本文整理汇总了C++中VOP_ACCESS函数的典型用法代码示例。如果您正苦于以下问题:C++ VOP_ACCESS函数的具体用法?C++ VOP_ACCESS怎么用?C++ VOP_ACCESS使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了VOP_ACCESS函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: ufs_delete_denied
static int
ufs_delete_denied(struct vnode *vdp, struct vnode *tdp, struct ucred *cred,
struct thread *td)
{
int error;
#ifdef UFS_ACL
/*
* NFSv4 Minor Version 1, draft-ietf-nfsv4-minorversion1-03.txt
*
* 3.16.2.1. ACE4_DELETE vs. ACE4_DELETE_CHILD
*/
/*
* XXX: Is this check required?
*/
error = VOP_ACCESS(vdp, VEXEC, cred, td);
if (error)
return (error);
error = VOP_ACCESSX(tdp, VDELETE, cred, td);
if (error == 0)
return (0);
error = VOP_ACCESSX(vdp, VDELETE_CHILD, cred, td);
if (error == 0)
return (0);
error = VOP_ACCESSX(vdp, VEXPLICIT_DENY | VDELETE_CHILD, cred, td);
if (error)
return (error);
#endif /* !UFS_ACL */
/*
* Standard Unix access control - delete access requires VWRITE.
*/
error = VOP_ACCESS(vdp, VWRITE, cred, td);
if (error)
return (error);
/*
* If directory is "sticky", then user must own
* the directory, or the file in it, else she
* may not delete it (unless she's root). This
* implements append-only directories.
*/
if ((VTOI(vdp)->i_mode & ISVTX) &&
VOP_ACCESS(vdp, VADMIN, cred, td) &&
VOP_ACCESS(tdp, VADMIN, cred, td))
return (EPERM);
return (0);
}示例2: vnode_iop_permission
/* This is VOP_ACCESS().
* permtype = bitwise-OR of MAY_READ, MAY_WRITE, MAY_EXEC
* For 2.6.27 and beyond we may need to handle other
* permission requests than the tradional MAY_[RWX], like
* MAY_ACCESS.
*/
extern int
vnode_iop_permission(
INODE_T *ip,
int permtype
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,27)
, struct nameidata *nd
#endif
#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,32)
, unsigned int flags
#endif
)
{
int err;
CALL_DATA_T cd;
ASSERT_I_SEM_NOT_MINE(ip);
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,38)
/* We can't deal with RCU lookups, the lookup will happen after
* a rcu_read_lock call, which means we can't block. Additionally,
* vfsmount_lock is locked, which means we can't call mntput
* (and other functions). We use the permission callback to detect
* and refuse RCU operations, which are then retried without using RCU.
*/
if (flags & IPERM_FLAG_RCU)
return -ECHILD;
#endif
mdki_linux_init_call_data(&cd);
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,27)
/* we are not dealing with MAY_ACCESS and MAY_OPEN */
permtype &= (MAY_READ | MAY_WRITE | MAY_EXEC);
#endif
/*
* Vnode core wants the mode test bits to be in the user position, not the
* low bits. Bits are in same order as standard UNIX rwx.
*/
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,27)
err = VOP_ACCESS(ITOV(ip), permtype << 6, 0, &cd, (nameidata_ctx *) nd);
#elif LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,32)
err = VOP_ACCESS(ITOV(ip), permtype << 6, 0, &cd, NULL);
#else
err = VOP_ACCESS(ITOV(ip), permtype << 6, 0, &cd,
(nameidata_ctx *) (unsigned long) flags);
#endif
err = mdki_errno_unix_to_linux(err);
mdki_linux_destroy_call_data(&cd);
return err;
}示例3: ufs_extattr_credcheck
/*
* Credential check based on process requesting service, and per-attribute
* permissions.
*/
static int
ufs_extattr_credcheck(struct vnode *vp, struct ufs_extattr_list_entry *uele,
struct ucred *cred, struct proc *p, int access)
{
/*
* Kernel-invoked always succeeds.
*/
if (cred == NULL)
return (0);
/*
* Do not allow privileged processes in jail to directly
* manipulate system attributes.
*
* XXX What capability should apply here?
* Probably CAP_SYS_SETFFLAG.
*/
switch (uele->uele_attrnamespace) {
case EXTATTR_NAMESPACE_SYSTEM:
return (suser(cred, &p->p_acflag));
case EXTATTR_NAMESPACE_USER:
return (VOP_ACCESS(vp, access, cred, p));
default:
return (EPERM);
}
}示例4: devfs_create
/*ARGSUSED2*/
static int
devfs_create(struct vnode *dvp, char *nm, struct vattr *vap, vcexcl_t excl,
int mode, struct vnode **vpp, struct cred *cred, int flag)
{
int error;
struct vnode *vp;
dcmn_err2(("devfs_create %s\n", nm));
error = dv_find(VTODV(dvp), nm, &vp, NULL, NULLVP, cred, 0);
if (error == 0) {
if (excl == EXCL)
error = EEXIST;
else if (vp->v_type == VDIR && (mode & VWRITE))
error = EISDIR;
else
error = VOP_ACCESS(vp, mode, 0, cred);
if (error) {
VN_RELE(vp);
} else
*vpp = vp;
} else if (error == ENOENT)
error = EROFS;
return (error);
}示例5: genfs_ufslike_remove_check_permitted
/*
* genfs_ufslike_remove_check_permitted: Check whether a remove is
* permitted given our credentials, assuming UFS-like permission and
* ownership semantics.
*
* Everything must be locked and referenced.
*/
int
genfs_ufslike_remove_check_permitted(kauth_cred_t cred,
struct vnode *dvp, mode_t dmode, uid_t duid,
struct vnode *vp, uid_t uid)
{
int error;
KASSERT(dvp != NULL);
KASSERT(vp != NULL);
KASSERT(dvp != vp);
KASSERT(dvp->v_type == VDIR);
KASSERT(vp->v_type != VDIR);
KASSERT(dvp->v_mount == vp->v_mount);
KASSERT(VOP_ISLOCKED(dvp) == LK_EXCLUSIVE);
KASSERT(VOP_ISLOCKED(vp) == LK_EXCLUSIVE);
/*
* We need to write to the directory to remove from it.
*/
error = VOP_ACCESS(dvp, VWRITE, cred);
if (error)
return error;
error = genfs_ufslike_check_sticky(cred, dmode, duid, vp, uid);
if (error)
return error;
return 0;
}示例6: auto_open
/* ARGSUSED */
static int
auto_open(vnode_t **vpp, int flag, cred_t *cred, caller_context_t *ct)
{
vnode_t *newvp;
int error;
AUTOFS_DPRINT((4, "auto_open: *vpp=%p\n", (void *)*vpp));
error = auto_trigger_mount(*vpp, cred, &newvp);
if (error)
goto done;
if (newvp != NULL) {
/*
* Node is now mounted on.
*/
VN_RELE(*vpp);
*vpp = newvp;
error = VOP_ACCESS(*vpp, VREAD, 0, cred, ct);
if (!error)
error = VOP_OPEN(vpp, flag, cred, ct);
}
done:
AUTOFS_DPRINT((5, "auto_open: *vpp=%p error=%d\n", (void *)*vpp,
error));
return (error);
}示例7: tmpfs_nlookupdotdot
static int
tmpfs_nlookupdotdot(struct vop_nlookupdotdot_args *v)
{
struct vnode *dvp = v->a_dvp;
struct vnode **vpp = v->a_vpp;
struct tmpfs_node *dnode = VP_TO_TMPFS_NODE(dvp);
struct ucred *cred = v->a_cred;
struct mount *mp;
int error;
*vpp = NULL;
mp = dvp->v_mount;
/* Check accessibility of requested node as a first step. */
error = VOP_ACCESS(dvp, VEXEC, cred);
if (error != 0)
return error;
if (dnode->tn_dir.tn_parent != NULL) {
/* Allocate a new vnode on the matching entry. */
error = tmpfs_alloc_vp(dvp->v_mount, dnode->tn_dir.tn_parent,
LK_EXCLUSIVE | LK_RETRY, vpp);
if (*vpp)
vn_unlock(*vpp);
}
return (*vpp == NULL) ? ENOENT : 0;
}示例8: smbfs_getextattr
static int
smbfs_getextattr(struct vop_getextattr_args *ap)
/* {
IN struct vnode *a_vp;
IN char *a_name;
INOUT struct uio *a_uio;
IN kauth_cred_t a_cred;
};
*/
{
struct vnode *vp = ap->a_vp;
struct lwp *l = ap->a_l;
kauth_cred_t cred = ap->a_cred;
struct uio *uio = ap->a_uio;
const char *name = ap->a_name;
struct smbnode *np = VTOSMB(vp);
struct vattr vattr;
char buf[10];
int i, attr, error;
error = VOP_ACCESS(vp, VREAD, cred, td);
if (error)
return error;
error = VOP_GETATTR(vp, &vattr, cred, td);
if (error)
return error;
if (strcmp(name, "dosattr") == 0) {
attr = np->n_dosattr;
for (i = 0; i < 6; i++, attr >>= 1)
buf[i] = (attr & 1) ? smbfs_atl[i] : '-';
buf[i] = 0;
error = uiomove(buf, i, uio);
} else示例9: devfs_access
static int
devfs_access(struct vnode *vp, int mode, int flags, struct cred *cr)
{
struct dv_node *dv = VTODV(vp);
int res;
dcmn_err2(("devfs_access %s\n", dv->dv_name));
ASSERT(dv->dv_attr || dv->dv_attrvp);
/* restrict console access to privileged processes */
if ((vp->v_rdev == rconsdev) && secpolicy_console(cr) != 0) {
return (EACCES);
}
if (dv->dv_attr && ((dv->dv_flags & DV_ACL) == 0)) {
rw_enter(&dv->dv_contents, RW_READER);
if (dv->dv_attr) {
res = devfs_unlocked_access(dv, mode, cr);
rw_exit(&dv->dv_contents);
return (res);
}
rw_exit(&dv->dv_contents);
}
return (VOP_ACCESS(dv->dv_attrvp, mode, flags, cr));
}示例10: xattr_dir_access
/* ARGSUSED */
static int
xattr_dir_access(vnode_t *vp, int mode, int flags, cred_t *cr,
caller_context_t *ct)
{
int error;
vnode_t *realvp = NULL;
if (mode & VWRITE) {
return (EACCES);
}
error = xattr_dir_realdir(vp, &realvp, LOOKUP_XATTR, cr, ct);
if ((error == ENOENT || error == EINVAL)) {
/*
* These errors mean there's no "real" xattr dir.
* The GFS xattr dir always allows access.
*/
return (0);
}
if (error != 0) {
/*
* The "real" xattr dir was not accessible.
*/
return (error);
}
/*
* We got the "real" xattr dir.
* Pass through the access call.
*/
error = VOP_ACCESS(realvp, mode, flags, cr, ct);
return (error);
}示例11: devpts_create
/*ARGSUSED2*/
static int
devpts_create(struct vnode *dvp, char *nm, struct vattr *vap, vcexcl_t excl,
int mode, struct vnode **vpp, struct cred *cred, int flag,
caller_context_t *ct, vsecattr_t *vsecp)
{
int error;
struct vnode *vp;
*vpp = NULL;
error = devpts_lookup(dvp, nm, &vp, NULL, 0, NULL, cred, ct, NULL,
NULL);
if (error == 0) {
if (excl == EXCL)
error = EEXIST;
else if (vp->v_type == VDIR && (mode & VWRITE))
error = EISDIR;
else
error = VOP_ACCESS(vp, mode, 0, cred, ct);
if (error) {
VN_RELE(vp);
} else
*vpp = vp;
} else if (error == ENOENT) {
error = EROFS;
}
return (error);
}示例12: cttyopen
/*ARGSUSED*/
int
cttyopen(dev_t dev, int flag, int mode, struct proc *p)
{
struct vnode *ttyvp = cttyvp(p);
int error;
if (ttyvp == NULL)
return (ENXIO);
vn_lock(ttyvp, LK_EXCLUSIVE | LK_RETRY, p);
#ifdef PARANOID
/*
* Since group is tty and mode is 620 on most terminal lines
* and since sessions protect terminals from processes outside
* your session, this check is probably no longer necessary.
* Since it inhibits setuid root programs that later switch
* to another user from accessing /dev/tty, we have decided
* to delete this test. (mckusick 5/93)
*/
error = VOP_ACCESS(ttyvp,
(flag&FREAD ? VREAD : 0) | (flag&FWRITE ? VWRITE : 0), p->p_ucred, p);
if (!error)
#endif /* PARANOID */
error = VOP_OPEN(ttyvp, flag, NOCRED, p);
VOP_UNLOCK(ttyvp, 0, p);
return (error);
}示例13: ibcs2_sys_eaccess
int
ibcs2_sys_eaccess(struct lwp *l, const struct ibcs2_sys_eaccess_args *uap, register_t *retval)
{
/* {
syscallarg(char *) path;
syscallarg(int) flags;
} */
struct vnode *vp;
int error, flags;
struct nameidata nd;
NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | TRYEMULROOT, UIO_USERSPACE,
SCARG(uap, path));
if ((error = namei(&nd)) != 0)
return error;
vp = nd.ni_vp;
/* Flags == 0 means only check for existence. */
if (SCARG(uap, flags)) {
flags = 0;
if (SCARG(uap, flags) & IBCS2_R_OK)
flags |= VREAD;
if (SCARG(uap, flags) & IBCS2_W_OK)
flags |= VWRITE;
if (SCARG(uap, flags) & IBCS2_X_OK)
flags |= VEXEC;
if ((flags & VWRITE) == 0 || (error = vn_writechk(vp)) == 0)
error = VOP_ACCESS(vp, flags, l->l_cred);
}
vput(vp);
return error;
}示例14: spec_access
int
spec_access(void *v)
{
struct vop_access_args *ap = v;
struct vnode *vp = ap->a_vp;
if (!(vp->v_flag & VCLONE))
return (EBADF);
return (VOP_ACCESS(vp->v_specparent, ap->a_mode, ap->a_cred, ap->a_p));
}示例15: filesystem_getroot
static OSKIT_COMDECL filesystem_getroot(oskit_filesystem_t *f,
struct oskit_dir **out_dir)
{
struct gfilesystem *fs = (struct gfilesystem *) f;
oskit_dir_t *d;
struct proc *p;
oskit_error_t ferror;
struct vnode *vp;
int error;
if (!fs || !fs->count || !fs->mp)
return OSKIT_E_INVALIDARG;
ferror = getproc(&p);
if (ferror)
return ferror;
error = VFS_ROOT(fs->mp, &vp);
if (error)
{
prfree(p);
return errno_to_oskit_error(error);
}
error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p);
if (error)
{
vput(vp);
prfree(p);
return errno_to_oskit_error(error);
}
d = (oskit_dir_t *) hashtab_search(vptab, (hashtab_key_t) vp);
if (d)
{
oskit_dir_addref(d);
}
else
{
d = (oskit_dir_t *) gfile_create(fs,vp);
if (!d)
{
vput(vp);
prfree(p);
return OSKIT_ENOMEM;
}
}
vput(vp);
prfree(p);
*out_dir = d;
return 0;
}