1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22/* 23 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27#pragma ident "%Z%%M% %I% %E% SMI" 28 29#include "lint.h" 30#include "priv_private.h" 31#include "mtlib.h" 32#include "libc.h" 33#include <door.h> 34#include <errno.h> 35#include <priv.h> 36#include <klpd.h> 37#include <stdio.h> 38#include <stdlib.h> 39#include <string.h> 40#include <sys/klpd.h> 41#include <sys/param.h> 42#include <sys/syscall.h> 43#include <unistd.h> 44#include <netinet/in.h> 45 46typedef struct klpd_data { 47 boolean_t (*kd_callback)(void *, const priv_set_t *, void *); 48 void *kd_user_cookie; 49 int kd_doorfd; 50} klpd_data_t; 51 52typedef struct klpd_ctxt { 53 klpd_data_t *kc_data; 54 char *kc_path; 55 int kc_int; 56 int kc_type; 57} klpd_ctxt_t; 58 59/* ARGSUSED */ 60static void 61klpd_door_callback(void *kd_cookie, char *argp, size_t arg_size, 62 door_desc_t *dp, uint_t ndesc) 63{ 64 klpd_data_t *p = kd_cookie; 65 int res; 66 klpd_ctxt_t ctx; 67 klpd_head_t *klh; 68 klpd_arg_t *ka; 69 priv_set_t *pset; 70 71 if (argp == DOOR_UNREF_DATA) { 72 (void) p->kd_callback(p->kd_user_cookie, NULL, NULL); 73 (void) door_return(NULL, 0, NULL, 0); 74 } 75 76 klh = (void *)argp; 77 ka = KLH_ARG(klh); 78 pset = KLH_PRIVSET(klh); 79 80 ctx.kc_type = ka == NULL ? KLPDARG_NONE : ka->kla_type; 81 82 switch (ctx.kc_type) { 83 case KLPDARG_NONE: 84 ctx.kc_path = NULL; 85 ctx.kc_int = -1; 86 break; 87 case KLPDARG_VNODE: 88 ctx.kc_path = ka->kla_str; 89 ctx.kc_int = -1; 90 break; 91 default: 92 ctx.kc_int = ka->kla_int; 93 ctx.kc_path = NULL; 94 break; 95 } 96 97 ctx.kc_data = p; 98 99 if (p->kd_callback(p->kd_user_cookie, pset, &ctx)) 100 res = 0; 101 else 102 res = 1; 103 104 (void) door_return((char *)&res, sizeof (res), NULL, 0); 105} 106 107void * 108klpd_create(boolean_t (*callback)(void *, const priv_set_t *, void *), 109 void *cookie) 110{ 111 klpd_data_t *p = malloc(sizeof (klpd_data_t)); 112 113 if (p == NULL) 114 return (NULL); 115 116 p->kd_doorfd = door_create(klpd_door_callback, p, 117 DOOR_REFUSE_DESC | DOOR_UNREF); 118 if (p->kd_doorfd == -1) 119 goto out; 120 121 p->kd_user_cookie = cookie; 122 p->kd_callback = callback; 123 124 return (p); 125 126out: 127 free(p); 128 return (NULL); 129} 130 131int 132klpd_register_id(const priv_set_t *set, void *handle, idtype_t type, id_t id) 133{ 134 klpd_data_t *p = handle; 135 priv_data_t *d; 136 137 LOADPRIVDATA(d); 138 139 /* We really need to have the privilege set as argument here */ 140 if (syscall(SYS_privsys, PRIVSYS_KLPD_REG, p->kd_doorfd, id, 141 set, d->pd_setsize, type) == -1) 142 return (-1); 143 144 /* Registration for the current process? Then do the thing. */ 145 if (type == P_PID && (id == 0 || (pid_t)id == getpid())) { 146 (void) setppriv(PRIV_OFF, PRIV_INHERITABLE, set); 147 (void) setpflags(PRIV_XPOLICY, 1); 148 } 149 return (0); 150} 151 152int 153klpd_register(const priv_set_t *set, void *handle) 154{ 155 return (klpd_register_id(set, handle, P_PID, -1)); 156} 157 158int 159klpd_unregister_id(void *handle, idtype_t type, id_t id) 160{ 161 klpd_data_t *p = handle; 162 int err; 163 164 err = syscall(SYS_privsys, PRIVSYS_KLPD_UNREG, p->kd_doorfd, id, 165 (void *)NULL, 0L, type); 166 if (close(p->kd_doorfd) != 0) 167 err = -1; 168 free(p); 169 return (err); 170} 171 172int 173klpd_unregister(void *handle) 174{ 175 return (klpd_unregister_id(handle, P_PID, -1)); 176} 177 178const char * 179klpd_getpath(void *context) 180{ 181 klpd_ctxt_t *p = context; 182 183 if (p->kc_type != KLPDARG_VNODE) 184 errno = EINVAL; 185 return (p->kc_path); 186} 187 188int 189klpd_getport(void *context, int *proto) 190{ 191 klpd_ctxt_t *p = context; 192 193 switch (p->kc_type) { 194 case KLPDARG_TCPPORT: 195 *proto = IPPROTO_TCP; 196 break; 197 case KLPDARG_UDPPORT: 198 *proto = IPPROTO_UDP; 199 break; 200 case KLPDARG_SCTPPORT: 201 *proto = IPPROTO_SCTP; 202 break; 203 case KLPDARG_SDPPORT: 204 *proto = PROTO_SDP; 205 break; 206 default: 207 errno = EINVAL; 208 return (-1); 209 } 210 return (p->kc_int); 211} 212 213/*ARGSUSED*/ 214int 215klpd_getucred(ucred_t **uc, void *context) 216{ 217 return (door_ucred(uc)); 218} 219