Index: sys/kern/sys_capability.c
===================================================================
--- sys/kern/sys_capability.c
+++ sys/kern/sys_capability.c
@@ -234,6 +234,7 @@
 {
 	struct filedesc *fdp;
 	struct filedescent *fdep;
+	u_long *ioctls;
 	int error;
 
 	fdp = td->td_proc->p_fd;
@@ -243,18 +244,22 @@
 		FILEDESC_XUNLOCK(fdp);
 		return (EBADF);
 	}
+	ioctls = NULL;
 	error = _cap_check(cap_rights(fdp, fd), rights, CAPFAIL_INCREASE);
 	if (error == 0) {
+		seqc_write_begin(&fdep->fde_seqc);
 		fdep->fde_rights = *rights;
 		if (!cap_rights_is_set(rights, CAP_IOCTL)) {
-			free(fdep->fde_ioctls, M_FILECAPS);
+			ioctls = fdep->fde_ioctls;
 			fdep->fde_ioctls = NULL;
 			fdep->fde_nioctls = 0;
 		}
 		if (!cap_rights_is_set(rights, CAP_FCNTL))
 			fdep->fde_fcntls = 0;
+		seqc_write_end(&fdep->fde_seqc);
 	}
 	FILEDESC_XUNLOCK(fdp);
+	free(ioctls, M_FILECAPS);
 	return (error);
 }
 
@@ -439,8 +444,10 @@
 		goto out;
 
 	ocmds = fdep->fde_ioctls;
+	seqc_write_begin(&fdep->fde_seqc);
 	fdep->fde_ioctls = cmds;
 	fdep->fde_nioctls = ncmds;
+	seqc_write_end(&fdep->fde_seqc);
 
 	cmds = ocmds;
 	error = 0;
@@ -597,7 +604,9 @@
 		return (ENOTCAPABLE);
 	}
 
+	seqc_write_begin(&fdep->fde_seqc);
 	fdep->fde_fcntls = fcntlrights;
+	seqc_write_end(&fdep->fde_seqc);
 	FILEDESC_XUNLOCK(fdp);
 
 	return (0);