1 files changed, 46 insertions, 0 deletions
diff --git a/Documentation/netlabel/introduction.txt b/Documentation/netlabel/introduction.txt
new file mode 100644
index 000000000000..a4ffba1694c8
--- /dev/null
+++ b/Documentation/netlabel/introduction.txt
@@ -0,0 +1,46 @@
+NetLabel Introduction
+==============================================================================
+Paul Moore, paul.moore@hp.com
+August 2, 2006
+ * Overview
+NetLabel is a mechanism which can be used by kernel security modules to attach
+security attributes to outgoing network packets generated from user space
+applications and read security attributes from incoming network packets.  It
+is composed of three main components, the protocol engines, the communication
+layer, and the kernel security module API.
+ * Protocol Engines
+The protocol engines are responsible for both applying and retrieving the
+network packet's security attributes.  If any translation between the network
+security attributes and those on the host are required then the protocol
+engine will handle those tasks as well.  Other kernel subsystems should
+refrain from calling the protocol engines directly, instead they should use
+the NetLabel kernel security module API described below.
+Detailed information about each NetLabel protocol engine can be found in this
+directory, consult '00-INDEX' for filenames.
+ * Communication Layer
+The communication layer exists to allow NetLabel configuration and monitoring
+from user space.  The NetLabel communication layer uses a message based
+protocol built on top of the Generic NETLINK transport mechanism.  The exact
+formatting of these NetLabel messages as well as the Generic NETLINK family
+names can be found in the the 'net/netlabel/' directory as comments in the
+header files as well as in 'include/net/netlabel.h'.
+ * Security Module API
+The purpose of the NetLabel security module API is to provide a protocol
+independent interface to the underlying NetLabel protocol engines.  In addition
+to protocol independence, the security module API is designed to be completely
+LSM independent which should allow multiple LSMs to leverage the same code
+base.
+Detailed information about the NetLabel security module API can be found in the
+'include/net/netlabel.h' header file as well as the 'lsm_interface.txt' file
+found in this directory.

diff --git a/Documentation/netlabel/introduction.txt b/Documentation/netlabel/introduction.txt new file mode 100644 index 000000000000..a4ffba1694c8 --- /dev/null +++ b/Documentation/netlabel/introduction.txt
@@ -0,0 +1,46 @@
	1	NetLabel Introduction
	2	==============================================================================
	3	Paul Moore, paul.moore@hp.com
	4
	5	August 2, 2006
	6
	7	* Overview
	8
	9	NetLabel is a mechanism which can be used by kernel security modules to attach
	10	security attributes to outgoing network packets generated from user space
	11	applications and read security attributes from incoming network packets. It
	12	is composed of three main components, the protocol engines, the communication
	13	layer, and the kernel security module API.
	14
	15	* Protocol Engines
	16
	17	The protocol engines are responsible for both applying and retrieving the
	18	network packet's security attributes. If any translation between the network
	19	security attributes and those on the host are required then the protocol
	20	engine will handle those tasks as well. Other kernel subsystems should
	21	refrain from calling the protocol engines directly, instead they should use
	22	the NetLabel kernel security module API described below.
	23
	24	Detailed information about each NetLabel protocol engine can be found in this
	25	directory, consult '00-INDEX' for filenames.
	26
	27	* Communication Layer
	28
	29	The communication layer exists to allow NetLabel configuration and monitoring
	30	from user space. The NetLabel communication layer uses a message based
	31	protocol built on top of the Generic NETLINK transport mechanism. The exact
	32	formatting of these NetLabel messages as well as the Generic NETLINK family
	33	names can be found in the the 'net/netlabel/' directory as comments in the
	34	header files as well as in 'include/net/netlabel.h'.
	35
	36	* Security Module API
	37
	38	The purpose of the NetLabel security module API is to provide a protocol
	39	independent interface to the underlying NetLabel protocol engines. In addition
	40	to protocol independence, the security module API is designed to be completely
	41	LSM independent which should allow multiple LSMs to leverage the same code
	42	base.
	43
	44	Detailed information about the NetLabel security module API can be found in the
	45	'include/net/netlabel.h' header file as well as the 'lsm_interface.txt' file
	46	found in this directory.