static int
quota_handle_cmd_getall(struct mount *mp, struct lwp *l,
prop_dictionary_t cmddict, int type, prop_array_t datas)
{
prop_array_t replies;
struct ufsmount *ump = VFSTOUFS(mp);
int error;
if ((ump->um_flags & UFS_QUOTA2) == 0)
return EOPNOTSUPP;
error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FS_QUOTA,
KAUTH_REQ_SYSTEM_FS_QUOTA_GET, mp, NULL, NULL);
if (error)
return error;
replies = prop_array_create();
if (replies == NULL)
return ENOMEM;
#ifdef QUOTA2
if (ump->um_flags & UFS_QUOTA2) {
error = quota2_handle_cmd_getall(ump, type, replies);
} else
#endif
panic("quota_handle_cmd_getall: no support ?");
if (!prop_dictionary_set_and_rel(cmddict, "data", replies)) {
error = ENOMEM;
} else {
error = 0;
}
return error;
}
static int
quota_handle_cmd_get_version(struct mount *mp, struct lwp *l,
prop_dictionary_t cmddict, prop_array_t datas)
{
struct ufsmount *ump = VFSTOUFS(mp);
prop_array_t replies;
prop_dictionary_t data;
int error = 0;
if ((ump->um_flags & (UFS_QUOTA|UFS_QUOTA2)) == 0)
return EOPNOTSUPP;
replies = prop_array_create();
if (replies == NULL)
return ENOMEM;
data = prop_dictionary_create();
if (data == NULL) {
prop_object_release(replies);
return ENOMEM;
}
#ifdef QUOTA
if (ump->um_flags & UFS_QUOTA) {
if (!prop_dictionary_set_int8(data, "version", 1))
error = ENOMEM;
} else
#endif
#ifdef QUOTA2
if (ump->um_flags & UFS_QUOTA2) {
if (!prop_dictionary_set_int8(data, "version", 2))
error = ENOMEM;
} else
#endif
error = 0;
if (error)
prop_object_release(data);
else if (!prop_array_add_and_rel(replies, data))
error = ENOMEM;
if (error)
prop_object_release(replies);
else if (!prop_dictionary_set_and_rel(cmddict, "data", replies))
error = ENOMEM;
return error;
}
/*
* npfctl_save: export the config dictionary as it was submitted,
* including the current snapshot of the connections. Additionally,
* indicate whether the ruleset is currently active.
*/
int
npfctl_save(u_long cmd, void *data)
{
struct plistref *pref = data;
prop_array_t rulelist, natlist, tables, rprocs, conlist;
prop_dictionary_t npf_dict = NULL;
int error;
rulelist = prop_array_create();
natlist = prop_array_create();
tables = prop_array_create();
rprocs = prop_array_create();
conlist = prop_array_create();
/*
* Serialise the connections and NAT policies.
*/
npf_config_enter();
error = npf_conndb_export(conlist);
if (error) {
goto out;
}
error = npf_ruleset_export(npf_config_ruleset(), rulelist);
if (error) {
goto out;
}
error = npf_ruleset_export(npf_config_natset(), natlist);
if (error) {
goto out;
}
error = npf_tableset_export(npf_config_tableset(), tables);
if (error) {
goto out;
}
error = npf_rprocset_export(npf_config_rprocs(), rprocs);
if (error) {
goto out;
}
prop_array_t alglist = npf_alg_export();
npf_dict = prop_dictionary_create();
prop_dictionary_set_uint32(npf_dict, "version", NPF_VERSION);
prop_dictionary_set_and_rel(npf_dict, "algs", alglist);
prop_dictionary_set_and_rel(npf_dict, "rules", rulelist);
prop_dictionary_set_and_rel(npf_dict, "nat", natlist);
prop_dictionary_set_and_rel(npf_dict, "tables", tables);
prop_dictionary_set_and_rel(npf_dict, "rprocs", rprocs);
prop_dictionary_set_and_rel(npf_dict, "conn-list", conlist);
prop_dictionary_set_bool(npf_dict, "active", npf_pfil_registered_p());
error = prop_dictionary_copyout_ioctl(pref, cmd, npf_dict);
out:
npf_config_exit();
if (!npf_dict) {
prop_object_release(rulelist);
prop_object_release(natlist);
prop_object_release(tables);
prop_object_release(rprocs);
prop_object_release(conlist);
} else {
prop_object_release(npf_dict);
}
return error;
}
static int
quota_handle_cmd_clear(struct mount *mp, struct lwp *l,
prop_dictionary_t cmddict, int type, prop_array_t datas)
{
prop_array_t replies;
prop_object_iterator_t iter;
prop_dictionary_t data;
uint32_t id;
struct ufsmount *ump = VFSTOUFS(mp);
int error, defaultq = 0;
const char *idstr;
if ((ump->um_flags & UFS_QUOTA2) == 0)
return EOPNOTSUPP;
replies = prop_array_create();
if (replies == NULL)
return ENOMEM;
iter = prop_array_iterator(datas);
if (iter == NULL) {
prop_object_release(replies);
return ENOMEM;
}
while ((data = prop_object_iterator_next(iter)) != NULL) {
if (!prop_dictionary_get_uint32(data, "id", &id)) {
if (!prop_dictionary_get_cstring_nocopy(data, "id",
&idstr))
continue;
if (strcmp(idstr, "default"))
continue;
id = 0;
defaultq = 1;
} else {
defaultq = 0;
}
error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FS_QUOTA,
KAUTH_REQ_SYSTEM_FS_QUOTA_MANAGE, mp, KAUTH_ARG(id), NULL);
if (error != 0)
goto err;
#ifdef QUOTA2
if (ump->um_flags & UFS_QUOTA2) {
error = quota2_handle_cmd_clear(ump, type, id, defaultq,
data);
} else
#endif
panic("quota_handle_cmd_get: no support ?");
if (error && error != ENOENT)
goto err;
}
prop_object_iterator_release(iter);
if (!prop_dictionary_set_and_rel(cmddict, "data", replies)) {
error = ENOMEM;
} else {
error = 0;
}
return error;
err:
prop_object_iterator_release(iter);
prop_object_release(replies);
return error;
}
static int
quota_handle_cmd_get(struct mount *mp, struct lwp *l,
prop_dictionary_t cmddict, int type, prop_array_t datas)
{
prop_array_t replies;
prop_object_iterator_t iter;
prop_dictionary_t data;
uint32_t id;
struct ufsmount *ump = VFSTOUFS(mp);
int error, defaultq = 0;
const char *idstr;
if ((ump->um_flags & (UFS_QUOTA|UFS_QUOTA2)) == 0)
return EOPNOTSUPP;
replies = prop_array_create();
if (replies == NULL)
return ENOMEM;
iter = prop_array_iterator(datas);
if (iter == NULL) {
prop_object_release(replies);
return ENOMEM;
}
while ((data = prop_object_iterator_next(iter)) != NULL) {
if (!prop_dictionary_get_uint32(data, "id", &id)) {
if (!prop_dictionary_get_cstring_nocopy(data, "id",
&idstr))
continue;
if (strcmp(idstr, "default")) {
error = EINVAL;
goto err;
}
id = 0;
defaultq = 1;
} else {
defaultq = 0;
}
error = quota_get_auth(mp, l, id);
if (error == EPERM)
continue;
if (error != 0)
goto err;
#ifdef QUOTA
if (ump->um_flags & UFS_QUOTA)
error = quota1_handle_cmd_get(ump, type, id, defaultq,
replies);
else
#endif
#ifdef QUOTA2
if (ump->um_flags & UFS_QUOTA2) {
error = quota2_handle_cmd_get(ump, type, id, defaultq,
replies);
} else
#endif
panic("quota_handle_cmd_get: no support ?");
if (error == ENOENT)
continue;
if (error != 0)
goto err;
}
prop_object_iterator_release(iter);
if (!prop_dictionary_set_and_rel(cmddict, "data", replies)) {
error = ENOMEM;
} else {
error = 0;
}
return error;
err:
prop_object_iterator_release(iter);
prop_object_release(replies);
return error;
}
