[Glibc-bsd-commits] r5362 - in trunk/freebsd-glue: debian src/freebsd-glue
rmh at alioth.debian.org
rmh at alioth.debian.org
Mon Jan 20 21:07:43 UTC 2014
Author: rmh
Date: 2014-01-20 21:07:43 +0000 (Mon, 20 Jan 2014)
New Revision: 5362
Added:
trunk/freebsd-glue/src/freebsd-glue/capability.c
trunk/freebsd-glue/src/freebsd-glue/subr_capability.c
Modified:
trunk/freebsd-glue/debian/changelog
trunk/freebsd-glue/debian/copyright
trunk/freebsd-glue/debian/libfreebsd-glue-0.symbols
trunk/freebsd-glue/src/freebsd-glue/Makefile
Log:
Add capsicum(4) family of functions.
Modified: trunk/freebsd-glue/debian/changelog
===================================================================
--- trunk/freebsd-glue/debian/changelog 2014-01-20 21:01:58 UTC (rev 5361)
+++ trunk/freebsd-glue/debian/changelog 2014-01-20 21:07:43 UTC (rev 5362)
@@ -12,6 +12,7 @@
* Add _PATH_GBDE, _PATH_GELI and _PATH_MDCONFIG to <paths.h>.
* Add swapon() and swapoff() prototypes to <unistd.h>.
* Add basename_r().
+ * Add capsicum(4) family of functions.
-- Robert Millan <rmh at debian.org> Wed, 08 Jan 2014 22:36:52 +0100
Modified: trunk/freebsd-glue/debian/copyright
===================================================================
--- trunk/freebsd-glue/debian/copyright 2014-01-20 21:01:58 UTC (rev 5361)
+++ trunk/freebsd-glue/debian/copyright 2014-01-20 21:07:43 UTC (rev 5362)
@@ -39,9 +39,14 @@
Files: src/freebsd-glue/random.c
src/freebsd-glue/sysarch.c
src/freebsd-glue/basename.c
+ src/freebsd-glue/capability.c
Copyright: 2013, 2014, Robert Millan <rmh at debian.org>
License: BSD (2 clause)
+Files: src/freebsd-glue/subr_capability.c
+Copyright: 2013, FreeBSD Foundation
+License: BSD (2 clause)
+
Files: include/sys/endian.h
Copyright: 2002, Thomas Moestl <tmm at FreeBSD.org>
License: BSD (2 clause)
Modified: trunk/freebsd-glue/debian/libfreebsd-glue-0.symbols
===================================================================
--- trunk/freebsd-glue/debian/libfreebsd-glue-0.symbols 2014-01-20 21:01:58 UTC (rev 5361)
+++ trunk/freebsd-glue/debian/libfreebsd-glue-0.symbols 2014-01-20 21:07:43 UTC (rev 5362)
@@ -1,4 +1,9 @@
libfreebsd-glue.so.0 libfreebsd-glue-0 #MINVER#
+ (arch=kfreebsd-any)__cap_rights_clear at Base 0.2.17
+ (arch=kfreebsd-any)__cap_rights_get at Base 0.2.17
+ (arch=kfreebsd-any)__cap_rights_init at Base 0.2.17
+ (arch=kfreebsd-any)__cap_rights_is_set at Base 0.2.17
+ (arch=kfreebsd-any)__cap_rights_set at Base 0.2.17
(arch=kfreebsd-amd64)amd64_get_fsbase at Base 0.2.8
(arch=kfreebsd-amd64)amd64_get_gsbase at Base 0.2.8
(arch=kfreebsd-amd64)amd64_set_fsbase at Base 0.2.8
@@ -9,6 +14,17 @@
(arch=kfreebsd-i386)i386_set_gsbase at Base 0.2.8
basename_r at Base 0.2.17
(arch=kfreebsd-any)bsd_sendfile at Base 0.2.6
+ (arch=kfreebsd-any)cap_enter at Base 0.2.17
+ (arch=kfreebsd-any)cap_fcntls_get at Base 0.2.17
+ (arch=kfreebsd-any)cap_fcntls_limit at Base 0.2.17
+ (arch=kfreebsd-any)cap_getmode at Base 0.2.17
+ (arch=kfreebsd-any)cap_ioctls_get at Base 0.2.17
+ (arch=kfreebsd-any)cap_ioctls_limit at Base 0.2.17
+ (arch=kfreebsd-any)cap_rights_contains at Base 0.2.17
+ (arch=kfreebsd-any)cap_rights_is_valid at Base 0.2.17
+ (arch=kfreebsd-any)cap_rights_limit at Base 0.2.17
+ (arch=kfreebsd-any)cap_rights_merge at Base 0.2.17
+ (arch=kfreebsd-any)cap_rights_remove at Base 0.2.17
cgetcap at Base 0.1.15
cgetclose at Base 0.1.15
cgetent at Base 0.1.15
Modified: trunk/freebsd-glue/src/freebsd-glue/Makefile
===================================================================
--- trunk/freebsd-glue/src/freebsd-glue/Makefile 2014-01-20 21:01:58 UTC (rev 5361)
+++ trunk/freebsd-glue/src/freebsd-glue/Makefile 2014-01-20 21:07:43 UTC (rev 5362)
@@ -18,6 +18,7 @@
.if ${SYS} == "kfreebsd-gnu"
SRCS+= \
+ capability.c subr_capability.c \
cpuset.c \
disklabel.c \
getbootfile.c \
Added: trunk/freebsd-glue/src/freebsd-glue/capability.c
===================================================================
--- trunk/freebsd-glue/src/freebsd-glue/capability.c (rev 0)
+++ trunk/freebsd-glue/src/freebsd-glue/capability.c 2014-01-20 21:07:43 UTC (rev 5362)
@@ -0,0 +1,81 @@
+/*-
+ * Copyright (c) 2014 Robert Millan <rmh at debian.org>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+
+#include <sys/capability.h>
+#include <sys/syscall.h>
+#include <unistd.h>
+
+#ifndef SYS___cap_rights_get
+#define SYS___cap_rights_get SYS_cap_rights_get
+#endif
+
+int
+cap_enter(void)
+{
+ return syscall (SYS_cap_enter);
+}
+
+int
+cap_getmode(u_int *modep)
+{
+ return syscall (SYS_cap_getmode, modep);
+}
+
+int
+cap_rights_limit(int fd, const cap_rights_t *rights)
+{
+ return syscall (SYS_cap_rights_limit, fd, rights);
+}
+
+int
+__cap_rights_get(int version, int fd, cap_rights_t *rights)
+{
+ return syscall (SYS___cap_rights_get, version, fd, rights);
+}
+
+int
+cap_ioctls_limit(int fd, const unsigned long *cmds, size_t ncmds)
+{
+ return syscall (SYS_cap_ioctls_limit, fd, cmds, ncmds);
+}
+
+ssize_t
+cap_ioctls_get(int fd, unsigned long *cmds, size_t maxcmds)
+{
+ return syscall (SYS_cap_ioctls_get, fd, cmds, maxcmds);
+}
+
+int
+cap_fcntls_limit(int fd, uint32_t fcntlrights)
+{
+ return syscall (SYS_cap_fcntls_limit, fd, fcntlrights);
+}
+
+int
+cap_fcntls_get(int fd, uint32_t *fcntlrightsp)
+{
+ return syscall (SYS_cap_fcntls_get, fd, fcntlrightsp);
+}
Added: trunk/freebsd-glue/src/freebsd-glue/subr_capability.c
===================================================================
--- trunk/freebsd-glue/src/freebsd-glue/subr_capability.c (rev 0)
+++ trunk/freebsd-glue/src/freebsd-glue/subr_capability.c 2014-01-20 21:07:43 UTC (rev 5362)
@@ -0,0 +1,310 @@
+/*-
+ * Copyright (c) 2013 FreeBSD Foundation
+ * All rights reserved.
+ *
+ * This software was developed by Pawel Jakub Dawidek under sponsorship from
+ * the FreeBSD Foundation.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+/*
+ * Note that this file is compiled into the kernel and into libc.
+ */
+
+#ifdef _KERNEL
+#include <sys/types.h>
+#include <sys/capability.h>
+#include <sys/systm.h>
+
+#include <machine/stdarg.h>
+#else /* !_KERNEL */
+#include <sys/types.h>
+#include <sys/capability.h>
+
+#include <assert.h>
+#include <stdarg.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include <string.h>
+#endif
+
+#ifdef _KERNEL
+#define assert(exp) KASSERT((exp), ("%s:%u", __func__, __LINE__))
+#endif
+
+#define CAPARSIZE_MIN (CAP_RIGHTS_VERSION_00 + 2)
+#define CAPARSIZE_MAX (CAP_RIGHTS_VERSION + 2)
+
+static __inline int
+right_to_index(uint64_t right)
+{
+ static const int bit2idx[] = {
+ -1, 0, 1, -1, 2, -1, -1, -1, 3, -1, -1, -1, -1, -1, -1, -1,
+ 4, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
+ };
+ int idx;
+
+ idx = CAPIDXBIT(right);
+ assert(idx >= 0 && idx < sizeof(bit2idx) / sizeof(bit2idx[0]));
+ return (bit2idx[idx]);
+}
+
+static void
+cap_rights_vset(cap_rights_t *rights, va_list ap)
+{
+ uint64_t right;
+ int i, n;
+
+ assert(CAPVER(rights) == CAP_RIGHTS_VERSION_00);
+
+ n = CAPARSIZE(rights);
+ assert(n >= CAPARSIZE_MIN && n <= CAPARSIZE_MAX);
+
+ for (;;) {
+ right = (uint64_t)va_arg(ap, unsigned long long);
+ if (right == 0)
+ break;
+ assert(CAPRVER(right) == 0);
+ i = right_to_index(right);
+ assert(i >= 0);
+ assert(i < n);
+ assert(CAPIDXBIT(rights->cr_rights[i]) == CAPIDXBIT(right));
+ rights->cr_rights[i] |= right;
+ assert(CAPIDXBIT(rights->cr_rights[i]) == CAPIDXBIT(right));
+ }
+}
+
+static void
+cap_rights_vclear(cap_rights_t *rights, va_list ap)
+{
+ uint64_t right;
+ int i, n;
+
+ assert(CAPVER(rights) == CAP_RIGHTS_VERSION_00);
+
+ n = CAPARSIZE(rights);
+ assert(n >= CAPARSIZE_MIN && n <= CAPARSIZE_MAX);
+
+ for (;;) {
+ right = (uint64_t)va_arg(ap, unsigned long long);
+ if (right == 0)
+ break;
+ assert(CAPRVER(right) == 0);
+ i = right_to_index(right);
+ assert(i >= 0);
+ assert(i < n);
+ assert(CAPIDXBIT(rights->cr_rights[i]) == CAPIDXBIT(right));
+ rights->cr_rights[i] &= ~(right & 0x01FFFFFFFFFFFFFFULL);
+ assert(CAPIDXBIT(rights->cr_rights[i]) == CAPIDXBIT(right));
+ }
+}
+
+static bool
+cap_rights_is_vset(const cap_rights_t *rights, va_list ap)
+{
+ uint64_t right;
+ int i, n;
+
+ assert(CAPVER(rights) == CAP_RIGHTS_VERSION_00);
+
+ n = CAPARSIZE(rights);
+ assert(n >= CAPARSIZE_MIN && n <= CAPARSIZE_MAX);
+
+ for (;;) {
+ right = (uint64_t)va_arg(ap, unsigned long long);
+ if (right == 0)
+ break;
+ assert(CAPRVER(right) == 0);
+ i = right_to_index(right);
+ assert(i >= 0);
+ assert(i < n);
+ assert(CAPIDXBIT(rights->cr_rights[i]) == CAPIDXBIT(right));
+ if ((rights->cr_rights[i] & right) != right)
+ return (false);
+ }
+
+ return (true);
+}
+
+cap_rights_t *
+__cap_rights_init(int version, cap_rights_t *rights, ...)
+{
+ unsigned int n;
+ va_list ap;
+
+ assert(version == CAP_RIGHTS_VERSION_00);
+
+ n = version + 2;
+ assert(n >= CAPARSIZE_MIN && n <= CAPARSIZE_MAX);
+ memset(rights->cr_rights, 0, sizeof(rights->cr_rights[0]) * n);
+ CAP_NONE(rights);
+ va_start(ap, rights);
+ cap_rights_vset(rights, ap);
+ va_end(ap);
+
+ return (rights);
+}
+
+cap_rights_t *
+__cap_rights_set(cap_rights_t *rights, ...)
+{
+ va_list ap;
+
+ assert(CAPVER(rights) == CAP_RIGHTS_VERSION_00);
+
+ va_start(ap, rights);
+ cap_rights_vset(rights, ap);
+ va_end(ap);
+
+ return (rights);
+}
+
+cap_rights_t *
+__cap_rights_clear(cap_rights_t *rights, ...)
+{
+ va_list ap;
+
+ assert(CAPVER(rights) == CAP_RIGHTS_VERSION_00);
+
+ va_start(ap, rights);
+ cap_rights_vclear(rights, ap);
+ va_end(ap);
+
+ return (rights);
+}
+
+bool
+__cap_rights_is_set(const cap_rights_t *rights, ...)
+{
+ va_list ap;
+ bool ret;
+
+ assert(CAPVER(rights) == CAP_RIGHTS_VERSION_00);
+
+ va_start(ap, rights);
+ ret = cap_rights_is_vset(rights, ap);
+ va_end(ap);
+
+ return (ret);
+}
+
+bool
+cap_rights_is_valid(const cap_rights_t *rights)
+{
+ cap_rights_t allrights;
+ int i, j;
+
+ if (CAPVER(rights) != CAP_RIGHTS_VERSION_00)
+ return (false);
+ if (CAPARSIZE(rights) < CAPARSIZE_MIN ||
+ CAPARSIZE(rights) > CAPARSIZE_MAX) {
+ return (false);
+ }
+ CAP_ALL(&allrights);
+ if (!cap_rights_contains(&allrights, rights))
+ return (false);
+ for (i = 0; i < CAPARSIZE(rights); i++) {
+ j = right_to_index(rights->cr_rights[i]);
+ if (i != j)
+ return (false);
+ if (i > 0) {
+ if (CAPRVER(rights->cr_rights[i]) != 0)
+ return (false);
+ }
+ }
+
+ return (true);
+}
+
+cap_rights_t *
+cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src)
+{
+ unsigned int i, n;
+
+ assert(CAPVER(dst) == CAP_RIGHTS_VERSION_00);
+ assert(CAPVER(src) == CAP_RIGHTS_VERSION_00);
+ assert(CAPVER(dst) == CAPVER(src));
+ assert(cap_rights_is_valid(src));
+ assert(cap_rights_is_valid(dst));
+
+ n = CAPARSIZE(dst);
+ assert(n >= CAPARSIZE_MIN && n <= CAPARSIZE_MAX);
+
+ for (i = 0; i < n; i++)
+ dst->cr_rights[i] |= src->cr_rights[i];
+
+ assert(cap_rights_is_valid(src));
+ assert(cap_rights_is_valid(dst));
+
+ return (dst);
+}
+
+cap_rights_t *
+cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src)
+{
+ unsigned int i, n;
+
+ assert(CAPVER(dst) == CAP_RIGHTS_VERSION_00);
+ assert(CAPVER(src) == CAP_RIGHTS_VERSION_00);
+ assert(CAPVER(dst) == CAPVER(src));
+ assert(cap_rights_is_valid(src));
+ assert(cap_rights_is_valid(dst));
+
+ n = CAPARSIZE(dst);
+ assert(n >= CAPARSIZE_MIN && n <= CAPARSIZE_MAX);
+
+ for (i = 0; i < n; i++) {
+ dst->cr_rights[i] &=
+ ~(src->cr_rights[i] & 0x01FFFFFFFFFFFFFFULL);
+ }
+
+ assert(cap_rights_is_valid(src));
+ assert(cap_rights_is_valid(dst));
+
+ return (dst);
+}
+
+bool
+cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little)
+{
+ unsigned int i, n;
+
+ assert(CAPVER(big) == CAP_RIGHTS_VERSION_00);
+ assert(CAPVER(little) == CAP_RIGHTS_VERSION_00);
+ assert(CAPVER(big) == CAPVER(little));
+
+ n = CAPARSIZE(big);
+ assert(n >= CAPARSIZE_MIN && n <= CAPARSIZE_MAX);
+
+ for (i = 0; i < n; i++) {
+ if ((big->cr_rights[i] & little->cr_rights[i]) !=
+ little->cr_rights[i]) {
+ return (false);
+ }
+ }
+
+ return (true);
+}
More information about the Glibc-bsd-commits
mailing list