1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* SCTP kernel implementation
3 * (C) Copyright IBM Corp. 2001, 2004
4 * Copyright (c) 1999-2000 Cisco, Inc.
5 * Copyright (c) 1999-2001 Motorola, Inc.
6 * Copyright (c) 2001 Intel Corp.
7 *
8 * This file is part of the SCTP kernel implementation
9 *
10 * This file contains sctp stream maniuplation primitives and helpers.
11 *
12 * Please send any bug reports or fixes you make to the
13 * email address(es):
14 * lksctp developers <linux-sctp@vger.kernel.org>
15 *
16 * Written or modified by:
17 * Xin Long <lucien.xin@gmail.com>
18 */
19
20 #include <linux/list.h>
21 #include <net/sctp/sctp.h>
22 #include <net/sctp/sm.h>
23 #include <net/sctp/stream_sched.h>
24
sctp_stream_shrink_out(struct sctp_stream * stream,__u16 outcnt)25 static void sctp_stream_shrink_out(struct sctp_stream *stream, __u16 outcnt)
26 {
27 struct sctp_association *asoc;
28 struct sctp_chunk *ch, *temp;
29 struct sctp_outq *outq;
30
31 asoc = container_of(stream, struct sctp_association, stream);
32 outq = &asoc->outqueue;
33
34 list_for_each_entry_safe(ch, temp, &outq->out_chunk_list, list) {
35 __u16 sid = sctp_chunk_stream_no(ch);
36
37 if (sid < outcnt)
38 continue;
39
40 sctp_sched_dequeue_common(outq, ch);
41 /* No need to call dequeue_done here because
42 * the chunks are not scheduled by now.
43 */
44
45 /* Mark as failed send. */
46 sctp_chunk_fail(ch, (__force __u32)SCTP_ERROR_INV_STRM);
47 if (asoc->peer.prsctp_capable &&
48 SCTP_PR_PRIO_ENABLED(ch->sinfo.sinfo_flags))
49 asoc->sent_cnt_removable--;
50
51 sctp_chunk_free(ch);
52 }
53 }
54
sctp_stream_free_ext(struct sctp_stream * stream,__u16 sid)55 static void sctp_stream_free_ext(struct sctp_stream *stream, __u16 sid)
56 {
57 struct sctp_sched_ops *sched;
58
59 if (!SCTP_SO(stream, sid)->ext)
60 return;
61
62 sched = sctp_sched_ops_from_stream(stream);
63 sched->free_sid(stream, sid);
64 kfree(SCTP_SO(stream, sid)->ext);
65 SCTP_SO(stream, sid)->ext = NULL;
66 }
67
68 /* Migrates chunks from stream queues to new stream queues if needed,
69 * but not across associations. Also, removes those chunks to streams
70 * higher than the new max.
71 */
sctp_stream_outq_migrate(struct sctp_stream * stream,struct sctp_stream * new,__u16 outcnt)72 static void sctp_stream_outq_migrate(struct sctp_stream *stream,
73 struct sctp_stream *new, __u16 outcnt)
74 {
75 int i;
76
77 if (stream->outcnt > outcnt)
78 sctp_stream_shrink_out(stream, outcnt);
79
80 if (new) {
81 /* Here we actually move the old ext stuff into the new
82 * buffer, because we want to keep it. Then
83 * sctp_stream_update will swap ->out pointers.
84 */
85 for (i = 0; i < outcnt; i++) {
86 sctp_stream_free_ext(new, i);
87 SCTP_SO(new, i)->ext = SCTP_SO(stream, i)->ext;
88 SCTP_SO(stream, i)->ext = NULL;
89 }
90 }
91
92 for (i = outcnt; i < stream->outcnt; i++)
93 sctp_stream_free_ext(stream, i);
94 }
95
sctp_stream_alloc_out(struct sctp_stream * stream,__u16 outcnt,gfp_t gfp)96 static int sctp_stream_alloc_out(struct sctp_stream *stream, __u16 outcnt,
97 gfp_t gfp)
98 {
99 int ret;
100
101 if (outcnt <= stream->outcnt)
102 goto out;
103
104 ret = genradix_prealloc(&stream->out, outcnt, gfp);
105 if (ret)
106 return ret;
107
108 out:
109 stream->outcnt = outcnt;
110 return 0;
111 }
112
sctp_stream_alloc_in(struct sctp_stream * stream,__u16 incnt,gfp_t gfp)113 static int sctp_stream_alloc_in(struct sctp_stream *stream, __u16 incnt,
114 gfp_t gfp)
115 {
116 int ret;
117
118 if (incnt <= stream->incnt)
119 goto out;
120
121 ret = genradix_prealloc(&stream->in, incnt, gfp);
122 if (ret)
123 return ret;
124
125 out:
126 stream->incnt = incnt;
127 return 0;
128 }
129
sctp_stream_init(struct sctp_stream * stream,__u16 outcnt,__u16 incnt,gfp_t gfp)130 int sctp_stream_init(struct sctp_stream *stream, __u16 outcnt, __u16 incnt,
131 gfp_t gfp)
132 {
133 struct sctp_sched_ops *sched = sctp_sched_ops_from_stream(stream);
134 int i, ret = 0;
135
136 gfp |= __GFP_NOWARN;
137
138 /* Initial stream->out size may be very big, so free it and alloc
139 * a new one with new outcnt to save memory if needed.
140 */
141 if (outcnt == stream->outcnt)
142 goto handle_in;
143
144 /* Filter out chunks queued on streams that won't exist anymore */
145 sched->unsched_all(stream);
146 sctp_stream_outq_migrate(stream, NULL, outcnt);
147 sched->sched_all(stream);
148
149 ret = sctp_stream_alloc_out(stream, outcnt, gfp);
150 if (ret)
151 return ret;
152
153 for (i = 0; i < stream->outcnt; i++)
154 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
155
156 handle_in:
157 sctp_stream_interleave_init(stream);
158 if (!incnt)
159 return 0;
160
161 return sctp_stream_alloc_in(stream, incnt, gfp);
162 }
163
sctp_stream_init_ext(struct sctp_stream * stream,__u16 sid)164 int sctp_stream_init_ext(struct sctp_stream *stream, __u16 sid)
165 {
166 struct sctp_stream_out_ext *soute;
167 int ret;
168
169 soute = kzalloc(sizeof(*soute), GFP_KERNEL);
170 if (!soute)
171 return -ENOMEM;
172 SCTP_SO(stream, sid)->ext = soute;
173
174 ret = sctp_sched_init_sid(stream, sid, GFP_KERNEL);
175 if (ret) {
176 kfree(SCTP_SO(stream, sid)->ext);
177 SCTP_SO(stream, sid)->ext = NULL;
178 }
179
180 return ret;
181 }
182
sctp_stream_free(struct sctp_stream * stream)183 void sctp_stream_free(struct sctp_stream *stream)
184 {
185 struct sctp_sched_ops *sched = sctp_sched_ops_from_stream(stream);
186 int i;
187
188 sched->unsched_all(stream);
189 for (i = 0; i < stream->outcnt; i++)
190 sctp_stream_free_ext(stream, i);
191 genradix_free(&stream->out);
192 genradix_free(&stream->in);
193 }
194
sctp_stream_clear(struct sctp_stream * stream)195 void sctp_stream_clear(struct sctp_stream *stream)
196 {
197 int i;
198
199 for (i = 0; i < stream->outcnt; i++) {
200 SCTP_SO(stream, i)->mid = 0;
201 SCTP_SO(stream, i)->mid_uo = 0;
202 }
203
204 for (i = 0; i < stream->incnt; i++)
205 SCTP_SI(stream, i)->mid = 0;
206 }
207
sctp_stream_update(struct sctp_stream * stream,struct sctp_stream * new)208 void sctp_stream_update(struct sctp_stream *stream, struct sctp_stream *new)
209 {
210 struct sctp_sched_ops *sched = sctp_sched_ops_from_stream(stream);
211
212 sched->unsched_all(stream);
213 sctp_stream_outq_migrate(stream, new, new->outcnt);
214 sctp_stream_free(stream);
215
216 stream->out = new->out;
217 stream->in = new->in;
218 stream->outcnt = new->outcnt;
219 stream->incnt = new->incnt;
220
221 sched->sched_all(stream);
222
223 new->out.tree.root = NULL;
224 new->in.tree.root = NULL;
225 new->outcnt = 0;
226 new->incnt = 0;
227 }
228
sctp_send_reconf(struct sctp_association * asoc,struct sctp_chunk * chunk)229 static int sctp_send_reconf(struct sctp_association *asoc,
230 struct sctp_chunk *chunk)
231 {
232 struct net *net = sock_net(asoc->base.sk);
233 int retval = 0;
234
235 retval = sctp_primitive_RECONF(net, asoc, chunk);
236 if (retval)
237 sctp_chunk_free(chunk);
238
239 return retval;
240 }
241
sctp_stream_outq_is_empty(struct sctp_stream * stream,__u16 str_nums,__be16 * str_list)242 static bool sctp_stream_outq_is_empty(struct sctp_stream *stream,
243 __u16 str_nums, __be16 *str_list)
244 {
245 struct sctp_association *asoc;
246 __u16 i;
247
248 asoc = container_of(stream, struct sctp_association, stream);
249 if (!asoc->outqueue.out_qlen)
250 return true;
251
252 if (!str_nums)
253 return false;
254
255 for (i = 0; i < str_nums; i++) {
256 __u16 sid = ntohs(str_list[i]);
257
258 if (SCTP_SO(stream, sid)->ext &&
259 !list_empty(&SCTP_SO(stream, sid)->ext->outq))
260 return false;
261 }
262
263 return true;
264 }
265
sctp_send_reset_streams(struct sctp_association * asoc,struct sctp_reset_streams * params)266 int sctp_send_reset_streams(struct sctp_association *asoc,
267 struct sctp_reset_streams *params)
268 {
269 struct sctp_stream *stream = &asoc->stream;
270 __u16 i, str_nums, *str_list;
271 struct sctp_chunk *chunk;
272 int retval = -EINVAL;
273 __be16 *nstr_list;
274 bool out, in;
275
276 if (!asoc->peer.reconf_capable ||
277 !(asoc->strreset_enable & SCTP_ENABLE_RESET_STREAM_REQ)) {
278 retval = -ENOPROTOOPT;
279 goto out;
280 }
281
282 if (asoc->strreset_outstanding) {
283 retval = -EINPROGRESS;
284 goto out;
285 }
286
287 out = params->srs_flags & SCTP_STREAM_RESET_OUTGOING;
288 in = params->srs_flags & SCTP_STREAM_RESET_INCOMING;
289 if (!out && !in)
290 goto out;
291
292 str_nums = params->srs_number_streams;
293 str_list = params->srs_stream_list;
294 if (str_nums) {
295 int param_len = 0;
296
297 if (out) {
298 for (i = 0; i < str_nums; i++)
299 if (str_list[i] >= stream->outcnt)
300 goto out;
301
302 param_len = str_nums * sizeof(__u16) +
303 sizeof(struct sctp_strreset_outreq);
304 }
305
306 if (in) {
307 for (i = 0; i < str_nums; i++)
308 if (str_list[i] >= stream->incnt)
309 goto out;
310
311 param_len += str_nums * sizeof(__u16) +
312 sizeof(struct sctp_strreset_inreq);
313 }
314
315 if (param_len > SCTP_MAX_CHUNK_LEN -
316 sizeof(struct sctp_reconf_chunk))
317 goto out;
318 }
319
320 nstr_list = kcalloc(str_nums, sizeof(__be16), GFP_KERNEL);
321 if (!nstr_list) {
322 retval = -ENOMEM;
323 goto out;
324 }
325
326 for (i = 0; i < str_nums; i++)
327 nstr_list[i] = htons(str_list[i]);
328
329 if (out && !sctp_stream_outq_is_empty(stream, str_nums, nstr_list)) {
330 kfree(nstr_list);
331 retval = -EAGAIN;
332 goto out;
333 }
334
335 chunk = sctp_make_strreset_req(asoc, str_nums, nstr_list, out, in);
336
337 kfree(nstr_list);
338
339 if (!chunk) {
340 retval = -ENOMEM;
341 goto out;
342 }
343
344 if (out) {
345 if (str_nums)
346 for (i = 0; i < str_nums; i++)
347 SCTP_SO(stream, str_list[i])->state =
348 SCTP_STREAM_CLOSED;
349 else
350 for (i = 0; i < stream->outcnt; i++)
351 SCTP_SO(stream, i)->state = SCTP_STREAM_CLOSED;
352 }
353
354 asoc->strreset_chunk = chunk;
355 sctp_chunk_hold(asoc->strreset_chunk);
356
357 retval = sctp_send_reconf(asoc, chunk);
358 if (retval) {
359 sctp_chunk_put(asoc->strreset_chunk);
360 asoc->strreset_chunk = NULL;
361 if (!out)
362 goto out;
363
364 if (str_nums)
365 for (i = 0; i < str_nums; i++)
366 SCTP_SO(stream, str_list[i])->state =
367 SCTP_STREAM_OPEN;
368 else
369 for (i = 0; i < stream->outcnt; i++)
370 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
371
372 goto out;
373 }
374
375 asoc->strreset_outstanding = out + in;
376
377 out:
378 return retval;
379 }
380
sctp_send_reset_assoc(struct sctp_association * asoc)381 int sctp_send_reset_assoc(struct sctp_association *asoc)
382 {
383 struct sctp_stream *stream = &asoc->stream;
384 struct sctp_chunk *chunk = NULL;
385 int retval;
386 __u16 i;
387
388 if (!asoc->peer.reconf_capable ||
389 !(asoc->strreset_enable & SCTP_ENABLE_RESET_ASSOC_REQ))
390 return -ENOPROTOOPT;
391
392 if (asoc->strreset_outstanding)
393 return -EINPROGRESS;
394
395 if (!sctp_outq_is_empty(&asoc->outqueue))
396 return -EAGAIN;
397
398 chunk = sctp_make_strreset_tsnreq(asoc);
399 if (!chunk)
400 return -ENOMEM;
401
402 /* Block further xmit of data until this request is completed */
403 for (i = 0; i < stream->outcnt; i++)
404 SCTP_SO(stream, i)->state = SCTP_STREAM_CLOSED;
405
406 asoc->strreset_chunk = chunk;
407 sctp_chunk_hold(asoc->strreset_chunk);
408
409 retval = sctp_send_reconf(asoc, chunk);
410 if (retval) {
411 sctp_chunk_put(asoc->strreset_chunk);
412 asoc->strreset_chunk = NULL;
413
414 for (i = 0; i < stream->outcnt; i++)
415 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
416
417 return retval;
418 }
419
420 asoc->strreset_outstanding = 1;
421
422 return 0;
423 }
424
sctp_send_add_streams(struct sctp_association * asoc,struct sctp_add_streams * params)425 int sctp_send_add_streams(struct sctp_association *asoc,
426 struct sctp_add_streams *params)
427 {
428 struct sctp_stream *stream = &asoc->stream;
429 struct sctp_chunk *chunk = NULL;
430 int retval;
431 __u32 outcnt, incnt;
432 __u16 out, in;
433
434 if (!asoc->peer.reconf_capable ||
435 !(asoc->strreset_enable & SCTP_ENABLE_CHANGE_ASSOC_REQ)) {
436 retval = -ENOPROTOOPT;
437 goto out;
438 }
439
440 if (asoc->strreset_outstanding) {
441 retval = -EINPROGRESS;
442 goto out;
443 }
444
445 out = params->sas_outstrms;
446 in = params->sas_instrms;
447 outcnt = stream->outcnt + out;
448 incnt = stream->incnt + in;
449 if (outcnt > SCTP_MAX_STREAM || incnt > SCTP_MAX_STREAM ||
450 (!out && !in)) {
451 retval = -EINVAL;
452 goto out;
453 }
454
455 if (out) {
456 retval = sctp_stream_alloc_out(stream, outcnt, GFP_KERNEL);
457 if (retval)
458 goto out;
459 }
460
461 chunk = sctp_make_strreset_addstrm(asoc, out, in);
462 if (!chunk) {
463 retval = -ENOMEM;
464 goto out;
465 }
466
467 asoc->strreset_chunk = chunk;
468 sctp_chunk_hold(asoc->strreset_chunk);
469
470 retval = sctp_send_reconf(asoc, chunk);
471 if (retval) {
472 sctp_chunk_put(asoc->strreset_chunk);
473 asoc->strreset_chunk = NULL;
474 goto out;
475 }
476
477 asoc->strreset_outstanding = !!out + !!in;
478
479 out:
480 return retval;
481 }
482
sctp_chunk_lookup_strreset_param(struct sctp_association * asoc,__be32 resp_seq,__be16 type)483 static struct sctp_paramhdr *sctp_chunk_lookup_strreset_param(
484 struct sctp_association *asoc, __be32 resp_seq,
485 __be16 type)
486 {
487 struct sctp_chunk *chunk = asoc->strreset_chunk;
488 struct sctp_reconf_chunk *hdr;
489 union sctp_params param;
490
491 if (!chunk)
492 return NULL;
493
494 hdr = (struct sctp_reconf_chunk *)chunk->chunk_hdr;
495 sctp_walk_params(param, hdr, params) {
496 /* sctp_strreset_tsnreq is actually the basic structure
497 * of all stream reconf params, so it's safe to use it
498 * to access request_seq.
499 */
500 struct sctp_strreset_tsnreq *req = param.v;
501
502 if ((!resp_seq || req->request_seq == resp_seq) &&
503 (!type || type == req->param_hdr.type))
504 return param.v;
505 }
506
507 return NULL;
508 }
509
sctp_update_strreset_result(struct sctp_association * asoc,__u32 result)510 static void sctp_update_strreset_result(struct sctp_association *asoc,
511 __u32 result)
512 {
513 asoc->strreset_result[1] = asoc->strreset_result[0];
514 asoc->strreset_result[0] = result;
515 }
516
sctp_process_strreset_outreq(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)517 struct sctp_chunk *sctp_process_strreset_outreq(
518 struct sctp_association *asoc,
519 union sctp_params param,
520 struct sctp_ulpevent **evp)
521 {
522 struct sctp_strreset_outreq *outreq = param.v;
523 struct sctp_stream *stream = &asoc->stream;
524 __u32 result = SCTP_STRRESET_DENIED;
525 __be16 *str_p = NULL;
526 __u32 request_seq;
527 __u16 i, nums;
528
529 request_seq = ntohl(outreq->request_seq);
530
531 if (ntohl(outreq->send_reset_at_tsn) >
532 sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map)) {
533 result = SCTP_STRRESET_IN_PROGRESS;
534 goto err;
535 }
536
537 if (TSN_lt(asoc->strreset_inseq, request_seq) ||
538 TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
539 result = SCTP_STRRESET_ERR_BAD_SEQNO;
540 goto err;
541 } else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
542 i = asoc->strreset_inseq - request_seq - 1;
543 result = asoc->strreset_result[i];
544 goto err;
545 }
546 asoc->strreset_inseq++;
547
548 /* Check strreset_enable after inseq inc, as sender cannot tell
549 * the peer doesn't enable strreset after receiving response with
550 * result denied, as well as to keep consistent with bsd.
551 */
552 if (!(asoc->strreset_enable & SCTP_ENABLE_RESET_STREAM_REQ))
553 goto out;
554
555 nums = (ntohs(param.p->length) - sizeof(*outreq)) / sizeof(__u16);
556 str_p = outreq->list_of_streams;
557 for (i = 0; i < nums; i++) {
558 if (ntohs(str_p[i]) >= stream->incnt) {
559 result = SCTP_STRRESET_ERR_WRONG_SSN;
560 goto out;
561 }
562 }
563
564 if (asoc->strreset_chunk) {
565 if (!sctp_chunk_lookup_strreset_param(
566 asoc, outreq->response_seq,
567 SCTP_PARAM_RESET_IN_REQUEST)) {
568 /* same process with outstanding isn't 0 */
569 result = SCTP_STRRESET_ERR_IN_PROGRESS;
570 goto out;
571 }
572
573 asoc->strreset_outstanding--;
574 asoc->strreset_outseq++;
575
576 if (!asoc->strreset_outstanding) {
577 struct sctp_transport *t;
578
579 t = asoc->strreset_chunk->transport;
580 if (del_timer(&t->reconf_timer))
581 sctp_transport_put(t);
582
583 sctp_chunk_put(asoc->strreset_chunk);
584 asoc->strreset_chunk = NULL;
585 }
586 }
587
588 if (nums)
589 for (i = 0; i < nums; i++)
590 SCTP_SI(stream, ntohs(str_p[i]))->mid = 0;
591 else
592 for (i = 0; i < stream->incnt; i++)
593 SCTP_SI(stream, i)->mid = 0;
594
595 result = SCTP_STRRESET_PERFORMED;
596
597 *evp = sctp_ulpevent_make_stream_reset_event(asoc,
598 SCTP_STREAM_RESET_INCOMING_SSN, nums, str_p, GFP_ATOMIC);
599
600 out:
601 sctp_update_strreset_result(asoc, result);
602 err:
603 return sctp_make_strreset_resp(asoc, result, request_seq);
604 }
605
sctp_process_strreset_inreq(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)606 struct sctp_chunk *sctp_process_strreset_inreq(
607 struct sctp_association *asoc,
608 union sctp_params param,
609 struct sctp_ulpevent **evp)
610 {
611 struct sctp_strreset_inreq *inreq = param.v;
612 struct sctp_stream *stream = &asoc->stream;
613 __u32 result = SCTP_STRRESET_DENIED;
614 struct sctp_chunk *chunk = NULL;
615 __u32 request_seq;
616 __u16 i, nums;
617 __be16 *str_p;
618
619 request_seq = ntohl(inreq->request_seq);
620 if (TSN_lt(asoc->strreset_inseq, request_seq) ||
621 TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
622 result = SCTP_STRRESET_ERR_BAD_SEQNO;
623 goto err;
624 } else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
625 i = asoc->strreset_inseq - request_seq - 1;
626 result = asoc->strreset_result[i];
627 if (result == SCTP_STRRESET_PERFORMED)
628 return NULL;
629 goto err;
630 }
631 asoc->strreset_inseq++;
632
633 if (!(asoc->strreset_enable & SCTP_ENABLE_RESET_STREAM_REQ))
634 goto out;
635
636 if (asoc->strreset_outstanding) {
637 result = SCTP_STRRESET_ERR_IN_PROGRESS;
638 goto out;
639 }
640
641 nums = (ntohs(param.p->length) - sizeof(*inreq)) / sizeof(__u16);
642 str_p = inreq->list_of_streams;
643 for (i = 0; i < nums; i++) {
644 if (ntohs(str_p[i]) >= stream->outcnt) {
645 result = SCTP_STRRESET_ERR_WRONG_SSN;
646 goto out;
647 }
648 }
649
650 if (!sctp_stream_outq_is_empty(stream, nums, str_p)) {
651 result = SCTP_STRRESET_IN_PROGRESS;
652 asoc->strreset_inseq--;
653 goto err;
654 }
655
656 chunk = sctp_make_strreset_req(asoc, nums, str_p, 1, 0);
657 if (!chunk)
658 goto out;
659
660 if (nums)
661 for (i = 0; i < nums; i++)
662 SCTP_SO(stream, ntohs(str_p[i]))->state =
663 SCTP_STREAM_CLOSED;
664 else
665 for (i = 0; i < stream->outcnt; i++)
666 SCTP_SO(stream, i)->state = SCTP_STREAM_CLOSED;
667
668 asoc->strreset_chunk = chunk;
669 asoc->strreset_outstanding = 1;
670 sctp_chunk_hold(asoc->strreset_chunk);
671
672 result = SCTP_STRRESET_PERFORMED;
673
674 out:
675 sctp_update_strreset_result(asoc, result);
676 err:
677 if (!chunk)
678 chunk = sctp_make_strreset_resp(asoc, result, request_seq);
679
680 return chunk;
681 }
682
sctp_process_strreset_tsnreq(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)683 struct sctp_chunk *sctp_process_strreset_tsnreq(
684 struct sctp_association *asoc,
685 union sctp_params param,
686 struct sctp_ulpevent **evp)
687 {
688 __u32 init_tsn = 0, next_tsn = 0, max_tsn_seen;
689 struct sctp_strreset_tsnreq *tsnreq = param.v;
690 struct sctp_stream *stream = &asoc->stream;
691 __u32 result = SCTP_STRRESET_DENIED;
692 __u32 request_seq;
693 __u16 i;
694
695 request_seq = ntohl(tsnreq->request_seq);
696 if (TSN_lt(asoc->strreset_inseq, request_seq) ||
697 TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
698 result = SCTP_STRRESET_ERR_BAD_SEQNO;
699 goto err;
700 } else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
701 i = asoc->strreset_inseq - request_seq - 1;
702 result = asoc->strreset_result[i];
703 if (result == SCTP_STRRESET_PERFORMED) {
704 next_tsn = asoc->ctsn_ack_point + 1;
705 init_tsn =
706 sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map) + 1;
707 }
708 goto err;
709 }
710
711 if (!sctp_outq_is_empty(&asoc->outqueue)) {
712 result = SCTP_STRRESET_IN_PROGRESS;
713 goto err;
714 }
715
716 asoc->strreset_inseq++;
717
718 if (!(asoc->strreset_enable & SCTP_ENABLE_RESET_ASSOC_REQ))
719 goto out;
720
721 if (asoc->strreset_outstanding) {
722 result = SCTP_STRRESET_ERR_IN_PROGRESS;
723 goto out;
724 }
725
726 /* G4: The same processing as though a FWD-TSN chunk (as defined in
727 * [RFC3758]) with all streams affected and a new cumulative TSN
728 * ACK of the Receiver's Next TSN minus 1 were received MUST be
729 * performed.
730 */
731 max_tsn_seen = sctp_tsnmap_get_max_tsn_seen(&asoc->peer.tsn_map);
732 asoc->stream.si->report_ftsn(&asoc->ulpq, max_tsn_seen);
733
734 /* G1: Compute an appropriate value for the Receiver's Next TSN -- the
735 * TSN that the peer should use to send the next DATA chunk. The
736 * value SHOULD be the smallest TSN not acknowledged by the
737 * receiver of the request plus 2^31.
738 */
739 init_tsn = sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map) + (1 << 31);
740 sctp_tsnmap_init(&asoc->peer.tsn_map, SCTP_TSN_MAP_INITIAL,
741 init_tsn, GFP_ATOMIC);
742
743 /* G3: The same processing as though a SACK chunk with no gap report
744 * and a cumulative TSN ACK of the Sender's Next TSN minus 1 were
745 * received MUST be performed.
746 */
747 sctp_outq_free(&asoc->outqueue);
748
749 /* G2: Compute an appropriate value for the local endpoint's next TSN,
750 * i.e., the next TSN assigned by the receiver of the SSN/TSN reset
751 * chunk. The value SHOULD be the highest TSN sent by the receiver
752 * of the request plus 1.
753 */
754 next_tsn = asoc->next_tsn;
755 asoc->ctsn_ack_point = next_tsn - 1;
756 asoc->adv_peer_ack_point = asoc->ctsn_ack_point;
757
758 /* G5: The next expected and outgoing SSNs MUST be reset to 0 for all
759 * incoming and outgoing streams.
760 */
761 for (i = 0; i < stream->outcnt; i++) {
762 SCTP_SO(stream, i)->mid = 0;
763 SCTP_SO(stream, i)->mid_uo = 0;
764 }
765 for (i = 0; i < stream->incnt; i++)
766 SCTP_SI(stream, i)->mid = 0;
767
768 result = SCTP_STRRESET_PERFORMED;
769
770 *evp = sctp_ulpevent_make_assoc_reset_event(asoc, 0, init_tsn,
771 next_tsn, GFP_ATOMIC);
772
773 out:
774 sctp_update_strreset_result(asoc, result);
775 err:
776 return sctp_make_strreset_tsnresp(asoc, result, request_seq,
777 next_tsn, init_tsn);
778 }
779
sctp_process_strreset_addstrm_out(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)780 struct sctp_chunk *sctp_process_strreset_addstrm_out(
781 struct sctp_association *asoc,
782 union sctp_params param,
783 struct sctp_ulpevent **evp)
784 {
785 struct sctp_strreset_addstrm *addstrm = param.v;
786 struct sctp_stream *stream = &asoc->stream;
787 __u32 result = SCTP_STRRESET_DENIED;
788 __u32 request_seq, incnt;
789 __u16 in, i;
790
791 request_seq = ntohl(addstrm->request_seq);
792 if (TSN_lt(asoc->strreset_inseq, request_seq) ||
793 TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
794 result = SCTP_STRRESET_ERR_BAD_SEQNO;
795 goto err;
796 } else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
797 i = asoc->strreset_inseq - request_seq - 1;
798 result = asoc->strreset_result[i];
799 goto err;
800 }
801 asoc->strreset_inseq++;
802
803 if (!(asoc->strreset_enable & SCTP_ENABLE_CHANGE_ASSOC_REQ))
804 goto out;
805
806 in = ntohs(addstrm->number_of_streams);
807 incnt = stream->incnt + in;
808 if (!in || incnt > SCTP_MAX_STREAM)
809 goto out;
810
811 if (sctp_stream_alloc_in(stream, incnt, GFP_ATOMIC))
812 goto out;
813
814 if (asoc->strreset_chunk) {
815 if (!sctp_chunk_lookup_strreset_param(
816 asoc, 0, SCTP_PARAM_RESET_ADD_IN_STREAMS)) {
817 /* same process with outstanding isn't 0 */
818 result = SCTP_STRRESET_ERR_IN_PROGRESS;
819 goto out;
820 }
821
822 asoc->strreset_outstanding--;
823 asoc->strreset_outseq++;
824
825 if (!asoc->strreset_outstanding) {
826 struct sctp_transport *t;
827
828 t = asoc->strreset_chunk->transport;
829 if (del_timer(&t->reconf_timer))
830 sctp_transport_put(t);
831
832 sctp_chunk_put(asoc->strreset_chunk);
833 asoc->strreset_chunk = NULL;
834 }
835 }
836
837 stream->incnt = incnt;
838
839 result = SCTP_STRRESET_PERFORMED;
840
841 *evp = sctp_ulpevent_make_stream_change_event(asoc,
842 0, ntohs(addstrm->number_of_streams), 0, GFP_ATOMIC);
843
844 out:
845 sctp_update_strreset_result(asoc, result);
846 err:
847 return sctp_make_strreset_resp(asoc, result, request_seq);
848 }
849
sctp_process_strreset_addstrm_in(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)850 struct sctp_chunk *sctp_process_strreset_addstrm_in(
851 struct sctp_association *asoc,
852 union sctp_params param,
853 struct sctp_ulpevent **evp)
854 {
855 struct sctp_strreset_addstrm *addstrm = param.v;
856 struct sctp_stream *stream = &asoc->stream;
857 __u32 result = SCTP_STRRESET_DENIED;
858 struct sctp_chunk *chunk = NULL;
859 __u32 request_seq, outcnt;
860 __u16 out, i;
861 int ret;
862
863 request_seq = ntohl(addstrm->request_seq);
864 if (TSN_lt(asoc->strreset_inseq, request_seq) ||
865 TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
866 result = SCTP_STRRESET_ERR_BAD_SEQNO;
867 goto err;
868 } else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
869 i = asoc->strreset_inseq - request_seq - 1;
870 result = asoc->strreset_result[i];
871 if (result == SCTP_STRRESET_PERFORMED)
872 return NULL;
873 goto err;
874 }
875 asoc->strreset_inseq++;
876
877 if (!(asoc->strreset_enable & SCTP_ENABLE_CHANGE_ASSOC_REQ))
878 goto out;
879
880 if (asoc->strreset_outstanding) {
881 result = SCTP_STRRESET_ERR_IN_PROGRESS;
882 goto out;
883 }
884
885 out = ntohs(addstrm->number_of_streams);
886 outcnt = stream->outcnt + out;
887 if (!out || outcnt > SCTP_MAX_STREAM)
888 goto out;
889
890 ret = sctp_stream_alloc_out(stream, outcnt, GFP_ATOMIC);
891 if (ret)
892 goto out;
893
894 chunk = sctp_make_strreset_addstrm(asoc, out, 0);
895 if (!chunk)
896 goto out;
897
898 asoc->strreset_chunk = chunk;
899 asoc->strreset_outstanding = 1;
900 sctp_chunk_hold(asoc->strreset_chunk);
901
902 stream->outcnt = outcnt;
903
904 result = SCTP_STRRESET_PERFORMED;
905
906 out:
907 sctp_update_strreset_result(asoc, result);
908 err:
909 if (!chunk)
910 chunk = sctp_make_strreset_resp(asoc, result, request_seq);
911
912 return chunk;
913 }
914
sctp_process_strreset_resp(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)915 struct sctp_chunk *sctp_process_strreset_resp(
916 struct sctp_association *asoc,
917 union sctp_params param,
918 struct sctp_ulpevent **evp)
919 {
920 struct sctp_stream *stream = &asoc->stream;
921 struct sctp_strreset_resp *resp = param.v;
922 struct sctp_transport *t;
923 __u16 i, nums, flags = 0;
924 struct sctp_paramhdr *req;
925 __u32 result;
926
927 req = sctp_chunk_lookup_strreset_param(asoc, resp->response_seq, 0);
928 if (!req)
929 return NULL;
930
931 result = ntohl(resp->result);
932 if (result != SCTP_STRRESET_PERFORMED) {
933 /* if in progress, do nothing but retransmit */
934 if (result == SCTP_STRRESET_IN_PROGRESS)
935 return NULL;
936 else if (result == SCTP_STRRESET_DENIED)
937 flags = SCTP_STREAM_RESET_DENIED;
938 else
939 flags = SCTP_STREAM_RESET_FAILED;
940 }
941
942 if (req->type == SCTP_PARAM_RESET_OUT_REQUEST) {
943 struct sctp_strreset_outreq *outreq;
944 __be16 *str_p;
945
946 outreq = (struct sctp_strreset_outreq *)req;
947 str_p = outreq->list_of_streams;
948 nums = (ntohs(outreq->param_hdr.length) - sizeof(*outreq)) /
949 sizeof(__u16);
950
951 if (result == SCTP_STRRESET_PERFORMED) {
952 struct sctp_stream_out *sout;
953 if (nums) {
954 for (i = 0; i < nums; i++) {
955 sout = SCTP_SO(stream, ntohs(str_p[i]));
956 sout->mid = 0;
957 sout->mid_uo = 0;
958 }
959 } else {
960 for (i = 0; i < stream->outcnt; i++) {
961 sout = SCTP_SO(stream, i);
962 sout->mid = 0;
963 sout->mid_uo = 0;
964 }
965 }
966 }
967
968 flags |= SCTP_STREAM_RESET_OUTGOING_SSN;
969
970 for (i = 0; i < stream->outcnt; i++)
971 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
972
973 *evp = sctp_ulpevent_make_stream_reset_event(asoc, flags,
974 nums, str_p, GFP_ATOMIC);
975 } else if (req->type == SCTP_PARAM_RESET_IN_REQUEST) {
976 struct sctp_strreset_inreq *inreq;
977 __be16 *str_p;
978
979 /* if the result is performed, it's impossible for inreq */
980 if (result == SCTP_STRRESET_PERFORMED)
981 return NULL;
982
983 inreq = (struct sctp_strreset_inreq *)req;
984 str_p = inreq->list_of_streams;
985 nums = (ntohs(inreq->param_hdr.length) - sizeof(*inreq)) /
986 sizeof(__u16);
987
988 flags |= SCTP_STREAM_RESET_INCOMING_SSN;
989
990 *evp = sctp_ulpevent_make_stream_reset_event(asoc, flags,
991 nums, str_p, GFP_ATOMIC);
992 } else if (req->type == SCTP_PARAM_RESET_TSN_REQUEST) {
993 struct sctp_strreset_resptsn *resptsn;
994 __u32 stsn, rtsn;
995
996 /* check for resptsn, as sctp_verify_reconf didn't do it*/
997 if (ntohs(param.p->length) != sizeof(*resptsn))
998 return NULL;
999
1000 resptsn = (struct sctp_strreset_resptsn *)resp;
1001 stsn = ntohl(resptsn->senders_next_tsn);
1002 rtsn = ntohl(resptsn->receivers_next_tsn);
1003
1004 if (result == SCTP_STRRESET_PERFORMED) {
1005 __u32 mtsn = sctp_tsnmap_get_max_tsn_seen(
1006 &asoc->peer.tsn_map);
1007 LIST_HEAD(temp);
1008
1009 asoc->stream.si->report_ftsn(&asoc->ulpq, mtsn);
1010
1011 sctp_tsnmap_init(&asoc->peer.tsn_map,
1012 SCTP_TSN_MAP_INITIAL,
1013 stsn, GFP_ATOMIC);
1014
1015 /* Clean up sacked and abandoned queues only. As the
1016 * out_chunk_list may not be empty, splice it to temp,
1017 * then get it back after sctp_outq_free is done.
1018 */
1019 list_splice_init(&asoc->outqueue.out_chunk_list, &temp);
1020 sctp_outq_free(&asoc->outqueue);
1021 list_splice_init(&temp, &asoc->outqueue.out_chunk_list);
1022
1023 asoc->next_tsn = rtsn;
1024 asoc->ctsn_ack_point = asoc->next_tsn - 1;
1025 asoc->adv_peer_ack_point = asoc->ctsn_ack_point;
1026
1027 for (i = 0; i < stream->outcnt; i++) {
1028 SCTP_SO(stream, i)->mid = 0;
1029 SCTP_SO(stream, i)->mid_uo = 0;
1030 }
1031 for (i = 0; i < stream->incnt; i++)
1032 SCTP_SI(stream, i)->mid = 0;
1033 }
1034
1035 for (i = 0; i < stream->outcnt; i++)
1036 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
1037
1038 *evp = sctp_ulpevent_make_assoc_reset_event(asoc, flags,
1039 stsn, rtsn, GFP_ATOMIC);
1040 } else if (req->type == SCTP_PARAM_RESET_ADD_OUT_STREAMS) {
1041 struct sctp_strreset_addstrm *addstrm;
1042 __u16 number;
1043
1044 addstrm = (struct sctp_strreset_addstrm *)req;
1045 nums = ntohs(addstrm->number_of_streams);
1046 number = stream->outcnt - nums;
1047
1048 if (result == SCTP_STRRESET_PERFORMED) {
1049 for (i = number; i < stream->outcnt; i++)
1050 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
1051 } else {
1052 sctp_stream_shrink_out(stream, number);
1053 stream->outcnt = number;
1054 }
1055
1056 *evp = sctp_ulpevent_make_stream_change_event(asoc, flags,
1057 0, nums, GFP_ATOMIC);
1058 } else if (req->type == SCTP_PARAM_RESET_ADD_IN_STREAMS) {
1059 struct sctp_strreset_addstrm *addstrm;
1060
1061 /* if the result is performed, it's impossible for addstrm in
1062 * request.
1063 */
1064 if (result == SCTP_STRRESET_PERFORMED)
1065 return NULL;
1066
1067 addstrm = (struct sctp_strreset_addstrm *)req;
1068 nums = ntohs(addstrm->number_of_streams);
1069
1070 *evp = sctp_ulpevent_make_stream_change_event(asoc, flags,
1071 nums, 0, GFP_ATOMIC);
1072 }
1073
1074 asoc->strreset_outstanding--;
1075 asoc->strreset_outseq++;
1076
1077 /* remove everything for this reconf request */
1078 if (!asoc->strreset_outstanding) {
1079 t = asoc->strreset_chunk->transport;
1080 if (del_timer(&t->reconf_timer))
1081 sctp_transport_put(t);
1082
1083 sctp_chunk_put(asoc->strreset_chunk);
1084 asoc->strreset_chunk = NULL;
1085 }
1086
1087 return NULL;
1088 }
1089