xref: /titanic_51/usr/src/boot/sys/sys/ucred.h (revision 4a5d661a82b942b6538acd26209d959ce98b593a) 
1 /*-
2  * Copyright (c) 1989, 1993
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  * 4. Neither the name of the University nor the names of its contributors
14  *    may be used to endorse or promote products derived from this software
15  *    without specific prior written permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  *	@(#)ucred.h	8.4 (Berkeley) 1/9/95
30  * $FreeBSD$
31  */
32 
33 #ifndef _SYS_UCRED_H_
34 #define	_SYS_UCRED_H_
35 
36 #include <bsm/audit.h>
37 
38 struct loginclass;
39 
40 #define	XU_NGROUPS	16
41 
42 /*
43  * Credentials.
44  *
45  * Please do not inspect cr_uid directly to determine superuserness.  The
46  * priv(9) interface should be used to check for privilege.
47  */
48 #if defined(_KERNEL) || defined(_WANT_UCRED)
49 struct ucred {
50 	u_int	cr_ref;			/* reference count */
51 #define	cr_startcopy cr_uid
52 	uid_t	cr_uid;			/* effective user id */
53 	uid_t	cr_ruid;		/* real user id */
54 	uid_t	cr_svuid;		/* saved user id */
55 	int	cr_ngroups;		/* number of groups */
56 	gid_t	cr_rgid;		/* real group id */
57 	gid_t	cr_svgid;		/* saved group id */
58 	struct uidinfo	*cr_uidinfo;	/* per euid resource consumption */
59 	struct uidinfo	*cr_ruidinfo;	/* per ruid resource consumption */
60 	struct prison	*cr_prison;	/* jail(2) */
61 	struct loginclass	*cr_loginclass; /* login class */
62 	u_int		cr_flags;	/* credential flags */
63 	void 		*cr_pspare2[2];	/* general use 2 */
64 #define	cr_endcopy	cr_label
65 	struct label	*cr_label;	/* MAC label */
66 	struct auditinfo_addr	cr_audit;	/* Audit properties. */
67 	gid_t	*cr_groups;		/* groups */
68 	int	cr_agroups;		/* Available groups */
69 	gid_t   cr_smallgroups[XU_NGROUPS];	/* storage for small groups */
70 };
71 #define	NOCRED	((struct ucred *)0)	/* no credential available */
72 #define	FSCRED	((struct ucred *)-1)	/* filesystem credential */
73 #endif /* _KERNEL || _WANT_UCRED */
74 
75 /*
76  * Flags for cr_flags.
77  */
78 #define	CRED_FLAG_CAPMODE	0x00000001	/* In capability mode. */
79 
80 /*
81  * This is the external representation of struct ucred.
82  */
83 struct xucred {
84 	u_int	cr_version;		/* structure layout version */
85 	uid_t	cr_uid;			/* effective user id */
86 	short	cr_ngroups;		/* number of groups */
87 	gid_t	cr_groups[XU_NGROUPS];	/* groups */
88 	void	*_cr_unused1;		/* compatibility with old ucred */
89 };
90 #define	XUCRED_VERSION	0
91 
92 /* This can be used for both ucred and xucred structures. */
93 #define	cr_gid cr_groups[0]
94 
95 #ifdef _KERNEL
96 struct proc;
97 struct thread;
98 
99 void	change_egid(struct ucred *newcred, gid_t egid);
100 void	change_euid(struct ucred *newcred, struct uidinfo *euip);
101 void	change_rgid(struct ucred *newcred, gid_t rgid);
102 void	change_ruid(struct ucred *newcred, struct uidinfo *ruip);
103 void	change_svgid(struct ucred *newcred, gid_t svgid);
104 void	change_svuid(struct ucred *newcred, uid_t svuid);
105 void	crcopy(struct ucred *dest, struct ucred *src);
106 struct ucred	*crcopysafe(struct proc *p, struct ucred *cr);
107 struct ucred	*crdup(struct ucred *cr);
108 void	crextend(struct ucred *cr, int n);
109 void	proc_set_cred_init(struct proc *p, struct ucred *cr);
110 struct ucred	*proc_set_cred(struct proc *p, struct ucred *cr);
111 void	crfree(struct ucred *cr);
112 struct ucred	*crget(void);
113 struct ucred	*crhold(struct ucred *cr);
114 void	cru2x(struct ucred *cr, struct xucred *xcr);
115 void	crsetgroups(struct ucred *cr, int n, gid_t *groups);
116 int	groupmember(gid_t gid, struct ucred *cred);
117 #endif /* _KERNEL */
118 
119 #endif /* !_SYS_UCRED_H_ */
120