1/*-
2 * Copyright (c) 1999-2006 Robert N. M. Watson
3 * All rights reserved.
4 *
5 * This software was developed by Robert Watson for the TrustedBSD Project.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
--- 11 unchanged lines hidden (view full) ---
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28/*
29 * Developed by the TrustedBSD Project.
30 *
31 * ACL system calls and other functions common across different ACL types.
32 * Type-specific routines go into subr_acl_<type>.c.
33 */
34
35#include <sys/cdefs.h>
36__FBSDID("$FreeBSD: head/sys/kern/vfs_acl.c 160146 2006-07-06 23:37:39Z rwatson $");
37
38#include "opt_mac.h"
39
40#include <sys/param.h>
41#include <sys/systm.h>
42#include <sys/sysproto.h>
43#include <sys/kernel.h>
44#include <sys/mac.h>
45#include <sys/malloc.h>
46#include <sys/mount.h>
47#include <sys/vnode.h>
48#include <sys/lock.h>
49#include <sys/mutex.h>
50#include <sys/namei.h>
51#include <sys/file.h>
52#include <sys/filedesc.h>
53#include <sys/proc.h>
54#include <sys/sysent.h>
55#include <sys/acl.h>
56
57#include <vm/uma.h>
58
59uma_zone_t acl_zone;
60static int vacl_set_acl(struct thread *td, struct vnode *vp,
61 acl_type_t type, struct acl *aclp);
62static int vacl_get_acl(struct thread *td, struct vnode *vp,
63 acl_type_t type, struct acl *aclp);
64static int vacl_aclcheck(struct thread *td, struct vnode *vp,
65 acl_type_t type, struct acl *aclp);
66
67/*
68 * These calls wrap the real vnode operations, and are called by the
69 * syscall code once the syscall has converted the path or file
70 * descriptor to a vnode (unlocked). The aclp pointer is assumed
71 * still to point to userland, so this should not be consumed within
72 * the kernel except by syscall code. Other code should directly
73 * invoke VOP_{SET,GET}ACL.
74 */
75
--- 381 unchanged lines hidden ---
2 * Copyright (c) 1999-2006 Robert N. M. Watson
3 * All rights reserved.
4 *
5 * This software was developed by Robert Watson for the TrustedBSD Project.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
--- 11 unchanged lines hidden (view full) ---
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28/*
29 * Developed by the TrustedBSD Project.
30 *
31 * ACL system calls and other functions common across different ACL types.
32 * Type-specific routines go into subr_acl_<type>.c.
33 */
34
35#include <sys/cdefs.h>
36__FBSDID("$FreeBSD: head/sys/kern/vfs_acl.c 160146 2006-07-06 23:37:39Z rwatson $");
37
38#include "opt_mac.h"
39
40#include <sys/param.h>
41#include <sys/systm.h>
42#include <sys/sysproto.h>
43#include <sys/kernel.h>
44#include <sys/mac.h>
45#include <sys/malloc.h>
46#include <sys/mount.h>
47#include <sys/vnode.h>
48#include <sys/lock.h>
49#include <sys/mutex.h>
50#include <sys/namei.h>
51#include <sys/file.h>
52#include <sys/filedesc.h>
53#include <sys/proc.h>
54#include <sys/sysent.h>
55#include <sys/acl.h>
56
57#include <vm/uma.h>
58
59uma_zone_t acl_zone;
60static int vacl_set_acl(struct thread *td, struct vnode *vp,
61 acl_type_t type, struct acl *aclp);
62static int vacl_get_acl(struct thread *td, struct vnode *vp,
63 acl_type_t type, struct acl *aclp);
64static int vacl_aclcheck(struct thread *td, struct vnode *vp,
65 acl_type_t type, struct acl *aclp);
66
67/*
68 * These calls wrap the real vnode operations, and are called by the
69 * syscall code once the syscall has converted the path or file
70 * descriptor to a vnode (unlocked). The aclp pointer is assumed
71 * still to point to userland, so this should not be consumed within
72 * the kernel except by syscall code. Other code should directly
73 * invoke VOP_{SET,GET}ACL.
74 */
75
--- 381 unchanged lines hidden ---