#include <linux/atomic.h>
struct cipso_v4_doi;
+struct calipso_doi;
/*
* NetLabel - A management interface for maintaining network packet label
#define NETLBL_NLTYPE_UNLABELED_NAME "NLBL_UNLBL"
#define NETLBL_NLTYPE_ADDRSELECT 6
#define NETLBL_NLTYPE_ADDRSELECT_NAME "NLBL_ADRSEL"
+#define NETLBL_NLTYPE_CALIPSO 7
+#define NETLBL_NLTYPE_CALIPSO_NAME "NLBL_CALIPSO"
/*
* NetLabel - Kernel API for accessing the network packet label mappings.
} attr;
};
+/**
+ * struct netlbl_calipso_ops - NetLabel CALIPSO operations
+ * @doi_add: add a CALIPSO DOI
+ * @doi_free: free a CALIPSO DOI
+ * @doi_getdef: returns a reference to a DOI
+ * @doi_putdef: releases a reference of a DOI
+ * @doi_walk: enumerate the DOI list
+ *
+ * Description:
+ * This structure is filled out by the CALIPSO engine and passed
+ * to the NetLabel core via a call to netlbl_calipso_ops_register().
+ * It enables the CALIPSO engine (and hence IPv6) to be compiled
+ * as a module.
+ */
+struct netlbl_calipso_ops {
+ int (*doi_add)(struct calipso_doi *doi_def,
+ struct netlbl_audit *audit_info);
+ void (*doi_free)(struct calipso_doi *doi_def);
+ int (*doi_remove)(u32 doi, struct netlbl_audit *audit_info);
+ struct calipso_doi *(*doi_getdef)(u32 doi);
+ void (*doi_putdef)(struct calipso_doi *doi_def);
+ int (*doi_walk)(u32 *skip_cnt,
+ int (*callback)(struct calipso_doi *doi_def, void *arg),
+ void *cb_arg);
+};
+
/*
* LSM security attribute operations (inline)
*/
}
#endif /* CONFIG_NETLABEL */
+const struct netlbl_calipso_ops *
+netlbl_calipso_ops_register(const struct netlbl_calipso_ops *ops);
+
#endif /* _NETLABEL_H */
projects / mirror_ubuntu-zesty-kernel.git / blobdiff