Replace hard-coded constants with definitions in libc

Depends on rust-lang/libc#3628

Fixes dlrobertson#70

Cargo.toml

@@ -1,3 +1,7 @@
 [workspace]
 resolver = "2"
 members = ["capsicum", "casper-sys"]
+
+[patch.crates-io]
+libc = { git = "https://github.com/asomers/libc.git", rev = "00300738e7465725fdac5229f486241caed2cfcc" }
+nix = { git = "https://github.com/asomers/nix.git", rev = "5c8b253b8b3b93e262cd6e13c09460c0fdafa21b" }

capsicum/CHANGELOG.md

@@ -15,6 +15,9 @@ This project adheres to [Semantic Versioning](https://semver.org/).
 
 ### Changed
 
+- Fixed two misnamed constants: `Right::Fchflagsat` and `Right::Mknotat`.
+  ([#87](https://github.com/dlrobertson/capsicum-rs/pull/87))
+
 - Renamed `Right::Renameat` to `Right::RenameatSource`.
   ([#85](https://github.com/dlrobertson/capsicum-rs/pull/85))
 

capsicum/Cargo.toml

@@ -32,7 +32,7 @@ required-features = ["casper"]
 path = "examples/getuid.rs"
 
 [dependencies]
-libc = { version = "0.2.138", features = [ "extra_traits" ] }
+libc = { version = "0.2.151", features = [ "extra_traits" ] }
 casper-sys = { path = "../casper-sys", optional = true, version = "0.1.1" }
 libnv = { version = "0.4.2", default_features = false, features = [ "libnv" ], optional = true }
 libnv-sys = { version = "0.2.1", optional = true }
@@ -44,6 +44,6 @@ version_check = "0.9.4"
 [dev-dependencies]
 cap-std = "3.0"
 cstr = "0.2.11"
-nix = { version = "0.27.0", default_features = false, features = [ "fs", "ioctl", "process", "socket" ] }
+nix = { version = "0.28.0", default_features = false, features = [ "fs", "ioctl", "process", "socket" ] }
 libnv-sys = "0.2.1"
 tempfile = "3.0"

capsicum/src/fcntl.rs

@@ -16,14 +16,14 @@ use crate::common::CapRights;
 #[derive(Debug)]
 pub enum Fcntl {
     /// Get descriptor status flags.
-    GetFL = 0x8,
+    GetFL = libc::CAP_FCNTL_GETFL,
     /// Set descriptor status flags.
-    SetFL = 0x10,
+    SetFL = libc::CAP_FCNTL_SETFL,
     /// Get the process ID or process group currently receiving SIGIO and SIGURG
     /// signals.
-    GetOwn = 0x20,
+    GetOwn = libc::CAP_FCNTL_GETOWN,
     /// Set the process or process group to receive SIGIO and SIGURG signal.
-    SetOwn = 0x40,
+    SetOwn = libc::CAP_FCNTL_SETOWN,
 }
 
 /// Used to construct a new set of allowed fcntl commands.

capsicum/src/right.rs

@@ -20,20 +20,6 @@ use libc::cap_rights_t;
 
 use crate::common::CapRights;
 
-pub const RIGHTS_VERSION: i32 = 0;
-
-macro_rules! cap_right {
-    ($idx:expr, $bit:expr) => {
-        ((1u64 << (57 + ($idx))) | ($bit))
-    };
-}
-
-macro_rules! right_or {
-    ($($right:expr),*) => {
-        $($right as u64)|*
-    }
-}
-
 /// Capsicum capability rights for file descriptors.
 ///
 /// See [`rights(4)`](https://www.freebsd.org/cgi/man.cgi?query=rights) for details.
@@ -42,116 +28,103 @@ macro_rules! right_or {
 #[allow(missing_docs)] // Individual bits are documented via the external link.
 pub enum Right {
     Null = 0,
-    Read = cap_right!(0, 0x1u64),
-    Write = cap_right!(0, 0x2u64),
-    SeekTell = cap_right!(0, 0x4u64),
-    Seek = right_or!(Right::SeekTell, 0x8u64),
-    Pread = right_or!(Right::Seek, Right::Read),
-    Pwrite = right_or!(Right::Seek, Right::Write),
-    Mmap = cap_right!(0, 0x10u64),
-    MmapR = right_or!(Right::Mmap, Right::Seek, Right::Read),
-    MmapW = right_or!(Right::Mmap, Right::Seek, Right::Write),
-    MmapX = right_or!(Right::Mmap, Right::Seek, 0x20u64),
-    MmapRW = right_or!(Right::MmapR, Right::MmapW),
-    MmapRX = right_or!(Right::MmapR, Right::MmapX),
-    MmapWX = right_or!(Right::MmapW, Right::MmapX),
-    MmapRWX = right_or!(Right::MmapR, Right::MmapW, Right::MmapX),
-    Create = cap_right!(0, 0x40u64),
-    Fexecve = cap_right!(0, 0x80u64),
-    Fsync = cap_right!(0, 0x100u64),
-    Ftruncate = cap_right!(0, 0x200u64),
-    Lookup = cap_right!(0, 0x400u64),
-    Fchdir = cap_right!(0, 0x800u64),
-    Fchflags = cap_right!(0, 0x1000u64),
-    Fchflagsat = right_or!(Right::Fchflags, Right::Lookup),
-    Fchmod = cap_right!(0, 0x2000u64),
-    Fchmodat = right_or!(Right::Fchmod, Right::Lookup),
-    Fchown = cap_right!(0, 0x4000u64),
-    Fchownat = right_or!(Right::Fchown, Right::Lookup),
-    Fcntl = cap_right!(0, 0x8000u64),
-    Flock = cap_right!(0, 0x10000u64),
-    Fpathconf = cap_right!(0, 0x20000u64),
-    Fsck = cap_right!(0, 0x40000u64),
-    Fstat = cap_right!(0, 0x80000u64),
-    Fstatat = right_or!(Right::Fstat, Right::Lookup),
-    Fstatfs = cap_right!(0, 0x100000u64),
-    Futimes = cap_right!(0, 0x200000u64),
-    Futimesat = right_or!(Right::Futimes, Right::Lookup),
-    Linkat = right_or!(Right::Lookup, 0x400000u64),
-    Mkdirat = right_or!(Right::Lookup, 0x800000u64),
-    Mkfifoat = right_or!(Right::Lookup, 0x1000000u64),
-    Mknotat = right_or!(Right::Lookup, 0x2000000u64),
-    RenameatSource = right_or!(Right::Lookup, 0x4000000u64),
-    RenameatTarget = right_or!(Right::Lookup, 0x0000040000000000u64),
-    Symlinkat = right_or!(Right::Lookup, 0x8000000u64),
-    Unlinkat = right_or!(Right::Lookup, 0x10000000u64),
-    Accept = cap_right!(0, 0x20000000u64),
-    Bind = cap_right!(0, 0x40000000u64),
-    Connect = cap_right!(0, 0x80000000u64),
-    Getpeername = cap_right!(0, 0x100000000u64),
-    Getsockname = cap_right!(0, 0x200000000u64),
-    Getsockopt = cap_right!(0, 0x400000000u64),
-    Listen = cap_right!(0, 0x800000000u64),
-    Peeloff = cap_right!(0, 0x1000000000u64),
-    Setsockopt = cap_right!(0, 0x2000000000u64),
-    Shutdown = cap_right!(0, 0x4000000000u64),
-    Bindat = right_or!(Right::Lookup, 0x8000000000u64),
-    Connectat = right_or!(Right::Lookup, 0x10000000000u64),
-    SockClient = right_or!(
-        Right::Connect,
-        Right::Getpeername,
-        Right::Getsockname,
-        Right::Getsockopt,
-        Right::Peeloff,
-        Right::Read,
-        Right::Write,
-        Right::Setsockopt,
-        Right::Shutdown
-    ),
-    SockServer = right_or!(
-        Right::Accept,
-        Right::Bind,
-        Right::Getpeername,
-        Right::Getsockname,
-        Right::Getsockopt,
-        Right::Listen,
-        Right::Peeloff,
-        Right::Read,
-        Right::Write,
-        Right::Setsockopt,
-        Right::Shutdown
-    ),
-    All0 = cap_right!(0, 0x7FFFFFFFFFu64),
-    Unused044 = cap_right!(0, 0x0000080000000000u64),
-    Unused057 = cap_right!(0, 0x0100000000000000u64),
-    MacGet = cap_right!(1, 0x1u64),
-    MacSet = cap_right!(1, 0x2u64),
-    SemGetvalue = cap_right!(1, 0x4u64),
-    SemPost = cap_right!(1, 0x8u64),
-    SemWait = cap_right!(1, 0x10u64),
-    Event = cap_right!(1, 0x20u64),
-    KqueueEvent = cap_right!(1, 0x40u64),
-    Ioctl = cap_right!(1, 0x80u64),
-    Ttyhook = cap_right!(1, 0x100u64),
-    Pdgetpid = cap_right!(1, 0x200u64),
-    Pdwait = cap_right!(1, 0x400u64),
-    Pdkill = cap_right!(1, 0x800),
-    ExtattrDelete = cap_right!(1, 0x1000u64),
-    ExtattrGet = cap_right!(1, 0x2000u64),
-    ExtattrList = cap_right!(1, 0x4000u64),
-    ExtattrSet = cap_right!(1, 0x8000u64),
-    AclCheck = cap_right!(1, 0x10000u64),
-    AclDelete = cap_right!(1, 0x20000u64),
-    AclGet = cap_right!(1, 0x40000u64),
-    AclSet = cap_right!(1, 0x80000u64),
-    KqueueChange = cap_right!(1, 0x100000u64),
-    Kqueue = right_or!(Right::KqueueEvent, Right::KqueueChange),
-    All1 = cap_right!(1, 0x1FFFFFu64),
-    Unused122 = cap_right!(1, 0x200000u64),
-    Unused157 = cap_right!(1, 0x100000000000000u64),
+    Read = libc::CAP_READ,
+    Write = libc::CAP_WRITE,
+    SeekTell = libc::CAP_SEEK_TELL,
+    Seek = libc::CAP_SEEK,
+    Pread = libc::CAP_PREAD,
+    Pwrite = libc::CAP_PWRITE,
+    Mmap = libc::CAP_MMAP,
+    MmapR = libc::CAP_MMAP_R,
+    MmapW = libc::CAP_MMAP_W,
+    MmapX = libc::CAP_MMAP_X,
+    MmapRW = libc::CAP_MMAP_RW,
+    MmapRX = libc::CAP_MMAP_RX,
+    MmapWX = libc::CAP_MMAP_WX,
+    MmapRWX = libc::CAP_MMAP_RWX,
+    Create = libc::CAP_CREATE,
+    Fexecve = libc::CAP_FEXECVE,
+    Fsync = libc::CAP_FSYNC,
+    Ftruncate = libc::CAP_FTRUNCATE,
+    Lookup = libc::CAP_LOOKUP,
+    Fchdir = libc::CAP_FCHDIR,
+    Fchflags = libc::CAP_FCHFLAGS,
+    Chflagsat = libc::CAP_CHFLAGSAT,
+    Fchmod = libc::CAP_FCHMOD,
+    Fchmodat = libc::CAP_FCHMODAT,
+    Fchown = libc::CAP_FCHOWN,
+    Fchownat = libc::CAP_FCHOWNAT,
+    Fcntl = libc::CAP_FCNTL,
+    Flock = libc::CAP_FLOCK,
+    Fpathconf = libc::CAP_FPATHCONF,
+    Fsck = libc::CAP_FSCK,
+    Fstat = libc::CAP_FSTAT,
+    Fstatat = libc::CAP_FSTATAT,
+    Fstatfs = libc::CAP_FSTATFS,
+    Futimes = libc::CAP_FUTIMES,
+    Futimesat = libc::CAP_FUTIMESAT,
+    LinkatTarget = libc::CAP_LINKAT_TARGET,
+    Mkdirat = libc::CAP_MKDIRAT,
+    Mkfifoat = libc::CAP_MKFIFOAT,
+    Mknodat = libc::CAP_MKNODAT,
+    RenameatSource = libc::CAP_RENAMEAT_SOURCE,
+    RenameatTarget = libc::CAP_RENAMEAT_TARGET,
+    Symlinkat = libc::CAP_SYMLINKAT,
+    Unlinkat = libc::CAP_UNLINKAT,
+    Accept = libc::CAP_ACCEPT,
+    Bind = libc::CAP_BIND,
+    Connect = libc::CAP_CONNECT,
+    Getpeername = libc::CAP_GETPEERNAME,
+    Getsockname = libc::CAP_GETSOCKNAME,
+    Getsockopt = libc::CAP_GETSOCKOPT,
+    Listen = libc::CAP_LISTEN,
+    Peeloff = libc::CAP_PEELOFF,
+    Setsockopt = libc::CAP_SETSOCKOPT,
+    Shutdown = libc::CAP_SHUTDOWN,
+    Bindat = libc::CAP_BINDAT,
+    Connectat = libc::CAP_CONNECTAT,
+    LinkatSource = libc::CAP_LINKAT_SOURCE,
+    SockClient = libc::CAP_SOCK_CLIENT,
+    SockServer = libc::CAP_SOCK_SERVER,
+    All0 = libc::CAP_ALL0,
+    Unused044 = libc::CAP_UNUSED0_44,
+    Unused057 = libc::CAP_UNUSED0_57,
+    MacGet = libc::CAP_MAC_GET,
+    MacSet = libc::CAP_MAC_SET,
+    SemGetvalue = libc::CAP_SEM_GETVALUE,
+    SemPost = libc::CAP_SEM_POST,
+    SemWait = libc::CAP_SEM_WAIT,
+    Event = libc::CAP_EVENT,
+    KqueueEvent = libc::CAP_KQUEUE_EVENT,
+    Ioctl = libc::CAP_IOCTL,
+    Ttyhook = libc::CAP_TTYHOOK,
+    Pdgetpid = libc::CAP_PDGETPID,
+    Pdwait = libc::CAP_PDWAIT,
+    Pdkill = libc::CAP_PDKILL,
+    ExtattrDelete = libc::CAP_EXTATTR_DELETE,
+    ExtattrGet = libc::CAP_EXTATTR_GET,
+    ExtattrList = libc::CAP_EXTATTR_LIST,
+    ExtattrSet = libc::CAP_EXTATTR_SET,
+    AclCheck = libc::CAP_ACL_CHECK,
+    AclDelete = libc::CAP_ACL_DELETE,
+    AclGet = libc::CAP_ACL_GET,
+    AclSet = libc::CAP_ACL_SET,
+    KqueueChange = libc::CAP_KQUEUE_CHANGE,
+    Kqueue = libc::CAP_KQUEUE,
+    All1 = libc::CAP_ALL1,
+    Unused122 = libc::CAP_UNUSED1_22,
+    Unused157 = libc::CAP_UNUSED1_57,
 }
 
 impl Right {
+    #[allow(non_upper_case_globals)]
+    #[allow(missing_docs)]
+    #[deprecated(since = "0.4.0", note = "Use Right::Chflagsat instead")]
+    pub const Fchflagsat: Right = Right::Chflagsat;
+    #[allow(non_upper_case_globals)]
+    #[allow(missing_docs)]
+    #[deprecated(since = "0.4.0", note = "Use Right::Mknodat instead")]
+    pub const Mknotat: Right = Right::Mknodat;
     #[allow(non_upper_case_globals)]
     #[allow(missing_docs)]
     #[deprecated(since = "0.4.0", note = "Use Right::RenameatSource instead")]
@@ -177,7 +150,11 @@ impl RightsBuilder {
         // cap_rights_init is documented as infalliable.
         let inner_rights = unsafe {
             let mut inner_rights = mem::zeroed();
-            libc::__cap_rights_init(RIGHTS_VERSION, &mut inner_rights as *mut cap_rights_t, 0u64);
+            libc::__cap_rights_init(
+                libc::CAP_RIGHTS_VERSION,
+                &mut inner_rights as *mut cap_rights_t,
+                0u64,
+            );
             inner_rights
         };
         let builder = RightsBuilder(inner_rights);
@@ -270,7 +247,7 @@ impl FileRights {
         let inner_rights = unsafe {
             let mut inner_rights = mem::zeroed();
             libc::__cap_rights_init(
-                RIGHTS_VERSION,
+                libc::CAP_RIGHTS_VERSION,
                 &mut inner_rights as *mut cap_rights_t,
                 raw_rights,
                 0u64,
@@ -310,7 +287,7 @@ impl FileRights {
         let inner_rights = unsafe {
             let mut inner_rights = unsafe { mem::zeroed() };
             let res = libc::__cap_rights_get(
-                RIGHTS_VERSION,
+                libc::CAP_RIGHTS_VERSION,
                 fd.as_raw_fd(),
                 &mut inner_rights as *mut cap_rights_t,
             );
@@ -447,9 +424,3 @@ impl CapRights for FileRights {
         }
     }
 }
-
-#[test]
-fn test_macros() {
-    assert_eq!(cap_right!(0, 1), 144115188075855873u64);
-    assert_eq!(right_or!(Right::Read, Right::Write), 144115188075855875u64);
-}