xref: /freebsd/lib/libc/posix1e/acl_branding.c (revision 6be3386466ab79a84b48429ae66244f21526d3df)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2008, 2009 Edward Tomasz Napierała <trasz@FreeBSD.org>
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25  * SUCH DAMAGE.
26  */
27 
28 #include <sys/cdefs.h>
29 __FBSDID("$FreeBSD$");
30 
31 #include <assert.h>
32 #include <errno.h>
33 #include <sys/acl.h>
34 
35 #include "acl_support.h"
36 
37 /*
38  * An ugly detail of the implementation - fortunately not visible
39  * to the API users - is the "branding": libc needs to keep track
40  * of what "brand" ACL is: NFSv4, POSIX.1e or unknown.  It happens
41  * automatically - for example, during acl_get_file(3) ACL gets
42  * branded according to the "type" argument; during acl_set_permset
43  * ACL, if its brand is unknown it gets branded as NFSv4 if any of the
44  * NFSv4 permissions that are not valid for POSIX.1e ACL are set etc.
45  * Branding information is used for printing out the ACL (acl_to_text(3)),
46  * veryfying acl_set_whatever arguments (checking against setting
47  * bits that are valid only for NFSv4 in ACL branded as POSIX.1e) etc.
48  */
49 
50 static acl_t
51 entry2acl(acl_entry_t entry)
52 {
53 	acl_t aclp;
54 
55 	aclp = (acl_t)(((long)entry >> _ACL_T_ALIGNMENT_BITS) << _ACL_T_ALIGNMENT_BITS);
56 
57 	return (aclp);
58 }
59 
60 /*
61  * Return brand of an ACL.
62  */
63 int
64 _acl_brand(const acl_t acl)
65 {
66 
67 	return (acl->ats_brand);
68 }
69 
70 int
71 _entry_brand(const acl_entry_t entry)
72 {
73 
74 	return (_acl_brand(entry2acl(entry)));
75 }
76 
77 /*
78  * Return 1, iff branding ACL as "brand" is ok.
79  */
80 int
81 _acl_brand_may_be(const acl_t acl, int brand)
82 {
83 
84 	if (_acl_brand(acl) == ACL_BRAND_UNKNOWN)
85 		return (1);
86 
87 	if (_acl_brand(acl) == brand)
88 		return (1);
89 
90 	return (0);
91 }
92 
93 int
94 _entry_brand_may_be(const acl_entry_t entry, int brand)
95 {
96 
97 	return (_acl_brand_may_be(entry2acl(entry), brand));
98 }
99 
100 /*
101  * Brand ACL as "brand".
102  */
103 void
104 _acl_brand_as(acl_t acl, int brand)
105 {
106 
107 	assert(_acl_brand_may_be(acl, brand));
108 
109 	acl->ats_brand = brand;
110 }
111 
112 void
113 _entry_brand_as(const acl_entry_t entry, int brand)
114 {
115 
116 	_acl_brand_as(entry2acl(entry), brand);
117 }
118 
119 int
120 _acl_type_not_valid_for_acl(const acl_t acl, acl_type_t type)
121 {
122 
123 	switch (_acl_brand(acl)) {
124 	case ACL_BRAND_NFS4:
125 		if (type == ACL_TYPE_NFS4)
126 			return (0);
127 		break;
128 
129 	case ACL_BRAND_POSIX:
130 		if (type == ACL_TYPE_ACCESS || type == ACL_TYPE_DEFAULT)
131 			return (0);
132 		break;
133 
134 	case ACL_BRAND_UNKNOWN:
135 		return (0);
136 	}
137 
138 	return (-1);
139 }
140 
141 void
142 _acl_brand_from_type(acl_t acl, acl_type_t type)
143 {
144 
145 	switch (type) {
146 	case ACL_TYPE_NFS4:
147 		_acl_brand_as(acl, ACL_BRAND_NFS4);
148 		break;
149 	case ACL_TYPE_ACCESS:
150 	case ACL_TYPE_DEFAULT:
151 		_acl_brand_as(acl, ACL_BRAND_POSIX);
152 		break;
153 	default:
154 		/* XXX: What to do here? */
155 		break;
156 	}
157 }
158 
159 int
160 acl_get_brand_np(acl_t acl, int *brand_p)
161 {
162 
163 	if (acl == NULL || brand_p == NULL) {
164 		errno = EINVAL;
165 		return (-1);
166 	}
167 	*brand_p = _acl_brand(acl);
168 
169 	return (0);
170 }
171