Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
netlabel_mgmt.h
Go to the documentation of this file.
1 /*
2  * NetLabel Management Support
3  *
4  * This file defines the management functions for the NetLabel system. The
5  * NetLabel system manages static and dynamic label mappings for network
6  * protocols such as CIPSO and RIPSO.
7  *
8  * Author: Paul Moore <[email protected]>
9  *
10  */
11 
12 /*
13  * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
14  *
15  * This program is free software; you can redistribute it and/or modify
16  * it under the terms of the GNU General Public License as published by
17  * the Free Software Foundation; either version 2 of the License, or
18  * (at your option) any later version.
19  *
20  * This program is distributed in the hope that it will be useful,
21  * but WITHOUT ANY WARRANTY; without even the implied warranty of
22  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
23  * the GNU General Public License for more details.
24  *
25  * You should have received a copy of the GNU General Public License
26  * along with this program; if not, write to the Free Software
27  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
28  *
29  */
30 
31 #ifndef _NETLABEL_MGMT_H
32 #define _NETLABEL_MGMT_H
33 
34 #include <net/netlabel.h>
35 #include <linux/atomic.h>
36 
37 /*
38  * The following NetLabel payloads are supported by the management interface.
39  *
40  * o ADD:
41  * Sent by an application to add a domain mapping to the NetLabel system.
42  *
43  * Required attributes:
44  *
45  * NLBL_MGMT_A_DOMAIN
46  * NLBL_MGMT_A_PROTOCOL
47  *
48  * If IPv4 is specified the following attributes are required:
49  *
50  * NLBL_MGMT_A_IPV4ADDR
51  * NLBL_MGMT_A_IPV4MASK
52  *
53  * If IPv6 is specified the following attributes are required:
54  *
55  * NLBL_MGMT_A_IPV6ADDR
56  * NLBL_MGMT_A_IPV6MASK
57  *
58  * If using NETLBL_NLTYPE_CIPSOV4 the following attributes are required:
59  *
60  * NLBL_MGMT_A_CV4DOI
61  *
62  * If using NETLBL_NLTYPE_UNLABELED no other attributes are required.
63  *
64  * o REMOVE:
65  * Sent by an application to remove a domain mapping from the NetLabel
66  * system.
67  *
68  * Required attributes:
69  *
70  * NLBL_MGMT_A_DOMAIN
71  *
72  * o LISTALL:
73  * This message can be sent either from an application or by the kernel in
74  * response to an application generated LISTALL message. When sent by an
75  * application there is no payload and the NLM_F_DUMP flag should be set.
76  * The kernel should respond with a series of the following messages.
77  *
78  * Required attributes:
79  *
80  * NLBL_MGMT_A_DOMAIN
81  *
82  * If the IP address selectors are not used the following attribute is
83  * required:
84  *
85  * NLBL_MGMT_A_PROTOCOL
86  *
87  * If the IP address selectors are used then the following attritbute is
88  * required:
89  *
90  * NLBL_MGMT_A_SELECTORLIST
91  *
92  * If the mapping is using the NETLBL_NLTYPE_CIPSOV4 type then the following
93  * attributes are required:
94  *
95  * NLBL_MGMT_A_CV4DOI
96  *
97  * If the mapping is using the NETLBL_NLTYPE_UNLABELED type no other
98  * attributes are required.
99  *
100  * o ADDDEF:
101  * Sent by an application to set the default domain mapping for the NetLabel
102  * system.
103  *
104  * Required attributes:
105  *
106  * NLBL_MGMT_A_PROTOCOL
107  *
108  * If using NETLBL_NLTYPE_CIPSOV4 the following attributes are required:
109  *
110  * NLBL_MGMT_A_CV4DOI
111  *
112  * If using NETLBL_NLTYPE_UNLABELED no other attributes are required.
113  *
114  * o REMOVEDEF:
115  * Sent by an application to remove the default domain mapping from the
116  * NetLabel system, there is no payload.
117  *
118  * o LISTDEF:
119  * This message can be sent either from an application or by the kernel in
120  * response to an application generated LISTDEF message. When sent by an
121  * application there is no payload. On success the kernel should send a
122  * response using the following format.
123  *
124  * If the IP address selectors are not used the following attribute is
125  * required:
126  *
127  * NLBL_MGMT_A_PROTOCOL
128  *
129  * If the IP address selectors are used then the following attritbute is
130  * required:
131  *
132  * NLBL_MGMT_A_SELECTORLIST
133  *
134  * If the mapping is using the NETLBL_NLTYPE_CIPSOV4 type then the following
135  * attributes are required:
136  *
137  * NLBL_MGMT_A_CV4DOI
138  *
139  * If the mapping is using the NETLBL_NLTYPE_UNLABELED type no other
140  * attributes are required.
141  *
142  * o PROTOCOLS:
143  * Sent by an application to request a list of configured NetLabel protocols
144  * in the kernel. When sent by an application there is no payload and the
145  * NLM_F_DUMP flag should be set. The kernel should respond with a series of
146  * the following messages.
147  *
148  * Required attributes:
149  *
150  * NLBL_MGMT_A_PROTOCOL
151  *
152  * o VERSION:
153  * Sent by an application to request the NetLabel version. When sent by an
154  * application there is no payload. This message type is also used by the
155  * kernel to respond to an VERSION request.
156  *
157  * Required attributes:
158  *
159  * NLBL_MGMT_A_VERSION
160  *
161  */
162 
163 /* NetLabel Management commands */
164 enum {
165  NLBL_MGMT_C_UNSPEC,
166  NLBL_MGMT_C_ADD,
167  NLBL_MGMT_C_REMOVE,
168  NLBL_MGMT_C_LISTALL,
169  NLBL_MGMT_C_ADDDEF,
170  NLBL_MGMT_C_REMOVEDEF,
171  NLBL_MGMT_C_LISTDEF,
172  NLBL_MGMT_C_PROTOCOLS,
173  NLBL_MGMT_C_VERSION,
174  __NLBL_MGMT_C_MAX,
175 };
176 
177 /* NetLabel Management attributes */
178 enum {
179  NLBL_MGMT_A_UNSPEC,
180  NLBL_MGMT_A_DOMAIN,
181  /* (NLA_NUL_STRING)
182  * the NULL terminated LSM domain string */
183  NLBL_MGMT_A_PROTOCOL,
184  /* (NLA_U32)
185  * the NetLabel protocol type (defined by NETLBL_NLTYPE_*) */
186  NLBL_MGMT_A_VERSION,
187  /* (NLA_U32)
188  * the NetLabel protocol version number (defined by
189  * NETLBL_PROTO_VERSION) */
190  NLBL_MGMT_A_CV4DOI,
191  /* (NLA_U32)
192  * the CIPSOv4 DOI value */
193  NLBL_MGMT_A_IPV6ADDR,
194  /* (NLA_BINARY, struct in6_addr)
195  * an IPv6 address */
196  NLBL_MGMT_A_IPV6MASK,
197  /* (NLA_BINARY, struct in6_addr)
198  * an IPv6 address mask */
199  NLBL_MGMT_A_IPV4ADDR,
200  /* (NLA_BINARY, struct in_addr)
201  * an IPv4 address */
202  NLBL_MGMT_A_IPV4MASK,
203  /* (NLA_BINARY, struct in_addr)
204  * and IPv4 address mask */
205  NLBL_MGMT_A_ADDRSELECTOR,
206  /* (NLA_NESTED)
207  * an IP address selector, must contain an address, mask, and protocol
208  * attribute plus any protocol specific attributes */
209  NLBL_MGMT_A_SELECTORLIST,
210  /* (NLA_NESTED)
211  * the selector list, there must be at least one
212  * NLBL_MGMT_A_ADDRSELECTOR attribute */
213  __NLBL_MGMT_A_MAX,
214 };
215 #define NLBL_MGMT_A_MAX (__NLBL_MGMT_A_MAX - 1)
216 
217 /* NetLabel protocol functions */
218 int netlbl_mgmt_genl_init(void);
219 
220 /* NetLabel configured protocol reference counter */
221 extern atomic_t netlabel_mgmt_protocount;
222 
223 #endif
Generated on Thu Jan 10 2013 15:01:02 for Linux Kernel by   doxygen 1.8.2