#pragma once #include #include #include #include #include "include/ztypes.h" #include "object/kernel_object.h" class Process; class Thread; class Capability : public glcr::RefCounted { public: Capability(const glcr::RefPtr& obj, uint64_t permissions) : obj_(obj), permissions_(permissions) {} template Capability(const glcr::RefPtr& obj, uint64_t permissions) : Capability(StaticCastRefPtr(obj), permissions) {} template glcr::RefPtr obj(); glcr::RefPtr raw_obj() { return obj_; } uint64_t permissions() { return permissions_; } bool HasPermissions(uint64_t requested) { return (permissions_ & requested) == requested; } private: glcr::RefPtr obj_; uint64_t permissions_; }; template glcr::RefPtr Capability::obj() { if (obj_->TypeTag() != KernelObjectTag::type) { return nullptr; } return StaticCastRefPtr(obj_); } template z_err_t ValidateCapability(const glcr::RefPtr& cap, uint64_t permissions) { if (!cap) { return glcr::CAP_NOT_FOUND; } if (cap->raw_obj()->TypeTag() != KernelObjectTag::type) { return glcr::CAP_WRONG_TYPE; } if (!cap->HasPermissions(permissions)) { return glcr::CAP_PERMISSION_DENIED; } return glcr::OK; } #define RET_IF_NULL(expr) \ { \ if (!expr) { \ return Z_ERR_CAP_TYPE; \ } \ }