xref: /illumos-gate/usr/src/uts/common/nfs/nfs_acl.h (revision ce68629858b847885cda69bf09057ab27980fe8d)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2015 Nexenta Systems, Inc.  All rights reserved.
24  */
25 
26 /*
27  *	Copyright 2006 Sun Microsystems, Inc.
28  *	All rights reserved.
29  *	Use is subject to license terms.
30  */
31 
32 #ifndef _NFS_NFS_ACL_H
33 #define	_NFS_NFS_ACL_H
34 
35 #ifdef	__cplusplus
36 extern "C" {
37 #endif
38 
39 #define	NFS_ACL_MAX_ENTRIES	1024
40 
41 typedef ushort_t o_mode;
42 
43 struct aclent {
44 	int type;
45 	uid32_t id;
46 	o_mode perm;
47 };
48 typedef struct aclent aclent;
49 
50 #define	NA_USER_OBJ	0x1
51 #define	NA_USER		0x2
52 #define	NA_GROUP_OBJ	0x4
53 #define	NA_GROUP	0x8
54 #define	NA_CLASS_OBJ	0x10
55 #define	NA_OTHER_OBJ	0x20
56 #define	NA_ACL_DEFAULT	0x1000
57 
58 #define	NA_READ		0x4
59 #define	NA_WRITE	0x2
60 #define	NA_EXEC		0x1
61 
62 struct secattr {
63 	uint32 mask;
64 	int aclcnt;
65 	struct {
66 		uint_t aclent_len;
67 		aclent *aclent_val;
68 	} aclent;
69 	int dfaclcnt;
70 	struct {
71 		uint_t dfaclent_len;
72 		aclent *dfaclent_val;
73 	} dfaclent;
74 };
75 typedef struct secattr secattr;
76 
77 #define	NA_ACL		0x1
78 #define	NA_ACLCNT	0x2
79 #define	NA_DFACL	0x4
80 #define	NA_DFACLCNT	0x8
81 
82 struct GETACL2args {
83 	fhandle_t fh;
84 	uint32 mask;
85 };
86 typedef struct GETACL2args GETACL2args;
87 
88 struct GETACL2resok {
89 	struct nfsfattr attr;
90 	vsecattr_t acl;
91 };
92 typedef struct GETACL2resok GETACL2resok;
93 
94 struct GETACL2res {
95 	enum nfsstat status;
96 	union {
97 		GETACL2resok ok;
98 	} res_u;
99 };
100 typedef struct GETACL2res GETACL2res;
101 
102 struct SETACL2args {
103 	fhandle_t fh;
104 	vsecattr_t acl;
105 };
106 typedef struct SETACL2args SETACL2args;
107 
108 struct SETACL2resok {
109 	struct nfsfattr attr;
110 };
111 typedef struct SETACL2resok SETACL2resok;
112 
113 struct SETACL2res {
114 	enum nfsstat status;
115 	union {
116 		SETACL2resok ok;
117 	} res_u;
118 };
119 typedef struct SETACL2res SETACL2res;
120 
121 struct GETATTR2args {
122 	fhandle_t fh;
123 };
124 typedef struct GETATTR2args GETATTR2args;
125 
126 struct GETATTR2resok {
127 	struct nfsfattr attr;
128 };
129 typedef struct GETATTR2resok GETATTR2resok;
130 
131 struct GETATTR2res {
132 	enum nfsstat status;
133 	union {
134 		GETATTR2resok ok;
135 	} res_u;
136 };
137 typedef struct GETATTR2res GETATTR2res;
138 
139 struct ACCESS2args {
140 	fhandle_t fh;
141 	uint32 access;
142 };
143 typedef struct ACCESS2args ACCESS2args;
144 
145 #define	ACCESS2_READ	0x1
146 #define	ACCESS2_LOOKUP	0x2
147 #define	ACCESS2_MODIFY	0x4
148 #define	ACCESS2_EXTEND	0x8
149 #define	ACCESS2_DELETE	0x10
150 #define	ACCESS2_EXECUTE	0x20
151 
152 struct ACCESS2resok {
153 	struct nfsfattr attr;
154 	uint32 access;
155 };
156 typedef struct ACCESS2resok ACCESS2resok;
157 
158 struct ACCESS2res {
159 	enum nfsstat status;
160 	union {
161 		ACCESS2resok ok;
162 	} res_u;
163 };
164 typedef struct ACCESS2res ACCESS2res;
165 
166 struct GETXATTRDIR2args {
167 	fhandle_t fh;
168 	bool_t create;
169 };
170 typedef struct GETXATTRDIR2args GETXATTRDIR2args;
171 
172 struct GETXATTRDIR2resok {
173 	fhandle_t fh;
174 	struct nfsfattr attr;
175 };
176 typedef struct GETXATTRDIR2resok GETXATTRDIR2resok;
177 
178 struct GETXATTRDIR2res {
179 	enum nfsstat status;
180 	union {
181 		GETXATTRDIR2resok ok;
182 	} res_u;
183 };
184 typedef struct GETXATTRDIR2res GETXATTRDIR2res;
185 
186 struct GETACL3args {
187 	nfs_fh3 fh;
188 	uint32 mask;
189 };
190 typedef struct GETACL3args GETACL3args;
191 
192 struct GETACL3resok {
193 	post_op_attr attr;
194 	vsecattr_t acl;
195 };
196 typedef struct GETACL3resok GETACL3resok;
197 
198 struct GETACL3resfail {
199 	post_op_attr attr;
200 };
201 typedef struct GETACL3resfail GETACL3resfail;
202 
203 struct GETACL3res {
204 	nfsstat3 status;
205 	union {
206 		GETACL3resok ok;
207 		GETACL3resfail fail;
208 	} res_u;
209 };
210 typedef struct GETACL3res GETACL3res;
211 
212 struct SETACL3args {
213 	nfs_fh3 fh;
214 	vsecattr_t acl;
215 };
216 typedef struct SETACL3args SETACL3args;
217 
218 struct SETACL3resok {
219 	post_op_attr attr;
220 };
221 typedef struct SETACL3resok SETACL3resok;
222 
223 struct SETACL3resfail {
224 	post_op_attr attr;
225 };
226 typedef struct SETACL3resfail SETACL3resfail;
227 
228 struct SETACL3res {
229 	nfsstat3 status;
230 	union {
231 		SETACL3resok ok;
232 		SETACL3resfail fail;
233 	} res_u;
234 };
235 typedef struct SETACL3res SETACL3res;
236 
237 struct GETXATTRDIR3args {
238 	nfs_fh3 fh;
239 	bool_t create;
240 };
241 typedef struct GETXATTRDIR3args GETXATTRDIR3args;
242 
243 struct GETXATTRDIR3resok {
244 	nfs_fh3 fh;
245 	post_op_attr attr;
246 };
247 typedef struct GETXATTRDIR3resok GETXATTRDIR3resok;
248 
249 struct GETXATTRDIR3res {
250 	nfsstat3 status;
251 	union {
252 		GETXATTRDIR3resok ok;
253 	} res_u;
254 };
255 typedef struct GETXATTRDIR3res GETXATTRDIR3res;
256 
257 #define	NFS_ACL_PROGRAM	((rpcprog_t)(100227))
258 #define	NFS_ACL_VERSMIN	((rpcvers_t)(2))
259 #define	NFS_ACL_VERSMAX	((rpcvers_t)(3))
260 
261 #define	NFS_ACL_V2		((rpcvers_t)(2))
262 #define	ACLPROC2_NULL		((rpcproc_t)(0))
263 #define	ACLPROC2_GETACL		((rpcproc_t)(1))
264 #define	ACLPROC2_SETACL		((rpcproc_t)(2))
265 #define	ACLPROC2_GETATTR	((rpcproc_t)(3))
266 #define	ACLPROC2_ACCESS		((rpcproc_t)(4))
267 #define	ACLPROC2_GETXATTRDIR	((rpcproc_t)(5))
268 
269 #define	NFS_ACL_V3		((rpcvers_t)(3))
270 #define	ACLPROC3_NULL		((rpcproc_t)(0))
271 #define	ACLPROC3_GETACL		((rpcproc_t)(1))
272 #define	ACLPROC3_SETACL		((rpcproc_t)(2))
273 #define	ACLPROC3_GETXATTRDIR	((rpcproc_t)(3))
274 
275 #ifdef _KERNEL
276 /* the xdr functions */
277 extern bool_t xdr_uid(XDR *, uid32_t *);
278 extern bool_t xdr_o_mode(XDR *, o_mode *);
279 extern bool_t xdr_aclent(XDR *, aclent_t *);
280 extern bool_t xdr_secattr(XDR *, vsecattr_t *);
281 
282 extern bool_t xdr_GETACL2args(XDR *, GETACL2args *);
283 extern bool_t xdr_fastGETACL2args(XDR *, GETACL2args **);
284 extern bool_t xdr_GETACL2resok(XDR *, GETACL2resok *);
285 extern bool_t xdr_GETACL2res(XDR *, GETACL2res *);
286 extern bool_t xdr_SETACL2args(XDR *, SETACL2args *);
287 extern bool_t xdr_SETACL2resok(XDR *, SETACL2resok *);
288 #ifdef _LITTLE_ENDIAN
289 extern bool_t xdr_fastSETACL2resok(XDR *, SETACL2resok *);
290 #endif
291 extern bool_t xdr_SETACL2res(XDR *, SETACL2res *);
292 #ifdef _LITTLE_ENDIAN
293 extern bool_t xdr_fastSETACL2res(XDR *, SETACL2res *);
294 #endif
295 extern bool_t xdr_GETATTR2args(XDR *, GETATTR2args *);
296 extern bool_t xdr_fastGETATTR2args(XDR *, GETATTR2args **);
297 extern bool_t xdr_GETATTR2resok(XDR *, GETATTR2resok *);
298 #ifdef _LITTLE_ENDIAN
299 extern bool_t xdr_fastGETATTR2resok(XDR *, GETATTR2resok *);
300 #endif
301 extern bool_t xdr_GETATTR2res(XDR *, GETATTR2res *);
302 #ifdef _LITTLE_ENDIAN
303 extern bool_t xdr_fastGETATTR2res(XDR *, GETATTR2res *);
304 #endif
305 extern bool_t xdr_ACCESS2args(XDR *, ACCESS2args *);
306 extern bool_t xdr_fastACCESS2args(XDR *, ACCESS2args **);
307 extern bool_t xdr_ACCESS2resok(XDR *, ACCESS2resok *);
308 #ifdef _LITTLE_ENDIAN
309 extern bool_t xdr_fastACCESS2resok(XDR *, ACCESS2resok *);
310 #endif
311 extern bool_t xdr_ACCESS2res(XDR *, ACCESS2res *);
312 #ifdef _LITTLE_ENDIAN
313 extern bool_t xdr_fastACCESS2res(XDR *, ACCESS2res *);
314 #endif
315 extern bool_t xdr_GETXATTRDIR2args(XDR *, GETXATTRDIR2args *);
316 extern bool_t xdr_GETXATTRDIR2res(XDR *, GETXATTRDIR2res *);
317 
318 extern bool_t xdr_GETACL3args(XDR *, GETACL3args *);
319 extern bool_t xdr_GETACL3resok(XDR *, GETACL3resok *);
320 extern bool_t xdr_GETACL3resfail(XDR *, GETACL3resfail *);
321 extern bool_t xdr_GETACL3res(XDR *, GETACL3res *);
322 extern bool_t xdr_SETACL3args(XDR *, SETACL3args *);
323 extern bool_t xdr_SETACL3resok(XDR *, SETACL3resok *);
324 extern bool_t xdr_SETACL3resfail(XDR *, SETACL3resfail *);
325 extern bool_t xdr_SETACL3res(XDR *, SETACL3res *);
326 extern bool_t xdr_GETXATTRDIR3args(XDR *, GETXATTRDIR3args *);
327 extern bool_t xdr_GETXATTRDIR3res(XDR *, GETXATTRDIR3res *);
328 
329 #endif
330 
331 #ifdef _KERNEL
332 /* the service procedures */
333 extern void acl2_getacl(GETACL2args *, GETACL2res *,
334     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
335 extern void *acl2_getacl_getfh(GETACL2args *);
336 extern void acl2_getacl_free(GETACL2res *);
337 extern void acl2_setacl(SETACL2args *, SETACL2res *,
338     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
339 extern void *acl2_setacl_getfh(SETACL2args *);
340 extern void acl2_getattr(GETATTR2args *, GETATTR2res *,
341     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
342 extern void *acl2_getattr_getfh(GETATTR2args *);
343 extern void acl2_access(ACCESS2args *, ACCESS2res *,
344     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
345 extern void *acl2_access_getfh(ACCESS2args *);
346 extern void acl2_getxattrdir(GETXATTRDIR2args *, GETXATTRDIR2res *,
347     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
348 extern void *acl2_getxattrdir_getfh(GETXATTRDIR2args *);
349 
350 extern void acl3_getacl(GETACL3args *, GETACL3res *,
351     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
352 extern void *acl3_getacl_getfh(GETACL3args *);
353 extern void acl3_getacl_free(GETACL3res *);
354 extern void acl3_setacl(SETACL3args *, SETACL3res *,
355     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
356 extern void *acl3_setacl_getfh(SETACL3args *);
357 extern void acl3_getxattrdir(GETXATTRDIR3args *, GETXATTRDIR3res *,
358     struct exportinfo *, struct svc_req *, cred_t *, bool_t);
359 extern void *acl3_getxattrdir_getfh(GETXATTRDIR3args *);
360 
361 #endif
362 
363 #ifdef _KERNEL
364 /* the client side procedures */
365 extern int acl_getacl2(vnode_t *, vsecattr_t *, int, cred_t *);
366 extern int acl_setacl2(vnode_t *, vsecattr_t *, int, cred_t *);
367 extern int acl_getattr2_otw(vnode_t *, vattr_t *, cred_t *);
368 extern int acl_access2(vnode_t *, int, int, cred_t *);
369 extern int acl_getxattrdir2(vnode_t *, vnode_t **, bool_t, cred_t *, int);
370 extern int acl_getacl3(vnode_t *, vsecattr_t *, int, cred_t *);
371 extern int acl_setacl3(vnode_t *, vsecattr_t *, int, cred_t *);
372 extern int acl_getxattrdir3(vnode_t *, vnode_t **, bool_t, cred_t *, int);
373 extern int acl2call(mntinfo_t *, rpcproc_t, xdrproc_t, caddr_t, xdrproc_t,
374 			caddr_t, cred_t *, int *, enum nfsstat *, int,
375 			failinfo_t *);
376 extern int acl3call(mntinfo_t *, rpcproc_t, xdrproc_t, caddr_t, xdrproc_t,
377 			caddr_t, cred_t *, int *, nfsstat3 *, int,
378 			failinfo_t *);
379 extern void nfs_acl_free(vsecattr_t *);
380 #endif
381 
382 #ifdef _KERNEL
383 /* server and client data structures */
384 extern kstat_named_t	*aclproccnt_v2_ptr;
385 extern kstat_t		**aclprocio_v2_ptr;
386 extern kstat_named_t	*aclproccnt_v3_ptr;
387 extern kstat_t		**aclprocio_v3_ptr;
388 
389 extern char		*aclnames_v2[];
390 extern uchar_t		acl_call_type_v2[];
391 extern uchar_t		acl_ss_call_type_v2[];
392 extern uchar_t		acl_timer_type_v2[];
393 
394 extern char		*aclnames_v3[];
395 extern uchar_t		acl_call_type_v3[];
396 extern uchar_t		acl_ss_call_type_v3[];
397 extern uchar_t		acl_timer_type_v3[];
398 #endif
399 
400 #ifdef	__cplusplus
401 }
402 #endif
403 
404 #endif	/* _NFS_NFS_ACL_H */
405