1*b819cea2SGordon Ross /*
2*b819cea2SGordon Ross  * CDDL HEADER START
3*b819cea2SGordon Ross  *
4*b819cea2SGordon Ross  * The contents of this file are subject to the terms of the
5*b819cea2SGordon Ross  * Common Development and Distribution License (the "License").
6*b819cea2SGordon Ross  * You may not use this file except in compliance with the License.
7*b819cea2SGordon Ross  *
8*b819cea2SGordon Ross  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*b819cea2SGordon Ross  * or http://www.opensolaris.org/os/licensing.
10*b819cea2SGordon Ross  * See the License for the specific language governing permissions
11*b819cea2SGordon Ross  * and limitations under the License.
12*b819cea2SGordon Ross  *
13*b819cea2SGordon Ross  * When distributing Covered Code, include this CDDL HEADER in each
14*b819cea2SGordon Ross  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*b819cea2SGordon Ross  * If applicable, add the following below this CDDL HEADER, with the
16*b819cea2SGordon Ross  * fields enclosed by brackets "[]" replaced with your own identifying
17*b819cea2SGordon Ross  * information: Portions Copyright [yyyy] [name of copyright owner]
18*b819cea2SGordon Ross  *
19*b819cea2SGordon Ross  * CDDL HEADER END
20*b819cea2SGordon Ross  */
21*b819cea2SGordon Ross 
22*b819cea2SGordon Ross /*
23*b819cea2SGordon Ross  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
24*b819cea2SGordon Ross  * Use is subject to license terms.
25*b819cea2SGordon Ross  *
26*b819cea2SGordon Ross  * Copyright 2013 Nexenta Systems, Inc.  All rights reserved.
27*b819cea2SGordon Ross  */
28*b819cea2SGordon Ross 
29*b819cea2SGordon Ross /*
30*b819cea2SGordon Ross  * Windows to Solaris Identity Mapping kernel API
31*b819cea2SGordon Ross  * This header defines an API to map Windows SIDs to
32*b819cea2SGordon Ross  * Solaris UID and GIDs and versa visa.
33*b819cea2SGordon Ross  */
34*b819cea2SGordon Ross 
35*b819cea2SGordon Ross #ifndef	_SYS_KIDMAP_H
36*b819cea2SGordon Ross #define	_SYS_KIDMAP_H
37*b819cea2SGordon Ross 
38*b819cea2SGordon Ross #include <sys/idmap.h>
39*b819cea2SGordon Ross #include <sys/door.h>
40*b819cea2SGordon Ross #include <sys/zone.h>
41*b819cea2SGordon Ross 
42*b819cea2SGordon Ross #ifdef	__cplusplus
43*b819cea2SGordon Ross extern "C" {
44*b819cea2SGordon Ross #endif
45*b819cea2SGordon Ross 
46*b819cea2SGordon Ross /*
47*b819cea2SGordon Ross  * The ifdef's for these two accomodate duplicate definitions in
48*b819cea2SGordon Ross  * lib/libidmap/common/idmap.h (the real one).  In this code we
49*b819cea2SGordon Ross  * simulate a kernel environment in user space using the real
50*b819cea2SGordon Ross  * idmap library, so need to be able to use both headers.
51*b819cea2SGordon Ross  */
52*b819cea2SGordon Ross 
53*b819cea2SGordon Ross /* Return status */
54*b819cea2SGordon Ross #ifndef	_IDMAP_STAT_TYPE
55*b819cea2SGordon Ross #define	_IDMAP_STAT_TYPE
56*b819cea2SGordon Ross typedef int32_t	idmap_stat;
57*b819cea2SGordon Ross #endif	/* _IDMAP_STAT_TYPE */
58*b819cea2SGordon Ross 
59*b819cea2SGordon Ross /* Opaque get handle */
60*b819cea2SGordon Ross #ifndef	_IDMAP_GET_HANDLE_T
61*b819cea2SGordon Ross #define	_IDMAP_GET_HANDLE_T
62*b819cea2SGordon Ross typedef struct idmap_get_handle idmap_get_handle_t;
63*b819cea2SGordon Ross #endif	/* _IDMAP_GET_HANDLE_T */
64*b819cea2SGordon Ross 
65*b819cea2SGordon Ross /*
66*b819cea2SGordon Ross  * In all the routines a Windows SID is handled as a
67*b819cea2SGordon Ross  * string SID prefix plus a RID. For example
68*b819cea2SGordon Ross  *
69*b819cea2SGordon Ross  * S-1-5-5-12-34-568 will be passed as SID prefix
70*b819cea2SGordon Ross  * S-1-5-5-12-34 and RID 568
71*b819cea2SGordon Ross  *
72*b819cea2SGordon Ross  * Certain routines returns pointers to a SID prefix string.
73*b819cea2SGordon Ross  * These strings are stored internally and should not be modified
74*b819cea2SGordon Ross  * or freed.
75*b819cea2SGordon Ross  */
76*b819cea2SGordon Ross 
77*b819cea2SGordon Ross 
78*b819cea2SGordon Ross /*
79*b819cea2SGordon Ross  * The following routines are simple get ID mapping routines.
80*b819cea2SGordon Ross  */
81*b819cea2SGordon Ross 
82*b819cea2SGordon Ross 
83*b819cea2SGordon Ross idmap_stat
84*b819cea2SGordon Ross kidmap_getuidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid,
85*b819cea2SGordon Ross 		uid_t *uid);
86*b819cea2SGordon Ross 
87*b819cea2SGordon Ross idmap_stat
88*b819cea2SGordon Ross kidmap_getgidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid,
89*b819cea2SGordon Ross 		gid_t *gid);
90*b819cea2SGordon Ross 
91*b819cea2SGordon Ross idmap_stat
92*b819cea2SGordon Ross kidmap_getpidbysid(zone_t *zone, const char *sid_prefix, uint32_t rid,
93*b819cea2SGordon Ross 		uid_t *pid, int *is_user);
94*b819cea2SGordon Ross 
95*b819cea2SGordon Ross idmap_stat
96*b819cea2SGordon Ross kidmap_getsidbyuid(zone_t *zone, uid_t uid, const char **sid_prefix,
97*b819cea2SGordon Ross 		uint32_t *rid);
98*b819cea2SGordon Ross 
99*b819cea2SGordon Ross idmap_stat
100*b819cea2SGordon Ross kidmap_getsidbygid(zone_t *zone, gid_t gid, const char **sid_prefix,
101*b819cea2SGordon Ross 		uint32_t *rid);
102*b819cea2SGordon Ross 
103*b819cea2SGordon Ross 
104*b819cea2SGordon Ross 
105*b819cea2SGordon Ross /*
106*b819cea2SGordon Ross  * The following routines provide a batch interface for mapping IDs.
107*b819cea2SGordon Ross  */
108*b819cea2SGordon Ross 
109*b819cea2SGordon Ross /*
110*b819cea2SGordon Ross  * Create a batch "get mapping" handle for batch mappings.
111*b819cea2SGordon Ross  */
112*b819cea2SGordon Ross idmap_get_handle_t *
113*b819cea2SGordon Ross kidmap_get_create(zone_t *zone);
114*b819cea2SGordon Ross 
115*b819cea2SGordon Ross /*
116*b819cea2SGordon Ross  * These routines queue the request to the "get mapping" handle
117*b819cea2SGordon Ross  */
118*b819cea2SGordon Ross 
119*b819cea2SGordon Ross idmap_stat
120*b819cea2SGordon Ross kidmap_batch_getuidbysid(idmap_get_handle_t *get_handle,
121*b819cea2SGordon Ross 		const char *sid_prefix, uint32_t rid,
122*b819cea2SGordon Ross 		uid_t *uid, idmap_stat *stat);
123*b819cea2SGordon Ross 
124*b819cea2SGordon Ross idmap_stat
125*b819cea2SGordon Ross kidmap_batch_getgidbysid(idmap_get_handle_t *get_handle,
126*b819cea2SGordon Ross 		const char *sid_prefix, uint32_t rid,
127*b819cea2SGordon Ross 		gid_t *gid, idmap_stat *stat);
128*b819cea2SGordon Ross 
129*b819cea2SGordon Ross idmap_stat
130*b819cea2SGordon Ross kidmap_batch_getpidbysid(idmap_get_handle_t *get_handle,
131*b819cea2SGordon Ross 		const char *sid_prefix, uint32_t rid,
132*b819cea2SGordon Ross 		uid_t *pid, int *is_user, idmap_stat *stat);
133*b819cea2SGordon Ross 
134*b819cea2SGordon Ross idmap_stat
135*b819cea2SGordon Ross kidmap_batch_getsidbyuid(idmap_get_handle_t *get_handle, uid_t uid,
136*b819cea2SGordon Ross 		const char **sid_prefix, uint32_t *rid, idmap_stat *stat);
137*b819cea2SGordon Ross 
138*b819cea2SGordon Ross idmap_stat
139*b819cea2SGordon Ross kidmap_batch_getsidbygid(idmap_get_handle_t *get_handle, gid_t gid,
140*b819cea2SGordon Ross 		const char **sid_prefix, uint32_t *rid, idmap_stat *stat);
141*b819cea2SGordon Ross 
142*b819cea2SGordon Ross /*
143*b819cea2SGordon Ross  * Process the queued "get mapping" requests. The results (i.e.
144*b819cea2SGordon Ross  * status and identity) will be available in the data areas
145*b819cea2SGordon Ross  * provided by individual requests.
146*b819cea2SGordon Ross  */
147*b819cea2SGordon Ross idmap_stat
148*b819cea2SGordon Ross kidmap_get_mappings(idmap_get_handle_t *get_handle);
149*b819cea2SGordon Ross 
150*b819cea2SGordon Ross /*
151*b819cea2SGordon Ross  * Destroy the "get mapping" handle
152*b819cea2SGordon Ross  */
153*b819cea2SGordon Ross void
154*b819cea2SGordon Ross kidmap_get_destroy(idmap_get_handle_t *get_handle);
155*b819cea2SGordon Ross 
156*b819cea2SGordon Ross #ifdef	_KERNEL
157*b819cea2SGordon Ross /*
158*b819cea2SGordon Ross  * Functions that do the hard part of door registration/unregistration
159*b819cea2SGordon Ross  * for the idmap_reg()/idmap_unreg() syscalls
160*b819cea2SGordon Ross  */
161*b819cea2SGordon Ross int idmap_reg_dh(zone_t *zone, door_handle_t dh);
162*b819cea2SGordon Ross int idmap_unreg_dh(zone_t *zone, door_handle_t dh);
163*b819cea2SGordon Ross 
164*b819cea2SGordon Ross /*
165*b819cea2SGordon Ross  * Function needed by allocids() to ensure only the daemon that owns
166*b819cea2SGordon Ross  * the door gets ephemeral IDS
167*b819cea2SGordon Ross  */
168*b819cea2SGordon Ross door_handle_t idmap_get_door(zone_t *zone);
169*b819cea2SGordon Ross 
170*b819cea2SGordon Ross /*
171*b819cea2SGordon Ross  * Function used by system call allocids() to purge the
172*b819cea2SGordon Ross  * ID mapping cache
173*b819cea2SGordon Ross  */
174*b819cea2SGordon Ross void idmap_purge_cache(zone_t *zone);
175*b819cea2SGordon Ross 
176*b819cea2SGordon Ross #endif	/* _KERNEL */
177*b819cea2SGordon Ross 
178*b819cea2SGordon Ross 
179*b819cea2SGordon Ross #ifdef	__cplusplus
180*b819cea2SGordon Ross }
181*b819cea2SGordon Ross #endif
182*b819cea2SGordon Ross 
183*b819cea2SGordon Ross #endif	/* _SYS_KIDMAP_H */