~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/include/linux/ceph/auth.h

Version: ~ [ linux-5.13-rc1 ] ~ [ linux-5.12.2 ] ~ [ linux-5.11.19 ] ~ [ linux-5.10.35 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.117 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.190 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.232 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.268 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.268 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.18.140 ] ~ [ linux-3.16.85 ] ~ [ linux-3.14.79 ] ~ [ linux-3.12.74 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /* SPDX-License-Identifier: GPL-2.0 */
  2 #ifndef _FS_CEPH_AUTH_H
  3 #define _FS_CEPH_AUTH_H
  4 
  5 #include <linux/ceph/types.h>
  6 #include <linux/ceph/buffer.h>
  7 
  8 /*
  9  * Abstract interface for communicating with the authenticate module.
 10  * There is some handshake that takes place between us and the monitor
 11  * to acquire the necessary keys.  These are used to generate an
 12  * 'authorizer' that we use when connecting to a service (mds, osd).
 13  */
 14 
 15 struct ceph_auth_client;
 16 struct ceph_msg;
 17 
 18 struct ceph_authorizer {
 19         void (*destroy)(struct ceph_authorizer *);
 20 };
 21 
 22 struct ceph_auth_handshake {
 23         struct ceph_authorizer *authorizer;
 24         void *authorizer_buf;
 25         size_t authorizer_buf_len;
 26         void *authorizer_reply_buf;
 27         size_t authorizer_reply_buf_len;
 28         int (*sign_message)(struct ceph_auth_handshake *auth,
 29                             struct ceph_msg *msg);
 30         int (*check_message_signature)(struct ceph_auth_handshake *auth,
 31                                        struct ceph_msg *msg);
 32 };
 33 
 34 struct ceph_auth_client_ops {
 35         const char *name;
 36 
 37         /*
 38          * true if we are authenticated and can connect to
 39          * services.
 40          */
 41         int (*is_authenticated)(struct ceph_auth_client *ac);
 42 
 43         /*
 44          * true if we should (re)authenticate, e.g., when our tickets
 45          * are getting old and crusty.
 46          */
 47         int (*should_authenticate)(struct ceph_auth_client *ac);
 48 
 49         /*
 50          * build requests and process replies during monitor
 51          * handshake.  if handle_reply returns -EAGAIN, we build
 52          * another request.
 53          */
 54         int (*build_request)(struct ceph_auth_client *ac, void *buf, void *end);
 55         int (*handle_reply)(struct ceph_auth_client *ac, int result,
 56                             void *buf, void *end);
 57 
 58         /*
 59          * Create authorizer for connecting to a service, and verify
 60          * the response to authenticate the service.
 61          */
 62         int (*create_authorizer)(struct ceph_auth_client *ac, int peer_type,
 63                                  struct ceph_auth_handshake *auth);
 64         /* ensure that an existing authorizer is up to date */
 65         int (*update_authorizer)(struct ceph_auth_client *ac, int peer_type,
 66                                  struct ceph_auth_handshake *auth);
 67         int (*verify_authorizer_reply)(struct ceph_auth_client *ac,
 68                                        struct ceph_authorizer *a);
 69         void (*invalidate_authorizer)(struct ceph_auth_client *ac,
 70                                       int peer_type);
 71 
 72         /* reset when we (re)connect to a monitor */
 73         void (*reset)(struct ceph_auth_client *ac);
 74 
 75         void (*destroy)(struct ceph_auth_client *ac);
 76 
 77         int (*sign_message)(struct ceph_auth_handshake *auth,
 78                             struct ceph_msg *msg);
 79         int (*check_message_signature)(struct ceph_auth_handshake *auth,
 80                                        struct ceph_msg *msg);
 81 };
 82 
 83 struct ceph_auth_client {
 84         u32 protocol;           /* CEPH_AUTH_* */
 85         void *private;          /* for use by protocol implementation */
 86         const struct ceph_auth_client_ops *ops;  /* null iff protocol==0 */
 87 
 88         bool negotiating;       /* true if negotiating protocol */
 89         const char *name;       /* entity name */
 90         u64 global_id;          /* our unique id in system */
 91         const struct ceph_crypto_key *key;     /* our secret key */
 92         unsigned want_keys;     /* which services we want */
 93 
 94         struct mutex mutex;
 95 };
 96 
 97 extern struct ceph_auth_client *ceph_auth_init(const char *name,
 98                                                const struct ceph_crypto_key *key);
 99 extern void ceph_auth_destroy(struct ceph_auth_client *ac);
100 
101 extern void ceph_auth_reset(struct ceph_auth_client *ac);
102 
103 extern int ceph_auth_build_hello(struct ceph_auth_client *ac,
104                                  void *buf, size_t len);
105 extern int ceph_handle_auth_reply(struct ceph_auth_client *ac,
106                                   void *buf, size_t len,
107                                   void *reply_buf, size_t reply_len);
108 int ceph_auth_entity_name_encode(const char *name, void **p, void *end);
109 
110 extern int ceph_build_auth(struct ceph_auth_client *ac,
111                     void *msg_buf, size_t msg_len);
112 
113 extern int ceph_auth_is_authenticated(struct ceph_auth_client *ac);
114 extern int ceph_auth_create_authorizer(struct ceph_auth_client *ac,
115                                        int peer_type,
116                                        struct ceph_auth_handshake *auth);
117 void ceph_auth_destroy_authorizer(struct ceph_authorizer *a);
118 extern int ceph_auth_update_authorizer(struct ceph_auth_client *ac,
119                                        int peer_type,
120                                        struct ceph_auth_handshake *a);
121 extern int ceph_auth_verify_authorizer_reply(struct ceph_auth_client *ac,
122                                              struct ceph_authorizer *a);
123 extern void ceph_auth_invalidate_authorizer(struct ceph_auth_client *ac,
124                                             int peer_type);
125 
126 static inline int ceph_auth_sign_message(struct ceph_auth_handshake *auth,
127                                          struct ceph_msg *msg)
128 {
129         if (auth->sign_message)
130                 return auth->sign_message(auth, msg);
131         return 0;
132 }
133 
134 static inline
135 int ceph_auth_check_message_signature(struct ceph_auth_handshake *auth,
136                                       struct ceph_msg *msg)
137 {
138         if (auth->check_message_signature)
139                 return auth->check_message_signature(auth, msg);
140         return 0;
141 }
142 #endif
143 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp