1 /* 2 * <sys/capability.h> 3 * 4 * Copyright (C) 1997 Aleph One 5 * Copyright (C) 1997-8,2008 Andrew G. Morgan <morgan@kernel.org> 6 * 7 * defunct POSIX.1e Standard: 25.2 Capabilities <sys/capability.h> 8 */ 9 10 #ifndef _SYS_CAPABILITY_H 11 #define _SYS_CAPABILITY_H 12 13 #ifdef __cplusplus 14 extern "C" { 15 #endif 16 17 /* 18 * This file complements the kernel file by providing prototype 19 * information for the user library. 20 */ 21 22 #include <sys/types.h> 23 #include <stdint.h> 24 #include <linux/types.h> 25 26 /* 27 * Required to limit what gets defined in the kernel header file. 28 */ 29 #ifndef __user 30 #define __user 31 #endif 32 #include <linux/capability.h> 33 34 /* 35 * POSIX capability types 36 */ 37 38 /* 39 * Opaque capability handle (defined internally by libcap) 40 * internal capability representation 41 */ 42 typedef struct _cap_struct *cap_t; 43 44 /* "external" capability representation is a (void *) */ 45 46 /* 47 * This is the type used to identify capabilities 48 */ 49 50 typedef int cap_value_t; 51 52 /* 53 * Set identifiers 54 */ 55 typedef enum { 56 CAP_EFFECTIVE=0, /* Specifies the effective flag */ 57 CAP_PERMITTED=1, /* Specifies the permitted flag */ 58 CAP_INHERITABLE=2 /* Specifies the inheritable flag */ 59 } cap_flag_t; 60 61 /* 62 * These are the states available to each capability 63 */ 64 typedef enum { 65 CAP_CLEAR=0, /* The flag is cleared/disabled */ 66 CAP_SET=1 /* The flag is set/enabled */ 67 } cap_flag_value_t; 68 69 /* 70 * User-space capability manipulation routines 71 */ 72 73 /* libcap/cap_alloc.c */ 74 extern cap_t cap_dup(cap_t); 75 extern int cap_free(void *); 76 extern cap_t cap_init(void); 77 78 /* libcap/cap_flag.c */ 79 extern int cap_get_flag(cap_t, cap_value_t, cap_flag_t, cap_flag_value_t *); 80 extern int cap_set_flag(cap_t, cap_flag_t, int, const cap_value_t *, 81 cap_flag_value_t); 82 extern int cap_clear(cap_t); 83 extern int cap_clear_flag(cap_t, cap_flag_t); 84 85 /* libcap/cap_file.c */ 86 extern cap_t cap_get_fd(int); 87 extern cap_t cap_get_file(const char *); 88 extern int cap_set_fd(int, cap_t); 89 extern int cap_set_file(const char *, cap_t); 90 91 /* libcap/cap_proc.c */ 92 extern cap_t cap_get_proc(void); 93 extern cap_t cap_get_pid(pid_t); 94 extern int cap_set_proc(cap_t); 95 96 extern int cap_get_bound(cap_value_t); 97 extern int cap_drop_bound(cap_value_t); 98 99 #define CAP_IS_SUPPORTED(cap) (cap_get_bound(cap) >= 0) 100 101 /* libcap/cap_extint.c */ 102 extern ssize_t cap_size(cap_t); 103 extern ssize_t cap_copy_ext(void *, cap_t, ssize_t); 104 extern cap_t cap_copy_int(const void *); 105 106 /* libcap/cap_text.c */ 107 extern cap_t cap_from_text(const char *); 108 extern char * cap_to_text(cap_t, ssize_t *); 109 extern int cap_from_name(const char *, cap_value_t *); 110 extern char * cap_to_name(cap_value_t); 111 112 #define CAP_DIFFERS(result, flag) (((result) & (1 << (flag))) != 0) 113 extern int cap_compare(cap_t, cap_t); 114 115 /* system calls - look to libc for function to system call mapping */ 116 extern int capset(cap_user_header_t header, cap_user_data_t data); 117 extern int capget(cap_user_header_t header, const cap_user_data_t data); 118 119 /* deprecated - use cap_get_pid() */ 120 extern int capgetp(pid_t pid, cap_t cap_d); 121 122 /* not valid with filesystem capability support - use cap_set_proc() */ 123 extern int capsetp(pid_t pid, cap_t cap_d); 124 125 #ifdef __cplusplus 126 } 127 #endif 128 129 #endif /* _SYS_CAPABILITY_H */ 130