summaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorRichard Haines <richard_c_haines@btinternet.com>2018-02-13 20:56:24 +0000
committerPaul Moore <paul@paul-moore.com>2018-02-26 17:45:23 -0500
commit2277c7cd75e39783eeb7512a6c35f8b4abbe1039 (patch)
tree247a9b36acd431330a479ccdcb9b277f0b4d4973 /include/net
parentb7e10c25b839c0c7579b2b402afc9883c107e09f (diff)
downloadlinux-stable-2277c7cd75e39783eeb7512a6c35f8b4abbe1039.tar.gz
linux-stable-2277c7cd75e39783eeb7512a6c35f8b4abbe1039.tar.bz2
linux-stable-2277c7cd75e39783eeb7512a6c35f8b4abbe1039.zip
sctp: Add LSM hooks
Add security hooks allowing security modules to exercise access control over SCTP. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/sctp/structs.h10
1 files changed, 10 insertions, 0 deletions
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
index ead5fcedc283..7a23896cddc4 100644
--- a/include/net/sctp/structs.h
+++ b/include/net/sctp/structs.h
@@ -1318,6 +1318,16 @@ struct sctp_endpoint {
reconf_enable:1;
__u8 strreset_enable;
+
+ /* Security identifiers from incoming (INIT). These are set by
+ * security_sctp_assoc_request(). These will only be used by
+ * SCTP TCP type sockets and peeled off connections as they
+ * cause a new socket to be generated. security_sctp_sk_clone()
+ * will then plug these into the new socket.
+ */
+
+ u32 secid;
+ u32 peer_secid;
};
/* Recover the outter endpoint structure. */