Root/
Source at commit c0786693404cffd80ca3cb6e75ee7b35186b2825 created 13 years 11 months ago. By Vlad Yasevich, sctp: Fix oops when sending queued ASCONF chunks | |
---|---|
1 | /* SCTP kernel implementation |
2 | * (C) Copyright IBM Corp. 2001, 2004 |
3 | * Copyright (c) 1999-2000 Cisco, Inc. |
4 | * Copyright (c) 1999-2001 Motorola, Inc. |
5 | * Copyright (c) 2001-2002 Intel Corp. |
6 | * |
7 | * This file is part of the SCTP kernel implementation |
8 | * |
9 | * These functions work with the state functions in sctp_sm_statefuns.c |
10 | * to implement the state operations. These functions implement the |
11 | * steps which require modifying existing data structures. |
12 | * |
13 | * This SCTP implementation is free software; |
14 | * you can redistribute it and/or modify it under the terms of |
15 | * the GNU General Public License as published by |
16 | * the Free Software Foundation; either version 2, or (at your option) |
17 | * any later version. |
18 | * |
19 | * This SCTP implementation is distributed in the hope that it |
20 | * will be useful, but WITHOUT ANY WARRANTY; without even the implied |
21 | * ************************ |
22 | * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
23 | * See the GNU General Public License for more details. |
24 | * |
25 | * You should have received a copy of the GNU General Public License |
26 | * along with GNU CC; see the file COPYING. If not, write to |
27 | * the Free Software Foundation, 59 Temple Place - Suite 330, |
28 | * Boston, MA 02111-1307, USA. |
29 | * |
30 | * Please send any bug reports or fixes you make to the |
31 | * email address(es): |
32 | * lksctp developers <lksctp-developers@lists.sourceforge.net> |
33 | * |
34 | * Or submit a bug report through the following website: |
35 | * http://www.sf.net/projects/lksctp |
36 | * |
37 | * Written or modified by: |
38 | * La Monte H.P. Yarroll <piggy@acm.org> |
39 | * Karl Knutson <karl@athena.chicago.il.us> |
40 | * C. Robin <chris@hundredacre.ac.uk> |
41 | * Jon Grimm <jgrimm@us.ibm.com> |
42 | * Xingang Guo <xingang.guo@intel.com> |
43 | * Dajiang Zhang <dajiang.zhang@nokia.com> |
44 | * Sridhar Samudrala <sri@us.ibm.com> |
45 | * Daisy Chang <daisyc@us.ibm.com> |
46 | * Ardelle Fan <ardelle.fan@intel.com> |
47 | * Kevin Gao <kevin.gao@intel.com> |
48 | * |
49 | * Any bugs reported given to us we will try to fix... any fixes shared will |
50 | * be incorporated into the next SCTP release. |
51 | */ |
52 | |
53 | #include <linux/types.h> |
54 | #include <linux/kernel.h> |
55 | #include <linux/ip.h> |
56 | #include <linux/ipv6.h> |
57 | #include <linux/net.h> |
58 | #include <linux/inet.h> |
59 | #include <linux/scatterlist.h> |
60 | #include <linux/crypto.h> |
61 | #include <linux/slab.h> |
62 | #include <net/sock.h> |
63 | |
64 | #include <linux/skbuff.h> |
65 | #include <linux/random.h> /* for get_random_bytes */ |
66 | #include <net/sctp/sctp.h> |
67 | #include <net/sctp/sm.h> |
68 | |
69 | SCTP_STATIC |
70 | struct sctp_chunk *sctp_make_chunk(const struct sctp_association *asoc, |
71 | __u8 type, __u8 flags, int paylen); |
72 | static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep, |
73 | const struct sctp_association *asoc, |
74 | const struct sctp_chunk *init_chunk, |
75 | int *cookie_len, |
76 | const __u8 *raw_addrs, int addrs_len); |
77 | static int sctp_process_param(struct sctp_association *asoc, |
78 | union sctp_params param, |
79 | const union sctp_addr *peer_addr, |
80 | gfp_t gfp); |
81 | static void *sctp_addto_param(struct sctp_chunk *chunk, int len, |
82 | const void *data); |
83 | |
84 | /* What was the inbound interface for this chunk? */ |
85 | int sctp_chunk_iif(const struct sctp_chunk *chunk) |
86 | { |
87 | struct sctp_af *af; |
88 | int iif = 0; |
89 | |
90 | af = sctp_get_af_specific(ipver2af(ip_hdr(chunk->skb)->version)); |
91 | if (af) |
92 | iif = af->skb_iif(chunk->skb); |
93 | |
94 | return iif; |
95 | } |
96 | |
97 | /* RFC 2960 3.3.2 Initiation (INIT) (1) |
98 | * |
99 | * Note 2: The ECN capable field is reserved for future use of |
100 | * Explicit Congestion Notification. |
101 | */ |
102 | static const struct sctp_paramhdr ecap_param = { |
103 | SCTP_PARAM_ECN_CAPABLE, |
104 | cpu_to_be16(sizeof(struct sctp_paramhdr)), |
105 | }; |
106 | static const struct sctp_paramhdr prsctp_param = { |
107 | SCTP_PARAM_FWD_TSN_SUPPORT, |
108 | cpu_to_be16(sizeof(struct sctp_paramhdr)), |
109 | }; |
110 | |
111 | /* A helper to initialize to initialize an op error inside a |
112 | * provided chunk, as most cause codes will be embedded inside an |
113 | * abort chunk. |
114 | */ |
115 | void sctp_init_cause(struct sctp_chunk *chunk, __be16 cause_code, |
116 | size_t paylen) |
117 | { |
118 | sctp_errhdr_t err; |
119 | __u16 len; |
120 | |
121 | /* Cause code constants are now defined in network order. */ |
122 | err.cause = cause_code; |
123 | len = sizeof(sctp_errhdr_t) + paylen; |
124 | err.length = htons(len); |
125 | chunk->subh.err_hdr = sctp_addto_chunk(chunk, sizeof(sctp_errhdr_t), &err); |
126 | } |
127 | |
128 | /* 3.3.2 Initiation (INIT) (1) |
129 | * |
130 | * This chunk is used to initiate a SCTP association between two |
131 | * endpoints. The format of the INIT chunk is shown below: |
132 | * |
133 | * 0 1 2 3 |
134 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 |
135 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
136 | * | Type = 1 | Chunk Flags | Chunk Length | |
137 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
138 | * | Initiate Tag | |
139 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
140 | * | Advertised Receiver Window Credit (a_rwnd) | |
141 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
142 | * | Number of Outbound Streams | Number of Inbound Streams | |
143 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
144 | * | Initial TSN | |
145 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
146 | * \ \ |
147 | * / Optional/Variable-Length Parameters / |
148 | * \ \ |
149 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
150 | * |
151 | * |
152 | * The INIT chunk contains the following parameters. Unless otherwise |
153 | * noted, each parameter MUST only be included once in the INIT chunk. |
154 | * |
155 | * Fixed Parameters Status |
156 | * ---------------------------------------------- |
157 | * Initiate Tag Mandatory |
158 | * Advertised Receiver Window Credit Mandatory |
159 | * Number of Outbound Streams Mandatory |
160 | * Number of Inbound Streams Mandatory |
161 | * Initial TSN Mandatory |
162 | * |
163 | * Variable Parameters Status Type Value |
164 | * ------------------------------------------------------------- |
165 | * IPv4 Address (Note 1) Optional 5 |
166 | * IPv6 Address (Note 1) Optional 6 |
167 | * Cookie Preservative Optional 9 |
168 | * Reserved for ECN Capable (Note 2) Optional 32768 (0x8000) |
169 | * Host Name Address (Note 3) Optional 11 |
170 | * Supported Address Types (Note 4) Optional 12 |
171 | */ |
172 | struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc, |
173 | const struct sctp_bind_addr *bp, |
174 | gfp_t gfp, int vparam_len) |
175 | { |
176 | sctp_inithdr_t init; |
177 | union sctp_params addrs; |
178 | size_t chunksize; |
179 | struct sctp_chunk *retval = NULL; |
180 | int num_types, addrs_len = 0; |
181 | struct sctp_sock *sp; |
182 | sctp_supported_addrs_param_t sat; |
183 | __be16 types[2]; |
184 | sctp_adaptation_ind_param_t aiparam; |
185 | sctp_supported_ext_param_t ext_param; |
186 | int num_ext = 0; |
187 | __u8 extensions[3]; |
188 | sctp_paramhdr_t *auth_chunks = NULL, |
189 | *auth_hmacs = NULL; |
190 | |
191 | /* RFC 2960 3.3.2 Initiation (INIT) (1) |
192 | * |
193 | * Note 1: The INIT chunks can contain multiple addresses that |
194 | * can be IPv4 and/or IPv6 in any combination. |
195 | */ |
196 | retval = NULL; |
197 | |
198 | /* Convert the provided bind address list to raw format. */ |
199 | addrs = sctp_bind_addrs_to_raw(bp, &addrs_len, gfp); |
200 | |
201 | init.init_tag = htonl(asoc->c.my_vtag); |
202 | init.a_rwnd = htonl(asoc->rwnd); |
203 | init.num_outbound_streams = htons(asoc->c.sinit_num_ostreams); |
204 | init.num_inbound_streams = htons(asoc->c.sinit_max_instreams); |
205 | init.initial_tsn = htonl(asoc->c.initial_tsn); |
206 | |
207 | /* How many address types are needed? */ |
208 | sp = sctp_sk(asoc->base.sk); |
209 | num_types = sp->pf->supported_addrs(sp, types); |
210 | |
211 | chunksize = sizeof(init) + addrs_len; |
212 | chunksize += WORD_ROUND(SCTP_SAT_LEN(num_types)); |
213 | chunksize += sizeof(ecap_param); |
214 | |
215 | if (sctp_prsctp_enable) |
216 | chunksize += sizeof(prsctp_param); |
217 | |
218 | /* ADDIP: Section 4.2.7: |
219 | * An implementation supporting this extension [ADDIP] MUST list |
220 | * the ASCONF,the ASCONF-ACK, and the AUTH chunks in its INIT and |
221 | * INIT-ACK parameters. |
222 | */ |
223 | if (sctp_addip_enable) { |
224 | extensions[num_ext] = SCTP_CID_ASCONF; |
225 | extensions[num_ext+1] = SCTP_CID_ASCONF_ACK; |
226 | num_ext += 2; |
227 | } |
228 | |
229 | if (sp->adaptation_ind) |
230 | chunksize += sizeof(aiparam); |
231 | |
232 | chunksize += vparam_len; |
233 | |
234 | /* Account for AUTH related parameters */ |
235 | if (sctp_auth_enable) { |
236 | /* Add random parameter length*/ |
237 | chunksize += sizeof(asoc->c.auth_random); |
238 | |
239 | /* Add HMACS parameter length if any were defined */ |
240 | auth_hmacs = (sctp_paramhdr_t *)asoc->c.auth_hmacs; |
241 | if (auth_hmacs->length) |
242 | chunksize += WORD_ROUND(ntohs(auth_hmacs->length)); |
243 | else |
244 | auth_hmacs = NULL; |
245 | |
246 | /* Add CHUNKS parameter length */ |
247 | auth_chunks = (sctp_paramhdr_t *)asoc->c.auth_chunks; |
248 | if (auth_chunks->length) |
249 | chunksize += WORD_ROUND(ntohs(auth_chunks->length)); |
250 | else |
251 | auth_chunks = NULL; |
252 | |
253 | extensions[num_ext] = SCTP_CID_AUTH; |
254 | num_ext += 1; |
255 | } |
256 | |
257 | /* If we have any extensions to report, account for that */ |
258 | if (num_ext) |
259 | chunksize += WORD_ROUND(sizeof(sctp_supported_ext_param_t) + |
260 | num_ext); |
261 | |
262 | /* RFC 2960 3.3.2 Initiation (INIT) (1) |
263 | * |
264 | * Note 3: An INIT chunk MUST NOT contain more than one Host |
265 | * Name address parameter. Moreover, the sender of the INIT |
266 | * MUST NOT combine any other address types with the Host Name |
267 | * address in the INIT. The receiver of INIT MUST ignore any |
268 | * other address types if the Host Name address parameter is |
269 | * present in the received INIT chunk. |
270 | * |
271 | * PLEASE DO NOT FIXME [This version does not support Host Name.] |
272 | */ |
273 | |
274 | retval = sctp_make_chunk(asoc, SCTP_CID_INIT, 0, chunksize); |
275 | if (!retval) |
276 | goto nodata; |
277 | |
278 | retval->subh.init_hdr = |
279 | sctp_addto_chunk(retval, sizeof(init), &init); |
280 | retval->param_hdr.v = |
281 | sctp_addto_chunk(retval, addrs_len, addrs.v); |
282 | |
283 | /* RFC 2960 3.3.2 Initiation (INIT) (1) |
284 | * |
285 | * Note 4: This parameter, when present, specifies all the |
286 | * address types the sending endpoint can support. The absence |
287 | * of this parameter indicates that the sending endpoint can |
288 | * support any address type. |
289 | */ |
290 | sat.param_hdr.type = SCTP_PARAM_SUPPORTED_ADDRESS_TYPES; |
291 | sat.param_hdr.length = htons(SCTP_SAT_LEN(num_types)); |
292 | sctp_addto_chunk(retval, sizeof(sat), &sat); |
293 | sctp_addto_chunk(retval, num_types * sizeof(__u16), &types); |
294 | |
295 | sctp_addto_chunk(retval, sizeof(ecap_param), &ecap_param); |
296 | |
297 | /* Add the supported extensions parameter. Be nice and add this |
298 | * fist before addiding the parameters for the extensions themselves |
299 | */ |
300 | if (num_ext) { |
301 | ext_param.param_hdr.type = SCTP_PARAM_SUPPORTED_EXT; |
302 | ext_param.param_hdr.length = |
303 | htons(sizeof(sctp_supported_ext_param_t) + num_ext); |
304 | sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t), |
305 | &ext_param); |
306 | sctp_addto_param(retval, num_ext, extensions); |
307 | } |
308 | |
309 | if (sctp_prsctp_enable) |
310 | sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param); |
311 | |
312 | if (sp->adaptation_ind) { |
313 | aiparam.param_hdr.type = SCTP_PARAM_ADAPTATION_LAYER_IND; |
314 | aiparam.param_hdr.length = htons(sizeof(aiparam)); |
315 | aiparam.adaptation_ind = htonl(sp->adaptation_ind); |
316 | sctp_addto_chunk(retval, sizeof(aiparam), &aiparam); |
317 | } |
318 | |
319 | /* Add SCTP-AUTH chunks to the parameter list */ |
320 | if (sctp_auth_enable) { |
321 | sctp_addto_chunk(retval, sizeof(asoc->c.auth_random), |
322 | asoc->c.auth_random); |
323 | if (auth_hmacs) |
324 | sctp_addto_chunk(retval, ntohs(auth_hmacs->length), |
325 | auth_hmacs); |
326 | if (auth_chunks) |
327 | sctp_addto_chunk(retval, ntohs(auth_chunks->length), |
328 | auth_chunks); |
329 | } |
330 | nodata: |
331 | kfree(addrs.v); |
332 | return retval; |
333 | } |
334 | |
335 | struct sctp_chunk *sctp_make_init_ack(const struct sctp_association *asoc, |
336 | const struct sctp_chunk *chunk, |
337 | gfp_t gfp, int unkparam_len) |
338 | { |
339 | sctp_inithdr_t initack; |
340 | struct sctp_chunk *retval; |
341 | union sctp_params addrs; |
342 | struct sctp_sock *sp; |
343 | int addrs_len; |
344 | sctp_cookie_param_t *cookie; |
345 | int cookie_len; |
346 | size_t chunksize; |
347 | sctp_adaptation_ind_param_t aiparam; |
348 | sctp_supported_ext_param_t ext_param; |
349 | int num_ext = 0; |
350 | __u8 extensions[3]; |
351 | sctp_paramhdr_t *auth_chunks = NULL, |
352 | *auth_hmacs = NULL, |
353 | *auth_random = NULL; |
354 | |
355 | retval = NULL; |
356 | |
357 | /* Note: there may be no addresses to embed. */ |
358 | addrs = sctp_bind_addrs_to_raw(&asoc->base.bind_addr, &addrs_len, gfp); |
359 | |
360 | initack.init_tag = htonl(asoc->c.my_vtag); |
361 | initack.a_rwnd = htonl(asoc->rwnd); |
362 | initack.num_outbound_streams = htons(asoc->c.sinit_num_ostreams); |
363 | initack.num_inbound_streams = htons(asoc->c.sinit_max_instreams); |
364 | initack.initial_tsn = htonl(asoc->c.initial_tsn); |
365 | |
366 | /* FIXME: We really ought to build the cookie right |
367 | * into the packet instead of allocating more fresh memory. |
368 | */ |
369 | cookie = sctp_pack_cookie(asoc->ep, asoc, chunk, &cookie_len, |
370 | addrs.v, addrs_len); |
371 | if (!cookie) |
372 | goto nomem_cookie; |
373 | |
374 | /* Calculate the total size of allocation, include the reserved |
375 | * space for reporting unknown parameters if it is specified. |
376 | */ |
377 | sp = sctp_sk(asoc->base.sk); |
378 | chunksize = sizeof(initack) + addrs_len + cookie_len + unkparam_len; |
379 | |
380 | /* Tell peer that we'll do ECN only if peer advertised such cap. */ |
381 | if (asoc->peer.ecn_capable) |
382 | chunksize += sizeof(ecap_param); |
383 | |
384 | if (asoc->peer.prsctp_capable) |
385 | chunksize += sizeof(prsctp_param); |
386 | |
387 | if (asoc->peer.asconf_capable) { |
388 | extensions[num_ext] = SCTP_CID_ASCONF; |
389 | extensions[num_ext+1] = SCTP_CID_ASCONF_ACK; |
390 | num_ext += 2; |
391 | } |
392 | |
393 | if (sp->adaptation_ind) |
394 | chunksize += sizeof(aiparam); |
395 | |
396 | if (asoc->peer.auth_capable) { |
397 | auth_random = (sctp_paramhdr_t *)asoc->c.auth_random; |
398 | chunksize += ntohs(auth_random->length); |
399 | |
400 | auth_hmacs = (sctp_paramhdr_t *)asoc->c.auth_hmacs; |
401 | if (auth_hmacs->length) |
402 | chunksize += WORD_ROUND(ntohs(auth_hmacs->length)); |
403 | else |
404 | auth_hmacs = NULL; |
405 | |
406 | auth_chunks = (sctp_paramhdr_t *)asoc->c.auth_chunks; |
407 | if (auth_chunks->length) |
408 | chunksize += WORD_ROUND(ntohs(auth_chunks->length)); |
409 | else |
410 | auth_chunks = NULL; |
411 | |
412 | extensions[num_ext] = SCTP_CID_AUTH; |
413 | num_ext += 1; |
414 | } |
415 | |
416 | if (num_ext) |
417 | chunksize += WORD_ROUND(sizeof(sctp_supported_ext_param_t) + |
418 | num_ext); |
419 | |
420 | /* Now allocate and fill out the chunk. */ |
421 | retval = sctp_make_chunk(asoc, SCTP_CID_INIT_ACK, 0, chunksize); |
422 | if (!retval) |
423 | goto nomem_chunk; |
424 | |
425 | /* Per the advice in RFC 2960 6.4, send this reply to |
426 | * the source of the INIT packet. |
427 | */ |
428 | retval->transport = chunk->transport; |
429 | retval->subh.init_hdr = |
430 | sctp_addto_chunk(retval, sizeof(initack), &initack); |
431 | retval->param_hdr.v = sctp_addto_chunk(retval, addrs_len, addrs.v); |
432 | sctp_addto_chunk(retval, cookie_len, cookie); |
433 | if (asoc->peer.ecn_capable) |
434 | sctp_addto_chunk(retval, sizeof(ecap_param), &ecap_param); |
435 | if (num_ext) { |
436 | ext_param.param_hdr.type = SCTP_PARAM_SUPPORTED_EXT; |
437 | ext_param.param_hdr.length = |
438 | htons(sizeof(sctp_supported_ext_param_t) + num_ext); |
439 | sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t), |
440 | &ext_param); |
441 | sctp_addto_param(retval, num_ext, extensions); |
442 | } |
443 | if (asoc->peer.prsctp_capable) |
444 | sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param); |
445 | |
446 | if (sp->adaptation_ind) { |
447 | aiparam.param_hdr.type = SCTP_PARAM_ADAPTATION_LAYER_IND; |
448 | aiparam.param_hdr.length = htons(sizeof(aiparam)); |
449 | aiparam.adaptation_ind = htonl(sp->adaptation_ind); |
450 | sctp_addto_chunk(retval, sizeof(aiparam), &aiparam); |
451 | } |
452 | |
453 | if (asoc->peer.auth_capable) { |
454 | sctp_addto_chunk(retval, ntohs(auth_random->length), |
455 | auth_random); |
456 | if (auth_hmacs) |
457 | sctp_addto_chunk(retval, ntohs(auth_hmacs->length), |
458 | auth_hmacs); |
459 | if (auth_chunks) |
460 | sctp_addto_chunk(retval, ntohs(auth_chunks->length), |
461 | auth_chunks); |
462 | } |
463 | |
464 | /* We need to remove the const qualifier at this point. */ |
465 | retval->asoc = (struct sctp_association *) asoc; |
466 | |
467 | /* RFC 2960 6.4 Multi-homed SCTP Endpoints |
468 | * |
469 | * An endpoint SHOULD transmit reply chunks (e.g., SACK, |
470 | * HEARTBEAT ACK, * etc.) to the same destination transport |
471 | * address from which it received the DATA or control chunk |
472 | * to which it is replying. |
473 | * |
474 | * [INIT ACK back to where the INIT came from.] |
475 | */ |
476 | if (chunk) |
477 | retval->transport = chunk->transport; |
478 | |
479 | nomem_chunk: |
480 | kfree(cookie); |
481 | nomem_cookie: |
482 | kfree(addrs.v); |
483 | return retval; |
484 | } |
485 | |
486 | /* 3.3.11 Cookie Echo (COOKIE ECHO) (10): |
487 | * |
488 | * This chunk is used only during the initialization of an association. |
489 | * It is sent by the initiator of an association to its peer to complete |
490 | * the initialization process. This chunk MUST precede any DATA chunk |
491 | * sent within the association, but MAY be bundled with one or more DATA |
492 | * chunks in the same packet. |
493 | * |
494 | * 0 1 2 3 |
495 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 |
496 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
497 | * | Type = 10 |Chunk Flags | Length | |
498 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
499 | * / Cookie / |
500 | * \ \ |
501 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
502 | * |
503 | * Chunk Flags: 8 bit |
504 | * |
505 | * Set to zero on transmit and ignored on receipt. |
506 | * |
507 | * Length: 16 bits (unsigned integer) |
508 | * |
509 | * Set to the size of the chunk in bytes, including the 4 bytes of |
510 | * the chunk header and the size of the Cookie. |
511 | * |
512 | * Cookie: variable size |
513 | * |
514 | * This field must contain the exact cookie received in the |
515 | * State Cookie parameter from the previous INIT ACK. |
516 | * |
517 | * An implementation SHOULD make the cookie as small as possible |
518 | * to insure interoperability. |
519 | */ |
520 | struct sctp_chunk *sctp_make_cookie_echo(const struct sctp_association *asoc, |
521 | const struct sctp_chunk *chunk) |
522 | { |
523 | struct sctp_chunk *retval; |
524 | void *cookie; |
525 | int cookie_len; |
526 | |
527 | cookie = asoc->peer.cookie; |
528 | cookie_len = asoc->peer.cookie_len; |
529 | |
530 | /* Build a cookie echo chunk. */ |
531 | retval = sctp_make_chunk(asoc, SCTP_CID_COOKIE_ECHO, 0, cookie_len); |
532 | if (!retval) |
533 | goto nodata; |
534 | retval->subh.cookie_hdr = |
535 | sctp_addto_chunk(retval, cookie_len, cookie); |
536 | |
537 | /* RFC 2960 6.4 Multi-homed SCTP Endpoints |
538 | * |
539 | * An endpoint SHOULD transmit reply chunks (e.g., SACK, |
540 | * HEARTBEAT ACK, * etc.) to the same destination transport |
541 | * address from which it * received the DATA or control chunk |
542 | * to which it is replying. |
543 | * |
544 | * [COOKIE ECHO back to where the INIT ACK came from.] |
545 | */ |
546 | if (chunk) |
547 | retval->transport = chunk->transport; |
548 | |
549 | nodata: |
550 | return retval; |
551 | } |
552 | |
553 | /* 3.3.12 Cookie Acknowledgement (COOKIE ACK) (11): |
554 | * |
555 | * This chunk is used only during the initialization of an |
556 | * association. It is used to acknowledge the receipt of a COOKIE |
557 | * ECHO chunk. This chunk MUST precede any DATA or SACK chunk sent |
558 | * within the association, but MAY be bundled with one or more DATA |
559 | * chunks or SACK chunk in the same SCTP packet. |
560 | * |
561 | * 0 1 2 3 |
562 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 |
563 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
564 | * | Type = 11 |Chunk Flags | Length = 4 | |
565 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
566 | * |
567 | * Chunk Flags: 8 bits |
568 | * |
569 | * Set to zero on transmit and ignored on receipt. |
570 | */ |
571 | struct sctp_chunk *sctp_make_cookie_ack(const struct sctp_association *asoc, |
572 | const struct sctp_chunk *chunk) |
573 | { |
574 | struct sctp_chunk *retval; |
575 | |
576 | retval = sctp_make_chunk(asoc, SCTP_CID_COOKIE_ACK, 0, 0); |
577 | |
578 | /* RFC 2960 6.4 Multi-homed SCTP Endpoints |
579 | * |
580 | * An endpoint SHOULD transmit reply chunks (e.g., SACK, |
581 | * HEARTBEAT ACK, * etc.) to the same destination transport |
582 | * address from which it * received the DATA or control chunk |
583 | * to which it is replying. |
584 | * |
585 | * [COOKIE ACK back to where the COOKIE ECHO came from.] |
586 | */ |
587 | if (retval && chunk) |
588 | retval->transport = chunk->transport; |
589 | |
590 | return retval; |
591 | } |
592 | |
593 | /* |
594 | * Appendix A: Explicit Congestion Notification: |
595 | * CWR: |
596 | * |
597 | * RFC 2481 details a specific bit for a sender to send in the header of |
598 | * its next outbound TCP segment to indicate to its peer that it has |
599 | * reduced its congestion window. This is termed the CWR bit. For |
600 | * SCTP the same indication is made by including the CWR chunk. |
601 | * This chunk contains one data element, i.e. the TSN number that |
602 | * was sent in the ECNE chunk. This element represents the lowest |
603 | * TSN number in the datagram that was originally marked with the |
604 | * CE bit. |
605 | * |
606 | * 0 1 2 3 |
607 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 |
608 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
609 | * | Chunk Type=13 | Flags=00000000| Chunk Length = 8 | |
610 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
611 | * | Lowest TSN Number | |
612 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
613 | * |
614 | * Note: The CWR is considered a Control chunk. |
615 | */ |
616 | struct sctp_chunk *sctp_make_cwr(const struct sctp_association *asoc, |
617 | const __u32 lowest_tsn, |
618 | const struct sctp_chunk *chunk) |
619 | { |
620 | struct sctp_chunk *retval; |
621 | sctp_cwrhdr_t cwr; |
622 | |
623 | cwr.lowest_tsn = htonl(lowest_tsn); |
624 | retval = sctp_make_chunk(asoc, SCTP_CID_ECN_CWR, 0, |
625 | sizeof(sctp_cwrhdr_t)); |
626 | |
627 | if (!retval) |
628 | goto nodata; |
629 | |
630 | retval->subh.ecn_cwr_hdr = |
631 | sctp_addto_chunk(retval, sizeof(cwr), &cwr); |
632 | |
633 | /* RFC 2960 6.4 Multi-homed SCTP Endpoints |
634 | * |
635 | * An endpoint SHOULD transmit reply chunks (e.g., SACK, |
636 | * HEARTBEAT ACK, * etc.) to the same destination transport |
637 | * address from which it * received the DATA or control chunk |
638 | * to which it is replying. |
639 | * |
640 | * [Report a reduced congestion window back to where the ECNE |
641 | * came from.] |
642 | */ |
643 | if (chunk) |
644 | retval->transport = chunk->transport; |
645 | |
646 | nodata: |
647 | return retval; |
648 | } |
649 | |
650 | /* Make an ECNE chunk. This is a congestion experienced report. */ |
651 | struct sctp_chunk *sctp_make_ecne(const struct sctp_association *asoc, |
652 | const __u32 lowest_tsn) |
653 | { |
654 | struct sctp_chunk *retval; |
655 | sctp_ecnehdr_t ecne; |
656 | |
657 | ecne.lowest_tsn = htonl(lowest_tsn); |
658 | retval = sctp_make_chunk(asoc, SCTP_CID_ECN_ECNE, 0, |
659 | sizeof(sctp_ecnehdr_t)); |
660 | if (!retval) |
661 | goto nodata; |
662 | retval->subh.ecne_hdr = |
663 | sctp_addto_chunk(retval, sizeof(ecne), &ecne); |
664 | |
665 | nodata: |
666 | return retval; |
667 | } |
668 | |
669 | /* Make a DATA chunk for the given association from the provided |
670 | * parameters. However, do not populate the data payload. |
671 | */ |
672 | struct sctp_chunk *sctp_make_datafrag_empty(struct sctp_association *asoc, |
673 | const struct sctp_sndrcvinfo *sinfo, |
674 | int data_len, __u8 flags, __u16 ssn) |
675 | { |
676 | struct sctp_chunk *retval; |
677 | struct sctp_datahdr dp; |
678 | int chunk_len; |
679 | |
680 | /* We assign the TSN as LATE as possible, not here when |
681 | * creating the chunk. |
682 | */ |
683 | dp.tsn = 0; |
684 | dp.stream = htons(sinfo->sinfo_stream); |
685 | dp.ppid = sinfo->sinfo_ppid; |
686 | |
687 | /* Set the flags for an unordered send. */ |
688 | if (sinfo->sinfo_flags & SCTP_UNORDERED) { |
689 | flags |= SCTP_DATA_UNORDERED; |
690 | dp.ssn = 0; |
691 | } else |
692 | dp.ssn = htons(ssn); |
693 | |
694 | chunk_len = sizeof(dp) + data_len; |
695 | retval = sctp_make_chunk(asoc, SCTP_CID_DATA, flags, chunk_len); |
696 | if (!retval) |
697 | goto nodata; |
698 | |
699 | retval->subh.data_hdr = sctp_addto_chunk(retval, sizeof(dp), &dp); |
700 | memcpy(&retval->sinfo, sinfo, sizeof(struct sctp_sndrcvinfo)); |
701 | |
702 | nodata: |
703 | return retval; |
704 | } |
705 | |
706 | /* Create a selective ackowledgement (SACK) for the given |
707 | * association. This reports on which TSN's we've seen to date, |
708 | * including duplicates and gaps. |
709 | */ |
710 | struct sctp_chunk *sctp_make_sack(const struct sctp_association *asoc) |
711 | { |
712 | struct sctp_chunk *retval; |
713 | struct sctp_sackhdr sack; |
714 | int len; |
715 | __u32 ctsn; |
716 | __u16 num_gabs, num_dup_tsns; |
717 | struct sctp_tsnmap *map = (struct sctp_tsnmap *)&asoc->peer.tsn_map; |
718 | struct sctp_gap_ack_block gabs[SCTP_MAX_GABS]; |
719 | |
720 | memset(gabs, 0, sizeof(gabs)); |
721 | ctsn = sctp_tsnmap_get_ctsn(map); |
722 | SCTP_DEBUG_PRINTK("sackCTSNAck sent: 0x%x.\n", ctsn); |
723 | |
724 | /* How much room is needed in the chunk? */ |
725 | num_gabs = sctp_tsnmap_num_gabs(map, gabs); |
726 | num_dup_tsns = sctp_tsnmap_num_dups(map); |
727 | |
728 | /* Initialize the SACK header. */ |
729 | sack.cum_tsn_ack = htonl(ctsn); |
730 | sack.a_rwnd = htonl(asoc->a_rwnd); |
731 | sack.num_gap_ack_blocks = htons(num_gabs); |
732 | sack.num_dup_tsns = htons(num_dup_tsns); |
733 | |
734 | len = sizeof(sack) |
735 | + sizeof(struct sctp_gap_ack_block) * num_gabs |
736 | + sizeof(__u32) * num_dup_tsns; |
737 | |
738 | /* Create the chunk. */ |
739 | retval = sctp_make_chunk(asoc, SCTP_CID_SACK, 0, len); |
740 | if (!retval) |
741 | goto nodata; |
742 | |
743 | /* RFC 2960 6.4 Multi-homed SCTP Endpoints |
744 | * |
745 | * An endpoint SHOULD transmit reply chunks (e.g., SACK, |
746 | * HEARTBEAT ACK, etc.) to the same destination transport |
747 | * address from which it received the DATA or control chunk to |
748 | * which it is replying. This rule should also be followed if |
749 | * the endpoint is bundling DATA chunks together with the |
750 | * reply chunk. |
751 | * |
752 | * However, when acknowledging multiple DATA chunks received |
753 | * in packets from different source addresses in a single |
754 | * SACK, the SACK chunk may be transmitted to one of the |
755 | * destination transport addresses from which the DATA or |
756 | * control chunks being acknowledged were received. |
757 | * |
758 | * [BUG: We do not implement the following paragraph. |
759 | * Perhaps we should remember the last transport we used for a |
760 | * SACK and avoid that (if possible) if we have seen any |
761 | * duplicates. --piggy] |
762 | * |
763 | * When a receiver of a duplicate DATA chunk sends a SACK to a |
764 | * multi- homed endpoint it MAY be beneficial to vary the |
765 | * destination address and not use the source address of the |
766 | * DATA chunk. The reason being that receiving a duplicate |
767 | * from a multi-homed endpoint might indicate that the return |
768 | * path (as specified in the source address of the DATA chunk) |
769 | * for the SACK is broken. |
770 | * |
771 | * [Send to the address from which we last received a DATA chunk.] |
772 | */ |
773 | retval->transport = asoc->peer.last_data_from; |
774 | |
775 | retval->subh.sack_hdr = |
776 | sctp_addto_chunk(retval, sizeof(sack), &sack); |
777 | |
778 | /* Add the gap ack block information. */ |
779 | if (num_gabs) |
780 | sctp_addto_chunk(retval, sizeof(__u32) * num_gabs, |
781 | gabs); |
782 | |
783 | /* Add the duplicate TSN information. */ |
784 | if (num_dup_tsns) |
785 | sctp_addto_chunk(retval, sizeof(__u32) * num_dup_tsns, |
786 | sctp_tsnmap_get_dups(map)); |
787 | |
788 | nodata: |
789 | return retval; |
790 | } |
791 | |
792 | /* Make a SHUTDOWN chunk. */ |
793 | struct sctp_chunk *sctp_make_shutdown(const struct sctp_association *asoc, |
794 | const struct sctp_chunk *chunk) |
795 | { |
796 | struct sctp_chunk *retval; |
797 | sctp_shutdownhdr_t shut; |
798 | __u32 ctsn; |
799 | |
800 | ctsn = sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map); |
801 | shut.cum_tsn_ack = htonl(ctsn); |
802 | |
803 | retval = sctp_make_chunk(asoc, SCTP_CID_SHUTDOWN, 0, |
804 | sizeof(sctp_shutdownhdr_t)); |
805 | if (!retval) |
806 | goto nodata; |
807 | |
808 | retval->subh.shutdown_hdr = |
809 | sctp_addto_chunk(retval, sizeof(shut), &shut); |
810 | |
811 | if (chunk) |
812 | retval->transport = chunk->transport; |
813 | nodata: |
814 | return retval; |
815 | } |
816 | |
817 | struct sctp_chunk *sctp_make_shutdown_ack(const struct sctp_association *asoc, |
818 | const struct sctp_chunk *chunk) |
819 | { |
820 | struct sctp_chunk *retval; |
821 | |
822 | retval = sctp_make_chunk(asoc, SCTP_CID_SHUTDOWN_ACK, 0, 0); |
823 | |
824 | /* RFC 2960 6.4 Multi-homed SCTP Endpoints |
825 | * |
826 | * An endpoint SHOULD transmit reply chunks (e.g., SACK, |
827 | * HEARTBEAT ACK, * etc.) to the same destination transport |
828 | * address from which it * received the DATA or control chunk |
829 | * to which it is replying. |
830 | * |
831 | * [ACK back to where the SHUTDOWN came from.] |
832 | */ |
833 | if (retval && chunk) |
834 | retval->transport = chunk->transport; |
835 | |
836 | return retval; |
837 | } |
838 | |
839 | struct sctp_chunk *sctp_make_shutdown_complete( |
840 | const struct sctp_association *asoc, |
841 | const struct sctp_chunk *chunk) |
842 | { |
843 | struct sctp_chunk *retval; |
844 | __u8 flags = 0; |
845 | |
846 | /* Set the T-bit if we have no association (vtag will be |
847 | * reflected) |
848 | */ |
849 | flags |= asoc ? 0 : SCTP_CHUNK_FLAG_T; |
850 | |
851 | retval = sctp_make_chunk(asoc, SCTP_CID_SHUTDOWN_COMPLETE, flags, 0); |
852 | |
853 | /* RFC 2960 6.4 Multi-homed SCTP Endpoints |
854 | * |
855 | * An endpoint SHOULD transmit reply chunks (e.g., SACK, |
856 | * HEARTBEAT ACK, * etc.) to the same destination transport |
857 | * address from which it * received the DATA or control chunk |
858 | * to which it is replying. |
859 | * |
860 | * [Report SHUTDOWN COMPLETE back to where the SHUTDOWN ACK |
861 | * came from.] |
862 | */ |
863 | if (retval && chunk) |
864 | retval->transport = chunk->transport; |
865 | |
866 | return retval; |
867 | } |
868 | |
869 | /* Create an ABORT. Note that we set the T bit if we have no |
870 | * association, except when responding to an INIT (sctpimpguide 2.41). |
871 | */ |
872 | struct sctp_chunk *sctp_make_abort(const struct sctp_association *asoc, |
873 | const struct sctp_chunk *chunk, |
874 | const size_t hint) |
875 | { |
876 | struct sctp_chunk *retval; |
877 | __u8 flags = 0; |
878 | |
879 | /* Set the T-bit if we have no association and 'chunk' is not |
880 | * an INIT (vtag will be reflected). |
881 | */ |
882 | if (!asoc) { |
883 | if (chunk && chunk->chunk_hdr && |
884 | chunk->chunk_hdr->type == SCTP_CID_INIT) |
885 | flags = 0; |
886 | else |
887 | flags = SCTP_CHUNK_FLAG_T; |
888 | } |
889 | |
890 | retval = sctp_make_chunk(asoc, SCTP_CID_ABORT, flags, hint); |
891 | |
892 | /* RFC 2960 6.4 Multi-homed SCTP Endpoints |
893 | * |
894 | * An endpoint SHOULD transmit reply chunks (e.g., SACK, |
895 | * HEARTBEAT ACK, * etc.) to the same destination transport |
896 | * address from which it * received the DATA or control chunk |
897 | * to which it is replying. |
898 | * |
899 | * [ABORT back to where the offender came from.] |
900 | */ |
901 | if (retval && chunk) |
902 | retval->transport = chunk->transport; |
903 | |
904 | return retval; |
905 | } |
906 | |
907 | /* Helper to create ABORT with a NO_USER_DATA error. */ |
908 | struct sctp_chunk *sctp_make_abort_no_data( |
909 | const struct sctp_association *asoc, |
910 | const struct sctp_chunk *chunk, __u32 tsn) |
911 | { |
912 | struct sctp_chunk *retval; |
913 | __be32 payload; |
914 | |
915 | retval = sctp_make_abort(asoc, chunk, sizeof(sctp_errhdr_t) |
916 | + sizeof(tsn)); |
917 | |
918 | if (!retval) |
919 | goto no_mem; |
920 | |
921 | /* Put the tsn back into network byte order. */ |
922 | payload = htonl(tsn); |
923 | sctp_init_cause(retval, SCTP_ERROR_NO_DATA, sizeof(payload)); |
924 | sctp_addto_chunk(retval, sizeof(payload), (const void *)&payload); |
925 | |
926 | /* RFC 2960 6.4 Multi-homed SCTP Endpoints |
927 | * |
928 | * An endpoint SHOULD transmit reply chunks (e.g., SACK, |
929 | * HEARTBEAT ACK, * etc.) to the same destination transport |
930 | * address from which it * received the DATA or control chunk |
931 | * to which it is replying. |
932 | * |
933 | * [ABORT back to where the offender came from.] |
934 | */ |
935 | if (chunk) |
936 | retval->transport = chunk->transport; |
937 | |
938 | no_mem: |
939 | return retval; |
940 | } |
941 | |
942 | /* Helper to create ABORT with a SCTP_ERROR_USER_ABORT error. */ |
943 | struct sctp_chunk *sctp_make_abort_user(const struct sctp_association *asoc, |
944 | const struct msghdr *msg, |
945 | size_t paylen) |
946 | { |
947 | struct sctp_chunk *retval; |
948 | void *payload = NULL; |
949 | int err; |
950 | |
951 | retval = sctp_make_abort(asoc, NULL, sizeof(sctp_errhdr_t) + paylen); |
952 | if (!retval) |
953 | goto err_chunk; |
954 | |
955 | if (paylen) { |
956 | /* Put the msg_iov together into payload. */ |
957 | payload = kmalloc(paylen, GFP_KERNEL); |
958 | if (!payload) |
959 | goto err_payload; |
960 | |
961 | err = memcpy_fromiovec(payload, msg->msg_iov, paylen); |
962 | if (err < 0) |
963 | goto err_copy; |
964 | } |
965 | |
966 | sctp_init_cause(retval, SCTP_ERROR_USER_ABORT, paylen); |
967 | sctp_addto_chunk(retval, paylen, payload); |
968 | |
969 | if (paylen) |
970 | kfree(payload); |
971 | |
972 | return retval; |
973 | |
974 | err_copy: |
975 | kfree(payload); |
976 | err_payload: |
977 | sctp_chunk_free(retval); |
978 | retval = NULL; |
979 | err_chunk: |
980 | return retval; |
981 | } |
982 | |
983 | /* Append bytes to the end of a parameter. Will panic if chunk is not big |
984 | * enough. |
985 | */ |
986 | static void *sctp_addto_param(struct sctp_chunk *chunk, int len, |
987 | const void *data) |
988 | { |
989 | void *target; |
990 | int chunklen = ntohs(chunk->chunk_hdr->length); |
991 | |
992 | target = skb_put(chunk->skb, len); |
993 | |
994 | if (data) |
995 | memcpy(target, data, len); |
996 | else |
997 | memset(target, 0, len); |
998 | |
999 | /* Adjust the chunk length field. */ |
1000 | chunk->chunk_hdr->length = htons(chunklen + len); |
1001 | chunk->chunk_end = skb_tail_pointer(chunk->skb); |
1002 | |
1003 | return target; |
1004 | } |
1005 | |
1006 | /* Make an ABORT chunk with a PROTOCOL VIOLATION cause code. */ |
1007 | struct sctp_chunk *sctp_make_abort_violation( |
1008 | const struct sctp_association *asoc, |
1009 | const struct sctp_chunk *chunk, |
1010 | const __u8 *payload, |
1011 | const size_t paylen) |
1012 | { |
1013 | struct sctp_chunk *retval; |
1014 | struct sctp_paramhdr phdr; |
1015 | |
1016 | retval = sctp_make_abort(asoc, chunk, sizeof(sctp_errhdr_t) + paylen |
1017 | + sizeof(sctp_paramhdr_t)); |
1018 | if (!retval) |
1019 | goto end; |
1020 | |
1021 | sctp_init_cause(retval, SCTP_ERROR_PROTO_VIOLATION, paylen |
1022 | + sizeof(sctp_paramhdr_t)); |
1023 | |
1024 | phdr.type = htons(chunk->chunk_hdr->type); |
1025 | phdr.length = chunk->chunk_hdr->length; |
1026 | sctp_addto_chunk(retval, paylen, payload); |
1027 | sctp_addto_param(retval, sizeof(sctp_paramhdr_t), &phdr); |
1028 | |
1029 | end: |
1030 | return retval; |
1031 | } |
1032 | |
1033 | struct sctp_chunk *sctp_make_violation_paramlen( |
1034 | const struct sctp_association *asoc, |
1035 | const struct sctp_chunk *chunk, |
1036 | struct sctp_paramhdr *param) |
1037 | { |
1038 | struct sctp_chunk *retval; |
1039 | static const char error[] = "The following parameter had invalid length:"; |
1040 | size_t payload_len = sizeof(error) + sizeof(sctp_errhdr_t) + |
1041 | sizeof(sctp_paramhdr_t); |
1042 | |
1043 | retval = sctp_make_abort(asoc, chunk, payload_len); |
1044 | if (!retval) |
1045 | goto nodata; |
1046 | |
1047 | sctp_init_cause(retval, SCTP_ERROR_PROTO_VIOLATION, |
1048 | sizeof(error) + sizeof(sctp_paramhdr_t)); |
1049 | sctp_addto_chunk(retval, sizeof(error), error); |
1050 | sctp_addto_param(retval, sizeof(sctp_paramhdr_t), param); |
1051 | |
1052 | nodata: |
1053 | return retval; |
1054 | } |
1055 | |
1056 | /* Make a HEARTBEAT chunk. */ |
1057 | struct sctp_chunk *sctp_make_heartbeat(const struct sctp_association *asoc, |
1058 | const struct sctp_transport *transport, |
1059 | const void *payload, const size_t paylen) |
1060 | { |
1061 | struct sctp_chunk *retval = sctp_make_chunk(asoc, SCTP_CID_HEARTBEAT, |
1062 | 0, paylen); |
1063 | |
1064 | if (!retval) |
1065 | goto nodata; |
1066 | |
1067 | /* Cast away the 'const', as this is just telling the chunk |
1068 | * what transport it belongs to. |
1069 | */ |
1070 | retval->transport = (struct sctp_transport *) transport; |
1071 | retval->subh.hbs_hdr = sctp_addto_chunk(retval, paylen, payload); |
1072 | |
1073 | nodata: |
1074 | return retval; |
1075 | } |
1076 | |
1077 | struct sctp_chunk *sctp_make_heartbeat_ack(const struct sctp_association *asoc, |
1078 | const struct sctp_chunk *chunk, |
1079 | const void *payload, const size_t paylen) |
1080 | { |
1081 | struct sctp_chunk *retval; |
1082 | |
1083 | retval = sctp_make_chunk(asoc, SCTP_CID_HEARTBEAT_ACK, 0, paylen); |
1084 | if (!retval) |
1085 | goto nodata; |
1086 | |
1087 | retval->subh.hbs_hdr = sctp_addto_chunk(retval, paylen, payload); |
1088 | |
1089 | /* RFC 2960 6.4 Multi-homed SCTP Endpoints |
1090 | * |
1091 | * An endpoint SHOULD transmit reply chunks (e.g., SACK, |
1092 | * HEARTBEAT ACK, * etc.) to the same destination transport |
1093 | * address from which it * received the DATA or control chunk |
1094 | * to which it is replying. |
1095 | * |
1096 | * [HBACK back to where the HEARTBEAT came from.] |
1097 | */ |
1098 | if (chunk) |
1099 | retval->transport = chunk->transport; |
1100 | |
1101 | nodata: |
1102 | return retval; |
1103 | } |
1104 | |
1105 | /* Create an Operation Error chunk with the specified space reserved. |
1106 | * This routine can be used for containing multiple causes in the chunk. |
1107 | */ |
1108 | static struct sctp_chunk *sctp_make_op_error_space( |
1109 | const struct sctp_association *asoc, |
1110 | const struct sctp_chunk *chunk, |
1111 | size_t size) |
1112 | { |
1113 | struct sctp_chunk *retval; |
1114 | |
1115 | retval = sctp_make_chunk(asoc, SCTP_CID_ERROR, 0, |
1116 | sizeof(sctp_errhdr_t) + size); |
1117 | if (!retval) |
1118 | goto nodata; |
1119 | |
1120 | /* RFC 2960 6.4 Multi-homed SCTP Endpoints |
1121 | * |
1122 | * An endpoint SHOULD transmit reply chunks (e.g., SACK, |
1123 | * HEARTBEAT ACK, etc.) to the same destination transport |
1124 | * address from which it received the DATA or control chunk |
1125 | * to which it is replying. |
1126 | * |
1127 | */ |
1128 | if (chunk) |
1129 | retval->transport = chunk->transport; |
1130 | |
1131 | nodata: |
1132 | return retval; |
1133 | } |
1134 | |
1135 | /* Create an Operation Error chunk. */ |
1136 | struct sctp_chunk *sctp_make_op_error(const struct sctp_association *asoc, |
1137 | const struct sctp_chunk *chunk, |
1138 | __be16 cause_code, const void *payload, |
1139 | size_t paylen, size_t reserve_tail) |
1140 | { |
1141 | struct sctp_chunk *retval; |
1142 | |
1143 | retval = sctp_make_op_error_space(asoc, chunk, paylen + reserve_tail); |
1144 | if (!retval) |
1145 | goto nodata; |
1146 | |
1147 | sctp_init_cause(retval, cause_code, paylen + reserve_tail); |
1148 | sctp_addto_chunk(retval, paylen, payload); |
1149 | if (reserve_tail) |
1150 | sctp_addto_param(retval, reserve_tail, NULL); |
1151 | |
1152 | nodata: |
1153 | return retval; |
1154 | } |
1155 | |
1156 | struct sctp_chunk *sctp_make_auth(const struct sctp_association *asoc) |
1157 | { |
1158 | struct sctp_chunk *retval; |
1159 | struct sctp_hmac *hmac_desc; |
1160 | struct sctp_authhdr auth_hdr; |
1161 | __u8 *hmac; |
1162 | |
1163 | /* Get the first hmac that the peer told us to use */ |
1164 | hmac_desc = sctp_auth_asoc_get_hmac(asoc); |
1165 | if (unlikely(!hmac_desc)) |
1166 | return NULL; |
1167 | |
1168 | retval = sctp_make_chunk(asoc, SCTP_CID_AUTH, 0, |
1169 | hmac_desc->hmac_len + sizeof(sctp_authhdr_t)); |
1170 | if (!retval) |
1171 | return NULL; |
1172 | |
1173 | auth_hdr.hmac_id = htons(hmac_desc->hmac_id); |
1174 | auth_hdr.shkey_id = htons(asoc->active_key_id); |
1175 | |
1176 | retval->subh.auth_hdr = sctp_addto_chunk(retval, sizeof(sctp_authhdr_t), |
1177 | &auth_hdr); |
1178 | |
1179 | hmac = skb_put(retval->skb, hmac_desc->hmac_len); |
1180 | memset(hmac, 0, hmac_desc->hmac_len); |
1181 | |
1182 | /* Adjust the chunk header to include the empty MAC */ |
1183 | retval->chunk_hdr->length = |
1184 | htons(ntohs(retval->chunk_hdr->length) + hmac_desc->hmac_len); |
1185 | retval->chunk_end = skb_tail_pointer(retval->skb); |
1186 | |
1187 | return retval; |
1188 | } |
1189 | |
1190 | |
1191 | /******************************************************************** |
1192 | * 2nd Level Abstractions |
1193 | ********************************************************************/ |
1194 | |
1195 | /* Turn an skb into a chunk. |
1196 | * FIXME: Eventually move the structure directly inside the skb->cb[]. |
1197 | */ |
1198 | struct sctp_chunk *sctp_chunkify(struct sk_buff *skb, |
1199 | const struct sctp_association *asoc, |
1200 | struct sock *sk) |
1201 | { |
1202 | struct sctp_chunk *retval; |
1203 | |
1204 | retval = kmem_cache_zalloc(sctp_chunk_cachep, GFP_ATOMIC); |
1205 | |
1206 | if (!retval) |
1207 | goto nodata; |
1208 | |
1209 | if (!sk) { |
1210 | SCTP_DEBUG_PRINTK("chunkifying skb %p w/o an sk\n", skb); |
1211 | } |
1212 | |
1213 | INIT_LIST_HEAD(&retval->list); |
1214 | retval->skb = skb; |
1215 | retval->asoc = (struct sctp_association *)asoc; |
1216 | retval->resent = 0; |
1217 | retval->has_tsn = 0; |
1218 | retval->has_ssn = 0; |
1219 | retval->rtt_in_progress = 0; |
1220 | retval->sent_at = 0; |
1221 | retval->singleton = 1; |
1222 | retval->end_of_packet = 0; |
1223 | retval->ecn_ce_done = 0; |
1224 | retval->pdiscard = 0; |
1225 | |
1226 | /* sctpimpguide-05.txt Section 2.8.2 |
1227 | * M1) Each time a new DATA chunk is transmitted |
1228 | * set the 'TSN.Missing.Report' count for that TSN to 0. The |
1229 | * 'TSN.Missing.Report' count will be used to determine missing chunks |
1230 | * and when to fast retransmit. |
1231 | */ |
1232 | retval->tsn_missing_report = 0; |
1233 | retval->tsn_gap_acked = 0; |
1234 | retval->fast_retransmit = SCTP_CAN_FRTX; |
1235 | |
1236 | /* If this is a fragmented message, track all fragments |
1237 | * of the message (for SEND_FAILED). |
1238 | */ |
1239 | retval->msg = NULL; |
1240 | |
1241 | /* Polish the bead hole. */ |
1242 | INIT_LIST_HEAD(&retval->transmitted_list); |
1243 | INIT_LIST_HEAD(&retval->frag_list); |
1244 | SCTP_DBG_OBJCNT_INC(chunk); |
1245 | atomic_set(&retval->refcnt, 1); |
1246 | |
1247 | nodata: |
1248 | return retval; |
1249 | } |
1250 | |
1251 | /* Set chunk->source and dest based on the IP header in chunk->skb. */ |
1252 | void sctp_init_addrs(struct sctp_chunk *chunk, union sctp_addr *src, |
1253 | union sctp_addr *dest) |
1254 | { |
1255 | memcpy(&chunk->source, src, sizeof(union sctp_addr)); |
1256 | memcpy(&chunk->dest, dest, sizeof(union sctp_addr)); |
1257 | } |
1258 | |
1259 | /* Extract the source address from a chunk. */ |
1260 | const union sctp_addr *sctp_source(const struct sctp_chunk *chunk) |
1261 | { |
1262 | /* If we have a known transport, use that. */ |
1263 | if (chunk->transport) { |
1264 | return &chunk->transport->ipaddr; |
1265 | } else { |
1266 | /* Otherwise, extract it from the IP header. */ |
1267 | return &chunk->source; |
1268 | } |
1269 | } |
1270 | |
1271 | /* Create a new chunk, setting the type and flags headers from the |
1272 | * arguments, reserving enough space for a 'paylen' byte payload. |
1273 | */ |
1274 | SCTP_STATIC |
1275 | struct sctp_chunk *sctp_make_chunk(const struct sctp_association *asoc, |
1276 | __u8 type, __u8 flags, int paylen) |
1277 | { |
1278 | struct sctp_chunk *retval; |
1279 | sctp_chunkhdr_t *chunk_hdr; |
1280 | struct sk_buff *skb; |
1281 | struct sock *sk; |
1282 | |
1283 | /* No need to allocate LL here, as this is only a chunk. */ |
1284 | skb = alloc_skb(WORD_ROUND(sizeof(sctp_chunkhdr_t) + paylen), |
1285 | GFP_ATOMIC); |
1286 | if (!skb) |
1287 | goto nodata; |
1288 | |
1289 | /* Make room for the chunk header. */ |
1290 | chunk_hdr = (sctp_chunkhdr_t *)skb_put(skb, sizeof(sctp_chunkhdr_t)); |
1291 | chunk_hdr->type = type; |
1292 | chunk_hdr->flags = flags; |
1293 | chunk_hdr->length = htons(sizeof(sctp_chunkhdr_t)); |
1294 | |
1295 | sk = asoc ? asoc->base.sk : NULL; |
1296 | retval = sctp_chunkify(skb, asoc, sk); |
1297 | if (!retval) { |
1298 | kfree_skb(skb); |
1299 | goto nodata; |
1300 | } |
1301 | |
1302 | retval->chunk_hdr = chunk_hdr; |
1303 | retval->chunk_end = ((__u8 *)chunk_hdr) + sizeof(struct sctp_chunkhdr); |
1304 | |
1305 | /* Determine if the chunk needs to be authenticated */ |
1306 | if (sctp_auth_send_cid(type, asoc)) |
1307 | retval->auth = 1; |
1308 | |
1309 | /* Set the skb to the belonging sock for accounting. */ |
1310 | skb->sk = sk; |
1311 | |
1312 | return retval; |
1313 | nodata: |
1314 | return NULL; |
1315 | } |
1316 | |
1317 | |
1318 | /* Release the memory occupied by a chunk. */ |
1319 | static void sctp_chunk_destroy(struct sctp_chunk *chunk) |
1320 | { |
1321 | BUG_ON(!list_empty(&chunk->list)); |
1322 | list_del_init(&chunk->transmitted_list); |
1323 | |
1324 | /* Free the chunk skb data and the SCTP_chunk stub itself. */ |
1325 | dev_kfree_skb(chunk->skb); |
1326 | |
1327 | SCTP_DBG_OBJCNT_DEC(chunk); |
1328 | kmem_cache_free(sctp_chunk_cachep, chunk); |
1329 | } |
1330 | |
1331 | /* Possibly, free the chunk. */ |
1332 | void sctp_chunk_free(struct sctp_chunk *chunk) |
1333 | { |
1334 | /* Release our reference on the message tracker. */ |
1335 | if (chunk->msg) |
1336 | sctp_datamsg_put(chunk->msg); |
1337 | |
1338 | sctp_chunk_put(chunk); |
1339 | } |
1340 | |
1341 | /* Grab a reference to the chunk. */ |
1342 | void sctp_chunk_hold(struct sctp_chunk *ch) |
1343 | { |
1344 | atomic_inc(&ch->refcnt); |
1345 | } |
1346 | |
1347 | /* Release a reference to the chunk. */ |
1348 | void sctp_chunk_put(struct sctp_chunk *ch) |
1349 | { |
1350 | if (atomic_dec_and_test(&ch->refcnt)) |
1351 | sctp_chunk_destroy(ch); |
1352 | } |
1353 | |
1354 | /* Append bytes to the end of a chunk. Will panic if chunk is not big |
1355 | * enough. |
1356 | */ |
1357 | void *sctp_addto_chunk(struct sctp_chunk *chunk, int len, const void *data) |
1358 | { |
1359 | void *target; |
1360 | void *padding; |
1361 | int chunklen = ntohs(chunk->chunk_hdr->length); |
1362 | int padlen = WORD_ROUND(chunklen) - chunklen; |
1363 | |
1364 | padding = skb_put(chunk->skb, padlen); |
1365 | target = skb_put(chunk->skb, len); |
1366 | |
1367 | memset(padding, 0, padlen); |
1368 | memcpy(target, data, len); |
1369 | |
1370 | /* Adjust the chunk length field. */ |
1371 | chunk->chunk_hdr->length = htons(chunklen + padlen + len); |
1372 | chunk->chunk_end = skb_tail_pointer(chunk->skb); |
1373 | |
1374 | return target; |
1375 | } |
1376 | |
1377 | /* Append bytes from user space to the end of a chunk. Will panic if |
1378 | * chunk is not big enough. |
1379 | * Returns a kernel err value. |
1380 | */ |
1381 | int sctp_user_addto_chunk(struct sctp_chunk *chunk, int off, int len, |
1382 | struct iovec *data) |
1383 | { |
1384 | __u8 *target; |
1385 | int err = 0; |
1386 | |
1387 | /* Make room in chunk for data. */ |
1388 | target = skb_put(chunk->skb, len); |
1389 | |
1390 | /* Copy data (whole iovec) into chunk */ |
1391 | if ((err = memcpy_fromiovecend(target, data, off, len))) |
1392 | goto out; |
1393 | |
1394 | /* Adjust the chunk length field. */ |
1395 | chunk->chunk_hdr->length = |
1396 | htons(ntohs(chunk->chunk_hdr->length) + len); |
1397 | chunk->chunk_end = skb_tail_pointer(chunk->skb); |
1398 | |
1399 | out: |
1400 | return err; |
1401 | } |
1402 | |
1403 | /* Helper function to assign a TSN if needed. This assumes that both |
1404 | * the data_hdr and association have already been assigned. |
1405 | */ |
1406 | void sctp_chunk_assign_ssn(struct sctp_chunk *chunk) |
1407 | { |
1408 | struct sctp_datamsg *msg; |
1409 | struct sctp_chunk *lchunk; |
1410 | struct sctp_stream *stream; |
1411 | __u16 ssn; |
1412 | __u16 sid; |
1413 | |
1414 | if (chunk->has_ssn) |
1415 | return; |
1416 | |
1417 | /* All fragments will be on the same stream */ |
1418 | sid = ntohs(chunk->subh.data_hdr->stream); |
1419 | stream = &chunk->asoc->ssnmap->out; |
1420 | |
1421 | /* Now assign the sequence number to the entire message. |
1422 | * All fragments must have the same stream sequence number. |
1423 | */ |
1424 | msg = chunk->msg; |
1425 | list_for_each_entry(lchunk, &msg->chunks, frag_list) { |
1426 | if (lchunk->chunk_hdr->flags & SCTP_DATA_UNORDERED) { |
1427 | ssn = 0; |
1428 | } else { |
1429 | if (lchunk->chunk_hdr->flags & SCTP_DATA_LAST_FRAG) |
1430 | ssn = sctp_ssn_next(stream, sid); |
1431 | else |
1432 | ssn = sctp_ssn_peek(stream, sid); |
1433 | } |
1434 | |
1435 | lchunk->subh.data_hdr->ssn = htons(ssn); |
1436 | lchunk->has_ssn = 1; |
1437 | } |
1438 | } |
1439 | |
1440 | /* Helper function to assign a TSN if needed. This assumes that both |
1441 | * the data_hdr and association have already been assigned. |
1442 | */ |
1443 | void sctp_chunk_assign_tsn(struct sctp_chunk *chunk) |
1444 | { |
1445 | if (!chunk->has_tsn) { |
1446 | /* This is the last possible instant to |
1447 | * assign a TSN. |
1448 | */ |
1449 | chunk->subh.data_hdr->tsn = |
1450 | htonl(sctp_association_get_next_tsn(chunk->asoc)); |
1451 | chunk->has_tsn = 1; |
1452 | } |
1453 | } |
1454 | |
1455 | /* Create a CLOSED association to use with an incoming packet. */ |
1456 | struct sctp_association *sctp_make_temp_asoc(const struct sctp_endpoint *ep, |
1457 | struct sctp_chunk *chunk, |
1458 | gfp_t gfp) |
1459 | { |
1460 | struct sctp_association *asoc; |
1461 | struct sk_buff *skb; |
1462 | sctp_scope_t scope; |
1463 | struct sctp_af *af; |
1464 | |
1465 | /* Create the bare association. */ |
1466 | scope = sctp_scope(sctp_source(chunk)); |
1467 | asoc = sctp_association_new(ep, ep->base.sk, scope, gfp); |
1468 | if (!asoc) |
1469 | goto nodata; |
1470 | asoc->temp = 1; |
1471 | skb = chunk->skb; |
1472 | /* Create an entry for the source address of the packet. */ |
1473 | af = sctp_get_af_specific(ipver2af(ip_hdr(skb)->version)); |
1474 | if (unlikely(!af)) |
1475 | goto fail; |
1476 | af->from_skb(&asoc->c.peer_addr, skb, 1); |
1477 | nodata: |
1478 | return asoc; |
1479 | |
1480 | fail: |
1481 | sctp_association_free(asoc); |
1482 | return NULL; |
1483 | } |
1484 | |
1485 | /* Build a cookie representing asoc. |
1486 | * This INCLUDES the param header needed to put the cookie in the INIT ACK. |
1487 | */ |
1488 | static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep, |
1489 | const struct sctp_association *asoc, |
1490 | const struct sctp_chunk *init_chunk, |
1491 | int *cookie_len, |
1492 | const __u8 *raw_addrs, int addrs_len) |
1493 | { |
1494 | sctp_cookie_param_t *retval; |
1495 | struct sctp_signed_cookie *cookie; |
1496 | struct scatterlist sg; |
1497 | int headersize, bodysize; |
1498 | unsigned int keylen; |
1499 | char *key; |
1500 | |
1501 | /* Header size is static data prior to the actual cookie, including |
1502 | * any padding. |
1503 | */ |
1504 | headersize = sizeof(sctp_paramhdr_t) + |
1505 | (sizeof(struct sctp_signed_cookie) - |
1506 | sizeof(struct sctp_cookie)); |
1507 | bodysize = sizeof(struct sctp_cookie) |
1508 | + ntohs(init_chunk->chunk_hdr->length) + addrs_len; |
1509 | |
1510 | /* Pad out the cookie to a multiple to make the signature |
1511 | * functions simpler to write. |
1512 | */ |
1513 | if (bodysize % SCTP_COOKIE_MULTIPLE) |
1514 | bodysize += SCTP_COOKIE_MULTIPLE |
1515 | - (bodysize % SCTP_COOKIE_MULTIPLE); |
1516 | *cookie_len = headersize + bodysize; |
1517 | |
1518 | /* Clear this memory since we are sending this data structure |
1519 | * out on the network. |
1520 | */ |
1521 | retval = kzalloc(*cookie_len, GFP_ATOMIC); |
1522 | if (!retval) |
1523 | goto nodata; |
1524 | |
1525 | cookie = (struct sctp_signed_cookie *) retval->body; |
1526 | |
1527 | /* Set up the parameter header. */ |
1528 | retval->p.type = SCTP_PARAM_STATE_COOKIE; |
1529 | retval->p.length = htons(*cookie_len); |
1530 | |
1531 | /* Copy the cookie part of the association itself. */ |
1532 | cookie->c = asoc->c; |
1533 | /* Save the raw address list length in the cookie. */ |
1534 | cookie->c.raw_addr_list_len = addrs_len; |
1535 | |
1536 | /* Remember PR-SCTP capability. */ |
1537 | cookie->c.prsctp_capable = asoc->peer.prsctp_capable; |
1538 | |
1539 | /* Save adaptation indication in the cookie. */ |
1540 | cookie->c.adaptation_ind = asoc->peer.adaptation_ind; |
1541 | |
1542 | /* Set an expiration time for the cookie. */ |
1543 | do_gettimeofday(&cookie->c.expiration); |
1544 | TIMEVAL_ADD(asoc->cookie_life, cookie->c.expiration); |
1545 | |
1546 | /* Copy the peer's init packet. */ |
1547 | memcpy(&cookie->c.peer_init[0], init_chunk->chunk_hdr, |
1548 | ntohs(init_chunk->chunk_hdr->length)); |
1549 | |
1550 | /* Copy the raw local address list of the association. */ |
1551 | memcpy((__u8 *)&cookie->c.peer_init[0] + |
1552 | ntohs(init_chunk->chunk_hdr->length), raw_addrs, addrs_len); |
1553 | |
1554 | if (sctp_sk(ep->base.sk)->hmac) { |
1555 | struct hash_desc desc; |
1556 | |
1557 | /* Sign the message. */ |
1558 | sg_init_one(&sg, &cookie->c, bodysize); |
1559 | keylen = SCTP_SECRET_SIZE; |
1560 | key = (char *)ep->secret_key[ep->current_key]; |
1561 | desc.tfm = sctp_sk(ep->base.sk)->hmac; |
1562 | desc.flags = 0; |
1563 | |
1564 | if (crypto_hash_setkey(desc.tfm, key, keylen) || |
1565 | crypto_hash_digest(&desc, &sg, bodysize, cookie->signature)) |
1566 | goto free_cookie; |
1567 | } |
1568 | |
1569 | return retval; |
1570 | |
1571 | free_cookie: |
1572 | kfree(retval); |
1573 | nodata: |
1574 | *cookie_len = 0; |
1575 | return NULL; |
1576 | } |
1577 | |
1578 | /* Unpack the cookie from COOKIE ECHO chunk, recreating the association. */ |
1579 | struct sctp_association *sctp_unpack_cookie( |
1580 | const struct sctp_endpoint *ep, |
1581 | const struct sctp_association *asoc, |
1582 | struct sctp_chunk *chunk, gfp_t gfp, |
1583 | int *error, struct sctp_chunk **errp) |
1584 | { |
1585 | struct sctp_association *retval = NULL; |
1586 | struct sctp_signed_cookie *cookie; |
1587 | struct sctp_cookie *bear_cookie; |
1588 | int headersize, bodysize, fixed_size; |
1589 | __u8 *digest = ep->digest; |
1590 | struct scatterlist sg; |
1591 | unsigned int keylen, len; |
1592 | char *key; |
1593 | sctp_scope_t scope; |
1594 | struct sk_buff *skb = chunk->skb; |
1595 | struct timeval tv; |
1596 | struct hash_desc desc; |
1597 | |
1598 | /* Header size is static data prior to the actual cookie, including |
1599 | * any padding. |
1600 | */ |
1601 | headersize = sizeof(sctp_chunkhdr_t) + |
1602 | (sizeof(struct sctp_signed_cookie) - |
1603 | sizeof(struct sctp_cookie)); |
1604 | bodysize = ntohs(chunk->chunk_hdr->length) - headersize; |
1605 | fixed_size = headersize + sizeof(struct sctp_cookie); |
1606 | |
1607 | /* Verify that the chunk looks like it even has a cookie. |
1608 | * There must be enough room for our cookie and our peer's |
1609 | * INIT chunk. |
1610 | */ |
1611 | len = ntohs(chunk->chunk_hdr->length); |
1612 | if (len < fixed_size + sizeof(struct sctp_chunkhdr)) |
1613 | goto malformed; |
1614 | |
1615 | /* Verify that the cookie has been padded out. */ |
1616 | if (bodysize % SCTP_COOKIE_MULTIPLE) |
1617 | goto malformed; |
1618 | |
1619 | /* Process the cookie. */ |
1620 | cookie = chunk->subh.cookie_hdr; |
1621 | bear_cookie = &cookie->c; |
1622 | |
1623 | if (!sctp_sk(ep->base.sk)->hmac) |
1624 | goto no_hmac; |
1625 | |
1626 | /* Check the signature. */ |
1627 | keylen = SCTP_SECRET_SIZE; |
1628 | sg_init_one(&sg, bear_cookie, bodysize); |
1629 | key = (char *)ep->secret_key[ep->current_key]; |
1630 | desc.tfm = sctp_sk(ep->base.sk)->hmac; |
1631 | desc.flags = 0; |
1632 | |
1633 | memset(digest, 0x00, SCTP_SIGNATURE_SIZE); |
1634 | if (crypto_hash_setkey(desc.tfm, key, keylen) || |
1635 | crypto_hash_digest(&desc, &sg, bodysize, digest)) { |
1636 | *error = -SCTP_IERROR_NOMEM; |
1637 | goto fail; |
1638 | } |
1639 | |
1640 | if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) { |
1641 | /* Try the previous key. */ |
1642 | key = (char *)ep->secret_key[ep->last_key]; |
1643 | memset(digest, 0x00, SCTP_SIGNATURE_SIZE); |
1644 | if (crypto_hash_setkey(desc.tfm, key, keylen) || |
1645 | crypto_hash_digest(&desc, &sg, bodysize, digest)) { |
1646 | *error = -SCTP_IERROR_NOMEM; |
1647 | goto fail; |
1648 | } |
1649 | |
1650 | if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) { |
1651 | /* Yikes! Still bad signature! */ |
1652 | *error = -SCTP_IERROR_BAD_SIG; |
1653 | goto fail; |
1654 | } |
1655 | } |
1656 | |
1657 | no_hmac: |
1658 | /* IG Section 2.35.2: |
1659 | * 3) Compare the port numbers and the verification tag contained |
1660 | * within the COOKIE ECHO chunk to the actual port numbers and the |
1661 | * verification tag within the SCTP common header of the received |
1662 | * packet. If these values do not match the packet MUST be silently |
1663 | * discarded, |
1664 | */ |
1665 | if (ntohl(chunk->sctp_hdr->vtag) != bear_cookie->my_vtag) { |
1666 | *error = -SCTP_IERROR_BAD_TAG; |
1667 | goto fail; |
1668 | } |
1669 | |
1670 | if (chunk->sctp_hdr->source != bear_cookie->peer_addr.v4.sin_port || |
1671 | ntohs(chunk->sctp_hdr->dest) != bear_cookie->my_port) { |
1672 | *error = -SCTP_IERROR_BAD_PORTS; |
1673 | goto fail; |
1674 | } |
1675 | |
1676 | /* Check to see if the cookie is stale. If there is already |
1677 | * an association, there is no need to check cookie's expiration |
1678 | * for init collision case of lost COOKIE ACK. |
1679 | * If skb has been timestamped, then use the stamp, otherwise |
1680 | * use current time. This introduces a small possibility that |
1681 | * that a cookie may be considered expired, but his would only slow |
1682 | * down the new association establishment instead of every packet. |
1683 | */ |
1684 | if (sock_flag(ep->base.sk, SOCK_TIMESTAMP)) |
1685 | skb_get_timestamp(skb, &tv); |
1686 | else |
1687 | do_gettimeofday(&tv); |
1688 | |
1689 | if (!asoc && tv_lt(bear_cookie->expiration, tv)) { |
1690 | /* |
1691 | * Section 3.3.10.3 Stale Cookie Error (3) |
1692 | * |
1693 | * Cause of error |
1694 | * --------------- |
1695 | * Stale Cookie Error: Indicates the receipt of a valid State |
1696 | * Cookie that has expired. |
1697 | */ |
1698 | len = ntohs(chunk->chunk_hdr->length); |
1699 | *errp = sctp_make_op_error_space(asoc, chunk, len); |
1700 | if (*errp) { |
1701 | suseconds_t usecs = (tv.tv_sec - |
1702 | bear_cookie->expiration.tv_sec) * 1000000L + |
1703 | tv.tv_usec - bear_cookie->expiration.tv_usec; |
1704 | __be32 n = htonl(usecs); |
1705 | |
1706 | sctp_init_cause(*errp, SCTP_ERROR_STALE_COOKIE, |
1707 | sizeof(n)); |
1708 | sctp_addto_chunk(*errp, sizeof(n), &n); |
1709 | *error = -SCTP_IERROR_STALE_COOKIE; |
1710 | } else |
1711 | *error = -SCTP_IERROR_NOMEM; |
1712 | |
1713 | goto fail; |
1714 | } |
1715 | |
1716 | /* Make a new base association. */ |
1717 | scope = sctp_scope(sctp_source(chunk)); |
1718 | retval = sctp_association_new(ep, ep->base.sk, scope, gfp); |
1719 | if (!retval) { |
1720 | *error = -SCTP_IERROR_NOMEM; |
1721 | goto fail; |
1722 | } |
1723 | |
1724 | /* Set up our peer's port number. */ |
1725 | retval->peer.port = ntohs(chunk->sctp_hdr->source); |
1726 | |
1727 | /* Populate the association from the cookie. */ |
1728 | memcpy(&retval->c, bear_cookie, sizeof(*bear_cookie)); |
1729 | |
1730 | if (sctp_assoc_set_bind_addr_from_cookie(retval, bear_cookie, |
1731 | GFP_ATOMIC) < 0) { |
1732 | *error = -SCTP_IERROR_NOMEM; |
1733 | goto fail; |
1734 | } |
1735 | |
1736 | /* Also, add the destination address. */ |
1737 | if (list_empty(&retval->base.bind_addr.address_list)) { |
1738 | sctp_add_bind_addr(&retval->base.bind_addr, &chunk->dest, |
1739 | SCTP_ADDR_SRC, GFP_ATOMIC); |
1740 | } |
1741 | |
1742 | retval->next_tsn = retval->c.initial_tsn; |
1743 | retval->ctsn_ack_point = retval->next_tsn - 1; |
1744 | retval->addip_serial = retval->c.initial_tsn; |
1745 | retval->adv_peer_ack_point = retval->ctsn_ack_point; |
1746 | retval->peer.prsctp_capable = retval->c.prsctp_capable; |
1747 | retval->peer.adaptation_ind = retval->c.adaptation_ind; |
1748 | |
1749 | /* The INIT stuff will be done by the side effects. */ |
1750 | return retval; |
1751 | |
1752 | fail: |
1753 | if (retval) |
1754 | sctp_association_free(retval); |
1755 | |
1756 | return NULL; |
1757 | |
1758 | malformed: |
1759 | /* Yikes! The packet is either corrupt or deliberately |
1760 | * malformed. |
1761 | */ |
1762 | *error = -SCTP_IERROR_MALFORMED; |
1763 | goto fail; |
1764 | } |
1765 | |
1766 | /******************************************************************** |
1767 | * 3rd Level Abstractions |
1768 | ********************************************************************/ |
1769 | |
1770 | struct __sctp_missing { |
1771 | __be32 num_missing; |
1772 | __be16 type; |
1773 | } __attribute__((packed)); |
1774 | |
1775 | /* |
1776 | * Report a missing mandatory parameter. |
1777 | */ |
1778 | static int sctp_process_missing_param(const struct sctp_association *asoc, |
1779 | sctp_param_t paramtype, |
1780 | struct sctp_chunk *chunk, |
1781 | struct sctp_chunk **errp) |
1782 | { |
1783 | struct __sctp_missing report; |
1784 | __u16 len; |
1785 | |
1786 | len = WORD_ROUND(sizeof(report)); |
1787 | |
1788 | /* Make an ERROR chunk, preparing enough room for |
1789 | * returning multiple unknown parameters. |
1790 | */ |
1791 | if (!*errp) |
1792 | *errp = sctp_make_op_error_space(asoc, chunk, len); |
1793 | |
1794 | if (*errp) { |
1795 | report.num_missing = htonl(1); |
1796 | report.type = paramtype; |
1797 | sctp_init_cause(*errp, SCTP_ERROR_MISS_PARAM, |
1798 | sizeof(report)); |
1799 | sctp_addto_chunk(*errp, sizeof(report), &report); |
1800 | } |
1801 | |
1802 | /* Stop processing this chunk. */ |
1803 | return 0; |
1804 | } |
1805 | |
1806 | /* Report an Invalid Mandatory Parameter. */ |
1807 | static int sctp_process_inv_mandatory(const struct sctp_association *asoc, |
1808 | struct sctp_chunk *chunk, |
1809 | struct sctp_chunk **errp) |
1810 | { |
1811 | /* Invalid Mandatory Parameter Error has no payload. */ |
1812 | |
1813 | if (!*errp) |
1814 | *errp = sctp_make_op_error_space(asoc, chunk, 0); |
1815 | |
1816 | if (*errp) |
1817 | sctp_init_cause(*errp, SCTP_ERROR_INV_PARAM, 0); |
1818 | |
1819 | /* Stop processing this chunk. */ |
1820 | return 0; |
1821 | } |
1822 | |
1823 | static int sctp_process_inv_paramlength(const struct sctp_association *asoc, |
1824 | struct sctp_paramhdr *param, |
1825 | const struct sctp_chunk *chunk, |
1826 | struct sctp_chunk **errp) |
1827 | { |
1828 | /* This is a fatal error. Any accumulated non-fatal errors are |
1829 | * not reported. |
1830 | */ |
1831 | if (*errp) |
1832 | sctp_chunk_free(*errp); |
1833 | |
1834 | /* Create an error chunk and fill it in with our payload. */ |
1835 | *errp = sctp_make_violation_paramlen(asoc, chunk, param); |
1836 | |
1837 | return 0; |
1838 | } |
1839 | |
1840 | |
1841 | /* Do not attempt to handle the HOST_NAME parm. However, do |
1842 | * send back an indicator to the peer. |
1843 | */ |
1844 | static int sctp_process_hn_param(const struct sctp_association *asoc, |
1845 | union sctp_params param, |
1846 | struct sctp_chunk *chunk, |
1847 | struct sctp_chunk **errp) |
1848 | { |
1849 | __u16 len = ntohs(param.p->length); |
1850 | |
1851 | /* Processing of the HOST_NAME parameter will generate an |
1852 | * ABORT. If we've accumulated any non-fatal errors, they |
1853 | * would be unrecognized parameters and we should not include |
1854 | * them in the ABORT. |
1855 | */ |
1856 | if (*errp) |
1857 | sctp_chunk_free(*errp); |
1858 | |
1859 | *errp = sctp_make_op_error_space(asoc, chunk, len); |
1860 | |
1861 | if (*errp) { |
1862 | sctp_init_cause(*errp, SCTP_ERROR_DNS_FAILED, len); |
1863 | sctp_addto_chunk(*errp, len, param.v); |
1864 | } |
1865 | |
1866 | /* Stop processing this chunk. */ |
1867 | return 0; |
1868 | } |
1869 | |
1870 | static int sctp_verify_ext_param(union sctp_params param) |
1871 | { |
1872 | __u16 num_ext = ntohs(param.p->length) - sizeof(sctp_paramhdr_t); |
1873 | int have_auth = 0; |
1874 | int have_asconf = 0; |
1875 | int i; |
1876 | |
1877 | for (i = 0; i < num_ext; i++) { |
1878 | switch (param.ext->chunks[i]) { |
1879 | case SCTP_CID_AUTH: |
1880 | have_auth = 1; |
1881 | break; |
1882 | case SCTP_CID_ASCONF: |
1883 | case SCTP_CID_ASCONF_ACK: |
1884 | have_asconf = 1; |
1885 | break; |
1886 | } |
1887 | } |
1888 | |
1889 | /* ADD-IP Security: The draft requires us to ABORT or ignore the |
1890 | * INIT/INIT-ACK if ADD-IP is listed, but AUTH is not. Do this |
1891 | * only if ADD-IP is turned on and we are not backward-compatible |
1892 | * mode. |
1893 | */ |
1894 | if (sctp_addip_noauth) |
1895 | return 1; |
1896 | |
1897 | if (sctp_addip_enable && !have_auth && have_asconf) |
1898 | return 0; |
1899 | |
1900 | return 1; |
1901 | } |
1902 | |
1903 | static void sctp_process_ext_param(struct sctp_association *asoc, |
1904 | union sctp_params param) |
1905 | { |
1906 | __u16 num_ext = ntohs(param.p->length) - sizeof(sctp_paramhdr_t); |
1907 | int i; |
1908 | |
1909 | for (i = 0; i < num_ext; i++) { |
1910 | switch (param.ext->chunks[i]) { |
1911 | case SCTP_CID_FWD_TSN: |
1912 | if (sctp_prsctp_enable && |
1913 | !asoc->peer.prsctp_capable) |
1914 | asoc->peer.prsctp_capable = 1; |
1915 | break; |
1916 | case SCTP_CID_AUTH: |
1917 | /* if the peer reports AUTH, assume that he |
1918 | * supports AUTH. |
1919 | */ |
1920 | if (sctp_auth_enable) |
1921 | asoc->peer.auth_capable = 1; |
1922 | break; |
1923 | case SCTP_CID_ASCONF: |
1924 | case SCTP_CID_ASCONF_ACK: |
1925 | if (sctp_addip_enable) |
1926 | asoc->peer.asconf_capable = 1; |
1927 | break; |
1928 | default: |
1929 | break; |
1930 | } |
1931 | } |
1932 | } |
1933 | |
1934 | /* RFC 3.2.1 & the Implementers Guide 2.2. |
1935 | * |
1936 | * The Parameter Types are encoded such that the |
1937 | * highest-order two bits specify the action that must be |
1938 | * taken if the processing endpoint does not recognize the |
1939 | * Parameter Type. |
1940 | * |
1941 | * 00 - Stop processing this parameter; do not process any further |
1942 | * parameters within this chunk |
1943 | * |
1944 | * 01 - Stop processing this parameter, do not process any further |
1945 | * parameters within this chunk, and report the unrecognized |
1946 | * parameter in an 'Unrecognized Parameter' ERROR chunk. |
1947 | * |
1948 | * 10 - Skip this parameter and continue processing. |
1949 | * |
1950 | * 11 - Skip this parameter and continue processing but |
1951 | * report the unrecognized parameter in an |
1952 | * 'Unrecognized Parameter' ERROR chunk. |
1953 | * |
1954 | * Return value: |
1955 | * SCTP_IERROR_NO_ERROR - continue with the chunk |
1956 | * SCTP_IERROR_ERROR - stop and report an error. |
1957 | * SCTP_IERROR_NOMEME - out of memory. |
1958 | */ |
1959 | static sctp_ierror_t sctp_process_unk_param(const struct sctp_association *asoc, |
1960 | union sctp_params param, |
1961 | struct sctp_chunk *chunk, |
1962 | struct sctp_chunk **errp) |
1963 | { |
1964 | int retval = SCTP_IERROR_NO_ERROR; |
1965 | |
1966 | switch (param.p->type & SCTP_PARAM_ACTION_MASK) { |
1967 | case SCTP_PARAM_ACTION_DISCARD: |
1968 | retval = SCTP_IERROR_ERROR; |
1969 | break; |
1970 | case SCTP_PARAM_ACTION_SKIP: |
1971 | break; |
1972 | case SCTP_PARAM_ACTION_DISCARD_ERR: |
1973 | retval = SCTP_IERROR_ERROR; |
1974 | /* Fall through */ |
1975 | case SCTP_PARAM_ACTION_SKIP_ERR: |
1976 | /* Make an ERROR chunk, preparing enough room for |
1977 | * returning multiple unknown parameters. |
1978 | */ |
1979 | if (NULL == *errp) |
1980 | *errp = sctp_make_op_error_space(asoc, chunk, |
1981 | ntohs(chunk->chunk_hdr->length)); |
1982 | |
1983 | if (*errp) { |
1984 | sctp_init_cause(*errp, SCTP_ERROR_UNKNOWN_PARAM, |
1985 | WORD_ROUND(ntohs(param.p->length))); |
1986 | sctp_addto_chunk(*errp, |
1987 | WORD_ROUND(ntohs(param.p->length)), |
1988 | param.v); |
1989 | } else { |
1990 | /* If there is no memory for generating the ERROR |
1991 | * report as specified, an ABORT will be triggered |
1992 | * to the peer and the association won't be |
1993 | * established. |
1994 | */ |
1995 | retval = SCTP_IERROR_NOMEM; |
1996 | } |
1997 | break; |
1998 | default: |
1999 | break; |
2000 | } |
2001 | |
2002 | return retval; |
2003 | } |
2004 | |
2005 | /* Verify variable length parameters |
2006 | * Return values: |
2007 | * SCTP_IERROR_ABORT - trigger an ABORT |
2008 | * SCTP_IERROR_NOMEM - out of memory (abort) |
2009 | * SCTP_IERROR_ERROR - stop processing, trigger an ERROR |
2010 | * SCTP_IERROR_NO_ERROR - continue with the chunk |
2011 | */ |
2012 | static sctp_ierror_t sctp_verify_param(const struct sctp_association *asoc, |
2013 | union sctp_params param, |
2014 | sctp_cid_t cid, |
2015 | struct sctp_chunk *chunk, |
2016 | struct sctp_chunk **err_chunk) |
2017 | { |
2018 | struct sctp_hmac_algo_param *hmacs; |
2019 | int retval = SCTP_IERROR_NO_ERROR; |
2020 | __u16 n_elt, id = 0; |
2021 | int i; |
2022 | |
2023 | /* FIXME - This routine is not looking at each parameter per the |
2024 | * chunk type, i.e., unrecognized parameters should be further |
2025 | * identified based on the chunk id. |
2026 | */ |
2027 | |
2028 | switch (param.p->type) { |
2029 | case SCTP_PARAM_IPV4_ADDRESS: |
2030 | case SCTP_PARAM_IPV6_ADDRESS: |
2031 | case SCTP_PARAM_COOKIE_PRESERVATIVE: |
2032 | case SCTP_PARAM_SUPPORTED_ADDRESS_TYPES: |
2033 | case SCTP_PARAM_STATE_COOKIE: |
2034 | case SCTP_PARAM_HEARTBEAT_INFO: |
2035 | case SCTP_PARAM_UNRECOGNIZED_PARAMETERS: |
2036 | case SCTP_PARAM_ECN_CAPABLE: |
2037 | case SCTP_PARAM_ADAPTATION_LAYER_IND: |
2038 | break; |
2039 | |
2040 | case SCTP_PARAM_SUPPORTED_EXT: |
2041 | if (!sctp_verify_ext_param(param)) |
2042 | return SCTP_IERROR_ABORT; |
2043 | break; |
2044 | |
2045 | case SCTP_PARAM_SET_PRIMARY: |
2046 | if (sctp_addip_enable) |
2047 | break; |
2048 | goto fallthrough; |
2049 | |
2050 | case SCTP_PARAM_HOST_NAME_ADDRESS: |
2051 | /* Tell the peer, we won't support this param. */ |
2052 | sctp_process_hn_param(asoc, param, chunk, err_chunk); |
2053 | retval = SCTP_IERROR_ABORT; |
2054 | break; |
2055 | |
2056 | case SCTP_PARAM_FWD_TSN_SUPPORT: |
2057 | if (sctp_prsctp_enable) |
2058 | break; |
2059 | goto fallthrough; |
2060 | |
2061 | case SCTP_PARAM_RANDOM: |
2062 | if (!sctp_auth_enable) |
2063 | goto fallthrough; |
2064 | |
2065 | /* SCTP-AUTH: Secion 6.1 |
2066 | * If the random number is not 32 byte long the association |
2067 | * MUST be aborted. The ABORT chunk SHOULD contain the error |
2068 | * cause 'Protocol Violation'. |
2069 | */ |
2070 | if (SCTP_AUTH_RANDOM_LENGTH != |
2071 | ntohs(param.p->length) - sizeof(sctp_paramhdr_t)) { |
2072 | sctp_process_inv_paramlength(asoc, param.p, |
2073 | chunk, err_chunk); |
2074 | retval = SCTP_IERROR_ABORT; |
2075 | } |
2076 | break; |
2077 | |
2078 | case SCTP_PARAM_CHUNKS: |
2079 | if (!sctp_auth_enable) |
2080 | goto fallthrough; |
2081 | |
2082 | /* SCTP-AUTH: Section 3.2 |
2083 | * The CHUNKS parameter MUST be included once in the INIT or |
2084 | * INIT-ACK chunk if the sender wants to receive authenticated |
2085 | * chunks. Its maximum length is 260 bytes. |
2086 | */ |
2087 | if (260 < ntohs(param.p->length)) { |
2088 | sctp_process_inv_paramlength(asoc, param.p, |
2089 | chunk, err_chunk); |
2090 | retval = SCTP_IERROR_ABORT; |
2091 | } |
2092 | break; |
2093 | |
2094 | case SCTP_PARAM_HMAC_ALGO: |
2095 | if (!sctp_auth_enable) |
2096 | goto fallthrough; |
2097 | |
2098 | hmacs = (struct sctp_hmac_algo_param *)param.p; |
2099 | n_elt = (ntohs(param.p->length) - sizeof(sctp_paramhdr_t)) >> 1; |
2100 | |
2101 | /* SCTP-AUTH: Section 6.1 |
2102 | * The HMAC algorithm based on SHA-1 MUST be supported and |
2103 | * included in the HMAC-ALGO parameter. |
2104 | */ |
2105 | for (i = 0; i < n_elt; i++) { |
2106 | id = ntohs(hmacs->hmac_ids[i]); |
2107 | |
2108 | if (id == SCTP_AUTH_HMAC_ID_SHA1) |
2109 | break; |
2110 | } |
2111 | |
2112 | if (id != SCTP_AUTH_HMAC_ID_SHA1) { |
2113 | sctp_process_inv_paramlength(asoc, param.p, chunk, |
2114 | err_chunk); |
2115 | retval = SCTP_IERROR_ABORT; |
2116 | } |
2117 | break; |
2118 | fallthrough: |
2119 | default: |
2120 | SCTP_DEBUG_PRINTK("Unrecognized param: %d for chunk %d.\n", |
2121 | ntohs(param.p->type), cid); |
2122 | retval = sctp_process_unk_param(asoc, param, chunk, err_chunk); |
2123 | break; |
2124 | } |
2125 | return retval; |
2126 | } |
2127 | |
2128 | /* Verify the INIT packet before we process it. */ |
2129 | int sctp_verify_init(const struct sctp_association *asoc, |
2130 | sctp_cid_t cid, |
2131 | sctp_init_chunk_t *peer_init, |
2132 | struct sctp_chunk *chunk, |
2133 | struct sctp_chunk **errp) |
2134 | { |
2135 | union sctp_params param; |
2136 | int has_cookie = 0; |
2137 | int result; |
2138 | |
2139 | /* Verify stream values are non-zero. */ |
2140 | if ((0 == peer_init->init_hdr.num_outbound_streams) || |
2141 | (0 == peer_init->init_hdr.num_inbound_streams) || |
2142 | (0 == peer_init->init_hdr.init_tag) || |
2143 | (SCTP_DEFAULT_MINWINDOW > ntohl(peer_init->init_hdr.a_rwnd))) { |
2144 | |
2145 | return sctp_process_inv_mandatory(asoc, chunk, errp); |
2146 | } |
2147 | |
2148 | /* Check for missing mandatory parameters. */ |
2149 | sctp_walk_params(param, peer_init, init_hdr.params) { |
2150 | |
2151 | if (SCTP_PARAM_STATE_COOKIE == param.p->type) |
2152 | has_cookie = 1; |
2153 | |
2154 | } /* for (loop through all parameters) */ |
2155 | |
2156 | /* There is a possibility that a parameter length was bad and |
2157 | * in that case we would have stoped walking the parameters. |
2158 | * The current param.p would point at the bad one. |
2159 | * Current consensus on the mailing list is to generate a PROTOCOL |
2160 | * VIOLATION error. We build the ERROR chunk here and let the normal |
2161 | * error handling code build and send the packet. |
2162 | */ |
2163 | if (param.v != (void*)chunk->chunk_end) |
2164 | return sctp_process_inv_paramlength(asoc, param.p, chunk, errp); |
2165 | |
2166 | /* The only missing mandatory param possible today is |
2167 | * the state cookie for an INIT-ACK chunk. |
2168 | */ |
2169 | if ((SCTP_CID_INIT_ACK == cid) && !has_cookie) |
2170 | return sctp_process_missing_param(asoc, SCTP_PARAM_STATE_COOKIE, |
2171 | chunk, errp); |
2172 | |
2173 | /* Verify all the variable length parameters */ |
2174 | sctp_walk_params(param, peer_init, init_hdr.params) { |
2175 | |
2176 | result = sctp_verify_param(asoc, param, cid, chunk, errp); |
2177 | switch (result) { |
2178 | case SCTP_IERROR_ABORT: |
2179 | case SCTP_IERROR_NOMEM: |
2180 | return 0; |
2181 | case SCTP_IERROR_ERROR: |
2182 | return 1; |
2183 | case SCTP_IERROR_NO_ERROR: |
2184 | default: |
2185 | break; |
2186 | } |
2187 | |
2188 | } /* for (loop through all parameters) */ |
2189 | |
2190 | return 1; |
2191 | } |
2192 | |
2193 | /* Unpack the parameters in an INIT packet into an association. |
2194 | * Returns 0 on failure, else success. |
2195 | * FIXME: This is an association method. |
2196 | */ |
2197 | int sctp_process_init(struct sctp_association *asoc, sctp_cid_t cid, |
2198 | const union sctp_addr *peer_addr, |
2199 | sctp_init_chunk_t *peer_init, gfp_t gfp) |
2200 | { |
2201 | union sctp_params param; |
2202 | struct sctp_transport *transport; |
2203 | struct list_head *pos, *temp; |
2204 | char *cookie; |
2205 | |
2206 | /* We must include the address that the INIT packet came from. |
2207 | * This is the only address that matters for an INIT packet. |
2208 | * When processing a COOKIE ECHO, we retrieve the from address |
2209 | * of the INIT from the cookie. |
2210 | */ |
2211 | |
2212 | /* This implementation defaults to making the first transport |
2213 | * added as the primary transport. The source address seems to |
2214 | * be a a better choice than any of the embedded addresses. |
2215 | */ |
2216 | if (peer_addr) { |
2217 | if(!sctp_assoc_add_peer(asoc, peer_addr, gfp, SCTP_ACTIVE)) |
2218 | goto nomem; |
2219 | } |
2220 | |
2221 | /* Process the initialization parameters. */ |
2222 | sctp_walk_params(param, peer_init, init_hdr.params) { |
2223 | |
2224 | if (!sctp_process_param(asoc, param, peer_addr, gfp)) |
2225 | goto clean_up; |
2226 | } |
2227 | |
2228 | /* AUTH: After processing the parameters, make sure that we |
2229 | * have all the required info to potentially do authentications. |
2230 | */ |
2231 | if (asoc->peer.auth_capable && (!asoc->peer.peer_random || |
2232 | !asoc->peer.peer_hmacs)) |
2233 | asoc->peer.auth_capable = 0; |
2234 | |
2235 | /* In a non-backward compatible mode, if the peer claims |
2236 | * support for ADD-IP but not AUTH, the ADD-IP spec states |
2237 | * that we MUST ABORT the association. Section 6. The section |
2238 | * also give us an option to silently ignore the packet, which |
2239 | * is what we'll do here. |
2240 | */ |
2241 | if (!sctp_addip_noauth && |
2242 | (asoc->peer.asconf_capable && !asoc->peer.auth_capable)) { |
2243 | asoc->peer.addip_disabled_mask |= (SCTP_PARAM_ADD_IP | |
2244 | SCTP_PARAM_DEL_IP | |
2245 | SCTP_PARAM_SET_PRIMARY); |
2246 | asoc->peer.asconf_capable = 0; |
2247 | goto clean_up; |
2248 | } |
2249 | |
2250 | /* Walk list of transports, removing transports in the UNKNOWN state. */ |
2251 | list_for_each_safe(pos, temp, &asoc->peer.transport_addr_list) { |
2252 | transport = list_entry(pos, struct sctp_transport, transports); |
2253 | if (transport->state == SCTP_UNKNOWN) { |
2254 | sctp_assoc_rm_peer(asoc, transport); |
2255 | } |
2256 | } |
2257 | |
2258 | /* The fixed INIT headers are always in network byte |
2259 | * order. |
2260 | */ |
2261 | asoc->peer.i.init_tag = |
2262 | ntohl(peer_init->init_hdr.init_tag); |
2263 | asoc->peer.i.a_rwnd = |
2264 | ntohl(peer_init->init_hdr.a_rwnd); |
2265 | asoc->peer.i.num_outbound_streams = |
2266 | ntohs(peer_init->init_hdr.num_outbound_streams); |
2267 | asoc->peer.i.num_inbound_streams = |
2268 | ntohs(peer_init->init_hdr.num_inbound_streams); |
2269 | asoc->peer.i.initial_tsn = |
2270 | ntohl(peer_init->init_hdr.initial_tsn); |
2271 | |
2272 | /* Apply the upper bounds for output streams based on peer's |
2273 | * number of inbound streams. |
2274 | */ |
2275 | if (asoc->c.sinit_num_ostreams > |
2276 | ntohs(peer_init->init_hdr.num_inbound_streams)) { |
2277 | asoc->c.sinit_num_ostreams = |
2278 | ntohs(peer_init->init_hdr.num_inbound_streams); |
2279 | } |
2280 | |
2281 | if (asoc->c.sinit_max_instreams > |
2282 | ntohs(peer_init->init_hdr.num_outbound_streams)) { |
2283 | asoc->c.sinit_max_instreams = |
2284 | ntohs(peer_init->init_hdr.num_outbound_streams); |
2285 | } |
2286 | |
2287 | /* Copy Initiation tag from INIT to VT_peer in cookie. */ |
2288 | asoc->c.peer_vtag = asoc->peer.i.init_tag; |
2289 | |
2290 | /* Peer Rwnd : Current calculated value of the peer's rwnd. */ |
2291 | asoc->peer.rwnd = asoc->peer.i.a_rwnd; |
2292 | |
2293 | /* Copy cookie in case we need to resend COOKIE-ECHO. */ |
2294 | cookie = asoc->peer.cookie; |
2295 | if (cookie) { |
2296 | asoc->peer.cookie = kmemdup(cookie, asoc->peer.cookie_len, gfp); |
2297 | if (!asoc->peer.cookie) |
2298 | goto clean_up; |
2299 | } |
2300 | |
2301 | /* RFC 2960 7.2.1 The initial value of ssthresh MAY be arbitrarily |
2302 | * high (for example, implementations MAY use the size of the receiver |
2303 | * advertised window). |
2304 | */ |
2305 | list_for_each_entry(transport, &asoc->peer.transport_addr_list, |
2306 | transports) { |
2307 | transport->ssthresh = asoc->peer.i.a_rwnd; |
2308 | } |
2309 | |
2310 | /* Set up the TSN tracking pieces. */ |
2311 | if (!sctp_tsnmap_init(&asoc->peer.tsn_map, SCTP_TSN_MAP_INITIAL, |
2312 | asoc->peer.i.initial_tsn, gfp)) |
2313 | goto clean_up; |
2314 | |
2315 | /* RFC 2960 6.5 Stream Identifier and Stream Sequence Number |
2316 | * |
2317 | * The stream sequence number in all the streams shall start |
2318 | * from 0 when the association is established. Also, when the |
2319 | * stream sequence number reaches the value 65535 the next |
2320 | * stream sequence number shall be set to 0. |
2321 | */ |
2322 | |
2323 | /* Allocate storage for the negotiated streams if it is not a temporary |
2324 | * association. |
2325 | */ |
2326 | if (!asoc->temp) { |
2327 | int error; |
2328 | |
2329 | asoc->ssnmap = sctp_ssnmap_new(asoc->c.sinit_max_instreams, |
2330 | asoc->c.sinit_num_ostreams, gfp); |
2331 | if (!asoc->ssnmap) |
2332 | goto clean_up; |
2333 | |
2334 | error = sctp_assoc_set_id(asoc, gfp); |
2335 | if (error) |
2336 | goto clean_up; |
2337 | } |
2338 | |
2339 | /* ADDIP Section 4.1 ASCONF Chunk Procedures |
2340 | * |
2341 | * When an endpoint has an ASCONF signaled change to be sent to the |
2342 | * remote endpoint it should do the following: |
2343 | * ... |
2344 | * A2) A serial number should be assigned to the Chunk. The serial |
2345 | * number should be a monotonically increasing number. All serial |
2346 | * numbers are defined to be initialized at the start of the |
2347 | * association to the same value as the Initial TSN. |
2348 | */ |
2349 | asoc->peer.addip_serial = asoc->peer.i.initial_tsn - 1; |
2350 | return 1; |
2351 | |
2352 | clean_up: |
2353 | /* Release the transport structures. */ |
2354 | list_for_each_safe(pos, temp, &asoc->peer.transport_addr_list) { |
2355 | transport = list_entry(pos, struct sctp_transport, transports); |
2356 | if (transport->state != SCTP_ACTIVE) |
2357 | sctp_assoc_rm_peer(asoc, transport); |
2358 | } |
2359 | |
2360 | nomem: |
2361 | return 0; |
2362 | } |
2363 | |
2364 | |
2365 | /* Update asoc with the option described in param. |
2366 | * |
2367 | * RFC2960 3.3.2.1 Optional/Variable Length Parameters in INIT |
2368 | * |
2369 | * asoc is the association to update. |
2370 | * param is the variable length parameter to use for update. |
2371 | * cid tells us if this is an INIT, INIT ACK or COOKIE ECHO. |
2372 | * If the current packet is an INIT we want to minimize the amount of |
2373 | * work we do. In particular, we should not build transport |
2374 | * structures for the addresses. |
2375 | */ |
2376 | static int sctp_process_param(struct sctp_association *asoc, |
2377 | union sctp_params param, |
2378 | const union sctp_addr *peer_addr, |
2379 | gfp_t gfp) |
2380 | { |
2381 | union sctp_addr addr; |
2382 | int i; |
2383 | __u16 sat; |
2384 | int retval = 1; |
2385 | sctp_scope_t scope; |
2386 | time_t stale; |
2387 | struct sctp_af *af; |
2388 | union sctp_addr_param *addr_param; |
2389 | struct sctp_transport *t; |
2390 | |
2391 | /* We maintain all INIT parameters in network byte order all the |
2392 | * time. This allows us to not worry about whether the parameters |
2393 | * came from a fresh INIT, and INIT ACK, or were stored in a cookie. |
2394 | */ |
2395 | switch (param.p->type) { |
2396 | case SCTP_PARAM_IPV6_ADDRESS: |
2397 | if (PF_INET6 != asoc->base.sk->sk_family) |
2398 | break; |
2399 | goto do_addr_param; |
2400 | |
2401 | case SCTP_PARAM_IPV4_ADDRESS: |
2402 | /* v4 addresses are not allowed on v6-only socket */ |
2403 | if (ipv6_only_sock(asoc->base.sk)) |
2404 | break; |
2405 | do_addr_param: |
2406 | af = sctp_get_af_specific(param_type2af(param.p->type)); |
2407 | af->from_addr_param(&addr, param.addr, htons(asoc->peer.port), 0); |
2408 | scope = sctp_scope(peer_addr); |
2409 | if (sctp_in_scope(&addr, scope)) |
2410 | if (!sctp_assoc_add_peer(asoc, &addr, gfp, SCTP_UNCONFIRMED)) |
2411 | return 0; |
2412 | break; |
2413 | |
2414 | case SCTP_PARAM_COOKIE_PRESERVATIVE: |
2415 | if (!sctp_cookie_preserve_enable) |
2416 | break; |
2417 | |
2418 | stale = ntohl(param.life->lifespan_increment); |
2419 | |
2420 | /* Suggested Cookie Life span increment's unit is msec, |
2421 | * (1/1000sec). |
2422 | */ |
2423 | asoc->cookie_life.tv_sec += stale / 1000; |
2424 | asoc->cookie_life.tv_usec += (stale % 1000) * 1000; |
2425 | break; |
2426 | |
2427 | case SCTP_PARAM_HOST_NAME_ADDRESS: |
2428 | SCTP_DEBUG_PRINTK("unimplemented SCTP_HOST_NAME_ADDRESS\n"); |
2429 | break; |
2430 | |
2431 | case SCTP_PARAM_SUPPORTED_ADDRESS_TYPES: |
2432 | /* Turn off the default values first so we'll know which |
2433 | * ones are really set by the peer. |
2434 | */ |
2435 | asoc->peer.ipv4_address = 0; |
2436 | asoc->peer.ipv6_address = 0; |
2437 | |
2438 | /* Assume that peer supports the address family |
2439 | * by which it sends a packet. |
2440 | */ |
2441 | if (peer_addr->sa.sa_family == AF_INET6) |
2442 | asoc->peer.ipv6_address = 1; |
2443 | else if (peer_addr->sa.sa_family == AF_INET) |
2444 | asoc->peer.ipv4_address = 1; |
2445 | |
2446 | /* Cycle through address types; avoid divide by 0. */ |
2447 | sat = ntohs(param.p->length) - sizeof(sctp_paramhdr_t); |
2448 | if (sat) |
2449 | sat /= sizeof(__u16); |
2450 | |
2451 | for (i = 0; i < sat; ++i) { |
2452 | switch (param.sat->types[i]) { |
2453 | case SCTP_PARAM_IPV4_ADDRESS: |
2454 | asoc->peer.ipv4_address = 1; |
2455 | break; |
2456 | |
2457 | case SCTP_PARAM_IPV6_ADDRESS: |
2458 | if (PF_INET6 == asoc->base.sk->sk_family) |
2459 | asoc->peer.ipv6_address = 1; |
2460 | break; |
2461 | |
2462 | case SCTP_PARAM_HOST_NAME_ADDRESS: |
2463 | asoc->peer.hostname_address = 1; |
2464 | break; |
2465 | |
2466 | default: /* Just ignore anything else. */ |
2467 | break; |
2468 | } |
2469 | } |
2470 | break; |
2471 | |
2472 | case SCTP_PARAM_STATE_COOKIE: |
2473 | asoc->peer.cookie_len = |
2474 | ntohs(param.p->length) - sizeof(sctp_paramhdr_t); |
2475 | asoc->peer.cookie = param.cookie->body; |
2476 | break; |
2477 | |
2478 | case SCTP_PARAM_HEARTBEAT_INFO: |
2479 | /* Would be odd to receive, but it causes no problems. */ |
2480 | break; |
2481 | |
2482 | case SCTP_PARAM_UNRECOGNIZED_PARAMETERS: |
2483 | /* Rejected during verify stage. */ |
2484 | break; |
2485 | |
2486 | case SCTP_PARAM_ECN_CAPABLE: |
2487 | asoc->peer.ecn_capable = 1; |
2488 | break; |
2489 | |
2490 | case SCTP_PARAM_ADAPTATION_LAYER_IND: |
2491 | asoc->peer.adaptation_ind = ntohl(param.aind->adaptation_ind); |
2492 | break; |
2493 | |
2494 | case SCTP_PARAM_SET_PRIMARY: |
2495 | if (!sctp_addip_enable) |
2496 | goto fall_through; |
2497 | |
2498 | addr_param = param.v + sizeof(sctp_addip_param_t); |
2499 | |
2500 | af = sctp_get_af_specific(param_type2af(param.p->type)); |
2501 | af->from_addr_param(&addr, addr_param, |
2502 | htons(asoc->peer.port), 0); |
2503 | |
2504 | /* if the address is invalid, we can't process it. |
2505 | * XXX: see spec for what to do. |
2506 | */ |
2507 | if (!af->addr_valid(&addr, NULL, NULL)) |
2508 | break; |
2509 | |
2510 | t = sctp_assoc_lookup_paddr(asoc, &addr); |
2511 | if (!t) |
2512 | break; |
2513 | |
2514 | sctp_assoc_set_primary(asoc, t); |
2515 | break; |
2516 | |
2517 | case SCTP_PARAM_SUPPORTED_EXT: |
2518 | sctp_process_ext_param(asoc, param); |
2519 | break; |
2520 | |
2521 | case SCTP_PARAM_FWD_TSN_SUPPORT: |
2522 | if (sctp_prsctp_enable) { |
2523 | asoc->peer.prsctp_capable = 1; |
2524 | break; |
2525 | } |
2526 | /* Fall Through */ |
2527 | goto fall_through; |
2528 | |
2529 | case SCTP_PARAM_RANDOM: |
2530 | if (!sctp_auth_enable) |
2531 | goto fall_through; |
2532 | |
2533 | /* Save peer's random parameter */ |
2534 | asoc->peer.peer_random = kmemdup(param.p, |
2535 | ntohs(param.p->length), gfp); |
2536 | if (!asoc->peer.peer_random) { |
2537 | retval = 0; |
2538 | break; |
2539 | } |
2540 | break; |
2541 | |
2542 | case SCTP_PARAM_HMAC_ALGO: |
2543 | if (!sctp_auth_enable) |
2544 | goto fall_through; |
2545 | |
2546 | /* Save peer's HMAC list */ |
2547 | asoc->peer.peer_hmacs = kmemdup(param.p, |
2548 | ntohs(param.p->length), gfp); |
2549 | if (!asoc->peer.peer_hmacs) { |
2550 | retval = 0; |
2551 | break; |
2552 | } |
2553 | |
2554 | /* Set the default HMAC the peer requested*/ |
2555 | sctp_auth_asoc_set_default_hmac(asoc, param.hmac_algo); |
2556 | break; |
2557 | |
2558 | case SCTP_PARAM_CHUNKS: |
2559 | if (!sctp_auth_enable) |
2560 | goto fall_through; |
2561 | |
2562 | asoc->peer.peer_chunks = kmemdup(param.p, |
2563 | ntohs(param.p->length), gfp); |
2564 | if (!asoc->peer.peer_chunks) |
2565 | retval = 0; |
2566 | break; |
2567 | fall_through: |
2568 | default: |
2569 | /* Any unrecognized parameters should have been caught |
2570 | * and handled by sctp_verify_param() which should be |
2571 | * called prior to this routine. Simply log the error |
2572 | * here. |
2573 | */ |
2574 | SCTP_DEBUG_PRINTK("Ignoring param: %d for association %p.\n", |
2575 | ntohs(param.p->type), asoc); |
2576 | break; |
2577 | } |
2578 | |
2579 | return retval; |
2580 | } |
2581 | |
2582 | /* Select a new verification tag. */ |
2583 | __u32 sctp_generate_tag(const struct sctp_endpoint *ep) |
2584 | { |
2585 | /* I believe that this random number generator complies with RFC1750. |
2586 | * A tag of 0 is reserved for special cases (e.g. INIT). |
2587 | */ |
2588 | __u32 x; |
2589 | |
2590 | do { |
2591 | get_random_bytes(&x, sizeof(__u32)); |
2592 | } while (x == 0); |
2593 | |
2594 | return x; |
2595 | } |
2596 | |
2597 | /* Select an initial TSN to send during startup. */ |
2598 | __u32 sctp_generate_tsn(const struct sctp_endpoint *ep) |
2599 | { |
2600 | __u32 retval; |
2601 | |
2602 | get_random_bytes(&retval, sizeof(__u32)); |
2603 | return retval; |
2604 | } |
2605 | |
2606 | /* |
2607 | * ADDIP 3.1.1 Address Configuration Change Chunk (ASCONF) |
2608 | * 0 1 2 3 |
2609 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 |
2610 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2611 | * | Type = 0xC1 | Chunk Flags | Chunk Length | |
2612 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2613 | * | Serial Number | |
2614 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2615 | * | Address Parameter | |
2616 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2617 | * | ASCONF Parameter #1 | |
2618 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2619 | * \ \ |
2620 | * / .... / |
2621 | * \ \ |
2622 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2623 | * | ASCONF Parameter #N | |
2624 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2625 | * |
2626 | * Address Parameter and other parameter will not be wrapped in this function |
2627 | */ |
2628 | static struct sctp_chunk *sctp_make_asconf(struct sctp_association *asoc, |
2629 | union sctp_addr *addr, |
2630 | int vparam_len) |
2631 | { |
2632 | sctp_addiphdr_t asconf; |
2633 | struct sctp_chunk *retval; |
2634 | int length = sizeof(asconf) + vparam_len; |
2635 | union sctp_addr_param addrparam; |
2636 | int addrlen; |
2637 | struct sctp_af *af = sctp_get_af_specific(addr->v4.sin_family); |
2638 | |
2639 | addrlen = af->to_addr_param(addr, &addrparam); |
2640 | if (!addrlen) |
2641 | return NULL; |
2642 | length += addrlen; |
2643 | |
2644 | /* Create the chunk. */ |
2645 | retval = sctp_make_chunk(asoc, SCTP_CID_ASCONF, 0, length); |
2646 | if (!retval) |
2647 | return NULL; |
2648 | |
2649 | asconf.serial = htonl(asoc->addip_serial++); |
2650 | |
2651 | retval->subh.addip_hdr = |
2652 | sctp_addto_chunk(retval, sizeof(asconf), &asconf); |
2653 | retval->param_hdr.v = |
2654 | sctp_addto_chunk(retval, addrlen, &addrparam); |
2655 | |
2656 | return retval; |
2657 | } |
2658 | |
2659 | /* ADDIP |
2660 | * 3.2.1 Add IP Address |
2661 | * 0 1 2 3 |
2662 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 |
2663 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2664 | * | Type = 0xC001 | Length = Variable | |
2665 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2666 | * | ASCONF-Request Correlation ID | |
2667 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2668 | * | Address Parameter | |
2669 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2670 | * |
2671 | * 3.2.2 Delete IP Address |
2672 | * 0 1 2 3 |
2673 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 |
2674 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2675 | * | Type = 0xC002 | Length = Variable | |
2676 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2677 | * | ASCONF-Request Correlation ID | |
2678 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2679 | * | Address Parameter | |
2680 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2681 | * |
2682 | */ |
2683 | struct sctp_chunk *sctp_make_asconf_update_ip(struct sctp_association *asoc, |
2684 | union sctp_addr *laddr, |
2685 | struct sockaddr *addrs, |
2686 | int addrcnt, |
2687 | __be16 flags) |
2688 | { |
2689 | sctp_addip_param_t param; |
2690 | struct sctp_chunk *retval; |
2691 | union sctp_addr_param addr_param; |
2692 | union sctp_addr *addr; |
2693 | void *addr_buf; |
2694 | struct sctp_af *af; |
2695 | int paramlen = sizeof(param); |
2696 | int addr_param_len = 0; |
2697 | int totallen = 0; |
2698 | int i; |
2699 | |
2700 | /* Get total length of all the address parameters. */ |
2701 | addr_buf = addrs; |
2702 | for (i = 0; i < addrcnt; i++) { |
2703 | addr = (union sctp_addr *)addr_buf; |
2704 | af = sctp_get_af_specific(addr->v4.sin_family); |
2705 | addr_param_len = af->to_addr_param(addr, &addr_param); |
2706 | |
2707 | totallen += paramlen; |
2708 | totallen += addr_param_len; |
2709 | |
2710 | addr_buf += af->sockaddr_len; |
2711 | } |
2712 | |
2713 | /* Create an asconf chunk with the required length. */ |
2714 | retval = sctp_make_asconf(asoc, laddr, totallen); |
2715 | if (!retval) |
2716 | return NULL; |
2717 | |
2718 | /* Add the address parameters to the asconf chunk. */ |
2719 | addr_buf = addrs; |
2720 | for (i = 0; i < addrcnt; i++) { |
2721 | addr = (union sctp_addr *)addr_buf; |
2722 | af = sctp_get_af_specific(addr->v4.sin_family); |
2723 | addr_param_len = af->to_addr_param(addr, &addr_param); |
2724 | param.param_hdr.type = flags; |
2725 | param.param_hdr.length = htons(paramlen + addr_param_len); |
2726 | param.crr_id = i; |
2727 | |
2728 | sctp_addto_chunk(retval, paramlen, ¶m); |
2729 | sctp_addto_chunk(retval, addr_param_len, &addr_param); |
2730 | |
2731 | addr_buf += af->sockaddr_len; |
2732 | } |
2733 | return retval; |
2734 | } |
2735 | |
2736 | /* ADDIP |
2737 | * 3.2.4 Set Primary IP Address |
2738 | * 0 1 2 3 |
2739 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 |
2740 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2741 | * | Type =0xC004 | Length = Variable | |
2742 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2743 | * | ASCONF-Request Correlation ID | |
2744 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2745 | * | Address Parameter | |
2746 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2747 | * |
2748 | * Create an ASCONF chunk with Set Primary IP address parameter. |
2749 | */ |
2750 | struct sctp_chunk *sctp_make_asconf_set_prim(struct sctp_association *asoc, |
2751 | union sctp_addr *addr) |
2752 | { |
2753 | sctp_addip_param_t param; |
2754 | struct sctp_chunk *retval; |
2755 | int len = sizeof(param); |
2756 | union sctp_addr_param addrparam; |
2757 | int addrlen; |
2758 | struct sctp_af *af = sctp_get_af_specific(addr->v4.sin_family); |
2759 | |
2760 | addrlen = af->to_addr_param(addr, &addrparam); |
2761 | if (!addrlen) |
2762 | return NULL; |
2763 | len += addrlen; |
2764 | |
2765 | /* Create the chunk and make asconf header. */ |
2766 | retval = sctp_make_asconf(asoc, addr, len); |
2767 | if (!retval) |
2768 | return NULL; |
2769 | |
2770 | param.param_hdr.type = SCTP_PARAM_SET_PRIMARY; |
2771 | param.param_hdr.length = htons(len); |
2772 | param.crr_id = 0; |
2773 | |
2774 | sctp_addto_chunk(retval, sizeof(param), ¶m); |
2775 | sctp_addto_chunk(retval, addrlen, &addrparam); |
2776 | |
2777 | return retval; |
2778 | } |
2779 | |
2780 | /* ADDIP 3.1.2 Address Configuration Acknowledgement Chunk (ASCONF-ACK) |
2781 | * 0 1 2 3 |
2782 | * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 |
2783 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2784 | * | Type = 0x80 | Chunk Flags | Chunk Length | |
2785 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2786 | * | Serial Number | |
2787 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2788 | * | ASCONF Parameter Response#1 | |
2789 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2790 | * \ \ |
2791 | * / .... / |
2792 | * \ \ |
2793 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2794 | * | ASCONF Parameter Response#N | |
2795 | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
2796 | * |
2797 | * Create an ASCONF_ACK chunk with enough space for the parameter responses. |
2798 | */ |
2799 | static struct sctp_chunk *sctp_make_asconf_ack(const struct sctp_association *asoc, |
2800 | __u32 serial, int vparam_len) |
2801 | { |
2802 | sctp_addiphdr_t asconf; |
2803 | struct sctp_chunk *retval; |
2804 | int length = sizeof(asconf) + vparam_len; |
2805 | |
2806 | /* Create the chunk. */ |
2807 | retval = sctp_make_chunk(asoc, SCTP_CID_ASCONF_ACK, 0, length); |
2808 | if (!retval) |
2809 | return NULL; |
2810 | |
2811 | asconf.serial = htonl(serial); |
2812 | |
2813 | retval->subh.addip_hdr = |
2814 | sctp_addto_chunk(retval, sizeof(asconf), &asconf); |
2815 | |
2816 | return retval; |
2817 | } |
2818 | |
2819 | /* Add response parameters to an ASCONF_ACK chunk. */ |
2820 | static void sctp_add_asconf_response(struct sctp_chunk *chunk, __be32 crr_id, |
2821 | __be16 err_code, sctp_addip_param_t *asconf_param) |
2822 | { |
2823 | sctp_addip_param_t ack_param; |
2824 | sctp_errhdr_t err_param; |
2825 | int asconf_param_len = 0; |
2826 | int err_param_len = 0; |
2827 | __be16 response_type; |
2828 | |
2829 | if (SCTP_ERROR_NO_ERROR == err_code) { |
2830 | response_type = SCTP_PARAM_SUCCESS_REPORT; |
2831 | } else { |
2832 | response_type = SCTP_PARAM_ERR_CAUSE; |
2833 | err_param_len = sizeof(err_param); |
2834 | if (asconf_param) |
2835 | asconf_param_len = |
2836 | ntohs(asconf_param->param_hdr.length); |
2837 | } |
2838 | |
2839 | /* Add Success Indication or Error Cause Indication parameter. */ |
2840 | ack_param.param_hdr.type = response_type; |
2841 | ack_param.param_hdr.length = htons(sizeof(ack_param) + |
2842 | err_param_len + |
2843 | asconf_param_len); |
2844 | ack_param.crr_id = crr_id; |
2845 | sctp_addto_chunk(chunk, sizeof(ack_param), &ack_param); |
2846 | |
2847 | if (SCTP_ERROR_NO_ERROR == err_code) |
2848 | return; |
2849 | |
2850 | /* Add Error Cause parameter. */ |
2851 | err_param.cause = err_code; |
2852 | err_param.length = htons(err_param_len + asconf_param_len); |
2853 | sctp_addto_chunk(chunk, err_param_len, &err_param); |
2854 | |
2855 | /* Add the failed TLV copied from ASCONF chunk. */ |
2856 | if (asconf_param) |
2857 | sctp_addto_chunk(chunk, asconf_param_len, asconf_param); |
2858 | } |
2859 | |
2860 | /* Process a asconf parameter. */ |
2861 | static __be16 sctp_process_asconf_param(struct sctp_association *asoc, |
2862 | struct sctp_chunk *asconf, |
2863 | sctp_addip_param_t *asconf_param) |
2864 | { |
2865 | struct sctp_transport *peer; |
2866 | struct sctp_af *af; |
2867 | union sctp_addr addr; |
2868 | union sctp_addr_param *addr_param; |
2869 | |
2870 | addr_param = (union sctp_addr_param *) |
2871 | ((void *)asconf_param + sizeof(sctp_addip_param_t)); |
2872 | |
2873 | if (asconf_param->param_hdr.type != SCTP_PARAM_ADD_IP && |
2874 | asconf_param->param_hdr.type != SCTP_PARAM_DEL_IP && |
2875 | asconf_param->param_hdr.type != SCTP_PARAM_SET_PRIMARY) |
2876 | return SCTP_ERROR_UNKNOWN_PARAM; |
2877 | |
2878 | switch (addr_param->v4.param_hdr.type) { |
2879 | case SCTP_PARAM_IPV6_ADDRESS: |
2880 | if (!asoc->peer.ipv6_address) |
2881 | return SCTP_ERROR_DNS_FAILED; |
2882 | break; |
2883 | case SCTP_PARAM_IPV4_ADDRESS: |
2884 | if (!asoc->peer.ipv4_address) |
2885 | return SCTP_ERROR_DNS_FAILED; |
2886 | break; |
2887 | default: |
2888 | return SCTP_ERROR_DNS_FAILED; |
2889 | } |
2890 | |
2891 | af = sctp_get_af_specific(param_type2af(addr_param->v4.param_hdr.type)); |
2892 | if (unlikely(!af)) |
2893 | return SCTP_ERROR_DNS_FAILED; |
2894 | |
2895 | af->from_addr_param(&addr, addr_param, htons(asoc->peer.port), 0); |
2896 | |
2897 | /* ADDIP 4.2.1 This parameter MUST NOT contain a broadcast |
2898 | * or multicast address. |
2899 | * (note: wildcard is permitted and requires special handling so |
2900 | * make sure we check for that) |
2901 | */ |
2902 | if (!af->is_any(&addr) && !af->addr_valid(&addr, NULL, asconf->skb)) |
2903 | return SCTP_ERROR_DNS_FAILED; |
2904 | |
2905 | switch (asconf_param->param_hdr.type) { |
2906 | case SCTP_PARAM_ADD_IP: |
2907 | /* Section 4.2.1: |
2908 | * If the address 0.0.0.0 or ::0 is provided, the source |
2909 | * address of the packet MUST be added. |
2910 | */ |
2911 | if (af->is_any(&addr)) |
2912 | memcpy(&addr, &asconf->source, sizeof(addr)); |
2913 | |
2914 | /* ADDIP 4.3 D9) If an endpoint receives an ADD IP address |
2915 | * request and does not have the local resources to add this |
2916 | * new address to the association, it MUST return an Error |
2917 | * Cause TLV set to the new error code 'Operation Refused |
2918 | * Due to Resource Shortage'. |
2919 | */ |
2920 | |
2921 | peer = sctp_assoc_add_peer(asoc, &addr, GFP_ATOMIC, SCTP_UNCONFIRMED); |
2922 | if (!peer) |
2923 | return SCTP_ERROR_RSRC_LOW; |
2924 | |
2925 | /* Start the heartbeat timer. */ |
2926 | if (!mod_timer(&peer->hb_timer, sctp_transport_timeout(peer))) |
2927 | sctp_transport_hold(peer); |
2928 | break; |
2929 | case SCTP_PARAM_DEL_IP: |
2930 | /* ADDIP 4.3 D7) If a request is received to delete the |
2931 | * last remaining IP address of a peer endpoint, the receiver |
2932 | * MUST send an Error Cause TLV with the error cause set to the |
2933 | * new error code 'Request to Delete Last Remaining IP Address'. |
2934 | */ |
2935 | if (asoc->peer.transport_count == 1) |
2936 | return SCTP_ERROR_DEL_LAST_IP; |
2937 | |
2938 | /* ADDIP 4.3 D8) If a request is received to delete an IP |
2939 | * address which is also the source address of the IP packet |
2940 | * which contained the ASCONF chunk, the receiver MUST reject |
2941 | * this request. To reject the request the receiver MUST send |
2942 | * an Error Cause TLV set to the new error code 'Request to |
2943 | * Delete Source IP Address' |
2944 | */ |
2945 | if (sctp_cmp_addr_exact(sctp_source(asconf), &addr)) |
2946 | return SCTP_ERROR_DEL_SRC_IP; |
2947 | |
2948 | /* Section 4.2.2 |
2949 | * If the address 0.0.0.0 or ::0 is provided, all |
2950 | * addresses of the peer except the source address of the |
2951 | * packet MUST be deleted. |
2952 | */ |
2953 | if (af->is_any(&addr)) { |
2954 | sctp_assoc_set_primary(asoc, asconf->transport); |
2955 | sctp_assoc_del_nonprimary_peers(asoc, |
2956 | asconf->transport); |
2957 | } else |
2958 | sctp_assoc_del_peer(asoc, &addr); |
2959 | break; |
2960 | case SCTP_PARAM_SET_PRIMARY: |
2961 | /* ADDIP Section 4.2.4 |
2962 | * If the address 0.0.0.0 or ::0 is provided, the receiver |
2963 | * MAY mark the source address of the packet as its |
2964 | * primary. |
2965 | */ |
2966 | if (af->is_any(&addr)) |
2967 | memcpy(&addr.v4, sctp_source(asconf), sizeof(addr)); |
2968 | |
2969 | peer = sctp_assoc_lookup_paddr(asoc, &addr); |
2970 | if (!peer) |
2971 | return SCTP_ERROR_DNS_FAILED; |
2972 | |
2973 | sctp_assoc_set_primary(asoc, peer); |
2974 | break; |
2975 | } |
2976 | |
2977 | return SCTP_ERROR_NO_ERROR; |
2978 | } |
2979 | |
2980 | /* Verify the ASCONF packet before we process it. */ |
2981 | int sctp_verify_asconf(const struct sctp_association *asoc, |
2982 | struct sctp_paramhdr *param_hdr, void *chunk_end, |
2983 | struct sctp_paramhdr **errp) { |
2984 | sctp_addip_param_t *asconf_param; |
2985 | union sctp_params param; |
2986 | int length, plen; |
2987 | |
2988 | param.v = (sctp_paramhdr_t *) param_hdr; |
2989 | while (param.v <= chunk_end - sizeof(sctp_paramhdr_t)) { |
2990 | length = ntohs(param.p->length); |
2991 | *errp = param.p; |
2992 | |
2993 | if (param.v > chunk_end - length || |
2994 | length < sizeof(sctp_paramhdr_t)) |
2995 | return 0; |
2996 | |
2997 | switch (param.p->type) { |
2998 | case SCTP_PARAM_ADD_IP: |
2999 | case SCTP_PARAM_DEL_IP: |
3000 | case SCTP_PARAM_SET_PRIMARY: |
3001 | asconf_param = (sctp_addip_param_t *)param.v; |
3002 | plen = ntohs(asconf_param->param_hdr.length); |
3003 | if (plen < sizeof(sctp_addip_param_t) + |
3004 | sizeof(sctp_paramhdr_t)) |
3005 | return 0; |
3006 | break; |
3007 | case SCTP_PARAM_SUCCESS_REPORT: |
3008 | case SCTP_PARAM_ADAPTATION_LAYER_IND: |
3009 | if (length != sizeof(sctp_addip_param_t)) |
3010 | return 0; |
3011 | |
3012 | break; |
3013 | default: |
3014 | break; |
3015 | } |
3016 | |
3017 | param.v += WORD_ROUND(length); |
3018 | } |
3019 | |
3020 | if (param.v != chunk_end) |
3021 | return 0; |
3022 | |
3023 | return 1; |
3024 | } |
3025 | |
3026 | /* Process an incoming ASCONF chunk with the next expected serial no. and |
3027 | * return an ASCONF_ACK chunk to be sent in response. |
3028 | */ |
3029 | struct sctp_chunk *sctp_process_asconf(struct sctp_association *asoc, |
3030 | struct sctp_chunk *asconf) |
3031 | { |
3032 | sctp_addiphdr_t *hdr; |
3033 | union sctp_addr_param *addr_param; |
3034 | sctp_addip_param_t *asconf_param; |
3035 | struct sctp_chunk *asconf_ack; |
3036 | |
3037 | __be16 err_code; |
3038 | int length = 0; |
3039 | int chunk_len; |
3040 | __u32 serial; |
3041 | int all_param_pass = 1; |
3042 | |
3043 | chunk_len = ntohs(asconf->chunk_hdr->length) - sizeof(sctp_chunkhdr_t); |
3044 | hdr = (sctp_addiphdr_t *)asconf->skb->data; |
3045 | serial = ntohl(hdr->serial); |
3046 | |
3047 | /* Skip the addiphdr and store a pointer to address parameter. */ |
3048 | length = sizeof(sctp_addiphdr_t); |
3049 | addr_param = (union sctp_addr_param *)(asconf->skb->data + length); |
3050 | chunk_len -= length; |
3051 | |
3052 | /* Skip the address parameter and store a pointer to the first |
3053 | * asconf parameter. |
3054 | */ |
3055 | length = ntohs(addr_param->v4.param_hdr.length); |
3056 | asconf_param = (sctp_addip_param_t *)((void *)addr_param + length); |
3057 | chunk_len -= length; |
3058 | |
3059 | /* create an ASCONF_ACK chunk. |
3060 | * Based on the definitions of parameters, we know that the size of |
3061 | * ASCONF_ACK parameters are less than or equal to the twice of ASCONF |
3062 | * parameters. |
3063 | */ |
3064 | asconf_ack = sctp_make_asconf_ack(asoc, serial, chunk_len * 2); |
3065 | if (!asconf_ack) |
3066 | goto done; |
3067 | |
3068 | /* Process the TLVs contained within the ASCONF chunk. */ |
3069 | while (chunk_len > 0) { |
3070 | err_code = sctp_process_asconf_param(asoc, asconf, |
3071 | asconf_param); |
3072 | /* ADDIP 4.1 A7) |
3073 | * If an error response is received for a TLV parameter, |
3074 | * all TLVs with no response before the failed TLV are |
3075 | * considered successful if not reported. All TLVs after |
3076 | * the failed response are considered unsuccessful unless |
3077 | * a specific success indication is present for the parameter. |
3078 | */ |
3079 | if (SCTP_ERROR_NO_ERROR != err_code) |
3080 | all_param_pass = 0; |
3081 | |
3082 | if (!all_param_pass) |
3083 | sctp_add_asconf_response(asconf_ack, |
3084 | asconf_param->crr_id, err_code, |
3085 | asconf_param); |
3086 | |
3087 | /* ADDIP 4.3 D11) When an endpoint receiving an ASCONF to add |
3088 | * an IP address sends an 'Out of Resource' in its response, it |
3089 | * MUST also fail any subsequent add or delete requests bundled |
3090 | * in the ASCONF. |
3091 | */ |
3092 | if (SCTP_ERROR_RSRC_LOW == err_code) |
3093 | goto done; |
3094 | |
3095 | /* Move to the next ASCONF param. */ |
3096 | length = ntohs(asconf_param->param_hdr.length); |
3097 | asconf_param = (sctp_addip_param_t *)((void *)asconf_param + |
3098 | length); |
3099 | chunk_len -= length; |
3100 | } |
3101 | |
3102 | done: |
3103 | asoc->peer.addip_serial++; |
3104 | |
3105 | /* If we are sending a new ASCONF_ACK hold a reference to it in assoc |
3106 | * after freeing the reference to old asconf ack if any. |
3107 | */ |
3108 | if (asconf_ack) { |
3109 | sctp_chunk_hold(asconf_ack); |
3110 | list_add_tail(&asconf_ack->transmitted_list, |
3111 | &asoc->asconf_ack_list); |
3112 | } |
3113 | |
3114 | return asconf_ack; |
3115 | } |
3116 | |
3117 | /* Process a asconf parameter that is successfully acked. */ |
3118 | static void sctp_asconf_param_success(struct sctp_association *asoc, |
3119 | sctp_addip_param_t *asconf_param) |
3120 | { |
3121 | struct sctp_af *af; |
3122 | union sctp_addr addr; |
3123 | struct sctp_bind_addr *bp = &asoc->base.bind_addr; |
3124 | union sctp_addr_param *addr_param; |
3125 | struct sctp_transport *transport; |
3126 | struct sctp_sockaddr_entry *saddr; |
3127 | |
3128 | addr_param = (union sctp_addr_param *) |
3129 | ((void *)asconf_param + sizeof(sctp_addip_param_t)); |
3130 | |
3131 | /* We have checked the packet before, so we do not check again. */ |
3132 | af = sctp_get_af_specific(param_type2af(addr_param->v4.param_hdr.type)); |
3133 | af->from_addr_param(&addr, addr_param, htons(bp->port), 0); |
3134 | |
3135 | switch (asconf_param->param_hdr.type) { |
3136 | case SCTP_PARAM_ADD_IP: |
3137 | /* This is always done in BH context with a socket lock |
3138 | * held, so the list can not change. |
3139 | */ |
3140 | local_bh_disable(); |
3141 | list_for_each_entry(saddr, &bp->address_list, list) { |
3142 | if (sctp_cmp_addr_exact(&saddr->a, &addr)) |
3143 | saddr->state = SCTP_ADDR_SRC; |
3144 | } |
3145 | local_bh_enable(); |
3146 | list_for_each_entry(transport, &asoc->peer.transport_addr_list, |
3147 | transports) { |
3148 | if (transport->state == SCTP_ACTIVE) |
3149 | continue; |
3150 | dst_release(transport->dst); |
3151 | sctp_transport_route(transport, NULL, |
3152 | sctp_sk(asoc->base.sk)); |
3153 | } |
3154 | break; |
3155 | case SCTP_PARAM_DEL_IP: |
3156 | local_bh_disable(); |
3157 | sctp_del_bind_addr(bp, &addr); |
3158 | local_bh_enable(); |
3159 | list_for_each_entry(transport, &asoc->peer.transport_addr_list, |
3160 | transports) { |
3161 | dst_release(transport->dst); |
3162 | sctp_transport_route(transport, NULL, |
3163 | sctp_sk(asoc->base.sk)); |
3164 | } |
3165 | break; |
3166 | default: |
3167 | break; |
3168 | } |
3169 | } |
3170 | |
3171 | /* Get the corresponding ASCONF response error code from the ASCONF_ACK chunk |
3172 | * for the given asconf parameter. If there is no response for this parameter, |
3173 | * return the error code based on the third argument 'no_err'. |
3174 | * ADDIP 4.1 |
3175 | * A7) If an error response is received for a TLV parameter, all TLVs with no |
3176 | * response before the failed TLV are considered successful if not reported. |
3177 | * All TLVs after the failed response are considered unsuccessful unless a |
3178 | * specific success indication is present for the parameter. |
3179 | */ |
3180 | static __be16 sctp_get_asconf_response(struct sctp_chunk *asconf_ack, |
3181 | sctp_addip_param_t *asconf_param, |
3182 | int no_err) |
3183 | { |
3184 | sctp_addip_param_t *asconf_ack_param; |
3185 | sctp_errhdr_t *err_param; |
3186 | int length; |
3187 | int asconf_ack_len; |
3188 | __be16 err_code; |
3189 | |
3190 | if (no_err) |
3191 | err_code = SCTP_ERROR_NO_ERROR; |
3192 | else |
3193 | err_code = SCTP_ERROR_REQ_REFUSED; |
3194 | |
3195 | asconf_ack_len = ntohs(asconf_ack->chunk_hdr->length) - |
3196 | sizeof(sctp_chunkhdr_t); |
3197 | |
3198 | /* Skip the addiphdr from the asconf_ack chunk and store a pointer to |
3199 | * the first asconf_ack parameter. |
3200 | */ |
3201 | length = sizeof(sctp_addiphdr_t); |
3202 | asconf_ack_param = (sctp_addip_param_t *)(asconf_ack->skb->data + |
3203 | length); |
3204 | asconf_ack_len -= length; |
3205 | |
3206 | while (asconf_ack_len > 0) { |
3207 | if (asconf_ack_param->crr_id == asconf_param->crr_id) { |
3208 | switch(asconf_ack_param->param_hdr.type) { |
3209 | case SCTP_PARAM_SUCCESS_REPORT: |
3210 | return SCTP_ERROR_NO_ERROR; |
3211 | case SCTP_PARAM_ERR_CAUSE: |
3212 | length = sizeof(sctp_addip_param_t); |
3213 | err_param = (sctp_errhdr_t *) |
3214 | ((void *)asconf_ack_param + length); |
3215 | asconf_ack_len -= length; |
3216 | if (asconf_ack_len > 0) |
3217 | return err_param->cause; |
3218 | else |
3219 | return SCTP_ERROR_INV_PARAM; |
3220 | break; |
3221 | default: |
3222 | return SCTP_ERROR_INV_PARAM; |
3223 | } |
3224 | } |
3225 | |
3226 | length = ntohs(asconf_ack_param->param_hdr.length); |
3227 | asconf_ack_param = (sctp_addip_param_t *) |
3228 | ((void *)asconf_ack_param + length); |
3229 | asconf_ack_len -= length; |
3230 | } |
3231 | |
3232 | return err_code; |
3233 | } |
3234 | |
3235 | /* Process an incoming ASCONF_ACK chunk against the cached last ASCONF chunk. */ |
3236 | int sctp_process_asconf_ack(struct sctp_association *asoc, |
3237 | struct sctp_chunk *asconf_ack) |
3238 | { |
3239 | struct sctp_chunk *asconf = asoc->addip_last_asconf; |
3240 | union sctp_addr_param *addr_param; |
3241 | sctp_addip_param_t *asconf_param; |
3242 | int length = 0; |
3243 | int asconf_len = asconf->skb->len; |
3244 | int all_param_pass = 0; |
3245 | int no_err = 1; |
3246 | int retval = 0; |
3247 | __be16 err_code = SCTP_ERROR_NO_ERROR; |
3248 | |
3249 | /* Skip the chunkhdr and addiphdr from the last asconf sent and store |
3250 | * a pointer to address parameter. |
3251 | */ |
3252 | length = sizeof(sctp_addip_chunk_t); |
3253 | addr_param = (union sctp_addr_param *)(asconf->skb->data + length); |
3254 | asconf_len -= length; |
3255 | |
3256 | /* Skip the address parameter in the last asconf sent and store a |
3257 | * pointer to the first asconf parameter. |
3258 | */ |
3259 | length = ntohs(addr_param->v4.param_hdr.length); |
3260 | asconf_param = (sctp_addip_param_t *)((void *)addr_param + length); |
3261 | asconf_len -= length; |
3262 | |
3263 | /* ADDIP 4.1 |
3264 | * A8) If there is no response(s) to specific TLV parameter(s), and no |
3265 | * failures are indicated, then all request(s) are considered |
3266 | * successful. |
3267 | */ |
3268 | if (asconf_ack->skb->len == sizeof(sctp_addiphdr_t)) |
3269 | all_param_pass = 1; |
3270 | |
3271 | /* Process the TLVs contained in the last sent ASCONF chunk. */ |
3272 | while (asconf_len > 0) { |
3273 | if (all_param_pass) |
3274 | err_code = SCTP_ERROR_NO_ERROR; |
3275 | else { |
3276 | err_code = sctp_get_asconf_response(asconf_ack, |
3277 | asconf_param, |
3278 | no_err); |
3279 | if (no_err && (SCTP_ERROR_NO_ERROR != err_code)) |
3280 | no_err = 0; |
3281 | } |
3282 | |
3283 | switch (err_code) { |
3284 | case SCTP_ERROR_NO_ERROR: |
3285 | sctp_asconf_param_success(asoc, asconf_param); |
3286 | break; |
3287 | |
3288 | case SCTP_ERROR_RSRC_LOW: |
3289 | retval = 1; |
3290 | break; |
3291 | |
3292 | case SCTP_ERROR_UNKNOWN_PARAM: |
3293 | /* Disable sending this type of asconf parameter in |
3294 | * future. |
3295 | */ |
3296 | asoc->peer.addip_disabled_mask |= |
3297 | asconf_param->param_hdr.type; |
3298 | break; |
3299 | |
3300 | case SCTP_ERROR_REQ_REFUSED: |
3301 | case SCTP_ERROR_DEL_LAST_IP: |
3302 | case SCTP_ERROR_DEL_SRC_IP: |
3303 | default: |
3304 | break; |
3305 | } |
3306 | |
3307 | /* Skip the processed asconf parameter and move to the next |
3308 | * one. |
3309 | */ |
3310 | length = ntohs(asconf_param->param_hdr.length); |
3311 | asconf_param = (sctp_addip_param_t *)((void *)asconf_param + |
3312 | length); |
3313 | asconf_len -= length; |
3314 | } |
3315 | |
3316 | /* Free the cached last sent asconf chunk. */ |
3317 | list_del_init(&asconf->transmitted_list); |
3318 | sctp_chunk_free(asconf); |
3319 | asoc->addip_last_asconf = NULL; |
3320 | |
3321 | return retval; |
3322 | } |
3323 | |
3324 | /* Make a FWD TSN chunk. */ |
3325 | struct sctp_chunk *sctp_make_fwdtsn(const struct sctp_association *asoc, |
3326 | __u32 new_cum_tsn, size_t nstreams, |
3327 | struct sctp_fwdtsn_skip *skiplist) |
3328 | { |
3329 | struct sctp_chunk *retval = NULL; |
3330 | struct sctp_fwdtsn_chunk *ftsn_chunk; |
3331 | struct sctp_fwdtsn_hdr ftsn_hdr; |
3332 | struct sctp_fwdtsn_skip skip; |
3333 | size_t hint; |
3334 | int i; |
3335 | |
3336 | hint = (nstreams + 1) * sizeof(__u32); |
3337 | |
3338 | retval = sctp_make_chunk(asoc, SCTP_CID_FWD_TSN, 0, hint); |
3339 | |
3340 | if (!retval) |
3341 | return NULL; |
3342 | |
3343 | ftsn_chunk = (struct sctp_fwdtsn_chunk *)retval->subh.fwdtsn_hdr; |
3344 | |
3345 | ftsn_hdr.new_cum_tsn = htonl(new_cum_tsn); |
3346 | retval->subh.fwdtsn_hdr = |
3347 | sctp_addto_chunk(retval, sizeof(ftsn_hdr), &ftsn_hdr); |
3348 | |
3349 | for (i = 0; i < nstreams; i++) { |
3350 | skip.stream = skiplist[i].stream; |
3351 | skip.ssn = skiplist[i].ssn; |
3352 | sctp_addto_chunk(retval, sizeof(skip), &skip); |
3353 | } |
3354 | |
3355 | return retval; |
3356 | } |
3357 |
Branches:
ben-wpan
ben-wpan-stefan
javiroman/ks7010
jz-2.6.34
jz-2.6.34-rc5
jz-2.6.34-rc6
jz-2.6.34-rc7
jz-2.6.35
jz-2.6.36
jz-2.6.37
jz-2.6.38
jz-2.6.39
jz-3.0
jz-3.1
jz-3.11
jz-3.12
jz-3.13
jz-3.15
jz-3.16
jz-3.18-dt
jz-3.2
jz-3.3
jz-3.4
jz-3.5
jz-3.6
jz-3.6-rc2-pwm
jz-3.9
jz-3.9-clk
jz-3.9-rc8
jz47xx
jz47xx-2.6.38
master
Tags:
od-2011-09-04
od-2011-09-18
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v3.9