Minor fixes to library interface to improve POSIX.1e compliance. This

adds _np to a couple of function prototypes that provided more broad/useful
interfaces than POSIX.1e interfaces included.

Also, move from using a heuristic to identify POSIX.1e-semantic ACLs to
using different ACL types for non-POSIX.1e ACLs.  This should clean up the
existing fuzzy logic that determined when acl_sort() should be applied
before kernel submission.

lib/libc/posix1e/acl_calc_mask.c

@@ -41,7 +41,7 @@
  *
  * acl_calc_mask(): calculate an ACL_MASK entry for the ACL, then either
  * insert into the ACL if there is none already, or replace the existing
- * one.
+ * one.  This will act up if called on a non-POSIX.1e semantics ACL.
  */
 int
 acl_calc_mask(acl_t *acl_p)
@@ -51,9 +51,6 @@ acl_calc_mask(acl_t *acl_p)
 	int	mask_entry = -1;
 	int	i;
 
-	if (!acl_posix1e(acl))
-		return (0);
-	
 	/* search for ACL_MASK */
 	for (i = 0; i < acl->acl_cnt; i++)
 		if (acl->acl_entry[i].ae_tag == ACL_MASK)

lib/libc/posix1e/acl_delete.c

@@ -33,14 +33,6 @@
 #include <sys/acl.h>
 #include <sys/errno.h>
 
-int
-acl_delete_def_fd(int filedes)
-{
-
-        return (__acl_delete_fd(filedes, ACL_TYPE_DEFAULT));
-}
-
-
 int
 acl_delete_def_file(const char *path_p)
 {
@@ -50,7 +42,7 @@ acl_delete_def_file(const char *path_p)
 
 
 int
-acl_delete_file(const char *path_p, acl_type_t type)
+acl_delete_file_np(const char *path_p, acl_type_t type)
 {
 
 	return (__acl_delete_file(path_p, type));
@@ -58,7 +50,7 @@ acl_delete_file(const char *path_p, acl_type_t type)
 
 
 int
-acl_delete_fd(int filedes, acl_type_t type)
+acl_delete_fd_np(int filedes, acl_type_t type)
 {
 
 	return (__acl_delete_fd(filedes, type));

lib/libc/posix1e/acl_get.c

@@ -27,6 +27,8 @@
  */
 /*
  * acl_get_file - syscall wrapper for retrieving ACL by filename
+ * acl_get_fd - syscall wrapper for retrieving access ACL by fd
+ * acl_get_fd_np - syscall wrapper for retrieving ACL by fd (non-POSIX)
  */
 
 #include <sys/types.h>
@@ -54,9 +56,28 @@ acl_get_file(const char *path_p, acl_type_t type)
 	return (aclp);
 }
 
+acl_t
+acl_get_fd(int fd)
+{
+	struct acl	*aclp;
+	int	error;
+
+	aclp = acl_init(ACL_MAX_ENTRIES);
+	if (!aclp) {
+		return (0);
+	}
+
+	error = __acl_get_fd(fd, ACL_TYPE_ACCESS, aclp);
+	if (error) {
+		acl_free(aclp);
+		return (0);
+	}
+
+	return (aclp);
+}
 
 acl_t
-acl_get_fd(int fd, acl_type_t type)
+acl_get_fd_np(int fd, acl_type_t type)
 {
 	struct acl	*aclp;
 	int	error;

lib/libc/posix1e/acl_init.c

@@ -27,6 +27,7 @@
  */
 /*
  * acl_init -- return a fresh acl structure
+ * acl_dup -- duplicate an acl and return the new copy
  */
 
 #include <sys/types.h>
@@ -51,3 +52,16 @@ acl_init(int count)
 	return (acl);
 }
 
+acl_t
+acl_dup(acl_t acl)
+{
+	struct acl	*acl_new;
+
+	acl_new = acl_init(ACL_MAX_ENTRIES);
+	if (!acl_new)
+		return(NULL);
+
+	*acl_new = *acl;
+
+	return(acl_new);
+}

lib/libc/posix1e/acl_set.c

@@ -46,7 +46,7 @@ acl_set_file(const char *path_p, acl_type_t type, acl_t acl)
 {
 	int	error;
 
-	if (acl_posix1e(acl)) {
+	if (acl_posix1e(acl, type)) {
 		error = acl_sort(acl);
 		if (error) {
 			errno = error;
@@ -57,13 +57,26 @@ acl_set_file(const char *path_p, acl_type_t type, acl_t acl)
 	return (__acl_set_file(path_p, type, acl));
 }
 
-
 int
-acl_set_fd(int fd, acl_t acl, acl_type_t type)
+acl_set_fd(int fd, acl_t acl)
 {
 	int	error;
 
-	if (acl_posix1e(acl)) {
+	error = acl_sort(acl);
+	if (error) {
+		errno = error;
+		return(-1);
+	}
+
+	return (__acl_set_fd(fd, ACL_TYPE_ACCESS, acl));
+}
+
+int
+acl_set_fd_np(int fd, acl_t acl, acl_type_t type)
+{
+	int	error;
+
+	if (acl_posix1e(acl, type)) {
 		error = acl_sort(acl);
 		if (error) {
 			errno = error;

lib/libc/posix1e/acl_support.c

@@ -86,7 +86,6 @@ acl_entry_compare(struct acl_entry *a, struct acl_entry *b)
 	return (0);
 }
 
-
 /*
  * acl_sort -- sort ACL entries.
  * Give the opportunity to fail, althouh we don't currently have a way
@@ -102,49 +101,18 @@ acl_sort(acl_t acl)
 	return (0);
 }
 
-
 /*
- * acl_posix1e -- use a heuristic to determine if this is a POSIX.1e
- * semantics ACL.  This will be used by other routines to determine if
- * they should call acl_sort() on the ACL before submitting to the kernel,
- * as the POSIX.1e ACL semantics code requires sorted ACL submission.
- * Also, acl_valid will use this to determine if it understands the
- * semantics enough to check that the ACL is correct.
+ * acl_posix1e -- in what situations should we acl_sort before submission?
+ * We apply posix1e ACL semantics for any ACL of type ACL_TYPE_ACCESS or
+ * ACL_TYPE_DEFAULT
  */
 int
-acl_posix1e(acl_t acl)
+acl_posix1e(acl_t acl, acl_type_t type)
 {
-	int	i;
 
-	/* assume it's POSIX.1e, and return 0 if otherwise */
-
-	for (i = 0; i < acl->acl_cnt; i++) {
-		/* is the tag type POSIX.1e? */
-		switch(acl->acl_entry[i].ae_tag) {
-		case ACL_USER_OBJ:
-		case ACL_USER:
-		case ACL_GROUP_OBJ:
-		case ACL_GROUP:
-		case ACL_MASK:
-		case ACL_OTHER:
-			break;
-
-		default:
-			return (0);
-		}
-
-		/* are the permissions POSIX.1e, or FreeBSD extensions? */
-		if (((acl->acl_entry[i].ae_perm | ACL_POSIX1E_BITS) !=
-		    ACL_POSIX1E_BITS) &&
-		    ((acl->acl_entry[i].ae_perm | ACL_PERM_BITS) !=
-		    ACL_PERM_BITS))
-			return (0);
-	}
-
-	return(1);
+	return ((type == ACL_TYPE_ACCESS) || (type == ACL_TYPE_DEFAULT));
 }
 
-
 /*
  * acl_check -- given an ACL, check its validity.  This is mirrored from
  * code in sys/kern/kern_acl.c, and if changes are made in one, they should
@@ -385,7 +353,6 @@ acl_perm_to_string(acl_perm_t perm, ssize_t buf_len, char *buf)
 	return (0);
 }
 
-
 /*
  * given a string, return a permission describing it
  */
@@ -419,8 +386,6 @@ acl_string_to_perm(char *string, acl_perm_t *perm)
 	return (0);
 }
 
-
-
 /*
  * Add an ACL entry without doing much checking, et al
  */
@@ -442,7 +407,3 @@ acl_add_entry(acl_t acl, acl_tag_t tag, uid_t id, acl_perm_t perm)
 
 	return (0);
 }
-
-
-
-

lib/libc/posix1e/acl_support.h

@@ -36,7 +36,7 @@
 
 int	acl_check(struct acl *acl);
 int	acl_sort(acl_t acl);
-int	acl_posix1e(acl_t acl);
+int	acl_posix1e(acl_t acl, acl_type_t type);
 int	acl_id_to_name(acl_tag_t tag, uid_t id, ssize_t buf_len, char *buf);
 int	acl_name_to_id(acl_tag_t tag, char *name, uid_t *id);
 int	acl_perm_to_string(acl_perm_t perm, ssize_t buf_len, char *buf);

lib/libc/posix1e/acl_to_text.c

@@ -40,14 +40,12 @@
 
 #include "acl_support.h"
 
-
 /*
  * acl_to_text - generate a text form of an acl
  * spec says nothing about output ordering, so leave in acl order
  *
- * For the time-being, reject the printing of ACLs that aren't an
- * understood semantic.  Later on, we might want to try and have a
- * generic printing mechanism...
+ * This function will not produce nice results if it is called with
+ * a non-POSIX.1e semantics ACL.
  */
 char *
 acl_to_text(acl_t acl, ssize_t *len_p)
@@ -61,11 +59,6 @@ acl_to_text(acl_t acl, ssize_t *len_p)
 	acl_tag_t	ae_tag;
 	acl_perm_t	ae_perm, effective_perm, mask_perm;
 
-	if (!acl_posix1e(acl)) {
-		errno = EINVAL;
-		return (0);
-	}
-
 	buf = strdup("");
 
 	mask_perm = ACL_PERM_BITS;	/* effective is regular if no mask */
@@ -238,7 +231,3 @@ acl_to_text(acl_t acl, ssize_t *len_p)
 	if (buf) free(buf);
 	return (0);
 }
-
-
-
-

lib/libc/posix1e/acl_valid.c

@@ -69,7 +69,7 @@ acl_valid_file(const char *pathp, acl_type_t type, acl_t acl)
 {
 	int	error;
 
-	if (acl_posix1e(acl)) {
+	if (acl_posix1e(acl, type)) {
 		error = acl_sort(acl);
 		if (error) {
 			errno = error;
@@ -86,7 +86,7 @@ acl_valid_fd(int fd, acl_type_t type, acl_t acl)
 {
 	int	error;
 
-	if (acl_posix1e(acl)) {
+	if (acl_posix1e(acl, type)) {
 		error = acl_sort(acl);
 		if (error) {
 			errno = error;

lib/libposix1e/acl_calc_mask.c

@@ -41,7 +41,7 @@
  *
  * acl_calc_mask(): calculate an ACL_MASK entry for the ACL, then either
  * insert into the ACL if there is none already, or replace the existing
- * one.
+ * one.  This will act up if called on a non-POSIX.1e semantics ACL.
  */
 int
 acl_calc_mask(acl_t *acl_p)
@@ -51,9 +51,6 @@ acl_calc_mask(acl_t *acl_p)
 	int	mask_entry = -1;
 	int	i;
 
-	if (!acl_posix1e(acl))
-		return (0);
-	
 	/* search for ACL_MASK */
 	for (i = 0; i < acl->acl_cnt; i++)
 		if (acl->acl_entry[i].ae_tag == ACL_MASK)

lib/libposix1e/acl_delete.c

@@ -33,14 +33,6 @@
 #include <sys/acl.h>
 #include <sys/errno.h>
 
-int
-acl_delete_def_fd(int filedes)
-{
-
-        return (__acl_delete_fd(filedes, ACL_TYPE_DEFAULT));
-}
-
-
 int
 acl_delete_def_file(const char *path_p)
 {
@@ -50,7 +42,7 @@ acl_delete_def_file(const char *path_p)
 
 
 int
-acl_delete_file(const char *path_p, acl_type_t type)
+acl_delete_file_np(const char *path_p, acl_type_t type)
 {
 
 	return (__acl_delete_file(path_p, type));
@@ -58,7 +50,7 @@ acl_delete_file(const char *path_p, acl_type_t type)
 
 
 int
-acl_delete_fd(int filedes, acl_type_t type)
+acl_delete_fd_np(int filedes, acl_type_t type)
 {
 
 	return (__acl_delete_fd(filedes, type));

lib/libposix1e/acl_get.c

@@ -27,6 +27,8 @@
  */
 /*
  * acl_get_file - syscall wrapper for retrieving ACL by filename
+ * acl_get_fd - syscall wrapper for retrieving access ACL by fd
+ * acl_get_fd_np - syscall wrapper for retrieving ACL by fd (non-POSIX)
  */
 
 #include <sys/types.h>
@@ -54,9 +56,28 @@ acl_get_file(const char *path_p, acl_type_t type)
 	return (aclp);
 }
 
+acl_t
+acl_get_fd(int fd)
+{
+	struct acl	*aclp;
+	int	error;
+
+	aclp = acl_init(ACL_MAX_ENTRIES);
+	if (!aclp) {
+		return (0);
+	}
+
+	error = __acl_get_fd(fd, ACL_TYPE_ACCESS, aclp);
+	if (error) {
+		acl_free(aclp);
+		return (0);
+	}
+
+	return (aclp);
+}
 
 acl_t
-acl_get_fd(int fd, acl_type_t type)
+acl_get_fd_np(int fd, acl_type_t type)
 {
 	struct acl	*aclp;
 	int	error;

lib/libposix1e/acl_init.c

@@ -27,6 +27,7 @@
  */
 /*
  * acl_init -- return a fresh acl structure
+ * acl_dup -- duplicate an acl and return the new copy
  */
 
 #include <sys/types.h>
@@ -51,3 +52,16 @@ acl_init(int count)
 	return (acl);
 }
 
+acl_t
+acl_dup(acl_t acl)
+{
+	struct acl	*acl_new;
+
+	acl_new = acl_init(ACL_MAX_ENTRIES);
+	if (!acl_new)
+		return(NULL);
+
+	*acl_new = *acl;
+
+	return(acl_new);
+}

lib/libposix1e/acl_set.c

@@ -46,7 +46,7 @@ acl_set_file(const char *path_p, acl_type_t type, acl_t acl)
 {
 	int	error;
 
-	if (acl_posix1e(acl)) {
+	if (acl_posix1e(acl, type)) {
 		error = acl_sort(acl);
 		if (error) {
 			errno = error;
@@ -57,13 +57,26 @@ acl_set_file(const char *path_p, acl_type_t type, acl_t acl)
 	return (__acl_set_file(path_p, type, acl));
 }
 
-
 int
-acl_set_fd(int fd, acl_t acl, acl_type_t type)
+acl_set_fd(int fd, acl_t acl)
 {
 	int	error;
 
-	if (acl_posix1e(acl)) {
+	error = acl_sort(acl);
+	if (error) {
+		errno = error;
+		return(-1);
+	}
+
+	return (__acl_set_fd(fd, ACL_TYPE_ACCESS, acl));
+}
+
+int
+acl_set_fd_np(int fd, acl_t acl, acl_type_t type)
+{
+	int	error;
+
+	if (acl_posix1e(acl, type)) {
 		error = acl_sort(acl);
 		if (error) {
 			errno = error;

lib/libposix1e/acl_support.c

@@ -86,7 +86,6 @@ acl_entry_compare(struct acl_entry *a, struct acl_entry *b)
 	return (0);
 }
 
-
 /*
  * acl_sort -- sort ACL entries.
  * Give the opportunity to fail, althouh we don't currently have a way
@@ -102,49 +101,18 @@ acl_sort(acl_t acl)
 	return (0);
 }
 
-
 /*
- * acl_posix1e -- use a heuristic to determine if this is a POSIX.1e
- * semantics ACL.  This will be used by other routines to determine if
- * they should call acl_sort() on the ACL before submitting to the kernel,
- * as the POSIX.1e ACL semantics code requires sorted ACL submission.
- * Also, acl_valid will use this to determine if it understands the
- * semantics enough to check that the ACL is correct.
+ * acl_posix1e -- in what situations should we acl_sort before submission?
+ * We apply posix1e ACL semantics for any ACL of type ACL_TYPE_ACCESS or
+ * ACL_TYPE_DEFAULT
  */
 int
-acl_posix1e(acl_t acl)
+acl_posix1e(acl_t acl, acl_type_t type)
 {
-	int	i;
 
-	/* assume it's POSIX.1e, and return 0 if otherwise */
-
-	for (i = 0; i < acl->acl_cnt; i++) {
-		/* is the tag type POSIX.1e? */
-		switch(acl->acl_entry[i].ae_tag) {
-		case ACL_USER_OBJ:
-		case ACL_USER:
-		case ACL_GROUP_OBJ:
-		case ACL_GROUP:
-		case ACL_MASK:
-		case ACL_OTHER:
-			break;
-
-		default:
-			return (0);
-		}
-
-		/* are the permissions POSIX.1e, or FreeBSD extensions? */
-		if (((acl->acl_entry[i].ae_perm | ACL_POSIX1E_BITS) !=
-		    ACL_POSIX1E_BITS) &&
-		    ((acl->acl_entry[i].ae_perm | ACL_PERM_BITS) !=
-		    ACL_PERM_BITS))
-			return (0);
-	}
-
-	return(1);
+	return ((type == ACL_TYPE_ACCESS) || (type == ACL_TYPE_DEFAULT));
 }
 
-
 /*
  * acl_check -- given an ACL, check its validity.  This is mirrored from
  * code in sys/kern/kern_acl.c, and if changes are made in one, they should
@@ -385,7 +353,6 @@ acl_perm_to_string(acl_perm_t perm, ssize_t buf_len, char *buf)
 	return (0);
 }
 
-
 /*
  * given a string, return a permission describing it
  */
@@ -419,8 +386,6 @@ acl_string_to_perm(char *string, acl_perm_t *perm)
 	return (0);
 }
 
-
-
 /*
  * Add an ACL entry without doing much checking, et al
  */
@@ -442,7 +407,3 @@ acl_add_entry(acl_t acl, acl_tag_t tag, uid_t id, acl_perm_t perm)
 
 	return (0);
 }
-
-
-
-

lib/libposix1e/acl_support.h

@@ -36,7 +36,7 @@
 
 int	acl_check(struct acl *acl);
 int	acl_sort(acl_t acl);
-int	acl_posix1e(acl_t acl);
+int	acl_posix1e(acl_t acl, acl_type_t type);
 int	acl_id_to_name(acl_tag_t tag, uid_t id, ssize_t buf_len, char *buf);
 int	acl_name_to_id(acl_tag_t tag, char *name, uid_t *id);
 int	acl_perm_to_string(acl_perm_t perm, ssize_t buf_len, char *buf);

lib/libposix1e/acl_to_text.c

@@ -40,14 +40,12 @@
 
 #include "acl_support.h"
 
-
 /*
  * acl_to_text - generate a text form of an acl
  * spec says nothing about output ordering, so leave in acl order
  *
- * For the time-being, reject the printing of ACLs that aren't an
- * understood semantic.  Later on, we might want to try and have a
- * generic printing mechanism...
+ * This function will not produce nice results if it is called with
+ * a non-POSIX.1e semantics ACL.
  */
 char *
 acl_to_text(acl_t acl, ssize_t *len_p)
@@ -61,11 +59,6 @@ acl_to_text(acl_t acl, ssize_t *len_p)
 	acl_tag_t	ae_tag;
 	acl_perm_t	ae_perm, effective_perm, mask_perm;
 
-	if (!acl_posix1e(acl)) {
-		errno = EINVAL;
-		return (0);
-	}
-
 	buf = strdup("");
 
 	mask_perm = ACL_PERM_BITS;	/* effective is regular if no mask */
@@ -238,7 +231,3 @@ acl_to_text(acl_t acl, ssize_t *len_p)
 	if (buf) free(buf);
 	return (0);
 }
-
-
-
-

lib/libposix1e/acl_valid.c

@@ -69,7 +69,7 @@ acl_valid_file(const char *pathp, acl_type_t type, acl_t acl)
 {
 	int	error;
 
-	if (acl_posix1e(acl)) {
+	if (acl_posix1e(acl, type)) {
 		error = acl_sort(acl);
 		if (error) {
 			errno = error;
@@ -86,7 +86,7 @@ acl_valid_fd(int fd, acl_type_t type, acl_t acl)
 {
 	int	error;
 
-	if (acl_posix1e(acl)) {
+	if (acl_posix1e(acl, type)) {
 		error = acl_sort(acl);
 		if (error) {
 			errno = error;

sys/sys/acl.h

@@ -74,6 +74,7 @@ typedef struct acl	*acl_t;
 
 #define	ACL_TYPE_ACCESS	0x00000000
 #define	ACL_TYPE_DEFAULT	0x00000001
+#define ACL_TYPE_AFS	0x00000003
 
 /*
  * Possible flags in a_perm field
@@ -134,19 +135,22 @@ __END_DECLS
  */
 __BEGIN_DECLS
 int	acl_calc_mask(acl_t *acl_p);
-int	acl_delete_def_fd(int filedes);
+int	acl_delete_fd_np(int filedes, acl_type_t type);
+int	acl_delete_file_np(const char *path_p, acl_type_t type);
 int	acl_delete_def_file(const char *path_p);
 int	acl_free(void *obj_p);
 acl_t	acl_from_text(const char *buf_p);
-acl_t	acl_get_fd(int fd, acl_type_t type);
+acl_t	acl_get_fd(int fd);
+acl_t	acl_get_fd_np(int fd, acl_type_t type);
 acl_t	acl_get_file(const char *path_p, acl_type_t type);
 acl_t	acl_init(int count);
-int	acl_set_fd(int fd, acl_t acl, acl_type_t type);
+int	acl_set_fd(int fd, acl_t acl);
+int	acl_set_fd_np(int fd, acl_t acl, acl_type_t type);
 int	acl_set_file(const char *path_p, acl_type_t type, acl_t acl);
 char	*acl_to_text(acl_t acl, ssize_t *len_p);
 int	acl_valid(acl_t acl);
-int	acl_valid_fd(int fd, acl_type_t type, acl_t acl);
-int	acl_valid_file(const char *path_p, acl_type_t type, acl_t acl);
+int	acl_valid_fd_np(int fd, acl_type_t type, acl_t acl);
+int	acl_valid_file_np(const char *path_p, acl_type_t type, acl_t acl);
 __END_DECLS
 
 #endif /* !_KERNEL */