Loading...
1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 * CALIPSO - Common Architecture Label IPv6 Security Option
4 *
5 * This is an implementation of the CALIPSO protocol as specified in
6 * RFC 5570.
7 *
8 * Authors: Paul Moore <paul@paul-moore.com>
9 * Huw Davies <huw@codeweavers.com>
10 */
11
12/*
13 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
14 * (c) Copyright Huw Davies <huw@codeweavers.com>, 2015
15 */
16
17#ifndef _CALIPSO_H
18#define _CALIPSO_H
19
20#include <linux/types.h>
21#include <linux/rcupdate.h>
22#include <linux/list.h>
23#include <linux/net.h>
24#include <linux/skbuff.h>
25#include <net/netlabel.h>
26#include <net/request_sock.h>
27#include <linux/refcount.h>
28#include <linux/unaligned.h>
29
30/* known doi values */
31#define CALIPSO_DOI_UNKNOWN 0x00000000
32
33/* doi mapping types */
34#define CALIPSO_MAP_UNKNOWN 0
35#define CALIPSO_MAP_PASS 2
36
37/*
38 * CALIPSO DOI definitions
39 */
40
41/* DOI definition struct */
42struct calipso_doi {
43 u32 doi;
44 u32 type;
45
46 refcount_t refcount;
47 struct list_head list;
48 struct rcu_head rcu;
49};
50
51/*
52 * Sysctl Variables
53 */
54extern int calipso_cache_enabled;
55extern int calipso_cache_bucketsize;
56
57#ifdef CONFIG_NETLABEL
58int __init calipso_init(void);
59void calipso_exit(void);
60bool calipso_validate(const struct sk_buff *skb, const unsigned char *option);
61#else
62static inline int __init calipso_init(void)
63{
64 return 0;
65}
66
67static inline void calipso_exit(void)
68{
69}
70static inline bool calipso_validate(const struct sk_buff *skb,
71 const unsigned char *option)
72{
73 return true;
74}
75#endif /* CONFIG_NETLABEL */
76
77#endif /* _CALIPSO_H */
1/*
2 * CALIPSO - Common Architecture Label IPv6 Security Option
3 *
4 * This is an implementation of the CALIPSO protocol as specified in
5 * RFC 5570.
6 *
7 * Authors: Paul Moore <paul@paul-moore.com>
8 * Huw Davies <huw@codeweavers.com>
9 *
10 */
11
12/*
13 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
14 * (c) Copyright Huw Davies <huw@codeweavers.com>, 2015
15 *
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
20 *
21 * This program is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
24 * the GNU General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with this program; if not, see <http://www.gnu.org/licenses/>.
28 *
29 */
30
31#ifndef _CALIPSO_H
32#define _CALIPSO_H
33
34#include <linux/types.h>
35#include <linux/rcupdate.h>
36#include <linux/list.h>
37#include <linux/net.h>
38#include <linux/skbuff.h>
39#include <net/netlabel.h>
40#include <net/request_sock.h>
41#include <linux/atomic.h>
42#include <asm/unaligned.h>
43
44/* known doi values */
45#define CALIPSO_DOI_UNKNOWN 0x00000000
46
47/* doi mapping types */
48#define CALIPSO_MAP_UNKNOWN 0
49#define CALIPSO_MAP_PASS 2
50
51/*
52 * CALIPSO DOI definitions
53 */
54
55/* DOI definition struct */
56struct calipso_doi {
57 u32 doi;
58 u32 type;
59
60 atomic_t refcount;
61 struct list_head list;
62 struct rcu_head rcu;
63};
64
65/*
66 * Sysctl Variables
67 */
68extern int calipso_cache_enabled;
69extern int calipso_cache_bucketsize;
70
71#ifdef CONFIG_NETLABEL
72int __init calipso_init(void);
73void calipso_exit(void);
74bool calipso_validate(const struct sk_buff *skb, const unsigned char *option);
75#else
76static inline int __init calipso_init(void)
77{
78 return 0;
79}
80
81static inline void calipso_exit(void)
82{
83}
84static inline bool calipso_validate(const struct sk_buff *skb,
85 const unsigned char *option)
86{
87 return true;
88}
89#endif /* CONFIG_NETLABEL */
90
91#endif /* _CALIPSO_H */