summaryrefslogtreecommitdiffstats
path: root/include/net/netlabel.h
diff options
context:
space:
mode:
authorHuw Davies <huw@codeweavers.com>2016-06-27 21:06:18 +0200
committerPaul Moore <paul@paul-moore.com>2016-06-27 21:06:18 +0200
commit3f09354ac84c6904787189d85fb306bf60f714b8 (patch)
treeff2735f618f4ff22a3836fe609ac746ab6420668 /include/net/netlabel.h
parentcalipso: Add a label cache. (diff)
downloadlinux-3f09354ac84c6904787189d85fb306bf60f714b8.tar.xz
linux-3f09354ac84c6904787189d85fb306bf60f714b8.zip
netlabel: Implement CALIPSO config functions for SMACK.
SMACK uses similar functions to control CIPSO, these are the equivalent functions for CALIPSO and follow exactly the same semantics. int netlbl_cfg_calipso_add(struct calipso_doi *doi_def, struct netlbl_audit *audit_info) Adds a CALIPSO doi. void netlbl_cfg_calipso_del(u32 doi, struct netlbl_audit *audit_info) Removes a CALIPSO doi. int netlbl_cfg_calipso_map_add(u32 doi, const char *domain, const struct in6_addr *addr, const struct in6_addr *mask, struct netlbl_audit *audit_info) Creates a mapping between a domain and a CALIPSO doi. If addr and mask are non-NULL this creates an address-selector type mapping. This also extends netlbl_cfg_map_del() to remove IPv6 address-selector mappings. Signed-off-by: Huw Davies <huw@codeweavers.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'include/net/netlabel.h')
-rw-r--r--include/net/netlabel.h26
1 files changed, 26 insertions, 0 deletions
diff --git a/include/net/netlabel.h b/include/net/netlabel.h
index a306bc7d2642..efe98068880f 100644
--- a/include/net/netlabel.h
+++ b/include/net/netlabel.h
@@ -445,6 +445,14 @@ int netlbl_cfg_cipsov4_map_add(u32 doi,
const struct in_addr *addr,
const struct in_addr *mask,
struct netlbl_audit *audit_info);
+int netlbl_cfg_calipso_add(struct calipso_doi *doi_def,
+ struct netlbl_audit *audit_info);
+void netlbl_cfg_calipso_del(u32 doi, struct netlbl_audit *audit_info);
+int netlbl_cfg_calipso_map_add(u32 doi,
+ const char *domain,
+ const struct in6_addr *addr,
+ const struct in6_addr *mask,
+ struct netlbl_audit *audit_info);
/*
* LSM security attribute operations
*/
@@ -561,6 +569,24 @@ static inline int netlbl_cfg_cipsov4_map_add(u32 doi,
{
return -ENOSYS;
}
+static inline int netlbl_cfg_calipso_add(struct calipso_doi *doi_def,
+ struct netlbl_audit *audit_info)
+{
+ return -ENOSYS;
+}
+static inline void netlbl_cfg_calipso_del(u32 doi,
+ struct netlbl_audit *audit_info)
+{
+ return;
+}
+static inline int netlbl_cfg_calipso_map_add(u32 doi,
+ const char *domain,
+ const struct in6_addr *addr,
+ const struct in6_addr *mask,
+ struct netlbl_audit *audit_info)
+{
+ return -ENOSYS;
+}
static inline int netlbl_catmap_walk(struct netlbl_lsm_catmap *catmap,
u32 offset)
{