124b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// Copyright (C) 2016 The Android Open Source Project 224b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// 324b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// Licensed under the Apache License, Version 2.0 (the "License"); 424b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// you may not use this file except in compliance with the License. 524b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// You may obtain a copy of the License at 624b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// 724b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// http://www.apache.org/licenses/LICENSE-2.0 824b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// 924b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// Unless required by applicable law or agreed to in writing, software 1024b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// distributed under the License is distributed on an "AS IS" BASIS, 1124b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1224b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// See the License for the specific language governing permissions and 1324b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes// limitations under the License. 1424b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes 15f3f824ee42892fb69cb0d9b0557cd9c5aed357d2Jorge Lucangeli Obes#ifndef _INIT_CAPABILITIES_H 16f3f824ee42892fb69cb0d9b0557cd9c5aed357d2Jorge Lucangeli Obes#define _INIT_CAPABILITIES_H 17f3f824ee42892fb69cb0d9b0557cd9c5aed357d2Jorge Lucangeli Obes 18519e5f0592eb7ceb812f9e0e61b3bc2d9fc27c74Luis Hector Chavez#include <sys/capability.h> 1924b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes 2024b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes#include <bitset> 2124b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes#include <string> 22519e5f0592eb7ceb812f9e0e61b3bc2d9fc27c74Luis Hector Chavez#include <type_traits> 2324b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes 2481f5d3ebef2c3789737bf718fc2a2cdd7b9e8b33Tom Cherrynamespace android { 2581f5d3ebef2c3789737bf718fc2a2cdd7b9e8b33Tom Cherrynamespace init { 2681f5d3ebef2c3789737bf718fc2a2cdd7b9e8b33Tom Cherry 27519e5f0592eb7ceb812f9e0e61b3bc2d9fc27c74Luis Hector Chavezstruct CapDeleter { 28519e5f0592eb7ceb812f9e0e61b3bc2d9fc27c74Luis Hector Chavez void operator()(cap_t caps) const { cap_free(caps); } 29519e5f0592eb7ceb812f9e0e61b3bc2d9fc27c74Luis Hector Chavez}; 30519e5f0592eb7ceb812f9e0e61b3bc2d9fc27c74Luis Hector Chavez 3124b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obesusing CapSet = std::bitset<CAP_LAST_CAP + 1>; 32519e5f0592eb7ceb812f9e0e61b3bc2d9fc27c74Luis Hector Chavezusing ScopedCaps = std::unique_ptr<std::remove_pointer<cap_t>::type, CapDeleter>; 3324b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obes 3424b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obesint LookupCap(const std::string& cap_name); 35f3f824ee42892fb69cb0d9b0557cd9c5aed357d2Jorge Lucangeli Obesbool CapAmbientSupported(); 36f3f824ee42892fb69cb0d9b0557cd9c5aed357d2Jorge Lucangeli Obesunsigned int GetLastValidCap(); 3724b29132a017f7fbfd009c3e6aec499d1b815dbfJorge Lucangeli Obesbool SetCapsForExec(const CapSet& to_keep); 38f3f824ee42892fb69cb0d9b0557cd9c5aed357d2Jorge Lucangeli Obes 3981f5d3ebef2c3789737bf718fc2a2cdd7b9e8b33Tom Cherry} // namespace init 4081f5d3ebef2c3789737bf718fc2a2cdd7b9e8b33Tom Cherry} // namespace android 4181f5d3ebef2c3789737bf718fc2a2cdd7b9e8b33Tom Cherry 42f3f824ee42892fb69cb0d9b0557cd9c5aed357d2Jorge Lucangeli Obes#endif // _INIT_CAPABILITIES_H 43