• Home
  • History
  • Annotate
  • Raw
  • Download
  • only in /macosx-10.5.8/xnu-1228.15.4/bsd/vfs/

Lines Matching refs:rights

2  * Copyright (c) 2000-2008 Apple Inc. All rights reserved.
9  * compliance with the License. The rights granted to you under the License
23  * Please see the License for the specific language governing rights and
31  *	The Regents of the University of California.  All rights reserved.
5115 	 * If we are the file owner, we automatically have some rights.
5135 		KAUTH_DEBUG("%p    ALLOWED - implicit or no rights required", vcp->vp);
5166 			KAUTH_DEBUG("%p    ALLOWED - all rights granted by ACL", vcp->vp);
5171 		/* fall through and evaluate residual rights */
5178 	 * Grant residual rights that have been pre-authorized.
5189 		KAUTH_DEBUG("%p    ALLOWED - rights already authorized", vcp->vp);
5194 	 * Bail if we have residual rights that can't be granted by posix permissions,
5215 	 * rights.
5236 		KAUTH_DEBUG("%p    ALLOWED - residual rights %s%s%s%s%s%s%s%s%s%s%s%s%s%s granted due to no posix mapping",
5278 vnode_authorize_checkimmutable(vnode_t vp, struct vnode_attr *vap, int rights, int ignore)
5298 		rights &= ~KAUTH_VNODE_WRITE_DATA;
5305 	if (rights & KAUTH_VNODE_WRITE_RIGHTS) {
5312 			if ((rights & KAUTH_VNODE_WRITE_EXTATTRIBUTES) &&
5323 			if ((rights & (KAUTH_VNODE_ADD_FILE | KAUTH_VNODE_ADD_SUBDIRECTORY)) == rights)
5326 			if ((rights & KAUTH_VNODE_APPEND_DATA) == rights)
5447 	 * this point which rights to look at based on the 
5449 	 * otherwise check the kauth 'rights' cache hung
5485 	kauth_ace_rights_t	rights;
5539 	 * requested rights.
5542 	rights = action & ~(KAUTH_VNODE_ACCESS | KAUTH_VNODE_NOIMMUTABLE);
5544 	if (rights & KAUTH_VNODE_DELETE) {
5564 	if ((rights & KAUTH_VNODE_WRITE_RIGHTS) &&
5568 	     (rights & KAUTH_VNODE_DELETE) || (rights & KAUTH_VNODE_DELETE_CHILD))) {
5576 	if ((rights & KAUTH_VNODE_EXECUTE) && (vp->v_type == VREG) && (vp->v_mount->mnt_flag & MNT_NOEXEC)) {
5620 		if (rights & KAUTH_VNODE_READ_DATA) {
5621 			rights &= ~KAUTH_VNODE_READ_DATA;
5622 			rights |= KAUTH_VNODE_READ_EXTATTRIBUTES;
5624 		if (rights & KAUTH_VNODE_WRITE_DATA) {
5625 			rights &= ~KAUTH_VNODE_WRITE_DATA;
5626 			rights |= KAUTH_VNODE_WRITE_EXTATTRIBUTES;
5654 	 * file rights.
5656 	if ((result = vnode_authorize_checkimmutable(vp, &va, rights, noimmutable)) != 0)
5658 	if ((rights & KAUTH_VNODE_DELETE) &&
5664 	 * Clear rights that have been authorized by reaching this point, bail if nothing left to
5667 	rights &= ~(KAUTH_VNODE_LINKTARGET | KAUTH_VNODE_CHECKIMMUTABLE);
5668 	if (rights == 0)
5677 		/* process delete rights */
5678 		if ((rights & KAUTH_VNODE_DELETE) &&
5682 		/* process remaining rights */
5683 		if ((rights & ~KAUTH_VNODE_DELETE) &&
5684 		    (result = vnode_authorize_simple(vcp, rights, rights & KAUTH_VNODE_DELETE, &found_deny)) != 0)
5692 		if ((rights & KAUTH_VNODE_EXECUTE) &&
5716 	if ((rights & KAUTH_VNODE_SEARCH) && found_deny == FALSE && vp->v_type == VDIR) {
5722 		 * match the credential associated with this cache of rights.
5730 	if ((rights & KAUTH_VNODE_DELETE) && parent_authorized_for_delete_child == FALSE) {
5741 		    	/* OK to cache delete rights */
5748 	 * Note that this implies that we will allow requests for no rights, as well as
5749 	 * for rights that we do not recognise.  There should be none of these.