add a macro to wrap a privilegied function

This macro is a helper to call a function into a [un]privilegied section.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

diff --git a/src/lxc/caps.h b/src/lxc/caps.h
index bdc248bebd43867e49d07c2abf9395ea74313481..6b2764899d66faaf47798772e64a6a70e9f19b0b 100644 (file)
--- a/src/lxc/caps.h
+++ b/src/lxc/caps.h
@@ -22,7 +22,34 @@
  */
 #ifndef _caps_h
 #define _caps_h
-int lxc_caps_down(void);
-int lxc_caps_up(void);
-int lxc_caps_init(void);
+
+extern int lxc_caps_down(void);
+extern int lxc_caps_up(void);
+extern int lxc_caps_init(void);
+
+#define lxc_priv(__lxc_function)                       \
+       ({                                              \
+               int __ret, __ret2, __errno = 0;         \
+               __ret = lxc_caps_up();                  \
+               if (__ret)                              \
+                       goto __out;                     \
+               __ret = __lxc_function;                 \
+               if (__ret)                              \
+                       __errno = errno;                \
+               __ret2 = lxc_caps_down();               \
+       __out:  __ret ? errno = __errno,__ret : __ret2; \
+       })
+
+#define lxc_unpriv(__lxc_function)             \
+       ({                                              \
+               int __ret, __ret2, __errno = 0;         \
+               __ret = lxc_caps_down();                \
+               if (__ret)                              \
+                       goto __out;                     \
+               __ret = __lxc_function;                 \
+               if (__ret)                              \
+                       __errno = errno;                \
+               __ret2 = lxc_caps_up();                 \
+       __out:  __ret ? errno = __errno,__ret : __ret2; \
+       })
 #endif