Index: sys/compat/cloudabi/cloudabi_fd.c =================================================================== --- sys/compat/cloudabi/cloudabi_fd.c +++ sys/compat/cloudabi/cloudabi_fd.c @@ -120,10 +120,24 @@ cloudabi_sys_fd_create2(struct thread *td, struct cloudabi_sys_fd_create2_args *uap) { + struct filecaps fcaps1 = {}, fcaps2 = {}; int fds[2]; int error; switch (uap->type) { + case CLOUDABI_FILETYPE_FIFO: + /* + * CloudABI pipes are unidirectional. Restrict rights on + * the pipe to simulate this. + */ + cap_rights_init(&fcaps1.fc_rights, CAP_EVENT, CAP_FCNTL, + CAP_FSTAT, CAP_READ); + fcaps1.fc_fcntls = CAP_FCNTL_SETFL; + cap_rights_init(&fcaps2.fc_rights, CAP_EVENT, CAP_FCNTL, + CAP_FSTAT, CAP_WRITE); + fcaps2.fc_fcntls = CAP_FCNTL_SETFL; + error = kern_pipe(td, fds, 0, &fcaps1, &fcaps2); + break; case CLOUDABI_FILETYPE_SOCKET_DGRAM: error = kern_socketpair(td, AF_UNIX, SOCK_DGRAM, 0, fds); break; Index: sys/compat/linux/linux_event.c =================================================================== --- sys/compat/linux/linux_event.c +++ sys/compat/linux/linux_event.c @@ -620,7 +620,7 @@ fflags |= O_CLOEXEC; fdp = td->td_proc->p_fd; - error = falloc(td, &fp, &fd, fflags); + error = falloc(td, &fp, &fd, fflags, NULL); if (error) return (error); Index: sys/compat/linux/linux_file.c =================================================================== --- sys/compat/linux/linux_file.c +++ sys/compat/linux/linux_file.c @@ -1582,7 +1582,7 @@ printf(ARGS(pipe, "*")); #endif - error = kern_pipe2(td, fildes, 0); + error = kern_pipe(td, fildes, 0, NULL, NULL); if (error) return (error); @@ -1609,7 +1609,7 @@ flags |= O_NONBLOCK; if ((args->flags & LINUX_O_CLOEXEC) != 0) flags |= O_CLOEXEC; - error = kern_pipe2(td, fildes, flags); + error = kern_pipe(td, fildes, flags, NULL, NULL); if (error) return (error); Index: sys/dev/streams/streams.c =================================================================== --- sys/dev/streams/streams.c +++ sys/dev/streams/streams.c @@ -235,7 +235,7 @@ return EOPNOTSUPP; } - if ((error = falloc(td, &fp, &fd, 0)) != 0) + if ((error = falloc(td, &fp, &fd, 0, NULL)) != 0) return error; /* An extra reference on `fp' has been held for us by falloc(). */ Index: sys/kern/kern_descrip.c =================================================================== --- sys/kern/kern_descrip.c +++ sys/kern/kern_descrip.c @@ -1707,7 +1707,8 @@ * release the FILEDESC lock. */ int -falloc(struct thread *td, struct file **resultfp, int *resultfd, int flags) +falloc(struct thread *td, struct file **resultfp, int *resultfd, int flags, + struct filecaps *fcaps) { struct file *fp; int error, fd; @@ -1716,7 +1717,7 @@ if (error) return (error); /* no reference held on error */ - error = finstall(td, fp, &fd, flags, NULL); + error = finstall(td, fp, &fd, flags, fcaps); if (error) { fdrop(fp, td); /* one reference (fp only) */ return (error); Index: sys/kern/kern_event.c =================================================================== --- sys/kern/kern_event.c +++ sys/kern/kern_event.c @@ -760,7 +760,7 @@ } fdp = p->p_fd; - error = falloc(td, &fp, &fd, flags); + error = falloc(td, &fp, &fd, flags, NULL); if (error) goto done2; Index: sys/kern/kern_fork.c =================================================================== --- sys/kern/kern_fork.c +++ sys/kern/kern_fork.c @@ -824,7 +824,7 @@ * later. */ if (flags & RFPROCDESC) { - error = falloc(td, &fp_procdesc, procdescp, 0); + error = falloc(td, &fp_procdesc, procdescp, 0, NULL); if (error != 0) return (error); } Index: sys/kern/sys_pipe.c =================================================================== --- sys/kern/sys_pipe.c +++ sys/kern/sys_pipe.c @@ -397,14 +397,8 @@ * the zone pick up the pieces via pipeclose(). */ int -kern_pipe(struct thread *td, int fildes[2]) -{ - - return (kern_pipe2(td, fildes, 0)); -} - -int -kern_pipe2(struct thread *td, int fildes[2], int flags) +kern_pipe(struct thread *td, int fildes[2], int flags, struct filecaps *fcaps1, + struct filecaps *fcaps2) { struct file *rf, *wf; struct pipe *rpipe, *wpipe; @@ -414,7 +408,7 @@ pipe_paircreate(td, &pp); rpipe = &pp->pp_rpipe; wpipe = &pp->pp_wpipe; - error = falloc(td, &rf, &fd, flags); + error = falloc(td, &rf, &fd, flags, fcaps1); if (error) { pipeclose(rpipe); pipeclose(wpipe); @@ -434,7 +428,7 @@ * side while we are blocked trying to allocate the write side. */ finit(rf, fflags, DTYPE_PIPE, rpipe, &pipeops); - error = falloc(td, &wf, &fd, flags); + error = falloc(td, &wf, &fd, flags, fcaps2); if (error) { fdclose(td, rf, fildes[0]); fdrop(rf, td); @@ -458,7 +452,7 @@ int error; int fildes[2]; - error = kern_pipe(td, fildes); + error = kern_pipe(td, fildes, 0, NULL, NULL); if (error) return (error); @@ -475,7 +469,7 @@ if (uap->flags & ~(O_CLOEXEC | O_NONBLOCK)) return (EINVAL); - error = kern_pipe2(td, fildes, uap->flags); + error = kern_pipe(td, fildes, uap->flags, NULL, NULL); if (error) return (error); error = copyout(fildes, uap->fildes, 2 * sizeof(int)); Index: sys/kern/tty_pts.c =================================================================== --- sys/kern/tty_pts.c +++ sys/kern/tty_pts.c @@ -838,7 +838,7 @@ if (uap->flags & ~(O_RDWR|O_NOCTTY|O_CLOEXEC)) return (EINVAL); - error = falloc(td, &fp, &fd, uap->flags); + error = falloc(td, &fp, &fd, uap->flags, NULL); if (error) return (error); Index: sys/kern/uipc_mqueue.c =================================================================== --- sys/kern/uipc_mqueue.c +++ sys/kern/uipc_mqueue.c @@ -1978,7 +1978,7 @@ if (len < 2 || path[0] != '/' || strchr(path + 1, '/') != NULL) return (EINVAL); - error = falloc(td, &fp, &fd, O_CLOEXEC); + error = falloc(td, &fp, &fd, O_CLOEXEC, NULL); if (error) return (error); Index: sys/kern/uipc_sem.c =================================================================== --- sys/kern/uipc_sem.c +++ sys/kern/uipc_sem.c @@ -457,7 +457,7 @@ fdp = td->td_proc->p_fd; mode = (mode & ~fdp->fd_cmask) & ACCESSPERMS; - error = falloc(td, &fp, &fd, O_CLOEXEC); + error = falloc(td, &fp, &fd, O_CLOEXEC, NULL); if (error) { if (name == NULL) error = ENOSPC; Index: sys/kern/uipc_shm.c =================================================================== --- sys/kern/uipc_shm.c +++ sys/kern/uipc_shm.c @@ -713,7 +713,7 @@ fdp = td->td_proc->p_fd; cmode = (uap->mode & ~fdp->fd_cmask) & ACCESSPERMS; - error = falloc(td, &fp, &fd, O_CLOEXEC); + error = falloc(td, &fp, &fd, O_CLOEXEC, NULL); if (error) return (error); Index: sys/kern/uipc_syscalls.c =================================================================== --- sys/kern/uipc_syscalls.c +++ sys/kern/uipc_syscalls.c @@ -209,7 +209,7 @@ if (error != 0) return (error); #endif - error = falloc(td, &fp, &fd, oflag); + error = falloc(td, &fp, &fd, oflag, NULL); if (error != 0) return (error); /* An extra reference on `fp' has been held for us by falloc(). */ @@ -416,7 +416,8 @@ if (error != 0) goto done; #endif - error = falloc(td, &nfp, &fd, (flags & SOCK_CLOEXEC) ? O_CLOEXEC : 0); + error = falloc(td, &nfp, &fd, (flags & SOCK_CLOEXEC) ? O_CLOEXEC : 0, + NULL); if (error != 0) goto done; ACCEPT_LOCK(); @@ -711,12 +712,12 @@ if (error != 0) goto free1; /* On success extra reference to `fp1' and 'fp2' is set by falloc. */ - error = falloc(td, &fp1, &fd, oflag); + error = falloc(td, &fp1, &fd, oflag, NULL); if (error != 0) goto free2; rsv[0] = fd; fp1->f_data = so1; /* so1 already has ref count */ - error = falloc(td, &fp2, &fd, oflag); + error = falloc(td, &fp2, &fd, oflag, NULL); if (error != 0) goto free3; fp2->f_data = so2; /* so2 already has ref count */ Index: sys/netinet/sctp_syscalls.c =================================================================== --- sys/netinet/sctp_syscalls.c +++ sys/netinet/sctp_syscalls.c @@ -145,7 +145,7 @@ * but that is ok. */ - error = falloc(td, &nfp, &fd, 0); + error = falloc(td, &nfp, &fd, 0, NULL); if (error != 0) goto done; td->td_retval[0] = fd; Index: sys/ofed/include/linux/file.h =================================================================== --- sys/ofed/include/linux/file.h +++ sys/ofed/include/linux/file.h @@ -115,7 +115,7 @@ int error; int fd; - error = falloc(curthread, &file, &fd, 0); + error = falloc(curthread, &file, &fd, 0, NULL); if (error) return -error; /* drop the extra reference */ Index: sys/opencrypto/cryptodev.c =================================================================== --- sys/opencrypto/cryptodev.c +++ sys/opencrypto/cryptodev.c @@ -1306,7 +1306,7 @@ TAILQ_INIT(&fcr->csessions); fcr->sesn = 0; - error = falloc(td, &f, &fd, 0); + error = falloc(td, &f, &fd, 0, NULL); if (error) { free(fcr, M_XDATA); Index: sys/sys/filedesc.h =================================================================== --- sys/sys/filedesc.h +++ sys/sys/filedesc.h @@ -157,7 +157,7 @@ int dupfdopen(struct thread *td, struct filedesc *fdp, int dfd, int mode, int openerror, int *indxp); int falloc(struct thread *td, struct file **resultfp, int *resultfd, - int flags); + int flags, struct filecaps *fcaps); int falloc_noinstall(struct thread *td, struct file **resultfp); void _finstall(struct filedesc *fdp, struct file *fp, int fd, int flags, struct filecaps *fcaps); Index: sys/sys/syscallsubr.h =================================================================== --- sys/sys/syscallsubr.h +++ sys/sys/syscallsubr.h @@ -35,6 +35,7 @@ #include struct file; +struct filecaps; enum idtype; struct itimerval; struct image_args; @@ -150,8 +151,8 @@ enum uio_seg pathseg, int flags, int mode); int kern_pathconf(struct thread *td, char *path, enum uio_seg pathseg, int name, u_long flags); -int kern_pipe(struct thread *td, int fildes[2]); -int kern_pipe2(struct thread *td, int fildes[2], int flags); +int kern_pipe(struct thread *td, int fildes[2], int flags, + struct filecaps *fcaps1, struct filecaps *fcaps2); int kern_poll(struct thread *td, struct pollfd *fds, u_int nfds, struct timespec *tsp, sigset_t *uset); int kern_posix_fadvise(struct thread *td, int fd, off_t offset, off_t len,