2 files changed, 52 insertions, 43 deletions

diff --git a/usr.bin/kdump/kdump.c b/usr.bin/kdump/kdump.c
index 06be0c0..0de183c 100644
--- a/usr.bin/kdump/kdump.c
+++ b/usr.bin/kdump/kdump.c
@@ -103,6 +103,7 @@ void ktrcsw_old(struct ktr_csw_old *);
 void ktruser_malloc(unsigned char *);
 void ktruser_rtld(int, unsigned char *);
 void ktruser(int, unsigned char *);
+void ktrcaprights(cap_rights_t *);
 void ktrsockaddr(struct sockaddr *);
 void ktrstat(struct stat *);
 void ktrstruct(char *, size_t);
@@ -379,21 +380,21 @@ limitfd(int fd)
 	cap_rights_t rights;
 	unsigned long cmd;
 
-	rights = CAP_FSTAT;
+	cap_rights_init(&rights, CAP_FSTAT);
 	cmd = -1;
 
 	switch (fd) {
 	case STDIN_FILENO:
-		rights |= CAP_READ;
+		cap_rights_set(&rights, CAP_READ);
 		break;
 	case STDOUT_FILENO:
-		rights |= CAP_IOCTL | CAP_WRITE;
+		cap_rights_set(&rights, CAP_IOCTL, CAP_WRITE);
 		cmd = TIOCGETA;	/* required by isatty(3) in printf(3) */
 		break;
 	case STDERR_FILENO:
-		rights |= CAP_WRITE;
+		cap_rights_set(&rights, CAP_WRITE);
 		if (!suppressdata) {
-			rights |= CAP_IOCTL;
+			cap_rights_set(&rights, CAP_IOCTL);
 			cmd = TIOCGWINSZ;
 		}
 		break;
@@ -401,7 +402,7 @@ limitfd(int fd)
 		abort();
 	}
 
-	if (cap_rights_limit(fd, rights) < 0 && errno != ENOSYS)
+	if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS)
 		err(1, "unable to limit rights for descriptor %d", fd);
 	if (cmd != -1 && cap_ioctls_limit(fd, &cmd, 1) < 0 && errno != ENOSYS)
 		err(1, "unable to limit ioctls for descriptor %d", fd);
@@ -1120,35 +1121,6 @@ ktrsyscall(struct ktr_syscall *ktr, u_int flags)
 				ip++;
 				narg--;
 				break;
-			case SYS_cap_new:
-			case SYS_cap_rights_limit:
-				print_number(ip, narg, c);
-				putchar(',');
-				arg = *ip;
-				ip++;
-				narg--;
-				/*
-				 * Hack: the second argument is a
-				 * cap_rights_t, which 64 bits wide, so on
-				 * 32-bit systems, it is split between two
-				 * registers.
-				 *
-				 * Since sizeof() is not evaluated by the
-				 * preprocessor, we can't use an #ifdef,
-				 * but the compiler will probably optimize
-				 * the code out anyway.
-				 */
-				if (sizeof(cap_rights_t) > sizeof(register_t)) {
-#if _BYTE_ORDER == _LITTLE_ENDIAN
-					arg = ((intmax_t)*ip << 32) + arg;
-#else
-					arg = (arg << 32) + *ip;
-#endif
-					ip++;
-					narg--;
-				}
-				capname(arg);
-				break;
 			case SYS_cap_fcntls_limit:
 				print_number(ip, narg, c);
 				putchar(',');
@@ -1536,6 +1508,15 @@ ktruser(int len, unsigned char *p)
 }
 
 void
+ktrcaprights(cap_rights_t *rightsp)
+{
+
+	printf("cap_rights_t ");
+	capname(rightsp);
+	printf("\n");
+}
+
+void
 ktrsockaddr(struct sockaddr *sa)
 {
 /*
@@ -1712,6 +1693,7 @@ ktrstruct(char *buf, size_t buflen)
 	char *name, *data;
 	size_t namelen, datalen;
 	int i;
+	cap_rights_t rights;
 	struct stat sb;
 	struct sockaddr_storage ss;
 
@@ -1731,7 +1713,12 @@ ktrstruct(char *buf, size_t buflen)
 	for (i = 0; i < (int)namelen; ++i)
 		if (!isalpha(name[i]))
 			goto invalid;
-	if (strcmp(name, "stat") == 0) {
+	if (strcmp(name, "caprights") == 0) {
+		if (datalen != sizeof(cap_rights_t))
+			goto invalid;
+		memcpy(&rights, data, datalen);
+		ktrcaprights(&rights);
+	} else if (strcmp(name, "stat") == 0) {
 		if (datalen != sizeof(struct stat))
 			goto invalid;
 		memcpy(&sb, data, datalen);
@@ -1758,16 +1745,16 @@ ktrcapfail(struct ktr_cap_fail *ktr)
 	case CAPFAIL_NOTCAPABLE:
 		/* operation on fd with insufficient capabilities */
 		printf("operation requires ");
-		capname((intmax_t)ktr->cap_needed);
+		capname(&ktr->cap_needed);
 		printf(", process holds ");
-		capname((intmax_t)ktr->cap_held);
+		capname(&ktr->cap_held);
 		break;
 	case CAPFAIL_INCREASE:
 		/* requested more capabilities than fd already has */
 		printf("attempt to increase capabilities from ");
-		capname((intmax_t)ktr->cap_held);
+		capname(&ktr->cap_held);
 		printf(" to ");
-		capname((intmax_t)ktr->cap_needed);
+		capname(&ktr->cap_needed);
 		break;
 	case CAPFAIL_SYSCALL:
 		/* called restricted syscall */
@@ -1779,9 +1766,9 @@ ktrcapfail(struct ktr_cap_fail *ktr)
 		break;
 	default:
 		printf("unknown capability failure: ");
-		capname((intmax_t)ktr->cap_needed);
+		capname(&ktr->cap_needed);
 		printf(" ");
-		capname((intmax_t)ktr->cap_held);
+		capname(&ktr->cap_held);
 		break;
 	}
 	printf("\n");
diff --git a/usr.bin/kdump/mksubr b/usr.bin/kdump/mksubr
index b10af94..676e9e2 100644
--- a/usr.bin/kdump/mksubr
+++ b/usr.bin/kdump/mksubr
@@ -385,7 +385,6 @@ _EOF_
 
 auto_or_type     "accessmodename"      "[A-Z]_OK[[:space:]]+0?x?[0-9A-Fa-f]+"         "sys/unistd.h"
 auto_switch_type "acltypename"         "ACL_TYPE_[A-Z4_]+[[:space:]]+0x[0-9]+"        "sys/acl.h"
-auto_or_type     "capname"             "CAP_[A-Z]+[[:space:]]+0x[01248]{16}ULL"       "sys/capability.h"
 auto_or_type     "capfcntlname"        "CAP_FCNTL_[A-Z]+[[:space:]]+\(1"              "sys/capability.h"
 auto_switch_type "extattrctlname"      "EXTATTR_NAMESPACE_[A-Z]+[[:space:]]+0x[0-9]+" "sys/extattr.h"
 auto_switch_type "fadvisebehavname"    "POSIX_FADV_[A-Z]+[[:space:]]+[0-9]+"          "sys/fcntl.h"
@@ -609,3 +608,26 @@ cat <<_EOF_
 		}
 	}
 }
+
+_EOF_
+egrep '#define[[:space:]]+CAP_[A-Z_]+[[:space:]]+CAPRIGHT\([0-9],[[:space:]]+0x[0-9]{16}ULL\)' \
+	$include_dir/sys/capability.h | \
+	sed -E 's/[	]+/ /g' | \
+	awk -F '[   \(,\)]' '
+	BEGIN {
+		printf "void\n"
+		printf "capname(const cap_rights_t *rightsp)\n"
+		printf "{\n"
+		printf "\tint comma = 0;\n\n"
+		printf "\tprintf(\"<\");\n"
+	}
+	{
+		printf "\tif ((rightsp->cr_rights[%s] & %s) == %s) {\n", $4, $2, $2
+		printf "\t\tif (comma) printf(\",\"); else comma = 1;\n"
+		printf "\t\tprintf(\"%s\");\n", $2
+		printf "\t}\n"
+	}
+	END {
+		printf "\tprintf(\">\");\n"
+		printf "}\n"
+	}'