1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 * NetLabel Network Address Lists
4 *
5 * This file contains network address list functions used to manage ordered
6 * lists of network addresses for use by the NetLabel subsystem. The NetLabel
7 * system manages static and dynamic label mappings for network protocols such
8 * as CIPSO and RIPSO.
9 *
10 * Author: Paul Moore <paul@paul-moore.com>
11 */
12
13/*
14 * (c) Copyright Hewlett-Packard Development Company, L.P., 2008
15 */
16
17#ifndef _NETLABEL_ADDRLIST_H
18#define _NETLABEL_ADDRLIST_H
19
20#include <linux/types.h>
21#include <linux/rcupdate.h>
22#include <linux/list.h>
23#include <linux/in6.h>
24#include <linux/audit.h>
25
26/**
27 * struct netlbl_af4list - NetLabel IPv4 address list
28 * @addr: IPv4 address
29 * @mask: IPv4 address mask
30 * @valid: valid flag
31 * @list: list structure, used internally
32 */
33struct netlbl_af4list {
34 __be32 addr;
35 __be32 mask;
36
37 u32 valid;
38 struct list_head list;
39};
40
41/**
42 * struct netlbl_af6list - NetLabel IPv6 address list
43 * @addr: IPv6 address
44 * @mask: IPv6 address mask
45 * @valid: valid flag
46 * @list: list structure, used internally
47 */
48struct netlbl_af6list {
49 struct in6_addr addr;
50 struct in6_addr mask;
51
52 u32 valid;
53 struct list_head list;
54};
55
56#define __af4list_entry(ptr) container_of(ptr, struct netlbl_af4list, list)
57
58static inline struct netlbl_af4list *__af4list_valid(struct list_head *s,
59 struct list_head *h)
60{
61 struct list_head *i = s;
62 struct netlbl_af4list *n = __af4list_entry(s);
63 while (i != h && !n->valid) {
64 i = i->next;
65 n = __af4list_entry(i);
66 }
67 return n;
68}
69
70static inline struct netlbl_af4list *__af4list_valid_rcu(struct list_head *s,
71 struct list_head *h)
72{
73 struct list_head *i = s;
74 struct netlbl_af4list *n = __af4list_entry(s);
75 while (i != h && !n->valid) {
76 i = rcu_dereference(list_next_rcu(i));
77 n = __af4list_entry(i);
78 }
79 return n;
80}
81
82#define netlbl_af4list_foreach(iter, head) \
83 for (iter = __af4list_valid((head)->next, head); \
84 &iter->list != (head); \
85 iter = __af4list_valid(iter->list.next, head))
86
87#define netlbl_af4list_foreach_rcu(iter, head) \
88 for (iter = __af4list_valid_rcu((head)->next, head); \
89 &iter->list != (head); \
90 iter = __af4list_valid_rcu(iter->list.next, head))
91
92#define netlbl_af4list_foreach_safe(iter, tmp, head) \
93 for (iter = __af4list_valid((head)->next, head), \
94 tmp = __af4list_valid(iter->list.next, head); \
95 &iter->list != (head); \
96 iter = tmp, tmp = __af4list_valid(iter->list.next, head))
97
98int netlbl_af4list_add(struct netlbl_af4list *entry,
99 struct list_head *head);
100struct netlbl_af4list *netlbl_af4list_remove(__be32 addr, __be32 mask,
101 struct list_head *head);
102void netlbl_af4list_remove_entry(struct netlbl_af4list *entry);
103struct netlbl_af4list *netlbl_af4list_search(__be32 addr,
104 struct list_head *head);
105struct netlbl_af4list *netlbl_af4list_search_exact(__be32 addr,
106 __be32 mask,
107 struct list_head *head);
108
109#ifdef CONFIG_AUDIT
110void netlbl_af4list_audit_addr(struct audit_buffer *audit_buf,
111 int src, const char *dev,
112 __be32 addr, __be32 mask);
113#else
114static inline void netlbl_af4list_audit_addr(struct audit_buffer *audit_buf,
115 int src, const char *dev,
116 __be32 addr, __be32 mask)
117{
118}
119#endif
120
121#if IS_ENABLED(CONFIG_IPV6)
122
123#define __af6list_entry(ptr) container_of(ptr, struct netlbl_af6list, list)
124
125static inline struct netlbl_af6list *__af6list_valid(struct list_head *s,
126 struct list_head *h)
127{
128 struct list_head *i = s;
129 struct netlbl_af6list *n = __af6list_entry(s);
130 while (i != h && !n->valid) {
131 i = i->next;
132 n = __af6list_entry(i);
133 }
134 return n;
135}
136
137static inline struct netlbl_af6list *__af6list_valid_rcu(struct list_head *s,
138 struct list_head *h)
139{
140 struct list_head *i = s;
141 struct netlbl_af6list *n = __af6list_entry(s);
142 while (i != h && !n->valid) {
143 i = rcu_dereference(list_next_rcu(i));
144 n = __af6list_entry(i);
145 }
146 return n;
147}
148
149#define netlbl_af6list_foreach(iter, head) \
150 for (iter = __af6list_valid((head)->next, head); \
151 &iter->list != (head); \
152 iter = __af6list_valid(iter->list.next, head))
153
154#define netlbl_af6list_foreach_rcu(iter, head) \
155 for (iter = __af6list_valid_rcu((head)->next, head); \
156 &iter->list != (head); \
157 iter = __af6list_valid_rcu(iter->list.next, head))
158
159#define netlbl_af6list_foreach_safe(iter, tmp, head) \
160 for (iter = __af6list_valid((head)->next, head), \
161 tmp = __af6list_valid(iter->list.next, head); \
162 &iter->list != (head); \
163 iter = tmp, tmp = __af6list_valid(iter->list.next, head))
164
165int netlbl_af6list_add(struct netlbl_af6list *entry,
166 struct list_head *head);
167struct netlbl_af6list *netlbl_af6list_remove(const struct in6_addr *addr,
168 const struct in6_addr *mask,
169 struct list_head *head);
170void netlbl_af6list_remove_entry(struct netlbl_af6list *entry);
171struct netlbl_af6list *netlbl_af6list_search(const struct in6_addr *addr,
172 struct list_head *head);
173struct netlbl_af6list *netlbl_af6list_search_exact(const struct in6_addr *addr,
174 const struct in6_addr *mask,
175 struct list_head *head);
176
177#ifdef CONFIG_AUDIT
178void netlbl_af6list_audit_addr(struct audit_buffer *audit_buf,
179 int src,
180 const char *dev,
181 const struct in6_addr *addr,
182 const struct in6_addr *mask);
183#else
184static inline void netlbl_af6list_audit_addr(struct audit_buffer *audit_buf,
185 int src,
186 const char *dev,
187 const struct in6_addr *addr,
188 const struct in6_addr *mask)
189{
190}
191#endif
192#endif /* IPV6 */
193
194#endif
195