| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| | |
Original change: https://android-review.googlesource.com/c/platform/external/libcap/+/1361151
Change-Id: Ib802163dd78dc2cb06eefb928110f19deea34122
|
| | |\
| | |
| | |
| | |
| | |
| | | |
Original change: https://android-review.googlesource.com/c/platform/external/libcap/+/1361151
Change-Id: I940aff3f1c240e92e2c52b3bc215031c3c35f5a1
|
| | | |\
| | | |
| | | |
| | | | |
Change-Id: I372a3e08bacb93acadb81ff5ca263eac882ef7a2
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I'm leaning towards pandoc instead of man-to-md. Mostly because it has
greater coverage in terms of supported formats.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I want a place to capture nuances in these files through experience
and bug reports/patches.
Make use of these to document the Go cap package definitions of each
Value so that the godoc automated documentation at places like go.dev
become more useful for actually using the package.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Addresses:
https://bugzilla.kernel.org/show_bug.cgi?id=208477
Removed the non-wrapping libpsx macro hacks. The API surface as such
becomes a little smaller and I now have confidence that wrapping
pthread_create using the linker options works with Go, gcc and musl
compilers. I feel it is stable enough to call good to delete the
workarounds.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This is something pretty fundamental that a number of folk have asked
about. It is essentially the motivating issue for:
https://github.com/golang/go/issues/1435
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I initially made one, and now modules are building with that stale
value v0.2.37. All despite the fact the Go modules are at v0.2.38.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The main functional change with this commit is to fix this bug:
https://bugzilla.kernel.org/show_bug.cgi?id=208445
Also, include better documentation for the "cap" module. Now that it
is a proper Go module, it is starting to show up on the automated
golang module sites (such as pkg.go.dev) and I thought it deserved
more of an intro comment.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes Hussam Al-Tayeb bug report:
https://bugzilla.kernel.org/show_bug.cgi?id=208439
The list generation has been intended to be fully self-defined
since 2.23, but I didn't complete the job back then because of
a lack of a way to runtime-determine the capabilities actually
supported by the running kernel. This last bit was fixed with
2.30 and I should have caught the need for this final clean up
then.
The go install was broken in 2.37 as a oversight as I refactored
to support go modules. I did a write up about how this Go
support is expected to work here:
https://sites.google.com/site/fullycapable/building-go-programs-that-manipulate-capabilities
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also converted an internal type from int to uint. This change should
not affect any client code.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I've written up how to build web.go here:
https://sites.google.com/site/fullycapable/building-go-programs-that-manipulate-capabilities
But it struc me that the code itself does not explain about the
CGO_LDFLAGS_ALLOW workaround, so I've relocated the web.go code
and included a README as well as a pointer to the above explanation.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It turns out that the Go module abstraction needs a tag specific to
each sub-package, and can't share a generic one for libcap as a whole
for both Go modules. As such, replace the vX.Y.Z tag with two
package/vX.Y.Z tags.
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The primary path for this header is now in the Go package psx, but we
still need to link it via libcap/include.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Cleaned up the Go module redirection html file, now installed
at:
https://kernel.org/pub/linux/libs/security/libcap/
Note, I've moved the C source for libpsx.a into the psx/
directory, but the libpsx.a file is still built in the libcap
subdirectory as before. I also symlinked the C include files from
the psx/ directory. This made the source compile in conjuction
with the "psx" Go package automatically. It also substantially
simplified the go/Makefile.
I feel pretty good about this next version from the perspective
of a viable "psx" build. Caveat the need for CGO_LDFLAGS_ALLOW
on the command line pre-go1.15. Hopefully, the psx package comment
is enough for folk to figure that detail out.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
After reading more about Go modules, I now see how ownership of the
stable URL path for the packages is required. As such, I'm changing
the official package paths to these:
"kernel.org/pub/linux/libs/security/libcap/cap"
"kernel.org/pub/linux/libs/security/libcap/psx"
I have the right permissions to maintain these directories. I will
place the libcap/{cap,psx}/index.html files at those locations and
then validate that the go getting magic does the right things.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It has been requested that we make the "libcap/cap" package into
a module that plays better with the golang ecosystem. I was holding
off until there was a golang version that contained the
runtime.AllThreadsSyscall() support, but that appears to not have
made it to 1.15, so I'm using a development build tag dependency
in otherwise static sources for the "libcap/cap" package.
My intention is that the canonical import paths for these packages
will be:
"git.kernel.org/libs/libcap/cap"
"git.kernel.org/libs/libcap/psx"
That being said, I may have to move them if I can't get some
proxy to resolve these paths to the right git repo of kernel.org.
The is work in the direction of addressing:
https://bugzilla.kernel.org/show_bug.cgi?id=207567
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The intended import path for this module is:
"git.kernel.org/libs/libcap/psx"
This is my first attempt at such module support, so it will
likely require some iteration.
This is work in the direction of addressing:
https://bugzilla.kernel.org/show_bug.cgi?id=207567
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
eBPF (extended Berkeley Packet Filters) now have their own capability.
Earlier releases of the kernel used CAP_SYS_ADMIN for this feature.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We generally try not to use C++ style line comments.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
cap_file.c:204:33: error: 'XATTR_NAME_CAPS' undeclared (first use in
this function)
sizeofcaps = fgetxattr(fildes, XATTR_NAME_CAPS,
Kernels after 2.6.36 moved the declarations to userapi,
Hope this can be defined manually
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The cap_set_nsowner() function, on systems where VFS_CAP_U32
is not defined. Bug report from Prasanth R.
https://bugzilla.kernel.org/show_bug.cgi?id=208365
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The term "current process" is kernel-developer speak that is often not
understood by user-space programmers. Change to "calling process",
which is clearer.
Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages@gmail.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When experimenting with capabilities, it's useful to know that
pid==0 causes getpcaps to display its own capabilities.
Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages@gmail.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It's useful to know that when cap_get_pid() gets pid==0,
it returns the caller's capabilities.
Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages@gmail.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages@gmail.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Apparently some folk like to supply these defines on the compiler
command line. Protect these defines with some more macrology.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| |\| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Original change: https://android-review.googlesource.com/c/platform/external/libcap/+/1324260
Change-Id: I7bf190ce90e241b197844bedbc1d53fdd13d824b
|
| | |\| |
| | | |
| | | |
| | | |
| | | |
| | | | |
Original change: https://android-review.googlesource.com/c/platform/external/libcap/+/1324260
Change-Id: I91c3d0f83a391f7d1500390b04fcecfa0ec73bc3
|
| | | |\ \
| | | | |
| | | | |
| | | | |
| | | | | |
Test: treehugger
Change-Id: I8fc07628ae4e9a34e05ae4cc32cfbfb33fe70f79
|
| | | | |\|
| | | | |
| | | | |
| | | | | |
Change-Id: I3cfeaba12663071863b6ec508832f75cf4c449d3
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
I should have checked before releasing 2.35. Sigh. Won't make that
mistake again.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Somehow I missed the old pointers here.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Should have likely included these in the earlier patch. Too much
to clean up I guess.
Signed-off-by: Andrew G. Morgan <agm@google.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
In a couple of places I've made some Go constants internal to
the Go packages. They use underscores and weren't Go-style
constants and weren't really appropriate for use outside the
context of the Go packages.
Signed-off-by: Andrew G. Morgan <agm@google.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When compiled statically getpwuid() can't handle an unsupported uid. So,
pick the test uids we use to be likely to be defined. Filed a glibc bug
with redhat since this was discovered on a fedora-32 system:
https://bugzilla.redhat.com/show_bug.cgi?id=1842745
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
While there is no explicit runtime dependency of libcap on libpsx
(only an optional one). There is some confusion about the need for
linkage from header analysis. As such, inline the prototype for
psx_load_syscalls() into libcap/cap_proc.go.
This addresses:
https://bugzilla.kernel.org/show_bug.cgi?id=208021
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This is still a work in progress, but see the doc/mkmd.sh file for
how these could be made. The overall conversion is done via
https://github.com/mle86/man-to-md with some minor tweaks with sed.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
I'm generally in favor of using zero'd memory.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
