1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
34
35#include <linux/types.h>
36#include <linux/kernel.h>
37#include <linux/net.h>
38#include <linux/inet.h>
39#include <linux/skbuff.h>
40#include <linux/slab.h>
41#include <net/sock.h>
42#include <net/sctp/sctp.h>
43#include <net/sctp/sm.h>
44
45
46
47
48
49
50static void sctp_datamsg_init(struct sctp_datamsg *msg)
51{
52 atomic_set(&msg->refcnt, 1);
53 msg->send_failed = 0;
54 msg->send_error = 0;
55 msg->can_abandon = 0;
56 msg->can_delay = 1;
57 msg->expires_at = 0;
58 INIT_LIST_HEAD(&msg->chunks);
59}
60
61
62static struct sctp_datamsg *sctp_datamsg_new(gfp_t gfp)
63{
64 struct sctp_datamsg *msg;
65 msg = kmalloc(sizeof(struct sctp_datamsg), gfp);
66 if (msg) {
67 sctp_datamsg_init(msg);
68 SCTP_DBG_OBJCNT_INC(datamsg);
69 }
70 return msg;
71}
72
73
74static void sctp_datamsg_destroy(struct sctp_datamsg *msg)
75{
76 struct list_head *pos, *temp;
77 struct sctp_chunk *chunk;
78 struct sctp_sock *sp;
79 struct sctp_ulpevent *ev;
80 struct sctp_association *asoc = NULL;
81 int error = 0, notify;
82
83
84 notify = msg->send_failed ? -1 : 0;
85
86
87 list_for_each_safe(pos, temp, &msg->chunks) {
88 list_del_init(pos);
89 chunk = list_entry(pos, struct sctp_chunk, frag_list);
90
91 if (notify < 0) {
92 asoc = chunk->asoc;
93 if (msg->send_error)
94 error = msg->send_error;
95 else
96 error = asoc->outqueue.error;
97
98 sp = sctp_sk(asoc->base.sk);
99 notify = sctp_ulpevent_type_enabled(SCTP_SEND_FAILED,
100 &sp->subscribe);
101 }
102
103
104 if (notify > 0) {
105 int sent;
106 if (chunk->has_tsn)
107 sent = SCTP_DATA_SENT;
108 else
109 sent = SCTP_DATA_UNSENT;
110
111 ev = sctp_ulpevent_make_send_failed(asoc, chunk, sent,
112 error, GFP_ATOMIC);
113 if (ev)
114 sctp_ulpq_tail_event(&asoc->ulpq, ev);
115 }
116
117 sctp_chunk_put(chunk);
118 }
119
120 SCTP_DBG_OBJCNT_DEC(datamsg);
121 kfree(msg);
122}
123
124
125static void sctp_datamsg_hold(struct sctp_datamsg *msg)
126{
127 atomic_inc(&msg->refcnt);
128}
129
130
131void sctp_datamsg_put(struct sctp_datamsg *msg)
132{
133 if (atomic_dec_and_test(&msg->refcnt))
134 sctp_datamsg_destroy(msg);
135}
136
137
138static void sctp_datamsg_assign(struct sctp_datamsg *msg, struct sctp_chunk *chunk)
139{
140 sctp_datamsg_hold(msg);
141 chunk->msg = msg;
142}
143
144
145
146
147
148
149
150
151
152struct sctp_datamsg *sctp_datamsg_from_user(struct sctp_association *asoc,
153 struct sctp_sndrcvinfo *sinfo,
154 struct iov_iter *from)
155{
156 int max, whole, i, offset, over, err;
157 int len, first_len;
158 int max_data;
159 struct sctp_chunk *chunk;
160 struct sctp_datamsg *msg;
161 struct list_head *pos, *temp;
162 size_t msg_len = iov_iter_count(from);
163 __u8 frag;
164
165 msg = sctp_datamsg_new(GFP_KERNEL);
166 if (!msg)
167 return ERR_PTR(-ENOMEM);
168
169
170
171
172 if (sinfo->sinfo_timetolive) {
173
174 msg->expires_at = jiffies +
175 msecs_to_jiffies(sinfo->sinfo_timetolive);
176 msg->can_abandon = 1;
177
178 pr_debug("%s: msg:%p expires_at:%ld jiffies:%ld\n", __func__,
179 msg, msg->expires_at, jiffies);
180 }
181
182 if (asoc->peer.prsctp_capable &&
183 SCTP_PR_TTL_ENABLED(sinfo->sinfo_flags))
184 msg->expires_at =
185 jiffies + msecs_to_jiffies(sinfo->sinfo_timetolive);
186
187
188
189
190 max_data = (asoc->pathmtu -
191 sctp_sk(asoc->base.sk)->pf->af->net_header_len -
192 sizeof(struct sctphdr) - sizeof(struct sctp_data_chunk)) & ~3;
193
194 max = asoc->frag_point;
195
196
197
198
199 if (sctp_auth_send_cid(SCTP_CID_DATA, asoc)) {
200 struct sctp_hmac *hmac_desc = sctp_auth_asoc_get_hmac(asoc);
201
202 if (hmac_desc)
203 max_data -= WORD_ROUND(sizeof(sctp_auth_chunk_t) +
204 hmac_desc->hmac_len);
205 }
206
207
208 if (max > max_data)
209 max = max_data;
210
211 whole = 0;
212 first_len = max;
213
214
215
216
217
218
219
220 if (timer_pending(&asoc->timers[SCTP_EVENT_TIMEOUT_SACK]) &&
221 asoc->outqueue.out_qlen == 0 &&
222 list_empty(&asoc->outqueue.retransmit) &&
223 msg_len > max)
224 max_data -= WORD_ROUND(sizeof(sctp_sack_chunk_t));
225
226
227 if (asoc->state < SCTP_STATE_COOKIE_ECHOED)
228 max_data -= SCTP_ARBITRARY_COOKIE_ECHO_LEN;
229
230
231 if (first_len > max_data)
232 first_len = max_data;
233
234
235 if (msg_len >= first_len) {
236 msg_len -= first_len;
237 whole = 1;
238 msg->can_delay = 0;
239 }
240
241
242 whole += msg_len / max;
243 over = msg_len % max;
244 offset = 0;
245
246 if ((whole > 1) || (whole && over))
247 SCTP_INC_STATS(sock_net(asoc->base.sk), SCTP_MIB_FRAGUSRMSGS);
248
249
250 for (i = 0, len = first_len; i < whole; i++) {
251 frag = SCTP_DATA_MIDDLE_FRAG;
252
253 if (0 == i)
254 frag |= SCTP_DATA_FIRST_FRAG;
255
256 if ((i == (whole - 1)) && !over) {
257 frag |= SCTP_DATA_LAST_FRAG;
258
259
260
261
262
263 if ((sinfo->sinfo_flags & SCTP_EOF) ||
264 (sinfo->sinfo_flags & SCTP_SACK_IMMEDIATELY))
265 frag |= SCTP_DATA_SACK_IMM;
266 }
267
268 chunk = sctp_make_datafrag_empty(asoc, sinfo, len, frag,
269 0, GFP_KERNEL);
270
271 if (!chunk) {
272 err = -ENOMEM;
273 goto errout;
274 }
275
276 err = sctp_user_addto_chunk(chunk, len, from);
277 if (err < 0)
278 goto errout_chunk_free;
279
280
281 __skb_pull(chunk->skb, (__u8 *)chunk->chunk_hdr
282 - (__u8 *)chunk->skb->data);
283
284 sctp_datamsg_assign(msg, chunk);
285 list_add_tail(&chunk->frag_list, &msg->chunks);
286
287
288
289
290 if (0 == i)
291 len = max;
292 }
293
294
295 if (over) {
296 if (!whole)
297 frag = SCTP_DATA_NOT_FRAG;
298 else
299 frag = SCTP_DATA_LAST_FRAG;
300
301 if ((sinfo->sinfo_flags & SCTP_EOF) ||
302 (sinfo->sinfo_flags & SCTP_SACK_IMMEDIATELY))
303 frag |= SCTP_DATA_SACK_IMM;
304
305 chunk = sctp_make_datafrag_empty(asoc, sinfo, over, frag,
306 0, GFP_KERNEL);
307
308 if (!chunk) {
309 err = -ENOMEM;
310 goto errout;
311 }
312
313 err = sctp_user_addto_chunk(chunk, over, from);
314
315
316 __skb_pull(chunk->skb, (__u8 *)chunk->chunk_hdr
317 - (__u8 *)chunk->skb->data);
318 if (err < 0)
319 goto errout_chunk_free;
320
321 sctp_datamsg_assign(msg, chunk);
322 list_add_tail(&chunk->frag_list, &msg->chunks);
323 }
324
325 return msg;
326
327errout_chunk_free:
328 sctp_chunk_free(chunk);
329
330errout:
331 list_for_each_safe(pos, temp, &msg->chunks) {
332 list_del_init(pos);
333 chunk = list_entry(pos, struct sctp_chunk, frag_list);
334 sctp_chunk_free(chunk);
335 }
336 sctp_datamsg_put(msg);
337 return ERR_PTR(err);
338}
339
340
341int sctp_chunk_abandoned(struct sctp_chunk *chunk)
342{
343 if (!chunk->asoc->peer.prsctp_capable ||
344 !SCTP_PR_POLICY(chunk->sinfo.sinfo_flags)) {
345 struct sctp_datamsg *msg = chunk->msg;
346
347 if (!msg->can_abandon)
348 return 0;
349
350 if (time_after(jiffies, msg->expires_at))
351 return 1;
352
353 return 0;
354 }
355
356 if (SCTP_PR_TTL_ENABLED(chunk->sinfo.sinfo_flags) &&
357 time_after(jiffies, chunk->msg->expires_at)) {
358 if (chunk->sent_count)
359 chunk->asoc->abandoned_sent[SCTP_PR_INDEX(TTL)]++;
360 else
361 chunk->asoc->abandoned_unsent[SCTP_PR_INDEX(TTL)]++;
362 return 1;
363 } else if (SCTP_PR_RTX_ENABLED(chunk->sinfo.sinfo_flags) &&
364 chunk->sent_count > chunk->sinfo.sinfo_timetolive) {
365 chunk->asoc->abandoned_sent[SCTP_PR_INDEX(RTX)]++;
366 return 1;
367 }
368
369
370 return 0;
371}
372
373
374void sctp_chunk_fail(struct sctp_chunk *chunk, int error)
375{
376 chunk->msg->send_failed = 1;
377 chunk->msg->send_error = error;
378}
379