forked from Minki/linux
409dcf3153
It is likely that the SID for the same PKey will be requested many times. To reduce the time to modify QPs and process MADs use a cache to store PKey SIDs. This code is heavily based on the "netif" and "netport" concept originally developed by James Morris <jmorris@redhat.com> and Paul Moore <paul@paul-moore.com> (see security/selinux/netif.c and security/selinux/netport.c for more information) Signed-off-by: Daniel Jurgens <danielj@mellanox.com> Acked-by: Doug Ledford <dledford@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
32 lines
847 B
C
32 lines
847 B
C
/*
|
|
* pkey table
|
|
*
|
|
* SELinux must keep a mapping of pkeys to labels/SIDs. This
|
|
* mapping is maintained as part of the normal policy but a fast cache is
|
|
* needed to reduce the lookup overhead.
|
|
*
|
|
*/
|
|
|
|
/*
|
|
* (c) Mellanox Technologies, 2016
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of version 2 of the GNU General Public License as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
*/
|
|
|
|
#ifndef _SELINUX_IB_PKEY_H
|
|
#define _SELINUX_IB_PKEY_H
|
|
|
|
void sel_ib_pkey_flush(void);
|
|
|
|
int sel_ib_pkey_sid(u64 subnet_prefix, u16 pkey, u32 *sid);
|
|
|
|
#endif
|