Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S263239AbTEIM6x (ORCPT ); Fri, 9 May 2003 08:58:53 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S263186AbTEIM6x (ORCPT ); Fri, 9 May 2003 08:58:53 -0400 Received: from 237.oncolt.com ([213.86.99.237]:16118 "EHLO warthog.warthog") by vger.kernel.org with ESMTP id S263183AbTEIM6s (ORCPT ); Fri, 9 May 2003 08:58:48 -0400 From: David Howells To: Trond Myklebust , arjanv@redhat.com cc: dhowells@redhat.com, viro@parcelfarce.linux.theplanet.co.uk, drepper@redhat.com, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: [RFC] New authentication management syscalls User-Agent: EMH/1.14.1 SEMI/1.14.4 (Hosorogi) FLIM/1.14.4 (=?ISO-8859-4?Q?Kashiharajing=FE-mae?=) APEL/10.4 Emacs/21.2 (i386-redhat-linux-gnu) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.4 - "Hosorogi") Content-Type: text/plain; charset=US-ASCII Date: Fri, 09 May 2003 14:11:17 +0100 Message-ID: <11183.1052485877@warthog.warthog> Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2012 Lines: 62 Hi Trond, Arjan, I'm trying to come up with a way of allowing userspace to present authentication tokens to the kernel. What I've come up with involves the addition of six system calls: (1) setpag() Put the calling process into a new process authentication group (PAG). (2) getpag() Get the PAG ID of the calling process. (3) settok(const char *fs, const char *key, size_t size, const void *data) Present data to the named filesystem as being the authentication token for the specified key (eg: an AFS cell). If accepted, this token should be stored in the PAG to which the calling process belongs. (4) gettok(const char *fs, const char *key, size_t size, void *buffer) Get a copy of an authentication token from the current PAG. (5) deltok(const char *fs, const char *key) Delete an authentication token from the current PAG. (6) cleartoks(const char *fs) Clear all the tokens belonging to a particular filesystem from the current process's PAG. The kernel would need to be modified in a number of ways: (1) PAGs would need to be uniquely numbered managed kernel object. Each process should belong to a PAG. Each PAG would contain a list of tokens. (2) I'd like to include Trond's vfs_cred idea (move fsuid, fsgid and groups out of the task_struct) and make the vfs_cred point to the PAG for the process. (3) The struct file_system_type would gain at least one new entry point: struct file_system_type { ... int settok(struct file_system_type *fstype, const char *domain, size_t size, const void *data); }; If this method returned 0, then the token would be added to the PAG's list, if it returned an error, then it'd be ignored. David - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/