1 /* 2 * <sys/capability.h> 3 * 4 * Copyright (C) 1997 Aleph One 5 * Copyright (C) 1997,8, 2008,19,20 Andrew G. Morgan <morgan@kernel.org> 6 * 7 * defunct POSIX.1e Standard: 25.2 Capabilities <sys/capability.h> 8 */ 9 10 #ifndef _SYS_CAPABILITY_H 11 #define _SYS_CAPABILITY_H 12 13 #ifdef __cplusplus 14 extern "C" { 15 #endif 16 17 /* 18 * This file complements the kernel file by providing prototype 19 * information for the user library. 20 */ 21 22 #include <sys/types.h> 23 #include <stdint.h> 24 #include <linux/types.h> 25 26 #ifndef __user 27 #define __user 28 #endif 29 #include <linux/capability.h> 30 31 /* 32 * POSIX capability types 33 */ 34 35 /* 36 * Opaque capability handle (defined internally by libcap) 37 * internal capability representation 38 */ 39 typedef struct _cap_struct *cap_t; 40 41 /* "external" capability representation is a (void *) */ 42 43 /* 44 * This is the type used to identify capabilities 45 */ 46 47 typedef int cap_value_t; 48 49 /* 50 * libcap initialized first unnamed capability of the running kernel. 51 * capsh includes a runtime test to flag when this is larger than 52 * what is known to libcap... Time for a new libcap release! 53 */ 54 extern cap_value_t cap_max_bits(void); 55 56 /* 57 * Set identifiers 58 */ 59 typedef enum { 60 CAP_EFFECTIVE = 0, /* Specifies the effective flag */ 61 CAP_PERMITTED = 1, /* Specifies the permitted flag */ 62 CAP_INHERITABLE = 2 /* Specifies the inheritable flag */ 63 } cap_flag_t; 64 65 typedef enum { 66 CAP_IAB_INH = 2, 67 CAP_IAB_AMB = 3, 68 CAP_IAB_BOUND = 4 69 } cap_iab_vector_t; 70 71 /* 72 * An opaque generalization of the inheritable bits that includes both 73 * what ambient bits to raise and what bounding bits to *lower* (aka 74 * drop). None of these bits once set, using cap_iab_set(), affect 75 * the running process but are consulted, through the execve() system 76 * call, by the kernel. Note, the ambient bits ('A') of the running 77 * process are fragile with respect to other aspects of the "posix" 78 * (cap_t) operations: most importantly, 'A' cannot ever hold bits not 79 * present in the intersection of 'pI' and 'pP'. The kernel 80 * immediately drops all ambient caps whenever such a situation 81 * arises. Typically, the ambient bits are used to support a naive 82 * capability inheritance model - at odds with the POSIX (sic) model 83 * of inheritance where inherited (pI) capabilities need to also be 84 * wanted by the executed binary (fI) in order to become raised 85 * through exec. 86 */ 87 typedef struct cap_iab_s *cap_iab_t; 88 89 /* 90 * These are the states available to each capability 91 */ 92 typedef enum { 93 CAP_CLEAR=0, /* The flag is cleared/disabled */ 94 CAP_SET=1 /* The flag is set/enabled */ 95 } cap_flag_value_t; 96 97 /* 98 * User-space capability manipulation routines 99 */ 100 typedef unsigned cap_mode_t; 101 #define CAP_MODE_UNCERTAIN ((cap_mode_t) 0) 102 #define CAP_MODE_NOPRIV ((cap_mode_t) 1) 103 #define CAP_MODE_PURE1E_INIT ((cap_mode_t) 2) 104 #define CAP_MODE_PURE1E ((cap_mode_t) 3) 105 106 /* libcap/cap_alloc.c */ 107 extern cap_t cap_dup(cap_t); 108 extern int cap_free(void *); 109 extern cap_t cap_init(void); 110 extern cap_iab_t cap_iab_init(void); 111 112 /* libcap/cap_flag.c */ 113 extern int cap_get_flag(cap_t, cap_value_t, cap_flag_t, cap_flag_value_t *); 114 extern int cap_set_flag(cap_t, cap_flag_t, int, const cap_value_t *, 115 cap_flag_value_t); 116 extern int cap_clear(cap_t); 117 extern int cap_clear_flag(cap_t, cap_flag_t); 118 extern int cap_fill(cap_t, cap_flag_t, cap_flag_t); 119 120 #define CAP_DIFFERS(result, flag) (((result) & (1 << (flag))) != 0) 121 extern int cap_compare(cap_t, cap_t); 122 123 extern cap_flag_value_t cap_iab_get_vector(cap_iab_t, cap_iab_vector_t, 124 cap_value_t); 125 extern int cap_iab_set_vector(cap_iab_t, cap_iab_vector_t, cap_value_t, 126 cap_flag_value_t); 127 extern int cap_iab_fill(cap_iab_t, cap_iab_vector_t, cap_t, cap_flag_t); 128 129 /* libcap/cap_file.c */ 130 extern cap_t cap_get_fd(int); 131 extern cap_t cap_get_file(const char *); 132 extern uid_t cap_get_nsowner(cap_t); 133 extern int cap_set_fd(int, cap_t); 134 extern int cap_set_file(const char *, cap_t); 135 extern int cap_set_nsowner(cap_t, uid_t); 136 137 /* libcap/cap_proc.c */ 138 extern cap_t cap_get_proc(void); 139 extern cap_t cap_get_pid(pid_t); 140 extern int cap_set_proc(cap_t); 141 142 extern int cap_get_bound(cap_value_t); 143 extern int cap_drop_bound(cap_value_t); 144 #define CAP_IS_SUPPORTED(cap) (cap_get_bound(cap) >= 0) 145 146 extern int cap_get_ambient(cap_value_t); 147 extern int cap_set_ambient(cap_value_t, cap_flag_value_t); 148 extern int cap_reset_ambient(void); 149 #define CAP_AMBIENT_SUPPORTED() (cap_get_ambient(CAP_CHOWN) >= 0) 150 151 /* libcap/cap_extint.c */ 152 extern ssize_t cap_size(cap_t cap_d); 153 extern ssize_t cap_copy_ext(void *cap_ext, cap_t cap_d, ssize_t length); 154 extern cap_t cap_copy_int(const void *cap_ext); 155 extern cap_t cap_copy_int_check(const void *cap_ext, ssize_t length); 156 157 /* libcap/cap_text.c */ 158 extern cap_t cap_from_text(const char *); 159 extern char * cap_to_text(cap_t, ssize_t *); 160 extern int cap_from_name(const char *, cap_value_t *); 161 extern char * cap_to_name(cap_value_t); 162 163 extern char * cap_iab_to_text(cap_iab_t iab); 164 extern cap_iab_t cap_iab_from_text(const char *text); 165 166 /* libcap/cap_proc.c */ 167 extern void cap_set_syscall(long int (*new_syscall)(long int, 168 long int, long int, long int), 169 long int (*new_syscall6)(long int, 170 long int, long int, long int, 171 long int, long int, long int)); 172 173 extern int cap_set_mode(cap_mode_t flavor); 174 extern cap_mode_t cap_get_mode(void); 175 extern const char *cap_mode_name(cap_mode_t flavor); 176 177 extern unsigned cap_get_secbits(void); 178 extern int cap_set_secbits(unsigned bits); 179 180 extern int cap_prctl(long int pr_cmd, long int arg1, long int arg2, 181 long int arg3, long int arg4, long int arg5); 182 extern int cap_prctlw(long int pr_cmd, long int arg1, long int arg2, 183 long int arg3, long int arg4, long int arg5); 184 extern int cap_setuid(uid_t uid); 185 extern int cap_setgroups(gid_t gid, size_t ngroups, const gid_t groups[]); 186 187 extern cap_iab_t cap_iab_get_proc(void); 188 extern int cap_iab_set_proc(cap_iab_t iab); 189 190 typedef struct cap_launch_s *cap_launch_t; 191 192 extern cap_launch_t cap_new_launcher(const char *arg0, const char * const *argv, 193 const char * const *envp); 194 extern cap_launch_t cap_func_launcher(int (callback_fn)(void *detail)); 195 extern void cap_launcher_callback(cap_launch_t attr, 196 int (callback_fn)(void *detail)); 197 extern void cap_launcher_setuid(cap_launch_t attr, uid_t uid); 198 extern void cap_launcher_setgroups(cap_launch_t attr, gid_t gid, 199 int ngroups, const gid_t *groups); 200 extern void cap_launcher_set_mode(cap_launch_t attr, cap_mode_t flavor); 201 extern cap_iab_t cap_launcher_set_iab(cap_launch_t attr, cap_iab_t iab); 202 extern void cap_launcher_set_chroot(cap_launch_t attr, const char *chroot); 203 extern pid_t cap_launch(cap_launch_t attr, void *detail); 204 205 /* 206 * system calls - look to libc for function to system call 207 * mapping. Note, libcap does not use capset directly, but permits the 208 * cap_set_syscall() to redirect the system call function. 209 */ 210 extern int capget(cap_user_header_t header, cap_user_data_t data); 211 extern int capset(cap_user_header_t header, const cap_user_data_t data); 212 213 /* deprecated - use cap_get_pid() */ 214 extern int capgetp(pid_t pid, cap_t cap_d); 215 216 /* not valid with filesystem capability support - use cap_set_proc() */ 217 extern int capsetp(pid_t pid, cap_t cap_d); 218 219 #ifdef __cplusplus 220 } 221 #endif 222 223 #endif /* _SYS_CAPABILITY_H */ 224