aboutsummaryrefslogtreecommitdiff
path: root/lib/libcasper/services
Commit message (Collapse)AuthorAgeFilesLines
...
* casper: convert macros to inline functionsMariusz Zaborski2021-01-042-25/+141
| | | | | | | | In libcasper, the first argument to the function is a structure that represents a connection to Casper. On systems without Casper, macros are used to interpose the Casper functions to standard libc ones. This may cause errors/warnings that the variable is not used. With the inline function, there is no such problem.
* cap_net: CAPNET_CONNECT and CAPNET_CONNECTDNS are not mutually exclusiveMariusz Zaborski2021-01-032-5/+46
| | | | | Fix the for the CAPNET_CONNECT and CAPNET_CONNECTDNS. Add test to ensure that this is possible.
* cap_net: allow to use the service without setting the limitsMariusz Zaborski2021-01-032-6/+113
| | | | Add test to ensure that this is possible.
* [libcasper] Update cap_dns API to not trigger unused variable warnings when ↵Adrian Chadd2020-10-131-10/+64
| | | | | | | | | | | | | | | | | | | | disabled When compiling without casper these API calls result in unused variable warnings. Using #defines was lovely in the past but unfortunately it triggers warnings which can cascade into errors. Instead, just inline with some fallthrough functions and keep things happy. Tested: * gcc-6 targeting mips32, with casper disabled Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D26762 Notes: svn path=/head/; revision=366688
* build: provide a default WARNS for all in-tree buildsKyle Evans2020-09-184-8/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | The current default is provided in various Makefile.inc in some top-level directories and covers a good portion of the tree, but doesn't cover parts of the build a little deeper (e.g. libcasper). Provide a default in src.sys.mk and set WARNS to it in bsd.sys.mk if that variable is defined. This lets us relatively cleanly provide a default WARNS no matter where you're building in the src tree without breaking things outside of the tree. Crunchgen has been updated as a bootstrap tool to work on this change because it needs r365605 at a minimum to succeed. The cleanup necessary to successfully walk over this change on WITHOUT_CLEAN builds has been added. There is a supplemental project to this to list all of the warnings that are encountered when the environment has WARNS=6 NO_WERROR=yes: https://warns.kevans.dev -- this project will hopefully eventually go away in favor of CI doing a much better job than it. Reviewed by: emaste, brooks, ngie (all earlier version) Reviewed by: emaste, arichardson (depend-cleanup.sh change) Differential Revision: https://reviews.freebsd.org/D26455 Notes: svn path=/head/; revision=365887
* libcasper: Introduce cap_net a network service for Casper.Mariusz Zaborski2020-08-169-6/+3066
| | | | | | | | Reviewed by: emaste, markj (previous version), bcr (man page) Differential Revision: https://reviews.freebsd.org/D24688 Notes: svn path=/head/; revision=364276
* libcasper(3): Document HISTORY within the manpagesGordon Bergling2020-06-166-6/+36
| | | | | | | | | | Reviewed by: bcr (mentor) Approved by: bcr (mentor) MFC after: 7 days Differential Revision: https://reviews.freebsd.org/D24695 Notes: svn path=/head/; revision=362230
* cap_fileargs: Fix a descriptor leak in the service process.Mark Johnston2020-06-011-5/+5
| | | | | | | | | | | | | | | | | | | | | | | The service handler for fileargs_open() tries to pre-open multiple files and pass descriptors for each back to the sandboxed process in a single message. This is to amortize the cost of round-trips between the two processes. The service process adds a "cache" nvlist to the reply to "open", containing file descriptors for pre-opened files. However, when adding that nvlist to the reply, it was making a copy, effectively leaking the cached descriptors. While here, fix spelling in a local variable name. PR: 241226 Reviewed by: oshogbo MFC after: 3 days Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D25095 Notes: svn path=/head/; revision=361694
* cap_dns.3: fix some orphan .Xr linksAlan Somers2020-04-181-5/+5
| | | | | | | | Reported by: phk MFC after: 2 weeks Notes: svn path=/head/; revision=360079
* libcasper(3): Export functions to C++Conrad Meyer2020-04-076-0/+39
| | | | | | | | | | | | We must wrap C declarations in __BEGIN / __END_DECLS to avoid C++ name-mangling of the declaration when including the C header; name-mangling causes the linker to attempt to locate the wrong (C++ ABI) symbol name. Reviewed by: markj, oshogbo (earlier version both) Differential Revision: https://reviews.freebsd.org/D24323 Notes: svn path=/head/; revision=359696
* libcasper: Constify cap_sysctl_limit_mib() mib parameterConrad Meyer2020-04-063-5/+5
| | | | | | | | | | | No functional change. Minor API change that is nicer for consumers. ABI is identical; the routine never needed to modify the pointed to value. Reviewed by: emaste, markj Differential Revision: https://reviews.freebsd.org/D24319 Notes: svn path=/head/; revision=359674
* Update Makefile.depend filesSimon J. Gerraty2019-12-116-4/+36
| | | | | | | | | | | | | Update a bunch of Makefile.depend files as a result of adding Makefile.depend.options files Reviewed by: bdrewery MFC after: 1 week Sponsored by: Juniper Networks Differential Revision: https://reviews.freebsd.org/D22494 Notes: svn path=/head/; revision=355617
* cap_sysctl: correct typo from r347534-ishKyle Evans2019-10-231-1/+1
| | | | | | | | | | operation & ~limit where limit is a bool is clearly not what was intended, given the line prior. Correct it to use the calculated mask for validation. The cap_sysctl tests should now be functional again. Notes: svn path=/head/; revision=353914
* pkgbase: Move libcap_ to FreeBSD-runtimeEmmanuel Vadot2019-09-056-6/+6
| | | | | | | | | | | A lot of binaries present in FreeBSD-runtime depend on it so move the libs there. Reviewed by: bapt, gjb Differential Revision: https://reviews.freebsd.org/D21501 Notes: svn path=/head/; revision=351853
* cap_filergs: limit size of the file nameMariusz Zaborski2019-08-071-0/+5
| | | | | | | | | | | | | | | The limit of the name in fileargs is twice the size of the MAXPATH. The nvlist will not add an element with the longer name. We can detect at this point that the path is too big, and simple return the same error as open(2) would. PR: 239700 Reported by: markj Tested by: markj MFC after: 2 weeks Notes: svn path=/head/; revision=350695
* fileargs: fix formating in EXAMPLESMariusz Zaborski2019-07-301-1/+1
| | | | | | | | PR: 239523 Submitted by: mikael.urankar@gmail.com Notes: svn path=/head/; revision=350438
* Remove cap_random(3).Mark Johnston2019-07-246-317/+0
| | | | | | | | | | | | | | | | Now that we have a way to obtain entropy in capability mode (getrandom(2)), libcap_random is obsolete. Remove it. Bump __FreeBSD_version in case anything happens to use it, though I've found no consumers. Reviewed by: delphij, emaste, oshogbo Relnotes: yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D21033 Notes: svn path=/head/; revision=350307
* Link fileargs_lstat.3.Mark Johnston2019-07-211-0/+1
| | | | | | | Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=350201
* fileargs: add wrapping/unwrapping functionsMariusz Zaborski2019-06-122-1/+57
| | | | | | | Those function may be useful to pass fileargs connections around. Notes: svn path=/head/; revision=349002
* Extend the libcap_sysctl tests.Mark Johnston2019-05-131-2/+122
| | | | | | | | | | | | | - Add some coverage for cap_sysctl(3). - Add a test for the case where the caller wishes to find the sysctl output length without specifying an output buffer. Reviewed by: oshogbo Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D17856 Notes: svn path=/head/; revision=347536
* Convert the libcap_sysctl test cases to ATF.Mark Johnston2019-05-132-349/+401
| | | | | | | | | Reviewed by: oshogbo Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D17855 Notes: svn path=/head/; revision=347535
* Add cap_sysctl(3) and cap_sysctlnametomib(3).Mark Johnston2019-05-135-738/+1054
| | | | | | | | | | | | | | | | These complement cap_sysctlbyname(3) to provide a drop-in replacement for the corresponding libc functions. Also revise the libcap_sysctl limit interface to provide access to sysctls by MIB, and to avoid direct manipulation of nvlists by the caller. Reviewed by: oshogbo Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D17854 Notes: svn path=/head/; revision=347534
* [casper] fix compilation when casper is disabled.Adrian Chadd2019-04-171-2/+6
| | | | | | | | | | | This triggers an error in gcc-mips 6.4.0 complaining about unused arguments. Tested: * compiled/run on mips32; nothing complained. Notes: svn path=/head/; revision=346322
* cap_fileargs: fix test after r346318Ed Maste2019-04-171-1/+1
| | | | | | | | | | Reported by: danfe, mjg MFC after: 3 weeks MFC with: r346315 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=346321
* cap_fileargs: fix GCC build, don't shadow 'stat'Ed Maste2019-04-171-2/+2
| | | | | | | | | | Reported by: ci.freebsd.org MFC after: 3 weeks MFC with: r346315 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=346318
* cap_fileargs: add fileargs_lstat serviceEd Maste2019-04-173-29/+207
| | | | | | | | | | | | | | | | Add fileargs_lstat function to cap_fileargs casper service to be able to lstat files while in capability mode. It can only lstat files given in fileargs_init. Submitted by: Bora Özarslan <borako.ozarslan@gmail.com> Reviewed by: oshogbo, cem (partial) MFC after: 3 weeks Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D19548 Notes: svn path=/head/; revision=346315
* cap_fileargs.3: typo and markup correctionsEd Maste2019-04-171-6/+6
| | | | | | | | | | Submitted by: Bora Özarslan" <borako.ozarslan@gmail.com> MFC after: 1 week MFC with: r346313 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=346314
* cap_fileargs.3: correct 'filerags' typoEd Maste2019-04-171-3/+3
| | | | | | | | | Submitted by: Bora Özarslan" <borako.ozarslan@gmail.com> MFC after: 1 week Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=346313
* r341692 changed cap_syslog(3) to preserve the stdio descriptors inheritedJason A. Harmening2019-02-061-3/+26
| | | | | | | | | | | | | | | | | | | | from its parent so that LOG_PERROR would work. However, this caused dhclient(8)'s stdio streams to remain open across daemonization, breaking the ability to capture its foreground output as done in netconfig_ipv4. Fix this by reverting r341692 and instead passing the parent's stderr descriptor as an argument to cap_openlog() only when LOG_PERROR is specified in logopt. PR: 234514 Suggested by: markj Reported by: Shawn Webb Reviewed by: markj, oshogbo MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D18989 Notes: svn path=/head/; revision=343827
* Let the cap_syslog capability inherit stdio descriptors.Mark Johnston2018-12-071-1/+1
| | | | | | | | | | | | Otherwise cap_openlog(LOG_PERROR) doesn't work. Reviewed by: oshogbo MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D18457 Notes: svn path=/head/; revision=341692
* libcasper: do not fail if Capsicum is not avilableMariusz Zaborski2018-11-301-1/+1
| | | | | | | | | | Casper service can be also used on the kernels without Capsicum support. Reported by: sbruno Tested by: sbruno Notes: svn path=/head/; revision=341347
* libcasper: provide compatibility with the old version of serviceMariusz Zaborski2018-11-191-5/+11
| | | | | | | | | | Some external tools like tcpdump(1) have upstream the changes with old limits name. Because of that provide compatibility with the old names. Reported by: emaste Notes: svn path=/head/; revision=340638
* Update the names in the LIMITS and EXAMPLES sections after r340363.Mariusz Zaborski2018-11-181-4/+4
| | | | | | | Reported by: markj Notes: svn path=/head/; revision=340564
* Fix typo in the comparison.Mariusz Zaborski2018-11-121-2/+2
| | | | | | | | | This fix build with gcc. Reported by: jenkins Notes: svn path=/head/; revision=340381
* libcasper: introduce cap_fileargs serviceMariusz Zaborski2018-11-125-0/+890
| | | | | | | | | | | | | | | | cap_fileargs is a Casper service which helps to sandbox applications that need access to the filesystem namespace. The main purpose of the service is to make easy to capsicumize applications that works on multiple files passed in argv. We have a couple example of using it but we still treat this service as an experimental one. Reviewed by: emsate (previous version), jonathan (partially) Discussed with: many Differential Revision: https://reviews.freebsd.org/D14407 Notes: svn path=/head/; revision=340373
* libcasper: ange the name of limits in cap_dns so the intentions are obvious.Mariusz Zaborski2018-11-124-52/+52
| | | | | | | | Reported by: pjd MFC after: 3 weeks Notes: svn path=/head/; revision=340363
* libcasper: using explicit_bzero in cap_grp serviceMariusz Zaborski2018-11-041-1/+1
| | | | | | | | | | Please notice that we still don't clean information in nvlist structures. Submitted by: David CARLIER <devnexen@gmail.com> Differential Revision: https://reviews.freebsd.org/D16777 Notes: svn path=/head/; revision=340142
* libcasper: fix limitations in dns serviceMariusz Zaborski2018-11-043-21/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | The getaddrinfo(3) and gethostbyname(3) are used to return the address for a given hostname. The getnameinfo(3) and gethostbyaddr(3) are used to return hostname for a given address. Right now in casper, we have two limitations: - NAME which allows resolving DNS names. - ADDR which allows to do revert DNS lookups. Before this change the rights was mixed up: NAME - getnameinfo(3) and gethostbyname(3) ADDR - gethostbyaddr(3) and getaddrinfo(3) Which no matters on limitation allowed us to resolve DNS names and do DNS lookups basically by using a different set of functions. Now the NAME type allows getaddrinfo(3) and gethostbyname (3)functions, and the ADDR names allow to use gethostbyaddr(3) and getnameinfo(3) functions. Reviewed by: pjd, bcr MFC after: 3 weeks Discussed with: hrs Differential Revision: https://reviews.freebsd.org/D16930 Notes: svn path=/head/; revision=340141
* libcasper: Update example in man page to use cap_getnameinfo function.Mariusz Zaborski2018-11-041-16/+25
| | | | | | | | Reviewed by: hrs Differential Revision: https://reviews.freebsd.org/D16931 Notes: svn path=/head/; revision=340140
* libcasper: Document the cap_getaddrinfo and cap_getnameinfo functionsMariusz Zaborski2018-11-042-4/+21
| | | | | | | | Reviewed by: hrs Differential Revision: https://reviews.freebsd.org/D16929 Notes: svn path=/head/; revision=340139
* [libcasper] Use explicit_bzero instead of memset to clear pwd structMariusz Zaborski2018-06-261-1/+1
| | | | | | | | Submitted by: David Carlier <devnexen@gmail.com> Differential Revision: https://reviews.freebsd.org/D16015 Notes: svn path=/head/; revision=335678
* Fix typo.Mariusz Zaborski2018-06-191-2/+2
| | | | Notes: svn path=/head/; revision=335389
* The gids argument can be declared as const.Mariusz Zaborski2018-03-183-5/+5
| | | | | | | We don't modified it in this function. Notes: svn path=/head/; revision=331146
* Fix reference to man page in Makefile.Mariusz Zaborski2018-03-181-1/+1
| | | | | | | I broke it in r331120. Notes: svn path=/head/; revision=331137
* Fix similar typos to r331124.Mariusz Zaborski2018-03-182-3/+3
| | | | Notes: svn path=/head/; revision=331125
* Fix typo.Mariusz Zaborski2018-03-181-1/+1
| | | | | | | Submitted by: Trond Endrestøl <Trond.Endrestol@ximalas.info> Notes: svn path=/head/; revision=331124
* Document the sysctl Casper service.Mariusz Zaborski2018-03-182-0/+148
| | | | | | | | | PR: 226102 Reviewed by: bcr@ Differential Revision: https://reviews.freebsd.org/D14606 Notes: svn path=/head/; revision=331120
* Document the pwd Casper service.Mariusz Zaborski2018-03-182-0/+250
| | | | | | | | | PR: 226102 Reviewed by: bcr@ Differential Revision: https://reviews.freebsd.org/D14605 Notes: svn path=/head/; revision=331119
* nv was moved to the 9 section.Mariusz Zaborski2018-02-264-11/+11
| | | | | | | Fix reference to it. Notes: svn path=/head/; revision=330031
* Fix typo.Mariusz Zaborski2018-02-261-2/+2
| | | | Notes: svn path=/head/; revision=330025
generated by cgit v1.3 (git 2.53.0) at 2026-04-14 04:11:16 +0000