1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 3 * A security identifier table (sidtab) is a hash table 4 * of security context structures indexed by SID value. 5 * 6 * Author : Stephen Smalley, <sds@tycho.nsa.gov> 7 */ 8 #ifndef _SS_SIDTAB_H_ 9 #define _SS_SIDTAB_H_ 10 11 #include "context.h" 12 13 struct sidtab_node { 14 u32 sid; /* security identifier */ 15 struct context context; /* security context structure */ 16 struct sidtab_node *next; 17 }; 18 19 #define SIDTAB_HASH_BITS 7 20 #define SIDTAB_HASH_BUCKETS (1 << SIDTAB_HASH_BITS) 21 #define SIDTAB_HASH_MASK (SIDTAB_HASH_BUCKETS-1) 22 23 #define SIDTAB_SIZE SIDTAB_HASH_BUCKETS 24 25 struct sidtab { 26 struct sidtab_node **htable; 27 unsigned int nel; /* number of elements */ 28 unsigned int next_sid; /* next SID to allocate */ 29 unsigned char shutdown; 30 #define SIDTAB_CACHE_LEN 3 31 struct sidtab_node *cache[SIDTAB_CACHE_LEN]; 32 spinlock_t lock; 33 }; 34 35 int sidtab_init(struct sidtab *s); 36 int sidtab_insert(struct sidtab *s, u32 sid, struct context *context); 37 struct context *sidtab_search(struct sidtab *s, u32 sid); 38 struct context *sidtab_search_force(struct sidtab *s, u32 sid); 39 40 int sidtab_map(struct sidtab *s, 41 int (*apply) (u32 sid, 42 struct context *context, 43 void *args), 44 void *args); 45 46 int sidtab_context_to_sid(struct sidtab *s, 47 struct context *context, 48 u32 *sid); 49 50 void sidtab_hash_eval(struct sidtab *h, char *tag); 51 void sidtab_destroy(struct sidtab *s); 52 void sidtab_set(struct sidtab *dst, struct sidtab *src); 53 void sidtab_shutdown(struct sidtab *s); 54 55 #endif /* _SS_SIDTAB_H_ */ 56 57 58