From nobody Mon Dec 11 11:17:45 2023 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SpfNp0Fxyz53SNP; Mon, 11 Dec 2023 11:17:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SpfNn6jWMz3HXK; Mon, 11 Dec 2023 11:17:45 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1702293465; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7vUCDPObkuc/Lws66jd3GovN82r7rvOv+l4MVUvNfI4=; b=JoEEfp3c6qKsTLv2G2mU5/Z7H08de4KOKkdq/dw6sKPMkbgD+4Magq+ZW62H8yxx6F56EC BpsJeuv9iu5S9skmQallMkAYhJFmp0PJ5XVJSPf36/tWoi2NXFR0ksF/Ctd7DPRtKbqr9V ouHtFDjagtLPkmHWkdreiiowiXPBAT7YT46tK/MAr0j9xHgxHPY5wQdxRHSgw/KwOaes8s K7oHUy5Ez8tpACDYPAL5DlDiPTCiO9VDeF59e2ACNFqS8tuI+EoEuw4UHKtjyjXuL8pQAw xm4lRdOdXhaz8lHDcJDc0EiDDu2zhXQHbyNy9JcHzw7eunFuCMyet/1b+KU0Lw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702293465; a=rsa-sha256; cv=none; b=dBtgzrudwtAR9D30tsuJqLxTbfo/vMWJXzj6aCZqfTpbTfxBg8ZcvYnbXTihm28OtwPQLb d91ebxODosLBe33lqvlHWpR668vdpkh+n2sV138l49wjJ73dB3JuwF+PM0jVBbVhu49iqn h0tE5t7rQLZR3MwCVxjkz5iiXLHCv8b5C7aOhlU0R6CXYR9LW8eCu7sPEVmE8RLc12GFmd bTgEhFJWKux78srYodrvExbrQnjVQd31reOJNlvHr/0MU68141le6/uLdHLTb1dHI0T9Ai PqMXbxYNNW5fcj4vxi2q1hTsk/G0Nubkoeo9MipW1x2VHXGW0Igio4Vno6vPuQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1702293465; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7vUCDPObkuc/Lws66jd3GovN82r7rvOv+l4MVUvNfI4=; b=brRAMj5Cbttucj2tG92vsVWIg0OKNKqKdAsZ5oC8qRpnPcbpvbH7xFkNWjyrirDF1NgLig JbCzMNs0kkgF7HQGci4lDytsdh2beSVHc4NLf6IieWm5xRjhQdJxKDqqv+4gTa00gBacmj zsRKlUYcEYMVpEk9MMYNo6W2HF7YLNvoQQ12mALTn5vyWl/dIzUGlnmAL+FhBbYAvbyQLV FxSQ8j7B9PGph8pxTJeR1yGf2ZZY2fM2Lzs+TxBHSmbGZINHfmzq/KaM8jyZl1fbPu+tpd unxkfqmAiR8rtsBf3UxExf7MsBvOGsZq1/ts2TAbpINQPpYe1VSchA06Avqslg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SpfNn5jp1zTms; Mon, 11 Dec 2023 11:17:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BBBHjgQ071256; Mon, 11 Dec 2023 11:17:45 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BBBHjso071253; Mon, 11 Dec 2023 11:17:45 GMT (envelope-from git) Date: Mon, 11 Dec 2023 11:17:45 GMT Message-Id: <202312111117.3BBBHjso071253@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mariusz Zaborski Subject: git: a7100ae23aca - main - capsicum: introduce cap_rights_is_empty Function List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: oshogbo X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: a7100ae23aca07976926bd8d50223c45149f65d6 Auto-Submitted: auto-generated The branch main has been updated by oshogbo: URL: https://cgit.FreeBSD.org/src/commit/?id=a7100ae23aca07976926bd8d50223c45149f65d6 commit a7100ae23aca07976926bd8d50223c45149f65d6 Author: Mariusz Zaborski AuthorDate: 2023-12-11 11:09:31 +0000 Commit: Mariusz Zaborski CommitDate: 2023-12-11 11:15:46 +0000 capsicum: introduce cap_rights_is_empty Function Before this commit, we only had the capability to check if a specific capability was set (using cap_rights_is_set function). However, there was no efficient method to determine if a cap_rights_t structure doesn't contain any capability. The cap_rights_is_empty function addresses this gap. PR: 275330 Reported by: vini.ipsmaker@gmail.com Reviewed by: emaste, markj Differential Revision: https://reviews.freebsd.org/D42780 --- contrib/capsicum-test/capability-fd.cc | 15 +++++++++++++++ lib/libc/capability/Symbol.map | 4 ++++ lib/libc/capability/cap_rights_init.3 | 19 ++++++++++++++++++- sys/kern/subr_capability.c | 19 +++++++++++++++++++ sys/sys/capsicum.h | 2 ++ 5 files changed, 58 insertions(+), 1 deletion(-) diff --git a/contrib/capsicum-test/capability-fd.cc b/contrib/capsicum-test/capability-fd.cc index f255c6425cdd..0551d9bd81ef 100644 --- a/contrib/capsicum-test/capability-fd.cc +++ b/contrib/capsicum-test/capability-fd.cc @@ -1342,3 +1342,18 @@ TEST(Capability, NoBypassDACIfRoot) { close(fd); unlink(TmpFile("cap_root_owned")); } + +TEST(Capability, CheckIsEmpty) { + cap_rights_t rights; + + cap_rights_init(&rights); + EXPECT_TRUE(cap_rights_is_empty(&rights)); + + size_t num_known = (sizeof(known_rights)/sizeof(known_rights[0])); + for (size_t ii = 0; ii < num_known; ii++) { + cap_rights_init(&rights, known_rights[ii].right); + EXPECT_FALSE(cap_rights_is_empty(&rights)); + cap_rights_clear(&rights, known_rights[ii].right); + EXPECT_TRUE(cap_rights_is_empty(&rights)); + } +} diff --git a/lib/libc/capability/Symbol.map b/lib/libc/capability/Symbol.map index 0deff024a046..8bf11670a5a8 100644 --- a/lib/libc/capability/Symbol.map +++ b/lib/libc/capability/Symbol.map @@ -8,3 +8,7 @@ FBSD_1.3 { cap_rights_remove; __cap_rights_set; }; + +FBSD_1.8 { + cap_rights_is_empty; +}; diff --git a/lib/libc/capability/cap_rights_init.3 b/lib/libc/capability/cap_rights_init.3 index 80b522820097..98b50f653f2c 100644 --- a/lib/libc/capability/cap_rights_init.3 +++ b/lib/libc/capability/cap_rights_init.3 @@ -25,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd May 5, 2020 +.Dd November 25, 2023 .Dt CAP_RIGHTS_INIT 3 .Os .Sh NAME @@ -33,6 +33,7 @@ .Nm cap_rights_set , .Nm cap_rights_clear , .Nm cap_rights_is_set , +.Nm cap_rights_is_empty , .Nm cap_rights_is_valid , .Nm cap_rights_merge , .Nm cap_rights_remove , @@ -51,6 +52,8 @@ .Ft bool .Fn cap_rights_is_set "const cap_rights_t *rights" "..." .Ft bool +.Fn cap_rights_is_empty "const cap_rights_t *rights" +.Ft bool .Fn cap_rights_is_valid "const cap_rights_t *rights" .Ft cap_rights_t * .Fn cap_rights_merge "cap_rights_t *dst" "const cap_rights_t *src" @@ -118,6 +121,12 @@ function checks if all the given capability rights are set for the given structure. .Pp The +.Fn cap_rights_is_empty +function checks if the +.Fa rights +structure is empty. +.Pp +The .Fn cap_rights_is_valid function verifies if the given .Vt cap_rights_t @@ -182,6 +191,14 @@ if all the given capability rights are set in the argument. .Pp The +.Fn cap_rights_is_empty +function returns +.Va true +if none of the capability rights are set in the +.Fa rights +structure. +.Pp +The .Fn cap_rights_is_valid function performs various checks to see if the given .Vt cap_rights_t diff --git a/sys/kern/subr_capability.c b/sys/kern/subr_capability.c index e40c57c5307d..1f3a181a91cb 100644 --- a/sys/kern/subr_capability.c +++ b/sys/kern/subr_capability.c @@ -306,6 +306,25 @@ __cap_rights_is_set(const cap_rights_t *rights, ...) return (ret); } +bool +cap_rights_is_empty(const cap_rights_t *rights) +{ +#ifndef _KERNEL + cap_rights_t cap_no_rights; + cap_rights_init(&cap_no_rights); +#endif + + assert(CAPVER(rights) == CAP_RIGHTS_VERSION_00); + assert(CAPVER(&cap_no_rights) == CAP_RIGHTS_VERSION_00); + + for (int i = 0; i < CAPARSIZE(rights); i++) { + if (rights->cr_rights[i] != cap_no_rights.cr_rights[i]) + return (false); + } + + return (true); +} + bool cap_rights_is_valid(const cap_rights_t *rights) { diff --git a/sys/sys/capsicum.h b/sys/sys/capsicum.h index b9eb61409613..3979fd718909 100644 --- a/sys/sys/capsicum.h +++ b/sys/sys/capsicum.h @@ -336,6 +336,8 @@ cap_rights_t *__cap_rights_clear(cap_rights_t *rights, ...); __cap_rights_is_set(__VA_ARGS__, 0ULL) bool __cap_rights_is_set(const cap_rights_t *rights, ...); +bool cap_rights_is_empty(const cap_rights_t *rights); + bool cap_rights_is_valid(const cap_rights_t *rights); cap_rights_t *cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src); cap_rights_t *cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);