[Midnightbsd-cvs] src [10429] trunk/lib/libc/capability: add capabilities

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Tue Jun 5 18:49:51 EDT 2018 

Revision: 10429
          http://svnweb.midnightbsd.org/src/?rev=10429
Author:   laffer1
Date:     2018-06-05 18:49:50 -0400 (Tue, 05 Jun 2018)
Log Message:
-----------
add capabilities

Added Paths:
-----------
    trunk/lib/libc/capability/
    trunk/lib/libc/capability/Makefile.inc
    trunk/lib/libc/capability/Symbol.map
    trunk/lib/libc/capability/cap_rights_init.3

Added: trunk/lib/libc/capability/Makefile.inc
===================================================================
--- trunk/lib/libc/capability/Makefile.inc	                        (rev 0)
+++ trunk/lib/libc/capability/Makefile.inc	2018-06-05 22:49:50 UTC (rev 10429)
@@ -0,0 +1,19 @@
+# $MidnightBSD$
+# $FreeBSD: stable/10/lib/libc/capability/Makefile.inc 257771 2013-11-06 23:59:19Z pjd $
+
+# capability sources
+.PATH: ${.CURDIR}/../../sys/kern ${.CURDIR}/capability
+
+SRCS+=	subr_capability.c
+
+SYM_MAPS+=	${.CURDIR}/capability/Symbol.map
+
+MAN+=	cap_rights_init.3
+
+MLINKS+=cap_rights_init.3 cap_rights_set.3
+MLINKS+=cap_rights_init.3 cap_rights_clear.3
+MLINKS+=cap_rights_init.3 cap_rights_is_set.3
+MLINKS+=cap_rights_init.3 cap_rights_is_valid.3
+MLINKS+=cap_rights_init.3 cap_rights_merge.3
+MLINKS+=cap_rights_init.3 cap_rights_remove.3
+MLINKS+=cap_rights_init.3 cap_rights_contains.3


Property changes on: trunk/lib/libc/capability/Makefile.inc
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/lib/libc/capability/Symbol.map
===================================================================
--- trunk/lib/libc/capability/Symbol.map	                        (rev 0)
+++ trunk/lib/libc/capability/Symbol.map	2018-06-05 22:49:50 UTC (rev 10429)
@@ -0,0 +1,12 @@
+/* $MidnightBSD$ */
+
+FBSD_1.3 {
+	__cap_rights_clear;
+	cap_rights_contains;
+	__cap_rights_init;
+	__cap_rights_is_set;
+	cap_rights_is_valid;
+	cap_rights_merge;
+	cap_rights_remove;
+	__cap_rights_set;
+};


Property changes on: trunk/lib/libc/capability/Symbol.map
___________________________________________________________________
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: trunk/lib/libc/capability/cap_rights_init.3
===================================================================
--- trunk/lib/libc/capability/cap_rights_init.3	                        (rev 0)
+++ trunk/lib/libc/capability/cap_rights_init.3	2018-06-05 22:49:50 UTC (rev 10429)
@@ -0,0 +1,242 @@
+.\"
+.\" Copyright (c) 2013 The FreeBSD Foundation
+.\" All rights reserved.
+.\"
+.\" This documentation was written by Pawel Jakub Dawidek under sponsorship
+.\" from the FreeBSD Foundation.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD: stable/10/lib/libc/capability/cap_rights_init.3 280247 2015-03-19 11:24:07Z rwatson $
+.\" $MidnightBSD$
+.\"
+.Dd March 27, 2014
+.Dt CAP_RIGHTS_INIT 3
+.Os
+.Sh NAME
+.Nm cap_rights_init ,
+.Nm cap_rights_set ,
+.Nm cap_rights_clear ,
+.Nm cap_rights_is_set ,
+.Nm cap_rights_is_valid ,
+.Nm cap_rights_merge ,
+.Nm cap_rights_remove ,
+.Nm cap_rights_contains
+.Nd manage cap_rights_t structure
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.In sys/capsicum.h
+.Ft cap_rights_t *
+.Fn cap_rights_init "cap_rights_t *rights" "..."
+.Ft cap_rights_t *
+.Fn cap_rights_set "cap_rights_t *rights" "..."
+.Ft cap_rights_t *
+.Fn cap_rights_clear "cap_rights_t *rights" "..."
+.Ft bool
+.Fn cap_rights_is_set "const cap_rights_t *rights" "..."
+.Ft bool
+.Fn cap_rights_is_valid "const cap_rights_t *rights"
+.Ft cap_rights_t *
+.Fn cap_rights_merge "cap_rights_t *dst" "const cap_rights_t *src"
+.Ft cap_rights_t *
+.Fn cap_rights_remove "cap_rights_t *dst" "const cap_rights_t *src"
+.Ft bool
+.Fn cap_rights_contains "const cap_rights_t *big" "const cap_rights_t *little"
+.Sh DESCRIPTION
+The functions documented here allow to manage the
+.Vt cap_rights_t
+structure.
+.Pp
+Capability rights should be separated with comma when passed to the
+.Fn cap_rights_init ,
+.Fn cap_rights_set ,
+.Fn cap_rights_clear
+and
+.Fn cap_rights_is_set
+functions.
+For example:
+.Bd -literal
+cap_rights_set(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT, CAP_SEEK);
+.Ed
+.Pp
+The complete list of the capability rights can be found in the
+.Xr rights 4
+manual page.
+.Pp
+The
+.Fn cap_rights_init
+function initialize provided
+.Vt cap_rights_t
+structure.
+Only properly initialized structure can be passed to the remaining functions.
+For convenience the structure can be filled with capability rights instead of
+calling the
+.Fn cap_rights_set
+function later.
+For even more convenience pointer to the given structure is returned, so it can
+be directly passed to
+.Xr cap_rights_limit 2 :
+.Bd -literal
+cap_rights_t rights;
+
+if (cap_rights_limit(fd, cap_rights_init(&rights, CAP_READ, CAP_WRITE)) < 0)
+	err(1, "Unable to limit capability rights");
+.Ed
+.Pp
+The
+.Fn cap_rights_set
+function adds the given capability rights to the given
+.Vt cap_rights_t
+structure.
+.Pp
+The
+.Fn cap_rights_clear
+function removes the given capability rights from the given
+.Vt cap_rights_t
+structure.
+.Pp
+The
+.Fn cap_rights_is_set
+function checks if all the given capability rights are set for the given
+.Vt cap_rights_t
+structure.
+.Pp
+The
+.Fn cap_rights_is_valid
+function verifies if the given
+.Vt cap_rights_t
+structure is valid.
+.Pp
+The
+.Fn cap_rights_merge
+function merges all capability rights present in the
+.Fa src
+structure into the
+.Fa dst
+structure.
+.Pp
+The
+.Fn cap_rights_remove
+function removes all capability rights present in the
+.Fa src
+structure from the
+.Fa dst
+structure.
+.Pp
+The
+.Fn cap_rights_contains
+function checks if the
+.Fa big
+structure contains all capability rights present in the
+.Fa little
+structure.
+.Sh RETURN VALUES
+The functions never fail.
+In case an invalid capability right or an invalid
+.Vt cap_rights_t
+structure is given as an argument, the program will be aborted.
+.Pp
+The
+.Fn cap_rights_init ,
+.Fn cap_rights_set
+and
+.Fn cap_rights_clear
+functions return pointer to the
+.Vt cap_rights_t
+structure given in the
+.Fa rights
+argument.
+.Pp
+The
+.Fn cap_rights_merge
+and
+.Fn cap_rights_remove
+functions return pointer to the
+.Vt cap_rights_t
+structure given in the
+.Fa dst
+argument.
+.Pp
+The
+.Fn cap_rights_is_set
+returns
+.Va true
+if all the given capability rights are set in the
+.Fa rights
+argument.
+.Pp
+The
+.Fn cap_rights_is_valid
+function performs various checks to see if the given
+.Vt cap_rights_t
+structure is valid and returns
+.Va true
+if it is.
+.Pp
+The
+.Fn cap_rights_contains
+function returns
+.Va true
+if all capability rights set in the
+.Fa little
+structure are also present in the
+.Fa big
+structure.
+.Sh EXAMPLES
+The following example demonstrates how to prepare a
+.Vt cap_rights_t
+structure to be passed to the
+.Xr cap_rights_limit 2
+system call.
+.Bd -literal
+cap_rights_t rights;
+int fd;
+
+fd = open("/tmp/foo", O_RDWR);
+if (fd < 0)
+	err(1, "open() failed");
+
+cap_rights_init(&rights, CAP_FSTAT, CAP_READ);
+
+if (allow_write_and_seek)
+	cap_rights_set(&rights, CAP_WRITE, CAP_SEEK);
+
+if (dont_allow_seek)
+	cap_rights_clear(&rights, CAP_SEEK);
+
+if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS)
+	err(1, "cap_rights_limit() failed");
+.Ed
+.Sh SEE ALSO
+.Xr cap_rights_limit 2 ,
+.Xr open 2 ,
+.Xr capsicum 4 ,
+.Xr rights 4
+.Sh HISTORY
+Support for capabilities and capabilities mode was developed as part of the
+.Tn TrustedBSD
+Project.
+.Sh AUTHORS
+This family of functions was created by
+.An Pawel Jakub Dawidek Aq pawel at dawidek.net
+under sponsorship from the FreeBSD Foundation.


Property changes on: trunk/lib/libc/capability/cap_rights_init.3
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property

More information about the Midnightbsd-cvs mailing list