2006-08-04 23:17:57 -07:00
/*
* SELinux interface to the NetLabel subsystem
*
* Author : Paul Moore < paul . moore @ hp . com >
*
*/
/*
* ( c ) Copyright Hewlett - Packard Development Company , L . P . , 2006
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation ; either version 2 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See
* the GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
* along with this program ; if not , write to the Free Software
* Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
*
*/
# ifndef _SELINUX_NETLABEL_H_
# define _SELINUX_NETLABEL_H_
2006-08-29 17:56:04 -07:00
# include <linux/types.h>
# include <linux/fs.h>
# include <linux/net.h>
# include <linux/skbuff.h>
# include <net/sock.h>
# include "avc.h"
# include "objsec.h"
2006-08-04 23:17:57 -07:00
# ifdef CONFIG_NETLABEL
void selinux_netlbl_cache_invalidate ( void ) ;
2007-02-28 15:14:22 -05:00
2006-11-17 17:38:53 -05:00
void selinux_netlbl_sk_security_reset ( struct sk_security_struct * ssec ,
int family ) ;
2006-08-29 17:53:48 -07:00
void selinux_netlbl_sk_security_init ( struct sk_security_struct * ssec ,
int family ) ;
2006-11-17 17:38:53 -05:00
void selinux_netlbl_sk_security_clone ( struct sk_security_struct * ssec ,
2006-08-29 17:53:48 -07:00
struct sk_security_struct * newssec ) ;
2007-02-28 15:14:22 -05:00
2008-01-29 08:38:04 -05:00
int selinux_netlbl_skbuff_getsid ( struct sk_buff * skb ,
u16 family ,
u32 base_sid ,
u32 * sid ) ;
2007-02-28 15:14:22 -05:00
void selinux_netlbl_sock_graft ( struct sock * sk , struct socket * sock ) ;
int selinux_netlbl_socket_post_create ( struct socket * sock ) ;
2006-08-29 17:55:38 -07:00
int selinux_netlbl_inode_permission ( struct inode * inode , int mask ) ;
2007-02-28 15:14:22 -05:00
int selinux_netlbl_sock_rcv_skb ( struct sk_security_struct * sksec ,
struct sk_buff * skb ,
2008-01-29 08:38:04 -05:00
u16 family ,
2007-02-28 15:14:22 -05:00
struct avc_audit_data * ad ) ;
2006-10-30 15:22:15 -08:00
int selinux_netlbl_socket_setsockopt ( struct socket * sock ,
int level ,
int optname ) ;
2006-08-04 23:17:57 -07:00
# else
static inline void selinux_netlbl_cache_invalidate ( void )
{
return ;
}
2007-02-28 15:14:22 -05:00
static inline void selinux_netlbl_sk_security_reset (
struct sk_security_struct * ssec ,
int family )
2006-11-17 17:38:54 -05:00
{
2007-02-28 15:14:22 -05:00
return ;
2006-11-17 17:38:54 -05:00
}
2007-02-28 15:14:22 -05:00
static inline void selinux_netlbl_sk_security_init (
struct sk_security_struct * ssec ,
int family )
2006-08-04 23:17:57 -07:00
{
2007-02-28 15:14:22 -05:00
return ;
2006-08-04 23:17:57 -07:00
}
2007-02-28 15:14:22 -05:00
static inline void selinux_netlbl_sk_security_clone (
struct sk_security_struct * ssec ,
struct sk_security_struct * newssec )
2006-08-04 23:17:57 -07:00
{
return ;
}
2007-02-28 15:14:22 -05:00
static inline int selinux_netlbl_skbuff_getsid ( struct sk_buff * skb ,
2008-01-29 08:38:04 -05:00
u16 family ,
2007-02-28 15:14:22 -05:00
u32 base_sid ,
u32 * sid )
2006-08-04 23:17:57 -07:00
{
2007-02-28 15:14:22 -05:00
* sid = SECSID_NULL ;
2006-08-04 23:17:57 -07:00
return 0 ;
}
2007-02-28 15:14:22 -05:00
static inline void selinux_netlbl_sock_graft ( struct sock * sk ,
struct socket * sock )
2006-08-29 17:53:48 -07:00
{
return ;
}
2007-02-28 15:14:22 -05:00
static inline int selinux_netlbl_socket_post_create ( struct socket * sock )
2006-08-29 17:53:48 -07:00
{
2007-02-28 15:14:22 -05:00
return 0 ;
2006-08-29 17:53:48 -07:00
}
2006-08-04 23:17:57 -07:00
static inline int selinux_netlbl_inode_permission ( struct inode * inode ,
int mask )
{
return 0 ;
}
2007-02-28 15:14:22 -05:00
static inline int selinux_netlbl_sock_rcv_skb ( struct sk_security_struct * sksec ,
struct sk_buff * skb ,
2008-01-29 08:38:04 -05:00
u16 family ,
2007-02-28 15:14:22 -05:00
struct avc_audit_data * ad )
{
return 0 ;
}
2006-10-30 15:22:15 -08:00
static inline int selinux_netlbl_socket_setsockopt ( struct socket * sock ,
int level ,
int optname )
{
return 0 ;
}
2006-08-04 23:17:57 -07:00
# endif /* CONFIG_NETLABEL */
# endif