1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2023 The FreeBSD Foundation 5 * 6 * This software was developed by Jake Freeland <jfree@FreeBSD.org> 7 * under sponsorship from the FreeBSD Foundation. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 */ 30 31 #ifndef _SYSLOGD_CAP_H_ 32 #define _SYSLOGD_CAP_H_ 33 34 #include <sys/nv.h> 35 36 #include <libcasper.h> 37 38 #include <casper/cap_net.h> 39 40 #ifdef WITH_CASPER 41 42 #include <sys/capsicum.h> 43 #include <sys/dnv.h> 44 45 #include <capsicum_helpers.h> 46 #include <libcasper_service.h> 47 48 #include <casper/cap_net.h> 49 50 #include "syslogd.h" 51 52 /* 53 * Information used to verify filed integrity when executing outside of the 54 * security sandbox. 55 */ 56 struct cap_filed { 57 size_t idx; 58 char pipe_cmd[MAXPATHLEN]; 59 SLIST_ENTRY(cap_filed) next; 60 }; 61 extern SLIST_HEAD(cfiled_list, cap_filed) cfiled_head; 62 63 int cap_p_open(cap_channel_t *, size_t, const char *, int *); 64 nvlist_t *cap_readconfigfile(cap_channel_t *, const char *); 65 const char *cap_ttymsg(cap_channel_t *, struct iovec *, int, const char *, int); 66 void cap_wallmsg(cap_channel_t *, const struct filed *, struct iovec *, 67 const int); 68 69 int casper_p_open(nvlist_t *, nvlist_t *); 70 int casper_readconfigfile(nvlist_t *, nvlist_t *); 71 int casper_ttymsg(nvlist_t *, nvlist_t *); 72 int casper_wallmsg(nvlist_t *); 73 74 nvlist_t *filed_to_nvlist(const struct filed *); 75 nvlist_t *prop_filter_to_nvlist(const struct prop_filter *pfilter); 76 77 struct filed *nvlist_to_filed(const nvlist_t *); 78 struct prop_filter *nvlist_to_prop_filter(const nvlist_t *nvl_prop_filter); 79 80 #else /* !WITH_CASPER */ 81 82 #define cap_p_open(chan, f_idx, prog, rpd) \ 83 p_open(prog, rpd) 84 #define cap_readconfigfile(chan, cf) \ 85 readconfigfile(cf) 86 #define cap_ttymsg(chan, iov, iovcnt, line, tmout) \ 87 ttymsg(iov, iovcnt, line, tmout) 88 #define cap_wallmsg(chan, f, iov, iovcnt) \ 89 wallmsg(f, iov, iovcnt) 90 91 #endif /* WITH_CASPER */ 92 93 #endif /* !_SYSLOGD_CAP_H_ */ 94