selinux_sctp_bind_connect

Name:Check if sctp IPv4/IPv6 addresses are valid for binding or connecting* based on their @optname.

Proto:static int selinux_sctp_bind_connect(struct sock *sk, int optname, struct sockaddr *address, int addrlen)

Type:int

Parameter:

Type	Parameter	Name
struct sock *	sk
int	optname
struct sockaddr *	address
int	addrlen

5276

err = 0 , walk_size = 0

5281

If Not selinux_policycap_extsockclass() Then Return 0

5285

sock = sk_socket

5286

addr_buf = address

5288

When walk_size < addrlen cycle

5289

If walk_size + sizeof(sa_family_t) > addrlen Then Return -EINVAL

5292

addr = addr_buf

5294

Case address family, AF_xxx == Supported address families.

5295

Case address family, AF_xxx == Internet IP Protocol

5296

len = sizeof(structsockaddr_in)

5297

Break

5298

Case address family, AF_xxx == IP version 6

5299

len = sizeof(structsockaddr_in6)

5300

Break

5301

Default

5302

Return -EINVAL

5305

If walk_size + len > addrlen Then Return -EINVAL

5308

5311

Case optname == SCTP_PRIMARY_ADDR

5312

Case optname == SCTP_SET_PEER_PRIMARY_ADDR

5313

Case optname == BINDX requests for adding addrs

5314

err = Range of port numbers used to automatically bind.Need to determine whether we should perform a name_bindpermission check between the socket and the port number.

5315

Break

5317

Case optname == CONNECTX requests.

5318

Case optname == SCTP_PARAM_SET_PRIMARY

5319

Case optname == SCTP_PARAM_ADD_IP

5320

Case optname == SCTP_SENDMSG_CONNECT

5321

err = This supports connect(2) and SCTP connect services such as sctp_connectx(3)* and sctp_sendmsg(3) as described in Documentation/security/SCTP.rst

5322

If err Then Return err

5336

err = selinux_netlbl_socket_connect_locked(sk, addr)

5337

Break

5340

If err Then Return err

5343

addr_buf += len

5344

walk_size += len

5347

Return 0

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion