xref: /onnv-gate/usr/src/uts/common/sys/klpd.h (revision 12273:63678502e95e) 
16134Scasper /*
26134Scasper  * CDDL HEADER START
36134Scasper  *
46134Scasper  * The contents of this file are subject to the terms of the
56134Scasper  * Common Development and Distribution License (the "License").
66134Scasper  * You may not use this file except in compliance with the License.
76134Scasper  *
86134Scasper  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
96134Scasper  * or http://www.opensolaris.org/os/licensing.
106134Scasper  * See the License for the specific language governing permissions
116134Scasper  * and limitations under the License.
126134Scasper  *
136134Scasper  * When distributing Covered Code, include this CDDL HEADER in each
146134Scasper  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
156134Scasper  * If applicable, add the following below this CDDL HEADER, with the
166134Scasper  * fields enclosed by brackets "[]" replaced with your own identifying
176134Scasper  * information: Portions Copyright [yyyy] [name of copyright owner]
186134Scasper  *
196134Scasper  * CDDL HEADER END
206134Scasper  */
216134Scasper /*
22*12273SCasper.Dik@Sun.COM  * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
236134Scasper  */
246134Scasper 
256134Scasper #ifndef	_SYS_KLPD_H
266134Scasper #define	_SYS_KLPD_H
276134Scasper 
286134Scasper #include <sys/types.h>
296134Scasper #include <sys/priv.h>
306134Scasper #include <sys/procset.h>
316134Scasper 
326134Scasper #ifdef _KERNEL
336134Scasper #include <sys/cred.h>
346134Scasper #include <sys/sysmacros.h>
356134Scasper #include <sys/varargs.h>
366134Scasper #endif
376134Scasper 
386134Scasper #ifdef	__cplusplus
396134Scasper extern "C" {
406134Scasper #endif
416134Scasper 
426134Scasper #define	KLPDCALL_VERS		1
436134Scasper 
446134Scasper #define	KLPDARG_NOMORE		0		/* End of argument List */
456134Scasper #define	KLPDARG_NONE		0		/* No argument */
466134Scasper #define	KLPDARG_VNODE		1		/* vnode_t * */
476134Scasper #define	KLPDARG_INT		2		/* int */
486134Scasper #define	KLPDARG_PORT		3		/* int, port number */
496134Scasper #define	KLPDARG_TCPPORT		4		/* int, tcp port number */
506134Scasper #define	KLPDARG_UDPPORT		5		/* int, udp port number */
516134Scasper #define	KLPDARG_SCTPPORT	6		/* int, sctp port number */
526134Scasper #define	KLPDARG_SDPPORT		7		/* int, sdp port number */
536134Scasper 
546134Scasper #ifdef _KERNEL
556134Scasper 
566134Scasper struct klpd_reg;
576134Scasper struct credklpd;
586134Scasper 
596134Scasper int klpd_reg(int, idtype_t, id_t, priv_set_t *);
606134Scasper int klpd_unreg(int, idtype_t, id_t);
61*12273SCasper.Dik@Sun.COM void klpd_freelist(struct klpd_reg **);
626134Scasper void klpd_rele(struct klpd_reg *);
636134Scasper int klpd_call(const cred_t *, const priv_set_t *, va_list);
646134Scasper void crklpd_hold(struct credklpd *);
656134Scasper void crklpd_rele(struct credklpd *);
66*12273SCasper.Dik@Sun.COM int pfexec_reg(int);
67*12273SCasper.Dik@Sun.COM int pfexec_unreg(int);
68*12273SCasper.Dik@Sun.COM int pfexec_call(const cred_t *, struct pathname *, cred_t **, boolean_t *);
69*12273SCasper.Dik@Sun.COM int get_forced_privs(const cred_t *, const char *, priv_set_t *);
70*12273SCasper.Dik@Sun.COM int check_user_privs(const cred_t *, const priv_set_t *);
716134Scasper 
726134Scasper #endif /* _KERNEL */
736134Scasper 
746134Scasper typedef struct klpd_head {
756134Scasper 	uint32_t	klh_vers;		/* Version */
766134Scasper 	uint32_t	klh_len;		/* Length of full packet */
776134Scasper 	uint32_t	klh_argoff;		/* Offset of argument */
786134Scasper 	uint32_t	klh_privoff;		/* Offset of privilege set */
796134Scasper } klpd_head_t;
806134Scasper 
816134Scasper #define	KLH_PRIVSET(kh)	((priv_set_t *)(((kh)->klh_privoff == 0 ? NULL : \
826134Scasper 			(char *)(kh) + (kh)->klh_privoff)))
836134Scasper #define	KLH_ARG(kh)	((void *)((kh)->klh_argoff != 0 ? \
846134Scasper 			(char *)(kh) + (kh)->klh_argoff : NULL))
856134Scasper 
866134Scasper typedef struct klpd_arg {
876134Scasper 	uint_t	kla_type;
886134Scasper 	uint_t	kla_dlen;
896134Scasper 	union {
906134Scasper 		char	__cdata[1];
916134Scasper 		int	__idata;
926134Scasper 		uint_t	__uidata;
936134Scasper 	} kla_data;
946134Scasper } klpd_arg_t;
956134Scasper 
966134Scasper #define	kla_str		kla_data.__cdata
976134Scasper #define	kla_int		kla_data.__idata
986134Scasper #define	kla_uint	kla_data.__uidata
996134Scasper 
100*12273SCasper.Dik@Sun.COM #define	PFEXEC_ARG_VERS			0x1
101*12273SCasper.Dik@Sun.COM #define	PFEXEC_EXEC_ATTRS		0x1	/* pfexec_reply_t */
102*12273SCasper.Dik@Sun.COM #define	PFEXEC_FORCED_PRIVS		0x2	/* priv_set_t */
103*12273SCasper.Dik@Sun.COM #define	PFEXEC_USER_PRIVS		0x3	/* uint32_t */
104*12273SCasper.Dik@Sun.COM 
105*12273SCasper.Dik@Sun.COM #define	PFEXEC_ARG_SIZE(bufsize)	\
106*12273SCasper.Dik@Sun.COM 	(offsetof(pfexec_arg_t, pfa_data) + (bufsize))
107*12273SCasper.Dik@Sun.COM 
108*12273SCasper.Dik@Sun.COM typedef struct pfexec_arg {
109*12273SCasper.Dik@Sun.COM 	uint_t	pfa_vers;		/* Caller version */
110*12273SCasper.Dik@Sun.COM 	uint_t	pfa_call;		/* Call type */
111*12273SCasper.Dik@Sun.COM 	uint_t	pfa_len;		/* Length of data */
112*12273SCasper.Dik@Sun.COM 	uid_t	pfa_uid;		/* Real uid of subject */
113*12273SCasper.Dik@Sun.COM 	union {
114*12273SCasper.Dik@Sun.COM 		char		__pfa_path[1];
115*12273SCasper.Dik@Sun.COM 		uint32_t	__pfa_buf[1];
116*12273SCasper.Dik@Sun.COM 	} pfa_data;
117*12273SCasper.Dik@Sun.COM } pfexec_arg_t;
118*12273SCasper.Dik@Sun.COM 
119*12273SCasper.Dik@Sun.COM #define	pfa_path	pfa_data.__pfa_path
120*12273SCasper.Dik@Sun.COM #define	pfa_buf		pfa_data.__pfa_buf
121*12273SCasper.Dik@Sun.COM 
122*12273SCasper.Dik@Sun.COM #define	PFEXEC_NOTSET		((uid_t)-1)
123*12273SCasper.Dik@Sun.COM 
124*12273SCasper.Dik@Sun.COM typedef struct pfexec_reply {
125*12273SCasper.Dik@Sun.COM 	uint_t		pfr_vers;
126*12273SCasper.Dik@Sun.COM 	uint_t		pfr_len;
127*12273SCasper.Dik@Sun.COM 	uid_t		pfr_ruid, pfr_euid;
128*12273SCasper.Dik@Sun.COM 	gid_t		pfr_rgid, pfr_egid;
129*12273SCasper.Dik@Sun.COM 	boolean_t	pfr_setcred;
130*12273SCasper.Dik@Sun.COM 	boolean_t	pfr_scrubenv;
131*12273SCasper.Dik@Sun.COM 	boolean_t	pfr_clearflag;
132*12273SCasper.Dik@Sun.COM 	boolean_t	pfr_allowed;
133*12273SCasper.Dik@Sun.COM 	uint_t		pfr_ioff;
134*12273SCasper.Dik@Sun.COM 	uint_t		pfr_loff;
135*12273SCasper.Dik@Sun.COM } pfexec_reply_t;
136*12273SCasper.Dik@Sun.COM 
137*12273SCasper.Dik@Sun.COM #define	PFEXEC_REPLY_IPRIV(pfr)	\
138*12273SCasper.Dik@Sun.COM 	((pfr)->pfr_ioff ? (priv_set_t *)((char *)(pfr) + (pfr)->pfr_ioff) \
139*12273SCasper.Dik@Sun.COM 	:  (priv_set_t *)0)
140*12273SCasper.Dik@Sun.COM #define	PFEXEC_REPLY_LPRIV(pfr)	\
141*12273SCasper.Dik@Sun.COM 	((pfr)->pfr_loff ? (priv_set_t *)((char *)(pfr) + (pfr)->pfr_loff) \
142*12273SCasper.Dik@Sun.COM 	:  (priv_set_t *)0)
143*12273SCasper.Dik@Sun.COM 
1446134Scasper #ifdef	__cplusplus
1456134Scasper }
1466134Scasper #endif
1476134Scasper 
1486134Scasper #endif	/* _SYS_KLPD_H */
149