1 /* SPDX-License-Identifier: GPL-2.0-or-later */ 2 /* 3 * CALIPSO - Common Architecture Label IPv6 Security Option 4 * 5 * This is an implementation of the CALIPSO protocol as specified in 6 * RFC 5570. 7 * 8 * Authors: Paul Moore <paul@paul-moore.com> 9 * Huw Davies <huw@codeweavers.com> 10 */ 11 12 /* 13 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006 14 * (c) Copyright Huw Davies <huw@codeweavers.com>, 2015 15 */ 16 17 #ifndef _CALIPSO_H 18 #define _CALIPSO_H 19 20 #include <linux/types.h> 21 #include <linux/rcupdate.h> 22 #include <linux/list.h> 23 #include <linux/net.h> 24 #include <linux/skbuff.h> 25 #include <net/netlabel.h> 26 #include <net/request_sock.h> 27 #include <linux/refcount.h> 28 #include <linux/unaligned.h> 29 30 /* known doi values */ 31 #define CALIPSO_DOI_UNKNOWN 0x00000000 32 33 /* doi mapping types */ 34 #define CALIPSO_MAP_UNKNOWN 0 35 #define CALIPSO_MAP_PASS 2 36 37 /* 38 * CALIPSO DOI definitions 39 */ 40 41 /* DOI definition struct */ 42 struct calipso_doi { 43 u32 doi; 44 u32 type; 45 46 refcount_t refcount; 47 struct list_head list; 48 struct rcu_head rcu; 49 }; 50 51 /* 52 * Sysctl Variables 53 */ 54 extern int calipso_cache_enabled; 55 extern int calipso_cache_bucketsize; 56 57 #ifdef CONFIG_NETLABEL 58 int __init calipso_init(void); 59 void calipso_exit(void); 60 bool calipso_validate(const struct sk_buff *skb, const unsigned char *option); 61 #else 62 static inline int __init calipso_init(void) 63 { 64 return 0; 65 } 66 67 static inline void calipso_exit(void) 68 { 69 } 70 static inline bool calipso_validate(const struct sk_buff *skb, 71 const unsigned char *option) 72 { 73 return true; 74 } 75 #endif /* CONFIG_NETLABEL */ 76 77 #endif /* _CALIPSO_H */ 78