git: d81d5b2f2c9c - main - libc/posix1e: Add acl_equiv_mode_np() function.
Gleb Popov
arrowd at FreeBSD.org
Fri Aug 27 08:52:45 UTC 2021
The branch main has been updated by arrowd (ports committer):
URL: https://cgit.FreeBSD.org/src/commit/?id=d81d5b2f2c9cda96ad960aac3313b89b2769323e
commit d81d5b2f2c9cda96ad960aac3313b89b2769323e
Author: Gleb Popov <arrowd at FreeBSD.org>
AuthorDate: 2021-01-19 18:05:57 +0000
Commit: Gleb Popov <arrowd at FreeBSD.org>
CommitDate: 2021-08-27 08:52:15 +0000
libc/posix1e: Add acl_equiv_mode_np() function.
Reviewed by: kib, debdrup, gbe
Approved by: kib
Differential Revision: https://reviews.freebsd.org/D28255
---
lib/libc/posix1e/Makefile.inc | 2 +
lib/libc/posix1e/Symbol.map | 1 +
lib/libc/posix1e/acl_equiv_mode_np.3 | 95 ++++++++++++++++++++++++++++++++
lib/libc/posix1e/acl_equiv_mode_np.c | 101 +++++++++++++++++++++++++++++++++++
sys/sys/acl.h | 1 +
5 files changed, 200 insertions(+)
diff --git a/lib/libc/posix1e/Makefile.inc b/lib/libc/posix1e/Makefile.inc
index de3fa17ab3c9..181e43026a6d 100644
--- a/lib/libc/posix1e/Makefile.inc
+++ b/lib/libc/posix1e/Makefile.inc
@@ -17,6 +17,7 @@ SRCS+= acl_branding.c \
acl_delete.c \
acl_delete_entry.c \
acl_entry.c \
+ acl_equiv_mode_np.c \
acl_flag.c \
acl_free.c \
acl_from_mode_np.c \
@@ -56,6 +57,7 @@ MAN+= acl.3 \
acl_delete_flag_np.3 \
acl_delete_perm.3 \
acl_dup.3 \
+ acl_equiv_mode_np.3 \
acl_free.3 \
acl_from_mode_np.3 \
acl_from_text.3 \
diff --git a/lib/libc/posix1e/Symbol.map b/lib/libc/posix1e/Symbol.map
index a83d69e9a887..40098d42d13d 100644
--- a/lib/libc/posix1e/Symbol.map
+++ b/lib/libc/posix1e/Symbol.map
@@ -87,5 +87,6 @@ FBSD_1.1 {
FBSD_1.7 {
acl_cmp_np;
+ acl_equiv_mode_np;
acl_from_mode_np;
};
diff --git a/lib/libc/posix1e/acl_equiv_mode_np.3 b/lib/libc/posix1e/acl_equiv_mode_np.3
new file mode 100644
index 000000000000..33281e349fba
--- /dev/null
+++ b/lib/libc/posix1e/acl_equiv_mode_np.3
@@ -0,0 +1,95 @@
+.\"-
+.\" Copyright (c) 2021 Gleb Popov
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.Dd January 20, 2021
+.Dt ACL_EQUIV_MODE_NP 3
+.Os
+.Sh NAME
+.Nm acl_equiv_mode_np
+.Nd check if ACL can be represented as UNIX permissions
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.In sys/types.h
+.In sys/acl.h
+.Ft int
+.Fn acl_equiv_mode_np "acl_t acl" "mode_t* mode_p"
+.Sh DESCRIPTION
+The
+.Fn acl_equiv_mode_np
+function is a non-portable call which checks that entries contained in the
+.Va acl
+argument use only the ACL_USER_OBJ, ACL_GROUP_OBJ, and ACL_OTHER tag types, and that
+permissions contained in these entries consist only of ACL_READ, ACL_WRITE and
+ACL_EXECUTE.
+If the check succeeds, the ACL can be represented as traditional UNIX
+file permissions bits set.
+.Pp
+If
+.Va mode_p
+is not NULL and the check succeeds, the function fills the argument with a mode
+value corresponding to permissions contained in the ACL.
+.Sh RETURN VALUES
+Upon successful completion, the function returns 0 if the ACL can be represented
+as UNIX permissions and 1 if it is not possible.
+Otherwise, a value
+of
+.Va -1
+is returned, and
+.Va errno
+is set to indicate the error.
+.Sh ERRORS
+If any of the following conditions occur, the
+.Fn acl_equiv_mode_np
+function returns a value of
+.Va -1
+and set
+.Va errno
+to the corresponding value:
+.Bl -tag -width Er
+.It Bq Er EINVAL
+Argument
+.Fa acl
+does not point to a valid ACL.
+.El
+.Sh SEE ALSO
+.Xr acl 3 ,
+.Xr acl_from_mode_np 3 ,
+.Xr posix1e 3
+.Sh STANDARDS
+POSIX.1e is described in IEEE POSIX.1e draft 17.
+Discussion
+of the draft continues on the cross-platform POSIX.1e implementation
+mailing list.
+To join this list, see the
+.Fx
+POSIX.1e implementation
+page for more information.
+.Sh HISTORY
+POSIX.1e support was introduced in
+.Fx 4.0 ,
+and development continues.
+.Sh AUTHORS
+.An Gleb Popov
diff --git a/lib/libc/posix1e/acl_equiv_mode_np.c b/lib/libc/posix1e/acl_equiv_mode_np.c
new file mode 100644
index 000000000000..a6dfb03bfc46
--- /dev/null
+++ b/lib/libc/posix1e/acl_equiv_mode_np.c
@@ -0,0 +1,101 @@
+/*-
+ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
+ *
+ * Copyright (c) 2021 Gleb Popov
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+/*
+ * acl_equiv_mode_np: Check if an ACL can be represented as a mode_t.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/errno.h>
+#include <sys/stat.h>
+#include <sys/acl.h>
+
+#include "acl_support.h"
+
+int
+acl_equiv_mode_np(acl_t acl, mode_t *mode_p)
+{
+ mode_t ret_mode = 0;
+
+ if (acl == NULL) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ /* Linux returns 0 for ACL returned by acl_init() */
+ if (_acl_brand(acl) == ACL_BRAND_UNKNOWN && acl->ats_acl.acl_cnt == 0)
+ return (0);
+
+ // TODO: Do we want to handle ACL_BRAND_NFS4 in this function? */
+ if (_acl_brand(acl) != ACL_BRAND_POSIX)
+ return (1);
+
+ for (int cur_entry = 0; cur_entry < acl->ats_acl.acl_cnt; cur_entry++) {
+ acl_entry_t entry = &acl->ats_acl.acl_entry[cur_entry];
+
+ if ((entry->ae_perm & ACL_PERM_BITS) != entry->ae_perm)
+ return (1);
+
+ switch (entry->ae_tag) {
+ case ACL_USER_OBJ:
+ if (entry->ae_perm & ACL_READ)
+ ret_mode |= S_IRUSR;
+ if (entry->ae_perm & ACL_WRITE)
+ ret_mode |= S_IWUSR;
+ if (entry->ae_perm & ACL_EXECUTE)
+ ret_mode |= S_IXUSR;
+ break;
+ case ACL_GROUP_OBJ:
+ if (entry->ae_perm & ACL_READ)
+ ret_mode |= S_IRGRP;
+ if (entry->ae_perm & ACL_WRITE)
+ ret_mode |= S_IWGRP;
+ if (entry->ae_perm & ACL_EXECUTE)
+ ret_mode |= S_IXGRP;
+ break;
+ case ACL_OTHER:
+ if (entry->ae_perm & ACL_READ)
+ ret_mode |= S_IROTH;
+ if (entry->ae_perm & ACL_WRITE)
+ ret_mode |= S_IWOTH;
+ if (entry->ae_perm & ACL_EXECUTE)
+ ret_mode |= S_IXOTH;
+ break;
+ default:
+ return (1);
+ }
+ }
+
+ if (mode_p != NULL)
+ *mode_p = ret_mode;
+
+ return (0);
+}
diff --git a/sys/sys/acl.h b/sys/sys/acl.h
index bbf0987a75e4..7c81570739c6 100644
--- a/sys/sys/acl.h
+++ b/sys/sys/acl.h
@@ -379,6 +379,7 @@ int acl_delete_def_link_np(const char *_path_p);
int acl_delete_flag_np(acl_flagset_t _flagset_d, acl_flag_t _flag);
int acl_delete_perm(acl_permset_t _permset_d, acl_perm_t _perm);
acl_t acl_dup(acl_t _acl);
+int acl_equiv_mode_np(acl_t acl, mode_t *mode_p);
int acl_free(void *_obj_p);
acl_t acl_from_mode_np(const mode_t mode);
acl_t acl_from_text(const char *_buf_p);
More information about the dev-commits-src-main
mailing list