optcom.h revision 11042:2d6e217af1b4
197403Sobrien/* 2132720Skan * CDDL HEADER START 397403Sobrien * 497403Sobrien * The contents of this file are subject to the terms of the 5132720Skan * Common Development and Distribution License (the "License"). 6132720Skan * You may not use this file except in compliance with the License. 7132720Skan * 8132720Skan * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9132720Skan * or http://www.opensolaris.org/os/licensing. 10132720Skan * See the License for the specific language governing permissions 11132720Skan * and limitations under the License. 12132720Skan * 13132720Skan * When distributing Covered Code, include this CDDL HEADER in each 14132720Skan * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15132720Skan * If applicable, add the following below this CDDL HEADER, with the 16132720Skan * fields enclosed by brackets "[]" replaced with your own identifying 17132720Skan * information: Portions Copyright [yyyy] [name of copyright owner] 18132720Skan * 19132720Skan * CDDL HEADER END 20132720Skan */ 21132720Skan/* 22132720Skan * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23132720Skan * Use is subject to license terms. 24132720Skan */ 25132720Skan/* Copyright (c) 1990 Mentat Inc. */ 26132720Skan 27132720Skan#ifndef _INET_OPTCOM_H 28132720Skan#define _INET_OPTCOM_H 29132720Skan 30132720Skan#ifdef __cplusplus 3197403Sobrienextern "C" { 3297403Sobrien#endif 3397403Sobrien 3497403Sobrien#if defined(_KERNEL) && defined(__STDC__) 3597403Sobrien 3697403Sobrien#include <inet/ipclassifier.h> 37 38/* Options Description Structure */ 39typedef struct opdes_s { 40 t_uscalar_t opdes_name; /* option name */ 41 t_uscalar_t opdes_level; /* option "level" */ 42 int opdes_access_nopriv; /* permissions for non-privileged */ 43 int opdes_access_priv; /* permissions for privileged */ 44 int opdes_access_req_priv; /* required privilege, OP_NP if none */ 45 int opdes_props; /* properties of associated with option */ 46 t_uscalar_t opdes_size; /* length of option */ 47 /* [ or maxlen if variable */ 48 /* length(OP_VARLEN) property set for option] */ 49 union { 50 /* 51 * 52 * Note: C semantics: 53 * static initializer of "union" type assume 54 * the constant on RHS is of the type of the 55 * first member of the union. So what comes first 56 * is important. 57 */ 58#define OPDES_DEFSZ_MAX 64 59 int64_t opdes_def_int64; 60 char opdes_def_charbuf[OPDES_DEFSZ_MAX]; 61 } opdes_def; 62} opdes_t; 63 64#define opdes_default opdes_def.opdes_def_int64 65#define opdes_defbuf opdes_def.opdes_def_charbuf 66/* 67 * Flags to set in opdes_acces_{all,priv} fields in opdes_t 68 * 69 * OA_R read access 70 * OA_W write access 71 * OA_RW read-write access 72 * OA_X execute access 73 * 74 * Note: - semantics "execute" access used for operations excuted using 75 * option management interface 76 * - no bits set means this option is not visible. Some options may not 77 * even be visible to all but priviliged users. 78 */ 79#define OA_R 0x1 80#define OA_W 0x2 81#define OA_X 0x4 82 83/* 84 * Utility macros to test permissions needed to compose more 85 * complex ones. (Only a few really used directly in code). 86 */ 87#define OA_RW (OA_R|OA_W) 88#define OA_WX (OA_W|OA_X) 89#define OA_RX (OA_R|OA_X) 90#define OA_RWX (OA_R|OA_W|OA_X) 91 92#define OA_ANY_ACCESS(x) ((x)->opdes_access_nopriv|(x)->opdes_access_priv) 93#define OA_R_NOPRIV(x) ((x)->opdes_access_nopriv & OA_R) 94#define OA_R_ANYPRIV(x) (OA_ANY_ACCESS(x) & OA_R) 95#define OA_W_NOPRIV(x) ((x)->opdes_access_nopriv & OA_W) 96#define OA_X_ANYPRIV(x) (OA_ANY_ACCESS(x) & OA_X) 97#define OA_X_NOPRIV(x) ((x)->opdes_access_nopriv & OA_X) 98#define OA_W_ANYPRIV(x) (OA_ANY_ACCESS(x) & OA_W) 99#define OA_WX_NOPRIV(x) ((x)->opdes_access_nopriv & OA_WX) 100#define OA_WX_ANYPRIV(x) (OA_ANY_ACCESS(x) & OA_WX) 101#define OA_RWX_ANYPRIV(x) (OA_ANY_ACCESS(x) & OA_RWX) 102#define OA_RONLY_NOPRIV(x) (((x)->opdes_access_nopriv & OA_RWX) == OA_R) 103#define OA_RONLY_ANYPRIV(x) ((OA_ANY_ACCESS(x) & OA_RWX) == OA_R) 104 105#define OP_NP (-1) /* No privilege required */ 106#define OP_CONFIG (0) /* Network configuration */ 107#define OP_RAW (1) /* Raw packets */ 108#define OP_PRIVPORT (2) /* Privileged ports */ 109 110 111/* 112 * Following macros supply the option and their privilege and 113 * are used to determine permissions. 114 */ 115#define OA_POLICY_OK(x, c) \ 116 (secpolicy_ip((c), (x)->opdes_access_req_priv, B_FALSE) == 0) 117 118#define OA_POLICY_ONLY_OK(x, c) \ 119 (secpolicy_ip((c), (x)->opdes_access_req_priv, B_TRUE) == 0) 120 121#define OA_MATCHED_PRIV(x, c) ((x)->opdes_access_req_priv != OP_NP && \ 122 OA_POLICY_ONLY_OK((x), (c))) 123 124#define OA_READ_PERMISSION(x, c) (OA_R_NOPRIV(x) || \ 125 (OA_R_ANYPRIV(x) && OA_POLICY_OK((x), (c)))) 126 127#define OA_WRITE_OR_EXECUTE(x, c) (OA_WX_NOPRIV(x) || \ 128 (OA_WX_ANYPRIV(x) && OA_POLICY_OK((x), (c)))) 129 130#define OA_READONLY_PERMISSION(x, c) (OA_RONLY_NOPRIV(x) || \ 131 (OA_RONLY_ANYPRIV(x) && OA_POLICY_OK((x), (c)))) 132 133#define OA_WRITE_PERMISSION(x, c) (OA_W_NOPRIV(x) || \ 134 (OA_W_ANYPRIV(x) && OA_POLICY_ONLY_OK((x), (c)))) 135 136#define OA_EXECUTE_PERMISSION(x, c) (OA_X_NOPRIV(x) || \ 137 (OA_X_ANYPRIV(x) && OA_POLICY_ONLY_OK((x), (c)))) 138 139#define OA_NO_PERMISSION(x, c) (OA_MATCHED_PRIV((x), (c)) ? \ 140 ((x)->opdes_access_priv == 0) : ((x)->opdes_access_nopriv == 0)) 141 142/* 143 * Other properties set in opdes_props field. 144 */ 145#define OP_VARLEN 0x1 /* option is varible length */ 146#define OP_NOT_ABSREQ 0x2 /* option is not a "absolute requirement" */ 147 /* i.e. failure to negotiate does not */ 148 /* abort primitive ("ignore" semantics ok) */ 149#define OP_NODEFAULT 0x4 /* no concept of "default value" */ 150#define OP_DEF_FN 0x8 /* call a "default function" to get default */ 151 /* value, not from static table */ 152 153 154/* 155 * Structure to represent attributed of option management specific 156 * to one particular layer of "transport". 157 */ 158 159typedef t_uscalar_t optlevel_t; 160 161typedef int (*opt_def_fn)(queue_t *, int, int, uchar_t *); 162typedef int (*opt_get_fn)(queue_t *, int, int, uchar_t *); 163typedef int (*opt_set_fn)(queue_t *, uint_t, int, int, uint_t, uchar_t *, 164 uint_t *, uchar_t *, void *, cred_t *); 165 166typedef struct optdb_obj { 167 opt_def_fn odb_deffn; /* default value function */ 168 opt_get_fn odb_getfn; /* get function */ 169 opt_set_fn odb_setfn; /* set function */ 170 /* provider or downstream */ 171 uint_t odb_opt_arr_cnt; /* count of number of options in db */ 172 opdes_t *odb_opt_des_arr; /* option descriptors in db */ 173 uint_t odb_valid_levels_arr_cnt; 174 /* count of option levels supported */ 175 optlevel_t *odb_valid_levels_arr; 176 /* array of option levels supported */ 177} optdb_obj_t; 178 179/* 180 * Values for "optset_context" parameter passed to 181 * transport specific "setfn()" routines 182 */ 183#define SETFN_OPTCOM_CHECKONLY 1 /* "checkonly" semantics T_CHECK */ 184#define SETFN_OPTCOM_NEGOTIATE 2 /* semantics for T_*_OPTCOM_REQ */ 185#define SETFN_UD_NEGOTIATE 3 /* semantics for T_UNITDATA_REQ */ 186#define SETFN_CONN_NEGOTIATE 4 /* semantics for T_CONN_*_REQ */ 187 188/* 189 * Function prototypes 190 */ 191extern void optcom_err_ack(queue_t *, mblk_t *, t_scalar_t, int); 192extern void svr4_optcom_req(queue_t *, mblk_t *, cred_t *, optdb_obj_t *); 193extern void tpi_optcom_req(queue_t *, mblk_t *, cred_t *, optdb_obj_t *); 194extern int tpi_optcom_buf(queue_t *, mblk_t *, t_scalar_t *, t_scalar_t, 195 cred_t *, optdb_obj_t *, void *, int *); 196extern t_uscalar_t optcom_max_optsize(opdes_t *, uint_t); 197extern int optcom_pkt_set(uchar_t *, uint_t, uchar_t **, uint_t *); 198extern int process_auxiliary_options(conn_t *, void *, t_uscalar_t, 199 void *, optdb_obj_t *, int (*)(conn_t *, uint_t, int, int, uint_t, 200 uchar_t *, uint_t *, uchar_t *, void *, cred_t *), cred_t *); 201 202#endif /* defined(_KERNEL) && defined(__STDC__) */ 203 204#ifdef __cplusplus 205} 206#endif 207 208#endif /* _INET_OPTCOM_H */ 209