net/netlabel/netlabel_addrlist.h

0001 /* SPDX-License-Identifier: GPL-2.0-or-later */
0002 /*
0003  * NetLabel Network Address Lists
0004  *
0005  * This file contains network address list functions used to manage ordered
0006  * lists of network addresses for use by the NetLabel subsystem.  The NetLabel
0007  * system manages static and dynamic label mappings for network protocols such
0008  * as CIPSO and RIPSO.
0009  *
0010  * Author: Paul Moore <paul@paul-moore.com>
0011  */
0012
0013 /*
0014  * (c) Copyright Hewlett-Packard Development Company, L.P., 2008
0015  */
0016
0017 #ifndef _NETLABEL_ADDRLIST_H
0018 #define _NETLABEL_ADDRLIST_H
0019
0020 #include <linux/types.h>
0021 #include <linux/rcupdate.h>
0022 #include <linux/list.h>
0023 #include <linux/in6.h>
0024 #include <linux/audit.h>
0025
0026 /**
0027  * struct netlbl_af4list - NetLabel IPv4 address list
0028  * @addr: IPv4 address
0029  * @mask: IPv4 address mask
0030  * @valid: valid flag
0031  * @list: list structure, used internally
0032  */
0033 struct netlbl_af4list {
0034     __be32 addr;
0035     __be32 mask;
0036
0037     u32 valid;
0038     struct list_head list;
0039 };
0040
0041 /**
0042  * struct netlbl_af6list - NetLabel IPv6 address list
0043  * @addr: IPv6 address
0044  * @mask: IPv6 address mask
0045  * @valid: valid flag
0046  * @list: list structure, used internally
0047  */
0048 struct netlbl_af6list {
0049     struct in6_addr addr;
0050     struct in6_addr mask;
0051
0052     u32 valid;
0053     struct list_head list;
0054 };
0055
0056 #define __af4list_entry(ptr) container_of(ptr, struct netlbl_af4list, list)
0057
0058 static inline struct netlbl_af4list *__af4list_valid(struct list_head *s,
0059                              struct list_head *h)
0060 {
0061     struct list_head *i = s;
0062     struct netlbl_af4list *n = __af4list_entry(s);
0063     while (i != h && !n->valid) {
0064         i = i->next;
0065         n = __af4list_entry(i);
0066     }
0067     return n;
0068 }
0069
0070 static inline struct netlbl_af4list *__af4list_valid_rcu(struct list_head *s,
0071                              struct list_head *h)
0072 {
0073     struct list_head *i = s;
0074     struct netlbl_af4list *n = __af4list_entry(s);
0075     while (i != h && !n->valid) {
0076         i = rcu_dereference(list_next_rcu(i));
0077         n = __af4list_entry(i);
0078     }
0079     return n;
0080 }
0081
0082 #define netlbl_af4list_foreach(iter, head)              \
0083     for (iter = __af4list_valid((head)->next, head);        \
0084          &iter->list != (head);                 \
0085          iter = __af4list_valid(iter->list.next, head))
0086
0087 #define netlbl_af4list_foreach_rcu(iter, head)              \
0088     for (iter = __af4list_valid_rcu((head)->next, head);        \
0089          &iter->list != (head);                 \
0090          iter = __af4list_valid_rcu(iter->list.next, head))
0091
0092 #define netlbl_af4list_foreach_safe(iter, tmp, head)            \
0093     for (iter = __af4list_valid((head)->next, head),        \
0094              tmp = __af4list_valid(iter->list.next, head);  \
0095          &iter->list != (head);                 \
0096          iter = tmp, tmp = __af4list_valid(iter->list.next, head))
0097
0098 int netlbl_af4list_add(struct netlbl_af4list *entry,
0099                struct list_head *head);
0100 struct netlbl_af4list *netlbl_af4list_remove(__be32 addr, __be32 mask,
0101                          struct list_head *head);
0102 void netlbl_af4list_remove_entry(struct netlbl_af4list *entry);
0103 struct netlbl_af4list *netlbl_af4list_search(__be32 addr,
0104                          struct list_head *head);
0105 struct netlbl_af4list *netlbl_af4list_search_exact(__be32 addr,
0106                            __be32 mask,
0107                            struct list_head *head);
0108
0109 #ifdef CONFIG_AUDIT
0110 void netlbl_af4list_audit_addr(struct audit_buffer *audit_buf,
0111                    int src, const char *dev,
0112                    __be32 addr, __be32 mask);
0113 #else
0114 static inline void netlbl_af4list_audit_addr(struct audit_buffer *audit_buf,
0115                          int src, const char *dev,
0116                          __be32 addr, __be32 mask)
0117 {
0118 }
0119 #endif
0120
0121 #if IS_ENABLED(CONFIG_IPV6)
0122
0123 #define __af6list_entry(ptr) container_of(ptr, struct netlbl_af6list, list)
0124
0125 static inline struct netlbl_af6list *__af6list_valid(struct list_head *s,
0126                              struct list_head *h)
0127 {
0128     struct list_head *i = s;
0129     struct netlbl_af6list *n = __af6list_entry(s);
0130     while (i != h && !n->valid) {
0131         i = i->next;
0132         n = __af6list_entry(i);
0133     }
0134     return n;
0135 }
0136
0137 static inline struct netlbl_af6list *__af6list_valid_rcu(struct list_head *s,
0138                              struct list_head *h)
0139 {
0140     struct list_head *i = s;
0141     struct netlbl_af6list *n = __af6list_entry(s);
0142     while (i != h && !n->valid) {
0143         i = rcu_dereference(list_next_rcu(i));
0144         n = __af6list_entry(i);
0145     }
0146     return n;
0147 }
0148
0149 #define netlbl_af6list_foreach(iter, head)              \
0150     for (iter = __af6list_valid((head)->next, head);        \
0151          &iter->list != (head);                 \
0152          iter = __af6list_valid(iter->list.next, head))
0153
0154 #define netlbl_af6list_foreach_rcu(iter, head)              \
0155     for (iter = __af6list_valid_rcu((head)->next, head);        \
0156          &iter->list != (head);                 \
0157          iter = __af6list_valid_rcu(iter->list.next, head))
0158
0159 #define netlbl_af6list_foreach_safe(iter, tmp, head)            \
0160     for (iter = __af6list_valid((head)->next, head),        \
0161              tmp = __af6list_valid(iter->list.next, head);  \
0162          &iter->list != (head);                 \
0163          iter = tmp, tmp = __af6list_valid(iter->list.next, head))
0164
0165 int netlbl_af6list_add(struct netlbl_af6list *entry,
0166                struct list_head *head);
0167 struct netlbl_af6list *netlbl_af6list_remove(const struct in6_addr *addr,
0168                          const struct in6_addr *mask,
0169                          struct list_head *head);
0170 void netlbl_af6list_remove_entry(struct netlbl_af6list *entry);
0171 struct netlbl_af6list *netlbl_af6list_search(const struct in6_addr *addr,
0172                          struct list_head *head);
0173 struct netlbl_af6list *netlbl_af6list_search_exact(const struct in6_addr *addr,
0174                            const struct in6_addr *mask,
0175                            struct list_head *head);
0176
0177 #ifdef CONFIG_AUDIT
0178 void netlbl_af6list_audit_addr(struct audit_buffer *audit_buf,
0179                    int src,
0180                    const char *dev,
0181                    const struct in6_addr *addr,
0182                    const struct in6_addr *mask);
0183 #else
0184 static inline void netlbl_af6list_audit_addr(struct audit_buffer *audit_buf,
0185                          int src,
0186                          const char *dev,
0187                          const struct in6_addr *addr,
0188                          const struct in6_addr *mask)
0189 {
0190 }
0191 #endif
0192 #endif /* IPV6 */
0193
0194 #endif