#include <sys/cdefs.h>#include <sys/types.h>#include <sys/capsicum.h>#include <sys/systm.h>#include <sys/kernel.h>#include <machine/stdarg.h>
Go to the source code of this file.
Macros | |
| #define | assert(exp) KASSERT((exp), ("%s:%u", __func__, __LINE__)) |
| #define | CAPARSIZE_MIN (CAP_RIGHTS_VERSION_00 + 2) |
| #define | CAPARSIZE_MAX (CAP_RIGHTS_VERSION + 2) |
Functions | |
| __FBSDID ("$FreeBSD$") | |
| static void | cap_rights_sysinit (void *arg) |
| SYSINIT (cap_rights_sysinit, SI_SUB_COPYRIGHT, SI_ORDER_ANY, cap_rights_sysinit, NULL) | |
| static __inline int | right_to_index (uint64_t right) |
| static void | cap_rights_vset (cap_rights_t *rights, va_list ap) |
| static void | cap_rights_vclear (cap_rights_t *rights, va_list ap) |
| static bool | cap_rights_is_vset (const cap_rights_t *rights, va_list ap) |
| cap_rights_t * | __cap_rights_init (int version, cap_rights_t *rights,...) |
| cap_rights_t * | __cap_rights_set (cap_rights_t *rights,...) |
| cap_rights_t * | __cap_rights_clear (cap_rights_t *rights,...) |
| bool | __cap_rights_is_set (const cap_rights_t *rights,...) |
| bool | cap_rights_is_valid (const cap_rights_t *rights) |
| cap_rights_t * | cap_rights_merge (cap_rights_t *dst, const cap_rights_t *src) |
| cap_rights_t * | cap_rights_remove (cap_rights_t *dst, const cap_rights_t *src) |
Macro Definition Documentation
◆ assert
| #define assert | ( | exp | ) | KASSERT((exp), ("%s:%u", __func__, __LINE__)) |
Definition at line 54 of file subr_capability.c.
◆ CAPARSIZE_MAX
| #define CAPARSIZE_MAX (CAP_RIGHTS_VERSION + 2) |
Definition at line 157 of file subr_capability.c.
◆ CAPARSIZE_MIN
| #define CAPARSIZE_MIN (CAP_RIGHTS_VERSION_00 + 2) |
Definition at line 156 of file subr_capability.c.
Function Documentation
◆ __cap_rights_clear()
| cap_rights_t * __cap_rights_clear | ( | cap_rights_t * | rights, |
| ... | |||
| ) |
Definition at line 283 of file subr_capability.c.
References assert, and cap_rights_vclear().
◆ __cap_rights_init()
| cap_rights_t * __cap_rights_init | ( | int | version, |
| cap_rights_t * | rights, | ||
| ... | |||
| ) |
Definition at line 251 of file subr_capability.c.
References assert, cap_rights_vset(), CAPARSIZE_MAX, and CAPARSIZE_MIN.
◆ __cap_rights_is_set()
| bool __cap_rights_is_set | ( | const cap_rights_t * | rights, |
| ... | |||
| ) |
Definition at line 297 of file subr_capability.c.
References assert, and cap_rights_is_vset().
◆ __cap_rights_set()
| cap_rights_t * __cap_rights_set | ( | cap_rights_t * | rights, |
| ... | |||
| ) |
Definition at line 269 of file subr_capability.c.
References assert, and cap_rights_vset().
◆ __FBSDID()
| __FBSDID | ( | "$FreeBSD$" | ) |
◆ cap_rights_is_valid()
| bool cap_rights_is_valid | ( | const cap_rights_t * | rights | ) |
Definition at line 312 of file subr_capability.c.
References CAPARSIZE_MAX, CAPARSIZE_MIN, and right_to_index().
Referenced by cap_rights_merge(), cap_rights_remove(), and filecaps_validate().
◆ cap_rights_is_vset()
|
static |
Definition at line 224 of file subr_capability.c.
References assert, CAPARSIZE_MAX, CAPARSIZE_MIN, and right_to_index().
Referenced by __cap_rights_is_set().
◆ cap_rights_merge()
| cap_rights_t * cap_rights_merge | ( | cap_rights_t * | dst, |
| const cap_rights_t * | src | ||
| ) |
Definition at line 340 of file subr_capability.c.
References assert, cap_rights_is_valid(), CAPARSIZE_MAX, CAPARSIZE_MIN, and src.
◆ cap_rights_remove()
| cap_rights_t * cap_rights_remove | ( | cap_rights_t * | dst, |
| const cap_rights_t * | src | ||
| ) |
Definition at line 363 of file subr_capability.c.
References assert, cap_rights_is_valid(), CAPARSIZE_MAX, CAPARSIZE_MIN, and src.
◆ cap_rights_sysinit()
|
static |
Definition at line 103 of file subr_capability.c.
References cap_accept_rights, cap_bind_rights, cap_connect_rights, cap_event_rights, cap_fchdir_rights, cap_fchflags_rights, cap_fchmod_rights, cap_fchown_rights, cap_fcntl_rights, cap_fexecve_rights, cap_flock_rights, cap_fpathconf_rights, cap_fstat_rights, cap_fstatfs_rights, cap_fsync_rights, cap_ftruncate_rights, cap_futimes_rights, cap_getpeername_rights, cap_getsockname_rights, cap_getsockopt_rights, cap_ioctl_rights, cap_linkat_source_rights, cap_linkat_target_rights, cap_listen_rights, cap_mkdirat_rights, cap_mkfifoat_rights, cap_mknodat_rights, cap_mmap_rights, cap_no_rights, cap_pdgetpid_rights, cap_pdkill_rights, cap_pread_rights, cap_pwrite_rights, cap_read_rights, cap_recv_rights, cap_renameat_source_rights, cap_renameat_target_rights, cap_seek_rights, cap_send_connect_rights, cap_send_rights, cap_setsockopt_rights, cap_shutdown_rights, cap_symlinkat_rights, cap_unlinkat_rights, and cap_write_rights.
◆ cap_rights_vclear()
|
static |
Definition at line 199 of file subr_capability.c.
References assert, CAPARSIZE_MAX, CAPARSIZE_MIN, and right_to_index().
Referenced by __cap_rights_clear().
◆ cap_rights_vset()
|
static |
Definition at line 174 of file subr_capability.c.
References assert, CAPARSIZE_MAX, CAPARSIZE_MIN, and right_to_index().
Referenced by __cap_rights_init(), and __cap_rights_set().
◆ right_to_index()
|
static |
Definition at line 160 of file subr_capability.c.
References assert.
Referenced by cap_rights_is_valid(), cap_rights_is_vset(), cap_rights_vclear(), and cap_rights_vset().
◆ SYSINIT()
| SYSINIT | ( | cap_rights_sysinit | , |
| SI_SUB_COPYRIGHT | , | ||
| SI_ORDER_ANY | , | ||
| cap_rights_sysinit | , | ||
| NULL | |||
| ) |
Variable Documentation
◆ cap_accept_rights
| __read_mostly cap_rights_t cap_accept_rights |
Definition at line 55 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_accept4().
◆ cap_bind_rights
| __read_mostly cap_rights_t cap_bind_rights |
Definition at line 56 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_bindat().
◆ cap_chflags_rights
| __read_mostly cap_rights_t cap_chflags_rights |
Definition at line 57 of file subr_capability.c.
◆ cap_connect_rights
| __read_mostly cap_rights_t cap_connect_rights |
Definition at line 58 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_connectat().
◆ cap_event_rights
| __read_mostly cap_rights_t cap_event_rights |
Definition at line 59 of file subr_capability.c.
Referenced by cap_rights_sysinit(), getmq(), kern_kmq_notify(), kqueue_register(), pollrescan(), pollscan(), selrescan(), and selscan().
◆ cap_fchdir_rights
| __read_mostly cap_rights_t cap_fchdir_rights |
Definition at line 60 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and sys_fchdir().
◆ cap_fchflags_rights
| __read_mostly cap_rights_t cap_fchflags_rights |
Definition at line 61 of file subr_capability.c.
Referenced by cap_rights_sysinit(), kern_chflagsat(), and sys_fchflags().
◆ cap_fchmod_rights
| __read_mostly cap_rights_t cap_fchmod_rights |
Definition at line 62 of file subr_capability.c.
Referenced by cap_rights_sysinit(), kern_fchmodat(), and sys_fchmod().
◆ cap_fchown_rights
| __read_mostly cap_rights_t cap_fchown_rights |
Definition at line 63 of file subr_capability.c.
Referenced by cap_rights_sysinit(), kern_fchownat(), and sys_fchown().
◆ cap_fcntl_rights
| __read_mostly cap_rights_t cap_fcntl_rights |
Definition at line 64 of file subr_capability.c.
Referenced by cap_rights_sysinit(), kern_fcntl(), and sysctl_ftry_reclaim_vnode().
◆ cap_fexecve_rights
| __read_mostly cap_rights_t cap_fexecve_rights |
Definition at line 65 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and do_execve().
◆ cap_flock_rights
| __read_mostly cap_rights_t cap_flock_rights |
Definition at line 66 of file subr_capability.c.
Referenced by cap_rights_sysinit(), kern_fcntl(), and sys_flock().
◆ cap_fpathconf_rights
| __read_mostly cap_rights_t cap_fpathconf_rights |
Definition at line 67 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_fpathconf().
◆ cap_fstat_rights
| __read_mostly cap_rights_t cap_fstat_rights |
Definition at line 68 of file subr_capability.c.
Referenced by cap_rights_sysinit(), kern___realpathat(), kern_accessat(), kern_fstat(), and kern_statat().
◆ cap_fstatfs_rights
| __read_mostly cap_rights_t cap_fstatfs_rights |
Definition at line 69 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_fstatfs().
◆ cap_fsync_rights
| __read_mostly cap_rights_t cap_fsync_rights |
Definition at line 70 of file subr_capability.c.
Referenced by aio_aqueue(), cap_rights_sysinit(), and kern_fsync().
◆ cap_ftruncate_rights
| __read_mostly cap_rights_t cap_ftruncate_rights |
Definition at line 71 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_ftruncate().
◆ cap_futimes_rights
| __read_mostly cap_rights_t cap_futimes_rights |
Definition at line 72 of file subr_capability.c.
Referenced by cap_rights_sysinit(), kern_futimens(), kern_futimes(), kern_utimensat(), and kern_utimesat().
◆ cap_getpeername_rights
| __read_mostly cap_rights_t cap_getpeername_rights |
Definition at line 73 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_getpeername().
◆ cap_getsockname_rights
| __read_mostly cap_rights_t cap_getsockname_rights |
Definition at line 75 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_getsockname().
◆ cap_getsockopt_rights
| __read_mostly cap_rights_t cap_getsockopt_rights |
Definition at line 74 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_getsockopt().
◆ cap_ioctl_rights
| __read_mostly cap_rights_t cap_ioctl_rights |
Definition at line 76 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_ioctl().
◆ cap_linkat_source_rights
| __read_mostly cap_rights_t cap_linkat_source_rights |
Definition at line 78 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_linkat().
◆ cap_linkat_target_rights
| __read_mostly cap_rights_t cap_linkat_target_rights |
Definition at line 79 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_linkat_vp().
◆ cap_listen_rights
| __read_mostly cap_rights_t cap_listen_rights |
Definition at line 77 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_listen().
◆ cap_mkdirat_rights
| __read_mostly cap_rights_t cap_mkdirat_rights |
Definition at line 81 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_mkdirat().
◆ cap_mkfifoat_rights
| __read_mostly cap_rights_t cap_mkfifoat_rights |
Definition at line 82 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_mkfifoat().
◆ cap_mknodat_rights
| __read_mostly cap_rights_t cap_mknodat_rights |
Definition at line 83 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_mknodat().
◆ cap_mmap_rights
| __read_mostly cap_rights_t cap_mmap_rights |
Definition at line 80 of file subr_capability.c.
Referenced by cap_rights_sysinit().
◆ cap_no_rights
| __read_mostly cap_rights_t cap_no_rights |
Definition at line 100 of file subr_capability.c.
Referenced by aio_aqueue(), cap_rights_sysinit(), kern_fcntl(), kern_funlinkat(), kern_posix_fadvise(), kern_proc_filedesc_out(), m_dispose_extcontrolm(), sys_aio_cancel(), sys_ksem_close(), and sys_ksem_destroy().
◆ cap_pdgetpid_rights
| __read_mostly cap_rights_t cap_pdgetpid_rights |
Definition at line 84 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and sys_pdgetpid().
◆ cap_pdkill_rights
| __read_mostly cap_rights_t cap_pdkill_rights |
Definition at line 85 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and sys_pdkill().
◆ cap_pread_rights
| __read_mostly cap_rights_t cap_pread_rights |
Definition at line 86 of file subr_capability.c.
Referenced by aio_aqueue(), cap_rights_sysinit(), kern_preadv(), and sendfile().
◆ cap_pwrite_rights
| __read_mostly cap_rights_t cap_pwrite_rights |
Definition at line 87 of file subr_capability.c.
Referenced by aio_aqueue(), cap_rights_sysinit(), kern_fspacectl(), kern_posix_fallocate(), and kern_pwritev().
◆ cap_read_rights
| __read_mostly cap_rights_t cap_read_rights |
Definition at line 88 of file subr_capability.c.
Referenced by cap_rights_sysinit(), getmq_read(), kern_copy_file_range(), kern_getdirentries(), and kern_readv().
◆ cap_recv_rights
| __read_mostly cap_rights_t cap_recv_rights |
Definition at line 89 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_recvit().
◆ cap_renameat_source_rights
| __read_mostly cap_rights_t cap_renameat_source_rights |
Definition at line 90 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_renameat().
◆ cap_renameat_target_rights
| __read_mostly cap_rights_t cap_renameat_target_rights |
Definition at line 91 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_renameat().
◆ cap_seek_rights
| __read_mostly cap_rights_t cap_seek_rights |
Definition at line 92 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_lseek().
◆ cap_send_connect_rights
| __read_mostly cap_rights_t cap_send_connect_rights |
Definition at line 94 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_sendit().
◆ cap_send_rights
| __read_mostly cap_rights_t cap_send_rights |
Definition at line 93 of file subr_capability.c.
Referenced by cap_rights_sysinit(), kern_sendit(), and sendfile_getsock().
◆ cap_setsockopt_rights
| __read_mostly cap_rights_t cap_setsockopt_rights |
Definition at line 95 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_setsockopt().
◆ cap_shutdown_rights
| __read_mostly cap_rights_t cap_shutdown_rights |
Definition at line 96 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_shutdown().
◆ cap_symlinkat_rights
| __read_mostly cap_rights_t cap_symlinkat_rights |
Definition at line 97 of file subr_capability.c.
Referenced by cap_rights_sysinit(), and kern_symlinkat().
◆ cap_unlinkat_rights
| __read_mostly cap_rights_t cap_unlinkat_rights |
Definition at line 98 of file subr_capability.c.
Referenced by cap_rights_sysinit(), kern_frmdirat(), kern_funlinkat(), and kern_renameat().
◆ cap_write_rights
| __read_mostly cap_rights_t cap_write_rights |
Definition at line 99 of file subr_capability.c.
Referenced by cap_rights_sysinit(), getmq_write(), kern_copy_file_range(), kern_ptrace(), and kern_writev().
