~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/include/linux/ceph/auth.h

Version: ~ [ linux-5.13-rc1 ] ~ [ linux-5.12.2 ] ~ [ linux-5.11.19 ] ~ [ linux-5.10.35 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.117 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.190 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.232 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.268 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.268 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.18.140 ] ~ [ linux-3.16.85 ] ~ [ linux-3.14.79 ] ~ [ linux-3.12.74 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /* SPDX-License-Identifier: GPL-2.0 */
  2 #ifndef _FS_CEPH_AUTH_H
  3 #define _FS_CEPH_AUTH_H
  4 
  5 #include <linux/ceph/types.h>
  6 #include <linux/ceph/buffer.h>
  7 
  8 /*
  9  * Abstract interface for communicating with the authenticate module.
 10  * There is some handshake that takes place between us and the monitor
 11  * to acquire the necessary keys.  These are used to generate an
 12  * 'authorizer' that we use when connecting to a service (mds, osd).
 13  */
 14 
 15 struct ceph_auth_client;
 16 struct ceph_msg;
 17 
 18 struct ceph_authorizer {
 19         void (*destroy)(struct ceph_authorizer *);
 20 };
 21 
 22 struct ceph_auth_handshake {
 23         struct ceph_authorizer *authorizer;
 24         void *authorizer_buf;
 25         size_t authorizer_buf_len;
 26         void *authorizer_reply_buf;
 27         size_t authorizer_reply_buf_len;
 28         int (*sign_message)(struct ceph_auth_handshake *auth,
 29                             struct ceph_msg *msg);
 30         int (*check_message_signature)(struct ceph_auth_handshake *auth,
 31                                        struct ceph_msg *msg);
 32 };
 33 
 34 struct ceph_auth_client_ops {
 35         const char *name;
 36 
 37         /*
 38          * true if we are authenticated and can connect to
 39          * services.
 40          */
 41         int (*is_authenticated)(struct ceph_auth_client *ac);
 42 
 43         /*
 44          * true if we should (re)authenticate, e.g., when our tickets
 45          * are getting old and crusty.
 46          */
 47         int (*should_authenticate)(struct ceph_auth_client *ac);
 48 
 49         /*
 50          * build requests and process replies during monitor
 51          * handshake.  if handle_reply returns -EAGAIN, we build
 52          * another request.
 53          */
 54         int (*build_request)(struct ceph_auth_client *ac, void *buf, void *end);
 55         int (*handle_reply)(struct ceph_auth_client *ac, int result,
 56                             void *buf, void *end);
 57 
 58         /*
 59          * Create authorizer for connecting to a service, and verify
 60          * the response to authenticate the service.
 61          */
 62         int (*create_authorizer)(struct ceph_auth_client *ac, int peer_type,
 63                                  struct ceph_auth_handshake *auth);
 64         /* ensure that an existing authorizer is up to date */
 65         int (*update_authorizer)(struct ceph_auth_client *ac, int peer_type,
 66                                  struct ceph_auth_handshake *auth);
 67         int (*add_authorizer_challenge)(struct ceph_auth_client *ac,
 68                                         struct ceph_authorizer *a,
 69                                         void *challenge_buf,
 70                                         int challenge_buf_len);
 71         int (*verify_authorizer_reply)(struct ceph_auth_client *ac,
 72                                        struct ceph_authorizer *a);
 73         void (*invalidate_authorizer)(struct ceph_auth_client *ac,
 74                                       int peer_type);
 75 
 76         /* reset when we (re)connect to a monitor */
 77         void (*reset)(struct ceph_auth_client *ac);
 78 
 79         void (*destroy)(struct ceph_auth_client *ac);
 80 
 81         int (*sign_message)(struct ceph_auth_handshake *auth,
 82                             struct ceph_msg *msg);
 83         int (*check_message_signature)(struct ceph_auth_handshake *auth,
 84                                        struct ceph_msg *msg);
 85 };
 86 
 87 struct ceph_auth_client {
 88         u32 protocol;           /* CEPH_AUTH_* */
 89         void *private;          /* for use by protocol implementation */
 90         const struct ceph_auth_client_ops *ops;  /* null iff protocol==0 */
 91 
 92         bool negotiating;       /* true if negotiating protocol */
 93         const char *name;       /* entity name */
 94         u64 global_id;          /* our unique id in system */
 95         const struct ceph_crypto_key *key;     /* our secret key */
 96         unsigned want_keys;     /* which services we want */
 97 
 98         struct mutex mutex;
 99 };
100 
101 extern struct ceph_auth_client *ceph_auth_init(const char *name,
102                                                const struct ceph_crypto_key *key);
103 extern void ceph_auth_destroy(struct ceph_auth_client *ac);
104 
105 extern void ceph_auth_reset(struct ceph_auth_client *ac);
106 
107 extern int ceph_auth_build_hello(struct ceph_auth_client *ac,
108                                  void *buf, size_t len);
109 extern int ceph_handle_auth_reply(struct ceph_auth_client *ac,
110                                   void *buf, size_t len,
111                                   void *reply_buf, size_t reply_len);
112 int ceph_auth_entity_name_encode(const char *name, void **p, void *end);
113 
114 extern int ceph_build_auth(struct ceph_auth_client *ac,
115                     void *msg_buf, size_t msg_len);
116 
117 extern int ceph_auth_is_authenticated(struct ceph_auth_client *ac);
118 extern int ceph_auth_create_authorizer(struct ceph_auth_client *ac,
119                                        int peer_type,
120                                        struct ceph_auth_handshake *auth);
121 void ceph_auth_destroy_authorizer(struct ceph_authorizer *a);
122 extern int ceph_auth_update_authorizer(struct ceph_auth_client *ac,
123                                        int peer_type,
124                                        struct ceph_auth_handshake *a);
125 int ceph_auth_add_authorizer_challenge(struct ceph_auth_client *ac,
126                                        struct ceph_authorizer *a,
127                                        void *challenge_buf,
128                                        int challenge_buf_len);
129 extern int ceph_auth_verify_authorizer_reply(struct ceph_auth_client *ac,
130                                              struct ceph_authorizer *a);
131 extern void ceph_auth_invalidate_authorizer(struct ceph_auth_client *ac,
132                                             int peer_type);
133 
134 static inline int ceph_auth_sign_message(struct ceph_auth_handshake *auth,
135                                          struct ceph_msg *msg)
136 {
137         if (auth->sign_message)
138                 return auth->sign_message(auth, msg);
139         return 0;
140 }
141 
142 static inline
143 int ceph_auth_check_message_signature(struct ceph_auth_handshake *auth,
144                                       struct ceph_msg *msg)
145 {
146         if (auth->check_message_signature)
147                 return auth->check_message_signature(auth, msg);
148         return 0;
149 }
150 #endif
151 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp