diff options
author | Emile <git@emile.space> | 2024-10-25 15:55:50 +0200 |
---|---|---|
committer | Emile <git@emile.space> | 2024-10-25 15:55:50 +0200 |
commit | c90f36e3dd179d2de96f4f5fe38d8dc9a9de6dfe (patch) | |
tree | 89e9afb41c5bf76f48cfb09305a2d3db8d302b06 /vendor/golang.org/x/sys/unix/cap_freebsd.go | |
parent | 98bbb0f559a8883bc47bae80607dbe326a448e61 (diff) |
Diffstat (limited to 'vendor/golang.org/x/sys/unix/cap_freebsd.go')
-rw-r--r-- | vendor/golang.org/x/sys/unix/cap_freebsd.go | 195 |
1 files changed, 195 insertions, 0 deletions
diff --git a/vendor/golang.org/x/sys/unix/cap_freebsd.go b/vendor/golang.org/x/sys/unix/cap_freebsd.go new file mode 100644 index 0000000..a086578 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/cap_freebsd.go @@ -0,0 +1,195 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build freebsd + +package unix + +import ( + "errors" + "fmt" +) + +// Go implementation of C mostly found in /usr/src/sys/kern/subr_capability.c + +const ( + // This is the version of CapRights this package understands. See C implementation for parallels. + capRightsGoVersion = CAP_RIGHTS_VERSION_00 + capArSizeMin = CAP_RIGHTS_VERSION_00 + 2 + capArSizeMax = capRightsGoVersion + 2 +) + +var ( + bit2idx = []int{ + -1, 0, 1, -1, 2, -1, -1, -1, 3, -1, -1, -1, -1, -1, -1, -1, + 4, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + } +) + +func capidxbit(right uint64) int { + return int((right >> 57) & 0x1f) +} + +func rightToIndex(right uint64) (int, error) { + idx := capidxbit(right) + if idx < 0 || idx >= len(bit2idx) { + return -2, fmt.Errorf("index for right 0x%x out of range", right) + } + return bit2idx[idx], nil +} + +func caprver(right uint64) int { + return int(right >> 62) +} + +func capver(rights *CapRights) int { + return caprver(rights.Rights[0]) +} + +func caparsize(rights *CapRights) int { + return capver(rights) + 2 +} + +// CapRightsSet sets the permissions in setrights in rights. +func CapRightsSet(rights *CapRights, setrights []uint64) error { + // This is essentially a copy of cap_rights_vset() + if capver(rights) != CAP_RIGHTS_VERSION_00 { + return fmt.Errorf("bad rights version %d", capver(rights)) + } + + n := caparsize(rights) + if n < capArSizeMin || n > capArSizeMax { + return errors.New("bad rights size") + } + + for _, right := range setrights { + if caprver(right) != CAP_RIGHTS_VERSION_00 { + return errors.New("bad right version") + } + i, err := rightToIndex(right) + if err != nil { + return err + } + if i >= n { + return errors.New("index overflow") + } + if capidxbit(rights.Rights[i]) != capidxbit(right) { + return errors.New("index mismatch") + } + rights.Rights[i] |= right + if capidxbit(rights.Rights[i]) != capidxbit(right) { + return errors.New("index mismatch (after assign)") + } + } + + return nil +} + +// CapRightsClear clears the permissions in clearrights from rights. +func CapRightsClear(rights *CapRights, clearrights []uint64) error { + // This is essentially a copy of cap_rights_vclear() + if capver(rights) != CAP_RIGHTS_VERSION_00 { + return fmt.Errorf("bad rights version %d", capver(rights)) + } + + n := caparsize(rights) + if n < capArSizeMin || n > capArSizeMax { + return errors.New("bad rights size") + } + + for _, right := range clearrights { + if caprver(right) != CAP_RIGHTS_VERSION_00 { + return errors.New("bad right version") + } + i, err := rightToIndex(right) + if err != nil { + return err + } + if i >= n { + return errors.New("index overflow") + } + if capidxbit(rights.Rights[i]) != capidxbit(right) { + return errors.New("index mismatch") + } + rights.Rights[i] &= ^(right & 0x01FFFFFFFFFFFFFF) + if capidxbit(rights.Rights[i]) != capidxbit(right) { + return errors.New("index mismatch (after assign)") + } + } + + return nil +} + +// CapRightsIsSet checks whether all the permissions in setrights are present in rights. +func CapRightsIsSet(rights *CapRights, setrights []uint64) (bool, error) { + // This is essentially a copy of cap_rights_is_vset() + if capver(rights) != CAP_RIGHTS_VERSION_00 { + return false, fmt.Errorf("bad rights version %d", capver(rights)) + } + + n := caparsize(rights) + if n < capArSizeMin || n > capArSizeMax { + return false, errors.New("bad rights size") + } + + for _, right := range setrights { + if caprver(right) != CAP_RIGHTS_VERSION_00 { + return false, errors.New("bad right version") + } + i, err := rightToIndex(right) + if err != nil { + return false, err + } + if i >= n { + return false, errors.New("index overflow") + } + if capidxbit(rights.Rights[i]) != capidxbit(right) { + return false, errors.New("index mismatch") + } + if (rights.Rights[i] & right) != right { + return false, nil + } + } + + return true, nil +} + +func capright(idx uint64, bit uint64) uint64 { + return ((1 << (57 + idx)) | bit) +} + +// CapRightsInit returns a pointer to an initialised CapRights structure filled with rights. +// See man cap_rights_init(3) and rights(4). +func CapRightsInit(rights []uint64) (*CapRights, error) { + var r CapRights + r.Rights[0] = (capRightsGoVersion << 62) | capright(0, 0) + r.Rights[1] = capright(1, 0) + + err := CapRightsSet(&r, rights) + if err != nil { + return nil, err + } + return &r, nil +} + +// CapRightsLimit reduces the operations permitted on fd to at most those contained in rights. +// The capability rights on fd can never be increased by CapRightsLimit. +// See man cap_rights_limit(2) and rights(4). +func CapRightsLimit(fd uintptr, rights *CapRights) error { + return capRightsLimit(int(fd), rights) +} + +// CapRightsGet returns a CapRights structure containing the operations permitted on fd. +// See man cap_rights_get(3) and rights(4). +func CapRightsGet(fd uintptr) (*CapRights, error) { + r, err := CapRightsInit(nil) + if err != nil { + return nil, err + } + err = capRightsGet(capRightsGoVersion, int(fd), r) + if err != nil { + return nil, err + } + return r, nil +} |