diff options
Diffstat (limited to 'include/linux/capability.h')
-rw-r--r-- | include/linux/capability.h | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/include/linux/capability.h b/include/linux/capability.h index a1d93da67fe9..ffe7bab8c3a0 100644 --- a/include/linux/capability.h +++ b/include/linux/capability.h | |||
@@ -152,7 +152,9 @@ typedef struct kernel_cap_struct { | |||
152 | * Transfer any capability in your permitted set to any pid, | 152 | * Transfer any capability in your permitted set to any pid, |
153 | * remove any capability in your permitted set from any pid | 153 | * remove any capability in your permitted set from any pid |
154 | * With VFS support for capabilities (neither of above, but) | 154 | * With VFS support for capabilities (neither of above, but) |
155 | * Add any capability to the current process' inheritable set | 155 | * Add any capability from current's capability bounding set |
156 | * to the current process' inheritable set | ||
157 | * Allow taking bits out of capability bounding set | ||
156 | */ | 158 | */ |
157 | 159 | ||
158 | #define CAP_SETPCAP 8 | 160 | #define CAP_SETPCAP 8 |
@@ -202,7 +204,6 @@ typedef struct kernel_cap_struct { | |||
202 | #define CAP_IPC_OWNER 15 | 204 | #define CAP_IPC_OWNER 15 |
203 | 205 | ||
204 | /* Insert and remove kernel modules - modify kernel without limit */ | 206 | /* Insert and remove kernel modules - modify kernel without limit */ |
205 | /* Modify cap_bset */ | ||
206 | #define CAP_SYS_MODULE 16 | 207 | #define CAP_SYS_MODULE 16 |
207 | 208 | ||
208 | /* Allow ioperm/iopl access */ | 209 | /* Allow ioperm/iopl access */ |
@@ -314,6 +315,10 @@ typedef struct kernel_cap_struct { | |||
314 | 315 | ||
315 | #define CAP_SETFCAP 31 | 316 | #define CAP_SETFCAP 31 |
316 | 317 | ||
318 | #define CAP_LAST_CAP CAP_SETFCAP | ||
319 | |||
320 | #define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP) | ||
321 | |||
317 | /* | 322 | /* |
318 | * Bit location of each capability (used by user-space library and kernel) | 323 | * Bit location of each capability (used by user-space library and kernel) |
319 | */ | 324 | */ |
@@ -465,6 +470,8 @@ extern const kernel_cap_t __cap_init_eff_set; | |||
465 | int capable(int cap); | 470 | int capable(int cap); |
466 | int __capable(struct task_struct *t, int cap); | 471 | int __capable(struct task_struct *t, int cap); |
467 | 472 | ||
473 | extern long cap_prctl_drop(unsigned long cap); | ||
474 | |||
468 | #endif /* __KERNEL__ */ | 475 | #endif /* __KERNEL__ */ |
469 | 476 | ||
470 | #endif /* !_LINUX_CAPABILITY_H */ | 477 | #endif /* !_LINUX_CAPABILITY_H */ |