diff options
Diffstat (limited to 'security/selinux/include/selinux_netlabel.h')
| -rw-r--r-- | security/selinux/include/selinux_netlabel.h | 53 |
1 files changed, 29 insertions, 24 deletions
diff --git a/security/selinux/include/selinux_netlabel.h b/security/selinux/include/selinux_netlabel.h index ecab4bddaaf4..2a732c9033e3 100644 --- a/security/selinux/include/selinux_netlabel.h +++ b/security/selinux/include/selinux_netlabel.h @@ -38,44 +38,45 @@ #ifdef CONFIG_NETLABEL void selinux_netlbl_cache_invalidate(void); -int selinux_netlbl_socket_post_create(struct socket *sock, - int sock_family, - u32 sid); +int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, u32 base_sid, u32 *sid); +int selinux_netlbl_socket_post_create(struct socket *sock); void selinux_netlbl_sock_graft(struct sock *sk, struct socket *sock); -u32 selinux_netlbl_inet_conn_request(struct sk_buff *skb, u32 sock_sid); int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec, struct sk_buff *skb, struct avc_audit_data *ad); -u32 selinux_netlbl_socket_getpeersec_stream(struct socket *sock); -u32 selinux_netlbl_socket_getpeersec_dgram(struct sk_buff *skb); +void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec, + int family); void selinux_netlbl_sk_security_init(struct sk_security_struct *ssec, int family); -void selinux_netlbl_sk_clone_security(struct sk_security_struct *ssec, +void selinux_netlbl_sk_security_clone(struct sk_security_struct *ssec, struct sk_security_struct *newssec); int selinux_netlbl_inode_permission(struct inode *inode, int mask); +int selinux_netlbl_socket_setsockopt(struct socket *sock, + int level, + int optname); #else static inline void selinux_netlbl_cache_invalidate(void) { return; } -static inline int selinux_netlbl_socket_post_create(struct socket *sock, - int sock_family, - u32 sid) +static inline int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, + u32 base_sid, + u32 *sid) { + *sid = SECSID_NULL; return 0; } -static inline void selinux_netlbl_sock_graft(struct sock *sk, - struct socket *sock) +static inline int selinux_netlbl_socket_post_create(struct socket *sock) { - return; + return 0; } -static inline u32 selinux_netlbl_inet_conn_request(struct sk_buff *skb, - u32 sock_sid) +static inline void selinux_netlbl_sock_graft(struct sock *sk, + struct socket *sock) { - return SECSID_NULL; + return; } static inline int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec, @@ -85,14 +86,11 @@ static inline int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec, return 0; } -static inline u32 selinux_netlbl_socket_getpeersec_stream(struct socket *sock) -{ - return SECSID_NULL; -} - -static inline u32 selinux_netlbl_socket_getpeersec_dgram(struct sk_buff *skb) +static inline void selinux_netlbl_sk_security_reset( + struct sk_security_struct *ssec, + int family) { - return SECSID_NULL; + return; } static inline void selinux_netlbl_sk_security_init( @@ -102,7 +100,7 @@ static inline void selinux_netlbl_sk_security_init( return; } -static inline void selinux_netlbl_sk_clone_security( +static inline void selinux_netlbl_sk_security_clone( struct sk_security_struct *ssec, struct sk_security_struct *newssec) { @@ -114,6 +112,13 @@ static inline int selinux_netlbl_inode_permission(struct inode *inode, { return 0; } + +static inline int selinux_netlbl_socket_setsockopt(struct socket *sock, + int level, + int optname) +{ + return 0; +} #endif /* CONFIG_NETLABEL */ #endif |