mirror of
https://github.com/brain-hackers/linux-brain.git
synced 2024-06-09 23:36:23 +09:00
9e3cbdc523
[ Upstream commit c7d13358b6a2f49f81a34aa323a2d0878a0532a2 ]
This extension breaks when trying to delete rules, add a new revision to
fix this.
Fixes: 5e6874cdb8 ("[SECMARK]: Add xtables SECMARK target")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
30 lines
648 B
C
30 lines
648 B
C
/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
|
|
#ifndef _XT_SECMARK_H_target
|
|
#define _XT_SECMARK_H_target
|
|
|
|
#include <linux/types.h>
|
|
|
|
/*
|
|
* This is intended for use by various security subsystems (but not
|
|
* at the same time).
|
|
*
|
|
* 'mode' refers to the specific security subsystem which the
|
|
* packets are being marked for.
|
|
*/
|
|
#define SECMARK_MODE_SEL 0x01 /* SELinux */
|
|
#define SECMARK_SECCTX_MAX 256
|
|
|
|
struct xt_secmark_target_info {
|
|
__u8 mode;
|
|
__u32 secid;
|
|
char secctx[SECMARK_SECCTX_MAX];
|
|
};
|
|
|
|
struct xt_secmark_target_info_v1 {
|
|
__u8 mode;
|
|
char secctx[SECMARK_SECCTX_MAX];
|
|
__u32 secid;
|
|
};
|
|
|
|
#endif /*_XT_SECMARK_H_target */
|