Lines Matching refs:skb
4167 static int selinux_parse_skb_ipv4(struct sk_buff *skb, in selinux_parse_skb_ipv4() argument
4173 offset = skb_network_offset(skb); in selinux_parse_skb_ipv4()
4174 ih = skb_header_pointer(skb, offset, sizeof(_iph), &_iph); in selinux_parse_skb_ipv4()
4197 th = skb_header_pointer(skb, offset, sizeof(_tcph), &_tcph); in selinux_parse_skb_ipv4()
4213 uh = skb_header_pointer(skb, offset, sizeof(_udph), &_udph); in selinux_parse_skb_ipv4()
4229 dh = skb_header_pointer(skb, offset, sizeof(_dccph), &_dccph); in selinux_parse_skb_ipv4()
4246 sh = skb_header_pointer(skb, offset, sizeof(_sctph), &_sctph); in selinux_parse_skb_ipv4()
4265 static int selinux_parse_skb_ipv6(struct sk_buff *skb, in selinux_parse_skb_ipv6() argument
4273 offset = skb_network_offset(skb); in selinux_parse_skb_ipv6()
4274 ip6 = skb_header_pointer(skb, offset, sizeof(_ipv6h), &_ipv6h); in selinux_parse_skb_ipv6()
4284 offset = ipv6_skip_exthdr(skb, offset, &nexthdr, &frag_off); in selinux_parse_skb_ipv6()
4295 th = skb_header_pointer(skb, offset, sizeof(_tcph), &_tcph); in selinux_parse_skb_ipv6()
4307 uh = skb_header_pointer(skb, offset, sizeof(_udph), &_udph); in selinux_parse_skb_ipv6()
4319 dh = skb_header_pointer(skb, offset, sizeof(_dccph), &_dccph); in selinux_parse_skb_ipv6()
4332 sh = skb_header_pointer(skb, offset, sizeof(_sctph), &_sctph); in selinux_parse_skb_ipv6()
4351 static int selinux_parse_skb(struct sk_buff *skb, struct common_audit_data *ad, in selinux_parse_skb() argument
4359 ret = selinux_parse_skb_ipv4(skb, ad, proto); in selinux_parse_skb()
4368 ret = selinux_parse_skb_ipv6(skb, ad, proto); in selinux_parse_skb()
4407 static int selinux_skb_peerlbl_sid(struct sk_buff *skb, u16 family, u32 *sid) in selinux_skb_peerlbl_sid() argument
4414 err = selinux_xfrm_skb_sid(skb, &xfrm_sid); in selinux_skb_peerlbl_sid()
4417 err = selinux_netlbl_skbuff_getsid(skb, family, &nlbl_type, &nlbl_sid); in selinux_skb_peerlbl_sid()
4950 static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb, in selinux_sock_rcv_skb_compat() argument
4962 ad.u.net->netif = skb->skb_iif; in selinux_sock_rcv_skb_compat()
4964 err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL); in selinux_sock_rcv_skb_compat()
4970 sk_sid, skb->secmark, SECCLASS_PACKET, in selinux_sock_rcv_skb_compat()
4976 err = selinux_netlbl_sock_rcv_skb(sksec, skb, family, &ad); in selinux_sock_rcv_skb_compat()
4979 err = selinux_xfrm_sock_rcv_skb(sksec->sid, skb, &ad); in selinux_sock_rcv_skb_compat()
4984 static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) in selinux_socket_sock_rcv_skb() argument
5000 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) in selinux_socket_sock_rcv_skb()
5008 return selinux_sock_rcv_skb_compat(sk, skb, family); in selinux_socket_sock_rcv_skb()
5017 ad.u.net->netif = skb->skb_iif; in selinux_socket_sock_rcv_skb()
5019 err = selinux_parse_skb(skb, &ad, &addrp, 1, NULL); in selinux_socket_sock_rcv_skb()
5026 err = selinux_skb_peerlbl_sid(skb, family, &peer_sid); in selinux_socket_sock_rcv_skb()
5029 err = selinux_inet_sys_rcv_skb(sock_net(sk), skb->skb_iif, in selinux_socket_sock_rcv_skb()
5032 selinux_netlbl_err(skb, family, err, 0); in selinux_socket_sock_rcv_skb()
5039 selinux_netlbl_err(skb, family, err, 0); in selinux_socket_sock_rcv_skb()
5046 sk_sid, skb->secmark, SECCLASS_PACKET, in selinux_socket_sock_rcv_skb()
5091 static int selinux_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) in selinux_socket_getpeersec_dgram() argument
5097 if (skb && skb->protocol == htons(ETH_P_IP)) in selinux_socket_getpeersec_dgram()
5099 else if (skb && skb->protocol == htons(ETH_P_IPV6)) in selinux_socket_getpeersec_dgram()
5109 } else if (skb) in selinux_socket_getpeersec_dgram()
5110 selinux_skb_peerlbl_sid(skb, family, &peer_secid); in selinux_socket_getpeersec_dgram()
5185 struct sk_buff *skb) in selinux_sctp_assoc_request() argument
5204 err = selinux_skb_peerlbl_sid(skb, ep->base.sk->sk_family, in selinux_sctp_assoc_request()
5250 return selinux_netlbl_sctp_assoc_request(ep, skb); in selinux_sctp_assoc_request()
5353 static int selinux_inet_conn_request(struct sock *sk, struct sk_buff *skb, in selinux_inet_conn_request() argument
5362 err = selinux_skb_peerlbl_sid(skb, family, &peersid); in selinux_inet_conn_request()
5391 static void selinux_inet_conn_established(struct sock *sk, struct sk_buff *skb) in selinux_inet_conn_established() argument
5397 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) in selinux_inet_conn_established()
5400 selinux_skb_peerlbl_sid(skb, family, &sksec->peer_sid); in selinux_inet_conn_established()
5514 static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb) in selinux_nlmsg_perm() argument
5521 if (skb->len < NLMSG_HDRLEN) { in selinux_nlmsg_perm()
5525 nlh = nlmsg_hdr(skb); in selinux_nlmsg_perm()
5554 static unsigned int selinux_ip_forward(struct sk_buff *skb, in selinux_ip_forward() argument
5576 if (selinux_skb_peerlbl_sid(skb, family, &peer_sid) != 0) in selinux_ip_forward()
5583 if (selinux_parse_skb(skb, &ad, &addrp, 1, NULL) != 0) in selinux_ip_forward()
5590 selinux_netlbl_err(skb, family, err, 1); in selinux_ip_forward()
5597 peer_sid, skb->secmark, in selinux_ip_forward()
5606 if (selinux_netlbl_skbuff_setsid(skb, family, peer_sid) != 0) in selinux_ip_forward()
5613 struct sk_buff *skb, in selinux_ipv4_forward() argument
5616 return selinux_ip_forward(skb, state->in, PF_INET); in selinux_ipv4_forward()
5621 struct sk_buff *skb, in selinux_ipv6_forward() argument
5624 return selinux_ip_forward(skb, state->in, PF_INET6); in selinux_ipv6_forward()
5628 static unsigned int selinux_ip_output(struct sk_buff *skb, in selinux_ip_output() argument
5640 sk = skb->sk; in selinux_ip_output()
5664 if (selinux_netlbl_skbuff_setsid(skb, family, sid) != 0) in selinux_ip_output()
5671 struct sk_buff *skb, in selinux_ipv4_output() argument
5674 return selinux_ip_output(skb, PF_INET); in selinux_ipv4_output()
5679 struct sk_buff *skb, in selinux_ipv6_output() argument
5682 return selinux_ip_output(skb, PF_INET6); in selinux_ipv6_output()
5686 static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb, in selinux_ip_postroute_compat() argument
5690 struct sock *sk = skb_to_full_sk(skb); in selinux_ip_postroute_compat()
5705 if (selinux_parse_skb(skb, &ad, &addrp, 0, &proto)) in selinux_ip_postroute_compat()
5710 sksec->sid, skb->secmark, in selinux_ip_postroute_compat()
5714 if (selinux_xfrm_postroute_last(sksec->sid, skb, &ad, proto)) in selinux_ip_postroute_compat()
5720 static unsigned int selinux_ip_postroute(struct sk_buff *skb, in selinux_ip_postroute() argument
5739 return selinux_ip_postroute_compat(skb, ifindex, family); in selinux_ip_postroute()
5746 sk = skb_to_full_sk(skb); in selinux_ip_postroute()
5760 if (skb_dst(skb) != NULL && skb_dst(skb)->xfrm != NULL && in selinux_ip_postroute()
5770 if (skb->skb_iif) { in selinux_ip_postroute()
5772 if (selinux_skb_peerlbl_sid(skb, family, &peer_sid)) in selinux_ip_postroute()
5792 if (selinux_skb_peerlbl_sid(skb, family, &skb_sid)) in selinux_ip_postroute()
5803 if (IPCB(skb)->flags & IPSKB_XFRM_TRANSFORMED) in selinux_ip_postroute()
5807 if (IP6CB(skb)->flags & IP6SKB_XFRM_TRANSFORMED) in selinux_ip_postroute()
5829 if (selinux_parse_skb(skb, &ad, &addrp, 0, NULL)) in selinux_ip_postroute()
5834 peer_sid, skb->secmark, in selinux_ip_postroute()
5861 struct sk_buff *skb, in selinux_ipv4_postroute() argument
5864 return selinux_ip_postroute(skb, state->out, PF_INET); in selinux_ipv4_postroute()
5869 struct sk_buff *skb, in selinux_ipv6_postroute() argument
5872 return selinux_ip_postroute(skb, state->out, PF_INET6); in selinux_ipv6_postroute()
5878 static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb) in selinux_netlink_send() argument
5880 return selinux_nlmsg_perm(sk, skb); in selinux_netlink_send()