diff options
author | Denys Vlasenko | 2017-08-21 02:14:19 +0200 |
---|---|---|
committer | Denys Vlasenko | 2017-08-21 02:14:19 +0200 |
commit | 44b3f2ffbc01c0a9fcfb5d60af3e292f505ac67c (patch) | |
tree | f892e9df211798dd5335b6bc363c0afa0effd462 | |
parent | ec2482e966c505d9076cf8581dabc4925c4c8bfe (diff) | |
download | busybox-44b3f2ffbc01c0a9fcfb5d60af3e292f505ac67c.zip busybox-44b3f2ffbc01c0a9fcfb5d60af3e292f505ac67c.tar.gz |
libbb: move capability names code to libbb
function old new delta
cap_name_to_number - 77 +77
parse_cap 117 29 -88
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 0/1 up/down: 77/-88) Total: -11 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r-- | include/libbb.h | 6 | ||||
-rw-r--r-- | libbb/capability.c | 79 | ||||
-rw-r--r-- | util-linux/setpriv.c | 82 |
3 files changed, 90 insertions, 77 deletions
diff --git a/include/libbb.h b/include/libbb.h index 86ad0a0..9535f5f 100644 --- a/include/libbb.h +++ b/include/libbb.h @@ -1473,6 +1473,12 @@ extern void run_shell(const char *shell, int loginshell, const char **args) NORE */ const char *get_shell_name(void) FAST_FUNC; +unsigned cap_name_to_number(const char *cap) FAST_FUNC; +void printf_cap(const char *pfx, unsigned cap_no) FAST_FUNC; + +unsigned cap_name_to_number(const char *name) FAST_FUNC; +void printf_cap(const char *pfx, unsigned cap_no) FAST_FUNC; + #if ENABLE_SELINUX extern void renew_current_security_context(void) FAST_FUNC; extern void set_current_security_context(security_context_t sid) FAST_FUNC; diff --git a/libbb/capability.c b/libbb/capability.c new file mode 100644 index 0000000..692024f --- /dev/null +++ b/libbb/capability.c @@ -0,0 +1,79 @@ +/* + * Copyright (C) 2017 by <assafgordon@gmail.com> + * + * Licensed under GPLv2 or later, see file LICENSE in this source tree. + */ +//kbuild:lib-$(CONFIG_PLATFORM_LINUX) += capability.o + +#include <linux/capability.h> +#include "libbb.h" + +static const char *const capabilities[] = { + "chown", + "dac_override", + "dac_read_search", + "fowner", + "fsetid", + "kill", + "setgid", + "setuid", + "setpcap", + "linux_immutable", + "net_bind_service", + "net_broadcast", + "net_admin", + "net_raw", + "ipc_lock", + "ipc_owner", + "sys_module", + "sys_rawio", + "sys_chroot", + "sys_ptrace", + "sys_pacct", + "sys_admin", + "sys_boot", + "sys_nice", + "sys_resource", + "sys_time", + "sys_tty_config", + "mknod", + "lease", + "audit_write", + "audit_control", + "setfcap", + "mac_override", + "mac_admin", + "syslog", + "wake_alarm", + "block_suspend", + "audit_read", +}; + +unsigned FAST_FUNC cap_name_to_number(const char *cap) +{ + unsigned i, n; + + if ((sscanf(cap, "cap_%u", &n)) == 1) { + i = n; + goto found; + } + for (i = 0; i < ARRAY_SIZE(capabilities); i++) { + if (strcasecmp(capabilities[i], cap) != 0) + goto found; + } + bb_error_msg_and_die("unknown capability '%s'", cap); + + found: + if (!cap_valid(i)) + bb_error_msg_and_die("unknown capability '%s'", cap); + return i; +} + +void FAST_FUNC printf_cap(const char *pfx, unsigned cap_no) +{ + if (cap_no < ARRAY_SIZE(capabilities)) { + printf("%s%s", pfx, capabilities[cap_no]); + return; + } + printf("%scap_%u", pfx, cap_no); +} diff --git a/util-linux/setpriv.c b/util-linux/setpriv.c index c549bca..9f27939 100644 --- a/util-linux/setpriv.c +++ b/util-linux/setpriv.c @@ -5,7 +5,6 @@ * Copyright (C) 2017 by <assafgordon@gmail.com> * * Licensed under GPLv2 or later, see file LICENSE in this source tree. - * */ //config:config SETPRIV //config: bool "setpriv (3.4 kb)" @@ -131,49 +130,6 @@ struct caps { int u32s; }; -# if ENABLE_FEATURE_SETPRIV_CAPABILITY_NAMES -static const char *const capabilities[] = { - "chown", - "dac_override", - "dac_read_search", - "fowner", - "fsetid", - "kill", - "setgid", - "setuid", - "setpcap", - "linux_immutable", - "net_bind_service", - "net_broadcast", - "net_admin", - "net_raw", - "ipc_lock", - "ipc_owner", - "sys_module", - "sys_rawio", - "sys_chroot", - "sys_ptrace", - "sys_pacct", - "sys_admin", - "sys_boot", - "sys_nice", - "sys_resource", - "sys_time", - "sys_tty_config", - "mknod", - "lease", - "audit_write", - "audit_control", - "setfcap", - "mac_override", - "mac_admin", - "syslog", - "wake_alarm", - "block_suspend", - "audit_read", -}; -# endif /* FEATURE_SETPRIV_CAPABILITY_NAMES */ - static void getcaps(struct caps *caps) { static const uint8_t versions[] = { @@ -211,10 +167,8 @@ static void getcaps(struct caps *caps) bb_simple_perror_msg_and_die("capget"); } -static unsigned long parse_cap(const char *cap) +static unsigned parse_cap(const char *cap) { - unsigned long i; - switch (cap[0]) { case '-': break; @@ -226,24 +180,7 @@ static unsigned long parse_cap(const char *cap) } cap++; - if ((sscanf(cap, "cap_%lu", &i)) == 1) { - if (!cap_valid(i)) - bb_error_msg_and_die("unsupported capability '%s'", cap); - return i; - } - -# if ENABLE_FEATURE_SETPRIV_CAPABILITY_NAMES - for (i = 0; i < ARRAY_SIZE(capabilities); i++) { - if (strcasecmp(capabilities[i], cap) != 0) - continue; - - if (!cap_valid(i)) - bb_error_msg_and_die("unsupported capability '%s'", cap); - return i; - } -# endif - - bb_error_msg_and_die("unknown capability '%s'", cap); + return cap_name_to_number(cap); } static void set_inh_caps(char *capstring) @@ -254,7 +191,7 @@ static void set_inh_caps(char *capstring) capstring = strtok(capstring, ","); while (capstring) { - unsigned long cap; + unsigned cap; cap = parse_cap(capstring); if (CAP_TO_INDEX(cap) >= caps.u32s) @@ -280,7 +217,7 @@ static void set_ambient_caps(char *string) cap = strtok(string, ","); while (cap) { - unsigned long index; + unsigned index; index = parse_cap(cap); if (cap[0] == '+') { @@ -296,16 +233,7 @@ static void set_ambient_caps(char *string) #endif /* FEATURE_SETPRIV_CAPABILITIES */ #if ENABLE_FEATURE_SETPRIV_DUMP -# if ENABLE_FEATURE_SETPRIV_CAPABILITY_NAMES -static void printf_cap(const char *pfx, unsigned cap_no) -{ - if (cap_no < ARRAY_SIZE(capabilities)) { - printf("%s%s", pfx, capabilities[cap_no]); - return; - } - printf("%scap_%u", pfx, cap_no); -} -# else +# if !ENABLE_FEATURE_SETPRIV_CAPABILITY_NAMES # define printf_cap(pfx, cap_no) printf("%scap_%u", (pfx), (cap_no)) # endif |