^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) .. SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) =================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) LSM/SeLinux secid
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) =================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) flowi structure:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) The secid member in the flow structure is used in LSMs (e.g. SELinux) to indicate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) the label of the flow. This label of the flow is currently used in selecting
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) matching labeled xfrm(s).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) If this is an outbound flow, the label is derived from the socket, if any, or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) the incoming packet this flow is being generated as a response to (e.g. tcp
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) resets, timewait ack, etc.). It is also conceivable that the label could be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) derived from other sources such as process context, device, etc., in special
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) cases, as may be appropriate.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) If this is an inbound flow, the label is derived from the IPSec security
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) associations, if any, used by the packet.
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags