diff options
author | rwatson <rwatson@FreeBSD.org> | 2011-03-01 13:23:37 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2011-03-01 13:23:37 +0000 |
commit | 6894aabcb5bf68abef0875992b3fef1fde3f7c0a (patch) | |
tree | d773ba10cfdbd686d9589ba5d6bfce8bdd97f0d1 /sys/compat/freebsd32/syscalls.master | |
parent | 0fbd4a42792bb396f7a17bd8ed9eea61339f2d5b (diff) | |
download | FreeBSD-src-6894aabcb5bf68abef0875992b3fef1fde3f7c0a.zip FreeBSD-src-6894aabcb5bf68abef0875992b3fef1fde3f7c0a.tar.gz |
Add initial support for Capsicum's Capability Mode to the FreeBSD kernel,
compiled conditionally on options CAPABILITIES:
Add a new credential flag, CRED_FLAG_CAPMODE, which indicates that a
subject (typically a process) is in capability mode.
Add two new system calls, cap_enter(2) and cap_getmode(2), which allow
setting and querying (but never clearing) the flag.
Export the capability mode flag via process information sysctls.
Sponsored by: Google, Inc.
Reviewed by: anderson
Discussed with: benl, kris, pjd
Obtained from: Capsicum Project
MFC after: 3 months
Diffstat (limited to 'sys/compat/freebsd32/syscalls.master')
-rw-r--r-- | sys/compat/freebsd32/syscalls.master | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/compat/freebsd32/syscalls.master b/sys/compat/freebsd32/syscalls.master index 4f1fc28..4aa8d3e 100644 --- a/sys/compat/freebsd32/syscalls.master +++ b/sys/compat/freebsd32/syscalls.master @@ -952,8 +952,8 @@ 513 AUE_LPATHCONF NOPROTO { int lpathconf(char *path, int name); } 514 AUE_CAP_NEW UNIMPL cap_new 515 AUE_CAP_GETRIGHTS UNIMPL cap_getrights -516 AUE_CAP_ENTER UNIMPL cap_enter -517 AUE_CAP_GETMODE UNIMPL cap_getmode +516 AUE_CAP_ENTER NOPROTO { int cap_enter(void); } +517 AUE_CAP_GETMODE NOPROTO { int cap_getmode(u_int *modep); } 518 AUE_PDFORK UNIMPL pdfork 519 AUE_PDKILL UNIMPL pdkill 520 AUE_PDGETPID UNIMPL pdgetpid |