Index: lib/libc/sys/cap_enter.2 =================================================================== --- lib/libc/sys/cap_enter.2 +++ lib/libc/sys/cap_enter.2 @@ -118,22 +118,10 @@ sets the flag to a non-zero value. A zero value means the process is not in capability mode. .Sh ERRORS -The -.Fn cap_enter -and -.Fn cap_getmode -system calls -will fail if: -.Bl -tag -width Er -.It Bq Er ENOSYS -The kernel is compiled without: -.Pp -.Cd "options CAPABILITY_MODE" -.El .Pp The .Fn cap_getmode -system call may also return the following error: +system call will return the following error: .Bl -tag -width Er .It Bq Er EFAULT Pointer Index: share/man/man4/capsicum.4 =================================================================== --- share/man/man4/capsicum.4 +++ share/man/man4/capsicum.4 @@ -26,15 +26,12 @@ .\" .\" $FreeBSD$ .\" -.Dd July 5, 2016 +.Dd May 15, 2017 .Dt CAPSICUM 4 .Os .Sh NAME .Nm Capsicum .Nd lightweight OS capability and sandbox framework -.Sh SYNOPSIS -.Cd "options CAPABILITY_MODE" -.Cd "options CAPABILITIES" .Sh DESCRIPTION .Nm is a lightweight OS capability and sandbox framework implementing a hybrid Index: sys/amd64/amd64/sys_machdep.c =================================================================== --- sys/amd64/amd64/sys_machdep.c +++ sys/amd64/amd64/sys_machdep.c @@ -33,8 +33,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" - #include #include #include @@ -181,7 +179,6 @@ struct i386_get_xfpustate i386xfpu; struct amd64_get_xfpustate a64xfpu; -#ifdef CAPABILITY_MODE /* * When adding new operations, add a new case statement here to * explicitly indicate whether or not the operation is safe to @@ -213,7 +210,6 @@ return (ECAPMODE); } } -#endif if (uap->op == I386_GET_LDT || uap->op == I386_SET_LDT) return (sysarch_ldt(td, uap, UIO_USERSPACE)); Index: sys/amd64/conf/GENERIC =================================================================== --- sys/amd64/conf/GENERIC +++ sys/amd64/conf/GENERIC @@ -69,8 +69,6 @@ options KBD_INSTALL_CDEV # install a CDEV entry in /dev options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing -options CAPABILITY_MODE # Capsicum capability mode -options CAPABILITIES # Capsicum capabilities options MAC # TrustedBSD MAC Framework options KDTRACE_FRAME # Ensure frames are compiled in options KDTRACE_HOOKS # Kernel DTrace hooks Index: sys/amd64/conf/MINIMAL =================================================================== --- sys/amd64/conf/MINIMAL +++ sys/amd64/conf/MINIMAL @@ -70,8 +70,6 @@ options KBD_INSTALL_CDEV # install a CDEV entry in /dev options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing -options CAPABILITY_MODE # Capsicum capability mode -options CAPABILITIES # Capsicum capabilities options MAC # TrustedBSD MAC Framework options KDTRACE_FRAME # Ensure frames are compiled in options KDTRACE_HOOKS # Kernel DTrace hooks Index: sys/arm/arm/sys_machdep.c =================================================================== --- sys/arm/arm/sys_machdep.c +++ sys/arm/arm/sys_machdep.c @@ -32,8 +32,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" - #include #include #include @@ -194,7 +192,6 @@ { int error; -#ifdef CAPABILITY_MODE /* * When adding new operations, add a new case statement here to * explicitly indicate whether or not the operation is safe to @@ -216,7 +213,6 @@ return (ECAPMODE); } } -#endif switch (uap->op) { case ARM_SYNC_ICACHE: Index: sys/arm/conf/ATMEL =================================================================== --- sys/arm/conf/ATMEL +++ sys/arm/conf/ATMEL @@ -66,8 +66,6 @@ options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed. #options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) #options AUDIT # Security event auditing -#options CAPABILITY_MODE # Capsicum capability mode -#options CAPABILITIES # Capsicum capabilities #options MAC # TrustedBSD MAC Framework #options INCLUDE_CONFIG_FILE # Include this file in kernel Index: sys/arm/conf/ETHERNUT5 =================================================================== --- sys/arm/conf/ETHERNUT5 +++ sys/arm/conf/ETHERNUT5 @@ -62,8 +62,6 @@ options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed. #options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) #options AUDIT # Security event auditing -#options CAPABILITY_MODE # Capsicum capability mode -#options CAPABILITIES # Capsicum capabilities #options MAC # TrustedBSD MAC Framework #options INCLUDE_CONFIG_FILE # Include this file in kernel Index: sys/arm/conf/SAM9260EK =================================================================== --- sys/arm/conf/SAM9260EK +++ sys/arm/conf/SAM9260EK @@ -74,8 +74,6 @@ options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed. #options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) #options AUDIT # Security event auditing -#options CAPABILITY_MODE # Capsicum capability mode -#options CAPABILITIES # Capsicum capabilities #options MAC # TrustedBSD MAC Framework #options INCLUDE_CONFIG_FILE # Include this file in kernel Index: sys/arm64/conf/GENERIC =================================================================== --- sys/arm64/conf/GENERIC +++ sys/arm64/conf/GENERIC @@ -61,8 +61,6 @@ options KBD_INSTALL_CDEV # install a CDEV entry in /dev options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing -options CAPABILITY_MODE # Capsicum capability mode -options CAPABILITIES # Capsicum capabilities options MAC # TrustedBSD MAC Framework options KDTRACE_FRAME # Ensure frames are compiled in options KDTRACE_HOOKS # Kernel DTrace hooks Index: sys/compat/freebsd32/freebsd32_capability.c =================================================================== --- sys/compat/freebsd32/freebsd32_capability.c +++ sys/compat/freebsd32/freebsd32_capability.c @@ -30,8 +30,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" - #include #include #include @@ -44,8 +42,6 @@ #include -#ifdef CAPABILITIES - MALLOC_DECLARE(M_FILECAPS); int @@ -132,23 +128,3 @@ FILEDESC_SUNLOCK(fdp); return (error); } - -#else /* !CAPABILITIES */ - -int -freebsd32_cap_ioctls_limit(struct thread *td, - struct freebsd32_cap_ioctls_limit_args *uap) -{ - - return (ENOSYS); -} - -int -freebsd32_cap_ioctls_get(struct thread *td, - struct freebsd32_cap_ioctls_get_args *uap) -{ - - return (ENOSYS); -} - -#endif /* CAPABILITIES */ Index: sys/conf/NOTES =================================================================== --- sys/conf/NOTES +++ sys/conf/NOTES @@ -1202,10 +1202,6 @@ options MAC_STUB options MAC_TEST -# Support for Capsicum -options CAPABILITIES # fine-grained rights on file descriptors -options CAPABILITY_MODE # sandboxes with no global namespace access - ##################################################################### # CLOCK OPTIONS Index: sys/conf/options =================================================================== --- sys/conf/options +++ sys/conf/options @@ -78,8 +78,6 @@ BOOTHOWTO opt_global.h BOOTVERBOSE opt_global.h CALLOUT_PROFILING -CAPABILITIES opt_capsicum.h -CAPABILITY_MODE opt_capsicum.h COMPAT_43 opt_compat.h COMPAT_43TTY opt_compat.h COMPAT_FREEBSD4 opt_compat.h Index: sys/i386/conf/GENERIC =================================================================== --- sys/i386/conf/GENERIC +++ sys/i386/conf/GENERIC @@ -70,8 +70,6 @@ options KBD_INSTALL_CDEV # install a CDEV entry in /dev options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing -options CAPABILITY_MODE # Capsicum capability mode -options CAPABILITIES # Capsicum capabilities options MAC # TrustedBSD MAC Framework options KDTRACE_HOOKS # Kernel DTrace hooks options DDB_CTF # Kernel ELF linker loads CTF data Index: sys/i386/i386/sys_machdep.c =================================================================== --- sys/i386/i386/sys_machdep.c +++ sys/i386/i386/sys_machdep.c @@ -32,7 +32,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_kstack_pages.h" #include @@ -114,7 +113,6 @@ AUDIT_ARG_CMD(uap->op); -#ifdef CAPABILITY_MODE /* * When adding new operations, add a new case statement here to * explicitly indicate whether or not the operation is safe to @@ -141,7 +139,6 @@ return (ECAPMODE); } } -#endif switch (uap->op) { case I386_GET_IOPERM: Index: sys/kern/imgact_elf.c =================================================================== --- sys/kern/imgact_elf.c +++ sys/kern/imgact_elf.c @@ -32,7 +32,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_compat.h" #include "opt_gzio.h" @@ -660,14 +659,12 @@ u_long base_addr = 0; int error, i, numsegs; -#ifdef CAPABILITY_MODE /* * XXXJA: This check can go away once we are sufficiently confident * that the checks in namei() are correct. */ if (IN_CAPABILITY_MODE(curthread)) return (ECAPMODE); -#endif tempdata = malloc(sizeof(*tempdata), M_TEMP, M_WAITOK); nd = &tempdata->nd; Index: sys/kern/kern_descrip.c =================================================================== --- sys/kern/kern_descrip.c +++ sys/kern/kern_descrip.c @@ -37,7 +37,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_compat.h" #include "opt_ddb.h" #include "opt_ktrace.h" @@ -297,15 +296,11 @@ struct filedescent *fde; fde = &fdp->fd_ofiles[fd]; -#ifdef CAPABILITIES seq_write_begin(&fde->fde_seq); -#endif fdefree_last(fde); fde->fde_file = NULL; fdunused(fdp, fd); -#ifdef CAPABILITIES seq_write_end(&fde->fde_seq); -#endif } void @@ -903,9 +898,7 @@ /* * Duplicate the source descriptor. */ -#ifdef CAPABILITIES seq_write_begin(&newfde->fde_seq); -#endif filecaps_free(&newfde->fde_caps); memcpy(newfde, oldfde, fde_change_size); filecaps_copy(&oldfde->fde_caps, &newfde->fde_caps, true); @@ -913,9 +906,7 @@ newfde->fde_flags = oldfde->fde_flags | UF_EXCLOSE; else newfde->fde_flags = oldfde->fde_flags & ~UF_EXCLOSE; -#ifdef CAPABILITIES seq_write_end(&newfde->fde_seq); -#endif td->td_retval[0] = new; error = 0; @@ -1793,18 +1784,14 @@ FILEDESC_XLOCK_ASSERT(fdp); fde = &fdp->fd_ofiles[fd]; -#ifdef CAPABILITIES seq_write_begin(&fde->fde_seq); -#endif fde->fde_file = fp; fde->fde_flags = (flags & O_CLOEXEC) != 0 ? UF_EXCLOSE : 0; if (fcaps != NULL) filecaps_move(fcaps, &fde->fde_caps); else filecaps_fill(&fde->fde_caps); -#ifdef CAPABILITIES seq_write_end(&fde->fde_seq); -#endif } int @@ -2463,11 +2450,9 @@ goto out; } -#ifdef CAPABILITIES error = cap_check(cap_rights_fde(fde), needrightsp); if (error != 0) goto out; -#endif if (havecapsp != NULL) filecaps_copy(&fde->fde_caps, havecapsp, true); @@ -2485,11 +2470,6 @@ { struct filedesc *fdp = td->td_proc->p_fd; int error; -#ifndef CAPABILITIES - error = fget_unlocked(fdp, fd, needrightsp, fpp, NULL); - if (error == 0 && havecapsp != NULL) - filecaps_fill(havecapsp); -#else struct file *fp; seq_t seq; @@ -2520,7 +2500,6 @@ if (error == 0) fhold(*fpp); FILEDESC_SUNLOCK(fdp); -#endif return (error); } @@ -2528,17 +2507,13 @@ fget_unlocked(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, struct file **fpp, seq_t *seqp) { -#ifdef CAPABILITIES struct filedescent *fde; -#endif struct fdescenttbl *fdt; struct file *fp; u_int count; -#ifdef CAPABILITIES seq_t seq; cap_rights_t haverights; int error; -#endif fdt = fdp->fd_files; if ((u_int)fd >= fdt->fdt_nfiles) @@ -2552,23 +2527,17 @@ * due to preemption. */ for (;;) { -#ifdef CAPABILITIES seq = seq_read(fd_seq(fdt, fd)); fde = &fdt->fdt_ofiles[fd]; haverights = *cap_rights_fde(fde); fp = fde->fde_file; if (!seq_consistent(fd_seq(fdt, fd), seq)) continue; -#else - fp = fdt->fdt_ofiles[fd].fde_file; -#endif if (fp == NULL) return (EBADF); -#ifdef CAPABILITIES error = cap_check(&haverights, needrightsp); if (error != 0) return (error); -#endif count = fp->f_count; retry: if (count == 0) { @@ -2587,19 +2556,13 @@ if (atomic_fcmpset_acq_int(&fp->f_count, &count, count + 1) == 0) goto retry; fdt = fdp->fd_files; -#ifdef CAPABILITIES if (seq_consistent_nomb(fd_seq(fdt, fd), seq)) -#else - if (fp == fdt->fdt_ofiles[fd].fde_file) -#endif break; fdrop(fp, curthread); } *fpp = fp; if (seqp != NULL) { -#ifdef CAPABILITIES *seqp = seq; -#endif } return (0); } @@ -2677,11 +2640,6 @@ struct file **fpp) { int error; -#ifndef CAPABILITIES - error = _fget(td, fd, fpp, 0, rightsp, NULL); - if (maxprotp != NULL) - *maxprotp = VM_PROT_ALL; -#else struct filedesc *fdp = td->td_proc->p_fd; seq_t seq; @@ -2699,7 +2657,6 @@ break; fdrop(*fpp, td); } -#endif return (error); } @@ -2722,9 +2679,6 @@ struct file **fpp) { struct filedesc *fdp = td->td_proc->p_fd; -#ifndef CAPABILITIES - return (fget_unlocked(fdp, fd, rightsp, fpp, NULL)); -#else int error; seq_t seq; @@ -2743,7 +2697,6 @@ *fpp = NULL; } return (error); -#endif } /* @@ -2965,14 +2918,10 @@ fhold(fp); newfde = &fdp->fd_ofiles[indx]; oldfde = &fdp->fd_ofiles[dfd]; -#ifdef CAPABILITIES seq_write_begin(&newfde->fde_seq); -#endif memcpy(newfde, oldfde, fde_change_size); filecaps_copy(&oldfde->fde_caps, &newfde->fde_caps, true); -#ifdef CAPABILITIES seq_write_end(&newfde->fde_seq); -#endif break; case ENXIO: /* @@ -2980,15 +2929,11 @@ */ newfde = &fdp->fd_ofiles[indx]; oldfde = &fdp->fd_ofiles[dfd]; -#ifdef CAPABILITIES seq_write_begin(&newfde->fde_seq); -#endif memcpy(newfde, oldfde, fde_change_size); oldfde->fde_file = NULL; fdunused(fdp, dfd); -#ifdef CAPABILITIES seq_write_end(&newfde->fde_seq); -#endif break; } FILEDESC_XUNLOCK(fdp); @@ -3521,11 +3466,7 @@ for (i = 0; fdp->fd_refcnt > 0 && i <= fdp->fd_lastfile; i++) { if ((fp = fdp->fd_ofiles[i].fde_file) == NULL) continue; -#ifdef CAPABILITIES rights = *cap_rights(fdp, i); -#else /* !CAPABILITIES */ - cap_rights_init(&rights); -#endif /* * Create sysctl entry. It is OK to drop the filedesc * lock inside of export_file_to_sb() as we will Index: sys/kern/kern_exec.c =================================================================== --- sys/kern/kern_exec.c +++ sys/kern/kern_exec.c @@ -27,7 +27,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_compat.h" #include "opt_hwpmc_hooks.h" #include "opt_ktrace.h" @@ -432,7 +431,6 @@ interpret: if (args->fname != NULL) { -#ifdef CAPABILITY_MODE /* * While capability mode can't reach this point via direct * path arguments to execve(), we also don't allow @@ -443,7 +441,6 @@ error = ECAPMODE; goto exec_fail; } -#endif error = namei(&nd); if (error) goto exec_fail; @@ -523,9 +520,7 @@ #endif if (credential_changing && -#ifdef CAPABILITY_MODE ((oldcred->cr_flags & CRED_FLAG_CAPMODE) == 0) && -#endif (imgp->vp->v_mount->mnt_flag & MNT_NOSUID) == 0 && (p->p_flag & P_TRACED) == 0) { imgp->credential_setid = true; Index: sys/kern/kern_sysctl.c =================================================================== --- sys/kern/kern_sysctl.c +++ sys/kern/kern_sysctl.c @@ -38,7 +38,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_compat.h" #include "opt_ktrace.h" @@ -1844,7 +1843,6 @@ KASSERT(req->td != NULL, ("sysctl_root(): req->td == NULL")); -#ifdef CAPABILITY_MODE /* * If the process is in capability mode, then don't permit reading or * writing unless specifically granted for the node. @@ -1856,7 +1854,6 @@ goto out; } } -#endif /* Is this sysctl sensitive to securelevels? */ if (req->newptr && (oid->oid_kind & CTLFLAG_SECURE)) { Index: sys/kern/subr_syscall.c =================================================================== --- sys/kern/subr_syscall.c +++ sys/kern/subr_syscall.c @@ -38,7 +38,6 @@ * from: @(#)trap.c 7.4 (Berkeley) 5/13/91 */ -#include "opt_capsicum.h" #include "opt_ktrace.h" __FBSDID("$FreeBSD$"); @@ -110,7 +109,6 @@ goto retval; } -#ifdef CAPABILITY_MODE /* * In capability mode, we only allow access to system calls * flagged with SYF_CAPENABLED. @@ -120,7 +118,6 @@ error = ECAPMODE; goto retval; } -#endif error = syscall_thread_enter(td, sa->callp); if (error != 0) Index: sys/kern/sys_capability.c =================================================================== --- sys/kern/sys_capability.c +++ sys/kern/sys_capability.c @@ -58,7 +58,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_ktrace.h" #include @@ -87,8 +86,6 @@ SYSCTL_INT(_kern, OID_AUTO, trap_enotcap, CTLFLAG_RW, &trap_enotcap, 0, "Deliver SIGTRAP on ENOTCAPABLE"); -#ifdef CAPABILITY_MODE - #define IOCTLS_MAX_COUNT 256 /* XXX: Is 256 sane? */ FEATURE(security_capability_mode, "Capsicum Capability Mode"); @@ -128,26 +125,6 @@ return (copyout(&i, uap->modep, sizeof(i))); } -#else /* !CAPABILITY_MODE */ - -int -sys_cap_enter(struct thread *td, struct cap_enter_args *uap) -{ - - return (ENOSYS); -} - -int -sys_cap_getmode(struct thread *td, struct cap_getmode_args *uap) -{ - - return (ENOSYS); -} - -#endif /* CAPABILITY_MODE */ - -#ifdef CAPABILITIES - FEATURE(security_capabilities, "Capsicum Capabilities"); MALLOC_DECLARE(M_FILECAPS); @@ -602,54 +579,3 @@ return (copyout(&rights, uap->fcntlrightsp, sizeof(rights))); } - -#else /* !CAPABILITIES */ - -/* - * Stub Capability functions for when options CAPABILITIES isn't compiled - * into the kernel. - */ - -int -sys_cap_rights_limit(struct thread *td, struct cap_rights_limit_args *uap) -{ - - return (ENOSYS); -} - -int -sys___cap_rights_get(struct thread *td, struct __cap_rights_get_args *uap) -{ - - return (ENOSYS); -} - -int -sys_cap_ioctls_limit(struct thread *td, struct cap_ioctls_limit_args *uap) -{ - - return (ENOSYS); -} - -int -sys_cap_ioctls_get(struct thread *td, struct cap_ioctls_get_args *uap) -{ - - return (ENOSYS); -} - -int -sys_cap_fcntls_limit(struct thread *td, struct cap_fcntls_limit_args *uap) -{ - - return (ENOSYS); -} - -int -sys_cap_fcntls_get(struct thread *td, struct cap_fcntls_get_args *uap) -{ - - return (ENOSYS); -} - -#endif /* CAPABILITIES */ Index: sys/kern/sys_generic.c =================================================================== --- sys/kern/sys_generic.c +++ sys/kern/sys_generic.c @@ -37,7 +37,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_compat.h" #include "opt_ktrace.h" @@ -758,9 +757,6 @@ { struct file *fp; struct filedesc *fdp; -#ifndef CAPABILITIES - cap_rights_t rights; -#endif int error, tmp, locked; AUDIT_ARG_FD(fd); @@ -775,16 +771,11 @@ locked = LA_XLOCKED; break; default: -#ifdef CAPABILITIES FILEDESC_SLOCK(fdp); locked = LA_SLOCKED; -#else - locked = LA_UNLOCKED; -#endif break; } -#ifdef CAPABILITIES if ((fp = fget_locked(fdp, fd)) == NULL) { error = EBADF; goto out; @@ -798,13 +789,6 @@ FILEDESC_SUNLOCK(fdp); locked = LA_UNLOCKED; } -#else - error = fget(td, fd, cap_rights_init(&rights, CAP_IOCTL), &fp); - if (error != 0) { - fp = NULL; - goto out; - } -#endif if ((fp->f_flag & (FREAD | FWRITE)) == 0) { error = EBADF; goto out; @@ -839,11 +823,9 @@ case LA_XLOCKED: FILEDESC_XUNLOCK(fdp); break; -#ifdef CAPABILITIES case LA_SLOCKED: FILEDESC_SUNLOCK(fdp); break; -#endif default: FILEDESC_UNLOCK_ASSERT(fdp); break; @@ -1479,9 +1461,7 @@ struct filedesc *fdp; struct file *fp; struct pollfd *fd; -#ifdef CAPABILITIES cap_rights_t rights; -#endif int n; n = 0; @@ -1496,14 +1476,9 @@ if (si != NULL) continue; fp = fdp->fd_ofiles[fd->fd].fde_file; -#ifdef CAPABILITIES if (fp == NULL || cap_check(cap_rights(fdp, fd->fd), - cap_rights_init(&rights, CAP_EVENT)) != 0) -#else - if (fp == NULL) -#endif - { + cap_rights_init(&rights, CAP_EVENT)) != 0) { fd->revents = POLLNVAL; n++; continue; @@ -1557,9 +1532,7 @@ { struct filedesc *fdp = td->td_proc->p_fd; struct file *fp; -#ifdef CAPABILITIES cap_rights_t rights; -#endif int i, n = 0; FILEDESC_SLOCK(fdp); @@ -1571,14 +1544,9 @@ fds->revents = 0; } else { fp = fdp->fd_ofiles[fds->fd].fde_file; -#ifdef CAPABILITIES if (fp == NULL || cap_check(cap_rights(fdp, fds->fd), - cap_rights_init(&rights, CAP_EVENT)) != 0) -#else - if (fp == NULL) -#endif - { + cap_rights_init(&rights, CAP_EVENT)) != 0) { fds->revents = POLLNVAL; n++; } else { Index: sys/kern/tty.c =================================================================== --- sys/kern/tty.c +++ sys/kern/tty.c @@ -30,7 +30,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_compat.h" #include Index: sys/kern/uipc_mqueue.c =================================================================== --- sys/kern/uipc_mqueue.c +++ sys/kern/uipc_mqueue.c @@ -51,7 +51,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_compat.h" #include @@ -2321,9 +2320,7 @@ static int kern_kmq_notify(struct thread *td, int mqd, struct sigevent *sigev) { -#ifdef CAPABILITIES cap_rights_t rights; -#endif struct filedesc *fdp; struct proc *p; struct mqueue *mq; @@ -2355,14 +2352,12 @@ error = EBADF; goto out; } -#ifdef CAPABILITIES error = cap_check(cap_rights(fdp, mqd), cap_rights_init(&rights, CAP_EVENT)); if (error) { FILEDESC_SUNLOCK(fdp); goto out; } -#endif if (fp2 != fp) { FILEDESC_SUNLOCK(fdp); error = EBADF; Index: sys/kern/uipc_shm.c =================================================================== --- sys/kern/uipc_shm.c +++ sys/kern/uipc_shm.c @@ -49,7 +49,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_ktrace.h" #include @@ -707,13 +706,11 @@ mode_t cmode; int fd, error; -#ifdef CAPABILITY_MODE /* * shm_open(2) is only allowed for anonymous objects. */ if (IN_CAPABILITY_MODE(td) && (userpath != SHM_ANON)) return (ECAPMODE); -#endif AUDIT_ARG_FFLAGS(flags); AUDIT_ARG_MODE(mode); Index: sys/kern/uipc_syscalls.c =================================================================== --- sys/kern/uipc_syscalls.c +++ sys/kern/uipc_syscalls.c @@ -32,7 +32,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_inet.h" #include "opt_inet6.h" #include "opt_compat.h" @@ -700,10 +699,8 @@ struct sockaddr *to; int error; -#ifdef CAPABILITY_MODE if (IN_CAPABILITY_MODE(td) && (mp->msg_name != NULL)) return (ECAPMODE); -#endif if (mp->msg_name != NULL) { error = getsockaddr(&to, mp->msg_name, mp->msg_namelen); Index: sys/kern/vfs_lookup.c =================================================================== --- sys/kern/vfs_lookup.c +++ sys/kern/vfs_lookup.c @@ -37,7 +37,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_ktrace.h" #include @@ -333,7 +332,6 @@ if (error == 0 && *cnp->cn_pnbuf == '\0') error = ENOENT; -#ifdef CAPABILITY_MODE /* * In capability mode, lookups must be restricted to happen in * the subtree with the root specified by the file descriptor: @@ -358,7 +356,6 @@ error = ECAPMODE; } } -#endif if (error != 0) { namei_cleanup_cnp(cnp); ndp->ni_vp = NULL; @@ -412,7 +409,6 @@ &rights, &ndp->ni_filecaps, &dp); if (error == EINVAL) error = ENOTDIR; -#ifdef CAPABILITIES /* * If file descriptor doesn't have all rights, * all lookups relative to it must also be @@ -425,7 +421,6 @@ ndp->ni_filecaps.fc_nioctls != -1) { ndp->ni_lcf |= NI_LCF_STRICTRELATIVE; } -#endif } if (error == 0 && dp->v_type != VDIR) error = ENOTDIR; Index: sys/kern/vfs_syscalls.c =================================================================== --- sys/kern/vfs_syscalls.c +++ sys/kern/vfs_syscalls.c @@ -37,7 +37,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_compat.h" #include "opt_ktrace.h" @@ -1076,11 +1075,9 @@ if (indx == -1) { struct filecaps *fcaps; -#ifdef CAPABILITIES if ((nd.ni_lcf & NI_LCF_STRICTRELATIVE) != 0) fcaps = &nd.ni_filecaps; else -#endif fcaps = NULL; error = finstall(td, fp, &indx, flags, fcaps); /* On success finstall() consumes fcaps. */ @@ -3513,7 +3510,6 @@ error = EISDIR; goto out; } -#ifdef CAPABILITIES if (newfd != AT_FDCWD) { /* * If the target already exists we require CAP_UNLINKAT @@ -3524,7 +3520,6 @@ if (error != 0) goto out; } -#endif } if (fvp == tdvp) { error = EINVAL; Index: sys/mips/conf/std.BERI =================================================================== --- sys/mips/conf/std.BERI +++ sys/mips/conf/std.BERI @@ -28,9 +28,6 @@ options ALT_BREAK_TO_DEBUGGER options KTRACE -options CAPABILITY_MODE -options CAPABILITIES - options COMPAT_FREEBSD10 options COMPAT_FREEBSD11 Index: sys/mips/conf/std.MALTA =================================================================== --- sys/mips/conf/std.MALTA +++ sys/mips/conf/std.MALTA @@ -26,8 +26,6 @@ options NFS_ROOT #NFS usable as /, requires NFSCL options PSEUDOFS #Pseudo-filesystem framework options _KPOSIX_PRIORITY_SCHEDULING #Posix P1003_1B real-time extensions -options CAPABILITY_MODE # Capsicum capability mode -options CAPABILITIES # Capsicum capabilities options TMPFS #Efficient memory filesystem Index: sys/modules/mqueue/Makefile =================================================================== --- sys/modules/mqueue/Makefile +++ sys/modules/mqueue/Makefile @@ -5,6 +5,6 @@ KMOD= mqueuefs SRCS= uipc_mqueue.c \ vnode_if.h \ - opt_posix.h opt_compat.h opt_capsicum.h + opt_posix.h opt_compat.h .include Index: sys/netinet/sctp_syscalls.c =================================================================== --- sys/netinet/sctp_syscalls.c +++ sys/netinet/sctp_syscalls.c @@ -31,7 +31,6 @@ #include __FBSDID("$FreeBSD$"); -#include "opt_capsicum.h" #include "opt_inet.h" #include "opt_inet6.h" #include "opt_sctp.h" Index: sys/powerpc/conf/GENERIC =================================================================== --- sys/powerpc/conf/GENERIC +++ sys/powerpc/conf/GENERIC @@ -74,8 +74,6 @@ options _KPOSIX_PRIORITY_SCHEDULING #Posix P1003_1B real-time extensions options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing -options CAPABILITY_MODE # Capsicum capability mode -options CAPABILITIES # Capsicum capabilities options MAC # TrustedBSD MAC Framework options KDTRACE_HOOKS # Kernel DTrace hooks options DDB_CTF # Kernel ELF linker loads CTF data Index: sys/powerpc/conf/GENERIC64 =================================================================== --- sys/powerpc/conf/GENERIC64 +++ sys/powerpc/conf/GENERIC64 @@ -74,8 +74,6 @@ options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed. options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing -options CAPABILITY_MODE # Capsicum capability mode -options CAPABILITIES # Capsicum capabilities options MAC # TrustedBSD MAC Framework options KDTRACE_HOOKS # Kernel DTrace hooks options DDB_CTF # Kernel ELF linker loads CTF data Index: sys/powerpc/conf/MPC85XX =================================================================== --- sys/powerpc/conf/MPC85XX +++ sys/powerpc/conf/MPC85XX @@ -50,8 +50,6 @@ options PROCFS options PSEUDOFS options SCHED_ULE -options CAPABILITIES -options CAPABILITY_MODE options SMP options SYSVMSG options SYSVSEM Index: sys/powerpc/conf/MPC85XXSPE =================================================================== --- sys/powerpc/conf/MPC85XXSPE +++ sys/powerpc/conf/MPC85XXSPE @@ -50,8 +50,6 @@ options PROCFS options PSEUDOFS options SCHED_ULE -options CAPABILITIES -options CAPABILITY_MODE options SMP options SYSVMSG options SYSVSEM Index: sys/powerpc/conf/QORIQ64 =================================================================== --- sys/powerpc/conf/QORIQ64 +++ sys/powerpc/conf/QORIQ64 @@ -55,8 +55,6 @@ options PROCFS options PSEUDOFS options SCHED_ULE -options CAPABILITIES -options CAPABILITY_MODE options SMP options SYSVMSG options SYSVSEM Index: sys/riscv/conf/GENERIC =================================================================== --- sys/riscv/conf/GENERIC +++ sys/riscv/conf/GENERIC @@ -64,8 +64,6 @@ options KBD_INSTALL_CDEV # install a CDEV entry in /dev # options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing -options CAPABILITY_MODE # Capsicum capability mode -options CAPABILITIES # Capsicum capabilities options MAC # TrustedBSD MAC Framework options KDTRACE_FRAME # Ensure frames are compiled in options KDTRACE_HOOKS # Kernel DTrace hooks Index: sys/sparc64/conf/GENERIC =================================================================== --- sys/sparc64/conf/GENERIC +++ sys/sparc64/conf/GENERIC @@ -66,8 +66,6 @@ options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed. options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing -options CAPABILITY_MODE # Capsicum capability mode -options CAPABILITIES # Capsicum capabilities options MAC # TrustedBSD MAC Framework options INCLUDE_CONFIG_FILE # Include this file in kernel options RACCT # Resource accounting framework Index: sys/sparc64/sparc64/sys_machdep.c =================================================================== --- sys/sparc64/sparc64/sys_machdep.c +++ sys/sparc64/sparc64/sys_machdep.c @@ -26,8 +26,6 @@ * $FreeBSD$ */ -#include "opt_capsicum.h" - #include #include #include @@ -56,7 +54,6 @@ { int error; -#ifdef CAPABILITY_MODE /* * When adding new operations, add a new case statement here to * explicitly indicate whether or not the operation is safe to @@ -76,7 +73,6 @@ return (ECAPMODE); } } -#endif mtx_lock(&Giant); switch (uap->op) { Index: sys/sys/filedesc.h =================================================================== --- sys/sys/filedesc.h +++ sys/sys/filedesc.h @@ -229,14 +229,12 @@ return (fde); } -#ifdef CAPABILITIES static __inline bool fd_modified(struct filedesc *fdp, int fd, seq_t seq) { return (!seq_consistent(fd_seq(fdp->fd_files, fd), seq)); } -#endif /* cdir/rdir/jdir manipulation functions. */ void pwd_chdir(struct thread *td, struct vnode *vp);