d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b6b6ad2f23
freebsd-nq/sys/sys/capability.h
Robert Watson 00d322883a o Add POSIX1E_CAPABILITY_EXTATTR_NAME, a string constant for the 
extended attribute name used to store capabilities for binaries in
  FFS.
o Uncomment CAP_SETPCAP because, unfortunately, it is useful when
  developing and testing, as well as in practice for a system not
  fully capability-enabled.
o Synch up prototypes with the implementation, reducing diffs and
  making the patches for capabilities more accessible and less
  dastardly.

Obtained from:	TrustedBSD Project
2000-08-08 18:47:59 +00:00

205 lines
7.0 KiB
C
Raw Blame History

/*-
* Copyright (c) 2000 Robert N. M. Watson
* All rights reserved.
*
* Copyright (c) 1999 Ilmar S. Habibulin
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
/*
* Developed by the TrustedBSD Project.
* Support for POSIX.1e process capabilities.
*/
#ifndef _SYS_CAPABILITY_H
#define _SYS_CAPABILITY_H
#define POSIX1E_CAPABILITY_EXTATTR_NAME "$posix1e.cap"
#define __CAP_MASK_LEN 2
typedef int cap_flag_t;
typedef int cap_flag_value_t;
typedef u_int cap_value_t;
struct cap {
u_int c_effective[__CAP_MASK_LEN];
u_int c_permitted[__CAP_MASK_LEN];
u_int c_inheritable[__CAP_MASK_LEN];
};
typedef struct cap *cap_t;
#define CAP_TYPE_MASK 0xff
#define CAP_MIN_TYPE POSIX1E_CAPABILITY
#define POSIX1E_CAPABILITY 0x00
#define SYSTEM_CAPABILITY 0x01
#define CAP_MAX_TYPE SYSTEM_CAPABILITY
#define SET_CAPABILITY(mask, cap) do { \
(mask)[(cap) & CAP_TYPE_MASK] |= (cap) & ~CAP_TYPE_MASK; \
} while (0)
#define UNSET_CAPABILITY(mask, cap) do { \
(mask)[(cap) & CAP_TYPE_MASK] &= ~(cap) & ~CAP_TYPE_MASK; \
} while (0)
#define IS_CAP_SET(mask, cap) \
((mask)[(cap) & CAP_TYPE_MASK] & (cap) & ~CAP_TYPE_MASK)
/*
* Is (tcap) a logical subset of (scap)?
*/
#define CAP_SUBSET(scap,tcap) \
((((scap).c_permitted[0] | (tcap).c_permitted[0]) \
== (scap).c_permitted[0]) && \
(((tcap.c_permitted[0] | (tcap).c_effective[0]) \
== (tcap).c_permitted[0]) && \
(((scap).c_permitted[1] | (tcap).c_permitted[1]) \
== (scap).c_permitted[1]) && \
(((tcap).c_permitted[1] | (tcap).c_effective[1]) \
== (tcap).c_permitted[1]))
/*
* Possible flags for a particular capability.
*/
#define CAP_EFFECTIVE 0x01
#define CAP_INHERITABLE 0x02
#define CAP_PERMITTED 0x04
/*
* Possible values for each capability flag.
*/
#define CAP_CLEAR 0
#define CAP_SET 1
/*
* Possible capability values, both BSD/LINUX and POSIX.1e.
*/
#define CAP_CHOWN (0x00000100 | POSIX1E_CAPABILITY)
#define CAP_DAC_EXECUTE (0x00000200 | POSIX1E_CAPABILITY)
#define CAP_DAC_WRITE (0x00000400 | POSIX1E_CAPABILITY)
#define CAP_DAC_READ_SEARCH (0x00000800 | POSIX1E_CAPABILITY)
#define CAP_FOWNER (0x00001000 | POSIX1E_CAPABILITY)
#define CAP_FSETID (0x00002000 | POSIX1E_CAPABILITY)
#define CAP_KILL (0x00004000 | POSIX1E_CAPABILITY)
#define CAP_LINK_DIR (0x00008000 | POSIX1E_CAPABILITY)
#define CAP_SETFCAP (0x00010000 | POSIX1E_CAPABILITY)
#define CAP_SETGID (0x00020000 | POSIX1E_CAPABILITY)
#define CAP_SETUID (0x00040000 | POSIX1E_CAPABILITY)
#define CAP_MAC_DOWNGRADE (0x00080000 | POSIX1E_CAPABILITY)
#define CAP_MAC_READ (0x00100000 | POSIX1E_CAPABILITY)
#define CAP_MAC_RELABEL_SUBJ (0x00200000 | POSIX1E_CAPABILITY)
#define CAP_MAC_UPGRADE (0x00400000 | POSIX1E_CAPABILITY)
#define CAP_MAC_WRITE (0x00800000 | POSIX1E_CAPABILITY)
#define CAP_INF_NOFLOAT_OBJ (0x01000000 | POSIX1E_CAPABILITY)
#define CAP_INF_NOFLOAT_SUBJ (0x02000000 | POSIX1E_CAPABILITY)
#define CAP_INF_RELABEL_OBJ (0x04000000 | POSIX1E_CAPABILITY)
#define CAP_INF_RELABEL_SUBJ (0x08000000 | POSIX1E_CAPABILITY)
#define CAP_AUDIT_CONTROL (0x10000000 | POSIX1E_CAPABILITY)
#define CAP_AUDIT_WRITE (0x20000000 | POSIX1E_CAPABILITY)
/*
* The following capability, borrowed from Linux, is unsafe
*/
#define CAP_SETPCAP (0x00000100 | SYSTEM_CAPABILITY)
/*
* The following capability, borrowed from Linux, is not appropriate
* in the BSD file environment
* #define CAP_LINUX_IMMUTABLE (0x00000200 | SYSTEM_CAPABILITY)
*/
#define CAP_BSD_SETFFLAG (0x00000200 | SYSTEM_CAPABILITY)
#define CAP_NET_BIND_SERVICE (0x00000400 | SYSTEM_CAPABILITY)
#define CAP_NET_BROADCAST (0x00000800 | SYSTEM_CAPABILITY)
#define CAP_NET_ADMIN (0x00001000 | SYSTEM_CAPABILITY)
#define CAP_NET_RAW (0x00002000 | SYSTEM_CAPABILITY)
#define CAP_IPC_LOCK (0x00004000 | SYSTEM_CAPABILITY)
#define CAP_IPC_OWNER (0x00008000 | SYSTEM_CAPABILITY)
/*
* The following capabilities, borrowed from Linux, are unsafe in a
* secure environment.
*
* #define CAP_SYS_MODULE (0x00010000 | SYSTEM_CAPABILITY)
* #define CAP_SYS_RAWIO (0x00020000 | SYSTEM_CAPABILITY)
* #define CAP_SYS_CHROOT (0x00040000 | SYSTEM_CAPABILITY)
* #define CAP_SYS_PTRACE (0x00080000 | SYSTEM_CAPABILITY)
*/
#define CAP_SYS_PACCT (0x00100000 | SYSTEM_CAPABILITY)
#define CAP_SYS_ADMIN (0x00200000 | SYSTEM_CAPABILITY)
#define CAP_SYS_BOOT (0x00400000 | SYSTEM_CAPABILITY)
#define CAP_SYS_NICE (0x00800000 | SYSTEM_CAPABILITY)
#define CAP_SYS_RESOURCE (0x01000000 | SYSTEM_CAPABILITY)
#define CAP_SYS_TIME (0x02000000 | SYSTEM_CAPABILITY)
#define CAP_SYS_TTY_CONFIG (0x04000000 | SYSTEM_CAPABILITY)
#ifdef _KERNEL
struct proc;
struct ucred;
struct vnode;
int cap_check(struct proc *, cap_value_t);
int cap_check_xxx(struct ucred *, struct proc *, cap_value_t, int);
int cap_change_on_inherit(struct cap *cap_p);
void cap_inherit(struct vnode *vp, struct proc *p);
void cap_init_proc0(struct cap *);
void cap_init_proc1(struct cap *);
#else /* !_KERNEL */
#define _POSIX_CAP
#ifdef _BSD_SSIZE_T_
typedef _BSD_SSIZE_T_ ssize_t;
#undef _BSD_SSIZE_T_
#endif
int __cap_get_proc(struct cap *);
int __cap_set_proc(struct cap *);
int __cap_get_fd(int, struct cap *);
int __cap_get_file(const char *, struct cap *);
int __cap_set_fd(int, struct cap *);
int __cap_set_file(const char *, struct cap *);
int cap_clear(cap_t);
ssize_t cap_copy_ext(void *, cap_t, ssize_t);
cap_t cap_copy_int(const void *);
cap_t cap_dup(cap_t);
int cap_free(void *);
cap_t cap_from_text(const char *);
cap_t cap_get_fd(int);
cap_t cap_get_file(const char *);
int cap_get_flag(cap_t, cap_value_t, cap_flag_t, cap_flag_value_t *);
cap_t cap_get_proc(void);
cap_t cap_init(void);
int cap_set_fd(int, cap_t);
int cap_set_file(const char *, cap_t);
int cap_set_flag(cap_t, cap_flag_t, int, cap_value_t[] , cap_flag_value_t);
int cap_set_proc(cap_t);
ssize_t cap_size(cap_t);
char *cap_to_text(cap_t, ssize_t *);
#endif /* !_KERNEL */
#endif /* !_SYS_CAPABILITY_H */
Reference in New Issue View Git Blame Copy Permalink