1 // SPDX-License-Identifier: GPL-2.0-or-later 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* SCTP kernel implementation 2 /* SCTP kernel implementation 3 * (C) Copyright IBM Corp. 2003, 2004 3 * (C) Copyright IBM Corp. 2003, 2004 4 * 4 * 5 * This file is part of the SCTP kernel implem 5 * This file is part of the SCTP kernel implementation 6 * 6 * 7 * This file contains the code relating the ch 7 * This file contains the code relating the chunk abstraction. 8 * 8 * 9 * Please send any bug reports or fixes you ma 9 * Please send any bug reports or fixes you make to the 10 * email address(es): 10 * email address(es): 11 * lksctp developers <linux-sctp@vger.kerne 11 * lksctp developers <linux-sctp@vger.kernel.org> 12 * 12 * 13 * Written or modified by: 13 * Written or modified by: 14 * Jon Grimm <jgrimm@us.ibm.com 14 * Jon Grimm <jgrimm@us.ibm.com> 15 * Sridhar Samudrala <sri@us.ibm.com> 15 * Sridhar Samudrala <sri@us.ibm.com> 16 */ 16 */ 17 17 18 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 18 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 19 19 20 #include <linux/types.h> 20 #include <linux/types.h> 21 #include <linux/kernel.h> 21 #include <linux/kernel.h> 22 #include <linux/net.h> 22 #include <linux/net.h> 23 #include <linux/inet.h> 23 #include <linux/inet.h> 24 #include <linux/skbuff.h> 24 #include <linux/skbuff.h> 25 #include <linux/slab.h> 25 #include <linux/slab.h> 26 #include <net/sock.h> 26 #include <net/sock.h> 27 #include <net/sctp/sctp.h> 27 #include <net/sctp/sctp.h> 28 #include <net/sctp/sm.h> 28 #include <net/sctp/sm.h> 29 29 30 /* This file is mostly in anticipation of futu 30 /* This file is mostly in anticipation of future work, but initially 31 * populate with fragment tracking for an outb 31 * populate with fragment tracking for an outbound message. 32 */ 32 */ 33 33 34 /* Initialize datamsg from memory. */ 34 /* Initialize datamsg from memory. */ 35 static void sctp_datamsg_init(struct sctp_data 35 static void sctp_datamsg_init(struct sctp_datamsg *msg) 36 { 36 { 37 refcount_set(&msg->refcnt, 1); 37 refcount_set(&msg->refcnt, 1); 38 msg->send_failed = 0; 38 msg->send_failed = 0; 39 msg->send_error = 0; 39 msg->send_error = 0; 40 msg->can_delay = 1; 40 msg->can_delay = 1; 41 msg->abandoned = 0; 41 msg->abandoned = 0; 42 msg->expires_at = 0; 42 msg->expires_at = 0; 43 INIT_LIST_HEAD(&msg->chunks); 43 INIT_LIST_HEAD(&msg->chunks); 44 } 44 } 45 45 46 /* Allocate and initialize datamsg. */ 46 /* Allocate and initialize datamsg. */ 47 static struct sctp_datamsg *sctp_datamsg_new(g 47 static struct sctp_datamsg *sctp_datamsg_new(gfp_t gfp) 48 { 48 { 49 struct sctp_datamsg *msg; 49 struct sctp_datamsg *msg; 50 msg = kmalloc(sizeof(struct sctp_datam 50 msg = kmalloc(sizeof(struct sctp_datamsg), gfp); 51 if (msg) { 51 if (msg) { 52 sctp_datamsg_init(msg); 52 sctp_datamsg_init(msg); 53 SCTP_DBG_OBJCNT_INC(datamsg); 53 SCTP_DBG_OBJCNT_INC(datamsg); 54 } 54 } 55 return msg; 55 return msg; 56 } 56 } 57 57 58 void sctp_datamsg_free(struct sctp_datamsg *ms 58 void sctp_datamsg_free(struct sctp_datamsg *msg) 59 { 59 { 60 struct sctp_chunk *chunk; 60 struct sctp_chunk *chunk; 61 61 62 /* This doesn't have to be a _safe vai 62 /* This doesn't have to be a _safe vairant because 63 * sctp_chunk_free() only drops the re 63 * sctp_chunk_free() only drops the refs. 64 */ 64 */ 65 list_for_each_entry(chunk, &msg->chunk 65 list_for_each_entry(chunk, &msg->chunks, frag_list) 66 sctp_chunk_free(chunk); 66 sctp_chunk_free(chunk); 67 67 68 sctp_datamsg_put(msg); 68 sctp_datamsg_put(msg); 69 } 69 } 70 70 71 /* Final destructruction of datamsg memory. */ 71 /* Final destructruction of datamsg memory. */ 72 static void sctp_datamsg_destroy(struct sctp_d 72 static void sctp_datamsg_destroy(struct sctp_datamsg *msg) 73 { 73 { 74 struct sctp_association *asoc = NULL; 74 struct sctp_association *asoc = NULL; 75 struct list_head *pos, *temp; 75 struct list_head *pos, *temp; 76 struct sctp_chunk *chunk; 76 struct sctp_chunk *chunk; 77 struct sctp_ulpevent *ev; 77 struct sctp_ulpevent *ev; 78 int error, sent; 78 int error, sent; 79 79 80 /* Release all references. */ 80 /* Release all references. */ 81 list_for_each_safe(pos, temp, &msg->ch 81 list_for_each_safe(pos, temp, &msg->chunks) { 82 list_del_init(pos); 82 list_del_init(pos); 83 chunk = list_entry(pos, struct 83 chunk = list_entry(pos, struct sctp_chunk, frag_list); 84 84 85 if (!msg->send_failed) { 85 if (!msg->send_failed) { 86 sctp_chunk_put(chunk); 86 sctp_chunk_put(chunk); 87 continue; 87 continue; 88 } 88 } 89 89 90 asoc = chunk->asoc; 90 asoc = chunk->asoc; 91 error = msg->send_error ?: aso 91 error = msg->send_error ?: asoc->outqueue.error; 92 sent = chunk->has_tsn ? SCTP_D 92 sent = chunk->has_tsn ? SCTP_DATA_SENT : SCTP_DATA_UNSENT; 93 93 94 if (sctp_ulpevent_type_enabled 94 if (sctp_ulpevent_type_enabled(asoc->subscribe, 95 95 SCTP_SEND_FAILED)) { 96 ev = sctp_ulpevent_mak 96 ev = sctp_ulpevent_make_send_failed(asoc, chunk, sent, 97 97 error, GFP_ATOMIC); 98 if (ev) 98 if (ev) 99 asoc->stream.s 99 asoc->stream.si->enqueue_event(&asoc->ulpq, ev); 100 } 100 } 101 101 102 if (sctp_ulpevent_type_enabled 102 if (sctp_ulpevent_type_enabled(asoc->subscribe, 103 103 SCTP_SEND_FAILED_EVENT)) { 104 ev = sctp_ulpevent_mak 104 ev = sctp_ulpevent_make_send_failed_event(asoc, chunk, 105 105 sent, error, 106 106 GFP_ATOMIC); 107 if (ev) 107 if (ev) 108 asoc->stream.s 108 asoc->stream.si->enqueue_event(&asoc->ulpq, ev); 109 } 109 } 110 110 111 sctp_chunk_put(chunk); 111 sctp_chunk_put(chunk); 112 } 112 } 113 113 114 SCTP_DBG_OBJCNT_DEC(datamsg); 114 SCTP_DBG_OBJCNT_DEC(datamsg); 115 kfree(msg); 115 kfree(msg); 116 } 116 } 117 117 118 /* Hold a reference. */ 118 /* Hold a reference. */ 119 static void sctp_datamsg_hold(struct sctp_data 119 static void sctp_datamsg_hold(struct sctp_datamsg *msg) 120 { 120 { 121 refcount_inc(&msg->refcnt); 121 refcount_inc(&msg->refcnt); 122 } 122 } 123 123 124 /* Release a reference. */ 124 /* Release a reference. */ 125 void sctp_datamsg_put(struct sctp_datamsg *msg 125 void sctp_datamsg_put(struct sctp_datamsg *msg) 126 { 126 { 127 if (refcount_dec_and_test(&msg->refcnt 127 if (refcount_dec_and_test(&msg->refcnt)) 128 sctp_datamsg_destroy(msg); 128 sctp_datamsg_destroy(msg); 129 } 129 } 130 130 131 /* Assign a chunk to this datamsg. */ 131 /* Assign a chunk to this datamsg. */ 132 static void sctp_datamsg_assign(struct sctp_da 132 static void sctp_datamsg_assign(struct sctp_datamsg *msg, struct sctp_chunk *chunk) 133 { 133 { 134 sctp_datamsg_hold(msg); 134 sctp_datamsg_hold(msg); 135 chunk->msg = msg; 135 chunk->msg = msg; 136 } 136 } 137 137 138 138 139 /* A data chunk can have a maximum payload of 139 /* A data chunk can have a maximum payload of (2^16 - 20). Break 140 * down any such message into smaller chunks. 140 * down any such message into smaller chunks. Opportunistically, fragment 141 * the chunks down to the current MTU constrai 141 * the chunks down to the current MTU constraints. We may get refragmented 142 * later if the PMTU changes, but it is _much 142 * later if the PMTU changes, but it is _much better_ to fragment immediately 143 * with a reasonable guess than always doing o 143 * with a reasonable guess than always doing our fragmentation on the 144 * soft-interrupt. 144 * soft-interrupt. 145 */ 145 */ 146 struct sctp_datamsg *sctp_datamsg_from_user(st 146 struct sctp_datamsg *sctp_datamsg_from_user(struct sctp_association *asoc, 147 st 147 struct sctp_sndrcvinfo *sinfo, 148 st 148 struct iov_iter *from) 149 { 149 { 150 size_t len, first_len, max_data, remai 150 size_t len, first_len, max_data, remaining; 151 size_t msg_len = iov_iter_count(from); 151 size_t msg_len = iov_iter_count(from); 152 struct sctp_shared_key *shkey = NULL; 152 struct sctp_shared_key *shkey = NULL; 153 struct list_head *pos, *temp; 153 struct list_head *pos, *temp; 154 struct sctp_chunk *chunk; 154 struct sctp_chunk *chunk; 155 struct sctp_datamsg *msg; 155 struct sctp_datamsg *msg; 156 int err; 156 int err; 157 157 158 msg = sctp_datamsg_new(GFP_KERNEL); 158 msg = sctp_datamsg_new(GFP_KERNEL); 159 if (!msg) 159 if (!msg) 160 return ERR_PTR(-ENOMEM); 160 return ERR_PTR(-ENOMEM); 161 161 162 /* Note: Calculate this outside of the 162 /* Note: Calculate this outside of the loop, so that all fragments 163 * have the same expiration. 163 * have the same expiration. 164 */ 164 */ 165 if (asoc->peer.prsctp_capable && sinfo 165 if (asoc->peer.prsctp_capable && sinfo->sinfo_timetolive && 166 (SCTP_PR_TTL_ENABLED(sinfo->sinfo_ 166 (SCTP_PR_TTL_ENABLED(sinfo->sinfo_flags) || 167 !SCTP_PR_POLICY(sinfo->sinfo_flag 167 !SCTP_PR_POLICY(sinfo->sinfo_flags))) 168 msg->expires_at = jiffies + 168 msg->expires_at = jiffies + 169 msecs_to_jif 169 msecs_to_jiffies(sinfo->sinfo_timetolive); 170 170 171 /* This is the biggest possible DATA c 171 /* This is the biggest possible DATA chunk that can fit into 172 * the packet 172 * the packet 173 */ 173 */ 174 max_data = asoc->frag_point; 174 max_data = asoc->frag_point; 175 if (unlikely(!max_data)) { 175 if (unlikely(!max_data)) { 176 max_data = sctp_min_frag_point 176 max_data = sctp_min_frag_point(sctp_sk(asoc->base.sk), 177 177 sctp_datachk_len(&asoc->stream)); 178 pr_warn_ratelimited("%s: asoc: 178 pr_warn_ratelimited("%s: asoc:%p frag_point is zero, forcing max_data to default minimum (%zu)", 179 __func__, 179 __func__, asoc, max_data); 180 } 180 } 181 181 182 /* If the peer requested that we authe 182 /* If the peer requested that we authenticate DATA chunks 183 * we need to account for bundling of 183 * we need to account for bundling of the AUTH chunks along with 184 * DATA. 184 * DATA. 185 */ 185 */ 186 if (sctp_auth_send_cid(SCTP_CID_DATA, 186 if (sctp_auth_send_cid(SCTP_CID_DATA, asoc)) { 187 struct sctp_hmac *hmac_desc = 187 struct sctp_hmac *hmac_desc = sctp_auth_asoc_get_hmac(asoc); 188 188 189 if (hmac_desc) 189 if (hmac_desc) 190 max_data -= SCTP_PAD4( 190 max_data -= SCTP_PAD4(sizeof(struct sctp_auth_chunk) + 191 191 hmac_desc->hmac_len); 192 192 193 if (sinfo->sinfo_tsn && 193 if (sinfo->sinfo_tsn && 194 sinfo->sinfo_ssn != asoc-> 194 sinfo->sinfo_ssn != asoc->active_key_id) { 195 shkey = sctp_auth_get_ 195 shkey = sctp_auth_get_shkey(asoc, sinfo->sinfo_ssn); 196 if (!shkey) { 196 if (!shkey) { 197 err = -EINVAL; 197 err = -EINVAL; 198 goto errout; 198 goto errout; 199 } 199 } 200 } else { 200 } else { 201 shkey = asoc->shkey; 201 shkey = asoc->shkey; 202 } 202 } 203 } 203 } 204 204 205 /* Set first_len and then account for 205 /* Set first_len and then account for possible bundles on first frag */ 206 first_len = max_data; 206 first_len = max_data; 207 207 208 /* Check to see if we have a pending S 208 /* Check to see if we have a pending SACK and try to let it be bundled 209 * with this message. Do this if we d 209 * with this message. Do this if we don't have any data queued already. 210 * To check that, look at out_qlen and 210 * To check that, look at out_qlen and retransmit list. 211 * NOTE: we will not reduce to account 211 * NOTE: we will not reduce to account for SACK, if the message would 212 * not have been fragmented. 212 * not have been fragmented. 213 */ 213 */ 214 if (timer_pending(&asoc->timers[SCTP_E 214 if (timer_pending(&asoc->timers[SCTP_EVENT_TIMEOUT_SACK]) && 215 asoc->outqueue.out_qlen == 0 && 215 asoc->outqueue.out_qlen == 0 && 216 list_empty(&asoc->outqueue.retrans 216 list_empty(&asoc->outqueue.retransmit) && 217 msg_len > max_data) 217 msg_len > max_data) 218 first_len -= SCTP_PAD4(sizeof( 218 first_len -= SCTP_PAD4(sizeof(struct sctp_sack_chunk)); 219 219 220 /* Encourage Cookie-ECHO bundling. */ 220 /* Encourage Cookie-ECHO bundling. */ 221 if (asoc->state < SCTP_STATE_COOKIE_EC 221 if (asoc->state < SCTP_STATE_COOKIE_ECHOED) 222 first_len -= SCTP_ARBITRARY_CO 222 first_len -= SCTP_ARBITRARY_COOKIE_ECHO_LEN; 223 223 224 /* Account for a different sized first 224 /* Account for a different sized first fragment */ 225 if (msg_len >= first_len) { 225 if (msg_len >= first_len) { 226 msg->can_delay = 0; 226 msg->can_delay = 0; 227 if (msg_len > first_len) 227 if (msg_len > first_len) 228 SCTP_INC_STATS(asoc->b 228 SCTP_INC_STATS(asoc->base.net, 229 SCTP_MI 229 SCTP_MIB_FRAGUSRMSGS); 230 } else { 230 } else { 231 /* Which may be the only one.. 231 /* Which may be the only one... */ 232 first_len = msg_len; 232 first_len = msg_len; 233 } 233 } 234 234 235 /* Create chunks for all DATA chunks. 235 /* Create chunks for all DATA chunks. */ 236 for (remaining = msg_len; remaining; r 236 for (remaining = msg_len; remaining; remaining -= len) { 237 u8 frag = SCTP_DATA_MIDDLE_FRA 237 u8 frag = SCTP_DATA_MIDDLE_FRAG; 238 238 239 if (remaining == msg_len) { 239 if (remaining == msg_len) { 240 /* First frag, which m 240 /* First frag, which may also be the last */ 241 frag |= SCTP_DATA_FIRS 241 frag |= SCTP_DATA_FIRST_FRAG; 242 len = first_len; 242 len = first_len; 243 } else { 243 } else { 244 /* Middle frags */ 244 /* Middle frags */ 245 len = max_data; 245 len = max_data; 246 } 246 } 247 247 248 if (len >= remaining) { 248 if (len >= remaining) { 249 /* Last frag, which ma 249 /* Last frag, which may also be the first */ 250 len = remaining; 250 len = remaining; 251 frag |= SCTP_DATA_LAST 251 frag |= SCTP_DATA_LAST_FRAG; 252 252 253 /* The application req 253 /* The application requests to set the I-bit of the 254 * last DATA chunk of 254 * last DATA chunk of a user message when providing 255 * the user message to 255 * the user message to the SCTP implementation. 256 */ 256 */ 257 if ((sinfo->sinfo_flag 257 if ((sinfo->sinfo_flags & SCTP_EOF) || 258 (sinfo->sinfo_flag 258 (sinfo->sinfo_flags & SCTP_SACK_IMMEDIATELY)) 259 frag |= SCTP_D 259 frag |= SCTP_DATA_SACK_IMM; 260 } 260 } 261 261 262 chunk = asoc->stream.si->make_ 262 chunk = asoc->stream.si->make_datafrag(asoc, sinfo, len, frag, 263 263 GFP_KERNEL); 264 if (!chunk) { 264 if (!chunk) { 265 err = -ENOMEM; 265 err = -ENOMEM; 266 goto errout; 266 goto errout; 267 } 267 } 268 268 269 err = sctp_user_addto_chunk(ch 269 err = sctp_user_addto_chunk(chunk, len, from); 270 if (err < 0) 270 if (err < 0) 271 goto errout_chunk_free 271 goto errout_chunk_free; 272 272 273 chunk->shkey = shkey; 273 chunk->shkey = shkey; 274 274 275 /* Put the chunk->skb back int 275 /* Put the chunk->skb back into the form expected by send. */ 276 __skb_pull(chunk->skb, (__u8 * 276 __skb_pull(chunk->skb, (__u8 *)chunk->chunk_hdr - 277 chunk-> 277 chunk->skb->data); 278 278 279 sctp_datamsg_assign(msg, chunk 279 sctp_datamsg_assign(msg, chunk); 280 list_add_tail(&chunk->frag_lis 280 list_add_tail(&chunk->frag_list, &msg->chunks); 281 } 281 } 282 282 283 return msg; 283 return msg; 284 284 285 errout_chunk_free: 285 errout_chunk_free: 286 sctp_chunk_free(chunk); 286 sctp_chunk_free(chunk); 287 287 288 errout: 288 errout: 289 list_for_each_safe(pos, temp, &msg->ch 289 list_for_each_safe(pos, temp, &msg->chunks) { 290 list_del_init(pos); 290 list_del_init(pos); 291 chunk = list_entry(pos, struct 291 chunk = list_entry(pos, struct sctp_chunk, frag_list); 292 sctp_chunk_free(chunk); 292 sctp_chunk_free(chunk); 293 } 293 } 294 sctp_datamsg_put(msg); 294 sctp_datamsg_put(msg); 295 295 296 return ERR_PTR(err); 296 return ERR_PTR(err); 297 } 297 } 298 298 299 /* Check whether this message has expired. */ 299 /* Check whether this message has expired. */ 300 int sctp_chunk_abandoned(struct sctp_chunk *ch 300 int sctp_chunk_abandoned(struct sctp_chunk *chunk) 301 { 301 { 302 if (!chunk->asoc->peer.prsctp_capable) 302 if (!chunk->asoc->peer.prsctp_capable) 303 return 0; 303 return 0; 304 304 305 if (chunk->msg->abandoned) 305 if (chunk->msg->abandoned) 306 return 1; 306 return 1; 307 307 308 if (!chunk->has_tsn && 308 if (!chunk->has_tsn && 309 !(chunk->chunk_hdr->flags & SCTP_D 309 !(chunk->chunk_hdr->flags & SCTP_DATA_FIRST_FRAG)) 310 return 0; 310 return 0; 311 311 312 if (SCTP_PR_TTL_ENABLED(chunk->sinfo.s 312 if (SCTP_PR_TTL_ENABLED(chunk->sinfo.sinfo_flags) && 313 time_after(jiffies, chunk->msg->ex 313 time_after(jiffies, chunk->msg->expires_at)) { 314 struct sctp_stream_out *stream 314 struct sctp_stream_out *streamout = 315 SCTP_SO(&chunk->asoc-> 315 SCTP_SO(&chunk->asoc->stream, 316 chunk->sinfo.s 316 chunk->sinfo.sinfo_stream); 317 317 318 if (chunk->sent_count) { 318 if (chunk->sent_count) { 319 chunk->asoc->abandoned 319 chunk->asoc->abandoned_sent[SCTP_PR_INDEX(TTL)]++; 320 streamout->ext->abando 320 streamout->ext->abandoned_sent[SCTP_PR_INDEX(TTL)]++; 321 } else { 321 } else { 322 chunk->asoc->abandoned 322 chunk->asoc->abandoned_unsent[SCTP_PR_INDEX(TTL)]++; 323 streamout->ext->abando 323 streamout->ext->abandoned_unsent[SCTP_PR_INDEX(TTL)]++; 324 } 324 } 325 chunk->msg->abandoned = 1; 325 chunk->msg->abandoned = 1; 326 return 1; 326 return 1; 327 } else if (SCTP_PR_RTX_ENABLED(chunk-> 327 } else if (SCTP_PR_RTX_ENABLED(chunk->sinfo.sinfo_flags) && 328 chunk->sent_count > chunk-> 328 chunk->sent_count > chunk->sinfo.sinfo_timetolive) { 329 struct sctp_stream_out *stream 329 struct sctp_stream_out *streamout = 330 SCTP_SO(&chunk->asoc-> 330 SCTP_SO(&chunk->asoc->stream, 331 chunk->sinfo.s 331 chunk->sinfo.sinfo_stream); 332 332 333 chunk->asoc->abandoned_sent[SC 333 chunk->asoc->abandoned_sent[SCTP_PR_INDEX(RTX)]++; 334 streamout->ext->abandoned_sent 334 streamout->ext->abandoned_sent[SCTP_PR_INDEX(RTX)]++; 335 chunk->msg->abandoned = 1; 335 chunk->msg->abandoned = 1; 336 return 1; 336 return 1; 337 } else if (!SCTP_PR_POLICY(chunk->sinf 337 } else if (!SCTP_PR_POLICY(chunk->sinfo.sinfo_flags) && 338 chunk->msg->expires_at && 338 chunk->msg->expires_at && 339 time_after(jiffies, chunk-> 339 time_after(jiffies, chunk->msg->expires_at)) { 340 chunk->msg->abandoned = 1; 340 chunk->msg->abandoned = 1; 341 return 1; 341 return 1; 342 } 342 } 343 /* PRIO policy is processed by sendmsg 343 /* PRIO policy is processed by sendmsg, not here */ 344 344 345 return 0; 345 return 0; 346 } 346 } 347 347 348 /* This chunk (and consequently entire message 348 /* This chunk (and consequently entire message) has failed in its sending. */ 349 void sctp_chunk_fail(struct sctp_chunk *chunk, 349 void sctp_chunk_fail(struct sctp_chunk *chunk, int error) 350 { 350 { 351 chunk->msg->send_failed = 1; 351 chunk->msg->send_failed = 1; 352 chunk->msg->send_error = error; 352 chunk->msg->send_error = error; 353 } 353 } 354 354
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.