bsdcapsicum.rb/lib/bsd/capsicum/ffi.rb

# frozen_string_literal: true

module BSD::Capsicum
  module FFI
    require "fiddle"
    require "fiddle/import"
    include Fiddle::Types
    include Constants
    extend Fiddle::Importer
    dlload Dir["/lib/libc.*"].first

    extern "int cap_getmode(u_int*)"
    extern "int cap_enter(void)"
    extern "int cap_rights_limit(int, const cap_rights_t*)"
    extern "cap_rights_t* __cap_rights_init(int version, cap_rights_t*, ...)"

    module_function

    ##
    # Provides a Ruby interface for cap_enter(2)
    # @return [Integer]
    def cap_enter
      self["cap_enter"].call
    end

    ##
    # Provides a Ruby interface for cap_getmode(2)
    # @param [Fiddle::Pointer] uintp
    # @return [Integer]
    def cap_getmode(uintp)
      self["cap_getmode"].call(uintp)
    end

    ##
    # Provides a Ruby interface for cap_rights_limit(2)
    # @param [Integer] fd
    # @param [Fiddle::Pointer] rightsp
    # @return [Integer]
    def cap_rights_limit(fd, rightsp)
      self["cap_rights_limit"].call(fd, rightsp)
    end

    ##
    # Provides a Ruby interface for cap_rights_init(2)
    # @see BSD::Capsicum::Constants See Constants for a full list of capabilities
    # @param [Fiddle::Pointer] rightsp
    #  A pointer to initialize the `cap_rights_t` structure
    # @param [Array<Symbol, Integer>] capabilities
    #  An allowed set of capabilities
    # @return [Fiddle::Pointer]
    #  Returns a pointer to the structure `cap_rights_t`
    def cap_rights_init(rightsp, *capabilities)
      self["__cap_rights_init"].call(
        CAP_RIGHTS_VERSION,
        rightsp,
        *capabilities.flat_map { |cap|
          [ULONG_LONG, cap_all.include?(cap) ? Constants.const_get(cap) : cap]
        }
      )
    end

    ##
    # @api private
    # @return [Array<Symbol>]
    #  Returns all known capabilities
    def cap_all
      @cap_all ||= Constants.constants.select { _1.to_s.start_with?("CAP_") }
    end
  end
  private_constant :FFI
end
Run 'bundle exec rubocop -A' 2024-06-27 06:01:24 +02:00			`# frozen_string_literal: true`

bsdcapsicum.rb is born :) 2024-06-25 08:25:53 +02:00			`module BSD::Capsicum`
Rename LibC as FFI 2024-06-25 09:37:54 +02:00			`module FFI`
bsdcapsicum.rb is born :) 2024-06-25 08:25:53 +02:00			`require "fiddle"`
Migrate to Fiddle::Importer 2024-07-12 09:41:46 +02:00			`require "fiddle/import"`
Add cap_all 2024-07-12 10:18:07 +02:00			`include Fiddle::Types`
			`include Constants`
Migrate to Fiddle::Importer 2024-07-12 09:41:46 +02:00			`extend Fiddle::Importer`
			`dlload Dir["/lib/libc.*"].first`

			`extern "int cap_getmode(u_int*)"`
			`extern "int cap_enter(void)"`
			`extern "int cap_rights_limit(int, const cap_rights_t*)"`
			`extern "cap_rights_t* __cap_rights_init(int version, cap_rights_t*, ...)"`
Add CAP_RIGHTS_VERSION 2024-06-25 17:17:23 +02:00
bsdcapsicum.rb is born :) 2024-06-25 08:25:53 +02:00			`module_function`

			`##`
			`# Provides a Ruby interface for cap_enter(2)`
			`# @return [Integer]`
			`def cap_enter`
Migrate to Fiddle::Importer 2024-07-12 09:41:46 +02:00			`self["cap_enter"].call`
bsdcapsicum.rb is born :) 2024-06-25 08:25:53 +02:00			`end`

			`##`
			`# Provides a Ruby interface for cap_getmode(2)`
			`# @param [Fiddle::Pointer] uintp`
			`# @return [Integer]`
			`def cap_getmode(uintp)`
Migrate to Fiddle::Importer 2024-07-12 09:41:46 +02:00			`self["cap_getmode"].call(uintp)`
bsdcapsicum.rb is born :) 2024-06-25 08:25:53 +02:00			`end`

Add BSD::Capsicum.set_rights! 2024-06-25 15:39:04 +02:00			`##`
			`# Provides a Ruby interface for cap_rights_limit(2)`
			`# @param [Integer] fd`
Rename locals 2024-07-12 10:21:47 +02:00			`# @param [Fiddle::Pointer] rightsp`
Add BSD::Capsicum.set_rights! 2024-06-25 15:39:04 +02:00			`# @return [Integer]`
Rename locals 2024-07-12 10:21:47 +02:00			`def cap_rights_limit(fd, rightsp)`
			`self["cap_rights_limit"].call(fd, rightsp)`
Add BSD::Capsicum.set_rights! 2024-06-25 15:39:04 +02:00			`end`

			`##`
			`# Provides a Ruby interface for cap_rights_init(2)`
Add docs 2024-07-12 08:58:34 +02:00			`# @see BSD::Capsicum::Constants See Constants for a full list of capabilities`
Rename locals 2024-07-12 10:21:47 +02:00			`# @param [Fiddle::Pointer] rightsp`
Add improvements 2024-07-12 09:19:26 +02:00			# A pointer to initialize the `cap_rights_t` structure
Fix type signature in docs 2024-07-12 10:24:38 +02:00			`# @param [Array<Symbol, Integer>] capabilities`
Add improvements 2024-07-12 09:19:26 +02:00			`# An allowed set of capabilities`
Add BSD::Capsicum.set_rights! 2024-06-25 15:39:04 +02:00			`# @return [Fiddle::Pointer]`
Add docs 2024-07-12 08:54:34 +02:00			# Returns a pointer to the structure `cap_rights_t`
Rename locals 2024-07-12 10:21:47 +02:00			`def cap_rights_init(rightsp, *capabilities)`
Migrate to Fiddle::Importer 2024-07-12 09:41:46 +02:00			`self["__cap_rights_init"].call(`
			`CAP_RIGHTS_VERSION,`
Rename locals 2024-07-12 10:21:47 +02:00			`rightsp,`
Add cap_all 2024-07-12 10:18:07 +02:00			`*capabilities.flat_map { \|cap\|`
			`[ULONG_LONG, cap_all.include?(cap) ? Constants.const_get(cap) : cap]`
Migrate to Fiddle::Importer 2024-07-12 09:41:46 +02:00			`}`
			`)`
bsdcapsicum.rb is born :) 2024-06-25 08:25:53 +02:00			`end`
Add cap_all 2024-07-12 10:18:07 +02:00
			`##`
			`# @api private`
			`# @return [Array<Symbol>]`
			`# Returns all known capabilities`
			`def cap_all`
			`@cap_all \|\|= Constants.constants.select { _1.to_s.start_with?("CAP_") }`
			`end`
bsdcapsicum.rb is born :) 2024-06-25 08:25:53 +02:00			`end`
Discourage direct use of FFI by making it a private constant 2024-06-25 20:37:43 +02:00			`private_constant :FFI`
bsdcapsicum.rb is born :) 2024-06-25 08:25:53 +02:00			`end`