diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/dccp.h | 14 | ||||
-rw-r--r-- | include/linux/netfilter/Kbuild | 2 | ||||
-rw-r--r-- | include/net/cipso_ipv4.h | 23 | ||||
-rw-r--r-- | include/net/netlabel.h | 57 | ||||
-rw-r--r-- | include/net/netlink.h | 20 |
5 files changed, 54 insertions, 62 deletions
diff --git a/include/linux/dccp.h b/include/linux/dccp.h index 2d7671c92c0b..d6f4ec467a4b 100644 --- a/include/linux/dccp.h +++ b/include/linux/dccp.h | |||
@@ -169,6 +169,12 @@ enum { | |||
169 | DCCPO_MAX_CCID_SPECIFIC = 255, | 169 | DCCPO_MAX_CCID_SPECIFIC = 255, |
170 | }; | 170 | }; |
171 | 171 | ||
172 | /* DCCP CCIDS */ | ||
173 | enum { | ||
174 | DCCPC_CCID2 = 2, | ||
175 | DCCPC_CCID3 = 3, | ||
176 | }; | ||
177 | |||
172 | /* DCCP features */ | 178 | /* DCCP features */ |
173 | enum { | 179 | enum { |
174 | DCCPF_RESERVED = 0, | 180 | DCCPF_RESERVED = 0, |
@@ -320,7 +326,7 @@ static inline unsigned int dccp_hdr_len(const struct sk_buff *skb) | |||
320 | /* initial values for each feature */ | 326 | /* initial values for each feature */ |
321 | #define DCCPF_INITIAL_SEQUENCE_WINDOW 100 | 327 | #define DCCPF_INITIAL_SEQUENCE_WINDOW 100 |
322 | #define DCCPF_INITIAL_ACK_RATIO 2 | 328 | #define DCCPF_INITIAL_ACK_RATIO 2 |
323 | #define DCCPF_INITIAL_CCID 2 | 329 | #define DCCPF_INITIAL_CCID DCCPC_CCID2 |
324 | #define DCCPF_INITIAL_SEND_ACK_VECTOR 1 | 330 | #define DCCPF_INITIAL_SEND_ACK_VECTOR 1 |
325 | /* FIXME: for now we're default to 1 but it should really be 0 */ | 331 | /* FIXME: for now we're default to 1 but it should really be 0 */ |
326 | #define DCCPF_INITIAL_SEND_NDP_COUNT 1 | 332 | #define DCCPF_INITIAL_SEND_NDP_COUNT 1 |
@@ -404,6 +410,7 @@ struct dccp_service_list { | |||
404 | }; | 410 | }; |
405 | 411 | ||
406 | #define DCCP_SERVICE_INVALID_VALUE htonl((__u32)-1) | 412 | #define DCCP_SERVICE_INVALID_VALUE htonl((__u32)-1) |
413 | #define DCCP_SERVICE_CODE_IS_ABSENT 0 | ||
407 | 414 | ||
408 | static inline int dccp_list_has_service(const struct dccp_service_list *sl, | 415 | static inline int dccp_list_has_service(const struct dccp_service_list *sl, |
409 | const __be32 service) | 416 | const __be32 service) |
@@ -484,11 +491,6 @@ static inline struct dccp_minisock *dccp_msk(const struct sock *sk) | |||
484 | return (struct dccp_minisock *)&dccp_sk(sk)->dccps_minisock; | 491 | return (struct dccp_minisock *)&dccp_sk(sk)->dccps_minisock; |
485 | } | 492 | } |
486 | 493 | ||
487 | static inline int dccp_service_not_initialized(const struct sock *sk) | ||
488 | { | ||
489 | return dccp_sk(sk)->dccps_service == DCCP_SERVICE_INVALID_VALUE; | ||
490 | } | ||
491 | |||
492 | static inline const char *dccp_role(const struct sock *sk) | 494 | static inline const char *dccp_role(const struct sock *sk) |
493 | { | 495 | { |
494 | switch (dccp_sk(sk)->dccps_role) { | 496 | switch (dccp_sk(sk)->dccps_role) { |
diff --git a/include/linux/netfilter/Kbuild b/include/linux/netfilter/Kbuild index 9a285cecf249..312bd2ffee33 100644 --- a/include/linux/netfilter/Kbuild +++ b/include/linux/netfilter/Kbuild | |||
@@ -10,6 +10,8 @@ header-y += xt_connmark.h | |||
10 | header-y += xt_CONNMARK.h | 10 | header-y += xt_CONNMARK.h |
11 | header-y += xt_conntrack.h | 11 | header-y += xt_conntrack.h |
12 | header-y += xt_dccp.h | 12 | header-y += xt_dccp.h |
13 | header-y += xt_dscp.h | ||
14 | header-y += xt_DSCP.h | ||
13 | header-y += xt_esp.h | 15 | header-y += xt_esp.h |
14 | header-y += xt_helper.h | 16 | header-y += xt_helper.h |
15 | header-y += xt_length.h | 17 | header-y += xt_length.h |
diff --git a/include/net/cipso_ipv4.h b/include/net/cipso_ipv4.h index 59406e0dc5b2..2d72496c2029 100644 --- a/include/net/cipso_ipv4.h +++ b/include/net/cipso_ipv4.h | |||
@@ -130,8 +130,9 @@ extern int cipso_v4_rbm_strictvalid; | |||
130 | int cipso_v4_doi_add(struct cipso_v4_doi *doi_def); | 130 | int cipso_v4_doi_add(struct cipso_v4_doi *doi_def); |
131 | int cipso_v4_doi_remove(u32 doi, void (*callback) (struct rcu_head * head)); | 131 | int cipso_v4_doi_remove(u32 doi, void (*callback) (struct rcu_head * head)); |
132 | struct cipso_v4_doi *cipso_v4_doi_getdef(u32 doi); | 132 | struct cipso_v4_doi *cipso_v4_doi_getdef(u32 doi); |
133 | struct sk_buff *cipso_v4_doi_dump_all(size_t headroom); | 133 | int cipso_v4_doi_walk(u32 *skip_cnt, |
134 | struct sk_buff *cipso_v4_doi_dump(u32 doi, size_t headroom); | 134 | int (*callback) (struct cipso_v4_doi *doi_def, void *arg), |
135 | void *cb_arg); | ||
135 | int cipso_v4_doi_domhsh_add(struct cipso_v4_doi *doi_def, const char *domain); | 136 | int cipso_v4_doi_domhsh_add(struct cipso_v4_doi *doi_def, const char *domain); |
136 | int cipso_v4_doi_domhsh_remove(struct cipso_v4_doi *doi_def, | 137 | int cipso_v4_doi_domhsh_remove(struct cipso_v4_doi *doi_def, |
137 | const char *domain); | 138 | const char *domain); |
@@ -152,14 +153,11 @@ static inline struct cipso_v4_doi *cipso_v4_doi_getdef(u32 doi) | |||
152 | return NULL; | 153 | return NULL; |
153 | } | 154 | } |
154 | 155 | ||
155 | static inline struct sk_buff *cipso_v4_doi_dump_all(size_t headroom) | 156 | static inline int cipso_v4_doi_walk(u32 *skip_cnt, |
157 | int (*callback) (struct cipso_v4_doi *doi_def, void *arg), | ||
158 | void *cb_arg) | ||
156 | { | 159 | { |
157 | return NULL; | 160 | return 0; |
158 | } | ||
159 | |||
160 | static inline struct sk_buff *cipso_v4_doi_dump(u32 doi, size_t headroom) | ||
161 | { | ||
162 | return NULL; | ||
163 | } | 161 | } |
164 | 162 | ||
165 | static inline int cipso_v4_doi_domhsh_add(struct cipso_v4_doi *doi_def, | 163 | static inline int cipso_v4_doi_domhsh_add(struct cipso_v4_doi *doi_def, |
@@ -205,6 +203,7 @@ void cipso_v4_error(struct sk_buff *skb, int error, u32 gateway); | |||
205 | int cipso_v4_socket_setattr(const struct socket *sock, | 203 | int cipso_v4_socket_setattr(const struct socket *sock, |
206 | const struct cipso_v4_doi *doi_def, | 204 | const struct cipso_v4_doi *doi_def, |
207 | const struct netlbl_lsm_secattr *secattr); | 205 | const struct netlbl_lsm_secattr *secattr); |
206 | int cipso_v4_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr); | ||
208 | int cipso_v4_socket_getattr(const struct socket *sock, | 207 | int cipso_v4_socket_getattr(const struct socket *sock, |
209 | struct netlbl_lsm_secattr *secattr); | 208 | struct netlbl_lsm_secattr *secattr); |
210 | int cipso_v4_skbuff_getattr(const struct sk_buff *skb, | 209 | int cipso_v4_skbuff_getattr(const struct sk_buff *skb, |
@@ -225,6 +224,12 @@ static inline int cipso_v4_socket_setattr(const struct socket *sock, | |||
225 | return -ENOSYS; | 224 | return -ENOSYS; |
226 | } | 225 | } |
227 | 226 | ||
227 | static inline int cipso_v4_sock_getattr(struct sock *sk, | ||
228 | struct netlbl_lsm_secattr *secattr) | ||
229 | { | ||
230 | return -ENOSYS; | ||
231 | } | ||
232 | |||
228 | static inline int cipso_v4_socket_getattr(const struct socket *sock, | 233 | static inline int cipso_v4_socket_getattr(const struct socket *sock, |
229 | struct netlbl_lsm_secattr *secattr) | 234 | struct netlbl_lsm_secattr *secattr) |
230 | { | 235 | { |
diff --git a/include/net/netlabel.h b/include/net/netlabel.h index dd5780b36919..6692430063fd 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h | |||
@@ -57,9 +57,8 @@ | |||
57 | * The payload is dependent on the subsystem specified in the | 57 | * The payload is dependent on the subsystem specified in the |
58 | * 'nlmsghdr->nlmsg_type' and should be defined below, supporting functions | 58 | * 'nlmsghdr->nlmsg_type' and should be defined below, supporting functions |
59 | * should be defined in the corresponding net/netlabel/netlabel_<subsys>.h|c | 59 | * should be defined in the corresponding net/netlabel/netlabel_<subsys>.h|c |
60 | * file. All of the fields in the NetLabel payload are NETLINK attributes, the | 60 | * file. All of the fields in the NetLabel payload are NETLINK attributes, see |
61 | * length of each field is the length of the NETLINK attribute payload, see | 61 | * the include/net/netlink.h file for more information on NETLINK attributes. |
62 | * include/net/netlink.h for more information on NETLINK attributes. | ||
63 | * | 62 | * |
64 | */ | 63 | */ |
65 | 64 | ||
@@ -82,50 +81,6 @@ | |||
82 | #define NETLBL_NLTYPE_UNLABELED 5 | 81 | #define NETLBL_NLTYPE_UNLABELED 5 |
83 | #define NETLBL_NLTYPE_UNLABELED_NAME "NLBL_UNLBL" | 82 | #define NETLBL_NLTYPE_UNLABELED_NAME "NLBL_UNLBL" |
84 | 83 | ||
85 | /* NetLabel return codes */ | ||
86 | #define NETLBL_E_OK 0 | ||
87 | |||
88 | /* | ||
89 | * Helper functions | ||
90 | */ | ||
91 | |||
92 | #define NETLBL_LEN_U8 nla_total_size(sizeof(u8)) | ||
93 | #define NETLBL_LEN_U16 nla_total_size(sizeof(u16)) | ||
94 | #define NETLBL_LEN_U32 nla_total_size(sizeof(u32)) | ||
95 | |||
96 | /** | ||
97 | * netlbl_netlink_alloc_skb - Allocate a NETLINK message buffer | ||
98 | * @head: the amount of headroom in bytes | ||
99 | * @body: the desired size (minus headroom) in bytes | ||
100 | * @gfp_flags: the alloc flags to pass to alloc_skb() | ||
101 | * | ||
102 | * Description: | ||
103 | * Allocate a NETLINK message buffer based on the sizes given in @head and | ||
104 | * @body. If @head is greater than zero skb_reserve() is called to reserve | ||
105 | * @head bytes at the start of the buffer. Returns a valid sk_buff pointer on | ||
106 | * success, NULL on failure. | ||
107 | * | ||
108 | */ | ||
109 | static inline struct sk_buff *netlbl_netlink_alloc_skb(size_t head, | ||
110 | size_t body, | ||
111 | gfp_t gfp_flags) | ||
112 | { | ||
113 | struct sk_buff *skb; | ||
114 | |||
115 | skb = alloc_skb(NLMSG_ALIGN(head + body), gfp_flags); | ||
116 | if (skb == NULL) | ||
117 | return NULL; | ||
118 | if (head > 0) { | ||
119 | skb_reserve(skb, head); | ||
120 | if (skb_tailroom(skb) < body) { | ||
121 | kfree_skb(skb); | ||
122 | return NULL; | ||
123 | } | ||
124 | } | ||
125 | |||
126 | return skb; | ||
127 | } | ||
128 | |||
129 | /* | 84 | /* |
130 | * NetLabel - Kernel API for accessing the network packet label mappings. | 85 | * NetLabel - Kernel API for accessing the network packet label mappings. |
131 | * | 86 | * |
@@ -238,6 +193,8 @@ static inline void netlbl_secattr_free(struct netlbl_lsm_secattr *secattr, | |||
238 | #ifdef CONFIG_NETLABEL | 193 | #ifdef CONFIG_NETLABEL |
239 | int netlbl_socket_setattr(const struct socket *sock, | 194 | int netlbl_socket_setattr(const struct socket *sock, |
240 | const struct netlbl_lsm_secattr *secattr); | 195 | const struct netlbl_lsm_secattr *secattr); |
196 | int netlbl_sock_getattr(struct sock *sk, | ||
197 | struct netlbl_lsm_secattr *secattr); | ||
241 | int netlbl_socket_getattr(const struct socket *sock, | 198 | int netlbl_socket_getattr(const struct socket *sock, |
242 | struct netlbl_lsm_secattr *secattr); | 199 | struct netlbl_lsm_secattr *secattr); |
243 | int netlbl_skbuff_getattr(const struct sk_buff *skb, | 200 | int netlbl_skbuff_getattr(const struct sk_buff *skb, |
@@ -250,6 +207,12 @@ static inline int netlbl_socket_setattr(const struct socket *sock, | |||
250 | return -ENOSYS; | 207 | return -ENOSYS; |
251 | } | 208 | } |
252 | 209 | ||
210 | static inline int netlbl_sock_getattr(struct sock *sk, | ||
211 | struct netlbl_lsm_secattr *secattr) | ||
212 | { | ||
213 | return -ENOSYS; | ||
214 | } | ||
215 | |||
253 | static inline int netlbl_socket_getattr(const struct socket *sock, | 216 | static inline int netlbl_socket_getattr(const struct socket *sock, |
254 | struct netlbl_lsm_secattr *secattr) | 217 | struct netlbl_lsm_secattr *secattr) |
255 | { | 218 | { |
diff --git a/include/net/netlink.h b/include/net/netlink.h index 11dc2e7f679a..4ab68a7a636a 100644 --- a/include/net/netlink.h +++ b/include/net/netlink.h | |||
@@ -146,11 +146,13 @@ | |||
146 | * nla_ok(nla, remaining) does nla fit into remaining bytes? | 146 | * nla_ok(nla, remaining) does nla fit into remaining bytes? |
147 | * nla_next(nla, remaining) get next netlink attribute | 147 | * nla_next(nla, remaining) get next netlink attribute |
148 | * nla_validate() validate a stream of attributes | 148 | * nla_validate() validate a stream of attributes |
149 | * nla_validate_nested() validate a stream of nested attributes | ||
149 | * nla_find() find attribute in stream of attributes | 150 | * nla_find() find attribute in stream of attributes |
150 | * nla_find_nested() find attribute in nested attributes | 151 | * nla_find_nested() find attribute in nested attributes |
151 | * nla_parse() parse and validate stream of attrs | 152 | * nla_parse() parse and validate stream of attrs |
152 | * nla_parse_nested() parse nested attribuets | 153 | * nla_parse_nested() parse nested attribuets |
153 | * nla_for_each_attr() loop over all attributes | 154 | * nla_for_each_attr() loop over all attributes |
155 | * nla_for_each_nested() loop over the nested attributes | ||
154 | *========================================================================= | 156 | *========================================================================= |
155 | */ | 157 | */ |
156 | 158 | ||
@@ -950,6 +952,24 @@ static inline int nla_nest_cancel(struct sk_buff *skb, struct nlattr *start) | |||
950 | } | 952 | } |
951 | 953 | ||
952 | /** | 954 | /** |
955 | * nla_validate_nested - Validate a stream of nested attributes | ||
956 | * @start: container attribute | ||
957 | * @maxtype: maximum attribute type to be expected | ||
958 | * @policy: validation policy | ||
959 | * | ||
960 | * Validates all attributes in the nested attribute stream against the | ||
961 | * specified policy. Attributes with a type exceeding maxtype will be | ||
962 | * ignored. See documenation of struct nla_policy for more details. | ||
963 | * | ||
964 | * Returns 0 on success or a negative error code. | ||
965 | */ | ||
966 | static inline int nla_validate_nested(struct nlattr *start, int maxtype, | ||
967 | struct nla_policy *policy) | ||
968 | { | ||
969 | return nla_validate(nla_data(start), nla_len(start), maxtype, policy); | ||
970 | } | ||
971 | |||
972 | /** | ||
953 | * nla_for_each_attr - iterate over a stream of attributes | 973 | * nla_for_each_attr - iterate over a stream of attributes |
954 | * @pos: loop counter, set to current attribute | 974 | * @pos: loop counter, set to current attribute |
955 | * @head: head of attribute stream | 975 | * @head: head of attribute stream |