55 lines
1.4 KiB
C
55 lines
1.4 KiB
C
/*
|
|
* A security identifier table (sidtab) is a hash table
|
|
* of security context structures indexed by SID value.
|
|
*
|
|
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
|
*/
|
|
#ifndef _SS_SIDTAB_H_
|
|
#define _SS_SIDTAB_H_
|
|
|
|
#include "context.h"
|
|
|
|
struct sidtab_node {
|
|
u32 sid; /* security identifier */
|
|
struct context context; /* security context structure */
|
|
struct sidtab_node *next;
|
|
};
|
|
|
|
#define SIDTAB_HASH_BITS 7
|
|
#define SIDTAB_HASH_BUCKETS (1 << SIDTAB_HASH_BITS)
|
|
#define SIDTAB_HASH_MASK (SIDTAB_HASH_BUCKETS-1)
|
|
|
|
#define SIDTAB_SIZE SIDTAB_HASH_BUCKETS
|
|
|
|
struct sidtab {
|
|
struct sidtab_node **htable;
|
|
unsigned int nel; /* number of elements */
|
|
unsigned int next_sid; /* next SID to allocate */
|
|
unsigned char shutdown;
|
|
spinlock_t lock;
|
|
};
|
|
|
|
int sidtab_init(struct sidtab *s);
|
|
int sidtab_insert(struct sidtab *s, u32 sid, struct context *context);
|
|
struct context *sidtab_search(struct sidtab *s, u32 sid);
|
|
struct context *sidtab_search_force(struct sidtab *s, u32 sid);
|
|
|
|
int sidtab_map(struct sidtab *s,
|
|
int (*apply) (u32 sid,
|
|
struct context *context,
|
|
void *args),
|
|
void *args);
|
|
|
|
int sidtab_context_to_sid(struct sidtab *s,
|
|
struct context *context,
|
|
u32 *sid);
|
|
|
|
void sidtab_hash_eval(struct sidtab *h, char *tag);
|
|
void sidtab_destroy(struct sidtab *s);
|
|
void sidtab_set(struct sidtab *dst, struct sidtab *src);
|
|
void sidtab_shutdown(struct sidtab *s);
|
|
|
|
#endif /* _SS_SIDTAB_H_ */
|
|
|
|
|