Add some checks to ensure that Capsicum is behaving correctly, and add some

more explicit comments about what's going on and what future maintainers
need to do when e.g. adding a new operation to a sys_machdep.c.

Approved by: mentor(rwatson), re(bz)

1 files changed, 21 insertions, 0 deletions

diff --git a/sys/sparc64/sparc64/sys_machdep.c b/sys/sparc64/sparc64/sys_machdep.c
index 9ac5fbc..530ff95 100644
--- a/sys/sparc64/sparc64/sys_machdep.c
+++ b/sys/sparc64/sparc64/sys_machdep.c
@@ -26,8 +26,11 @@
  * $FreeBSD$
  */
 
+#include "opt_capsicum.h"
+
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/capability.h>
 #include <sys/lock.h>
 #include <sys/malloc.h>
 #include <sys/mutex.h>
@@ -53,6 +56,24 @@ sysarch(struct thread *td, struct sysarch_args *uap)
 {
 	int error;
 
+#ifdef CAPABILITY_MODE
+	/*
+	 * When adding new operations, add a new case statement here to
+	 * explicitly indicate whether or not the operation is safe to
+	 * perform in capability mode.
+	 */
+	if (IN_CAPABILITY_MODE(td)) {
+		switch (uap->op) {
+		case SPARC_SIGTRAMP_INSTALL:
+		case SPARC_UTRAP_INSTALL:
+			break;
+
+		default:
+			return (ECAPMODE);
+		}
+	}
+#endif
+
 	mtx_lock(&Giant);
 	switch (uap->op) {
 	case SPARC_SIGTRAMP_INSTALL: