LXR linux/include/net/calipso.h

   1/*
   2 * CALIPSO - Common Architecture Label IPv6 Security Option
   3 *
   4 * This is an implementation of the CALIPSO protocol as specified in
   5 * RFC 5570.
   6 *
   7 * Authors: Paul Moore <paul@paul-moore.com>
   8 *          Huw Davies <huw@codeweavers.com>
   9 *
  10 */
  11
  12/*
  13 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
  14 * (c) Copyright Huw Davies <huw@codeweavers.com>, 2015
  15 *
  16 * This program is free software;  you can redistribute it and/or modify
  17 * it under the terms of the GNU General Public License as published by
  18 * the Free Software Foundation; either version 2 of the License, or
  19 * (at your option) any later version.
  20 *
  21 * This program is distributed in the hope that it will be useful,
  22 * but WITHOUT ANY WARRANTY;  without even the implied warranty of
  23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
  24 * the GNU General Public License for more details.
  25 *
  26 * You should have received a copy of the GNU General Public License
  27 * along with this program;  if not, see <http://www.gnu.org/licenses/>.
  28 *
  29 */
  30
  31#ifndef _CALIPSO_H
  32#define _CALIPSO_H
  33
  34#include <linux/types.h>
  35#include <linux/rcupdate.h>
  36#include <linux/list.h>
  37#include <linux/net.h>
  38#include <linux/skbuff.h>
  39#include <net/netlabel.h>
  40#include <net/request_sock.h>
  41#include <linux/refcount.h>
  42#include <asm/unaligned.h>
  43
  44/* known doi values */
  45#define CALIPSO_DOI_UNKNOWN          0x00000000
  46
  47/* doi mapping types */
  48#define CALIPSO_MAP_UNKNOWN          0
  49#define CALIPSO_MAP_PASS             2
  50
  51/*
  52 * CALIPSO DOI definitions
  53 */
  54
  55/* DOI definition struct */
  56struct calipso_doi {
  57        u32 doi;
  58        u32 type;
  59
  60        refcount_t refcount;
  61        struct list_head list;
  62        struct rcu_head rcu;
  63};
  64
  65/*
  66 * Sysctl Variables
  67 */
  68extern int calipso_cache_enabled;
  69extern int calipso_cache_bucketsize;
  70
  71#ifdef CONFIG_NETLABEL
  72int __init calipso_init(void);
  73void calipso_exit(void);
  74bool calipso_validate(const struct sk_buff *skb, const unsigned char *option);
  75#else
  76static inline int __init calipso_init(void)
  77{
  78        return 0;
  79}
  80
  81static inline void calipso_exit(void)
  82{
  83}
  84static inline bool calipso_validate(const struct sk_buff *skb,
  85                                    const unsigned char *option)
  86{
  87        return true;
  88}
  89#endif /* CONFIG_NETLABEL */
  90
  91#endif /* _CALIPSO_H */
  92