[apple/libc.git] / posix1e / aclvar.h

/*
 * Copyright (c) 2004, 2008 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * The contents of this file constitute Original Code as defined in and
 * are subject to the Apple Public Source License Version 1.1 (the
 * "License").  You may not use this file except in compliance with the
 * License.  Please obtain a copy of the License at
 * http://www.apple.com/publicsource and read it before using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
 * License for the specific language governing rights and limitations
 * under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

#ifndef _ACLVAR_H
#define _ACLVAR_H

#include <sys/kauth.h>

/*
 * Internal access control list entry representation.
 */
struct _acl_entry {
	u_int32_t	ae_magic;
#define _ACL_ENTRY_MAGIC	0xac1ac101
	u_int32_t	ae_tag;
	guid_t		ae_applicable;
	u_int32_t	ae_flags;
	u_int32_t	ae_perms;
};

/*
 * Internal representation of an ACL.
 * XXX static allocation is wasteful. 
 */
struct _acl {
	u_int32_t	a_magic;
#define _ACL_ACL_MAGIC		0xac1ac102
	unsigned	a_entries;
	int		a_last_get;
	u_int32_t	a_flags;
	struct _acl_entry a_ace[ACL_MAX_ENTRIES];
};

/*
 * ACL/entry flags.
 */
struct _acl_flagset {
	u_int32_t	af_flags;
};

/*
 * ACL entry permissions.
 */
struct _acl_permset {
	u_int32_t	ap_perms;
};

/*
 * Argument validation.
 */

#define _ACL_VALID_ENTRY(_e)	((_e)->ae_magic == _ACL_ENTRY_MAGIC)

#define _ACL_VALID_ACL(_a)	((_a)->a_magic == _ACL_ACL_MAGIC)

#define _ACL_ENTRY_CONTAINED(_a, _e) \
	((_e) >= &(_a)->a_ace[0]) && ((_e) < &(_a)->a_ace[ACL_MAX_ENTRIES])

#define _ACL_VALID_FLAG(_f) (((_f) & _ACL_FLAGS_MASK) == (_f))

#define _ACL_VALID_ENTRY_FLAG(_f) (((_f) & _ACL_ENTRY_FLAGS_MASK) == (_f))

#define _ACL_PERMS_MASK	(ACL_READ_DATA |					\
			ACL_LIST_DIRECTORY |				\
			ACL_WRITE_DATA |				\
			ACL_ADD_FILE |					\
			ACL_EXECUTE |					\
			ACL_SEARCH |					\
			ACL_DELETE |					\
			ACL_APPEND_DATA |				\
			ACL_ADD_SUBDIRECTORY |				\
			ACL_DELETE_CHILD |				\
			ACL_READ_ATTRIBUTES |				\
			ACL_WRITE_ATTRIBUTES |				\
			ACL_READ_EXTATTRIBUTES |			\
			ACL_WRITE_EXTATTRIBUTES |			\
			ACL_READ_SECURITY |				\
			ACL_WRITE_SECURITY |				\
			ACL_CHANGE_OWNER)

#define _ACL_VALID_PERM(_f)	(((_f) & ~_ACL_PERMS_MASK) == 0)

#define _ACL_VALIDATE_ACL(_a)						\
do {									\
	if (!_ACL_VALID_ACL((_a))) {					\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)

#define _ACL_VALIDATE_ENTRY(_e)						\
do {									\
	if (!_ACL_VALID_ENTRY((_e))) {					\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)

#define _ACL_VALIDATE_ENTRY_CONTAINED(_a, _e)				\
do {									\
	if (!_ACL_ENTRY_CONTAINED((_a), (_e))) {			\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)
	
#define _ACL_VALIDATE_FLAG(_f)						\
do {									\
	if (!_ACL_VALID_FLAG((_f))) {					\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)

#define _ACL_VALIDATE_ENTRY_FLAG(_f)					\
do {									\
	if (!_ACL_VALID_ENTRY_FLAG((_f))) {				\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)

#define _ACL_VALIDATE_PERM(_f)						\
do {									\
	if (!_ACL_VALID_PERM((_f))) {					\
		errno = EINVAL;						\
		return(-1);						\
	}								\
} while (0)

#endif /* _ACLVAR_H */
Commit	Line	Data
3d9156a7	1	/*
34e8f829	2	* Copyright (c) 2004, 2008 Apple Computer, Inc. All rights reserved.
3d9156a7 A	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* The contents of this file constitute Original Code as defined in and
	7	* are subject to the Apple Public Source License Version 1.1 (the
	8	* "License"). You may not use this file except in compliance with the
	9	* License. Please obtain a copy of the License at
	10	* http://www.apple.com/publicsource and read it before using this file.
	11	*
	12	* This Original Code and all software distributed under the License are
	13	* distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	14	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	15	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	16	* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
	17	* License for the specific language governing rights and limitations
	18	* under the License.
	19	*
	20	* @APPLE_LICENSE_HEADER_END@
	21	*/
	22
	23	#ifndef _ACLVAR_H
	24	#define _ACLVAR_H
	25
	26	#include <sys/kauth.h>
	27
3d9156a7 A	28	/*
	29	* Internal access control list entry representation.
	30	*/
	31	struct _acl_entry {
	32	u_int32_t ae_magic;
	33	#define _ACL_ENTRY_MAGIC 0xac1ac101
	34	u_int32_t ae_tag;
	35	guid_t ae_applicable;
	36	u_int32_t ae_flags;
	37	u_int32_t ae_perms;
	38	};
	39
	40	/*
	41	* Internal representation of an ACL.
	42	* XXX static allocation is wasteful.
	43	*/
	44	struct _acl {
	45	u_int32_t a_magic;
	46	#define _ACL_ACL_MAGIC 0xac1ac102
	47	unsigned a_entries;
	48	int a_last_get;
	49	u_int32_t a_flags;
	50	struct _acl_entry a_ace[ACL_MAX_ENTRIES];
	51	};
	52
	53	/*
	54	* ACL/entry flags.
	55	*/
	56	struct _acl_flagset {
	57	u_int32_t af_flags;
	58	};
	59
	60	/*
	61	* ACL entry permissions.
	62	*/
	63	struct _acl_permset {
	64	u_int32_t ap_perms;
	65	};
	66
	67	/*
	68	* Argument validation.
	69	*/
	70
	71	#define _ACL_VALID_ENTRY(_e) ((_e)->ae_magic == _ACL_ENTRY_MAGIC)
	72
	73	#define _ACL_VALID_ACL(_a) ((_a)->a_magic == _ACL_ACL_MAGIC)
	74
	75	#define _ACL_ENTRY_CONTAINED(_a, _e) \
	76	((_e) >= &(_a)->a_ace[0]) && ((_e) < &(_a)->a_ace[ACL_MAX_ENTRIES])
	77
	78	#define _ACL_VALID_FLAG(_f) (((_f) & _ACL_FLAGS_MASK) == (_f))
	79
	80	#define _ACL_VALID_ENTRY_FLAG(_f) (((_f) & _ACL_ENTRY_FLAGS_MASK) == (_f))
	81
	82	#define _ACL_PERMS_MASK (ACL_READ_DATA \| \
	83	ACL_LIST_DIRECTORY \| \
	84	ACL_WRITE_DATA \| \
	85	ACL_ADD_FILE \| \
	86	ACL_EXECUTE \| \
	87	ACL_SEARCH \| \
	88	ACL_DELETE \| \
	89	ACL_APPEND_DATA \| \
	90	ACL_ADD_SUBDIRECTORY \| \
	91	ACL_DELETE_CHILD \| \
92	ACL_READ_ATTRIBUTES \| \
93	ACL_WRITE_ATTRIBUTES \| \
94	ACL_READ_EXTATTRIBUTES \| \
95	ACL_WRITE_EXTATTRIBUTES \| \
96	ACL_READ_SECURITY \| \
97	ACL_WRITE_SECURITY \| \
98	ACL_CHANGE_OWNER)
99
100	#define _ACL_VALID_PERM(_f) (((_f) & ~_ACL_PERMS_MASK) == 0)
101
102	#define _ACL_VALIDATE_ACL(_a) \
103	do { \
104	if (!_ACL_VALID_ACL((_a))) { \
105	errno = EINVAL; \
106	return(-1); \
107	} \
108	} while (0)
109
110	#define _ACL_VALIDATE_ENTRY(_e) \
111	do { \
112	if (!_ACL_VALID_ENTRY((_e))) { \
113	errno = EINVAL; \
114	return(-1); \
115	} \
116	} while (0)
117
118	#define _ACL_VALIDATE_ENTRY_CONTAINED(_a, _e) \
119	do { \
120	if (!_ACL_ENTRY_CONTAINED((_a), (_e))) { \
121	errno = EINVAL; \
122	return(-1); \
123	} \
124	} while (0)
125
126	#define _ACL_VALIDATE_FLAG(_f) \
127	do { \
128	if (!_ACL_VALID_FLAG((_f))) { \
129	errno = EINVAL; \
130	return(-1); \
131	} \
132	} while (0)
133
134	#define _ACL_VALIDATE_ENTRY_FLAG(_f) \
135	do { \
136	if (!_ACL_VALID_ENTRY_FLAG((_f))) { \
137	errno = EINVAL; \
138	return(-1); \
139	} \
140	} while (0)
141
142	#define _ACL_VALIDATE_PERM(_f) \
143	do { \
144	if (!_ACL_VALID_PERM((_f))) { \
145	errno = EINVAL; \
146	return(-1); \
147	} \
148	} while (0)
149
150	#endif /* _ACLVAR_H */