/* * pfp_open_index is an internal function used to open a MAC device by * its index. Both a mac_handle_t and mac_client_handle_t are acquired * because some of the interfaces provided by the mac layer require either * only the mac_handle_t or both it and mac_handle_t. * * Whilst inside the kernel we can access data structures supporting any * zone, access to interfaces from non-global zones is restricted to those * interfaces (if any) that are exclusively assigned to a zone. */ static int pfp_open_index(int index, mac_handle_t *mhp, mac_client_handle_t *mcip, cred_t *cred) { mac_client_handle_t mch; zoneid_t ifzoneid; mac_handle_t mh; zoneid_t zoneid; int error; mh = 0; mch = 0; error = mac_open_by_linkid(index, &mh); if (error != 0) goto bad_open; error = mac_client_open(mh, &mch, NULL, MAC_OPEN_FLAGS_USE_DATALINK_NAME); if (error != 0) goto bad_open; zoneid = crgetzoneid(cred); if (zoneid != GLOBAL_ZONEID) { mac_perim_handle_t perim; mac_perim_enter_by_mh(mh, &perim); error = dls_link_getzid(mac_client_name(mch), &ifzoneid); mac_perim_exit(perim); if (error != 0) goto bad_open; if (ifzoneid != zoneid) { error = EACCES; goto bad_open; } } *mcip = mch; *mhp = mh; return (0); bad_open: if (mch != 0) mac_client_close(mch, 0); if (mh != 0) mac_close(mh); return (error); }
static const char * mac_bpf_client_name(uintptr_t chandle) { return (mac_client_name((mac_client_handle_t)chandle)); }