~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/include/linux/ceph/auth.h

Version: ~ [ linux-5.12-rc7 ] ~ [ linux-5.11.13 ] ~ [ linux-5.10.29 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.111 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.186 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.230 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.266 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.266 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.18.140 ] ~ [ linux-3.16.85 ] ~ [ linux-3.14.79 ] ~ [ linux-3.12.74 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 #ifndef _FS_CEPH_AUTH_H
  2 #define _FS_CEPH_AUTH_H
  3 
  4 #include <linux/ceph/types.h>
  5 #include <linux/ceph/buffer.h>
  6 
  7 /*
  8  * Abstract interface for communicating with the authenticate module.
  9  * There is some handshake that takes place between us and the monitor
 10  * to acquire the necessary keys.  These are used to generate an
 11  * 'authorizer' that we use when connecting to a service (mds, osd).
 12  */
 13 
 14 struct ceph_auth_client;
 15 struct ceph_msg;
 16 
 17 struct ceph_authorizer {
 18         void (*destroy)(struct ceph_authorizer *);
 19 };
 20 
 21 struct ceph_auth_handshake {
 22         struct ceph_authorizer *authorizer;
 23         void *authorizer_buf;
 24         size_t authorizer_buf_len;
 25         void *authorizer_reply_buf;
 26         size_t authorizer_reply_buf_len;
 27         int (*sign_message)(struct ceph_auth_handshake *auth,
 28                             struct ceph_msg *msg);
 29         int (*check_message_signature)(struct ceph_auth_handshake *auth,
 30                                        struct ceph_msg *msg);
 31 };
 32 
 33 struct ceph_auth_client_ops {
 34         const char *name;
 35 
 36         /*
 37          * true if we are authenticated and can connect to
 38          * services.
 39          */
 40         int (*is_authenticated)(struct ceph_auth_client *ac);
 41 
 42         /*
 43          * true if we should (re)authenticate, e.g., when our tickets
 44          * are getting old and crusty.
 45          */
 46         int (*should_authenticate)(struct ceph_auth_client *ac);
 47 
 48         /*
 49          * build requests and process replies during monitor
 50          * handshake.  if handle_reply returns -EAGAIN, we build
 51          * another request.
 52          */
 53         int (*build_request)(struct ceph_auth_client *ac, void *buf, void *end);
 54         int (*handle_reply)(struct ceph_auth_client *ac, int result,
 55                             void *buf, void *end);
 56 
 57         /*
 58          * Create authorizer for connecting to a service, and verify
 59          * the response to authenticate the service.
 60          */
 61         int (*create_authorizer)(struct ceph_auth_client *ac, int peer_type,
 62                                  struct ceph_auth_handshake *auth);
 63         /* ensure that an existing authorizer is up to date */
 64         int (*update_authorizer)(struct ceph_auth_client *ac, int peer_type,
 65                                  struct ceph_auth_handshake *auth);
 66         int (*verify_authorizer_reply)(struct ceph_auth_client *ac,
 67                                        struct ceph_authorizer *a, size_t len);
 68         void (*invalidate_authorizer)(struct ceph_auth_client *ac,
 69                                       int peer_type);
 70 
 71         /* reset when we (re)connect to a monitor */
 72         void (*reset)(struct ceph_auth_client *ac);
 73 
 74         void (*destroy)(struct ceph_auth_client *ac);
 75 
 76         int (*sign_message)(struct ceph_auth_handshake *auth,
 77                             struct ceph_msg *msg);
 78         int (*check_message_signature)(struct ceph_auth_handshake *auth,
 79                                        struct ceph_msg *msg);
 80 };
 81 
 82 struct ceph_auth_client {
 83         u32 protocol;           /* CEPH_AUTH_* */
 84         void *private;          /* for use by protocol implementation */
 85         const struct ceph_auth_client_ops *ops;  /* null iff protocol==0 */
 86 
 87         bool negotiating;       /* true if negotiating protocol */
 88         const char *name;       /* entity name */
 89         u64 global_id;          /* our unique id in system */
 90         const struct ceph_crypto_key *key;     /* our secret key */
 91         unsigned want_keys;     /* which services we want */
 92 
 93         struct mutex mutex;
 94 };
 95 
 96 extern struct ceph_auth_client *ceph_auth_init(const char *name,
 97                                                const struct ceph_crypto_key *key);
 98 extern void ceph_auth_destroy(struct ceph_auth_client *ac);
 99 
100 extern void ceph_auth_reset(struct ceph_auth_client *ac);
101 
102 extern int ceph_auth_build_hello(struct ceph_auth_client *ac,
103                                  void *buf, size_t len);
104 extern int ceph_handle_auth_reply(struct ceph_auth_client *ac,
105                                   void *buf, size_t len,
106                                   void *reply_buf, size_t reply_len);
107 extern int ceph_entity_name_encode(const char *name, void **p, void *end);
108 
109 extern int ceph_build_auth(struct ceph_auth_client *ac,
110                     void *msg_buf, size_t msg_len);
111 
112 extern int ceph_auth_is_authenticated(struct ceph_auth_client *ac);
113 extern int ceph_auth_create_authorizer(struct ceph_auth_client *ac,
114                                        int peer_type,
115                                        struct ceph_auth_handshake *auth);
116 void ceph_auth_destroy_authorizer(struct ceph_authorizer *a);
117 extern int ceph_auth_update_authorizer(struct ceph_auth_client *ac,
118                                        int peer_type,
119                                        struct ceph_auth_handshake *a);
120 extern int ceph_auth_verify_authorizer_reply(struct ceph_auth_client *ac,
121                                              struct ceph_authorizer *a,
122                                              size_t len);
123 extern void ceph_auth_invalidate_authorizer(struct ceph_auth_client *ac,
124                                             int peer_type);
125 
126 static inline int ceph_auth_sign_message(struct ceph_auth_handshake *auth,
127                                          struct ceph_msg *msg)
128 {
129         if (auth->sign_message)
130                 return auth->sign_message(auth, msg);
131         return 0;
132 }
133 
134 static inline
135 int ceph_auth_check_message_signature(struct ceph_auth_handshake *auth,
136                                       struct ceph_msg *msg)
137 {
138         if (auth->check_message_signature)
139                 return auth->check_message_signature(auth, msg);
140         return 0;
141 }
142 #endif
143 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp