| 
									
										
										
										
											2005-04-16 15:20:36 -07:00
										 |  |  | /*
 | 
					
						
							|  |  |  |  * A security identifier table (sidtab) is a hash table | 
					
						
							|  |  |  |  * of security context structures indexed by SID value. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * Author : Stephen Smalley, <sds@epoch.ncsc.mil> | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | #ifndef _SS_SIDTAB_H_
 | 
					
						
							|  |  |  | #define _SS_SIDTAB_H_
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | #include "context.h"
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | struct sidtab_node { | 
					
						
							|  |  |  | 	u32 sid;		/* security identifier */ | 
					
						
							|  |  |  | 	struct context context;	/* security context structure */ | 
					
						
							|  |  |  | 	struct sidtab_node *next; | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | #define SIDTAB_HASH_BITS 7
 | 
					
						
							|  |  |  | #define SIDTAB_HASH_BUCKETS (1 << SIDTAB_HASH_BITS)
 | 
					
						
							|  |  |  | #define SIDTAB_HASH_MASK (SIDTAB_HASH_BUCKETS-1)
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | #define SIDTAB_SIZE SIDTAB_HASH_BUCKETS
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | struct sidtab { | 
					
						
							|  |  |  | 	struct sidtab_node **htable; | 
					
						
							|  |  |  | 	unsigned int nel;	/* number of elements */ | 
					
						
							|  |  |  | 	unsigned int next_sid;	/* next SID to allocate */ | 
					
						
							|  |  |  | 	unsigned char shutdown; | 
					
						
							| 
									
										
										
										
											2010-12-07 16:17:28 -05:00
										 |  |  | #define SIDTAB_CACHE_LEN	3
 | 
					
						
							|  |  |  | 	struct sidtab_node *cache[SIDTAB_CACHE_LEN]; | 
					
						
							| 
									
										
										
										
											2005-04-16 15:20:36 -07:00
										 |  |  | 	spinlock_t lock; | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | int sidtab_init(struct sidtab *s); | 
					
						
							|  |  |  | int sidtab_insert(struct sidtab *s, u32 sid, struct context *context); | 
					
						
							|  |  |  | struct context *sidtab_search(struct sidtab *s, u32 sid); | 
					
						
							| 
									
										
										
										
											2008-05-07 13:03:20 -04:00
										 |  |  | struct context *sidtab_search_force(struct sidtab *s, u32 sid); | 
					
						
							| 
									
										
										
										
											2005-04-16 15:20:36 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | int sidtab_map(struct sidtab *s, | 
					
						
							|  |  |  | 	       int (*apply) (u32 sid, | 
					
						
							|  |  |  | 			     struct context *context, | 
					
						
							|  |  |  | 			     void *args), | 
					
						
							|  |  |  | 	       void *args); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | int sidtab_context_to_sid(struct sidtab *s, | 
					
						
							|  |  |  | 			  struct context *context, | 
					
						
							|  |  |  | 			  u32 *sid); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | void sidtab_hash_eval(struct sidtab *h, char *tag); | 
					
						
							|  |  |  | void sidtab_destroy(struct sidtab *s); | 
					
						
							|  |  |  | void sidtab_set(struct sidtab *dst, struct sidtab *src); | 
					
						
							|  |  |  | void sidtab_shutdown(struct sidtab *s); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | #endif	/* _SS_SIDTAB_H_ */
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 |