diff options
author | James Morris <jmorris@namei.org> | 2006-06-09 00:29:17 -0700 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-06-17 21:29:57 -0700 |
commit | 984bc16cc92ea3c247bf34ad667cfb95331b9d3c (patch) | |
tree | 2342638457f43980501179056f4ba1e4e3c2c1aa /net/ipv6/ip6_output.c | |
parent | c749b29fae74ed59c507d84025b3298202b42609 (diff) | |
download | lwn-984bc16cc92ea3c247bf34ad667cfb95331b9d3c.tar.gz lwn-984bc16cc92ea3c247bf34ad667cfb95331b9d3c.zip |
[SECMARK]: Add secmark support to core networking.
Add a secmark field to the skbuff structure, to allow security subsystems to
place security markings on network packets. This is similar to the nfmark
field, except is intended for implementing security policy, rather than than
networking policy.
This patch was already acked in principle by Dave Miller.
Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6/ip6_output.c')
-rw-r--r-- | net/ipv6/ip6_output.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c index 416f6e428a0a..d29620f4910e 100644 --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c @@ -459,6 +459,7 @@ static void ip6_copy_metadata(struct sk_buff *to, struct sk_buff *from) nf_bridge_get(to->nf_bridge); #endif #endif + skb_copy_secmark(to, from); } int ip6_find_1stfragopt(struct sk_buff *skb, u8 **nexthdr) |