1 #ifndef __CAPSICUM_RIGHTS_H__
2 #define __CAPSICUM_RIGHTS_H__
3 
4 #ifdef __cplusplus
5 extern "C" {
6 #endif
7 
8 #ifdef __FreeBSD__
9 #include <sys/param.h>
10 #if __FreeBSD_version >= 1100014 || \
11     (__FreeBSD_version >= 1001511 && __FreeBSD_version < 1100000)
12 #include <sys/capsicum.h>
13 #else
14 #include <sys/capability.h>
15 #endif
16 #endif
17 
18 #ifdef __linux__
19 #include <linux/capsicum.h>
20 #endif
21 
22 #ifdef __cplusplus
23 }
24 #endif
25 
26 #ifndef CAP_RIGHTS_VERSION
27 /************************************************************
28  * Capsicum compatibility layer: implement new (FreeBSD10.x)
29  * rights manipulation API in terms of original (FreeBSD9.x)
30  * functionality.
31  ************************************************************/
32 #include <stdarg.h>
33 #include <stdbool.h>
34 
35 /* Rights manipulation macros/functions.
36  * Note that these use variadic macros, available in C99 / C++11 (and
37  * also in earlier gcc versions).
38  */
39 #define cap_rights_init(rights, ...)   _cap_rights_init((rights), __VA_ARGS__, 0ULL)
40 #define cap_rights_set(rights, ...)    _cap_rights_set((rights), __VA_ARGS__, 0ULL)
41 #define cap_rights_clear(rights, ...)  _cap_rights_clear((rights), __VA_ARGS__, 0ULL)
42 #define cap_rights_is_set(rights, ...) _cap_rights_is_set((rights), __VA_ARGS__, 0ULL)
43 
_cap_rights_init(cap_rights_t * rights,...)44 inline cap_rights_t* _cap_rights_init(cap_rights_t *rights, ...) {
45   va_list ap;
46   cap_rights_t right;
47   *rights = 0;
48   va_start(ap, rights);
49   while (true) {
50     right = va_arg(ap, cap_rights_t);
51     *rights |= right;
52     if (right == 0) break;
53   }
54   va_end(ap);
55   return rights;
56 }
57 
_cap_rights_set(cap_rights_t * rights,...)58 inline cap_rights_t* _cap_rights_set(cap_rights_t *rights, ...) {
59   va_list ap;
60   cap_rights_t right;
61   va_start(ap, rights);
62   while (true) {
63     right = va_arg(ap, cap_rights_t);
64     *rights |= right;
65     if (right == 0) break;
66   }
67   va_end(ap);
68   return rights;
69 }
70 
_cap_rights_clear(cap_rights_t * rights,...)71 inline cap_rights_t* _cap_rights_clear(cap_rights_t *rights, ...) {
72   va_list ap;
73   cap_rights_t right;
74   va_start(ap, rights);
75   while (true) {
76     right = va_arg(ap, cap_rights_t);
77     *rights &= ~right;
78     if (right == 0) break;
79   }
80   va_end(ap);
81   return rights;
82 }
83 
_cap_rights_is_set(const cap_rights_t * rights,...)84 inline bool _cap_rights_is_set(const cap_rights_t *rights, ...) {
85   va_list ap;
86   cap_rights_t right;
87   cap_rights_t accumulated = 0;
88   va_start(ap, rights);
89   while (true) {
90     right = va_arg(ap, cap_rights_t);
91     accumulated |= right;
92     if (right == 0) break;
93   }
94   va_end(ap);
95   return (accumulated & *rights) == accumulated;
96 }
97 
_cap_rights_is_valid(const cap_rights_t * rights)98 inline bool _cap_rights_is_valid(const cap_rights_t *rights) {
99   return true;
100 }
101 
cap_rights_merge(cap_rights_t * dst,const cap_rights_t * src)102 inline cap_rights_t* cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src) {
103   *dst |= *src;
104   return dst;
105 }
106 
cap_rights_remove(cap_rights_t * dst,const cap_rights_t * src)107 inline cap_rights_t* cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src) {
108   *dst &= ~(*src);
109   return dst;
110 }
111 
cap_rights_contains(const cap_rights_t * big,const cap_rights_t * little)112 inline bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little) {
113   return ((*big) & (*little)) == (*little);
114 }
115 
116 #endif  /* old/new style rights manipulation */
117 
118 #endif /*__CAPSICUM_RIGHTS_H__*/
119