subr_acl_posix1e.c (107839) | subr_acl_posix1e.c (107849) |
---|---|
1/*- 2 * Copyright (c) 1999-2001 Robert N. M. Watson 3 * All rights reserved. 4 * 5 * This software was developed by Robert Watson for the TrustedBSD Project. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions --- 11 unchanged lines hidden (view full) --- 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * | 1/*- 2 * Copyright (c) 1999-2001 Robert N. M. Watson 3 * All rights reserved. 4 * 5 * This software was developed by Robert Watson for the TrustedBSD Project. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions --- 11 unchanged lines hidden (view full) --- 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * |
28 * $FreeBSD: head/sys/kern/subr_acl_posix1e.c 107839 2002-12-13 22:41:47Z alfred $ | 28 * $FreeBSD: head/sys/kern/subr_acl_posix1e.c 107849 2002-12-14 01:56:26Z alfred $ |
29 */ 30/* 31 * Developed by the TrustedBSD Project. 32 * Support for POSIX.1e access control lists. 33 */ 34 35#include "opt_mac.h" 36 --- 647 unchanged lines hidden (view full) --- 684 */ 685int 686__acl_get_file(struct thread *td, struct __acl_get_file_args *uap) 687{ 688 struct nameidata nd; 689 int error; 690 691 mtx_lock(&Giant); | 29 */ 30/* 31 * Developed by the TrustedBSD Project. 32 * Support for POSIX.1e access control lists. 33 */ 34 35#include "opt_mac.h" 36 --- 647 unchanged lines hidden (view full) --- 684 */ 685int 686__acl_get_file(struct thread *td, struct __acl_get_file_args *uap) 687{ 688 struct nameidata nd; 689 int error; 690 691 mtx_lock(&Giant); |
692 NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, SCARG(uap, path), td); | 692 NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td); |
693 error = namei(&nd); 694 if (error == 0) { | 693 error = namei(&nd); 694 if (error == 0) { |
695 error = vacl_get_acl(td, nd.ni_vp, SCARG(uap, type), 696 SCARG(uap, aclp)); | 695 error = vacl_get_acl(td, nd.ni_vp, uap->type, 696 uap->aclp); |
697 NDFREE(&nd, 0); 698 } 699 mtx_unlock(&Giant); 700 return (error); 701} 702 703/* 704 * Given a file path, set an ACL for it 705 * 706 * MPSAFE 707 */ 708int 709__acl_set_file(struct thread *td, struct __acl_set_file_args *uap) 710{ 711 struct nameidata nd; 712 int error; 713 714 mtx_lock(&Giant); | 697 NDFREE(&nd, 0); 698 } 699 mtx_unlock(&Giant); 700 return (error); 701} 702 703/* 704 * Given a file path, set an ACL for it 705 * 706 * MPSAFE 707 */ 708int 709__acl_set_file(struct thread *td, struct __acl_set_file_args *uap) 710{ 711 struct nameidata nd; 712 int error; 713 714 mtx_lock(&Giant); |
715 NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, SCARG(uap, path), td); | 715 NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td); |
716 error = namei(&nd); 717 if (error == 0) { | 716 error = namei(&nd); 717 if (error == 0) { |
718 error = vacl_set_acl(td, nd.ni_vp, SCARG(uap, type), 719 SCARG(uap, aclp)); | 718 error = vacl_set_acl(td, nd.ni_vp, uap->type, 719 uap->aclp); |
720 NDFREE(&nd, 0); 721 } 722 mtx_unlock(&Giant); 723 return (error); 724} 725 726/* 727 * Given a file descriptor, get an ACL for it 728 * 729 * MPSAFE 730 */ 731int 732__acl_get_fd(struct thread *td, struct __acl_get_fd_args *uap) 733{ 734 struct file *fp; 735 int error; 736 737 mtx_lock(&Giant); | 720 NDFREE(&nd, 0); 721 } 722 mtx_unlock(&Giant); 723 return (error); 724} 725 726/* 727 * Given a file descriptor, get an ACL for it 728 * 729 * MPSAFE 730 */ 731int 732__acl_get_fd(struct thread *td, struct __acl_get_fd_args *uap) 733{ 734 struct file *fp; 735 int error; 736 737 mtx_lock(&Giant); |
738 error = getvnode(td->td_proc->p_fd, SCARG(uap, filedes), &fp); | 738 error = getvnode(td->td_proc->p_fd, uap->filedes, &fp); |
739 if (error == 0) { 740 error = vacl_get_acl(td, (struct vnode *)fp->f_data, | 739 if (error == 0) { 740 error = vacl_get_acl(td, (struct vnode *)fp->f_data, |
741 SCARG(uap, type), SCARG(uap, aclp)); | 741 uap->type, uap->aclp); |
742 fdrop(fp, td); 743 } 744 mtx_unlock(&Giant); 745 return (error); 746} 747 748/* 749 * Given a file descriptor, set an ACL for it 750 * 751 * MPSAFE 752 */ 753int 754__acl_set_fd(struct thread *td, struct __acl_set_fd_args *uap) 755{ 756 struct file *fp; 757 int error; 758 759 mtx_lock(&Giant); | 742 fdrop(fp, td); 743 } 744 mtx_unlock(&Giant); 745 return (error); 746} 747 748/* 749 * Given a file descriptor, set an ACL for it 750 * 751 * MPSAFE 752 */ 753int 754__acl_set_fd(struct thread *td, struct __acl_set_fd_args *uap) 755{ 756 struct file *fp; 757 int error; 758 759 mtx_lock(&Giant); |
760 error = getvnode(td->td_proc->p_fd, SCARG(uap, filedes), &fp); | 760 error = getvnode(td->td_proc->p_fd, uap->filedes, &fp); |
761 if (error == 0) { 762 error = vacl_set_acl(td, (struct vnode *)fp->f_data, | 761 if (error == 0) { 762 error = vacl_set_acl(td, (struct vnode *)fp->f_data, |
763 SCARG(uap, type), SCARG(uap, aclp)); | 763 uap->type, uap->aclp); |
764 fdrop(fp, td); 765 } 766 mtx_unlock(&Giant); 767 return (error); 768} 769 770/* 771 * Given a file path, delete an ACL from it. 772 * 773 * MPSAFE 774 */ 775int 776__acl_delete_file(struct thread *td, struct __acl_delete_file_args *uap) 777{ 778 struct nameidata nd; 779 int error; 780 781 mtx_lock(&Giant); | 764 fdrop(fp, td); 765 } 766 mtx_unlock(&Giant); 767 return (error); 768} 769 770/* 771 * Given a file path, delete an ACL from it. 772 * 773 * MPSAFE 774 */ 775int 776__acl_delete_file(struct thread *td, struct __acl_delete_file_args *uap) 777{ 778 struct nameidata nd; 779 int error; 780 781 mtx_lock(&Giant); |
782 NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, SCARG(uap, path), td); | 782 NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td); |
783 error = namei(&nd); 784 if (error == 0) { | 783 error = namei(&nd); 784 if (error == 0) { |
785 error = vacl_delete(td, nd.ni_vp, SCARG(uap, type)); | 785 error = vacl_delete(td, nd.ni_vp, uap->type); |
786 NDFREE(&nd, 0); 787 } 788 mtx_unlock(&Giant); 789 return (error); 790} 791 792/* 793 * Given a file path, delete an ACL from it. 794 * 795 * MPSAFE 796 */ 797int 798__acl_delete_fd(struct thread *td, struct __acl_delete_fd_args *uap) 799{ 800 struct file *fp; 801 int error; 802 803 mtx_lock(&Giant); | 786 NDFREE(&nd, 0); 787 } 788 mtx_unlock(&Giant); 789 return (error); 790} 791 792/* 793 * Given a file path, delete an ACL from it. 794 * 795 * MPSAFE 796 */ 797int 798__acl_delete_fd(struct thread *td, struct __acl_delete_fd_args *uap) 799{ 800 struct file *fp; 801 int error; 802 803 mtx_lock(&Giant); |
804 error = getvnode(td->td_proc->p_fd, SCARG(uap, filedes), &fp); | 804 error = getvnode(td->td_proc->p_fd, uap->filedes, &fp); |
805 if (error == 0) { 806 error = vacl_delete(td, (struct vnode *)fp->f_data, | 805 if (error == 0) { 806 error = vacl_delete(td, (struct vnode *)fp->f_data, |
807 SCARG(uap, type)); | 807 uap->type); |
808 fdrop(fp, td); 809 } 810 mtx_unlock(&Giant); 811 return (error); 812} 813 814/* 815 * Given a file path, check an ACL for it 816 * 817 * MPSAFE 818 */ 819int 820__acl_aclcheck_file(struct thread *td, struct __acl_aclcheck_file_args *uap) 821{ 822 struct nameidata nd; 823 int error; 824 825 mtx_lock(&Giant); | 808 fdrop(fp, td); 809 } 810 mtx_unlock(&Giant); 811 return (error); 812} 813 814/* 815 * Given a file path, check an ACL for it 816 * 817 * MPSAFE 818 */ 819int 820__acl_aclcheck_file(struct thread *td, struct __acl_aclcheck_file_args *uap) 821{ 822 struct nameidata nd; 823 int error; 824 825 mtx_lock(&Giant); |
826 NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, SCARG(uap, path), td); | 826 NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td); |
827 error = namei(&nd); 828 if (error == 0) { | 827 error = namei(&nd); 828 if (error == 0) { |
829 error = vacl_aclcheck(td, nd.ni_vp, SCARG(uap, type), 830 SCARG(uap, aclp)); | 829 error = vacl_aclcheck(td, nd.ni_vp, uap->type, 830 uap->aclp); |
831 NDFREE(&nd, 0); 832 } 833 mtx_unlock(&Giant); 834 return (error); 835} 836 837/* 838 * Given a file descriptor, check an ACL for it 839 * 840 * MPSAFE 841 */ 842int 843__acl_aclcheck_fd(struct thread *td, struct __acl_aclcheck_fd_args *uap) 844{ 845 struct file *fp; 846 int error; 847 848 mtx_lock(&Giant); | 831 NDFREE(&nd, 0); 832 } 833 mtx_unlock(&Giant); 834 return (error); 835} 836 837/* 838 * Given a file descriptor, check an ACL for it 839 * 840 * MPSAFE 841 */ 842int 843__acl_aclcheck_fd(struct thread *td, struct __acl_aclcheck_fd_args *uap) 844{ 845 struct file *fp; 846 int error; 847 848 mtx_lock(&Giant); |
849 error = getvnode(td->td_proc->p_fd, SCARG(uap, filedes), &fp); | 849 error = getvnode(td->td_proc->p_fd, uap->filedes, &fp); |
850 if (error == 0) { 851 error = vacl_aclcheck(td, (struct vnode *)fp->f_data, | 850 if (error == 0) { 851 error = vacl_aclcheck(td, (struct vnode *)fp->f_data, |
852 SCARG(uap, type), SCARG(uap, aclp)); | 852 uap->type, uap->aclp); |
853 fdrop(fp, td); 854 } 855 mtx_unlock(&Giant); 856 return (error); 857} | 853 fdrop(fp, td); 854 } 855 mtx_unlock(&Giant); 856 return (error); 857} |