diff options
author | Venkat Yekkirala <vyekkirala@TrustedCS.com> | 2006-07-25 02:29:07 -0400 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-09-22 17:53:24 -0400 |
commit | e0d1caa7b0d5f02e4f34aa09c695d04251310c6c (patch) | |
tree | bf023c17abf6813f2694ebf5fafff82edd6a1023 /include/net | |
parent | b6340fcd761acf9249b3acbc95c4dc555d9beb07 (diff) |
[MLSXFRM]: Flow based matching of xfrm policy and state
This implements a seemless mechanism for xfrm policy selection and
state matching based on the flow sid. This also includes the necessary
SELinux enforcement pieces.
Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/flow.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/include/net/flow.h b/include/net/flow.h index 1cee5a83433a..21d988b2058a 100644 --- a/include/net/flow.h +++ b/include/net/flow.h | |||
@@ -86,10 +86,10 @@ struct flowi { | |||
86 | #define FLOW_DIR_FWD 2 | 86 | #define FLOW_DIR_FWD 2 |
87 | 87 | ||
88 | struct sock; | 88 | struct sock; |
89 | typedef void (*flow_resolve_t)(struct flowi *key, u32 sk_sid, u16 family, u8 dir, | 89 | typedef void (*flow_resolve_t)(struct flowi *key, u16 family, u8 dir, |
90 | void **objp, atomic_t **obj_refp); | 90 | void **objp, atomic_t **obj_refp); |
91 | 91 | ||
92 | extern void *flow_cache_lookup(struct flowi *key, u32 sk_sid, u16 family, u8 dir, | 92 | extern void *flow_cache_lookup(struct flowi *key, u16 family, u8 dir, |
93 | flow_resolve_t resolver); | 93 | flow_resolve_t resolver); |
94 | extern void flow_cache_flush(void); | 94 | extern void flow_cache_flush(void); |
95 | extern atomic_t flow_cache_genid; | 95 | extern atomic_t flow_cache_genid; |