kernel_5.10 no rt

hc

2023-12-11 6778948f9de86c3cfaf36725a7c87dcff9ba247f

 kernel/security/selinux/ss/context.h
..
..
@@ -31,7 +31,6 @@
31
31
 	u32 len;        /* length of string in bytes */
32
32
 	struct mls_range range;
33
33
 	char *str;	/* string representation if context cannot be mapped. */
34
-	u32 hash;	/* a hash of the string representation */
35
34
 };
36
35
 
37
36
 static inline void mls_context_init(struct context *c)
..
..
@@ -96,6 +95,38 @@
96
95
 	return rc;
97
96
 }
98
97
 
98
+
99
+static inline int mls_context_glblub(struct context *dst,
100
+				     struct context *c1, struct context *c2)
101
+{
102
+	struct mls_range *dr = &dst->range, *r1 = &c1->range, *r2 = &c2->range;
103
+	int rc = 0;
104
+
105
+	if (r1->level[1].sens < r2->level[0].sens ||
106
+	    r2->level[1].sens < r1->level[0].sens)
107
+		/* These ranges have no common sensitivities */
108
+		return -EINVAL;
109
+
110
+	/* Take the greatest of the low */
111
+	dr->level[0].sens = max(r1->level[0].sens, r2->level[0].sens);
112
+
113
+	/* Take the least of the high */
114
+	dr->level[1].sens = min(r1->level[1].sens, r2->level[1].sens);
115
+
116
+	rc = ebitmap_and(&dr->level[0].cat,
117
+			 &r1->level[0].cat, &r2->level[0].cat);
118
+	if (rc)
119
+		goto out;
120
+
121
+	rc = ebitmap_and(&dr->level[1].cat,
122
+			 &r1->level[1].cat, &r2->level[1].cat);
123
+	if (rc)
124
+		goto out;
125
+
126
+out:
127
+	return rc;
128
+}
129
+
99
130
 static inline int mls_context_cmp(struct context *c1, struct context *c2)
100
131
 {
101
132
 	return ((c1->range.level[0].sens == c2->range.level[0].sens) &&
..
..
@@ -137,13 +168,12 @@
137
168
 		kfree(dst->str);
138
169
 		return rc;
139
170
 	}
140
-	dst->hash = src->hash;
141
171
 	return 0;
142
172
 }
143
173
 
144
174
 static inline void context_destroy(struct context *c)
145
175
 {
146
-	c->user = c->role = c->type = c->hash = 0;
176
+	c->user = c->role = c->type = 0;
147
177
 	kfree(c->str);
148
178
 	c->str = NULL;
149
179
 	c->len = 0;
..
..
@@ -152,8 +182,6 @@
152
182
 
153
183
 static inline int context_cmp(struct context *c1, struct context *c2)
154
184
 {
155
-	if (c1->hash && c2->hash && (c1->hash != c2->hash))
156
-		return 0;
157
185
 	if (c1->len && c2->len)
158
186
 		return (c1->len == c2->len && !strcmp(c1->str, c2->str));
159
187
 	if (c1->len || c2->len)
..
..
@@ -164,10 +192,7 @@
164
192
 		mls_context_cmp(c1, c2));
165
193
 }
166
194
 
167
-static inline unsigned int context_compute_hash(const char *s)
168
-{
169
-	return full_name_hash(NULL, s, strlen(s));
170
-}
195
+u32 context_compute_hash(const struct context *c);
171
196
 
172
197
 #endif	/* _SS_CONTEXT_H_ */
173
198