00001 /**************************************/ 00002 /* Rule Set Based Access Control */ 00003 /* Author and (c) 1999-2006: */ 00004 /* Amon Ott <ao@rsbac.org> */ 00005 /* Data structures / MAC */ 00006 /* Last modified: 12/Jan/2006 */ 00007 /**************************************/ 00008 00009 #ifndef __RSBAC_MAC_DATA_STRUC_H 00010 #define __RSBAC_MAC_DATA_STRUC_H 00011 00012 #include <linux/types.h> 00013 #include <rsbac/aci.h> 00014 #include <rsbac/types.h> 00015 00016 /**********************************************/ 00017 /* Capability lists */ 00018 /**********************************************/ 00019 00020 #define RSBAC_MAC_LIST_KEY 626281 00021 00022 #define RSBAC_MAC_P_LIST_VERSION 1 00023 #define RSBAC_MAC_P_LIST_NAME "macptru" 00024 00025 #define RSBAC_MAC_FD_FILENAME "macfdtru" 00026 #define RSBAC_MAC_FD_OLD_FILENAME "macfdtru." 00027 #define RSBAC_MAC_NR_TRU_FD_LISTS 4 00028 #define RSBAC_MAC_FD_LIST_VERSION 1 00029 00030 /* The list of devices is also a double linked list, so we define list */ 00031 /* items and a list head. */ 00032 00033 struct rsbac_mac_device_list_item_t { 00034 kdev_t id; /* set to 0 before deletion */ 00035 u_int mount_count; 00036 rsbac_list_handle_t handle; 00037 struct rsbac_mac_device_list_item_t *prev; 00038 struct rsbac_mac_device_list_item_t *next; 00039 }; 00040 00041 /* To provide consistency we use spinlocks for all list accesses. The */ 00042 /* 'curr' entry is used to avoid repeated lookups for the same item. */ 00043 00044 struct rsbac_mac_device_list_head_t { 00045 struct rsbac_mac_device_list_item_t *head; 00046 struct rsbac_mac_device_list_item_t *tail; 00047 struct rsbac_mac_device_list_item_t *curr; 00048 rwlock_t lock; 00049 u_int count; 00050 }; 00051 00052 #endif