svn commit: r286229 - in head/sys: kern sys

[Ed Schouten]

Author: ed
Date: Mon Aug  3 13:41:47 2015
New Revision: 286229
URL: https://svnweb.freebsd.org/changeset/base/286229

Log:
  Add sysent flag to switch to capabilities mode on startup.
  
  CloudABI processes should run in capabilities mode automatically. There
  is no need to switch manually (e.g., by calling cap_enter()). Add a
  flag, SV_CAPSICUM, that can be used to call into cap_enter() during
  execve().
  
  Reviewed by:	kib

Modified:
  head/sys/kern/kern_exec.c
  head/sys/sys/sysent.h

Modified: head/sys/kern/kern_exec.c
==============================================================================
--- head/sys/kern/kern_exec.c	Mon Aug  3 12:14:42 2015	(r286228)
+++ head/sys/kern/kern_exec.c	Mon Aug  3 13:41:47 2015	(r286229)
@@ -562,6 +562,10 @@ interpret:
 		goto exec_fail_dealloc;
 	}
 
+	/* ABI enforces the use of Capsicum. Switch into capabilities mode. */
+	if (SV_PROC_FLAG(p, SV_CAPSICUM))
+		sys_cap_enter(td, NULL);
+
 	/*
 	 * Copy out strings (args and env) and initialize stack base
 	 */

Modified: head/sys/sys/sysent.h
==============================================================================
--- head/sys/sys/sysent.h	Mon Aug  3 12:14:42 2015	(r286228)
+++ head/sys/sys/sysent.h	Mon Aug  3 13:41:47 2015	(r286229)
@@ -139,11 +139,12 @@ struct sysentvec {
 	void		(*sv_thread_detach)(struct thread *);
 };
 
-#define	SV_ILP32	0x000100
-#define	SV_LP64		0x000200
-#define	SV_IA32		0x004000
-#define	SV_AOUT		0x008000
-#define	SV_SHP		0x010000
+#define	SV_ILP32	0x000100	/* 32-bit executable. */
+#define	SV_LP64		0x000200	/* 64-bit executable. */
+#define	SV_IA32		0x004000	/* Intel 32-bit executable. */
+#define	SV_AOUT		0x008000	/* a.out executable. */
+#define	SV_SHP		0x010000	/* Shared page. */
+#define	SV_CAPSICUM	0x020000	/* Force cap_enter() on startup. */
 
 #define	SV_ABI_MASK	0xff
 #define	SV_PROC_FLAG(p, x)	((p)->p_sysent->sv_flags & (x))