sys/acl.h: reduce header pollution

In commit d1dfd921774f0 the acl allocator was switched from malloc(9) to
uma(9) and done in a way required vm/uma.h and prerequisites. This added
considerable header pollution to sys/sysproto.h. The uma details were
hidden in commit b998d381f2868, but the header pollution remained. Add
less broad includes as required to keep the header self contained.

Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44468

sys/acl.h: move main typedefs to sys/_types.h

Make __ prefixed versions available without the pollution of sys/acl.h
(and by extension sys/param.h).

Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44382

sys: Remove $FreeBSD$: two-line .h pattern

Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.

Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix

libc/posix1e: Add acl_extended_file_np() function.

Reviewed by: kib, debdrup, gbe
Approved by: kib
Differential Revision: https://reviews.freebsd.org/D28255

libc/posix1e: Add acl_equiv_mode_np() function.

Reviewed by: kib, debdrup, gbe
Approved by: kib
Differential Revision: https://reviews.freebsd.org/D28255

libc/posix1e: Add acl_cmp_np() function.

Reviewed by: kib, debdrup, gbe
Approved by: kib
Differential Revision: https://reviews.freebsd.org/D28255

libc/posix1e: Add acl_from_mode_np() function.

Reviewed by: kib, debdrup, gbe
Approved by: kib
Differential Revision: https://reviews.freebsd.org/D28255

sys/sys: further adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Expose an interface to determine if an ACE is inherited.

Submitted by: sef
Reviewed by: trasz
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D3540

Make it possible to use permission sets (full_set, modify_set, read_set
and write_set) with setfacl(1).

PR: kern/154113
Submitted by: Shawn Webb <lattera at gmail dot com> (earlier version)
MFC after: 1 month

Move the code around so that libc behaviour does not depend on a variable
that was supposed to be kernel-only. There should be no functional changes.

A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.

First step at adopting FreeBSD to support PSARC/2010/029. This makes
acl_is_trivial_np(3) properly recognize the new trivial ACLs. From
the user point of view, that means "ls -l" no longer shows plus signs
for all the files when running ZFS v28.

MFC r200829:

Cosmetic fixes.

Cosmetic fixes.

Add NFSv4 ACL support to libc.

This adds the following functions to the acl(3) API: acl_add_flag_np,
acl_clear_flags_np, acl_create_entry_np, acl_delete_entry_np,
acl_delete_flag_np, acl_get_extended_np, acl_get_flag_np, acl_get_flagset_np,
acl_set_extended_np, acl_set_flagset_np, acl_to_text_np, acl_is_trivial_np,
acl_strip_np, acl_get_brand_np. Most of them are similar to what Darwin
does. There are no backward-incompatible changes.

Approved by: rwatson@

Add new #defines neccessary to support NFSv4 ACLs.

Reviewed by: rwatson

Make 'struct acl' larger, as required to support NFSv4 ACLs. Provide
compatibility interfaces in both kernel and libc.

Reviewed by: rwatson

Use acl_alloc() and acl_free() instead of using uma(9) directly.
This will make switching to malloc(9) easier; also, it would be
neccessary to add these routines if/when we implement variable-size
ACLs.

- Import the HEAD csup code which is the basis for the cvsmode work.

Minor white space tweaks in comments.

Convert the primary ACL allocator from malloc(9) to using a UMA zone instead.
Also introduce an aclinit function which will be used to create the UMA zone
for use by file systems at system start up.

MFC after: 1 month
Discussed with: rwatson

Remove unimplemented ACL types.

Reported by: Hervé Kergourlay <herve dot kergourlay at atempo dot com>

Improve consistency of include file guards in src/sys/sys by terminating
them with '_', as well as beginning with '_'.

Observed by: bde

Move more ACL logic from the UFS code (ufs_acl.c) to the central POSIX.1e
support routines in kern_acl.c:

- Define ACL_OVERRIDE_MASK and ACL_PRESERVE_MASK centrally in acl.h: the
mode bits that are (and aren't) stored in the ACL.

- Add acl_posix1e_acl_to_mode(): given a POSIX.1e extended ACL, generate
a compatibility mode (only the bits supported by the POSIX.1e ACL).

- acl_posix1e_newfilemode(): Given a requested creation mode and default
ACL, calculate the mode for the new file system object (only the bits
supported by the POSIX.1e ACL).

PR: 50148
Reported by: Ritz, Bruno <bruno_ritz@gmx.ch>
Obtained from: TrustedBSD Project

Provide prototypes for new ACL system calls to manipulate ACLs "by
name" without following symbolic links, as well as library wrappers.

Obtained from: TrustedBSD Project

More s/file system/filesystem/g

Remove __P

Remove bogus _POSIX_ACL_PATH_MAX definition.

o Update copyright dates.
o Add reference to TrustedBSD Project in license header.
o Update dated comments, including comment in extattr.h claiming that
no file systems support extended attributes.
o Improve comment consistency.

o Modify copyright date format for improved consistency: use '-' for
year ranges, rather than a comma-delimited list of years.

o Separate acl_t into internal and external representations as
required by POSIX.1e. This maintains the current 'struct acl'
in the kernel while providing the generic external acl_t
interface required to complete the ACL editing library.
o Add the acl_get_entry() function.
o Convert the existing ACL utilities, getfacl and setfacl, to
fully make use of the ACL editing library.

Obtained from: TrustedBSD Project

Fix the cut'n'paste style bugs I introduced in rev 1.16
(spaces -> tab(s) in #define's)

Add acl_get_perm_np(3), a non-portable function to check if a
permission is in a permission set, required for third-party
applications such as Samba.

Reviewed by: rwatson
Obtained from: TrustedBSD Project

Add the remaining POSIX.1e ACL definitions:
ACL_UNDEFINED_TAG, ACL_UNDEFINED_ID, ACL_FIRST_ENTRY, ACL_NEXT_ENTRY

Reviewed by: rwatson
Obtained from: TrustedBSD Project

Correct the following defines to match the POSIX.1e spec:

ACL_PERM_EXEC -> ACL_EXECUTE
ACL_PERM_READ -> ACL_READ
ACL_PERM_WRITE -> ACL_WRITE

Obtained from: TrustedBSD

Add the following ACL editing functions:
acl_add_perm, acl_clear_perms, acl_copy_entry, acl_create_entry,
acl_delete_perm, acl_get_permset, acl_get_qualifier, acl_get_tag_type,
acl_set_permset, acl_set_qualifier, acl_set_tag_type

This brings us within 4 functions of a full ACL editing library.

Reviewed by: rwatson

Add the following POSIX 1003.1e functions and man pages:
o acl_calc_mask(): calculates the ACL mask entry associated with
the given ACL.
o acl_delete_entry(): remove a specified ACL entry from the given
ACL.

Approved by: rwatson

o Change the API and ABI of the Extended Attribute kernel interfaces to
introduce a new argument, "namespace", rather than relying on a first-
character namespace indicator. This is in line with more recent
thinking on EA interfaces on various mailing lists, including the
posix1e, Linux acl-devel, and trustedbsd-discuss forums. Two namespaces
are defined by default, EXTATTR_NAMESPACE_SYSTEM and
EXTATTR_NAMESPACE_USER, where the primary distinction lies in the
access control model: user EAs are accessible based on the normal
MAC and DAC file/directory protections, and system attributes are
limited to kernel-originated or appropriately privileged userland
requests.

o These API changes occur at several levels: the namespace argument is
introduced in the extattr_{get,set}_file() system call interfaces,
at the vnode operation level in the vop_{get,set}extattr() interfaces,
and in the UFS extended attribute implementation. Changes are also
introduced in the VFS extattrctl() interface (system call, VFS,
and UFS implementation), where the arguments are modified to include
a namespace field, as well as modified to advoid direct access to
userspace variables from below the VFS layer (in the style of recent
changes to mount by adrian@FreeBSD.org). This required some cleanup
and bug fixing regarding VFS locks and the VFS interface, as a vnode
pointer may now be optionally submitted to the VFS_EXTATTRCTL()
call. Updated documentation for the VFS interface will be committed
shortly.

o In the near future, the auto-starting feature will be updated to
search two sub-directories to the ".attribute" directory in appropriate
file systems: "user" and "system" to locate attributes intended for
those namespaces, as the single filename is no longer sufficient
to indicate what namespace the attribute is intended for. Until this
is committed, all attributes auto-started by UFS will be placed in
the EXTATTR_NAMESPACE_SYSTEM namespace.

o The default POSIX.1e attribute names for ACLs and Capabilities have
been updated to no longer include the '$' in their filename. As such,
if you're using these features, you'll need to rename the attribute
backing files to the same names without '$' symbols in front.

o Note that these changes will require changes in userland, which will
be committed shortly. These include modifications to the extended
attribute utilities, as well as to libutil for new namespace
string conversion routines. Once the matching userland changes are
committed, a buildworld is recommended to update all the necessary
include files and verify that the kernel and userland environments
are in sync. Note: If you do not use extended attributes (most people
won't), upgrading is not imperative although since the system call
API has changed, the new userland extended attribute code will no longer
compile with old include files.

o Couple of minor cleanups while I'm there: make more code compilation
conditional on FFS_EXTATTR, which should recover a bit of space on
kernels running without EA's, as well as update copyright dates.

Obtained from: TrustedBSD Project

o Introduce filesystem-independent POSIX.1e ACL utility routines to
support implementations of ACLs in file systems. Introduce the
following new functions:

vaccess_acl_posix1e() vaccess() that accepts an ACL
acl_posix1e_mode_to_perm() Convert mode bits to ACL rights
acl_posix1e_mode_to_entry() Build ACL entry from mode/uid/gid
acl_posix1e_perms_to_mode() Generate file mode from ACL
acl_posix1e_check() Syntax verification for ACL

These functions allow a file system to rely on central ACL evaluation
and syntax checking, as well as providing useful utilities to
allow ACL-based file systems to generate mode/owner/etc information
to return via VOP_GETATTR(), and to support file systems that split
their ACL information over their existing inode storage (mode, uid,
gid) and extended ACL into extended attributes (additional users,
groups, ACL mask).

o Add prototypes for exported functions to sys/acl.h, sys/vnode.h

Reviewed by: trustedbsd-discuss, freebsd-arch
Obtained from: TrustedBSD Project

o Correct typos in comment fields.
o Update copyright to 2001.

Submitted by: jedgar

o Add two constants mapping ACLs into extended attribute names
o Add '.'s in comments to style(9)-ify them.
o Clean up whitespace a little.

Obtained from: TrustedBSD Project

Fix man page structures/constants to match recent changes in acl.h
Fix a few more namespace messes and whitespace curiosities in acl.h
Fix comments in acl.h
Clean up some function prototypes from acl.h that won't be committed
before the code freeze.

Some of this kindly pointed out by: the ever patient bde

A few more touchups:
- clean up unneeded AFS ID type
- Add Coda, NTFS, NWFS ACL types
- Add acl_dup() prototype
- Remove acl_calc_mask, which belongs in the editing library
- Introduce posix1e.3, a man page introducing POSIX.1e library calls
(more man pages to follow)

Minor fixes to library interface to improve POSIX.1e compliance. This
adds _np to a couple of function prototypes that provided more broad/useful
interfaces than POSIX.1e interfaces included.

Also, move from using a heuristic to identify POSIX.1e-semantic ACLs to
using different ACL types for non-POSIX.1e ACLs. This should clean up the
existing fuzzy logic that determined when acl_sort() should be applied
before kernel submission.

A few more style cleanups

Submitted by: bde

Fix bde'isms in acl/extattr syscall interface, renaming syscalls to
prettier (?) names, adding some const's around here, et al.

Reviewed by: bde

IRIX interoperability -- define ACL_MAX_ENTRIES from MAX_ACL_ENTRIES

Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL"
is an application space macro and the applications are supposed to be free
to use it as they please (but cannot). This is consistant with the other
BSD's who made this change quite some time ago. More commits to come.

Second pass commit to introduce new ACL and Extended Attribute system
calls, vnops, vfsops, both in /kern, and to individual file systems that
require a vfsop_ array entry.

Reviewed by: eivind