PERFORCE change 133868 for review

[Robert Watson]

http://perforce.freebsd.org/chv.cgi?CH=133868

Change 133868 by rwatson at rwatson_freebsd_capabilities on 2008/01/22 16:13:50

	Add a flags field to the process credential and define a flag for
	capability mode.
	
	Add a new system call, cap_getmode() that returns whether or not
	the process is in capability mode.
	
	Implement cap_enter() system call to set that flag.  The call is
	a no-op if the process is already in capability mode.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#5 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.master#5 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/ucred.h#2 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#5 (text+ko) ====

@@ -58,16 +58,19 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#4 $");
+__FBSDID("$P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#5 $");
 
 #include <sys/param.h>
 #include <sys/capability.h>
 #include <sys/file.h>
 #include <sys/filedesc.h>
 #include <sys/kernel.h>
+#include <sys/lock.h>
+#include <sys/mutex.h>
 #include <sys/proc.h>
 #include <sys/sysproto.h>
 #include <sys/systm.h>
+#include <sys/ucred.h>
 
 #include <vm/uma.h>
 
@@ -162,20 +165,44 @@
 }
 
 /*
- * Enter capability mode for the process.
+ * System call to enter capability mode for the process.
  */
 int
 cap_enter(struct thread *td, struct cap_enter_args *uap)
 {
+	struct ucred *newcred, *oldcred;
+	struct proc *p;
 
-	/* XXXRW: Not implemented. */
+	if (td->td_ucred->cr_flags & CRED_FLAG_CAPMODE)
+		return (0);
 
+	newcred = crget();
+	p = td->td_proc;
+	PROC_LOCK(p);
+	oldcred = p->p_ucred;
+	crcopy(newcred, oldcred);
+	newcred->cr_flags |= CRED_FLAG_CAPMODE;
+	p->p_ucred = newcred;
+	PROC_UNLOCK(p);
+	crfree(oldcred);
 	return (0);
 }
 
 /*
- * Create a new capability reference to either an existing file object or an
- * an existing capability.
+ * System call to query whether the process is in capability mode.
+ */
+int
+cap_getmode(struct thread *td, struct cap_getmode_args *uap)
+{
+	u_int i;
+
+	i = (td->td_ucred->cr_flags & CRED_FLAG_CAPMODE) ? 1 : 0;
+	return (copyout(&i, uap->modep, sizeof(i)));
+}
+
+/*
+ * System call to create a new capability reference to either an existing
+ * file object or an an existing capability.
  */
 int
 cap_new(struct thread *td, struct cap_new_args *uap)

==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.master#5 (text+ko) ====

@@ -854,5 +854,6 @@
 485	AUE_NULL	STD	{ int cap_getrights(int fd, \
 				    u_int64_t *rightsp); }
 486	AUE_NULL	STD	{ int cap_enter(void); }
+487	AUE_NULL	STD	{ int cap_getmode(u_int *modep); }
 ; Please copy any additions and changes to the following compatability tables:
 ; sys/compat/freebsd32/syscalls.master

==== //depot/projects/trustedbsd/capabilities/src/sys/sys/ucred.h#2 (text+ko) ====

@@ -55,13 +55,19 @@
 	struct uidinfo	*cr_uidinfo;	/* per euid resource consumption */
 	struct uidinfo	*cr_ruidinfo;	/* per ruid resource consumption */
 	struct prison	*cr_prison;	/* jail(2) */
-	void 		*cr_pspare[3];	/* vimage 2; general use 1 */
+	u_int	cr_flags;		/* Flags. */
+	void 	*cr_pspare[3];		/* vimage 2; general use 1 */
 #define	cr_endcopy	cr_label
 	struct label	*cr_label;	/* MAC label */
 	struct auditinfo_addr	cr_audit;	/* Audit properties. */
 };
 #define	NOCRED	((struct ucred *)0)	/* no credential available */
 #define	FSCRED	((struct ucred *)-1)	/* filesystem credential */
+
+/*
+ * Flags for cr_flags.
+ */
+#define	CRED_FLAG_CAPMODE	0x00000001	/* In capability mode. */
 #endif /* _KERNEL || _WANT_UCRED */
 
 /*