xref: /openbmc/linux/include/net/calipso.h (revision 2fa5ebe3)
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /*
3  * CALIPSO - Common Architecture Label IPv6 Security Option
4  *
5  * This is an implementation of the CALIPSO protocol as specified in
6  * RFC 5570.
7  *
8  * Authors: Paul Moore <paul@paul-moore.com>
9  *          Huw Davies <huw@codeweavers.com>
10  */
11 
12 /*
13  * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
14  * (c) Copyright Huw Davies <huw@codeweavers.com>, 2015
15  */
16 
17 #ifndef _CALIPSO_H
18 #define _CALIPSO_H
19 
20 #include <linux/types.h>
21 #include <linux/rcupdate.h>
22 #include <linux/list.h>
23 #include <linux/net.h>
24 #include <linux/skbuff.h>
25 #include <net/netlabel.h>
26 #include <net/request_sock.h>
27 #include <linux/refcount.h>
28 #include <asm/unaligned.h>
29 
30 /* known doi values */
31 #define CALIPSO_DOI_UNKNOWN          0x00000000
32 
33 /* doi mapping types */
34 #define CALIPSO_MAP_UNKNOWN          0
35 #define CALIPSO_MAP_PASS             2
36 
37 /*
38  * CALIPSO DOI definitions
39  */
40 
41 /* DOI definition struct */
42 struct calipso_doi {
43 	u32 doi;
44 	u32 type;
45 
46 	refcount_t refcount;
47 	struct list_head list;
48 	struct rcu_head rcu;
49 };
50 
51 /*
52  * Sysctl Variables
53  */
54 extern int calipso_cache_enabled;
55 extern int calipso_cache_bucketsize;
56 
57 #ifdef CONFIG_NETLABEL
58 int __init calipso_init(void);
59 void calipso_exit(void);
60 bool calipso_validate(const struct sk_buff *skb, const unsigned char *option);
61 #else
62 static inline int __init calipso_init(void)
63 {
64 	return 0;
65 }
66 
67 static inline void calipso_exit(void)
68 {
69 }
70 static inline bool calipso_validate(const struct sk_buff *skb,
71 				    const unsigned char *option)
72 {
73 	return true;
74 }
75 #endif /* CONFIG_NETLABEL */
76 
77 #endif /* _CALIPSO_H */
78