/* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License (the "License"). * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at usr/src/OPENSOLARIS.LICENSE. * If applicable, add the following below this CDDL HEADER, with the * fields enclosed by brackets "[]" replaced with your own identifying * information: Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END */ /* * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved. */ #ifndef _SYS_KLPD_H #define _SYS_KLPD_H #include #include #include #ifdef _KERNEL #include #include #include #endif #ifdef __cplusplus extern "C" { #endif #define KLPDCALL_VERS 1 #define KLPDARG_NOMORE 0 /* End of argument List */ #define KLPDARG_NONE 0 /* No argument */ #define KLPDARG_VNODE 1 /* vnode_t * */ #define KLPDARG_INT 2 /* int */ #define KLPDARG_PORT 3 /* int, port number */ #define KLPDARG_TCPPORT 4 /* int, tcp port number */ #define KLPDARG_UDPPORT 5 /* int, udp port number */ #define KLPDARG_SCTPPORT 6 /* int, sctp port number */ #define KLPDARG_SDPPORT 7 /* int, sdp port number */ #ifdef _KERNEL struct klpd_reg; struct credklpd; int klpd_reg(int, idtype_t, id_t, priv_set_t *); int klpd_unreg(int, idtype_t, id_t); void klpd_freelist(struct klpd_reg **); void klpd_rele(struct klpd_reg *); int klpd_call(const cred_t *, const priv_set_t *, va_list); void crklpd_hold(struct credklpd *); void crklpd_rele(struct credklpd *); int pfexec_reg(int); int pfexec_unreg(int); int pfexec_call(const cred_t *, struct pathname *, cred_t **, boolean_t *); int get_forced_privs(const cred_t *, const char *, priv_set_t *); int check_user_privs(const cred_t *, const priv_set_t *); #endif /* _KERNEL */ typedef struct klpd_head { uint32_t klh_vers; /* Version */ uint32_t klh_len; /* Length of full packet */ uint32_t klh_argoff; /* Offset of argument */ uint32_t klh_privoff; /* Offset of privilege set */ } klpd_head_t; #define KLH_PRIVSET(kh) ((priv_set_t *)(((kh)->klh_privoff == 0 ? NULL : \ (char *)(kh) + (kh)->klh_privoff))) #define KLH_ARG(kh) ((void *)((kh)->klh_argoff != 0 ? \ (char *)(kh) + (kh)->klh_argoff : NULL)) typedef struct klpd_arg { uint_t kla_type; uint_t kla_dlen; union { char __cdata[1]; int __idata; uint_t __uidata; } kla_data; } klpd_arg_t; #define kla_str kla_data.__cdata #define kla_int kla_data.__idata #define kla_uint kla_data.__uidata #define PFEXEC_ARG_VERS 0x1 #define PFEXEC_EXEC_ATTRS 0x1 /* pfexec_reply_t */ #define PFEXEC_FORCED_PRIVS 0x2 /* priv_set_t */ #define PFEXEC_USER_PRIVS 0x3 /* uint32_t */ #define PFEXEC_ARG_SIZE(bufsize) \ (offsetof(pfexec_arg_t, pfa_data) + (bufsize)) typedef struct pfexec_arg { uint_t pfa_vers; /* Caller version */ uint_t pfa_call; /* Call type */ uint_t pfa_len; /* Length of data */ uid_t pfa_uid; /* Real uid of subject */ union { char __pfa_path[1]; uint32_t __pfa_buf[1]; } pfa_data; } pfexec_arg_t; #define pfa_path pfa_data.__pfa_path #define pfa_buf pfa_data.__pfa_buf #define PFEXEC_NOTSET ((uid_t)-1) typedef struct pfexec_reply { uint_t pfr_vers; uint_t pfr_len; uid_t pfr_ruid, pfr_euid; gid_t pfr_rgid, pfr_egid; boolean_t pfr_setcred; boolean_t pfr_scrubenv; boolean_t pfr_clearflag; boolean_t pfr_allowed; uint_t pfr_ioff; uint_t pfr_loff; } pfexec_reply_t; #define PFEXEC_REPLY_IPRIV(pfr) \ ((pfr)->pfr_ioff ? (priv_set_t *)((char *)(pfr) + (pfr)->pfr_ioff) \ : (priv_set_t *)0) #define PFEXEC_REPLY_LPRIV(pfr) \ ((pfr)->pfr_loff ? (priv_set_t *)((char *)(pfr) + (pfr)->pfr_loff) \ : (priv_set_t *)0) #ifdef __cplusplus } #endif #endif /* _SYS_KLPD_H */