~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/include/linux/ceph/auth.h

Version: ~ [ linux-5.13-rc1 ] ~ [ linux-5.12.2 ] ~ [ linux-5.11.19 ] ~ [ linux-5.10.35 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.117 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.190 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.232 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.268 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.268 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.18.140 ] ~ [ linux-3.16.85 ] ~ [ linux-3.14.79 ] ~ [ linux-3.12.74 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 #ifndef _FS_CEPH_AUTH_H
  2 #define _FS_CEPH_AUTH_H
  3 
  4 #include <linux/ceph/types.h>
  5 #include <linux/ceph/buffer.h>
  6 
  7 /*
  8  * Abstract interface for communicating with the authenticate module.
  9  * There is some handshake that takes place between us and the monitor
 10  * to acquire the necessary keys.  These are used to generate an
 11  * 'authorizer' that we use when connecting to a service (mds, osd).
 12  */
 13 
 14 struct ceph_auth_client;
 15 struct ceph_authorizer;
 16 struct ceph_msg;
 17 
 18 struct ceph_auth_handshake {
 19         struct ceph_authorizer *authorizer;
 20         void *authorizer_buf;
 21         size_t authorizer_buf_len;
 22         void *authorizer_reply_buf;
 23         size_t authorizer_reply_buf_len;
 24         int (*sign_message)(struct ceph_auth_handshake *auth,
 25                             struct ceph_msg *msg);
 26         int (*check_message_signature)(struct ceph_auth_handshake *auth,
 27                                        struct ceph_msg *msg);
 28 };
 29 
 30 struct ceph_auth_client_ops {
 31         const char *name;
 32 
 33         /*
 34          * true if we are authenticated and can connect to
 35          * services.
 36          */
 37         int (*is_authenticated)(struct ceph_auth_client *ac);
 38 
 39         /*
 40          * true if we should (re)authenticate, e.g., when our tickets
 41          * are getting old and crusty.
 42          */
 43         int (*should_authenticate)(struct ceph_auth_client *ac);
 44 
 45         /*
 46          * build requests and process replies during monitor
 47          * handshake.  if handle_reply returns -EAGAIN, we build
 48          * another request.
 49          */
 50         int (*build_request)(struct ceph_auth_client *ac, void *buf, void *end);
 51         int (*handle_reply)(struct ceph_auth_client *ac, int result,
 52                             void *buf, void *end);
 53 
 54         /*
 55          * Create authorizer for connecting to a service, and verify
 56          * the response to authenticate the service.
 57          */
 58         int (*create_authorizer)(struct ceph_auth_client *ac, int peer_type,
 59                                  struct ceph_auth_handshake *auth);
 60         /* ensure that an existing authorizer is up to date */
 61         int (*update_authorizer)(struct ceph_auth_client *ac, int peer_type,
 62                                  struct ceph_auth_handshake *auth);
 63         int (*verify_authorizer_reply)(struct ceph_auth_client *ac,
 64                                        struct ceph_authorizer *a, size_t len);
 65         void (*destroy_authorizer)(struct ceph_auth_client *ac,
 66                                    struct ceph_authorizer *a);
 67         void (*invalidate_authorizer)(struct ceph_auth_client *ac,
 68                                       int peer_type);
 69 
 70         /* reset when we (re)connect to a monitor */
 71         void (*reset)(struct ceph_auth_client *ac);
 72 
 73         void (*destroy)(struct ceph_auth_client *ac);
 74 
 75         int (*sign_message)(struct ceph_auth_handshake *auth,
 76                             struct ceph_msg *msg);
 77         int (*check_message_signature)(struct ceph_auth_handshake *auth,
 78                                        struct ceph_msg *msg);
 79 };
 80 
 81 struct ceph_auth_client {
 82         u32 protocol;           /* CEPH_AUTH_* */
 83         void *private;          /* for use by protocol implementation */
 84         const struct ceph_auth_client_ops *ops;  /* null iff protocol==0 */
 85 
 86         bool negotiating;       /* true if negotiating protocol */
 87         const char *name;       /* entity name */
 88         u64 global_id;          /* our unique id in system */
 89         const struct ceph_crypto_key *key;     /* our secret key */
 90         unsigned want_keys;     /* which services we want */
 91 
 92         struct mutex mutex;
 93 };
 94 
 95 extern struct ceph_auth_client *ceph_auth_init(const char *name,
 96                                                const struct ceph_crypto_key *key);
 97 extern void ceph_auth_destroy(struct ceph_auth_client *ac);
 98 
 99 extern void ceph_auth_reset(struct ceph_auth_client *ac);
100 
101 extern int ceph_auth_build_hello(struct ceph_auth_client *ac,
102                                  void *buf, size_t len);
103 extern int ceph_handle_auth_reply(struct ceph_auth_client *ac,
104                                   void *buf, size_t len,
105                                   void *reply_buf, size_t reply_len);
106 extern int ceph_entity_name_encode(const char *name, void **p, void *end);
107 
108 extern int ceph_build_auth(struct ceph_auth_client *ac,
109                     void *msg_buf, size_t msg_len);
110 
111 extern int ceph_auth_is_authenticated(struct ceph_auth_client *ac);
112 extern int ceph_auth_create_authorizer(struct ceph_auth_client *ac,
113                                        int peer_type,
114                                        struct ceph_auth_handshake *auth);
115 extern void ceph_auth_destroy_authorizer(struct ceph_auth_client *ac,
116                                          struct ceph_authorizer *a);
117 extern int ceph_auth_update_authorizer(struct ceph_auth_client *ac,
118                                        int peer_type,
119                                        struct ceph_auth_handshake *a);
120 extern int ceph_auth_verify_authorizer_reply(struct ceph_auth_client *ac,
121                                              struct ceph_authorizer *a,
122                                              size_t len);
123 extern void ceph_auth_invalidate_authorizer(struct ceph_auth_client *ac,
124                                             int peer_type);
125 
126 static inline int ceph_auth_sign_message(struct ceph_auth_handshake *auth,
127                                          struct ceph_msg *msg)
128 {
129         if (auth->sign_message)
130                 return auth->sign_message(auth, msg);
131         return 0;
132 }
133 
134 static inline
135 int ceph_auth_check_message_signature(struct ceph_auth_handshake *auth,
136                                       struct ceph_msg *msg)
137 {
138         if (auth->check_message_signature)
139                 return auth->check_message_signature(auth, msg);
140         return 0;
141 }
142 #endif
143 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp