xref: /third_party/ltp/include/tst_capability.h (revision f08c3bdf) 
1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 * Copyright (c) 2019 Richard Palethorpe <rpalethorpe@suse.com>
4 */
5/**
6 * @file tst_capability.h
7 *
8 * Limited capability operations without libcap.
9 */
10
11#ifndef TST_CAPABILITY_H
12#define TST_CAPABILITY_H
13
14#include <stdint.h>
15
16#include "lapi/capability.h"
17
18#define TST_CAP_DROP 1
19#define TST_CAP_REQ  (1 << 1)
20
21#define TST_CAP(action, capability) {action, capability, #capability}
22
23struct tst_cap_user_header {
24	uint32_t version;
25	int pid;
26};
27
28struct tst_cap_user_data {
29	uint32_t effective;
30	uint32_t permitted;
31	uint32_t inheritable;
32};
33
34struct tst_cap {
35	uint32_t action;
36	uint32_t id;
37	char *name;
38};
39
40/**
41 * Get the capabilities as decided by hdr.
42 *
43 * Note that the memory pointed to by data should be large enough to store two
44 * structs.
45 */
46int tst_capget(struct tst_cap_user_header *hdr,
47	       struct tst_cap_user_data *data);
48
49/**
50 * Set the capabilities as decided by hdr and data
51 *
52 * Note that the memory pointed to by data should be large enough to store two
53 * structs.
54 */
55int tst_capset(struct tst_cap_user_header *hdr,
56	       const struct tst_cap_user_data *data);
57
58/**
59 * Add, check or remove a capability
60 *
61 * It will attempt to drop or add capability to the effective set. It will
62 * try to detect if this is needed and whether it can or can't be done. If it
63 * clearly can not add a privilege to the effective set then it will return
64 * TCONF. However it may fail for some other reason and return TBROK.
65 *
66 * This only tries to change the effective set. Some tests may need to change
67 * the inheritable and ambient sets, so that child processes retain some
68 * capability.
69 */
70void tst_cap_action(struct tst_cap *cap);
71
72
73/**
74 * Add, check or remove a capabilities
75 *
76 * Takes a NULL terminated array of structs which describe whether some
77 * capabilities are needed or not and mask that determines subset of the
78 * actions to be performed. Loops over the array and if mask matches the
79 * element action it's passed to tst_cap_action().
80 */
81void tst_cap_setup(struct tst_cap *cap, unsigned int action_mask);
82
83#endif /* TST_CAPABILITY_H */
84