security_sctp_assoc_request()
security_sctp_bind_connect()
security_sctp_sk_clone()
- security_sctp_assoc_established()
+
+Also the following security hook has been utilised::
+
+ security_inet_conn_established()
The usage of these hooks are described below with the SELinux implementation
described in the `SCTP SELinux Support`_ chapter.
@newsk - pointer to new sock structure.
-security_sctp_assoc_established()
+security_inet_conn_established()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Called when a COOKIE ACK is received, and the peer secid will be
-saved into ``@asoc->peer_secid`` for client::
+Called when a COOKIE ACK is received::
- @asoc - pointer to sctp association structure.
+ @sk - pointer to sock structure.
@skb - pointer to skbuff of the COOKIE ACK packet.
-------------------------------------------------
The following diagram shows the use of ``security_sctp_bind_connect()``,
-``security_sctp_assoc_request()``, ``security_sctp_assoc_established()`` when
+``security_sctp_assoc_request()``, ``security_inet_conn_established()`` when
establishing an association.
::
<------------------------------------------- COOKIE ACK
| |
sctp_sf_do_5_1E_ca |
- Call security_sctp_assoc_established() |
+ Call security_inet_conn_established() |
to set the peer label. |
| |
| If SCTP_SOCKET_TCP or peeled off
security_sctp_assoc_request()
security_sctp_bind_connect()
security_sctp_sk_clone()
- security_sctp_assoc_established()
+ security_inet_conn_established()
security_sctp_assoc_request()
@newsk - pointer to new sock structure.
-security_sctp_assoc_established()
+security_inet_conn_established()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Called when a COOKIE ACK is received where it sets the connection's peer sid
to that in ``@skb``::
- @asoc - pointer to sctp association structure.
+ @sk - pointer to sock structure.
@skb - pointer to skbuff of the COOKIE ACK packet.