[mirror_lxc.git] / src / lxc / caps.h

/*
 * lxc: linux Container library
 *
 * (C) Copyright IBM Corp. 2007, 2008
 *
 * Authors:
 * Daniel Lezcano <daniel.lezcano at free.fr>
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */

#ifndef __LXC_CAPS_H
#define __LXC_CAPS_H

#include "config.h"
#include <stdbool.h>

#if HAVE_LIBCAP
#include <linux/types.h> /* workaround for libcap < 2.17 bug */
#include <sys/capability.h>

extern int lxc_caps_down(void);
extern int lxc_caps_up(void);
extern int lxc_ambient_caps_up(void);
extern int lxc_ambient_caps_down(void);
extern int lxc_caps_init(void);
extern int lxc_caps_last_cap(void);
extern bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag);
extern bool lxc_file_cap_is_set(const char *path, cap_value_t cap,
				cap_flag_t flag);
#else
static inline int lxc_caps_down(void)
{
	return 0;
}

static inline int lxc_caps_up(void)
{
	return 0;
}

static inline int lxc_ambient_caps_up(void)
{
	return 0;
}

static inline int lxc_ambient_caps_down(void)
{
	return 0;
}

static inline int lxc_caps_init(void)
{
	return 0;
}

static inline int lxc_caps_last_cap(void)
{
	return 0;
}

typedef int cap_value_t;
typedef int cap_flag_t;
static inline bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag)
{
	return false;
}

static inline bool lxc_file_cap_is_set(const char *path, cap_value_t cap,
				       cap_flag_t flag)
{
	return false;
}
#endif

#define lxc_priv(__lxc_function)                          \
	({                                                \
		__label__ out;                            \
		int __ret, __ret2, ___errno = 0;          \
		__ret = lxc_caps_up();                    \
		if (__ret)                                \
			goto out;                         \
		__ret = __lxc_function;                   \
		if (__ret)                                \
			___errno = errno;                 \
		__ret2 = lxc_caps_down();                 \
	out:                                              \
		__ret ? errno = ___errno, __ret : __ret2; \
	})

#define lxc_unpriv(__lxc_function)                        \
	({                                                \
		__label__ out;                            \
		int __ret, __ret2, ___errno = 0;          \
		__ret = lxc_caps_down();                  \
		if (__ret)                                \
			goto out;                         \
		__ret = __lxc_function;                   \
		if (__ret)                                \
			___errno = errno;                 \
		__ret2 = lxc_caps_up();                   \
	out:                                              \
		__ret ? errno = ___errno, __ret : __ret2; \
	})
#endif
Commit	Line	Data
b3357a6f DL	1	/*
	2	* lxc: linux Container library
	3	*
	4	* (C) Copyright IBM Corp. 2007, 2008
	5	*
	6	* Authors:
9afe19d6	7	* Daniel Lezcano <daniel.lezcano at free.fr>
b3357a6f DL	8	*
	9	* This library is free software; you can redistribute it and/or
	10	* modify it under the terms of the GNU Lesser General Public
	11	* License as published by the Free Software Foundation; either
	12	* version 2.1 of the License, or (at your option) any later version.
	13	*
	14	* This library is distributed in the hope that it will be useful,
	15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	* Lesser General Public License for more details.
	18	*
	19	* You should have received a copy of the GNU Lesser General Public
	20	* License along with this library; if not, write to the Free Software
250b1eec	21	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
b3357a6f	22	*/
ca364dc0	23
74a99f40 LW	24	#ifndef __LXC_CAPS_H
	25	#define __LXC_CAPS_H
	26
495d2046	27	#include "config.h"
ca364dc0	28	#include <stdbool.h>
495d2046	29
e37dda71	30	#if HAVE_LIBCAP
9cd5f7fa	31	#include <linux/types.h> /* workaround for libcap < 2.17 bug */
ca364dc0 CB	32	#include <sys/capability.h>
ca364dc0 CB	33
7d40e69b DL	34	extern int lxc_caps_down(void);
7d40e69b DL	35	extern int lxc_caps_up(void);
611ddd34 CB	36	extern int lxc_ambient_caps_up(void);
611ddd34 CB	37	extern int lxc_ambient_caps_down(void);
7d40e69b	38	extern int lxc_caps_init(void);
20d81659	39	extern int lxc_caps_last_cap(void);
207c4c71	40	extern bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag);
611ddd34 CB	41	extern bool lxc_file_cap_is_set(const char *path, cap_value_t cap,
611ddd34 CB	42	cap_flag_t flag);
495d2046	43	#else
611ddd34 CB	44	static inline int lxc_caps_down(void)
611ddd34 CB	45	{
d028235d	46	return 0;
495d2046	47	}
611ddd34 CB	48
	49	static inline int lxc_caps_up(void)
	50	{
d028235d	51	return 0;
495d2046	52	}
611ddd34 CB	53
	54	static inline int lxc_ambient_caps_up(void)
	55	{
	56	return 0;
	57	}
	58
	59	static inline int lxc_ambient_caps_down(void)
	60	{
	61	return 0;
	62	}
	63
	64	static inline int lxc_caps_init(void)
	65	{
d028235d	66	return 0;
495d2046	67	}
495d2046	68
611ddd34 CB	69	static inline int lxc_caps_last_cap(void)
611ddd34 CB	70	{
d028235d	71	return 0;
495d2046	72	}
ca364dc0 CB	73
	74	typedef int cap_value_t;
	75	typedef int cap_flag_t;
611ddd34 CB	76	static inline bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag)
611ddd34 CB	77	{
c61079a4	78	return false;
207c4c71 CB	79	}
207c4c71 CB	80
611ddd34 CB	81	static inline bool lxc_file_cap_is_set(const char *path, cap_value_t cap,
	82	cap_flag_t flag)
	83	{
c61079a4	84	return false;
ca364dc0	85	}
495d2046	86	#endif
20d81659	87
611ddd34 CB	88	#define lxc_priv(__lxc_function) \
	89	({ \
	90	__label__ out; \
	91	int __ret, __ret2, ___errno = 0; \
	92	__ret = lxc_caps_up(); \
	93	if (__ret) \
	94	goto out; \
	95	__ret = __lxc_function; \
	96	if (__ret) \
	97	___errno = errno; \
	98	__ret2 = lxc_caps_down(); \
	99	out: \
	100	__ret ? errno = ___errno, __ret : __ret2; \
7d40e69b DL	101	})
7d40e69b DL	102
611ddd34 CB	103	#define lxc_unpriv(__lxc_function) \
	104	({ \
	105	__label__ out; \
	106	int __ret, __ret2, ___errno = 0; \
	107	__ret = lxc_caps_down(); \
	108	if (__ret) \
	109	goto out; \
	110	__ret = __lxc_function; \
	111	if (__ret) \
	112	___errno = errno; \
	113	__ret2 = lxc_caps_up(); \
	114	out: \
	115	__ret ? errno = ___errno, __ret : __ret2; \
7d40e69b	116	})
b3357a6f	117	#endif