18c2ecf20Sopenharmony_ci/* SPDX-License-Identifier: GPL-2.0+ */ 28c2ecf20Sopenharmony_ci/* 38c2ecf20Sopenharmony_ci * GSS Proxy upcall module 48c2ecf20Sopenharmony_ci * 58c2ecf20Sopenharmony_ci * Copyright (C) 2012 Simo Sorce <simo@redhat.com> 68c2ecf20Sopenharmony_ci */ 78c2ecf20Sopenharmony_ci 88c2ecf20Sopenharmony_ci#ifndef _LINUX_GSS_RPC_XDR_H 98c2ecf20Sopenharmony_ci#define _LINUX_GSS_RPC_XDR_H 108c2ecf20Sopenharmony_ci 118c2ecf20Sopenharmony_ci#include <linux/sunrpc/xdr.h> 128c2ecf20Sopenharmony_ci#include <linux/sunrpc/clnt.h> 138c2ecf20Sopenharmony_ci#include <linux/sunrpc/xprtsock.h> 148c2ecf20Sopenharmony_ci 158c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_SUNRPC_DEBUG) 168c2ecf20Sopenharmony_ci# define RPCDBG_FACILITY RPCDBG_AUTH 178c2ecf20Sopenharmony_ci#endif 188c2ecf20Sopenharmony_ci 198c2ecf20Sopenharmony_ci#define LUCID_OPTION "exported_context_type" 208c2ecf20Sopenharmony_ci#define LUCID_VALUE "linux_lucid_v1" 218c2ecf20Sopenharmony_ci#define CREDS_OPTION "exported_creds_type" 228c2ecf20Sopenharmony_ci#define CREDS_VALUE "linux_creds_v1" 238c2ecf20Sopenharmony_ci 248c2ecf20Sopenharmony_citypedef struct xdr_netobj gssx_buffer; 258c2ecf20Sopenharmony_citypedef struct xdr_netobj utf8string; 268c2ecf20Sopenharmony_citypedef struct xdr_netobj gssx_OID; 278c2ecf20Sopenharmony_ci 288c2ecf20Sopenharmony_cienum gssx_cred_usage { 298c2ecf20Sopenharmony_ci GSSX_C_INITIATE = 1, 308c2ecf20Sopenharmony_ci GSSX_C_ACCEPT = 2, 318c2ecf20Sopenharmony_ci GSSX_C_BOTH = 3, 328c2ecf20Sopenharmony_ci}; 338c2ecf20Sopenharmony_ci 348c2ecf20Sopenharmony_cistruct gssx_option { 358c2ecf20Sopenharmony_ci gssx_buffer option; 368c2ecf20Sopenharmony_ci gssx_buffer value; 378c2ecf20Sopenharmony_ci}; 388c2ecf20Sopenharmony_ci 398c2ecf20Sopenharmony_cistruct gssx_option_array { 408c2ecf20Sopenharmony_ci u32 count; 418c2ecf20Sopenharmony_ci struct gssx_option *data; 428c2ecf20Sopenharmony_ci}; 438c2ecf20Sopenharmony_ci 448c2ecf20Sopenharmony_cistruct gssx_status { 458c2ecf20Sopenharmony_ci u64 major_status; 468c2ecf20Sopenharmony_ci gssx_OID mech; 478c2ecf20Sopenharmony_ci u64 minor_status; 488c2ecf20Sopenharmony_ci utf8string major_status_string; 498c2ecf20Sopenharmony_ci utf8string minor_status_string; 508c2ecf20Sopenharmony_ci gssx_buffer server_ctx; 518c2ecf20Sopenharmony_ci struct gssx_option_array options; 528c2ecf20Sopenharmony_ci}; 538c2ecf20Sopenharmony_ci 548c2ecf20Sopenharmony_cistruct gssx_call_ctx { 558c2ecf20Sopenharmony_ci utf8string locale; 568c2ecf20Sopenharmony_ci gssx_buffer server_ctx; 578c2ecf20Sopenharmony_ci struct gssx_option_array options; 588c2ecf20Sopenharmony_ci}; 598c2ecf20Sopenharmony_ci 608c2ecf20Sopenharmony_cistruct gssx_name_attr { 618c2ecf20Sopenharmony_ci gssx_buffer attr; 628c2ecf20Sopenharmony_ci gssx_buffer value; 638c2ecf20Sopenharmony_ci struct gssx_option_array extensions; 648c2ecf20Sopenharmony_ci}; 658c2ecf20Sopenharmony_ci 668c2ecf20Sopenharmony_cistruct gssx_name_attr_array { 678c2ecf20Sopenharmony_ci u32 count; 688c2ecf20Sopenharmony_ci struct gssx_name_attr *data; 698c2ecf20Sopenharmony_ci}; 708c2ecf20Sopenharmony_ci 718c2ecf20Sopenharmony_cistruct gssx_name { 728c2ecf20Sopenharmony_ci gssx_buffer display_name; 738c2ecf20Sopenharmony_ci}; 748c2ecf20Sopenharmony_citypedef struct gssx_name gssx_name; 758c2ecf20Sopenharmony_ci 768c2ecf20Sopenharmony_cistruct gssx_cred_element { 778c2ecf20Sopenharmony_ci gssx_name MN; 788c2ecf20Sopenharmony_ci gssx_OID mech; 798c2ecf20Sopenharmony_ci u32 cred_usage; 808c2ecf20Sopenharmony_ci u64 initiator_time_rec; 818c2ecf20Sopenharmony_ci u64 acceptor_time_rec; 828c2ecf20Sopenharmony_ci struct gssx_option_array options; 838c2ecf20Sopenharmony_ci}; 848c2ecf20Sopenharmony_ci 858c2ecf20Sopenharmony_cistruct gssx_cred_element_array { 868c2ecf20Sopenharmony_ci u32 count; 878c2ecf20Sopenharmony_ci struct gssx_cred_element *data; 888c2ecf20Sopenharmony_ci}; 898c2ecf20Sopenharmony_ci 908c2ecf20Sopenharmony_cistruct gssx_cred { 918c2ecf20Sopenharmony_ci gssx_name desired_name; 928c2ecf20Sopenharmony_ci struct gssx_cred_element_array elements; 938c2ecf20Sopenharmony_ci gssx_buffer cred_handle_reference; 948c2ecf20Sopenharmony_ci u32 needs_release; 958c2ecf20Sopenharmony_ci}; 968c2ecf20Sopenharmony_ci 978c2ecf20Sopenharmony_cistruct gssx_ctx { 988c2ecf20Sopenharmony_ci gssx_buffer exported_context_token; 998c2ecf20Sopenharmony_ci gssx_buffer state; 1008c2ecf20Sopenharmony_ci u32 need_release; 1018c2ecf20Sopenharmony_ci gssx_OID mech; 1028c2ecf20Sopenharmony_ci gssx_name src_name; 1038c2ecf20Sopenharmony_ci gssx_name targ_name; 1048c2ecf20Sopenharmony_ci u64 lifetime; 1058c2ecf20Sopenharmony_ci u64 ctx_flags; 1068c2ecf20Sopenharmony_ci u32 locally_initiated; 1078c2ecf20Sopenharmony_ci u32 open; 1088c2ecf20Sopenharmony_ci struct gssx_option_array options; 1098c2ecf20Sopenharmony_ci}; 1108c2ecf20Sopenharmony_ci 1118c2ecf20Sopenharmony_cistruct gssx_cb { 1128c2ecf20Sopenharmony_ci u64 initiator_addrtype; 1138c2ecf20Sopenharmony_ci gssx_buffer initiator_address; 1148c2ecf20Sopenharmony_ci u64 acceptor_addrtype; 1158c2ecf20Sopenharmony_ci gssx_buffer acceptor_address; 1168c2ecf20Sopenharmony_ci gssx_buffer application_data; 1178c2ecf20Sopenharmony_ci}; 1188c2ecf20Sopenharmony_ci 1198c2ecf20Sopenharmony_ci 1208c2ecf20Sopenharmony_ci/* This structure is not defined in the protocol. 1218c2ecf20Sopenharmony_ci * It is used in the kernel to carry around a big buffer 1228c2ecf20Sopenharmony_ci * as a set of pages */ 1238c2ecf20Sopenharmony_cistruct gssp_in_token { 1248c2ecf20Sopenharmony_ci struct page **pages; /* Array of contiguous pages */ 1258c2ecf20Sopenharmony_ci unsigned int page_base; /* Start of page data */ 1268c2ecf20Sopenharmony_ci unsigned int page_len; /* Length of page data */ 1278c2ecf20Sopenharmony_ci}; 1288c2ecf20Sopenharmony_ci 1298c2ecf20Sopenharmony_cistruct gssx_arg_accept_sec_context { 1308c2ecf20Sopenharmony_ci struct gssx_call_ctx call_ctx; 1318c2ecf20Sopenharmony_ci struct gssx_ctx *context_handle; 1328c2ecf20Sopenharmony_ci struct gssx_cred *cred_handle; 1338c2ecf20Sopenharmony_ci struct gssp_in_token input_token; 1348c2ecf20Sopenharmony_ci struct gssx_cb *input_cb; 1358c2ecf20Sopenharmony_ci u32 ret_deleg_cred; 1368c2ecf20Sopenharmony_ci struct gssx_option_array options; 1378c2ecf20Sopenharmony_ci struct page **pages; 1388c2ecf20Sopenharmony_ci unsigned int npages; 1398c2ecf20Sopenharmony_ci}; 1408c2ecf20Sopenharmony_ci 1418c2ecf20Sopenharmony_cistruct gssx_res_accept_sec_context { 1428c2ecf20Sopenharmony_ci struct gssx_status status; 1438c2ecf20Sopenharmony_ci struct gssx_ctx *context_handle; 1448c2ecf20Sopenharmony_ci gssx_buffer *output_token; 1458c2ecf20Sopenharmony_ci /* struct gssx_cred *delegated_cred_handle; not used in kernel */ 1468c2ecf20Sopenharmony_ci struct gssx_option_array options; 1478c2ecf20Sopenharmony_ci}; 1488c2ecf20Sopenharmony_ci 1498c2ecf20Sopenharmony_ci 1508c2ecf20Sopenharmony_ci 1518c2ecf20Sopenharmony_ci#define gssx_enc_indicate_mechs NULL 1528c2ecf20Sopenharmony_ci#define gssx_dec_indicate_mechs NULL 1538c2ecf20Sopenharmony_ci#define gssx_enc_get_call_context NULL 1548c2ecf20Sopenharmony_ci#define gssx_dec_get_call_context NULL 1558c2ecf20Sopenharmony_ci#define gssx_enc_import_and_canon_name NULL 1568c2ecf20Sopenharmony_ci#define gssx_dec_import_and_canon_name NULL 1578c2ecf20Sopenharmony_ci#define gssx_enc_export_cred NULL 1588c2ecf20Sopenharmony_ci#define gssx_dec_export_cred NULL 1598c2ecf20Sopenharmony_ci#define gssx_enc_import_cred NULL 1608c2ecf20Sopenharmony_ci#define gssx_dec_import_cred NULL 1618c2ecf20Sopenharmony_ci#define gssx_enc_acquire_cred NULL 1628c2ecf20Sopenharmony_ci#define gssx_dec_acquire_cred NULL 1638c2ecf20Sopenharmony_ci#define gssx_enc_store_cred NULL 1648c2ecf20Sopenharmony_ci#define gssx_dec_store_cred NULL 1658c2ecf20Sopenharmony_ci#define gssx_enc_init_sec_context NULL 1668c2ecf20Sopenharmony_ci#define gssx_dec_init_sec_context NULL 1678c2ecf20Sopenharmony_civoid gssx_enc_accept_sec_context(struct rpc_rqst *req, 1688c2ecf20Sopenharmony_ci struct xdr_stream *xdr, 1698c2ecf20Sopenharmony_ci const void *data); 1708c2ecf20Sopenharmony_ciint gssx_dec_accept_sec_context(struct rpc_rqst *rqstp, 1718c2ecf20Sopenharmony_ci struct xdr_stream *xdr, 1728c2ecf20Sopenharmony_ci void *data); 1738c2ecf20Sopenharmony_ci#define gssx_enc_release_handle NULL 1748c2ecf20Sopenharmony_ci#define gssx_dec_release_handle NULL 1758c2ecf20Sopenharmony_ci#define gssx_enc_get_mic NULL 1768c2ecf20Sopenharmony_ci#define gssx_dec_get_mic NULL 1778c2ecf20Sopenharmony_ci#define gssx_enc_verify NULL 1788c2ecf20Sopenharmony_ci#define gssx_dec_verify NULL 1798c2ecf20Sopenharmony_ci#define gssx_enc_wrap NULL 1808c2ecf20Sopenharmony_ci#define gssx_dec_wrap NULL 1818c2ecf20Sopenharmony_ci#define gssx_enc_unwrap NULL 1828c2ecf20Sopenharmony_ci#define gssx_dec_unwrap NULL 1838c2ecf20Sopenharmony_ci#define gssx_enc_wrap_size_limit NULL 1848c2ecf20Sopenharmony_ci#define gssx_dec_wrap_size_limit NULL 1858c2ecf20Sopenharmony_ci 1868c2ecf20Sopenharmony_ci/* non implemented calls are set to 0 size */ 1878c2ecf20Sopenharmony_ci#define GSSX_ARG_indicate_mechs_sz 0 1888c2ecf20Sopenharmony_ci#define GSSX_RES_indicate_mechs_sz 0 1898c2ecf20Sopenharmony_ci#define GSSX_ARG_get_call_context_sz 0 1908c2ecf20Sopenharmony_ci#define GSSX_RES_get_call_context_sz 0 1918c2ecf20Sopenharmony_ci#define GSSX_ARG_import_and_canon_name_sz 0 1928c2ecf20Sopenharmony_ci#define GSSX_RES_import_and_canon_name_sz 0 1938c2ecf20Sopenharmony_ci#define GSSX_ARG_export_cred_sz 0 1948c2ecf20Sopenharmony_ci#define GSSX_RES_export_cred_sz 0 1958c2ecf20Sopenharmony_ci#define GSSX_ARG_import_cred_sz 0 1968c2ecf20Sopenharmony_ci#define GSSX_RES_import_cred_sz 0 1978c2ecf20Sopenharmony_ci#define GSSX_ARG_acquire_cred_sz 0 1988c2ecf20Sopenharmony_ci#define GSSX_RES_acquire_cred_sz 0 1998c2ecf20Sopenharmony_ci#define GSSX_ARG_store_cred_sz 0 2008c2ecf20Sopenharmony_ci#define GSSX_RES_store_cred_sz 0 2018c2ecf20Sopenharmony_ci#define GSSX_ARG_init_sec_context_sz 0 2028c2ecf20Sopenharmony_ci#define GSSX_RES_init_sec_context_sz 0 2038c2ecf20Sopenharmony_ci 2048c2ecf20Sopenharmony_ci#define GSSX_default_in_call_ctx_sz (4 + 4 + 4 + \ 2058c2ecf20Sopenharmony_ci 8 + sizeof(LUCID_OPTION) + sizeof(LUCID_VALUE) + \ 2068c2ecf20Sopenharmony_ci 8 + sizeof(CREDS_OPTION) + sizeof(CREDS_VALUE)) 2078c2ecf20Sopenharmony_ci#define GSSX_default_in_ctx_hndl_sz (4 + 4+8 + 4 + 4 + 6*4 + 6*4 + 8 + 8 + \ 2088c2ecf20Sopenharmony_ci 4 + 4 + 4) 2098c2ecf20Sopenharmony_ci#define GSSX_default_in_cred_sz 4 /* we send in no cred_handle */ 2108c2ecf20Sopenharmony_ci#define GSSX_default_in_token_sz 4 /* does *not* include token data */ 2118c2ecf20Sopenharmony_ci#define GSSX_default_in_cb_sz 4 /* we do not use channel bindings */ 2128c2ecf20Sopenharmony_ci#define GSSX_ARG_accept_sec_context_sz (GSSX_default_in_call_ctx_sz + \ 2138c2ecf20Sopenharmony_ci GSSX_default_in_ctx_hndl_sz + \ 2148c2ecf20Sopenharmony_ci GSSX_default_in_cred_sz + \ 2158c2ecf20Sopenharmony_ci GSSX_default_in_token_sz + \ 2168c2ecf20Sopenharmony_ci GSSX_default_in_cb_sz + \ 2178c2ecf20Sopenharmony_ci 4 /* no deleg creds boolean */ + \ 2188c2ecf20Sopenharmony_ci 4) /* empty options */ 2198c2ecf20Sopenharmony_ci 2208c2ecf20Sopenharmony_ci/* somewhat arbitrary numbers but large enough (we ignore some of the data 2218c2ecf20Sopenharmony_ci * sent down, but it is part of the protocol so we need enough space to take 2228c2ecf20Sopenharmony_ci * it in) */ 2238c2ecf20Sopenharmony_ci#define GSSX_default_status_sz 8 + 24 + 8 + 256 + 256 + 16 + 4 2248c2ecf20Sopenharmony_ci#define GSSX_max_output_handle_sz 128 2258c2ecf20Sopenharmony_ci#define GSSX_max_oid_sz 16 2268c2ecf20Sopenharmony_ci#define GSSX_max_princ_sz 256 2278c2ecf20Sopenharmony_ci#define GSSX_default_ctx_sz (GSSX_max_output_handle_sz + \ 2288c2ecf20Sopenharmony_ci 16 + 4 + GSSX_max_oid_sz + \ 2298c2ecf20Sopenharmony_ci 2 * GSSX_max_princ_sz + \ 2308c2ecf20Sopenharmony_ci 8 + 8 + 4 + 4 + 4) 2318c2ecf20Sopenharmony_ci#define GSSX_max_output_token_sz 1024 2328c2ecf20Sopenharmony_ci/* grouplist not included; we allocate separate pages for that: */ 2338c2ecf20Sopenharmony_ci#define GSSX_max_creds_sz (4 + 4 + 4 /* + NGROUPS_MAX*4 */) 2348c2ecf20Sopenharmony_ci#define GSSX_RES_accept_sec_context_sz (GSSX_default_status_sz + \ 2358c2ecf20Sopenharmony_ci GSSX_default_ctx_sz + \ 2368c2ecf20Sopenharmony_ci GSSX_max_output_token_sz + \ 2378c2ecf20Sopenharmony_ci 4 + GSSX_max_creds_sz) 2388c2ecf20Sopenharmony_ci 2398c2ecf20Sopenharmony_ci#define GSSX_ARG_release_handle_sz 0 2408c2ecf20Sopenharmony_ci#define GSSX_RES_release_handle_sz 0 2418c2ecf20Sopenharmony_ci#define GSSX_ARG_get_mic_sz 0 2428c2ecf20Sopenharmony_ci#define GSSX_RES_get_mic_sz 0 2438c2ecf20Sopenharmony_ci#define GSSX_ARG_verify_sz 0 2448c2ecf20Sopenharmony_ci#define GSSX_RES_verify_sz 0 2458c2ecf20Sopenharmony_ci#define GSSX_ARG_wrap_sz 0 2468c2ecf20Sopenharmony_ci#define GSSX_RES_wrap_sz 0 2478c2ecf20Sopenharmony_ci#define GSSX_ARG_unwrap_sz 0 2488c2ecf20Sopenharmony_ci#define GSSX_RES_unwrap_sz 0 2498c2ecf20Sopenharmony_ci#define GSSX_ARG_wrap_size_limit_sz 0 2508c2ecf20Sopenharmony_ci#define GSSX_RES_wrap_size_limit_sz 0 2518c2ecf20Sopenharmony_ci 2528c2ecf20Sopenharmony_ci#endif /* _LINUX_GSS_RPC_XDR_H */ 253