Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/include/net/netlabel.h 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) /* SPDX-License-Identifier: GPL-2.0-or-later */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * NetLabel System
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  * The NetLabel system manages static and dynamic label mappings for network
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  * protocols such as CIPSO and RIPSO.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8)  * Author: Paul Moore <paul@paul-moore.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12)  * (c) Copyright Hewlett-Packard Development Company, L.P., 2006, 2008
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) #ifndef _NETLABEL_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) #define _NETLABEL_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) #include <linux/types.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) #include <linux/slab.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) #include <linux/net.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) #include <linux/skbuff.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) #include <linux/in.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) #include <linux/in6.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) #include <net/netlink.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) #include <net/request_sock.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) #include <linux/refcount.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) struct cipso_v4_doi;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) struct calipso_doi;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32)  * NetLabel - A management interface for maintaining network packet label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33)  *            mapping tables for explicit packet labling protocols.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35)  * Network protocols such as CIPSO and RIPSO require a label translation layer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36)  * to convert the label on the packet into something meaningful on the host
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37)  * machine.  In the current Linux implementation these mapping tables live
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38)  * inside the kernel; NetLabel provides a mechanism for user space applications
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39)  * to manage these mapping tables.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41)  * NetLabel makes use of the Generic NETLINK mechanism as a transport layer to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42)  * send messages between kernel and user space.  The general format of a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43)  * NetLabel message is shown below:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45)  *  +-----------------+-------------------+--------- --- -- -
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46)  *  | struct nlmsghdr | struct genlmsghdr | payload
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47)  *  +-----------------+-------------------+--------- --- -- -
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49)  * The 'nlmsghdr' and 'genlmsghdr' structs should be dealt with like normal.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50)  * The payload is dependent on the subsystem specified in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51)  * 'nlmsghdr->nlmsg_type' and should be defined below, supporting functions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52)  * should be defined in the corresponding net/netlabel/netlabel_<subsys>.h|c
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53)  * file.  All of the fields in the NetLabel payload are NETLINK attributes, see
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54)  * the include/net/netlink.h file for more information on NETLINK attributes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59)  * NetLabel NETLINK protocol
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) /* NetLabel NETLINK protocol version
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63)  *  1: initial version
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64)  *  2: added static labels for unlabeled connections
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65)  *  3: network selectors added to the NetLabel/LSM domain mapping and the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66)  *     CIPSO_V4_MAP_LOCAL CIPSO mapping was added
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) #define NETLBL_PROTO_VERSION            3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) /* NetLabel NETLINK types/families */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) #define NETLBL_NLTYPE_NONE              0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) #define NETLBL_NLTYPE_MGMT              1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) #define NETLBL_NLTYPE_MGMT_NAME         "NLBL_MGMT"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) #define NETLBL_NLTYPE_RIPSO             2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) #define NETLBL_NLTYPE_RIPSO_NAME        "NLBL_RIPSO"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) #define NETLBL_NLTYPE_CIPSOV4           3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) #define NETLBL_NLTYPE_CIPSOV4_NAME      "NLBL_CIPSOv4"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) #define NETLBL_NLTYPE_CIPSOV6           4
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) #define NETLBL_NLTYPE_CIPSOV6_NAME      "NLBL_CIPSOv6"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) #define NETLBL_NLTYPE_UNLABELED         5
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) #define NETLBL_NLTYPE_UNLABELED_NAME    "NLBL_UNLBL"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) #define NETLBL_NLTYPE_ADDRSELECT        6
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) #define NETLBL_NLTYPE_ADDRSELECT_NAME   "NLBL_ADRSEL"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) #define NETLBL_NLTYPE_CALIPSO           7
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) #define NETLBL_NLTYPE_CALIPSO_NAME      "NLBL_CALIPSO"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88)  * NetLabel - Kernel API for accessing the network packet label mappings.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90)  * The following functions are provided for use by other kernel modules,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91)  * specifically kernel LSM modules, to provide a consistent, transparent API
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92)  * for dealing with explicit packet labeling protocols such as CIPSO and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93)  * RIPSO.  The functions defined here are implemented in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94)  * net/netlabel/netlabel_kapi.c file.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) /* NetLabel audit information */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) struct netlbl_audit {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 	u32 secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 	kuid_t loginuid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 	unsigned int sessionid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106)  * LSM security attributes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110)  * struct netlbl_lsm_cache - NetLabel LSM security attribute cache
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111)  * @refcount: atomic reference counter
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112)  * @free: LSM supplied function to free the cache data
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113)  * @data: LSM supplied cache data
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116)  * This structure is provided for LSMs which wish to make use of the NetLabel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117)  * caching mechanism to store LSM specific data/attributes in the NetLabel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118)  * cache.  If the LSM has to perform a lot of translation from the NetLabel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119)  * security attributes into it's own internal representation then the cache
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120)  * mechanism can provide a way to eliminate some or all of that translation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121)  * overhead on a cache hit.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) struct netlbl_lsm_cache {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 	refcount_t refcount;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) 	void (*free) (const void *data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 	void *data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131)  * struct netlbl_lsm_catmap - NetLabel LSM secattr category bitmap
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132)  * @startbit: the value of the lowest order bit in the bitmap
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133)  * @bitmap: the category bitmap
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134)  * @next: pointer to the next bitmap "node" or NULL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137)  * This structure is used to represent category bitmaps.  Due to the large
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138)  * number of categories supported by most labeling protocols it is not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139)  * practical to transfer a full bitmap internally so NetLabel adopts a sparse
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140)  * bitmap structure modeled after SELinux's ebitmap structure.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141)  * The catmap bitmap field MUST be a power of two in length and large
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142)  * enough to hold at least 240 bits.  Special care (i.e. check the code!)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143)  * should be used when changing these values as the LSM implementation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144)  * probably has functions which rely on the sizes of these types to speed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145)  * processing.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) #define NETLBL_CATMAP_MAPTYPE           u64
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) #define NETLBL_CATMAP_MAPCNT            4
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) #define NETLBL_CATMAP_MAPSIZE           (sizeof(NETLBL_CATMAP_MAPTYPE) * 8)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) #define NETLBL_CATMAP_SIZE              (NETLBL_CATMAP_MAPSIZE * \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) 					 NETLBL_CATMAP_MAPCNT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) #define NETLBL_CATMAP_BIT               (NETLBL_CATMAP_MAPTYPE)0x01
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) struct netlbl_lsm_catmap {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) 	u32 startbit;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) 	NETLBL_CATMAP_MAPTYPE bitmap[NETLBL_CATMAP_MAPCNT];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) 	struct netlbl_lsm_catmap *next;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161)  * struct netlbl_lsm_secattr - NetLabel LSM security attributes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162)  * @flags: indicate structure attributes, see NETLBL_SECATTR_*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163)  * @type: indicate the NLTYPE of the attributes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164)  * @domain: the NetLabel LSM domain
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165)  * @cache: NetLabel LSM specific cache
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166)  * @attr.mls: MLS sensitivity label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167)  * @attr.mls.cat: MLS category bitmap
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168)  * @attr.mls.lvl: MLS sensitivity level
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169)  * @attr.secid: LSM specific secid token
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172)  * This structure is used to pass security attributes between NetLabel and the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173)  * LSM modules.  The flags field is used to specify which fields within the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174)  * struct are valid and valid values can be created by bitwise OR'ing the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175)  * NETLBL_SECATTR_* defines.  The domain field is typically set by the LSM to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176)  * specify domain specific configuration settings and is not usually used by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177)  * NetLabel itself when returning security attributes to the LSM.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) struct netlbl_lsm_secattr {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) 	u32 flags;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) 	/* bitmap values for 'flags' */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) #define NETLBL_SECATTR_NONE             0x00000000
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) #define NETLBL_SECATTR_DOMAIN           0x00000001
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) #define NETLBL_SECATTR_DOMAIN_CPY       (NETLBL_SECATTR_DOMAIN | \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) 					 NETLBL_SECATTR_FREE_DOMAIN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) #define NETLBL_SECATTR_CACHE            0x00000002
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) #define NETLBL_SECATTR_MLS_LVL          0x00000004
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) #define NETLBL_SECATTR_MLS_CAT          0x00000008
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) #define NETLBL_SECATTR_SECID            0x00000010
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) 	/* bitmap meta-values for 'flags' */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) #define NETLBL_SECATTR_FREE_DOMAIN      0x01000000
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) #define NETLBL_SECATTR_CACHEABLE        (NETLBL_SECATTR_MLS_LVL | \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) 					 NETLBL_SECATTR_MLS_CAT | \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) 					 NETLBL_SECATTR_SECID)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) 	u32 type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) 	char *domain;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) 	struct netlbl_lsm_cache *cache;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) 	struct {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) 		struct {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) 			struct netlbl_lsm_catmap *cat;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) 			u32 lvl;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) 		} mls;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) 		u32 secid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) 	} attr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209)  * struct netlbl_calipso_ops - NetLabel CALIPSO operations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210)  * @doi_add: add a CALIPSO DOI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211)  * @doi_free: free a CALIPSO DOI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212)  * @doi_getdef: returns a reference to a DOI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213)  * @doi_putdef: releases a reference of a DOI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214)  * @doi_walk: enumerate the DOI list
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215)  * @sock_getattr: retrieve the socket's attr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216)  * @sock_setattr: set the socket's attr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217)  * @sock_delattr: remove the socket's attr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218)  * @req_setattr: set the req socket's attr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219)  * @req_delattr: remove the req socket's attr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220)  * @opt_getattr: retrieve attr from memory block
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221)  * @skbuff_optptr: find option in packet
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222)  * @skbuff_setattr: set the skbuff's attr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223)  * @skbuff_delattr: remove the skbuff's attr
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224)  * @cache_invalidate: invalidate cache
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225)  * @cache_add: add cache entry
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228)  * This structure is filled out by the CALIPSO engine and passed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229)  * to the NetLabel core via a call to netlbl_calipso_ops_register().
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230)  * It enables the CALIPSO engine (and hence IPv6) to be compiled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231)  * as a module.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) struct netlbl_calipso_ops {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) 	int (*doi_add)(struct calipso_doi *doi_def,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) 		       struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) 	void (*doi_free)(struct calipso_doi *doi_def);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) 	int (*doi_remove)(u32 doi, struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) 	struct calipso_doi *(*doi_getdef)(u32 doi);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) 	void (*doi_putdef)(struct calipso_doi *doi_def);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) 	int (*doi_walk)(u32 *skip_cnt,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) 			int (*callback)(struct calipso_doi *doi_def, void *arg),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) 			void *cb_arg);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) 	int (*sock_getattr)(struct sock *sk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) 			    struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) 	int (*sock_setattr)(struct sock *sk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) 			    const struct calipso_doi *doi_def,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) 			    const struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) 	void (*sock_delattr)(struct sock *sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) 	int (*req_setattr)(struct request_sock *req,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) 			   const struct calipso_doi *doi_def,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) 			   const struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) 	void (*req_delattr)(struct request_sock *req);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) 	int (*opt_getattr)(const unsigned char *calipso,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) 			   struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) 	unsigned char *(*skbuff_optptr)(const struct sk_buff *skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) 	int (*skbuff_setattr)(struct sk_buff *skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) 			      const struct calipso_doi *doi_def,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) 			      const struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) 	int (*skbuff_delattr)(struct sk_buff *skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) 	void (*cache_invalidate)(void);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) 	int (*cache_add)(const unsigned char *calipso_ptr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) 			 const struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266)  * LSM security attribute operations (inline)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270)  * netlbl_secattr_cache_alloc - Allocate and initialize a secattr cache
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271)  * @flags: the memory allocation flags
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274)  * Allocate and initialize a netlbl_lsm_cache structure.  Returns a pointer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275)  * on success, NULL on failure.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) static inline struct netlbl_lsm_cache *netlbl_secattr_cache_alloc(gfp_t flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) 	struct netlbl_lsm_cache *cache;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) 	cache = kzalloc(sizeof(*cache), flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) 	if (cache)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) 		refcount_set(&cache->refcount, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) 	return cache;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289)  * netlbl_secattr_cache_free - Frees a netlbl_lsm_cache struct
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290)  * @cache: the struct to free
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293)  * Frees @secattr including all of the internal buffers.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) static inline void netlbl_secattr_cache_free(struct netlbl_lsm_cache *cache)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) 	if (!refcount_dec_and_test(&cache->refcount))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) 		return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) 	if (cache->free)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) 		cache->free(cache->data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) 	kfree(cache);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307)  * netlbl_catmap_alloc - Allocate a LSM secattr catmap
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308)  * @flags: memory allocation flags
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311)  * Allocate memory for a LSM secattr catmap, returns a pointer on success, NULL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312)  * on failure.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) static inline struct netlbl_lsm_catmap *netlbl_catmap_alloc(gfp_t flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) 	return kzalloc(sizeof(struct netlbl_lsm_catmap), flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321)  * netlbl_catmap_free - Free a LSM secattr catmap
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322)  * @catmap: the category bitmap
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325)  * Free a LSM secattr catmap.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) static inline void netlbl_catmap_free(struct netlbl_lsm_catmap *catmap)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) 	struct netlbl_lsm_catmap *iter;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) 	while (catmap) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333) 		iter = catmap;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) 		catmap = catmap->next;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) 		kfree(iter);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340)  * netlbl_secattr_init - Initialize a netlbl_lsm_secattr struct
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341)  * @secattr: the struct to initialize
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344)  * Initialize an already allocated netlbl_lsm_secattr struct.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) static inline void netlbl_secattr_init(struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349) 	memset(secattr, 0, sizeof(*secattr));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353)  * netlbl_secattr_destroy - Clears a netlbl_lsm_secattr struct
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354)  * @secattr: the struct to clear
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357)  * Destroys the @secattr struct, including freeing all of the internal buffers.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358)  * The struct must be reset with a call to netlbl_secattr_init() before reuse.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) static inline void netlbl_secattr_destroy(struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363) 	if (secattr->flags & NETLBL_SECATTR_FREE_DOMAIN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) 		kfree(secattr->domain);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) 	if (secattr->flags & NETLBL_SECATTR_CACHE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) 		netlbl_secattr_cache_free(secattr->cache);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) 	if (secattr->flags & NETLBL_SECATTR_MLS_CAT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368) 		netlbl_catmap_free(secattr->attr.mls.cat);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372)  * netlbl_secattr_alloc - Allocate and initialize a netlbl_lsm_secattr struct
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373)  * @flags: the memory allocation flags
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376)  * Allocate and initialize a netlbl_lsm_secattr struct.  Returns a valid
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377)  * pointer on success, or NULL on failure.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) static inline struct netlbl_lsm_secattr *netlbl_secattr_alloc(gfp_t flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) 	return kzalloc(sizeof(struct netlbl_lsm_secattr), flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386)  * netlbl_secattr_free - Frees a netlbl_lsm_secattr struct
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387)  * @secattr: the struct to free
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389)  * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390)  * Frees @secattr including all of the internal buffers.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393) static inline void netlbl_secattr_free(struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) 	netlbl_secattr_destroy(secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396) 	kfree(secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) #ifdef CONFIG_NETLABEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401)  * LSM configuration operations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403) int netlbl_cfg_map_del(const char *domain,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) 		       u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405) 		       const void *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406) 		       const void *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) 		       struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) int netlbl_cfg_unlbl_map_add(const char *domain,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) 			     u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) 			     const void *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) 			     const void *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412) 			     struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413) int netlbl_cfg_unlbl_static_add(struct net *net,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) 				const char *dev_name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) 				const void *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416) 				const void *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) 				u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418) 				u32 secid,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419) 				struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420) int netlbl_cfg_unlbl_static_del(struct net *net,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) 				const char *dev_name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422) 				const void *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423) 				const void *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424) 				u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) 				struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426) int netlbl_cfg_cipsov4_add(struct cipso_v4_doi *doi_def,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) 			   struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) void netlbl_cfg_cipsov4_del(u32 doi, struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429) int netlbl_cfg_cipsov4_map_add(u32 doi,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430) 			       const char *domain,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431) 			       const struct in_addr *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) 			       const struct in_addr *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) 			       struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434) int netlbl_cfg_calipso_add(struct calipso_doi *doi_def,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) 			   struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436) void netlbl_cfg_calipso_del(u32 doi, struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437) int netlbl_cfg_calipso_map_add(u32 doi,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438) 			       const char *domain,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) 			       const struct in6_addr *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440) 			       const struct in6_addr *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) 			       struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443)  * LSM security attribute operations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) int netlbl_catmap_walk(struct netlbl_lsm_catmap *catmap, u32 offset);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446) int netlbl_catmap_walkrng(struct netlbl_lsm_catmap *catmap, u32 offset);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) int netlbl_catmap_getlong(struct netlbl_lsm_catmap *catmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448) 			  u32 *offset,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) 			  unsigned long *bitmap);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450) int netlbl_catmap_setbit(struct netlbl_lsm_catmap **catmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451) 			 u32 bit,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452) 			 gfp_t flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453) int netlbl_catmap_setrng(struct netlbl_lsm_catmap **catmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454) 			 u32 start,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455) 			 u32 end,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) 			 gfp_t flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457) int netlbl_catmap_setlong(struct netlbl_lsm_catmap **catmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458) 			  u32 offset,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459) 			  unsigned long bitmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460) 			  gfp_t flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 461) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 462) /* Bitmap functions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 463)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 464) int netlbl_bitmap_walk(const unsigned char *bitmap, u32 bitmap_len,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 465) 		       u32 offset, u8 state);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 466) void netlbl_bitmap_setbit(unsigned char *bitmap, u32 bit, u8 state);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 467) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 468) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 469)  * LSM protocol operations (NetLabel LSM/kernel API)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 470)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 471) int netlbl_enabled(void);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 472) int netlbl_sock_setattr(struct sock *sk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 473) 			u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 474) 			const struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 475) void netlbl_sock_delattr(struct sock *sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 476) int netlbl_sock_getattr(struct sock *sk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 477) 			struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 478) int netlbl_conn_setattr(struct sock *sk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 479) 			struct sockaddr *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 480) 			const struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 481) int netlbl_req_setattr(struct request_sock *req,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 482) 		       const struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 483) void netlbl_req_delattr(struct request_sock *req);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 484) int netlbl_skbuff_setattr(struct sk_buff *skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 485) 			  u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 486) 			  const struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 487) int netlbl_skbuff_getattr(const struct sk_buff *skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 488) 			  u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 489) 			  struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 490) void netlbl_skbuff_err(struct sk_buff *skb, u16 family, int error, int gateway);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 491) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 492) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 493)  * LSM label mapping cache operations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 494)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 495) void netlbl_cache_invalidate(void);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 496) int netlbl_cache_add(const struct sk_buff *skb, u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 497) 		     const struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 498) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 499) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 500)  * Protocol engine operations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 501)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 502) struct audit_buffer *netlbl_audit_start(int type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 503) 					struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 504) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 505) static inline int netlbl_cfg_map_del(const char *domain,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 506) 				     u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 507) 				     const void *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 508) 				     const void *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 509) 				     struct netlbl_audit *audit_info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 510) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 511) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 512) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 513) static inline int netlbl_cfg_unlbl_map_add(const char *domain,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 514) 					   u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 515) 					   void *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 516) 					   void *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 517) 					   struct netlbl_audit *audit_info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 518) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 519) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 520) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 521) static inline int netlbl_cfg_unlbl_static_add(struct net *net,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 522) 					      const char *dev_name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 523) 					      const void *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 524) 					      const void *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 525) 					      u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 526) 					      u32 secid,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 527) 					      struct netlbl_audit *audit_info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 528) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 529) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 530) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 531) static inline int netlbl_cfg_unlbl_static_del(struct net *net,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 532) 					      const char *dev_name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 533) 					      const void *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 534) 					      const void *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 535) 					      u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 536) 					      struct netlbl_audit *audit_info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 537) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 538) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 539) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 540) static inline int netlbl_cfg_cipsov4_add(struct cipso_v4_doi *doi_def,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 541) 					 struct netlbl_audit *audit_info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 542) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 543) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 544) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 545) static inline void netlbl_cfg_cipsov4_del(u32 doi,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 546) 					  struct netlbl_audit *audit_info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 547) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 548) 	return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 549) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 550) static inline int netlbl_cfg_cipsov4_map_add(u32 doi,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 551) 					     const char *domain,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 552) 					     const struct in_addr *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 553) 					     const struct in_addr *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 554) 					     struct netlbl_audit *audit_info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 555) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 556) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 557) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 558) static inline int netlbl_cfg_calipso_add(struct calipso_doi *doi_def,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 559) 					 struct netlbl_audit *audit_info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 560) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 561) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 562) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 563) static inline void netlbl_cfg_calipso_del(u32 doi,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 564) 					  struct netlbl_audit *audit_info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 565) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 566) 	return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 567) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 568) static inline int netlbl_cfg_calipso_map_add(u32 doi,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 569) 					     const char *domain,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 570) 					     const struct in6_addr *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 571) 					     const struct in6_addr *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 572) 					     struct netlbl_audit *audit_info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 573) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 574) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 575) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 576) static inline int netlbl_catmap_walk(struct netlbl_lsm_catmap *catmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 577) 				     u32 offset)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 578) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 579) 	return -ENOENT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 580) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 581) static inline int netlbl_catmap_walkrng(struct netlbl_lsm_catmap *catmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 582) 					u32 offset)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 583) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 584) 	return -ENOENT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 585) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 586) static inline int netlbl_catmap_getlong(struct netlbl_lsm_catmap *catmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 587) 					u32 *offset,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 588) 					unsigned long *bitmap)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 589) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 590) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 591) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 592) static inline int netlbl_catmap_setbit(struct netlbl_lsm_catmap **catmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 593) 				       u32 bit,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 594) 				       gfp_t flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 595) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 596) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 597) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 598) static inline int netlbl_catmap_setrng(struct netlbl_lsm_catmap **catmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 599) 				       u32 start,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 600) 				       u32 end,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 601) 				       gfp_t flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 602) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 603) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 604) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 605) static inline int netlbl_catmap_setlong(struct netlbl_lsm_catmap **catmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 606) 					u32 offset,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 607) 					unsigned long bitmap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 608) 					gfp_t flags)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 609) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 610) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 611) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 612) static inline int netlbl_enabled(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 613) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 614) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 615) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 616) static inline int netlbl_sock_setattr(struct sock *sk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 617) 				      u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 618) 				      const struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 619) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 620) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 621) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 622) static inline void netlbl_sock_delattr(struct sock *sk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 623) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 624) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 625) static inline int netlbl_sock_getattr(struct sock *sk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 626) 				      struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 627) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 628) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 629) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 630) static inline int netlbl_conn_setattr(struct sock *sk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 631) 				      struct sockaddr *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 632) 				      const struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 633) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 634) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 635) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 636) static inline int netlbl_req_setattr(struct request_sock *req,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 637) 				     const struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 638) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 639) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 640) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 641) static inline void netlbl_req_delattr(struct request_sock *req)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 642) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 643) 	return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 644) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 645) static inline int netlbl_skbuff_setattr(struct sk_buff *skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 646) 				      u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 647) 				      const struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 648) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 649) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 650) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 651) static inline int netlbl_skbuff_getattr(const struct sk_buff *skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 652) 					u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 653) 					struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 654) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 655) 	return -ENOSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 656) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 657) static inline void netlbl_skbuff_err(struct sk_buff *skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 658) 				     int error,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 659) 				     int gateway)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 660) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 661) 	return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 662) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 663) static inline void netlbl_cache_invalidate(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 664) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 665) 	return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 666) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 667) static inline int netlbl_cache_add(const struct sk_buff *skb, u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 668) 				   const struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 669) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 670) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 671) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 672) static inline struct audit_buffer *netlbl_audit_start(int type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 673) 						struct netlbl_audit *audit_info)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 674) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 675) 	return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 676) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 677) #endif /* CONFIG_NETLABEL */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 678) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 679) const struct netlbl_calipso_ops *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 680) netlbl_calipso_ops_register(const struct netlbl_calipso_ops *ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 681) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 682) #endif /* _NETLABEL_H */
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.