aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@woody.linux-foundation.org>2007-07-19 17:42:40 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-07-19 17:42:40 -0400
commit721e2629fa2167c0e5a9f10d704b1fee1621a8cb (patch)
treea1580ed191e710f891ef1bf25c8c1fc7d6f054a9 /include/net
parentfdb64f93b38a3470fa4db8cd5720b8c731922d1a (diff)
parentf36158c410651fe66f438c17b2ab3ae813f8c060 (diff)
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6: SELinux: use SECINITSID_NETMSG instead of SECINITSID_UNLABELED for NetLabel SELinux: enable dynamic activation/deactivation of NetLabel/SELinux enforcement
Diffstat (limited to 'include/net')
-rw-r--r--include/net/netlabel.h62
1 files changed, 27 insertions, 35 deletions
diff --git a/include/net/netlabel.h b/include/net/netlabel.h
index 9b7d6f2ac9a3..ffbc7f28335a 100644
--- a/include/net/netlabel.h
+++ b/include/net/netlabel.h
@@ -144,10 +144,9 @@ struct netlbl_lsm_secattr {
144}; 144};
145 145
146/* 146/*
147 * LSM security attribute operations 147 * LSM security attribute operations (inline)
148 */ 148 */
149 149
150
151/** 150/**
152 * netlbl_secattr_cache_alloc - Allocate and initialize a secattr cache 151 * netlbl_secattr_cache_alloc - Allocate and initialize a secattr cache
153 * @flags: the memory allocation flags 152 * @flags: the memory allocation flags
@@ -283,6 +282,9 @@ static inline void netlbl_secattr_free(struct netlbl_lsm_secattr *secattr)
283} 282}
284 283
285#ifdef CONFIG_NETLABEL 284#ifdef CONFIG_NETLABEL
285/*
286 * LSM security attribute operations
287 */
286int netlbl_secattr_catmap_walk(struct netlbl_lsm_secattr_catmap *catmap, 288int netlbl_secattr_catmap_walk(struct netlbl_lsm_secattr_catmap *catmap,
287 u32 offset); 289 u32 offset);
288int netlbl_secattr_catmap_walk_rng(struct netlbl_lsm_secattr_catmap *catmap, 290int netlbl_secattr_catmap_walk_rng(struct netlbl_lsm_secattr_catmap *catmap,
@@ -294,6 +296,25 @@ int netlbl_secattr_catmap_setrng(struct netlbl_lsm_secattr_catmap *catmap,
294 u32 start, 296 u32 start,
295 u32 end, 297 u32 end,
296 gfp_t flags); 298 gfp_t flags);
299
300/*
301 * LSM protocol operations
302 */
303int netlbl_enabled(void);
304int netlbl_sock_setattr(struct sock *sk,
305 const struct netlbl_lsm_secattr *secattr);
306int netlbl_sock_getattr(struct sock *sk,
307 struct netlbl_lsm_secattr *secattr);
308int netlbl_skbuff_getattr(const struct sk_buff *skb,
309 struct netlbl_lsm_secattr *secattr);
310void netlbl_skbuff_err(struct sk_buff *skb, int error);
311
312/*
313 * LSM label mapping cache operations
314 */
315void netlbl_cache_invalidate(void);
316int netlbl_cache_add(const struct sk_buff *skb,
317 const struct netlbl_lsm_secattr *secattr);
297#else 318#else
298static inline int netlbl_secattr_catmap_walk( 319static inline int netlbl_secattr_catmap_walk(
299 struct netlbl_lsm_secattr_catmap *catmap, 320 struct netlbl_lsm_secattr_catmap *catmap,
@@ -301,14 +322,12 @@ static inline int netlbl_secattr_catmap_walk(
301{ 322{
302 return -ENOENT; 323 return -ENOENT;
303} 324}
304
305static inline int netlbl_secattr_catmap_walk_rng( 325static inline int netlbl_secattr_catmap_walk_rng(
306 struct netlbl_lsm_secattr_catmap *catmap, 326 struct netlbl_lsm_secattr_catmap *catmap,
307 u32 offset) 327 u32 offset)
308{ 328{
309 return -ENOENT; 329 return -ENOENT;
310} 330}
311
312static inline int netlbl_secattr_catmap_setbit( 331static inline int netlbl_secattr_catmap_setbit(
313 struct netlbl_lsm_secattr_catmap *catmap, 332 struct netlbl_lsm_secattr_catmap *catmap,
314 u32 bit, 333 u32 bit,
@@ -316,7 +335,6 @@ static inline int netlbl_secattr_catmap_setbit(
316{ 335{
317 return 0; 336 return 0;
318} 337}
319
320static inline int netlbl_secattr_catmap_setrng( 338static inline int netlbl_secattr_catmap_setrng(
321 struct netlbl_lsm_secattr_catmap *catmap, 339 struct netlbl_lsm_secattr_catmap *catmap,
322 u32 start, 340 u32 start,
@@ -325,59 +343,33 @@ static inline int netlbl_secattr_catmap_setrng(
325{ 343{
326 return 0; 344 return 0;
327} 345}
328#endif 346static inline int netlbl_enabled(void)
329 347{
330/* 348 return 0;
331 * LSM protocol operations 349}
332 */
333
334#ifdef CONFIG_NETLABEL
335int netlbl_sock_setattr(struct sock *sk,
336 const struct netlbl_lsm_secattr *secattr);
337int netlbl_sock_getattr(struct sock *sk,
338 struct netlbl_lsm_secattr *secattr);
339int netlbl_skbuff_getattr(const struct sk_buff *skb,
340 struct netlbl_lsm_secattr *secattr);
341void netlbl_skbuff_err(struct sk_buff *skb, int error);
342#else
343static inline int netlbl_sock_setattr(struct sock *sk, 350static inline int netlbl_sock_setattr(struct sock *sk,
344 const struct netlbl_lsm_secattr *secattr) 351 const struct netlbl_lsm_secattr *secattr)
345{ 352{
346 return -ENOSYS; 353 return -ENOSYS;
347} 354}
348
349static inline int netlbl_sock_getattr(struct sock *sk, 355static inline int netlbl_sock_getattr(struct sock *sk,
350 struct netlbl_lsm_secattr *secattr) 356 struct netlbl_lsm_secattr *secattr)
351{ 357{
352 return -ENOSYS; 358 return -ENOSYS;
353} 359}
354
355static inline int netlbl_skbuff_getattr(const struct sk_buff *skb, 360static inline int netlbl_skbuff_getattr(const struct sk_buff *skb,
356 struct netlbl_lsm_secattr *secattr) 361 struct netlbl_lsm_secattr *secattr)
357{ 362{
358 return -ENOSYS; 363 return -ENOSYS;
359} 364}
360
361static inline void netlbl_skbuff_err(struct sk_buff *skb, int error) 365static inline void netlbl_skbuff_err(struct sk_buff *skb, int error)
362{ 366{
363 return; 367 return;
364} 368}
365#endif /* CONFIG_NETLABEL */
366
367/*
368 * LSM label mapping cache operations
369 */
370
371#ifdef CONFIG_NETLABEL
372void netlbl_cache_invalidate(void);
373int netlbl_cache_add(const struct sk_buff *skb,
374 const struct netlbl_lsm_secattr *secattr);
375#else
376static inline void netlbl_cache_invalidate(void) 369static inline void netlbl_cache_invalidate(void)
377{ 370{
378 return; 371 return;
379} 372}
380
381static inline int netlbl_cache_add(const struct sk_buff *skb, 373static inline int netlbl_cache_add(const struct sk_buff *skb,
382 const struct netlbl_lsm_secattr *secattr) 374 const struct netlbl_lsm_secattr *secattr)
383{ 375{