capsicum: Statically initialize commonly used capability rights
ClosedPublic
Actions

Authored by markj on May 19 2025, 4:31 PM.

Details

Reviewers

oshogbo
brooks
kib
olce

Commits

rG1225d1a7c948: capsicum: Statically initialize commonly used capability rights
rG1f922483cc99: capsicum: Statically initialize commonly used capability rights

Summary

Rather than initializing all of these sets during boot, define a macro
which can do so at compile-time. This lets us get rid of the silly
sysinit and furthermore allows the sets to live in .rodata, where they
ought to be anyway.

The CAP_RIGHTS_INITIALIZER2 macro can create a set out of up to two
capsicum rights. This could be made more general, but we currently
don't have any use for a more abstract implementation, so just keep it
simple for now.

No functional change intended.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 64302
Build 61186: arc lint + arc unit

Event Timeline

markj created this revision.May 19 2025, 4:31 PM

Herald added subscribers: olce, imp. · View Herald TranscriptMay 19 2025, 4:31 PM

markj requested review of this revision.May 19 2025, 4:31 PM

Harbormaster completed remote builds in B64294: Diff 155700.May 19 2025, 4:31 PM

markj added a parent revision: D50419: file: Qualify pointers to capsicum rights as const.May 19 2025, 4:31 PM

I like this change, but I will verify it tomorrow if its fine with you :)
As I need to wrap my head around this calculations.

olce accepted this revision.May 19 2025, 7:34 PM

olce added inline comments.

sys/sys/capsicum.h
374–376	Simplification. You might want to also move the enclosing `CAPRIGHT()` in `CAP_RIGHTS_INITIALIZER2()` (see other inline comment).
381–389	If `CAPRIGHT()` is removed from `_CAP_RIGHTS_WORD_INITIALIZER()`.