1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3  * fs/sharefs/authentication.h
4  *
5  * Copyright (c) 2023 Huawei Device Co., Ltd.
6  */
7 #ifndef AUTHENTICATION_H
8 #define AUTHENTICATION_H
9 
10 #include "sharefs.h"
11 
12 #define OID_ROOT             	0
13 
14 #define SHAREFS_PERM_MASK     0x000F
15 
16 #define SHAREFS_PERM_FIX           0
17 #define SHAREFS_PERM_MNT           1
18 #define SHAREFS_PERM_DFS           2
19 #define SHAREFS_PERM_OTHER         3
20 
21 #define SHAREFS_READ_DIR  "r"
22 #define SHAREFS_READWRITE_DIR "rw"
23 
24 #define BASE_USER_RANGE     200000 /* offset for uid ranges for each user */
25 
26 
27 #define SHAREFS_DIR_TYPE_MASK	       0x00F0
28 #define SHAREFS_DIR_TYPE_READONLY      0x0010
29 #define SHAREFS_DIR_TYPE_READWRITE     0x0020
30 
31 #define SHAREFS_PERM_READONLY_DIR   00550
32 #define SHAREFS_PERM_READONLY_FILE  00440
33 #define SHAREFS_PERM_READWRITE_DIR  00550
34 #define SHAREFS_PERM_READWRITE_FILE 00660
35 
36 extern int get_bid_config(const char *bname);
37 extern int __init sharefs_init_configfs(void);
38 extern void sharefs_exit_configfs(void);
39 
40 void sharefs_root_inode_perm_init(struct inode *root_inode);
41 void fixup_perm_from_level(struct inode *dir, struct dentry *dentry);
42 #ifdef CONFIG_SHAREFS_SUPPORT_OVERRIDE
43 const struct cred *sharefs_override_file_fsids(struct inode *dir,
44 				 __u16 *_perm);
45 void sharefs_revert_fsids(const struct cred *old_cred);
46 #endif
47 
is_read_only_auth(__u16 perm)48 static inline bool is_read_only_auth(__u16 perm)
49 {
50 	return (perm & SHAREFS_DIR_TYPE_MASK) == SHAREFS_DIR_TYPE_READONLY;
51 }
52 
is_read_write_auth(__u16 perm)53 static inline bool is_read_write_auth(__u16 perm)
54 {
55 	return (perm & SHAREFS_DIR_TYPE_MASK) == SHAREFS_DIR_TYPE_READWRITE;
56 }
57 
sharefs_set_read_perm(struct inode *inode)58 static inline void sharefs_set_read_perm(struct inode *inode)
59 {
60 	if (S_ISDIR(inode->i_mode))
61 		inode->i_mode = (inode->i_mode & S_IFMT) | SHAREFS_PERM_READONLY_DIR;
62 	else
63 		inode->i_mode = (inode->i_mode & S_IFMT) | SHAREFS_PERM_READONLY_FILE;
64 }
65 
sharefs_set_read_write_perm(struct inode *inode)66 static inline void sharefs_set_read_write_perm(struct inode *inode)
67 {
68 	if (S_ISDIR(inode->i_mode))
69 		inode->i_mode = (inode->i_mode & S_IFMT) | SHAREFS_PERM_READWRITE_DIR;
70 	else
71 		inode->i_mode = (inode->i_mode & S_IFMT) | SHAREFS_PERM_READWRITE_FILE;
72 }
73 
get_bundle_uid(struct sharefs_sb_info *sbi, const char *bname)74 static inline int get_bundle_uid(struct sharefs_sb_info *sbi, const char *bname)
75 {
76 	return sbi->user_id * BASE_USER_RANGE + get_bid_config(bname);
77 }
78 
79 #endif //_AUTHENTICATION_H_