[apple/libc.git] / sys / openx_np.c

/*
 * Copyright (c) 2004 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */
#include <sys/types.h>
#include <sys/acl.h>
#include <errno.h>
#include <sys/syscall.h>
#include <unistd.h>
#include <fcntl.h>
#include <string.h>

static int
_mkfilex_np(int opcode, const char *path, int flags, filesec_t fsec)
{
	uid_t owner = KAUTH_UID_NONE;
	gid_t group = KAUTH_GID_NONE;
	mode_t mode = 0;
	size_t size = 0;
	int fsacl_used = 0;
	struct kauth_filesec *fsacl = NULL;
	struct kauth_filesec static_filesec;

	/* handle extended security data */
	if (fsec != NULL) {
		/* fetch basic parameters */
		if ((filesec_get_property(fsec, FILESEC_OWNER, &owner) != 0) && (errno != ENOENT))
			return(-1);
		if ((filesec_get_property(fsec, FILESEC_GROUP, &group) != 0) && (errno != ENOENT))
			return(-1);
		if ((filesec_get_property(fsec, FILESEC_MODE, &mode) != 0) && (errno != ENOENT))
			return(-1);

		/* try to fetch the ACL */
		if (((filesec_get_property(fsec, FILESEC_ACL_RAW, &fsacl) != 0) ||
			(filesec_get_property(fsec, FILESEC_ACL_ALLOCSIZE, &size) != 0)) &&
		    (errno != ENOENT))
			return(-1);

		/* only valid for chmod */
		if (fsacl == _FILESEC_REMOVE_ACL) {
			errno = EINVAL;
			return(-1);
		}

		/* no ACL, use local filesec */
		if (fsacl == NULL) {
			bzero(&static_filesec, sizeof(static_filesec));
			fsacl = &static_filesec;
			fsacl->fsec_magic = KAUTH_FILESEC_MAGIC;
			fsacl->fsec_entrycount = KAUTH_FILESEC_NOACL;
		} else {
			fsacl_used = 1;
		}

		/* grab the owner and group UUID if present */
		if (filesec_get_property(fsec, FILESEC_UUID, &fsacl->fsec_owner) != 0) {
			if (errno != ENOENT)
				return(-1);
			bzero(&fsacl->fsec_owner, sizeof(fsacl->fsec_owner));
		} else {
			fsacl_used = 1;
		}
		if (filesec_get_property(fsec, FILESEC_GRPUUID, &fsacl->fsec_group) != 0) {
			if (errno != ENOENT)
				return(-1);
			bzero(&fsacl->fsec_group, sizeof(fsacl->fsec_group));
		} else {
			fsacl_used = 1;
		}

		/* after all this, if we didn't find anything that needs it, don't pass it in */
		if (!fsacl_used)
			fsacl = NULL;
	}

	if (opcode == SYS_open_extended) {
		return(syscall(opcode, path, flags, owner, group, mode, fsacl));
	} else {
		return(syscall(opcode, path, owner, group, mode, fsacl));
	}
}

int
openx_np(const char *path, int flags, filesec_t fsec)
{
	/* optimise for the simple case */
	if (!(flags & O_CREAT) || (fsec == NULL))
		return(open(path, flags));
	return(_mkfilex_np(SYS_open_extended, path, flags, fsec));
}

int
mkfifox_np(const char *path, filesec_t fsec)
{
	return(_mkfilex_np(SYS_mkfifo_extended, path, 0, fsec));
}

int
mkdirx_np(const char *path, filesec_t fsec)
{
	return(_mkfilex_np(SYS_mkdir_extended, path, 0, fsec));
}
Commit	Line	Data
3d9156a7 A	1	/*
	2	* Copyright (c) 2004 Apple Computer, Inc. All rights reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23	#include <sys/types.h>
	24	#include <sys/acl.h>
	25	#include <errno.h>
	26	#include <sys/syscall.h>
	27	#include <unistd.h>
	28	#include <fcntl.h>
	29	#include <string.h>
	30
	31	static int
	32	_mkfilex_np(int opcode, const char *path, int flags, filesec_t fsec)
	33	{
	34	uid_t owner = KAUTH_UID_NONE;
	35	gid_t group = KAUTH_GID_NONE;
	36	mode_t mode = 0;
	37	size_t size = 0;
	38	int fsacl_used = 0;
	39	struct kauth_filesec *fsacl = NULL;
	40	struct kauth_filesec static_filesec;
	41
	42	/* handle extended security data */
	43	if (fsec != NULL) {
	44	/* fetch basic parameters */
	45	if ((filesec_get_property(fsec, FILESEC_OWNER, &owner) != 0) && (errno != ENOENT))
	46	return(-1);
	47	if ((filesec_get_property(fsec, FILESEC_GROUP, &group) != 0) && (errno != ENOENT))
	48	return(-1);
	49	if ((filesec_get_property(fsec, FILESEC_MODE, &mode) != 0) && (errno != ENOENT))
	50	return(-1);
	51
	52	/* try to fetch the ACL */
	53	if (((filesec_get_property(fsec, FILESEC_ACL_RAW, &fsacl) != 0) \|\|
	54	(filesec_get_property(fsec, FILESEC_ACL_ALLOCSIZE, &size) != 0)) &&
	55	(errno != ENOENT))
	56	return(-1);
	57
	58	/* only valid for chmod */
	59	if (fsacl == _FILESEC_REMOVE_ACL) {
	60	errno = EINVAL;
	61	return(-1);
	62	}
	63
	64	/* no ACL, use local filesec */
65	if (fsacl == NULL) {
66	bzero(&static_filesec, sizeof(static_filesec));
67	fsacl = &static_filesec;
68	fsacl->fsec_magic = KAUTH_FILESEC_MAGIC;
69	fsacl->fsec_entrycount = KAUTH_FILESEC_NOACL;
70	} else {
71	fsacl_used = 1;
72	}
73
74	/* grab the owner and group UUID if present */
75	if (filesec_get_property(fsec, FILESEC_UUID, &fsacl->fsec_owner) != 0) {
76	if (errno != ENOENT)
77	return(-1);
78	bzero(&fsacl->fsec_owner, sizeof(fsacl->fsec_owner));
79	} else {
80	fsacl_used = 1;
81	}
82	if (filesec_get_property(fsec, FILESEC_GRPUUID, &fsacl->fsec_group) != 0) {
83	if (errno != ENOENT)
84	return(-1);
85	bzero(&fsacl->fsec_group, sizeof(fsacl->fsec_group));
86	} else {
87	fsacl_used = 1;
88	}
89
90	/* after all this, if we didn't find anything that needs it, don't pass it in */
91	if (!fsacl_used)
92	fsacl = NULL;
93	}
94
95	if (opcode == SYS_open_extended) {
96	return(syscall(opcode, path, flags, owner, group, mode, fsacl));
97	} else {
98	return(syscall(opcode, path, owner, group, mode, fsacl));
99	}
100	}
101
102	int
103	openx_np(const char *path, int flags, filesec_t fsec)
104	{
105	/* optimise for the simple case */
106	if (!(flags & O_CREAT) \|\| (fsec == NULL))
107	return(open(path, flags));
108	return(_mkfilex_np(SYS_open_extended, path, flags, fsec));
109	}
110
111	int
112	mkfifox_np(const char *path, filesec_t fsec)
113	{
114	return(_mkfilex_np(SYS_mkfifo_extended, path, 0, fsec));
115	}
116
117	int
118	mkdirx_np(const char *path, filesec_t fsec)
119	{
120	return(_mkfilex_np(SYS_mkdir_extended, path, 0, fsec));
121	}