1b2441318SGreg Kroah-Hartman /* SPDX-License-Identifier: GPL-2.0 */ 21da177e4SLinus Torvalds /* 31da177e4SLinus Torvalds * A security identifier table (sidtab) is a hash table 41da177e4SLinus Torvalds * of security context structures indexed by SID value. 51da177e4SLinus Torvalds * 67efbb60bSStephen Smalley * Author : Stephen Smalley, <sds@tycho.nsa.gov> 71da177e4SLinus Torvalds */ 81da177e4SLinus Torvalds #ifndef _SS_SIDTAB_H_ 91da177e4SLinus Torvalds #define _SS_SIDTAB_H_ 101da177e4SLinus Torvalds 111da177e4SLinus Torvalds #include "context.h" 121da177e4SLinus Torvalds 131da177e4SLinus Torvalds struct sidtab_node { 141da177e4SLinus Torvalds u32 sid; /* security identifier */ 151da177e4SLinus Torvalds struct context context; /* security context structure */ 161da177e4SLinus Torvalds struct sidtab_node *next; 171da177e4SLinus Torvalds }; 181da177e4SLinus Torvalds 191da177e4SLinus Torvalds #define SIDTAB_HASH_BITS 7 201da177e4SLinus Torvalds #define SIDTAB_HASH_BUCKETS (1 << SIDTAB_HASH_BITS) 211da177e4SLinus Torvalds #define SIDTAB_HASH_MASK (SIDTAB_HASH_BUCKETS-1) 221da177e4SLinus Torvalds 231da177e4SLinus Torvalds #define SIDTAB_SIZE SIDTAB_HASH_BUCKETS 241da177e4SLinus Torvalds 25*24ed7fdaSOndrej Mosnacek struct sidtab_isid_entry { 26*24ed7fdaSOndrej Mosnacek int set; 27*24ed7fdaSOndrej Mosnacek struct context context; 28*24ed7fdaSOndrej Mosnacek }; 29*24ed7fdaSOndrej Mosnacek 301da177e4SLinus Torvalds struct sidtab { 311da177e4SLinus Torvalds struct sidtab_node **htable; 321da177e4SLinus Torvalds unsigned int nel; /* number of elements */ 331da177e4SLinus Torvalds unsigned int next_sid; /* next SID to allocate */ 341da177e4SLinus Torvalds unsigned char shutdown; 3573ff5fc0SEric Paris #define SIDTAB_CACHE_LEN 3 3673ff5fc0SEric Paris struct sidtab_node *cache[SIDTAB_CACHE_LEN]; 371da177e4SLinus Torvalds spinlock_t lock; 38*24ed7fdaSOndrej Mosnacek 39*24ed7fdaSOndrej Mosnacek /* index == SID - 1 (no entry for SECSID_NULL) */ 40*24ed7fdaSOndrej Mosnacek struct sidtab_isid_entry isids[SECINITSID_NUM]; 411da177e4SLinus Torvalds }; 421da177e4SLinus Torvalds 431da177e4SLinus Torvalds int sidtab_init(struct sidtab *s); 44*24ed7fdaSOndrej Mosnacek int sidtab_set_initial(struct sidtab *s, u32 sid, struct context *context); 451da177e4SLinus Torvalds struct context *sidtab_search(struct sidtab *s, u32 sid); 4612b29f34SStephen Smalley struct context *sidtab_search_force(struct sidtab *s, u32 sid); 471da177e4SLinus Torvalds 485386e6caSOndrej Mosnacek int sidtab_convert(struct sidtab *s, struct sidtab *news, 491da177e4SLinus Torvalds int (*apply)(u32 sid, 501da177e4SLinus Torvalds struct context *context, 511da177e4SLinus Torvalds void *args), 521da177e4SLinus Torvalds void *args); 531da177e4SLinus Torvalds 54*24ed7fdaSOndrej Mosnacek int sidtab_context_to_sid(struct sidtab *s, struct context *context, u32 *sid); 551da177e4SLinus Torvalds 561da177e4SLinus Torvalds void sidtab_hash_eval(struct sidtab *h, char *tag); 571da177e4SLinus Torvalds void sidtab_destroy(struct sidtab *s); 581da177e4SLinus Torvalds 591da177e4SLinus Torvalds #endif /* _SS_SIDTAB_H_ */ 601da177e4SLinus Torvalds 611da177e4SLinus Torvalds 62