1 // SPDX-License-Identifier: GPL-2.0-or-later <<
2 /* 1 /*
3 * NetLabel NETLINK Interface 2 * NetLabel NETLINK Interface
4 * 3 *
5 * This file defines the NETLINK interface for 4 * This file defines the NETLINK interface for the NetLabel system. The
6 * NetLabel system manages static and dynamic 5 * NetLabel system manages static and dynamic label mappings for network
7 * protocols such as CIPSO and RIPSO. 6 * protocols such as CIPSO and RIPSO.
8 * 7 *
9 * Author: Paul Moore <paul@paul-moore.com> 8 * Author: Paul Moore <paul@paul-moore.com>
>> 9 *
10 */ 10 */
11 11
12 /* 12 /*
13 * (c) Copyright Hewlett-Packard Development C 13 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
>> 14 *
>> 15 * This program is free software; you can redistribute it and/or modify
>> 16 * it under the terms of the GNU General Public License as published by
>> 17 * the Free Software Foundation; either version 2 of the License, or
>> 18 * (at your option) any later version.
>> 19 *
>> 20 * This program is distributed in the hope that it will be useful,
>> 21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
>> 22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
>> 23 * the GNU General Public License for more details.
>> 24 *
>> 25 * You should have received a copy of the GNU General Public License
>> 26 * along with this program; if not, see <http://www.gnu.org/licenses/>.
>> 27 *
14 */ 28 */
15 29
16 #include <linux/init.h> 30 #include <linux/init.h>
17 #include <linux/types.h> 31 #include <linux/types.h>
18 #include <linux/list.h> 32 #include <linux/list.h>
19 #include <linux/socket.h> 33 #include <linux/socket.h>
20 #include <linux/audit.h> 34 #include <linux/audit.h>
21 #include <linux/tty.h> 35 #include <linux/tty.h>
22 #include <linux/security.h> 36 #include <linux/security.h>
23 #include <linux/gfp.h> 37 #include <linux/gfp.h>
24 #include <net/sock.h> 38 #include <net/sock.h>
25 #include <net/netlink.h> 39 #include <net/netlink.h>
26 #include <net/genetlink.h> 40 #include <net/genetlink.h>
27 #include <net/netlabel.h> 41 #include <net/netlabel.h>
28 #include <asm/bug.h> 42 #include <asm/bug.h>
29 43
30 #include "netlabel_mgmt.h" 44 #include "netlabel_mgmt.h"
31 #include "netlabel_unlabeled.h" 45 #include "netlabel_unlabeled.h"
32 #include "netlabel_cipso_v4.h" 46 #include "netlabel_cipso_v4.h"
33 #include "netlabel_calipso.h" 47 #include "netlabel_calipso.h"
34 #include "netlabel_user.h" 48 #include "netlabel_user.h"
35 49
36 /* 50 /*
37 * NetLabel NETLINK Setup Functions 51 * NetLabel NETLINK Setup Functions
38 */ 52 */
39 53
40 /** 54 /**
41 * netlbl_netlink_init - Initialize the NETLIN 55 * netlbl_netlink_init - Initialize the NETLINK communication channel
42 * 56 *
43 * Description: 57 * Description:
44 * Call out to the NetLabel components so they 58 * Call out to the NetLabel components so they can register their families and
45 * commands with the Generic NETLINK mechanism 59 * commands with the Generic NETLINK mechanism. Returns zero on success and
46 * non-zero on failure. 60 * non-zero on failure.
47 * 61 *
48 */ 62 */
49 int __init netlbl_netlink_init(void) 63 int __init netlbl_netlink_init(void)
50 { 64 {
51 int ret_val; 65 int ret_val;
52 66
53 ret_val = netlbl_mgmt_genl_init(); 67 ret_val = netlbl_mgmt_genl_init();
54 if (ret_val != 0) 68 if (ret_val != 0)
55 return ret_val; 69 return ret_val;
56 70
57 ret_val = netlbl_cipsov4_genl_init(); 71 ret_val = netlbl_cipsov4_genl_init();
58 if (ret_val != 0) 72 if (ret_val != 0)
59 return ret_val; 73 return ret_val;
60 74
61 ret_val = netlbl_calipso_genl_init(); 75 ret_val = netlbl_calipso_genl_init();
62 if (ret_val != 0) 76 if (ret_val != 0)
63 return ret_val; 77 return ret_val;
64 78
65 return netlbl_unlabel_genl_init(); 79 return netlbl_unlabel_genl_init();
66 } 80 }
67 81
68 /* 82 /*
69 * NetLabel Audit Functions 83 * NetLabel Audit Functions
70 */ 84 */
71 85
72 /** 86 /**
73 * netlbl_audit_start_common - Start an audit 87 * netlbl_audit_start_common - Start an audit message
74 * @type: audit message type 88 * @type: audit message type
75 * @audit_info: NetLabel audit information 89 * @audit_info: NetLabel audit information
76 * 90 *
77 * Description: 91 * Description:
78 * Start an audit message using the type speci 92 * Start an audit message using the type specified in @type and fill the audit
79 * message with some fields common to all NetL 93 * message with some fields common to all NetLabel audit messages. Returns
80 * a pointer to the audit buffer on success, N 94 * a pointer to the audit buffer on success, NULL on failure.
81 * 95 *
82 */ 96 */
83 struct audit_buffer *netlbl_audit_start_common 97 struct audit_buffer *netlbl_audit_start_common(int type,
84 98 struct netlbl_audit *audit_info)
85 { 99 {
86 struct audit_buffer *audit_buf; 100 struct audit_buffer *audit_buf;
87 char *secctx; 101 char *secctx;
88 u32 secctx_len; 102 u32 secctx_len;
89 103
90 if (audit_enabled == AUDIT_OFF) 104 if (audit_enabled == AUDIT_OFF)
91 return NULL; 105 return NULL;
92 106
93 audit_buf = audit_log_start(audit_cont 107 audit_buf = audit_log_start(audit_context(), GFP_ATOMIC, type);
94 if (audit_buf == NULL) 108 if (audit_buf == NULL)
95 return NULL; 109 return NULL;
96 110
97 audit_log_format(audit_buf, "netlabel: 111 audit_log_format(audit_buf, "netlabel: auid=%u ses=%u",
98 from_kuid(&init_user_ 112 from_kuid(&init_user_ns, audit_info->loginuid),
99 audit_info->sessionid 113 audit_info->sessionid);
100 114
101 if (audit_info->secid != 0 && 115 if (audit_info->secid != 0 &&
102 security_secid_to_secctx(audit_inf 116 security_secid_to_secctx(audit_info->secid,
103 &secctx, 117 &secctx,
104 &secctx_l 118 &secctx_len) == 0) {
105 audit_log_format(audit_buf, " 119 audit_log_format(audit_buf, " subj=%s", secctx);
106 security_release_secctx(secctx 120 security_release_secctx(secctx, secctx_len);
107 } 121 }
108 122
109 return audit_buf; 123 return audit_buf;
110 } 124 }
111 125
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.