0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012 #ifndef _SELINUX_NETLABEL_H_
0013 #define _SELINUX_NETLABEL_H_
0014
0015 #include <linux/types.h>
0016 #include <linux/fs.h>
0017 #include <linux/net.h>
0018 #include <linux/skbuff.h>
0019 #include <net/sock.h>
0020 #include <net/request_sock.h>
0021 #include <net/sctp/structs.h>
0022
0023 #include "avc.h"
0024 #include "objsec.h"
0025
0026 #ifdef CONFIG_NETLABEL
0027 void selinux_netlbl_cache_invalidate(void);
0028
0029 void selinux_netlbl_err(struct sk_buff *skb, u16 family, int error,
0030 int gateway);
0031
0032 void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec);
0033 void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec);
0034
0035 int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
0036 u16 family,
0037 u32 *type,
0038 u32 *sid);
0039 int selinux_netlbl_skbuff_setsid(struct sk_buff *skb,
0040 u16 family,
0041 u32 sid);
0042 int selinux_netlbl_sctp_assoc_request(struct sctp_association *asoc,
0043 struct sk_buff *skb);
0044 int selinux_netlbl_inet_conn_request(struct request_sock *req, u16 family);
0045 void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family);
0046 void selinux_netlbl_sctp_sk_clone(struct sock *sk, struct sock *newsk);
0047 int selinux_netlbl_socket_post_create(struct sock *sk, u16 family);
0048 int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec,
0049 struct sk_buff *skb,
0050 u16 family,
0051 struct common_audit_data *ad);
0052 int selinux_netlbl_socket_setsockopt(struct socket *sock,
0053 int level,
0054 int optname);
0055 int selinux_netlbl_socket_connect(struct sock *sk, struct sockaddr *addr);
0056 int selinux_netlbl_socket_connect_locked(struct sock *sk,
0057 struct sockaddr *addr);
0058
0059 #else
0060 static inline void selinux_netlbl_cache_invalidate(void)
0061 {
0062 return;
0063 }
0064
0065 static inline void selinux_netlbl_err(struct sk_buff *skb,
0066 u16 family,
0067 int error,
0068 int gateway)
0069 {
0070 return;
0071 }
0072
0073 static inline void selinux_netlbl_sk_security_free(
0074 struct sk_security_struct *sksec)
0075 {
0076 return;
0077 }
0078
0079 static inline void selinux_netlbl_sk_security_reset(
0080 struct sk_security_struct *sksec)
0081 {
0082 return;
0083 }
0084
0085 static inline int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
0086 u16 family,
0087 u32 *type,
0088 u32 *sid)
0089 {
0090 *type = NETLBL_NLTYPE_NONE;
0091 *sid = SECSID_NULL;
0092 return 0;
0093 }
0094 static inline int selinux_netlbl_skbuff_setsid(struct sk_buff *skb,
0095 u16 family,
0096 u32 sid)
0097 {
0098 return 0;
0099 }
0100
0101 static inline int selinux_netlbl_sctp_assoc_request(struct sctp_association *asoc,
0102 struct sk_buff *skb)
0103 {
0104 return 0;
0105 }
0106 static inline int selinux_netlbl_inet_conn_request(struct request_sock *req,
0107 u16 family)
0108 {
0109 return 0;
0110 }
0111 static inline void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family)
0112 {
0113 return;
0114 }
0115 static inline void selinux_netlbl_sctp_sk_clone(struct sock *sk,
0116 struct sock *newsk)
0117 {
0118 return;
0119 }
0120 static inline int selinux_netlbl_socket_post_create(struct sock *sk,
0121 u16 family)
0122 {
0123 return 0;
0124 }
0125 static inline int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec,
0126 struct sk_buff *skb,
0127 u16 family,
0128 struct common_audit_data *ad)
0129 {
0130 return 0;
0131 }
0132 static inline int selinux_netlbl_socket_setsockopt(struct socket *sock,
0133 int level,
0134 int optname)
0135 {
0136 return 0;
0137 }
0138 static inline int selinux_netlbl_socket_connect(struct sock *sk,
0139 struct sockaddr *addr)
0140 {
0141 return 0;
0142 }
0143 static inline int selinux_netlbl_socket_connect_locked(struct sock *sk,
0144 struct sockaddr *addr)
0145 {
0146 return 0;
0147 }
0148 #endif
0149
0150 #endif
