| GENFS(9) | Kernel Developer's Manual | GENFS(9) | 
genfs —
#include <miscfs/genfs/genfs.h>
int
  
  genfs_can_chflags(vnode_t
    *vp, kauth_cred_t,
    cred",
    uid_t owner_uid,
    bool
  changing_sysflags);
int
  
  genfs_can_chmod(vnode_t
    *vp, kauth_cred_t
    cred, uid_t
    cur_uid, gid_t
    cur_gid, mode_t
    new_mode);
int
  
  genfs_can_chown(vnode_t
    *vp, kauth_cred_t
    cred, uid_t
    cur_uid, gid_t
    cur_gid, uid_t
    new_uid, gid_t
    new_gid);
int
  
  genfs_can_chtimes(vnode_t
    *vp, kauth_cred_t
    cred, uid_t
    owner_uid, u_int
    vaflags);
int
  
  genfs_can_extattr(vnode_t
    *vp, kauth_cred_t
    cred, accmode_t
    accmode, int
    attrnamespace);
int
  
  genfs_can_sticky(vnode_t
    *vp, kauth_cred_t
    cred, uid_t
    dir_uid, uid_t
    file_uid);
In other words, these functions are not meant to be called directly. They are intended to be used in kauth(9) vnode scope authorization calls, for providing the fall-back file system decision.
As a rule of thumb, code that looks like this is wrong:
error = genfs_can_foo(...); /* WRONG */
While code that looks like this is right:
error = kauth_authorize_vnode(..., genfs_can_foo(...));
genfs_can_chflags(vnode_t
    *vp, kauth_cred_t cred)genfs_can_chmod(vnode_t *vp,
    kauth_cred_t cred, uid_t
    cur_uid, gid_t cur_gid, mode_t
    new_mode)genfs_can_chown(vnode_t *vp,
    kauth_cred_t cred, uid_t
    cur_uid, gid_t cur_gid, uid_t
    new_uid, gid_t new_gid)genfs_can_chtimes(vnode_t
    *vp, kauth_cred_t cred, uid_t
    owner_uid, u_int vaflags)genfs_can_extattr(vnode_t
    *vp, kauth_cred_t cred,
    accmode_t accmode, int
    attrnamespace)genfs_can_sticky(vnode_t
    *vp, kauth_cred_t cred, uid_t
    dir_uid, uid_t file_uid)| January 17, 2022 | NetBSD 10.0 |