cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

netlabel_user.c (2625B)

      1// SPDX-License-Identifier: GPL-2.0-or-later
      2/*
      3 * NetLabel NETLINK Interface
      4 *
      5 * This file defines the NETLINK interface for the NetLabel system.  The
      6 * NetLabel system manages static and dynamic label mappings for network
      7 * protocols such as CIPSO and RIPSO.
      8 *
      9 * Author: Paul Moore <paul@paul-moore.com>
     10 */
     11
     12/*
     13 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
     14 */
     15
     16#include <linux/init.h>
     17#include <linux/types.h>
     18#include <linux/list.h>
     19#include <linux/socket.h>
     20#include <linux/audit.h>
     21#include <linux/tty.h>
     22#include <linux/security.h>
     23#include <linux/gfp.h>
     24#include <net/sock.h>
     25#include <net/netlink.h>
     26#include <net/genetlink.h>
     27#include <net/netlabel.h>
     28#include <asm/bug.h>
     29
     30#include "netlabel_mgmt.h"
     31#include "netlabel_unlabeled.h"
     32#include "netlabel_cipso_v4.h"
     33#include "netlabel_calipso.h"
     34#include "netlabel_user.h"
     35
     36/*
     37 * NetLabel NETLINK Setup Functions
     38 */
     39
     40/**
     41 * netlbl_netlink_init - Initialize the NETLINK communication channel
     42 *
     43 * Description:
     44 * Call out to the NetLabel components so they can register their families and
     45 * commands with the Generic NETLINK mechanism.  Returns zero on success and
     46 * non-zero on failure.
     47 *
     48 */
     49int __init netlbl_netlink_init(void)
     50{
     51	int ret_val;
     52
     53	ret_val = netlbl_mgmt_genl_init();
     54	if (ret_val != 0)
     55		return ret_val;
     56
     57	ret_val = netlbl_cipsov4_genl_init();
     58	if (ret_val != 0)
     59		return ret_val;
     60
     61	ret_val = netlbl_calipso_genl_init();
     62	if (ret_val != 0)
     63		return ret_val;
     64
     65	return netlbl_unlabel_genl_init();
     66}
     67
     68/*
     69 * NetLabel Audit Functions
     70 */
     71
     72/**
     73 * netlbl_audit_start_common - Start an audit message
     74 * @type: audit message type
     75 * @audit_info: NetLabel audit information
     76 *
     77 * Description:
     78 * Start an audit message using the type specified in @type and fill the audit
     79 * message with some fields common to all NetLabel audit messages.  Returns
     80 * a pointer to the audit buffer on success, NULL on failure.
     81 *
     82 */
     83struct audit_buffer *netlbl_audit_start_common(int type,
     84					       struct netlbl_audit *audit_info)
     85{
     86	struct audit_buffer *audit_buf;
     87	char *secctx;
     88	u32 secctx_len;
     89
     90	if (audit_enabled == AUDIT_OFF)
     91		return NULL;
     92
     93	audit_buf = audit_log_start(audit_context(), GFP_ATOMIC, type);
     94	if (audit_buf == NULL)
     95		return NULL;
     96
     97	audit_log_format(audit_buf, "netlabel: auid=%u ses=%u",
     98			 from_kuid(&init_user_ns, audit_info->loginuid),
     99			 audit_info->sessionid);
    100
    101	if (audit_info->secid != 0 &&
    102	    security_secid_to_secctx(audit_info->secid,
    103				     &secctx,
    104				     &secctx_len) == 0) {
    105		audit_log_format(audit_buf, " subj=%s", secctx);
    106		security_release_secctx(secctx, secctx_len);
    107	}
    108
    109	return audit_buf;
    110}