src/lxc/caps.h

b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano/*
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * lxc: linux Container library
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano *
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * (C) Copyright IBM Corp. 2007, 2008
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano *
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * Authors:
9afe19d634946d50eab30e3b90cb5cebcde39eeaDaniel Lezcano * Daniel Lezcano <daniel.lezcano at free.fr>
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano *
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * This library is free software; you can redistribute it and/or
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * modify it under the terms of the GNU Lesser General Public
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * License as published by the Free Software Foundation; either
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * version 2.1 of the License, or (at your option) any later version.
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano *
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * This library is distributed in the hope that it will be useful,
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * but WITHOUT ANY WARRANTY; without even the implied warranty of
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * Lesser General Public License for more details.
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano *
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * You should have received a copy of the GNU Lesser General Public
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano * License along with this library; if not, write to the Free Software
250b1eec71b074acdff1c5f6b5a1f0d7d2c20b77Stéphane Graber * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano */
3bce0fe96d3648f783ddb8b1c962bf5ac7269cfaChristian Brauner
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graber#include "config.h"
3bce0fe96d3648f783ddb8b1c962bf5ac7269cfaChristian Brauner#include <stdbool.h>
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graber
f1a4a029f6480db1aabdf2f9e3c30ea959937d7aS.Çağlar Onur#ifndef __LXC_CAPS_H
f1a4a029f6480db1aabdf2f9e3c30ea959937d7aS.Çağlar Onur#define __LXC_CAPS_H
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano
768770715092c699eda199255f2f6f8a6f6cab49Fabrice Fontaine#if HAVE_LIBCAP
3bce0fe96d3648f783ddb8b1c962bf5ac7269cfaChristian Brauner#include <sys/capability.h>
3bce0fe96d3648f783ddb8b1c962bf5ac7269cfaChristian Brauner
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcanoextern int lxc_caps_down(void);
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcanoextern int lxc_caps_up(void);
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcanoextern int lxc_caps_init(void);
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano
20d816599f954e7e5864d39884cc0de56f9358fdChristian Seilerextern int lxc_caps_last_cap(void);
3bce0fe96d3648f783ddb8b1c962bf5ac7269cfaChristian Brauner
abeded90ddf5619637ad3af901537f50f8a867fbChristian Braunerextern bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag);
abeded90ddf5619637ad3af901537f50f8a867fbChristian Braunerextern bool lxc_file_cap_is_set(const char *path, cap_value_t cap, cap_flag_t flag);
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graber#else
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graberstatic inline int lxc_caps_down(void) {
d028235de9ec7664e1c2c904c541a447a768997aStéphane Graber    return 0;
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graber}
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graberstatic inline int lxc_caps_up(void) {
d028235de9ec7664e1c2c904c541a447a768997aStéphane Graber    return 0;
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graber}
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graberstatic inline int lxc_caps_init(void) {
d028235de9ec7664e1c2c904c541a447a768997aStéphane Graber    return 0;
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graber}
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graber
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graberstatic inline int lxc_caps_last_cap(void) {
d028235de9ec7664e1c2c904c541a447a768997aStéphane Graber    return 0;
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graber}
3bce0fe96d3648f783ddb8b1c962bf5ac7269cfaChristian Brauner
3bce0fe96d3648f783ddb8b1c962bf5ac7269cfaChristian Braunertypedef int cap_value_t;
3bce0fe96d3648f783ddb8b1c962bf5ac7269cfaChristian Braunertypedef int cap_flag_t;
abeded90ddf5619637ad3af901537f50f8a867fbChristian Braunerstatic inline bool lxc_proc_cap_is_set(cap_value_t cap, cap_flag_t flag) {
4645c74c8a4a7b2dc3df0c49a7ab8add891dcaadChristian Brauner    return false;
abeded90ddf5619637ad3af901537f50f8a867fbChristian Brauner}
abeded90ddf5619637ad3af901537f50f8a867fbChristian Brauner
abeded90ddf5619637ad3af901537f50f8a867fbChristian Braunerstatic inline bool lxc_file_cap_is_set(const char *path, cap_value_t cap, cap_flag_t flag) {
4645c74c8a4a7b2dc3df0c49a7ab8add891dcaadChristian Brauner    return false;
3bce0fe96d3648f783ddb8b1c962bf5ac7269cfaChristian Brauner}
495d2046f6fd0143e368f59746c6d24cef8ad87fStéphane Graber#endif
20d816599f954e7e5864d39884cc0de56f9358fdChristian Seiler
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano#define lxc_priv(__lxc_function)            \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano    ({                      \
596a818d4b8b55586d36af518b745cd96b24c67aDwight Engen        __label__ out;              \
c4b790845d76edd2ed2f7ed8973dc194be38123aStéphane Graber        int __ret, __ret2, ___errno = 0;        \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano        __ret = lxc_caps_up();          \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano        if (__ret)              \
596a818d4b8b55586d36af518b745cd96b24c67aDwight Engen            goto out;           \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano        __ret = __lxc_function;         \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano        if (__ret)              \
c4b790845d76edd2ed2f7ed8973dc194be38123aStéphane Graber            ___errno = errno;       \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano        __ret2 = lxc_caps_down();       \
c4b790845d76edd2ed2f7ed8973dc194be38123aStéphane Graber    out:    __ret ? errno = ___errno,__ret : __ret2;    \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano    })
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano
596a818d4b8b55586d36af518b745cd96b24c67aDwight Engen#define lxc_unpriv(__lxc_function)          \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano    ({                      \
596a818d4b8b55586d36af518b745cd96b24c67aDwight Engen        __label__ out;              \
c4b790845d76edd2ed2f7ed8973dc194be38123aStéphane Graber        int __ret, __ret2, ___errno = 0;        \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano        __ret = lxc_caps_down();        \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano        if (__ret)              \
596a818d4b8b55586d36af518b745cd96b24c67aDwight Engen            goto out;           \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano        __ret = __lxc_function;         \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano        if (__ret)              \
c4b790845d76edd2ed2f7ed8973dc194be38123aStéphane Graber            ___errno = errno;       \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano        __ret2 = lxc_caps_up();         \
c4b790845d76edd2ed2f7ed8973dc194be38123aStéphane Graber    out:    __ret ? errno = ___errno,__ret : __ret2;    \
7d40e69bd7fd3e9eaf120be9f749245e7f48f997Daniel Lezcano    })
b3357a6f5b90f1e342c270de66491afc412c1cf7Daniel Lezcano#endif