2019-05-21 02:08:01 +09:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
2017-07-21 18:39:26 +09:00
|
|
|
/* Types and definitions for AF_RXRPC.
|
2007-04-27 07:48:28 +09:00
|
|
|
*
|
|
|
|
|
* Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
|
|
|
|
|
* Written by David Howells (dhowells@redhat.com)
|
|
|
|
|
*/
|
|
|
|
|
|
2017-07-21 18:39:26 +09:00
|
|
|
#ifndef _UAPI_LINUX_RXRPC_H
|
|
|
|
|
#define _UAPI_LINUX_RXRPC_H
|
2007-04-27 07:48:28 +09:00
|
|
|
|
2017-07-21 18:39:26 +09:00
|
|
|
#include <linux/types.h>
|
2007-04-27 07:48:28 +09:00
|
|
|
#include <linux/in.h>
|
|
|
|
|
#include <linux/in6.h>
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* RxRPC socket address
|
|
|
|
|
*/
|
|
|
|
|
struct sockaddr_rxrpc {
|
2017-11-13 09:37:06 +09:00
|
|
|
__kernel_sa_family_t srx_family; /* address family */
|
|
|
|
|
__u16 srx_service; /* service desired */
|
|
|
|
|
__u16 transport_type; /* type of transport socket (SOCK_DGRAM) */
|
|
|
|
|
__u16 transport_len; /* length of transport address */
|
2007-04-27 07:48:28 +09:00
|
|
|
union {
|
2017-11-13 09:37:06 +09:00
|
|
|
__kernel_sa_family_t family; /* transport address family */
|
2007-04-27 07:48:28 +09:00
|
|
|
struct sockaddr_in sin; /* IPv4 transport address */
|
|
|
|
|
struct sockaddr_in6 sin6; /* IPv6 transport address */
|
|
|
|
|
} transport;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* RxRPC socket options
|
|
|
|
|
*/
|
|
|
|
|
#define RXRPC_SECURITY_KEY 1 /* [clnt] set client security key */
|
|
|
|
|
#define RXRPC_SECURITY_KEYRING 2 /* [srvr] set ring of server security keys */
|
2016-04-04 22:00:37 +09:00
|
|
|
#define RXRPC_EXCLUSIVE_CONNECTION 3 /* Deprecated; use RXRPC_EXCLUSIVE_CALL instead */
|
2007-04-27 07:48:28 +09:00
|
|
|
#define RXRPC_MIN_SECURITY_LEVEL 4 /* minimum security level */
|
rxrpc: Implement service upgrade
Implement AuriStor's service upgrade facility. There are three problems
that this is meant to deal with:
(1) Various of the standard AFS RPC calls have IPv4 addresses in their
requests and/or replies - but there's no room for including IPv6
addresses.
(2) Definition of IPv6-specific RPC operations in the standard operation
sets has not yet been achieved.
(3) One could envision the creation a new service on the same port that as
the original service. The new service could implement improved
operations - and the client could try this first, falling back to the
original service if it's not there.
Unfortunately, certain servers ignore packets addressed to a service
they don't implement and don't respond in any way - not even with an
ABORT. This means that the client must then wait for the call timeout
to occur.
What service upgrade does is to see if the connection is marked as being
'upgradeable' and if so, change the service ID in the server and thus the
request and reply formats. Note that the upgrade isn't mandatory - a
server that supports only the original call set will ignore the upgrade
request.
In the protocol, the procedure is then as follows:
(1) To request an upgrade, the first DATA packet in a new connection must
have the userStatus set to 1 (this is normally 0). The userStatus
value is normally ignored by the server.
(2) If the server doesn't support upgrading, the reply packets will
contain the same service ID as for the first request packet.
(3) If the server does support upgrading, all future reply packets on that
connection will contain the new service ID and the new service ID will
be applied to *all* further calls on that connection as well.
(4) The RPC op used to probe the upgrade must take the same request data
as the shadow call in the upgrade set (but may return a different
reply). GetCapability RPC ops were added to all standard sets for
just this purpose. Ops where the request formats differ cannot be
used for probing.
(5) The client must wait for completion of the probe before sending any
further RPC ops to the same destination. It should then use the
service ID that recvmsg() reported back in all future calls.
(6) The shadow service must have call definitions for all the operation
IDs defined by the original service.
To support service upgrading, a server should:
(1) Call bind() twice on its AF_RXRPC socket before calling listen().
Each bind() should supply a different service ID, but the transport
addresses must be the same. This allows the server to receive
requests with either service ID.
(2) Enable automatic upgrading by calling setsockopt(), specifying
RXRPC_UPGRADEABLE_SERVICE and passing in a two-member array of
unsigned shorts as the argument:
unsigned short optval[2];
This specifies a pair of service IDs. They must be different and must
match the service IDs bound to the socket. Member 0 is the service ID
to upgrade from and member 1 is the service ID to upgrade to.
Signed-off-by: David Howells <dhowells@redhat.com>
2017-06-05 22:30:49 +09:00
|
|
|
#define RXRPC_UPGRADEABLE_SERVICE 5 /* Upgrade service[0] -> service[1] */
|
2017-06-08 00:27:15 +09:00
|
|
|
#define RXRPC_SUPPORTED_CMSG 6 /* Get highest supported control message type */
|
2007-04-27 07:48:28 +09:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* RxRPC control messages
|
2016-06-10 07:02:51 +09:00
|
|
|
* - If neither abort or accept are specified, the message is a data message.
|
2007-04-27 07:48:28 +09:00
|
|
|
* - terminal messages mean that a user call ID tag can be recycled
|
2016-06-10 07:02:51 +09:00
|
|
|
* - s/r/- indicate whether these are applicable to sendmsg() and/or recvmsg()
|
2007-04-27 07:48:28 +09:00
|
|
|
*/
|
2017-06-08 00:27:15 +09:00
|
|
|
enum rxrpc_cmsg_type {
|
|
|
|
|
RXRPC_USER_CALL_ID = 1, /* sr: user call ID specifier */
|
|
|
|
|
RXRPC_ABORT = 2, /* sr: abort request / notification [terminal] */
|
|
|
|
|
RXRPC_ACK = 3, /* -r: [Service] RPC op final ACK received [terminal] */
|
|
|
|
|
RXRPC_NET_ERROR = 5, /* -r: network error received [terminal] */
|
|
|
|
|
RXRPC_BUSY = 6, /* -r: server busy received [terminal] */
|
|
|
|
|
RXRPC_LOCAL_ERROR = 7, /* -r: local error generated [terminal] */
|
|
|
|
|
RXRPC_NEW_CALL = 8, /* -r: [Service] new incoming call notification */
|
|
|
|
|
RXRPC_ACCEPT = 9, /* s-: [Service] accept request */
|
|
|
|
|
RXRPC_EXCLUSIVE_CALL = 10, /* s-: Call should be on exclusive connection */
|
|
|
|
|
RXRPC_UPGRADE_SERVICE = 11, /* s-: Request service upgrade for client call */
|
2017-06-07 20:40:03 +09:00
|
|
|
RXRPC_TX_LENGTH = 12, /* s-: Total length of Tx data */
|
2017-11-24 19:18:41 +09:00
|
|
|
RXRPC_SET_CALL_TIMEOUT = 13, /* s-: Set one or more call timeouts */
|
2017-06-08 00:27:15 +09:00
|
|
|
RXRPC__SUPPORTED
|
|
|
|
|
};
|
2007-04-27 07:48:28 +09:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* RxRPC security levels
|
|
|
|
|
*/
|
|
|
|
|
#define RXRPC_SECURITY_PLAIN 0 /* plain secure-checksummed packets only */
|
|
|
|
|
#define RXRPC_SECURITY_AUTH 1 /* authenticated packets */
|
|
|
|
|
#define RXRPC_SECURITY_ENCRYPT 2 /* encrypted packets */
|
|
|
|
|
|
2009-09-14 10:17:30 +09:00
|
|
|
/*
|
|
|
|
|
* RxRPC security indices
|
|
|
|
|
*/
|
|
|
|
|
#define RXRPC_SECURITY_NONE 0 /* no security protocol */
|
|
|
|
|
#define RXRPC_SECURITY_RXKAD 2 /* kaserver or kerberos 4 */
|
|
|
|
|
#define RXRPC_SECURITY_RXGK 4 /* gssapi-based */
|
|
|
|
|
#define RXRPC_SECURITY_RXK5 5 /* kerberos 5 */
|
2007-04-27 07:48:28 +09:00
|
|
|
|
2017-07-21 18:07:10 +09:00
|
|
|
/*
|
|
|
|
|
* RxRPC-level abort codes
|
|
|
|
|
*/
|
|
|
|
|
#define RX_CALL_DEAD -1 /* call/conn has been inactive and is shut down */
|
|
|
|
|
#define RX_INVALID_OPERATION -2 /* invalid operation requested / attempted */
|
|
|
|
|
#define RX_CALL_TIMEOUT -3 /* call timeout exceeded */
|
|
|
|
|
#define RX_EOF -4 /* unexpected end of data on read op */
|
|
|
|
|
#define RX_PROTOCOL_ERROR -5 /* low-level protocol error */
|
|
|
|
|
#define RX_USER_ABORT -6 /* generic user abort */
|
|
|
|
|
#define RX_ADDRINUSE -7 /* UDP port in use */
|
|
|
|
|
#define RX_DEBUGI_BADTYPE -8 /* bad debugging packet type */
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* (un)marshalling abort codes (rxgen)
|
|
|
|
|
*/
|
|
|
|
|
#define RXGEN_CC_MARSHAL -450
|
|
|
|
|
#define RXGEN_CC_UNMARSHAL -451
|
|
|
|
|
#define RXGEN_SS_MARSHAL -452
|
|
|
|
|
#define RXGEN_SS_UNMARSHAL -453
|
|
|
|
|
#define RXGEN_DECODE -454
|
|
|
|
|
#define RXGEN_OPCODE -455
|
|
|
|
|
#define RXGEN_SS_XDRFREE -456
|
|
|
|
|
#define RXGEN_CC_XDRFREE -457
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Rx kerberos security abort codes
|
|
|
|
|
* - unfortunately we have no generalised security abort codes to say things
|
|
|
|
|
* like "unsupported security", so we have to use these instead and hope the
|
|
|
|
|
* other side understands
|
|
|
|
|
*/
|
|
|
|
|
#define RXKADINCONSISTENCY 19270400 /* security module structure inconsistent */
|
|
|
|
|
#define RXKADPACKETSHORT 19270401 /* packet too short for security challenge */
|
|
|
|
|
#define RXKADLEVELFAIL 19270402 /* security level negotiation failed */
|
|
|
|
|
#define RXKADTICKETLEN 19270403 /* ticket length too short or too long */
|
|
|
|
|
#define RXKADOUTOFSEQUENCE 19270404 /* packet had bad sequence number */
|
|
|
|
|
#define RXKADNOAUTH 19270405 /* caller not authorised */
|
|
|
|
|
#define RXKADBADKEY 19270406 /* illegal key: bad parity or weak */
|
|
|
|
|
#define RXKADBADTICKET 19270407 /* security object was passed a bad ticket */
|
|
|
|
|
#define RXKADUNKNOWNKEY 19270408 /* ticket contained unknown key version number */
|
|
|
|
|
#define RXKADEXPIRED 19270409 /* authentication expired */
|
|
|
|
|
#define RXKADSEALEDINCON 19270410 /* sealed data inconsistent */
|
|
|
|
|
#define RXKADDATALEN 19270411 /* user data too long */
|
|
|
|
|
#define RXKADILLEGALLEVEL 19270412 /* caller not authorised to use encrypted conns */
|
|
|
|
|
|
2017-07-21 18:39:26 +09:00
|
|
|
#endif /* _UAPI_LINUX_RXRPC_H */
|