern_descrip.c
head/sys/sys/user.h
Modified: head/sys/kern/kern_descrip.c
==============================================================================
--- head/sys/kern/kern_descrip.c Wed Jul 20 05:59:28 2011 (r224224)
+++ head/sys/kern/kern_descrip.c Wed Jul 20 09:53:35 2011 (r224225)
@@ -2946,6 +2946,22 @@ sysctl_kern_proc_ofiledesc(SYSCTL_HANDLE
so = NULL;
tp = NULL;
kif->kf_fd = i;
+
+#ifdef CAPABILITIES
+ /*
+ * When reporting a capability, most fields will be from the
+ * underlying object, but do mark as a capability. With
+ * ofiledesc, we don't have a field to export the cap_rights_t,
+ * but we do with the new filedesc.
+ */
+ if (fp->f_type == DTYPE_CAPABILITY) {
+ kif->kf_flags |= KF_FLAG_CAPABILITY;
+ (void)cap_funwrap(fp, 0, &fp);
+ }
+#else
+ KASSERT(fp->f_type != DTYPE_CAPABILITY,
+ ("sysctl_kern_proc_ofiledesc: saw capability"));
+#endif
switch (fp->f_type) {
case DTYPE_VNODE:
kif->kf_type = KF_TYPE_VNODE;
@@ -3262,6 +3278,22 @@ sysctl_kern_proc_filedesc(SYSCTL_HANDLER
if ((fp = fdp->fd_ofiles[i]) == NULL)
continue;
data = NULL;
+
+#ifdef CAPABILITIES
+ /*
+ * When reporting a capability, most fields will be from the
+ * underlying object, but do mark as a capability and export
+ * the capability rights mask.
+ */
+ if (fp->f_type == DTYPE_CAPABILITY) {
+ kif->kf_flags |= KF_FLAG_CAPABILITY;
+ kif->kf_cap_rights = cap_rights(fp);
+ (void)cap_funwrap(fp, 0, &fp);
+ }
+#else /* !CAPABILITIES */
+ KASSERT(fp->f_type != DTYPE_CAPABILITY,
+ ("sysctl_kern_proc_filedesc: saw capability"));
+#endif
switch (fp->f_type) {
case DTYPE_VNODE:
type = KF_TYPE_VNODE;
Modified: head/sys/sys/user.h
==============================================================================
--- head/sys/sys/user.h Wed Jul 20 05:59:28 2011 (r224224)
+++ head/sys/sys/user.h Wed Jul 20 09:53:35 2011 (r224225)
@@ -251,6 +251,7 @@ struct user {
#define KF_TYPE_SHM 8
#define KF_TYPE_SEM 9
#define KF_TYPE_PTS 10
+/* no KF_TYPE_CAPABILITY (11), since capabilities wrap other file objects */
#define KF_TYPE_UNKNOWN 255
#define KF_VTYPE_VNON 0
@@ -286,6 +287,7 @@ struct user {
#define KF_FLAG_TRUNC 0x00001000
#define KF_FLAG_EXCL 0x00002000
#define KF_FLAG_EXEC 0x00004000
+#define KF_FLAG_CAPABILITY 0x00008000
/*
* Old format. Has variable hidden padding due to alignment.
@@ -378,7 +380,9 @@ struct kinfo_file {
} kf_un;
uint16_t kf_status; /* Status flags. */
uint16_t kf_pad1; /* Round to 32 bit alignment. */
- int _kf_ispare[7]; /* Space for more stuff. */
+ int _kf_ispare0; /* Space for more stuff. */
+ cap_rights_t kf_cap_rights; /* Capability rights. */
+ int _kf_ispare[4]; /* Space for more stuff. */
/* Truncated before copyout in sysctl */
char kf_path[PATH_MAX]; /* Path to file, if any. */
};
More information about the svn-src-all
mailing list