linux/security/selinux/netlink.c
<<
lue=/op/spa14. /op/form4. /opa lue=/o href="../linux+v3.7.4/security/selinux/netlink.c">lue=/opimg src="../.static/gfx/right.png" alt=">>">lup/spa14.lupspa1 class="lxr_search">lue=lue=/opinput typlue=/opinput typlue=/opbutt> typSearch 4. /op/form4. p/spa14.lupspa1 class="lxr_prefs"4. /opa href="+prefs?return=security/selinux/netlink.c"lue=/o onclick="return ajax_prefs();">lue=/oPrefs. /op/a>lup/spa14.e=/o op/div4.e=/o opform acv3.1="ajax+*" method="post" onsubmit="return false;">lupinput typle=/o op/form4.le=/o opdiv class="headingbott>m">. pdiv idopfile_contents"4
o o1p/a>pspa1 class="comment">/*p/spa14.o o2p/a>pspa1 class="comment"> * Netlink event notificav3.1s for SELinux.p/spa14.o o3p/a>pspa1 class="comment"> *p/spa14.o o4p/a>pspa1 class="comment"> * Author: Jamo o5p/a>pspa1 class="comment"> *p/spa14.o o6p/a>pspa1 class="comment"> * Copyright (C) 2004 Red Hat, Inc., Jamo o7p/a>pspa1 class="comment"> *p/spa14.o o8p/a>pspa1 class="comment"> * This program is free software; you ca1 redistribute it and/or modifyp/spa14.o o9p/a>pspa1 class="comment"> * it under the terms of the GNU General Public License versn>
 2,p/spa14.o 	  >a>pspa1 class="comment"> * as published by the Free Software Foundav3.1.p/spa14.o 11p/a>pspa1 class="comment"> */p/spa14.o 12p/a>#include <linux/init.hp/a>>.o 13p/a>#include <linux/typ>.o 14p/a>#include <linux/slab.hp/a>>.o 15p/a>#include <linux/stddef.hp/a>>.o 16p/a>#include <linux/kernel.hp/a>>.o 17p/a>#include <linux/export.hp/a>>.o 18p/a>#include <linux/skbuff.hp/a>>.o 19p/a>#include <linux/netlink.hp/a>>.o 20p/a>#include <linux/selinux_netlink.hp/a>>.o 21p/a>#include <net/net_nam>.o 22p/a>#include <net/netlink.hp/a>>.o 23p/a>.o 24p/a>#include "security.hp/a>".o 25p/a>.o 26p/a>static structopa href="+code=sock" class="sref">sockp/a> *pa href="+code=selnl" class="sref">selnlp/a>;.o 27p/a>.o 28p/a>static intopa href="+code=selnl_msglen" class="sref">selnl_msglenp/a>(intopa href="+code=msgtyp<" class="sref">msgtyp

).o 29p/a>{.o 30p/a> intopa href="+code=ret" class="sref">retp/a> = 0;.o 31p/a>.o 32p/a> switch (pa href="+code=msgtyp<" class="sref">msgtyp

) {.o 33p/a> case pa href="+code=SELNL_MSG_SETENFORCE" class="sref">SELNL_MSG_SETENFORCEp/a>:.o 34p/a> pa href="+code=ret" class="sref">retp/a> = sizeof(structopa href="+code=selnl_msg_setenforc<" class="sref">selnl_msg_setenforc

);.o 35p/a> break;.o 36p/a>.o 37p/a> case pa href="+code=SELNL_MSG_POLICYLOAD" class="sref">SELNL_MSG_POLICYLOADp/a>:.o 38p/a> pa href="+code=ret" class="sref">retp/a> = sizeof(structopa href="+code=selnl_msg_policyload" class="sref">selnl_msg_policyloadp/a>);.o 39p/a> break;.o 40p/a>.o 41p/a> default:.o 42p/a> pa href="+code=BUG" class="sref">BUGp/a>();.o 43p/a> }.o 44p/a> return pa href="+code=ret" class="sref">retp/a>;.o 45p/a>}.o 46p/a>.o 47p/a>static voidopa href="+code=selnl_add_payload" class="sref">selnl_add_payloadp/a>(structopa href="+code=nlmsghdr" class="sref">nlmsghdrp/a> *pa href="+code=nlh" class="sref">nlhp/a>, intopa href="+code=len" class="sref">lenp/a>, intopa href="+code=msgtyp<" class="sref">msgtyp

, voido*pa href="+code=data" class="sref">datap/a>).o 48p/a>{.o 49p/a> switch (pa href="+code=msgtyp<" class="sref">msgtyp

) {.o 50p/a> case pa href="+code=SELNL_MSG_SETENFORCE" class="sref">SELNL_MSG_SETENFORCEp/a>: {.o 51p/a> structopa href="+code=selnl_msg_setenforc<" class="sref">selnl_msg_setenforc

o*pa href="+code=msg" class="sref">msgp/a> = pa href="+code=nlmsg_data" class="sref">nlmsg_datap/a>(pa href="+code=nlh" class="sref">nlhp/a>);.o 52p/a>.o 53p/a> pa href="+code=memset" class="sref">memsetp/a>(pa href="+code=msg" class="sref">msgp/a>, 0,opa href="+code=len" class="sref">lenp/a>);.o 54p/a> pa href="+code=msg" class="sref">msgp/a>->pa href="+code=val" class="sref">valp/a> = *((into*)pa href="+code=data" class="sref">datap/a>);.o 55p/a> break;.o 56p/a> }.o 57p/a>.o 58p/a> case pa href="+code=SELNL_MSG_POLICYLOAD" class="sref">SELNL_MSG_POLICYLOADp/a>: {.o 59p/a> structopa href="+code=selnl_msg_policyload" class="sref">selnl_msg_policyloadp/a>o*pa href="+code=msg" class="sref">msgp/a> = pa href="+code=nlmsg_data" class="sref">nlmsg_datap/a>(pa href="+code=nlh" class="sref">nlhp/a>);.o 60p/a>.o 61p/a> pa href="+code=memset" class="sref">memsetp/a>(pa href="+code=msg" class="sref">msgp/a>, 0,opa href="+code=len" class="sref">lenp/a>);.o 62p/a> pa href="+code=msg" class="sref">msgp/a>->pa href="+code=seqno" class="sref">seqnop/a> = *((pa href="+code=u32" class="sref">u32p/a> *)pa href="+code=data" class="sref">datap/a>);.o 63p/a> break;.o 64p/a> }.o 65p/a>.o 66p/a> default:.o 67p/a> pa href="+code=BUG" class="sref">BUGp/a>();.o 68p/a> }.o 69p/a>}.o 70p/a>.o 71p/a>static voidopa href="+code=selnl_notify" class="sref">selnl_notifyp/a>(intopa href="+code=msgtyp<" class="sref">msgtyp

, voido*pa href="+code=data" class="sref">datap/a>).o 72p/a>{.o 73p/a> intopa href="+code=len" class="sref">lenp/a>;.o 74p/a> pa href="+code=sk_buff_data_t" class="sref">sk_buff_data_tp/a> pa href="+code=tmp" class="sref">tmpp/a>;.o 75p/a> structopa href="+code=sk_buff" class="sref">sk_buffp/a> *pa href="+code=skb" class="sref">skbp/a>;.o 76p/a> structopa href="+code=nlmsghdr" class="sref">nlmsghdrp/a> *pa href="+code=nlh" class="sref">nlhp/a>;.o 77p/a>.o 78p/a> pa href="+code=len" class="sref">lenp/a> = pa href="+code=selnl_msglen" class="sref">selnl_msglenp/a>(pa href="+code=msgtyp<" class="sref">msgtyp

);.o 79p/a>.o 80p/a> pa href="+code=skb" class="sref">skbp/a> = pa href="+code=alloc_skb" class="sref">alloc_skbp/a>(pa href="+code=NLMSG_SPACE" class="sref">NLMSG_SPACEp/a>(pa href="+code=len" class="sref">lenp/a>),opa href="+code=GFP_USER" class="sref">GFP_USERp/a>);.o 81p/a> if (!pa href="+code=skb" class="sref">skbp/a>).o 82p/a> gotoopa href="+code=oom" class="sref">oomp/a>;.o 83p/a>.o 84p/a> pa href="+code=tmp" class="sref">tmpp/a> = pa href="+code=skb" class="sref">skbp/a>->pa href="+code=tail" class="sref">tailp/a>;.o 85p/a> pa href="+code=nlh" class="sref">nlhp/a> = pa href="+code=nlmsg_put" class="sref">nlmsg_putp/a>(pa href="+code=skb" class="sref">skbp/a>, 0,o0,opa href="+code=msgtyp<" class="sref">msgtyp

, pa href="+code=len" class="sref">lenp/a>, 0);.o 86p/a> if (!pa href="+code=nlh" class="sref">nlhp/a>).o 87p/a> gotoopa href="+code=out_kfree_skb" class="sref">out_kfree_skbp/a>;.o 88p/a> pa href="+code=selnl_add_payload" class="sref">selnl_add_payloadp/a>(pa href="+code=nlh" class="sref">nlhp/a>, pa href="+code=len" class="sref">lenp/a>, pa href="+code=msgtyp<" class="sref">msgtyp

, pa href="+code=data" class="sref">datap/a>);.o 89p/a> pa href="+code=nlh" class="sref">nlhp/a>->pa href="+code=nlmsg_len" class="sref">nlmsg_lenp/a> = pa href="+code=skb" class="sref">skbp/a>->pa href="+code=tail" class="sref">tailp/a> - pa href="+code=tmp" class="sref">tmpp/a>;.o 90p/a> pa href="+code=NETLINK_CB" class="sref">NETLINK_CBp/a>(pa href="+code=skb" class="sref">skbp/a>).pa href="+code=dst_group" class="sref">dst_groupp/a> = pa href="+code=SELNLGRP_AVC" class="sref">SELNLGRP_AVCp/a>;.o 91p/a> pa href="+code=netlink_broadcast" class="sref">netlink_broadcastp/a>(pa href="+code=selnl" class="sref">selnlp/a>, pa href="+code=skb" class="sref">skbp/a>, 0,opa href="+code=SELNLGRP_AVC" class="sref">SELNLGRP_AVCp/a>,opa href="+code=GFP_USER" class="sref">GFP_USERp/a>);.o 92p/a>pa href="+code=out" class="sref">outp/a>:.o 93p/a> return;.o 94p/a>.o 95p/a>pa href="+code=out_kfree_skb" class="sref">out_kfree_skbp/a>:.o 96p/a> pa href="+code=kfree_skb" class="sref">kfree_skbp/a>(pa href="+code=skb" class="sref">skbp/a>);.o 97p/a>pa href="+code=oom" class="sref">oomp/a>:.o 98p/a> pa href="+code=printk" class="sref">printkp/a>(pa href="+code=KERN_ERR" class="sref">KERN_ERRp/a> pspa1 class="string">"SELinux: OOM in %s\n"__func__p/a>);.o 99p/a> gotoopa href="+code=out" class="sref">outp/a>;.o100p/a>}.o101p/a>.o102p/a>voidopa href="+code=selnl_notify_setenforc<" class="sref">selnl_notify_setenforc

(intopa href="+code=val" class="sref">valp/a>).o103p/a>{.o104p/a> pa href="+code=selnl_notify" class="sref">selnl_notifyp/a>(pa href="+code=SELNL_MSG_SETENFORCE" class="sref">SELNL_MSG_SETENFORCEp/a>, &pa href="+code=val" class="sref">valp/a>);.o105p/a>}.o106p/a>.o107p/a>voidopa href="+code=selnl_notify_policyload" class="sref">selnl_notify_policyloadp/a>(pa href="+code=u32" class="sref">u32p/a> pa href="+code=seqno" class="sref">seqnop/a>).o108p/a>{.o109p/a> pa href="+code=selnl_notify" class="sref">selnl_notifyp/a>(pa href="+code=SELNL_MSG_POLICYLOAD" class="sref">SELNL_MSG_POLICYLOADp/a>, &pa href="+code=seqno" class="sref">seqnop/a>);.o110p/a>}.o111p/a>.o112p/a>static intopa href="+code=__init" class="sref">__initp/a> pa href="+code=selnl_init" class="sref">selnl_initp/a>(void).o113p/a>{.o114p/a> structopa href="+code=netlink_kernel_cfg" class="sref">netlink_kernel_cfgp/a> pa href="+code=cfg" class="sref">cfgp/a> = {.o115p/a> .pa href="+code=groups" class="sref">groupsp/a> = pa href="+code=SELNLGRP_MAX" class="sref">SELNLGRP_MAXp/a>,.o116p/a> .pa href="+code=flags" class="sref">flagsp/a> = pa href="+code=NL_CFG_F_NONROOT_RECV" class="sref">NL_CFG_F_NONROOT_RECVp/a>,.o117p/a> };.o118p/a>.o119p/a> pa href="+code=selnl" class="sref">selnlp/a> = pa href="+code=netlink_kernel_creat<" class="sref">netlink_kernel_creat

(&pa href="+code=init_net" class="sref">init_netp/a>,opa href="+code=NETLINK_SELINUX" class="sref">NETLINK_SELINUXp/a>, &pa href="+code=cfg" class="sref">cfgp/a>);.o120p/a> if (pa href="+code=selnl" class="sref">selnlp/a> == pa href="+code=NULL" class="sref">NULLp/a>).o121p/a> pa href="+code=pa1ic" class="sref">pa1icp/a>(pspa1 class="string">"SELinux: Cannot creat< netlink socket."o122p/a> return 0;.o123p/a>}.o124p/a>.o125p/a>pa href="+code=__initcall" class="sref">__initcallp/a>(pa href="+code=selnl_init" class="sref">selnl_initp/a>);.o126p/a>

The original LXR software by the LXR communityp/a>, this experimental versn> by lxr@linux.nop/a>. p/div4.pdiv class="subfooter"> lxr.linux.no kindly hosted by Redpill Linpro ASp/a>, provider of Linux consulting and operav3.1s services since 1995. p/div4. p/body4.p/html4.