1*50077289SOndrej Mosnacek // SPDX-License-Identifier: GPL-2.0 2*50077289SOndrej Mosnacek /* 3*50077289SOndrej Mosnacek * Implementations of the security context functions. 4*50077289SOndrej Mosnacek * 5*50077289SOndrej Mosnacek * Author: Ondrej Mosnacek <omosnacek@gmail.com> 6*50077289SOndrej Mosnacek * Copyright (C) 2020 Red Hat, Inc. 7*50077289SOndrej Mosnacek */ 8*50077289SOndrej Mosnacek 9*50077289SOndrej Mosnacek #include <linux/jhash.h> 10*50077289SOndrej Mosnacek 11*50077289SOndrej Mosnacek #include "context.h" 12*50077289SOndrej Mosnacek #include "mls.h" 13*50077289SOndrej Mosnacek context_compute_hash(const struct context * c)14*50077289SOndrej Mosnaceku32 context_compute_hash(const struct context *c) 15*50077289SOndrej Mosnacek { 16*50077289SOndrej Mosnacek u32 hash = 0; 17*50077289SOndrej Mosnacek 18*50077289SOndrej Mosnacek /* 19*50077289SOndrej Mosnacek * If a context is invalid, it will always be represented by a 20*50077289SOndrej Mosnacek * context struct with only the len & str set (and vice versa) 21*50077289SOndrej Mosnacek * under a given policy. Since context structs from different 22*50077289SOndrej Mosnacek * policies should never meet, it is safe to hash valid and 23*50077289SOndrej Mosnacek * invalid contexts differently. The context_cmp() function 24*50077289SOndrej Mosnacek * already operates under the same assumption. 25*50077289SOndrej Mosnacek */ 26*50077289SOndrej Mosnacek if (c->len) 27*50077289SOndrej Mosnacek return full_name_hash(NULL, c->str, c->len); 28*50077289SOndrej Mosnacek 29*50077289SOndrej Mosnacek hash = jhash_3words(c->user, c->role, c->type, hash); 30*50077289SOndrej Mosnacek hash = mls_range_hash(&c->range, hash); 31*50077289SOndrej Mosnacek return hash; 32*50077289SOndrej Mosnacek } 33