Add sysent flag to switch to capabilities mode on startup.

CloudABI processes should run in capabilities mode automatically. There is no need to switch manually (e.g., by calling cap_enter()). Add a flag, SV_CAPSICUM, that can be used to call into cap_enter() during execve(). Reviewed by: kib
2015-08-03 13:41:47 +00:00 · 2015-08-03 13:41:47 +00:00 · 39f5ebb774
commit 39f5ebb774
parent f94cc23475
2 changed files with 10 additions and 5 deletions
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@ -562,6 +562,10 @@ do_execve(td, args, mac_p)
 		goto exec_fail_dealloc;
 	}

+	/* ABI enforces the use of Capsicum. Switch into capabilities mode. */
+	if (SV_PROC_FLAG(p, SV_CAPSICUM))
+		sys_cap_enter(td, NULL);
+
 	/*
 	 * Copy out strings (args and env) and initialize stack base
 	 */
--- a/sys/sys/sysent.h
+++ b/sys/sys/sysent.h
@ -139,11 +139,12 @@ struct sysentvec {
 	void		(*sv_thread_detach)(struct thread *);
 };

-#define	SV_ILP32	0x000100
-#define	SV_LP64		0x000200
-#define	SV_IA32		0x004000
-#define	SV_AOUT		0x008000
-#define	SV_SHP		0x010000
+#define	SV_ILP32	0x000100	/* 32-bit executable. */
+#define	SV_LP64		0x000200	/* 64-bit executable. */
+#define	SV_IA32		0x004000	/* Intel 32-bit executable. */
+#define	SV_AOUT		0x008000	/* a.out executable. */
+#define	SV_SHP		0x010000	/* Shared page. */
+#define	SV_CAPSICUM	0x020000	/* Force cap_enter() on startup. */

 #define	SV_ABI_MASK	0xff
 #define	SV_PROC_FLAG(p, x)	((p)->p_sysent->sv_flags & (x))