1*1da177e4SLinus Torvalds /* 2*1da177e4SLinus Torvalds * A security identifier table (sidtab) is a hash table 3*1da177e4SLinus Torvalds * of security context structures indexed by SID value. 4*1da177e4SLinus Torvalds * 5*1da177e4SLinus Torvalds * Author : Stephen Smalley, <sds@epoch.ncsc.mil> 6*1da177e4SLinus Torvalds */ 7*1da177e4SLinus Torvalds #ifndef _SS_SIDTAB_H_ 8*1da177e4SLinus Torvalds #define _SS_SIDTAB_H_ 9*1da177e4SLinus Torvalds 10*1da177e4SLinus Torvalds #include "context.h" 11*1da177e4SLinus Torvalds 12*1da177e4SLinus Torvalds struct sidtab_node { 13*1da177e4SLinus Torvalds u32 sid; /* security identifier */ 14*1da177e4SLinus Torvalds struct context context; /* security context structure */ 15*1da177e4SLinus Torvalds struct sidtab_node *next; 16*1da177e4SLinus Torvalds }; 17*1da177e4SLinus Torvalds 18*1da177e4SLinus Torvalds #define SIDTAB_HASH_BITS 7 19*1da177e4SLinus Torvalds #define SIDTAB_HASH_BUCKETS (1 << SIDTAB_HASH_BITS) 20*1da177e4SLinus Torvalds #define SIDTAB_HASH_MASK (SIDTAB_HASH_BUCKETS-1) 21*1da177e4SLinus Torvalds 22*1da177e4SLinus Torvalds #define SIDTAB_SIZE SIDTAB_HASH_BUCKETS 23*1da177e4SLinus Torvalds 24*1da177e4SLinus Torvalds struct sidtab { 25*1da177e4SLinus Torvalds struct sidtab_node **htable; 26*1da177e4SLinus Torvalds unsigned int nel; /* number of elements */ 27*1da177e4SLinus Torvalds unsigned int next_sid; /* next SID to allocate */ 28*1da177e4SLinus Torvalds unsigned char shutdown; 29*1da177e4SLinus Torvalds spinlock_t lock; 30*1da177e4SLinus Torvalds }; 31*1da177e4SLinus Torvalds 32*1da177e4SLinus Torvalds int sidtab_init(struct sidtab *s); 33*1da177e4SLinus Torvalds int sidtab_insert(struct sidtab *s, u32 sid, struct context *context); 34*1da177e4SLinus Torvalds struct context *sidtab_search(struct sidtab *s, u32 sid); 35*1da177e4SLinus Torvalds 36*1da177e4SLinus Torvalds int sidtab_map(struct sidtab *s, 37*1da177e4SLinus Torvalds int (*apply) (u32 sid, 38*1da177e4SLinus Torvalds struct context *context, 39*1da177e4SLinus Torvalds void *args), 40*1da177e4SLinus Torvalds void *args); 41*1da177e4SLinus Torvalds 42*1da177e4SLinus Torvalds void sidtab_map_remove_on_error(struct sidtab *s, 43*1da177e4SLinus Torvalds int (*apply) (u32 sid, 44*1da177e4SLinus Torvalds struct context *context, 45*1da177e4SLinus Torvalds void *args), 46*1da177e4SLinus Torvalds void *args); 47*1da177e4SLinus Torvalds 48*1da177e4SLinus Torvalds int sidtab_context_to_sid(struct sidtab *s, 49*1da177e4SLinus Torvalds struct context *context, 50*1da177e4SLinus Torvalds u32 *sid); 51*1da177e4SLinus Torvalds 52*1da177e4SLinus Torvalds void sidtab_hash_eval(struct sidtab *h, char *tag); 53*1da177e4SLinus Torvalds void sidtab_destroy(struct sidtab *s); 54*1da177e4SLinus Torvalds void sidtab_set(struct sidtab *dst, struct sidtab *src); 55*1da177e4SLinus Torvalds void sidtab_shutdown(struct sidtab *s); 56*1da177e4SLinus Torvalds 57*1da177e4SLinus Torvalds #endif /* _SS_SIDTAB_H_ */ 58*1da177e4SLinus Torvalds 59*1da177e4SLinus Torvalds 60