Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
awilliam
GitHub Repository: awilliam/linux-vfio
 Path: blob/master/net/netlabel/netlabel_mgmt.h
15109 views
1
/*

2
 * NetLabel Management Support

3
 *

4
 * This file defines the management functions for the NetLabel system.  The

5
 * NetLabel system manages static and dynamic label mappings for network

6
 * protocols such as CIPSO and RIPSO.

7
 *

8
 * Author: Paul Moore <[email protected]>

9
 *

10
 */

11


12
/*

13
 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006

14
 *

15
 * This program is free software;  you can redistribute it and/or modify

16
 * it under the terms of the GNU General Public License as published by

17
 * the Free Software Foundation; either version 2 of the License, or

18
 * (at your option) any later version.

19
 *

20
 * This program is distributed in the hope that it will be useful,

21
 * but WITHOUT ANY WARRANTY;  without even the implied warranty of

22
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See

23
 * the GNU General Public License for more details.

24
 *

25
 * You should have received a copy of the GNU General Public License

26
 * along with this program;  if not, write to the Free Software

27
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

28
 *

29
 */

30


31
#ifndef _NETLABEL_MGMT_H

32
#define _NETLABEL_MGMT_H

33


34
#include <net/netlabel.h>

35
#include <asm/atomic.h>

36


37
/*

38
 * The following NetLabel payloads are supported by the management interface.

39
 *

40
 * o ADD:

41
 *   Sent by an application to add a domain mapping to the NetLabel system.

42
 *

43
 *   Required attributes:

44
 *

45
 *     NLBL_MGMT_A_DOMAIN

46
 *     NLBL_MGMT_A_PROTOCOL

47
 *

48
 *   If IPv4 is specified the following attributes are required:

49
 *

50
 *     NLBL_MGMT_A_IPV4ADDR

51
 *     NLBL_MGMT_A_IPV4MASK

52
 *

53
 *   If IPv6 is specified the following attributes are required:

54
 *

55
 *     NLBL_MGMT_A_IPV6ADDR

56
 *     NLBL_MGMT_A_IPV6MASK

57
 *

58
 *   If using NETLBL_NLTYPE_CIPSOV4 the following attributes are required:

59
 *

60
 *     NLBL_MGMT_A_CV4DOI

61
 *

62
 *   If using NETLBL_NLTYPE_UNLABELED no other attributes are required.

63
 *

64
 * o REMOVE:

65
 *   Sent by an application to remove a domain mapping from the NetLabel

66
 *   system.

67
 *

68
 *   Required attributes:

69
 *

70
 *     NLBL_MGMT_A_DOMAIN

71
 *

72
 * o LISTALL:

73
 *   This message can be sent either from an application or by the kernel in

74
 *   response to an application generated LISTALL message.  When sent by an

75
 *   application there is no payload and the NLM_F_DUMP flag should be set.

76
 *   The kernel should respond with a series of the following messages.

77
 *

78
 *   Required attributes:

79
 *

80
 *     NLBL_MGMT_A_DOMAIN

81
 *

82
 *   If the IP address selectors are not used the following attribute is

83
 *   required:

84
 *

85
 *     NLBL_MGMT_A_PROTOCOL

86
 *

87
 *   If the IP address selectors are used then the following attritbute is

88
 *   required:

89
 *

90
 *     NLBL_MGMT_A_SELECTORLIST

91
 *

92
 *   If the mapping is using the NETLBL_NLTYPE_CIPSOV4 type then the following

93
 *   attributes are required:

94
 *

95
 *     NLBL_MGMT_A_CV4DOI

96
 *

97
 *   If the mapping is using the NETLBL_NLTYPE_UNLABELED type no other

98
 *   attributes are required.

99
 *

100
 * o ADDDEF:

101
 *   Sent by an application to set the default domain mapping for the NetLabel

102
 *   system.

103
 *

104
 *   Required attributes:

105
 *

106
 *     NLBL_MGMT_A_PROTOCOL

107
 *

108
 *   If using NETLBL_NLTYPE_CIPSOV4 the following attributes are required:

109
 *

110
 *     NLBL_MGMT_A_CV4DOI

111
 *

112
 *   If using NETLBL_NLTYPE_UNLABELED no other attributes are required.

113
 *

114
 * o REMOVEDEF:

115
 *   Sent by an application to remove the default domain mapping from the

116
 *   NetLabel system, there is no payload.

117
 *

118
 * o LISTDEF:

119
 *   This message can be sent either from an application or by the kernel in

120
 *   response to an application generated LISTDEF message.  When sent by an

121
 *   application there is no payload.  On success the kernel should send a

122
 *   response using the following format.

123
 *

124
 *   If the IP address selectors are not used the following attribute is

125
 *   required:

126
 *

127
 *     NLBL_MGMT_A_PROTOCOL

128
 *

129
 *   If the IP address selectors are used then the following attritbute is

130
 *   required:

131
 *

132
 *     NLBL_MGMT_A_SELECTORLIST

133
 *

134
 *   If the mapping is using the NETLBL_NLTYPE_CIPSOV4 type then the following

135
 *   attributes are required:

136
 *

137
 *     NLBL_MGMT_A_CV4DOI

138
 *

139
 *   If the mapping is using the NETLBL_NLTYPE_UNLABELED type no other

140
 *   attributes are required.

141
 *

142
 * o PROTOCOLS:

143
 *   Sent by an application to request a list of configured NetLabel protocols

144
 *   in the kernel.  When sent by an application there is no payload and the

145
 *   NLM_F_DUMP flag should be set.  The kernel should respond with a series of

146
 *   the following messages.

147
 *

148
 *   Required attributes:

149
 *

150
 *     NLBL_MGMT_A_PROTOCOL

151
 *

152
 * o VERSION:

153
 *   Sent by an application to request the NetLabel version.  When sent by an

154
 *   application there is no payload.  This message type is also used by the

155
 *   kernel to respond to an VERSION request.

156
 *

157
 *   Required attributes:

158
 *

159
 *     NLBL_MGMT_A_VERSION

160
 *

161
 */

162


163
/* NetLabel Management commands */

164
enum {

165
	NLBL_MGMT_C_UNSPEC,

166
	NLBL_MGMT_C_ADD,

167
	NLBL_MGMT_C_REMOVE,

168
	NLBL_MGMT_C_LISTALL,

169
	NLBL_MGMT_C_ADDDEF,

170
	NLBL_MGMT_C_REMOVEDEF,

171
	NLBL_MGMT_C_LISTDEF,

172
	NLBL_MGMT_C_PROTOCOLS,

173
	NLBL_MGMT_C_VERSION,

174
	__NLBL_MGMT_C_MAX,

175
};

176


177
/* NetLabel Management attributes */

178
enum {

179
	NLBL_MGMT_A_UNSPEC,

180
	NLBL_MGMT_A_DOMAIN,

181
	/* (NLA_NUL_STRING)

182
	 * the NULL terminated LSM domain string */

183
	NLBL_MGMT_A_PROTOCOL,

184
	/* (NLA_U32)

185
	 * the NetLabel protocol type (defined by NETLBL_NLTYPE_*) */

186
	NLBL_MGMT_A_VERSION,

187
	/* (NLA_U32)

188
	 * the NetLabel protocol version number (defined by

189
	 * NETLBL_PROTO_VERSION) */

190
	NLBL_MGMT_A_CV4DOI,

191
	/* (NLA_U32)

192
	 * the CIPSOv4 DOI value */

193
	NLBL_MGMT_A_IPV6ADDR,

194
	/* (NLA_BINARY, struct in6_addr)

195
	 * an IPv6 address */

196
	NLBL_MGMT_A_IPV6MASK,

197
	/* (NLA_BINARY, struct in6_addr)

198
	 * an IPv6 address mask */

199
	NLBL_MGMT_A_IPV4ADDR,

200
	/* (NLA_BINARY, struct in_addr)

201
	 * an IPv4 address */

202
	NLBL_MGMT_A_IPV4MASK,

203
	/* (NLA_BINARY, struct in_addr)

204
	 * and IPv4 address mask */

205
	NLBL_MGMT_A_ADDRSELECTOR,

206
	/* (NLA_NESTED)

207
	 * an IP address selector, must contain an address, mask, and protocol

208
	 * attribute plus any protocol specific attributes */

209
	NLBL_MGMT_A_SELECTORLIST,

210
	/* (NLA_NESTED)

211
	 * the selector list, there must be at least one

212
	 * NLBL_MGMT_A_ADDRSELECTOR attribute */

213
	__NLBL_MGMT_A_MAX,

214
};

215
#define NLBL_MGMT_A_MAX (__NLBL_MGMT_A_MAX - 1)

216


217
/* NetLabel protocol functions */

218
int netlbl_mgmt_genl_init(void);

219


220
/* NetLabel configured protocol reference counter */

221
extern atomic_t netlabel_mgmt_protocount;

222


223
#endif

224


225