mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-20 15:43:16 +00:00
Code Issues Releases Activity

Reduce duplication in __acl_*_(file|link).

Browse Source 
Add const to new kern_ functions and push down as required.

Reviewed by:	rwatson
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D14174
This commit is contained in:
Brooks Davis 2018-02-15 21:24:43 +00:00
parent 808c12715c
commit aff4f2d315
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=329342
1 changed files with 64 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
sys/kern/vfs_acl.c
View File

@ -67,12 +67,21 @@ CTASSERT(ACL_MAX_ENTRIES >= OLDACL_MAX_ENTRIES);
MALLOC_DEFINE(M_ACL, "acl", "Access Control Lists");
static int kern___acl_aclcheck_path(struct thread *td, const char *path,
acl_type_t type, struct acl *aclp, int follow);
static int kern___acl_delete_path(struct thread *td, const char *path,
acl_type_t type, int follow);
static int kern___acl_get_path(struct thread *td, const char *path,
acl_type_t type, struct acl *aclp, int follow);
static int kern___acl_set_path(struct thread *td, const char *path,
acl_type_t type, const struct acl *aclp, int follow);
static int vacl_set_acl(struct thread *td, struct vnode *vp,
acl_type_t type, struct acl *aclp);
acl_type_t type, const struct acl *aclp);
static int vacl_get_acl(struct thread *td, struct vnode *vp,
acl_type_t type, struct acl *aclp);
static int vacl_aclcheck(struct thread *td, struct vnode *vp,
acl_type_t type, struct acl *aclp);
acl_type_t type, const struct acl *aclp);
int
acl_copy_oldacl_into_acl(const struct oldacl *source, struct acl *dest)
@ -130,7 +139,7 @@ acl_copy_acl_into_oldacl(const struct acl *source, struct oldacl *dest)
* format.
*/
static int
acl_copyin(void *user_acl, struct acl *kernel_acl, acl_type_t type)
acl_copyin(const void *user_acl, struct acl *kernel_acl, acl_type_t type)
{
int error;
struct oldacl old;
@ -154,7 +163,7 @@ acl_copyin(void *user_acl, struct acl *kernel_acl, acl_type_t type)
}
static int
acl_copyout(struct acl *kernel_acl, void *user_acl, acl_type_t type)
acl_copyout(const struct acl *kernel_acl, void *user_acl, acl_type_t type)
{
uint32_t am;
int error;
@ -218,7 +227,7 @@ acl_type_unold(int type)
*/
static int
vacl_set_acl(struct thread *td, struct vnode *vp, acl_type_t type,
struct acl *aclp)
const struct acl *aclp)
{
struct acl *inkernelacl;
struct mount *mp;
@ -319,7 +328,7 @@ vacl_delete(struct thread *td, struct vnode *vp, acl_type_t type)
*/
static int
vacl_aclcheck(struct thread *td, struct vnode *vp, acl_type_t type,
struct acl *aclp)
const struct acl *aclp)
{
struct acl *inkernelacl;
int error;
@ -346,17 +355,9 @@ vacl_aclcheck(struct thread *td, struct vnode *vp, acl_type_t type,
int
sys___acl_get_file(struct thread *td, struct __acl_get_file_args *uap)
{
struct nameidata nd;
int error;
NDINIT(&nd, LOOKUP, FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
td);
error = namei(&nd);
if (error == 0) {
error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp);
NDFREE(&nd, 0);
}
return (error);
return (kern___acl_get_path(td, uap->path, uap->type, uap->aclp,
FOLLOW));
}
/*
@ -364,15 +365,23 @@ sys___acl_get_file(struct thread *td, struct __acl_get_file_args *uap)
*/
int
sys___acl_get_link(struct thread *td, struct __acl_get_link_args *uap)
{
return(kern___acl_get_path(td, uap->path, uap->type, uap->aclp,
NOFOLLOW));
}
static int
kern___acl_get_path(struct thread *td, const char *path, acl_type_t type,
struct acl *aclp, int follow)
{
struct nameidata nd;
int error;
NDINIT(&nd, LOOKUP, NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
td);
NDINIT(&nd, LOOKUP, follow | AUDITVNODE1, UIO_USERSPACE, path, td);
error = namei(&nd);
if (error == 0) {
error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp);
error = vacl_get_acl(td, nd.ni_vp, type, aclp);
NDFREE(&nd, 0);
}
return (error);
@ -384,17 +393,9 @@ sys___acl_get_link(struct thread *td, struct __acl_get_link_args *uap)
int
sys___acl_set_file(struct thread *td, struct __acl_set_file_args *uap)
{
struct nameidata nd;
int error;
NDINIT(&nd, LOOKUP, FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
td);
error = namei(&nd);
if (error == 0) {
error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp);
NDFREE(&nd, 0);
}
return (error);
return(kern___acl_set_path(td, uap->path, uap->type, uap->aclp,
FOLLOW));
}
/*
@ -402,15 +403,23 @@ sys___acl_set_file(struct thread *td, struct __acl_set_file_args *uap)
*/
int
sys___acl_set_link(struct thread *td, struct __acl_set_link_args *uap)
{
return(kern___acl_set_path(td, uap->path, uap->type, uap->aclp,
NOFOLLOW));
}
static int
kern___acl_set_path(struct thread *td, const char *path,
acl_type_t type, const struct acl *aclp, int follow)
{
struct nameidata nd;
int error;
NDINIT(&nd, LOOKUP, NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
td);
NDINIT(&nd, LOOKUP, follow | AUDITVNODE1, UIO_USERSPACE, path, td);
error = namei(&nd);
if (error == 0) {
error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp);
error = vacl_set_acl(td, nd.ni_vp, type, aclp);
NDFREE(&nd, 0);
}
return (error);
@ -462,16 +471,8 @@ sys___acl_set_fd(struct thread *td, struct __acl_set_fd_args *uap)
int
sys___acl_delete_file(struct thread *td, struct __acl_delete_file_args *uap)
{
struct nameidata nd;
int error;
NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td);
error = namei(&nd);
if (error == 0) {
error = vacl_delete(td, nd.ni_vp, uap->type);
NDFREE(&nd, 0);
}
return (error);
return (kern___acl_delete_path(td, uap->path, uap->type, FOLLOW));
}
/*
@ -479,14 +480,22 @@ sys___acl_delete_file(struct thread *td, struct __acl_delete_file_args *uap)
*/
int
sys___acl_delete_link(struct thread *td, struct __acl_delete_link_args *uap)
{
return (kern___acl_delete_path(td, uap->path, uap->type, NOFOLLOW));
}
static int
kern___acl_delete_path(struct thread *td, const char *path,
acl_type_t type, int follow)
{
struct nameidata nd;
int error;
NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td);
NDINIT(&nd, LOOKUP, follow, UIO_USERSPACE, path, td);
error = namei(&nd);
if (error == 0) {
error = vacl_delete(td, nd.ni_vp, uap->type);
error = vacl_delete(td, nd.ni_vp, type);
NDFREE(&nd, 0);
}
return (error);
@ -518,16 +527,9 @@ sys___acl_delete_fd(struct thread *td, struct __acl_delete_fd_args *uap)
int
sys___acl_aclcheck_file(struct thread *td, struct __acl_aclcheck_file_args *uap)
{
struct nameidata nd;
int error;
NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td);
error = namei(&nd);
if (error == 0) {
error = vacl_aclcheck(td, nd.ni_vp, uap->type, uap->aclp);
NDFREE(&nd, 0);
}
return (error);
return (kern___acl_aclcheck_path(td, uap->path, uap->type, uap->aclp,
FOLLOW));
}
/*
@ -535,14 +537,22 @@ sys___acl_aclcheck_file(struct thread *td, struct __acl_aclcheck_file_args *uap)
*/
int
sys___acl_aclcheck_link(struct thread *td, struct __acl_aclcheck_link_args *uap)
{
return (kern___acl_aclcheck_path(td, uap->path, uap->type, uap->aclp,
NOFOLLOW));
}
static int
kern___acl_aclcheck_path(struct thread *td, const char *path, acl_type_t type,
struct acl *aclp, int follow)
{
struct nameidata nd;
int error;
NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td);
NDINIT(&nd, LOOKUP, follow, UIO_USERSPACE, path, td);
error = namei(&nd);
if (error == 0) {
error = vacl_aclcheck(td, nd.ni_vp, uap->type, uap->aclp);
error = vacl_aclcheck(td, nd.ni_vp, type, aclp);
NDFREE(&nd, 0);
}
return (error);