summaryrefslogtreecommitdiff
path: root/security/selinux/include/selinux_netlabel.h
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2007-02-28 15:14:22 -0500
committerJames Morris <jmorris@namei.org>2007-04-26 01:35:48 -0400
commit5778eabd9cdbf16ea3e40248c452b4fd25554d11 (patch)
treea488fd5fc07c01b93fe38621888cc50c64cfc0a1 /security/selinux/include/selinux_netlabel.h
parent128c6b6cbffc8203e13ea5712a8aa65d2ed82e4e (diff)
SELinux: extract the NetLabel SELinux support from the security server
Up until this patch the functions which have provided NetLabel support to SELinux have been integrated into the SELinux security server, which for various reasons is not really ideal. This patch makes an effort to extract as much of the NetLabel support from the security server as possibile and move it into it's own file within the SELinux directory structure. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/include/selinux_netlabel.h')
-rw-r--r--security/selinux/include/selinux_netlabel.h71
1 files changed, 34 insertions, 37 deletions
diff --git a/security/selinux/include/selinux_netlabel.h b/security/selinux/include/selinux_netlabel.h
index 2a732c9033e3..218e3f77c350 100644
--- a/security/selinux/include/selinux_netlabel.h
+++ b/security/selinux/include/selinux_netlabel.h
@@ -38,19 +38,22 @@
#ifdef CONFIG_NETLABEL
void selinux_netlbl_cache_invalidate(void);
-int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, u32 base_sid, u32 *sid);
-int selinux_netlbl_socket_post_create(struct socket *sock);
-void selinux_netlbl_sock_graft(struct sock *sk, struct socket *sock);
-int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec,
- struct sk_buff *skb,
- struct avc_audit_data *ad);
+
void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec,
int family);
void selinux_netlbl_sk_security_init(struct sk_security_struct *ssec,
int family);
void selinux_netlbl_sk_security_clone(struct sk_security_struct *ssec,
struct sk_security_struct *newssec);
+
+int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, u32 base_sid, u32 *sid);
+
+void selinux_netlbl_sock_graft(struct sock *sk, struct socket *sock);
+int selinux_netlbl_socket_post_create(struct socket *sock);
int selinux_netlbl_inode_permission(struct inode *inode, int mask);
+int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec,
+ struct sk_buff *skb,
+ struct avc_audit_data *ad);
int selinux_netlbl_socket_setsockopt(struct socket *sock,
int level,
int optname);
@@ -60,59 +63,53 @@ static inline void selinux_netlbl_cache_invalidate(void)
return;
}
-static inline int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
- u32 base_sid,
- u32 *sid)
+static inline void selinux_netlbl_sk_security_reset(
+ struct sk_security_struct *ssec,
+ int family)
{
- *sid = SECSID_NULL;
- return 0;
+ return;
}
-
-static inline int selinux_netlbl_socket_post_create(struct socket *sock)
+static inline void selinux_netlbl_sk_security_init(
+ struct sk_security_struct *ssec,
+ int family)
{
- return 0;
+ return;
}
-
-static inline void selinux_netlbl_sock_graft(struct sock *sk,
- struct socket *sock)
+static inline void selinux_netlbl_sk_security_clone(
+ struct sk_security_struct *ssec,
+ struct sk_security_struct *newssec)
{
return;
}
-static inline int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec,
- struct sk_buff *skb,
- struct avc_audit_data *ad)
+static inline int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
+ u32 base_sid,
+ u32 *sid)
{
+ *sid = SECSID_NULL;
return 0;
}
-static inline void selinux_netlbl_sk_security_reset(
- struct sk_security_struct *ssec,
- int family)
-{
- return;
-}
-
-static inline void selinux_netlbl_sk_security_init(
- struct sk_security_struct *ssec,
- int family)
+static inline void selinux_netlbl_sock_graft(struct sock *sk,
+ struct socket *sock)
{
return;
}
-
-static inline void selinux_netlbl_sk_security_clone(
- struct sk_security_struct *ssec,
- struct sk_security_struct *newssec)
+static inline int selinux_netlbl_socket_post_create(struct socket *sock)
{
- return;
+ return 0;
}
-
static inline int selinux_netlbl_inode_permission(struct inode *inode,
int mask)
{
return 0;
}
-
+static inline int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec,
+ struct sk_buff *skb,
+ struct avc_audit_data *ad)
+{
+ return 0;
+}
static inline int selinux_netlbl_socket_setsockopt(struct socket *sock,
int level,
int optname)