Back to home page

OSCL-LXR
 
 

     

0001 /* SPDX-License-Identifier: GPL-2.0-or-later */
0002 /*
0003  * NetLabel Management Support
0004  *
0005  * This file defines the management functions for the NetLabel system.  The
0006  * NetLabel system manages static and dynamic label mappings for network
0007  * protocols such as CIPSO and RIPSO.
0008  *
0009  * Author: Paul Moore <paul@paul-moore.com>
0010  */
0011 
0012 /*
0013  * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
0014  */
0015 
0016 #ifndef _NETLABEL_MGMT_H
0017 #define _NETLABEL_MGMT_H
0018 
0019 #include <net/netlabel.h>
0020 #include <linux/atomic.h>
0021 
0022 /*
0023  * The following NetLabel payloads are supported by the management interface.
0024  *
0025  * o ADD:
0026  *   Sent by an application to add a domain mapping to the NetLabel system.
0027  *
0028  *   Required attributes:
0029  *
0030  *     NLBL_MGMT_A_DOMAIN
0031  *     NLBL_MGMT_A_PROTOCOL
0032  *
0033  *   If IPv4 is specified the following attributes are required:
0034  *
0035  *     NLBL_MGMT_A_IPV4ADDR
0036  *     NLBL_MGMT_A_IPV4MASK
0037  *
0038  *   If IPv6 is specified the following attributes are required:
0039  *
0040  *     NLBL_MGMT_A_IPV6ADDR
0041  *     NLBL_MGMT_A_IPV6MASK
0042  *
0043  *   If using NETLBL_NLTYPE_CIPSOV4 the following attributes are required:
0044  *
0045  *     NLBL_MGMT_A_CV4DOI
0046  *
0047  *   If using NETLBL_NLTYPE_UNLABELED no other attributes are required,
0048  *   however the following attribute may optionally be sent:
0049  *
0050  *     NLBL_MGMT_A_FAMILY
0051  *
0052  * o REMOVE:
0053  *   Sent by an application to remove a domain mapping from the NetLabel
0054  *   system.
0055  *
0056  *   Required attributes:
0057  *
0058  *     NLBL_MGMT_A_DOMAIN
0059  *
0060  * o LISTALL:
0061  *   This message can be sent either from an application or by the kernel in
0062  *   response to an application generated LISTALL message.  When sent by an
0063  *   application there is no payload and the NLM_F_DUMP flag should be set.
0064  *   The kernel should respond with a series of the following messages.
0065  *
0066  *   Required attributes:
0067  *
0068  *     NLBL_MGMT_A_DOMAIN
0069  *     NLBL_MGMT_A_FAMILY
0070  *
0071  *   If the IP address selectors are not used the following attribute is
0072  *   required:
0073  *
0074  *     NLBL_MGMT_A_PROTOCOL
0075  *
0076  *   If the IP address selectors are used then the following attritbute is
0077  *   required:
0078  *
0079  *     NLBL_MGMT_A_SELECTORLIST
0080  *
0081  *   If the mapping is using the NETLBL_NLTYPE_CIPSOV4 type then the following
0082  *   attributes are required:
0083  *
0084  *     NLBL_MGMT_A_CV4DOI
0085  *
0086  *   If the mapping is using the NETLBL_NLTYPE_UNLABELED type no other
0087  *   attributes are required.
0088  *
0089  * o ADDDEF:
0090  *   Sent by an application to set the default domain mapping for the NetLabel
0091  *   system.
0092  *
0093  *   Required attributes:
0094  *
0095  *     NLBL_MGMT_A_PROTOCOL
0096  *
0097  *   If using NETLBL_NLTYPE_CIPSOV4 the following attributes are required:
0098  *
0099  *     NLBL_MGMT_A_CV4DOI
0100  *
0101  *   If using NETLBL_NLTYPE_UNLABELED no other attributes are required,
0102  *   however the following attribute may optionally be sent:
0103  *
0104  *     NLBL_MGMT_A_FAMILY
0105  *
0106  * o REMOVEDEF:
0107  *   Sent by an application to remove the default domain mapping from the
0108  *   NetLabel system, there is no payload.
0109  *
0110  * o LISTDEF:
0111  *   This message can be sent either from an application or by the kernel in
0112  *   response to an application generated LISTDEF message.  When sent by an
0113  *   application there may be an optional payload.
0114  *
0115  *     NLBL_MGMT_A_FAMILY
0116  *
0117  *   On success the kernel should send a response using the following format:
0118  *
0119  *   If the IP address selectors are not used the following attributes are
0120  *   required:
0121  *
0122  *     NLBL_MGMT_A_PROTOCOL
0123  *     NLBL_MGMT_A_FAMILY
0124  *
0125  *   If the IP address selectors are used then the following attritbute is
0126  *   required:
0127  *
0128  *     NLBL_MGMT_A_SELECTORLIST
0129  *
0130  *   If the mapping is using the NETLBL_NLTYPE_CIPSOV4 type then the following
0131  *   attributes are required:
0132  *
0133  *     NLBL_MGMT_A_CV4DOI
0134  *
0135  *   If the mapping is using the NETLBL_NLTYPE_UNLABELED type no other
0136  *   attributes are required.
0137  *
0138  * o PROTOCOLS:
0139  *   Sent by an application to request a list of configured NetLabel protocols
0140  *   in the kernel.  When sent by an application there is no payload and the
0141  *   NLM_F_DUMP flag should be set.  The kernel should respond with a series of
0142  *   the following messages.
0143  *
0144  *   Required attributes:
0145  *
0146  *     NLBL_MGMT_A_PROTOCOL
0147  *
0148  * o VERSION:
0149  *   Sent by an application to request the NetLabel version.  When sent by an
0150  *   application there is no payload.  This message type is also used by the
0151  *   kernel to respond to an VERSION request.
0152  *
0153  *   Required attributes:
0154  *
0155  *     NLBL_MGMT_A_VERSION
0156  *
0157  */
0158 
0159 /* NetLabel Management commands */
0160 enum {
0161     NLBL_MGMT_C_UNSPEC,
0162     NLBL_MGMT_C_ADD,
0163     NLBL_MGMT_C_REMOVE,
0164     NLBL_MGMT_C_LISTALL,
0165     NLBL_MGMT_C_ADDDEF,
0166     NLBL_MGMT_C_REMOVEDEF,
0167     NLBL_MGMT_C_LISTDEF,
0168     NLBL_MGMT_C_PROTOCOLS,
0169     NLBL_MGMT_C_VERSION,
0170     __NLBL_MGMT_C_MAX,
0171 };
0172 
0173 /* NetLabel Management attributes */
0174 enum {
0175     NLBL_MGMT_A_UNSPEC,
0176     NLBL_MGMT_A_DOMAIN,
0177     /* (NLA_NUL_STRING)
0178      * the NULL terminated LSM domain string */
0179     NLBL_MGMT_A_PROTOCOL,
0180     /* (NLA_U32)
0181      * the NetLabel protocol type (defined by NETLBL_NLTYPE_*) */
0182     NLBL_MGMT_A_VERSION,
0183     /* (NLA_U32)
0184      * the NetLabel protocol version number (defined by
0185      * NETLBL_PROTO_VERSION) */
0186     NLBL_MGMT_A_CV4DOI,
0187     /* (NLA_U32)
0188      * the CIPSOv4 DOI value */
0189     NLBL_MGMT_A_IPV6ADDR,
0190     /* (NLA_BINARY, struct in6_addr)
0191      * an IPv6 address */
0192     NLBL_MGMT_A_IPV6MASK,
0193     /* (NLA_BINARY, struct in6_addr)
0194      * an IPv6 address mask */
0195     NLBL_MGMT_A_IPV4ADDR,
0196     /* (NLA_BINARY, struct in_addr)
0197      * an IPv4 address */
0198     NLBL_MGMT_A_IPV4MASK,
0199     /* (NLA_BINARY, struct in_addr)
0200      * and IPv4 address mask */
0201     NLBL_MGMT_A_ADDRSELECTOR,
0202     /* (NLA_NESTED)
0203      * an IP address selector, must contain an address, mask, and protocol
0204      * attribute plus any protocol specific attributes */
0205     NLBL_MGMT_A_SELECTORLIST,
0206     /* (NLA_NESTED)
0207      * the selector list, there must be at least one
0208      * NLBL_MGMT_A_ADDRSELECTOR attribute */
0209     NLBL_MGMT_A_FAMILY,
0210     /* (NLA_U16)
0211      * The address family */
0212     NLBL_MGMT_A_CLPDOI,
0213     /* (NLA_U32)
0214      * the CALIPSO DOI value */
0215     __NLBL_MGMT_A_MAX,
0216 };
0217 #define NLBL_MGMT_A_MAX (__NLBL_MGMT_A_MAX - 1)
0218 
0219 /* NetLabel protocol functions */
0220 int netlbl_mgmt_genl_init(void);
0221 
0222 /* NetLabel configured protocol reference counter */
0223 extern atomic_t netlabel_mgmt_protocount;
0224 
0225 #endif
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!