xref: /freebsd/lib/libc/posix1e/acl_calc_mask.c (revision 1e413cf93298b5b97441a21d9a50fdcd0ee9945e)
1 /*
2  * Copyright (c) 2001-2002 Chris D. Faulhaber
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR THE VOICES IN HIS HEAD BE
18  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
19  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
20  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
21  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
22  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
23  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
24  * POSSIBILITY OF SUCH DAMAGE.
25  */
26 
27 #include <sys/cdefs.h>
28 __FBSDID("$FreeBSD$");
29 
30 #include <sys/types.h>
31 #include "namespace.h"
32 #include <sys/acl.h>
33 #include "un-namespace.h"
34 
35 #include <errno.h>
36 #include <stdio.h>
37 
38 /*
39  * acl_calc_mask() (23.4.2): calculate and set the permissions
40  * associated with the ACL_MASK ACL entry.  If the ACL already
41  * contains an ACL_MASK entry, its permissions shall be
42  * overwritten; if not, one shall be added.
43  */
44 int
45 acl_calc_mask(acl_t *acl_p)
46 {
47 	struct acl	*acl_int, *acl_int_new;
48 	acl_t		acl_new;
49 	int		i, mask_mode, mask_num;
50 
51 	/*
52 	 * (23.4.2.4) requires acl_p to point to a pointer to a valid ACL.
53 	 * Since one of the primary reasons to use this function would be
54 	 * to calculate the appropriate mask to obtain a valid ACL, we only
55 	 * perform sanity checks here and validate the ACL prior to
56 	 * returning.
57 	 */
58 	if (acl_p == NULL || *acl_p == NULL) {
59 		errno = EINVAL;
60 		return (-1);
61 	}
62 	acl_int = &(*acl_p)->ats_acl;
63 	if ((acl_int->acl_cnt < 3) || (acl_int->acl_cnt > ACL_MAX_ENTRIES)) {
64 		errno = EINVAL;
65 		return (-1);
66 	}
67 
68 	acl_new = acl_dup(*acl_p);
69 	if (acl_new == NULL)
70 		return (-1);
71 	acl_int_new = &acl_new->ats_acl;
72 
73 	mask_mode = 0;
74 	mask_num = -1;
75 
76 	/* gather permissions and find a mask entry */
77 	for (i = 0; i < acl_int_new->acl_cnt; i++) {
78 		switch(acl_int_new->acl_entry[i].ae_tag) {
79 		case ACL_USER:
80 		case ACL_GROUP:
81 		case ACL_GROUP_OBJ:
82 			mask_mode |=
83 			    acl_int_new->acl_entry[i].ae_perm & ACL_PERM_BITS;
84 			break;
85 		case ACL_MASK:
86 			mask_num = i;
87 			break;
88 		}
89 	}
90 
91 	/* if a mask entry already exists, overwrite the perms */
92 	if (mask_num != -1)
93 		acl_int_new->acl_entry[mask_num].ae_perm = mask_mode;
94 	else {
95 		/* if no mask exists, check acl_cnt... */
96 		if (acl_int_new->acl_cnt == ACL_MAX_ENTRIES) {
97 			errno = ENOMEM;
98 			return (-1);
99 		}
100 		/* ...and add the mask entry */
101 		acl_int_new->acl_entry[acl_int_new->acl_cnt].ae_tag = ACL_MASK;
102 		acl_int_new->acl_entry[acl_int_new->acl_cnt].ae_id =
103 		    ACL_UNDEFINED_ID;
104 		acl_int_new->acl_entry[acl_int_new->acl_cnt].ae_perm =
105 		    mask_mode;
106 		acl_int_new->acl_cnt++;
107 	}
108 
109 	if (acl_valid(acl_new) == -1) {
110 		errno = EINVAL;
111 		acl_free(acl_new);
112 		return (-1);
113 	}
114 
115 	**acl_p = *acl_new;
116 	acl_free(acl_new);
117 
118 	return (0);
119 }
120