Home | History | Annotate | Download | only in sunrpc 
      1 /*
      2  * linux/include/linux/sunrpc/auth.h
      3  *
      4  * Declarations for the RPC client authentication machinery.
      5  *
      6  * Copyright (C) 1996, Olaf Kirch <okir (at) monad.swb.de>
      7  */
      8 
      9 #ifndef _LINUX_SUNRPC_AUTH_H
     10 #define _LINUX_SUNRPC_AUTH_H
     11 
     12 #ifdef __KERNEL__
     13 
     14 #include <linux/sunrpc/sched.h>
     15 #include <linux/sunrpc/msg_prot.h>
     16 #include <linux/sunrpc/xdr.h>
     17 
     18 #include <asm/atomic.h>
     19 
     20 /* size of the nodename buffer */
     21 #define UNX_MAXNODENAME	32
     22 
     23 /* Maximum size (in bytes) of an rpc credential or verifier */
     24 #define RPC_MAX_AUTH_SIZE (400)
     25 
     26 /* Work around the lack of a VFS credential */
     27 struct auth_cred {
     28 	uid_t	uid;
     29 	gid_t	gid;
     30 	struct group_info *group_info;
     31 };
     32 
     33 /*
     34  * Client user credentials
     35  */
     36 struct rpc_cred {
     37 	struct hlist_node	cr_hash;	/* hash chain */
     38 	struct rpc_credops *	cr_ops;
     39 	unsigned long		cr_expire;	/* when to gc */
     40 	atomic_t		cr_count;	/* ref count */
     41 	unsigned short		cr_flags;	/* various flags */
     42 #ifdef RPC_DEBUG
     43 	unsigned long		cr_magic;	/* 0x0f4aa4f0 */
     44 #endif
     45 
     46 	uid_t			cr_uid;
     47 
     48 	/* per-flavor data */
     49 };
     50 #define RPCAUTH_CRED_NEW	0x0001
     51 #define RPCAUTH_CRED_UPTODATE	0x0002
     52 
     53 #define RPCAUTH_CRED_MAGIC	0x0f4aa4f0
     54 
     55 /*
     56  * Client authentication handle
     57  */
     58 #define RPC_CREDCACHE_NR	8
     59 #define RPC_CREDCACHE_MASK	(RPC_CREDCACHE_NR - 1)
     60 struct rpc_cred_cache {
     61 	struct hlist_head	hashtable[RPC_CREDCACHE_NR];
     62 	unsigned long		nextgc;		/* next garbage collection */
     63 	unsigned long		expire;		/* cache expiry interval */
     64 };
     65 
     66 struct rpc_auth {
     67 	unsigned int		au_cslack;	/* call cred size estimate */
     68 				/* guess at number of u32's auth adds before
     69 				 * reply data; normally the verifier size: */
     70 	unsigned int		au_rslack;
     71 				/* for gss, used to calculate au_rslack: */
     72 	unsigned int		au_verfsize;
     73 
     74 	unsigned int		au_flags;	/* various flags */
     75 	struct rpc_authops *	au_ops;		/* operations */
     76 	rpc_authflavor_t	au_flavor;	/* pseudoflavor (note may
     77 						 * differ from the flavor in
     78 						 * au_ops->au_flavor in gss
     79 						 * case) */
     80 	atomic_t		au_count;	/* Reference counter */
     81 
     82 	struct rpc_cred_cache *	au_credcache;
     83 	/* per-flavor data */
     84 };
     85 
     86 /* Flags for rpcauth_lookupcred() */
     87 #define RPCAUTH_LOOKUP_NEW		0x01	/* Accept an uninitialised cred */
     88 #define RPCAUTH_LOOKUP_ROOTCREDS	0x02	/* This really ought to go! */
     89 
     90 /*
     91  * Client authentication ops
     92  */
     93 struct rpc_authops {
     94 	struct module		*owner;
     95 	rpc_authflavor_t	au_flavor;	/* flavor (RPC_AUTH_*) */
     96 #ifdef RPC_DEBUG
     97 	char *			au_name;
     98 #endif
     99 	struct rpc_auth *	(*create)(struct rpc_clnt *, rpc_authflavor_t);
    100 	void			(*destroy)(struct rpc_auth *);
    101 
    102 	struct rpc_cred *	(*lookup_cred)(struct rpc_auth *, struct auth_cred *, int);
    103 	struct rpc_cred *	(*crcreate)(struct rpc_auth*, struct auth_cred *, int);
    104 };
    105 
    106 struct rpc_credops {
    107 	const char *		cr_name;	/* Name of the auth flavour */
    108 	int			(*cr_init)(struct rpc_auth *, struct rpc_cred *);
    109 	void			(*crdestroy)(struct rpc_cred *);
    110 
    111 	int			(*crmatch)(struct auth_cred *, struct rpc_cred *, int);
    112 	u32 *			(*crmarshal)(struct rpc_task *, u32 *);
    113 	int			(*crrefresh)(struct rpc_task *);
    114 	u32 *			(*crvalidate)(struct rpc_task *, u32 *);
    115 	int			(*crwrap_req)(struct rpc_task *, kxdrproc_t,
    116 						void *, u32 *, void *);
    117 	int			(*crunwrap_resp)(struct rpc_task *, kxdrproc_t,
    118 						void *, u32 *, void *);
    119 };
    120 
    121 extern struct rpc_authops	authunix_ops;
    122 extern struct rpc_authops	authnull_ops;
    123 #ifdef CONFIG_SUNRPC_SECURE
    124 extern struct rpc_authops	authdes_ops;
    125 #endif
    126 
    127 int			rpcauth_register(struct rpc_authops *);
    128 int			rpcauth_unregister(struct rpc_authops *);
    129 struct rpc_auth *	rpcauth_create(rpc_authflavor_t, struct rpc_clnt *);
    130 void			rpcauth_destroy(struct rpc_auth *);
    131 struct rpc_cred *	rpcauth_lookup_credcache(struct rpc_auth *, struct auth_cred *, int);
    132 struct rpc_cred *	rpcauth_lookupcred(struct rpc_auth *, int);
    133 struct rpc_cred *	rpcauth_bindcred(struct rpc_task *);
    134 void			rpcauth_holdcred(struct rpc_task *);
    135 void			put_rpccred(struct rpc_cred *);
    136 void			rpcauth_unbindcred(struct rpc_task *);
    137 u32 *			rpcauth_marshcred(struct rpc_task *, u32 *);
    138 u32 *			rpcauth_checkverf(struct rpc_task *, u32 *);
    139 int			rpcauth_wrap_req(struct rpc_task *task, kxdrproc_t encode, void *rqstp, u32 *data, void *obj);
    140 int			rpcauth_unwrap_resp(struct rpc_task *task, kxdrproc_t decode, void *rqstp, u32 *data, void *obj);
    141 int			rpcauth_refreshcred(struct rpc_task *);
    142 void			rpcauth_invalcred(struct rpc_task *);
    143 int			rpcauth_uptodatecred(struct rpc_task *);
    144 int			rpcauth_init_credcache(struct rpc_auth *, unsigned long);
    145 void			rpcauth_free_credcache(struct rpc_auth *);
    146 
    147 static inline
    148 struct rpc_cred *	get_rpccred(struct rpc_cred *cred)
    149 {
    150 	atomic_inc(&cred->cr_count);
    151 	return cred;
    152 }
    153 
    154 #endif /* __KERNEL__ */
    155 #endif /* _LINUX_SUNRPC_AUTH_H */
    156