Lines Matching refs:priv
117 * through a combination of parameters. The "priv" parameter indicates
120 * priv can be set to PRIV_ALL to indicate that all privileges are
128 * For (1), priv should be set to the specific privilege, and allzone
130 * For (2), priv should be set to the specific privilege, and allzone
132 * For (3), priv should be set to PRIV_ALL, and allzone should be set
150 #define FAST_BASIC_CHECK(cr, priv) \
151 if (PRIV_ISASSERT(&CR_OEPRIV(cr), priv)) { \
152 DTRACE_PROBE2(priv__ok, int, priv, boolean_t, B_FALSE); \
214 priv_policy_errmsg(const cred_t *cr, int priv, const char *msg)
231 ASSERT(priv == PRIV_ALL || priv == PRIV_MULTIPLE ||
232 priv == PRIV_ALLZONE || priv == PRIV_GLOBAL ||
233 priv_getbynum(priv) != NULL);
235 if (priv == PRIV_ALLZONE && INGLOBALZONE(me))
236 priv = PRIV_ALL;
239 ttolwp(curthread)->lwp_badpriv = (short)priv;
285 switch (priv) {
299 pname = priv_getbynum(priv);
326 priv_policy_override(const cred_t *cr, int priv, boolean_t allzone, va_list ap)
334 if (priv == PRIV_ALL) {
340 priv_addset(&set, priv);
373 priv_policy_err(const cred_t *cr, int priv, boolean_t allzone, const char *msg)
377 audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 0);
378 DTRACE_PROBE2(priv__err, int, priv, boolean_t, allzone);
385 ASSERT(!HAS_PRIVILEGE(cr, priv));
386 priv_policy_errmsg(cr, priv, msg);
394 * See block comment above for a description of "priv" and "allzone" usage.
397 priv_policy_ap(const cred_t *cr, int priv, boolean_t allzone, int err,
400 if ((HAS_PRIVILEGE(cr, priv) && (!allzone || HAS_ALLZONEPRIVS(cr))) ||
402 priv_policy_override(cr, priv, allzone, ap) == 0)) {
403 if ((allzone || priv == PRIV_ALL ||
404 !PRIV_ISASSERT(priv_basic, priv)) &&
408 audit_priv(priv,
412 DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);
415 priv_policy_err(cr, priv, allzone, msg);
421 priv_policy_va(const cred_t *cr, int priv, boolean_t allzone, int err,
428 ret = priv_policy_ap(cr, priv, allzone, err, msg, ap);
435 priv_policy(const cred_t *cr, int priv, boolean_t allzone, int err,
438 return (priv_policy_va(cr, priv, allzone, err, msg, KLPDARG_NONE));
445 priv_policy_choice(const cred_t *cr, int priv, boolean_t allzone)
447 boolean_t res = HAS_PRIVILEGE(cr, priv) &&
452 (allzone || priv == PRIV_ALL || !PRIV_ISASSERT(priv_basic, priv)) &&
454 audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 1);
457 DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);
459 DTRACE_PROBE2(priv__err, int, priv, boolean_t, allzone);
468 priv_policy_only(const cred_t *cr, int priv, boolean_t allzone)
470 boolean_t res = HAS_PRIVILEGE(cr, priv) &&
474 DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);
476 DTRACE_PROBE2(priv__err, int, priv, boolean_t, allzone);
488 int priv;
520 for (priv = 0; priv < nprivs; priv++) {
521 if (priv_ismember(&pset, priv)) {
528 pfound = priv;
587 int priv;
599 * priv SYS_SMB.
602 priv = PRIV_NET_PRIVADDR;
604 priv = PRIV_SYS_SMB;
614 priv = PRIV_SYS_NFS;
619 priv = PRIV_NET_PRIVADDR;
625 return (priv_policy_va(cr, priv, B_FALSE, EACCES, reason,
1051 int priv;
1053 switch (priv = privs[i]) {
1069 if (PRIV_POLICY_CHOICE(cr, priv, allzone))
1142 int priv;
1146 priv = PRIV_FILE_CHOWN;
1148 priv = HAS_PRIVILEGE(cred, PRIV_FILE_CHOWN) ?
1152 return (PRIV_POLICY(cred, priv, allzone, EPERM, NULL));
1610 int priv;
1613 priv = PRIV_SYS_AUDIT;
1615 priv = PRIV_PROC_AUDIT;
1618 return (!PRIV_POLICY_ONLY(cr, priv, B_FALSE));
1620 return (PRIV_POLICY(cr, priv, B_FALSE, EPERM, NULL));
2005 int priv = PRIV_ALL;
2009 priv = PRIV_SYS_IP_CONFIG;
2012 priv = PRIV_NET_RAWACCESS;
2015 priv = PRIV_NET_PRIVADDR;
2018 ASSERT(priv != PRIV_ALL);
2020 return (PRIV_POLICY_ONLY(cr, priv, B_FALSE) ? 0 : EPERM);
2022 return (PRIV_POLICY(cr, priv, B_FALSE, EPERM, NULL));
2032 int priv = PRIV_ALL;
2036 priv = PRIV_SYS_NET_CONFIG;
2039 priv = PRIV_NET_RAWACCESS;
2042 priv = PRIV_NET_PRIVADDR;
2045 ASSERT(priv != PRIV_ALL);
2047 return (PRIV_POLICY_ONLY(cr, priv, B_FALSE) ? 0 : EPERM);
2049 return (PRIV_POLICY(cr, priv, B_FALSE, EPERM, NULL));