__ __ __ __ _____ _ _ _____ _ _ _ | \/ | \ \ / / | __ \ (_) | | / ____| | | | | | \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | | | |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | | | | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | | |_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1 if you need WebShell for Seo everyday contact me on Telegram Telegram Address : @jackleetFor_More_Tools:
/* SPDX-License-Identifier: GPL-2.0-or-later */
/*
* CIPSO - Commercial IP Security Option
*
* This is an implementation of the CIPSO 2.2 protocol as specified in
* draft-ietf-cipso-ipsecurity-01.txt with additional tag types as found in
* FIPS-188, copies of both documents can be found in the Documentation
* directory. While CIPSO never became a full IETF RFC standard many vendors
* have chosen to adopt the protocol and over the years it has become a
* de-facto standard for labeled networking.
*
* Author: Paul Moore <paul@paul-moore.com>
*/
/*
* (c) Copyright Hewlett-Packard Development Company, L.P., 2006
*/
#ifndef _CIPSO_IPV4_H
#define _CIPSO_IPV4_H
#include <linux/types.h>
#include <linux/rcupdate.h>
#include <linux/list.h>
#include <linux/net.h>
#include <linux/skbuff.h>
#include <net/netlabel.h>
#include <net/request_sock.h>
#include <linux/atomic.h>
#include <linux/refcount.h>
#include <asm/unaligned.h>
/* known doi values */
#define CIPSO_V4_DOI_UNKNOWN 0x00000000
/* standard tag types */
#define CIPSO_V4_TAG_INVALID 0
#define CIPSO_V4_TAG_RBITMAP 1
#define CIPSO_V4_TAG_ENUM 2
#define CIPSO_V4_TAG_RANGE 5
#define CIPSO_V4_TAG_PBITMAP 6
#define CIPSO_V4_TAG_FREEFORM 7
/* non-standard tag types (tags > 127) */
#define CIPSO_V4_TAG_LOCAL 128
/* doi mapping types */
#define CIPSO_V4_MAP_UNKNOWN 0
#define CIPSO_V4_MAP_TRANS 1
#define CIPSO_V4_MAP_PASS 2
#define CIPSO_V4_MAP_LOCAL 3
/* limits */
#define CIPSO_V4_MAX_REM_LVLS 255
#define CIPSO_V4_INV_LVL 0x80000000
#define CIPSO_V4_MAX_LOC_LVLS (CIPSO_V4_INV_LVL - 1)
#define CIPSO_V4_MAX_REM_CATS 65534
#define CIPSO_V4_INV_CAT 0x80000000
#define CIPSO_V4_MAX_LOC_CATS (CIPSO_V4_INV_CAT - 1)
/*
* CIPSO DOI definitions
*/
/* DOI definition struct */
#define CIPSO_V4_TAG_MAXCNT 5
struct cipso_v4_doi {
u32 doi;
u32 type;
union {
struct cipso_v4_std_map_tbl *std;
} map;
u8 tags[CIPSO_V4_TAG_MAXCNT];
refcount_t refcount;
struct list_head list;
struct rcu_head rcu;
};
/* Standard CIPSO mapping table */
/* NOTE: the highest order bit (i.e. 0x80000000) is an 'invalid' flag, if the
* bit is set then consider that value as unspecified, meaning the
* mapping for that particular level/category is invalid */
struct cipso_v4_std_map_tbl {
struct {
u32 *cipso;
u32 *local;
u32 cipso_size;
u32 local_size;
} lvl;
struct {
u32 *cipso;
u32 *local;
u32 cipso_size;
u32 local_size;
} cat;
};
/*
* Sysctl Variables
*/
#ifdef CONFIG_NETLABEL
extern int cipso_v4_cache_enabled;
extern int cipso_v4_cache_bucketsize;
extern int cipso_v4_rbm_optfmt;
extern int cipso_v4_rbm_strictvalid;
#endif
/*
* DOI List Functions
*/
#ifdef CONFIG_NETLABEL
int cipso_v4_doi_add(struct cipso_v4_doi *doi_def,
struct netlbl_audit *audit_info);
void cipso_v4_doi_free(struct cipso_v4_doi *doi_def);
int cipso_v4_doi_remove(u32 doi, struct netlbl_audit *audit_info);
struct cipso_v4_doi *cipso_v4_doi_getdef(u32 doi);
void cipso_v4_doi_putdef(struct cipso_v4_doi *doi_def);
int cipso_v4_doi_walk(u32 *skip_cnt,
int (*callback) (struct cipso_v4_doi *doi_def, void *arg),
void *cb_arg);
#else
static inline int cipso_v4_doi_add(struct cipso_v4_doi *doi_def,
struct netlbl_audit *audit_info)
{
return -ENOSYS;
}
static inline void cipso_v4_doi_free(struct cipso_v4_doi *doi_def)
{
return;
}
static inline int cipso_v4_doi_remove(u32 doi,
struct netlbl_audit *audit_info)
{
return 0;
}
static inline struct cipso_v4_doi *cipso_v4_doi_getdef(u32 doi)
{
return NULL;
}
static inline int cipso_v4_doi_walk(u32 *skip_cnt,
int (*callback) (struct cipso_v4_doi *doi_def, void *arg),
void *cb_arg)
{
return 0;
}
#endif /* CONFIG_NETLABEL */
/*
* Label Mapping Cache Functions
*/
#ifdef CONFIG_NETLABEL
void cipso_v4_cache_invalidate(void);
int cipso_v4_cache_add(const unsigned char *cipso_ptr,
const struct netlbl_lsm_secattr *secattr);
#else
static inline void cipso_v4_cache_invalidate(void)
{
return;
}
static inline int cipso_v4_cache_add(const unsigned char *cipso_ptr,
const struct netlbl_lsm_secattr *secattr)
{
return 0;
}
#endif /* CONFIG_NETLABEL */
/*
* Protocol Handling Functions
*/
#ifdef CONFIG_NETLABEL
void cipso_v4_error(struct sk_buff *skb, int error, u32 gateway);
int cipso_v4_getattr(const unsigned char *cipso,
struct netlbl_lsm_secattr *secattr);
int cipso_v4_sock_setattr(struct sock *sk,
const struct cipso_v4_doi *doi_def,
const struct netlbl_lsm_secattr *secattr,
bool sk_locked);
void cipso_v4_sock_delattr(struct sock *sk);
int cipso_v4_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr);
int cipso_v4_req_setattr(struct request_sock *req,
const struct cipso_v4_doi *doi_def,
const struct netlbl_lsm_secattr *secattr);
void cipso_v4_req_delattr(struct request_sock *req);
int cipso_v4_skbuff_setattr(struct sk_buff *skb,
const struct cipso_v4_doi *doi_def,
const struct netlbl_lsm_secattr *secattr);
int cipso_v4_skbuff_delattr(struct sk_buff *skb);
int cipso_v4_skbuff_getattr(const struct sk_buff *skb,
struct netlbl_lsm_secattr *secattr);
unsigned char *cipso_v4_optptr(const struct sk_buff *skb);
int cipso_v4_validate(const struct sk_buff *skb, unsigned char **option);
#else
static inline void cipso_v4_error(struct sk_buff *skb,
int error,
u32 gateway)
{
return;
}
static inline int cipso_v4_getattr(const unsigned char *cipso,
struct netlbl_lsm_secattr *secattr)
{
return -ENOSYS;
}
static inline int cipso_v4_sock_setattr(struct sock *sk,
const struct cipso_v4_doi *doi_def,
const struct netlbl_lsm_secattr *secattr,
bool sk_locked)
{
return -ENOSYS;
}
static inline void cipso_v4_sock_delattr(struct sock *sk)
{
}
static inline int cipso_v4_sock_getattr(struct sock *sk,
struct netlbl_lsm_secattr *secattr)
{
return -ENOSYS;
}
static inline int cipso_v4_req_setattr(struct request_sock *req,
const struct cipso_v4_doi *doi_def,
const struct netlbl_lsm_secattr *secattr)
{
return -ENOSYS;
}
static inline void cipso_v4_req_delattr(struct request_sock *req)
{
return;
}
static inline int cipso_v4_skbuff_setattr(struct sk_buff *skb,
const struct cipso_v4_doi *doi_def,
const struct netlbl_lsm_secattr *secattr)
{
return -ENOSYS;
}
static inline int cipso_v4_skbuff_delattr(struct sk_buff *skb)
{
return -ENOSYS;
}
static inline int cipso_v4_skbuff_getattr(const struct sk_buff *skb,
struct netlbl_lsm_secattr *secattr)
{
return -ENOSYS;
}
static inline unsigned char *cipso_v4_optptr(const struct sk_buff *skb)
{
return NULL;
}
static inline int cipso_v4_validate(const struct sk_buff *skb,
unsigned char **option)
{
unsigned char *opt = *option;
unsigned char err_offset = 0;
u8 opt_len = opt[1];
u8 opt_iter;
u8 tag_len;
if (opt_len < 8) {
err_offset = 1;
goto out;
}
if (get_unaligned_be32(&opt[2]) == 0) {
err_offset = 2;
goto out;
}
for (opt_iter = 6; opt_iter < opt_len;) {
if (opt_iter + 1 == opt_len) {
err_offset = opt_iter;
goto out;
}
tag_len = opt[opt_iter + 1];
if ((tag_len == 0) || (tag_len > (opt_len - opt_iter))) {
err_offset = opt_iter + 1;
goto out;
}
opt_iter += tag_len;
}
out:
*option = opt + err_offset;
return err_offset;
}
#endif /* CONFIG_NETLABEL */
#endif /* _CIPSO_IPV4_H */
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| 9p | Folder | 0755 |
|
|
| bluetooth | Folder | 0755 |
|
|
| caif | Folder | 0755 |
|
|
| iucv | Folder | 0755 |
|
|
| libeth | Folder | 0755 |
|
|
| mana | Folder | 0755 |
|
|
| netfilter | Folder | 0755 |
|
|
| netns | Folder | 0755 |
|
|
| nfc | Folder | 0755 |
|
|
| page_pool | Folder | 0755 |
|
|
| phonet | Folder | 0755 |
|
|
| sctp | Folder | 0755 |
|
|
| tc_act | Folder | 0755 |
|
|
| 6lowpan.h | File | 10.03 KB | 0644 |
|
| Space.h | File | 1.07 KB | 0644 |
|
| act_api.h | File | 9.31 KB | 0644 |
|
| addrconf.h | File | 14.26 KB | 0644 |
|
| af_ieee802154.h | File | 1.19 KB | 0644 |
|
| af_rxrpc.h | File | 3.35 KB | 0644 |
|
| af_unix.h | File | 3.3 KB | 0644 |
|
| af_vsock.h | File | 8.22 KB | 0644 |
|
| ah.h | File | 382 B | 0644 |
|
| arp.h | File | 2.09 KB | 0644 |
|
| atmclip.h | File | 1.48 KB | 0644 |
|
| ax25.h | File | 14.87 KB | 0644 |
|
| ax88796.h | File | 1.33 KB | 0644 |
|
| bareudp.h | File | 333 B | 0644 |
|
| bond_3ad.h | File | 9.4 KB | 0644 |
|
| bond_alb.h | File | 6.1 KB | 0644 |
|
| bond_options.h | File | 4.81 KB | 0644 |
|
| bonding.h | File | 20.88 KB | 0644 |
|
| bpf_sk_storage.h | File | 1.74 KB | 0644 |
|
| busy_poll.h | File | 3.83 KB | 0644 |
|
| calipso.h | File | 1.55 KB | 0644 |
|
| cfg80211-wext.h | File | 1.86 KB | 0644 |
|
| cfg80211.h | File | 346.54 KB | 0644 |
|
| cfg802154.h | File | 10.6 KB | 0644 |
|
| checksum.h | File | 4.67 KB | 0644 |
|
| cipso_ipv4.h | File | 7.42 KB | 0644 |
|
| cls_cgroup.h | File | 2.04 KB | 0644 |
|
| codel.h | File | 5.86 KB | 0644 |
|
| codel_impl.h | File | 8.3 KB | 0644 |
|
| codel_qdisc.h | File | 2.95 KB | 0644 |
|
| compat.h | File | 2.18 KB | 0644 |
|
| datalink.h | File | 716 B | 0644 |
|
| dcbevent.h | File | 766 B | 0644 |
|
| dcbnl.h | File | 4.42 KB | 0644 |
|
| devlink.h | File | 73.76 KB | 0644 |
|
| dn.h | File | 6.88 KB | 0644 |
|
| dn_dev.h | File | 5.39 KB | 0644 |
|
| dn_fib.h | File | 4.04 KB | 0644 |
|
| dn_neigh.h | File | 996 B | 0644 |
|
| dn_nsp.h | File | 5.5 KB | 0644 |
|
| dn_route.h | File | 4.01 KB | 0644 |
|
| dropreason-core.h | File | 17.92 KB | 0644 |
|
| dropreason.h | File | 1.18 KB | 0644 |
|
| dsa.h | File | 33.46 KB | 0644 |
|
| dsa_stubs.h | File | 1.3 KB | 0644 |
|
| dsfield.h | File | 1.12 KB | 0644 |
|
| dst.h | File | 15.12 KB | 0644 |
|
| dst_cache.h | File | 2.96 KB | 0644 |
|
| dst_metadata.h | File | 6.42 KB | 0644 |
|
| dst_ops.h | File | 2.26 KB | 0644 |
|
| eee.h | File | 862 B | 0644 |
|
| erspan.h | File | 9.04 KB | 0644 |
|
| esp.h | File | 1.18 KB | 0644 |
|
| espintcp.h | File | 966 B | 0644 |
|
| ethoc.h | File | 439 B | 0644 |
|
| failover.h | File | 1.18 KB | 0644 |
|
| fib_notifier.h | File | 1.35 KB | 0644 |
|
| fib_rules.h | File | 6.57 KB | 0644 |
|
| firewire.h | File | 662 B | 0644 |
|
| flow.h | File | 5.91 KB | 0644 |
|
| flow_dissector.h | File | 12.65 KB | 0644 |
|
| flow_offload.h | File | 20.18 KB | 0644 |
|
| fou.h | File | 549 B | 0644 |
|
| fq.h | File | 2.55 KB | 0644 |
|
| fq_impl.h | File | 7.98 KB | 0644 |
|
| garp.h | File | 2.67 KB | 0644 |
|
| gen_stats.h | File | 2.99 KB | 0644 |
|
| genetlink.h | File | 20.88 KB | 0644 |
|
| geneve.h | File | 1.85 KB | 0644 |
|
| gre.h | File | 3.79 KB | 0644 |
|
| gro.h | File | 11.65 KB | 0644 |
|
| gro_cells.h | File | 443 B | 0644 |
|
| gso.h | File | 3.2 KB | 0644 |
|
| gtp.h | File | 1.46 KB | 0644 |
|
| gue.h | File | 3.29 KB | 0644 |
|
| handshake.h | File | 1.39 KB | 0644 |
|
| hwbm.h | File | 995 B | 0644 |
|
| icmp.h | File | 1.87 KB | 0644 |
|
| ieee80211_radiotap.h | File | 23.25 KB | 0644 |
|
| ieee802154_netdev.h | File | 8.75 KB | 0644 |
|
| if_inet6.h | File | 6.55 KB | 0644 |
|
| ife.h | File | 1.03 KB | 0644 |
|
| ila.h | File | 308 B | 0644 |
|
| inet6_connection_sock.h | File | 794 B | 0644 |
|
| inet6_hashtables.h | File | 3.6 KB | 0644 |
|
| inet_common.h | File | 2.9 KB | 0644 |
|
| inet_connection_sock.h | File | 11.03 KB | 0644 |
|
| inet_dscp.h | File | 1.55 KB | 0644 |
|
| inet_ecn.h | File | 7.83 KB | 0644 |
|
| inet_frag.h | File | 5.26 KB | 0644 |
|
| inet_hashtables.h | File | 12.28 KB | 0644 |
|
| inet_sock.h | File | 9.3 KB | 0644 |
|
| inet_timewait_sock.h | File | 3.56 KB | 0644 |
|
| inetpeer.h | File | 3.29 KB | 0644 |
|
| ip.h | File | 22.1 KB | 0644 |
|
| ip6_checksum.h | File | 2.47 KB | 0644 |
|
| ip6_fib.h | File | 15.82 KB | 0644 |
|
| ip6_route.h | File | 10.27 KB | 0644 |
|
| ip6_tunnel.h | File | 5.04 KB | 0644 |
|
| ip_fib.h | File | 17.27 KB | 0644 |
|
| ip_tunnels.h | File | 18.36 KB | 0644 |
|
| ip_vs.h | File | 49.62 KB | 0644 |
|
| ipcomp.h | File | 737 B | 0644 |
|
| ipconfig.h | File | 837 B | 0644 |
|
| ipv6.h | File | 37.44 KB | 0644 |
|
| ipv6_frag.h | File | 3.36 KB | 0644 |
|
| ipv6_stubs.h | File | 3.45 KB | 0644 |
|
| ipx.h | File | 4.28 KB | 0644 |
|
| iw_handler.h | File | 18.97 KB | 0644 |
|
| kcm.h | File | 4.82 KB | 0644 |
|
| l3mdev.h | File | 7.76 KB | 0644 |
|
| lag.h | File | 409 B | 0644 |
|
| lapb.h | File | 4.81 KB | 0644 |
|
| llc.h | File | 4.38 KB | 0644 |
|
| llc_c_ac.h | File | 9.39 KB | 0644 |
|
| llc_c_ev.h | File | 10.68 KB | 0644 |
|
| llc_c_st.h | File | 1.77 KB | 0644 |
|
| llc_conn.h | File | 4.09 KB | 0644 |
|
| llc_if.h | File | 2.16 KB | 0644 |
|
| llc_pdu.h | File | 14.35 KB | 0644 |
|
| llc_s_ac.h | File | 1.59 KB | 0644 |
|
| llc_s_ev.h | File | 2.22 KB | 0644 |
|
| llc_s_st.h | File | 1.03 KB | 0644 |
|
| llc_sap.h | File | 1.08 KB | 0644 |
|
| lwtunnel.h | File | 6.75 KB | 0644 |
|
| mac80211.h | File | 305.5 KB | 0644 |
|
| mac802154.h | File | 14.88 KB | 0644 |
|
| macsec.h | File | 10.25 KB | 0644 |
|
| mip6.h | File | 1016 B | 0644 |
|
| mld.h | File | 2.85 KB | 0644 |
|
| mpls.h | File | 943 B | 0644 |
|
| mpls_iptunnel.h | File | 481 B | 0644 |
|
| mptcp.h | File | 7.35 KB | 0644 |
|
| mrp.h | File | 3.11 KB | 0644 |
|
| ncsi.h | File | 1.94 KB | 0644 |
|
| ndisc.h | File | 15.05 KB | 0644 |
|
| neighbour.h | File | 16.54 KB | 0644 |
|
| net_debug.h | File | 5.07 KB | 0644 |
|
| net_failover.h | File | 1023 B | 0644 |
|
| net_namespace.h | File | 13.8 KB | 0644 |
|
| net_ratelimit.h | File | 220 B | 0644 |
|
| net_shaper.h | File | 3.49 KB | 0644 |
|
| net_trackers.h | File | 424 B | 0644 |
|
| netdev_queues.h | File | 10.02 KB | 0644 |
|
| netdev_rx_queue.h | File | 1.5 KB | 0644 |
|
| netevent.h | File | 1.04 KB | 0644 |
|
| netlabel.h | File | 20.3 KB | 0644 |
|
| netlink.h | File | 72.72 KB | 0644 |
|
| netprio_cgroup.h | File | 1.02 KB | 0644 |
|
| netrom.h | File | 7.73 KB | 0644 |
|
| nexthop.h | File | 13.16 KB | 0644 |
|
| nl802154.h | File | 12 KB | 0644 |
|
| nsh.h | File | 12.31 KB | 0644 |
|
| p8022.h | File | 504 B | 0644 |
|
| pie.h | File | 3.6 KB | 0644 |
|
| ping.h | File | 2.8 KB | 0644 |
|
| pkt_cls.h | File | 25.99 KB | 0644 |
|
| pkt_sched.h | File | 7.4 KB | 0644 |
|
| pptp.h | File | 604 B | 0644 |
|
| protocol.h | File | 3.81 KB | 0644 |
|
| psample.h | File | 1.22 KB | 0644 |
|
| psnap.h | File | 430 B | 0644 |
|
| raw.h | File | 2.48 KB | 0644 |
|
| rawv6.h | File | 856 B | 0644 |
|
| red.h | File | 11.39 KB | 0644 |
|
| regulatory.h | File | 9.88 KB | 0644 |
|
| request_sock.h | File | 6.53 KB | 0644 |
|
| rose.h | File | 7.64 KB | 0644 |
|
| route.h | File | 11.17 KB | 0644 |
|
| rpl.h | File | 839 B | 0644 |
|
| rps.h | File | 3.41 KB | 0644 |
|
| rsi_91x.h | File | 1.67 KB | 0644 |
|
| rstreason.h | File | 6.02 KB | 0644 |
|
| rtnetlink.h | File | 7.82 KB | 0644 |
|
| rtnh.h | File | 859 B | 0644 |
|
| sch_generic.h | File | 34.42 KB | 0644 |
|
| scm.h | File | 3.54 KB | 0644 |
|
| secure_seq.h | File | 868 B | 0644 |
|
| seg6.h | File | 2.43 KB | 0644 |
|
| seg6_hmac.h | File | 1.7 KB | 0644 |
|
| seg6_local.h | File | 644 B | 0644 |
|
| selftests.h | File | 582 B | 0644 |
|
| slhc_vj.h | File | 6.67 KB | 0644 |
|
| smc.h | File | 2.41 KB | 0644 |
|
| snmp.h | File | 5.14 KB | 0644 |
|
| sock.h | File | 84.92 KB | 0644 |
|
| sock_reuseport.h | File | 1.83 KB | 0644 |
|
| stp.h | File | 412 B | 0644 |
|
| strparser.h | File | 4.25 KB | 0644 |
|
| switchdev.h | File | 15.1 KB | 0644 |
|
| tc_wrapper.h | File | 6.29 KB | 0644 |
|
| tcp.h | File | 76.22 KB | 0644 |
|
| tcp_states.h | File | 1.3 KB | 0644 |
|
| tcx.h | File | 4.3 KB | 0644 |
|
| timewait_sock.h | File | 925 B | 0644 |
|
| tipc.h | File | 2.35 KB | 0644 |
|
| tls.h | File | 13.82 KB | 0644 |
|
| tls_prot.h | File | 1.84 KB | 0644 |
|
| tls_toe.h | File | 2.94 KB | 0644 |
|
| transp_v6.h | File | 1.95 KB | 0644 |
|
| tso.h | File | 566 B | 0644 |
|
| tun_proto.h | File | 1015 B | 0644 |
|
| udp.h | File | 15.73 KB | 0644 |
|
| udp_tunnel.h | File | 12.67 KB | 0644 |
|
| udplite.h | File | 2.38 KB | 0644 |
|
| vsock_addr.h | File | 662 B | 0644 |
|
| vxlan.h | File | 15.75 KB | 0644 |
|
| wext.h | File | 1.47 KB | 0644 |
|
| x25.h | File | 9.49 KB | 0644 |
|
| x25device.h | File | 387 B | 0644 |
|
| xdp.h | File | 14.43 KB | 0644 |
|
| xdp_priv.h | File | 427 B | 0644 |
|
| xdp_sock.h | File | 6.39 KB | 0644 |
|
| xdp_sock_drv.h | File | 9.01 KB | 0644 |
|
| xfrm.h | File | 57.78 KB | 0644 |
|
| xsk_buff_pool.h | File | 6.91 KB | 0644 |
|