1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ 27 /* All Rights Reserved */ 28 29 /* 30 * Portions of this source code were derived from Berkeley 4.3 BSD 31 * under license from the Regents of the University of California. 32 */ 33 34 #ifndef _SYS_CRED_H 35 #define _SYS_CRED_H 36 37 #include <sys/types.h> 38 39 #ifdef __cplusplus 40 extern "C" { 41 #endif 42 43 /* 44 * The credential is an opaque kernel private data structure defined in 45 * <sys/cred_impl.h>. 46 */ 47 48 typedef struct cred cred_t; 49 50 #ifdef _KERNEL 51 52 #define CRED() curthread->t_cred 53 54 struct proc; /* cred.h is included in proc.h */ 55 struct prcred; 56 struct ksid; 57 struct ksidlist; 58 struct credklpd; 59 struct credgrp; 60 61 struct auditinfo_addr; /* cred.h is included in audit.h */ 62 63 extern int ngroups_max; 64 /* 65 * kcred is used when you need all privileges. 66 */ 67 extern struct cred *kcred; 68 69 extern void cred_init(void); 70 extern void crhold(cred_t *); 71 extern void crfree(cred_t *); 72 extern cred_t *cralloc(void); /* all but ref uninitialized */ 73 extern cred_t *cralloc_ksid(void); /* cralloc() + ksid alloc'ed */ 74 extern cred_t *crget(void); /* initialized */ 75 extern cred_t *crcopy(cred_t *); 76 extern void crcopy_to(cred_t *, cred_t *); 77 extern cred_t *crdup(cred_t *); 78 extern void crdup_to(cred_t *, cred_t *); 79 extern cred_t *crgetcred(void); 80 extern void crset(struct proc *, cred_t *); 81 extern void crset_zone_privall(cred_t *); 82 extern int groupmember(gid_t, const cred_t *); 83 extern int supgroupmember(gid_t, const cred_t *); 84 extern int hasprocperm(const cred_t *, const cred_t *); 85 extern int prochasprocperm(struct proc *, struct proc *, const cred_t *); 86 extern int crcmp(const cred_t *, const cred_t *); 87 extern cred_t *zone_kcred(void); 88 89 extern uid_t crgetuid(const cred_t *); 90 extern uid_t crgetruid(const cred_t *); 91 extern uid_t crgetsuid(const cred_t *); 92 extern gid_t crgetgid(const cred_t *); 93 extern gid_t crgetrgid(const cred_t *); 94 extern gid_t crgetsgid(const cred_t *); 95 extern zoneid_t crgetzoneid(const cred_t *); 96 extern projid_t crgetprojid(const cred_t *); 97 98 extern cred_t *crgetmapped(const cred_t *); 99 100 101 extern const struct auditinfo_addr *crgetauinfo(const cred_t *); 102 extern struct auditinfo_addr *crgetauinfo_modifiable(cred_t *); 103 104 extern uint_t crgetref(const cred_t *); 105 106 extern const gid_t *crgetgroups(const cred_t *); 107 extern const gid_t *crgetggroups(const struct credgrp *); 108 109 extern int crgetngroups(const cred_t *); 110 111 /* 112 * Sets real, effective and/or saved uid/gid; 113 * -1 argument accepted as "no change". 114 */ 115 extern int crsetresuid(cred_t *, uid_t, uid_t, uid_t); 116 extern int crsetresgid(cred_t *, gid_t, gid_t, gid_t); 117 118 /* 119 * Sets real, effective and saved uids/gids all to the same 120 * values. Both values must be non-negative and <= MAXUID 121 */ 122 extern int crsetugid(cred_t *, uid_t, gid_t); 123 124 /* 125 * Functions to handle the supplemental group list. 126 */ 127 extern int crsetgroups(cred_t *, int, gid_t *); 128 extern struct credgrp *crgrpcopyin(int, gid_t *); 129 extern void crgrprele(struct credgrp *); 130 extern void crsetcredgrp(cred_t *, struct credgrp *); 131 132 /* 133 * Private interface for setting zone association of credential. 134 */ 135 struct zone; 136 extern void crsetzone(cred_t *, struct zone *); 137 extern struct zone *crgetzone(const cred_t *); 138 139 /* 140 * Private interface for setting project id in credential. 141 */ 142 extern void crsetprojid(cred_t *, projid_t); 143 144 /* 145 * Private interface for nfs. 146 */ 147 extern cred_t *crnetadjust(cred_t *); 148 149 /* 150 * Private interface for procfs. 151 */ 152 extern void cred2prcred(const cred_t *, struct prcred *); 153 154 /* 155 * Private interfaces for Rampart Trusted Solaris. 156 */ 157 struct ts_label_s; 158 extern struct ts_label_s *crgetlabel(const cred_t *); 159 extern boolean_t crisremote(const cred_t *); 160 161 /* 162 * Private interfaces for ephemeral uids. 163 */ 164 #define VALID_UID(id, zn) \ 165 ((id) <= MAXUID || valid_ephemeral_uid((zn), (id))) 166 167 #define VALID_GID(id, zn) \ 168 ((id) <= MAXUID || valid_ephemeral_gid((zn), (id))) 169 170 extern boolean_t valid_ephemeral_uid(struct zone *, uid_t); 171 extern boolean_t valid_ephemeral_gid(struct zone *, gid_t); 172 173 extern int eph_uid_alloc(struct zone *, int, uid_t *, int); 174 extern int eph_gid_alloc(struct zone *, int, gid_t *, int); 175 176 extern void crsetsid(cred_t *, struct ksid *, int); 177 extern void crsetsidlist(cred_t *, struct ksidlist *); 178 179 extern struct ksid *crgetsid(const cred_t *, int); 180 extern struct ksidlist *crgetsidlist(const cred_t *); 181 182 extern int crsetpriv(cred_t *, ...); 183 184 extern struct credklpd *crgetcrklpd(const cred_t *); 185 extern void crsetcrklpd(cred_t *, struct credklpd *); 186 187 #endif /* _KERNEL */ 188 189 #ifdef __cplusplus 190 } 191 #endif 192 193 #endif /* _SYS_CRED_H */ 194
Indexes created Sat Feb 28 05:31:39 UTC 2026