1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 1999-2001 Robert N. M. Watson 5 * Copyright (c) 2008 Edward Tomasz Napieraa <trasz (at) FreeBSD.org> 6 * All rights reserved. 7 * 8 * This software was developed by Robert Watson for the TrustedBSD Project. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $FreeBSD: head/sys/sys/acl.h 326256 2017-11-27 15:01:59Z pfg $ 32 */ 33 /* 34 * Developed by the TrustedBSD Project. 35 * Support for POSIX.1e and NFSv4 access control lists. 36 */ 37 38 #ifndef _SYS_ACL_H_ 39 #define _SYS_ACL_H_ 40 41 #include <sys/param.h> 42 #include <sys/queue.h> 43 44 /* 45 * POSIX.1e and NFSv4 ACL types and related constants. 46 */ 47 48 typedef uint32_t acl_tag_t; 49 typedef uint32_t acl_perm_t; 50 typedef uint16_t acl_entry_type_t; 51 typedef uint16_t acl_flag_t; 52 typedef int acl_type_t; 53 typedef uint32_t *acl_permset_t; 54 typedef uint16_t *acl_flagset_t; 55 56 /* 57 * With 254 entries, "struct acl_t_struct" is exactly one 4kB page big. 58 * Note that with NFSv4 ACLs, the maximum number of ACL entries one 59 * may set on file or directory is about half of ACL_MAX_ENTRIES. 60 * 61 * If you increase this, you might also need to increase 62 * _ACL_T_ALIGNMENT_BITS in lib/libc/posix1e/acl_support.h. 63 * 64 * The maximum number of POSIX.1e ACLs is controlled 65 * by OLDACL_MAX_ENTRIES. Changing that one will break binary 66 * compatibility with pre-8.0 userland and change on-disk ACL layout. 67 */ 68 #define ACL_MAX_ENTRIES 254 69 70 #if defined(_KERNEL) || defined(_ACL_PRIVATE) || defined(_MODULE) 71 72 #define POSIX1E_ACL_ACCESS_EXTATTR_NAMESPACE EXTATTR_NAMESPACE_SYSTEM 73 #define POSIX1E_ACL_ACCESS_EXTATTR_NAME "posix1e.acl_access" 74 #define POSIX1E_ACL_DEFAULT_EXTATTR_NAMESPACE EXTATTR_NAMESPACE_SYSTEM 75 #define POSIX1E_ACL_DEFAULT_EXTATTR_NAME "posix1e.acl_default" 76 #define NFS4_ACL_EXTATTR_NAMESPACE EXTATTR_NAMESPACE_SYSTEM 77 #define NFS4_ACL_EXTATTR_NAME "nfs4.acl" 78 #define OLDACL_MAX_ENTRIES 32 79 80 /* 81 * "struct oldacl" is used in compatibility ACL syscalls and for on-disk 82 * storage of POSIX.1e ACLs. 83 */ 84 typedef int oldacl_tag_t; 85 typedef mode_t oldacl_perm_t; 86 87 struct oldacl_entry { 88 oldacl_tag_t ae_tag; 89 uid_t ae_id; 90 oldacl_perm_t ae_perm; 91 }; 92 typedef struct oldacl_entry *oldacl_entry_t; 93 94 struct oldacl { 95 int acl_cnt; 96 struct oldacl_entry acl_entry[OLDACL_MAX_ENTRIES]; 97 }; 98 99 /* 100 * Current "struct acl". 101 */ 102 struct acl_entry { 103 acl_tag_t ae_tag; 104 uid_t ae_id; 105 acl_perm_t ae_perm; 106 /* NFSv4 entry type, "allow" or "deny". Unused in POSIX.1e ACLs. */ 107 acl_entry_type_t ae_entry_type; 108 /* NFSv4 ACL inheritance. Unused in POSIX.1e ACLs. */ 109 acl_flag_t ae_flags; 110 }; 111 typedef struct acl_entry *acl_entry_t; 112 113 /* 114 * Internal ACL structure, used in libc, kernel APIs and for on-disk 115 * storage of NFSv4 ACLs. POSIX.1e ACLs use "struct oldacl" for on-disk 116 * storage. 117 */ 118 struct acl { 119 unsigned int acl_maxcnt; 120 unsigned int acl_cnt; 121 /* Will be required e.g. to implement NFSv4.1 ACL inheritance. */ 122 int acl_spare[4]; 123 struct acl_entry acl_entry[ACL_MAX_ENTRIES]; 124 }; 125 126 /* 127 * ACL structure internal to libc. 128 */ 129 struct acl_t_struct { 130 struct acl ats_acl; 131 unsigned int ats_cur_entry; 132 /* 133 * ats_brand is for libc internal bookkeeping only. 134 * Applications should use acl_get_brand_np(3). 135 * Kernel code should use the "type" argument passed 136 * to VOP_SETACL, VOP_GETACL or VOP_ACLCHECK calls; 137 * ACL_TYPE_ACCESS or ACL_TYPE_DEFAULT mean POSIX.1e 138 * ACL, ACL_TYPE_NFS4 means NFSv4 ACL. 139 */ 140 int ats_brand; 141 }; 142 typedef struct acl_t_struct *acl_t; 143 144 #else /* _KERNEL || _ACL_PRIVATE */ 145 146 typedef void *acl_entry_t; 147 typedef void *acl_t; 148 149 #endif /* !_KERNEL && !_ACL_PRIVATE */ 150 151 /* 152 * Possible valid values for ats_brand field. 153 */ 154 #define ACL_BRAND_UNKNOWN 0 155 #define ACL_BRAND_POSIX 1 156 #define ACL_BRAND_NFS4 2 157 158 /* 159 * Possible valid values for ae_tag field. For explanation, see acl(9). 160 */ 161 #define ACL_UNDEFINED_TAG 0x00000000 162 #define ACL_USER_OBJ 0x00000001 163 #define ACL_USER 0x00000002 164 #define ACL_GROUP_OBJ 0x00000004 165 #define ACL_GROUP 0x00000008 166 #define ACL_MASK 0x00000010 167 #define ACL_OTHER 0x00000020 168 #define ACL_OTHER_OBJ ACL_OTHER 169 #define ACL_EVERYONE 0x00000040 170 171 /* 172 * Possible valid values for ae_entry_type field, valid only for NFSv4 ACLs. 173 */ 174 #define ACL_ENTRY_TYPE_ALLOW 0x0100 175 #define ACL_ENTRY_TYPE_DENY 0x0200 176 #define ACL_ENTRY_TYPE_AUDIT 0x0400 177 #define ACL_ENTRY_TYPE_ALARM 0x0800 178 179 /* 180 * Possible valid values for acl_type_t arguments. First two 181 * are provided only for backwards binary compatibility. 182 */ 183 #define ACL_TYPE_ACCESS_OLD 0x00000000 184 #define ACL_TYPE_DEFAULT_OLD 0x00000001 185 #define ACL_TYPE_ACCESS 0x00000002 186 #define ACL_TYPE_DEFAULT 0x00000003 187 #define ACL_TYPE_NFS4 0x00000004 188 189 /* 190 * Possible bits in ae_perm field for POSIX.1e ACLs. Note 191 * that ACL_EXECUTE may be used in both NFSv4 and POSIX.1e ACLs. 192 */ 193 #define ACL_EXECUTE 0x0001 194 #define ACL_WRITE 0x0002 195 #define ACL_READ 0x0004 196 #define ACL_PERM_NONE 0x0000 197 #define ACL_PERM_BITS (ACL_EXECUTE | ACL_WRITE | ACL_READ) 198 #define ACL_POSIX1E_BITS (ACL_EXECUTE | ACL_WRITE | ACL_READ) 199 200 /* 201 * Possible bits in ae_perm field for NFSv4 ACLs. 202 */ 203 #define ACL_READ_DATA 0x00000008 204 #define ACL_LIST_DIRECTORY 0x00000008 205 #define ACL_WRITE_DATA 0x00000010 206 #define ACL_ADD_FILE 0x00000010 207 #define ACL_APPEND_DATA 0x00000020 208 #define ACL_ADD_SUBDIRECTORY 0x00000020 209 #define ACL_READ_NAMED_ATTRS 0x00000040 210 #define ACL_WRITE_NAMED_ATTRS 0x00000080 211 /* ACL_EXECUTE is defined above. */ 212 #define ACL_DELETE_CHILD 0x00000100 213 #define ACL_READ_ATTRIBUTES 0x00000200 214 #define ACL_WRITE_ATTRIBUTES 0x00000400 215 #define ACL_DELETE 0x00000800 216 #define ACL_READ_ACL 0x00001000 217 #define ACL_WRITE_ACL 0x00002000 218 #define ACL_WRITE_OWNER 0x00004000 219 #define ACL_SYNCHRONIZE 0x00008000 220 221 #define ACL_FULL_SET (ACL_READ_DATA | ACL_WRITE_DATA | \ 222 ACL_APPEND_DATA | ACL_READ_NAMED_ATTRS | ACL_WRITE_NAMED_ATTRS | \ 223 ACL_EXECUTE | ACL_DELETE_CHILD | ACL_READ_ATTRIBUTES | \ 224 ACL_WRITE_ATTRIBUTES | ACL_DELETE | ACL_READ_ACL | ACL_WRITE_ACL | \ 225 ACL_WRITE_OWNER | ACL_SYNCHRONIZE) 226 227 #define ACL_MODIFY_SET (ACL_FULL_SET & \ 228 ~(ACL_WRITE_ACL | ACL_WRITE_OWNER)) 229 230 #define ACL_READ_SET (ACL_READ_DATA | ACL_READ_NAMED_ATTRS | \ 231 ACL_READ_ATTRIBUTES | ACL_READ_ACL) 232 233 #define ACL_WRITE_SET (ACL_WRITE_DATA | ACL_APPEND_DATA | \ 234 ACL_WRITE_NAMED_ATTRS | ACL_WRITE_ATTRIBUTES) 235 236 #define ACL_NFS4_PERM_BITS ACL_FULL_SET 237 238 /* 239 * Possible entry_id values for acl_get_entry(3). 240 */ 241 #define ACL_FIRST_ENTRY 0 242 #define ACL_NEXT_ENTRY 1 243 244 /* 245 * Possible values in ae_flags field; valid only for NFSv4 ACLs. 246 */ 247 #define ACL_ENTRY_FILE_INHERIT 0x0001 248 #define ACL_ENTRY_DIRECTORY_INHERIT 0x0002 249 #define ACL_ENTRY_NO_PROPAGATE_INHERIT 0x0004 250 #define ACL_ENTRY_INHERIT_ONLY 0x0008 251 #define ACL_ENTRY_SUCCESSFUL_ACCESS 0x0010 252 #define ACL_ENTRY_FAILED_ACCESS 0x0020 253 #define ACL_ENTRY_INHERITED 0x0080 254 255 #define ACL_FLAGS_BITS (ACL_ENTRY_FILE_INHERIT | \ 256 ACL_ENTRY_DIRECTORY_INHERIT | ACL_ENTRY_NO_PROPAGATE_INHERIT | \ 257 ACL_ENTRY_INHERIT_ONLY | ACL_ENTRY_SUCCESSFUL_ACCESS | \ 258 ACL_ENTRY_FAILED_ACCESS | ACL_ENTRY_INHERITED) 259 260 /* 261 * Undefined value in ae_id field. ae_id should be set to this value 262 * iff ae_tag is ACL_USER_OBJ, ACL_GROUP_OBJ, ACL_OTHER or ACL_EVERYONE. 263 */ 264 #define ACL_UNDEFINED_ID ((uid_t)-1) 265 266 /* 267 * Possible values for _flags parameter in acl_to_text_np(3). 268 */ 269 #define ACL_TEXT_VERBOSE 0x01 270 #define ACL_TEXT_NUMERIC_IDS 0x02 271 #define ACL_TEXT_APPEND_ID 0x04 272 273 /* 274 * POSIX.1e ACLs are capable of expressing the read, write, and execute bits 275 * of the POSIX mode field. We provide two masks: one that defines the bits 276 * the ACL will replace in the mode, and the other that defines the bits that 277 * must be preseved when an ACL is updating a mode. 278 */ 279 #define ACL_OVERRIDE_MASK (S_IRWXU | S_IRWXG | S_IRWXO) 280 #define ACL_PRESERVE_MASK (~ACL_OVERRIDE_MASK) 281 282 #ifdef _KERNEL 283 284 /* 285 * Filesystem-independent code to move back and forth between POSIX mode and 286 * POSIX.1e ACL representations. 287 */ 288 acl_perm_t acl_posix1e_mode_to_perm(acl_tag_t tag, mode_t mode); 289 struct acl_entry acl_posix1e_mode_to_entry(acl_tag_t tag, uid_t uid, 290 gid_t gid, mode_t mode); 291 mode_t acl_posix1e_perms_to_mode( 292 struct acl_entry *acl_user_obj_entry, 293 struct acl_entry *acl_group_obj_entry, 294 struct acl_entry *acl_other_entry); 295 mode_t acl_posix1e_acl_to_mode(struct acl *acl); 296 mode_t acl_posix1e_newfilemode(mode_t cmode, 297 struct acl *dacl); 298 struct acl *acl_alloc(int flags); 299 void acl_free(struct acl *aclp); 300 301 void acl_nfs4_sync_acl_from_mode(struct acl *aclp, 302 mode_t mode, int file_owner_id); 303 void __acl_nfs4_sync_mode_from_acl(mode_t *mode, 304 const struct acl *aclp); 305 int acl_nfs4_is_trivial(const struct acl *aclp, 306 int file_owner_id); 307 void acl_nfs4_compute_inherited_acl( 308 const struct acl *parent_aclp, 309 struct acl *child_aclp, mode_t mode, 310 int file_owner_id, int is_directory); 311 int acl_copy_oldacl_into_acl(const struct oldacl *source, 312 struct acl *dest); 313 int acl_copy_acl_into_oldacl(const struct acl *source, 314 struct oldacl *dest); 315 316 /* 317 * Filesystem-independent syntax check for a POSIX.1e ACL. 318 */ 319 int acl_posix1e_check(struct acl *acl); 320 int acl_nfs4_check(const struct acl *aclp, int is_directory); 321 322 /* for compat32 */ 323 #include <sys/namei.h> 324 325 int kern___acl_aclcheck_path(struct lwp *, const char *, acl_type_t, 326 struct acl *, namei_simple_flags_t); 327 int kern___acl_delete_path(struct lwp *, const char *, acl_type_t, 328 namei_simple_flags_t); 329 int kern___acl_get_path(struct lwp *, const char *, acl_type_t, 330 struct acl *, namei_simple_flags_t); 331 int kern___acl_set_path(struct lwp *, const char *, acl_type_t, 332 const struct acl *, namei_simple_flags_t); 333 int vacl_set_acl(struct lwp *, struct vnode *, acl_type_t, 334 const struct acl *); 335 int vacl_get_acl(struct lwp *, struct vnode *, acl_type_t, struct acl *); 336 int vacl_aclcheck(struct lwp *, struct vnode *, acl_type_t, 337 const struct acl *); 338 int vacl_delete(struct lwp *, struct vnode *, acl_type_t); 339 340 #else /* !_KERNEL */ 341 342 #if defined(_ACL_PRIVATE) 343 344 /* 345 * Syscall interface -- use the library calls instead as the syscalls have 346 * strict ACL entry ordering requirements. 347 */ 348 __BEGIN_DECLS 349 int __acl_aclcheck_fd(int _filedes, acl_type_t _type, struct acl *_aclp); 350 int __acl_aclcheck_file(const char *_path, acl_type_t _type, 351 struct acl *_aclp); 352 int __acl_aclcheck_link(const char *_path, acl_type_t _type, 353 struct acl *_aclp); 354 int __acl_delete_fd(int _filedes, acl_type_t _type); 355 int __acl_delete_file(const char *_path_p, acl_type_t _type); 356 int __acl_delete_link(const char *_path_p, acl_type_t _type); 357 int __acl_get_fd(int _filedes, acl_type_t _type, struct acl *_aclp); 358 int __acl_get_file(const char *_path, acl_type_t _type, struct acl *_aclp); 359 int __acl_get_link(const char *_path, acl_type_t _type, struct acl *_aclp); 360 int __acl_set_fd(int _filedes, acl_type_t _type, struct acl *_aclp); 361 int __acl_set_file(const char *_path, acl_type_t _type, struct acl *_aclp); 362 int __acl_set_link(const char *_path, acl_type_t _type, struct acl *_aclp); 363 364 /* 365 * These routines from sys/kern/subr_acl_nfs4.c are used by both kernel 366 * and libc. 367 */ 368 void __acl_nfs4_sync_mode_from_acl(mode_t *_mode, const struct acl *_aclp); 369 void __acl_nfs4_trivial_from_mode_libc(struct acl *_aclp, int _file_owner_id, 370 int _canonical_six); 371 __END_DECLS 372 373 #endif /* _ACL_PRIVATE */ 374 375 /* 376 * Supported POSIX.1e ACL manipulation and assignment/retrieval API _np calls 377 * are local extensions that reflect an environment capable of opening file 378 * descriptors of directories, and allowing additional ACL type for different 379 * filesystems (i.e., AFS). 380 */ 381 __BEGIN_DECLS 382 int acl_add_flag_np(acl_flagset_t _flagset_d, acl_flag_t _flag); 383 int acl_add_perm(acl_permset_t _permset_d, acl_perm_t _perm); 384 int acl_calc_mask(acl_t *_acl_p); 385 int acl_clear_flags_np(acl_flagset_t _flagset_d); 386 int acl_clear_perms(acl_permset_t _permset_d); 387 int acl_copy_entry(acl_entry_t _dest_d, acl_entry_t _src_d); 388 ssize_t acl_copy_ext(void *_buf_p, acl_t _acl, ssize_t _size); 389 acl_t acl_copy_int(const void *_buf_p); 390 int acl_create_entry(acl_t *_acl_p, acl_entry_t *_entry_p); 391 int acl_create_entry_np(acl_t *_acl_p, acl_entry_t *_entry_p, int _index); 392 int acl_delete_entry(acl_t _acl, acl_entry_t _entry_d); 393 int acl_delete_entry_np(acl_t _acl, int _index); 394 int acl_delete_fd_np(int _filedes, acl_type_t _type); 395 int acl_delete_file_np(const char *_path_p, acl_type_t _type); 396 int acl_delete_link_np(const char *_path_p, acl_type_t _type); 397 int acl_delete_def_file(const char *_path_p); 398 int acl_delete_def_link_np(const char *_path_p); 399 int acl_delete_flag_np(acl_flagset_t _flagset_d, acl_flag_t _flag); 400 int acl_delete_perm(acl_permset_t _permset_d, acl_perm_t _perm); 401 acl_t acl_dup(acl_t _acl); 402 int acl_free(void *_obj_p); 403 acl_t acl_from_text(const char *_buf_p); 404 int acl_get_brand_np(acl_t _acl, int *_brand_p); 405 int acl_get_entry(acl_t _acl, int _entry_id, acl_entry_t *_entry_p); 406 acl_t acl_get_fd(int _fd); 407 acl_t acl_get_fd_np(int fd, acl_type_t _type); 408 acl_t acl_get_file(const char *_path_p, acl_type_t _type); 409 int acl_get_entry_type_np(acl_entry_t _entry_d, acl_entry_type_t *_entry_type_p); 410 acl_t acl_get_link_np(const char *_path_p, acl_type_t _type); 411 void *acl_get_qualifier(acl_entry_t _entry_d); 412 int acl_get_flag_np(acl_flagset_t _flagset_d, acl_flag_t _flag); 413 int acl_get_perm_np(acl_permset_t _permset_d, acl_perm_t _perm); 414 int acl_get_flagset_np(acl_entry_t _entry_d, acl_flagset_t *_flagset_p); 415 int acl_get_permset(acl_entry_t _entry_d, acl_permset_t *_permset_p); 416 int acl_get_tag_type(acl_entry_t _entry_d, acl_tag_t *_tag_type_p); 417 acl_t acl_init(int _count); 418 int acl_set_fd(int _fd, acl_t _acl); 419 int acl_set_fd_np(int _fd, acl_t _acl, acl_type_t _type); 420 int acl_set_file(const char *_path_p, acl_type_t _type, acl_t _acl); 421 int acl_set_entry_type_np(acl_entry_t _entry_d, acl_entry_type_t _entry_type); 422 int acl_set_link_np(const char *_path_p, acl_type_t _type, acl_t _acl); 423 int acl_set_flagset_np(acl_entry_t _entry_d, acl_flagset_t _flagset_d); 424 int acl_set_permset(acl_entry_t _entry_d, acl_permset_t _permset_d); 425 int acl_set_qualifier(acl_entry_t _entry_d, const void *_tag_qualifier_p); 426 int acl_set_tag_type(acl_entry_t _entry_d, acl_tag_t _tag_type); 427 ssize_t acl_size(acl_t _acl); 428 char *acl_to_text(acl_t _acl, ssize_t *_len_p); 429 char *acl_to_text_np(acl_t _acl, ssize_t *_len_p, int _flags); 430 int acl_valid(acl_t _acl); 431 int acl_valid_fd_np(int _fd, acl_type_t _type, acl_t _acl); 432 int acl_valid_file_np(const char *_path_p, acl_type_t _type, acl_t _acl); 433 int acl_valid_link_np(const char *_path_p, acl_type_t _type, acl_t _acl); 434 int acl_is_trivial_np(const acl_t _acl, int *_trivialp); 435 acl_t acl_strip_np(const acl_t _acl, int recalculate_mask); 436 __END_DECLS 437 438 #endif /* !_KERNEL */ 439 440 #endif /* !_SYS_ACL_H_ */ 441
Indexes created Sat Sep 20 22:09:52 GMT 2025