rss-tools: vendor/golang.org/x/sys/unix/cap_freebsd.go (a5ac52722b131734c74504b6e6f4d9900536cac7)

1

// Copyright 2017 The Go Authors. All rights reserved.

2

// Use of this source code is governed by a BSD-style

3

// license that can be found in the LICENSE file.

4

5

//go:build freebsd

6

7

package unix

8

9

import (

10

	"errors"

11

	"fmt"

12

13

14

// Go implementation of C mostly found in /usr/src/sys/kern/subr_capability.c

15

16

const (

17

	// This is the version of CapRights this package understands. See C implementation for parallels.

18

	capRightsGoVersion = CAP_RIGHTS_VERSION_00

19

	capArSizeMin       = CAP_RIGHTS_VERSION_00 + 2

20

	capArSizeMax       = capRightsGoVersion + 2

21

22

23

var (

24

	bit2idx = []int{

25

		-1, 0, 1, -1, 2, -1, -1, -1, 3, -1, -1, -1, -1, -1, -1, -1,

26

		4, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,

27

28

29

30

func capidxbit(right uint64) int {

31

	return int((right >> 57) & 0x1f)

32

33

34

func rightToIndex(right uint64) (int, error) {

35

	idx := capidxbit(right)

36

	if idx < 0 || idx >= len(bit2idx) {

37

		return -2, fmt.Errorf("index for right 0x%x out of range", right)

38

39

	return bit2idx[idx], nil

40

41

42

func caprver(right uint64) int {

43

	return int(right >> 62)

44

45

46

func capver(rights *CapRights) int {

47

	return caprver(rights.Rights[0])

48

49

50

func caparsize(rights *CapRights) int {

51

	return capver(rights) + 2

52

53

54

// CapRightsSet sets the permissions in setrights in rights.

55

func CapRightsSet(rights *CapRights, setrights []uint64) error {

56

	// This is essentially a copy of cap_rights_vset()

57

	if capver(rights) != CAP_RIGHTS_VERSION_00 {

58

		return fmt.Errorf("bad rights version %d", capver(rights))

59

60

61

	n := caparsize(rights)

62

	if n < capArSizeMin || n > capArSizeMax {

63

		return errors.New("bad rights size")

64

65

66

	for _, right := range setrights {

67

		if caprver(right) != CAP_RIGHTS_VERSION_00 {

68

			return errors.New("bad right version")

69

70

		i, err := rightToIndex(right)

71

		if err != nil {

72

			return err

73

74

		if i >= n {

75

			return errors.New("index overflow")

76

77

		if capidxbit(rights.Rights[i]) != capidxbit(right) {

78

			return errors.New("index mismatch")

79

80

		rights.Rights[i] |= right

81

		if capidxbit(rights.Rights[i]) != capidxbit(right) {

82

			return errors.New("index mismatch (after assign)")

83

84

85

86

	return nil

87

88

89

// CapRightsClear clears the permissions in clearrights from rights.

90

func CapRightsClear(rights *CapRights, clearrights []uint64) error {

91

	// This is essentially a copy of cap_rights_vclear()

92

	if capver(rights) != CAP_RIGHTS_VERSION_00 {

93

		return fmt.Errorf("bad rights version %d", capver(rights))

94

95

96

	n := caparsize(rights)

97

	if n < capArSizeMin || n > capArSizeMax {

98

		return errors.New("bad rights size")

99

100

101

	for _, right := range clearrights {

102

		if caprver(right) != CAP_RIGHTS_VERSION_00 {

103

			return errors.New("bad right version")

104

105

		i, err := rightToIndex(right)

106

		if err != nil {

107

			return err

108

109

		if i >= n {

110

			return errors.New("index overflow")

111

112

		if capidxbit(rights.Rights[i]) != capidxbit(right) {

113

			return errors.New("index mismatch")

114

115

		rights.Rights[i] &= ^(right & 0x01FFFFFFFFFFFFFF)

116

		if capidxbit(rights.Rights[i]) != capidxbit(right) {

117

			return errors.New("index mismatch (after assign)")

118

119

120

121

	return nil

122

123

124

// CapRightsIsSet checks whether all the permissions in setrights are present in rights.

125

func CapRightsIsSet(rights *CapRights, setrights []uint64) (bool, error) {

126

	// This is essentially a copy of cap_rights_is_vset()

127

	if capver(rights) != CAP_RIGHTS_VERSION_00 {

128

		return false, fmt.Errorf("bad rights version %d", capver(rights))

129

130

131

	n := caparsize(rights)

132

	if n < capArSizeMin || n > capArSizeMax {

133

		return false, errors.New("bad rights size")

134

135

136

	for _, right := range setrights {

137

		if caprver(right) != CAP_RIGHTS_VERSION_00 {

138

			return false, errors.New("bad right version")

139

140

		i, err := rightToIndex(right)

141

		if err != nil {

142

			return false, err

143

144

		if i >= n {

145

			return false, errors.New("index overflow")

146

147

		if capidxbit(rights.Rights[i]) != capidxbit(right) {

148

			return false, errors.New("index mismatch")

149

150

		if (rights.Rights[i] & right) != right {

151

			return false, nil

152

153

154

155

	return true, nil

156

157

158

func capright(idx uint64, bit uint64) uint64 {

159

	return ((1 << (57 + idx)) | bit)

160

161

162

// CapRightsInit returns a pointer to an initialised CapRights structure filled with rights.

163

// See man cap_rights_init(3) and rights(4).

164

func CapRightsInit(rights []uint64) (*CapRights, error) {

165

	var r CapRights

166

	r.Rights[0] = (capRightsGoVersion << 62) | capright(0, 0)

167

	r.Rights[1] = capright(1, 0)

168

169

	err := CapRightsSet(&r, rights)

170

	if err != nil {

171

		return nil, err

172

173

	return &r, nil

174

175

176

// CapRightsLimit reduces the operations permitted on fd to at most those contained in rights.

177

// The capability rights on fd can never be increased by CapRightsLimit.

178

// See man cap_rights_limit(2) and rights(4).

179

func CapRightsLimit(fd uintptr, rights *CapRights) error {

180

	return capRightsLimit(int(fd), rights)

181

182

183

// CapRightsGet returns a CapRights structure containing the operations permitted on fd.

184

// See man cap_rights_get(3) and rights(4).

185

func CapRightsGet(fd uintptr) (*CapRights, error) {

186

	r, err := CapRightsInit(nil)

187

	if err != nil {

188

		return nil, err

189

190

	err = capRightsGet(capRightsGoVersion, int(fd), r)

191

	if err != nil {

192

		return nil, err

193

194

	return r, nil

195

1	// Copyright 2017 The Go Authors. All rights reserved.
2	// Use of this source code is governed by a BSD-style
3	// license that can be found in the LICENSE file.
4
5	//go:build freebsd
6
7	package unix
8
9	import (
10	"errors"
11	"fmt"
12	)
13
14	// Go implementation of C mostly found in /usr/src/sys/kern/subr_capability.c
15
16	const (
17	// This is the version of CapRights this package understands. See C implementation for parallels.
18	capRightsGoVersion = CAP_RIGHTS_VERSION_00
19	capArSizeMin = CAP_RIGHTS_VERSION_00 + 2
20	capArSizeMax = capRightsGoVersion + 2
21	)
22
23	var (
24	bit2idx = []int{
25	-1, 0, 1, -1, 2, -1, -1, -1, 3, -1, -1, -1, -1, -1, -1, -1,
26	4, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
27	}
28	)
29
30	func capidxbit(right uint64) int {
31	return int((right >> 57) & 0x1f)
32	}
33
34	func rightToIndex(right uint64) (int, error) {
35	idx := capidxbit(right)
36	if idx < 0 \|\| idx >= len(bit2idx) {
37	return -2, fmt.Errorf("index for right 0x%x out of range", right)
38	}
39	return bit2idx[idx], nil
40	}
41
42	func caprver(right uint64) int {
43	return int(right >> 62)
44	}
45
46	func capver(rights *CapRights) int {
47	return caprver(rights.Rights[0])
48	}
49
50	func caparsize(rights *CapRights) int {
51	return capver(rights) + 2
52	}
53
54	// CapRightsSet sets the permissions in setrights in rights.
55	func CapRightsSet(rights *CapRights, setrights []uint64) error {
56	// This is essentially a copy of cap_rights_vset()
57	if capver(rights) != CAP_RIGHTS_VERSION_00 {
58	return fmt.Errorf("bad rights version %d", capver(rights))
59	}
60
61	n := caparsize(rights)
62	if n < capArSizeMin \|\| n > capArSizeMax {
63	return errors.New("bad rights size")
64	}
65
66	for _, right := range setrights {
67	if caprver(right) != CAP_RIGHTS_VERSION_00 {
68	return errors.New("bad right version")
69	}
70	i, err := rightToIndex(right)
71	if err != nil {
72	return err
73	}
74	if i >= n {
75	return errors.New("index overflow")
76	}
77	if capidxbit(rights.Rights[i]) != capidxbit(right) {
78	return errors.New("index mismatch")
79	}
80	rights.Rights[i] \|= right
81	if capidxbit(rights.Rights[i]) != capidxbit(right) {
82	return errors.New("index mismatch (after assign)")
83	}
84	}
85
86	return nil
87	}
88
89	// CapRightsClear clears the permissions in clearrights from rights.
90	func CapRightsClear(rights *CapRights, clearrights []uint64) error {
91	// This is essentially a copy of cap_rights_vclear()
92	if capver(rights) != CAP_RIGHTS_VERSION_00 {
93	return fmt.Errorf("bad rights version %d", capver(rights))
94	}
95
96	n := caparsize(rights)
97	if n < capArSizeMin \|\| n > capArSizeMax {
98	return errors.New("bad rights size")
99	}
100
101	for _, right := range clearrights {
102	if caprver(right) != CAP_RIGHTS_VERSION_00 {
103	return errors.New("bad right version")
104	}
105	i, err := rightToIndex(right)
106	if err != nil {
107	return err
108	}
109	if i >= n {
110	return errors.New("index overflow")
111	}
112	if capidxbit(rights.Rights[i]) != capidxbit(right) {
113	return errors.New("index mismatch")
114	}
115	rights.Rights[i] &= ^(right & 0x01FFFFFFFFFFFFFF)
116	if capidxbit(rights.Rights[i]) != capidxbit(right) {
117	return errors.New("index mismatch (after assign)")
118	}
119	}
120
121	return nil
122	}
123
124	// CapRightsIsSet checks whether all the permissions in setrights are present in rights.
125	func CapRightsIsSet(rights *CapRights, setrights []uint64) (bool, error) {
126	// This is essentially a copy of cap_rights_is_vset()
127	if capver(rights) != CAP_RIGHTS_VERSION_00 {
128	return false, fmt.Errorf("bad rights version %d", capver(rights))
129	}
130
131	n := caparsize(rights)
132	if n < capArSizeMin \|\| n > capArSizeMax {
133	return false, errors.New("bad rights size")
134	}
135
136	for _, right := range setrights {
137	if caprver(right) != CAP_RIGHTS_VERSION_00 {
138	return false, errors.New("bad right version")
139	}
140	i, err := rightToIndex(right)
141	if err != nil {
142	return false, err
143	}
144	if i >= n {
145	return false, errors.New("index overflow")
146	}
147	if capidxbit(rights.Rights[i]) != capidxbit(right) {
148	return false, errors.New("index mismatch")
149	}
150	if (rights.Rights[i] & right) != right {
151	return false, nil
152	}
153	}
154
155	return true, nil
156	}
157
158	func capright(idx uint64, bit uint64) uint64 {
159	return ((1 << (57 + idx)) \| bit)
160	}
161
162	// CapRightsInit returns a pointer to an initialised CapRights structure filled with rights.
163	// See man cap_rights_init(3) and rights(4).
164	func CapRightsInit(rights []uint64) (*CapRights, error) {
165	var r CapRights
166	r.Rights[0] = (capRightsGoVersion << 62) \| capright(0, 0)
167	r.Rights[1] = capright(1, 0)
168
169	err := CapRightsSet(&r, rights)
170	if err != nil {
171	return nil, err
172	}
173	return &r, nil
174	}
175
176	// CapRightsLimit reduces the operations permitted on fd to at most those contained in rights.
177	// The capability rights on fd can never be increased by CapRightsLimit.
178	// See man cap_rights_limit(2) and rights(4).
179	func CapRightsLimit(fd uintptr, rights *CapRights) error {
180	return capRightsLimit(int(fd), rights)
181	}
182
183	// CapRightsGet returns a CapRights structure containing the operations permitted on fd.
184	// See man cap_rights_get(3) and rights(4).
185	func CapRightsGet(fd uintptr) (*CapRights, error) {
186	r, err := CapRightsInit(nil)
187	if err != nil {
188	return nil, err
189	}
190	err = capRightsGet(capRightsGoVersion, int(fd), r)
191	if err != nil {
192	return nil, err
193	}
194	return r, nil
195	}