1use super::abi::*;
2use crate::result_from_value;
3
4pub const PR_SET_PDEATHSIG: u32 = 1;
5pub const PR_GET_PDEATHSIG: u32 = 2;
6pub const PR_GET_DUMPABLE: u32 = 3;
7pub const PR_SET_DUMPABLE: u32 = 4;
8pub const PR_GET_UNALIGN: u32 = 5;
9pub const PR_SET_UNALIGN: u32 = 6;
10pub const PR_GET_KEEPCAPS: u32 = 7;
11pub const PR_SET_KEEPCAPS: u32 = 8;
12pub const PR_GET_FPEMU: u32 = 9;
13pub const PR_SET_FPEMU: u32 = 10;
14pub const PR_GET_FPEXC: u32 = 11;
15pub const PR_SET_FPEXC: u32 = 12;
16pub const PR_GET_TIMING: u32 = 13;
17pub const PR_SET_TIMING: u32 = 14;
18pub const PR_SET_NAME: u32 = 15;
19pub const PR_GET_NAME: u32 = 16;
20pub const PR_GET_ENDIAN: u32 = 19;
21pub const PR_SET_ENDIAN: u32 = 20;
22pub const PR_GET_SECCOMP: u32 = 21;
23pub const PR_SET_SECCOMP: u32 = 22;
24pub const PR_CAPBSET_READ: u32 = 23;
25pub const PR_CAPBSET_DROP: u32 = 24;
26pub const PR_GET_TSC: u32 = 25;
27pub const PR_SET_TSC: u32 = 26;
28pub const PR_GET_SECUREBITS: u32 = 27;
29pub const PR_SET_SECUREBITS: u32 = 28;
30pub const PR_SET_TIMERSLACK: u32 = 29;
31pub const PR_GET_TIMERSLACK: u32 = 30;
32pub const PR_TASK_PERF_EVENTS_DISABLE: u32 = 31;
33pub const PR_TASK_PERF_EVENTS_ENABLE: u32 = 32;
34pub const PR_MCE_KILL: u32 = 33;
35pub const PR_MCE_KILL_GET: u32 = 34;
36pub const PR_SET_MM: u32 = 35;
37pub const PR_SET_PTRACER: u32 = 0x59616d61;
38pub const PR_SET_CHILD_SUBREAPER: u32 = 36;
39pub const PR_GET_CHILD_SUBREAPER: u32 = 37;
40pub const PR_SET_NO_NEW_PRIVS: u32 = 38;
41pub const PR_GET_NO_NEW_PRIVS: u32 = 39;
42pub const PR_GET_TID_ADDRESS: u32 = 40;
43pub const PR_SET_THP_DISABLE: u32 = 41;
44pub const PR_GET_THP_DISABLE: u32 = 42;
45pub const PR_SET_FP_MODE: u32 = 45;
46pub const PR_GET_FP_MODE: u32 = 46;
47pub const PR_CAP_AMBIENT: u32 = 47;
48pub const PR_SVE_SET_VL: u32 = 50;
49pub const PR_SVE_GET_VL: u32 = 51;
50pub const PR_GET_SPECULATION_CTRL: u32 = 52;
51pub const PR_SET_SPECULATION_CTRL: u32 = 53;
52pub const PR_PAC_RESET_KEYS: u32 = 54;
53pub const PR_SET_TAGGED_ADDR_CTRL: u32 = 55;
54pub const PR_GET_TAGGED_ADDR_CTRL: u32 = 56;
55pub const PR_SET_IO_FLUSHER: u32 = 57;
56pub const PR_GET_IO_FLUSHER: u32 = 58;
57pub const PR_SET_SYSCALL_USER_DISPATCH: u32 = 59;
58pub const PR_PAC_SET_ENABLED_KEYS: u32 = 60;
59pub const PR_PAC_GET_ENABLED_KEYS: u32 = 61;
60pub const PR_SCHED_CORE: u32 = 62;
61
62pub const CAP_CHOWN: u32 = 0;
63pub const CAP_DAC_OVERRIDE: u32 = 1;
64pub const CAP_DAC_READ_SEARCH: u32 = 2;
65pub const CAP_FOWNER: u32 = 3;
66pub const CAP_FSETID: u32 = 4;
67pub const CAP_KILL: u32 = 5;
68pub const CAP_SETGID: u32 = 6;
69pub const CAP_SETUID: u32 = 7;
70pub const CAP_SETPCAP: u32 = 8;
71pub const CAP_LINUX_IMMUTABLE: u32 = 9;
72pub const CAP_NET_BIND_SERVICE: u32 = 10;
73pub const CAP_NET_BROADCAST: u32 = 11;
74pub const CAP_NET_ADMIN: u32 = 12;
75pub const CAP_NET_RAW: u32 = 13;
76pub const CAP_IPC_LOCK: u32 = 14;
77pub const CAP_IPC_OWNER: u32 = 15;
78pub const CAP_SYS_MODULE: u32 = 16;
79pub const CAP_SYS_RAWIO: u32 = 17;
80pub const CAP_SYS_CHROOT: u32 = 18;
81pub const CAP_SYS_PTRACE: u32 = 19;
82pub const CAP_SYS_PACCT: u32 = 20;
83pub const CAP_SYS_ADMIN: u32 = 21;
84pub const CAP_SYS_BOOT: u32 = 22;
85pub const CAP_SYS_NICE: u32 = 23;
86pub const CAP_SYS_RESOURCE: u32 = 24;
87pub const CAP_SYS_TIME: u32 = 25;
88pub const CAP_SYS_TTY_CONFIG: u32 = 26;
89pub const CAP_MKNOD: u32 = 27;
90pub const CAP_LEASE: u32 = 28;
91pub const CAP_AUDIT_WRITE: u32 = 29;
92pub const CAP_AUDIT_CONTROL: u32 = 30;
93pub const CAP_SETFCAP: u32 = 31;
94pub const CAP_MAC_OVERRIDE: u32 = 32;
95pub const CAP_MAC_ADMIN: u32 = 33;
96pub const CAP_SYSLOG: u32 = 34;
97pub const CAP_WAKE_ALARM: u32 = 35;
98pub const CAP_BLOCK_SUSPEND: u32 = 36;
99pub const CAP_AUDIT_READ: u32 = 37;
100pub const CAP_PERFMON: u32 = 38;
101pub const CAP_BPF: u32 = 39;
102pub const CAP_CHECKPOINT_RESTORE: u32 = 40;
103
104#[inline]
105#[allow(clippy::missing_safety_doc)]
106pub unsafe fn prctl(
107 option: u32,
108 arg2: usize,
109 arg3: usize,
110 arg4: usize,
111 arg5: usize,
112) -> crate::Result<i32> {
113 let ret = syscall_5(157, option as usize, arg2, arg3, arg4, arg5) as i32;
114 result_from_value(ret)
115}
116
117#[inline]
118pub fn prctl_capbset_drop(cap: u32) -> crate::Result<()> {
119 unsafe { prctl(PR_CAPBSET_DROP, cap as usize, 0, 0, 0)? };
120 Ok(())
121}