COMPILATION LISTING OF SEGMENT mseg_check_access_ Compiled by: Multics PL/I Compiler, Release 30, of February 16, 1988 Compiled at: Honeywell Bull, Phoenix AZ, SysM Compiled on: 08/09/88 1516.4 mst Tue Options: optimize map 1 /****^ *********************************************************** 2* * * 3* * Copyright, (C) Honeywell Bull Inc., 1987 * 4* * * 5* * Copyright, (C) Honeywell Information Systems Inc., 1985 * 6* * * 7* *********************************************************** */ 8 9 10 /****^ HISTORY COMMENTS: 11* 1) change(85-07-19,Palter), approve(86-02-20,MCR7345), 12* audit(86-02-21,MSharpe), install(86-07-11,MR12.0-1092): 13* Changed to not turn error_table_$noentry into error_table_$no_info if the 14* directory name given to the file entrypoint is a link to a directory to 15* which the user has status permission. 16* 2) change(85-07-24,Palter), approve(86-02-20,MCR7345), 17* audit(86-02-21,MSharpe), install(86-07-11,MR12.0-1092): 18* Return the new error code error_table_$not_own_message when asked to read 19* or read&delete a message through an own gate which is not an own message 20* and the user has sufficient access to perform the operation if a non-own 21* gate were used. 22* 3) change(86-06-11,Lippard), approve(86-07-10,MCR7441), 23* audit(86-08-05,GDixon), install(86-08-06,MR12.0-1118): 24* Modified by Jim Lippard to allow courtesy upgrades of messages to 25* recipient's access class. 26* 4) change(86-10-29,Lippard), approve(86-11-24,MCR7578), 27* audit(87-07-13,Dickson), install(87-08-06,MR12.1-1067): 28* Modified to use error_table_$bad_file_name instead of $badstar and to 29* call access_audit_r1_$(check log)_general when there is no valid mseg ptr. 30* 5) change(88-08-08,Lippard), approve(88-05-02,PBF7881), 31* audit(88-08-09,Farley), install(88-09-88,MR12.2-1084): 32* Corrected fix for when to call (check log)_general entrypoints. 33* (phx20094) Also changed to generate audit messages when an 34* entry's audit switch is on. 35* END HISTORY COMMENTS */ 36 37 /* 38* mseg_check_access_ - procedure to calculate validity of access to 39* a given message segment and to log the query appropriately. 40* 41* written February 1985 by M. Pandolf 42* modified March 1985 by M. Pandolf to remove name checking 43* to use seg ptrs as a rule 44* to save access_info per ring 1 call 45* modified April 1985 by M. Pandolf for misc bug fixes 46* Modified 1985-04-16, BIM: restructure. 47* Modified: 6 May 1985 by G Palter to censor error codes properly 48**/ 49 50 /* format: style3,idind30 */ 51 52 mseg_check_access_: 53 procedure (p_mseg_operation_ptr, p_status); 54 55 return; /* not an entrypoint */ 56 57 58 /* Parameters */ 59 60 dcl p_mseg_operation_ptr pointer parameter; 61 dcl p_status fixed bin (35) parameter; 62 63 64 /* Automatic */ 65 66 dcl initiate_failure bit (1) aligned; 67 68 dcl 1 parent_access_info aligned like entry_access_info; 69 dcl parent_access_info_valid bit (1) aligned; 70 71 dcl link_dir_name character (168); 72 dcl link_entryname character (32); 73 74 dcl entry_type fixed bin; 75 dcl status fixed bin (35); 76 dcl used_privilege bit (1) aligned; 77 dcl use_ai_restricted bit (1) aligned; 78 79 80 /* Constants */ 81 82 declare ( 83 SEGMENT init (1), 84 MESSAGE init (2), 85 CHECK init (3) 86 ) fixed bin int static options (constant); 87 88 declare ( 89 DONT_CHASE initial (0), 90 CHASE initial (1) 91 ) fixed binary (1) static options (constant); 92 93 94 /* Static, External */ 95 96 dcl ( 97 error_table_$ai_restricted, 98 error_table_$bad_file_name, 99 error_table_$incorrect_access, 100 error_table_$invalid_lock_reset, 101 error_table_$moderr, 102 error_table_$no_info, 103 error_table_$no_message, 104 error_table_$noentry, 105 error_table_$not_own_message, 106 error_table_$not_seg_type, 107 error_table_$oosw 108 ) fixed binary (35) external; 109 110 dcl ( 111 sys_info$dir_privilege, 112 sys_info$ring1_privilege 113 ) bit (36) aligned external; 114 115 116 /* Entries */ 117 dcl access_audit_r1_$check_general 118 entry () options (variable) returns (bit (1) aligned); 119 dcl access_audit_r1_$check_obj_class 120 entry () options (variable) returns (bit (1) aligned); 121 dcl access_audit_r1_$check_obj_path 122 entry () options (variable) returns (bit (1) aligned); 123 dcl access_audit_r1_$check_obj_ptr 124 entry () options (variable) returns (bit (1) aligned); 125 dcl access_audit_r1_$log_general entry () options (variable); 126 dcl access_audit_r1_$log_obj_class 127 entry () options (variable); 128 dcl access_audit_r1_$log_obj_path entry () options (variable); 129 dcl access_audit_r1_$log_obj_ptr entry () options (variable); 130 dcl admin_gate_$admin_level_no_fs_audit 131 entry (fixed binary (3)); 132 dcl aim_check_$greater entry (bit (72) aligned, bit (72) aligned) returns (bit (1) aligned); 133 dcl aim_check_$equal entry (bit (72) aligned, bit (72) aligned) returns (bit (1) aligned); 134 dcl aim_check_$greater_or_equal entry (bit (72) aligned, bit (72) aligned) returns (bit (1) aligned); 135 dcl hcs_$fs_get_path_name entry (pointer, character (*), fixed binary, character (*), fixed binary (35)); 136 dcl hcs_$get_access_info entry (char (*), char (*), fixed bin (1), ptr, fixed bin (35)); 137 dcl hcs_$get_access_info_seg entry (ptr, ptr, fixed bin (35)); 138 dcl hcs_$get_link_target entry (char (*), char (*), char (*), char (*), fixed bin (35)); 139 dcl hcs_$level_set entry (fixed bin (3)); 140 dcl pathname_ entry (char (*), char (*)) returns (char (168)); 141 dcl read_allowed_ entry (bit (72) aligned, bit (72) aligned) returns (bit (1) aligned); 142 dcl read_write_allowed_ entry (bit (72) aligned, bit (72) aligned) returns (bit (1) aligned); 143 dcl write_allowed_ entry (bit (72) aligned, bit (72) aligned) returns (bit (1) aligned); 144 dcl set_lock_$lock entry (bit (36) aligned, fixed binary, fixed binary (35)); 145 dcl sub_err_ entry () options (variable); 146 147 148 /* Builtins */ 149 150 dcl (addr, after, before, index, length, null, reverse, size, string, substr) 151 builtin; 152 153 /**** This entrypoint is called when we have an actual message 154* that we propose to delete, read, or update */ 155 156 message: 157 entry (p_mseg_operation_ptr, p_status); 158 159 160 entry_type = MESSAGE; 161 initiate_failure = "0"b; 162 163 /**** We do this work in-line here since it has little or nothing 164* to do with the segment/check entrypoints. */ 165 166 status = 0; 167 168 mseg_operation_ptr = p_mseg_operation_ptr; 169 mseg_access_operation_ptr = addr (mseg_access_operations_$data (mseg_operation.access_operation)); 170 171 used_privilege = "0"b; 172 use_ai_restricted = "0"b; /* ON => audit as AIM restricted but return no_message */ 173 174 call check_message_access (); 175 176 if mseg_operation.suppress_access_checks = "0"b /* only audit if we actually made access checks ... */ 177 then if use_ai_restricted 178 then call audit_operation (error_table_$ai_restricted); 179 else call audit_operation (status); 180 181 go to exit; 182 183 184 check_message_access: 185 procedure (); 186 187 declare aim_code fixed bin (35); 188 declare owner_code fixed bin (35); 189 190 aim_code, owner_code = 0; 191 md_ptr = mseg_operation.md_ptr; 192 193 if (mseg_operation.access_operation = mseg_access_operations_$read_own_message) 194 | (mseg_operation.access_operation = mseg_access_operations_$read_delete_own_message) 195 then /*** The user has asked to only operate on his own messages */ 196 if owner_matches () 197 then owner_code = 0; 198 else if mseg_operation.access_info_valid 199 & ((mseg_operation.access_info.extended_access_modes & MSEG_R_ACCESS) ^= ""b) 200 then /*** The user has read access and, therefore, is allowed 201* to find out the he did specify a real message. */ 202 owner_code = error_table_$not_own_message; 203 else owner_code = error_table_$no_message; 204 205 else if mseg_operation.only_own_access 206 then /*** We had to substitute own access for read and/or delete 207* access in order to allow this operation to get this far. */ 208 if owner_matches () 209 then owner_code = 0; 210 else if mseg_operation.access_info_valid 211 & ((mseg_operation.access_info.extended_access_modes & MSEG_R_ACCESS) ^= ""b) 212 then /*** We substituted own for delete as the user has read 213* access -- Therefore we can tell the user that he lacks 214* the appropriate access to modify the message as he 215* does have enough access to find out it exists. */ 216 owner_code = error_table_$moderr; 217 else owner_code = error_table_$no_message; 218 219 else owner_code = 0; 220 221 if mseg_operation.suppress_access_checks /* all we are doing is checking owner-ness */ 222 then do; 223 if owner_code ^= 0 224 then status = error_table_$no_message; 225 return; 226 end; 227 228 if mseg_access_operation.mseg_access_op_index = MSEG_READ_MESSAGE 229 then do; 230 if ^aim_check_$greater_or_equal (mseg_operation.caller.authorization, 231 message_descriptor.ms_access_class) 232 then if ((mseg_operation.caller.privileges & sys_info$ring1_privilege) ^= ""b) 233 then used_privilege = "1"b; 234 else do; 235 aim_code = error_table_$no_message; 236 use_ai_restricted = "1"b; 237 end; 238 else ; /* authorization is OK */ 239 end; 240 241 else if mseg_access_operation.mseg_access_op_index = MSEG_MODIFY_MESSAGE 242 then do; 243 if ^aim_check_$equal (mseg_operation.caller.authorization, message_descriptor.ms_access_class) 244 then if ((mseg_operation.caller.privileges & sys_info$ring1_privilege) ^= ""b) 245 then used_privilege = "1"b; 246 else if 247 aim_check_$greater (mseg_operation.caller.authorization, message_descriptor.ms_access_class) 248 then aim_code = error_table_$ai_restricted; 249 else do; 250 aim_code = error_table_$no_message; 251 use_ai_restricted = "1"b; 252 end; 253 end; 254 255 256 /**** Now invent the correct status code. If we were willing to 257* return ai_restricted, then we are willing to inform the user 258* that the message exists, and so we return the owner code (if any). 259* If the aim code was no_message, meaning that we are not willing 260* to reveal the existence of the message, then we must return that. */ 261 262 if aim_code = error_table_$ai_restricted & owner_code ^= 0 263 then status = owner_code; 264 else if aim_code ^= 0 265 then status = aim_code; 266 else status = owner_code; 267 268 return; 269 270 271 owner_matches: 272 procedure returns (bit (1) aligned); 273 274 declare name char (32) varying; 275 declare message_name char (32) varying; 276 277 name = before (mseg_operation.caller.group_id, "."); 278 /* assume user name is relevant to begin with */ 279 message_name = before (message_descriptor.sender_id, "."); 280 281 if message_name = "anonymous" 282 then if name ^= "anonymous" 283 then return ("0"b); /* only anon can own anon */ 284 285 if name = "anonymous" /* nope, project is important */ 286 then do; 287 name = before (after (mseg_operation.caller.group_id, "."), "."); 288 /* PROJECT */ 289 message_name = before (after (message_descriptor.sender_id, "."), "."); 290 /* PROJECT */ 291 end; 292 293 return (name = message_name); 294 295 end owner_matches; 296 297 end check_message_access; 298 299 /**** This entrypoint is called for segment-level access checks. 300* It respects mseg_access_operation.dont_audit_success. 301* Those operations are audited when the $message entrypoint is called */ 302 303 segment: 304 entry (p_mseg_operation_ptr, p_status); 305 306 entry_type = SEGMENT; 307 initiate_failure = "0"b; 308 go to COMMON; 309 310 311 /**** This entrypoint is called for a few cases where the situation 312* is so intricate that the caller takes responsibility for 313* the audit situation. */ 314 315 check: 316 entry (p_mseg_operation_ptr, p_status); 317 318 entry_type = CHECK; 319 initiate_failure = "0"b; 320 321 COMMON: 322 p_status = 0; 323 324 mseg_operation_ptr = p_mseg_operation_ptr; 325 if mseg_operation.suppress_access_checks 326 then return; 327 328 if ^mseg_operation.mseg_ptr_valid & ^mseg_operation.mseg_pathname_valid 329 then call sub_err_ (0, "mseg_check_access_", ACTION_CANT_RESTART, null (), (0), 330 "Neither a pathname nor a segment pointer was supplied."); 331 332 used_privilege = "0"b; 333 mseg_access_operation_ptr = addr (mseg_access_operations_$data (mseg_operation.access_operation)); 334 335 336 /**** Obtain access information needed to validate the user's access. As our 337* validation level is now lower than the user's, we can learn things about 338* the segment that the user isn't allowed to know. We must be sure to 339* translate any error codes obtain through this knowlege into 340* error_table_$no_info. */ 341 342 parent_access_info_valid = "0"b; 343 344 if mseg_access_operation.mseg_access_op_index = MSEG_CREATE_SEG 345 then do; 346 347 /**** Creation is different from the other operations in that we expect that 348* the segment doesn't exist. Therefore, we must find the true pathname 349* of the segment by chasing the link ourself and, as the segment is assumed 350* to not exist, we need only check that it will have a proper name. We 351* chase the link using the user's validation rather than our own to insure 352* that get_link_target returns the status code that the user would see. */ 353 354 call hcs_$level_set (mseg_operation.caller.validation_level); 355 call hcs_$get_link_target (mseg_operation.dir_name, mseg_operation.entryname, link_dir_name, 356 link_entryname, status); 357 if mseg_operation.call_admin_gate 358 then call admin_gate_$admin_level_no_fs_audit ((0)); 359 else call hcs_$level_set (mseg_data_$execution_ring); 360 361 if (status ^= 0) & (status ^= error_table_$noentry) 362 then go to audit_and_exit; /* it's already the proper code */ 363 364 mseg_operation.dir_name = link_dir_name;/* be sure to use the "chased" pathname */ 365 mseg_operation.entryname = link_entryname; 366 mseg_operation.access_info.extended_access_modes = MSEG_NULL_ACCESS; 367 /* above will force censor_if_neeed into action */ 368 369 if ^valid_name (mseg_operation.entryname) 370 then do; 371 status = censor_if_needed (error_table_$bad_file_name); 372 go to audit_and_exit; 373 end; 374 end; 375 376 377 else if mseg_operation.access_info_valid = "0"b 378 then do; 379 if mseg_operation.mseg_ptr_valid 380 then call hcs_$get_access_info_seg (mseg_operation.mseg_ptr, addr (mseg_operation.access_info), 381 status); 382 else call hcs_$get_access_info (mseg_operation.dir_name, mseg_operation.entryname, 1 /* chase */, 383 addr (mseg_operation.access_info), status); 384 if status ^= 0 385 then do; 386 status = censor_if_needed (status); 387 go to audit_and_exit; 388 end; 389 mseg_operation.access_info_valid = "1"b; 390 if ^valid_segment () 391 then do; 392 status = censor_if_needed (error_table_$not_seg_type); 393 go to audit_and_exit; 394 end; 395 end; 396 397 398 /**** Check access based upon discretionary and mandatory controls. As message 399* segments do not yet have extended ring brackets, the only ring bracket 400* check that must be made is when the user does not have the proper 401* discretionary access (i.e., extended modes). In this case, while we may 402* be able to tell the exact error in our ring, the branch's parent's ring 403* brackets may prohibit us from telling the user and we must then return 404* error_table_$no_info. */ 405 406 status = 0; 407 408 if acl_ok_for_operation (status) 409 then if aim_ok_for_operation () 410 then ; 411 else status = error_table_$ai_restricted; 412 /*** acl_ok_for_operation will set status to proper value */ 413 414 415 /**** Audit the success/failure of the operation if appropriate */ 416 417 audit_and_exit: 418 call audit_operation (status); 419 420 exit: 421 p_status = status; 422 423 return; 424 425 /**** This entrypoint is called by mseg_mbx_ms_gate_target_ if its call to 426* mseg_$initiate_seg fails. The purpose of this entrypoint is to audit 427* the failure of the operation being attempted by the gate target. 428* Further, this entrypoint is responsible for censoring the error code 429* returned to the user of the gate because, as we are normally at a 430* lower validation level than the user, we can determine more about the 431* failure to initiate the segment than the user should be allowed 432* to know. */ 433 434 audit_initiate_failure: 435 entry (p_mseg_operation_ptr, p_status); 436 437 entry_type = SEGMENT; /* we want the audit */ 438 initiate_failure = "1"b; 439 440 mseg_operation_ptr = p_mseg_operation_ptr; 441 mseg_access_operation_ptr = addr (mseg_access_operations_$data (mseg_operation.access_operation)); 442 443 parent_access_info_valid = "0"b; /* censor_if_needed must find the parent's access */ 444 mseg_operation.access_info.extended_access_modes = MSEG_NULL_ACCESS; 445 status = censor_if_needed (p_status); 446 447 used_privilege = ((mseg_operation.caller.privileges & sys_info$ring1_privilege) ^= ""b); 448 call audit_operation (status); 449 450 p_status = status; /* be sure the gate returns the right code */ 451 452 return; 453 454 valid_segment: 455 procedure () returns (bit (1) aligned); 456 457 dcl bracket fixed bin; 458 459 if mseg_operation.access_info.type ^= 1 /* seg */ 460 then return ("0"b); 461 462 do bracket = 1 to 3; 463 if mseg_operation.access_info.ring_brackets (bracket) ^= mseg_data_$execution_ring 464 then return ("0"b); 465 end; 466 467 return (valid_name (mseg_operation.access_info.entryname)); 468 469 end valid_segment; 470 471 472 valid_name: 473 procedure (p_entryname) returns (bit (1) aligned); 474 475 dcl p_entryname character (32) parameter; 476 dcl xiffus_index fixed bin; 477 dcl name_length fixed bin; 478 479 name_length = length (p_entryname); 480 481 xiffus_index = index (reverse (p_entryname), ".");/* suffix backwards, silly */ 482 483 if xiffus_index = 0 484 then return ("0"b); 485 486 if mseg_operation.type = MSEG_TYPE_MBX 487 then if substr (p_entryname, name_length - xiffus_index + 2) ^= "mbx" 488 then return ("0"b); 489 490 if mseg_operation.type = MSEG_TYPE_MS 491 then if substr (p_entryname, name_length - xiffus_index + 2) ^= "ms" 492 then return ("0"b); 493 494 return ("1"b); 495 496 end valid_name; 497 498 /**** Censor the status code we want to return to the user if appropriate -- 499* As we are usually running with a lower validation level than the user, 500* we can often determine certain things about the segment that the user 501* can not determine on his own. In particular, if the user were to make 502* one of the calls which we made from his validation level, where his real 503* effective access to the segment would be null, ring 0 will return 504* error_table_$no_info unless the user has non-null effective access to 505* the segment's parent. Therefore, we must do the same. We do this by 506* changing any code to be returned into error_table_$no_info if the user 507* has both null extended access to the segment and null effective access 508* to the parent. We use the extended access to the segment rather than 509* the real access to decide when we should censor as the extended access 510* is what the user considers to be his real access to the segment. */ 511 512 censor_if_needed: 513 procedure (p_return_status) returns (fixed binary (35)); 514 515 dcl p_return_status fixed binary (35); 516 517 dcl parent_dir_name character (168); 518 dcl chase_the_parent fixed binary (1); 519 dcl code fixed binary (35); 520 521 522 if (p_return_status ^= error_table_$bad_file_name) & (p_return_status ^= error_table_$incorrect_access) 523 & (p_return_status ^= error_table_$moderr) & (p_return_status ^= error_table_$noentry) 524 & (p_return_status ^= error_table_$not_seg_type) 525 then return (p_return_status); /* only censor codes that user may not be able to determine */ 526 527 if parent_access_info_valid = "0"b 528 then do; 529 530 /**** We need to determine the parent's effective access. First we must get 531* the pathname. As this procedure can be called before the access_info of 532* the segment has been determined, we may have to look in several places to 533* find the parent's name. */ 534 535 if mseg_operation.access_info_valid 536 then do; 537 parent_dir_name = mseg_operation.access_info.dir_name; 538 chase_the_parent = DONT_CHASE; 539 end; 540 541 else if mseg_operation.mseg_pathname_valid 542 then do; 543 parent_dir_name = mseg_operation.dir_name; 544 chase_the_parent = CHASE; 545 end; 546 547 else /*** if mseg_operation.mseg_ptr_valid then */ 548 do; 549 call hcs_$fs_get_path_name (mseg_operation.mseg_ptr, parent_dir_name, (0), ((32)" "), code); 550 if code ^= 0 /* only fails if parent and segment access both null */ 551 then return (error_table_$no_info); 552 chase_the_parent = DONT_CHASE; 553 end; 554 555 parent_access_info.version = ENTRY_ACCESS_INFO_VERSION_1; 556 557 call hcs_$get_access_info (parent_dir_name, "", chase_the_parent, addr (parent_access_info), code); 558 if code ^= 0 /* failure implies no access on the parent */ 559 then return (error_table_$no_info); 560 561 /**** As our execution ring is always lower (or equal) to our caller's 562* validation level, we must factor the directory ring brackets into our 563* effective access on the parent ourselves. */ 564 565 if mseg_operation.caller.validation_level > parent_access_info.ring_brackets (1) 566 then /*** outside of modify bracket -- remove M and A access */ 567 parent_access_info.effective_access_modes = 568 parent_access_info.effective_access_modes & ^(A_ACCESS | M_ACCESS); 569 570 if mseg_operation.caller.validation_level > parent_access_info.ring_brackets (2) 571 then /*** outside of status bracket -- remove S access */ 572 parent_access_info.effective_access_modes = 573 parent_access_info.effective_access_modes & ^(S_ACCESS); 574 575 parent_access_info_valid = "1"b; 576 end; 577 578 /**** Now that we have the parent's effective access based on the user's 579* validation, we can properly censor the status code we want to return. */ 580 581 if ((mseg_operation.access_info.extended_access_modes & MSEG_FULL_ACCESS) = ""b) 582 & ((parent_access_info.effective_access_modes & SMA_ACCESS) = ""b) 583 then return (error_table_$no_info); 584 else return (p_return_status); 585 586 end censor_if_needed; 587 588 acl_ok_for_operation: 589 procedure (return_status) returns (bit (1) aligned); 590 591 declare return_status fixed bin (35); 592 declare grant_on_ex_access bit (1) aligned; 593 594 grant_on_ex_access = ex_acl_ok (); /* check if extended access is OK */ 595 596 if mseg_access_operation.flags.dir_modes_or_ex_modes 597 then if grant_on_ex_access 598 then return ("1"b); 599 else return (parent_access_ok ()); 600 601 if ^grant_on_ex_access 602 then do; 603 return_status = censor_if_needed (error_table_$moderr); 604 return ("0"b); 605 end; 606 607 if mseg_access_operation.flags.dir_modes 608 then return (parent_access_ok ()); 609 610 else return ("1"b); 611 612 613 ex_acl_ok: 614 procedure returns (bit (1) aligned); 615 616 declare test_mode bit (36) aligned; 617 618 if mseg_access_operation.flags.no_modes 619 then return ("1"b); 620 621 if mseg_access_operation.flags.non_null_modes 622 then return ((mseg_operation.access_info.extended_access_modes & MSEG_FULL_ACCESS) ^= ""b); 623 624 /**** O mode is handled as follows: if all the requested x modes are present, 625* then we are fine. Otherwise, check the O substitution flags. */ 626 627 if (mseg_operation.access_info.extended_access_modes & mseg_access_operation.required_modes) 628 = mseg_access_operation.required_modes 629 then return ("1"b); 630 631 if (mseg_operation.access_info.extended_access_modes & MSEG_O_ACCESS) = ""b 632 then return ("0"b); /* if no own mode, then give up */ 633 634 if ^(mseg_access_operation.flags.o_for_r | mseg_access_operation.flags.o_for_d) 635 then return ("0"b); 636 637 test_mode = mseg_access_operation.required_modes; /* start with the full set */ 638 if mseg_access_operation.flags.o_for_r 639 then test_mode = (test_mode & ^MSEG_R_ACCESS); /* remove R from the st */ 640 if mseg_access_operation.flags.o_for_d 641 then test_mode = (test_mode & ^MSEG_D_ACCESS); /* Remove D from the set */ 642 643 if (test_mode & mseg_operation.access_info.extended_access_modes) = test_mode 644 then do; /* Do we have enough ? */ 645 mseg_operation.only_own_access = "1"b; /* yes, but note that we used O */ 646 return ("1"b); 647 end; 648 649 else return ("0"b); 650 651 end ex_acl_ok; 652 653 654 parent_access_ok: 655 procedure returns (bit (1) aligned); 656 657 declare code fixed bin (35); 658 659 parent_access_info.version = ENTRY_ACCESS_INFO_VERSION_1; 660 661 if mseg_operation.access_info_valid /* access_info isn't valid for create operation */ 662 then call hcs_$get_access_info (mseg_operation.access_info.dir_name, "", (0), addr (parent_access_info), code); 663 else call hcs_$get_access_info (mseg_operation.dir_name, "", (0), addr (parent_access_info), code); 664 665 if code ^= 0 666 then do; 667 return_status = error_table_$no_info; 668 return ("0"b); 669 end; 670 671 /**** As our execution ring is always lower (or equal) to our caller's 672* validation level, we must factor the directory ring brackets into our 673* effective access on the parent ourselves. */ 674 675 if mseg_operation.caller.validation_level > parent_access_info.ring_brackets (1) 676 then /*** outside of modify bracket -- remove M and A access */ 677 parent_access_info.effective_access_modes = 678 parent_access_info.effective_access_modes & ^(A_ACCESS | M_ACCESS); 679 680 if mseg_operation.caller.validation_level > parent_access_info.ring_brackets (2) 681 then /*** outside of status bracket -- remove S access */ 682 parent_access_info.effective_access_modes = parent_access_info.effective_access_modes & ^(S_ACCESS); 683 684 parent_access_info_valid = "1"b; /* stop censor_if_needed from making the call twice */ 685 686 /**** The directory ring brackets are now properly factored into our access. 687* We can now check if we have the access we need. */ 688 689 if (mseg_access_operation.required_dir_modes & parent_access_info.effective_access_modes) 690 = mseg_access_operation.required_dir_modes 691 then return ("1"b); /* enough access */ 692 693 /**** We don't have the required access to the branch's parent -- We want 694* to return error_table_$incorrect_access unless the user isn't allowed 695* to determine that from his validation level. Therefore, we'll simply 696* allow censor_if_needed to make the decision on which code to return. */ 697 698 return_status = censor_if_needed (error_table_$incorrect_access); 699 700 return ("0"b); 701 702 end parent_access_ok; 703 704 end acl_ok_for_operation; 705 706 aim_ok_for_operation: 707 procedure returns (bit (1) aligned); 708 709 dcl code fixed bin (35); 710 711 /****^ There are some standard AIM tests, and some peculiar ones. 712* the standard ones are keyed off of the READ/APPEND/MODIFY 713* classification. 714* 715* The per-segment checks are these: 716* 717* READ-SEGMENT-INFO -- auth >= segment-min-auth 718* MODIFY-SEGMENT-INFO -- auth = segment-min-auth 719* COPY-SEGMENT -- max-auth >= segment-max-auth (insures new container will hold all messages) 720* auth = segment-min-auth 721* 722* Special checks: 723* 724* ADD-MESSAGE -- segment-min <= message-acc <= segment-max 725* auth <= message-acc OR ring1 priv 726* 727* ACCEPT-MESSAGES -- MODIFY-SEGMENT-INFO + various 728* additional checks below. 729**/ 730 731 if mseg_access_operation.mseg_access_op_index = MSEG_READ_SEG_ATTR 732 then return (read_attr_ok ()); 733 734 else if mseg_access_operation.mseg_access_op_index = MSEG_MODIFY_SEG_ATTR 735 then return (modify_attr_ok ()); 736 737 else if mseg_access_operation.mseg_access_op_index = MSEG_COPY_SEG 738 then return (copy_ok ()); 739 740 else if mseg_access_operation.mseg_access_op_index = MSEG_ADD_MESSAGE 741 then return (add_message_ok ()); 742 743 else if mseg_access_operation.mseg_access_op_index = MSEG_MODIFY_MESSAGE 744 then return (modify_message_ok ()); 745 746 else if mseg_access_operation.mseg_access_op_index = MSEG_ACCEPT_WAKEUPS 747 then return (accept_wakeups_ok ()); 748 749 else if mseg_access_operation.mseg_access_op_index = MSEG_READ_MESSAGE 750 then return (read_message_ok ()); 751 752 else return ("1"b); /* no check defined */ 753 754 755 read_attr_ok: 756 procedure returns (bit (1) aligned); 757 758 if read_allowed_ (mseg_operation.caller.authorization, mseg_operation.access_info.parent_access_class) 759 then return ("1"b); 760 else return (priv_ok ()); 761 762 end read_attr_ok; 763 764 765 modify_attr_ok: 766 procedure returns (bit (1) aligned); 767 if read_write_allowed_ (mseg_operation.caller.authorization, mseg_operation.access_info.parent_access_class) 768 then return ("1"b); 769 else return (priv_ok ()); 770 771 end modify_attr_ok; 772 773 774 copy_ok: 775 procedure returns (bit (1) aligned); 776 777 if aim_check_$greater_or_equal (mseg_operation.caller.max_authorization, 778 mseg_operation.access_info.access_class) 779 & read_write_allowed_ (mseg_operation.caller.authorization, mseg_operation.access_info.parent_access_class) 780 then return ("1"b); 781 return (priv_ok () & ((mseg_operation.caller.privileges & sys_info$dir_privilege) ^= ""b)); 782 /* the caller cannot append the new message segment with the appropriate characteristics without dir priv */ 783 784 end copy_ok; 785 786 787 add_message_ok: 788 procedure returns (bit (1) aligned); 789 790 if ^(aim_check_$greater_or_equal (mseg_operation.message_info.ms_access_class, 791 mseg_operation.access_info.parent_access_class) 792 & 793 aim_check_$greater_or_equal (mseg_operation.access_info.access_class, 794 mseg_operation.message_info.ms_access_class)) 795 then return ("0"b); /* Message not permitted in segment, no-how */ 796 797 if priv_ok () 798 then return ("1"b); /* no need for user checks */ 799 800 if ^aim_check_$greater_or_equal (mseg_operation.caller.authorization, 801 mseg_operation.access_info.parent_access_class) 802 then return ("0"b); /* not allowed to write in here */ 803 804 if ^aim_check_$greater_or_equal (mseg_operation.message_info.ms_access_class, 805 mseg_operation.caller.authorization) 806 then return ("0"b); /* must mark information >= to self */ 807 808 /* Reject if message access class is greater than the sender's maximum 809* authorization except in the case of courtesy upgrades, when the message 810* access class is the same as the authorization of the recipient. */ 811 if ^aim_check_$greater_or_equal (mseg_operation.caller.max_authorization, 812 mseg_operation.message_info.ms_access_class) 813 then if mseg_operation.wakeup_state_valid 814 then if ^aim_check_$equal (mseg_operation.message_info.ms_access_class, 815 mseg_operation.wakeup_state.access_class) 816 then return ("0"b); 817 else; 818 else return ("0"b); /* must mark information <= to max */ 819 820 return ("1"b); 821 822 /**** If message>=user, and message<=segment_max, then user <=segment_max, 823* so no seperate check is needed for that. */ 824 825 end add_message_ok; 826 827 828 modify_message_ok: 829 procedure returns (bit (1) aligned); 830 831 /**** This is just the initial segment check */ 832 /**** Can we possibly modify anything in this segment? */ 833 834 if read_allowed_ (mseg_operation.caller.authorization, mseg_operation.access_info.parent_access_class) 835 & write_allowed_ (mseg_operation.caller.authorization, mseg_operation.access_info.access_class) 836 then return ("1"b); 837 else return (priv_ok ()); 838 839 end modify_message_ok; 840 841 842 read_message_ok: 843 procedure returns (bit (1) aligned); 844 845 /**** This is just the initial segment check */ 846 847 if read_allowed_ (mseg_operation.caller.authorization, mseg_operation.access_info.parent_access_class) 848 then return ("1"b); 849 else return (priv_ok ()); 850 851 end read_message_ok; 852 853 854 priv_ok: 855 procedure returns (bit (1) aligned); 856 857 if (mseg_operation.caller.privileges & sys_info$ring1_privilege) ^= ""b 858 then do; 859 used_privilege = "1"b; 860 return ("1"b); 861 end; 862 else return ("0"b); 863 864 end priv_ok; 865 866 867 accept_wakeups_ok: 868 procedure () returns (bit (1) aligned); 869 870 declare test_lock_id bit (36) aligned; 871 872 if ^basic_accept_ok () 873 then return ("0"b); 874 875 /**** Now check for the covert channel ... */ 876 877 if ^mseg_operation.wakeup_state_valid 878 then return ("1"b); /* no message implies that all is fine */ 879 880 if aim_check_$greater_or_equal (mseg_operation.caller.authorization, mseg_operation.wakeup_state.access_class) 881 then return ("1"b); 882 883 test_lock_id = mseg_operation.wakeup_state.lock_id; 884 call set_lock_$lock (test_lock_id, 0, code); 885 886 if (code = 0) | (code = error_table_$invalid_lock_reset) 887 then return ("1"b); 888 else return ("0"b); 889 890 891 basic_accept_ok: 892 procedure returns (bit (1) aligned); 893 894 return (modify_message_ok ()); /* Same check */ 895 896 end basic_accept_ok; 897 898 end accept_wakeups_ok; 899 900 end aim_ok_for_operation; 901 902 audit_operation: 903 procedure (code); 904 905 dcl code fixed bin (35) parameter; 906 907 declare 1 event_flags unaligned like audit_event_flags; 908 declare do_audit bit (1) aligned; 909 declare 1 a_audit_mseg_msg aligned like audit_mseg_msg_info; 910 911 if entry_type = CHECK 912 then return; 913 914 if mseg_access_operation.dont_audit 915 then return; 916 if ^mseg_operation.call_admin_gate 917 then return; 918 919 if code = 0 & entry_type = SEGMENT & mseg_access_operation.flags.dont_audit_success 920 then return; /* This will be audited on the second pass */ 921 922 if (code ^= 0) & (code ^= error_table_$ai_restricted) & (code ^= error_table_$incorrect_access) 923 & (code ^= error_table_$moderr) & (code ^= error_table_$no_info) & (code ^= error_table_$oosw) 924 then return; /* only audit success or access violations */ 925 926 string (event_flags) = ""b; 927 if code = 0 928 then event_flags.grant = "1"b; 929 if mseg_access_operation.admin 930 then event_flags.admin_op = "1"b; 931 if used_privilege 932 then event_flags.priv_op = "1"b; 933 934 /**** Now for a puzzle. Audit the message, or audit the segment? 935* We check based on the message, if any, and then log the 936* segment. */ 937 938 /* Checks for the case where the audit switch is on. These need to be 939* reached before such checks as the one below for the case where 940* mseg_access_operation.access_info_valid is on, as that doesn't 941* reference the mailbox entry itself. */ 942 943 if mseg_operation.mseg_ptr_valid 944 then do_audit = 945 access_audit_r1_$check_obj_ptr (string (event_flags), mseg_access_operation.access_operation, 946 mseg_operation.mseg_ptr); 947 948 else if mseg_operation.mseg_pathname_valid 949 then do_audit = 950 access_audit_r1_$check_obj_path (string (event_flags), mseg_access_operation.access_operation, 951 pathname_ (mseg_operation.dir_name, mseg_operation.entryname)); 952 953 if do_audit then goto DO_THE_AUDIT; 954 955 /* Now check for the other conditions. */ 956 957 if mseg_operation.md_ptr_valid = "1"b 958 then do_audit = 959 access_audit_r1_$check_obj_class (string (event_flags), mseg_access_operation.access_operation, 960 mseg_operation.md_ptr -> message_descriptor.ms_access_class); 961 962 else if mseg_access_operation.mseg_access_op_index = MSEG_ADD_MESSAGE 963 then do_audit = 964 access_audit_r1_$check_obj_class (string (event_flags), mseg_access_operation.access_operation, 965 mseg_operation.message_info.ms_access_class); 966 967 else if mseg_access_operation.mseg_access_op_index = MSEG_CREATE_SEG 968 then do_audit = 969 access_audit_r1_$check_obj_class (string (event_flags), mseg_access_operation.access_operation, 970 mseg_operation.caller.max_authorization); 971 972 else if mseg_operation.access_info_valid 973 then if mseg_access_operation.mseg_access_op_index = MSEG_COPY_SEG 974 then do_audit = 975 access_audit_r1_$check_obj_class (string (event_flags), mseg_access_operation.access_operation, 976 mseg_operation.access_info.access_class); 977 /* we are copying all of those message, possibly up to the max */ 978 else do_audit = 979 access_audit_r1_$check_obj_class (string (event_flags), mseg_access_operation.access_operation, 980 mseg_operation.access_info.parent_access_class); 981 /* The mseg information is controlled at the base access class, not the MAX */ 982 983 else if mseg_operation.mseg_ptr_valid 984 then do_audit = 985 access_audit_r1_$check_obj_ptr (string (event_flags), mseg_access_operation.access_operation, 986 mseg_operation.mseg_ptr); 987 988 else if initiate_failure 989 then do_audit = 990 access_audit_r1_$check_general (string (event_flags), mseg_access_operation.access_operation); 991 992 else if mseg_operation.mseg_pathname_valid 993 then do_audit = 994 access_audit_r1_$check_obj_path (string (event_flags), mseg_access_operation.access_operation, 995 pathname_ (mseg_operation.dir_name, mseg_operation.entryname)); 996 997 else call sub_err_ (0, "mseg_check_access_", ACTION_CANT_RESTART, null (), (0), 998 "Attempt to audit an mseg operation without a valid mseg_operation."); 999 1000 if ^do_audit 1001 then return; 1002 1003 DO_THE_AUDIT: 1004 audit_mseg_msg_ptr = null (); 1005 if mseg_operation.md_ptr_valid 1006 then do; 1007 audit_mseg_msg_ptr = addr (a_audit_mseg_msg); 1008 audit_mseg_msg_info.info_type = AAB_mseg_msg; 1009 audit_mseg_msg_info.version = AUDIT_MSEG_MSG_INFO_VERSION_5; 1010 audit_mseg_msg_info.descriptor = mseg_operation.md_ptr -> message_descriptor, by name; 1011 end; 1012 1013 if mseg_access_operation.mseg_access_op_index = MSEG_CREATE_SEG 1014 then call access_audit_r1_$log_obj_class ("mseg_check_access_", mseg_operation.caller.validation_level, 1015 string (event_flags), mseg_access_operation.access_operation, mseg_operation.caller.max_authorization, 1016 pathname_ (mseg_operation.dir_name, mseg_operation.entryname), code, audit_mseg_msg_ptr, 1017 size (audit_mseg_msg_info)); 1018 1019 1020 else if mseg_operation.mseg_ptr_valid 1021 then call access_audit_r1_$log_obj_ptr ("mseg_check_access_", mseg_operation.caller.validation_level, 1022 string (event_flags), mseg_access_operation.access_operation, mseg_operation.mseg_ptr, code, 1023 audit_mseg_msg_ptr, size (audit_mseg_msg_info)); 1024 1025 else if initiate_failure 1026 then call access_audit_r1_$log_general ("mseg_check_access_", mseg_operation.caller.validation_level, 1027 string (event_flags), mseg_access_operation.access_operation, 1028 pathname_ (mseg_operation.dir_name, mseg_operation.entryname), code, 1029 audit_mseg_msg_ptr, size (audit_mseg_msg_info)); 1030 1031 else call access_audit_r1_$log_obj_path ("mseg_check_access_", mseg_operation.caller.validation_level, 1032 string (event_flags), mseg_access_operation.access_operation, 1033 pathname_ (mseg_operation.dir_name, mseg_operation.entryname), code, 1034 audit_mseg_msg_ptr, size (audit_mseg_msg_info)); 1035 1036 return; 1037 1038 end audit_operation; 1039 1040 /* format: off */ 1041 /* begin include file - access_audit_binary_def */ 1 2 1 3 /* 1985-02-26 EJ Sharpe: added rcp object definition */ 1 4 /* 1985-01-25 E. Swenson: added pnt definition */ 1 5 /* 1985-01-22 EJ Sharpe: created */ 1 6 1 7 /**** 1 8* Each access audit log message has binary data including 1 9* the audit record header and optionally some extended 1 10* binary information. The first 9 bits (fixed bin (9) uns unal) 1 11* if the extended binary defines the type of the data 1 12* and, thus, what structure may be used to interpret it. 1 13* 1 14* This include file is a registry of the extended binary 1 15* type values. 1 16*****/ 1 17 1 18 dcl ( 1 19 /*type identifier*/ /*type*/ /*include where defined*/ 1 20 1 21 AAB_ss_object init (1), /* access_audit_ssobj_info.incl.pl1 */ 1 22 AAB_ss_link init (2), /* access_audit_ssobj_info.incl.pl1 */ 1 23 AAB_ia_int_dmn init (3), /* as_audit_structures.incl.pl1 */ 1 24 AAB_ia_abs init (4), /* as_audit_structures.incl.pl1 */ 1 25 AAB_ia_abs_proxy init (5), /* as_audit_structures.incl.pl1 */ 1 26 AAB_channel init (6), /* as_audit_structures.incl.pl1 */ 1 27 AAB_dial_service init (7), /* as_audit_structures.incl.pl1 */ 1 28 AAB_pnt_entry init (8), /* access_audit_pnt_info.incl.pl1 */ 1 29 AAB_rcp_object init (9), /* access_audit_rcp_info.incl.pl1 */ 1 30 AAB_mseg_msg init (10) /* access_audit_mseg_info.incl.pl1 */ 1 31 ) fixed bin (9) uns unal static options (constant); 1 32 1 33 /**** 1 34* The following array contains entry name fragments for the 1 35* expander procedure associated with the respective binary 1 36* data type. The actual entry name is generated like: 1 37* 1 38* entryname = "expand_"||audit_binary_expanders(TYPE)||"_audit_info_" 1 39* 1 40* Note that expand_access_audit_msg_.pl1 keeps a cache of 1 41* extended binary expander procedure entries. The cache 1 42* should be enlarged when the following array grows to more 1 43* than 36 entries. 1 44*****/ 1 45 1 46 dcl audit_binary_expanders (10) char (13) varying internal static options (constant) 1 47 init ( "ssobj", /* 1 (first two are internal */ 1 48 "sslnk", /* 2 procedures in expand_access_audit_msg_) */ 1 49 "as_ia", /* 3 (ia_int_dmn) */ 1 50 "as_ia", /* 4 (ia_abs) */ 1 51 "as_ia", /* 5 (ia_abs_proxy) */ 1 52 "channel", /* 6 */ 1 53 "dial_serv", /* 7 */ 1 54 "pnt", /* 8 */ 1 55 "rcp_obj", /* 9 */ 1 56 "mseg_msg" /* 10 */ 1 57 ); 1 58 1 59 /* end include file - access_audit_binary_def.incl.pl1 */ 1041 1042 /* Begin include file - access_audit_mseg_info.incl.pl1 */ 2 2 2 3 /* format: style4,insnl,delnl */ 2 4 2 5 2 6 dcl audit_mseg_msg_ptr pointer; 2 7 2 8 dcl 1 audit_mseg_msg_info aligned based (audit_mseg_msg_ptr), 2 9 2 info_type fixed bin (9) uns unal, /* AAB_mseg_msg */ 2 10 2 version fixed bin (9) uns unal, 2 11 2 descriptor unaligned, /* by-name assignabme */ 2 12 3 sender_level fixed bin (3) unsigned, /* with the version five message_descriptor */ 2 13 3 ms_id bit (72), 2 14 3 sender_id char (32), 2 15 3 sender_authorization bit (72), 2 16 3 sender_max_authorization bit (72), 2 17 3 ms_access_class bit (72), 2 18 3 sender_process_id bit (36), 2 19 3 sender_audit bit (36); 2 20 2 21 dcl AUDIT_MSEG_MSG_INFO_VERSION_5 fixed bin (9) uns unal static options (constant) init (5); 2 22 /* corresponds to Version 5 Message Segments */ 2 23 2 24 /* end include file - access_audit_mseg_info.incl.pl1 */ 2 25 2 26 1042 1043 /* BEGIN INCLUDE FILE ... mseg_access_mode_values.incl.pl1 */ 3 2 3 3 3 4 /****^ HISTORY COMMENTS: 3 5* 1) change(85-04-01,Palter), approve(), audit(), install(): 3 6* Initial coding. 3 7* 2) change(87-04-08,GDixon), approve(87-07-14,MCR7706), 3 8* audit(87-07-14,Parisek), install(87-08-04,MR12.1-1056): 3 9* Add mseg queue access values for queue users and administrators. 3 10* END HISTORY COMMENTS */ 3 11 3 12 3 13 /* format: style3,linecom */ 3 14 3 15 /* Definition of the extended access modes implemented by the message segment primitives (mseg_) */ 3 16 3 17 declare ( 3 18 /*** The individual modes */ 3 19 MSEG_A_ACCESS initial ("400000000000"b3), /* add a message */ 3 20 MSEG_D_ACCESS initial ("200000000000"b3), /* delete/update any message, accept wakeups, etc. */ 3 21 MSEG_R_ACCESS initial ("100000000000"b3), /* read any message */ 3 22 MSEG_O_ACCESS initial ("040000000000"b3), /* read/delete your own messages */ 3 23 MSEG_S_ACCESS initial ("020000000000"b3), /* get the message count, salvaged flag, etc. */ 3 24 MSEG_W_ACCESS initial ("010000000000"b3), /* send a normal wakeup when adding a message */ 3 25 MSEG_U_ACCESS initial ("004000000000"b3) /* send an urgent wakeup when adding a message */ 3 26 ) bit (36) aligned static options (constant); 3 27 3 28 declare ( 3 29 /*** Common combinations of the modes */ 3 30 MSEG_NULL_ACCESS initial ("000000000000"b3), /* no access at all */ 3 31 MSEG_FULL_ACCESS initial ("774000000000"b3) /* all possible access */ 3 32 ) bit (36) aligned static options (constant); 3 33 3 34 /* format: idind40 */ 3 35 3 36 declare ( 3 37 /*** Initial extended access modes of a newly created mailbox -- The following constants yield the following ACL: 3 38* adrosw Person_id.*.* (or anonymous.Project_id.*) 3 39* aow *.SysDaemon.* 3 40* aow *.*.* */ 3 41 MSEG_MBX_INITIAL_ACL dimension (3) static options (constant) 3 42 initial ("770000000000"b3, "450000000000"b3, "450000000000"b3), 3 43 MSEG_MBX_CREATOR_INITIAL_ACCESS defined (MSEG_MBX_INITIAL_ACL (1)), 3 44 MSEG_MBX_SYSDAEMON_INITIAL_ACCESS defined (MSEG_MBX_INITIAL_ACL (2)), 3 45 MSEG_MBX_OTHERS_INITIAL_ACCESS defined (MSEG_MBX_INITIAL_ACL (3)) 3 46 ) bit (36) aligned; 3 47 3 48 declare ( 3 49 /*** Initial extended access modes of a newly created queue message segment -- The following constants yield the 3 50* following ACL: 3 51* adros Person_id.*.* (or anonymous.Project_id.*) 3 52* ao *.SysDaemon.* 3 53* null *.*.* */ 3 54 MSEG_QUEUE_INITIAL_ACL dimension (3) static options (constant) 3 55 initial ("760000000000"b3, "440000000000"b3, "000000000000"b3), 3 56 MSEG_QUEUE_CREATOR_INITIAL_ACCESS defined (MSEG_QUEUE_INITIAL_ACL (1)), 3 57 MSEG_QUEUE_SYSDAEMON_INITIAL_ACCESS defined (MSEG_QUEUE_INITIAL_ACL (2)), 3 58 MSEG_QUEUE_OTHERS_INITIAL_ACCESS defined (MSEG_QUEUE_INITIAL_ACL (3)) 3 59 ) bit (36) aligned; 3 60 3 61 declare ( 3 62 /*** Extended access modes of queue segment users and administrators: 3 63* ao Queue_User.*.* 3 64* aros Queue_Admin.*.* */ 3 65 MSEG_QUEUE_USER_ACCESS initial ("440000000000"b3), 3 66 MSEG_QUEUE_ADMIN_ACCESS initial ("560000000000"b3)) 3 67 bit (36) aligned int static options(constant); 3 68 3 69 /* END INCLUDE FILE ... mseg_access_mode_values.incl.pl1 */ 1043 1044 /* Begin include file mseg_access_operation.incl.pl1 BIM 1098-04-18 */ 4 2 /* format: style3,idind30 */ 4 3 4 4 declare mseg_access_operation_ptr pointer; 4 5 declare 1 mseg_access_operation aligned based (mseg_access_operation_ptr), 4 6 2 access_operation bit (36) aligned, 4 7 2 required_modes bit (36) aligned, /* ""b if no modes required */ 4 8 2 flags unaligned, 4 9 3 dont_audit bit (1) unaligned, 4 10 3 dont_audit_success bit (1) unaligned, 4 11 3 non_null_modes bit (1) unaligned, 4 12 3 no_modes bit (1) unaligned, 4 13 3 o_for_r bit (1) unaligned, /* if no r, o will do */ 4 14 3 o_for_d bit (1) unaligned, /* if no d, o will do */ 4 15 3 admin bit (1) unaligned, 4 16 3 dir_modes bit (1) unaligned, /* dir mode is needed */ 4 17 3 dir_modes_or_ex_modes bit (1) unaligned, /* if not ex-mode, dir mode */ 4 18 3 pad bit (9) unaligned, 4 19 2 required_dir_modes bit (3) unaligned, 4 20 2 pad1 bit (6) unaligned, 4 21 2 mseg_access_op_index fixed bin (9) uns unaligned, 4 22 2 pad2 bit (36) aligned; 4 23 4 24 declare ( 4 25 MSEG_READ_SEG_ATTR init (1), /* any attribute */ 4 26 MSEG_MODIFY_SEG_ATTR init (2), /* any attribute, access or no */ 4 27 MSEG_COPY_SEG init (3), /* reference a segment for copying */ 4 28 MSEG_CREATE_SEG init (4), /* check on candidate parent dir */ 4 29 MSEG_ADD_MESSAGE init (5), /* append */ 4 30 MSEG_MODIFY_MESSAGE init (6), /* update/delete */ 4 31 MSEG_ACCEPT_WAKEUPS init (7), /* what the sign says */ 4 32 MSEG_READ_MESSAGE init (8) /* ditto */ 4 33 ) fixed bin (9) int static options (constant); 4 34 4 35 dcl 1 mseg_access_operations_$data 4 36 (25) external static aligned like mseg_access_operation; 4 37 4 38 /* End include file mseg_access_operation.incl.pl1 */ 1044 1045 /* Begin include file mseg_data_.incl.pl1 BIM 1985-04-15 */ 5 2 /* format: style4 */ 5 3 5 4 declare mseg_data_$lock_id bit (72) aligned external; 5 5 declare mseg_data_$block_size fixed bin (35) ext static; 5 6 declare mseg_data_$max_message_size fixed bin (35) ext static; 5 7 declare mseg_data_$template_operation bit (36) aligned external static; /* like mseg_operation */ 5 8 declare mseg_data_$admin_ring fixed binary (3) external; 5 9 declare mseg_data_$execution_ring fixed bin (3) ext static; 5 10 declare mseg_data_$process_max_authorization bit (72) aligned ext static; 5 11 declare mseg_data_$group_id char (32) unaligned external static; 5 12 5 13 /* End include file mseg_data_.incl.pl1 */ 1045 1046 /* BEGIN INCLUDE FILE . . . mseg_message_info.incl.pl1 BIM 1984-10-10 */ 6 2 /* format: style3,idind30 */ 6 3 6 4 /* structure returned when message is read from a message segment */ 6 5 6 6 6 7 dcl mseg_message_info_ptr pointer; 6 8 6 9 dcl 1 mseg_message_info based (mseg_message_info_ptr) aligned, 6 10 2 version char (8) aligned, 6 11 2 message_code fixed bin, 6 12 2 control_flags unaligned, 6 13 3 own bit (1), 6 14 3 delete bit (1), 6 15 3 pad bit (34), 6 16 2 ms_ptr ptr, /* pointer to message */ 6 17 2 ms_len fixed bin (24), /* length of message in bits */ 6 18 2 ms_id bit (72), /* unique ID of message */ 6 19 /* input in some cases */ 6 20 2 ms_access_class bit (72), /* message access class */ 6 21 2 sender_id char (32) unaligned,/* process-group ID of sender */ 6 22 2 sender_process_id bit (36) aligned, /* if nonzero, process that sent */ 6 23 2 sender_level fixed bin, /* validation level of sender */ 6 24 2 sender_authorization bit (72), /* access authorization of message sender */ 6 25 2 sender_max_authorization bit (72), /* max authorization of sending process */ 6 26 2 sender_audit bit (36) aligned; /* audit flags */ 6 27 6 28 declare MSEG_MESSAGE_INFO_V1 char (8) aligned init ("msegmi01") int static options (constant); 6 29 6 30 declare ( 6 31 MSEG_READ_FIRST init (1), 6 32 MSEG_READ_LAST init (2), 6 33 MSEG_READ_SPECIFIED init (3), 6 34 MSEG_READ_BEFORE_SPECIFIED init (4), 6 35 MSEG_READ_AFTER_SPECIFIED init (5)) 6 36 fixed bin int static options (constant); 6 37 6 38 declare (MSEG_READ_OWN init ("1"b), 6 39 MSEG_READ_DELETE init ("01"b) 6 40 ) bit (36) aligned internal static options (constant); 6 41 6 42 /* END INCLUDE FILE . . . mseg_message_info.incl.pl1 */ 1046 1047 /* BEGIN INCLUDE FILE ... mseg_operation.incl.pl1 */ 7 2 7 3 /* format: style3,idind30,linecom */ 7 4 7 5 /**** Created 1985-04-16, BIM: from Pandolf's mseg_access_operation */ 7 6 7 7 /**** NOTES: 7 8* The caller of mseg_ must set mseg_operation.access_operation to record 7 9* the type of access checking it has performed and which mseg_ should 7 10* perform when needed (i.e., for those entrypoints which operate on 7 11* messages like mseg_$read_message). 7 12* 7 13* mseg_operation.operation is reserved explicitly for use by mseg_ and 7 14* its underlying modules. 7 15* 7 16* You must also include entry_access_info, mseg_message_info, and 7 17* mbx_wakeup_state along with this include file. */ 7 18 7 19 dcl mseg_operation_ptr pointer; 7 20 dcl MSEG_OPERATION_VERSION_1 fixed bin internal static options (constant) init (1); 7 21 dcl MSEG_TYPE_MBX fixed bin init (1) internal static options (constant); 7 22 dcl MSEG_TYPE_MS fixed bin init (2) internal static options (constant); 7 23 7 24 dcl 1 mseg_operation based (mseg_operation_ptr) aligned, 7 25 2 version fixed binary, /* current version is MSEG_OPERATION_VERSION_1 */ 7 26 2 type fixed binary, /* MBX or MS */ 7 27 2 access_operation fixed binary, /* type of access checks required for the operation */ 7 28 2 operation bit (36) aligned, /* for use by mseg_ and underlying modules */ 7 29 2 caller aligned, /* always collected in gate target */ 7 30 3 validation_level fixed bin (3), 7 31 3 privileges bit (18) aligned, /* factored for speed */ 7 32 3 pad_align_double fixed bin (71), /* just to force alignment */ 7 33 3 authorization bit (72) aligned, /* must be 2word aligned */ 7 34 3 max_authorization bit (72) aligned, 7 35 3 group_id char (32) unaligned, 7 36 2 flags aligned, 7 37 3 mseg_pathname_valid bit (1) unaligned, 7 38 3 mseg_ptr_valid bit (1) unaligned, 7 39 3 mseg_index_valid bit (1) unaligned, 7 40 3 access_info_valid bit (1) unaligned, 7 41 3 md_ptr_valid bit (1) unaligned, 7 42 3 message_info_valid bit (1) unaligned, /* note -- for some operations not all fields are used */ 7 43 3 wakeup_state_valid bit (1) unaligned, 7 44 3 suppress_access_checks bit (1) unaligned, /* set by privileged interfaces, suppresses ALL access checking */ 7 45 3 call_admin_gate bit (1) unaligned, /* we is in ring 1, boss */ 7 46 3 only_own_access bit (1) unaligned, /* the user had o rather than r/d */ 7 47 3 add_message_info_all_valid 7 48 bit (1) unaligned, /* Believe ALL the fields in message info on an add */ 7 49 3 pad bit (24) unaligned, 7 50 2 dir_name char (168) unaligned, 7 51 2 entryname char (32) unaligned, 7 52 2 mseg_ptr pointer, 7 53 2 md_ptr pointer, /* message descriptor */ 7 54 2 mseg_index fixed bin, 7 55 2 access_info aligned like entry_access_info, 7 56 2 message_info aligned like mseg_message_info, 7 57 2 wakeup_state aligned like mseg_wakeup_state; 7 58 7 59 /* END INCLUDE FILE ... mseg_operation.incl.pl1 */ 1047 1048 /* BEGIN INCLUDE FILE ... mseg_segment.incl.pl1 */ 8 2 /* Created: April 1985 by G. Palter from msg_hdr.incl.pl1 */ 8 3 8 4 /* format: style3,linecom */ 8 5 8 6 /* NOTE: This include file references the mseg_wakeup_state structure which is defined separately in 8 7* mseg_wakeup_state.incl.pl1. Programs which use this include file must also include mseg_wakeup_state.incl.pl1 to 8 8* prevent compilation errors. */ 8 9 8 10 8 11 /* Definition of the structure of a message segment -- 8 12* 8 13* A message segment is composed of three sections -- the header, the block map, and the blocks space. 8 14* 8 15* In addition to the message ID hash table and the head&tail of the chronological message chain, the message header also 8 16* contains the state of wakeup acceptance for this segment. In order to maintain compatibility with early version 5 8 17* message segments, the wakeup state is maintained in a 64 word area of the header which had been known as the "header 8 18* message". See mseg_wakeup_state.incl.pl1 for additional information. 8 19* 8 20* The entire message segment, including the header and block map, is treated as an array of fixed size blocks. The block 8 21* map contains a bit for each block in the message which indicates whether that block is in use. (The blocks which 8 22* overlay the header and block map are always marked as being in use). The size of the block map is based on the 8 23* maxlength of the message segment in order to provide more free space in very small message segments. 8 24* 8 25* When a message is added to a message segment, its content is split into blocks which are allocated in the blocks space. 8 26* The blocks space starts with the first block after the block map and occupies the remainder of the segment. */ 8 27 8 28 declare 1 mseg_segment aligned based (mseg_ptr), 8 29 2 header aligned, 8 30 3 lock bit (36) aligned, 8 31 3 sentinel bit (36) aligned, /* proves that this segment is a message segment */ 8 32 3 reserved bit (72) aligned, /* ... for compatibility with early version 5 segments */ 8 33 3 date_time_last_salvaged 8 34 fixed binary (71), 8 35 3 pad (2) bit (36) aligned, 8 36 3 message_chain, /* the chronological chain of messages in the segment ... */ 8 37 4 first_message /* ... the first (oldest) message */ 8 38 fixed binary (18) unaligned unsigned, 8 39 4 pad1 bit (18) unaligned, 8 40 4 last_message /* ... the last (youngest) message */ 8 41 fixed binary (18) unaligned unsigned, 8 42 4 pad2 bit (18) unaligned, 8 43 3 n_blocks_allocated /* total # of blocks available in this message segment ... */ 8 44 fixed binary (18), /* ... including space occupied by the header and block map */ 8 45 3 n_blocks_unused 8 46 fixed binary (18), 8 47 3 n_messages fixed binary (18), 8 48 3 block_size fixed binary, /* ... in words */ 8 49 3 flags, 8 50 4 modification_in_progress 8 51 bit (1) unaligned, 8 52 4 salvaged bit (1) unaligned, /* ON => the message segment had been salvaged earlier */ 8 53 4 wakeup_state_set 8 54 bit (1) unaligned, 8 55 4 salvage_in_progress 8 56 bit (1) unaligned, 8 57 4 pad bit (32) unaligned, 8 58 3 version fixed binary, 8 59 3 wakeup_state aligned, 8 60 4 state aligned like mseg_wakeup_state, 8 61 4 pad (64 - 10) bit (36) aligned, /* ... for compatibility with early version 5 segments */ 8 62 3 hash_table aligned, /* ... based on the low order 9 bits of the message ID */ 8 63 4 last_message 8 64 (0:511) fixed binary (18) unaligned unsigned, 8 65 2 block_map aligned, /* ON => the block is in use */ 8 66 3 map bit (0 refer (mseg_segment.n_blocks_allocated)) unaligned; 8 67 8 68 declare mseg_ptr pointer; 8 69 8 70 declare MSEG_SEGMENT_VERSION_5 /* presently supported version */ 8 71 fixed binary static options (constant) initial (5); 8 72 8 73 declare MSEG_SEGMENT_SENTINEL 8 74 bit (36) aligned static options (constant) initial ("252525252525"b3); 8 75 8 76 8 77 /* Redefinitions required to access the wakeup_state of the segment in early version 5 message segments */ 8 78 8 79 declare header_msg_access_class 8 80 bit (72) aligned defined (mseg_segment.reserved); 8 81 8 82 declare header_msg_present bit (1) unaligned defined (mseg_segment.wakeup_state_set); 8 83 8 84 declare header_msg (64) bit (36) aligned based (addr (mseg_segment.wakeup_state)); 8 85 8 86 /* END INCLUDE FILE ... mseg_segment.incl.pl1 */ 1048 1049 /* BEGIN INCLUDE FILE ... mseg_message.incl.pl1 */ 9 2 /* Created: April 1985 by G. Palter from ms_block_hdr.incl.pl1 and ms_block_trailer.incl.pl1 */ 9 3 9 4 /* format: style3,linecom */ 9 5 9 6 /* NOTE: This include file references components of the mseg_segment structure which is defined separately in 9 7* mseg_segment.incl.pl1. Programs which use this include file must also include mseg_segment.incl.pl1 to prevent 9 8* compilation errors. */ 9 9 9 10 9 11 /* Definition of the structure of a message stored in a message segment -- 9 12* 9 13* When a message is added to a message segment, it is split into one or more fixed sized blocks. These blocks are then 9 14* allocated in the blocks space of the message segment. (See mseg_message.incl.pl1 and mseg_message_.pl1 for more 9 15* information). Each block includes a header which records where the next block of the message, if any, resides and how 9 16* many bits of data is actually recorded in the block. 9 17* 9 18* In addition, the first block allocated for a message always includes a message descriptor. This descriptor includes 9 19* various pieces of information about the message such as its total length, access class, author, etc. */ 9 20 9 21 9 22 /* Definition of the header found in all message blocks */ 9 23 9 24 declare 1 message_block_header 9 25 aligned based (mb_ptr), 9 26 2 next_block fixed binary (18) unaligned unsigned, 9 27 2 descriptor_present /* ON => a descriptor is in the last 22 words of the block */ 9 28 bit (1) unaligned, 9 29 2 data_lth /* ... in bits */ 9 30 fixed binary (17) unaligned unsigned; 9 31 9 32 declare mb_ptr pointer; 9 33 9 34 9 35 /* Definition of the descriptor for a message recorded in the first block of the message */ 9 36 9 37 declare 1 message_descriptor 9 38 aligned based (md_ptr), 9 39 2 sentinel bit (36) aligned, /* proves that this is a message descriptor */ 9 40 2 message_chain, /* the chronological chain of messages in the segment */ 9 41 3 next_message fixed binary (18) unaligned unsigned, 9 42 3 prev_message fixed binary (18) unaligned unsigned, 9 43 2 sender_level fixed binary (3) unaligned unsigned, 9 44 2 pad1 bit (5) unaligned, 9 45 2 prev_message_in_hash_chain 9 46 fixed binary (18) unaligned unsigned, 9 47 2 pad2 bit (10) unaligned, 9 48 2 ms_id bit (72) aligned, 9 49 2 ms_len fixed binary (24) unaligned unsigned, 9 50 2 pad3 bit (12) unaligned, 9 51 2 sender_id char (32) aligned, 9 52 2 sender_authorization 9 53 bit (72) aligned, 9 54 2 ms_access_class bit (72) aligned, 9 55 2 sender_max_authorization 9 56 bit (72) aligned, 9 57 2 sender_process_id 9 58 bit (36) aligned, 9 59 2 sender_audit bit (36) aligned; 9 60 9 61 declare md_ptr pointer; 9 62 9 63 declare MESSAGE_DESCRIPTOR_SENTINEL 9 64 bit (36) aligned static options (constant) initial ("777777777777"b3); 9 65 9 66 9 67 /* Definition of the first block allocated for a message in a message segment */ 9 68 9 69 declare 1 first_message_block 9 70 aligned based (mb_ptr), 9 71 2 header aligned like message_block_header, 9 72 2 data_space, 9 73 3 data bit (0 refer (first_message_block.data_lth)) unaligned, 9 74 3 pad bit (36 9 75 * (mseg_segment.block_size - currentsize (message_block_header) 9 76 - currentsize (message_descriptor)) - first_message_block.data_lth) unaligned, 9 77 2 descriptor aligned like message_descriptor; 9 78 9 79 9 80 /* Definition of all but the first block allocated for a message in a message segment */ 9 81 9 82 declare 1 other_message_block 9 83 aligned based (mb_ptr), 9 84 2 header aligned like message_block_header, 9 85 2 data_space, 9 86 3 data bit (0 refer (other_message_block.data_lth)) unaligned, 9 87 3 pad bit (36 * (mseg_segment.block_size - currentsize (message_block_header)) 9 88 - other_message_block.data_lth) unaligned; 9 89 9 90 /* END INCLUDE FILE ... mseg_message.incl.pl1 */ 1049 1050 /* BEGIN INCLUDE FILE ... access_mode_values.incl.pl1 10 2* 10 3* Values for the "access mode" argument so often used in hardcore 10 4* James R. Davis 26 Jan 81 MCR 4844 10 5* Added constants for SM access 4/28/82 Jay Pattin 10 6* Added text strings 03/19/85 Chris Jones 10 7**/ 10 8 10 9 10 10 /* format: style4,delnl,insnl,indattr,ifthen,dclind10 */ 10 11 dcl ( 10 12 N_ACCESS init ("000"b), 10 13 R_ACCESS init ("100"b), 10 14 E_ACCESS init ("010"b), 10 15 W_ACCESS init ("001"b), 10 16 RE_ACCESS init ("110"b), 10 17 REW_ACCESS init ("111"b), 10 18 RW_ACCESS init ("101"b), 10 19 S_ACCESS init ("100"b), 10 20 M_ACCESS init ("010"b), 10 21 A_ACCESS init ("001"b), 10 22 SA_ACCESS init ("101"b), 10 23 SM_ACCESS init ("110"b), 10 24 SMA_ACCESS init ("111"b) 10 25 ) bit (3) internal static options (constant); 10 26 10 27 /* The following arrays are meant to be accessed by doing either 1) bin (bit_value) or 10 28* 2) divide (bin_value, 2) to come up with an index into the array. */ 10 29 10 30 dcl SEG_ACCESS_MODE_NAMES (0:7) init ("null", "W", "E", "EW", "R", "RW", "RE", "REW") char (4) internal 10 31 static options (constant); 10 32 10 33 dcl DIR_ACCESS_MODE_NAMES (0:7) init ("null", "A", "M", "MA", "S", "SA", "SM", "SMA") char (4) internal 10 34 static options (constant); 10 35 10 36 dcl ( 10 37 N_ACCESS_BIN init (00000b), 10 38 R_ACCESS_BIN init (01000b), 10 39 E_ACCESS_BIN init (00100b), 10 40 W_ACCESS_BIN init (00010b), 10 41 RW_ACCESS_BIN init (01010b), 10 42 RE_ACCESS_BIN init (01100b), 10 43 REW_ACCESS_BIN init (01110b), 10 44 S_ACCESS_BIN init (01000b), 10 45 M_ACCESS_BIN init (00010b), 10 46 A_ACCESS_BIN init (00001b), 10 47 SA_ACCESS_BIN init (01001b), 10 48 SM_ACCESS_BIN init (01010b), 10 49 SMA_ACCESS_BIN init (01011b) 10 50 ) fixed bin (5) internal static options (constant); 10 51 10 52 /* END INCLUDE FILE ... access_mode_values.incl.pl1 */ 1050 1051 /* begin include file - access_audit_eventflags.incl.pl1 */ 11 2 /* NOTE: This include file has an ALM counterpart made with cif. 11 3*Keep it up to date. */ 11 4 11 5 dcl 1 audit_event_flags based aligned, 11 6 2 special_op bit (1) unal, /* special sys operation */ 11 7 2 grant bit (1) unal, /* operation was successful */ 11 8 2 admin_op bit (1) unal, /* administrative operation */ 11 9 2 priv_op bit (1) unal, /* privileged operation */ 11 10 2 cc_1_10 bit (1) unal, /* small covert channel */ 11 11 2 cc_10_100 bit (1) unal, /* moderate covert channel */ 11 12 2 receiver bit (1) unal, /* on receiving end of channel */ 11 13 2 pad bit (29) unal; 11 14 11 15 /* end include file - access_audit_eventflags.incl.pl1 */ 1051 1052 /* BEGIN INCLUDE FILE ... entry_access_info.incl.pl1 */ 12 2 12 3 /* 12 4* Written 03/22/85 by M. Pandolf 12 5* Modified 1985-04-19, BIM: added parent access class. 12 6**/ 12 7 12 8 dcl entry_access_info_ptr pointer; 12 9 dcl ENTRY_ACCESS_INFO_VERSION_1 char (8) internal static options (constant) 12 10 init ("eainf001"); 12 11 12 12 dcl 1 entry_access_info aligned based (entry_access_info_ptr), 12 13 2 version char (8), /* = ENTRY_ACCESS_INFO_VERSION_1 */ 12 14 2 type fixed bin, /* see status_structures.incl.pl1 */ 12 15 2 dir_name char (168) unaligned, /* parent of this entry */ 12 16 2 entryname char (32) unaligned, /* primary name of this entry */ 12 17 2 uid bit (36) aligned, 12 18 2 ring_brackets (3) fixed bin (3), /* for dirs, the dir ring brackets are here */ 12 19 2 extended_ring_brackets (3) fixed bin (3), /* not-yet-implemented x-rb's */ 12 20 2 effective_access_modes bit (36) aligned, /* for dirs, dir mode is here */ 12 21 2 extended_access_modes bit (36) aligned, /* always null for dirs */ 12 22 2 access_class bit (72) aligned, /* for multiclass, max access class */ 12 23 2 parent_access_class bit (72) aligned, /* for multiclass, this is effectively the min access class */ 12 24 2 multiclass bit (1) aligned; 12 25 12 26 /* END INCLUDE FILE ... entry_access_info.incl.pl1 */ 1052 1053 /* BEGIN INCLUDE FILE ... mseg_wakeup_state.incl.pl1 */ 13 2 /* Created: April 1985 by G. Palter */ 13 3 13 4 /* format: style3,linecom */ 13 5 13 6 /* Description of the wakeup state of a message segment -- 13 7* 13 8* The wakeup state defines which process, if any, is willing to receive normal or urgent IPC wakeups when a message which 13 9* requests such a wakeup is added to a message segment. The process is allowed to separately accept or defer normal and 13 10* urgent wakeups. Note that deferring a wakeup is not the same as not accepting wakeups. A process is not allowed to 13 11* stop accepting wakeups once it has accepted them as to do so would introduce a relatively high badnwidth covert 13 12* channel. (In the present implementation, urgent wakeups are really no different from normal wakeups. Eventually, 13 13* urgent wakeups should be implemented using an IPS signal along with the IPC wakeup). 13 14* 13 15* mseg_$get_wakeup_state_seg requires that the caller supply the proper value for mseg_wakeup_state.version in the 13 16* mseg_operation. If there is no wakeup state recorded in the message segment, mseg_$get_wakeup_state_seg will return 13 17* the status code error_table_$messages_off. 13 18* 13 19* mseg_$set_wakeup_state_seg ignores the values of the access_class, process_id, and lock_id elements supplied by the 13 20* caller in the mseg_operation. mseg_$set_wakeup_state_seg will, instead, furnish the values of the process making the 13 21* call for these elements and will return these values to its caller. In other words, mseg_$set_wakeup_state_seg can not 13 22* be used by one process to accept/defer wakeups on behalf of another process. */ 13 23 13 24 declare 1 mseg_wakeup_state aligned based (mseg_wakeup_state_ptr), 13 25 2 version character (8) unaligned, 13 26 2 flags aligned, 13 27 3 accepting_normal_wakeups /* ON => process has accepted normal wakeups */ 13 28 bit (1) unaligned, /* OFF => process has deferred normal wakeups */ 13 29 3 accepting_urgent_wakeups /* ON => process has accepted urgent wakeups */ 13 30 bit (1) unaligned, /* OFF => process has deferred urgent wakeups */ 13 31 3 pad bit (34) unaligned, 13 32 2 pad bit (36) aligned, 13 33 2 event_channel fixed binary (71), /* IPC event channel on which to send normal/urgent wakeups */ 13 34 2 access_class bit (72) aligned, /* AIM access class of the process accepting wakeups */ 13 35 2 process_id bit (36) aligned, /* ID of the process accepting wakeups */ 13 36 2 lock_id bit (36) aligned; /* lock ID used to test if said process is still alive */ 13 37 13 38 declare mseg_wakeup_state_ptr 13 39 pointer; 13 40 13 41 declare MSEG_WAKEUP_STATE_VERSION_1 13 42 character (8) static options (constant) initial ("msegwkp1"); 13 43 13 44 /* END INCLUDE FILE ... mseg_wakeup_state.incl.pl1 */ 1053 1054 /* BEGIN INCLUDE FILE sub_err_flags.incl.pl1 BIM 11/81 */ 14 2 /* format: style3 */ 14 3 14 4 /* These constants are to be used for the flags argument of sub_err_ */ 14 5 /* They are just "string (condition_info_header.action_flags)" */ 14 6 14 7 declare ( 14 8 ACTION_CAN_RESTART init (""b), 14 9 ACTION_CANT_RESTART init ("1"b), 14 10 ACTION_DEFAULT_RESTART 14 11 init ("01"b), 14 12 ACTION_QUIET_RESTART 14 13 init ("001"b), 14 14 ACTION_SUPPORT_SIGNAL 14 15 init ("0001"b) 14 16 ) bit (36) aligned internal static options (constant); 14 17 14 18 /* End include file */ 1054 1055 /* Begin include file mseg_access_operations_.incl.pl1 BIM 1985-04-19 */ 15 2 /* format: style4 */ 15 3 15 4 declare ( 15 5 mseg_access_operations_$accept_wakeups_seg, 15 6 mseg_access_operations_$acl_list_seg, 15 7 mseg_access_operations_$acl_modify_seg, 15 8 mseg_access_operations_$admin_add_message, 15 9 mseg_access_operations_$add_message, 15 10 mseg_access_operations_$close_seg, 15 11 mseg_access_operations_$compact_seg, 15 12 mseg_access_operations_$create_seg, 15 13 mseg_access_operations_$delete_message, 15 14 mseg_access_operations_$delete_seg, 15 15 mseg_access_operations_$get_count_seg, 15 16 mseg_access_operations_$modify_attr_seg, 15 17 mseg_access_operations_$modify_fs_attr_seg, 15 18 mseg_access_operations_$read_fs_attr_seg, 15 19 mseg_access_operations_$reset_salvage_bit_seg, 15 20 mseg_access_operations_$open_seg, 15 21 mseg_access_operations_$read_attr_seg, 15 22 mseg_access_operations_$read_delete_message, 15 23 mseg_access_operations_$read_message, 15 24 mseg_access_operations_$read_own_message, 15 25 mseg_access_operations_$read_delete_own_message, 15 26 mseg_access_operations_$send_normal_wakeup, 15 27 mseg_access_operations_$send_urgent_wakeup, 15 28 mseg_access_operations_$update_message, 15 29 mseg_access_operations_$copy_seg) fixed binary external static; 15 30 15 31 /* End include file mseg_access_operations_.incl.pl1 */ 1055 1056 1057 1058 /* BEGIN MESSAGE DOCUMENTATION 1059* 1060* 1061* Message: 1062* Audit (mseg_check_access_): [GRANTED | DENIED] OPERATION_DESCRIPTION ADDED_INFO 1063* 1064* S: $access_audit 1065* 1066* T: $run 1067* 1068* M: An access control decision has been made by the mseg_ primitives. 1069* The OPERATION_DESCRIPTION specifies the operation requested by the user. 1070* GRANTED or DENIED indicates whether access was granted or not. 1071* the ADDED_INFO describes the user and the message segment or mailbox. 1072* The associated binary info describes the message in the segment if 1073* a specific message was involved. 1074* 1075* A: $notify_ssa 1076* 1077* 1078* END MESSAGE DOCUMENTATION */ 1079 1080 /* format: on */ 1081 1082 end mseg_check_access_; SOURCE FILES USED IN THIS COMPILATION. LINE NUMBER DATE MODIFIED NAME PATHNAME 0 08/09/88 1516.1 mseg_check_access_.pl1 >spec>install>1084>mseg_check_access_.pl1 1041 1 05/17/85 0615.5 access_audit_binary_def.incl.pl1 >ldd>include>access_audit_binary_def.incl.pl1 1042 2 05/17/85 0615.5 access_audit_mseg_info.incl.pl1 >ldd>include>access_audit_mseg_info.incl.pl1 1043 3 08/06/87 0913.5 mseg_access_mode_values.incl.pl1 >ldd>include>mseg_access_mode_values.incl.pl1 1044 4 05/17/85 0619.0 mseg_access_operation.incl.pl1 >ldd>include>mseg_access_operation.incl.pl1 1045 5 05/17/85 0619.0 mseg_data_.incl.pl1 >ldd>include>mseg_data_.incl.pl1 1046 6 01/10/85 2002.8 mseg_message_info.incl.pl1 >ldd>include>mseg_message_info.incl.pl1 1047 7 05/17/85 0615.6 mseg_operation.incl.pl1 >ldd>include>mseg_operation.incl.pl1 1048 8 05/17/85 0615.7 mseg_segment.incl.pl1 >ldd>include>mseg_segment.incl.pl1 1049 9 05/17/85 0615.6 mseg_message.incl.pl1 >ldd>include>mseg_message.incl.pl1 1050 10 04/11/85 1452.6 access_mode_values.incl.pl1 >ldd>include>access_mode_values.incl.pl1 1051 11 01/30/85 1523.9 access_audit_eventflags.incl.pl1 >ldd>include>access_audit_eventflags.incl.pl1 1052 12 05/17/85 0615.5 entry_access_info.incl.pl1 >ldd>include>entry_access_info.incl.pl1 1053 13 05/17/85 0615.7 mseg_wakeup_state.incl.pl1 >ldd>include>mseg_wakeup_state.incl.pl1 1054 14 04/16/82 0958.1 sub_err_flags.incl.pl1 >ldd>include>sub_err_flags.incl.pl1 1055 15 05/17/85 0615.6 mseg_access_operations_.incl.pl1 >ldd>include>mseg_access_operations_.incl.pl1 NAMES DECLARED IN THIS COMPILATION. IDENTIFIER OFFSET LOC STORAGE CLASS DATA TYPE ATTRIBUTES AND REFERENCES (* indicates a set context) NAMES DECLARED BY DECLARE STATEMENT. AAB_mseg_msg constant fixed bin(9,0) initial packed unsigned unaligned dcl 1-18 ref 1008 ACTION_CANT_RESTART 000013 constant bit(36) initial dcl 14-7 set ref 328* 997* AUDIT_MSEG_MSG_INFO_VERSION_5 constant fixed bin(9,0) initial packed unsigned unaligned dcl 2-21 ref 1009 A_ACCESS constant bit(3) initial packed unaligned dcl 10-11 ref 565 675 CHASE constant fixed bin(1,0) initial dcl 88 ref 544 CHECK constant fixed bin(17,0) initial dcl 82 ref 318 911 DONT_CHASE constant fixed bin(1,0) initial dcl 88 ref 538 552 ENTRY_ACCESS_INFO_VERSION_1 000000 constant char(8) initial packed unaligned dcl 12-9 ref 555 659 MESSAGE constant fixed bin(17,0) initial dcl 82 ref 160 MSEG_ACCEPT_WAKEUPS constant fixed bin(9,0) initial dcl 4-24 ref 746 MSEG_ADD_MESSAGE constant fixed bin(9,0) initial dcl 4-24 ref 740 962 MSEG_COPY_SEG constant fixed bin(9,0) initial dcl 4-24 ref 737 972 MSEG_CREATE_SEG constant fixed bin(9,0) initial dcl 4-24 ref 344 967 1013 MSEG_D_ACCESS constant bit(36) initial dcl 3-17 ref 640 MSEG_FULL_ACCESS constant bit(36) initial dcl 3-28 ref 581 621 MSEG_MODIFY_MESSAGE constant fixed bin(9,0) initial dcl 4-24 ref 241 743 MSEG_MODIFY_SEG_ATTR constant fixed bin(9,0) initial dcl 4-24 ref 734 MSEG_NULL_ACCESS constant bit(36) initial dcl 3-28 ref 366 444 MSEG_O_ACCESS constant bit(36) initial dcl 3-17 ref 631 MSEG_READ_MESSAGE constant fixed bin(9,0) initial dcl 4-24 ref 228 749 MSEG_READ_SEG_ATTR constant fixed bin(9,0) initial dcl 4-24 ref 731 MSEG_R_ACCESS constant bit(36) initial dcl 3-17 ref 198 210 638 MSEG_TYPE_MBX constant fixed bin(17,0) initial dcl 7-21 ref 486 MSEG_TYPE_MS constant fixed bin(17,0) initial dcl 7-22 ref 490 M_ACCESS constant bit(3) initial packed unaligned dcl 10-11 ref 565 675 SEGMENT constant fixed bin(17,0) initial dcl 82 ref 306 437 919 SMA_ACCESS constant bit(3) initial packed unaligned dcl 10-11 ref 581 S_ACCESS constant bit(3) initial packed unaligned dcl 10-11 ref 570 680 a_audit_mseg_msg 000606 automatic structure level 1 dcl 909 set ref 1007 access_audit_r1_$check_general 000042 constant entry external dcl 117 ref 988 access_audit_r1_$check_obj_class 000044 constant entry external dcl 119 ref 957 962 967 972 978 access_audit_r1_$check_obj_path 000046 constant entry external dcl 121 ref 948 992 access_audit_r1_$check_obj_ptr 000050 constant entry external dcl 123 ref 943 983 access_audit_r1_$log_general 000052 constant entry external dcl 125 ref 1025 access_audit_r1_$log_obj_class 000054 constant entry external dcl 126 ref 1013 access_audit_r1_$log_obj_path 000056 constant entry external dcl 128 ref 1031 access_audit_r1_$log_obj_ptr 000060 constant entry external dcl 129 ref 1020 access_class 260 based bit(72) level 3 in structure "mseg_operation" dcl 7-24 in procedure "mseg_check_access_" set ref 811* 880* access_class 213 based bit(72) level 3 in structure "mseg_operation" dcl 7-24 in procedure "mseg_check_access_" set ref 777* 790* 834* 972* access_info 115 based structure level 2 dcl 7-24 set ref 379 379 382 382 access_info_valid 24(03) based bit(1) level 3 packed packed unaligned dcl 7-24 set ref 198 210 377 389* 535 661 972 access_operation 2 based fixed bin(17,0) level 2 in structure "mseg_operation" dcl 7-24 in procedure "mseg_check_access_" ref 169 193 193 333 441 access_operation based bit(36) level 2 in structure "mseg_access_operation" dcl 4-5 in procedure "mseg_check_access_" set ref 943* 948* 957* 962* 967* 972* 978* 983* 988* 992* 1013* 1020* 1025* 1031* addr builtin function dcl 150 ref 169 333 379 379 382 382 441 557 557 661 661 663 663 1007 admin 2(06) based bit(1) level 3 packed packed unaligned dcl 4-5 ref 929 admin_gate_$admin_level_no_fs_audit 000062 constant entry external dcl 130 ref 357 admin_op 0(02) 000604 automatic bit(1) level 2 packed packed unaligned dcl 907 set ref 929* after builtin function dcl 150 ref 287 289 aim_check_$equal 000066 constant entry external dcl 133 ref 243 811 aim_check_$greater 000064 constant entry external dcl 132 ref 246 aim_check_$greater_or_equal 000070 constant entry external dcl 134 ref 230 777 790 790 800 804 811 880 aim_code 000312 automatic fixed bin(35,0) dcl 187 set ref 190* 235* 246* 250* 262 264 264 audit_event_flags based structure level 1 dcl 11-5 audit_mseg_msg_info based structure level 1 dcl 2-8 set ref 1013 1013 1020 1020 1025 1025 1031 1031 audit_mseg_msg_ptr 000274 automatic pointer dcl 2-6 set ref 1003* 1007* 1008 1009 1010 1013* 1013 1013 1020* 1020 1020 1025* 1025 1025 1031* 1031 1031 authorization 10 based bit(72) level 3 dcl 7-24 set ref 230* 243* 246* 758* 767* 777* 800* 804* 834* 834* 847* 880* before builtin function dcl 150 ref 277 279 287 289 bracket 000352 automatic fixed bin(17,0) dcl 457 set ref 462* 463* call_admin_gate 24(08) based bit(1) level 3 packed packed unaligned dcl 7-24 ref 357 916 caller 4 based structure level 2 dcl 7-24 chase_the_parent 000444 automatic fixed bin(1,0) dcl 518 set ref 538* 544* 552* 557* code 000474 automatic fixed bin(35,0) dcl 657 in procedure "parent_access_ok" set ref 661* 663* 665 code 000504 automatic fixed bin(35,0) dcl 709 in procedure "aim_ok_for_operation" set ref 884* 886 886 code 000445 automatic fixed bin(35,0) dcl 519 in procedure "censor_if_needed" set ref 549* 550 557* 558 code parameter fixed bin(35,0) dcl 905 in procedure "audit_operation" set ref 902 919 922 922 922 922 922 922 927 1013* 1020* 1025* 1031* descriptor 0(18) based structure level 2 packed packed unaligned dcl 2-8 set ref 1010* dir_modes 2(07) based bit(1) level 3 packed packed unaligned dcl 4-5 ref 607 dir_modes_or_ex_modes 2(08) based bit(1) level 3 packed packed unaligned dcl 4-5 ref 596 dir_name 120 based char(168) level 3 in structure "mseg_operation" packed packed unaligned dcl 7-24 in procedure "mseg_check_access_" set ref 537 661* dir_name 25 based char(168) level 2 in structure "mseg_operation" packed packed unaligned dcl 7-24 in procedure "mseg_check_access_" set ref 355* 364* 382* 543 663* 948* 948* 992* 992* 1013* 1013* 1025* 1025* 1031* 1031* do_audit 000605 automatic bit(1) dcl 908 set ref 943* 948* 953 957* 962* 967* 972* 978* 983* 988* 992* 1000 dont_audit 2 based bit(1) level 3 packed packed unaligned dcl 4-5 ref 914 dont_audit_success 2(01) based bit(1) level 3 packed packed unaligned dcl 4-5 ref 919 effective_access_modes 74 000101 automatic bit(36) level 2 dcl 68 set ref 565* 565 570* 570 581 675* 675 680* 680 689 entry_access_info based structure level 1 dcl 12-12 entry_type 000267 automatic fixed bin(17,0) dcl 74 set ref 160* 306* 318* 437* 911 919 entryname 172 based char(32) level 3 in structure "mseg_operation" packed packed unaligned dcl 7-24 in procedure "mseg_check_access_" set ref 467* entryname 77 based char(32) level 2 in structure "mseg_operation" packed packed unaligned dcl 7-24 in procedure "mseg_check_access_" set ref 355* 365* 369* 382* 948* 948* 992* 992* 1013* 1013* 1025* 1025* 1031* 1031* error_table_$ai_restricted 000010 external static fixed bin(35,0) dcl 96 set ref 176* 246 262 411 922 error_table_$bad_file_name 000012 external static fixed bin(35,0) dcl 96 set ref 371* 522 error_table_$incorrect_access 000014 external static fixed bin(35,0) dcl 96 set ref 522 698* 922 error_table_$invalid_lock_reset 000016 external static fixed bin(35,0) dcl 96 ref 886 error_table_$moderr 000020 external static fixed bin(35,0) dcl 96 set ref 210 522 603* 922 error_table_$no_info 000022 external static fixed bin(35,0) dcl 96 ref 550 558 581 667 922 error_table_$no_message 000024 external static fixed bin(35,0) dcl 96 ref 203 217 223 235 250 error_table_$noentry 000026 external static fixed bin(35,0) dcl 96 ref 361 522 error_table_$not_own_message 000030 external static fixed bin(35,0) dcl 96 ref 198 error_table_$not_seg_type 000032 external static fixed bin(35,0) dcl 96 set ref 392* 522 error_table_$oosw 000034 external static fixed bin(35,0) dcl 96 ref 922 event_flags 000604 automatic structure level 1 packed packed unaligned dcl 907 set ref 926* 943 943 948 948 957 957 962 962 967 967 972 972 978 978 983 983 988 988 992 992 1013 1013 1020 1020 1025 1025 1031 1031 extended_access_modes 212 based bit(36) level 3 dcl 7-24 set ref 198 210 366* 444* 581 621 627 631 643 flags 24 based structure level 2 in structure "mseg_operation" dcl 7-24 in procedure "mseg_check_access_" flags 2 based structure level 2 in structure "mseg_access_operation" packed packed unaligned dcl 4-5 in procedure "mseg_check_access_" grant 0(01) 000604 automatic bit(1) level 2 packed packed unaligned dcl 907 set ref 927* grant_on_ex_access 000454 automatic bit(1) dcl 592 set ref 594* 596 601 group_id 14 based char(32) level 3 packed packed unaligned dcl 7-24 ref 277 287 hcs_$fs_get_path_name 000072 constant entry external dcl 135 ref 549 hcs_$get_access_info 000074 constant entry external dcl 136 ref 382 557 661 663 hcs_$get_access_info_seg 000076 constant entry external dcl 137 ref 379 hcs_$get_link_target 000100 constant entry external dcl 138 ref 355 hcs_$level_set 000102 constant entry external dcl 139 ref 354 359 index builtin function dcl 150 ref 481 info_type based fixed bin(9,0) level 2 packed packed unsigned unaligned dcl 2-8 set ref 1008* initiate_failure 000100 automatic bit(1) dcl 66 set ref 161* 307* 319* 438* 988 1025 length builtin function dcl 150 ref 479 link_dir_name 000205 automatic char(168) packed unaligned dcl 71 set ref 355* 364 link_entryname 000257 automatic char(32) packed unaligned dcl 72 set ref 355* 365 lock_id 263 based bit(36) level 3 dcl 7-24 ref 883 max_authorization 12 based bit(72) level 3 dcl 7-24 set ref 777* 811* 967* 1013* md_ptr 000302 automatic pointer dcl 9-61 in procedure "mseg_check_access_" set ref 191* 230 243 246 279 289 md_ptr 112 based pointer level 2 in structure "mseg_operation" dcl 7-24 in procedure "mseg_check_access_" ref 191 957 1010 md_ptr_valid 24(04) based bit(1) level 3 packed packed unaligned dcl 7-24 ref 957 1005 message_block_header based structure level 1 dcl 9-24 message_descriptor based structure level 1 dcl 9-37 set ref 1010 message_info 220 based structure level 2 dcl 7-24 message_name 000333 automatic varying char(32) dcl 275 set ref 279* 281 289* 293 ms_access_class 231 based bit(72) level 3 in structure "mseg_operation" dcl 7-24 in procedure "mseg_check_access_" set ref 790* 790* 804* 811* 811* 962* ms_access_class 20 based bit(72) level 2 in structure "message_descriptor" dcl 9-37 in procedure "mseg_check_access_" set ref 230* 243* 246* 957* mseg_access_op_index 2(27) based fixed bin(9,0) level 2 packed packed unsigned unaligned dcl 4-5 ref 228 241 344 731 734 737 740 743 746 749 962 967 972 1013 mseg_access_operation based structure level 1 dcl 4-5 mseg_access_operation_ptr 000276 automatic pointer dcl 4-4 set ref 169* 228 241 333* 344 441* 596 607 618 621 627 627 634 634 637 638 640 689 689 731 734 737 740 743 746 749 914 919 929 943 948 957 962 962 967 967 972 972 978 983 988 992 1013 1013 1020 1025 1031 mseg_access_operations_$data 000120 external static structure array level 1 dcl 4-35 set ref 169 333 441 mseg_access_operations_$read_delete_own_message 000126 external static fixed bin(17,0) dcl 15-4 ref 193 mseg_access_operations_$read_own_message 000124 external static fixed bin(17,0) dcl 15-4 ref 193 mseg_data_$execution_ring 000122 external static fixed bin(3,0) dcl 5-9 set ref 359* 463 mseg_message_info based structure level 1 dcl 6-9 mseg_operation based structure level 1 dcl 7-24 mseg_operation_ptr 000300 automatic pointer dcl 7-19 set ref 168* 169 176 191 193 193 198 198 205 210 210 221 230 230 243 243 246 277 287 324* 325 328 328 333 354 355 355 357 364 365 366 369 377 379 379 379 379 382 382 382 382 389 440* 441 444 447 459 463 467 486 490 535 537 541 543 549 565 570 581 621 627 631 643 645 661 661 663 675 680 758 758 767 767 777 777 777 777 781 790 790 790 790 800 800 804 804 811 811 811 811 811 834 834 834 834 847 847 857 877 880 880 883 916 943 943 948 948 948 948 948 957 957 962 967 972 972 978 983 983 992 992 992 992 992 1005 1010 1013 1013 1013 1013 1013 1013 1020 1020 1020 1025 1025 1025 1025 1025 1031 1031 1031 1031 1031 mseg_pathname_valid 24 based bit(1) level 3 packed packed unaligned dcl 7-24 ref 328 541 948 992 mseg_ptr 110 based pointer level 2 dcl 7-24 set ref 379* 549* 943* 983* 1020* mseg_ptr_valid 24(01) based bit(1) level 3 packed packed unaligned dcl 7-24 ref 328 379 943 983 1020 mseg_wakeup_state based structure level 1 dcl 13-24 name 000322 automatic varying char(32) dcl 274 set ref 277* 281 285 287* 293 name_length 000363 automatic fixed bin(17,0) dcl 477 set ref 479* 486 490 no_modes 2(03) based bit(1) level 3 packed packed unaligned dcl 4-5 ref 618 non_null_modes 2(02) based bit(1) level 3 packed packed unaligned dcl 4-5 ref 621 null builtin function dcl 150 ref 328 328 997 997 1003 o_for_d 2(05) based bit(1) level 3 packed packed unaligned dcl 4-5 ref 634 640 o_for_r 2(04) based bit(1) level 3 packed packed unaligned dcl 4-5 ref 634 638 only_own_access 24(09) based bit(1) level 3 packed packed unaligned dcl 7-24 set ref 205 645* owner_code 000313 automatic fixed bin(35,0) dcl 188 set ref 190* 193* 198* 203* 205* 210* 217* 219* 223 262 262 266 p_entryname parameter char(32) packed unaligned dcl 475 ref 472 479 481 486 490 p_mseg_operation_ptr parameter pointer dcl 60 ref 52 156 168 303 315 324 434 440 p_return_status parameter fixed bin(35,0) dcl 515 ref 512 522 522 522 522 522 522 584 p_status parameter fixed bin(35,0) dcl 61 set ref 52 156 303 315 321* 420* 434 445* 450* parent_access_class 215 based bit(72) level 3 dcl 7-24 set ref 758* 767* 777* 790* 800* 834* 847* 978* parent_access_info 000101 automatic structure level 1 dcl 68 set ref 557 557 661 661 663 663 parent_access_info_valid 000204 automatic bit(1) dcl 69 set ref 342* 443* 527 575* 684* parent_dir_name 000372 automatic char(168) packed unaligned dcl 517 set ref 537* 543* 549* 557* pathname_ 000104 constant entry external dcl 140 ref 948 948 992 992 1013 1013 1025 1025 1031 1031 priv_op 0(03) 000604 automatic bit(1) level 2 packed packed unaligned dcl 907 set ref 931* privileges 5 based bit(18) level 3 dcl 7-24 ref 230 243 447 781 857 read_allowed_ 000106 constant entry external dcl 141 ref 758 834 847 read_write_allowed_ 000110 constant entry external dcl 142 ref 767 777 required_dir_modes 2(18) based bit(3) level 2 packed packed unaligned dcl 4-5 ref 689 689 required_modes 1 based bit(36) level 2 dcl 4-5 ref 627 627 637 return_status parameter fixed bin(35,0) dcl 591 set ref 588 603* 667* 698* reverse builtin function dcl 150 ref 481 ring_brackets 66 000101 automatic fixed bin(3,0) array level 2 in structure "parent_access_info" dcl 68 in procedure "mseg_check_access_" set ref 565 570 675 680 ring_brackets 203 based fixed bin(3,0) array level 3 in structure "mseg_operation" dcl 7-24 in procedure "mseg_check_access_" set ref 463 sender_id 6 based char(32) level 2 dcl 9-37 ref 279 289 set_lock_$lock 000114 constant entry external dcl 144 ref 884 size builtin function dcl 150 ref 1013 1013 1020 1020 1025 1025 1031 1031 status 000270 automatic fixed bin(35,0) dcl 75 set ref 166* 179* 223* 262* 264* 266* 355* 361 361 371* 379* 382* 384 386* 386* 392* 406* 408* 411* 417* 420 445* 448* 450 string builtin function dcl 150 set ref 926* 943 943 948 948 957 957 962 962 967 967 972 972 978 978 983 983 988 988 992 992 1013 1013 1020 1020 1025 1025 1031 1031 sub_err_ 000116 constant entry external dcl 145 ref 328 997 substr builtin function dcl 150 ref 486 490 suppress_access_checks 24(07) based bit(1) level 3 packed packed unaligned dcl 7-24 ref 176 221 325 sys_info$dir_privilege 000036 external static bit(36) dcl 110 ref 781 sys_info$ring1_privilege 000040 external static bit(36) dcl 110 ref 230 243 447 857 test_lock_id 000566 automatic bit(36) dcl 870 set ref 883* 884* test_mode 000464 automatic bit(36) dcl 616 set ref 637* 638* 638 640* 640 643 643 type 117 based fixed bin(17,0) level 3 in structure "mseg_operation" dcl 7-24 in procedure "mseg_check_access_" set ref 459 type 1 based fixed bin(17,0) level 2 in structure "mseg_operation" dcl 7-24 in procedure "mseg_check_access_" ref 486 490 use_ai_restricted 000272 automatic bit(1) dcl 77 set ref 172* 176 236* 251* used_privilege 000271 automatic bit(1) dcl 76 set ref 171* 230* 243* 332* 447* 859* 931 validation_level 4 based fixed bin(3,0) level 3 dcl 7-24 set ref 354* 565 570 675 680 1013* 1020* 1025* 1031* version 000101 automatic char(8) level 2 in structure "parent_access_info" dcl 68 in procedure "mseg_check_access_" set ref 555* 659* version 0(09) based fixed bin(9,0) level 2 in structure "audit_mseg_msg_info" packed packed unsigned unaligned dcl 2-8 in procedure "mseg_check_access_" set ref 1009* wakeup_state 252 based structure level 2 dcl 7-24 wakeup_state_valid 24(06) based bit(1) level 3 packed packed unaligned dcl 7-24 ref 811 877 write_allowed_ 000112 constant entry external dcl 143 ref 834 xiffus_index 000362 automatic fixed bin(17,0) dcl 476 set ref 481* 483 486 490 NAMES DECLARED BY DECLARE STATEMENT AND NEVER REFERENCED. AAB_channel internal static fixed bin(9,0) initial packed unsigned unaligned dcl 1-18 AAB_dial_service internal static fixed bin(9,0) initial packed unsigned unaligned dcl 1-18 AAB_ia_abs internal static fixed bin(9,0) initial packed unsigned unaligned dcl 1-18 AAB_ia_abs_proxy internal static fixed bin(9,0) initial packed unsigned unaligned dcl 1-18 AAB_ia_int_dmn internal static fixed bin(9,0) initial packed unsigned unaligned dcl 1-18 AAB_pnt_entry internal static fixed bin(9,0) initial packed unsigned unaligned dcl 1-18 AAB_rcp_object internal static fixed bin(9,0) initial packed unsigned unaligned dcl 1-18 AAB_ss_link internal static fixed bin(9,0) initial packed unsigned unaligned dcl 1-18 AAB_ss_object internal static fixed bin(9,0) initial packed unsigned unaligned dcl 1-18 ACTION_CAN_RESTART internal static bit(36) initial dcl 14-7 ACTION_DEFAULT_RESTART internal static bit(36) initial dcl 14-7 ACTION_QUIET_RESTART internal static bit(36) initial dcl 14-7 ACTION_SUPPORT_SIGNAL internal static bit(36) initial dcl 14-7 A_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 DIR_ACCESS_MODE_NAMES internal static char(4) initial array packed unaligned dcl 10-33 E_ACCESS internal static bit(3) initial packed unaligned dcl 10-11 E_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 MESSAGE_DESCRIPTOR_SENTINEL internal static bit(36) initial dcl 9-63 MSEG_A_ACCESS internal static bit(36) initial dcl 3-17 MSEG_MBX_CREATOR_INITIAL_ACCESS defined bit(36) dcl 3-36 MSEG_MBX_INITIAL_ACL internal static bit(36) initial array dcl 3-36 MSEG_MBX_OTHERS_INITIAL_ACCESS defined bit(36) dcl 3-36 MSEG_MBX_SYSDAEMON_INITIAL_ACCESS defined bit(36) dcl 3-36 MSEG_MESSAGE_INFO_V1 internal static char(8) initial dcl 6-28 MSEG_OPERATION_VERSION_1 internal static fixed bin(17,0) initial dcl 7-20 MSEG_QUEUE_ADMIN_ACCESS internal static bit(36) initial dcl 3-61 MSEG_QUEUE_CREATOR_INITIAL_ACCESS defined bit(36) dcl 3-48 MSEG_QUEUE_INITIAL_ACL internal static bit(36) initial array dcl 3-48 MSEG_QUEUE_OTHERS_INITIAL_ACCESS defined bit(36) dcl 3-48 MSEG_QUEUE_SYSDAEMON_INITIAL_ACCESS defined bit(36) dcl 3-48 MSEG_QUEUE_USER_ACCESS internal static bit(36) initial dcl 3-61 MSEG_READ_AFTER_SPECIFIED internal static fixed bin(17,0) initial dcl 6-30 MSEG_READ_BEFORE_SPECIFIED internal static fixed bin(17,0) initial dcl 6-30 MSEG_READ_DELETE internal static bit(36) initial dcl 6-38 MSEG_READ_FIRST internal static fixed bin(17,0) initial dcl 6-30 MSEG_READ_LAST internal static fixed bin(17,0) initial dcl 6-30 MSEG_READ_OWN internal static bit(36) initial dcl 6-38 MSEG_READ_SPECIFIED internal static fixed bin(17,0) initial dcl 6-30 MSEG_SEGMENT_SENTINEL internal static bit(36) initial dcl 8-73 MSEG_SEGMENT_VERSION_5 internal static fixed bin(17,0) initial dcl 8-70 MSEG_S_ACCESS internal static bit(36) initial dcl 3-17 MSEG_U_ACCESS internal static bit(36) initial dcl 3-17 MSEG_WAKEUP_STATE_VERSION_1 internal static char(8) initial packed unaligned dcl 13-41 MSEG_W_ACCESS internal static bit(36) initial dcl 3-17 M_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 N_ACCESS internal static bit(3) initial packed unaligned dcl 10-11 N_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 REW_ACCESS internal static bit(3) initial packed unaligned dcl 10-11 REW_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 RE_ACCESS internal static bit(3) initial packed unaligned dcl 10-11 RE_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 RW_ACCESS internal static bit(3) initial packed unaligned dcl 10-11 RW_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 R_ACCESS internal static bit(3) initial packed unaligned dcl 10-11 R_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 SA_ACCESS internal static bit(3) initial packed unaligned dcl 10-11 SA_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 SEG_ACCESS_MODE_NAMES internal static char(4) initial array packed unaligned dcl 10-30 SMA_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 SM_ACCESS internal static bit(3) initial packed unaligned dcl 10-11 SM_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 S_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 W_ACCESS internal static bit(3) initial packed unaligned dcl 10-11 W_ACCESS_BIN internal static fixed bin(5,0) initial dcl 10-36 audit_binary_expanders internal static varying char(13) initial array dcl 1-46 entry_access_info_ptr automatic pointer dcl 12-8 first_message_block based structure level 1 dcl 9-69 header_msg based bit(36) array dcl 8-84 header_msg_access_class defined bit(72) dcl 8-79 header_msg_present defined bit(1) packed unaligned dcl 8-82 mb_ptr automatic pointer dcl 9-32 mseg_access_operations_$accept_wakeups_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$acl_list_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$acl_modify_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$add_message external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$admin_add_message external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$close_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$compact_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$copy_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$create_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$delete_message external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$delete_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$get_count_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$modify_attr_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$modify_fs_attr_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$open_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$read_attr_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$read_delete_message external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$read_fs_attr_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$read_message external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$reset_salvage_bit_seg external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$send_normal_wakeup external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$send_urgent_wakeup external static fixed bin(17,0) dcl 15-4 mseg_access_operations_$update_message external static fixed bin(17,0) dcl 15-4 mseg_data_$admin_ring external static fixed bin(3,0) dcl 5-8 mseg_data_$block_size external static fixed bin(35,0) dcl 5-5 mseg_data_$group_id external static char(32) packed unaligned dcl 5-11 mseg_data_$lock_id external static bit(72) dcl 5-4 mseg_data_$max_message_size external static fixed bin(35,0) dcl 5-6 mseg_data_$process_max_authorization external static bit(72) dcl 5-10 mseg_data_$template_operation external static bit(36) dcl 5-7 mseg_message_info_ptr automatic pointer dcl 6-7 mseg_ptr automatic pointer dcl 8-68 mseg_segment based structure level 1 dcl 8-28 mseg_wakeup_state_ptr automatic pointer dcl 13-38 other_message_block based structure level 1 dcl 9-82 NAMES DECLARED BY EXPLICIT CONTEXT. COMMON 000207 constant label dcl 321 ref 308 DO_THE_AUDIT 003722 constant label dcl 1003 ref 953 accept_wakeups_ok 003005 constant entry internal dcl 867 ref 746 acl_ok_for_operation 001626 constant entry internal dcl 588 ref 408 add_message_ok 002463 constant entry internal dcl 787 ref 740 aim_ok_for_operation 002200 constant entry internal dcl 706 ref 408 audit_and_exit 000557 constant label dcl 417 set ref 361 372 387 393 audit_initiate_failure 000567 constant entry external dcl 434 audit_operation 003115 constant entry internal dcl 902 ref 176 179 417 448 basic_accept_ok 003104 constant entry internal dcl 891 ref 872 censor_if_needed 001410 constant entry internal dcl 512 ref 371 386 392 445 603 698 check 000177 constant entry external dcl 315 check_message_access 000640 constant entry internal dcl 184 ref 174 copy_ok 002400 constant entry internal dcl 774 ref 737 ex_acl_ok 001712 constant entry internal dcl 613 ref 594 exit 000561 constant label dcl 420 ref 181 message 000113 constant entry external dcl 156 modify_attr_ok 002344 constant entry internal dcl 765 ref 734 modify_message_ok 002660 constant entry internal dcl 828 ref 743 894 mseg_check_access_ 000103 constant entry external dcl 52 owner_matches 001110 constant entry internal dcl 271 ref 193 205 parent_access_ok 002015 constant entry internal dcl 654 ref 599 607 priv_ok 002770 constant entry internal dcl 854 ref 760 769 781 797 837 849 read_attr_ok 002310 constant entry internal dcl 755 ref 731 read_message_ok 002734 constant entry internal dcl 842 ref 749 segment 000164 constant entry external dcl 303 valid_name 001321 constant entry internal dcl 472 ref 369 467 valid_segment 001253 constant entry internal dcl 454 ref 390 THERE WERE NO NAMES DECLARED BY CONTEXT OR IMPLICATION. STORAGE REQUIREMENTS FOR THIS PROGRAM. Object Text Link Symbol Defs Static Start 0 0 5230 5360 4475 5240 Length 6210 4475 130 613 533 0 BLOCK NAME STACK SIZE TYPE WHY NONQUICK/WHO SHARES STACK FRAME mseg_check_access_ 756 external procedure is an external procedure. check_message_access internal procedure shares stack frame of external procedure mseg_check_access_. owner_matches internal procedure shares stack frame of external procedure mseg_check_access_. valid_segment internal procedure shares stack frame of external procedure mseg_check_access_. valid_name internal procedure shares stack frame of external procedure mseg_check_access_. censor_if_needed internal procedure shares stack frame of external procedure mseg_check_access_. acl_ok_for_operation internal procedure shares stack frame of external procedure mseg_check_access_. ex_acl_ok internal procedure shares stack frame of external procedure mseg_check_access_. parent_access_ok internal procedure shares stack frame of external procedure mseg_check_access_. aim_ok_for_operation internal procedure shares stack frame of external procedure mseg_check_access_. read_attr_ok internal procedure shares stack frame of external procedure mseg_check_access_. modify_attr_ok internal procedure shares stack frame of external procedure mseg_check_access_. copy_ok internal procedure shares stack frame of external procedure mseg_check_access_. add_message_ok internal procedure shares stack frame of external procedure mseg_check_access_. modify_message_ok internal procedure shares stack frame of external procedure mseg_check_access_. read_message_ok internal procedure shares stack frame of external procedure mseg_check_access_. priv_ok internal procedure shares stack frame of external procedure mseg_check_access_. accept_wakeups_ok internal procedure shares stack frame of external procedure mseg_check_access_. basic_accept_ok internal procedure shares stack frame of external procedure mseg_check_access_. audit_operation internal procedure shares stack frame of external procedure mseg_check_access_. STORAGE FOR AUTOMATIC VARIABLES. STACK FRAME LOC IDENTIFIER BLOCK NAME mseg_check_access_ 000100 initiate_failure mseg_check_access_ 000101 parent_access_info mseg_check_access_ 000204 parent_access_info_valid mseg_check_access_ 000205 link_dir_name mseg_check_access_ 000257 link_entryname mseg_check_access_ 000267 entry_type mseg_check_access_ 000270 status mseg_check_access_ 000271 used_privilege mseg_check_access_ 000272 use_ai_restricted mseg_check_access_ 000274 audit_mseg_msg_ptr mseg_check_access_ 000276 mseg_access_operation_ptr mseg_check_access_ 000300 mseg_operation_ptr mseg_check_access_ 000302 md_ptr mseg_check_access_ 000312 aim_code check_message_access 000313 owner_code check_message_access 000322 name owner_matches 000333 message_name owner_matches 000352 bracket valid_segment 000362 xiffus_index valid_name 000363 name_length valid_name 000372 parent_dir_name censor_if_needed 000444 chase_the_parent censor_if_needed 000445 code censor_if_needed 000454 grant_on_ex_access acl_ok_for_operation 000464 test_mode ex_acl_ok 000474 code parent_access_ok 000504 code aim_ok_for_operation 000566 test_lock_id accept_wakeups_ok 000604 event_flags audit_operation 000605 do_audit audit_operation 000606 a_audit_mseg_msg audit_operation THE FOLLOWING EXTERNAL OPERATORS ARE USED BY THIS PROGRAM. r_e_as r_ne_as call_ext_out_desc call_ext_out return_mac ext_entry THE FOLLOWING EXTERNAL ENTRIES ARE CALLED BY THIS PROGRAM. access_audit_r1_$check_general access_audit_r1_$check_obj_class access_audit_r1_$check_obj_path access_audit_r1_$check_obj_ptr access_audit_r1_$log_general access_audit_r1_$log_obj_class access_audit_r1_$log_obj_path access_audit_r1_$log_obj_ptr admin_gate_$admin_level_no_fs_audit aim_check_$equal aim_check_$greater aim_check_$greater_or_equal hcs_$fs_get_path_name hcs_$get_access_info hcs_$get_access_info_seg hcs_$get_link_target hcs_$level_set pathname_ read_allowed_ read_write_allowed_ set_lock_$lock sub_err_ write_allowed_ THE FOLLOWING EXTERNAL VARIABLES ARE USED BY THIS PROGRAM. error_table_$ai_restricted error_table_$bad_file_name error_table_$incorrect_access error_table_$invalid_lock_reset error_table_$moderr error_table_$no_info error_table_$no_message error_table_$noentry error_table_$not_own_message error_table_$not_seg_type error_table_$oosw mseg_access_operations_$data mseg_access_operations_$read_delete_own_message mseg_access_operations_$read_own_message mseg_data_$execution_ring sys_info$dir_privilege sys_info$ring1_privilege LINE LOC LINE LOC LINE LOC LINE LOC LINE LOC LINE LOC LINE LOC 52 000077 55 000110 156 000111 160 000120 161 000122 166 000123 168 000124 169 000130 171 000136 172 000137 174 000140 176 000141 179 000157 181 000161 303 000162 306 000171 307 000173 308 000174 315 000175 318 000204 319 000206 321 000207 324 000211 325 000214 328 000217 332 000270 333 000271 342 000300 344 000301 354 000305 355 000313 357 000343 359 000360 361 000367 364 000374 365 000400 366 000403 369 000404 371 000417 372 000430 374 000431 377 000432 379 000435 382 000455 384 000511 386 000513 387 000515 389 000516 390 000521 392 000526 393 000537 406 000540 408 000541 411 000554 417 000557 420 000561 423 000564 434 000565 437 000574 438 000576 440 000600 441 000604 443 000612 444 000613 445 000614 447 000624 448 000632 450 000634 452 000637 184 000640 190 000641 191 000643 193 000646 198 000664 203 000677 205 000703 210 000715 217 000730 219 000734 221 000735 223 000741 225 000746 228 000747 230 000755 235 001004 236 001006 239 001010 241 001011 243 001013 246 001042 250 001064 251 001067 262 001071 264 001101 266 001105 268 001107 271 001110 277 001112 279 001127 281 001144 285 001160 287 001165 289 001214 293 001243 454 001253 459 001255 462 001263 463 001271 465 001301 467 001303 472 001321 479 001323 481 001325 483 001337 486 001342 490 001364 494 001405 512 001410 522 001412 527 001430 535 001432 537 001436 538 001441 539 001443 541 001444 543 001447 544 001452 545 001454 549 001455 550 001511 552 001520 555 001522 557 001525 558 001560 565 001567 570 001577 575 001604 581 001606 584 001622 588 001626 594 001630 596 001632 599 001645 601 001654 603 001657 604 001671 607 001674 610 001706 613 001712 618 001714 621 001723 627 001734 631 001744 634 001751 637 001766 638 001770 640 001775 643 002002 645 002006 646 002010 649 002013 654 002015 659 002017 661 002022 663 002063 665 002117 667 002121 668 002125 675 002130 680 002140 684 002145 689 002147 698 002163 700 002175 706 002200 731 002202 734 002217 737 002230 740 002241 743 002252 746 002263 749 002274 752 002305 755 002310 758 002312 760 002335 765 002344 767 002346 769 002371 774 002400 777 002402 781 002445 787 002463 790 002465 797 002527 800 002540 804 002562 811 002604 817 002650 818 002651 820 002654 828 002660 834 002662 837 002725 842 002734 847 002736 849 002761 854 002770 857 002772 859 002777 860 003001 862 003003 867 003005 872 003007 877 003017 880 003027 883 003051 884 003054 886 003070 888 003101 891 003104 894 003106 902 003115 911 003117 914 003123 916 003130 919 003135 922 003146 926 003164 927 003165 929 003171 931 003176 943 003202 948 003234 953 003305 957 003310 962 003346 967 003403 972 003434 978 003470 983 003517 988 003551 992 003576 997 003650 1000 003716 1003 003722 1005 003724 1007 003730 1008 003732 1009 003734 1010 003736 1013 003773 1020 004102 1025 004161 1031 004261 1036 004356 ----------------------------------------------------------- Historical Background This edition of the Multics software materials and documentation is provided and donated to Massachusetts Institute of Technology by Group BULL including BULL HN Information Systems Inc. as a contribution to computer science knowledge. This donation is made also to give evidence of the common contributions of Massachusetts Institute of Technology, Bell Laboratories, General Electric, Honeywell Information Systems Inc., Honeywell BULL Inc., Groupe BULL and BULL HN Information Systems Inc. to the development of this operating system. Multics development was initiated by Massachusetts Institute of Technology Project MAC (1963-1970), renamed the MIT Laboratory for Computer Science and Artificial Intelligence in the mid 1970s, under the leadership of Professor Fernando Jose Corbato. Users consider that Multics provided the best software architecture for managing computer hardware properly and for executing programs. Many subsequent operating systems incorporated Multics principles. Multics was distributed in 1975 to 2000 by Group Bull in Europe , and in the U.S. by Bull HN Information Systems Inc., as successor in interest by change in name only to Honeywell Bull Inc. and Honeywell Information Systems Inc. . ----------------------------------------------------------- Permission to use, copy, modify, and distribute these programs and their documentation for any purpose and without fee is hereby granted,provided that the below copyright notice and historical background appear in all copies and that both the copyright notice and historical background and this permission notice appear in supporting documentation, and that the names of MIT, HIS, BULL or BULL HN not be used in advertising or publicity pertaining to distribution of the programs without specific prior written permission. Copyright 1972 by Massachusetts Institute of Technology and Honeywell Information Systems Inc. Copyright 2006 by BULL HN Information Systems Inc. Copyright 2006 by Bull SAS All Rights Reserved