Index: head/sys/compat/freebsd32/freebsd32_util.h =================================================================== --- head/sys/compat/freebsd32/freebsd32_util.h +++ head/sys/compat/freebsd32/freebsd32_util.h @@ -79,23 +79,30 @@ & syscallname##_syscall32, & syscallname##_sysent32,\ NULL, NULL); -#define SYSCALL32_INIT_HELPER(syscallname) { \ +#define SYSCALL32_INIT_HELPER_F(syscallname, flags) { \ .new_sysent = { \ .sy_narg = (sizeof(struct syscallname ## _args ) \ / sizeof(register_t)), \ .sy_call = (sy_call_t *)& syscallname, \ + .sy_flags = (flags) \ }, \ .syscall_no = FREEBSD32_SYS_##syscallname \ } -#define SYSCALL32_INIT_HELPER_COMPAT(syscallname) { \ +#define SYSCALL32_INIT_HELPER_COMPAT_F(syscallname, flags) { \ .new_sysent = { \ .sy_narg = (sizeof(struct syscallname ## _args ) \ / sizeof(register_t)), \ .sy_call = (sy_call_t *)& sys_ ## syscallname, \ + .sy_flags = (flags) \ }, \ .syscall_no = FREEBSD32_SYS_##syscallname \ } + +#define SYSCALL32_INIT_HELPER(syscallname) \ + SYSCALL32_INIT_HELPER_F(syscallname, 0) +#define SYSCALL32_INIT_HELPER_COMPAT(syscallname) \ + SYSCALL32_INIT_HELPER_COMPAT_F(syscallname, 0) int syscall32_register(int *offset, struct sysent *new_sysent, struct sysent *old_sysent, int flags); Index: head/sys/kern/capabilities.conf =================================================================== --- head/sys/kern/capabilities.conf +++ head/sys/kern/capabilities.conf @@ -350,6 +350,8 @@ ## ## Allow message queue operations on file descriptors, subject to capability ## rights. +## NOTE: Corresponding sysents are initialized in sys/kern/uipc_mqueue.c with +## SYF_CAPENABLED. ## kmq_notify kmq_setattr @@ -545,6 +547,8 @@ ## ## Allow I/O-related file descriptors, subject to capability rights. +## NOTE: Corresponding sysents are initialized in sys/netinet/sctp_syscalls.c +## with SYF_CAPENABLED. ## sctp_generic_recvmsg sctp_generic_sendmsg Index: head/sys/kern/uipc_mqueue.c =================================================================== --- head/sys/kern/uipc_mqueue.c +++ head/sys/kern/uipc_mqueue.c @@ -2708,10 +2708,10 @@ static struct syscall_helper_data mq_syscalls[] = { SYSCALL_INIT_HELPER(kmq_open), - SYSCALL_INIT_HELPER(kmq_setattr), - SYSCALL_INIT_HELPER(kmq_timedsend), - SYSCALL_INIT_HELPER(kmq_timedreceive), - SYSCALL_INIT_HELPER(kmq_notify), + SYSCALL_INIT_HELPER_F(kmq_setattr, SYF_CAPENABLED), + SYSCALL_INIT_HELPER_F(kmq_timedsend, SYF_CAPENABLED), + SYSCALL_INIT_HELPER_F(kmq_timedreceive, SYF_CAPENABLED), + SYSCALL_INIT_HELPER_F(kmq_notify, SYF_CAPENABLED), SYSCALL_INIT_HELPER(kmq_unlink), SYSCALL_INIT_LAST }; @@ -2870,10 +2870,10 @@ static struct syscall_helper_data mq32_syscalls[] = { SYSCALL32_INIT_HELPER(freebsd32_kmq_open), - SYSCALL32_INIT_HELPER(freebsd32_kmq_setattr), - SYSCALL32_INIT_HELPER(freebsd32_kmq_timedsend), - SYSCALL32_INIT_HELPER(freebsd32_kmq_timedreceive), - SYSCALL32_INIT_HELPER(freebsd32_kmq_notify), + SYSCALL32_INIT_HELPER_F(freebsd32_kmq_setattr, SYF_CAPENABLED), + SYSCALL32_INIT_HELPER_F(freebsd32_kmq_timedsend, SYF_CAPENABLED), + SYSCALL32_INIT_HELPER_F(freebsd32_kmq_timedreceive, SYF_CAPENABLED), + SYSCALL32_INIT_HELPER_F(freebsd32_kmq_notify, SYF_CAPENABLED), SYSCALL32_INIT_HELPER_COMPAT(kmq_unlink), SYSCALL_INIT_LAST }; Index: head/sys/netinet/sctp_syscalls.c =================================================================== --- head/sys/netinet/sctp_syscalls.c +++ head/sys/netinet/sctp_syscalls.c @@ -82,10 +82,10 @@ #include static struct syscall_helper_data sctp_syscalls[] = { - SYSCALL_INIT_HELPER(sctp_peeloff), - SYSCALL_INIT_HELPER(sctp_generic_sendmsg), - SYSCALL_INIT_HELPER(sctp_generic_sendmsg_iov), - SYSCALL_INIT_HELPER(sctp_generic_recvmsg), + SYSCALL_INIT_HELPER_F(sctp_peeloff, SYF_CAPENABLED), + SYSCALL_INIT_HELPER_F(sctp_generic_sendmsg, SYF_CAPENABLED), + SYSCALL_INIT_HELPER_F(sctp_generic_sendmsg_iov, SYF_CAPENABLED), + SYSCALL_INIT_HELPER_F(sctp_generic_recvmsg, SYF_CAPENABLED), SYSCALL_INIT_LAST }; Index: head/sys/sys/sysent.h =================================================================== --- head/sys/sys/sysent.h +++ head/sys/sys/sysent.h @@ -230,24 +230,30 @@ int syscall_no; int registered; }; -#define SYSCALL_INIT_HELPER(syscallname) { \ +#define SYSCALL_INIT_HELPER_F(syscallname, flags) { \ .new_sysent = { \ .sy_narg = (sizeof(struct syscallname ## _args ) \ / sizeof(register_t)), \ .sy_call = (sy_call_t *)& sys_ ## syscallname, \ - .sy_auevent = SYS_AUE_##syscallname \ + .sy_auevent = SYS_AUE_##syscallname, \ + .sy_flags = (flags) \ }, \ .syscall_no = SYS_##syscallname \ } -#define SYSCALL_INIT_HELPER_COMPAT(syscallname) { \ +#define SYSCALL_INIT_HELPER_COMPAT_F(syscallname, flags) { \ .new_sysent = { \ .sy_narg = (sizeof(struct syscallname ## _args ) \ / sizeof(register_t)), \ .sy_call = (sy_call_t *)& syscallname, \ - .sy_auevent = SYS_AUE_##syscallname \ + .sy_auevent = SYS_AUE_##syscallname, \ + .sy_flags = (flags) \ }, \ .syscall_no = SYS_##syscallname \ } +#define SYSCALL_INIT_HELPER(syscallname) \ + SYSCALL_INIT_HELPER_F(syscallname, 0) +#define SYSCALL_INIT_HELPER_COMPAT(syscallname) \ + SYSCALL_INIT_HELPER_COMPAT_F(syscallname, 0) #define SYSCALL_INIT_LAST { \ .syscall_no = NO_SYSCALL \ }