diff options
| author | Richard Haines <richard_c_haines@btinternet.com> | 2018-02-13 23:56:24 +0300 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2018-02-27 01:45:23 +0300 |
| commit | 2277c7cd75e39783eeb7512a6c35f8b4abbe1039 (patch) | |
| tree | 247a9b36acd431330a479ccdcb9b277f0b4d4973 /include | |
| parent | b7e10c25b839c0c7579b2b402afc9883c107e09f (diff) | |
| download | linux-2277c7cd75e39783eeb7512a6c35f8b4abbe1039.tar.xz | |
sctp: Add LSM hooks
Add security hooks allowing security modules to exercise access control
over SCTP.
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'include')
| -rw-r--r-- | include/net/sctp/structs.h | 10 | ||||
| -rw-r--r-- | include/uapi/linux/sctp.h | 1 |
2 files changed, 11 insertions, 0 deletions
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h index ead5fcedc283..7a23896cddc4 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h @@ -1318,6 +1318,16 @@ struct sctp_endpoint { reconf_enable:1; __u8 strreset_enable; + + /* Security identifiers from incoming (INIT). These are set by + * security_sctp_assoc_request(). These will only be used by + * SCTP TCP type sockets and peeled off connections as they + * cause a new socket to be generated. security_sctp_sk_clone() + * will then plug these into the new socket. + */ + + u32 secid; + u32 peer_secid; }; /* Recover the outter endpoint structure. */ diff --git a/include/uapi/linux/sctp.h b/include/uapi/linux/sctp.h index 4c4db14786bd..64736edd6726 100644 --- a/include/uapi/linux/sctp.h +++ b/include/uapi/linux/sctp.h @@ -126,6 +126,7 @@ typedef __s32 sctp_assoc_t; #define SCTP_STREAM_SCHEDULER 123 #define SCTP_STREAM_SCHEDULER_VALUE 124 #define SCTP_INTERLEAVING_SUPPORTED 125 +#define SCTP_SENDMSG_CONNECT 126 /* PR-SCTP policies */ #define SCTP_PR_SCTP_NONE 0x0000 |