1 /* SPDX-License-Identifier: GPL-2.0-or-later * 1 /* SPDX-License-Identifier: GPL-2.0-or-later */ 2 /* 2 /* 3 * SELinux interface to the NetLabel subsystem 3 * SELinux interface to the NetLabel subsystem 4 * 4 * 5 * Author: Paul Moore <paul@paul-moore.com> 5 * Author: Paul Moore <paul@paul-moore.com> 6 */ 6 */ 7 7 8 /* 8 /* 9 * (c) Copyright Hewlett-Packard Development C 9 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006 10 */ 10 */ 11 11 12 #ifndef _SELINUX_NETLABEL_H_ 12 #ifndef _SELINUX_NETLABEL_H_ 13 #define _SELINUX_NETLABEL_H_ 13 #define _SELINUX_NETLABEL_H_ 14 14 15 #include <linux/types.h> 15 #include <linux/types.h> 16 #include <linux/fs.h> 16 #include <linux/fs.h> 17 #include <linux/net.h> 17 #include <linux/net.h> 18 #include <linux/skbuff.h> 18 #include <linux/skbuff.h> 19 #include <net/sock.h> 19 #include <net/sock.h> 20 #include <net/request_sock.h> 20 #include <net/request_sock.h> 21 #include <net/sctp/structs.h> 21 #include <net/sctp/structs.h> 22 22 23 #include "avc.h" 23 #include "avc.h" 24 #include "objsec.h" 24 #include "objsec.h" 25 25 26 #ifdef CONFIG_NETLABEL 26 #ifdef CONFIG_NETLABEL 27 void selinux_netlbl_cache_invalidate(void); 27 void selinux_netlbl_cache_invalidate(void); 28 28 29 void selinux_netlbl_err(struct sk_buff *skb, u 29 void selinux_netlbl_err(struct sk_buff *skb, u16 family, int error, 30 int gateway); 30 int gateway); 31 31 32 void selinux_netlbl_sk_security_free(struct sk 32 void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec); 33 void selinux_netlbl_sk_security_reset(struct s 33 void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec); 34 34 35 int selinux_netlbl_skbuff_getsid(struct sk_buf !! 35 int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, >> 36 u16 family, >> 37 u32 *type, 36 u32 *sid); 38 u32 *sid); 37 int selinux_netlbl_skbuff_setsid(struct sk_buf !! 39 int selinux_netlbl_skbuff_setsid(struct sk_buff *skb, 38 int selinux_netlbl_sctp_assoc_request(struct s !! 40 u16 family, 39 struct s !! 41 u32 sid); >> 42 int selinux_netlbl_sctp_assoc_request(struct sctp_endpoint *ep, >> 43 struct sk_buff *skb); 40 int selinux_netlbl_inet_conn_request(struct re 44 int selinux_netlbl_inet_conn_request(struct request_sock *req, u16 family); 41 void selinux_netlbl_inet_csk_clone(struct sock 45 void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family); 42 void selinux_netlbl_sctp_sk_clone(struct sock 46 void selinux_netlbl_sctp_sk_clone(struct sock *sk, struct sock *newsk); 43 int selinux_netlbl_socket_post_create(struct s 47 int selinux_netlbl_socket_post_create(struct sock *sk, u16 family); 44 int selinux_netlbl_sock_rcv_skb(struct sk_secu 48 int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec, 45 struct sk_buff !! 49 struct sk_buff *skb, >> 50 u16 family, 46 struct common_ 51 struct common_audit_data *ad); 47 int selinux_netlbl_socket_setsockopt(struct so !! 52 int selinux_netlbl_socket_setsockopt(struct socket *sock, >> 53 int level, 48 int optna 54 int optname); 49 int selinux_netlbl_socket_connect(struct sock 55 int selinux_netlbl_socket_connect(struct sock *sk, struct sockaddr *addr); 50 int selinux_netlbl_socket_connect_locked(struc 56 int selinux_netlbl_socket_connect_locked(struct sock *sk, 51 struc 57 struct sockaddr *addr); 52 58 53 #else 59 #else 54 static inline void selinux_netlbl_cache_invali 60 static inline void selinux_netlbl_cache_invalidate(void) 55 { 61 { 56 return; 62 return; 57 } 63 } 58 64 59 static inline void selinux_netlbl_err(struct s !! 65 static inline void selinux_netlbl_err(struct sk_buff *skb, 60 int erro !! 66 u16 family, >> 67 int error, >> 68 int gateway) 61 { 69 { 62 return; 70 return; 63 } 71 } 64 72 65 static inline void !! 73 static inline void selinux_netlbl_sk_security_free( 66 selinux_netlbl_sk_security_free(struct sk_secu !! 74 struct sk_security_struct *sksec) 67 { 75 { 68 return; 76 return; 69 } 77 } 70 78 71 static inline void !! 79 static inline void selinux_netlbl_sk_security_reset( 72 selinux_netlbl_sk_security_reset(struct sk_sec !! 80 struct sk_security_struct *sksec) 73 { 81 { 74 return; 82 return; 75 } 83 } 76 84 77 static inline int selinux_netlbl_skbuff_getsid !! 85 static inline int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, 78 !! 86 u16 family, >> 87 u32 *type, >> 88 u32 *sid) 79 { 89 { 80 *type = NETLBL_NLTYPE_NONE; 90 *type = NETLBL_NLTYPE_NONE; 81 *sid = SECSID_NULL; 91 *sid = SECSID_NULL; 82 return 0; 92 return 0; 83 } 93 } 84 static inline int selinux_netlbl_skbuff_setsid !! 94 static inline int selinux_netlbl_skbuff_setsid(struct sk_buff *skb, >> 95 u16 family, 85 96 u32 sid) 86 { 97 { 87 return 0; 98 return 0; 88 } 99 } 89 100 90 static inline int !! 101 static inline int selinux_netlbl_sctp_assoc_request(struct sctp_endpoint *ep, 91 selinux_netlbl_sctp_assoc_request(struct sctp_ !! 102 struct sk_buff *skb) 92 struct sk_bu << 93 { 103 { 94 return 0; 104 return 0; 95 } 105 } 96 static inline int selinux_netlbl_inet_conn_req 106 static inline int selinux_netlbl_inet_conn_request(struct request_sock *req, 97 107 u16 family) 98 { 108 { 99 return 0; 109 return 0; 100 } 110 } 101 static inline void selinux_netlbl_inet_csk_clo 111 static inline void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family) 102 { 112 { 103 return; 113 return; 104 } 114 } 105 static inline void selinux_netlbl_sctp_sk_clon 115 static inline void selinux_netlbl_sctp_sk_clone(struct sock *sk, 106 116 struct sock *newsk) 107 { 117 { 108 return; 118 return; 109 } 119 } 110 static inline int selinux_netlbl_socket_post_c !! 120 static inline int selinux_netlbl_socket_post_create(struct sock *sk, >> 121 u16 family) 111 { 122 { 112 return 0; 123 return 0; 113 } 124 } 114 static inline int selinux_netlbl_sock_rcv_skb( 125 static inline int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec, 115 !! 126 struct sk_buff *skb, >> 127 u16 family, 116 128 struct common_audit_data *ad) 117 { 129 { 118 return 0; 130 return 0; 119 } 131 } 120 static inline int selinux_netlbl_socket_setsoc 132 static inline int selinux_netlbl_socket_setsockopt(struct socket *sock, 121 !! 133 int level, >> 134 int optname) 122 { 135 { 123 return 0; 136 return 0; 124 } 137 } 125 static inline int selinux_netlbl_socket_connec 138 static inline int selinux_netlbl_socket_connect(struct sock *sk, 126 139 struct sockaddr *addr) 127 { 140 { 128 return 0; 141 return 0; 129 } 142 } 130 static inline int selinux_netlbl_socket_connec 143 static inline int selinux_netlbl_socket_connect_locked(struct sock *sk, 131 144 struct sockaddr *addr) 132 { 145 { 133 return 0; 146 return 0; 134 } 147 } 135 #endif /* CONFIG_NETLABEL */ 148 #endif /* CONFIG_NETLABEL */ 136 149 137 #endif 150 #endif 138 151
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.