netfilter: nf_tables: avoid global info storage
[linux/fpc-iii.git] / include / net / calipso.h
blob5f95b11a04bff7f9a65f18299b4e63647625c88a
1 /*
2 * CALIPSO - Common Architecture Label IPv6 Security Option
4 * This is an implementation of the CALIPSO protocol as specified in
5 * RFC 5570.
7 * Authors: Paul Moore <paul@paul-moore.com>
8 * Huw Davies <huw@codeweavers.com>
13 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
14 * (c) Copyright Huw Davies <huw@codeweavers.com>, 2015
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
21 * This program is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
24 * the GNU General Public License for more details.
26 * You should have received a copy of the GNU General Public License
27 * along with this program; if not, see <http://www.gnu.org/licenses/>.
31 #ifndef _CALIPSO_H
32 #define _CALIPSO_H
34 #include <linux/types.h>
35 #include <linux/rcupdate.h>
36 #include <linux/list.h>
37 #include <linux/net.h>
38 #include <linux/skbuff.h>
39 #include <net/netlabel.h>
40 #include <net/request_sock.h>
41 #include <linux/refcount.h>
42 #include <asm/unaligned.h>
44 /* known doi values */
45 #define CALIPSO_DOI_UNKNOWN 0x00000000
47 /* doi mapping types */
48 #define CALIPSO_MAP_UNKNOWN 0
49 #define CALIPSO_MAP_PASS 2
52 * CALIPSO DOI definitions
55 /* DOI definition struct */
56 struct calipso_doi {
57 u32 doi;
58 u32 type;
60 refcount_t refcount;
61 struct list_head list;
62 struct rcu_head rcu;
66 * Sysctl Variables
68 extern int calipso_cache_enabled;
69 extern int calipso_cache_bucketsize;
71 #ifdef CONFIG_NETLABEL
72 int __init calipso_init(void);
73 void calipso_exit(void);
74 bool calipso_validate(const struct sk_buff *skb, const unsigned char *option);
75 #else
76 static inline int __init calipso_init(void)
78 return 0;
81 static inline void calipso_exit(void)
84 static inline bool calipso_validate(const struct sk_buff *skb,
85 const unsigned char *option)
87 return true;
89 #endif /* CONFIG_NETLABEL */
91 #endif /* _CALIPSO_H */