diff options
author | Miles Bader <miles@gnu.org> | 1996-10-08 18:39:36 +0000 |
---|---|---|
committer | Miles Bader <miles@gnu.org> | 1996-10-08 18:39:36 +0000 |
commit | b64d8c2ef5e87066ffb7de7db0848663fe7df6d0 (patch) | |
tree | e804c6c8a28c6118036fcf368c45cb96e8d19063 /libstore | |
parent | ff2e40845b969f2f8249a9294d212ca730592736 (diff) |
(STORE_INNOCUOUS, STORE_INACTIVE):
New macros.
(store_is_securely_returnable):
New function.
<fcntl.h>:
New include.
Diffstat (limited to 'libstore')
-rw-r--r-- | libstore/store.h | 37 |
1 files changed, 29 insertions, 8 deletions
diff --git a/libstore/store.h b/libstore/store.h index e41f3079..198ddb16 100644 --- a/libstore/store.h +++ b/libstore/store.h @@ -24,6 +24,7 @@ #define __STORE_H__ #include <sys/types.h> +#include <fcntl.h> #include <mach.h> #include <device/device.h> @@ -101,10 +102,13 @@ struct store #define STORE_GENERIC_FLAGS (STORE_READONLY | STORE_NO_FILEIO) /* Flags implemented by each backend. */ -#define STORE_HARD_READONLY 0x0400 /* Can't be made writable. */ -#define STORE_ENFORCED 0x0800 /* Range is enforced by device. */ -#define STORE_BACKEND_SPEC_BASE 0x1000 /* Here up are backend-specific */ +#define STORE_HARD_READONLY 0x1000 /* Can't be made writable. */ +#define STORE_ENFORCED 0x2000 /* Range is enforced by device. */ +#define STORE_INACTIVE 0x4000 /* Not in a usable state. */ +#define STORE_INNOCUOUS 0x8000 /* Cannot modify anything dangerous. */ +#define STORE_BACKEND_SPEC_BASE 0x10000 /* Here up are backend-specific */ #define STORE_BACKEND_FLAGS (STORE_HARD_READONLY | STORE_ENFORCED \ + | STORE_INACTIVE \ | ~(STORE_BACKEND_SPEC_BASE - 1)) typedef error_t (*store_write_meth_t)(struct store *store, @@ -184,11 +188,15 @@ struct store_class const struct store_class *const *classes); }; -/* Return a new store in STORE, which refers to the storage underlying - SOURCE. CLASSES is used to select classes specified by the provider; if - it is 0, STORE_STD_CLASSES is used. FLAGS is set with store_set_flags. A - reference to SOURCE is created (but may be destroyed with - store_close_source). */ + +/* Return a new store in STORE, which refers to the storage underlying SOURCE. + CLASSES is used to select classes specified by the provider; if it is 0, + STORE_STD_CLASSES is used. FLAGS is set with store_set_flags, with the + exception of STORE_INACTIVE, which merely indicates that no attempt should + be made to activate an inactive store; if STORE_INACTIVE is not specified, + and the store returned for SOURCE is inactive, an attempt is made to + activate it (failure of which causes an error to be returned). A reference + to SOURCE is created (but may be destroyed with store_close_source). */ error_t store_create (file_t source, int flags, const struct store_class *const *classes, struct store **store); @@ -229,6 +237,19 @@ error_t store_set_flags (struct store *store, int flags); /* Remove FLAGS from STORE's currently set flags. */ error_t store_clear_flags (struct store *store, int flags); +/* Returns true if STORE can safely be returned to a user who has accessed it + via a node using OPEN_FLAGS, without compromising security. */ +extern inline int +store_is_securely_returnable (struct store *store, int open_flags) +{ + int flags = store->flags; + return + (flags & (STORE_INNOCUOUS | STORE_INACTIVE)) + || ((flags & STORE_ENFORCED) + && (((open_flags & O_ACCMODE) == O_RDWR) + || (flags & STORE_HARD_READONLY))); +} + /* Fills in the values of the various fields in STORE that are derivable from the set of runs & the block size. */ void _store_derive (struct store *store); |