Hardware Capability Access Checker Code Review Challenge

34 lines

include/capability_checker.h

Declares CapabilityChecker and the capability bitmask constants.

// CapabilityChecker: enforces capability-based access control for hardware operations.

#pragma once

#include <cstdint>

// Bitmask values for individually grantable hardware capabilities.

namespace Caps {

  static constexpr uint32_t SENSOR_READ   = 0x01u; // read sensor registers

  static constexpr uint32_t SENSOR_WRITE  = 0x02u; // write sensor configuration

  static constexpr uint32_t ACTUATOR_CTRL = 0x04u; // control actuator outputs

  static constexpr uint32_t SYSTEM_RESET  = 0x08u; // trigger a supervised system reset

// Validates whether a session's capability mask satisfies the requirements

// for a given hardware operation.

class CapabilityChecker {

public:

  // Parameters:

  //   sessionCaps - bitmask of all capabilities granted to the current session

  // Returns: new CapabilityChecker for the given session

  explicit CapabilityChecker(uint32_t sessionCaps);

  // Checks whether the session holds ALL of the required capability bits.

  // Every bit set in required must also be set in the session capability mask.

  // Parameters:

  //   required - bitmask of all capability bits the operation demands

  // Returns: true only if (sessionCaps & required) == required; false otherwise

  bool hasCapability(uint32_t required) const;

  // Returns the full capability bitmask granted to this session.

  uint32_t sessionCaps() const { return sessionCaps_; }

private:

  uint32_t sessionCaps_; // capabilities granted at session creation

};

No findings yet

Click on a line number in the code to add a finding

You need to log in or sign up to submit.

You can inspect the challenge for free, but AI review and results require an account.