James Morris | 5e6874cd | 2006-06-09 00:30:57 -0700 | [diff] [blame] | 1 | #ifndef _XT_SECMARK_H_target |
| 2 | #define _XT_SECMARK_H_target |
| 3 | |
Arnd Bergmann | 60c195c | 2009-02-26 00:51:43 +0100 | [diff] [blame] | 4 | #include <linux/types.h> |
| 5 | |
James Morris | 5e6874cd | 2006-06-09 00:30:57 -0700 | [diff] [blame] | 6 | /* |
| 7 | * This is intended for use by various security subsystems (but not |
| 8 | * at the same time). |
| 9 | * |
| 10 | * 'mode' refers to the specific security subsystem which the |
| 11 | * packets are being marked for. |
| 12 | */ |
| 13 | #define SECMARK_MODE_SEL 0x01 /* SELinux */ |
Eric Paris | 2606fd1 | 2010-10-13 16:24:41 -0400 | [diff] [blame] | 14 | #define SECMARK_SECCTX_MAX 256 |
James Morris | 5e6874cd | 2006-06-09 00:30:57 -0700 | [diff] [blame] | 15 | |
| 16 | struct xt_secmark_target_info { |
Arnd Bergmann | 60c195c | 2009-02-26 00:51:43 +0100 | [diff] [blame] | 17 | __u8 mode; |
Eric Paris | 2606fd1 | 2010-10-13 16:24:41 -0400 | [diff] [blame] | 18 | __u32 secid; |
| 19 | char secctx[SECMARK_SECCTX_MAX]; |
James Morris | 5e6874cd | 2006-06-09 00:30:57 -0700 | [diff] [blame] | 20 | }; |
| 21 | |
| 22 | #endif /*_XT_SECMARK_H_target */ |