linux/include/net
Paul Moore 948bf85c1b netlabel: Add functionality to set the security attributes of a packet
This patch builds upon the new NetLabel address selector functionality by
providing the NetLabel KAPI and CIPSO engine support needed to enable the
new packet-based labeling.  The only new addition to the NetLabel KAPI at
this point is shown below:

 * int netlbl_skbuff_setattr(skb, family, secattr)

... and is designed to be called from a Netfilter hook after the packet's
IP header has been populated such as in the FORWARD or LOCAL_OUT hooks.

This patch also provides the necessary SELinux hooks to support this new
functionality.  Smack support is not currently included due to uncertainty
regarding the permissions needed to expand the Smack network access controls.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Reviewed-by: James Morris <jmorris@namei.org>
2008-10-10 10:16:32 -04:00
..
9p 9p: implement proper trans module refcounting and unregistration 2008-09-24 16:22:23 -05:00
bluetooth [Bluetooth] Reject L2CAP connections on an insecure ACL link 2008-09-09 07:19:20 +02:00
irda pkt_sched: Add qdisc_all_tx_empty() 2008-07-08 23:00:25 -07:00
iucv
netfilter netfilter: accounting rework: ct_extend + 64bit counters (v4) 2008-07-21 10:10:58 -07:00
netns netns: dont alloc ipv6 fib timer list 2008-07-22 14:33:45 -07:00
sctp sctp: Fix kernel panic while process protocol violation parameter 2008-09-30 05:32:24 -07:00
tc_act
tipc tipc: Remove unneeded parameter to tipc_createport_raw() 2008-07-14 22:42:19 -07:00
act_api.h
addrconf.h netns: Add network namespace argument to rt6_fill_node() and ipv6_dev_get_saddr() 2008-08-14 15:33:21 -07:00
af_rxrpc.h
af_unix.h [PATCH] f_count may wrap around 2008-07-26 20:53:40 -04:00
ah.h
arp.h
atmclip.h
ax25.h
ax88796.h
cfg80211.h
checksum.h
cipso_ipv4.h netlabel: Add functionality to set the security attributes of a packet 2008-10-10 10:16:32 -04:00
compat.h net: Use standard structures for generic socket address structures. 2008-07-19 22:35:47 -07:00
datalink.h
dn_dev.h
dn_fib.h
dn_neigh.h
dn_nsp.h
dn_route.h
dn.h
dsfield.h
dst.h net: Kill plain NET_XMIT_BYPASS. 2008-08-04 23:04:08 -07:00
esp.h
fib_rules.h net: add fib_rules_ops to flush_cache method 2008-07-05 19:01:28 -07:00
flow.h ipv4: remove unused field in struct flowi (include/net/flow.h). 2008-08-05 01:19:50 -07:00
garp.h vlan: Add GVRP support 2008-07-05 21:26:57 -07:00
gen_stats.h
genetlink.h netlink: Improve returned error codes 2008-06-03 16:36:54 -07:00
icmp.h mib: put icmpmsg statistics on struct net 2008-07-18 04:04:22 -07:00
ieee80211_crypt.h
ieee80211_radiotap.h include: use get/put_unaligned_* helpers 2008-07-25 10:53:26 -07:00
ieee80211.h remove ieee80211_wx_{get,set}_auth() 2008-05-07 15:02:14 -04:00
if_inet6.h ipv6: make struct ipv6_devconf static 2008-07-22 14:21:58 -07:00
inet6_connection_sock.h
inet6_hashtables.h netns: introduce the net_hash_mix "salt" for hashes 2008-06-16 17:14:11 -07:00
inet_common.h
inet_connection_sock.h
inet_ecn.h
inet_frag.h
inet_hashtables.h netns: introduce the net_hash_mix "salt" for hashes 2008-06-16 17:14:11 -07:00
inet_sock.h netns: introduce the net_hash_mix "salt" for hashes 2008-06-16 17:14:11 -07:00
inet_timewait_sock.h netns : fix kernel panic in timewait socket destruction 2008-09-08 13:17:27 -07:00
inetpeer.h net: remove CVS keywords 2008-06-11 21:00:38 -07:00
ip6_checksum.h
ip6_fib.h
ip6_route.h netns: Add network namespace argument to rt6_fill_node() and ipv6_dev_get_saddr() 2008-08-14 15:33:21 -07:00
ip6_tunnel.h net: remove CVS keywords 2008-06-11 21:00:38 -07:00
ip_fib.h
ip_vs.h ipvs: Embed estimator object into stats object 2008-08-11 14:00:43 +02:00
ip.h [PATCH] sysctl: make sure that /proc/sys/net/ipv4 appears before per-ns ones 2008-07-26 20:53:10 -04:00
ipcomp.h ipsec: ipcomp - Merge IPComp implementations 2008-07-25 02:54:40 -07:00
ipconfig.h net: remove CVS keywords 2008-06-11 21:00:38 -07:00
ipip.h tunnels: Remove stat member from ip_tunnel struct. 2008-05-21 14:16:36 -07:00
ipv6.h net: missing bits of net-namespace / sysctl 2008-07-27 04:40:51 -07:00
ipx.h
iw_handler.h wext: Emit event stream entries correctly when compat. 2008-06-16 18:50:49 -07:00
lapb.h
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h
mac80211.h mac80211: remove kdoc references to IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE 2008-08-18 11:05:14 -04:00
mip6.h
ndisc.h ndisc: Add missing strategies for per-device retrans timer/reachable time settings. 2008-05-19 16:25:42 -07:00
neighbour.h core: add stat to track unresolved discards in neighbor cache 2008-07-16 20:50:49 -07:00
net_namespace.h [PATCH] beginning of sysctl cleanup - ctl_table_set 2008-07-26 20:53:08 -04:00
netdma.h
netevent.h
netlabel.h netlabel: Add functionality to set the security attributes of a packet 2008-10-10 10:16:32 -04:00
netlink.h netlink: fix overrun in attribute iteration 2008-09-11 19:05:29 -07:00
netrom.h
nexthop.h
p8022.h
pkt_cls.h
pkt_sched.h pkt_sched: Fix qdisc list locking 2008-08-22 03:31:39 -07:00
protocol.h
psnap.h
raw.h
rawv6.h
red.h
request_sock.h tcp: Fix kernel panic when calling tcp_v(4/6)_md5_do_lookup 2008-08-06 23:50:04 -07:00
rose.h rose: improving AX25 routing frames via ROSE network 2008-06-17 17:08:32 -07:00
route.h net: missing bits of net-namespace / sysctl 2008-07-27 04:40:51 -07:00
rtnetlink.h
sch_generic.h pkt_sched: Fix sch_tree_lock() 2008-08-27 02:27:10 -07:00
scm.h
slhc_vj.h
snmp.h net: remove CVS keywords 2008-06-11 21:00:38 -07:00
sock.h sock: add net to prot->enter_memory_pressure callback 2008-07-16 20:28:10 -07:00
stp.h net: Add STP demux layer 2008-07-05 21:25:39 -07:00
syncppp.h Remove bogus variables from syncppp.[ch] 2008-07-23 23:00:31 +02:00
tcp_states.h
tcp.h tcp: options clean up 2008-07-19 00:04:31 -07:00
timewait_sock.h
transp_v6.h net: change proto destroy method to return void 2008-06-14 17:04:49 -07:00
udp.h mib: put udplite statistics on struct net 2008-07-18 04:03:45 -07:00
udplite.h
wext.h wext: Dispatch and handle compat ioctls entirely in net/wireless/wext.c 2008-06-16 18:32:46 -07:00
wireless.h mac80211: allow disable FAT in specific configurations 2008-06-03 15:00:26 -04:00
x25.h
x25device.h
xfrm.h xfrm: convert empty xfrm_audit_* macros to functions 2008-05-03 21:03:01 -07:00