setpriv: Preliminary no_cap_ambient_raise supportcap_ambient

Signed-off-by: Andy Lutomirski <luto@kernel.org>
author: Andy Lutomirski <luto@kernel.org> 2015-05-14 23:28:09 -0700
committer: Andy Lutomirski <luto@kernel.org> 2015-05-14 23:28:09 -0700
commit: 7f5afbd175d236afdb2d00a909c1f69d6e9602d4 (patch)
tree: ddea2e924777b0f73f709a66e0087acdb76195a6
parent: 860c73ac1acaaae976bdd3bb83b89b0180f0702a (diff)
download: util-linux-playground-cap_ambient.tar.gz
1 files changed, 20 insertions, 1 deletions
diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c
index e44b5f5e47..7907c9f476 100644
--- a/sys-utils/setpriv.c
+++ b/sys-utils/setpriv.c
@@ -53,6 +53,15 @@
 #  define PR_CAP_AMBIENT_LOWER	3
 #endif
 
+#ifndef SECURE_NO_CAP_AMBIENT_RAISE
+# define SECURE_NO_CAP_AMBIENT_RAISE            6
+# define SECURE_NO_CAP_AMBIENT_RAISE_LOCKED     7  /* make bit-6 immutable */
+# define SECBIT_NO_CAP_AMBIENT_RAISE \
+	(issecure_mask(SECURE_NO_CAP_AMBIENT_RAISE))
+# define SECBIT_NO_CAP_AMBIENT_RAISE_LOCKED \
+	(issecure_mask(SECURE_NO_CAP_AMBIENT_RAISE_LOCKED))
+#endif
+
 #define SETPRIV_EXIT_PRIVERR 127	/* how we exit when we fail to set privs */
 
 /*
@@ -226,6 +235,10 @@ static void dump_securebits(void)
 	bits &= ~SECBIT_KEEP_CAPS;
 	dump_one_secbit(&first, &bits, SECBIT_KEEP_CAPS_LOCKED,
 			"keep_caps_locked");
+	dump_one_secbit(&first, &bits, SECBIT_NO_CAP_AMBIENT_RAISE,
+			"no_cap_ambient_raise");
+	dump_one_secbit(&first, &bits, SECBIT_NO_CAP_AMBIENT_RAISE_LOCKED,
+			"no_cap_ambient_raise_locked");
 	if (bits) {
 		if (!first)
 			printf(",");
@@ -514,7 +527,9 @@ static void parse_securebits(struct privctx *opts, const char *arg)
 				      SECBIT_NO_SETUID_FIXUP |
 				      SECBIT_NO_SETUID_FIXUP_LOCKED |
 				      SECBIT_KEEP_CAPS |
-				      SECBIT_KEEP_CAPS_LOCKED))
+				      SECBIT_KEEP_CAPS_LOCKED |
+				      SECBIT_NO_CAP_AMBIENT_RAISE |
+				      SECBIT_NO_CAP_AMBIENT_RAISE_LOCKED))
 		errx(SETPRIV_EXIT_PRIVERR,
 		     _("unrecognized securebit set -- refusing to adjust"));
 
@@ -543,6 +558,10 @@ static void parse_securebits(struct privctx *opts, const char *arg)
 				     _("adjusting keep_caps does not make sense"));
 			else if (!strcmp(c + 1, "keep_caps_locked"))
 				bit = SECBIT_KEEP_CAPS_LOCKED;	/* sigh */
+			else if (!strcmp(c + 1, "no_cap_ambient_raise"))
+				bit = SECBIT_NO_CAP_AMBIENT_RAISE;
+			else if (!strcmp(c + 1, "no_cap_ambient_raise_locked"))
+				bit = SECBIT_NO_CAP_AMBIENT_RAISE_LOCKED;
 			else
 				errx(EXIT_FAILURE, _("unrecognized securebit"));
author	Andy Lutomirski <luto@kernel.org>	2015-05-14 23:28:09 -0700
committer	Andy Lutomirski <luto@kernel.org>	2015-05-14 23:28:09 -0700
commit	7f5afbd175d236afdb2d00a909c1f69d6e9602d4 (patch)
tree	ddea2e924777b0f73f709a66e0087acdb76195a6
parent	860c73ac1acaaae976bdd3bb83b89b0180f0702a (diff)
download	util-linux-playground-cap_ambient.tar.gz