xref: /freebsd/tests/sys/capsicum/capsicum-rights.h (revision 670b568ec1c36464c6d55e400382c290b0391ccf) 
1*670b568eSEd Maste #ifndef __CAPSICUM_RIGHTS_H__
2*670b568eSEd Maste #define __CAPSICUM_RIGHTS_H__
3*670b568eSEd Maste 
4*670b568eSEd Maste #ifdef __cplusplus
5*670b568eSEd Maste extern "C" {
6*670b568eSEd Maste #endif
7*670b568eSEd Maste 
8*670b568eSEd Maste #ifdef __FreeBSD__
9*670b568eSEd Maste #include <sys/param.h>
10*670b568eSEd Maste #if __FreeBSD_version >= 1100014 || \
11*670b568eSEd Maste     (__FreeBSD_version >= 1001511 && __FreeBSD_version < 1100000)
12*670b568eSEd Maste #include <sys/capsicum.h>
13*670b568eSEd Maste #else
14*670b568eSEd Maste #include <sys/capability.h>
15*670b568eSEd Maste #endif
16*670b568eSEd Maste #endif
17*670b568eSEd Maste 
18*670b568eSEd Maste #ifdef __linux__
19*670b568eSEd Maste #include <linux/capsicum.h>
20*670b568eSEd Maste #endif
21*670b568eSEd Maste 
22*670b568eSEd Maste #ifdef __cplusplus
23*670b568eSEd Maste }
24*670b568eSEd Maste #endif
25*670b568eSEd Maste 
26*670b568eSEd Maste #ifndef CAP_RIGHTS_VERSION
27*670b568eSEd Maste /************************************************************
28*670b568eSEd Maste  * Capsicum compatibility layer: implement new (FreeBSD10.x)
29*670b568eSEd Maste  * rights manipulation API in terms of original (FreeBSD9.x)
30*670b568eSEd Maste  * functionality.
31*670b568eSEd Maste  ************************************************************/
32*670b568eSEd Maste #include <stdarg.h>
33*670b568eSEd Maste #include <stdbool.h>
34*670b568eSEd Maste 
35*670b568eSEd Maste /* Rights manipulation macros/functions.
36*670b568eSEd Maste  * Note that these use variadic macros, available in C99 / C++11 (and
37*670b568eSEd Maste  * also in earlier gcc versions).
38*670b568eSEd Maste  */
39*670b568eSEd Maste #define cap_rights_init(rights, ...)   _cap_rights_init((rights), __VA_ARGS__, 0ULL)
40*670b568eSEd Maste #define cap_rights_set(rights, ...)    _cap_rights_set((rights), __VA_ARGS__, 0ULL)
41*670b568eSEd Maste #define cap_rights_clear(rights, ...)  _cap_rights_clear((rights), __VA_ARGS__, 0ULL)
42*670b568eSEd Maste #define cap_rights_is_set(rights, ...) _cap_rights_is_set((rights), __VA_ARGS__, 0ULL)
43*670b568eSEd Maste 
_cap_rights_init(cap_rights_t * rights,...)44*670b568eSEd Maste inline cap_rights_t* _cap_rights_init(cap_rights_t *rights, ...) {
45*670b568eSEd Maste   va_list ap;
46*670b568eSEd Maste   cap_rights_t right;
47*670b568eSEd Maste   *rights = 0;
48*670b568eSEd Maste   va_start(ap, rights);
49*670b568eSEd Maste   while (true) {
50*670b568eSEd Maste     right = va_arg(ap, cap_rights_t);
51*670b568eSEd Maste     *rights |= right;
52*670b568eSEd Maste     if (right == 0) break;
53*670b568eSEd Maste   }
54*670b568eSEd Maste   va_end(ap);
55*670b568eSEd Maste   return rights;
56*670b568eSEd Maste }
57*670b568eSEd Maste 
_cap_rights_set(cap_rights_t * rights,...)58*670b568eSEd Maste inline cap_rights_t* _cap_rights_set(cap_rights_t *rights, ...) {
59*670b568eSEd Maste   va_list ap;
60*670b568eSEd Maste   cap_rights_t right;
61*670b568eSEd Maste   va_start(ap, rights);
62*670b568eSEd Maste   while (true) {
63*670b568eSEd Maste     right = va_arg(ap, cap_rights_t);
64*670b568eSEd Maste     *rights |= right;
65*670b568eSEd Maste     if (right == 0) break;
66*670b568eSEd Maste   }
67*670b568eSEd Maste   va_end(ap);
68*670b568eSEd Maste   return rights;
69*670b568eSEd Maste }
70*670b568eSEd Maste 
_cap_rights_clear(cap_rights_t * rights,...)71*670b568eSEd Maste inline cap_rights_t* _cap_rights_clear(cap_rights_t *rights, ...) {
72*670b568eSEd Maste   va_list ap;
73*670b568eSEd Maste   cap_rights_t right;
74*670b568eSEd Maste   va_start(ap, rights);
75*670b568eSEd Maste   while (true) {
76*670b568eSEd Maste     right = va_arg(ap, cap_rights_t);
77*670b568eSEd Maste     *rights &= ~right;
78*670b568eSEd Maste     if (right == 0) break;
79*670b568eSEd Maste   }
80*670b568eSEd Maste   va_end(ap);
81*670b568eSEd Maste   return rights;
82*670b568eSEd Maste }
83*670b568eSEd Maste 
_cap_rights_is_set(const cap_rights_t * rights,...)84*670b568eSEd Maste inline bool _cap_rights_is_set(const cap_rights_t *rights, ...) {
85*670b568eSEd Maste   va_list ap;
86*670b568eSEd Maste   cap_rights_t right;
87*670b568eSEd Maste   cap_rights_t accumulated = 0;
88*670b568eSEd Maste   va_start(ap, rights);
89*670b568eSEd Maste   while (true) {
90*670b568eSEd Maste     right = va_arg(ap, cap_rights_t);
91*670b568eSEd Maste     accumulated |= right;
92*670b568eSEd Maste     if (right == 0) break;
93*670b568eSEd Maste   }
94*670b568eSEd Maste   va_end(ap);
95*670b568eSEd Maste   return (accumulated & *rights) == accumulated;
96*670b568eSEd Maste }
97*670b568eSEd Maste 
_cap_rights_is_valid(const cap_rights_t * rights)98*670b568eSEd Maste inline bool _cap_rights_is_valid(const cap_rights_t *rights) {
99*670b568eSEd Maste   return true;
100*670b568eSEd Maste }
101*670b568eSEd Maste 
cap_rights_merge(cap_rights_t * dst,const cap_rights_t * src)102*670b568eSEd Maste inline cap_rights_t* cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src) {
103*670b568eSEd Maste   *dst |= *src;
104*670b568eSEd Maste   return dst;
105*670b568eSEd Maste }
106*670b568eSEd Maste 
cap_rights_remove(cap_rights_t * dst,const cap_rights_t * src)107*670b568eSEd Maste inline cap_rights_t* cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src) {
108*670b568eSEd Maste   *dst &= ~(*src);
109*670b568eSEd Maste   return dst;
110*670b568eSEd Maste }
111*670b568eSEd Maste 
cap_rights_contains(const cap_rights_t * big,const cap_rights_t * little)112*670b568eSEd Maste inline bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little) {
113*670b568eSEd Maste   return ((*big) & (*little)) == (*little);
114*670b568eSEd Maste }
115*670b568eSEd Maste 
116*670b568eSEd Maste #endif  /* old/new style rights manipulation */
117*670b568eSEd Maste 
118*670b568eSEd Maste #endif /*__CAPSICUM_RIGHTS_H__*/
119