1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * NetLabel Management Support
5 * This file defines the management functions for the NetLabel system. The
6 * NetLabel system manages static and dynamic label mappings for network
7 * protocols such as CIPSO and RIPSO.
13 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006, 2008
16 #include <linux/types.h>
17 #include <linux/socket.h>
18 #include <linux/string.h>
19 #include <linux/skbuff.h>
21 #include <linux/in6.h>
22 #include <linux/slab.h>
24 #include <net/netlink.h>
25 #include <net/genetlink.h>
28 #include <net/netlabel.h>
29 #include <net/cipso_ipv4.h>
30 #include <net/calipso.h>
31 #include <linux/atomic.h>
33 #include "netlabel_calipso.h"
34 #include "netlabel_domainhash.h"
35 #include "netlabel_user.h"
36 #include "netlabel_mgmt.h"
38 /* NetLabel configured protocol counter */
39 atomic_t netlabel_mgmt_protocount = ATOMIC_INIT(0);
41 /* Argument struct for netlbl_domhsh_walk() */
42 struct netlbl_domhsh_walk_arg {
43 struct netlink_callback *nl_cb;
48 /* NetLabel Generic NETLINK CIPSOv4 family */
49 static struct genl_family netlbl_mgmt_gnl_family;
51 /* NetLabel Netlink attribute policy */
52 static const struct nla_policy netlbl_mgmt_genl_policy[NLBL_MGMT_A_MAX + 1] = {
53 [NLBL_MGMT_A_DOMAIN] = { .type = NLA_NUL_STRING },
54 [NLBL_MGMT_A_PROTOCOL] = { .type = NLA_U32 },
55 [NLBL_MGMT_A_VERSION] = { .type = NLA_U32 },
56 [NLBL_MGMT_A_CV4DOI] = { .type = NLA_U32 },
57 [NLBL_MGMT_A_FAMILY] = { .type = NLA_U16 },
58 [NLBL_MGMT_A_CLPDOI] = { .type = NLA_U32 },
66 * netlbl_mgmt_add_common - Handle an ADD message
67 * @info: the Generic NETLINK info block
68 * @audit_info: NetLabel audit information
71 * Helper function for the ADD and ADDDEF messages to add the domain mappings
72 * from the message to the hash table. See netlabel.h for a description of the
73 * message format. Returns zero on success, negative values on failure.
76 static int netlbl_mgmt_add_common(struct genl_info *info,
77 struct netlbl_audit *audit_info)
80 int ret_val = -EINVAL;
81 struct netlbl_domaddr_map *addrmap = NULL;
82 struct cipso_v4_doi *cipsov4 = NULL;
83 #if IS_ENABLED(CONFIG_IPV6)
84 struct calipso_doi *calipso = NULL;
87 struct netlbl_dom_map *entry = kzalloc(sizeof(*entry), GFP_KERNEL);
91 entry->def.type = nla_get_u32(info->attrs[NLBL_MGMT_A_PROTOCOL]);
92 if (info->attrs[NLBL_MGMT_A_DOMAIN]) {
93 size_t tmp_size = nla_len(info->attrs[NLBL_MGMT_A_DOMAIN]);
94 entry->domain = kmalloc(tmp_size, GFP_KERNEL);
95 if (entry->domain == NULL) {
99 nla_strscpy(entry->domain,
100 info->attrs[NLBL_MGMT_A_DOMAIN], tmp_size);
103 /* NOTE: internally we allow/use a entry->def.type value of
104 * NETLBL_NLTYPE_ADDRSELECT but we don't currently allow users
105 * to pass that as a protocol value because we need to know the
108 switch (entry->def.type) {
109 case NETLBL_NLTYPE_UNLABELED:
111 nla_get_u16_default(info->attrs[NLBL_MGMT_A_FAMILY],
114 case NETLBL_NLTYPE_CIPSOV4:
115 if (!info->attrs[NLBL_MGMT_A_CV4DOI])
116 goto add_free_domain;
118 tmp_val = nla_get_u32(info->attrs[NLBL_MGMT_A_CV4DOI]);
119 cipsov4 = cipso_v4_doi_getdef(tmp_val);
121 goto add_free_domain;
122 entry->family = AF_INET;
123 entry->def.cipso = cipsov4;
125 #if IS_ENABLED(CONFIG_IPV6)
126 case NETLBL_NLTYPE_CALIPSO:
127 if (!info->attrs[NLBL_MGMT_A_CLPDOI])
128 goto add_free_domain;
130 tmp_val = nla_get_u32(info->attrs[NLBL_MGMT_A_CLPDOI]);
131 calipso = calipso_doi_getdef(tmp_val);
133 goto add_free_domain;
134 entry->family = AF_INET6;
135 entry->def.calipso = calipso;
139 goto add_free_domain;
142 if ((entry->family == AF_INET && info->attrs[NLBL_MGMT_A_IPV6ADDR]) ||
143 (entry->family == AF_INET6 && info->attrs[NLBL_MGMT_A_IPV4ADDR]))
144 goto add_doi_put_def;
146 if (info->attrs[NLBL_MGMT_A_IPV4ADDR]) {
147 struct in_addr *addr;
148 struct in_addr *mask;
149 struct netlbl_domaddr4_map *map;
151 addrmap = kzalloc(sizeof(*addrmap), GFP_KERNEL);
152 if (addrmap == NULL) {
154 goto add_doi_put_def;
156 INIT_LIST_HEAD(&addrmap->list4);
157 INIT_LIST_HEAD(&addrmap->list6);
159 if (nla_len(info->attrs[NLBL_MGMT_A_IPV4ADDR]) !=
160 sizeof(struct in_addr)) {
162 goto add_free_addrmap;
164 if (nla_len(info->attrs[NLBL_MGMT_A_IPV4MASK]) !=
165 sizeof(struct in_addr)) {
167 goto add_free_addrmap;
169 addr = nla_data(info->attrs[NLBL_MGMT_A_IPV4ADDR]);
170 mask = nla_data(info->attrs[NLBL_MGMT_A_IPV4MASK]);
172 map = kzalloc(sizeof(*map), GFP_KERNEL);
175 goto add_free_addrmap;
178 map->list.addr = addr->s_addr & mask->s_addr;
179 map->list.mask = mask->s_addr;
181 map->def.type = entry->def.type;
183 map->def.cipso = cipsov4;
185 ret_val = netlbl_af4list_add(&map->list, &addrmap->list4);
189 entry->family = AF_INET;
190 entry->def.type = NETLBL_NLTYPE_ADDRSELECT;
191 entry->def.addrsel = addrmap;
192 #if IS_ENABLED(CONFIG_IPV6)
193 } else if (info->attrs[NLBL_MGMT_A_IPV6ADDR]) {
194 struct in6_addr *addr;
195 struct in6_addr *mask;
196 struct netlbl_domaddr6_map *map;
198 addrmap = kzalloc(sizeof(*addrmap), GFP_KERNEL);
199 if (addrmap == NULL) {
201 goto add_doi_put_def;
203 INIT_LIST_HEAD(&addrmap->list4);
204 INIT_LIST_HEAD(&addrmap->list6);
206 if (nla_len(info->attrs[NLBL_MGMT_A_IPV6ADDR]) !=
207 sizeof(struct in6_addr)) {
209 goto add_free_addrmap;
211 if (nla_len(info->attrs[NLBL_MGMT_A_IPV6MASK]) !=
212 sizeof(struct in6_addr)) {
214 goto add_free_addrmap;
216 addr = nla_data(info->attrs[NLBL_MGMT_A_IPV6ADDR]);
217 mask = nla_data(info->attrs[NLBL_MGMT_A_IPV6MASK]);
219 map = kzalloc(sizeof(*map), GFP_KERNEL);
222 goto add_free_addrmap;
225 map->list.addr = *addr;
226 map->list.addr.s6_addr32[0] &= mask->s6_addr32[0];
227 map->list.addr.s6_addr32[1] &= mask->s6_addr32[1];
228 map->list.addr.s6_addr32[2] &= mask->s6_addr32[2];
229 map->list.addr.s6_addr32[3] &= mask->s6_addr32[3];
230 map->list.mask = *mask;
232 map->def.type = entry->def.type;
234 map->def.calipso = calipso;
236 ret_val = netlbl_af6list_add(&map->list, &addrmap->list6);
240 entry->family = AF_INET6;
241 entry->def.type = NETLBL_NLTYPE_ADDRSELECT;
242 entry->def.addrsel = addrmap;
246 ret_val = netlbl_domhsh_add(entry, audit_info);
257 cipso_v4_doi_putdef(cipsov4);
258 #if IS_ENABLED(CONFIG_IPV6)
259 calipso_doi_putdef(calipso);
262 kfree(entry->domain);
269 * netlbl_mgmt_listentry - List a NetLabel/LSM domain map entry
270 * @skb: the NETLINK buffer
271 * @entry: the map entry
274 * This function is a helper function used by the LISTALL and LISTDEF command
275 * handlers. The caller is responsible for ensuring that the RCU read lock
276 * is held. Returns zero on success, negative values on failure.
279 static int netlbl_mgmt_listentry(struct sk_buff *skb,
280 struct netlbl_dom_map *entry)
283 struct nlattr *nla_a;
284 struct nlattr *nla_b;
285 struct netlbl_af4list *iter4;
286 #if IS_ENABLED(CONFIG_IPV6)
287 struct netlbl_af6list *iter6;
290 if (entry->domain != NULL) {
291 ret_val = nla_put_string(skb,
292 NLBL_MGMT_A_DOMAIN, entry->domain);
297 ret_val = nla_put_u16(skb, NLBL_MGMT_A_FAMILY, entry->family);
301 switch (entry->def.type) {
302 case NETLBL_NLTYPE_ADDRSELECT:
303 nla_a = nla_nest_start_noflag(skb, NLBL_MGMT_A_SELECTORLIST);
307 netlbl_af4list_foreach_rcu(iter4, &entry->def.addrsel->list4) {
308 struct netlbl_domaddr4_map *map4;
309 struct in_addr addr_struct;
311 nla_b = nla_nest_start_noflag(skb,
312 NLBL_MGMT_A_ADDRSELECTOR);
316 addr_struct.s_addr = iter4->addr;
317 ret_val = nla_put_in_addr(skb, NLBL_MGMT_A_IPV4ADDR,
321 addr_struct.s_addr = iter4->mask;
322 ret_val = nla_put_in_addr(skb, NLBL_MGMT_A_IPV4MASK,
326 map4 = netlbl_domhsh_addr4_entry(iter4);
327 ret_val = nla_put_u32(skb, NLBL_MGMT_A_PROTOCOL,
331 switch (map4->def.type) {
332 case NETLBL_NLTYPE_CIPSOV4:
333 ret_val = nla_put_u32(skb, NLBL_MGMT_A_CV4DOI,
334 map4->def.cipso->doi);
340 nla_nest_end(skb, nla_b);
342 #if IS_ENABLED(CONFIG_IPV6)
343 netlbl_af6list_foreach_rcu(iter6, &entry->def.addrsel->list6) {
344 struct netlbl_domaddr6_map *map6;
346 nla_b = nla_nest_start_noflag(skb,
347 NLBL_MGMT_A_ADDRSELECTOR);
351 ret_val = nla_put_in6_addr(skb, NLBL_MGMT_A_IPV6ADDR,
355 ret_val = nla_put_in6_addr(skb, NLBL_MGMT_A_IPV6MASK,
359 map6 = netlbl_domhsh_addr6_entry(iter6);
360 ret_val = nla_put_u32(skb, NLBL_MGMT_A_PROTOCOL,
365 switch (map6->def.type) {
366 case NETLBL_NLTYPE_CALIPSO:
367 ret_val = nla_put_u32(skb, NLBL_MGMT_A_CLPDOI,
368 map6->def.calipso->doi);
374 nla_nest_end(skb, nla_b);
378 nla_nest_end(skb, nla_a);
380 case NETLBL_NLTYPE_UNLABELED:
381 ret_val = nla_put_u32(skb, NLBL_MGMT_A_PROTOCOL,
384 case NETLBL_NLTYPE_CIPSOV4:
385 ret_val = nla_put_u32(skb, NLBL_MGMT_A_PROTOCOL,
389 ret_val = nla_put_u32(skb, NLBL_MGMT_A_CV4DOI,
390 entry->def.cipso->doi);
392 case NETLBL_NLTYPE_CALIPSO:
393 ret_val = nla_put_u32(skb, NLBL_MGMT_A_PROTOCOL,
397 ret_val = nla_put_u32(skb, NLBL_MGMT_A_CLPDOI,
398 entry->def.calipso->doi);
406 * NetLabel Command Handlers
410 * netlbl_mgmt_add - Handle an ADD message
411 * @skb: the NETLINK buffer
412 * @info: the Generic NETLINK info block
415 * Process a user generated ADD message and add the domains from the message
416 * to the hash table. See netlabel.h for a description of the message format.
417 * Returns zero on success, negative values on failure.
420 static int netlbl_mgmt_add(struct sk_buff *skb, struct genl_info *info)
422 struct netlbl_audit audit_info;
424 if ((!info->attrs[NLBL_MGMT_A_DOMAIN]) ||
425 (!info->attrs[NLBL_MGMT_A_PROTOCOL]) ||
426 (info->attrs[NLBL_MGMT_A_IPV4ADDR] &&
427 info->attrs[NLBL_MGMT_A_IPV6ADDR]) ||
428 (info->attrs[NLBL_MGMT_A_IPV4MASK] &&
429 info->attrs[NLBL_MGMT_A_IPV6MASK]) ||
430 ((info->attrs[NLBL_MGMT_A_IPV4ADDR] != NULL) ^
431 (info->attrs[NLBL_MGMT_A_IPV4MASK] != NULL)) ||
432 ((info->attrs[NLBL_MGMT_A_IPV6ADDR] != NULL) ^
433 (info->attrs[NLBL_MGMT_A_IPV6MASK] != NULL)))
436 netlbl_netlink_auditinfo(&audit_info);
438 return netlbl_mgmt_add_common(info, &audit_info);
442 * netlbl_mgmt_remove - Handle a REMOVE message
443 * @skb: the NETLINK buffer
444 * @info: the Generic NETLINK info block
447 * Process a user generated REMOVE message and remove the specified domain
448 * mappings. Returns zero on success, negative values on failure.
451 static int netlbl_mgmt_remove(struct sk_buff *skb, struct genl_info *info)
454 struct netlbl_audit audit_info;
456 if (!info->attrs[NLBL_MGMT_A_DOMAIN])
459 netlbl_netlink_auditinfo(&audit_info);
461 domain = nla_data(info->attrs[NLBL_MGMT_A_DOMAIN]);
462 return netlbl_domhsh_remove(domain, AF_UNSPEC, &audit_info);
466 * netlbl_mgmt_listall_cb - netlbl_domhsh_walk() callback for LISTALL
467 * @entry: the domain mapping hash table entry
468 * @arg: the netlbl_domhsh_walk_arg structure
471 * This function is designed to be used as a callback to the
472 * netlbl_domhsh_walk() function for use in generating a response for a LISTALL
473 * message. Returns the size of the message on success, negative values on
477 static int netlbl_mgmt_listall_cb(struct netlbl_dom_map *entry, void *arg)
479 int ret_val = -ENOMEM;
480 struct netlbl_domhsh_walk_arg *cb_arg = arg;
483 data = genlmsg_put(cb_arg->skb, NETLINK_CB(cb_arg->nl_cb->skb).portid,
484 cb_arg->seq, &netlbl_mgmt_gnl_family,
485 NLM_F_MULTI, NLBL_MGMT_C_LISTALL);
487 goto listall_cb_failure;
489 ret_val = netlbl_mgmt_listentry(cb_arg->skb, entry);
491 goto listall_cb_failure;
494 genlmsg_end(cb_arg->skb, data);
498 genlmsg_cancel(cb_arg->skb, data);
503 * netlbl_mgmt_listall - Handle a LISTALL message
504 * @skb: the NETLINK buffer
505 * @cb: the NETLINK callback
508 * Process a user generated LISTALL message and dumps the domain hash table in
509 * a form suitable for use in a kernel generated LISTALL message. Returns zero
510 * on success, negative values on failure.
513 static int netlbl_mgmt_listall(struct sk_buff *skb,
514 struct netlink_callback *cb)
516 struct netlbl_domhsh_walk_arg cb_arg;
517 u32 skip_bkt = cb->args[0];
518 u32 skip_chain = cb->args[1];
522 cb_arg.seq = cb->nlh->nlmsg_seq;
524 netlbl_domhsh_walk(&skip_bkt,
526 netlbl_mgmt_listall_cb,
529 cb->args[0] = skip_bkt;
530 cb->args[1] = skip_chain;
535 * netlbl_mgmt_adddef - Handle an ADDDEF message
536 * @skb: the NETLINK buffer
537 * @info: the Generic NETLINK info block
540 * Process a user generated ADDDEF message and respond accordingly. Returns
541 * zero on success, negative values on failure.
544 static int netlbl_mgmt_adddef(struct sk_buff *skb, struct genl_info *info)
546 struct netlbl_audit audit_info;
548 if ((!info->attrs[NLBL_MGMT_A_PROTOCOL]) ||
549 (info->attrs[NLBL_MGMT_A_IPV4ADDR] &&
550 info->attrs[NLBL_MGMT_A_IPV6ADDR]) ||
551 (info->attrs[NLBL_MGMT_A_IPV4MASK] &&
552 info->attrs[NLBL_MGMT_A_IPV6MASK]) ||
553 ((info->attrs[NLBL_MGMT_A_IPV4ADDR] != NULL) ^
554 (info->attrs[NLBL_MGMT_A_IPV4MASK] != NULL)) ||
555 ((info->attrs[NLBL_MGMT_A_IPV6ADDR] != NULL) ^
556 (info->attrs[NLBL_MGMT_A_IPV6MASK] != NULL)))
559 netlbl_netlink_auditinfo(&audit_info);
561 return netlbl_mgmt_add_common(info, &audit_info);
565 * netlbl_mgmt_removedef - Handle a REMOVEDEF message
566 * @skb: the NETLINK buffer
567 * @info: the Generic NETLINK info block
570 * Process a user generated REMOVEDEF message and remove the default domain
571 * mapping. Returns zero on success, negative values on failure.
574 static int netlbl_mgmt_removedef(struct sk_buff *skb, struct genl_info *info)
576 struct netlbl_audit audit_info;
578 netlbl_netlink_auditinfo(&audit_info);
580 return netlbl_domhsh_remove_default(AF_UNSPEC, &audit_info);
584 * netlbl_mgmt_listdef - Handle a LISTDEF message
585 * @skb: the NETLINK buffer
586 * @info: the Generic NETLINK info block
589 * Process a user generated LISTDEF message and dumps the default domain
590 * mapping in a form suitable for use in a kernel generated LISTDEF message.
591 * Returns zero on success, negative values on failure.
594 static int netlbl_mgmt_listdef(struct sk_buff *skb, struct genl_info *info)
596 int ret_val = -ENOMEM;
597 struct sk_buff *ans_skb = NULL;
599 struct netlbl_dom_map *entry;
602 family = nla_get_u16_default(info->attrs[NLBL_MGMT_A_FAMILY], AF_INET);
604 ans_skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
607 data = genlmsg_put_reply(ans_skb, info, &netlbl_mgmt_gnl_family,
608 0, NLBL_MGMT_C_LISTDEF);
610 goto listdef_failure;
613 entry = netlbl_domhsh_getentry(NULL, family);
616 goto listdef_failure_lock;
618 ret_val = netlbl_mgmt_listentry(ans_skb, entry);
621 goto listdef_failure;
623 genlmsg_end(ans_skb, data);
624 return genlmsg_reply(ans_skb, info);
626 listdef_failure_lock:
634 * netlbl_mgmt_protocols_cb - Write an individual PROTOCOL message response
635 * @skb: the skb to write to
636 * @cb: the NETLINK callback
637 * @protocol: the NetLabel protocol to use in the message
640 * This function is to be used in conjunction with netlbl_mgmt_protocols() to
641 * answer a application's PROTOCOLS message. Returns the size of the message
642 * on success, negative values on failure.
645 static int netlbl_mgmt_protocols_cb(struct sk_buff *skb,
646 struct netlink_callback *cb,
649 int ret_val = -ENOMEM;
652 data = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
653 &netlbl_mgmt_gnl_family, NLM_F_MULTI,
654 NLBL_MGMT_C_PROTOCOLS);
656 goto protocols_cb_failure;
658 ret_val = nla_put_u32(skb, NLBL_MGMT_A_PROTOCOL, protocol);
660 goto protocols_cb_failure;
662 genlmsg_end(skb, data);
665 protocols_cb_failure:
666 genlmsg_cancel(skb, data);
671 * netlbl_mgmt_protocols - Handle a PROTOCOLS message
672 * @skb: the NETLINK buffer
673 * @cb: the NETLINK callback
676 * Process a user generated PROTOCOLS message and respond accordingly.
679 static int netlbl_mgmt_protocols(struct sk_buff *skb,
680 struct netlink_callback *cb)
682 u32 protos_sent = cb->args[0];
684 if (protos_sent == 0) {
685 if (netlbl_mgmt_protocols_cb(skb,
687 NETLBL_NLTYPE_UNLABELED) < 0)
688 goto protocols_return;
691 if (protos_sent == 1) {
692 if (netlbl_mgmt_protocols_cb(skb,
694 NETLBL_NLTYPE_CIPSOV4) < 0)
695 goto protocols_return;
698 #if IS_ENABLED(CONFIG_IPV6)
699 if (protos_sent == 2) {
700 if (netlbl_mgmt_protocols_cb(skb,
702 NETLBL_NLTYPE_CALIPSO) < 0)
703 goto protocols_return;
709 cb->args[0] = protos_sent;
714 * netlbl_mgmt_version - Handle a VERSION message
715 * @skb: the NETLINK buffer
716 * @info: the Generic NETLINK info block
719 * Process a user generated VERSION message and respond accordingly. Returns
720 * zero on success, negative values on failure.
723 static int netlbl_mgmt_version(struct sk_buff *skb, struct genl_info *info)
725 int ret_val = -ENOMEM;
726 struct sk_buff *ans_skb = NULL;
729 ans_skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
732 data = genlmsg_put_reply(ans_skb, info, &netlbl_mgmt_gnl_family,
733 0, NLBL_MGMT_C_VERSION);
735 goto version_failure;
737 ret_val = nla_put_u32(ans_skb,
739 NETLBL_PROTO_VERSION);
741 goto version_failure;
743 genlmsg_end(ans_skb, data);
744 return genlmsg_reply(ans_skb, info);
753 * NetLabel Generic NETLINK Command Definitions
756 static const struct genl_small_ops netlbl_mgmt_genl_ops[] = {
758 .cmd = NLBL_MGMT_C_ADD,
759 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
760 .flags = GENL_ADMIN_PERM,
761 .doit = netlbl_mgmt_add,
765 .cmd = NLBL_MGMT_C_REMOVE,
766 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
767 .flags = GENL_ADMIN_PERM,
768 .doit = netlbl_mgmt_remove,
772 .cmd = NLBL_MGMT_C_LISTALL,
773 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
776 .dumpit = netlbl_mgmt_listall,
779 .cmd = NLBL_MGMT_C_ADDDEF,
780 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
781 .flags = GENL_ADMIN_PERM,
782 .doit = netlbl_mgmt_adddef,
786 .cmd = NLBL_MGMT_C_REMOVEDEF,
787 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
788 .flags = GENL_ADMIN_PERM,
789 .doit = netlbl_mgmt_removedef,
793 .cmd = NLBL_MGMT_C_LISTDEF,
794 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
796 .doit = netlbl_mgmt_listdef,
800 .cmd = NLBL_MGMT_C_PROTOCOLS,
801 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
804 .dumpit = netlbl_mgmt_protocols,
807 .cmd = NLBL_MGMT_C_VERSION,
808 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
810 .doit = netlbl_mgmt_version,
815 static struct genl_family netlbl_mgmt_gnl_family __ro_after_init = {
817 .name = NETLBL_NLTYPE_MGMT_NAME,
818 .version = NETLBL_PROTO_VERSION,
819 .maxattr = NLBL_MGMT_A_MAX,
820 .policy = netlbl_mgmt_genl_policy,
821 .module = THIS_MODULE,
822 .small_ops = netlbl_mgmt_genl_ops,
823 .n_small_ops = ARRAY_SIZE(netlbl_mgmt_genl_ops),
824 .resv_start_op = NLBL_MGMT_C_VERSION + 1,
828 * NetLabel Generic NETLINK Protocol Functions
832 * netlbl_mgmt_genl_init - Register the NetLabel management component
835 * Register the NetLabel management component with the Generic NETLINK
836 * mechanism. Returns zero on success, negative values on failure.
839 int __init netlbl_mgmt_genl_init(void)
841 return genl_register_family(&netlbl_mgmt_gnl_family);
projects / J-linux.git / blob