big-one New usr/src/common/smbclnt/smbfs

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 
  22 /*
  23  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  24  * Use is subject to license terms.
  25  *
  26  * Copyright 2017 Nexenta Systems, Inc.  All rights reserved.
  27  */
  28 
  29 #ifndef _SMBFS_NTACL_H
  30 #define _SMBFS_NTACL_H
  31 
  32 /*
  33  * Internal functions for dealing with
  34  * NT Security data structures.
  35  */
  36 
  37 #include <netsmb/mchain.h>
  38 
  39 /*
  40  * Internal form of an NT SID
  41  * Same as on the wire, but possibly byte-swapped.
  42  */
  43 typedef struct i_ntsid {
  44         uint8_t sid_revision;
  45         uint8_t sid_subauthcount;
  46         uint8_t sid_authority[6];
  47         uint32_t sid_subauthvec[1]; /* actually len=subauthcount */
  48 } i_ntsid_t;
  49 #define I_SID_SIZE(sacnt)       (8 + 4 * (sacnt))
  50 
  51 /*
  52  * Internal form of an NT ACE - first the header.
  53  * See MS SDK: ACE_HEADER  (For MS, it's the OtW form)
  54  * Note: ace_size here is the in-memoy size, not OtW.
  55  */
  56 typedef struct i_ntace_hdr {
  57         uint8_t         ace_type;
  58         uint8_t         ace_flags;
  59         uint16_t        ace_size;
  60 } i_ntace_hdr_t;
  61 
  62 /*
  63  * Simple ACE for types: ACCESS_ALLOWED through SYSTEM_ALARM
  64  * See MS SDK: ACCESS_ALLOWED_ACE, ACCESS_DENIED_ACE,
  65  * SYSTEM_AUDIT_ACE, SYSTEM_ALARM_ACE.
  66  *
  67  * The above are the only types that appear in a V2 ACL.
  68  * Note that in the Windows SDK, the SID is stored as
  69  * "flat" data after the ACE header.  This implementation
  70  * stores the SID as a pointer instead.
  71  */
  72 typedef struct i_ntace_v2 {
  73         i_ntace_hdr_t   ace_hdr;
  74         uint32_t        ace_rights; /* generic, standard, specific, etc */
  75         i_ntsid_t       *ace_sid;
  76 } i_ntace_v2_t;
  77 
  78 /*
  79  * A union for convenience of the conversion code.
  80  * There are lots more ACE types, ignored for now.
  81  */
  82 typedef union i_ntace_u {
  83         i_ntace_hdr_t   ace_hdr;
  84         i_ntace_v2_t    ace_v2;
  85 } i_ntace_t;
  86 
  87 /*
  88  * Internal form of an NT ACL (see sacl/dacl below)
  89  */
  90 typedef struct i_ntacl {
  91         uint8_t         acl_revision;   /* 0x02 observed with W2K */
  92         uint16_t        acl_acecount;
  93         i_ntace_t       *acl_acevec[1]; /* actually, len=acecount */
  94 } i_ntacl_t;
  95 
  96 /*
  97  * Internal form of an NT Security Descriptor (SD)
  98  */
  99 typedef struct i_ntsd {
 100         uint8_t         sd_revision;    /* 0x01 observed between W2K */
 101         uint8_t         sd_rmctl;       /* resource mgr control (MBZ) */
 102         uint16_t        sd_flags;
 103         i_ntsid_t       *sd_owner;
 104         i_ntsid_t       *sd_group;
 105         i_ntacl_t       *sd_sacl;
 106         i_ntacl_t       *sd_dacl;
 107 } i_ntsd_t;
 108 
 109 /*
 110  * Import a raw SD (mb chain) into "internal" form.
 111  * (like "absolute" form per. NT docs)
 112  * Returns allocated data in sdp
 113  */
 114 int md_get_ntsd(mdchain_t *mbp, i_ntsd_t **sdp);
 115 
 116 /*
 117  * Export an "internal" SD into an raw SD (mb chain).
 118  * (a.k.a "self-relative" form per. NT docs)
 119  * Returns allocated mbchain in mbp.
 120  */
 121 int mb_put_ntsd(mbchain_t *mbp, i_ntsd_t *sd);
 122 
 123 /*
 124  * Convert an internal SD to a ZFS-style ACL.
 125  * Get uid/gid too if pointers != NULL.
 126  */
 127 #if defined(_KERNEL) || defined(_FAKE_KERNEL)
 128 int smbfs_acl_sd2zfs(i_ntsd_t *, vsecattr_t *, uid_t *, gid_t *);
 129 #else /* _KERNEL */
 130 /* See also: lib/libsmbfs/netsmb/smbfs_acl.h */
 131 int smbfs_acl_sd2zfs(struct i_ntsd *, acl_t *, uid_t *, gid_t *);
 132 #endif /* _KERNEL */
 133 
 134 /*
 135  * Convert a ZFS-style ACL to an internal SD.
 136  * Set owner/group too if selector indicates.
 137  * Always need to pass uid+gid, either the new
 138  * (when setting them) or existing, so that any
 139  * owner@ or group@ ACEs can be translated.
 140  */
 141 #if defined(_KERNEL) || defined(_FAKE_KERNEL)
 142 int smbfs_acl_zfs2sd(vsecattr_t *, uid_t, gid_t, uint32_t, i_ntsd_t **);
 143 #else /* _KERNEL */
 144 /* See also: lib/libsmbfs/netsmb/smbfs_acl.h */
 145 int smbfs_acl_zfs2sd(acl_t *, uid_t, gid_t, uint32_t, struct i_ntsd **);
 146 #endif /* _KERNEL */
 147 
 148 /*
 149  * Free an i_ntsd_t from md_get_ntsd() or smbfs_acl_zfs2sd().
 150  * See also: lib/libsmbfs/netsmb/smbfs_acl.h
 151  */
 152 void smbfs_acl_free_sd(struct i_ntsd *);
 153 
 154 /*
 155  * Convert an NT SID to string format.
 156  */
 157 int smbfs_sid2str(i_ntsid_t *sid,
 158         char *obuf, size_t olen, uint32_t *ridp);
 159 
 160 #endif  /* _SMBFS_NTACL_H */