Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1 | /* |
| 2 | * A security identifier table (sidtab) is a hash table |
| 3 | * of security context structures indexed by SID value. |
| 4 | * |
| 5 | * Author : Stephen Smalley, <sds@epoch.ncsc.mil> |
| 6 | */ |
| 7 | #ifndef _SS_SIDTAB_H_ |
| 8 | #define _SS_SIDTAB_H_ |
| 9 | |
| 10 | #include "context.h" |
| 11 | |
| 12 | struct sidtab_node { |
| 13 | u32 sid; /* security identifier */ |
| 14 | struct context context; /* security context structure */ |
| 15 | struct sidtab_node *next; |
| 16 | }; |
| 17 | |
| 18 | #define SIDTAB_HASH_BITS 7 |
| 19 | #define SIDTAB_HASH_BUCKETS (1 << SIDTAB_HASH_BITS) |
| 20 | #define SIDTAB_HASH_MASK (SIDTAB_HASH_BUCKETS-1) |
| 21 | |
| 22 | #define SIDTAB_SIZE SIDTAB_HASH_BUCKETS |
| 23 | |
| 24 | struct sidtab { |
| 25 | struct sidtab_node **htable; |
| 26 | unsigned int nel; /* number of elements */ |
| 27 | unsigned int next_sid; /* next SID to allocate */ |
| 28 | unsigned char shutdown; |
Eric Paris | 73ff5fc | 2010-12-07 16:17:28 -0500 | [diff] [blame] | 29 | #define SIDTAB_CACHE_LEN 3 |
| 30 | struct sidtab_node *cache[SIDTAB_CACHE_LEN]; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 31 | spinlock_t lock; |
| 32 | }; |
| 33 | |
| 34 | int sidtab_init(struct sidtab *s); |
| 35 | int sidtab_insert(struct sidtab *s, u32 sid, struct context *context); |
| 36 | struct context *sidtab_search(struct sidtab *s, u32 sid); |
Stephen Smalley | 12b29f3 | 2008-05-07 13:03:20 -0400 | [diff] [blame] | 37 | struct context *sidtab_search_force(struct sidtab *s, u32 sid); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 38 | |
| 39 | int sidtab_map(struct sidtab *s, |
| 40 | int (*apply) (u32 sid, |
| 41 | struct context *context, |
| 42 | void *args), |
| 43 | void *args); |
| 44 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 45 | int sidtab_context_to_sid(struct sidtab *s, |
| 46 | struct context *context, |
| 47 | u32 *sid); |
| 48 | |
| 49 | void sidtab_hash_eval(struct sidtab *h, char *tag); |
| 50 | void sidtab_destroy(struct sidtab *s); |
| 51 | void sidtab_set(struct sidtab *dst, struct sidtab *src); |
| 52 | void sidtab_shutdown(struct sidtab *s); |
| 53 | |
| 54 | #endif /* _SS_SIDTAB_H_ */ |
| 55 | |
| 56 | |