1 /*
2  * SELinux interface to the NetLabel subsystem
3  *
4  * Author : Paul Moore <paul.moore@hp.com>
5  *
6  */
7 
8 /*
9  * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
10  *
11  * This program is free software;  you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2 of the License, or
14  * (at your option) any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY;  without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
19  * the GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License
22  * along with this program;  if not, write to the Free Software
23  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24  *
25  */
26 
27 #ifndef _SELINUX_NETLABEL_H_
28 #define _SELINUX_NETLABEL_H_
29 
30 #include <linux/types.h>
31 #include <linux/fs.h>
32 #include <linux/net.h>
33 #include <linux/skbuff.h>
34 #include <net/sock.h>
35 
36 #include "avc.h"
37 #include "objsec.h"
38 
39 #ifdef CONFIG_NETLABEL
40 void selinux_netlbl_cache_invalidate(void);
41 
42 void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec,
43 				      int family);
44 
45 int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
46 				 u16 family,
47 				 u32 *type,
48 				 u32 *sid);
49 
50 void selinux_netlbl_sock_graft(struct sock *sk, struct socket *sock);
51 int selinux_netlbl_socket_post_create(struct socket *sock);
52 int selinux_netlbl_inode_permission(struct inode *inode, int mask);
53 int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec,
54 				struct sk_buff *skb,
55 				u16 family,
56 				struct avc_audit_data *ad);
57 int selinux_netlbl_socket_setsockopt(struct socket *sock,
58 				     int level,
59 				     int optname);
60 #else
61 static inline void selinux_netlbl_cache_invalidate(void)
62 {
63 	return;
64 }
65 
66 static inline void selinux_netlbl_sk_security_reset(
67 	                                       struct sk_security_struct *ssec,
68 					       int family)
69 {
70 	return;
71 }
72 
73 static inline int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
74 					       u16 family,
75 					       u32 *type,
76 					       u32 *sid)
77 {
78 	*type = NETLBL_NLTYPE_NONE;
79 	*sid = SECSID_NULL;
80 	return 0;
81 }
82 
83 static inline void selinux_netlbl_sock_graft(struct sock *sk,
84 					     struct socket *sock)
85 {
86 	return;
87 }
88 static inline int selinux_netlbl_socket_post_create(struct socket *sock)
89 {
90 	return 0;
91 }
92 static inline int selinux_netlbl_inode_permission(struct inode *inode,
93 						  int mask)
94 {
95 	return 0;
96 }
97 static inline int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec,
98 					      struct sk_buff *skb,
99 					      u16 family,
100 					      struct avc_audit_data *ad)
101 {
102 	return 0;
103 }
104 static inline int selinux_netlbl_socket_setsockopt(struct socket *sock,
105 						   int level,
106 						   int optname)
107 {
108 	return 0;
109 }
110 #endif /* CONFIG_NETLABEL */
111 
112 #endif
113