aboutsummaryrefslogtreecommitdiffstats
path: root/net/netlabel/netlabel_unlabeled.h
diff options
context:
space:
mode:
Diffstat (limited to 'net/netlabel/netlabel_unlabeled.h')
-rw-r--r--net/netlabel/netlabel_unlabeled.h41
1 files changed, 16 insertions, 25 deletions
diff --git a/net/netlabel/netlabel_unlabeled.h b/net/netlabel/netlabel_unlabeled.h
index f300e54e14b6..c2917fbb42cf 100644
--- a/net/netlabel/netlabel_unlabeled.h
+++ b/net/netlabel/netlabel_unlabeled.h
@@ -36,56 +36,47 @@
36/* 36/*
37 * The following NetLabel payloads are supported by the Unlabeled subsystem. 37 * The following NetLabel payloads are supported by the Unlabeled subsystem.
38 * 38 *
39 * o ACK:
40 * Sent by the kernel in response to an applications message, applications
41 * should never send this message.
42 *
43 * +----------------------+-----------------------+
44 * | seq number (32 bits) | return code (32 bits) |
45 * +----------------------+-----------------------+
46 *
47 * seq number: the sequence number of the original message, taken from the
48 * nlmsghdr structure
49 * return code: return value, based on errno values
50 *
51 * o ACCEPT 39 * o ACCEPT
52 * This message is sent from an application to specify if the kernel should 40 * This message is sent from an application to specify if the kernel should
53 * allow unlabled packets to pass if they do not match any of the static 41 * allow unlabled packets to pass if they do not match any of the static
54 * mappings defined in the unlabeled module. 42 * mappings defined in the unlabeled module.
55 * 43 *
56 * +-----------------+ 44 * Required attributes:
57 * | allow (32 bits) |
58 * +-----------------+
59 * 45 *
60 * allow: if true (1) then allow the packets to pass, if false (0) then 46 * NLBL_UNLABEL_A_ACPTFLG
61 * reject the packets
62 * 47 *
63 * o LIST 48 * o LIST
64 * This message can be sent either from an application or by the kernel in 49 * This message can be sent either from an application or by the kernel in
65 * response to an application generated LIST message. When sent by an 50 * response to an application generated LIST message. When sent by an
66 * application there is no payload. The kernel should respond to a LIST 51 * application there is no payload. The kernel should respond to a LIST
67 * message either with a LIST message on success or an ACK message on 52 * message with a LIST message on success.
68 * failure.
69 * 53 *
70 * +-----------------------+ 54 * Required attributes:
71 * | accept flag (32 bits) |
72 * +-----------------------+
73 * 55 *
74 * accept flag: if true (1) then unlabeled packets are allowed to pass, 56 * NLBL_UNLABEL_A_ACPTFLG
75 * if false (0) then unlabeled packets are rejected
76 * 57 *
77 */ 58 */
78 59
79/* NetLabel Unlabeled commands */ 60/* NetLabel Unlabeled commands */
80enum { 61enum {
81 NLBL_UNLABEL_C_UNSPEC, 62 NLBL_UNLABEL_C_UNSPEC,
82 NLBL_UNLABEL_C_ACK,
83 NLBL_UNLABEL_C_ACCEPT, 63 NLBL_UNLABEL_C_ACCEPT,
84 NLBL_UNLABEL_C_LIST, 64 NLBL_UNLABEL_C_LIST,
85 __NLBL_UNLABEL_C_MAX, 65 __NLBL_UNLABEL_C_MAX,
86}; 66};
87#define NLBL_UNLABEL_C_MAX (__NLBL_UNLABEL_C_MAX - 1) 67#define NLBL_UNLABEL_C_MAX (__NLBL_UNLABEL_C_MAX - 1)
88 68
69/* NetLabel Unlabeled attributes */
70enum {
71 NLBL_UNLABEL_A_UNSPEC,
72 NLBL_UNLABEL_A_ACPTFLG,
73 /* (NLA_U8)
74 * if true then unlabeled packets are allowed to pass, else unlabeled
75 * packets are rejected */
76 __NLBL_UNLABEL_A_MAX,
77};
78#define NLBL_UNLABEL_A_MAX (__NLBL_UNLABEL_A_MAX - 1)
79
89/* NetLabel protocol functions */ 80/* NetLabel protocol functions */
90int netlbl_unlabel_genl_init(void); 81int netlbl_unlabel_genl_init(void);
91 82
generated by cgit v1.2.2 (git 2.25.0) at 2025-10-27 16:35:53 -0400