svn commit: r219129 - in head/sys: compat/freebsd32 conf kern
sys
John Baldwin
jhb at freebsd.org
Tue Mar 1 15:21:04 UTC 2011
On Tuesday, March 01, 2011 8:23:37 am Robert Watson wrote:
> Author: rwatson
> Date: Tue Mar 1 13:23:37 2011
> New Revision: 219129
> URL: http://svn.freebsd.org/changeset/base/219129
>
> Log:
> Add initial support for Capsicum's Capability Mode to the FreeBSD kernel,
> compiled conditionally on options CAPABILITIES:
>
> Add a new credential flag, CRED_FLAG_CAPMODE, which indicates that a
> subject (typically a process) is in capability mode.
>
> Add two new system calls, cap_enter(2) and cap_getmode(2), which allow
> setting and querying (but never clearing) the flag.
>
> Export the capability mode flag via process information sysctls.
>
> Sponsored by: Google, Inc.
> Reviewed by: anderson
> Discussed with: benl, kris, pjd
> Obtained from: Capsicum Project
> MFC after: 3 months
>
> Added:
> head/sys/kern/sys_capability.c (contents, props changed)
> Modified:
> head/sys/compat/freebsd32/syscalls.master
> head/sys/conf/NOTES
> head/sys/conf/options
> head/sys/kern/kern_proc.c
> head/sys/kern/syscalls.master
> head/sys/sys/ucred.h
> head/sys/sys/user.h
Looks like head/sys/sys/capability.h wasn't added by accident?
--
John Baldwin
More information about the svn-src-all
mailing list