1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
5 * All rights reserved.
6 *
7 * This software was developed by Robert Watson for the TrustedBSD Project.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGE.
29 */
30 /*
31 * acl_get_fd - syscall wrapper for retrieving access ACL by fd
32 * acl_get_fd_np - syscall wrapper for retrieving ACL by fd (non-POSIX)
33 * acl_get_file - syscall wrapper for retrieving ACL by filename
34 * acl_get_link_np - syscall wrapper for retrieving ACL by filename (NOFOLLOW)
35 * (non-POSIX)
36 * acl_get_perm_np() checks if a permission is in the specified
37 * permset (non-POSIX)
38 * acl_get_permset() returns the permission set in the ACL entry
39 * acl_get_qualifier() retrieves the qualifier of the tag from the ACL entry
40 * acl_get_tag_type() returns the tag type for the ACL entry entry_d
41 */
42
43 #include <sys/types.h>
44 #include "namespace.h"
45 #include <sys/acl.h>
46 #include "un-namespace.h"
47
48 #include <errno.h>
49 #include <stdio.h>
50 #include <stdlib.h>
51 #include <string.h>
52 #include <unistd.h>
53
54 #include "acl_support.h"
55
56 acl_t
acl_get_file(const char * path_p,acl_type_t type)57 acl_get_file(const char *path_p, acl_type_t type)
58 {
59 acl_t aclp;
60 int error;
61
62 aclp = acl_init(ACL_MAX_ENTRIES);
63 if (aclp == NULL)
64 return (NULL);
65
66 type = _acl_type_unold(type);
67 error = __acl_get_file(path_p, type, &aclp->ats_acl);
68 if (error) {
69 acl_free(aclp);
70 return (NULL);
71 }
72
73 aclp->ats_acl.acl_maxcnt = ACL_MAX_ENTRIES;
74 _acl_brand_from_type(aclp, type);
75
76 return (aclp);
77 }
78
79 acl_t
acl_get_link_np(const char * path_p,acl_type_t type)80 acl_get_link_np(const char *path_p, acl_type_t type)
81 {
82 acl_t aclp;
83 int error;
84
85 aclp = acl_init(ACL_MAX_ENTRIES);
86 if (aclp == NULL)
87 return (NULL);
88
89 type = _acl_type_unold(type);
90 error = __acl_get_link(path_p, type, &aclp->ats_acl);
91 if (error) {
92 acl_free(aclp);
93 return (NULL);
94 }
95
96 aclp->ats_acl.acl_maxcnt = ACL_MAX_ENTRIES;
97 _acl_brand_from_type(aclp, type);
98
99 return (aclp);
100 }
101
102 acl_t
acl_get_fd(int fd)103 acl_get_fd(int fd)
104 {
105 if (fpathconf(fd, _PC_ACL_NFS4) == 1)
106 return (acl_get_fd_np(fd, ACL_TYPE_NFS4));
107
108 return (acl_get_fd_np(fd, ACL_TYPE_ACCESS));
109 }
110
111 acl_t
acl_get_fd_np(int fd,acl_type_t type)112 acl_get_fd_np(int fd, acl_type_t type)
113 {
114 acl_t aclp;
115 int error;
116
117 aclp = acl_init(ACL_MAX_ENTRIES);
118 if (aclp == NULL)
119 return (NULL);
120
121 type = _acl_type_unold(type);
122 error = ___acl_get_fd(fd, type, &aclp->ats_acl);
123 if (error) {
124 acl_free(aclp);
125 return (NULL);
126 }
127
128 aclp->ats_acl.acl_maxcnt = ACL_MAX_ENTRIES;
129 _acl_brand_from_type(aclp, type);
130
131 return (aclp);
132 }
133
134 /*
135 * acl_get_permset() (23.4.17): return via permset_p a descriptor to
136 * the permission set in the ACL entry entry_d.
137 */
138 int
acl_get_permset(acl_entry_t entry_d,acl_permset_t * permset_p)139 acl_get_permset(acl_entry_t entry_d, acl_permset_t *permset_p)
140 {
141
142 if (entry_d == NULL || permset_p == NULL) {
143 errno = EINVAL;
144 return (-1);
145 }
146
147 *permset_p = &entry_d->ae_perm;
148
149 return (0);
150 }
151
152 /*
153 * acl_get_qualifier() (23.4.18): retrieve the qualifier of the tag
154 * for the ACL entry entry_d.
155 */
156 void *
acl_get_qualifier(acl_entry_t entry_d)157 acl_get_qualifier(acl_entry_t entry_d)
158 {
159 uid_t *retval;
160
161 if (entry_d == NULL) {
162 errno = EINVAL;
163 return (NULL);
164 }
165
166 switch(entry_d->ae_tag) {
167 case ACL_USER:
168 case ACL_GROUP:
169 retval = malloc(sizeof(uid_t));
170 if (retval == NULL)
171 return (NULL);
172 *retval = entry_d->ae_id;
173 return (retval);
174 }
175
176 errno = EINVAL;
177 return (NULL);
178 }
179
180 /*
181 * acl_get_tag_type() (23.4.19): return the tag type for the ACL
182 * entry entry_p.
183 */
184 int
acl_get_tag_type(acl_entry_t entry_d,acl_tag_t * tag_type_p)185 acl_get_tag_type(acl_entry_t entry_d, acl_tag_t *tag_type_p)
186 {
187
188 if (entry_d == NULL || tag_type_p == NULL) {
189 errno = EINVAL;
190 return (-1);
191 }
192
193 *tag_type_p = entry_d->ae_tag;
194
195 return (0);
196 }
197
198 int
acl_get_entry_type_np(acl_entry_t entry_d,acl_entry_type_t * entry_type_p)199 acl_get_entry_type_np(acl_entry_t entry_d, acl_entry_type_t *entry_type_p)
200 {
201
202 if (entry_d == NULL || entry_type_p == NULL) {
203 errno = EINVAL;
204 return (-1);
205 }
206
207 if (!_entry_brand_may_be(entry_d, ACL_BRAND_NFS4)) {
208 errno = EINVAL;
209 return (-1);
210 }
211
212 *entry_type_p = entry_d->ae_entry_type;
213
214 return (0);
215 }
216