1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  *
26  * Copyright 2017 Nexenta Systems, Inc.  All rights reserved.
27  */
28 
29 /*
30  * Windows to Solaris Identity Mapping kernel API
31  * This header defines an API to map Windows SIDs to
32  * Solaris UID and GIDs and versa visa.
33  */
34 
35 #ifndef	_SYS_KIDMAP_H
36 #define	_SYS_KIDMAP_H
37 
38 #include <sys/idmap.h>
39 #include <sys/door.h>
40 #include <sys/zone.h>
41 
42 #ifdef	__cplusplus
43 extern "C" {
44 #endif
45 
46 /*
47  * The ifdef's for these two accomodate duplicate definitions in
48  * lib/libidmap/common/idmap.h (the real one).  In this code we
49  * simulate a kernel environment in user space using the real
50  * idmap library, so need to be able to use both headers.
51  */
52 
53 /* Return status */
54 #ifndef	_IDMAP_STAT_TYPE
55 #define	_IDMAP_STAT_TYPE
56 typedef int32_t	idmap_stat;
57 #endif	/* _IDMAP_STAT_TYPE */
58 
59 /* Opaque get handle */
60 #ifndef	_IDMAP_GET_HANDLE_T
61 #define	_IDMAP_GET_HANDLE_T
62 typedef struct idmap_get_handle idmap_get_handle_t;
63 #endif	/* _IDMAP_GET_HANDLE_T */
64 
65 /*
66  * In all the routines a Windows SID is handled as a
67  * string SID prefix plus a RID. For example
68  *
69  * S-1-5-5-12-34-568 will be passed as SID prefix
70  * S-1-5-5-12-34 and RID 568
71  *
72  * Certain routines returns pointers to a SID prefix string.
73  * These strings are stored internally and should not be modified
74  * or freed.
75  */
76 
77 
78 /*
79  * The following routines are simple get ID mapping routines.
80  */
81 
82 
83 idmap_stat
84 kidmap_getuidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid,
85 		uid_t *uid);
86 
87 idmap_stat
88 kidmap_getgidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid,
89 		gid_t *gid);
90 
91 idmap_stat
92 kidmap_getpidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid,
93 		uid_t *pid, int *is_user);
94 
95 idmap_stat
96 kidmap_getsidbyuid(zone_t *zone, uid_t uid, const char **sid_prefix,
97 		uint32_t *rid);
98 
99 idmap_stat
100 kidmap_getsidbygid(zone_t *zone, gid_t gid, const char **sid_prefix,
101 		uint32_t *rid);
102 
103 
104 
105 /*
106  * The following routines provide a batch interface for mapping IDs.
107  */
108 
109 /*
110  * Create a batch "get mapping" handle for batch mappings.
111  */
112 idmap_get_handle_t *
113 kidmap_get_create(zone_t *zone);
114 
115 /*
116  * These routines queue the request to the "get mapping" handle
117  */
118 
119 idmap_stat
120 kidmap_batch_getuidbysid(idmap_get_handle_t *get_handle,
121 		const char *sid_prefix, uint32_t rid,
122 		uid_t *uid, idmap_stat *stat);
123 
124 idmap_stat
125 kidmap_batch_getgidbysid(idmap_get_handle_t *get_handle,
126 		const char *sid_prefix, uint32_t rid,
127 		gid_t *gid, idmap_stat *stat);
128 
129 idmap_stat
130 kidmap_batch_getpidbysid(idmap_get_handle_t *get_handle,
131 		const char *sid_prefix, uint32_t rid,
132 		uid_t *pid, int *is_user, idmap_stat *stat);
133 
134 idmap_stat
135 kidmap_batch_getsidbyuid(idmap_get_handle_t *get_handle, uid_t uid,
136 		const char **sid_prefix, uint32_t *rid, idmap_stat *stat);
137 
138 idmap_stat
139 kidmap_batch_getsidbygid(idmap_get_handle_t *get_handle, gid_t gid,
140 		const char **sid_prefix, uint32_t *rid, idmap_stat *stat);
141 
142 /*
143  * Process the queued "get mapping" requests. The results (i.e.
144  * status and identity) will be available in the data areas
145  * provided by individual requests.
146  */
147 idmap_stat
148 kidmap_get_mappings(idmap_get_handle_t *get_handle);
149 
150 /*
151  * Destroy the "get mapping" handle
152  */
153 void
154 kidmap_get_destroy(idmap_get_handle_t *get_handle);
155 
156 #ifdef	_KERNEL
157 /*
158  * Functions that do the hard part of door registration/unregistration
159  * for the idmap_reg()/idmap_unreg() syscalls
160  */
161 int idmap_reg_dh(zone_t *zone, door_handle_t dh);
162 int idmap_unreg_dh(zone_t *zone, door_handle_t dh);
163 
164 /*
165  * Function needed by allocids() to ensure only the daemon that owns
166  * the door gets ephemeral IDS
167  */
168 door_handle_t idmap_get_door(zone_t *zone);
169 
170 /*
171  * Function used by system call allocids() to purge the
172  * ID mapping cache
173  */
174 void idmap_purge_cache(zone_t *zone);
175 
176 #endif	/* _KERNEL */
177 
178 
179 #ifdef	__cplusplus
180 }
181 #endif
182 
183 #endif	/* _SYS_KIDMAP_H */
184