2024-06-27 06:01:24 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2024-06-25 08:25:53 +02:00
|
|
|
module BSD::Capsicum
|
2024-06-25 09:37:54 +02:00
|
|
|
module FFI
|
2024-06-25 08:25:53 +02:00
|
|
|
require "fiddle"
|
2024-06-25 15:39:04 +02:00
|
|
|
include Fiddle::Types
|
2024-06-25 17:17:23 +02:00
|
|
|
include Constants
|
|
|
|
|
|
2024-06-25 08:25:53 +02:00
|
|
|
module_function
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
# Provides a Ruby interface for cap_enter(2)
|
|
|
|
|
# @return [Integer]
|
|
|
|
|
def cap_enter
|
|
|
|
|
Fiddle::Function.new(
|
|
|
|
|
libc["cap_enter"],
|
|
|
|
|
[],
|
2024-06-25 15:39:04 +02:00
|
|
|
INT
|
2024-06-25 08:25:53 +02:00
|
|
|
).call
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
# Provides a Ruby interface for cap_getmode(2)
|
|
|
|
|
# @param [Fiddle::Pointer] uintp
|
|
|
|
|
# @return [Integer]
|
|
|
|
|
def cap_getmode(uintp)
|
|
|
|
|
Fiddle::Function.new(
|
|
|
|
|
libc["cap_getmode"],
|
2024-06-25 15:39:04 +02:00
|
|
|
[INTPTR_T],
|
|
|
|
|
INT
|
2024-06-25 08:25:53 +02:00
|
|
|
).call(uintp)
|
|
|
|
|
end
|
|
|
|
|
|
2024-06-25 15:39:04 +02:00
|
|
|
##
|
|
|
|
|
# Provides a Ruby interface for cap_rights_limit(2)
|
|
|
|
|
# @param [Integer] fd
|
|
|
|
|
# @param [Fiddle::Pointer] rights
|
|
|
|
|
# @return [Integer]
|
|
|
|
|
def cap_rights_limit(fd, rights)
|
|
|
|
|
Fiddle::Function.new(
|
|
|
|
|
libc["cap_rights_limit"],
|
|
|
|
|
[INT, VOIDP],
|
|
|
|
|
INT
|
|
|
|
|
).call(fd, rights)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
# Provides a Ruby interface for cap_rights_init(2)
|
2024-07-12 08:58:34 +02:00
|
|
|
# @see BSD::Capsicum::Constants See Constants for a full list of capabilities
|
2024-07-12 09:19:26 +02:00
|
|
|
# @param [Fiddle::Pointer] rights
|
|
|
|
|
# A pointer to initialize the `cap_rights_t` structure
|
|
|
|
|
# @param [Array<Integer>] capabilities
|
|
|
|
|
# An allowed set of capabilities
|
2024-06-25 15:39:04 +02:00
|
|
|
# @return [Fiddle::Pointer]
|
2024-07-12 08:54:34 +02:00
|
|
|
# Returns a pointer to the structure `cap_rights_t`
|
2024-07-12 09:19:26 +02:00
|
|
|
def cap_rights_init(rights, *capabilities)
|
2024-06-25 15:39:04 +02:00
|
|
|
Fiddle::Function.new(
|
|
|
|
|
libc["__cap_rights_init"],
|
|
|
|
|
[INT, VOIDP, VARIADIC],
|
|
|
|
|
VOIDP
|
2024-07-12 09:26:53 +02:00
|
|
|
).call(
|
|
|
|
|
CAP_RIGHTS_VERSION, rights,
|
|
|
|
|
*capabilities.flat_map {
|
|
|
|
|
[ULONG_LONG, (Symbol === _1) ? Constants.const_get(_1) : _1]
|
|
|
|
|
})
|
2024-06-25 15:39:04 +02:00
|
|
|
end
|
|
|
|
|
|
2024-06-25 08:25:53 +02:00
|
|
|
##
|
|
|
|
|
# @api private
|
|
|
|
|
def libc
|
|
|
|
|
@libc ||= Fiddle.dlopen Dir["/lib/libc.*"].first
|
|
|
|
|
end
|
|
|
|
|
end
|
2024-06-25 20:37:43 +02:00
|
|
|
private_constant :FFI
|
2024-06-25 08:25:53 +02:00
|
|
|
end
|
