1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * NetLabel NETLINK Interface
4 *
5 * This file defines the NETLINK interface for the NetLabel system. The
6 * NetLabel system manages static and dynamic label mappings for network
7 * protocols such as CIPSO and RIPSO.
8 *
9 * Author: Paul Moore <paul@paul-moore.com>
10 */
11
12/*
13 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
14 */
15
16#include <linux/init.h>
17#include <linux/types.h>
18#include <linux/list.h>
19#include <linux/socket.h>
20#include <linux/audit.h>
21#include <linux/tty.h>
22#include <linux/security.h>
23#include <linux/gfp.h>
24#include <net/sock.h>
25#include <net/netlink.h>
26#include <net/genetlink.h>
27#include <net/netlabel.h>
28#include <asm/bug.h>
29
30#include "netlabel_mgmt.h"
31#include "netlabel_unlabeled.h"
32#include "netlabel_cipso_v4.h"
33#include "netlabel_calipso.h"
34#include "netlabel_user.h"
35
36/*
37 * NetLabel NETLINK Setup Functions
38 */
39
40/**
41 * netlbl_netlink_init - Initialize the NETLINK communication channel
42 *
43 * Description:
44 * Call out to the NetLabel components so they can register their families and
45 * commands with the Generic NETLINK mechanism. Returns zero on success and
46 * non-zero on failure.
47 *
48 */
49int __init netlbl_netlink_init(void)
50{
51 int ret_val;
52
53 ret_val = netlbl_mgmt_genl_init();
54 if (ret_val != 0)
55 return ret_val;
56
57 ret_val = netlbl_cipsov4_genl_init();
58 if (ret_val != 0)
59 return ret_val;
60
61 ret_val = netlbl_calipso_genl_init();
62 if (ret_val != 0)
63 return ret_val;
64
65 return netlbl_unlabel_genl_init();
66}
67
68/*
69 * NetLabel Audit Functions
70 */
71
72/**
73 * netlbl_audit_start_common - Start an audit message
74 * @type: audit message type
75 * @audit_info: NetLabel audit information
76 *
77 * Description:
78 * Start an audit message using the type specified in @type and fill the audit
79 * message with some fields common to all NetLabel audit messages. Returns
80 * a pointer to the audit buffer on success, NULL on failure.
81 *
82 */
83struct audit_buffer *netlbl_audit_start_common(int type,
84 struct netlbl_audit *audit_info)
85{
86 struct audit_buffer *audit_buf;
87 char *secctx;
88 u32 secctx_len;
89
90 if (audit_enabled == AUDIT_OFF)
91 return NULL;
92
93 audit_buf = audit_log_start(ctx: audit_context(), GFP_ATOMIC, type);
94 if (audit_buf == NULL)
95 return NULL;
96
97 audit_log_format(ab: audit_buf, fmt: "netlabel: auid=%u ses=%u",
98 from_kuid(to: &init_user_ns, uid: audit_info->loginuid),
99 audit_info->sessionid);
100
101 if (audit_info->secid != 0 &&
102 security_secid_to_secctx(secid: audit_info->secid,
103 secdata: &secctx,
104 seclen: &secctx_len) == 0) {
105 audit_log_format(ab: audit_buf, fmt: " subj=%s", secctx);
106 security_release_secctx(secdata: secctx, seclen: secctx_len);
107 }
108
109 return audit_buf;
110}
111

source code of linux/net/netlabel/netlabel_user.c