Google Git
Sign in
linux / linux / kernel / git / klassert / ipsec / cac2c363c41c12ec9ea1caefdf90f99607a531aa / . / include / uapi / linux / rxrpc.h
blob: d9735abd4c79107b0cc5c9f103ad7afeb644ce09 [file] [log] [blame]
/* SPDX-License-Identifier: GPL-2.0-or-later WITH Linux-syscall-note */
/* Types and definitions for AF_RXRPC.
*
* Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
* Written by David Howells (dhowells@redhat.com)
*/
#ifndef _UAPI_LINUX_RXRPC_H
#define _UAPI_LINUX_RXRPC_H
#include <linux/types.h>
#include <linux/in.h>
#include <linux/in6.h>
/*
* RxRPC socket address
*/
struct sockaddr_rxrpc {
__kernel_sa_family_t srx_family; /* address family */
__u16 srx_service; /* service desired */
__u16 transport_type; /* type of transport socket (SOCK_DGRAM) */
__u16 transport_len; /* length of transport address */
union {
__kernel_sa_family_t family; /* transport address family */
struct sockaddr_in sin; /* IPv4 transport address */
struct sockaddr_in6 sin6; /* IPv6 transport address */
} transport;
};
/*
* RxRPC socket options
*/
#define RXRPC_SECURITY_KEY 1 /* [clnt] set client security key */
#define RXRPC_SECURITY_KEYRING 2 /* [srvr] set ring of server security keys */
#define RXRPC_EXCLUSIVE_CONNECTION 3 /* Deprecated; use RXRPC_EXCLUSIVE_CALL instead */
#define RXRPC_MIN_SECURITY_LEVEL 4 /* minimum security level */
#define RXRPC_UPGRADEABLE_SERVICE 5 /* Upgrade service[0] -> service[1] */
#define RXRPC_SUPPORTED_CMSG 6 /* Get highest supported control message type */
#define RXRPC_MANAGE_RESPONSE 7 /* [clnt] Want to manage RESPONSE packets */
/*
* RxRPC control messages
* - If neither abort or accept are specified, the message is a data message.
* - terminal messages mean that a user call ID tag can be recycled
* - C/S/- indicate whether these are applicable to client, server or both
* - s/r/- indicate whether these are applicable to sendmsg() and/or recvmsg()
*/
enum rxrpc_cmsg_type {
RXRPC_USER_CALL_ID = 1, /* -sr: User call ID specifier */
RXRPC_ABORT = 2, /* -sr: Abort request / notification [terminal] */
RXRPC_ACK = 3, /* S-r: RPC op final ACK received [terminal] */
RXRPC_NET_ERROR = 5, /* --r: Network error received [terminal] */
RXRPC_BUSY = 6, /* C-r: Server busy received [terminal] */
RXRPC_LOCAL_ERROR = 7, /* --r: Local error generated [terminal] */
RXRPC_NEW_CALL = 8, /* S-r: New incoming call notification */
RXRPC_EXCLUSIVE_CALL = 10, /* Cs-: Call should be on exclusive connection */
RXRPC_UPGRADE_SERVICE = 11, /* Cs-: Request service upgrade for client call */
RXRPC_TX_LENGTH = 12, /* -s-: Total length of Tx data */
RXRPC_SET_CALL_TIMEOUT = 13, /* -s-: Set one or more call timeouts */
RXRPC_CHARGE_ACCEPT = 14, /* Ss-: Charge the accept pool with a user call ID */
RXRPC_OOB_ID = 15, /* -sr: OOB message ID */
RXRPC_CHALLENGED = 16, /* C-r: Info on a received CHALLENGE */
RXRPC_RESPOND = 17, /* Cs-: Respond to a challenge */
RXRPC_RESPONDED = 18, /* S-r: Data received in RESPONSE */
RXRPC_RESP_RXGK_APPDATA = 19, /* Cs-: RESPONSE: RxGK app data to include */
RXRPC__SUPPORTED
};
/*
* RxRPC security levels
*/
#define RXRPC_SECURITY_PLAIN 0 /* plain secure-checksummed packets only */
#define RXRPC_SECURITY_AUTH 1 /* authenticated packets */
#define RXRPC_SECURITY_ENCRYPT 2 /* encrypted packets */
/*
* RxRPC security indices
*/
#define RXRPC_SECURITY_NONE 0 /* no security protocol */
#define RXRPC_SECURITY_RXKAD 2 /* kaserver or kerberos 4 */
#define RXRPC_SECURITY_RXGK 4 /* gssapi-based */
#define RXRPC_SECURITY_RXK5 5 /* kerberos 5 */
#define RXRPC_SECURITY_YFS_RXGK 6 /* YFS gssapi-based */
/*
* RxRPC-level abort codes
*/
#define RX_CALL_DEAD -1 /* call/conn has been inactive and is shut down */
#define RX_INVALID_OPERATION -2 /* invalid operation requested / attempted */
#define RX_CALL_TIMEOUT -3 /* call timeout exceeded */
#define RX_EOF -4 /* unexpected end of data on read op */
#define RX_PROTOCOL_ERROR -5 /* low-level protocol error */
#define RX_USER_ABORT -6 /* generic user abort */
#define RX_ADDRINUSE -7 /* UDP port in use */
#define RX_DEBUGI_BADTYPE -8 /* bad debugging packet type */
/*
* (un)marshalling abort codes (rxgen)
*/
#define RXGEN_CC_MARSHAL -450
#define RXGEN_CC_UNMARSHAL -451
#define RXGEN_SS_MARSHAL -452
#define RXGEN_SS_UNMARSHAL -453
#define RXGEN_DECODE -454
#define RXGEN_OPCODE -455
#define RXGEN_SS_XDRFREE -456
#define RXGEN_CC_XDRFREE -457
/*
* Rx kerberos security abort codes
* - unfortunately we have no generalised security abort codes to say things
* like "unsupported security", so we have to use these instead and hope the
* other side understands
*/
#define RXKADINCONSISTENCY 19270400 /* security module structure inconsistent */
#define RXKADPACKETSHORT 19270401 /* packet too short for security challenge */
#define RXKADLEVELFAIL 19270402 /* security level negotiation failed */
#define RXKADTICKETLEN 19270403 /* ticket length too short or too long */
#define RXKADOUTOFSEQUENCE 19270404 /* packet had bad sequence number */
#define RXKADNOAUTH 19270405 /* caller not authorised */
#define RXKADBADKEY 19270406 /* illegal key: bad parity or weak */
#define RXKADBADTICKET 19270407 /* security object was passed a bad ticket */
#define RXKADUNKNOWNKEY 19270408 /* ticket contained unknown key version number */
#define RXKADEXPIRED 19270409 /* authentication expired */
#define RXKADSEALEDINCON 19270410 /* sealed data inconsistent */
#define RXKADDATALEN 19270411 /* user data too long */
#define RXKADILLEGALLEVEL 19270412 /* caller not authorised to use encrypted conns */
/*
* RxGK GSSAPI security abort codes.
*/
#if 0 /* Original standard abort codes (used by OpenAFS) */
#define RXGK_INCONSISTENCY 1233242880 /* Security module structure inconsistent */
#define RXGK_PACKETSHORT 1233242881 /* Packet too short for security challenge */
#define RXGK_BADCHALLENGE 1233242882 /* Invalid security challenge */
#define RXGK_BADETYPE 1233242883 /* Invalid or impermissible encryption type */
#define RXGK_BADLEVEL 1233242884 /* Invalid or impermissible security level */
#define RXGK_BADKEYNO 1233242885 /* Key version number not found */
#define RXGK_EXPIRED 1233242886 /* Token has expired */
#define RXGK_NOTAUTH 1233242887 /* Caller not authorized */
#define RXGK_BAD_TOKEN 1233242888 /* Security object was passed a bad token */
#define RXGK_SEALED_INCON 1233242889 /* Sealed data inconsistent */
#define RXGK_DATA_LEN 1233242890 /* User data too long */
#define RXGK_BAD_QOP 1233242891 /* Inadequate quality of protection available */
#else /* Revised standard abort codes (used by YFS) */
#define RXGK_INCONSISTENCY 1233242880 /* Security module structure inconsistent */
#define RXGK_PACKETSHORT 1233242881 /* Packet too short for security challenge */
#define RXGK_BADCHALLENGE 1233242882 /* Security challenge/response failed */
#define RXGK_SEALEDINCON 1233242883 /* Sealed data is inconsistent */
#define RXGK_NOTAUTH 1233242884 /* Caller not authorised */
#define RXGK_EXPIRED 1233242885 /* Authentication expired */
#define RXGK_BADLEVEL 1233242886 /* Unsupported or not permitted security level */
#define RXGK_BADKEYNO 1233242887 /* Bad transport key number */
#define RXGK_NOTRXGK 1233242888 /* Security layer is not rxgk */
#define RXGK_UNSUPPORTED 1233242889 /* Endpoint does not support rxgk */
#define RXGK_GSSERROR 1233242890 /* GSSAPI mechanism error */
#endif
/*
* Challenge information in the RXRPC_CHALLENGED control message.
*/
struct rxrpc_challenge {
__u16 service_id; /* The service ID of the connection (may be upgraded) */
__u8 security_index; /* The security index of the connection */
__u8 pad; /* Round out to a multiple of 4 bytes. */
/* ... The security class gets to append extra information ... */
};
struct rxgk_challenge {
struct rxrpc_challenge base;
__u32 enctype; /* Krb5 encoding type */
};
#endif /* _UAPI_LINUX_RXRPC_H */