setpriv: Preliminary no_cap_ambient_raise support
Signed-off-by: Andy Lutomirski <luto@kernel.org>
diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c
index e44b5f5..7907c9f 100644
--- a/sys-utils/setpriv.c
+++ b/sys-utils/setpriv.c
@@ -53,6 +53,15 @@
# define PR_CAP_AMBIENT_LOWER 3
#endif
+#ifndef SECURE_NO_CAP_AMBIENT_RAISE
+# define SECURE_NO_CAP_AMBIENT_RAISE 6
+# define SECURE_NO_CAP_AMBIENT_RAISE_LOCKED 7 /* make bit-6 immutable */
+# define SECBIT_NO_CAP_AMBIENT_RAISE \
+ (issecure_mask(SECURE_NO_CAP_AMBIENT_RAISE))
+# define SECBIT_NO_CAP_AMBIENT_RAISE_LOCKED \
+ (issecure_mask(SECURE_NO_CAP_AMBIENT_RAISE_LOCKED))
+#endif
+
#define SETPRIV_EXIT_PRIVERR 127 /* how we exit when we fail to set privs */
/*
@@ -226,6 +235,10 @@
bits &= ~SECBIT_KEEP_CAPS;
dump_one_secbit(&first, &bits, SECBIT_KEEP_CAPS_LOCKED,
"keep_caps_locked");
+ dump_one_secbit(&first, &bits, SECBIT_NO_CAP_AMBIENT_RAISE,
+ "no_cap_ambient_raise");
+ dump_one_secbit(&first, &bits, SECBIT_NO_CAP_AMBIENT_RAISE_LOCKED,
+ "no_cap_ambient_raise_locked");
if (bits) {
if (!first)
printf(",");
@@ -514,7 +527,9 @@
SECBIT_NO_SETUID_FIXUP |
SECBIT_NO_SETUID_FIXUP_LOCKED |
SECBIT_KEEP_CAPS |
- SECBIT_KEEP_CAPS_LOCKED))
+ SECBIT_KEEP_CAPS_LOCKED |
+ SECBIT_NO_CAP_AMBIENT_RAISE |
+ SECBIT_NO_CAP_AMBIENT_RAISE_LOCKED))
errx(SETPRIV_EXIT_PRIVERR,
_("unrecognized securebit set -- refusing to adjust"));
@@ -543,6 +558,10 @@
_("adjusting keep_caps does not make sense"));
else if (!strcmp(c + 1, "keep_caps_locked"))
bit = SECBIT_KEEP_CAPS_LOCKED; /* sigh */
+ else if (!strcmp(c + 1, "no_cap_ambient_raise"))
+ bit = SECBIT_NO_CAP_AMBIENT_RAISE;
+ else if (!strcmp(c + 1, "no_cap_ambient_raise_locked"))
+ bit = SECBIT_NO_CAP_AMBIENT_RAISE_LOCKED;
else
errx(EXIT_FAILURE, _("unrecognized securebit"));
