diff options
| author | ed <ed@FreeBSD.org> | 2015-08-05 07:36:50 +0000 |
|---|---|---|
| committer | ed <ed@FreeBSD.org> | 2015-08-05 07:36:50 +0000 |
| commit | 0698a33dea5f8920617f2212697ee6438c80bf6d (patch) | |
| tree | 729e8c89cdd874fac92ca1e77441c395a63e5ba8 | |
| parent | 4a54322f0b8dcd72b1946004f9b964ef0093af1a (diff) | |
| download | FreeBSD-src-0698a33dea5f8920617f2212697ee6438c80bf6d.zip FreeBSD-src-0698a33dea5f8920617f2212697ee6438c80bf6d.tar.gz | |
Allow the creation of kqueues with a restricted set of Capsicum rights.
On CloudABI we want to create file descriptors with just the minimal set
of Capsicum rights in place. The reason for this is that it makes it
easier to obtain uniform behaviour across different operating systems.
By explicitly whitelisting the operations, we can return consistent
error codes, but also prevent applications from depending OS-specific
behaviour.
Extend kern_kqueue() to take an additional struct filecaps that is
passed on to falloc_caps(). Update the existing consumers to pass in
NULL.
Differential Revision: https://reviews.freebsd.org/D3259
| -rw-r--r-- | sys/compat/linux/linux_event.c | 2 | ||||
| -rw-r--r-- | sys/kern/kern_event.c | 6 | ||||
| -rw-r--r-- | sys/sys/syscallsubr.h | 2 |
3 files changed, 5 insertions, 5 deletions
diff --git a/sys/compat/linux/linux_event.c b/sys/compat/linux/linux_event.c index fcb5753..b1ceadf 100644 --- a/sys/compat/linux/linux_event.c +++ b/sys/compat/linux/linux_event.c @@ -205,7 +205,7 @@ epoll_create_common(struct thread *td, int flags) { int error; - error = kern_kqueue(td, flags); + error = kern_kqueue(td, flags, NULL); if (error) return (error); diff --git a/sys/kern/kern_event.c b/sys/kern/kern_event.c index f8c6cf09..06cb763 100644 --- a/sys/kern/kern_event.c +++ b/sys/kern/kern_event.c @@ -738,11 +738,11 @@ int sys_kqueue(struct thread *td, struct kqueue_args *uap) { - return (kern_kqueue(td, 0)); + return (kern_kqueue(td, 0, NULL)); } int -kern_kqueue(struct thread *td, int flags) +kern_kqueue(struct thread *td, int flags, struct filecaps *fcaps) { struct filedesc *fdp; struct kqueue *kq; @@ -760,7 +760,7 @@ kern_kqueue(struct thread *td, int flags) } fdp = p->p_fd; - error = falloc(td, &fp, &fd, flags); + error = falloc_caps(td, &fp, &fd, flags, fcaps); if (error) goto done2; diff --git a/sys/sys/syscallsubr.h b/sys/sys/syscallsubr.h index 579ac83..ce68ba8 100644 --- a/sys/sys/syscallsubr.h +++ b/sys/sys/syscallsubr.h @@ -126,7 +126,7 @@ int kern_kevent(struct thread *td, int fd, int nchanges, int nevents, int kern_kevent_fp(struct thread *td, struct file *fp, int nchanges, int nevents, struct kevent_copyops *k_ops, const struct timespec *timeout); -int kern_kqueue(struct thread *td, int flags); +int kern_kqueue(struct thread *td, int flags, struct filecaps *fcaps); int kern_kldload(struct thread *td, const char *file, int *fileid); int kern_kldstat(struct thread *td, int fileid, struct kld_file_stat *stat); int kern_kldunload(struct thread *td, int fileid, int flags); |
