diff options
Diffstat (limited to 'include/net/netlabel.h')
-rw-r--r-- | include/net/netlabel.h | 102 |
1 files changed, 99 insertions, 3 deletions
diff --git a/include/net/netlabel.h b/include/net/netlabel.h index d605d7954013..83da7e1f0d3d 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h | |||
@@ -111,6 +111,22 @@ struct netlbl_lsm_cache { | |||
111 | void (*free) (const void *data); | 111 | void (*free) (const void *data); |
112 | void *data; | 112 | void *data; |
113 | }; | 113 | }; |
114 | /* The catmap bitmap field MUST be a power of two in length and large | ||
115 | * enough to hold at least 240 bits. Special care (i.e. check the code!) | ||
116 | * should be used when changing these values as the LSM implementation | ||
117 | * probably has functions which rely on the sizes of these types to speed | ||
118 | * processing. */ | ||
119 | #define NETLBL_CATMAP_MAPTYPE u64 | ||
120 | #define NETLBL_CATMAP_MAPCNT 4 | ||
121 | #define NETLBL_CATMAP_MAPSIZE (sizeof(NETLBL_CATMAP_MAPTYPE) * 8) | ||
122 | #define NETLBL_CATMAP_SIZE (NETLBL_CATMAP_MAPSIZE * \ | ||
123 | NETLBL_CATMAP_MAPCNT) | ||
124 | #define NETLBL_CATMAP_BIT (NETLBL_CATMAP_MAPTYPE)0x01 | ||
125 | struct netlbl_lsm_secattr_catmap { | ||
126 | u32 startbit; | ||
127 | NETLBL_CATMAP_MAPTYPE bitmap[NETLBL_CATMAP_MAPCNT]; | ||
128 | struct netlbl_lsm_secattr_catmap *next; | ||
129 | }; | ||
114 | #define NETLBL_SECATTR_NONE 0x00000000 | 130 | #define NETLBL_SECATTR_NONE 0x00000000 |
115 | #define NETLBL_SECATTR_DOMAIN 0x00000001 | 131 | #define NETLBL_SECATTR_DOMAIN 0x00000001 |
116 | #define NETLBL_SECATTR_CACHE 0x00000002 | 132 | #define NETLBL_SECATTR_CACHE 0x00000002 |
@@ -122,8 +138,7 @@ struct netlbl_lsm_secattr { | |||
122 | char *domain; | 138 | char *domain; |
123 | 139 | ||
124 | u32 mls_lvl; | 140 | u32 mls_lvl; |
125 | unsigned char *mls_cat; | 141 | struct netlbl_lsm_secattr_catmap *mls_cat; |
126 | size_t mls_cat_len; | ||
127 | 142 | ||
128 | struct netlbl_lsm_cache *cache; | 143 | struct netlbl_lsm_cache *cache; |
129 | }; | 144 | }; |
@@ -171,6 +186,41 @@ static inline void netlbl_secattr_cache_free(struct netlbl_lsm_cache *cache) | |||
171 | } | 186 | } |
172 | 187 | ||
173 | /** | 188 | /** |
189 | * netlbl_secattr_catmap_alloc - Allocate a LSM secattr catmap | ||
190 | * @flags: memory allocation flags | ||
191 | * | ||
192 | * Description: | ||
193 | * Allocate memory for a LSM secattr catmap, returns a pointer on success, NULL | ||
194 | * on failure. | ||
195 | * | ||
196 | */ | ||
197 | static inline struct netlbl_lsm_secattr_catmap *netlbl_secattr_catmap_alloc( | ||
198 | gfp_t flags) | ||
199 | { | ||
200 | return kzalloc(sizeof(struct netlbl_lsm_secattr_catmap), flags); | ||
201 | } | ||
202 | |||
203 | /** | ||
204 | * netlbl_secattr_catmap_free - Free a LSM secattr catmap | ||
205 | * @catmap: the category bitmap | ||
206 | * | ||
207 | * Description: | ||
208 | * Free a LSM secattr catmap. | ||
209 | * | ||
210 | */ | ||
211 | static inline void netlbl_secattr_catmap_free( | ||
212 | struct netlbl_lsm_secattr_catmap *catmap) | ||
213 | { | ||
214 | struct netlbl_lsm_secattr_catmap *iter; | ||
215 | |||
216 | do { | ||
217 | iter = catmap; | ||
218 | catmap = catmap->next; | ||
219 | kfree(iter); | ||
220 | } while (catmap); | ||
221 | } | ||
222 | |||
223 | /** | ||
174 | * netlbl_secattr_init - Initialize a netlbl_lsm_secattr struct | 224 | * netlbl_secattr_init - Initialize a netlbl_lsm_secattr struct |
175 | * @secattr: the struct to initialize | 225 | * @secattr: the struct to initialize |
176 | * | 226 | * |
@@ -200,7 +250,8 @@ static inline void netlbl_secattr_destroy(struct netlbl_lsm_secattr *secattr) | |||
200 | if (secattr->cache) | 250 | if (secattr->cache) |
201 | netlbl_secattr_cache_free(secattr->cache); | 251 | netlbl_secattr_cache_free(secattr->cache); |
202 | kfree(secattr->domain); | 252 | kfree(secattr->domain); |
203 | kfree(secattr->mls_cat); | 253 | if (secattr->mls_cat) |
254 | netlbl_secattr_catmap_free(secattr->mls_cat); | ||
204 | } | 255 | } |
205 | 256 | ||
206 | /** | 257 | /** |
@@ -231,6 +282,51 @@ static inline void netlbl_secattr_free(struct netlbl_lsm_secattr *secattr) | |||
231 | kfree(secattr); | 282 | kfree(secattr); |
232 | } | 283 | } |
233 | 284 | ||
285 | #ifdef CONFIG_NETLABEL | ||
286 | int netlbl_secattr_catmap_walk(struct netlbl_lsm_secattr_catmap *catmap, | ||
287 | u32 offset); | ||
288 | int netlbl_secattr_catmap_walk_rng(struct netlbl_lsm_secattr_catmap *catmap, | ||
289 | u32 offset); | ||
290 | int netlbl_secattr_catmap_setbit(struct netlbl_lsm_secattr_catmap *catmap, | ||
291 | u32 bit, | ||
292 | gfp_t flags); | ||
293 | int netlbl_secattr_catmap_setrng(struct netlbl_lsm_secattr_catmap *catmap, | ||
294 | u32 start, | ||
295 | u32 end, | ||
296 | gfp_t flags); | ||
297 | #else | ||
298 | static inline int netlbl_secattr_catmap_walk( | ||
299 | struct netlbl_lsm_secattr_catmap *catmap, | ||
300 | u32 offset) | ||
301 | { | ||
302 | return -ENOENT; | ||
303 | } | ||
304 | |||
305 | static inline int netlbl_secattr_catmap_walk_rng( | ||
306 | struct netlbl_lsm_secattr_catmap *catmap, | ||
307 | u32 offset) | ||
308 | { | ||
309 | return -ENOENT; | ||
310 | } | ||
311 | |||
312 | static inline int netlbl_secattr_catmap_setbit( | ||
313 | struct netlbl_lsm_secattr_catmap *catmap, | ||
314 | u32 bit, | ||
315 | gfp_t flags) | ||
316 | { | ||
317 | return 0; | ||
318 | } | ||
319 | |||
320 | static inline int netlbl_secattr_catmap_setrng( | ||
321 | struct netlbl_lsm_secattr_catmap *catmap, | ||
322 | u32 start, | ||
323 | u32 end, | ||
324 | gfp_t flags) | ||
325 | { | ||
326 | return 0; | ||
327 | } | ||
328 | #endif | ||
329 | |||
234 | /* | 330 | /* |
235 | * LSM protocol operations | 331 | * LSM protocol operations |
236 | */ | 332 | */ |