From 29aee14890edbe5929d6b3baa3f712dc2bc37d2c Mon Sep 17 00:00:00 2001
From: Adrian Chadd <adrian@FreeBSD.org>
Date: Sat, 19 Nov 2016 18:19:21 +0000
Subject: [PATCH] [dd] Revert the capsicum bits for now until it gets fixed.

dd is a bootstrap tool and that header isn't installed as part of the
bootstrap environment for previous releases (eg freebsd-10.)

We'll figure it out in post and then re-commit it.
---
 bin/dd/dd.c | 30 ------------------------------
 1 file changed, 30 deletions(-)

diff --git a/bin/dd/dd.c b/bin/dd/dd.c
index a13213dcc8c6..56f8efef7a53 100644
--- a/bin/dd/dd.c
+++ b/bin/dd/dd.c
@@ -48,13 +48,10 @@ __FBSDID("$FreeBSD$");
 #include <sys/param.h>
 #include <sys/stat.h>
 #include <sys/conf.h>
-#include <sys/capsicum.h>
 #include <sys/disklabel.h>
 #include <sys/filio.h>
-#include <sys/mtio.h>
 
 #include <assert.h>
-#include <capsicum_helpers.h>
 #include <ctype.h>
 #include <err.h>
 #include <errno.h>
@@ -95,10 +92,6 @@ main(int argc __unused, char *argv[])
 	jcl(argv);
 	setup();
 
-	caph_cache_catpages();
-	if (cap_enter() == -1 && errno != ENOSYS)
-		err(1, "unable to enter capability mode");
-
 	(void)signal(SIGINFO, siginfo_handler);
 	(void)signal(SIGINT, terminate);
 
@@ -132,8 +125,6 @@ static void
 setup(void)
 {
 	u_int cnt;
-	cap_rights_t rights;
-	unsigned long cmds[] = { FIODTYPE, MTIOCTOP };
 
 	if (in.name == NULL) {
 		in.name = "stdin";
@@ -142,20 +133,13 @@ setup(void)
 		in.fd = open(in.name, O_RDONLY, 0);
 		if (in.fd == -1)
 			err(1, "%s", in.name);
-		if (caph_limit_stdin() == -1)
-			err(1, "unable to limit capability rights");
 	}
 
 	getfdtype(&in);
 
-	cap_rights_init(&rights, CAP_READ, CAP_SEEK);
-	if (cap_rights_limit(in.fd, &rights) == -1 && errno != ENOSYS)
-		err(1, "unable to limit capability rights");
-
 	if (files_cnt > 1 && !(in.flags & ISTAPE))
 		errx(1, "files is not supported for non-tape devices");
 
-	cap_rights_set(&rights, CAP_WRITE, CAP_FTRUNCATE, CAP_IOCTL);
 	if (out.name == NULL) {
 		/* No way to check for read access here. */
 		out.fd = STDOUT_FILENO;
@@ -172,27 +156,13 @@ setup(void)
 		if (out.fd == -1) {
 			out.fd = open(out.name, O_WRONLY | OFLAGS, DEFFILEMODE);
 			out.flags |= NOREAD;
-			cap_rights_clear(&rights, CAP_READ);
 		}
 		if (out.fd == -1)
 			err(1, "%s", out.name);
-		if (caph_limit_stdout() == -1)
-			err(1, "unable to limit capability rights");
 	}
 
 	getfdtype(&out);
 
-	if (cap_rights_limit(out.fd, &rights) == -1 && errno != ENOSYS)
-		err(1, "unable to limit capability rights");
-	if (cap_ioctls_limit(out.fd, cmds, nitems(cmds)) == -1 &&
-	    errno != ENOSYS)
-		err(1, "unable to limit capability rights");
-
-	if (in.fd != STDERR_FILENO && out.fd != STDERR_FILENO) {
-		if (caph_limit_stderr() == -1)
-			err(1, "unable to limit capability rights");
-	}
-
 	/*
 	 * Allocate space for the input and output buffers.  If not doing
 	 * record oriented I/O, only need a single buffer.