1
/*
2
 * NetLabel Domain Hash Table
3
 *
4
 * This file manages the domain hash table that NetLabel uses to determine
5
 * which network labeling protocol to use for a given domain.  The NetLabel
6
 * system manages static and dynamic label mappings for network protocols such
7
 * as CIPSO and RIPSO.
8
 *
9
 * Author: Paul Moore <[email protected]>
10
 *
11
 */
12

13
/*
14
 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006, 2008
15
 *
16
 * This program is free software;  you can redistribute it and/or modify
17
 * it under the terms of the GNU General Public License as published by
18
 * the Free Software Foundation; either version 2 of the License, or
19
 * (at your option) any later version.
20
 *
21
 * This program is distributed in the hope that it will be useful,
22
 * but WITHOUT ANY WARRANTY;  without even the implied warranty of
23
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
24
 * the GNU General Public License for more details.
25
 *
26
 * You should have received a copy of the GNU General Public License
27
 * along with this program;  if not, write to the Free Software
28
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29
 *
30
 */
31

32
#ifndef _NETLABEL_DOMAINHASH_H
33
#define _NETLABEL_DOMAINHASH_H
34

35
#include <linux/types.h>
36
#include <linux/rcupdate.h>
37
#include <linux/list.h>
38

39
#include "netlabel_addrlist.h"
40

41
/* Domain hash table size */
42
/* XXX - currently this number is an uneducated guess */
43
#define NETLBL_DOMHSH_BITSIZE       7
44

45
/* Domain mapping definition structures */
46
#define netlbl_domhsh_addr4_entry(iter) \
47
	container_of(iter, struct netlbl_domaddr4_map, list)
48
struct netlbl_domaddr4_map {
49
	u32 type;
50
	union {
51
		struct cipso_v4_doi *cipsov4;
52
	} type_def;
53

54
	struct netlbl_af4list list;
55
};
56
#define netlbl_domhsh_addr6_entry(iter) \
57
	container_of(iter, struct netlbl_domaddr6_map, list)
58
struct netlbl_domaddr6_map {
59
	u32 type;
60

61
	/* NOTE: no 'type_def' union needed at present since we don't currently
62
	 *       support any IPv6 labeling protocols */
63

64
	struct netlbl_af6list list;
65
};
66
struct netlbl_domaddr_map {
67
	struct list_head list4;
68
	struct list_head list6;
69
};
70
struct netlbl_dom_map {
71
	char *domain;
72
	u32 type;
73
	union {
74
		struct cipso_v4_doi *cipsov4;
75
		struct netlbl_domaddr_map *addrsel;
76
	} type_def;
77

78
	u32 valid;
79
	struct list_head list;
80
	struct rcu_head rcu;
81
};
82

83
/* init function */
84
int netlbl_domhsh_init(u32 size);
85

86
/* Manipulate the domain hash table */
87
int netlbl_domhsh_add(struct netlbl_dom_map *entry,
88
		      struct netlbl_audit *audit_info);
89
int netlbl_domhsh_add_default(struct netlbl_dom_map *entry,
90
			      struct netlbl_audit *audit_info);
91
int netlbl_domhsh_remove_entry(struct netlbl_dom_map *entry,
92
			       struct netlbl_audit *audit_info);
93
int netlbl_domhsh_remove_af4(const char *domain,
94
			     const struct in_addr *addr,
95
			     const struct in_addr *mask,
96
			     struct netlbl_audit *audit_info);
97
int netlbl_domhsh_remove(const char *domain, struct netlbl_audit *audit_info);
98
int netlbl_domhsh_remove_default(struct netlbl_audit *audit_info);
99
struct netlbl_dom_map *netlbl_domhsh_getentry(const char *domain);
100
struct netlbl_domaddr4_map *netlbl_domhsh_getentry_af4(const char *domain,
101
						       __be32 addr);
102
int netlbl_domhsh_walk(u32 *skip_bkt,
103
		     u32 *skip_chain,
104
		     int (*callback) (struct netlbl_dom_map *entry, void *arg),
105
		     void *cb_arg);
106

107
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
108
struct netlbl_domaddr6_map *netlbl_domhsh_getentry_af6(const char *domain,
109
						  const struct in6_addr *addr);
110
#endif /* IPv6 */
111

112
#endif
113

114