1 /*
2  * NetLabel Network Address Lists
3  *
4  * This file contains network address list functions used to manage ordered
5  * lists of network addresses for use by the NetLabel subsystem.  The NetLabel
6  * system manages static and dynamic label mappings for network protocols such
7  * as CIPSO and RIPSO.
8  *
9  * Author: Paul Moore <paul@paul-moore.com>
10  *
11  */
12 
13 /*
14  * (c) Copyright Hewlett-Packard Development Company, L.P., 2008
15  *
16  * This program is free software;  you can redistribute it and/or modify
17  * it under the terms of the GNU General Public License as published by
18  * the Free Software Foundation; either version 2 of the License, or
19  * (at your option) any later version.
20  *
21  * This program is distributed in the hope that it will be useful,
22  * but WITHOUT ANY WARRANTY;  without even the implied warranty of
23  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
24  * the GNU General Public License for more details.
25  *
26  * You should have received a copy of the GNU General Public License
27  * along with this program;  if not, write to the Free Software
28  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29  *
30  */
31 
32 #ifndef _NETLABEL_ADDRLIST_H
33 #define _NETLABEL_ADDRLIST_H
34 
35 #include <linux/types.h>
36 #include <linux/rcupdate.h>
37 #include <linux/list.h>
38 #include <linux/in6.h>
39 #include <linux/audit.h>
40 
41 /**
42  * struct netlbl_af4list - NetLabel IPv4 address list
43  * @addr: IPv4 address
44  * @mask: IPv4 address mask
45  * @valid: valid flag
46  * @list: list structure, used internally
47  */
48 struct netlbl_af4list {
49 	__be32 addr;
50 	__be32 mask;
51 
52 	u32 valid;
53 	struct list_head list;
54 };
55 
56 /**
57  * struct netlbl_af6list - NetLabel IPv6 address list
58  * @addr: IPv6 address
59  * @mask: IPv6 address mask
60  * @valid: valid flag
61  * @list: list structure, used internally
62  */
63 struct netlbl_af6list {
64 	struct in6_addr addr;
65 	struct in6_addr mask;
66 
67 	u32 valid;
68 	struct list_head list;
69 };
70 
71 #define __af4list_entry(ptr) container_of(ptr, struct netlbl_af4list, list)
72 
73 static inline struct netlbl_af4list *__af4list_valid(struct list_head *s,
74 						     struct list_head *h)
75 {
76 	struct list_head *i = s;
77 	struct netlbl_af4list *n = __af4list_entry(s);
78 	while (i != h && !n->valid) {
79 		i = i->next;
80 		n = __af4list_entry(i);
81 	}
82 	return n;
83 }
84 
85 static inline struct netlbl_af4list *__af4list_valid_rcu(struct list_head *s,
86 							 struct list_head *h)
87 {
88 	struct list_head *i = s;
89 	struct netlbl_af4list *n = __af4list_entry(s);
90 	while (i != h && !n->valid) {
91 		i = rcu_dereference(i->next);
92 		n = __af4list_entry(i);
93 	}
94 	return n;
95 }
96 
97 #define netlbl_af4list_foreach(iter, head)				\
98 	for (iter = __af4list_valid((head)->next, head);		\
99 	     &iter->list != (head);					\
100 	     iter = __af4list_valid(iter->list.next, head))
101 
102 #define netlbl_af4list_foreach_rcu(iter, head)				\
103 	for (iter = __af4list_valid_rcu((head)->next, head);		\
104 	     &iter->list != (head);					\
105 	     iter = __af4list_valid_rcu(iter->list.next, head))
106 
107 #define netlbl_af4list_foreach_safe(iter, tmp, head)			\
108 	for (iter = __af4list_valid((head)->next, head),		\
109 		     tmp = __af4list_valid(iter->list.next, head);	\
110 	     &iter->list != (head);					\
111 	     iter = tmp, tmp = __af4list_valid(iter->list.next, head))
112 
113 int netlbl_af4list_add(struct netlbl_af4list *entry,
114 		       struct list_head *head);
115 struct netlbl_af4list *netlbl_af4list_remove(__be32 addr, __be32 mask,
116 					     struct list_head *head);
117 void netlbl_af4list_remove_entry(struct netlbl_af4list *entry);
118 struct netlbl_af4list *netlbl_af4list_search(__be32 addr,
119 					     struct list_head *head);
120 struct netlbl_af4list *netlbl_af4list_search_exact(__be32 addr,
121 						   __be32 mask,
122 						   struct list_head *head);
123 
124 #ifdef CONFIG_AUDIT
125 void netlbl_af4list_audit_addr(struct audit_buffer *audit_buf,
126 			       int src, const char *dev,
127 			       __be32 addr, __be32 mask);
128 #else
129 static inline void netlbl_af4list_audit_addr(struct audit_buffer *audit_buf,
130 					     int src, const char *dev,
131 					     __be32 addr, __be32 mask)
132 {
133 }
134 #endif
135 
136 #if IS_ENABLED(CONFIG_IPV6)
137 
138 #define __af6list_entry(ptr) container_of(ptr, struct netlbl_af6list, list)
139 
140 static inline struct netlbl_af6list *__af6list_valid(struct list_head *s,
141 						     struct list_head *h)
142 {
143 	struct list_head *i = s;
144 	struct netlbl_af6list *n = __af6list_entry(s);
145 	while (i != h && !n->valid) {
146 		i = i->next;
147 		n = __af6list_entry(i);
148 	}
149 	return n;
150 }
151 
152 static inline struct netlbl_af6list *__af6list_valid_rcu(struct list_head *s,
153 							 struct list_head *h)
154 {
155 	struct list_head *i = s;
156 	struct netlbl_af6list *n = __af6list_entry(s);
157 	while (i != h && !n->valid) {
158 		i = rcu_dereference(i->next);
159 		n = __af6list_entry(i);
160 	}
161 	return n;
162 }
163 
164 #define netlbl_af6list_foreach(iter, head)				\
165 	for (iter = __af6list_valid((head)->next, head);		\
166 	     &iter->list != (head);					\
167 	     iter = __af6list_valid(iter->list.next, head))
168 
169 #define netlbl_af6list_foreach_rcu(iter, head)				\
170 	for (iter = __af6list_valid_rcu((head)->next, head);		\
171 	     &iter->list != (head);					\
172 	     iter = __af6list_valid_rcu(iter->list.next, head))
173 
174 #define netlbl_af6list_foreach_safe(iter, tmp, head)			\
175 	for (iter = __af6list_valid((head)->next, head),		\
176 		     tmp = __af6list_valid(iter->list.next, head);	\
177 	     &iter->list != (head);					\
178 	     iter = tmp, tmp = __af6list_valid(iter->list.next, head))
179 
180 int netlbl_af6list_add(struct netlbl_af6list *entry,
181 		       struct list_head *head);
182 struct netlbl_af6list *netlbl_af6list_remove(const struct in6_addr *addr,
183 					     const struct in6_addr *mask,
184 					     struct list_head *head);
185 void netlbl_af6list_remove_entry(struct netlbl_af6list *entry);
186 struct netlbl_af6list *netlbl_af6list_search(const struct in6_addr *addr,
187 					     struct list_head *head);
188 struct netlbl_af6list *netlbl_af6list_search_exact(const struct in6_addr *addr,
189 						   const struct in6_addr *mask,
190 						   struct list_head *head);
191 
192 #ifdef CONFIG_AUDIT
193 void netlbl_af6list_audit_addr(struct audit_buffer *audit_buf,
194 			       int src,
195 			       const char *dev,
196 			       const struct in6_addr *addr,
197 			       const struct in6_addr *mask);
198 #else
199 static inline void netlbl_af6list_audit_addr(struct audit_buffer *audit_buf,
200 					     int src,
201 					     const char *dev,
202 					     const struct in6_addr *addr,
203 					     const struct in6_addr *mask)
204 {
205 }
206 #endif
207 #endif /* IPV6 */
208 
209 #endif
210