Lines Matching defs:cr
41 secpolicy_nfs(cred_t *cr)
44 return (priv_check_cred(cr, PRIV_NFS_DAEMON));
48 secpolicy_zfs(cred_t *cr)
51 return (priv_check_cred(cr, PRIV_VFS_MOUNT));
55 secpolicy_zfs_proc(cred_t *cr, proc_t *proc)
58 return (priv_check_cred(cr, PRIV_VFS_MOUNT));
62 secpolicy_sys_config(cred_t *cr, int checkonly __unused)
65 return (priv_check_cred(cr, PRIV_ZFS_POOL_CONFIG));
69 secpolicy_zinject(cred_t *cr)
72 return (priv_check_cred(cr, PRIV_ZFS_INJECT));
76 secpolicy_fs_unmount(cred_t *cr, struct mount *vfsp __unused)
79 return (priv_check_cred(cr, PRIV_VFS_UNMOUNT));
83 secpolicy_fs_owner(struct mount *mp, cred_t *cr)
87 if (cr->cr_uid == mp->mnt_cred->cr_uid &&
88 cr->cr_prison == mp->mnt_cred->cr_prison) {
100 secpolicy_basic_link(vnode_t *vp, cred_t *cr)
105 if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
107 return (priv_check_cred(cr, PRIV_VFS_LINK));
111 secpolicy_vnode_stky_modify(cred_t *cr)
118 secpolicy_vnode_remove(vnode_t *vp, cred_t *cr)
121 if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
123 return (priv_check_cred(cr, PRIV_VFS_ADMIN));
127 secpolicy_vnode_access(cred_t *cr, vnode_t *vp, uid_t owner, accmode_t accmode)
130 if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
133 if ((accmode & VREAD) && priv_check_cred(cr, PRIV_VFS_READ) != 0)
136 priv_check_cred(cr, PRIV_VFS_WRITE) != 0) {
141 if (priv_check_cred(cr, PRIV_VFS_LOOKUP) != 0)
144 if (priv_check_cred(cr, PRIV_VFS_EXEC) != 0)
156 secpolicy_vnode_access2(cred_t *cr, vnode_t *vp, uid_t owner,
166 return (secpolicy_vnode_access(cr, vp, owner, mode));
170 secpolicy_vnode_any_access(cred_t *cr, vnode_t *vp, uid_t owner)
181 if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
185 if (owner == cr->cr_uid)
201 if (priv_check_cred(cr, priv) == 0)
208 secpolicy_vnode_setdac(vnode_t *vp, cred_t *cr, uid_t owner)
211 if (owner == cr->cr_uid)
213 if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
215 return (priv_check_cred(cr, PRIV_VFS_ADMIN));
219 secpolicy_vnode_setattr(cred_t *cr, vnode_t *vp, struct vattr *vap,
229 error = unlocked_access(node, VWRITE, cr);
242 error = secpolicy_vnode_setdac(vp, cr, ovap->va_uid);
245 error = secpolicy_setid_setsticky_clear(vp, vap, ovap, cr);
252 error = secpolicy_vnode_setdac(vp, cr, ovap->va_uid);
263 !groupmember(vap->va_gid, cr))) {
264 if (secpolicy_fs_owner(vp->v_mount, cr) != 0) {
265 error = priv_check_cred(cr, PRIV_VFS_CHOWN);
273 secpolicy_setid_clear(vap, vp, cr);
285 error = secpolicy_vnode_setdac(vp, cr, ovap->va_uid);
287 error = unlocked_access(node, VWRITE, cr);
295 secpolicy_vnode_create_gid(cred_t *cr)
302 secpolicy_vnode_setids_setgids(vnode_t *vp, cred_t *cr, gid_t gid)
305 if (groupmember(gid, cr))
307 if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
309 return (priv_check_cred(cr, PRIV_VFS_SETGID));
313 secpolicy_vnode_setid_retain(znode_t *zp, cred_t *cr,
317 if (secpolicy_fs_owner(ZTOV(zp)->v_mount, cr) == 0)
319 return (priv_check_cred(cr, PRIV_VFS_RETAINSUGID));
323 secpolicy_setid_clear(struct vattr *vap, vnode_t *vp, cred_t *cr)
326 if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
330 if (priv_check_cred(cr, PRIV_VFS_RETAINSUGID)) {
339 const struct vattr *ovap, cred_t *cr)
343 if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
352 if (priv_check_cred(cr, PRIV_VFS_STICKYFILE))
360 error = secpolicy_vnode_setids_setgids(vp, cr, ovap->va_gid);
367 if ((vap->va_mode & S_ISUID) && ovap->va_uid != cr->cr_uid) {
368 error = priv_check_cred(cr, PRIV_VFS_ADMIN);
376 secpolicy_fs_mount(cred_t *cr, vnode_t *mvp, struct mount *vfsp)
379 return (priv_check_cred(cr, PRIV_VFS_MOUNT));
383 secpolicy_vnode_owner(vnode_t *vp, cred_t *cr, uid_t owner)
386 if (owner == cr->cr_uid)
388 if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
392 return (priv_check_cred(cr, PRIV_VFS_MOUNT_OWNER));
396 secpolicy_vnode_chown(vnode_t *vp, cred_t *cr, uid_t owner)
399 if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
401 return (priv_check_cred(cr, PRIV_VFS_CHOWN));
405 secpolicy_fs_mount_clearopts(cred_t *cr, struct mount *vfsp)
408 if (priv_check_cred(cr, PRIV_VFS_MOUNT_NONUSER) != 0) {
421 secpolicy_xvattr(vnode_t *vp, xvattr_t *xvap, uid_t owner, cred_t *cr,
425 if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
427 return (priv_check_cred(cr, PRIV_VFS_SYSFLAGS));
431 secpolicy_smb(cred_t *cr)
434 return (priv_check_cred(cr, PRIV_NETSMB));