1 /* Author : Stephen Smalley, <sds@epoch.ncsc.mil> */ 2 3 /* FLASK */ 4 5 /* 6 * A security identifier table (sidtab) is a hash table 7 * of security context structures indexed by SID value. 8 */ 9 10 #ifndef _SEPOL_POLICYDB_SIDTAB_H_ 11 #define _SEPOL_POLICYDB_SIDTAB_H_ 12 13 #include <sepol/policydb/context.h> 14 15 #ifdef __cplusplus 16 extern "C" { 17 #endif 18 19 typedef struct sidtab_node { 20 sepol_security_id_t sid; /* security identifier */ 21 context_struct_t context; /* security context structure */ 22 struct sidtab_node *next; 23 } sidtab_node_t; 24 25 typedef struct sidtab_node *sidtab_ptr_t; 26 27 #define SIDTAB_HASH_BITS 7 28 #define SIDTAB_HASH_BUCKETS (1 << SIDTAB_HASH_BITS) 29 #define SIDTAB_HASH_MASK (SIDTAB_HASH_BUCKETS-1) 30 31 #define SIDTAB_SIZE SIDTAB_HASH_BUCKETS 32 33 typedef struct { 34 sidtab_ptr_t *htable; 35 unsigned int nel; /* number of elements */ 36 unsigned int next_sid; /* next SID to allocate */ 37 unsigned char shutdown; 38 } sidtab_t; 39 40 extern int sepol_sidtab_init(sidtab_t * s); 41 42 extern int sepol_sidtab_insert(sidtab_t * s, 43 sepol_security_id_t sid, 44 context_struct_t * context); 45 46 extern context_struct_t *sepol_sidtab_search(sidtab_t * s, 47 sepol_security_id_t sid); 48 49 extern int sepol_sidtab_map(sidtab_t * s, 50 int (*apply) (sepol_security_id_t sid, 51 context_struct_t * context, 52 void *args), void *args); 53 54 extern void sepol_sidtab_map_remove_on_error(sidtab_t * s, 55 int (*apply) (sepol_security_id_t 56 s, 57 context_struct_t * 58 context, void *args), 59 void *args); 60 61 extern int sepol_sidtab_context_to_sid(sidtab_t * s, /* IN */ 62 context_struct_t * context, /* IN */ 63 sepol_security_id_t * sid); /* OUT */ 64 65 extern void sepol_sidtab_hash_eval(sidtab_t * h, char *tag); 66 67 extern void sepol_sidtab_destroy(sidtab_t * s); 68 69 extern void sepol_sidtab_set(sidtab_t * dst, sidtab_t * src); 70 71 extern void sepol_sidtab_shutdown(sidtab_t * s); 72 73 #ifdef __cplusplus 74 } 75 #endif 76 77 #endif /* _SIDTAB_H_ */ 78 79 /* FLASK */ 80