aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/ss/services.c
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2008-04-10 10:48:14 -0400
committerJames Morris <jmorris@namei.org>2008-04-18 06:26:16 -0400
commit3e11217263d0521e212cb8a017fbc2a1514db78f (patch)
treed3b399c3d907cd90afd27003000fd9d99212f44b /security/selinux/ss/services.c
parent832cbd9aa1293cba57d06571f5fc8f0917c672af (diff)
SELinux: Add network port SID cache
Much like we added a network node cache, this patch adds a network port cache. The design is taken almost completely from the network node cache which in turn was taken from the network interface cache. The basic idea is to cache entries in a hash table based on protocol/port information. The hash function only takes the port number into account since the number of different protocols in use at any one time is expected to be relatively small. Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/ss/services.c')
-rw-r--r--security/selinux/ss/services.c8
1 files changed, 1 insertions, 7 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 098c96b6f9de..d75050819b06 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1472,17 +1472,11 @@ err:
1472 1472
1473/** 1473/**
1474 * security_port_sid - Obtain the SID for a port. 1474 * security_port_sid - Obtain the SID for a port.
1475 * @domain: communication domain aka address family
1476 * @type: socket type
1477 * @protocol: protocol number 1475 * @protocol: protocol number
1478 * @port: port number 1476 * @port: port number
1479 * @out_sid: security identifier 1477 * @out_sid: security identifier
1480 */ 1478 */
1481int security_port_sid(u16 domain, 1479int security_port_sid(u8 protocol, u16 port, u32 *out_sid)
1482 u16 type,
1483 u8 protocol,
1484 u16 port,
1485 u32 *out_sid)
1486{ 1480{
1487 struct ocontext *c; 1481 struct ocontext *c;
1488 int rc = 0; 1482 int rc = 0;