1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 /* Copyright (c) 1990 Mentat Inc. */ 27 28 #ifndef _INET_OPTCOM_H 29 #define _INET_OPTCOM_H 30 31 #pragma ident "%Z%%M% %I% %E% SMI" 32 33 #ifdef __cplusplus 34 extern "C" { 35 #endif 36 37 #if defined(_KERNEL) && defined(__STDC__) 38 39 /* Options Description Structure */ 40 typedef struct opdes_s { 41 t_uscalar_t opdes_name; /* option name */ 42 t_uscalar_t opdes_level; /* option "level" */ 43 int opdes_access_nopriv; /* permissions for non-privileged */ 44 int opdes_access_priv; /* permissions for privileged */ 45 int opdes_access_req_priv; /* required privilege, OP_NP if none */ 46 int opdes_props; /* properties of associated with option */ 47 t_uscalar_t opdes_size; /* length of option */ 48 /* [ or maxlen if variable */ 49 /* length(OP_VARLEN) property set for option] */ 50 union { 51 /* 52 * 53 * Note: C semantics: 54 * static initializer of "union" type assume 55 * the constant on RHS is of the type of the 56 * first member of the union. So what comes first 57 * is important. 58 */ 59 #define OPDES_DEFSZ_MAX 64 60 int64_t opdes_def_int64; 61 char opdes_def_charbuf[OPDES_DEFSZ_MAX]; 62 } opdes_def; 63 } opdes_t; 64 65 #define opdes_default opdes_def.opdes_def_int64 66 #define opdes_defbuf opdes_def.opdes_def_charbuf 67 /* 68 * Flags to set in opdes_acces_{all,priv} fields in opdes_t 69 * 70 * OA_R read access 71 * OA_W write access 72 * OA_RW read-write access 73 * OA_X execute access 74 * 75 * Note: - semantics "execute" access used for operations excuted using 76 * option management interface 77 * - no bits set means this option is not visible. Some options may not 78 * even be visible to all but priviliged users. 79 */ 80 #define OA_R 0x1 81 #define OA_W 0x2 82 #define OA_X 0x4 83 84 /* 85 * Utility macros to test permissions needed to compose more 86 * complex ones. (Only a few really used directly in code). 87 */ 88 #define OA_RW (OA_R|OA_W) 89 #define OA_WX (OA_W|OA_X) 90 #define OA_RX (OA_R|OA_X) 91 #define OA_RWX (OA_R|OA_W|OA_X) 92 93 #define OA_ANY_ACCESS(x) ((x)->opdes_access_nopriv|(x)->opdes_access_priv) 94 #define OA_R_NOPRIV(x) ((x)->opdes_access_nopriv & OA_R) 95 #define OA_R_ANYPRIV(x) (OA_ANY_ACCESS(x) & OA_R) 96 #define OA_W_NOPRIV(x) ((x)->opdes_access_nopriv & OA_W) 97 #define OA_X_ANYPRIV(x) (OA_ANY_ACCESS(x) & OA_X) 98 #define OA_X_NOPRIV(x) ((x)->opdes_access_nopriv & OA_X) 99 #define OA_W_ANYPRIV(x) (OA_ANY_ACCESS(x) & OA_W) 100 #define OA_WX_NOPRIV(x) ((x)->opdes_access_nopriv & OA_WX) 101 #define OA_WX_ANYPRIV(x) (OA_ANY_ACCESS(x) & OA_WX) 102 #define OA_RWX_ANYPRIV(x) (OA_ANY_ACCESS(x) & OA_RWX) 103 #define OA_RONLY_NOPRIV(x) (((x)->opdes_access_nopriv & OA_RWX) == OA_R) 104 #define OA_RONLY_ANYPRIV(x) ((OA_ANY_ACCESS(x) & OA_RWX) == OA_R) 105 106 #define OP_NP (-1) /* No privilege required */ 107 #define OP_CONFIG (0) /* Network configuration */ 108 #define OP_RAW (1) /* Raw packets */ 109 #define OP_PRIVPORT (2) /* Privileged ports */ 110 111 112 /* 113 * Following macros supply the option and their privilege and 114 * are used to determine permissions. 115 */ 116 #define OA_POLICY_OK(x, c) \ 117 (secpolicy_net((c), (x)->opdes_access_req_priv, B_FALSE) == 0) 118 119 #define OA_POLICY_ONLY_OK(x, c) \ 120 (secpolicy_net((c), (x)->opdes_access_req_priv, B_TRUE) == 0) 121 122 #define OA_MATCHED_PRIV(x, c) ((x)->opdes_access_req_priv != OP_NP && \ 123 OA_POLICY_ONLY_OK((x), (c))) 124 125 #define OA_READ_PERMISSION(x, c) (OA_R_NOPRIV(x) || \ 126 (OA_R_ANYPRIV(x) && OA_POLICY_OK((x), (c)))) 127 128 #define OA_WRITE_OR_EXECUTE(x, c) (OA_WX_NOPRIV(x) || \ 129 (OA_WX_ANYPRIV(x) && OA_POLICY_OK((x), (c)))) 130 131 #define OA_READONLY_PERMISSION(x, c) (OA_RONLY_NOPRIV(x) || \ 132 (OA_RONLY_ANYPRIV(x) && OA_POLICY_OK((x), (c)))) 133 134 #define OA_WRITE_PERMISSION(x, c) (OA_W_NOPRIV(x) || \ 135 (OA_W_ANYPRIV(x) && OA_POLICY_ONLY_OK((x), (c)))) 136 137 #define OA_EXECUTE_PERMISSION(x, c) (OA_X_NOPRIV(x) || \ 138 (OA_X_ANYPRIV(x) && OA_POLICY_ONLY_OK((x), (c)))) 139 140 #define OA_NO_PERMISSION(x, c) (OA_MATCHED_PRIV((x), (c)) ? \ 141 ((x)->opdes_access_priv == 0) : ((x)->opdes_access_nopriv == 0)) 142 143 /* 144 * Other properties set in opdes_props field. 145 */ 146 #define OP_PASSNEXT 0x1 /* to pass option to next module or not */ 147 #define OP_VARLEN 0x2 /* option is varible length */ 148 #define OP_NOT_ABSREQ 0x4 /* option is not a "absolute requirement" */ 149 /* i.e. failure to negotiate does not */ 150 /* abort primitive ("ignore" semantics ok) */ 151 #define OP_NODEFAULT 0x8 /* no concept of "default value" */ 152 #define OP_DEF_FN 0x10 /* call a "default function" to get default */ 153 /* value, not from static table */ 154 155 156 /* 157 * Structure to represent attributed of option management specific 158 * to one particular layer of "transport". 159 */ 160 161 typedef t_uscalar_t optlevel_t; 162 163 typedef int (*opt_def_fn)(queue_t *, int, int, uchar_t *); 164 typedef int (*opt_get_fn)(queue_t *, int, int, uchar_t *); 165 typedef int (*opt_set_fn)(queue_t *, uint_t, int, int, uint_t, uchar_t *, 166 uint_t *, uchar_t *, void *, cred_t *, mblk_t *); 167 168 typedef struct optdb_obj { 169 opt_def_fn odb_deffn; /* default value function */ 170 opt_get_fn odb_getfn; /* get function */ 171 opt_set_fn odb_setfn; /* set function */ 172 boolean_t odb_topmost_tpiprovider; /* whether topmost tpi */ 173 /* provider or downstream */ 174 uint_t odb_opt_arr_cnt; /* count of number of options in db */ 175 opdes_t *odb_opt_des_arr; /* option descriptors in db */ 176 uint_t odb_valid_levels_arr_cnt; 177 /* count of option levels supported */ 178 optlevel_t *odb_valid_levels_arr; 179 /* array of option levels supported */ 180 } optdb_obj_t; 181 182 /* 183 * This is used to restart option processing. This goes inside an M_CTL 184 * which is prepended to the packet. IP may need to become exclusive on 185 * an ill for setting some options. For dg. IP_ADD_MEMBERSHIP. Since 186 * there can be more than 1 option packed in an option buffer, we need to 187 * remember where to restart option processing after resuming from a wait 188 * for exclusive condition in IP. 189 */ 190 typedef struct opt_restart_s { 191 struct opthdr *or_start; /* start of option buffer */ 192 struct opthdr *or_end; /* end of option buffer */ 193 struct opthdr *or_ropt; /* restart option here */ 194 t_uscalar_t or_worst_status; /* Used by tpi_optcom_req */ 195 t_uscalar_t or_type; /* svr4 or tpi optcom variant */ 196 int or_private; /* currently used by CGTP */ 197 } opt_restart_t; 198 /* 199 * Values for "optset_context" parameter passed to 200 * transport specific "setfn()" routines 201 */ 202 #define SETFN_OPTCOM_CHECKONLY 1 /* "checkonly" semantics T_CHECK */ 203 #define SETFN_OPTCOM_NEGOTIATE 2 /* semantics for T_*_OPTCOM_REQ */ 204 #define SETFN_UD_NEGOTIATE 3 /* semantics for T_UNITDATA_REQ */ 205 #define SETFN_CONN_NEGOTIATE 4 /* semantics for T_CONN_*_REQ */ 206 207 /* 208 * Object to represent database of options to search passed to 209 * {sock,tpi}optcom_req() interface routine to take care of option 210 * management and associated methods. 211 */ 212 extern optdb_obj_t tcp_opt_obj; 213 extern optdb_obj_t udp_opt_obj; 214 extern optdb_obj_t ip_opt_obj; 215 216 extern uint_t tcp_max_optsize; 217 extern uint_t udp_max_optsize; 218 219 /* 220 * Function prototypes 221 */ 222 extern void optcom_err_ack(queue_t *, mblk_t *, t_scalar_t, int); 223 extern int svr4_optcom_req(queue_t *, mblk_t *, cred_t *, optdb_obj_t *); 224 extern int tpi_optcom_req(queue_t *, mblk_t *, cred_t *, optdb_obj_t *); 225 extern int tpi_optcom_buf(queue_t *, mblk_t *, t_scalar_t *, t_scalar_t, 226 cred_t *, optdb_obj_t *, void *, int *); 227 extern t_uscalar_t optcom_max_optsize(opdes_t *, uint_t); 228 229 #endif /* defined(_KERNEL) && defined(__STDC__) */ 230 231 #ifdef __cplusplus 232 } 233 #endif 234 235 #endif /* _INET_OPTCOM_H */ 236