xref: /illumos-gate/usr/src/uts/common/nfs/nfs_acl.h (revision c5bab7026b8e0ac44b25ee08507ea360f177d844) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  *	Copyright 2006 Sun Microsystems, Inc.
23  *	All rights reserved.
24  *	Use is subject to license terms.
25  */
26 /*
27  * Copyright 2014 Nexenta Systems, Inc.  All rights reserved.
28  */
29 
30 #ifndef _NFS_NFS_ACL_H
31 #define	_NFS_NFS_ACL_H
32 
33 #ifdef	__cplusplus
34 extern "C" {
35 #endif
36 
37 #define	NFS_ACL_MAX_ENTRIES	1024
38 
39 typedef ushort_t o_mode;
40 
41 struct aclent {
42 	int type;
43 	uid32_t id;
44 	o_mode perm;
45 };
46 typedef struct aclent aclent;
47 
48 #define	NA_USER_OBJ	0x1
49 #define	NA_USER		0x2
50 #define	NA_GROUP_OBJ	0x4
51 #define	NA_GROUP	0x8
52 #define	NA_CLASS_OBJ	0x10
53 #define	NA_OTHER_OBJ	0x20
54 #define	NA_ACL_DEFAULT	0x1000
55 
56 #define	NA_READ		0x4
57 #define	NA_WRITE	0x2
58 #define	NA_EXEC		0x1
59 
60 struct secattr {
61 	uint32 mask;
62 	int aclcnt;
63 	struct {
64 		uint_t aclent_len;
65 		aclent *aclent_val;
66 	} aclent;
67 	int dfaclcnt;
68 	struct {
69 		uint_t dfaclent_len;
70 		aclent *dfaclent_val;
71 	} dfaclent;
72 };
73 typedef struct secattr secattr;
74 
75 #define	NA_ACL		0x1
76 #define	NA_ACLCNT	0x2
77 #define	NA_DFACL	0x4
78 #define	NA_DFACLCNT	0x8
79 
80 struct GETACL2args {
81 	fhandle_t fh;
82 	uint32 mask;
83 };
84 typedef struct GETACL2args GETACL2args;
85 
86 struct GETACL2resok {
87 	struct nfsfattr attr;
88 	vsecattr_t acl;
89 };
90 typedef struct GETACL2resok GETACL2resok;
91 
92 struct GETACL2res {
93 	enum nfsstat status;
94 	union {
95 		GETACL2resok ok;
96 	} res_u;
97 };
98 typedef struct GETACL2res GETACL2res;
99 
100 struct SETACL2args {
101 	fhandle_t fh;
102 	vsecattr_t acl;
103 };
104 typedef struct SETACL2args SETACL2args;
105 
106 struct SETACL2resok {
107 	struct nfsfattr attr;
108 };
109 typedef struct SETACL2resok SETACL2resok;
110 
111 struct SETACL2res {
112 	enum nfsstat status;
113 	union {
114 		SETACL2resok ok;
115 	} res_u;
116 };
117 typedef struct SETACL2res SETACL2res;
118 
119 struct GETATTR2args {
120 	fhandle_t fh;
121 };
122 typedef struct GETATTR2args GETATTR2args;
123 
124 struct GETATTR2resok {
125 	struct nfsfattr attr;
126 };
127 typedef struct GETATTR2resok GETATTR2resok;
128 
129 struct GETATTR2res {
130 	enum nfsstat status;
131 	union {
132 		GETATTR2resok ok;
133 	} res_u;
134 };
135 typedef struct GETATTR2res GETATTR2res;
136 
137 struct ACCESS2args {
138 	fhandle_t fh;
139 	uint32 access;
140 };
141 typedef struct ACCESS2args ACCESS2args;
142 
143 #define	ACCESS2_READ	0x1
144 #define	ACCESS2_LOOKUP	0x2
145 #define	ACCESS2_MODIFY	0x4
146 #define	ACCESS2_EXTEND	0x8
147 #define	ACCESS2_DELETE	0x10
148 #define	ACCESS2_EXECUTE	0x20
149 
150 struct ACCESS2resok {
151 	struct nfsfattr attr;
152 	uint32 access;
153 };
154 typedef struct ACCESS2resok ACCESS2resok;
155 
156 struct ACCESS2res {
157 	enum nfsstat status;
158 	union {
159 		ACCESS2resok ok;
160 	} res_u;
161 };
162 typedef struct ACCESS2res ACCESS2res;
163 
164 struct GETXATTRDIR2args {
165 	fhandle_t fh;
166 	bool_t create;
167 };
168 typedef struct GETXATTRDIR2args GETXATTRDIR2args;
169 
170 struct GETXATTRDIR2resok {
171 	fhandle_t fh;
172 	struct nfsfattr attr;
173 };
174 typedef struct GETXATTRDIR2resok GETXATTRDIR2resok;
175 
176 struct GETXATTRDIR2res {
177 	enum nfsstat status;
178 	union {
179 		GETXATTRDIR2resok ok;
180 	} res_u;
181 };
182 typedef struct GETXATTRDIR2res GETXATTRDIR2res;
183 
184 struct GETACL3args {
185 	nfs_fh3 fh;
186 	uint32 mask;
187 };
188 typedef struct GETACL3args GETACL3args;
189 
190 struct GETACL3resok {
191 	post_op_attr attr;
192 	vsecattr_t acl;
193 };
194 typedef struct GETACL3resok GETACL3resok;
195 
196 struct GETACL3resfail {
197 	post_op_attr attr;
198 };
199 typedef struct GETACL3resfail GETACL3resfail;
200 
201 struct GETACL3res {
202 	nfsstat3 status;
203 	union {
204 		GETACL3resok ok;
205 		GETACL3resfail fail;
206 	} res_u;
207 };
208 typedef struct GETACL3res GETACL3res;
209 
210 struct SETACL3args {
211 	nfs_fh3 fh;
212 	vsecattr_t acl;
213 };
214 typedef struct SETACL3args SETACL3args;
215 
216 struct SETACL3resok {
217 	post_op_attr attr;
218 };
219 typedef struct SETACL3resok SETACL3resok;
220 
221 struct SETACL3resfail {
222 	post_op_attr attr;
223 };
224 typedef struct SETACL3resfail SETACL3resfail;
225 
226 struct SETACL3res {
227 	nfsstat3 status;
228 	union {
229 		SETACL3resok ok;
230 		SETACL3resfail fail;
231 	} res_u;
232 };
233 typedef struct SETACL3res SETACL3res;
234 
235 struct GETXATTRDIR3args {
236 	nfs_fh3 fh;
237 	bool_t create;
238 };
239 typedef struct GETXATTRDIR3args GETXATTRDIR3args;
240 
241 struct GETXATTRDIR3resok {
242 	nfs_fh3 fh;
243 	post_op_attr attr;
244 };
245 typedef struct GETXATTRDIR3resok GETXATTRDIR3resok;
246 
247 struct GETXATTRDIR3res {
248 	nfsstat3 status;
249 	union {
250 		GETXATTRDIR3resok ok;
251 	} res_u;
252 };
253 typedef struct GETXATTRDIR3res GETXATTRDIR3res;
254 
255 #define	NFS_ACL_PROGRAM	((rpcprog_t)(100227))
256 #define	NFS_ACL_VERSMIN	((rpcvers_t)(2))
257 #define	NFS_ACL_VERSMAX	((rpcvers_t)(3))
258 
259 #define	NFS_ACL_V2		((rpcvers_t)(2))
260 #define	ACLPROC2_NULL		((rpcproc_t)(0))
261 #define	ACLPROC2_GETACL		((rpcproc_t)(1))
262 #define	ACLPROC2_SETACL		((rpcproc_t)(2))
263 #define	ACLPROC2_GETATTR	((rpcproc_t)(3))
264 #define	ACLPROC2_ACCESS		((rpcproc_t)(4))
265 #define	ACLPROC2_GETXATTRDIR	((rpcproc_t)(5))
266 
267 #define	NFS_ACL_V3		((rpcvers_t)(3))
268 #define	ACLPROC3_NULL		((rpcproc_t)(0))
269 #define	ACLPROC3_GETACL		((rpcproc_t)(1))
270 #define	ACLPROC3_SETACL		((rpcproc_t)(2))
271 #define	ACLPROC3_GETXATTRDIR	((rpcproc_t)(3))
272 
273 #ifdef _KERNEL
274 /* the xdr functions */
275 extern bool_t xdr_uid(XDR *, uid32_t *);
276 extern bool_t xdr_o_mode(XDR *, o_mode *);
277 extern bool_t xdr_aclent(XDR *, aclent_t *);
278 extern bool_t xdr_secattr(XDR *, vsecattr_t *);
279 
280 extern bool_t xdr_GETACL2args(XDR *, GETACL2args *);
281 extern bool_t xdr_fastGETACL2args(XDR *, GETACL2args **);
282 extern bool_t xdr_GETACL2resok(XDR *, GETACL2resok *);
283 extern bool_t xdr_GETACL2res(XDR *, GETACL2res *);
284 extern bool_t xdr_SETACL2args(XDR *, SETACL2args *);
285 extern bool_t xdr_SETACL2resok(XDR *, SETACL2resok *);
286 #ifdef _LITTLE_ENDIAN
287 extern bool_t xdr_fastSETACL2resok(XDR *, SETACL2resok *);
288 #endif
289 extern bool_t xdr_SETACL2res(XDR *, SETACL2res *);
290 #ifdef _LITTLE_ENDIAN
291 extern bool_t xdr_fastSETACL2res(XDR *, SETACL2res *);
292 #endif
293 extern bool_t xdr_GETATTR2args(XDR *, GETATTR2args *);
294 extern bool_t xdr_fastGETATTR2args(XDR *, GETATTR2args **);
295 extern bool_t xdr_GETATTR2resok(XDR *, GETATTR2resok *);
296 #ifdef _LITTLE_ENDIAN
297 extern bool_t xdr_fastGETATTR2resok(XDR *, GETATTR2resok *);
298 #endif
299 extern bool_t xdr_GETATTR2res(XDR *, GETATTR2res *);
300 #ifdef _LITTLE_ENDIAN
301 extern bool_t xdr_fastGETATTR2res(XDR *, GETATTR2res *);
302 #endif
303 extern bool_t xdr_ACCESS2args(XDR *, ACCESS2args *);
304 extern bool_t xdr_fastACCESS2args(XDR *, ACCESS2args **);
305 extern bool_t xdr_ACCESS2resok(XDR *, ACCESS2resok *);
306 #ifdef _LITTLE_ENDIAN
307 extern bool_t xdr_fastACCESS2resok(XDR *, ACCESS2resok *);
308 #endif
309 extern bool_t xdr_ACCESS2res(XDR *, ACCESS2res *);
310 #ifdef _LITTLE_ENDIAN
311 extern bool_t xdr_fastACCESS2res(XDR *, ACCESS2res *);
312 #endif
313 extern bool_t xdr_GETXATTRDIR2args(XDR *, GETXATTRDIR2args *);
314 extern bool_t xdr_GETXATTRDIR2res(XDR *, GETXATTRDIR2res *);
315 
316 extern bool_t xdr_GETACL3args(XDR *, GETACL3args *);
317 extern bool_t xdr_GETACL3resok(XDR *, GETACL3resok *);
318 extern bool_t xdr_GETACL3resfail(XDR *, GETACL3resfail *);
319 extern bool_t xdr_GETACL3res(XDR *, GETACL3res *);
320 extern bool_t xdr_SETACL3args(XDR *, SETACL3args *);
321 extern bool_t xdr_SETACL3resok(XDR *, SETACL3resok *);
322 extern bool_t xdr_SETACL3resfail(XDR *, SETACL3resfail *);
323 extern bool_t xdr_SETACL3res(XDR *, SETACL3res *);
324 extern bool_t xdr_GETXATTRDIR3args(XDR *, GETXATTRDIR3args *);
325 extern bool_t xdr_GETXATTRDIR3res(XDR *, GETXATTRDIR3res *);
326 
327 #endif
328 
329 #ifdef _KERNEL
330 /* the service procedures */
331 extern void acl2_getacl(GETACL2args *, GETACL2res *,
332     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
333 extern void *acl2_getacl_getfh(GETACL2args *);
334 extern void acl2_getacl_free(GETACL2res *);
335 extern void acl2_setacl(SETACL2args *, SETACL2res *,
336     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
337 extern void *acl2_setacl_getfh(SETACL2args *);
338 extern void acl2_getattr(GETATTR2args *, GETATTR2res *,
339     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
340 extern void *acl2_getattr_getfh(GETATTR2args *);
341 extern void acl2_access(ACCESS2args *, ACCESS2res *,
342     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
343 extern void *acl2_access_getfh(ACCESS2args *);
344 extern void acl2_getxattrdir(GETXATTRDIR2args *, GETXATTRDIR2res *,
345     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
346 extern void *acl2_getxattrdir_getfh(GETXATTRDIR2args *);
347 
348 extern void acl3_getacl(GETACL3args *, GETACL3res *,
349     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
350 extern void *acl3_getacl_getfh(GETACL3args *);
351 extern void acl3_getacl_free(GETACL3res *);
352 extern void acl3_setacl(SETACL3args *, SETACL3res *,
353     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
354 extern void *acl3_setacl_getfh(SETACL3args *);
355 extern void acl3_getxattrdir(GETXATTRDIR3args *, GETXATTRDIR3res *,
356     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
357 extern void *acl3_getxattrdir_getfh(GETXATTRDIR3args *);
358 
359 #endif
360 
361 #ifdef _KERNEL
362 /* the client side procedures */
363 extern int acl_getacl2(vnode_t *, vsecattr_t *, int, cred_t *);
364 extern int acl_setacl2(vnode_t *, vsecattr_t *, int, cred_t *);
365 extern int acl_getattr2_otw(vnode_t *, vattr_t *, cred_t *);
366 extern int acl_access2(vnode_t *, int, int, cred_t *);
367 extern int acl_getxattrdir2(vnode_t *, vnode_t **, bool_t, cred_t *, int);
368 extern int acl_getacl3(vnode_t *, vsecattr_t *, int, cred_t *);
369 extern int acl_setacl3(vnode_t *, vsecattr_t *, int, cred_t *);
370 extern int acl_getxattrdir3(vnode_t *, vnode_t **, bool_t, cred_t *, int);
371 extern int acl2call(mntinfo_t *, rpcproc_t, xdrproc_t, caddr_t, xdrproc_t,
372 			caddr_t, cred_t *, int *, enum nfsstat *, int,
373 			failinfo_t *);
374 extern int acl3call(mntinfo_t *, rpcproc_t, xdrproc_t, caddr_t, xdrproc_t,
375 			caddr_t, cred_t *, int *, nfsstat3 *, int,
376 			failinfo_t *);
377 extern void nfs_acl_free(vsecattr_t *);
378 #endif
379 
380 #ifdef _KERNEL
381 /* server and client data structures */
382 extern kstat_named_t	*aclproccnt_v2_ptr;
383 extern kstat_named_t	*aclproccnt_v3_ptr;
384 
385 extern char		*aclnames_v2[];
386 extern uchar_t		acl_call_type_v2[];
387 extern uchar_t		acl_ss_call_type_v2[];
388 extern uchar_t		acl_timer_type_v2[];
389 
390 extern char		*aclnames_v3[];
391 extern uchar_t		acl_call_type_v3[];
392 extern uchar_t		acl_ss_call_type_v3[];
393 extern uchar_t		acl_timer_type_v3[];
394 #endif
395 
396 #ifdef	__cplusplus
397 }
398 #endif
399 
400 #endif	/* _NFS_NFS_ACL_H */
401