Loading...
1/*
2 * NetLabel Network Address Lists
3 *
4 * This file contains network address list functions used to manage ordered
5 * lists of network addresses for use by the NetLabel subsystem. The NetLabel
6 * system manages static and dynamic label mappings for network protocols such
7 * as CIPSO and RIPSO.
8 *
9 * Author: Paul Moore <paul@paul-moore.com>
10 *
11 */
12
13/*
14 * (c) Copyright Hewlett-Packard Development Company, L.P., 2008
15 *
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
20 *
21 * This program is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
24 * the GNU General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with this program; if not, write to the Free Software
28 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29 *
30 */
31
32#ifndef _NETLABEL_ADDRLIST_H
33#define _NETLABEL_ADDRLIST_H
34
35#include <linux/types.h>
36#include <linux/rcupdate.h>
37#include <linux/list.h>
38#include <linux/in6.h>
39#include <linux/audit.h>
40
41/**
42 * struct netlbl_af4list - NetLabel IPv4 address list
43 * @addr: IPv4 address
44 * @mask: IPv4 address mask
45 * @valid: valid flag
46 * @list: list structure, used internally
47 */
48struct netlbl_af4list {
49 __be32 addr;
50 __be32 mask;
51
52 u32 valid;
53 struct list_head list;
54};
55
56/**
57 * struct netlbl_af6list - NetLabel IPv6 address list
58 * @addr: IPv6 address
59 * @mask: IPv6 address mask
60 * @valid: valid flag
61 * @list: list structure, used internally
62 */
63struct netlbl_af6list {
64 struct in6_addr addr;
65 struct in6_addr mask;
66
67 u32 valid;
68 struct list_head list;
69};
70
71#define __af4list_entry(ptr) container_of(ptr, struct netlbl_af4list, list)
72
73static inline struct netlbl_af4list *__af4list_valid(struct list_head *s,
74 struct list_head *h)
75{
76 struct list_head *i = s;
77 struct netlbl_af4list *n = __af4list_entry(s);
78 while (i != h && !n->valid) {
79 i = i->next;
80 n = __af4list_entry(i);
81 }
82 return n;
83}
84
85static inline struct netlbl_af4list *__af4list_valid_rcu(struct list_head *s,
86 struct list_head *h)
87{
88 struct list_head *i = s;
89 struct netlbl_af4list *n = __af4list_entry(s);
90 while (i != h && !n->valid) {
91 i = rcu_dereference(i->next);
92 n = __af4list_entry(i);
93 }
94 return n;
95}
96
97#define netlbl_af4list_foreach(iter, head) \
98 for (iter = __af4list_valid((head)->next, head); \
99 &iter->list != (head); \
100 iter = __af4list_valid(iter->list.next, head))
101
102#define netlbl_af4list_foreach_rcu(iter, head) \
103 for (iter = __af4list_valid_rcu((head)->next, head); \
104 &iter->list != (head); \
105 iter = __af4list_valid_rcu(iter->list.next, head))
106
107#define netlbl_af4list_foreach_safe(iter, tmp, head) \
108 for (iter = __af4list_valid((head)->next, head), \
109 tmp = __af4list_valid(iter->list.next, head); \
110 &iter->list != (head); \
111 iter = tmp, tmp = __af4list_valid(iter->list.next, head))
112
113int netlbl_af4list_add(struct netlbl_af4list *entry,
114 struct list_head *head);
115struct netlbl_af4list *netlbl_af4list_remove(__be32 addr, __be32 mask,
116 struct list_head *head);
117void netlbl_af4list_remove_entry(struct netlbl_af4list *entry);
118struct netlbl_af4list *netlbl_af4list_search(__be32 addr,
119 struct list_head *head);
120struct netlbl_af4list *netlbl_af4list_search_exact(__be32 addr,
121 __be32 mask,
122 struct list_head *head);
123
124#ifdef CONFIG_AUDIT
125void netlbl_af4list_audit_addr(struct audit_buffer *audit_buf,
126 int src, const char *dev,
127 __be32 addr, __be32 mask);
128#else
129static inline void netlbl_af4list_audit_addr(struct audit_buffer *audit_buf,
130 int src, const char *dev,
131 __be32 addr, __be32 mask)
132{
133}
134#endif
135
136#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
137
138#define __af6list_entry(ptr) container_of(ptr, struct netlbl_af6list, list)
139
140static inline struct netlbl_af6list *__af6list_valid(struct list_head *s,
141 struct list_head *h)
142{
143 struct list_head *i = s;
144 struct netlbl_af6list *n = __af6list_entry(s);
145 while (i != h && !n->valid) {
146 i = i->next;
147 n = __af6list_entry(i);
148 }
149 return n;
150}
151
152static inline struct netlbl_af6list *__af6list_valid_rcu(struct list_head *s,
153 struct list_head *h)
154{
155 struct list_head *i = s;
156 struct netlbl_af6list *n = __af6list_entry(s);
157 while (i != h && !n->valid) {
158 i = rcu_dereference(i->next);
159 n = __af6list_entry(i);
160 }
161 return n;
162}
163
164#define netlbl_af6list_foreach(iter, head) \
165 for (iter = __af6list_valid((head)->next, head); \
166 &iter->list != (head); \
167 iter = __af6list_valid(iter->list.next, head))
168
169#define netlbl_af6list_foreach_rcu(iter, head) \
170 for (iter = __af6list_valid_rcu((head)->next, head); \
171 &iter->list != (head); \
172 iter = __af6list_valid_rcu(iter->list.next, head))
173
174#define netlbl_af6list_foreach_safe(iter, tmp, head) \
175 for (iter = __af6list_valid((head)->next, head), \
176 tmp = __af6list_valid(iter->list.next, head); \
177 &iter->list != (head); \
178 iter = tmp, tmp = __af6list_valid(iter->list.next, head))
179
180int netlbl_af6list_add(struct netlbl_af6list *entry,
181 struct list_head *head);
182struct netlbl_af6list *netlbl_af6list_remove(const struct in6_addr *addr,
183 const struct in6_addr *mask,
184 struct list_head *head);
185void netlbl_af6list_remove_entry(struct netlbl_af6list *entry);
186struct netlbl_af6list *netlbl_af6list_search(const struct in6_addr *addr,
187 struct list_head *head);
188struct netlbl_af6list *netlbl_af6list_search_exact(const struct in6_addr *addr,
189 const struct in6_addr *mask,
190 struct list_head *head);
191
192#ifdef CONFIG_AUDIT
193void netlbl_af6list_audit_addr(struct audit_buffer *audit_buf,
194 int src,
195 const char *dev,
196 const struct in6_addr *addr,
197 const struct in6_addr *mask);
198#else
199static inline void netlbl_af6list_audit_addr(struct audit_buffer *audit_buf,
200 int src,
201 const char *dev,
202 const struct in6_addr *addr,
203 const struct in6_addr *mask)
204{
205}
206#endif
207#endif /* IPV6 */
208
209#endif
1/*
2 * NetLabel Network Address Lists
3 *
4 * This file contains network address list functions used to manage ordered
5 * lists of network addresses for use by the NetLabel subsystem. The NetLabel
6 * system manages static and dynamic label mappings for network protocols such
7 * as CIPSO and RIPSO.
8 *
9 * Author: Paul Moore <paul@paul-moore.com>
10 *
11 */
12
13/*
14 * (c) Copyright Hewlett-Packard Development Company, L.P., 2008
15 *
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
20 *
21 * This program is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
24 * the GNU General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with this program; if not, see <http://www.gnu.org/licenses/>.
28 *
29 */
30
31#ifndef _NETLABEL_ADDRLIST_H
32#define _NETLABEL_ADDRLIST_H
33
34#include <linux/types.h>
35#include <linux/rcupdate.h>
36#include <linux/list.h>
37#include <linux/in6.h>
38#include <linux/audit.h>
39
40/**
41 * struct netlbl_af4list - NetLabel IPv4 address list
42 * @addr: IPv4 address
43 * @mask: IPv4 address mask
44 * @valid: valid flag
45 * @list: list structure, used internally
46 */
47struct netlbl_af4list {
48 __be32 addr;
49 __be32 mask;
50
51 u32 valid;
52 struct list_head list;
53};
54
55/**
56 * struct netlbl_af6list - NetLabel IPv6 address list
57 * @addr: IPv6 address
58 * @mask: IPv6 address mask
59 * @valid: valid flag
60 * @list: list structure, used internally
61 */
62struct netlbl_af6list {
63 struct in6_addr addr;
64 struct in6_addr mask;
65
66 u32 valid;
67 struct list_head list;
68};
69
70#define __af4list_entry(ptr) container_of(ptr, struct netlbl_af4list, list)
71
72static inline struct netlbl_af4list *__af4list_valid(struct list_head *s,
73 struct list_head *h)
74{
75 struct list_head *i = s;
76 struct netlbl_af4list *n = __af4list_entry(s);
77 while (i != h && !n->valid) {
78 i = i->next;
79 n = __af4list_entry(i);
80 }
81 return n;
82}
83
84static inline struct netlbl_af4list *__af4list_valid_rcu(struct list_head *s,
85 struct list_head *h)
86{
87 struct list_head *i = s;
88 struct netlbl_af4list *n = __af4list_entry(s);
89 while (i != h && !n->valid) {
90 i = rcu_dereference(list_next_rcu(i));
91 n = __af4list_entry(i);
92 }
93 return n;
94}
95
96#define netlbl_af4list_foreach(iter, head) \
97 for (iter = __af4list_valid((head)->next, head); \
98 &iter->list != (head); \
99 iter = __af4list_valid(iter->list.next, head))
100
101#define netlbl_af4list_foreach_rcu(iter, head) \
102 for (iter = __af4list_valid_rcu((head)->next, head); \
103 &iter->list != (head); \
104 iter = __af4list_valid_rcu(iter->list.next, head))
105
106#define netlbl_af4list_foreach_safe(iter, tmp, head) \
107 for (iter = __af4list_valid((head)->next, head), \
108 tmp = __af4list_valid(iter->list.next, head); \
109 &iter->list != (head); \
110 iter = tmp, tmp = __af4list_valid(iter->list.next, head))
111
112int netlbl_af4list_add(struct netlbl_af4list *entry,
113 struct list_head *head);
114struct netlbl_af4list *netlbl_af4list_remove(__be32 addr, __be32 mask,
115 struct list_head *head);
116void netlbl_af4list_remove_entry(struct netlbl_af4list *entry);
117struct netlbl_af4list *netlbl_af4list_search(__be32 addr,
118 struct list_head *head);
119struct netlbl_af4list *netlbl_af4list_search_exact(__be32 addr,
120 __be32 mask,
121 struct list_head *head);
122
123#ifdef CONFIG_AUDIT
124void netlbl_af4list_audit_addr(struct audit_buffer *audit_buf,
125 int src, const char *dev,
126 __be32 addr, __be32 mask);
127#else
128static inline void netlbl_af4list_audit_addr(struct audit_buffer *audit_buf,
129 int src, const char *dev,
130 __be32 addr, __be32 mask)
131{
132}
133#endif
134
135#if IS_ENABLED(CONFIG_IPV6)
136
137#define __af6list_entry(ptr) container_of(ptr, struct netlbl_af6list, list)
138
139static inline struct netlbl_af6list *__af6list_valid(struct list_head *s,
140 struct list_head *h)
141{
142 struct list_head *i = s;
143 struct netlbl_af6list *n = __af6list_entry(s);
144 while (i != h && !n->valid) {
145 i = i->next;
146 n = __af6list_entry(i);
147 }
148 return n;
149}
150
151static inline struct netlbl_af6list *__af6list_valid_rcu(struct list_head *s,
152 struct list_head *h)
153{
154 struct list_head *i = s;
155 struct netlbl_af6list *n = __af6list_entry(s);
156 while (i != h && !n->valid) {
157 i = rcu_dereference(list_next_rcu(i));
158 n = __af6list_entry(i);
159 }
160 return n;
161}
162
163#define netlbl_af6list_foreach(iter, head) \
164 for (iter = __af6list_valid((head)->next, head); \
165 &iter->list != (head); \
166 iter = __af6list_valid(iter->list.next, head))
167
168#define netlbl_af6list_foreach_rcu(iter, head) \
169 for (iter = __af6list_valid_rcu((head)->next, head); \
170 &iter->list != (head); \
171 iter = __af6list_valid_rcu(iter->list.next, head))
172
173#define netlbl_af6list_foreach_safe(iter, tmp, head) \
174 for (iter = __af6list_valid((head)->next, head), \
175 tmp = __af6list_valid(iter->list.next, head); \
176 &iter->list != (head); \
177 iter = tmp, tmp = __af6list_valid(iter->list.next, head))
178
179int netlbl_af6list_add(struct netlbl_af6list *entry,
180 struct list_head *head);
181struct netlbl_af6list *netlbl_af6list_remove(const struct in6_addr *addr,
182 const struct in6_addr *mask,
183 struct list_head *head);
184void netlbl_af6list_remove_entry(struct netlbl_af6list *entry);
185struct netlbl_af6list *netlbl_af6list_search(const struct in6_addr *addr,
186 struct list_head *head);
187struct netlbl_af6list *netlbl_af6list_search_exact(const struct in6_addr *addr,
188 const struct in6_addr *mask,
189 struct list_head *head);
190
191#ifdef CONFIG_AUDIT
192void netlbl_af6list_audit_addr(struct audit_buffer *audit_buf,
193 int src,
194 const char *dev,
195 const struct in6_addr *addr,
196 const struct in6_addr *mask);
197#else
198static inline void netlbl_af6list_audit_addr(struct audit_buffer *audit_buf,
199 int src,
200 const char *dev,
201 const struct in6_addr *addr,
202 const struct in6_addr *mask)
203{
204}
205#endif
206#endif /* IPV6 */
207
208#endif