~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/security/selinux/include/xfrm.h

Version: ~ [ linux-5.6 ] ~ [ linux-5.5.13 ] ~ [ linux-5.4.28 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.113 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.174 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.217 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.217 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.82 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  * SELinux support for the XFRM LSM hooks
  3  *
  4  * Author : Trent Jaeger, <jaegert@us.ibm.com>
  5  * Updated : Venkat Yekkirala, <vyekkirala@TrustedCS.com>
  6  */
  7 #ifndef _SELINUX_XFRM_H_
  8 #define _SELINUX_XFRM_H_
  9 
 10 #include <net/flow.h>
 11 
 12 int selinux_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp,
 13                               struct xfrm_user_sec_ctx *uctx,
 14                               gfp_t gfp);
 15 int selinux_xfrm_policy_clone(struct xfrm_sec_ctx *old_ctx,
 16                               struct xfrm_sec_ctx **new_ctxp);
 17 void selinux_xfrm_policy_free(struct xfrm_sec_ctx *ctx);
 18 int selinux_xfrm_policy_delete(struct xfrm_sec_ctx *ctx);
 19 int selinux_xfrm_state_alloc(struct xfrm_state *x,
 20                              struct xfrm_user_sec_ctx *uctx);
 21 int selinux_xfrm_state_alloc_acquire(struct xfrm_state *x,
 22                                      struct xfrm_sec_ctx *polsec, u32 secid);
 23 void selinux_xfrm_state_free(struct xfrm_state *x);
 24 int selinux_xfrm_state_delete(struct xfrm_state *x);
 25 int selinux_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir);
 26 int selinux_xfrm_state_pol_flow_match(struct xfrm_state *x,
 27                                       struct xfrm_policy *xp,
 28                                       const struct flowi *fl);
 29 
 30 #ifdef CONFIG_SECURITY_NETWORK_XFRM
 31 extern atomic_t selinux_xfrm_refcount;
 32 
 33 static inline int selinux_xfrm_enabled(void)
 34 {
 35         return (atomic_read(&selinux_xfrm_refcount) > 0);
 36 }
 37 
 38 int selinux_xfrm_sock_rcv_skb(u32 sk_sid, struct sk_buff *skb,
 39                               struct common_audit_data *ad);
 40 int selinux_xfrm_postroute_last(u32 sk_sid, struct sk_buff *skb,
 41                                 struct common_audit_data *ad, u8 proto);
 42 int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int ckall);
 43 int selinux_xfrm_skb_sid(struct sk_buff *skb, u32 *sid);
 44 
 45 static inline void selinux_xfrm_notify_policyload(void)
 46 {
 47         struct net *net;
 48 
 49         rtnl_lock();
 50         for_each_net(net) {
 51                 atomic_inc(&net->xfrm.flow_cache_genid);
 52                 rt_genid_bump_all(net);
 53         }
 54         rtnl_unlock();
 55 }
 56 #else
 57 static inline int selinux_xfrm_enabled(void)
 58 {
 59         return 0;
 60 }
 61 
 62 static inline int selinux_xfrm_sock_rcv_skb(u32 sk_sid, struct sk_buff *skb,
 63                                             struct common_audit_data *ad)
 64 {
 65         return 0;
 66 }
 67 
 68 static inline int selinux_xfrm_postroute_last(u32 sk_sid, struct sk_buff *skb,
 69                                               struct common_audit_data *ad,
 70                                               u8 proto)
 71 {
 72         return 0;
 73 }
 74 
 75 static inline int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid,
 76                                               int ckall)
 77 {
 78         *sid = SECSID_NULL;
 79         return 0;
 80 }
 81 
 82 static inline void selinux_xfrm_notify_policyload(void)
 83 {
 84 }
 85 
 86 static inline int selinux_xfrm_skb_sid(struct sk_buff *skb, u32 *sid)
 87 {
 88         *sid = SECSID_NULL;
 89         return 0;
 90 }
 91 #endif
 92 
 93 #endif /* _SELINUX_XFRM_H_ */
 94 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp