blob: f95c3314109ea87a98424b901b56dbe615a43cd6
1 | /* |
2 | * security.h - Exports for handling security/ACLs in NTFS. |
3 | * Originated from the Linux-NTFS project. |
4 | * |
5 | * Copyright (c) 2004 Anton Altaparmakov |
6 | * Copyright (c) 2005-2006 Szabolcs Szakacsits |
7 | * Copyright (c) 2007-2008 Jean-Pierre Andre |
8 | * |
9 | * This program/include file is free software; you can redistribute it and/or |
10 | * modify it under the terms of the GNU General Public License as published |
11 | * by the Free Software Foundation; either version 2 of the License, or |
12 | * (at your option) any later version. |
13 | * |
14 | * This program/include file is distributed in the hope that it will be |
15 | * useful, but WITHOUT ANY WARRANTY; without even the implied warranty |
16 | * of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
17 | * GNU General Public License for more details. |
18 | * |
19 | * You should have received a copy of the GNU General Public License |
20 | * along with this program (in the main directory of the NTFS-3G |
21 | * distribution in the file COPYING); if not, write to the Free Software |
22 | * Foundation,Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
23 | */ |
24 | |
25 | #ifndef _NTFS_SECURITY_H |
26 | #define _NTFS_SECURITY_H |
27 | |
28 | #include "types.h" |
29 | #include "layout.h" |
30 | #include "inode.h" |
31 | #include "dir.h" |
32 | |
33 | #ifndef POSIXACLS |
34 | #define POSIXACLS 0 |
35 | #endif |
36 | |
37 | #if __BYTE_ORDER == __LITTLE_ENDIAN |
38 | #define const_cpu_to_be16(x) ((((x) & 255L) << 8) + (((x) >> 8) & 255L)) |
39 | #define const_cpu_to_be32(x) ((((x) & 255L) << 24) + (((x) & 0xff00L) << 8) \ |
40 | + (((x) >> 8) & 0xff00L) + (((x) >> 24) & 255L)) |
41 | #else |
42 | #define const_cpu_to_be16(x) (x) |
43 | #define const_cpu_to_be32(x) (x) |
44 | #endif |
45 | |
46 | /* |
47 | * item in the mapping list |
48 | */ |
49 | |
50 | struct MAPPING { |
51 | struct MAPPING *next; |
52 | int xid; /* linux id : uid or gid */ |
53 | SID *sid; /* Windows id : usid or gsid */ |
54 | int grcnt; /* group count (for users only) */ |
55 | gid_t *groups; /* groups which the user is member of */ |
56 | }; |
57 | |
58 | /* |
59 | * Entry in the permissions cache |
60 | * Note : this cache is not organized as a generic cache |
61 | */ |
62 | |
63 | struct CACHED_PERMISSIONS { |
64 | uid_t uid; |
65 | gid_t gid; |
66 | le32 inh_fileid; |
67 | le32 inh_dirid; |
68 | #if POSIXACLS |
69 | struct POSIX_SECURITY *pxdesc; |
70 | unsigned int pxdescsize:16; |
71 | #endif |
72 | unsigned int mode:12; |
73 | unsigned int valid:1; |
74 | } ; |
75 | |
76 | /* |
77 | * Entry in the permissions cache for directories with no security_id |
78 | */ |
79 | |
80 | struct CACHED_PERMISSIONS_LEGACY { |
81 | struct CACHED_PERMISSIONS_LEGACY *next; |
82 | struct CACHED_PERMISSIONS_LEGACY *previous; |
83 | void *variable; |
84 | size_t varsize; |
85 | /* above fields must match "struct CACHED_GENERIC" */ |
86 | u64 mft_no; |
87 | struct CACHED_PERMISSIONS perm; |
88 | } ; |
89 | |
90 | /* |
91 | * Entry in the securid cache |
92 | */ |
93 | |
94 | struct CACHED_SECURID { |
95 | struct CACHED_SECURID *next; |
96 | struct CACHED_SECURID *previous; |
97 | void *variable; |
98 | size_t varsize; |
99 | /* above fields must match "struct CACHED_GENERIC" */ |
100 | uid_t uid; |
101 | gid_t gid; |
102 | unsigned int dmode; |
103 | le32 securid; |
104 | } ; |
105 | |
106 | /* |
107 | * Header of the security cache |
108 | * (has no cache structure by itself) |
109 | */ |
110 | |
111 | struct CACHED_PERMISSIONS_HEADER { |
112 | unsigned int last; |
113 | /* statistics for permissions */ |
114 | unsigned long p_writes; |
115 | unsigned long p_reads; |
116 | unsigned long p_hits; |
117 | } ; |
118 | |
119 | /* |
120 | * The whole permissions cache |
121 | */ |
122 | |
123 | struct PERMISSIONS_CACHE { |
124 | struct CACHED_PERMISSIONS_HEADER head; |
125 | struct CACHED_PERMISSIONS *cachetable[1]; /* array of variable size */ |
126 | } ; |
127 | |
128 | /* |
129 | * Security flags values |
130 | */ |
131 | |
132 | enum { |
133 | SECURITY_DEFAULT, /* rely on fuse for permissions checking */ |
134 | SECURITY_RAW, /* force same ownership/permissions on files */ |
135 | SECURITY_ADDSECURIDS, /* upgrade old security descriptors */ |
136 | SECURITY_STATICGRPS, /* use static groups for access control */ |
137 | SECURITY_WANTED /* a security related option was present */ |
138 | } ; |
139 | |
140 | /* |
141 | * Security context, needed by most security functions |
142 | */ |
143 | |
144 | enum { MAPUSERS, MAPGROUPS, MAPCOUNT } ; |
145 | |
146 | struct SECURITY_CONTEXT { |
147 | ntfs_volume *vol; |
148 | struct MAPPING *mapping[MAPCOUNT]; |
149 | struct PERMISSIONS_CACHE **pseccache; |
150 | uid_t uid; /* uid of user requesting (not the mounter) */ |
151 | gid_t gid; /* gid of user requesting (not the mounter) */ |
152 | pid_t tid; /* thread id of thread requesting */ |
153 | mode_t umask; /* umask of requesting thread */ |
154 | } ; |
155 | |
156 | #if POSIXACLS |
157 | |
158 | /* |
159 | * Posix ACL structures |
160 | */ |
161 | |
162 | struct POSIX_ACE { |
163 | u16 tag; |
164 | u16 perms; |
165 | s32 id; |
166 | } ; |
167 | |
168 | struct POSIX_ACL { |
169 | u8 version; |
170 | u8 flags; |
171 | u16 filler; |
172 | struct POSIX_ACE ace[0]; |
173 | } ; |
174 | |
175 | struct POSIX_SECURITY { |
176 | mode_t mode; |
177 | int acccnt; |
178 | int defcnt; |
179 | int firstdef; |
180 | u16 tagsset; |
181 | struct POSIX_ACL acl; |
182 | } ; |
183 | |
184 | /* |
185 | * Posix tags, cpu-endian 16 bits |
186 | */ |
187 | |
188 | enum { |
189 | POSIX_ACL_USER_OBJ = 1, |
190 | POSIX_ACL_USER = 2, |
191 | POSIX_ACL_GROUP_OBJ = 4, |
192 | POSIX_ACL_GROUP = 8, |
193 | POSIX_ACL_MASK = 16, |
194 | POSIX_ACL_OTHER = 32, |
195 | POSIX_ACL_SPECIAL = 64 /* internal use only */ |
196 | } ; |
197 | |
198 | #define POSIX_ACL_EXTENSIONS (POSIX_ACL_USER | POSIX_ACL_GROUP | POSIX_ACL_MASK) |
199 | |
200 | /* |
201 | * Posix permissions, cpu-endian 16 bits |
202 | */ |
203 | |
204 | enum { |
205 | POSIX_PERM_X = 1, |
206 | POSIX_PERM_W = 2, |
207 | POSIX_PERM_R = 4, |
208 | POSIX_PERM_DENIAL = 64 /* internal use only */ |
209 | } ; |
210 | |
211 | #define POSIX_VERSION 2 |
212 | |
213 | #endif |
214 | |
215 | extern BOOL ntfs_guid_is_zero(const GUID *guid); |
216 | extern char *ntfs_guid_to_mbs(const GUID *guid, char *guid_str); |
217 | |
218 | /** |
219 | * ntfs_sid_is_valid - determine if a SID is valid |
220 | * @sid: SID for which to determine if it is valid |
221 | * |
222 | * Determine if the SID pointed to by @sid is valid. |
223 | * |
224 | * Return TRUE if it is valid and FALSE otherwise. |
225 | */ |
226 | static __inline__ BOOL ntfs_sid_is_valid(const SID *sid) |
227 | { |
228 | if (!sid || sid->revision != SID_REVISION || |
229 | sid->sub_authority_count > SID_MAX_SUB_AUTHORITIES) |
230 | return FALSE; |
231 | return TRUE; |
232 | } |
233 | |
234 | extern int ntfs_sid_to_mbs_size(const SID *sid); |
235 | extern char *ntfs_sid_to_mbs(const SID *sid, char *sid_str, |
236 | size_t sid_str_size); |
237 | extern void ntfs_generate_guid(GUID *guid); |
238 | extern int ntfs_sd_add_everyone(ntfs_inode *ni); |
239 | |
240 | extern le32 ntfs_security_hash(const SECURITY_DESCRIPTOR_RELATIVE *sd, |
241 | const u32 len); |
242 | |
243 | int ntfs_build_mapping(struct SECURITY_CONTEXT *scx, const char *usermap_path); |
244 | int ntfs_get_owner_mode(struct SECURITY_CONTEXT *scx, |
245 | ntfs_inode *ni, struct stat*); |
246 | int ntfs_set_mode(struct SECURITY_CONTEXT *scx, ntfs_inode *ni, mode_t mode); |
247 | BOOL ntfs_allowed_as_owner(struct SECURITY_CONTEXT *scx, ntfs_inode *ni); |
248 | int ntfs_allowed_access(struct SECURITY_CONTEXT *scx, |
249 | ntfs_inode *ni, int accesstype); |
250 | BOOL old_ntfs_allowed_dir_access(struct SECURITY_CONTEXT *scx, |
251 | const char *path, int accesstype); |
252 | |
253 | #if POSIXACLS |
254 | le32 ntfs_alloc_securid(struct SECURITY_CONTEXT *scx, |
255 | uid_t uid, gid_t gid, ntfs_inode *dir_ni, |
256 | mode_t mode, BOOL isdir); |
257 | #else |
258 | le32 ntfs_alloc_securid(struct SECURITY_CONTEXT *scx, |
259 | uid_t uid, gid_t gid, mode_t mode, BOOL isdir); |
260 | #endif |
261 | int ntfs_set_owner(struct SECURITY_CONTEXT *scx, ntfs_inode *ni, |
262 | uid_t uid, gid_t gid); |
263 | int ntfs_set_ownmod(struct SECURITY_CONTEXT *scx, |
264 | ntfs_inode *ni, uid_t uid, gid_t gid, mode_t mode); |
265 | #if POSIXACLS |
266 | int ntfs_set_owner_mode(struct SECURITY_CONTEXT *scx, |
267 | ntfs_inode *ni, uid_t uid, gid_t gid, |
268 | mode_t mode, struct POSIX_SECURITY *pxdesc); |
269 | #else |
270 | int ntfs_set_owner_mode(struct SECURITY_CONTEXT *scx, |
271 | ntfs_inode *ni, uid_t uid, gid_t gid, mode_t mode); |
272 | #endif |
273 | le32 ntfs_inherited_id(struct SECURITY_CONTEXT *scx, |
274 | ntfs_inode *dir_ni, BOOL fordir); |
275 | int ntfs_open_secure(ntfs_volume *vol); |
276 | void ntfs_close_secure(struct SECURITY_CONTEXT *scx); |
277 | |
278 | #if POSIXACLS |
279 | |
280 | int ntfs_set_inherited_posix(struct SECURITY_CONTEXT *scx, |
281 | ntfs_inode *ni, uid_t uid, gid_t gid, |
282 | ntfs_inode *dir_ni, mode_t mode); |
283 | int ntfs_get_posix_acl(struct SECURITY_CONTEXT *scx, ntfs_inode *ni, |
284 | const char *name, char *value, size_t size); |
285 | int ntfs_set_posix_acl(struct SECURITY_CONTEXT *scx, ntfs_inode *ni, |
286 | const char *name, const char *value, size_t size, |
287 | int flags); |
288 | int ntfs_remove_posix_acl(struct SECURITY_CONTEXT *scx, ntfs_inode *ni, |
289 | const char *name); |
290 | #endif |
291 | |
292 | int ntfs_get_ntfs_acl(struct SECURITY_CONTEXT *scx, ntfs_inode *ni, |
293 | char *value, size_t size); |
294 | int ntfs_set_ntfs_acl(struct SECURITY_CONTEXT *scx, ntfs_inode *ni, |
295 | const char *value, size_t size, int flags); |
296 | |
297 | int ntfs_get_ntfs_attrib(ntfs_inode *ni, char *value, size_t size); |
298 | int ntfs_set_ntfs_attrib(ntfs_inode *ni, |
299 | const char *value, size_t size, int flags); |
300 | |
301 | |
302 | /* |
303 | * Security API for direct access to security descriptors |
304 | * based on Win32 API |
305 | */ |
306 | |
307 | #define MAGIC_API 0x09042009 |
308 | |
309 | struct SECURITY_API { |
310 | u32 magic; |
311 | struct SECURITY_CONTEXT security; |
312 | struct PERMISSIONS_CACHE *seccache; |
313 | } ; |
314 | |
315 | /* |
316 | * The following constants are used in interfacing external programs. |
317 | * They are not to be stored on disk and must be defined in their |
318 | * native cpu representation. |
319 | * When disk representation (le) is needed, use SE_DACL_PRESENT, etc. |
320 | */ |
321 | enum { OWNER_SECURITY_INFORMATION = 1, |
322 | GROUP_SECURITY_INFORMATION = 2, |
323 | DACL_SECURITY_INFORMATION = 4, |
324 | SACL_SECURITY_INFORMATION = 8 |
325 | } ; |
326 | |
327 | int ntfs_get_file_security(struct SECURITY_API *scapi, |
328 | const char *path, u32 selection, |
329 | char *buf, u32 buflen, u32 *psize); |
330 | int ntfs_set_file_security(struct SECURITY_API *scapi, |
331 | const char *path, u32 selection, const char *attr); |
332 | int ntfs_get_file_attributes(struct SECURITY_API *scapi, |
333 | const char *path); |
334 | BOOL ntfs_set_file_attributes(struct SECURITY_API *scapi, |
335 | const char *path, s32 attrib); |
336 | BOOL ntfs_read_directory(struct SECURITY_API *scapi, |
337 | const char *path, ntfs_filldir_t callback, void *context); |
338 | int ntfs_read_sds(struct SECURITY_API *scapi, |
339 | char *buf, u32 size, u32 offset); |
340 | INDEX_ENTRY *ntfs_read_sii(struct SECURITY_API *scapi, |
341 | INDEX_ENTRY *entry); |
342 | INDEX_ENTRY *ntfs_read_sdh(struct SECURITY_API *scapi, |
343 | INDEX_ENTRY *entry); |
344 | struct SECURITY_API *ntfs_initialize_file_security(const char *device, |
345 | int flags); |
346 | BOOL ntfs_leave_file_security(struct SECURITY_API *scx); |
347 | |
348 | int ntfs_get_usid(struct SECURITY_API *scapi, uid_t uid, char *buf); |
349 | int ntfs_get_gsid(struct SECURITY_API *scapi, gid_t gid, char *buf); |
350 | int ntfs_get_user(struct SECURITY_API *scapi, const SID *usid); |
351 | int ntfs_get_group(struct SECURITY_API *scapi, const SID *gsid); |
352 | |
353 | #endif /* defined _NTFS_SECURITY_H */ |
354 |