diff options
| author | Mariusz Zaborski <oshogbo@FreeBSD.org> | 2015-05-02 17:45:52 +0000 |
|---|---|---|
| committer | Mariusz Zaborski <oshogbo@FreeBSD.org> | 2015-05-02 17:45:52 +0000 |
| commit | bd1da0a002e9a43cfb5220835c7a42804d90dc56 (patch) | |
| tree | a69b34916c7078793947216a35639f78cd60366e /lib/libcapsicum/libcapsicum.3 | |
| parent | 1025d8e679437d2c79aafbdf418c3126a1c2f29e (diff) | |
Approved, oprócz użycie RESTORE_ERRNO() do ustawiania errno.
Change the nvlist_recv() function to take additional argument that
specifies flags expected on the received nvlist. Receiving a nvlist with
different set of flags than the ones we expect might lead to undefined
behaviour, which might be potentially dangerous.
Update consumers of this and related functions and update the tests.
Approved by: pjd (mentor)
Update man page for nvlist_unpack, nvlist_recv, nvlist_xfer, cap_recv_nvlist
and cap_xfer_nvlist.
Reviewed by: AllanJude
Approved by: pjd (mentor)
Notes
Notes:
svn path=/head/; revision=282346
Diffstat (limited to 'lib/libcapsicum/libcapsicum.3')
| -rw-r--r-- | lib/libcapsicum/libcapsicum.3 | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/lib/libcapsicum/libcapsicum.3 b/lib/libcapsicum/libcapsicum.3 index 9df565a4077d..cbfd214a3bc5 100644 --- a/lib/libcapsicum/libcapsicum.3 +++ b/lib/libcapsicum/libcapsicum.3 @@ -27,7 +27,7 @@ .\" .\" $FreeBSD$ .\" -.Dd April 14, 2014 +.Dd May 2, 2015 .Dt LIBCAPSICUM 3 .Os .Sh NAME @@ -68,9 +68,9 @@ .Ft "int" .Fn cap_send_nvlist "const cap_channel_t *chan" "const nvlist_t *nvl" .Ft "nvlist_t *" -.Fn cap_recv_nvlist "const cap_channel_t *chan" +.Fn cap_recv_nvlist "const cap_channel_t *chan" "int flags" .Ft "nvlist_t *" -.Fn cap_xfer_nvlist "const cap_channel_t *chan" "nvlist_t *nvl" +.Fn cap_xfer_nvlist "const cap_channel_t *chan" "nvlist_t *nvl" "int flags" .In libcapsicum_service.h .Ft "cap_channel_t *" .Fn cap_service_open "const cap_channel_t *chan" "const char *name" @@ -171,11 +171,23 @@ Most services should provide higher level API. The .Fn cap_recv_nvlist function receives the given nvlist over the given capability. +The +.Fa flags +argument defines what type the top nvlist is expected to be. +If the nvlist flags do not match the flags passed to +.Fn cap_recv_nvlist , +the nvlist will not be returned. .Pp The .Fn cap_xfer_nvlist function sends the given nvlist, destroys it and receives new nvlist in response over the given capability. +The +.Fa flags +argument defines what type the top nvlist is expected to be. +If the nvlist flags do not match the flags passed to +.Fn cap_xfer_nvlist , +the nvlist will not be returned. It does not matter if the function succeeds or fails, the nvlist given for sending will always be destroyed once the function returns. .Pp |