include/net/calipso.h

0001 /* SPDX-License-Identifier: GPL-2.0-or-later */
0002 /*
0003  * CALIPSO - Common Architecture Label IPv6 Security Option
0004  *
0005  * This is an implementation of the CALIPSO protocol as specified in
0006  * RFC 5570.
0007  *
0008  * Authors: Paul Moore <paul@paul-moore.com>
0009  *          Huw Davies <huw@codeweavers.com>
0010  */
0011
0012 /*
0013  * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
0014  * (c) Copyright Huw Davies <huw@codeweavers.com>, 2015
0015  */
0016
0017 #ifndef _CALIPSO_H
0018 #define _CALIPSO_H
0019
0020 #include <linux/types.h>
0021 #include <linux/rcupdate.h>
0022 #include <linux/list.h>
0023 #include <linux/net.h>
0024 #include <linux/skbuff.h>
0025 #include <net/netlabel.h>
0026 #include <net/request_sock.h>
0027 #include <linux/refcount.h>
0028 #include <asm/unaligned.h>
0029
0030 /* known doi values */
0031 #define CALIPSO_DOI_UNKNOWN          0x00000000
0032
0033 /* doi mapping types */
0034 #define CALIPSO_MAP_UNKNOWN          0
0035 #define CALIPSO_MAP_PASS             2
0036
0037 /*
0038  * CALIPSO DOI definitions
0039  */
0040
0041 /* DOI definition struct */
0042 struct calipso_doi {
0043     u32 doi;
0044     u32 type;
0045
0046     refcount_t refcount;
0047     struct list_head list;
0048     struct rcu_head rcu;
0049 };
0050
0051 /*
0052  * Sysctl Variables
0053  */
0054 extern int calipso_cache_enabled;
0055 extern int calipso_cache_bucketsize;
0056
0057 #ifdef CONFIG_NETLABEL
0058 int __init calipso_init(void);
0059 void calipso_exit(void);
0060 bool calipso_validate(const struct sk_buff *skb, const unsigned char *option);
0061 #else
0062 static inline int __init calipso_init(void)
0063 {
0064     return 0;
0065 }
0066
0067 static inline void calipso_exit(void)
0068 {
0069 }
0070 static inline bool calipso_validate(const struct sk_buff *skb,
0071                     const unsigned char *option)
0072 {
0073     return true;
0074 }
0075 #endif /* CONFIG_NETLABEL */
0076
0077 #endif /* _CALIPSO_H */