[apple/libc.git] / posix1e / aclvar.h

/*
 * Copyright (c) 2004 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * The contents of this file constitute Original Code as defined in and
 * are subject to the Apple Public Source License Version 1.1 (the
 * "License").  You may not use this file except in compliance with the
 * License.  Please obtain a copy of the License at
 * http://www.apple.com/publicsource and read it before using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
 * License for the specific language governing rights and limitations
 * under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

#ifndef _ACLVAR_H
#define _ACLVAR_H

#include <sys/kauth.h>

#define _ACL_HEADER_SIZE	sizeof(struct kauth_filesec)
#define _ACL_ENTRY_SIZE		sizeof(struct kauth_ace)

/*
 * Internal access control list entry representation.
 */
struct _acl_entry {
	u_int32_t	ae_magic;
#define _ACL_ENTRY_MAGIC	0xac1ac101
	u_int32_t	ae_tag;
	guid_t		ae_applicable;
	u_int32_t	ae_flags;
	u_int32_t	ae_perms;
};

/*
 * Internal representation of an ACL.
 * XXX static allocation is wasteful. 
 */
struct _acl {
	u_int32_t	a_magic;
#define _ACL_ACL_MAGIC		0xac1ac102
	unsigned	a_entries;
	int		a_last_get;
	u_int32_t	a_flags;
	struct _acl_entry a_ace[ACL_MAX_ENTRIES];
};

/*
 * ACL/entry flags.
 */
struct _acl_flagset {
	u_int32_t	af_flags;
};

/*
 * ACL entry permissions.
 */
struct _acl_permset {
	u_int32_t	ap_perms;
};

/*
 * Argument validation.
 */

#define _ACL_VALID_ENTRY(_e)	((_e)->ae_magic == _ACL_ENTRY_MAGIC)

#define _ACL_VALID_ACL(_a)	((_a)->a_magic == _ACL_ACL_MAGIC)

#define _ACL_ENTRY_CONTAINED(_a, _e) \
	((_e) >= &(_a)->a_ace[0]) && ((_e) < &(_a)->a_ace[ACL_MAX_ENTRIES])

#define _ACL_VALID_FLAG(_f) (((_f) & _ACL_FLAGS_MASK) == (_f))

#define _ACL_VALID_ENTRY_FLAG(_f) (((_f) & _ACL_ENTRY_FLAGS_MASK) == (_f))

#define _ACL_PERMS_MASK	(ACL_READ_DATA |					\
			ACL_LIST_DIRECTORY |				\
			ACL_WRITE_DATA |				\
			ACL_ADD_FILE |					\
			ACL_EXECUTE |					\
			ACL_SEARCH |					\
			ACL_DELETE |					\
			ACL_APPEND_DATA |				\
			ACL_ADD_SUBDIRECTORY |				\
			ACL_DELETE_CHILD |				\
			ACL_READ_ATTRIBUTES |				\
			ACL_WRITE_ATTRIBUTES |				\
			ACL_READ_EXTATTRIBUTES |			\
			ACL_WRITE_EXTATTRIBUTES |			\
			ACL_READ_SECURITY |				\
			ACL_WRITE_SECURITY |				\
			ACL_CHANGE_OWNER)

#define _ACL_VALID_PERM(_f)	(((_f) & ~_ACL_PERMS_MASK) == 0)

#define _ACL_VALIDATE_ACL(_a)						\
do {									\
	if (!_ACL_VALID_ACL((_a))) {					\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)

#define _ACL_VALIDATE_ENTRY(_e)						\
do {									\
	if (!_ACL_VALID_ENTRY((_e))) {					\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)

#define _ACL_VALIDATE_ENTRY_CONTAINED(_a, _e)				\
do {									\
	if (!_ACL_ENTRY_CONTAINED((_a), (_e))) {			\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)
	
#define _ACL_VALIDATE_FLAG(_f)						\
do {									\
	if (!_ACL_VALID_FLAG((_f))) {					\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)

#define _ACL_VALIDATE_ENTRY_FLAG(_f)					\
do {									\
	if (!_ACL_VALID_ENTRY_FLAG((_f))) {				\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)

#define _ACL_VALIDATE_PERM(_f)						\
do {									\
	if (!_ACL_VALID_PERM((_f))) {					\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)

#endif /* _ACLVAR_H */
Commit	Line	Data
3d9156a7 A	1	/*
	2	* Copyright (c) 2004 Apple Computer, Inc. All rights reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* The contents of this file constitute Original Code as defined in and
	7	* are subject to the Apple Public Source License Version 1.1 (the
	8	* "License"). You may not use this file except in compliance with the
	9	* License. Please obtain a copy of the License at
	10	* http://www.apple.com/publicsource and read it before using this file.
	11	*
	12	* This Original Code and all software distributed under the License are
	13	* distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	14	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	15	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	16	* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
	17	* License for the specific language governing rights and limitations
	18	* under the License.
	19	*
	20	* @APPLE_LICENSE_HEADER_END@
	21	*/
	22
	23	#ifndef _ACLVAR_H
	24	#define _ACLVAR_H
	25
	26	#include <sys/kauth.h>
	27
	28	#define _ACL_HEADER_SIZE sizeof(struct kauth_filesec)
	29	#define _ACL_ENTRY_SIZE sizeof(struct kauth_ace)
	30
	31	/*
	32	* Internal access control list entry representation.
	33	*/
	34	struct _acl_entry {
	35	u_int32_t ae_magic;
	36	#define _ACL_ENTRY_MAGIC 0xac1ac101
	37	u_int32_t ae_tag;
	38	guid_t ae_applicable;
	39	u_int32_t ae_flags;
	40	u_int32_t ae_perms;
	41	};
	42
	43	/*
	44	* Internal representation of an ACL.
	45	* XXX static allocation is wasteful.
	46	*/
	47	struct _acl {
	48	u_int32_t a_magic;
	49	#define _ACL_ACL_MAGIC 0xac1ac102
	50	unsigned a_entries;
	51	int a_last_get;
	52	u_int32_t a_flags;
	53	struct _acl_entry a_ace[ACL_MAX_ENTRIES];
	54	};
	55
	56	/*
	57	* ACL/entry flags.
	58	*/
	59	struct _acl_flagset {
	60	u_int32_t af_flags;
	61	};
	62
	63	/*
	64	* ACL entry permissions.
65	*/
66	struct _acl_permset {
67	u_int32_t ap_perms;
68	};
69
70	/*
71	* Argument validation.
72	*/
73
74	#define _ACL_VALID_ENTRY(_e) ((_e)->ae_magic == _ACL_ENTRY_MAGIC)
75
76	#define _ACL_VALID_ACL(_a) ((_a)->a_magic == _ACL_ACL_MAGIC)
77
78	#define _ACL_ENTRY_CONTAINED(_a, _e) \
79	((_e) >= &(_a)->a_ace[0]) && ((_e) < &(_a)->a_ace[ACL_MAX_ENTRIES])
80
81	#define _ACL_VALID_FLAG(_f) (((_f) & _ACL_FLAGS_MASK) == (_f))
82
83	#define _ACL_VALID_ENTRY_FLAG(_f) (((_f) & _ACL_ENTRY_FLAGS_MASK) == (_f))
84
85	#define _ACL_PERMS_MASK (ACL_READ_DATA \| \
86	ACL_LIST_DIRECTORY \| \
87	ACL_WRITE_DATA \| \
88	ACL_ADD_FILE \| \
89	ACL_EXECUTE \| \
90	ACL_SEARCH \| \
91	ACL_DELETE \| \
92	ACL_APPEND_DATA \| \
93	ACL_ADD_SUBDIRECTORY \| \
94	ACL_DELETE_CHILD \| \
95	ACL_READ_ATTRIBUTES \| \
96	ACL_WRITE_ATTRIBUTES \| \
97	ACL_READ_EXTATTRIBUTES \| \
98	ACL_WRITE_EXTATTRIBUTES \| \
99	ACL_READ_SECURITY \| \
100	ACL_WRITE_SECURITY \| \
101	ACL_CHANGE_OWNER)
102
103	#define _ACL_VALID_PERM(_f) (((_f) & ~_ACL_PERMS_MASK) == 0)
104
105	#define _ACL_VALIDATE_ACL(_a) \
106	do { \
107	if (!_ACL_VALID_ACL((_a))) { \
108	errno = EINVAL; \
109	return(-1); \
110	} \
111	} while (0)
112
113	#define _ACL_VALIDATE_ENTRY(_e) \
114	do { \
115	if (!_ACL_VALID_ENTRY((_e))) { \
116	errno = EINVAL; \
117	return(-1); \
118	} \
119	} while (0)
120
121	#define _ACL_VALIDATE_ENTRY_CONTAINED(_a, _e) \
122	do { \
123	if (!_ACL_ENTRY_CONTAINED((_a), (_e))) { \
124	errno = EINVAL; \
125	return(-1); \
126	} \
127	} while (0)
128
129	#define _ACL_VALIDATE_FLAG(_f) \
130	do { \
131	if (!_ACL_VALID_FLAG((_f))) { \
132	errno = EINVAL; \
133	return(-1); \
134	} \
135	} while (0)
136
137	#define _ACL_VALIDATE_ENTRY_FLAG(_f) \
138	do { \
139	if (!_ACL_VALID_ENTRY_FLAG((_f))) { \
140	errno = EINVAL; \
141	return(-1); \
142	} \
143	} while (0)
144
145	#define _ACL_VALIDATE_PERM(_f) \
146	do { \
147	if (!_ACL_VALID_PERM((_f))) { \
148	errno = EINVAL; \
149	return(-1); \
150	} \
151	} while (0)
152
153	#endif /* _ACLVAR_H */