1*b819cea2SGordon Ross /* 2*b819cea2SGordon Ross * CDDL HEADER START 3*b819cea2SGordon Ross * 4*b819cea2SGordon Ross * The contents of this file are subject to the terms of the 5*b819cea2SGordon Ross * Common Development and Distribution License (the "License"). 6*b819cea2SGordon Ross * You may not use this file except in compliance with the License. 7*b819cea2SGordon Ross * 8*b819cea2SGordon Ross * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9*b819cea2SGordon Ross * or http://www.opensolaris.org/os/licensing. 10*b819cea2SGordon Ross * See the License for the specific language governing permissions 11*b819cea2SGordon Ross * and limitations under the License. 12*b819cea2SGordon Ross * 13*b819cea2SGordon Ross * When distributing Covered Code, include this CDDL HEADER in each 14*b819cea2SGordon Ross * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15*b819cea2SGordon Ross * If applicable, add the following below this CDDL HEADER, with the 16*b819cea2SGordon Ross * fields enclosed by brackets "[]" replaced with your own identifying 17*b819cea2SGordon Ross * information: Portions Copyright [yyyy] [name of copyright owner] 18*b819cea2SGordon Ross * 19*b819cea2SGordon Ross * CDDL HEADER END 20*b819cea2SGordon Ross */ 21*b819cea2SGordon Ross 22*b819cea2SGordon Ross /* 23*b819cea2SGordon Ross * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 24*b819cea2SGordon Ross * Use is subject to license terms. 25*b819cea2SGordon Ross * 26*b819cea2SGordon Ross * Copyright 2013 Nexenta Systems, Inc. All rights reserved. 27*b819cea2SGordon Ross */ 28*b819cea2SGordon Ross 29*b819cea2SGordon Ross /* 30*b819cea2SGordon Ross * Windows to Solaris Identity Mapping kernel API 31*b819cea2SGordon Ross * This header defines an API to map Windows SIDs to 32*b819cea2SGordon Ross * Solaris UID and GIDs and versa visa. 33*b819cea2SGordon Ross */ 34*b819cea2SGordon Ross 35*b819cea2SGordon Ross #ifndef _SYS_KIDMAP_H 36*b819cea2SGordon Ross #define _SYS_KIDMAP_H 37*b819cea2SGordon Ross 38*b819cea2SGordon Ross #include <sys/idmap.h> 39*b819cea2SGordon Ross #include <sys/door.h> 40*b819cea2SGordon Ross #include <sys/zone.h> 41*b819cea2SGordon Ross 42*b819cea2SGordon Ross #ifdef __cplusplus 43*b819cea2SGordon Ross extern "C" { 44*b819cea2SGordon Ross #endif 45*b819cea2SGordon Ross 46*b819cea2SGordon Ross /* 47*b819cea2SGordon Ross * The ifdef's for these two accomodate duplicate definitions in 48*b819cea2SGordon Ross * lib/libidmap/common/idmap.h (the real one). In this code we 49*b819cea2SGordon Ross * simulate a kernel environment in user space using the real 50*b819cea2SGordon Ross * idmap library, so need to be able to use both headers. 51*b819cea2SGordon Ross */ 52*b819cea2SGordon Ross 53*b819cea2SGordon Ross /* Return status */ 54*b819cea2SGordon Ross #ifndef _IDMAP_STAT_TYPE 55*b819cea2SGordon Ross #define _IDMAP_STAT_TYPE 56*b819cea2SGordon Ross typedef int32_t idmap_stat; 57*b819cea2SGordon Ross #endif /* _IDMAP_STAT_TYPE */ 58*b819cea2SGordon Ross 59*b819cea2SGordon Ross /* Opaque get handle */ 60*b819cea2SGordon Ross #ifndef _IDMAP_GET_HANDLE_T 61*b819cea2SGordon Ross #define _IDMAP_GET_HANDLE_T 62*b819cea2SGordon Ross typedef struct idmap_get_handle idmap_get_handle_t; 63*b819cea2SGordon Ross #endif /* _IDMAP_GET_HANDLE_T */ 64*b819cea2SGordon Ross 65*b819cea2SGordon Ross /* 66*b819cea2SGordon Ross * In all the routines a Windows SID is handled as a 67*b819cea2SGordon Ross * string SID prefix plus a RID. For example 68*b819cea2SGordon Ross * 69*b819cea2SGordon Ross * S-1-5-5-12-34-568 will be passed as SID prefix 70*b819cea2SGordon Ross * S-1-5-5-12-34 and RID 568 71*b819cea2SGordon Ross * 72*b819cea2SGordon Ross * Certain routines returns pointers to a SID prefix string. 73*b819cea2SGordon Ross * These strings are stored internally and should not be modified 74*b819cea2SGordon Ross * or freed. 75*b819cea2SGordon Ross */ 76*b819cea2SGordon Ross 77*b819cea2SGordon Ross 78*b819cea2SGordon Ross /* 79*b819cea2SGordon Ross * The following routines are simple get ID mapping routines. 80*b819cea2SGordon Ross */ 81*b819cea2SGordon Ross 82*b819cea2SGordon Ross 83*b819cea2SGordon Ross idmap_stat 84*b819cea2SGordon Ross kidmap_getuidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid, 85*b819cea2SGordon Ross uid_t *uid); 86*b819cea2SGordon Ross 87*b819cea2SGordon Ross idmap_stat 88*b819cea2SGordon Ross kidmap_getgidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid, 89*b819cea2SGordon Ross gid_t *gid); 90*b819cea2SGordon Ross 91*b819cea2SGordon Ross idmap_stat 92*b819cea2SGordon Ross kidmap_getpidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid, 93*b819cea2SGordon Ross uid_t *pid, int *is_user); 94*b819cea2SGordon Ross 95*b819cea2SGordon Ross idmap_stat 96*b819cea2SGordon Ross kidmap_getsidbyuid(zone_t *zone, uid_t uid, const char **sid_prefix, 97*b819cea2SGordon Ross uint32_t *rid); 98*b819cea2SGordon Ross 99*b819cea2SGordon Ross idmap_stat 100*b819cea2SGordon Ross kidmap_getsidbygid(zone_t *zone, gid_t gid, const char **sid_prefix, 101*b819cea2SGordon Ross uint32_t *rid); 102*b819cea2SGordon Ross 103*b819cea2SGordon Ross 104*b819cea2SGordon Ross 105*b819cea2SGordon Ross /* 106*b819cea2SGordon Ross * The following routines provide a batch interface for mapping IDs. 107*b819cea2SGordon Ross */ 108*b819cea2SGordon Ross 109*b819cea2SGordon Ross /* 110*b819cea2SGordon Ross * Create a batch "get mapping" handle for batch mappings. 111*b819cea2SGordon Ross */ 112*b819cea2SGordon Ross idmap_get_handle_t * 113*b819cea2SGordon Ross kidmap_get_create(zone_t *zone); 114*b819cea2SGordon Ross 115*b819cea2SGordon Ross /* 116*b819cea2SGordon Ross * These routines queue the request to the "get mapping" handle 117*b819cea2SGordon Ross */ 118*b819cea2SGordon Ross 119*b819cea2SGordon Ross idmap_stat 120*b819cea2SGordon Ross kidmap_batch_getuidbysid(idmap_get_handle_t *get_handle, 121*b819cea2SGordon Ross const char *sid_prefix, uint32_t rid, 122*b819cea2SGordon Ross uid_t *uid, idmap_stat *stat); 123*b819cea2SGordon Ross 124*b819cea2SGordon Ross idmap_stat 125*b819cea2SGordon Ross kidmap_batch_getgidbysid(idmap_get_handle_t *get_handle, 126*b819cea2SGordon Ross const char *sid_prefix, uint32_t rid, 127*b819cea2SGordon Ross gid_t *gid, idmap_stat *stat); 128*b819cea2SGordon Ross 129*b819cea2SGordon Ross idmap_stat 130*b819cea2SGordon Ross kidmap_batch_getpidbysid(idmap_get_handle_t *get_handle, 131*b819cea2SGordon Ross const char *sid_prefix, uint32_t rid, 132*b819cea2SGordon Ross uid_t *pid, int *is_user, idmap_stat *stat); 133*b819cea2SGordon Ross 134*b819cea2SGordon Ross idmap_stat 135*b819cea2SGordon Ross kidmap_batch_getsidbyuid(idmap_get_handle_t *get_handle, uid_t uid, 136*b819cea2SGordon Ross const char **sid_prefix, uint32_t *rid, idmap_stat *stat); 137*b819cea2SGordon Ross 138*b819cea2SGordon Ross idmap_stat 139*b819cea2SGordon Ross kidmap_batch_getsidbygid(idmap_get_handle_t *get_handle, gid_t gid, 140*b819cea2SGordon Ross const char **sid_prefix, uint32_t *rid, idmap_stat *stat); 141*b819cea2SGordon Ross 142*b819cea2SGordon Ross /* 143*b819cea2SGordon Ross * Process the queued "get mapping" requests. The results (i.e. 144*b819cea2SGordon Ross * status and identity) will be available in the data areas 145*b819cea2SGordon Ross * provided by individual requests. 146*b819cea2SGordon Ross */ 147*b819cea2SGordon Ross idmap_stat 148*b819cea2SGordon Ross kidmap_get_mappings(idmap_get_handle_t *get_handle); 149*b819cea2SGordon Ross 150*b819cea2SGordon Ross /* 151*b819cea2SGordon Ross * Destroy the "get mapping" handle 152*b819cea2SGordon Ross */ 153*b819cea2SGordon Ross void 154*b819cea2SGordon Ross kidmap_get_destroy(idmap_get_handle_t *get_handle); 155*b819cea2SGordon Ross 156*b819cea2SGordon Ross #ifdef _KERNEL 157*b819cea2SGordon Ross /* 158*b819cea2SGordon Ross * Functions that do the hard part of door registration/unregistration 159*b819cea2SGordon Ross * for the idmap_reg()/idmap_unreg() syscalls 160*b819cea2SGordon Ross */ 161*b819cea2SGordon Ross int idmap_reg_dh(zone_t *zone, door_handle_t dh); 162*b819cea2SGordon Ross int idmap_unreg_dh(zone_t *zone, door_handle_t dh); 163*b819cea2SGordon Ross 164*b819cea2SGordon Ross /* 165*b819cea2SGordon Ross * Function needed by allocids() to ensure only the daemon that owns 166*b819cea2SGordon Ross * the door gets ephemeral IDS 167*b819cea2SGordon Ross */ 168*b819cea2SGordon Ross door_handle_t idmap_get_door(zone_t *zone); 169*b819cea2SGordon Ross 170*b819cea2SGordon Ross /* 171*b819cea2SGordon Ross * Function used by system call allocids() to purge the 172*b819cea2SGordon Ross * ID mapping cache 173*b819cea2SGordon Ross */ 174*b819cea2SGordon Ross void idmap_purge_cache(zone_t *zone); 175*b819cea2SGordon Ross 176*b819cea2SGordon Ross #endif /* _KERNEL */ 177*b819cea2SGordon Ross 178*b819cea2SGordon Ross 179*b819cea2SGordon Ross #ifdef __cplusplus 180*b819cea2SGordon Ross } 181*b819cea2SGordon Ross #endif 182*b819cea2SGordon Ross 183*b819cea2SGordon Ross #endif /* _SYS_KIDMAP_H */ 184