+ struct vc_net_nx {
+ vc_net_nx_type type;
+ size_t count;
+ uint32_t ip;
+ uint32_t mask;
+ };
+
+ nid_t vc_net_create(nid_t nid);
+ int vc_net_migrate(nid_t nid);
+
+ int vc_net_add(nid_t nid, struct vc_net_nx const *info);
+ int vc_net_remove(nid_t nid, struct vc_net_nx const *info);
+
+ struct vc_net_flags {
+ uint_least64_t flagword;
+ uint_least64_t mask;
+ };
+
+ int vc_get_nflags(nid_t, struct vc_net_flags *);
+ int vc_set_nflags(nid_t, struct vc_net_flags const *);
+
+
+ struct vc_net_caps {
+ uint_least64_t ncaps;
+ uint_least64_t cmask;
+ };
+
+ int vc_get_ncaps(nid_t, struct vc_net_caps *);
+ int vc_set_ncaps(nid_t, struct vc_net_caps const *);
+
+
+
+
+ int vc_set_iattr(char const *filename, xid_t xid,
+ uint_least32_t flags, uint_least32_t mask) VC_ATTR_NONNULL((1));
+
+ /** \brief Returns information about attributes and assigned context of a file.
+ * \ingroup syscalls
+ *
+ * This function returns the VC_IATTR_XXX flags and about the assigned
+ * context of a file. To request an information, the appropriate bit in
+ * \c mask must be set and the corresponding parameter (\a xid or \a
+ * flags) must not be NULL.
+ *
+ * E.g. to receive the assigned context, the \c VC_IATTR_XID bit must be
+ * set in \a mask, and \a xid must point to valid memory.
+ *
+ * Possible flags are \c VC_IATTR_ADMIN, \c VC_IATTR_WATCH , \c VC_IATTR_HIDE,
+ * \c VC_IATTR_BARRIER, \c VC_IATTR_IUNLINK and \c VC_IATTR_IMMUTABLE.
+ *
+ * \param filename The name of the file whose attributes shall be determined.
+
+ * \param xid When non-zero and the VC_IATTR_XID bit is set in \a mask,
+ * the assigned context of \a filename will be stored there.
+ * \param flags When non-zero, a bitmask of current attributes will be
+ * stored there. These attributes must be requested explicitly
+ * by setting the appropriate bit in \a mask
+ * \param mask Points to a bitmask which tells which attributes shall be
+ * determined. On return, it will masquerade the attributes
+ * which were determined.
+ *
+ * \pre mask!=0 && !((*mask&VC_IATTR_XID) && xid==0) && !((*mask&~VC_IATTR_XID) && flags==0) */
+ int vc_get_iattr(char const *filename, xid_t * /*@null@*/ xid,
+ uint_least32_t * /*@null@*/ flags,
+ uint_least32_t * /*@null@*/ mask) VC_ATTR_NONNULL((1));
+
+ struct vc_vx_info {
+ xid_t xid;
+ pid_t initpid;
+ };
+
+ /** \brief Returns the context of the given process.
+ * \ingroup syscalls
+ *
+ * \param pid the process-id whose xid shall be determined;
+ * pid==0 means the current process.
+ * \returns the xid of process \c pid or -1 on errors
+ */
+ xid_t vc_get_task_xid(pid_t pid);
+ int vc_get_vx_info(xid_t xid, struct vc_vx_info *info) VC_ATTR_NONNULL((2));
+
+
+ typedef enum { vcVHI_CONTEXT, vcVHI_SYSNAME, vcVHI_NODENAME,
+ vcVHI_RELEASE, vcVHI_VERSION, vcVHI_MACHINE,
+ vcVHI_DOMAINNAME } vc_uts_type;
+
+ int vc_set_vhi_name(xid_t xid, vc_uts_type type,
+ char const *val, size_t len) VC_ATTR_NONNULL((3));
+ int vc_get_vhi_name(xid_t xid, vc_uts_type type,
+ char *val, size_t len) VC_ATTR_NONNULL((3));
+
+ /** Returns true iff \a xid is a dynamic xid */
+ bool vc_is_dynamic_xid(xid_t xid);
+
+ int vc_enter_namespace(xid_t xid);
+ int vc_set_namespace();
+ int vc_cleanup_namespace();
+
+
+ /** \brief Flags of process-contexts
+ */
+ struct vc_ctx_flags {
+ /** \brief Mask of set context flags */
+ uint_least64_t flagword;
+ /** \brief Mask of set and unset context flags when used by set
+ * operations, or modifiable flags when used by get
+ * operations */
+ uint_least64_t mask;
+ };
+
+ /** \brief Capabilities of process-contexts */
+ struct vc_ctx_caps {
+ /** \brief Mask of set common system capabilities */
+ uint_least64_t bcaps;
+ /** \brief Mask of set and unset common system capabilities when used by
+ * set operations, or the modifiable capabilities when used by
+ * get operations */
+ uint_least64_t bmask;
+ /** \brief Mask of set process context capabilities */
+ uint_least64_t ccaps;
+ /** \brief Mask of set and unset process context capabilities when used
+ * by set operations, or the modifiable capabilities when used
+ * by get operations */
+ uint_least64_t cmask;
+ };
+
+ /** \brief Information about parsing errors
+ * \ingroup helper
+ */
+ struct vc_err_listparser {
+ char const *ptr; ///< Pointer to the first character of an erroneous string
+ size_t len; ///< Length of the erroneous string
+ };
+
+ int vc_get_cflags(xid_t xid, struct vc_ctx_flags *) VC_ATTR_NONNULL((2));
+ int vc_set_cflags(xid_t xid, struct vc_ctx_flags const *) VC_ATTR_NONNULL((2));
+
+ int vc_get_ccaps(xid_t xid, struct vc_ctx_caps *);
+ int vc_set_ccaps(xid_t xid, struct vc_ctx_caps const *);
+
+ /** \brief Converts a single string into bcapability
+ * \ingroup helper
+ *
+ * \param str The string to be parsed;
+ * both "CAP_xxx" and "xxx" will be accepted
+ * \param len The length of the string, or \c 0 for automatic detection
+ *
+ * \returns 0 on error; a bitmask on success
+ * \pre \a str != 0
+ */
+ uint_least64_t vc_text2bcap(char const *str, size_t len);
+
+ /** \brief Converts the lowest bit of a bcapability or the entire value
+ * (when possible) to a textual representation
+ * \ingroup helper
+ *
+ * \param val The string to be converted; on success, the detected bit(s)
+ * will be unset, in errorcase only the lowest set bit
+ *
+ * \returns A textual representation of \a val resp. of its lowest set bit;
+ * or \c NULL in errorcase.
+ * \pre \a val!=0
+ * \post \a *val<sub>old</sub> \c != 0 \c <-->
+ * \a *val<sub>old</sub> > \a *val<sub>new</sub>
+ * \post \a *val<sub>old</sub> \c == 0 \c ---> \a result == 0
+ */
+ char const * vc_lobcap2text(uint_least64_t *val) VC_ATTR_NONNULL((1));
+
+ /** \brief Converts a string into a bcapability-bitmask
+ * \ingroup helper
+ *
+ * Syntax of \a str: \verbinclude list2xxx.syntax
+ *
+ * When the \c `~' prefix is used, the bits will be unset and a `~' after
+ * another `~' will cancel both ones. The \c `^' prefix specifies a
+ * bitnumber instead of a bitmask.
+ *
+ * "literal name" is everything which will be accepted by the
+ * vc_text2bcap() function. The special values for \c NAME will be
+ * recognized case insensitively
+ *
+ * \param str The string to be parsed
+ * \param len The length of the string, or \c 0 for automatic detection
+ * \param err Pointer to a structure for error-information, or \c NULL.
+ * \param cap Pointer to a vc_ctx_caps structure holding the results;
+ * only the \a bcaps and \a bmask fields will be changed and
+ * already set values will not be honored. When an error
+ * occured, \a cap will have the value of all processed valid
+ * \c BCAP parts.
+ *
+ * \returns 0 on success, -1 on error. In error case, \a err will hold
+ * position and length of the first not understood BCAP part
+ * \pre \a str != 0 && \a cap != 0;
+ * \a cap->bcaps and \a cap->bmask must be initialized
+ */
+ int vc_list2bcap(char const *str, size_t len,
+ struct vc_err_listparser *err,
+ struct vc_ctx_caps *cap) VC_ATTR_NONNULL((1,4));
+
+ uint_least64_t vc_text2ccap(char const *, size_t len);
+ char const * vc_loccap2text(uint_least64_t *);
+ int vc_list2ccap(char const *, size_t len,
+ struct vc_err_listparser *err,
+ struct vc_ctx_caps *);
+
+ int vc_list2cflag(char const *, size_t len,
+ struct vc_err_listparser *err,
+ struct vc_ctx_flags *flags);
+ uint_least64_t vc_text2cflag(char const *, size_t len);
+ char const * vc_locflag2text(uint_least64_t *);
+
+ uint_least32_t vc_list2cflag_compat(char const *, size_t len,
+ struct vc_err_listparser *err);
+ uint_least32_t vc_text2cflag_compat(char const *, size_t len);
+ char const * vc_hicflag2text_compat(uint_least32_t);
+
+ int vc_text2cap(char const *);
+ char const * vc_cap2text(unsigned int);
+
+
+ int vc_list2nflag(char const *, size_t len,
+ struct vc_err_listparser *err,
+ struct vc_net_flags *flags);
+ uint_least64_t vc_text2nflag(char const *, size_t len);
+ char const * vc_lonflag2text(uint_least64_t *);
+
+ uint_least64_t vc_text2ncap(char const *, size_t len);
+ char const * vc_loncap2text(uint_least64_t *);
+ int vc_list2ncap(char const *, size_t len,
+ struct vc_err_listparser *err,
+ struct vc_net_caps *);
+
+ uint_least64_t vc_get_insecurebcaps() VC_ATTR_CONST;
+ inline static uint_least64_t vc_get_insecureccaps() {
+ return ~(VC_VXC_SET_UTSNAME|VC_VXC_RAW_ICMP);
+ }
+
+ inline static int vc_setfilecontext(char const *filename, xid_t xid) {
+ return vc_set_iattr(filename, xid, 0, VC_IATTR_XID);
+ }
+
+
+ uint_least32_t vc_text2personalityflag(char const *str,
+ size_t len) VC_ATTR_NONNULL((1));
+
+ char const * vc_lopersonality2text(uint_least32_t *) VC_ATTR_NONNULL((1));
+
+ int vc_list2personalityflag(char const /*@in@*/ *,
+ size_t len,
+ uint_least32_t /*@out@*/ *personality,
+ struct vc_err_listparser /*@out@*/ *err) VC_ATTR_NONNULL((1,3));
+
+ uint_least32_t vc_str2personalitytype(char const /*@in@*/*,
+ size_t len) VC_ATTR_NONNULL((1));
+
+ /** \brief Returns the context of \c filename
+ * \ingroup syscalls
+ *
+ * This function calls vc_get_iattr() with appropriate arguments to
+ * determine the context of \c filename. In error-case or when no context
+ * is assigned, \c VC_NOCTX will be returned. To differ between both cases,
+ * \c errno must be examined.
+ *
+ * \b WARNING: this function can modify \c errno although no error happened.
+ *
+ * \param filename The file to check
+ * \returns The assigned context, or VC_NOCTX when an error occured or no
+ * such assignment exists. \c errno will be 0 in the latter case */
+ xid_t vc_getfilecontext(char const *filename) VC_ATTR_NONNULL((1));
+
+
+ struct vc_set_sched {
+ uint_least32_t set_mask;
+ int_least32_t fill_rate;
+ int_least32_t interval;
+ int_least32_t tokens;
+ int_least32_t tokens_min;
+ int_least32_t tokens_max;
+ int_least32_t priority_bias;
+ };
+
+ int vc_set_sched(xid_t xid, struct vc_set_sched const *);
+
+
+ struct vc_ctx_dlimit {
+ uint_least32_t space_used;
+ uint_least32_t space_total;
+ uint_least32_t inodes_used;
+ uint_least32_t inodes_total;
+ uint_least32_t reserved;
+ };
+
+
+ /** Add a disk limit to a file system. */
+ int vc_add_dlimit(char const *filename, xid_t xid,
+ uint_least32_t flags) VC_ATTR_NONNULL((1));
+ /** Remove a disk limit from a file system. */
+ int vc_rem_dlimit(char const *filename, xid_t xid,
+ uint_least32_t flags) VC_ATTR_NONNULL((1));
+
+ /** Set a disk limit. */
+ int vc_set_dlimit(char const *filename, xid_t xid,
+ uint_least32_t flags,
+ struct vc_ctx_dlimit const *limits) VC_ATTR_NONNULL((1,4));
+ /** Get a disk limit. */
+ int vc_get_dlimit(char const *filename, xid_t xid,
+ uint_least32_t flags,
+ struct vc_ctx_dlimit *limits) VC_ATTR_NONNULL((1));
+
+ /** \brief Waits for the end of a context
+ * \ingroup syscalls
+ */
+ int vc_wait_exit(xid_t xid);