Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 * SELinux interface to the NetLabel subsystem
4 *
5 * Author: Paul Moore <paul@paul-moore.com>
6 */
7
8/*
9 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
10 */
11
12#ifndef _SELINUX_NETLABEL_H_
13#define _SELINUX_NETLABEL_H_
14
15#include <linux/types.h>
16#include <linux/fs.h>
17#include <linux/net.h>
18#include <linux/skbuff.h>
19#include <net/sock.h>
20#include <net/request_sock.h>
21#include <net/sctp/structs.h>
22
23#include "avc.h"
24#include "objsec.h"
25
26#ifdef CONFIG_NETLABEL
27void selinux_netlbl_cache_invalidate(void);
28
29void selinux_netlbl_err(struct sk_buff *skb, u16 family, int error,
30 int gateway);
31
32void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec);
33void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec);
34
35int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, u16 family, u32 *type,
36 u32 *sid);
37int selinux_netlbl_skbuff_setsid(struct sk_buff *skb, u16 family, u32 sid);
38int selinux_netlbl_sctp_assoc_request(struct sctp_association *asoc,
39 struct sk_buff *skb);
40int selinux_netlbl_inet_conn_request(struct request_sock *req, u16 family);
41void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family);
42void selinux_netlbl_sctp_sk_clone(struct sock *sk, struct sock *newsk);
43int selinux_netlbl_socket_post_create(struct sock *sk, u16 family);
44int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec,
45 struct sk_buff *skb, u16 family,
46 struct common_audit_data *ad);
47int selinux_netlbl_socket_setsockopt(struct socket *sock, int level,
48 int optname);
49int selinux_netlbl_socket_connect(struct sock *sk, struct sockaddr *addr);
50int selinux_netlbl_socket_connect_locked(struct sock *sk,
51 struct sockaddr *addr);
52
53#else
54static inline void selinux_netlbl_cache_invalidate(void)
55{
56 return;
57}
58
59static inline void selinux_netlbl_err(struct sk_buff *skb, u16 family,
60 int error, int gateway)
61{
62 return;
63}
64
65static inline void
66selinux_netlbl_sk_security_free(struct sk_security_struct *sksec)
67{
68 return;
69}
70
71static inline void
72selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec)
73{
74 return;
75}
76
77static inline int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, u16 family,
78 u32 *type, u32 *sid)
79{
80 *type = NETLBL_NLTYPE_NONE;
81 *sid = SECSID_NULL;
82 return 0;
83}
84static inline int selinux_netlbl_skbuff_setsid(struct sk_buff *skb, u16 family,
85 u32 sid)
86{
87 return 0;
88}
89
90static inline int
91selinux_netlbl_sctp_assoc_request(struct sctp_association *asoc,
92 struct sk_buff *skb)
93{
94 return 0;
95}
96static inline int selinux_netlbl_inet_conn_request(struct request_sock *req,
97 u16 family)
98{
99 return 0;
100}
101static inline void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family)
102{
103 return;
104}
105static inline void selinux_netlbl_sctp_sk_clone(struct sock *sk,
106 struct sock *newsk)
107{
108 return;
109}
110static inline int selinux_netlbl_socket_post_create(struct sock *sk, u16 family)
111{
112 return 0;
113}
114static inline int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec,
115 struct sk_buff *skb, u16 family,
116 struct common_audit_data *ad)
117{
118 return 0;
119}
120static inline int selinux_netlbl_socket_setsockopt(struct socket *sock,
121 int level, int optname)
122{
123 return 0;
124}
125static inline int selinux_netlbl_socket_connect(struct sock *sk,
126 struct sockaddr *addr)
127{
128 return 0;
129}
130static inline int selinux_netlbl_socket_connect_locked(struct sock *sk,
131 struct sockaddr *addr)
132{
133 return 0;
134}
135#endif /* CONFIG_NETLABEL */
136
137#endif