From mboxrd@z Thu Jan  1 00:00:00 1970
From: Mr Dash Four <mr.dash.four@googlemail.com>
Subject: [PATCH 2/2] iptables (kernel): add secmark match
Date: Tue, 05 Mar 2013 12:48:59 +0000
Message-ID: <5135E9BB.8080409@googlemail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="utf-8"; Format="flowed"
Content-Transfer-Encoding: base64
Cc: Netfilter Core Team <netfilter-devel@vger.kernel.org>,
	Fedora SELinux Users <selinux@lists.fedoraproject.org>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Return-path: <selinux-bounces@lists.fedoraproject.org>
List-Unsubscribe: <https://admin.fedoraproject.org/mailman/options/selinux>,
	<mailto:selinux-request@lists.fedoraproject.org?subject=unsubscribe>
List-Archive: <http://lists.fedoraproject.org/pipermail/selinux/>
List-Post: <mailto:selinux@lists.fedoraproject.org>
List-Help: <mailto:selinux-request@lists.fedoraproject.org?subject=help>
List-Subscribe: <https://admin.fedoraproject.org/mailman/listinfo/selinux>,
	<mailto:selinux-request@lists.fedoraproject.org?subject=subscribe>
Sender: selinux-bounces@lists.fedoraproject.org
Errors-To: selinux-bounces@lists.fedoraproject.org
List-Id: netfilter-devel.vger.kernel.org

VGhpcyBwYXRjaCBpcyBwYXJ0IG9mIHRoZSBrZXJuZWwgY2hhbmdlcyBuZWVkZWQgZm9yIHRoZSAi
c2VjbWFyayIgbWF0Y2gKaW4gaXB0YWJsZXMuCgpTaWduZWQtb2ZmLWJ5OiBNciBEYXNoIEZvdXIg
PG1yLmRhc2guZm91ckBnb29nbGVtYWlsLmNvbT4KLS0tCiAgaW5jbHVkZS91YXBpL2xpbnV4L25l
dGZpbHRlci9LYnVpbGQgICAgICAgfCAgICAxICsKICBpbmNsdWRlL3VhcGkvbGludXgvbmV0Zmls
dGVyL3h0X3NlY21hcmsuaCB8ICAgMjQgKysrKysrCiAgbmV0L25ldGZpbHRlci9LY29uZmlnICAg
ICAgICAgICAgICAgICAgICAgfCAgIDEwICsrKwogIG5ldC9uZXRmaWx0ZXIvTWFrZWZpbGUgICAg
ICAgICAgICAgICAgICAgIHwgICAgMSArCiAgbmV0L25ldGZpbHRlci94dF9zZWNtYXJrLmMgICAg
ICAgICAgICAgICAgfCAgMTE3ICsrKysrKysrKysrKysrKysrKysrKysrKysrKysrCiAgNSBmaWxl
cyBjaGFuZ2VkLCAxNTMgaW5zZXJ0aW9ucygrKQogIGNyZWF0ZSBtb2RlIDEwMDY0NCBpbmNsdWRl
L3VhcGkvbGludXgvbmV0ZmlsdGVyL3h0X3NlY21hcmsuaAogIGNyZWF0ZSBtb2RlIDEwMDY0NCBu
ZXQvbmV0ZmlsdGVyL3h0X3NlY21hcmsuYwoKZGlmZiAtLWdpdCBhL2luY2x1ZGUvdWFwaS9saW51
eC9uZXRmaWx0ZXIvS2J1aWxkIGIvaW5jbHVkZS91YXBpL2xpbnV4L25ldGZpbHRlci9LYnVpbGQK
aW5kZXggNDExMTU3Ny4uNDg4NGVkZCAxMDA2NDQKLS0tIGEvaW5jbHVkZS91YXBpL2xpbnV4L25l
dGZpbHRlci9LYnVpbGQKKysrIGIvaW5jbHVkZS91YXBpL2xpbnV4L25ldGZpbHRlci9LYnVpbGQK
QEAgLTY5LDYgKzY5LDcgQEAgaGVhZGVyLXkgKz0geHRfcmF0ZWVzdC5oCiAgaGVhZGVyLXkgKz0g
eHRfcmVhbG0uaAogIGhlYWRlci15ICs9IHh0X3JlY2VudC5oCiAgaGVhZGVyLXkgKz0geHRfc2N0
cC5oCitoZWFkZXIteSArPSB4dF9zZWNtYXJrLmgKICBoZWFkZXIteSArPSB4dF9zZXQuaAogIGhl
YWRlci15ICs9IHh0X3NvY2tldC5oCiAgaGVhZGVyLXkgKz0geHRfc3RhdGUuaApkaWZmIC0tZ2l0
IGEvaW5jbHVkZS91YXBpL2xpbnV4L25ldGZpbHRlci94dF9zZWNtYXJrLmggYi9pbmNsdWRlL3Vh
cGkvbGludXgvbmV0ZmlsdGVyL3h0X3NlY21hcmsuaApuZXcgZmlsZSBtb2RlIDEwMDY0NAppbmRl
eCAwMDAwMDAwLi5jNzRhMzVkCi0tLSAvZGV2L251bGwKKysrIGIvaW5jbHVkZS91YXBpL2xpbnV4
L25ldGZpbHRlci94dF9zZWNtYXJrLmgKQEAgLTAsMCArMSwyNCBAQAorI2lmbmRlZiBfWFRfU0VD
TUFSS19NQVRDSF9ICisjZGVmaW5lIF9YVF9TRUNNQVJLX01BVENIX0gKKworI2luY2x1ZGUgPGxp
bnV4L3R5cGVzLmg+CisKKy8qCisgKiBIZWFkZXIgZmlsZSBmb3IgaXB0YWJsZXMgeHRfc2VjbWFy
ayBtYXRjaAorICoKKyAqIFRoaXMgaXMgaW50ZW5kZWQgZm9yIHVzZSBieSB2YXJpb3VzIHNlY3Vy
aXR5IHN1YnN5c3RlbXMgKGJ1dCBub3QKKyAqIGF0IHRoZSBzYW1lIHRpbWUpLgorICoKKyAqICdt
b2RlJyByZWZlcnMgdG8gdGhlIHNwZWNpZmljIHNlY3VyaXR5IHN1YnN5c3RlbSB3aGljaCB0aGUK
KyAqIHBhY2tldHMgYXJlIGJlaW5nIG1hcmtlZCBmb3IuCisgKi8KKyNkZWZpbmUgU0VDTUFSS19N
T0RFX1NFTAkweDAxCQkvKiBTRUxpbnV4ICovCisjZGVmaW5lIFNFQ01BUktfU0VDQ1RYX01BWAky
NTYKKworc3RydWN0IHh0X3NlY21hcmtfbWF0Y2hfaW5mbyB7CisJX191OCBtb2RlOworCV9fdTMy
IHNlY2lkOworCWNoYXIgc2VjY3R4W1NFQ01BUktfU0VDQ1RYX01BWF07Cit9OworCisjZW5kaWYg
LyogX1hUX1NFQ01BUktfTUFUQ0hfSCAqLwpkaWZmIC0tZ2l0IGEvbmV0L25ldGZpbHRlci9LY29u
ZmlnIGIvbmV0L25ldGZpbHRlci9LY29uZmlnCmluZGV4IDU2ZDIyY2EuLmQ1M2VhMTQgMTAwNjQ0
Ci0tLSBhL25ldC9uZXRmaWx0ZXIvS2NvbmZpZworKysgYi9uZXQvbmV0ZmlsdGVyL0tjb25maWcK
QEAgLTExNjYsNiArMTE2NiwxNiBAQCBjb25maWcgTkVURklMVEVSX1hUX01BVENIX1JFQ0VOVAog
IAlTaG9ydCBvcHRpb25zIGFyZSBhdmFpbGFibGUgYnkgdXNpbmcgJ2lwdGFibGVzIC1tIHJlY2Vu
dCAtaCcKICAJT2ZmaWNpYWwgV2Vic2l0ZTogPGh0dHA6Ly9zbm93bWFuLm5ldC9wcm9qZWN0cy9p
cHRfcmVjZW50Lz4KCitjb25maWcgTkVURklMVEVSX1hUX01BVENIX1NFQ01BUksKKwl0cmlzdGF0
ZSAnInNlY21hcmsiIG1hdGNoIHN1cHBvcnQnCisJZGVwZW5kcyBvbiBORl9DT05OVFJBQ0sgJiYg
TkZfQ09OTlRSQUNLX1NFQ01BUksKKwlkZWZhdWx0IG0gaWYgTkVURklMVEVSX0FEVkFOQ0VEPW4K
KwloZWxwCisJICBUaGUgU0VDTUFSSyBtYXRjaCBhbGxvd3MgbWF0Y2hpbmcgb24gc2VjdXJpdHkg
bWFya2luZyBvZiBuZXR3b3JrCisJICBwYWNrZXRzLCBmb3IgdXNlIHdpdGggc2VjdXJpdHkgc3Vi
c3lzdGVtcy4KKworCSAgVG8gY29tcGlsZSBpdCBhcyBhIG1vZHVsZSwgY2hvb3NlIE0gaGVyZS4g
IElmIHVuc3VyZSwgc2F5IE4uCisKICBjb25maWcgTkVURklMVEVSX1hUX01BVENIX1NDVFAKICAJ
dHJpc3RhdGUgICcic2N0cCIgcHJvdG9jb2wgbWF0Y2ggc3VwcG9ydCcKICAJZGVwZW5kcyBvbiBO
RVRGSUxURVJfQURWQU5DRUQKZGlmZiAtLWdpdCBhL25ldC9uZXRmaWx0ZXIvTWFrZWZpbGUgYi9u
ZXQvbmV0ZmlsdGVyL01ha2VmaWxlCmluZGV4IGExYWJmODcuLjY4NmM0YzMgMTAwNjQ0Ci0tLSBh
L25ldC9uZXRmaWx0ZXIvTWFrZWZpbGUKKysrIGIvbmV0L25ldGZpbHRlci9NYWtlZmlsZQpAQCAt
MTM5LDYgKzEzOSw3IEBAIG9iai0kKENPTkZJR19ORVRGSUxURVJfWFRfTUFUQ0hfU1RSSU5HKSAr
PSB4dF9zdHJpbmcubwogIG9iai0kKENPTkZJR19ORVRGSUxURVJfWFRfTUFUQ0hfVENQTVNTKSAr
PSB4dF90Y3Btc3MubwogIG9iai0kKENPTkZJR19ORVRGSUxURVJfWFRfTUFUQ0hfVElNRSkgKz0g
eHRfdGltZS5vCiAgb2JqLSQoQ09ORklHX05FVEZJTFRFUl9YVF9NQVRDSF9VMzIpICs9IHh0X3Uz
Mi5vCitvYmotJChDT05GSUdfTkVURklMVEVSX1hUX01BVENIX1NFQ01BUkspICs9IHh0X3NlY21h
cmsubwoKICAjIGlwc2V0CiAgb2JqLSQoQ09ORklHX0lQX1NFVCkgKz0gaXBzZXQvCmRpZmYgLS1n
aXQgYS9uZXQvbmV0ZmlsdGVyL3h0X3NlY21hcmsuYyBiL25ldC9uZXRmaWx0ZXIveHRfc2VjbWFy
ay5jCm5ldyBmaWxlIG1vZGUgMTAwNjQ0CmluZGV4IDAwMDAwMDAuLjg4MzdkMTMKLS0tIC9kZXYv
bnVsbAorKysgYi9uZXQvbmV0ZmlsdGVyL3h0X3NlY21hcmsuYwpAQCAtMCwwICsxLDExNyBAQAor
LyoKKyAqIFRoaXMgcHJvZ3JhbSBpcyBmcmVlIHNvZnR3YXJlOyB5b3UgY2FuIHJlZGlzdHJpYnV0
ZSBpdCBhbmQvb3IgbW9kaWZ5CisgKiBpdCB1bmRlciB0aGUgdGVybXMgb2YgdGhlIEdOVSBHZW5l
cmFsIFB1YmxpYyBMaWNlbnNlIHZlcnNpb24gMiAob3IgYW55CisgKiBsYXRlciBhdCB5b3VyIG9w
dGlvbikgYXMgcHVibGlzaGVkIGJ5IHRoZSBGcmVlIFNvZnR3YXJlIEZvdW5kYXRpb24uCisgKi8K
KworI2RlZmluZSBwcl9mbXQoZm10KSBLQlVJTERfTU9ETkFNRSAiOiAiIGZtdAorI2luY2x1ZGUg
PGxpbnV4L21vZHVsZS5oPgorI2luY2x1ZGUgPGxpbnV4L3NlY3VyaXR5Lmg+CisjaW5jbHVkZSA8
bGludXgvc2tidWZmLmg+CisKKyNpbmNsdWRlIDxsaW51eC9uZXRmaWx0ZXIveF90YWJsZXMuaD4K
KyNpbmNsdWRlIDx1YXBpL2xpbnV4L25ldGZpbHRlci94dF9zZWNtYXJrLmg+CisKK01PRFVMRV9B
VVRIT1IoIk1yIERhc2ggRm91ciA8bXIuZGFzaC5mb3VyQGdvb2dsZW1haWwuY29tPiIpOworTU9E
VUxFX0RFU0NSSVBUSU9OKCJYdGFibGVzOiBzZWN1cml0eSBtYXJrIG1hdGNoIik7CitNT0RVTEVf
TElDRU5TRSgiR1BMIik7CitNT0RVTEVfQUxJQVMoImlwdF9zZWNtYXJrIik7CitNT0RVTEVfQUxJ
QVMoImlwNnRfc2VjbWFyayIpOworCitzdGF0aWMgdTggbW9kZTsKKworc3RhdGljIGJvb2wgc2Vj
bWFya19tdChjb25zdCBzdHJ1Y3Qgc2tfYnVmZiAqc2tiLCBzdHJ1Y3QgeHRfYWN0aW9uX3BhcmFt
ICpwYXIpCit7CisJY29uc3Qgc3RydWN0IHh0X3NlY21hcmtfbWF0Y2hfaW5mbyAqaW5mbyA9IHBh
ci0+dGFyZ2luZm87CisJdTMyIHNlY21hcmsgPSAwOworCisJQlVHX09OKGluZm8tPm1vZGUgIT0g
bW9kZSk7CisKKwlzd2l0Y2ggKG1vZGUpIHsKKwljYXNlIFNFQ01BUktfTU9ERV9TRUw6CisJCXNl
Y21hcmsgPSBpbmZvLT5zZWNpZDsKKwkJYnJlYWs7CisJZGVmYXVsdDoKKwkJQlVHKCk7CisJfQor
CisJcmV0dXJuIChza2ItPnNlY21hcmsgIT0gMCAmJiBzZWNtYXJrICE9IDAgJiYgc2tiLT5zZWNt
YXJrID09IHNlY21hcmspOworfQorCitzdGF0aWMgaW50IGNoZWNrZW50cnlfbHNtKHN0cnVjdCB4
dF9zZWNtYXJrX21hdGNoX2luZm8gKmluZm8pCit7CisJaW50IGVycjsKKworCWluZm8tPnNlY2N0
eFtTRUNNQVJLX1NFQ0NUWF9NQVggLSAxXSA9ICdcMCc7CisJaW5mby0+c2VjaWQgPSAwOworCisJ
ZXJyID0gc2VjdXJpdHlfc2VjY3R4X3RvX3NlY2lkKGluZm8tPnNlY2N0eCwgc3RybGVuKGluZm8t
PnNlY2N0eCksCisJCQkJICAgICAgICZpbmZvLT5zZWNpZCk7CisJaWYgKGVycikgeworCQlpZiAo
ZXJyID09IC1FSU5WQUwpCisJCQlwcl9pbmZvKCJpbnZhbGlkIHNlY3VyaXR5IGNvbnRleHQgXCcl
c1wnXG4iLCBpbmZvLT5zZWNjdHgpOworCQlyZXR1cm4gZXJyOworCX0KKworCWlmICghaW5mby0+
c2VjaWQpIHsKKwkJcHJfaW5mbygidW5hYmxlIHRvIG1hcCBzZWN1cml0eSBjb250ZXh0IFwnJXNc
J1xuIiwgaW5mby0+c2VjY3R4KTsKKwkJcmV0dXJuIC1FTk9FTlQ7CisJfQorCisJcmV0dXJuIDA7
Cit9CisKK3N0YXRpYyBpbnQKK3NlY21hcmtfbXRfY2hlY2tlbnRyeShjb25zdCBzdHJ1Y3QgeHRf
bXRjaGtfcGFyYW0gKnBhcikKK3sKKwlzdHJ1Y3QgeHRfc2VjbWFya19tYXRjaF9pbmZvICppbmZv
ID0gcGFyLT5tYXRjaGluZm87CisJaW50IGVycjsKKworCWlmIChtb2RlICYmIG1vZGUgIT0gaW5m
by0+bW9kZSkgeworCQlwcl9pbmZvKCJtb2RlIGFscmVhZHkgc2V0IHRvICVodSBjYW5ub3QgbWl4
IHdpdGggIgorCQkJInJ1bGVzIGZvciBtb2RlICVodVxuIiwgbW9kZSwgaW5mby0+bW9kZSk7CisJ
CXJldHVybiAtRUlOVkFMOworCX0KKworCXN3aXRjaCAoaW5mby0+bW9kZSkgeworCWNhc2UgU0VD
TUFSS19NT0RFX1NFTDoKKwkJYnJlYWs7CisJZGVmYXVsdDoKKwkJcHJfaW5mbygiaW52YWxpZCBt
b2RlOiAlaHVcbiIsIGluZm8tPm1vZGUpOworCQlyZXR1cm4gLUVJTlZBTDsKKwl9CisKKwllcnIg
PSBjaGVja2VudHJ5X2xzbShpbmZvKTsKKwlpZiAoZXJyKQorCQlyZXR1cm4gZXJyOworCisJaWYg
KCFtb2RlKQorCQltb2RlID0gaW5mby0+bW9kZTsKKwlyZXR1cm4gMDsKK30KKworc3RhdGljIHZv
aWQKK3NlY21hcmtfbXRfZGVzdHJveShjb25zdCBzdHJ1Y3QgeHRfbXRkdG9yX3BhcmFtICpwYXIp
IHsgfQorCitzdGF0aWMgc3RydWN0IHh0X21hdGNoIHNlY21hcmtfbXRfcmVnIF9fcmVhZF9tb3N0
bHkgPSB7CisJLm5hbWUgICAgICAgPSAic2VjbWFyayIsCisJLmZhbWlseSAgICAgPSBORlBST1RP
X1VOU1BFQywKKwkuY2hlY2tlbnRyeSA9IHNlY21hcmtfbXRfY2hlY2tlbnRyeSwKKwkubWF0Y2gg
ICAgICA9IHNlY21hcmtfbXQsCisJLmRlc3Ryb3kgICAgPSBzZWNtYXJrX210X2Rlc3Ryb3ksCisJ
Lm1hdGNoc2l6ZSAgPSBzaXplb2Yoc3RydWN0IHh0X3NlY21hcmtfbWF0Y2hfaW5mbyksCisJLm1l
ICAgICAgICAgPSBUSElTX01PRFVMRSwKK307CisKK3N0YXRpYyBpbnQgX19pbml0IHNlY21hcmtf
bXRfaW5pdCh2b2lkKQoreworCXJldHVybiB4dF9yZWdpc3Rlcl9tYXRjaCgmc2VjbWFya19tdF9y
ZWcpOworfQorCitzdGF0aWMgdm9pZCBfX2V4aXQgc2VjbWFya19tdF9leGl0KHZvaWQpCit7CisJ
eHRfdW5yZWdpc3Rlcl9tYXRjaCgmc2VjbWFya19tdF9yZWcpOworfQorCittb2R1bGVfaW5pdChz
ZWNtYXJrX210X2luaXQpOworbW9kdWxlX2V4aXQoc2VjbWFya19tdF9leGl0KTsKCgoKCi0tCnNl
bGludXggbWFpbGluZyBsaXN0CnNlbGludXhAbGlzdHMuZmVkb3JhcHJvamVjdC5vcmcKaHR0cHM6
Ly9hZG1pbi5mZWRvcmFwcm9qZWN0Lm9yZy9tYWlsbWFuL2xpc3RpbmZvL3NlbGludXg=