cred.h revision bda89588bd7667394a834e8a9a34612cce2ae9c3
1N/A/*
1N/A * CDDL HEADER START
1N/A *
1N/A * The contents of this file are subject to the terms of the
1N/A * Common Development and Distribution License (the "License").
1N/A * You may not use this file except in compliance with the License.
1N/A *
1N/A * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
1N/A * or http://www.opensolaris.org/os/licensing.
1N/A * See the License for the specific language governing permissions
1N/A * and limitations under the License.
1N/A *
1N/A * When distributing Covered Code, include this CDDL HEADER in each
1N/A * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
1N/A * If applicable, add the following below this CDDL HEADER, with the
1N/A * fields enclosed by brackets "[]" replaced with your own identifying
1N/A * information: Portions Copyright [yyyy] [name of copyright owner]
1N/A *
1N/A * CDDL HEADER END
1N/A */
1N/A/*
1N/A * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
1N/A * Use is subject to license terms.
1N/A */
1N/A
1N/A/* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
1N/A/* All Rights Reserved */
1N/A
1N/A/*
1N/A * Portions of this source code were derived from Berkeley 4.3 BSD
1N/A * under license from the Regents of the University of California.
1N/A */
1N/A
1N/A#ifndef _SYS_CRED_H
1N/A#define _SYS_CRED_H
1N/A
1N/A#pragma ident "%Z%%M% %I% %E% SMI"
1N/A
1N/A#include <sys/types.h>
1N/A
1N/A#ifdef __cplusplus
1N/Aextern "C" {
1N/A#endif
1N/A
1N/A/*
1N/A * The credential is an opaque kernel private data structure defined in
1N/A * <sys/cred_impl.h>.
1N/A */
1N/A
1N/Atypedef struct cred cred_t;
1N/A
1N/A#ifdef _KERNEL
1N/A
1N/A#define CRED() curthread->t_cred
1N/A
1N/Astruct proc; /* cred.h is included in proc.h */
1N/Astruct prcred;
1N/Astruct ksid;
1N/Astruct ksidlist;
1N/A
1N/Astruct auditinfo_addr; /* cred.h is included in audit.h */
1N/A
1N/Aextern int ngroups_max;
1N/A/*
1N/A * kcred is used when you need all privileges.
1N/A */
1N/Aextern struct cred *kcred;
1N/A
1N/Aextern void cred_init(void);
1N/Aextern void crhold(cred_t *);
1N/Aextern void crfree(cred_t *);
1N/Aextern cred_t *cralloc(void); /* all but ref uninitialized */
1N/Aextern cred_t *cralloc_ksid(void); /* cralloc() + ksid alloc'ed */
1N/Aextern cred_t *crget(void); /* initialized */
1N/Aextern cred_t *crcopy(cred_t *);
1N/Aextern void crcopy_to(cred_t *, cred_t *);
1N/Aextern cred_t *crdup(cred_t *);
1N/Aextern void crdup_to(cred_t *, cred_t *);
1N/Aextern cred_t *crgetcred(void);
1N/Aextern void crset(struct proc *, cred_t *);
1N/Aextern int groupmember(gid_t, const cred_t *);
1N/Aextern int supgroupmember(gid_t, const cred_t *);
1N/Aextern int hasprocperm(const cred_t *, const cred_t *);
1N/Aextern int prochasprocperm(struct proc *, struct proc *, const cred_t *);
1N/Aextern int crcmp(const cred_t *, const cred_t *);
1N/Aextern cred_t *zone_kcred(void);
1N/A
1N/Aextern uid_t crgetuid(const cred_t *);
1N/Aextern uid_t crgetruid(const cred_t *);
1N/Aextern uid_t crgetsuid(const cred_t *);
1N/Aextern gid_t crgetgid(const cred_t *);
1N/Aextern gid_t crgetrgid(const cred_t *);
1N/Aextern gid_t crgetsgid(const cred_t *);
1N/Aextern zoneid_t crgetzoneid(const cred_t *);
1N/Aextern projid_t crgetprojid(const cred_t *);
1N/A
1N/Aextern cred_t *crgetmapped(const cred_t *);
1N/A
1N/A
1N/Aextern const struct auditinfo_addr *crgetauinfo(const cred_t *);
1N/Aextern struct auditinfo_addr *crgetauinfo_modifiable(cred_t *);
1N/A
1N/Aextern uint_t crgetref(const cred_t *);
1N/A
1N/Aextern const gid_t *crgetgroups(const cred_t *);
1N/A
1N/Aextern int crgetngroups(const cred_t *);
1N/A
1N/A/*
1N/A * Sets real, effective and/or saved uid/gid;
1N/A * -1 argument accepted as "no change".
1N/A */
1N/Aextern int crsetresuid(cred_t *, uid_t, uid_t, uid_t);
1N/Aextern int crsetresgid(cred_t *, gid_t, gid_t, gid_t);
1N/A
1N/A/*
1N/A * Sets real, effective and saved uids/gids all to the same
1N/A * values. Both values must be non-negative and <= MAXUID
1N/A */
1N/Aextern int crsetugid(cred_t *, uid_t, gid_t);
1N/A
1N/Aextern int crsetgroups(cred_t *, int, gid_t *);
1N/A
1N/A/*
1N/A * Private interface for setting zone association of credential.
1N/A */
1N/Astruct zone;
1N/Aextern void crsetzone(cred_t *, struct zone *);
1N/Aextern struct zone *crgetzone(const cred_t *);
1N/A
1N/A/*
1N/A * Private interface for setting project id in credential.
1N/A */
1N/Aextern void crsetprojid(cred_t *, projid_t);
1N/A
1N/A/*
1N/A * Private interface for nfs.
1N/A */
1N/Aextern cred_t *crnetadjust(cred_t *);
1N/A
1N/A/*
1N/A * Private interface for procfs.
1N/A */
1N/Aextern void cred2prcred(const cred_t *, struct prcred *);
1N/A
1N/A/*
1N/A * Private interfaces for Rampart Trusted Solaris.
1N/A */
1N/Astruct ts_label_s;
1N/Aextern struct ts_label_s *crgetlabel(const cred_t *);
1N/Aextern boolean_t crisremote(const cred_t *);
1N/A
1N/A/*
1N/A * Private interfaces for ephemeral uids.
1N/A */
1N/A#define VALID_UID(id, zn) \
1N/A ((id) <= MAXUID || valid_ephemeral_uid((zn), (id)))
1N/A
1N/A#define VALID_GID(id, zn) \
1N/A ((id) <= MAXUID || valid_ephemeral_gid((zn), (id)))
1N/A
1N/Aextern boolean_t valid_ephemeral_uid(struct zone *, uid_t);
1N/Aextern boolean_t valid_ephemeral_gid(struct zone *, gid_t);
1N/A
1N/Aextern int eph_uid_alloc(struct zone *, int, uid_t *, int);
1N/Aextern int eph_gid_alloc(struct zone *, int, gid_t *, int);
1N/A
1N/Aextern void crsetsid(cred_t *, struct ksid *, int);
1N/Aextern void crsetsidlist(cred_t *, struct ksidlist *);
1N/A
1N/Aextern struct ksid *crgetsid(const cred_t *, int);
1N/Aextern struct ksidlist *crgetsidlist(const cred_t *);
1N/A
1N/Aextern int crsetpriv(cred_t *, ...);
1N/A
1N/A#endif /* _KERNEL */
1N/A
1N/A#ifdef __cplusplus
1N/A}
1N/A#endif
1N/A
1N/A#endif /* _SYS_CRED_H */
1N/A