gss_rpc_xdr.h 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252
  1. /* SPDX-License-Identifier: GPL-2.0+ */
  2. /*
  3. * GSS Proxy upcall module
  4. *
  5. * Copyright (C) 2012 Simo Sorce <simo@redhat.com>
  6. */
  7. #ifndef _LINUX_GSS_RPC_XDR_H
  8. #define _LINUX_GSS_RPC_XDR_H
  9. #include <linux/sunrpc/xdr.h>
  10. #include <linux/sunrpc/clnt.h>
  11. #include <linux/sunrpc/xprtsock.h>
  12. #if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
  13. # define RPCDBG_FACILITY RPCDBG_AUTH
  14. #endif
  15. #define LUCID_OPTION "exported_context_type"
  16. #define LUCID_VALUE "linux_lucid_v1"
  17. #define CREDS_OPTION "exported_creds_type"
  18. #define CREDS_VALUE "linux_creds_v1"
  19. typedef struct xdr_netobj gssx_buffer;
  20. typedef struct xdr_netobj utf8string;
  21. typedef struct xdr_netobj gssx_OID;
  22. enum gssx_cred_usage {
  23. GSSX_C_INITIATE = 1,
  24. GSSX_C_ACCEPT = 2,
  25. GSSX_C_BOTH = 3,
  26. };
  27. struct gssx_option {
  28. gssx_buffer option;
  29. gssx_buffer value;
  30. };
  31. struct gssx_option_array {
  32. u32 count;
  33. struct gssx_option *data;
  34. };
  35. struct gssx_status {
  36. u64 major_status;
  37. gssx_OID mech;
  38. u64 minor_status;
  39. utf8string major_status_string;
  40. utf8string minor_status_string;
  41. gssx_buffer server_ctx;
  42. struct gssx_option_array options;
  43. };
  44. struct gssx_call_ctx {
  45. utf8string locale;
  46. gssx_buffer server_ctx;
  47. struct gssx_option_array options;
  48. };
  49. struct gssx_name_attr {
  50. gssx_buffer attr;
  51. gssx_buffer value;
  52. struct gssx_option_array extensions;
  53. };
  54. struct gssx_name_attr_array {
  55. u32 count;
  56. struct gssx_name_attr *data;
  57. };
  58. struct gssx_name {
  59. gssx_buffer display_name;
  60. };
  61. typedef struct gssx_name gssx_name;
  62. struct gssx_cred_element {
  63. gssx_name MN;
  64. gssx_OID mech;
  65. u32 cred_usage;
  66. u64 initiator_time_rec;
  67. u64 acceptor_time_rec;
  68. struct gssx_option_array options;
  69. };
  70. struct gssx_cred_element_array {
  71. u32 count;
  72. struct gssx_cred_element *data;
  73. };
  74. struct gssx_cred {
  75. gssx_name desired_name;
  76. struct gssx_cred_element_array elements;
  77. gssx_buffer cred_handle_reference;
  78. u32 needs_release;
  79. };
  80. struct gssx_ctx {
  81. gssx_buffer exported_context_token;
  82. gssx_buffer state;
  83. u32 need_release;
  84. gssx_OID mech;
  85. gssx_name src_name;
  86. gssx_name targ_name;
  87. u64 lifetime;
  88. u64 ctx_flags;
  89. u32 locally_initiated;
  90. u32 open;
  91. struct gssx_option_array options;
  92. };
  93. struct gssx_cb {
  94. u64 initiator_addrtype;
  95. gssx_buffer initiator_address;
  96. u64 acceptor_addrtype;
  97. gssx_buffer acceptor_address;
  98. gssx_buffer application_data;
  99. };
  100. /* This structure is not defined in the protocol.
  101. * It is used in the kernel to carry around a big buffer
  102. * as a set of pages */
  103. struct gssp_in_token {
  104. struct page **pages; /* Array of contiguous pages */
  105. unsigned int page_base; /* Start of page data */
  106. unsigned int page_len; /* Length of page data */
  107. };
  108. struct gssx_arg_accept_sec_context {
  109. struct gssx_call_ctx call_ctx;
  110. struct gssx_ctx *context_handle;
  111. struct gssx_cred *cred_handle;
  112. struct gssp_in_token input_token;
  113. struct gssx_cb *input_cb;
  114. u32 ret_deleg_cred;
  115. struct gssx_option_array options;
  116. struct page **pages;
  117. unsigned int npages;
  118. };
  119. struct gssx_res_accept_sec_context {
  120. struct gssx_status status;
  121. struct gssx_ctx *context_handle;
  122. gssx_buffer *output_token;
  123. /* struct gssx_cred *delegated_cred_handle; not used in kernel */
  124. struct gssx_option_array options;
  125. };
  126. #define gssx_enc_indicate_mechs NULL
  127. #define gssx_dec_indicate_mechs NULL
  128. #define gssx_enc_get_call_context NULL
  129. #define gssx_dec_get_call_context NULL
  130. #define gssx_enc_import_and_canon_name NULL
  131. #define gssx_dec_import_and_canon_name NULL
  132. #define gssx_enc_export_cred NULL
  133. #define gssx_dec_export_cred NULL
  134. #define gssx_enc_import_cred NULL
  135. #define gssx_dec_import_cred NULL
  136. #define gssx_enc_acquire_cred NULL
  137. #define gssx_dec_acquire_cred NULL
  138. #define gssx_enc_store_cred NULL
  139. #define gssx_dec_store_cred NULL
  140. #define gssx_enc_init_sec_context NULL
  141. #define gssx_dec_init_sec_context NULL
  142. void gssx_enc_accept_sec_context(struct rpc_rqst *req,
  143. struct xdr_stream *xdr,
  144. const void *data);
  145. int gssx_dec_accept_sec_context(struct rpc_rqst *rqstp,
  146. struct xdr_stream *xdr,
  147. void *data);
  148. #define gssx_enc_release_handle NULL
  149. #define gssx_dec_release_handle NULL
  150. #define gssx_enc_get_mic NULL
  151. #define gssx_dec_get_mic NULL
  152. #define gssx_enc_verify NULL
  153. #define gssx_dec_verify NULL
  154. #define gssx_enc_wrap NULL
  155. #define gssx_dec_wrap NULL
  156. #define gssx_enc_unwrap NULL
  157. #define gssx_dec_unwrap NULL
  158. #define gssx_enc_wrap_size_limit NULL
  159. #define gssx_dec_wrap_size_limit NULL
  160. /* non implemented calls are set to 0 size */
  161. #define GSSX_ARG_indicate_mechs_sz 0
  162. #define GSSX_RES_indicate_mechs_sz 0
  163. #define GSSX_ARG_get_call_context_sz 0
  164. #define GSSX_RES_get_call_context_sz 0
  165. #define GSSX_ARG_import_and_canon_name_sz 0
  166. #define GSSX_RES_import_and_canon_name_sz 0
  167. #define GSSX_ARG_export_cred_sz 0
  168. #define GSSX_RES_export_cred_sz 0
  169. #define GSSX_ARG_import_cred_sz 0
  170. #define GSSX_RES_import_cred_sz 0
  171. #define GSSX_ARG_acquire_cred_sz 0
  172. #define GSSX_RES_acquire_cred_sz 0
  173. #define GSSX_ARG_store_cred_sz 0
  174. #define GSSX_RES_store_cred_sz 0
  175. #define GSSX_ARG_init_sec_context_sz 0
  176. #define GSSX_RES_init_sec_context_sz 0
  177. #define GSSX_default_in_call_ctx_sz (4 + 4 + 4 + \
  178. 8 + sizeof(LUCID_OPTION) + sizeof(LUCID_VALUE) + \
  179. 8 + sizeof(CREDS_OPTION) + sizeof(CREDS_VALUE))
  180. #define GSSX_default_in_ctx_hndl_sz (4 + 4+8 + 4 + 4 + 6*4 + 6*4 + 8 + 8 + \
  181. 4 + 4 + 4)
  182. #define GSSX_default_in_cred_sz 4 /* we send in no cred_handle */
  183. #define GSSX_default_in_token_sz 4 /* does *not* include token data */
  184. #define GSSX_default_in_cb_sz 4 /* we do not use channel bindings */
  185. #define GSSX_ARG_accept_sec_context_sz (GSSX_default_in_call_ctx_sz + \
  186. GSSX_default_in_ctx_hndl_sz + \
  187. GSSX_default_in_cred_sz + \
  188. GSSX_default_in_token_sz + \
  189. GSSX_default_in_cb_sz + \
  190. 4 /* no deleg creds boolean */ + \
  191. 4) /* empty options */
  192. /* somewhat arbitrary numbers but large enough (we ignore some of the data
  193. * sent down, but it is part of the protocol so we need enough space to take
  194. * it in) */
  195. #define GSSX_default_status_sz 8 + 24 + 8 + 256 + 256 + 16 + 4
  196. #define GSSX_max_output_handle_sz 128
  197. #define GSSX_max_oid_sz 16
  198. #define GSSX_max_princ_sz 256
  199. #define GSSX_default_ctx_sz (GSSX_max_output_handle_sz + \
  200. 16 + 4 + GSSX_max_oid_sz + \
  201. 2 * GSSX_max_princ_sz + \
  202. 8 + 8 + 4 + 4 + 4)
  203. #define GSSX_max_output_token_sz 1024
  204. /* grouplist not included; we allocate separate pages for that: */
  205. #define GSSX_max_creds_sz (4 + 4 + 4 /* + NGROUPS_MAX*4 */)
  206. #define GSSX_RES_accept_sec_context_sz (GSSX_default_status_sz + \
  207. GSSX_default_ctx_sz + \
  208. GSSX_max_output_token_sz + \
  209. 4 + GSSX_max_creds_sz)
  210. #define GSSX_ARG_release_handle_sz 0
  211. #define GSSX_RES_release_handle_sz 0
  212. #define GSSX_ARG_get_mic_sz 0
  213. #define GSSX_RES_get_mic_sz 0
  214. #define GSSX_ARG_verify_sz 0
  215. #define GSSX_RES_verify_sz 0
  216. #define GSSX_ARG_wrap_sz 0
  217. #define GSSX_RES_wrap_sz 0
  218. #define GSSX_ARG_unwrap_sz 0
  219. #define GSSX_RES_unwrap_sz 0
  220. #define GSSX_ARG_wrap_size_limit_sz 0
  221. #define GSSX_RES_wrap_size_limit_sz 0
  222. #endif /* _LINUX_GSS_RPC_XDR_H */