aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/capability.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux/capability.h')
-rw-r--r--include/linux/capability.h11
1 files changed, 9 insertions, 2 deletions
diff --git a/include/linux/capability.h b/include/linux/capability.h
index a1d93da67fe9..ffe7bab8c3a0 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -152,7 +152,9 @@ typedef struct kernel_cap_struct {
152 * Transfer any capability in your permitted set to any pid, 152 * Transfer any capability in your permitted set to any pid,
153 * remove any capability in your permitted set from any pid 153 * remove any capability in your permitted set from any pid
154 * With VFS support for capabilities (neither of above, but) 154 * With VFS support for capabilities (neither of above, but)
155 * Add any capability to the current process' inheritable set 155 * Add any capability from current's capability bounding set
156 * to the current process' inheritable set
157 * Allow taking bits out of capability bounding set
156 */ 158 */
157 159
158#define CAP_SETPCAP 8 160#define CAP_SETPCAP 8
@@ -202,7 +204,6 @@ typedef struct kernel_cap_struct {
202#define CAP_IPC_OWNER 15 204#define CAP_IPC_OWNER 15
203 205
204/* Insert and remove kernel modules - modify kernel without limit */ 206/* Insert and remove kernel modules - modify kernel without limit */
205/* Modify cap_bset */
206#define CAP_SYS_MODULE 16 207#define CAP_SYS_MODULE 16
207 208
208/* Allow ioperm/iopl access */ 209/* Allow ioperm/iopl access */
@@ -314,6 +315,10 @@ typedef struct kernel_cap_struct {
314 315
315#define CAP_SETFCAP 31 316#define CAP_SETFCAP 31
316 317
318#define CAP_LAST_CAP CAP_SETFCAP
319
320#define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP)
321
317/* 322/*
318 * Bit location of each capability (used by user-space library and kernel) 323 * Bit location of each capability (used by user-space library and kernel)
319 */ 324 */
@@ -465,6 +470,8 @@ extern const kernel_cap_t __cap_init_eff_set;
465int capable(int cap); 470int capable(int cap);
466int __capable(struct task_struct *t, int cap); 471int __capable(struct task_struct *t, int cap);
467 472
473extern long cap_prctl_drop(unsigned long cap);
474
468#endif /* __KERNEL__ */ 475#endif /* __KERNEL__ */
469 476
470#endif /* !_LINUX_CAPABILITY_H */ 477#endif /* !_LINUX_CAPABILITY_H */