1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
48
49#include <linux/types.h>
50#include <linux/kernel.h>
51#include <linux/ip.h>
52#include <linux/ipv6.h>
53#include <linux/net.h>
54#include <linux/inet.h>
55#include <linux/scatterlist.h>
56#include <linux/crypto.h>
57#include <linux/slab.h>
58#include <net/sock.h>
59
60#include <linux/skbuff.h>
61#include <linux/random.h>
62#include <net/sctp/sctp.h>
63#include <net/sctp/sm.h>
64
65static struct sctp_chunk *sctp_make_control(const struct sctp_association *asoc,
66 __u8 type, __u8 flags, int paylen);
67static struct sctp_chunk *sctp_make_data(const struct sctp_association *asoc,
68 __u8 flags, int paylen);
69static struct sctp_chunk *_sctp_make_chunk(const struct sctp_association *asoc,
70 __u8 type, __u8 flags, int paylen);
71static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep,
72 const struct sctp_association *asoc,
73 const struct sctp_chunk *init_chunk,
74 int *cookie_len,
75 const __u8 *raw_addrs, int addrs_len);
76static int sctp_process_param(struct sctp_association *asoc,
77 union sctp_params param,
78 const union sctp_addr *peer_addr,
79 gfp_t gfp);
80static void *sctp_addto_param(struct sctp_chunk *chunk, int len,
81 const void *data);
82
83
84static void sctp_control_release_owner(struct sk_buff *skb)
85{
86
87}
88
89static void sctp_control_set_owner_w(struct sctp_chunk *chunk)
90{
91 struct sctp_association *asoc = chunk->asoc;
92 struct sk_buff *skb = chunk->skb;
93
94
95
96
97
98
99
100
101 skb->sk = asoc ? asoc->base.sk : NULL;
102 skb->destructor = sctp_control_release_owner;
103}
104
105
106int sctp_chunk_iif(const struct sctp_chunk *chunk)
107{
108 struct sctp_af *af;
109 int iif = 0;
110
111 af = sctp_get_af_specific(ipver2af(ip_hdr(chunk->skb)->version));
112 if (af)
113 iif = af->skb_iif(chunk->skb);
114
115 return iif;
116}
117
118
119
120
121
122
123static const struct sctp_paramhdr ecap_param = {
124 SCTP_PARAM_ECN_CAPABLE,
125 cpu_to_be16(sizeof(struct sctp_paramhdr)),
126};
127static const struct sctp_paramhdr prsctp_param = {
128 SCTP_PARAM_FWD_TSN_SUPPORT,
129 cpu_to_be16(sizeof(struct sctp_paramhdr)),
130};
131
132
133
134
135
136void sctp_init_cause(struct sctp_chunk *chunk, __be16 cause_code,
137 size_t paylen)
138{
139 sctp_errhdr_t err;
140 __u16 len;
141
142
143 err.cause = cause_code;
144 len = sizeof(sctp_errhdr_t) + paylen;
145 err.length = htons(len);
146 chunk->subh.err_hdr = sctp_addto_chunk(chunk, sizeof(sctp_errhdr_t), &err);
147}
148
149
150
151
152
153
154static int sctp_init_cause_fixed(struct sctp_chunk *chunk, __be16 cause_code,
155 size_t paylen)
156{
157 sctp_errhdr_t err;
158 __u16 len;
159
160
161 err.cause = cause_code;
162 len = sizeof(sctp_errhdr_t) + paylen;
163 err.length = htons(len);
164
165 if (skb_tailroom(chunk->skb) < len)
166 return -ENOSPC;
167 chunk->subh.err_hdr = sctp_addto_chunk_fixed(chunk,
168 sizeof(sctp_errhdr_t),
169 &err);
170 return 0;
171}
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
217 const struct sctp_bind_addr *bp,
218 gfp_t gfp, int vparam_len)
219{
220 struct net *net = sock_net(asoc->base.sk);
221 sctp_inithdr_t init;
222 union sctp_params addrs;
223 size_t chunksize;
224 struct sctp_chunk *retval = NULL;
225 int num_types, addrs_len = 0;
226 struct sctp_sock *sp;
227 sctp_supported_addrs_param_t sat;
228 __be16 types[2];
229 sctp_adaptation_ind_param_t aiparam;
230 sctp_supported_ext_param_t ext_param;
231 int num_ext = 0;
232 __u8 extensions[3];
233 sctp_paramhdr_t *auth_chunks = NULL,
234 *auth_hmacs = NULL;
235
236
237
238
239
240
241 retval = NULL;
242
243
244 addrs = sctp_bind_addrs_to_raw(bp, &addrs_len, gfp);
245
246 init.init_tag = htonl(asoc->c.my_vtag);
247 init.a_rwnd = htonl(asoc->rwnd);
248 init.num_outbound_streams = htons(asoc->c.sinit_num_ostreams);
249 init.num_inbound_streams = htons(asoc->c.sinit_max_instreams);
250 init.initial_tsn = htonl(asoc->c.initial_tsn);
251
252
253 sp = sctp_sk(asoc->base.sk);
254 num_types = sp->pf->supported_addrs(sp, types);
255
256 chunksize = sizeof(init) + addrs_len;
257 chunksize += WORD_ROUND(SCTP_SAT_LEN(num_types));
258 chunksize += sizeof(ecap_param);
259
260 if (net->sctp.prsctp_enable)
261 chunksize += sizeof(prsctp_param);
262
263
264
265
266
267
268 if (net->sctp.addip_enable) {
269 extensions[num_ext] = SCTP_CID_ASCONF;
270 extensions[num_ext+1] = SCTP_CID_ASCONF_ACK;
271 num_ext += 2;
272 }
273
274 if (sp->adaptation_ind)
275 chunksize += sizeof(aiparam);
276
277 chunksize += vparam_len;
278
279
280 if (net->sctp.auth_enable) {
281
282 chunksize += sizeof(asoc->c.auth_random);
283
284
285 auth_hmacs = (sctp_paramhdr_t *)asoc->c.auth_hmacs;
286 if (auth_hmacs->length)
287 chunksize += WORD_ROUND(ntohs(auth_hmacs->length));
288 else
289 auth_hmacs = NULL;
290
291
292 auth_chunks = (sctp_paramhdr_t *)asoc->c.auth_chunks;
293 if (auth_chunks->length)
294 chunksize += WORD_ROUND(ntohs(auth_chunks->length));
295 else
296 auth_chunks = NULL;
297
298 extensions[num_ext] = SCTP_CID_AUTH;
299 num_ext += 1;
300 }
301
302
303 if (num_ext)
304 chunksize += WORD_ROUND(sizeof(sctp_supported_ext_param_t) +
305 num_ext);
306
307
308
309
310
311
312
313
314
315
316
317
318
319 retval = sctp_make_control(asoc, SCTP_CID_INIT, 0, chunksize);
320 if (!retval)
321 goto nodata;
322
323 retval->subh.init_hdr =
324 sctp_addto_chunk(retval, sizeof(init), &init);
325 retval->param_hdr.v =
326 sctp_addto_chunk(retval, addrs_len, addrs.v);
327
328
329
330
331
332
333
334
335 sat.param_hdr.type = SCTP_PARAM_SUPPORTED_ADDRESS_TYPES;
336 sat.param_hdr.length = htons(SCTP_SAT_LEN(num_types));
337 sctp_addto_chunk(retval, sizeof(sat), &sat);
338 sctp_addto_chunk(retval, num_types * sizeof(__u16), &types);
339
340 sctp_addto_chunk(retval, sizeof(ecap_param), &ecap_param);
341
342
343
344
345 if (num_ext) {
346 ext_param.param_hdr.type = SCTP_PARAM_SUPPORTED_EXT;
347 ext_param.param_hdr.length =
348 htons(sizeof(sctp_supported_ext_param_t) + num_ext);
349 sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t),
350 &ext_param);
351 sctp_addto_param(retval, num_ext, extensions);
352 }
353
354 if (net->sctp.prsctp_enable)
355 sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param);
356
357 if (sp->adaptation_ind) {
358 aiparam.param_hdr.type = SCTP_PARAM_ADAPTATION_LAYER_IND;
359 aiparam.param_hdr.length = htons(sizeof(aiparam));
360 aiparam.adaptation_ind = htonl(sp->adaptation_ind);
361 sctp_addto_chunk(retval, sizeof(aiparam), &aiparam);
362 }
363
364
365 if (net->sctp.auth_enable) {
366 sctp_addto_chunk(retval, sizeof(asoc->c.auth_random),
367 asoc->c.auth_random);
368 if (auth_hmacs)
369 sctp_addto_chunk(retval, ntohs(auth_hmacs->length),
370 auth_hmacs);
371 if (auth_chunks)
372 sctp_addto_chunk(retval, ntohs(auth_chunks->length),
373 auth_chunks);
374 }
375nodata:
376 kfree(addrs.v);
377 return retval;
378}
379
380struct sctp_chunk *sctp_make_init_ack(const struct sctp_association *asoc,
381 const struct sctp_chunk *chunk,
382 gfp_t gfp, int unkparam_len)
383{
384 sctp_inithdr_t initack;
385 struct sctp_chunk *retval;
386 union sctp_params addrs;
387 struct sctp_sock *sp;
388 int addrs_len;
389 sctp_cookie_param_t *cookie;
390 int cookie_len;
391 size_t chunksize;
392 sctp_adaptation_ind_param_t aiparam;
393 sctp_supported_ext_param_t ext_param;
394 int num_ext = 0;
395 __u8 extensions[3];
396 sctp_paramhdr_t *auth_chunks = NULL,
397 *auth_hmacs = NULL,
398 *auth_random = NULL;
399
400 retval = NULL;
401
402
403 addrs = sctp_bind_addrs_to_raw(&asoc->base.bind_addr, &addrs_len, gfp);
404
405 initack.init_tag = htonl(asoc->c.my_vtag);
406 initack.a_rwnd = htonl(asoc->rwnd);
407 initack.num_outbound_streams = htons(asoc->c.sinit_num_ostreams);
408 initack.num_inbound_streams = htons(asoc->c.sinit_max_instreams);
409 initack.initial_tsn = htonl(asoc->c.initial_tsn);
410
411
412
413
414 cookie = sctp_pack_cookie(asoc->ep, asoc, chunk, &cookie_len,
415 addrs.v, addrs_len);
416 if (!cookie)
417 goto nomem_cookie;
418
419
420
421
422 sp = sctp_sk(asoc->base.sk);
423 chunksize = sizeof(initack) + addrs_len + cookie_len + unkparam_len;
424
425
426 if (asoc->peer.ecn_capable)
427 chunksize += sizeof(ecap_param);
428
429 if (asoc->peer.prsctp_capable)
430 chunksize += sizeof(prsctp_param);
431
432 if (asoc->peer.asconf_capable) {
433 extensions[num_ext] = SCTP_CID_ASCONF;
434 extensions[num_ext+1] = SCTP_CID_ASCONF_ACK;
435 num_ext += 2;
436 }
437
438 if (sp->adaptation_ind)
439 chunksize += sizeof(aiparam);
440
441 if (asoc->peer.auth_capable) {
442 auth_random = (sctp_paramhdr_t *)asoc->c.auth_random;
443 chunksize += ntohs(auth_random->length);
444
445 auth_hmacs = (sctp_paramhdr_t *)asoc->c.auth_hmacs;
446 if (auth_hmacs->length)
447 chunksize += WORD_ROUND(ntohs(auth_hmacs->length));
448 else
449 auth_hmacs = NULL;
450
451 auth_chunks = (sctp_paramhdr_t *)asoc->c.auth_chunks;
452 if (auth_chunks->length)
453 chunksize += WORD_ROUND(ntohs(auth_chunks->length));
454 else
455 auth_chunks = NULL;
456
457 extensions[num_ext] = SCTP_CID_AUTH;
458 num_ext += 1;
459 }
460
461 if (num_ext)
462 chunksize += WORD_ROUND(sizeof(sctp_supported_ext_param_t) +
463 num_ext);
464
465
466 retval = sctp_make_control(asoc, SCTP_CID_INIT_ACK, 0, chunksize);
467 if (!retval)
468 goto nomem_chunk;
469
470
471
472
473
474
475
476
477
478
479 retval->transport = chunk->transport;
480
481 retval->subh.init_hdr =
482 sctp_addto_chunk(retval, sizeof(initack), &initack);
483 retval->param_hdr.v = sctp_addto_chunk(retval, addrs_len, addrs.v);
484 sctp_addto_chunk(retval, cookie_len, cookie);
485 if (asoc->peer.ecn_capable)
486 sctp_addto_chunk(retval, sizeof(ecap_param), &ecap_param);
487 if (num_ext) {
488 ext_param.param_hdr.type = SCTP_PARAM_SUPPORTED_EXT;
489 ext_param.param_hdr.length =
490 htons(sizeof(sctp_supported_ext_param_t) + num_ext);
491 sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t),
492 &ext_param);
493 sctp_addto_param(retval, num_ext, extensions);
494 }
495 if (asoc->peer.prsctp_capable)
496 sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param);
497
498 if (sp->adaptation_ind) {
499 aiparam.param_hdr.type = SCTP_PARAM_ADAPTATION_LAYER_IND;
500 aiparam.param_hdr.length = htons(sizeof(aiparam));
501 aiparam.adaptation_ind = htonl(sp->adaptation_ind);
502 sctp_addto_chunk(retval, sizeof(aiparam), &aiparam);
503 }
504
505 if (asoc->peer.auth_capable) {
506 sctp_addto_chunk(retval, ntohs(auth_random->length),
507 auth_random);
508 if (auth_hmacs)
509 sctp_addto_chunk(retval, ntohs(auth_hmacs->length),
510 auth_hmacs);
511 if (auth_chunks)
512 sctp_addto_chunk(retval, ntohs(auth_chunks->length),
513 auth_chunks);
514 }
515
516
517 retval->asoc = (struct sctp_association *) asoc;
518
519nomem_chunk:
520 kfree(cookie);
521nomem_cookie:
522 kfree(addrs.v);
523 return retval;
524}
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560struct sctp_chunk *sctp_make_cookie_echo(const struct sctp_association *asoc,
561 const struct sctp_chunk *chunk)
562{
563 struct sctp_chunk *retval;
564 void *cookie;
565 int cookie_len;
566
567 cookie = asoc->peer.cookie;
568 cookie_len = asoc->peer.cookie_len;
569
570
571 retval = sctp_make_control(asoc, SCTP_CID_COOKIE_ECHO, 0, cookie_len);
572 if (!retval)
573 goto nodata;
574 retval->subh.cookie_hdr =
575 sctp_addto_chunk(retval, cookie_len, cookie);
576
577
578
579
580
581
582
583
584
585
586 if (chunk)
587 retval->transport = chunk->transport;
588
589nodata:
590 return retval;
591}
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611struct sctp_chunk *sctp_make_cookie_ack(const struct sctp_association *asoc,
612 const struct sctp_chunk *chunk)
613{
614 struct sctp_chunk *retval;
615
616 retval = sctp_make_control(asoc, SCTP_CID_COOKIE_ACK, 0, 0);
617
618
619
620
621
622
623
624
625
626
627 if (retval && chunk)
628 retval->transport = chunk->transport;
629
630 return retval;
631}
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656struct sctp_chunk *sctp_make_cwr(const struct sctp_association *asoc,
657 const __u32 lowest_tsn,
658 const struct sctp_chunk *chunk)
659{
660 struct sctp_chunk *retval;
661 sctp_cwrhdr_t cwr;
662
663 cwr.lowest_tsn = htonl(lowest_tsn);
664 retval = sctp_make_control(asoc, SCTP_CID_ECN_CWR, 0,
665 sizeof(sctp_cwrhdr_t));
666
667 if (!retval)
668 goto nodata;
669
670 retval->subh.ecn_cwr_hdr =
671 sctp_addto_chunk(retval, sizeof(cwr), &cwr);
672
673
674
675
676
677
678
679
680
681
682
683 if (chunk)
684 retval->transport = chunk->transport;
685
686nodata:
687 return retval;
688}
689
690
691struct sctp_chunk *sctp_make_ecne(const struct sctp_association *asoc,
692 const __u32 lowest_tsn)
693{
694 struct sctp_chunk *retval;
695 sctp_ecnehdr_t ecne;
696
697 ecne.lowest_tsn = htonl(lowest_tsn);
698 retval = sctp_make_control(asoc, SCTP_CID_ECN_ECNE, 0,
699 sizeof(sctp_ecnehdr_t));
700 if (!retval)
701 goto nodata;
702 retval->subh.ecne_hdr =
703 sctp_addto_chunk(retval, sizeof(ecne), &ecne);
704
705nodata:
706 return retval;
707}
708
709
710
711
712struct sctp_chunk *sctp_make_datafrag_empty(struct sctp_association *asoc,
713 const struct sctp_sndrcvinfo *sinfo,
714 int data_len, __u8 flags, __u16 ssn)
715{
716 struct sctp_chunk *retval;
717 struct sctp_datahdr dp;
718 int chunk_len;
719
720
721
722
723 dp.tsn = 0;
724 dp.stream = htons(sinfo->sinfo_stream);
725 dp.ppid = sinfo->sinfo_ppid;
726
727
728 if (sinfo->sinfo_flags & SCTP_UNORDERED) {
729 flags |= SCTP_DATA_UNORDERED;
730 dp.ssn = 0;
731 } else
732 dp.ssn = htons(ssn);
733
734 chunk_len = sizeof(dp) + data_len;
735 retval = sctp_make_data(asoc, flags, chunk_len);
736 if (!retval)
737 goto nodata;
738
739 retval->subh.data_hdr = sctp_addto_chunk(retval, sizeof(dp), &dp);
740 memcpy(&retval->sinfo, sinfo, sizeof(struct sctp_sndrcvinfo));
741
742nodata:
743 return retval;
744}
745
746
747
748
749
750struct sctp_chunk *sctp_make_sack(const struct sctp_association *asoc)
751{
752 struct sctp_chunk *retval;
753 struct sctp_sackhdr sack;
754 int len;
755 __u32 ctsn;
756 __u16 num_gabs, num_dup_tsns;
757 struct sctp_association *aptr = (struct sctp_association *)asoc;
758 struct sctp_tsnmap *map = (struct sctp_tsnmap *)&asoc->peer.tsn_map;
759 struct sctp_gap_ack_block gabs[SCTP_MAX_GABS];
760 struct sctp_transport *trans;
761
762 memset(gabs, 0, sizeof(gabs));
763 ctsn = sctp_tsnmap_get_ctsn(map);
764
765 pr_debug("%s: sackCTSNAck sent:0x%x\n", __func__, ctsn);
766
767
768 num_gabs = sctp_tsnmap_num_gabs(map, gabs);
769 num_dup_tsns = sctp_tsnmap_num_dups(map);
770
771
772 sack.cum_tsn_ack = htonl(ctsn);
773 sack.a_rwnd = htonl(asoc->a_rwnd);
774 sack.num_gap_ack_blocks = htons(num_gabs);
775 sack.num_dup_tsns = htons(num_dup_tsns);
776
777 len = sizeof(sack)
778 + sizeof(struct sctp_gap_ack_block) * num_gabs
779 + sizeof(__u32) * num_dup_tsns;
780
781
782 retval = sctp_make_control(asoc, SCTP_CID_SACK, 0, len);
783 if (!retval)
784 goto nodata;
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816 retval->transport = asoc->peer.last_data_from;
817
818 retval->subh.sack_hdr =
819 sctp_addto_chunk(retval, sizeof(sack), &sack);
820
821
822 if (num_gabs)
823 sctp_addto_chunk(retval, sizeof(__u32) * num_gabs,
824 gabs);
825
826
827 if (num_dup_tsns) {
828 aptr->stats.idupchunks += num_dup_tsns;
829 sctp_addto_chunk(retval, sizeof(__u32) * num_dup_tsns,
830 sctp_tsnmap_get_dups(map));
831 }
832
833
834
835
836
837
838
839
840 if (++aptr->peer.sack_generation == 0) {
841 list_for_each_entry(trans, &asoc->peer.transport_addr_list,
842 transports)
843 trans->sack_generation = 0;
844 aptr->peer.sack_generation = 1;
845 }
846nodata:
847 return retval;
848}
849
850
851struct sctp_chunk *sctp_make_shutdown(const struct sctp_association *asoc,
852 const struct sctp_chunk *chunk)
853{
854 struct sctp_chunk *retval;
855 sctp_shutdownhdr_t shut;
856 __u32 ctsn;
857
858 ctsn = sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map);
859 shut.cum_tsn_ack = htonl(ctsn);
860
861 retval = sctp_make_control(asoc, SCTP_CID_SHUTDOWN, 0,
862 sizeof(sctp_shutdownhdr_t));
863 if (!retval)
864 goto nodata;
865
866 retval->subh.shutdown_hdr =
867 sctp_addto_chunk(retval, sizeof(shut), &shut);
868
869 if (chunk)
870 retval->transport = chunk->transport;
871nodata:
872 return retval;
873}
874
875struct sctp_chunk *sctp_make_shutdown_ack(const struct sctp_association *asoc,
876 const struct sctp_chunk *chunk)
877{
878 struct sctp_chunk *retval;
879
880 retval = sctp_make_control(asoc, SCTP_CID_SHUTDOWN_ACK, 0, 0);
881
882
883
884
885
886
887
888
889
890
891 if (retval && chunk)
892 retval->transport = chunk->transport;
893
894 return retval;
895}
896
897struct sctp_chunk *sctp_make_shutdown_complete(
898 const struct sctp_association *asoc,
899 const struct sctp_chunk *chunk)
900{
901 struct sctp_chunk *retval;
902 __u8 flags = 0;
903
904
905
906
907 flags |= asoc ? 0 : SCTP_CHUNK_FLAG_T;
908
909 retval = sctp_make_control(asoc, SCTP_CID_SHUTDOWN_COMPLETE, flags, 0);
910
911
912
913
914
915
916
917
918
919
920
921 if (retval && chunk)
922 retval->transport = chunk->transport;
923
924 return retval;
925}
926
927
928
929
930struct sctp_chunk *sctp_make_abort(const struct sctp_association *asoc,
931 const struct sctp_chunk *chunk,
932 const size_t hint)
933{
934 struct sctp_chunk *retval;
935 __u8 flags = 0;
936
937
938
939
940 if (!asoc) {
941 if (chunk && chunk->chunk_hdr &&
942 chunk->chunk_hdr->type == SCTP_CID_INIT)
943 flags = 0;
944 else
945 flags = SCTP_CHUNK_FLAG_T;
946 }
947
948 retval = sctp_make_control(asoc, SCTP_CID_ABORT, flags, hint);
949
950
951
952
953
954
955
956
957
958
959 if (retval && chunk)
960 retval->transport = chunk->transport;
961
962 return retval;
963}
964
965
966struct sctp_chunk *sctp_make_abort_no_data(
967 const struct sctp_association *asoc,
968 const struct sctp_chunk *chunk, __u32 tsn)
969{
970 struct sctp_chunk *retval;
971 __be32 payload;
972
973 retval = sctp_make_abort(asoc, chunk, sizeof(sctp_errhdr_t)
974 + sizeof(tsn));
975
976 if (!retval)
977 goto no_mem;
978
979
980 payload = htonl(tsn);
981 sctp_init_cause(retval, SCTP_ERROR_NO_DATA, sizeof(payload));
982 sctp_addto_chunk(retval, sizeof(payload), (const void *)&payload);
983
984
985
986
987
988
989
990
991
992
993 if (chunk)
994 retval->transport = chunk->transport;
995
996no_mem:
997 return retval;
998}
999
1000
1001struct sctp_chunk *sctp_make_abort_user(const struct sctp_association *asoc,
1002 const struct msghdr *msg,
1003 size_t paylen)
1004{
1005 struct sctp_chunk *retval;
1006 void *payload = NULL;
1007 int err;
1008
1009 retval = sctp_make_abort(asoc, NULL, sizeof(sctp_errhdr_t) + paylen);
1010 if (!retval)
1011 goto err_chunk;
1012
1013 if (paylen) {
1014
1015 payload = kmalloc(paylen, GFP_KERNEL);
1016 if (!payload)
1017 goto err_payload;
1018
1019 err = memcpy_fromiovec(payload, msg->msg_iov, paylen);
1020 if (err < 0)
1021 goto err_copy;
1022 }
1023
1024 sctp_init_cause(retval, SCTP_ERROR_USER_ABORT, paylen);
1025 sctp_addto_chunk(retval, paylen, payload);
1026
1027 if (paylen)
1028 kfree(payload);
1029
1030 return retval;
1031
1032err_copy:
1033 kfree(payload);
1034err_payload:
1035 sctp_chunk_free(retval);
1036 retval = NULL;
1037err_chunk:
1038 return retval;
1039}
1040
1041
1042
1043
1044static void *sctp_addto_param(struct sctp_chunk *chunk, int len,
1045 const void *data)
1046{
1047 void *target;
1048 int chunklen = ntohs(chunk->chunk_hdr->length);
1049
1050 target = skb_put(chunk->skb, len);
1051
1052 if (data)
1053 memcpy(target, data, len);
1054 else
1055 memset(target, 0, len);
1056
1057
1058 chunk->chunk_hdr->length = htons(chunklen + len);
1059 chunk->chunk_end = skb_tail_pointer(chunk->skb);
1060
1061 return target;
1062}
1063
1064
1065struct sctp_chunk *sctp_make_abort_violation(
1066 const struct sctp_association *asoc,
1067 const struct sctp_chunk *chunk,
1068 const __u8 *payload,
1069 const size_t paylen)
1070{
1071 struct sctp_chunk *retval;
1072 struct sctp_paramhdr phdr;
1073
1074 retval = sctp_make_abort(asoc, chunk, sizeof(sctp_errhdr_t) + paylen
1075 + sizeof(sctp_paramhdr_t));
1076 if (!retval)
1077 goto end;
1078
1079 sctp_init_cause(retval, SCTP_ERROR_PROTO_VIOLATION, paylen
1080 + sizeof(sctp_paramhdr_t));
1081
1082 phdr.type = htons(chunk->chunk_hdr->type);
1083 phdr.length = chunk->chunk_hdr->length;
1084 sctp_addto_chunk(retval, paylen, payload);
1085 sctp_addto_param(retval, sizeof(sctp_paramhdr_t), &phdr);
1086
1087end:
1088 return retval;
1089}
1090
1091struct sctp_chunk *sctp_make_violation_paramlen(
1092 const struct sctp_association *asoc,
1093 const struct sctp_chunk *chunk,
1094 struct sctp_paramhdr *param)
1095{
1096 struct sctp_chunk *retval;
1097 static const char error[] = "The following parameter had invalid length:";
1098 size_t payload_len = sizeof(error) + sizeof(sctp_errhdr_t) +
1099 sizeof(sctp_paramhdr_t);
1100
1101 retval = sctp_make_abort(asoc, chunk, payload_len);
1102 if (!retval)
1103 goto nodata;
1104
1105 sctp_init_cause(retval, SCTP_ERROR_PROTO_VIOLATION,
1106 sizeof(error) + sizeof(sctp_paramhdr_t));
1107 sctp_addto_chunk(retval, sizeof(error), error);
1108 sctp_addto_param(retval, sizeof(sctp_paramhdr_t), param);
1109
1110nodata:
1111 return retval;
1112}
1113
1114struct sctp_chunk *sctp_make_violation_max_retrans(
1115 const struct sctp_association *asoc,
1116 const struct sctp_chunk *chunk)
1117{
1118 struct sctp_chunk *retval;
1119 static const char error[] = "Association exceeded its max_retans count";
1120 size_t payload_len = sizeof(error) + sizeof(sctp_errhdr_t);
1121
1122 retval = sctp_make_abort(asoc, chunk, payload_len);
1123 if (!retval)
1124 goto nodata;
1125
1126 sctp_init_cause(retval, SCTP_ERROR_PROTO_VIOLATION, sizeof(error));
1127 sctp_addto_chunk(retval, sizeof(error), error);
1128
1129nodata:
1130 return retval;
1131}
1132
1133
1134struct sctp_chunk *sctp_make_heartbeat(const struct sctp_association *asoc,
1135 const struct sctp_transport *transport)
1136{
1137 struct sctp_chunk *retval;
1138 sctp_sender_hb_info_t hbinfo;
1139
1140 retval = sctp_make_control(asoc, SCTP_CID_HEARTBEAT, 0, sizeof(hbinfo));
1141
1142 if (!retval)
1143 goto nodata;
1144
1145 hbinfo.param_hdr.type = SCTP_PARAM_HEARTBEAT_INFO;
1146 hbinfo.param_hdr.length = htons(sizeof(sctp_sender_hb_info_t));
1147 hbinfo.daddr = transport->ipaddr;
1148 hbinfo.sent_at = jiffies;
1149 hbinfo.hb_nonce = transport->hb_nonce;
1150
1151
1152
1153
1154 retval->transport = (struct sctp_transport *) transport;
1155 retval->subh.hbs_hdr = sctp_addto_chunk(retval, sizeof(hbinfo),
1156 &hbinfo);
1157
1158nodata:
1159 return retval;
1160}
1161
1162struct sctp_chunk *sctp_make_heartbeat_ack(const struct sctp_association *asoc,
1163 const struct sctp_chunk *chunk,
1164 const void *payload, const size_t paylen)
1165{
1166 struct sctp_chunk *retval;
1167
1168 retval = sctp_make_control(asoc, SCTP_CID_HEARTBEAT_ACK, 0, paylen);
1169 if (!retval)
1170 goto nodata;
1171
1172 retval->subh.hbs_hdr = sctp_addto_chunk(retval, paylen, payload);
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183 if (chunk)
1184 retval->transport = chunk->transport;
1185
1186nodata:
1187 return retval;
1188}
1189
1190
1191
1192
1193static struct sctp_chunk *sctp_make_op_error_space(
1194 const struct sctp_association *asoc,
1195 const struct sctp_chunk *chunk,
1196 size_t size)
1197{
1198 struct sctp_chunk *retval;
1199
1200 retval = sctp_make_control(asoc, SCTP_CID_ERROR, 0,
1201 sizeof(sctp_errhdr_t) + size);
1202 if (!retval)
1203 goto nodata;
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213 if (chunk)
1214 retval->transport = chunk->transport;
1215
1216nodata:
1217 return retval;
1218}
1219
1220
1221
1222
1223
1224
1225
1226static inline struct sctp_chunk *sctp_make_op_error_fixed(
1227 const struct sctp_association *asoc,
1228 const struct sctp_chunk *chunk)
1229{
1230 size_t size = asoc ? asoc->pathmtu : 0;
1231
1232 if (!size)
1233 size = SCTP_DEFAULT_MAXSEGMENT;
1234
1235 return sctp_make_op_error_space(asoc, chunk, size);
1236}
1237
1238
1239struct sctp_chunk *sctp_make_op_error(const struct sctp_association *asoc,
1240 const struct sctp_chunk *chunk,
1241 __be16 cause_code, const void *payload,
1242 size_t paylen, size_t reserve_tail)
1243{
1244 struct sctp_chunk *retval;
1245
1246 retval = sctp_make_op_error_space(asoc, chunk, paylen + reserve_tail);
1247 if (!retval)
1248 goto nodata;
1249
1250 sctp_init_cause(retval, cause_code, paylen + reserve_tail);
1251 sctp_addto_chunk(retval, paylen, payload);
1252 if (reserve_tail)
1253 sctp_addto_param(retval, reserve_tail, NULL);
1254
1255nodata:
1256 return retval;
1257}
1258
1259struct sctp_chunk *sctp_make_auth(const struct sctp_association *asoc)
1260{
1261 struct sctp_chunk *retval;
1262 struct sctp_hmac *hmac_desc;
1263 struct sctp_authhdr auth_hdr;
1264 __u8 *hmac;
1265
1266
1267 hmac_desc = sctp_auth_asoc_get_hmac(asoc);
1268 if (unlikely(!hmac_desc))
1269 return NULL;
1270
1271 retval = sctp_make_control(asoc, SCTP_CID_AUTH, 0,
1272 hmac_desc->hmac_len + sizeof(sctp_authhdr_t));
1273 if (!retval)
1274 return NULL;
1275
1276 auth_hdr.hmac_id = htons(hmac_desc->hmac_id);
1277 auth_hdr.shkey_id = htons(asoc->active_key_id);
1278
1279 retval->subh.auth_hdr = sctp_addto_chunk(retval, sizeof(sctp_authhdr_t),
1280 &auth_hdr);
1281
1282 hmac = skb_put(retval->skb, hmac_desc->hmac_len);
1283 memset(hmac, 0, hmac_desc->hmac_len);
1284
1285
1286 retval->chunk_hdr->length =
1287 htons(ntohs(retval->chunk_hdr->length) + hmac_desc->hmac_len);
1288 retval->chunk_end = skb_tail_pointer(retval->skb);
1289
1290 return retval;
1291}
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301struct sctp_chunk *sctp_chunkify(struct sk_buff *skb,
1302 const struct sctp_association *asoc,
1303 struct sock *sk)
1304{
1305 struct sctp_chunk *retval;
1306
1307 retval = kmem_cache_zalloc(sctp_chunk_cachep, GFP_ATOMIC);
1308
1309 if (!retval)
1310 goto nodata;
1311 if (!sk)
1312 pr_debug("%s: chunkifying skb:%p w/o an sk\n", __func__, skb);
1313
1314 INIT_LIST_HEAD(&retval->list);
1315 retval->skb = skb;
1316 retval->asoc = (struct sctp_association *)asoc;
1317 retval->has_tsn = 0;
1318 retval->has_ssn = 0;
1319 retval->rtt_in_progress = 0;
1320 retval->sent_at = 0;
1321 retval->singleton = 1;
1322 retval->end_of_packet = 0;
1323 retval->ecn_ce_done = 0;
1324 retval->pdiscard = 0;
1325
1326
1327
1328
1329
1330
1331
1332 retval->tsn_missing_report = 0;
1333 retval->tsn_gap_acked = 0;
1334 retval->fast_retransmit = SCTP_CAN_FRTX;
1335
1336
1337
1338
1339 retval->msg = NULL;
1340
1341
1342 INIT_LIST_HEAD(&retval->transmitted_list);
1343 INIT_LIST_HEAD(&retval->frag_list);
1344 SCTP_DBG_OBJCNT_INC(chunk);
1345 atomic_set(&retval->refcnt, 1);
1346
1347nodata:
1348 return retval;
1349}
1350
1351
1352void sctp_init_addrs(struct sctp_chunk *chunk, union sctp_addr *src,
1353 union sctp_addr *dest)
1354{
1355 memcpy(&chunk->source, src, sizeof(union sctp_addr));
1356 memcpy(&chunk->dest, dest, sizeof(union sctp_addr));
1357}
1358
1359
1360const union sctp_addr *sctp_source(const struct sctp_chunk *chunk)
1361{
1362
1363 if (chunk->transport) {
1364 return &chunk->transport->ipaddr;
1365 } else {
1366
1367 return &chunk->source;
1368 }
1369}
1370
1371
1372
1373
1374static struct sctp_chunk *_sctp_make_chunk(const struct sctp_association *asoc,
1375 __u8 type, __u8 flags, int paylen)
1376{
1377 struct sctp_chunk *retval;
1378 sctp_chunkhdr_t *chunk_hdr;
1379 struct sk_buff *skb;
1380 struct sock *sk;
1381
1382
1383 skb = alloc_skb(WORD_ROUND(sizeof(sctp_chunkhdr_t) + paylen),
1384 GFP_ATOMIC);
1385 if (!skb)
1386 goto nodata;
1387
1388
1389 chunk_hdr = (sctp_chunkhdr_t *)skb_put(skb, sizeof(sctp_chunkhdr_t));
1390 chunk_hdr->type = type;
1391 chunk_hdr->flags = flags;
1392 chunk_hdr->length = htons(sizeof(sctp_chunkhdr_t));
1393
1394 sk = asoc ? asoc->base.sk : NULL;
1395 retval = sctp_chunkify(skb, asoc, sk);
1396 if (!retval) {
1397 kfree_skb(skb);
1398 goto nodata;
1399 }
1400
1401 retval->chunk_hdr = chunk_hdr;
1402 retval->chunk_end = ((__u8 *)chunk_hdr) + sizeof(struct sctp_chunkhdr);
1403
1404
1405 if (sctp_auth_send_cid(type, asoc))
1406 retval->auth = 1;
1407
1408 return retval;
1409nodata:
1410 return NULL;
1411}
1412
1413static struct sctp_chunk *sctp_make_data(const struct sctp_association *asoc,
1414 __u8 flags, int paylen)
1415{
1416 return _sctp_make_chunk(asoc, SCTP_CID_DATA, flags, paylen);
1417}
1418
1419static struct sctp_chunk *sctp_make_control(const struct sctp_association *asoc,
1420 __u8 type, __u8 flags, int paylen)
1421{
1422 struct sctp_chunk *chunk = _sctp_make_chunk(asoc, type, flags, paylen);
1423
1424 if (chunk)
1425 sctp_control_set_owner_w(chunk);
1426
1427 return chunk;
1428}
1429
1430
1431static void sctp_chunk_destroy(struct sctp_chunk *chunk)
1432{
1433 BUG_ON(!list_empty(&chunk->list));
1434 list_del_init(&chunk->transmitted_list);
1435
1436
1437 dev_kfree_skb(chunk->skb);
1438
1439 SCTP_DBG_OBJCNT_DEC(chunk);
1440 kmem_cache_free(sctp_chunk_cachep, chunk);
1441}
1442
1443
1444void sctp_chunk_free(struct sctp_chunk *chunk)
1445{
1446
1447 if (chunk->msg)
1448 sctp_datamsg_put(chunk->msg);
1449
1450 sctp_chunk_put(chunk);
1451}
1452
1453
1454void sctp_chunk_hold(struct sctp_chunk *ch)
1455{
1456 atomic_inc(&ch->refcnt);
1457}
1458
1459
1460void sctp_chunk_put(struct sctp_chunk *ch)
1461{
1462 if (atomic_dec_and_test(&ch->refcnt))
1463 sctp_chunk_destroy(ch);
1464}
1465
1466
1467
1468
1469void *sctp_addto_chunk(struct sctp_chunk *chunk, int len, const void *data)
1470{
1471 void *target;
1472 void *padding;
1473 int chunklen = ntohs(chunk->chunk_hdr->length);
1474 int padlen = WORD_ROUND(chunklen) - chunklen;
1475
1476 padding = skb_put(chunk->skb, padlen);
1477 target = skb_put(chunk->skb, len);
1478
1479 memset(padding, 0, padlen);
1480 memcpy(target, data, len);
1481
1482
1483 chunk->chunk_hdr->length = htons(chunklen + padlen + len);
1484 chunk->chunk_end = skb_tail_pointer(chunk->skb);
1485
1486 return target;
1487}
1488
1489
1490
1491
1492void *sctp_addto_chunk_fixed(struct sctp_chunk *chunk,
1493 int len, const void *data)
1494{
1495 if (skb_tailroom(chunk->skb) >= len)
1496 return sctp_addto_chunk(chunk, len, data);
1497 else
1498 return NULL;
1499}
1500
1501
1502
1503
1504
1505int sctp_user_addto_chunk(struct sctp_chunk *chunk, int off, int len,
1506 struct iovec *data)
1507{
1508 __u8 *target;
1509 int err = 0;
1510
1511
1512 target = skb_put(chunk->skb, len);
1513
1514
1515 if ((err = memcpy_fromiovecend(target, data, off, len)))
1516 goto out;
1517
1518
1519 chunk->chunk_hdr->length =
1520 htons(ntohs(chunk->chunk_hdr->length) + len);
1521 chunk->chunk_end = skb_tail_pointer(chunk->skb);
1522
1523out:
1524 return err;
1525}
1526
1527
1528
1529
1530void sctp_chunk_assign_ssn(struct sctp_chunk *chunk)
1531{
1532 struct sctp_datamsg *msg;
1533 struct sctp_chunk *lchunk;
1534 struct sctp_stream *stream;
1535 __u16 ssn;
1536 __u16 sid;
1537
1538 if (chunk->has_ssn)
1539 return;
1540
1541
1542 sid = ntohs(chunk->subh.data_hdr->stream);
1543 stream = &chunk->asoc->ssnmap->out;
1544
1545
1546
1547
1548 msg = chunk->msg;
1549 list_for_each_entry(lchunk, &msg->chunks, frag_list) {
1550 if (lchunk->chunk_hdr->flags & SCTP_DATA_UNORDERED) {
1551 ssn = 0;
1552 } else {
1553 if (lchunk->chunk_hdr->flags & SCTP_DATA_LAST_FRAG)
1554 ssn = sctp_ssn_next(stream, sid);
1555 else
1556 ssn = sctp_ssn_peek(stream, sid);
1557 }
1558
1559 lchunk->subh.data_hdr->ssn = htons(ssn);
1560 lchunk->has_ssn = 1;
1561 }
1562}
1563
1564
1565
1566
1567void sctp_chunk_assign_tsn(struct sctp_chunk *chunk)
1568{
1569 if (!chunk->has_tsn) {
1570
1571
1572
1573 chunk->subh.data_hdr->tsn =
1574 htonl(sctp_association_get_next_tsn(chunk->asoc));
1575 chunk->has_tsn = 1;
1576 }
1577}
1578
1579
1580struct sctp_association *sctp_make_temp_asoc(const struct sctp_endpoint *ep,
1581 struct sctp_chunk *chunk,
1582 gfp_t gfp)
1583{
1584 struct sctp_association *asoc;
1585 struct sk_buff *skb;
1586 sctp_scope_t scope;
1587 struct sctp_af *af;
1588
1589
1590 scope = sctp_scope(sctp_source(chunk));
1591 asoc = sctp_association_new(ep, ep->base.sk, scope, gfp);
1592 if (!asoc)
1593 goto nodata;
1594 asoc->temp = 1;
1595 skb = chunk->skb;
1596
1597 af = sctp_get_af_specific(ipver2af(ip_hdr(skb)->version));
1598 if (unlikely(!af))
1599 goto fail;
1600 af->from_skb(&asoc->c.peer_addr, skb, 1);
1601nodata:
1602 return asoc;
1603
1604fail:
1605 sctp_association_free(asoc);
1606 return NULL;
1607}
1608
1609
1610
1611
1612static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep,
1613 const struct sctp_association *asoc,
1614 const struct sctp_chunk *init_chunk,
1615 int *cookie_len,
1616 const __u8 *raw_addrs, int addrs_len)
1617{
1618 sctp_cookie_param_t *retval;
1619 struct sctp_signed_cookie *cookie;
1620 struct scatterlist sg;
1621 int headersize, bodysize;
1622
1623
1624
1625
1626 headersize = sizeof(sctp_paramhdr_t) +
1627 (sizeof(struct sctp_signed_cookie) -
1628 sizeof(struct sctp_cookie));
1629 bodysize = sizeof(struct sctp_cookie)
1630 + ntohs(init_chunk->chunk_hdr->length) + addrs_len;
1631
1632
1633
1634
1635 if (bodysize % SCTP_COOKIE_MULTIPLE)
1636 bodysize += SCTP_COOKIE_MULTIPLE
1637 - (bodysize % SCTP_COOKIE_MULTIPLE);
1638 *cookie_len = headersize + bodysize;
1639
1640
1641
1642
1643 retval = kzalloc(*cookie_len, GFP_ATOMIC);
1644 if (!retval)
1645 goto nodata;
1646
1647 cookie = (struct sctp_signed_cookie *) retval->body;
1648
1649
1650 retval->p.type = SCTP_PARAM_STATE_COOKIE;
1651 retval->p.length = htons(*cookie_len);
1652
1653
1654 cookie->c = asoc->c;
1655
1656 cookie->c.raw_addr_list_len = addrs_len;
1657
1658
1659 cookie->c.prsctp_capable = asoc->peer.prsctp_capable;
1660
1661
1662 cookie->c.adaptation_ind = asoc->peer.adaptation_ind;
1663
1664
1665 cookie->c.expiration = ktime_add(asoc->cookie_life,
1666 ktime_get());
1667
1668
1669 memcpy(&cookie->c.peer_init[0], init_chunk->chunk_hdr,
1670 ntohs(init_chunk->chunk_hdr->length));
1671
1672
1673 memcpy((__u8 *)&cookie->c.peer_init[0] +
1674 ntohs(init_chunk->chunk_hdr->length), raw_addrs, addrs_len);
1675
1676 if (sctp_sk(ep->base.sk)->hmac) {
1677 struct hash_desc desc;
1678
1679
1680 sg_init_one(&sg, &cookie->c, bodysize);
1681 desc.tfm = sctp_sk(ep->base.sk)->hmac;
1682 desc.flags = 0;
1683
1684 if (crypto_hash_setkey(desc.tfm, ep->secret_key,
1685 sizeof(ep->secret_key)) ||
1686 crypto_hash_digest(&desc, &sg, bodysize, cookie->signature))
1687 goto free_cookie;
1688 }
1689
1690 return retval;
1691
1692free_cookie:
1693 kfree(retval);
1694nodata:
1695 *cookie_len = 0;
1696 return NULL;
1697}
1698
1699
1700struct sctp_association *sctp_unpack_cookie(
1701 const struct sctp_endpoint *ep,
1702 const struct sctp_association *asoc,
1703 struct sctp_chunk *chunk, gfp_t gfp,
1704 int *error, struct sctp_chunk **errp)
1705{
1706 struct sctp_association *retval = NULL;
1707 struct sctp_signed_cookie *cookie;
1708 struct sctp_cookie *bear_cookie;
1709 int headersize, bodysize, fixed_size;
1710 __u8 *digest = ep->digest;
1711 struct scatterlist sg;
1712 unsigned int len;
1713 sctp_scope_t scope;
1714 struct sk_buff *skb = chunk->skb;
1715 ktime_t kt;
1716 struct hash_desc desc;
1717
1718
1719
1720
1721 headersize = sizeof(sctp_chunkhdr_t) +
1722 (sizeof(struct sctp_signed_cookie) -
1723 sizeof(struct sctp_cookie));
1724 bodysize = ntohs(chunk->chunk_hdr->length) - headersize;
1725 fixed_size = headersize + sizeof(struct sctp_cookie);
1726
1727
1728
1729
1730
1731 len = ntohs(chunk->chunk_hdr->length);
1732 if (len < fixed_size + sizeof(struct sctp_chunkhdr))
1733 goto malformed;
1734
1735
1736 if (bodysize % SCTP_COOKIE_MULTIPLE)
1737 goto malformed;
1738
1739
1740 cookie = chunk->subh.cookie_hdr;
1741 bear_cookie = &cookie->c;
1742
1743 if (!sctp_sk(ep->base.sk)->hmac)
1744 goto no_hmac;
1745
1746
1747 sg_init_one(&sg, bear_cookie, bodysize);
1748 desc.tfm = sctp_sk(ep->base.sk)->hmac;
1749 desc.flags = 0;
1750
1751 memset(digest, 0x00, SCTP_SIGNATURE_SIZE);
1752 if (crypto_hash_setkey(desc.tfm, ep->secret_key,
1753 sizeof(ep->secret_key)) ||
1754 crypto_hash_digest(&desc, &sg, bodysize, digest)) {
1755 *error = -SCTP_IERROR_NOMEM;
1756 goto fail;
1757 }
1758
1759 if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {
1760 *error = -SCTP_IERROR_BAD_SIG;
1761 goto fail;
1762 }
1763
1764no_hmac:
1765
1766
1767
1768
1769
1770
1771
1772 if (ntohl(chunk->sctp_hdr->vtag) != bear_cookie->my_vtag) {
1773 *error = -SCTP_IERROR_BAD_TAG;
1774 goto fail;
1775 }
1776
1777 if (chunk->sctp_hdr->source != bear_cookie->peer_addr.v4.sin_port ||
1778 ntohs(chunk->sctp_hdr->dest) != bear_cookie->my_port) {
1779 *error = -SCTP_IERROR_BAD_PORTS;
1780 goto fail;
1781 }
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791 if (sock_flag(ep->base.sk, SOCK_TIMESTAMP))
1792 kt = skb_get_ktime(skb);
1793 else
1794 kt = ktime_get();
1795
1796 if (!asoc && ktime_compare(bear_cookie->expiration, kt) < 0) {
1797
1798
1799
1800
1801
1802
1803
1804
1805 len = ntohs(chunk->chunk_hdr->length);
1806 *errp = sctp_make_op_error_space(asoc, chunk, len);
1807 if (*errp) {
1808 suseconds_t usecs = ktime_to_us(ktime_sub(kt, bear_cookie->expiration));
1809 __be32 n = htonl(usecs);
1810
1811 sctp_init_cause(*errp, SCTP_ERROR_STALE_COOKIE,
1812 sizeof(n));
1813 sctp_addto_chunk(*errp, sizeof(n), &n);
1814 *error = -SCTP_IERROR_STALE_COOKIE;
1815 } else
1816 *error = -SCTP_IERROR_NOMEM;
1817
1818 goto fail;
1819 }
1820
1821
1822 scope = sctp_scope(sctp_source(chunk));
1823 retval = sctp_association_new(ep, ep->base.sk, scope, gfp);
1824 if (!retval) {
1825 *error = -SCTP_IERROR_NOMEM;
1826 goto fail;
1827 }
1828
1829
1830 retval->peer.port = ntohs(chunk->sctp_hdr->source);
1831
1832
1833 memcpy(&retval->c, bear_cookie, sizeof(*bear_cookie));
1834
1835 if (sctp_assoc_set_bind_addr_from_cookie(retval, bear_cookie,
1836 GFP_ATOMIC) < 0) {
1837 *error = -SCTP_IERROR_NOMEM;
1838 goto fail;
1839 }
1840
1841
1842 if (list_empty(&retval->base.bind_addr.address_list)) {
1843 sctp_add_bind_addr(&retval->base.bind_addr, &chunk->dest,
1844 SCTP_ADDR_SRC, GFP_ATOMIC);
1845 }
1846
1847 retval->next_tsn = retval->c.initial_tsn;
1848 retval->ctsn_ack_point = retval->next_tsn - 1;
1849 retval->addip_serial = retval->c.initial_tsn;
1850 retval->adv_peer_ack_point = retval->ctsn_ack_point;
1851 retval->peer.prsctp_capable = retval->c.prsctp_capable;
1852 retval->peer.adaptation_ind = retval->c.adaptation_ind;
1853
1854
1855 return retval;
1856
1857fail:
1858 if (retval)
1859 sctp_association_free(retval);
1860
1861 return NULL;
1862
1863malformed:
1864
1865
1866
1867 *error = -SCTP_IERROR_MALFORMED;
1868 goto fail;
1869}
1870
1871
1872
1873
1874
1875struct __sctp_missing {
1876 __be32 num_missing;
1877 __be16 type;
1878} __packed;
1879
1880
1881
1882
1883static int sctp_process_missing_param(const struct sctp_association *asoc,
1884 sctp_param_t paramtype,
1885 struct sctp_chunk *chunk,
1886 struct sctp_chunk **errp)
1887{
1888 struct __sctp_missing report;
1889 __u16 len;
1890
1891 len = WORD_ROUND(sizeof(report));
1892
1893
1894
1895
1896 if (!*errp)
1897 *errp = sctp_make_op_error_space(asoc, chunk, len);
1898
1899 if (*errp) {
1900 report.num_missing = htonl(1);
1901 report.type = paramtype;
1902 sctp_init_cause(*errp, SCTP_ERROR_MISS_PARAM,
1903 sizeof(report));
1904 sctp_addto_chunk(*errp, sizeof(report), &report);
1905 }
1906
1907
1908 return 0;
1909}
1910
1911
1912static int sctp_process_inv_mandatory(const struct sctp_association *asoc,
1913 struct sctp_chunk *chunk,
1914 struct sctp_chunk **errp)
1915{
1916
1917
1918 if (!*errp)
1919 *errp = sctp_make_op_error_space(asoc, chunk, 0);
1920
1921 if (*errp)
1922 sctp_init_cause(*errp, SCTP_ERROR_INV_PARAM, 0);
1923
1924
1925 return 0;
1926}
1927
1928static int sctp_process_inv_paramlength(const struct sctp_association *asoc,
1929 struct sctp_paramhdr *param,
1930 const struct sctp_chunk *chunk,
1931 struct sctp_chunk **errp)
1932{
1933
1934
1935
1936 if (*errp)
1937 sctp_chunk_free(*errp);
1938
1939
1940 *errp = sctp_make_violation_paramlen(asoc, chunk, param);
1941
1942 return 0;
1943}
1944
1945
1946
1947
1948
1949static int sctp_process_hn_param(const struct sctp_association *asoc,
1950 union sctp_params param,
1951 struct sctp_chunk *chunk,
1952 struct sctp_chunk **errp)
1953{
1954 __u16 len = ntohs(param.p->length);
1955
1956
1957
1958
1959
1960
1961 if (*errp)
1962 sctp_chunk_free(*errp);
1963
1964 *errp = sctp_make_op_error_space(asoc, chunk, len);
1965
1966 if (*errp) {
1967 sctp_init_cause(*errp, SCTP_ERROR_DNS_FAILED, len);
1968 sctp_addto_chunk(*errp, len, param.v);
1969 }
1970
1971
1972 return 0;
1973}
1974
1975static int sctp_verify_ext_param(struct net *net, union sctp_params param)
1976{
1977 __u16 num_ext = ntohs(param.p->length) - sizeof(sctp_paramhdr_t);
1978 int have_auth = 0;
1979 int have_asconf = 0;
1980 int i;
1981
1982 for (i = 0; i < num_ext; i++) {
1983 switch (param.ext->chunks[i]) {
1984 case SCTP_CID_AUTH:
1985 have_auth = 1;
1986 break;
1987 case SCTP_CID_ASCONF:
1988 case SCTP_CID_ASCONF_ACK:
1989 have_asconf = 1;
1990 break;
1991 }
1992 }
1993
1994
1995
1996
1997
1998
1999 if (net->sctp.addip_noauth)
2000 return 1;
2001
2002 if (net->sctp.addip_enable && !have_auth && have_asconf)
2003 return 0;
2004
2005 return 1;
2006}
2007
2008static void sctp_process_ext_param(struct sctp_association *asoc,
2009 union sctp_params param)
2010{
2011 struct net *net = sock_net(asoc->base.sk);
2012 __u16 num_ext = ntohs(param.p->length) - sizeof(sctp_paramhdr_t);
2013 int i;
2014
2015 for (i = 0; i < num_ext; i++) {
2016 switch (param.ext->chunks[i]) {
2017 case SCTP_CID_FWD_TSN:
2018 if (net->sctp.prsctp_enable &&
2019 !asoc->peer.prsctp_capable)
2020 asoc->peer.prsctp_capable = 1;
2021 break;
2022 case SCTP_CID_AUTH:
2023
2024
2025
2026 if (net->sctp.auth_enable)
2027 asoc->peer.auth_capable = 1;
2028 break;
2029 case SCTP_CID_ASCONF:
2030 case SCTP_CID_ASCONF_ACK:
2031 if (net->sctp.addip_enable)
2032 asoc->peer.asconf_capable = 1;
2033 break;
2034 default:
2035 break;
2036 }
2037 }
2038}
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065static sctp_ierror_t sctp_process_unk_param(const struct sctp_association *asoc,
2066 union sctp_params param,
2067 struct sctp_chunk *chunk,
2068 struct sctp_chunk **errp)
2069{
2070 int retval = SCTP_IERROR_NO_ERROR;
2071
2072 switch (param.p->type & SCTP_PARAM_ACTION_MASK) {
2073 case SCTP_PARAM_ACTION_DISCARD:
2074 retval = SCTP_IERROR_ERROR;
2075 break;
2076 case SCTP_PARAM_ACTION_SKIP:
2077 break;
2078 case SCTP_PARAM_ACTION_DISCARD_ERR:
2079 retval = SCTP_IERROR_ERROR;
2080
2081 case SCTP_PARAM_ACTION_SKIP_ERR:
2082
2083
2084
2085 if (NULL == *errp)
2086 *errp = sctp_make_op_error_fixed(asoc, chunk);
2087
2088 if (*errp) {
2089 if (!sctp_init_cause_fixed(*errp, SCTP_ERROR_UNKNOWN_PARAM,
2090 WORD_ROUND(ntohs(param.p->length))))
2091 sctp_addto_chunk_fixed(*errp,
2092 WORD_ROUND(ntohs(param.p->length)),
2093 param.v);
2094 } else {
2095
2096
2097
2098
2099
2100 retval = SCTP_IERROR_NOMEM;
2101 }
2102 break;
2103 default:
2104 break;
2105 }
2106
2107 return retval;
2108}
2109
2110
2111
2112
2113
2114
2115
2116
2117static sctp_ierror_t sctp_verify_param(struct net *net,
2118 const struct sctp_association *asoc,
2119 union sctp_params param,
2120 sctp_cid_t cid,
2121 struct sctp_chunk *chunk,
2122 struct sctp_chunk **err_chunk)
2123{
2124 struct sctp_hmac_algo_param *hmacs;
2125 int retval = SCTP_IERROR_NO_ERROR;
2126 __u16 n_elt, id = 0;
2127 int i;
2128
2129
2130
2131
2132
2133
2134 switch (param.p->type) {
2135 case SCTP_PARAM_IPV4_ADDRESS:
2136 case SCTP_PARAM_IPV6_ADDRESS:
2137 case SCTP_PARAM_COOKIE_PRESERVATIVE:
2138 case SCTP_PARAM_SUPPORTED_ADDRESS_TYPES:
2139 case SCTP_PARAM_STATE_COOKIE:
2140 case SCTP_PARAM_HEARTBEAT_INFO:
2141 case SCTP_PARAM_UNRECOGNIZED_PARAMETERS:
2142 case SCTP_PARAM_ECN_CAPABLE:
2143 case SCTP_PARAM_ADAPTATION_LAYER_IND:
2144 break;
2145
2146 case SCTP_PARAM_SUPPORTED_EXT:
2147 if (!sctp_verify_ext_param(net, param))
2148 return SCTP_IERROR_ABORT;
2149 break;
2150
2151 case SCTP_PARAM_SET_PRIMARY:
2152 if (net->sctp.addip_enable)
2153 break;
2154 goto fallthrough;
2155
2156 case SCTP_PARAM_HOST_NAME_ADDRESS:
2157
2158 sctp_process_hn_param(asoc, param, chunk, err_chunk);
2159 retval = SCTP_IERROR_ABORT;
2160 break;
2161
2162 case SCTP_PARAM_FWD_TSN_SUPPORT:
2163 if (net->sctp.prsctp_enable)
2164 break;
2165 goto fallthrough;
2166
2167 case SCTP_PARAM_RANDOM:
2168 if (!net->sctp.auth_enable)
2169 goto fallthrough;
2170
2171
2172
2173
2174
2175
2176 if (SCTP_AUTH_RANDOM_LENGTH !=
2177 ntohs(param.p->length) - sizeof(sctp_paramhdr_t)) {
2178 sctp_process_inv_paramlength(asoc, param.p,
2179 chunk, err_chunk);
2180 retval = SCTP_IERROR_ABORT;
2181 }
2182 break;
2183
2184 case SCTP_PARAM_CHUNKS:
2185 if (!net->sctp.auth_enable)
2186 goto fallthrough;
2187
2188
2189
2190
2191
2192
2193 if (260 < ntohs(param.p->length)) {
2194 sctp_process_inv_paramlength(asoc, param.p,
2195 chunk, err_chunk);
2196 retval = SCTP_IERROR_ABORT;
2197 }
2198 break;
2199
2200 case SCTP_PARAM_HMAC_ALGO:
2201 if (!net->sctp.auth_enable)
2202 goto fallthrough;
2203
2204 hmacs = (struct sctp_hmac_algo_param *)param.p;
2205 n_elt = (ntohs(param.p->length) - sizeof(sctp_paramhdr_t)) >> 1;
2206
2207
2208
2209
2210
2211 for (i = 0; i < n_elt; i++) {
2212 id = ntohs(hmacs->hmac_ids[i]);
2213
2214 if (id == SCTP_AUTH_HMAC_ID_SHA1)
2215 break;
2216 }
2217
2218 if (id != SCTP_AUTH_HMAC_ID_SHA1) {
2219 sctp_process_inv_paramlength(asoc, param.p, chunk,
2220 err_chunk);
2221 retval = SCTP_IERROR_ABORT;
2222 }
2223 break;
2224fallthrough:
2225 default:
2226 pr_debug("%s: unrecognized param:%d for chunk:%d\n",
2227 __func__, ntohs(param.p->type), cid);
2228
2229 retval = sctp_process_unk_param(asoc, param, chunk, err_chunk);
2230 break;
2231 }
2232 return retval;
2233}
2234
2235
2236int sctp_verify_init(struct net *net, const struct sctp_association *asoc,
2237 sctp_cid_t cid,
2238 sctp_init_chunk_t *peer_init,
2239 struct sctp_chunk *chunk,
2240 struct sctp_chunk **errp)
2241{
2242 union sctp_params param;
2243 bool has_cookie = false;
2244 int result;
2245
2246
2247
2248
2249
2250 if (peer_init->init_hdr.num_outbound_streams == 0 ||
2251 peer_init->init_hdr.num_inbound_streams == 0 ||
2252 peer_init->init_hdr.init_tag == 0 ||
2253 ntohl(peer_init->init_hdr.a_rwnd) < SCTP_DEFAULT_MINWINDOW)
2254 return sctp_process_inv_mandatory(asoc, chunk, errp);
2255
2256 sctp_walk_params(param, peer_init, init_hdr.params) {
2257 if (param.p->type == SCTP_PARAM_STATE_COOKIE)
2258 has_cookie = true;
2259 }
2260
2261
2262
2263
2264
2265
2266
2267
2268 if (param.v != (void*)chunk->chunk_end)
2269 return sctp_process_inv_paramlength(asoc, param.p, chunk, errp);
2270
2271
2272
2273
2274 if ((SCTP_CID_INIT_ACK == cid) && !has_cookie)
2275 return sctp_process_missing_param(asoc, SCTP_PARAM_STATE_COOKIE,
2276 chunk, errp);
2277
2278
2279 sctp_walk_params(param, peer_init, init_hdr.params) {
2280
2281 result = sctp_verify_param(net, asoc, param, cid, chunk, errp);
2282 switch (result) {
2283 case SCTP_IERROR_ABORT:
2284 case SCTP_IERROR_NOMEM:
2285 return 0;
2286 case SCTP_IERROR_ERROR:
2287 return 1;
2288 case SCTP_IERROR_NO_ERROR:
2289 default:
2290 break;
2291 }
2292
2293 }
2294
2295 return 1;
2296}
2297
2298
2299
2300
2301
2302int sctp_process_init(struct sctp_association *asoc, struct sctp_chunk *chunk,
2303 const union sctp_addr *peer_addr,
2304 sctp_init_chunk_t *peer_init, gfp_t gfp)
2305{
2306 struct net *net = sock_net(asoc->base.sk);
2307 union sctp_params param;
2308 struct sctp_transport *transport;
2309 struct list_head *pos, *temp;
2310 struct sctp_af *af;
2311 union sctp_addr addr;
2312 char *cookie;
2313 int src_match = 0;
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325 if(!sctp_assoc_add_peer(asoc, peer_addr, gfp, SCTP_ACTIVE))
2326 goto nomem;
2327
2328 if (sctp_cmp_addr_exact(sctp_source(chunk), peer_addr))
2329 src_match = 1;
2330
2331
2332 sctp_walk_params(param, peer_init, init_hdr.params) {
2333 if (!src_match && (param.p->type == SCTP_PARAM_IPV4_ADDRESS ||
2334 param.p->type == SCTP_PARAM_IPV6_ADDRESS)) {
2335 af = sctp_get_af_specific(param_type2af(param.p->type));
2336 af->from_addr_param(&addr, param.addr,
2337 chunk->sctp_hdr->source, 0);
2338 if (sctp_cmp_addr_exact(sctp_source(chunk), &addr))
2339 src_match = 1;
2340 }
2341
2342 if (!sctp_process_param(asoc, param, peer_addr, gfp))
2343 goto clean_up;
2344 }
2345
2346
2347 if (!src_match)
2348 goto clean_up;
2349
2350
2351
2352
2353 if (asoc->peer.auth_capable && (!asoc->peer.peer_random ||
2354 !asoc->peer.peer_hmacs))
2355 asoc->peer.auth_capable = 0;
2356
2357
2358
2359
2360
2361
2362
2363 if (!net->sctp.addip_noauth &&
2364 (asoc->peer.asconf_capable && !asoc->peer.auth_capable)) {
2365 asoc->peer.addip_disabled_mask |= (SCTP_PARAM_ADD_IP |
2366 SCTP_PARAM_DEL_IP |
2367 SCTP_PARAM_SET_PRIMARY);
2368 asoc->peer.asconf_capable = 0;
2369 goto clean_up;
2370 }
2371
2372
2373 list_for_each_safe(pos, temp, &asoc->peer.transport_addr_list) {
2374 transport = list_entry(pos, struct sctp_transport, transports);
2375 if (transport->state == SCTP_UNKNOWN) {
2376 sctp_assoc_rm_peer(asoc, transport);
2377 }
2378 }
2379
2380
2381
2382
2383 asoc->peer.i.init_tag =
2384 ntohl(peer_init->init_hdr.init_tag);
2385 asoc->peer.i.a_rwnd =
2386 ntohl(peer_init->init_hdr.a_rwnd);
2387 asoc->peer.i.num_outbound_streams =
2388 ntohs(peer_init->init_hdr.num_outbound_streams);
2389 asoc->peer.i.num_inbound_streams =
2390 ntohs(peer_init->init_hdr.num_inbound_streams);
2391 asoc->peer.i.initial_tsn =
2392 ntohl(peer_init->init_hdr.initial_tsn);
2393
2394
2395
2396
2397 if (asoc->c.sinit_num_ostreams >
2398 ntohs(peer_init->init_hdr.num_inbound_streams)) {
2399 asoc->c.sinit_num_ostreams =
2400 ntohs(peer_init->init_hdr.num_inbound_streams);
2401 }
2402
2403 if (asoc->c.sinit_max_instreams >
2404 ntohs(peer_init->init_hdr.num_outbound_streams)) {
2405 asoc->c.sinit_max_instreams =
2406 ntohs(peer_init->init_hdr.num_outbound_streams);
2407 }
2408
2409
2410 asoc->c.peer_vtag = asoc->peer.i.init_tag;
2411
2412
2413 asoc->peer.rwnd = asoc->peer.i.a_rwnd;
2414
2415
2416 cookie = asoc->peer.cookie;
2417 if (cookie) {
2418 asoc->peer.cookie = kmemdup(cookie, asoc->peer.cookie_len, gfp);
2419 if (!asoc->peer.cookie)
2420 goto clean_up;
2421 }
2422
2423
2424
2425
2426
2427 list_for_each_entry(transport, &asoc->peer.transport_addr_list,
2428 transports) {
2429 transport->ssthresh = asoc->peer.i.a_rwnd;
2430 }
2431
2432
2433 if (!sctp_tsnmap_init(&asoc->peer.tsn_map, SCTP_TSN_MAP_INITIAL,
2434 asoc->peer.i.initial_tsn, gfp))
2435 goto clean_up;
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448 if (!asoc->temp) {
2449 int error;
2450
2451 asoc->ssnmap = sctp_ssnmap_new(asoc->c.sinit_max_instreams,
2452 asoc->c.sinit_num_ostreams, gfp);
2453 if (!asoc->ssnmap)
2454 goto clean_up;
2455
2456 error = sctp_assoc_set_id(asoc, gfp);
2457 if (error)
2458 goto clean_up;
2459 }
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471 asoc->peer.addip_serial = asoc->peer.i.initial_tsn - 1;
2472 return 1;
2473
2474clean_up:
2475
2476 list_for_each_safe(pos, temp, &asoc->peer.transport_addr_list) {
2477 transport = list_entry(pos, struct sctp_transport, transports);
2478 if (transport->state != SCTP_ACTIVE)
2479 sctp_assoc_rm_peer(asoc, transport);
2480 }
2481
2482nomem:
2483 return 0;
2484}
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498static int sctp_process_param(struct sctp_association *asoc,
2499 union sctp_params param,
2500 const union sctp_addr *peer_addr,
2501 gfp_t gfp)
2502{
2503 struct net *net = sock_net(asoc->base.sk);
2504 union sctp_addr addr;
2505 int i;
2506 __u16 sat;
2507 int retval = 1;
2508 sctp_scope_t scope;
2509 time_t stale;
2510 struct sctp_af *af;
2511 union sctp_addr_param *addr_param;
2512 struct sctp_transport *t;
2513
2514
2515
2516
2517
2518 switch (param.p->type) {
2519 case SCTP_PARAM_IPV6_ADDRESS:
2520 if (PF_INET6 != asoc->base.sk->sk_family)
2521 break;
2522 goto do_addr_param;
2523
2524 case SCTP_PARAM_IPV4_ADDRESS:
2525
2526 if (ipv6_only_sock(asoc->base.sk))
2527 break;
2528do_addr_param:
2529 af = sctp_get_af_specific(param_type2af(param.p->type));
2530 af->from_addr_param(&addr, param.addr, htons(asoc->peer.port), 0);
2531 scope = sctp_scope(peer_addr);
2532 if (sctp_in_scope(net, &addr, scope))
2533 if (!sctp_assoc_add_peer(asoc, &addr, gfp, SCTP_UNCONFIRMED))
2534 return 0;
2535 break;
2536
2537 case SCTP_PARAM_COOKIE_PRESERVATIVE:
2538 if (!net->sctp.cookie_preserve_enable)
2539 break;
2540
2541 stale = ntohl(param.life->lifespan_increment);
2542
2543
2544
2545
2546 asoc->cookie_life = ktime_add_ms(asoc->cookie_life, stale);
2547 break;
2548
2549 case SCTP_PARAM_HOST_NAME_ADDRESS:
2550 pr_debug("%s: unimplemented SCTP_HOST_NAME_ADDRESS\n", __func__);
2551 break;
2552
2553 case SCTP_PARAM_SUPPORTED_ADDRESS_TYPES:
2554
2555
2556
2557 asoc->peer.ipv4_address = 0;
2558 asoc->peer.ipv6_address = 0;
2559
2560
2561
2562
2563 if (peer_addr->sa.sa_family == AF_INET6)
2564 asoc->peer.ipv6_address = 1;
2565 else if (peer_addr->sa.sa_family == AF_INET)
2566 asoc->peer.ipv4_address = 1;
2567
2568
2569 sat = ntohs(param.p->length) - sizeof(sctp_paramhdr_t);
2570 if (sat)
2571 sat /= sizeof(__u16);
2572
2573 for (i = 0; i < sat; ++i) {
2574 switch (param.sat->types[i]) {
2575 case SCTP_PARAM_IPV4_ADDRESS:
2576 asoc->peer.ipv4_address = 1;
2577 break;
2578
2579 case SCTP_PARAM_IPV6_ADDRESS:
2580 if (PF_INET6 == asoc->base.sk->sk_family)
2581 asoc->peer.ipv6_address = 1;
2582 break;
2583
2584 case SCTP_PARAM_HOST_NAME_ADDRESS:
2585 asoc->peer.hostname_address = 1;
2586 break;
2587
2588 default:
2589 break;
2590 }
2591 }
2592 break;
2593
2594 case SCTP_PARAM_STATE_COOKIE:
2595 asoc->peer.cookie_len =
2596 ntohs(param.p->length) - sizeof(sctp_paramhdr_t);
2597 asoc->peer.cookie = param.cookie->body;
2598 break;
2599
2600 case SCTP_PARAM_HEARTBEAT_INFO:
2601
2602 break;
2603
2604 case SCTP_PARAM_UNRECOGNIZED_PARAMETERS:
2605
2606 break;
2607
2608 case SCTP_PARAM_ECN_CAPABLE:
2609 asoc->peer.ecn_capable = 1;
2610 break;
2611
2612 case SCTP_PARAM_ADAPTATION_LAYER_IND:
2613 asoc->peer.adaptation_ind = ntohl(param.aind->adaptation_ind);
2614 break;
2615
2616 case SCTP_PARAM_SET_PRIMARY:
2617 if (!net->sctp.addip_enable)
2618 goto fall_through;
2619
2620 addr_param = param.v + sizeof(sctp_addip_param_t);
2621
2622 af = sctp_get_af_specific(param_type2af(param.p->type));
2623 af->from_addr_param(&addr, addr_param,
2624 htons(asoc->peer.port), 0);
2625
2626
2627
2628
2629 if (!af->addr_valid(&addr, NULL, NULL))
2630 break;
2631
2632 t = sctp_assoc_lookup_paddr(asoc, &addr);
2633 if (!t)
2634 break;
2635
2636 sctp_assoc_set_primary(asoc, t);
2637 break;
2638
2639 case SCTP_PARAM_SUPPORTED_EXT:
2640 sctp_process_ext_param(asoc, param);
2641 break;
2642
2643 case SCTP_PARAM_FWD_TSN_SUPPORT:
2644 if (net->sctp.prsctp_enable) {
2645 asoc->peer.prsctp_capable = 1;
2646 break;
2647 }
2648
2649 goto fall_through;
2650
2651 case SCTP_PARAM_RANDOM:
2652 if (!net->sctp.auth_enable)
2653 goto fall_through;
2654
2655
2656 asoc->peer.peer_random = kmemdup(param.p,
2657 ntohs(param.p->length), gfp);
2658 if (!asoc->peer.peer_random) {
2659 retval = 0;
2660 break;
2661 }
2662 break;
2663
2664 case SCTP_PARAM_HMAC_ALGO:
2665 if (!net->sctp.auth_enable)
2666 goto fall_through;
2667
2668
2669 asoc->peer.peer_hmacs = kmemdup(param.p,
2670 ntohs(param.p->length), gfp);
2671 if (!asoc->peer.peer_hmacs) {
2672 retval = 0;
2673 break;
2674 }
2675
2676
2677 sctp_auth_asoc_set_default_hmac(asoc, param.hmac_algo);
2678 break;
2679
2680 case SCTP_PARAM_CHUNKS:
2681 if (!net->sctp.auth_enable)
2682 goto fall_through;
2683
2684 asoc->peer.peer_chunks = kmemdup(param.p,
2685 ntohs(param.p->length), gfp);
2686 if (!asoc->peer.peer_chunks)
2687 retval = 0;
2688 break;
2689fall_through:
2690 default:
2691
2692
2693
2694
2695
2696 pr_debug("%s: ignoring param:%d for association:%p.\n",
2697 __func__, ntohs(param.p->type), asoc);
2698 break;
2699 }
2700
2701 return retval;
2702}
2703
2704
2705__u32 sctp_generate_tag(const struct sctp_endpoint *ep)
2706{
2707
2708
2709
2710 __u32 x;
2711
2712 do {
2713 get_random_bytes(&x, sizeof(__u32));
2714 } while (x == 0);
2715
2716 return x;
2717}
2718
2719
2720__u32 sctp_generate_tsn(const struct sctp_endpoint *ep)
2721{
2722 __u32 retval;
2723
2724 get_random_bytes(&retval, sizeof(__u32));
2725 return retval;
2726}
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750static struct sctp_chunk *sctp_make_asconf(struct sctp_association *asoc,
2751 union sctp_addr *addr,
2752 int vparam_len)
2753{
2754 sctp_addiphdr_t asconf;
2755 struct sctp_chunk *retval;
2756 int length = sizeof(asconf) + vparam_len;
2757 union sctp_addr_param addrparam;
2758 int addrlen;
2759 struct sctp_af *af = sctp_get_af_specific(addr->v4.sin_family);
2760
2761 addrlen = af->to_addr_param(addr, &addrparam);
2762 if (!addrlen)
2763 return NULL;
2764 length += addrlen;
2765
2766
2767 retval = sctp_make_control(asoc, SCTP_CID_ASCONF, 0, length);
2768 if (!retval)
2769 return NULL;
2770
2771 asconf.serial = htonl(asoc->addip_serial++);
2772
2773 retval->subh.addip_hdr =
2774 sctp_addto_chunk(retval, sizeof(asconf), &asconf);
2775 retval->param_hdr.v =
2776 sctp_addto_chunk(retval, addrlen, &addrparam);
2777
2778 return retval;
2779}
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805struct sctp_chunk *sctp_make_asconf_update_ip(struct sctp_association *asoc,
2806 union sctp_addr *laddr,
2807 struct sockaddr *addrs,
2808 int addrcnt,
2809 __be16 flags)
2810{
2811 sctp_addip_param_t param;
2812 struct sctp_chunk *retval;
2813 union sctp_addr_param addr_param;
2814 union sctp_addr *addr;
2815 void *addr_buf;
2816 struct sctp_af *af;
2817 int paramlen = sizeof(param);
2818 int addr_param_len = 0;
2819 int totallen = 0;
2820 int i;
2821 int del_pickup = 0;
2822
2823
2824 addr_buf = addrs;
2825 for (i = 0; i < addrcnt; i++) {
2826 addr = addr_buf;
2827 af = sctp_get_af_specific(addr->v4.sin_family);
2828 addr_param_len = af->to_addr_param(addr, &addr_param);
2829
2830 totallen += paramlen;
2831 totallen += addr_param_len;
2832
2833 addr_buf += af->sockaddr_len;
2834 if (asoc->asconf_addr_del_pending && !del_pickup) {
2835
2836 totallen += paramlen;
2837 totallen += addr_param_len;
2838 del_pickup = 1;
2839
2840 pr_debug("%s: picked same-scope del_pending addr, "
2841 "totallen for all addresses is %d\n",
2842 __func__, totallen);
2843 }
2844 }
2845
2846
2847 retval = sctp_make_asconf(asoc, laddr, totallen);
2848 if (!retval)
2849 return NULL;
2850
2851
2852 addr_buf = addrs;
2853 for (i = 0; i < addrcnt; i++) {
2854 addr = addr_buf;
2855 af = sctp_get_af_specific(addr->v4.sin_family);
2856 addr_param_len = af->to_addr_param(addr, &addr_param);
2857 param.param_hdr.type = flags;
2858 param.param_hdr.length = htons(paramlen + addr_param_len);
2859 param.crr_id = i;
2860
2861 sctp_addto_chunk(retval, paramlen, ¶m);
2862 sctp_addto_chunk(retval, addr_param_len, &addr_param);
2863
2864 addr_buf += af->sockaddr_len;
2865 }
2866 if (flags == SCTP_PARAM_ADD_IP && del_pickup) {
2867 addr = asoc->asconf_addr_del_pending;
2868 af = sctp_get_af_specific(addr->v4.sin_family);
2869 addr_param_len = af->to_addr_param(addr, &addr_param);
2870 param.param_hdr.type = SCTP_PARAM_DEL_IP;
2871 param.param_hdr.length = htons(paramlen + addr_param_len);
2872 param.crr_id = i;
2873
2874 sctp_addto_chunk(retval, paramlen, ¶m);
2875 sctp_addto_chunk(retval, addr_param_len, &addr_param);
2876 }
2877 return retval;
2878}
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894struct sctp_chunk *sctp_make_asconf_set_prim(struct sctp_association *asoc,
2895 union sctp_addr *addr)
2896{
2897 sctp_addip_param_t param;
2898 struct sctp_chunk *retval;
2899 int len = sizeof(param);
2900 union sctp_addr_param addrparam;
2901 int addrlen;
2902 struct sctp_af *af = sctp_get_af_specific(addr->v4.sin_family);
2903
2904 addrlen = af->to_addr_param(addr, &addrparam);
2905 if (!addrlen)
2906 return NULL;
2907 len += addrlen;
2908
2909
2910 retval = sctp_make_asconf(asoc, addr, len);
2911 if (!retval)
2912 return NULL;
2913
2914 param.param_hdr.type = SCTP_PARAM_SET_PRIMARY;
2915 param.param_hdr.length = htons(len);
2916 param.crr_id = 0;
2917
2918 sctp_addto_chunk(retval, sizeof(param), ¶m);
2919 sctp_addto_chunk(retval, addrlen, &addrparam);
2920
2921 return retval;
2922}
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943static struct sctp_chunk *sctp_make_asconf_ack(const struct sctp_association *asoc,
2944 __u32 serial, int vparam_len)
2945{
2946 sctp_addiphdr_t asconf;
2947 struct sctp_chunk *retval;
2948 int length = sizeof(asconf) + vparam_len;
2949
2950
2951 retval = sctp_make_control(asoc, SCTP_CID_ASCONF_ACK, 0, length);
2952 if (!retval)
2953 return NULL;
2954
2955 asconf.serial = htonl(serial);
2956
2957 retval->subh.addip_hdr =
2958 sctp_addto_chunk(retval, sizeof(asconf), &asconf);
2959
2960 return retval;
2961}
2962
2963
2964static void sctp_add_asconf_response(struct sctp_chunk *chunk, __be32 crr_id,
2965 __be16 err_code, sctp_addip_param_t *asconf_param)
2966{
2967 sctp_addip_param_t ack_param;
2968 sctp_errhdr_t err_param;
2969 int asconf_param_len = 0;
2970 int err_param_len = 0;
2971 __be16 response_type;
2972
2973 if (SCTP_ERROR_NO_ERROR == err_code) {
2974 response_type = SCTP_PARAM_SUCCESS_REPORT;
2975 } else {
2976 response_type = SCTP_PARAM_ERR_CAUSE;
2977 err_param_len = sizeof(err_param);
2978 if (asconf_param)
2979 asconf_param_len =
2980 ntohs(asconf_param->param_hdr.length);
2981 }
2982
2983
2984 ack_param.param_hdr.type = response_type;
2985 ack_param.param_hdr.length = htons(sizeof(ack_param) +
2986 err_param_len +
2987 asconf_param_len);
2988 ack_param.crr_id = crr_id;
2989 sctp_addto_chunk(chunk, sizeof(ack_param), &ack_param);
2990
2991 if (SCTP_ERROR_NO_ERROR == err_code)
2992 return;
2993
2994
2995 err_param.cause = err_code;
2996 err_param.length = htons(err_param_len + asconf_param_len);
2997 sctp_addto_chunk(chunk, err_param_len, &err_param);
2998
2999
3000 if (asconf_param)
3001 sctp_addto_chunk(chunk, asconf_param_len, asconf_param);
3002}
3003
3004
3005static __be16 sctp_process_asconf_param(struct sctp_association *asoc,
3006 struct sctp_chunk *asconf,
3007 sctp_addip_param_t *asconf_param)
3008{
3009 struct sctp_transport *peer;
3010 struct sctp_af *af;
3011 union sctp_addr addr;
3012 union sctp_addr_param *addr_param;
3013
3014 addr_param = (void *)asconf_param + sizeof(sctp_addip_param_t);
3015
3016 if (asconf_param->param_hdr.type != SCTP_PARAM_ADD_IP &&
3017 asconf_param->param_hdr.type != SCTP_PARAM_DEL_IP &&
3018 asconf_param->param_hdr.type != SCTP_PARAM_SET_PRIMARY)
3019 return SCTP_ERROR_UNKNOWN_PARAM;
3020
3021 switch (addr_param->p.type) {
3022 case SCTP_PARAM_IPV6_ADDRESS:
3023 if (!asoc->peer.ipv6_address)
3024 return SCTP_ERROR_DNS_FAILED;
3025 break;
3026 case SCTP_PARAM_IPV4_ADDRESS:
3027 if (!asoc->peer.ipv4_address)
3028 return SCTP_ERROR_DNS_FAILED;
3029 break;
3030 default:
3031 return SCTP_ERROR_DNS_FAILED;
3032 }
3033
3034 af = sctp_get_af_specific(param_type2af(addr_param->p.type));
3035 if (unlikely(!af))
3036 return SCTP_ERROR_DNS_FAILED;
3037
3038 af->from_addr_param(&addr, addr_param, htons(asoc->peer.port), 0);
3039
3040
3041
3042
3043
3044
3045 if (!af->is_any(&addr) && !af->addr_valid(&addr, NULL, asconf->skb))
3046 return SCTP_ERROR_DNS_FAILED;
3047
3048 switch (asconf_param->param_hdr.type) {
3049 case SCTP_PARAM_ADD_IP:
3050
3051
3052
3053
3054 if (af->is_any(&addr))
3055 memcpy(&addr, &asconf->source, sizeof(addr));
3056
3057
3058
3059
3060
3061
3062
3063
3064 peer = sctp_assoc_add_peer(asoc, &addr, GFP_ATOMIC, SCTP_UNCONFIRMED);
3065 if (!peer)
3066 return SCTP_ERROR_RSRC_LOW;
3067
3068
3069 if (!mod_timer(&peer->hb_timer, sctp_transport_timeout(peer)))
3070 sctp_transport_hold(peer);
3071 asoc->new_transport = peer;
3072 break;
3073 case SCTP_PARAM_DEL_IP:
3074
3075
3076
3077
3078
3079 if (asoc->peer.transport_count == 1)
3080 return SCTP_ERROR_DEL_LAST_IP;
3081
3082
3083
3084
3085
3086
3087
3088
3089 if (sctp_cmp_addr_exact(&asconf->source, &addr))
3090 return SCTP_ERROR_DEL_SRC_IP;
3091
3092
3093
3094
3095
3096
3097 if (af->is_any(&addr)) {
3098 sctp_assoc_set_primary(asoc, asconf->transport);
3099 sctp_assoc_del_nonprimary_peers(asoc,
3100 asconf->transport);
3101 } else
3102 sctp_assoc_del_peer(asoc, &addr);
3103 break;
3104 case SCTP_PARAM_SET_PRIMARY:
3105
3106
3107
3108
3109
3110 if (af->is_any(&addr))
3111 memcpy(&addr.v4, sctp_source(asconf), sizeof(addr));
3112
3113 peer = sctp_assoc_lookup_paddr(asoc, &addr);
3114 if (!peer)
3115 return SCTP_ERROR_DNS_FAILED;
3116
3117 sctp_assoc_set_primary(asoc, peer);
3118 break;
3119 }
3120
3121 return SCTP_ERROR_NO_ERROR;
3122}
3123
3124
3125int sctp_verify_asconf(const struct sctp_association *asoc,
3126 struct sctp_paramhdr *param_hdr, void *chunk_end,
3127 struct sctp_paramhdr **errp) {
3128 sctp_addip_param_t *asconf_param;
3129 union sctp_params param;
3130 int length, plen;
3131
3132 param.v = (sctp_paramhdr_t *) param_hdr;
3133 while (param.v <= chunk_end - sizeof(sctp_paramhdr_t)) {
3134 length = ntohs(param.p->length);
3135 *errp = param.p;
3136
3137 if (param.v > chunk_end - length ||
3138 length < sizeof(sctp_paramhdr_t))
3139 return 0;
3140
3141 switch (param.p->type) {
3142 case SCTP_PARAM_ADD_IP:
3143 case SCTP_PARAM_DEL_IP:
3144 case SCTP_PARAM_SET_PRIMARY:
3145 asconf_param = (sctp_addip_param_t *)param.v;
3146 plen = ntohs(asconf_param->param_hdr.length);
3147 if (plen < sizeof(sctp_addip_param_t) +
3148 sizeof(sctp_paramhdr_t))
3149 return 0;
3150 break;
3151 case SCTP_PARAM_SUCCESS_REPORT:
3152 case SCTP_PARAM_ADAPTATION_LAYER_IND:
3153 if (length != sizeof(sctp_addip_param_t))
3154 return 0;
3155
3156 break;
3157 default:
3158 break;
3159 }
3160
3161 param.v += WORD_ROUND(length);
3162 }
3163
3164 if (param.v != chunk_end)
3165 return 0;
3166
3167 return 1;
3168}
3169
3170
3171
3172
3173struct sctp_chunk *sctp_process_asconf(struct sctp_association *asoc,
3174 struct sctp_chunk *asconf)
3175{
3176 sctp_addiphdr_t *hdr;
3177 union sctp_addr_param *addr_param;
3178 sctp_addip_param_t *asconf_param;
3179 struct sctp_chunk *asconf_ack;
3180
3181 __be16 err_code;
3182 int length = 0;
3183 int chunk_len;
3184 __u32 serial;
3185 int all_param_pass = 1;
3186
3187 chunk_len = ntohs(asconf->chunk_hdr->length) - sizeof(sctp_chunkhdr_t);
3188 hdr = (sctp_addiphdr_t *)asconf->skb->data;
3189 serial = ntohl(hdr->serial);
3190
3191
3192 length = sizeof(sctp_addiphdr_t);
3193 addr_param = (union sctp_addr_param *)(asconf->skb->data + length);
3194 chunk_len -= length;
3195
3196
3197
3198
3199 length = ntohs(addr_param->p.length);
3200 asconf_param = (void *)addr_param + length;
3201 chunk_len -= length;
3202
3203
3204
3205
3206
3207
3208 asconf_ack = sctp_make_asconf_ack(asoc, serial, chunk_len * 4);
3209 if (!asconf_ack)
3210 goto done;
3211
3212
3213 while (chunk_len > 0) {
3214 err_code = sctp_process_asconf_param(asoc, asconf,
3215 asconf_param);
3216
3217
3218
3219
3220
3221
3222
3223 if (SCTP_ERROR_NO_ERROR != err_code)
3224 all_param_pass = 0;
3225
3226 if (!all_param_pass)
3227 sctp_add_asconf_response(asconf_ack,
3228 asconf_param->crr_id, err_code,
3229 asconf_param);
3230
3231
3232
3233
3234
3235
3236 if (SCTP_ERROR_RSRC_LOW == err_code)
3237 goto done;
3238
3239
3240 length = ntohs(asconf_param->param_hdr.length);
3241 asconf_param = (void *)asconf_param + length;
3242 chunk_len -= length;
3243 }
3244
3245done:
3246 asoc->peer.addip_serial++;
3247
3248
3249
3250
3251 if (asconf_ack) {
3252 sctp_chunk_hold(asconf_ack);
3253 list_add_tail(&asconf_ack->transmitted_list,
3254 &asoc->asconf_ack_list);
3255 }
3256
3257 return asconf_ack;
3258}
3259
3260
3261static void sctp_asconf_param_success(struct sctp_association *asoc,
3262 sctp_addip_param_t *asconf_param)
3263{
3264 struct sctp_af *af;
3265 union sctp_addr addr;
3266 struct sctp_bind_addr *bp = &asoc->base.bind_addr;
3267 union sctp_addr_param *addr_param;
3268 struct sctp_transport *transport;
3269 struct sctp_sockaddr_entry *saddr;
3270
3271 addr_param = (void *)asconf_param + sizeof(sctp_addip_param_t);
3272
3273
3274 af = sctp_get_af_specific(param_type2af(addr_param->p.type));
3275 af->from_addr_param(&addr, addr_param, htons(bp->port), 0);
3276
3277 switch (asconf_param->param_hdr.type) {
3278 case SCTP_PARAM_ADD_IP:
3279
3280
3281
3282 local_bh_disable();
3283 list_for_each_entry(saddr, &bp->address_list, list) {
3284 if (sctp_cmp_addr_exact(&saddr->a, &addr))
3285 saddr->state = SCTP_ADDR_SRC;
3286 }
3287 local_bh_enable();
3288 list_for_each_entry(transport, &asoc->peer.transport_addr_list,
3289 transports) {
3290 dst_release(transport->dst);
3291 transport->dst = NULL;
3292 }
3293 break;
3294 case SCTP_PARAM_DEL_IP:
3295 local_bh_disable();
3296 sctp_del_bind_addr(bp, &addr);
3297 if (asoc->asconf_addr_del_pending != NULL &&
3298 sctp_cmp_addr_exact(asoc->asconf_addr_del_pending, &addr)) {
3299 kfree(asoc->asconf_addr_del_pending);
3300 asoc->asconf_addr_del_pending = NULL;
3301 }
3302 local_bh_enable();
3303 list_for_each_entry(transport, &asoc->peer.transport_addr_list,
3304 transports) {
3305 dst_release(transport->dst);
3306 transport->dst = NULL;
3307 }
3308 break;
3309 default:
3310 break;
3311 }
3312}
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323static __be16 sctp_get_asconf_response(struct sctp_chunk *asconf_ack,
3324 sctp_addip_param_t *asconf_param,
3325 int no_err)
3326{
3327 sctp_addip_param_t *asconf_ack_param;
3328 sctp_errhdr_t *err_param;
3329 int length;
3330 int asconf_ack_len;
3331 __be16 err_code;
3332
3333 if (no_err)
3334 err_code = SCTP_ERROR_NO_ERROR;
3335 else
3336 err_code = SCTP_ERROR_REQ_REFUSED;
3337
3338 asconf_ack_len = ntohs(asconf_ack->chunk_hdr->length) -
3339 sizeof(sctp_chunkhdr_t);
3340
3341
3342
3343
3344 length = sizeof(sctp_addiphdr_t);
3345 asconf_ack_param = (sctp_addip_param_t *)(asconf_ack->skb->data +
3346 length);
3347 asconf_ack_len -= length;
3348
3349 while (asconf_ack_len > 0) {
3350 if (asconf_ack_param->crr_id == asconf_param->crr_id) {
3351 switch(asconf_ack_param->param_hdr.type) {
3352 case SCTP_PARAM_SUCCESS_REPORT:
3353 return SCTP_ERROR_NO_ERROR;
3354 case SCTP_PARAM_ERR_CAUSE:
3355 length = sizeof(sctp_addip_param_t);
3356 err_param = (void *)asconf_ack_param + length;
3357 asconf_ack_len -= length;
3358 if (asconf_ack_len > 0)
3359 return err_param->cause;
3360 else
3361 return SCTP_ERROR_INV_PARAM;
3362 break;
3363 default:
3364 return SCTP_ERROR_INV_PARAM;
3365 }
3366 }
3367
3368 length = ntohs(asconf_ack_param->param_hdr.length);
3369 asconf_ack_param = (void *)asconf_ack_param + length;
3370 asconf_ack_len -= length;
3371 }
3372
3373 return err_code;
3374}
3375
3376
3377int sctp_process_asconf_ack(struct sctp_association *asoc,
3378 struct sctp_chunk *asconf_ack)
3379{
3380 struct sctp_chunk *asconf = asoc->addip_last_asconf;
3381 union sctp_addr_param *addr_param;
3382 sctp_addip_param_t *asconf_param;
3383 int length = 0;
3384 int asconf_len = asconf->skb->len;
3385 int all_param_pass = 0;
3386 int no_err = 1;
3387 int retval = 0;
3388 __be16 err_code = SCTP_ERROR_NO_ERROR;
3389
3390
3391
3392
3393 length = sizeof(sctp_addip_chunk_t);
3394 addr_param = (union sctp_addr_param *)(asconf->skb->data + length);
3395 asconf_len -= length;
3396
3397
3398
3399
3400 length = ntohs(addr_param->p.length);
3401 asconf_param = (void *)addr_param + length;
3402 asconf_len -= length;
3403
3404
3405
3406
3407
3408
3409 if (asconf_ack->skb->len == sizeof(sctp_addiphdr_t))
3410 all_param_pass = 1;
3411
3412
3413 while (asconf_len > 0) {
3414 if (all_param_pass)
3415 err_code = SCTP_ERROR_NO_ERROR;
3416 else {
3417 err_code = sctp_get_asconf_response(asconf_ack,
3418 asconf_param,
3419 no_err);
3420 if (no_err && (SCTP_ERROR_NO_ERROR != err_code))
3421 no_err = 0;
3422 }
3423
3424 switch (err_code) {
3425 case SCTP_ERROR_NO_ERROR:
3426 sctp_asconf_param_success(asoc, asconf_param);
3427 break;
3428
3429 case SCTP_ERROR_RSRC_LOW:
3430 retval = 1;
3431 break;
3432
3433 case SCTP_ERROR_UNKNOWN_PARAM:
3434
3435
3436
3437 asoc->peer.addip_disabled_mask |=
3438 asconf_param->param_hdr.type;
3439 break;
3440
3441 case SCTP_ERROR_REQ_REFUSED:
3442 case SCTP_ERROR_DEL_LAST_IP:
3443 case SCTP_ERROR_DEL_SRC_IP:
3444 default:
3445 break;
3446 }
3447
3448
3449
3450
3451 length = ntohs(asconf_param->param_hdr.length);
3452 asconf_param = (void *)asconf_param + length;
3453 asconf_len -= length;
3454 }
3455
3456 if (no_err && asoc->src_out_of_asoc_ok) {
3457 asoc->src_out_of_asoc_ok = 0;
3458 sctp_transport_immediate_rtx(asoc->peer.primary_path);
3459 }
3460
3461
3462 list_del_init(&asconf->transmitted_list);
3463 sctp_chunk_free(asconf);
3464 asoc->addip_last_asconf = NULL;
3465
3466 return retval;
3467}
3468
3469
3470struct sctp_chunk *sctp_make_fwdtsn(const struct sctp_association *asoc,
3471 __u32 new_cum_tsn, size_t nstreams,
3472 struct sctp_fwdtsn_skip *skiplist)
3473{
3474 struct sctp_chunk *retval = NULL;
3475 struct sctp_fwdtsn_hdr ftsn_hdr;
3476 struct sctp_fwdtsn_skip skip;
3477 size_t hint;
3478 int i;
3479
3480 hint = (nstreams + 1) * sizeof(__u32);
3481
3482 retval = sctp_make_control(asoc, SCTP_CID_FWD_TSN, 0, hint);
3483
3484 if (!retval)
3485 return NULL;
3486
3487 ftsn_hdr.new_cum_tsn = htonl(new_cum_tsn);
3488 retval->subh.fwdtsn_hdr =
3489 sctp_addto_chunk(retval, sizeof(ftsn_hdr), &ftsn_hdr);
3490
3491 for (i = 0; i < nstreams; i++) {
3492 skip.stream = skiplist[i].stream;
3493 skip.ssn = skiplist[i].ssn;
3494 sctp_addto_chunk(retval, sizeof(skip), &skip);
3495 }
3496
3497 return retval;
3498}
3499