1 /* system.h 2 * Copyright (C) 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 * 16 * Wrappers for system functionality. 17 */ 18 19 #ifndef _SYSTEM_H_ 20 #define _SYSTEM_H_ 21 22 #include <sys/capability.h> 23 #include <sys/prctl.h> 24 #include <sys/types.h> 25 26 #ifdef __cplusplus 27 extern "C" { 28 #endif 29 30 /* Control the ambient capability set. */ 31 #ifndef PR_CAP_AMBIENT 32 #define PR_CAP_AMBIENT 47 33 #endif 34 35 #ifndef PR_CAP_AMBIENT_IS_SET 36 #define PR_CAP_AMBIENT_IS_SET 1 37 #endif 38 39 #ifndef PR_CAP_AMBIENT_RAISE 40 #define PR_CAP_AMBIENT_RAISE 2 41 #endif 42 43 #ifndef PR_CAP_AMBIENT_LOWER 44 #define PR_CAP_AMBIENT_LOWER 3 45 #endif 46 47 #ifndef PR_CAP_AMBIENT_CLEAR_ALL 48 #define PR_CAP_AMBIENT_CLEAR_ALL 4 49 #endif 50 51 int lock_securebits(uint64_t skip_mask); 52 53 unsigned int get_last_valid_cap(void); 54 int cap_ambient_supported(void); 55 56 int config_net_loopback(void); 57 58 int setup_pipe_end(int fds[2], size_t index); 59 int setup_and_dupe_pipe_end(int fds[2], size_t index, int fd); 60 61 int write_pid_to_path(pid_t pid, const char *path); 62 int write_proc_file(pid_t pid, const char *content, const char *basename); 63 64 int setup_mount_destination(const char *source, const char *dest, uid_t uid, 65 uid_t gid); 66 67 #ifdef __cplusplus 68 }; /* extern "C" */ 69 #endif 70 71 #endif /* _SYSTEM_H_ */ 72
