/* * NetLabel CALIPSO Support * * This file defines the CALIPSO functions for the NetLabel system. The * NetLabel system manages static and dynamic label mappings for network * protocols such as CIPSO and RIPSO. * * Authors: Paul Moore * Huw Davies * */ /* (c) Copyright Hewlett-Packard Development Company, L.P., 2006 * (c) Copyright Huw Davies , 2015 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See * the GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . * */ #ifndef _NETLABEL_CALIPSO #define _NETLABEL_CALIPSO #include #include /* The following NetLabel payloads are supported by the CALIPSO subsystem. * * o ADD: * Sent by an application to add a new DOI mapping table. * * Required attributes: * * NLBL_CALIPSO_A_DOI * NLBL_CALIPSO_A_MTYPE * * If using CALIPSO_MAP_PASS no additional attributes are required. * * o LIST: * Sent by an application to list the details of a DOI definition. On * success the kernel should send a response using the following format. * * Required attributes: * * NLBL_CALIPSO_A_DOI * * The valid response message format depends on the type of the DOI mapping, * the defined formats are shown below. * * Required attributes: * * NLBL_CALIPSO_A_MTYPE * * If using CALIPSO_MAP_PASS no additional attributes are required. * */ /* NetLabel CALIPSO commands */ enum { NLBL_CALIPSO_C_UNSPEC, NLBL_CALIPSO_C_ADD, NLBL_CALIPSO_C_REMOVE, NLBL_CALIPSO_C_LIST, NLBL_CALIPSO_C_LISTALL, __NLBL_CALIPSO_C_MAX, }; /* NetLabel CALIPSO attributes */ enum { NLBL_CALIPSO_A_UNSPEC, NLBL_CALIPSO_A_DOI, /* (NLA_U32) * the DOI value */ NLBL_CALIPSO_A_MTYPE, /* (NLA_U32) * the mapping table type (defined in the calipso.h header as * CALIPSO_MAP_*) */ __NLBL_CALIPSO_A_MAX, }; #define NLBL_CALIPSO_A_MAX (__NLBL_CALIPSO_A_MAX - 1) /* NetLabel protocol functions */ #if IS_ENABLED(CONFIG_IPV6) int netlbl_calipso_genl_init(void); #else static inline int netlbl_calipso_genl_init(void) { return 0; } #endif int calipso_doi_add(struct calipso_doi *doi_def, struct netlbl_audit *audit_info); void calipso_doi_free(struct calipso_doi *doi_def); struct calipso_doi *calipso_doi_getdef(u32 doi); void calipso_doi_putdef(struct calipso_doi *doi_def); #endif