€•kØ      Œsphinx.addnodes”Œdocument”“”)”}”(Œ	rawsource”Œ ”Œchildren”]”(Œtranslations”ŒLanguagesNode”“”)”}”(hhh]”(h Œpending_xref”“”)”}”(hhh]”Œdocutils.nodes”ŒText”“”ŒEnglish”…””}”Œparent”hsbaŒ
attributes”}”(Œids”]”Œclasses”]”Œnames”]”Œdupnames”]”Œbackrefs”]”Œ	refdomain”Œstd”Œreftype”Œdoc”Œ	reftarget”Œ/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuŒtagname”hhhubh)”}”(hhh]”hŒChinese (Traditional)”…””}”hh2sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ!/translations/zh_TW/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒItalian”…””}”hhFsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ!/translations/it_IT/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒJapanese”…””}”hhZsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ!/translations/ja_JP/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒKorean”…””}”hhnsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ!/translations/ko_KR/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒSpanish”…””}”hh‚sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ!/translations/sp_SP/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubeh}”(h]”h ]”h"]”h$]”h&]”Œcurrent_language”ŒChinese (Simplified)”uh1h
hhŒ	_document”hŒsource”NŒline”NubhŒcomment”“”)”}”(hŒ SPDX-License-Identifier: GPL-2.0”h]”hŒ SPDX-License-Identifier: GPL-2.0”…””}”hh£sbah}”(h]”h ]”h"]”h$]”h&]”Œ	xml:space”Œpreserve”uh1h¡hhhžhhŸŒN/var/lib/git/docbuild/linux/Documentation/translations/zh_CN/security/SCTP.rst”h KubhŒnote”“”)”}”(hX{  æ­¤æ–‡ä»¶çš„ç›®çš„æ˜¯ä¸ºè®©ä¸­æ–‡è¯»è€…æ›´å®¹æ˜“é˜…è¯»å’Œç†è§£ï¼Œè€Œä¸æ˜¯ä½œä¸ºä¸€ä¸ªåˆ†æ”¯ã€‚ å› æ­¤ï¼Œ
å¦‚æžœæ‚¨å¯¹æ­¤æ–‡ä»¶æœ‰ä»»ä½•æ„è§æˆ–æ›´æ–°ï¼Œè¯·å…ˆå°è¯•æ›´æ–°åŽŸå§‹è‹±æ–‡æ–‡ä»¶ã€‚
å¦‚æžœæ‚¨å‘çŽ°æœ¬æ–‡æ¡£ä¸ŽåŽŸå§‹æ–‡ä»¶æœ‰ä»»ä½•ä¸åŒæˆ–è€…æœ‰ç¿»è¯‘é—®é¢˜ï¼Œè¯·å‘å»ºè®®æˆ–è€…è¡¥ä¸ç»™
è¯¥æ–‡ä»¶çš„è¯‘è€…ï¼Œæˆ–è€…è¯·æ±‚ä¸­æ–‡æ–‡æ¡£ç»´æŠ¤è€…å’Œå®¡é˜…è€…çš„å¸®åŠ©ã€‚”h]”hŒ	paragraph”“”)”}”(hX{  æ­¤æ–‡ä»¶çš„ç›®çš„æ˜¯ä¸ºè®©ä¸­æ–‡è¯»è€…æ›´å®¹æ˜“é˜…è¯»å’Œç†è§£ï¼Œè€Œä¸æ˜¯ä½œä¸ºä¸€ä¸ªåˆ†æ”¯ã€‚ å› æ­¤ï¼Œ
å¦‚æžœæ‚¨å¯¹æ­¤æ–‡ä»¶æœ‰ä»»ä½•æ„è§æˆ–æ›´æ–°ï¼Œè¯·å…ˆå°è¯•æ›´æ–°åŽŸå§‹è‹±æ–‡æ–‡ä»¶ã€‚
å¦‚æžœæ‚¨å‘çŽ°æœ¬æ–‡æ¡£ä¸ŽåŽŸå§‹æ–‡ä»¶æœ‰ä»»ä½•ä¸åŒæˆ–è€…æœ‰ç¿»è¯‘é—®é¢˜ï¼Œè¯·å‘å»ºè®®æˆ–è€…è¡¥ä¸ç»™
è¯¥æ–‡ä»¶çš„è¯‘è€…ï¼Œæˆ–è€…è¯·æ±‚ä¸­æ–‡æ–‡æ¡£ç»´æŠ¤è€…å’Œå®¡é˜…è€…çš„å¸®åŠ©ã€‚”h]”hX{  æ­¤æ–‡ä»¶çš„ç›®çš„æ˜¯ä¸ºè®©ä¸­æ–‡è¯»è€…æ›´å®¹æ˜“é˜…è¯»å’Œç†è§£ï¼Œè€Œä¸æ˜¯ä½œä¸ºä¸€ä¸ªåˆ†æ”¯ã€‚ å› æ­¤ï¼Œ
å¦‚æžœæ‚¨å¯¹æ­¤æ–‡ä»¶æœ‰ä»»ä½•æ„è§æˆ–æ›´æ–°ï¼Œè¯·å…ˆå°è¯•æ›´æ–°åŽŸå§‹è‹±æ–‡æ–‡ä»¶ã€‚
å¦‚æžœæ‚¨å‘çŽ°æœ¬æ–‡æ¡£ä¸ŽåŽŸå§‹æ–‡ä»¶æœ‰ä»»ä½•ä¸åŒæˆ–è€…æœ‰ç¿»è¯‘é—®é¢˜ï¼Œè¯·å‘å»ºè®®æˆ–è€…è¡¥ä¸ç»™
è¯¥æ–‡ä»¶çš„è¯‘è€…ï¼Œæˆ–è€…è¯·æ±‚ä¸­æ–‡æ–‡æ¡£ç»´æŠ¤è€…å’Œå®¡é˜…è€…çš„å¸®åŠ©ã€‚”…””}”(hh¼hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸŒ5Documentation/translations/zh_CN/disclaimer-zh_CN.rst”h Khh¶ubah}”(h]”h ]”h"]”h$]”h&]”uh1h´hhhžhhŸhÊh NubhŒ
field_list”“”)”}”(hhh]”(hŒfield”“”)”}”(hhh]”(hŒ
field_name”“”)”}”(hŒOriginal”h]”hŒOriginal”…””}”(hhÝhžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÛhhØhŸh³h K ubhŒ
field_body”“”)”}”(hŒ Documentation/security/SCTP.rst
”h]”h»)”}”(hŒDocumentation/security/SCTP.rst”h]”hŒDocumentation/security/SCTP.rst”…””}”(hhñhžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h Khhíubah}”(h]”h ]”h"]”h$]”h&]”uh1hëhhØubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÖhŸh³h KhhÓhžhubh×)”}”(hhh]”(hÜ)”}”(hŒç¿»è¯‘”h]”hŒç¿»è¯‘”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÛhj  hŸh³h K ubhì)”}”(hŒ.èµµç¡• Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
”h]”h»)”}”(hŒ-èµµç¡• Shuo Zhao <zhaoshuo@cqsoftware.com.cn>”h]”(hŒèµµç¡• Shuo Zhao <”…””}”(hj   hžhhŸNh NubhŒ	reference”“”)”}”(hŒzhaoshuo@cqsoftware.com.cn”h]”hŒzhaoshuo@cqsoftware.com.cn”…””}”(hj*  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”Œ!mailto:zhaoshuo@cqsoftware.com.cn”uh1j(  hj   ubhŒ>”…””}”(hj   hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h Khj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hëhj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÖhŸh³h KhhÓhžhubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÑhhhžhhŸh³h KubhŒsection”“”)”}”(hhh]”(hŒtitle”“”)”}”(hŒSCTP”h]”hŒSCTP”…””}”(hj]  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hjX  hžhhŸh³h KubjW  )”}”(hhh]”(j\  )”}”(hŒSCTPçš„LSMæ”¯æŒ”h]”hŒSCTPçš„LSMæ”¯æŒ”…””}”(hjn  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hjk  hžhhŸh³h KubjW  )”}”(hhh]”(j\  )”}”(hŒå®‰å…¨é’©å­”h]”hŒå®‰å…¨é’©å­”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hj|  hžhhŸh³h Kubh»)”}”(hŒHå¯¹äºŽå®‰å…¨æ¨¡å—æ”¯æŒï¼Œå·²ç»å®žçŽ°äº†ä¸‰ä¸ªç‰¹å®šäºŽSCTPçš„é’©å­::”h]”hŒGå¯¹äºŽå®‰å…¨æ¨¡å—æ”¯æŒï¼Œå·²ç»å®žçŽ°äº†ä¸‰ä¸ªç‰¹å®šäºŽSCTPçš„é’©å­:”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h Khj|  hžhubhŒliteral_block”“”)”}”(hŒusecurity_sctp_assoc_request()
security_sctp_bind_connect()
security_sctp_sk_clone()
security_sctp_assoc_established()”h]”hŒusecurity_sctp_assoc_request()
security_sctp_bind_connect()
security_sctp_sk_clone()
security_sctp_assoc_established()”…””}”hj  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h Khj|  hžhubh»)”}”(hŒ\è¿™äº›é’©å­çš„ç”¨æ³•åœ¨ä¸‹é¢çš„ `SCTPçš„SELinuxæ”¯æŒ`_ ä¸€ç« ä¸­æè¿°SELinuxçš„å®žçŽ°ã€‚”h]”(hŒ"è¿™äº›é’©å­çš„ç”¨æ³•åœ¨ä¸‹é¢çš„ ”…””}”(hj«  hžhhŸNh Nubj)  )”}”(hŒ`SCTPçš„SELinuxæ”¯æŒ`_”h]”hŒSCTPçš„SELinuxæ”¯æŒ”…””}”(hj³  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”Œname”ŒSCTPçš„SELinuxæ”¯æŒ”Œrefid”Œsctpselinux”uh1j(  hj«  Œresolved”KubhŒ# ä¸€ç« ä¸­æè¿°SELinuxçš„å®žçŽ°ã€‚”…””}”(hj«  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h Khj|  hžhubjW  )”}”(hhh]”(j\  )”}”(hŒsecurity_sctp_assoc_request()”h]”hŒsecurity_sctp_assoc_request()”…””}”(hjÓ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hjÐ  hžhhŸh³h Kubh»)”}”(hŒ€å°†å…³è”INITæ•°æ®åŒ…çš„ ``@asoc`` å’Œ ``@chunk->skb`` ä¼ é€’ç»™å®‰å…¨æ¨¡å—ã€‚
æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥æ—¶è¿”å›žé”™è¯¯ã€‚
::”h]”(hŒå°†å…³è”INITæ•°æ®åŒ…çš„ ”…””}”(hjá  hžhhŸNh NubhŒliteral”“”)”}”(hŒ	``@asoc``”h]”hŒ@asoc”…””}”(hjë  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjá  ubhŒ å’Œ ”…””}”(hjá  hžhhŸNh Nubjê  )”}”(hŒ``@chunk->skb``”h]”hŒ@chunk->skb”…””}”(hjý  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjá  ubhŒF ä¼ é€’ç»™å®‰å…¨æ¨¡å—ã€‚
æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥æ—¶è¿”å›žé”™è¯¯ã€‚”…””}”(hjá  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h KhjÐ  hžhubjœ  )”}”(hŒ_@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘åŒ…å«å…³è”æ•°æ®åŒ…skbuffçš„æŒ‡é’ˆã€‚”h]”hŒ_@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘åŒ…å«å…³è”æ•°æ®åŒ…skbuffçš„æŒ‡é’ˆã€‚”…””}”hj  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h K#hjÐ  hžhubeh}”(h]”Œsecurity-sctp-assoc-request”ah ]”h"]”h$]”Œsecurity_sctp_assoc_request()”ah&]”uh1jV  hj|  hžhhŸh³h KŒ
referenced”KubjW  )”}”(hhh]”(j\  )”}”(hŒsecurity_sctp_bind_connect()”h]”hŒsecurity_sctp_bind_connect()”…””}”(hj/  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hj,  hžhhŸh³h K(ubh»)”}”(hŒÛå°†ä¸€ä¸ªæˆ–å¤šä¸ªIPv4/IPv6åœ°å€ä¼ é€’ç»™å®‰å…¨æ¨¡å—è¿›è¡ŒåŸºäºŽ ``@optname`` çš„éªŒè¯ï¼Œ
è¿™å°†å¯¼è‡´æ˜¯ç»‘å®šè¿˜æ˜¯è¿žæŽ¥æœåŠ¡ï¼Œå¦‚ä¸‹é¢çš„æƒé™æ£€æŸ¥è¡¨æ‰€ç¤ºã€‚æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥
æ—¶è¿”å›žé”™è¯¯ã€‚
::”h]”(hŒCå°†ä¸€ä¸ªæˆ–å¤šä¸ªIPv4/IPv6åœ°å€ä¼ é€’ç»™å®‰å…¨æ¨¡å—è¿›è¡ŒåŸºäºŽ ”…””}”(hj=  hžhhŸNh Nubjê  )”}”(hŒ``@optname``”h]”hŒ@optname”…””}”(hjE  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hj=  ubhŒ‰ çš„éªŒè¯ï¼Œ
è¿™å°†å¯¼è‡´æ˜¯ç»‘å®šè¿˜æ˜¯è¿žæŽ¥æœåŠ¡ï¼Œå¦‚ä¸‹é¢çš„æƒé™æ£€æŸ¥è¡¨æ‰€ç¤ºã€‚æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥
æ—¶è¿”å›žé”™è¯¯ã€‚”…””}”(hj=  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h K)hj,  hžhubjœ  )”}”(hXâ        @sk      - æŒ‡å‘sockç»“æž„çš„æŒ‡é’ˆã€‚
      @optname - éœ€è¦éªŒè¯çš„é€‰é¡¹åç§°ã€‚
      @address - ä¸€ä¸ªæˆ–å¤šä¸ªIPv4 / IPv6åœ°å€ã€‚
      @addrlen - åœ°å€çš„æ€»é•¿åº¦ã€‚ä½¿ç”¨sizeof(struct sockaddr_in)æˆ–
                         sizeof(struct sockaddr_in6)æ¥è®¡ç®—æ¯ä¸ªipv4æˆ–ipv6åœ°å€ã€‚

------------------------------------------------------------------
|                     BIND ç±»åž‹æ£€æŸ¥                               |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_BINDX_ADD     | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_PRIMARY_ADDR          | å•ä¸ª ipv4 or ipv6 åœ°å€             |
| SCTP_SET_PEER_PRIMARY_ADDR | å•ä¸ª ipv4 or ipv6 åœ°å€             |
------------------------------------------------------------------

------------------------------------------------------------------
|                   CONNECT ç±»åž‹æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_CONNECTX      | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_PARAM_ADD_IP          | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_SENDMSG_CONNECT       | å•ä¸ª ipv4 or ipv6 åœ°å€             |
| SCTP_PARAM_SET_PRIMARY     | å•ä¸ª ipv4 or ipv6 åœ°å€             |
------------------------------------------------------------------”h]”hXâ        @sk      - æŒ‡å‘sockç»“æž„çš„æŒ‡é’ˆã€‚
      @optname - éœ€è¦éªŒè¯çš„é€‰é¡¹åç§°ã€‚
      @address - ä¸€ä¸ªæˆ–å¤šä¸ªIPv4 / IPv6åœ°å€ã€‚
      @addrlen - åœ°å€çš„æ€»é•¿åº¦ã€‚ä½¿ç”¨sizeof(struct sockaddr_in)æˆ–
                         sizeof(struct sockaddr_in6)æ¥è®¡ç®—æ¯ä¸ªipv4æˆ–ipv6åœ°å€ã€‚

------------------------------------------------------------------
|                     BIND ç±»åž‹æ£€æŸ¥                               |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_BINDX_ADD     | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_PRIMARY_ADDR          | å•ä¸ª ipv4 or ipv6 åœ°å€             |
| SCTP_SET_PEER_PRIMARY_ADDR | å•ä¸ª ipv4 or ipv6 åœ°å€             |
------------------------------------------------------------------

------------------------------------------------------------------
|                   CONNECT ç±»åž‹æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_CONNECTX      | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_PARAM_ADD_IP          | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_SENDMSG_CONNECT       | å•ä¸ª ipv4 or ipv6 åœ°å€             |
| SCTP_PARAM_SET_PRIMARY     | å•ä¸ª ipv4 or ipv6 åœ°å€             |
------------------------------------------------------------------”…””}”hj]  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h K.hj,  hžhubh»)”}”(hŒ%æ¡ç›® ``@optname`` çš„æ‘˜è¦å¦‚ä¸‹::”h]”(hŒæ¡ç›® ”…””}”(hjk  hžhhŸNh Nubjê  )”}”(hŒ``@optname``”h]”hŒ@optname”…””}”(hjs  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjk  ubhŒ çš„æ‘˜è¦å¦‚ä¸‹:”…””}”(hjk  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h KGhj,  hžhubjœ  )”}”(hX¯  SCTP_SOCKOPT_BINDX_ADD - å…è®¸åœ¨ï¼ˆå¯é€‰åœ°ï¼‰è°ƒç”¨ bind(3) åŽï¼Œå…³è”é¢å¤–
                                                 çš„ç»‘å®šåœ°å€ã€‚
                                                 sctp_bindx(3) ç”¨äºŽåœ¨å¥—æŽ¥å­—ä¸Šæ·»åŠ ä¸€ç»„ç»‘å®šåœ°å€ã€‚

SCTP_SOCKOPT_CONNECTX - å…è®¸åˆ†é…å¤šä¸ªåœ°å€ä»¥è¿žæŽ¥åˆ°å¯¹ç«¯ï¼ˆå¤šå®¿ä¸»ï¼‰ã€‚
                                                sctp_connectx(3) ä½¿ç”¨å¤šä¸ªç›®æ ‡åœ°å€åœ¨SCTP
                                                å¥—æŽ¥å­—ä¸Šå‘èµ·è¿žæŽ¥ã€‚

SCTP_SENDMSG_CONNECT  - é€šè¿‡sendmsg(2)æˆ–sctp_sendmsg(3)åœ¨æ–°å…³è”ä¸Š
                                                å‘èµ·è¿žæŽ¥ã€‚

SCTP_PRIMARY_ADDR     - è®¾ç½®æœ¬åœ°ä¸»åœ°å€ã€‚

SCTP_SET_PEER_PRIMARY_ADDR - è¯·æ±‚è¿œç¨‹å¯¹ç«¯å°†æŸä¸ªåœ°å€è®¾ç½®ä¸ºå…¶ä¸»åœ°å€ã€‚

SCTP_PARAM_ADD_IP          - åœ¨å¯ç”¨åŠ¨æ€åœ°å€é‡é…ç½®æ—¶ä½¿ç”¨ã€‚
SCTP_PARAM_SET_PRIMARY     - å¦‚ä¸‹æ‰€è¿°ï¼Œå¯ç”¨é‡æ–°é…ç½®åŠŸèƒ½ã€‚”h]”hX¯  SCTP_SOCKOPT_BINDX_ADD - å…è®¸åœ¨ï¼ˆå¯é€‰åœ°ï¼‰è°ƒç”¨ bind(3) åŽï¼Œå…³è”é¢å¤–
                                                 çš„ç»‘å®šåœ°å€ã€‚
                                                 sctp_bindx(3) ç”¨äºŽåœ¨å¥—æŽ¥å­—ä¸Šæ·»åŠ ä¸€ç»„ç»‘å®šåœ°å€ã€‚

SCTP_SOCKOPT_CONNECTX - å…è®¸åˆ†é…å¤šä¸ªåœ°å€ä»¥è¿žæŽ¥åˆ°å¯¹ç«¯ï¼ˆå¤šå®¿ä¸»ï¼‰ã€‚
                                                sctp_connectx(3) ä½¿ç”¨å¤šä¸ªç›®æ ‡åœ°å€åœ¨SCTP
                                                å¥—æŽ¥å­—ä¸Šå‘èµ·è¿žæŽ¥ã€‚

SCTP_SENDMSG_CONNECT  - é€šè¿‡sendmsg(2)æˆ–sctp_sendmsg(3)åœ¨æ–°å…³è”ä¸Š
                                                å‘èµ·è¿žæŽ¥ã€‚

SCTP_PRIMARY_ADDR     - è®¾ç½®æœ¬åœ°ä¸»åœ°å€ã€‚

SCTP_SET_PEER_PRIMARY_ADDR - è¯·æ±‚è¿œç¨‹å¯¹ç«¯å°†æŸä¸ªåœ°å€è®¾ç½®ä¸ºå…¶ä¸»åœ°å€ã€‚

SCTP_PARAM_ADD_IP          - åœ¨å¯ç”¨åŠ¨æ€åœ°å€é‡é…ç½®æ—¶ä½¿ç”¨ã€‚
SCTP_PARAM_SET_PRIMARY     - å¦‚ä¸‹æ‰€è¿°ï¼Œå¯ç”¨é‡æ–°é…ç½®åŠŸèƒ½ã€‚”…””}”hj‹  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h KIhj,  hžhubh»)”}”(hŒä¸ºäº†æ”¯æŒåŠ¨æ€åœ°å€é‡æ–°é…ç½®ï¼Œå¿…é¡»åœ¨ä¸¤ä¸ªç«¯ç‚¹ä¸Šå¯ç”¨ä»¥ä¸‹
å‚æ•°ï¼ˆæˆ–ä½¿ç”¨é€‚å½“çš„ **setsockopt**\(2)ï¼‰::”h]”(hŒhä¸ºäº†æ”¯æŒåŠ¨æ€åœ°å€é‡æ–°é…ç½®ï¼Œå¿…é¡»åœ¨ä¸¤ä¸ªç«¯ç‚¹ä¸Šå¯ç”¨ä»¥ä¸‹
å‚æ•°ï¼ˆæˆ–ä½¿ç”¨é€‚å½“çš„ ”…””}”(hj™  hžhhŸNh NubhŒstrong”“”)”}”(hŒ**setsockopt**”h]”hŒ
setsockopt”…””}”(hj£  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j¡  hj™  ubhŒ (2)ï¼‰:”…””}”(hj™  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h K\hj,  hžhubjœ  )”}”(hŒF/proc/sys/net/sctp/addip_enable
/proc/sys/net/sctp/addip_noauth_enable”h]”hŒF/proc/sys/net/sctp/addip_enable
/proc/sys/net/sctp/addip_noauth_enable”…””}”hj»  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h K_hj,  hžhubh»)”}”(hŒdå½“ç›¸åº”çš„ ``@optname`` å­˜åœ¨æ—¶ï¼Œä»¥ä¸‹çš„ *_PARAM_* å‚æ•°ä¼š
é€šè¿‡ASCONFå—å‘é€åˆ°å¯¹ç«¯::”h]”(hŒå½“ç›¸åº”çš„ ”…””}”(hjÉ  hžhhŸNh Nubjê  )”}”(hŒ``@optname``”h]”hŒ@optname”…””}”(hjÑ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjÉ  ubhŒ å­˜åœ¨æ—¶ï¼Œä»¥ä¸‹çš„ ”…””}”(hjÉ  hžhhŸNh NubhŒemphasis”“”)”}”(hŒ	*_PARAM_*”h]”hŒ_PARAM_”…””}”(hjå  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jã  hjÉ  ubhŒ* å‚æ•°ä¼š
é€šè¿‡ASCONFå—å‘é€åˆ°å¯¹ç«¯:”…””}”(hjÉ  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h Kbhj,  hžhubjœ  )”}”(hŒÛ          @optname                      ASCONF Parameter
         ----------                    ------------------
SCTP_SOCKOPT_BINDX_ADD     ->   SCTP_PARAM_ADD_IP
SCTP_SET_PEER_PRIMARY_ADDR ->   SCTP_PARAM_SET_PRIMARY”h]”hŒÛ          @optname                      ASCONF Parameter
         ----------                    ------------------
SCTP_SOCKOPT_BINDX_ADD     ->   SCTP_PARAM_ADD_IP
SCTP_SET_PEER_PRIMARY_ADDR ->   SCTP_PARAM_SET_PRIMARY”…””}”hjý  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h Kehj,  hžhubeh}”(h]”Œsecurity-sctp-bind-connect”ah ]”h"]”h$]”Œsecurity_sctp_bind_connect()”ah&]”uh1jV  hj|  hžhhŸh³h K(j+  KubjW  )”}”(hhh]”(j\  )”}”(hŒsecurity_sctp_sk_clone()”h]”hŒsecurity_sctp_sk_clone()”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hj  hžhhŸh³h Klubh»)”}”(hŒÇæ¯å½“é€šè¿‡ **accept**\(2)åˆ›å»ºä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ï¼ˆå³TCPç±»åž‹çš„å¥—æŽ¥å­—ï¼‰ï¼Œæˆ–è€…å½“
ä¸€ä¸ªå¥—æŽ¥å­—è¢«â€˜å‰¥ç¦»â€™æ—¶å¦‚ç”¨æˆ·ç©ºé—´è°ƒç”¨ **sctp_peeloff**\(3)ï¼Œä¼šè°ƒç”¨æ­¤å‡½æ•°ã€‚
::”h]”(hŒæ¯å½“é€šè¿‡ ”…””}”(hj$  hžhhŸNh Nubj¢  )”}”(hŒ
**accept**”h]”hŒaccept”…””}”(hj,  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j¡  hj$  ubhŒ (2)åˆ›å»ºä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ï¼ˆå³TCPç±»åž‹çš„å¥—æŽ¥å­—ï¼‰ï¼Œæˆ–è€…å½“
ä¸€ä¸ªå¥—æŽ¥å­—è¢«â€˜å‰¥ç¦»â€™æ—¶å¦‚ç”¨æˆ·ç©ºé—´è°ƒç”¨ ”…””}”(hj$  hžhhŸNh Nubj¢  )”}”(hŒ**sctp_peeloff**”h]”hŒsctp_peeloff”…””}”(hj>  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j¡  hj$  ubhŒ (3)ï¼Œä¼šè°ƒç”¨æ­¤å‡½æ•°ã€‚”…””}”(hj$  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h Kmhj  hžhubjœ  )”}”(hŒ@asoc -  æŒ‡å‘å½“å‰sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@sk - æŒ‡å‘å½“å‰å¥—æŽ¥å­—ç»“æž„çš„æŒ‡é’ˆã€‚
@newsk - æŒ‡å‘æ–°çš„å¥—æŽ¥å­—ç»“æž„çš„æŒ‡é’ˆã€‚”h]”hŒ@asoc -  æŒ‡å‘å½“å‰sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@sk - æŒ‡å‘å½“å‰å¥—æŽ¥å­—ç»“æž„çš„æŒ‡é’ˆã€‚
@newsk - æŒ‡å‘æ–°çš„å¥—æŽ¥å­—ç»“æž„çš„æŒ‡é’ˆã€‚”…””}”hjV  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h Kqhj  hžhubeh}”(h]”Œsecurity-sctp-sk-clone”ah ]”h"]”h$]”Œsecurity_sctp_sk_clone()”ah&]”uh1jV  hj|  hžhhŸh³h Klj+  KubjW  )”}”(hhh]”(j\  )”}”(hŒ!security_sctp_assoc_established()”h]”hŒ!security_sctp_assoc_established()”…””}”(hjo  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hjl  hžhhŸh³h Kwubh»)”}”(hŒkå½“æ”¶åˆ°COOKIE ACKæ—¶è°ƒç”¨ï¼Œå¯¹äºŽå®¢æˆ·ç«¯ï¼Œå¯¹ç«¯çš„secidå°†è¢«ä¿å­˜
åˆ° ``@asoc->peer_secid`` ä¸­::”h]”(hŒPå½“æ”¶åˆ°COOKIE ACKæ—¶è°ƒç”¨ï¼Œå¯¹äºŽå®¢æˆ·ç«¯ï¼Œå¯¹ç«¯çš„secidå°†è¢«ä¿å­˜
åˆ° ”…””}”(hj}  hžhhŸNh Nubjê  )”}”(hŒ``@asoc->peer_secid``”h]”hŒ@asoc->peer_secid”…””}”(hj…  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hj}  ubhŒ ä¸­:”…””}”(hj}  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h Kxhjl  hžhubjœ  )”}”(hŒ]@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘COOKIE ACKæ•°æ®åŒ…çš„skbuffæŒ‡é’ˆã€‚”h]”hŒ]@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘COOKIE ACKæ•°æ®åŒ…çš„skbuffæŒ‡é’ˆã€‚”…””}”hj  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h K{hjl  hžhubeh}”(h]”Œsecurity-sctp-assoc-established”ah ]”h"]”h$]”Œ!security_sctp_assoc_established()”ah&]”uh1jV  hj|  hžhhŸh³h Kwj+  Kubeh}”(h]”Œid1”ah ]”h"]”h$]”Œå®‰å…¨é’©å­”ah&]”uh1jV  hjk  hžhhŸh³h Kj+  KubjW  )”}”(hhh]”(j\  )”}”(hŒ!ç”¨äºŽå…³è”å»ºç«‹çš„å®‰å…¨é’©å­”h]”hŒ!ç”¨äºŽå…³è”å»ºç«‹çš„å®‰å…¨é’©å­”…””}”(hj¾  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hj»  hžhhŸh³h K€ubh»)”}”(hŒ¡ä¸‹å›¾å±•ç¤ºäº†åœ¨å»ºç«‹å…³è”æ—¶ ``security_sctp_bind_connect()``ã€ ``security_sctp_assoc_request()``
å’Œ ``security_sctp_assoc_established()`` çš„ä½¿ç”¨ã€‚
::”h]”(hŒ"ä¸‹å›¾å±•ç¤ºäº†åœ¨å»ºç«‹å…³è”æ—¶ ”…””}”(hjÌ  hžhhŸNh Nubjê  )”}”(hŒ ``security_sctp_bind_connect()``”h]”hŒsecurity_sctp_bind_connect()”…””}”(hjÔ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjÌ  ubhŒã€ ”…””}”(hjÌ  hžhhŸNh Nubjê  )”}”(hŒ!``security_sctp_assoc_request()``”h]”hŒsecurity_sctp_assoc_request()”…””}”(hjæ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjÌ  ubhŒ
å’Œ ”…””}”(hjÌ  hžhhŸNh Nubjê  )”}”(hŒ%``security_sctp_assoc_established()``”h]”hŒ!security_sctp_assoc_established()”…””}”(hjø  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjÌ  ubhŒ çš„ä½¿ç”¨ã€‚”…””}”(hjÌ  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h K‚hj»  hžhubjœ  )”}”(hXb
       SCTP ç«¯ç‚¹ "A"                                 SCTP ç«¯ç‚¹ "Z"
     =============                                 =============
   sctp_sf_do_prm_asoc()
å…³è”çš„è®¾ç½®å¯ä»¥é€šè¿‡connect(2),
sctp_connectx(3),sendmsg(2)
or sctp_sendmsg(3)æ¥å‘èµ·ã€‚
è¿™å°†å¯¼è‡´è°ƒç”¨security_sctp_bind_connect()
å‘èµ·ä¸ŽSCTPå¯¹ç«¯ç«¯ç‚¹"Z"çš„å…³è”ã€‚
        INIT --------------------------------------------->
                                                  sctp_sf_do_5_1B_init()
                                                å“åº”ä¸€ä¸ªINITæ•°æ®å—ã€‚
                                            SCTPå¯¹ç«¯ç«¯ç‚¹"A"æ­£åœ¨è¯·æ±‚ä¸€ä¸ªä¸´æ—¶å…³è”ã€‚
                                            å¦‚æžœæ˜¯é¦–æ¬¡å…³è”ï¼Œè°ƒç”¨security_sctp_assoc_request()
                                            æ¥è®¾ç½®å¯¹ç­‰æ–¹æ ‡ç­¾ã€‚
                                            å¦‚æžœä¸æ˜¯é¦–æ¬¡å…³è”ï¼Œæ£€æŸ¥æ˜¯å¦è¢«å…è®¸ã€‚
                                            å¦‚æžœå…è®¸ï¼Œåˆ™å‘é€:
         <----------------------------------------------- INIT ACK
         |
         |                                  å¦åˆ™ï¼Œç”Ÿæˆå®¡è®¡äº‹ä»¶å¹¶é»˜é»˜ä¸¢å¼ƒè¯¥æ•°æ®åŒ…ã€‚
         |
   COOKIE ECHO ------------------------------------------>
                                                 sctp_sf_do_5_1D_ce()
                                            å“åº”ä¸€ä¸ªCOOKIE ECHOæ•°æ®å—ã€‚
                                            ç¡®è®¤è¯¥cookieå¹¶åˆ›å»ºä¸€ä¸ªæ°¸ä¹…å…³è”ã€‚
                                            è°ƒç”¨security_sctp_assoc_request()
                                            æ‰§è¡Œä¸ŽINITæ•°æ®å—å“åº”ç›¸åŒçš„æ“ä½œã€‚
         <------------------------------------------- COOKIE ACK
         |                                               |
   sctp_sf_do_5_1E_ca                                    |
è°ƒç”¨security_sctp_assoc_established()                    |
æ¥è®¾ç½®å¯¹æ–¹æ ‡ç­¾                                           |
         |                                               |
         |                               å¦‚æžœæ˜¯SCTP_SOCKET_TCPæˆ–æ˜¯å‰¥ç¦»çš„å¥—æŽ¥
         |                               å­—ï¼Œä¼šè°ƒç”¨ security_sctp_sk_clone()
         |                               æ¥å…‹éš†æ–°çš„å¥—æŽ¥å­—ã€‚
         |                                               |
        å»ºç«‹                                            å»ºç«‹
         |                                               |
   ------------------------------------------------------------------
   |                            å…³è”å»ºç«‹                            |
   ------------------------------------------------------------------”h]”hXb
       SCTP ç«¯ç‚¹ "A"                                 SCTP ç«¯ç‚¹ "Z"
     =============                                 =============
   sctp_sf_do_prm_asoc()
å…³è”çš„è®¾ç½®å¯ä»¥é€šè¿‡connect(2),
sctp_connectx(3),sendmsg(2)
or sctp_sendmsg(3)æ¥å‘èµ·ã€‚
è¿™å°†å¯¼è‡´è°ƒç”¨security_sctp_bind_connect()
å‘èµ·ä¸ŽSCTPå¯¹ç«¯ç«¯ç‚¹"Z"çš„å…³è”ã€‚
        INIT --------------------------------------------->
                                                  sctp_sf_do_5_1B_init()
                                                å“åº”ä¸€ä¸ªINITæ•°æ®å—ã€‚
                                            SCTPå¯¹ç«¯ç«¯ç‚¹"A"æ­£åœ¨è¯·æ±‚ä¸€ä¸ªä¸´æ—¶å…³è”ã€‚
                                            å¦‚æžœæ˜¯é¦–æ¬¡å…³è”ï¼Œè°ƒç”¨security_sctp_assoc_request()
                                            æ¥è®¾ç½®å¯¹ç­‰æ–¹æ ‡ç­¾ã€‚
                                            å¦‚æžœä¸æ˜¯é¦–æ¬¡å…³è”ï¼Œæ£€æŸ¥æ˜¯å¦è¢«å…è®¸ã€‚
                                            å¦‚æžœå…è®¸ï¼Œåˆ™å‘é€:
         <----------------------------------------------- INIT ACK
         |
         |                                  å¦åˆ™ï¼Œç”Ÿæˆå®¡è®¡äº‹ä»¶å¹¶é»˜é»˜ä¸¢å¼ƒè¯¥æ•°æ®åŒ…ã€‚
         |
   COOKIE ECHO ------------------------------------------>
                                                 sctp_sf_do_5_1D_ce()
                                            å“åº”ä¸€ä¸ªCOOKIE ECHOæ•°æ®å—ã€‚
                                            ç¡®è®¤è¯¥cookieå¹¶åˆ›å»ºä¸€ä¸ªæ°¸ä¹…å…³è”ã€‚
                                            è°ƒç”¨security_sctp_assoc_request()
                                            æ‰§è¡Œä¸ŽINITæ•°æ®å—å“åº”ç›¸åŒçš„æ“ä½œã€‚
         <------------------------------------------- COOKIE ACK
         |                                               |
   sctp_sf_do_5_1E_ca                                    |
è°ƒç”¨security_sctp_assoc_established()                    |
æ¥è®¾ç½®å¯¹æ–¹æ ‡ç­¾                                           |
         |                                               |
         |                               å¦‚æžœæ˜¯SCTP_SOCKET_TCPæˆ–æ˜¯å‰¥ç¦»çš„å¥—æŽ¥
         |                               å­—ï¼Œä¼šè°ƒç”¨ security_sctp_sk_clone()
         |                               æ¥å…‹éš†æ–°çš„å¥—æŽ¥å­—ã€‚
         |                                               |
        å»ºç«‹                                            å»ºç«‹
         |                                               |
   ------------------------------------------------------------------
   |                            å…³è”å»ºç«‹                            |
   ------------------------------------------------------------------”…””}”hj  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h K†hj»  hžhubeh}”(h]”Œid2”ah ]”h"]”Œ!ç”¨äºŽå…³è”å»ºç«‹çš„å®‰å…¨é’©å­”ah$]”h&]”uh1jV  hjk  hžhhŸh³h K€ubeh}”(h]”Œsctplsm”ah ]”h"]”Œsctpçš„lsmæ”¯æŒ”ah$]”h&]”uh1jV  hjX  hžhhŸh³h Kj+  KubjW  )”}”(hhh]”(j\  )”}”(hŒSCTPçš„SELinuxæ”¯æŒ”h]”hŒSCTPçš„SELinuxæ”¯æŒ”…””}”(hj1  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hj.  hžhhŸh³h K²ubjW  )”}”(hhh]”(j\  )”}”(hŒå®‰å…¨é’©å­”h]”hŒå®‰å…¨é’©å­”…””}”(hjB  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hj?  hžhhŸh³h Kµubh»)”}”(hŒeä¸Šé¢çš„ `SCTPçš„LSMæ”¯æŒ`_ ç« èŠ‚æè¿°äº†ä»¥ä¸‹SCTPå®‰å…¨é’©å­ï¼ŒSELinuxçš„ç»†èŠ‚
è¯´æ˜Žå¦‚ä¸‹::”h]”(hŒ
ä¸Šé¢çš„ ”…””}”(hjP  hžhhŸNh Nubj)  )”}”(hŒ`SCTPçš„LSMæ”¯æŒ`_”h]”hŒSCTPçš„LSMæ”¯æŒ”…””}”(hjX  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”Œname”ŒSCTPçš„LSMæ”¯æŒ”jÃ  j(  uh1j(  hjP  jÅ  KubhŒG ç« èŠ‚æè¿°äº†ä»¥ä¸‹SCTPå®‰å…¨é’©å­ï¼ŒSELinuxçš„ç»†èŠ‚
è¯´æ˜Žå¦‚ä¸‹:”…””}”(hjP  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h K·hj?  hžhubjœ  )”}”(hŒusecurity_sctp_assoc_request()
security_sctp_bind_connect()
security_sctp_sk_clone()
security_sctp_assoc_established()”h]”hŒusecurity_sctp_assoc_request()
security_sctp_bind_connect()
security_sctp_sk_clone()
security_sctp_assoc_established()”…””}”hjr  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h Kºhj?  hžhubjW  )”}”(hhh]”(j\  )”}”(hŒsecurity_sctp_assoc_request()”h]”hŒsecurity_sctp_assoc_request()”…””}”(hjƒ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hj€  hžhhŸh³h KÁubh»)”}”(hŒ€å°†å…³è”INITæ•°æ®åŒ…çš„ ``@asoc`` å’Œ ``@chunk->skb`` ä¼ é€’ç»™å®‰å…¨æ¨¡å—ã€‚
æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥æ—¶è¿”å›žé”™è¯¯ã€‚
::”h]”(hŒå°†å…³è”INITæ•°æ®åŒ…çš„ ”…””}”(hj‘  hžhhŸNh Nubjê  )”}”(hŒ	``@asoc``”h]”hŒ@asoc”…””}”(hj™  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hj‘  ubhŒ å’Œ ”…””}”(hj‘  hžhhŸNh Nubjê  )”}”(hŒ``@chunk->skb``”h]”hŒ@chunk->skb”…””}”(hj«  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hj‘  ubhŒF ä¼ é€’ç»™å®‰å…¨æ¨¡å—ã€‚
æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥æ—¶è¿”å›žé”™è¯¯ã€‚”…””}”(hj‘  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h KÂhj€  hžhubjœ  )”}”(hŒY@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘å…³è”æ•°æ®åŒ…skbuffçš„æŒ‡é’ˆã€‚”h]”hŒY@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘å…³è”æ•°æ®åŒ…skbuffçš„æŒ‡é’ˆã€‚”…””}”hjÃ  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h KÆhj€  hžhubhŒdefinition_list”“”)”}”(hhh]”hŒdefinition_list_item”“”)”}”(hX±  å®‰å…¨æ¨¡å—æ‰§è¡Œä»¥ä¸‹æ“ä½œ:
å¦‚æžœè¿™æ˜¯ ``@asoc->base.sk`` ä¸Šçš„é¦–æ¬¡å…³è”ï¼Œåˆ™å°†å¯¹ç«¯çš„sidè®¾ç½®
ä¸º ``@skb`` ä¸­çš„å€¼ã€‚è¿™å°†ç¡®ä¿åªæœ‰ä¸€ä¸ªå¯¹ç«¯sidåˆ†é…ç»™å¯èƒ½æ”¯æŒå¤šä¸ª
å…³è”çš„ ``@asoc->base.sk``ã€‚

å¦åˆ™éªŒè¯ ``@asoc->base.sk peer sid`` æ˜¯å¦ä¸Ž ``@skb peer sid``
åŒ¹é…ï¼Œä»¥ç¡®å®šè¯¥å…³è”æ˜¯å¦åº”è¢«å…è®¸æˆ–æ‹’ç»ã€‚

å°†sctpçš„ ``@asoc sid`` è®¾ç½®ä¸ºå¥—æŽ¥å­—çš„sidï¼ˆæ¥è‡ª ``asoc->base.sk``ï¼‰
å¹¶ä»Ž ``@skb peer sid`` ä¸­æå–MLSéƒ¨åˆ†ã€‚è¿™å°†åœ¨SCTPçš„TCPç±»åž‹å¥—æŽ¥å­—åŠ
å‰¥ç¦»è¿žæŽ¥ä¸­ä½¿ç”¨ï¼Œå› ä¸ºå®ƒä»¬ä¼šå¯¼è‡´ç”Ÿæˆä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ã€‚

å¦‚æžœé…ç½®äº†IPå®‰å…¨é€‰é¡¹ï¼ˆCIPSO/CALIPSOï¼‰ï¼Œåˆ™ä¼šåœ¨å¥—æŽ¥å­—ä¸Šè®¾ç½®IPé€‰é¡¹ã€‚

”h]”(hŒterm”“”)”}”(hŒå®‰å…¨æ¨¡å—æ‰§è¡Œä»¥ä¸‹æ“ä½œ:”h]”hŒå®‰å…¨æ¨¡å—æ‰§è¡Œä»¥ä¸‹æ“ä½œ:”…””}”(hjÞ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jÜ  hŸh³h KÖhjØ  ubhŒ
definition”“”)”}”(hhh]”(h»)”}”(hŒÃå¦‚æžœè¿™æ˜¯ ``@asoc->base.sk`` ä¸Šçš„é¦–æ¬¡å…³è”ï¼Œåˆ™å°†å¯¹ç«¯çš„sidè®¾ç½®
ä¸º ``@skb`` ä¸­çš„å€¼ã€‚è¿™å°†ç¡®ä¿åªæœ‰ä¸€ä¸ªå¯¹ç«¯sidåˆ†é…ç»™å¯èƒ½æ”¯æŒå¤šä¸ª
å…³è”çš„ ``@asoc->base.sk``ã€‚”h]”(hŒå¦‚æžœè¿™æ˜¯ ”…””}”(hjñ  hžhhŸNh Nubjê  )”}”(hŒ``@asoc->base.sk``”h]”hŒ@asoc->base.sk”…””}”(hjù  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjñ  ubhŒ3 ä¸Šçš„é¦–æ¬¡å…³è”ï¼Œåˆ™å°†å¯¹ç«¯çš„sidè®¾ç½®
ä¸º ”…””}”(hjñ  hžhhŸNh Nubjê  )”}”(hŒ``@skb``”h]”hŒ@skb”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjñ  ubhŒT ä¸­çš„å€¼ã€‚è¿™å°†ç¡®ä¿åªæœ‰ä¸€ä¸ªå¯¹ç«¯sidåˆ†é…ç»™å¯èƒ½æ”¯æŒå¤šä¸ª
å…³è”çš„ ”…””}”(hjñ  hžhhŸNh Nubjê  )”}”(hŒ``@asoc->base.sk``”h]”hŒ@asoc->base.sk”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjñ  ubhŒã€‚”…””}”(hjñ  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h KÊhjî  ubh»)”}”(hŒ~å¦åˆ™éªŒè¯ ``@asoc->base.sk peer sid`` æ˜¯å¦ä¸Ž ``@skb peer sid``
åŒ¹é…ï¼Œä»¥ç¡®å®šè¯¥å…³è”æ˜¯å¦åº”è¢«å…è®¸æˆ–æ‹’ç»ã€‚”h]”(hŒå¦åˆ™éªŒè¯ ”…””}”(hj5  hžhhŸNh Nubjê  )”}”(hŒ``@asoc->base.sk peer sid``”h]”hŒ@asoc->base.sk peer sid”…””}”(hj=  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hj5  ubhŒ æ˜¯å¦ä¸Ž ”…””}”(hj5  hžhhŸNh Nubjê  )”}”(hŒ``@skb peer sid``”h]”hŒ@skb peer sid”…””}”(hjO  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hj5  ubhŒ:
åŒ¹é…ï¼Œä»¥ç¡®å®šè¯¥å…³è”æ˜¯å¦åº”è¢«å…è®¸æˆ–æ‹’ç»ã€‚”…””}”(hj5  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h KÎhjî  ubh»)”}”(hŒïå°†sctpçš„ ``@asoc sid`` è®¾ç½®ä¸ºå¥—æŽ¥å­—çš„sidï¼ˆæ¥è‡ª ``asoc->base.sk``ï¼‰
å¹¶ä»Ž ``@skb peer sid`` ä¸­æå–MLSéƒ¨åˆ†ã€‚è¿™å°†åœ¨SCTPçš„TCPç±»åž‹å¥—æŽ¥å­—åŠ
å‰¥ç¦»è¿žæŽ¥ä¸­ä½¿ç”¨ï¼Œå› ä¸ºå®ƒä»¬ä¼šå¯¼è‡´ç”Ÿæˆä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ã€‚”h]”(hŒå°†sctpçš„ ”…””}”(hjg  hžhhŸNh Nubjê  )”}”(hŒ``@asoc sid``”h]”hŒ	@asoc sid”…””}”(hjo  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjg  ubhŒ# è®¾ç½®ä¸ºå¥—æŽ¥å­—çš„sidï¼ˆæ¥è‡ª ”…””}”(hjg  hžhhŸNh Nubjê  )”}”(hŒ``asoc->base.sk``”h]”hŒasoc->base.sk”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjg  ubhŒï¼‰
å¹¶ä»Ž ”…””}”(hjg  hžhhŸNh Nubjê  )”}”(hŒ``@skb peer sid``”h]”hŒ@skb peer sid”…””}”(hj“  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjg  ubhŒ‡ ä¸­æå–MLSéƒ¨åˆ†ã€‚è¿™å°†åœ¨SCTPçš„TCPç±»åž‹å¥—æŽ¥å­—åŠ
å‰¥ç¦»è¿žæŽ¥ä¸­ä½¿ç”¨ï¼Œå› ä¸ºå®ƒä»¬ä¼šå¯¼è‡´ç”Ÿæˆä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ã€‚”…””}”(hjg  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h KÑhjî  ubh»)”}”(hŒYå¦‚æžœé…ç½®äº†IPå®‰å…¨é€‰é¡¹ï¼ˆCIPSO/CALIPSOï¼‰ï¼Œåˆ™ä¼šåœ¨å¥—æŽ¥å­—ä¸Šè®¾ç½®IPé€‰é¡¹ã€‚”h]”hŒYå¦‚æžœé…ç½®äº†IPå®‰å…¨é€‰é¡¹ï¼ˆCIPSO/CALIPSOï¼‰ï¼Œåˆ™ä¼šåœ¨å¥—æŽ¥å­—ä¸Šè®¾ç½®IPé€‰é¡¹ã€‚”…””}”(hj«  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h KÕhjî  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jì  hjØ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jÖ  hŸh³h KÖhjÓ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÑ  hj€  hžhhŸh³h Nubeh}”(h]”Œid4”ah ]”h"]”h$]”j)  ah&]”uh1jV  hj?  hžhhŸh³h KÁj+  KubjW  )”}”(hhh]”(j\  )”}”(hŒsecurity_sctp_bind_connect()”h]”hŒsecurity_sctp_bind_connect()”…””}”(hjÕ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hjÒ  hžhhŸh³h KÙubh»)”}”(hŒIæ ¹æ® ``@optname`` æ£€æŸ¥ipv4/ipv6åœ°å€æ‰€éœ€çš„æƒé™ï¼Œå…·ä½“å¦‚ä¸‹::”h]”(hŒæ ¹æ® ”…””}”(hjã  hžhhŸNh Nubjê  )”}”(hŒ``@optname``”h]”hŒ@optname”…””}”(hjë  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjã  ubhŒ5 æ£€æŸ¥ipv4/ipv6åœ°å€æ‰€éœ€çš„æƒé™ï¼Œå…·ä½“å¦‚ä¸‹:”…””}”(hjã  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h KÚhjÒ  hžhubjœ  )”}”(hX¥  ------------------------------------------------------------------
|                      BIND æƒé™æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_BINDX_ADD     | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_PRIMARY_ADDR          | å•ä¸ª ipv4 or ipv6 åœ°å€            |
| SCTP_SET_PEER_PRIMARY_ADDR | å•ä¸ª ipv4 or ipv6 åœ°å€            |
------------------------------------------------------------------

------------------------------------------------------------------
|                   CONNECT æƒé™æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_CONNECTX      | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_PARAM_ADD_IP          | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_SENDMSG_CONNECT       | å•ä¸ª ipv4 or ipv6 åœ°å€            |
| SCTP_PARAM_SET_PRIMARY     | å•ä¸ª ipv4 or ipv6 åœ°å€            |
------------------------------------------------------------------”h]”hX¥  ------------------------------------------------------------------
|                      BIND æƒé™æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_BINDX_ADD     | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_PRIMARY_ADDR          | å•ä¸ª ipv4 or ipv6 åœ°å€            |
| SCTP_SET_PEER_PRIMARY_ADDR | å•ä¸ª ipv4 or ipv6 åœ°å€            |
------------------------------------------------------------------

------------------------------------------------------------------
|                   CONNECT æƒé™æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_CONNECTX      | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_PARAM_ADD_IP          | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_SENDMSG_CONNECT       | å•ä¸ª ipv4 or ipv6 åœ°å€            |
| SCTP_PARAM_SET_PRIMARY     | å•ä¸ª ipv4 or ipv6 åœ°å€            |
------------------------------------------------------------------”…””}”hj  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h KÜhjÒ  hžhubh»)”}”(hŒ‰`SCTPçš„LSMæ”¯æŒ`_ æä¾›äº† ``@optname`` æ‘˜è¦ï¼Œå¹¶ä¸”è¿˜æè¿°äº†å½“å¯ç”¨åŠ¨æ€åœ°å€é‡æ–°
é…ç½®æ—¶ï¼ŒASCONFå—çš„å¤„ç†è¿‡ç¨‹ã€‚”h]”(j)  )”}”(hŒ`SCTPçš„LSMæ”¯æŒ`_”h]”hŒSCTPçš„LSMæ”¯æŒ”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”Œname”ŒSCTPçš„LSMæ”¯æŒ”jÃ  j(  uh1j(  hj  jÅ  KubhŒ æä¾›äº† ”…””}”(hj  hžhhŸNh Nubjê  )”}”(hŒ``@optname``”h]”hŒ@optname”…””}”(hj)  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hj  ubhŒ_ æ‘˜è¦ï¼Œå¹¶ä¸”è¿˜æè¿°äº†å½“å¯ç”¨åŠ¨æ€åœ°å€é‡æ–°
é…ç½®æ—¶ï¼ŒASCONFå—çš„å¤„ç†è¿‡ç¨‹ã€‚”…””}”(hj  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h KðhjÒ  hžhubeh}”(h]”Œid5”ah ]”h"]”h$]”j  ah&]”uh1jV  hj?  hžhhŸh³h KÙj+  KubjW  )”}”(hhh]”(j\  )”}”(hŒsecurity_sctp_sk_clone()”h]”hŒsecurity_sctp_sk_clone()”…””}”(hjK  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hjH  hžhhŸh³h Kõubh»)”}”(hX>  æ¯å½“é€šè¿‡ **accept**\(2)ï¼ˆå³TCPç±»åž‹çš„å¥—æŽ¥å­—ï¼‰åˆ›å»ºä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ï¼Œæˆ–è€…
å½“ä¸€ä¸ªå¥—æŽ¥å­—è¢«â€œå‰¥ç¦»â€å¦‚ç”¨æˆ·ç©ºé—´è°ƒç”¨ **sctp_peeloff**\(3)æ—¶ï¼Œ
``security_sctp_sk_clone()`` å°†ä¼šåˆ†åˆ«å°†æ–°å¥—æŽ¥å­—çš„sidå’Œå¯¹ç«¯sidè®¾ç½®ä¸º
``@asoc sid`` å’Œ ``@asoc peer sid`` ä¸­åŒ…å«çš„å€¼ã€‚
::”h]”(hŒæ¯å½“é€šè¿‡ ”…””}”(hjY  hžhhŸNh Nubj¢  )”}”(hŒ
**accept**”h]”hŒaccept”…””}”(hja  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j¡  hjY  ubhŒ~ (2)ï¼ˆå³TCPç±»åž‹çš„å¥—æŽ¥å­—ï¼‰åˆ›å»ºä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ï¼Œæˆ–è€…
å½“ä¸€ä¸ªå¥—æŽ¥å­—è¢«â€œå‰¥ç¦»â€å¦‚ç”¨æˆ·ç©ºé—´è°ƒç”¨ ”…””}”(hjY  hžhhŸNh Nubj¢  )”}”(hŒ**sctp_peeloff**”h]”hŒsctp_peeloff”…””}”(hjs  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j¡  hjY  ubhŒ (3)æ—¶ï¼Œ
”…””}”(hjY  hžhhŸNh Nubjê  )”}”(hŒ``security_sctp_sk_clone()``”h]”hŒsecurity_sctp_sk_clone()”…””}”(hj…  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjY  ubhŒ8 å°†ä¼šåˆ†åˆ«å°†æ–°å¥—æŽ¥å­—çš„sidå’Œå¯¹ç«¯sidè®¾ç½®ä¸º
”…””}”(hjY  hžhhŸNh Nubjê  )”}”(hŒ``@asoc sid``”h]”hŒ	@asoc sid”…””}”(hj—  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjY  ubhŒ å’Œ ”…””}”(hjY  hžhhŸNh Nubjê  )”}”(hŒ``@asoc peer sid``”h]”hŒ@asoc peer sid”…””}”(hj©  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjY  ubhŒ ä¸­åŒ…å«çš„å€¼ã€‚”…””}”(hjY  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h KöhjH  hžhubjœ  )”}”(hŒ‚@asoc - æŒ‡å‘å½“å‰sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@sk - æŒ‡å‘å½“å‰sockç»“æž„çš„æŒ‡é’ˆã€‚
@newsk - æŒ‡å‘æ–°sockç»“æž„çš„æŒ‡é’ˆã€‚”h]”hŒ‚@asoc - æŒ‡å‘å½“å‰sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@sk - æŒ‡å‘å½“å‰sockç»“æž„çš„æŒ‡é’ˆã€‚
@newsk - æŒ‡å‘æ–°sockç»“æž„çš„æŒ‡é’ˆã€‚”…””}”hjÁ  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h KühjH  hžhubeh}”(h]”Œid6”ah ]”h"]”h$]”jj  ah&]”uh1jV  hj?  hžhhŸh³h Kõj+  KubjW  )”}”(hhh]”(j\  )”}”(hŒ!security_sctp_assoc_established()”h]”hŒ!security_sctp_assoc_established()”…””}”(hjÙ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hjÖ  hžhhŸh³h Mubh»)”}”(hŒXå½“æŽ¥æ”¶åˆ°COOKIE ACKæ—¶è°ƒç”¨ï¼Œå®ƒå°†è¿žæŽ¥çš„å¯¹ç«¯sidè®¾ç½®ä¸º ``@skb`` ä¸­çš„å€¼::”h]”(hŒDå½“æŽ¥æ”¶åˆ°COOKIE ACKæ—¶è°ƒç”¨ï¼Œå®ƒå°†è¿žæŽ¥çš„å¯¹ç«¯sidè®¾ç½®ä¸º ”…””}”(hjç  hžhhŸNh Nubjê  )”}”(hŒ``@skb``”h]”hŒ@skb”…””}”(hjï  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjç  ubhŒ ä¸­çš„å€¼:”…””}”(hjç  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h MhjÖ  hžhubjœ  )”}”(hŒW@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘COOKIE ACKåŒ…skbuffçš„æŒ‡é’ˆã€‚”h]”hŒW@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘COOKIE ACKåŒ…skbuffçš„æŒ‡é’ˆã€‚”…””}”hj  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h MhjÖ  hžhubeh}”(h]”Œid7”ah ]”h"]”h$]”j±  ah&]”uh1jV  hj?  hžhhŸh³h Mj+  Kubeh}”(h]”Œid3”ah ]”h"]”h$]”j¹  ah&]”uh1jV  hj.  hžhhŸh³h Kµj+  KubjW  )”}”(hhh]”(j\  )”}”(hŒç­–ç•¥å£°æ˜Ž”h]”hŒç­–ç•¥å£°æ˜Ž”…””}”(hj&  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hj#  hžhhŸh³h M
ubh»)”}”(hŒ9ä»¥ä¸‹æ”¯æŒSCTPçš„ç±»å’Œæƒé™åœ¨å†…æ ¸ä¸­æ˜¯å¯ç”¨çš„::”h]”hŒ8ä»¥ä¸‹æ”¯æŒSCTPçš„ç±»å’Œæƒé™åœ¨å†…æ ¸ä¸­æ˜¯å¯ç”¨çš„:”…””}”(hj4  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h Mhj#  hžhubjœ  )”}”(hŒ/class sctp_socket inherits socket { node_bind }”h]”hŒ/class sctp_socket inherits socket { node_bind }”…””}”hjB  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h Mhj#  hžhubh»)”}”(hŒ å½“å¯ç”¨ä»¥ä¸‹ç­–ç•¥åŠŸèƒ½æ—¶::”h]”hŒå½“å¯ç”¨ä»¥ä¸‹ç­–ç•¥åŠŸèƒ½æ—¶:”…””}”(hjP  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h Mhj#  hžhubjœ  )”}”(hŒ policycap extended_socket_class;”h]”hŒ policycap extended_socket_class;”…””}”hj^  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h Mhj#  hžhubh»)”}”(hŒ›SELinuxå¯¹SCTPçš„æ”¯æŒæ·»åŠ äº†ç”¨äºŽè¿žæŽ¥ç‰¹å®šç«¯å£ç±»åž‹ ``name_connect`` æƒé™
ä»¥åŠåœ¨ä¸‹é¢çš„ç« èŠ‚ä¸­è¿›è¡Œè§£é‡Šçš„ ``association`` æƒé™ã€‚”h]”(hŒ?SELinuxå¯¹SCTPçš„æ”¯æŒæ·»åŠ äº†ç”¨äºŽè¿žæŽ¥ç‰¹å®šç«¯å£ç±»åž‹ ”…””}”(hjl  hžhhŸNh Nubjê  )”}”(hŒ``name_connect``”h]”hŒname_connect”…””}”(hjt  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjl  ubhŒ3 æƒé™
ä»¥åŠåœ¨ä¸‹é¢çš„ç« èŠ‚ä¸­è¿›è¡Œè§£é‡Šçš„ ”…””}”(hjl  hžhhŸNh Nubjê  )”}”(hŒ``association``”h]”hŒassociation”…””}”(hj†  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjl  ubhŒ
 æƒé™ã€‚”…””}”(hjl  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h Mhj#  hžhubh»)”}”(hŒUå¦‚æžœç”¨æˆ·ç©ºé—´å·¥å…·å·²æ›´æ–°ï¼ŒSCTPå°†æ”¯æŒå¦‚ä¸‹æ‰€ç¤ºçš„ ``portcon`` å£°æ˜Ž::”h]”(hŒAå¦‚æžœç”¨æˆ·ç©ºé—´å·¥å…·å·²æ›´æ–°ï¼ŒSCTPå°†æ”¯æŒå¦‚ä¸‹æ‰€ç¤ºçš„ ”…””}”(hjž  hžhhŸNh Nubjê  )”}”(hŒ``portcon``”h]”hŒportcon”…””}”(hj¦  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjž  ubhŒ å£°æ˜Ž:”…””}”(hjž  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h Mhj#  hžhubjœ  )”}”(hŒ8portcon sctp 1024-1036 system_u:object_r:sctp_ports_t:s0”h]”hŒ8portcon sctp 1024-1036 system_u:object_r:sctp_ports_t:s0”…””}”hj¾  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1j›  hŸh³h Mhj#  hžhubeh}”(h]”Œid8”ah ]”h"]”Œç­–ç•¥å£°æ˜Ž”ah$]”h&]”uh1jV  hj.  hžhhŸh³h M
ubjW  )”}”(hhh]”(j\  )”}”(hŒSCTPå¯¹ç«¯æ ‡ç­¾”h]”hŒSCTPå¯¹ç«¯æ ‡ç­¾”…””}”(hj×  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j[  hjÔ  hžhhŸh³h Mubh»)”}”(hX±  æ¯ä¸ªSCTPå¥—æŽ¥å­—ä»…åˆ†é…ä¸€ä¸ªå¯¹ç«¯æ ‡ç­¾ã€‚è¿™ä¸ªæ ‡ç­¾å°†åœ¨å»ºç«‹ç¬¬ä¸€ä¸ªå…³è”æ—¶åˆ†é…ã€‚
ä»»ä½•åŽç»­åœ¨è¯¥å¥—æŽ¥å­—ä¸Šçš„å…³è”éƒ½ä¼šå°†å®ƒä»¬çš„æ•°æ®åŒ…å¯¹ç«¯æ ‡ç­¾ä¸Žå¥—æŽ¥å­—çš„å¯¹ç«¯æ ‡
ç­¾è¿›è¡Œæ¯”è¾ƒï¼Œåªæœ‰åœ¨å®ƒä»¬ä¸åŒçš„æƒ…å†µä¸‹ ``association`` æƒé™æ‰ä¼šè¢«éªŒè¯ã€‚
è¿™æ˜¯é€šè¿‡æ£€æŸ¥å¥—æŽ¥å­—çš„å¯¹ç«¯sidä¸ŽæŽ¥æ”¶åˆ°çš„æ•°æ®åŒ…ä¸­çš„å¯¹ç«¯sidæ¥éªŒè¯çš„ï¼Œä»¥å†³
å®šæ˜¯å¦å…è®¸æˆ–æ‹’ç»è¯¥å…³è”ã€‚”h]”(hX   æ¯ä¸ªSCTPå¥—æŽ¥å­—ä»…åˆ†é…ä¸€ä¸ªå¯¹ç«¯æ ‡ç­¾ã€‚è¿™ä¸ªæ ‡ç­¾å°†åœ¨å»ºç«‹ç¬¬ä¸€ä¸ªå…³è”æ—¶åˆ†é…ã€‚
ä»»ä½•åŽç»­åœ¨è¯¥å¥—æŽ¥å­—ä¸Šçš„å…³è”éƒ½ä¼šå°†å®ƒä»¬çš„æ•°æ®åŒ…å¯¹ç«¯æ ‡ç­¾ä¸Žå¥—æŽ¥å­—çš„å¯¹ç«¯æ ‡
ç­¾è¿›è¡Œæ¯”è¾ƒï¼Œåªæœ‰åœ¨å®ƒä»¬ä¸åŒçš„æƒ…å†µä¸‹ ”…””}”(hjå  hžhhŸNh Nubjê  )”}”(hŒ``association``”h]”hŒassociation”…””}”(hjí  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hjå  ubhŒ¢ æƒé™æ‰ä¼šè¢«éªŒè¯ã€‚
è¿™æ˜¯é€šè¿‡æ£€æŸ¥å¥—æŽ¥å­—çš„å¯¹ç«¯sidä¸ŽæŽ¥æ”¶åˆ°çš„æ•°æ®åŒ…ä¸­çš„å¯¹ç«¯sidæ¥éªŒè¯çš„ï¼Œä»¥å†³
å®šæ˜¯å¦å…è®¸æˆ–æ‹’ç»è¯¥å…³è”ã€‚”…””}”(hjå  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h MhjÔ  hžhubjÒ  )”}”(hhh]”j×  )”}”(hXå  æ³¨:
1) å¦‚æžœå¯¹ç«¯æ ‡ç­¾æœªå¯ç”¨ï¼Œåˆ™å¯¹ç«¯ä¸Šä¸‹æ–‡å°†å§‹ç»ˆæ˜¯ ``SECINITSID_UNLABELED``
   ï¼ˆåœ¨ç­–ç•¥å£°æ˜Žä¸­ä¸º ``unlabeled_t`` ï¼‰ã€‚

2) ç”±äºŽSCTPå¯ä»¥åœ¨å•ä¸ªå¥—æŽ¥å­—ä¸Šæ”¯æŒæ¯ä¸ªç«¯ç‚¹ï¼ˆå¤šå®¿ä¸»ï¼‰çš„å¤šä¸ªä¼ è¾“åœ°å€ï¼Œå› æ­¤
   å¯ä»¥é…ç½®ç­–ç•¥å’ŒNetLabelä¸ºæ¯ä¸ªç«¯ç‚¹æä¾›ä¸åŒçš„å¯¹ç«¯æ ‡ç­¾ã€‚ç”±äºŽå¥—æŽ¥å­—çš„å¯¹ç«¯
   æ ‡ç­¾æ˜¯ç”±ç¬¬ä¸€ä¸ªå…³è”çš„ä¼ è¾“åœ°å€å†³å®šçš„ï¼Œå› æ­¤å»ºè®®æ‰€æœ‰çš„å¯¹ç«¯æ ‡ç­¾ä¿æŒä¸€è‡´ã€‚

3) ç”¨æˆ·ç©ºé—´å¯ä»¥ä½¿ç”¨ **getpeercon**\(3) æ¥æ£€ç´¢å¥—æŽ¥å­—çš„å¯¹ç«¯ä¸Šä¸‹æ–‡ã€‚

4) è™½ç„¶è¿™ä¸æ˜¯SCTPç‰¹æœ‰çš„ï¼Œä½†åœ¨ä½¿ç”¨NetLabelæ—¶è¦æ³¨æ„ï¼Œå¦‚æžœæ ‡ç­¾åˆ†é…ç»™ç‰¹å®šçš„æŽ¥
   å£ï¼Œè€Œè¯¥æŽ¥å£â€˜goes downâ€™ï¼Œåˆ™NetLabelæœåŠ¡ä¼šç§»é™¤è¯¥æ¡ç›®ã€‚å› æ­¤ï¼Œè¯·ç¡®ä¿ç½‘ç»œå¯
   åŠ¨è„šæœ¬è°ƒç”¨ **netlabelctl**\(8) æ¥è®¾ç½®æ‰€éœ€çš„æ ‡ç­¾ï¼ˆè¯¦ç»†ä¿¡æ¯ï¼Œ
   è¯·å‚é˜… **netlabel-config**\(8) è¾…åŠ©è„šæœ¬ï¼‰ã€‚

5) NetLabel SCTPå¯¹ç«¯æ ‡ç­¾è§„åˆ™åº”ç”¨å¦‚ä¸‹æ‰€è¿°æ ‡ç­¾ä¸ºâ€œnetlabelâ€çš„ä¸€ç»„å¸–å­ï¼š
   https://www.paul-moore.com/blog/t.

6) CIPSOä»…æ”¯æŒIPv4åœ°å€ï¼š ``socket(AF_INET, ...)``
   CALIPSOä»…æ”¯æŒIPv6åœ°å€ï¼š ``socket(AF_INET6, ...)``

   æµ‹è¯•CIPSO/CALIPSOæ—¶è¯·æ³¨æ„ä»¥ä¸‹äº‹é¡¹ï¼š
      a) å¦‚æžœSCTPæ•°æ®åŒ…ç”±äºŽæ— æ•ˆæ ‡ç­¾æ— æ³•é€è¾¾ï¼ŒCIPSOä¼šå‘é€ä¸€ä¸ªICMPåŒ…ã€‚
      b) CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚

7) RFC 3554ä¸æ”¯æŒIPSEC â€”â€” SCTP/IPSECæ”¯æŒå°šæœªåœ¨ç”¨æˆ·ç©ºé—´å®žçŽ°(**racoon**\(8)
   æˆ– **ipsec_pluto**\(8))ï¼Œå°½ç®¡å†…æ ¸æ”¯æŒ SCTP/IPSECã€‚”h]”(jÝ  )”}”(hŒæ³¨:”h]”hŒæ³¨:”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jÜ  hŸh³h M<hj  ubjí  )”}”(hhh]”hŒenumerated_list”“”)”}”(hhh]”(hŒ	list_item”“”)”}”(hŒ†å¦‚æžœå¯¹ç«¯æ ‡ç­¾æœªå¯ç”¨ï¼Œåˆ™å¯¹ç«¯ä¸Šä¸‹æ–‡å°†å§‹ç»ˆæ˜¯ ``SECINITSID_UNLABELED``
ï¼ˆåœ¨ç­–ç•¥å£°æ˜Žä¸­ä¸º ``unlabeled_t`` ï¼‰ã€‚
”h]”h»)”}”(hŒ…å¦‚æžœå¯¹ç«¯æ ‡ç­¾æœªå¯ç”¨ï¼Œåˆ™å¯¹ç«¯ä¸Šä¸‹æ–‡å°†å§‹ç»ˆæ˜¯ ``SECINITSID_UNLABELED``
ï¼ˆåœ¨ç­–ç•¥å£°æ˜Žä¸­ä¸º ``unlabeled_t`` ï¼‰ã€‚”h]”(hŒ=å¦‚æžœå¯¹ç«¯æ ‡ç­¾æœªå¯ç”¨ï¼Œåˆ™å¯¹ç«¯ä¸Šä¸‹æ–‡å°†å§‹ç»ˆæ˜¯ ”…””}”(hj(  hžhhŸNh Nubjê  )”}”(hŒ``SECINITSID_UNLABELED``”h]”hŒSECINITSID_UNLABELED”…””}”(hj0  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hj(  ubhŒ
ï¼ˆåœ¨ç­–ç•¥å£°æ˜Žä¸­ä¸º ”…””}”(hj(  hžhhŸNh Nubjê  )”}”(hŒ``unlabeled_t``”h]”hŒunlabeled_t”…””}”(hjB  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hj(  ubhŒ ï¼‰ã€‚”…””}”(hj(  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h M$hj$  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j"  hj  ubj#  )”}”(hX/  ç”±äºŽSCTPå¯ä»¥åœ¨å•ä¸ªå¥—æŽ¥å­—ä¸Šæ”¯æŒæ¯ä¸ªç«¯ç‚¹ï¼ˆå¤šå®¿ä¸»ï¼‰çš„å¤šä¸ªä¼ è¾“åœ°å€ï¼Œå› æ­¤
å¯ä»¥é…ç½®ç­–ç•¥å’ŒNetLabelä¸ºæ¯ä¸ªç«¯ç‚¹æä¾›ä¸åŒçš„å¯¹ç«¯æ ‡ç­¾ã€‚ç”±äºŽå¥—æŽ¥å­—çš„å¯¹ç«¯
æ ‡ç­¾æ˜¯ç”±ç¬¬ä¸€ä¸ªå…³è”çš„ä¼ è¾“åœ°å€å†³å®šçš„ï¼Œå› æ­¤å»ºè®®æ‰€æœ‰çš„å¯¹ç«¯æ ‡ç­¾ä¿æŒä¸€è‡´ã€‚
”h]”h»)”}”(hX.  ç”±äºŽSCTPå¯ä»¥åœ¨å•ä¸ªå¥—æŽ¥å­—ä¸Šæ”¯æŒæ¯ä¸ªç«¯ç‚¹ï¼ˆå¤šå®¿ä¸»ï¼‰çš„å¤šä¸ªä¼ è¾“åœ°å€ï¼Œå› æ­¤
å¯ä»¥é…ç½®ç­–ç•¥å’ŒNetLabelä¸ºæ¯ä¸ªç«¯ç‚¹æä¾›ä¸åŒçš„å¯¹ç«¯æ ‡ç­¾ã€‚ç”±äºŽå¥—æŽ¥å­—çš„å¯¹ç«¯
æ ‡ç­¾æ˜¯ç”±ç¬¬ä¸€ä¸ªå…³è”çš„ä¼ è¾“åœ°å€å†³å®šçš„ï¼Œå› æ­¤å»ºè®®æ‰€æœ‰çš„å¯¹ç«¯æ ‡ç­¾ä¿æŒä¸€è‡´ã€‚”h]”hX.  ç”±äºŽSCTPå¯ä»¥åœ¨å•ä¸ªå¥—æŽ¥å­—ä¸Šæ”¯æŒæ¯ä¸ªç«¯ç‚¹ï¼ˆå¤šå®¿ä¸»ï¼‰çš„å¤šä¸ªä¼ è¾“åœ°å€ï¼Œå› æ­¤
å¯ä»¥é…ç½®ç­–ç•¥å’ŒNetLabelä¸ºæ¯ä¸ªç«¯ç‚¹æä¾›ä¸åŒçš„å¯¹ç«¯æ ‡ç­¾ã€‚ç”±äºŽå¥—æŽ¥å­—çš„å¯¹ç«¯
æ ‡ç­¾æ˜¯ç”±ç¬¬ä¸€ä¸ªå…³è”çš„ä¼ è¾“åœ°å€å†³å®šçš„ï¼Œå› æ­¤å»ºè®®æ‰€æœ‰çš„å¯¹ç«¯æ ‡ç­¾ä¿æŒä¸€è‡´ã€‚”…””}”(hjd  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h M'hj`  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j"  hj  ubj#  )”}”(hŒTç”¨æˆ·ç©ºé—´å¯ä»¥ä½¿ç”¨ **getpeercon**\(3) æ¥æ£€ç´¢å¥—æŽ¥å­—çš„å¯¹ç«¯ä¸Šä¸‹æ–‡ã€‚
”h]”h»)”}”(hŒSç”¨æˆ·ç©ºé—´å¯ä»¥ä½¿ç”¨ **getpeercon**\(3) æ¥æ£€ç´¢å¥—æŽ¥å­—çš„å¯¹ç«¯ä¸Šä¸‹æ–‡ã€‚”h]”(hŒç”¨æˆ·ç©ºé—´å¯ä»¥ä½¿ç”¨ ”…””}”(hj|  hžhhŸNh Nubj¢  )”}”(hŒ**getpeercon**”h]”hŒ
getpeercon”…””}”(hj„  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j¡  hj|  ubhŒ, (3) æ¥æ£€ç´¢å¥—æŽ¥å­—çš„å¯¹ç«¯ä¸Šä¸‹æ–‡ã€‚”…””}”(hj|  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h M+hjx  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j"  hj  ubj#  )”}”(hXN  è™½ç„¶è¿™ä¸æ˜¯SCTPç‰¹æœ‰çš„ï¼Œä½†åœ¨ä½¿ç”¨NetLabelæ—¶è¦æ³¨æ„ï¼Œå¦‚æžœæ ‡ç­¾åˆ†é…ç»™ç‰¹å®šçš„æŽ¥
å£ï¼Œè€Œè¯¥æŽ¥å£â€˜goes downâ€™ï¼Œåˆ™NetLabelæœåŠ¡ä¼šç§»é™¤è¯¥æ¡ç›®ã€‚å› æ­¤ï¼Œè¯·ç¡®ä¿ç½‘ç»œå¯
åŠ¨è„šæœ¬è°ƒç”¨ **netlabelctl**\(8) æ¥è®¾ç½®æ‰€éœ€çš„æ ‡ç­¾ï¼ˆè¯¦ç»†ä¿¡æ¯ï¼Œ
è¯·å‚é˜… **netlabel-config**\(8) è¾…åŠ©è„šæœ¬ï¼‰ã€‚
”h]”h»)”}”(hXM  è™½ç„¶è¿™ä¸æ˜¯SCTPç‰¹æœ‰çš„ï¼Œä½†åœ¨ä½¿ç”¨NetLabelæ—¶è¦æ³¨æ„ï¼Œå¦‚æžœæ ‡ç­¾åˆ†é…ç»™ç‰¹å®šçš„æŽ¥
å£ï¼Œè€Œè¯¥æŽ¥å£â€˜goes downâ€™ï¼Œåˆ™NetLabelæœåŠ¡ä¼šç§»é™¤è¯¥æ¡ç›®ã€‚å› æ­¤ï¼Œè¯·ç¡®ä¿ç½‘ç»œå¯
åŠ¨è„šæœ¬è°ƒç”¨ **netlabelctl**\(8) æ¥è®¾ç½®æ‰€éœ€çš„æ ‡ç­¾ï¼ˆè¯¦ç»†ä¿¡æ¯ï¼Œ
è¯·å‚é˜… **netlabel-config**\(8) è¾…åŠ©è„šæœ¬ï¼‰ã€‚”h]”(hŒÚè™½ç„¶è¿™ä¸æ˜¯SCTPç‰¹æœ‰çš„ï¼Œä½†åœ¨ä½¿ç”¨NetLabelæ—¶è¦æ³¨æ„ï¼Œå¦‚æžœæ ‡ç­¾åˆ†é…ç»™ç‰¹å®šçš„æŽ¥
å£ï¼Œè€Œè¯¥æŽ¥å£â€˜goes downâ€™ï¼Œåˆ™NetLabelæœåŠ¡ä¼šç§»é™¤è¯¥æ¡ç›®ã€‚å› æ­¤ï¼Œè¯·ç¡®ä¿ç½‘ç»œå¯
åŠ¨è„šæœ¬è°ƒç”¨ ”…””}”(hj¦  hžhhŸNh Nubj¢  )”}”(hŒ**netlabelctl**”h]”hŒnetlabelctl”…””}”(hj®  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j¡  hj¦  ubhŒ: (8) æ¥è®¾ç½®æ‰€éœ€çš„æ ‡ç­¾ï¼ˆè¯¦ç»†ä¿¡æ¯ï¼Œ
è¯·å‚é˜… ”…””}”(hj¦  hžhhŸNh Nubj¢  )”}”(hŒ**netlabel-config**”h]”hŒnetlabel-config”…””}”(hjÀ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j¡  hj¦  ubhŒ (8) è¾…åŠ©è„šæœ¬ï¼‰ã€‚”…””}”(hj¦  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h M-hj¢  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j"  hj  ubj#  )”}”(hŒ~NetLabel SCTPå¯¹ç«¯æ ‡ç­¾è§„åˆ™åº”ç”¨å¦‚ä¸‹æ‰€è¿°æ ‡ç­¾ä¸ºâ€œnetlabelâ€çš„ä¸€ç»„å¸–å­ï¼š
https://www.paul-moore.com/blog/t.
”h]”h»)”}”(hŒ}NetLabel SCTPå¯¹ç«¯æ ‡ç­¾è§„åˆ™åº”ç”¨å¦‚ä¸‹æ‰€è¿°æ ‡ç­¾ä¸ºâ€œnetlabelâ€çš„ä¸€ç»„å¸–å­ï¼š
https://www.paul-moore.com/blog/t.”h]”(hŒ[NetLabel SCTPå¯¹ç«¯æ ‡ç­¾è§„åˆ™åº”ç”¨å¦‚ä¸‹æ‰€è¿°æ ‡ç­¾ä¸ºâ€œnetlabelâ€çš„ä¸€ç»„å¸–å­ï¼š
”…””}”(hjâ  hžhhŸNh Nubj)  )”}”(hŒ!https://www.paul-moore.com/blog/t”h]”hŒ!https://www.paul-moore.com/blog/t”…””}”(hjê  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”jì  uh1j(  hjâ  ubhŒ.”…””}”(hjâ  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h M2hjÞ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j"  hj  ubj#  )”}”(hX8  CIPSOä»…æ”¯æŒIPv4åœ°å€ï¼š ``socket(AF_INET, ...)``
CALIPSOä»…æ”¯æŒIPv6åœ°å€ï¼š ``socket(AF_INET6, ...)``

æµ‹è¯•CIPSO/CALIPSOæ—¶è¯·æ³¨æ„ä»¥ä¸‹äº‹é¡¹ï¼š
   a) å¦‚æžœSCTPæ•°æ®åŒ…ç”±äºŽæ— æ•ˆæ ‡ç­¾æ— æ³•é€è¾¾ï¼ŒCIPSOä¼šå‘é€ä¸€ä¸ªICMPåŒ…ã€‚
   b) CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚
”h]”(h»)”}”(hŒlCIPSOä»…æ”¯æŒIPv4åœ°å€ï¼š ``socket(AF_INET, ...)``
CALIPSOä»…æ”¯æŒIPv6åœ°å€ï¼š ``socket(AF_INET6, ...)``”h]”(hŒCIPSOä»…æ”¯æŒIPv4åœ°å€ï¼š ”…””}”(hj	  hžhhŸNh Nubjê  )”}”(hŒ``socket(AF_INET, ...)``”h]”hŒsocket(AF_INET, ...)”…””}”(hj	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hj	  ubhŒ
CALIPSOä»…æ”¯æŒIPv6åœ°å€ï¼š ”…””}”(hj	  hžhhŸNh Nubjê  )”}”(hŒ``socket(AF_INET6, ...)``”h]”hŒsocket(AF_INET6, ...)”…””}”(hj'	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jé  hj	  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h M5hj		  ubjÒ  )”}”(hhh]”j×  )”}”(hŒÄæµ‹è¯•CIPSO/CALIPSOæ—¶è¯·æ³¨æ„ä»¥ä¸‹äº‹é¡¹ï¼š
a) å¦‚æžœSCTPæ•°æ®åŒ…ç”±äºŽæ— æ•ˆæ ‡ç­¾æ— æ³•é€è¾¾ï¼ŒCIPSOä¼šå‘é€ä¸€ä¸ªICMPåŒ…ã€‚
b) CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚
”h]”(jÝ  )”}”(hŒ.æµ‹è¯•CIPSO/CALIPSOæ—¶è¯·æ³¨æ„ä»¥ä¸‹äº‹é¡¹ï¼š”h]”hŒ.æµ‹è¯•CIPSO/CALIPSOæ—¶è¯·æ³¨æ„ä»¥ä¸‹äº‹é¡¹ï¼š”…””}”(hjB	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jÜ  hŸh³h M:hj>	  ubjí  )”}”(hhh]”j  )”}”(hhh]”(j#  )”}”(hŒRå¦‚æžœSCTPæ•°æ®åŒ…ç”±äºŽæ— æ•ˆæ ‡ç­¾æ— æ³•é€è¾¾ï¼ŒCIPSOä¼šå‘é€ä¸€ä¸ªICMPåŒ…ã€‚”h]”h»)”}”(hjX	  h]”hŒRå¦‚æžœSCTPæ•°æ®åŒ…ç”±äºŽæ— æ•ˆæ ‡ç­¾æ— æ³•é€è¾¾ï¼ŒCIPSOä¼šå‘é€ä¸€ä¸ªICMPåŒ…ã€‚”…””}”(hjZ	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h M9hjV	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j"  hjS	  ubj#  )”}”(hŒ<CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚
”h]”h»)”}”(hŒ;CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚”h]”hŒ;CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚”…””}”(hjq	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h M:hjm	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j"  hjS	  ubeh}”(h]”h ]”h"]”h$]”h&]”Œenumtype”Œ
loweralpha”Œprefix”hŒsuffix”Œ)”uh1j  hjP	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jì  hj>	  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jÖ  hŸh³h M:hj;	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÑ  hj		  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j"  hj  ubj#  )”}”(hŒ”RFC 3554ä¸æ”¯æŒIPSEC â€”â€” SCTP/IPSECæ”¯æŒå°šæœªåœ¨ç”¨æˆ·ç©ºé—´å®žçŽ°(**racoon**\(8)
æˆ– **ipsec_pluto**\(8))ï¼Œå°½ç®¡å†…æ ¸æ”¯æŒ SCTP/IPSECã€‚”h]”h»)”}”(hŒ”RFC 3554ä¸æ”¯æŒIPSEC â€”â€” SCTP/IPSECæ”¯æŒå°šæœªåœ¨ç”¨æˆ·ç©ºé—´å®žçŽ°(**racoon**\(8)
æˆ– **ipsec_pluto**\(8))ï¼Œå°½ç®¡å†…æ ¸æ”¯æŒ SCTP/IPSECã€‚”h]”(hŒJRFC 3554ä¸æ”¯æŒIPSEC â€”â€” SCTP/IPSECæ”¯æŒå°šæœªåœ¨ç”¨æˆ·ç©ºé—´å®žçŽ°(”…””}”(hj¬	  hžhhŸNh Nubj¢  )”}”(hŒ
**racoon**”h]”hŒracoon”…””}”(hj´	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j¡  hj¬	  ubhŒ	 (8)
æˆ– ”…””}”(hj¬	  hžhhŸNh Nubj¢  )”}”(hŒ**ipsec_pluto**”h]”hŒipsec_pluto”…””}”(hjÆ	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j¡  hj¬	  ubhŒ( (8))ï¼Œå°½ç®¡å†…æ ¸æ”¯æŒ SCTP/IPSECã€‚”…””}”(hj¬	  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hºhŸh³h M<hj¨	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j"  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”j‹	  Œarabic”j	  hjŽ	  j	  uh1j  hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jì  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jÖ  hŸh³h M<hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÑ  hjÔ  hžhhŸNh Nubeh}”(h]”Œid9”ah ]”h"]”Œsctpå¯¹ç«¯æ ‡ç­¾”ah$]”h&]”uh1jV  hj.  hžhhŸh³h Mubeh}”(h]”jÄ  ah ]”h"]”Œsctpçš„selinuxæ”¯æŒ”ah$]”h&]”uh1jV  hjX  hžhhŸh³h K²j+  Kubeh}”(h]”Œsctp”ah ]”h"]”Œsctp”ah$]”h&]”uh1jV  hhhžhhŸh³h Kubeh}”(h]”h ]”h"]”h$]”h&]”Œsource”h³uh1hŒcurrent_source”NŒcurrent_line”NŒsettings”Œdocutils.frontend”ŒValues”“”)”}”(j[  NŒ	generator”NŒ	datestamp”NŒsource_link”NŒ
source_url”NŒtoc_backlinks”Œentry”Œfootnote_backlinks”KŒsectnum_xform”KŒstrip_comments”NŒstrip_elements_with_classes”NŒstrip_classes”NŒreport_level”KŒ
halt_level”KŒexit_status_level”KŒdebug”NŒwarning_stream”NŒ	traceback”ˆŒinput_encoding”Œ	utf-8-sig”Œinput_encoding_error_handler”Œstrict”Œoutput_encoding”Œutf-8”Œoutput_encoding_error_handler”j7
  Œerror_encoding”Œutf-8”Œerror_encoding_error_handler”Œbackslashreplace”Œlanguage_code”Œen”Œrecord_dependencies”NŒconfig”NŒ	id_prefix”hŒauto_id_prefix”Œid”Œdump_settings”NŒdump_internals”NŒdump_transforms”NŒdump_pseudo_xml”NŒexpose_internals”NŒstrict_visitor”NŒ_disable_config”NŒ_source”h³Œ_destination”NŒ_config_files”]”Œ7/var/lib/git/docbuild/linux/Documentation/docutils.conf”aŒfile_insertion_enabled”ˆŒraw_enabled”KŒline_length_limit”M'Œpep_references”NŒpep_base_url”Œhttps://peps.python.org/”Œpep_file_url_template”Œpep-%04d”Œrfc_references”NŒrfc_base_url”Œ&https://datatracker.ietf.org/doc/html/”Œ	tab_width”KŒtrim_footnote_reference_space”‰Œsyntax_highlight”Œlong”Œsmart_quotes”ˆŒsmartquotes_locales”]”Œcharacter_level_inline_markup”‰Œdoctitle_xform”‰Œdocinfo_xform”KŒsectsubtitle_xform”‰Œimage_loading”Œlink”Œembed_stylesheet”‰Œcloak_email_addresses”ˆŒsection_self_link”‰Œenv”NubŒreporter”NŒindirect_targets”]”Œsubstitution_defs”}”Œsubstitution_names”}”Œrefnames”}”(Œsctpçš„selinuxæ”¯æŒ”]”j³  aŒsctpçš„lsmæ”¯æŒ”]”(jX  j  euŒrefids”}”Œnameids”}”(j
  j
  j+  j(  Œå®‰å…¨é’©å­”NŒsecurity_sctp_assoc_request()”NŒsecurity_sctp_bind_connect()”NŒsecurity_sctp_sk_clone()”NŒ!security_sctp_assoc_established()”Nj#  j   j	
  jÄ  jÑ  jÎ  j
  jÿ	  uŒ	nametypes”}”(j
  ‰j+  ‰j
  ‰j€
  ‰j
  ‰j‚
  ‰jƒ
  ‰j#  ‰j	
  ‰jÑ  ‰j
  ‰uh}”(j
  jX  j(  jk  jµ  j|  j%  jÐ  j  j,  jf  j  j­  jl  j   j»  jÄ  j.  j  j?  jÍ  j€  jC  jÒ  jÑ  jH  j  jÖ  jÎ  j#  jÿ	  jÔ  uŒfootnote_refs”}”Œcitation_refs”}”Œautofootnotes”]”Œautofootnote_refs”]”Œsymbol_footnotes”]”Œsymbol_footnote_refs”]”Œ	footnotes”]”Œ	citations”]”Œautofootnote_start”KŒsymbol_footnote_start”K Œ
id_counter”Œcollections”ŒCounter”“”}”jE
  K	s…”R”Œparse_messages”]”(hŒsystem_message”“”)”}”(hhh]”h»)”}”(hŒ/Duplicate implicit target name: "å®‰å…¨é’©å­".”h]”hŒ3Duplicate implicit target name: â€œå®‰å…¨é’©å­â€.”…””}”(hj§
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhj¤
  ubah}”(h]”h ]”h"]”h$]”h&]”j  aŒlevel”KŒtype”ŒINFO”Œsource”h³Œline”Kµuh1j¢
  hj?  hžhhŸh³h Kµubj£
  )”}”(hhh]”h»)”}”(hŒ@Duplicate implicit target name: "security_sctp_assoc_request()".”h]”hŒDDuplicate implicit target name: â€œsecurity_sctp_assoc_request()â€.”…””}”(hjÃ
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhjÀ
  ubah}”(h]”h ]”h"]”h$]”h&]”jÍ  aŒlevel”KŒtype”j½
  Œsource”h³Œline”KÁuh1j¢
  hj€  hžhhŸh³h KÁubj£
  )”}”(hhh]”h»)”}”(hŒ?Duplicate implicit target name: "security_sctp_bind_connect()".”h]”hŒCDuplicate implicit target name: â€œsecurity_sctp_bind_connect()â€.”…””}”(hjÞ
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhjÛ
  ubah}”(h]”h ]”h"]”h$]”h&]”jC  aŒlevel”KŒtype”j½
  Œsource”h³Œline”KÙuh1j¢
  hjÒ  hžhhŸh³h KÙubj£
  )”}”(hhh]”h»)”}”(hŒ;Duplicate implicit target name: "security_sctp_sk_clone()".”h]”hŒ?Duplicate implicit target name: â€œsecurity_sctp_sk_clone()â€.”…””}”(hjù
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhjö
  ubah}”(h]”h ]”h"]”h$]”h&]”jÑ  aŒlevel”KŒtype”j½
  Œsource”h³Œline”Kõuh1j¢
  hjH  hžhhŸh³h Kõubj£
  )”}”(hhh]”h»)”}”(hŒDDuplicate implicit target name: "security_sctp_assoc_established()".”h]”hŒHDuplicate implicit target name: â€œsecurity_sctp_assoc_established()â€.”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhj  ubah}”(h]”h ]”h"]”h$]”h&]”j  aŒlevel”KŒtype”j½
  Œsource”h³Œline”Muh1j¢
  hjÖ  hžhhŸh³h MubeŒtransform_messages”]”Œtransformer”NŒinclude_log”]”Œ2Documentation/translations/zh_CN/security/SCTP.rst”(NNNNt”†”aŒ
decoration”Nhžhub.