lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[MLSXFRM]: Flow based matching of xfrm policy and state

Browse Source 
This implements a seemless mechanism for xfrm policy selection and
state matching based on the flow sid. This also includes the necessary
SELinux enforcement pieces.

Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Venkat Yekkirala
2006-07-24 23:29:07 -07:00
committed by David S. Miller
parent b6340fcd76
commit e0d1caa7b0
9 changed files with 329 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
include/net/flow.h
View File

@@ -86,10 +86,10 @@ struct flowi {
#define FLOW_DIR_FWD 2
struct sock;
typedef void (*flow_resolve_t)(struct flowi *key, u32 sk_sid, u16 family, u8 dir,
typedef void (*flow_resolve_t)(struct flowi *key, u16 family, u8 dir,
void **objp, atomic_t **obj_refp);
extern void *flow_cache_lookup(struct flowi *key, u32 sk_sid, u16 family, u8 dir,
extern void *flow_cache_lookup(struct flowi *key, u16 family, u8 dir,
flow_resolve_t resolver);
extern void flow_cache_flush(void);
extern atomic_t flow_cache_genid;