Lines Matching full:rights
20 /* Utilities for printing rights information */
29 /* Rights that are common to all versions of Capsicum */
111 /* Rights that are only present in some version or some OS, and so are #ifdef'ed */
129 /* Linux-specific rights */
148 /* Rights in later versions of FreeBSD (>10.0) */
154 cap_rights_t rights; in ShowCapRights() local
155 CAP_SET_NONE(&rights); in ShowCapRights()
156 if (cap_rights_get(fd, &rights) < 0) { in ShowCapRights()
157 fprintf(out, "Failed to get rights for fd %d: errno %d\n", fd, errno); in ShowCapRights()
161 /* First print out all known rights */ in ShowCapRights()
164 if (cap_rights_is_set(&rights, known_rights[ii].right)) { in ShowCapRights()
170 /* Now repeat the loop, clearing rights we know of; this needs to be in ShowCapRights()
171 * a separate loop because some named rights overlap. in ShowCapRights()
174 cap_rights_clear(&rights, known_rights[ii].right); in ShowCapRights()
177 * try to show rights we don't know about. */ in ShowCapRights()
178 for (ii = 0; ii < (size_t)CAPARSIZE(&rights); ii++) { in ShowCapRights()
179 uint64_t bits = (rights.cr_rights[0] & 0x01ffffffffffffffULL); in ShowCapRights()
216 cap_rights_t rights; in FORK_TEST() local
217 CAP_SET_NONE(&rights); in FORK_TEST()
218 EXPECT_OK(cap_rights_get(cap_fd, &rights)); in FORK_TEST()
219 EXPECT_RIGHTS_EQ(&r_all, &rights); in FORK_TEST()
227 EXPECT_OK(cap_rights_get(cap_fd, &rights)); in FORK_TEST()
228 EXPECT_RIGHTS_EQ(&r_rws, &rights); in FORK_TEST()
230 // dup/dup2 should preserve rights. in FORK_TEST()
233 EXPECT_OK(cap_rights_get(cap_dup, &rights)); in FORK_TEST()
234 EXPECT_RIGHTS_EQ(&r_rws, &rights); in FORK_TEST()
237 EXPECT_OK(cap_rights_get(cap_dup, &rights)); in FORK_TEST()
238 EXPECT_RIGHTS_EQ(&r_rws, &rights); in FORK_TEST()
242 EXPECT_OK(cap_rights_get(cap_dup, &rights)); in FORK_TEST()
243 EXPECT_RIGHTS_EQ(&r_rws, &rights); in FORK_TEST()
247 // Try to get a disjoint set of rights in a sub-capability. in FORK_TEST()
256 // Dump rights info to stderr (mostly to ensure that Show[All]CapRights() in FORK_TEST()
381 cap_rights_t rights; variable
382 cap_rights_init(&rights, 0);
383 EXPECT_OK(cap_rights_get(file, &rights));
384 EXPECT_RIGHTS_EQ(&r_rl, &rights);
396 // Ensure that, if the capability had enough rights for the system call to
399 #define CHECK_RIGHT_RESULT(result, rights, ...) do { \ argument
402 if (cap_rights_contains(&rights, &rights_needed)) { \
406 << " got: " << rights; \
410 << " got: "<< rights; \
430 #define CHECK_RIGHT_MMAP_RESULT(result, rights, ...) do { \ argument
433 if (cap_rights_contains(&rights, &rights_needed)) { \
486 // Given a file descriptor, create a capability with specific rights and
487 // make sure only those rights work.
490 cap_rights_t rights; \
491 cap_rights_init(&rights, __VA_ARGS__); \
492 TryFileOps((fd), rights); \
495 static void TryFileOps(int fd, cap_rights_t rights) { in TryFileOps() argument
498 EXPECT_OK(cap_rights_limit(cap_fd, &rights)); in TryFileOps()
502 EXPECT_RIGHTS_EQ(&rights, &erights); in TryFileOps()
507 EXPECT_OK(cap_rights_limit(cap_cap_fd, &rights)); in TryFileOps()
510 EXPECT_RIGHTS_EQ(&rights, &erights); in TryFileOps()
514 CHECK_RIGHT_RESULT(read(cap_fd, &ch, sizeof(ch)), rights, CAP_READ, CAP_SEEK_ASWAS); in TryFileOps()
517 CHECK_RIGHT_RESULT(len1, rights, CAP_PREAD); in TryFileOps()
519 CHECK_RIGHT_RESULT(len2, rights, CAP_PREAD); in TryFileOps()
522 CHECK_RIGHT_RESULT(write(cap_fd, &ch, sizeof(ch)), rights, CAP_WRITE, CAP_SEEK_ASWAS); in TryFileOps()
523 CHECK_RIGHT_RESULT(pwrite(cap_fd, &ch, sizeof(ch), 0), rights, CAP_PWRITE); in TryFileOps()
524 CHECK_RIGHT_RESULT(lseek(cap_fd, 0, SEEK_SET), rights, CAP_SEEK); in TryFileOps()
532 CHECK_RIGHT_RESULT(fchflags(cap_fd, UF_NODUMP), rights, CAP_FCHFLAGS); in TryFileOps()
537 rights, CAP_MMAP); in TryFileOps()
539 rights, CAP_MMAP_R); in TryFileOps()
541 rights, CAP_MMAP_W); in TryFileOps()
543 rights, CAP_MMAP_X); in TryFileOps()
545 rights, CAP_MMAP_RW); in TryFileOps()
547 rights, CAP_MMAP_RX); in TryFileOps()
549 rights, CAP_MMAP_WX); in TryFileOps()
551 rights, CAP_MMAP_RWX); in TryFileOps()
553 CHECK_RIGHT_RESULT(fsync(cap_fd), rights, CAP_FSYNC); in TryFileOps()
555 CHECK_RIGHT_RESULT(sync_file_range(cap_fd, 0, 1, 0), rights, CAP_FSYNC, CAP_SEEK); in TryFileOps()
559 CHECK_RIGHT_RESULT(rc, rights, CAP_FCNTL); in TryFileOps()
561 CHECK_RIGHT_RESULT(rc, rights, CAP_FCNTL); in TryFileOps()
563 CHECK_RIGHT_RESULT(fchown(cap_fd, -1, -1), rights, CAP_FCHOWN); in TryFileOps()
565 CHECK_RIGHT_RESULT(fchmod(cap_fd, 0644), rights, CAP_FCHMOD); in TryFileOps()
567 CHECK_RIGHT_RESULT(flock(cap_fd, LOCK_SH), rights, CAP_FLOCK); in TryFileOps()
568 CHECK_RIGHT_RESULT(flock(cap_fd, LOCK_UN), rights, CAP_FLOCK); in TryFileOps()
570 CHECK_RIGHT_RESULT(ftruncate(cap_fd, 0), rights, CAP_FTRUNCATE); in TryFileOps()
573 CHECK_RIGHT_RESULT(fstat(cap_fd, &sb), rights, CAP_FSTAT); in TryFileOps()
576 CHECK_RIGHT_RESULT(fstatfs(cap_fd, &cap_sf), rights, CAP_FSTATFS); in TryFileOps()
579 CHECK_RIGHT_RESULT(fpathconf(cap_fd, _PC_NAME_MAX), rights, CAP_FPATHCONF); in TryFileOps()
582 CHECK_RIGHT_RESULT(futimes(cap_fd, NULL), rights, CAP_FUTIMES); in TryFileOps()
589 if (cap_rights_is_set(&rights, CAP_EVENT)) { in TryFileOps()
605 if (cap_rights_is_set(&rights, CAP_EVENT)) { in TryFileOps()
623 // Try a variety of different combinations of rights - a full
673 cap_rights_t rights; \
674 cap_rights_init(&rights, __VA_ARGS__); \
675 TryDirOps((dfd), rights); \
678 static void TryDirOps(int dirfd, cap_rights_t rights) { in TryDirOps() argument
682 EXPECT_OK(cap_rights_limit(dfd_cap, &rights)); in TryDirOps()
684 EXPECT_RIGHTS_EQ(&rights, &erights); in TryDirOps()
687 CHECK_RIGHT_RESULT(rc, rights, CAP_CREATE, CAP_READ, CAP_LOOKUP); in TryDirOps()
693 CHECK_RIGHT_RESULT(rc, rights, CAP_CREATE, CAP_WRITE, CAP_LOOKUP); in TryDirOps()
699 CHECK_RIGHT_RESULT(rc, rights, CAP_CREATE, CAP_READ, CAP_WRITE, CAP_LOOKUP); in TryDirOps()
709 CHECK_RIGHT_RESULT(rc, rights, CAP_FSTAT, CAP_LOOKUP); in TryDirOps()
716 CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_LOOKUP); in TryDirOps()
721 CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_WRITE, CAP_LOOKUP); in TryDirOps()
726 CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_LOOKUP); in TryDirOps()
731 CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_LOOKUP); in TryDirOps()
736 CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_WRITE, CAP_LOOKUP); in TryDirOps()
741 CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_LOOKUP); in TryDirOps()
751 CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_READ, CAP_LOOKUP); in TryDirOps()
756 CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_WRITE, CAP_LOOKUP); in TryDirOps()
761 CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_READ, CAP_WRITE, CAP_LOOKUP); in TryDirOps()
768 CHECK_RIGHT_RESULT(rc, rights, CAP_CREATE, CAP_WRITE, CAP_SEEK, CAP_LOOKUP); in TryDirOps()
774 CHECK_RIGHT_RESULT(rc, rights, CAP_CREATE, CAP_READ, CAP_WRITE, CAP_SEEK, CAP_LOOKUP); in TryDirOps()
785 rights, CAP_FSYNC, CAP_WRITE, CAP_SEEK, CAP_LOOKUP); in TryDirOps()
791 rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_SEEK, CAP_LOOKUP); in TryDirOps()
797 rights, CAP_FSYNC, CAP_WRITE, CAP_SEEK, CAP_LOOKUP); in TryDirOps()
803 rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_SEEK, CAP_LOOKUP); in TryDirOps()
814 CHECK_RIGHT_RESULT(rc, rights, CAP_CHFLAGSAT, CAP_LOOKUP); in TryDirOps()
822 CHECK_RIGHT_RESULT(rc, rights, CAP_FCHOWN, CAP_LOOKUP); in TryDirOps()
829 CHECK_RIGHT_RESULT(rc, rights, CAP_FCHMOD, CAP_LOOKUP); in TryDirOps()
837 CHECK_RIGHT_RESULT(rc, rights, CAP_FSTAT, CAP_LOOKUP); in TryDirOps()
844 CHECK_RIGHT_RESULT(rc, rights, CAP_FUTIMES, CAP_LOOKUP); in TryDirOps()
855 CHECK_RIGHT_RESULT(rc, rights, CAP_LINKAT_TARGET); in TryDirOps()
861 CHECK_RIGHT_RESULT(rc, rights, CAP_LINKAT_SOURCE); in TryDirOps()
869 CHECK_RIGHT_RESULT(rc, rights, CAP_MKDIRAT, CAP_LOOKUP); in TryDirOps()
876 CHECK_RIGHT_RESULT(rc, rights, CAP_MKFIFOAT, CAP_LOOKUP); in TryDirOps()
884 CHECK_RIGHT_RESULT(rc, rights, CAP_MKNODAT, CAP_LOOKUP); in TryDirOps()
898 CHECK_RIGHT_RESULT(rc, rights, CAP_RENAMEAT_TARGET); in TryDirOps()
910 CHECK_RIGHT_RESULT(rc, rights, CAP_RENAMEAT_SOURCE); in TryDirOps()
919 CHECK_RIGHT_RESULT(rc, rights, CAP_SYMLINKAT, CAP_LOOKUP); in TryDirOps()
928 CHECK_RIGHT_RESULT(rc, rights, CAP_UNLINKAT, CAP_LOOKUP); in TryDirOps()
932 CHECK_RIGHT_RESULT(rc, rights, CAP_UNLINKAT, CAP_LOOKUP); in TryDirOps()
1037 cap_rights_t rights; variable
1038 EXPECT_OK(cap_rights_get(cap_fd, &rights));
1039 EXPECT_RIGHTS_EQ(&r_rs, &rights);
1294 cap_rights_t rights; in TEST() local
1295 cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_SEEK); in TEST()
1296 EXPECT_OK(cap_rights_limit(fds[0], &rights)); in TEST()
1302 cap_rights_init(&rights, CAP_READ, CAP_WRITE); in TEST()
1303 EXPECT_OK(cap_rights_limit(fds[0], &rights)); in TEST()
1317 cap_rights_t rights; in TEST() local
1318 cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FCHMOD, CAP_FSTAT); in TEST()
1319 EXPECT_OK(cap_rights_limit(fd, &rights)); in TEST()
1347 cap_rights_t rights; in TEST() local
1349 cap_rights_init(&rights); in TEST()
1350 EXPECT_TRUE(cap_rights_is_empty(&rights)); in TEST()
1354 cap_rights_init(&rights, known_rights[ii].right); in TEST()
1355 EXPECT_FALSE(cap_rights_is_empty(&rights)); in TEST()
1356 cap_rights_clear(&rights, known_rights[ii].right); in TEST()
1357 EXPECT_TRUE(cap_rights_is_empty(&rights)); in TEST()