1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * CDDL HEADER START 3*7c478bd9Sstevel@tonic-gate * 4*7c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*7c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*7c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*7c478bd9Sstevel@tonic-gate * with the License. 8*7c478bd9Sstevel@tonic-gate * 9*7c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*7c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*7c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 12*7c478bd9Sstevel@tonic-gate * and limitations under the License. 13*7c478bd9Sstevel@tonic-gate * 14*7c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*7c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*7c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*7c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*7c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*7c478bd9Sstevel@tonic-gate * 20*7c478bd9Sstevel@tonic-gate * CDDL HEADER END 21*7c478bd9Sstevel@tonic-gate */ 22*7c478bd9Sstevel@tonic-gate /* 23*7c478bd9Sstevel@tonic-gate * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 24*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 25*7c478bd9Sstevel@tonic-gate */ 26*7c478bd9Sstevel@tonic-gate 27*7c478bd9Sstevel@tonic-gate /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ 28*7c478bd9Sstevel@tonic-gate /* All Rights Reserved */ 29*7c478bd9Sstevel@tonic-gate 30*7c478bd9Sstevel@tonic-gate /* 31*7c478bd9Sstevel@tonic-gate * Portions of this source code were derived from Berkeley 4.3 BSD 32*7c478bd9Sstevel@tonic-gate * under license from the Regents of the University of California. 33*7c478bd9Sstevel@tonic-gate */ 34*7c478bd9Sstevel@tonic-gate 35*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 36*7c478bd9Sstevel@tonic-gate 37*7c478bd9Sstevel@tonic-gate #include <sys/param.h> 38*7c478bd9Sstevel@tonic-gate #include <sys/isa_defs.h> 39*7c478bd9Sstevel@tonic-gate #include <sys/types.h> 40*7c478bd9Sstevel@tonic-gate #include <sys/sysmacros.h> 41*7c478bd9Sstevel@tonic-gate #include <sys/systm.h> 42*7c478bd9Sstevel@tonic-gate #include <sys/errno.h> 43*7c478bd9Sstevel@tonic-gate #include <sys/fcntl.h> 44*7c478bd9Sstevel@tonic-gate #include <sys/pathname.h> 45*7c478bd9Sstevel@tonic-gate #include <sys/var.h> 46*7c478bd9Sstevel@tonic-gate #include <sys/vfs.h> 47*7c478bd9Sstevel@tonic-gate #include <sys/vnode.h> 48*7c478bd9Sstevel@tonic-gate #include <sys/file.h> 49*7c478bd9Sstevel@tonic-gate #include <sys/mode.h> 50*7c478bd9Sstevel@tonic-gate #include <sys/proc.h> 51*7c478bd9Sstevel@tonic-gate #include <sys/uio.h> 52*7c478bd9Sstevel@tonic-gate #include <sys/filio.h> 53*7c478bd9Sstevel@tonic-gate #include <sys/fcntl.h> 54*7c478bd9Sstevel@tonic-gate #include <sys/debug.h> 55*7c478bd9Sstevel@tonic-gate #include <c2/audit.h> 56*7c478bd9Sstevel@tonic-gate 57*7c478bd9Sstevel@tonic-gate /* 58*7c478bd9Sstevel@tonic-gate * nmflag has the following values 59*7c478bd9Sstevel@tonic-gate * 60*7c478bd9Sstevel@tonic-gate * 1 - Always do lookup. i.e. chown, lchown. 61*7c478bd9Sstevel@tonic-gate * 2 - Name is optional i.e. fchownat 62*7c478bd9Sstevel@tonic-gate * 0 - Don't lookup name, vp is in file_p. i.e. fchown 63*7c478bd9Sstevel@tonic-gate * 64*7c478bd9Sstevel@tonic-gate */ 65*7c478bd9Sstevel@tonic-gate int 66*7c478bd9Sstevel@tonic-gate cfchownat(int fd, char *name, int nmflag, uid_t uid, gid_t gid, int flags) 67*7c478bd9Sstevel@tonic-gate { 68*7c478bd9Sstevel@tonic-gate vnode_t *startvp, *vp; 69*7c478bd9Sstevel@tonic-gate file_t *filefp; 70*7c478bd9Sstevel@tonic-gate struct vattr vattr; 71*7c478bd9Sstevel@tonic-gate int error = 0; 72*7c478bd9Sstevel@tonic-gate char startchar; 73*7c478bd9Sstevel@tonic-gate 74*7c478bd9Sstevel@tonic-gate if (uid < -1 || uid > MAXUID || gid < -1 || gid > MAXUID) 75*7c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 76*7c478bd9Sstevel@tonic-gate vattr.va_uid = uid; 77*7c478bd9Sstevel@tonic-gate vattr.va_gid = gid; 78*7c478bd9Sstevel@tonic-gate vattr.va_mask = 0; 79*7c478bd9Sstevel@tonic-gate if (vattr.va_uid != -1) 80*7c478bd9Sstevel@tonic-gate vattr.va_mask |= AT_UID; 81*7c478bd9Sstevel@tonic-gate if (vattr.va_gid != -1) 82*7c478bd9Sstevel@tonic-gate vattr.va_mask |= AT_GID; 83*7c478bd9Sstevel@tonic-gate 84*7c478bd9Sstevel@tonic-gate 85*7c478bd9Sstevel@tonic-gate if (fd == AT_FDCWD && name == NULL) 86*7c478bd9Sstevel@tonic-gate return (set_errno(EFAULT)); 87*7c478bd9Sstevel@tonic-gate 88*7c478bd9Sstevel@tonic-gate if (nmflag == 1 || (nmflag == 2 && name != NULL)) { 89*7c478bd9Sstevel@tonic-gate if (copyin(name, &startchar, sizeof (char))) 90*7c478bd9Sstevel@tonic-gate return (set_errno(EFAULT)); 91*7c478bd9Sstevel@tonic-gate } else 92*7c478bd9Sstevel@tonic-gate startchar = '\0'; 93*7c478bd9Sstevel@tonic-gate 94*7c478bd9Sstevel@tonic-gate 95*7c478bd9Sstevel@tonic-gate if (fd == AT_FDCWD) 96*7c478bd9Sstevel@tonic-gate startvp = NULL; 97*7c478bd9Sstevel@tonic-gate else { 98*7c478bd9Sstevel@tonic-gate /* 99*7c478bd9Sstevel@tonic-gate * only get fd if not doing absolute lookup 100*7c478bd9Sstevel@tonic-gate */ 101*7c478bd9Sstevel@tonic-gate if (startchar != '/' || nmflag == 0) { 102*7c478bd9Sstevel@tonic-gate if ((filefp = getf(fd)) == NULL) { 103*7c478bd9Sstevel@tonic-gate return (set_errno(EBADF)); 104*7c478bd9Sstevel@tonic-gate } 105*7c478bd9Sstevel@tonic-gate startvp = filefp->f_vnode; 106*7c478bd9Sstevel@tonic-gate VN_HOLD(startvp); 107*7c478bd9Sstevel@tonic-gate releasef(fd); 108*7c478bd9Sstevel@tonic-gate } else { 109*7c478bd9Sstevel@tonic-gate startvp = NULL; 110*7c478bd9Sstevel@tonic-gate } 111*7c478bd9Sstevel@tonic-gate } 112*7c478bd9Sstevel@tonic-gate 113*7c478bd9Sstevel@tonic-gate #if C2_AUDIT 114*7c478bd9Sstevel@tonic-gate if ((nmflag == 2) && audit_active) 115*7c478bd9Sstevel@tonic-gate audit_setfsat_path(1); 116*7c478bd9Sstevel@tonic-gate #endif /* C2_AUDIT */ 117*7c478bd9Sstevel@tonic-gate 118*7c478bd9Sstevel@tonic-gate /* 119*7c478bd9Sstevel@tonic-gate * Do lookups for chown, lchown and fchownat when name not NULL 120*7c478bd9Sstevel@tonic-gate */ 121*7c478bd9Sstevel@tonic-gate if ((nmflag == 2 && name != NULL) || nmflag == 1) { 122*7c478bd9Sstevel@tonic-gate if (error = lookupnameat(name, UIO_USERSPACE, 123*7c478bd9Sstevel@tonic-gate (flags == AT_SYMLINK_NOFOLLOW) ? 124*7c478bd9Sstevel@tonic-gate NO_FOLLOW : FOLLOW, 125*7c478bd9Sstevel@tonic-gate NULLVPP, &vp, startvp)) { 126*7c478bd9Sstevel@tonic-gate if (startvp != NULL) 127*7c478bd9Sstevel@tonic-gate VN_RELE(startvp); 128*7c478bd9Sstevel@tonic-gate return (set_errno(error)); 129*7c478bd9Sstevel@tonic-gate } 130*7c478bd9Sstevel@tonic-gate } else { 131*7c478bd9Sstevel@tonic-gate vp = startvp; 132*7c478bd9Sstevel@tonic-gate ASSERT(vp); 133*7c478bd9Sstevel@tonic-gate VN_HOLD(vp); 134*7c478bd9Sstevel@tonic-gate } 135*7c478bd9Sstevel@tonic-gate 136*7c478bd9Sstevel@tonic-gate if (vn_is_readonly(vp)) { 137*7c478bd9Sstevel@tonic-gate error = EROFS; 138*7c478bd9Sstevel@tonic-gate } else { 139*7c478bd9Sstevel@tonic-gate error = VOP_SETATTR(vp, &vattr, 0, CRED(), NULL); 140*7c478bd9Sstevel@tonic-gate } 141*7c478bd9Sstevel@tonic-gate 142*7c478bd9Sstevel@tonic-gate if (startvp != NULL) 143*7c478bd9Sstevel@tonic-gate VN_RELE(startvp); 144*7c478bd9Sstevel@tonic-gate if (vp != NULL) 145*7c478bd9Sstevel@tonic-gate VN_RELE(vp); 146*7c478bd9Sstevel@tonic-gate 147*7c478bd9Sstevel@tonic-gate if (error != 0) 148*7c478bd9Sstevel@tonic-gate return (set_errno(error)); 149*7c478bd9Sstevel@tonic-gate else 150*7c478bd9Sstevel@tonic-gate return (error); 151*7c478bd9Sstevel@tonic-gate } 152*7c478bd9Sstevel@tonic-gate /* 153*7c478bd9Sstevel@tonic-gate * Change ownership of file given file name. 154*7c478bd9Sstevel@tonic-gate */ 155*7c478bd9Sstevel@tonic-gate int 156*7c478bd9Sstevel@tonic-gate chown(char *fname, uid_t uid, gid_t gid) 157*7c478bd9Sstevel@tonic-gate { 158*7c478bd9Sstevel@tonic-gate return (cfchownat(AT_FDCWD, fname, 1, uid, gid, 0)); 159*7c478bd9Sstevel@tonic-gate } 160*7c478bd9Sstevel@tonic-gate 161*7c478bd9Sstevel@tonic-gate int 162*7c478bd9Sstevel@tonic-gate lchown(char *fname, uid_t uid, gid_t gid) 163*7c478bd9Sstevel@tonic-gate { 164*7c478bd9Sstevel@tonic-gate return (cfchownat(AT_FDCWD, fname, 1, uid, gid, AT_SYMLINK_NOFOLLOW)); 165*7c478bd9Sstevel@tonic-gate } 166*7c478bd9Sstevel@tonic-gate 167*7c478bd9Sstevel@tonic-gate /* 168*7c478bd9Sstevel@tonic-gate * Change ownership of file given file descriptor. 169*7c478bd9Sstevel@tonic-gate */ 170*7c478bd9Sstevel@tonic-gate int 171*7c478bd9Sstevel@tonic-gate fchown(int fd, uid_t uid, uid_t gid) 172*7c478bd9Sstevel@tonic-gate { 173*7c478bd9Sstevel@tonic-gate return (cfchownat(fd, NULL, 0, uid, gid, 0)); 174*7c478bd9Sstevel@tonic-gate } 175*7c478bd9Sstevel@tonic-gate 176*7c478bd9Sstevel@tonic-gate int 177*7c478bd9Sstevel@tonic-gate fchownat(int fd, char *name, uid_t uid, gid_t gid, int flags) 178*7c478bd9Sstevel@tonic-gate { 179*7c478bd9Sstevel@tonic-gate return (cfchownat(fd, name, 2, uid, gid, flags)); 180*7c478bd9Sstevel@tonic-gate 181*7c478bd9Sstevel@tonic-gate } 182