CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Mark Johnston <markj@FreeBSD.org>
	Wed, 13 Apr 2022 14:47:08 +0000 (10:47 -0400)
committer	Mark Johnston <markj@FreeBSD.org>
	Fri, 22 Apr 2022 14:36:22 +0000 (10:36 -0400)
commit	91d3f40d93e3cda1a04eb0b36158a74c67c62e37
tree	b5623551e59ff63024d8a6c210aa90cbef6a8ccb	tree \| snapshot
parent	cac2d41f1fc1436c3d3f7f9f2b5e9ed250f4b462	commit \| diff

libsysdecode: Fix decoding of Capsicum rights

Capsicum rights are a bit tricky since some of them are subsets of
others, and one can have rights R1 and R2 such that R1 is a subset of
R2, but there is no collection of named rights whose union is R2.  So,
they don't behave like most other flag sets.  sysdecode_cap_rights(3)
does not handle this properly and so can emit misleading decodings.

Try to fix all of these problems:
- Include composite rights in the caprights table.
- Use a constructor to sort the caprights table such that "larger"
  rights appear first and thus are matched first.
- Don't print rights that are a subset of rights already printed, so as
  to minimize the length of the output.
- Print a trailing message if some of the specific rights are not
  matched by the table.

PR: 263165
Reviewed by: pauamma_gundo.com (doc), jhb, emaste
Sponsored by: The FreeBSD Foundation

(cherry picked from commit 869199d9922c7dee92c1c24f95b90f1d1319433e)

lib/libsysdecode/flags.c		diff \| blob \| history
lib/libsysdecode/mktables		diff \| blob \| history
lib/libsysdecode/sysdecode_cap_rights.3		diff \| blob \| history