From owner-svn-src-head@freebsd.org  Wed Aug  5 07:36:52 2015
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7DD209B4059;
 Wed,  5 Aug 2015 07:36:52 +0000 (UTC) (envelope-from ed@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 622F61078;
 Wed,  5 Aug 2015 07:36:52 +0000 (UTC) (envelope-from ed@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.70])
 by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t757aqiJ084497;
 Wed, 5 Aug 2015 07:36:52 GMT (envelope-from ed@FreeBSD.org)
Received: (from ed@localhost)
 by repo.freebsd.org (8.14.9/8.14.9/Submit) id t757apIw084494;
 Wed, 5 Aug 2015 07:36:51 GMT (envelope-from ed@FreeBSD.org)
Message-Id: <201508050736.t757apIw084494@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: ed set sender to ed@FreeBSD.org
 using -f
From: Ed Schouten <ed@FreeBSD.org>
Date: Wed, 5 Aug 2015 07:36:51 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r286309 - in head/sys: compat/linux kern sys
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Aug 2015 07:36:52 -0000

Author: ed
Date: Wed Aug  5 07:36:50 2015
New Revision: 286309
URL: https://svnweb.freebsd.org/changeset/base/286309

Log:
  Allow the creation of kqueues with a restricted set of Capsicum rights.
  
  On CloudABI we want to create file descriptors with just the minimal set
  of Capsicum rights in place. The reason for this is that it makes it
  easier to obtain uniform behaviour across different operating systems.
  
  By explicitly whitelisting the operations, we can return consistent
  error codes, but also prevent applications from depending OS-specific
  behaviour.
  
  Extend kern_kqueue() to take an additional struct filecaps that is
  passed on to falloc_caps(). Update the existing consumers to pass in
  NULL.
  
  Differential Revision:	https://reviews.freebsd.org/D3259

Modified:
  head/sys/compat/linux/linux_event.c
  head/sys/kern/kern_event.c
  head/sys/sys/syscallsubr.h

Modified: head/sys/compat/linux/linux_event.c
==============================================================================
--- head/sys/compat/linux/linux_event.c	Wed Aug  5 07:35:34 2015	(r286308)
+++ head/sys/compat/linux/linux_event.c	Wed Aug  5 07:36:50 2015	(r286309)
@@ -205,7 +205,7 @@ epoll_create_common(struct thread *td, i
 {
 	int error;
 
-	error = kern_kqueue(td, flags);
+	error = kern_kqueue(td, flags, NULL);
 	if (error)
 		return (error);
 

Modified: head/sys/kern/kern_event.c
==============================================================================
--- head/sys/kern/kern_event.c	Wed Aug  5 07:35:34 2015	(r286308)
+++ head/sys/kern/kern_event.c	Wed Aug  5 07:36:50 2015	(r286309)
@@ -738,11 +738,11 @@ int
 sys_kqueue(struct thread *td, struct kqueue_args *uap)
 {
 
-	return (kern_kqueue(td, 0));
+	return (kern_kqueue(td, 0, NULL));
 }
 
 int
-kern_kqueue(struct thread *td, int flags)
+kern_kqueue(struct thread *td, int flags, struct filecaps *fcaps)
 {
 	struct filedesc *fdp;
 	struct kqueue *kq;
@@ -760,7 +760,7 @@ kern_kqueue(struct thread *td, int flags
 	}
 
 	fdp = p->p_fd;
-	error = falloc(td, &fp, &fd, flags);
+	error = falloc_caps(td, &fp, &fd, flags, fcaps);
 	if (error)
 		goto done2;
 

Modified: head/sys/sys/syscallsubr.h
==============================================================================
--- head/sys/sys/syscallsubr.h	Wed Aug  5 07:35:34 2015	(r286308)
+++ head/sys/sys/syscallsubr.h	Wed Aug  5 07:36:50 2015	(r286309)
@@ -126,7 +126,7 @@ int	kern_kevent(struct thread *td, int f
 int	kern_kevent_fp(struct thread *td, struct file *fp, int nchanges,
 	    int nevents, struct kevent_copyops *k_ops,
 	    const struct timespec *timeout);
-int	kern_kqueue(struct thread *td, int flags);
+int	kern_kqueue(struct thread *td, int flags, struct filecaps *fcaps);
 int	kern_kldload(struct thread *td, const char *file, int *fileid);
 int	kern_kldstat(struct thread *td, int fileid, struct kld_file_stat *stat);
 int	kern_kldunload(struct thread *td, int fileid, int flags);