diff options
| author | Ed Schouten <ed@FreeBSD.org> | 2015-08-06 06:47:28 +0000 |
|---|---|---|
| committer | Ed Schouten <ed@FreeBSD.org> | 2015-08-06 06:47:28 +0000 |
| commit | 0f85ff377ba631b70bbddf521132c12b1d5dd250 (patch) | |
| tree | a56156f75a5c8d0be9c50097e170560c1efd9583 /sys/compat/cloudabi/cloudabi_fd.c | |
| parent | d98d7ba0b4de199558880f524d41a9e9c83b7558 (diff) | |
| download | src-0f85ff377ba631b70bbddf521132c12b1d5dd250.tar.gz src-0f85ff377ba631b70bbddf521132c12b1d5dd250.zip | |
Add file_open(): the underlying system call of openat().
CloudABI purely operates on file descriptor rights (CAP_*). File
descriptor access modes (O_ACCMODE) are emulated on top of rights.
Instead of accepting the traditional flags argument, file_open() copies
in an fdstat_t object that contains the initial rights the descriptor
should have, but also file descriptor flags that should persist after
opening (APPEND, NONBLOCK, *SYNC). Only flags that don't persist (EXCL,
TRUNC, CREAT, DIRECTORY) are passed in as an argument.
file_open() first converts the rights, the persistent flags and the
non-persistent flags to fflags. It then calls into vn_open(). If
successful, it installs the file descriptor with the requested
rights, trimming off rights that don't apply to the type of
the file that has been opened.
Unlike kern_openat(), this function does not support /dev/fd/*. I can't
think of a reason why we need to support this for CloudABI.
Obtained from: https://github.com/NuxiNL/freebsd
Differential Revision: https://reviews.freebsd.org/D3235
Notes
Notes:
svn path=/head/; revision=286359
Diffstat (limited to 'sys/compat/cloudabi/cloudabi_fd.c')
| -rw-r--r-- | sys/compat/cloudabi/cloudabi_fd.c | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/sys/compat/cloudabi/cloudabi_fd.c b/sys/compat/cloudabi/cloudabi_fd.c index 1fed2e7dcf4f..f16d66855ad4 100644 --- a/sys/compat/cloudabi/cloudabi_fd.c +++ b/sys/compat/cloudabi/cloudabi_fd.c @@ -290,7 +290,7 @@ cloudabi_convert_filetype(const struct file *fp) } /* Removes rights that conflict with the file descriptor type. */ -static void +void cloudabi_remove_conflicting_rights(cloudabi_filetype_t filetype, cloudabi_rights_t *base, cloudabi_rights_t *inheriting) { @@ -499,6 +499,25 @@ cloudabi_sys_fd_stat_get(struct thread *td, return (copyout(&fsb, (void *)uap->buf, sizeof(fsb))); } +/* Converts CloudABI rights to a set of Capsicum capabilities. */ +int +cloudabi_convert_rights(cloudabi_rights_t in, cap_rights_t *out) +{ + + cap_rights_init(out); +#define MAPPING(cloudabi, ...) do { \ + if (in & (cloudabi)) { \ + cap_rights_set(out, ##__VA_ARGS__); \ + in &= ~(cloudabi); \ + } \ +} while (0); + RIGHTS_MAPPINGS +#undef MAPPING + if (in != 0) + return (ENOTCAPABLE); + return (0); +} + int cloudabi_sys_fd_stat_put(struct thread *td, struct cloudabi_sys_fd_stat_put_args *uap) |