Declare more capability method rights.

This is a complete set of rights that can be held in a capability's rights mask. Approved by: re (kib), mentor (rwatson) Sponsored by: Google Inc
2011-07-21 21:08:33 +00:00 · 2011-07-21 21:08:33 +00:00 · 6b7a28575f
commit 6b7a28575f
parent e9f91b2b2a
1 changed files with 68 additions and 1 deletions
--- a/sys/sys/capability.h
+++ b/sys/sys/capability.h
@ -53,11 +53,78 @@
 * mmap() and aio*() system calls will need special attention as they may
 * involve reads or writes depending a great deal on context.
 */
+
+/* General file I/O. */
 #define	CAP_READ		0x0000000000000001ULL	/* read/recv */
 #define	CAP_WRITE		0x0000000000000002ULL	/* write/send */
 #define	CAP_MMAP		0x0000000000000004ULL	/* mmap */
 #define	CAP_MAPEXEC		0x0000000000000008ULL	/* mmap(2) as exec */
-#define	CAP_MASK_VALID		0x000000000000000fULL
+#define	CAP_FEXECVE		0x0000000000000010ULL
+#define	CAP_FSYNC		0x0000000000000020ULL
+#define	CAP_FTRUNCATE		0x0000000000000040ULL
+#define	CAP_SEEK		0x0000000000000080ULL
+
+/* VFS methods. */
+#define	CAP_FCHFLAGS		0x0000000000000100ULL
+#define	CAP_FCHDIR		0x0000000000000200ULL
+#define	CAP_FCHMOD		0x0000000000000400ULL
+#define	CAP_FCHOWN		0x0000000000000800ULL
+#define	CAP_FCNTL		0x0000000000001000ULL
+#define	CAP_FPATHCONF		0x0000000000002000ULL
+#define	CAP_FLOCK		0x0000000000004000ULL
+#define	CAP_FSCK		0x0000000000008000ULL
+#define	CAP_FSTAT		0x0000000000010000ULL
+#define	CAP_FSTATFS		0x0000000000020000ULL
+#define	CAP_FUTIMES		0x0000000000040000ULL
+
+/* Extended attributes. */
+#define	CAP_EXTATTR_DELETE	0x0000000000080000ULL
+#define	CAP_EXTATTR_GET		0x0000000000100000ULL
+#define	CAP_EXTATTR_LIST	0x0000000000200000ULL
+#define	CAP_EXTATTR_SET		0x0000000000400000ULL
+
+/* Access Control Lists. */
+#define	CAP_ACL_CHECK		0x0000000000800000ULL
+#define	CAP_ACL_DELETE		0x0000000001000000ULL
+#define	CAP_ACL_GET		0x0000000002000000ULL
+#define	CAP_ACL_SET		0x0000000004000000ULL
+
+/* Socket operations. */
+#define	CAP_ACCEPT		0x0000000008000000ULL
+#define	CAP_BIND		0x0000000010000000ULL
+#define	CAP_CONNECT		0x0000000020000000ULL
+#define	CAP_GETPEERNAME		0x0000000040000000ULL
+#define	CAP_GETSOCKNAME		0x0000000080000000ULL
+#define	CAP_GETSOCKOPT		0x0000000100000000ULL
+#define	CAP_LISTEN		0x0000000200000000ULL
+#define	CAP_PEELOFF		0x0000000400000000ULL
+#define	CAP_SETSOCKOPT		0x0000000800000000ULL
+#define	CAP_SHUTDOWN		0x0000001000000000ULL
+
+#define	CAP_SOCK_ALL \
+	(CAP_ACCEPT | CAP_BIND | CAP_CONNECT \
+	 | CAP_GETPEERNAME | CAP_GETSOCKNAME | CAP_GETSOCKOPT \
+	 | CAP_LISTEN | CAP_PEELOFF | CAP_SETSOCKOPT | CAP_SHUTDOWN)
+
+/* Mandatory Access Control. */
+#define	CAP_MAC_GET		0x0000002000000000ULL
+#define	CAP_MAC_SET		0x0000004000000000ULL
+
+/* Methods on semaphores. */
+#define	CAP_SEM_GETVALUE	0x0000008000000000ULL
+#define	CAP_SEM_POST		0x0000010000000000ULL
+#define	CAP_SEM_WAIT		0x0000020000000000ULL
+
+/* Events - maybe we need a post/get distinction? */
+#define	CAP_EVENT		0x0000040000000000ULL
+#define	CAP_KEVENT		0x0000080000000000ULL
+
+/* Strange and powerful rights that should not be given lightly. */
+#define	CAP_IOCTL		0x0000100000000000ULL
+#define	CAP_TTYHOOK		0x0000200000000000ULL
+
+/* The mask of all valid method rights. */
+#define	CAP_MASK_VALID		0x00003fffffffffffULL

 #ifdef _KERNEL