source:
patches/libcap-2.23-uapi-1.patch@
d5f948c
Last change on this file since d5f948c was d4764b6, checked in by , 11 years ago | |
---|---|
|
|
File size: 23.8 KB |
-
Make.Rules
Submitted By: Chris Staub (chris at cross-lfs dot org) Date: 2014-01-05 Initial Package Version: 2.23 Origin: Upstream Upstream Status: Applied Description: Fixes libcap headers to allow other programs to link to libcap diff -Naur libcap-2.23.orig/Make.Rules libcap-2.23/Make.Rules
old new 45 45 46 46 # Compilation specifics 47 47 48 KERNEL_HEADERS := $(topdir)/libcap/include 49 IPATH += -fPIC -I$( topdir)/libcap/include -I$(KERNEL_HEADERS)48 KERNEL_HEADERS := $(topdir)/libcap/include/uapi 49 IPATH += -fPIC -I$(KERNEL_HEADERS) -I$(topdir)/libcap/include 50 50 51 51 CC := gcc 52 52 CFLAGS := -O2 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -
libcap/Makefile
diff -Naur libcap-2.23.orig/libcap/Makefile libcap-2.23/libcap/Makefile
old new 53 53 54 54 cap_names.list.h: Makefile $(KERNEL_HEADERS)/linux/capability.h 55 55 @echo "=> making $@ from $(KERNEL_HEADERS)/linux/capability.h" 56 perl -e 'while ($$l=<>) { if ($$l =~ /^\#define[ \t](CAP[_A-Z]+)[ \t]+([0-9]+)\s+$$/) { $$tok=$$1; $$val=$$2; $$tok =~ tr/A-Z/a-z/; print "{\"$$tok\",$$val},\n"; } }' $(KERNEL_HEADERS)/ uapi/linux/capability.h | fgrep -v 0x > $@56 perl -e 'while ($$l=<>) { if ($$l =~ /^\#define[ \t](CAP[_A-Z]+)[ \t]+([0-9]+)\s+$$/) { $$tok=$$1; $$val=$$2; $$tok =~ tr/A-Z/a-z/; print "{\"$$tok\",$$val},\n"; } }' $(KERNEL_HEADERS)/linux/capability.h | fgrep -v 0x > $@ 57 57 58 58 $(STALIBNAME): $(OBJS) 59 59 $(AR) rcs $@ $^ -
libcap/include/linux/capability.h
diff -Naur libcap-2.23.orig/libcap/include/linux/capability.h libcap-2.23/libcap/include/linux/capability.h
old new 1 /*2 * This is <linux/capability.h>3 *4 * Andrew G. Morgan <morgan@kernel.org>5 * Alexander Kjeldaas <astor@guardian.no>6 * with help from Aleph1, Roland Buresund and Andrew Main.7 *8 * See here for the libcap library ("POSIX draft" compliance):9 *10 * ftp://www.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.6/11 */12 #ifndef _LINUX_CAPABILITY_H13 #define _LINUX_CAPABILITY_H14 15 #include <uapi/linux/capability.h>16 17 18 #define _KERNEL_CAPABILITY_VERSION _LINUX_CAPABILITY_VERSION_319 #define _KERNEL_CAPABILITY_U32S _LINUX_CAPABILITY_U32S_320 21 extern int file_caps_enabled;22 23 typedef struct kernel_cap_struct {24 __u32 cap[_KERNEL_CAPABILITY_U32S];25 } kernel_cap_t;26 27 /* exact same as vfs_cap_data but in cpu endian and always filled completely */28 struct cpu_vfs_cap_data {29 __u32 magic_etc;30 kernel_cap_t permitted;31 kernel_cap_t inheritable;32 };33 34 #define _USER_CAP_HEADER_SIZE (sizeof(struct __user_cap_header_struct))35 #define _KERNEL_CAP_T_SIZE (sizeof(kernel_cap_t))36 37 38 struct file;39 struct inode;40 struct dentry;41 struct user_namespace;42 43 struct user_namespace *current_user_ns(void);44 45 extern const kernel_cap_t __cap_empty_set;46 extern const kernel_cap_t __cap_init_eff_set;47 48 /*49 * Internal kernel functions only50 */51 52 #define CAP_FOR_EACH_U32(__capi) \53 for (__capi = 0; __capi < _KERNEL_CAPABILITY_U32S; ++__capi)54 55 /*56 * CAP_FS_MASK and CAP_NFSD_MASKS:57 *58 * The fs mask is all the privileges that fsuid==0 historically meant.59 * At one time in the past, that included CAP_MKNOD and CAP_LINUX_IMMUTABLE.60 *61 * It has never meant setting security.* and trusted.* xattrs.62 *63 * We could also define fsmask as follows:64 * 1. CAP_FS_MASK is the privilege to bypass all fs-related DAC permissions65 * 2. The security.* and trusted.* xattrs are fs-related MAC permissions66 */67 68 # define CAP_FS_MASK_B0 (CAP_TO_MASK(CAP_CHOWN) \69 | CAP_TO_MASK(CAP_MKNOD) \70 | CAP_TO_MASK(CAP_DAC_OVERRIDE) \71 | CAP_TO_MASK(CAP_DAC_READ_SEARCH) \72 | CAP_TO_MASK(CAP_FOWNER) \73 | CAP_TO_MASK(CAP_FSETID))74 75 # define CAP_FS_MASK_B1 (CAP_TO_MASK(CAP_MAC_OVERRIDE))76 77 #if _KERNEL_CAPABILITY_U32S != 278 # error Fix up hand-coded capability macro initializers79 #else /* HAND-CODED capability initializers */80 81 # define CAP_EMPTY_SET ((kernel_cap_t){{ 0, 0 }})82 # define CAP_FULL_SET ((kernel_cap_t){{ ~0, ~0 }})83 # define CAP_FS_SET ((kernel_cap_t){{ CAP_FS_MASK_B0 \84 | CAP_TO_MASK(CAP_LINUX_IMMUTABLE), \85 CAP_FS_MASK_B1 } })86 # define CAP_NFSD_SET ((kernel_cap_t){{ CAP_FS_MASK_B0 \87 | CAP_TO_MASK(CAP_SYS_RESOURCE), \88 CAP_FS_MASK_B1 } })89 90 #endif /* _KERNEL_CAPABILITY_U32S != 2 */91 92 # define cap_clear(c) do { (c) = __cap_empty_set; } while (0)93 94 #define cap_raise(c, flag) ((c).cap[CAP_TO_INDEX(flag)] |= CAP_TO_MASK(flag))95 #define cap_lower(c, flag) ((c).cap[CAP_TO_INDEX(flag)] &= ~CAP_TO_MASK(flag))96 #define cap_raised(c, flag) ((c).cap[CAP_TO_INDEX(flag)] & CAP_TO_MASK(flag))97 98 #define CAP_BOP_ALL(c, a, b, OP) \99 do { \100 unsigned __capi; \101 CAP_FOR_EACH_U32(__capi) { \102 c.cap[__capi] = a.cap[__capi] OP b.cap[__capi]; \103 } \104 } while (0)105 106 #define CAP_UOP_ALL(c, a, OP) \107 do { \108 unsigned __capi; \109 CAP_FOR_EACH_U32(__capi) { \110 c.cap[__capi] = OP a.cap[__capi]; \111 } \112 } while (0)113 114 static inline kernel_cap_t cap_combine(const kernel_cap_t a,115 const kernel_cap_t b)116 {117 kernel_cap_t dest;118 CAP_BOP_ALL(dest, a, b, |);119 return dest;120 }121 122 static inline kernel_cap_t cap_intersect(const kernel_cap_t a,123 const kernel_cap_t b)124 {125 kernel_cap_t dest;126 CAP_BOP_ALL(dest, a, b, &);127 return dest;128 }129 130 static inline kernel_cap_t cap_drop(const kernel_cap_t a,131 const kernel_cap_t drop)132 {133 kernel_cap_t dest;134 CAP_BOP_ALL(dest, a, drop, &~);135 return dest;136 }137 138 static inline kernel_cap_t cap_invert(const kernel_cap_t c)139 {140 kernel_cap_t dest;141 CAP_UOP_ALL(dest, c, ~);142 return dest;143 }144 145 static inline int cap_isclear(const kernel_cap_t a)146 {147 unsigned __capi;148 CAP_FOR_EACH_U32(__capi) {149 if (a.cap[__capi] != 0)150 return 0;151 }152 return 1;153 }154 155 /*156 * Check if "a" is a subset of "set".157 * return 1 if ALL of the capabilities in "a" are also in "set"158 * cap_issubset(0101, 1111) will return 1159 * return 0 if ANY of the capabilities in "a" are not in "set"160 * cap_issubset(1111, 0101) will return 0161 */162 static inline int cap_issubset(const kernel_cap_t a, const kernel_cap_t set)163 {164 kernel_cap_t dest;165 dest = cap_drop(a, set);166 return cap_isclear(dest);167 }168 169 /* Used to decide between falling back on the old suser() or fsuser(). */170 171 static inline int cap_is_fs_cap(int cap)172 {173 const kernel_cap_t __cap_fs_set = CAP_FS_SET;174 return !!(CAP_TO_MASK(cap) & __cap_fs_set.cap[CAP_TO_INDEX(cap)]);175 }176 177 static inline kernel_cap_t cap_drop_fs_set(const kernel_cap_t a)178 {179 const kernel_cap_t __cap_fs_set = CAP_FS_SET;180 return cap_drop(a, __cap_fs_set);181 }182 183 static inline kernel_cap_t cap_raise_fs_set(const kernel_cap_t a,184 const kernel_cap_t permitted)185 {186 const kernel_cap_t __cap_fs_set = CAP_FS_SET;187 return cap_combine(a,188 cap_intersect(permitted, __cap_fs_set));189 }190 191 static inline kernel_cap_t cap_drop_nfsd_set(const kernel_cap_t a)192 {193 const kernel_cap_t __cap_fs_set = CAP_NFSD_SET;194 return cap_drop(a, __cap_fs_set);195 }196 197 static inline kernel_cap_t cap_raise_nfsd_set(const kernel_cap_t a,198 const kernel_cap_t permitted)199 {200 const kernel_cap_t __cap_nfsd_set = CAP_NFSD_SET;201 return cap_combine(a,202 cap_intersect(permitted, __cap_nfsd_set));203 }204 205 extern bool has_capability(struct task_struct *t, int cap);206 extern bool has_ns_capability(struct task_struct *t,207 struct user_namespace *ns, int cap);208 extern bool has_capability_noaudit(struct task_struct *t, int cap);209 extern bool has_ns_capability_noaudit(struct task_struct *t,210 struct user_namespace *ns, int cap);211 extern bool capable(int cap);212 extern bool ns_capable(struct user_namespace *ns, int cap);213 extern bool inode_capable(const struct inode *inode, int cap);214 extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap);215 216 /* audit system wants to get cap info from files as well */217 extern int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps);218 219 #endif /* !_LINUX_CAPABILITY_H */ -
libcap/include/linux/prctl.h
diff -Naur libcap-2.23.orig/libcap/include/linux/prctl.h libcap-2.23/libcap/include/linux/prctl.h
old new 1 #ifndef _LINUX_PRCTL_H2 #define _LINUX_PRCTL_H3 4 /* Values to pass as first argument to prctl() */5 6 #define PR_SET_PDEATHSIG 1 /* Second arg is a signal */7 #define PR_GET_PDEATHSIG 2 /* Second arg is a ptr to return the signal */8 9 /* Get/set current->mm->dumpable */10 #define PR_GET_DUMPABLE 311 #define PR_SET_DUMPABLE 412 13 /* Get/set unaligned access control bits (if meaningful) */14 #define PR_GET_UNALIGN 515 #define PR_SET_UNALIGN 616 # define PR_UNALIGN_NOPRINT 1 /* silently fix up unaligned user accesses */17 # define PR_UNALIGN_SIGBUS 2 /* generate SIGBUS on unaligned user access */18 19 /* Get/set whether or not to drop capabilities on setuid() away from20 * uid 0 (as per security/commoncap.c) */21 #define PR_GET_KEEPCAPS 722 #define PR_SET_KEEPCAPS 823 24 /* Get/set floating-point emulation control bits (if meaningful) */25 #define PR_GET_FPEMU 926 #define PR_SET_FPEMU 1027 # define PR_FPEMU_NOPRINT 1 /* silently emulate fp operations accesses */28 # define PR_FPEMU_SIGFPE 2 /* don't emulate fp operations, send SIGFPE instead */29 30 /* Get/set floating-point exception mode (if meaningful) */31 #define PR_GET_FPEXC 1132 #define PR_SET_FPEXC 1233 # define PR_FP_EXC_SW_ENABLE 0x80 /* Use FPEXC for FP exception enables */34 # define PR_FP_EXC_DIV 0x010000 /* floating point divide by zero */35 # define PR_FP_EXC_OVF 0x020000 /* floating point overflow */36 # define PR_FP_EXC_UND 0x040000 /* floating point underflow */37 # define PR_FP_EXC_RES 0x080000 /* floating point inexact result */38 # define PR_FP_EXC_INV 0x100000 /* floating point invalid operation */39 # define PR_FP_EXC_DISABLED 0 /* FP exceptions disabled */40 # define PR_FP_EXC_NONRECOV 1 /* async non-recoverable exc. mode */41 # define PR_FP_EXC_ASYNC 2 /* async recoverable exception mode */42 # define PR_FP_EXC_PRECISE 3 /* precise exception mode */43 44 /* Get/set whether we use statistical process timing or accurate timestamp45 * based process timing */46 #define PR_GET_TIMING 1347 #define PR_SET_TIMING 1448 # define PR_TIMING_STATISTICAL 0 /* Normal, traditional,49 statistical process timing */50 # define PR_TIMING_TIMESTAMP 1 /* Accurate timestamp based51 process timing */52 53 #define PR_SET_NAME 15 /* Set process name */54 #define PR_GET_NAME 16 /* Get process name */55 56 /* Get/set process endian */57 #define PR_GET_ENDIAN 1958 #define PR_SET_ENDIAN 2059 # define PR_ENDIAN_BIG 060 # define PR_ENDIAN_LITTLE 1 /* True little endian mode */61 # define PR_ENDIAN_PPC_LITTLE 2 /* "PowerPC" pseudo little endian */62 63 /* Get/set process seccomp mode */64 #define PR_GET_SECCOMP 2165 #define PR_SET_SECCOMP 2266 67 /* Get/set the capability bounding set (as per security/commoncap.c) */68 #define PR_CAPBSET_READ 2369 #define PR_CAPBSET_DROP 2470 71 /* Get/set the process' ability to use the timestamp counter instruction */72 #define PR_GET_TSC 2573 #define PR_SET_TSC 2674 # define PR_TSC_ENABLE 1 /* allow the use of the timestamp counter */75 # define PR_TSC_SIGSEGV 2 /* throw a SIGSEGV instead of reading the TSC */76 77 /* Get/set securebits (as per security/commoncap.c) */78 #define PR_GET_SECUREBITS 2779 #define PR_SET_SECUREBITS 2880 81 /*82 * Get/set the timerslack as used by poll/select/nanosleep83 * A value of 0 means "use default"84 */85 #define PR_SET_TIMERSLACK 2986 #define PR_GET_TIMERSLACK 3087 88 #define PR_TASK_PERF_EVENTS_DISABLE 3189 #define PR_TASK_PERF_EVENTS_ENABLE 3290 91 /*92 * Set early/late kill mode for hwpoison memory corruption.93 * This influences when the process gets killed on a memory corruption.94 */95 #define PR_MCE_KILL 3396 # define PR_MCE_KILL_CLEAR 097 # define PR_MCE_KILL_SET 198 99 # define PR_MCE_KILL_LATE 0100 # define PR_MCE_KILL_EARLY 1101 # define PR_MCE_KILL_DEFAULT 2102 103 #define PR_MCE_KILL_GET 34104 105 #endif /* _LINUX_PRCTL_H */ -
libcap/include/linux/securebits.h
diff -Naur libcap-2.23.orig/libcap/include/linux/securebits.h libcap-2.23/libcap/include/linux/securebits.h
old new 1 #ifndef _LINUX_SECUREBITS_H2 #define _LINUX_SECUREBITS_H 13 4 /* Each securesetting is implemented using two bits. One bit specifies5 whether the setting is on or off. The other bit specify whether the6 setting is locked or not. A setting which is locked cannot be7 changed from user-level. */8 #define issecure_mask(X) (1 << (X))9 #ifdef __KERNEL__10 #define issecure(X) (issecure_mask(X) & current_cred_xxx(securebits))11 #endif12 13 #define SECUREBITS_DEFAULT 0x0000000014 15 /* When set UID 0 has no special privileges. When unset, we support16 inheritance of root-permissions and suid-root executable under17 compatibility mode. We raise the effective and inheritable bitmasks18 *of the executable file* if the effective uid of the new process is19 0. If the real uid is 0, we raise the effective (legacy) bit of the20 executable file. */21 #define SECURE_NOROOT 022 #define SECURE_NOROOT_LOCKED 1 /* make bit-0 immutable */23 24 #define SECBIT_NOROOT (issecure_mask(SECURE_NOROOT))25 #define SECBIT_NOROOT_LOCKED (issecure_mask(SECURE_NOROOT_LOCKED))26 27 /* When set, setuid to/from uid 0 does not trigger capability-"fixup".28 When unset, to provide compatiblility with old programs relying on29 set*uid to gain/lose privilege, transitions to/from uid 0 cause30 capabilities to be gained/lost. */31 #define SECURE_NO_SETUID_FIXUP 232 #define SECURE_NO_SETUID_FIXUP_LOCKED 3 /* make bit-2 immutable */33 34 #define SECBIT_NO_SETUID_FIXUP (issecure_mask(SECURE_NO_SETUID_FIXUP))35 #define SECBIT_NO_SETUID_FIXUP_LOCKED \36 (issecure_mask(SECURE_NO_SETUID_FIXUP_LOCKED))37 38 /* When set, a process can retain its capabilities even after39 transitioning to a non-root user (the set-uid fixup suppressed by40 bit 2). Bit-4 is cleared when a process calls exec(); setting both41 bit 4 and 5 will create a barrier through exec that no exec()'d42 child can use this feature again. */43 #define SECURE_KEEP_CAPS 444 #define SECURE_KEEP_CAPS_LOCKED 5 /* make bit-4 immutable */45 46 #define SECBIT_KEEP_CAPS (issecure_mask(SECURE_KEEP_CAPS))47 #define SECBIT_KEEP_CAPS_LOCKED (issecure_mask(SECURE_KEEP_CAPS_LOCKED))48 49 #define SECURE_ALL_BITS (issecure_mask(SECURE_NOROOT) | \50 issecure_mask(SECURE_NO_SETUID_FIXUP) | \51 issecure_mask(SECURE_KEEP_CAPS))52 #define SECURE_ALL_LOCKS (SECURE_ALL_BITS << 1)53 54 #endif /* !_LINUX_SECUREBITS_H */ -
libcap/include/sys/capability.h
diff -Naur libcap-2.23.orig/libcap/include/sys/capability.h libcap-2.23/libcap/include/sys/capability.h
old new 26 26 #ifndef __user 27 27 #define __user 28 28 #endif 29 #include < uapi/linux/capability.h>29 #include <linux/capability.h> 30 30 #include <linux/xattr.h> 31 31 32 32 /* -
libcap/include/uapi/linux/prctl.h
diff -Naur libcap-2.23.orig/libcap/include/uapi/linux/prctl.h libcap-2.23/libcap/include/uapi/linux/prctl.h
old new 1 #ifndef _LINUX_PRCTL_H 2 #define _LINUX_PRCTL_H 3 4 /* Values to pass as first argument to prctl() */ 5 6 #define PR_SET_PDEATHSIG 1 /* Second arg is a signal */ 7 #define PR_GET_PDEATHSIG 2 /* Second arg is a ptr to return the signal */ 8 9 /* Get/set current->mm->dumpable */ 10 #define PR_GET_DUMPABLE 3 11 #define PR_SET_DUMPABLE 4 12 13 /* Get/set unaligned access control bits (if meaningful) */ 14 #define PR_GET_UNALIGN 5 15 #define PR_SET_UNALIGN 6 16 # define PR_UNALIGN_NOPRINT 1 /* silently fix up unaligned user accesses */ 17 # define PR_UNALIGN_SIGBUS 2 /* generate SIGBUS on unaligned user access */ 18 19 /* Get/set whether or not to drop capabilities on setuid() away from 20 * uid 0 (as per security/commoncap.c) */ 21 #define PR_GET_KEEPCAPS 7 22 #define PR_SET_KEEPCAPS 8 23 24 /* Get/set floating-point emulation control bits (if meaningful) */ 25 #define PR_GET_FPEMU 9 26 #define PR_SET_FPEMU 10 27 # define PR_FPEMU_NOPRINT 1 /* silently emulate fp operations accesses */ 28 # define PR_FPEMU_SIGFPE 2 /* don't emulate fp operations, send SIGFPE instead */ 29 30 /* Get/set floating-point exception mode (if meaningful) */ 31 #define PR_GET_FPEXC 11 32 #define PR_SET_FPEXC 12 33 # define PR_FP_EXC_SW_ENABLE 0x80 /* Use FPEXC for FP exception enables */ 34 # define PR_FP_EXC_DIV 0x010000 /* floating point divide by zero */ 35 # define PR_FP_EXC_OVF 0x020000 /* floating point overflow */ 36 # define PR_FP_EXC_UND 0x040000 /* floating point underflow */ 37 # define PR_FP_EXC_RES 0x080000 /* floating point inexact result */ 38 # define PR_FP_EXC_INV 0x100000 /* floating point invalid operation */ 39 # define PR_FP_EXC_DISABLED 0 /* FP exceptions disabled */ 40 # define PR_FP_EXC_NONRECOV 1 /* async non-recoverable exc. mode */ 41 # define PR_FP_EXC_ASYNC 2 /* async recoverable exception mode */ 42 # define PR_FP_EXC_PRECISE 3 /* precise exception mode */ 43 44 /* Get/set whether we use statistical process timing or accurate timestamp 45 * based process timing */ 46 #define PR_GET_TIMING 13 47 #define PR_SET_TIMING 14 48 # define PR_TIMING_STATISTICAL 0 /* Normal, traditional, 49 statistical process timing */ 50 # define PR_TIMING_TIMESTAMP 1 /* Accurate timestamp based 51 process timing */ 52 53 #define PR_SET_NAME 15 /* Set process name */ 54 #define PR_GET_NAME 16 /* Get process name */ 55 56 /* Get/set process endian */ 57 #define PR_GET_ENDIAN 19 58 #define PR_SET_ENDIAN 20 59 # define PR_ENDIAN_BIG 0 60 # define PR_ENDIAN_LITTLE 1 /* True little endian mode */ 61 # define PR_ENDIAN_PPC_LITTLE 2 /* "PowerPC" pseudo little endian */ 62 63 /* Get/set process seccomp mode */ 64 #define PR_GET_SECCOMP 21 65 #define PR_SET_SECCOMP 22 66 67 /* Get/set the capability bounding set (as per security/commoncap.c) */ 68 #define PR_CAPBSET_READ 23 69 #define PR_CAPBSET_DROP 24 70 71 /* Get/set the process' ability to use the timestamp counter instruction */ 72 #define PR_GET_TSC 25 73 #define PR_SET_TSC 26 74 # define PR_TSC_ENABLE 1 /* allow the use of the timestamp counter */ 75 # define PR_TSC_SIGSEGV 2 /* throw a SIGSEGV instead of reading the TSC */ 76 77 /* Get/set securebits (as per security/commoncap.c) */ 78 #define PR_GET_SECUREBITS 27 79 #define PR_SET_SECUREBITS 28 80 81 /* 82 * Get/set the timerslack as used by poll/select/nanosleep 83 * A value of 0 means "use default" 84 */ 85 #define PR_SET_TIMERSLACK 29 86 #define PR_GET_TIMERSLACK 30 87 88 #define PR_TASK_PERF_EVENTS_DISABLE 31 89 #define PR_TASK_PERF_EVENTS_ENABLE 32 90 91 /* 92 * Set early/late kill mode for hwpoison memory corruption. 93 * This influences when the process gets killed on a memory corruption. 94 */ 95 #define PR_MCE_KILL 33 96 # define PR_MCE_KILL_CLEAR 0 97 # define PR_MCE_KILL_SET 1 98 99 # define PR_MCE_KILL_LATE 0 100 # define PR_MCE_KILL_EARLY 1 101 # define PR_MCE_KILL_DEFAULT 2 102 103 #define PR_MCE_KILL_GET 34 104 105 /* 106 * Tune up process memory map specifics. 107 */ 108 #define PR_SET_MM 35 109 # define PR_SET_MM_START_CODE 1 110 # define PR_SET_MM_END_CODE 2 111 # define PR_SET_MM_START_DATA 3 112 # define PR_SET_MM_END_DATA 4 113 # define PR_SET_MM_START_STACK 5 114 # define PR_SET_MM_START_BRK 6 115 # define PR_SET_MM_BRK 7 116 # define PR_SET_MM_ARG_START 8 117 # define PR_SET_MM_ARG_END 9 118 # define PR_SET_MM_ENV_START 10 119 # define PR_SET_MM_ENV_END 11 120 # define PR_SET_MM_AUXV 12 121 # define PR_SET_MM_EXE_FILE 13 122 123 /* 124 * Set specific pid that is allowed to ptrace the current task. 125 * A value of 0 mean "no process". 126 */ 127 #define PR_SET_PTRACER 0x59616d61 128 # define PR_SET_PTRACER_ANY ((unsigned long)-1) 129 130 #define PR_SET_CHILD_SUBREAPER 36 131 #define PR_GET_CHILD_SUBREAPER 37 132 133 /* 134 * If no_new_privs is set, then operations that grant new privileges (i.e. 135 * execve) will either fail or not grant them. This affects suid/sgid, 136 * file capabilities, and LSMs. 137 * 138 * Operations that merely manipulate or drop existing privileges (setresuid, 139 * capset, etc.) will still work. Drop those privileges if you want them gone. 140 * 141 * Changing LSM security domain is considered a new privilege. So, for example, 142 * asking selinux for a specific new context (e.g. with runcon) will result 143 * in execve returning -EPERM. 144 * 145 * See Documentation/prctl/no_new_privs.txt for more details. 146 */ 147 #define PR_SET_NO_NEW_PRIVS 38 148 #define PR_GET_NO_NEW_PRIVS 39 149 150 #define PR_GET_TID_ADDRESS 40 151 152 #endif /* _LINUX_PRCTL_H */ -
libcap/include/uapi/linux/securebits.h
diff -Naur libcap-2.23.orig/libcap/include/uapi/linux/securebits.h libcap-2.23/libcap/include/uapi/linux/securebits.h
old new 1 #ifndef _UAPI_LINUX_SECUREBITS_H 2 #define _UAPI_LINUX_SECUREBITS_H 3 4 /* Each securesetting is implemented using two bits. One bit specifies 5 whether the setting is on or off. The other bit specify whether the 6 setting is locked or not. A setting which is locked cannot be 7 changed from user-level. */ 8 #define issecure_mask(X) (1 << (X)) 9 10 #define SECUREBITS_DEFAULT 0x00000000 11 12 /* When set UID 0 has no special privileges. When unset, we support 13 inheritance of root-permissions and suid-root executable under 14 compatibility mode. We raise the effective and inheritable bitmasks 15 *of the executable file* if the effective uid of the new process is 16 0. If the real uid is 0, we raise the effective (legacy) bit of the 17 executable file. */ 18 #define SECURE_NOROOT 0 19 #define SECURE_NOROOT_LOCKED 1 /* make bit-0 immutable */ 20 21 #define SECBIT_NOROOT (issecure_mask(SECURE_NOROOT)) 22 #define SECBIT_NOROOT_LOCKED (issecure_mask(SECURE_NOROOT_LOCKED)) 23 24 /* When set, setuid to/from uid 0 does not trigger capability-"fixup". 25 When unset, to provide compatiblility with old programs relying on 26 set*uid to gain/lose privilege, transitions to/from uid 0 cause 27 capabilities to be gained/lost. */ 28 #define SECURE_NO_SETUID_FIXUP 2 29 #define SECURE_NO_SETUID_FIXUP_LOCKED 3 /* make bit-2 immutable */ 30 31 #define SECBIT_NO_SETUID_FIXUP (issecure_mask(SECURE_NO_SETUID_FIXUP)) 32 #define SECBIT_NO_SETUID_FIXUP_LOCKED \ 33 (issecure_mask(SECURE_NO_SETUID_FIXUP_LOCKED)) 34 35 /* When set, a process can retain its capabilities even after 36 transitioning to a non-root user (the set-uid fixup suppressed by 37 bit 2). Bit-4 is cleared when a process calls exec(); setting both 38 bit 4 and 5 will create a barrier through exec that no exec()'d 39 child can use this feature again. */ 40 #define SECURE_KEEP_CAPS 4 41 #define SECURE_KEEP_CAPS_LOCKED 5 /* make bit-4 immutable */ 42 43 #define SECBIT_KEEP_CAPS (issecure_mask(SECURE_KEEP_CAPS)) 44 #define SECBIT_KEEP_CAPS_LOCKED (issecure_mask(SECURE_KEEP_CAPS_LOCKED)) 45 46 #define SECURE_ALL_BITS (issecure_mask(SECURE_NOROOT) | \ 47 issecure_mask(SECURE_NO_SETUID_FIXUP) | \ 48 issecure_mask(SECURE_KEEP_CAPS)) 49 #define SECURE_ALL_LOCKS (SECURE_ALL_BITS << 1) 50 51 #endif /* _UAPI_LINUX_SECUREBITS_H */
Note:
See TracBrowser
for help on using the repository browser.