diff options
| author | qrort <[email protected]> | 2022-12-02 11:31:25 +0300 |
|---|---|---|
| committer | qrort <[email protected]> | 2022-12-02 11:31:25 +0300 |
| commit | b1f4ffc9c8abff3ba58dc1ec9a9f92d2f0de6806 (patch) | |
| tree | 2a23209faf0fea5586a6d4b9cee60d1b318d29fe /contrib/libs/libcap | |
| parent | 559174a9144de40d6bb3997ea4073c82289b4974 (diff) | |
remove kikimr/driver DEPENDS
Diffstat (limited to 'contrib/libs/libcap')
| -rw-r--r-- | contrib/libs/libcap/License | 385 | ||||
| -rw-r--r-- | contrib/libs/libcap/cap_alloc.c | 139 | ||||
| -rw-r--r-- | contrib/libs/libcap/cap_extint.c | 123 | ||||
| -rw-r--r-- | contrib/libs/libcap/cap_file.c | 332 | ||||
| -rw-r--r-- | contrib/libs/libcap/cap_flag.c | 150 | ||||
| -rw-r--r-- | contrib/libs/libcap/cap_names.h | 51 | ||||
| -rw-r--r-- | contrib/libs/libcap/cap_proc.c | 126 | ||||
| -rw-r--r-- | contrib/libs/libcap/cap_text.c | 429 | ||||
| -rw-r--r-- | contrib/libs/libcap/include/sys/capability.h | 126 | ||||
| -rw-r--r-- | contrib/libs/libcap/libcap.h | 209 |
10 files changed, 0 insertions, 2070 deletions
diff --git a/contrib/libs/libcap/License b/contrib/libs/libcap/License deleted file mode 100644 index 8a352bc5bdb..00000000000 --- a/contrib/libs/libcap/License +++ /dev/null @@ -1,385 +0,0 @@ -Unless otherwise *explicitly* stated, the following text describes the -licensed conditions under which the contents of this libcap release -may be used and distributed: - -------------------------------------------------------------------------- -Redistribution and use in source and binary forms of libcap, with -or without modification, are permitted provided that the following -conditions are met: - -1. Redistributions of source code must retain any existing copyright - notice, and this entire permission notice in its entirety, - including the disclaimer of warranties. - -2. Redistributions in binary form must reproduce all prior and current - copyright notices, this list of conditions, and the following - disclaimer in the documentation and/or other materials provided - with the distribution. - -3. The name of any author may not be used to endorse or promote - products derived from this software without their specific prior - written permission. - -ALTERNATIVELY, this product may be distributed under the terms of the -GNU General Public License (v2.0 - see below), in which case the -provisions of the GNU GPL are required INSTEAD OF the above -restrictions. (This clause is necessary due to a potential conflict -between the GNU GPL and the restrictions contained in a BSD-style -copyright.) - -THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS -OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR -TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH -DAMAGE. -------------------------------------------------------------------------- - -------------------------- -Full text of gpl-2.0.txt: -------------------------- - - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Lesser General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - <one line to give the program's name and a brief idea of what it does.> - Copyright (C) <year> <name of author> - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - <signature of Ty Coon>, 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. diff --git a/contrib/libs/libcap/cap_alloc.c b/contrib/libs/libcap/cap_alloc.c deleted file mode 100644 index 525ea903619..00000000000 --- a/contrib/libs/libcap/cap_alloc.c +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 1997-8 Andrew G Morgan <[email protected]> - * - * This file deals with allocation and deallocation of internal - * capability sets as specified by POSIX.1e (formerlly, POSIX 6). - */ - -#include "libcap.h" - -/* - * Obtain a blank set of capabilities - */ - -cap_t cap_init(void) -{ - __u32 *raw_data; - cap_t result; - - raw_data = malloc( sizeof(__u32) + sizeof(*result) ); - - if (raw_data == NULL) { - _cap_debug("out of memory"); - errno = ENOMEM; - return NULL; - } - - *raw_data = CAP_T_MAGIC; - result = (cap_t) (raw_data + 1); - memset(result, 0, sizeof(*result)); - - result->head.version = _LIBCAP_CAPABILITY_VERSION; - capget(&result->head, NULL); /* load the kernel-capability version */ - - switch (result->head.version) { -#ifdef _LINUX_CAPABILITY_VERSION_1 - case _LINUX_CAPABILITY_VERSION_1: - break; -#endif -#ifdef _LINUX_CAPABILITY_VERSION_2 - case _LINUX_CAPABILITY_VERSION_2: - break; -#endif -#ifdef _LINUX_CAPABILITY_VERSION_3 - case _LINUX_CAPABILITY_VERSION_3: - break; -#endif - default: /* No idea what to do */ - cap_free(result); - result = NULL; - break; - } - - return result; -} - -/* - * This is an internal library function to duplicate a string and - * tag the result as something cap_free can handle. - */ - -char *_libcap_strdup(const char *old) -{ - __u32 *raw_data; - - if (old == NULL) { - errno = EINVAL; - return NULL; - } - - raw_data = malloc( sizeof(__u32) + strlen(old) + 1 ); - if (raw_data == NULL) { - errno = ENOMEM; - return NULL; - } - - *(raw_data++) = CAP_S_MAGIC; - strcpy((char *) raw_data, old); - - return ((char *) raw_data); -} - -/* - * This function duplicates an internal capability set with - * malloc()'d memory. It is the responsibility of the user to call - * cap_free() to liberate it. - */ - -cap_t cap_dup(cap_t cap_d) -{ - cap_t result; - - if (!good_cap_t(cap_d)) { - _cap_debug("bad argument"); - errno = EINVAL; - return NULL; - } - - result = cap_init(); - if (result == NULL) { - _cap_debug("out of memory"); - return NULL; - } - - memcpy(result, cap_d, sizeof(*cap_d)); - - return result; -} - - -/* - * Scrub and then liberate an internal capability set. - */ - -int cap_free(void *data_p) -{ - if ( !data_p ) - return 0; - - if ( good_cap_t(data_p) ) { - data_p = -1 + (__u32 *) data_p; - memset(data_p, 0, sizeof(__u32) + sizeof(struct _cap_struct)); - free(data_p); - data_p = NULL; - return 0; - } - - if ( good_cap_string(data_p) ) { - size_t length = strlen(data_p) + sizeof(__u32); - data_p = -1 + (__u32 *) data_p; - memset(data_p, 0, length); - free(data_p); - data_p = NULL; - return 0; - } - - _cap_debug("don't recognize what we're supposed to liberate"); - errno = EINVAL; - return -1; -} diff --git a/contrib/libs/libcap/cap_extint.c b/contrib/libs/libcap/cap_extint.c deleted file mode 100644 index 7d6e7ade05e..00000000000 --- a/contrib/libs/libcap/cap_extint.c +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (c) 1997-8 Andrew G Morgan <[email protected]> - * - * This file deals with exchanging internal and external - * representations of capability sets. - */ - -#include "libcap.h" - -/* - * External representation for capabilities. (exported as a fixed - * length) - */ -#define CAP_EXT_MAGIC "\220\302\001\121" -#define CAP_EXT_MAGIC_SIZE 4 -const static __u8 external_magic[CAP_EXT_MAGIC_SIZE+1] = CAP_EXT_MAGIC; - -struct cap_ext_struct { - __u8 magic[CAP_EXT_MAGIC_SIZE]; - __u8 length_of_capset; - /* - * note, we arrange these so the caps are stacked with byte-size - * resolution - */ - __u8 bytes[CAP_SET_SIZE][NUMBER_OF_CAP_SETS]; -}; - -/* - * return size of external capability set - */ - -ssize_t cap_size(cap_t caps) -{ - return ssizeof(struct cap_ext_struct); -} - -/* - * Copy the internal (cap_d) capability set into an external - * representation. The external representation is portable to other - * Linux architectures. - */ - -ssize_t cap_copy_ext(void *cap_ext, cap_t cap_d, ssize_t length) -{ - struct cap_ext_struct *result = (struct cap_ext_struct *) cap_ext; - int i; - - /* valid arguments? */ - if (!good_cap_t(cap_d) || length < ssizeof(struct cap_ext_struct) - || cap_ext == NULL) { - errno = EINVAL; - return -1; - } - - /* fill external capability set */ - memcpy(&result->magic, external_magic, CAP_EXT_MAGIC_SIZE); - result->length_of_capset = CAP_SET_SIZE; - - for (i=0; i<NUMBER_OF_CAP_SETS; ++i) { - size_t j; - for (j=0; j<CAP_SET_SIZE; ) { - __u32 val; - - val = cap_d->u[j/sizeof(__u32)].flat[i]; - - result->bytes[j++][i] = val & 0xFF; - result->bytes[j++][i] = (val >>= 8) & 0xFF; - result->bytes[j++][i] = (val >>= 8) & 0xFF; - result->bytes[j++][i] = (val >> 8) & 0xFF; - } - } - - /* All done: return length of external representation */ - return (ssizeof(struct cap_ext_struct)); -} - -/* - * Import an external representation to produce an internal rep. - * the internal rep should be liberated with cap_free(). - */ - -cap_t cap_copy_int(const void *cap_ext) -{ - const struct cap_ext_struct *export = - (const struct cap_ext_struct *) cap_ext; - cap_t cap_d; - int set, blen; - - /* Does the external representation make sense? */ - if ((export == NULL) - || memcmp(export->magic, external_magic, CAP_EXT_MAGIC_SIZE)) { - errno = EINVAL; - return NULL; - } - - /* Obtain a new internal capability set */ - if (!(cap_d = cap_init())) - return NULL; - - blen = export->length_of_capset; - for (set=0; set<NUMBER_OF_CAP_SETS; ++set) { - unsigned blk; - int bno = 0; - for (blk=0; blk<(CAP_SET_SIZE/sizeof(__u32)); ++blk) { - __u32 val = 0; - - if (bno != blen) - val = export->bytes[bno++][set]; - if (bno != blen) - val |= export->bytes[bno++][set] << 8; - if (bno != blen) - val |= export->bytes[bno++][set] << 16; - if (bno != blen) - val |= export->bytes[bno++][set] << 24; - - cap_d->u[blk].flat[set] = val; - } - } - - /* all done */ - return cap_d; -} - diff --git a/contrib/libs/libcap/cap_file.c b/contrib/libs/libcap/cap_file.c deleted file mode 100644 index 40756ea46a2..00000000000 --- a/contrib/libs/libcap/cap_file.c +++ /dev/null @@ -1,332 +0,0 @@ -/* - * Copyright (c) 1997,2007,2016 Andrew G Morgan <[email protected]> - * - * This file deals with setting capabilities on files. - */ - -#include <sys/types.h> -#include <byteswap.h> -#include <sys/stat.h> -#include <unistd.h> -#include <linux/xattr.h> - -/* - * We hardcode the prototypes for the Linux system calls here since - * there are no libcap library APIs that expose the user to these - * details, and that way we don't need to foce clients to link any - * other libraries to access them. - */ -extern ssize_t getxattr(const char *, const char *, void *, size_t); -extern ssize_t fgetxattr(int, const char *, void *, size_t); -extern int setxattr(const char *, const char *, const void *, size_t, int); -extern int fsetxattr(int, const char *, const void *, size_t, int); -extern int removexattr(const char *, const char *); -extern int fremovexattr(int, const char *); - -#include "libcap.h" - -#ifdef VFS_CAP_U32 - -#if VFS_CAP_U32 != __CAP_BLKS -# error VFS representation of capabilities is not the same size as kernel -#endif - -#if __BYTE_ORDER == __BIG_ENDIAN -#define FIXUP_32BITS(x) bswap_32(x) -#else -#define FIXUP_32BITS(x) (x) -#endif - -static cap_t _fcaps_load(struct vfs_cap_data *rawvfscap, cap_t result, - int bytes) -{ - __u32 magic_etc; - unsigned tocopy, i; - - magic_etc = FIXUP_32BITS(rawvfscap->magic_etc); - switch (magic_etc & VFS_CAP_REVISION_MASK) { -#ifdef VFS_CAP_REVISION_1 - case VFS_CAP_REVISION_1: - tocopy = VFS_CAP_U32_1; - bytes -= XATTR_CAPS_SZ_1; - break; -#endif - -#ifdef VFS_CAP_REVISION_2 - case VFS_CAP_REVISION_2: - tocopy = VFS_CAP_U32_2; - bytes -= XATTR_CAPS_SZ_2; - break; -#endif - - default: - cap_free(result); - result = NULL; - return result; - } - - /* - * Verify that we loaded exactly the right number of bytes - */ - if (bytes != 0) { - cap_free(result); - result = NULL; - return result; - } - - for (i=0; i < tocopy; i++) { - result->u[i].flat[CAP_INHERITABLE] - = FIXUP_32BITS(rawvfscap->data[i].inheritable); - result->u[i].flat[CAP_PERMITTED] - = FIXUP_32BITS(rawvfscap->data[i].permitted); - if (magic_etc & VFS_CAP_FLAGS_EFFECTIVE) { - result->u[i].flat[CAP_EFFECTIVE] - = result->u[i].flat[CAP_INHERITABLE] - | result->u[i].flat[CAP_PERMITTED]; - } - } - while (i < __CAP_BLKS) { - result->u[i].flat[CAP_INHERITABLE] - = result->u[i].flat[CAP_PERMITTED] - = result->u[i].flat[CAP_EFFECTIVE] = 0; - i++; - } - - return result; -} - -static int _fcaps_save(struct vfs_cap_data *rawvfscap, cap_t cap_d, - int *bytes_p) -{ - __u32 eff_not_zero, magic; - unsigned tocopy, i; - - if (!good_cap_t(cap_d)) { - errno = EINVAL; - return -1; - } - - switch (cap_d->head.version) { -#ifdef _LINUX_CAPABILITY_VERSION_1 - case _LINUX_CAPABILITY_VERSION_1: - magic = VFS_CAP_REVISION_1; - tocopy = VFS_CAP_U32_1; - *bytes_p = XATTR_CAPS_SZ_1; - break; -#endif - -#ifdef _LINUX_CAPABILITY_VERSION_2 - case _LINUX_CAPABILITY_VERSION_2: - magic = VFS_CAP_REVISION_2; - tocopy = VFS_CAP_U32_2; - *bytes_p = XATTR_CAPS_SZ_2; - break; -#endif - -#ifdef _LINUX_CAPABILITY_VERSION_3 - case _LINUX_CAPABILITY_VERSION_3: - magic = VFS_CAP_REVISION_2; - tocopy = VFS_CAP_U32_2; - *bytes_p = XATTR_CAPS_SZ_2; - break; -#endif - - default: - errno = EINVAL; - return -1; - } - - _cap_debug("setting named file capabilities"); - - for (eff_not_zero = 0, i = 0; i < tocopy; i++) { - eff_not_zero |= cap_d->u[i].flat[CAP_EFFECTIVE]; - } - while (i < __CAP_BLKS) { - if ((cap_d->u[i].flat[CAP_EFFECTIVE] - || cap_d->u[i].flat[CAP_INHERITABLE] - || cap_d->u[i].flat[CAP_PERMITTED])) { - /* - * System does not support these capabilities - */ - errno = EINVAL; - return -1; - } - i++; - } - - for (i=0; i < tocopy; i++) { - rawvfscap->data[i].permitted - = FIXUP_32BITS(cap_d->u[i].flat[CAP_PERMITTED]); - rawvfscap->data[i].inheritable - = FIXUP_32BITS(cap_d->u[i].flat[CAP_INHERITABLE]); - - if (eff_not_zero - && ((~(cap_d->u[i].flat[CAP_EFFECTIVE])) - & (cap_d->u[i].flat[CAP_PERMITTED] - | cap_d->u[i].flat[CAP_INHERITABLE]))) { - errno = EINVAL; - return -1; - } - } - - if (eff_not_zero == 0) { - rawvfscap->magic_etc = FIXUP_32BITS(magic); - } else { - rawvfscap->magic_etc = FIXUP_32BITS(magic|VFS_CAP_FLAGS_EFFECTIVE); - } - - return 0; /* success */ -} - -/* - * Get the capabilities of an open file, as specified by its file - * descriptor. - */ - -cap_t cap_get_fd(int fildes) -{ - cap_t result; - - /* allocate a new capability set */ - result = cap_init(); - if (result) { - struct vfs_cap_data rawvfscap; - int sizeofcaps; - - _cap_debug("getting fildes capabilities"); - - /* fill the capability sets via a system call */ - sizeofcaps = fgetxattr(fildes, XATTR_NAME_CAPS, - &rawvfscap, sizeof(rawvfscap)); - if (sizeofcaps < ssizeof(rawvfscap.magic_etc)) { - cap_free(result); - result = NULL; - } else { - result = _fcaps_load(&rawvfscap, result, sizeofcaps); - } - } - - return result; -} - -/* - * Get the capabilities from a named file. - */ - -cap_t cap_get_file(const char *filename) -{ - cap_t result; - - /* allocate a new capability set */ - result = cap_init(); - if (result) { - struct vfs_cap_data rawvfscap; - int sizeofcaps; - - _cap_debug("getting filename capabilities"); - - /* fill the capability sets via a system call */ - sizeofcaps = getxattr(filename, XATTR_NAME_CAPS, - &rawvfscap, sizeof(rawvfscap)); - if (sizeofcaps < ssizeof(rawvfscap.magic_etc)) { - cap_free(result); - result = NULL; - } else { - result = _fcaps_load(&rawvfscap, result, sizeofcaps); - } - } - - return result; -} - -/* - * Set the capabilities of an open file, as specified by its file - * descriptor. - */ - -int cap_set_fd(int fildes, cap_t cap_d) -{ - struct vfs_cap_data rawvfscap; - int sizeofcaps; - struct stat buf; - - if (fstat(fildes, &buf) != 0) { - _cap_debug("unable to stat file descriptor %d", fildes); - return -1; - } - if (S_ISLNK(buf.st_mode) || !S_ISREG(buf.st_mode)) { - _cap_debug("file descriptor %d for non-regular file", fildes); - errno = EINVAL; - return -1; - } - - if (cap_d == NULL) { - _cap_debug("deleting fildes capabilities"); - return fremovexattr(fildes, XATTR_NAME_CAPS); - } else if (_fcaps_save(&rawvfscap, cap_d, &sizeofcaps) != 0) { - return -1; - } - - _cap_debug("setting fildes capabilities"); - - return fsetxattr(fildes, XATTR_NAME_CAPS, &rawvfscap, sizeofcaps, 0); -} - -/* - * Set the capabilities of a named file. - */ - -int cap_set_file(const char *filename, cap_t cap_d) -{ - struct vfs_cap_data rawvfscap; - int sizeofcaps; - struct stat buf; - - if (lstat(filename, &buf) != 0) { - _cap_debug("unable to stat file [%s]", filename); - return -1; - } - if (S_ISLNK(buf.st_mode) || !S_ISREG(buf.st_mode)) { - _cap_debug("file [%s] is not a regular file", filename); - errno = EINVAL; - return -1; - } - - if (cap_d == NULL) { - _cap_debug("removing filename capabilities"); - return removexattr(filename, XATTR_NAME_CAPS); - } else if (_fcaps_save(&rawvfscap, cap_d, &sizeofcaps) != 0) { - return -1; - } - - _cap_debug("setting filename capabilities"); - return setxattr(filename, XATTR_NAME_CAPS, &rawvfscap, sizeofcaps, 0); -} - -#else /* ie. ndef VFS_CAP_U32 */ - -cap_t cap_get_fd(int fildes) -{ - errno = EINVAL; - return NULL; -} - -cap_t cap_get_file(const char *filename) -{ - errno = EINVAL; - return NULL; -} - -int cap_set_fd(int fildes, cap_t cap_d) -{ - errno = EINVAL; - return -1; -} - -int cap_set_file(const char *filename, cap_t cap_d) -{ - errno = EINVAL; - return -1; -} - -#endif /* def VFS_CAP_U32 */ diff --git a/contrib/libs/libcap/cap_flag.c b/contrib/libs/libcap/cap_flag.c deleted file mode 100644 index 52ec3b32e0f..00000000000 --- a/contrib/libs/libcap/cap_flag.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 1997-8,2008 Andrew G. Morgan <[email protected]> - * - * This file deals with flipping of capabilities on internal - * capability sets as specified by POSIX.1e (formerlly, POSIX 6). - */ - -#include "libcap.h" - -/* - * Return the state of a specified capability flag. The state is - * returned as the contents of *raised. The capability is from one of - * the sets stored in cap_d as specified by set and value - */ - -int cap_get_flag(cap_t cap_d, cap_value_t value, cap_flag_t set, - cap_flag_value_t *raised) -{ - /* - * Do we have a set and a place to store its value? - * Is it a known capability? - */ - - if (raised && good_cap_t(cap_d) && value >= 0 && value < __CAP_BITS - && set >= 0 && set < NUMBER_OF_CAP_SETS) { - *raised = isset_cap(cap_d,value,set) ? CAP_SET:CAP_CLEAR; - return 0; - } else { - _cap_debug("invalid arguments"); - errno = EINVAL; - return -1; - } -} - -/* - * raise/lower a selection of capabilities - */ - -int cap_set_flag(cap_t cap_d, cap_flag_t set, - int no_values, const cap_value_t *array_values, - cap_flag_value_t raise) -{ - /* - * Do we have a set and a place to store its value? - * Is it a known capability? - */ - - if (good_cap_t(cap_d) && no_values > 0 && no_values <= __CAP_BITS - && (set >= 0) && (set < NUMBER_OF_CAP_SETS) - && (raise == CAP_SET || raise == CAP_CLEAR) ) { - int i; - for (i=0; i<no_values; ++i) { - if (array_values[i] < 0 || array_values[i] >= __CAP_BITS) { - _cap_debug("weird capability (%d) - skipped", array_values[i]); - } else { - int value = array_values[i]; - - if (raise == CAP_SET) { - cap_d->raise_cap(value,set); - } else { - cap_d->lower_cap(value,set); - } - } - } - return 0; - - } else { - - _cap_debug("invalid arguments"); - errno = EINVAL; - return -1; - - } -} - -/* - * Reset the capability to be empty (nothing raised) - */ - -int cap_clear(cap_t cap_d) -{ - if (good_cap_t(cap_d)) { - - memset(&(cap_d->u), 0, sizeof(cap_d->u)); - return 0; - - } else { - - _cap_debug("invalid pointer"); - errno = EINVAL; - return -1; - - } -} - -/* - * Reset the all of the capability bits for one of the flag sets - */ - -int cap_clear_flag(cap_t cap_d, cap_flag_t flag) -{ - switch (flag) { - case CAP_EFFECTIVE: - case CAP_PERMITTED: - case CAP_INHERITABLE: - if (good_cap_t(cap_d)) { - unsigned i; - - for (i=0; i<_LIBCAP_CAPABILITY_U32S; i++) { - cap_d->u[i].flat[flag] = 0; - } - return 0; - } - /* - * fall through - */ - - default: - _cap_debug("invalid pointer"); - errno = EINVAL; - return -1; - } -} - -/* - * Compare two capability sets - */ - -int cap_compare(cap_t a, cap_t b) -{ - unsigned i; - int result; - - if (!(good_cap_t(a) && good_cap_t(b))) { - _cap_debug("invalid arguments"); - errno = EINVAL; - return -1; - } - - for (i=0, result=0; i<_LIBCAP_CAPABILITY_U32S; i++) { - result |= - ((a->u[i].flat[CAP_EFFECTIVE] != b->u[i].flat[CAP_EFFECTIVE]) - ? LIBCAP_EFF : 0) - | ((a->u[i].flat[CAP_INHERITABLE] != b->u[i].flat[CAP_INHERITABLE]) - ? LIBCAP_INH : 0) - | ((a->u[i].flat[CAP_PERMITTED] != b->u[i].flat[CAP_PERMITTED]) - ? LIBCAP_PER : 0); - } - return result; -} diff --git a/contrib/libs/libcap/cap_names.h b/contrib/libs/libcap/cap_names.h deleted file mode 100644 index b97c3363a52..00000000000 --- a/contrib/libs/libcap/cap_names.h +++ /dev/null @@ -1,51 +0,0 @@ -/* - * DO NOT EDIT: this file is generated automatically from - * - * <linux/capability.h> - */ -#define __CAP_BITS 38 - -#ifdef LIBCAP_PLEASE_INCLUDE_ARRAY - char const *_cap_names[__CAP_BITS] = { - /* 0 */ "cap_chown", - /* 1 */ "cap_dac_override", - /* 2 */ "cap_dac_read_search", - /* 3 */ "cap_fowner", - /* 4 */ "cap_fsetid", - /* 5 */ "cap_kill", - /* 6 */ "cap_setgid", - /* 7 */ "cap_setuid", - /* 8 */ "cap_setpcap", - /* 9 */ "cap_linux_immutable", - /* 10 */ "cap_net_bind_service", - /* 11 */ "cap_net_broadcast", - /* 12 */ "cap_net_admin", - /* 13 */ "cap_net_raw", - /* 14 */ "cap_ipc_lock", - /* 15 */ "cap_ipc_owner", - /* 16 */ "cap_sys_module", - /* 17 */ "cap_sys_rawio", - /* 18 */ "cap_sys_chroot", - /* 19 */ "cap_sys_ptrace", - /* 20 */ "cap_sys_pacct", - /* 21 */ "cap_sys_admin", - /* 22 */ "cap_sys_boot", - /* 23 */ "cap_sys_nice", - /* 24 */ "cap_sys_resource", - /* 25 */ "cap_sys_time", - /* 26 */ "cap_sys_tty_config", - /* 27 */ "cap_mknod", - /* 28 */ "cap_lease", - /* 29 */ "cap_audit_write", - /* 30 */ "cap_audit_control", - /* 31 */ "cap_setfcap", - /* 32 */ "cap_mac_override", - /* 33 */ "cap_mac_admin", - /* 34 */ "cap_syslog", - /* 35 */ "cap_wake_alarm", - /* 36 */ "cap_block_suspend", - /* 37 */ "cap_audit_read", - }; -#endif /* LIBCAP_PLEASE_INCLUDE_ARRAY */ - -/* END OF FILE */ diff --git a/contrib/libs/libcap/cap_proc.c b/contrib/libs/libcap/cap_proc.c deleted file mode 100644 index 8ecb57ae90c..00000000000 --- a/contrib/libs/libcap/cap_proc.c +++ /dev/null @@ -1,126 +0,0 @@ -/* - * Copyright (c) 1997-8,2007,2011 Andrew G Morgan <[email protected]> - * - * This file deals with getting and setting capabilities on processes. - */ - -#include <sys/prctl.h> - -#include "libcap.h" - -cap_t cap_get_proc(void) -{ - cap_t result; - - /* allocate a new capability set */ - result = cap_init(); - if (result) { - _cap_debug("getting current process' capabilities"); - - /* fill the capability sets via a system call */ - if (capget(&result->head, &result->u[0].set)) { - cap_free(result); - result = NULL; - } - } - - return result; -} - -int cap_set_proc(cap_t cap_d) -{ - int retval; - - if (!good_cap_t(cap_d)) { - errno = EINVAL; - return -1; - } - - _cap_debug("setting process capabilities"); - retval = capset(&cap_d->head, &cap_d->u[0].set); - - return retval; -} - -/* the following two functions are not required by POSIX */ - -/* read the caps on a specific process */ - -int capgetp(pid_t pid, cap_t cap_d) -{ - int error; - - if (!good_cap_t(cap_d)) { - errno = EINVAL; - return -1; - } - - _cap_debug("getting process capabilities for proc %d", pid); - - cap_d->head.pid = pid; - error = capget(&cap_d->head, &cap_d->u[0].set); - cap_d->head.pid = 0; - - return error; -} - -/* allocate space for and return capabilities of target process */ - -cap_t cap_get_pid(pid_t pid) -{ - cap_t result; - - result = cap_init(); - if (result) { - if (capgetp(pid, result) != 0) { - int my_errno; - - my_errno = errno; - cap_free(result); - errno = my_errno; - result = NULL; - } - } - - return result; -} - -/* set the caps on a specific process/pg etc.. */ - -int capsetp(pid_t pid, cap_t cap_d) -{ - int error; - - if (!good_cap_t(cap_d)) { - errno = EINVAL; - return -1; - } - - _cap_debug("setting process capabilities for proc %d", pid); - cap_d->head.pid = pid; - error = capset(&cap_d->head, &cap_d->u[0].set); - cap_d->head.version = _LIBCAP_CAPABILITY_VERSION; - cap_d->head.pid = 0; - - return error; -} - -/* get a capability from the bounding set */ - -int cap_get_bound(cap_value_t cap) -{ - int result; - - result = prctl(PR_CAPBSET_READ, cap); - return result; -} - -/* drop a capability from the bounding set */ - -int cap_drop_bound(cap_value_t cap) -{ - int result; - - result = prctl(PR_CAPBSET_DROP, cap); - return result; -} diff --git a/contrib/libs/libcap/cap_text.c b/contrib/libs/libcap/cap_text.c deleted file mode 100644 index 42fb685221a..00000000000 --- a/contrib/libs/libcap/cap_text.c +++ /dev/null @@ -1,429 +0,0 @@ -/* - * Copyright (c) 1997-8,2007-8 Andrew G Morgan <[email protected]> - * Copyright (c) 1997 Andrew Main <[email protected]> - * - * This file deals with exchanging internal and textual - * representations of capability sets. - */ - -#define _GNU_SOURCE -#include <stdio.h> - -#define LIBCAP_PLEASE_INCLUDE_ARRAY -#include "libcap.h" - -#include <ctype.h> -#include <limits.h> - -/* Maximum output text length (16 per cap) */ -#define CAP_TEXT_SIZE (16*__CAP_MAXBITS) - -/* - * Parse a textual representation of capabilities, returning an internal - * representation. - */ - -#define raise_cap_mask(flat, c) (flat)[CAP_TO_INDEX(c)] |= CAP_TO_MASK(c) - -static void setbits(cap_t a, const __u32 *b, cap_flag_t set, unsigned blks) -{ - int n; - for (n = blks; n--; ) { - a->u[n].flat[set] |= b[n]; - } -} - -static void clrbits(cap_t a, const __u32 *b, cap_flag_t set, unsigned blks) -{ - int n; - for (n = blks; n--; ) - a->u[n].flat[set] &= ~b[n]; -} - -static char const *namcmp(char const *str, char const *nam) -{ - while (*nam && tolower((unsigned char)*str) == *nam) { - str++; - nam++; - } - if (*nam || isalnum((unsigned char)*str) || *str == '_') - return NULL; - return str; -} - -static void forceall(__u32 *flat, __u32 value, unsigned blks) -{ - unsigned n; - - for (n = blks; n--; flat[n] = value); - - return; -} - -static int lookupname(char const **strp) -{ - union { - char const *constp; - char *p; - } str; - - str.constp = *strp; - if (isdigit(*str.constp)) { - unsigned long n = strtoul(str.constp, &str.p, 0); - if (n >= __CAP_MAXBITS) - return -1; - *strp = str.constp; - return n; - } else { - int c; - unsigned len; - - for (len=0; (c = str.constp[len]); ++len) { - if (!(isalpha(c) || (c == '_'))) { - break; - } - } - -#ifdef GPERF_DOWNCASE - const struct __cap_token_s *token_info; - - token_info = __cap_lookup_name(str.constp, len); - if (token_info != NULL) { - *strp = str.constp + len; - return token_info->index; - } -#else /* ie., ndef GPERF_DOWNCASE */ - char const *s; - unsigned n; - - for (n = __CAP_BITS; n--; ) - if (_cap_names[n] && (s = namcmp(str.constp, _cap_names[n]))) { - *strp = s; - return n; - } -#endif /* def GPERF_DOWNCASE */ - - return -1; /* No definition available */ - } -} - -cap_t cap_from_text(const char *str) -{ - cap_t res; - int n; - unsigned cap_blks; - - if (str == NULL) { - _cap_debug("bad argument"); - errno = EINVAL; - return NULL; - } - - if (!(res = cap_init())) - return NULL; - - switch (res->head.version) { - case _LINUX_CAPABILITY_VERSION_1: - cap_blks = _LINUX_CAPABILITY_U32S_1; - break; - case _LINUX_CAPABILITY_VERSION_2: - cap_blks = _LINUX_CAPABILITY_U32S_2; - break; - case _LINUX_CAPABILITY_VERSION_3: - cap_blks = _LINUX_CAPABILITY_U32S_3; - break; - default: - errno = EINVAL; - return NULL; - } - - _cap_debug("%s", str); - - for (;;) { - __u32 list[__CAP_BLKS]; - char op; - int flags = 0, listed=0; - - forceall(list, 0, __CAP_BLKS); - - /* skip leading spaces */ - while (isspace((unsigned char)*str)) - str++; - if (!*str) { - _cap_debugcap("e = ", *res, CAP_EFFECTIVE); - _cap_debugcap("i = ", *res, CAP_INHERITABLE); - _cap_debugcap("p = ", *res, CAP_PERMITTED); - - return res; - } - - /* identify caps specified by this clause */ - if (isalnum((unsigned char)*str) || *str == '_') { - for (;;) { - if (namcmp(str, "all")) { - str += 3; - forceall(list, ~0, cap_blks); - } else { - n = lookupname(&str); - if (n == -1) - goto bad; - raise_cap_mask(list, n); - } - if (*str != ',') - break; - if (!isalnum((unsigned char)*++str) && *str != '_') - goto bad; - } - listed = 1; - } else if (*str == '+' || *str == '-') { - goto bad; /* require a list of capabilities */ - } else { - forceall(list, ~0, cap_blks); - } - - /* identify first operation on list of capabilities */ - op = *str++; - if (op == '=' && (*str == '+' || *str == '-')) { - if (!listed) - goto bad; - op = (*str++ == '+' ? 'P':'M'); /* skip '=' and take next op */ - } else if (op != '+' && op != '-' && op != '=') - goto bad; - - /* cycle through list of actions */ - do { - _cap_debug("next char = `%c'", *str); - if (*str && !isspace(*str)) { - switch (*str++) { /* Effective, Inheritable, Permitted */ - case 'e': - flags |= LIBCAP_EFF; - break; - case 'i': - flags |= LIBCAP_INH; - break; - case 'p': - flags |= LIBCAP_PER; - break; - default: - goto bad; - } - } else if (op != '=') { - _cap_debug("only '=' can be followed by space"); - goto bad; - } - - _cap_debug("how to read?"); - switch (op) { /* how do we interpret the caps? */ - case '=': - case 'P': /* =+ */ - case 'M': /* =- */ - clrbits(res, list, CAP_EFFECTIVE, cap_blks); - clrbits(res, list, CAP_PERMITTED, cap_blks); - clrbits(res, list, CAP_INHERITABLE, cap_blks); - if (op == 'M') - goto minus; - /* fall through */ - case '+': - if (flags & LIBCAP_EFF) - setbits(res, list, CAP_EFFECTIVE, cap_blks); - if (flags & LIBCAP_PER) - setbits(res, list, CAP_PERMITTED, cap_blks); - if (flags & LIBCAP_INH) - setbits(res, list, CAP_INHERITABLE, cap_blks); - break; - case '-': - minus: - if (flags & LIBCAP_EFF) - clrbits(res, list, CAP_EFFECTIVE, cap_blks); - if (flags & LIBCAP_PER) - clrbits(res, list, CAP_PERMITTED, cap_blks); - if (flags & LIBCAP_INH) - clrbits(res, list, CAP_INHERITABLE, cap_blks); - break; - } - - /* new directive? */ - if (*str == '+' || *str == '-') { - if (!listed) { - _cap_debug("for + & - must list capabilities"); - goto bad; - } - flags = 0; /* reset the flags */ - op = *str++; - if (!isalpha(*str)) - goto bad; - } - } while (*str && !isspace(*str)); - _cap_debug("next clause"); - } - -bad: - cap_free(res); - res = NULL; - errno = EINVAL; - return res; -} - -/* - * lookup a capability name and return its numerical value - */ -int cap_from_name(const char *name, cap_value_t *value_p) -{ - int n; - - if (((n = lookupname(&name)) >= 0) && (value_p != NULL)) { - *value_p = (unsigned) n; - } - return -(n < 0); -} - -/* - * Convert a single capability index number into a string representation - */ -char *cap_to_name(cap_value_t cap) -{ - if ((cap < 0) || (cap >= __CAP_BITS)) { -#if UINT_MAX != 4294967295U -# error Recompile with correctly sized numeric array -#endif - char *tmp, *result; - - asprintf(&tmp, "%u", cap); - result = _libcap_strdup(tmp); - free(tmp); - - return result; - } else { - return _libcap_strdup(_cap_names[cap]); - } -} - -/* - * Convert an internal representation to a textual one. The textual - * representation is stored in static memory. It will be overwritten - * on the next occasion that this function is called. - */ - -static int getstateflags(cap_t caps, int capno) -{ - int f = 0; - - if (isset_cap(caps, capno, CAP_EFFECTIVE)) { - f |= LIBCAP_EFF; - } - if (isset_cap(caps, capno, CAP_PERMITTED)) { - f |= LIBCAP_PER; - } - if (isset_cap(caps, capno, CAP_INHERITABLE)) { - f |= LIBCAP_INH; - } - - return f; -} - -#define CAP_TEXT_BUFFER_ZONE 100 - -char *cap_to_text(cap_t caps, ssize_t *length_p) -{ - char buf[CAP_TEXT_SIZE+CAP_TEXT_BUFFER_ZONE]; - char *p; - int histo[8]; - int m, t; - unsigned n; - unsigned cap_maxbits, cap_blks; - - /* Check arguments */ - if (!good_cap_t(caps)) { - errno = EINVAL; - return NULL; - } - - switch (caps->head.version) { - case _LINUX_CAPABILITY_VERSION_1: - cap_blks = _LINUX_CAPABILITY_U32S_1; - break; - case _LINUX_CAPABILITY_VERSION_2: - cap_blks = _LINUX_CAPABILITY_U32S_2; - break; - case _LINUX_CAPABILITY_VERSION_3: - cap_blks = _LINUX_CAPABILITY_U32S_3; - break; - default: - errno = EINVAL; - return NULL; - } - - cap_maxbits = 32 * cap_blks; - - _cap_debugcap("e = ", *caps, CAP_EFFECTIVE); - _cap_debugcap("i = ", *caps, CAP_INHERITABLE); - _cap_debugcap("p = ", *caps, CAP_PERMITTED); - - memset(histo, 0, sizeof(histo)); - - /* default prevailing state to the upper - unnamed bits */ - for (n = cap_maxbits-1; n > __CAP_BITS; n--) - histo[getstateflags(caps, n)]++; - - /* find which combination of capability sets shares the most bits - we bias to preferring non-set (m=0) with the >= 0 test. Failing - to do this causes strange things to happen with older systems - that don't know about bits 32+. */ - for (m=t=7; t--; ) - if (histo[t] >= histo[m]) - m = t; - - /* capture remaining bits - selecting m from only the unnamed bits, - we maximize the likelihood that we won't see numeric capability - values in the text output. */ - while (n--) - histo[getstateflags(caps, n)]++; - - /* blank is not a valid capability set */ - p = sprintf(buf, "=%s%s%s", - (m & LIBCAP_EFF) ? "e" : "", - (m & LIBCAP_INH) ? "i" : "", - (m & LIBCAP_PER) ? "p" : "" ) + buf; - - for (t = 8; t--; ) - if (t != m && histo[t]) { - *p++ = ' '; - for (n = 0; n < cap_maxbits; n++) - if (getstateflags(caps, n) == t) { - char *this_cap_name; - - this_cap_name = cap_to_name(n); - if ((strlen(this_cap_name) + (p - buf)) > CAP_TEXT_SIZE) { - cap_free(this_cap_name); - errno = ERANGE; - return NULL; - } - p += sprintf(p, "%s,", this_cap_name); - cap_free(this_cap_name); - } - p--; - n = t & ~m; - if (n) - p += sprintf(p, "+%s%s%s", - (n & LIBCAP_EFF) ? "e" : "", - (n & LIBCAP_INH) ? "i" : "", - (n & LIBCAP_PER) ? "p" : ""); - n = ~t & m; - if (n) - p += sprintf(p, "-%s%s%s", - (n & LIBCAP_EFF) ? "e" : "", - (n & LIBCAP_INH) ? "i" : "", - (n & LIBCAP_PER) ? "p" : ""); - if (p - buf > CAP_TEXT_SIZE) { - errno = ERANGE; - return NULL; - } - } - - _cap_debug("%s", buf); - if (length_p) { - *length_p = p - buf; - } - - return (_libcap_strdup(buf)); -} diff --git a/contrib/libs/libcap/include/sys/capability.h b/contrib/libs/libcap/include/sys/capability.h deleted file mode 100644 index 4d3b7bfe234..00000000000 --- a/contrib/libs/libcap/include/sys/capability.h +++ /dev/null @@ -1,126 +0,0 @@ -/* - * <sys/capability.h> - * - * Copyright (C) 1997 Aleph One - * Copyright (C) 1997-8,2008 Andrew G. Morgan <[email protected]> - * - * defunct POSIX.1e Standard: 25.2 Capabilities <sys/capability.h> - */ - -#ifndef _SYS_CAPABILITY_H -#define _SYS_CAPABILITY_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * This file complements the kernel file by providing prototype - * information for the user library. - */ - -#include <sys/types.h> -#include <stdint.h> -#include <linux/types.h> - -#ifndef __user -#define __user -#endif -#include <linux/capability.h> - -/* - * POSIX capability types - */ - -/* - * Opaque capability handle (defined internally by libcap) - * internal capability representation - */ -typedef struct _cap_struct *cap_t; - -/* "external" capability representation is a (void *) */ - -/* - * This is the type used to identify capabilities - */ - -typedef int cap_value_t; - -/* - * Set identifiers - */ -typedef enum { - CAP_EFFECTIVE=0, /* Specifies the effective flag */ - CAP_PERMITTED=1, /* Specifies the permitted flag */ - CAP_INHERITABLE=2 /* Specifies the inheritable flag */ -} cap_flag_t; - -/* - * These are the states available to each capability - */ -typedef enum { - CAP_CLEAR=0, /* The flag is cleared/disabled */ - CAP_SET=1 /* The flag is set/enabled */ -} cap_flag_value_t; - -/* - * User-space capability manipulation routines - */ - -/* libcap/cap_alloc.c */ -extern cap_t cap_dup(cap_t); -extern int cap_free(void *); -extern cap_t cap_init(void); - -/* libcap/cap_flag.c */ -extern int cap_get_flag(cap_t, cap_value_t, cap_flag_t, cap_flag_value_t *); -extern int cap_set_flag(cap_t, cap_flag_t, int, const cap_value_t *, - cap_flag_value_t); -extern int cap_clear(cap_t); -extern int cap_clear_flag(cap_t, cap_flag_t); - -/* libcap/cap_file.c */ -extern cap_t cap_get_fd(int); -extern cap_t cap_get_file(const char *); -extern int cap_set_fd(int, cap_t); -extern int cap_set_file(const char *, cap_t); - -/* libcap/cap_proc.c */ -extern cap_t cap_get_proc(void); -extern cap_t cap_get_pid(pid_t); -extern int cap_set_proc(cap_t); - -extern int cap_get_bound(cap_value_t); -extern int cap_drop_bound(cap_value_t); - -#define CAP_IS_SUPPORTED(cap) (cap_get_bound(cap) >= 0) - -/* libcap/cap_extint.c */ -extern ssize_t cap_size(cap_t); -extern ssize_t cap_copy_ext(void *, cap_t, ssize_t); -extern cap_t cap_copy_int(const void *); - -/* libcap/cap_text.c */ -extern cap_t cap_from_text(const char *); -extern char * cap_to_text(cap_t, ssize_t *); -extern int cap_from_name(const char *, cap_value_t *); -extern char * cap_to_name(cap_value_t); - -#define CAP_DIFFERS(result, flag) (((result) & (1 << (flag))) != 0) -extern int cap_compare(cap_t, cap_t); - -/* system calls - look to libc for function to system call mapping */ -extern int capget(cap_user_header_t header, cap_user_data_t data); -extern int capset(cap_user_header_t header, const cap_user_data_t data); - -/* deprecated - use cap_get_pid() */ -extern int capgetp(pid_t pid, cap_t cap_d); - -/* not valid with filesystem capability support - use cap_set_proc() */ -extern int capsetp(pid_t pid, cap_t cap_d); - -#ifdef __cplusplus -} -#endif - -#endif /* _SYS_CAPABILITY_H */ diff --git a/contrib/libs/libcap/libcap.h b/contrib/libs/libcap/libcap.h deleted file mode 100644 index eabf8d3cdb8..00000000000 --- a/contrib/libs/libcap/libcap.h +++ /dev/null @@ -1,209 +0,0 @@ -/* - * Copyright (c) 1997 Andrew G Morgan <[email protected]> - * - * This file contains internal definitions for the various functions in - * this small capability library. - */ - -#ifndef LIBCAP_H -#define LIBCAP_H - -#include <errno.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <stdint.h> -#include <sys/capability.h> - -#ifndef __u8 -#define __u8 uint8_t -#endif /* __8 */ - -#ifndef __u32 -#define __u32 uint32_t -#endif /* __u32 */ - -/* include the names for the caps and a definition of __CAP_BITS */ -#include "cap_names.h" - -#ifndef _LINUX_CAPABILITY_U32S_1 -# define _LINUX_CAPABILITY_U32S_1 1 -#endif /* ndef _LINUX_CAPABILITY_U32S */ - -/* - * Do we match the local kernel? - */ - -#if !defined(_LINUX_CAPABILITY_VERSION) - -# error Kernel <linux/capability.h> does not support library -# error file "libcap.h" --> fix and recompile libcap - -#elif !defined(_LINUX_CAPABILITY_VERSION_2) - -# warning Kernel <linux/capability.h> does not support 64-bit capabilities -# warning and libcap is being built with no support for 64-bit capabilities - -# ifndef _LINUX_CAPABILITY_VERSION_1 -# define _LINUX_CAPABILITY_VERSION_1 0x19980330 -# endif - -# _LIBCAP_CAPABILITY_VERSION _LINUX_CAPABILITY_VERSION_1 -# _LIBCAP_CAPABILITY_U32S _LINUX_CAPABILITY_U32S_1 - -#elif defined(_LINUX_CAPABILITY_VERSION_3) - -# if (_LINUX_CAPABILITY_VERSION_3 != 0x20080522) -# error Kernel <linux/capability.h> v3 does not match library -# error file "libcap.h" --> fix and recompile libcap -# else -# define _LIBCAP_CAPABILITY_VERSION _LINUX_CAPABILITY_VERSION_3 -# define _LIBCAP_CAPABILITY_U32S _LINUX_CAPABILITY_U32S_3 -# endif - -#elif (_LINUX_CAPABILITY_VERSION_2 != 0x20071026) - -# error Kernel <linux/capability.h> does not match library -# error file "libcap.h" --> fix and recompile libcap - -#else - -# define _LIBCAP_CAPABILITY_VERSION _LINUX_CAPABILITY_VERSION_2 -# define _LIBCAP_CAPABILITY_U32S _LINUX_CAPABILITY_U32S_2 - -#endif - -#undef _LINUX_CAPABILITY_VERSION -#undef _LINUX_CAPABILITY_U32S - -/* - * This is a pointer to a struct containing three consecutive - * capability sets in the order of the cap_flag_t type: the are - * effective,inheritable and permitted. This is the type that the - * user-space routines think of as 'internal' capabilities - this is - * the type that is passed to the kernel with the system calls related - * to processes. - */ - -#if defined(VFS_CAP_REVISION_MASK) && !defined(VFS_CAP_U32) -# define VFS_CAP_U32_1 1 -# define XATTR_CAPS_SZ_1 (sizeof(__le32)*(1 + 2*VFS_CAP_U32_1)) -# define VFS_CAP_U32 VFS_CAP_U32_1 -struct _cap_vfs_cap_data { - __le32 magic_etc; - struct { - __le32 permitted; - __le32 inheritable; - } data[VFS_CAP_U32_1]; -}; -# define vfs_cap_data _cap_vfs_cap_data -#endif - -#ifndef CAP_TO_INDEX -# define CAP_TO_INDEX(x) ((x) >> 5) /* 1 << 5 == bits in __u32 */ -#endif /* ndef CAP_TO_INDEX */ - -#ifndef CAP_TO_MASK -# define CAP_TO_MASK(x) (1 << ((x) & 31)) -#endif /* ndef CAP_TO_MASK */ - -#define NUMBER_OF_CAP_SETS 3 /* effective, inheritable, permitted */ -#define __CAP_BLKS (_LIBCAP_CAPABILITY_U32S) -#define CAP_SET_SIZE (__CAP_BLKS * sizeof(__u32)) - -#define CAP_T_MAGIC 0xCA90D0 -struct _cap_struct { - struct __user_cap_header_struct head; - union { - struct __user_cap_data_struct set; - __u32 flat[NUMBER_OF_CAP_SETS]; - } u[_LIBCAP_CAPABILITY_U32S]; -}; - -/* the maximum bits supportable */ -#define __CAP_MAXBITS (__CAP_BLKS * 32) - -/* string magic for cap_free */ -#define CAP_S_MAGIC 0xCA95D0 - -/* - * kernel API cap set abstraction - */ - -#define raise_cap(x,set) u[(x)>>5].flat[set] |= (1<<((x)&31)) -#define lower_cap(x,set) u[(x)>>5].flat[set] &= ~(1<<((x)&31)) -#define isset_cap(y,x,set) ((y)->u[(x)>>5].flat[set] & (1<<((x)&31))) - -/* - * Private definitions for internal use by the library. - */ - -#define __libcap_check_magic(c,magic) ((c) && *(-1+(__u32 *)(c)) == (magic)) -#define good_cap_t(c) __libcap_check_magic(c, CAP_T_MAGIC) -#define good_cap_string(c) __libcap_check_magic(c, CAP_S_MAGIC) - -/* - * These match CAP_DIFFERS() expectations - */ -#define LIBCAP_EFF (1 << CAP_EFFECTIVE) -#define LIBCAP_INH (1 << CAP_INHERITABLE) -#define LIBCAP_PER (1 << CAP_PERMITTED) - -/* - * library debugging - */ -#ifdef DEBUG - -#include <stdio.h> -# define _cap_debug(f, x...) do { \ - fprintf(stderr, "%s(%s:%d): ", __FUNCTION__, __FILE__, __LINE__); \ - fprintf(stderr, f, ## x); \ - fprintf(stderr, "\n"); \ -} while (0) - -# define _cap_debugcap(s, c, set) do { \ - unsigned _cap_index; \ - fprintf(stderr, "%s(%s:%d): %s", __FUNCTION__, __FILE__, __LINE__, s); \ - for (_cap_index=_LIBCAP_CAPABILITY_U32S; _cap_index-- > 0; ) { \ - fprintf(stderr, "%08x", (c).u[_cap_index].flat[set]); \ - } \ - fprintf(stderr, "\n"); \ -} while (0) - -#else /* !DEBUG */ - -# define _cap_debug(f, x...) -# define _cap_debugcap(s, c, set) - -#endif /* DEBUG */ - -extern char *_libcap_strdup(const char *text); - -/* - * These are semi-public prototypes, they will only be defined in - * <sys/capability.h> if _POSIX_SOURCE is not #define'd, so we - * place them here too. - */ - -extern int capget(cap_user_header_t header, cap_user_data_t data); -extern int capset(cap_user_header_t header, const cap_user_data_t data); -extern int capgetp(pid_t pid, cap_t cap_d); -extern int capsetp(pid_t pid, cap_t cap_d); - -/* prctl based API for altering character of current process */ -#define PR_GET_KEEPCAPS 7 -#define PR_SET_KEEPCAPS 8 -#define PR_CAPBSET_READ 23 -#define PR_CAPBSET_DROP 24 -#define PR_GET_SECUREBITS 27 -#define PR_SET_SECUREBITS 28 - -/* - * The library compares sizeof() with integer return values. To avoid - * signed/unsigned comparisons, leading to unfortunate - * misinterpretations of -1, we provide a convenient cast-to-signed-integer - * version of sizeof(). - */ -#define ssizeof(x) ((ssize_t) sizeof(x)) - -#endif /* LIBCAP_H */ |