svcauth.h 6.06 KB
Newer Older
Linus Torvalds's avatar
Linus Torvalds committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
/*
 * linux/include/linux/sunrpc/svcauth.h
 *
 * RPC server-side authentication stuff.
 *
 * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
 */

#ifndef _LINUX_SUNRPC_SVCAUTH_H_
#define _LINUX_SUNRPC_SVCAUTH_H_

#ifdef __KERNEL__

#include <linux/string.h>
#include <linux/sunrpc/msg_prot.h>
#include <linux/sunrpc/cache.h>
17
#include <linux/sunrpc/gss_api.h>
Linus Torvalds's avatar
Linus Torvalds committed
18
#include <linux/hash.h>
19
#include <linux/stringhash.h>
20
#include <linux/cred.h>
Linus Torvalds's avatar
Linus Torvalds committed
21
22

struct svc_cred {
23
24
	kuid_t			cr_uid;
	kgid_t			cr_gid;
Linus Torvalds's avatar
Linus Torvalds committed
25
	struct group_info	*cr_group_info;
26
	u32			cr_flavor; /* pseudoflavor */
27
28
29
30
31
32
	/* name of form servicetype/hostname@REALM, passed down by
	 * gss-proxy: */
	char			*cr_raw_principal;
	/* name of form servicetype@hostname, passed down by
	 * rpc.svcgssd, or computed from the above: */
	char			*cr_principal;
33
	struct gss_api_mech	*cr_gss_mech;
Linus Torvalds's avatar
Linus Torvalds committed
34
35
};

36
37
38
static inline void init_svc_cred(struct svc_cred *cred)
{
	cred->cr_group_info = NULL;
39
	cred->cr_raw_principal = NULL;
40
41
42
43
	cred->cr_principal = NULL;
	cred->cr_gss_mech = NULL;
}

44
45
46
47
static inline void free_svc_cred(struct svc_cred *cred)
{
	if (cred->cr_group_info)
		put_group_info(cred->cr_group_info);
48
	kfree(cred->cr_raw_principal);
49
	kfree(cred->cr_principal);
50
51
	gss_mech_put(cred->cr_gss_mech);
	init_svc_cred(cred);
52
53
}

Linus Torvalds's avatar
Linus Torvalds committed
54
struct svc_rqst;		/* forward decl */
55
struct in6_addr;
Linus Torvalds's avatar
Linus Torvalds committed
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

/* Authentication is done in the context of a domain.
 *
 * Currently, the nfs server uses the auth_domain to stand
 * for the "client" listed in /etc/exports.
 *
 * More generally, a domain might represent a group of clients using
 * a common mechanism for authentication and having a common mapping
 * between local identity (uid) and network identity.  All clients
 * in a domain have similar general access rights.  Each domain can
 * contain multiple principals which will have different specific right
 * based on normal Discretionary Access Control.
 *
 * A domain is created by an authentication flavour module based on name
 * only.  Userspace then fills in detail on demand.
 *
 * In the case of auth_unix and auth_null, the auth_domain is also
 * associated with entries in another cache representing the mapping
 * of ip addresses to the given client.
 */
struct auth_domain {
77
78
	struct kref		ref;
	struct hlist_node	hash;
Linus Torvalds's avatar
Linus Torvalds committed
79
	char			*name;
80
	struct auth_ops		*flavour;
Linus Torvalds's avatar
Linus Torvalds committed
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
};

/*
 * Each authentication flavour registers an auth_ops
 * structure.
 * name is simply the name.
 * flavour gives the auth flavour. It determines where the flavour is registered
 * accept() is given a request and should verify it.
 *   It should inspect the authenticator and verifier, and possibly the data.
 *    If there is a problem with the authentication *authp should be set.
 *    The return value of accept() can indicate:
 *      OK - authorised. client and credential are set in rqstp.
 *           reqbuf points to arguments
 *           resbuf points to good place for results.  verfier
 *             is (probably) already in place.  Certainly space is
 *	       reserved for it.
 *      DROP - simply drop the request. It may have been deferred
 *      GARBAGE - rpc garbage_args error
 *      SYSERR - rpc system_err error
 *      DENIED - authp holds reason for denial.
 *      COMPLETE - the reply is encoded already and ready to be sent; no
 *		further processing is necessary.  (This is used for processing
 *		null procedure calls which are used to set up encryption
 *		contexts.)
 *
 *   accept is passed the proc number so that it can accept NULL rpc requests
 *   even if it cannot authenticate the client (as is sometimes appropriate).
 *
 * release() is given a request after the procedure has been run.
 *  It should sign/encrypt the results if needed
 * It should return:
 *    OK - the resbuf is ready to be sent
 *    DROP - the reply should be quitely dropped
 *    DENIED - authp holds a reason for MSG_DENIED
 *    SYSERR - rpc system_err
 *
 * domain_release()
 *   This call releases a domain.
119
120
121
 * set_client()
 *   Givens a pending request (struct svc_rqst), finds and assigns
 *   an appropriate 'auth_domain' as the client.
Linus Torvalds's avatar
Linus Torvalds committed
122
123
124
125
126
 */
struct auth_ops {
	char *	name;
	struct module *owner;
	int	flavour;
127
	int	(*accept)(struct svc_rqst *rq, __be32 *authp);
Linus Torvalds's avatar
Linus Torvalds committed
128
129
130
131
132
133
134
135
136
137
138
	int	(*release)(struct svc_rqst *rq);
	void	(*domain_release)(struct auth_domain *);
	int	(*set_client)(struct svc_rqst *rq);
};

#define	SVC_GARBAGE	1
#define	SVC_SYSERR	2
#define	SVC_VALID	3
#define	SVC_NEGATIVE	4
#define	SVC_OK		5
#define	SVC_DROP	6
139
140
141
142
143
144
145
#define	SVC_CLOSE	7	/* Like SVC_DROP, but request is definitely
				 * lost so if there is a tcp connection, it
				 * should be closed
				 */
#define	SVC_DENIED	8
#define	SVC_PENDING	9
#define	SVC_COMPLETE	10
Linus Torvalds's avatar
Linus Torvalds committed
146

147
struct svc_xprt;
Linus Torvalds's avatar
Linus Torvalds committed
148

149
extern int	svc_authenticate(struct svc_rqst *rqstp, __be32 *authp);
Linus Torvalds's avatar
Linus Torvalds committed
150
151
152
153
154
155
156
extern int	svc_authorise(struct svc_rqst *rqstp);
extern int	svc_set_client(struct svc_rqst *rqstp);
extern int	svc_auth_register(rpc_authflavor_t flavor, struct auth_ops *aops);
extern void	svc_auth_unregister(rpc_authflavor_t flavor);

extern struct auth_domain *unix_domain_find(char *name);
extern void auth_domain_put(struct auth_domain *item);
157
extern int auth_unix_add_addr(struct net *net, struct in6_addr *addr, struct auth_domain *dom);
158
extern struct auth_domain *auth_domain_lookup(char *name, struct auth_domain *new);
Linus Torvalds's avatar
Linus Torvalds committed
159
extern struct auth_domain *auth_domain_find(char *name);
160
extern struct auth_domain *auth_unix_lookup(struct net *net, struct in6_addr *addr);
Linus Torvalds's avatar
Linus Torvalds committed
161
extern int auth_unix_forget_old(struct auth_domain *dom);
162
extern void svcauth_unix_purge(struct net *net);
163
extern void svcauth_unix_info_release(struct svc_xprt *xpt);
164
extern int svcauth_unix_set_client(struct svc_rqst *rqstp);
Linus Torvalds's avatar
Linus Torvalds committed
165

166
167
168
extern int unix_gid_cache_create(struct net *net);
extern void unix_gid_cache_destroy(struct net *net);

169
170
171
172
173
/*
 * The <stringhash.h> functions are good enough that we don't need to
 * use hash_32() on them; just extracting the high bits is enough.
 */
static inline unsigned long hash_str(char const *name, int bits)
Linus Torvalds's avatar
Linus Torvalds committed
174
{
175
	return hashlen_hash(hashlen_string(name)) >> (32 - bits);
Linus Torvalds's avatar
Linus Torvalds committed
176
177
}

178
static inline unsigned long hash_mem(char const *buf, int length, int bits)
Linus Torvalds's avatar
Linus Torvalds committed
179
{
180
	return full_name_hash(buf, length) >> (32 - bits);
Linus Torvalds's avatar
Linus Torvalds committed
181
182
183
184
185
}

#endif /* __KERNEL__ */

#endif /* _LINUX_SUNRPC_SVCAUTH_H_ */