2 * Minimal portability layer for Capsicum-related features.
8 #include "capsicum-freebsd.h"
12 #include "capsicum-linux.h"
16 * CAP_ALL/CAP_NONE is a value in FreeBSD9.x Capsicum, but a functional macro
17 * in FreeBSD10.x Capsicum. Always use CAP_SET_ALL/CAP_SET_NONE instead.
20 #ifdef CAP_RIGHTS_VERSION
21 #define CAP_SET_ALL(rights) CAP_ALL(rights)
23 #define CAP_SET_ALL(rights) *(rights) = CAP_MASK_VALID
28 #ifdef CAP_RIGHTS_VERSION
29 #define CAP_SET_NONE(rights) CAP_NONE(rights)
31 #define CAP_SET_NONE(rights) *(rights) = 0
36 /************************************************************
37 * Define new-style rights in terms of old-style rights if
39 ************************************************************/
40 #include "capsicum-rights.h"
43 * Cope with systems (e.g. FreeBSD 10.x) where CAP_RENAMEAT hasn't been split out.
44 * (src, dest): RENAMEAT, LINKAT => RENAMEAT_SOURCE, RENAMEAT_TARGET
46 #ifndef CAP_RENAMEAT_SOURCE
47 #define CAP_RENAMEAT_SOURCE CAP_RENAMEAT
49 #ifndef CAP_RENAMEAT_TARGET
50 #define CAP_RENAMEAT_TARGET CAP_LINKAT
53 * Cope with systems (e.g. FreeBSD 10.x) where CAP_RENAMEAT hasn't been split out.
54 * (src, dest): 0, LINKAT => LINKAT_SOURCE, LINKAT_TARGET
56 #ifndef CAP_LINKAT_SOURCE
57 #define CAP_LINKAT_SOURCE CAP_LOOKUP
59 #ifndef CAP_LINKAT_TARGET
60 #define CAP_LINKAT_TARGET CAP_LINKAT
64 /* Existence of CAP_PREAD implies new-style CAP_SEEK semantics */
65 #define CAP_SEEK_ASWAS 0
67 /* Old-style CAP_SEEK semantics */
68 #define CAP_SEEK_ASWAS CAP_SEEK
69 #define CAP_PREAD CAP_READ
70 #define CAP_PWRITE CAP_WRITE
74 #define CAP_MMAP_R (CAP_READ|CAP_MMAP)
75 #define CAP_MMAP_W (CAP_WRITE|CAP_MMAP)
76 #define CAP_MMAP_X (CAP_MAPEXEC|CAP_MMAP)
77 #define CAP_MMAP_RW (CAP_MMAP_R|CAP_MMAP_W)
78 #define CAP_MMAP_RX (CAP_MMAP_R|CAP_MMAP_X)
79 #define CAP_MMAP_WX (CAP_MMAP_W|CAP_MMAP_X)
80 #define CAP_MMAP_RWX (CAP_MMAP_R|CAP_MMAP_W|CAP_MMAP_X)
84 #define CAP_MKFIFOAT CAP_MKFIFO
88 #define CAP_MKNODAT CAP_MKFIFOAT
92 #define CAP_MKDIRAT CAP_MKDIR
96 #define CAP_UNLINKAT CAP_RMDIR
99 #ifndef CAP_SOCK_CLIENT
100 #define CAP_SOCK_CLIENT \
101 (CAP_CONNECT | CAP_GETPEERNAME | CAP_GETSOCKNAME | CAP_GETSOCKOPT | \
102 CAP_PEELOFF | CAP_READ | CAP_WRITE | CAP_SETSOCKOPT | CAP_SHUTDOWN)
105 #ifndef CAP_SOCK_SERVER
106 #define CAP_SOCK_SERVER \
107 (CAP_ACCEPT | CAP_BIND | CAP_GETPEERNAME | CAP_GETSOCKNAME | \
108 CAP_GETSOCKOPT | CAP_LISTEN | CAP_PEELOFF | CAP_READ | CAP_WRITE | \
109 CAP_SETSOCKOPT | CAP_SHUTDOWN)
113 #define CAP_EVENT CAP_POLL_EVENT
116 /************************************************************
117 * Define new-style API functions in terms of old-style API
118 * functions if absent.
119 ************************************************************/
120 #ifndef HAVE_CAP_RIGHTS_GET
121 /* Define cap_rights_get() in terms of old-style cap_getrights() */
122 inline int cap_rights_get(int fd, cap_rights_t *rights) {
123 return cap_getrights(fd, rights);
127 #ifndef HAVE_CAP_RIGHTS_LIMIT
128 /* Define cap_rights_limit() in terms of old-style cap_new() and dup2() */
130 inline int cap_rights_limit(int fd, const cap_rights_t *rights) {
131 int cap = cap_new(fd, *rights);
132 if (cap < 0) return cap;
133 int rc = dup2(cap, fd);
134 if (rc < 0) return rc;
141 #ifdef CAP_RIGHTS_VERSION
142 /* New-style Capsicum API extras for debugging */
143 static inline void cap_rights_describe(const cap_rights_t *rights, char *buffer) {
145 for (ii = 0; ii < (CAP_RIGHTS_VERSION+2); ii++) {
146 int len = sprintf(buffer, "0x%016llx ", (unsigned long long)rights->cr_rights[ii]);
154 inline std::ostream& operator<<(std::ostream& os, cap_rights_t rights) {
155 for (int ii = 0; ii < (CAP_RIGHTS_VERSION+2); ii++) {
156 os << std::hex << std::setw(16) << std::setfill('0') << (unsigned long long)rights.cr_rights[ii] << " ";
164 static inline void cap_rights_describe(const cap_rights_t *rights, char *buffer) {
165 sprintf(buffer, "0x%016llx", (*rights));
168 #endif /* new/old style rights manipulation */
172 extern std::string capsicum_test_bindir;
175 #endif /*__CAPSICUM_H__*/