source: patches/libcap-2.23-uapi-1.patch @ d4764b6

clfs-3.0.0-systemdclfs-3.0.0-sysvinitsystemdsysvinit
Last change on this file since d4764b6 was d4764b6, checked in by Chris Staub <chris@…>, 6 years ago

Add patch to fix libcap

  • Property mode set to 100644
File size: 23.8 KB
  • Make.Rules

    Submitted By: Chris Staub (chris at cross-lfs dot org)
    Date: 2014-01-05
    Initial Package Version: 2.23
    Origin: Upstream
    Upstream Status: Applied
    Description: Fixes libcap headers to allow other programs to link to libcap
    
    diff -Naur libcap-2.23.orig/Make.Rules libcap-2.23/Make.Rules
    old new  
    4545
    4646# Compilation specifics
    4747
    48 KERNEL_HEADERS := $(topdir)/libcap/include
    49 IPATH += -fPIC -I$(topdir)/libcap/include -I$(KERNEL_HEADERS)
     48KERNEL_HEADERS := $(topdir)/libcap/include/uapi
     49IPATH += -fPIC -I$(KERNEL_HEADERS) -I$(topdir)/libcap/include
    5050
    5151CC := gcc
    5252CFLAGS := -O2 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
  • libcap/Makefile

    diff -Naur libcap-2.23.orig/libcap/Makefile libcap-2.23/libcap/Makefile
    old new  
    5353
    5454cap_names.list.h: Makefile $(KERNEL_HEADERS)/linux/capability.h
    5555        @echo "=> making $@ from $(KERNEL_HEADERS)/linux/capability.h"
    56         perl -e 'while ($$l=<>) { if ($$l =~ /^\#define[ \t](CAP[_A-Z]+)[ \t]+([0-9]+)\s+$$/) { $$tok=$$1; $$val=$$2; $$tok =~ tr/A-Z/a-z/; print "{\"$$tok\",$$val},\n"; } }' $(KERNEL_HEADERS)/uapi/linux/capability.h | fgrep -v 0x > $@
     56        perl -e 'while ($$l=<>) { if ($$l =~ /^\#define[ \t](CAP[_A-Z]+)[ \t]+([0-9]+)\s+$$/) { $$tok=$$1; $$val=$$2; $$tok =~ tr/A-Z/a-z/; print "{\"$$tok\",$$val},\n"; } }' $(KERNEL_HEADERS)/linux/capability.h | fgrep -v 0x > $@
    5757
    5858$(STALIBNAME): $(OBJS)
    5959        $(AR) rcs $@ $^
  • libcap/include/linux/capability.h

    diff -Naur libcap-2.23.orig/libcap/include/linux/capability.h libcap-2.23/libcap/include/linux/capability.h
    old new  
    1 /*
    2  * This is <linux/capability.h>
    3  *
    4  * Andrew G. Morgan <morgan@kernel.org>
    5  * Alexander Kjeldaas <astor@guardian.no>
    6  * with help from Aleph1, Roland Buresund and Andrew Main.
    7  *
    8  * See here for the libcap library ("POSIX draft" compliance):
    9  *
    10  * ftp://www.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.6/
    11  */
    12 #ifndef _LINUX_CAPABILITY_H
    13 #define _LINUX_CAPABILITY_H
    14 
    15 #include <uapi/linux/capability.h>
    16 
    17 
    18 #define _KERNEL_CAPABILITY_VERSION _LINUX_CAPABILITY_VERSION_3
    19 #define _KERNEL_CAPABILITY_U32S    _LINUX_CAPABILITY_U32S_3
    20 
    21 extern int file_caps_enabled;
    22 
    23 typedef struct kernel_cap_struct {
    24         __u32 cap[_KERNEL_CAPABILITY_U32S];
    25 } kernel_cap_t;
    26 
    27 /* exact same as vfs_cap_data but in cpu endian and always filled completely */
    28 struct cpu_vfs_cap_data {
    29         __u32 magic_etc;
    30         kernel_cap_t permitted;
    31         kernel_cap_t inheritable;
    32 };
    33 
    34 #define _USER_CAP_HEADER_SIZE  (sizeof(struct __user_cap_header_struct))
    35 #define _KERNEL_CAP_T_SIZE     (sizeof(kernel_cap_t))
    36 
    37 
    38 struct file;
    39 struct inode;
    40 struct dentry;
    41 struct user_namespace;
    42 
    43 struct user_namespace *current_user_ns(void);
    44 
    45 extern const kernel_cap_t __cap_empty_set;
    46 extern const kernel_cap_t __cap_init_eff_set;
    47 
    48 /*
    49  * Internal kernel functions only
    50  */
    51 
    52 #define CAP_FOR_EACH_U32(__capi)  \
    53         for (__capi = 0; __capi < _KERNEL_CAPABILITY_U32S; ++__capi)
    54 
    55 /*
    56  * CAP_FS_MASK and CAP_NFSD_MASKS:
    57  *
    58  * The fs mask is all the privileges that fsuid==0 historically meant.
    59  * At one time in the past, that included CAP_MKNOD and CAP_LINUX_IMMUTABLE.
    60  *
    61  * It has never meant setting security.* and trusted.* xattrs.
    62  *
    63  * We could also define fsmask as follows:
    64  *   1. CAP_FS_MASK is the privilege to bypass all fs-related DAC permissions
    65  *   2. The security.* and trusted.* xattrs are fs-related MAC permissions
    66  */
    67 
    68 # define CAP_FS_MASK_B0     (CAP_TO_MASK(CAP_CHOWN)             \
    69                             | CAP_TO_MASK(CAP_MKNOD)            \
    70                             | CAP_TO_MASK(CAP_DAC_OVERRIDE)     \
    71                             | CAP_TO_MASK(CAP_DAC_READ_SEARCH)  \
    72                             | CAP_TO_MASK(CAP_FOWNER)           \
    73                             | CAP_TO_MASK(CAP_FSETID))
    74 
    75 # define CAP_FS_MASK_B1     (CAP_TO_MASK(CAP_MAC_OVERRIDE))
    76 
    77 #if _KERNEL_CAPABILITY_U32S != 2
    78 # error Fix up hand-coded capability macro initializers
    79 #else /* HAND-CODED capability initializers */
    80 
    81 # define CAP_EMPTY_SET    ((kernel_cap_t){{ 0, 0 }})
    82 # define CAP_FULL_SET     ((kernel_cap_t){{ ~0, ~0 }})
    83 # define CAP_FS_SET       ((kernel_cap_t){{ CAP_FS_MASK_B0 \
    84                                     | CAP_TO_MASK(CAP_LINUX_IMMUTABLE), \
    85                                     CAP_FS_MASK_B1 } })
    86 # define CAP_NFSD_SET     ((kernel_cap_t){{ CAP_FS_MASK_B0 \
    87                                     | CAP_TO_MASK(CAP_SYS_RESOURCE), \
    88                                     CAP_FS_MASK_B1 } })
    89 
    90 #endif /* _KERNEL_CAPABILITY_U32S != 2 */
    91 
    92 # define cap_clear(c)         do { (c) = __cap_empty_set; } while (0)
    93 
    94 #define cap_raise(c, flag)  ((c).cap[CAP_TO_INDEX(flag)] |= CAP_TO_MASK(flag))
    95 #define cap_lower(c, flag)  ((c).cap[CAP_TO_INDEX(flag)] &= ~CAP_TO_MASK(flag))
    96 #define cap_raised(c, flag) ((c).cap[CAP_TO_INDEX(flag)] & CAP_TO_MASK(flag))
    97 
    98 #define CAP_BOP_ALL(c, a, b, OP)                                    \
    99 do {                                                                \
    100         unsigned __capi;                                            \
    101         CAP_FOR_EACH_U32(__capi) {                                  \
    102                 c.cap[__capi] = a.cap[__capi] OP b.cap[__capi];     \
    103         }                                                           \
    104 } while (0)
    105 
    106 #define CAP_UOP_ALL(c, a, OP)                                       \
    107 do {                                                                \
    108         unsigned __capi;                                            \
    109         CAP_FOR_EACH_U32(__capi) {                                  \
    110                 c.cap[__capi] = OP a.cap[__capi];                   \
    111         }                                                           \
    112 } while (0)
    113 
    114 static inline kernel_cap_t cap_combine(const kernel_cap_t a,
    115                                        const kernel_cap_t b)
    116 {
    117         kernel_cap_t dest;
    118         CAP_BOP_ALL(dest, a, b, |);
    119         return dest;
    120 }
    121 
    122 static inline kernel_cap_t cap_intersect(const kernel_cap_t a,
    123                                          const kernel_cap_t b)
    124 {
    125         kernel_cap_t dest;
    126         CAP_BOP_ALL(dest, a, b, &);
    127         return dest;
    128 }
    129 
    130 static inline kernel_cap_t cap_drop(const kernel_cap_t a,
    131                                     const kernel_cap_t drop)
    132 {
    133         kernel_cap_t dest;
    134         CAP_BOP_ALL(dest, a, drop, &~);
    135         return dest;
    136 }
    137 
    138 static inline kernel_cap_t cap_invert(const kernel_cap_t c)
    139 {
    140         kernel_cap_t dest;
    141         CAP_UOP_ALL(dest, c, ~);
    142         return dest;
    143 }
    144 
    145 static inline int cap_isclear(const kernel_cap_t a)
    146 {
    147         unsigned __capi;
    148         CAP_FOR_EACH_U32(__capi) {
    149                 if (a.cap[__capi] != 0)
    150                         return 0;
    151         }
    152         return 1;
    153 }
    154 
    155 /*
    156  * Check if "a" is a subset of "set".
    157  * return 1 if ALL of the capabilities in "a" are also in "set"
    158  *      cap_issubset(0101, 1111) will return 1
    159  * return 0 if ANY of the capabilities in "a" are not in "set"
    160  *      cap_issubset(1111, 0101) will return 0
    161  */
    162 static inline int cap_issubset(const kernel_cap_t a, const kernel_cap_t set)
    163 {
    164         kernel_cap_t dest;
    165         dest = cap_drop(a, set);
    166         return cap_isclear(dest);
    167 }
    168 
    169 /* Used to decide between falling back on the old suser() or fsuser(). */
    170 
    171 static inline int cap_is_fs_cap(int cap)
    172 {
    173         const kernel_cap_t __cap_fs_set = CAP_FS_SET;
    174         return !!(CAP_TO_MASK(cap) & __cap_fs_set.cap[CAP_TO_INDEX(cap)]);
    175 }
    176 
    177 static inline kernel_cap_t cap_drop_fs_set(const kernel_cap_t a)
    178 {
    179         const kernel_cap_t __cap_fs_set = CAP_FS_SET;
    180         return cap_drop(a, __cap_fs_set);
    181 }
    182 
    183 static inline kernel_cap_t cap_raise_fs_set(const kernel_cap_t a,
    184                                             const kernel_cap_t permitted)
    185 {
    186         const kernel_cap_t __cap_fs_set = CAP_FS_SET;
    187         return cap_combine(a,
    188                            cap_intersect(permitted, __cap_fs_set));
    189 }
    190 
    191 static inline kernel_cap_t cap_drop_nfsd_set(const kernel_cap_t a)
    192 {
    193         const kernel_cap_t __cap_fs_set = CAP_NFSD_SET;
    194         return cap_drop(a, __cap_fs_set);
    195 }
    196 
    197 static inline kernel_cap_t cap_raise_nfsd_set(const kernel_cap_t a,
    198                                               const kernel_cap_t permitted)
    199 {
    200         const kernel_cap_t __cap_nfsd_set = CAP_NFSD_SET;
    201         return cap_combine(a,
    202                            cap_intersect(permitted, __cap_nfsd_set));
    203 }
    204 
    205 extern bool has_capability(struct task_struct *t, int cap);
    206 extern bool has_ns_capability(struct task_struct *t,
    207                               struct user_namespace *ns, int cap);
    208 extern bool has_capability_noaudit(struct task_struct *t, int cap);
    209 extern bool has_ns_capability_noaudit(struct task_struct *t,
    210                                       struct user_namespace *ns, int cap);
    211 extern bool capable(int cap);
    212 extern bool ns_capable(struct user_namespace *ns, int cap);
    213 extern bool inode_capable(const struct inode *inode, int cap);
    214 extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap);
    215 
    216 /* audit system wants to get cap info from files as well */
    217 extern int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps);
    218 
    219 #endif /* !_LINUX_CAPABILITY_H */
  • libcap/include/linux/prctl.h

    diff -Naur libcap-2.23.orig/libcap/include/linux/prctl.h libcap-2.23/libcap/include/linux/prctl.h
    old new  
    1 #ifndef _LINUX_PRCTL_H
    2 #define _LINUX_PRCTL_H
    3 
    4 /* Values to pass as first argument to prctl() */
    5 
    6 #define PR_SET_PDEATHSIG  1  /* Second arg is a signal */
    7 #define PR_GET_PDEATHSIG  2  /* Second arg is a ptr to return the signal */
    8 
    9 /* Get/set current->mm->dumpable */
    10 #define PR_GET_DUMPABLE   3
    11 #define PR_SET_DUMPABLE   4
    12 
    13 /* Get/set unaligned access control bits (if meaningful) */
    14 #define PR_GET_UNALIGN    5
    15 #define PR_SET_UNALIGN    6
    16 # define PR_UNALIGN_NOPRINT     1       /* silently fix up unaligned user accesses */
    17 # define PR_UNALIGN_SIGBUS      2       /* generate SIGBUS on unaligned user access */
    18 
    19 /* Get/set whether or not to drop capabilities on setuid() away from
    20  * uid 0 (as per security/commoncap.c) */
    21 #define PR_GET_KEEPCAPS   7
    22 #define PR_SET_KEEPCAPS   8
    23 
    24 /* Get/set floating-point emulation control bits (if meaningful) */
    25 #define PR_GET_FPEMU  9
    26 #define PR_SET_FPEMU 10
    27 # define PR_FPEMU_NOPRINT       1       /* silently emulate fp operations accesses */
    28 # define PR_FPEMU_SIGFPE        2       /* don't emulate fp operations, send SIGFPE instead */
    29 
    30 /* Get/set floating-point exception mode (if meaningful) */
    31 #define PR_GET_FPEXC    11
    32 #define PR_SET_FPEXC    12
    33 # define PR_FP_EXC_SW_ENABLE    0x80    /* Use FPEXC for FP exception enables */
    34 # define PR_FP_EXC_DIV          0x010000        /* floating point divide by zero */
    35 # define PR_FP_EXC_OVF          0x020000        /* floating point overflow */
    36 # define PR_FP_EXC_UND          0x040000        /* floating point underflow */
    37 # define PR_FP_EXC_RES          0x080000        /* floating point inexact result */
    38 # define PR_FP_EXC_INV          0x100000        /* floating point invalid operation */
    39 # define PR_FP_EXC_DISABLED     0       /* FP exceptions disabled */
    40 # define PR_FP_EXC_NONRECOV     1       /* async non-recoverable exc. mode */
    41 # define PR_FP_EXC_ASYNC        2       /* async recoverable exception mode */
    42 # define PR_FP_EXC_PRECISE      3       /* precise exception mode */
    43 
    44 /* Get/set whether we use statistical process timing or accurate timestamp
    45  * based process timing */
    46 #define PR_GET_TIMING   13
    47 #define PR_SET_TIMING   14
    48 # define PR_TIMING_STATISTICAL  0       /* Normal, traditional,
    49                                                    statistical process timing */
    50 # define PR_TIMING_TIMESTAMP    1       /* Accurate timestamp based
    51                                                    process timing */
    52 
    53 #define PR_SET_NAME    15               /* Set process name */
    54 #define PR_GET_NAME    16               /* Get process name */
    55 
    56 /* Get/set process endian */
    57 #define PR_GET_ENDIAN   19
    58 #define PR_SET_ENDIAN   20
    59 # define PR_ENDIAN_BIG          0
    60 # define PR_ENDIAN_LITTLE       1       /* True little endian mode */
    61 # define PR_ENDIAN_PPC_LITTLE   2       /* "PowerPC" pseudo little endian */
    62 
    63 /* Get/set process seccomp mode */
    64 #define PR_GET_SECCOMP  21
    65 #define PR_SET_SECCOMP  22
    66 
    67 /* Get/set the capability bounding set (as per security/commoncap.c) */
    68 #define PR_CAPBSET_READ 23
    69 #define PR_CAPBSET_DROP 24
    70 
    71 /* Get/set the process' ability to use the timestamp counter instruction */
    72 #define PR_GET_TSC 25
    73 #define PR_SET_TSC 26
    74 # define PR_TSC_ENABLE          1       /* allow the use of the timestamp counter */
    75 # define PR_TSC_SIGSEGV         2       /* throw a SIGSEGV instead of reading the TSC */
    76 
    77 /* Get/set securebits (as per security/commoncap.c) */
    78 #define PR_GET_SECUREBITS 27
    79 #define PR_SET_SECUREBITS 28
    80 
    81 /*
    82  * Get/set the timerslack as used by poll/select/nanosleep
    83  * A value of 0 means "use default"
    84  */
    85 #define PR_SET_TIMERSLACK 29
    86 #define PR_GET_TIMERSLACK 30
    87 
    88 #define PR_TASK_PERF_EVENTS_DISABLE             31
    89 #define PR_TASK_PERF_EVENTS_ENABLE              32
    90 
    91 /*
    92  * Set early/late kill mode for hwpoison memory corruption.
    93  * This influences when the process gets killed on a memory corruption.
    94  */
    95 #define PR_MCE_KILL     33
    96 # define PR_MCE_KILL_CLEAR   0
    97 # define PR_MCE_KILL_SET     1
    98 
    99 # define PR_MCE_KILL_LATE    0
    100 # define PR_MCE_KILL_EARLY   1
    101 # define PR_MCE_KILL_DEFAULT 2
    102 
    103 #define PR_MCE_KILL_GET 34
    104 
    105 #endif /* _LINUX_PRCTL_H */
  • libcap/include/linux/securebits.h

    diff -Naur libcap-2.23.orig/libcap/include/linux/securebits.h libcap-2.23/libcap/include/linux/securebits.h
    old new  
    1 #ifndef _LINUX_SECUREBITS_H
    2 #define _LINUX_SECUREBITS_H 1
    3 
    4 /* Each securesetting is implemented using two bits. One bit specifies
    5    whether the setting is on or off. The other bit specify whether the
    6    setting is locked or not. A setting which is locked cannot be
    7    changed from user-level. */
    8 #define issecure_mask(X)        (1 << (X))
    9 #ifdef __KERNEL__
    10 #define issecure(X)             (issecure_mask(X) & current_cred_xxx(securebits))
    11 #endif
    12 
    13 #define SECUREBITS_DEFAULT 0x00000000
    14 
    15 /* When set UID 0 has no special privileges. When unset, we support
    16    inheritance of root-permissions and suid-root executable under
    17    compatibility mode. We raise the effective and inheritable bitmasks
    18    *of the executable file* if the effective uid of the new process is
    19    0. If the real uid is 0, we raise the effective (legacy) bit of the
    20    executable file. */
    21 #define SECURE_NOROOT                   0
    22 #define SECURE_NOROOT_LOCKED            1  /* make bit-0 immutable */
    23 
    24 #define SECBIT_NOROOT           (issecure_mask(SECURE_NOROOT))
    25 #define SECBIT_NOROOT_LOCKED    (issecure_mask(SECURE_NOROOT_LOCKED))
    26 
    27 /* When set, setuid to/from uid 0 does not trigger capability-"fixup".
    28    When unset, to provide compatiblility with old programs relying on
    29    set*uid to gain/lose privilege, transitions to/from uid 0 cause
    30    capabilities to be gained/lost. */
    31 #define SECURE_NO_SETUID_FIXUP          2
    32 #define SECURE_NO_SETUID_FIXUP_LOCKED   3  /* make bit-2 immutable */
    33 
    34 #define SECBIT_NO_SETUID_FIXUP  (issecure_mask(SECURE_NO_SETUID_FIXUP))
    35 #define SECBIT_NO_SETUID_FIXUP_LOCKED \
    36                         (issecure_mask(SECURE_NO_SETUID_FIXUP_LOCKED))
    37 
    38 /* When set, a process can retain its capabilities even after
    39    transitioning to a non-root user (the set-uid fixup suppressed by
    40    bit 2). Bit-4 is cleared when a process calls exec(); setting both
    41    bit 4 and 5 will create a barrier through exec that no exec()'d
    42    child can use this feature again. */
    43 #define SECURE_KEEP_CAPS                4
    44 #define SECURE_KEEP_CAPS_LOCKED         5  /* make bit-4 immutable */
    45 
    46 #define SECBIT_KEEP_CAPS        (issecure_mask(SECURE_KEEP_CAPS))
    47 #define SECBIT_KEEP_CAPS_LOCKED (issecure_mask(SECURE_KEEP_CAPS_LOCKED))
    48 
    49 #define SECURE_ALL_BITS         (issecure_mask(SECURE_NOROOT) | \
    50                                  issecure_mask(SECURE_NO_SETUID_FIXUP) | \
    51                                  issecure_mask(SECURE_KEEP_CAPS))
    52 #define SECURE_ALL_LOCKS        (SECURE_ALL_BITS << 1)
    53 
    54 #endif /* !_LINUX_SECUREBITS_H */
  • libcap/include/sys/capability.h

    diff -Naur libcap-2.23.orig/libcap/include/sys/capability.h libcap-2.23/libcap/include/sys/capability.h
    old new  
    2626#ifndef __user
    2727#define __user
    2828#endif
    29 #include <uapi/linux/capability.h>
     29#include <linux/capability.h>
    3030#include <linux/xattr.h>
    3131
    3232/*
  • libcap/include/uapi/linux/prctl.h

    diff -Naur libcap-2.23.orig/libcap/include/uapi/linux/prctl.h libcap-2.23/libcap/include/uapi/linux/prctl.h
    old new  
     1#ifndef _LINUX_PRCTL_H
     2#define _LINUX_PRCTL_H
     3
     4/* Values to pass as first argument to prctl() */
     5
     6#define PR_SET_PDEATHSIG  1  /* Second arg is a signal */
     7#define PR_GET_PDEATHSIG  2  /* Second arg is a ptr to return the signal */
     8
     9/* Get/set current->mm->dumpable */
     10#define PR_GET_DUMPABLE   3
     11#define PR_SET_DUMPABLE   4
     12
     13/* Get/set unaligned access control bits (if meaningful) */
     14#define PR_GET_UNALIGN    5
     15#define PR_SET_UNALIGN    6
     16# define PR_UNALIGN_NOPRINT     1       /* silently fix up unaligned user accesses */
     17# define PR_UNALIGN_SIGBUS      2       /* generate SIGBUS on unaligned user access */
     18
     19/* Get/set whether or not to drop capabilities on setuid() away from
     20 * uid 0 (as per security/commoncap.c) */
     21#define PR_GET_KEEPCAPS   7
     22#define PR_SET_KEEPCAPS   8
     23
     24/* Get/set floating-point emulation control bits (if meaningful) */
     25#define PR_GET_FPEMU  9
     26#define PR_SET_FPEMU 10
     27# define PR_FPEMU_NOPRINT       1       /* silently emulate fp operations accesses */
     28# define PR_FPEMU_SIGFPE        2       /* don't emulate fp operations, send SIGFPE instead */
     29
     30/* Get/set floating-point exception mode (if meaningful) */
     31#define PR_GET_FPEXC    11
     32#define PR_SET_FPEXC    12
     33# define PR_FP_EXC_SW_ENABLE    0x80    /* Use FPEXC for FP exception enables */
     34# define PR_FP_EXC_DIV          0x010000        /* floating point divide by zero */
     35# define PR_FP_EXC_OVF          0x020000        /* floating point overflow */
     36# define PR_FP_EXC_UND          0x040000        /* floating point underflow */
     37# define PR_FP_EXC_RES          0x080000        /* floating point inexact result */
     38# define PR_FP_EXC_INV          0x100000        /* floating point invalid operation */
     39# define PR_FP_EXC_DISABLED     0       /* FP exceptions disabled */
     40# define PR_FP_EXC_NONRECOV     1       /* async non-recoverable exc. mode */
     41# define PR_FP_EXC_ASYNC        2       /* async recoverable exception mode */
     42# define PR_FP_EXC_PRECISE      3       /* precise exception mode */
     43
     44/* Get/set whether we use statistical process timing or accurate timestamp
     45 * based process timing */
     46#define PR_GET_TIMING   13
     47#define PR_SET_TIMING   14
     48# define PR_TIMING_STATISTICAL  0       /* Normal, traditional,
     49                                                   statistical process timing */
     50# define PR_TIMING_TIMESTAMP    1       /* Accurate timestamp based
     51                                                   process timing */
     52
     53#define PR_SET_NAME    15               /* Set process name */
     54#define PR_GET_NAME    16               /* Get process name */
     55
     56/* Get/set process endian */
     57#define PR_GET_ENDIAN   19
     58#define PR_SET_ENDIAN   20
     59# define PR_ENDIAN_BIG          0
     60# define PR_ENDIAN_LITTLE       1       /* True little endian mode */
     61# define PR_ENDIAN_PPC_LITTLE   2       /* "PowerPC" pseudo little endian */
     62
     63/* Get/set process seccomp mode */
     64#define PR_GET_SECCOMP  21
     65#define PR_SET_SECCOMP  22
     66
     67/* Get/set the capability bounding set (as per security/commoncap.c) */
     68#define PR_CAPBSET_READ 23
     69#define PR_CAPBSET_DROP 24
     70
     71/* Get/set the process' ability to use the timestamp counter instruction */
     72#define PR_GET_TSC 25
     73#define PR_SET_TSC 26
     74# define PR_TSC_ENABLE          1       /* allow the use of the timestamp counter */
     75# define PR_TSC_SIGSEGV         2       /* throw a SIGSEGV instead of reading the TSC */
     76
     77/* Get/set securebits (as per security/commoncap.c) */
     78#define PR_GET_SECUREBITS 27
     79#define PR_SET_SECUREBITS 28
     80
     81/*
     82 * Get/set the timerslack as used by poll/select/nanosleep
     83 * A value of 0 means "use default"
     84 */
     85#define PR_SET_TIMERSLACK 29
     86#define PR_GET_TIMERSLACK 30
     87
     88#define PR_TASK_PERF_EVENTS_DISABLE             31
     89#define PR_TASK_PERF_EVENTS_ENABLE              32
     90
     91/*
     92 * Set early/late kill mode for hwpoison memory corruption.
     93 * This influences when the process gets killed on a memory corruption.
     94 */
     95#define PR_MCE_KILL     33
     96# define PR_MCE_KILL_CLEAR   0
     97# define PR_MCE_KILL_SET     1
     98
     99# define PR_MCE_KILL_LATE    0
     100# define PR_MCE_KILL_EARLY   1
     101# define PR_MCE_KILL_DEFAULT 2
     102
     103#define PR_MCE_KILL_GET 34
     104
     105/*
     106 * Tune up process memory map specifics.
     107 */
     108#define PR_SET_MM               35
     109# define PR_SET_MM_START_CODE           1
     110# define PR_SET_MM_END_CODE             2
     111# define PR_SET_MM_START_DATA           3
     112# define PR_SET_MM_END_DATA             4
     113# define PR_SET_MM_START_STACK          5
     114# define PR_SET_MM_START_BRK            6
     115# define PR_SET_MM_BRK                  7
     116# define PR_SET_MM_ARG_START            8
     117# define PR_SET_MM_ARG_END              9
     118# define PR_SET_MM_ENV_START            10
     119# define PR_SET_MM_ENV_END              11
     120# define PR_SET_MM_AUXV                 12
     121# define PR_SET_MM_EXE_FILE             13
     122
     123/*
     124 * Set specific pid that is allowed to ptrace the current task.
     125 * A value of 0 mean "no process".
     126 */
     127#define PR_SET_PTRACER 0x59616d61
     128# define PR_SET_PTRACER_ANY ((unsigned long)-1)
     129
     130#define PR_SET_CHILD_SUBREAPER  36
     131#define PR_GET_CHILD_SUBREAPER  37
     132
     133/*
     134 * If no_new_privs is set, then operations that grant new privileges (i.e.
     135 * execve) will either fail or not grant them.  This affects suid/sgid,
     136 * file capabilities, and LSMs.
     137 *
     138 * Operations that merely manipulate or drop existing privileges (setresuid,
     139 * capset, etc.) will still work.  Drop those privileges if you want them gone.
     140 *
     141 * Changing LSM security domain is considered a new privilege.  So, for example,
     142 * asking selinux for a specific new context (e.g. with runcon) will result
     143 * in execve returning -EPERM.
     144 *
     145 * See Documentation/prctl/no_new_privs.txt for more details.
     146 */
     147#define PR_SET_NO_NEW_PRIVS     38
     148#define PR_GET_NO_NEW_PRIVS     39
     149
     150#define PR_GET_TID_ADDRESS      40
     151
     152#endif /* _LINUX_PRCTL_H */
  • libcap/include/uapi/linux/securebits.h

    diff -Naur libcap-2.23.orig/libcap/include/uapi/linux/securebits.h libcap-2.23/libcap/include/uapi/linux/securebits.h
    old new  
     1#ifndef _UAPI_LINUX_SECUREBITS_H
     2#define _UAPI_LINUX_SECUREBITS_H
     3
     4/* Each securesetting is implemented using two bits. One bit specifies
     5   whether the setting is on or off. The other bit specify whether the
     6   setting is locked or not. A setting which is locked cannot be
     7   changed from user-level. */
     8#define issecure_mask(X)        (1 << (X))
     9
     10#define SECUREBITS_DEFAULT 0x00000000
     11
     12/* When set UID 0 has no special privileges. When unset, we support
     13   inheritance of root-permissions and suid-root executable under
     14   compatibility mode. We raise the effective and inheritable bitmasks
     15   *of the executable file* if the effective uid of the new process is
     16   0. If the real uid is 0, we raise the effective (legacy) bit of the
     17   executable file. */
     18#define SECURE_NOROOT                   0
     19#define SECURE_NOROOT_LOCKED            1  /* make bit-0 immutable */
     20
     21#define SECBIT_NOROOT           (issecure_mask(SECURE_NOROOT))
     22#define SECBIT_NOROOT_LOCKED    (issecure_mask(SECURE_NOROOT_LOCKED))
     23
     24/* When set, setuid to/from uid 0 does not trigger capability-"fixup".
     25   When unset, to provide compatiblility with old programs relying on
     26   set*uid to gain/lose privilege, transitions to/from uid 0 cause
     27   capabilities to be gained/lost. */
     28#define SECURE_NO_SETUID_FIXUP          2
     29#define SECURE_NO_SETUID_FIXUP_LOCKED   3  /* make bit-2 immutable */
     30
     31#define SECBIT_NO_SETUID_FIXUP  (issecure_mask(SECURE_NO_SETUID_FIXUP))
     32#define SECBIT_NO_SETUID_FIXUP_LOCKED \
     33                        (issecure_mask(SECURE_NO_SETUID_FIXUP_LOCKED))
     34
     35/* When set, a process can retain its capabilities even after
     36   transitioning to a non-root user (the set-uid fixup suppressed by
     37   bit 2). Bit-4 is cleared when a process calls exec(); setting both
     38   bit 4 and 5 will create a barrier through exec that no exec()'d
     39   child can use this feature again. */
     40#define SECURE_KEEP_CAPS                4
     41#define SECURE_KEEP_CAPS_LOCKED         5  /* make bit-4 immutable */
     42
     43#define SECBIT_KEEP_CAPS        (issecure_mask(SECURE_KEEP_CAPS))
     44#define SECBIT_KEEP_CAPS_LOCKED (issecure_mask(SECURE_KEEP_CAPS_LOCKED))
     45
     46#define SECURE_ALL_BITS         (issecure_mask(SECURE_NOROOT) | \
     47                                 issecure_mask(SECURE_NO_SETUID_FIXUP) | \
     48                                 issecure_mask(SECURE_KEEP_CAPS))
     49#define SECURE_ALL_LOCKS        (SECURE_ALL_BITS << 1)
     50
     51#endif /* _UAPI_LINUX_SECUREBITS_H */
Note: See TracBrowser for help on using the repository browser.