NetLabel: convert to an extensibile/sparse category bitmap

The original NetLabel category bitmap was a straight char bitmap which worked fine for the initial release as it only supported 240 bits due to limitations in the CIPSO restricted bitmap tag (tag type 0x01). This patch converts that straight char bitmap into an extensibile/sparse bitmap in order to lay the foundation for other CIPSO tag types and protocols. This patch also has a nice side effect in that all of the security attributes passed by NetLabel into the LSM are now in a format which is in the host's native byte/bit ordering which makes the LSM specific code much simpler; look at the changes in security/selinux/ss/ebitmap.c as an example. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
author: Paul Moore <paul.moore@hp.com> 2006-11-29 13:18:18 -0500
committer: David S. Miller <davem@sunset.davemloft.net> 2006-12-03 00:31:36 -0500
commit: 02752760359db6b00a3ffb1acfc13ef8d9eb1e3f (patch)
tree: 796cd65fd4cd732b295e61dac194efbf36b78842 /security/selinux/ss/ebitmap.h
parent: ef91fd522ba3c88d9c68261c243567bc4c5a8f55 (diff)
1 files changed, 20 insertions, 6 deletions
diff --git a/security/selinux/ss/ebitmap.h b/security/selinux/ss/ebitmap.h
index da2d4651b10d..1270e34b61c1 100644
--- a/security/selinux/ss/ebitmap.h
+++ b/security/selinux/ss/ebitmap.h
@@ -14,6 +14,8 @@
 #ifndef _SS_EBITMAP_H_
 #define _SS_EBITMAP_H_
+#include <net/netlabel.h>
 #define MAPTYPE u64                     /* portion of bitmap in each node */
 #define MAPSIZE (sizeof(MAPTYPE) * 8)   /* number of bits in node bitmap */
 #define MAPBIT  1ULL                    /* a bit in the node bitmap */
@@ -69,16 +71,28 @@ static inline int ebitmap_node_get_bit(struct ebitmap_node * n,
 int ebitmap_cmp(struct ebitmap *e1, struct ebitmap *e2);
 int ebitmap_cpy(struct ebitmap *dst, struct ebitmap *src);
-int ebitmap_export(const struct ebitmap *src,
-                   unsigned char **dst,
-                   size_t *dst_len);
-int ebitmap_import(const unsigned char *src,
-                   size_t src_len,
-                   struct ebitmap *dst);
 int ebitmap_contains(struct ebitmap *e1, struct ebitmap *e2);
 int ebitmap_get_bit(struct ebitmap *e, unsigned long bit);
 int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value);
 void ebitmap_destroy(struct ebitmap *e);
 int ebitmap_read(struct ebitmap *e, void *fp);
+#ifdef CONFIG_NETLABEL
+int ebitmap_netlbl_export(struct ebitmap *ebmap,
+                          struct netlbl_lsm_secattr_catmap **catmap);
+int ebitmap_netlbl_import(struct ebitmap *ebmap,
+                          struct netlbl_lsm_secattr_catmap *catmap);
+#else
+static inline int ebitmap_netlbl_export(struct ebitmap *ebmap,
+                                struct netlbl_lsm_secattr_catmap **catmap)
+{
+        return -ENOMEM;
+}
+static inline int ebitmap_netlbl_import(struct ebitmap *ebmap,
+                                struct netlbl_lsm_secattr_catmap *catmap)
+{
+        return -ENOMEM;
+}
+#endif
 #endif  /* _SS_EBITMAP_H_ */
author	Paul Moore <paul.moore@hp.com>	2006-11-29 13:18:18 -0500
committer	David S. Miller <davem@sunset.davemloft.net>	2006-12-03 00:31:36 -0500
commit	02752760359db6b00a3ffb1acfc13ef8d9eb1e3f (patch)
tree	796cd65fd4cd732b295e61dac194efbf36b78842 /security/selinux/ss/ebitmap.h
parent	ef91fd522ba3c88d9c68261c243567bc4c5a8f55 (diff)