xref: /linux/net/netlabel/netlabel_domainhash.h (revision cdd5b5a9761fd66d17586e4f4ba6588c70e640ea) 
11ccea77eSThomas Gleixner /* SPDX-License-Identifier: GPL-2.0-or-later */
2d15c345fSPaul Moore /*
3d15c345fSPaul Moore  * NetLabel Domain Hash Table
4d15c345fSPaul Moore  *
5d15c345fSPaul Moore  * This file manages the domain hash table that NetLabel uses to determine
6d15c345fSPaul Moore  * which network labeling protocol to use for a given domain.  The NetLabel
7d15c345fSPaul Moore  * system manages static and dynamic label mappings for network protocols such
8d15c345fSPaul Moore  * as CIPSO and RIPSO.
9d15c345fSPaul Moore  *
1082c21bfaSPaul Moore  * Author: Paul Moore <paul@paul-moore.com>
11d15c345fSPaul Moore  */
12d15c345fSPaul Moore 
13d15c345fSPaul Moore /*
1463c41688SPaul Moore  * (c) Copyright Hewlett-Packard Development Company, L.P., 2006, 2008
15d15c345fSPaul Moore  */
16d15c345fSPaul Moore 
17d15c345fSPaul Moore #ifndef _NETLABEL_DOMAINHASH_H
18d15c345fSPaul Moore #define _NETLABEL_DOMAINHASH_H
19d15c345fSPaul Moore 
207a0e1d60SPaul Moore #include <linux/types.h>
217a0e1d60SPaul Moore #include <linux/rcupdate.h>
227a0e1d60SPaul Moore #include <linux/list.h>
237a0e1d60SPaul Moore 
2463c41688SPaul Moore #include "netlabel_addrlist.h"
2563c41688SPaul Moore 
26d15c345fSPaul Moore /* Domain hash table size */
27d15c345fSPaul Moore /* XXX - currently this number is an uneducated guess */
28d15c345fSPaul Moore #define NETLBL_DOMHSH_BITSIZE       7
29d15c345fSPaul Moore 
3063c41688SPaul Moore /* Domain mapping definition structures */
316a8b7f0cSPaul Moore struct netlbl_domaddr_map {
326a8b7f0cSPaul Moore 	struct list_head list4;
336a8b7f0cSPaul Moore 	struct list_head list6;
346a8b7f0cSPaul Moore };
356a8b7f0cSPaul Moore struct netlbl_dommap_def {
366a8b7f0cSPaul Moore 	u32 type;
376a8b7f0cSPaul Moore 	union {
386a8b7f0cSPaul Moore 		struct netlbl_domaddr_map *addrsel;
396a8b7f0cSPaul Moore 		struct cipso_v4_doi *cipso;
40dc7de73fSHuw Davies 		struct calipso_doi *calipso;
416a8b7f0cSPaul Moore 	};
426a8b7f0cSPaul Moore };
4363c41688SPaul Moore #define netlbl_domhsh_addr4_entry(iter) \
4463c41688SPaul Moore 	container_of(iter, struct netlbl_domaddr4_map, list)
4563c41688SPaul Moore struct netlbl_domaddr4_map {
466a8b7f0cSPaul Moore 	struct netlbl_dommap_def def;
4763c41688SPaul Moore 
4863c41688SPaul Moore 	struct netlbl_af4list list;
4963c41688SPaul Moore };
5063c41688SPaul Moore #define netlbl_domhsh_addr6_entry(iter) \
5163c41688SPaul Moore 	container_of(iter, struct netlbl_domaddr6_map, list)
5263c41688SPaul Moore struct netlbl_domaddr6_map {
536a8b7f0cSPaul Moore 	struct netlbl_dommap_def def;
5463c41688SPaul Moore 
5563c41688SPaul Moore 	struct netlbl_af6list list;
5663c41688SPaul Moore };
576a8b7f0cSPaul Moore 
58d15c345fSPaul Moore struct netlbl_dom_map {
59d15c345fSPaul Moore 	char *domain;
606a8b7f0cSPaul Moore 	struct netlbl_dommap_def def;
61*f0d95264SChristophe JAILLET 	u16 family;
62d15c345fSPaul Moore 
63d15c345fSPaul Moore 	u32 valid;
64d15c345fSPaul Moore 	struct list_head list;
65d15c345fSPaul Moore 	struct rcu_head rcu;
66d15c345fSPaul Moore };
67d15c345fSPaul Moore 
68d15c345fSPaul Moore /* init function */
69d15c345fSPaul Moore int netlbl_domhsh_init(u32 size);
70d15c345fSPaul Moore 
71d15c345fSPaul Moore /* Manipulate the domain hash table */
7295d4e6beSPaul Moore int netlbl_domhsh_add(struct netlbl_dom_map *entry,
7395d4e6beSPaul Moore 		      struct netlbl_audit *audit_info);
7495d4e6beSPaul Moore int netlbl_domhsh_add_default(struct netlbl_dom_map *entry,
7595d4e6beSPaul Moore 			      struct netlbl_audit *audit_info);
76b1edeb10SPaul Moore int netlbl_domhsh_remove_entry(struct netlbl_dom_map *entry,
77b1edeb10SPaul Moore 			       struct netlbl_audit *audit_info);
786c2e8ac0SPaul Moore int netlbl_domhsh_remove_af4(const char *domain,
796c2e8ac0SPaul Moore 			     const struct in_addr *addr,
806c2e8ac0SPaul Moore 			     const struct in_addr *mask,
816c2e8ac0SPaul Moore 			     struct netlbl_audit *audit_info);
823f09354aSHuw Davies int netlbl_domhsh_remove_af6(const char *domain,
833f09354aSHuw Davies 			     const struct in6_addr *addr,
843f09354aSHuw Davies 			     const struct in6_addr *mask,
853f09354aSHuw Davies 			     struct netlbl_audit *audit_info);
868f18e675SHuw Davies int netlbl_domhsh_remove(const char *domain, u16 family,
878f18e675SHuw Davies 			 struct netlbl_audit *audit_info);
888f18e675SHuw Davies int netlbl_domhsh_remove_default(u16 family, struct netlbl_audit *audit_info);
898f18e675SHuw Davies struct netlbl_dom_map *netlbl_domhsh_getentry(const char *domain, u16 family);
906a8b7f0cSPaul Moore struct netlbl_dommap_def *netlbl_domhsh_getentry_af4(const char *domain,
9163c41688SPaul Moore 						     __be32 addr);
926a8b7f0cSPaul Moore #if IS_ENABLED(CONFIG_IPV6)
936a8b7f0cSPaul Moore struct netlbl_dommap_def *netlbl_domhsh_getentry_af6(const char *domain,
946a8b7f0cSPaul Moore 						   const struct in6_addr *addr);
953f09354aSHuw Davies int netlbl_domhsh_remove_af6(const char *domain,
963f09354aSHuw Davies 			     const struct in6_addr *addr,
973f09354aSHuw Davies 			     const struct in6_addr *mask,
983f09354aSHuw Davies 			     struct netlbl_audit *audit_info);
996a8b7f0cSPaul Moore #endif /* IPv6 */
1006a8b7f0cSPaul Moore 
101fcd48280SPaul Moore int netlbl_domhsh_walk(u32 *skip_bkt,
102fcd48280SPaul Moore 		     u32 *skip_chain,
103fcd48280SPaul Moore 		     int (*callback) (struct netlbl_dom_map *entry, void *arg),
104fcd48280SPaul Moore 		     void *cb_arg);
105d15c345fSPaul Moore 
106d15c345fSPaul Moore #endif
107