diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-30 18:31:44 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-30 18:31:44 +0000 |
commit | c23a457e72abe608715ac76f076f47dc42af07a5 (patch) | |
tree | 2772049aaf84b5c9d0ed12ec8d86812f7a7904b6 /vendor/rustix/src/thread/prctl.rs | |
parent | Releasing progress-linux version 1.73.0+dfsg1-1~progress7.99u1. (diff) | |
download | rustc-c23a457e72abe608715ac76f076f47dc42af07a5.tar.xz rustc-c23a457e72abe608715ac76f076f47dc42af07a5.zip |
Merging upstream version 1.74.1+dfsg1.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'vendor/rustix/src/thread/prctl.rs')
-rw-r--r-- | vendor/rustix/src/thread/prctl.rs | 38 |
1 files changed, 25 insertions, 13 deletions
diff --git a/vendor/rustix/src/thread/prctl.rs b/vendor/rustix/src/thread/prctl.rs index a9f411640..b2d40d65c 100644 --- a/vendor/rustix/src/thread/prctl.rs +++ b/vendor/rustix/src/thread/prctl.rs @@ -19,7 +19,9 @@ use bitflags::bitflags; use crate::backend::c::{c_int, c_uint, c_void}; use crate::backend::prctl::syscalls; -use crate::ffi::{CStr, CString}; +use crate::ffi::CStr; +#[cfg(feature = "alloc")] +use crate::ffi::CString; use crate::io; use crate::pid::Pid; use crate::prctl::{ @@ -61,6 +63,7 @@ pub fn set_keep_capabilities(enable: bool) -> io::Result<()> { // PR_GET_NAME/PR_SET_NAME // +#[cfg(feature = "alloc")] const PR_GET_NAME: c_int = 16; /// Get the name of the calling thread. @@ -70,6 +73,7 @@ const PR_GET_NAME: c_int = 16; /// /// [`prctl(PR_GET_NAME,...)`]: https://man7.org/linux/man-pages/man2/prctl.2.html #[inline] +#[cfg(feature = "alloc")] pub fn name() -> io::Result<CString> { let mut buffer = [0_u8; 16]; unsafe { prctl_2args(PR_GET_NAME, buffer.as_mut_ptr().cast())? }; @@ -134,8 +138,8 @@ impl TryFrom<i32> for SecureComputingMode { /// computing mode, then this call will cause a [`Signal::Kill`] signal to be /// sent to the process. If the caller is in filter mode, and this system call /// is allowed by the seccomp filters, it returns -/// [`SecureComputingMode::Filter`]; otherwise, the process is killed with -/// a [`Signal::Kill`] signal. +/// [`SecureComputingMode::Filter`]; otherwise, the process is killed with a +/// [`Signal::Kill`] signal. /// /// Since Linux 3.8, the Seccomp field of the `/proc/[pid]/status` file /// provides a method of obtaining the same information, without the risk that @@ -414,28 +418,33 @@ bitflags! { #[repr(transparent)] #[derive(Copy, Clone, Eq, PartialEq, Hash, Debug)] pub struct CapabilitiesSecureBits: u32 { - /// If this bit is set, then the kernel does not grant capabilities when - /// a `set-user-ID-root` program is executed, or when a process with an effective or real - /// UID of 0 calls `execve`. + /// If this bit is set, then the kernel does not grant capabilities + /// when a `set-user-ID-root` program is executed, or when a process + /// with an effective or real UID of 0 calls `execve`. const NO_ROOT = 1_u32 << 0; /// Set [`NO_ROOT`] irreversibly. const NO_ROOT_LOCKED = 1_u32 << 1; - /// Setting this flag stops the kernel from adjusting the process's permitted, effective, - /// and ambient capability sets when the thread's effective and filesystem UIDs are switched - /// between zero and nonzero values. + /// Setting this flag stops the kernel from adjusting the process' + /// permitted, effective, and ambient capability sets when the thread's + /// effective and filesystem UIDs are switched between zero and nonzero + /// values. const NO_SETUID_FIXUP = 1_u32 << 2; /// Set [`NO_SETUID_FIXUP`] irreversibly. const NO_SETUID_FIXUP_LOCKED = 1_u32 << 3; - /// Setting this flag allows a thread that has one or more 0 UIDs to retain capabilities in - /// its permitted set when it switches all of its UIDs to nonzero values. + /// Setting this flag allows a thread that has one or more 0 UIDs to + /// retain capabilities in its permitted set when it switches all of + /// its UIDs to nonzero values. const KEEP_CAPS = 1_u32 << 4; /// Set [`KEEP_CAPS`] irreversibly. const KEEP_CAPS_LOCKED = 1_u32 << 5; - /// Setting this flag disallows raising ambient capabilities via the `prctl`'s - /// `PR_CAP_AMBIENT_RAISE` operation. + /// Setting this flag disallows raising ambient capabilities via the + /// `prctl`'s `PR_CAP_AMBIENT_RAISE` operation. const NO_CAP_AMBIENT_RAISE = 1_u32 << 6; /// Set [`NO_CAP_AMBIENT_RAISE`] irreversibly. const NO_CAP_AMBIENT_RAISE_LOCKED = 1_u32 << 7; + + /// <https://docs.rs/bitflags/latest/bitflags/#externally-defined-flags> + const _ = !0; } } @@ -743,6 +752,9 @@ bitflags! { const TCF_SYNC = 1_u32 << 1; /// Asynchronous tag check fault mode. const TCF_ASYNC = 1_u32 << 2; + + /// <https://docs.rs/bitflags/latest/bitflags/#externally-defined-flags> + const _ = !0; } } |