upstream/illumos/illumos-gate: usr/src/lib/libc/port/gen/privlib.c@febeba71273d (annotated)

0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	2	* CDDL HEADER START
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	3	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	4	* The contents of this file are subject to the terms of the
1059 11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	5	* Common Development and Distribution License (the "License").
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	6	* You may not use this file except in compliance with the License.
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	7	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	8	* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	9	* or http://www.opensolaris.org/os/licensing.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	10	* See the License for the specific language governing permissions
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	11	* and limitations under the License.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	12	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	13	* When distributing Covered Code, include this CDDL HEADER in each
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	14	* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	15	* If applicable, add the following below this CDDL HEADER, with the
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	16	* fields enclosed by brackets "[]" replaced with your own identifying
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	17	* information: Portions Copyright [yyyy] [name of copyright owner]
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	18	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	19	* CDDL HEADER END
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	20	*/
3864 2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	21
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	22	/*
6812 febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	23	* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	24	* Use is subject to license terms.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	25	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	26
6812 febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	27	#pragma ident "%Z%%M% %I% %E% SMI"
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	28
6812 febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	29	#pragma weak _getprivimplinfo = getprivimplinfo
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	30	#pragma weak _priv_addset = priv_addset
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	31	#pragma weak _priv_allocset = priv_allocset
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	32	#pragma weak _priv_copyset = priv_copyset
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	33	#pragma weak _priv_delset = priv_delset
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	34	#pragma weak _priv_emptyset = priv_emptyset
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	35	#pragma weak _priv_fillset = priv_fillset
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	36	#pragma weak _priv_freeset = priv_freeset
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	37	#pragma weak _priv_getbyname = priv_getbyname
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	38	#pragma weak _priv_getbynum = priv_getbynum
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	39	#pragma weak _priv_getsetbyname = priv_getsetbyname
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	40	#pragma weak _priv_getsetbynum = priv_getsetbynum
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	41	#pragma weak _priv_ineffect = priv_ineffect
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	42	#pragma weak _priv_intersect = priv_intersect
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	43	#pragma weak _priv_inverse = priv_inverse
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	44	#pragma weak _priv_isemptyset = priv_isemptyset
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	45	#pragma weak _priv_isequalset = priv_isequalset
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	46	#pragma weak _priv_isfullset = priv_isfullset
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	47	#pragma weak _priv_ismember = priv_ismember
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	48	#pragma weak _priv_issubset = priv_issubset
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	49	#pragma weak _priv_set = priv_set
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	50	#pragma weak _priv_union = priv_union
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	51
6812 febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	52	#include "lint.h"
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	53
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	54	#define _STRUCTURED_PROC 1
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	55
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	56	#include "priv_private.h"
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	57	#include "mtlib.h"
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	58	#include "libc.h"
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	59	#include <errno.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	60	#include <stdarg.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	61	#include <stdlib.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	62	#include <unistd.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	63	#include <strings.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	64	#include <synch.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	65	#include <alloca.h>
3864 2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	66	#include <atomic.h>
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	67	#include <sys/ucred.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	68	#include <sys/procfs.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	69	#include <sys/param.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	70	#include <sys/corectl.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	71	#include <priv_utils.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	72	#include <zone.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	73
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	74	/* Include each string only once - until the compiler/linker are fixed */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	75	static const char *permitted = PRIV_PERMITTED;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	76	static const char *effective = PRIV_EFFECTIVE;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	77	static const char *limit = PRIV_LIMIT;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	78	static const char *inheritable = PRIV_INHERITABLE;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	79	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	80	* Data independent privilege set operations.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	81	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	82	* Only a few functions are provided that do not default to
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	83	* the system implementation of privileges. A limited set of
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	84	* interfaces is provided that accepts a priv_data_t *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	85	* argument; this set of interfaces is a private interface between libc
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	86	* and libproc. It is delivered in order to interpret privilege sets
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	87	* in debuggers in a implementation independent way. As such, we
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	88	* don't need to provide the bulk of the interfaces, only a few
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	89	* boolean tests (isfull, isempty) the name<->num mappings and
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	90	* set pretty print functions. The boolean tests are only needed for
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	91	* the latter, so those aren't provided externally.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	92	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	93	* Additionally, we provide the function that maps the kernel implementation
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	94	* structure into a libc private data structure.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	95	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	96
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	97	priv_data_t *privdata;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	98
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	99	static mutex_t pd_lock = DEFAULTMUTEX;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	100
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	101	static int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	102	parseninfo(priv_info_names_t na, char *buf, int cp)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	103	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	104	char *q;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	105	int i;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	106
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	107	buf = libc_malloc(sizeof (char ) * na->cnt);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	108
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	109	if (*buf == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	110	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	111
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	112	q = na->names;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	113
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	114	for (i = 0; i < na->cnt; i++) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	115	int l = strlen(q);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	116
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	117	(*buf)[i] = q;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	118	q += l + 1;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	119	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	120	*cp = na->cnt;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	121	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	122	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	123
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	124	struct strint {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	125	char *name;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	126	int rank;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	127	};
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	128
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	129	static int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	130	strintcmp(const void a, const void b)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	131	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	132	const struct strint *ap = a;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	133	const struct strint *bp = b;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	134
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	135	return (strcasecmp(ap->name, bp->name));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	136	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	137
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	138	priv_data_t *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	139	__priv_parse_info(priv_impl_info_t *ip)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	140	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	141	priv_data_t *tmp;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	142	char *x;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	143	size_t size = PRIV_IMPL_INFO_SIZE(ip);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	144	int i;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	145
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	146	tmp = libc_malloc(sizeof (*tmp));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	147
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	148	if (tmp == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	149	return (NULL);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	150
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	151	(void) memset(tmp, 0, sizeof (*tmp));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	152
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	153	tmp->pd_pinfo = ip;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	154	tmp->pd_setsize = sizeof (priv_chunk_t) * ip->priv_setsize;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	155	tmp->pd_ucredsize = UCRED_SIZE(ip);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	156
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	157	x = (char *)ip;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	158	x += ip->priv_headersize;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	159
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	160	while (x < ((char *)ip) + size) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	161	/* LINTED: alignment */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	162	priv_info_names_t na = (priv_info_names_t )x;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	163	/* LINTED: alignment */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	164	priv_info_set_t st = (priv_info_set_t )x;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	165	struct strint *tmparr;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	166
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	167	switch (na->info.priv_info_type) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	168	case PRIV_INFO_SETNAMES:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	169	if (parseninfo(na, &tmp->pd_setnames, &tmp->pd_nsets))
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	170	goto out;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	171	break;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	172	case PRIV_INFO_PRIVNAMES:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	173	if (parseninfo(na, &tmp->pd_privnames, &tmp->pd_nprivs))
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	174	goto out;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	175	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	176	* We compute a sorted index which allows us
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	177	* to present a sorted list of privileges
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	178	* without actually having to sort it each time.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	179	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	180	tmp->pd_setsort = libc_malloc(tmp->pd_nprivs *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	181	sizeof (int));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	182	if (tmp->pd_setsort == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	183	goto out;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	184
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	185	tmparr = libc_malloc(tmp->pd_nprivs *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	186	sizeof (struct strint));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	187
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	188	if (tmparr == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	189	goto out;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	190
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	191	for (i = 0; i < tmp->pd_nprivs; i++) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	192	tmparr[i].rank = i;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	193	tmparr[i].name = tmp->pd_privnames[i];
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	194	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	195	qsort(tmparr, tmp->pd_nprivs, sizeof (struct strint),
6812 febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	196	strintcmp);
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	197	for (i = 0; i < tmp->pd_nprivs; i++)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	198	tmp->pd_setsort[i] = tmparr[i].rank;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	199	libc_free(tmparr);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	200	break;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	201	case PRIV_INFO_BASICPRIVS:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	202	tmp->pd_basicset = (priv_set_t *)&st->set[0];
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	203	break;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	204	default:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	205	/* unknown, ignore */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	206	break;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	207	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	208	x += na->info.priv_info_size;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	209	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	210	return (tmp);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	211	out:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	212	libc_free(tmp->pd_setnames);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	213	libc_free(tmp->pd_privnames);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	214	libc_free(tmp->pd_setsort);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	215	libc_free(tmp);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	216	return (NULL);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	217	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	218
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	219	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	220	* Caller must have allocated d->pd_pinfo and should free it,
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	221	* if necessary.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	222	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	223	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	224	__priv_free_info(priv_data_t *d)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	225	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	226	libc_free(d->pd_setnames);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	227	libc_free(d->pd_privnames);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	228	libc_free(d->pd_setsort);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	229	libc_free(d);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	230	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	231
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	232	/*
1059 11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	233	* Return with the pd_lock held and data loaded or indicate failure.
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	234	*/
1059 11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	235	int
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	236	lock_data(void)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	237	{
3864 2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	238	if (__priv_getdata() == NULL)
1059 11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	239	return (-1);
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	240
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	241	lmutex_lock(&pd_lock);
1059 11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	242	return (0);
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	243	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	244
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	245	boolean_t
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	246	refresh_data(void)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	247	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	248	priv_impl_info_t *ip, ii;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	249	priv_data_t *tmp;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	250	char p0, q0;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	251	int oldn, newn;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	252	int i;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	253
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	254	if (getprivinfo(&ii, sizeof (ii)) != 0 \|\|
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	255	ii.priv_max == privdata->pd_nprivs)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	256	return (B_FALSE);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	257
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	258	ip = alloca(PRIV_IMPL_INFO_SIZE(&ii));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	259
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	260	(void) getprivinfo(ip, PRIV_IMPL_INFO_SIZE(&ii));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	261
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	262	/* Parse the info; then copy the additional bits */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	263	tmp = __priv_parse_info(ip);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	264	if (tmp == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	265	return (B_FALSE);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	266
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	267	oldn = privdata->pd_nprivs;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	268	p0 = privdata->pd_privnames[0];
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	269
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	270	newn = tmp->pd_nprivs;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	271	q0 = tmp->pd_privnames[0];
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	272
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	273	/* copy the extra information to the old datastructure */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	274	(void) memcpy((char *)privdata->pd_pinfo + sizeof (priv_impl_info_t),
6812 febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	275	(char *)ip + sizeof (priv_impl_info_t),
febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	276	PRIV_IMPL_INFO_SIZE(ip) - sizeof (priv_impl_info_t));
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	277
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	278	/* Copy the first oldn pointers */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	279	(void) memcpy(tmp->pd_privnames, privdata->pd_privnames,
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	280	oldn * sizeof (char *));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	281
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	282	/* Adjust the rest */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	283	for (i = oldn; i < newn; i++)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	284	tmp->pd_privnames[i] += p0 - q0;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	285
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	286	/* Install the larger arrays */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	287	libc_free(privdata->pd_privnames);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	288	privdata->pd_privnames = tmp->pd_privnames;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	289	tmp->pd_privnames = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	290
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	291	libc_free(privdata->pd_setsort);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	292	privdata->pd_setsort = tmp->pd_setsort;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	293	tmp->pd_setsort = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	294
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	295	/* Copy the rest of the data */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	296	privdata->pd_pinfo = ip;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	297
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	298	privdata->pd_nprivs = newn;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	299
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	300	__priv_free_info(tmp);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	301	return (B_TRUE);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	302	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	303
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	304	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	305	unlock_data(void)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	306	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	307	lmutex_unlock(&pd_lock);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	308	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	309
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	310	static priv_set_t __priv_allocset(priv_data_t );
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	311
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	312	priv_data_t *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	313	__priv_getdata(void)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	314	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	315	if (privdata == NULL) {
3864 2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	316	lmutex_lock(&pd_lock);
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	317	if (privdata == NULL) {
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	318	priv_data_t *tmp;
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	319	priv_impl_info_t *ip;
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	320	size_t size = sizeof (priv_impl_info_t) + 2048;
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	321	size_t realsize;
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	322	priv_impl_info_t *aip = alloca(size);
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	323
3864 2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	324	if (getprivinfo(aip, size) != 0)
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	325	goto out;
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	326
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	327	realsize = PRIV_IMPL_INFO_SIZE(aip);
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	328
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	329	ip = libc_malloc(realsize);
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	330
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	331	if (ip == NULL)
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	332	goto out;
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	333
3864 2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	334	if (realsize <= size) {
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	335	(void) memcpy(ip, aip, realsize);
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	336	} else if (getprivinfo(ip, realsize) != 0) {
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	337	libc_free(ip);
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	338	goto out;
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	339	}
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	340
3864 2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	341	if ((tmp = __priv_parse_info(ip)) == NULL) {
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	342	libc_free(ip);
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	343	goto out;
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	344	}
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	345
3864 2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	346	/* Allocate the zoneset just once, here */
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	347	tmp->pd_zoneset = __priv_allocset(tmp);
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	348	if (tmp->pd_zoneset == NULL)
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	349	goto clean;
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	350
3864 2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	351	if (zone_getattr(getzoneid(), ZONE_ATTR_PRIVSET,
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	352	tmp->pd_zoneset, tmp->pd_setsize)
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	353	== tmp->pd_setsize) {
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	354	membar_producer();
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	355	privdata = tmp;
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	356	goto out;
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	357	}
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	358
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	359	priv_freeset(tmp->pd_zoneset);
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	360	clean:
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	361	__priv_free_info(tmp);
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	362	libc_free(ip);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	363	}
3864 2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	364	out:
2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	365	lmutex_unlock(&pd_lock);
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	366	}
3864 2ae506652d11 PSARC 2007/129 thr_keycreate_once raf parents: 1059 diff changeset	367	membar_consumer();
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	368	return (privdata);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	369	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	370
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	371	const priv_impl_info_t *
6812 febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	372	getprivimplinfo(void)
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	373	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	374	priv_data_t *d;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	375
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	376	LOADPRIVDATA(d);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	377
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	378	return (d->pd_pinfo);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	379	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	380
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	381	static priv_set_t *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	382	priv_vlist(va_list ap)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	383	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	384	priv_set_t *pset = priv_allocset();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	385	const char *priv;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	386
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	387	if (pset == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	388	return (NULL);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	389
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	390	priv_emptyset(pset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	391
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	392	while ((priv = va_arg(ap, const char *)) != NULL) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	393	if (priv_addset(pset, priv) < 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	394	priv_freeset(pset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	395	return (NULL);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	396	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	397	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	398	return (pset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	399	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	400
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	401	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	402	* priv_set(op, set, priv_id1, priv_id2, ..., NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	403	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	404	* Library routine to enable a user process to set a specific
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	405	* privilege set appropriately using a single call. User is
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	406	* required to terminate the list of privileges with NULL.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	407	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	408	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	409	priv_set(priv_op_t op, priv_ptype_t setname, ...)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	410	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	411	va_list ap;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	412	priv_set_t *pset;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	413	int ret;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	414
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	415	va_start(ap, setname);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	416
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	417	pset = priv_vlist(ap);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	418
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	419	va_end(ap);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	420
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	421	if (pset == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	422	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	423
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	424	/* All sets */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	425	if (setname == NULL) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	426	priv_data_t *d;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	427	int set;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	428
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	429	LOADPRIVDATA(d);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	430
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	431	for (set = 0; set < d->pd_nsets; set++)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	432	if ((ret = syscall(SYS_privsys, PRIVSYS_SETPPRIV, op,
6812 febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	433	set, (void *)pset, d->pd_setsize)) != 0)
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	434	break;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	435	} else {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	436	ret = setppriv(op, setname, pset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	437	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	438
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	439	priv_freeset(pset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	440	return (ret);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	441	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	442
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	443	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	444	* priv_ineffect(privilege).
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: 4321 diff changeset	445	* tests the existence of a privilege against the effective set.
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	446	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	447	boolean_t
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	448	priv_ineffect(const char *priv)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	449	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	450	priv_set_t *curset;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	451	boolean_t res;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	452
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	453	curset = priv_allocset();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	454
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	455	if (curset == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	456	return (B_FALSE);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	457
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	458	if (getppriv(effective, curset) != 0 \|\|
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	459	!priv_ismember(curset, priv))
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	460	res = B_FALSE;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	461	else
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	462	res = B_TRUE;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	463
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	464	priv_freeset(curset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	465
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	466	return (res);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	467	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	468
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	469	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	470	* The routine __init_daemon_priv() is private to Solaris and is
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	471	* used by daemons to limit the privileges they can use and
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	472	* to set the uid they run under.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	473	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	474
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	475	static const char root_cp[] = "/core.%f.%t";
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	476	static const char daemon_cp[] = "/var/tmp/core.%f.%t";
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	477
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	478	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	479	__init_daemon_priv(int flags, uid_t uid, gid_t gid, ...)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	480	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	481	priv_set_t *nset;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	482	priv_set_t *perm = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	483	va_list pa;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	484	priv_data_t *d;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	485	int ret = -1;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	486	char buf[1024];
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	487
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	488	LOADPRIVDATA(d);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	489
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	490	va_start(pa, gid);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	491
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	492	nset = priv_vlist(pa);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	493
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	494	va_end(pa);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	495
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	496	if (nset == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	497	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	498
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	499	/* Always add the basic set */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	500	if (d->pd_basicset != NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	501	priv_union(d->pd_basicset, nset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	502
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	503	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	504	* This is not a significant failure: it allows us to start programs
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	505	* with sufficient privileges and with the proper uid. We don't
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	506	* care enough about the extra groups in that case.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	507	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	508	if (flags & PU_RESETGROUPS)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	509	(void) setgroups(0, NULL);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	510
4321 a8930ec16e52 PSARC 2007/064 Unified POSIX and Windows Credentials for Solaris casper parents: 3864 diff changeset	511	if (gid != (gid_t)-1 && setgid(gid) != 0)
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	512	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	513
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	514	perm = priv_allocset();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	515	if (perm == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	516	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	517
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	518	/* E = P */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	519	(void) getppriv(permitted, perm);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	520	(void) setppriv(PRIV_SET, effective, perm);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	521
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	522	/* Now reset suid and euid */
4321 a8930ec16e52 PSARC 2007/064 Unified POSIX and Windows Credentials for Solaris casper parents: 3864 diff changeset	523	if (uid != (uid_t)-1 && setreuid(uid, uid) != 0)
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	524	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	525
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	526	/* Check for the limit privs */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	527	if ((flags & PU_LIMITPRIVS) &&
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	528	setppriv(PRIV_SET, limit, nset) != 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	529	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	530
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	531	if (flags & PU_CLEARLIMITSET) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	532	priv_emptyset(perm);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	533	if (setppriv(PRIV_SET, limit, perm) != 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	534	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	535	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	536
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	537	/* Remove the privileges from all the other sets */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	538	if (setppriv(PRIV_SET, permitted, nset) != 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	539	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	540
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	541	if (!(flags & PU_INHERITPRIVS))
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	542	priv_emptyset(nset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	543
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	544	ret = setppriv(PRIV_SET, inheritable, nset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	545	end:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	546	priv_freeset(nset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	547	priv_freeset(perm);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	548
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	549	if (core_get_process_path(buf, sizeof (buf), getpid()) == 0 &&
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	550	strcmp(buf, "core") == 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	551
4321 a8930ec16e52 PSARC 2007/064 Unified POSIX and Windows Credentials for Solaris casper parents: 3864 diff changeset	552	if ((uid == (uid_t)-1 ? geteuid() : uid) == 0) {
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	553	(void) core_set_process_path(root_cp, sizeof (root_cp),
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	554	getpid());
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	555	} else {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	556	(void) core_set_process_path(daemon_cp,
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	557	sizeof (daemon_cp), getpid());
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	558	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	559	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	560	(void) setpflags(__PROC_PROTECT, 0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	561
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	562	return (ret);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	563	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	564
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	565	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	566	* The routine __fini_daemon_priv() is private to Solaris and is
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	567	* used by daemons to clear remaining unwanted privileges and
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	568	* reenable core dumps.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	569	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	570	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	571	__fini_daemon_priv(const char *priv, ...)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	572	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	573	priv_set_t *nset;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	574	va_list pa;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	575
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	576	va_start(pa, priv);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	577
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	578	if (priv != NULL) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	579	nset = priv_vlist(pa);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	580	if (nset == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	581	return;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	582
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	583	(void) priv_addset(nset, priv);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	584	(void) setppriv(PRIV_OFF, permitted, nset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	585	priv_freeset(nset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	586	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	587
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	588	va_end(pa);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	589
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	590	(void) setpflags(__PROC_PROTECT, 0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	591	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	592
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	593	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	594	* The routine __init_suid_priv() is private to Solaris and is
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	595	* used by set-uid root programs to limit the privileges acquired
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	596	* to those actually needed.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	597	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	598
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	599	static priv_set_t *bracketpriv;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	600
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	601	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	602	__init_suid_priv(int flags, ...)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	603	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	604	priv_set_t *nset = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	605	priv_set_t *tmpset = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	606	va_list pa;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	607	int r = -1;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	608	uid_t ruid, euid;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	609
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	610	euid = geteuid();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	611
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	612	/* If we're not set-uid root, don't reset the uid */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	613	if (euid == 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	614	ruid = getuid();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	615	/* If we're running as root, keep everything */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	616	if (ruid == 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	617	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	618	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	619
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	620	/* Can call this only once */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	621	if (bracketpriv != NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	622	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	623
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	624	va_start(pa, flags);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	625
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	626	nset = priv_vlist(pa);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	627
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	628	va_end(pa);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	629
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	630	if (nset == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	631	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	632
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	633	tmpset = priv_allocset();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	634
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	635	if (tmpset == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	636	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	637
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	638	/* We cannot grow our privileges beyond P, so start there */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	639	(void) getppriv(permitted, tmpset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	640
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	641	/* Is the privilege we need even in P? */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	642	if (!priv_issubset(nset, tmpset))
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	643	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	644
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	645	bracketpriv = priv_allocset();
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	646	if (bracketpriv == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	647	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	648
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	649	priv_copyset(nset, bracketpriv);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	650
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	651	/* Always add the basic set */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	652	priv_union(priv_basic(), nset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	653
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	654	/* But don't add what we don't have */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	655	priv_intersect(tmpset, nset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	656
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	657	(void) getppriv(inheritable, tmpset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	658
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	659	/* And stir in the inheritable privileges */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	660	priv_union(tmpset, nset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	661
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	662	if ((r = setppriv(PRIV_SET, effective, tmpset)) != 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	663	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	664
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	665	if ((r = setppriv(PRIV_SET, permitted, nset)) != 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	666	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	667
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	668	if (flags & PU_CLEARLIMITSET)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	669	priv_emptyset(nset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	670
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	671	if ((flags & (PU_LIMITPRIVS\|PU_CLEARLIMITSET)) != 0 &&
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	672	(r = setppriv(PRIV_SET, limit, nset)) != 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	673	goto end;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	674
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	675	if (euid == 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	676	r = setreuid(ruid, ruid);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	677
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	678	end:
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	679	priv_freeset(tmpset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	680	priv_freeset(nset);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	681	if (r != 0) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	682	/* Fail without leaving uid 0 around */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	683	if (euid == 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	684	(void) setreuid(ruid, ruid);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	685	priv_freeset(bracketpriv);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	686	bracketpriv = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	687	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	688
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	689	return (r);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	690	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	691
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	692	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	693	* Toggle privileges on/off in the effective set.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	694	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	695	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	696	__priv_bracket(priv_op_t op)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	697	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	698	/* We're running fully privileged or didn't check errors first time */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	699	if (bracketpriv == NULL)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	700	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	701
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	702	/* Only PRIV_ON and PRIV_OFF are valid */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	703	if (op == PRIV_SET)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	704	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	705
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	706	return (setppriv(op, effective, bracketpriv));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	707	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	708
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	709	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	710	* Remove privileges from E & P.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	711	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	712	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	713	__priv_relinquish(void)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	714	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	715	if (bracketpriv != NULL) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	716	(void) setppriv(PRIV_OFF, permitted, bracketpriv);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	717	priv_freeset(bracketpriv);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	718	bracketpriv = NULL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	719	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	720	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	721
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	722	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	723	* Use binary search on the ordered list.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	724	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	725	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	726	__priv_getbyname(const priv_data_t d, const char name)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	727	{
1059 11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	728	char const list;
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	729	const int *order;
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	730	int lo = 0;
1059 11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	731	int hi;
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	732
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	733	if (d == NULL)
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	734	return (-1);
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	735
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	736	list = d->pd_privnames;
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	737	order = d->pd_setsort;
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	738	hi = d->pd_nprivs - 1;
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	739
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	740	if (strncasecmp(name, "priv_", 5) == 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	741	name += 5;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	742
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	743	do {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	744	int mid = (lo + hi) / 2;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	745	int res = strcasecmp(name, list[order[mid]]);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	746
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	747	if (res == 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	748	return (order[mid]);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	749	else if (res < 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	750	hi = mid - 1;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	751	else
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	752	lo = mid + 1;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	753	} while (lo <= hi);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	754
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	755	errno = EINVAL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	756	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	757	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	758
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	759	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	760	priv_getbyname(const char *name)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	761	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	762	WITHPRIVLOCKED(int, -1, __priv_getbyname(GETPRIVDATA(), name));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	763	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	764
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	765	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	766	__priv_getsetbyname(const priv_data_t d, const char name)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	767	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	768	int i;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	769	int n = d->pd_nsets;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	770	char const list = d->pd_setnames;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	771
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	772	if (strncasecmp(name, "priv_", 5) == 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	773	name += 5;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	774
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	775	for (i = 0; i < n; i++) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	776	if (strcasecmp(list[i], name) == 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	777	return (i);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	778	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	779
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	780	errno = EINVAL;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	781	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	782	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	783
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	784	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	785	priv_getsetbyname(const char *name)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	786	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	787	/* Not locked: sets don't change */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	788	return (__priv_getsetbyname(GETPRIVDATA(), name));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	789	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	790
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	791	static const char *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	792	priv_bynum(int i, int n, char **list)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	793	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	794	if (i < 0 \|\| i >= n)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	795	return (NULL);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	796
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	797	return (list[i]);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	798	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	799
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	800	const char *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	801	__priv_getbynum(const priv_data_t *d, int num)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	802	{
1059 11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	803	if (d == NULL)
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	804	return (NULL);
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	805	return (priv_bynum(num, d->pd_nprivs, d->pd_privnames));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	806	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	807
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	808	const char *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	809	priv_getbynum(int num)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	810	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	811	WITHPRIVLOCKED(const char *, NULL, __priv_getbynum(GETPRIVDATA(), num));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	812	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	813
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	814	const char *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	815	__priv_getsetbynum(const priv_data_t *d, int num)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	816	{
1059 11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	817	if (d == NULL)
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	818	return (NULL);
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	819	return (priv_bynum(num, d->pd_nsets, d->pd_setnames));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	820	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	821
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	822	const char *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	823	priv_getsetbynum(int num)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	824	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	825	return (__priv_getsetbynum(GETPRIVDATA(), num));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	826	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	827
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	828
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	829	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	830	* Privilege manipulation functions
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	831	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	832	* Without knowing the details of the privilege set implementation,
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	833	* opaque pointers can be used to manipulate sets at will.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	834	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	835
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	836	static priv_set_t *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	837	__priv_allocset(priv_data_t *d)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	838	{
1059 11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	839	if (d == NULL)
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	840	return (NULL);
11ef9d4a0acc 6255958 priv_* functions don't deal with resource problems, can deadlock casper parents: 0 diff changeset	841
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	842	return (libc_malloc(d->pd_setsize));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	843	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	844
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	845	priv_set_t *
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	846	priv_allocset(void)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	847	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	848	return (__priv_allocset(GETPRIVDATA()));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	849	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	850
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	851	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	852	priv_freeset(priv_set_t *p)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	853	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	854	int er = errno;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	855
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	856	libc_free(p);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	857	errno = er;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	858	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	859
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	860	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	861	__priv_emptyset(priv_data_t d, priv_set_t set)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	862	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	863	(void) memset(set, 0, d->pd_setsize);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	864	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	865
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	866	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	867	priv_emptyset(priv_set_t *set)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	868	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	869	__priv_emptyset(GETPRIVDATA(), set);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	870	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	871
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	872	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	873	__priv_fillset(priv_data_t d, priv_set_t set)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	874	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	875	(void) memset(set, ~0, d->pd_setsize);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	876	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	877
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	878	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	879	priv_fillset(priv_set_t *set)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	880	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	881	__priv_fillset(GETPRIVDATA(), set);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	882	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	883
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	884
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	885	#define PRIV_TEST_BODY_D(d, test) \
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	886	int i; \
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	887	\
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	888	for (i = d->pd_pinfo->priv_setsize; i-- > 0; ) \
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	889	if (!(test)) \
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	890	return (B_FALSE); \
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	891	\
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	892	return (B_TRUE)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	893
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	894	boolean_t
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	895	priv_isequalset(const priv_set_t a, const priv_set_t b)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	896	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	897	priv_data_t *d;
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	898
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	899	LOADPRIVDATA(d);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	900
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	901	return ((boolean_t)(memcmp(a, b, d->pd_setsize) == 0));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	902	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	903
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	904	boolean_t
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	905	__priv_isemptyset(priv_data_t d, const priv_set_t set)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	906	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	907	PRIV_TEST_BODY_D(d, ((priv_chunk_t *)set)[i] == 0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	908	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	909
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	910	boolean_t
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	911	priv_isemptyset(const priv_set_t *set)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	912	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	913	return (__priv_isemptyset(GETPRIVDATA(), set));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	914	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	915
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	916	boolean_t
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	917	__priv_isfullset(priv_data_t d, const priv_set_t set)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	918	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	919	PRIV_TEST_BODY_D(d, ((priv_chunk_t *)set)[i] == ~(priv_chunk_t)0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	920	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	921
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	922	boolean_t
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	923	priv_isfullset(const priv_set_t *set)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	924	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	925	return (__priv_isfullset(GETPRIVDATA(), set));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	926	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	927
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	928	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	929	* Return true if a is a subset of b
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	930	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	931	boolean_t
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	932	__priv_issubset(priv_data_t d, const priv_set_t a, const priv_set_t *b)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	933	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	934	PRIV_TEST_BODY_D(d, (((priv_chunk_t )a)[i] \| ((priv_chunk_t )b)[i]) ==
6812 febeba71273d PSARC 2008/309 expunge synonyms.h raf parents: 5331 diff changeset	935	((priv_chunk_t *)b)[i]);
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	936	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	937
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	938	boolean_t
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	939	priv_issubset(const priv_set_t a, const priv_set_t b)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	940	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	941	return (__priv_issubset(GETPRIVDATA(), a, b));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	942	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	943
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	944	#define PRIV_CHANGE_BODY(a, op, b) \
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	945	int i; \
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	946	priv_data_t *d; \
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	947	\
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	948	LOADPRIVDATA(d); \
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	949	\
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	950	for (i = 0; i < d->pd_pinfo->priv_setsize; i++) \
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	951	((priv_chunk_t *)a)[i] op \
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	952	((priv_chunk_t *)b)[i]
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	953
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	954	/* B = A ^ B */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	955	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	956	priv_intersect(const priv_set_t a, priv_set_t b)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	957	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	958	/* CSTYLED */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	959	PRIV_CHANGE_BODY(b, &=, a);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	960	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	961
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	962	/* B = A */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	963	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	964	priv_copyset(const priv_set_t a, priv_set_t b)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	965	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	966	/* CSTYLED */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	967	PRIV_CHANGE_BODY(b, =, a);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	968	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	969
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	970	/* B = A v B */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	971	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	972	priv_union(const priv_set_t a, priv_set_t b)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	973	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	974	/* CSTYLED */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	975	PRIV_CHANGE_BODY(b, \|=, a);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	976	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	977
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	978	/* A = ! A */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	979	void
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	980	priv_inverse(priv_set_t *a)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	981	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	982	PRIV_CHANGE_BODY(a, = ~, a);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	983	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	984
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	985	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	986	* Manipulating single privileges.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	987	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	988
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	989	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	990	priv_addset(priv_set_t a, const char p)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	991	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	992	int priv = priv_getbyname(p);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	993
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	994	if (priv < 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	995	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	996
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	997	PRIV_ADDSET(a, priv);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	998
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	999	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1000	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1001
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1002	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1003	priv_delset(priv_set_t a, const char p)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1004	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1005	int priv = priv_getbyname(p);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1006
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1007	if (priv < 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1008	return (-1);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1009
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1010	PRIV_DELSET(a, priv);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1011	return (0);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1012	}
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1013
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1014	boolean_t
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1015	priv_ismember(const priv_set_t a, const char p)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1016	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1017	int priv = priv_getbyname(p);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1018
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1019	if (priv < 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1020	return (B_FALSE);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1021
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1022	return ((boolean_t)PRIV_ISMEMBER(a, priv));
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1023	}

author	raf
	Fri, 06 Jun 2008 14:02:15 -0700
changeset 6812	febeba71273d
parent 5331	3047ad28a67b
child 11537	8eca52188202
permissions	-rw-r--r--