Return-Path: <linux-kernel-owner+willy=40w.ods.org@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S263239AbTEIM6x (ORCPT <rfc822;willy@w.ods.org>);
	Fri, 9 May 2003 08:58:53 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S263186AbTEIM6x
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Fri, 9 May 2003 08:58:53 -0400
Received: from 237.oncolt.com ([213.86.99.237]:16118 "EHLO warthog.warthog")
	by vger.kernel.org with ESMTP id S263183AbTEIM6s (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Fri, 9 May 2003 08:58:48 -0400
From: David Howells <dhowells@redhat.com>
To: Trond Myklebust <trond.myklebust@fys.uio.no>, arjanv@redhat.com
cc: dhowells@redhat.com, viro@parcelfarce.linux.theplanet.co.uk,
       drepper@redhat.com, linux-kernel@vger.kernel.org,
       linux-fsdevel@vger.kernel.org
Subject: [RFC] New authentication management syscalls
User-Agent: EMH/1.14.1 SEMI/1.14.4 (Hosorogi) FLIM/1.14.4
 (=?ISO-8859-4?Q?Kashiharajing=FE-mae?=) APEL/10.4 Emacs/21.2
 (i386-redhat-linux-gnu) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.4 - "Hosorogi")
Content-Type: text/plain; charset=US-ASCII
Date: Fri, 09 May 2003 14:11:17 +0100
Message-ID: <11183.1052485877@warthog.warthog>
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2012
Lines: 62


Hi Trond, Arjan,

I'm trying to come up with a way of allowing userspace to present
authentication tokens to the kernel. What I've come up with involves the
addition of six system calls:

 (1) setpag()

     Put the calling process into a new process authentication group (PAG).

 (2) getpag()

     Get the PAG ID of the calling process.

 (3) settok(const char *fs, const char *key, size_t size, const void *data)

     Present data to the named filesystem as being the authentication token
     for the specified key (eg: an AFS cell). If accepted, this token should
     be stored in the PAG to which the calling process belongs.

 (4) gettok(const char *fs, const char *key, size_t size, void *buffer)

     Get a copy of an authentication token from the current PAG.

 (5) deltok(const char *fs, const char *key)

     Delete an authentication token from the current PAG.

 (6) cleartoks(const char *fs)

     Clear all the tokens belonging to a particular filesystem from the
     current process's PAG.

The kernel would need to be modified in a number of ways:

 (1) PAGs would need to be uniquely numbered managed kernel object. Each
     process should belong to a PAG. Each PAG would contain a list of tokens.

 (2) I'd like to include Trond's vfs_cred idea (move fsuid, fsgid and groups
     out of the task_struct) and make the vfs_cred point to the PAG for the
     process.

 (3) The struct file_system_type would gain at least one new entry point:

	struct file_system_type {
	        ...
		int settok(struct file_system_type *fstype,
			   const char *domain,
			   size_t size,
			   const void *data);
	};

     If this method returned 0, then the token would be added to the PAG's
     list, if it returned an error, then it'd be ignored.

David
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/