git: 6945df3fff57 - main - makesyscalls.lua: add a CAPENABLED flag

Wed, 01 Sep 2021 13:59:57 -0700 

The branch main has been updated by brooks:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=6945df3fff57a9606f8c8a4e3865def3a0e915e7

commit 6945df3fff57a9606f8c8a4e3865def3a0e915e7
Author:     Brooks Davis <bro...@freebsd.org>
AuthorDate: 2021-09-01 20:54:38 +0000
Commit:     Brooks Davis <bro...@freebsd.org>
CommitDate: 2021-09-01 20:58:06 +0000

    makesyscalls.lua: add a CAPENABLED flag
    
    The CAPENABLED flag indicates that the syscall can be used in capsicum
    capability mode.  It is intended to replace capabilities.conf.
    
    Reviewed by:    kevans, emaste
    MFC after:      1 week
    Sponsored by:   DARPA
    Differential Revision:  https://reviews.freebsd.org/D31349
---
 sys/kern/syscalls.master   | 2 ++
 sys/tools/makesyscalls.lua | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/sys/kern/syscalls.master b/sys/kern/syscalls.master
index 11247aed8fd6..6cc462a206c9 100644
--- a/sys/kern/syscalls.master
+++ b/sys/kern/syscalls.master
@@ -17,6 +17,7 @@
 ;              COMPAT7, COMPAT11, COMPAT12, NODEF, NOARGS, NOPROTO, NOSTD
 ;              The COMPAT* options may be combined with one or more NO*
 ;              options separated by '|' with no spaces (e.g. COMPAT|NOARGS)
+;              The CAPENABLED option may be ORed into a type.
 ;      name    pseudo-prototype of syscall routine
 ;              If one of the following alts is different, then all appear:
 ;      altname name of system call if different
@@ -47,6 +48,7 @@
 ;              function prototype in sys/sysproto.h.  Does add a
 ;              definition to syscall.h besides adding a sysent.
 ;      NOTSTATIC syscall is loadable
+;      CAPENABLED syscall is allowed in capability mode
 
 ; annotations:
 ;      SAL 2.0 annotations are used to specify how system calls treat
diff --git a/sys/tools/makesyscalls.lua b/sys/tools/makesyscalls.lua
index dab8e0e01f82..55fb8de63526 100644
--- a/sys/tools/makesyscalls.lua
+++ b/sys/tools/makesyscalls.lua
@@ -151,6 +151,7 @@ local known_flags = {
        NOPROTO         = 0x00000040,
        NOSTD           = 0x00000080,
        NOTSTATIC       = 0x00000100,
+       CAPENABLED      = 0x00000200,
 
        -- Compat flags start from here.  We have plenty of space.
 }
@@ -1059,7 +1060,8 @@ process_syscall_def = function(line)
        -- If applicable; strip the ABI prefix from the name
        local stripped_name = strip_abi_prefix(funcname)
 
-       if config["capenabled"][funcname] ~= nil or
+       if flags & known_flags['CAPENABLED'] ~= 0 or
+           config["capenabled"][funcname] ~= nil or
            config["capenabled"][stripped_name] ~= nil then
                sysflags = "SYF_CAPENABLED"
        end
_______________________________________________
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"

Reply via email to