lib/libpuffs/protect.c

   1 /* Created (MFS based):
   2  *   June 2011 (Evgeniy Ivanov)
   3  */
   4
   5 #include "fs.h"
   6 #include <minix/vfsif.h>
   7
   8 #include "puffs.h"
   9 #include "puffs_priv.h"
  10
  11 static int in_group(gid_t grp);
  12
  13
  14 /*===========================================================================*
  15  *                              fs_chmod                                     *
  16  *===========================================================================*/
  17 int fs_chmod()
  18 {
  19 /* Perform the chmod(name, mode) system call. */
  20   struct puffs_node *pn;
  21   mode_t mode;
  22   struct vattr va;
  23   PUFFS_MAKECRED(pcr, &global_kcred);
  24
  25   if (global_pu->pu_ops.puffs_node_setattr == NULL)
  26         return(EINVAL);
  27
  28   mode = (mode_t) fs_m_in.REQ_MODE;
  29
  30   if ((pn = puffs_pn_nodewalk(global_pu, 0, &fs_m_in.REQ_INODE_NR)) == NULL)
  31         return(EINVAL);
  32
  33   puffs_vattr_null(&va);
  34   /* Clear setgid bit if file is not in caller's grp */
  35   va.va_mode = (pn->pn_va.va_mode & ~ALL_MODES) | (mode & ALL_MODES);
  36   va.va_ctime.tv_nsec = 0;
  37   va.va_ctime.tv_sec = clock_time();
  38
  39   if (global_pu->pu_ops.puffs_node_setattr(global_pu, pn, &va, pcr) != 0)
  40         return(EINVAL);
  41
  42   /* Return full new mode to caller. */
  43   fs_m_out.RES_MODE = pn->pn_va.va_mode;
  44
  45   return(OK);
  46 }
  47
  48
  49 /*===========================================================================*
  50  *                              fs_chown                                     *
  51  *===========================================================================*/
  52 int fs_chown()
  53 {
  54   struct puffs_node *pn;
  55   struct vattr va;
  56   PUFFS_MAKECRED(pcr, &global_kcred);
  57
  58   if ((pn = puffs_pn_nodewalk(global_pu, 0, &fs_m_in.REQ_INODE_NR)) == NULL)
  59         return(EINVAL);
  60
  61   /* Not permitted to change the owner of a file on a read-only file sys. */
  62   if (!is_readonly_fs) {
  63         puffs_vattr_null(&va);
  64         va.va_uid = fs_m_in.REQ_UID;
  65         va.va_gid = fs_m_in.REQ_GID;
  66         va.va_mode = pn->pn_va.va_mode & ~(I_SET_UID_BIT | I_SET_GID_BIT);
  67         va.va_ctime.tv_nsec = 0;
  68         va.va_ctime.tv_sec = clock_time();
  69
  70         if (global_pu->pu_ops.puffs_node_setattr(global_pu, pn, &va, pcr) != 0)
  71                 return(EINVAL);
  72   }
  73
  74   /* Update caller on current mode, as it may have changed. */
  75   fs_m_out.RES_MODE = pn->pn_va.va_mode;
  76
  77   return(OK);
  78 }
  79
  80
  81 /*===========================================================================*
  82  *                              forbidden                                    *
  83  *===========================================================================*/
  84 int forbidden(register struct puffs_node *pn, mode_t access_desired)
  85 {
  86 /* Given a pointer to an pnode, 'pn', and the access desired, determine
  87  * if the access is allowed, and if not why not.  The routine looks up the
  88  * caller's uid in the 'fproc' table.  If access is allowed, OK is returned
  89  * if it is forbidden, EACCES is returned.
  90  */
  91
  92   register mode_t bits, perm_bits;
  93   int r, shift;
  94
  95   /* Isolate the relevant rwx bits from the mode. */
  96   bits = pn->pn_va.va_mode;
  97   if (caller_uid == SU_UID) {
  98         /* Grant read and write permission.  Grant search permission for
  99          * directories.  Grant execute permission (for non-directories) if
 100          * and only if one of the 'X' bits is set.
 101          */
 102         if ( (bits & I_TYPE) == I_DIRECTORY ||
 103              bits & ((X_BIT << 6) | (X_BIT << 3) | X_BIT))
 104                 perm_bits = R_BIT | W_BIT | X_BIT;
 105         else
 106                 perm_bits = R_BIT | W_BIT;
 107   } else {
 108         if (caller_uid == pn->pn_va.va_uid) shift = 6;  /* owner */
 109         else if (caller_gid == pn->pn_va.va_gid) shift = 3;     /* group */
 110         else if (in_group(pn->pn_va.va_gid) == OK) shift = 3;   /* other groups */
 111         else shift = 0;                                 /* other */
 112         perm_bits = (bits >> shift) & (R_BIT | W_BIT | X_BIT);
 113   }
 114
 115   /* If access desired is not a subset of what is allowed, it is refused. */
 116   r = OK;
 117   if ((perm_bits | access_desired) != perm_bits) r = EACCES;
 118
 119   /* Check to see if someone is trying to write on a file system that is
 120    * mounted read-only.
 121    */
 122   if (r == OK) {
 123         if (access_desired & W_BIT) {
 124                 r = is_readonly_fs ? EROFS : OK;
 125         }
 126   }
 127
 128   return(r);
 129 }
 130
 131
 132 /*===========================================================================*
 133  *                              in_group                                     *
 134  *===========================================================================*/
 135 static int in_group(gid_t grp)
 136 {
 137   int i;
 138   for(i = 0; i < credentials.vu_ngroups; i++)
 139         if (credentials.vu_sgroups[i] == grp)
 140                 return(OK);
 141
 142   return(EINVAL);
 143 }