2N/A/*
2N/A * CDDL HEADER START
2N/A *
2N/A * The contents of this file are subject to the terms of the
2N/A * Common Development and Distribution License (the "License").
2N/A * You may not use this file except in compliance with the License.
2N/A *
2N/A * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
2N/A * or http://www.opensolaris.org/os/licensing.
2N/A * See the License for the specific language governing permissions
2N/A * and limitations under the License.
2N/A *
2N/A * When distributing Covered Code, include this CDDL HEADER in each
2N/A * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
2N/A * If applicable, add the following below this CDDL HEADER, with the
2N/A * fields enclosed by brackets "[]" replaced with your own identifying
2N/A * information: Portions Copyright [yyyy] [name of copyright owner]
2N/A *
2N/A * CDDL HEADER END
2N/A */
2N/A
2N/A/*
2N/A * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
2N/A */
2N/A
2N/A#ifndef _PRIV_PRIVATE_H
2N/A#define _PRIV_PRIVATE_H
2N/A
2N/A
2N/A#include <sys/types.h>
2N/A#include <sys/priv.h>
2N/A#include <limits.h>
2N/A#include <sys/systm.h> /* for __lintzero */
2N/A#include <note.h>
2N/A
2N/A/*
2N/A * Libc private privilege data.
2N/A */
2N/A
2N/A#ifdef __cplusplus
2N/Aextern "C" {
2N/A#endif
2N/A
2N/A#define LOADPRIVDATA(d) d = __priv_getdata()
2N/A#define GETPRIVDATA() __priv_getdata()
2N/A#define LOCKPRIVDATA() { \
2N/A /* Data already allocated */ \
2N/A (void) lock_data(); \
2N/A (void) refresh_data(); \
2N/A }
2N/A#define UNLOCKPRIVDATA() unlock_data()
2N/A#define WITHPRIVLOCKED(t, b, x) do { \
2N/A t __result; \
2N/A if (lock_data() != 0) \
2N/A return (b); \
2N/A __result = (x); \
2N/A if (__result == (b) && refresh_data()) \
2N/A __result = (x); \
2N/A unlock_data(); \
2N/A return (__result); \
2N/A NOTE(NOTREACHED);\
2N/A } while (__lintzero)
2N/A
2N/A/*
2N/A * Privilege mask macros.
2N/A */
2N/A#define __NBWRD (CHAR_BIT * sizeof (priv_chunk_t))
2N/A#define privmask(n) (1 << ((__NBWRD - 1) - ((n) % __NBWRD)))
2N/A#define privword(n) ((n)/__NBWRD)
2N/A
2N/A/*
2N/A * Same as the functions, but for numeric privileges.
2N/A */
2N/A#define PRIV_ADDSET(a, p) ((priv_chunk_t *)(a))[privword(p)] |= \
2N/A privmask(p)
2N/A#define PRIV_DELSET(a, p) ((priv_chunk_t *)(a))[privword(p)] &= \
2N/A ~privmask(p)
2N/A#define PRIV_ISMEMBER(a, p) ((((priv_chunk_t *)(a))[privword(p)] & \
2N/A privmask(p)) != 0)
2N/A
2N/A/*
2N/A * The structure is static except for the setsort, privnames and nprivs
2N/A * field. The pinfo structure initially has sufficient room and the kernel
2N/A * guarantees no offset changes so we can copy a new structure on top of it.
2N/A * The locking stratgegy is this: we lock it when we need to reference any
2N/A * of the volatile fields.
2N/A */
2N/Atypedef struct priv_data {
2N/A size_t pd_setsize; /* In bytes */
2N/A int pd_nsets, pd_nprivs;
2N/A uint32_t pd_ucredsize;
2N/A char **pd_setnames;
2N/A char **pd_privnames;
2N/A int *pd_setsort;
2N/A priv_impl_info_t *pd_pinfo;
2N/A priv_set_t *pd_basicset;
2N/A priv_set_t *pd_zoneset;
2N/A} priv_data_t;
2N/A
2N/Aextern priv_data_t *__priv_getdata(void);
2N/Aextern priv_data_t *__priv_parse_info(priv_impl_info_t *);
2N/Aextern void __priv_free_info(priv_data_t *);
2N/Aextern priv_data_t *privdata;
2N/A
2N/Aextern int lock_data(void);
2N/Aextern boolean_t refresh_data(void);
2N/Aextern void unlock_data(void);
2N/A
2N/Aextern boolean_t __priv_isemptyset(priv_data_t *, const priv_set_t *);
2N/Aextern boolean_t __priv_isfullset(priv_data_t *, const priv_set_t *);
2N/Aextern boolean_t __priv_issubset(priv_data_t *, const priv_set_t *,
2N/A const priv_set_t *);
2N/Aextern const char *__priv_getbynum(const priv_data_t *, int);
2N/A
2N/Aextern int getprivinfo(priv_impl_info_t *, size_t);
2N/A
2N/Aextern priv_set_t *priv_basic(void);
2N/A
2N/A#ifdef __cplusplus
2N/A}
2N/A#endif
2N/A
2N/A#endif /* _PRIV_PRIVATE_H */