diff options
author | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-07-19 17:42:40 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-07-19 17:42:40 -0400 |
commit | 721e2629fa2167c0e5a9f10d704b1fee1621a8cb (patch) | |
tree | a1580ed191e710f891ef1bf25c8c1fc7d6f054a9 /include/net | |
parent | fdb64f93b38a3470fa4db8cd5720b8c731922d1a (diff) | |
parent | f36158c410651fe66f438c17b2ab3ae813f8c060 (diff) |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
SELinux: use SECINITSID_NETMSG instead of SECINITSID_UNLABELED for NetLabel
SELinux: enable dynamic activation/deactivation of NetLabel/SELinux enforcement
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/netlabel.h | 62 |
1 files changed, 27 insertions, 35 deletions
diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 9b7d6f2ac9a3..ffbc7f28335a 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h | |||
@@ -144,10 +144,9 @@ struct netlbl_lsm_secattr { | |||
144 | }; | 144 | }; |
145 | 145 | ||
146 | /* | 146 | /* |
147 | * LSM security attribute operations | 147 | * LSM security attribute operations (inline) |
148 | */ | 148 | */ |
149 | 149 | ||
150 | |||
151 | /** | 150 | /** |
152 | * netlbl_secattr_cache_alloc - Allocate and initialize a secattr cache | 151 | * netlbl_secattr_cache_alloc - Allocate and initialize a secattr cache |
153 | * @flags: the memory allocation flags | 152 | * @flags: the memory allocation flags |
@@ -283,6 +282,9 @@ static inline void netlbl_secattr_free(struct netlbl_lsm_secattr *secattr) | |||
283 | } | 282 | } |
284 | 283 | ||
285 | #ifdef CONFIG_NETLABEL | 284 | #ifdef CONFIG_NETLABEL |
285 | /* | ||
286 | * LSM security attribute operations | ||
287 | */ | ||
286 | int netlbl_secattr_catmap_walk(struct netlbl_lsm_secattr_catmap *catmap, | 288 | int netlbl_secattr_catmap_walk(struct netlbl_lsm_secattr_catmap *catmap, |
287 | u32 offset); | 289 | u32 offset); |
288 | int netlbl_secattr_catmap_walk_rng(struct netlbl_lsm_secattr_catmap *catmap, | 290 | int netlbl_secattr_catmap_walk_rng(struct netlbl_lsm_secattr_catmap *catmap, |
@@ -294,6 +296,25 @@ int netlbl_secattr_catmap_setrng(struct netlbl_lsm_secattr_catmap *catmap, | |||
294 | u32 start, | 296 | u32 start, |
295 | u32 end, | 297 | u32 end, |
296 | gfp_t flags); | 298 | gfp_t flags); |
299 | |||
300 | /* | ||
301 | * LSM protocol operations | ||
302 | */ | ||
303 | int netlbl_enabled(void); | ||
304 | int netlbl_sock_setattr(struct sock *sk, | ||
305 | const struct netlbl_lsm_secattr *secattr); | ||
306 | int netlbl_sock_getattr(struct sock *sk, | ||
307 | struct netlbl_lsm_secattr *secattr); | ||
308 | int netlbl_skbuff_getattr(const struct sk_buff *skb, | ||
309 | struct netlbl_lsm_secattr *secattr); | ||
310 | void netlbl_skbuff_err(struct sk_buff *skb, int error); | ||
311 | |||
312 | /* | ||
313 | * LSM label mapping cache operations | ||
314 | */ | ||
315 | void netlbl_cache_invalidate(void); | ||
316 | int netlbl_cache_add(const struct sk_buff *skb, | ||
317 | const struct netlbl_lsm_secattr *secattr); | ||
297 | #else | 318 | #else |
298 | static inline int netlbl_secattr_catmap_walk( | 319 | static inline int netlbl_secattr_catmap_walk( |
299 | struct netlbl_lsm_secattr_catmap *catmap, | 320 | struct netlbl_lsm_secattr_catmap *catmap, |
@@ -301,14 +322,12 @@ static inline int netlbl_secattr_catmap_walk( | |||
301 | { | 322 | { |
302 | return -ENOENT; | 323 | return -ENOENT; |
303 | } | 324 | } |
304 | |||
305 | static inline int netlbl_secattr_catmap_walk_rng( | 325 | static inline int netlbl_secattr_catmap_walk_rng( |
306 | struct netlbl_lsm_secattr_catmap *catmap, | 326 | struct netlbl_lsm_secattr_catmap *catmap, |
307 | u32 offset) | 327 | u32 offset) |
308 | { | 328 | { |
309 | return -ENOENT; | 329 | return -ENOENT; |
310 | } | 330 | } |
311 | |||
312 | static inline int netlbl_secattr_catmap_setbit( | 331 | static inline int netlbl_secattr_catmap_setbit( |
313 | struct netlbl_lsm_secattr_catmap *catmap, | 332 | struct netlbl_lsm_secattr_catmap *catmap, |
314 | u32 bit, | 333 | u32 bit, |
@@ -316,7 +335,6 @@ static inline int netlbl_secattr_catmap_setbit( | |||
316 | { | 335 | { |
317 | return 0; | 336 | return 0; |
318 | } | 337 | } |
319 | |||
320 | static inline int netlbl_secattr_catmap_setrng( | 338 | static inline int netlbl_secattr_catmap_setrng( |
321 | struct netlbl_lsm_secattr_catmap *catmap, | 339 | struct netlbl_lsm_secattr_catmap *catmap, |
322 | u32 start, | 340 | u32 start, |
@@ -325,59 +343,33 @@ static inline int netlbl_secattr_catmap_setrng( | |||
325 | { | 343 | { |
326 | return 0; | 344 | return 0; |
327 | } | 345 | } |
328 | #endif | 346 | static inline int netlbl_enabled(void) |
329 | 347 | { | |
330 | /* | 348 | return 0; |
331 | * LSM protocol operations | 349 | } |
332 | */ | ||
333 | |||
334 | #ifdef CONFIG_NETLABEL | ||
335 | int netlbl_sock_setattr(struct sock *sk, | ||
336 | const struct netlbl_lsm_secattr *secattr); | ||
337 | int netlbl_sock_getattr(struct sock *sk, | ||
338 | struct netlbl_lsm_secattr *secattr); | ||
339 | int netlbl_skbuff_getattr(const struct sk_buff *skb, | ||
340 | struct netlbl_lsm_secattr *secattr); | ||
341 | void netlbl_skbuff_err(struct sk_buff *skb, int error); | ||
342 | #else | ||
343 | static inline int netlbl_sock_setattr(struct sock *sk, | 350 | static inline int netlbl_sock_setattr(struct sock *sk, |
344 | const struct netlbl_lsm_secattr *secattr) | 351 | const struct netlbl_lsm_secattr *secattr) |
345 | { | 352 | { |
346 | return -ENOSYS; | 353 | return -ENOSYS; |
347 | } | 354 | } |
348 | |||
349 | static inline int netlbl_sock_getattr(struct sock *sk, | 355 | static inline int netlbl_sock_getattr(struct sock *sk, |
350 | struct netlbl_lsm_secattr *secattr) | 356 | struct netlbl_lsm_secattr *secattr) |
351 | { | 357 | { |
352 | return -ENOSYS; | 358 | return -ENOSYS; |
353 | } | 359 | } |
354 | |||
355 | static inline int netlbl_skbuff_getattr(const struct sk_buff *skb, | 360 | static inline int netlbl_skbuff_getattr(const struct sk_buff *skb, |
356 | struct netlbl_lsm_secattr *secattr) | 361 | struct netlbl_lsm_secattr *secattr) |
357 | { | 362 | { |
358 | return -ENOSYS; | 363 | return -ENOSYS; |
359 | } | 364 | } |
360 | |||
361 | static inline void netlbl_skbuff_err(struct sk_buff *skb, int error) | 365 | static inline void netlbl_skbuff_err(struct sk_buff *skb, int error) |
362 | { | 366 | { |
363 | return; | 367 | return; |
364 | } | 368 | } |
365 | #endif /* CONFIG_NETLABEL */ | ||
366 | |||
367 | /* | ||
368 | * LSM label mapping cache operations | ||
369 | */ | ||
370 | |||
371 | #ifdef CONFIG_NETLABEL | ||
372 | void netlbl_cache_invalidate(void); | ||
373 | int netlbl_cache_add(const struct sk_buff *skb, | ||
374 | const struct netlbl_lsm_secattr *secattr); | ||
375 | #else | ||
376 | static inline void netlbl_cache_invalidate(void) | 369 | static inline void netlbl_cache_invalidate(void) |
377 | { | 370 | { |
378 | return; | 371 | return; |
379 | } | 372 | } |
380 | |||
381 | static inline int netlbl_cache_add(const struct sk_buff *skb, | 373 | static inline int netlbl_cache_add(const struct sk_buff *skb, |
382 | const struct netlbl_lsm_secattr *secattr) | 374 | const struct netlbl_lsm_secattr *secattr) |
383 | { | 375 | { |