I'm trying to come up with a way of allowing userspace to present
authentication tokens to the kernel. What I've come up with involves the
addition of six system calls:
(1) setpag()
Put the calling process into a new process authentication group (PAG).
(2) getpag()
Get the PAG ID of the calling process.
(3) settok(const char *fs, const char *key, size_t size, const void *data)
Present data to the named filesystem as being the authentication token
for the specified key (eg: an AFS cell). If accepted, this token should
be stored in the PAG to which the calling process belongs.
(4) gettok(const char *fs, const char *key, size_t size, void *buffer)
Get a copy of an authentication token from the current PAG.
(5) deltok(const char *fs, const char *key)
Delete an authentication token from the current PAG.
(6) cleartoks(const char *fs)
Clear all the tokens belonging to a particular filesystem from the
current process's PAG.
The kernel would need to be modified in a number of ways:
(1) PAGs would need to be uniquely numbered managed kernel object. Each
process should belong to a PAG. Each PAG would contain a list of tokens.
(2) I'd like to include Trond's vfs_cred idea (move fsuid, fsgid and groups
out of the task_struct) and make the vfs_cred point to the PAG for the
process.
(3) The struct file_system_type would gain at least one new entry point:
struct file_system_type {
...
int settok(struct file_system_type *fstype,
const char *domain,
size_t size,
const void *data);
};
If this method returned 0, then the token would be added to the PAG's
list, if it returned an error, then it'd be ignored.
David
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/