€•AÙ      Œsphinx.addnodes”Œdocument”“”)”}”(Œ	rawsource”Œ ”Œchildren”]”(Œtranslations”ŒLanguagesNode”“”)”}”(hhh]”(h Œpending_xref”“”)”}”(hhh]”Œdocutils.nodes”ŒText”“”ŒEnglish”…””}”Œparent”hsbaŒ
attributes”}”(Œids”]”Œclasses”]”Œnames”]”Œdupnames”]”Œbackrefs”]”Œ	refdomain”Œstd”Œreftype”Œdoc”Œ	reftarget”Œ/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuŒtagname”hhhubh)”}”(hhh]”hŒChinese (Traditional)”…””}”hh2sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ!/translations/zh_TW/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒItalian”…””}”hhFsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ!/translations/it_IT/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒJapanese”…””}”hhZsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ!/translations/ja_JP/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒKorean”…””}”hhnsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ!/translations/ko_KR/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒPortuguese (Brazilian)”…””}”hh‚sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ!/translations/pt_BR/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒSpanish”…””}”hh–sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ!/translations/sp_SP/security/SCTP”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubeh}”(h]”h ]”h"]”h$]”h&]”Œcurrent_language”ŒChinese (Simplified)”uh1h
hhŒ	_document”hŒsource”NŒline”NubhŒcomment”“”)”}”(hŒ SPDX-License-Identifier: GPL-2.0”h]”hŒ SPDX-License-Identifier: GPL-2.0”…””}”hh·sbah}”(h]”h ]”h"]”h$]”h&]”Œ	xml:space”Œpreserve”uh1hµhhh²hh³ŒN/var/lib/git/docbuild/linux/Documentation/translations/zh_CN/security/SCTP.rst”h´KubhŒnote”“”)”}”(hX{  æ­¤æ–‡ä»¶çš„ç›®çš„æ˜¯ä¸ºè®©ä¸­æ–‡è¯»è€…æ›´å®¹æ˜“é˜…è¯»å’Œç†è§£ï¼Œè€Œä¸æ˜¯ä½œä¸ºä¸€ä¸ªåˆ†æ”¯ã€‚ å› æ­¤ï¼Œ
å¦‚æžœæ‚¨å¯¹æ­¤æ–‡ä»¶æœ‰ä»»ä½•æ„è§æˆ–æ›´æ–°ï¼Œè¯·å…ˆå°è¯•æ›´æ–°åŽŸå§‹è‹±æ–‡æ–‡ä»¶ã€‚
å¦‚æžœæ‚¨å‘çŽ°æœ¬æ–‡æ¡£ä¸ŽåŽŸå§‹æ–‡ä»¶æœ‰ä»»ä½•ä¸åŒæˆ–è€…æœ‰ç¿»è¯‘é—®é¢˜ï¼Œè¯·å‘å»ºè®®æˆ–è€…è¡¥ä¸ç»™
è¯¥æ–‡ä»¶çš„è¯‘è€…ï¼Œæˆ–è€…è¯·æ±‚ä¸­æ–‡æ–‡æ¡£ç»´æŠ¤è€…å’Œå®¡é˜…è€…çš„å¸®åŠ©ã€‚”h]”hŒ	paragraph”“”)”}”(hX{  æ­¤æ–‡ä»¶çš„ç›®çš„æ˜¯ä¸ºè®©ä¸­æ–‡è¯»è€…æ›´å®¹æ˜“é˜…è¯»å’Œç†è§£ï¼Œè€Œä¸æ˜¯ä½œä¸ºä¸€ä¸ªåˆ†æ”¯ã€‚ å› æ­¤ï¼Œ
å¦‚æžœæ‚¨å¯¹æ­¤æ–‡ä»¶æœ‰ä»»ä½•æ„è§æˆ–æ›´æ–°ï¼Œè¯·å…ˆå°è¯•æ›´æ–°åŽŸå§‹è‹±æ–‡æ–‡ä»¶ã€‚
å¦‚æžœæ‚¨å‘çŽ°æœ¬æ–‡æ¡£ä¸ŽåŽŸå§‹æ–‡ä»¶æœ‰ä»»ä½•ä¸åŒæˆ–è€…æœ‰ç¿»è¯‘é—®é¢˜ï¼Œè¯·å‘å»ºè®®æˆ–è€…è¡¥ä¸ç»™
è¯¥æ–‡ä»¶çš„è¯‘è€…ï¼Œæˆ–è€…è¯·æ±‚ä¸­æ–‡æ–‡æ¡£ç»´æŠ¤è€…å’Œå®¡é˜…è€…çš„å¸®åŠ©ã€‚”h]”hX{  æ­¤æ–‡ä»¶çš„ç›®çš„æ˜¯ä¸ºè®©ä¸­æ–‡è¯»è€…æ›´å®¹æ˜“é˜…è¯»å’Œç†è§£ï¼Œè€Œä¸æ˜¯ä½œä¸ºä¸€ä¸ªåˆ†æ”¯ã€‚ å› æ­¤ï¼Œ
å¦‚æžœæ‚¨å¯¹æ­¤æ–‡ä»¶æœ‰ä»»ä½•æ„è§æˆ–æ›´æ–°ï¼Œè¯·å…ˆå°è¯•æ›´æ–°åŽŸå§‹è‹±æ–‡æ–‡ä»¶ã€‚
å¦‚æžœæ‚¨å‘çŽ°æœ¬æ–‡æ¡£ä¸ŽåŽŸå§‹æ–‡ä»¶æœ‰ä»»ä½•ä¸åŒæˆ–è€…æœ‰ç¿»è¯‘é—®é¢˜ï¼Œè¯·å‘å»ºè®®æˆ–è€…è¡¥ä¸ç»™
è¯¥æ–‡ä»¶çš„è¯‘è€…ï¼Œæˆ–è€…è¯·æ±‚ä¸­æ–‡æ–‡æ¡£ç»´æŠ¤è€…å’Œå®¡é˜…è€…çš„å¸®åŠ©ã€‚”…””}”(hhÐh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³Œ5Documentation/translations/zh_CN/disclaimer-zh_CN.rst”h´KhhÊubah}”(h]”h ]”h"]”h$]”h&]”uh1hÈhhh²hh³hÞh´NubhŒ
field_list”“”)”}”(hhh]”(hŒfield”“”)”}”(hhh]”(hŒ
field_name”“”)”}”(hŒOriginal”h]”hŒOriginal”…””}”(hhñh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hïhhìh³hÇh´K ubhŒ
field_body”“”)”}”(hŒ Documentation/security/SCTP.rst
”h]”hÏ)”}”(hŒDocumentation/security/SCTP.rst”h]”hŒDocumentation/security/SCTP.rst”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Khj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hÿhhìubeh}”(h]”h ]”h"]”h$]”h&]”uh1hêh³hÇh´Khhçh²hubhë)”}”(hhh]”(hð)”}”(hŒç¿»è¯‘”h]”hŒç¿»è¯‘”…””}”(hj"  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hïhj  h³hÇh´K ubj   )”}”(hŒ.èµµç¡• Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
”h]”hÏ)”}”(hŒ-èµµç¡• Shuo Zhao <zhaoshuo@cqsoftware.com.cn>”h]”(hŒèµµç¡• Shuo Zhao <”…””}”(hj4  h²hh³Nh´NubhŒ	reference”“”)”}”(hŒzhaoshuo@cqsoftware.com.cn”h]”hŒzhaoshuo@cqsoftware.com.cn”…””}”(hj>  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”Œ!mailto:zhaoshuo@cqsoftware.com.cn”uh1j<  hj4  ubhŒ>”…””}”(hj4  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Khj0  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hÿhj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hêh³hÇh´Khhçh²hubeh}”(h]”h ]”h"]”h$]”h&]”uh1håhhh²hh³hÇh´KubhŒsection”“”)”}”(hhh]”(hŒtitle”“”)”}”(hŒSCTP”h]”hŒSCTP”…””}”(hjq  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hjl  h²hh³hÇh´Kubjk  )”}”(hhh]”(jp  )”}”(hŒSCTPçš„LSMæ”¯æŒ”h]”hŒSCTPçš„LSMæ”¯æŒ”…””}”(hj‚  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hj  h²hh³hÇh´Kubjk  )”}”(hhh]”(jp  )”}”(hŒå®‰å…¨é’©å­”h]”hŒå®‰å…¨é’©å­”…””}”(hj“  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hj  h²hh³hÇh´KubhÏ)”}”(hŒHå¯¹äºŽå®‰å…¨æ¨¡å—æ”¯æŒï¼Œå·²ç»å®žçŽ°äº†ä¸‰ä¸ªç‰¹å®šäºŽSCTPçš„é’©å­::”h]”hŒGå¯¹äºŽå®‰å…¨æ¨¡å—æ”¯æŒï¼Œå·²ç»å®žçŽ°äº†ä¸‰ä¸ªç‰¹å®šäºŽSCTPçš„é’©å­:”…””}”(hj¡  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Khj  h²hubhŒliteral_block”“”)”}”(hŒusecurity_sctp_assoc_request()
security_sctp_bind_connect()
security_sctp_sk_clone()
security_sctp_assoc_established()”h]”hŒusecurity_sctp_assoc_request()
security_sctp_bind_connect()
security_sctp_sk_clone()
security_sctp_assoc_established()”…””}”hj±  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´Khj  h²hubhÏ)”}”(hŒ\è¿™äº›é’©å­çš„ç”¨æ³•åœ¨ä¸‹é¢çš„ `SCTPçš„SELinuxæ”¯æŒ`_ ä¸€ç« ä¸­æè¿°SELinuxçš„å®žçŽ°ã€‚”h]”(hŒ"è¿™äº›é’©å­çš„ç”¨æ³•åœ¨ä¸‹é¢çš„ ”…””}”(hj¿  h²hh³Nh´Nubj=  )”}”(hŒ`SCTPçš„SELinuxæ”¯æŒ`_”h]”hŒSCTPçš„SELinuxæ”¯æŒ”…””}”(hjÇ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”Œname”ŒSCTPçš„SELinuxæ”¯æŒ”Œrefid”Œsctpselinux”uh1j<  hj¿  Œresolved”KubhŒ# ä¸€ç« ä¸­æè¿°SELinuxçš„å®žçŽ°ã€‚”…””}”(hj¿  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Khj  h²hubjk  )”}”(hhh]”(jp  )”}”(hŒsecurity_sctp_assoc_request()”h]”hŒsecurity_sctp_assoc_request()”…””}”(hjç  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hjä  h²hh³hÇh´KubhÏ)”}”(hŒ€å°†å…³è”INITæ•°æ®åŒ…çš„ ``@asoc`` å’Œ ``@chunk->skb`` ä¼ é€’ç»™å®‰å…¨æ¨¡å—ã€‚
æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥æ—¶è¿”å›žé”™è¯¯ã€‚
::”h]”(hŒå°†å…³è”INITæ•°æ®åŒ…çš„ ”…””}”(hjõ  h²hh³Nh´NubhŒliteral”“”)”}”(hŒ	``@asoc``”h]”hŒ@asoc”…””}”(hjÿ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjõ  ubhŒ å’Œ ”…””}”(hjõ  h²hh³Nh´Nubjþ  )”}”(hŒ``@chunk->skb``”h]”hŒ@chunk->skb”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjõ  ubhŒF ä¼ é€’ç»™å®‰å…¨æ¨¡å—ã€‚
æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥æ—¶è¿”å›žé”™è¯¯ã€‚”…””}”(hjõ  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Khjä  h²hubj°  )”}”(hŒ_@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘åŒ…å«å…³è”æ•°æ®åŒ…skbuffçš„æŒ‡é’ˆã€‚”h]”hŒ_@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘åŒ…å«å…³è”æ•°æ®åŒ…skbuffçš„æŒ‡é’ˆã€‚”…””}”hj)  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´K#hjä  h²hubeh}”(h]”Œsecurity-sctp-assoc-request”ah ]”h"]”h$]”Œsecurity_sctp_assoc_request()”ah&]”uh1jj  hj  h²hh³hÇh´KŒ
referenced”Kubjk  )”}”(hhh]”(jp  )”}”(hŒsecurity_sctp_bind_connect()”h]”hŒsecurity_sctp_bind_connect()”…””}”(hjC  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hj@  h²hh³hÇh´K(ubhÏ)”}”(hŒÛå°†ä¸€ä¸ªæˆ–å¤šä¸ªIPv4/IPv6åœ°å€ä¼ é€’ç»™å®‰å…¨æ¨¡å—è¿›è¡ŒåŸºäºŽ ``@optname`` çš„éªŒè¯ï¼Œ
è¿™å°†å¯¼è‡´æ˜¯ç»‘å®šè¿˜æ˜¯è¿žæŽ¥æœåŠ¡ï¼Œå¦‚ä¸‹é¢çš„æƒé™æ£€æŸ¥è¡¨æ‰€ç¤ºã€‚æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥
æ—¶è¿”å›žé”™è¯¯ã€‚
::”h]”(hŒCå°†ä¸€ä¸ªæˆ–å¤šä¸ªIPv4/IPv6åœ°å€ä¼ é€’ç»™å®‰å…¨æ¨¡å—è¿›è¡ŒåŸºäºŽ ”…””}”(hjQ  h²hh³Nh´Nubjþ  )”}”(hŒ``@optname``”h]”hŒ@optname”…””}”(hjY  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjQ  ubhŒ‰ çš„éªŒè¯ï¼Œ
è¿™å°†å¯¼è‡´æ˜¯ç»‘å®šè¿˜æ˜¯è¿žæŽ¥æœåŠ¡ï¼Œå¦‚ä¸‹é¢çš„æƒé™æ£€æŸ¥è¡¨æ‰€ç¤ºã€‚æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥
æ—¶è¿”å›žé”™è¯¯ã€‚”…””}”(hjQ  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´K)hj@  h²hubj°  )”}”(hXâ        @sk      - æŒ‡å‘sockç»“æž„çš„æŒ‡é’ˆã€‚
      @optname - éœ€è¦éªŒè¯çš„é€‰é¡¹åç§°ã€‚
      @address - ä¸€ä¸ªæˆ–å¤šä¸ªIPv4 / IPv6åœ°å€ã€‚
      @addrlen - åœ°å€çš„æ€»é•¿åº¦ã€‚ä½¿ç”¨sizeof(struct sockaddr_in)æˆ–
                         sizeof(struct sockaddr_in6)æ¥è®¡ç®—æ¯ä¸ªipv4æˆ–ipv6åœ°å€ã€‚

------------------------------------------------------------------
|                     BIND ç±»åž‹æ£€æŸ¥                               |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_BINDX_ADD     | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_PRIMARY_ADDR          | å•ä¸ª ipv4 or ipv6 åœ°å€             |
| SCTP_SET_PEER_PRIMARY_ADDR | å•ä¸ª ipv4 or ipv6 åœ°å€             |
------------------------------------------------------------------

------------------------------------------------------------------
|                   CONNECT ç±»åž‹æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_CONNECTX      | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_PARAM_ADD_IP          | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_SENDMSG_CONNECT       | å•ä¸ª ipv4 or ipv6 åœ°å€             |
| SCTP_PARAM_SET_PRIMARY     | å•ä¸ª ipv4 or ipv6 åœ°å€             |
------------------------------------------------------------------”h]”hXâ        @sk      - æŒ‡å‘sockç»“æž„çš„æŒ‡é’ˆã€‚
      @optname - éœ€è¦éªŒè¯çš„é€‰é¡¹åç§°ã€‚
      @address - ä¸€ä¸ªæˆ–å¤šä¸ªIPv4 / IPv6åœ°å€ã€‚
      @addrlen - åœ°å€çš„æ€»é•¿åº¦ã€‚ä½¿ç”¨sizeof(struct sockaddr_in)æˆ–
                         sizeof(struct sockaddr_in6)æ¥è®¡ç®—æ¯ä¸ªipv4æˆ–ipv6åœ°å€ã€‚

------------------------------------------------------------------
|                     BIND ç±»åž‹æ£€æŸ¥                               |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_BINDX_ADD     | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_PRIMARY_ADDR          | å•ä¸ª ipv4 or ipv6 åœ°å€             |
| SCTP_SET_PEER_PRIMARY_ADDR | å•ä¸ª ipv4 or ipv6 åœ°å€             |
------------------------------------------------------------------

------------------------------------------------------------------
|                   CONNECT ç±»åž‹æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_CONNECTX      | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_PARAM_ADD_IP          | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€         |
| SCTP_SENDMSG_CONNECT       | å•ä¸ª ipv4 or ipv6 åœ°å€             |
| SCTP_PARAM_SET_PRIMARY     | å•ä¸ª ipv4 or ipv6 åœ°å€             |
------------------------------------------------------------------”…””}”hjq  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´K.hj@  h²hubhÏ)”}”(hŒ%æ¡ç›® ``@optname`` çš„æ‘˜è¦å¦‚ä¸‹::”h]”(hŒæ¡ç›® ”…””}”(hj  h²hh³Nh´Nubjþ  )”}”(hŒ``@optname``”h]”hŒ@optname”…””}”(hj‡  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj  ubhŒ çš„æ‘˜è¦å¦‚ä¸‹:”…””}”(hj  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´KGhj@  h²hubj°  )”}”(hX¯  SCTP_SOCKOPT_BINDX_ADD - å…è®¸åœ¨ï¼ˆå¯é€‰åœ°ï¼‰è°ƒç”¨ bind(3) åŽï¼Œå…³è”é¢å¤–
                                                 çš„ç»‘å®šåœ°å€ã€‚
                                                 sctp_bindx(3) ç”¨äºŽåœ¨å¥—æŽ¥å­—ä¸Šæ·»åŠ ä¸€ç»„ç»‘å®šåœ°å€ã€‚

SCTP_SOCKOPT_CONNECTX - å…è®¸åˆ†é…å¤šä¸ªåœ°å€ä»¥è¿žæŽ¥åˆ°å¯¹ç«¯ï¼ˆå¤šå®¿ä¸»ï¼‰ã€‚
                                                sctp_connectx(3) ä½¿ç”¨å¤šä¸ªç›®æ ‡åœ°å€åœ¨SCTP
                                                å¥—æŽ¥å­—ä¸Šå‘èµ·è¿žæŽ¥ã€‚

SCTP_SENDMSG_CONNECT  - é€šè¿‡sendmsg(2)æˆ–sctp_sendmsg(3)åœ¨æ–°å…³è”ä¸Š
                                                å‘èµ·è¿žæŽ¥ã€‚

SCTP_PRIMARY_ADDR     - è®¾ç½®æœ¬åœ°ä¸»åœ°å€ã€‚

SCTP_SET_PEER_PRIMARY_ADDR - è¯·æ±‚è¿œç¨‹å¯¹ç«¯å°†æŸä¸ªåœ°å€è®¾ç½®ä¸ºå…¶ä¸»åœ°å€ã€‚

SCTP_PARAM_ADD_IP          - åœ¨å¯ç”¨åŠ¨æ€åœ°å€é‡é…ç½®æ—¶ä½¿ç”¨ã€‚
SCTP_PARAM_SET_PRIMARY     - å¦‚ä¸‹æ‰€è¿°ï¼Œå¯ç”¨é‡æ–°é…ç½®åŠŸèƒ½ã€‚”h]”hX¯  SCTP_SOCKOPT_BINDX_ADD - å…è®¸åœ¨ï¼ˆå¯é€‰åœ°ï¼‰è°ƒç”¨ bind(3) åŽï¼Œå…³è”é¢å¤–
                                                 çš„ç»‘å®šåœ°å€ã€‚
                                                 sctp_bindx(3) ç”¨äºŽåœ¨å¥—æŽ¥å­—ä¸Šæ·»åŠ ä¸€ç»„ç»‘å®šåœ°å€ã€‚

SCTP_SOCKOPT_CONNECTX - å…è®¸åˆ†é…å¤šä¸ªåœ°å€ä»¥è¿žæŽ¥åˆ°å¯¹ç«¯ï¼ˆå¤šå®¿ä¸»ï¼‰ã€‚
                                                sctp_connectx(3) ä½¿ç”¨å¤šä¸ªç›®æ ‡åœ°å€åœ¨SCTP
                                                å¥—æŽ¥å­—ä¸Šå‘èµ·è¿žæŽ¥ã€‚

SCTP_SENDMSG_CONNECT  - é€šè¿‡sendmsg(2)æˆ–sctp_sendmsg(3)åœ¨æ–°å…³è”ä¸Š
                                                å‘èµ·è¿žæŽ¥ã€‚

SCTP_PRIMARY_ADDR     - è®¾ç½®æœ¬åœ°ä¸»åœ°å€ã€‚

SCTP_SET_PEER_PRIMARY_ADDR - è¯·æ±‚è¿œç¨‹å¯¹ç«¯å°†æŸä¸ªåœ°å€è®¾ç½®ä¸ºå…¶ä¸»åœ°å€ã€‚

SCTP_PARAM_ADD_IP          - åœ¨å¯ç”¨åŠ¨æ€åœ°å€é‡é…ç½®æ—¶ä½¿ç”¨ã€‚
SCTP_PARAM_SET_PRIMARY     - å¦‚ä¸‹æ‰€è¿°ï¼Œå¯ç”¨é‡æ–°é…ç½®åŠŸèƒ½ã€‚”…””}”hjŸ  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´KIhj@  h²hubhÏ)”}”(hŒä¸ºäº†æ”¯æŒåŠ¨æ€åœ°å€é‡æ–°é…ç½®ï¼Œå¿…é¡»åœ¨ä¸¤ä¸ªç«¯ç‚¹ä¸Šå¯ç”¨ä»¥ä¸‹
å‚æ•°ï¼ˆæˆ–ä½¿ç”¨é€‚å½“çš„ **setsockopt**\(2)ï¼‰::”h]”(hŒhä¸ºäº†æ”¯æŒåŠ¨æ€åœ°å€é‡æ–°é…ç½®ï¼Œå¿…é¡»åœ¨ä¸¤ä¸ªç«¯ç‚¹ä¸Šå¯ç”¨ä»¥ä¸‹
å‚æ•°ï¼ˆæˆ–ä½¿ç”¨é€‚å½“çš„ ”…””}”(hj­  h²hh³Nh´NubhŒstrong”“”)”}”(hŒ**setsockopt**”h]”hŒ
setsockopt”…””}”(hj·  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jµ  hj­  ubhŒ (2)ï¼‰:”…””}”(hj­  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´K\hj@  h²hubj°  )”}”(hŒF/proc/sys/net/sctp/addip_enable
/proc/sys/net/sctp/addip_noauth_enable”h]”hŒF/proc/sys/net/sctp/addip_enable
/proc/sys/net/sctp/addip_noauth_enable”…””}”hjÏ  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´K_hj@  h²hubhÏ)”}”(hŒdå½“ç›¸åº”çš„ ``@optname`` å­˜åœ¨æ—¶ï¼Œä»¥ä¸‹çš„ *_PARAM_* å‚æ•°ä¼š
é€šè¿‡ASCONFå—å‘é€åˆ°å¯¹ç«¯::”h]”(hŒå½“ç›¸åº”çš„ ”…””}”(hjÝ  h²hh³Nh´Nubjþ  )”}”(hŒ``@optname``”h]”hŒ@optname”…””}”(hjå  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjÝ  ubhŒ å­˜åœ¨æ—¶ï¼Œä»¥ä¸‹çš„ ”…””}”(hjÝ  h²hh³Nh´NubhŒemphasis”“”)”}”(hŒ	*_PARAM_*”h]”hŒ_PARAM_”…””}”(hjù  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j÷  hjÝ  ubhŒ* å‚æ•°ä¼š
é€šè¿‡ASCONFå—å‘é€åˆ°å¯¹ç«¯:”…””}”(hjÝ  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Kbhj@  h²hubj°  )”}”(hŒÛ          @optname                      ASCONF Parameter
         ----------                    ------------------
SCTP_SOCKOPT_BINDX_ADD     ->   SCTP_PARAM_ADD_IP
SCTP_SET_PEER_PRIMARY_ADDR ->   SCTP_PARAM_SET_PRIMARY”h]”hŒÛ          @optname                      ASCONF Parameter
         ----------                    ------------------
SCTP_SOCKOPT_BINDX_ADD     ->   SCTP_PARAM_ADD_IP
SCTP_SET_PEER_PRIMARY_ADDR ->   SCTP_PARAM_SET_PRIMARY”…””}”hj  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´Kehj@  h²hubeh}”(h]”Œsecurity-sctp-bind-connect”ah ]”h"]”h$]”Œsecurity_sctp_bind_connect()”ah&]”uh1jj  hj  h²hh³hÇh´K(j?  Kubjk  )”}”(hhh]”(jp  )”}”(hŒsecurity_sctp_sk_clone()”h]”hŒsecurity_sctp_sk_clone()”…””}”(hj*  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hj'  h²hh³hÇh´KlubhÏ)”}”(hŒÇæ¯å½“é€šè¿‡ **accept**\(2)åˆ›å»ºä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ï¼ˆå³TCPç±»åž‹çš„å¥—æŽ¥å­—ï¼‰ï¼Œæˆ–è€…å½“
ä¸€ä¸ªå¥—æŽ¥å­—è¢«â€˜å‰¥ç¦»â€™æ—¶å¦‚ç”¨æˆ·ç©ºé—´è°ƒç”¨ **sctp_peeloff**\(3)ï¼Œä¼šè°ƒç”¨æ­¤å‡½æ•°ã€‚
::”h]”(hŒæ¯å½“é€šè¿‡ ”…””}”(hj8  h²hh³Nh´Nubj¶  )”}”(hŒ
**accept**”h]”hŒaccept”…””}”(hj@  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jµ  hj8  ubhŒ (2)åˆ›å»ºä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ï¼ˆå³TCPç±»åž‹çš„å¥—æŽ¥å­—ï¼‰ï¼Œæˆ–è€…å½“
ä¸€ä¸ªå¥—æŽ¥å­—è¢«â€˜å‰¥ç¦»â€™æ—¶å¦‚ç”¨æˆ·ç©ºé—´è°ƒç”¨ ”…””}”(hj8  h²hh³Nh´Nubj¶  )”}”(hŒ**sctp_peeloff**”h]”hŒsctp_peeloff”…””}”(hjR  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jµ  hj8  ubhŒ (3)ï¼Œä¼šè°ƒç”¨æ­¤å‡½æ•°ã€‚”…””}”(hj8  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Kmhj'  h²hubj°  )”}”(hŒ@asoc -  æŒ‡å‘å½“å‰sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@sk - æŒ‡å‘å½“å‰å¥—æŽ¥å­—ç»“æž„çš„æŒ‡é’ˆã€‚
@newsk - æŒ‡å‘æ–°çš„å¥—æŽ¥å­—ç»“æž„çš„æŒ‡é’ˆã€‚”h]”hŒ@asoc -  æŒ‡å‘å½“å‰sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@sk - æŒ‡å‘å½“å‰å¥—æŽ¥å­—ç»“æž„çš„æŒ‡é’ˆã€‚
@newsk - æŒ‡å‘æ–°çš„å¥—æŽ¥å­—ç»“æž„çš„æŒ‡é’ˆã€‚”…””}”hjj  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´Kqhj'  h²hubeh}”(h]”Œsecurity-sctp-sk-clone”ah ]”h"]”h$]”Œsecurity_sctp_sk_clone()”ah&]”uh1jj  hj  h²hh³hÇh´Klj?  Kubjk  )”}”(hhh]”(jp  )”}”(hŒ!security_sctp_assoc_established()”h]”hŒ!security_sctp_assoc_established()”…””}”(hjƒ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hj€  h²hh³hÇh´KwubhÏ)”}”(hŒkå½“æ”¶åˆ°COOKIE ACKæ—¶è°ƒç”¨ï¼Œå¯¹äºŽå®¢æˆ·ç«¯ï¼Œå¯¹ç«¯çš„secidå°†è¢«ä¿å­˜
åˆ° ``@asoc->peer_secid`` ä¸­::”h]”(hŒPå½“æ”¶åˆ°COOKIE ACKæ—¶è°ƒç”¨ï¼Œå¯¹äºŽå®¢æˆ·ç«¯ï¼Œå¯¹ç«¯çš„secidå°†è¢«ä¿å­˜
åˆ° ”…””}”(hj‘  h²hh³Nh´Nubjþ  )”}”(hŒ``@asoc->peer_secid``”h]”hŒ@asoc->peer_secid”…””}”(hj™  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj‘  ubhŒ ä¸­:”…””}”(hj‘  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Kxhj€  h²hubj°  )”}”(hŒ]@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘COOKIE ACKæ•°æ®åŒ…çš„skbuffæŒ‡é’ˆã€‚”h]”hŒ]@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘COOKIE ACKæ•°æ®åŒ…çš„skbuffæŒ‡é’ˆã€‚”…””}”hj±  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´K{hj€  h²hubeh}”(h]”Œsecurity-sctp-assoc-established”ah ]”h"]”h$]”Œ!security_sctp_assoc_established()”ah&]”uh1jj  hj  h²hh³hÇh´Kwj?  Kubeh}”(h]”Œid1”ah ]”h"]”h$]”Œå®‰å…¨é’©å­”ah&]”uh1jj  hj  h²hh³hÇh´Kj?  Kubjk  )”}”(hhh]”(jp  )”}”(hŒ!ç”¨äºŽå…³è”å»ºç«‹çš„å®‰å…¨é’©å­”h]”hŒ!ç”¨äºŽå…³è”å»ºç«‹çš„å®‰å…¨é’©å­”…””}”(hjÒ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hjÏ  h²hh³hÇh´K€ubhÏ)”}”(hŒ¡ä¸‹å›¾å±•ç¤ºäº†åœ¨å»ºç«‹å…³è”æ—¶ ``security_sctp_bind_connect()``ã€ ``security_sctp_assoc_request()``
å’Œ ``security_sctp_assoc_established()`` çš„ä½¿ç”¨ã€‚
::”h]”(hŒ"ä¸‹å›¾å±•ç¤ºäº†åœ¨å»ºç«‹å…³è”æ—¶ ”…””}”(hjà  h²hh³Nh´Nubjþ  )”}”(hŒ ``security_sctp_bind_connect()``”h]”hŒsecurity_sctp_bind_connect()”…””}”(hjè  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjà  ubhŒã€ ”…””}”(hjà  h²hh³Nh´Nubjþ  )”}”(hŒ!``security_sctp_assoc_request()``”h]”hŒsecurity_sctp_assoc_request()”…””}”(hjú  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjà  ubhŒ
å’Œ ”…””}”(hjà  h²hh³Nh´Nubjþ  )”}”(hŒ%``security_sctp_assoc_established()``”h]”hŒ!security_sctp_assoc_established()”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjà  ubhŒ çš„ä½¿ç”¨ã€‚”…””}”(hjà  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´K‚hjÏ  h²hubj°  )”}”(hXb
       SCTP ç«¯ç‚¹ "A"                                 SCTP ç«¯ç‚¹ "Z"
     =============                                 =============
   sctp_sf_do_prm_asoc()
å…³è”çš„è®¾ç½®å¯ä»¥é€šè¿‡connect(2),
sctp_connectx(3),sendmsg(2)
or sctp_sendmsg(3)æ¥å‘èµ·ã€‚
è¿™å°†å¯¼è‡´è°ƒç”¨security_sctp_bind_connect()
å‘èµ·ä¸ŽSCTPå¯¹ç«¯ç«¯ç‚¹"Z"çš„å…³è”ã€‚
        INIT --------------------------------------------->
                                                  sctp_sf_do_5_1B_init()
                                                å“åº”ä¸€ä¸ªINITæ•°æ®å—ã€‚
                                            SCTPå¯¹ç«¯ç«¯ç‚¹"A"æ­£åœ¨è¯·æ±‚ä¸€ä¸ªä¸´æ—¶å…³è”ã€‚
                                            å¦‚æžœæ˜¯é¦–æ¬¡å…³è”ï¼Œè°ƒç”¨security_sctp_assoc_request()
                                            æ¥è®¾ç½®å¯¹ç­‰æ–¹æ ‡ç­¾ã€‚
                                            å¦‚æžœä¸æ˜¯é¦–æ¬¡å…³è”ï¼Œæ£€æŸ¥æ˜¯å¦è¢«å…è®¸ã€‚
                                            å¦‚æžœå…è®¸ï¼Œåˆ™å‘é€:
         <----------------------------------------------- INIT ACK
         |
         |                                  å¦åˆ™ï¼Œç”Ÿæˆå®¡è®¡äº‹ä»¶å¹¶é»˜é»˜ä¸¢å¼ƒè¯¥æ•°æ®åŒ…ã€‚
         |
   COOKIE ECHO ------------------------------------------>
                                                 sctp_sf_do_5_1D_ce()
                                            å“åº”ä¸€ä¸ªCOOKIE ECHOæ•°æ®å—ã€‚
                                            ç¡®è®¤è¯¥cookieå¹¶åˆ›å»ºä¸€ä¸ªæ°¸ä¹…å…³è”ã€‚
                                            è°ƒç”¨security_sctp_assoc_request()
                                            æ‰§è¡Œä¸ŽINITæ•°æ®å—å“åº”ç›¸åŒçš„æ“ä½œã€‚
         <------------------------------------------- COOKIE ACK
         |                                               |
   sctp_sf_do_5_1E_ca                                    |
è°ƒç”¨security_sctp_assoc_established()                    |
æ¥è®¾ç½®å¯¹æ–¹æ ‡ç­¾                                           |
         |                                               |
         |                               å¦‚æžœæ˜¯SCTP_SOCKET_TCPæˆ–æ˜¯å‰¥ç¦»çš„å¥—æŽ¥
         |                               å­—ï¼Œä¼šè°ƒç”¨ security_sctp_sk_clone()
         |                               æ¥å…‹éš†æ–°çš„å¥—æŽ¥å­—ã€‚
         |                                               |
        å»ºç«‹                                            å»ºç«‹
         |                                               |
   ------------------------------------------------------------------
   |                            å…³è”å»ºç«‹                            |
   ------------------------------------------------------------------”h]”hXb
       SCTP ç«¯ç‚¹ "A"                                 SCTP ç«¯ç‚¹ "Z"
     =============                                 =============
   sctp_sf_do_prm_asoc()
å…³è”çš„è®¾ç½®å¯ä»¥é€šè¿‡connect(2),
sctp_connectx(3),sendmsg(2)
or sctp_sendmsg(3)æ¥å‘èµ·ã€‚
è¿™å°†å¯¼è‡´è°ƒç”¨security_sctp_bind_connect()
å‘èµ·ä¸ŽSCTPå¯¹ç«¯ç«¯ç‚¹"Z"çš„å…³è”ã€‚
        INIT --------------------------------------------->
                                                  sctp_sf_do_5_1B_init()
                                                å“åº”ä¸€ä¸ªINITæ•°æ®å—ã€‚
                                            SCTPå¯¹ç«¯ç«¯ç‚¹"A"æ­£åœ¨è¯·æ±‚ä¸€ä¸ªä¸´æ—¶å…³è”ã€‚
                                            å¦‚æžœæ˜¯é¦–æ¬¡å…³è”ï¼Œè°ƒç”¨security_sctp_assoc_request()
                                            æ¥è®¾ç½®å¯¹ç­‰æ–¹æ ‡ç­¾ã€‚
                                            å¦‚æžœä¸æ˜¯é¦–æ¬¡å…³è”ï¼Œæ£€æŸ¥æ˜¯å¦è¢«å…è®¸ã€‚
                                            å¦‚æžœå…è®¸ï¼Œåˆ™å‘é€:
         <----------------------------------------------- INIT ACK
         |
         |                                  å¦åˆ™ï¼Œç”Ÿæˆå®¡è®¡äº‹ä»¶å¹¶é»˜é»˜ä¸¢å¼ƒè¯¥æ•°æ®åŒ…ã€‚
         |
   COOKIE ECHO ------------------------------------------>
                                                 sctp_sf_do_5_1D_ce()
                                            å“åº”ä¸€ä¸ªCOOKIE ECHOæ•°æ®å—ã€‚
                                            ç¡®è®¤è¯¥cookieå¹¶åˆ›å»ºä¸€ä¸ªæ°¸ä¹…å…³è”ã€‚
                                            è°ƒç”¨security_sctp_assoc_request()
                                            æ‰§è¡Œä¸ŽINITæ•°æ®å—å“åº”ç›¸åŒçš„æ“ä½œã€‚
         <------------------------------------------- COOKIE ACK
         |                                               |
   sctp_sf_do_5_1E_ca                                    |
è°ƒç”¨security_sctp_assoc_established()                    |
æ¥è®¾ç½®å¯¹æ–¹æ ‡ç­¾                                           |
         |                                               |
         |                               å¦‚æžœæ˜¯SCTP_SOCKET_TCPæˆ–æ˜¯å‰¥ç¦»çš„å¥—æŽ¥
         |                               å­—ï¼Œä¼šè°ƒç”¨ security_sctp_sk_clone()
         |                               æ¥å…‹éš†æ–°çš„å¥—æŽ¥å­—ã€‚
         |                                               |
        å»ºç«‹                                            å»ºç«‹
         |                                               |
   ------------------------------------------------------------------
   |                            å…³è”å»ºç«‹                            |
   ------------------------------------------------------------------”…””}”hj$  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´K†hjÏ  h²hubeh}”(h]”Œid2”ah ]”h"]”Œ!ç”¨äºŽå…³è”å»ºç«‹çš„å®‰å…¨é’©å­”ah$]”h&]”uh1jj  hj  h²hh³hÇh´K€ubeh}”(h]”Œsctplsm”ah ]”h"]”Œsctpçš„lsmæ”¯æŒ”ah$]”h&]”uh1jj  hjl  h²hh³hÇh´Kj?  Kubjk  )”}”(hhh]”(jp  )”}”(hŒSCTPçš„SELinuxæ”¯æŒ”h]”hŒSCTPçš„SELinuxæ”¯æŒ”…””}”(hjE  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hjB  h²hh³hÇh´K²ubjk  )”}”(hhh]”(jp  )”}”(hŒå®‰å…¨é’©å­”h]”hŒå®‰å…¨é’©å­”…””}”(hjV  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hjS  h²hh³hÇh´KµubhÏ)”}”(hŒeä¸Šé¢çš„ `SCTPçš„LSMæ”¯æŒ`_ ç« èŠ‚æè¿°äº†ä»¥ä¸‹SCTPå®‰å…¨é’©å­ï¼ŒSELinuxçš„ç»†èŠ‚
è¯´æ˜Žå¦‚ä¸‹::”h]”(hŒ
ä¸Šé¢çš„ ”…””}”(hjd  h²hh³Nh´Nubj=  )”}”(hŒ`SCTPçš„LSMæ”¯æŒ`_”h]”hŒSCTPçš„LSMæ”¯æŒ”…””}”(hjl  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”Œname”ŒSCTPçš„LSMæ”¯æŒ”j×  j<  uh1j<  hjd  jÙ  KubhŒG ç« èŠ‚æè¿°äº†ä»¥ä¸‹SCTPå®‰å…¨é’©å­ï¼ŒSELinuxçš„ç»†èŠ‚
è¯´æ˜Žå¦‚ä¸‹:”…””}”(hjd  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´K·hjS  h²hubj°  )”}”(hŒusecurity_sctp_assoc_request()
security_sctp_bind_connect()
security_sctp_sk_clone()
security_sctp_assoc_established()”h]”hŒusecurity_sctp_assoc_request()
security_sctp_bind_connect()
security_sctp_sk_clone()
security_sctp_assoc_established()”…””}”hj†  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´KºhjS  h²hubjk  )”}”(hhh]”(jp  )”}”(hŒsecurity_sctp_assoc_request()”h]”hŒsecurity_sctp_assoc_request()”…””}”(hj—  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hj”  h²hh³hÇh´KÁubhÏ)”}”(hŒ€å°†å…³è”INITæ•°æ®åŒ…çš„ ``@asoc`` å’Œ ``@chunk->skb`` ä¼ é€’ç»™å®‰å…¨æ¨¡å—ã€‚
æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥æ—¶è¿”å›žé”™è¯¯ã€‚
::”h]”(hŒå°†å…³è”INITæ•°æ®åŒ…çš„ ”…””}”(hj¥  h²hh³Nh´Nubjþ  )”}”(hŒ	``@asoc``”h]”hŒ@asoc”…””}”(hj­  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj¥  ubhŒ å’Œ ”…””}”(hj¥  h²hh³Nh´Nubjþ  )”}”(hŒ``@chunk->skb``”h]”hŒ@chunk->skb”…””}”(hj¿  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj¥  ubhŒF ä¼ é€’ç»™å®‰å…¨æ¨¡å—ã€‚
æˆåŠŸæ—¶è¿”å›ž 0ï¼Œå¤±è´¥æ—¶è¿”å›žé”™è¯¯ã€‚”…””}”(hj¥  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´KÂhj”  h²hubj°  )”}”(hŒY@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘å…³è”æ•°æ®åŒ…skbuffçš„æŒ‡é’ˆã€‚”h]”hŒY@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘å…³è”æ•°æ®åŒ…skbuffçš„æŒ‡é’ˆã€‚”…””}”hj×  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´KÆhj”  h²hubhŒdefinition_list”“”)”}”(hhh]”hŒdefinition_list_item”“”)”}”(hX±  å®‰å…¨æ¨¡å—æ‰§è¡Œä»¥ä¸‹æ“ä½œ:
å¦‚æžœè¿™æ˜¯ ``@asoc->base.sk`` ä¸Šçš„é¦–æ¬¡å…³è”ï¼Œåˆ™å°†å¯¹ç«¯çš„sidè®¾ç½®
ä¸º ``@skb`` ä¸­çš„å€¼ã€‚è¿™å°†ç¡®ä¿åªæœ‰ä¸€ä¸ªå¯¹ç«¯sidåˆ†é…ç»™å¯èƒ½æ”¯æŒå¤šä¸ª
å…³è”çš„ ``@asoc->base.sk``ã€‚

å¦åˆ™éªŒè¯ ``@asoc->base.sk peer sid`` æ˜¯å¦ä¸Ž ``@skb peer sid``
åŒ¹é…ï¼Œä»¥ç¡®å®šè¯¥å…³è”æ˜¯å¦åº”è¢«å…è®¸æˆ–æ‹’ç»ã€‚

å°†sctpçš„ ``@asoc sid`` è®¾ç½®ä¸ºå¥—æŽ¥å­—çš„sidï¼ˆæ¥è‡ª ``asoc->base.sk``ï¼‰
å¹¶ä»Ž ``@skb peer sid`` ä¸­æå–MLSéƒ¨åˆ†ã€‚è¿™å°†åœ¨SCTPçš„TCPç±»åž‹å¥—æŽ¥å­—åŠ
å‰¥ç¦»è¿žæŽ¥ä¸­ä½¿ç”¨ï¼Œå› ä¸ºå®ƒä»¬ä¼šå¯¼è‡´ç”Ÿæˆä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ã€‚

å¦‚æžœé…ç½®äº†IPå®‰å…¨é€‰é¡¹ï¼ˆCIPSO/CALIPSOï¼‰ï¼Œåˆ™ä¼šåœ¨å¥—æŽ¥å­—ä¸Šè®¾ç½®IPé€‰é¡¹ã€‚

”h]”(hŒterm”“”)”}”(hŒå®‰å…¨æ¨¡å—æ‰§è¡Œä»¥ä¸‹æ“ä½œ:”h]”hŒå®‰å…¨æ¨¡å—æ‰§è¡Œä»¥ä¸‹æ“ä½œ:”…””}”(hjò  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jð  h³hÇh´KÖhjì  ubhŒ
definition”“”)”}”(hhh]”(hÏ)”}”(hŒÃå¦‚æžœè¿™æ˜¯ ``@asoc->base.sk`` ä¸Šçš„é¦–æ¬¡å…³è”ï¼Œåˆ™å°†å¯¹ç«¯çš„sidè®¾ç½®
ä¸º ``@skb`` ä¸­çš„å€¼ã€‚è¿™å°†ç¡®ä¿åªæœ‰ä¸€ä¸ªå¯¹ç«¯sidåˆ†é…ç»™å¯èƒ½æ”¯æŒå¤šä¸ª
å…³è”çš„ ``@asoc->base.sk``ã€‚”h]”(hŒå¦‚æžœè¿™æ˜¯ ”…””}”(hj  h²hh³Nh´Nubjþ  )”}”(hŒ``@asoc->base.sk``”h]”hŒ@asoc->base.sk”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj  ubhŒ3 ä¸Šçš„é¦–æ¬¡å…³è”ï¼Œåˆ™å°†å¯¹ç«¯çš„sidè®¾ç½®
ä¸º ”…””}”(hj  h²hh³Nh´Nubjþ  )”}”(hŒ``@skb``”h]”hŒ@skb”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj  ubhŒT ä¸­çš„å€¼ã€‚è¿™å°†ç¡®ä¿åªæœ‰ä¸€ä¸ªå¯¹ç«¯sidåˆ†é…ç»™å¯èƒ½æ”¯æŒå¤šä¸ª
å…³è”çš„ ”…””}”(hj  h²hh³Nh´Nubjþ  )”}”(hŒ``@asoc->base.sk``”h]”hŒ@asoc->base.sk”…””}”(hj1  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj  ubhŒã€‚”…””}”(hj  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´KÊhj  ubhÏ)”}”(hŒ~å¦åˆ™éªŒè¯ ``@asoc->base.sk peer sid`` æ˜¯å¦ä¸Ž ``@skb peer sid``
åŒ¹é…ï¼Œä»¥ç¡®å®šè¯¥å…³è”æ˜¯å¦åº”è¢«å…è®¸æˆ–æ‹’ç»ã€‚”h]”(hŒå¦åˆ™éªŒè¯ ”…””}”(hjI  h²hh³Nh´Nubjþ  )”}”(hŒ``@asoc->base.sk peer sid``”h]”hŒ@asoc->base.sk peer sid”…””}”(hjQ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjI  ubhŒ æ˜¯å¦ä¸Ž ”…””}”(hjI  h²hh³Nh´Nubjþ  )”}”(hŒ``@skb peer sid``”h]”hŒ@skb peer sid”…””}”(hjc  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjI  ubhŒ:
åŒ¹é…ï¼Œä»¥ç¡®å®šè¯¥å…³è”æ˜¯å¦åº”è¢«å…è®¸æˆ–æ‹’ç»ã€‚”…””}”(hjI  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´KÎhj  ubhÏ)”}”(hŒïå°†sctpçš„ ``@asoc sid`` è®¾ç½®ä¸ºå¥—æŽ¥å­—çš„sidï¼ˆæ¥è‡ª ``asoc->base.sk``ï¼‰
å¹¶ä»Ž ``@skb peer sid`` ä¸­æå–MLSéƒ¨åˆ†ã€‚è¿™å°†åœ¨SCTPçš„TCPç±»åž‹å¥—æŽ¥å­—åŠ
å‰¥ç¦»è¿žæŽ¥ä¸­ä½¿ç”¨ï¼Œå› ä¸ºå®ƒä»¬ä¼šå¯¼è‡´ç”Ÿæˆä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ã€‚”h]”(hŒå°†sctpçš„ ”…””}”(hj{  h²hh³Nh´Nubjþ  )”}”(hŒ``@asoc sid``”h]”hŒ	@asoc sid”…””}”(hjƒ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj{  ubhŒ# è®¾ç½®ä¸ºå¥—æŽ¥å­—çš„sidï¼ˆæ¥è‡ª ”…””}”(hj{  h²hh³Nh´Nubjþ  )”}”(hŒ``asoc->base.sk``”h]”hŒasoc->base.sk”…””}”(hj•  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj{  ubhŒï¼‰
å¹¶ä»Ž ”…””}”(hj{  h²hh³Nh´Nubjþ  )”}”(hŒ``@skb peer sid``”h]”hŒ@skb peer sid”…””}”(hj§  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj{  ubhŒ‡ ä¸­æå–MLSéƒ¨åˆ†ã€‚è¿™å°†åœ¨SCTPçš„TCPç±»åž‹å¥—æŽ¥å­—åŠ
å‰¥ç¦»è¿žæŽ¥ä¸­ä½¿ç”¨ï¼Œå› ä¸ºå®ƒä»¬ä¼šå¯¼è‡´ç”Ÿæˆä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ã€‚”…””}”(hj{  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´KÑhj  ubhÏ)”}”(hŒYå¦‚æžœé…ç½®äº†IPå®‰å…¨é€‰é¡¹ï¼ˆCIPSO/CALIPSOï¼‰ï¼Œåˆ™ä¼šåœ¨å¥—æŽ¥å­—ä¸Šè®¾ç½®IPé€‰é¡¹ã€‚”h]”hŒYå¦‚æžœé…ç½®äº†IPå®‰å…¨é€‰é¡¹ï¼ˆCIPSO/CALIPSOï¼‰ï¼Œåˆ™ä¼šåœ¨å¥—æŽ¥å­—ä¸Šè®¾ç½®IPé€‰é¡¹ã€‚”…””}”(hj¿  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´KÕhj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j   hjì  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jê  h³hÇh´KÖhjç  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jå  hj”  h²hh³hÇh´Nubeh}”(h]”Œid4”ah ]”h"]”h$]”j=  ah&]”uh1jj  hjS  h²hh³hÇh´KÁj?  Kubjk  )”}”(hhh]”(jp  )”}”(hŒsecurity_sctp_bind_connect()”h]”hŒsecurity_sctp_bind_connect()”…””}”(hjé  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hjæ  h²hh³hÇh´KÙubhÏ)”}”(hŒIæ ¹æ® ``@optname`` æ£€æŸ¥ipv4/ipv6åœ°å€æ‰€éœ€çš„æƒé™ï¼Œå…·ä½“å¦‚ä¸‹::”h]”(hŒæ ¹æ® ”…””}”(hj÷  h²hh³Nh´Nubjþ  )”}”(hŒ``@optname``”h]”hŒ@optname”…””}”(hjÿ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj÷  ubhŒ5 æ£€æŸ¥ipv4/ipv6åœ°å€æ‰€éœ€çš„æƒé™ï¼Œå…·ä½“å¦‚ä¸‹:”…””}”(hj÷  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´KÚhjæ  h²hubj°  )”}”(hX¥  ------------------------------------------------------------------
|                      BIND æƒé™æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_BINDX_ADD     | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_PRIMARY_ADDR          | å•ä¸ª ipv4 or ipv6 åœ°å€            |
| SCTP_SET_PEER_PRIMARY_ADDR | å•ä¸ª ipv4 or ipv6 åœ°å€            |
------------------------------------------------------------------

------------------------------------------------------------------
|                   CONNECT æƒé™æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_CONNECTX      | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_PARAM_ADD_IP          | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_SENDMSG_CONNECT       | å•ä¸ª ipv4 or ipv6 åœ°å€            |
| SCTP_PARAM_SET_PRIMARY     | å•ä¸ª ipv4 or ipv6 åœ°å€            |
------------------------------------------------------------------”h]”hX¥  ------------------------------------------------------------------
|                      BIND æƒé™æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_BINDX_ADD     | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_PRIMARY_ADDR          | å•ä¸ª ipv4 or ipv6 åœ°å€            |
| SCTP_SET_PEER_PRIMARY_ADDR | å•ä¸ª ipv4 or ipv6 åœ°å€            |
------------------------------------------------------------------

------------------------------------------------------------------
|                   CONNECT æƒé™æ£€æŸ¥                              |
|       @optname             |         @address contains         |
|----------------------------|-----------------------------------|
| SCTP_SOCKOPT_CONNECTX      | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_PARAM_ADD_IP          | ä¸€ä¸ªæˆ–å¤šä¸ª ipv4 / ipv6 åœ°å€        |
| SCTP_SENDMSG_CONNECT       | å•ä¸ª ipv4 or ipv6 åœ°å€            |
| SCTP_PARAM_SET_PRIMARY     | å•ä¸ª ipv4 or ipv6 åœ°å€            |
------------------------------------------------------------------”…””}”hj  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´KÜhjæ  h²hubhÏ)”}”(hŒ‰`SCTPçš„LSMæ”¯æŒ`_ æä¾›äº† ``@optname`` æ‘˜è¦ï¼Œå¹¶ä¸”è¿˜æè¿°äº†å½“å¯ç”¨åŠ¨æ€åœ°å€é‡æ–°
é…ç½®æ—¶ï¼ŒASCONFå—çš„å¤„ç†è¿‡ç¨‹ã€‚”h]”(j=  )”}”(hŒ`SCTPçš„LSMæ”¯æŒ`_”h]”hŒSCTPçš„LSMæ”¯æŒ”…””}”(hj)  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”Œname”ŒSCTPçš„LSMæ”¯æŒ”j×  j<  uh1j<  hj%  jÙ  KubhŒ æä¾›äº† ”…””}”(hj%  h²hh³Nh´Nubjþ  )”}”(hŒ``@optname``”h]”hŒ@optname”…””}”(hj=  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj%  ubhŒ_ æ‘˜è¦ï¼Œå¹¶ä¸”è¿˜æè¿°äº†å½“å¯ç”¨åŠ¨æ€åœ°å€é‡æ–°
é…ç½®æ—¶ï¼ŒASCONFå—çš„å¤„ç†è¿‡ç¨‹ã€‚”…””}”(hj%  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Kðhjæ  h²hubeh}”(h]”Œid5”ah ]”h"]”h$]”j%  ah&]”uh1jj  hjS  h²hh³hÇh´KÙj?  Kubjk  )”}”(hhh]”(jp  )”}”(hŒsecurity_sctp_sk_clone()”h]”hŒsecurity_sctp_sk_clone()”…””}”(hj_  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hj\  h²hh³hÇh´KõubhÏ)”}”(hX>  æ¯å½“é€šè¿‡ **accept**\(2)ï¼ˆå³TCPç±»åž‹çš„å¥—æŽ¥å­—ï¼‰åˆ›å»ºä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ï¼Œæˆ–è€…
å½“ä¸€ä¸ªå¥—æŽ¥å­—è¢«â€œå‰¥ç¦»â€å¦‚ç”¨æˆ·ç©ºé—´è°ƒç”¨ **sctp_peeloff**\(3)æ—¶ï¼Œ
``security_sctp_sk_clone()`` å°†ä¼šåˆ†åˆ«å°†æ–°å¥—æŽ¥å­—çš„sidå’Œå¯¹ç«¯sidè®¾ç½®ä¸º
``@asoc sid`` å’Œ ``@asoc peer sid`` ä¸­åŒ…å«çš„å€¼ã€‚
::”h]”(hŒæ¯å½“é€šè¿‡ ”…””}”(hjm  h²hh³Nh´Nubj¶  )”}”(hŒ
**accept**”h]”hŒaccept”…””}”(hju  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jµ  hjm  ubhŒ~ (2)ï¼ˆå³TCPç±»åž‹çš„å¥—æŽ¥å­—ï¼‰åˆ›å»ºä¸€ä¸ªæ–°çš„å¥—æŽ¥å­—ï¼Œæˆ–è€…
å½“ä¸€ä¸ªå¥—æŽ¥å­—è¢«â€œå‰¥ç¦»â€å¦‚ç”¨æˆ·ç©ºé—´è°ƒç”¨ ”…””}”(hjm  h²hh³Nh´Nubj¶  )”}”(hŒ**sctp_peeloff**”h]”hŒsctp_peeloff”…””}”(hj‡  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jµ  hjm  ubhŒ (3)æ—¶ï¼Œ
”…””}”(hjm  h²hh³Nh´Nubjþ  )”}”(hŒ``security_sctp_sk_clone()``”h]”hŒsecurity_sctp_sk_clone()”…””}”(hj™  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjm  ubhŒ8 å°†ä¼šåˆ†åˆ«å°†æ–°å¥—æŽ¥å­—çš„sidå’Œå¯¹ç«¯sidè®¾ç½®ä¸º
”…””}”(hjm  h²hh³Nh´Nubjþ  )”}”(hŒ``@asoc sid``”h]”hŒ	@asoc sid”…””}”(hj«  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjm  ubhŒ å’Œ ”…””}”(hjm  h²hh³Nh´Nubjþ  )”}”(hŒ``@asoc peer sid``”h]”hŒ@asoc peer sid”…””}”(hj½  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjm  ubhŒ ä¸­åŒ…å«çš„å€¼ã€‚”…””}”(hjm  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Köhj\  h²hubj°  )”}”(hŒ‚@asoc - æŒ‡å‘å½“å‰sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@sk - æŒ‡å‘å½“å‰sockç»“æž„çš„æŒ‡é’ˆã€‚
@newsk - æŒ‡å‘æ–°sockç»“æž„çš„æŒ‡é’ˆã€‚”h]”hŒ‚@asoc - æŒ‡å‘å½“å‰sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@sk - æŒ‡å‘å½“å‰sockç»“æž„çš„æŒ‡é’ˆã€‚
@newsk - æŒ‡å‘æ–°sockç»“æž„çš„æŒ‡é’ˆã€‚”…””}”hjÕ  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´Kühj\  h²hubeh}”(h]”Œid6”ah ]”h"]”h$]”j~  ah&]”uh1jj  hjS  h²hh³hÇh´Kõj?  Kubjk  )”}”(hhh]”(jp  )”}”(hŒ!security_sctp_assoc_established()”h]”hŒ!security_sctp_assoc_established()”…””}”(hjí  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hjê  h²hh³hÇh´MubhÏ)”}”(hŒXå½“æŽ¥æ”¶åˆ°COOKIE ACKæ—¶è°ƒç”¨ï¼Œå®ƒå°†è¿žæŽ¥çš„å¯¹ç«¯sidè®¾ç½®ä¸º ``@skb`` ä¸­çš„å€¼::”h]”(hŒDå½“æŽ¥æ”¶åˆ°COOKIE ACKæ—¶è°ƒç”¨ï¼Œå®ƒå°†è¿žæŽ¥çš„å¯¹ç«¯sidè®¾ç½®ä¸º ”…””}”(hjû  h²hh³Nh´Nubjþ  )”}”(hŒ``@skb``”h]”hŒ@skb”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjû  ubhŒ ä¸­çš„å€¼:”…””}”(hjû  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Mhjê  h²hubj°  )”}”(hŒW@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘COOKIE ACKåŒ…skbuffçš„æŒ‡é’ˆã€‚”h]”hŒW@asoc - æŒ‡å‘sctpå…³è”ç»“æž„çš„æŒ‡é’ˆã€‚
@skb - æŒ‡å‘COOKIE ACKåŒ…skbuffçš„æŒ‡é’ˆã€‚”…””}”hj  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´Mhjê  h²hubeh}”(h]”Œid7”ah ]”h"]”h$]”jÅ  ah&]”uh1jj  hjS  h²hh³hÇh´Mj?  Kubeh}”(h]”Œid3”ah ]”h"]”h$]”jÍ  ah&]”uh1jj  hjB  h²hh³hÇh´Kµj?  Kubjk  )”}”(hhh]”(jp  )”}”(hŒç­–ç•¥å£°æ˜Ž”h]”hŒç­–ç•¥å£°æ˜Ž”…””}”(hj:  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hj7  h²hh³hÇh´M
ubhÏ)”}”(hŒ9ä»¥ä¸‹æ”¯æŒSCTPçš„ç±»å’Œæƒé™åœ¨å†…æ ¸ä¸­æ˜¯å¯ç”¨çš„::”h]”hŒ8ä»¥ä¸‹æ”¯æŒSCTPçš„ç±»å’Œæƒé™åœ¨å†…æ ¸ä¸­æ˜¯å¯ç”¨çš„:”…””}”(hjH  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Mhj7  h²hubj°  )”}”(hŒ/class sctp_socket inherits socket { node_bind }”h]”hŒ/class sctp_socket inherits socket { node_bind }”…””}”hjV  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´Mhj7  h²hubhÏ)”}”(hŒ å½“å¯ç”¨ä»¥ä¸‹ç­–ç•¥åŠŸèƒ½æ—¶::”h]”hŒå½“å¯ç”¨ä»¥ä¸‹ç­–ç•¥åŠŸèƒ½æ—¶:”…””}”(hjd  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Mhj7  h²hubj°  )”}”(hŒ policycap extended_socket_class;”h]”hŒ policycap extended_socket_class;”…””}”hjr  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´Mhj7  h²hubhÏ)”}”(hŒ›SELinuxå¯¹SCTPçš„æ”¯æŒæ·»åŠ äº†ç”¨äºŽè¿žæŽ¥ç‰¹å®šç«¯å£ç±»åž‹ ``name_connect`` æƒé™
ä»¥åŠåœ¨ä¸‹é¢çš„ç« èŠ‚ä¸­è¿›è¡Œè§£é‡Šçš„ ``association`` æƒé™ã€‚”h]”(hŒ?SELinuxå¯¹SCTPçš„æ”¯æŒæ·»åŠ äº†ç”¨äºŽè¿žæŽ¥ç‰¹å®šç«¯å£ç±»åž‹ ”…””}”(hj€  h²hh³Nh´Nubjþ  )”}”(hŒ``name_connect``”h]”hŒname_connect”…””}”(hjˆ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj€  ubhŒ3 æƒé™
ä»¥åŠåœ¨ä¸‹é¢çš„ç« èŠ‚ä¸­è¿›è¡Œè§£é‡Šçš„ ”…””}”(hj€  h²hh³Nh´Nubjþ  )”}”(hŒ``association``”h]”hŒassociation”…””}”(hjš  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj€  ubhŒ
 æƒé™ã€‚”…””}”(hj€  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Mhj7  h²hubhÏ)”}”(hŒUå¦‚æžœç”¨æˆ·ç©ºé—´å·¥å…·å·²æ›´æ–°ï¼ŒSCTPå°†æ”¯æŒå¦‚ä¸‹æ‰€ç¤ºçš„ ``portcon`` å£°æ˜Ž::”h]”(hŒAå¦‚æžœç”¨æˆ·ç©ºé—´å·¥å…·å·²æ›´æ–°ï¼ŒSCTPå°†æ”¯æŒå¦‚ä¸‹æ‰€ç¤ºçš„ ”…””}”(hj²  h²hh³Nh´Nubjþ  )”}”(hŒ``portcon``”h]”hŒportcon”…””}”(hjº  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj²  ubhŒ å£°æ˜Ž:”…””}”(hj²  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Mhj7  h²hubj°  )”}”(hŒ8portcon sctp 1024-1036 system_u:object_r:sctp_ports_t:s0”h]”hŒ8portcon sctp 1024-1036 system_u:object_r:sctp_ports_t:s0”…””}”hjÒ  sbah}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1j¯  h³hÇh´Mhj7  h²hubeh}”(h]”Œid8”ah ]”h"]”Œç­–ç•¥å£°æ˜Ž”ah$]”h&]”uh1jj  hjB  h²hh³hÇh´M
ubjk  )”}”(hhh]”(jp  )”}”(hŒSCTPå¯¹ç«¯æ ‡ç­¾”h]”hŒSCTPå¯¹ç«¯æ ‡ç­¾”…””}”(hjë  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jo  hjè  h²hh³hÇh´MubhÏ)”}”(hX±  æ¯ä¸ªSCTPå¥—æŽ¥å­—ä»…åˆ†é…ä¸€ä¸ªå¯¹ç«¯æ ‡ç­¾ã€‚è¿™ä¸ªæ ‡ç­¾å°†åœ¨å»ºç«‹ç¬¬ä¸€ä¸ªå…³è”æ—¶åˆ†é…ã€‚
ä»»ä½•åŽç»­åœ¨è¯¥å¥—æŽ¥å­—ä¸Šçš„å…³è”éƒ½ä¼šå°†å®ƒä»¬çš„æ•°æ®åŒ…å¯¹ç«¯æ ‡ç­¾ä¸Žå¥—æŽ¥å­—çš„å¯¹ç«¯æ ‡
ç­¾è¿›è¡Œæ¯”è¾ƒï¼Œåªæœ‰åœ¨å®ƒä»¬ä¸åŒçš„æƒ…å†µä¸‹ ``association`` æƒé™æ‰ä¼šè¢«éªŒè¯ã€‚
è¿™æ˜¯é€šè¿‡æ£€æŸ¥å¥—æŽ¥å­—çš„å¯¹ç«¯sidä¸ŽæŽ¥æ”¶åˆ°çš„æ•°æ®åŒ…ä¸­çš„å¯¹ç«¯sidæ¥éªŒè¯çš„ï¼Œä»¥å†³
å®šæ˜¯å¦å…è®¸æˆ–æ‹’ç»è¯¥å…³è”ã€‚”h]”(hX   æ¯ä¸ªSCTPå¥—æŽ¥å­—ä»…åˆ†é…ä¸€ä¸ªå¯¹ç«¯æ ‡ç­¾ã€‚è¿™ä¸ªæ ‡ç­¾å°†åœ¨å»ºç«‹ç¬¬ä¸€ä¸ªå…³è”æ—¶åˆ†é…ã€‚
ä»»ä½•åŽç»­åœ¨è¯¥å¥—æŽ¥å­—ä¸Šçš„å…³è”éƒ½ä¼šå°†å®ƒä»¬çš„æ•°æ®åŒ…å¯¹ç«¯æ ‡ç­¾ä¸Žå¥—æŽ¥å­—çš„å¯¹ç«¯æ ‡
ç­¾è¿›è¡Œæ¯”è¾ƒï¼Œåªæœ‰åœ¨å®ƒä»¬ä¸åŒçš„æƒ…å†µä¸‹ ”…””}”(hjù  h²hh³Nh´Nubjþ  )”}”(hŒ``association``”h]”hŒassociation”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hjù  ubhŒ¢ æƒé™æ‰ä¼šè¢«éªŒè¯ã€‚
è¿™æ˜¯é€šè¿‡æ£€æŸ¥å¥—æŽ¥å­—çš„å¯¹ç«¯sidä¸ŽæŽ¥æ”¶åˆ°çš„æ•°æ®åŒ…ä¸­çš„å¯¹ç«¯sidæ¥éªŒè¯çš„ï¼Œä»¥å†³
å®šæ˜¯å¦å…è®¸æˆ–æ‹’ç»è¯¥å…³è”ã€‚”…””}”(hjù  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´Mhjè  h²hubjæ  )”}”(hhh]”jë  )”}”(hXå  æ³¨:
1) å¦‚æžœå¯¹ç«¯æ ‡ç­¾æœªå¯ç”¨ï¼Œåˆ™å¯¹ç«¯ä¸Šä¸‹æ–‡å°†å§‹ç»ˆæ˜¯ ``SECINITSID_UNLABELED``
   ï¼ˆåœ¨ç­–ç•¥å£°æ˜Žä¸­ä¸º ``unlabeled_t`` ï¼‰ã€‚

2) ç”±äºŽSCTPå¯ä»¥åœ¨å•ä¸ªå¥—æŽ¥å­—ä¸Šæ”¯æŒæ¯ä¸ªç«¯ç‚¹ï¼ˆå¤šå®¿ä¸»ï¼‰çš„å¤šä¸ªä¼ è¾“åœ°å€ï¼Œå› æ­¤
   å¯ä»¥é…ç½®ç­–ç•¥å’ŒNetLabelä¸ºæ¯ä¸ªç«¯ç‚¹æä¾›ä¸åŒçš„å¯¹ç«¯æ ‡ç­¾ã€‚ç”±äºŽå¥—æŽ¥å­—çš„å¯¹ç«¯
   æ ‡ç­¾æ˜¯ç”±ç¬¬ä¸€ä¸ªå…³è”çš„ä¼ è¾“åœ°å€å†³å®šçš„ï¼Œå› æ­¤å»ºè®®æ‰€æœ‰çš„å¯¹ç«¯æ ‡ç­¾ä¿æŒä¸€è‡´ã€‚

3) ç”¨æˆ·ç©ºé—´å¯ä»¥ä½¿ç”¨ **getpeercon**\(3) æ¥æ£€ç´¢å¥—æŽ¥å­—çš„å¯¹ç«¯ä¸Šä¸‹æ–‡ã€‚

4) è™½ç„¶è¿™ä¸æ˜¯SCTPç‰¹æœ‰çš„ï¼Œä½†åœ¨ä½¿ç”¨NetLabelæ—¶è¦æ³¨æ„ï¼Œå¦‚æžœæ ‡ç­¾åˆ†é…ç»™ç‰¹å®šçš„æŽ¥
   å£ï¼Œè€Œè¯¥æŽ¥å£â€˜goes downâ€™ï¼Œåˆ™NetLabelæœåŠ¡ä¼šç§»é™¤è¯¥æ¡ç›®ã€‚å› æ­¤ï¼Œè¯·ç¡®ä¿ç½‘ç»œå¯
   åŠ¨è„šæœ¬è°ƒç”¨ **netlabelctl**\(8) æ¥è®¾ç½®æ‰€éœ€çš„æ ‡ç­¾ï¼ˆè¯¦ç»†ä¿¡æ¯ï¼Œ
   è¯·å‚é˜… **netlabel-config**\(8) è¾…åŠ©è„šæœ¬ï¼‰ã€‚

5) NetLabel SCTPå¯¹ç«¯æ ‡ç­¾è§„åˆ™åº”ç”¨å¦‚ä¸‹æ‰€è¿°æ ‡ç­¾ä¸ºâ€œnetlabelâ€çš„ä¸€ç»„å¸–å­ï¼š
   https://www.paul-moore.com/blog/t.

6) CIPSOä»…æ”¯æŒIPv4åœ°å€ï¼š ``socket(AF_INET, ...)``
   CALIPSOä»…æ”¯æŒIPv6åœ°å€ï¼š ``socket(AF_INET6, ...)``

   æµ‹è¯•CIPSO/CALIPSOæ—¶è¯·æ³¨æ„ä»¥ä¸‹äº‹é¡¹ï¼š
      a) å¦‚æžœSCTPæ•°æ®åŒ…ç”±äºŽæ— æ•ˆæ ‡ç­¾æ— æ³•é€è¾¾ï¼ŒCIPSOä¼šå‘é€ä¸€ä¸ªICMPåŒ…ã€‚
      b) CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚

7) RFC 3554ä¸æ”¯æŒIPSEC â€”â€” SCTP/IPSECæ”¯æŒå°šæœªåœ¨ç”¨æˆ·ç©ºé—´å®žçŽ°(**racoon**\(8)
   æˆ– **ipsec_pluto**\(8))ï¼Œå°½ç®¡å†…æ ¸æ”¯æŒ SCTP/IPSECã€‚”h]”(jñ  )”}”(hŒæ³¨:”h]”hŒæ³¨:”…””}”(hj   h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jð  h³hÇh´M<hj  ubj  )”}”(hhh]”hŒenumerated_list”“”)”}”(hhh]”(hŒ	list_item”“”)”}”(hŒ†å¦‚æžœå¯¹ç«¯æ ‡ç­¾æœªå¯ç”¨ï¼Œåˆ™å¯¹ç«¯ä¸Šä¸‹æ–‡å°†å§‹ç»ˆæ˜¯ ``SECINITSID_UNLABELED``
ï¼ˆåœ¨ç­–ç•¥å£°æ˜Žä¸­ä¸º ``unlabeled_t`` ï¼‰ã€‚
”h]”hÏ)”}”(hŒ…å¦‚æžœå¯¹ç«¯æ ‡ç­¾æœªå¯ç”¨ï¼Œåˆ™å¯¹ç«¯ä¸Šä¸‹æ–‡å°†å§‹ç»ˆæ˜¯ ``SECINITSID_UNLABELED``
ï¼ˆåœ¨ç­–ç•¥å£°æ˜Žä¸­ä¸º ``unlabeled_t`` ï¼‰ã€‚”h]”(hŒ=å¦‚æžœå¯¹ç«¯æ ‡ç­¾æœªå¯ç”¨ï¼Œåˆ™å¯¹ç«¯ä¸Šä¸‹æ–‡å°†å§‹ç»ˆæ˜¯ ”…””}”(hj<  h²hh³Nh´Nubjþ  )”}”(hŒ``SECINITSID_UNLABELED``”h]”hŒSECINITSID_UNLABELED”…””}”(hjD  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj<  ubhŒ
ï¼ˆåœ¨ç­–ç•¥å£°æ˜Žä¸­ä¸º ”…””}”(hj<  h²hh³Nh´Nubjþ  )”}”(hŒ``unlabeled_t``”h]”hŒunlabeled_t”…””}”(hjV  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj<  ubhŒ ï¼‰ã€‚”…””}”(hj<  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´M$hj8  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j6  hj3  ubj7  )”}”(hX/  ç”±äºŽSCTPå¯ä»¥åœ¨å•ä¸ªå¥—æŽ¥å­—ä¸Šæ”¯æŒæ¯ä¸ªç«¯ç‚¹ï¼ˆå¤šå®¿ä¸»ï¼‰çš„å¤šä¸ªä¼ è¾“åœ°å€ï¼Œå› æ­¤
å¯ä»¥é…ç½®ç­–ç•¥å’ŒNetLabelä¸ºæ¯ä¸ªç«¯ç‚¹æä¾›ä¸åŒçš„å¯¹ç«¯æ ‡ç­¾ã€‚ç”±äºŽå¥—æŽ¥å­—çš„å¯¹ç«¯
æ ‡ç­¾æ˜¯ç”±ç¬¬ä¸€ä¸ªå…³è”çš„ä¼ è¾“åœ°å€å†³å®šçš„ï¼Œå› æ­¤å»ºè®®æ‰€æœ‰çš„å¯¹ç«¯æ ‡ç­¾ä¿æŒä¸€è‡´ã€‚
”h]”hÏ)”}”(hX.  ç”±äºŽSCTPå¯ä»¥åœ¨å•ä¸ªå¥—æŽ¥å­—ä¸Šæ”¯æŒæ¯ä¸ªç«¯ç‚¹ï¼ˆå¤šå®¿ä¸»ï¼‰çš„å¤šä¸ªä¼ è¾“åœ°å€ï¼Œå› æ­¤
å¯ä»¥é…ç½®ç­–ç•¥å’ŒNetLabelä¸ºæ¯ä¸ªç«¯ç‚¹æä¾›ä¸åŒçš„å¯¹ç«¯æ ‡ç­¾ã€‚ç”±äºŽå¥—æŽ¥å­—çš„å¯¹ç«¯
æ ‡ç­¾æ˜¯ç”±ç¬¬ä¸€ä¸ªå…³è”çš„ä¼ è¾“åœ°å€å†³å®šçš„ï¼Œå› æ­¤å»ºè®®æ‰€æœ‰çš„å¯¹ç«¯æ ‡ç­¾ä¿æŒä¸€è‡´ã€‚”h]”hX.  ç”±äºŽSCTPå¯ä»¥åœ¨å•ä¸ªå¥—æŽ¥å­—ä¸Šæ”¯æŒæ¯ä¸ªç«¯ç‚¹ï¼ˆå¤šå®¿ä¸»ï¼‰çš„å¤šä¸ªä¼ è¾“åœ°å€ï¼Œå› æ­¤
å¯ä»¥é…ç½®ç­–ç•¥å’ŒNetLabelä¸ºæ¯ä¸ªç«¯ç‚¹æä¾›ä¸åŒçš„å¯¹ç«¯æ ‡ç­¾ã€‚ç”±äºŽå¥—æŽ¥å­—çš„å¯¹ç«¯
æ ‡ç­¾æ˜¯ç”±ç¬¬ä¸€ä¸ªå…³è”çš„ä¼ è¾“åœ°å€å†³å®šçš„ï¼Œå› æ­¤å»ºè®®æ‰€æœ‰çš„å¯¹ç«¯æ ‡ç­¾ä¿æŒä¸€è‡´ã€‚”…””}”(hjx  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´M'hjt  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j6  hj3  ubj7  )”}”(hŒTç”¨æˆ·ç©ºé—´å¯ä»¥ä½¿ç”¨ **getpeercon**\(3) æ¥æ£€ç´¢å¥—æŽ¥å­—çš„å¯¹ç«¯ä¸Šä¸‹æ–‡ã€‚
”h]”hÏ)”}”(hŒSç”¨æˆ·ç©ºé—´å¯ä»¥ä½¿ç”¨ **getpeercon**\(3) æ¥æ£€ç´¢å¥—æŽ¥å­—çš„å¯¹ç«¯ä¸Šä¸‹æ–‡ã€‚”h]”(hŒç”¨æˆ·ç©ºé—´å¯ä»¥ä½¿ç”¨ ”…””}”(hj  h²hh³Nh´Nubj¶  )”}”(hŒ**getpeercon**”h]”hŒ
getpeercon”…””}”(hj˜  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jµ  hj  ubhŒ, (3) æ¥æ£€ç´¢å¥—æŽ¥å­—çš„å¯¹ç«¯ä¸Šä¸‹æ–‡ã€‚”…””}”(hj  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´M+hjŒ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j6  hj3  ubj7  )”}”(hXN  è™½ç„¶è¿™ä¸æ˜¯SCTPç‰¹æœ‰çš„ï¼Œä½†åœ¨ä½¿ç”¨NetLabelæ—¶è¦æ³¨æ„ï¼Œå¦‚æžœæ ‡ç­¾åˆ†é…ç»™ç‰¹å®šçš„æŽ¥
å£ï¼Œè€Œè¯¥æŽ¥å£â€˜goes downâ€™ï¼Œåˆ™NetLabelæœåŠ¡ä¼šç§»é™¤è¯¥æ¡ç›®ã€‚å› æ­¤ï¼Œè¯·ç¡®ä¿ç½‘ç»œå¯
åŠ¨è„šæœ¬è°ƒç”¨ **netlabelctl**\(8) æ¥è®¾ç½®æ‰€éœ€çš„æ ‡ç­¾ï¼ˆè¯¦ç»†ä¿¡æ¯ï¼Œ
è¯·å‚é˜… **netlabel-config**\(8) è¾…åŠ©è„šæœ¬ï¼‰ã€‚
”h]”hÏ)”}”(hXM  è™½ç„¶è¿™ä¸æ˜¯SCTPç‰¹æœ‰çš„ï¼Œä½†åœ¨ä½¿ç”¨NetLabelæ—¶è¦æ³¨æ„ï¼Œå¦‚æžœæ ‡ç­¾åˆ†é…ç»™ç‰¹å®šçš„æŽ¥
å£ï¼Œè€Œè¯¥æŽ¥å£â€˜goes downâ€™ï¼Œåˆ™NetLabelæœåŠ¡ä¼šç§»é™¤è¯¥æ¡ç›®ã€‚å› æ­¤ï¼Œè¯·ç¡®ä¿ç½‘ç»œå¯
åŠ¨è„šæœ¬è°ƒç”¨ **netlabelctl**\(8) æ¥è®¾ç½®æ‰€éœ€çš„æ ‡ç­¾ï¼ˆè¯¦ç»†ä¿¡æ¯ï¼Œ
è¯·å‚é˜… **netlabel-config**\(8) è¾…åŠ©è„šæœ¬ï¼‰ã€‚”h]”(hŒÚè™½ç„¶è¿™ä¸æ˜¯SCTPç‰¹æœ‰çš„ï¼Œä½†åœ¨ä½¿ç”¨NetLabelæ—¶è¦æ³¨æ„ï¼Œå¦‚æžœæ ‡ç­¾åˆ†é…ç»™ç‰¹å®šçš„æŽ¥
å£ï¼Œè€Œè¯¥æŽ¥å£â€˜goes downâ€™ï¼Œåˆ™NetLabelæœåŠ¡ä¼šç§»é™¤è¯¥æ¡ç›®ã€‚å› æ­¤ï¼Œè¯·ç¡®ä¿ç½‘ç»œå¯
åŠ¨è„šæœ¬è°ƒç”¨ ”…””}”(hjº  h²hh³Nh´Nubj¶  )”}”(hŒ**netlabelctl**”h]”hŒnetlabelctl”…””}”(hjÂ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jµ  hjº  ubhŒ: (8) æ¥è®¾ç½®æ‰€éœ€çš„æ ‡ç­¾ï¼ˆè¯¦ç»†ä¿¡æ¯ï¼Œ
è¯·å‚é˜… ”…””}”(hjº  h²hh³Nh´Nubj¶  )”}”(hŒ**netlabel-config**”h]”hŒnetlabel-config”…””}”(hjÔ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jµ  hjº  ubhŒ (8) è¾…åŠ©è„šæœ¬ï¼‰ã€‚”…””}”(hjº  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´M-hj¶  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j6  hj3  ubj7  )”}”(hŒ~NetLabel SCTPå¯¹ç«¯æ ‡ç­¾è§„åˆ™åº”ç”¨å¦‚ä¸‹æ‰€è¿°æ ‡ç­¾ä¸ºâ€œnetlabelâ€çš„ä¸€ç»„å¸–å­ï¼š
https://www.paul-moore.com/blog/t.
”h]”hÏ)”}”(hŒ}NetLabel SCTPå¯¹ç«¯æ ‡ç­¾è§„åˆ™åº”ç”¨å¦‚ä¸‹æ‰€è¿°æ ‡ç­¾ä¸ºâ€œnetlabelâ€çš„ä¸€ç»„å¸–å­ï¼š
https://www.paul-moore.com/blog/t.”h]”(hŒ[NetLabel SCTPå¯¹ç«¯æ ‡ç­¾è§„åˆ™åº”ç”¨å¦‚ä¸‹æ‰€è¿°æ ‡ç­¾ä¸ºâ€œnetlabelâ€çš„ä¸€ç»„å¸–å­ï¼š
”…””}”(hjö  h²hh³Nh´Nubj=  )”}”(hŒ!https://www.paul-moore.com/blog/t”h]”hŒ!https://www.paul-moore.com/blog/t”…””}”(hjþ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”j 	  uh1j<  hjö  ubhŒ.”…””}”(hjö  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´M2hjò  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j6  hj3  ubj7  )”}”(hX8  CIPSOä»…æ”¯æŒIPv4åœ°å€ï¼š ``socket(AF_INET, ...)``
CALIPSOä»…æ”¯æŒIPv6åœ°å€ï¼š ``socket(AF_INET6, ...)``

æµ‹è¯•CIPSO/CALIPSOæ—¶è¯·æ³¨æ„ä»¥ä¸‹äº‹é¡¹ï¼š
   a) å¦‚æžœSCTPæ•°æ®åŒ…ç”±äºŽæ— æ•ˆæ ‡ç­¾æ— æ³•é€è¾¾ï¼ŒCIPSOä¼šå‘é€ä¸€ä¸ªICMPåŒ…ã€‚
   b) CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚
”h]”(hÏ)”}”(hŒlCIPSOä»…æ”¯æŒIPv4åœ°å€ï¼š ``socket(AF_INET, ...)``
CALIPSOä»…æ”¯æŒIPv6åœ°å€ï¼š ``socket(AF_INET6, ...)``”h]”(hŒCIPSOä»…æ”¯æŒIPv4åœ°å€ï¼š ”…””}”(hj!	  h²hh³Nh´Nubjþ  )”}”(hŒ``socket(AF_INET, ...)``”h]”hŒsocket(AF_INET, ...)”…””}”(hj)	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj!	  ubhŒ
CALIPSOä»…æ”¯æŒIPv6åœ°å€ï¼š ”…””}”(hj!	  h²hh³Nh´Nubjþ  )”}”(hŒ``socket(AF_INET6, ...)``”h]”hŒsocket(AF_INET6, ...)”…””}”(hj;	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jý  hj!	  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´M5hj	  ubjæ  )”}”(hhh]”jë  )”}”(hŒÄæµ‹è¯•CIPSO/CALIPSOæ—¶è¯·æ³¨æ„ä»¥ä¸‹äº‹é¡¹ï¼š
a) å¦‚æžœSCTPæ•°æ®åŒ…ç”±äºŽæ— æ•ˆæ ‡ç­¾æ— æ³•é€è¾¾ï¼ŒCIPSOä¼šå‘é€ä¸€ä¸ªICMPåŒ…ã€‚
b) CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚
”h]”(jñ  )”}”(hŒ.æµ‹è¯•CIPSO/CALIPSOæ—¶è¯·æ³¨æ„ä»¥ä¸‹äº‹é¡¹ï¼š”h]”hŒ.æµ‹è¯•CIPSO/CALIPSOæ—¶è¯·æ³¨æ„ä»¥ä¸‹äº‹é¡¹ï¼š”…””}”(hjV	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jð  h³hÇh´M:hjR	  ubj  )”}”(hhh]”j2  )”}”(hhh]”(j7  )”}”(hŒRå¦‚æžœSCTPæ•°æ®åŒ…ç”±äºŽæ— æ•ˆæ ‡ç­¾æ— æ³•é€è¾¾ï¼ŒCIPSOä¼šå‘é€ä¸€ä¸ªICMPåŒ…ã€‚”h]”hÏ)”}”(hjl	  h]”hŒRå¦‚æžœSCTPæ•°æ®åŒ…ç”±äºŽæ— æ•ˆæ ‡ç­¾æ— æ³•é€è¾¾ï¼ŒCIPSOä¼šå‘é€ä¸€ä¸ªICMPåŒ…ã€‚”…””}”(hjn	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´M9hjj	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j6  hjg	  ubj7  )”}”(hŒ<CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚
”h]”hÏ)”}”(hŒ;CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚”h]”hŒ;CALIPSOä¸ä¼šå‘é€ICMPåŒ…ï¼Œåªä¼šé»˜é»˜ä¸¢å¼ƒæ•°æ®åŒ…ã€‚”…””}”(hj…	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´M:hj	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j6  hjg	  ubeh}”(h]”h ]”h"]”h$]”h&]”Œenumtype”Œ
loweralpha”Œprefix”hŒsuffix”Œ)”uh1j1  hjd	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j   hjR	  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jê  h³hÇh´M:hjO	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jå  hj	  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j6  hj3  ubj7  )”}”(hŒ”RFC 3554ä¸æ”¯æŒIPSEC â€”â€” SCTP/IPSECæ”¯æŒå°šæœªåœ¨ç”¨æˆ·ç©ºé—´å®žçŽ°(**racoon**\(8)
æˆ– **ipsec_pluto**\(8))ï¼Œå°½ç®¡å†…æ ¸æ”¯æŒ SCTP/IPSECã€‚”h]”hÏ)”}”(hŒ”RFC 3554ä¸æ”¯æŒIPSEC â€”â€” SCTP/IPSECæ”¯æŒå°šæœªåœ¨ç”¨æˆ·ç©ºé—´å®žçŽ°(**racoon**\(8)
æˆ– **ipsec_pluto**\(8))ï¼Œå°½ç®¡å†…æ ¸æ”¯æŒ SCTP/IPSECã€‚”h]”(hŒJRFC 3554ä¸æ”¯æŒIPSEC â€”â€” SCTP/IPSECæ”¯æŒå°šæœªåœ¨ç”¨æˆ·ç©ºé—´å®žçŽ°(”…””}”(hjÀ	  h²hh³Nh´Nubj¶  )”}”(hŒ
**racoon**”h]”hŒracoon”…””}”(hjÈ	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jµ  hjÀ	  ubhŒ	 (8)
æˆ– ”…””}”(hjÀ	  h²hh³Nh´Nubj¶  )”}”(hŒ**ipsec_pluto**”h]”hŒipsec_pluto”…””}”(hjÚ	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jµ  hjÀ	  ubhŒ( (8))ï¼Œå°½ç®¡å†…æ ¸æ”¯æŒ SCTP/IPSECã€‚”…””}”(hjÀ	  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÎh³hÇh´M<hj¼	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j6  hj3  ubeh}”(h]”h ]”h"]”h$]”h&]”jŸ	  Œarabic”j¡	  hj¢	  j£	  uh1j1  hj.  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j   hj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jê  h³hÇh´M<hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jå  hjè  h²hh³Nh´Nubeh}”(h]”Œid9”ah ]”h"]”Œsctpå¯¹ç«¯æ ‡ç­¾”ah$]”h&]”uh1jj  hjB  h²hh³hÇh´Mubeh}”(h]”jØ  ah ]”h"]”Œsctpçš„selinuxæ”¯æŒ”ah$]”h&]”uh1jj  hjl  h²hh³hÇh´K²j?  Kubeh}”(h]”Œsctp”ah ]”h"]”Œsctp”ah$]”h&]”uh1jj  hhh²hh³hÇh´Kubeh}”(h]”h ]”h"]”h$]”h&]”Œsource”hÇuh1hŒcurrent_source”NŒcurrent_line”NŒsettings”Œdocutils.frontend”ŒValues”“”)”}”(jo  NŒ	generator”NŒ	datestamp”NŒsource_link”NŒ
source_url”NŒtoc_backlinks”Œentry”Œfootnote_backlinks”KŒsectnum_xform”KŒstrip_comments”NŒstrip_elements_with_classes”NŒstrip_classes”NŒreport_level”KŒ
halt_level”KŒexit_status_level”KŒdebug”NŒwarning_stream”NŒ	traceback”ˆŒinput_encoding”Œ	utf-8-sig”Œinput_encoding_error_handler”Œstrict”Œoutput_encoding”Œutf-8”Œoutput_encoding_error_handler”jK
  Œerror_encoding”Œutf-8”Œerror_encoding_error_handler”Œbackslashreplace”Œlanguage_code”Œen”Œrecord_dependencies”NŒconfig”NŒ	id_prefix”hŒauto_id_prefix”Œid”Œdump_settings”NŒdump_internals”NŒdump_transforms”NŒdump_pseudo_xml”NŒexpose_internals”NŒstrict_visitor”NŒ_disable_config”NŒ_source”hÇŒ_destination”NŒ_config_files”]”Œ7/var/lib/git/docbuild/linux/Documentation/docutils.conf”aŒfile_insertion_enabled”ˆŒraw_enabled”KŒline_length_limit”M'Œpep_references”NŒpep_base_url”Œhttps://peps.python.org/”Œpep_file_url_template”Œpep-%04d”Œrfc_references”NŒrfc_base_url”Œ&https://datatracker.ietf.org/doc/html/”Œ	tab_width”KŒtrim_footnote_reference_space”‰Œsyntax_highlight”Œlong”Œsmart_quotes”ˆŒsmartquotes_locales”]”Œcharacter_level_inline_markup”‰Œdoctitle_xform”‰Œdocinfo_xform”KŒsectsubtitle_xform”‰Œimage_loading”Œlink”Œembed_stylesheet”‰Œcloak_email_addresses”ˆŒsection_self_link”‰Œenv”NubŒreporter”NŒindirect_targets”]”Œsubstitution_defs”}”Œsubstitution_names”}”Œrefnames”}”(Œsctpçš„selinuxæ”¯æŒ”]”jÇ  aŒsctpçš„lsmæ”¯æŒ”]”(jl  j)  euŒrefids”}”Œnameids”}”(j%
  j"
  j?  j<  Œå®‰å…¨é’©å­”NŒsecurity_sctp_assoc_request()”NŒsecurity_sctp_bind_connect()”NŒsecurity_sctp_sk_clone()”NŒ!security_sctp_assoc_established()”Nj7  j4  j
  jØ  jå  jâ  j
  j
  uŒ	nametypes”}”(j%
  ‰j?  ‰j“
  ‰j”
  ‰j•
  ‰j–
  ‰j—
  ‰j7  ‰j
  ‰jå  ‰j
  ‰uh}”(j"
  jl  j<  j  jÉ  j  j9  jä  j!  j@  jz  j'  jÁ  j€  j4  jÏ  jØ  jB  j2  jS  já  j”  jW  jæ  jå  j\  j+  jê  jâ  j7  j
  jè  uŒfootnote_refs”}”Œcitation_refs”}”Œautofootnotes”]”Œautofootnote_refs”]”Œsymbol_footnotes”]”Œsymbol_footnote_refs”]”Œ	footnotes”]”Œ	citations”]”Œautofootnote_start”KŒsymbol_footnote_start”K Œ
id_counter”Œcollections”ŒCounter”“”}”jY
  K	s…”R”Œparse_messages”]”(hŒsystem_message”“”)”}”(hhh]”hÏ)”}”(hŒ/Duplicate implicit target name: "å®‰å…¨é’©å­".”h]”hŒ3Duplicate implicit target name: â€œå®‰å…¨é’©å­â€.”…””}”(hj»
  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎhj¸
  ubah}”(h]”h ]”h"]”h$]”h&]”j2  aŒlevel”KŒtype”ŒINFO”Œsource”hÇŒline”Kµuh1j¶
  hjS  h²hh³hÇh´Kµubj·
  )”}”(hhh]”hÏ)”}”(hŒ@Duplicate implicit target name: "security_sctp_assoc_request()".”h]”hŒDDuplicate implicit target name: â€œsecurity_sctp_assoc_request()â€.”…””}”(hj×
  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎhjÔ
  ubah}”(h]”h ]”h"]”h$]”h&]”já  aŒlevel”KŒtype”jÑ
  Œsource”hÇŒline”KÁuh1j¶
  hj”  h²hh³hÇh´KÁubj·
  )”}”(hhh]”hÏ)”}”(hŒ?Duplicate implicit target name: "security_sctp_bind_connect()".”h]”hŒCDuplicate implicit target name: â€œsecurity_sctp_bind_connect()â€.”…””}”(hjò
  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎhjï
  ubah}”(h]”h ]”h"]”h$]”h&]”jW  aŒlevel”KŒtype”jÑ
  Œsource”hÇŒline”KÙuh1j¶
  hjæ  h²hh³hÇh´KÙubj·
  )”}”(hhh]”hÏ)”}”(hŒ;Duplicate implicit target name: "security_sctp_sk_clone()".”h]”hŒ?Duplicate implicit target name: â€œsecurity_sctp_sk_clone()â€.”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎhj
  ubah}”(h]”h ]”h"]”h$]”h&]”jå  aŒlevel”KŒtype”jÑ
  Œsource”hÇŒline”Kõuh1j¶
  hj\  h²hh³hÇh´Kõubj·
  )”}”(hhh]”hÏ)”}”(hŒDDuplicate implicit target name: "security_sctp_assoc_established()".”h]”hŒHDuplicate implicit target name: â€œsecurity_sctp_assoc_established()â€.”…””}”(hj(  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÎhj%  ubah}”(h]”h ]”h"]”h$]”h&]”j+  aŒlevel”KŒtype”jÑ
  Œsource”hÇŒline”Muh1j¶
  hjê  h²hh³hÇh´MubeŒtransform_messages”]”Œtransformer”NŒinclude_log”]”Œ2Documentation/translations/zh_CN/security/SCTP.rst”(NNNNt”†”aŒ
decoration”Nh²hub.