diff options
author | rwatson <rwatson@FreeBSD.org> | 2000-10-13 17:12:58 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2000-10-13 17:12:58 +0000 |
commit | 79bb6ec5ea6aacb1b51654255a46244dd3193676 (patch) | |
tree | 884f966aa570b43e545c557f8f5fa268157d3406 /lib | |
parent | a76b72fb58d55a339d5a57029408529d72a76652 (diff) | |
download | FreeBSD-src-79bb6ec5ea6aacb1b51654255a46244dd3193676.zip FreeBSD-src-79bb6ec5ea6aacb1b51654255a46244dd3193676.tar.gz |
o Simplify capability types away from an array of ints to a single
u_int64_t flag field, bounding the number of capabilities at 64,
but substantially cleaning up capability logic (there are currently
43 defined capabilities).
o Heads up to anyone actually using capabilities: the constant
assignments for various capabilities have been redone, so any
persistent binary capability stores (i.e., '$posix1e.cap' EA
backing files) must be recreated. If you have one of these,
you'll know about it, so if you have no idea what this means,
don't worry.
o Update libposix1e to reflect this new definition, fixing the
exposed functions that directly manipulate the flags fields.
Obtained from: TrustedBSD Project
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libc/posix1e/cap_get_flag.c | 3 | ||||
-rw-r--r-- | lib/libc/posix1e/cap_set_flag.c | 15 | ||||
-rw-r--r-- | lib/libposix1e/cap_get_flag.c | 3 | ||||
-rw-r--r-- | lib/libposix1e/cap_set_flag.c | 15 |
4 files changed, 20 insertions, 16 deletions
diff --git a/lib/libc/posix1e/cap_get_flag.c b/lib/libc/posix1e/cap_get_flag.c index 6c549e61..37595ee 100644 --- a/lib/libc/posix1e/cap_get_flag.c +++ b/lib/libc/posix1e/cap_get_flag.c @@ -37,8 +37,7 @@ int cap_get_flag(cap_t cap_p, cap_value_t cap, cap_flag_t flag, cap_flag_value_t *value_p) { - cap_flag_value_t result; - u_int32_t *mask; + u_int64_t mask; switch(flag) { diff --git a/lib/libc/posix1e/cap_set_flag.c b/lib/libc/posix1e/cap_set_flag.c index e6e2259..bf150e9 100644 --- a/lib/libc/posix1e/cap_set_flag.c +++ b/lib/libc/posix1e/cap_set_flag.c @@ -37,28 +37,31 @@ int cap_set_flag(cap_t cap_p, cap_flag_t flag, int ncap, cap_value_t caps[], cap_flag_value_t value) { - u_int *mask; + u_int64_t *mask; int i; switch(flag) { case CAP_EFFECTIVE: - mask = &cap_p->c_effective[0]; + mask = &cap_p->c_effective; break; case CAP_INHERITABLE: - mask = &cap_p->c_inheritable[0]; + mask = &cap_p->c_inheritable; break; case CAP_PERMITTED: - mask = &cap_p->c_permitted[0]; + mask = &cap_p->c_permitted; break; default: return (EINVAL); } + if (value != CAP_SET && value != CAP_CLEAR) + return (EINVAL); + for (i = 0; i < ncap; i++) if (value == CAP_SET) - SET_CAPABILITY(mask, caps[i]); + SET_CAPABILITY(*mask, caps[i]); else - UNSET_CAPABILITY(mask, caps[i]); + UNSET_CAPABILITY(*mask, caps[i]); return (0); } diff --git a/lib/libposix1e/cap_get_flag.c b/lib/libposix1e/cap_get_flag.c index 6c549e61..37595ee 100644 --- a/lib/libposix1e/cap_get_flag.c +++ b/lib/libposix1e/cap_get_flag.c @@ -37,8 +37,7 @@ int cap_get_flag(cap_t cap_p, cap_value_t cap, cap_flag_t flag, cap_flag_value_t *value_p) { - cap_flag_value_t result; - u_int32_t *mask; + u_int64_t mask; switch(flag) { diff --git a/lib/libposix1e/cap_set_flag.c b/lib/libposix1e/cap_set_flag.c index e6e2259..bf150e9 100644 --- a/lib/libposix1e/cap_set_flag.c +++ b/lib/libposix1e/cap_set_flag.c @@ -37,28 +37,31 @@ int cap_set_flag(cap_t cap_p, cap_flag_t flag, int ncap, cap_value_t caps[], cap_flag_value_t value) { - u_int *mask; + u_int64_t *mask; int i; switch(flag) { case CAP_EFFECTIVE: - mask = &cap_p->c_effective[0]; + mask = &cap_p->c_effective; break; case CAP_INHERITABLE: - mask = &cap_p->c_inheritable[0]; + mask = &cap_p->c_inheritable; break; case CAP_PERMITTED: - mask = &cap_p->c_permitted[0]; + mask = &cap_p->c_permitted; break; default: return (EINVAL); } + if (value != CAP_SET && value != CAP_CLEAR) + return (EINVAL); + for (i = 0; i < ncap; i++) if (value == CAP_SET) - SET_CAPABILITY(mask, caps[i]); + SET_CAPABILITY(*mask, caps[i]); else - UNSET_CAPABILITY(mask, caps[i]); + UNSET_CAPABILITY(*mask, caps[i]); return (0); } |