1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
30
31#include <linux/types.h>
32#include <linux/fcntl.h>
33#include <linux/poll.h>
34#include <linux/init.h>
35
36#include <linux/slab.h>
37#include <linux/in.h>
38#include <net/ipv6.h>
39#include <net/sctp/sctp.h>
40#include <net/sctp/sm.h>
41
42
43static void sctp_select_active_and_retran_path(struct sctp_association *asoc);
44static void sctp_assoc_bh_rcv(struct work_struct *work);
45static void sctp_assoc_free_asconf_acks(struct sctp_association *asoc);
46static void sctp_assoc_free_asconf_queue(struct sctp_association *asoc);
47
48
49
50
51static struct sctp_association *sctp_association_init(
52 struct sctp_association *asoc,
53 const struct sctp_endpoint *ep,
54 const struct sock *sk,
55 enum sctp_scope scope, gfp_t gfp)
56{
57 struct net *net = sock_net(sk);
58 struct sctp_sock *sp;
59 struct sctp_paramhdr *p;
60 int i;
61
62
63 sp = sctp_sk((struct sock *)sk);
64
65
66 asoc->ep = (struct sctp_endpoint *)ep;
67 asoc->base.sk = (struct sock *)sk;
68
69 sctp_endpoint_hold(asoc->ep);
70 sock_hold(asoc->base.sk);
71
72
73 asoc->base.type = SCTP_EP_TYPE_ASSOCIATION;
74
75
76 refcount_set(&asoc->base.refcnt, 1);
77
78
79 sctp_bind_addr_init(&asoc->base.bind_addr, ep->base.bind_addr.port);
80
81 asoc->state = SCTP_STATE_CLOSED;
82 asoc->cookie_life = ms_to_ktime(sp->assocparams.sasoc_cookie_life);
83 asoc->user_frag = sp->user_frag;
84
85
86
87
88 asoc->max_retrans = sp->assocparams.sasoc_asocmaxrxt;
89 asoc->pf_retrans = sp->pf_retrans;
90
91 asoc->rto_initial = msecs_to_jiffies(sp->rtoinfo.srto_initial);
92 asoc->rto_max = msecs_to_jiffies(sp->rtoinfo.srto_max);
93 asoc->rto_min = msecs_to_jiffies(sp->rtoinfo.srto_min);
94
95
96
97
98 asoc->hbinterval = msecs_to_jiffies(sp->hbinterval);
99
100
101 asoc->pathmaxrxt = sp->pathmaxrxt;
102
103 asoc->flowlabel = sp->flowlabel;
104 asoc->dscp = sp->dscp;
105
106
107 asoc->sackdelay = msecs_to_jiffies(sp->sackdelay);
108 asoc->sackfreq = sp->sackfreq;
109
110
111
112
113 asoc->param_flags = sp->param_flags;
114
115
116
117
118 asoc->max_burst = sp->max_burst;
119
120 asoc->subscribe = sp->subscribe;
121
122
123 asoc->timeouts[SCTP_EVENT_TIMEOUT_T1_COOKIE] = asoc->rto_initial;
124 asoc->timeouts[SCTP_EVENT_TIMEOUT_T1_INIT] = asoc->rto_initial;
125 asoc->timeouts[SCTP_EVENT_TIMEOUT_T2_SHUTDOWN] = asoc->rto_initial;
126
127
128
129
130
131 asoc->timeouts[SCTP_EVENT_TIMEOUT_T5_SHUTDOWN_GUARD]
132 = 5 * asoc->rto_max;
133
134 asoc->timeouts[SCTP_EVENT_TIMEOUT_SACK] = asoc->sackdelay;
135 asoc->timeouts[SCTP_EVENT_TIMEOUT_AUTOCLOSE] = sp->autoclose * HZ;
136
137
138 for (i = SCTP_EVENT_TIMEOUT_NONE; i < SCTP_NUM_TIMEOUT_TYPES; ++i)
139 timer_setup(&asoc->timers[i], sctp_timer_events[i], 0);
140
141
142
143
144
145 asoc->c.sinit_max_instreams = sp->initmsg.sinit_max_instreams;
146 asoc->c.sinit_num_ostreams = sp->initmsg.sinit_num_ostreams;
147 asoc->max_init_attempts = sp->initmsg.sinit_max_attempts;
148
149 asoc->max_init_timeo =
150 msecs_to_jiffies(sp->initmsg.sinit_max_init_timeo);
151
152
153
154
155
156
157 if ((sk->sk_rcvbuf/2) < SCTP_DEFAULT_MINWINDOW)
158 asoc->rwnd = SCTP_DEFAULT_MINWINDOW;
159 else
160 asoc->rwnd = sk->sk_rcvbuf/2;
161
162 asoc->a_rwnd = asoc->rwnd;
163
164
165 asoc->peer.rwnd = SCTP_DEFAULT_MAXWINDOW;
166
167
168 atomic_set(&asoc->rmem_alloc, 0);
169
170 init_waitqueue_head(&asoc->wait);
171
172 asoc->c.my_vtag = sctp_generate_tag(ep);
173 asoc->c.my_port = ep->base.bind_addr.port;
174
175 asoc->c.initial_tsn = sctp_generate_tsn(ep);
176
177 asoc->next_tsn = asoc->c.initial_tsn;
178
179 asoc->ctsn_ack_point = asoc->next_tsn - 1;
180 asoc->adv_peer_ack_point = asoc->ctsn_ack_point;
181 asoc->highest_sacked = asoc->ctsn_ack_point;
182 asoc->last_cwr_tsn = asoc->ctsn_ack_point;
183
184
185
186
187
188
189
190
191
192
193
194 asoc->addip_serial = asoc->c.initial_tsn;
195 asoc->strreset_outseq = asoc->c.initial_tsn;
196
197 INIT_LIST_HEAD(&asoc->addip_chunk_list);
198 INIT_LIST_HEAD(&asoc->asconf_ack_list);
199
200
201 INIT_LIST_HEAD(&asoc->peer.transport_addr_list);
202
203
204
205
206
207
208
209
210
211
212
213
214 asoc->peer.sack_needed = 1;
215 asoc->peer.sack_generation = 1;
216
217
218
219
220
221
222 if (net->sctp.addip_noauth)
223 asoc->peer.asconf_capable = 1;
224
225
226 sctp_inq_init(&asoc->base.inqueue);
227 sctp_inq_set_th_handler(&asoc->base.inqueue, sctp_assoc_bh_rcv);
228
229
230 sctp_outq_init(asoc, &asoc->outqueue);
231
232 if (!sctp_ulpq_init(&asoc->ulpq, asoc))
233 goto fail_init;
234
235 if (sctp_stream_init(&asoc->stream, asoc->c.sinit_num_ostreams,
236 0, gfp))
237 goto fail_init;
238
239
240 asoc->pathmtu = sp->pathmtu;
241 sctp_assoc_update_frag_point(asoc);
242
243
244
245
246 asoc->peer.ipv4_address = 1;
247 if (asoc->base.sk->sk_family == PF_INET6)
248 asoc->peer.ipv6_address = 1;
249 INIT_LIST_HEAD(&asoc->asocs);
250
251 asoc->default_stream = sp->default_stream;
252 asoc->default_ppid = sp->default_ppid;
253 asoc->default_flags = sp->default_flags;
254 asoc->default_context = sp->default_context;
255 asoc->default_timetolive = sp->default_timetolive;
256 asoc->default_rcv_context = sp->default_rcv_context;
257
258
259 INIT_LIST_HEAD(&asoc->endpoint_shared_keys);
260 if (sctp_auth_asoc_copy_shkeys(ep, asoc, gfp))
261 goto stream_free;
262
263 asoc->active_key_id = ep->active_key_id;
264 asoc->strreset_enable = ep->strreset_enable;
265
266
267 if (ep->auth_hmacs_list)
268 memcpy(asoc->c.auth_hmacs, ep->auth_hmacs_list,
269 ntohs(ep->auth_hmacs_list->param_hdr.length));
270 if (ep->auth_chunk_list)
271 memcpy(asoc->c.auth_chunks, ep->auth_chunk_list,
272 ntohs(ep->auth_chunk_list->param_hdr.length));
273
274
275 p = (struct sctp_paramhdr *)asoc->c.auth_random;
276 p->type = SCTP_PARAM_RANDOM;
277 p->length = htons(sizeof(*p) + SCTP_AUTH_RANDOM_LENGTH);
278 get_random_bytes(p+1, SCTP_AUTH_RANDOM_LENGTH);
279
280 return asoc;
281
282stream_free:
283 sctp_stream_free(&asoc->stream);
284fail_init:
285 sock_put(asoc->base.sk);
286 sctp_endpoint_put(asoc->ep);
287 return NULL;
288}
289
290
291struct sctp_association *sctp_association_new(const struct sctp_endpoint *ep,
292 const struct sock *sk,
293 enum sctp_scope scope, gfp_t gfp)
294{
295 struct sctp_association *asoc;
296
297 asoc = kzalloc(sizeof(*asoc), gfp);
298 if (!asoc)
299 goto fail;
300
301 if (!sctp_association_init(asoc, ep, sk, scope, gfp))
302 goto fail_init;
303
304 SCTP_DBG_OBJCNT_INC(assoc);
305
306 pr_debug("Created asoc %p\n", asoc);
307
308 return asoc;
309
310fail_init:
311 kfree(asoc);
312fail:
313 return NULL;
314}
315
316
317
318
319void sctp_association_free(struct sctp_association *asoc)
320{
321 struct sock *sk = asoc->base.sk;
322 struct sctp_transport *transport;
323 struct list_head *pos, *temp;
324 int i;
325
326
327
328
329 if (!list_empty(&asoc->asocs)) {
330 list_del(&asoc->asocs);
331
332
333
334
335 if (sctp_style(sk, TCP) && sctp_sstate(sk, LISTENING))
336 sk->sk_ack_backlog--;
337 }
338
339
340
341
342 asoc->base.dead = true;
343
344
345 sctp_outq_free(&asoc->outqueue);
346
347
348 sctp_ulpq_free(&asoc->ulpq);
349
350
351 sctp_inq_free(&asoc->base.inqueue);
352
353 sctp_tsnmap_free(&asoc->peer.tsn_map);
354
355
356 sctp_stream_free(&asoc->stream);
357
358 if (asoc->strreset_chunk)
359 sctp_chunk_free(asoc->strreset_chunk);
360
361
362 sctp_bind_addr_free(&asoc->base.bind_addr);
363
364
365
366
367
368
369 for (i = SCTP_EVENT_TIMEOUT_NONE; i < SCTP_NUM_TIMEOUT_TYPES; ++i) {
370 if (del_timer(&asoc->timers[i]))
371 sctp_association_put(asoc);
372 }
373
374
375 kfree(asoc->peer.cookie);
376 kfree(asoc->peer.peer_random);
377 kfree(asoc->peer.peer_chunks);
378 kfree(asoc->peer.peer_hmacs);
379
380
381 list_for_each_safe(pos, temp, &asoc->peer.transport_addr_list) {
382 transport = list_entry(pos, struct sctp_transport, transports);
383 list_del_rcu(pos);
384 sctp_unhash_transport(transport);
385 sctp_transport_free(transport);
386 }
387
388 asoc->peer.transport_count = 0;
389
390 sctp_asconf_queue_teardown(asoc);
391
392
393 kfree(asoc->asconf_addr_del_pending);
394
395
396 sctp_auth_destroy_keys(&asoc->endpoint_shared_keys);
397
398
399 sctp_auth_key_put(asoc->asoc_shared_key);
400
401 sctp_association_put(asoc);
402}
403
404
405static void sctp_association_destroy(struct sctp_association *asoc)
406{
407 if (unlikely(!asoc->base.dead)) {
408 WARN(1, "Attempt to destroy undead association %p!\n", asoc);
409 return;
410 }
411
412 sctp_endpoint_put(asoc->ep);
413 sock_put(asoc->base.sk);
414
415 if (asoc->assoc_id != 0) {
416 spin_lock_bh(&sctp_assocs_id_lock);
417 idr_remove(&sctp_assocs_id, asoc->assoc_id);
418 spin_unlock_bh(&sctp_assocs_id_lock);
419 }
420
421 WARN_ON(atomic_read(&asoc->rmem_alloc));
422
423 kfree_rcu(asoc, rcu);
424 SCTP_DBG_OBJCNT_DEC(assoc);
425}
426
427
428void sctp_assoc_set_primary(struct sctp_association *asoc,
429 struct sctp_transport *transport)
430{
431 int changeover = 0;
432
433
434
435
436 if (asoc->peer.primary_path != NULL &&
437 asoc->peer.primary_path != transport)
438 changeover = 1 ;
439
440 asoc->peer.primary_path = transport;
441
442
443 memcpy(&asoc->peer.primary_addr, &transport->ipaddr,
444 sizeof(union sctp_addr));
445
446
447
448
449 if ((transport->state == SCTP_ACTIVE) ||
450 (transport->state == SCTP_UNKNOWN))
451 asoc->peer.active_path = transport;
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467 if (!asoc->outqueue.outstanding_bytes && !asoc->outqueue.out_qlen)
468 return;
469
470 if (transport->cacc.changeover_active)
471 transport->cacc.cycling_changeover = changeover;
472
473
474
475
476 transport->cacc.changeover_active = changeover;
477
478
479
480
481 transport->cacc.next_tsn_at_change = asoc->next_tsn;
482}
483
484
485void sctp_assoc_rm_peer(struct sctp_association *asoc,
486 struct sctp_transport *peer)
487{
488 struct sctp_transport *transport;
489 struct list_head *pos;
490 struct sctp_chunk *ch;
491
492 pr_debug("%s: association:%p addr:%pISpc\n",
493 __func__, asoc, &peer->ipaddr.sa);
494
495
496
497
498 if (asoc->peer.retran_path == peer)
499 sctp_assoc_update_retran_path(asoc);
500
501
502 list_del_rcu(&peer->transports);
503
504 sctp_unhash_transport(peer);
505
506
507 pos = asoc->peer.transport_addr_list.next;
508 transport = list_entry(pos, struct sctp_transport, transports);
509
510
511 if (asoc->peer.primary_path == peer)
512 sctp_assoc_set_primary(asoc, transport);
513 if (asoc->peer.active_path == peer)
514 asoc->peer.active_path = transport;
515 if (asoc->peer.retran_path == peer)
516 asoc->peer.retran_path = transport;
517 if (asoc->peer.last_data_from == peer)
518 asoc->peer.last_data_from = transport;
519
520 if (asoc->strreset_chunk &&
521 asoc->strreset_chunk->transport == peer) {
522 asoc->strreset_chunk->transport = transport;
523 sctp_transport_reset_reconf_timer(transport);
524 }
525
526
527
528
529
530
531 if (asoc->init_last_sent_to == peer)
532 asoc->init_last_sent_to = NULL;
533
534
535
536
537
538
539 if (asoc->shutdown_last_sent_to == peer)
540 asoc->shutdown_last_sent_to = NULL;
541
542
543
544
545 if (asoc->addip_last_asconf &&
546 asoc->addip_last_asconf->transport == peer)
547 asoc->addip_last_asconf->transport = NULL;
548
549
550
551
552 if (!list_empty(&peer->transmitted)) {
553 struct sctp_transport *active = asoc->peer.active_path;
554
555
556 list_for_each_entry(ch, &peer->transmitted,
557 transmitted_list) {
558 ch->transport = NULL;
559 ch->rtt_in_progress = 0;
560 }
561
562 list_splice_tail_init(&peer->transmitted,
563 &active->transmitted);
564
565
566
567
568
569 if (!timer_pending(&active->T3_rtx_timer))
570 if (!mod_timer(&active->T3_rtx_timer,
571 jiffies + active->rto))
572 sctp_transport_hold(active);
573 }
574
575 list_for_each_entry(ch, &asoc->outqueue.out_chunk_list, list)
576 if (ch->transport == peer)
577 ch->transport = NULL;
578
579 asoc->peer.transport_count--;
580
581 sctp_transport_free(peer);
582}
583
584
585struct sctp_transport *sctp_assoc_add_peer(struct sctp_association *asoc,
586 const union sctp_addr *addr,
587 const gfp_t gfp,
588 const int peer_state)
589{
590 struct net *net = sock_net(asoc->base.sk);
591 struct sctp_transport *peer;
592 struct sctp_sock *sp;
593 unsigned short port;
594
595 sp = sctp_sk(asoc->base.sk);
596
597
598 port = ntohs(addr->v4.sin_port);
599
600 pr_debug("%s: association:%p addr:%pISpc state:%d\n", __func__,
601 asoc, &addr->sa, peer_state);
602
603
604 if (0 == asoc->peer.port)
605 asoc->peer.port = port;
606
607
608 peer = sctp_assoc_lookup_paddr(asoc, addr);
609 if (peer) {
610
611
612
613
614 if (peer->state == SCTP_UNKNOWN) {
615 peer->state = SCTP_ACTIVE;
616 }
617 return peer;
618 }
619
620 peer = sctp_transport_new(net, addr, gfp);
621 if (!peer)
622 return NULL;
623
624 sctp_transport_set_owner(peer, asoc);
625
626
627
628
629 peer->hbinterval = asoc->hbinterval;
630
631
632 peer->pathmaxrxt = asoc->pathmaxrxt;
633
634
635 peer->pf_retrans = asoc->pf_retrans;
636
637
638
639
640 peer->sackdelay = asoc->sackdelay;
641 peer->sackfreq = asoc->sackfreq;
642
643 if (addr->sa.sa_family == AF_INET6) {
644 __be32 info = addr->v6.sin6_flowinfo;
645
646 if (info) {
647 peer->flowlabel = ntohl(info & IPV6_FLOWLABEL_MASK);
648 peer->flowlabel |= SCTP_FLOWLABEL_SET_MASK;
649 } else {
650 peer->flowlabel = asoc->flowlabel;
651 }
652 }
653 peer->dscp = asoc->dscp;
654
655
656
657
658 peer->param_flags = asoc->param_flags;
659
660
661 sctp_transport_route(peer, NULL, sp);
662
663
664
665
666
667
668 sctp_assoc_set_pmtu(asoc, asoc->pathmtu ?
669 min_t(int, peer->pathmtu, asoc->pathmtu) :
670 peer->pathmtu);
671
672 peer->pmtu_pending = 0;
673
674
675
676
677 sctp_packet_init(&peer->packet, peer, asoc->base.bind_addr.port,
678 asoc->peer.port);
679
680
681
682
683
684
685
686
687
688
689
690 peer->cwnd = min(4*asoc->pathmtu, max_t(__u32, 2*asoc->pathmtu, 4380));
691
692
693
694
695
696 peer->ssthresh = SCTP_DEFAULT_MAXWINDOW;
697
698 peer->partial_bytes_acked = 0;
699 peer->flight_size = 0;
700 peer->burst_limited = 0;
701
702
703 peer->rto = asoc->rto_initial;
704 sctp_max_rto(asoc, peer);
705
706
707 peer->state = peer_state;
708
709
710 if (sctp_hash_transport(peer)) {
711 sctp_transport_free(peer);
712 return NULL;
713 }
714
715
716 list_add_tail_rcu(&peer->transports, &asoc->peer.transport_addr_list);
717 asoc->peer.transport_count++;
718
719
720 if (!asoc->peer.primary_path) {
721 sctp_assoc_set_primary(asoc, peer);
722 asoc->peer.retran_path = peer;
723 }
724
725 if (asoc->peer.active_path == asoc->peer.retran_path &&
726 peer->state != SCTP_UNCONFIRMED) {
727 asoc->peer.retran_path = peer;
728 }
729
730 return peer;
731}
732
733
734void sctp_assoc_del_peer(struct sctp_association *asoc,
735 const union sctp_addr *addr)
736{
737 struct list_head *pos;
738 struct list_head *temp;
739 struct sctp_transport *transport;
740
741 list_for_each_safe(pos, temp, &asoc->peer.transport_addr_list) {
742 transport = list_entry(pos, struct sctp_transport, transports);
743 if (sctp_cmp_addr_exact(addr, &transport->ipaddr)) {
744
745 sctp_assoc_rm_peer(asoc, transport);
746 break;
747 }
748 }
749}
750
751
752struct sctp_transport *sctp_assoc_lookup_paddr(
753 const struct sctp_association *asoc,
754 const union sctp_addr *address)
755{
756 struct sctp_transport *t;
757
758
759
760 list_for_each_entry(t, &asoc->peer.transport_addr_list,
761 transports) {
762 if (sctp_cmp_addr_exact(address, &t->ipaddr))
763 return t;
764 }
765
766 return NULL;
767}
768
769
770void sctp_assoc_del_nonprimary_peers(struct sctp_association *asoc,
771 struct sctp_transport *primary)
772{
773 struct sctp_transport *temp;
774 struct sctp_transport *t;
775
776 list_for_each_entry_safe(t, temp, &asoc->peer.transport_addr_list,
777 transports) {
778
779 if (t != primary)
780 sctp_assoc_rm_peer(asoc, t);
781 }
782}
783
784
785
786
787
788void sctp_assoc_control_transport(struct sctp_association *asoc,
789 struct sctp_transport *transport,
790 enum sctp_transport_cmd command,
791 sctp_sn_error_t error)
792{
793 struct sctp_ulpevent *event;
794 struct sockaddr_storage addr;
795 int spc_state = 0;
796 bool ulp_notify = true;
797
798
799 switch (command) {
800 case SCTP_TRANSPORT_UP:
801
802
803
804
805 if (SCTP_UNCONFIRMED == transport->state &&
806 SCTP_HEARTBEAT_SUCCESS == error)
807 spc_state = SCTP_ADDR_CONFIRMED;
808 else
809 spc_state = SCTP_ADDR_AVAILABLE;
810
811
812
813
814 if (transport->state == SCTP_PF) {
815 ulp_notify = false;
816 transport->cwnd = asoc->pathmtu;
817 }
818 transport->state = SCTP_ACTIVE;
819 break;
820
821 case SCTP_TRANSPORT_DOWN:
822
823
824
825
826 if (transport->state != SCTP_UNCONFIRMED)
827 transport->state = SCTP_INACTIVE;
828 else {
829 sctp_transport_dst_release(transport);
830 ulp_notify = false;
831 }
832
833 spc_state = SCTP_ADDR_UNREACHABLE;
834 break;
835
836 case SCTP_TRANSPORT_PF:
837 transport->state = SCTP_PF;
838 ulp_notify = false;
839 break;
840
841 default:
842 return;
843 }
844
845
846
847
848 if (ulp_notify) {
849 memset(&addr, 0, sizeof(struct sockaddr_storage));
850 memcpy(&addr, &transport->ipaddr,
851 transport->af_specific->sockaddr_len);
852
853 event = sctp_ulpevent_make_peer_addr_change(asoc, &addr,
854 0, spc_state, error, GFP_ATOMIC);
855 if (event)
856 asoc->stream.si->enqueue_event(&asoc->ulpq, event);
857 }
858
859
860 sctp_select_active_and_retran_path(asoc);
861}
862
863
864void sctp_association_hold(struct sctp_association *asoc)
865{
866 refcount_inc(&asoc->base.refcnt);
867}
868
869
870
871
872void sctp_association_put(struct sctp_association *asoc)
873{
874 if (refcount_dec_and_test(&asoc->base.refcnt))
875 sctp_association_destroy(asoc);
876}
877
878
879
880
881__u32 sctp_association_get_next_tsn(struct sctp_association *asoc)
882{
883
884
885
886
887
888 __u32 retval = asoc->next_tsn;
889 asoc->next_tsn++;
890 asoc->unack_data++;
891
892 return retval;
893}
894
895
896
897
898int sctp_cmp_addr_exact(const union sctp_addr *ss1,
899 const union sctp_addr *ss2)
900{
901 struct sctp_af *af;
902
903 af = sctp_get_af_specific(ss1->sa.sa_family);
904 if (unlikely(!af))
905 return 0;
906
907 return af->cmp_addr(ss1, ss2);
908}
909
910
911
912
913
914struct sctp_chunk *sctp_get_ecne_prepend(struct sctp_association *asoc)
915{
916 if (!asoc->need_ecne)
917 return NULL;
918
919
920
921
922 return sctp_make_ecne(asoc, asoc->last_ecne_tsn);
923}
924
925
926
927
928struct sctp_transport *sctp_assoc_lookup_tsn(struct sctp_association *asoc,
929 __u32 tsn)
930{
931 struct sctp_transport *active;
932 struct sctp_transport *match;
933 struct sctp_transport *transport;
934 struct sctp_chunk *chunk;
935 __be32 key = htonl(tsn);
936
937 match = NULL;
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954 active = asoc->peer.active_path;
955
956 list_for_each_entry(chunk, &active->transmitted,
957 transmitted_list) {
958
959 if (key == chunk->subh.data_hdr->tsn) {
960 match = active;
961 goto out;
962 }
963 }
964
965
966 list_for_each_entry(transport, &asoc->peer.transport_addr_list,
967 transports) {
968
969 if (transport == active)
970 continue;
971 list_for_each_entry(chunk, &transport->transmitted,
972 transmitted_list) {
973 if (key == chunk->subh.data_hdr->tsn) {
974 match = transport;
975 goto out;
976 }
977 }
978 }
979out:
980 return match;
981}
982
983
984static void sctp_assoc_bh_rcv(struct work_struct *work)
985{
986 struct sctp_association *asoc =
987 container_of(work, struct sctp_association,
988 base.inqueue.immediate);
989 struct net *net = sock_net(asoc->base.sk);
990 union sctp_subtype subtype;
991 struct sctp_endpoint *ep;
992 struct sctp_chunk *chunk;
993 struct sctp_inq *inqueue;
994 int first_time = 1;
995 int error = 0;
996 int state;
997
998
999 ep = asoc->ep;
1000
1001 inqueue = &asoc->base.inqueue;
1002 sctp_association_hold(asoc);
1003 while (NULL != (chunk = sctp_inq_pop(inqueue))) {
1004 state = asoc->state;
1005 subtype = SCTP_ST_CHUNK(chunk->chunk_hdr->type);
1006
1007
1008
1009
1010 if (first_time && subtype.chunk == SCTP_CID_AUTH) {
1011 struct sctp_chunkhdr *next_hdr;
1012
1013 next_hdr = sctp_inq_peek(inqueue);
1014 if (!next_hdr)
1015 goto normal;
1016
1017
1018
1019
1020
1021
1022 if (next_hdr->type == SCTP_CID_COOKIE_ECHO) {
1023 chunk->auth_chunk = skb_clone(chunk->skb,
1024 GFP_ATOMIC);
1025 chunk->auth = 1;
1026 continue;
1027 }
1028 }
1029
1030normal:
1031
1032
1033
1034
1035
1036
1037
1038 if (sctp_auth_recv_cid(subtype.chunk, asoc) && !chunk->auth)
1039 continue;
1040
1041
1042
1043
1044 if (sctp_chunk_is_data(chunk))
1045 asoc->peer.last_data_from = chunk->transport;
1046 else {
1047 SCTP_INC_STATS(net, SCTP_MIB_INCTRLCHUNKS);
1048 asoc->stats.ictrlchunks++;
1049 if (chunk->chunk_hdr->type == SCTP_CID_SACK)
1050 asoc->stats.isacks++;
1051 }
1052
1053 if (chunk->transport)
1054 chunk->transport->last_time_heard = ktime_get();
1055
1056
1057 error = sctp_do_sm(net, SCTP_EVENT_T_CHUNK, subtype,
1058 state, ep, asoc, chunk, GFP_ATOMIC);
1059
1060
1061
1062
1063 if (asoc->base.dead)
1064 break;
1065
1066
1067 if (error && chunk)
1068 chunk->pdiscard = 1;
1069
1070 if (first_time)
1071 first_time = 0;
1072 }
1073 sctp_association_put(asoc);
1074}
1075
1076
1077void sctp_assoc_migrate(struct sctp_association *assoc, struct sock *newsk)
1078{
1079 struct sctp_sock *newsp = sctp_sk(newsk);
1080 struct sock *oldsk = assoc->base.sk;
1081
1082
1083
1084
1085 list_del_init(&assoc->asocs);
1086
1087
1088 if (sctp_style(oldsk, TCP))
1089 oldsk->sk_ack_backlog--;
1090
1091
1092 sctp_endpoint_put(assoc->ep);
1093 sock_put(assoc->base.sk);
1094
1095
1096 assoc->ep = newsp->ep;
1097 sctp_endpoint_hold(assoc->ep);
1098
1099
1100 assoc->base.sk = newsk;
1101 sock_hold(assoc->base.sk);
1102
1103
1104 sctp_endpoint_add_asoc(newsp->ep, assoc);
1105}
1106
1107
1108int sctp_assoc_update(struct sctp_association *asoc,
1109 struct sctp_association *new)
1110{
1111 struct sctp_transport *trans;
1112 struct list_head *pos, *temp;
1113
1114
1115 asoc->c = new->c;
1116 asoc->peer.rwnd = new->peer.rwnd;
1117 asoc->peer.sack_needed = new->peer.sack_needed;
1118 asoc->peer.auth_capable = new->peer.auth_capable;
1119 asoc->peer.i = new->peer.i;
1120
1121 if (!sctp_tsnmap_init(&asoc->peer.tsn_map, SCTP_TSN_MAP_INITIAL,
1122 asoc->peer.i.initial_tsn, GFP_ATOMIC))
1123 return -ENOMEM;
1124
1125
1126 list_for_each_safe(pos, temp, &asoc->peer.transport_addr_list) {
1127 trans = list_entry(pos, struct sctp_transport, transports);
1128 if (!sctp_assoc_lookup_paddr(new, &trans->ipaddr)) {
1129 sctp_assoc_rm_peer(asoc, trans);
1130 continue;
1131 }
1132
1133 if (asoc->state >= SCTP_STATE_ESTABLISHED)
1134 sctp_transport_reset(trans);
1135 }
1136
1137
1138
1139
1140
1141
1142 if (asoc->state >= SCTP_STATE_ESTABLISHED) {
1143 asoc->next_tsn = new->next_tsn;
1144 asoc->ctsn_ack_point = new->ctsn_ack_point;
1145 asoc->adv_peer_ack_point = new->adv_peer_ack_point;
1146
1147
1148
1149
1150 sctp_stream_clear(&asoc->stream);
1151
1152
1153
1154
1155
1156 sctp_ulpq_flush(&asoc->ulpq);
1157
1158
1159
1160
1161
1162 asoc->overall_error_count = 0;
1163
1164 } else {
1165
1166 list_for_each_entry(trans, &new->peer.transport_addr_list,
1167 transports)
1168 if (!sctp_assoc_lookup_paddr(asoc, &trans->ipaddr) &&
1169 !sctp_assoc_add_peer(asoc, &trans->ipaddr,
1170 GFP_ATOMIC, trans->state))
1171 return -ENOMEM;
1172
1173 asoc->ctsn_ack_point = asoc->next_tsn - 1;
1174 asoc->adv_peer_ack_point = asoc->ctsn_ack_point;
1175
1176 if (sctp_state(asoc, COOKIE_WAIT))
1177 sctp_stream_update(&asoc->stream, &new->stream);
1178
1179
1180 if (sctp_assoc_set_id(asoc, GFP_ATOMIC))
1181 return -ENOMEM;
1182 }
1183
1184
1185
1186
1187 kfree(asoc->peer.peer_random);
1188 asoc->peer.peer_random = new->peer.peer_random;
1189 new->peer.peer_random = NULL;
1190
1191 kfree(asoc->peer.peer_chunks);
1192 asoc->peer.peer_chunks = new->peer.peer_chunks;
1193 new->peer.peer_chunks = NULL;
1194
1195 kfree(asoc->peer.peer_hmacs);
1196 asoc->peer.peer_hmacs = new->peer.peer_hmacs;
1197 new->peer.peer_hmacs = NULL;
1198
1199 return sctp_auth_asoc_init_active_key(asoc, GFP_ATOMIC);
1200}
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230static u8 sctp_trans_score(const struct sctp_transport *trans)
1231{
1232 switch (trans->state) {
1233 case SCTP_ACTIVE:
1234 return 3;
1235 case SCTP_UNKNOWN:
1236 return 2;
1237 case SCTP_PF:
1238 return 1;
1239 default:
1240 return 0;
1241 }
1242}
1243
1244static struct sctp_transport *sctp_trans_elect_tie(struct sctp_transport *trans1,
1245 struct sctp_transport *trans2)
1246{
1247 if (trans1->error_count > trans2->error_count) {
1248 return trans2;
1249 } else if (trans1->error_count == trans2->error_count &&
1250 ktime_after(trans2->last_time_heard,
1251 trans1->last_time_heard)) {
1252 return trans2;
1253 } else {
1254 return trans1;
1255 }
1256}
1257
1258static struct sctp_transport *sctp_trans_elect_best(struct sctp_transport *curr,
1259 struct sctp_transport *best)
1260{
1261 u8 score_curr, score_best;
1262
1263 if (best == NULL || curr == best)
1264 return curr;
1265
1266 score_curr = sctp_trans_score(curr);
1267 score_best = sctp_trans_score(best);
1268
1269
1270
1271
1272
1273 if (score_curr > score_best)
1274 return curr;
1275 else if (score_curr == score_best)
1276 return sctp_trans_elect_tie(best, curr);
1277 else
1278 return best;
1279}
1280
1281void sctp_assoc_update_retran_path(struct sctp_association *asoc)
1282{
1283 struct sctp_transport *trans = asoc->peer.retran_path;
1284 struct sctp_transport *trans_next = NULL;
1285
1286
1287 if (asoc->peer.transport_count == 1)
1288 return;
1289
1290
1291
1292 if (asoc->peer.active_path == asoc->peer.retran_path &&
1293 asoc->peer.active_path->state == SCTP_ACTIVE)
1294 return;
1295
1296
1297 for (trans = list_next_entry(trans, transports); 1;
1298 trans = list_next_entry(trans, transports)) {
1299
1300 if (&trans->transports == &asoc->peer.transport_addr_list)
1301 continue;
1302 if (trans->state == SCTP_UNCONFIRMED)
1303 continue;
1304 trans_next = sctp_trans_elect_best(trans, trans_next);
1305
1306 if (trans_next->state == SCTP_ACTIVE)
1307 break;
1308
1309 if (trans == asoc->peer.retran_path)
1310 break;
1311 }
1312
1313 asoc->peer.retran_path = trans_next;
1314
1315 pr_debug("%s: association:%p updated new path to addr:%pISpc\n",
1316 __func__, asoc, &asoc->peer.retran_path->ipaddr.sa);
1317}
1318
1319static void sctp_select_active_and_retran_path(struct sctp_association *asoc)
1320{
1321 struct sctp_transport *trans, *trans_pri = NULL, *trans_sec = NULL;
1322 struct sctp_transport *trans_pf = NULL;
1323
1324
1325 list_for_each_entry(trans, &asoc->peer.transport_addr_list,
1326 transports) {
1327
1328 if (trans->state == SCTP_INACTIVE ||
1329 trans->state == SCTP_UNCONFIRMED)
1330 continue;
1331
1332
1333
1334 if (trans->state == SCTP_PF) {
1335 trans_pf = sctp_trans_elect_best(trans, trans_pf);
1336 continue;
1337 }
1338
1339 if (trans_pri == NULL ||
1340 ktime_after(trans->last_time_heard,
1341 trans_pri->last_time_heard)) {
1342 trans_sec = trans_pri;
1343 trans_pri = trans;
1344 } else if (trans_sec == NULL ||
1345 ktime_after(trans->last_time_heard,
1346 trans_sec->last_time_heard)) {
1347 trans_sec = trans;
1348 }
1349 }
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359 if ((asoc->peer.primary_path->state == SCTP_ACTIVE ||
1360 asoc->peer.primary_path->state == SCTP_UNKNOWN) &&
1361 asoc->peer.primary_path != trans_pri) {
1362 trans_sec = trans_pri;
1363 trans_pri = asoc->peer.primary_path;
1364 }
1365
1366
1367
1368
1369
1370 if (trans_sec == NULL)
1371 trans_sec = trans_pri;
1372
1373
1374
1375
1376 if (trans_pri == NULL) {
1377 trans_pri = sctp_trans_elect_best(asoc->peer.active_path, trans_pf);
1378 trans_sec = trans_pri;
1379 }
1380
1381
1382 asoc->peer.active_path = trans_pri;
1383 asoc->peer.retran_path = trans_sec;
1384}
1385
1386struct sctp_transport *
1387sctp_assoc_choose_alter_transport(struct sctp_association *asoc,
1388 struct sctp_transport *last_sent_to)
1389{
1390
1391
1392
1393
1394 if (last_sent_to == NULL) {
1395 return asoc->peer.active_path;
1396 } else {
1397 if (last_sent_to == asoc->peer.retran_path)
1398 sctp_assoc_update_retran_path(asoc);
1399
1400 return asoc->peer.retran_path;
1401 }
1402}
1403
1404void sctp_assoc_update_frag_point(struct sctp_association *asoc)
1405{
1406 int frag = sctp_mtu_payload(sctp_sk(asoc->base.sk), asoc->pathmtu,
1407 sctp_datachk_len(&asoc->stream));
1408
1409 if (asoc->user_frag)
1410 frag = min_t(int, frag, asoc->user_frag);
1411
1412 frag = min_t(int, frag, SCTP_MAX_CHUNK_LEN -
1413 sctp_datachk_len(&asoc->stream));
1414
1415 asoc->frag_point = SCTP_TRUNC4(frag);
1416}
1417
1418void sctp_assoc_set_pmtu(struct sctp_association *asoc, __u32 pmtu)
1419{
1420 if (asoc->pathmtu != pmtu) {
1421 asoc->pathmtu = pmtu;
1422 sctp_assoc_update_frag_point(asoc);
1423 }
1424
1425 pr_debug("%s: asoc:%p, pmtu:%d, frag_point:%d\n", __func__, asoc,
1426 asoc->pathmtu, asoc->frag_point);
1427}
1428
1429
1430
1431
1432void sctp_assoc_sync_pmtu(struct sctp_association *asoc)
1433{
1434 struct sctp_transport *t;
1435 __u32 pmtu = 0;
1436
1437 if (!asoc)
1438 return;
1439
1440
1441 list_for_each_entry(t, &asoc->peer.transport_addr_list, transports) {
1442 if (t->pmtu_pending && t->dst) {
1443 sctp_transport_update_pmtu(t,
1444 atomic_read(&t->mtu_info));
1445 t->pmtu_pending = 0;
1446 }
1447 if (!pmtu || (t->pathmtu < pmtu))
1448 pmtu = t->pathmtu;
1449 }
1450
1451 sctp_assoc_set_pmtu(asoc, pmtu);
1452}
1453
1454
1455static inline bool sctp_peer_needs_update(struct sctp_association *asoc)
1456{
1457 struct net *net = sock_net(asoc->base.sk);
1458 switch (asoc->state) {
1459 case SCTP_STATE_ESTABLISHED:
1460 case SCTP_STATE_SHUTDOWN_PENDING:
1461 case SCTP_STATE_SHUTDOWN_RECEIVED:
1462 case SCTP_STATE_SHUTDOWN_SENT:
1463 if ((asoc->rwnd > asoc->a_rwnd) &&
1464 ((asoc->rwnd - asoc->a_rwnd) >= max_t(__u32,
1465 (asoc->base.sk->sk_rcvbuf >> net->sctp.rwnd_upd_shift),
1466 asoc->pathmtu)))
1467 return true;
1468 break;
1469 default:
1470 break;
1471 }
1472 return false;
1473}
1474
1475
1476void sctp_assoc_rwnd_increase(struct sctp_association *asoc, unsigned int len)
1477{
1478 struct sctp_chunk *sack;
1479 struct timer_list *timer;
1480
1481 if (asoc->rwnd_over) {
1482 if (asoc->rwnd_over >= len) {
1483 asoc->rwnd_over -= len;
1484 } else {
1485 asoc->rwnd += (len - asoc->rwnd_over);
1486 asoc->rwnd_over = 0;
1487 }
1488 } else {
1489 asoc->rwnd += len;
1490 }
1491
1492
1493
1494
1495
1496
1497 if (asoc->rwnd_press) {
1498 int change = min(asoc->pathmtu, asoc->rwnd_press);
1499 asoc->rwnd += change;
1500 asoc->rwnd_press -= change;
1501 }
1502
1503 pr_debug("%s: asoc:%p rwnd increased by %d to (%u, %u) - %u\n",
1504 __func__, asoc, len, asoc->rwnd, asoc->rwnd_over,
1505 asoc->a_rwnd);
1506
1507
1508
1509
1510
1511
1512 if (sctp_peer_needs_update(asoc)) {
1513 asoc->a_rwnd = asoc->rwnd;
1514
1515 pr_debug("%s: sending window update SACK- asoc:%p rwnd:%u "
1516 "a_rwnd:%u\n", __func__, asoc, asoc->rwnd,
1517 asoc->a_rwnd);
1518
1519 sack = sctp_make_sack(asoc);
1520 if (!sack)
1521 return;
1522
1523 asoc->peer.sack_needed = 0;
1524
1525 sctp_outq_tail(&asoc->outqueue, sack, GFP_ATOMIC);
1526
1527
1528 timer = &asoc->timers[SCTP_EVENT_TIMEOUT_SACK];
1529 if (del_timer(timer))
1530 sctp_association_put(asoc);
1531 }
1532}
1533
1534
1535void sctp_assoc_rwnd_decrease(struct sctp_association *asoc, unsigned int len)
1536{
1537 int rx_count;
1538 int over = 0;
1539
1540 if (unlikely(!asoc->rwnd || asoc->rwnd_over))
1541 pr_debug("%s: association:%p has asoc->rwnd:%u, "
1542 "asoc->rwnd_over:%u!\n", __func__, asoc,
1543 asoc->rwnd, asoc->rwnd_over);
1544
1545 if (asoc->ep->rcvbuf_policy)
1546 rx_count = atomic_read(&asoc->rmem_alloc);
1547 else
1548 rx_count = atomic_read(&asoc->base.sk->sk_rmem_alloc);
1549
1550
1551
1552
1553
1554
1555 if (rx_count >= asoc->base.sk->sk_rcvbuf)
1556 over = 1;
1557
1558 if (asoc->rwnd >= len) {
1559 asoc->rwnd -= len;
1560 if (over) {
1561 asoc->rwnd_press += asoc->rwnd;
1562 asoc->rwnd = 0;
1563 }
1564 } else {
1565 asoc->rwnd_over += len - asoc->rwnd;
1566 asoc->rwnd = 0;
1567 }
1568
1569 pr_debug("%s: asoc:%p rwnd decreased by %d to (%u, %u, %u)\n",
1570 __func__, asoc, len, asoc->rwnd, asoc->rwnd_over,
1571 asoc->rwnd_press);
1572}
1573
1574
1575
1576
1577int sctp_assoc_set_bind_addr_from_ep(struct sctp_association *asoc,
1578 enum sctp_scope scope, gfp_t gfp)
1579{
1580 int flags;
1581
1582
1583
1584
1585 flags = (PF_INET6 == asoc->base.sk->sk_family) ? SCTP_ADDR6_ALLOWED : 0;
1586 if (asoc->peer.ipv4_address)
1587 flags |= SCTP_ADDR4_PEERSUPP;
1588 if (asoc->peer.ipv6_address)
1589 flags |= SCTP_ADDR6_PEERSUPP;
1590
1591 return sctp_bind_addr_copy(sock_net(asoc->base.sk),
1592 &asoc->base.bind_addr,
1593 &asoc->ep->base.bind_addr,
1594 scope, gfp, flags);
1595}
1596
1597
1598int sctp_assoc_set_bind_addr_from_cookie(struct sctp_association *asoc,
1599 struct sctp_cookie *cookie,
1600 gfp_t gfp)
1601{
1602 int var_size2 = ntohs(cookie->peer_init->chunk_hdr.length);
1603 int var_size3 = cookie->raw_addr_list_len;
1604 __u8 *raw = (__u8 *)cookie->peer_init + var_size2;
1605
1606 return sctp_raw_to_bind_addrs(&asoc->base.bind_addr, raw, var_size3,
1607 asoc->ep->base.bind_addr.port, gfp);
1608}
1609
1610
1611int sctp_assoc_lookup_laddr(struct sctp_association *asoc,
1612 const union sctp_addr *laddr)
1613{
1614 int found = 0;
1615
1616 if ((asoc->base.bind_addr.port == ntohs(laddr->v4.sin_port)) &&
1617 sctp_bind_addr_match(&asoc->base.bind_addr, laddr,
1618 sctp_sk(asoc->base.sk)))
1619 found = 1;
1620
1621 return found;
1622}
1623
1624
1625int sctp_assoc_set_id(struct sctp_association *asoc, gfp_t gfp)
1626{
1627 bool preload = gfpflags_allow_blocking(gfp);
1628 int ret;
1629
1630
1631 if (asoc->assoc_id)
1632 return 0;
1633
1634 if (preload)
1635 idr_preload(gfp);
1636 spin_lock_bh(&sctp_assocs_id_lock);
1637
1638
1639
1640 ret = idr_alloc_cyclic(&sctp_assocs_id, asoc, SCTP_ALL_ASSOC + 1, 0,
1641 GFP_NOWAIT);
1642 spin_unlock_bh(&sctp_assocs_id_lock);
1643 if (preload)
1644 idr_preload_end();
1645 if (ret < 0)
1646 return ret;
1647
1648 asoc->assoc_id = (sctp_assoc_t)ret;
1649 return 0;
1650}
1651
1652
1653static void sctp_assoc_free_asconf_queue(struct sctp_association *asoc)
1654{
1655 struct sctp_chunk *asconf;
1656 struct sctp_chunk *tmp;
1657
1658 list_for_each_entry_safe(asconf, tmp, &asoc->addip_chunk_list, list) {
1659 list_del_init(&asconf->list);
1660 sctp_chunk_free(asconf);
1661 }
1662}
1663
1664
1665static void sctp_assoc_free_asconf_acks(struct sctp_association *asoc)
1666{
1667 struct sctp_chunk *ack;
1668 struct sctp_chunk *tmp;
1669
1670 list_for_each_entry_safe(ack, tmp, &asoc->asconf_ack_list,
1671 transmitted_list) {
1672 list_del_init(&ack->transmitted_list);
1673 sctp_chunk_free(ack);
1674 }
1675}
1676
1677
1678void sctp_assoc_clean_asconf_ack_cache(const struct sctp_association *asoc)
1679{
1680 struct sctp_chunk *ack;
1681 struct sctp_chunk *tmp;
1682
1683
1684
1685
1686 list_for_each_entry_safe(ack, tmp, &asoc->asconf_ack_list,
1687 transmitted_list) {
1688 if (ack->subh.addip_hdr->serial ==
1689 htonl(asoc->peer.addip_serial))
1690 break;
1691
1692 list_del_init(&ack->transmitted_list);
1693 sctp_chunk_free(ack);
1694 }
1695}
1696
1697
1698struct sctp_chunk *sctp_assoc_lookup_asconf_ack(
1699 const struct sctp_association *asoc,
1700 __be32 serial)
1701{
1702 struct sctp_chunk *ack;
1703
1704
1705
1706
1707 list_for_each_entry(ack, &asoc->asconf_ack_list, transmitted_list) {
1708 if (sctp_chunk_pending(ack))
1709 continue;
1710 if (ack->subh.addip_hdr->serial == serial) {
1711 sctp_chunk_hold(ack);
1712 return ack;
1713 }
1714 }
1715
1716 return NULL;
1717}
1718
1719void sctp_asconf_queue_teardown(struct sctp_association *asoc)
1720{
1721
1722 sctp_assoc_free_asconf_acks(asoc);
1723
1724
1725 sctp_assoc_free_asconf_queue(asoc);
1726
1727
1728 if (asoc->addip_last_asconf)
1729 sctp_chunk_free(asoc->addip_last_asconf);
1730}
1731