From: Samir Bellabes <sam@synack.fr>
To: linux-security-module@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
netfilter-devel@vger.kernel.org, jamal <hadi@cyberus.ca>,
Patrick McHardy <kaber@trash.net>,
Evgeniy Polyakov <zbr@ioremap.net>,
Grzegorz Nosek <root@localdomain.pl>,
Samir Bellabes <sam@synack.fr>
Subject: [RFC v3 09/10] snet: introduce snet_utils
Date: Tue, 3 May 2011 16:24:22 +0200 [thread overview]
Message-ID: <1304432663-1575-10-git-send-email-sam@synack.fr> (raw)
In-Reply-To: <1304432663-1575-1-git-send-email-sam@synack.fr>
This patch provides helper functions for other subsystems
Signed-off-by: Samir Bellabes <sam@synack.fr>
---
security/snet/snet_utils.c | 38 ++++++++++++++++++++++++++++++++++++++
security/snet/snet_utils.h | 9 +++++++++
2 files changed, 47 insertions(+), 0 deletions(-)
create mode 100644 security/snet/snet_utils.c
create mode 100644 security/snet/snet_utils.h
diff --git a/security/snet/snet_utils.c b/security/snet/snet_utils.c
new file mode 100644
index 0000000..e9178d7
--- /dev/null
+++ b/security/snet/snet_utils.c
@@ -0,0 +1,38 @@
+#include <linux/types.h>
+#include <linux/snet.h>
+
+const char *snet_verdict_name(const enum snet_verdict cmd)
+{
+ static const char *const verdict_name[] = {
+ [SNET_VERDICT_GRANT] = "Grant",
+ [SNET_VERDICT_DENY] = "Deny",
+ [SNET_VERDICT_PENDING] = "Pending",
+ [SNET_VERDICT_NONE] = "None",
+ };
+
+ if (cmd >= SNET_NR_VERDICT_TYPES)
+ return "INVALID";
+ else
+ return verdict_name[cmd];
+}
+
+const char *snet_syscall_name(const enum snet_syscall sys)
+{
+ static const char *const syscall_name[] = {
+ [SNET_SOCKET_CREATE] = "Create",
+ [SNET_SOCKET_BIND] = "Bind",
+ [SNET_SOCKET_CONNECT] = "Connect",
+ [SNET_SOCKET_LISTEN] = "Listen",
+ [SNET_SOCKET_ACCEPT] = "Accept",
+ [SNET_SOCKET_POST_ACCEPT] = "Post Accept",
+ [SNET_SOCKET_SENDMSG] = "Sendmsg",
+ [SNET_SOCKET_RECVMSG] = "Recvmsg",
+ [SNET_SOCKET_SOCK_RCV_SKB] = "Sock Rcv Skb",
+ [SNET_SOCKET_CLOSE] = "Close",
+ };
+
+ if (sys >= SNET_NR_SOCKET_TYPES)
+ return "INVALID";
+ else
+ return syscall_name[sys];
+}
diff --git a/security/snet/snet_utils.h b/security/snet/snet_utils.h
new file mode 100644
index 0000000..01e515f
--- /dev/null
+++ b/security/snet/snet_utils.h
@@ -0,0 +1,9 @@
+#ifndef _SNET_UTILS_H
+#define _SNET_UTILS_H
+
+#include <linux/skbuff.h>
+
+const char *snet_verdict_name(const enum snet_verdict cmd);
+const char *snet_syscall_name(const enum snet_syscall sys);
+
+#endif /* _SNET_UTILS_H */
--
1.7.4.1
next prev parent reply other threads:[~2011-05-03 14:24 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-03 14:24 [RFC v3 00/10] snet: Security for NETwork syscalls Samir Bellabes
2011-05-03 14:24 ` [RFC v3 01/10] lsm: add security_socket_closed() Samir Bellabes
2011-05-03 15:29 ` Tetsuo Handa
2011-05-03 15:41 ` Samir Bellabes
2011-05-03 14:24 ` [RFC v3 02/10] Revert "lsm: Remove the socket_post_accept() hook" Samir Bellabes
2011-05-03 22:02 ` Paul Moore
2011-05-04 2:28 ` Tetsuo Handa
2011-05-04 8:50 ` Samir Bellabes
2011-05-05 14:11 ` Paul Moore
2011-05-05 21:43 ` Tetsuo Handa
2011-05-06 9:25 ` Samir Bellabes
2011-05-06 17:27 ` Paul Moore
2011-05-03 14:24 ` [RFC v3 03/10] snet: introduce snet_core Samir Bellabes
2011-05-03 14:24 ` [RFC v3 04/10] snet: introduce snet_event Samir Bellabes
2011-05-03 14:24 ` [RFC v3 05/10] snet: introduce snet_hooks Samir Bellabes
2011-05-03 14:24 ` [RFC v3 06/10] snet: introduce snet_netlink Samir Bellabes
2011-05-03 14:24 ` [RFC v3 07/10] snet: introduce snet_verdict Samir Bellabes
2011-05-03 14:24 ` [RFC v3 08/10] snet: introduce snet_ticket Samir Bellabes
2011-05-03 14:24 ` Samir Bellabes [this message]
2011-05-03 14:24 ` [RFC v3 10/10] snet: introduce security/snet, Makefile and Kconfig changes Samir Bellabes
2011-05-03 16:53 ` [RFC v3 00/10] snet: Security for NETwork syscalls Casey Schaufler
2011-05-03 17:15 ` Samir Bellabes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1304432663-1575-10-git-send-email-sam@synack.fr \
--to=sam@synack.fr \
--cc=hadi@cyberus.ca \
--cc=kaber@trash.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=root@localdomain.pl \
--cc=zbr@ioremap.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).