1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 
  22 /*
  23  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
  24  * Use is subject to license terms.
  25  */
  26 
  27 #ifndef _PRIV_PRIVATE_H
  28 #define _PRIV_PRIVATE_H
  29 
  30 #pragma ident   "%Z%%M% %I%     %E% SMI"
  31 
  32 #include <sys/types.h>
  33 #include <sys/priv.h>
  34 #include <limits.h>
  35 
  36 /*
  37  * Libc private privilege data.
  38  */
  39 
  40 #ifdef __cplusplus
  41 extern "C" {
  42 #endif
  43 
  44 #define LOADPRIVDATA(d)         d = __priv_getdata()
  45 #define GETPRIVDATA()           __priv_getdata()
  46 #define LOCKPRIVDATA()          { \
  47                                         /* Data already allocated */ \
  48                                         (void) lock_data(); \
  49                                         (void) refresh_data(); \
  50                                 }
  51 #define UNLOCKPRIVDATA()        unlock_data()
  52 #define WITHPRIVLOCKED(t, b, x) { \
  53                                         t __result; \
  54                                         if (lock_data() != 0) \
  55                                                 return (b); \
  56                                         __result = (x); \
  57                                         if (__result == (b) && refresh_data()) \
  58                                                 __result = (x); \
  59                                         unlock_data(); \
  60                                         return (__result); \
  61                                 }
  62 
  63 /*
  64  * Privilege mask macros.
  65  */
  66 #define __NBWRD         (CHAR_BIT * sizeof (priv_chunk_t))
  67 #define privmask(n)     (1 << ((__NBWRD - 1) - ((n) % __NBWRD)))
  68 #define privword(n)     ((n)/__NBWRD)
  69 
  70 /*
  71  * Same as the functions, but for numeric privileges.
  72  */
  73 #define PRIV_ADDSET(a, p)       ((priv_chunk_t *)(a))[privword(p)] |= \
  74                                                         privmask(p)
  75 #define PRIV_DELSET(a, p)       ((priv_chunk_t *)(a))[privword(p)] &= \
  76                                                         ~privmask(p)
  77 #define PRIV_ISMEMBER(a, p)     ((((priv_chunk_t *)(a))[privword(p)] & \
  78                                                         privmask(p)) != 0)
  79 
  80 /*
  81  * The structure is static except for the setsort, privnames and nprivs
  82  * field.  The pinfo structure initially has sufficient room and the kernel
  83  * guarantees no offset changes so we can copy a new structure on top of it.
  84  * The locking stratgegy is this: we lock it when we need to reference any
  85  * of the volatile fields.
  86  */
  87 typedef struct priv_data {
  88         size_t                  pd_setsize;             /* In bytes */
  89         int                     pd_nsets, pd_nprivs;
  90         uint32_t                pd_ucredsize;
  91         char                    **pd_setnames;
  92         char                    **pd_privnames;
  93         int                     *pd_setsort;
  94         priv_impl_info_t        *pd_pinfo;
  95         priv_set_t              *pd_basicset;
  96         priv_set_t              *pd_zoneset;
  97 } priv_data_t;
  98 
  99 extern priv_data_t *__priv_getdata(void);
 100 extern priv_data_t *__priv_parse_info(priv_impl_info_t *);
 101 extern void __priv_free_info(priv_data_t *);
 102 extern priv_data_t *privdata;
 103 
 104 extern int lock_data(void);
 105 extern boolean_t refresh_data(void);
 106 extern void unlock_data(void);
 107 
 108 extern boolean_t __priv_isemptyset(priv_data_t *, const priv_set_t *);
 109 extern boolean_t __priv_isfullset(priv_data_t *, const priv_set_t *);
 110 extern boolean_t __priv_issubset(priv_data_t *, const priv_set_t *,
 111                                 const priv_set_t *);
 112 extern const char *__priv_getbynum(const priv_data_t *, int);
 113 
 114 extern int getprivinfo(priv_impl_info_t *, size_t);
 115 
 116 extern priv_set_t *priv_basic(void);
 117 
 118 #ifdef __cplusplus
 119 }
 120 #endif
 121 
 122 #endif /* _PRIV_PRIVATE_H */