~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/fs/smb/common/smbacl.h

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~ 
  1 /* SPDX-License-Identifier: LGPL-2.1+ */
  2 /*
  3  *   Copyright (c) International Business Machines  Corp., 2007
  4  *   Author(s): Steve French (sfrench@us.ibm.com)
  5  *   Modified by Namjae Jeon (linkinjeon@kernel.org)
  6  */
  7 
  8 #ifndef _COMMON_SMBACL_H
  9 #define _COMMON_SMBACL_H
 10 
 11 #define NUM_AUTHS (6)   /* number of authority fields */
 12 #define SID_MAX_SUB_AUTHORITIES (15) /* max number of sub authority fields */
 13 
 14 /* ACE types - see MS-DTYP 2.4.4.1 */
 15 #define ACCESS_ALLOWED_ACE_TYPE 0x00
 16 #define ACCESS_DENIED_ACE_TYPE  0x01
 17 #define SYSTEM_AUDIT_ACE_TYPE   0x02
 18 #define SYSTEM_ALARM_ACE_TYPE   0x03
 19 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE 0x04
 20 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE  0x05
 21 #define ACCESS_DENIED_OBJECT_ACE_TYPE   0x06
 22 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE    0x07
 23 #define SYSTEM_ALARM_OBJECT_ACE_TYPE    0x08
 24 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE 0x09
 25 #define ACCESS_DENIED_CALLBACK_ACE_TYPE 0x0A
 26 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE 0x0B
 27 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE  0x0C
 28 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE  0x0D
 29 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE  0x0E /* Reserved */
 30 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE 0x0F
 31 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE 0x10 /* reserved */
 32 #define SYSTEM_MANDATORY_LABEL_ACE_TYPE 0x11
 33 #define SYSTEM_RESOURCE_ATTRIBUTE_ACE_TYPE 0x12
 34 #define SYSTEM_SCOPED_POLICY_ID_ACE_TYPE 0x13
 35 
 36 /* ACE flags */
 37 #define OBJECT_INHERIT_ACE              0x01
 38 #define CONTAINER_INHERIT_ACE           0x02
 39 #define NO_PROPAGATE_INHERIT_ACE        0x04
 40 #define INHERIT_ONLY_ACE                0x08
 41 #define INHERITED_ACE                   0x10
 42 #define SUCCESSFUL_ACCESS_ACE_FLAG      0x40
 43 #define FAILED_ACCESS_ACE_FLAG          0x80
 44 
 45 /*
 46  * Maximum size of a string representation of a SID:
 47  *
 48  * The fields are unsigned values in decimal. So:
 49  *
 50  * u8:  max 3 bytes in decimal
 51  * u32: max 10 bytes in decimal
 52  *
 53  * "S-" + 3 bytes for version field + 15 for authority field + NULL terminator
 54  *
 55  * For authority field, max is when all 6 values are non-zero and it must be
 56  * represented in hex. So "-0x" + 12 hex digits.
 57  *
 58  * Add 11 bytes for each subauthority field (10 bytes each + 1 for '-')
 59  */
 60 #define SID_STRING_BASE_SIZE (2 + 3 + 15 + 1)
 61 #define SID_STRING_SUBAUTH_SIZE (11) /* size of a single subauth string */
 62 
 63 #define DOMAIN_USER_RID_LE      cpu_to_le32(513)
 64 
 65 /*
 66  * ACE types - see MS-DTYP 2.4.4.1
 67  */
 68 enum {
 69         ACCESS_ALLOWED,
 70         ACCESS_DENIED,
 71 };
 72 
 73 /*
 74  * Security ID types
 75  */
 76 enum {
 77         SIDOWNER = 1,
 78         SIDGROUP,
 79         SIDCREATOR_OWNER,
 80         SIDCREATOR_GROUP,
 81         SIDUNIX_USER,
 82         SIDUNIX_GROUP,
 83         SIDNFS_USER,
 84         SIDNFS_GROUP,
 85         SIDNFS_MODE,
 86 };
 87 
 88 struct smb_ntsd {
 89         __le16 revision; /* revision level */
 90         __le16 type;
 91         __le32 osidoffset;
 92         __le32 gsidoffset;
 93         __le32 sacloffset;
 94         __le32 dacloffset;
 95 } __attribute__((packed));
 96 
 97 struct smb_sid {
 98         __u8 revision; /* revision level */
 99         __u8 num_subauth;
100         __u8 authority[NUM_AUTHS];
101         __le32 sub_auth[SID_MAX_SUB_AUTHORITIES]; /* sub_auth[num_subauth] */
102 } __attribute__((packed));
103 
104 /* size of a struct smb_sid, sans sub_auth array */
105 #define CIFS_SID_BASE_SIZE (1 + 1 + NUM_AUTHS)
106 
107 struct smb_acl {
108         __le16 revision; /* revision level */
109         __le16 size;
110         __le32 num_aces;
111 } __attribute__((packed));
112 
113 struct smb_ace {
114         __u8 type; /* see above and MS-DTYP 2.4.4.1 */
115         __u8 flags;
116         __le16 size;
117         __le32 access_req;
118         struct smb_sid sid; /* ie UUID of user or group who gets these perms */
119 } __attribute__((packed));
120 
121 #endif /* _COMMON_SMBACL_H */
122
~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~
kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php