Index: share/man/man9/vaccess.9 =================================================================== --- share/man/man9/vaccess.9 (revision 184330) +++ share/man/man9/vaccess.9 (working copy) @@ -40,7 +40,7 @@ .Fa "mode_t file_mode" .Fa "uid_t file_uid" .Fa "gid_t file_gid" -.Fa "mode_t acc_mode" +.Fa "accmode_t accmode" .Fa "struct ucred *cred" .Fa "int *privused" .Fc @@ -59,7 +59,7 @@ owning GID .Fa file_gid , desired access mode -.Fa acc_mode , +.Fa accmode , requesting credential .Fa cred , and an optional call-by-reference Index: share/man/man9/VOP_ACCESS.9 =================================================================== --- share/man/man9/VOP_ACCESS.9 (revision 184330) +++ share/man/man9/VOP_ACCESS.9 (working copy) @@ -39,16 +39,16 @@ .In sys/param.h .In sys/vnode.h .Ft int -.Fn VOP_ACCESS "struct vnode *vp" "int mode" "struct ucred *cred" "struct thread *td" +.Fn VOP_ACCESS "struct vnode *vp" "accmode_t accmode" "struct ucred *cred" "struct thread *td" .Sh DESCRIPTION This entry point checks the access permissions of the file against the given credentials. .Pp Its arguments are: -.Bl -tag -width mode +.Bl -tag -width accmode .It Fa vp The vnode of the file to check. -.It Fa mode +.It Fa accmode The type of access required. .It Fa cred The user credentials to check. @@ -57,8 +57,8 @@ .El .Pp The -.Fa mode -is a mask which can contain +.Fa accmode +is a mask which can contain flags described in , e.g. .Dv VREAD , .Dv VWRITE or @@ -71,7 +71,7 @@ .Sh PSEUDOCODE .Bd -literal int -vop_access(struct vnode *vp, int mode, struct ucred *cred, struct thread *td) +vop_access(struct vnode *vp, accmode_t accmode, struct ucred *cred, struct thread *td) { int error; @@ -80,7 +80,7 @@ * unless the file is a socket, fifo, or a block or * character device resident on the filesystem. */ - if (mode & VWRITE) { + if (accmode & VWRITE) { switch (vp->v_type) { case VDIR: case VLNK: @@ -93,7 +93,7 @@ } /* If immutable bit set, nobody gets to write it. */ - if ((mode & VWRITE) && vp has immutable bit set) + if ((accmode & VWRITE) && vp has immutable bit set) return EPERM; /* Otherwise, user id 0 always gets access. */ @@ -104,11 +104,11 @@ /* Otherwise, check the owner. */ if (cred->cr_uid == owner of vp) { - if (mode & VEXEC) + if (accmode & VEXEC) mask |= S_IXUSR; - if (mode & VREAD) + if (accmode & VREAD) mask |= S_IRUSR; - if (mode & VWRITE) + if (accmode & VWRITE) mask |= S_IWUSR; return (((mode of vp) & mask) == mask ? 0 : EACCES); } @@ -116,21 +116,21 @@ /* Otherwise, check the groups. */ for (i = 0, gp = cred->cr_groups; i < cred->cr_ngroups; i++, gp++) if (group of vp == *gp) { - if (mode & VEXEC) + if (accmode & VEXEC) mask |= S_IXGRP; - if (mode & VREAD) + if (accmode & VREAD) mask |= S_IRGRP; - if (mode & VWRITE) + if (accmode & VWRITE) mask |= S_IWGRP; return (((mode of vp) & mask) == mask ? 0 : EACCES); } /* Otherwise, check everyone else. */ - if (mode & VEXEC) + if (accmode & VEXEC) mask |= S_IXOTH; - if (mode & VREAD) + if (accmode & VREAD) mask |= S_IROTH; - if (mode & VWRITE) + if (accmode & VWRITE) mask |= S_IWOTH; return (((mode of vp) & mask) == mask ? 0 : EACCES); } Index: share/man/man9/vaccess_acl_posix1e.9 =================================================================== --- share/man/man9/vaccess_acl_posix1e.9 (revision 184330) +++ share/man/man9/vaccess_acl_posix1e.9 (working copy) @@ -41,7 +41,7 @@ .Fa "uid_t file_uid" .Fa "gid_t file_gid" .Fa "struct acl *acl" -.Fa "mode_t acc_mode" +.Fa "accmode_t accmode" .Fa "struct ucred *cred" .Fa "int *privused" .Fc @@ -59,7 +59,7 @@ access ACL for the file .Fa acl , desired access mode -.Fa acc_mode , +.Fa accmode , requesting credential .Fa cred , and an optional call-by-reference Index: sys/nfsclient/nfs_vnops.c =================================================================== --- sys/nfsclient/nfs_vnops.c (revision 184330) +++ sys/nfsclient/nfs_vnops.c (working copy) @@ -318,7 +318,7 @@ * unless the file is a socket, fifo, or a block or character * device resident on the filesystem. */ - if ((ap->a_mode & VWRITE) && (vp->v_mount->mnt_flag & MNT_RDONLY)) { + if ((ap->a_accmode & VWRITE) && (vp->v_mount->mnt_flag & MNT_RDONLY)) { switch (vp->v_type) { case VREG: case VDIR: @@ -337,20 +337,20 @@ * client uid-->server uid mapping that we do not know about. */ if (v3) { - if (ap->a_mode & VREAD) + if (ap->a_accmode & VREAD) mode = NFSV3ACCESS_READ; else mode = 0; if (vp->v_type != VDIR) { - if (ap->a_mode & VWRITE) + if (ap->a_accmode & VWRITE) mode |= (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND); - if (ap->a_mode & VEXEC) + if (ap->a_accmode & VEXEC) mode |= NFSV3ACCESS_EXECUTE; } else { - if (ap->a_mode & VWRITE) + if (ap->a_accmode & VWRITE) mode |= (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND | NFSV3ACCESS_DELETE); - if (ap->a_mode & VEXEC) + if (ap->a_accmode & VEXEC) mode |= NFSV3ACCESS_LOOKUP; } /* XXX safety belt, only make blanket request if caching */ @@ -399,7 +399,7 @@ * file size cached. */ mtx_lock(&np->n_mtx); - if (ap->a_cred->cr_uid == 0 && (ap->a_mode & VREAD) + if (ap->a_cred->cr_uid == 0 && (ap->a_accmode & VREAD) && VTONFS(vp)->n_size > 0) { struct iovec aiov; struct uio auio; @@ -3200,7 +3200,7 @@ struct vattr *vap; struct ucred *cred = ap->a_cred; struct vnode *vp = ap->a_vp; - mode_t mode = ap->a_mode; + accmode_t accmode = ap->a_accmode; struct vattr vattr; int error; @@ -3209,7 +3209,7 @@ * unless the file is a socket, fifo, or a block or character * device resident on the filesystem. */ - if ((mode & VWRITE) && (vp->v_mount->mnt_flag & MNT_RDONLY)) { + if ((accmode & VWRITE) && (vp->v_mount->mnt_flag & MNT_RDONLY)) { switch (vp->v_type) { case VREG: case VDIR: @@ -3224,7 +3224,7 @@ if (error) goto out; error = vaccess(vp->v_type, vap->va_mode, vap->va_uid, vap->va_gid, - mode, cred, NULL); + accmode, cred, NULL); out: return error; } Index: sys/gnu/fs/xfs/FreeBSD/xfs_super.c =================================================================== --- sys/gnu/fs/xfs/FreeBSD/xfs_super.c (revision 184330) +++ sys/gnu/fs/xfs/FreeBSD/xfs_super.c (working copy) @@ -133,7 +133,7 @@ struct vnode *devvp; struct g_consumer *cp; struct g_provider *pp; - mode_t accessmode; + accmode_t accmode; td = curthread; @@ -151,10 +151,10 @@ vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY); ronly = ((XFS_MTOVFS(mp)->vfs_flag & VFS_RDONLY) != 0); - accessmode = VREAD; + accmode = VREAD; if (!ronly) - accessmode |= VWRITE; - error = VOP_ACCESS(devvp, accessmode, td->td_ucred, td); + accmode |= VWRITE; + error = VOP_ACCESS(devvp, accmode, td->td_ucred, td); if (error) error = priv_check(td, PRIV_VFS_MOUNT_PERM); if (error) { Index: sys/gnu/fs/xfs/FreeBSD/xfs_vnops.c =================================================================== --- sys/gnu/fs/xfs/FreeBSD/xfs_vnops.c (revision 184330) +++ sys/gnu/fs/xfs/FreeBSD/xfs_vnops.c (working copy) @@ -180,14 +180,14 @@ _xfs_access( struct vop_access_args /* { struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *a_td; } */ *ap) { int error; - XVOP_ACCESS(VPTOXFSVP(ap->a_vp), ap->a_mode, ap->a_cred, error); + XVOP_ACCESS(VPTOXFSVP(ap->a_vp), ap->a_accmode, ap->a_cred, error); return (error); } Index: sys/gnu/fs/reiserfs/reiserfs_vfsops.c =================================================================== --- sys/gnu/fs/reiserfs/reiserfs_vfsops.c (revision 184330) +++ sys/gnu/fs/reiserfs/reiserfs_vfsops.c (working copy) @@ -74,7 +74,7 @@ { size_t size; int error, len; - mode_t accessmode; + accmode_t accmode; char *path, *fspec; struct vnode *devvp; struct vfsoptlist *opts; @@ -124,10 +124,10 @@ /* If mount by non-root, then verify that user has necessary * permissions on the device. */ - accessmode = VREAD; + accmode = VREAD; if ((mp->mnt_flag & MNT_RDONLY) == 0) - accessmode |= VWRITE; - error = VOP_ACCESS(devvp, accessmode, td->td_ucred, td); + accmode |= VWRITE; + error = VOP_ACCESS(devvp, accmode, td->td_ucred, td); if (error) error = priv_check(td, PRIV_VFS_MOUNT_PERM); if (error) { Index: sys/gnu/fs/reiserfs/reiserfs_vnops.c =================================================================== --- sys/gnu/fs/reiserfs/reiserfs_vnops.c (revision 184330) +++ sys/gnu/fs/reiserfs/reiserfs_vnops.c (working copy) @@ -57,14 +57,14 @@ int error; struct vnode *vp = ap->a_vp; struct reiserfs_node *ip = VTOI(vp); - mode_t mode = ap->a_mode; + accmode_t accmode = ap->a_accmode; /* * Disallow write attempts on read-only file systems; unless the file * is a socket, fifo, or a block or character device resident on the * file system. */ - if (mode & VWRITE) { + if (accmode & VWRITE) { switch (vp->v_type) { case VDIR: case VLNK: @@ -81,13 +81,13 @@ } /* If immutable bit set, nobody gets to write it. */ - if ((mode & VWRITE) && (ip->i_flags & (IMMUTABLE | SF_SNAPSHOT))) { + if ((accmode & VWRITE) && (ip->i_flags & (IMMUTABLE | SF_SNAPSHOT))) { reiserfs_log(LOG_DEBUG, "no write access (immutable)\n"); return (EPERM); } error = vaccess(vp->v_type, ip->i_mode, ip->i_uid, ip->i_gid, - ap->a_mode, ap->a_cred, NULL); + ap->a_accmode, ap->a_cred, NULL); return (error); } Index: sys/gnu/fs/ext2fs/ext2_vnops.c =================================================================== --- sys/gnu/fs/ext2fs/ext2_vnops.c (revision 184330) +++ sys/gnu/fs/ext2fs/ext2_vnops.c (working copy) @@ -289,14 +289,14 @@ ext2_access(ap) struct vop_access_args /* { struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *a_td; } */ *ap; { struct vnode *vp = ap->a_vp; struct inode *ip = VTOI(vp); - mode_t mode = ap->a_mode; + accmode_t accmode = ap->a_accmode; int error; if (vp->v_type == VBLK || vp->v_type == VCHR) @@ -307,7 +307,7 @@ * unless the file is a socket, fifo, or a block or * character device resident on the file system. */ - if (mode & VWRITE) { + if (accmode & VWRITE) { switch (vp->v_type) { case VDIR: case VLNK: @@ -321,11 +321,11 @@ } /* If immutable bit set, nobody gets to write it. */ - if ((mode & VWRITE) && (ip->i_flags & (IMMUTABLE | SF_SNAPSHOT))) + if ((accmode & VWRITE) && (ip->i_flags & (IMMUTABLE | SF_SNAPSHOT))) return (EPERM); error = vaccess(vp->v_type, ip->i_mode, ip->i_uid, ip->i_gid, - ap->a_mode, ap->a_cred, NULL); + ap->a_accmode, ap->a_cred, NULL); return (error); } Index: sys/gnu/fs/ext2fs/ext2_vfsops.c =================================================================== --- sys/gnu/fs/ext2fs/ext2_vfsops.c (revision 184330) +++ sys/gnu/fs/ext2fs/ext2_vfsops.c (working copy) @@ -137,7 +137,7 @@ struct ext2_sb_info *fs; char *path, *fspec; int error, flags, len; - mode_t accessmode; + accmode_t accmode; struct nameidata nd, *ndp = &nd; opts = mp->mnt_optnew; @@ -265,10 +265,10 @@ * * XXXRW: VOP_ACCESS() enough? */ - accessmode = VREAD; + accmode = VREAD; if ((mp->mnt_flag & MNT_RDONLY) == 0) - accessmode |= VWRITE; - error = VOP_ACCESS(devvp, accessmode, td->td_ucred, td); + accmode |= VWRITE; + error = VOP_ACCESS(devvp, accmode, td->td_ucred, td); if (error) error = priv_check(td, PRIV_VFS_MOUNT_PERM); if (error) { Index: sys/ufs/ufs/ufs_vnops.c =================================================================== --- sys/ufs/ufs/ufs_vnops.c (revision 184330) +++ sys/ufs/ufs/ufs_vnops.c (working copy) @@ -301,14 +301,14 @@ ufs_access(ap) struct vop_access_args /* { struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *a_td; } */ *ap; { struct vnode *vp = ap->a_vp; struct inode *ip = VTOI(vp); - mode_t mode = ap->a_mode; + accmode_t accmode = ap->a_accmode; int error; #ifdef QUOTA int relocked; @@ -322,7 +322,7 @@ * unless the file is a socket, fifo, or a block or * character device resident on the filesystem. */ - if (mode & VWRITE) { + if (accmode & VWRITE) { switch (vp->v_type) { case VDIR: case VLNK: @@ -357,7 +357,7 @@ } /* If immutable bit set, nobody gets to write it. */ - if ((mode & VWRITE) && (ip->i_flags & (IMMUTABLE | SF_SNAPSHOT))) + if ((accmode & VWRITE) && (ip->i_flags & (IMMUTABLE | SF_SNAPSHOT))) return (EPERM); #ifdef UFS_ACL @@ -368,11 +368,11 @@ switch (error) { case EOPNOTSUPP: error = vaccess(vp->v_type, ip->i_mode, ip->i_uid, - ip->i_gid, ap->a_mode, ap->a_cred, NULL); + ip->i_gid, ap->a_accmode, ap->a_cred, NULL); break; case 0: error = vaccess_acl_posix1e(vp->v_type, ip->i_uid, - ip->i_gid, acl, ap->a_mode, ap->a_cred, NULL); + ip->i_gid, acl, ap->a_accmode, ap->a_cred, NULL); break; default: printf( @@ -384,13 +384,13 @@ * EPERM for safety. */ error = vaccess(vp->v_type, ip->i_mode, ip->i_uid, - ip->i_gid, ap->a_mode, ap->a_cred, NULL); + ip->i_gid, ap->a_accmode, ap->a_cred, NULL); } uma_zfree(acl_zone, acl); } else #endif /* !UFS_ACL */ error = vaccess(vp->v_type, ip->i_mode, ip->i_uid, ip->i_gid, - ap->a_mode, ap->a_cred, NULL); + ap->a_accmode, ap->a_cred, NULL); return (error); } Index: sys/ufs/ffs/ffs_vfsops.c =================================================================== --- sys/ufs/ffs/ffs_vfsops.c (revision 184330) +++ sys/ufs/ffs/ffs_vfsops.c (working copy) @@ -139,7 +139,7 @@ struct fs *fs; int error, flags; u_int mntorflags, mntandnotflags; - mode_t accessmode; + accmode_t accmode; struct nameidata ndp; char *fspec; @@ -384,10 +384,10 @@ * If mount by non-root, then verify that user has necessary * permissions on the device. */ - accessmode = VREAD; + accmode = VREAD; if ((mp->mnt_flag & MNT_RDONLY) == 0) - accessmode |= VWRITE; - error = VOP_ACCESS(devvp, accessmode, td->td_ucred, td); + accmode |= VWRITE; + error = VOP_ACCESS(devvp, accmode, td->td_ucred, td); if (error) error = priv_check(td, PRIV_VFS_MOUNT_PERM); if (error) { Index: sys/kern/uipc_mqueue.c =================================================================== --- sys/kern/uipc_mqueue.c (revision 184330) +++ sys/kern/uipc_mqueue.c (working copy) @@ -1120,7 +1120,7 @@ struct vop_access_args { struct vop_generic_args a_gen; struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *a_td; }; @@ -1140,7 +1140,7 @@ if (error) return (error); error = vaccess(vp->v_type, vattr.va_mode, vattr.va_uid, - vattr.va_gid, ap->a_mode, ap->a_cred, NULL); + vattr.va_gid, ap->a_accmode, ap->a_cred, NULL); return (error); } @@ -2003,14 +2003,14 @@ if ((flags & (O_CREAT | O_EXCL)) == (O_CREAT | O_EXCL)) { error = EEXIST; } else { - int acc_mode = 0; + accmode_t accmode = 0; if (flags & FREAD) - acc_mode |= VREAD; + accmode |= VREAD; if (flags & FWRITE) - acc_mode |= VWRITE; + accmode |= VWRITE; error = vaccess(VREG, pn->mn_mode, pn->mn_uid, - pn->mn_gid, acc_mode, td->td_ucred, NULL); + pn->mn_gid, accmode, td->td_ucred, NULL); } } Index: sys/kern/vfs_vnops.c =================================================================== --- sys/kern/vfs_vnops.c (revision 184330) +++ sys/kern/vfs_vnops.c (working copy) @@ -115,7 +115,8 @@ struct thread *td = ndp->ni_cnd.cn_thread; struct vattr vat; struct vattr *vap = &vat; - int mode, fmode, error; + int fmode, error; + accmode_t accmode; int vfslocked, mpsafe; mpsafe = ndp->ni_cnd.cn_flags & MPSAFE; @@ -202,33 +203,33 @@ error = EOPNOTSUPP; goto bad; } - mode = 0; + accmode = 0; if (fmode & (FWRITE | O_TRUNC)) { if (vp->v_type == VDIR) { error = EISDIR; goto bad; } - mode |= VWRITE; + accmode |= VWRITE; } if (fmode & FREAD) - mode |= VREAD; + accmode |= VREAD; if (fmode & FEXEC) - mode |= VEXEC; + accmode |= VEXEC; if (fmode & O_APPEND) - mode |= VAPPEND; + accmode |= VAPPEND; #ifdef MAC - error = mac_vnode_check_open(cred, vp, mode); + error = mac_vnode_check_open(cred, vp, accmode); if (error) goto bad; #endif if ((fmode & O_CREAT) == 0) { - if (mode & VWRITE) { + if (accmode & VWRITE) { error = vn_writechk(vp); if (error) goto bad; } - if (mode) { - error = VOP_ACCESS(vp, mode, cred, td); + if (accmode) { + error = VOP_ACCESS(vp, accmode, cred, td); if (error) goto bad; } Index: sys/kern/vfs_syscalls.c =================================================================== --- sys/kern/vfs_syscalls.c (revision 184330) +++ sys/kern/vfs_syscalls.c (working copy) @@ -2032,25 +2032,26 @@ struct ucred *cred; struct thread *td; { - int error, flags; + int error; + accmode_t accmode; /* Flags == 0 means only check for existence. */ error = 0; if (user_flags) { - flags = 0; + accmode = 0; if (user_flags & R_OK) - flags |= VREAD; + accmode |= VREAD; if (user_flags & W_OK) - flags |= VWRITE; + accmode |= VWRITE; if (user_flags & X_OK) - flags |= VEXEC; + accmode |= VEXEC; #ifdef MAC - error = mac_vnode_check_access(cred, vp, flags); + error = mac_vnode_check_access(cred, vp, accmode); if (error) return (error); #endif - if ((flags & VWRITE) == 0 || (error = vn_writechk(vp)) == 0) - error = VOP_ACCESS(vp, flags, cred, td); + if ((accmode & VWRITE) == 0 || (error = vn_writechk(vp)) == 0) + error = VOP_ACCESS(vp, accmode, cred, td); } return (error); } @@ -4349,7 +4350,8 @@ struct flock lf; struct file *fp; register struct filedesc *fdp = p->p_fd; - int fmode, mode, error, type; + int fmode, error, type; + accmode_t accmode; struct file *nfp; int vfslocked; int indx; @@ -4391,7 +4393,7 @@ error = EOPNOTSUPP; goto bad; } - mode = 0; + accmode = 0; if (fmode & (FWRITE | O_TRUNC)) { if (vp->v_type == VDIR) { error = EISDIR; @@ -4400,19 +4402,19 @@ error = vn_writechk(vp); if (error) goto bad; - mode |= VWRITE; + accmode |= VWRITE; } if (fmode & FREAD) - mode |= VREAD; + accmode |= VREAD; if (fmode & O_APPEND) - mode |= VAPPEND; + accmode |= VAPPEND; #ifdef MAC - error = mac_vnode_check_open(td->td_ucred, vp, mode); + error = mac_vnode_check_open(td->td_ucred, vp, accmode); if (error) goto bad; #endif - if (mode) { - error = VOP_ACCESS(vp, mode, td->td_ucred, td); + if (accmode) { + error = VOP_ACCESS(vp, accmode, td->td_ucred, td); if (error) goto bad; } Index: sys/kern/uipc_shm.c =================================================================== --- sys/kern/uipc_shm.c (revision 184330) +++ sys/kern/uipc_shm.c (working copy) @@ -367,15 +367,15 @@ static int shm_access(struct shmfd *shmfd, struct ucred *ucred, int flags) { - int acc_mode; + accmode_t accmode; - acc_mode = 0; + accmode = 0; if (flags & FREAD) - acc_mode |= VREAD; + accmode |= VREAD; if (flags & FWRITE) - acc_mode |= VWRITE; + accmode |= VWRITE; return (vaccess(VREG, shmfd->shm_mode, shmfd->shm_uid, shmfd->shm_gid, - acc_mode, ucred, NULL)); + accmode, ucred, NULL)); } /* Index: sys/kern/vnode_if.src =================================================================== --- sys/kern/vnode_if.src (revision 184330) +++ sys/kern/vnode_if.src (working copy) @@ -147,7 +147,7 @@ vop_access { IN struct vnode *vp; - IN int mode; + IN accmode_t accmode; IN struct ucred *cred; IN struct thread *td; }; Index: sys/kern/subr_acl_posix1e.c =================================================================== --- sys/kern/subr_acl_posix1e.c (revision 184330) +++ sys/kern/subr_acl_posix1e.c (working copy) @@ -53,12 +53,12 @@ */ int vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, - struct acl *acl, mode_t acc_mode, struct ucred *cred, int *privused) + struct acl *acl, accmode_t acc_mode, struct ucred *cred, int *privused) { struct acl_entry *acl_other, *acl_mask; - mode_t dac_granted; - mode_t priv_granted; - mode_t acl_mask_granted; + accmode_t dac_granted; + accmode_t priv_granted; + accmode_t acl_mask_granted; int group_matched, i; /* Index: sys/kern/vfs_subr.c =================================================================== --- sys/kern/vfs_subr.c (revision 184330) +++ sys/kern/vfs_subr.c (working copy) @@ -3450,10 +3450,10 @@ */ int vaccess(enum vtype type, mode_t file_mode, uid_t file_uid, gid_t file_gid, - mode_t acc_mode, struct ucred *cred, int *privused) + accmode_t accmode, struct ucred *cred, int *privused) { - mode_t dac_granted; - mode_t priv_granted; + accmode_t dac_granted; + accmode_t priv_granted; /* * Look for a normal, non-privileged way to access the file/directory @@ -3475,7 +3475,7 @@ if (file_mode & S_IWUSR) dac_granted |= (VWRITE | VAPPEND); - if ((acc_mode & dac_granted) == acc_mode) + if ((accmode & dac_granted) == accmode) return (0); goto privcheck; @@ -3490,7 +3490,7 @@ if (file_mode & S_IWGRP) dac_granted |= (VWRITE | VAPPEND); - if ((acc_mode & dac_granted) == acc_mode) + if ((accmode & dac_granted) == accmode) return (0); goto privcheck; @@ -3503,7 +3503,7 @@ dac_granted |= VREAD; if (file_mode & S_IWOTH) dac_granted |= (VWRITE | VAPPEND); - if ((acc_mode & dac_granted) == acc_mode) + if ((accmode & dac_granted) == accmode) return (0); privcheck: @@ -3520,35 +3520,35 @@ * For directories, use PRIV_VFS_LOOKUP to satisfy VEXEC * requests, instead of PRIV_VFS_EXEC. */ - if ((acc_mode & VEXEC) && ((dac_granted & VEXEC) == 0) && + if ((accmode & VEXEC) && ((dac_granted & VEXEC) == 0) && !priv_check_cred(cred, PRIV_VFS_LOOKUP, 0)) priv_granted |= VEXEC; } else { - if ((acc_mode & VEXEC) && ((dac_granted & VEXEC) == 0) && + if ((accmode & VEXEC) && ((dac_granted & VEXEC) == 0) && !priv_check_cred(cred, PRIV_VFS_EXEC, 0)) priv_granted |= VEXEC; } - if ((acc_mode & VREAD) && ((dac_granted & VREAD) == 0) && + if ((accmode & VREAD) && ((dac_granted & VREAD) == 0) && !priv_check_cred(cred, PRIV_VFS_READ, 0)) priv_granted |= VREAD; - if ((acc_mode & VWRITE) && ((dac_granted & VWRITE) == 0) && + if ((accmode & VWRITE) && ((dac_granted & VWRITE) == 0) && !priv_check_cred(cred, PRIV_VFS_WRITE, 0)) priv_granted |= (VWRITE | VAPPEND); - if ((acc_mode & VADMIN) && ((dac_granted & VADMIN) == 0) && + if ((accmode & VADMIN) && ((dac_granted & VADMIN) == 0) && !priv_check_cred(cred, PRIV_VFS_ADMIN, 0)) priv_granted |= VADMIN; - if ((acc_mode & (priv_granted | dac_granted)) == acc_mode) { + if ((accmode & (priv_granted | dac_granted)) == accmode) { /* XXX audit: privilege used */ if (privused != NULL) *privused = 1; return (0); } - return ((acc_mode & VADMIN) ? EPERM : EACCES); + return ((accmode & VADMIN) ? EPERM : EACCES); } /* @@ -3557,7 +3557,7 @@ */ int extattr_check_cred(struct vnode *vp, int attrnamespace, struct ucred *cred, - struct thread *td, int access) + struct thread *td, accmode_t accmode) { /* @@ -3575,7 +3575,7 @@ /* Potentially should be: return (EPERM); */ return (priv_check_cred(cred, PRIV_VFS_EXTATTR_SYSTEM, 0)); case EXTATTR_NAMESPACE_USER: - return (VOP_ACCESS(vp, access, cred, td)); + return (VOP_ACCESS(vp, accmode, cred, td)); default: return (EPERM); } Index: sys/fs/unionfs/union_vnops.c =================================================================== --- sys/fs/unionfs/union_vnops.c (revision 184330) +++ sys/fs/unionfs/union_vnops.c (working copy) @@ -583,7 +583,7 @@ * Check the access mode toward shadow file/dir. */ static int -unionfs_check_corrected_access(u_short mode, +unionfs_check_corrected_access(accmode_t accmode, struct vattr *va, struct ucred *cred) { @@ -601,11 +601,11 @@ /* check owner */ if (cred->cr_uid == uid) { - if (mode & VEXEC) + if (accmode & VEXEC) mask |= S_IXUSR; - if (mode & VREAD) + if (accmode & VREAD) mask |= S_IRUSR; - if (mode & VWRITE) + if (accmode & VWRITE) mask |= S_IWUSR; return ((vmode & mask) == mask ? 0 : EACCES); } @@ -615,22 +615,22 @@ gp = cred->cr_groups; for (; count < cred->cr_ngroups; count++, gp++) { if (gid == *gp) { - if (mode & VEXEC) + if (accmode & VEXEC) mask |= S_IXGRP; - if (mode & VREAD) + if (accmode & VREAD) mask |= S_IRGRP; - if (mode & VWRITE) + if (accmode & VWRITE) mask |= S_IWGRP; return ((vmode & mask) == mask ? 0 : EACCES); } } /* check other */ - if (mode & VEXEC) + if (accmode & VEXEC) mask |= S_IXOTH; - if (mode & VREAD) + if (accmode & VREAD) mask |= S_IROTH; - if (mode & VWRITE) + if (accmode & VWRITE) mask |= S_IWOTH; return ((vmode & mask) == mask ? 0 : EACCES); @@ -645,7 +645,7 @@ struct vnode *lvp; struct thread *td; struct vattr va; - int mode; + accmode_t accmode; int error; UNIONFS_INTERNAL_DEBUG("unionfs_access: enter\n"); @@ -655,10 +655,10 @@ uvp = unp->un_uppervp; lvp = unp->un_lowervp; td = ap->a_td; - mode = ap->a_mode; + accmode = ap->a_accmode; error = EACCES; - if ((mode & VWRITE) && + if ((accmode & VWRITE) && (ap->a_vp->v_mount->mnt_flag & MNT_RDONLY)) { switch (ap->a_vp->v_type) { case VREG: @@ -671,7 +671,7 @@ } if (uvp != NULLVP) { - error = VOP_ACCESS(uvp, mode, ap->a_cred, td); + error = VOP_ACCESS(uvp, accmode, ap->a_cred, td); UNIONFS_INTERNAL_DEBUG("unionfs_access: leave (%d)\n", error); @@ -679,7 +679,7 @@ } if (lvp != NULLVP) { - if (mode & VWRITE) { + if (accmode & VWRITE) { if (ump->um_uppervp->v_mount->mnt_flag & MNT_RDONLY) { switch (ap->a_vp->v_type) { case VREG: @@ -698,15 +698,15 @@ return (error); error = unionfs_check_corrected_access( - mode, &va, ap->a_cred); + accmode, &va, ap->a_cred); if (error != 0) return (error); } } - mode &= ~VWRITE; - mode |= VREAD; /* will copy to upper */ + accmode &= ~VWRITE; + accmode |= VREAD; /* will copy to upper */ } - error = VOP_ACCESS(lvp, mode, ap->a_cred, td); + error = VOP_ACCESS(lvp, accmode, ap->a_cred, td); } UNIONFS_INTERNAL_DEBUG("unionfs_access: leave (%d)\n", error); Index: sys/fs/pseudofs/pseudofs_vnops.c =================================================================== --- sys/fs/pseudofs/pseudofs_vnops.c (revision 184330) +++ sys/fs/pseudofs/pseudofs_vnops.c (working copy) @@ -132,7 +132,7 @@ if (error) PFS_RETURN (error); error = vaccess(vn->v_type, vattr.va_mode, vattr.va_uid, - vattr.va_gid, va->a_mode, va->a_cred, NULL); + vattr.va_gid, va->a_accmode, va->a_cred, NULL); PFS_RETURN (error); } Index: sys/fs/tmpfs/tmpfs_vnops.c =================================================================== --- sys/fs/tmpfs/tmpfs_vnops.c (revision 184330) +++ sys/fs/tmpfs/tmpfs_vnops.c (working copy) @@ -282,7 +282,7 @@ tmpfs_access(struct vop_access_args *v) { struct vnode *vp = v->a_vp; - int mode = v->a_mode; + accmode_t accmode = v->a_accmode; struct ucred *cred = v->a_cred; int error; @@ -298,7 +298,7 @@ case VLNK: /* FALLTHROUGH */ case VREG: - if (mode & VWRITE && vp->v_mount->mnt_flag & MNT_RDONLY) { + if (accmode & VWRITE && vp->v_mount->mnt_flag & MNT_RDONLY) { error = EROFS; goto out; } @@ -318,13 +318,13 @@ goto out; } - if (mode & VWRITE && node->tn_flags & IMMUTABLE) { + if (accmode & VWRITE && node->tn_flags & IMMUTABLE) { error = EPERM; goto out; } error = vaccess(vp->v_type, node->tn_mode, node->tn_uid, - node->tn_gid, mode, cred, NULL); + node->tn_gid, accmode, cred, NULL); out: MPASS(VOP_ISLOCKED(vp)); Index: sys/fs/hpfs/hpfs_vnops.c =================================================================== --- sys/fs/hpfs/hpfs_vnops.c (revision 184330) +++ sys/fs/hpfs/hpfs_vnops.c (working copy) @@ -683,14 +683,14 @@ hpfs_access(ap) struct vop_access_args /* { struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *a_td; } */ *ap; { struct vnode *vp = ap->a_vp; struct hpfsnode *hp = VTOHP(vp); - mode_t mode = ap->a_mode; + accmode_t accmode = ap->a_accmode; dprintf(("hpfs_access(0x%x):\n", hp->h_no)); @@ -699,7 +699,7 @@ * unless the file is a socket, fifo, or a block or * character device resident on the filesystem. */ - if (mode & VWRITE) { + if (accmode & VWRITE) { switch ((int)vp->v_type) { case VDIR: case VLNK: @@ -711,7 +711,7 @@ } return (vaccess(vp->v_type, hp->h_mode, hp->h_uid, hp->h_gid, - ap->a_mode, ap->a_cred, NULL)); + ap->a_accmode, ap->a_cred, NULL)); } /* Index: sys/fs/nullfs/null_vnops.c =================================================================== --- sys/fs/nullfs/null_vnops.c (revision 184330) +++ sys/fs/nullfs/null_vnops.c (working copy) @@ -451,14 +451,14 @@ null_access(struct vop_access_args *ap) { struct vnode *vp = ap->a_vp; - mode_t mode = ap->a_mode; + accmode_t accmode = ap->a_accmode; /* * Disallow write attempts on read-only layers; * unless the file is a socket, fifo, or a block or * character device resident on the filesystem. */ - if (mode & VWRITE) { + if (accmode & VWRITE) { switch (vp->v_type) { case VDIR: case VLNK: Index: sys/fs/coda/coda_vnops.c =================================================================== --- sys/fs/coda/coda_vnops.c (revision 184330) +++ sys/fs/coda/coda_vnops.c (working copy) @@ -607,7 +607,7 @@ /* true args */ struct vnode *vp = ap->a_vp; struct cnode *cp = VTOC(vp); - int mode = ap->a_mode; + accmode_t accmode = ap->a_accmode; struct ucred *cred = ap->a_cred; struct thread *td = ap->a_td; /* locals */ @@ -624,7 +624,7 @@ * Bogus hack - all will be marked as successes. */ MARK_INT_SAT(CODA_ACCESS_STATS); - return (((mode & VREAD) && !(mode & (VWRITE | VEXEC))) + return (((accmode & VREAD) && !(accmode & (VWRITE | VEXEC))) ? 0 : EACCES); } @@ -636,11 +636,11 @@ */ if (coda_access_cache && VALID_ACCCACHE(cp) && (cred->cr_uid == cp->c_cached_uid) && - (mode & cp->c_cached_mode) == mode) { + (accmode & cp->c_cached_mode) == accmode) { MARK_INT_SAT(CODA_ACCESS_STATS); return (0); } - error = venus_access(vtomi(vp), &cp->c_fid, mode, cred, td->td_proc); + error = venus_access(vtomi(vp), &cp->c_fid, accmode, cred, td->td_proc); if (error == 0 && coda_access_cache) { /*- * When we have a new successful request, we consider three @@ -658,10 +658,10 @@ */ cp->c_flags |= C_ACCCACHE; if (cp->c_cached_uid != cred->cr_uid) { - cp->c_cached_mode = mode; + cp->c_cached_mode = accmode; cp->c_cached_uid = cred->cr_uid; } else - cp->c_cached_mode |= mode; + cp->c_cached_mode |= accmode; } return (error); } Index: sys/fs/devfs/devfs_vnops.c =================================================================== --- sys/fs/devfs/devfs_vnops.c (revision 184330) +++ sys/fs/devfs/devfs_vnops.c (working copy) @@ -372,7 +372,7 @@ de = de->de_dir; error = vaccess(vp->v_type, de->de_mode, de->de_uid, de->de_gid, - ap->a_mode, ap->a_cred, NULL); + ap->a_accmode, ap->a_cred, NULL); if (!error) return (error); if (error != EACCES) Index: sys/fs/smbfs/smbfs_vnops.c =================================================================== --- sys/fs/smbfs/smbfs_vnops.c (revision 184330) +++ sys/fs/smbfs/smbfs_vnops.c (working copy) @@ -123,18 +123,18 @@ smbfs_access(ap) struct vop_access_args /* { struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *a_td; } */ *ap; { struct vnode *vp = ap->a_vp; - mode_t mode = ap->a_mode; + accmode_t accmode = ap->a_accmode; mode_t mpmode; struct smbmount *smp = VTOSMBFS(vp); SMBVDEBUG("\n"); - if ((mode & VWRITE) && (vp->v_mount->mnt_flag & MNT_RDONLY)) { + if ((accmode & VWRITE) && (vp->v_mount->mnt_flag & MNT_RDONLY)) { switch (vp->v_type) { case VREG: case VDIR: case VLNK: return EROFS; @@ -144,7 +144,7 @@ } mpmode = vp->v_type == VREG ? smp->sm_file_mode : smp->sm_dir_mode; return (vaccess(vp->v_type, mpmode, smp->sm_uid, - smp->sm_gid, ap->a_mode, ap->a_cred, NULL)); + smp->sm_gid, ap->a_accmode, ap->a_cred, NULL)); } /* ARGSUSED */ Index: sys/fs/ntfs/ntfs_vnops.c =================================================================== --- sys/fs/ntfs/ntfs_vnops.c (revision 184330) +++ sys/fs/ntfs/ntfs_vnops.c (working copy) @@ -386,14 +386,14 @@ ntfs_access(ap) struct vop_access_args /* { struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *a_td; } */ *ap; { struct vnode *vp = ap->a_vp; struct ntnode *ip = VTONT(vp); - mode_t mode = ap->a_mode; + accmode_t accmode = ap->a_accmode; #ifdef QUOTA int error; #endif @@ -405,7 +405,7 @@ * unless the file is a socket, fifo, or a block or * character device resident on the filesystem. */ - if (mode & VWRITE) { + if (accmode & VWRITE) { switch ((int)vp->v_type) { case VDIR: case VLNK: @@ -421,7 +421,7 @@ } return (vaccess(vp->v_type, ip->i_mp->ntm_mode, ip->i_mp->ntm_uid, - ip->i_mp->ntm_gid, ap->a_mode, ap->a_cred, NULL)); + ip->i_mp->ntm_gid, ap->a_accmode, ap->a_cred, NULL)); } /* Index: sys/fs/cd9660/cd9660_vnops.c =================================================================== --- sys/fs/cd9660/cd9660_vnops.c (revision 184330) +++ sys/fs/cd9660/cd9660_vnops.c (working copy) @@ -125,14 +125,14 @@ cd9660_access(ap) struct vop_access_args /* { struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *a_td; } */ *ap; { struct vnode *vp = ap->a_vp; struct iso_node *ip = VTOI(vp); - mode_t mode = ap->a_mode; + accmode_t accmode = ap->a_accmode; if (vp->v_type == VCHR || vp->v_type == VBLK) return (EOPNOTSUPP); @@ -142,7 +142,7 @@ * fifo, or a block or character device resident on the * filesystem. */ - if (mode & VWRITE) { + if (accmode & VWRITE) { switch (vp->v_type) { case VDIR: case VLNK: @@ -155,7 +155,7 @@ } return (vaccess(vp->v_type, ip->inode.iso_mode, ip->inode.iso_uid, - ip->inode.iso_gid, ap->a_mode, ap->a_cred, NULL)); + ip->inode.iso_gid, ap->a_accmode, ap->a_cred, NULL)); } static int Index: sys/fs/cd9660/cd9660_vfsops.c =================================================================== --- sys/fs/cd9660/cd9660_vfsops.c (revision 184330) +++ sys/fs/cd9660/cd9660_vfsops.c (working copy) @@ -128,7 +128,7 @@ struct vnode *devvp; char *fspec; int error; - mode_t accessmode; + accmode_t accmode; struct nameidata ndp; struct iso_mnt *imp = 0; @@ -168,9 +168,9 @@ * Verify that user has necessary permissions on the device, * or has superuser abilities */ - accessmode = VREAD; + accmode = VREAD; vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY); - error = VOP_ACCESS(devvp, accessmode, td->td_ucred, td); + error = VOP_ACCESS(devvp, accmode, td->td_ucred, td); if (error) error = priv_check(td, PRIV_VFS_MOUNT_PERM); if (error) { Index: sys/fs/nwfs/nwfs_vnops.c =================================================================== --- sys/fs/nwfs/nwfs_vnops.c (revision 184330) +++ sys/fs/nwfs/nwfs_vnops.c (working copy) @@ -121,7 +121,7 @@ nwfs_access(ap) struct vop_access_args /* { struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *td; } */ *ap; @@ -131,7 +131,7 @@ struct nwmount *nmp = VTONWFS(vp); NCPVNDEBUG("\n"); - if ((ap->a_mode & VWRITE) && (vp->v_mount->mnt_flag & MNT_RDONLY)) { + if ((ap->a_accmode & VWRITE) && (vp->v_mount->mnt_flag & MNT_RDONLY)) { switch (vp->v_type) { case VREG: case VDIR: case VLNK: return (EROFS); @@ -142,7 +142,7 @@ mpmode = vp->v_type == VREG ? nmp->m.file_mode : nmp->m.dir_mode; return (vaccess(vp->v_type, mpmode, nmp->m.uid, - nmp->m.gid, ap->a_mode, ap->a_cred, NULL)); + nmp->m.gid, ap->a_accmode, ap->a_cred, NULL)); } /* * nwfs_open vnode op Index: sys/fs/msdosfs/msdosfs_vfsops.c =================================================================== --- sys/fs/msdosfs/msdosfs_vfsops.c (revision 184330) +++ sys/fs/msdosfs/msdosfs_vfsops.c (working copy) @@ -240,7 +240,7 @@ struct msdosfsmount *pmp = NULL; struct nameidata ndp; int error, flags; - mode_t accessmode; + accmode_t accmode; char *from; if (vfs_filteropt(mp->mnt_optnew, msdosfs_opts)) @@ -363,10 +363,10 @@ * If mount by non-root, then verify that user has necessary * permissions on the device. */ - accessmode = VREAD; + accmode = VREAD; if ((mp->mnt_flag & MNT_RDONLY) == 0) - accessmode |= VWRITE; - error = VOP_ACCESS(devvp, accessmode, td->td_ucred, td); + accmode |= VWRITE; + error = VOP_ACCESS(devvp, accmode, td->td_ucred, td); if (error) error = priv_check(td, PRIV_VFS_MOUNT_PERM); if (error) { Index: sys/fs/msdosfs/msdosfs_vnops.c =================================================================== --- sys/fs/msdosfs/msdosfs_vnops.c (revision 184330) +++ sys/fs/msdosfs/msdosfs_vnops.c (working copy) @@ -249,7 +249,7 @@ msdosfs_access(ap) struct vop_access_args /* { struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *a_td; } */ *ap; @@ -257,7 +257,8 @@ struct vnode *vp = ap->a_vp; struct denode *dep = VTODE(ap->a_vp); struct msdosfsmount *pmp = dep->de_pmp; - mode_t file_mode, mode = ap->a_mode; + mode_t file_mode; + accmode_t accmode = ap->a_accmode; file_mode = (S_IXUSR|S_IXGRP|S_IXOTH) | (S_IRUSR|S_IRGRP|S_IROTH) | ((dep->de_Attributes & ATTR_READONLY) ? 0 : (S_IWUSR|S_IWGRP|S_IWOTH)); @@ -267,7 +268,7 @@ * Disallow writing to directories and regular files if the * filesystem is read-only. */ - if (mode & VWRITE) { + if (accmode & VWRITE) { switch (vp->v_type) { case VDIR: case VREG: @@ -280,7 +281,7 @@ } return (vaccess(vp->v_type, file_mode, pmp->pm_uid, pmp->pm_gid, - ap->a_mode, ap->a_cred, NULL)); + ap->a_accmode, ap->a_cred, NULL)); } static int Index: sys/fs/udf/udf_vnops.c =================================================================== --- sys/fs/udf/udf_vnops.c (revision 184330) +++ sys/fs/udf/udf_vnops.c (working copy) @@ -139,13 +139,14 @@ { struct vnode *vp; struct udf_node *node; - mode_t a_mode, mode; + accmode_t accmode; + mode_t mode; vp = a->a_vp; node = VTON(vp); - a_mode = a->a_mode; + accmode = a->a_accmode; - if (a_mode & VWRITE) { + if (accmode & VWRITE) { switch (vp->v_type) { case VDIR: case VLNK: @@ -160,7 +161,7 @@ mode = udf_permtomode(node); return (vaccess(vp->v_type, mode, node->fentry->uid, node->fentry->gid, - a_mode, a->a_cred, NULL)); + accmode, a->a_cred, NULL)); } static int Index: sys/nfs4client/nfs4_vnops.c =================================================================== --- sys/nfs4client/nfs4_vnops.c (revision 184330) +++ sys/nfs4client/nfs4_vnops.c (working copy) @@ -301,7 +301,7 @@ * unless the file is a socket, fifo, or a block or character * device resident on the filesystem. */ - if ((ap->a_mode & VWRITE) && (vp->v_mount->mnt_flag & MNT_RDONLY)) { + if ((ap->a_accmode & VWRITE) && (vp->v_mount->mnt_flag & MNT_RDONLY)) { switch (vp->v_type) { case VREG: case VDIR: @@ -321,20 +321,20 @@ */ /* XXX Disable this for now; needs fixing of _access_otw() */ if (0 && v3) { - if (ap->a_mode & VREAD) + if (ap->a_accmode & VREAD) mode = NFSV3ACCESS_READ; else mode = 0; if (vp->v_type != VDIR) { - if (ap->a_mode & VWRITE) + if (ap->a_accmode & VWRITE) mode |= (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND); - if (ap->a_mode & VEXEC) + if (ap->a_accmode & VEXEC) mode |= NFSV3ACCESS_EXECUTE; } else { - if (ap->a_mode & VWRITE) + if (ap->a_accmode & VWRITE) mode |= (NFSV3ACCESS_MODIFY | NFSV3ACCESS_EXTEND | NFSV3ACCESS_DELETE); - if (ap->a_mode & VEXEC) + if (ap->a_accmode & VEXEC) mode |= NFSV3ACCESS_LOOKUP; } /* XXX safety belt, only make blanket request if caching */ @@ -370,16 +370,16 @@ } /* XXX use generic access code here? */ - mode = ap->a_mode & VREAD ? NFSV4ACCESS_READ : 0; + mode = ap->a_accmode & VREAD ? NFSV4ACCESS_READ : 0; if (vp->v_type == VDIR) { - if (ap->a_mode & VWRITE) + if (ap->a_accmode & VWRITE) mode |= NFSV4ACCESS_MODIFY | NFSV4ACCESS_EXTEND | NFSV4ACCESS_DELETE; - if (ap->a_mode & VEXEC) + if (ap->a_accmode & VEXEC) mode |= NFSV4ACCESS_LOOKUP; } else { - if (ap->a_mode & VWRITE) + if (ap->a_accmode & VWRITE) mode |= NFSV4ACCESS_MODIFY | NFSV4ACCESS_EXTEND; - if (ap->a_mode & VEXEC) + if (ap->a_accmode & VEXEC) mode |= NFSV4ACCESS_EXECUTE; } Index: sys/nfsserver/nfs_serv.c =================================================================== --- sys/nfsserver/nfs_serv.c (revision 184330) +++ sys/nfsserver/nfs_serv.c (working copy) @@ -138,7 +138,8 @@ SYSCTL_STRUCT(_vfs_nfsrv, NFS_NFSRVSTATS, nfsrvstats, CTLFLAG_RW, &nfsrvstats, nfsrvstats, "S,nfsrvstats"); -static int nfsrv_access(struct vnode *, int, struct ucred *, int, int); +static int nfsrv_access(struct vnode *, accmode_t, struct ucred *, + int, int); static void nfsrvw_coalesce(struct nfsrv_descript *, struct nfsrv_descript *); @@ -4234,8 +4235,8 @@ * will return EPERM instead of EACCESS. EPERM is always an error. */ static int -nfsrv_access(struct vnode *vp, int flags, struct ucred *cred, int rdonly, - int override) +nfsrv_access(struct vnode *vp, accmode_t accmode, struct ucred *cred, + int rdonly, int override) { struct vattr vattr; int error; @@ -4244,7 +4245,7 @@ nfsdbprintf(("%s %d\n", __FILE__, __LINE__)); - if (flags & VWRITE) { + if (accmode & VWRITE) { /* Just vn_writechk() changed to check rdonly */ /* * Disallow write attempts on read-only filesystems; @@ -4272,7 +4273,7 @@ error = VOP_GETATTR(vp, &vattr, cred); if (error) return (error); - error = VOP_ACCESS(vp, flags, cred, curthread); + error = VOP_ACCESS(vp, accmode, cred, curthread); /* * Allow certain operations for the owner (reads and writes * on files that are already open). Index: sys/compat/linux/linux_getcwd.c =================================================================== --- sys/compat/linux/linux_getcwd.c (revision 184330) +++ sys/compat/linux/linux_getcwd.c (working copy) @@ -307,7 +307,7 @@ struct vnode *uvp = NULL; char *bp = NULL; int error; - int perms = VEXEC; + accmode_t accmode = VEXEC; if (rvp == NULL) { rvp = fdp->fd_rdir; @@ -352,10 +352,10 @@ * whether or not caller cares. */ if (flags & GETCWD_CHECK_ACCESS) { - error = VOP_ACCESS(lvp, perms, td->td_ucred, td); + error = VOP_ACCESS(lvp, accmode, td->td_ucred, td); if (error) goto out; - perms = VEXEC|VREAD; + accmode = VEXEC|VREAD; } /* Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c =================================================================== --- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c (revision 184330) +++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c (working copy) @@ -3194,13 +3194,13 @@ zfs_freebsd_access(ap) struct vop_access_args /* { struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *a_td; } */ *ap; { - return (zfs_access(ap->a_vp, ap->a_mode, 0, ap->a_cred)); + return (zfs_access(ap->a_vp, ap->a_accmode, 0, ap->a_cred)); } static int Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ctldir.c =================================================================== --- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ctldir.c (revision 184330) +++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ctldir.c (working copy) @@ -237,14 +237,14 @@ zfsctl_common_access(ap) struct vop_access_args /* { struct vnode *a_vp; - int a_mode; + accmode_t a_accmode; struct ucred *a_cred; struct thread *a_td; } */ *ap; { - int mode = ap->a_mode; + accmode_t accmode = ap->a_accmode; - if (mode & VWRITE) + if (accmode & VWRITE) return (EACCES); return (0); Index: sys/cddl/compat/opensolaris/kern/opensolaris_policy.c =================================================================== --- sys/cddl/compat/opensolaris/kern/opensolaris_policy.c (revision 184330) +++ sys/cddl/compat/opensolaris/kern/opensolaris_policy.c (working copy) @@ -91,17 +91,17 @@ int secpolicy_vnode_access(struct ucred *cred, struct vnode *vp, uint64_t owner, - int mode) + accmode_t accmode) { - if ((mode & VREAD) && priv_check_cred(cred, PRIV_VFS_READ, 0) != 0) { + if ((accmode & VREAD) && priv_check_cred(cred, PRIV_VFS_READ, 0) != 0) { return (EACCES); } - if ((mode & VWRITE) && + if ((accmode & VWRITE) && priv_check_cred(cred, PRIV_VFS_WRITE, 0) != 0) { return (EACCES); } - if (mode & VEXEC) { + if (accmode & VEXEC) { if (vp->v_type == VDIR) { if (priv_check_cred(cred, PRIV_VFS_LOOKUP, 0) != 0) { return (EACCES); Index: sys/cddl/compat/opensolaris/sys/policy.h =================================================================== --- sys/cddl/compat/opensolaris/sys/policy.h (revision 184330) +++ sys/cddl/compat/opensolaris/sys/policy.h (working copy) @@ -46,7 +46,7 @@ int secpolicy_vnode_stky_modify(struct ucred *cred); int secpolicy_vnode_remove(struct ucred *cred); int secpolicy_vnode_access(struct ucred *cred, struct vnode *vp, - uint64_t owner, int mode); + uint64_t owner, accmode_t accmode); int secpolicy_vnode_setdac(struct ucred *cred, uid_t owner); int secpolicy_vnode_setattr(struct ucred *cred, struct vnode *vp, struct vattr *vap, const struct vattr *ovap, int flags, Index: sys/security/mac_test/mac_test.c =================================================================== --- sys/security/mac_test/mac_test.c (revision 184330) +++ sys/security/mac_test/mac_test.c (working copy) @@ -2326,7 +2326,7 @@ COUNTER_DECL(vnode_check_access); static int test_vnode_check_access(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int acc_mode) + struct label *vplabel, accmode_t accmode) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); @@ -2500,7 +2500,7 @@ COUNTER_DECL(vnode_check_open); static int test_vnode_check_open(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int acc_mode) + struct label *vplabel, accmode_t accmode) { LABEL_CHECK(cred->cr_label, MAGIC_CRED); Index: sys/security/mac/mac_vfs.c =================================================================== --- sys/security/mac/mac_vfs.c (revision 184330) +++ sys/security/mac/mac_vfs.c (working copy) @@ -362,13 +362,13 @@ } int -mac_vnode_check_access(struct ucred *cred, struct vnode *vp, int acc_mode) +mac_vnode_check_access(struct ucred *cred, struct vnode *vp, accmode_t accmode) { int error; ASSERT_VOP_LOCKED(vp, "mac_vnode_check_access"); - MAC_CHECK(vnode_check_access, cred, vp, vp->v_label, acc_mode); + MAC_CHECK(vnode_check_access, cred, vp, vp->v_label, accmode); return (error); } @@ -546,13 +546,13 @@ } int -mac_vnode_check_open(struct ucred *cred, struct vnode *vp, int acc_mode) +mac_vnode_check_open(struct ucred *cred, struct vnode *vp, accmode_t accmode) { int error; ASSERT_VOP_LOCKED(vp, "mac_vnode_check_open"); - MAC_CHECK(vnode_check_open, cred, vp, vp->v_label, acc_mode); + MAC_CHECK(vnode_check_open, cred, vp, vp->v_label, accmode); return (error); } Index: sys/security/mac/mac_framework.h =================================================================== --- sys/security/mac/mac_framework.h (revision 184330) +++ sys/security/mac/mac_framework.h (working copy) @@ -88,6 +88,7 @@ struct vop_setlabel_args; #include /* XXX acl_type_t */ +#include /* accmode_t */ /* * Entry points to the TrustedBSD MAC Framework from the remainder of the @@ -364,7 +365,7 @@ int mac_vnode_associate_extattr(struct mount *mp, struct vnode *vp); void mac_vnode_associate_singlelabel(struct mount *mp, struct vnode *vp); int mac_vnode_check_access(struct ucred *cred, struct vnode *vp, - int acc_mode); + accmode_t accmode); int mac_vnode_check_chdir(struct ucred *cred, struct vnode *dvp); int mac_vnode_check_chroot(struct ucred *cred, struct vnode *dvp); int mac_vnode_check_create(struct ucred *cred, struct vnode *dvp, @@ -390,7 +391,7 @@ int mac_vnode_check_mprotect(struct ucred *cred, struct vnode *vp, int prot); int mac_vnode_check_open(struct ucred *cred, struct vnode *vp, - int acc_mode); + accmode_t accmode); int mac_vnode_check_poll(struct ucred *active_cred, struct ucred *file_cred, struct vnode *vp); int mac_vnode_check_read(struct ucred *active_cred, Index: sys/security/mac/mac_policy.h =================================================================== --- sys/security/mac/mac_policy.h (revision 184330) +++ sys/security/mac/mac_policy.h (working copy) @@ -61,6 +61,7 @@ * alphabetically. */ #include /* XXX acl_type_t */ +#include /* XXX accmode_t */ struct acl; struct auditinfo; @@ -530,7 +531,8 @@ struct label *mplabel, struct vnode *vp, struct label *vplabel); typedef int (*mpo_vnode_check_access_t)(struct ucred *cred, - struct vnode *vp, struct label *vplabel, int acc_mode); + struct vnode *vp, struct label *vplabel, + accmode_t accmode); typedef int (*mpo_vnode_check_chdir_t)(struct ucred *cred, struct vnode *dvp, struct label *dvplabel); typedef int (*mpo_vnode_check_chroot_t)(struct ucred *cred, @@ -571,7 +573,8 @@ typedef int (*mpo_vnode_check_mprotect_t)(struct ucred *cred, struct vnode *vp, struct label *vplabel, int prot); typedef int (*mpo_vnode_check_open_t)(struct ucred *cred, - struct vnode *vp, struct label *vplabel, int acc_mode); + struct vnode *vp, struct label *vplabel, + accmode_t accmode); typedef int (*mpo_vnode_check_poll_t)(struct ucred *active_cred, struct ucred *file_cred, struct vnode *vp, struct label *vplabel); Index: sys/security/mac_bsdextended/ugidfw_vnode.c =================================================================== --- sys/security/mac_bsdextended/ugidfw_vnode.c (revision 184332) +++ sys/security/mac_bsdextended/ugidfw_vnode.c (working copy) @@ -62,10 +62,14 @@ int ugidfw_vnode_check_access(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int acc_mode) + struct label *vplabel, accmode_t accmode) { - return (ugidfw_check_vp(cred, vp, acc_mode)); + /* + * XXX: We pass accmode_t variable containing V* constants + * as an int containing MBI_* constants. + */ + return (ugidfw_check_vp(cred, vp, (int)accmode)); } int @@ -168,10 +172,14 @@ int ugidfw_vnode_check_open(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int acc_mode) + struct label *vplabel, accmode_t accmode) { - return (ugidfw_check_vp(cred, vp, acc_mode)); + /* + * XXX: We pass accmode_t variable containing V* constants + * as an int containing MBI_* constants. + */ + return (ugidfw_check_vp(cred, vp, (int)accmode)); } int Index: sys/security/mac_bsdextended/ugidfw_internal.h =================================================================== --- sys/security/mac_bsdextended/ugidfw_internal.h (revision 184332) +++ sys/security/mac_bsdextended/ugidfw_internal.h (working copy) @@ -52,7 +52,7 @@ * Vnode access control checks. */ int ugidfw_vnode_check_access(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int acc_mode); + struct label *vplabel, accmode_t accmode); int ugidfw_vnode_check_chdir(struct ucred *cred, struct vnode *dvp, struct label *dvplabel); int ugidfw_vnode_check_chroot(struct ucred *cred, struct vnode *dvp, @@ -81,7 +81,7 @@ int ugidfw_vnode_check_lookup(struct ucred *cred, struct vnode *dvp, struct label *dvplabel, struct componentname *cnp); int ugidfw_vnode_check_open(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int acc_mode); + struct label *vplabel, accmode_t accmode); int ugidfw_vnode_check_readdir(struct ucred *cred, struct vnode *dvp, struct label *dvplabel); int ugidfw_vnode_check_readdlink(struct ucred *cred, struct vnode *vp, Index: sys/security/mac_lomac/mac_lomac.c =================================================================== --- sys/security/mac_lomac/mac_lomac.c (revision 184330) +++ sys/security/mac_lomac/mac_lomac.c (working copy) @@ -2429,7 +2429,7 @@ static int lomac_vnode_check_open(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int acc_mode) + struct label *vplabel, accmode_t accmode) { struct mac_lomac *subj, *obj; @@ -2440,7 +2440,7 @@ obj = SLOT(vplabel); /* XXX privilege override for admin? */ - if (acc_mode & (VWRITE | VAPPEND | VADMIN)) { + if (accmode & (VWRITE | VAPPEND | VADMIN)) { if (!lomac_subject_dominate(subj, obj)) return (EACCES); } Index: sys/security/mac_mls/mac_mls.c =================================================================== --- sys/security/mac_mls/mac_mls.c (revision 184330) +++ sys/security/mac_mls/mac_mls.c (working copy) @@ -2505,7 +2505,7 @@ static int mls_vnode_check_open(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int acc_mode) + struct label *vplabel, accmode_t accmode) { struct mac_mls *subj, *obj; @@ -2516,11 +2516,11 @@ obj = SLOT(vplabel); /* XXX privilege override for admin? */ - if (acc_mode & (VREAD | VEXEC | VSTAT)) { + if (accmode & (VREAD | VEXEC | VSTAT)) { if (!mls_dominate_effective(subj, obj)) return (EACCES); } - if (acc_mode & (VWRITE | VAPPEND | VADMIN)) { + if (accmode & (VWRITE | VAPPEND | VADMIN)) { if (!mls_dominate_effective(obj, subj)) return (EACCES); } Index: sys/security/mac_biba/mac_biba.c =================================================================== --- sys/security/mac_biba/mac_biba.c (revision 184330) +++ sys/security/mac_biba/mac_biba.c (working copy) @@ -2882,7 +2882,7 @@ static int biba_vnode_check_open(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int acc_mode) + struct label *vplabel, accmode_t accmode) { struct mac_biba *subj, *obj; @@ -2893,11 +2893,11 @@ obj = SLOT(vplabel); /* XXX privilege override for admin? */ - if (acc_mode & (VREAD | VEXEC | VSTAT)) { + if (accmode & (VREAD | VEXEC | VSTAT)) { if (!biba_dominate_effective(obj, subj)) return (EACCES); } - if (acc_mode & (VWRITE | VAPPEND | VADMIN)) { + if (accmode & (VWRITE | VAPPEND | VADMIN)) { if (!biba_dominate_effective(subj, obj)) return (EACCES); } Index: sys/security/mac_stub/mac_stub.c =================================================================== --- sys/security/mac_stub/mac_stub.c (revision 184330) +++ sys/security/mac_stub/mac_stub.c (working copy) @@ -1022,7 +1022,7 @@ static int stub_vnode_check_access(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int acc_mode) + struct label *vplabel, accmode_t accmode) { return (0); @@ -1337,7 +1337,7 @@ static int stub_vnode_check_open(struct ucred *cred, struct vnode *vp, - struct label *vplabel, int acc_mode) + struct label *vplabel, accmode_t accmode) { return (0); Index: sys/sys/extattr.h =================================================================== --- sys/sys/extattr.h (revision 184330) +++ sys/sys/extattr.h (working copy) @@ -58,13 +58,14 @@ EXTATTR_NAMESPACE_SYSTEM_STRING } #ifdef _KERNEL +#include #define EXTATTR_MAXNAMELEN NAME_MAX struct thread; struct ucred; struct vnode; int extattr_check_cred(struct vnode *vp, int attrnamespace, - struct ucred *cred, struct thread *td, int access); + struct ucred *cred, struct thread *td, accmode_t accmode); #else #include Index: sys/sys/_types.h =================================================================== --- sys/sys/_types.h (revision 184330) +++ sys/sys/_types.h (working copy) @@ -47,6 +47,7 @@ typedef long __key_t; /* IPC key (for Sys V IPC) */ typedef __int32_t __lwpid_t; /* Thread ID (a.k.a. LWP) */ typedef __uint16_t __mode_t; /* permissions */ +typedef int __accmode_t; /* access permissions */ typedef int __nl_item; typedef __uint16_t __nlink_t; /* link count */ typedef __int64_t __off_t; /* file offset */ Index: sys/sys/types.h =================================================================== --- sys/sys/types.h (revision 184330) +++ sys/sys/types.h (working copy) @@ -205,6 +205,11 @@ #define _MODE_T_DECLARED #endif +#ifndef _ACCMODE_T_DECLARED +typedef __accmode_t accmode_t; /* access permissions */ +#define _ACCMODE_T_DECLARED +#endif + #ifndef _NLINK_T_DECLARED typedef __nlink_t nlink_t; /* link count */ #define _NLINK_T_DECLARED Index: sys/sys/vnode.h =================================================================== --- sys/sys/vnode.h (revision 184330) +++ sys/sys/vnode.h (working copy) @@ -309,7 +309,7 @@ #define IO_SEQSHIFT 16 /* seq heuristic in upper 16 bits */ /* - * Modes. Some values same as Ixxx entries from inode.h for now. + * Flags for accmode_t. */ #define VEXEC 000100 /* execute/search permission */ #define VWRITE 000200 /* write permission */ @@ -584,10 +584,10 @@ char **retbuf, char **freebuf); int vn_commname(struct vnode *vn, char *buf, u_int buflen); int vaccess(enum vtype type, mode_t file_mode, uid_t file_uid, - gid_t file_gid, mode_t acc_mode, struct ucred *cred, + gid_t file_gid, accmode_t accmode, struct ucred *cred, int *privused); int vaccess_acl_posix1e(enum vtype type, uid_t file_uid, - gid_t file_gid, struct acl *acl, mode_t acc_mode, + gid_t file_gid, struct acl *acl, accmode_t accmode, struct ucred *cred, int *privused); void vattr_null(struct vattr *vap); int vcount(struct vnode *vp);