X-Git-Url: https://git.whamcloud.com/?a=blobdiff_plain;f=lustre%2Finclude%2Flustre_sec.h;h=a6cf26405f82af981a7d45aa03a9c7eaa8090c75;hb=0844905a308d614c86b56df70c8f03e5d59ee286;hp=db2b55329244b68f3347860b7b31ab67417629fe;hpb=7571f2b4ef59d8ec42c320e08d346cd9c6447f4b;p=fs%2Flustre-release.git diff --git a/lustre/include/lustre_sec.h b/lustre/include/lustre_sec.h index db2b553..a6cf264 100644 --- a/lustre/include/lustre_sec.h +++ b/lustre/include/lustre_sec.h @@ -15,11 +15,7 @@ * * You should have received a copy of the GNU General Public License * version 2 along with this program; If not, see - * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf - * - * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, - * CA 95054 USA or visit www.sun.com if you need additional information or - * have any questions. + * http://www.gnu.org/licenses/gpl-2.0.html * * GPL HEADER END */ @@ -27,7 +23,7 @@ * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * - * Copyright (c) 2012, Intel Corporation. + * Copyright (c) 2012, 2016, Intel Corporation. */ /* * This file is part of Lustre, http://www.lustre.org/ @@ -54,6 +50,7 @@ struct brw_page; /* Linux specific */ struct key; struct seq_file; +struct lustre_cfg; /* * forward declaration @@ -181,6 +178,10 @@ enum sptlrpc_bulk_service { MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_KRB5, SPTLRPC_SVC_INTG) #define SPTLRPC_SUBFLVR_KRB5P \ MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_KRB5, SPTLRPC_SVC_PRIV) +#define SPTLRPC_SUBFLVR_SKN \ + MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_SK, SPTLRPC_SVC_NULL) +#define SPTLRPC_SUBFLVR_SKA \ + MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_SK, SPTLRPC_SVC_AUTH) #define SPTLRPC_SUBFLVR_SKI \ MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_SK, SPTLRPC_SVC_INTG) #define SPTLRPC_SUBFLVR_SKPI \ @@ -231,12 +232,24 @@ enum sptlrpc_bulk_service { SPTLRPC_SVC_PRIV, \ SPTLRPC_BULK_DEFAULT, \ SPTLRPC_BULK_SVC_PRIV) +#define SPTLRPC_FLVR_SKN \ + MAKE_FLVR(SPTLRPC_POLICY_GSS, \ + SPTLRPC_MECH_GSS_SK, \ + SPTLRPC_SVC_NULL, \ + SPTLRPC_BULK_DEFAULT, \ + SPTLRPC_BULK_SVC_NULL) +#define SPTLRPC_FLVR_SKA \ + MAKE_FLVR(SPTLRPC_POLICY_GSS, \ + SPTLRPC_MECH_GSS_SK, \ + SPTLRPC_SVC_AUTH, \ + SPTLRPC_BULK_DEFAULT, \ + SPTLRPC_BULK_SVC_NULL) #define SPTLRPC_FLVR_SKI \ MAKE_FLVR(SPTLRPC_POLICY_GSS, \ SPTLRPC_MECH_GSS_SK, \ SPTLRPC_SVC_INTG, \ SPTLRPC_BULK_DEFAULT, \ - SPTLRPC_BULK_SVC_PRIV) + SPTLRPC_BULK_SVC_INTG) #define SPTLRPC_FLVR_SKPI \ MAKE_FLVR(SPTLRPC_POLICY_GSS, \ SPTLRPC_MECH_GSS_SK, \ @@ -864,6 +877,20 @@ struct ptlrpc_sec { cfs_time_t ps_gc_next; /* in seconds */ }; +static inline int flvr_is_rootonly(__u32 flavor) +{ + return (SPTLRPC_FLVR_POLICY(flavor) == SPTLRPC_POLICY_GSS && + (SPTLRPC_FLVR_MECH(flavor) == SPTLRPC_MECH_GSS_NULL || + SPTLRPC_FLVR_MECH(flavor) == SPTLRPC_MECH_GSS_SK)); +} + +static inline int flvr_allows_user_desc(__u32 flavor) +{ + return (SPTLRPC_FLVR_POLICY(flavor) == SPTLRPC_POLICY_GSS && + (SPTLRPC_FLVR_MECH(flavor) == SPTLRPC_MECH_GSS_NULL || + SPTLRPC_FLVR_MECH(flavor) == SPTLRPC_MECH_GSS_SK)); +} + static inline int sec_is_reverse(struct ptlrpc_sec *sec) { return (sec->ps_flvr.sf_flags & PTLRPC_SEC_FL_REVERSE); @@ -1168,13 +1195,6 @@ int sptlrpc_unpack_user_desc(struct lustre_msg *req, int offset, int swabbed); #define CFS_CAP_CHOWN_MASK (1 << CFS_CAP_CHOWN) #define CFS_CAP_SYS_RESOURCE_MASK (1 << CFS_CAP_SYS_RESOURCE) -enum { - LUSTRE_SEC_NONE = 0, - LUSTRE_SEC_REMOTE = 1, - LUSTRE_SEC_SPECIFY = 2, - LUSTRE_SEC_ALL = 3 -}; - /** @} sptlrpc */ #endif /* _LUSTRE_SEC_H_ */