LXR linux/security/selinux/ss/sidtab.h

   1/*
   2 * A security identifier table (sidtab) is a hash table
   3 * of security context structures indexed by SID value.
   4 *
   5 * Author : Stephen Smalley, <sds@epoch.ncsc.mil>
   6 */
   7#ifndef _SS_SIDTAB_H_
   8#define _SS_SIDTAB_H_
   9
  10#include "context.h"
  11
  12struct sidtab_node {
  13        u32 sid;                /* security identifier */
  14        struct context context; /* security context structure */
  15        struct sidtab_node *next;
  16};
  17
  18#define SIDTAB_HASH_BITS 7
  19#define SIDTAB_HASH_BUCKETS (1 << SIDTAB_HASH_BITS)
  20#define SIDTAB_HASH_MASK (SIDTAB_HASH_BUCKETS-1)
  21
  22#define SIDTAB_SIZE SIDTAB_HASH_BUCKETS
  23
  24struct sidtab {
  25        struct sidtab_node **htable;
  26        unsigned int nel;       /* number of elements */
  27        unsigned int next_sid;  /* next SID to allocate */
  28        unsigned char shutdown;
  29        spinlock_t lock;
  30};
  31
  32int sidtab_init(struct sidtab *s);
  33int sidtab_insert(struct sidtab *s, u32 sid, struct context *context);
  34struct context *sidtab_search(struct sidtab *s, u32 sid);
  35struct context *sidtab_search_force(struct sidtab *s, u32 sid);
  36
  37int sidtab_map(struct sidtab *s,
  38               int (*apply) (u32 sid,
  39                             struct context *context,
  40                             void *args),
  41               void *args);
  42
  43int sidtab_context_to_sid(struct sidtab *s,
  44                          struct context *context,
  45                          u32 *sid);
  46
  47void sidtab_hash_eval(struct sidtab *h, char *tag);
  48void sidtab_destroy(struct sidtab *s);
  49void sidtab_set(struct sidtab *dst, struct sidtab *src);
  50void sidtab_shutdown(struct sidtab *s);
  51
  52#endif  /* _SS_SIDTAB_H_ */
  53
  54
  55