svn commit: r208033 - head/lib/libc/posix1e

Edward Tomasz Napierala trasz at FreeBSD.org
Thu May 13 16:42:01 UTC 2010


Author: trasz
Date: Thu May 13 16:42:01 2010
New Revision: 208033
URL: http://svn.freebsd.org/changeset/base/208033

Log:
  Make it possible to actually use NFSv4 permission bits with acl_set_perm(3)
  and acl_delete_perm(3).  It went undetected, because neither setfacl(1)
  nor Samba use this routines.  D'oh.
  
  MFC after:	1 week

Modified:
  head/lib/libc/posix1e/acl_perm.c

Modified: head/lib/libc/posix1e/acl_perm.c
==============================================================================
--- head/lib/libc/posix1e/acl_perm.c	Thu May 13 15:44:49 2010	(r208032)
+++ head/lib/libc/posix1e/acl_perm.c	Thu May 13 16:42:01 2010	(r208033)
@@ -35,6 +35,20 @@ __FBSDID("$FreeBSD$");
 #include <errno.h>
 #include <string.h>
 
+static int
+_perm_is_invalid(acl_perm_t perm)
+{
+
+	/* Check if more than a single bit is set. */
+	if ((perm & -perm) == perm &&
+	    (perm & (ACL_POSIX1E_BITS | ACL_NFS4_PERM_BITS)) == perm)
+		return (0);
+
+	errno = EINVAL;
+
+	return (1);
+}
+
 /*
  * acl_add_perm() (23.4.1): add the permission contained in perm to the
  * permission set permset_d
@@ -43,18 +57,17 @@ int
 acl_add_perm(acl_permset_t permset_d, acl_perm_t perm)
 {
 
-	if (permset_d) {
-		switch(perm) {
-		case ACL_READ:
-		case ACL_WRITE:
-		case ACL_EXECUTE:
-			*permset_d |= perm;
-			return (0);
-		}
+	if (permset_d == NULL) {
+		errno = EINVAL;
+		return (-1);
 	}
 
-	errno = EINVAL;
-	return (-1);
+	if (_perm_is_invalid(perm))
+		return (-1);
+
+	*permset_d |= perm;
+
+	return (0);
 }
 
 /*
@@ -83,16 +96,15 @@ int
 acl_delete_perm(acl_permset_t permset_d, acl_perm_t perm)
 {
 
-	if (permset_d) {
-		switch(perm) {
-		case ACL_READ:
-		case ACL_WRITE:
-		case ACL_EXECUTE:
-			*permset_d &= ~(perm & ACL_PERM_BITS);
-			return (0);
-		}
+	if (permset_d == NULL) {
+		errno = EINVAL;
+		return (-1);
 	}
 
-	errno = EINVAL;
-	return (-1);
+	if (_perm_is_invalid(perm))
+		return (-1);
+
+	*permset_d &= ~perm;
+
+	return (0);
 }


More information about the svn-src-head mailing list