LXR linux/net/netlabel/netlabel

   1/*
   2 * NetLabel NETLINK Interface
   3 *
   4 * This file defines the NETLINK interface for the NetLabel system.  The
   5 * NetLabel system manages static and dynamic label mappings for network
   6 * protocols such as CIPSO and RIPSO.
   7 *
   8 * Author: Paul Moore <paul@paul-moore.com>
   9 *
  10 */
  11
  12/*
  13 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
  14 *
  15 * This program is free software;  you can redistribute it and/or modify
  16 * it under the terms of the GNU General Public License as published by
  17 * the Free Software Foundation; either version 2 of the License, or
  18 * (at your option) any later version.
  19 *
  20 * This program is distributed in the hope that it will be useful,
  21 * but WITHOUT ANY WARRANTY;  without even the implied warranty of
  22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
  23 * the GNU General Public License for more details.
  24 *
  25 * You should have received a copy of the GNU General Public License
  26 * along with this program;  if not, see <http://www.gnu.org/licenses/>.
  27 *
  28 */
  29
  30#include <linux/init.h>
  31#include <linux/types.h>
  32#include <linux/list.h>
  33#include <linux/socket.h>
  34#include <linux/audit.h>
  35#include <linux/tty.h>
  36#include <linux/security.h>
  37#include <linux/gfp.h>
  38#include <net/sock.h>
  39#include <net/netlink.h>
  40#include <net/genetlink.h>
  41#include <net/netlabel.h>
  42#include <asm/bug.h>
  43
  44#include "netlabel_mgmt.h"
  45#include "netlabel_unlabeled.h"
  46#include "netlabel_cipso_v4.h"
  47#include "netlabel_user.h"
  48
  49/*
  50 * NetLabel NETLINK Setup Functions
  51 */
  52
  53/**
  54 * netlbl_netlink_init - Initialize the NETLINK communication channel
  55 *
  56 * Description:
  57 * Call out to the NetLabel components so they can register their families and
  58 * commands with the Generic NETLINK mechanism.  Returns zero on success and
  59 * non-zero on failure.
  60 *
  61 */
  62int __init netlbl_netlink_init(void)
  63{
  64        int ret_val;
  65
  66        ret_val = netlbl_mgmt_genl_init();
  67        if (ret_val != 0)
  68                return ret_val;
  69
  70        ret_val = netlbl_cipsov4_genl_init();
  71        if (ret_val != 0)
  72                return ret_val;
  73
  74        ret_val = netlbl_unlabel_genl_init();
  75        if (ret_val != 0)
  76                return ret_val;
  77
  78        return 0;
  79}
  80
  81/*
  82 * NetLabel Audit Functions
  83 */
  84
  85/**
  86 * netlbl_audit_start_common - Start an audit message
  87 * @type: audit message type
  88 * @audit_info: NetLabel audit information
  89 *
  90 * Description:
  91 * Start an audit message using the type specified in @type and fill the audit
  92 * message with some fields common to all NetLabel audit messages.  Returns
  93 * a pointer to the audit buffer on success, NULL on failure.
  94 *
  95 */
  96struct audit_buffer *netlbl_audit_start_common(int type,
  97                                               struct netlbl_audit *audit_info)
  98{
  99        struct audit_buffer *audit_buf;
 100        char *secctx;
 101        u32 secctx_len;
 102
 103        if (audit_enabled == 0)
 104                return NULL;
 105
 106        audit_buf = audit_log_start(current->audit_context, GFP_ATOMIC, type);
 107        if (audit_buf == NULL)
 108                return NULL;
 109
 110        audit_log_format(audit_buf, "netlabel: auid=%u ses=%u",
 111                         from_kuid(&init_user_ns, audit_info->loginuid),
 112                         audit_info->sessionid);
 113
 114        if (audit_info->secid != 0 &&
 115            security_secid_to_secctx(audit_info->secid,
 116                                     &secctx,
 117                                     &secctx_len) == 0) {
 118                audit_log_format(audit_buf, " subj=%s", secctx);
 119                security_release_secctx(secctx, secctx_len);
 120        }
 121
 122        return audit_buf;
 123}
 124