^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) /* SPDX-License-Identifier: GPL-2.0-or-later */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) * NetLabel Unlabeled Support
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) * This file defines functions for dealing with unlabeled packets for the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) * NetLabel system. The NetLabel system manages static and dynamic label
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) * mappings for network protocols such as CIPSO and RIPSO.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) * Author: Paul Moore <paul@paul-moore.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) #ifndef _NETLABEL_UNLABELED_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) #define _NETLABEL_UNLABELED_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) #include <net/netlabel.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) * The following NetLabel payloads are supported by the Unlabeled subsystem.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) * o STATICADD
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) * This message is sent from an application to add a new static label for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) * incoming unlabeled connections.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) * Required attributes:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) * NLBL_UNLABEL_A_IFACE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) * NLBL_UNLABEL_A_SECCTX
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) * If IPv4 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) * NLBL_UNLABEL_A_IPV4ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) * NLBL_UNLABEL_A_IPV4MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) * If IPv6 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) * NLBL_UNLABEL_A_IPV6ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) * NLBL_UNLABEL_A_IPV6MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) * o STATICREMOVE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) * This message is sent from an application to remove an existing static
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) * label for incoming unlabeled connections.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) * Required attributes:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) * NLBL_UNLABEL_A_IFACE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) * If IPv4 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) * NLBL_UNLABEL_A_IPV4ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) * NLBL_UNLABEL_A_IPV4MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) * If IPv6 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) * NLBL_UNLABEL_A_IPV6ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) * NLBL_UNLABEL_A_IPV6MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) * o STATICLIST
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) * This message can be sent either from an application or by the kernel in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) * response to an application generated STATICLIST message. When sent by an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) * application there is no payload and the NLM_F_DUMP flag should be set.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) * The kernel should response with a series of the following messages.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) * Required attributes:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) * NLBL_UNLABEL_A_IFACE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) * NLBL_UNLABEL_A_SECCTX
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) * If IPv4 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) * NLBL_UNLABEL_A_IPV4ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) * NLBL_UNLABEL_A_IPV4MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) * If IPv6 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) * NLBL_UNLABEL_A_IPV6ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) * NLBL_UNLABEL_A_IPV6MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) * o STATICADDDEF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) * This message is sent from an application to set the default static
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) * label for incoming unlabeled connections.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) * Required attribute:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) * NLBL_UNLABEL_A_SECCTX
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) * If IPv4 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) * NLBL_UNLABEL_A_IPV4ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) * NLBL_UNLABEL_A_IPV4MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) * If IPv6 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) * NLBL_UNLABEL_A_IPV6ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) * NLBL_UNLABEL_A_IPV6MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) * o STATICREMOVEDEF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) * This message is sent from an application to remove the existing default
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) * static label for incoming unlabeled connections.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) * If IPv4 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) * NLBL_UNLABEL_A_IPV4ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) * NLBL_UNLABEL_A_IPV4MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) * If IPv6 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) * NLBL_UNLABEL_A_IPV6ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) * NLBL_UNLABEL_A_IPV6MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) * o STATICLISTDEF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) * This message can be sent either from an application or by the kernel in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) * response to an application generated STATICLISTDEF message. When sent by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) * an application there is no payload and the NLM_F_DUMP flag should be set.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) * The kernel should response with the following message.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) * Required attribute:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) * NLBL_UNLABEL_A_SECCTX
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) * If IPv4 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) * NLBL_UNLABEL_A_IPV4ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) * NLBL_UNLABEL_A_IPV4MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) * If IPv6 is specified the following attributes are required:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) * NLBL_UNLABEL_A_IPV6ADDR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) * NLBL_UNLABEL_A_IPV6MASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) * o ACCEPT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) * This message is sent from an application to specify if the kernel should
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) * allow unlabled packets to pass if they do not match any of the static
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) * mappings defined in the unlabeled module.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) * Required attributes:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) * NLBL_UNLABEL_A_ACPTFLG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) * o LIST
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) * This message can be sent either from an application or by the kernel in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) * response to an application generated LIST message. When sent by an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) * application there is no payload. The kernel should respond to a LIST
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) * message with a LIST message on success.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) * Required attributes:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) * NLBL_UNLABEL_A_ACPTFLG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) /* NetLabel Unlabeled commands */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) enum {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) NLBL_UNLABEL_C_UNSPEC,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) NLBL_UNLABEL_C_ACCEPT,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) NLBL_UNLABEL_C_LIST,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) NLBL_UNLABEL_C_STATICADD,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) NLBL_UNLABEL_C_STATICREMOVE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) NLBL_UNLABEL_C_STATICLIST,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) NLBL_UNLABEL_C_STATICADDDEF,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) NLBL_UNLABEL_C_STATICREMOVEDEF,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) NLBL_UNLABEL_C_STATICLISTDEF,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) __NLBL_UNLABEL_C_MAX,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) /* NetLabel Unlabeled attributes */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) enum {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) NLBL_UNLABEL_A_UNSPEC,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) NLBL_UNLABEL_A_ACPTFLG,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) /* (NLA_U8)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) * if true then unlabeled packets are allowed to pass, else unlabeled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) * packets are rejected */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) NLBL_UNLABEL_A_IPV6ADDR,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) /* (NLA_BINARY, struct in6_addr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) * an IPv6 address */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) NLBL_UNLABEL_A_IPV6MASK,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) /* (NLA_BINARY, struct in6_addr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) * an IPv6 address mask */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) NLBL_UNLABEL_A_IPV4ADDR,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) /* (NLA_BINARY, struct in_addr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) * an IPv4 address */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) NLBL_UNLABEL_A_IPV4MASK,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) /* (NLA_BINARY, struct in_addr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) * and IPv4 address mask */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) NLBL_UNLABEL_A_IFACE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) /* (NLA_NULL_STRING)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) * network interface */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) NLBL_UNLABEL_A_SECCTX,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) /* (NLA_BINARY)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) * a LSM specific security context */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) __NLBL_UNLABEL_A_MAX,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) #define NLBL_UNLABEL_A_MAX (__NLBL_UNLABEL_A_MAX - 1)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) /* NetLabel protocol functions */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) int netlbl_unlabel_genl_init(void);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) /* Unlabeled connection hash table size */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) /* XXX - currently this number is an uneducated guess */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) #define NETLBL_UNLHSH_BITSIZE 7
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) /* General Unlabeled init function */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) int netlbl_unlabel_init(u32 size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) /* Static/Fallback label management functions */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) int netlbl_unlhsh_add(struct net *net,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) const char *dev_name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) const void *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) const void *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) u32 addr_len,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) u32 secid,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) int netlbl_unlhsh_remove(struct net *net,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) const char *dev_name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) const void *addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) const void *mask,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) u32 addr_len,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) struct netlbl_audit *audit_info);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) /* Process Unlabeled incoming network packets */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) int netlbl_unlabel_getattr(const struct sk_buff *skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) u16 family,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) /* Set the default configuration to allow Unlabeled packets */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) int netlbl_unlabel_defconf(void);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) #endif
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags