1*cf84ac9aSAndroid Build Coastguard Worker /*
2*cf84ac9aSAndroid Build Coastguard Worker * Copyright (c) 2000 Wichert Akkerman <[email protected]>
3*cf84ac9aSAndroid Build Coastguard Worker * Copyright (c) 2011 Denys Vlasenko <[email protected]>
4*cf84ac9aSAndroid Build Coastguard Worker * Copyright (c) 2005-2015 Dmitry V. Levin <[email protected]>
5*cf84ac9aSAndroid Build Coastguard Worker * Copyright (c) 2014-2017 The strace developers.
6*cf84ac9aSAndroid Build Coastguard Worker * All rights reserved.
7*cf84ac9aSAndroid Build Coastguard Worker *
8*cf84ac9aSAndroid Build Coastguard Worker * Redistribution and use in source and binary forms, with or without
9*cf84ac9aSAndroid Build Coastguard Worker * modification, are permitted provided that the following conditions
10*cf84ac9aSAndroid Build Coastguard Worker * are met:
11*cf84ac9aSAndroid Build Coastguard Worker * 1. Redistributions of source code must retain the above copyright
12*cf84ac9aSAndroid Build Coastguard Worker * notice, this list of conditions and the following disclaimer.
13*cf84ac9aSAndroid Build Coastguard Worker * 2. Redistributions in binary form must reproduce the above copyright
14*cf84ac9aSAndroid Build Coastguard Worker * notice, this list of conditions and the following disclaimer in the
15*cf84ac9aSAndroid Build Coastguard Worker * documentation and/or other materials provided with the distribution.
16*cf84ac9aSAndroid Build Coastguard Worker * 3. The name of the author may not be used to endorse or promote products
17*cf84ac9aSAndroid Build Coastguard Worker * derived from this software without specific prior written permission.
18*cf84ac9aSAndroid Build Coastguard Worker *
19*cf84ac9aSAndroid Build Coastguard Worker * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20*cf84ac9aSAndroid Build Coastguard Worker * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21*cf84ac9aSAndroid Build Coastguard Worker * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22*cf84ac9aSAndroid Build Coastguard Worker * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23*cf84ac9aSAndroid Build Coastguard Worker * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24*cf84ac9aSAndroid Build Coastguard Worker * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25*cf84ac9aSAndroid Build Coastguard Worker * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26*cf84ac9aSAndroid Build Coastguard Worker * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27*cf84ac9aSAndroid Build Coastguard Worker * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28*cf84ac9aSAndroid Build Coastguard Worker * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29*cf84ac9aSAndroid Build Coastguard Worker */
30*cf84ac9aSAndroid Build Coastguard Worker
31*cf84ac9aSAndroid Build Coastguard Worker #include "defs.h"
32*cf84ac9aSAndroid Build Coastguard Worker
33*cf84ac9aSAndroid Build Coastguard Worker /* these constants are the same as in <linux/capability.h> */
34*cf84ac9aSAndroid Build Coastguard Worker enum {
35*cf84ac9aSAndroid Build Coastguard Worker #include "caps0.h"
36*cf84ac9aSAndroid Build Coastguard Worker };
37*cf84ac9aSAndroid Build Coastguard Worker
38*cf84ac9aSAndroid Build Coastguard Worker #include "xlat/cap_mask0.h"
39*cf84ac9aSAndroid Build Coastguard Worker
40*cf84ac9aSAndroid Build Coastguard Worker /* these constants are CAP_TO_INDEX'ed constants from <linux/capability.h> */
41*cf84ac9aSAndroid Build Coastguard Worker enum {
42*cf84ac9aSAndroid Build Coastguard Worker #include "caps1.h"
43*cf84ac9aSAndroid Build Coastguard Worker };
44*cf84ac9aSAndroid Build Coastguard Worker
45*cf84ac9aSAndroid Build Coastguard Worker #include "xlat/cap_mask1.h"
46*cf84ac9aSAndroid Build Coastguard Worker
47*cf84ac9aSAndroid Build Coastguard Worker /* these constants are the same as in <linux/capability.h> */
48*cf84ac9aSAndroid Build Coastguard Worker enum {
49*cf84ac9aSAndroid Build Coastguard Worker _LINUX_CAPABILITY_VERSION_1 = 0x19980330,
50*cf84ac9aSAndroid Build Coastguard Worker _LINUX_CAPABILITY_VERSION_2 = 0x20071026,
51*cf84ac9aSAndroid Build Coastguard Worker _LINUX_CAPABILITY_VERSION_3 = 0x20080522
52*cf84ac9aSAndroid Build Coastguard Worker };
53*cf84ac9aSAndroid Build Coastguard Worker
54*cf84ac9aSAndroid Build Coastguard Worker #include "xlat/cap_version.h"
55*cf84ac9aSAndroid Build Coastguard Worker
56*cf84ac9aSAndroid Build Coastguard Worker struct user_cap_header_struct {
57*cf84ac9aSAndroid Build Coastguard Worker uint32_t version;
58*cf84ac9aSAndroid Build Coastguard Worker int pid;
59*cf84ac9aSAndroid Build Coastguard Worker };
60*cf84ac9aSAndroid Build Coastguard Worker
61*cf84ac9aSAndroid Build Coastguard Worker struct user_cap_data_struct {
62*cf84ac9aSAndroid Build Coastguard Worker uint32_t effective;
63*cf84ac9aSAndroid Build Coastguard Worker uint32_t permitted;
64*cf84ac9aSAndroid Build Coastguard Worker uint32_t inheritable;
65*cf84ac9aSAndroid Build Coastguard Worker };
66*cf84ac9aSAndroid Build Coastguard Worker
67*cf84ac9aSAndroid Build Coastguard Worker static const struct user_cap_header_struct *
get_cap_header(struct tcb * const tcp,const kernel_ulong_t addr)68*cf84ac9aSAndroid Build Coastguard Worker get_cap_header(struct tcb *const tcp, const kernel_ulong_t addr)
69*cf84ac9aSAndroid Build Coastguard Worker {
70*cf84ac9aSAndroid Build Coastguard Worker static struct user_cap_header_struct header;
71*cf84ac9aSAndroid Build Coastguard Worker
72*cf84ac9aSAndroid Build Coastguard Worker if (!addr || !verbose(tcp))
73*cf84ac9aSAndroid Build Coastguard Worker return NULL;
74*cf84ac9aSAndroid Build Coastguard Worker
75*cf84ac9aSAndroid Build Coastguard Worker if (umove(tcp, addr, &header) < 0)
76*cf84ac9aSAndroid Build Coastguard Worker return NULL;
77*cf84ac9aSAndroid Build Coastguard Worker
78*cf84ac9aSAndroid Build Coastguard Worker return &header;
79*cf84ac9aSAndroid Build Coastguard Worker }
80*cf84ac9aSAndroid Build Coastguard Worker
81*cf84ac9aSAndroid Build Coastguard Worker static void
print_cap_header(struct tcb * const tcp,const kernel_ulong_t addr,const struct user_cap_header_struct * const h)82*cf84ac9aSAndroid Build Coastguard Worker print_cap_header(struct tcb *const tcp, const kernel_ulong_t addr,
83*cf84ac9aSAndroid Build Coastguard Worker const struct user_cap_header_struct *const h)
84*cf84ac9aSAndroid Build Coastguard Worker {
85*cf84ac9aSAndroid Build Coastguard Worker if (!addr || !h) {
86*cf84ac9aSAndroid Build Coastguard Worker printaddr(addr);
87*cf84ac9aSAndroid Build Coastguard Worker return;
88*cf84ac9aSAndroid Build Coastguard Worker }
89*cf84ac9aSAndroid Build Coastguard Worker
90*cf84ac9aSAndroid Build Coastguard Worker tprints("{version=");
91*cf84ac9aSAndroid Build Coastguard Worker printxval(cap_version, h->version,
92*cf84ac9aSAndroid Build Coastguard Worker "_LINUX_CAPABILITY_VERSION_???");
93*cf84ac9aSAndroid Build Coastguard Worker tprintf(", pid=%d}", h->pid);
94*cf84ac9aSAndroid Build Coastguard Worker }
95*cf84ac9aSAndroid Build Coastguard Worker
96*cf84ac9aSAndroid Build Coastguard Worker static void
print_cap_bits(const uint32_t lo,const uint32_t hi)97*cf84ac9aSAndroid Build Coastguard Worker print_cap_bits(const uint32_t lo, const uint32_t hi)
98*cf84ac9aSAndroid Build Coastguard Worker {
99*cf84ac9aSAndroid Build Coastguard Worker if (lo || !hi)
100*cf84ac9aSAndroid Build Coastguard Worker printflags(cap_mask0, lo, "CAP_???");
101*cf84ac9aSAndroid Build Coastguard Worker
102*cf84ac9aSAndroid Build Coastguard Worker if (hi) {
103*cf84ac9aSAndroid Build Coastguard Worker if (lo)
104*cf84ac9aSAndroid Build Coastguard Worker tprints("|");
105*cf84ac9aSAndroid Build Coastguard Worker printflags(cap_mask1, hi, "CAP_???");
106*cf84ac9aSAndroid Build Coastguard Worker }
107*cf84ac9aSAndroid Build Coastguard Worker }
108*cf84ac9aSAndroid Build Coastguard Worker
109*cf84ac9aSAndroid Build Coastguard Worker static void
print_cap_data(struct tcb * const tcp,const kernel_ulong_t addr,const struct user_cap_header_struct * const h)110*cf84ac9aSAndroid Build Coastguard Worker print_cap_data(struct tcb *const tcp, const kernel_ulong_t addr,
111*cf84ac9aSAndroid Build Coastguard Worker const struct user_cap_header_struct *const h)
112*cf84ac9aSAndroid Build Coastguard Worker {
113*cf84ac9aSAndroid Build Coastguard Worker struct user_cap_data_struct data[2];
114*cf84ac9aSAndroid Build Coastguard Worker unsigned int len;
115*cf84ac9aSAndroid Build Coastguard Worker
116*cf84ac9aSAndroid Build Coastguard Worker if (!addr || !h) {
117*cf84ac9aSAndroid Build Coastguard Worker printaddr(addr);
118*cf84ac9aSAndroid Build Coastguard Worker return;
119*cf84ac9aSAndroid Build Coastguard Worker }
120*cf84ac9aSAndroid Build Coastguard Worker
121*cf84ac9aSAndroid Build Coastguard Worker if (_LINUX_CAPABILITY_VERSION_2 == h->version ||
122*cf84ac9aSAndroid Build Coastguard Worker _LINUX_CAPABILITY_VERSION_3 == h->version)
123*cf84ac9aSAndroid Build Coastguard Worker len = 2;
124*cf84ac9aSAndroid Build Coastguard Worker else
125*cf84ac9aSAndroid Build Coastguard Worker len = 1;
126*cf84ac9aSAndroid Build Coastguard Worker
127*cf84ac9aSAndroid Build Coastguard Worker if (umoven_or_printaddr(tcp, addr, len * sizeof(data[0]), data))
128*cf84ac9aSAndroid Build Coastguard Worker return;
129*cf84ac9aSAndroid Build Coastguard Worker
130*cf84ac9aSAndroid Build Coastguard Worker tprints("{effective=");
131*cf84ac9aSAndroid Build Coastguard Worker print_cap_bits(data[0].effective, len > 1 ? data[1].effective : 0);
132*cf84ac9aSAndroid Build Coastguard Worker tprints(", permitted=");
133*cf84ac9aSAndroid Build Coastguard Worker print_cap_bits(data[0].permitted, len > 1 ? data[1].permitted : 0);
134*cf84ac9aSAndroid Build Coastguard Worker tprints(", inheritable=");
135*cf84ac9aSAndroid Build Coastguard Worker print_cap_bits(data[0].inheritable, len > 1 ? data[1].inheritable : 0);
136*cf84ac9aSAndroid Build Coastguard Worker tprints("}");
137*cf84ac9aSAndroid Build Coastguard Worker }
138*cf84ac9aSAndroid Build Coastguard Worker
SYS_FUNC(capget)139*cf84ac9aSAndroid Build Coastguard Worker SYS_FUNC(capget)
140*cf84ac9aSAndroid Build Coastguard Worker {
141*cf84ac9aSAndroid Build Coastguard Worker const struct user_cap_header_struct *h;
142*cf84ac9aSAndroid Build Coastguard Worker
143*cf84ac9aSAndroid Build Coastguard Worker if (entering(tcp)) {
144*cf84ac9aSAndroid Build Coastguard Worker h = get_cap_header(tcp, tcp->u_arg[0]);
145*cf84ac9aSAndroid Build Coastguard Worker print_cap_header(tcp, tcp->u_arg[0], h);
146*cf84ac9aSAndroid Build Coastguard Worker tprints(", ");
147*cf84ac9aSAndroid Build Coastguard Worker } else {
148*cf84ac9aSAndroid Build Coastguard Worker h = syserror(tcp) ? NULL : get_cap_header(tcp, tcp->u_arg[0]);
149*cf84ac9aSAndroid Build Coastguard Worker print_cap_data(tcp, tcp->u_arg[1], h);
150*cf84ac9aSAndroid Build Coastguard Worker }
151*cf84ac9aSAndroid Build Coastguard Worker return 0;
152*cf84ac9aSAndroid Build Coastguard Worker }
153*cf84ac9aSAndroid Build Coastguard Worker
SYS_FUNC(capset)154*cf84ac9aSAndroid Build Coastguard Worker SYS_FUNC(capset)
155*cf84ac9aSAndroid Build Coastguard Worker {
156*cf84ac9aSAndroid Build Coastguard Worker const struct user_cap_header_struct *const h =
157*cf84ac9aSAndroid Build Coastguard Worker get_cap_header(tcp, tcp->u_arg[0]);
158*cf84ac9aSAndroid Build Coastguard Worker print_cap_header(tcp, tcp->u_arg[0], h);
159*cf84ac9aSAndroid Build Coastguard Worker tprints(", ");
160*cf84ac9aSAndroid Build Coastguard Worker print_cap_data(tcp, tcp->u_arg[1], h);
161*cf84ac9aSAndroid Build Coastguard Worker
162*cf84ac9aSAndroid Build Coastguard Worker return RVAL_DECODED;
163*cf84ac9aSAndroid Build Coastguard Worker }
164