sysdeps/mach/hurd/access.c

   1 /* Copyright (C) 1991, 1992, 1993, 1994, 1995 Free Software Foundation, Inc.
   2 This file is part of the GNU C Library.
   3
   4 The GNU C Library is free software; you can redistribute it and/or
   5 modify it under the terms of the GNU Library General Public License as
   6 published by the Free Software Foundation; either version 2 of the
   7 License, or (at your option) any later version.
   8
   9 The GNU C Library is distributed in the hope that it will be useful,
  10 but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12 Library General Public License for more details.
  13
  14 You should have received a copy of the GNU Library General Public
  15 License along with the GNU C Library; see the file COPYING.LIB.  If
  16 not, write to the Free Software Foundation, Inc., 675 Mass Ave,
  17 Cambridge, MA 02139, USA.  */
  18
  19 #include <ansidecl.h>
  20 #include <unistd.h>
  21 #include <hurd.h>
  22 #include <hurd/port.h>
  23 #include <hurd/id.h>
  24 #include <hurd/lookup.h>
  25 #include <fcntl.h>
  26
  27 /* Test for access to FILE by our real user and group IDs.  */
  28 int
  29 DEFUN(__access, (file, type), CONST char *file AND int type)
  30 {
  31   error_t err;
  32   file_t rcrdir, rcwdir, io;
  33   int flags, allowed;
  34
  35   error_t reauthenticate (int which, file_t *result)
  36     {
  37       /* Get a port to our root directory, authenticated with the real IDs.  */
  38       error_t err;
  39       mach_port_t ref;
  40       ref = __mach_reply_port ();
  41       err = HURD_PORT_USE
  42         (&_hurd_ports[which],
  43          ({
  44            err = __io_reauthenticate (port, ref, MACH_MSG_TYPE_MAKE_SEND);
  45            if (!err)
  46              err = __auth_user_authenticate (_hurd_id.rid_auth,
  47                                              port,
  48                                              ref, MACH_MSG_TYPE_MAKE_SEND,
  49                                              result);
  50            err;
  51          }));
  52       __mach_port_destroy (__mach_task_self (), ref);
  53       return err;
  54     }
  55
  56   error_t init_port (int which, error_t (*operate) (mach_port_t))
  57     {
  58       switch (which)
  59         {
  60         case INIT_PORT_AUTH:
  61           return (*operate) (_hurd_id.rid_auth);
  62         case INIT_PORT_CRDIR:
  63           return (reauthenticate (INIT_PORT_CRDIR, &rcrdir) ?:
  64                   (*operate) (rcrdir));
  65         case INIT_PORT_CWDIR:
  66           return (reauthenticate (INIT_PORT_CWDIR, &rcwdir) ?:
  67                   (*operate) (rcwdir));
  68         default:
  69           return _hurd_ports_use (which, operate);
  70         }
  71     }
  72
  73   rcrdir = rcwdir = MACH_PORT_NULL;
  74
  75   HURD_CRITICAL_BEGIN;
  76
  77   __mutex_lock (&_hurd_id.lock);
  78   /* Get _hurd_id up to date.  */
  79   if (err = _hurd_check_ids ())
  80     goto lose;
  81
  82   if (_hurd_id.rid_auth == MACH_PORT_NULL)
  83     {
  84       /* Set up _hurd_id.rid_auth.  This is a special auth server port
  85          which uses the real uid and gid (the first aux uid and gid) as
  86          the only effective uid and gid.  */
  87
  88       if (_hurd_id.aux.nuids < 1 || _hurd_id.aux.ngids < 1)
  89         {
  90           /* We do not have a real UID and GID.  Lose, lose, lose!  */
  91           err = EGRATUITOUS;
  92           goto lose;
  93         }
  94
  95       /* Create a new auth port using our real UID and GID (the first
  96          auxiliary UID and GID) as the only effective IDs.  */
  97       if (err = __USEPORT (AUTH,
  98                            __auth_makeauth (port,
  99                                             NULL, MACH_MSG_TYPE_COPY_SEND, 0,
 100                                             _hurd_id.aux.uids, 1,
 101                                             _hurd_id.aux.uids,
 102                                             _hurd_id.aux.nuids,
 103                                             _hurd_id.aux.gids, 1,
 104                                             _hurd_id.aux.gids,
 105                                             _hurd_id.aux.ngids,
 106                                             &_hurd_id.rid_auth)))
 107         goto lose;
 108     }
 109
 110   if (!err)
 111     /* Look up the file name using the modified init ports.  */
 112     err = __hurd_file_name_lookup (&init_port, &__getdport,
 113                                    file, 0, 0, &io);
 114
 115   /* We are done with _hurd_id.rid_auth now.  */
 116  lose:
 117   __mutex_unlock (&_hurd_id.lock);
 118
 119   HURD_CRITICAL_END;
 120
 121   if (rcrdir != MACH_PORT_NULL)
 122     __mach_port_deallocate (__mach_task_self (), rcrdir);
 123   if (rcwdir != MACH_PORT_NULL)
 124     __mach_port_deallocate (__mach_task_self (), rcwdir);
 125   if (err)
 126     return __hurd_fail (err);
 127
 128   /* Find out what types of access we are allowed to this file.  */
 129   err = __file_check_access (io, &allowed);
 130   __mach_port_deallocate (__mach_task_self (), io);
 131   if (err)
 132     return __hurd_fail (err);
 133
 134   flags = 0;
 135   if (type & R_OK)
 136     flags |= O_READ;
 137   if (type & W_OK)
 138     flags |= O_WRITE;
 139   if (type & X_OK)
 140     flags |= O_EXEC;
 141
 142   if (flags & ~allowed)
 143     /* We are not allowed all the requested types of access.  */
 144     return __hurd_fail (EACCES);
 145
 146   return 0;
 147 }
 148
 149 weak_alias (__access, access)