From owner-svn-src-head@freebsd.org Thu Feb 15 21:24:44 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A5085F1B952; Thu, 15 Feb 2018 21:24:44 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5868971153; Thu, 15 Feb 2018 21:24:44 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5348D24364; Thu, 15 Feb 2018 21:24:44 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1FLOiYY004067; Thu, 15 Feb 2018 21:24:44 GMT (envelope-from brooks@FreeBSD.org) Received: (from brooks@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1FLOi6M004066; Thu, 15 Feb 2018 21:24:44 GMT (envelope-from brooks@FreeBSD.org) Message-Id: <201802152124.w1FLOi6M004066@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brooks set sender to brooks@FreeBSD.org using -f From: Brooks Davis Date: Thu, 15 Feb 2018 21:24:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r329342 - head/sys/kern X-SVN-Group: head X-SVN-Commit-Author: brooks X-SVN-Commit-Paths: head/sys/kern X-SVN-Commit-Revision: 329342 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Feb 2018 21:24:44 -0000 Author: brooks Date: Thu Feb 15 21:24:43 2018 New Revision: 329342 URL: https://svnweb.freebsd.org/changeset/base/329342 Log: Reduce duplication in __acl_*_(file|link). Add const to new kern_ functions and push down as required. Reviewed by: rwatson Obtained from: CheriBSD Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D14174 Modified: head/sys/kern/vfs_acl.c Modified: head/sys/kern/vfs_acl.c ============================================================================== --- head/sys/kern/vfs_acl.c Thu Feb 15 21:06:56 2018 (r329341) +++ head/sys/kern/vfs_acl.c Thu Feb 15 21:24:43 2018 (r329342) @@ -67,12 +67,21 @@ CTASSERT(ACL_MAX_ENTRIES >= OLDACL_MAX_ENTRIES); MALLOC_DEFINE(M_ACL, "acl", "Access Control Lists"); + +static int kern___acl_aclcheck_path(struct thread *td, const char *path, + acl_type_t type, struct acl *aclp, int follow); +static int kern___acl_delete_path(struct thread *td, const char *path, + acl_type_t type, int follow); +static int kern___acl_get_path(struct thread *td, const char *path, + acl_type_t type, struct acl *aclp, int follow); +static int kern___acl_set_path(struct thread *td, const char *path, + acl_type_t type, const struct acl *aclp, int follow); static int vacl_set_acl(struct thread *td, struct vnode *vp, - acl_type_t type, struct acl *aclp); + acl_type_t type, const struct acl *aclp); static int vacl_get_acl(struct thread *td, struct vnode *vp, acl_type_t type, struct acl *aclp); static int vacl_aclcheck(struct thread *td, struct vnode *vp, - acl_type_t type, struct acl *aclp); + acl_type_t type, const struct acl *aclp); int acl_copy_oldacl_into_acl(const struct oldacl *source, struct acl *dest) @@ -130,7 +139,7 @@ acl_copy_acl_into_oldacl(const struct acl *source, str * format. */ static int -acl_copyin(void *user_acl, struct acl *kernel_acl, acl_type_t type) +acl_copyin(const void *user_acl, struct acl *kernel_acl, acl_type_t type) { int error; struct oldacl old; @@ -154,7 +163,7 @@ acl_copyin(void *user_acl, struct acl *kernel_acl, acl } static int -acl_copyout(struct acl *kernel_acl, void *user_acl, acl_type_t type) +acl_copyout(const struct acl *kernel_acl, void *user_acl, acl_type_t type) { uint32_t am; int error; @@ -218,7 +227,7 @@ acl_type_unold(int type) */ static int vacl_set_acl(struct thread *td, struct vnode *vp, acl_type_t type, - struct acl *aclp) + const struct acl *aclp) { struct acl *inkernelacl; struct mount *mp; @@ -319,7 +328,7 @@ out: */ static int vacl_aclcheck(struct thread *td, struct vnode *vp, acl_type_t type, - struct acl *aclp) + const struct acl *aclp) { struct acl *inkernelacl; int error; @@ -346,17 +355,9 @@ out: int sys___acl_get_file(struct thread *td, struct __acl_get_file_args *uap) { - struct nameidata nd; - int error; - NDINIT(&nd, LOOKUP, FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, - td); - error = namei(&nd); - if (error == 0) { - error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp); - NDFREE(&nd, 0); - } - return (error); + return (kern___acl_get_path(td, uap->path, uap->type, uap->aclp, + FOLLOW)); } /* @@ -365,14 +366,22 @@ sys___acl_get_file(struct thread *td, struct __acl_get int sys___acl_get_link(struct thread *td, struct __acl_get_link_args *uap) { + + return(kern___acl_get_path(td, uap->path, uap->type, uap->aclp, + NOFOLLOW)); +} + +static int +kern___acl_get_path(struct thread *td, const char *path, acl_type_t type, + struct acl *aclp, int follow) +{ struct nameidata nd; int error; - NDINIT(&nd, LOOKUP, NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, - td); + NDINIT(&nd, LOOKUP, follow | AUDITVNODE1, UIO_USERSPACE, path, td); error = namei(&nd); if (error == 0) { - error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp); + error = vacl_get_acl(td, nd.ni_vp, type, aclp); NDFREE(&nd, 0); } return (error); @@ -384,17 +393,9 @@ sys___acl_get_link(struct thread *td, struct __acl_get int sys___acl_set_file(struct thread *td, struct __acl_set_file_args *uap) { - struct nameidata nd; - int error; - NDINIT(&nd, LOOKUP, FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, - td); - error = namei(&nd); - if (error == 0) { - error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp); - NDFREE(&nd, 0); - } - return (error); + return(kern___acl_set_path(td, uap->path, uap->type, uap->aclp, + FOLLOW)); } /* @@ -403,14 +404,22 @@ sys___acl_set_file(struct thread *td, struct __acl_set int sys___acl_set_link(struct thread *td, struct __acl_set_link_args *uap) { + + return(kern___acl_set_path(td, uap->path, uap->type, uap->aclp, + NOFOLLOW)); +} + +static int +kern___acl_set_path(struct thread *td, const char *path, + acl_type_t type, const struct acl *aclp, int follow) +{ struct nameidata nd; int error; - NDINIT(&nd, LOOKUP, NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, - td); + NDINIT(&nd, LOOKUP, follow | AUDITVNODE1, UIO_USERSPACE, path, td); error = namei(&nd); if (error == 0) { - error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp); + error = vacl_set_acl(td, nd.ni_vp, type, aclp); NDFREE(&nd, 0); } return (error); @@ -462,16 +471,8 @@ sys___acl_set_fd(struct thread *td, struct __acl_set_f int sys___acl_delete_file(struct thread *td, struct __acl_delete_file_args *uap) { - struct nameidata nd; - int error; - NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td); - error = namei(&nd); - if (error == 0) { - error = vacl_delete(td, nd.ni_vp, uap->type); - NDFREE(&nd, 0); - } - return (error); + return (kern___acl_delete_path(td, uap->path, uap->type, FOLLOW)); } /* @@ -480,13 +481,21 @@ sys___acl_delete_file(struct thread *td, struct __acl_ int sys___acl_delete_link(struct thread *td, struct __acl_delete_link_args *uap) { + + return (kern___acl_delete_path(td, uap->path, uap->type, NOFOLLOW)); +} + +static int +kern___acl_delete_path(struct thread *td, const char *path, + acl_type_t type, int follow) +{ struct nameidata nd; int error; - NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, follow, UIO_USERSPACE, path, td); error = namei(&nd); if (error == 0) { - error = vacl_delete(td, nd.ni_vp, uap->type); + error = vacl_delete(td, nd.ni_vp, type); NDFREE(&nd, 0); } return (error); @@ -518,16 +527,9 @@ sys___acl_delete_fd(struct thread *td, struct __acl_de int sys___acl_aclcheck_file(struct thread *td, struct __acl_aclcheck_file_args *uap) { - struct nameidata nd; - int error; - NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td); - error = namei(&nd); - if (error == 0) { - error = vacl_aclcheck(td, nd.ni_vp, uap->type, uap->aclp); - NDFREE(&nd, 0); - } - return (error); + return (kern___acl_aclcheck_path(td, uap->path, uap->type, uap->aclp, + FOLLOW)); } /* @@ -536,13 +538,21 @@ sys___acl_aclcheck_file(struct thread *td, struct __ac int sys___acl_aclcheck_link(struct thread *td, struct __acl_aclcheck_link_args *uap) { + return (kern___acl_aclcheck_path(td, uap->path, uap->type, uap->aclp, + NOFOLLOW)); +} + +static int +kern___acl_aclcheck_path(struct thread *td, const char *path, acl_type_t type, + struct acl *aclp, int follow) +{ struct nameidata nd; int error; - NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, follow, UIO_USERSPACE, path, td); error = namei(&nd); if (error == 0) { - error = vacl_aclcheck(td, nd.ni_vp, uap->type, uap->aclp); + error = vacl_aclcheck(td, nd.ni_vp, type, aclp); NDFREE(&nd, 0); } return (error);