| cipso_ipv4.h (81d84a94be8085475c3585596e52b06ccbedd922) | cipso_ipv4.h (b1edeb102397546438ab4624489c6ccd7b410d97) |
|---|---|
| 1/* 2 * CIPSO - Commercial IP Security Option 3 * 4 * This is an implementation of the CIPSO 2.2 protocol as specified in 5 * draft-ietf-cipso-ipsecurity-01.txt with additional tag types as found in 6 * FIPS-188, copies of both documents can be found in the Documentation 7 * directory. While CIPSO never became a full IETF RFC standard many vendors 8 * have chosen to adopt the protocol and over the years it has become a --- 26 unchanged lines hidden (view full) --- 35#define _CIPSO_IPV4_H 36 37#include <linux/types.h> 38#include <linux/rcupdate.h> 39#include <linux/list.h> 40#include <linux/net.h> 41#include <linux/skbuff.h> 42#include <net/netlabel.h> | 1/* 2 * CIPSO - Commercial IP Security Option 3 * 4 * This is an implementation of the CIPSO 2.2 protocol as specified in 5 * draft-ietf-cipso-ipsecurity-01.txt with additional tag types as found in 6 * FIPS-188, copies of both documents can be found in the Documentation 7 * directory. While CIPSO never became a full IETF RFC standard many vendors 8 * have chosen to adopt the protocol and over the years it has become a --- 26 unchanged lines hidden (view full) --- 35#define _CIPSO_IPV4_H 36 37#include <linux/types.h> 38#include <linux/rcupdate.h> 39#include <linux/list.h> 40#include <linux/net.h> 41#include <linux/skbuff.h> 42#include <net/netlabel.h> |
| 43#include <asm/atomic.h> |
|
| 43 44/* known doi values */ 45#define CIPSO_V4_DOI_UNKNOWN 0x00000000 46 47/* tag types */ 48#define CIPSO_V4_TAG_INVALID 0 49#define CIPSO_V4_TAG_RBITMAP 1 50#define CIPSO_V4_TAG_ENUM 2 --- 23 unchanged lines hidden (view full) --- 74struct cipso_v4_doi { 75 u32 doi; 76 u32 type; 77 union { 78 struct cipso_v4_std_map_tbl *std; 79 } map; 80 u8 tags[CIPSO_V4_TAG_MAXCNT]; 81 | 44 45/* known doi values */ 46#define CIPSO_V4_DOI_UNKNOWN 0x00000000 47 48/* tag types */ 49#define CIPSO_V4_TAG_INVALID 0 50#define CIPSO_V4_TAG_RBITMAP 1 51#define CIPSO_V4_TAG_ENUM 2 --- 23 unchanged lines hidden (view full) --- 75struct cipso_v4_doi { 76 u32 doi; 77 u32 type; 78 union { 79 struct cipso_v4_std_map_tbl *std; 80 } map; 81 u8 tags[CIPSO_V4_TAG_MAXCNT]; 82 |
| 82 u32 valid; | 83 atomic_t refcount; |
| 83 struct list_head list; 84 struct rcu_head rcu; | 84 struct list_head list; 85 struct rcu_head rcu; |
| 85 struct list_head dom_list; | |
| 86}; 87 88/* Standard CIPSO mapping table */ 89/* NOTE: the highest order bit (i.e. 0x80000000) is an 'invalid' flag, if the 90 * bit is set then consider that value as unspecified, meaning the 91 * mapping for that particular level/category is invalid */ 92struct cipso_v4_std_map_tbl { 93 struct { --- 29 unchanged lines hidden (view full) --- 123#define CIPSO_V4_OPTPTR(x) (skb_network_header(x) + IPCB(x)->opt.cipso) 124 125/* 126 * DOI List Functions 127 */ 128 129#ifdef CONFIG_NETLABEL 130int cipso_v4_doi_add(struct cipso_v4_doi *doi_def); | 86}; 87 88/* Standard CIPSO mapping table */ 89/* NOTE: the highest order bit (i.e. 0x80000000) is an 'invalid' flag, if the 90 * bit is set then consider that value as unspecified, meaning the 91 * mapping for that particular level/category is invalid */ 92struct cipso_v4_std_map_tbl { 93 struct { --- 29 unchanged lines hidden (view full) --- 123#define CIPSO_V4_OPTPTR(x) (skb_network_header(x) + IPCB(x)->opt.cipso) 124 125/* 126 * DOI List Functions 127 */ 128 129#ifdef CONFIG_NETLABEL 130int cipso_v4_doi_add(struct cipso_v4_doi *doi_def); |
| 131int cipso_v4_doi_remove(u32 doi, 132 struct netlbl_audit *audit_info, 133 void (*callback) (struct rcu_head * head)); | 131void cipso_v4_doi_free(struct cipso_v4_doi *doi_def); 132int cipso_v4_doi_remove(u32 doi, struct netlbl_audit *audit_info); |
| 134struct cipso_v4_doi *cipso_v4_doi_getdef(u32 doi); | 133struct cipso_v4_doi *cipso_v4_doi_getdef(u32 doi); |
| 134void cipso_v4_doi_putdef(struct cipso_v4_doi *doi_def); |
|
| 135int cipso_v4_doi_walk(u32 *skip_cnt, 136 int (*callback) (struct cipso_v4_doi *doi_def, void *arg), 137 void *cb_arg); | 135int cipso_v4_doi_walk(u32 *skip_cnt, 136 int (*callback) (struct cipso_v4_doi *doi_def, void *arg), 137 void *cb_arg); |
| 138int cipso_v4_doi_domhsh_add(struct cipso_v4_doi *doi_def, const char *domain); 139int cipso_v4_doi_domhsh_remove(struct cipso_v4_doi *doi_def, 140 const char *domain); | |
| 141#else 142static inline int cipso_v4_doi_add(struct cipso_v4_doi *doi_def) 143{ 144 return -ENOSYS; 145} 146 | 138#else 139static inline int cipso_v4_doi_add(struct cipso_v4_doi *doi_def) 140{ 141 return -ENOSYS; 142} 143 |
| 144static inline void cipso_v4_doi_free(struct cipso_v4_doi *doi_def) 145{ 146 return; 147} 148 |
|
| 147static inline int cipso_v4_doi_remove(u32 doi, | 149static inline int cipso_v4_doi_remove(u32 doi, |
| 148 struct netlbl_audit *audit_info, 149 void (*callback) (struct rcu_head * head)) | 150 struct netlbl_audit *audit_info) |
| 150{ 151 return 0; 152} 153 154static inline struct cipso_v4_doi *cipso_v4_doi_getdef(u32 doi) 155{ 156 return NULL; 157} --- 89 unchanged lines hidden --- | 151{ 152 return 0; 153} 154 155static inline struct cipso_v4_doi *cipso_v4_doi_getdef(u32 doi) 156{ 157 return NULL; 158} --- 89 unchanged lines hidden --- |