Add the fo_chown and fo_chmod methods to struct fileops and use them

to implement fchown(2) and fchmod(2) support for several file types
that previously lacked it. Add MAC entries for chown/chmod done on
posix shared memory and (old) in-kernel posix semaphores.

Based on the submission by:	glebius
Reviewed by:	rwatson
Approved by:	re (bz)

1 files changed, 22 insertions, 0 deletions

diff --git a/sys/kern/sys_capability.c b/sys/kern/sys_capability.c
index 0eb27f3..318ffe4 100644
--- a/sys/kern/sys_capability.c
+++ b/sys/kern/sys_capability.c
@@ -161,6 +161,8 @@ static fo_poll_t capability_poll;
 static fo_kqfilter_t capability_kqfilter;
 static fo_stat_t capability_stat;
 static fo_close_t capability_close;
+static fo_chmod_t capability_chmod;
+static fo_chown_t capability_chown;
 
 static struct fileops capability_ops = {
 	.fo_read = capability_read,
@@ -171,6 +173,8 @@ static struct fileops capability_ops = {
 	.fo_kqfilter = capability_kqfilter,
 	.fo_stat = capability_stat,
 	.fo_close = capability_close,
+	.fo_chmod = capability_chmod,
+	.fo_chown = capability_chown,
 	.fo_flags = DFLAG_PASSABLE,
 };
 
@@ -183,6 +187,8 @@ static struct fileops capability_ops_unpassable = {
 	.fo_kqfilter = capability_kqfilter,
 	.fo_stat = capability_stat,
 	.fo_close = capability_close,
+	.fo_chmod = capability_chmod,
+	.fo_chown = capability_chown,
 	.fo_flags = 0,
 };
 
@@ -484,6 +490,22 @@ capability_stat(struct file *fp, struct stat *sb, struct ucred *active_cred,
 	panic("capability_stat");
 }
 
+int
+capability_chmod(struct file *fp, mode_t mode, struct ucred *active_cred,
+    struct thread *td)
+{
+
+	panic("capability_chmod");
+}
+
+int
+capability_chown(struct file *fp, uid_t uid, gid_t gid,
+    struct ucred *active_cred, struct thread *td)
+{
+
+	panic("capability_chown");
+}
+
 #else /* !CAPABILITIES */
 
 /*