mac label of mbufs
Ilmar S. Habibulin
ilmar at watson.org
Tue Mar 26 19:33:32 GMT 2002
I'm trying to implement compartments in mls and biba models, which will be
used in cipso and ipsec packet labeling subsystems. But i have problems
with extending struct mac. With 256 bits compartment added to each model i
have 140 bytes long label and it causes panic while network access (for
ex. "tcphdr too big"). So my proposal is to change struct mac in mbuf to
struct mac * or to use aux mbuf pointer. The first way is the simpliest
imho, i'm investigating the other right now.
Any thoughts?
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list