svn commit: r329342 - head/sys/kern
Brooks Davis
brooks at FreeBSD.org
Thu Feb 15 21:24:44 UTC 2018
Author: brooks
Date: Thu Feb 15 21:24:43 2018
New Revision: 329342
URL: https://svnweb.freebsd.org/changeset/base/329342
Log:
Reduce duplication in __acl_*_(file|link).
Add const to new kern_ functions and push down as required.
Reviewed by: rwatson
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D14174
Modified:
head/sys/kern/vfs_acl.c
Modified: head/sys/kern/vfs_acl.c
==============================================================================
--- head/sys/kern/vfs_acl.c Thu Feb 15 21:06:56 2018 (r329341)
+++ head/sys/kern/vfs_acl.c Thu Feb 15 21:24:43 2018 (r329342)
@@ -67,12 +67,21 @@ CTASSERT(ACL_MAX_ENTRIES >= OLDACL_MAX_ENTRIES);
MALLOC_DEFINE(M_ACL, "acl", "Access Control Lists");
+
+static int kern___acl_aclcheck_path(struct thread *td, const char *path,
+ acl_type_t type, struct acl *aclp, int follow);
+static int kern___acl_delete_path(struct thread *td, const char *path,
+ acl_type_t type, int follow);
+static int kern___acl_get_path(struct thread *td, const char *path,
+ acl_type_t type, struct acl *aclp, int follow);
+static int kern___acl_set_path(struct thread *td, const char *path,
+ acl_type_t type, const struct acl *aclp, int follow);
static int vacl_set_acl(struct thread *td, struct vnode *vp,
- acl_type_t type, struct acl *aclp);
+ acl_type_t type, const struct acl *aclp);
static int vacl_get_acl(struct thread *td, struct vnode *vp,
acl_type_t type, struct acl *aclp);
static int vacl_aclcheck(struct thread *td, struct vnode *vp,
- acl_type_t type, struct acl *aclp);
+ acl_type_t type, const struct acl *aclp);
int
acl_copy_oldacl_into_acl(const struct oldacl *source, struct acl *dest)
@@ -130,7 +139,7 @@ acl_copy_acl_into_oldacl(const struct acl *source, str
* format.
*/
static int
-acl_copyin(void *user_acl, struct acl *kernel_acl, acl_type_t type)
+acl_copyin(const void *user_acl, struct acl *kernel_acl, acl_type_t type)
{
int error;
struct oldacl old;
@@ -154,7 +163,7 @@ acl_copyin(void *user_acl, struct acl *kernel_acl, acl
}
static int
-acl_copyout(struct acl *kernel_acl, void *user_acl, acl_type_t type)
+acl_copyout(const struct acl *kernel_acl, void *user_acl, acl_type_t type)
{
uint32_t am;
int error;
@@ -218,7 +227,7 @@ acl_type_unold(int type)
*/
static int
vacl_set_acl(struct thread *td, struct vnode *vp, acl_type_t type,
- struct acl *aclp)
+ const struct acl *aclp)
{
struct acl *inkernelacl;
struct mount *mp;
@@ -319,7 +328,7 @@ out:
*/
static int
vacl_aclcheck(struct thread *td, struct vnode *vp, acl_type_t type,
- struct acl *aclp)
+ const struct acl *aclp)
{
struct acl *inkernelacl;
int error;
@@ -346,17 +355,9 @@ out:
int
sys___acl_get_file(struct thread *td, struct __acl_get_file_args *uap)
{
- struct nameidata nd;
- int error;
- NDINIT(&nd, LOOKUP, FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
- td);
- error = namei(&nd);
- if (error == 0) {
- error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp);
- NDFREE(&nd, 0);
- }
- return (error);
+ return (kern___acl_get_path(td, uap->path, uap->type, uap->aclp,
+ FOLLOW));
}
/*
@@ -365,14 +366,22 @@ sys___acl_get_file(struct thread *td, struct __acl_get
int
sys___acl_get_link(struct thread *td, struct __acl_get_link_args *uap)
{
+
+ return(kern___acl_get_path(td, uap->path, uap->type, uap->aclp,
+ NOFOLLOW));
+}
+
+static int
+kern___acl_get_path(struct thread *td, const char *path, acl_type_t type,
+ struct acl *aclp, int follow)
+{
struct nameidata nd;
int error;
- NDINIT(&nd, LOOKUP, NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
- td);
+ NDINIT(&nd, LOOKUP, follow | AUDITVNODE1, UIO_USERSPACE, path, td);
error = namei(&nd);
if (error == 0) {
- error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp);
+ error = vacl_get_acl(td, nd.ni_vp, type, aclp);
NDFREE(&nd, 0);
}
return (error);
@@ -384,17 +393,9 @@ sys___acl_get_link(struct thread *td, struct __acl_get
int
sys___acl_set_file(struct thread *td, struct __acl_set_file_args *uap)
{
- struct nameidata nd;
- int error;
- NDINIT(&nd, LOOKUP, FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
- td);
- error = namei(&nd);
- if (error == 0) {
- error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp);
- NDFREE(&nd, 0);
- }
- return (error);
+ return(kern___acl_set_path(td, uap->path, uap->type, uap->aclp,
+ FOLLOW));
}
/*
@@ -403,14 +404,22 @@ sys___acl_set_file(struct thread *td, struct __acl_set
int
sys___acl_set_link(struct thread *td, struct __acl_set_link_args *uap)
{
+
+ return(kern___acl_set_path(td, uap->path, uap->type, uap->aclp,
+ NOFOLLOW));
+}
+
+static int
+kern___acl_set_path(struct thread *td, const char *path,
+ acl_type_t type, const struct acl *aclp, int follow)
+{
struct nameidata nd;
int error;
- NDINIT(&nd, LOOKUP, NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
- td);
+ NDINIT(&nd, LOOKUP, follow | AUDITVNODE1, UIO_USERSPACE, path, td);
error = namei(&nd);
if (error == 0) {
- error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp);
+ error = vacl_set_acl(td, nd.ni_vp, type, aclp);
NDFREE(&nd, 0);
}
return (error);
@@ -462,16 +471,8 @@ sys___acl_set_fd(struct thread *td, struct __acl_set_f
int
sys___acl_delete_file(struct thread *td, struct __acl_delete_file_args *uap)
{
- struct nameidata nd;
- int error;
- NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td);
- error = namei(&nd);
- if (error == 0) {
- error = vacl_delete(td, nd.ni_vp, uap->type);
- NDFREE(&nd, 0);
- }
- return (error);
+ return (kern___acl_delete_path(td, uap->path, uap->type, FOLLOW));
}
/*
@@ -480,13 +481,21 @@ sys___acl_delete_file(struct thread *td, struct __acl_
int
sys___acl_delete_link(struct thread *td, struct __acl_delete_link_args *uap)
{
+
+ return (kern___acl_delete_path(td, uap->path, uap->type, NOFOLLOW));
+}
+
+static int
+kern___acl_delete_path(struct thread *td, const char *path,
+ acl_type_t type, int follow)
+{
struct nameidata nd;
int error;
- NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td);
+ NDINIT(&nd, LOOKUP, follow, UIO_USERSPACE, path, td);
error = namei(&nd);
if (error == 0) {
- error = vacl_delete(td, nd.ni_vp, uap->type);
+ error = vacl_delete(td, nd.ni_vp, type);
NDFREE(&nd, 0);
}
return (error);
@@ -518,16 +527,9 @@ sys___acl_delete_fd(struct thread *td, struct __acl_de
int
sys___acl_aclcheck_file(struct thread *td, struct __acl_aclcheck_file_args *uap)
{
- struct nameidata nd;
- int error;
- NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td);
- error = namei(&nd);
- if (error == 0) {
- error = vacl_aclcheck(td, nd.ni_vp, uap->type, uap->aclp);
- NDFREE(&nd, 0);
- }
- return (error);
+ return (kern___acl_aclcheck_path(td, uap->path, uap->type, uap->aclp,
+ FOLLOW));
}
/*
@@ -536,13 +538,21 @@ sys___acl_aclcheck_file(struct thread *td, struct __ac
int
sys___acl_aclcheck_link(struct thread *td, struct __acl_aclcheck_link_args *uap)
{
+ return (kern___acl_aclcheck_path(td, uap->path, uap->type, uap->aclp,
+ NOFOLLOW));
+}
+
+static int
+kern___acl_aclcheck_path(struct thread *td, const char *path, acl_type_t type,
+ struct acl *aclp, int follow)
+{
struct nameidata nd;
int error;
- NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td);
+ NDINIT(&nd, LOOKUP, follow, UIO_USERSPACE, path, td);
error = namei(&nd);
if (error == 0) {
- error = vacl_aclcheck(td, nd.ni_vp, uap->type, uap->aclp);
+ error = vacl_aclcheck(td, nd.ni_vp, type, aclp);
NDFREE(&nd, 0);
}
return (error);
More information about the svn-src-head
mailing list