1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 * 26 * Copyright 2017 Nexenta Systems, Inc. All rights reserved. 27 */ 28 29 /* 30 * Windows to Solaris Identity Mapping kernel API 31 * This header defines an API to map Windows SIDs to 32 * Solaris UID and GIDs and versa visa. 33 */ 34 35 #ifndef _SYS_KIDMAP_H 36 #define _SYS_KIDMAP_H 37 38 #include <sys/idmap.h> 39 #include <sys/door.h> 40 #include <sys/zone.h> 41 42 #ifdef __cplusplus 43 extern "C" { 44 #endif 45 46 /* 47 * The ifdef's for these two accomodate duplicate definitions in 48 * lib/libidmap/common/idmap.h (the real one). In this code we 49 * simulate a kernel environment in user space using the real 50 * idmap library, so need to be able to use both headers. 51 */ 52 53 /* Return status */ 54 #ifndef _IDMAP_STAT_TYPE 55 #define _IDMAP_STAT_TYPE 56 typedef int32_t idmap_stat; 57 #endif /* _IDMAP_STAT_TYPE */ 58 59 /* Opaque get handle */ 60 #ifndef _IDMAP_GET_HANDLE_T 61 #define _IDMAP_GET_HANDLE_T 62 typedef struct idmap_get_handle idmap_get_handle_t; 63 #endif /* _IDMAP_GET_HANDLE_T */ 64 65 /* 66 * In all the routines a Windows SID is handled as a 67 * string SID prefix plus a RID. For example 68 * 69 * S-1-5-5-12-34-568 will be passed as SID prefix 70 * S-1-5-5-12-34 and RID 568 71 * 72 * Certain routines returns pointers to a SID prefix string. 73 * These strings are stored internally and should not be modified 74 * or freed. 75 */ 76 77 78 /* 79 * The following routines are simple get ID mapping routines. 80 */ 81 82 83 idmap_stat 84 kidmap_getuidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid, 85 uid_t *uid); 86 87 idmap_stat 88 kidmap_getgidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid, 89 gid_t *gid); 90 91 idmap_stat 92 kidmap_getpidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid, 93 uid_t *pid, int *is_user); 94 95 idmap_stat 96 kidmap_getsidbyuid(zone_t *zone, uid_t uid, const char **sid_prefix, 97 uint32_t *rid); 98 99 idmap_stat 100 kidmap_getsidbygid(zone_t *zone, gid_t gid, const char **sid_prefix, 101 uint32_t *rid); 102 103 104 105 /* 106 * The following routines provide a batch interface for mapping IDs. 107 */ 108 109 /* 110 * Create a batch "get mapping" handle for batch mappings. 111 */ 112 idmap_get_handle_t * 113 kidmap_get_create(zone_t *zone); 114 115 /* 116 * These routines queue the request to the "get mapping" handle 117 */ 118 119 idmap_stat 120 kidmap_batch_getuidbysid(idmap_get_handle_t *get_handle, 121 const char *sid_prefix, uint32_t rid, 122 uid_t *uid, idmap_stat *stat); 123 124 idmap_stat 125 kidmap_batch_getgidbysid(idmap_get_handle_t *get_handle, 126 const char *sid_prefix, uint32_t rid, 127 gid_t *gid, idmap_stat *stat); 128 129 idmap_stat 130 kidmap_batch_getpidbysid(idmap_get_handle_t *get_handle, 131 const char *sid_prefix, uint32_t rid, 132 uid_t *pid, int *is_user, idmap_stat *stat); 133 134 idmap_stat 135 kidmap_batch_getsidbyuid(idmap_get_handle_t *get_handle, uid_t uid, 136 const char **sid_prefix, uint32_t *rid, idmap_stat *stat); 137 138 idmap_stat 139 kidmap_batch_getsidbygid(idmap_get_handle_t *get_handle, gid_t gid, 140 const char **sid_prefix, uint32_t *rid, idmap_stat *stat); 141 142 /* 143 * Process the queued "get mapping" requests. The results (i.e. 144 * status and identity) will be available in the data areas 145 * provided by individual requests. 146 */ 147 idmap_stat 148 kidmap_get_mappings(idmap_get_handle_t *get_handle); 149 150 /* 151 * Destroy the "get mapping" handle 152 */ 153 void 154 kidmap_get_destroy(idmap_get_handle_t *get_handle); 155 156 #ifdef _KERNEL 157 /* 158 * Functions that do the hard part of door registration/unregistration 159 * for the idmap_reg()/idmap_unreg() syscalls 160 */ 161 int idmap_reg_dh(zone_t *zone, door_handle_t dh); 162 int idmap_unreg_dh(zone_t *zone, door_handle_t dh); 163 164 /* 165 * Function needed by allocids() to ensure only the daemon that owns 166 * the door gets ephemeral IDS 167 */ 168 door_handle_t idmap_get_door(zone_t *zone); 169 170 /* 171 * Function used by system call allocids() to purge the 172 * ID mapping cache 173 */ 174 void idmap_purge_cache(zone_t *zone); 175 176 #endif /* _KERNEL */ 177 178 179 #ifdef __cplusplus 180 } 181 #endif 182 183 #endif /* _SYS_KIDMAP_H */ 184