diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index 2d1c0d4aea5..8b391da9584 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -111,7 +111,8 @@ static void fdgrowtable_exp(struct filedesc *fdp, int nfd); static void fdunused(struct filedesc *fdp, int fd); static void fdused(struct filedesc *fdp, int fd); static int fget_unlocked_seq(struct thread *td, int fd, - cap_rights_t *needrightsp, struct file **fpp, seqc_t *seqp); + const cap_rights_t *needrightsp, struct file **fpp, + seqc_t *seqp); static int getmaxfd(struct thread *td); static u_long *filecaps_copy_prep(const struct filecaps *src); static void filecaps_copy_finish(const struct filecaps *src, @@ -2879,7 +2880,7 @@ finit_vnode(struct file *fp, u_int flag, void *data, const struct fileops *ops) } int -fget_cap_noref(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, +fget_cap_noref(struct filedesc *fdp, int fd, const cap_rights_t *needrightsp, struct file **fpp, struct filecaps *havecapsp) { struct filedescent *fde; @@ -2912,7 +2913,7 @@ out: #ifdef CAPABILITIES int -fget_cap(struct thread *td, int fd, cap_rights_t *needrightsp, +fget_cap(struct thread *td, int fd, const cap_rights_t *needrightsp, struct file **fpp, struct filecaps *havecapsp) { struct filedesc *fdp = td->td_proc->p_fd; @@ -2952,7 +2953,7 @@ get_locked: } #else int -fget_cap(struct thread *td, int fd, cap_rights_t *needrightsp, +fget_cap(struct thread *td, int fd, const cap_rights_t *needrightsp, struct file **fpp, struct filecaps *havecapsp) { int error; @@ -3223,7 +3224,7 @@ out_free: */ #ifdef CAPABILITIES static int -fget_unlocked_seq(struct thread *td, int fd, cap_rights_t *needrightsp, +fget_unlocked_seq(struct thread *td, int fd, const cap_rights_t *needrightsp, struct file **fpp, seqc_t *seqp) { struct filedesc *fdp; @@ -3279,7 +3280,7 @@ fget_unlocked_seq(struct thread *td, int fd, cap_rights_t *needrightsp, } #else static int -fget_unlocked_seq(struct thread *td, int fd, cap_rights_t *needrightsp, +fget_unlocked_seq(struct thread *td, int fd, const cap_rights_t *needrightsp, struct file **fpp, seqc_t *seqp __unused) { struct filedesc *fdp; @@ -3322,7 +3323,7 @@ fget_unlocked_seq(struct thread *td, int fd, cap_rights_t *needrightsp, * racing with itself. */ int -fget_unlocked(struct thread *td, int fd, cap_rights_t *needrightsp, +fget_unlocked(struct thread *td, int fd, const cap_rights_t *needrightsp, struct file **fpp) { struct filedesc *fdp; @@ -3391,7 +3392,7 @@ out_fallback: */ #ifdef CAPABILITIES int -fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, +fget_only_user(struct filedesc *fdp, int fd, const cap_rights_t *needrightsp, struct file **fpp) { const struct filedescent *fde; @@ -3421,7 +3422,7 @@ fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, } #else int -fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, +fget_only_user(struct filedesc *fdp, int fd, const cap_rights_t *needrightsp, struct file **fpp) { struct file *fp; @@ -3457,7 +3458,7 @@ fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, */ static __inline int _fget(struct thread *td, int fd, struct file **fpp, int flags, - cap_rights_t *needrightsp) + const cap_rights_t *needrightsp) { struct file *fp; int error; @@ -3503,15 +3504,15 @@ _fget(struct thread *td, int fd, struct file **fpp, int flags, } int -fget(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp) +fget(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp) { return (_fget(td, fd, fpp, 0, rightsp)); } int -fget_mmap(struct thread *td, int fd, cap_rights_t *rightsp, vm_prot_t *maxprotp, - struct file **fpp) +fget_mmap(struct thread *td, int fd, const cap_rights_t *rightsp, + vm_prot_t *maxprotp, struct file **fpp) { int error; #ifndef CAPABILITIES @@ -3554,22 +3555,24 @@ fget_mmap(struct thread *td, int fd, cap_rights_t *rightsp, vm_prot_t *maxprotp, } int -fget_read(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp) +fget_read(struct thread *td, int fd, const cap_rights_t *rightsp, + struct file **fpp) { return (_fget(td, fd, fpp, FREAD, rightsp)); } int -fget_write(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp) +fget_write(struct thread *td, int fd, const cap_rights_t *rightsp, + struct file **fpp) { return (_fget(td, fd, fpp, FWRITE, rightsp)); } int -fget_fcntl(struct thread *td, int fd, cap_rights_t *rightsp, int needfcntl, - struct file **fpp) +fget_fcntl(struct thread *td, int fd, const cap_rights_t *rightsp, + int needfcntl, struct file **fpp) { #ifndef CAPABILITIES return (fget_unlocked(td, fd, rightsp, fpp)); @@ -3607,7 +3610,7 @@ fget_fcntl(struct thread *td, int fd, cap_rights_t *rightsp, int needfcntl, * XXX: what about the unused flags ? */ static __inline int -_fgetvp(struct thread *td, int fd, int flags, cap_rights_t *needrightsp, +_fgetvp(struct thread *td, int fd, int flags, const cap_rights_t *needrightsp, struct vnode **vpp) { struct file *fp; @@ -3629,14 +3632,15 @@ _fgetvp(struct thread *td, int fd, int flags, cap_rights_t *needrightsp, } int -fgetvp(struct thread *td, int fd, cap_rights_t *rightsp, struct vnode **vpp) +fgetvp(struct thread *td, int fd, const cap_rights_t *rightsp, + struct vnode **vpp) { return (_fgetvp(td, fd, 0, rightsp, vpp)); } int -fgetvp_rights(struct thread *td, int fd, cap_rights_t *needrightsp, +fgetvp_rights(struct thread *td, int fd, const cap_rights_t *needrightsp, struct filecaps *havecaps, struct vnode **vpp) { struct filecaps caps; @@ -3668,14 +3672,16 @@ out: } int -fgetvp_read(struct thread *td, int fd, cap_rights_t *rightsp, struct vnode **vpp) +fgetvp_read(struct thread *td, int fd, const cap_rights_t *rightsp, + struct vnode **vpp) { return (_fgetvp(td, fd, FREAD, rightsp, vpp)); } int -fgetvp_exec(struct thread *td, int fd, cap_rights_t *rightsp, struct vnode **vpp) +fgetvp_exec(struct thread *td, int fd, const cap_rights_t *rightsp, + struct vnode **vpp) { return (_fgetvp(td, fd, FEXEC, rightsp, vpp)); @@ -3683,7 +3689,7 @@ fgetvp_exec(struct thread *td, int fd, cap_rights_t *rightsp, struct vnode **vpp #ifdef notyet int -fgetvp_write(struct thread *td, int fd, cap_rights_t *rightsp, +fgetvp_write(struct thread *td, int fd, const cap_rights_t *rightsp, struct vnode **vpp) { diff --git a/sys/kern/sys_procdesc.c b/sys/kern/sys_procdesc.c index dbf8e579530..3221885c927 100644 --- a/sys/kern/sys_procdesc.c +++ b/sys/kern/sys_procdesc.c @@ -121,7 +121,7 @@ static const struct fileops procdesc_ops = { * died. */ int -procdesc_find(struct thread *td, int fd, cap_rights_t *rightsp, +procdesc_find(struct thread *td, int fd, const cap_rights_t *rightsp, struct proc **p) { struct procdesc *pd; @@ -168,7 +168,8 @@ procdesc_pid(struct file *fp_procdesc) * Retrieve the PID associated with a process descriptor. */ int -kern_pdgetpid(struct thread *td, int fd, cap_rights_t *rightsp, pid_t *pidp) +kern_pdgetpid(struct thread *td, int fd, const cap_rights_t *rightsp, + pid_t *pidp) { struct file *fp; int error; diff --git a/sys/kern/uipc_mqueue.c b/sys/kern/uipc_mqueue.c index 7dd0f979668..75daf94b984 100644 --- a/sys/kern/uipc_mqueue.c +++ b/sys/kern/uipc_mqueue.c @@ -2155,13 +2155,14 @@ sys_kmq_unlink(struct thread *td, struct kmq_unlink_args *uap) return (error); } -typedef int (*_fgetf)(struct thread *, int, cap_rights_t *, struct file **); +typedef int (*_fgetf)(struct thread *, int, const cap_rights_t *, + struct file **); /* * Get message queue by giving file slot */ static int -_getmq(struct thread *td, int fd, cap_rights_t *rightsp, _fgetf func, +_getmq(struct thread *td, int fd, const cap_rights_t *rightsp, _fgetf func, struct file **fpp, struct mqfs_node **ppn, struct mqueue **pmq) { struct mqfs_node *pn; diff --git a/sys/kern/uipc_sem.c b/sys/kern/uipc_sem.c index 35ca9a9fb06..2fc4d3e9cfb 100644 --- a/sys/kern/uipc_sem.c +++ b/sys/kern/uipc_sem.c @@ -123,8 +123,8 @@ static int ksem_create(struct thread *td, const char *path, semid_t *semidp, mode_t mode, unsigned int value, int flags, int compat32); static void ksem_drop(struct ksem *ks); -static int ksem_get(struct thread *td, semid_t id, cap_rights_t *rightsp, - struct file **fpp); +static int ksem_get(struct thread *td, semid_t id, + const cap_rights_t *rightsp, struct file **fpp); static struct ksem *ksem_hold(struct ksem *ks); static void ksem_insert(char *path, Fnv32_t fnv, struct ksem *ks); static struct ksem *ksem_lookup(char *path, Fnv32_t fnv); @@ -587,7 +587,7 @@ ksem_create(struct thread *td, const char *name, semid_t *semidp, mode_t mode, } static int -ksem_get(struct thread *td, semid_t id, cap_rights_t *rightsp, +ksem_get(struct thread *td, semid_t id, const cap_rights_t *rightsp, struct file **fpp) { struct ksem *ks; diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c index 6121bde4c57..4dca0522f70 100644 --- a/sys/kern/uipc_syscalls.c +++ b/sys/kern/uipc_syscalls.c @@ -87,7 +87,7 @@ static int sockargs(struct mbuf **, char *, socklen_t, int); * A reference on the file entry is held upon returning. */ int -getsock_cap(struct thread *td, int fd, cap_rights_t *rightsp, +getsock_cap(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp, struct filecaps *havecapsp) { struct file *fp; @@ -107,7 +107,8 @@ getsock_cap(struct thread *td, int fd, cap_rights_t *rightsp, } int -getsock(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp) +getsock(struct thread *td, int fd, const cap_rights_t *rightsp, + struct file **fpp) { struct file *fp; int error; @@ -737,7 +738,7 @@ kern_sendit(struct thread *td, int s, struct msghdr *mp, int flags, struct uio auio; struct iovec *iov; struct socket *so; - cap_rights_t *rights; + const cap_rights_t *rights; #ifdef KTRACE struct uio *ktruio = NULL; #endif diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 6756925416a..670ceb15146 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -4325,7 +4325,7 @@ out: * semantics. */ int -getvnode_path(struct thread *td, int fd, cap_rights_t *rightsp, +getvnode_path(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp) { struct file *fp; @@ -4363,7 +4363,8 @@ getvnode_path(struct thread *td, int fd, cap_rights_t *rightsp, * A reference on the file entry is held upon returning. */ int -getvnode(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp) +getvnode(struct thread *td, int fd, const cap_rights_t *rightsp, + struct file **fpp) { int error; diff --git a/sys/sys/file.h b/sys/sys/file.h index 07f6bbd5bca..bad161d5d46 100644 --- a/sys/sys/file.h +++ b/sys/sys/file.h @@ -257,14 +257,15 @@ extern const struct fileops socketops; extern int maxfiles; /* kernel limit on number of open files */ extern int maxfilesperproc; /* per process limit on number of open files */ -int fget(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp); -int fget_mmap(struct thread *td, int fd, cap_rights_t *rightsp, +int fget(struct thread *td, int fd, const cap_rights_t *rightsp, + struct file **fpp); +int fget_mmap(struct thread *td, int fd, const cap_rights_t *rightsp, vm_prot_t *maxprotp, struct file **fpp); -int fget_read(struct thread *td, int fd, cap_rights_t *rightsp, +int fget_read(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp); -int fget_write(struct thread *td, int fd, cap_rights_t *rightsp, +int fget_write(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp); -int fget_fcntl(struct thread *td, int fd, cap_rights_t *rightsp, +int fget_fcntl(struct thread *td, int fd, const cap_rights_t *rightsp, int needfcntl, struct file **fpp); int _fdrop(struct file *fp, struct thread *td); int fget_remote(struct thread *td, struct proc *p, int fd, struct file **fpp); @@ -289,15 +290,15 @@ int file_kcmp_generic(struct file *fp1, struct file *fp2, struct thread *td); void finit(struct file *, u_int, short, void *, const struct fileops *); void finit_vnode(struct file *, u_int, void *, const struct fileops *); -int fgetvp(struct thread *td, int fd, cap_rights_t *rightsp, +int fgetvp(struct thread *td, int fd, const cap_rights_t *rightsp, struct vnode **vpp); -int fgetvp_exec(struct thread *td, int fd, cap_rights_t *rightsp, +int fgetvp_exec(struct thread *td, int fd, const cap_rights_t *rightsp, struct vnode **vpp); -int fgetvp_rights(struct thread *td, int fd, cap_rights_t *needrightsp, +int fgetvp_rights(struct thread *td, int fd, const cap_rights_t *needrightsp, struct filecaps *havecaps, struct vnode **vpp); -int fgetvp_read(struct thread *td, int fd, cap_rights_t *rightsp, +int fgetvp_read(struct thread *td, int fd, const cap_rights_t *rightsp, struct vnode **vpp); -int fgetvp_write(struct thread *td, int fd, cap_rights_t *rightsp, +int fgetvp_write(struct thread *td, int fd, const cap_rights_t *rightsp, struct vnode **vpp); int fgetvp_lookup_smr(struct nameidata *ndp, struct vnode **vpp, bool *fsearch); int fgetvp_lookup(struct nameidata *ndp, struct vnode **vpp); diff --git a/sys/sys/filedesc.h b/sys/sys/filedesc.h index c0fb4e3834e..ecb8c58e5d2 100644 --- a/sys/sys/filedesc.h +++ b/sys/sys/filedesc.h @@ -277,22 +277,23 @@ struct filedesc_to_leader * struct filedesc_to_leader * filedesc_to_leader_share(struct filedesc_to_leader *fdtol, struct filedesc *fdp); -int getvnode(struct thread *td, int fd, cap_rights_t *rightsp, +int getvnode(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp); -int getvnode_path(struct thread *td, int fd, cap_rights_t *rightsp, +int getvnode_path(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp); void mountcheckdirs(struct vnode *olddp, struct vnode *newdp); -int fget_cap_noref(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, - struct file **fpp, struct filecaps *havecapsp); -int fget_cap(struct thread *td, int fd, cap_rights_t *needrightsp, +int fget_cap_noref(struct filedesc *fdp, int fd, + const cap_rights_t *needrightsp, struct file **fpp, + struct filecaps *havecapsp); +int fget_cap(struct thread *td, int fd, const cap_rights_t *needrightsp, struct file **fpp, struct filecaps *havecapsp); /* Return a referenced file from an unlocked descriptor. */ -int fget_unlocked(struct thread *td, int fd, cap_rights_t *needrightsp, - struct file **fpp); +int fget_unlocked(struct thread *td, int fd, + const cap_rights_t *needrightsp, struct file **fpp); /* Return a file pointer without a ref. FILEDESC_IS_ONLY_USER must be true. */ -int fget_only_user(struct filedesc *fdp, int fd, cap_rights_t *needrightsp, - struct file **fpp); +int fget_only_user(struct filedesc *fdp, int fd, + const cap_rights_t *needrightsp, struct file **fpp); #define fput_only_user(fdp, fp) ({ \ MPASS(FILEDESC_IS_ONLY_USER(fdp)); \ MPASS(refcount_load(&fp->f_count) > 0); \ diff --git a/sys/sys/namei.h b/sys/sys/namei.h index 5dbf31f6c60..7033e546924 100644 --- a/sys/sys/namei.h +++ b/sys/sys/namei.h @@ -70,7 +70,7 @@ struct nameidata { */ const char *ni_dirp; /* pathname pointer */ enum uio_seg ni_segflg; /* location of pathname */ - cap_rights_t *ni_rightsneeded; /* rights required to look up vnode */ + const cap_rights_t *ni_rightsneeded; /* rights needed to look up vnode */ /* * Arguments to lookup. */ @@ -244,7 +244,7 @@ int cache_fplookup(struct nameidata *ndp, enum cache_fpl_status *status, #define NDINIT_ALL(ndp, op, flags, segflg, namep, dirfd, startdir, rightsp) \ do { \ struct nameidata *_ndp = (ndp); \ - cap_rights_t *_rightsp = (rightsp); \ + const cap_rights_t *_rightsp = (rightsp); \ MPASS(_rightsp != NULL); \ NDINIT_PREFILL(_ndp); \ NDINIT_DBG(_ndp); \ diff --git a/sys/sys/procdesc.h b/sys/sys/procdesc.h index ca26d65d541..4e8b06fb737 100644 --- a/sys/sys/procdesc.h +++ b/sys/sys/procdesc.h @@ -94,8 +94,10 @@ struct procdesc { * In-kernel interfaces to process descriptors. */ int procdesc_exit(struct proc *); -int procdesc_find(struct thread *, int fd, cap_rights_t *, struct proc **); -int kern_pdgetpid(struct thread *, int fd, cap_rights_t *, pid_t *pidp); +int procdesc_find(struct thread *, int fd, const cap_rights_t *, + struct proc **); +int kern_pdgetpid(struct thread *, int fd, const cap_rights_t *, + pid_t *pidp); void procdesc_new(struct proc *, int); void procdesc_finit(struct procdesc *, struct file *); pid_t procdesc_pid(struct file *); diff --git a/sys/sys/socketvar.h b/sys/sys/socketvar.h index 40fdd142525..1efff4a18be 100644 --- a/sys/sys/socketvar.h +++ b/sys/sys/socketvar.h @@ -490,9 +490,9 @@ struct uio; */ int getsockaddr(struct sockaddr **namp, const struct sockaddr *uaddr, size_t len); -int getsock_cap(struct thread *td, int fd, cap_rights_t *rightsp, +int getsock_cap(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp, struct filecaps *havecaps); -int getsock(struct thread *td, int fd, cap_rights_t *rightsp, +int getsock(struct thread *td, int fd, const cap_rights_t *rightsp, struct file **fpp); void soabort(struct socket *so); int soaccept(struct socket *so, struct sockaddr **nam);