From 111a0a6e967ed1dfe51f95fe74682905c8f01aec Mon Sep 17 00:00:00 2001 From: rwatson Date: Wed, 5 Jul 2000 04:20:59 +0000 Subject: o Introduce cap_{get,set}_{file,fd}() syscall wrappers, associated with soon to be committed syscall stubs. These calls will be used to get and set capability state associated with executables. Obtained from: TrustedBSD Project --- lib/libc/posix1e/cap_get_fd.c | 55 +++++++++++++++++++++++++++++++++++++++++ lib/libc/posix1e/cap_get_file.c | 55 +++++++++++++++++++++++++++++++++++++++++ lib/libc/posix1e/cap_set_fd.c | 43 ++++++++++++++++++++++++++++++++ lib/libc/posix1e/cap_set_file.c | 43 ++++++++++++++++++++++++++++++++ lib/libposix1e/cap_get_fd.c | 55 +++++++++++++++++++++++++++++++++++++++++ lib/libposix1e/cap_get_file.c | 55 +++++++++++++++++++++++++++++++++++++++++ lib/libposix1e/cap_set_fd.c | 43 ++++++++++++++++++++++++++++++++ lib/libposix1e/cap_set_file.c | 43 ++++++++++++++++++++++++++++++++ sys/sys/capability.h | 4 +++ 9 files changed, 396 insertions(+) create mode 100644 lib/libc/posix1e/cap_get_fd.c create mode 100644 lib/libc/posix1e/cap_get_file.c create mode 100644 lib/libc/posix1e/cap_set_fd.c create mode 100644 lib/libc/posix1e/cap_set_file.c create mode 100644 lib/libposix1e/cap_get_fd.c create mode 100644 lib/libposix1e/cap_get_file.c create mode 100644 lib/libposix1e/cap_set_fd.c create mode 100644 lib/libposix1e/cap_set_file.c diff --git a/lib/libc/posix1e/cap_get_fd.c b/lib/libc/posix1e/cap_get_fd.c new file mode 100644 index 0000000..242ee09 --- /dev/null +++ b/lib/libc/posix1e/cap_get_fd.c @@ -0,0 +1,55 @@ +/*- + * Copyright (c) 2000 Robert N. M. Watson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ +/* + * TrustedBSD Project - support for POSIX.1e process capabilities + */ + +#include +#include +#include + +#include + +cap_t +cap_get_fd(int fd) +{ + struct cap *cap; + int error; + + cap = cap_init(); + if (!cap) + return (NULL); + + error = __cap_get_fd(fd, cap); + if (error) { + cap_free(cap); + return (NULL); + } + + return (cap); +} diff --git a/lib/libc/posix1e/cap_get_file.c b/lib/libc/posix1e/cap_get_file.c new file mode 100644 index 0000000..c4deb6d --- /dev/null +++ b/lib/libc/posix1e/cap_get_file.c @@ -0,0 +1,55 @@ +/*- + * Copyright (c) 2000 Robert N. M. Watson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ +/* + * TrustedBSD Project - support for POSIX.1e process capabilities + */ + +#include +#include +#include + +#include + +cap_t +cap_get_file(const char *path_p) +{ + struct cap *cap; + int error; + + cap = cap_init(); + if (!cap) + return (NULL); + + error = __cap_get_file(path_p, cap); + if (error) { + cap_free(cap); + return (NULL); + } + + return (cap); +} diff --git a/lib/libc/posix1e/cap_set_fd.c b/lib/libc/posix1e/cap_set_fd.c new file mode 100644 index 0000000..ba2f356 --- /dev/null +++ b/lib/libc/posix1e/cap_set_fd.c @@ -0,0 +1,43 @@ +/*- + * Copyright (c) 2000 Robert N. M. Watson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ +/* + * TrustedBSD Project - support for POSIX.1e process capabilities + */ + +#include +#include + +#include + +int +cap_set_fd(int fd, cap_t cap_p) +{ + int error; + + return (__cap_set_fd(fd, cap_p)); +} diff --git a/lib/libc/posix1e/cap_set_file.c b/lib/libc/posix1e/cap_set_file.c new file mode 100644 index 0000000..e371f8a --- /dev/null +++ b/lib/libc/posix1e/cap_set_file.c @@ -0,0 +1,43 @@ +/*- + * Copyright (c) 2000 Robert N. M. Watson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ +/* + * TrustedBSD Project - support for POSIX.1e process capabilities + */ + +#include +#include + +#include + +int +cap_set_file(const char *path_p, cap_t cap_p) +{ + int error; + + return (__cap_set_file(path_p, cap_p)); +} diff --git a/lib/libposix1e/cap_get_fd.c b/lib/libposix1e/cap_get_fd.c new file mode 100644 index 0000000..242ee09 --- /dev/null +++ b/lib/libposix1e/cap_get_fd.c @@ -0,0 +1,55 @@ +/*- + * Copyright (c) 2000 Robert N. M. Watson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ +/* + * TrustedBSD Project - support for POSIX.1e process capabilities + */ + +#include +#include +#include + +#include + +cap_t +cap_get_fd(int fd) +{ + struct cap *cap; + int error; + + cap = cap_init(); + if (!cap) + return (NULL); + + error = __cap_get_fd(fd, cap); + if (error) { + cap_free(cap); + return (NULL); + } + + return (cap); +} diff --git a/lib/libposix1e/cap_get_file.c b/lib/libposix1e/cap_get_file.c new file mode 100644 index 0000000..c4deb6d --- /dev/null +++ b/lib/libposix1e/cap_get_file.c @@ -0,0 +1,55 @@ +/*- + * Copyright (c) 2000 Robert N. M. Watson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ +/* + * TrustedBSD Project - support for POSIX.1e process capabilities + */ + +#include +#include +#include + +#include + +cap_t +cap_get_file(const char *path_p) +{ + struct cap *cap; + int error; + + cap = cap_init(); + if (!cap) + return (NULL); + + error = __cap_get_file(path_p, cap); + if (error) { + cap_free(cap); + return (NULL); + } + + return (cap); +} diff --git a/lib/libposix1e/cap_set_fd.c b/lib/libposix1e/cap_set_fd.c new file mode 100644 index 0000000..ba2f356 --- /dev/null +++ b/lib/libposix1e/cap_set_fd.c @@ -0,0 +1,43 @@ +/*- + * Copyright (c) 2000 Robert N. M. Watson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ +/* + * TrustedBSD Project - support for POSIX.1e process capabilities + */ + +#include +#include + +#include + +int +cap_set_fd(int fd, cap_t cap_p) +{ + int error; + + return (__cap_set_fd(fd, cap_p)); +} diff --git a/lib/libposix1e/cap_set_file.c b/lib/libposix1e/cap_set_file.c new file mode 100644 index 0000000..e371f8a --- /dev/null +++ b/lib/libposix1e/cap_set_file.c @@ -0,0 +1,43 @@ +/*- + * Copyright (c) 2000 Robert N. M. Watson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ +/* + * TrustedBSD Project - support for POSIX.1e process capabilities + */ + +#include +#include + +#include + +int +cap_set_file(const char *path_p, cap_t cap_p) +{ + int error; + + return (__cap_set_file(path_p, cap_p)); +} diff --git a/sys/sys/capability.h b/sys/sys/capability.h index a96cf5e..82adfc3 100644 --- a/sys/sys/capability.h +++ b/sys/sys/capability.h @@ -173,6 +173,10 @@ typedef _BSD_SSIZE_T_ ssize_t; int __cap_get_proc(struct cap *); int __cap_set_proc(struct cap *); +int __cap_get_fd(int, struct cap *); +int __cap_get_file(const char *, struct cap *); +int __cap_set_fd(int, struct cap *); +int __cap_set_file(const char *, struct cap *); int cap_clear(cap_t); ssize_t cap_copy_ext(void *, cap_t, ssize_t); -- cgit v1.1