xref: /OK3568_Linux_fs/kernel/net/netlabel/netlabel_domainhash.h (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0-or-later */
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun  * NetLabel Domain Hash Table
4*4882a593Smuzhiyun  *
5*4882a593Smuzhiyun  * This file manages the domain hash table that NetLabel uses to determine
6*4882a593Smuzhiyun  * which network labeling protocol to use for a given domain.  The NetLabel
7*4882a593Smuzhiyun  * system manages static and dynamic label mappings for network protocols such
8*4882a593Smuzhiyun  * as CIPSO and RIPSO.
9*4882a593Smuzhiyun  *
10*4882a593Smuzhiyun  * Author: Paul Moore <paul@paul-moore.com>
11*4882a593Smuzhiyun  */
12*4882a593Smuzhiyun 
13*4882a593Smuzhiyun /*
14*4882a593Smuzhiyun  * (c) Copyright Hewlett-Packard Development Company, L.P., 2006, 2008
15*4882a593Smuzhiyun  */
16*4882a593Smuzhiyun 
17*4882a593Smuzhiyun #ifndef _NETLABEL_DOMAINHASH_H
18*4882a593Smuzhiyun #define _NETLABEL_DOMAINHASH_H
19*4882a593Smuzhiyun 
20*4882a593Smuzhiyun #include <linux/types.h>
21*4882a593Smuzhiyun #include <linux/rcupdate.h>
22*4882a593Smuzhiyun #include <linux/list.h>
23*4882a593Smuzhiyun 
24*4882a593Smuzhiyun #include "netlabel_addrlist.h"
25*4882a593Smuzhiyun 
26*4882a593Smuzhiyun /* Domain hash table size */
27*4882a593Smuzhiyun /* XXX - currently this number is an uneducated guess */
28*4882a593Smuzhiyun #define NETLBL_DOMHSH_BITSIZE       7
29*4882a593Smuzhiyun 
30*4882a593Smuzhiyun /* Domain mapping definition structures */
31*4882a593Smuzhiyun struct netlbl_domaddr_map {
32*4882a593Smuzhiyun 	struct list_head list4;
33*4882a593Smuzhiyun 	struct list_head list6;
34*4882a593Smuzhiyun };
35*4882a593Smuzhiyun struct netlbl_dommap_def {
36*4882a593Smuzhiyun 	u32 type;
37*4882a593Smuzhiyun 	union {
38*4882a593Smuzhiyun 		struct netlbl_domaddr_map *addrsel;
39*4882a593Smuzhiyun 		struct cipso_v4_doi *cipso;
40*4882a593Smuzhiyun 		struct calipso_doi *calipso;
41*4882a593Smuzhiyun 	};
42*4882a593Smuzhiyun };
43*4882a593Smuzhiyun #define netlbl_domhsh_addr4_entry(iter) \
44*4882a593Smuzhiyun 	container_of(iter, struct netlbl_domaddr4_map, list)
45*4882a593Smuzhiyun struct netlbl_domaddr4_map {
46*4882a593Smuzhiyun 	struct netlbl_dommap_def def;
47*4882a593Smuzhiyun 
48*4882a593Smuzhiyun 	struct netlbl_af4list list;
49*4882a593Smuzhiyun };
50*4882a593Smuzhiyun #define netlbl_domhsh_addr6_entry(iter) \
51*4882a593Smuzhiyun 	container_of(iter, struct netlbl_domaddr6_map, list)
52*4882a593Smuzhiyun struct netlbl_domaddr6_map {
53*4882a593Smuzhiyun 	struct netlbl_dommap_def def;
54*4882a593Smuzhiyun 
55*4882a593Smuzhiyun 	struct netlbl_af6list list;
56*4882a593Smuzhiyun };
57*4882a593Smuzhiyun 
58*4882a593Smuzhiyun struct netlbl_dom_map {
59*4882a593Smuzhiyun 	char *domain;
60*4882a593Smuzhiyun 	u16 family;
61*4882a593Smuzhiyun 	struct netlbl_dommap_def def;
62*4882a593Smuzhiyun 
63*4882a593Smuzhiyun 	u32 valid;
64*4882a593Smuzhiyun 	struct list_head list;
65*4882a593Smuzhiyun 	struct rcu_head rcu;
66*4882a593Smuzhiyun };
67*4882a593Smuzhiyun 
68*4882a593Smuzhiyun /* init function */
69*4882a593Smuzhiyun int netlbl_domhsh_init(u32 size);
70*4882a593Smuzhiyun 
71*4882a593Smuzhiyun /* Manipulate the domain hash table */
72*4882a593Smuzhiyun int netlbl_domhsh_add(struct netlbl_dom_map *entry,
73*4882a593Smuzhiyun 		      struct netlbl_audit *audit_info);
74*4882a593Smuzhiyun int netlbl_domhsh_add_default(struct netlbl_dom_map *entry,
75*4882a593Smuzhiyun 			      struct netlbl_audit *audit_info);
76*4882a593Smuzhiyun int netlbl_domhsh_remove_entry(struct netlbl_dom_map *entry,
77*4882a593Smuzhiyun 			       struct netlbl_audit *audit_info);
78*4882a593Smuzhiyun int netlbl_domhsh_remove_af4(const char *domain,
79*4882a593Smuzhiyun 			     const struct in_addr *addr,
80*4882a593Smuzhiyun 			     const struct in_addr *mask,
81*4882a593Smuzhiyun 			     struct netlbl_audit *audit_info);
82*4882a593Smuzhiyun int netlbl_domhsh_remove_af6(const char *domain,
83*4882a593Smuzhiyun 			     const struct in6_addr *addr,
84*4882a593Smuzhiyun 			     const struct in6_addr *mask,
85*4882a593Smuzhiyun 			     struct netlbl_audit *audit_info);
86*4882a593Smuzhiyun int netlbl_domhsh_remove(const char *domain, u16 family,
87*4882a593Smuzhiyun 			 struct netlbl_audit *audit_info);
88*4882a593Smuzhiyun int netlbl_domhsh_remove_default(u16 family, struct netlbl_audit *audit_info);
89*4882a593Smuzhiyun struct netlbl_dom_map *netlbl_domhsh_getentry(const char *domain, u16 family);
90*4882a593Smuzhiyun struct netlbl_dommap_def *netlbl_domhsh_getentry_af4(const char *domain,
91*4882a593Smuzhiyun 						     __be32 addr);
92*4882a593Smuzhiyun #if IS_ENABLED(CONFIG_IPV6)
93*4882a593Smuzhiyun struct netlbl_dommap_def *netlbl_domhsh_getentry_af6(const char *domain,
94*4882a593Smuzhiyun 						   const struct in6_addr *addr);
95*4882a593Smuzhiyun int netlbl_domhsh_remove_af6(const char *domain,
96*4882a593Smuzhiyun 			     const struct in6_addr *addr,
97*4882a593Smuzhiyun 			     const struct in6_addr *mask,
98*4882a593Smuzhiyun 			     struct netlbl_audit *audit_info);
99*4882a593Smuzhiyun #endif /* IPv6 */
100*4882a593Smuzhiyun 
101*4882a593Smuzhiyun int netlbl_domhsh_walk(u32 *skip_bkt,
102*4882a593Smuzhiyun 		     u32 *skip_chain,
103*4882a593Smuzhiyun 		     int (*callback) (struct netlbl_dom_map *entry, void *arg),
104*4882a593Smuzhiyun 		     void *cb_arg);
105*4882a593Smuzhiyun 
106*4882a593Smuzhiyun #endif
107