MAC/do: Clarify comments about flags attached per-ID or per-ID-type

No functional change.

MFC after:      3 days
Sponsored by:   The FreeBSD Foundation
This commit is contained in:
Olivier Certner
2026-06-04 12:01:23 +02:00
parent 1c0e5c53ff
commit 0c2d64ce3d
+7 -5
View File
@@ -123,20 +123,22 @@ _Static_assert(sizeof(uid_t) == sizeof(u_int) && (uid_t)-1 >= 0 &&
* encoding for simplicity. * encoding for simplicity.
* *
* There is currently room for "only" 16 bits. As these flags are purely * There is currently room for "only" 16 bits. As these flags are purely
* internal, they can be renumbered and/or their type changed as needed. * internal, they can be renumbered and/or the underlying type changed as
* needed.
* *
* See also the check_*() functions below. * See also the check_*() functions below.
*/ */
typedef uint16_t flags_t; typedef uint16_t flags_t;
/* (i,gid) Specification concerns primary groups. */ /* (i,gid) Group can appear as a primary group. */
#define MDF_PRIMARY (1u << 0) #define MDF_PRIMARY (1u << 0)
/* (i,gid) Specification concerns supplementary groups. */ /* (i,gid) Group can appear as a supplementary group. */
#define MDF_SUPP_ALLOW (1u << 1) #define MDF_SUPP_ALLOW (1u << 1)
/* (i,gid) Group must appear as a supplementary group. */ /* (i,gid) Group must appear as a supplementary group. */
#define MDF_SUPP_MUST (1u << 2) #define MDF_SUPP_MUST (1u << 2)
/* (i,gid) Group must not appear as a supplementary group. */ /* (i,gid) Group must not appear as a supplementary group. */
#define MDF_SUPP_DONT (1u << 3) #define MDF_SUPP_DONT (1u << 3)
/* (i,gid) Mask to detect a supplementary group specification. */
#define MDF_SUPP_MASK (MDF_SUPP_ALLOW | MDF_SUPP_MUST | MDF_SUPP_DONT) #define MDF_SUPP_MASK (MDF_SUPP_ALLOW | MDF_SUPP_MUST | MDF_SUPP_DONT)
#define MDF_ID_MASK (MDF_PRIMARY | MDF_SUPP_MASK) #define MDF_ID_MASK (MDF_PRIMARY | MDF_SUPP_MASK)
@@ -144,8 +146,8 @@ typedef uint16_t flags_t;
* (t) All IDs allowed. * (t) All IDs allowed.
* *
* For GIDs, MDF_ANY only concerns primary groups. The MDF_PRIMARY and * For GIDs, MDF_ANY only concerns primary groups. The MDF_PRIMARY and
* MDF_SUPP_* flags never apply to MDF_ANY, but can be present if MDF_CURRENT is * MDF_SUPP_* flags do not apply to MDF_ANY, but can be present if MDF_CURRENT
* present also, as usual. * is present also, as for explicit IDs.
*/ */
#define MDF_ANY (1u << 8) #define MDF_ANY (1u << 8)
/* (t) Current IDs allowed. */ /* (t) Current IDs allowed. */