sys/sys/ucred.h

139825Simp/*-
1541Srgrimes * Copyright (c) 1989, 1993
1541Srgrimes *	The Regents of the University of California.  All rights reserved.
1541Srgrimes *
1541Srgrimes * Redistribution and use in source and binary forms, with or without
1541Srgrimes * modification, are permitted provided that the following conditions
1541Srgrimes * are met:
1541Srgrimes * 1. Redistributions of source code must retain the above copyright
1541Srgrimes *    notice, this list of conditions and the following disclaimer.
1541Srgrimes * 2. Redistributions in binary form must reproduce the above copyright
1541Srgrimes *    notice, this list of conditions and the following disclaimer in the
1541Srgrimes *    documentation and/or other materials provided with the distribution.
1541Srgrimes * 4. Neither the name of the University nor the names of its contributors
1541Srgrimes *    may be used to endorse or promote products derived from this software
1541Srgrimes *    without specific prior written permission.
1541Srgrimes *
1541Srgrimes * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
1541Srgrimes * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1541Srgrimes * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1541Srgrimes * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
1541Srgrimes * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1541Srgrimes * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1541Srgrimes * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1541Srgrimes * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1541Srgrimes * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1541Srgrimes * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1541Srgrimes * SUCH DAMAGE.
1541Srgrimes *
14488Shsu *	@(#)ucred.h	8.4 (Berkeley) 1/9/95
50477Speter * $FreeBSD$
1541Srgrimes */
1541Srgrimes
1541Srgrimes#ifndef _SYS_UCRED_H_
1541Srgrimes#define	_SYS_UCRED_H_
1541Srgrimes
170407Srwatson#include <bsm/audit.h>
170407Srwatson
219304Straszstruct loginclass;
219304Strasz
1541Srgrimes/*
1541Srgrimes * Credentials.
43429Sphk *
167572Srwatson * Please do not inspect cr_uid directly to determine superuserness.  The
167572Srwatson * priv(9) interface should be used to check for privilege.
1541Srgrimes */
102538Salfred#if defined(_KERNEL) || defined(_WANT_UCRED)
1541Srgrimesstruct ucred {
99092Sbde	u_int	cr_ref;			/* reference count */
84827Sjhb#define	cr_startcopy cr_uid
99092Sbde	uid_t	cr_uid;			/* effective user id */
99092Sbde	uid_t	cr_ruid;		/* real user id */
99092Sbde	uid_t	cr_svuid;		/* saved user id */
194498Sbrooks	int	cr_ngroups;		/* number of groups */
99092Sbde	gid_t	cr_rgid;		/* real group id */
147641Sdelphij	gid_t	cr_svgid;		/* saved group id */
90757Sjulian	struct uidinfo	*cr_uidinfo;	/* per euid resource consumption */
90757Sjulian	struct uidinfo	*cr_ruidinfo;	/* per ruid resource consumption */
112704Smaxim	struct prison	*cr_prison;	/* jail(2) */
219304Strasz	struct loginclass	*cr_loginclass; /* login class */
193255Srwatson	u_int		cr_flags;	/* credential flags */
195741Sjamie	void 		*cr_pspare2[2];	/* general use 2 */
100986Srwatson#define	cr_endcopy	cr_label
122524Srwatson	struct label	*cr_label;	/* MAC label */
170407Srwatson	struct auditinfo_addr	cr_audit;	/* Audit properties. */
194498Sbrooks	gid_t	*cr_groups;		/* groups */
194498Sbrooks	int	cr_agroups;		/* Available groups */
1541Srgrimes};
98745Sbde#define	NOCRED	((struct ucred *)0)	/* no credential available */
98745Sbde#define	FSCRED	((struct ucred *)-1)	/* filesystem credential */
102538Salfred#endif /* _KERNEL || _WANT_UCRED */
1541Srgrimes
194498Sbrooks#define	XU_NGROUPS	16
194498Sbrooks
72650Sgreen/*
219129Srwatson * Flags for cr_flags.
219129Srwatson */
219129Srwatson#define	CRED_FLAG_CAPMODE	0x00000001	/* In capability mode. */
219129Srwatson
219129Srwatson/*
94020Sdd * This is the external representation of struct ucred.
72650Sgreen */
72650Sgreenstruct xucred {
91354Sdd	u_int	cr_version;		/* structure layout version */
72650Sgreen	uid_t	cr_uid;			/* effective user id */
72650Sgreen	short	cr_ngroups;		/* number of groups */
194498Sbrooks	gid_t	cr_groups[XU_NGROUPS];	/* groups */
72650Sgreen	void	*_cr_unused1;		/* compatibility with old ucred */
72650Sgreen};
91354Sdd#define	XUCRED_VERSION	0
72650Sgreen
94020Sdd/* This can be used for both ucred and xucred structures. */
98745Sbde#define	cr_gid cr_groups[0]
94020Sdd
55205Speter#ifdef _KERNEL
194498Sbrooksstruct proc;
94020Sddstruct thread;
3438Sphk
98745Sbdevoid	change_egid(struct ucred *newcred, gid_t egid);
98745Sbdevoid	change_euid(struct ucred *newcred, struct uidinfo *euip);
98745Sbdevoid	change_rgid(struct ucred *newcred, gid_t rgid);
98745Sbdevoid	change_ruid(struct ucred *newcred, struct uidinfo *ruip);
98745Sbdevoid	change_svgid(struct ucred *newcred, gid_t svgid);
98745Sbdevoid	change_svuid(struct ucred *newcred, uid_t svuid);
98745Sbdevoid	crcopy(struct ucred *dest, struct ucred *src);
194498Sbrooksstruct ucred	*crcopysafe(struct proc *p, struct ucred *cr);
90757Sjulianstruct ucred	*crdup(struct ucred *cr);
293897Sglebiusvoid	crextend(struct ucred *cr, int n);
98745Sbdevoid	cred_update_thread(struct thread *td);
303846Sbdreweryvoid	proc_set_cred_init(struct proc *p, struct ucred *cr);
302229Sbdrewerystruct ucred	*proc_set_cred(struct proc *p, struct ucred *cr);
98745Sbdevoid	crfree(struct ucred *cr);
90757Sjulianstruct ucred	*crget(void);
90757Sjulianstruct ucred	*crhold(struct ucred *cr);
98745Sbdeint	crshared(struct ucred *cr);
98745Sbdevoid	cru2x(struct ucred *cr, struct xucred *xcr);
194498Sbrooksvoid	crsetgroups(struct ucred *cr, int n, gid_t *groups);
98745Sbdeint	groupmember(gid_t gid, struct ucred *cred);
55205Speter#endif /* _KERNEL */
1541Srgrimes
1541Srgrimes#endif /* !_SYS_UCRED_H_ */