> > - if (err)
> > - goto out;
> > + /* if (err) */
> > + /* goto out; */
> >
> > - err = selinux_xfrm_sock_rcv_skb(sksec->sid, skb, &ad);
> > -out: + /* err =
> selinux_xfrm_sock_rcv_skb(sksec->sid, skb, &ad); */
> > +out: return err;
> > }
>
>
On Tue, 1 Aug 2006, Venkat Yekkirala wrote:
> - if (err)
> - goto out;
> + /* if (err) */
> + /* goto out; */
>
> - err = selinux_xfrm_sock_rcv_skb(sksec->sid, skb, &ad);
> -out: + /* err = selinux_xfrm_sock_rcv_skb(sksec->sid, skb, &ad); */
> +out:
Add skb_policy_check hook to LSM to enable reconciliation of the
various security identifiers as well as enforce flow control on
inbound (INPUT/FORWARD) traffic.
Also defines reconciliation for SELinux.
Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]>
---
dummy.c|7 ++
hooks.c| 3
