diff options
| author | Andrew G. Morgan <morgan@kernel.org> | 2019-11-30 18:33:42 -0800 |
|---|---|---|
| committer | Andrew G. Morgan <morgan@kernel.org> | 2019-12-06 23:06:47 -0800 |
| commit | b2b267ef1c83f1f3d3105a4bb84f8bebbc130dec (patch) | |
| tree | d0be8e0daca097a3911006b9eb85fcf4d2607182 /libcap/include/sys | |
| parent | e9f55d90e482f680504487be6b3afb80865691d6 (diff) | |
| download | libcap2-b2b267ef1c83f1f3d3105a4bb84f8bebbc130dec.tar.gz | |
Add support to libcap for overriding system call functions.
Note, this override only supports the system calls that
libcap uses to change kernel state associated with the
current process. This is primarily intended to permit the
user to use libpsx to force all pthreads to mirror capability
and other security relevant state.
Use a weak function definition feature of libpsx share_psx_syscall()
to transparently arrange for libcap to so force itself to use the
psx_syscall() abstraction when linked against -lpsx. This has the
effect of using linker magic to make libcap transparently observe
POSIX semantics for security state setting operations. That is, when
linked as follows:
gcc .... -lcap -lpsx -lpthread -Wl,-wrap,pthread_create
all pthreads maintain a common security state with respect to the
libcap API.
This also adds full capability setting support to the Go package
libcap/cap via a libcap/psx package which uses cgo+libpsx syscalls
that share capabilities over all pthreads including those of the
Go runtime.
Finally, if Go supports syscall.PosixSyscall() etc. then provide
a non-psx mechanism for libcap/cap to "just work" in all Go code.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
Diffstat (limited to 'libcap/include/sys')
| -rw-r--r-- | libcap/include/sys/capability.h | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/libcap/include/sys/capability.h b/libcap/include/sys/capability.h index 0be6e64..4bfc7e5 100644 --- a/libcap/include/sys/capability.h +++ b/libcap/include/sys/capability.h @@ -2,7 +2,7 @@ * <sys/capability.h> * * Copyright (C) 1997 Aleph One - * Copyright (C) 1997-8,2008 Andrew G. Morgan <morgan@kernel.org> + * Copyright (C) 1997-8,2008,2019 Andrew G. Morgan <morgan@kernel.org> * * defunct POSIX.1e Standard: 25.2 Capabilities <sys/capability.h> */ @@ -115,7 +115,18 @@ extern char * cap_to_name(cap_value_t); #define CAP_DIFFERS(result, flag) (((result) & (1 << (flag))) != 0) extern int cap_compare(cap_t, cap_t); -/* system calls - look to libc for function to system call mapping */ +/* libcap/cap_proc.c */ +extern void cap_set_syscall(long int (*new_syscall)(long int, + long int, long int, long int), + long int (*new_syscall6)(long int, + long int, long int, long int, + long int, long int, long int)); + +/* + * system calls - look to libc for function to system call + * mapping. Note, libcap does not use capset directly, but permits the + * cap_set_syscall() to redirect the system call function. + */ extern int capget(cap_user_header_t header, cap_user_data_t data); extern int capset(cap_user_header_t header, const cap_user_data_t data); |