Add a new errno, ENOTCAPABLE, to be returned when a process requests an

operation on a file descriptor that is not authorized by the descriptor's capability flags. MFC after: 1 month Sponsored by: Google
2009-10-07 20:20:51 +00:00 · 2009-10-07 20:20:51 +00:00 · 466473bd42
commit 466473bd42
parent 34ccb44d0e
3 changed files with 9 additions and 1 deletions
--- a/lib/libc/gen/errlst.c
+++ b/lib/libc/gen/errlst.c
@ -150,5 +150,6 @@ const char *const sys_errlist[] = {
 	"Multihop attempted",			/* 90 - EMULTIHOP */
 	"Link has been severed",		/* 91 - ENOLINK */
 	"Protocol error",			/* 92 - EPROTO */
+	"Capabilities insufficient",		/* 93 - ENOTCAPABLE */
 };
 const int sys_nerr = sizeof(sys_errlist) / sizeof(sys_errlist[0]);
--- a/lib/libc/sys/intro.2
+++ b/lib/libc/sys/intro.2
@ -456,6 +456,9 @@ The specified extended attribute does not exist.
 .It Er 88 EDOOFUS Em "Programming error" .
 A function or API is being abused in a way which could only be detected
 at run-time.
+.It Er 93 ENOTCAPABLE Em "Capabilities insufficient" .
+An operation on a capability file descriptor requires greater privilege than
+the capability allows.
 .El
 .Sh DEFINITIONS
 .Bl -tag -width Ds
--- a/sys/sys/errno.h
+++ b/sys/sys/errno.h
@ -174,7 +174,11 @@ __END_DECLS
 #define	EPROTO		92		/* Protocol error */

 #ifndef _POSIX_SOURCE
-#define	ELAST		92		/* Must be equal largest errno */
+#define	ENOTCAPABLE	93		/* Capabilities insufficient */
+#endif /* _POSIX_SOURCE */
+
+#ifndef _POSIX_SOURCE
+#define	ELAST		93		/* Must be equal largest errno */
 #endif /* _POSIX_SOURCE */

 #ifdef _KERNEL