| netlabel_mgmt.c (3dcbbcda7c5b77c400791b26facd6593c5b176e0) | netlabel_mgmt.c (95d4e6be25a68cd9fbe8c0d356b585504d8db1c7) |
|---|---|
| 1/* 2 * NetLabel Management Support 3 * 4 * This file defines the management functions for the NetLabel system. The 5 * NetLabel system manages static and dynamic label mappings for network 6 * protocols such as CIPSO and RIPSO. 7 * 8 * Author: Paul Moore <paul.moore@hp.com> --- 73 unchanged lines hidden (view full) --- 82 * 83 */ 84static int netlbl_mgmt_add(struct sk_buff *skb, struct genl_info *info) 85{ 86 int ret_val = -EINVAL; 87 struct netlbl_dom_map *entry = NULL; 88 size_t tmp_size; 89 u32 tmp_val; | 1/* 2 * NetLabel Management Support 3 * 4 * This file defines the management functions for the NetLabel system. The 5 * NetLabel system manages static and dynamic label mappings for network 6 * protocols such as CIPSO and RIPSO. 7 * 8 * Author: Paul Moore <paul.moore@hp.com> --- 73 unchanged lines hidden (view full) --- 82 * 83 */ 84static int netlbl_mgmt_add(struct sk_buff *skb, struct genl_info *info) 85{ 86 int ret_val = -EINVAL; 87 struct netlbl_dom_map *entry = NULL; 88 size_t tmp_size; 89 u32 tmp_val; |
| 90 struct netlbl_audit audit_info; |
|
| 90 91 if (!info->attrs[NLBL_MGMT_A_DOMAIN] || 92 !info->attrs[NLBL_MGMT_A_PROTOCOL]) 93 goto add_failure; 94 | 91 92 if (!info->attrs[NLBL_MGMT_A_DOMAIN] || 93 !info->attrs[NLBL_MGMT_A_PROTOCOL]) 94 goto add_failure; 95 |
| 96 netlbl_netlink_auditinfo(skb, &audit_info); 97 |
|
| 95 entry = kzalloc(sizeof(*entry), GFP_KERNEL); 96 if (entry == NULL) { 97 ret_val = -ENOMEM; 98 goto add_failure; 99 } 100 tmp_size = nla_len(info->attrs[NLBL_MGMT_A_DOMAIN]); 101 entry->domain = kmalloc(tmp_size, GFP_KERNEL); 102 if (entry->domain == NULL) { 103 ret_val = -ENOMEM; 104 goto add_failure; 105 } 106 entry->type = nla_get_u32(info->attrs[NLBL_MGMT_A_PROTOCOL]); 107 nla_strlcpy(entry->domain, info->attrs[NLBL_MGMT_A_DOMAIN], tmp_size); 108 109 switch (entry->type) { 110 case NETLBL_NLTYPE_UNLABELED: | 98 entry = kzalloc(sizeof(*entry), GFP_KERNEL); 99 if (entry == NULL) { 100 ret_val = -ENOMEM; 101 goto add_failure; 102 } 103 tmp_size = nla_len(info->attrs[NLBL_MGMT_A_DOMAIN]); 104 entry->domain = kmalloc(tmp_size, GFP_KERNEL); 105 if (entry->domain == NULL) { 106 ret_val = -ENOMEM; 107 goto add_failure; 108 } 109 entry->type = nla_get_u32(info->attrs[NLBL_MGMT_A_PROTOCOL]); 110 nla_strlcpy(entry->domain, info->attrs[NLBL_MGMT_A_DOMAIN], tmp_size); 111 112 switch (entry->type) { 113 case NETLBL_NLTYPE_UNLABELED: |
| 111 ret_val = netlbl_domhsh_add(entry, NETLINK_CB(skb).sid); | 114 ret_val = netlbl_domhsh_add(entry, &audit_info); |
| 112 break; 113 case NETLBL_NLTYPE_CIPSOV4: 114 if (!info->attrs[NLBL_MGMT_A_CV4DOI]) 115 goto add_failure; 116 117 tmp_val = nla_get_u32(info->attrs[NLBL_MGMT_A_CV4DOI]); 118 /* We should be holding a rcu_read_lock() here while we hold 119 * the result but since the entry will always be deleted when 120 * the CIPSO DOI is deleted we aren't going to keep the 121 * lock. */ 122 rcu_read_lock(); 123 entry->type_def.cipsov4 = cipso_v4_doi_getdef(tmp_val); 124 if (entry->type_def.cipsov4 == NULL) { 125 rcu_read_unlock(); 126 goto add_failure; 127 } | 115 break; 116 case NETLBL_NLTYPE_CIPSOV4: 117 if (!info->attrs[NLBL_MGMT_A_CV4DOI]) 118 goto add_failure; 119 120 tmp_val = nla_get_u32(info->attrs[NLBL_MGMT_A_CV4DOI]); 121 /* We should be holding a rcu_read_lock() here while we hold 122 * the result but since the entry will always be deleted when 123 * the CIPSO DOI is deleted we aren't going to keep the 124 * lock. */ 125 rcu_read_lock(); 126 entry->type_def.cipsov4 = cipso_v4_doi_getdef(tmp_val); 127 if (entry->type_def.cipsov4 == NULL) { 128 rcu_read_unlock(); 129 goto add_failure; 130 } |
| 128 ret_val = netlbl_domhsh_add(entry, NETLINK_CB(skb).sid); | 131 ret_val = netlbl_domhsh_add(entry, &audit_info); |
| 129 rcu_read_unlock(); 130 break; 131 default: 132 goto add_failure; 133 } 134 if (ret_val != 0) 135 goto add_failure; 136 --- 14 unchanged lines hidden (view full) --- 151 * Description: 152 * Process a user generated REMOVE message and remove the specified domain 153 * mappings. Returns zero on success, negative values on failure. 154 * 155 */ 156static int netlbl_mgmt_remove(struct sk_buff *skb, struct genl_info *info) 157{ 158 char *domain; | 132 rcu_read_unlock(); 133 break; 134 default: 135 goto add_failure; 136 } 137 if (ret_val != 0) 138 goto add_failure; 139 --- 14 unchanged lines hidden (view full) --- 154 * Description: 155 * Process a user generated REMOVE message and remove the specified domain 156 * mappings. Returns zero on success, negative values on failure. 157 * 158 */ 159static int netlbl_mgmt_remove(struct sk_buff *skb, struct genl_info *info) 160{ 161 char *domain; |
| 162 struct netlbl_audit audit_info; |
|
| 159 160 if (!info->attrs[NLBL_MGMT_A_DOMAIN]) 161 return -EINVAL; 162 | 163 164 if (!info->attrs[NLBL_MGMT_A_DOMAIN]) 165 return -EINVAL; 166 |
| 167 netlbl_netlink_auditinfo(skb, &audit_info); 168 |
|
| 163 domain = nla_data(info->attrs[NLBL_MGMT_A_DOMAIN]); | 169 domain = nla_data(info->attrs[NLBL_MGMT_A_DOMAIN]); |
| 164 return netlbl_domhsh_remove(domain, NETLINK_CB(skb).sid); | 170 return netlbl_domhsh_remove(domain, &audit_info); |
| 165} 166 167/** 168 * netlbl_mgmt_listall_cb - netlbl_domhsh_walk() callback for LISTALL 169 * @entry: the domain mapping hash table entry 170 * @arg: the netlbl_domhsh_walk_arg structure 171 * 172 * Description: --- 86 unchanged lines hidden (view full) --- 259 * zero on success, negative values on failure. 260 * 261 */ 262static int netlbl_mgmt_adddef(struct sk_buff *skb, struct genl_info *info) 263{ 264 int ret_val = -EINVAL; 265 struct netlbl_dom_map *entry = NULL; 266 u32 tmp_val; | 171} 172 173/** 174 * netlbl_mgmt_listall_cb - netlbl_domhsh_walk() callback for LISTALL 175 * @entry: the domain mapping hash table entry 176 * @arg: the netlbl_domhsh_walk_arg structure 177 * 178 * Description: --- 86 unchanged lines hidden (view full) --- 265 * zero on success, negative values on failure. 266 * 267 */ 268static int netlbl_mgmt_adddef(struct sk_buff *skb, struct genl_info *info) 269{ 270 int ret_val = -EINVAL; 271 struct netlbl_dom_map *entry = NULL; 272 u32 tmp_val; |
| 273 struct netlbl_audit audit_info; |
|
| 267 268 if (!info->attrs[NLBL_MGMT_A_PROTOCOL]) 269 goto adddef_failure; 270 | 274 275 if (!info->attrs[NLBL_MGMT_A_PROTOCOL]) 276 goto adddef_failure; 277 |
| 278 netlbl_netlink_auditinfo(skb, &audit_info); 279 |
|
| 271 entry = kzalloc(sizeof(*entry), GFP_KERNEL); 272 if (entry == NULL) { 273 ret_val = -ENOMEM; 274 goto adddef_failure; 275 } 276 entry->type = nla_get_u32(info->attrs[NLBL_MGMT_A_PROTOCOL]); 277 278 switch (entry->type) { 279 case NETLBL_NLTYPE_UNLABELED: | 280 entry = kzalloc(sizeof(*entry), GFP_KERNEL); 281 if (entry == NULL) { 282 ret_val = -ENOMEM; 283 goto adddef_failure; 284 } 285 entry->type = nla_get_u32(info->attrs[NLBL_MGMT_A_PROTOCOL]); 286 287 switch (entry->type) { 288 case NETLBL_NLTYPE_UNLABELED: |
| 280 ret_val = netlbl_domhsh_add_default(entry, 281 NETLINK_CB(skb).sid); | 289 ret_val = netlbl_domhsh_add_default(entry, &audit_info); |
| 282 break; 283 case NETLBL_NLTYPE_CIPSOV4: 284 if (!info->attrs[NLBL_MGMT_A_CV4DOI]) 285 goto adddef_failure; 286 287 tmp_val = nla_get_u32(info->attrs[NLBL_MGMT_A_CV4DOI]); 288 /* We should be holding a rcu_read_lock() here while we hold 289 * the result but since the entry will always be deleted when 290 * the CIPSO DOI is deleted we aren't going to keep the 291 * lock. */ 292 rcu_read_lock(); 293 entry->type_def.cipsov4 = cipso_v4_doi_getdef(tmp_val); 294 if (entry->type_def.cipsov4 == NULL) { 295 rcu_read_unlock(); 296 goto adddef_failure; 297 } | 290 break; 291 case NETLBL_NLTYPE_CIPSOV4: 292 if (!info->attrs[NLBL_MGMT_A_CV4DOI]) 293 goto adddef_failure; 294 295 tmp_val = nla_get_u32(info->attrs[NLBL_MGMT_A_CV4DOI]); 296 /* We should be holding a rcu_read_lock() here while we hold 297 * the result but since the entry will always be deleted when 298 * the CIPSO DOI is deleted we aren't going to keep the 299 * lock. */ 300 rcu_read_lock(); 301 entry->type_def.cipsov4 = cipso_v4_doi_getdef(tmp_val); 302 if (entry->type_def.cipsov4 == NULL) { 303 rcu_read_unlock(); 304 goto adddef_failure; 305 } |
| 298 ret_val = netlbl_domhsh_add_default(entry, 299 NETLINK_CB(skb).sid); | 306 ret_val = netlbl_domhsh_add_default(entry, &audit_info); |
| 300 rcu_read_unlock(); 301 break; 302 default: 303 goto adddef_failure; 304 } 305 if (ret_val != 0) 306 goto adddef_failure; 307 --- 11 unchanged lines hidden (view full) --- 319 * 320 * Description: 321 * Process a user generated REMOVEDEF message and remove the default domain 322 * mapping. Returns zero on success, negative values on failure. 323 * 324 */ 325static int netlbl_mgmt_removedef(struct sk_buff *skb, struct genl_info *info) 326{ | 307 rcu_read_unlock(); 308 break; 309 default: 310 goto adddef_failure; 311 } 312 if (ret_val != 0) 313 goto adddef_failure; 314 --- 11 unchanged lines hidden (view full) --- 326 * 327 * Description: 328 * Process a user generated REMOVEDEF message and remove the default domain 329 * mapping. Returns zero on success, negative values on failure. 330 * 331 */ 332static int netlbl_mgmt_removedef(struct sk_buff *skb, struct genl_info *info) 333{ |
| 327 return netlbl_domhsh_remove_default(NETLINK_CB(skb).sid); | 334 struct netlbl_audit audit_info; 335 336 netlbl_netlink_auditinfo(skb, &audit_info); 337 338 return netlbl_domhsh_remove_default(&audit_info); |
| 328} 329 330/** 331 * netlbl_mgmt_listdef - Handle a LISTDEF message 332 * @skb: the NETLINK buffer 333 * @info: the Generic NETLINK info block 334 * 335 * Description: --- 302 unchanged lines hidden --- | 339} 340 341/** 342 * netlbl_mgmt_listdef - Handle a LISTDEF message 343 * @skb: the NETLINK buffer 344 * @info: the Generic NETLINK info block 345 * 346 * Description: --- 302 unchanged lines hidden --- |