aboutsummaryrefslogtreecommitdiffstats
path: root/net/netlabel
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2008-10-10 10:16:34 -0400
committerPaul Moore <paul.moore@hp.com>2008-10-10 10:16:34 -0400
commit15c45f7b2e81655f6eb500ec949c8bd70a04325a (patch)
tree46037ccd3f3c83cb140abdf5d10af73888bdd362 /net/netlabel
parent8d75899d033617316e06296b7c0729612f56aba0 (diff)
cipso: Add support for native local labeling and fixup mapping names
This patch accomplishes three minor tasks: add a new tag type for local labeling, rename the CIPSO_V4_MAP_STD define to CIPSO_V4_MAP_TRANS and replace some of the CIPSO "magic numbers" with constants from the header file. The first change allows CIPSO to support full LSM labels/contexts, not just MLS attributes. The second change brings the mapping names inline with what userspace is using, compatibility is preserved since we don't actually change the value. The last change is to aid readability and help prevent mistakes. Signed-off-by: Paul Moore <paul.moore@hp.com>
Diffstat (limited to 'net/netlabel')
-rw-r--r--net/netlabel/netlabel_cipso_v4.c14
-rw-r--r--net/netlabel/netlabel_cipso_v4.h4
-rw-r--r--net/netlabel/netlabel_kapi.c4
3 files changed, 11 insertions, 11 deletions
diff --git a/net/netlabel/netlabel_cipso_v4.c b/net/netlabel/netlabel_cipso_v4.c
index 5c4f60bbc82..db83a67cbc7 100644
--- a/net/netlabel/netlabel_cipso_v4.c
+++ b/net/netlabel/netlabel_cipso_v4.c
@@ -132,9 +132,9 @@ static int netlbl_cipsov4_add_common(struct genl_info *info,
132 * @info: the Generic NETLINK info block 132 * @info: the Generic NETLINK info block
133 * 133 *
134 * Description: 134 * Description:
135 * Create a new CIPSO_V4_MAP_STD DOI definition based on the given ADD message 135 * Create a new CIPSO_V4_MAP_TRANS DOI definition based on the given ADD
136 * and add it to the CIPSO V4 engine. Return zero on success and non-zero on 136 * message and add it to the CIPSO V4 engine. Return zero on success and
137 * error. 137 * non-zero on error.
138 * 138 *
139 */ 139 */
140static int netlbl_cipsov4_add_std(struct genl_info *info) 140static int netlbl_cipsov4_add_std(struct genl_info *info)
@@ -164,7 +164,7 @@ static int netlbl_cipsov4_add_std(struct genl_info *info)
164 ret_val = -ENOMEM; 164 ret_val = -ENOMEM;
165 goto add_std_failure; 165 goto add_std_failure;
166 } 166 }
167 doi_def->type = CIPSO_V4_MAP_STD; 167 doi_def->type = CIPSO_V4_MAP_TRANS;
168 168
169 ret_val = netlbl_cipsov4_add_common(info, doi_def); 169 ret_val = netlbl_cipsov4_add_common(info, doi_def);
170 if (ret_val != 0) 170 if (ret_val != 0)
@@ -393,8 +393,8 @@ static int netlbl_cipsov4_add(struct sk_buff *skb, struct genl_info *info)
393 393
394 type = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_MTYPE]); 394 type = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_MTYPE]);
395 switch (type) { 395 switch (type) {
396 case CIPSO_V4_MAP_STD: 396 case CIPSO_V4_MAP_TRANS:
397 type_str = "std"; 397 type_str = "trans";
398 ret_val = netlbl_cipsov4_add_std(info); 398 ret_val = netlbl_cipsov4_add_std(info);
399 break; 399 break;
400 case CIPSO_V4_MAP_PASS: 400 case CIPSO_V4_MAP_PASS:
@@ -497,7 +497,7 @@ list_start:
497 nla_nest_end(ans_skb, nla_a); 497 nla_nest_end(ans_skb, nla_a);
498 498
499 switch (doi_def->type) { 499 switch (doi_def->type) {
500 case CIPSO_V4_MAP_STD: 500 case CIPSO_V4_MAP_TRANS:
501 nla_a = nla_nest_start(ans_skb, NLBL_CIPSOV4_A_MLSLVLLST); 501 nla_a = nla_nest_start(ans_skb, NLBL_CIPSOV4_A_MLSLVLLST);
502 if (nla_a == NULL) { 502 if (nla_a == NULL) {
503 ret_val = -ENOMEM; 503 ret_val = -ENOMEM;
diff --git a/net/netlabel/netlabel_cipso_v4.h b/net/netlabel/netlabel_cipso_v4.h
index 220cb9d06b4..fb3957f1d69 100644
--- a/net/netlabel/netlabel_cipso_v4.h
+++ b/net/netlabel/netlabel_cipso_v4.h
@@ -45,7 +45,7 @@
45 * NLBL_CIPSOV4_A_MTYPE 45 * NLBL_CIPSOV4_A_MTYPE
46 * NLBL_CIPSOV4_A_TAGLST 46 * NLBL_CIPSOV4_A_TAGLST
47 * 47 *
48 * If using CIPSO_V4_MAP_STD the following attributes are required: 48 * If using CIPSO_V4_MAP_TRANS the following attributes are required:
49 * 49 *
50 * NLBL_CIPSOV4_A_MLSLVLLST 50 * NLBL_CIPSOV4_A_MLSLVLLST
51 * NLBL_CIPSOV4_A_MLSCATLST 51 * NLBL_CIPSOV4_A_MLSCATLST
@@ -76,7 +76,7 @@
76 * NLBL_CIPSOV4_A_MTYPE 76 * NLBL_CIPSOV4_A_MTYPE
77 * NLBL_CIPSOV4_A_TAGLST 77 * NLBL_CIPSOV4_A_TAGLST
78 * 78 *
79 * If using CIPSO_V4_MAP_STD the following attributes are required: 79 * If using CIPSO_V4_MAP_TRANS the following attributes are required:
80 * 80 *
81 * NLBL_CIPSOV4_A_MLSLVLLST 81 * NLBL_CIPSOV4_A_MLSLVLLST
82 * NLBL_CIPSOV4_A_MLSCATLST 82 * NLBL_CIPSOV4_A_MLSCATLST
diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c
index 78fc557689b..8435b15c3f7 100644
--- a/net/netlabel/netlabel_kapi.c
+++ b/net/netlabel/netlabel_kapi.c
@@ -157,8 +157,8 @@ cfg_cipsov4_add_map_return:
157 audit_info); 157 audit_info);
158 if (audit_buf != NULL) { 158 if (audit_buf != NULL) {
159 switch (doi_type) { 159 switch (doi_type) {
160 case CIPSO_V4_MAP_STD: 160 case CIPSO_V4_MAP_TRANS:
161 type_str = "std"; 161 type_str = "trans";
162 break; 162 break;
163 case CIPSO_V4_MAP_PASS: 163 case CIPSO_V4_MAP_PASS:
164 type_str = "pass"; 164 type_str = "pass";