1306657Soshogbo/*-
2306657Soshogbo * Copyright (c) 2016 Mariusz Zaborski <oshogbo@FreeBSD.org>
3306657Soshogbo * All rights reserved.
4306657Soshogbo *
5306657Soshogbo * Redistribution and use in source and binary forms, with or without
6306657Soshogbo * modification, are permitted provided that the following conditions
7306657Soshogbo * are met:
8306657Soshogbo * 1. Redistributions of source code must retain the above copyright
9306657Soshogbo *    notice, this list of conditions and the following disclaimer.
10306657Soshogbo * 2. Redistributions in binary form must reproduce the above copyright
11306657Soshogbo *    notice, this list of conditions and the following disclaimer in the
12306657Soshogbo *    documentation and/or other materials provided with the distribution.
13306657Soshogbo *
14306657Soshogbo * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15306657Soshogbo * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16306657Soshogbo * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17306657Soshogbo * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18306657Soshogbo * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19306657Soshogbo * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20306657Soshogbo * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21306657Soshogbo * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22306657Soshogbo * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23306657Soshogbo * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24306657Soshogbo * SUCH DAMAGE.
25306657Soshogbo *
26306657Soshogbo * $FreeBSD: stable/11/lib/libcapsicum/capsicum_helpers.h 332164 2018-04-07 03:51:19Z kevans $
27306657Soshogbo */
28306657Soshogbo
29306657Soshogbo#ifndef _CAPSICUM_HELPERS_H_
30306657Soshogbo#define	_CAPSICUM_HELPERS_H_
31306657Soshogbo
32306657Soshogbo#include <sys/param.h>
33306657Soshogbo#include <sys/capsicum.h>
34332164Skevans#include <sys/ioctl.h>
35306657Soshogbo
36306657Soshogbo#include <errno.h>
37306657Soshogbo#include <nl_types.h>
38306657Soshogbo#include <termios.h>
39306657Soshogbo#include <time.h>
40306657Soshogbo#include <unistd.h>
41306657Soshogbo
42306657Soshogbo#define	CAPH_IGNORE_EBADF	0x0001
43306657Soshogbo#define	CAPH_READ		0x0002
44306657Soshogbo#define	CAPH_WRITE		0x0004
45331434Sian#define	CAPH_LOOKUP		0x0008
46306657Soshogbo
47306657Soshogbostatic __inline int
48306657Soshogbocaph_limit_stream(int fd, int flags)
49306657Soshogbo{
50306657Soshogbo	cap_rights_t rights;
51332164Skevans	unsigned long cmds[] = { TIOCGETA, TIOCGWINSZ, FIODTYPE };
52306657Soshogbo
53331434Sian	cap_rights_init(&rights, CAP_EVENT, CAP_FCNTL, CAP_FSTAT,
54331434Sian	    CAP_IOCTL, CAP_SEEK);
55306657Soshogbo
56306657Soshogbo	if ((flags & CAPH_READ) != 0)
57306657Soshogbo		cap_rights_set(&rights, CAP_READ);
58306657Soshogbo	if ((flags & CAPH_WRITE) != 0)
59306657Soshogbo		cap_rights_set(&rights, CAP_WRITE);
60331434Sian	if ((flags & CAPH_LOOKUP) != 0)
61331434Sian		cap_rights_set(&rights, CAP_LOOKUP);
62306657Soshogbo
63306657Soshogbo	if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) {
64306657Soshogbo		if (errno == EBADF && (flags & CAPH_IGNORE_EBADF) != 0)
65306657Soshogbo			return (0);
66306657Soshogbo		return (-1);
67306657Soshogbo	}
68306657Soshogbo
69306657Soshogbo	if (cap_ioctls_limit(fd, cmds, nitems(cmds)) < 0 && errno != ENOSYS)
70306657Soshogbo		return (-1);
71306657Soshogbo
72306657Soshogbo	if (cap_fcntls_limit(fd, CAP_FCNTL_GETFL) < 0 && errno != ENOSYS)
73306657Soshogbo		return (-1);
74306657Soshogbo
75306657Soshogbo	return (0);
76306657Soshogbo}
77306657Soshogbo
78306657Soshogbostatic __inline int
79306657Soshogbocaph_limit_stdin(void)
80306657Soshogbo{
81306657Soshogbo
82306657Soshogbo	return (caph_limit_stream(STDIN_FILENO, CAPH_READ));
83306657Soshogbo}
84306657Soshogbo
85306657Soshogbostatic __inline int
86306657Soshogbocaph_limit_stderr(void)
87306657Soshogbo{
88306657Soshogbo
89306657Soshogbo	return (caph_limit_stream(STDERR_FILENO, CAPH_WRITE));
90306657Soshogbo}
91306657Soshogbo
92306657Soshogbostatic __inline int
93306657Soshogbocaph_limit_stdout(void)
94306657Soshogbo{
95306657Soshogbo
96306657Soshogbo	return (caph_limit_stream(STDOUT_FILENO, CAPH_WRITE));
97306657Soshogbo}
98306657Soshogbo
99306657Soshogbostatic __inline int
100306657Soshogbocaph_limit_stdio(void)
101306657Soshogbo{
102331434Sian	const int iebadf = CAPH_IGNORE_EBADF;
103306657Soshogbo
104331434Sian	if (caph_limit_stream(STDIN_FILENO, CAPH_READ | iebadf) == -1 ||
105331434Sian	    caph_limit_stream(STDOUT_FILENO, CAPH_WRITE | iebadf) == -1 ||
106331434Sian	    caph_limit_stream(STDERR_FILENO, CAPH_WRITE | iebadf) == -1)
107306657Soshogbo		return (-1);
108306657Soshogbo	return (0);
109306657Soshogbo}
110306657Soshogbo
111306657Soshogbostatic __inline void
112306657Soshogbocaph_cache_tzdata(void)
113306657Soshogbo{
114306657Soshogbo
115306657Soshogbo	tzset();
116306657Soshogbo}
117306657Soshogbo
118306657Soshogbostatic __inline void
119306657Soshogbocaph_cache_catpages(void)
120306657Soshogbo{
121306657Soshogbo
122306657Soshogbo	(void)catopen("libc", NL_CAT_LOCALE);
123306657Soshogbo}
124306657Soshogbo
125306657Soshogbo#endif /* _CAPSICUM_HELPERS_H_ */
126