1 /* SPDX-License-Identifier: GPL-2.0-or-later WITH Linux-syscall-note */ 2 /* Types and definitions for AF_RXRPC. 3 * 4 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 */ 7 8 #ifndef _UAPI_LINUX_RXRPC_H 9 #define _UAPI_LINUX_RXRPC_H 10 11 #include <linux/types.h> 12 #include <linux/in.h> 13 #include <linux/in6.h> 14 15 /* 16 * RxRPC socket address 17 */ 18 struct sockaddr_rxrpc { 19 __kernel_sa_family_t srx_family; /* address family */ 20 __u16 srx_service; /* service desired */ 21 __u16 transport_type; /* type of transport socket (SOCK_DGRAM) */ 22 __u16 transport_len; /* length of transport address */ 23 union { 24 __kernel_sa_family_t family; /* transport address family */ 25 struct sockaddr_in sin; /* IPv4 transport address */ 26 struct sockaddr_in6 sin6; /* IPv6 transport address */ 27 } transport; 28 }; 29 30 /* 31 * RxRPC socket options 32 */ 33 #define RXRPC_SECURITY_KEY 1 /* [clnt] set client security key */ 34 #define RXRPC_SECURITY_KEYRING 2 /* [srvr] set ring of server security keys */ 35 #define RXRPC_EXCLUSIVE_CONNECTION 3 /* Deprecated; use RXRPC_EXCLUSIVE_CALL instead */ 36 #define RXRPC_MIN_SECURITY_LEVEL 4 /* minimum security level */ 37 #define RXRPC_UPGRADEABLE_SERVICE 5 /* Upgrade service[0] -> service[1] */ 38 #define RXRPC_SUPPORTED_CMSG 6 /* Get highest supported control message type */ 39 #define RXRPC_MANAGE_RESPONSE 7 /* [clnt] Want to manage RESPONSE packets */ 40 41 /* 42 * RxRPC control messages 43 * - If neither abort or accept are specified, the message is a data message. 44 * - terminal messages mean that a user call ID tag can be recycled 45 * - C/S/- indicate whether these are applicable to client, server or both 46 * - s/r/- indicate whether these are applicable to sendmsg() and/or recvmsg() 47 */ 48 enum rxrpc_cmsg_type { 49 RXRPC_USER_CALL_ID = 1, /* -sr: User call ID specifier */ 50 RXRPC_ABORT = 2, /* -sr: Abort request / notification [terminal] */ 51 RXRPC_ACK = 3, /* S-r: RPC op final ACK received [terminal] */ 52 RXRPC_NET_ERROR = 5, /* --r: Network error received [terminal] */ 53 RXRPC_BUSY = 6, /* C-r: Server busy received [terminal] */ 54 RXRPC_LOCAL_ERROR = 7, /* --r: Local error generated [terminal] */ 55 RXRPC_NEW_CALL = 8, /* S-r: New incoming call notification */ 56 RXRPC_EXCLUSIVE_CALL = 10, /* Cs-: Call should be on exclusive connection */ 57 RXRPC_UPGRADE_SERVICE = 11, /* Cs-: Request service upgrade for client call */ 58 RXRPC_TX_LENGTH = 12, /* -s-: Total length of Tx data */ 59 RXRPC_SET_CALL_TIMEOUT = 13, /* -s-: Set one or more call timeouts */ 60 RXRPC_CHARGE_ACCEPT = 14, /* Ss-: Charge the accept pool with a user call ID */ 61 RXRPC_OOB_ID = 15, /* -sr: OOB message ID */ 62 RXRPC_CHALLENGED = 16, /* C-r: Info on a received CHALLENGE */ 63 RXRPC_RESPOND = 17, /* Cs-: Respond to a challenge */ 64 RXRPC_RESPONDED = 18, /* S-r: Data received in RESPONSE */ 65 RXRPC_RESP_RXGK_APPDATA = 19, /* Cs-: RESPONSE: RxGK app data to include */ 66 RXRPC__SUPPORTED 67 }; 68 69 /* 70 * RxRPC security levels 71 */ 72 #define RXRPC_SECURITY_PLAIN 0 /* plain secure-checksummed packets only */ 73 #define RXRPC_SECURITY_AUTH 1 /* authenticated packets */ 74 #define RXRPC_SECURITY_ENCRYPT 2 /* encrypted packets */ 75 76 /* 77 * RxRPC security indices 78 */ 79 #define RXRPC_SECURITY_NONE 0 /* no security protocol */ 80 #define RXRPC_SECURITY_RXKAD 2 /* kaserver or kerberos 4 */ 81 #define RXRPC_SECURITY_RXGK 4 /* gssapi-based */ 82 #define RXRPC_SECURITY_RXK5 5 /* kerberos 5 */ 83 #define RXRPC_SECURITY_YFS_RXGK 6 /* YFS gssapi-based */ 84 85 /* 86 * RxRPC-level abort codes 87 */ 88 #define RX_CALL_DEAD -1 /* call/conn has been inactive and is shut down */ 89 #define RX_INVALID_OPERATION -2 /* invalid operation requested / attempted */ 90 #define RX_CALL_TIMEOUT -3 /* call timeout exceeded */ 91 #define RX_EOF -4 /* unexpected end of data on read op */ 92 #define RX_PROTOCOL_ERROR -5 /* low-level protocol error */ 93 #define RX_USER_ABORT -6 /* generic user abort */ 94 #define RX_ADDRINUSE -7 /* UDP port in use */ 95 #define RX_DEBUGI_BADTYPE -8 /* bad debugging packet type */ 96 97 /* 98 * (un)marshalling abort codes (rxgen) 99 */ 100 #define RXGEN_CC_MARSHAL -450 101 #define RXGEN_CC_UNMARSHAL -451 102 #define RXGEN_SS_MARSHAL -452 103 #define RXGEN_SS_UNMARSHAL -453 104 #define RXGEN_DECODE -454 105 #define RXGEN_OPCODE -455 106 #define RXGEN_SS_XDRFREE -456 107 #define RXGEN_CC_XDRFREE -457 108 109 /* 110 * Rx kerberos security abort codes 111 * - unfortunately we have no generalised security abort codes to say things 112 * like "unsupported security", so we have to use these instead and hope the 113 * other side understands 114 */ 115 #define RXKADINCONSISTENCY 19270400 /* security module structure inconsistent */ 116 #define RXKADPACKETSHORT 19270401 /* packet too short for security challenge */ 117 #define RXKADLEVELFAIL 19270402 /* security level negotiation failed */ 118 #define RXKADTICKETLEN 19270403 /* ticket length too short or too long */ 119 #define RXKADOUTOFSEQUENCE 19270404 /* packet had bad sequence number */ 120 #define RXKADNOAUTH 19270405 /* caller not authorised */ 121 #define RXKADBADKEY 19270406 /* illegal key: bad parity or weak */ 122 #define RXKADBADTICKET 19270407 /* security object was passed a bad ticket */ 123 #define RXKADUNKNOWNKEY 19270408 /* ticket contained unknown key version number */ 124 #define RXKADEXPIRED 19270409 /* authentication expired */ 125 #define RXKADSEALEDINCON 19270410 /* sealed data inconsistent */ 126 #define RXKADDATALEN 19270411 /* user data too long */ 127 #define RXKADILLEGALLEVEL 19270412 /* caller not authorised to use encrypted conns */ 128 129 /* 130 * RxGK GSSAPI security abort codes. 131 */ 132 #if 0 /* Original standard abort codes (used by OpenAFS) */ 133 #define RXGK_INCONSISTENCY 1233242880 /* Security module structure inconsistent */ 134 #define RXGK_PACKETSHORT 1233242881 /* Packet too short for security challenge */ 135 #define RXGK_BADCHALLENGE 1233242882 /* Invalid security challenge */ 136 #define RXGK_BADETYPE 1233242883 /* Invalid or impermissible encryption type */ 137 #define RXGK_BADLEVEL 1233242884 /* Invalid or impermissible security level */ 138 #define RXGK_BADKEYNO 1233242885 /* Key version number not found */ 139 #define RXGK_EXPIRED 1233242886 /* Token has expired */ 140 #define RXGK_NOTAUTH 1233242887 /* Caller not authorized */ 141 #define RXGK_BAD_TOKEN 1233242888 /* Security object was passed a bad token */ 142 #define RXGK_SEALED_INCON 1233242889 /* Sealed data inconsistent */ 143 #define RXGK_DATA_LEN 1233242890 /* User data too long */ 144 #define RXGK_BAD_QOP 1233242891 /* Inadequate quality of protection available */ 145 #else /* Revised standard abort codes (used by YFS) */ 146 #define RXGK_INCONSISTENCY 1233242880 /* Security module structure inconsistent */ 147 #define RXGK_PACKETSHORT 1233242881 /* Packet too short for security challenge */ 148 #define RXGK_BADCHALLENGE 1233242882 /* Security challenge/response failed */ 149 #define RXGK_SEALEDINCON 1233242883 /* Sealed data is inconsistent */ 150 #define RXGK_NOTAUTH 1233242884 /* Caller not authorised */ 151 #define RXGK_EXPIRED 1233242885 /* Authentication expired */ 152 #define RXGK_BADLEVEL 1233242886 /* Unsupported or not permitted security level */ 153 #define RXGK_BADKEYNO 1233242887 /* Bad transport key number */ 154 #define RXGK_NOTRXGK 1233242888 /* Security layer is not rxgk */ 155 #define RXGK_UNSUPPORTED 1233242889 /* Endpoint does not support rxgk */ 156 #define RXGK_GSSERROR 1233242890 /* GSSAPI mechanism error */ 157 #endif 158 159 /* 160 * Challenge information in the RXRPC_CHALLENGED control message. 161 */ 162 struct rxrpc_challenge { 163 __u16 service_id; /* The service ID of the connection (may be upgraded) */ 164 __u8 security_index; /* The security index of the connection */ 165 __u8 pad; /* Round out to a multiple of 4 bytes. */ 166 /* ... The security class gets to append extra information ... */ 167 }; 168 169 struct rxgk_challenge { 170 struct rxrpc_challenge base; 171 __u32 enctype; /* Krb5 encoding type */ 172 }; 173 174 #endif /* _UAPI_LINUX_RXRPC_H */ 175