1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 *
26 * Copyright 2017 Nexenta Systems, Inc. All rights reserved.
27 */
28
29 /*
30 * Windows to Solaris Identity Mapping kernel API
31 * This header defines an API to map Windows SIDs to
32 * Solaris UID and GIDs and versa visa.
33 */
34
35 #ifndef _SYS_KIDMAP_H
36 #define _SYS_KIDMAP_H
37
38 #include <sys/idmap.h>
39 #include <sys/door.h>
40 #include <sys/zone.h>
41
42 #ifdef __cplusplus
43 extern "C" {
44 #endif
45
46 /*
47 * The ifdef's for these two accomodate duplicate definitions in
48 * lib/libidmap/common/idmap.h (the real one). In this code we
49 * simulate a kernel environment in user space using the real
50 * idmap library, so need to be able to use both headers.
51 */
52
53 /* Return status */
54 #ifndef _IDMAP_STAT_TYPE
55 #define _IDMAP_STAT_TYPE
56 typedef int32_t idmap_stat;
57 #endif /* _IDMAP_STAT_TYPE */
58
59 /* Opaque get handle */
60 #ifndef _IDMAP_GET_HANDLE_T
61 #define _IDMAP_GET_HANDLE_T
62 typedef struct idmap_get_handle idmap_get_handle_t;
63 #endif /* _IDMAP_GET_HANDLE_T */
64
65 /*
66 * In all the routines a Windows SID is handled as a
67 * string SID prefix plus a RID. For example
68 *
69 * S-1-5-5-12-34-568 will be passed as SID prefix
70 * S-1-5-5-12-34 and RID 568
71 *
72 * Certain routines returns pointers to a SID prefix string.
73 * These strings are stored internally and should not be modified
74 * or freed.
75 */
76
77
78 /*
79 * The following routines are simple get ID mapping routines.
80 */
81
82
83 idmap_stat
84 kidmap_getuidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid,
85 uid_t *uid);
86
87 idmap_stat
88 kidmap_getgidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid,
89 gid_t *gid);
90
91 idmap_stat
92 kidmap_getpidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid,
93 uid_t *pid, int *is_user);
94
95 idmap_stat
96 kidmap_getsidbyuid(zone_t *zone, uid_t uid, const char **sid_prefix,
97 uint32_t *rid);
98
99 idmap_stat
100 kidmap_getsidbygid(zone_t *zone, gid_t gid, const char **sid_prefix,
101 uint32_t *rid);
102
103
104
105 /*
106 * The following routines provide a batch interface for mapping IDs.
107 */
108
109 /*
110 * Create a batch "get mapping" handle for batch mappings.
111 */
112 idmap_get_handle_t *
113 kidmap_get_create(zone_t *zone);
114
115 /*
116 * These routines queue the request to the "get mapping" handle
117 */
118
119 idmap_stat
120 kidmap_batch_getuidbysid(idmap_get_handle_t *get_handle,
121 const char *sid_prefix, uint32_t rid,
122 uid_t *uid, idmap_stat *stat);
123
124 idmap_stat
125 kidmap_batch_getgidbysid(idmap_get_handle_t *get_handle,
126 const char *sid_prefix, uint32_t rid,
127 gid_t *gid, idmap_stat *stat);
128
129 idmap_stat
130 kidmap_batch_getpidbysid(idmap_get_handle_t *get_handle,
131 const char *sid_prefix, uint32_t rid,
132 uid_t *pid, int *is_user, idmap_stat *stat);
133
134 idmap_stat
135 kidmap_batch_getsidbyuid(idmap_get_handle_t *get_handle, uid_t uid,
136 const char **sid_prefix, uint32_t *rid, idmap_stat *stat);
137
138 idmap_stat
139 kidmap_batch_getsidbygid(idmap_get_handle_t *get_handle, gid_t gid,
140 const char **sid_prefix, uint32_t *rid, idmap_stat *stat);
141
142 /*
143 * Process the queued "get mapping" requests. The results (i.e.
144 * status and identity) will be available in the data areas
145 * provided by individual requests.
146 */
147 idmap_stat
148 kidmap_get_mappings(idmap_get_handle_t *get_handle);
149
150 /*
151 * Destroy the "get mapping" handle
152 */
153 void
154 kidmap_get_destroy(idmap_get_handle_t *get_handle);
155
156 #ifdef _KERNEL
157 /*
158 * Functions that do the hard part of door registration/unregistration
159 * for the idmap_reg()/idmap_unreg() syscalls
160 */
161 int idmap_reg_dh(zone_t *zone, door_handle_t dh);
162 int idmap_unreg_dh(zone_t *zone, door_handle_t dh);
163
164 /*
165 * Function needed by allocids() to ensure only the daemon that owns
166 * the door gets ephemeral IDS
167 */
168 door_handle_t idmap_get_door(zone_t *zone);
169
170 /*
171 * Function used by system call allocids() to purge the
172 * ID mapping cache
173 */
174 void idmap_purge_cache(zone_t *zone);
175
176 #endif /* _KERNEL */
177
178
179 #ifdef __cplusplus
180 }
181 #endif
182
183 #endif /* _SYS_KIDMAP_H */