On Fri, 8 Sep 2006, Venkat Yekkirala wrote:
> -static inline int xfrm6_policy_check(struct sock *sk, int dir, struct sk_buff
> *skb)
> -{
> - return xfrm_policy_check(sk, dir, skb, AF_INET6);
> + if (sk && sk->sk_policy[XFRM_POLICY_IN])
> + ret = __xfrm_policy_check(sk, dir, sk
Invoke the skb_policy_check LSM hook for inbound (INPUT/FORWARD)
traffic for secid reconciliation and flow control.
Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]>
---
include/net/xfrm.h | 50 +++
1 file changed, 27 insertions(+), 23 deletions(-)
diff