[mirror_lxc.git] / src / lxc / caps.h

/*
 * lxc: linux Container library
 *
 * (C) Copyright IBM Corp. 2007, 2008
 *
 * Authors:
 * Daniel Lezcano <daniel.lezcano at free.fr>
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */

#ifndef __LXC_CAPS_H
#define __LXC_CAPS_H

#include <stdbool.h>

#include "config.h"

#if HAVE_LIBCAP
#include <linux/types.h> /* workaround for libcap < 2.17 bug */
#include <sys/capability.h>

extern int lxc_caps_down(void);
extern int lxc_caps_up(void);
extern int lxc_ambient_caps_up(void);
extern int lxc_ambient_caps_down(void);
extern int lxc_caps_init(void);
extern int lxc_caps_last_cap(void);
extern bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag);
extern bool lxc_file_cap_is_set(const char *path, cap_value_t cap,
				cap_flag_t flag);
#else
static inline int lxc_caps_down(void)
{
	return 0;
}

static inline int lxc_caps_up(void)
{
	return 0;
}

static inline int lxc_ambient_caps_up(void)
{
	return 0;
}

static inline int lxc_ambient_caps_down(void)
{
	return 0;
}

static inline int lxc_caps_init(void)
{
	return 0;
}

static inline int lxc_caps_last_cap(void)
{
	return 0;
}

typedef int cap_value_t;
typedef int cap_flag_t;
static inline bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag)
{
	return false;
}

static inline bool lxc_file_cap_is_set(const char *path, cap_value_t cap,
				       cap_flag_t flag)
{
	return false;
}
#endif

#define lxc_priv(__lxc_function)                          \
	({                                                \
		__label__ out;                            \
		int __ret, __ret2, ___errno = 0;          \
		__ret = lxc_caps_up();                    \
		if (__ret)                                \
			goto out;                         \
		__ret = __lxc_function;                   \
		if (__ret)                                \
			___errno = errno;                 \
		__ret2 = lxc_caps_down();                 \
	out:                                              \
		__ret ? errno = ___errno, __ret : __ret2; \
	})

#define lxc_unpriv(__lxc_function)                        \
	({                                                \
		__label__ out;                            \
		int __ret, __ret2, ___errno = 0;          \
		__ret = lxc_caps_down();                  \
		if (__ret)                                \
			goto out;                         \
		__ret = __lxc_function;                   \
		if (__ret)                                \
			___errno = errno;                 \
		__ret2 = lxc_caps_up();                   \
	out:                                              \
		__ret ? errno = ___errno, __ret : __ret2; \
	})
#endif
Commit	Line	Data
b3357a6f DL	1	/*
	2	* lxc: linux Container library
	3	*
	4	* (C) Copyright IBM Corp. 2007, 2008
	5	*
	6	* Authors:
9afe19d6	7	* Daniel Lezcano <daniel.lezcano at free.fr>
b3357a6f DL	8	*
	9	* This library is free software; you can redistribute it and/or
	10	* modify it under the terms of the GNU Lesser General Public
	11	* License as published by the Free Software Foundation; either
	12	* version 2.1 of the License, or (at your option) any later version.
	13	*
	14	* This library is distributed in the hope that it will be useful,
	15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	* Lesser General Public License for more details.
	18	*
	19	* You should have received a copy of the GNU Lesser General Public
	20	* License along with this library; if not, write to the Free Software
250b1eec	21	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
b3357a6f	22	*/
ca364dc0	23
74a99f40 LW	24	#ifndef __LXC_CAPS_H
	25	#define __LXC_CAPS_H
	26
ca364dc0	27	#include <stdbool.h>
495d2046	28
d38dd64a CB	29	#include "config.h"
d38dd64a CB	30
e37dda71	31	#if HAVE_LIBCAP
9cd5f7fa	32	#include <linux/types.h> /* workaround for libcap < 2.17 bug */
ca364dc0 CB	33	#include <sys/capability.h>
ca364dc0 CB	34
7d40e69b DL	35	extern int lxc_caps_down(void);
7d40e69b DL	36	extern int lxc_caps_up(void);
611ddd34 CB	37	extern int lxc_ambient_caps_up(void);
611ddd34 CB	38	extern int lxc_ambient_caps_down(void);
7d40e69b	39	extern int lxc_caps_init(void);
20d81659	40	extern int lxc_caps_last_cap(void);
207c4c71	41	extern bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag);
611ddd34 CB	42	extern bool lxc_file_cap_is_set(const char *path, cap_value_t cap,
611ddd34 CB	43	cap_flag_t flag);
495d2046	44	#else
611ddd34 CB	45	static inline int lxc_caps_down(void)
611ddd34 CB	46	{
d028235d	47	return 0;
495d2046	48	}
611ddd34 CB	49
	50	static inline int lxc_caps_up(void)
	51	{
d028235d	52	return 0;
495d2046	53	}
611ddd34 CB	54
	55	static inline int lxc_ambient_caps_up(void)
	56	{
	57	return 0;
	58	}
	59
	60	static inline int lxc_ambient_caps_down(void)
	61	{
	62	return 0;
	63	}
	64
	65	static inline int lxc_caps_init(void)
	66	{
d028235d	67	return 0;
495d2046	68	}
495d2046	69
611ddd34 CB	70	static inline int lxc_caps_last_cap(void)
611ddd34 CB	71	{
d028235d	72	return 0;
495d2046	73	}
ca364dc0 CB	74
	75	typedef int cap_value_t;
	76	typedef int cap_flag_t;
611ddd34 CB	77	static inline bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag)
611ddd34 CB	78	{
c61079a4	79	return false;
207c4c71 CB	80	}
207c4c71 CB	81
611ddd34 CB	82	static inline bool lxc_file_cap_is_set(const char *path, cap_value_t cap,
	83	cap_flag_t flag)
	84	{
c61079a4	85	return false;
ca364dc0	86	}
495d2046	87	#endif
20d81659	88
611ddd34 CB	89	#define lxc_priv(__lxc_function) \
	90	({ \
	91	__label__ out; \
	92	int __ret, __ret2, ___errno = 0; \
	93	__ret = lxc_caps_up(); \
	94	if (__ret) \
	95	goto out; \
	96	__ret = __lxc_function; \
	97	if (__ret) \
	98	___errno = errno; \
	99	__ret2 = lxc_caps_down(); \
	100	out: \
	101	__ret ? errno = ___errno, __ret : __ret2; \
7d40e69b DL	102	})
7d40e69b DL	103
611ddd34 CB	104	#define lxc_unpriv(__lxc_function) \
	105	({ \
	106	__label__ out; \
	107	int __ret, __ret2, ___errno = 0; \
	108	__ret = lxc_caps_down(); \
	109	if (__ret) \
	110	goto out; \
	111	__ret = __lxc_function; \
	112	if (__ret) \
	113	___errno = errno; \
	114	__ret2 = lxc_caps_up(); \
	115	out: \
	116	__ret ? errno = ___errno, __ret : __ret2; \
7d40e69b	117	})
b3357a6f	118	#endif