summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Vlasenko2017-08-21 02:14:19 +0200
committerDenys Vlasenko2017-08-21 02:14:19 +0200
commit44b3f2ffbc01c0a9fcfb5d60af3e292f505ac67c (patch)
treef892e9df211798dd5335b6bc363c0afa0effd462
parentec2482e966c505d9076cf8581dabc4925c4c8bfe (diff)
downloadbusybox-44b3f2ffbc01c0a9fcfb5d60af3e292f505ac67c.zip
busybox-44b3f2ffbc01c0a9fcfb5d60af3e292f505ac67c.tar.gz
libbb: move capability names code to libbb
function old new delta cap_name_to_number - 77 +77 parse_cap 117 29 -88 ------------------------------------------------------------------------------ (add/remove: 2/0 grow/shrink: 0/1 up/down: 77/-88) Total: -11 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r--include/libbb.h6
-rw-r--r--libbb/capability.c79
-rw-r--r--util-linux/setpriv.c82
3 files changed, 90 insertions, 77 deletions
diff --git a/include/libbb.h b/include/libbb.h
index 86ad0a0..9535f5f 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -1473,6 +1473,12 @@ extern void run_shell(const char *shell, int loginshell, const char **args) NORE
*/
const char *get_shell_name(void) FAST_FUNC;
+unsigned cap_name_to_number(const char *cap) FAST_FUNC;
+void printf_cap(const char *pfx, unsigned cap_no) FAST_FUNC;
+
+unsigned cap_name_to_number(const char *name) FAST_FUNC;
+void printf_cap(const char *pfx, unsigned cap_no) FAST_FUNC;
+
#if ENABLE_SELINUX
extern void renew_current_security_context(void) FAST_FUNC;
extern void set_current_security_context(security_context_t sid) FAST_FUNC;
diff --git a/libbb/capability.c b/libbb/capability.c
new file mode 100644
index 0000000..692024f
--- /dev/null
+++ b/libbb/capability.c
@@ -0,0 +1,79 @@
+/*
+ * Copyright (C) 2017 by <assafgordon@gmail.com>
+ *
+ * Licensed under GPLv2 or later, see file LICENSE in this source tree.
+ */
+//kbuild:lib-$(CONFIG_PLATFORM_LINUX) += capability.o
+
+#include <linux/capability.h>
+#include "libbb.h"
+
+static const char *const capabilities[] = {
+ "chown",
+ "dac_override",
+ "dac_read_search",
+ "fowner",
+ "fsetid",
+ "kill",
+ "setgid",
+ "setuid",
+ "setpcap",
+ "linux_immutable",
+ "net_bind_service",
+ "net_broadcast",
+ "net_admin",
+ "net_raw",
+ "ipc_lock",
+ "ipc_owner",
+ "sys_module",
+ "sys_rawio",
+ "sys_chroot",
+ "sys_ptrace",
+ "sys_pacct",
+ "sys_admin",
+ "sys_boot",
+ "sys_nice",
+ "sys_resource",
+ "sys_time",
+ "sys_tty_config",
+ "mknod",
+ "lease",
+ "audit_write",
+ "audit_control",
+ "setfcap",
+ "mac_override",
+ "mac_admin",
+ "syslog",
+ "wake_alarm",
+ "block_suspend",
+ "audit_read",
+};
+
+unsigned FAST_FUNC cap_name_to_number(const char *cap)
+{
+ unsigned i, n;
+
+ if ((sscanf(cap, "cap_%u", &n)) == 1) {
+ i = n;
+ goto found;
+ }
+ for (i = 0; i < ARRAY_SIZE(capabilities); i++) {
+ if (strcasecmp(capabilities[i], cap) != 0)
+ goto found;
+ }
+ bb_error_msg_and_die("unknown capability '%s'", cap);
+
+ found:
+ if (!cap_valid(i))
+ bb_error_msg_and_die("unknown capability '%s'", cap);
+ return i;
+}
+
+void FAST_FUNC printf_cap(const char *pfx, unsigned cap_no)
+{
+ if (cap_no < ARRAY_SIZE(capabilities)) {
+ printf("%s%s", pfx, capabilities[cap_no]);
+ return;
+ }
+ printf("%scap_%u", pfx, cap_no);
+}
diff --git a/util-linux/setpriv.c b/util-linux/setpriv.c
index c549bca..9f27939 100644
--- a/util-linux/setpriv.c
+++ b/util-linux/setpriv.c
@@ -5,7 +5,6 @@
* Copyright (C) 2017 by <assafgordon@gmail.com>
*
* Licensed under GPLv2 or later, see file LICENSE in this source tree.
- *
*/
//config:config SETPRIV
//config: bool "setpriv (3.4 kb)"
@@ -131,49 +130,6 @@ struct caps {
int u32s;
};
-# if ENABLE_FEATURE_SETPRIV_CAPABILITY_NAMES
-static const char *const capabilities[] = {
- "chown",
- "dac_override",
- "dac_read_search",
- "fowner",
- "fsetid",
- "kill",
- "setgid",
- "setuid",
- "setpcap",
- "linux_immutable",
- "net_bind_service",
- "net_broadcast",
- "net_admin",
- "net_raw",
- "ipc_lock",
- "ipc_owner",
- "sys_module",
- "sys_rawio",
- "sys_chroot",
- "sys_ptrace",
- "sys_pacct",
- "sys_admin",
- "sys_boot",
- "sys_nice",
- "sys_resource",
- "sys_time",
- "sys_tty_config",
- "mknod",
- "lease",
- "audit_write",
- "audit_control",
- "setfcap",
- "mac_override",
- "mac_admin",
- "syslog",
- "wake_alarm",
- "block_suspend",
- "audit_read",
-};
-# endif /* FEATURE_SETPRIV_CAPABILITY_NAMES */
-
static void getcaps(struct caps *caps)
{
static const uint8_t versions[] = {
@@ -211,10 +167,8 @@ static void getcaps(struct caps *caps)
bb_simple_perror_msg_and_die("capget");
}
-static unsigned long parse_cap(const char *cap)
+static unsigned parse_cap(const char *cap)
{
- unsigned long i;
-
switch (cap[0]) {
case '-':
break;
@@ -226,24 +180,7 @@ static unsigned long parse_cap(const char *cap)
}
cap++;
- if ((sscanf(cap, "cap_%lu", &i)) == 1) {
- if (!cap_valid(i))
- bb_error_msg_and_die("unsupported capability '%s'", cap);
- return i;
- }
-
-# if ENABLE_FEATURE_SETPRIV_CAPABILITY_NAMES
- for (i = 0; i < ARRAY_SIZE(capabilities); i++) {
- if (strcasecmp(capabilities[i], cap) != 0)
- continue;
-
- if (!cap_valid(i))
- bb_error_msg_and_die("unsupported capability '%s'", cap);
- return i;
- }
-# endif
-
- bb_error_msg_and_die("unknown capability '%s'", cap);
+ return cap_name_to_number(cap);
}
static void set_inh_caps(char *capstring)
@@ -254,7 +191,7 @@ static void set_inh_caps(char *capstring)
capstring = strtok(capstring, ",");
while (capstring) {
- unsigned long cap;
+ unsigned cap;
cap = parse_cap(capstring);
if (CAP_TO_INDEX(cap) >= caps.u32s)
@@ -280,7 +217,7 @@ static void set_ambient_caps(char *string)
cap = strtok(string, ",");
while (cap) {
- unsigned long index;
+ unsigned index;
index = parse_cap(cap);
if (cap[0] == '+') {
@@ -296,16 +233,7 @@ static void set_ambient_caps(char *string)
#endif /* FEATURE_SETPRIV_CAPABILITIES */
#if ENABLE_FEATURE_SETPRIV_DUMP
-# if ENABLE_FEATURE_SETPRIV_CAPABILITY_NAMES
-static void printf_cap(const char *pfx, unsigned cap_no)
-{
- if (cap_no < ARRAY_SIZE(capabilities)) {
- printf("%s%s", pfx, capabilities[cap_no]);
- return;
- }
- printf("%scap_%u", pfx, cap_no);
-}
-# else
+# if !ENABLE_FEATURE_SETPRIV_CAPABILITY_NAMES
# define printf_cap(pfx, cap_no) printf("%scap_%u", (pfx), (cap_no))
# endif