diff options
author | Paul Moore <paul.moore@hp.com> | 2006-11-17 17:38:46 -0500 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-12-03 00:24:07 -0500 |
commit | 701a90bad99b8081a824cca52c178c8fc8f46bb2 (patch) | |
tree | 5fed88e6707e9122d7f16e4c5d8fea7c69e090ac /include/net | |
parent | c6fa82a9dd6160e0bc980cb0401c16bf62f2fe66 (diff) |
NetLabel: make netlbl_lsm_secattr struct easier/quicker to understand
The existing netlbl_lsm_secattr struct required the LSM to check all of the
fields to determine if any security attributes were present resulting in a lot
of work in the common case of no attributes. This patch adds a 'flags' field
which is used to indicate which attributes are present in the structure; this
should allow the LSM to do a quick comparison to determine if the structure
holds any security attributes.
Example:
if (netlbl_lsm_secattr->flags)
/* security attributes present */
else
/* NO security attributes present */
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/netlabel.h | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 4e223aa25e5b..d605d7954013 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h | |||
@@ -111,11 +111,17 @@ struct netlbl_lsm_cache { | |||
111 | void (*free) (const void *data); | 111 | void (*free) (const void *data); |
112 | void *data; | 112 | void *data; |
113 | }; | 113 | }; |
114 | #define NETLBL_SECATTR_NONE 0x00000000 | ||
115 | #define NETLBL_SECATTR_DOMAIN 0x00000001 | ||
116 | #define NETLBL_SECATTR_CACHE 0x00000002 | ||
117 | #define NETLBL_SECATTR_MLS_LVL 0x00000004 | ||
118 | #define NETLBL_SECATTR_MLS_CAT 0x00000008 | ||
114 | struct netlbl_lsm_secattr { | 119 | struct netlbl_lsm_secattr { |
120 | u32 flags; | ||
121 | |||
115 | char *domain; | 122 | char *domain; |
116 | 123 | ||
117 | u32 mls_lvl; | 124 | u32 mls_lvl; |
118 | u32 mls_lvl_vld; | ||
119 | unsigned char *mls_cat; | 125 | unsigned char *mls_cat; |
120 | size_t mls_cat_len; | 126 | size_t mls_cat_len; |
121 | 127 | ||
@@ -174,7 +180,10 @@ static inline void netlbl_secattr_cache_free(struct netlbl_lsm_cache *cache) | |||
174 | */ | 180 | */ |
175 | static inline void netlbl_secattr_init(struct netlbl_lsm_secattr *secattr) | 181 | static inline void netlbl_secattr_init(struct netlbl_lsm_secattr *secattr) |
176 | { | 182 | { |
177 | memset(secattr, 0, sizeof(*secattr)); | 183 | secattr->flags = 0; |
184 | secattr->domain = NULL; | ||
185 | secattr->mls_cat = NULL; | ||
186 | secattr->cache = NULL; | ||
178 | } | 187 | } |
179 | 188 | ||
180 | /** | 189 | /** |