xref: /openbmc/linux/net/netlabel/netlabel_mgmt.h (revision 643d1f7f) 
1 /*
2  * NetLabel Management Support
3  *
4  * This file defines the management functions for the NetLabel system.  The
5  * NetLabel system manages static and dynamic label mappings for network
6  * protocols such as CIPSO and RIPSO.
7  *
8  * Author: Paul Moore <paul.moore@hp.com>
9  *
10  */
11 
12 /*
13  * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
14  *
15  * This program is free software;  you can redistribute it and/or modify
16  * it under the terms of the GNU General Public License as published by
17  * the Free Software Foundation; either version 2 of the License, or
18  * (at your option) any later version.
19  *
20  * This program is distributed in the hope that it will be useful,
21  * but WITHOUT ANY WARRANTY;  without even the implied warranty of
22  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
23  * the GNU General Public License for more details.
24  *
25  * You should have received a copy of the GNU General Public License
26  * along with this program;  if not, write to the Free Software
27  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
28  *
29  */
30 
31 #ifndef _NETLABEL_MGMT_H
32 #define _NETLABEL_MGMT_H
33 
34 #include <net/netlabel.h>
35 #include <asm/atomic.h>
36 
37 /*
38  * The following NetLabel payloads are supported by the management interface.
39  *
40  * o ADD:
41  *   Sent by an application to add a domain mapping to the NetLabel system.
42  *
43  *   Required attributes:
44  *
45  *     NLBL_MGMT_A_DOMAIN
46  *     NLBL_MGMT_A_PROTOCOL
47  *
48  *   If using NETLBL_NLTYPE_CIPSOV4 the following attributes are required:
49  *
50  *     NLBL_MGMT_A_CV4DOI
51  *
52  *   If using NETLBL_NLTYPE_UNLABELED no other attributes are required.
53  *
54  * o REMOVE:
55  *   Sent by an application to remove a domain mapping from the NetLabel
56  *   system.
57  *
58  *   Required attributes:
59  *
60  *     NLBL_MGMT_A_DOMAIN
61  *
62  * o LISTALL:
63  *   This message can be sent either from an application or by the kernel in
64  *   response to an application generated LISTALL message.  When sent by an
65  *   application there is no payload and the NLM_F_DUMP flag should be set.
66  *   The kernel should respond with a series of the following messages.
67  *
68  *   Required attributes:
69  *
70  *     NLBL_MGMT_A_DOMAIN
71  *     NLBL_MGMT_A_PROTOCOL
72  *
73  *   If using NETLBL_NLTYPE_CIPSOV4 the following attributes are required:
74  *
75  *     NLBL_MGMT_A_CV4DOI
76  *
77  *   If using NETLBL_NLTYPE_UNLABELED no other attributes are required.
78  *
79  * o ADDDEF:
80  *   Sent by an application to set the default domain mapping for the NetLabel
81  *   system.
82  *
83  *   Required attributes:
84  *
85  *     NLBL_MGMT_A_PROTOCOL
86  *
87  *   If using NETLBL_NLTYPE_CIPSOV4 the following attributes are required:
88  *
89  *     NLBL_MGMT_A_CV4DOI
90  *
91  *   If using NETLBL_NLTYPE_UNLABELED no other attributes are required.
92  *
93  * o REMOVEDEF:
94  *   Sent by an application to remove the default domain mapping from the
95  *   NetLabel system, there is no payload.
96  *
97  * o LISTDEF:
98  *   This message can be sent either from an application or by the kernel in
99  *   response to an application generated LISTDEF message.  When sent by an
100  *   application there is no payload.  On success the kernel should send a
101  *   response using the following format.
102  *
103  *   Required attributes:
104  *
105  *     NLBL_MGMT_A_PROTOCOL
106  *
107  *   If using NETLBL_NLTYPE_CIPSOV4 the following attributes are required:
108  *
109  *     NLBL_MGMT_A_CV4DOI
110  *
111  *   If using NETLBL_NLTYPE_UNLABELED no other attributes are required.
112  *
113  * o PROTOCOLS:
114  *   Sent by an application to request a list of configured NetLabel protocols
115  *   in the kernel.  When sent by an application there is no payload and the
116  *   NLM_F_DUMP flag should be set.  The kernel should respond with a series of
117  *   the following messages.
118  *
119  *   Required attributes:
120  *
121  *     NLBL_MGMT_A_PROTOCOL
122  *
123  * o VERSION:
124  *   Sent by an application to request the NetLabel version.  When sent by an
125  *   application there is no payload.  This message type is also used by the
126  *   kernel to respond to an VERSION request.
127  *
128  *   Required attributes:
129  *
130  *     NLBL_MGMT_A_VERSION
131  *
132  */
133 
134 /* NetLabel Management commands */
135 enum {
136 	NLBL_MGMT_C_UNSPEC,
137 	NLBL_MGMT_C_ADD,
138 	NLBL_MGMT_C_REMOVE,
139 	NLBL_MGMT_C_LISTALL,
140 	NLBL_MGMT_C_ADDDEF,
141 	NLBL_MGMT_C_REMOVEDEF,
142 	NLBL_MGMT_C_LISTDEF,
143 	NLBL_MGMT_C_PROTOCOLS,
144 	NLBL_MGMT_C_VERSION,
145 	__NLBL_MGMT_C_MAX,
146 };
147 #define NLBL_MGMT_C_MAX (__NLBL_MGMT_C_MAX - 1)
148 
149 /* NetLabel Management attributes */
150 enum {
151 	NLBL_MGMT_A_UNSPEC,
152 	NLBL_MGMT_A_DOMAIN,
153 	/* (NLA_NUL_STRING)
154 	 * the NULL terminated LSM domain string */
155 	NLBL_MGMT_A_PROTOCOL,
156 	/* (NLA_U32)
157 	 * the NetLabel protocol type (defined by NETLBL_NLTYPE_*) */
158 	NLBL_MGMT_A_VERSION,
159 	/* (NLA_U32)
160 	 * the NetLabel protocol version number (defined by
161 	 * NETLBL_PROTO_VERSION) */
162 	NLBL_MGMT_A_CV4DOI,
163 	/* (NLA_U32)
164 	 * the CIPSOv4 DOI value */
165 	__NLBL_MGMT_A_MAX,
166 };
167 #define NLBL_MGMT_A_MAX (__NLBL_MGMT_A_MAX - 1)
168 
169 /* NetLabel protocol functions */
170 int netlbl_mgmt_genl_init(void);
171 
172 /* NetLabel configured protocol reference counter */
173 extern atomic_t netlabel_mgmt_protocount;
174 
175 #endif
176