1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 1992,1997-2003 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #ifndef _SYS_FS_UFS_ACL_H 28 #define _SYS_FS_UFS_ACL_H 29 30 #pragma ident "%Z%%M% %I% %E% SMI" 31 32 #include <sys/types.h> 33 #include <sys/cred.h> 34 #include <sys/vfs.h> 35 #include <sys/acl.h> 36 #include <sys/fs/ufs_fs.h> 37 38 #ifdef __cplusplus 39 extern "C" { 40 #endif 41 42 /* 43 * On-disk UFS ACL structure 44 */ 45 46 typedef struct ufs_acl { 47 union { 48 uint32_t acl_next; /* Pad for old structure */ 49 ushort_t acl_tag; /* Entry type */ 50 } acl_un; 51 o_mode_t acl_perm; /* Permission bits */ 52 uid_t acl_who; /* User or group ID */ 53 } ufs_acl_t; 54 55 #define acl_tag acl_un.acl_tag 56 #define acl_next acl_un.acl_next 57 58 /* 59 * In-core UFS ACL structure 60 */ 61 62 typedef struct ufs_ic_acl { 63 struct ufs_ic_acl *acl_ic_next; /* Next ACL for this inode */ 64 o_mode_t acl_ic_perm; /* Permission bits */ 65 uid_t acl_ic_who; /* User or group ID */ 66 } ufs_ic_acl_t; 67 68 /* 69 * In-core ACL mask 70 */ 71 typedef struct ufs_aclmask { 72 short acl_ismask; /* Is mask defined? */ 73 o_mode_t acl_maskbits; /* Permission mask */ 74 } ufs_aclmask_t; 75 76 /* 77 * full acl 78 */ 79 typedef struct ic_acl { 80 ufs_ic_acl_t *owner; /* owner object */ 81 ufs_ic_acl_t *group; /* group object */ 82 ufs_ic_acl_t *other; /* other object */ 83 ufs_ic_acl_t *users; /* list of users */ 84 ufs_ic_acl_t *groups; /* list of groups */ 85 ufs_aclmask_t mask; /* mask */ 86 } ic_acl_t; 87 88 /* 89 * In-core shadow inode 90 */ 91 typedef struct si { 92 struct si *s_next; /* signature hash next */ 93 struct si *s_forw; /* inode hash next */ 94 struct si *s_fore; /* unref'd list next */ 95 96 int s_flags; /* see below */ 97 ino_t s_shadow; /* shadow inode number */ 98 dev_t s_dev; /* device (major,minor) */ 99 int s_signature; /* signature for all ACLs */ 100 int s_use; /* on disk use count */ 101 int s_ref; /* in core reference count */ 102 krwlock_t s_lock; /* lock for this structure */ 103 104 ic_acl_t s_a; /* acls */ 105 ic_acl_t s_d; /* def acls */ 106 } si_t; 107 108 #define aowner s_a.owner 109 #define agroup s_a.group 110 #define aother s_a.other 111 #define ausers s_a.users 112 #define agroups s_a.groups 113 #define aclass s_a.mask 114 115 #define downer s_d.owner 116 #define dgroup s_d.group 117 #define dother s_d.other 118 #define dusers s_d.users 119 #define dgroups s_d.groups 120 #define dclass s_d.mask 121 122 #define s_prev s_forw 123 124 /* 125 * s_flags 126 */ 127 #define SI_CACHED 0x0001 /* Is in si_cache */ 128 129 /* 130 * Header to identify data on disk 131 */ 132 typedef struct ufs_fsd { 133 int fsd_type; /* type of data */ 134 int fsd_size; /* size in bytes of ufs_fsd and data */ 135 char fsd_data[1]; /* data */ 136 } ufs_fsd_t; 137 138 /* 139 * Data types (fsd_type) 140 */ 141 #define FSD_FREE (0) /* Free entry */ 142 #define FSD_ACL (1) /* Access Control Lists */ 143 #define FSD_DFACL (2) /* reserved for future use */ 144 #define FSD_RESERVED3 (3) /* reserved for future use */ 145 #define FSD_RESERVED4 (4) /* reserved for future use */ 146 #define FSD_RESERVED5 (5) /* reserved for future use */ 147 #define FSD_RESERVED6 (6) /* reserved for future use */ 148 #define FSD_RESERVED7 (7) /* reserved for future use */ 149 150 /* 151 * FSD manipulation macros 152 * The FSD macros are aligned on integer boundary even if the preceeding 153 * record had a byte aligned length. So the record length is always 154 * integer length. All increments of the data pointers must use the 155 * FSD_RECSZ macro. 156 */ 157 #define FSD_TPSZ(fsdp) (sizeof (fsdp->fsd_type)) 158 #define FSD_TPMSK(fsdp) (FSD_TPSZ(fsdp) - 1) 159 #define FSD_RECSZ(fsdp, size) ((size + FSD_TPMSK(fsdp)) & ~FSD_TPMSK(fsdp)) 160 /* 161 * flags for acl_validate 162 */ 163 #define ACL_CHECK 0x01 164 #define DEF_ACL_CHECK 0x02 165 166 #define MODE_CHECK(O, M, PERM, C, I) ((((M) & (PERM)) == (M)) ? 0 : \ 167 secpolicy_vnode_access(C, ITOV(I), O, (M) & ~(PERM))) 168 169 /* 170 * Check that the file type is one that accepts ACLs 171 */ 172 #define CHECK_ACL_ALLOWED(MODE) (((MODE) == IFDIR) || ((MODE) == IFREG) || \ 173 ((MODE) == IFIFO) || ((MODE) == IFCHR) || \ 174 ((MODE) == IFBLK) || ((MODE) == IFATTRDIR)) 175 176 #define MODE2ACL(P, MODE, CRED) \ 177 ASSERT((P)); \ 178 (P)->acl_ic_next = NULL; \ 179 (P)->acl_ic_perm &= ((MODE) & 7); \ 180 (P)->acl_ic_who = (CRED); 181 182 #define ACL_MOVE(P, T, B) \ 183 { \ 184 ufs_ic_acl_t *acl; \ 185 for (acl = (P); acl; acl = acl->acl_ic_next) { \ 186 (B)->acl_tag = (T); \ 187 (B)->acl_perm = acl->acl_ic_perm; \ 188 (B)->acl_who = acl->acl_ic_who; \ 189 (B)++; \ 190 } \ 191 } 192 193 #ifdef __cplusplus 194 } 195 #endif 196 197 #endif /* _SYS_FS_UFS_ACL_H */ 198