xref: /freebsd/lib/libc/gen/cap_rights_get.3 (revision 3810b37903220af1a369d3c4032ae25fb2d7949d)
1.\"
2.\" Copyright (c) 2013 The FreeBSD Foundation
3.\"
4.\" This documentation was written by Pawel Jakub Dawidek under sponsorship
5.\" from the FreeBSD Foundation.
6.\"
7.\" Redistribution and use in source and binary forms, with or without
8.\" modification, are permitted provided that the following conditions
9.\" are met:
10.\" 1. Redistributions of source code must retain the above copyright
11.\"    notice, this list of conditions and the following disclaimer.
12.\" 2. Redistributions in binary form must reproduce the above copyright
13.\"    notice, this list of conditions and the following disclaimer in the
14.\"    documentation and/or other materials provided with the distribution.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.\" $FreeBSD$
29.\"
30.Dd May 5, 2020
31.Dt CAP_RIGHTS_GET 3
32.Os
33.Sh NAME
34.Nm cap_rights_get
35.Nd obtain capability rights
36.Sh LIBRARY
37.Lb libc
38.Sh SYNOPSIS
39.In sys/capsicum.h
40.Ft int
41.Fn cap_rights_get "int fd" "cap_rights_t *rights"
42.Sh DESCRIPTION
43The
44.Nm cap_rights_get
45function allows to obtain current capability rights for the given descriptor.
46The function will fill the
47.Fa rights
48argument with all capability rights if they were not limited or capability
49rights configured during the last successful call of
50.Xr cap_rights_limit 2
51on the given descriptor.
52.Pp
53The
54.Fa rights
55argument can be inspected using
56.Xr cap_rights_init 3
57family of functions.
58.Pp
59The complete list of the capability rights can be found in the
60.Xr rights 4
61manual page.
62.Sh RETURN VALUES
63.Rv -std
64.Sh EXAMPLES
65The following example demonstrates how to limit file descriptor capability
66rights and how to obtain them.
67.Bd -literal
68cap_rights_t setrights, getrights;
69int fd;
70
71memset(&setrights, 0, sizeof(setrights));
72memset(&getrights, 0, sizeof(getrights));
73
74fd = open("/tmp/foo", O_RDONLY);
75if (fd < 0)
76	err(1, "open() failed");
77
78cap_rights_init(&setrights, CAP_FSTAT, CAP_READ);
79if (cap_rights_limit(fd, &setrights) < 0 && errno != ENOSYS)
80	err(1, "cap_rights_limit() failed");
81
82if (cap_rights_get(fd, &getrights) < 0 && errno != ENOSYS)
83	err(1, "cap_rights_get() failed");
84
85assert(memcmp(&setrights, &getrights, sizeof(setrights)) == 0);
86.Ed
87.Sh ERRORS
88.Fn cap_rights_get
89succeeds unless:
90.Bl -tag -width Er
91.It Bq Er EBADF
92The
93.Fa fd
94argument is not a valid active descriptor.
95.It Bq Er EFAULT
96The
97.Fa rights
98argument points at an invalid address.
99.El
100.Sh SEE ALSO
101.Xr cap_rights_limit 2 ,
102.Xr errno 2 ,
103.Xr open 2 ,
104.Xr assert 3 ,
105.Xr cap_rights_init 3 ,
106.Xr err 3 ,
107.Xr memcmp 3 ,
108.Xr memset 3 ,
109.Xr capsicum 4 ,
110.Xr rights 4
111.Sh HISTORY
112The
113.Fn cap_rights_get
114function first appeared in
115.Fx 9.2 .
116Support for capabilities and capabilities mode was developed as part of the
117.Tn TrustedBSD
118Project.
119.Sh AUTHORS
120This function was created by
121.An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net
122under sponsorship of the FreeBSD Foundation.
123