summaryrefslogtreecommitdiffstats
path: root/freebsd/sys/sys/priv.h
diff options
context:
space:
mode:
Diffstat (limited to 'freebsd/sys/sys/priv.h')
-rw-r--r--freebsd/sys/sys/priv.h32
1 files changed, 22 insertions, 10 deletions
diff --git a/freebsd/sys/sys/priv.h b/freebsd/sys/sys/priv.h
index 1d1e8f20..ec0943aa 100644
--- a/freebsd/sys/sys/priv.h
+++ b/freebsd/sys/sys/priv.h
@@ -45,8 +45,9 @@
* loadable kernel module ABI, and should not be changed across minor
* releases.
*
- * When adding a new privilege, remember to determine if it's appropriate for
- * use in jail, and update the privilege switch in kern_jail.c as necessary.
+ * When adding a new privilege, remember to determine if it's appropriate
+ * for use in jail, and update the privilege switch in prison_priv_check()
+ * in kern_jail.c as necessary.
*/
/*
@@ -111,6 +112,7 @@
#define PRIV_DEBUG_DIFFCRED 80 /* Exempt debugging other users. */
#define PRIV_DEBUG_SUGID 81 /* Exempt debugging setuid proc. */
#define PRIV_DEBUG_UNPRIV 82 /* Exempt unprivileged debug limit. */
+#define PRIV_DEBUG_DENIED 83 /* Exempt P2_NOTRACE. */
/*
* Dtrace privileges.
@@ -132,7 +134,7 @@
#define PRIV_JAIL_REMOVE 112 /* Remove a jail. */
/*
- * Kernel environment priveleges.
+ * Kernel environment privileges.
*/
#define PRIV_KENV_SET 120 /* Set kernel env. variables. */
#define PRIV_KENV_UNSET 121 /* Unset kernel env. variables. */
@@ -158,7 +160,8 @@
#define PRIV_PROC_SETRLIMIT 162 /* Can raise resources limits. */
#define PRIV_PROC_SETLOGINCLASS 163 /* Can call setloginclass(2). */
-/* System V IPC privileges.
+/*
+ * System V IPC privileges.
*/
#define PRIV_IPC_READ 170 /* Can override IPC read perm. */
#define PRIV_IPC_WRITE 171 /* Can override IPC write perm. */
@@ -338,6 +341,8 @@
#define PRIV_NET_SETIFVNET 417 /* Move interface to vnet. */
#define PRIV_NET_SETIFDESCR 418 /* Set interface description. */
#define PRIV_NET_SETIFFIB 419 /* Set interface fib. */
+#define PRIV_NET_VXLAN 420 /* Administer vxlan. */
+#define PRIV_NET_SETVLANPCP 421 /* Set VLAN priority. */
/*
* 802.11-related privileges.
@@ -346,9 +351,9 @@
#define PRIV_NET80211_MANAGE 441 /* Administer 802.11. */
/*
- * AppleTalk privileges.
+ * Placeholder for AppleTalk privileges, not supported anymore.
*/
-#define PRIV_NETATALK_RESERVEDPORT 450 /* Bind low port number. */
+#define _PRIV_NETATALK_RESERVEDPORT 450 /* Bind low port number. */
/*
* ATM privileges.
@@ -389,12 +394,13 @@
#define PRIV_NETINET_REUSEPORT 504 /* Allow [rapid] port/address reuse. */
#define PRIV_NETINET_SETHDROPTS 505 /* Set certain IPv4/6 header options. */
#define PRIV_NETINET_BINDANY 506 /* Allow bind to any address. */
+#define PRIV_NETINET_HASHKEY 507 /* Get and set hash keys for IPv4/6. */
/*
- * IPX/SPX privileges.
+ * Placeholders for IPX/SPX privileges, not supported any more.
*/
-#define PRIV_NETIPX_RESERVEDPORT 520 /* Bind low port number. */
-#define PRIV_NETIPX_RAW 521 /* Open netipx raw socket. */
+#define _PRIV_NETIPX_RESERVEDPORT 520 /* Bind low port number. */
+#define _PRIV_NETIPX_RAW 521 /* Open netipx raw socket. */
/*
* NCP privileges.
@@ -494,9 +500,15 @@
#define PRIV_RCTL_REMOVE_RULE 674
/*
+ * mem(4) privileges.
+ */
+#define PRIV_KMEM_READ 680 /* Open mem/kmem for reading. */
+#define PRIV_KMEM_WRITE 681 /* Open mem/kmem for writing. */
+
+/*
* Track end of privilege list.
*/
-#define _PRIV_HIGHEST 675
+#define _PRIV_HIGHEST 682
/*
* Validate that a named privilege is known by the privilege system. Invalid
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-01 13:51:28 +0000