33  * ACL support routines specific to POSIX.1e access control lists.  These are
47 #include <sys/acl.h>
50  * Implement a version of vaccess() that understands POSIX.1e ACL semantics;
51  * the access ACL has already been prepared for evaluation by the file system
52  * and is passed via 'uid', 'gid', and 'acl'.  Return 0 on success, else an
57     struct acl *acl, accmode_t accmode, struct ucred *cred)  in vaccess_acl_posix1e()  argument
96 		if ((accmode & VEXEC) && (acl_posix1e_acl_to_mode(acl) &  in vaccess_acl_posix1e()
119 	for (i = 0; i < acl->acl_cnt; i++) {  in vaccess_acl_posix1e()
120 		switch (acl->acl_entry[i].ae_tag) {  in vaccess_acl_posix1e()
126 			if (acl->acl_entry[i].ae_perm & ACL_EXECUTE)  in vaccess_acl_posix1e()
128 			if (acl->acl_entry[i].ae_perm & ACL_READ)  in vaccess_acl_posix1e()
130 			if (acl->acl_entry[i].ae_perm & ACL_WRITE)  in vaccess_acl_posix1e()
145 			acl_mask = &acl->acl_entry[i];  in vaccess_acl_posix1e()
149 			acl_other = &acl->acl_entry[i];  in vaccess_acl_posix1e()
158 	 * An ACL_OTHER entry should always exist in a valid access ACL.  If  in vaccess_acl_posix1e()
190 	 * Check ACL_USER ACL entries.  There will either be one or no  in vaccess_acl_posix1e()
194 	for (i = 0; i < acl->acl_cnt; i++) {  in vaccess_acl_posix1e()
195 		switch (acl->acl_entry[i].ae_tag) {  in vaccess_acl_posix1e()
197 			if (acl->acl_entry[i].ae_id != cred->cr_uid)  in vaccess_acl_posix1e()
200 			if (acl->acl_entry[i].ae_perm & ACL_EXECUTE)  in vaccess_acl_posix1e()
202 			if (acl->acl_entry[i].ae_perm & ACL_READ)  in vaccess_acl_posix1e()
204 			if (acl->acl_entry[i].ae_perm & ACL_WRITE)  in vaccess_acl_posix1e()
228 	for (i = 0; i < acl->acl_cnt; i++) {  in vaccess_acl_posix1e()
229 		switch (acl->acl_entry[i].ae_tag) {  in vaccess_acl_posix1e()
234 			if (acl->acl_entry[i].ae_perm & ACL_EXECUTE)  in vaccess_acl_posix1e()
236 			if (acl->acl_entry[i].ae_perm & ACL_READ)  in vaccess_acl_posix1e()
238 			if (acl->acl_entry[i].ae_perm & ACL_WRITE)  in vaccess_acl_posix1e()
249 			if (!groupmember(acl->acl_entry[i].ae_id, cred))  in vaccess_acl_posix1e()
252 			if (acl->acl_entry[i].ae_perm & ACL_EXECUTE)  in vaccess_acl_posix1e()
254 			if (acl->acl_entry[i].ae_perm & ACL_READ)  in vaccess_acl_posix1e()
256 			if (acl->acl_entry[i].ae_perm & ACL_WRITE)  in vaccess_acl_posix1e()
276 		for (i = 0; i < acl->acl_cnt; i++) {  in vaccess_acl_posix1e()
277 			switch (acl->acl_entry[i].ae_tag) {  in vaccess_acl_posix1e()
282 				if (acl->acl_entry[i].ae_perm & ACL_EXECUTE)  in vaccess_acl_posix1e()
284 				if (acl->acl_entry[i].ae_perm & ACL_READ)  in vaccess_acl_posix1e()
286 				if (acl->acl_entry[i].ae_perm & ACL_WRITE)  in vaccess_acl_posix1e()
300 				if (!groupmember(acl->acl_entry[i].ae_id,  in vaccess_acl_posix1e()
304 				if (acl->acl_entry[i].ae_perm & ACL_EXECUTE)  in vaccess_acl_posix1e()
306 				if (acl->acl_entry[i].ae_perm & ACL_READ)  in vaccess_acl_posix1e()
308 				if (acl->acl_entry[i].ae_perm & ACL_WRITE)  in vaccess_acl_posix1e()
401  * Given inode information (uid, gid, mode), return an acl entry of the
435  * Utility function to generate a file mode given appropriate ACL entries.
468  * ACL.  Note that if the ACL is improperly formed, this may result in a
472 acl_posix1e_acl_to_mode(struct acl *acl)  in acl_posix1e_acl_to_mode()  argument
478 	 * Find the ACL entries relevant to a POSIX permission mode.  in acl_posix1e_acl_to_mode()
481 	for (i = 0; i < acl->acl_cnt; i++) {  in acl_posix1e_acl_to_mode()
482 		switch (acl->acl_entry[i].ae_tag) {  in acl_posix1e_acl_to_mode()
484 			acl_user_obj = &acl->acl_entry[i];  in acl_posix1e_acl_to_mode()
488 			acl_group_obj = &acl->acl_entry[i];  in acl_posix1e_acl_to_mode()
492 			acl_other = &acl->acl_entry[i];  in acl_posix1e_acl_to_mode()
496 			acl_mask = &acl->acl_entry[i];  in acl_posix1e_acl_to_mode()
525  * Perform a syntactic check of the ACL, sufficient to allow an implementing
527  * ACL properties.
530 acl_posix1e_check(struct acl *acl)  in acl_posix1e_check()  argument
555 	if (acl->acl_cnt > ACL_MAX_ENTRIES)  in acl_posix1e_check()
557 	for (i = 0; i < acl->acl_cnt; i++) {  in acl_posix1e_check()
561 		switch(acl->acl_entry[i].ae_tag) {  in acl_posix1e_check()
563 			acl->acl_entry[i].ae_id = ACL_UNDEFINED_ID; /* XXX */  in acl_posix1e_check()
564 			if (acl->acl_entry[i].ae_id != ACL_UNDEFINED_ID)  in acl_posix1e_check()
569 			acl->acl_entry[i].ae_id = ACL_UNDEFINED_ID; /* XXX */  in acl_posix1e_check()
570 			if (acl->acl_entry[i].ae_id != ACL_UNDEFINED_ID)  in acl_posix1e_check()
575 			if (acl->acl_entry[i].ae_id == ACL_UNDEFINED_ID)  in acl_posix1e_check()
580 			if (acl->acl_entry[i].ae_id == ACL_UNDEFINED_ID)  in acl_posix1e_check()
585 			acl->acl_entry[i].ae_id = ACL_UNDEFINED_ID; /* XXX */  in acl_posix1e_check()
586 			if (acl->acl_entry[i].ae_id != ACL_UNDEFINED_ID)  in acl_posix1e_check()
591 			acl->acl_entry[i].ae_id = ACL_UNDEFINED_ID; /* XXX */  in acl_posix1e_check()
592 			if (acl->acl_entry[i].ae_id != ACL_UNDEFINED_ID)  in acl_posix1e_check()
602 		if ((acl->acl_entry[i].ae_perm | ACL_PERM_BITS) !=  in acl_posix1e_check()
616  * Given a requested mode for a new object, and a default ACL, combine the
618  * intended to be affected by the POSIX.1e ACL.  Eventually, this might also
623 acl_posix1e_newfilemode(mode_t cmode, struct acl *dacl)  in acl_posix1e_newfilemode()
630 	 * set in *both* the ACL and the requested creation mode for it to  in acl_posix1e_newfilemode()
631 	 * appear in the resulting mode/ACL.  First clear any possibly  in acl_posix1e_newfilemode()