On Sun, Sep 23, 2018 at 08:26:15PM +0200, Christian Göttsche wrote: > Add the ability to set the security context of packets within the nf_tables framework. > Add a nft_object for holding security contexts in the kernel and manipulating packets on the wire. > > Convert the security context strings at rule addition time to security identifiers. > This is the same behavior like in xt_SECMARK and offers better performance than computing it per packet. > > Set the maximum security context length to 256. Applied, thanks Christian. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
