diff options
author | Huw Davies <huw@codeweavers.com> | 2016-06-27 21:06:18 +0200 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2016-06-27 21:06:18 +0200 |
commit | 3f09354ac84c6904787189d85fb306bf60f714b8 (patch) | |
tree | ff2735f618f4ff22a3836fe609ac746ab6420668 /include/net/netlabel.h | |
parent | calipso: Add a label cache. (diff) | |
download | linux-3f09354ac84c6904787189d85fb306bf60f714b8.tar.xz linux-3f09354ac84c6904787189d85fb306bf60f714b8.zip |
netlabel: Implement CALIPSO config functions for SMACK.
SMACK uses similar functions to control CIPSO, these are
the equivalent functions for CALIPSO and follow exactly
the same semantics.
int netlbl_cfg_calipso_add(struct calipso_doi *doi_def,
struct netlbl_audit *audit_info)
Adds a CALIPSO doi.
void netlbl_cfg_calipso_del(u32 doi, struct netlbl_audit *audit_info)
Removes a CALIPSO doi.
int netlbl_cfg_calipso_map_add(u32 doi, const char *domain,
const struct in6_addr *addr,
const struct in6_addr *mask,
struct netlbl_audit *audit_info)
Creates a mapping between a domain and a CALIPSO doi. If
addr and mask are non-NULL this creates an address-selector
type mapping.
This also extends netlbl_cfg_map_del() to remove IPv6 address-selector
mappings.
Signed-off-by: Huw Davies <huw@codeweavers.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'include/net/netlabel.h')
-rw-r--r-- | include/net/netlabel.h | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/include/net/netlabel.h b/include/net/netlabel.h index a306bc7d2642..efe98068880f 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -445,6 +445,14 @@ int netlbl_cfg_cipsov4_map_add(u32 doi, const struct in_addr *addr, const struct in_addr *mask, struct netlbl_audit *audit_info); +int netlbl_cfg_calipso_add(struct calipso_doi *doi_def, + struct netlbl_audit *audit_info); +void netlbl_cfg_calipso_del(u32 doi, struct netlbl_audit *audit_info); +int netlbl_cfg_calipso_map_add(u32 doi, + const char *domain, + const struct in6_addr *addr, + const struct in6_addr *mask, + struct netlbl_audit *audit_info); /* * LSM security attribute operations */ @@ -561,6 +569,24 @@ static inline int netlbl_cfg_cipsov4_map_add(u32 doi, { return -ENOSYS; } +static inline int netlbl_cfg_calipso_add(struct calipso_doi *doi_def, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} +static inline void netlbl_cfg_calipso_del(u32 doi, + struct netlbl_audit *audit_info) +{ + return; +} +static inline int netlbl_cfg_calipso_map_add(u32 doi, + const char *domain, + const struct in6_addr *addr, + const struct in6_addr *mask, + struct netlbl_audit *audit_info) +{ + return -ENOSYS; +} static inline int netlbl_catmap_walk(struct netlbl_lsm_catmap *catmap, u32 offset) { |