diff options
Diffstat (limited to 'include/uapi/linux/netfilter/xt_SECMARK.h')
-rw-r--r-- | include/uapi/linux/netfilter/xt_SECMARK.h | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/include/uapi/linux/netfilter/xt_SECMARK.h b/include/uapi/linux/netfilter/xt_SECMARK.h new file mode 100644 index 000000000..beb2cadba --- /dev/null +++ b/include/uapi/linux/netfilter/xt_SECMARK.h @@ -0,0 +1,29 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +#ifndef _XT_SECMARK_H_target +#define _XT_SECMARK_H_target + +#include <linux/types.h> + +/* + * This is intended for use by various security subsystems (but not + * at the same time). + * + * 'mode' refers to the specific security subsystem which the + * packets are being marked for. + */ +#define SECMARK_MODE_SEL 0x01 /* SELinux */ +#define SECMARK_SECCTX_MAX 256 + +struct xt_secmark_target_info { + __u8 mode; + __u32 secid; + char secctx[SECMARK_SECCTX_MAX]; +}; + +struct xt_secmark_target_info_v1 { + __u8 mode; + char secctx[SECMARK_SECCTX_MAX]; + __u32 secid; +}; + +#endif /*_XT_SECMARK_H_target */ |