diff options
| author | Huw Davies <huw@codeweavers.com> | 2016-06-27 21:06:18 +0200 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2016-06-27 21:06:18 +0200 |
| commit | 3f09354ac84c6904787189d85fb306bf60f714b8 (patch) | |
| tree | ff2735f618f4ff22a3836fe609ac746ab6420668 /net/netlabel/netlabel_domainhash.h | |
| parent | calipso: Add a label cache. (diff) | |
| download | linux-3f09354ac84c6904787189d85fb306bf60f714b8.tar.xz linux-3f09354ac84c6904787189d85fb306bf60f714b8.zip | |
netlabel: Implement CALIPSO config functions for SMACK.
SMACK uses similar functions to control CIPSO, these are
the equivalent functions for CALIPSO and follow exactly
the same semantics.
int netlbl_cfg_calipso_add(struct calipso_doi *doi_def,
struct netlbl_audit *audit_info)
Adds a CALIPSO doi.
void netlbl_cfg_calipso_del(u32 doi, struct netlbl_audit *audit_info)
Removes a CALIPSO doi.
int netlbl_cfg_calipso_map_add(u32 doi, const char *domain,
const struct in6_addr *addr,
const struct in6_addr *mask,
struct netlbl_audit *audit_info)
Creates a mapping between a domain and a CALIPSO doi. If
addr and mask are non-NULL this creates an address-selector
type mapping.
This also extends netlbl_cfg_map_del() to remove IPv6 address-selector
mappings.
Signed-off-by: Huw Davies <huw@codeweavers.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'net/netlabel/netlabel_domainhash.h')
| -rw-r--r-- | net/netlabel/netlabel_domainhash.h | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/net/netlabel/netlabel_domainhash.h b/net/netlabel/netlabel_domainhash.h index b7ddb6e5c53f..1f9247781927 100644 --- a/net/netlabel/netlabel_domainhash.h +++ b/net/netlabel/netlabel_domainhash.h @@ -93,6 +93,10 @@ int netlbl_domhsh_remove_af4(const char *domain, const struct in_addr *addr, const struct in_addr *mask, struct netlbl_audit *audit_info); +int netlbl_domhsh_remove_af6(const char *domain, + const struct in6_addr *addr, + const struct in6_addr *mask, + struct netlbl_audit *audit_info); int netlbl_domhsh_remove(const char *domain, u16 family, struct netlbl_audit *audit_info); int netlbl_domhsh_remove_default(u16 family, struct netlbl_audit *audit_info); @@ -102,6 +106,10 @@ struct netlbl_dommap_def *netlbl_domhsh_getentry_af4(const char *domain, #if IS_ENABLED(CONFIG_IPV6) struct netlbl_dommap_def *netlbl_domhsh_getentry_af6(const char *domain, const struct in6_addr *addr); +int netlbl_domhsh_remove_af6(const char *domain, + const struct in6_addr *addr, + const struct in6_addr *mask, + struct netlbl_audit *audit_info); #endif /* IPv6 */ int netlbl_domhsh_walk(u32 *skip_bkt, |