326 priv_policy_override(const cred_t *cr, int priv, boolean_t allzone, va_list ap)  in priv_policy_override()  argument
336 	} else if (allzone) {  in priv_policy_override()
373 priv_policy_err(const cred_t *cr, int priv, boolean_t allzone, const char *msg)  in priv_policy_err()  argument
377 		audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 0);  in priv_policy_err()
378 	DTRACE_PROBE2(priv__err, int, priv, boolean_t, allzone);  in priv_policy_err()
382 		if (allzone && !HAS_ALLZONEPRIVS(cr)) {  in priv_policy_err()
397 priv_policy_ap(const cred_t *cr, int priv, boolean_t allzone, int err,  in priv_policy_ap()  argument
400 	if ((HAS_PRIVILEGE(cr, priv) && (!allzone || HAS_ALLZONEPRIVS(cr))) ||  in priv_policy_ap()
402 	    priv_policy_override(cr, priv, allzone, ap) == 0)) {  in priv_policy_ap()
403 		if ((allzone || priv == PRIV_ALL ||  in priv_policy_ap()
409 				    allzone ? ZONEPRIVS(cr) : NULL, 1);  in priv_policy_ap()
412 		DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);  in priv_policy_ap()
415 		priv_policy_err(cr, priv, allzone, msg);  in priv_policy_ap()
421 priv_policy_va(const cred_t *cr, int priv, boolean_t allzone, int err,  in priv_policy_va()  argument
428 	ret = priv_policy_ap(cr, priv, allzone, err, msg, ap);  in priv_policy_va()
435 priv_policy(const cred_t *cr, int priv, boolean_t allzone, int err,  in priv_policy()  argument
438 	return (priv_policy_va(cr, priv, allzone, err, msg, KLPDARG_NONE));  in priv_policy()
445 priv_policy_choice(const cred_t *cr, int priv, boolean_t allzone)  in priv_policy_choice()  argument
448 	    (!allzone || HAS_ALLZONEPRIVS(cr));  in priv_policy_choice()
452 	    (allzone || priv == PRIV_ALL || !PRIV_ISASSERT(priv_basic, priv)) &&  in priv_policy_choice()
454 		audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 1);  in priv_policy_choice()
457 		DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);  in priv_policy_choice()
459 		DTRACE_PROBE2(priv__err, int, priv, boolean_t, allzone);  in priv_policy_choice()
468 priv_policy_only(const cred_t *cr, int priv, boolean_t allzone)  in priv_policy_only()  argument
471 	    (!allzone || HAS_ALLZONEPRIVS(cr));  in priv_policy_only()
474 		DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);  in priv_policy_only()
476 		DTRACE_PROBE2(priv__err, int, priv, boolean_t, allzone);  in priv_policy_only()
669 	boolean_t allzone = B_FALSE;  in secpolicy_fs_common()  local
682 		return (priv_policy_va(cr, PRIV_SYS_MOUNT, allzone, EPERM,  in secpolicy_fs_common()
717 		allzone = B_TRUE;  in secpolicy_fs_common()
735 	return (priv_policy_va(cr, PRIV_SYS_MOUNT, allzone, EPERM,  in secpolicy_fs_common()
937 		boolean_t allzone;  in secpolicy_vnode_access()  local
940 			allzone = B_TRUE;  in secpolicy_vnode_access()
942 			allzone = B_FALSE;  in secpolicy_vnode_access()
943 		if (priv_policy_va(cr, PRIV_FILE_DAC_WRITE, allzone, EACCES,  in secpolicy_vnode_access()
1000 		boolean_t allzone;  in secpolicy_vnode_access2()  local
1003 			allzone = B_TRUE;  in secpolicy_vnode_access2()
1005 			allzone = B_FALSE;  in secpolicy_vnode_access2()
1006 		if (priv_policy_va(cr, PRIV_FILE_DAC_WRITE, allzone, EACCES,  in secpolicy_vnode_access2()
1050 		boolean_t allzone = B_FALSE;  in secpolicy_vnode_any_access()  local
1066 			allzone = owner == 0;  in secpolicy_vnode_any_access()
1069 		if (PRIV_POLICY_CHOICE(cr, priv, allzone))  in secpolicy_vnode_any_access()
1087 	boolean_t allzone = B_TRUE;  in secpolicy_vnode_setid_modify()  local
1092 		allzone = B_FALSE;  in secpolicy_vnode_setid_modify()
1094 	return (PRIV_POLICY(cr, PRIV_FILE_SETID, allzone, EPERM, NULL));  in secpolicy_vnode_setid_modify()
1141 	boolean_t allzone = B_FALSE;  in secpolicy_vnode_chown()  local
1145 		allzone = (owner == 0);  in secpolicy_vnode_chown()
1152 	return (PRIV_POLICY(cred, priv, allzone, EPERM, NULL));  in secpolicy_vnode_chown()
1235 	boolean_t allzone = (owner == 0);  in secpolicy_vnode_owner()  local
1240 	return (PRIV_POLICY(cr, PRIV_FILE_OWNER, allzone, EPERM, NULL));  in secpolicy_vnode_owner()
1527 		boolean_t allzone = B_FALSE;  in secpolicy_ipc_owner()  local
1529 			allzone = B_TRUE;  in secpolicy_ipc_owner()
1530 		return (PRIV_POLICY(cr, PRIV_IPC_OWNER, allzone, EPERM, NULL));  in secpolicy_ipc_owner()
1545 	boolean_t allzone = B_FALSE;  in secpolicy_ipc_access()  local
1550 	    PRIV_POLICY(cr, PRIV_IPC_DAC_READ, allzone, EACCES, NULL) != 0)  in secpolicy_ipc_access()
1555 			allzone = B_TRUE;  in secpolicy_ipc_access()
1557 		return (PRIV_POLICY(cr, PRIV_IPC_DAC_WRITE, allzone, EACCES,  in secpolicy_ipc_access()
1566 	boolean_t allzone = B_FALSE;  in secpolicy_rsm_access()  local
1571 	    PRIV_POLICY(cr, PRIV_IPC_DAC_READ, allzone, EACCES, NULL) != 0)  in secpolicy_rsm_access()
1576 			allzone = B_TRUE;  in secpolicy_rsm_access()
1578 		return (PRIV_POLICY(cr, PRIV_IPC_DAC_WRITE, allzone, EACCES,  in secpolicy_rsm_access()
1659 	boolean_t allzone = B_FALSE;  in secpolicy_allow_setid()  local
1663 		allzone = B_TRUE;  in secpolicy_allow_setid()
1666 	return (checkonly ? !PRIV_POLICY_ONLY(cr, PRIV_PROC_SETID, allzone) :  in secpolicy_allow_setid()
1667 	    PRIV_POLICY(cr, PRIV_PROC_SETID, allzone, EPERM, NULL));  in secpolicy_allow_setid()
1679 	boolean_t allzone = B_FALSE;  in secpolicy_proc_owner()  local
1683 		allzone = B_TRUE;  in secpolicy_proc_owner()
1685 	return (PRIV_POLICY(scr, PRIV_PROC_OWNER, allzone, EPERM, NULL));  in secpolicy_proc_owner()