From 2277c7cd75e39783eeb7512a6c35f8b4abbe1039 Mon Sep 17 00:00:00 2001
From: Richard Haines <richard_c_haines@btinternet.com>
Date: Tue, 13 Feb 2018 20:56:24 +0000
Subject: sctp: Add LSM hooks

Add security hooks allowing security modules to exercise access control
over SCTP.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
---
 include/net/sctp/structs.h | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'include/net/sctp/structs.h')

diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
index ead5fcedc283..7a23896cddc4 100644
--- a/include/net/sctp/structs.h
+++ b/include/net/sctp/structs.h
@@ -1318,6 +1318,16 @@ struct sctp_endpoint {
 	      reconf_enable:1;
 
 	__u8  strreset_enable;
+
+	/* Security identifiers from incoming (INIT). These are set by
+	 * security_sctp_assoc_request(). These will only be used by
+	 * SCTP TCP type sockets and peeled off connections as they
+	 * cause a new socket to be generated. security_sctp_sk_clone()
+	 * will then plug these into the new socket.
+	 */
+
+	u32 secid;
+	u32 peer_secid;
 };
 
 /* Recover the outter endpoint structure. */
-- 
cgit v1.2.3