X-Git-Url: http://pilppa.org/gitweb/?a=blobdiff_plain;f=include%2Fnet%2Fnetlabel.h;h=e4d2d6baa98388e4d673f5f57ddc20405a3fdb69;hb=29e92f483603d97dd1d2bafcb32101287dfac4ad;hp=b3213c7c53096d97b45b5e51ca842ba01284fefc;hpb=bd45ac0c5daae35e7c71138172e63df5cf644cf6;p=linux-2.6-omap-h63xx.git diff --git a/include/net/netlabel.h b/include/net/netlabel.h index b3213c7c530..e4d2d6baa98 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -36,6 +36,8 @@ #include #include +struct cipso_v4_doi; + /* * NetLabel - A management interface for maintaining network packet label * mapping tables for explicit packet labling protocols. @@ -101,14 +103,9 @@ struct netlbl_audit { u32 secid; uid_t loginuid; + u32 sessionid; }; -/* Domain mapping definition struct */ -struct netlbl_dom_map; - -/* Domain mapping operations */ -int netlbl_domhsh_remove(const char *domain, struct netlbl_audit *audit_info); - /* * LSM security attributes */ @@ -166,7 +163,7 @@ struct netlbl_lsm_secattr_catmap { /** * struct netlbl_lsm_secattr - NetLabel LSM security attributes - * @flags: indicate which attributes are contained in this structure + * @flags: indicate structure attributes, see NETLBL_SECATTR_* * @type: indicate the NLTYPE of the attributes * @domain: the NetLabel LSM domain * @cache: NetLabel LSM specific cache @@ -184,17 +181,22 @@ struct netlbl_lsm_secattr_catmap { * NetLabel itself when returning security attributes to the LSM. * */ +struct netlbl_lsm_secattr { + u32 flags; + /* bitmap values for 'flags' */ #define NETLBL_SECATTR_NONE 0x00000000 #define NETLBL_SECATTR_DOMAIN 0x00000001 +#define NETLBL_SECATTR_DOMAIN_CPY (NETLBL_SECATTR_DOMAIN | \ + NETLBL_SECATTR_FREE_DOMAIN) #define NETLBL_SECATTR_CACHE 0x00000002 #define NETLBL_SECATTR_MLS_LVL 0x00000004 #define NETLBL_SECATTR_MLS_CAT 0x00000008 #define NETLBL_SECATTR_SECID 0x00000010 + /* bitmap meta-values for 'flags' */ +#define NETLBL_SECATTR_FREE_DOMAIN 0x01000000 #define NETLBL_SECATTR_CACHEABLE (NETLBL_SECATTR_MLS_LVL | \ NETLBL_SECATTR_MLS_CAT | \ NETLBL_SECATTR_SECID) -struct netlbl_lsm_secattr { - u32 flags; u32 type; char *domain; struct netlbl_lsm_cache *cache; @@ -307,7 +309,8 @@ static inline void netlbl_secattr_init(struct netlbl_lsm_secattr *secattr) */ static inline void netlbl_secattr_destroy(struct netlbl_lsm_secattr *secattr) { - kfree(secattr->domain); + if (secattr->flags & NETLBL_SECATTR_FREE_DOMAIN) + kfree(secattr->domain); if (secattr->flags & NETLBL_SECATTR_CACHE) netlbl_secattr_cache_free(secattr->cache); if (secattr->flags & NETLBL_SECATTR_MLS_CAT) @@ -343,6 +346,19 @@ static inline void netlbl_secattr_free(struct netlbl_lsm_secattr *secattr) } #ifdef CONFIG_NETLABEL +/* + * LSM configuration operations + */ +int netlbl_cfg_map_del(const char *domain, struct netlbl_audit *audit_info); +int netlbl_cfg_unlbl_add_map(const char *domain, + struct netlbl_audit *audit_info); +int netlbl_cfg_cipsov4_add(struct cipso_v4_doi *doi_def, + struct netlbl_audit *audit_info); +int netlbl_cfg_cipsov4_add_map(struct cipso_v4_doi *doi_def, + const char *domain, + struct netlbl_audit *audit_info); +int netlbl_cfg_cipsov4_del(u32 doi, struct netlbl_audit *audit_info); + /* * LSM security attribute operations */ @@ -378,6 +394,32 @@ void netlbl_cache_invalidate(void); int netlbl_cache_add(const struct sk_buff *skb, const struct netlbl_lsm_secattr *secattr); #else +static inline int netlbl_cfg_map_del(const char *domain, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} +static inline int netlbl_cfg_unlbl_add_map(const char *domain, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} +static inline int netlbl_cfg_cipsov4_add(struct cipso_v4_doi *doi_def, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} +static inline int netlbl_cfg_cipsov4_add_map(struct cipso_v4_doi *doi_def, + const char *domain, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} +static inline int netlbl_cfg_cipsov4_del(u32 doi, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} static inline int netlbl_secattr_catmap_walk( struct netlbl_lsm_secattr_catmap *catmap, u32 offset)