18c2ecf20Sopenharmony_ci/* SPDX-License-Identifier: GPL-2.0-only */ 28c2ecf20Sopenharmony_ci/* 38c2ecf20Sopenharmony_ci * AppArmor security module 48c2ecf20Sopenharmony_ci * 58c2ecf20Sopenharmony_ci * This file contains AppArmor capability mediation definitions. 68c2ecf20Sopenharmony_ci * 78c2ecf20Sopenharmony_ci * Copyright (C) 1998-2008 Novell/SUSE 88c2ecf20Sopenharmony_ci * Copyright 2009-2013 Canonical Ltd. 98c2ecf20Sopenharmony_ci */ 108c2ecf20Sopenharmony_ci 118c2ecf20Sopenharmony_ci#ifndef __AA_CAPABILITY_H 128c2ecf20Sopenharmony_ci#define __AA_CAPABILITY_H 138c2ecf20Sopenharmony_ci 148c2ecf20Sopenharmony_ci#include <linux/sched.h> 158c2ecf20Sopenharmony_ci 168c2ecf20Sopenharmony_ci#include "apparmorfs.h" 178c2ecf20Sopenharmony_ci 188c2ecf20Sopenharmony_cistruct aa_label; 198c2ecf20Sopenharmony_ci 208c2ecf20Sopenharmony_ci/* aa_caps - confinement data for capabilities 218c2ecf20Sopenharmony_ci * @allowed: capabilities mask 228c2ecf20Sopenharmony_ci * @audit: caps that are to be audited 238c2ecf20Sopenharmony_ci * @denied: caps that are explicitly denied 248c2ecf20Sopenharmony_ci * @quiet: caps that should not be audited 258c2ecf20Sopenharmony_ci * @kill: caps that when requested will result in the task being killed 268c2ecf20Sopenharmony_ci * @extended: caps that are subject finer grained mediation 278c2ecf20Sopenharmony_ci */ 288c2ecf20Sopenharmony_cistruct aa_caps { 298c2ecf20Sopenharmony_ci kernel_cap_t allow; 308c2ecf20Sopenharmony_ci kernel_cap_t audit; 318c2ecf20Sopenharmony_ci kernel_cap_t denied; 328c2ecf20Sopenharmony_ci kernel_cap_t quiet; 338c2ecf20Sopenharmony_ci kernel_cap_t kill; 348c2ecf20Sopenharmony_ci kernel_cap_t extended; 358c2ecf20Sopenharmony_ci}; 368c2ecf20Sopenharmony_ci 378c2ecf20Sopenharmony_ciextern struct aa_sfs_entry aa_sfs_entry_caps[]; 388c2ecf20Sopenharmony_ci 398c2ecf20Sopenharmony_ciint aa_capable(struct aa_label *label, int cap, unsigned int opts); 408c2ecf20Sopenharmony_ci 418c2ecf20Sopenharmony_cistatic inline void aa_free_cap_rules(struct aa_caps *caps) 428c2ecf20Sopenharmony_ci{ 438c2ecf20Sopenharmony_ci /* NOP */ 448c2ecf20Sopenharmony_ci} 458c2ecf20Sopenharmony_ci 468c2ecf20Sopenharmony_ci#endif /* __AA_CAPBILITY_H */ 47