[apple/libc.git] / sys / chmodx_np.c

/*
 * Copyright (c) 2004 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */
#include <sys/types.h>
#include <sys/syscall.h>
#include <sys/acl.h>
#include <errno.h>
#include <fcntl.h>
#include <unistd.h>
#include <uuid/uuid.h>

#if 1 /* for turdfile code only */
#include <string.h>
#include <sys/stat.h>
#include <stdio.h>
#include <stdlib.h>
#endif

static int chmodx_syscall(void *obj, uid_t fsowner, gid_t fsgrp, int mode, struct kauth_filesec *fsacl);
static int fchmodx_syscall(void *obj, uid_t fsowner, gid_t fsgrp, int mode, struct kauth_filesec *fsacl);

static int chmodx1(void *obj,
		   int (* chmod_syscall)(void *obj, uid_t fsowner, gid_t fsgrp, int mode,
				       struct kauth_filesec *fsacl),
    		   filesec_t fsec);

/*
 * Chmod interfaces.
 */
int
chmodx_np(const char *path, filesec_t fsec)
{
	return(chmodx1((void *)&path, chmodx_syscall, fsec));
}

int
fchmodx_np(int fd, filesec_t fsec)
{
	return(chmodx1((void *)&fd, fchmodx_syscall, fsec));
}

/*
 * Chmod syscalls.
 */
static int
chmodx_syscall(void *obj, uid_t fsowner, gid_t fsgrp, int mode, struct kauth_filesec *fsacl)
{
	char *path = *(char **)obj;

	return(syscall(SYS_chmod_extended, path, fsowner, fsgrp, mode, fsacl));
}

static int
fchmodx_syscall(void *obj, uid_t fsowner, gid_t fsgrp, int mode, struct kauth_filesec *fsacl)
{
	int fd = *(int *)obj;
	return(syscall(SYS_fchmod_extended, fd, fsowner, fsgrp, mode, fsacl));
}

/*
 * Chmod internals.
 */
	
static int
chmodx1(void *obj,
    int (chmod_syscall)(void *obj, uid_t fsowner, gid_t fsgrp, int mode, struct kauth_filesec *fsacl),
    filesec_t fsec)
{
	uid_t fsowner = KAUTH_UID_NONE;
	gid_t fsgrp = KAUTH_GID_NONE;
	mode_t fsec_mode;
	int fsmode = -1;
	size_t size = 0;
	int fsacl_used = 0;
	int delete_acl = 0;
	struct kauth_filesec *fsacl = NULL;
	struct kauth_filesec static_filesec;

	if (fsec == NULL) {
		errno = EINVAL;
		return(-1);
	}
	
	/* regular properties */
	if ((filesec_get_property(fsec, FILESEC_OWNER, &fsowner) != 0) && (errno != ENOENT))
		return(-1);
	if ((filesec_get_property(fsec, FILESEC_GROUP, &fsgrp) != 0) && (errno != ENOENT))
		return(-1);
	if ((filesec_get_property(fsec, FILESEC_MODE, &fsec_mode)) != 0) {
		if (errno != ENOENT)
			return(-1);
	} else {
		/* cast up */
		fsmode = fsec_mode;
	}

	/*
	 * We can set any or all of the ACL and UUIDs, but the two are transported in one
	 * structure.  If we have an ACL, we'll use its allocated structure, otherwise we
	 * need our own.
	 */
	if (((filesec_get_property(fsec, FILESEC_ACL_RAW, &fsacl) != 0) ||
		(filesec_get_property(fsec, FILESEC_ACL_ALLOCSIZE, &size) != 0)) &&
	    (errno != ENOENT))
		return(-1);
	/* caller wants to delete ACL, must remember this */
	if (fsacl == _FILESEC_REMOVE_ACL) {
		delete_acl = 1;
		fsacl = 0;
	}
	
	/* no ACL, use local filesec */
	if (fsacl == NULL) {
		bzero(&static_filesec, sizeof(static_filesec));
		fsacl = &static_filesec;
		fsacl->fsec_magic = KAUTH_FILESEC_MAGIC;
		fsacl->fsec_entrycount = KAUTH_FILESEC_NOACL;
	} else {
		fsacl_used = 1;
	}

	/* grab the owner and group UUID if present */
	if (filesec_get_property(fsec, FILESEC_UUID, &fsacl->fsec_owner) != 0) {
		if (errno != ENOENT)
			return(-1);
		bzero(&fsacl->fsec_owner, sizeof(fsacl->fsec_owner));
	} else {
		fsacl_used = 1;
	}
	if (filesec_get_property(fsec, FILESEC_GRPUUID, &fsacl->fsec_group) != 0) {
		if (errno != ENOENT)
			return(-1);
		bzero(&fsacl->fsec_group, sizeof(fsacl->fsec_group));
	} else {
		fsacl_used = 1;
	}

	/* after all this, if we didn't find anything that needs it, don't pass it in */
	if (!fsacl_used) {
		/*
		 * If the caller was trying to remove the ACL, and there are no UUIDs,
		 * we can tell the kernel to completely nuke the whole datastructure.
		 */
		if (delete_acl) {
			fsacl = _FILESEC_REMOVE_ACL;
		} else {
			fsacl = NULL;
		}
	}

	return(chmod_syscall(obj, fsowner, fsgrp, fsmode, fsacl));
}
Commit	Line	Data
3d9156a7 A	1	/*
	2	* Copyright (c) 2004 Apple Computer, Inc. All rights reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23	#include <sys/types.h>
	24	#include <sys/syscall.h>
	25	#include <sys/acl.h>
	26	#include <errno.h>
	27	#include <fcntl.h>
	28	#include <unistd.h>
	29	#include <uuid/uuid.h>
	30
	31	#if 1 /* for turdfile code only */
	32	#include <string.h>
	33	#include <sys/stat.h>
	34	#include <stdio.h>
	35	#include <stdlib.h>
	36	#endif
	37
	38	static int chmodx_syscall(void obj, uid_t fsowner, gid_t fsgrp, int mode, struct kauth_filesec fsacl);
	39	static int fchmodx_syscall(void obj, uid_t fsowner, gid_t fsgrp, int mode, struct kauth_filesec fsacl);
	40
	41	static int chmodx1(void *obj,
	42	int (* chmod_syscall)(void *obj, uid_t fsowner, gid_t fsgrp, int mode,
	43	struct kauth_filesec *fsacl),
	44	filesec_t fsec);
	45
	46	/*
	47	* Chmod interfaces.
	48	*/
	49	int
	50	chmodx_np(const char *path, filesec_t fsec)
	51	{
	52	return(chmodx1((void *)&path, chmodx_syscall, fsec));
	53	}
	54
	55	int
	56	fchmodx_np(int fd, filesec_t fsec)
	57	{
	58	return(chmodx1((void *)&fd, fchmodx_syscall, fsec));
	59	}
	60
	61	/*
	62	* Chmod syscalls.
	63	*/
	64	static int
65	chmodx_syscall(void obj, uid_t fsowner, gid_t fsgrp, int mode, struct kauth_filesec fsacl)
66	{
67	char path = (char **)obj;
68
69	return(syscall(SYS_chmod_extended, path, fsowner, fsgrp, mode, fsacl));
70	}
71
72	static int
73	fchmodx_syscall(void obj, uid_t fsowner, gid_t fsgrp, int mode, struct kauth_filesec fsacl)
74	{
75	int fd = (int )obj;
76	return(syscall(SYS_fchmod_extended, fd, fsowner, fsgrp, mode, fsacl));
77	}
78
79	/*
80	* Chmod internals.
81	*/
82
83	static int
84	chmodx1(void *obj,
85	int (chmod_syscall)(void obj, uid_t fsowner, gid_t fsgrp, int mode, struct kauth_filesec fsacl),
86	filesec_t fsec)
87	{
88	uid_t fsowner = KAUTH_UID_NONE;
89	gid_t fsgrp = KAUTH_GID_NONE;
90	mode_t fsec_mode;
91	int fsmode = -1;
92	size_t size = 0;
93	int fsacl_used = 0;
94	int delete_acl = 0;
95	struct kauth_filesec *fsacl = NULL;
96	struct kauth_filesec static_filesec;
97
98	if (fsec == NULL) {
99	errno = EINVAL;
100	return(-1);
101	}
102
103	/* regular properties */
104	if ((filesec_get_property(fsec, FILESEC_OWNER, &fsowner) != 0) && (errno != ENOENT))
105	return(-1);
106	if ((filesec_get_property(fsec, FILESEC_GROUP, &fsgrp) != 0) && (errno != ENOENT))
107	return(-1);
108	if ((filesec_get_property(fsec, FILESEC_MODE, &fsec_mode)) != 0) {
109	if (errno != ENOENT)
110	return(-1);
111	} else {
112	/* cast up */
113	fsmode = fsec_mode;
114	}
115
116	/*
117	* We can set any or all of the ACL and UUIDs, but the two are transported in one
118	* structure. If we have an ACL, we'll use its allocated structure, otherwise we
119	* need our own.
120	*/
121	if (((filesec_get_property(fsec, FILESEC_ACL_RAW, &fsacl) != 0) \|\|
122	(filesec_get_property(fsec, FILESEC_ACL_ALLOCSIZE, &size) != 0)) &&
123	(errno != ENOENT))
124	return(-1);
125	/* caller wants to delete ACL, must remember this */
126	if (fsacl == _FILESEC_REMOVE_ACL) {
127	delete_acl = 1;
128	fsacl = 0;
129	}
130
131	/* no ACL, use local filesec */
132	if (fsacl == NULL) {
133	bzero(&static_filesec, sizeof(static_filesec));
134	fsacl = &static_filesec;
135	fsacl->fsec_magic = KAUTH_FILESEC_MAGIC;
136	fsacl->fsec_entrycount = KAUTH_FILESEC_NOACL;
137	} else {
138	fsacl_used = 1;
139	}
140
141	/* grab the owner and group UUID if present */
142	if (filesec_get_property(fsec, FILESEC_UUID, &fsacl->fsec_owner) != 0) {
143	if (errno != ENOENT)
144	return(-1);
145	bzero(&fsacl->fsec_owner, sizeof(fsacl->fsec_owner));
146	} else {
147	fsacl_used = 1;
148	}
149	if (filesec_get_property(fsec, FILESEC_GRPUUID, &fsacl->fsec_group) != 0) {
150	if (errno != ENOENT)
151	return(-1);
152	bzero(&fsacl->fsec_group, sizeof(fsacl->fsec_group));
153	} else {
154	fsacl_used = 1;
155	}
156
157	/* after all this, if we didn't find anything that needs it, don't pass it in */
158	if (!fsacl_used) {
159	/*
160	* If the caller was trying to remove the ACL, and there are no UUIDs,
161	* we can tell the kernel to completely nuke the whole datastructure.
162	*/
163	if (delete_acl) {
164	fsacl = _FILESEC_REMOVE_ACL;
165	} else {
166	fsacl = NULL;
167	}
168	}
169
170	return(chmod_syscall(obj, fsowner, fsgrp, fsmode, fsacl));
171	}