tequilaOS/platform_system_core
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

init: Use ScopedCaps for cap_init()

Browse source 
This change homogenizes the use of std::unique_ptr for storing
capabilities in system/core/.

Bug: None
Test: m
Change-Id: I0a95f87a27b0261e9d321841d5140fc000473293
This commit is contained in:
Luis Hector Chavez 2017-06-29 09:47:51 -07:00
parent 519e5f0592
commit 7bb360230d
1 changed files with 7 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
init/capabilities.cpp
View file

@ -107,17 +107,15 @@ static bool DropBoundingSet(const CapSet& to_keep) {
}
static bool SetProcCaps(const CapSet& to_keep, bool add_setpcap) {
cap_t caps = cap_init();
auto deleter = [](cap_t* p) { cap_free(*p); };
std::unique_ptr<cap_t, decltype(deleter)> ptr_caps(&caps, deleter);
ScopedCaps caps(cap_init());
cap_clear(caps);
cap_clear(caps.get());
cap_value_t value[1];
for (size_t cap = 0; cap < to_keep.size(); ++cap) {
if (to_keep.test(cap)) {
value[0] = cap;
if (cap_set_flag(caps, CAP_INHERITABLE, arraysize(value), value, CAP_SET) != 0 ||
cap_set_flag(caps, CAP_PERMITTED, arraysize(value), value, CAP_SET) != 0) {
if (cap_set_flag(caps.get(), CAP_INHERITABLE, arraysize(value), value, CAP_SET) != 0 ||
cap_set_flag(caps.get(), CAP_PERMITTED, arraysize(value), value, CAP_SET) != 0) {
PLOG(ERROR) << "cap_set_flag(INHERITABLE|PERMITTED, " << cap << ") failed";
return false;
}
@ -126,14 +124,14 @@ static bool SetProcCaps(const CapSet& to_keep, bool add_setpcap) {
if (add_setpcap) {
value[0] = CAP_SETPCAP;
if (cap_set_flag(caps, CAP_PERMITTED, arraysize(value), value, CAP_SET) != 0 ||
cap_set_flag(caps, CAP_EFFECTIVE, arraysize(value), value, CAP_SET) != 0) {
if (cap_set_flag(caps.get(), CAP_PERMITTED, arraysize(value), value, CAP_SET) != 0 ||
cap_set_flag(caps.get(), CAP_EFFECTIVE, arraysize(value), value, CAP_SET) != 0) {
PLOG(ERROR) << "cap_set_flag(PERMITTED|EFFECTIVE, " << CAP_SETPCAP << ") failed";
return false;
}
}
if (cap_set_proc(caps) != 0) {
if (cap_set_proc(caps.get()) != 0) {
PLOG(ERROR) << "cap_set_proc(" << to_keep.to_ulong() << ") failed";
return false;
}