Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add capability package #149

Merged
merged 52 commits into from
Sep 13, 2024
Merged

Add capability package #149

merged 52 commits into from
Sep 13, 2024

Commits on Feb 7, 2013

  1. capability: initial commit

    syndtr committed Feb 7, 2013
    Configuration menu
    Copy the full SHA
    5191123 View commit details
    Browse the repository at this point in the history

Commits on Feb 8, 2013

  1. Configuration menu
    Copy the full SHA
    34f2e4f View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    e3c3ba5 View commit details
    Browse the repository at this point in the history

Commits on May 16, 2014

  1. Configuration menu
    Copy the full SHA
    0fe8712 View commit details
    Browse the repository at this point in the history

Commits on Jan 15, 2015

  1. capability: Allow to use the zero value for pid to operate with the c…

    …urrent task
    
    In this case we can use /proc/self/, which is correct even if a task
    live in another pid namespace.
    
    Signed-off-by: Andrey Vagin <[email protected]>
    avagin committed Jan 15, 2015
    Configuration menu
    Copy the full SHA
    52dd710 View commit details
    Browse the repository at this point in the history

Commits on Feb 17, 2015

  1. Configuration menu
    Copy the full SHA
    17b8e69 View commit details
    Browse the repository at this point in the history

Commits on Feb 18, 2015

  1. Configuration menu
    Copy the full SHA
    a5b2cd8 View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    349eb2e View commit details
    Browse the repository at this point in the history
  3. capability: determine CAP_LAST_CAP dynamically

    New capabilities can be added, and we want to be sure
    that a bounding set will be set correctly in this case.
    
    Without this patch new capabilities are not dropped from a bounding set.
    
    Signed-off-by: Andrey Vagin <[email protected]>
    avagin committed Feb 18, 2015
    Configuration menu
    Copy the full SHA
    b61cbe6 View commit details
    Browse the repository at this point in the history
  4. Configuration menu
    Copy the full SHA
    4ba06ac View commit details
    Browse the repository at this point in the history
  5. capability: Don't use fmt.Fscanf for /proc/sys/kernel/cap_last_cap

    fmt.Fscanf reads byte by byte from this file, but
    this doesn't work for sysctl-s.
    
    29279 open("/proc/sys/kernel/cap_last_cap", O_RDONLY|O_CLOEXEC
    29279 <... open resumed> ) = 3
    29279 read(3, "3", 1) = 1
    29279 read(3, "", 1) = 0
    
    Reported-by: @syndtr
    avagin committed Feb 18, 2015
    Configuration menu
    Copy the full SHA
    8f72402 View commit details
    Browse the repository at this point in the history

Commits on Mar 23, 2015

  1. capability: Not fail on Apply if there is no /proc/sys/kernel/cap_las…

    …t_cap file
    
    Fix docker/libcontainer#452
    
    Signed-off-by: Alexander Morozov <[email protected]>
    LK4D4 committed Mar 23, 2015
    Configuration menu
    Copy the full SHA
    2bc1d7e View commit details
    Browse the repository at this point in the history

Commits on May 6, 2015

  1. capability: Add tool for generating String and List functions

    Signed-off-by: Alexander Morozov <[email protected]>
    LK4D4 committed May 6, 2015
    Configuration menu
    Copy the full SHA
    3cd3167 View commit details
    Browse the repository at this point in the history
  2. capability: Use go generate for String and List functions

    Signed-off-by: Alexander Morozov <[email protected]>
    LK4D4 committed May 6, 2015
    Configuration menu
    Copy the full SHA
    ed44d7b View commit details
    Browse the repository at this point in the history

Commits on Jun 14, 2015

  1. Configuration menu
    Copy the full SHA
    69dca76 View commit details
    Browse the repository at this point in the history

Commits on Jul 14, 2015

  1. Configuration menu
    Copy the full SHA
    bc55f7f View commit details
    Browse the repository at this point in the history

Commits on Jul 16, 2015

  1. capability: Merge pull request moby#9 from h2so5/master

    handle ENODATA in getVfsCap
    syndtr committed Jul 16, 2015
    Configuration menu
    Copy the full SHA
    4c632f4 View commit details
    Browse the repository at this point in the history

Commits on Sep 28, 2016

  1. capability: Add support for ambient capabilities (moby#11)

    Ambient capabilities were added in Linux 4.3 and provide a way
    to pass on capabilities to unprivileged processes easily.
    
    Signed-off-by: Justin Cormack <[email protected]>
    justincormack authored and syndtr committed Sep 28, 2016
    Configuration menu
    Copy the full SHA
    f3cb87f View commit details
    Browse the repository at this point in the history

Commits on Jul 4, 2017

  1. capability: Fix issue moby#12: break too early (moby#13)

    After getting CapBnd, Loop break too early,
    can't to get CapAmb value.
    
    Signed-off-by: Ma Shimiao <[email protected]>
    Ma Shimiao authored and syndtr committed Jul 4, 2017
    Configuration menu
    Copy the full SHA
    8294f6f View commit details
    Browse the repository at this point in the history

Commits on Feb 23, 2018

  1. capability: Deprecate NewPid and NewFile for NewPid2 and NewFile2 (mo…

    …by#14)
    
    The old methods had an internal Load(), which is unnecessary for some
    use cases.  For example, if you're going to drop all capabilities, you
    don't need to load the current set first.  This commit deprecates the
    old New* functions and adds New*2 functions which do not include the
    internal Load.  Callers who do need the Load will need to call it
    explicitly after initializing their Capabilities object.  Callers who
    do not need the Load can just add the "2" to the function name and get
    more efficient/robust behavior.
    
    The "Deprecated:" paragraph syntax is recommended in [1]:
    
      To signal that an identifier should not be used, add a paragraph to
      its doc comment that begins with "Deprecated:" followed by some
      information about the deprecation.
    
    [1]: https://blog.golang.org/godoc-documenting-go-code
    wking authored and syndtr committed Feb 23, 2018
    Configuration menu
    Copy the full SHA
    a2f19b5 View commit details
    Browse the repository at this point in the history

Commits on Sep 16, 2018

  1. capability: Fix capHeader.pid type (moby#16)

    * Fix capHeader.pid type
    
    In C, int is 4 bytes in 32 and 64-bit systems. In Go, int is a
    8 bytes in 64-bit systems. Before this fix, pid was being ignored
    because the kernel will always read 0 due to padding added between
    version and pid fields.
    
    * Update capability_linux.go
    fvoznika authored and syndtr committed Sep 16, 2018
    Configuration menu
    Copy the full SHA
    7b553f5 View commit details
    Browse the repository at this point in the history

Commits on Aug 5, 2020

  1. capability: add CAP_PERFMON, CAP_BPF, and CAP_CHECKPOINT_RESTORE

    CAP_PERFMON and CAP_BPF were introduced in kernel 5.8: https://kernelnewbies.org/Linux_5.8#Introduce_CAP_BPF_and_CAP_PERFMON_security_capabilities
    
    CAP_CHECKPOINT_RESTORE was merged on the master recently and will be available in the next version of the kernel.
    torvalds/linux@124ea65
    
    The capability numbers are taken from https://github.com/torvalds/linux/blob/442489c219235991de86d0277b5d859ede6d8792/include/uapi/linux/capability.h#L373-L416
    
    Signed-off-by: Akihiro Suda <[email protected]>
    AkihiroSuda committed Aug 5, 2020
    Configuration menu
    Copy the full SHA
    1f9e05d View commit details
    Browse the repository at this point in the history

Commits on Aug 15, 2020

  1. Configuration menu
    Copy the full SHA
    a1bb7d2 View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    a615c43 View commit details
    Browse the repository at this point in the history

Commits on Jul 22, 2024

  1. capability: go.mod: add

    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 22, 2024
    Configuration menu
    Copy the full SHA
    e4ea695 View commit details
    Browse the repository at this point in the history
  2. capability: Use new style build tags

    Go 1.17 introduced new style of adding build tags (//go:build), and some
    tools no longer understand old-style (// +build) tags.
    
    Add the new tag, drop the old one.
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 22, 2024
    Configuration menu
    Copy the full SHA
    49112ce View commit details
    Browse the repository at this point in the history
  3. capability: Drop a subdir

    Move the code to the top-level directory.
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 22, 2024
    Configuration menu
    Copy the full SHA
    5ff585d View commit details
    Browse the repository at this point in the history
  4. capability: Fix future version compatibility

    In case kernel folks will ever release capability v4, the chances are
    high v3 is still supported. Therefore, we should not error out upon
    seeing an unknown version from the kernel, but assume we can go with v3.
    
    While at it, treat the uninitialized capVers as an error. Before this
    patch, it was still treated as an error, but "unknown capability version"
    is not exactly what the error is, so let's be more specific.
    
    Reported-by: Andrei Vagin <[email protected]>
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 22, 2024
    Configuration menu
    Copy the full SHA
    a8e5adc View commit details
    Browse the repository at this point in the history
  5. capability: Drop capability v1 and v2 support

    Capabilities v3 API was added by the Linux kernel 2.6.26.
    
    Since go 1.18 (no longer supported as of go 1.20 release), the minimum
    Linux kernel requirement is 2.6.32 (see [1]). So, it does not make sense
    to support capabilities v1 and v2 any more.
    
    Drop the support, returning the appropriate error message.
    
    [1] https://tip.golang.org/doc/go1.18#linux
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 22, 2024
    Configuration menu
    Copy the full SHA
    1be70fa View commit details
    Browse the repository at this point in the history
  6. capability: Apply: fix ambient caps error handling

    Commit f3cb87f added support for ambient capabilities. Unfortunately,
    the code added to Apply is incorrect because it uses a local variable
    err which is never used or returned.
    
    Found by a linter:
    
    > capability_linux.go:480:5: ineffectual assignment to err (ineffassign)
    > 				err = nil
    > 				^
    
    Fixes: f3cb87f
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 22, 2024
    Configuration menu
    Copy the full SHA
    d8cc449 View commit details
    Browse the repository at this point in the history

Commits on Jul 23, 2024

  1. capability: Load: simplify code, fix a linter warning

    Fix the following warning:
    
    > capability_linux.go:407:17: S1039: unnecessary use of fmt.Sprintf (gosimple)
    > 		status_path = fmt.Sprintf("/proc/self/status")
    >		              ^
    
    Also,
     - simplify the code for the common case when pid is 0;
     - rename a variable (to obey Go naming guidelines).
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 23, 2024
    Configuration menu
    Copy the full SHA
    9ebbf3c View commit details
    Browse the repository at this point in the history
  2. capability: init: fix a linter warning

    Fix the following linter warning:
    
    > capability_linux.go:34:8: Error return value is not checked (errcheck)
    > 	capget(&hdr, nil)
    >	      ^
    
    Here we deliberately ignore the error from capget() since we have no way
    to report it, and hdr.ver will be 0 in case of an error anyway.
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 23, 2024
    Configuration menu
    Copy the full SHA
    16bd4cd View commit details
    Browse the repository at this point in the history
  3. capability: enumgen: drop using io/ioutil

    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 23, 2024
    Configuration menu
    Copy the full SHA
    42c88db View commit details
    Browse the repository at this point in the history

Commits on Jul 24, 2024

  1. capability: Load: don't ignore Sscanf errors

    This fixes errcheck linter warnings:
    
    > capability_linux.go:311:14: Error return value of `fmt.Sscanf` is not checked (errcheck)
    > 			fmt.Sscanf(line[4:], "nd:  %08x%08x", &c.bounds[1], &c.bounds[0])
    > 			          ^
    > capability_linux.go:315:14: Error return value of `fmt.Sscanf` is not checked (errcheck)
    > 			fmt.Sscanf(line[4:], "mb:  %08x%08x", &c.ambient[1], &c.ambient[0])
    > 			          ^
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 24, 2024
    Configuration menu
    Copy the full SHA
    9510382 View commit details
    Browse the repository at this point in the history

Commits on Jul 30, 2024

  1. capability: Move capVers out of init

    Currently, capVers is initialized in func init, but its value is only
    used from NewPid*.
    
    Let's use sync.OnceValues for lazy initialization. While at it, stop
    ignoring syscall return value.
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 30, 2024
    Configuration menu
    Copy the full SHA
    b48e69d View commit details
    Browse the repository at this point in the history
  2. capability: Remove init and CAP_LAST_CAP, add LastCap

    One (minor) issue with this package is it has func init which reads a
    file in /proc, making the start of any program which imports the package
    a bit slower.
    
    Let's switch to lazy initialization, i.e. only read the file when needed.
    Unfortunately, this can not be done in a non-disruptive manner, since we
    have a public variable CAP_LAST_CAP.
    
    So, this is a disruptive change, and anyone who's using CAP_LAST_CAP
    should change their code to something like this:
    
    	last, err := capability.LastCap()
    	if err != nil {
    		return err
    	}
    
    Also, add a test case for LastCap.
    
    Reported-by: ningmingxiao <[email protected]>
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 30, 2024
    Configuration menu
    Copy the full SHA
    935800e View commit details
    Browse the repository at this point in the history
  3. capability: Rename a test variable

    Rename whats -> what in test to silence codespell warnings.
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 30, 2024
    Configuration menu
    Copy the full SHA
    1c20dc0 View commit details
    Browse the repository at this point in the history
  4. capability: Add .codespellrc

    Mostly for ignoring this warning:
    
    	./capability_linux.go:311: nd ==> and, 2nd
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 30, 2024
    Configuration menu
    Copy the full SHA
    1d2e439 View commit details
    Browse the repository at this point in the history
  5. capability: ci: add some basic GHA checks

    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 30, 2024
    Configuration menu
    Copy the full SHA
    1b89c56 View commit details
    Browse the repository at this point in the history
  6. capability: Use gofumpt to format code

    Brought to you by gofumpt v0.6.0 (go1.22.4).
    
    Add a CI action to check code is gofumpt'ed.
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 30, 2024
    Configuration menu
    Copy the full SHA
    c3a94dd View commit details
    Browse the repository at this point in the history

Commits on Jul 31, 2024

  1. capability: ci: add errorlint

    With the added linter, it complains like this:
    
    > capability_linux.go:349:22: type assertion on error will fail on wrapped errors. Use errors.As to check for specific errors (errorlint)
    
    In fact, errors from syscall.Syscall6 used by prctl are bare Errno
    values. This means there is no need for a type assertion, so let's
    remove it:
    
    	> - if errno, ok := err.(syscall.Errno); ok && errno == syscall.EINVAL {
    	> + if err == syscall.EINVAL {
    
    With that change, we're still getting error from the linter, a bit
    different one:
    
    > capability_linux.go:349:9: comparing with == will fail on wrapped errors. Use errors.Is to check for a specific error (errorlint)
    
    So, we still need to silence it, by adding a nolint annotation.
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 31, 2024
    Configuration menu
    Copy the full SHA
    e2363f4 View commit details
    Browse the repository at this point in the history
  2. capability: Add README and CHANGELOG

    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Jul 31, 2024
    Configuration menu
    Copy the full SHA
    61d4f3b View commit details
    Browse the repository at this point in the history

Commits on Aug 1, 2024

  1. capability: Wrap LastCap to improve doc

    As LastCap is a variable, it is shown in the documentation as a variable
    (see [1]). This is both ugly and unsafe (a variable can be changed).
    
    Wrap it into a proper function.
    
    [1]: https://pkg.go.dev/github.com/kolyshkin/[email protected]#pkg-variables
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Aug 1, 2024
    Configuration menu
    Copy the full SHA
    4409357 View commit details
    Browse the repository at this point in the history
  2. capability: Really fix future kernel compatibility

    Earlier commit made sure we don't error out if the kernel capability
    version is unknown; this ensures compatibility with future kernels.
    
    Looking at the code, I realized p.hdr.version should be initialized to
    linuxCapVer3 in that case, not the version returned by the kernel,
    otherwise we supply v3 data structure with (say) v4 version set in
    header.
    
    Practically, this was not a real bug (yet) because v4 is not (yet)
    available, but if it will ever be introduced later, this fix makes us
    ready.
    
    Fixes: a8e5adc ("Fix future version compatibility")
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Aug 1, 2024
    Configuration menu
    Copy the full SHA
    9aa254c View commit details
    Browse the repository at this point in the history
  3. capability: CHANGELOG: add v0.1.1 changes

    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Aug 1, 2024
    Configuration menu
    Copy the full SHA
    ba56f4a View commit details
    Browse the repository at this point in the history

Commits on Sep 13, 2024

  1. Configuration menu
    Copy the full SHA
    6f6556a View commit details
    Browse the repository at this point in the history
  2. capability: go.mod: fix the module path

    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Sep 13, 2024
    Configuration menu
    Copy the full SHA
    666f217 View commit details
    Browse the repository at this point in the history
  3. capability: only test on Linux

    Rename a test file so the test it implements is only run on Linux.
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Sep 13, 2024
    Configuration menu
    Copy the full SHA
    cf3e95f View commit details
    Browse the repository at this point in the history
  4. Makefile,.github: add capability

    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Sep 13, 2024
    Configuration menu
    Copy the full SHA
    15913fd View commit details
    Browse the repository at this point in the history
  5. capability: add/fix copyright

    1. Add "Copyright 2023 The Capability Authors" header to cover my work
       since 2023 as well as any future work in the forked package.
    
    2. Remove (c) after the word "Copyright" (not required since 1989).
    
    3. Remove the comma after a copyright year.
    
    4. Minor formatting fix (move the line break earlier).
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Sep 13, 2024
    Configuration menu
    Copy the full SHA
    e768b96 View commit details
    Browse the repository at this point in the history
  6. capability: fix CHANGELOG.md for the move

    1. Clarify the fork source.
    
    2. Fix links to 0.1.x PRs to point to the proper (old) repo.
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Sep 13, 2024
    Configuration menu
    Copy the full SHA
    cbce049 View commit details
    Browse the repository at this point in the history
  7. capability: fix Go version in changelog

    It was mistakenly set to Go >= 1.20, while it fact this package requires
    Go >= 1.21 (due to the use of sync.OnceValues).
    
    Signed-off-by: Kir Kolyshkin <[email protected]>
    kolyshkin committed Sep 13, 2024
    Configuration menu
    Copy the full SHA
    27f233e View commit details
    Browse the repository at this point in the history