src/lxc/caps.h

   1 /*
   2  * lxc: linux Container library
   3  *
   4  * (C) Copyright IBM Corp. 2007, 2008
   5  *
   6  * Authors:
   7  * Daniel Lezcano <daniel.lezcano at free.fr>
   8  *
   9  * This library is free software; you can redistribute it and/or
  10  * modify it under the terms of the GNU Lesser General Public
  11  * License as published by the Free Software Foundation; either
  12  * version 2.1 of the License, or (at your option) any later version.
  13  *
  14  * This library is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  17  * Lesser General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU Lesser General Public
  20  * License along with this library; if not, write to the Free Software
  21  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  22  */
  23
  24 #include "config.h"
  25 #include <stdbool.h>
  26
  27 #ifndef __LXC_CAPS_H
  28 #define __LXC_CAPS_H
  29
  30 #if HAVE_LIBCAP
  31 #include <sys/capability.h>
  32
  33 extern int lxc_caps_down(void);
  34 extern int lxc_caps_up(void);
  35 extern int lxc_caps_init(void);
  36
  37 extern int lxc_caps_last_cap(void);
  38
  39 extern bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag);
  40 extern bool lxc_file_cap_is_set(const char *path, cap_value_t cap, cap_flag_t flag);
  41 #else
  42 static inline int lxc_caps_down(void) {
  43         return 0;
  44 }
  45 static inline int lxc_caps_up(void) {
  46         return 0;
  47 }
  48 static inline int lxc_caps_init(void) {
  49         return 0;
  50 }
  51
  52 static inline int lxc_caps_last_cap(void) {
  53         return 0;
  54 }
  55
  56 typedef int cap_value_t;
  57 typedef int cap_flag_t;
  58 static inline bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag) {
  59         return false;
  60 }
  61
  62 static inline bool lxc_file_cap_is_set(const char *path, cap_value_t cap, cap_flag_t flag) {
  63         return false;
  64 }
  65 #endif
  66
  67 #define lxc_priv(__lxc_function)                        \
  68         ({                                              \
  69                 __label__ out;                          \
  70                 int __ret, __ret2, ___errno = 0;                \
  71                 __ret = lxc_caps_up();                  \
  72                 if (__ret)                              \
  73                         goto out;                       \
  74                 __ret = __lxc_function;                 \
  75                 if (__ret)                              \
  76                         ___errno = errno;               \
  77                 __ret2 = lxc_caps_down();               \
  78         out:    __ret ? errno = ___errno,__ret : __ret2;        \
  79         })
  80
  81 #define lxc_unpriv(__lxc_function)                      \
  82         ({                                              \
  83                 __label__ out;                          \
  84                 int __ret, __ret2, ___errno = 0;                \
  85                 __ret = lxc_caps_down();                \
  86                 if (__ret)                              \
  87                         goto out;                       \
  88                 __ret = __lxc_function;                 \
  89                 if (__ret)                              \
  90                         ___errno = errno;               \
  91                 __ret2 = lxc_caps_up();                 \
  92         out:    __ret ? errno = ___errno,__ret : __ret2;        \
  93         })
  94 #endif