1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
41
42#include <linux/types.h>
43#include <linux/kernel.h>
44#include <linux/net.h>
45#include <linux/inet.h>
46#include <linux/skbuff.h>
47#include <linux/slab.h>
48#include <net/sock.h>
49#include <net/sctp/sctp.h>
50#include <net/sctp/sm.h>
51
52
53
54
55
56
57static void sctp_datamsg_init(struct sctp_datamsg *msg)
58{
59 atomic_set(&msg->refcnt, 1);
60 msg->send_failed = 0;
61 msg->send_error = 0;
62 msg->can_abandon = 0;
63 msg->can_delay = 1;
64 msg->expires_at = 0;
65 INIT_LIST_HEAD(&msg->chunks);
66}
67
68
69static struct sctp_datamsg *sctp_datamsg_new(gfp_t gfp)
70{
71 struct sctp_datamsg *msg;
72 msg = kmalloc(sizeof(struct sctp_datamsg), gfp);
73 if (msg) {
74 sctp_datamsg_init(msg);
75 SCTP_DBG_OBJCNT_INC(datamsg);
76 }
77 return msg;
78}
79
80void sctp_datamsg_free(struct sctp_datamsg *msg)
81{
82 struct sctp_chunk *chunk;
83
84
85
86
87 list_for_each_entry(chunk, &msg->chunks, frag_list)
88 sctp_chunk_free(chunk);
89
90 sctp_datamsg_put(msg);
91}
92
93
94static void sctp_datamsg_destroy(struct sctp_datamsg *msg)
95{
96 struct list_head *pos, *temp;
97 struct sctp_chunk *chunk;
98 struct sctp_sock *sp;
99 struct sctp_ulpevent *ev;
100 struct sctp_association *asoc = NULL;
101 int error = 0, notify;
102
103
104 notify = msg->send_failed ? -1 : 0;
105
106
107 list_for_each_safe(pos, temp, &msg->chunks) {
108 list_del_init(pos);
109 chunk = list_entry(pos, struct sctp_chunk, frag_list);
110
111 if (notify < 0) {
112 asoc = chunk->asoc;
113 if (msg->send_error)
114 error = msg->send_error;
115 else
116 error = asoc->outqueue.error;
117
118 sp = sctp_sk(asoc->base.sk);
119 notify = sctp_ulpevent_type_enabled(SCTP_SEND_FAILED,
120 &sp->subscribe);
121 }
122
123
124 if (notify > 0) {
125 int sent;
126 if (chunk->has_tsn)
127 sent = SCTP_DATA_SENT;
128 else
129 sent = SCTP_DATA_UNSENT;
130
131 ev = sctp_ulpevent_make_send_failed(asoc, chunk, sent,
132 error, GFP_ATOMIC);
133 if (ev)
134 sctp_ulpq_tail_event(&asoc->ulpq, ev);
135 }
136
137 sctp_chunk_put(chunk);
138 }
139
140 SCTP_DBG_OBJCNT_DEC(datamsg);
141 kfree(msg);
142}
143
144
145static void sctp_datamsg_hold(struct sctp_datamsg *msg)
146{
147 atomic_inc(&msg->refcnt);
148}
149
150
151void sctp_datamsg_put(struct sctp_datamsg *msg)
152{
153 if (atomic_dec_and_test(&msg->refcnt))
154 sctp_datamsg_destroy(msg);
155}
156
157
158static void sctp_datamsg_assign(struct sctp_datamsg *msg, struct sctp_chunk *chunk)
159{
160 sctp_datamsg_hold(msg);
161 chunk->msg = msg;
162}
163
164
165
166
167
168
169
170
171
172struct sctp_datamsg *sctp_datamsg_from_user(struct sctp_association *asoc,
173 struct sctp_sndrcvinfo *sinfo,
174 struct msghdr *msgh, int msg_len)
175{
176 int max, whole, i, offset, over, err;
177 int len, first_len;
178 int max_data;
179 struct sctp_chunk *chunk;
180 struct sctp_datamsg *msg;
181 struct list_head *pos, *temp;
182 __u8 frag;
183
184 msg = sctp_datamsg_new(GFP_KERNEL);
185 if (!msg)
186 return ERR_PTR(-ENOMEM);
187
188
189
190
191 if (sinfo->sinfo_timetolive) {
192
193 msg->expires_at = jiffies +
194 msecs_to_jiffies(sinfo->sinfo_timetolive);
195 msg->can_abandon = 1;
196
197 pr_debug("%s: msg:%p expires_at:%ld jiffies:%ld\n", __func__,
198 msg, msg->expires_at, jiffies);
199 }
200
201
202
203
204 max_data = asoc->pathmtu -
205 sctp_sk(asoc->base.sk)->pf->af->net_header_len -
206 sizeof(struct sctphdr) - sizeof(struct sctp_data_chunk);
207
208 max = asoc->frag_point;
209
210
211
212
213 if (sctp_auth_send_cid(SCTP_CID_DATA, asoc)) {
214 struct sctp_hmac *hmac_desc = sctp_auth_asoc_get_hmac(asoc);
215
216 if (hmac_desc)
217 max_data -= WORD_ROUND(sizeof(sctp_auth_chunk_t) +
218 hmac_desc->hmac_len);
219 }
220
221
222 if (max > max_data)
223 max = max_data;
224
225 whole = 0;
226 first_len = max;
227
228
229
230
231
232
233
234 if (timer_pending(&asoc->timers[SCTP_EVENT_TIMEOUT_SACK]) &&
235 asoc->outqueue.out_qlen == 0 &&
236 list_empty(&asoc->outqueue.retransmit) &&
237 msg_len > max)
238 max_data -= WORD_ROUND(sizeof(sctp_sack_chunk_t));
239
240
241 if (asoc->state < SCTP_STATE_COOKIE_ECHOED)
242 max_data -= SCTP_ARBITRARY_COOKIE_ECHO_LEN;
243
244
245 if (first_len > max_data)
246 first_len = max_data;
247
248
249 if (msg_len >= first_len) {
250 msg_len -= first_len;
251 whole = 1;
252 msg->can_delay = 0;
253 }
254
255
256 whole += msg_len / max;
257 over = msg_len % max;
258 offset = 0;
259
260 if ((whole > 1) || (whole && over))
261 SCTP_INC_STATS_USER(sock_net(asoc->base.sk), SCTP_MIB_FRAGUSRMSGS);
262
263
264 for (i=0, len=first_len; i < whole; i++) {
265 frag = SCTP_DATA_MIDDLE_FRAG;
266
267 if (0 == i)
268 frag |= SCTP_DATA_FIRST_FRAG;
269
270 if ((i == (whole - 1)) && !over) {
271 frag |= SCTP_DATA_LAST_FRAG;
272
273
274
275
276
277 if ((sinfo->sinfo_flags & SCTP_EOF) ||
278 (sinfo->sinfo_flags & SCTP_SACK_IMMEDIATELY))
279 frag |= SCTP_DATA_SACK_IMM;
280 }
281
282 chunk = sctp_make_datafrag_empty(asoc, sinfo, len, frag, 0);
283
284 if (!chunk) {
285 err = -ENOMEM;
286 goto errout;
287 }
288
289 err = sctp_user_addto_chunk(chunk, offset, len, msgh->msg_iov);
290 if (err < 0)
291 goto errout_chunk_free;
292
293 offset += len;
294
295
296 __skb_pull(chunk->skb, (__u8 *)chunk->chunk_hdr
297 - (__u8 *)chunk->skb->data);
298
299 sctp_datamsg_assign(msg, chunk);
300 list_add_tail(&chunk->frag_list, &msg->chunks);
301
302
303
304
305 if (0 == i)
306 len = max;
307 }
308
309
310 if (over) {
311 if (!whole)
312 frag = SCTP_DATA_NOT_FRAG;
313 else
314 frag = SCTP_DATA_LAST_FRAG;
315
316 if ((sinfo->sinfo_flags & SCTP_EOF) ||
317 (sinfo->sinfo_flags & SCTP_SACK_IMMEDIATELY))
318 frag |= SCTP_DATA_SACK_IMM;
319
320 chunk = sctp_make_datafrag_empty(asoc, sinfo, over, frag, 0);
321
322 if (!chunk) {
323 err = -ENOMEM;
324 goto errout;
325 }
326
327 err = sctp_user_addto_chunk(chunk, offset, over,msgh->msg_iov);
328
329
330 __skb_pull(chunk->skb, (__u8 *)chunk->chunk_hdr
331 - (__u8 *)chunk->skb->data);
332 if (err < 0)
333 goto errout_chunk_free;
334
335 sctp_datamsg_assign(msg, chunk);
336 list_add_tail(&chunk->frag_list, &msg->chunks);
337 }
338
339 return msg;
340
341errout_chunk_free:
342 sctp_chunk_free(chunk);
343
344errout:
345 list_for_each_safe(pos, temp, &msg->chunks) {
346 list_del_init(pos);
347 chunk = list_entry(pos, struct sctp_chunk, frag_list);
348 sctp_chunk_free(chunk);
349 }
350 sctp_datamsg_put(msg);
351 return ERR_PTR(err);
352}
353
354
355int sctp_chunk_abandoned(struct sctp_chunk *chunk)
356{
357 struct sctp_datamsg *msg = chunk->msg;
358
359 if (!msg->can_abandon)
360 return 0;
361
362 if (time_after(jiffies, msg->expires_at))
363 return 1;
364
365 return 0;
366}
367
368
369void sctp_chunk_fail(struct sctp_chunk *chunk, int error)
370{
371 chunk->msg->send_failed = 1;
372 chunk->msg->send_error = error;
373}
374