1*fa9e4066Sahrens /* 2*fa9e4066Sahrens * CDDL HEADER START 3*fa9e4066Sahrens * 4*fa9e4066Sahrens * The contents of this file are subject to the terms of the 5*fa9e4066Sahrens * Common Development and Distribution License, Version 1.0 only 6*fa9e4066Sahrens * (the "License"). You may not use this file except in compliance 7*fa9e4066Sahrens * with the License. 8*fa9e4066Sahrens * 9*fa9e4066Sahrens * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*fa9e4066Sahrens * or http://www.opensolaris.org/os/licensing. 11*fa9e4066Sahrens * See the License for the specific language governing permissions 12*fa9e4066Sahrens * and limitations under the License. 13*fa9e4066Sahrens * 14*fa9e4066Sahrens * When distributing Covered Code, include this CDDL HEADER in each 15*fa9e4066Sahrens * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*fa9e4066Sahrens * If applicable, add the following below this CDDL HEADER, with the 17*fa9e4066Sahrens * fields enclosed by brackets "[]" replaced with your own identifying 18*fa9e4066Sahrens * information: Portions Copyright [yyyy] [name of copyright owner] 19*fa9e4066Sahrens * 20*fa9e4066Sahrens * CDDL HEADER END 21*fa9e4066Sahrens */ 22*fa9e4066Sahrens /* 23*fa9e4066Sahrens * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 24*fa9e4066Sahrens * Use is subject to license terms. 25*fa9e4066Sahrens */ 26*fa9e4066Sahrens 27*fa9e4066Sahrens #ifndef _SYS_FS_ZFS_ACL_H 28*fa9e4066Sahrens #define _SYS_FS_ZFS_ACL_H 29*fa9e4066Sahrens 30*fa9e4066Sahrens #pragma ident "%Z%%M% %I% %E% SMI" 31*fa9e4066Sahrens 32*fa9e4066Sahrens #ifdef _KERNEL 33*fa9e4066Sahrens #include <sys/isa_defs.h> 34*fa9e4066Sahrens #include <sys/types32.h> 35*fa9e4066Sahrens #endif 36*fa9e4066Sahrens #include <sys/acl.h> 37*fa9e4066Sahrens #include <sys/dmu.h> 38*fa9e4066Sahrens 39*fa9e4066Sahrens #ifdef __cplusplus 40*fa9e4066Sahrens extern "C" { 41*fa9e4066Sahrens #endif 42*fa9e4066Sahrens 43*fa9e4066Sahrens struct znode_phys; 44*fa9e4066Sahrens 45*fa9e4066Sahrens #define ACCESS_UNDETERMINED -1 46*fa9e4066Sahrens 47*fa9e4066Sahrens #define ACE_SLOT_CNT 6 48*fa9e4066Sahrens 49*fa9e4066Sahrens typedef struct zfs_znode_acl { 50*fa9e4066Sahrens uint64_t z_acl_extern_obj; /* ext acl pieces */ 51*fa9e4066Sahrens uint32_t z_acl_count; /* Number of ACEs */ 52*fa9e4066Sahrens uint16_t z_acl_version; /* acl version */ 53*fa9e4066Sahrens uint16_t z_acl_state; /* goop */ 54*fa9e4066Sahrens ace_t z_ace_data[ACE_SLOT_CNT]; /* 6 standard ACEs */ 55*fa9e4066Sahrens } zfs_znode_acl_t; 56*fa9e4066Sahrens 57*fa9e4066Sahrens #define ACL_DATA_ALLOCED 0x1 58*fa9e4066Sahrens 59*fa9e4066Sahrens /* 60*fa9e4066Sahrens * Max ACL size is prepended deny for all entries + the 61*fa9e4066Sahrens * canonical six tacked on * the end. 62*fa9e4066Sahrens */ 63*fa9e4066Sahrens #define MAX_ACL_SIZE (MAX_ACL_ENTRIES * 2 + 6) 64*fa9e4066Sahrens 65*fa9e4066Sahrens typedef struct zfs_acl { 66*fa9e4066Sahrens int z_slots; /* number of allocated slots for ACEs */ 67*fa9e4066Sahrens int z_acl_count; 68*fa9e4066Sahrens uint_t z_state; 69*fa9e4066Sahrens ace_t *z_acl; 70*fa9e4066Sahrens } zfs_acl_t; 71*fa9e4066Sahrens 72*fa9e4066Sahrens #define ZFS_ACL_SIZE(aclcnt) (sizeof (ace_t) * (aclcnt)) 73*fa9e4066Sahrens 74*fa9e4066Sahrens /* 75*fa9e4066Sahrens * Property values for acl_mode and acl_inherit. 76*fa9e4066Sahrens * 77*fa9e4066Sahrens * acl_mode can take discard, noallow, groupmask and passthrough. 78*fa9e4066Sahrens * whereas acl_inherit has secure instead of groupmask. 79*fa9e4066Sahrens */ 80*fa9e4066Sahrens 81*fa9e4066Sahrens #define DISCARD 0 82*fa9e4066Sahrens #define NOALLOW 1 83*fa9e4066Sahrens #define GROUPMASK 2 84*fa9e4066Sahrens #define PASSTHROUGH 3 85*fa9e4066Sahrens #define SECURE 4 86*fa9e4066Sahrens 87*fa9e4066Sahrens struct znode; 88*fa9e4066Sahrens 89*fa9e4066Sahrens #ifdef _KERNEL 90*fa9e4066Sahrens void zfs_perm_init(struct znode *, struct znode *, int, vattr_t *, 91*fa9e4066Sahrens dmu_tx_t *, cred_t *); 92*fa9e4066Sahrens int zfs_getacl(struct znode *, vsecattr_t *, cred_t *); 93*fa9e4066Sahrens int zfs_mode_update(struct znode *, uint64_t, dmu_tx_t *); 94*fa9e4066Sahrens int zfs_setacl(struct znode *, vsecattr_t *, cred_t *); 95*fa9e4066Sahrens void zfs_acl_rele(void *); 96*fa9e4066Sahrens void zfs_ace_byteswap(ace_t *, int); 97*fa9e4066Sahrens extern int zfs_zaccess(struct znode *, int, cred_t *); 98*fa9e4066Sahrens extern int zfs_zaccess_rwx(struct znode *, mode_t, cred_t *); 99*fa9e4066Sahrens extern int zfs_acl_access(struct znode *, int, cred_t *); 100*fa9e4066Sahrens int zfs_acl_chmod_setattr(struct znode *, uint64_t, dmu_tx_t *); 101*fa9e4066Sahrens int zfs_zaccess_delete(struct znode *, struct znode *, cred_t *); 102*fa9e4066Sahrens int zfs_zaccess_rename(struct znode *, struct znode *, 103*fa9e4066Sahrens struct znode *, struct znode *, cred_t *cr); 104*fa9e4066Sahrens int zfs_zaccess_v4_perm(struct znode *, int, cred_t *); 105*fa9e4066Sahrens void zfs_acl_free(zfs_acl_t *); 106*fa9e4066Sahrens zfs_acl_t *zfs_acl_node_read(struct znode *); 107*fa9e4066Sahrens 108*fa9e4066Sahrens #endif 109*fa9e4066Sahrens 110*fa9e4066Sahrens #ifdef __cplusplus 111*fa9e4066Sahrens } 112*fa9e4066Sahrens #endif 113*fa9e4066Sahrens #endif /* _SYS_FS_ZFS_ACL_H */ 114