projects / thirdparty / util-linux.git / blame
| Commit | Line | Data |
|---|---|---|
| cef4decf JP |
1 | /* |
| 2 | * This program is free software; you can redistribute it and/or modify it | |
| 3 | * under the terms of the GNU General Public License as published by the | |
| 4 | * Free Software Foundation; either version 2, or (at your option) any | |
| 5 | * later version. | |
| 6 | * | |
| 7 | * This program is distributed in the hope that it will be useful, but | |
| 8 | * WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 9 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
| 10 | * General Public License for more details. | |
| 11 | * | |
| 12 | * You should have received a copy of the GNU General Public License along | |
| 13 | * with this program; if not, write to the Free Software Foundation, Inc., | |
| 14 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
| 15 | */ | |
| 16 | ||
| 5d958187 | 17 | #include <sys/prctl.h> |
| cef4decf | 18 | #include <stdio.h> |
| 96642021 | 19 | #include <stdlib.h> |
| 5d958187 | 20 | #include <limits.h> |
| 96642021 | 21 | #include <errno.h> |
| cef4decf | 22 | |
| 96642021 | 23 | #include "c.h" |
| cef4decf JP |
24 | #include "caputils.h" |
| 25 | #include "pathnames.h" | |
| c0f40fe5 | 26 | #include "procfs.h" |
| acb72212 | 27 | #include "nls.h" |
| cef4decf | 28 | |
| 5d958187 ÉR |
29 | static int test_cap(unsigned int cap) |
| 30 | { | |
| 31 | /* prctl returns 0 or 1 for valid caps, -1 otherwise */ | |
| 32 | return prctl(PR_CAPBSET_READ, cap, 0, 0, 0) >= 0; | |
| 33 | } | |
| 34 | ||
| 96642021 KZ |
35 | static int cap_last_by_bsearch(int *ret) |
| 36 | { | |
| 37 | /* starting with cap=INT_MAX means we always know | |
| 38 | * that cap1 is invalid after the first iteration */ | |
| 39 | int cap = INT_MAX; | |
| 40 | unsigned int cap0 = 0, cap1 = INT_MAX; | |
| 41 | ||
| 42 | while ((int)cap0 < cap) { | |
| 43 | if (test_cap(cap)) | |
| 44 | cap0 = cap; | |
| 45 | else | |
| 46 | cap1 = cap; | |
| 47 | ||
| 48 | cap = (cap0 + cap1) / 2U; | |
| 49 | } | |
| 50 | ||
| 51 | *ret = cap; | |
| 52 | return 0; | |
| 53 | } | |
| 54 | ||
| 55 | static int cap_last_by_procfs(int *ret) | |
| 56 | { | |
| 57 | FILE *f = fopen(_PATH_PROC_CAPLASTCAP, "r"); | |
| 58 | int rc = -EINVAL; | |
| 59 | ||
| 60 | *ret = 0; | |
| 61 | ||
| c0f40fe5 | 62 | if (f && fd_is_procfs(fileno(f))) { |
| 96642021 KZ |
63 | int cap; |
| 64 | ||
| 65 | /* we check if the cap after this one really isn't valid */ | |
| 66 | if (fscanf(f, "%d", &cap) == 1 && | |
| 67 | cap < INT_MAX && !test_cap(cap + 1)) { | |
| 68 | ||
| 69 | *ret = cap; | |
| 70 | rc = 0; | |
| 71 | } | |
| 72 | } | |
| 73 | ||
| 74 | if (f) | |
| 75 | fclose(f); | |
| 76 | return rc; | |
| 77 | } | |
| 78 | ||
| cef4decf JP |
79 | int cap_last_cap(void) |
| 80 | { | |
| 5d958187 | 81 | static int cap = -1; |
| cef4decf | 82 | |
| 5d958187 ÉR |
83 | if (cap != -1) |
| 84 | return cap; | |
| 96642021 KZ |
85 | if (cap_last_by_procfs(&cap) < 0) |
| 86 | cap_last_by_bsearch(&cap); | |
| cef4decf | 87 | |
| 96642021 KZ |
88 | return cap; |
| 89 | } | |
| 5d958187 | 90 | |
| acb72212 DG |
91 | void cap_permitted_to_ambient(void) |
| 92 | { | |
| 93 | /* We use capabilities system calls to propagate the permitted | |
| 94 | * capabilities into the ambient set because we may have | |
| 95 | * already forked so be in async-signal-safe context. */ | |
| 96 | struct __user_cap_header_struct header = { | |
| 97 | .version = _LINUX_CAPABILITY_VERSION_3, | |
| 98 | .pid = 0, | |
| 99 | }; | |
| 100 | struct __user_cap_data_struct payload[_LINUX_CAPABILITY_U32S_3] = {{ 0 }}; | |
| 101 | uint64_t effective, cap; | |
| 102 | ||
| 103 | if (capget(&header, payload) < 0) | |
| 104 | err(EXIT_FAILURE, _("capget failed")); | |
| 105 | ||
| 106 | /* In order the make capabilities ambient, we first need to ensure | |
| 107 | * that they are all inheritable. */ | |
| 108 | payload[0].inheritable = payload[0].permitted; | |
| 109 | payload[1].inheritable = payload[1].permitted; | |
| 110 | ||
| 111 | if (capset(&header, payload) < 0) | |
| 112 | err(EXIT_FAILURE, _("capset failed")); | |
| 113 | ||
| 114 | effective = ((uint64_t)payload[1].effective << 32) | (uint64_t)payload[0].effective; | |
| 115 | ||
| 116 | for (cap = 0; cap < (sizeof(effective) * 8); cap++) { | |
| 117 | /* This is the same check as cap_valid(), but using | |
| 118 | * the runtime value for the last valid cap. */ | |
| 119 | if (cap > (uint64_t) cap_last_cap()) | |
| 120 | continue; | |
| 121 | ||
| 01a0a556 | 122 | if ((effective & (1ULL << cap)) |
| acb72212 DG |
123 | && prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, cap, 0, 0) < 0) |
| 124 | err(EXIT_FAILURE, _("prctl(PR_CAP_AMBIENT) failed")); | |
| 125 | } | |
| 126 | } | |
| 127 | ||
| 96642021 KZ |
128 | #ifdef TEST_PROGRAM_CAPUTILS |
| 129 | int main(int argc, char *argv[]) | |
| 130 | { | |
| 131 | int rc = 0, cap; | |
| 5d958187 | 132 | |
| 96642021 KZ |
133 | if (argc < 2) { |
| 134 | fprintf(stderr, "usage: %1$s --last-by-procfs\n" | |
| 135 | " %1$s --last-by-bsearch\n" | |
| 136 | " %1$s --last\n", | |
| 137 | program_invocation_short_name); | |
| 138 | return EXIT_FAILURE; | |
| cef4decf JP |
139 | } |
| 140 | ||
| 96642021 KZ |
141 | if (strcmp(argv[1], "--last-by-procfs") == 0) { |
| 142 | rc = cap_last_by_procfs(&cap); | |
| 143 | if (rc == 0) | |
| 144 | printf("last cap: %d\n", cap); | |
| cef4decf | 145 | |
| 96642021 KZ |
146 | } else if (strcmp(argv[1], "--last-by-bsearch") == 0) { |
| 147 | rc = cap_last_by_bsearch(&cap); | |
| 148 | if (rc == 0) | |
| 149 | printf("last cap: %d\n", cap); | |
| cef4decf | 150 | |
| 96642021 KZ |
151 | } else if (strcmp(argv[1], "--last") == 0) |
| 152 | printf("last cap: %d\n", cap_last_cap()); | |
| 153 | ||
| 154 | return rc == 0 ? EXIT_SUCCESS : EXIT_FAILURE; | |
| cef4decf | 155 | } |
| 96642021 | 156 | #endif |