1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 #include <errno.h> 29 #include <priv.h> 30 #include <sys/tsol/priv.h> 31 #include <sys/varargs.h> 32 33 /* 34 * set_effective_priv(op, num_priv, priv_id1, priv_id2, ... ) 35 * 36 * Library routine to enable a user process to set its effective 37 * privilege set appropriately using a single call. User is 38 * required to specify the number of privilege ids that follow as 39 * arguments, rather than depending on the compiler to terminate 40 * the argument list with a NULL, which may be compiler-dependent. 41 */ 42 int 43 set_effective_priv(priv_op_t op, int num_priv, ...) 44 { 45 priv_set_t *priv_set; 46 priv_t priv_id; 47 va_list ap; 48 int status; 49 50 priv_set = priv_allocset(); 51 PRIV_EMPTY(priv_set); 52 53 va_start(ap, num_priv); 54 while (num_priv--) { 55 char *priv_name; 56 /* 57 * Do sanity checking on priv_id's here to assure 58 * valid inputs to privilege macros. This checks 59 * num_priv argument as well. 60 */ 61 priv_id = va_arg(ap, priv_t); 62 priv_name = (char *)priv_getbynum((int)(uintptr_t)priv_id); 63 if (priv_name == NULL) { 64 errno = EINVAL; 65 priv_freeset(priv_set); 66 return (-1); 67 } 68 (void) priv_addset(priv_set, priv_name); 69 } 70 va_end(ap); 71 72 /* 73 * Depend on system call to do sanity checking on "op" 74 */ 75 status = setppriv(op, PRIV_EFFECTIVE, priv_set); 76 priv_freeset(priv_set); 77 return (status); 78 79 } /* set_effective_priv() */ 80 81 82 83 84 /* 85 * set_inheritable_priv(op, num_priv, priv_id1, priv_id2, ... ) 86 * 87 * Library routine to enable a user process to set its inheritable 88 * privilege set appropriately using a single call. User is 89 * required to specify the number of privilege ids that follow as 90 * arguments, rather than depending on the compiler to terminate 91 * the argument list with a NULL, which may be compiler-dependent. 92 */ 93 int 94 set_inheritable_priv(priv_op_t op, int num_priv, ...) 95 { 96 priv_set_t *priv_set; 97 priv_t priv_id; 98 va_list ap; 99 int status; 100 101 priv_set = priv_allocset(); 102 103 PRIV_EMPTY(priv_set); 104 105 va_start(ap, num_priv); 106 while (num_priv--) { 107 /* 108 * Do sanity checking on priv_id's here to assure 109 * valid inputs to privilege macros. This checks 110 * num_priv argument as well. 111 */ 112 priv_id = va_arg(ap, priv_t); 113 if ((char *)priv_getbynum((int)(uintptr_t)priv_id) == NULL) { 114 errno = EINVAL; 115 priv_freeset(priv_set); 116 return (-1); 117 } 118 (void) PRIV_ASSERT(priv_set, priv_id); 119 } 120 va_end(ap); 121 122 /* 123 * Depend on system call to do sanity checking on "op" 124 */ 125 status = setppriv(op, PRIV_INHERITABLE, priv_set); 126 priv_freeset(priv_set); 127 return (status); 128 129 } /* set_inheritable_priv() */ 130 131 132 133 134 /* 135 * set_permitted_priv(op, num_priv, priv_id1, priv_id2, ... ) 136 * 137 * Library routine to enable a user process to set its permitted 138 * privilege set appropriately using a single call. User is 139 * required to specify the number of privilege ids that follow as 140 * arguments, rather than depending on the compiler to terminate 141 * the argument list with a NULL, which may be compiler-dependent. 142 */ 143 int 144 set_permitted_priv(priv_op_t op, int num_priv, ...) 145 { 146 priv_set_t *priv_set; 147 priv_t priv_id; 148 va_list ap; 149 int status; 150 151 priv_set = priv_allocset(); 152 153 PRIV_EMPTY(priv_set); 154 155 va_start(ap, num_priv); 156 while (num_priv--) { 157 /* 158 * Do sanity checking on priv_id's here to assure 159 * valid inputs to privilege macros. This checks 160 * num_priv argument as well. 161 */ 162 priv_id = va_arg(ap, priv_t); 163 if ((char *)priv_getbynum((int)(uintptr_t)priv_id) == NULL) { 164 errno = EINVAL; 165 priv_freeset(priv_set); 166 return (-1); 167 } 168 (void) PRIV_ASSERT(priv_set, priv_id); 169 } 170 va_end(ap); 171 172 /* 173 * Depend on system call to do sanity checking on "op" 174 */ 175 status = setppriv(op, PRIV_PERMITTED, priv_set); 176 priv_freeset(priv_set); 177 return (status); 178 179 } /* set_permitted_priv() */ 180
Indexes created Wed Nov 25 11:28:15 UTC 2009
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.