[thirdparty/glibc.git] / sysdeps / mach / hurd / faccessat.c

/* Test for access to file, relative to open directory.  Hurd version.
   Copyright (C) 2006-2019 Free Software Foundation, Inc.
   This file is part of the GNU C Library.

   The GNU C Library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public
   License as published by the Free Software Foundation; either
   version 2.1 of the License, or (at your option) any later version.

   The GNU C Library is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   Lesser General Public License for more details.

   You should have received a copy of the GNU Lesser General Public
   License along with the GNU C Library; if not, see
   <https://www.gnu.org/licenses/>.  */

#include <errno.h>
#include <fcntl.h>
#include <stddef.h>
#include <unistd.h>
#include <sys/types.h>
#include <hurd.h>
#include <hurd/fd.h>
#include <hurd/port.h>
#include <hurd/id.h>
#include <hurd/lookup.h>

static int
hurd_fail_seterrno (error_t err)
{
  return __hurd_fail (err);
}

static int
hurd_fail_noerrno (error_t err)
{
  return -1;
}

static int
__faccessat_common (int fd, const char *file, int type, int at_flags,
                    int (*errfunc) (error_t))
{
  error_t err;
  file_t rcrdir, rcwdir, io;
  int flags, allowed;

  if ((at_flags & AT_EACCESS) == AT_EACCESS)
    {
      /* Use effective permissions.  */
      io = __file_name_lookup_at (fd, at_flags &~ AT_EACCESS, file, 0, 0);
      if (io == MACH_PORT_NULL)
	return -1;
    }
  else
    {
      /* We have to use real permissions instead of the
         usual effective permissions.  */

      int hurd_flags = 0;
      err = __hurd_at_flags (&at_flags, &hurd_flags);
      if (err)
	return errfunc (err);

      error_t reauthenticate_cwdir_at (file_t *result)
	{
	  /* Get a port to the FD directory, authenticated with the real IDs.  */
	  error_t err;
	  mach_port_t ref;
	  ref = __mach_reply_port ();
	  err = HURD_DPORT_USE
	    (fd,
	     ({
	       err = __io_reauthenticate (port, ref, MACH_MSG_TYPE_MAKE_SEND);
	       if (!err)
		 err = __auth_user_authenticate (_hurd_id.rid_auth,
						 ref, MACH_MSG_TYPE_MAKE_SEND,
						 result);
	       err;
	     }));
	  __mach_port_destroy (__mach_task_self (), ref);
	  return err;
	}

      error_t reauthenticate (int which, file_t *result)
	{
	  /* Get a port to our root directory, authenticated with the real IDs.  */
	  error_t err;
	  mach_port_t ref;
	  ref = __mach_reply_port ();
	  err = HURD_PORT_USE
	    (&_hurd_ports[which],
	     ({
	       err = __io_reauthenticate (port, ref, MACH_MSG_TYPE_MAKE_SEND);
	       if (!err)
		 err = __auth_user_authenticate (_hurd_id.rid_auth,
						 ref, MACH_MSG_TYPE_MAKE_SEND,
						 result);
	       err;
	     }));
	  __mach_port_destroy (__mach_task_self (), ref);
	  return err;
	}

      error_t init_port (int which, error_t (*operate) (mach_port_t))
	{
	  switch (which)
	    {
	    case INIT_PORT_AUTH:
	      return (*operate) (_hurd_id.rid_auth);
	    case INIT_PORT_CRDIR:
	      return (reauthenticate (INIT_PORT_CRDIR, &rcrdir) ?:
		      (*operate) (rcrdir));
	    case INIT_PORT_CWDIR:
	      if (fd == AT_FDCWD || file[0] == '/')
		return (reauthenticate (INIT_PORT_CWDIR, &rcwdir) ?:
			(*operate) (rcwdir));
	      else
		return (reauthenticate_cwdir_at (&rcwdir) ?:
			(*operate) (rcwdir));
	    default:
	      return _hurd_ports_use (which, operate);
	    }
	}

      rcrdir = rcwdir = MACH_PORT_NULL;

      HURD_CRITICAL_BEGIN;

      __mutex_lock (&_hurd_id.lock);
      /* Get _hurd_id up to date.  */
      if (err = _hurd_check_ids ())
	goto lose;

      if (_hurd_id.rid_auth == MACH_PORT_NULL)
	{
	  /* Set up _hurd_id.rid_auth.  This is a special auth server port
	     which uses the real uid and gid (the first aux uid and gid) as
	     the only effective uid and gid.  */

	  if (_hurd_id.aux.nuids < 1 || _hurd_id.aux.ngids < 1)
	    {
	      /* We do not have a real UID and GID.  Lose, lose, lose!  */
	      err = EGRATUITOUS;
	      goto lose;
	    }

	  /* Create a new auth port using our real UID and GID (the first
	     auxiliary UID and GID) as the only effective IDs.  */
	  if (err = __USEPORT (AUTH,
			       __auth_makeauth (port,
						NULL, MACH_MSG_TYPE_COPY_SEND, 0,
						_hurd_id.aux.uids, 1,
						_hurd_id.aux.uids,
						_hurd_id.aux.nuids,
						_hurd_id.aux.gids, 1,
						_hurd_id.aux.gids,
						_hurd_id.aux.ngids,
						&_hurd_id.rid_auth)))
	    goto lose;
	}

      if (!err)
	/* Look up the file name using the modified init ports.  */
	err = __hurd_file_name_lookup (&init_port, &__getdport, 0,
				       file, hurd_flags, 0, &io);

      /* We are done with _hurd_id.rid_auth now.  */
     lose:
      __mutex_unlock (&_hurd_id.lock);

      HURD_CRITICAL_END;

      if (rcrdir != MACH_PORT_NULL)
	__mach_port_deallocate (__mach_task_self (), rcrdir);
      if (rcwdir != MACH_PORT_NULL)
	__mach_port_deallocate (__mach_task_self (), rcwdir);
      if (err)
	return errfunc (err);
    }

  /* Find out what types of access we are allowed to this file.  */
  err = __file_check_access (io, &allowed);
  __mach_port_deallocate (__mach_task_self (), io);
  if (err)
    return errfunc (err);

  flags = 0;
  if (type & R_OK)
    flags |= O_READ;
  if (type & W_OK)
    flags |= O_WRITE;
  if (type & X_OK)
    flags |= O_EXEC;

  if (flags & ~allowed)
    /* We are not allowed all the requested types of access.  */
    return errfunc (EACCES);

  return 0;
}

int
__faccessat_noerrno (int fd, const char *file, int type, int at_flags)
{
  return __faccessat_common (fd, file, type, at_flags, hurd_fail_noerrno);
}

int
__faccessat (int fd, const char *file, int type, int at_flags)
{
  return __faccessat_common (fd, file, type, at_flags, hurd_fail_seterrno);
}
weak_alias (__faccessat, faccessat)
Commit	Line	Data
16a10468	1	/* Test for access to file, relative to open directory. Hurd version.
04277e02	2	Copyright (C) 2006-2019 Free Software Foundation, Inc.
16a10468 RM	3	This file is part of the GNU C Library.
	4
	5	The GNU C Library is free software; you can redistribute it and/or
	6	modify it under the terms of the GNU Lesser General Public
	7	License as published by the Free Software Foundation; either
	8	version 2.1 of the License, or (at your option) any later version.
	9
	10	The GNU C Library is distributed in the hope that it will be useful,
	11	but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	13	Lesser General Public License for more details.
	14
	15	You should have received a copy of the GNU Lesser General Public
59ba27a6	16	License along with the GNU C Library; if not, see
5a82c748	17	<https://www.gnu.org/licenses/>. */
16a10468 RM	18
	19	#include <errno.h>
	20	#include <fcntl.h>
	21	#include <stddef.h>
	22	#include <unistd.h>
	23	#include <sys/types.h>
	24	#include <hurd.h>
	25	#include <hurd/fd.h>
09085ede ST	26	#include <hurd/port.h>
	27	#include <hurd/id.h>
	28	#include <hurd/lookup.h>
16a10468	29
09085ede ST	30	static int
	31	hurd_fail_seterrno (error_t err)
	32	{
	33	return __hurd_fail (err);
	34	}
	35
	36	static int
	37	hurd_fail_noerrno (error_t err)
	38	{
	39	return -1;
	40	}
	41
	42	static int
	43	__faccessat_common (int fd, const char *file, int type, int at_flags,
	44	int (*errfunc) (error_t))
16a10468 RM	45	{
16a10468 RM	46	error_t err;
09085ede ST	47	file_t rcrdir, rcwdir, io;
09085ede ST	48	int flags, allowed;
16a10468	49
09085ede	50	if ((at_flags & AT_EACCESS) == AT_EACCESS)
16a10468	51	{
09085ede ST	52	/* Use effective permissions. */
	53	io = __file_name_lookup_at (fd, at_flags &~ AT_EACCESS, file, 0, 0);
	54	if (io == MACH_PORT_NULL)
	55	return -1;
16a10468	56	}
09085ede ST	57	else
	58	{
	59	/* We have to use real permissions instead of the
	60	usual effective permissions. */
	61
	62	int hurd_flags = 0;
a95dc01c ST	63	err = __hurd_at_flags (&at_flags, &hurd_flags);
	64	if (err)
	65	return errfunc (err);
09085ede ST	66
	67	error_t reauthenticate_cwdir_at (file_t *result)
	68	{
	69	/* Get a port to the FD directory, authenticated with the real IDs. */
	70	error_t err;
	71	mach_port_t ref;
	72	ref = __mach_reply_port ();
	73	err = HURD_DPORT_USE
	74	(fd,
	75	({
	76	err = __io_reauthenticate (port, ref, MACH_MSG_TYPE_MAKE_SEND);
	77	if (!err)
	78	err = __auth_user_authenticate (_hurd_id.rid_auth,
	79	ref, MACH_MSG_TYPE_MAKE_SEND,
	80	result);
	81	err;
	82	}));
	83	__mach_port_destroy (__mach_task_self (), ref);
	84	return err;
	85	}
	86
	87	error_t reauthenticate (int which, file_t *result)
	88	{
	89	/* Get a port to our root directory, authenticated with the real IDs. */
	90	error_t err;
	91	mach_port_t ref;
	92	ref = __mach_reply_port ();
	93	err = HURD_PORT_USE
	94	(&_hurd_ports[which],
	95	({
	96	err = __io_reauthenticate (port, ref, MACH_MSG_TYPE_MAKE_SEND);
	97	if (!err)
	98	err = __auth_user_authenticate (_hurd_id.rid_auth,
	99	ref, MACH_MSG_TYPE_MAKE_SEND,
	100	result);
	101	err;
	102	}));
	103	__mach_port_destroy (__mach_task_self (), ref);
	104	return err;
	105	}
	106
	107	error_t init_port (int which, error_t (*operate) (mach_port_t))
	108	{
	109	switch (which)
	110	{
	111	case INIT_PORT_AUTH:
	112	return (*operate) (_hurd_id.rid_auth);
	113	case INIT_PORT_CRDIR:
	114	return (reauthenticate (INIT_PORT_CRDIR, &rcrdir) ?:
	115	(*operate) (rcrdir));
	116	case INIT_PORT_CWDIR:
	117	if (fd == AT_FDCWD \|\| file[0] == '/')
	118	return (reauthenticate (INIT_PORT_CWDIR, &rcwdir) ?:
	119	(*operate) (rcwdir));
	120	else
	121	return (reauthenticate_cwdir_at (&rcwdir) ?:
	122	(*operate) (rcwdir));
	123	default:
	124	return _hurd_ports_use (which, operate);
	125	}
	126	}
	127
	128	rcrdir = rcwdir = MACH_PORT_NULL;
	129
130	HURD_CRITICAL_BEGIN;
131
132	__mutex_lock (&_hurd_id.lock);
133	/* Get _hurd_id up to date. */
134	if (err = _hurd_check_ids ())
135	goto lose;
16a10468	136
09085ede ST	137	if (_hurd_id.rid_auth == MACH_PORT_NULL)
	138	{
	139	/* Set up _hurd_id.rid_auth. This is a special auth server port
	140	which uses the real uid and gid (the first aux uid and gid) as
	141	the only effective uid and gid. */
	142
	143	if (_hurd_id.aux.nuids < 1 \|\| _hurd_id.aux.ngids < 1)
	144	{
	145	/* We do not have a real UID and GID. Lose, lose, lose! */
	146	err = EGRATUITOUS;
	147	goto lose;
	148	}
	149
	150	/* Create a new auth port using our real UID and GID (the first
	151	auxiliary UID and GID) as the only effective IDs. */
	152	if (err = __USEPORT (AUTH,
	153	__auth_makeauth (port,
	154	NULL, MACH_MSG_TYPE_COPY_SEND, 0,
	155	_hurd_id.aux.uids, 1,
	156	_hurd_id.aux.uids,
	157	_hurd_id.aux.nuids,
	158	_hurd_id.aux.gids, 1,
	159	_hurd_id.aux.gids,
	160	_hurd_id.aux.ngids,
	161	&_hurd_id.rid_auth)))
	162	goto lose;
	163	}
	164
	165	if (!err)
	166	/* Look up the file name using the modified init ports. */
	167	err = __hurd_file_name_lookup (&init_port, &__getdport, 0,
	168	file, hurd_flags, 0, &io);
	169
	170	/* We are done with _hurd_id.rid_auth now. */
	171	lose:
	172	__mutex_unlock (&_hurd_id.lock);
	173
	174	HURD_CRITICAL_END;
	175
	176	if (rcrdir != MACH_PORT_NULL)
	177	__mach_port_deallocate (__mach_task_self (), rcrdir);
	178	if (rcwdir != MACH_PORT_NULL)
	179	__mach_port_deallocate (__mach_task_self (), rcwdir);
	180	if (err)
	181	return errfunc (err);
	182	}
16a10468 RM	183
16a10468 RM	184	/* Find out what types of access we are allowed to this file. */
09085ede ST	185	err = __file_check_access (io, &allowed);
09085ede ST	186	__mach_port_deallocate (__mach_task_self (), io);
16a10468	187	if (err)
09085ede	188	return errfunc (err);
16a10468 RM	189
	190	flags = 0;
	191	if (type & R_OK)
	192	flags \|= O_READ;
	193	if (type & W_OK)
	194	flags \|= O_WRITE;
	195	if (type & X_OK)
	196	flags \|= O_EXEC;
	197
	198	if (flags & ~allowed)
	199	/* We are not allowed all the requested types of access. */
09085ede	200	return errfunc (EACCES);
16a10468 RM	201
	202	return 0;
	203	}
09085ede ST	204
	205	int
	206	__faccessat_noerrno (int fd, const char *file, int type, int at_flags)
	207	{
	208	return __faccessat_common (fd, file, type, at_flags, hurd_fail_noerrno);
	209	}
	210
	211	int
	212	__faccessat (int fd, const char *file, int type, int at_flags)
	213	{
	214	return __faccessat_common (fd, file, type, at_flags, hurd_fail_seterrno);
	215	}
	216	weak_alias (__faccessat, faccessat)