diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-07-30 23:09:20 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-07-30 23:09:20 +0000 |
| commit | 2cef0b19012954545a36d025c2a5c758fbd3a00b (patch) | |
| tree | 6296473f1b87777feb0697d893b7fc38640bb4f7 /sys/netinet/ip_var.h | |
| parent | f476cee6025c9a56bad1af5eefc46de8cae24547 (diff) | |
| download | FreeBSD-src-2cef0b19012954545a36d025c2a5c758fbd3a00b.zip FreeBSD-src-2cef0b19012954545a36d025c2a5c758fbd3a00b.tar.gz | |
Introduce support for Mandatory Access Control and extensible
kernel access control.
Label IP fragment reassembly queues, permitting security features to
be maintained on those objects. ipq_label will be used to manage
the reassembly of fragments into IP datagrams using security
properties. This permits policies to deny the reassembly of fragments,
as well as influence the resulting label of a datagram following
reassembly.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'sys/netinet/ip_var.h')
| -rw-r--r-- | sys/netinet/ip_var.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h index 79f8336..4efb589 100644 --- a/sys/netinet/ip_var.h +++ b/sys/netinet/ip_var.h @@ -68,6 +68,7 @@ struct ipq { u_int32_t ipq_div_info; /* ipfw divert port & flags */ u_int16_t ipq_div_cookie; /* ipfw divert cookie */ #endif + struct label ipq_label; /* MAC label */ }; #endif /* _KERNEL */ |
