Page MenuHomeFreeBSD
Files F109435003

D35116.diff
No OneTemporary
Actions

D35116.diff
View Options

Index: bin/ps/print.c
===================================================================
--- bin/ps/print.c
+++ bin/ps/print.c
@@ -277,8 +277,10 @@
*cp++ = 'V';
if ((flag & P_SYSTEM) || k->ki_p->ki_lock > 0)
*cp++ = 'L';
- if ((k->ki_p->ki_cr_flags & CRED_FLAG_CAPMODE) != 0)
+ if ((k->ki_p->ki_cr_flags & KI_CRF_CAPABILITY_MODE) != 0)
*cp++ = 'C';
+ if ((k->ki_p->ki_cr_flags & KI_CRF_SYSCALLS_FILTER) != 0)
+ *cp++ = 'F';
if (k->ki_p->ki_kiflag & KI_SLEADER)
*cp++ = 's';
if ((flag & P_CONTROLT) && k->ki_p->ki_pgid == k->ki_p->ki_tpgid)
Index: lib/libkvm/kvm_proc.c
===================================================================
--- lib/libkvm/kvm_proc.c
+++ lib/libkvm/kvm_proc.c
@@ -149,7 +149,11 @@
kp->ki_svuid = ucred.cr_svuid;
kp->ki_rgid = ucred.cr_rgid;
kp->ki_svgid = ucred.cr_svgid;
- kp->ki_cr_flags = ucred.cr_flags;
+ kp->ki_cr_flags = 0;
+ if ((ucred.cr_flags & CRED_FLAG_CAPMODE) != 0)
+ kp->ki_cr_flags |= KI_CRF_CAPABILITY_MODE;
+ if ((ucred.cr_flags & CRED_FLAG_SYSFILT) != 0)
+ kp->ki_cr_flags |= KI_CRF_SYSCALLS_FILTER;
if (ucred.cr_ngroups > KI_NGROUPS) {
kp->ki_ngroups = KI_NGROUPS;
kp->ki_cr_flags |= KI_CRF_GRP_OVERFLOW;
Index: share/man/man9/syscall_helper_register.9
===================================================================
--- share/man/man9/syscall_helper_register.9
+++ share/man/man9/syscall_helper_register.9
@@ -43,13 +43,13 @@
.Ft struct syscall_helper_data
.Fn SYSCALL_INIT_HELPER "syscallname"
.Ft struct syscall_helper_data
-.Fn SYSCALL_INIT_HELPER_F "syscallname" "int flags"
+.Fn SYSCALL_INIT_HELPER_F "syscallname" "int syflags"
.\"
.Ss COMPATIBILITY INITIALIZER MACROS
.Ft struct syscall_helper_data
.Fn SYSCALL_INIT_HELPER_COMPAT "syscallname"
.Ft struct syscall_helper_data
-.Fn SYSCALL_INIT_HELPER_COMPAT_F "syscallname" "int flags"
+.Fn SYSCALL_INIT_HELPER_COMPAT_F "syscallname" "int syflags"
.\"
.Sh DESCRIPTION
The
@@ -68,13 +68,26 @@
};
.Ed
.Pp
-The only valid flag for the
+Valid flags for the
.Fa flags
argument to
.Fn syscall_helper_register
-is
-.Dv SY_THR_STATIC .
-This flag prevents the syscall from being unregistered.
+are:
+.Bl -tag -width ".Dv SY_HLP_PRESERVE_SYFLAGS"
+.It Dv SY_THR_STATIC
+Prevents the syscall from being unregistered.
+.It Dv SY_THR_STATIC_KLD
+Will be equal to SY_THR_STATIC when not compiling a
+.Xr kld 4
+module. Will be 0 otherwise.
+.It Dv SY_HLP_PRESERVE_SYFLAGS
+Preserve the
+.Fa syflags
+(see below)
+of the existing syscall.
+Useful when flags are already specified in
+.Pa syscalls.master .
+.El
.\"
.Pp
Before use, the structure must be initialized with one of the
@@ -87,11 +100,22 @@
For legacy syscall functions named without "sys_" prefixes, the "COMPAT"
versions of the macros may be used.
.Pp
-The only valid flag for the
-.Fa flags
-argument to the "F" variants of the initializer macros is
-.Dv SYF_CAPENABLED .
-This flag indicates that the syscall is allowed in capability mode.
+Valid flags for the
+.Fa syflags
+argument to the "F" variants of the initializer macros are:
+.Bl -tag -width ".Dv SYF_CAPENABLED"
+.It Dv SYF_CAPENABLED
+Indicates that the syscall is allowed in
+.Xr capsicum 4
+capability mode.
+.It Dv SYF_SYSCAT()
+Specifies a "category" for the syscall.
+This is used by the mac_curtain
+.Xr mac 4
+module to restrict syscalls.
+Categories are defined in
+.In sys/syscat.h .
+.El
.Pp
The
.Fn syscall_helper_unregister
@@ -119,7 +143,9 @@
The
.Fa flags
argument contained a value other than
-.Dv SY_THR_STATIC .
+.Dv SY_THR_STATIC
+or
+.Dv SY_HLP_PRESERVE_SYFLAGS .
.It Bq Er EINVAL
The specified syscall number,
.Dv sd.syscall_no
Index: sys/amd64/amd64/vm_machdep.c
===================================================================
--- sys/amd64/amd64/vm_machdep.c
+++ sys/amd64/amd64/vm_machdep.c
@@ -83,6 +83,8 @@
#include <vm/vm_map.h>
#include <vm/vm_param.h>
+#include <security/mac/mac_framework.h>
+
_Static_assert(OFFSETOF_MONITORBUF == offsetof(struct pcpu, pc_monitorbuf),
"OFFSETOF_MONITORBUF does not correspond with offset of pc_monitorbuf.");
@@ -527,6 +529,13 @@
error = pget(id, PGET_CANSEE | PGET_NOTWEXIT | PGET_NOTID, &p);
if (error != 0)
break;
+#ifdef MAC
+ error = mac_proc_check_procctl(td->td_ucred, p, com, data);
+ if (error != 0) {
+ PROC_UNLOCK(p);
+ break;
+ }
+#endif
switch (com) {
case PROC_KPTI_CTL:
cpu_procctl_kpti_ctl(p, val);
Index: sys/compat/linux/linux_errno.inc
===================================================================
--- sys/compat/linux/linux_errno.inc
+++ sys/compat/linux/linux_errno.inc
@@ -156,9 +156,11 @@
[ENOTRECOVERABLE] = -LINUX_ENOTRECOVERABLE,
[EOWNERDEAD] = -LINUX_EOWNERDEAD,
[EINTEGRITY] = -LINUX_EINVAL, /* XXX */
+ [EMACTRAP] = -LINUX_EPERM,
+ [EMACKILL] = -LINUX_EPERM,
};
-_Static_assert(ELAST == 97,
+_Static_assert(ELAST == 99,
"missing errno entries in linux_errtbl");
static const int linux_to_bsd_errtbl[LINUX_ELAST + 1] = {
Index: sys/compat/linuxkpi/common/src/linux_compat.c
===================================================================
--- sys/compat/linuxkpi/common/src/linux_compat.c
+++ sys/compat/linuxkpi/common/src/linux_compat.c
@@ -1840,7 +1840,7 @@
vp = filp->f_vnode;
vn_lock(vp, LK_SHARED | LK_RETRY);
- error = VOP_STAT(vp, sb, curthread->td_ucred, NOCRED);
+ error = VOP_STAT(vp, sb, curthread->td_ucred, fp->f_cred);
VOP_UNLOCK(vp);
return (error);
Index: sys/conf/files
===================================================================
--- sys/conf/files
+++ sys/conf/files
@@ -5085,6 +5085,7 @@
security/mac/mac_audit.c optional mac audit
security/mac/mac_cred.c optional mac
security/mac/mac_framework.c optional mac
+security/mac/mac_generic.c optional mac
security/mac/mac_inet.c optional mac inet | mac inet6
security/mac/mac_inet6.c optional mac inet6
security/mac/mac_label.c optional mac
Index: sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c
===================================================================
--- sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c
+++ sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c
@@ -91,9 +91,17 @@
#include <sys/extattr.h>
#include <sys/priv.h>
+#include <security/mac/mac_framework.h>
+
#ifndef VN_OPEN_INVFS
#define VN_OPEN_INVFS 0x0
#endif
+#ifndef VN_OPEN_MACWALKCONTINUE
+#define VN_OPEN_MACWALKCONTINUE 0x0
+#endif
+#ifndef MACWALKCONTINUE
+#define MACWALKCONTINUE 0x0
+#endif
VFS_SMR_DECLARE;
@@ -5344,14 +5352,19 @@
if (error != 0)
return (error);
+#ifdef MAC
+ mac_vnode_walk_transfer(td->td_ucred, ap->a_vp, xvp);
+#endif
flags = FREAD;
#if __FreeBSD_version < 1400043
- NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, attrname,
- xvp, td);
+ NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW | MACWALKCONTINUE, UIO_SYSSPACE,
+ attrname, xvp, td);
#else
- NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, attrname, xvp);
+ NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW | MACWALKCONTINUE, UIO_SYSSPACE,
+ attrname, xvp);
#endif
- error = vn_open_cred(&nd, &flags, 0, VN_OPEN_INVFS, ap->a_cred, NULL);
+ error = vn_open_cred(&nd, &flags, 0, VN_OPEN_INVFS |
+ VN_OPEN_MACWALKCONTINUE, ap->a_cred, NULL);
vp = nd.ni_vp;
NDFREE_PNBUF(&nd);
if (error != 0)
@@ -5489,12 +5502,15 @@
if (error != 0)
return (error);
+#ifdef MAC
+ mac_vnode_walk_transfer(ap->a_td->td_ucred, ap->a_vp, xvp);
+#endif
#if __FreeBSD_version < 1400043
- NDINIT_ATVP(&nd, DELETE, NOFOLLOW | LOCKPARENT | LOCKLEAF,
- UIO_SYSSPACE, attrname, xvp, ap->a_td);
+ NDINIT_ATVP(&nd, DELETE, NOFOLLOW | LOCKPARENT | LOCKLEAF |
+ MACWALKCONTINUE, UIO_SYSSPACE, attrname, xvp, ap->a_td);
#else
- NDINIT_ATVP(&nd, DELETE, NOFOLLOW | LOCKPARENT | LOCKLEAF,
- UIO_SYSSPACE, attrname, xvp);
+ NDINIT_ATVP(&nd, DELETE, NOFOLLOW | LOCKPARENT | LOCKLEAF |
+ MACWALKCONTINUE, UIO_SYSSPACE, attrname, xvp);
#endif
error = namei(&nd);
vp = nd.ni_vp;
@@ -5634,14 +5650,19 @@
if (error != 0)
return (error);
+#ifdef MAC
+ mac_vnode_walk_transfer(td->td_ucred, ap->a_vp, xvp);
+#endif
flags = FFLAGS(O_WRONLY | O_CREAT);
#if __FreeBSD_version < 1400043
- NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, attrname, xvp, td);
+ NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW | MACWALKCONTINUE, UIO_SYSSPACE,
+ attrname, xvp, td);
#else
- NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, attrname, xvp);
+ NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW | MACWALKCONTINUE, UIO_SYSSPACE,
+ attrname, xvp);
#endif
- error = vn_open_cred(&nd, &flags, 0600, VN_OPEN_INVFS, ap->a_cred,
- NULL);
+ error = vn_open_cred(&nd, &flags, 0600, VN_OPEN_INVFS |
+ VN_OPEN_MACWALKCONTINUE, ap->a_cred, NULL);
vp = nd.ni_vp;
NDFREE_PNBUF(&nd);
if (error != 0)
@@ -5821,12 +5842,15 @@
return (error);
}
+#ifdef MAC
+ mac_vnode_walk_transfer(td->td_ucred, ap->a_vp, xvp);
+#endif
#if __FreeBSD_version < 1400043
- NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | LOCKSHARED,
- UIO_SYSSPACE, ".", xvp, td);
+ NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | LOCKSHARED |
+ MACWALKCONTINUE, UIO_SYSSPACE, ".", xvp, td);
#else
- NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | LOCKSHARED,
- UIO_SYSSPACE, ".", xvp);
+ NDINIT_ATVP(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | LOCKSHARED |
+ MACWALKCONTINUE, UIO_SYSSPACE, ".", xvp);
#endif
error = namei(&nd);
vp = nd.ni_vp;
Index: sys/fs/fdescfs/fdesc_vnops.c
===================================================================
--- sys/fs/fdescfs/fdesc_vnops.c
+++ sys/fs/fdescfs/fdesc_vnops.c
@@ -61,6 +61,8 @@
#include <fs/fdescfs/fdesc.h>
+#include <security/mac/mac_framework.h>
+
#define NFDCACHE 4
#define FD_NHASH(ix) \
(&fdhashtbl[(ix) & fdhash])
@@ -330,6 +332,27 @@
*/
if ((error = fget(td, fd, &cap_no_rights, &fp)) != 0)
goto bad;
+#ifdef MAC
+ if (mac_vnode_walk_needed(cnp->cn_cred) && fp->f_type == DTYPE_VNODE) {
+ /* The above fget() will push a new tracker entry for the
+ * target FD's vnode (if any) and make it the current entry.
+ *
+ * When not in nodup mode, rewind to the entry that was current
+ * before the fget() so that path lookup can continue from the
+ * fdescfs wrapper vnode. kern_openat() will retrieve the
+ * target FD after namei() returns.
+ *
+ * When in nodup mode, just continue path lookup from the entry
+ * pushed by fget(). The target FD's vnode will be returned
+ * directly instead of a wrapper vnode, so that's the vnode the
+ * MAC walk should continue from. It is very important that
+ * path lookup does NOT continue from the fdescfs vnode or the
+ * target FD's vnode could incorrectly inherit its permissions!
+ */
+ if ((VFSTOFDESC(dvp->v_mount)->flags & FMNT_NODUP) == 0)
+ mac_vnode_walk_failed(cnp->cn_cred, 0);
+ }
+#endif
/* Check if we're looking up ourselves. */
if (VTOFDESC(dvp)->fd_ix == FD_DESC + fd) {
Index: sys/kern/kern_cpuset.c
===================================================================
--- sys/kern/kern_cpuset.c
+++ sys/kern/kern_cpuset.c
@@ -61,6 +61,7 @@
#include <sys/bus.h>
#include <sys/interrupt.h>
#include <sys/vmmeter.h>
+#include <sys/syscat.h>
#include <vm/uma.h>
#include <vm/vm.h>
@@ -72,6 +73,8 @@
#include <vm/vm_phys.h>
#include <vm/vm_pagequeue.h>
+#include <security/mac/mac_framework.h>
+
#ifdef DDB
#include <ddb/ddb.h>
#endif /* DDB */
@@ -1737,6 +1740,19 @@
!(which == CPU_WHICH_PID && id == td->td_proc->p_pid))
return (ECAPMODE);
}
+#ifdef MAC
+ if (level != CPU_LEVEL_WHICH ||
+ (which != CPU_WHICH_TID && which != CPU_WHICH_PID)) {
+ /*
+ * Mostly the same as for Capsicum, but rely on a p_cansched()
+ * later on to restrict process/thread visiblity.
+ */
+ int error;
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_CPUSET);
+ if (error != 0)
+ return (error);
+ }
+#endif
return (0);
}
Index: sys/kern/kern_descrip.c
===================================================================
--- sys/kern/kern_descrip.c
+++ sys/kern/kern_descrip.c
@@ -79,11 +79,13 @@
#include <sys/unistd.h>
#include <sys/user.h>
#include <sys/vnode.h>
+#include <sys/syscat.h>
#include <sys/ktrace.h>
#include <net/vnet.h>
#include <security/audit/audit.h>
+#include <security/mac/mac_framework.h>
#include <vm/uma.h>
#include <vm/vm.h>
@@ -540,6 +542,11 @@
break;
case F_SETFD:
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_FDESC);
+ if (error != 0)
+ break;
+#endif
error = EBADF;
FILEDESC_XLOCK(fdp);
fde = fdeget_noref(fdp, fd);
@@ -628,7 +635,11 @@
error = EINVAL;
break;
}
-
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_FLOCK);
+ if (error != 0)
+ break;
+#endif
error = fget_unlocked(td, fd, &cap_flock_rights, &fp);
if (error != 0)
break;
@@ -734,6 +745,11 @@
break;
case F_GETLK:
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_FLOCK);
+ if (error != 0)
+ break;
+#endif
error = fget_unlocked(td, fd, &cap_flock_rights, &fp);
if (error != 0)
break;
@@ -768,6 +784,11 @@
break;
case F_ADD_SEALS:
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_FLOCK);
+ if (error != 0)
+ break;
+#endif
error = fget_unlocked(td, fd, &cap_no_rights, &fp);
if (error != 0)
break;
@@ -776,6 +797,11 @@
break;
case F_GET_SEALS:
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_FLOCK);
+ if (error != 0)
+ break;
+#endif
error = fget_unlocked(td, fd, &cap_no_rights, &fp);
if (error != 0)
break;
@@ -876,6 +902,11 @@
error = ECAPMODE;
break;
}
+#endif
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_SYSINFO);
+ if (error != 0)
+ break;
#endif
error = copyin((void *)arg, &kif_sz, sizeof(kif_sz));
if (error != 0)
@@ -951,6 +982,11 @@
return (EBADF);
if (new < 0)
return (mode == FDDUP_FCNTL ? EINVAL : EBADF);
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_FDESC);
+ if (error != 0)
+ return (error);
+#endif
maxfd = getmaxfd(td);
if (new >= maxfd)
return (mode == FDDUP_FCNTL ? EINVAL : EBADF);
@@ -1194,6 +1230,12 @@
struct sigio *osigio, *sigio;
int ret;
+#ifdef MAC
+ ret = mac_system_check_syscat(curthread->td_ucred, SY_CAT_FORK);
+ if (ret)
+ return (ret);
+#endif
+
if (pgid == 0) {
funsetown(sigiop);
return (0);
@@ -1992,6 +2034,12 @@
FILEDESC_XLOCK_ASSERT(fdp);
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_FDESC);
+ if (error != 0)
+ return (error);
+#endif
+
if (fdp->fd_freefile > minfd)
minfd = fdp->fd_freefile;
@@ -2871,6 +2919,15 @@
data, ops);
}
+static inline void
+_fget_unveil(struct thread *td, struct file *fp)
+{
+#ifdef MAC
+ if (mac_vnode_walk_needed(td->td_ucred))
+ mac_vnode_walk_start_fp(td->td_ucred, fp, true);
+#endif
+}
+
int
fget_cap_noref(struct filedesc *fdp, int fd, cap_rights_t *needrightsp,
struct file **fpp, struct filecaps *havecapsp)
@@ -2897,6 +2954,7 @@
filecaps_copy(&fde->fde_caps, havecapsp, true);
*fpp = fde->fde_file;
+ _fget_unveil(curthread, *fpp);
error = 0;
out:
@@ -2933,6 +2991,7 @@
}
*fpp = fp;
+ _fget_unveil(td, fp);
return (0);
get_locked:
@@ -3247,6 +3306,7 @@
#endif
const struct fdescenttbl *fdt;
struct file *fp;
+ int error;
#ifdef CAPABILITIES
seqc_t seq;
const cap_rights_t *haverights;
@@ -3288,12 +3348,17 @@
#endif
goto out_fdrop;
*fpp = fp;
- return (0);
+ goto out_success;
out_fdrop:
fdrop(fp, td);
out_fallback:
*fpp = NULL;
- return (fget_unlocked_seq(td, fd, needrightsp, fpp, NULL));
+ error = fget_unlocked_seq(td, fd, needrightsp, fpp, NULL);
+ if (error)
+ return (error);
+out_success:
+ _fget_unveil(curthread, *fpp);
+ return (0);
}
/*
@@ -3333,6 +3398,7 @@
if (__predict_false(error != 0))
return (error);
*fpp = fp;
+ _fget_unveil(curthread, fp);
return (0);
}
#else
@@ -3354,6 +3420,7 @@
MPASS(refcount_load(&fp->f_count) > 0);
*fpp = fp;
+ _fget_unveil(curthread, fp);
return (0);
}
#endif
@@ -3465,6 +3532,7 @@
if (maxprotp != NULL)
*maxprotp = cap_rights_to_vmprot(&fdrights);
*fpp = fp;
+ _fget_unveil(td, fp);
return (0);
#endif
}
@@ -3511,6 +3579,7 @@
return (error);
}
*fpp = fp;
+ _fget_unveil(td, fp);
return (0);
#endif
}
Index: sys/kern/kern_exec.c
===================================================================
--- sys/kern/kern_exec.c
+++ sys/kern/kern_exec.c
@@ -586,6 +586,9 @@
if (credential_changing &&
#ifdef CAPABILITY_MODE
((oldcred->cr_flags & CRED_FLAG_CAPMODE) == 0) &&
+#endif
+#ifdef MAC
+ (imgp->mac_restrictions & IMGACT_MAC_IGNORE_SETID) == 0 &&
#endif
(imgp->vp->v_mount->mnt_flag & MNT_NOSUID) == 0 &&
(p->p_flag & P_TRACED) == 0) {
@@ -660,6 +663,14 @@
goto exec_fail_dealloc;
}
+#ifdef MAC
+ if ((imgp->mac_restrictions & IMGACT_MAC_NO_BINARIES) != 0 &&
+ imgp->interpreted != IMGACT_SHELL) {
+ error = EPERM;
+ goto exec_fail_dealloc;
+ }
+#endif
+
/*
* Special interpreter operation, cleanup and loop up to try to
* activate the interpreter.
@@ -770,6 +781,19 @@
sigacts_copy(newsigacts, oldsigacts);
}
+ if ((imgp->sysent->sv_setid_allowed != NULL &&
+ !(*imgp->sysent->sv_setid_allowed)(td, imgp)) ||
+ (p->p_flag2 & P2_NO_NEW_PRIVS) != 0)
+ execve_nosetid(imgp);
+#ifdef MAC
+ /*
+ * May modify imgp's newcred ((re)allocating it if needed) for
+ * credential alterations unrelated to set[ug]id execution or executed
+ * vnode label transitioning. Must be called without the process lock.
+ */
+ mac_system_execve(oldcred, imgp);
+#endif
+
vn_lock(imgp->vp, LK_SHARED | LK_RETRY);
PROC_LOCK(p);
@@ -809,11 +833,6 @@
signotify(td);
}
- if ((imgp->sysent->sv_setid_allowed != NULL &&
- !(*imgp->sysent->sv_setid_allowed)(td, imgp)) ||
- (p->p_flag2 & P2_NO_NEW_PRIVS) != 0)
- execve_nosetid(imgp);
-
/*
* Implement image setuid/setgid installation.
*/
@@ -1784,6 +1803,7 @@
return (error);
#ifdef MAC
+ imgp->mac_restrictions = 0; /* may be modified by MAC policies */
error = mac_vnode_check_exec(td->td_ucred, imgp->vp, imgp);
if (error)
return (error);
Index: sys/kern/kern_fork.c
===================================================================
--- sys/kern/kern_fork.c
+++ sys/kern/kern_fork.c
@@ -75,6 +75,7 @@
#include <sys/sx.h>
#include <sys/sysent.h>
#include <sys/signalvar.h>
+#include <sys/syscat.h>
#include <security/audit/audit.h>
#include <security/mac/mac_framework.h>
@@ -182,6 +183,11 @@
fr.fr_flags2 = FR2_DROPSIG_CAUGHT;
} else {
fr.fr_flags = uap->flags;
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_RFORK);
+ if (error != 0)
+ return (error);
+#endif
}
fr.fr_pidp = &pid;
error = fork1(td, &fr);
Index: sys/kern/kern_jail.c
===================================================================
--- sys/kern/kern_jail.c
+++ sys/kern/kern_jail.c
@@ -2620,6 +2620,11 @@
if (error)
goto e_revert_osd;
+#ifdef MAC
+ if ((error = mac_vnode_walk_start_vp(td->td_ucred, pr->pr_root,
+ true)) != 0)
+ goto e_revert_osd;
+#endif
vn_lock(pr->pr_root, LK_EXCLUSIVE | LK_RETRY);
if ((error = change_dir(pr->pr_root, td)) != 0)
goto e_unlock;
Index: sys/kern/kern_mib.c
===================================================================
--- sys/kern/kern_mib.c
+++ sys/kern/kern_mib.c
@@ -693,6 +693,9 @@
SYSCTL_INT(_debug_sizeof, OID_AUTO, proc, CTLFLAG_RD,
SYSCTL_NULL_INT_PTR, sizeof(struct proc), "sizeof(struct proc)");
+SYSCTL_INT(_debug_sizeof, OID_AUTO, ucred, CTLFLAG_RD,
+ SYSCTL_NULL_INT_PTR, sizeof(struct ucred), "sizeof(struct ucred)");
+
static int
sysctl_kern_pid_max(SYSCTL_HANDLER_ARGS)
{
Index: sys/kern/kern_proc.c
===================================================================
--- sys/kern/kern_proc.c
+++ sys/kern/kern_proc.c
@@ -1078,6 +1078,8 @@
kp->ki_cr_flags = 0;
if (cred->cr_flags & CRED_FLAG_CAPMODE)
kp->ki_cr_flags |= KI_CRF_CAPABILITY_MODE;
+ if (cred->cr_flags & CRED_FLAG_SYSFILT)
+ kp->ki_cr_flags |= KI_CRF_SYSCALLS_FILTER;
/* XXX bde doesn't like KI_NGROUPS */
if (cred->cr_ngroups > KI_NGROUPS) {
kp->ki_ngroups = KI_NGROUPS;
Index: sys/kern/kern_procctl.c
===================================================================
--- sys/kern/kern_procctl.c
+++ sys/kern/kern_procctl.c
@@ -50,6 +50,8 @@
#include <vm/vm_map.h>
#include <vm/vm_extern.h>
+#include <security/mac/mac_framework.h>
+
static int
protect_setchild(struct thread *td, struct proc *p, int flags)
{
@@ -1030,6 +1032,12 @@
{
PROC_LOCK_ASSERT(p, MA_OWNED);
+#ifdef MAC
+ int error;
+ error = mac_proc_check_procctl(td->td_ucred, p, com, data);
+ if (error)
+ return (error);
+#endif
return (procctl_cmds_info[com].exec(td, p, data));
}
Index: sys/kern/kern_prot.c
===================================================================
--- sys/kern/kern_prot.c
+++ sys/kern/kern_prot.c
@@ -1909,6 +1909,10 @@
__func__, cr->cr_ref, cr));
if (cr->cr_ref > 0) {
mtx_unlock(&cr->cr_mtx);
+#ifdef MAC
+ if ((cr->cr_flags & CRED_FLAG_NEEDTRIM) != 0)
+ mac_cred_trim(cr);
+#endif
return;
}
crfree_final(cr);
@@ -2055,6 +2059,10 @@
__func__, cr->cr_ref, cr));
if (cr->cr_ref > 0) {
mtx_unlock(&cr->cr_mtx);
+#ifdef MAC
+ if ((cr->cr_flags & CRED_FLAG_NEEDTRIM) != 0)
+ mac_cred_trim(cr);
+#endif
return;
}
crfree_final(cr);
@@ -2081,13 +2089,13 @@
prison_free(cr->cr_prison);
if (cr->cr_loginclass != NULL)
loginclass_free(cr->cr_loginclass);
+ mtx_destroy(&cr->cr_mtx);
#ifdef AUDIT
audit_cred_destroy(cr);
#endif
#ifdef MAC
mac_cred_destroy(cr);
#endif
- mtx_destroy(&cr->cr_mtx);
if (cr->cr_groups != cr->cr_smallgroups)
free(cr->cr_groups, M_CRED);
free(cr, M_CRED);
Index: sys/kern/kern_resource.c
===================================================================
--- sys/kern/kern_resource.c
+++ sys/kern/kern_resource.c
@@ -56,6 +56,7 @@
#include <sys/sched.h>
#include <sys/sx.h>
#include <sys/syscallsubr.h>
+#include <sys/syscat.h>
#include <sys/sysctl.h>
#include <sys/sysent.h>
#include <sys/time.h>
@@ -66,6 +67,8 @@
#include <vm/pmap.h>
#include <vm/vm_map.h>
+#include <security/mac/mac_framework.h>
+
static MALLOC_DEFINE(M_PLIMIT, "plimit", "plimit structures");
static MALLOC_DEFINE(M_UIDINFO, "uidinfo", "uidinfo structures");
#define UIHASH(uid) (&uihashtbl[(uid) & uihash])
@@ -330,6 +333,11 @@
PROC_UNLOCK(p);
return (copyout(&rtp, uap->rtp, sizeof(struct rtprio)));
case RTP_SET:
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_SETSCHED);
+ if (error != 0)
+ return (error);
+#endif
if ((error = p_cansched(td, p)) || (error = cierror))
break;
@@ -433,6 +441,11 @@
PROC_UNLOCK(p);
return (copyout(&rtp, uap->rtp, sizeof(struct rtprio)));
case RTP_SET:
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_SETSCHED);
+ if (error != 0)
+ return (error);
+#endif
if ((error = p_cansched(td, p)) || (error = cierror))
break;
@@ -664,6 +677,11 @@
if (which >= RLIM_NLIMITS)
return (EINVAL);
+#ifdef MAC
+ if ((error = mac_system_check_syscat(td->td_ucred, SY_CAT_SETRLIMIT)) != 0)
+ return (error);
+#endif
+
/*
* Preserve historical bugs by treating negative limits as unsigned.
*/
Index: sys/kern/kern_syscalls.c
===================================================================
--- sys/kern/kern_syscalls.c
+++ sys/kern/kern_syscalls.c
@@ -116,7 +116,7 @@
{
int i;
- if ((flags & ~SY_THR_STATIC) != 0)
+ if ((flags & ~(SY_THR_STATIC | SY_HLP_PRESERVE_SYFLAGS)) != 0)
return (EINVAL);
if (*offset == NO_SYSCALL) {
@@ -139,8 +139,11 @@
("dynamic syscall is not protected"));
*old_sysent = sysents[*offset];
new_sysent->sy_thrcnt = SY_THR_ABSENT;
+ if ((flags & SY_HLP_PRESERVE_SYFLAGS) != 0)
+ new_sysent->sy_flags = old_sysent->sy_flags;
sysents[*offset] = *new_sysent;
- atomic_store_rel_32(&sysents[*offset].sy_thrcnt, flags);
+ atomic_store_rel_32(&sysents[*offset].sy_thrcnt,
+ (flags & SY_THR_STATIC));
return (0);
}
Index: sys/kern/kern_sysctl.c
===================================================================
--- sys/kern/kern_sysctl.c
+++ sys/kern/kern_sysctl.c
@@ -64,6 +64,7 @@
#include <sys/sx.h>
#include <sys/sysproto.h>
#include <sys/uio.h>
+#include <sys/eventhandler.h>
#ifdef KTRACE
#include <sys/ktrace.h>
#endif
@@ -84,6 +85,9 @@
static MALLOC_DEFINE(M_SYSCTLOID, "sysctloid", "sysctl dynamic oids");
static MALLOC_DEFINE(M_SYSCTLTMP, "sysctltmp", "sysctl temp output buffer");
+EVENTHANDLER_LIST_DEFINE(sysctl_register_oid);
+EVENTHANDLER_LIST_DEFINE(sysctl_unregister_oid);
+
/*
* The sysctllock protects the MIB tree. It also protects sysctl
* contexts used with dynamic sysctls. The sysctl_register_oid() and
@@ -520,6 +524,8 @@
/* try to fetch value from kernel environment */
sysctl_load_tunable_by_oid_locked(oidp);
}
+ if (EVENTHANDLER_LIST_IS_READY(sysctl_register_oid))
+ EVENTHANDLER_DIRECT_INVOKE(sysctl_register_oid, oidp);
}
void
@@ -574,6 +580,9 @@
}
}
+ if (EVENTHANDLER_LIST_IS_READY(sysctl_unregister_oid))
+ EVENTHANDLER_DIRECT_INVOKE(sysctl_unregister_oid, oidp);
+
/*
* This can happen when a module fails to register and is
* being unloaded afterwards. It should not be a panic()
@@ -2202,6 +2211,15 @@
return (ENOENT);
}
+void
+sysctl_call_with_rlock(void (*cb)(void *ctx), void *ctx)
+{
+ struct rm_priotracker tracker;
+ SYSCTL_RLOCK(&tracker);
+ cb(ctx);
+ SYSCTL_RUNLOCK(&tracker);
+}
+
/*
* Traverse our tree, and find the right node, execute whatever it points
* to, and return the resulting error code.
Index: sys/kern/kern_thread.c
===================================================================
--- sys/kern/kern_thread.c
+++ sys/kern/kern_thread.c
@@ -89,9 +89,9 @@
"struct thread KBI td_flags");
_Static_assert(offsetof(struct thread, td_pflags) == 0x110,
"struct thread KBI td_pflags");
-_Static_assert(offsetof(struct thread, td_frame) == 0x4a8,
+_Static_assert(offsetof(struct thread, td_frame) == 0x4b0,
"struct thread KBI td_frame");
-_Static_assert(offsetof(struct thread, td_emuldata) == 0x6b0,
+_Static_assert(offsetof(struct thread, td_emuldata) == 0x6c0,
"struct thread KBI td_emuldata");
_Static_assert(offsetof(struct proc, p_flag) == 0xb8,
"struct proc KBI p_flag");
@@ -99,9 +99,9 @@
"struct proc KBI p_pid");
_Static_assert(offsetof(struct proc, p_filemon) == 0x3c8,
"struct proc KBI p_filemon");
-_Static_assert(offsetof(struct proc, p_comm) == 0x3e0,
+_Static_assert(offsetof(struct proc, p_comm) == 0x3e8,
"struct proc KBI p_comm");
-_Static_assert(offsetof(struct proc, p_emuldata) == 0x4c8,
+_Static_assert(offsetof(struct proc, p_emuldata) == 0x4d0,
"struct proc KBI p_emuldata");
#endif
#ifdef __i386__
@@ -109,9 +109,9 @@
"struct thread KBI td_flags");
_Static_assert(offsetof(struct thread, td_pflags) == 0xa4,
"struct thread KBI td_pflags");
-_Static_assert(offsetof(struct thread, td_frame) == 0x308,
+_Static_assert(offsetof(struct thread, td_frame) == 0x30c,
"struct thread KBI td_frame");
-_Static_assert(offsetof(struct thread, td_emuldata) == 0x34c,
+_Static_assert(offsetof(struct thread, td_emuldata) == 0x350,
"struct thread KBI td_emuldata");
_Static_assert(offsetof(struct proc, p_flag) == 0x6c,
"struct proc KBI p_flag");
@@ -119,9 +119,9 @@
"struct proc KBI p_pid");
_Static_assert(offsetof(struct proc, p_filemon) == 0x270,
"struct proc KBI p_filemon");
-_Static_assert(offsetof(struct proc, p_comm) == 0x284,
+_Static_assert(offsetof(struct proc, p_comm) == 0x288,
"struct proc KBI p_comm");
-_Static_assert(offsetof(struct proc, p_emuldata) == 0x310,
+_Static_assert(offsetof(struct proc, p_emuldata) == 0x314,
"struct proc KBI p_emuldata");
#endif
Index: sys/kern/subr_syscall.c
===================================================================
--- sys/kern/subr_syscall.c
+++ sys/kern/subr_syscall.c
@@ -53,6 +53,7 @@
#include <sys/ktrace.h>
#endif
#include <security/audit/audit.h>
+#include <security/mac/mac_framework.h>
static inline void
syscallenter(struct thread *td)
@@ -129,6 +130,14 @@
}
#endif
+#ifdef MAC
+ error = mac_system_check_sysent(td->td_ucred, se);
+ if (__predict_false(error != 0)) {
+ td->td_errno = error;
+ goto retval;
+ }
+#endif
+
/*
* Fetch fast sigblock value at the time of syscall entry to
* handle sleepqueue primitives which might call cursig().
@@ -220,6 +229,8 @@
p = td->td_proc;
sa = &td->td_sa;
+
+ /* Handle special errnos that should trigger signals to be sent. */
if (__predict_false(td->td_errno == ENOTCAPABLE ||
td->td_errno == ECAPMODE)) {
if ((trap_enotcap ||
@@ -231,6 +242,14 @@
ksi.ksi_info.si_syscall = sa->original_code;
trapsignal(td, &ksi);
}
+ } else if (__predict_false(td->td_errno == EMACTRAP ||
+ td->td_errno == EMACKILL)) {
+ ksiginfo_init_trap(&ksi);
+ ksi.ksi_signo = td->td_errno == EMACTRAP ? SIGTRAP : SIGKILL;
+ ksi.ksi_code = SI_MAC;
+ ksi.ksi_info.si_syscall = sa->original_code;
+ ksi.ksi_errno = td->td_errno = EPERM;
+ trapsignal(td, &ksi);
}
/*
Index: sys/kern/sys_generic.c
===================================================================
--- sys/kern/sys_generic.c
+++ sys/kern/sys_generic.c
@@ -77,6 +77,7 @@
#endif
#include <security/audit/audit.h>
+#include <security/mac/mac_framework.h>
/*
* The following macro defines how many bytes will be allocated from
@@ -771,6 +772,11 @@
fp = NULL;
goto out;
}
+#endif
+#ifdef MAC
+ error = mac_generic_check_ioctl(td->td_ucred, fp, com, data);
+ if (error)
+ goto out;
#endif
if ((fp->f_flag & (FREAD | FWRITE)) == 0) {
error = EBADF;
Index: sys/kern/syscalls.master
===================================================================
--- sys/kern/syscalls.master
+++ sys/kern/syscalls.master
@@ -52,6 +52,8 @@
; SYSMUX syscall multiplexer. No prototype, argument struct, or
; handler is declared or used. Handled in MD syscall code.
; CAPENABLED syscall is allowed in capability mode
+; CAT_* syscall category for MAC framework syscall filtering.
+; See sys/syscat.h
;
; To support programmatic generation of both the default ABI and 32-bit compat
; (freebsd32) we impose a number of restrictions on the types of system calls.
@@ -113,6 +115,7 @@
#include <sys/param.h>
#include <sys/sysent.h>
#include <sys/sysproto.h>
+#include <sys/syscat.h>
%%ABI_HEADERS%%
0 AUE_NULL SYSMUX {
@@ -121,29 +124,29 @@
...
);
}
-1 AUE_EXIT STD|CAPENABLED {
+1 AUE_EXIT STD|CAT_EXIT|CAPENABLED {
void exit(
int rval
);
}
-2 AUE_FORK STD|CAPENABLED {
+2 AUE_FORK STD|CAT_FORK|CAPENABLED {
int fork(void);
}
-3 AUE_READ STD|CAPENABLED {
+3 AUE_READ STD|CAT_GENIO|CAPENABLED {
ssize_t read(
int fd,
_Out_writes_bytes_(nbyte) void *buf,
size_t nbyte
);
}
-4 AUE_WRITE STD|CAPENABLED {
+4 AUE_WRITE STD|CAT_GENIO|CAPENABLED {
ssize_t write(
int fd,
_In_reads_bytes_(nbyte) const void *buf,
size_t nbyte
);
}
-5 AUE_OPEN_RWTC STD {
+5 AUE_OPEN_RWTC STD|CAT_PATH {
int open(
_In_z_ const char *path,
int flags,
@@ -152,12 +155,12 @@
}
; XXX should be { int open(const char *path, int flags, ...); }
; but we're not ready for varargs.
-6 AUE_CLOSE STD|CAPENABLED {
+6 AUE_CLOSE STD|CAT_GENIO|CAPENABLED {
int close(
int fd
);
}
-7 AUE_WAIT4 STD {
+7 AUE_WAIT4 STD|CAT_WAIT {
int wait4(
int pid,
_Out_opt_ int *status,
@@ -165,77 +168,77 @@
_Out_opt_ _Contains_long_timet_ struct rusage *rusage
);
}
-8 AUE_CREAT COMPAT {
+8 AUE_CREAT COMPAT|CAT_WRITE_PATH {
int creat(
_In_z_ const char *path,
int mode
);
}
-9 AUE_LINK STD {
+9 AUE_LINK STD|CAT_CREATE_PATH {
int link(
_In_z_ const char *path,
_In_z_ const char *link
);
}
-10 AUE_UNLINK STD {
+10 AUE_UNLINK STD|CAT_DELETE_PATH {
int unlink(
_In_z_ const char *path
);
}
11 AUE_NULL OBSOL execv
-12 AUE_CHDIR STD {
+12 AUE_CHDIR STD|CAT_PATH {
int chdir(
_In_z_ const char *path
);
}
-13 AUE_FCHDIR STD {
+13 AUE_FCHDIR STD|CAT_PATH {
int fchdir(
int fd
);
}
-14 AUE_MKNOD COMPAT11 {
+14 AUE_MKNOD COMPAT11|CAT_CREATE_PATH {
int mknod(
_In_z_ const char *path,
int mode,
uint32_t dev
);
}
-15 AUE_CHMOD STD {
+15 AUE_CHMOD STD|CAT_FATTR_PATH {
int chmod(
_In_z_ const char *path,
mode_t mode
);
}
-16 AUE_CHOWN STD {
+16 AUE_CHOWN STD|CAT_FATTR_PATH {
int chown(
_In_z_ const char *path,
int uid,
int gid
);
}
-17 AUE_NULL STD|CAPENABLED {
+17 AUE_NULL STD|CAT_MMAN|CAPENABLED {
void *break(
_In_ char *nsize
);
}
-18 AUE_GETFSSTAT COMPAT4 {
+18 AUE_GETFSSTAT COMPAT4|CAT_GETFSSTAT {
int getfsstat(
_Out_writes_bytes_opt_(bufsize) _Contains_long_ struct ostatfs *buf,
long bufsize,
int mode
);
}
-19 AUE_LSEEK COMPAT|CAPENABLED {
+19 AUE_LSEEK COMPAT|CAT_GENIO|CAPENABLED {
long lseek(
int fd,
long offset,
int whence
);
}
-20 AUE_GETPID STD|CAPENABLED {
+20 AUE_GETPID STD|CAT_STATUS|CAPENABLED {
pid_t getpid(void);
}
-21 AUE_MOUNT STD {
+21 AUE_MOUNT STD|CAT_MOUNT {
int mount(
_In_z_ const char *type,
_In_z_ const char *path,
@@ -243,24 +246,24 @@
_In_opt_ void *data
);
}
-22 AUE_UMOUNT STD {
+22 AUE_UMOUNT STD|CAT_MOUNT {
int unmount(
_In_z_ const char *path,
int flags
);
}
-23 AUE_SETUID STD|CAPENABLED {
+23 AUE_SETUID STD|CAT_SETCRED|CAPENABLED {
int setuid(
uid_t uid
);
}
-24 AUE_GETUID STD|CAPENABLED {
+24 AUE_GETUID STD|CAT_GETCRED|CAPENABLED {
uid_t getuid(void);
}
-25 AUE_GETEUID STD|CAPENABLED {
+25 AUE_GETEUID STD|CAT_GETCRED|CAPENABLED {
uid_t geteuid(void);
}
-26 AUE_PTRACE STD {
+26 AUE_PTRACE STD|CAT_TRACE {
int ptrace(
int req,
pid_t pid,
@@ -268,21 +271,21 @@
int data
);
}
-27 AUE_RECVMSG STD|CAPENABLED {
+27 AUE_RECVMSG STD|CAT_SOCKIO|CAPENABLED {
ssize_t recvmsg(
int s,
_Inout_ _Contains_ptr_ struct msghdr *msg,
int flags
);
}
-28 AUE_SENDMSG STD|CAPENABLED {
+28 AUE_SENDMSG STD|CAT_SOCKIO|CAPENABLED {
ssize_t sendmsg(
int s,
_In_ _Contains_ptr_ const struct msghdr *msg,
int flags
);
}
-29 AUE_RECVFROM STD|CAPENABLED {
+29 AUE_RECVFROM STD|CAT_SOCKIO|CAPENABLED {
ssize_t recvfrom(
int s,
_Out_writes_bytes_(len) void *buf,
@@ -292,81 +295,81 @@
_Inout_opt_ __socklen_t *fromlenaddr
);
}
-30 AUE_ACCEPT STD|CAPENABLED {
+30 AUE_ACCEPT STD|CAT_SOCK|CAPENABLED {
int accept(
int s,
_Out_writes_bytes_opt_(*anamelen) struct sockaddr *name,
_Inout_opt_ __socklen_t *anamelen
);
}
-31 AUE_GETPEERNAME STD|CAPENABLED {
+31 AUE_GETPEERNAME STD|CAT_SOCK|CAPENABLED {
int getpeername(
int fdes,
_Out_writes_bytes_(*alen) struct sockaddr *asa,
_Inout_opt_ __socklen_t *alen
);
}
-32 AUE_GETSOCKNAME STD|CAPENABLED {
+32 AUE_GETSOCKNAME STD|CAT_SOCK|CAPENABLED {
int getsockname(
int fdes,
_Out_writes_bytes_(*alen) struct sockaddr *asa,
_Inout_ __socklen_t *alen
);
}
-33 AUE_ACCESS STD {
+33 AUE_ACCESS STD|CAT_PATH {
int access(
_In_z_ const char *path,
int amode
);
}
-34 AUE_CHFLAGS STD {
+34 AUE_CHFLAGS STD|CAT_FATTR_PATH {
int chflags(
_In_z_ const char *path,
u_long flags
);
}
-35 AUE_FCHFLAGS STD|CAPENABLED {
+35 AUE_FCHFLAGS STD|CAT_FATTR|CAPENABLED {
int fchflags(
int fd,
u_long flags
);
}
-36 AUE_SYNC STD|CAPENABLED {
+36 AUE_SYNC STD|CAT_WRITE_PATH|CAPENABLED {
int sync(void);
}
-37 AUE_KILL STD|CAPENABLED {
+37 AUE_KILL STD|CAT_SIGSEND|CAPENABLED {
int kill(
int pid,
int signum
);
}
-38 AUE_STAT COMPAT {
+38 AUE_STAT COMPAT|CAT_STAT_PATH {
int stat(
_In_z_ const char *path,
_Out_ _Contains_timet_ struct ostat *ub
);
}
-39 AUE_GETPPID STD|CAPENABLED {
+39 AUE_GETPPID STD|CAT_STATUS|CAPENABLED {
pid_t getppid(void);
}
-40 AUE_LSTAT COMPAT {
+40 AUE_LSTAT COMPAT|CAT_STAT_PATH {
int lstat(
_In_z_ const char *path,
_Out_ _Contains_timet_ struct ostat *ub
);
}
-41 AUE_DUP STD|CAPENABLED {
+41 AUE_DUP STD|CAT_FDESC|CAPENABLED {
int dup(
u_int fd
);
}
-42 AUE_PIPE COMPAT10|CAPENABLED {
+42 AUE_PIPE COMPAT10|CAT_PIPE|CAPENABLED {
int pipe(void);
}
-43 AUE_GETEGID STD|CAPENABLED {
+43 AUE_GETEGID STD|CAT_GETCRED|CAPENABLED {
gid_t getegid(void);
}
-44 AUE_PROFILE STD|CAPENABLED {
+44 AUE_PROFILE STD|CAT_PROCCTL|CAPENABLED {
int profil(
_Out_writes_bytes_(size) char *samples,
size_t size,
@@ -374,7 +377,7 @@
u_int scale
);
}
-45 AUE_KTRACE STD {
+45 AUE_KTRACE STD|CAT_TRACE {
int ktrace(
_In_z_ const char *fname,
int ops,
@@ -382,17 +385,17 @@
int pid
);
}
-46 AUE_SIGACTION COMPAT|CAPENABLED {
+46 AUE_SIGACTION COMPAT|CAT_SIGHAND|CAPENABLED {
int sigaction(
int signum,
_In_opt_ _Contains_ptr_ struct osigaction *nsa,
_Out_opt_ _Contains_ptr_ struct osigaction *osa
);
}
-47 AUE_GETGID STD|CAPENABLED {
+47 AUE_GETGID STD|CAT_GETCRED|CAPENABLED {
gid_t getgid(void);
}
-48 AUE_SIGPROCMASK COMPAT|CAPENABLED {
+48 AUE_SIGPROCMASK COMPAT|CAT_SIGMASK|CAPENABLED {
int sigprocmask(
int how,
osigset_t mask
@@ -401,85 +404,85 @@
; XXX note nonstandard (bogus) calling convention - the libc stub passes
; us the mask, not a pointer to it, and we return the old mask as the
; (int) return value.
-49 AUE_GETLOGIN STD|CAPENABLED {
+49 AUE_GETLOGIN STD|CAT_GETCRED|CAPENABLED {
int getlogin(
_Out_writes_z_(namelen) char *namebuf,
u_int namelen
);
}
-50 AUE_SETLOGIN STD {
+50 AUE_SETLOGIN STD|CAT_SETCRED {
int setlogin(
_In_z_ const char *namebuf
);
}
-51 AUE_ACCT STD {
+51 AUE_ACCT STD|CAT_SYSMGMT {
int acct(
_In_z_ const char *path
);
}
-52 AUE_SIGPENDING COMPAT|CAPENABLED {
+52 AUE_SIGPENDING COMPAT|CAT_SIGWAIT|CAPENABLED {
int sigpending(void);
}
-53 AUE_SIGALTSTACK STD|CAPENABLED {
+53 AUE_SIGALTSTACK STD|CAT_SIGHAND|CAPENABLED {
int sigaltstack(
_In_opt_ _Contains_long_ptr_ const struct sigaltstack *ss,
_Out_opt_ _Contains_long_ptr_ struct sigaltstack *oss
);
}
-54 AUE_IOCTL STD|CAPENABLED {
+54 AUE_IOCTL STD|CAT_IOCTL|CAPENABLED {
int ioctl(
int fd,
u_long com,
_Inout_opt_ _Contains_long_ptr_ char *data
);
}
-55 AUE_REBOOT STD {
+55 AUE_REBOOT STD|CAT_SYSMGMT {
int reboot(
int opt
);
}
-56 AUE_REVOKE STD {
+56 AUE_REVOKE STD|CAT_TTYMGMT {
int revoke(
_In_z_ const char *path
);
}
-57 AUE_SYMLINK STD {
+57 AUE_SYMLINK STD|CAT_CREATE_PATH {
int symlink(
_In_z_ const char *path,
_In_z_ const char *link
);
}
-58 AUE_READLINK STD {
+58 AUE_READLINK STD|CAT_READ_PATH {
ssize_t readlink(
_In_z_ const char *path,
_Out_writes_z_(count) char *buf,
size_t count
);
}
-59 AUE_EXECVE STD {
+59 AUE_EXECVE STD|CAT_EXEC_PATH {
int execve(
_In_z_ const char *fname,
_In_z_ char **argv,
_In_z_ char **envv
);
}
-60 AUE_UMASK STD|CAPENABLED {
+60 AUE_UMASK STD|CAT_FDESC|CAPENABLED {
mode_t umask(
mode_t newmask
);
}
-61 AUE_CHROOT STD {
+61 AUE_CHROOT STD|CAT_CHROOT {
int chroot(
_In_z_ const char *path
);
}
-62 AUE_FSTAT COMPAT|CAPENABLED {
+62 AUE_FSTAT COMPAT|CAT_GENIO|CAPENABLED {
int fstat(
int fd,
_Out_ _Contains_timet_ struct ostat *sb
);
}
-63 AUE_NULL COMPAT {
+63 AUE_NULL COMPAT|CAT_SYSINFO {
int getkerninfo(
int op,
_Out_writes_bytes_opt(*size) char *where,
@@ -487,32 +490,32 @@
int arg
);
}
-64 AUE_NULL COMPAT|CAPENABLED {
+64 AUE_NULL COMPAT|CAT_SYSINFO|CAPENABLED {
int getpagesize(void);
}
-65 AUE_MSYNC STD|CAPENABLED {
+65 AUE_MSYNC STD|CAT_MMAN|CAPENABLED {
int msync(
_In_ void *addr,
size_t len,
int flags
);
}
-66 AUE_VFORK STD {
+66 AUE_VFORK STD|CAT_FORK {
int vfork(void);
}
67 AUE_NULL OBSOL vread
68 AUE_NULL OBSOL vwrite
-69 AUE_SBRK STD|CAPENABLED {
+69 AUE_SBRK STD|CAT_MMAN|CAPENABLED {
int sbrk(
int incr
);
}
-70 AUE_SSTK STD|CAPENABLED {
+70 AUE_SSTK STD|CAT_MMAN|CAPENABLED {
int sstk(
int incr
);
}
-71 AUE_MMAP COMPAT|CAPENABLED {
+71 AUE_MMAP COMPAT|CAT_MMAN|CAPENABLED {
void *mmap(
_In_ void *addr,
int len,
@@ -522,25 +525,25 @@
long pos
);
}
-72 AUE_O_VADVISE COMPAT11 {
+72 AUE_O_VADVISE COMPAT11|CAT_MMAN {
int vadvise(
int anom
);
}
-73 AUE_MUNMAP STD|CAPENABLED {
+73 AUE_MUNMAP STD|CAT_MMAN|CAPENABLED {
int munmap(
_In_ void *addr,
size_t len
);
}
-74 AUE_MPROTECT STD|CAPENABLED {
+74 AUE_MPROTECT STD|CAT_MMAN|CAPENABLED {
int mprotect(
_In_ void *addr,
size_t len,
int prot
);
}
-75 AUE_MADVISE STD|CAPENABLED {
+75 AUE_MADVISE STD|CAT_MMAN|CAPENABLED {
int madvise(
_In_ void *addr,
size_t len,
@@ -549,78 +552,78 @@
}
76 AUE_NULL OBSOL vhangup
77 AUE_NULL OBSOL vlimit
-78 AUE_MINCORE STD|CAPENABLED {
+78 AUE_MINCORE STD|CAT_MMAN|CAPENABLED {
int mincore(
_In_ const void *addr,
size_t len,
_Out_writes_bytes_(len/PAGE_SIZE) char *vec
);
}
-79 AUE_GETGROUPS STD|CAPENABLED {
+79 AUE_GETGROUPS STD|CAT_GETCRED|CAPENABLED {
int getgroups(
int gidsetsize,
_Out_writes_opt_(gidsetsize) gid_t *gidset
);
}
-80 AUE_SETGROUPS STD {
+80 AUE_SETGROUPS STD|CAT_SETCRED {
int setgroups(
int gidsetsize,
_In_reads_(gidsetsize) const gid_t *gidset
);
}
-81 AUE_GETPGRP STD|CAPENABLED {
+81 AUE_GETPGRP STD|CAT_STATUS|CAPENABLED {
int getpgrp(void);
}
-82 AUE_SETPGRP STD {
+82 AUE_SETPGRP STD|CAT_FORK {
int setpgid(
int pid,
int pgid
);
}
-83 AUE_SETITIMER STD|CAPENABLED {
+83 AUE_SETITIMER STD|CAT_TIMER|CAPENABLED {
int setitimer(
int which,
_In_ _Contains_timet_ const struct itimerval *itv,
_Out_opt_ _Contains_timet_ struct itimerval *oitv
);
}
-84 AUE_WAIT4 COMPAT {
+84 AUE_WAIT4 COMPAT|CAT_WAIT {
int wait(void);
}
-85 AUE_SWAPON STD {
+85 AUE_SWAPON STD|CAT_SYSMGMT {
int swapon(
_In_z_ const char *name
);
}
-86 AUE_GETITIMER STD|CAPENABLED {
+86 AUE_GETITIMER STD|CAT_TIMER|CAPENABLED {
int getitimer(
int which,
_Out_ _Contains_timet_ struct itimerval *itv
);
}
-87 AUE_SYSCTL COMPAT|CAPENABLED {
+87 AUE_SYSCTL COMPAT|CAT_SYSINFO|CAPENABLED {
int gethostname(
_Out_writes_z_(len) char *hostname,
u_int len
);
}
-88 AUE_SYSCTL COMPAT {
+88 AUE_SYSCTL COMPAT|CAT_SYSMGMT {
int sethostname(
_In_reads_z_(len) char *hostname,
u_int len
);
}
-89 AUE_GETDTABLESIZE STD|CAPENABLED {
+89 AUE_GETDTABLESIZE STD|CAT_FDESC|CAPENABLED {
int getdtablesize(void);
}
-90 AUE_DUP2 STD|CAPENABLED {
+90 AUE_DUP2 STD|CAT_FDESC|CAPENABLED {
int dup2(
u_int from,
u_int to
);
}
91 AUE_NULL RESERVED
-92 AUE_FCNTL STD|CAPENABLED {
+92 AUE_FCNTL STD|CAT_GENIO|CAPENABLED {
int fcntl(
int fd,
int cmd,
@@ -629,7 +632,7 @@
}
; XXX should be { int fcntl(int fd, int cmd, ...); }
; but we're not ready for varargs.
-93 AUE_SELECT STD|CAPENABLED {
+93 AUE_SELECT STD|CAT_POLL|CAPENABLED {
int select(
int nd,
_Inout_opt_ fd_set *in,
@@ -639,46 +642,46 @@
);
}
94 AUE_NULL RESERVED
-95 AUE_FSYNC STD|CAPENABLED {
+95 AUE_FSYNC STD|CAT_GENIO|CAPENABLED {
int fsync(
int fd
);
}
-96 AUE_SETPRIORITY STD|CAPENABLED {
+96 AUE_SETPRIORITY STD|CAT_SETSCHED|CAPENABLED {
int setpriority(
int which,
int who,
int prio
);
}
-97 AUE_SOCKET STD|CAPENABLED {
+97 AUE_SOCKET STD|CAT_SOCK|CAPENABLED {
int socket(
int domain,
int type,
int protocol
);
}
-98 AUE_CONNECT STD {
+98 AUE_CONNECT STD|CAT_SOCK {
int connect(
int s,
_In_reads_bytes_(namelen) const struct sockaddr *name,
__socklen_t namelen
);
}
-99 AUE_ACCEPT COMPAT|CAPENABLED {
+99 AUE_ACCEPT COMPAT|CAT_SOCK|CAPENABLED {
int accept(
int s,
_Out_writes_bytes_opt_(*anamelen) struct sockaddr *name,
__socklen_t *anamelen
);
}
-100 AUE_GETPRIORITY STD|CAPENABLED {
+100 AUE_GETPRIORITY STD|CAT_GETSCHED|CAPENABLED {
int getpriority(
int which,
int who
);
}
-101 AUE_SEND COMPAT|CAPENABLED {
+101 AUE_SEND COMPAT|CAT_SOCKIO|CAPENABLED {
int send(
int s,
_In_reads_bytes_(len) const void *buf,
@@ -686,7 +689,7 @@
int flags
);
}
-102 AUE_RECV COMPAT|CAPENABLED {
+102 AUE_RECV COMPAT|CAT_SOCKIO|CAPENABLED {
int recv(
int s,
_Out_writes_bytes_(len) void *buf,
@@ -694,19 +697,19 @@
int flags
);
}
-103 AUE_SIGRETURN COMPAT|CAPENABLED {
+103 AUE_SIGRETURN COMPAT|CAT_CORE|CAPENABLED {
int sigreturn(
_In_ struct osigcontext *sigcntxp
);
}
-104 AUE_BIND STD {
+104 AUE_BIND STD|CAT_SOCK {
int bind(
int s,
_In_reads_bytes_(namelen) const struct sockaddr *name,
__socklen_t namelen
);
}
-105 AUE_SETSOCKOPT STD|CAPENABLED {
+105 AUE_SETSOCKOPT STD|CAT_SOCKIO|CAPENABLED {
int setsockopt(
int s,
int level,
@@ -715,51 +718,51 @@
__socklen_t valsize
);
}
-106 AUE_LISTEN STD|CAPENABLED {
+106 AUE_LISTEN STD|CAT_SOCK|CAPENABLED {
int listen(
int s,
int backlog
);
}
107 AUE_NULL OBSOL vtimes
-108 AUE_NULL COMPAT|CAPENABLED {
+108 AUE_NULL COMPAT|CAT_SIGHAND|CAPENABLED {
int sigvec(
int signum,
_In_opt_ _Contains_ptr_ struct sigvec *nsv,
_Out_opt_ _Contains_ptr_ struct sigvec *osv
);
}
-109 AUE_NULL COMPAT|CAPENABLED {
+109 AUE_NULL COMPAT|CAT_SIGMASK|CAPENABLED {
int sigblock(
int mask
);
}
-110 AUE_NULL COMPAT|CAPENABLED {
+110 AUE_NULL COMPAT|CAT_SIGMASK|CAPENABLED {
int sigsetmask(
int mask
);
}
-111 AUE_NULL COMPAT|CAPENABLED {
+111 AUE_NULL COMPAT|CAT_SIGMASK|CAPENABLED {
int sigsuspend(
osigset_t mask
);
}
; XXX note nonstandard (bogus) calling convention - the libc stub passes
; us the mask, not a pointer to it.
-112 AUE_NULL COMPAT|CAPENABLED {
+112 AUE_NULL COMPAT|CAT_SIGHAND|CAPENABLED {
int sigstack(
_In_opt_ _Contains_ptr_ struct sigstack *nss,
_Out_opt_ _Contains_ptr_ struct sigstack *oss
);
}
-113 AUE_RECVMSG COMPAT|CAPENABLED {
+113 AUE_RECVMSG COMPAT|CAT_SOCKIO|CAPENABLED {
int recvmsg(
int s,
_Inout_ _Contains_ptr_ struct omsghdr *msg,
int flags
);
}
-114 AUE_SENDMSG COMPAT|CAPENABLED {
+114 AUE_SENDMSG COMPAT|CAT_SOCKIO|CAPENABLED {
int sendmsg(
int s,
_In_ _Contains_ptr_ const struct omsghdr *msg,
@@ -767,19 +770,19 @@
);
}
115 AUE_NULL OBSOL vtrace
-116 AUE_GETTIMEOFDAY STD|CAPENABLED {
+116 AUE_GETTIMEOFDAY STD|CAT_CLOCK|CAPENABLED {
int gettimeofday(
_Out_ _Contains_long_timet_ struct timeval *tp,
_Out_opt_ struct timezone *tzp
);
}
-117 AUE_GETRUSAGE STD|CAPENABLED {
+117 AUE_GETRUSAGE STD|CAT_STATUS|CAPENABLED {
int getrusage(
int who,
_Out_ _Contains_long_ struct rusage *rusage
);
}
-118 AUE_GETSOCKOPT STD|CAPENABLED {
+118 AUE_GETSOCKOPT STD|CAT_SOCKIO|CAPENABLED {
int getsockopt(
int s,
int level,
@@ -789,40 +792,40 @@
);
}
119 AUE_NULL RESERVED
-120 AUE_READV STD|CAPENABLED {
+120 AUE_READV STD|CAT_GENIO|CAPENABLED {
int readv(
int fd,
_Inout_updates_(iovcnt) _Contains_long_ptr_ struct iovec *iovp,
u_int iovcnt
);
}
-121 AUE_WRITEV STD|CAPENABLED {
+121 AUE_WRITEV STD|CAT_GENIO|CAPENABLED {
int writev(
int fd,
_In_reads_opt_(iovcnt) _Contains_long_ptr_ struct iovec *iovp,
u_int iovcnt
);
}
-122 AUE_SETTIMEOFDAY STD {
+122 AUE_SETTIMEOFDAY STD|CAT_SETTIME {
int settimeofday(
_In_ _Contains_long_timet_ const struct timeval *tv,
_In_opt_ const struct timezone *tzp
);
}
-123 AUE_FCHOWN STD|CAPENABLED {
+123 AUE_FCHOWN STD|CAT_FATTR|CAPENABLED {
int fchown(
int fd,
int uid,
int gid
);
}
-124 AUE_FCHMOD STD|CAPENABLED {
+124 AUE_FCHMOD STD|CAT_FATTR|CAPENABLED {
int fchmod(
int fd,
mode_t mode
);
}
-125 AUE_RECVFROM COMPAT|CAPENABLED {
+125 AUE_RECVFROM COMPAT|CAT_SOCKIO|CAPENABLED {
int recvfrom(
int s,
_Out_writes_(len) void *buf,
@@ -832,49 +835,49 @@
_Inout_ __socklen_t *fromlenaddr
);
}
-126 AUE_SETREUID STD|CAPENABLED {
+126 AUE_SETREUID STD|CAT_SETCRED|CAPENABLED {
int setreuid(
int ruid,
int euid
);
}
-127 AUE_SETREGID STD|CAPENABLED {
+127 AUE_SETREGID STD|CAT_SETCRED|CAPENABLED {
int setregid(
int rgid,
int egid
);
}
-128 AUE_RENAME STD {
+128 AUE_RENAME STD|CAT_RENAME_PATH {
int rename(
_In_z_ const char *from,
_In_z_ const char *to
);
}
-129 AUE_TRUNCATE COMPAT {
+129 AUE_TRUNCATE COMPAT|CAT_WRITE_PATH {
int truncate(
_In_z_ const char *path,
long length
);
}
-130 AUE_FTRUNCATE COMPAT|CAPENABLED {
+130 AUE_FTRUNCATE COMPAT|CAT_GENIO|CAPENABLED {
int ftruncate(
int fd,
long length
);
}
-131 AUE_FLOCK STD|CAPENABLED {
+131 AUE_FLOCK STD|CAT_FLOCK|CAPENABLED {
int flock(
int fd,
int how
);
}
-132 AUE_MKFIFO STD {
+132 AUE_MKFIFO STD|CAT_CREATE_PATH {
int mkfifo(
_In_z_ const char *path,
mode_t mode
);
}
-133 AUE_SENDTO STD|CAPENABLED {
+133 AUE_SENDTO STD|CAT_SOCKIO|CAPENABLED {
ssize_t sendto(
int s,
_In_reads_bytes_(len) const void *buf,
@@ -884,13 +887,13 @@
__socklen_t tolen
);
}
-134 AUE_SHUTDOWN STD|CAPENABLED {
+134 AUE_SHUTDOWN STD|CAT_SOCKIO|CAPENABLED {
int shutdown(
int s,
int how
);
}
-135 AUE_SOCKETPAIR STD|CAPENABLED {
+135 AUE_SOCKETPAIR STD|CAT_PIPE|CAPENABLED {
int socketpair(
int domain,
int type,
@@ -898,67 +901,67 @@
_Out_writes_(2) int *rsv
);
}
-136 AUE_MKDIR STD {
+136 AUE_MKDIR STD|CAT_CREATE_PATH {
int mkdir(
_In_z_ const char *path,
mode_t mode
);
}
-137 AUE_RMDIR STD {
+137 AUE_RMDIR STD|CAT_DELETE_PATH {
int rmdir(
_In_z_ const char *path
);
}
-138 AUE_UTIMES STD {
+138 AUE_UTIMES STD|CAT_FATTR_PATH {
int utimes(
_In_z_ const char *path,
_In_ _Contains_long_timet_ const struct timeval *tptr
);
}
139 AUE_NULL OBSOL 4.2 sigreturn
-140 AUE_ADJTIME STD {
+140 AUE_ADJTIME STD|CAT_SETTIME_ {
int adjtime(
_In_ _Contains_long_timet_ const struct timeval *delta,
_Out_opt_ _Contains_long_timet_ struct timeval *olddelta
);
}
-141 AUE_GETPEERNAME COMPAT|CAPENABLED {
+141 AUE_GETPEERNAME COMPAT|CAT_SOCK|CAPENABLED {
int getpeername(
int fdes,
_Out_writes_bytes_(*alen) struct sockaddr *asa,
_Inout_opt_ __socklen_t *alen
);
}
-142 AUE_SYSCTL COMPAT|CAPENABLED {
+142 AUE_SYSCTL COMPAT|CAT_SYSINFO|CAPENABLED {
long gethostid(void);
}
-143 AUE_SYSCTL COMPAT {
+143 AUE_SYSCTL COMPAT|CAT_SYSMGMT {
int sethostid(
long hostid
);
}
-144 AUE_GETRLIMIT COMPAT|CAPENABLED {
+144 AUE_GETRLIMIT COMPAT|CAT_GETRLIMIT|CAPENABLED {
int getrlimit(
u_int which,
_Out_ struct orlimit *rlp
);
}
-145 AUE_SETRLIMIT COMPAT|CAPENABLED {
+145 AUE_SETRLIMIT COMPAT|CAT_SETRLIMIT|CAPENABLED {
int setrlimit(
u_int which,
_Out_ struct orlimit *rlp
);
}
-146 AUE_KILLPG COMPAT {
+146 AUE_KILLPG COMPAT|CAT_SIGSEND {
int killpg(
int pgid,
int signum
);
}
-147 AUE_SETSID STD|CAPENABLED {
+147 AUE_SETSID STD|CAT_FORK|CAPENABLED {
int setsid(void);
}
-148 AUE_QUOTACTL STD {
+148 AUE_QUOTACTL STD|CAT_QUOTA {
int quotactl(
_In_z_ const char *path,
int cmd,
@@ -966,10 +969,10 @@
_In_ void *arg
);
}
-149 AUE_O_QUOTA COMPAT {
+149 AUE_O_QUOTA COMPAT|CAT_QUOTA {
int quota(void);
}
-150 AUE_GETSOCKNAME COMPAT|CAPENABLED {
+150 AUE_GETSOCKNAME COMPAT|CAT_SOCK|CAPENABLED {
int getsockname(
int fdes,
_Out_writes_bytes_(*alen) struct sockaddr *asa,
@@ -993,7 +996,7 @@
_In_ void *argp
);
}
-156 AUE_GETDIRENTRIES COMPAT|CAPENABLED {
+156 AUE_GETDIRENTRIES COMPAT|CAT_READ_PATH|CAPENABLED {
int getdirentries(
int fd,
_Out_writes_bytes_(count) char *buf,
@@ -1001,55 +1004,55 @@
_Out_ long *basep
);
}
-157 AUE_STATFS COMPAT4 {
+157 AUE_STATFS COMPAT4|CAT_STATFS_PATH {
int statfs(
_In_z_ const char *path,
_Out_ _Contains_long_ struct ostatfs *buf
);
}
-158 AUE_FSTATFS COMPAT4|CAPENABLED {
+158 AUE_FSTATFS COMPAT4|CAT_STATFS|CAPENABLED {
int fstatfs(
int fd,
_Out_ _Contains_long_ struct ostatfs *buf
);
}
159 AUE_NULL RESERVED
-160 AUE_LGETFH STD {
+160 AUE_LGETFH STD|CAT_FH {
int lgetfh(
_In_z_ const char *fname,
_Out_ struct fhandle *fhp
);
}
-161 AUE_NFS_GETFH STD {
+161 AUE_NFS_GETFH STD|CAT_FH {
int getfh(
_In_z_ const char *fname,
_Out_ struct fhandle *fhp
);
}
-162 AUE_SYSCTL COMPAT4|CAPENABLED {
+162 AUE_SYSCTL COMPAT4|CAT_SYSINFO|CAPENABLED {
int getdomainname(
_Out_writes_z_(len) char *domainname,
int len
);
}
-163 AUE_SYSCTL COMPAT4 {
+163 AUE_SYSCTL COMPAT4|CAT_SYSMGMT {
int setdomainname(
_In_reads_z_(len) char *domainname,
int len
);
}
-164 AUE_NULL COMPAT4 {
+164 AUE_NULL COMPAT4|CAT_SYSINFO {
int uname(
_Out_ struct utsname *name
);
}
-165 AUE_SYSARCH STD|CAPENABLED {
+165 AUE_SYSARCH STD|CAT_CORE|CAPENABLED {
int sysarch(
int op,
_In_z_ char *parms
);
}
-166 AUE_RTPRIO STD|CAPENABLED {
+166 AUE_RTPRIO STD|CAT_SCHED_|CAPENABLED {
int rtprio(
int function,
pid_t pid,
@@ -1057,7 +1060,7 @@
);
}
167-168 AUE_NULL RESERVED
-169 AUE_SEMSYS NOSTD {
+169 AUE_SEMSYS NOSTD|CAT_SYSVSEM {
int semsys(
int which,
int a2,
@@ -1067,7 +1070,7 @@
);
}
; XXX should be { int semsys(int which, ...); }
-170 AUE_MSGSYS NOSTD {
+170 AUE_MSGSYS NOSTD|CAT_SYSVMSG {
int msgsys(
int which,
int a2,
@@ -1078,7 +1081,7 @@
);
}
; XXX should be { int msgsys(int which, ...); }
-171 AUE_SHMSYS NOSTD {
+171 AUE_SHMSYS NOSTD|CAT_SYSVSHM {
int shmsys(
int which,
int a2,
@@ -1088,7 +1091,7 @@
}
; XXX should be { int shmsys(int which, ...); }
172 AUE_NULL RESERVED
-173 AUE_PREAD COMPAT6|CAPENABLED {
+173 AUE_PREAD COMPAT6|CAT_GENIO|CAPENABLED {
ssize_t pread(
int fd,
_Out_writes_bytes_(nbyte) void *buf,
@@ -1097,7 +1100,7 @@
off_t offset
);
}
-174 AUE_PWRITE COMPAT6|CAPENABLED {
+174 AUE_PWRITE COMPAT6|CAT_GENIO|CAPENABLED {
ssize_t pwrite(
int fd,
_In_reads_bytes_(nbyte) const void *buf,
@@ -1106,28 +1109,28 @@
off_t offset
);
}
-175 AUE_SETFIB STD {
+175 AUE_SETFIB STD|CAT_SOCK {
int setfib(
int fibnum
);
}
-176 AUE_NTP_ADJTIME STD {
+176 AUE_NTP_ADJTIME STD|CAT_SETTIME {
int ntp_adjtime(
_Inout_ _Contains_long_ struct timex *tp
);
}
177-180 AUE_NULL RESERVED
-181 AUE_SETGID STD|CAPENABLED {
+181 AUE_SETGID STD|CAT_SETCRED|CAPENABLED {
int setgid(
gid_t gid
);
}
-182 AUE_SETEGID STD|CAPENABLED {
+182 AUE_SETEGID STD|CAT_SETCRED|CAPENABLED {
int setegid(
gid_t egid
);
}
-183 AUE_SETEUID STD|CAPENABLED {
+183 AUE_SETEUID STD|CAT_SETCRED|CAPENABLED {
int seteuid(
uid_t euid
);
@@ -1136,50 +1139,50 @@
185 AUE_NULL OBSOL lfs_markv
186 AUE_NULL OBSOL lfs_segclean
187 AUE_NULL OBSOL lfs_segwait
-188 AUE_STAT COMPAT11 {
+188 AUE_STAT COMPAT11|CAT_STAT_PATH {
int stat(
_In_z_ const char *path,
_Out_ _Contains_timet_ struct freebsd11_stat *ub
);
}
-189 AUE_FSTAT COMPAT11|CAPENABLED {
+189 AUE_FSTAT COMPAT11|CAT_GENIO|CAPENABLED {
int fstat(
int fd,
_Out_ _Contains_timet_ struct freebsd11_stat *sb
);
}
-190 AUE_LSTAT COMPAT11 {
+190 AUE_LSTAT COMPAT11|CAT_STAT_PATH {
int lstat(
_In_z_ const char *path,
_Out_ _Contains_timet_ struct freebsd11_stat *ub
);
}
-191 AUE_PATHCONF STD {
+191 AUE_PATHCONF STD|CAT_PATH {
int pathconf(
_In_z_ const char *path,
int name
);
}
-192 AUE_FPATHCONF STD|CAPENABLED {
+192 AUE_FPATHCONF STD|CAT_GENIO|CAPENABLED {
int fpathconf(
int fd,
int name
);
}
193 AUE_NULL RESERVED
-194 AUE_GETRLIMIT STD|CAPENABLED {
+194 AUE_GETRLIMIT STD|CAT_GETRLIMIT|CAPENABLED {
int getrlimit(
u_int which,
_Out_ struct rlimit *rlp
);
}
-195 AUE_SETRLIMIT STD|CAPENABLED {
+195 AUE_SETRLIMIT STD|CAT_SETRLIMIT|CAPENABLED {
int setrlimit(
u_int which,
_In_ struct rlimit *rlp
);
}
-196 AUE_GETDIRENTRIES COMPAT11|CAPENABLED {
+196 AUE_GETDIRENTRIES COMPAT11|CAT_READ_PATH|CAPENABLED {
int getdirentries(
int fd,
_Out_writes_bytes_(count) char *buf,
@@ -1187,7 +1190,7 @@
_Out_ long *basep
);
}
-197 AUE_MMAP COMPAT6|CAPENABLED {
+197 AUE_MMAP COMPAT6|CAT_MMAN|CAPENABLED {
void *mmap(
_In_ void *addr,
size_t len,
@@ -1204,7 +1207,7 @@
...
);
}
-199 AUE_LSEEK COMPAT6|CAPENABLED {
+199 AUE_LSEEK COMPAT6|CAT_GENIO|CAPENABLED {
off_t lseek(
int fd,
int pad,
@@ -1212,21 +1215,21 @@
int whence
);
}
-200 AUE_TRUNCATE COMPAT6 {
+200 AUE_TRUNCATE COMPAT6|CAT_WRITE_PATH {
int truncate(
_In_z_ const char *path,
int pad,
off_t length
);
}
-201 AUE_FTRUNCATE COMPAT6|CAPENABLED {
+201 AUE_FTRUNCATE COMPAT6|CAT_GENIO|CAPENABLED {
int ftruncate(
int fd,
int pad,
off_t length
);
}
-202 AUE_SYSCTL STD|CAPENABLED {
+202 AUE_SYSCTL STD|CAT_SYSINFO|CAPENABLED {
int __sysctl(
_In_reads_(namelen) int *name,
u_int namelen,
@@ -1236,36 +1239,36 @@
size_t newlen
);
}
-203 AUE_MLOCK STD|CAPENABLED {
+203 AUE_MLOCK STD|CAT_MLOCK|CAPENABLED {
int mlock(
_In_ const void *addr,
size_t len
);
}
-204 AUE_MUNLOCK STD|CAPENABLED {
+204 AUE_MUNLOCK STD|CAT_MLOCK|CAPENABLED {
int munlock(
_In_ const void *addr,
size_t len
);
}
-205 AUE_UNDELETE STD {
+205 AUE_UNDELETE STD|CAT_CREATE_PATH {
int undelete(
_In_z_ const char *path
);
}
-206 AUE_FUTIMES STD|CAPENABLED {
+206 AUE_FUTIMES STD|CAT_FATTR|CAPENABLED {
int futimes(
int fd,
_In_reads_(2) _Contains_long_timet_ const struct timeval *tptr
);
}
-207 AUE_GETPGID STD|CAPENABLED {
+207 AUE_GETPGID STD|CAT_STATUS|CAPENABLED {
int getpgid(
pid_t pid
);
}
208 AUE_NULL RESERVED
-209 AUE_POLL STD|CAPENABLED {
+209 AUE_POLL STD|CAT_POLL|CAPENABLED {
int poll(
_Inout_updates_(nfds) struct pollfd *fds,
u_int nfds,
@@ -1286,7 +1289,7 @@
218 AUE_NULL NODEF|NOTSTATIC lkmnosys lkmnosys nosys_args int
219 AUE_NULL NODEF|NOTSTATIC lkmnosys lkmnosys nosys_args int
-220 AUE_SEMCTL COMPAT7|NOSTD {
+220 AUE_SEMCTL COMPAT7|NOSTD|CAT_SYSVSEM {
int __semctl(
int semid,
int semnum,
@@ -1294,14 +1297,14 @@
_Contains_ptr_ union semun_old *arg
);
}
-221 AUE_SEMGET NOSTD {
+221 AUE_SEMGET NOSTD|CAT_SYSVSEM {
int semget(
key_t key,
int nsems,
int semflg
);
}
-222 AUE_SEMOP NOSTD {
+222 AUE_SEMOP NOSTD|CAT_SYSVSEM {
int semop(
int semid,
_In_reads_(nsops) struct sembuf *sops,
@@ -1309,20 +1312,20 @@
);
}
223 AUE_NULL OBSOL semconfig
-224 AUE_MSGCTL COMPAT7|NOSTD {
+224 AUE_MSGCTL COMPAT7|NOSTD|CAT_SYSVMSG {
int msgctl(
int msqid,
int cmd,
_Contains_long_ptr_timet_ struct msqid_ds_old *buf
);
}
-225 AUE_MSGGET NOSTD {
+225 AUE_MSGGET NOSTD|CAT_SYSVMSG {
int msgget(
key_t key,
int msgflg
);
}
-226 AUE_MSGSND NOSTD {
+226 AUE_MSGSND NOSTD|CAT_SYSVMSG {
int msgsnd(
int msqid,
_In_reads_bytes_(msgsz) _Contains_long_ const void *msgp,
@@ -1330,7 +1333,7 @@
int msgflg
);
}
-227 AUE_MSGRCV NOSTD {
+227 AUE_MSGRCV NOSTD|CAT_SYSVMSG {
ssize_t msgrcv(
int msqid,
_Out_writes_bytes_(msgsz) _Contains_long_ void *msgp,
@@ -1339,63 +1342,63 @@
int msgflg
);
}
-228 AUE_SHMAT NOSTD {
+228 AUE_SHMAT NOSTD|CAT_SYSVSHM {
void *shmat(
int shmid,
_In_ const void *shmaddr,
int shmflg
);
}
-229 AUE_SHMCTL COMPAT7|NOSTD {
+229 AUE_SHMCTL COMPAT7|NOSTD|CAT_SYSVSHM {
int shmctl(
int shmid,
int cmd,
_Inout_opt_ _Contains_long_ struct shmid_ds_old *buf
);
}
-230 AUE_SHMDT NOSTD {
+230 AUE_SHMDT NOSTD|CAT_SYSVSHM {
int shmdt(
_In_ const void *shmaddr
);
}
-231 AUE_SHMGET NOSTD {
+231 AUE_SHMGET NOSTD|CAT_SYSVSHM {
int shmget(
key_t key,
size_t size,
int shmflg
);
}
-232 AUE_NULL STD|CAPENABLED {
+232 AUE_NULL STD|CAT_CLOCK|CAPENABLED {
int clock_gettime(
clockid_t clock_id,
_Out_ _Contains_long_timet_ struct timespec *tp
);
}
-233 AUE_CLOCK_SETTIME STD {
+233 AUE_CLOCK_SETTIME STD|CAT_SETTIME {
int clock_settime(
clockid_t clock_id,
_In_ _Contains_long_timet_ const struct timespec *tp
);
}
-234 AUE_NULL STD|CAPENABLED {
+234 AUE_NULL STD|CAT_CLOCK|CAPENABLED {
int clock_getres(
clockid_t clock_id,
_Out_ _Contains_long_timet_ struct timespec *tp
);
}
-235 AUE_NULL STD|CAPENABLED {
+235 AUE_NULL STD|CAT_TIMER|CAPENABLED {
int ktimer_create(
clockid_t clock_id,
_In_ _Contains_long_ptr_ struct sigevent *evp,
_Out_ int *timerid
);
}
-236 AUE_NULL STD|CAPENABLED {
+236 AUE_NULL STD|CAT_TIMER|CAPENABLED {
int ktimer_delete(
int timerid
);
}
-237 AUE_NULL STD|CAPENABLED {
+237 AUE_NULL STD|CAT_TIMER|CAPENABLED {
int ktimer_settime(
int timerid,
int flags,
@@ -1403,39 +1406,39 @@
_Out_opt_ _Contains_long_timet_ struct itimerspec *ovalue
);
}
-238 AUE_NULL STD|CAPENABLED {
+238 AUE_NULL STD|CAT_TIMER|CAPENABLED {
int ktimer_gettime(
int timerid,
_Out_ _Contains_long_timet_ struct itimerspec *value
);
}
-239 AUE_NULL STD|CAPENABLED {
+239 AUE_NULL STD|CAT_TIMER|CAPENABLED {
int ktimer_getoverrun(
int timerid
);
}
-240 AUE_NULL STD|CAPENABLED {
+240 AUE_NULL STD|CAT_CORE|CAPENABLED {
int nanosleep(
_In_ _Contains_long_timet_ const struct timespec *rqtp,
_Out_opt_ _Contains_long_timet_ struct timespec *rmtp
);
}
-241 AUE_NULL STD {
+241 AUE_NULL STD|CAT_FFCLOCK {
int ffclock_getcounter(
_Out_ ffcounter *ffcount
);
}
-242 AUE_NULL STD {
+242 AUE_NULL STD|CAT_FFCLOCK {
int ffclock_setestimate(
_In_ _Contains_timet_ struct ffclock_estimate *cest
);
}
-243 AUE_NULL STD {
+243 AUE_NULL STD|CAT_FFCLOCK {
int ffclock_getestimate(
_Out_ _Contains_timet_ struct ffclock_estimate *cest
);
}
-244 AUE_NULL STD {
+244 AUE_NULL STD|CAT_CLOCK {
int clock_nanosleep(
clockid_t clock_id,
int flags,
@@ -1444,53 +1447,53 @@
);
}
245-246 AUE_NULL RESERVED
-247 AUE_NULL STD {
+247 AUE_NULL STD|CAT_CLOCK {
int clock_getcpuclockid2(
id_t id,
int which,
_Out_ clockid_t *clock_id
);
}
-248 AUE_NULL STD|CAPENABLED {
+248 AUE_NULL STD|CAT_SETTIME|CAPENABLED {
int ntp_gettime(
_Out_ _Contains_long_timet_ struct ntptimeval *ntvp
);
}
249 AUE_NULL RESERVED
-250 AUE_MINHERIT STD|CAPENABLED {
+250 AUE_MINHERIT STD|CAT_MMAN|CAPENABLED {
int minherit(
_In_ void *addr,
size_t len,
int inherit
);
}
-251 AUE_RFORK STD {
+251 AUE_RFORK STD|CAT_RFORK_ {
int rfork(
int flags
);
}
252 AUE_POLL OBSOL openbsd_poll
-253 AUE_ISSETUGID STD|CAPENABLED {
+253 AUE_ISSETUGID STD|CAT_CORE|CAPENABLED {
int issetugid(void);
}
-254 AUE_LCHOWN STD {
+254 AUE_LCHOWN STD|CAT_FATTR_PATH {
int lchown(
_In_z_ const char *path,
int uid,
int gid
);
}
-255 AUE_AIO_READ STD|CAPENABLED {
+255 AUE_AIO_READ STD|CAT_AIO|CAPENABLED {
int aio_read(
_Inout_ _Contains_long_ptr_ struct aiocb *aiocbp
);
}
-256 AUE_AIO_WRITE STD|CAPENABLED {
+256 AUE_AIO_WRITE STD|CAT_AIO|CAPENABLED {
int aio_write(
_Inout_ _Contains_long_ptr_ struct aiocb *aiocbp
);
}
-257 AUE_LIO_LISTIO STD|CAPENABLED {
+257 AUE_LIO_LISTIO STD|CAT_AIO|CAPENABLED {
int lio_listio(
int mode,
_Inout_updates_(nent) _Contains_long_ptr_ struct aiocb * const *acb_list,
@@ -1499,7 +1502,7 @@
);
}
258-271 AUE_NULL RESERVED
-272 AUE_O_GETDENTS COMPAT11|CAPENABLED {
+272 AUE_O_GETDENTS COMPAT11|CAT_READ_PATH|CAPENABLED {
int getdents(
int fd,
_Out_writes_bytes_(count) char *buf,
@@ -1507,40 +1510,40 @@
);
}
273 AUE_NULL RESERVED
-274 AUE_LCHMOD STD {
+274 AUE_LCHMOD STD|CAT_FATTR_PATH {
int lchmod(
_In_z_ const char *path,
mode_t mode
);
}
275 AUE_NULL OBSOL netbsd_lchown
-276 AUE_LUTIMES STD {
+276 AUE_LUTIMES STD|CAT_FATTR_PATH {
int lutimes(
_In_z_ const char *path,
_In_ _Contains_long_timet_ const struct timeval *tptr
);
}
277 AUE_NULL OBSOL netbsd_msync
-278 AUE_STAT COMPAT11 {
+278 AUE_STAT COMPAT11|CAT_STAT_PATH {
int nstat(
_In_z_ const char *path,
_Out_ _Contains_long_timet_ struct nstat *ub
);
}
-279 AUE_FSTAT COMPAT11 {
+279 AUE_FSTAT COMPAT11|CAT_GENIO {
int nfstat(
int fd,
_Out_ _Contains_long_timet_ struct nstat *sb
);
}
-280 AUE_LSTAT COMPAT11 {
+280 AUE_LSTAT COMPAT11|CAT_STAT_PATH {
int nlstat(
_In_z_ const char *path,
_Out_ _Contains_long_timet_ struct nstat *ub
);
}
281-288 AUE_NULL RESERVED
-289 AUE_PREADV STD|CAPENABLED {
+289 AUE_PREADV STD|CAT_GENIO|CAPENABLED {
ssize_t preadv(
int fd,
_In_reads_(iovcnt) _Contains_long_ptr_ struct iovec *iovp,
@@ -1548,7 +1551,7 @@
off_t offset
);
}
-290 AUE_PWRITEV STD|CAPENABLED {
+290 AUE_PWRITEV STD|CAT_GENIO|CAPENABLED {
ssize_t pwritev(
int fd,
_In_reads_(iovcnt) _Contains_long_ptr_ struct iovec *iovp,
@@ -1557,89 +1560,89 @@
);
}
291-296 AUE_NULL RESERVED
-297 AUE_FHSTATFS COMPAT4 {
+297 AUE_FHSTATFS COMPAT4|CAT_FH {
int fhstatfs(
_In_ const struct fhandle *u_fhp,
_Out_ _Contains_long_ struct ostatfs *buf
);
}
-298 AUE_FHOPEN STD {
+298 AUE_FHOPEN STD|CAT_FH {
int fhopen(
_In_ const struct fhandle *u_fhp,
int flags
);
}
-299 AUE_FHSTAT COMPAT11 {
+299 AUE_FHSTAT COMPAT11|CAT_FH {
int fhstat(
_In_ const struct fhandle *u_fhp,
_Out_ _Contains_long_timet_ struct freebsd11_stat *sb
);
}
-300 AUE_NULL STD {
+300 AUE_NULL STD|CAT_KMODSTAT {
int modnext(
int modid
);
}
-301 AUE_NULL STD {
+301 AUE_NULL STD|CAT_KMODSTAT {
int modstat(
int modid,
_Out_ _Contains_long_ struct module_stat *stat
);
}
-302 AUE_NULL STD {
+302 AUE_NULL STD|CAT_KMODSTAT {
int modfnext(
int modid
);
}
-303 AUE_NULL STD {
+303 AUE_NULL STD|CAT_KMODSTAT {
int modfind(
_In_z_ const char *name
);
}
-304 AUE_MODLOAD STD {
+304 AUE_MODLOAD STD|CAT_KMODMGMT {
int kldload(
_In_z_ const char *file
);
}
-305 AUE_MODUNLOAD STD {
+305 AUE_MODUNLOAD STD|CAT_KMODMGMT {
int kldunload(
int fileid
);
}
-306 AUE_NULL STD {
+306 AUE_NULL STD|CAT_KMODSTAT {
int kldfind(
_In_z_ const char *file
);
}
-307 AUE_NULL STD {
+307 AUE_NULL STD|CAT_KMODSTAT {
int kldnext(
int fileid
);
}
-308 AUE_NULL STD {
+308 AUE_NULL STD|CAT_KMODSTAT {
int kldstat(
int fileid,
_Out_ _Contains_long_ptr_ struct kld_file_stat *stat
);
}
-309 AUE_NULL STD {
+309 AUE_NULL STD|CAT_KMODSTAT {
int kldfirstmod(
int fileid
);
}
-310 AUE_GETSID STD|CAPENABLED {
+310 AUE_GETSID STD|CAT_STATUS|CAPENABLED {
int getsid(
pid_t pid
);
}
-311 AUE_SETRESUID STD|CAPENABLED {
+311 AUE_SETRESUID STD|CAT_SETCRED|CAPENABLED {
int setresuid(
uid_t ruid,
uid_t euid,
uid_t suid
);
}
-312 AUE_SETRESGID STD|CAPENABLED {
+312 AUE_SETRESGID STD|CAT_SETCRED|CAPENABLED {
int setresgid(
gid_t rgid,
gid_t egid,
@@ -1647,40 +1650,40 @@
);
}
313 AUE_NULL OBSOL signanosleep
-314 AUE_AIO_RETURN STD|CAPENABLED {
+314 AUE_AIO_RETURN STD|CAT_AIO|CAPENABLED {
ssize_t aio_return(
_Inout_ _Contains_long_ptr_ struct aiocb *aiocbp
);
}
-315 AUE_AIO_SUSPEND STD|CAPENABLED {
+315 AUE_AIO_SUSPEND STD|CAT_AIO|CAPENABLED {
int aio_suspend(
_Inout_updates_(nent) _Contains_long_ptr_ struct aiocb * const * aiocbp,
int nent,
_In_opt_ _Contains_long_timet_ const struct timespec *timeout
);
}
-316 AUE_AIO_CANCEL STD|CAPENABLED {
+316 AUE_AIO_CANCEL STD|CAT_AIO|CAPENABLED {
int aio_cancel(
int fd,
_In_opt_ _Contains_long_ptr_ struct aiocb *aiocbp
);
}
-317 AUE_AIO_ERROR STD|CAPENABLED {
+317 AUE_AIO_ERROR STD|CAT_AIO|CAPENABLED {
int aio_error(
_In_ _Contains_long_ptr_ struct aiocb *aiocbp
);
}
-318 AUE_AIO_READ COMPAT6|CAPENABLED {
+318 AUE_AIO_READ COMPAT6|CAT_AIO|CAPENABLED {
int aio_read(
_Inout_ _Contains_long_ptr_ struct oaiocb *aiocbp
);
}
-319 AUE_AIO_WRITE COMPAT6|CAPENABLED {
+319 AUE_AIO_WRITE COMPAT6|CAT_AIO|CAPENABLED {
int aio_write(
_Inout_ _Contains_long_ptr_ struct oaiocb *aiocbp
);
}
-320 AUE_LIO_LISTIO COMPAT6|CAPENABLED {
+320 AUE_LIO_LISTIO COMPAT6|CAT_AIO|CAPENABLED {
int lio_listio(
int mode,
_Inout_updates_(nent) _Contains_long_ptr_ struct oaiocb * const *acb_list,
@@ -1688,75 +1691,75 @@
_In_opt_ _Contains_ptr_ struct osigevent *sig
);
}
-321 AUE_NULL STD|CAPENABLED {
+321 AUE_NULL STD|CAT_CORE|CAPENABLED {
int yield(void);
}
322 AUE_NULL OBSOL thr_sleep
323 AUE_NULL OBSOL thr_wakeup
-324 AUE_MLOCKALL STD|CAPENABLED {
+324 AUE_MLOCKALL STD|CAT_MLOCK|CAPENABLED {
int mlockall(
int how
);
}
-325 AUE_MUNLOCKALL STD|CAPENABLED {
+325 AUE_MUNLOCKALL STD|CAT_MLOCK|CAPENABLED {
int munlockall(void);
}
-326 AUE_GETCWD STD {
+326 AUE_GETCWD STD|CAT_PATH {
int __getcwd(
_Out_writes_z_(buflen) char *buf,
size_t buflen
);
}
-327 AUE_NULL STD|CAPENABLED {
+327 AUE_NULL STD|CAT_SETSCHED|CAPENABLED {
int sched_setparam(
pid_t pid,
_In_ const struct sched_param *param
);
}
-328 AUE_NULL STD|CAPENABLED {
+328 AUE_NULL STD|CAT_GETSCHED|CAPENABLED {
int sched_getparam(
pid_t pid,
_Out_ struct sched_param *param
);
}
-329 AUE_NULL STD|CAPENABLED {
+329 AUE_NULL STD|CAT_SETSCHED|CAPENABLED {
int sched_setscheduler(
pid_t pid,
int policy,
_In_ const struct sched_param *param
);
}
-330 AUE_NULL STD|CAPENABLED {
+330 AUE_NULL STD|CAT_GETSCHED|CAPENABLED {
int sched_getscheduler(
pid_t pid
);
}
-331 AUE_NULL STD|CAPENABLED {
+331 AUE_NULL STD|CAT_CORE|CAPENABLED {
int sched_yield(void);
}
-332 AUE_NULL STD|CAPENABLED {
+332 AUE_NULL STD|CAT_GETSCHED|CAPENABLED {
int sched_get_priority_max(
int policy
);
}
-333 AUE_NULL STD|CAPENABLED {
+333 AUE_NULL STD|CAT_GETSCHED|CAPENABLED {
int sched_get_priority_min(
int policy
);
}
-334 AUE_NULL STD|CAPENABLED {
+334 AUE_NULL STD|CAT_GETSCHED|CAPENABLED {
int sched_rr_get_interval(
pid_t pid,
_Out_ _Contains_long_timet_ struct timespec *interval
);
}
-335 AUE_NULL STD|CAPENABLED {
+335 AUE_NULL STD|CAT_CORE|CAPENABLED {
int utrace(
_In_reads_bytes_(len) const void *addr,
size_t len
);
}
-336 AUE_SENDFILE COMPAT4|CAPENABLED {
+336 AUE_SENDFILE COMPAT4|CAT_SENDFILE|CAPENABLED {
int sendfile(
int fd,
int s,
@@ -1767,14 +1770,14 @@
int flags
);
}
-337 AUE_NULL STD {
+337 AUE_NULL STD|CAT_KMODSTAT {
int kldsym(
int fileid,
int cmd,
_In_ _Contains_long_ptr_ void *data
);
}
-338 AUE_JAIL STD {
+338 AUE_JAIL STD|CAT_JAIL {
int jail(
_In_ _Contains_ptr_ struct jail *jail
);
@@ -1788,103 +1791,103 @@
int a_followSymlinks
);
}
-340 AUE_SIGPROCMASK STD|CAPENABLED {
+340 AUE_SIGPROCMASK STD|CAT_SIGMASK|CAPENABLED {
int sigprocmask(
int how,
_In_opt_ const sigset_t *set,
_Out_opt_ sigset_t *oset
);
}
-341 AUE_SIGSUSPEND STD|CAPENABLED {
+341 AUE_SIGSUSPEND STD|CAT_SIGMASK|CAPENABLED {
int sigsuspend(
_In_ const sigset_t *sigmask
);
}
-342 AUE_SIGACTION COMPAT4|CAPENABLED {
+342 AUE_SIGACTION COMPAT4|CAT_SIGHAND|CAPENABLED {
int sigaction(
int sig,
_In_opt_ _Contains_ptr_ const struct sigaction *act,
_Out_opt_ _Contains_ptr_ struct sigaction *oact
);
}
-343 AUE_SIGPENDING STD|CAPENABLED {
+343 AUE_SIGPENDING STD|CAT_SIGWAIT|CAPENABLED {
int sigpending(
_In_ sigset_t *set
);
}
-344 AUE_SIGRETURN COMPAT4|CAPENABLED {
+344 AUE_SIGRETURN COMPAT4|CAT_CORE|CAPENABLED {
int sigreturn(
_In_ _Contains_long_ptr_ const struct freebsd4_ucontext *sigcntxp
);
}
-345 AUE_SIGWAIT STD|CAPENABLED {
+345 AUE_SIGWAIT STD|CAT_SIGWAIT|CAPENABLED {
int sigtimedwait(
_In_ const sigset_t *set,
_Out_opt_ _Contains_long_ptr_ struct siginfo *info,
_In_opt_ _Contains_long_timet_ const struct timespec *timeout
);
}
-346 AUE_NULL STD|CAPENABLED {
+346 AUE_NULL STD|CAT_SIGWAIT|CAPENABLED {
int sigwaitinfo(
_In_ const sigset_t *set,
_Out_opt_ _Contains_long_ptr_ struct siginfo *info
);
}
-347 AUE_ACL_GET_FILE STD {
+347 AUE_ACL_GET_FILE STD|CAT_GETACL_PATH {
int __acl_get_file(
_In_z_ const char *path,
acl_type_t type,
_Out_ struct acl *aclp
);
}
-348 AUE_ACL_SET_FILE STD {
+348 AUE_ACL_SET_FILE STD|CAT_SETACL_PATH {
int __acl_set_file(
_In_z_ const char *path,
acl_type_t type,
_In_ struct acl *aclp
);
}
-349 AUE_ACL_GET_FD STD|CAPENABLED {
+349 AUE_ACL_GET_FD STD|CAT_GETACL|CAPENABLED {
int __acl_get_fd(
int filedes,
acl_type_t type,
_Out_ struct acl *aclp
);
}
-350 AUE_ACL_SET_FD STD|CAPENABLED {
+350 AUE_ACL_SET_FD STD|CAT_SETACL|CAPENABLED {
int __acl_set_fd(
int filedes,
acl_type_t type,
_In_ struct acl *aclp
);
}
-351 AUE_ACL_DELETE_FILE STD {
+351 AUE_ACL_DELETE_FILE STD|CAT_SETACL_PATH {
int __acl_delete_file(
_In_z_ const char *path,
acl_type_t type
);
}
-352 AUE_ACL_DELETE_FD STD|CAPENABLED {
+352 AUE_ACL_DELETE_FD STD|CAT_SETACL|CAPENABLED {
int __acl_delete_fd(
int filedes,
acl_type_t type
);
}
-353 AUE_ACL_CHECK_FILE STD {
+353 AUE_ACL_CHECK_FILE STD|CAT_GETACL_PATH {
int __acl_aclcheck_file(
_In_z_ const char *path,
acl_type_t type,
_In_ struct acl *aclp
);
}
-354 AUE_ACL_CHECK_FD STD|CAPENABLED {
+354 AUE_ACL_CHECK_FD STD|CAT_GETACL|CAPENABLED {
int __acl_aclcheck_fd(
int filedes,
acl_type_t type,
_In_ struct acl *aclp
);
}
-355 AUE_EXTATTRCTL STD {
+355 AUE_EXTATTRCTL STD|CAT_SYSMGMT {
int extattrctl(
_In_z_ const char *path,
int cmd,
@@ -1893,7 +1896,7 @@
_In_z_ const char *attrname
);
}
-356 AUE_EXTATTR_SET_FILE STD {
+356 AUE_EXTATTR_SET_FILE STD|CAT_SETEXTATTR_PATH {
ssize_t extattr_set_file(
_In_z_ const char *path,
int attrnamespace,
@@ -1902,7 +1905,7 @@
size_t nbytes
);
}
-357 AUE_EXTATTR_GET_FILE STD {
+357 AUE_EXTATTR_GET_FILE STD|CAT_GETEXTATTR_PATH {
ssize_t extattr_get_file(
_In_z_ const char *path,
int attrnamespace,
@@ -1911,37 +1914,37 @@
size_t nbytes
);
}
-358 AUE_EXTATTR_DELETE_FILE STD {
+358 AUE_EXTATTR_DELETE_FILE STD|CAT_SETEXTATTR_PATH {
int extattr_delete_file(
_In_z_ const char *path,
int attrnamespace,
_In_z_ const char *attrname
);
}
-359 AUE_AIO_WAITCOMPLETE STD|CAPENABLED {
+359 AUE_AIO_WAITCOMPLETE STD|CAT_AIO|CAPENABLED {
ssize_t aio_waitcomplete(
_Outptr_result_maybenull_ struct aiocb **aiocbp,
_In_opt_ _Contains_long_timet_ struct timespec *timeout
);
}
-360 AUE_GETRESUID STD|CAPENABLED {
+360 AUE_GETRESUID STD|CAT_GETCRED|CAPENABLED {
int getresuid(
_Out_opt_ uid_t *ruid,
_Out_opt_ uid_t *euid,
_Out_opt_ uid_t *suid
);
}
-361 AUE_GETRESGID STD|CAPENABLED {
+361 AUE_GETRESGID STD|CAT_GETCRED|CAPENABLED {
int getresgid(
_Out_opt_ gid_t *rgid,
_Out_opt_ gid_t *egid,
_Out_opt_ gid_t *sgid
);
}
-362 AUE_KQUEUE STD|CAPENABLED {
+362 AUE_KQUEUE STD|CAT_POLL|CAPENABLED {
int kqueue(void);
}
-363 AUE_KEVENT COMPAT11|CAPENABLED {
+363 AUE_KEVENT COMPAT11|CAT_POLL|CAPENABLED {
int kevent(
int fd,
_In_reads_opt_(nchanges) _Contains_ptr_ const struct freebsd11_kevent *changelist,
@@ -1958,7 +1961,7 @@
368 AUE_NULL OBSOL __cap_set_fd
369 AUE_NULL OBSOL __cap_set_file
370 AUE_NULL RESERVED
-371 AUE_EXTATTR_SET_FD STD|CAPENABLED {
+371 AUE_EXTATTR_SET_FD STD|CAT_SETEXTATTR|CAPENABLED {
ssize_t extattr_set_fd(
int fd,
int attrnamespace,
@@ -1967,7 +1970,7 @@
size_t nbytes
);
}
-372 AUE_EXTATTR_GET_FD STD|CAPENABLED {
+372 AUE_EXTATTR_GET_FD STD|CAT_GETEXTATTR|CAPENABLED {
ssize_t extattr_get_fd(
int fd,
int attrnamespace,
@@ -1976,20 +1979,20 @@
size_t nbytes
);
}
-373 AUE_EXTATTR_DELETE_FD STD|CAPENABLED {
+373 AUE_EXTATTR_DELETE_FD STD|CAT_SETEXTATTR|CAPENABLED {
int extattr_delete_fd(
int fd,
int attrnamespace,
_In_z_ const char *attrname
);
}
-374 AUE_SETUGID STD {
+374 AUE_SETUGID STD|CAT_SETCRED {
int __setugid(
int flag
);
}
375 AUE_NULL OBSOL nfsclnt
-376 AUE_EACCESS STD {
+376 AUE_EACCESS STD|CAT_PATH {
int eaccess(
_In_z_ const char *path,
int amode
@@ -2006,7 +2009,7 @@
long parm6
);
}
-378 AUE_NMOUNT STD {
+378 AUE_NMOUNT STD|CAT_MOUNT {
int nmount(
_In_reads_(iovcnt) _Contains_long_ptr_ struct iovec *iovp,
unsigned int iovcnt,
@@ -2018,41 +2021,41 @@
381 AUE_NULL OBSOL kse_create
382 AUE_NULL OBSOL kse_thr_interrupt
383 AUE_NULL OBSOL kse_release
-384 AUE_NULL STD|CAPENABLED {
+384 AUE_NULL STD|CAT_GETMAC_PROC|CAPENABLED {
int __mac_get_proc(
_In_ _Contains_long_ptr_ struct mac *mac_p
);
}
-385 AUE_NULL STD|CAPENABLED {
+385 AUE_NULL STD|CAT_SETMAC_PROC|CAPENABLED {
int __mac_set_proc(
_In_ _Contains_long_ptr_ struct mac *mac_p
);
}
-386 AUE_NULL STD|CAPENABLED {
+386 AUE_NULL STD|CAT_GETMAC|CAPENABLED {
int __mac_get_fd(
int fd,
_In_ _Contains_long_ptr_ struct mac *mac_p
);
}
-387 AUE_NULL STD {
+387 AUE_NULL STD|CAT_GETMAC_PATH {
int __mac_get_file(
_In_z_ const char *path_p,
_In_ _Contains_long_ptr_ struct mac *mac_p
);
}
-388 AUE_NULL STD|CAPENABLED {
+388 AUE_NULL STD|CAT_SETMAC|CAPENABLED {
int __mac_set_fd(
int fd,
_In_ _Contains_long_ptr_ struct mac *mac_p
);
}
-389 AUE_NULL STD {
+389 AUE_NULL STD|CAT_SETMAC_PATH {
int __mac_set_file(
_In_z_ const char *path_p,
_In_ _Contains_long_ptr_ struct mac *mac_p
);
}
-390 AUE_NULL STD {
+390 AUE_NULL STD|CAT_KENV {
int kenv(
int what,
_In_z_opt_ const char *name,
@@ -2060,19 +2063,19 @@
int len
);
}
-391 AUE_LCHFLAGS STD {
+391 AUE_LCHFLAGS STD|CAT_FATTR_PATH {
int lchflags(
_In_z_ const char *path,
u_long flags
);
}
-392 AUE_NULL STD|CAPENABLED {
+392 AUE_NULL STD|CAT_CORE|CAPENABLED {
int uuidgen(
_Out_writes_(count) struct uuid *store,
int count
);
}
-393 AUE_SENDFILE STD|CAPENABLED {
+393 AUE_SENDFILE STD|CAT_SENDFILE|CAPENABLED {
int sendfile(
int fd,
int s,
@@ -2083,66 +2086,66 @@
int flags
);
}
-394 AUE_NULL STD {
+394 AUE_NULL STD|CAT_MAC_SYSCALL {
int mac_syscall(
_In_z_ const char *policy,
int call,
_In_opt_ void *arg
);
}
-395 AUE_GETFSSTAT COMPAT11 {
+395 AUE_GETFSSTAT COMPAT11|CAT_GETFSSTAT {
int getfsstat(
_Out_writes_bytes_opt_(bufsize) struct freebsd11_statfs *buf,
long bufsize,
int mode
);
}
-396 AUE_STATFS COMPAT11 {
+396 AUE_STATFS COMPAT11|CAT_STATFS_PATH {
int statfs(
_In_z_ const char *path,
_Out_ struct freebsd11_statfs *buf
);
}
-397 AUE_FSTATFS COMPAT11|CAPENABLED {
+397 AUE_FSTATFS COMPAT11|CAT_STATFS|CAPENABLED {
int fstatfs(
int fd,
_Out_ struct freebsd11_statfs *buf
);
}
-398 AUE_FHSTATFS COMPAT11 {
+398 AUE_FHSTATFS COMPAT11|CAT_FH {
int fhstatfs(
_In_ const struct fhandle *u_fhp,
_Out_ struct freebsd11_statfs *buf
);
}
399 AUE_NULL RESERVED
-400 AUE_SEMCLOSE NOSTD {
+400 AUE_SEMCLOSE NOSTD|CAT_POSIXSEM {
int ksem_close(
semid_t id
);
}
-401 AUE_SEMPOST NOSTD {
+401 AUE_SEMPOST NOSTD|CAT_POSIXSEM {
int ksem_post(
semid_t id
);
}
-402 AUE_SEMWAIT NOSTD {
+402 AUE_SEMWAIT NOSTD|CAT_POSIXSEM {
int ksem_wait(
semid_t id
);
}
-403 AUE_SEMTRYWAIT NOSTD {
+403 AUE_SEMTRYWAIT NOSTD|CAT_POSIXSEM {
int ksem_trywait(
semid_t id
);
}
-404 AUE_SEMINIT NOSTD {
+404 AUE_SEMINIT NOSTD|CAT_POSIXSEM {
int ksem_init(
_Out_ semid_t *idp,
unsigned int value
);
}
-405 AUE_SEMOPEN NOSTD {
+405 AUE_SEMOPEN NOSTD|CAT_POSIXSEM {
int ksem_open(
_Out_ semid_t *idp,
_In_z_ const char *name,
@@ -2151,41 +2154,41 @@
unsigned int value
);
}
-406 AUE_SEMUNLINK NOSTD {
+406 AUE_SEMUNLINK NOSTD|CAT_POSIXSEM {
int ksem_unlink(
_In_z_ const char *name
);
}
-407 AUE_SEMGETVALUE NOSTD {
+407 AUE_SEMGETVALUE NOSTD|CAT_POSIXSEM {
int ksem_getvalue(
semid_t id,
_Out_ int *val
);
}
-408 AUE_SEMDESTROY NOSTD {
+408 AUE_SEMDESTROY NOSTD|CAT_POSIXSEM {
int ksem_destroy(
semid_t id
);
}
-409 AUE_NULL STD {
+409 AUE_NULL STD|CAT_GETMAC_PROC {
int __mac_get_pid(
pid_t pid,
_In_ _Contains_long_ptr_ struct mac *mac_p
);
}
-410 AUE_NULL STD {
+410 AUE_NULL STD|CAT_GETMAC_PATH {
int __mac_get_link(
_In_z_ const char *path_p,
_In_ _Contains_long_ptr_ struct mac *mac_p
);
}
-411 AUE_NULL STD {
+411 AUE_NULL STD|CAT_SETMAC_PATH {
int __mac_set_link(
_In_z_ const char *path_p,
_In_ _Contains_long_ptr_ struct mac *mac_p
);
}
-412 AUE_EXTATTR_SET_LINK STD {
+412 AUE_EXTATTR_SET_LINK STD|CAT_SETEXTATTR_PATH {
ssize_t extattr_set_link(
_In_z_ const char *path,
int attrnamespace,
@@ -2194,7 +2197,7 @@
size_t nbytes
);
}
-413 AUE_EXTATTR_GET_LINK STD {
+413 AUE_EXTATTR_GET_LINK STD|CAT_GETEXTATTR_PATH {
ssize_t extattr_get_link(
_In_z_ const char *path,
int attrnamespace,
@@ -2203,14 +2206,14 @@
size_t nbytes
);
}
-414 AUE_EXTATTR_DELETE_LINK STD {
+414 AUE_EXTATTR_DELETE_LINK STD|CAT_SETEXTATTR_PATH {
int extattr_delete_link(
_In_z_ const char *path,
int attrnamespace,
_In_z_ const char *attrname
);
}
-415 AUE_NULL STD {
+415 AUE_NULL STD|CAT_MAC_EXEC_PATH {
int __mac_execve(
_In_z_ const char *fname,
_In_ char **argv,
@@ -2218,115 +2221,115 @@
_In_ _Contains_long_ptr_ struct mac *mac_p
);
}
-416 AUE_SIGACTION STD|CAPENABLED {
+416 AUE_SIGACTION STD|CAT_SIGHAND|CAPENABLED {
int sigaction(
int sig,
_In_opt_ _Contains_ptr_ const struct sigaction *act,
_Out_opt_ _Contains_ptr_ struct sigaction *oact
);
}
-417 AUE_SIGRETURN STD|CAPENABLED {
+417 AUE_SIGRETURN STD|CAT_CORE|CAPENABLED {
int sigreturn(
_In_ _Contains_long_ptr_ const struct __ucontext *sigcntxp
);
}
418-420 AUE_NULL RESERVED
-421 AUE_NULL STD|CAPENABLED {
+421 AUE_NULL STD|CAT_THREAD|CAPENABLED {
int getcontext(
_Out_ _Contains_long_ptr_ struct __ucontext *ucp
);
}
-422 AUE_NULL STD|CAPENABLED {
+422 AUE_NULL STD|CAT_THREAD|CAPENABLED {
int setcontext(
_In_ _Contains_long_ptr_ const struct __ucontext *ucp
);
}
-423 AUE_NULL STD {
+423 AUE_NULL STD|CAT_THREAD {
int swapcontext(
_Out_ _Contains_long_ptr_ struct __ucontext *oucp,
_In_ _Contains_long_ptr_ const struct __ucontext *ucp
);
}
-424 AUE_SWAPOFF COMPAT13 {
+424 AUE_SWAPOFF COMPAT13|CAT_SYSMGMT {
int swapoff(
_In_z_ const char *name
);
}
-425 AUE_ACL_GET_LINK STD {
+425 AUE_ACL_GET_LINK STD|CAT_GETACL_PATH {
int __acl_get_link(
_In_z_ const char *path,
acl_type_t type,
_Out_ struct acl *aclp
);
}
-426 AUE_ACL_SET_LINK STD {
+426 AUE_ACL_SET_LINK STD|CAT_SETACL_PATH {
int __acl_set_link(
_In_z_ const char *path,
acl_type_t type,
_In_ struct acl *aclp
);
}
-427 AUE_ACL_DELETE_LINK STD {
+427 AUE_ACL_DELETE_LINK STD|CAT_SETACL_PATH {
int __acl_delete_link(
_In_z_ const char *path,
acl_type_t type
);
}
-428 AUE_ACL_CHECK_LINK STD {
+428 AUE_ACL_CHECK_LINK STD|CAT_GETACL_PATH {
int __acl_aclcheck_link(
_In_z_ const char *path,
acl_type_t type,
_In_ struct acl *aclp
);
}
-429 AUE_SIGWAIT STD|CAPENABLED {
+429 AUE_SIGWAIT STD|CAT_SIGWAIT|CAPENABLED {
int sigwait(
_In_ const sigset_t *set,
_Out_ int *sig
);
}
-430 AUE_THR_CREATE STD|CAPENABLED {
+430 AUE_THR_CREATE STD|CAT_THREAD|CAPENABLED {
int thr_create(
_In_ _Contains_long_ptr_ ucontext_t *ctx,
_Out_ long *id,
int flags
);
}
-431 AUE_THR_EXIT STD|CAPENABLED {
+431 AUE_THR_EXIT STD|CAT_THREAD|CAPENABLED {
void thr_exit(
_Out_opt_ long *state
);
}
-432 AUE_NULL STD|CAPENABLED {
+432 AUE_NULL STD|CAT_THREAD_|CAPENABLED {
int thr_self(
_Out_ long *id
);
}
-433 AUE_THR_KILL STD|CAPENABLED {
+433 AUE_THR_KILL STD|CAT_THREAD_|CAPENABLED {
int thr_kill(
long id,
int sig
);
}
-434 AUE_NULL COMPAT10 {
+434 AUE_NULL COMPAT10|CAT_UMTX {
int _umtx_lock(
_Inout_ struct umtx *umtx
);
}
-435 AUE_NULL COMPAT10 {
+435 AUE_NULL COMPAT10|CAT_UMTX {
int _umtx_unlock(
_Inout_ struct umtx *umtx
);
}
-436 AUE_JAIL_ATTACH STD {
+436 AUE_JAIL_ATTACH STD|CAT_JAIL {
int jail_attach(
int jid
);
}
-437 AUE_EXTATTR_LIST_FD STD|CAPENABLED {
+437 AUE_EXTATTR_LIST_FD STD|CAT_GETEXTATTR|CAPENABLED {
ssize_t extattr_list_fd(
int fd,
int attrnamespace,
@@ -2334,7 +2337,7 @@
size_t nbytes
);
}
-438 AUE_EXTATTR_LIST_FILE STD {
+438 AUE_EXTATTR_LIST_FILE STD|CAT_GETEXTATTR_PATH {
ssize_t extattr_list_file(
_In_z_ const char *path,
int attrnamespace,
@@ -2342,7 +2345,7 @@
size_t nbytes
);
}
-439 AUE_EXTATTR_LIST_LINK STD {
+439 AUE_EXTATTR_LIST_LINK STD|CAT_GETEXTATTR_PATH {
ssize_t extattr_list_link(
_In_z_ const char *path,
int attrnamespace,
@@ -2351,79 +2354,79 @@
);
}
440 AUE_NULL OBSOL kse_switchin
-441 AUE_SEMWAIT NOSTD {
+441 AUE_SEMWAIT NOSTD|CAT_POSIXSEM {
int ksem_timedwait(
semid_t id,
_In_opt_ _Contains_long_timet_ const struct timespec *abstime
);
}
-442 AUE_NULL STD|CAPENABLED {
+442 AUE_NULL STD|CAT_THREAD|CAPENABLED {
int thr_suspend(
_In_opt_ _Contains_long_timet_ const struct timespec *timeout
);
}
-443 AUE_NULL STD|CAPENABLED {
+443 AUE_NULL STD|CAT_THREAD|CAPENABLED {
int thr_wake(
long id
);
}
-444 AUE_MODUNLOAD STD {
+444 AUE_MODUNLOAD STD|CAT_KMODMGMT {
int kldunloadf(
int fileid,
int flags
);
}
-445 AUE_AUDIT STD {
+445 AUE_AUDIT STD|CAT_AUDIT {
int audit(
_In_reads_bytes_(length) const void *record,
u_int length
);
}
-446 AUE_AUDITON STD {
+446 AUE_AUDITON STD|CAT_AUDIT {
int auditon(
int cmd,
_In_opt_ void *data,
u_int length
);
}
-447 AUE_GETAUID STD|CAPENABLED {
+447 AUE_GETAUID STD|CAT_AUDIT|CAPENABLED {
int getauid(
_Out_ uid_t *auid
);
}
-448 AUE_SETAUID STD|CAPENABLED {
+448 AUE_SETAUID STD|CAT_AUDIT|CAPENABLED {
int setauid(
_In_ uid_t *auid
);
}
-449 AUE_GETAUDIT STD|CAPENABLED {
+449 AUE_GETAUDIT STD|CAT_AUDIT|CAPENABLED {
int getaudit(
_Out_ struct auditinfo *auditinfo
);
}
-450 AUE_SETAUDIT STD|CAPENABLED {
+450 AUE_SETAUDIT STD|CAT_AUDIT|CAPENABLED {
int setaudit(
_In_ struct auditinfo *auditinfo
);
}
-451 AUE_GETAUDIT_ADDR STD|CAPENABLED {
+451 AUE_GETAUDIT_ADDR STD|CAT_AUDIT|CAPENABLED {
int getaudit_addr(
_Out_writes_bytes_(length) struct auditinfo_addr *auditinfo_addr,
u_int length
);
}
-452 AUE_SETAUDIT_ADDR STD|CAPENABLED {
+452 AUE_SETAUDIT_ADDR STD|CAT_AUDIT|CAPENABLED {
int setaudit_addr(
_In_reads_bytes_(length) struct auditinfo_addr *auditinfo_addr,
u_int length
);
}
-453 AUE_AUDITCTL STD {
+453 AUE_AUDITCTL STD|CAT_AUDIT {
int auditctl(
_In_z_ const char *path
);
}
-454 AUE_NULL STD|CAPENABLED {
+454 AUE_NULL STD|CAT_UMTX|CAPENABLED {
int _umtx_op(
_Inout_ void *obj,
int op,
@@ -2432,13 +2435,13 @@
_In_ void *uaddr2
);
}
-455 AUE_THR_NEW STD|CAPENABLED {
+455 AUE_THR_NEW STD|CAT_THREAD|CAPENABLED {
int thr_new(
_In_ _Contains_long_ptr_ struct thr_param *param,
int param_size
);
}
-456 AUE_NULL STD|CAPENABLED {
+456 AUE_NULL STD|CAT_SIGSEND|CAPENABLED {
int sigqueue(
pid_t pid,
int signum,
@@ -2446,7 +2449,7 @@
);
}
-457 AUE_MQ_OPEN NOSTD {
+457 AUE_MQ_OPEN NOSTD|CAT_POSIXMSG {
int kmq_open(
_In_z_ const char *path,
int flags,
@@ -2454,14 +2457,14 @@
_In_opt_ _Contains_long_ const struct mq_attr *attr
);
}
-458 AUE_MQ_SETATTR NOSTD|CAPENABLED {
+458 AUE_MQ_SETATTR NOSTD|CAT_POSIXMSG|CAPENABLED {
int kmq_setattr(
int mqd,
_In_opt_ _Contains_long_ const struct mq_attr *attr,
_Out_opt_ _Contains_long_ struct mq_attr *oattr
);
}
-459 AUE_MQ_TIMEDRECEIVE NOSTD|CAPENABLED {
+459 AUE_MQ_TIMEDRECEIVE NOSTD|CAT_POSIXMSG|CAPENABLED {
int kmq_timedreceive(
int mqd,
_Out_writes_bytes_(msg_len) char *msg_ptr,
@@ -2470,7 +2473,7 @@
_In_opt_ _Contains_long_timet_ const struct timespec *abs_timeout
);
}
-460 AUE_MQ_TIMEDSEND NOSTD|CAPENABLED {
+460 AUE_MQ_TIMEDSEND NOSTD|CAT_POSIXMSG|CAPENABLED {
int kmq_timedsend(
int mqd,
_In_reads_bytes_(msg_len) const char *msg_ptr,
@@ -2479,37 +2482,37 @@
_In_opt_ _Contains_long_timet_ const struct timespec *abs_timeout
);
}
-461 AUE_MQ_NOTIFY NOSTD|CAPENABLED {
+461 AUE_MQ_NOTIFY NOSTD|CAT_POSIXMSG|CAPENABLED {
int kmq_notify(
int mqd,
_In_opt_ _Contains_long_ptr_ const struct sigevent *sigev
);
}
-462 AUE_MQ_UNLINK NOSTD {
+462 AUE_MQ_UNLINK NOSTD|CAT_POSIXMSG {
int kmq_unlink(
_In_z_ const char *path
);
}
-463 AUE_NULL STD|CAPENABLED {
+463 AUE_NULL STD|CAT_EXIT|CAPENABLED {
void abort2(
_In_z_ const char *why,
int nargs,
_In_reads_(nargs) void **args
);
}
-464 AUE_NULL STD|CAPENABLED {
+464 AUE_NULL STD|CAT_THREAD|CAPENABLED {
int thr_set_name(
long id,
_In_z_ const char *name
);
}
-465 AUE_AIO_FSYNC STD|CAPENABLED {
+465 AUE_AIO_FSYNC STD|CAT_AIO|CAPENABLED {
int aio_fsync(
int op,
_In_ _Contains_long_ptr_ struct aiocb *aiocbp
);
}
-466 AUE_RTPRIO STD|CAPENABLED {
+466 AUE_RTPRIO STD|CAT_SCHED_|CAPENABLED {
int rtprio_thread(
int function,
lwpid_t lwpid,
@@ -2517,13 +2520,13 @@
);
}
467-470 AUE_NULL RESERVED
-471 AUE_SCTP_PEELOFF NOSTD|CAPENABLED {
+471 AUE_SCTP_PEELOFF NOSTD|CAT_SOCK|CAPENABLED {
int sctp_peeloff(
int sd,
uint32_t name
);
}
-472 AUE_SCTP_GENERIC_SENDMSG NOSTD|CAPENABLED {
+472 AUE_SCTP_GENERIC_SENDMSG NOSTD|CAT_SOCKIO|CAPENABLED {
int sctp_generic_sendmsg(
int sd,
_In_reads_bytes_(mlen) void *msg,
@@ -2534,7 +2537,7 @@
int flags
);
}
-473 AUE_SCTP_GENERIC_SENDMSG_IOV NOSTD|CAPENABLED {
+473 AUE_SCTP_GENERIC_SENDMSG_IOV NOSTD|CAT_SOCKIO|CAPENABLED {
int sctp_generic_sendmsg_iov(
int sd,
_In_reads_(iovlen) _Contains_long_ptr_ struct iovec *iov,
@@ -2545,7 +2548,7 @@
int flags
);
}
-474 AUE_SCTP_GENERIC_RECVMSG NOSTD|CAPENABLED {
+474 AUE_SCTP_GENERIC_RECVMSG NOSTD|CAT_SOCKIO|CAPENABLED {
int sctp_generic_recvmsg(
int sd,
_In_reads_(iovlen) _Contains_long_ptr_ struct iovec *iov,
@@ -2556,7 +2559,7 @@
_Out_opt_ int *msg_flags
);
}
-475 AUE_PREAD STD|CAPENABLED {
+475 AUE_PREAD STD|CAT_GENIO|CAPENABLED {
ssize_t pread(
int fd,
_Out_writes_bytes_(nbyte) void *buf,
@@ -2564,7 +2567,7 @@
off_t offset
);
}
-476 AUE_PWRITE STD|CAPENABLED {
+476 AUE_PWRITE STD|CAT_GENIO|CAPENABLED {
ssize_t pwrite(
int fd,
_In_reads_bytes_(nbyte) const void *buf,
@@ -2572,7 +2575,7 @@
off_t offset
);
}
-477 AUE_MMAP STD|CAPENABLED {
+477 AUE_MMAP STD|CAT_MMAN|CAPENABLED {
void *mmap(
_In_ void *addr,
size_t len,
@@ -2582,57 +2585,57 @@
off_t pos
);
}
-478 AUE_LSEEK STD|CAPENABLED {
+478 AUE_LSEEK STD|CAT_GENIO|CAPENABLED {
off_t lseek(
int fd,
off_t offset,
int whence
);
}
-479 AUE_TRUNCATE STD {
+479 AUE_TRUNCATE STD|CAT_WRITE_PATH {
int truncate(
_In_z_ const char *path,
off_t length
);
}
-480 AUE_FTRUNCATE STD|CAPENABLED {
+480 AUE_FTRUNCATE STD|CAT_GENIO|CAPENABLED {
int ftruncate(
int fd,
off_t length
);
}
-481 AUE_THR_KILL2 STD {
+481 AUE_THR_KILL2 STD|CAT_THREAD {
int thr_kill2(
pid_t pid,
long id,
int sig
);
}
-482 AUE_SHMOPEN COMPAT12|CAPENABLED {
+482 AUE_SHMOPEN COMPAT12|CAT_POSIXSHM_|CAPENABLED {
int shm_open(
_In_z_ const char *path,
int flags,
mode_t mode
);
}
-483 AUE_SHMUNLINK STD {
+483 AUE_SHMUNLINK STD|CAT_POSIXSHM {
int shm_unlink(
_In_z_ const char *path
);
}
-484 AUE_NULL STD {
+484 AUE_NULL STD|CAT_CPUSET {
int cpuset(
_Out_ cpusetid_t *setid
);
}
-485 AUE_NULL STD {
+485 AUE_NULL STD|CAT_CPUSET {
int cpuset_setid(
cpuwhich_t which,
id_t id,
cpusetid_t setid
);
}
-486 AUE_NULL STD {
+486 AUE_NULL STD|CAT_CPUSET {
int cpuset_getid(
cpulevel_t level,
cpuwhich_t which,
@@ -2640,7 +2643,7 @@
_Out_ cpusetid_t *setid
);
}
-487 AUE_NULL STD|CAPENABLED {
+487 AUE_NULL STD|CAT_GETCPUSET_|CAPENABLED {
int cpuset_getaffinity(
cpulevel_t level,
cpuwhich_t which,
@@ -2649,7 +2652,7 @@
_Out_ cpuset_t *mask
);
}
-488 AUE_NULL STD|CAPENABLED {
+488 AUE_NULL STD|CAT_SETCPUSET_|CAPENABLED {
int cpuset_setaffinity(
cpulevel_t level,
cpuwhich_t which,
@@ -2658,7 +2661,7 @@
_Out_ const cpuset_t *mask
);
}
-489 AUE_FACCESSAT STD|CAPENABLED {
+489 AUE_FACCESSAT STD|CAT_PATH|CAPENABLED {
int faccessat(
int fd,
_In_z_ const char *path,
@@ -2666,7 +2669,7 @@
int flag
);
}
-490 AUE_FCHMODAT STD|CAPENABLED {
+490 AUE_FCHMODAT STD|CAT_FATTR_PATH|CAPENABLED {
int fchmodat(
int fd,
_In_z_ const char *path,
@@ -2674,7 +2677,7 @@
int flag
);
}
-491 AUE_FCHOWNAT STD|CAPENABLED {
+491 AUE_FCHOWNAT STD|CAT_FATTR_PATH|CAPENABLED {
int fchownat(
int fd,
_In_z_ const char *path,
@@ -2683,14 +2686,14 @@
int flag
);
}
-492 AUE_FEXECVE STD|CAPENABLED {
+492 AUE_FEXECVE STD|CAT_EXEC|CAPENABLED {
int fexecve(
int fd,
_In_ char **argv,
_In_ char **envv
);
}
-493 AUE_FSTATAT COMPAT11|CAPENABLED {
+493 AUE_FSTATAT COMPAT11|CAT_STAT_PATH|CAPENABLED {
int fstatat(
int fd,
_In_z_ const char *path,
@@ -2698,14 +2701,14 @@
int flag
);
}
-494 AUE_FUTIMESAT STD|CAPENABLED {
+494 AUE_FUTIMESAT STD|CAT_FATTR_PATH|CAPENABLED {
int futimesat(
int fd,
_In_z_ const char *path,
_In_reads_(2) _Contains_long_timet_ const struct timeval *times
);
}
-495 AUE_LINKAT STD|CAPENABLED {
+495 AUE_LINKAT STD|CAT_CREATE_PATH|CAPENABLED {
int linkat(
int fd1,
_In_z_ const char *path1,
@@ -2714,21 +2717,21 @@
int flag
);
}
-496 AUE_MKDIRAT STD|CAPENABLED {
+496 AUE_MKDIRAT STD|CAT_CREATE_PATH|CAPENABLED {
int mkdirat(
int fd,
_In_z_ const char *path,
mode_t mode
);
}
-497 AUE_MKFIFOAT STD|CAPENABLED {
+497 AUE_MKFIFOAT STD|CAT_CREATE_PATH|CAPENABLED {
int mkfifoat(
int fd,
_In_z_ const char *path,
mode_t mode
);
}
-498 AUE_MKNODAT COMPAT11|CAPENABLED {
+498 AUE_MKNODAT COMPAT11|CAT_CREATE_PATH|CAPENABLED {
int mknodat(
int fd,
_In_z_ const char *path,
@@ -2737,7 +2740,7 @@
);
}
; XXX: see the comment for open
-499 AUE_OPENAT_RWTC STD|CAPENABLED {
+499 AUE_OPENAT_RWTC STD|CAT_PATH|CAPENABLED {
int openat(
int fd,
_In_z_ const char *path,
@@ -2745,7 +2748,7 @@
mode_t mode
);
}
-500 AUE_READLINKAT STD|CAPENABLED {
+500 AUE_READLINKAT STD|CAT_READ_PATH|CAPENABLED {
ssize_t readlinkat(
int fd,
_In_z_ const char *path,
@@ -2753,7 +2756,7 @@
size_t bufsize
);
}
-501 AUE_RENAMEAT STD|CAPENABLED {
+501 AUE_RENAMEAT STD|CAT_RENAME_PATH|CAPENABLED {
int renameat(
int oldfd,
_In_z_ const char *old,
@@ -2761,21 +2764,21 @@
_In_z_ const char *new
);
}
-502 AUE_SYMLINKAT STD|CAPENABLED {
+502 AUE_SYMLINKAT STD|CAT_CREATE_PATH|CAPENABLED {
int symlinkat(
_In_z_ const char *path1,
int fd,
_In_z_ const char *path2
);
}
-503 AUE_UNLINKAT STD|CAPENABLED {
+503 AUE_UNLINKAT STD|CAT_DELETE_PATH|CAPENABLED {
int unlinkat(
int fd,
_In_z_ const char *path,
int flag
);
}
-504 AUE_POSIX_OPENPT STD {
+504 AUE_POSIX_OPENPT STD|CAT_TTYMGMT {
int posix_openpt(
int flags
);
@@ -2786,31 +2789,31 @@
_In_z_ const char *path
);
}
-506 AUE_JAIL_GET STD {
+506 AUE_JAIL_GET STD|CAT_JAIL {
int jail_get(
_In_reads_(iovcnt) _Contains_long_ptr_ struct iovec *iovp,
unsigned int iovcnt,
int flags
);
}
-507 AUE_JAIL_SET STD {
+507 AUE_JAIL_SET STD|CAT_JAIL {
int jail_set(
_In_reads_(iovcnt) _Contains_long_ptr_ struct iovec *iovp,
unsigned int iovcnt,
int flags
);
}
-508 AUE_JAIL_REMOVE STD {
+508 AUE_JAIL_REMOVE STD|CAT_JAIL {
int jail_remove(
int jid
);
}
-509 AUE_CLOSEFROM COMPAT12|CAPENABLED {
+509 AUE_CLOSEFROM COMPAT12|CAT_FDESC|CAPENABLED {
int closefrom(
int lowfd
);
}
-510 AUE_SEMCTL NOSTD {
+510 AUE_SEMCTL NOSTD|CAT_SYSVSEM {
int __semctl(
int semid,
int semnum,
@@ -2818,62 +2821,62 @@
_Inout_ _Contains_ptr_ union semun *arg
);
}
-511 AUE_MSGCTL NOSTD {
+511 AUE_MSGCTL NOSTD|CAT_SYSVMSG {
int msgctl(
int msqid,
int cmd,
_Inout_opt_ _Contains_long_ptr_ struct msqid_ds *buf
);
}
-512 AUE_SHMCTL NOSTD {
+512 AUE_SHMCTL NOSTD|CAT_SYSVSHM {
int shmctl(
int shmid,
int cmd,
_Inout_opt_ _Contains_long_ struct shmid_ds *buf
);
}
-513 AUE_LPATHCONF STD {
+513 AUE_LPATHCONF STD|CAT_PATH {
int lpathconf(
_In_z_ const char *path,
int name
);
}
514 AUE_NULL OBSOL cap_new
-515 AUE_CAP_RIGHTS_GET STD|CAPENABLED {
+515 AUE_CAP_RIGHTS_GET STD|CAT_CAPSICUM|CAPENABLED {
int __cap_rights_get(
int version,
int fd,
_Out_ cap_rights_t *rightsp
);
}
-516 AUE_CAP_ENTER STD|CAPENABLED {
+516 AUE_CAP_ENTER STD|CAT_CAPSICUM|CAPENABLED {
int cap_enter(void);
}
-517 AUE_CAP_GETMODE STD|CAPENABLED {
+517 AUE_CAP_GETMODE STD|CAT_CAPSICUM|CAPENABLED {
int cap_getmode(
_Out_ u_int *modep
);
}
-518 AUE_PDFORK STD|CAPENABLED {
+518 AUE_PDFORK STD|CAT_FORK|CAPENABLED {
int pdfork(
_Out_ int *fdp,
int flags
);
}
-519 AUE_PDKILL STD|CAPENABLED {
+519 AUE_PDKILL STD|CAT_SIGSEND|CAPENABLED {
int pdkill(
int fd,
int signum
);
}
-520 AUE_PDGETPID STD|CAPENABLED {
+520 AUE_PDGETPID STD|CAT_WAIT|CAPENABLED {
int pdgetpid(
int fd,
_Out_ pid_t *pidp
);
}
521 AUE_NULL RESERVED
-522 AUE_SELECT STD|CAPENABLED {
+522 AUE_SELECT STD|CAT_POLL|CAPENABLED {
int pselect(
int nd,
_Inout_opt_ fd_set *in,
@@ -2883,18 +2886,18 @@
_In_opt_ const sigset_t *sm
);
}
-523 AUE_GETLOGINCLASS STD|CAPENABLED {
+523 AUE_GETLOGINCLASS STD|CAT_GETCRED|CAPENABLED {
int getloginclass(
_Out_writes_z_(namelen) char *namebuf,
size_t namelen
);
}
-524 AUE_SETLOGINCLASS STD {
+524 AUE_SETLOGINCLASS STD|CAT_SETCRED {
int setloginclass(
_In_z_ const char *namebuf
);
}
-525 AUE_NULL STD {
+525 AUE_NULL STD|CAT_SYSMGMT {
int rctl_get_racct(
_In_reads_bytes_(inbuflen) const void *inbufp,
size_t inbuflen,
@@ -2902,7 +2905,7 @@
size_t outbuflen
);
}
-526 AUE_NULL STD {
+526 AUE_NULL STD|CAT_SYSMGMT {
int rctl_get_rules(
_In_reads_bytes_(inbuflen) const void *inbufp,
size_t inbuflen,
@@ -2910,7 +2913,7 @@
size_t outbuflen
);
}
-527 AUE_NULL STD {
+527 AUE_NULL STD|CAT_SYSMGMT {
int rctl_get_limits(
_In_reads_bytes_(inbuflen) const void *inbufp,
size_t inbuflen,
@@ -2918,7 +2921,7 @@
size_t outbuflen
);
}
-528 AUE_NULL STD {
+528 AUE_NULL STD|CAT_SYSMGMT {
int rctl_add_rule(
_In_reads_bytes_(inbuflen) const void *inbufp,
size_t inbuflen,
@@ -2926,7 +2929,7 @@
size_t outbuflen
);
}
-529 AUE_NULL STD {
+529 AUE_NULL STD|CAT_SYSMGMT {
int rctl_remove_rule(
_In_reads_bytes_(inbuflen) const void *inbufp,
size_t inbuflen,
@@ -2934,14 +2937,14 @@
size_t outbuflen
);
}
-530 AUE_POSIX_FALLOCATE STD|CAPENABLED {
+530 AUE_POSIX_FALLOCATE STD|CAT_GENIO|CAPENABLED {
int posix_fallocate(
int fd,
off_t offset,
off_t len
);
}
-531 AUE_POSIX_FADVISE STD|CAPENABLED {
+531 AUE_POSIX_FADVISE STD|CAT_GENIO|CAPENABLED {
int posix_fadvise(
int fd,
off_t offset,
@@ -2949,7 +2952,7 @@
int advice
);
}
-532 AUE_WAIT6 STD {
+532 AUE_WAIT6 STD|CAT_WAIT {
int wait6(
idtype_t idtype,
id_t id,
@@ -2959,39 +2962,39 @@
_Out_opt_ _Contains_long_ptr_ struct siginfo *info
);
}
-533 AUE_CAP_RIGHTS_LIMIT STD|CAPENABLED {
+533 AUE_CAP_RIGHTS_LIMIT STD|CAT_CAPSICUM|CAPENABLED {
int cap_rights_limit(
int fd,
_In_ cap_rights_t *rightsp
);
}
-534 AUE_CAP_IOCTLS_LIMIT STD|CAPENABLED {
+534 AUE_CAP_IOCTLS_LIMIT STD|CAT_CAPSICUM|CAPENABLED {
int cap_ioctls_limit(
int fd,
_In_reads_(ncmds) const u_long *cmds,
size_t ncmds
);
}
-535 AUE_CAP_IOCTLS_GET STD|CAPENABLED {
+535 AUE_CAP_IOCTLS_GET STD|CAT_CAPSICUM|CAPENABLED {
ssize_t cap_ioctls_get(
int fd,
_Out_writes_(maxcmds) u_long *cmds,
size_t maxcmds
);
}
-536 AUE_CAP_FCNTLS_LIMIT STD|CAPENABLED {
+536 AUE_CAP_FCNTLS_LIMIT STD|CAT_CAPSICUM|CAPENABLED {
int cap_fcntls_limit(
int fd,
uint32_t fcntlrights
);
}
-537 AUE_CAP_FCNTLS_GET STD|CAPENABLED {
+537 AUE_CAP_FCNTLS_GET STD|CAT_CAPSICUM|CAPENABLED {
int cap_fcntls_get(
int fd,
_Out_ uint32_t *fcntlrightsp
);
}
-538 AUE_BINDAT STD|CAPENABLED {
+538 AUE_BINDAT STD|CAT_SOCK|CAPENABLED {
int bindat(
int fd,
int s,
@@ -2999,7 +3002,7 @@
__socklen_t namelen
);
}
-539 AUE_CONNECTAT STD|CAPENABLED {
+539 AUE_CONNECTAT STD|CAT_SOCK|CAPENABLED {
int connectat(
int fd,
int s,
@@ -3007,7 +3010,7 @@
__socklen_t namelen
);
}
-540 AUE_CHFLAGSAT STD|CAPENABLED {
+540 AUE_CHFLAGSAT STD|CAT_FATTR_PATH|CAPENABLED {
int chflagsat(
int fd,
_In_z_ const char *path,
@@ -3015,7 +3018,7 @@
int atflag
);
}
-541 AUE_ACCEPT STD|CAPENABLED {
+541 AUE_ACCEPT STD|CAT_SOCK|CAPENABLED {
int accept4(
int s,
_Out_writes_bytes_opt_(*anamelen) struct sockaddr *name,
@@ -3023,18 +3026,18 @@
int flags
);
}
-542 AUE_PIPE STD|CAPENABLED {
+542 AUE_PIPE STD|CAT_PIPE|CAPENABLED {
int pipe2(
_Out_writes_(2) int *fildes,
int flags
);
}
-543 AUE_AIO_MLOCK STD {
+543 AUE_AIO_MLOCK STD|CAT_AIO_MLOCK {
int aio_mlock(
_In_ _Contains_long_ptr_ struct aiocb *aiocbp
);
}
-544 AUE_PROCCTL STD {
+544 AUE_PROCCTL STD|CAT_PROCCTL {
int procctl(
idtype_t idtype,
id_t id,
@@ -3042,7 +3045,7 @@
_In_opt_ void *data
);
}
-545 AUE_POLL STD|CAPENABLED {
+545 AUE_POLL STD|CAT_POLL|CAPENABLED {
int ppoll(
_Inout_updates_(nfds) struct pollfd *fds,
u_int nfds,
@@ -3050,13 +3053,13 @@
_In_opt_ const sigset_t *set
);
}
-546 AUE_FUTIMES STD|CAPENABLED {
+546 AUE_FUTIMES STD|CAT_FATTR|CAPENABLED {
int futimens(
int fd,
_In_reads_(2) _Contains_long_timet_ const struct timespec *times
);
}
-547 AUE_FUTIMESAT STD|CAPENABLED {
+547 AUE_FUTIMESAT STD|CAT_FATTR_PATH|CAPENABLED {
int utimensat(
int fd,
_In_z_ const char *path,
@@ -3066,18 +3069,18 @@
}
548 AUE_NULL OBSOL numa_getaffinity
549 AUE_NULL OBSOL numa_setaffinity
-550 AUE_FSYNC STD|CAPENABLED {
+550 AUE_FSYNC STD|CAT_GENIO|CAPENABLED {
int fdatasync(
int fd
);
}
-551 AUE_FSTAT STD|CAPENABLED {
+551 AUE_FSTAT STD|CAT_GENIO|CAPENABLED {
int fstat(
int fd,
_Out_ _Contains_long_timet_ struct stat *sb
);
}
-552 AUE_FSTATAT STD|CAPENABLED {
+552 AUE_FSTATAT STD|CAT_STAT_PATH|CAPENABLED {
int fstatat(
int fd,
_In_z_ const char *path,
@@ -3085,13 +3088,13 @@
int flag
);
}
-553 AUE_FHSTAT STD {
+553 AUE_FHSTAT STD|CAT_FH {
int fhstat(
_In_ const struct fhandle *u_fhp,
_Out_ _Contains_long_timet_ struct stat *sb
);
}
-554 AUE_GETDIRENTRIES STD|CAPENABLED {
+554 AUE_GETDIRENTRIES STD|CAT_READ_PATH|CAPENABLED {
ssize_t getdirentries(
int fd,
_Out_writes_bytes_(count) char *buf,
@@ -3099,32 +3102,32 @@
_Out_ off_t *basep
);
}
-555 AUE_STATFS STD {
+555 AUE_STATFS STD|CAT_STATFS_PATH {
int statfs(
_In_z_ const char *path,
_Out_ struct statfs *buf
);
}
-556 AUE_FSTATFS STD|CAPENABLED {
+556 AUE_FSTATFS STD|CAT_STATFS|CAPENABLED {
int fstatfs(
int fd,
_Out_ struct statfs *buf
);
}
-557 AUE_GETFSSTAT STD {
+557 AUE_GETFSSTAT STD|CAT_GETFSSTAT {
int getfsstat(
_Out_writes_bytes_opt_(bufsize) struct statfs *buf,
long bufsize,
int mode
);
}
-558 AUE_FHSTATFS STD {
+558 AUE_FHSTATFS STD|CAT_FH {
int fhstatfs(
_In_ const struct fhandle *u_fhp,
_Out_ struct statfs *buf
);
}
-559 AUE_MKNODAT STD|CAPENABLED {
+559 AUE_MKNODAT STD|CAT_CREATE_PATH|CAPENABLED {
int mknodat(
int fd,
_In_z_ const char *path,
@@ -3132,7 +3135,7 @@
dev_t dev
);
}
-560 AUE_KEVENT STD|CAPENABLED {
+560 AUE_KEVENT STD|CAT_POLL|CAPENABLED {
int kevent(
int fd,
_In_reads_opt_(nchanges) _Contains_ptr_ const struct kevent *changelist,
@@ -3142,7 +3145,7 @@
_In_opt_ _Contains_long_timet_ const struct timespec *timeout
);
}
-561 AUE_NULL STD|CAPENABLED {
+561 AUE_NULL STD|CAT_GETCPUSET_|CAPENABLED {
int cpuset_getdomain(
cpulevel_t level,
cpuwhich_t which,
@@ -3152,7 +3155,7 @@
_Out_ int *policy
);
}
-562 AUE_NULL STD|CAPENABLED {
+562 AUE_NULL STD|CAT_SETCPUSET_|CAPENABLED {
int cpuset_setdomain(
cpulevel_t level,
cpuwhich_t which,
@@ -3162,14 +3165,14 @@
int policy
);
}
-563 AUE_NULL STD|CAPENABLED {
+563 AUE_NULL STD|CAT_CORE|CAPENABLED {
int getrandom(
_Out_writes_bytes_(buflen) void *buf,
size_t buflen,
unsigned int flags
);
}
-564 AUE_NULL STD {
+564 AUE_NULL STD|CAT_FH {
int getfhat(
int fd,
_In_z_ char *path,
@@ -3177,27 +3180,27 @@
int flags
);
}
-565 AUE_NULL STD {
+565 AUE_NULL STD|CAT_FH {
int fhlink(
_In_ struct fhandle *fhp,
_In_z_ const char *to
);
}
-566 AUE_NULL STD {
+566 AUE_NULL STD|CAT_FH {
int fhlinkat(
_In_ struct fhandle *fhp,
int tofd,
_In_z_ const char *to,
);
}
-567 AUE_NULL STD {
+567 AUE_NULL STD|CAT_FH {
int fhreadlink(
_In_ struct fhandle *fhp,
_Out_writes_(bufsize) char *buf,
size_t bufsize
);
}
-568 AUE_UNLINKAT STD|CAPENABLED {
+568 AUE_UNLINKAT STD|CAT_DELETE_PATH|CAPENABLED {
int funlinkat(
int dfd,
_In_z_ const char *path,
@@ -3205,7 +3208,7 @@
int flag
);
}
-569 AUE_NULL STD|CAPENABLED {
+569 AUE_NULL STD|CAT_GENIO|CAPENABLED {
ssize_t copy_file_range(
int infd,
_Inout_opt_ off_t *inoffp,
@@ -3215,7 +3218,7 @@
unsigned int flags
);
}
-570 AUE_SYSCTL STD|CAPENABLED {
+570 AUE_SYSCTL STD|CAT_SYSINFO|CAPENABLED {
int __sysctlbyname(
_In_reads_(namelen) const char *name,
size_t namelen,
@@ -3225,7 +3228,7 @@
size_t newlen
);
}
-571 AUE_SHMOPEN STD|CAPENABLED {
+571 AUE_SHMOPEN STD|CAT_POSIXSHM_|CAPENABLED {
int shm_open2(
_In_z_ const char *path,
int flags,
@@ -3234,20 +3237,20 @@
_In_z_ const char *name
);
}
-572 AUE_SHMRENAME STD {
+572 AUE_SHMRENAME STD|CAT_POSIXSHM {
int shm_rename(
_In_z_ const char *path_from,
_In_z_ const char *path_to,
int flags
);
}
-573 AUE_NULL STD|CAPENABLED {
+573 AUE_NULL STD|CAT_SIGMASK|CAPENABLED {
int sigfastblock(
int cmd,
_Inout_opt_ uint32_t *ptr
);
}
-574 AUE_REALPATHAT STD {
+574 AUE_REALPATHAT STD|CAT_PATH {
int __realpathat(
int fd,
_In_z_ const char *path,
@@ -3256,7 +3259,7 @@
int flags
);
}
-575 AUE_CLOSERANGE STD|CAPENABLED {
+575 AUE_CLOSERANGE STD|CAT_FDESC|CAPENABLED {
int close_range(
u_int lowfd,
u_int highfd,
@@ -3270,24 +3273,24 @@
_In_z_ const char *path
);
}
-577 AUE_SPECIALFD STD|CAPENABLED {
+577 AUE_SPECIALFD STD|CAT_POLL|CAPENABLED {
int __specialfd(
int type,
_In_reads_bytes_(len) const void *req,
size_t len
);
}
-578 AUE_AIO_WRITEV STD|CAPENABLED {
+578 AUE_AIO_WRITEV STD|CAT_AIO|CAPENABLED {
int aio_writev(
_Inout_ _Contains_long_ptr_ struct aiocb *aiocbp
);
}
-579 AUE_AIO_READV STD|CAPENABLED {
+579 AUE_AIO_READV STD|CAT_AIO|CAPENABLED {
int aio_readv(
_Inout_ _Contains_long_ptr_ struct aiocb *aiocbp
);
}
-580 AUE_FSPACECTL STD|CAPENABLED {
+580 AUE_FSPACECTL STD|CAT_GENIO|CAPENABLED {
int fspacectl(
int fd,
int cmd,
@@ -3296,11 +3299,11 @@
_Out_opt_ struct spacectl_range *rmsr,
);
}
-581 AUE_NULL STD|CAPENABLED {
+581 AUE_NULL STD|CAT_GETSCHED|CAPENABLED {
int sched_getcpu(void);
}
-582 AUE_SWAPOFF STD {
+582 AUE_SWAPOFF STD|CAT_SYSMGMT {
int swapoff(
_In_z_ const char *name,
u_int flags,
Index: sys/kern/sysv_msg.c
===================================================================
--- sys/kern/sysv_msg.c
+++ sys/kern/sysv_msg.c
@@ -301,11 +301,13 @@
osd_free_reserved(rsv);
sx_sunlock(&allprison_lock);
- error = syscall_helper_register(msg_syscalls, SY_THR_STATIC_KLD);
+ error = syscall_helper_register(msg_syscalls,
+ SY_THR_STATIC_KLD | SY_HLP_PRESERVE_SYFLAGS);
if (error != 0)
return (error);
#ifdef COMPAT_FREEBSD32
- error = syscall32_helper_register(msg32_syscalls, SY_THR_STATIC_KLD);
+ error = syscall32_helper_register(msg32_syscalls,
+ SY_THR_STATIC_KLD | SY_HLP_PRESERVE_SYFLAGS);
if (error != 0)
return (error);
#endif
Index: sys/kern/sysv_sem.c
===================================================================
--- sys/kern/sysv_sem.c
+++ sys/kern/sysv_sem.c
@@ -332,11 +332,13 @@
osd_free_reserved(rsv);
sx_sunlock(&allprison_lock);
- error = syscall_helper_register(sem_syscalls, SY_THR_STATIC_KLD);
+ error = syscall_helper_register(sem_syscalls,
+ SY_THR_STATIC_KLD | SY_HLP_PRESERVE_SYFLAGS);
if (error != 0)
return (error);
#ifdef COMPAT_FREEBSD32
- error = syscall32_helper_register(sem32_syscalls, SY_THR_STATIC_KLD);
+ error = syscall32_helper_register(sem32_syscalls,
+ SY_THR_STATIC_KLD | SY_HLP_PRESERVE_SYFLAGS);
if (error != 0)
return (error);
#endif
Index: sys/kern/sysv_shm.c
===================================================================
--- sys/kern/sysv_shm.c
+++ sys/kern/sysv_shm.c
@@ -761,6 +761,8 @@
shmseg->u.shm_lpid = shmseg->u.shm_nattch = 0;
shmseg->u.shm_atime = shmseg->u.shm_dtime = 0;
#ifdef MAC
+ if (shmseg->label == NULL) /* deal with late loaded MAC modules */
+ mac_sysvshm_init(shmseg);
mac_sysvshm_create(cred, shmseg);
#endif
shmseg->u.shm_ctime = time_second;
@@ -990,11 +992,13 @@
osd_free_reserved(rsv);
sx_sunlock(&allprison_lock);
- error = syscall_helper_register(shm_syscalls, SY_THR_STATIC_KLD);
+ error = syscall_helper_register(shm_syscalls,
+ SY_THR_STATIC_KLD | SY_HLP_PRESERVE_SYFLAGS);
if (error != 0)
return (error);
#ifdef COMPAT_FREEBSD32
- error = syscall32_helper_register(shm32_syscalls, SY_THR_STATIC_KLD);
+ error = syscall32_helper_register(shm32_syscalls,
+ SY_THR_STATIC_KLD | SY_HLP_PRESERVE_SYFLAGS);
if (error != 0)
return (error);
#endif
Index: sys/kern/uipc_mqueue.c
===================================================================
--- sys/kern/uipc_mqueue.c
+++ sys/kern/uipc_mqueue.c
@@ -2889,11 +2889,13 @@
{
int error;
- error = syscall_helper_register(mq_syscalls, SY_THR_STATIC_KLD);
+ error = syscall_helper_register(mq_syscalls,
+ SY_THR_STATIC_KLD | SY_HLP_PRESERVE_SYFLAGS);
if (error != 0)
return (error);
#ifdef COMPAT_FREEBSD32
- error = syscall32_helper_register(mq32_syscalls, SY_THR_STATIC_KLD);
+ error = syscall32_helper_register(mq32_syscalls,
+ SY_THR_STATIC_KLD | SY_HLP_PRESERVE_SYFLAGS);
if (error != 0)
return (error);
#endif
Index: sys/kern/uipc_sem.c
===================================================================
--- sys/kern/uipc_sem.c
+++ sys/kern/uipc_sem.c
@@ -1038,11 +1038,13 @@
p31b_setcfg(CTL_P1003_1B_SEM_NSEMS_MAX, SEM_MAX);
p31b_setcfg(CTL_P1003_1B_SEM_VALUE_MAX, SEM_VALUE_MAX);
- error = syscall_helper_register(ksem_syscalls, SY_THR_STATIC_KLD);
+ error = syscall_helper_register(ksem_syscalls,
+ SY_THR_STATIC_KLD | SY_HLP_PRESERVE_SYFLAGS);
if (error)
return (error);
#ifdef COMPAT_FREEBSD32
- error = syscall32_helper_register(ksem32_syscalls, SY_THR_STATIC_KLD);
+ error = syscall32_helper_register(ksem32_syscalls,
+ SY_THR_STATIC_KLD | SY_HLP_PRESERVE_SYFLAGS);
if (error)
return (error);
#endif
Index: sys/kern/uipc_shm.c
===================================================================
--- sys/kern/uipc_shm.c
+++ sys/kern/uipc_shm.c
@@ -55,6 +55,7 @@
#include <sys/param.h>
#include <sys/capsicum.h>
+#include <sys/syscat.h>
#include <sys/conf.h>
#include <sys/fcntl.h>
#include <sys/file.h>
@@ -596,16 +597,29 @@
int error;
char *path;
const char *pr_path;
- size_t pr_pathlen;
+ size_t off;
path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK);
- pr_path = td->td_ucred->cr_prison->pr_path;
+ off = 0;
/* Construct a full pathname for jailed callers. */
- pr_pathlen = strcmp(pr_path, "/") ==
- 0 ? 0 : strlcpy(path, pr_path, MAXPATHLEN);
- error = copyinstr(userpath_in, path + pr_pathlen,
- MAXPATHLEN - pr_pathlen, NULL);
+ pr_path = td->td_ucred->cr_prison->pr_path;
+ if (strcmp(pr_path, "/") != 0) {
+ off += strlcpy(path, pr_path, MAXPATHLEN);
+ if (off >= MAXPATHLEN) {
+ error = ENAMETOOLONG;
+ goto out;
+ }
+ }
+
+#ifdef MAC
+ /* Allow MAC modules to add a path prefix similarly to jails. */
+ error = mac_posixshm_path_prefix(td->td_ucred, path, &off, MAXPATHLEN);
+ if (error != 0)
+ goto out;
+#endif
+
+ error = copyinstr(userpath_in, path + off, MAXPATHLEN - off, NULL);
if (error != 0)
goto out;
@@ -615,7 +629,7 @@
#endif
/* Require paths to start with a '/' character. */
- if (path[pr_pathlen] != '/') {
+ if (path[off] != '/') {
error = EINVAL;
goto out;
}
@@ -1068,13 +1082,20 @@
if ((shmflags & SHM_ALLOW_SEALING) != 0)
initial_seals &= ~F_SEAL_SEAL;
+ if (userpath != SHM_ANON) {
#ifdef CAPABILITY_MODE
- /*
- * shm_open(2) is only allowed for anonymous objects.
- */
- if (IN_CAPABILITY_MODE(td) && (userpath != SHM_ANON))
- return (ECAPMODE);
+ /*
+ * shm_open(2) is only allowed for anonymous objects.
+ */
+ if (IN_CAPABILITY_MODE(td))
+ return (ECAPMODE);
#endif
+#ifdef MAC
+ error = mac_system_check_syscat(td->td_ucred, SY_CAT_POSIXSHM);
+ if (error)
+ return (error);
+#endif
+ }
AUDIT_ARG_FFLAGS(flags);
AUDIT_ARG_MODE(mode);
@@ -1798,29 +1819,41 @@
shm_fill_kinfo_locked(struct shmfd *shmfd, struct kinfo_file *kif, bool list)
{
const char *path, *pr_path;
- size_t pr_pathlen;
- bool visible;
+ size_t off, pr_pathlen;
sx_assert(&shm_dict_lock, SA_LOCKED);
kif->kf_type = KF_TYPE_SHM;
kif->kf_un.kf_file.kf_file_mode = S_IFREG | shmfd->shm_mode;
kif->kf_un.kf_file.kf_file_size = shmfd->shm_size;
+
if (shmfd->shm_path != NULL) {
- if (shmfd->shm_path != NULL) {
- path = shmfd->shm_path;
- pr_path = curthread->td_ucred->cr_prison->pr_path;
- if (strcmp(pr_path, "/") != 0) {
- /* Return the jail-rooted pathname. */
- pr_pathlen = strlen(pr_path);
- visible = strncmp(path, pr_path, pr_pathlen)
- == 0 && path[pr_pathlen] == '/';
- if (list && !visible)
- return (EPERM);
- if (visible)
- path += pr_pathlen;
- }
- strlcpy(kif->kf_path, path, sizeof(kif->kf_path));
+ path = shmfd->shm_path;
+ off = 0;
+
+ /* Return the jail-rooted pathname. */
+ pr_path = curthread->td_ucred->cr_prison->pr_path;
+ if (strcmp(pr_path, "/") != 0) {
+ pr_pathlen = strlen(pr_path);
+ if (strncmp(path, pr_path, pr_pathlen) == 0 &&
+ path[pr_pathlen] == '/')
+ off += pr_pathlen; /* trim reported path */
+ else if (list)
+ return (ENOENT); /* skip object in listings */
}
+
+#ifdef MAC
+ /*
+ * Similarly, check and trim prefixes added by MAC modules.
+ * The offset may be advanced to the NUL at the end of the path
+ * to indicate that it did not match the expected prefixes.
+ * The reported path will thus be empty (if not erroring out).
+ */
+ mac_posixshm_path_unprefix(curthread->td_ucred, path, &off);
+ if (list && path[off] == '\0')
+ return (ENOENT);
+#endif
+
+ strlcpy(kif->kf_path, path + off, sizeof(kif->kf_path));
}
return (0);
}
@@ -2043,7 +2076,7 @@
LIST_FOREACH(shmm, &shm_dictionary[i], sm_link) {
error = shm_fill_kinfo_locked(shmm->sm_shmfd,
&kif, true);
- if (error == EPERM) {
+ if (error == ENOENT) {
error = 0;
continue;
}
Index: sys/kern/uipc_socket.c
===================================================================
--- sys/kern/uipc_socket.c
+++ sys/kern/uipc_socket.c
@@ -144,6 +144,7 @@
#include <sys/uio.h>
#include <sys/un.h>
#include <sys/unpcb.h>
+#include <sys/ucred.h>
#include <sys/jail.h>
#include <sys/syslog.h>
#include <netinet/in.h>
@@ -3149,6 +3150,12 @@
error = EINVAL;
goto bad;
}
+#ifdef MAC
+ error = mac_net_check_fibnum(sopt->sopt_td->td_ucred,
+ optval);
+ if (error)
+ goto bad;
+#endif
if (((so->so_proto->pr_domain->dom_family == PF_INET) ||
(so->so_proto->pr_domain->dom_family == PF_INET6) ||
(so->so_proto->pr_domain->dom_family == PF_ROUTE)))
Index: sys/kern/uipc_syscalls.c
===================================================================
--- sys/kern/uipc_syscalls.c
+++ sys/kern/uipc_syscalls.c
@@ -569,8 +569,7 @@
fflag |= FNONBLOCK;
}
#ifdef MAC
- /* We might want to have a separate check for socket pairs. */
- error = mac_socket_check_create(td->td_ucred, domain, type,
+ error = mac_socket_check_create_pair(td->td_ucred, domain, type,
protocol);
if (error != 0)
return (error);
@@ -1265,7 +1264,11 @@
&fp, NULL, NULL);
if (error == 0) {
so = fp->f_data;
- error = sosetopt(so, &sopt);
+#ifdef MAC
+ error = mac_socket_check_setsockopt(td->td_ucred, so, &sopt);
+#endif
+ if (error == 0)
+ error = sosetopt(so, &sopt);
fdrop(fp, td);
}
return(error);
@@ -1330,8 +1333,13 @@
&fp, NULL, NULL);
if (error == 0) {
so = fp->f_data;
- error = sogetopt(so, &sopt);
- *valsize = sopt.sopt_valsize;
+#ifdef MAC
+ error = mac_socket_check_getsockopt(td->td_ucred, so, &sopt);
+#endif
+ if (error == 0) {
+ error = sogetopt(so, &sopt);
+ *valsize = sopt.sopt_valsize;
+ }
fdrop(fp, td);
}
return (error);
Index: sys/kern/uipc_usrreq.c
===================================================================
--- sys/kern/uipc_usrreq.c
+++ sys/kern/uipc_usrreq.c
@@ -2038,6 +2038,15 @@
goto next;
fdep = data;
+#ifdef MAC
+ for (i = 0; i < newfds; i++) {
+ error = mac_generic_check_recvfd(td->td_ucred,
+ td, fdep[i]->fde_file);
+ if (error)
+ break;
+ }
+#endif
+
/* If we're not outputting the descriptors free them. */
if (error || controlp == NULL) {
unp_freerights(fdep, newfds);
@@ -2273,6 +2282,14 @@
error = EOPNOTSUPP;
goto out;
}
+#ifdef MAC
+ error = mac_generic_check_sendfd(td->td_ucred,
+ td, fp);
+ if (error) {
+ FILEDESC_SUNLOCK(fdesc);
+ goto out;
+ }
+#endif
}
/*
Index: sys/kern/vfs_cache.c
===================================================================
--- sys/kern/vfs_cache.c
+++ sys/kern/vfs_cache.c
@@ -2889,19 +2889,22 @@
VNPASS(VN_IS_DOOMED(vp), vp);
if (cache_has_entries(vp)) {
cache_purge_impl(vp);
- return;
+ } else {
+ /*
+ * Serialize against a potential thread doing cache_purge.
+ */
+ vlp = VP2VNODELOCK(vp);
+ mtx_wait_unlocked(vlp);
+ if (cache_has_entries(vp)) {
+ cache_purge_impl(vp);
+ }
}
-
/*
- * Serialize against a potential thread doing cache_purge.
+ * mac_curtain (ab)uses v_hash and v_nchash to detect when a vnode no
+ * longer refers to the same file. v_nchash is incremented on each
+ * reclaim so that it can be used as a sort of generation counter.
*/
- vlp = VP2VNODELOCK(vp);
- mtx_wait_unlocked(vlp);
- if (cache_has_entries(vp)) {
- cache_purge_impl(vp);
- return;
- }
- return;
+ vp->v_nchash++;
}
/*
@@ -4245,6 +4248,12 @@
cache_fpl_aborted_early(fpl);
return (false);
}
+#ifdef MAC
+ if (mac_vnode_walk_needed(cnp->cn_cred)) {
+ cache_fpl_aborted_early(fpl);
+ return (false);
+ }
+#endif
if (AUDITING_TD(td)) {
cache_fpl_aborted_early(fpl);
return (false);
Index: sys/kern/vfs_lookup.c
===================================================================
--- sys/kern/vfs_lookup.c
+++ sys/kern/vfs_lookup.c
@@ -323,6 +323,13 @@
return (ECAPMODE);
}
}
+#endif
+#ifdef MAC
+ if ((cnp->cn_flags & NOMACCHECK) == 0 &&
+ mac_vnode_walk_needed(cnp->cn_cred))
+ ndp->ni_lcf |= NI_LCF_MACWALK_ACTIVE |
+ ((cnp->cn_flags & MACWALKCONTINUE) == 0 ?
+ NI_LCF_MACWALK_ADVANCE : NI_LCF_MACWALK_RESUME);
#endif
error = 0;
@@ -354,6 +361,11 @@
AUDIT_ARG_ATFD2(ndp->ni_dirfd);
error = fgetvp_lookup(ndp->ni_dirfd, ndp, dpp);
+#ifdef MAC
+ /* Reuse fgetvp_lookup()'s tracker slot. */
+ if (error == 0)
+ ndp->ni_lcf &= ~NI_LCF_MACWALK_ADVANCE;
+#endif
}
if (error == 0 && (*dpp)->v_type != VDIR &&
(cnp->cn_pnbuf[0] != '\0' ||
@@ -485,7 +497,7 @@
}
#ifdef MAC
if ((cnp->cn_flags & NOMACCHECK) == 0) {
- error = mac_vnode_check_readlink(td->td_ucred, ndp->ni_vp);
+ error = mac_vnode_check_readlink(cnp->cn_cred, ndp->ni_vp);
if (error != 0)
goto out;
}
@@ -677,9 +689,8 @@
error = vfs_lookup(ndp);
if (error != 0)
goto out;
-
/*
- * If not a symbolic link, we're done.
+ * If not a (followed) symbolic link, we're done.
*/
if ((cnp->cn_flags & ISSYMLINK) == 0) {
SDT_PROBE4(vfs, namei, lookup, return, error,
@@ -690,24 +701,41 @@
cnp->cn_flags |= HASBUF;
nameicap_cleanup(ndp);
pwd_drop(pwd);
- if (error == 0)
- NDVALIDATE(ndp);
+ NDVALIDATE(ndp);
+#ifdef MAC
+ if (ndp->ni_lcf & NI_LCF_MACWALK_ACTIVE) {
+ error = mac_vnode_walk_finish(
+ cnp->cn_cred, ndp->ni_dvp, ndp->ni_vp);
+ if (error != 0)
+ NDFREE(ndp, 0);
+ }
+#endif
return (error);
}
error = namei_follow_link(ndp);
if (error != 0)
break;
- vput(ndp->ni_vp);
dp = ndp->ni_dvp;
/*
* Check if root directory should replace current directory.
*/
cnp->cn_nameptr = cnp->cn_pnbuf;
if (*(cnp->cn_nameptr) == '/') {
+ vput(ndp->ni_vp);
vrele(dp);
error = namei_handle_root(ndp, &dp);
if (error != 0)
goto out;
+ } else {
+#ifdef MAC
+ /* Can resume MAC walk from containing directory. */
+ if (ndp->ni_lcf & NI_LCF_MACWALK_ACTIVE) {
+ mac_vnode_walk_return(cnp->cn_cred,
+ ndp->ni_vp, dp);
+ ndp->ni_lcf |= NI_LCF_MACWALK_RESUME;
+ }
+#endif
+ vput(ndp->ni_vp);
}
}
vput(ndp->ni_vp);
@@ -719,6 +747,10 @@
namei_cleanup_cnp(cnp);
nameicap_cleanup(ndp);
pwd_drop(pwd);
+#ifdef MAC
+ if (ndp->ni_lcf & NI_LCF_MACWALK_ACTIVE)
+ error = mac_vnode_walk_failed(cnp->cn_cred, error);
+#endif
return (error);
}
@@ -906,15 +938,14 @@
int rdonly; /* lookup read-only flag bit */
int error = 0;
int dpunlocked = 0; /* dp has already been unlocked */
+ int ni_dvp_unlocked = 0; /* ni_dvp already unlocked/released */
int relookup = 0; /* do not consume the path component */
struct componentname *cnp = &ndp->ni_cnd;
int lkflags_save;
- int ni_dvp_unlocked;
/*
* Setup: break out flag bits into variables.
*/
- ni_dvp_unlocked = 0;
wantparent = cnp->cn_flags & (LOCKPARENT | WANTPARENT);
KASSERT(cnp->cn_nameiop == LOOKUP || wantparent,
("CREATE, DELETE, RENAME require LOCKPARENT or WANTPARENT."));
@@ -941,6 +972,18 @@
dp = ndp->ni_startdir;
ndp->ni_startdir = NULLVP;
+#ifdef MAC
+ if ((ndp->ni_lcf & NI_LCF_MACWALK_ACTIVE) != 0) {
+ if ((ndp->ni_lcf & NI_LCF_MACWALK_RESUME) == 0) {
+ error = mac_vnode_walk_start_vp(cnp->cn_cred, dp,
+ (ndp->ni_lcf & NI_LCF_MACWALK_ADVANCE) != 0);
+ if (error != 0)
+ goto bad_unlocked;
+ }
+ ndp->ni_lcf &= ~(NI_LCF_MACWALK_RESUME | NI_LCF_MACWALK_ADVANCE);
+ }
+#endif
+
/*
* Leading slashes, if any, are supposed to be skipped by the caller.
*/
@@ -1119,6 +1162,10 @@
}
tdp = dp;
dp = dp->v_mount->mnt_vnodecovered;
+#ifdef MAC
+ if (ndp->ni_lcf & NI_LCF_MACWALK_ACTIVE)
+ mac_vnode_walk_transfer(cnp->cn_cred, tdp, dp);
+#endif
VREF(dp);
vput(tdp);
vn_lock(dp,
@@ -1140,6 +1187,7 @@
*/
unionlookup:
#ifdef MAC
+ /* NOTE: NOMACCHECK check is done by mac_vnode_check_lookup_impl(). */
error = mac_vnode_check_lookup(cnp->cn_cred, dp, cnp);
if (__predict_false(error))
goto bad;
@@ -1182,6 +1230,10 @@
(dp->v_mount->mnt_flag & MNT_UNION)) {
tdp = dp;
dp = dp->v_mount->mnt_vnodecovered;
+#ifdef MAC
+ if (ndp->ni_lcf & NI_LCF_MACWALK_ACTIVE)
+ mac_vnode_walk_transfer(cnp->cn_cred, tdp, dp);
+#endif
VREF(dp);
vput(tdp);
vn_lock(dp,
@@ -1217,6 +1269,10 @@
error = ENOENT;
goto bad;
}
+#ifdef MAC
+ if (ndp->ni_lcf & NI_LCF_MACWALK_ACTIVE)
+ mac_vnode_walk_lookup(cnp->cn_cred, dp, cnp, NULL);
+#endif
if ((cnp->cn_flags & LOCKPARENT) == 0)
VOP_UNLOCK(dp);
/*
@@ -1237,6 +1293,11 @@
#endif
dp = ndp->ni_vp;
+#ifdef MAC
+ if (ndp->ni_lcf & NI_LCF_MACWALK_ACTIVE)
+ mac_vnode_walk_lookup(cnp->cn_cred, ndp->ni_dvp, cnp, dp);
+#endif
+
/*
* Check to see if the vnode has been mounted on;
* if so find the root of the mounted filesystem.
@@ -1245,7 +1306,7 @@
(cnp->cn_flags & NOCROSSMOUNT) == 0) {
if (vfs_busy(mp, 0))
continue;
- vput(dp);
+ VOP_UNLOCK(dp);
if (dp != ndp->ni_dvp)
vput(ndp->ni_dvp);
else
@@ -1258,9 +1319,15 @@
if (vn_lock(vp_crossmp, LK_SHARED | LK_NOWAIT))
panic("vp_crossmp exclusively locked or reclaimed");
if (error) {
+ vrele(dp);
dpunlocked = 1;
goto bad2;
}
+#ifdef MAC
+ if (ndp->ni_lcf & NI_LCF_MACWALK_ACTIVE)
+ mac_vnode_walk_transfer(cnp->cn_cred, dp, tdp);
+#endif
+ vrele(dp);
ndp->ni_vp = dp = tdp;
}
Index: sys/kern/vfs_syscalls.c
===================================================================
--- sys/kern/vfs_syscalls.c
+++ sys/kern/vfs_syscalls.c
@@ -1127,7 +1127,8 @@
struct vnode *vp;
struct nameidata nd;
cap_rights_t rights;
- int cmode, error, indx;
+ mode_t cmode;
+ int error, indx;
indx = -1;
fdp = p->p_fd;
@@ -1164,6 +1165,9 @@
/* Set the flags early so the finit in devfs can pick them up. */
fp->f_flag = flags & FMASK;
cmode = ((mode & ~pdp->pd_cmask) & ALLPERMS) & ~S_ISTXT;
+#ifdef MAC
+ mac_generic_filter_setmode(td->td_ucred, NULL, &cmode);
+#endif
NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | AUDITVNODE1 | WANTIOCTLCAPS,
pathseg, path, fd, &rights);
td->td_dupfd = -1; /* XXX check for fdopen */
@@ -2945,6 +2949,9 @@
if ((error = namei(&nd)) != 0)
return (error);
NDFREE_NOTHING(&nd);
+#ifdef MAC
+ mac_generic_filter_setmode(td->td_ucred, NULL, &mode);
+#endif
error = setfmode(td, td->td_ucred, nd.ni_vp, mode);
vrele(nd.ni_vp);
return (error);
@@ -2963,6 +2970,7 @@
sys_fchmod(struct thread *td, struct fchmod_args *uap)
{
struct file *fp;
+ mode_t mode;
int error;
AUDIT_ARG_FD(uap->fd);
@@ -2971,7 +2979,11 @@
error = fget(td, uap->fd, &cap_fchmod_rights, &fp);
if (error != 0)
return (error);
- error = fo_chmod(fp, uap->mode, td->td_ucred, td);
+ mode = uap->mode;
+#ifdef MAC
+ mac_generic_filter_setmode(td->td_ucred, fp, &mode);
+#endif
+ error = fo_chmod(fp, mode, td->td_ucred, td);
fdrop(fp, td);
return (error);
}
@@ -4209,7 +4221,14 @@
loff = auio.uio_offset = foffset;
#ifdef MAC
error = mac_vnode_check_readdir(td->td_ucred, vp);
- if (error == 0)
+ if (error != 0) {
+ VOP_UNLOCK(vp);
+ goto fail;
+ }
+ if (mac_vnode_walk_needed(td->td_ucred))
+ error = mac_vnode_readdir_filtered(td->td_ucred, fp->f_cred,
+ vp, &auio);
+ else
#endif
error = VOP_READDIR(vp, &auio, fp->f_cred, &eofflag, NULL,
NULL);
@@ -4224,6 +4243,10 @@
struct vnode *tvp = vp;
vp = vp->v_mount->mnt_vnodecovered;
+#ifdef MAC
+ if (mac_vnode_walk_needed(td->td_ucred))
+ mac_vnode_walk_transfer(td->td_ucred, tvp, vp);
+#endif
VREF(vp);
fp->f_vnode = vp;
foffset = 0;
Index: sys/kern/vfs_vnops.c
===================================================================
--- sys/kern/vfs_vnops.c
+++ sys/kern/vfs_vnops.c
@@ -215,6 +215,10 @@
res |= NOCAPCHECK;
if ((vn_open_flags & VN_OPEN_WANTIOCTLCAPS) != 0)
res |= WANTIOCTLCAPS;
+#ifdef MAC
+ if ((vn_open_flags & VN_OPEN_MACWALKCONTINUE) != 0)
+ res |= MACWALKCONTINUE;
+#endif
return (res);
}
@@ -285,6 +289,10 @@
#endif
error = VOP_CREATE(ndp->ni_dvp, &ndp->ni_vp,
&ndp->ni_cnd, vap);
+#ifdef MAC
+ if (error == 0 && mac_vnode_walk_needed(cred))
+ mac_vnode_walk_created(cred, ndp->ni_dvp, ndp->ni_vp);
+#endif
vp = ndp->ni_vp;
if (error == 0 && (fmode & O_EXCL) != 0 &&
(fmode & (O_EXLOCK | O_SHLOCK)) != 0) {
@@ -429,6 +437,8 @@
error = mac_vnode_check_open(cred, vp, accmode);
if (error != 0)
return (error);
+ if (fp != NULL)
+ mac_vnode_walk_amend_fp(cred, fp, vp);
accmode &= ~(VCREAT | VVERIFY);
#endif
Index: sys/net/route/route_tables.c
===================================================================
--- sys/net/route/route_tables.c
+++ sys/net/route/route_tables.c
@@ -50,11 +50,14 @@
#include <sys/sx.h>
#include <sys/domain.h>
#include <sys/sysproto.h>
+#include <sys/sockopt.h>
#include <net/vnet.h>
#include <net/route.h>
#include <net/route/route_var.h>
+#include <security/mac/mac_framework.h>
+
/* Kernel config default option. */
#ifdef ROUTETABLES
#if ROUTETABLES <= 0
@@ -152,6 +155,12 @@
{
int error = 0;
+#ifdef MAC
+ error = mac_net_check_fibnum(td->td_ucred, uap->fibnum);
+ if (error)
+ return (error);
+#endif
+
CURVNET_SET(TD_TO_VNET(td));
if (uap->fibnum >= 0 && uap->fibnum < V_rt_numfibs)
td->td_proc->p_fibnum = uap->fibnum;
Index: sys/security/mac/mac_cred.c
===================================================================
--- sys/security/mac/mac_cred.c
+++ sys/security/mac/mac_cred.c
@@ -113,6 +113,14 @@
}
}
+void
+mac_cred_trim(struct ucred *cred)
+{
+ cred->cr_flags &= ~CRED_FLAG_NEEDTRIM;
+
+ MAC_POLICY_PERFORM_NOSLEEP(cred_trim_label, cred);
+}
+
/*
* When a thread becomes an NFS server daemon, its credential may need to be
* updated to reflect this so that policies can recognize when file system
Index: sys/security/mac/mac_framework.h
===================================================================
--- sys/security/mac/mac_framework.h
+++ sys/security/mac/mac_framework.h
@@ -59,6 +59,8 @@
struct cdev;
struct componentname;
struct devfs_dirent;
+struct dirent;
+struct file;
struct ifnet;
struct ifreq;
struct image_params;
@@ -79,8 +81,10 @@
struct shmid_kernel;
struct sockaddr;
struct socket;
+struct sockopt;
struct sysctl_oid;
struct sysctl_req;
+struct sysent;
struct pipepair;
struct thread;
struct timespec;
@@ -91,6 +95,8 @@
#include <sys/acl.h> /* XXX acl_type_t */
#include <sys/types.h> /* accmode_t */
+#include <vm/vm.h> /* vm_prot_t */
+#include <sys/ucred.h> /* ucred's cr_flags */
/*
* Entry points to the TrustedBSD MAC Framework from the remainder of the
@@ -128,6 +134,7 @@
void mac_cred_create_init(struct ucred *cred);
void mac_cred_create_swapper(struct ucred *cred);
void mac_cred_destroy(struct ucred *);
+void mac_cred_trim(struct ucred *);
void mac_cred_init(struct ucred *);
void mac_devfs_create_device(struct ucred *cred, struct mount *mp,
@@ -183,6 +190,8 @@
int mac_ifnet_ioctl_set(struct ucred *cred, struct ifreq *ifr,
struct ifnet *ifp);
+int mac_net_check_fibnum(struct ucred *cred, int fibnum);
+
int mac_inpcb_check_deliver(struct inpcb *inp, struct mbuf *m);
int mac_inpcb_check_visible(struct ucred *cred, struct inpcb *inp);
void mac_inpcb_create(struct socket *so, struct inpcb *inp);
@@ -287,6 +296,10 @@
void mac_posixsem_destroy(struct ksem *);
void mac_posixsem_init(struct ksem *);
+int mac_posixshm_path_prefix(struct ucred *active_cred, char *path,
+ size_t *prefix_len, size_t path_size);
+void mac_posixshm_path_unprefix(struct ucred *cred, const char *path,
+ size_t *prefix_len);
int mac_posixshm_check_create(struct ucred *cred, const char *path);
int mac_posixshm_check_mmap(struct ucred *cred, struct shmfd *shmfd,
int prot, int flags);
@@ -346,6 +359,8 @@
int mac_proc_check_signal(struct ucred *cred, struct proc *p,
int signum);
int mac_proc_check_wait(struct ucred *cred, struct proc *p);
+int mac_proc_check_procctl(struct ucred *cred, struct proc *p,
+ int com, void *data);
void mac_proc_destroy(struct proc *);
void mac_proc_init(struct proc *);
void mac_proc_vm_revoke(struct thread *td);
@@ -362,6 +377,8 @@
struct sockaddr *sa);
int mac_socket_check_create(struct ucred *cred, int domain, int type,
int proto);
+int mac_socket_check_create_pair(struct ucred *cred, int domain, int type,
+ int proto);
int mac_socket_check_deliver(struct socket *so, struct mbuf *m);
int mac_socket_check_listen(struct ucred *cred, struct socket *so);
int mac_socket_check_poll(struct ucred *cred, struct socket *so);
@@ -369,6 +386,10 @@
int mac_socket_check_send(struct ucred *cred, struct socket *so);
int mac_socket_check_stat(struct ucred *cred, struct socket *so);
int mac_socket_check_visible(struct ucred *cred, struct socket *so);
+int mac_socket_check_setsockopt(struct ucred *cred, struct socket *so,
+ struct sockopt *opt);
+int mac_socket_check_getsockopt(struct ucred *cred, struct socket *so,
+ struct sockopt *opt);
void mac_socket_create_mbuf(struct socket *so, struct mbuf *m);
void mac_socket_create(struct ucred *cred, struct socket *so);
void mac_socket_destroy(struct socket *);
@@ -400,6 +421,32 @@
int mac_system_check_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
void *arg1, int arg2, struct sysctl_req *req);
+int mac_system_check_syscat_impl(struct ucred *cred, int syscat);
+
+static inline int
+mac_system_check_syscat(struct ucred *cred, int syscat)
+{
+#ifdef MAC
+ if ((cred->cr_flags & CRED_FLAG_SYSFILT) != 0)
+ return (mac_system_check_syscat_impl(cred, syscat));
+#endif
+ return (0);
+}
+
+int mac_system_check_sysent_impl(struct ucred *cred, const struct sysent *se);
+
+static inline int
+mac_system_check_sysent(struct ucred *cred, const struct sysent *se)
+{
+#ifdef MAC
+ if ((cred->cr_flags & CRED_FLAG_SYSFILT) != 0)
+ return (mac_system_check_sysent_impl(cred, se));
+#endif
+ return (0);
+}
+
+void mac_system_execve(struct ucred *cred, struct image_params *imgp);
+
void mac_sysvmsg_cleanup(struct msg *msgptr);
void mac_sysvmsg_create(struct ucred *cred, struct msqid_kernel *msqkptr,
struct msg *msgptr);
@@ -685,4 +732,54 @@
*/
int vop_stdsetlabel_ea(struct vop_setlabel_args *ap);
+static inline bool
+mac_vnode_walk_needed(struct ucred *cred)
+{
+ return ((cred->cr_flags & CRED_FLAG_SYSFILT) != 0);
+}
+
+int mac_vnode_readdir_filtered(struct ucred *active_ucred,
+ struct ucred *file_cred, struct vnode *vp, struct uio *uio);
+
+/*
+ * The vnode "walk" functions let policies keep track of vnode permissions
+ * during traversals (without relying on per-vnode labels stored in the
+ * filesystem). Used by mac_curtain(4) to implement "unveils".
+ */
+void mac_vnode_walk_amend_fp(struct ucred *cred,
+ struct file *fp, struct vnode *vp);
+int mac_vnode_walk_start_fp(struct ucred *cred, struct file *fp,
+ bool advance);
+int mac_vnode_walk_start_vp(struct ucred *cred, struct vnode *vp,
+ bool advance);
+void mac_vnode_walk_lookup(struct ucred *cred,
+ struct vnode *dvp, struct componentname *cnp, struct vnode *vp);
+void mac_vnode_walk_return(struct ucred *cred,
+ struct vnode *from_vp, struct vnode *to_vp);
+void mac_vnode_walk_transfer(struct ucred *cred,
+ struct vnode *from_vp, struct vnode *to_vp);
+void mac_vnode_walk_created(struct ucred *cred,
+ struct vnode *dvp, struct vnode *vp);
+int mac_vnode_walk_finish(struct ucred *cred,
+ struct vnode *dvp, struct vnode *vp);
+int mac_vnode_walk_failed(struct ucred *cred, int error);
+bool mac_vnode_walk_dirent_visible(struct ucred *cred,
+ struct vnode *vp, struct dirent *dp);
+
+/*
+ * Checks done on generic file objects rather than specific kernel object
+ * types. Added in a rather ad-hoc manner to support mac_curtain(4). The file
+ * argument may be NULL when it is not known or when none apply.
+ */
+void mac_generic_filter_setmode(struct ucred *cred, struct file *fp,
+ mode_t *mode);
+int mac_generic_check_ioctl(struct ucred *cred, struct file *fp,
+ unsigned long cmd, void *data);
+int mac_generic_check_vm_prot(struct ucred *cred, struct file *fp,
+ vm_prot_t prot);
+int mac_generic_check_sendfd(struct ucred *cred, struct thread *td,
+ struct file *fp);
+int mac_generic_check_recvfd(struct ucred *cred, struct thread *td,
+ struct file *fp);
+
#endif /* !_SECURITY_MAC_MAC_FRAMEWORK_H_ */
Index: sys/security/mac/mac_framework.c
===================================================================
--- sys/security/mac/mac_framework.c
+++ sys/security/mac/mac_framework.c
@@ -704,6 +704,13 @@
if (error1 == EDEADLK || error2 == EDEADLK)
return (EDEADLK);
+ /* Precedence for errors that should send signals. */
+ if (error1 == EMACKILL || error2 == EMACKILL)
+ return (EMACKILL);
+
+ if (error1 == EMACTRAP || error2 == EMACTRAP)
+ return (EMACTRAP);
+
/* Invalid arguments should be reported where possible. */
if (error1 == EINVAL || error2 == EINVAL)
return (EINVAL);
Index: sys/security/mac/mac_generic.c
===================================================================
--- /dev/null
+++ sys/security/mac/mac_generic.c
@@ -0,0 +1,72 @@
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include "opt_mac.h"
+
+#include <sys/param.h>
+#include <sys/kernel.h>
+#include <sys/mac.h>
+#include <sys/sdt.h>
+#include <sys/systm.h>
+#include <sys/file.h>
+
+#include <security/mac/mac_framework.h>
+#include <security/mac/mac_internal.h>
+#include <security/mac/mac_policy.h>
+
+void
+mac_generic_filter_setmode(struct ucred *cred, struct file *fp,
+ mode_t *mode)
+{
+
+ MAC_POLICY_PERFORM_NOSLEEP(generic_filter_setmode, cred, fp, mode);
+}
+
+MAC_CHECK_PROBE_DEFINE4(generic_check_ioctl, "struct ucred *",
+ "struct file *", "unsigned long", "void *");
+
+int
+mac_generic_check_ioctl(struct ucred *cred, struct file *fp,
+ u_long cmd, void *data)
+{
+ int error;
+
+ MAC_POLICY_CHECK_NOSLEEP(generic_check_ioctl, cred, fp, cmd, data);
+ MAC_CHECK_PROBE4(generic_check_ioctl, error, cred, fp, cmd, data);
+
+ return (error);
+}
+
+MAC_CHECK_PROBE_DEFINE3(generic_check_vm_prot, "struct ucred *",
+ "struct file *", "vm_prot_t");
+
+int
+mac_generic_check_vm_prot(struct ucred *cred, struct file *fp, vm_prot_t prot)
+{
+ int error;
+
+ MAC_POLICY_CHECK(generic_check_vm_prot, cred, fp, prot);
+ MAC_CHECK_PROBE3(generic_check_vm_prot, error, cred, fp, prot);
+
+ return (error);
+}
+
+int
+mac_generic_check_sendfd(struct ucred *cred, struct thread *td, struct file *fp)
+{
+ int error;
+
+ MAC_POLICY_CHECK(generic_check_sendfd, cred, td, fp);
+
+ return (error);
+}
+
+int
+mac_generic_check_recvfd(struct ucred *cred, struct thread *td, struct file *fp)
+{
+ int error;
+
+ MAC_POLICY_CHECK(generic_check_recvfd, cred, td, fp);
+
+ return (error);
+}
Index: sys/security/mac/mac_net.c
===================================================================
--- sys/security/mac/mac_net.c
+++ sys/security/mac/mac_net.c
@@ -500,3 +500,14 @@
mac_ifnet_label_free(intlabel);
return (0);
}
+
+int
+mac_net_check_fibnum(struct ucred *cred, int fibnum)
+{
+ int error;
+
+ MAC_POLICY_CHECK_NOSLEEP(net_check_fibnum, cred, fibnum);
+
+ return (error);
+}
+
Index: sys/security/mac/mac_policy.h
===================================================================
--- sys/security/mac/mac_policy.h
+++ sys/security/mac/mac_policy.h
@@ -63,8 +63,11 @@
* Operations are sorted first by general class of operation, then
* alphabetically.
*/
+#include <sys/types.h>
+#include <sys/module.h> /* module_t */
#include <sys/acl.h> /* XXX acl_type_t */
#include <sys/types.h> /* XXX accmode_t */
+#include <vm/vm.h> /* vm_prot_t */
struct acl;
struct auditinfo;
@@ -73,6 +76,8 @@
struct cdev;
struct componentname;
struct devfs_dirent;
+struct dirent;
+struct file;
struct ifnet;
struct image_params;
struct inpcb;
@@ -93,8 +98,10 @@
struct shmid_kernel;
struct sockaddr;
struct socket;
+struct sockopt;
struct sysctl_oid;
struct sysctl_req;
+struct sysent;
struct thread;
struct ucred;
struct vattr;
@@ -160,6 +167,7 @@
typedef void (*mpo_cred_create_init_t)(struct ucred *cred);
typedef void (*mpo_cred_create_swapper_t)(struct ucred *cred);
typedef void (*mpo_cred_destroy_label_t)(struct label *label);
+typedef void (*mpo_cred_trim_label_t)(struct ucred *cred);
typedef int (*mpo_cred_externalize_label_t)(struct label *label,
char *element_name, struct sbuf *sb, int *claimed);
typedef void (*mpo_cred_init_label_t)(struct label *label);
@@ -210,6 +218,8 @@
typedef void (*mpo_ifnet_relabel_t)(struct ucred *cred, struct ifnet *ifp,
struct label *ifplabel, struct label *newlabel);
+typedef int (*mpo_net_check_fibnum_t)(struct ucred *cred, int fibnum);
+
typedef int (*mpo_inpcb_check_deliver_t)(struct inpcb *inp,
struct label *inplabel, struct mbuf *m,
struct label *mlabel);
@@ -351,6 +361,10 @@
typedef void (*mpo_posixsem_destroy_label_t)(struct label *label);
typedef void (*mpo_posixsem_init_label_t)(struct label *label);
+typedef int (*mpo_posixshm_path_prefix_t)(struct ucred *cred,
+ char *path, size_t *prefix_len, size_t path_size);
+typedef void (*mpo_posixshm_path_unprefix_t)(struct ucred *cred,
+ const char *path, size_t *prefix_len);
typedef int (*mpo_posixshm_check_create_t)(struct ucred *cred,
const char *path);
typedef int (*mpo_posixshm_check_mmap_t)(struct ucred *cred,
@@ -395,6 +409,8 @@
struct proc *proc, int signum);
typedef int (*mpo_proc_check_wait_t)(struct ucred *cred,
struct proc *proc);
+typedef int (*mpo_proc_check_procctl_t)(struct ucred *cred,
+ struct proc *proc, int com, void *data);
typedef void (*mpo_proc_destroy_label_t)(struct label *label);
typedef void (*mpo_proc_init_label_t)(struct label *label);
@@ -426,6 +442,9 @@
struct socket *so, struct label *solabel);
typedef int (*mpo_socket_check_visible_t)(struct ucred *cred,
struct socket *so, struct label *solabel);
+typedef int (*mpo_socket_check_sockopt_t)(struct ucred *cred,
+ struct socket *so, struct label *solabel,
+ struct sockopt *sopt);
typedef void (*mpo_socket_copy_label_t)(struct label *src,
struct label *dest);
typedef void (*mpo_socket_create_t)(struct ucred *cred, struct socket *so,
@@ -479,6 +498,11 @@
typedef int (*mpo_system_check_sysctl_t)(struct ucred *cred,
struct sysctl_oid *oidp, void *arg1, int arg2,
struct sysctl_req *req);
+typedef int (*mpo_system_check_syscat_t)(struct ucred *cred, int syscat);
+typedef int (*mpo_system_check_sysent_t)(struct ucred *cred,
+ const struct sysent *se);
+typedef void (*mpo_system_execve_t)(struct ucred *ucred,
+ struct image_params *imgp);
typedef void (*mpo_sysvmsg_cleanup_t)(struct label *msglabel);
typedef void (*mpo_sysvmsg_create_t)(struct ucred *cred,
@@ -670,6 +694,39 @@
struct vnode *vp, struct label *vplabel,
struct label *intlabel);
+typedef void (*mpo_vnode_walk_amend_fp_t)(struct ucred *cred,
+ struct file *fp, struct vnode *vp);
+typedef int (*mpo_vnode_walk_start_fp_t)(struct ucred *cred,
+ struct file *fp, bool advance);
+typedef int (*mpo_vnode_walk_start_vp_t)(struct ucred *cred,
+ struct vnode *vp, bool advance);
+typedef void (*mpo_vnode_walk_lookup_t)(struct ucred *cred,
+ struct vnode *dvp, struct componentname *cnp,
+ struct vnode *vp);
+typedef void (*mpo_vnode_walk_return_t)(struct ucred *cred,
+ struct vnode *from_vp, struct vnode *to_vp);
+typedef void (*mpo_vnode_walk_transfer_t)(struct ucred *cred,
+ struct vnode *from_vp, struct vnode *to_vp);
+typedef void (*mpo_vnode_walk_created_t)(struct ucred *cred,
+ struct vnode *dvp, struct vnode *vp);
+typedef int (*mpo_vnode_walk_finish_t)(struct ucred *cred,
+ struct vnode *dvp, struct vnode *vp);
+typedef int (*mpo_vnode_walk_failed_t)(struct ucred *cred, int error);
+typedef bool (*mpo_vnode_walk_dirent_visible_t)(struct ucred *cred,
+ struct vnode *vp, struct dirent *dp);
+
+typedef void (*mpo_generic_filter_setmode_t)(struct ucred *cred,
+ struct file *file, mode_t *mode);
+typedef int (*mpo_generic_check_ioctl_t)(struct ucred *cred,
+ struct file *file,
+ unsigned long cmd, void *data);
+typedef int (*mpo_generic_check_vm_prot_t)(struct ucred *cred,
+ struct file *file, vm_prot_t prot);
+typedef int (*mpo_generic_check_sendfd_t)(struct ucred *cred,
+ struct thread *td, struct file *fp);
+typedef int (*mpo_generic_check_recvfd_t)(struct ucred *cred,
+ struct thread *td, struct file *fp);
+
struct mac_policy_ops {
/*
* Policy module operations.
@@ -715,6 +772,7 @@
mpo_cred_create_swapper_t mpo_cred_create_swapper;
mpo_cred_create_init_t mpo_cred_create_init;
mpo_cred_destroy_label_t mpo_cred_destroy_label;
+ mpo_cred_trim_label_t mpo_cred_trim_label;
mpo_cred_externalize_label_t mpo_cred_externalize_label;
mpo_cred_init_label_t mpo_cred_init_label;
mpo_cred_internalize_label_t mpo_cred_internalize_label;
@@ -739,6 +797,8 @@
mpo_ifnet_internalize_label_t mpo_ifnet_internalize_label;
mpo_ifnet_relabel_t mpo_ifnet_relabel;
+ mpo_net_check_fibnum_t mpo_net_check_fibnum;
+
mpo_inpcb_check_deliver_t mpo_inpcb_check_deliver;
mpo_inpcb_check_visible_t mpo_inpcb_check_visible;
mpo_inpcb_create_t mpo_inpcb_create;
@@ -815,6 +875,8 @@
mpo_posixsem_destroy_label_t mpo_posixsem_destroy_label;
mpo_posixsem_init_label_t mpo_posixsem_init_label;
+ mpo_posixshm_path_prefix_t mpo_posixshm_path_prefix;
+ mpo_posixshm_path_unprefix_t mpo_posixshm_path_unprefix;
mpo_posixshm_check_create_t mpo_posixshm_check_create;
mpo_posixshm_check_mmap_t mpo_posixshm_check_mmap;
mpo_posixshm_check_open_t mpo_posixshm_check_open;
@@ -836,6 +898,7 @@
mpo_proc_check_sched_t mpo_proc_check_sched;
mpo_proc_check_signal_t mpo_proc_check_signal;
mpo_proc_check_wait_t mpo_proc_check_wait;
+ mpo_proc_check_procctl_t mpo_proc_check_procctl;
mpo_proc_destroy_label_t mpo_proc_destroy_label;
mpo_proc_init_label_t mpo_proc_init_label;
@@ -843,6 +906,7 @@
mpo_socket_check_bind_t mpo_socket_check_bind;
mpo_socket_check_connect_t mpo_socket_check_connect;
mpo_socket_check_create_t mpo_socket_check_create;
+ mpo_socket_check_create_t mpo_socket_check_create_pair;
mpo_socket_check_deliver_t mpo_socket_check_deliver;
mpo_socket_check_listen_t mpo_socket_check_listen;
mpo_socket_check_poll_t mpo_socket_check_poll;
@@ -851,6 +915,8 @@
mpo_socket_check_send_t mpo_socket_check_send;
mpo_socket_check_stat_t mpo_socket_check_stat;
mpo_socket_check_visible_t mpo_socket_check_visible;
+ mpo_socket_check_sockopt_t mpo_socket_check_setsockopt;
+ mpo_socket_check_sockopt_t mpo_socket_check_getsockopt;
mpo_socket_copy_label_t mpo_socket_copy_label;
mpo_socket_create_t mpo_socket_create;
mpo_socket_create_mbuf_t mpo_socket_create_mbuf;
@@ -880,6 +946,9 @@
mpo_system_check_swapon_t mpo_system_check_swapon;
mpo_system_check_swapoff_t mpo_system_check_swapoff;
mpo_system_check_sysctl_t mpo_system_check_sysctl;
+ mpo_system_check_syscat_t mpo_system_check_syscat;
+ mpo_system_check_sysent_t mpo_system_check_sysent;
+ mpo_system_execve_t mpo_system_execve;
mpo_sysvmsg_cleanup_t mpo_sysvmsg_cleanup;
mpo_sysvmsg_create_t mpo_sysvmsg_create;
@@ -962,6 +1031,23 @@
mpo_vnode_internalize_label_t mpo_vnode_internalize_label;
mpo_vnode_relabel_t mpo_vnode_relabel;
mpo_vnode_setlabel_extattr_t mpo_vnode_setlabel_extattr;
+
+ mpo_vnode_walk_amend_fp_t mpo_vnode_walk_amend_fp;
+ mpo_vnode_walk_start_fp_t mpo_vnode_walk_start_fp;
+ mpo_vnode_walk_start_vp_t mpo_vnode_walk_start_vp;
+ mpo_vnode_walk_lookup_t mpo_vnode_walk_lookup;
+ mpo_vnode_walk_return_t mpo_vnode_walk_return;
+ mpo_vnode_walk_transfer_t mpo_vnode_walk_transfer;
+ mpo_vnode_walk_created_t mpo_vnode_walk_created;
+ mpo_vnode_walk_finish_t mpo_vnode_walk_finish;
+ mpo_vnode_walk_failed_t mpo_vnode_walk_failed;
+ mpo_vnode_walk_dirent_visible_t mpo_vnode_walk_dirent_visible;
+
+ mpo_generic_filter_setmode_t mpo_generic_filter_setmode;
+ mpo_generic_check_ioctl_t mpo_generic_check_ioctl;
+ mpo_generic_check_vm_prot_t mpo_generic_check_vm_prot;
+ mpo_generic_check_sendfd_t mpo_generic_check_sendfd;
+ mpo_generic_check_recvfd_t mpo_generic_check_recvfd;
};
/*
Index: sys/security/mac/mac_posix_shm.c
===================================================================
--- sys/security/mac/mac_posix_shm.c
+++ sys/security/mac/mac_posix_shm.c
@@ -92,6 +92,32 @@
}
}
+MAC_CHECK_PROBE_DEFINE4(posixshm_path_prefix, "struct ucred *",
+ "char *", "size_t *", "size_t");
+
+int
+mac_posixshm_path_prefix(struct ucred *active_cred, char *path,
+ size_t *prefix_len, size_t path_size)
+{
+ int error;
+
+ MAC_POLICY_CHECK_NOSLEEP(posixshm_path_prefix, active_cred, path,
+ prefix_len, path_size);
+ MAC_CHECK_PROBE4(posixshm_path_prefix, error, active_cred, path,
+ prefix_len, path_size);
+
+ return (error);
+}
+
+void
+mac_posixshm_path_unprefix(struct ucred *cred, const char *path,
+ size_t *prefix_len)
+{
+
+ MAC_POLICY_PERFORM_NOSLEEP(posixshm_path_unprefix, cred, path,
+ prefix_len);
+}
+
void
mac_posixshm_create(struct ucred *cred, struct shmfd *shmfd)
{
Index: sys/security/mac/mac_process.c
===================================================================
--- sys/security/mac/mac_process.c
+++ sys/security/mac/mac_process.c
@@ -431,3 +431,17 @@
return (error);
}
+
+MAC_CHECK_PROBE_DEFINE4(proc_check_procctl, "struct ucred *", "struct proc *",
+ "int", "void *");
+
+int
+mac_proc_check_procctl(struct ucred *cred, struct proc *p, int com, void *data)
+{
+ int error;
+
+ MAC_POLICY_CHECK_NOSLEEP(proc_check_procctl, cred, p, com, data);
+ MAC_CHECK_PROBE4(proc_check_procctl, error, cred, p, com, data);
+
+ return (error);
+}
Index: sys/security/mac/mac_socket.c
===================================================================
--- sys/security/mac/mac_socket.c
+++ sys/security/mac/mac_socket.c
@@ -360,6 +360,22 @@
return (error);
}
+MAC_CHECK_PROBE_DEFINE4(socket_check_create_pair, "struct ucred *", "int", "int",
+ "int");
+
+int
+mac_socket_check_create_pair(struct ucred *cred, int domain, int type, int proto)
+{
+ int error;
+
+ MAC_POLICY_CHECK_NOSLEEP(socket_check_create_pair, cred, domain, type,
+ proto);
+ MAC_CHECK_PROBE4(socket_check_create_pair, error, cred, domain, type,
+ proto);
+
+ return (error);
+}
+
MAC_CHECK_PROBE_DEFINE2(socket_check_deliver, "struct socket *",
"struct mbuf *");
@@ -486,6 +502,38 @@
return (error);
}
+MAC_CHECK_PROBE_DEFINE3(socket_check_setsockopt, "struct ucred *",
+ "struct socket *", "struct sockopt *");
+
+int
+mac_socket_check_setsockopt(struct ucred *cred, struct socket *so,
+ struct sockopt *sopt)
+{
+ int error;
+
+ MAC_POLICY_CHECK_NOSLEEP(socket_check_setsockopt, cred,
+ so, so->so_label, sopt);
+ MAC_CHECK_PROBE3(socket_check_setsockopt, error, cred, so, sopt);
+
+ return (error);
+}
+
+MAC_CHECK_PROBE_DEFINE3(socket_check_getsockopt, "struct ucred *",
+ "struct socket *", "struct sockopt *");
+
+int
+mac_socket_check_getsockopt(struct ucred *cred, struct socket *so,
+ struct sockopt *sopt)
+{
+ int error;
+
+ MAC_POLICY_CHECK_NOSLEEP(socket_check_getsockopt, cred,
+ so, so->so_label, sopt);
+ MAC_CHECK_PROBE3(socket_check_getsockopt, error, cred, so, sopt);
+
+ return (error);
+}
+
int
mac_socket_label_set(struct ucred *cred, struct socket *so,
struct label *label)
Index: sys/security/mac/mac_system.c
===================================================================
--- sys/security/mac/mac_system.c
+++ sys/security/mac/mac_system.c
@@ -234,3 +234,30 @@
return (error);
}
+
+void
+mac_system_execve(struct ucred *cred, struct image_params *imgp)
+{
+
+ MAC_POLICY_PERFORM(system_execve, cred, imgp);
+}
+
+int
+mac_system_check_syscat_impl(struct ucred *cred, int syscat)
+{
+ int error;
+
+ MAC_POLICY_CHECK_NOSLEEP(system_check_syscat, cred, syscat);
+
+ return (error);
+}
+
+int
+mac_system_check_sysent_impl(struct ucred *cred, const struct sysent *se)
+{
+ int error;
+
+ MAC_POLICY_CHECK_NOSLEEP(system_check_sysent, cred, se);
+
+ return (error);
+}
Index: sys/security/mac/mac_vfs.c
===================================================================
--- sys/security/mac/mac_vfs.c
+++ sys/security/mac/mac_vfs.c
@@ -60,6 +60,7 @@
#include <sys/systm.h>
#include <sys/vnode.h>
#include <sys/mount.h>
+#include <sys/dirent.h>
#include <sys/file.h>
#include <sys/namei.h>
#include <sys/sdt.h>
@@ -1080,6 +1081,202 @@
return (0);
}
+
+bool
+mac_vnode_walk_dirent_visible(struct ucred *cred, struct vnode *vp,
+ struct dirent *dp)
+{
+ bool result;
+
+ ASSERT_VOP_LOCKED(vp, "mac_vnode_walk_dirent_visible");
+
+ result = true;
+ MAC_POLICY_BOOLEAN(vnode_walk_dirent_visible, &&, cred, vp, dp);
+
+ return (result);
+}
+
+int
+mac_vnode_readdir_filtered(struct ucred *active_cred, struct ucred *file_cred,
+ struct vnode *dvp, struct uio *ruio)
+{
+ struct mount *mp;
+ struct vattr va;
+ void *buf;
+ size_t buf_size;
+ bool last_read;
+ int error, eofflag;
+
+ ASSERT_VOP_LOCKED(dvp, "mac_vnode_readdir_filtered");
+ MPASS(ruio->uio_rw == UIO_READ);
+
+ if (!mac_vnode_walk_needed(active_cred) ||
+ mac_vnode_walk_dirent_visible(active_cred, dvp, NULL))
+ return (VOP_READDIR(dvp, ruio, file_cred, &eofflag, NULL, NULL));
+
+ error = VOP_GETATTR(dvp, &va, file_cred);
+ if (error != 0)
+ return (error);
+ buf_size = MIN(ruio->uio_resid, MAX(DEV_BSIZE, va.va_blocksize));
+ buf = malloc(buf_size, M_TEMP, M_WAITOK);
+
+ /* The vnode_walk_dirent_visible handlers may use VOP_LOOKUP(). */
+ if ((mp = dvp->v_mount) != NULL &&
+ (mp->mnt_kern_flag & MNTK_LOOKUP_SHARED) == 0 &&
+ VOP_ISLOCKED(dvp) == LK_SHARED)
+ vn_lock(dvp, LK_UPGRADE | LK_RETRY);
+
+ last_read = false;
+ do {
+ struct iovec iov;
+ struct uio uio;
+ char *pos, *end;
+ iov.iov_base = buf;
+ iov.iov_len = buf_size;
+ uio.uio_iov = &iov;
+ uio.uio_iovcnt = 1;
+ uio.uio_offset = ruio->uio_offset;
+ uio.uio_resid = buf_size;
+ uio.uio_segflg = UIO_SYSSPACE;
+ uio.uio_rw = UIO_READ;
+ uio.uio_td = ruio->uio_td;
+ error = VOP_READDIR(dvp, &uio, file_cred, &eofflag, NULL, NULL);
+ if (error != 0)
+ goto out;
+ end = (pos = buf) + (buf_size - uio.uio_resid);
+ if (pos == end) /* EOF */
+ goto out;
+ while (pos < end) {
+ struct dirent *dp = (void *)pos;
+ if (__offsetof(struct dirent, d_name) > end - pos ||
+ dp->d_reclen > end - pos) { /* partial entry */
+ if (pos == buf) {
+ error = EINVAL;
+ goto out; /* it'll never fit... */
+ }
+ break; /* try again with empty buffer */
+ }
+ if (dp->d_fileno != 0 &&
+ mac_vnode_walk_dirent_visible(active_cred, dvp, dp)) {
+ /* Visible entry, append to return buffer. */
+ if (ruio->uio_resid < dp->d_reclen)
+ goto out; /* returned all we can */
+ error = uiomove(dp, dp->d_reclen, ruio);
+ if (error != 0)
+ goto out;
+ }
+ pos += dp->d_reclen;
+ /*
+ * The NFS client (and maybe others?) sets d_off to 0.
+ */
+ if (dp->d_off != 0) {
+ ruio->uio_offset = dp->d_off;
+ } else {
+ /*
+ * Don't do another VOP_READDIR() unless the
+ * return buffer has enough room for everything
+ * we could potentially get or we'd have no way
+ * to resume from where we left off.
+ *
+ * The caller may get a (very) short read, but
+ * not a zero read (since our buffer cannot be
+ * larger than the return buffer, the return
+ * buffer necessarily must have been filled).
+ *
+ * Hopefully VOP_READDIR() never returns an
+ * incomplete entry at the end of the buffer...
+ */
+ last_read = ruio->uio_resid < buf_size;
+ ruio->uio_offset = uio.uio_offset;
+ }
+ }
+ } while (!last_read);
+out:
+ free(buf, M_TEMP);
+ return (error);
+}
+
+
+void
+mac_vnode_walk_amend_fp(struct ucred *cred, struct file *fp, struct vnode *vp)
+{
+
+ MAC_POLICY_PERFORM(vnode_walk_amend_fp, cred, fp, vp);
+}
+
+int
+mac_vnode_walk_start_fp(struct ucred *cred, struct file *fp, bool advance)
+{
+ int error;
+
+ MAC_POLICY_CHECK(vnode_walk_start_fp, cred, fp, advance);
+
+ return (error);
+}
+
+int
+mac_vnode_walk_start_vp(struct ucred *cred, struct vnode *vp, bool advance)
+{
+ int error;
+
+ MAC_POLICY_CHECK(vnode_walk_start_vp, cred, vp, advance);
+
+ return (error);
+}
+
+void
+mac_vnode_walk_lookup(struct ucred *cred,
+ struct vnode *dvp, struct componentname *cnp, struct vnode *vp)
+{
+
+ MAC_POLICY_PERFORM(vnode_walk_lookup, cred, dvp, cnp, vp);
+}
+
+void
+mac_vnode_walk_return(struct ucred *cred,
+ struct vnode *from_vp, struct vnode *to_vp)
+{
+
+ MAC_POLICY_PERFORM(vnode_walk_return, cred, from_vp, to_vp);
+}
+
+void
+mac_vnode_walk_transfer(struct ucred *cred,
+ struct vnode *from_vp, struct vnode *to_vp)
+{
+
+ MAC_POLICY_PERFORM(vnode_walk_transfer, cred, from_vp, to_vp);
+}
+
+void
+mac_vnode_walk_created(struct ucred *cred,
+ struct vnode *dvp, struct vnode *vp)
+{
+
+ MAC_POLICY_PERFORM(vnode_walk_created, cred, dvp, vp);
+}
+
+int
+mac_vnode_walk_finish(struct ucred *cred, struct vnode *dvp, struct vnode *vp)
+{
+ int error;
+
+ MAC_POLICY_CHECK(vnode_walk_finish, cred, dvp, vp);
+
+ return (error);
+}
+
+int
+mac_vnode_walk_failed(struct ucred *cred, int error1)
+{
+ int error;
+
+ MAC_POLICY_CHECK(vnode_walk_failed, cred, error1);
+
+ return (error);
+}
+
+
#ifdef DEBUG_VFS_LOCKS
void
mac_vnode_assert_locked(struct vnode *vp, const char *func)
Index: sys/sys/errno.h
===================================================================
--- sys/sys/errno.h
+++ sys/sys/errno.h
@@ -181,10 +181,12 @@
#define ENOTRECOVERABLE 95 /* State not recoverable */
#define EOWNERDEAD 96 /* Previous owner died */
#define EINTEGRITY 97 /* Integrity check failed */
+#define EMACTRAP 98
+#define EMACKILL 99
#endif /* _POSIX_SOURCE */
#ifndef _POSIX_SOURCE
-#define ELAST 97 /* Must be equal largest errno */
+#define ELAST 99 /* Must be equal largest errno */
#endif /* _POSIX_SOURCE */
#if defined(_KERNEL) || defined(_WANT_KERNEL_ERRNO) || defined(_STANDALONE)
Index: sys/sys/eventhandler.h
===================================================================
--- sys/sys/eventhandler.h
+++ sys/sys/eventhandler.h
@@ -100,7 +100,7 @@
* it is suggested that you directly define a list for them.
*/
#define EVENTHANDLER_LIST_DEFINE(name) \
-struct eventhandler_list *_eventhandler_list_ ## name ; \
+struct eventhandler_list *_eventhandler_list_ ## name = NULL; \
static void _ehl_init_ ## name (void * ctx __unused) \
{ \
_eventhandler_list_ ## name = eventhandler_create_list(#name); \
@@ -109,6 +109,8 @@
_ehl_init_ ## name, NULL); \
struct __hack
+#define EVENTHANDLER_LIST_IS_READY(name) (_eventhandler_list_ ## name != NULL)
+
#define EVENTHANDLER_DIRECT_INVOKE(name, ...) do { \
struct eventhandler_list *_el; \
\
Index: sys/sys/file.h
===================================================================
--- sys/sys/file.h
+++ sys/sys/file.h
@@ -181,6 +181,11 @@
off_t fa_end; /* (f) Region end. */
};
+struct funveil_info {
+ uint32_t uperms;
+ uint8_t action;
+};
+
struct file {
volatile u_int f_flag; /* see fcntl.h */
volatile u_int f_count; /* reference count */
@@ -203,6 +208,7 @@
/* (d) Private data for the cdev. */
struct fadvise_info *fvn_advice;
} f_vnun;
+ struct funveil_info f_unveil; /* for mac_curtain's unveil support */
/*
* DFLAG_SEEKABLE specific fields
*/
Index: sys/sys/imgact.h
===================================================================
--- sys/sys/imgact.h
+++ sys/sys/imgact.h
@@ -91,6 +91,9 @@
bool vmspace_destroyed; /* we've blown away original vm space */
bool opened; /* we have opened executable vnode */
bool textset;
+#define IMGACT_MAC_IGNORE_SETID 0x1 /* ignore file's s[ug]id bits */
+#define IMGACT_MAC_NO_BINARIES 0x2 /* only allow interpreted files */
+ unsigned char mac_restrictions;
u_int map_flags;
};
Index: sys/sys/namei.h
===================================================================
--- sys/sys/namei.h
+++ sys/sys/namei.h
@@ -140,7 +140,7 @@
#define NAMEI_DBG_HADSTARTDIR 0x0004
/*
- * namei operational modifier flags, stored in ni_cnd.flags
+ * namei operational modifier flags, stored in ni_cnd.cn_flags
*/
#define NC_NOMAKEENTRY 0x0001 /* name must not be added to cache */
#define NC_KEEPPOSENTRY 0x0002 /* don't evict a positive entry */
@@ -154,6 +154,7 @@
#define LOCKSHARED 0x0100 /* Shared lock leaf */
#define NOFOLLOW 0x0000 /* do not follow symbolic links (pseudo) */
#define RBENEATH 0x100000000ULL /* No escape, even tmp, from start dir */
+#define MACWALKCONTINUE 0x200000000ULL /* continue from current tracker entry */
#define MODMASK 0xf000001ffULL /* mask of operational modifiers */
/*
@@ -213,6 +214,9 @@
*/
#define NI_LCF_STRICTRELATIVE 0x0001 /* relative lookup only */
#define NI_LCF_CAP_DOTDOT 0x0002 /* ".." in strictrelative case */
+#define NI_LCF_MACWALK_ACTIVE 0x0010 /* calling vnode MAC walk functions */
+#define NI_LCF_MACWALK_ADVANCE 0x0020 /* must roll tracker forward */
+#define NI_LCF_MACWALK_RESUME 0x0040 /* don't need to find cover directory */
/*
* Initialization of a nameidata structure.
Index: sys/sys/proc.h
===================================================================
--- sys/sys/proc.h
+++ sys/sys/proc.h
@@ -321,6 +321,7 @@
int td_errno; /* (k) Error from last syscall. */
size_t td_vslock_sz; /* (k) amount of vslock-ed space */
struct kcov_info *td_kcov_info; /* (*) Kernel code coverage data */
+ struct unveil_track *td_unveil_track; /* (k) mac_curtain unveil tracker */
u_int td_ucredref; /* (k) references on td_realucred */
#define td_endzero td_sigmask
@@ -690,6 +691,7 @@
u_int p_treeflag; /* (e) P_TREE flags */
int p_pendingexits; /* (c) Count of pending thread exits. */
struct filemon *p_filemon; /* (c) filemon-specific data. */
+ struct unveil_cache *p_unveil_cache; /* (c) mac_curtain cover cache */
int p_pdeathsig; /* (c) Signal from parent on exit. */
/* End area that is zeroed on creation. */
#define p_endzero p_magic
Index: sys/sys/signal.h
===================================================================
--- sys/sys/signal.h
+++ sys/sys/signal.h
@@ -418,6 +418,7 @@
/* message on an empty message queue. */
#define SI_KERNEL 0x10006
#define SI_LWP 0x10007 /* Signal sent by thr_kill */
+#define SI_MAC 0x10008 /* Signal sent due to MAC errnos */
#endif
#if __BSD_VISIBLE
#define SI_UNDEFINED 0
Index: sys/sys/syscat.h
===================================================================
--- /dev/null
+++ sys/sys/syscat.h
@@ -0,0 +1,135 @@
+#ifndef _SYS_SYSCAT_H_
+#define _SYS_SYSCAT_H_
+
+/*
+ * Access to kernel functionality may be restricted by MAC modules based on
+ * those "syscall categories". Each syscall is assigned one category (which
+ * will default to SY_CAT_CATCHALL). There are also a few explicit category
+ * checks spread out in the kernel.
+ *
+ * Note that these categories never grant any privileges by themselves, they
+ * are merely a prerequisite.
+ */
+
+#define SY_CAT_CATCHALL 0 /* misc. operations assumed unsafe */
+#define SY_CAT_EXIT 1 /* terminate current process */
+#define SY_CAT_CORE 2 /* misc. essential operations */
+#define SY_CAT_MMAN 3 /* memory management */
+#define SY_CAT_FDESC 4 /* file descriptor management */
+#define SY_CAT_GENIO 5 /* generic I/O on opened FDs */
+#define SY_CAT_POLL 6 /* select(2)/poll(2)/kqueue(2)/etc */
+#define SY_CAT_IOCTL 7 /* ioctl(2) */
+#define SY_CAT_CLOCK 8 /* read system clocks */
+#define SY_CAT_TIMER 9 /* per-process timers usage */
+#define SY_CAT_SIGHAND 10 /* change signal handlers */
+#define SY_CAT_SIGMASK 11 /* signal masking */
+#define SY_CAT_SIGWAIT 12 /* waiting on signals */
+#define SY_CAT_STATUS 13 /* misc. info on current process */
+#define SY_CAT_SYSINFO 14 /* sysctl, misc. system info syscalls */
+#define SY_CAT_THREAD 15 /* threads management */
+#define SY_CAT_GETSCHED 16 /* inspect scheduling parameters */
+#define SY_CAT_SETSCHED 17 /* change scheduling parameters */
+#define SY_CAT_PIPE 18 /* pipe(2)/socketpair(2) */
+#define SY_CAT_FLOCK 19 /* advisory file locking */
+#define SY_CAT_PATH 20 /* misc. operations using paths */
+#define SY_CAT_STAT_PATH 21 /* get file status using paths */
+#define SY_CAT_READ_PATH 22 /* read operations using paths */
+#define SY_CAT_WRITE_PATH 23 /* write operations using paths */
+#define SY_CAT_CREATE_PATH 24 /* creating paths */
+#define SY_CAT_DELETE_PATH 25 /* deleting paths */
+#define SY_CAT_RENAME_PATH 26 /* renaming paths */
+#define SY_CAT_FATTR 27 /* change file attributes of FD */
+#define SY_CAT_FATTR_PATH 28 /* change file attributes using path */
+#define SY_CAT_STATFS 29 /* fstatfs(2) */
+#define SY_CAT_STATFS_PATH 30 /* statfs(2) */
+#define SY_CAT_GETFSSTAT 31 /* getfsstat(2) */
+#define SY_CAT_SOCKIO 32 /* sendmsg/recvmsg/etc, sockopts */
+#define SY_CAT_SOCK 33 /* misc. socket management operations */
+#define SY_CAT_TTYMGMT 34 /* revoke(2)/posix_openpt(2) */
+#define SY_CAT_WAIT 35 /* child process wait/status */
+#define SY_CAT_FORK 36 /* forking, pgrps, sessions */
+#define SY_CAT_EXEC 37 /* fexecve(2) */
+#define SY_CAT_EXEC_PATH 38 /* execve(2) */
+#define SY_CAT_GETRLIMIT 39 /* inspect resource limits */
+#define SY_CAT_SETRLIMIT 40 /* change resource limits */
+#define SY_CAT_GETCRED 41 /* inspect uid/gids/login/etc */
+#define SY_CAT_SETCRED 42 /* change uid/gids/login/etc */
+#define SY_CAT_PROCCTL 43 /* procctl(2) */
+#define SY_CAT_QUOTA 44 /* inspect/change quotas */
+#define SY_CAT_GETEXTATTR 45 /* inspect extattrs on FD */
+#define SY_CAT_SETEXTATTR 46 /* modify extattrs on FD */
+#define SY_CAT_GETEXTATTR_PATH 47 /* inspect extattrs using path */
+#define SY_CAT_SETEXTATTR_PATH 48 /* modify extattrs using path */
+#define SY_CAT_GETACL 49 /* inspect ACLs on FD */
+#define SY_CAT_SETACL 50 /* modify ACLs on FD */
+#define SY_CAT_GETACL_PATH 51 /* inspect ACLs using path */
+#define SY_CAT_SETACL_PATH 52 /* modify ACLs using path */
+#define SY_CAT_MAC_SYSCALL 53 /* mac_syscall(2) */
+#define SY_CAT_GETMAC 54 /* inspect MAC labels on FD */
+#define SY_CAT_SETMAC 55 /* modify MAC labels on FD */
+#define SY_CAT_GETMAC_PATH 56 /* inspect MAC labels using path */
+#define SY_CAT_SETMAC_PATH 57 /* modify MAC labels using path */
+#define SY_CAT_GETMAC_PROC 58 /* inspect MAC labels of process */
+#define SY_CAT_SETMAC_PROC 59 /* change MAC labels of process */
+#define SY_CAT_MAC_EXEC 60 /* execute with MAC label */
+#define SY_CAT_MAC_EXEC_PATH 61 /* execute path with MAC label */
+#define SY_CAT_AIO 62 /* aio(4) */
+#define SY_CAT_AIO_MLOCK 63 /* aio(4) memory locking */
+#define SY_CAT_SENDFILE 64 /* sendfile(2) */
+#define SY_CAT_MLOCK 65 /* locking pages in memory */
+#define SY_CAT_SYSVSHM 66 /* SysV shared memory */
+#define SY_CAT_SYSVSEM 67 /* SysV semaphores */
+#define SY_CAT_SYSVMSG 68 /* SysV message queues */
+#define SY_CAT_POSIXSHM 69 /* POSIX shared memory */
+#define SY_CAT_POSIXSEM 70 /* POSIX semaphores */
+#define SY_CAT_POSIXMSG 71 /* POSIX message queues */
+#define SY_CAT_FFCLOCK 72 /* ffclock(2) "feed-forward clock" */
+#define SY_CAT_CPUSET 73 /* cpuset(2) */
+#define SY_CAT_CHROOT 74 /* chroot(2) */
+#define SY_CAT_JAIL 75 /* inspect/manage jails */
+#define SY_CAT_TRACE 76 /* ktrace(2)/ptrace(2) */
+#define SY_CAT_RFORK 77 /* non-RFSPAWN rfork(2) */
+#define SY_CAT_MOUNT 78 /* mount points management */
+#define SY_CAT_AUDIT 79 /* audit(4) */
+#define SY_CAT_FH 80 /* getfh(2) and friends */
+#define SY_CAT_SETTIME 81 /* set system clock */
+#define SY_CAT_KMODSTAT 83 /* inspect kernel modules */
+#define SY_CAT_KENV 84 /* kenv(2) */
+#define SY_CAT_SYSMGMT 85 /* misc. system management operations */
+#define SY_CAT_UMTX 86 /* _umtx_op(2) */
+
+#define SY_CAT_LAST 86 /* UPDATE ME!!! */
+
+_Static_assert(SY_CAT_LAST == 86, "Did you update SY_CAT_LAST?");
+
+_Static_assert(SY_CAT_CATCHALL == 0,
+ "SY_CAT_CATCHALL must be zero for initializers to work correctly.");
+
+/*
+ * Category aliases to help keep track of special cases. Some syscalls are
+ * assigned categories that may seem less restrictive than they should be.
+ * These syscalls must do their own checking and only allow safe operations
+ * (possibly through explicit syscat checks, priv(9) restrictions and/or MAC
+ * checks, etc).
+ */
+
+/* Allow to enter/check capability mode, manage FD rights/limits, etc. */
+#define SY_CAT_CAPSICUM SY_CAT_CORE
+/* Can signal current process (others depending on visibility checks) */
+#define SY_CAT_SIGSEND SY_CAT_CORE
+/* Can do certain operations on self. */
+#define SY_CAT_THREAD_ SY_CAT_CORE
+#define SY_CAT_GETCPUSET_ SY_CAT_GETSCHED
+#define SY_CAT_SETCPUSET_ SY_CAT_SETSCHED
+/* Get/set operations distinguished later in the call. */
+#define SY_CAT_SCHED_ SY_CAT_GETSCHED
+/* Allow RFSPAWN with just SY_CAT_FORK. */
+#define SY_CAT_RFORK_ SY_CAT_FORK
+/* Allow creation of anonymous memory objects. */
+#define SY_CAT_POSIXSHM_ SY_CAT_MMAN
+/* Retrieving correction delta with adjtime(2) is allowed. */
+#define SY_CAT_SETTIME_ SY_CAT_CLOCK
+/* Categories for syscalls there's probably no point limiting separately. */
+#define SY_CAT_KMODMGMT SY_CAT_SYSMGMT
+
+#endif
Index: sys/sys/sysctl.h
===================================================================
--- sys/sys/sysctl.h
+++ sys/sys/sysctl.h
@@ -40,6 +40,7 @@
#ifdef _KERNEL
#include <sys/queue.h>
+#include <sys/_eventhandler.h>
#endif
/*
@@ -194,6 +195,7 @@
u_int oid_running;
const char *oid_descr;
const char *oid_label;
+ struct sysctl_shadow *oid_shadow; /* used by mac_curtain */
};
#define SYSCTL_IN(r, p, l) (r->newfunc)(r, p, l)
@@ -1164,6 +1166,7 @@
size_t *retval, int flags);
int sysctl_find_oid(int *name, u_int namelen, struct sysctl_oid **noid,
int *nindx, struct sysctl_req *req);
+void sysctl_call_with_rlock(void (*cb)(void *ctx), void *ctx);
void sysctl_wlock(void);
void sysctl_wunlock(void);
int sysctl_wire_old_buffer(struct sysctl_req *req, size_t len);
@@ -1174,6 +1177,11 @@
struct sbuf;
struct sbuf *sbuf_new_for_sysctl(struct sbuf *, char *, int,
struct sysctl_req *);
+
+typedef void (*sysctl_registration_hook)(void *tag, struct sysctl_oid *);
+EVENTHANDLER_DECLARE(sysctl_register_oid, sysctl_registration_hook);
+EVENTHANDLER_DECLARE(sysctl_unregister_oid, sysctl_registration_hook);
+
#else /* !_KERNEL */
#include <sys/cdefs.h>
#include <sys/_types.h>
Index: sys/sys/sysent.h
===================================================================
--- sys/sys/sysent.h
+++ sys/sys/sysent.h
@@ -80,6 +80,14 @@
* A system call is permitted in capability mode.
*/
#define SYF_CAPENABLED 0x00000001
+/*
+ * System call's category for filtering purpose (see <sys/syscat.h>).
+ */
+#define SYF_CAT_SHIFT 1
+#define SYF_CAT_WIDTH 7
+#define SYF_CAT_MASK (((1U << SYF_CAT_WIDTH) - 1) << SYF_CAT_SHIFT)
+#define SYF_CAT(i) (((i) << SYF_CAT_SHIFT) & SYF_CAT_MASK)
+#define SYF_CAT_GET(f) (((f) & SYF_CAT_MASK) >> SYF_CAT_SHIFT)
#define SY_THR_FLAGMASK 0x7
#define SY_THR_STATIC 0x1
@@ -300,6 +308,13 @@
.syscall_no = NO_SYSCALL \
}
+/*
+ * Flags for syscall_helper_register()/kern_syscall_register().
+ *
+ * SY_THR_STATIC/SY_THR_STATIC_KLD can also be used.
+ */
+#define SY_HLP_PRESERVE_SYFLAGS 0x100
+
int syscall_module_handler(struct module *mod, int what, void *arg);
int syscall_helper_register(struct syscall_helper_data *sd, int flags);
int syscall_helper_unregister(struct syscall_helper_data *sd);
Index: sys/sys/ucred.h
===================================================================
--- sys/sys/ucred.h
+++ sys/sys/ucred.h
@@ -91,6 +91,8 @@
* Flags for cr_flags.
*/
#define CRED_FLAG_CAPMODE 0x00000001 /* In capability mode. */
+#define CRED_FLAG_SYSFILT 0x00000002 /* MAC syscalls filtering. */
+#define CRED_FLAG_NEEDTRIM 0x00000004 /* Must call mac_cred_trim() */
/*
* This is the external representation of struct ucred.
Index: sys/sys/user.h
===================================================================
--- sys/sys/user.h
+++ sys/sys/user.h
@@ -112,6 +112,7 @@
/* Flags for the process credential. */
#define KI_CRF_CAPABILITY_MODE 0x00000001
+#define KI_CRF_SYSCALLS_FILTER 0x00000002
/*
* Steal a bit from ki_cr_flags to indicate that the cred had more than
* KI_NGROUPS groups.
Index: sys/sys/vnode.h
===================================================================
--- sys/sys/vnode.h
+++ sys/sys/vnode.h
@@ -617,6 +617,7 @@
#define VN_OPEN_NAMECACHE 0x00000004
#define VN_OPEN_INVFS 0x00000008
#define VN_OPEN_WANTIOCTLCAPS 0x00000010
+#define VN_OPEN_MACWALKCONTINUE 0x00000020
/* copy_file_range kernel flags */
#define COPY_FILE_RANGE_KFLAGS 0xff000000
Index: sys/tools/makesyscalls.lua
===================================================================
--- sys/tools/makesyscalls.lua
+++ sys/tools/makesyscalls.lua
@@ -1000,11 +1000,11 @@
if flags & known_flags['NOSTD'] ~= 0 then
write_line("sysent", string.format(
"\t{ .sy_narg = %s, .sy_call = (sy_call_t *)%s, " ..
- ".sy_auevent = %s, .sy_flags = 0, " ..
+ ".sy_auevent = %s, .sy_flags = %s, " ..
".sy_thrcnt = SY_THR_ABSENT },",
- "0", "lkmressys", "AUE_NULL"))
+ "0", "lkmressys", "AUE_NULL", sysflags))
align_sysent_comment(8 + 2 + #"0" + 15 + #"lkmressys" +
- #"AUE_NULL" + 3)
+ #"AUE_NULL" + #sysflags + 2)
else
write_line("sysent", string.format(
"\t{ %s(%s,%s), .sy_auevent = %s, .sy_flags = %s, .sy_thrcnt = %s },",
@@ -1060,6 +1060,7 @@
local sysstart, sysend, flags, funcname, sysflags
local thr_flag, syscallret
local orig = line
+ local syscat
flags = 0
thr_flag = "SY_THR_STATIC"
@@ -1094,10 +1095,17 @@
-- Split flags
for flag in allflags:gmatch("([^|]+)") do
- if known_flags[flag] == nil then
- abort(1, "Unknown flag " .. flag .. " for " .. sysnum)
+ if flag:match("^CAT_") then
+ if syscat ~= nil then
+ abort(1, "multiple syscats for " .. sysnum)
+ end
+ syscat = "SY_" .. flag
+ else
+ if known_flags[flag] == nil then
+ abort(1, "Unknown flag " .. flag .. " for " .. sysnum)
+ end
+ flags = flags | known_flags[flag]
end
- flags = flags | known_flags[flag]
end
if (flags & get_mask({"RESERVED", "UNIMPL"})) == 0 and sysnum == nil then
@@ -1213,8 +1221,6 @@
funcomment = funcname
end
- sysflags = "0"
-
-- NODEF events do not get audited
if flags & known_flags['NODEF'] ~= 0 then
auditev = 'AUE_NULL'
@@ -1223,11 +1229,19 @@
-- If applicable; strip the ABI prefix from the name
local stripped_name = strip_abi_prefix(funcname)
+ local sysflags_list = { }
if flags & known_flags['CAPENABLED'] ~= 0 or
config["capenabled"][funcname] ~= nil or
config["capenabled"][stripped_name] ~= nil then
- sysflags = "SYF_CAPENABLED"
+ sysflags_list[#sysflags_list + 1] = "SYF_CAPENABLED"
end
+ if syscat ~= nil then
+ sysflags_list[#sysflags_list + 1] = "SYF_CAT(" .. syscat .. ")"
+ end
+ if #sysflags_list == 0 then
+ sysflags_list[#sysflags_list + 1] = "0"
+ end
+ sysflags = table.concat(sysflags_list, " | ")
local funcargs = {}
local changes_abi = false
Index: sys/vm/vm_mmap.c
===================================================================
--- sys/vm/vm_mmap.c
+++ sys/vm/vm_mmap.c
@@ -363,6 +363,7 @@
addr = round_page((vm_offset_t)vms->vm_daddr +
lim_max(td, RLIMIT_DATA));
}
+
if (len == 0) {
/*
* Return success without mapping anything for old
@@ -380,6 +381,11 @@
*
* This relies on VM_PROT_* matching PROT_*.
*/
+#ifdef MAC
+ error = mac_generic_check_vm_prot(td->td_ucred, NULL, prot);
+ if (error)
+ return (error);
+#endif
error = vm_mmap_object(&vms->vm_map, &addr, size, prot,
max_prot, flags, NULL, pos, FALSE, td);
} else {
@@ -406,6 +412,11 @@
error = EINVAL;
goto done;
}
+#ifdef MAC
+ error = mac_generic_check_vm_prot(td->td_ucred, fp, prot);
+ if (error)
+ goto done;
+#endif
if (check_fp_fn != NULL) {
error = check_fp_fn(fp, prot, max_prot & cap_maxprot,
flags);
@@ -666,6 +677,9 @@
vm_size_t pageoff;
int vm_error, max_prot;
int flags;
+#ifdef MAC
+ int error;
+#endif
addr = addr0;
if ((prot & ~(_PROT_ALL | PROT_MAX(_PROT_ALL))) != 0)
@@ -685,6 +699,12 @@
if (addr + size < addr)
return (EINVAL);
+#ifdef MAC
+ error = mac_generic_check_vm_prot(td->td_ucred, NULL, prot);
+ if (error)
+ return (error);
+#endif
+
flags = VM_MAP_PROTECT_SET_PROT;
if (max_prot != 0)
flags |= VM_MAP_PROTECT_SET_MAXPROT;
Index: usr.bin/diff/diffreg.c
===================================================================
--- usr.bin/diff/diffreg.c
+++ usr.bin/diff/diffreg.c
@@ -462,6 +462,7 @@
opentemp(const char *f)
{
char buf[BUFSIZ], tempfile[PATH_MAX];
+ const char *tmpdir;
ssize_t nread;
int ifd, ofd;
@@ -470,7 +471,12 @@
else if ((ifd = open(f, O_RDONLY, 0644)) == -1)
return (NULL);
- (void)strlcpy(tempfile, _PATH_TMP "/diff.XXXXXXXX", sizeof(tempfile));
+ if (issetugid() != 0 || (tmpdir = getenv("TMPDIR")) == NULL)
+ tmpdir = _PATH_TMP;
+ if (snprintf(tempfile, sizeof(tempfile), "%s/diff.XXXXXXXX", tmpdir) < 0) {
+ close(ifd);
+ return (NULL);
+ }
if ((ofd = mkstemp(tempfile)) == -1) {
close(ifd);
Index: usr.bin/m4/eval.c
===================================================================
--- usr.bin/m4/eval.c
+++ usr.bin/m4/eval.c
@@ -56,6 +56,7 @@
#include <stddef.h>
#include <string.h>
#include <fcntl.h>
+#include <paths.h>
#include "mdef.h"
#include "stdd.h"
#include "extern.h"
@@ -831,8 +832,6 @@
static void
dodiv(int n)
{
- int fd;
-
oindex = n;
if (n >= maxout) {
if (mimic_gnu)
@@ -844,12 +843,14 @@
if (n < 0)
n = 0; /* bitbucket */
if (outfile[n] == NULL) {
- char fname[] = _PATH_DIVNAME;
-
- if ((fd = mkstemp(fname)) == -1 ||
- unlink(fname) == -1 ||
- (outfile[n] = fdopen(fd, "w+")) == NULL)
- err(1, "%s: cannot divert", fname);
+ if (n == 0) {
+ /* outfile[0] is never read back */
+ if ((outfile[n] = fopen(_PATH_DEVNULL, "w")) == NULL)
+ err(1, "cannot divert to %s", _PATH_DEVNULL);
+ } else {
+ if ((outfile[n] = tmpfile()) == NULL)
+ err(1, "cannot divert to temporary file");
+ }
}
active = outfile[n];
}
Index: usr.bin/procstat/procstat_cred.c
===================================================================
--- usr.bin/procstat/procstat_cred.c
+++ usr.bin/procstat/procstat_cred.c
@@ -65,9 +65,10 @@
xo_emit("{:rgid/%5d} ", kipp->ki_rgid);
xo_emit("{:svgid/%5d} ", kipp->ki_svgid);
xo_emit("{:umask/%5s} ", get_umask(procstat, kipp));
- xo_emit("{:cr_flags/%s}", kipp->ki_cr_flags & CRED_FLAG_CAPMODE ?
- "C" : "-");
- xo_emit("{P: }");
+ xo_emit("{:cr_flags/%c%c}",
+ kipp->ki_cr_flags & KI_CRF_CAPABILITY_MODE ? 'C' : '-',
+ kipp->ki_cr_flags & KI_CRF_SYSCALLS_FILTER ? 'F' : '-');
+ xo_emit("{P: }");
groups = NULL;
/*

File Metadata

Mime Type
text/plain
Expires
Thu, Feb 6, 12:49 AM (20 h, 45 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
16483758
Default Alt Text
D35116.diff (178 KB)

Event Timeline