[NetLabel]: rework the Netlink attribute handling (part 2)
At the suggestion of Thomas Graf, rewrite NetLabel's use of Netlink attributes
to better follow the common Netlink attribute usage.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
diff --git a/net/netlabel/netlabel_mgmt.c b/net/netlabel/netlabel_mgmt.c
index 85bc11a..8626c9f 100644
--- a/net/netlabel/netlabel_mgmt.c
+++ b/net/netlabel/netlabel_mgmt.c
@@ -42,15 +42,29 @@
#include "netlabel_user.h"
#include "netlabel_mgmt.h"
+/* Argument struct for netlbl_domhsh_walk() */
+struct netlbl_domhsh_walk_arg {
+ struct netlink_callback *nl_cb;
+ struct sk_buff *skb;
+ u32 seq;
+};
+
/* NetLabel Generic NETLINK CIPSOv4 family */
static struct genl_family netlbl_mgmt_gnl_family = {
.id = GENL_ID_GENERATE,
.hdrsize = 0,
.name = NETLBL_NLTYPE_MGMT_NAME,
.version = NETLBL_PROTO_VERSION,
- .maxattr = 0,
+ .maxattr = NLBL_MGMT_A_MAX,
};
+/* NetLabel Netlink attribute policy */
+static struct nla_policy netlbl_mgmt_genl_policy[NLBL_MGMT_A_MAX + 1] = {
+ [NLBL_MGMT_A_DOMAIN] = { .type = NLA_NUL_STRING },
+ [NLBL_MGMT_A_PROTOCOL] = { .type = NLA_U32 },
+ [NLBL_MGMT_A_VERSION] = { .type = NLA_U32 },
+ [NLBL_MGMT_A_CV4DOI] = { .type = NLA_U32 },
+};
/*
* NetLabel Command Handlers
@@ -70,97 +84,62 @@
static int netlbl_mgmt_add(struct sk_buff *skb, struct genl_info *info)
{
int ret_val = -EINVAL;
- struct nlattr *msg_ptr = netlbl_netlink_payload_data(skb);
- int msg_len = netlbl_netlink_payload_len(skb);
- u32 count;
struct netlbl_dom_map *entry = NULL;
- u32 iter;
+ size_t tmp_size;
u32 tmp_val;
- int tmp_size;
- ret_val = netlbl_netlink_cap_check(skb, CAP_NET_ADMIN);
+ if (!info->attrs[NLBL_MGMT_A_DOMAIN] ||
+ !info->attrs[NLBL_MGMT_A_PROTOCOL])
+ goto add_failure;
+
+ entry = kzalloc(sizeof(*entry), GFP_KERNEL);
+ if (entry == NULL) {
+ ret_val = -ENOMEM;
+ goto add_failure;
+ }
+ tmp_size = nla_len(info->attrs[NLBL_MGMT_A_DOMAIN]);
+ entry->domain = kmalloc(tmp_size, GFP_KERNEL);
+ if (entry->domain == NULL) {
+ ret_val = -ENOMEM;
+ goto add_failure;
+ }
+ entry->type = nla_get_u32(info->attrs[NLBL_MGMT_A_PROTOCOL]);
+ nla_strlcpy(entry->domain, info->attrs[NLBL_MGMT_A_DOMAIN], tmp_size);
+
+ switch (entry->type) {
+ case NETLBL_NLTYPE_UNLABELED:
+ ret_val = netlbl_domhsh_add(entry);
+ break;
+ case NETLBL_NLTYPE_CIPSOV4:
+ if (!info->attrs[NLBL_MGMT_A_CV4DOI])
+ goto add_failure;
+
+ tmp_val = nla_get_u32(info->attrs[NLBL_MGMT_A_CV4DOI]);
+ /* We should be holding a rcu_read_lock() here while we hold
+ * the result but since the entry will always be deleted when
+ * the CIPSO DOI is deleted we aren't going to keep the
+ * lock. */
+ rcu_read_lock();
+ entry->type_def.cipsov4 = cipso_v4_doi_getdef(tmp_val);
+ if (entry->type_def.cipsov4 == NULL) {
+ rcu_read_unlock();
+ goto add_failure;
+ }
+ ret_val = netlbl_domhsh_add(entry);
+ rcu_read_unlock();
+ break;
+ default:
+ goto add_failure;
+ }
if (ret_val != 0)
goto add_failure;
- if (msg_len < NETLBL_LEN_U32)
- goto add_failure;
- count = netlbl_getinc_u32(&msg_ptr, &msg_len);
-
- for (iter = 0; iter < count && msg_len > 0; iter++, entry = NULL) {
- if (msg_len <= 0) {
- ret_val = -EINVAL;
- goto add_failure;
- }
- entry = kzalloc(sizeof(*entry), GFP_KERNEL);
- if (entry == NULL) {
- ret_val = -ENOMEM;
- goto add_failure;
- }
- tmp_size = nla_len(msg_ptr);
- if (tmp_size <= 0 || tmp_size > msg_len) {
- ret_val = -EINVAL;
- goto add_failure;
- }
- entry->domain = kmalloc(tmp_size, GFP_KERNEL);
- if (entry->domain == NULL) {
- ret_val = -ENOMEM;
- goto add_failure;
- }
- nla_strlcpy(entry->domain, msg_ptr, tmp_size);
- entry->domain[tmp_size - 1] = '\0';
- msg_ptr = nla_next(msg_ptr, &msg_len);
-
- if (msg_len < NETLBL_LEN_U32) {
- ret_val = -EINVAL;
- goto add_failure;
- }
- tmp_val = netlbl_getinc_u32(&msg_ptr, &msg_len);
- entry->type = tmp_val;
- switch (tmp_val) {
- case NETLBL_NLTYPE_UNLABELED:
- ret_val = netlbl_domhsh_add(entry);
- break;
- case NETLBL_NLTYPE_CIPSOV4:
- if (msg_len < NETLBL_LEN_U32) {
- ret_val = -EINVAL;
- goto add_failure;
- }
- tmp_val = netlbl_getinc_u32(&msg_ptr, &msg_len);
- /* We should be holding a rcu_read_lock() here
- * while we hold the result but since the entry
- * will always be deleted when the CIPSO DOI
- * is deleted we aren't going to keep the lock. */
- rcu_read_lock();
- entry->type_def.cipsov4 = cipso_v4_doi_getdef(tmp_val);
- if (entry->type_def.cipsov4 == NULL) {
- rcu_read_unlock();
- ret_val = -EINVAL;
- goto add_failure;
- }
- ret_val = netlbl_domhsh_add(entry);
- rcu_read_unlock();
- break;
- default:
- ret_val = -EINVAL;
- }
- if (ret_val != 0)
- goto add_failure;
- }
-
- netlbl_netlink_send_ack(info,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_ACK,
- NETLBL_E_OK);
return 0;
add_failure:
if (entry)
kfree(entry->domain);
kfree(entry);
- netlbl_netlink_send_ack(info,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_ACK,
- -ret_val);
return ret_val;
}
@@ -176,87 +155,98 @@
*/
static int netlbl_mgmt_remove(struct sk_buff *skb, struct genl_info *info)
{
- int ret_val = -EINVAL;
- struct nlattr *msg_ptr = netlbl_netlink_payload_data(skb);
- int msg_len = netlbl_netlink_payload_len(skb);
- u32 count;
- u32 iter;
- int tmp_size;
- unsigned char *domain;
+ char *domain;
- ret_val = netlbl_netlink_cap_check(skb, CAP_NET_ADMIN);
+ if (!info->attrs[NLBL_MGMT_A_DOMAIN])
+ return -EINVAL;
+
+ domain = nla_data(info->attrs[NLBL_MGMT_A_DOMAIN]);
+ return netlbl_domhsh_remove(domain);
+}
+
+/**
+ * netlbl_mgmt_listall_cb - netlbl_domhsh_walk() callback for LISTALL
+ * @entry: the domain mapping hash table entry
+ * @arg: the netlbl_domhsh_walk_arg structure
+ *
+ * Description:
+ * This function is designed to be used as a callback to the
+ * netlbl_domhsh_walk() function for use in generating a response for a LISTALL
+ * message. Returns the size of the message on success, negative values on
+ * failure.
+ *
+ */
+static int netlbl_mgmt_listall_cb(struct netlbl_dom_map *entry, void *arg)
+{
+ int ret_val = -ENOMEM;
+ struct netlbl_domhsh_walk_arg *cb_arg = arg;
+ void *data;
+
+ data = netlbl_netlink_hdr_put(cb_arg->skb,
+ NETLINK_CB(cb_arg->nl_cb->skb).pid,
+ cb_arg->seq,
+ netlbl_mgmt_gnl_family.id,
+ NLM_F_MULTI,
+ NLBL_MGMT_C_LISTALL);
+ if (data == NULL)
+ goto listall_cb_failure;
+
+ ret_val = nla_put_string(cb_arg->skb,
+ NLBL_MGMT_A_DOMAIN,
+ entry->domain);
if (ret_val != 0)
- goto remove_return;
-
- if (msg_len < NETLBL_LEN_U32)
- goto remove_return;
- count = netlbl_getinc_u32(&msg_ptr, &msg_len);
-
- for (iter = 0; iter < count && msg_len > 0; iter++) {
- if (msg_len <= 0) {
- ret_val = -EINVAL;
- goto remove_return;
- }
- tmp_size = nla_len(msg_ptr);
- domain = nla_data(msg_ptr);
- if (tmp_size <= 0 || tmp_size > msg_len ||
- domain[tmp_size - 1] != '\0') {
- ret_val = -EINVAL;
- goto remove_return;
- }
- ret_val = netlbl_domhsh_remove(domain);
+ goto listall_cb_failure;
+ ret_val = nla_put_u32(cb_arg->skb, NLBL_MGMT_A_PROTOCOL, entry->type);
+ if (ret_val != 0)
+ goto listall_cb_failure;
+ switch (entry->type) {
+ case NETLBL_NLTYPE_CIPSOV4:
+ ret_val = nla_put_u32(cb_arg->skb,
+ NLBL_MGMT_A_CV4DOI,
+ entry->type_def.cipsov4->doi);
if (ret_val != 0)
- goto remove_return;
- msg_ptr = nla_next(msg_ptr, &msg_len);
+ goto listall_cb_failure;
+ break;
}
- ret_val = 0;
+ cb_arg->seq++;
+ return genlmsg_end(cb_arg->skb, data);
-remove_return:
- netlbl_netlink_send_ack(info,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_ACK,
- -ret_val);
+listall_cb_failure:
+ genlmsg_cancel(cb_arg->skb, data);
return ret_val;
}
/**
- * netlbl_mgmt_list - Handle a LIST message
+ * netlbl_mgmt_listall - Handle a LISTALL message
* @skb: the NETLINK buffer
- * @info: the Generic NETLINK info block
+ * @cb: the NETLINK callback
*
* Description:
- * Process a user generated LIST message and dumps the domain hash table in a
- * form suitable for use in a kernel generated LIST message. Returns zero on
- * success, negative values on failure.
+ * Process a user generated LISTALL message and dumps the domain hash table in
+ * a form suitable for use in a kernel generated LISTALL message. Returns zero
+ * on success, negative values on failure.
*
*/
-static int netlbl_mgmt_list(struct sk_buff *skb, struct genl_info *info)
+static int netlbl_mgmt_listall(struct sk_buff *skb,
+ struct netlink_callback *cb)
{
- int ret_val = -ENOMEM;
- struct sk_buff *ans_skb;
+ struct netlbl_domhsh_walk_arg cb_arg;
+ u32 skip_bkt = cb->args[0];
+ u32 skip_chain = cb->args[1];
- ans_skb = netlbl_domhsh_dump(NLMSG_SPACE(GENL_HDRLEN));
- if (ans_skb == NULL)
- goto list_failure;
- netlbl_netlink_hdr_push(ans_skb,
- info->snd_pid,
- 0,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_LIST);
+ cb_arg.nl_cb = cb;
+ cb_arg.skb = skb;
+ cb_arg.seq = cb->nlh->nlmsg_seq;
- ret_val = netlbl_netlink_snd(ans_skb, info->snd_pid);
- if (ret_val != 0)
- goto list_failure;
+ netlbl_domhsh_walk(&skip_bkt,
+ &skip_chain,
+ netlbl_mgmt_listall_cb,
+ &cb_arg);
- return 0;
-
-list_failure:
- netlbl_netlink_send_ack(info,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_ACK,
- -ret_val);
- return ret_val;
+ cb->args[0] = skip_bkt;
+ cb->args[1] = skip_chain;
+ return skb->len;
}
/**
@@ -272,68 +262,51 @@
static int netlbl_mgmt_adddef(struct sk_buff *skb, struct genl_info *info)
{
int ret_val = -EINVAL;
- struct nlattr *msg_ptr = netlbl_netlink_payload_data(skb);
- int msg_len = netlbl_netlink_payload_len(skb);
struct netlbl_dom_map *entry = NULL;
u32 tmp_val;
- ret_val = netlbl_netlink_cap_check(skb, CAP_NET_ADMIN);
- if (ret_val != 0)
+ if (!info->attrs[NLBL_MGMT_A_PROTOCOL])
goto adddef_failure;
- if (msg_len < NETLBL_LEN_U32)
- goto adddef_failure;
- tmp_val = netlbl_getinc_u32(&msg_ptr, &msg_len);
-
entry = kzalloc(sizeof(*entry), GFP_KERNEL);
if (entry == NULL) {
ret_val = -ENOMEM;
goto adddef_failure;
}
+ entry->type = nla_get_u32(info->attrs[NLBL_MGMT_A_PROTOCOL]);
- entry->type = tmp_val;
switch (entry->type) {
case NETLBL_NLTYPE_UNLABELED:
ret_val = netlbl_domhsh_add_default(entry);
break;
case NETLBL_NLTYPE_CIPSOV4:
- if (msg_len < NETLBL_LEN_U32) {
- ret_val = -EINVAL;
+ if (!info->attrs[NLBL_MGMT_A_CV4DOI])
goto adddef_failure;
- }
- tmp_val = netlbl_getinc_u32(&msg_ptr, &msg_len);
- /* We should be holding a rcu_read_lock here while we
- * hold the result but since the entry will always be
- * deleted when the CIPSO DOI is deleted we are going
- * to skip the lock. */
+
+ tmp_val = nla_get_u32(info->attrs[NLBL_MGMT_A_CV4DOI]);
+ /* We should be holding a rcu_read_lock() here while we hold
+ * the result but since the entry will always be deleted when
+ * the CIPSO DOI is deleted we aren't going to keep the
+ * lock. */
rcu_read_lock();
entry->type_def.cipsov4 = cipso_v4_doi_getdef(tmp_val);
if (entry->type_def.cipsov4 == NULL) {
rcu_read_unlock();
- ret_val = -EINVAL;
goto adddef_failure;
}
ret_val = netlbl_domhsh_add_default(entry);
rcu_read_unlock();
break;
default:
- ret_val = -EINVAL;
+ goto adddef_failure;
}
if (ret_val != 0)
goto adddef_failure;
- netlbl_netlink_send_ack(info,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_ACK,
- NETLBL_E_OK);
return 0;
adddef_failure:
kfree(entry);
- netlbl_netlink_send_ack(info,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_ACK,
- -ret_val);
return ret_val;
}
@@ -349,20 +322,7 @@
*/
static int netlbl_mgmt_removedef(struct sk_buff *skb, struct genl_info *info)
{
- int ret_val;
-
- ret_val = netlbl_netlink_cap_check(skb, CAP_NET_ADMIN);
- if (ret_val != 0)
- goto removedef_return;
-
- ret_val = netlbl_domhsh_remove_default();
-
-removedef_return:
- netlbl_netlink_send_ack(info,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_ACK,
- -ret_val);
- return ret_val;
+ return netlbl_domhsh_remove_default();
}
/**
@@ -379,88 +339,131 @@
static int netlbl_mgmt_listdef(struct sk_buff *skb, struct genl_info *info)
{
int ret_val = -ENOMEM;
- struct sk_buff *ans_skb;
+ struct sk_buff *ans_skb = NULL;
+ void *data;
+ struct netlbl_dom_map *entry;
- ans_skb = netlbl_domhsh_dump_default(NLMSG_SPACE(GENL_HDRLEN));
+ ans_skb = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
if (ans_skb == NULL)
+ return -ENOMEM;
+ data = netlbl_netlink_hdr_put(ans_skb,
+ info->snd_pid,
+ info->snd_seq,
+ netlbl_mgmt_gnl_family.id,
+ 0,
+ NLBL_MGMT_C_LISTDEF);
+ if (data == NULL)
goto listdef_failure;
- netlbl_netlink_hdr_push(ans_skb,
- info->snd_pid,
- 0,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_LISTDEF);
- ret_val = netlbl_netlink_snd(ans_skb, info->snd_pid);
+ rcu_read_lock();
+ entry = netlbl_domhsh_getentry(NULL);
+ if (entry == NULL) {
+ ret_val = -ENOENT;
+ goto listdef_failure_lock;
+ }
+ ret_val = nla_put_u32(ans_skb, NLBL_MGMT_A_PROTOCOL, entry->type);
+ if (ret_val != 0)
+ goto listdef_failure_lock;
+ switch (entry->type) {
+ case NETLBL_NLTYPE_CIPSOV4:
+ ret_val = nla_put_u32(ans_skb,
+ NLBL_MGMT_A_CV4DOI,
+ entry->type_def.cipsov4->doi);
+ if (ret_val != 0)
+ goto listdef_failure_lock;
+ break;
+ }
+ rcu_read_unlock();
+
+ genlmsg_end(ans_skb, data);
+
+ ret_val = genlmsg_unicast(ans_skb, info->snd_pid);
if (ret_val != 0)
goto listdef_failure;
-
return 0;
+listdef_failure_lock:
+ rcu_read_unlock();
listdef_failure:
- netlbl_netlink_send_ack(info,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_ACK,
- -ret_val);
+ kfree_skb(ans_skb);
return ret_val;
}
/**
- * netlbl_mgmt_modules - Handle a MODULES message
- * @skb: the NETLINK buffer
- * @info: the Generic NETLINK info block
+ * netlbl_mgmt_protocols_cb - Write an individual PROTOCOL message response
+ * @skb: the skb to write to
+ * @seq: the NETLINK sequence number
+ * @cb: the NETLINK callback
+ * @protocol: the NetLabel protocol to use in the message
*
* Description:
- * Process a user generated MODULES message and respond accordingly.
+ * This function is to be used in conjunction with netlbl_mgmt_protocols() to
+ * answer a application's PROTOCOLS message. Returns the size of the message
+ * on success, negative values on failure.
*
*/
-static int netlbl_mgmt_modules(struct sk_buff *skb, struct genl_info *info)
+static int netlbl_mgmt_protocols_cb(struct sk_buff *skb,
+ struct netlink_callback *cb,
+ u32 protocol)
{
int ret_val = -ENOMEM;
- size_t data_size;
- u32 mod_count;
- struct sk_buff *ans_skb = NULL;
+ void *data;
- /* unlabeled + cipsov4 */
- mod_count = 2;
+ data = netlbl_netlink_hdr_put(skb,
+ NETLINK_CB(cb->skb).pid,
+ cb->nlh->nlmsg_seq,
+ netlbl_mgmt_gnl_family.id,
+ NLM_F_MULTI,
+ NLBL_MGMT_C_PROTOCOLS);
+ if (data == NULL)
+ goto protocols_cb_failure;
- data_size = GENL_HDRLEN + NETLBL_LEN_U32 + mod_count * NETLBL_LEN_U32;
- ans_skb = netlbl_netlink_alloc_skb(0, data_size, GFP_KERNEL);
- if (ans_skb == NULL)
- goto modules_failure;
-
- if (netlbl_netlink_hdr_put(ans_skb,
- info->snd_pid,
- 0,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_MODULES) == NULL)
- goto modules_failure;
-
- ret_val = nla_put_u32(ans_skb, NLA_U32, mod_count);
+ ret_val = nla_put_u32(skb, NLBL_MGMT_A_PROTOCOL, protocol);
if (ret_val != 0)
- goto modules_failure;
- ret_val = nla_put_u32(ans_skb, NLA_U32, NETLBL_NLTYPE_UNLABELED);
- if (ret_val != 0)
- goto modules_failure;
- ret_val = nla_put_u32(ans_skb, NLA_U32, NETLBL_NLTYPE_CIPSOV4);
- if (ret_val != 0)
- goto modules_failure;
+ goto protocols_cb_failure;
- ret_val = netlbl_netlink_snd(ans_skb, info->snd_pid);
- if (ret_val != 0)
- goto modules_failure;
+ return genlmsg_end(skb, data);
- return 0;
-
-modules_failure:
- kfree_skb(ans_skb);
- netlbl_netlink_send_ack(info,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_ACK,
- -ret_val);
+protocols_cb_failure:
+ genlmsg_cancel(skb, data);
return ret_val;
}
/**
+ * netlbl_mgmt_protocols - Handle a PROTOCOLS message
+ * @skb: the NETLINK buffer
+ * @cb: the NETLINK callback
+ *
+ * Description:
+ * Process a user generated PROTOCOLS message and respond accordingly.
+ *
+ */
+static int netlbl_mgmt_protocols(struct sk_buff *skb,
+ struct netlink_callback *cb)
+{
+ u32 protos_sent = cb->args[0];
+
+ if (protos_sent == 0) {
+ if (netlbl_mgmt_protocols_cb(skb,
+ cb,
+ NETLBL_NLTYPE_UNLABELED) < 0)
+ goto protocols_return;
+ protos_sent++;
+ }
+ if (protos_sent == 1) {
+ if (netlbl_mgmt_protocols_cb(skb,
+ cb,
+ NETLBL_NLTYPE_CIPSOV4) < 0)
+ goto protocols_return;
+ protos_sent++;
+ }
+
+protocols_return:
+ cb->args[0] = protos_sent;
+ return skb->len;
+}
+
+/**
* netlbl_mgmt_version - Handle a VERSION message
* @skb: the NETLINK buffer
* @info: the Generic NETLINK info block
@@ -474,35 +477,35 @@
{
int ret_val = -ENOMEM;
struct sk_buff *ans_skb = NULL;
+ void *data;
- ans_skb = netlbl_netlink_alloc_skb(0,
- GENL_HDRLEN + NETLBL_LEN_U32,
- GFP_KERNEL);
+ ans_skb = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
if (ans_skb == NULL)
- goto version_failure;
- if (netlbl_netlink_hdr_put(ans_skb,
- info->snd_pid,
- 0,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_VERSION) == NULL)
+ return -ENOMEM;
+ data = netlbl_netlink_hdr_put(ans_skb,
+ info->snd_pid,
+ info->snd_seq,
+ netlbl_mgmt_gnl_family.id,
+ 0,
+ NLBL_MGMT_C_VERSION);
+ if (data == NULL)
goto version_failure;
- ret_val = nla_put_u32(ans_skb, NLA_U32, NETLBL_PROTO_VERSION);
+ ret_val = nla_put_u32(ans_skb,
+ NLBL_MGMT_A_VERSION,
+ NETLBL_PROTO_VERSION);
if (ret_val != 0)
goto version_failure;
- ret_val = netlbl_netlink_snd(ans_skb, info->snd_pid);
+ genlmsg_end(ans_skb, data);
+
+ ret_val = genlmsg_unicast(ans_skb, info->snd_pid);
if (ret_val != 0)
goto version_failure;
-
return 0;
version_failure:
kfree_skb(ans_skb);
- netlbl_netlink_send_ack(info,
- netlbl_mgmt_gnl_family.id,
- NLBL_MGMT_C_ACK,
- -ret_val);
return ret_val;
}
@@ -513,35 +516,40 @@
static struct genl_ops netlbl_mgmt_genl_c_add = {
.cmd = NLBL_MGMT_C_ADD,
- .flags = 0,
+ .flags = GENL_ADMIN_PERM,
+ .policy = netlbl_mgmt_genl_policy,
.doit = netlbl_mgmt_add,
.dumpit = NULL,
};
static struct genl_ops netlbl_mgmt_genl_c_remove = {
.cmd = NLBL_MGMT_C_REMOVE,
- .flags = 0,
+ .flags = GENL_ADMIN_PERM,
+ .policy = netlbl_mgmt_genl_policy,
.doit = netlbl_mgmt_remove,
.dumpit = NULL,
};
-static struct genl_ops netlbl_mgmt_genl_c_list = {
- .cmd = NLBL_MGMT_C_LIST,
+static struct genl_ops netlbl_mgmt_genl_c_listall = {
+ .cmd = NLBL_MGMT_C_LISTALL,
.flags = 0,
- .doit = netlbl_mgmt_list,
- .dumpit = NULL,
+ .policy = netlbl_mgmt_genl_policy,
+ .doit = NULL,
+ .dumpit = netlbl_mgmt_listall,
};
static struct genl_ops netlbl_mgmt_genl_c_adddef = {
.cmd = NLBL_MGMT_C_ADDDEF,
- .flags = 0,
+ .flags = GENL_ADMIN_PERM,
+ .policy = netlbl_mgmt_genl_policy,
.doit = netlbl_mgmt_adddef,
.dumpit = NULL,
};
static struct genl_ops netlbl_mgmt_genl_c_removedef = {
.cmd = NLBL_MGMT_C_REMOVEDEF,
- .flags = 0,
+ .flags = GENL_ADMIN_PERM,
+ .policy = netlbl_mgmt_genl_policy,
.doit = netlbl_mgmt_removedef,
.dumpit = NULL,
};
@@ -549,20 +557,23 @@
static struct genl_ops netlbl_mgmt_genl_c_listdef = {
.cmd = NLBL_MGMT_C_LISTDEF,
.flags = 0,
+ .policy = netlbl_mgmt_genl_policy,
.doit = netlbl_mgmt_listdef,
.dumpit = NULL,
};
-static struct genl_ops netlbl_mgmt_genl_c_modules = {
- .cmd = NLBL_MGMT_C_MODULES,
+static struct genl_ops netlbl_mgmt_genl_c_protocols = {
+ .cmd = NLBL_MGMT_C_PROTOCOLS,
.flags = 0,
- .doit = netlbl_mgmt_modules,
- .dumpit = NULL,
+ .policy = netlbl_mgmt_genl_policy,
+ .doit = NULL,
+ .dumpit = netlbl_mgmt_protocols,
};
static struct genl_ops netlbl_mgmt_genl_c_version = {
.cmd = NLBL_MGMT_C_VERSION,
.flags = 0,
+ .policy = netlbl_mgmt_genl_policy,
.doit = netlbl_mgmt_version,
.dumpit = NULL,
};
@@ -596,7 +607,7 @@
if (ret_val != 0)
return ret_val;
ret_val = genl_register_ops(&netlbl_mgmt_gnl_family,
- &netlbl_mgmt_genl_c_list);
+ &netlbl_mgmt_genl_c_listall);
if (ret_val != 0)
return ret_val;
ret_val = genl_register_ops(&netlbl_mgmt_gnl_family,
@@ -612,7 +623,7 @@
if (ret_val != 0)
return ret_val;
ret_val = genl_register_ops(&netlbl_mgmt_gnl_family,
- &netlbl_mgmt_genl_c_modules);
+ &netlbl_mgmt_genl_c_protocols);
if (ret_val != 0)
return ret_val;
ret_val = genl_register_ops(&netlbl_mgmt_gnl_family,