]> git.proxmox.com Git - mirror_lxc.git/blob - src/lxc/caps.h
projects / mirror_lxc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
github: Update for main branch
[mirror_lxc.git] / src / lxc / caps.h
1 /*
2 * lxc: linux Container library
3 *
4 * (C) Copyright IBM Corp. 2007, 2008
5 *
6 * Authors:
7 * Daniel Lezcano <daniel.lezcano at free.fr>
8 *
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
13 *
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22 */
23
24 #ifndef __LXC_CAPS_H
25 #define __LXC_CAPS_H
26
27 #include <stdbool.h>
28
29 #include "config.h"
30
31 #if HAVE_LIBCAP
32 #include <linux/types.h> /* workaround for libcap < 2.17 bug */
33 #include <sys/capability.h>
34
35 extern int lxc_caps_down(void);
36 extern int lxc_caps_up(void);
37 extern int lxc_ambient_caps_up(void);
38 extern int lxc_ambient_caps_down(void);
39 extern int lxc_caps_init(void);
40 extern int lxc_caps_last_cap(void);
41 extern bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag);
42 extern bool lxc_file_cap_is_set(const char *path, cap_value_t cap,
43 cap_flag_t flag);
44 #else
45 static inline int lxc_caps_down(void)
46 {
47 return 0;
48 }
49
50 static inline int lxc_caps_up(void)
51 {
52 return 0;
53 }
54
55 static inline int lxc_ambient_caps_up(void)
56 {
57 return 0;
58 }
59
60 static inline int lxc_ambient_caps_down(void)
61 {
62 return 0;
63 }
64
65 static inline int lxc_caps_init(void)
66 {
67 return 0;
68 }
69
70 static inline int lxc_caps_last_cap(void)
71 {
72 return 0;
73 }
74
75 typedef int cap_value_t;
76 typedef int cap_flag_t;
77 static inline bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag)
78 {
79 return false;
80 }
81
82 static inline bool lxc_file_cap_is_set(const char *path, cap_value_t cap,
83 cap_flag_t flag)
84 {
85 return false;
86 }
87 #endif
88
89 #define lxc_priv(__lxc_function) \
90 ({ \
91 __label__ out; \
92 int __ret, __ret2, ___errno = 0; \
93 __ret = lxc_caps_up(); \
94 if (__ret) \
95 goto out; \
96 __ret = __lxc_function; \
97 if (__ret) \
98 ___errno = errno; \
99 __ret2 = lxc_caps_down(); \
100 out: \
101 __ret ? errno = ___errno, __ret : __ret2; \
102 })
103
104 #define lxc_unpriv(__lxc_function) \
105 ({ \
106 __label__ out; \
107 int __ret, __ret2, ___errno = 0; \
108 __ret = lxc_caps_down(); \
109 if (__ret) \
110 goto out; \
111 __ret = __lxc_function; \
112 if (__ret) \
113 ___errno = errno; \
114 __ret2 = lxc_caps_up(); \
115 out: \
116 __ret ? errno = ___errno, __ret : __ret2; \
117 })
118 #endif
LXC mirror