diff options
author | rwatson <rwatson@FreeBSD.org> | 1999-12-19 06:08:07 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 1999-12-19 06:08:07 +0000 |
commit | 4b6baecfc724bac12be9de99924e828b1e68046e (patch) | |
tree | ccf64e27cf5f979dcaaf7e55bb2a486df8b3f567 /sys/sys | |
parent | 114c517da1a1c0bab8d9fa884b67102ec0768fa1 (diff) | |
download | FreeBSD-src-4b6baecfc724bac12be9de99924e828b1e68046e.zip FreeBSD-src-4b6baecfc724bac12be9de99924e828b1e68046e.tar.gz |
Second pass commit to introduce new ACL and Extended Attribute system
calls, vnops, vfsops, both in /kern, and to individual file systems that
require a vfsop_ array entry.
Reviewed by: eivind
Diffstat (limited to 'sys/sys')
-rw-r--r-- | sys/sys/acl.h | 169 | ||||
-rw-r--r-- | sys/sys/extattr.h | 57 | ||||
-rw-r--r-- | sys/sys/mount.h | 7 | ||||
-rw-r--r-- | sys/sys/syscall-hide.h | 14 | ||||
-rw-r--r-- | sys/sys/syscall.h | 16 | ||||
-rw-r--r-- | sys/sys/syscall.mk | 16 | ||||
-rw-r--r-- | sys/sys/sysproto.h | 76 | ||||
-rw-r--r-- | sys/sys/vnode.h | 1 |
8 files changed, 350 insertions, 6 deletions
diff --git a/sys/sys/acl.h b/sys/sys/acl.h new file mode 100644 index 0000000..3a13fab --- /dev/null +++ b/sys/sys/acl.h @@ -0,0 +1,169 @@ +/*- + * Copyright (c) 1999 Robert N. M. Watson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ +/* + * Userland/kernel interface for Access Control Lists + * + * This code from the FreeBSD POSIX.1e implementation. Not all of the ACL + * code is committed yet; in order to use the library routines listed + * below, you'll need to download libposix1e_acl from the POSIX.1e + * implementation page, or possibly update to a more recent version of + * FreeBSD, as the code may have been committed. + * + * The POSIX.1e implementation page may be reached at: + * http://www.watson.org/fbsd-hardening/posix1e/ + * + * However, all syscalls will pass through to appropriate VFS vnops, so + * file systems implementing the vnops are accessible through the syscalls. + */ + +#ifndef _SYS_ACL_H +#define _SYS_ACL_H + +/* + * POSIX.1e ACL types + */ + +#define MAX_ACL_ENTRIES 32 /* maximum entries in an ACL */ +#define _POSIX_ACL_PATH_MAX MAX_ACL_ENTRIES + +typedef int acl_type_t; +typedef int acl_tag_t; +typedef mode_t acl_perm_t; + +struct acl_entry { + acl_tag_t ae_tag; + uid_t ae_id; + acl_perm_t ae_perm; +}; +typedef struct acl_entry *acl_entry_t; + +struct acl { + int acl_cnt; + struct acl_entry acl_entry[MAX_ACL_ENTRIES]; +}; +typedef struct acl *acl_t; + +/* + * Possible valid values for a_type of acl_entry_t + */ +#define ACL_USER_OBJ 0x00000001 +#define ACL_USER 0x00000002 +#define ACL_GROUP_OBJ 0x00000004 +#define ACL_GROUP 0x00000008 +#define ACL_MASK 0x00000010 +#define ACL_OTHER 0x00000020 +#define ACL_OTHER_OBJ ACL_OTHER +#define ACL_AFS_ID 0x00000040 + +#define ACL_TYPE_ACCESS 0x00000000 +#define ACL_TYPE_DEFAULT 0x00000001 + +/* + * Possible flags in a_perm field + */ +#define ACL_PERM_EXEC 0x0001 +#define ACL_PERM_WRITE 0x0002 +#define ACL_PERM_READ 0x0004 +#define ACL_PERM_NONE 0x0000 +#define ACL_PERM_BITS (ACL_PERM_EXEC | ACL_PERM_WRITE | ACL_PERM_READ) +#define ACL_POSIX1E_BITS (ACL_PERM_EXEC | ACL_PERM_WRITE | ACL_PERM_READ) + +#ifdef KERNEL +/* + * Storage for ACLs and support structures + */ +#ifdef MALLOC_DECLARE +MALLOC_DECLARE(M_ACL); +#endif + +/* + * Dummy declarations so that we can expose acl_access all over the place + * without worrying about including ucred and friends. vnode.h does the + * same thing. + */ +struct ucred; +struct proc; + +/* + * POSIX.1e and generic kernel/vfs semantics functions--not currently in the + * base distribution, but will be soon. + */ +struct vattr; +struct vop_getacl_args; +struct vop_aclcheck_args; + +int posix1e_acl_access(struct acl *a_acl, int a_mode, struct ucred *a_cred, + struct proc *a_p); +void generic_attr_to_posix1e_acl(struct acl *a_acl, struct vattr *vattr); +int generic_vop_getacl(struct vop_getacl_args *ap); +int generic_vop_aclcheck(struct vop_aclcheck_args *ap); +int posix1e_vop_aclcheck(struct vop_aclcheck_args *ap); + +#else /* KERNEL */ + +/* + * Syscall interface -- use the library calls instead as the syscalls + * have strict acl entry ordering requirements + */ +int acl_syscall_get_file(char *path, acl_type_t type, struct acl *aclp); +int acl_syscall_set_file(char *path, acl_type_t type, struct acl *aclp); +int acl_syscall_get_fd(int filedes, acl_type_t type, struct acl *aclp); +int acl_syscall_set_fd(int filedes, acl_type_t type, struct acl *aclp); +int acl_syscall_delete_file(const char *path_p, acl_type_t type); +int acl_syscall_delete_fd(int filedes, acl_type_t type); +int acl_syscall_aclcheck_file(char *path, acl_type_t type, + struct acl *aclp); +int acl_syscall_aclcheck_fd(int filedes, acl_type_t type, + struct acl *aclp); + +/* + * Supported POSIX.1e ACL manipulation and assignment/retrieval API + * These are currently provided by libposix1e_acl, which is not shipped + * with the base distribution, but will be soon. Some of these are + * from POSIX.1e-extensions. + * + * Not all POSIX.1e ACL functions are listed here yet, but more will + * be soon. + */ +int acl_calc_mask(acl_t *acl_p); +int acl_delete_def_file(const char *path_p); +int acl_delete_def_fd(int filedes); +acl_t acl_from_text(const char *buf_p); +acl_t acl_get_fd(int fd, acl_type_t type); +acl_t acl_get_file(const char *path_p, acl_type_t type); +acl_t acl_init(int count); +int acl_set_fd(int fd, acl_t acl, acl_type_t type); +int acl_set_file(const char *path_p, acl_type_t type, acl_t acl); +char *acl_to_text(acl_t acl, ssize_t *len_p); +int acl_valid(acl_t acl); +int acl_valid_file(const char *path_p, acl_type_t type, acl_t acl); +int acl_valid_fd(int fd, acl_type_t type, acl_t acl); +int acl_free(void *obj_p); + +#endif /* KERNEL */ +#endif /* _SYS_ACL_H */ diff --git a/sys/sys/extattr.h b/sys/sys/extattr.h new file mode 100644 index 0000000..d81be11 --- /dev/null +++ b/sys/sys/extattr.h @@ -0,0 +1,57 @@ +/*- + * Copyright (c) 1999 Robert N. M. Watson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ +/* + * Userland/kernel interface for Extended File System Attributes + * + * This code from the FreeBSD POSIX.1e implementation. While the syscalls + * are fully implemented, invoking the VFS vnops and VFS calls as necessary, + * no file systems shipped with this version of FreeBSD implement these + * calls. Extensions to UFS/FFS to support extended attributes are + * available from the POSIX.1e implementation page, or possibly in a more + * recent version of FreeBSD. + * + * The POSIX.1e implementation page may be reached at: + * http://www.watson.org/fbsd-hardening/posix1e/ + */ + +#ifndef _SYS_EXTATTR_H_ +#define _SYS_EXTATTR_H_ + +#define EXTATTR_MAXNAMELEN NAME_MAX + +#ifndef KERNEL + +int extattrctl(char *path, int cmd, char *attrname, caddr_t arg); +int extattr_set_file(char *path, char *attrname, struct iovec *iovp, + u_int iovcnt); +int extattr_get_file(char *path, char *attrname, struct iovec *iovp, + u_int iovcnt); +int extattr_delete_file(char *path, char *attrname); + +#endif /* KERNEL */ +#endif /* _SYS_EXTATTR_H_ */ diff --git a/sys/sys/mount.h b/sys/sys/mount.h index f0ad319..51743e9 100644 --- a/sys/sys/mount.h +++ b/sys/sys/mount.h @@ -331,6 +331,9 @@ struct vfsops { int (*vfs_vptofh) __P((struct vnode *vp, struct fid *fhp)); int (*vfs_init) __P((struct vfsconf *)); int (*vfs_uninit) __P((struct vfsconf *)); + int (*vfs_extattrctl) __P((struct mount *mp, int cmd, + char *attrname, caddr_t arg, + struct proc *p)); }; #define VFS_MOUNT(MP, PATH, DATA, NDP, P) \ @@ -347,6 +350,8 @@ struct vfsops { #define VFS_VPTOFH(VP, FIDP) (*(VP)->v_mount->mnt_op->vfs_vptofh)(VP, FIDP) #define VFS_CHECKEXP(MP, NAM, EXFLG, CRED) \ (*(MP)->mnt_op->vfs_checkexp)(MP, NAM, EXFLG, CRED) +#define VFS_EXTATTRCTL(MP, C, N, A, P) \ + (*(MP)->mnt_op->vfs_extattrctl)(MP, C, N, A, P) #include <sys/module.h> @@ -439,6 +444,8 @@ int vfs_stdcheckexp __P((struct mount *mp, struct sockaddr *nam, int vfs_stdvptofh __P((struct vnode *vp, struct fid *fhp)); int vfs_stdinit __P((struct vfsconf *)); int vfs_stduninit __P((struct vfsconf *)); +int vfs_stdextattrctl __P((struct mount *mp, int cmd, char *attrname, + caddr_t arg, struct proc *p)); #else /* !KERNEL */ diff --git a/sys/sys/syscall-hide.h b/sys/sys/syscall-hide.h index 1a8b3f6..5c563f4 100644 --- a/sys/sys/syscall-hide.h +++ b/sys/sys/syscall-hide.h @@ -3,7 +3,7 @@ * * DO NOT EDIT-- this file is automatically generated. * $FreeBSD$ - * created from FreeBSD: src/sys/kern/syscalls.master,v 1.67 1999/11/17 21:32:33 brian Exp + * created from FreeBSD: src/sys/kern/syscalls.master,v 1.68 1999/12/19 05:54:46 rwatson Exp */ HIDE_POSIX(fork) @@ -262,3 +262,15 @@ HIDE_POSIX(sigsuspend) HIDE_POSIX(sigaction) HIDE_POSIX(sigpending) HIDE_BSD(sigreturn) +HIDE_BSD(acl_syscall_get_file) +HIDE_BSD(acl_syscall_set_file) +HIDE_BSD(acl_syscall_get_fd) +HIDE_BSD(acl_syscall_set_fd) +HIDE_BSD(acl_syscall_delete_file) +HIDE_BSD(acl_syscall_delete_fd) +HIDE_BSD(acl_syscall_aclcheck_file) +HIDE_BSD(acl_syscall_aclcheck_fd) +HIDE_BSD(extattrctl) +HIDE_BSD(extattr_set_file) +HIDE_BSD(extattr_get_file) +HIDE_BSD(extattr_delete_file) diff --git a/sys/sys/syscall.h b/sys/sys/syscall.h index 5452b90..d438e57 100644 --- a/sys/sys/syscall.h +++ b/sys/sys/syscall.h @@ -3,7 +3,7 @@ * * DO NOT EDIT-- this file is automatically generated. * $FreeBSD$ - * created from FreeBSD: src/sys/kern/syscalls.master,v 1.67 1999/11/17 21:32:33 brian Exp + * created from FreeBSD: src/sys/kern/syscalls.master,v 1.68 1999/12/19 05:54:46 rwatson Exp */ #define SYS_syscall 0 @@ -267,4 +267,16 @@ #define SYS_sigaction 342 #define SYS_sigpending 343 #define SYS_sigreturn 344 -#define SYS_MAXSYSCALL 347 +#define SYS_acl_syscall_get_file 347 +#define SYS_acl_syscall_set_file 348 +#define SYS_acl_syscall_get_fd 349 +#define SYS_acl_syscall_set_fd 350 +#define SYS_acl_syscall_delete_file 351 +#define SYS_acl_syscall_delete_fd 352 +#define SYS_acl_syscall_aclcheck_file 353 +#define SYS_acl_syscall_aclcheck_fd 354 +#define SYS_extattrctl 355 +#define SYS_extattr_set_file 356 +#define SYS_extattr_get_file 357 +#define SYS_extattr_delete_file 358 +#define SYS_MAXSYSCALL 359 diff --git a/sys/sys/syscall.mk b/sys/sys/syscall.mk index 2e0c760..08c9f4c 100644 --- a/sys/sys/syscall.mk +++ b/sys/sys/syscall.mk @@ -1,7 +1,7 @@ # FreeBSD system call names. # DO NOT EDIT-- this file is automatically generated. # $FreeBSD$ -# created from FreeBSD: src/sys/kern/syscalls.master,v 1.67 1999/11/17 21:32:33 brian Exp +# created from FreeBSD: src/sys/kern/syscalls.master,v 1.68 1999/12/19 05:54:46 rwatson Exp MIASM = \ syscall.o \ exit.o \ @@ -217,4 +217,16 @@ MIASM = \ sigsuspend.o \ sigaction.o \ sigpending.o \ - sigreturn.o + sigreturn.o \ + acl_syscall_get_file.o \ + acl_syscall_set_file.o \ + acl_syscall_get_fd.o \ + acl_syscall_set_fd.o \ + acl_syscall_delete_file.o \ + acl_syscall_delete_fd.o \ + acl_syscall_aclcheck_file.o \ + acl_syscall_aclcheck_fd.o \ + extattrctl.o \ + extattr_set_file.o \ + extattr_get_file.o \ + extattr_delete_file.o diff --git a/sys/sys/sysproto.h b/sys/sys/sysproto.h index dba7ab0..0689a9a 100644 --- a/sys/sys/sysproto.h +++ b/sys/sys/sysproto.h @@ -3,7 +3,7 @@ * * DO NOT EDIT-- this file is automatically generated. * $FreeBSD$ - * created from FreeBSD: src/sys/kern/syscalls.master,v 1.67 1999/11/17 21:32:33 brian Exp + * created from FreeBSD: src/sys/kern/syscalls.master,v 1.68 1999/12/19 05:54:46 rwatson Exp */ #ifndef _SYS_SYSPROTO_H_ @@ -11,6 +11,8 @@ #include <sys/signal.h> +#include <sys/acl.h> + struct proc; #define PAD_(t) (sizeof(register_t) <= sizeof(t) ? \ @@ -927,6 +929,66 @@ struct sigpending_args { struct sigreturn_args { ucontext_t * sigcntxp; char sigcntxp_[PAD_(ucontext_t *)]; }; +struct acl_syscall_get_file_args { + char * path; char path_[PAD_(char *)]; + acl_type_t type; char type_[PAD_(acl_type_t)]; + struct acl * aclp; char aclp_[PAD_(struct acl *)]; +}; +struct acl_syscall_set_file_args { + char * path; char path_[PAD_(char *)]; + acl_type_t type; char type_[PAD_(acl_type_t)]; + struct acl * aclp; char aclp_[PAD_(struct acl *)]; +}; +struct acl_syscall_get_fd_args { + int filedes; char filedes_[PAD_(int)]; + acl_type_t type; char type_[PAD_(acl_type_t)]; + struct acl * aclp; char aclp_[PAD_(struct acl *)]; +}; +struct acl_syscall_set_fd_args { + int filedes; char filedes_[PAD_(int)]; + acl_type_t type; char type_[PAD_(acl_type_t)]; + struct acl * aclp; char aclp_[PAD_(struct acl *)]; +}; +struct acl_syscall_delete_file_args { + char * path; char path_[PAD_(char *)]; + acl_type_t type; char type_[PAD_(acl_type_t)]; +}; +struct acl_syscall_delete_fd_args { + int filedes; char filedes_[PAD_(int)]; + acl_type_t type; char type_[PAD_(acl_type_t)]; +}; +struct acl_syscall_aclcheck_file_args { + char * path; char path_[PAD_(char *)]; + acl_type_t type; char type_[PAD_(acl_type_t)]; + struct acl * aclp; char aclp_[PAD_(struct acl *)]; +}; +struct acl_syscall_aclcheck_fd_args { + int filedes; char filedes_[PAD_(int)]; + acl_type_t type; char type_[PAD_(acl_type_t)]; + struct acl * aclp; char aclp_[PAD_(struct acl *)]; +}; +struct extattrctl_args { + char * path; char path_[PAD_(char *)]; + int cmd; char cmd_[PAD_(int)]; + char * attrname; char attrname_[PAD_(char *)]; + caddr_t arg; char arg_[PAD_(caddr_t)]; +}; +struct extattr_set_file_args { + char * path; char path_[PAD_(char *)]; + char * attrname; char attrname_[PAD_(char *)]; + struct iovec * iovp; char iovp_[PAD_(struct iovec *)]; + u_int iovcnt; char iovcnt_[PAD_(u_int)]; +}; +struct extattr_get_file_args { + char * path; char path_[PAD_(char *)]; + char * attrname; char attrname_[PAD_(char *)]; + struct iovec * iovp; char iovp_[PAD_(struct iovec *)]; + u_int iovcnt; char iovcnt_[PAD_(u_int)]; +}; +struct extattr_delete_file_args { + char * path; char path_[PAD_(char *)]; + char * attrname; char attrname_[PAD_(char *)]; +}; int nosys __P((struct proc *, struct nosys_args *)); void exit __P((struct proc *, struct rexit_args *)) __dead2; int fork __P((struct proc *, struct fork_args *)); @@ -1140,6 +1202,18 @@ int sigsuspend __P((struct proc *, struct sigsuspend_args *)); int sigaction __P((struct proc *, struct sigaction_args *)); int sigpending __P((struct proc *, struct sigpending_args *)); int sigreturn __P((struct proc *, struct sigreturn_args *)); +int acl_syscall_get_file __P((struct proc *, struct acl_syscall_get_file_args *)); +int acl_syscall_set_file __P((struct proc *, struct acl_syscall_set_file_args *)); +int acl_syscall_get_fd __P((struct proc *, struct acl_syscall_get_fd_args *)); +int acl_syscall_set_fd __P((struct proc *, struct acl_syscall_set_fd_args *)); +int acl_syscall_delete_file __P((struct proc *, struct acl_syscall_delete_file_args *)); +int acl_syscall_delete_fd __P((struct proc *, struct acl_syscall_delete_fd_args *)); +int acl_syscall_aclcheck_file __P((struct proc *, struct acl_syscall_aclcheck_file_args *)); +int acl_syscall_aclcheck_fd __P((struct proc *, struct acl_syscall_aclcheck_fd_args *)); +int extattrctl __P((struct proc *, struct extattrctl_args *)); +int extattr_set_file __P((struct proc *, struct extattr_set_file_args *)); +int extattr_get_file __P((struct proc *, struct extattr_get_file_args *)); +int extattr_delete_file __P((struct proc *, struct extattr_delete_file_args *)); #ifdef COMPAT_43 diff --git a/sys/sys/vnode.h b/sys/sys/vnode.h index 8046fb8..afb6bfc 100644 --- a/sys/sys/vnode.h +++ b/sys/sys/vnode.h @@ -40,6 +40,7 @@ #include <sys/queue.h> #include <sys/select.h> #include <sys/uio.h> +#include <sys/acl.h> #include <machine/lock.h> |