Herbert Xu <[EMAIL PROTECTED]>
07/18/2005 06:07 PM
To: Trent Jaeger/Watson/[EMAIL PROTECTED]
cc: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED],
netdev@vger.kernel.org, Serge E Hallyn/Austin/[EMAIL PROTECTED],
[EMAIL PROTECTED], [EMAIL PROTECTED]
Subje
On Mon, Jul 18, 2005 at 01:50:33PM -0400, jaegert wrote:
>
> @@ -190,8 +191,9 @@ void *flow_cache_lookup(struct flowi *ke
> if (fle->genid == atomic_read(&flow_cache_genid)) {
> void *ret = fle->object;
>
> - if (ret)
This patch adds LSM hooks to the XFRM subsystem code. This patch
differs from previous ones in that an authorizer function pointer
is passed to flow_cache_lookup in order to use LSM to authorize
previously cached entries -- as suggested in my reply to Herbert.
This approach is consistent with how
