[linux-block.git] / include / net / calipso.h

/* SPDX-License-Identifier: GPL-2.0-or-later */
/*
 * CALIPSO - Common Architecture Label IPv6 Security Option
 *
 * This is an implementation of the CALIPSO protocol as specified in
 * RFC 5570.
 *
 * Authors: Paul Moore <paul@paul-moore.com>
 *          Huw Davies <huw@codeweavers.com>
 */

/*
 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
 * (c) Copyright Huw Davies <huw@codeweavers.com>, 2015
 */

#ifndef _CALIPSO_H
#define _CALIPSO_H

#include <linux/types.h>
#include <linux/rcupdate.h>
#include <linux/list.h>
#include <linux/net.h>
#include <linux/skbuff.h>
#include <net/netlabel.h>
#include <net/request_sock.h>
#include <linux/refcount.h>
#include <asm/unaligned.h>

/* known doi values */
#define CALIPSO_DOI_UNKNOWN          0x00000000

/* doi mapping types */
#define CALIPSO_MAP_UNKNOWN          0
#define CALIPSO_MAP_PASS             2

/*
 * CALIPSO DOI definitions
 */

/* DOI definition struct */
struct calipso_doi {
	u32 doi;
	u32 type;

	refcount_t refcount;
	struct list_head list;
	struct rcu_head rcu;
};

/*
 * Sysctl Variables
 */
extern int calipso_cache_enabled;
extern int calipso_cache_bucketsize;

#ifdef CONFIG_NETLABEL
int __init calipso_init(void);
void calipso_exit(void);
bool calipso_validate(const struct sk_buff *skb, const unsigned char *option);
#else
static inline int __init calipso_init(void)
{
	return 0;
}

static inline void calipso_exit(void)
{
}
static inline bool calipso_validate(const struct sk_buff *skb,
				    const unsigned char *option)
{
	return true;
}
#endif /* CONFIG_NETLABEL */

#endif /* _CALIPSO_H */
Commit	Line	Data
1ccea77e	1	/* SPDX-License-Identifier: GPL-2.0-or-later */
cb72d382 HD	2	/*
	3	* CALIPSO - Common Architecture Label IPv6 Security Option
	4	*
	5	* This is an implementation of the CALIPSO protocol as specified in
	6	* RFC 5570.
	7	*
	8	* Authors: Paul Moore <paul@paul-moore.com>
	9	* Huw Davies <huw@codeweavers.com>
cb72d382 HD	10	*/
	11
	12	/*
	13	* (c) Copyright Hewlett-Packard Development Company, L.P., 2006
	14	* (c) Copyright Huw Davies <huw@codeweavers.com>, 2015
cb72d382 HD	15	*/
	16
	17	#ifndef _CALIPSO_H
	18	#define _CALIPSO_H
	19
	20	#include <linux/types.h>
	21	#include <linux/rcupdate.h>
	22	#include <linux/list.h>
	23	#include <linux/net.h>
	24	#include <linux/skbuff.h>
	25	#include <net/netlabel.h>
	26	#include <net/request_sock.h>
edcd9270	27	#include <linux/refcount.h>
cb72d382 HD	28	#include <asm/unaligned.h>
	29
	30	/* known doi values */
	31	#define CALIPSO_DOI_UNKNOWN 0x00000000
	32
	33	/* doi mapping types */
	34	#define CALIPSO_MAP_UNKNOWN 0
	35	#define CALIPSO_MAP_PASS 2
	36
	37	/*
	38	* CALIPSO DOI definitions
	39	*/
	40
	41	/* DOI definition struct */
	42	struct calipso_doi {
	43	u32 doi;
	44	u32 type;
	45
edcd9270	46	refcount_t refcount;
cb72d382 HD	47	struct list_head list;
	48	struct rcu_head rcu;
	49	};
	50
4fee5242 HD	51	/*
	52	* Sysctl Variables
	53	*/
	54	extern int calipso_cache_enabled;
	55	extern int calipso_cache_bucketsize;
	56
cb72d382 HD	57	#ifdef CONFIG_NETLABEL
	58	int __init calipso_init(void);
	59	void calipso_exit(void);
2e532b70	60	bool calipso_validate(const struct sk_buff skb, const unsigned char option);
cb72d382 HD	61	#else
	62	static inline int __init calipso_init(void)
	63	{
	64	return 0;
	65	}
	66
	67	static inline void calipso_exit(void)
	68	{
	69	}
2e532b70 HD	70	static inline bool calipso_validate(const struct sk_buff *skb,
	71	const unsigned char *option)
	72	{
	73	return true;
	74	}
cb72d382 HD	75	#endif /* CONFIG_NETLABEL */
	76
	77	#endif /* _CALIPSO_H */