diff options
author | Jonathan Anderson <jonathan@FreeBSD.org> | 2011-07-15 18:26:19 +0000 |
---|---|---|
committer | Jonathan Anderson <jonathan@FreeBSD.org> | 2011-07-15 18:26:19 +0000 |
commit | cfb9df5541fe2f0aa8388c7f57109685a0530295 (patch) | |
tree | 240261c2ac1f0d6c197b3869fcd42bcffeab635f /sys/kern/sys_capability.c | |
parent | ba4579a7b91afe4c68bf72bff08586d207dd92f2 (diff) | |
download | src-cfb9df5541fe2f0aa8388c7f57109685a0530295.tar.gz src-cfb9df5541fe2f0aa8388c7f57109685a0530295.zip |
Add cap_new() and cap_getrights() system calls.
Implement two previously-reserved Capsicum system calls:
- cap_new() creates a capability to wrap an existing file descriptor
- cap_getrights() queries the rights mask of a capability.
Approved by: mentor (rwatson), re (Capsicum blanket)
Sponsored by: Google Inc
Notes
Notes:
svn path=/head/; revision=224066
Diffstat (limited to 'sys/kern/sys_capability.c')
-rw-r--r-- | sys/kern/sys_capability.c | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/sys/kern/sys_capability.c b/sys/kern/sys_capability.c index 9cbe4627dea1..04f98d8290c7 100644 --- a/sys/kern/sys_capability.c +++ b/sys/kern/sys_capability.c @@ -212,6 +212,59 @@ cap_rights(struct file *fp_cap) } /* + * System call to create a new capability reference to either an existing + * file object or an an existing capability. + */ +int +cap_new(struct thread *td, struct cap_new_args *uap) +{ + int error, capfd; + int fd = uap->fd; + struct file *fp, *fcapp; + cap_rights_t rights = uap->rights; + + AUDIT_ARG_FD(fd); +#ifdef notyet /* capability auditing will follow in a few commits */ + AUDIT_ARG_RIGHTS(rights); +#endif + error = fget(td, fd, &fp); + if (error) + return (error); + AUDIT_ARG_FILE(td->td_proc, fp); + error = kern_capwrap(td, fp, rights, &fcapp, &capfd); + if (error) + return (error); + + /* + * Release our reference to the file (kern_capwrap has held a reference + * for the filedesc array). + */ + fdrop(fp, td); + td->td_retval[0] = capfd; + return (0); +} + +/* + * System call to query the rights mask associated with a capability. + */ +int +cap_getrights(struct thread *td, struct cap_getrights_args *uap) +{ + struct capability *cp; + struct file *fp; + int error; + + AUDIT_ARG_FD(uap->fd); + error = fgetcap(td, uap->fd, &fp); + if (error) + return (error); + cp = fp->f_data; + error = copyout(&cp->cap_rights, uap->rightsp, sizeof(*uap->rightsp)); + fdrop(fp, td); + return (error); +} + +/* * Create a capability to wrap around an existing file. */ int @@ -423,6 +476,20 @@ capability_stat(struct file *fp, struct stat *sb, struct ucred *active_cred, * into the kernel. */ int +cap_new(struct thread *td, struct cap_new_args *uap) +{ + + return (ENOSYS); +} + +int +cap_getrights(struct thread *td, struct cap_getrights_args *uap) +{ + + return (ENOSYS); +} + +int cap_funwrap(struct file *fp_cap, cap_rights_t rights, struct file **fpp) { |