Changed the x86 architecture to have tPAddr be 64-bits always
[tpg/acess2.git] / Kernel / vfs / acls.c
1 /* 
2  * Acess Micro VFS
3  */
4 #include <common.h>
5 #include "vfs.h"
6 #include "vfs_int.h"
7
8 // === GLOBALS ===
9 tVFS_ACL        gVFS_ACL_EveryoneRWX = { {1,-1}, {0,VFS_PERM_ALL} };
10 tVFS_ACL        gVFS_ACL_EveryoneRW = { {1,-1}, {0,VFS_PERM_ALL^VFS_PERM_EXECUTE} };
11 tVFS_ACL        gVFS_ACL_EveryoneRX = { {1,-1}, {0,VFS_PERM_READ|VFS_PERM_EXECUTE} };
12 tVFS_ACL        gVFS_ACL_EveryoneRO = { {1,-1}, {0,VFS_PERM_READ} };
13
14 // === CODE ===
15 /**
16  * \fn int VFS_CheckACL(tVFS_Node *Node, Uint Permissions)
17  * \brief Checks the permissions on a file
18  */
19 int VFS_CheckACL(tVFS_Node *Node, Uint Permissions)
20 {
21          int    i;
22          int    uid = Threads_GetUID();
23          int    gid = Threads_GetGID();
24         
25         // Root can do anything
26         if(uid == 0)    return 1;
27         
28         // Root only file?, fast return
29         if( Node->NumACLs == 0 )        return 0;
30         
31         // Check Deny Permissions
32         for(i=0;i<Node->NumACLs;i++)
33         {
34                 if(!Node->ACLs[i].Inv)  continue;       // Ignore ALLOWs
35                 if(Node->ACLs[i].ID != -1)
36                 {
37                         if(!Node->ACLs[i].Group && Node->ACLs[i].ID != uid)     continue;
38                         if(Node->ACLs[i].Group && Node->ACLs[i].ID != gid)      continue;
39                 }
40                 
41                 if(Node->ACLs[i].Perms & Permissions)   return 0;
42         }
43         
44         // Check for allow permissions
45         for(i=0;i<Node->NumACLs;i++)
46         {
47                 if(Node->ACLs[i].Inv)   continue;       // Ignore DENYs
48                 if(Node->ACLs[i].ID != -1)
49                 {
50                         if(!Node->ACLs[i].Group && Node->ACLs[i].ID != uid)     continue;
51                         if(Node->ACLs[i].Group && Node->ACLs[i].ID != gid)      continue;
52                 }
53                 
54                 if((Node->ACLs[i].Perms & Permissions) == Permissions)  return 1;
55         }
56         
57         return 0;
58 }
59 /**
60  * \fn int VFS_GetACL(int FD, tVFS_ACL *Dest)
61  */
62 int VFS_GetACL(int FD, tVFS_ACL *Dest)
63 {
64          int    i;
65         tVFS_Handle     *h = VFS_GetHandle(FD);
66         
67         // Error check
68         if(!h) {
69                 return -1;
70         }
71         
72         // Root can do anything
73         if(Dest->Group == 0 && Dest->ID == 0) {
74                 Dest->Inv = 0;
75                 Dest->Perms = -1;
76                 return 1;
77         }
78         
79         // Root only file?, fast return
80         if( h->Node->NumACLs == 0 ) {
81                 Dest->Inv = 0;
82                 Dest->Perms = 0;
83                 return 0;
84         }
85         
86         // Check Deny Permissions
87         for(i=0;i<h->Node->NumACLs;i++)
88         {
89                 if(h->Node->ACLs[i].Group != Dest->Group)       continue;
90                 if(h->Node->ACLs[i].ID != Dest->ID)     continue;
91                 
92                 Dest->Inv = h->Node->ACLs[i].Inv;
93                 Dest->Perms = h->Node->ACLs[i].Perms;
94                 return 1;
95         }
96         
97         
98         Dest->Inv = 0;
99         Dest->Perms = 0;
100         return 0;
101 }
102
103 /**
104  * \fn tVFS_ACL *VFS_UnixToAcessACL(Uint Mode, Uint Owner, Uint Group)
105  * \brief Converts UNIX permissions to three Acess ACL entries
106  */
107 tVFS_ACL *VFS_UnixToAcessACL(Uint Mode, Uint Owner, Uint Group)
108 {
109         tVFS_ACL        *ret = malloc(sizeof(tVFS_ACL)*3);
110         
111         // Error Check
112         if(!ret)        return NULL;
113         
114         // Owner
115         ret[0].Group = 0;       ret[0].ID = Owner;
116         ret[0].Inv = 0;         ret[0].Perms = 0;
117         if(Mode & 0400) ret[0].Perms |= VFS_PERM_READ;
118         if(Mode & 0200) ret[0].Perms |= VFS_PERM_WRITE;
119         if(Mode & 0100) ret[0].Perms |= VFS_PERM_EXECUTE;
120         
121         // Group
122         ret[1].Group = 1;       ret[1].ID = Group;
123         ret[1].Inv = 0;         ret[1].Perms = 0;
124         if(Mode & 0040) ret[1].Perms |= VFS_PERM_READ;
125         if(Mode & 0020) ret[1].Perms |= VFS_PERM_WRITE;
126         if(Mode & 0010) ret[1].Perms |= VFS_PERM_EXECUTE;
127         
128         // Global
129         ret[2].Group = 1;       ret[2].ID = Group;
130         ret[2].Inv = 0;         ret[2].Perms = 0;
131         if(Mode & 0004) ret[2].Perms |= VFS_PERM_READ;
132         if(Mode & 0002) ret[2].Perms |= VFS_PERM_WRITE;
133         if(Mode & 0001) ret[2].Perms |= VFS_PERM_EXECUTE;
134         
135         // Return buffer
136         return ret;
137 }
138
139 // === EXPORTS ===
140 // --- Variables ---
141 EXPORTV(gVFS_ACL_EveryoneRWX);
142 EXPORTV(gVFS_ACL_EveryoneRW);
143 EXPORTV(gVFS_ACL_EveryoneRX);
144 // --- Functions ---
145 EXPORT(VFS_UnixToAcessACL);

UCC git Repository :: git.ucc.asn.au