1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
45
46#include <linux/types.h>
47#include <linux/fcntl.h>
48#include <linux/poll.h>
49#include <linux/init.h>
50
51#include <linux/slab.h>
52#include <linux/in.h>
53#include <net/ipv6.h>
54#include <net/sctp/sctp.h>
55#include <net/sctp/sm.h>
56
57
58static void sctp_select_active_and_retran_path(struct sctp_association *asoc);
59static void sctp_assoc_bh_rcv(struct work_struct *work);
60static void sctp_assoc_free_asconf_acks(struct sctp_association *asoc);
61static void sctp_assoc_free_asconf_queue(struct sctp_association *asoc);
62
63
64
65
66static struct sctp_association *sctp_association_init(struct sctp_association *asoc,
67 const struct sctp_endpoint *ep,
68 const struct sock *sk,
69 sctp_scope_t scope,
70 gfp_t gfp)
71{
72 struct net *net = sock_net(sk);
73 struct sctp_sock *sp;
74 int i;
75 sctp_paramhdr_t *p;
76 int err;
77
78
79 sp = sctp_sk((struct sock *)sk);
80
81
82 asoc->ep = (struct sctp_endpoint *)ep;
83 asoc->base.sk = (struct sock *)sk;
84
85 sctp_endpoint_hold(asoc->ep);
86 sock_hold(asoc->base.sk);
87
88
89 asoc->base.type = SCTP_EP_TYPE_ASSOCIATION;
90
91
92 atomic_set(&asoc->base.refcnt, 1);
93
94
95 sctp_bind_addr_init(&asoc->base.bind_addr, ep->base.bind_addr.port);
96
97 asoc->state = SCTP_STATE_CLOSED;
98 asoc->cookie_life = ms_to_ktime(sp->assocparams.sasoc_cookie_life);
99 asoc->user_frag = sp->user_frag;
100
101
102
103
104 asoc->max_retrans = sp->assocparams.sasoc_asocmaxrxt;
105 asoc->pf_retrans = net->sctp.pf_retrans;
106
107 asoc->rto_initial = msecs_to_jiffies(sp->rtoinfo.srto_initial);
108 asoc->rto_max = msecs_to_jiffies(sp->rtoinfo.srto_max);
109 asoc->rto_min = msecs_to_jiffies(sp->rtoinfo.srto_min);
110
111
112
113
114 asoc->hbinterval = msecs_to_jiffies(sp->hbinterval);
115
116
117 asoc->pathmaxrxt = sp->pathmaxrxt;
118
119
120 asoc->pathmtu = sp->pathmtu;
121
122
123 asoc->sackdelay = msecs_to_jiffies(sp->sackdelay);
124 asoc->sackfreq = sp->sackfreq;
125
126
127
128
129 asoc->param_flags = sp->param_flags;
130
131
132
133
134 asoc->max_burst = sp->max_burst;
135
136
137 asoc->timeouts[SCTP_EVENT_TIMEOUT_T1_COOKIE] = asoc->rto_initial;
138 asoc->timeouts[SCTP_EVENT_TIMEOUT_T1_INIT] = asoc->rto_initial;
139 asoc->timeouts[SCTP_EVENT_TIMEOUT_T2_SHUTDOWN] = asoc->rto_initial;
140
141
142
143
144
145 asoc->timeouts[SCTP_EVENT_TIMEOUT_T5_SHUTDOWN_GUARD]
146 = 5 * asoc->rto_max;
147
148 asoc->timeouts[SCTP_EVENT_TIMEOUT_SACK] = asoc->sackdelay;
149 asoc->timeouts[SCTP_EVENT_TIMEOUT_AUTOCLOSE] = sp->autoclose * HZ;
150
151
152 for (i = SCTP_EVENT_TIMEOUT_NONE; i < SCTP_NUM_TIMEOUT_TYPES; ++i)
153 setup_timer(&asoc->timers[i], sctp_timer_events[i],
154 (unsigned long)asoc);
155
156
157
158
159
160 asoc->c.sinit_max_instreams = sp->initmsg.sinit_max_instreams;
161 asoc->c.sinit_num_ostreams = sp->initmsg.sinit_num_ostreams;
162 asoc->max_init_attempts = sp->initmsg.sinit_max_attempts;
163
164 asoc->max_init_timeo =
165 msecs_to_jiffies(sp->initmsg.sinit_max_init_timeo);
166
167
168
169
170
171
172 if ((sk->sk_rcvbuf/2) < SCTP_DEFAULT_MINWINDOW)
173 asoc->rwnd = SCTP_DEFAULT_MINWINDOW;
174 else
175 asoc->rwnd = sk->sk_rcvbuf/2;
176
177 asoc->a_rwnd = asoc->rwnd;
178
179
180 asoc->peer.rwnd = SCTP_DEFAULT_MAXWINDOW;
181
182
183 atomic_set(&asoc->rmem_alloc, 0);
184
185 init_waitqueue_head(&asoc->wait);
186
187 asoc->c.my_vtag = sctp_generate_tag(ep);
188 asoc->c.my_port = ep->base.bind_addr.port;
189
190 asoc->c.initial_tsn = sctp_generate_tsn(ep);
191
192 asoc->next_tsn = asoc->c.initial_tsn;
193
194 asoc->ctsn_ack_point = asoc->next_tsn - 1;
195 asoc->adv_peer_ack_point = asoc->ctsn_ack_point;
196 asoc->highest_sacked = asoc->ctsn_ack_point;
197 asoc->last_cwr_tsn = asoc->ctsn_ack_point;
198
199
200
201
202
203
204
205
206
207
208
209 asoc->addip_serial = asoc->c.initial_tsn;
210
211 INIT_LIST_HEAD(&asoc->addip_chunk_list);
212 INIT_LIST_HEAD(&asoc->asconf_ack_list);
213
214
215 INIT_LIST_HEAD(&asoc->peer.transport_addr_list);
216
217
218
219
220
221
222
223
224
225
226
227
228 asoc->peer.sack_needed = 1;
229 asoc->peer.sack_generation = 1;
230
231
232
233
234
235
236 if (net->sctp.addip_noauth)
237 asoc->peer.asconf_capable = 1;
238
239
240 sctp_inq_init(&asoc->base.inqueue);
241 sctp_inq_set_th_handler(&asoc->base.inqueue, sctp_assoc_bh_rcv);
242
243
244 sctp_outq_init(asoc, &asoc->outqueue);
245
246 if (!sctp_ulpq_init(&asoc->ulpq, asoc))
247 goto fail_init;
248
249
250
251
252 asoc->peer.ipv4_address = 1;
253 if (asoc->base.sk->sk_family == PF_INET6)
254 asoc->peer.ipv6_address = 1;
255 INIT_LIST_HEAD(&asoc->asocs);
256
257 asoc->default_stream = sp->default_stream;
258 asoc->default_ppid = sp->default_ppid;
259 asoc->default_flags = sp->default_flags;
260 asoc->default_context = sp->default_context;
261 asoc->default_timetolive = sp->default_timetolive;
262 asoc->default_rcv_context = sp->default_rcv_context;
263
264
265 INIT_LIST_HEAD(&asoc->endpoint_shared_keys);
266 err = sctp_auth_asoc_copy_shkeys(ep, asoc, gfp);
267 if (err)
268 goto fail_init;
269
270 asoc->active_key_id = ep->active_key_id;
271
272
273 if (ep->auth_hmacs_list)
274 memcpy(asoc->c.auth_hmacs, ep->auth_hmacs_list,
275 ntohs(ep->auth_hmacs_list->param_hdr.length));
276 if (ep->auth_chunk_list)
277 memcpy(asoc->c.auth_chunks, ep->auth_chunk_list,
278 ntohs(ep->auth_chunk_list->param_hdr.length));
279
280
281 p = (sctp_paramhdr_t *)asoc->c.auth_random;
282 p->type = SCTP_PARAM_RANDOM;
283 p->length = htons(sizeof(sctp_paramhdr_t) + SCTP_AUTH_RANDOM_LENGTH);
284 get_random_bytes(p+1, SCTP_AUTH_RANDOM_LENGTH);
285
286 return asoc;
287
288fail_init:
289 sock_put(asoc->base.sk);
290 sctp_endpoint_put(asoc->ep);
291 return NULL;
292}
293
294
295struct sctp_association *sctp_association_new(const struct sctp_endpoint *ep,
296 const struct sock *sk,
297 sctp_scope_t scope,
298 gfp_t gfp)
299{
300 struct sctp_association *asoc;
301
302 asoc = kzalloc(sizeof(*asoc), gfp);
303 if (!asoc)
304 goto fail;
305
306 if (!sctp_association_init(asoc, ep, sk, scope, gfp))
307 goto fail_init;
308
309 SCTP_DBG_OBJCNT_INC(assoc);
310
311 pr_debug("Created asoc %p\n", asoc);
312
313 return asoc;
314
315fail_init:
316 kfree(asoc);
317fail:
318 return NULL;
319}
320
321
322
323
324void sctp_association_free(struct sctp_association *asoc)
325{
326 struct sock *sk = asoc->base.sk;
327 struct sctp_transport *transport;
328 struct list_head *pos, *temp;
329 int i;
330
331
332
333
334 if (!list_empty(&asoc->asocs)) {
335 list_del(&asoc->asocs);
336
337
338
339
340 if (sctp_style(sk, TCP) && sctp_sstate(sk, LISTENING))
341 sk->sk_ack_backlog--;
342 }
343
344
345
346
347 asoc->base.dead = true;
348
349
350 sctp_outq_free(&asoc->outqueue);
351
352
353 sctp_ulpq_free(&asoc->ulpq);
354
355
356 sctp_inq_free(&asoc->base.inqueue);
357
358 sctp_tsnmap_free(&asoc->peer.tsn_map);
359
360
361 sctp_ssnmap_free(asoc->ssnmap);
362
363
364 sctp_bind_addr_free(&asoc->base.bind_addr);
365
366
367
368
369
370
371 for (i = SCTP_EVENT_TIMEOUT_NONE; i < SCTP_NUM_TIMEOUT_TYPES; ++i) {
372 if (del_timer(&asoc->timers[i]))
373 sctp_association_put(asoc);
374 }
375
376
377 kfree(asoc->peer.cookie);
378 kfree(asoc->peer.peer_random);
379 kfree(asoc->peer.peer_chunks);
380 kfree(asoc->peer.peer_hmacs);
381
382
383 list_for_each_safe(pos, temp, &asoc->peer.transport_addr_list) {
384 transport = list_entry(pos, struct sctp_transport, transports);
385 list_del_rcu(pos);
386 sctp_transport_free(transport);
387 }
388
389 asoc->peer.transport_count = 0;
390
391 sctp_asconf_queue_teardown(asoc);
392
393
394 kfree(asoc->asconf_addr_del_pending);
395
396
397 sctp_auth_destroy_keys(&asoc->endpoint_shared_keys);
398
399
400 sctp_auth_key_put(asoc->asoc_shared_key);
401
402 sctp_association_put(asoc);
403}
404
405
406static void sctp_association_destroy(struct sctp_association *asoc)
407{
408 if (unlikely(!asoc->base.dead)) {
409 WARN(1, "Attempt to destroy undead association %p!\n", asoc);
410 return;
411 }
412
413 sctp_endpoint_put(asoc->ep);
414 sock_put(asoc->base.sk);
415
416 if (asoc->assoc_id != 0) {
417 spin_lock_bh(&sctp_assocs_id_lock);
418 idr_remove(&sctp_assocs_id, asoc->assoc_id);
419 spin_unlock_bh(&sctp_assocs_id_lock);
420 }
421
422 WARN_ON(atomic_read(&asoc->rmem_alloc));
423
424 kfree(asoc);
425 SCTP_DBG_OBJCNT_DEC(assoc);
426}
427
428
429void sctp_assoc_set_primary(struct sctp_association *asoc,
430 struct sctp_transport *transport)
431{
432 int changeover = 0;
433
434
435
436
437 if (asoc->peer.primary_path != NULL &&
438 asoc->peer.primary_path != transport)
439 changeover = 1 ;
440
441 asoc->peer.primary_path = transport;
442
443
444 memcpy(&asoc->peer.primary_addr, &transport->ipaddr,
445 sizeof(union sctp_addr));
446
447
448
449
450 if ((transport->state == SCTP_ACTIVE) ||
451 (transport->state == SCTP_UNKNOWN))
452 asoc->peer.active_path = transport;
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468 if (!asoc->outqueue.outstanding_bytes && !asoc->outqueue.out_qlen)
469 return;
470
471 if (transport->cacc.changeover_active)
472 transport->cacc.cycling_changeover = changeover;
473
474
475
476
477 transport->cacc.changeover_active = changeover;
478
479
480
481
482 transport->cacc.next_tsn_at_change = asoc->next_tsn;
483}
484
485
486void sctp_assoc_rm_peer(struct sctp_association *asoc,
487 struct sctp_transport *peer)
488{
489 struct list_head *pos;
490 struct sctp_transport *transport;
491
492 pr_debug("%s: association:%p addr:%pISpc\n",
493 __func__, asoc, &peer->ipaddr.sa);
494
495
496
497
498 if (asoc->peer.retran_path == peer)
499 sctp_assoc_update_retran_path(asoc);
500
501
502 list_del_rcu(&peer->transports);
503
504
505 pos = asoc->peer.transport_addr_list.next;
506 transport = list_entry(pos, struct sctp_transport, transports);
507
508
509 if (asoc->peer.primary_path == peer)
510 sctp_assoc_set_primary(asoc, transport);
511 if (asoc->peer.active_path == peer)
512 asoc->peer.active_path = transport;
513 if (asoc->peer.retran_path == peer)
514 asoc->peer.retran_path = transport;
515 if (asoc->peer.last_data_from == peer)
516 asoc->peer.last_data_from = transport;
517
518
519
520
521
522
523 if (asoc->init_last_sent_to == peer)
524 asoc->init_last_sent_to = NULL;
525
526
527
528
529
530
531 if (asoc->shutdown_last_sent_to == peer)
532 asoc->shutdown_last_sent_to = NULL;
533
534
535
536
537 if (asoc->addip_last_asconf &&
538 asoc->addip_last_asconf->transport == peer)
539 asoc->addip_last_asconf->transport = NULL;
540
541
542
543
544 if (!list_empty(&peer->transmitted)) {
545 struct sctp_transport *active = asoc->peer.active_path;
546 struct sctp_chunk *ch;
547
548
549 list_for_each_entry(ch, &peer->transmitted,
550 transmitted_list) {
551 ch->transport = NULL;
552 ch->rtt_in_progress = 0;
553 }
554
555 list_splice_tail_init(&peer->transmitted,
556 &active->transmitted);
557
558
559
560
561
562 if (!timer_pending(&active->T3_rtx_timer))
563 if (!mod_timer(&active->T3_rtx_timer,
564 jiffies + active->rto))
565 sctp_transport_hold(active);
566 }
567
568 asoc->peer.transport_count--;
569
570 sctp_transport_free(peer);
571}
572
573
574struct sctp_transport *sctp_assoc_add_peer(struct sctp_association *asoc,
575 const union sctp_addr *addr,
576 const gfp_t gfp,
577 const int peer_state)
578{
579 struct net *net = sock_net(asoc->base.sk);
580 struct sctp_transport *peer;
581 struct sctp_sock *sp;
582 unsigned short port;
583
584 sp = sctp_sk(asoc->base.sk);
585
586
587 port = ntohs(addr->v4.sin_port);
588
589 pr_debug("%s: association:%p addr:%pISpc state:%d\n", __func__,
590 asoc, &addr->sa, peer_state);
591
592
593 if (0 == asoc->peer.port)
594 asoc->peer.port = port;
595
596
597 peer = sctp_assoc_lookup_paddr(asoc, addr);
598 if (peer) {
599
600
601
602
603 if (peer->state == SCTP_UNKNOWN) {
604 peer->state = SCTP_ACTIVE;
605 }
606 return peer;
607 }
608
609 peer = sctp_transport_new(net, addr, gfp);
610 if (!peer)
611 return NULL;
612
613 sctp_transport_set_owner(peer, asoc);
614
615
616
617
618 peer->hbinterval = asoc->hbinterval;
619
620
621 peer->pathmaxrxt = asoc->pathmaxrxt;
622
623
624 peer->pf_retrans = asoc->pf_retrans;
625
626
627
628
629 peer->sackdelay = asoc->sackdelay;
630 peer->sackfreq = asoc->sackfreq;
631
632
633
634
635 peer->param_flags = asoc->param_flags;
636
637 sctp_transport_route(peer, NULL, sp);
638
639
640 if (peer->param_flags & SPP_PMTUD_DISABLE) {
641 if (asoc->pathmtu)
642 peer->pathmtu = asoc->pathmtu;
643 else
644 peer->pathmtu = SCTP_DEFAULT_MAXSEGMENT;
645 }
646
647
648
649
650
651
652 if (asoc->pathmtu)
653 asoc->pathmtu = min_t(int, peer->pathmtu, asoc->pathmtu);
654 else
655 asoc->pathmtu = peer->pathmtu;
656
657 pr_debug("%s: association:%p PMTU set to %d\n", __func__, asoc,
658 asoc->pathmtu);
659
660 peer->pmtu_pending = 0;
661
662 asoc->frag_point = sctp_frag_point(asoc, asoc->pathmtu);
663
664
665
666
667 sctp_packet_init(&peer->packet, peer, asoc->base.bind_addr.port,
668 asoc->peer.port);
669
670
671
672
673
674
675
676
677
678
679
680 peer->cwnd = min(4*asoc->pathmtu, max_t(__u32, 2*asoc->pathmtu, 4380));
681
682
683
684
685
686 peer->ssthresh = SCTP_DEFAULT_MAXWINDOW;
687
688 peer->partial_bytes_acked = 0;
689 peer->flight_size = 0;
690 peer->burst_limited = 0;
691
692
693 peer->rto = asoc->rto_initial;
694 sctp_max_rto(asoc, peer);
695
696
697 peer->state = peer_state;
698
699
700 list_add_tail_rcu(&peer->transports, &asoc->peer.transport_addr_list);
701 asoc->peer.transport_count++;
702
703
704 if (!asoc->peer.primary_path) {
705 sctp_assoc_set_primary(asoc, peer);
706 asoc->peer.retran_path = peer;
707 }
708
709 if (asoc->peer.active_path == asoc->peer.retran_path &&
710 peer->state != SCTP_UNCONFIRMED) {
711 asoc->peer.retran_path = peer;
712 }
713
714 return peer;
715}
716
717
718void sctp_assoc_del_peer(struct sctp_association *asoc,
719 const union sctp_addr *addr)
720{
721 struct list_head *pos;
722 struct list_head *temp;
723 struct sctp_transport *transport;
724
725 list_for_each_safe(pos, temp, &asoc->peer.transport_addr_list) {
726 transport = list_entry(pos, struct sctp_transport, transports);
727 if (sctp_cmp_addr_exact(addr, &transport->ipaddr)) {
728
729 sctp_assoc_rm_peer(asoc, transport);
730 break;
731 }
732 }
733}
734
735
736struct sctp_transport *sctp_assoc_lookup_paddr(
737 const struct sctp_association *asoc,
738 const union sctp_addr *address)
739{
740 struct sctp_transport *t;
741
742
743
744 list_for_each_entry(t, &asoc->peer.transport_addr_list,
745 transports) {
746 if (sctp_cmp_addr_exact(address, &t->ipaddr))
747 return t;
748 }
749
750 return NULL;
751}
752
753
754void sctp_assoc_del_nonprimary_peers(struct sctp_association *asoc,
755 struct sctp_transport *primary)
756{
757 struct sctp_transport *temp;
758 struct sctp_transport *t;
759
760 list_for_each_entry_safe(t, temp, &asoc->peer.transport_addr_list,
761 transports) {
762
763 if (t != primary)
764 sctp_assoc_rm_peer(asoc, t);
765 }
766}
767
768
769
770
771
772void sctp_assoc_control_transport(struct sctp_association *asoc,
773 struct sctp_transport *transport,
774 sctp_transport_cmd_t command,
775 sctp_sn_error_t error)
776{
777 struct sctp_ulpevent *event;
778 struct sockaddr_storage addr;
779 int spc_state = 0;
780 bool ulp_notify = true;
781
782
783 switch (command) {
784 case SCTP_TRANSPORT_UP:
785
786
787
788
789 if (SCTP_UNCONFIRMED == transport->state &&
790 SCTP_HEARTBEAT_SUCCESS == error)
791 spc_state = SCTP_ADDR_CONFIRMED;
792 else
793 spc_state = SCTP_ADDR_AVAILABLE;
794
795
796
797
798 if (transport->state == SCTP_PF) {
799 ulp_notify = false;
800 transport->cwnd = asoc->pathmtu;
801 }
802 transport->state = SCTP_ACTIVE;
803 break;
804
805 case SCTP_TRANSPORT_DOWN:
806
807
808
809
810 if (transport->state != SCTP_UNCONFIRMED)
811 transport->state = SCTP_INACTIVE;
812 else {
813 dst_release(transport->dst);
814 transport->dst = NULL;
815 ulp_notify = false;
816 }
817
818 spc_state = SCTP_ADDR_UNREACHABLE;
819 break;
820
821 case SCTP_TRANSPORT_PF:
822 transport->state = SCTP_PF;
823 ulp_notify = false;
824 break;
825
826 default:
827 return;
828 }
829
830
831
832
833 if (ulp_notify) {
834 memset(&addr, 0, sizeof(struct sockaddr_storage));
835 memcpy(&addr, &transport->ipaddr,
836 transport->af_specific->sockaddr_len);
837
838 event = sctp_ulpevent_make_peer_addr_change(asoc, &addr,
839 0, spc_state, error, GFP_ATOMIC);
840 if (event)
841 sctp_ulpq_tail_event(&asoc->ulpq, event);
842 }
843
844
845 sctp_select_active_and_retran_path(asoc);
846}
847
848
849void sctp_association_hold(struct sctp_association *asoc)
850{
851 atomic_inc(&asoc->base.refcnt);
852}
853
854
855
856
857void sctp_association_put(struct sctp_association *asoc)
858{
859 if (atomic_dec_and_test(&asoc->base.refcnt))
860 sctp_association_destroy(asoc);
861}
862
863
864
865
866__u32 sctp_association_get_next_tsn(struct sctp_association *asoc)
867{
868
869
870
871
872
873 __u32 retval = asoc->next_tsn;
874 asoc->next_tsn++;
875 asoc->unack_data++;
876
877 return retval;
878}
879
880
881
882
883int sctp_cmp_addr_exact(const union sctp_addr *ss1,
884 const union sctp_addr *ss2)
885{
886 struct sctp_af *af;
887
888 af = sctp_get_af_specific(ss1->sa.sa_family);
889 if (unlikely(!af))
890 return 0;
891
892 return af->cmp_addr(ss1, ss2);
893}
894
895
896
897
898
899struct sctp_chunk *sctp_get_ecne_prepend(struct sctp_association *asoc)
900{
901 if (!asoc->need_ecne)
902 return NULL;
903
904
905
906
907 return sctp_make_ecne(asoc, asoc->last_ecne_tsn);
908}
909
910
911
912
913struct sctp_transport *sctp_assoc_lookup_tsn(struct sctp_association *asoc,
914 __u32 tsn)
915{
916 struct sctp_transport *active;
917 struct sctp_transport *match;
918 struct sctp_transport *transport;
919 struct sctp_chunk *chunk;
920 __be32 key = htonl(tsn);
921
922 match = NULL;
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939 active = asoc->peer.active_path;
940
941 list_for_each_entry(chunk, &active->transmitted,
942 transmitted_list) {
943
944 if (key == chunk->subh.data_hdr->tsn) {
945 match = active;
946 goto out;
947 }
948 }
949
950
951 list_for_each_entry(transport, &asoc->peer.transport_addr_list,
952 transports) {
953
954 if (transport == active)
955 continue;
956 list_for_each_entry(chunk, &transport->transmitted,
957 transmitted_list) {
958 if (key == chunk->subh.data_hdr->tsn) {
959 match = transport;
960 goto out;
961 }
962 }
963 }
964out:
965 return match;
966}
967
968
969struct sctp_transport *sctp_assoc_is_match(struct sctp_association *asoc,
970 struct net *net,
971 const union sctp_addr *laddr,
972 const union sctp_addr *paddr)
973{
974 struct sctp_transport *transport;
975
976 if ((htons(asoc->base.bind_addr.port) == laddr->v4.sin_port) &&
977 (htons(asoc->peer.port) == paddr->v4.sin_port) &&
978 net_eq(sock_net(asoc->base.sk), net)) {
979 transport = sctp_assoc_lookup_paddr(asoc, paddr);
980 if (!transport)
981 goto out;
982
983 if (sctp_bind_addr_match(&asoc->base.bind_addr, laddr,
984 sctp_sk(asoc->base.sk)))
985 goto out;
986 }
987 transport = NULL;
988
989out:
990 return transport;
991}
992
993
994static void sctp_assoc_bh_rcv(struct work_struct *work)
995{
996 struct sctp_association *asoc =
997 container_of(work, struct sctp_association,
998 base.inqueue.immediate);
999 struct net *net = sock_net(asoc->base.sk);
1000 struct sctp_endpoint *ep;
1001 struct sctp_chunk *chunk;
1002 struct sctp_inq *inqueue;
1003 int state;
1004 sctp_subtype_t subtype;
1005 int error = 0;
1006
1007
1008 ep = asoc->ep;
1009
1010 inqueue = &asoc->base.inqueue;
1011 sctp_association_hold(asoc);
1012 while (NULL != (chunk = sctp_inq_pop(inqueue))) {
1013 state = asoc->state;
1014 subtype = SCTP_ST_CHUNK(chunk->chunk_hdr->type);
1015
1016
1017
1018
1019
1020
1021
1022
1023 if (sctp_auth_recv_cid(subtype.chunk, asoc) && !chunk->auth)
1024 continue;
1025
1026
1027
1028
1029 if (sctp_chunk_is_data(chunk))
1030 asoc->peer.last_data_from = chunk->transport;
1031 else {
1032 SCTP_INC_STATS(net, SCTP_MIB_INCTRLCHUNKS);
1033 asoc->stats.ictrlchunks++;
1034 if (chunk->chunk_hdr->type == SCTP_CID_SACK)
1035 asoc->stats.isacks++;
1036 }
1037
1038 if (chunk->transport)
1039 chunk->transport->last_time_heard = ktime_get();
1040
1041
1042 error = sctp_do_sm(net, SCTP_EVENT_T_CHUNK, subtype,
1043 state, ep, asoc, chunk, GFP_ATOMIC);
1044
1045
1046
1047
1048 if (asoc->base.dead)
1049 break;
1050
1051
1052 if (error && chunk)
1053 chunk->pdiscard = 1;
1054 }
1055 sctp_association_put(asoc);
1056}
1057
1058
1059void sctp_assoc_migrate(struct sctp_association *assoc, struct sock *newsk)
1060{
1061 struct sctp_sock *newsp = sctp_sk(newsk);
1062 struct sock *oldsk = assoc->base.sk;
1063
1064
1065
1066
1067 list_del_init(&assoc->asocs);
1068
1069
1070 if (sctp_style(oldsk, TCP))
1071 oldsk->sk_ack_backlog--;
1072
1073
1074 sctp_endpoint_put(assoc->ep);
1075 sock_put(assoc->base.sk);
1076
1077
1078 assoc->ep = newsp->ep;
1079 sctp_endpoint_hold(assoc->ep);
1080
1081
1082 assoc->base.sk = newsk;
1083 sock_hold(assoc->base.sk);
1084
1085
1086 sctp_endpoint_add_asoc(newsp->ep, assoc);
1087}
1088
1089
1090void sctp_assoc_update(struct sctp_association *asoc,
1091 struct sctp_association *new)
1092{
1093 struct sctp_transport *trans;
1094 struct list_head *pos, *temp;
1095
1096
1097 asoc->c = new->c;
1098 asoc->peer.rwnd = new->peer.rwnd;
1099 asoc->peer.sack_needed = new->peer.sack_needed;
1100 asoc->peer.auth_capable = new->peer.auth_capable;
1101 asoc->peer.i = new->peer.i;
1102 sctp_tsnmap_init(&asoc->peer.tsn_map, SCTP_TSN_MAP_INITIAL,
1103 asoc->peer.i.initial_tsn, GFP_ATOMIC);
1104
1105
1106 list_for_each_safe(pos, temp, &asoc->peer.transport_addr_list) {
1107 trans = list_entry(pos, struct sctp_transport, transports);
1108 if (!sctp_assoc_lookup_paddr(new, &trans->ipaddr)) {
1109 sctp_assoc_rm_peer(asoc, trans);
1110 continue;
1111 }
1112
1113 if (asoc->state >= SCTP_STATE_ESTABLISHED)
1114 sctp_transport_reset(trans);
1115 }
1116
1117
1118
1119
1120
1121
1122 if (asoc->state >= SCTP_STATE_ESTABLISHED) {
1123 asoc->next_tsn = new->next_tsn;
1124 asoc->ctsn_ack_point = new->ctsn_ack_point;
1125 asoc->adv_peer_ack_point = new->adv_peer_ack_point;
1126
1127
1128
1129
1130 sctp_ssnmap_clear(asoc->ssnmap);
1131
1132
1133
1134
1135
1136 sctp_ulpq_flush(&asoc->ulpq);
1137
1138
1139
1140
1141
1142 asoc->overall_error_count = 0;
1143
1144 } else {
1145
1146 list_for_each_entry(trans, &new->peer.transport_addr_list,
1147 transports) {
1148 if (!sctp_assoc_lookup_paddr(asoc, &trans->ipaddr))
1149 sctp_assoc_add_peer(asoc, &trans->ipaddr,
1150 GFP_ATOMIC, trans->state);
1151 }
1152
1153 asoc->ctsn_ack_point = asoc->next_tsn - 1;
1154 asoc->adv_peer_ack_point = asoc->ctsn_ack_point;
1155 if (!asoc->ssnmap) {
1156
1157 asoc->ssnmap = new->ssnmap;
1158 new->ssnmap = NULL;
1159 }
1160
1161 if (!asoc->assoc_id) {
1162
1163
1164
1165 sctp_assoc_set_id(asoc, GFP_ATOMIC);
1166 }
1167 }
1168
1169
1170
1171
1172 kfree(asoc->peer.peer_random);
1173 asoc->peer.peer_random = new->peer.peer_random;
1174 new->peer.peer_random = NULL;
1175
1176 kfree(asoc->peer.peer_chunks);
1177 asoc->peer.peer_chunks = new->peer.peer_chunks;
1178 new->peer.peer_chunks = NULL;
1179
1180 kfree(asoc->peer.peer_hmacs);
1181 asoc->peer.peer_hmacs = new->peer.peer_hmacs;
1182 new->peer.peer_hmacs = NULL;
1183
1184 sctp_auth_asoc_init_active_key(asoc, GFP_ATOMIC);
1185}
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215static const u8 sctp_trans_state_to_prio_map[] = {
1216 [SCTP_ACTIVE] = 3,
1217 [SCTP_UNKNOWN] = 2,
1218 [SCTP_PF] = 1,
1219 [SCTP_INACTIVE] = 0,
1220};
1221
1222static u8 sctp_trans_score(const struct sctp_transport *trans)
1223{
1224 return sctp_trans_state_to_prio_map[trans->state];
1225}
1226
1227static struct sctp_transport *sctp_trans_elect_tie(struct sctp_transport *trans1,
1228 struct sctp_transport *trans2)
1229{
1230 if (trans1->error_count > trans2->error_count) {
1231 return trans2;
1232 } else if (trans1->error_count == trans2->error_count &&
1233 ktime_after(trans2->last_time_heard,
1234 trans1->last_time_heard)) {
1235 return trans2;
1236 } else {
1237 return trans1;
1238 }
1239}
1240
1241static struct sctp_transport *sctp_trans_elect_best(struct sctp_transport *curr,
1242 struct sctp_transport *best)
1243{
1244 u8 score_curr, score_best;
1245
1246 if (best == NULL || curr == best)
1247 return curr;
1248
1249 score_curr = sctp_trans_score(curr);
1250 score_best = sctp_trans_score(best);
1251
1252
1253
1254
1255
1256 if (score_curr > score_best)
1257 return curr;
1258 else if (score_curr == score_best)
1259 return sctp_trans_elect_tie(curr, best);
1260 else
1261 return best;
1262}
1263
1264void sctp_assoc_update_retran_path(struct sctp_association *asoc)
1265{
1266 struct sctp_transport *trans = asoc->peer.retran_path;
1267 struct sctp_transport *trans_next = NULL;
1268
1269
1270 if (asoc->peer.transport_count == 1)
1271 return;
1272
1273
1274
1275 if (asoc->peer.active_path == asoc->peer.retran_path &&
1276 asoc->peer.active_path->state == SCTP_ACTIVE)
1277 return;
1278
1279
1280 for (trans = list_next_entry(trans, transports); 1;
1281 trans = list_next_entry(trans, transports)) {
1282
1283 if (&trans->transports == &asoc->peer.transport_addr_list)
1284 continue;
1285 if (trans->state == SCTP_UNCONFIRMED)
1286 continue;
1287 trans_next = sctp_trans_elect_best(trans, trans_next);
1288
1289 if (trans_next->state == SCTP_ACTIVE)
1290 break;
1291
1292 if (trans == asoc->peer.retran_path)
1293 break;
1294 }
1295
1296 asoc->peer.retran_path = trans_next;
1297
1298 pr_debug("%s: association:%p updated new path to addr:%pISpc\n",
1299 __func__, asoc, &asoc->peer.retran_path->ipaddr.sa);
1300}
1301
1302static void sctp_select_active_and_retran_path(struct sctp_association *asoc)
1303{
1304 struct sctp_transport *trans, *trans_pri = NULL, *trans_sec = NULL;
1305 struct sctp_transport *trans_pf = NULL;
1306
1307
1308 list_for_each_entry(trans, &asoc->peer.transport_addr_list,
1309 transports) {
1310
1311 if (trans->state == SCTP_INACTIVE ||
1312 trans->state == SCTP_UNCONFIRMED)
1313 continue;
1314
1315
1316
1317 if (trans->state == SCTP_PF) {
1318 trans_pf = sctp_trans_elect_best(trans, trans_pf);
1319 continue;
1320 }
1321
1322 if (trans_pri == NULL ||
1323 ktime_after(trans->last_time_heard,
1324 trans_pri->last_time_heard)) {
1325 trans_sec = trans_pri;
1326 trans_pri = trans;
1327 } else if (trans_sec == NULL ||
1328 ktime_after(trans->last_time_heard,
1329 trans_sec->last_time_heard)) {
1330 trans_sec = trans;
1331 }
1332 }
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342 if ((asoc->peer.primary_path->state == SCTP_ACTIVE ||
1343 asoc->peer.primary_path->state == SCTP_UNKNOWN) &&
1344 asoc->peer.primary_path != trans_pri) {
1345 trans_sec = trans_pri;
1346 trans_pri = asoc->peer.primary_path;
1347 }
1348
1349
1350
1351
1352
1353 if (trans_sec == NULL)
1354 trans_sec = trans_pri;
1355
1356
1357
1358
1359 if (trans_pri == NULL) {
1360 trans_pri = sctp_trans_elect_best(asoc->peer.active_path, trans_pf);
1361 trans_sec = trans_pri;
1362 }
1363
1364
1365 asoc->peer.active_path = trans_pri;
1366 asoc->peer.retran_path = trans_sec;
1367}
1368
1369struct sctp_transport *
1370sctp_assoc_choose_alter_transport(struct sctp_association *asoc,
1371 struct sctp_transport *last_sent_to)
1372{
1373
1374
1375
1376
1377 if (last_sent_to == NULL) {
1378 return asoc->peer.active_path;
1379 } else {
1380 if (last_sent_to == asoc->peer.retran_path)
1381 sctp_assoc_update_retran_path(asoc);
1382
1383 return asoc->peer.retran_path;
1384 }
1385}
1386
1387
1388
1389
1390void sctp_assoc_sync_pmtu(struct sock *sk, struct sctp_association *asoc)
1391{
1392 struct sctp_transport *t;
1393 __u32 pmtu = 0;
1394
1395 if (!asoc)
1396 return;
1397
1398
1399 list_for_each_entry(t, &asoc->peer.transport_addr_list,
1400 transports) {
1401 if (t->pmtu_pending && t->dst) {
1402 sctp_transport_update_pmtu(sk, t, dst_mtu(t->dst));
1403 t->pmtu_pending = 0;
1404 }
1405 if (!pmtu || (t->pathmtu < pmtu))
1406 pmtu = t->pathmtu;
1407 }
1408
1409 if (pmtu) {
1410 asoc->pathmtu = pmtu;
1411 asoc->frag_point = sctp_frag_point(asoc, pmtu);
1412 }
1413
1414 pr_debug("%s: asoc:%p, pmtu:%d, frag_point:%d\n", __func__, asoc,
1415 asoc->pathmtu, asoc->frag_point);
1416}
1417
1418
1419static inline bool sctp_peer_needs_update(struct sctp_association *asoc)
1420{
1421 struct net *net = sock_net(asoc->base.sk);
1422 switch (asoc->state) {
1423 case SCTP_STATE_ESTABLISHED:
1424 case SCTP_STATE_SHUTDOWN_PENDING:
1425 case SCTP_STATE_SHUTDOWN_RECEIVED:
1426 case SCTP_STATE_SHUTDOWN_SENT:
1427 if ((asoc->rwnd > asoc->a_rwnd) &&
1428 ((asoc->rwnd - asoc->a_rwnd) >= max_t(__u32,
1429 (asoc->base.sk->sk_rcvbuf >> net->sctp.rwnd_upd_shift),
1430 asoc->pathmtu)))
1431 return true;
1432 break;
1433 default:
1434 break;
1435 }
1436 return false;
1437}
1438
1439
1440void sctp_assoc_rwnd_increase(struct sctp_association *asoc, unsigned int len)
1441{
1442 struct sctp_chunk *sack;
1443 struct timer_list *timer;
1444
1445 if (asoc->rwnd_over) {
1446 if (asoc->rwnd_over >= len) {
1447 asoc->rwnd_over -= len;
1448 } else {
1449 asoc->rwnd += (len - asoc->rwnd_over);
1450 asoc->rwnd_over = 0;
1451 }
1452 } else {
1453 asoc->rwnd += len;
1454 }
1455
1456
1457
1458
1459
1460
1461 if (asoc->rwnd_press && asoc->rwnd >= asoc->rwnd_press) {
1462 int change = min(asoc->pathmtu, asoc->rwnd_press);
1463 asoc->rwnd += change;
1464 asoc->rwnd_press -= change;
1465 }
1466
1467 pr_debug("%s: asoc:%p rwnd increased by %d to (%u, %u) - %u\n",
1468 __func__, asoc, len, asoc->rwnd, asoc->rwnd_over,
1469 asoc->a_rwnd);
1470
1471
1472
1473
1474
1475
1476 if (sctp_peer_needs_update(asoc)) {
1477 asoc->a_rwnd = asoc->rwnd;
1478
1479 pr_debug("%s: sending window update SACK- asoc:%p rwnd:%u "
1480 "a_rwnd:%u\n", __func__, asoc, asoc->rwnd,
1481 asoc->a_rwnd);
1482
1483 sack = sctp_make_sack(asoc);
1484 if (!sack)
1485 return;
1486
1487 asoc->peer.sack_needed = 0;
1488
1489 sctp_outq_tail(&asoc->outqueue, sack);
1490
1491
1492 timer = &asoc->timers[SCTP_EVENT_TIMEOUT_SACK];
1493 if (del_timer(timer))
1494 sctp_association_put(asoc);
1495 }
1496}
1497
1498
1499void sctp_assoc_rwnd_decrease(struct sctp_association *asoc, unsigned int len)
1500{
1501 int rx_count;
1502 int over = 0;
1503
1504 if (unlikely(!asoc->rwnd || asoc->rwnd_over))
1505 pr_debug("%s: association:%p has asoc->rwnd:%u, "
1506 "asoc->rwnd_over:%u!\n", __func__, asoc,
1507 asoc->rwnd, asoc->rwnd_over);
1508
1509 if (asoc->ep->rcvbuf_policy)
1510 rx_count = atomic_read(&asoc->rmem_alloc);
1511 else
1512 rx_count = atomic_read(&asoc->base.sk->sk_rmem_alloc);
1513
1514
1515
1516
1517
1518
1519 if (rx_count >= asoc->base.sk->sk_rcvbuf)
1520 over = 1;
1521
1522 if (asoc->rwnd >= len) {
1523 asoc->rwnd -= len;
1524 if (over) {
1525 asoc->rwnd_press += asoc->rwnd;
1526 asoc->rwnd = 0;
1527 }
1528 } else {
1529 asoc->rwnd_over = len - asoc->rwnd;
1530 asoc->rwnd = 0;
1531 }
1532
1533 pr_debug("%s: asoc:%p rwnd decreased by %d to (%u, %u, %u)\n",
1534 __func__, asoc, len, asoc->rwnd, asoc->rwnd_over,
1535 asoc->rwnd_press);
1536}
1537
1538
1539
1540
1541int sctp_assoc_set_bind_addr_from_ep(struct sctp_association *asoc,
1542 sctp_scope_t scope, gfp_t gfp)
1543{
1544 int flags;
1545
1546
1547
1548
1549 flags = (PF_INET6 == asoc->base.sk->sk_family) ? SCTP_ADDR6_ALLOWED : 0;
1550 if (asoc->peer.ipv4_address)
1551 flags |= SCTP_ADDR4_PEERSUPP;
1552 if (asoc->peer.ipv6_address)
1553 flags |= SCTP_ADDR6_PEERSUPP;
1554
1555 return sctp_bind_addr_copy(sock_net(asoc->base.sk),
1556 &asoc->base.bind_addr,
1557 &asoc->ep->base.bind_addr,
1558 scope, gfp, flags);
1559}
1560
1561
1562int sctp_assoc_set_bind_addr_from_cookie(struct sctp_association *asoc,
1563 struct sctp_cookie *cookie,
1564 gfp_t gfp)
1565{
1566 int var_size2 = ntohs(cookie->peer_init->chunk_hdr.length);
1567 int var_size3 = cookie->raw_addr_list_len;
1568 __u8 *raw = (__u8 *)cookie->peer_init + var_size2;
1569
1570 return sctp_raw_to_bind_addrs(&asoc->base.bind_addr, raw, var_size3,
1571 asoc->ep->base.bind_addr.port, gfp);
1572}
1573
1574
1575int sctp_assoc_lookup_laddr(struct sctp_association *asoc,
1576 const union sctp_addr *laddr)
1577{
1578 int found = 0;
1579
1580 if ((asoc->base.bind_addr.port == ntohs(laddr->v4.sin_port)) &&
1581 sctp_bind_addr_match(&asoc->base.bind_addr, laddr,
1582 sctp_sk(asoc->base.sk)))
1583 found = 1;
1584
1585 return found;
1586}
1587
1588
1589int sctp_assoc_set_id(struct sctp_association *asoc, gfp_t gfp)
1590{
1591 bool preload = !!(gfp & __GFP_WAIT);
1592 int ret;
1593
1594
1595 if (asoc->assoc_id)
1596 return 0;
1597
1598 if (preload)
1599 idr_preload(gfp);
1600 spin_lock_bh(&sctp_assocs_id_lock);
1601
1602 ret = idr_alloc_cyclic(&sctp_assocs_id, asoc, 1, 0, GFP_NOWAIT);
1603 spin_unlock_bh(&sctp_assocs_id_lock);
1604 if (preload)
1605 idr_preload_end();
1606 if (ret < 0)
1607 return ret;
1608
1609 asoc->assoc_id = (sctp_assoc_t)ret;
1610 return 0;
1611}
1612
1613
1614static void sctp_assoc_free_asconf_queue(struct sctp_association *asoc)
1615{
1616 struct sctp_chunk *asconf;
1617 struct sctp_chunk *tmp;
1618
1619 list_for_each_entry_safe(asconf, tmp, &asoc->addip_chunk_list, list) {
1620 list_del_init(&asconf->list);
1621 sctp_chunk_free(asconf);
1622 }
1623}
1624
1625
1626static void sctp_assoc_free_asconf_acks(struct sctp_association *asoc)
1627{
1628 struct sctp_chunk *ack;
1629 struct sctp_chunk *tmp;
1630
1631 list_for_each_entry_safe(ack, tmp, &asoc->asconf_ack_list,
1632 transmitted_list) {
1633 list_del_init(&ack->transmitted_list);
1634 sctp_chunk_free(ack);
1635 }
1636}
1637
1638
1639void sctp_assoc_clean_asconf_ack_cache(const struct sctp_association *asoc)
1640{
1641 struct sctp_chunk *ack;
1642 struct sctp_chunk *tmp;
1643
1644
1645
1646
1647 list_for_each_entry_safe(ack, tmp, &asoc->asconf_ack_list,
1648 transmitted_list) {
1649 if (ack->subh.addip_hdr->serial ==
1650 htonl(asoc->peer.addip_serial))
1651 break;
1652
1653 list_del_init(&ack->transmitted_list);
1654 sctp_chunk_free(ack);
1655 }
1656}
1657
1658
1659struct sctp_chunk *sctp_assoc_lookup_asconf_ack(
1660 const struct sctp_association *asoc,
1661 __be32 serial)
1662{
1663 struct sctp_chunk *ack;
1664
1665
1666
1667
1668 list_for_each_entry(ack, &asoc->asconf_ack_list, transmitted_list) {
1669 if (sctp_chunk_pending(ack))
1670 continue;
1671 if (ack->subh.addip_hdr->serial == serial) {
1672 sctp_chunk_hold(ack);
1673 return ack;
1674 }
1675 }
1676
1677 return NULL;
1678}
1679
1680void sctp_asconf_queue_teardown(struct sctp_association *asoc)
1681{
1682
1683 sctp_assoc_free_asconf_acks(asoc);
1684
1685
1686 sctp_assoc_free_asconf_queue(asoc);
1687
1688
1689 if (asoc->addip_last_asconf)
1690 sctp_chunk_free(asoc->addip_last_asconf);
1691}
1692