blob: b71d2cb6882acf8d61863f3ced741f5ac6d01236 [file] [log] [blame]
Jorge Lucangeli Obes24b29132016-10-27 10:33:03 -04001// Copyright (C) 2016 The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
Jorge Lucangeli Obesf3f824e2016-12-15 12:13:38 -050015#ifndef _INIT_CAPABILITIES_H
16#define _INIT_CAPABILITIES_H
17
Luis Hector Chavez519e5f02017-06-29 09:50:30 -070018#include <sys/capability.h>
Jorge Lucangeli Obes24b29132016-10-27 10:33:03 -040019
20#include <bitset>
Elliott Hughesff1cdb32025-01-21 17:01:36 -050021#include <memory>
Jorge Lucangeli Obes24b29132016-10-27 10:33:03 -040022#include <string>
Luis Hector Chavez519e5f02017-06-29 09:50:30 -070023#include <type_traits>
Jorge Lucangeli Obes24b29132016-10-27 10:33:03 -040024
Tom Cherry81f5d3e2017-06-22 12:53:17 -070025namespace android {
26namespace init {
27
Luis Hector Chavez519e5f02017-06-29 09:50:30 -070028struct CapDeleter {
29 void operator()(cap_t caps) const { cap_free(caps); }
30};
31
Jorge Lucangeli Obes24b29132016-10-27 10:33:03 -040032using CapSet = std::bitset<CAP_LAST_CAP + 1>;
Luis Hector Chavez519e5f02017-06-29 09:50:30 -070033using ScopedCaps = std::unique_ptr<std::remove_pointer<cap_t>::type, CapDeleter>;
Jorge Lucangeli Obes24b29132016-10-27 10:33:03 -040034
35int LookupCap(const std::string& cap_name);
Jorge Lucangeli Obesf3f824e2016-12-15 12:13:38 -050036bool CapAmbientSupported();
37unsigned int GetLastValidCap();
Jorge Lucangeli Obes24b29132016-10-27 10:33:03 -040038bool SetCapsForExec(const CapSet& to_keep);
Luis Hector Chavez94fb5b02017-11-16 15:52:00 -080039bool DropInheritableCaps();
Jorge Lucangeli Obesf3f824e2016-12-15 12:13:38 -050040
Tom Cherry81f5d3e2017-06-22 12:53:17 -070041} // namespace init
42} // namespace android
43
Jorge Lucangeli Obesf3f824e2016-12-15 12:13:38 -050044#endif // _INIT_CAPABILITIES_H