7 files changed, 151 insertions, 67 deletions

diff --git a/share/man/man4/rights.4 b/share/man/man4/rights.4
index 0e85ac0..a6b1b79 100644
--- a/share/man/man4/rights.4
+++ b/share/man/man4/rights.4
@@ -306,7 +306,7 @@ An alias to
 .Dv CAP_KQUEUE_CHANGE
 and
 .Dv CAP_KQUEUE_EVENT .
-.It Dv CAP_KEVENT_CHANGE
+.It Dv CAP_KQUEUE_CHANGE
 Permit
 .Xr kevent 2
 on a
@@ -314,7 +314,7 @@ on a
 descriptor that modifies list of monitored events (the
 .Fa changelist
 argument is non-NULL).
-.It Dv CAP_KEVENT_EVENT
+.It Dv CAP_KQUEUE_EVENT
 Permit
 .Xr kevent 2
 on a
diff --git a/sys/kern/kern_event.c b/sys/kern/kern_event.c
index 4c068bf..d23452a 100644
--- a/sys/kern/kern_event.c
+++ b/sys/kern/kern_event.c
@@ -835,10 +835,17 @@ kern_kevent(struct thread *td, int fd, int nchanges, int nevents,
 	cap_rights_t rights;
 	int i, n, nerrors, error;
 
-	error = fget(td, fd, cap_rights_init(&rights, CAP_POST_EVENT), &fp);
+	cap_rights_init(&rights);
+	if (nchanges > 0)
+		cap_rights_set(&rights, CAP_KQUEUE_CHANGE);
+	if (nevents > 0)
+		cap_rights_set(&rights, CAP_KQUEUE_EVENT);
+	error = fget(td, fd, &rights, &fp);
 	if (error != 0)
 		return (error);
-	if ((error = kqueue_acquire(fp, &kq)) != 0)
+
+	error = kqueue_acquire(fp, &kq);
+	if (error != 0)
 		goto done_norel;
 
 	nerrors = 0;
@@ -995,7 +1002,7 @@ findkn:
 	if (fops->f_isfd) {
 		KASSERT(td != NULL, ("td is NULL"));
 		error = fget(td, kev->ident,
-		    cap_rights_init(&rights, CAP_POLL_EVENT), &fp);
+		    cap_rights_init(&rights, CAP_EVENT), &fp);
 		if (error)
 			goto done;
 
@@ -2279,7 +2286,7 @@ kqfd_register(int fd, struct kevent *kev, struct thread *td, int waitok)
 	cap_rights_t rights;
 	int error;
 
-	error = fget(td, fd, cap_rights_init(&rights, CAP_POST_EVENT), &fp);
+	error = fget(td, fd, cap_rights_init(&rights, CAP_KQUEUE_CHANGE), &fp);
 	if (error != 0)
 		return (error);
 	if ((error = kqueue_acquire(fp, &kq)) != 0)
diff --git a/sys/kern/subr_capability.c b/sys/kern/subr_capability.c
index 61ace5a..ce41f4a 100644
--- a/sys/kern/subr_capability.c
+++ b/sys/kern/subr_capability.c
@@ -30,6 +30,10 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
+/*
+ * Note that this file is compiled into the kernel and into libc.
+ */
+
 #ifdef _KERNEL
 #include <sys/types.h>
 #include <sys/capability.h>
@@ -164,7 +168,7 @@ __cap_rights_init(int version, cap_rights_t *rights, ...)
 	return (rights);
 }
 
-void
+cap_rights_t *
 __cap_rights_set(cap_rights_t *rights, ...)
 {
 	va_list ap;
@@ -174,9 +178,11 @@ __cap_rights_set(cap_rights_t *rights, ...)
 	va_start(ap, rights);
 	cap_rights_vset(rights, ap);
 	va_end(ap);
+
+	return (rights);
 }
 
-void
+cap_rights_t *
 __cap_rights_clear(cap_rights_t *rights, ...)
 {
 	va_list ap;
@@ -186,6 +192,8 @@ __cap_rights_clear(cap_rights_t *rights, ...)
 	va_start(ap, rights);
 	cap_rights_vclear(rights, ap);
 	va_end(ap);
+
+	return (rights);
 }
 
 bool
@@ -231,7 +239,7 @@ cap_rights_is_valid(const cap_rights_t *rights)
 	return (true);
 }
 
-void
+cap_rights_t *
 cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src)
 {
 	unsigned int i, n;
@@ -250,9 +258,11 @@ cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src)
 
 	assert(cap_rights_is_valid(src));
 	assert(cap_rights_is_valid(dst));
+
+	return (dst);
 }
 
-void
+cap_rights_t *
 cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src)
 {
 	unsigned int i, n;
@@ -273,6 +283,8 @@ cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src)
 
 	assert(cap_rights_is_valid(src));
 	assert(cap_rights_is_valid(dst));
+
+	return (dst);
 }
 
 bool
diff --git a/sys/kern/sys_generic.c b/sys/kern/sys_generic.c
index 13ccb58..a2d46ab 100644
--- a/sys/kern/sys_generic.c
+++ b/sys/kern/sys_generic.c
@@ -1195,8 +1195,9 @@ getselfd_cap(struct filedesc *fdp, int fd, struct file **fpp)
 {
 	cap_rights_t rights;
 
-	return (fget_unlocked(fdp, fd, cap_rights_init(&rights, CAP_POLL_EVENT),
-	    0, fpp, NULL));
+	cap_rights_init(&rights, CAP_EVENT);
+
+	return (fget_unlocked(fdp, fd, &rights, 0, fpp, NULL));
 }
 
 /*
@@ -1392,7 +1393,7 @@ pollrescan(struct thread *td)
 #ifdef CAPABILITIES
 		if (fp == NULL ||
 		    cap_check(cap_rights(fdp, fd->fd),
-		    cap_rights_init(&rights, CAP_POLL_EVENT)) != 0)
+		    cap_rights_init(&rights, CAP_EVENT)) != 0)
 #else
 		if (fp == NULL)
 #endif
@@ -1467,7 +1468,7 @@ pollscan(td, fds, nfd)
 #ifdef CAPABILITIES
 			if (fp == NULL ||
 			    cap_check(cap_rights(fdp, fds->fd),
-			    cap_rights_init(&rights, CAP_POLL_EVENT)) != 0)
+			    cap_rights_init(&rights, CAP_EVENT)) != 0)
 #else
 			if (fp == NULL)
 #endif
diff --git a/sys/kern/uipc_mqueue.c b/sys/kern/uipc_mqueue.c
index fe7e886..20efbe0 100644
--- a/sys/kern/uipc_mqueue.c
+++ b/sys/kern/uipc_mqueue.c
@@ -2119,7 +2119,7 @@ getmq(struct thread *td, int fd, struct file **fpp, struct mqfs_node **ppn,
 {
 	cap_rights_t rights;
 
-	return _getmq(td, fd, cap_rights_init(&rights, CAP_POLL_EVENT), fget,
+	return _getmq(td, fd, cap_rights_init(&rights, CAP_EVENT), fget,
 	    fpp, ppn, pmq);
 }
 
@@ -2282,7 +2282,7 @@ again:
 	}
 #ifdef CAPABILITIES
 	error = cap_check(cap_rights(fdp, mqd),
-	    cap_rights_init(&rights, CAP_POLL_EVENT));
+	    cap_rights_init(&rights, CAP_EVENT));
 	if (error) {
 		FILEDESC_SUNLOCK(fdp);
 		goto out;
diff --git a/sys/sys/capability.h b/sys/sys/capability.h
index e5b9ec7..fcde6c1 100644
--- a/sys/sys/capability.h
+++ b/sys/sys/capability.h
@@ -79,9 +79,12 @@
 #define	CAP_SEEK_TELL		CAPRIGHT(0, 0x0000000000000004ULL)
 /* Allows for lseek(2). */
 #define	CAP_SEEK		(CAP_SEEK_TELL | 0x0000000000000008ULL)
-/* Allows for pread(2), preadv(2). */
+/* Allows for aio_read(2), pread(2), preadv(2). */
 #define	CAP_PREAD		(CAP_SEEK | CAP_READ)
-/* Allows for openat(O_WRONLY) (without O_APPEND), pwrite(2), pwritev(2). */
+/*
+ * Allows for aio_write(2), openat(O_WRONLY) (without O_APPEND), pwrite(2),
+ * pwritev(2).
+ */
 #define	CAP_PWRITE		(CAP_SEEK | CAP_WRITE)
 /* Allows for mmap(PROT_NONE). */
 #define	CAP_MMAP		CAPRIGHT(0, 0x0000000000000010ULL)
@@ -103,7 +106,7 @@
 #define	CAP_CREATE		CAPRIGHT(0, 0x0000000000000040ULL)
 /* Allows for openat(O_EXEC) and fexecve(2) in turn. */
 #define	CAP_FEXECVE		CAPRIGHT(0, 0x0000000000000080ULL)
-/* Allows for openat(O_SYNC), openat(O_FSYNC), fsync(2). */
+/* Allows for openat(O_SYNC), openat(O_FSYNC), fsync(2), aio_fsync(2). */
 #define	CAP_FSYNC		CAPRIGHT(0, 0x0000000000000100ULL)
 /* Allows for openat(O_TRUNC), ftruncate(2). */
 #define	CAP_FTRUNCATE		CAPRIGHT(0, 0x0000000000000200ULL)
@@ -112,55 +115,87 @@
 #define	CAP_LOOKUP		CAPRIGHT(0, 0x0000000000000400ULL)
 
 /* VFS methods. */
+/* Allows for fchdir(2). */
 #define	CAP_FCHDIR		CAPRIGHT(0, 0x0000000000000800ULL)
+/* Allows for fchflags(2). */
 #define	CAP_FCHFLAGS		CAPRIGHT(0, 0x0000000000001000ULL)
+/* Allows for fchflags(2) and chflagsat(2). */
 #define	CAP_CHFLAGSAT		(CAP_FCHFLAGS | CAP_LOOKUP)
+/* Allows for fchmod(2). */
 #define	CAP_FCHMOD		CAPRIGHT(0, 0x0000000000002000ULL)
+/* Allows for fchmod(2) and fchmodat(2). */
 #define	CAP_FCHMODAT		(CAP_FCHMOD | CAP_LOOKUP)
+/* Allows for fchown(2). */
 #define	CAP_FCHOWN		CAPRIGHT(0, 0x0000000000004000ULL)
+/* Allows for fchown(2) and fchownat(2). */
 #define	CAP_FCHOWNAT		(CAP_FCHOWN | CAP_LOOKUP)
+/* Allows for fcntl(2). */
 #define	CAP_FCNTL		CAPRIGHT(0, 0x0000000000008000ULL)
+/*
+ * Allows for flock(2), openat(O_SHLOCK), openat(O_EXLOCK),
+ * fcntl(F_SETLK_REMOTE), fcntl(F_SETLKW), fcntl(F_SETLK), fcntl(F_GETLK).
+ */
 #define	CAP_FLOCK		CAPRIGHT(0, 0x0000000000010000ULL)
+/* Allows for fpathconf(2). */
 #define	CAP_FPATHCONF		CAPRIGHT(0, 0x0000000000020000ULL)
+/* Allows for UFS background-fsck operations. */
 #define	CAP_FSCK		CAPRIGHT(0, 0x0000000000040000ULL)
+/* Allows for fstat(2). */
 #define	CAP_FSTAT		CAPRIGHT(0, 0x0000000000080000ULL)
+/* Allows for fstat(2), fstatat(2) and faccessat(2). */
 #define	CAP_FSTATAT		(CAP_FSTAT | CAP_LOOKUP)
+/* Allows for fstatfs(2). */
 #define	CAP_FSTATFS		CAPRIGHT(0, 0x0000000000100000ULL)
+/* Allows for futimes(2). */
 #define	CAP_FUTIMES		CAPRIGHT(0, 0x0000000000200000ULL)
+/* Allows for futimes(2) and futimesat(2). */
 #define	CAP_FUTIMESAT		(CAP_FUTIMES | CAP_LOOKUP)
-#define	CAP_LINKAT		CAPRIGHT(0, 0x0000000000400000ULL)
-#define	CAP_MKDIRAT		CAPRIGHT(0, 0x0000000000800000ULL)
-#define	CAP_MKFIFOAT		CAPRIGHT(0, 0x0000000001000000ULL)
-#define	CAP_MKNODAT		CAPRIGHT(0, 0x0000000002000000ULL)
-#define	CAP_RENAMEAT		CAPRIGHT(0, 0x0000000004000000ULL)
-#define	CAP_SYMLINKAT		CAPRIGHT(0, 0x0000000008000000ULL)
-#define	CAP_UNLINKAT		CAPRIGHT(0, 0x0000000010000000ULL)
-
-/* Extended attributes. */
-#define	CAP_EXTATTR_DELETE	CAPRIGHT(0, 0x0000000020000000ULL)
-#define	CAP_EXTATTR_GET		CAPRIGHT(0, 0x0000000040000000ULL)
-#define	CAP_EXTATTR_LIST	CAPRIGHT(0, 0x0000000080000000ULL)
-#define	CAP_EXTATTR_SET		CAPRIGHT(0, 0x0000000100000000ULL)
-
-/* Access Control Lists. */
-#define	CAP_ACL_CHECK		CAPRIGHT(0, 0x0000000200000000ULL)
-#define	CAP_ACL_DELETE		CAPRIGHT(0, 0x0000000400000000ULL)
-#define	CAP_ACL_GET		CAPRIGHT(0, 0x0000000800000000ULL)
-#define	CAP_ACL_SET		CAPRIGHT(0, 0x0000001000000000ULL)
+/* Allows for linkat(2) and renameat(2) (destination directory descriptor). */
+#define	CAP_LINKAT		(CAP_LOOKUP | 0x0000000000400000ULL)
+/* Allows for mkdirat(2). */
+#define	CAP_MKDIRAT		(CAP_LOOKUP | 0x0000000000800000ULL)
+/* Allows for mkfifoat(2). */
+#define	CAP_MKFIFOAT		(CAP_LOOKUP | 0x0000000001000000ULL)
+/* Allows for mknodat(2). */
+#define	CAP_MKNODAT		(CAP_LOOKUP | 0x0000000002000000ULL)
+/* Allows for renameat(2). */
+#define	CAP_RENAMEAT		(CAP_LOOKUP | 0x0000000004000000ULL)
+/* Allows for symlinkat(2). */
+#define	CAP_SYMLINKAT		(CAP_LOOKUP | 0x0000000008000000ULL)
+/*
+ * Allows for unlinkat(2) and renameat(2) if destination object exists and
+ * will be removed.
+ */
+#define	CAP_UNLINKAT		(CAP_LOOKUP | 0x0000000010000000ULL)
 
 /* Socket operations. */
-#define	CAP_ACCEPT		CAPRIGHT(0, 0x0000002000000000ULL)
-#define	CAP_BIND		CAPRIGHT(0, 0x0000004000000000ULL)
-#define	CAP_CONNECT		CAPRIGHT(0, 0x0000008000000000ULL)
-#define	CAP_GETPEERNAME		CAPRIGHT(0, 0x0000010000000000ULL)
-#define	CAP_GETSOCKNAME		CAPRIGHT(0, 0x0000020000000000ULL)
-#define	CAP_GETSOCKOPT		CAPRIGHT(0, 0x0000040000000000ULL)
-#define	CAP_LISTEN		CAPRIGHT(0, 0x0000080000000000ULL)
-#define	CAP_PEELOFF		CAPRIGHT(0, 0x0000100000000000ULL)
+/* Allows for accept(2) and accept4(2). */
+#define	CAP_ACCEPT		CAPRIGHT(0, 0x0000000020000000ULL)
+/* Allows for bind(2). */
+#define	CAP_BIND		CAPRIGHT(0, 0x0000000040000000ULL)
+/* Allows for connect(2). */
+#define	CAP_CONNECT		CAPRIGHT(0, 0x0000000080000000ULL)
+/* Allows for getpeername(2). */
+#define	CAP_GETPEERNAME		CAPRIGHT(0, 0x0000000100000000ULL)
+/* Allows for getsockname(2). */
+#define	CAP_GETSOCKNAME		CAPRIGHT(0, 0x0000000200000000ULL)
+/* Allows for getsockopt(2). */
+#define	CAP_GETSOCKOPT		CAPRIGHT(0, 0x0000000400000000ULL)
+/* Allows for listen(2). */
+#define	CAP_LISTEN		CAPRIGHT(0, 0x0000000800000000ULL)
+/* Allows for sctp_peeloff(2). */
+#define	CAP_PEELOFF		CAPRIGHT(0, 0x0000001000000000ULL)
 #define	CAP_RECV		CAP_READ
 #define	CAP_SEND		CAP_WRITE
-#define	CAP_SETSOCKOPT		CAPRIGHT(0, 0x0000200000000000ULL)
-#define	CAP_SHUTDOWN		CAPRIGHT(0, 0x0000400000000000ULL)
+/* Allows for setsockopt(2). */
+#define	CAP_SETSOCKOPT		CAPRIGHT(0, 0x0000002000000000ULL)
+/* Allows for shutdown(2). */
+#define	CAP_SHUTDOWN		CAPRIGHT(0, 0x0000004000000000ULL)
+
+/* Allows for bindat(2) on a directory descriptor. */
+#define	CAP_BINDAT		(CAP_LOOKUP | 0x0000008000000000ULL)
+/* Allows for connectat(2) on a directory descriptor. */
+#define	CAP_CONNECTAT		(CAP_LOOKUP | 0x0000010000000000ULL)
 
 #define	CAP_SOCK_CLIENT \
 	(CAP_CONNECT | CAP_GETPEERNAME | CAP_GETSOCKNAME | CAP_GETSOCKOPT | \
@@ -171,17 +206,19 @@
 	 CAP_SETSOCKOPT | CAP_SHUTDOWN)
 
 /* All used bits for index 0. */
-#define	CAP_ALL0		CAPRIGHT(0, 0x00007FFFFFFFFFFFULL)
+#define	CAP_ALL0		CAPRIGHT(0, 0x0000007FFFFFFFFFULL)
 
 /* Available bits for index 0. */
-#define	CAP_UNUSED0_48		CAPRIGHT(0, 0x0000800000000000ULL)
+#define	CAP_UNUSED0_40		CAPRIGHT(0, 0x0000008000000000ULL)
 /* ... */
 #define	CAP_UNUSED0_57		CAPRIGHT(0, 0x0100000000000000ULL)
 
 /* INDEX 1 */
 
 /* Mandatory Access Control. */
+/* Allows for mac_get_fd(3). */
 #define	CAP_MAC_GET		CAPRIGHT(1, 0x0000000000000001ULL)
+/* Allows for mac_set_fd(3). */
 #define	CAP_MAC_SET		CAPRIGHT(1, 0x0000000000000002ULL)
 
 /* Methods on semaphores. */
@@ -189,34 +226,60 @@
 #define	CAP_SEM_POST		CAPRIGHT(1, 0x0000000000000008ULL)
 #define	CAP_SEM_WAIT		CAPRIGHT(1, 0x0000000000000010ULL)
 
-/* kqueue events. */
-#define	CAP_POLL_EVENT		CAPRIGHT(1, 0x0000000000000020ULL)
-#define	CAP_POST_EVENT		CAPRIGHT(1, 0x0000000000000040ULL)
+/* Allows select(2) and poll(2) on descriptor. */
+#define	CAP_EVENT		CAPRIGHT(1, 0x0000000000000020ULL)
+/* Allows for kevent(2) on kqueue descriptor with eventlist != NULL. */
+#define	CAP_KQUEUE_EVENT	CAPRIGHT(1, 0x0000000000000040ULL)
 
 /* Strange and powerful rights that should not be given lightly. */
+/* Allows for ioctl(2). */
 #define	CAP_IOCTL		CAPRIGHT(1, 0x0000000000000080ULL)
 #define	CAP_TTYHOOK		CAPRIGHT(1, 0x0000000000000100ULL)
 
 /* Process management via process descriptors. */
+/* Allows for pdgetpid(2). */
 #define	CAP_PDGETPID		CAPRIGHT(1, 0x0000000000000200ULL)
+/* Allows for pdwait4(2). */
 #define	CAP_PDWAIT		CAPRIGHT(1, 0x0000000000000400ULL)
+/* Allows for pdkill(2). */
 #define	CAP_PDKILL		CAPRIGHT(1, 0x0000000000000800ULL)
 
-/*
- * Rights that allow to use bindat(2) and connectat(2) syscalls on a
- * directory descriptor.
- */
-#define	CAP_BINDAT		CAPRIGHT(1, 0x0000000000001000ULL)
-#define	CAP_CONNECTAT		CAPRIGHT(1, 0x0000000000002000ULL)
+/* Extended attributes. */
+/* Allows for extattr_delete_fd(2). */
+#define	CAP_EXTATTR_DELETE	CAPRIGHT(1, 0x0000000000001000ULL)
+/* Allows for extattr_get_fd(2). */
+#define	CAP_EXTATTR_GET		CAPRIGHT(1, 0x0000000000002000ULL)
+/* Allows for extattr_list_fd(2). */
+#define	CAP_EXTATTR_LIST	CAPRIGHT(1, 0x0000000000004000ULL)
+/* Allows for extattr_set_fd(2). */
+#define	CAP_EXTATTR_SET		CAPRIGHT(1, 0x0000000000008000ULL)
+
+/* Access Control Lists. */
+/* Allows for acl_valid_fd_np(3). */
+#define	CAP_ACL_CHECK		CAPRIGHT(1, 0x0000000000010000ULL)
+/* Allows for acl_delete_fd_np(3). */
+#define	CAP_ACL_DELETE		CAPRIGHT(1, 0x0000000000020000ULL)
+/* Allows for acl_get_fd(3) and acl_get_fd_np(3). */
+#define	CAP_ACL_GET		CAPRIGHT(1, 0x0000000000040000ULL)
+/* Allows for acl_set_fd(3) and acl_set_fd_np(3). */
+#define	CAP_ACL_SET		CAPRIGHT(1, 0x0000000000080000ULL)
+
+/* Allows for kevent(2) on kqueue descriptor with changelist != NULL. */
+#define	CAP_KQUEUE_CHANGE	CAPRIGHT(1, 0x0000000000100000ULL)
+
+#define	CAP_KQUEUE		(CAP_KQUEUE_EVENT | CAP_KQUEUE_CHANGE)
 
 /* All used bits for index 1. */
-#define	CAP_ALL1		CAPRIGHT(1, 0x0000000000003FFFULL)
+#define	CAP_ALL1		CAPRIGHT(1, 0x00000000001FFFFFULL)
 
 /* Available bits for index 1. */
-#define	CAP_UNUSED1_15		CAPRIGHT(1, 0x0000000000004000ULL)
+#define	CAP_UNUSED1_22		CAPRIGHT(1, 0x0000000000200000ULL)
 /* ... */
 #define	CAP_UNUSED1_57		CAPRIGHT(1, 0x0100000000000000ULL)
 
+/* Backward compatibility. */
+#define	CAP_POLL_EVENT		CAP_EVENT
+
 #define	CAP_ALL(rights)		do {					\
 	(rights)->cr_rights[0] =					\
 	    ((uint64_t)CAP_RIGHTS_VERSION << 62) | CAP_ALL0;		\
@@ -258,19 +321,19 @@ cap_rights_t *__cap_rights_init(int version, cap_rights_t *rights, ...);
 
 #define	cap_rights_set(rights, ...)					\
 	__cap_rights_set((rights), __VA_ARGS__, 0ULL)
-void __cap_rights_set(cap_rights_t *rights, ...);
+cap_rights_t *__cap_rights_set(cap_rights_t *rights, ...);
 
 #define	cap_rights_clear(rights, ...)					\
 	__cap_rights_clear((rights), __VA_ARGS__, 0ULL)
-void __cap_rights_clear(cap_rights_t *rights, ...);
+cap_rights_t *__cap_rights_clear(cap_rights_t *rights, ...);
 
 #define	cap_rights_is_set(rights, ...)					\
 	__cap_rights_is_set((rights), __VA_ARGS__, 0ULL)
 bool __cap_rights_is_set(const cap_rights_t *rights, ...);
 
 bool cap_rights_is_valid(const cap_rights_t *rights);
-void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src);
-void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);
+cap_rights_t *cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src);
+cap_rights_t *cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);
 bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little);
 
 #ifdef _KERNEL
diff --git a/usr.bin/procstat/procstat_files.c b/usr.bin/procstat/procstat_files.c
index d65c1ae..484dc2d 100644
--- a/usr.bin/procstat/procstat_files.c
+++ b/usr.bin/procstat/procstat_files.c
@@ -203,8 +203,9 @@ static struct cap_desc {
 	{ CAP_SEM_WAIT,		"sw" },
 
 	/* Event monitoring and posting. */
-	{ CAP_POLL_EVENT,	"po" },
-	{ CAP_POST_EVENT,	"ev" },
+	{ CAP_EVENT,		"ev" },
+	{ CAP_KQUEUE_EVENT,	"ke" },
+	{ CAP_KQUEUE_CHANGE,	"kc" },
 
 	/* Strange and powerful rights that should not be given lightly. */
 	{ CAP_IOCTL,		"io" },