Index: stable/11/lib/Makefile =================================================================== --- stable/11/lib/Makefile (revision 331433) +++ stable/11/lib/Makefile (revision 331434) @@ -1,326 +1,327 @@ # @(#)Makefile 8.1 (Berkeley) 6/4/93 # $FreeBSD$ .include # The SUBDIR_BOOTSTRAP list is a small set of libraries which are used by many # of the other libraries. These are built first with a .WAIT between them # and the main list to avoid needing a SUBDIR_DEPEND line on every library # naming just these few items. SUBDIR_BOOTSTRAP= \ csu \ .WAIT \ libc \ libc_nonshared \ libcompiler_rt \ ${_libclang_rt} \ ${_libcplusplus} \ ${_libcxxrt} \ libelf \ msun # The main list; please keep these sorted alphabetically. SUBDIR= ${SUBDIR_BOOTSTRAP} \ .WAIT \ libalias \ libarchive \ ${_libatm} \ libauditd \ libbegemot \ ${_libblacklist} \ libblocksruntime \ ${_libbluetooth} \ ${_libbsnmp} \ libbsdstat \ libbsm \ libbz2 \ libcalendar \ libcam \ + libcapsicum \ ${_libcasper} \ ${_libcom_err} \ libcompat \ libcrypt \ libdevctl \ libdevdctl \ libdevinfo \ libdevstat \ libdwarf \ libedit \ ${_libefivar} \ libelftc \ libevent \ libexecinfo \ libexpat \ libfetch \ libfigpar \ libgeom \ ${_libgpio} \ ${_libgssapi} \ ${_librpcsec_gss} \ ${_libiconv_modules} \ libipsec \ libjail \ libkiconv \ libkvm \ ${_libldns} \ liblzma \ ${_libmagic} \ libmemstat \ libmd \ ${_libmilter} \ ${_libmp} \ libmt \ ${_libnandfs} \ lib80211 \ libnetbsd \ ${_libnetgraph} \ ${_libngatm} \ libnv \ libopenbsd \ libopie \ libpam \ libpcap \ ${_libpe} \ libpjdlog \ ${_libpmc} \ ${_libproc} \ libprocstat \ ${_libradius} \ librpcsvc \ librt \ ${_librtld_db} \ libsbuf \ ${_libsdp} \ ${_libsm} \ libsmb \ ${_libsmdb} \ ${_libsmutil} \ libsqlite3 \ libstdbuf \ libstdthreads \ libsysdecode \ libtacplus \ ${_libtelnet} \ ${_libthr} \ libthread_db \ libucl \ libufs \ libugidfw \ libulog \ ${_libunbound} \ ${_libusbhid} \ ${_libusb} \ libutil \ ${_libvgl} \ ${_libvmmapi} \ libwrap \ libxo \ liby \ ${_libypclnt} \ libz \ ncurses \ ${_atf} \ ${_clang} \ ${_cuse} \ ${_tests} # Inter-library dependencies. When the makefile for a library contains LDADD # libraries, those libraries should be listed as build order dependencies here. SUBDIR_DEPEND_libarchive= libz libbz2 libexpat liblzma libmd SUBDIR_DEPEND_libatm= libmd SUBDIR_DEPEND_libauditdm= libbsm SUBDIR_DEPEND_libbsnmp= ${_libnetgraph} SUBDIR_DEPEND_libc++:= libcxxrt SUBDIR_DEPEND_libc= libcompiler_rt SUBDIR_DEPEND_libcam= libsbuf SUBDIR_DEPEND_libcasper= libnv SUBDIR_DEPEND_libdevstat= libkvm SUBDIR_DEPEND_libdpv= libfigpar ncurses libutil SUBDIR_DEPEND_libedit= ncurses SUBDIR_DEPEND_libgeom= libexpat libsbuf SUBDIR_DEPEND_librpcsec_gss= libgssapi SUBDIR_DEPEND_libmagic= libz SUBDIR_DEPEND_libmemstat= libkvm SUBDIR_DEPEND_libopie= libmd SUBDIR_DEPEND_libpam= libcrypt libopie ${_libradius} librpcsvc libtacplus libutil ${_libypclnt} ${_libcom_err} SUBDIR_DEPEND_libpjdlog= libutil SUBDIR_DEPEND_libprocstat= libkvm libutil SUBDIR_DEPEND_libradius= libmd SUBDIR_DEPEND_libsmb= libkiconv SUBDIR_DEPEND_libtacplus= libmd SUBDIR_DEPEND_libulog= libmd SUBDIR_DEPEND_libunbound= ${_libldns} SUBDIR_DEPEND_liblzma= ${_libthr} # NB: keep these sorted by MK_* knobs .if ${MK_ATM} != "no" _libngatm= libngatm .endif .if ${MK_BLACKLIST} != "no" _libblacklist= libblacklist .endif .if ${MK_BLUETOOTH} != "no" _libbluetooth= libbluetooth _libsdp= libsdp .endif .if ${MK_BSNMP} != "no" _libbsnmp= libbsnmp .endif .if ${MK_CASPER} != "no" _libcasper= libcasper .endif .if ${MK_CLANG} != "no" && !defined(COMPAT_32BIT) && !defined(COMPAT_SOFTFP) _clang= clang .endif .if ${MK_CUSE} != "no" _cuse= libcuse .endif .if ${MK_TOOLCHAIN} != "no" _libpe= libpe .endif SUBDIR.${MK_DIALOG}+= libdpv .if ${MK_FILE} != "no" _libmagic= libmagic .endif .if ${MK_GPIO} != "no" _libgpio= libgpio .endif .if ${MK_GSSAPI} != "no" _libgssapi= libgssapi _librpcsec_gss= librpcsec_gss .endif .if ${MK_ICONV} != "no" _libiconv_modules= libiconv_modules .endif .if ${MK_KERBEROS_SUPPORT} != "no" _libcom_err= libcom_err .endif .if ${MK_LDNS} != "no" _libldns= libldns .endif # The libraries under libclang_rt can only be built by clang, and only make # sense to build when clang is enabled at all. Furthermore, they can only be # built for certain architectures. .if ${MK_CLANG} != "no" && ${COMPILER_TYPE} == "clang" && \ (${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "amd64" || \ (${MACHINE_CPUARCH} == "arm" && ${MACHINE_ARCH} != "armeb") || \ (${MACHINE_CPUARCH} == "i386")) _libclang_rt= libclang_rt .endif .if ${MK_LIBCPLUSPLUS} != "no" _libcxxrt= libcxxrt _libcplusplus= libc++ .endif .if ${MK_EFI} != "no" _libefivar= libefivar .endif .if ${MK_LIBTHR} != "no" _libthr= libthr .endif .if ${MK_NAND} != "no" _libnandfs= libnandfs .endif .if ${MK_NETGRAPH} != "no" _libnetgraph= libnetgraph .endif .if ${MK_NIS} != "no" _libypclnt= libypclnt .endif .if ${MACHINE_CPUARCH} == "i386" || ${MACHINE_CPUARCH} == "amd64" _libvgl= libvgl _libproc= libproc _librtld_db= librtld_db .endif .if ${MACHINE_CPUARCH} == "amd64" .if ${MK_BHYVE} != "no" _libvmmapi= libvmmapi .endif .endif .if ${MACHINE_CPUARCH} == "mips" _libproc= libproc _librtld_db= librtld_db .endif .if ${MACHINE_CPUARCH} == "powerpc" _libproc= libproc _librtld_db= librtld_db .endif .if ${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "arm" || \ ${MACHINE_CPUARCH} == "riscv" _libproc= libproc _librtld_db= librtld_db .endif .if ${MK_OPENSSL} != "no" _libmp= libmp .endif .if ${MK_PMC} != "no" _libpmc= libpmc .endif .if ${MK_RADIUS_SUPPORT} != "no" _libradius= libradius .endif .if ${MK_SENDMAIL} != "no" _libmilter= libmilter _libsm= libsm _libsmdb= libsmdb _libsmutil= libsmutil .endif .if ${MK_TELNET} != "no" _libtelnet= libtelnet .endif .if ${MK_TESTS_SUPPORT} != "no" _atf= atf .endif .if ${MK_TESTS} != "no" _tests= tests .endif .if ${MK_UNBOUND} != "no" _libunbound= libunbound .endif .if ${MK_USB} != "no" _libusbhid= libusbhid _libusb= libusb .endif .if !make(install) SUBDIR_PARALLEL= .endif .include Index: stable/11/lib/libcapsicum/Makefile =================================================================== --- stable/11/lib/libcapsicum/Makefile (nonexistent) +++ stable/11/lib/libcapsicum/Makefile (revision 331434) @@ -0,0 +1,17 @@ +# $FreeBSD$ + +PACKAGE=lib${LIB} + +INCS= capsicum_helpers.h + +MAN+= capsicum_helpers.3 + +MLINKS+=capsicum_helpers.3 caph_limit_stream.3 +MLINKS+=capsicum_helpers.3 caph_limit_stdin.3 +MLINKS+=capsicum_helpers.3 caph_limit_stderr.3 +MLINKS+=capsicum_helpers.3 caph_limit_stdout.3 +MLINKS+=capsicum_helpers.3 caph_limit_stdio.3 +MLINKS+=capsicum_helpers.3 caph_cache_tzdata.3 +MLINKS+=capsicum_helpers.3 caph_cache_catpages.3 + +.include Property changes on: stable/11/lib/libcapsicum/Makefile ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11/lib/libcapsicum/Makefile.depend =================================================================== --- stable/11/lib/libcapsicum/Makefile.depend (nonexistent) +++ stable/11/lib/libcapsicum/Makefile.depend (revision 331434) @@ -0,0 +1,11 @@ +# $FreeBSD$ +# Autogenerated - do NOT edit! + +DIRDEPS = \ + + +.include + +.if ${DEP_RELDIR} == ${_DEP_RELDIR} +# local dependencies - needed for -jN in clean tree +.endif Property changes on: stable/11/lib/libcapsicum/Makefile.depend ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11/lib/libcapsicum/capsicum_helpers.3 =================================================================== --- stable/11/lib/libcapsicum/capsicum_helpers.3 (nonexistent) +++ stable/11/lib/libcapsicum/capsicum_helpers.3 (revision 331434) @@ -0,0 +1,111 @@ +.\" Copyright (c) 2016 Mariusz Zaborski +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd October 21, 2016 +.Dt CAPSICUM_HELPERS 3 +.Os +.Sh NAME +.Nm caph_limit_stream , +.Nm caph_limit_stdin , +.Nm caph_limit_stderr , +.Nm caph_limit_stdout , +.Nm caph_limit_stdio , +.Nm caph_cache_tzdata , +.Nm caph_cache_catpages +.Nd "set of the functions , part of the libcapsicum" +.Sh LIBRARY +.Lb libcapsicum +.Sh SYNOPSIS +.In capsicum_helpers.h +.Ft int +.Fn caph_limit_stream "int fd, int flags" +.Ft int +.Fn caph_limit_stdin "void" +.Ft int +.Fn caph_limit_stderr "void" +.Ft int +.Fn caph_limit_stdout "void" +.Ft int +.Fn caph_limit_stdio "void" +.Ft void +.Fn caph_cache_tzdata "void" +.Ft void +.Fn caph_cache_catpages "void" +.Sh DESCRIPTION +The +.Nm capsicum helpers +are a set of a inline functions which simplify modifying programs to use +Capsicum. +The goal is to reduce duplicated code patterns. +The +.Nm capsicum helpers +are part of +.Nm libcapsicum +but there is no need to link to the library. +.Pp +.Fn caph_limit_stream +restricts capabilities on +.Fa fd +to only those needed by POSIX stream objects (that is, FILEs). +.Pp +These flags can be provided: +.Pp +.Bl -tag -width "CAPH_IGNORE_EBADF" -compact -offset indent +.It Dv CAPH_IGNORE_EBADF +Do not return an error if file descriptor is invalid. +.It Dv CAPH_READ +Set CAP_READ on limited descriptor. +.It Dv CAPH_WRITE +Set CAP_WRITE on limited descriptor. +.El +.Pp +.Fn caph_limit_stdin , +.Fn caph_limit_stderr +and +.Fn caph_limit_stdout +limit standard descriptors using the +.Nm caph_limit_stream +function. +.Pp +.Fn caph_limit_stdio +limits stdin, stderr and stdout. +.Pp +.Fn caph_cache_tzdata +precaches all timezone data needed to use +.Li libc +local time functions. +.Pp +.Fn caph_cache_catpages +caches Native Language Support (NLS) data. +NLS data is used for localized error printing by +.Xr strerror 3 +and +.Xr err 3 , +among others. +.Ed +.Sh SEE ALSO +.Xr cap_enter 2 , +.Xr rights 4 Property changes on: stable/11/lib/libcapsicum/capsicum_helpers.3 ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11/lib/libcapsicum/capsicum_helpers.h =================================================================== --- stable/11/lib/libcapsicum/capsicum_helpers.h (nonexistent) +++ stable/11/lib/libcapsicum/capsicum_helpers.h (revision 331434) @@ -0,0 +1,124 @@ +/*- + * Copyright (c) 2016 Mariusz Zaborski + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _CAPSICUM_HELPERS_H_ +#define _CAPSICUM_HELPERS_H_ + +#include +#include + +#include +#include +#include +#include +#include + +#define CAPH_IGNORE_EBADF 0x0001 +#define CAPH_READ 0x0002 +#define CAPH_WRITE 0x0004 +#define CAPH_LOOKUP 0x0008 + +static __inline int +caph_limit_stream(int fd, int flags) +{ + cap_rights_t rights; + unsigned long cmds[] = { TIOCGETA, TIOCGWINSZ }; + + cap_rights_init(&rights, CAP_EVENT, CAP_FCNTL, CAP_FSTAT, + CAP_IOCTL, CAP_SEEK); + + if ((flags & CAPH_READ) != 0) + cap_rights_set(&rights, CAP_READ); + if ((flags & CAPH_WRITE) != 0) + cap_rights_set(&rights, CAP_WRITE); + if ((flags & CAPH_LOOKUP) != 0) + cap_rights_set(&rights, CAP_LOOKUP); + + if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) { + if (errno == EBADF && (flags & CAPH_IGNORE_EBADF) != 0) + return (0); + return (-1); + } + + if (cap_ioctls_limit(fd, cmds, nitems(cmds)) < 0 && errno != ENOSYS) + return (-1); + + if (cap_fcntls_limit(fd, CAP_FCNTL_GETFL) < 0 && errno != ENOSYS) + return (-1); + + return (0); +} + +static __inline int +caph_limit_stdin(void) +{ + + return (caph_limit_stream(STDIN_FILENO, CAPH_READ)); +} + +static __inline int +caph_limit_stderr(void) +{ + + return (caph_limit_stream(STDERR_FILENO, CAPH_WRITE)); +} + +static __inline int +caph_limit_stdout(void) +{ + + return (caph_limit_stream(STDOUT_FILENO, CAPH_WRITE)); +} + +static __inline int +caph_limit_stdio(void) +{ + const int iebadf = CAPH_IGNORE_EBADF; + + if (caph_limit_stream(STDIN_FILENO, CAPH_READ | iebadf) == -1 || + caph_limit_stream(STDOUT_FILENO, CAPH_WRITE | iebadf) == -1 || + caph_limit_stream(STDERR_FILENO, CAPH_WRITE | iebadf) == -1) + return (-1); + return (0); +} + +static __inline void +caph_cache_tzdata(void) +{ + + tzset(); +} + +static __inline void +caph_cache_catpages(void) +{ + + (void)catopen("libc", NL_CAT_LOCALE); +} + +#endif /* _CAPSICUM_HELPERS_H_ */ Property changes on: stable/11/lib/libcapsicum/capsicum_helpers.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11 =================================================================== --- stable/11 (revision 331433) +++ stable/11 (revision 331434) Property changes on: stable/11 ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## Merged /head:r306657,306673,306726,307737,308605,309366,310135,323990,324414