linux-vybrid_public/net/netlabel/netlabel_mgmt.h

/*
 * NetLabel Management Support
 *
 * This file defines the management functions for the NetLabel system.  The
 * NetLabel system manages static and dynamic label mappings for network
 * protocols such as CIPSO and RIPSO.
 *
 * Author: Paul Moore <paul.moore@hp.com>
 *
 */

/*
 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
 *
 * This program is free software;  you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY;  without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
 * the GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program;  if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 *
 */

#ifndef _NETLABEL_MGMT_H
#define _NETLABEL_MGMT_H

#include <net/netlabel.h>

/*
 * The following NetLabel payloads are supported by the management interface,
 * all of which are preceeded by the nlmsghdr struct.
 *
 * o ACK:
 *   Sent by the kernel in response to an applications message, applications
 *   should never send this message.
 *
 *   +----------------------+-----------------------+
 *   | seq number (32 bits) | return code (32 bits) |
 *   +----------------------+-----------------------+
 *
 *     seq number:  the sequence number of the original message, taken from the
 *                  nlmsghdr structure
 *     return code: return value, based on errno values
 *
 * o ADD:
 *   Sent by an application to add a domain mapping to the NetLabel system.
 *   The kernel should respond with an ACK.
 *
 *   +-------------------+
 *   | domains (32 bits) | ...
 *   +-------------------+
 *
 *     domains: the number of domains in the message
 *
 *   +--------------------------+-------------------------+
 *   | domain string (variable) | protocol type (32 bits) | ...
 *   +--------------------------+-------------------------+
 *
 *   +-------------- ---- --- -- -
 *   | mapping data                ... repeated
 *   +-------------- ---- --- -- -
 *
 *     domain string: the domain string, NULL terminated
 *     protocol type: the protocol type (defined by NETLBL_NLTYPE_*)
 *     mapping data:  specific to the map type (see below)
 *
 *   NETLBL_NLTYPE_UNLABELED
 *
 *     No mapping data for this protocol type.
 *
 *   NETLBL_NLTYPE_CIPSOV4
 *
 *   +---------------+
 *   | doi (32 bits) |
 *   +---------------+
 *
 *     doi:  the CIPSO DOI value
 *
 * o REMOVE:
 *   Sent by an application to remove a domain mapping from the NetLabel
 *   system.  The kernel should ACK this message.
 *
 *   +-------------------+
 *   | domains (32 bits) | ...
 *   +-------------------+
 *
 *     domains: the number of domains in the message
 *
 *   +--------------------------+
 *   | domain string (variable) | ...
 *   +--------------------------+
 *
 *     domain string: the domain string, NULL terminated
 *
 * o LIST:
 *   This message can be sent either from an application or by the kernel in
 *   response to an application generated LIST message.  When sent by an
 *   application there is no payload.  The kernel should respond to a LIST
 *   message either with a LIST message on success or an ACK message on
 *   failure.
 *
 *   +-------------------+
 *   | domains (32 bits) | ...
 *   +-------------------+
 *
 *     domains: the number of domains in the message
 *
 *   +--------------------------+
 *   | domain string (variable) | ...
 *   +--------------------------+
 *
 *   +-------------------------+-------------- ---- --- -- -
 *   | protocol type (32 bits) | mapping data                ... repeated
 *   +-------------------------+-------------- ---- --- -- -
 *
 *     domain string: the domain string, NULL terminated
 *     protocol type: the protocol type (defined by NETLBL_NLTYPE_*)
 *     mapping data:  specific to the map type (see below)
 *
 *   NETLBL_NLTYPE_UNLABELED
 *
 *     No mapping data for this protocol type.
 *
 *   NETLBL_NLTYPE_CIPSOV4
 *
 *   +----------------+---------------+
 *   | type (32 bits) | doi (32 bits) |
 *   +----------------+---------------+
 *
 *     type: the CIPSO mapping table type (defined in the cipso_ipv4.h header
 *           as CIPSO_V4_MAP_*)
 *     doi:  the CIPSO DOI value
 *
 * o ADDDEF:
 *   Sent by an application to set the default domain mapping for the NetLabel
 *   system.  The kernel should respond with an ACK.
 *
 *   +-------------------------+-------------- ---- --- -- -
 *   | protocol type (32 bits) | mapping data                ... repeated
 *   +-------------------------+-------------- ---- --- -- -
 *
 *     protocol type: the protocol type (defined by NETLBL_NLTYPE_*)
 *     mapping data:  specific to the map type (see below)
 *
 *   NETLBL_NLTYPE_UNLABELED
 *
 *     No mapping data for this protocol type.
 *
 *   NETLBL_NLTYPE_CIPSOV4
 *
 *   +---------------+
 *   | doi (32 bits) |
 *   +---------------+
 *
 *     doi:  the CIPSO DOI value
 *
 * o REMOVEDEF:
 *   Sent by an application to remove the default domain mapping from the
 *   NetLabel system, there is no payload.  The kernel should ACK this message.
 *
 * o LISTDEF:
 *   This message can be sent either from an application or by the kernel in
 *   response to an application generated LISTDEF message.  When sent by an
 *   application there is no payload.  The kernel should respond to a
 *   LISTDEF message either with a LISTDEF message on success or an ACK message
 *   on failure.
 *
 *   +-------------------------+-------------- ---- --- -- -
 *   | protocol type (32 bits) | mapping data                ... repeated
 *   +-------------------------+-------------- ---- --- -- -
 *
 *     protocol type: the protocol type (defined by NETLBL_NLTYPE_*)
 *     mapping data:  specific to the map type (see below)
 *
 *   NETLBL_NLTYPE_UNLABELED
 *
 *     No mapping data for this protocol type.
 *
 *   NETLBL_NLTYPE_CIPSOV4
 *
 *   +----------------+---------------+
 *   | type (32 bits) | doi (32 bits) |
 *   +----------------+---------------+
 *
 *     type: the CIPSO mapping table type (defined in the cipso_ipv4.h header
 *           as CIPSO_V4_MAP_*)
 *     doi:  the CIPSO DOI value
 *
 * o MODULES:
 *   Sent by an application to request a list of configured NetLabel modules
 *   in the kernel.  When sent by an application there is no payload.
 *
 *   +-------------------+
 *   | modules (32 bits) | ...
 *   +-------------------+
 *
 *     modules: the number of modules in the message, if this is an application
 *              generated message and the value is zero then return a list of
 *              the configured modules
 *
 *   +------------------+
 *   | module (32 bits) | ... repeated
 *   +------------------+
 *
 *     module: the module number as defined by NETLBL_NLTYPE_*
 *
 * o VERSION:
 *   Sent by an application to request the NetLabel version string.  When sent
 *   by an application there is no payload.  This message type is also used by
 *   the kernel to respond to an VERSION request.
 *
 *   +-------------------+
 *   | version (32 bits) |
 *   +-------------------+
 *
 *     version: the protocol version number
 *
 */

/* NetLabel Management commands */
enum {
	NLBL_MGMT_C_UNSPEC,
	NLBL_MGMT_C_ACK,
	NLBL_MGMT_C_ADD,
	NLBL_MGMT_C_REMOVE,
	NLBL_MGMT_C_LIST,
	NLBL_MGMT_C_ADDDEF,
	NLBL_MGMT_C_REMOVEDEF,
	NLBL_MGMT_C_LISTDEF,
	NLBL_MGMT_C_MODULES,
	NLBL_MGMT_C_VERSION,
	__NLBL_MGMT_C_MAX,
};
#define NLBL_MGMT_C_MAX (__NLBL_MGMT_C_MAX - 1)

/* NetLabel protocol functions */
int netlbl_mgmt_genl_init(void);

#endif