net/netlabel/netlabel_domainhash.h

0001 /* SPDX-License-Identifier: GPL-2.0-or-later */
0002 /*
0003  * NetLabel Domain Hash Table
0004  *
0005  * This file manages the domain hash table that NetLabel uses to determine
0006  * which network labeling protocol to use for a given domain.  The NetLabel
0007  * system manages static and dynamic label mappings for network protocols such
0008  * as CIPSO and RIPSO.
0009  *
0010  * Author: Paul Moore <paul@paul-moore.com>
0011  */
0012
0013 /*
0014  * (c) Copyright Hewlett-Packard Development Company, L.P., 2006, 2008
0015  */
0016
0017 #ifndef _NETLABEL_DOMAINHASH_H
0018 #define _NETLABEL_DOMAINHASH_H
0019
0020 #include <linux/types.h>
0021 #include <linux/rcupdate.h>
0022 #include <linux/list.h>
0023
0024 #include "netlabel_addrlist.h"
0025
0026 /* Domain hash table size */
0027 /* XXX - currently this number is an uneducated guess */
0028 #define NETLBL_DOMHSH_BITSIZE       7
0029
0030 /* Domain mapping definition structures */
0031 struct netlbl_domaddr_map {
0032     struct list_head list4;
0033     struct list_head list6;
0034 };
0035 struct netlbl_dommap_def {
0036     u32 type;
0037     union {
0038         struct netlbl_domaddr_map *addrsel;
0039         struct cipso_v4_doi *cipso;
0040         struct calipso_doi *calipso;
0041     };
0042 };
0043 #define netlbl_domhsh_addr4_entry(iter) \
0044     container_of(iter, struct netlbl_domaddr4_map, list)
0045 struct netlbl_domaddr4_map {
0046     struct netlbl_dommap_def def;
0047
0048     struct netlbl_af4list list;
0049 };
0050 #define netlbl_domhsh_addr6_entry(iter) \
0051     container_of(iter, struct netlbl_domaddr6_map, list)
0052 struct netlbl_domaddr6_map {
0053     struct netlbl_dommap_def def;
0054
0055     struct netlbl_af6list list;
0056 };
0057
0058 struct netlbl_dom_map {
0059     char *domain;
0060     u16 family;
0061     struct netlbl_dommap_def def;
0062
0063     u32 valid;
0064     struct list_head list;
0065     struct rcu_head rcu;
0066 };
0067
0068 /* init function */
0069 int netlbl_domhsh_init(u32 size);
0070
0071 /* Manipulate the domain hash table */
0072 int netlbl_domhsh_add(struct netlbl_dom_map *entry,
0073               struct netlbl_audit *audit_info);
0074 int netlbl_domhsh_add_default(struct netlbl_dom_map *entry,
0075                   struct netlbl_audit *audit_info);
0076 int netlbl_domhsh_remove_entry(struct netlbl_dom_map *entry,
0077                    struct netlbl_audit *audit_info);
0078 int netlbl_domhsh_remove_af4(const char *domain,
0079                  const struct in_addr *addr,
0080                  const struct in_addr *mask,
0081                  struct netlbl_audit *audit_info);
0082 int netlbl_domhsh_remove_af6(const char *domain,
0083                  const struct in6_addr *addr,
0084                  const struct in6_addr *mask,
0085                  struct netlbl_audit *audit_info);
0086 int netlbl_domhsh_remove(const char *domain, u16 family,
0087              struct netlbl_audit *audit_info);
0088 int netlbl_domhsh_remove_default(u16 family, struct netlbl_audit *audit_info);
0089 struct netlbl_dom_map *netlbl_domhsh_getentry(const char *domain, u16 family);
0090 struct netlbl_dommap_def *netlbl_domhsh_getentry_af4(const char *domain,
0091                              __be32 addr);
0092 #if IS_ENABLED(CONFIG_IPV6)
0093 struct netlbl_dommap_def *netlbl_domhsh_getentry_af6(const char *domain,
0094                            const struct in6_addr *addr);
0095 int netlbl_domhsh_remove_af6(const char *domain,
0096                  const struct in6_addr *addr,
0097                  const struct in6_addr *mask,
0098                  struct netlbl_audit *audit_info);
0099 #endif /* IPv6 */
0100
0101 int netlbl_domhsh_walk(u32 *skip_bkt,
0102              u32 *skip_chain,
0103              int (*callback) (struct netlbl_dom_map *entry, void *arg),
0104              void *cb_arg);
0105
0106 #endif