diff options
Diffstat (limited to 'lib/libcapsicum/libcapsicum.h')
-rw-r--r-- | lib/libcapsicum/libcapsicum.h | 115 |
1 files changed, 115 insertions, 0 deletions
diff --git a/lib/libcapsicum/libcapsicum.h b/lib/libcapsicum/libcapsicum.h new file mode 100644 index 000000000000..4f8c59752ad8 --- /dev/null +++ b/lib/libcapsicum/libcapsicum.h @@ -0,0 +1,115 @@ +/*- + * Copyright (c) 2012-2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _LIBCAPSICUM_H_ +#define _LIBCAPSICUM_H_ + +#ifndef _NVLIST_T_DECLARED +#define _NVLIST_T_DECLARED +struct nvlist; + +typedef struct nvlist nvlist_t; +#endif + +#ifndef _CAP_CHANNEL_T_DECLARED +#define _CAP_CHANNEL_T_DECLARED +struct cap_channel; + +typedef struct cap_channel cap_channel_t; +#endif + +/* + * The function opens unrestricted communication channel to Casper. + */ +cap_channel_t *cap_init(void); + +/* + * The function creates cap_channel_t based on the given socket. + */ +cap_channel_t *cap_wrap(int sock); + +/* + * The function returns communication socket and frees cap_channel_t. + */ +int cap_unwrap(cap_channel_t *chan); + +/* + * The function clones the given capability. + */ +cap_channel_t *cap_clone(const cap_channel_t *chan); + +/* + * The function closes the given capability. + */ +void cap_close(cap_channel_t *chan); + +/* + * The function returns socket descriptor associated with the given + * cap_channel_t for use with select(2)/kqueue(2)/etc. + */ +int cap_sock(const cap_channel_t *chan); + +/* + * The function limits the given capability. + * It always destroys 'limits' on return. + */ +int cap_limit_set(const cap_channel_t *chan, nvlist_t *limits); + +/* + * The function returns current limits of the given capability. + */ +int cap_limit_get(const cap_channel_t *chan, nvlist_t **limitsp); + +#ifdef TODO +/* + * The function registers a service within provided Casper's capability. + * It will run with the same privileges the process has at the time of + * calling this function. + */ +int cap_service_register(cap_channel_t *chan, const char *name, + cap_func_t *func); +#endif + +/* + * Function sends nvlist over the given capability. + */ +int cap_send_nvlist(const cap_channel_t *chan, const nvlist_t *nvl); +/* + * Function receives nvlist over the given capability. + */ +nvlist_t *cap_recv_nvlist(const cap_channel_t *chan); +/* + * Function sends the given nvlist, destroys it and receives new nvlist in + * response over the given capability. + */ +nvlist_t *cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl); + +#endif /* !_LIBCAPSICUM_H_ */ |