diff options
author | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2016-11-01 13:37:31 +0100 |
---|---|---|
committer | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2016-11-01 13:37:31 +0100 |
commit | bc7ec3a7fb632b685d9fe2dbd12be4be4d4fde82 (patch) | |
tree | 6296ee3440a467012133e2d974e586f5b70f4c89 /sysdeps | |
parent | 12bdb857648466973b2695622b72cbc3d5ac1430 (diff) | |
parent | 258b100bf44ec5255ef594d6560ca3da03004577 (diff) |
Merge commit 'refs/top-bases/t/extern_inline' into t/extern_inline
Diffstat (limited to 'sysdeps')
-rw-r--r-- | sysdeps/mach/hurd/access.c | 120 | ||||
-rw-r--r-- | sysdeps/mach/hurd/euidaccess.c | 31 | ||||
-rw-r--r-- | sysdeps/mach/hurd/faccessat.c | 150 |
3 files changed, 139 insertions, 162 deletions
diff --git a/sysdeps/mach/hurd/access.c b/sysdeps/mach/hurd/access.c index c308340329..dc64183f96 100644 --- a/sysdeps/mach/hurd/access.c +++ b/sysdeps/mach/hurd/access.c @@ -16,131 +16,13 @@ <http://www.gnu.org/licenses/>. */ #include <unistd.h> -#include <hurd.h> -#include <hurd/port.h> -#include <hurd/id.h> -#include <hurd/lookup.h> #include <fcntl.h> /* Test for access to FILE by our real user and group IDs. */ int __access (const char *file, int type) { - error_t err; - file_t rcrdir, rcwdir, io; - int flags, allowed; - - error_t reauthenticate (int which, file_t *result) - { - /* Get a port to our root directory, authenticated with the real IDs. */ - error_t err; - mach_port_t ref; - ref = __mach_reply_port (); - err = HURD_PORT_USE - (&_hurd_ports[which], - ({ - err = __io_reauthenticate (port, ref, MACH_MSG_TYPE_MAKE_SEND); - if (!err) - err = __auth_user_authenticate (_hurd_id.rid_auth, - ref, MACH_MSG_TYPE_MAKE_SEND, - result); - err; - })); - __mach_port_destroy (__mach_task_self (), ref); - return err; - } - - error_t init_port (int which, error_t (*operate) (mach_port_t)) - { - switch (which) - { - case INIT_PORT_AUTH: - return (*operate) (_hurd_id.rid_auth); - case INIT_PORT_CRDIR: - return (reauthenticate (INIT_PORT_CRDIR, &rcrdir) ?: - (*operate) (rcrdir)); - case INIT_PORT_CWDIR: - return (reauthenticate (INIT_PORT_CWDIR, &rcwdir) ?: - (*operate) (rcwdir)); - default: - return _hurd_ports_use (which, operate); - } - } - - rcrdir = rcwdir = MACH_PORT_NULL; - - HURD_CRITICAL_BEGIN; - - __mutex_lock (&_hurd_id.lock); - /* Get _hurd_id up to date. */ - if (err = _hurd_check_ids ()) - goto lose; - - if (_hurd_id.rid_auth == MACH_PORT_NULL) - { - /* Set up _hurd_id.rid_auth. This is a special auth server port - which uses the real uid and gid (the first aux uid and gid) as - the only effective uid and gid. */ - - if (_hurd_id.aux.nuids < 1 || _hurd_id.aux.ngids < 1) - { - /* We do not have a real UID and GID. Lose, lose, lose! */ - err = EGRATUITOUS; - goto lose; - } - - /* Create a new auth port using our real UID and GID (the first - auxiliary UID and GID) as the only effective IDs. */ - if (err = __USEPORT (AUTH, - __auth_makeauth (port, - NULL, MACH_MSG_TYPE_COPY_SEND, 0, - _hurd_id.aux.uids, 1, - _hurd_id.aux.uids, - _hurd_id.aux.nuids, - _hurd_id.aux.gids, 1, - _hurd_id.aux.gids, - _hurd_id.aux.ngids, - &_hurd_id.rid_auth))) - goto lose; - } - - if (!err) - /* Look up the file name using the modified init ports. */ - err = __hurd_file_name_lookup (&init_port, &__getdport, 0, - file, 0, 0, &io); - - /* We are done with _hurd_id.rid_auth now. */ - lose: - __mutex_unlock (&_hurd_id.lock); - - HURD_CRITICAL_END; - - if (rcrdir != MACH_PORT_NULL) - __mach_port_deallocate (__mach_task_self (), rcrdir); - if (rcwdir != MACH_PORT_NULL) - __mach_port_deallocate (__mach_task_self (), rcwdir); - if (err) - return __hurd_fail (err); - - /* Find out what types of access we are allowed to this file. */ - err = __file_check_access (io, &allowed); - __mach_port_deallocate (__mach_task_self (), io); - if (err) - return __hurd_fail (err); - - flags = 0; - if (type & R_OK) - flags |= O_READ; - if (type & W_OK) - flags |= O_WRITE; - if (type & X_OK) - flags |= O_EXEC; - - if (flags & ~allowed) - /* We are not allowed all the requested types of access. */ - return __hurd_fail (EACCES); - - return 0; + return __faccessat (AT_FDCWD, file, type, 0); } weak_alias (__access, access) diff --git a/sysdeps/mach/hurd/euidaccess.c b/sysdeps/mach/hurd/euidaccess.c index ee512ff5e3..4949aa9365 100644 --- a/sysdeps/mach/hurd/euidaccess.c +++ b/sysdeps/mach/hurd/euidaccess.c @@ -16,42 +16,13 @@ License along with the GNU C Library; if not, see <http://www.gnu.org/licenses/>. */ -#include <errno.h> -#include <stddef.h> #include <unistd.h> #include <fcntl.h> -#include <hurd.h> int __euidaccess (const char *file, int type) { - error_t err; - file_t port; - int allowed, flags; - - port = __file_name_lookup (file, 0, 0); - if (port == MACH_PORT_NULL) - return -1; - - /* Find out what types of access we are allowed to this file. */ - err = __file_check_access (port, &allowed); - __mach_port_deallocate (__mach_task_self (), port); - if (err) - return __hurd_fail (err); - - flags = 0; - if (type & R_OK) - flags |= O_READ; - if (type & W_OK) - flags |= O_WRITE; - if (type & X_OK) - flags |= O_EXEC; - - if (flags & ~allowed) - /* We are not allowed all the requested types of access. */ - return __hurd_fail (EACCES); - - return 0; + return __faccessat (AT_FDCWD, file, type, AT_EACCESS); } weak_alias (__euidaccess, euidaccess) weak_alias (__euidaccess, eaccess) diff --git a/sysdeps/mach/hurd/faccessat.c b/sysdeps/mach/hurd/faccessat.c index 0a57ab627c..d88fa4ae57 100644 --- a/sysdeps/mach/hurd/faccessat.c +++ b/sysdeps/mach/hurd/faccessat.c @@ -23,29 +23,152 @@ #include <sys/types.h> #include <hurd.h> #include <hurd/fd.h> +#include <hurd/port.h> +#include <hurd/id.h> +#include <hurd/lookup.h> int -faccessat (int fd, const char *file, int type, int flag) +__faccessat (int fd, const char *file, int type, int at_flags) { error_t err; - file_t port; - int allowed, flags; + file_t rcrdir, rcwdir, io; + int flags, allowed; - if ((flag & AT_EACCESS) == 0) + if ((at_flags & AT_EACCESS) == AT_EACCESS) { - if (fd == AT_FDCWD || file[0] == '/') - return __access (file, type); - __set_errno (ENOTSUP); /* XXX later */ - return -1; + /* Use effective permissions. */ + io = __file_name_lookup_at (fd, at_flags &~ AT_EACCESS, file, 0, 0); + if (io == MACH_PORT_NULL) + return -1; } + else + { + /* We have to use real permissions instead of the + usual effective permissions. */ + + int hurd_flags = 0; + __hurd_at_flags (&at_flags, &hurd_flags); + + error_t reauthenticate_cwdir_at (file_t *result) + { + /* Get a port to the FD directory, authenticated with the real IDs. */ + error_t err; + mach_port_t ref; + ref = __mach_reply_port (); + err = HURD_DPORT_USE + (fd, + ({ + err = __io_reauthenticate (port, ref, MACH_MSG_TYPE_MAKE_SEND); + if (!err) + err = __auth_user_authenticate (_hurd_id.rid_auth, + ref, MACH_MSG_TYPE_MAKE_SEND, + result); + err; + })); + __mach_port_destroy (__mach_task_self (), ref); + return err; + } + + error_t reauthenticate (int which, file_t *result) + { + /* Get a port to our root directory, authenticated with the real IDs. */ + error_t err; + mach_port_t ref; + ref = __mach_reply_port (); + err = HURD_PORT_USE + (&_hurd_ports[which], + ({ + err = __io_reauthenticate (port, ref, MACH_MSG_TYPE_MAKE_SEND); + if (!err) + err = __auth_user_authenticate (_hurd_id.rid_auth, + ref, MACH_MSG_TYPE_MAKE_SEND, + result); + err; + })); + __mach_port_destroy (__mach_task_self (), ref); + return err; + } + + error_t init_port (int which, error_t (*operate) (mach_port_t)) + { + switch (which) + { + case INIT_PORT_AUTH: + return (*operate) (_hurd_id.rid_auth); + case INIT_PORT_CRDIR: + return (reauthenticate (INIT_PORT_CRDIR, &rcrdir) ?: + (*operate) (rcrdir)); + case INIT_PORT_CWDIR: + if (fd == AT_FDCWD || file[0] == '/') + return (reauthenticate (INIT_PORT_CWDIR, &rcwdir) ?: + (*operate) (rcwdir)); + else + return (reauthenticate_cwdir_at (&rcwdir) ?: + (*operate) (rcwdir)); + default: + return _hurd_ports_use (which, operate); + } + } + + rcrdir = rcwdir = MACH_PORT_NULL; + + HURD_CRITICAL_BEGIN; + + __mutex_lock (&_hurd_id.lock); + /* Get _hurd_id up to date. */ + if (err = _hurd_check_ids ()) + goto lose; - port = __file_name_lookup_at (fd, flag &~ AT_EACCESS, file, 0, 0); - if (port == MACH_PORT_NULL) - return -1; + if (_hurd_id.rid_auth == MACH_PORT_NULL) + { + /* Set up _hurd_id.rid_auth. This is a special auth server port + which uses the real uid and gid (the first aux uid and gid) as + the only effective uid and gid. */ + + if (_hurd_id.aux.nuids < 1 || _hurd_id.aux.ngids < 1) + { + /* We do not have a real UID and GID. Lose, lose, lose! */ + err = EGRATUITOUS; + goto lose; + } + + /* Create a new auth port using our real UID and GID (the first + auxiliary UID and GID) as the only effective IDs. */ + if (err = __USEPORT (AUTH, + __auth_makeauth (port, + NULL, MACH_MSG_TYPE_COPY_SEND, 0, + _hurd_id.aux.uids, 1, + _hurd_id.aux.uids, + _hurd_id.aux.nuids, + _hurd_id.aux.gids, 1, + _hurd_id.aux.gids, + _hurd_id.aux.ngids, + &_hurd_id.rid_auth))) + goto lose; + } + + if (!err) + /* Look up the file name using the modified init ports. */ + err = __hurd_file_name_lookup (&init_port, &__getdport, 0, + file, hurd_flags, 0, &io); + + /* We are done with _hurd_id.rid_auth now. */ + lose: + __mutex_unlock (&_hurd_id.lock); + + HURD_CRITICAL_END; + + if (rcrdir != MACH_PORT_NULL) + __mach_port_deallocate (__mach_task_self (), rcrdir); + if (rcwdir != MACH_PORT_NULL) + __mach_port_deallocate (__mach_task_self (), rcwdir); + if (err) + return __hurd_fail (err); + } /* Find out what types of access we are allowed to this file. */ - err = __file_check_access (port, &allowed); - __mach_port_deallocate (__mach_task_self (), port); + err = __file_check_access (io, &allowed); + __mach_port_deallocate (__mach_task_self (), io); if (err) return __hurd_fail (err); @@ -63,3 +186,4 @@ faccessat (int fd, const char *file, int type, int flag) return 0; } +weak_alias (__faccessat, faccessat) |