aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2006-11-17 17:38:46 -0500
committerDavid S. Miller <davem@sunset.davemloft.net>2006-12-03 00:24:07 -0500
commit701a90bad99b8081a824cca52c178c8fc8f46bb2 (patch)
tree5fed88e6707e9122d7f16e4c5d8fea7c69e090ac /include
parentc6fa82a9dd6160e0bc980cb0401c16bf62f2fe66 (diff)
NetLabel: make netlbl_lsm_secattr struct easier/quicker to understand
The existing netlbl_lsm_secattr struct required the LSM to check all of the fields to determine if any security attributes were present resulting in a lot of work in the common case of no attributes. This patch adds a 'flags' field which is used to indicate which attributes are present in the structure; this should allow the LSM to do a quick comparison to determine if the structure holds any security attributes. Example: if (netlbl_lsm_secattr->flags) /* security attributes present */ else /* NO security attributes present */ Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include')
-rw-r--r--include/net/netlabel.h13
1 files changed, 11 insertions, 2 deletions
diff --git a/include/net/netlabel.h b/include/net/netlabel.h
index 4e223aa25e5b..d605d7954013 100644
--- a/include/net/netlabel.h
+++ b/include/net/netlabel.h
@@ -111,11 +111,17 @@ struct netlbl_lsm_cache {
111 void (*free) (const void *data); 111 void (*free) (const void *data);
112 void *data; 112 void *data;
113}; 113};
114#define NETLBL_SECATTR_NONE 0x00000000
115#define NETLBL_SECATTR_DOMAIN 0x00000001
116#define NETLBL_SECATTR_CACHE 0x00000002
117#define NETLBL_SECATTR_MLS_LVL 0x00000004
118#define NETLBL_SECATTR_MLS_CAT 0x00000008
114struct netlbl_lsm_secattr { 119struct netlbl_lsm_secattr {
120 u32 flags;
121
115 char *domain; 122 char *domain;
116 123
117 u32 mls_lvl; 124 u32 mls_lvl;
118 u32 mls_lvl_vld;
119 unsigned char *mls_cat; 125 unsigned char *mls_cat;
120 size_t mls_cat_len; 126 size_t mls_cat_len;
121 127
@@ -174,7 +180,10 @@ static inline void netlbl_secattr_cache_free(struct netlbl_lsm_cache *cache)
174 */ 180 */
175static inline void netlbl_secattr_init(struct netlbl_lsm_secattr *secattr) 181static inline void netlbl_secattr_init(struct netlbl_lsm_secattr *secattr)
176{ 182{
177 memset(secattr, 0, sizeof(*secattr)); 183 secattr->flags = 0;
184 secattr->domain = NULL;
185 secattr->mls_cat = NULL;
186 secattr->cache = NULL;
178} 187}
179 188
180/** 189/**