xref: /illumos-gate/usr/src/uts/common/fs/zfs/sys/zfs_acl.h (revision fa9e4066f08beec538e775443c5be79dd423fcab)
1*fa9e4066Sahrens /*
2*fa9e4066Sahrens  * CDDL HEADER START
3*fa9e4066Sahrens  *
4*fa9e4066Sahrens  * The contents of this file are subject to the terms of the
5*fa9e4066Sahrens  * Common Development and Distribution License, Version 1.0 only
6*fa9e4066Sahrens  * (the "License").  You may not use this file except in compliance
7*fa9e4066Sahrens  * with the License.
8*fa9e4066Sahrens  *
9*fa9e4066Sahrens  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10*fa9e4066Sahrens  * or http://www.opensolaris.org/os/licensing.
11*fa9e4066Sahrens  * See the License for the specific language governing permissions
12*fa9e4066Sahrens  * and limitations under the License.
13*fa9e4066Sahrens  *
14*fa9e4066Sahrens  * When distributing Covered Code, include this CDDL HEADER in each
15*fa9e4066Sahrens  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16*fa9e4066Sahrens  * If applicable, add the following below this CDDL HEADER, with the
17*fa9e4066Sahrens  * fields enclosed by brackets "[]" replaced with your own identifying
18*fa9e4066Sahrens  * information: Portions Copyright [yyyy] [name of copyright owner]
19*fa9e4066Sahrens  *
20*fa9e4066Sahrens  * CDDL HEADER END
21*fa9e4066Sahrens  */
22*fa9e4066Sahrens /*
23*fa9e4066Sahrens  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
24*fa9e4066Sahrens  * Use is subject to license terms.
25*fa9e4066Sahrens  */
26*fa9e4066Sahrens 
27*fa9e4066Sahrens #ifndef	_SYS_FS_ZFS_ACL_H
28*fa9e4066Sahrens #define	_SYS_FS_ZFS_ACL_H
29*fa9e4066Sahrens 
30*fa9e4066Sahrens #pragma ident	"%Z%%M%	%I%	%E% SMI"
31*fa9e4066Sahrens 
32*fa9e4066Sahrens #ifdef _KERNEL
33*fa9e4066Sahrens #include <sys/isa_defs.h>
34*fa9e4066Sahrens #include <sys/types32.h>
35*fa9e4066Sahrens #endif
36*fa9e4066Sahrens #include <sys/acl.h>
37*fa9e4066Sahrens #include <sys/dmu.h>
38*fa9e4066Sahrens 
39*fa9e4066Sahrens #ifdef	__cplusplus
40*fa9e4066Sahrens extern "C" {
41*fa9e4066Sahrens #endif
42*fa9e4066Sahrens 
43*fa9e4066Sahrens struct znode_phys;
44*fa9e4066Sahrens 
45*fa9e4066Sahrens #define	ACCESS_UNDETERMINED	-1
46*fa9e4066Sahrens 
47*fa9e4066Sahrens #define	ACE_SLOT_CNT	6
48*fa9e4066Sahrens 
49*fa9e4066Sahrens typedef struct zfs_znode_acl {
50*fa9e4066Sahrens 	uint64_t	z_acl_extern_obj;	  /* ext acl pieces */
51*fa9e4066Sahrens 	uint32_t	z_acl_count;		  /* Number of ACEs */
52*fa9e4066Sahrens 	uint16_t	z_acl_version;		  /* acl version */
53*fa9e4066Sahrens 	uint16_t	z_acl_state;		  /* goop */
54*fa9e4066Sahrens 	ace_t		z_ace_data[ACE_SLOT_CNT]; /* 6 standard ACEs */
55*fa9e4066Sahrens } zfs_znode_acl_t;
56*fa9e4066Sahrens 
57*fa9e4066Sahrens #define	ACL_DATA_ALLOCED	0x1
58*fa9e4066Sahrens 
59*fa9e4066Sahrens /*
60*fa9e4066Sahrens  * Max ACL size is prepended deny for all entries + the
61*fa9e4066Sahrens  * canonical six tacked on * the end.
62*fa9e4066Sahrens  */
63*fa9e4066Sahrens #define	MAX_ACL_SIZE	(MAX_ACL_ENTRIES * 2 + 6)
64*fa9e4066Sahrens 
65*fa9e4066Sahrens typedef struct zfs_acl {
66*fa9e4066Sahrens 	int		z_slots;	/* number of allocated slots for ACEs */
67*fa9e4066Sahrens 	int		z_acl_count;
68*fa9e4066Sahrens 	uint_t		z_state;
69*fa9e4066Sahrens 	ace_t		*z_acl;
70*fa9e4066Sahrens } zfs_acl_t;
71*fa9e4066Sahrens 
72*fa9e4066Sahrens #define	ZFS_ACL_SIZE(aclcnt)	(sizeof (ace_t) * (aclcnt))
73*fa9e4066Sahrens 
74*fa9e4066Sahrens /*
75*fa9e4066Sahrens  * Property values for acl_mode and acl_inherit.
76*fa9e4066Sahrens  *
77*fa9e4066Sahrens  * acl_mode can take discard, noallow, groupmask and passthrough.
78*fa9e4066Sahrens  * whereas acl_inherit has secure instead of groupmask.
79*fa9e4066Sahrens  */
80*fa9e4066Sahrens 
81*fa9e4066Sahrens #define	DISCARD		0
82*fa9e4066Sahrens #define	NOALLOW		1
83*fa9e4066Sahrens #define	GROUPMASK	2
84*fa9e4066Sahrens #define	PASSTHROUGH	3
85*fa9e4066Sahrens #define	SECURE		4
86*fa9e4066Sahrens 
87*fa9e4066Sahrens struct znode;
88*fa9e4066Sahrens 
89*fa9e4066Sahrens #ifdef _KERNEL
90*fa9e4066Sahrens void zfs_perm_init(struct znode *, struct znode *, int, vattr_t *,
91*fa9e4066Sahrens     dmu_tx_t *, cred_t *);
92*fa9e4066Sahrens int zfs_getacl(struct znode *, vsecattr_t *, cred_t *);
93*fa9e4066Sahrens int zfs_mode_update(struct znode *, uint64_t, dmu_tx_t  *);
94*fa9e4066Sahrens int zfs_setacl(struct znode *, vsecattr_t *, cred_t *);
95*fa9e4066Sahrens void zfs_acl_rele(void *);
96*fa9e4066Sahrens void zfs_ace_byteswap(ace_t *, int);
97*fa9e4066Sahrens extern int zfs_zaccess(struct znode *, int, cred_t *);
98*fa9e4066Sahrens extern int zfs_zaccess_rwx(struct znode *, mode_t, cred_t *);
99*fa9e4066Sahrens extern int zfs_acl_access(struct znode *, int, cred_t *);
100*fa9e4066Sahrens int zfs_acl_chmod_setattr(struct znode *, uint64_t, dmu_tx_t *);
101*fa9e4066Sahrens int zfs_zaccess_delete(struct znode *, struct znode *, cred_t *);
102*fa9e4066Sahrens int zfs_zaccess_rename(struct znode *, struct znode *,
103*fa9e4066Sahrens     struct znode *, struct znode *, cred_t *cr);
104*fa9e4066Sahrens int zfs_zaccess_v4_perm(struct znode *, int, cred_t *);
105*fa9e4066Sahrens void zfs_acl_free(zfs_acl_t *);
106*fa9e4066Sahrens zfs_acl_t *zfs_acl_node_read(struct znode *);
107*fa9e4066Sahrens 
108*fa9e4066Sahrens #endif
109*fa9e4066Sahrens 
110*fa9e4066Sahrens #ifdef	__cplusplus
111*fa9e4066Sahrens }
112*fa9e4066Sahrens #endif
113*fa9e4066Sahrens #endif	/* _SYS_FS_ZFS_ACL_H */
114