/freebsd-11-stable/sys/kern/ |
H A D | subr_capability.c | 3 * All rights reserved. 74 cap_rights_vset(cap_rights_t *rights, va_list ap) argument 79 assert(CAPVER(rights) == CAP_RIGHTS_VERSION_00); 81 n = CAPARSIZE(rights); 92 assert(CAPIDXBIT(rights->cr_rights[i]) == CAPIDXBIT(right)); 93 rights->cr_rights[i] |= right; 94 assert(CAPIDXBIT(rights->cr_rights[i]) == CAPIDXBIT(right)); 99 cap_rights_vclear(cap_rights_t *rights, va_list ap) argument 104 assert(CAPVER(rights) == CAP_RIGHTS_VERSION_00); 106 n = CAPARSIZE(rights); 124 cap_rights_is_vset(const cap_rights_t *rights, va_list ap) argument 151 __cap_rights_init(int version, cap_rights_t *rights, ...) argument 169 __cap_rights_set(cap_rights_t *rights, ...) argument 183 __cap_rights_clear(cap_rights_t *rights, ...) argument 197 __cap_rights_is_set(const cap_rights_t *rights, ...) argument 212 cap_rights_is_valid(const cap_rights_t *rights) argument [all...] |
H A D | sys_capability.c | 5 * All rights reserved. 47 * rights mask set when the capability is created. New capabilities may be 49 * strict subset of the rights on the original capability. 169 * Test whether a capability grants the requested rights. 179 * Convert capability rights into VM access flags. 198 * Extract rights from a capability for monitoring purposes -- not for use in 218 kern_cap_rights_limit(struct thread *td, int fd, cap_rights_t *rights) argument 229 error = _cap_check(cap_rights(fdp, fd), rights, CAPFAIL_INCREASE); 231 fdp->fd_ofiles[fd].fde_rights = *rights; 232 if (!cap_rights_is_set(rights, CAP_IOCT 250 cap_rights_t rights; local 294 cap_rights_t rights; local 565 uint32_t rights; local [all...] |
/freebsd-11-stable/crypto/openssh/ |
H A D | sandbox-capsicum.c | 42 * limits rights on stdout, stdin, stderr, monitor and switches to 72 cap_rights_t rights; local 88 cap_rights_init(&rights); 90 if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno != ENOSYS) 92 if (cap_rights_limit(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS) 94 if (cap_rights_limit(STDERR_FILENO, &rights) < 0 && errno != ENOSYS) 97 cap_rights_init(&rights, CAP_READ, CAP_WRITE); 98 if (cap_rights_limit(box->monitor->m_recvfd, &rights) < 0 && 101 cap_rights_init(&rights, CAP_WRITE); 102 if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) < [all...] |
/freebsd-11-stable/lib/libcapsicum/ |
H A D | capsicum_helpers.h | 3 * All rights reserved. 50 cap_rights_t rights; local 53 cap_rights_init(&rights, CAP_EVENT, CAP_FCNTL, CAP_FSTAT, 57 cap_rights_set(&rights, CAP_READ); 59 cap_rights_set(&rights, CAP_WRITE); 61 cap_rights_set(&rights, CAP_LOOKUP); 63 if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) {
|
/freebsd-11-stable/tools/regression/security/cap_test/ |
H A D | cap_test.h | 4 * All rights reserved. 111 /* Ensure that 'rights' are a subset of 'max'. */ 112 #define CHECK_RIGHTS(rights, max) do { \ 113 if ((success == PASSED) && (rights != max)) \ 115 (cap_rights_t) rights, (cap_rights_t) max); \ 119 #define MAKE_CAPABILITY(to, from, rights) do { \ 121 REQUIRE(to = cap_new(from, rights)); \ 123 if ((success == PASSED) && (_rights != (rights))) \ 124 FAILX("New capability's rights (%jx) != %jx", \ 125 _rights, (cap_rights_t) (rights)); \ [all...] |
H A D | cap_test_relative.c | 4 * All rights reserved. 61 cap_rights_t rights; local 64 CHECK_SYSCALL_SUCCEEDS(cap_getrights, etc, &rights); 65 CHECK_RIGHTS(rights, CAP_ALL); 103 CHECK_SYSCALL_SUCCEEDS(cap_getrights, etc_cap_base, &rights); 106 CHECK_SYSCALL_SUCCEEDS(cap_getrights, fd, &rights); 107 CHECK_RIGHTS(rights, baserights); 142 CHECK_SYSCALL_SUCCEEDS(cap_getrights, fd, &rights); 148 CHECK_SYSCALL_SUCCEEDS(cap_getrights, fd, &rights); 149 CHECK_RIGHTS(rights, baseright [all...] |
H A D | cap_test_fcntl.c | 4 * All rights reserved. 67 cap_rights_t rights = CAP_READ | CAP_FCNTL; local 82 { "file cap", cap_new(files[0].f_fd, rights) }, 83 { "socket cap", cap_new(files[1].f_fd, rights) }, 84 { "SHM cap", cap_new(files[2].f_fd, rights) },
|
H A D | cap_test_capabilities.c | 5 * All rights reserved. 59 FAIL("%s:\t%s (rights 0x%jx)", #syscall, message, rights) 62 * Ensure that, if the capability had enough rights for the system call to 67 if ((rights & (rights_needed)) == (rights_needed)) { \ 77 " (rights 0x%jx)", #syscall, \ 78 (uintmax_t)rights); \ 90 if ((rights & (rights_needed)) == (rights_needed)) { \ 101 " (rights 0x%jx)", "mmap", rights); \ 114 try_file_ops(int filefd, int dirfd, cap_rights_t rights) argument [all...] |
/freebsd-11-stable/sys/sys/ |
H A D | capsicum.h | 4 * All rights reserved. 56 * Possible rights on capabilities. 239 /* Strange and powerful rights that should not be given lightly. */ 288 #define CAP_ALL(rights) do { \ 289 (rights)->cr_rights[0] = \ 291 (rights)->cr_rights[1] = CAP_ALL1; \ 294 #define CAP_NONE(rights) do { \ 295 (rights)->cr_rights[0] = \ 297 (rights)->cr_rights[1] = CAPRIGHT(1, 0ULL); \ 301 #define CAPVER(rights) CAPRVE [all...] |
/freebsd-11-stable/sys/cddl/compat/opensolaris/sys/ |
H A D | file.h | 3 * All rights reserved. 55 cap_rights_t rights; local 57 /* No CAP_ rights required, as we're only releasing. */ 58 if (fget(curthread, fd, cap_rights_init(&rights), &fp) == 0) {
|
/freebsd-11-stable/usr.bin/tee/ |
H A D | tee.c | 3 * The Regents of the University of California. All rights reserved. 33 The Regents of the University of California. All rights reserved.\n"; 76 cap_rights_t rights; local 99 cap_rights_init(&rights, CAP_READ, CAP_FSTAT); 100 if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno != ENOSYS) 101 err(EXIT_FAILURE, "unable to limit rights for stdin"); 102 cap_rights_init(&rights, CAP_WRITE, CAP_FSTAT, CAP_IOCTL); 103 if (cap_rights_limit(STDERR_FILENO, &rights) < 0 && errno != ENOSYS) 104 err(EXIT_FAILURE, "unable to limit rights for stderr"); 150 cap_rights_t rights; local [all...] |
/freebsd-11-stable/sys/compat/linuxkpi/common/include/linux/ |
H A D | file.h | 6 * All rights reserved. 53 cap_rights_t rights; local 58 cap_rights_init(&rights), &file, NULL) != 0) 91 cap_rights_t rights; local 95 cap_rights_init(&rights), &file, NULL) != 0) { 112 cap_rights_t rights; local 116 cap_rights_init(&rights), &file, NULL) != 0) {
|
/freebsd-11-stable/contrib/subversion/subversion/libsvn_repos/ |
H A D | authz.c | 50 /*** Access rights. ***/ 52 /* This structure describes the access rights given to a specific user by 68 /* Access rights of the respective user as defined by the rule set. */ 69 authz_access_t rights; 76 /* Convenience structure combining the node-local access rights with the 77 * min and max rights granted within the sub-tree. */ 86 /* Minimal access rights that the user has on this or any other node in 87 * the sub-tree. This does not take inherited rights into account. */ 90 /* Maximal access rights that the user has on this or any other node in 91 * the sub-tree. This does not take inherited rights int 67 authz_access_t rights; member in struct:path_access_t 96 has_local_rule(const limited_rights_t *rights) argument 104 combine_access(limited_rights_t *target, const limited_rights_t *rights) argument 115 combine_right_limits(limited_rights_t *target, const limited_rights_t *rights) argument 274 limited_rights_t rights; member in struct:node_t 445 limited_rights_t rights; local 995 limited_rights_t rights; member in struct:lookup_state_t [all...] |
H A D | authz_info.c | 70 /* Get the access rights for all authenticated users. */ 74 /* Scan the ACEs in the ACL and merge the access rights. */ 96 * minimal rights and join the maximum rights. 109 * to the actual accumulated rights defined for that repository. 110 * Return TRUE if these rights were defined explicitly. 119 /* Return the accumulated rights that are not repository-specific. */ 125 /* Check if we have explicit rights for this repository. */ local 126 const authz_rights_t *const rights = 129 if (rights) [all...] |
/freebsd-11-stable/sys/compat/cloudabi/ |
H A D | cloudabi_fd.c | 46 /* Translation between CloudABI and Capsicum rights. */ 241 /* Removes rights that conflict with the file descriptor type. */ 248 * CloudABI has a small number of additional rights bits to 253 * replaced by rights bits, CloudABI distinguishes between 254 * rights that apply to the file descriptor itself (base) versus 255 * rights of new file descriptors derived from them 360 /* Converts FreeBSD's Capsicum rights to CloudABI's set of rights. */ 366 cloudabi_rights_t rights; local 369 rights 390 cap_rights_t rights; local 452 cap_rights_t rights; local [all...] |
/freebsd-11-stable/usr.sbin/bhyve/ |
H A D | consport.c | 5 * All rights reserved. 116 cap_rights_t rights; local 139 cap_rights_init(&rights, CAP_EVENT, CAP_IOCTL, CAP_READ, 141 if (cap_rights_limit(STDIN_FILENO, &rights) == -1 && 143 errx(EX_OSERR, "Unable to apply rights for sandbox"); 146 errx(EX_OSERR, "Unable to apply rights for sandbox");
|
H A D | dbgport.c | 5 * All rights reserved. 136 cap_rights_t rights; local 169 cap_rights_init(&rights, CAP_ACCEPT, CAP_READ, CAP_WRITE); 170 if (cap_rights_limit(listen_fd, &rights) == -1 && errno != ENOSYS) 171 errx(EX_OSERR, "Unable to apply rights for sandbox");
|
H A D | pci_virtio_rnd.c | 5 * All rights reserved. 150 cap_rights_t rights; local 161 cap_rights_init(&rights, CAP_READ); 162 if (cap_rights_limit(fd, &rights) == -1 && errno != ENOSYS) 163 errx(EX_OSERR, "Unable to apply rights for sandbox");
|
/freebsd-11-stable/sys/dev/aac/ |
H A D | aac_linux.c | 3 * All rights reserved. 78 cap_rights_t rights; local 83 error = fget(td, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
|
/freebsd-11-stable/sys/dev/aacraid/ |
H A D | aacraid_linux.c | 5 * All rights reserved. 84 cap_rights_t rights; local 91 cap_rights_init(&rights, CAP_IOCTL),
|
/freebsd-11-stable/sys/dev/amr/ |
H A D | amr_linux.c | 3 * All rights reserved. 75 cap_rights_t rights; local 79 error = fget(p, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
|
/freebsd-11-stable/sys/dev/tdfx/ |
H A D | tdfx_linux.c | 3 * All rights reserved. 48 cap_rights_t rights; local 58 error = fget(td, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
|
/freebsd-11-stable/usr.bin/uniq/ |
H A D | uniq.c | 3 * The Regents of the University of California. All rights reserved. 36 The Regents of the University of California. All rights reserved.\n"; 108 cap_rights_t rights; local 154 cap_rights_init(&rights, CAP_FSTAT, CAP_READ); 155 if (cap_rights_limit(fileno(ifp), &rights) < 0 && errno != ENOSYS) 156 err(1, "unable to limit rights for %s", ifn); 157 cap_rights_init(&rights, CAP_FSTAT, CAP_WRITE); 161 cap_rights_set(&rights, CAP_IOCTL); 162 if (cap_rights_limit(fileno(ofp), &rights) < 0 && errno != ENOSYS) { 163 err(1, "unable to limit rights fo [all...] |
/freebsd-11-stable/tests/sys/capsicum/ |
H A D | ioctls_test.c | 69 cap_rights_t rights; local 93 cap_rights_init(&rights, CAP_ACCEPT, CAP_IOCTL); 94 ATF_REQUIRE(cap_rights_limit(s[0], &rights) == 0);
|
/freebsd-11-stable/sys/dev/mfi/ |
H A D | mfi_linux.c | 3 * All rights reserved. 87 cap_rights_t rights; local 101 error = fget(p, args->fd, cap_rights_init(&rights, CAP_IOCTL), &fp);
|