diff options
Diffstat (limited to 'include/net/calipso.h')
-rw-r--r-- | include/net/calipso.h | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/include/net/calipso.h b/include/net/calipso.h new file mode 100644 index 0000000000..f8667a3fda --- /dev/null +++ b/include/net/calipso.h @@ -0,0 +1,77 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * CALIPSO - Common Architecture Label IPv6 Security Option + * + * This is an implementation of the CALIPSO protocol as specified in + * RFC 5570. + * + * Authors: Paul Moore <paul@paul-moore.com> + * Huw Davies <huw@codeweavers.com> + */ + +/* + * (c) Copyright Hewlett-Packard Development Company, L.P., 2006 + * (c) Copyright Huw Davies <huw@codeweavers.com>, 2015 + */ + +#ifndef _CALIPSO_H +#define _CALIPSO_H + +#include <linux/types.h> +#include <linux/rcupdate.h> +#include <linux/list.h> +#include <linux/net.h> +#include <linux/skbuff.h> +#include <net/netlabel.h> +#include <net/request_sock.h> +#include <linux/refcount.h> +#include <asm/unaligned.h> + +/* known doi values */ +#define CALIPSO_DOI_UNKNOWN 0x00000000 + +/* doi mapping types */ +#define CALIPSO_MAP_UNKNOWN 0 +#define CALIPSO_MAP_PASS 2 + +/* + * CALIPSO DOI definitions + */ + +/* DOI definition struct */ +struct calipso_doi { + u32 doi; + u32 type; + + refcount_t refcount; + struct list_head list; + struct rcu_head rcu; +}; + +/* + * Sysctl Variables + */ +extern int calipso_cache_enabled; +extern int calipso_cache_bucketsize; + +#ifdef CONFIG_NETLABEL +int __init calipso_init(void); +void calipso_exit(void); +bool calipso_validate(const struct sk_buff *skb, const unsigned char *option); +#else +static inline int __init calipso_init(void) +{ + return 0; +} + +static inline void calipso_exit(void) +{ +} +static inline bool calipso_validate(const struct sk_buff *skb, + const unsigned char *option) +{ + return true; +} +#endif /* CONFIG_NETLABEL */ + +#endif /* _CALIPSO_H */ |