Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / d70bc0c67c7aaf0d00084b2f91b44fe1a8ae4e15 / . / include / linux / sunrpc / gss_api.h
blob: 1f911ccb2a75655bee357d27076b455776d4d377 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1/*
Uwe Zeisbergerf30c2262006-10-03 23:01:26 +0200[diff] [blame]2 * linux/include/linux/sunrpc/gss_api.h
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]3 *
4 * Somewhat simplified version of the gss api.
5 *
6 * Dug Song <dugsong@monkey.org>
7 * Andy Adamson <andros@umich.edu>
8 * Bruce Fields <bfields@umich.edu>
9 * Copyright (c) 2000 The Regents of the University of Michigan
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]10 */
11
12#ifndef _LINUX_SUNRPC_GSS_API_H
13#define _LINUX_SUNRPC_GSS_API_H
14
15#ifdef __KERNEL__
16#include <linux/sunrpc/xdr.h>
Chuck Lever6a1a1e32012-07-11 16:31:08 -0400[diff] [blame]17#include <linux/sunrpc/msg_prot.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]18#include <linux/uio.h>
19
20/* The mechanism-independent gss-api context: */
21struct gss_ctx {
22 struct gss_api_mech *mech_type;
23 void *internal_ctx_id;
24};
25
26#define GSS_C_NO_BUFFER ((struct xdr_netobj) 0)
27#define GSS_C_NO_CONTEXT ((struct gss_ctx *) 0)
Chuck Lever83523d02013-03-16 15:55:01 -0400[diff] [blame]28#define GSS_C_QOP_DEFAULT (0)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]29
30/*XXX arbitrary length - is this set somewhere? */
31#define GSS_OID_MAX_LEN 32
Chuck Leverfb15b262013-03-16 15:54:34 -0400[diff] [blame]32struct rpcsec_gss_oid {
33 unsigned int len;
34 u8 data[GSS_OID_MAX_LEN];
35};
36
37/* From RFC 3530 */
38struct rpcsec_gss_info {
39 struct rpcsec_gss_oid oid;
40 u32 qop;
41 u32 service;
42};
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]43
44/* gss-api prototypes; note that these are somewhat simplified versions of
45 * the prototypes specified in RFC 2744. */
46int gss_import_sec_context(
47 const void* input_token,
48 size_t bufsize,
49 struct gss_api_mech *mech,
Trond Myklebust1f4c86c2010-05-13 12:51:02 -0400[diff] [blame]50 struct gss_ctx **ctx_id,
Simo Sorce400f26b2012-05-25 18:09:53 -0400[diff] [blame]51 time_t *endtime,
Trond Myklebust1f4c86c2010-05-13 12:51:02 -0400[diff] [blame]52 gfp_t gfp_mask);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]53u32 gss_get_mic(
54 struct gss_ctx *ctx_id,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]55 struct xdr_buf *message,
56 struct xdr_netobj *mic_token);
57u32 gss_verify_mic(
58 struct gss_ctx *ctx_id,
59 struct xdr_buf *message,
J. Bruce Fields00fd6e12005-10-13 16:55:18 -0400[diff] [blame]60 struct xdr_netobj *mic_token);
J. Bruce Fields293f1eb2005-10-13 16:54:37 -0400[diff] [blame]61u32 gss_wrap(
62 struct gss_ctx *ctx_id,
J. Bruce Fields293f1eb2005-10-13 16:54:37 -0400[diff] [blame]63 int offset,
64 struct xdr_buf *outbuf,
65 struct page **inpages);
66u32 gss_unwrap(
67 struct gss_ctx *ctx_id,
J. Bruce Fields293f1eb2005-10-13 16:54:37 -0400[diff] [blame]68 int offset,
69 struct xdr_buf *inbuf);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]70u32 gss_delete_sec_context(
71 struct gss_ctx **ctx_id);
72
Chuck Lever83523d02013-03-16 15:55:01 -0400[diff] [blame]73rpc_authflavor_t gss_svc_to_pseudoflavor(struct gss_api_mech *, u32 qop,
74 u32 service);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]75u32 gss_pseudoflavor_to_service(struct gss_api_mech *, u32 pseudoflavor);
76char *gss_service_to_auth_domain_name(struct gss_api_mech *, u32 service);
77
78struct pf_desc {
79 u32 pseudoflavor;
Chuck Lever83523d02013-03-16 15:55:01 -0400[diff] [blame]80 u32 qop;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]81 u32 service;
82 char *name;
83 char *auth_domain_name;
84};
85
86/* Different mechanisms (e.g., krb5 or spkm3) may implement gss-api, and
87 * mechanisms may be dynamically registered or unregistered by modules. */
88
89/* Each mechanism is described by the following struct: */
90struct gss_api_mech {
91 struct list_head gm_list;
92 struct module *gm_owner;
Chuck Leverfb15b262013-03-16 15:54:34 -0400[diff] [blame]93 struct rpcsec_gss_oid gm_oid;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]94 char *gm_name;
Trond Myklebustf1c0a862007-06-23 20:17:58 -0400[diff] [blame]95 const struct gss_api_ops *gm_ops;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]96 /* pseudoflavors supported by this mechanism: */
97 int gm_pf_num;
98 struct pf_desc * gm_pfs;
Trond Myklebust683ac662010-04-08 14:09:58 -0400[diff] [blame]99 /* Should the following be a callback operation instead? */
100 const char *gm_upcall_enctypes;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]101};
102
103/* and must provide the following operations: */
104struct gss_api_ops {
105 int (*gss_import_sec_context)(
106 const void *input_token,
107 size_t bufsize,
Trond Myklebust1f4c86c2010-05-13 12:51:02 -0400[diff] [blame]108 struct gss_ctx *ctx_id,
Simo Sorce400f26b2012-05-25 18:09:53 -0400[diff] [blame]109 time_t *endtime,
Trond Myklebust1f4c86c2010-05-13 12:51:02 -0400[diff] [blame]110 gfp_t gfp_mask);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]111 u32 (*gss_get_mic)(
112 struct gss_ctx *ctx_id,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]113 struct xdr_buf *message,
114 struct xdr_netobj *mic_token);
115 u32 (*gss_verify_mic)(
116 struct gss_ctx *ctx_id,
117 struct xdr_buf *message,
J. Bruce Fields00fd6e12005-10-13 16:55:18 -0400[diff] [blame]118 struct xdr_netobj *mic_token);
J. Bruce Fields293f1eb2005-10-13 16:54:37 -0400[diff] [blame]119 u32 (*gss_wrap)(
120 struct gss_ctx *ctx_id,
J. Bruce Fields293f1eb2005-10-13 16:54:37 -0400[diff] [blame]121 int offset,
122 struct xdr_buf *outbuf,
123 struct page **inpages);
124 u32 (*gss_unwrap)(
125 struct gss_ctx *ctx_id,
J. Bruce Fields293f1eb2005-10-13 16:54:37 -0400[diff] [blame]126 int offset,
127 struct xdr_buf *buf);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]128 void (*gss_delete_sec_context)(
129 void *internal_ctx_id);
130};
131
132int gss_mech_register(struct gss_api_mech *);
133void gss_mech_unregister(struct gss_api_mech *);
134
135/* returns a mechanism descriptor given an OID, and increments the mechanism's
136 * reference count. */
J. Bruce Fieldsb1df7632013-04-29 14:03:30 -0400[diff] [blame]137struct gss_api_mech * gss_mech_get_by_OID(struct rpcsec_gss_oid *);
138
Chuck Lever9568c5e2013-03-16 15:54:43 -0400[diff] [blame]139/* Given a GSS security tuple, look up a pseudoflavor */
140rpc_authflavor_t gss_mech_info2flavor(struct rpcsec_gss_info *);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]141
Chuck Levera77c8062013-03-16 15:55:10 -0400[diff] [blame]142/* Given a pseudoflavor, look up a GSS security tuple */
143int gss_mech_flavor2info(rpc_authflavor_t, struct rpcsec_gss_info *);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]144
145/* Returns a reference to a mechanism, given a name like "krb5" etc. */
146struct gss_api_mech *gss_mech_get_by_name(const char *);
147
148/* Similar, but get by pseudoflavor. */
149struct gss_api_mech *gss_mech_get_by_pseudoflavor(u32);
150
Bryan Schumaker8f70e952011-03-24 17:12:31 +0000[diff] [blame]151/* Fill in an array with a list of supported pseudoflavors */
Chuck Lever6a1a1e32012-07-11 16:31:08 -0400[diff] [blame]152int gss_mech_list_pseudoflavors(rpc_authflavor_t *, int);
Bryan Schumaker8f70e952011-03-24 17:12:31 +0000[diff] [blame]153
J. Bruce Fields0dc15312013-05-14 16:07:13 -0400[diff] [blame]154struct gss_api_mech * gss_mech_get(struct gss_api_mech *);
155
Andreas Mohrd6e05ed2006-06-26 18:35:02 +0200[diff] [blame]156/* For every successful gss_mech_get or gss_mech_get_by_* call there must be a
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]157 * corresponding call to gss_mech_put. */
158void gss_mech_put(struct gss_api_mech *);
159
160#endif /* __KERNEL__ */
161#endif /* _LINUX_SUNRPC_GSS_API_H */
162