diff options
author | Andrew G. Morgan <morgan@kernel.org> | 2019-12-23 22:25:46 -0800 |
---|---|---|
committer | Andrew G. Morgan <morgan@kernel.org> | 2019-12-23 22:25:46 -0800 |
commit | d45a3d4812598fc056499fa4622be4af58076bd5 (patch) | |
tree | fa1ffae514e201500eb1269ce9c84f261a488d9e | |
parent | afef3ef1c62613e1cac12a2bbec6017f7d5e033e (diff) | |
download | libcap-d45a3d4812598fc056499fa4622be4af58076bd5.tar.gz |
Ensure that gcc -std=c89 build works.
We're not using it, but it seems like a small price to
pay for having targets I'm not building regularly
continue to build.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
-rw-r--r-- | libcap/cap_file.c | 2 | ||||
-rw-r--r-- | libcap/cap_proc.c | 15 | ||||
-rw-r--r-- | libcap/cap_text.c | 3 | ||||
-rw-r--r-- | libcap/psx.c | 14 | ||||
-rw-r--r-- | pam_cap/pam_cap.c | 20 | ||||
-rw-r--r-- | pam_cap/test_pam_cap.c | 26 | ||||
-rw-r--r-- | progs/capsh.c | 2 | ||||
-rw-r--r-- | tests/libcap_psx_test.c | 1 | ||||
-rw-r--r-- | tests/psx_test.c | 10 |
9 files changed, 59 insertions, 34 deletions
diff --git a/libcap/cap_file.c b/libcap/cap_file.c index cb77ee6..f86788b 100644 --- a/libcap/cap_file.c +++ b/libcap/cap_file.c @@ -4,6 +4,8 @@ * This file deals with setting capabilities on files. */ +#define _DEFAULT_SOURCE + #include <sys/types.h> #include <byteswap.h> #include <sys/stat.h> diff --git a/libcap/cap_proc.c b/libcap/cap_proc.c index 0a6a872..29c3f3d 100644 --- a/libcap/cap_proc.c +++ b/libcap/cap_proc.c @@ -4,12 +4,16 @@ * This file deals with getting and setting capabilities on processes. */ +#define _GNU_SOURCE + #include <sys/prctl.h> #include <sys/securebits.h> #include <sys/syscall.h> #include <unistd.h> #include <grp.h> +#include <linux/limits.h> + #include "libcap.h" /* @@ -317,6 +321,8 @@ int cap_set_mode(cap_mode_t flavor) unsigned secbits = CAP_SECURED_BITS_AMBIENT; if (ret == 0) { + cap_flag_t c; + switch (flavor) { case CAP_MODE_NOPRIV: /* fall through */ @@ -324,7 +330,7 @@ int cap_set_mode(cap_mode_t flavor) (void) cap_clear_flag(working, CAP_INHERITABLE); /* fall through */ case CAP_MODE_PURE1E: - for (cap_flag_t c = 0; !ret; c++) { + for (c = 0; !ret; c++) { ret = cap_get_ambient(c); if (ret == -1) { if (c == 0) { @@ -351,7 +357,7 @@ int cap_set_mode(cap_mode_t flavor) /* just for "case CAP_MODE_NOPRIV:" */ - for (cap_value_t c = 0; cap_get_bound(c) >= 0; c++) { + for (c = 0; cap_get_bound(c) >= 0; c++) { (void) cap_drop_bound(c); } (void) cap_clear_flag(working, CAP_PERMITTED); @@ -385,7 +391,8 @@ cap_mode_t cap_get_mode(void) /* validate ambient is not set */ int olderrno = errno; int ret = 0; - for (cap_flag_t c = 0; !ret; c++) { + cap_value_t c; + for (c = 0; !ret; c++) { ret = cap_get_ambient(c); if (ret == -1) { errno = olderrno; @@ -412,7 +419,7 @@ cap_mode_t cap_get_mode(void) return CAP_MODE_PURE1E_INIT; } - for (cap_value_t c = 0; ; c++) { + for (c = 0; ; c++) { int v = cap_get_bound(c); if (v == -1) { break; diff --git a/libcap/cap_text.c b/libcap/cap_text.c index 3b03977..3ad9d79 100644 --- a/libcap/cap_text.c +++ b/libcap/cap_text.c @@ -62,7 +62,8 @@ static char const *namcmp(char const *str, char const *nam) */ static void forceall(__u32 *flat, __u32 value, unsigned blks) { - for (unsigned n = blks; n--; ) { + unsigned n; + for (n = blks; n--; ) { unsigned base = 32*n; __u32 mask = 0; if (__CAP_BITS >= base + 32) { diff --git a/libcap/psx.c b/libcap/psx.c index 2ae5ea7..1de5ac1 100644 --- a/libcap/psx.c +++ b/libcap/psx.c @@ -9,6 +9,8 @@ * psx_syscall()-like function that leveraged the nptl:setxid * mechanism to synchronize thread state over the whole process. */ +#define _POSIX_C_SOURCE 199309L +#define _GNU_SOURCE #include <errno.h> #include <pthread.h> @@ -16,8 +18,9 @@ #include <stdarg.h> #include <stdio.h> #include <stdlib.h> -#include <sys/psx_syscall.h> #include <unistd.h> +#include <sys/psx_syscall.h> +#include <sys/syscall.h> /* * share_psx_syscall() is invoked to advertize the two functions @@ -144,7 +147,7 @@ static void psx_do_registration(pthread_t thread) { (void) pthread_once(&psx_tracker_initialized, psx_syscall_start); if (first_time) { - // First invocation, use recursion to register main() thread. + /* First invocation, use recursion to register main() thread. */ psx_do_registration(pthread_self()); } @@ -246,10 +249,11 @@ int __wrap_pthread_create(pthread_t *thread, const pthread_attr_t *attr, */ long int __psx_syscall(long int syscall_nr, ...) { long int arg[7]; + int i; va_list aptr; va_start(aptr, syscall_nr); - for (int i = 0; i < 7; i++) { + for (i = 0; i < 7; i++) { arg[i] = va_arg(aptr, long int); } va_end(aptr); @@ -298,8 +302,8 @@ long int __psx_syscall(long int syscall_nr, ...) { psx_tracker.cmd.active = 1; pthread_t self = pthread_self(); - registered_thread_t *next = NULL; - for (registered_thread_t *ref = psx_tracker.root; ref; ref = next) { + registered_thread_t *next = NULL, *ref; + for (ref = psx_tracker.root; ref; ref = next) { next = ref->next; if (ref->thread == self) { continue; diff --git a/pam_cap/pam_cap.c b/pam_cap/pam_cap.c index 58ffe4a..d4c1e65 100644 --- a/pam_cap/pam_cap.c +++ b/pam_cap/pam_cap.c @@ -7,6 +7,8 @@ /* #define DEBUG */ +#define _DEFAULT_SOURCE + #include <errno.h> #include <grp.h> #include <limits.h> @@ -18,6 +20,7 @@ #include <syslog.h> #include <sys/capability.h> #include <sys/types.h> +#include <linux/limits.h> #include <security/pam_modules.h> #include <security/_pam_macros.h> @@ -55,8 +58,8 @@ static int load_groups(const char *user, char ***groups, int *groups_n) { } *groups = calloc(ngrps, sizeof(char *)); - int g_n = 0; - for (int i = 0; i < ngrps; i++) { + int g_n = 0, i; + for (i = 0; i < ngrps; i++) { const struct group *g = getgrgid(grps[i]); if (g == NULL) { continue; @@ -128,7 +131,8 @@ static char *read_capabilities_for_user(const char *user, const char *source) D(("user [%s] is not [%s] - skipping", user, line)); } - for (int i=0; i < groups_n; i++) { + int i; + for (i=0; i < groups_n; i++) { if (!strcmp(groups[i], line+1)) { D(("user group matched [%s]", line)); found_one = 1; @@ -154,7 +158,8 @@ static char *read_capabilities_for_user(const char *user, const char *source) defer: memset(buffer, 0, CAP_FILE_BUFFER_SIZE); - for (int i = 0; i < groups_n; i++) { + int i; + for (i = 0; i < groups_n; i++) { char *g = groups[i]; _pam_overwrite(g); _pam_drop(g); @@ -221,7 +226,7 @@ static int set_capabilities(struct pam_cap_s *cs) goto cleanup_caps; } if (cap_reset_ambient() == 0) { - // Ambient set fully declared by this config. + /* Ambient set fully declared by this config. */ has_ambient = 1; } @@ -241,7 +246,7 @@ static int set_capabilities(struct pam_cap_s *cs) if (has_bound) { bound = calloc(max_caps, sizeof(int)); if (has_ambient) { - // In kernel lineage, bound came first. + /* In kernel lineage, bound came first. */ ambient = calloc(max_caps, sizeof(int)); } } @@ -316,7 +321,8 @@ static int set_capabilities(struct pam_cap_s *cs) if (cap_set_proc(cap_s)) { D(("failed to set specified capabilities: %s", strerror(errno))); } else { - for (cap_value_t c = 0; c < max_caps; c++) { + cap_value_t c; + for (c = 0; c < max_caps; c++) { if (ambient != NULL && ambient[c]) { cap_set_ambient(c, CAP_SET); } diff --git a/pam_cap/test_pam_cap.c b/pam_cap/test_pam_cap.c index 2f519f1..452a27f 100644 --- a/pam_cap/test_pam_cap.c +++ b/pam_cap/test_pam_cap.c @@ -17,15 +17,15 @@ const char *test_users[] = { }; #define n_users sizeof(test_users)/sizeof(*test_users) -// Note about memberships: -// -// user gid suppl groups -// root root -// alpha one two -// beta two three four -// gamma three four five six -// delta four five six seven [eight] -// +/* Note about memberships: + * + * user gid suppl groups + * root root + * alpha one two + * beta two three four + * gamma three four five six + * delta four five six seven [eight] + */ static char *test_user; @@ -76,7 +76,8 @@ struct group *getgrgid(gid_t gid) { static struct passwd pw; struct passwd *getpwnam(const char *name) { - for (int i = 0; i < n_users; i++) { + int i; + for (i = 0; i < n_users; i++) { if (strcmp(name, test_users[i]) == 0) { pw.pw_gid = i; return &pw; @@ -99,7 +100,8 @@ struct passwd *getpwnam(const char *name) { static void load_vectors(unsigned long int bits[3]) { memset(bits, 0, 3*sizeof(unsigned long int)); cap_t prev = cap_get_proc(); - for (int i = 0; i < 64; i++) { + int i; + for (i = 0; i < 64; i++) { unsigned long int mask = (1ULL << i); int v = cap_get_bound(i); if (v < 0) { @@ -160,7 +162,7 @@ int main(int argc, char *argv[]) { exit(1); } - // Now it is time to execute the credential setting + /* Now it is time to execute the credential setting */ load_vectors(before); status = pam_sm_setcred(NULL, PAM_ESTABLISH_CRED, argc-4, diff --git a/progs/capsh.c b/progs/capsh.c index 8ad67eb..dc265d7 100644 --- a/progs/capsh.c +++ b/progs/capsh.c @@ -9,6 +9,8 @@ * capability manipulations work as expected (or not). */ +#define _DEFAULT_SOURCE + #include <stdio.h> #include <string.h> #include <stdlib.h> diff --git a/tests/libcap_psx_test.c b/tests/libcap_psx_test.c index 4b09bb0..f3c9143 100644 --- a/tests/libcap_psx_test.c +++ b/tests/libcap_psx_test.c @@ -8,4 +8,5 @@ int main(int argc, char **argv) { psx_register(pthread_self()); cap_t start = cap_get_proc(); cap_set_proc(start); + return 0; } diff --git a/tests/psx_test.c b/tests/psx_test.c index 92b99a0..2ac2fba 100644 --- a/tests/psx_test.c +++ b/tests/psx_test.c @@ -52,8 +52,8 @@ static void *say_hello(void *args) { int main(int argc, char **argv) { pthread_t tid[3]; - - for (int i = 0; i<10; i++) { + int i; + for (i = 0; i<10; i++) { printf("iteration: %d\n", i); pthread_mutex_lock(&mu); @@ -77,7 +77,7 @@ int main(int argc, char **argv) { if (i < 3) { launched++; if (i == 1) { - // Confirm this works whether or not we are WRAPPING. + /* Confirm this works whether or not we are WRAPPING. */ psx_pthread_create(&tid[i], NULL, say_hello, NULL); } else if (i < 3) { #ifdef NOWRAP @@ -86,14 +86,14 @@ int main(int argc, char **argv) { pthread_create(&tid[i], NULL, say_hello, NULL); #endif } - // Confirm that the thread is started. + /* Confirm that the thread is started. */ pthread_mutex_lock(&mu); while (started < launched) { pthread_cond_wait(&cond, &mu); } pthread_mutex_unlock(&mu); } else if (i < 6) { - // Confirm one thread has finished. + /* Confirm one thread has finished. */ pthread_join(tid[i-3], NULL); launched--; } |