diff options
author | Paul Moore <paul.moore@hp.com> | 2008-10-10 10:16:34 -0400 |
---|---|---|
committer | Paul Moore <paul.moore@hp.com> | 2008-10-10 10:16:34 -0400 |
commit | 15c45f7b2e81655f6eb500ec949c8bd70a04325a (patch) | |
tree | 46037ccd3f3c83cb140abdf5d10af73888bdd362 /net/netlabel | |
parent | 8d75899d033617316e06296b7c0729612f56aba0 (diff) |
cipso: Add support for native local labeling and fixup mapping names
This patch accomplishes three minor tasks: add a new tag type for local
labeling, rename the CIPSO_V4_MAP_STD define to CIPSO_V4_MAP_TRANS and
replace some of the CIPSO "magic numbers" with constants from the header
file. The first change allows CIPSO to support full LSM labels/contexts,
not just MLS attributes. The second change brings the mapping names inline
with what userspace is using, compatibility is preserved since we don't
actually change the value. The last change is to aid readability and help
prevent mistakes.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Diffstat (limited to 'net/netlabel')
-rw-r--r-- | net/netlabel/netlabel_cipso_v4.c | 14 | ||||
-rw-r--r-- | net/netlabel/netlabel_cipso_v4.h | 4 | ||||
-rw-r--r-- | net/netlabel/netlabel_kapi.c | 4 |
3 files changed, 11 insertions, 11 deletions
diff --git a/net/netlabel/netlabel_cipso_v4.c b/net/netlabel/netlabel_cipso_v4.c index 5c4f60bbc82..db83a67cbc7 100644 --- a/net/netlabel/netlabel_cipso_v4.c +++ b/net/netlabel/netlabel_cipso_v4.c | |||
@@ -132,9 +132,9 @@ static int netlbl_cipsov4_add_common(struct genl_info *info, | |||
132 | * @info: the Generic NETLINK info block | 132 | * @info: the Generic NETLINK info block |
133 | * | 133 | * |
134 | * Description: | 134 | * Description: |
135 | * Create a new CIPSO_V4_MAP_STD DOI definition based on the given ADD message | 135 | * Create a new CIPSO_V4_MAP_TRANS DOI definition based on the given ADD |
136 | * and add it to the CIPSO V4 engine. Return zero on success and non-zero on | 136 | * message and add it to the CIPSO V4 engine. Return zero on success and |
137 | * error. | 137 | * non-zero on error. |
138 | * | 138 | * |
139 | */ | 139 | */ |
140 | static int netlbl_cipsov4_add_std(struct genl_info *info) | 140 | static int netlbl_cipsov4_add_std(struct genl_info *info) |
@@ -164,7 +164,7 @@ static int netlbl_cipsov4_add_std(struct genl_info *info) | |||
164 | ret_val = -ENOMEM; | 164 | ret_val = -ENOMEM; |
165 | goto add_std_failure; | 165 | goto add_std_failure; |
166 | } | 166 | } |
167 | doi_def->type = CIPSO_V4_MAP_STD; | 167 | doi_def->type = CIPSO_V4_MAP_TRANS; |
168 | 168 | ||
169 | ret_val = netlbl_cipsov4_add_common(info, doi_def); | 169 | ret_val = netlbl_cipsov4_add_common(info, doi_def); |
170 | if (ret_val != 0) | 170 | if (ret_val != 0) |
@@ -393,8 +393,8 @@ static int netlbl_cipsov4_add(struct sk_buff *skb, struct genl_info *info) | |||
393 | 393 | ||
394 | type = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_MTYPE]); | 394 | type = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_MTYPE]); |
395 | switch (type) { | 395 | switch (type) { |
396 | case CIPSO_V4_MAP_STD: | 396 | case CIPSO_V4_MAP_TRANS: |
397 | type_str = "std"; | 397 | type_str = "trans"; |
398 | ret_val = netlbl_cipsov4_add_std(info); | 398 | ret_val = netlbl_cipsov4_add_std(info); |
399 | break; | 399 | break; |
400 | case CIPSO_V4_MAP_PASS: | 400 | case CIPSO_V4_MAP_PASS: |
@@ -497,7 +497,7 @@ list_start: | |||
497 | nla_nest_end(ans_skb, nla_a); | 497 | nla_nest_end(ans_skb, nla_a); |
498 | 498 | ||
499 | switch (doi_def->type) { | 499 | switch (doi_def->type) { |
500 | case CIPSO_V4_MAP_STD: | 500 | case CIPSO_V4_MAP_TRANS: |
501 | nla_a = nla_nest_start(ans_skb, NLBL_CIPSOV4_A_MLSLVLLST); | 501 | nla_a = nla_nest_start(ans_skb, NLBL_CIPSOV4_A_MLSLVLLST); |
502 | if (nla_a == NULL) { | 502 | if (nla_a == NULL) { |
503 | ret_val = -ENOMEM; | 503 | ret_val = -ENOMEM; |
diff --git a/net/netlabel/netlabel_cipso_v4.h b/net/netlabel/netlabel_cipso_v4.h index 220cb9d06b4..fb3957f1d69 100644 --- a/net/netlabel/netlabel_cipso_v4.h +++ b/net/netlabel/netlabel_cipso_v4.h | |||
@@ -45,7 +45,7 @@ | |||
45 | * NLBL_CIPSOV4_A_MTYPE | 45 | * NLBL_CIPSOV4_A_MTYPE |
46 | * NLBL_CIPSOV4_A_TAGLST | 46 | * NLBL_CIPSOV4_A_TAGLST |
47 | * | 47 | * |
48 | * If using CIPSO_V4_MAP_STD the following attributes are required: | 48 | * If using CIPSO_V4_MAP_TRANS the following attributes are required: |
49 | * | 49 | * |
50 | * NLBL_CIPSOV4_A_MLSLVLLST | 50 | * NLBL_CIPSOV4_A_MLSLVLLST |
51 | * NLBL_CIPSOV4_A_MLSCATLST | 51 | * NLBL_CIPSOV4_A_MLSCATLST |
@@ -76,7 +76,7 @@ | |||
76 | * NLBL_CIPSOV4_A_MTYPE | 76 | * NLBL_CIPSOV4_A_MTYPE |
77 | * NLBL_CIPSOV4_A_TAGLST | 77 | * NLBL_CIPSOV4_A_TAGLST |
78 | * | 78 | * |
79 | * If using CIPSO_V4_MAP_STD the following attributes are required: | 79 | * If using CIPSO_V4_MAP_TRANS the following attributes are required: |
80 | * | 80 | * |
81 | * NLBL_CIPSOV4_A_MLSLVLLST | 81 | * NLBL_CIPSOV4_A_MLSLVLLST |
82 | * NLBL_CIPSOV4_A_MLSCATLST | 82 | * NLBL_CIPSOV4_A_MLSCATLST |
diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c index 78fc557689b..8435b15c3f7 100644 --- a/net/netlabel/netlabel_kapi.c +++ b/net/netlabel/netlabel_kapi.c | |||
@@ -157,8 +157,8 @@ cfg_cipsov4_add_map_return: | |||
157 | audit_info); | 157 | audit_info); |
158 | if (audit_buf != NULL) { | 158 | if (audit_buf != NULL) { |
159 | switch (doi_type) { | 159 | switch (doi_type) { |
160 | case CIPSO_V4_MAP_STD: | 160 | case CIPSO_V4_MAP_TRANS: |
161 | type_str = "std"; | 161 | type_str = "trans"; |
162 | break; | 162 | break; |
163 | case CIPSO_V4_MAP_PASS: | 163 | case CIPSO_V4_MAP_PASS: |
164 | type_str = "pass"; | 164 | type_str = "pass"; |