Commit | Line | Data |
---|---|---|
60c778b2 | 1 | /* SCTP kernel implementation |
1da177e4 LT |
2 | * Copyright (c) 1999-2000 Cisco, Inc. |
3 | * Copyright (c) 1999-2001 Motorola, Inc. | |
4 | * Copyright (c) 2001-2002 International Business Machines, Corp. | |
5 | * Copyright (c) 2001 Intel Corp. | |
6 | * Copyright (c) 2001 Nokia, Inc. | |
7 | * Copyright (c) 2001 La Monte H.P. Yarroll | |
8 | * | |
60c778b2 | 9 | * This file is part of the SCTP kernel implementation |
1da177e4 LT |
10 | * |
11 | * This abstraction represents an SCTP endpoint. | |
12 | * | |
60c778b2 | 13 | * The SCTP implementation is free software; |
1da177e4 LT |
14 | * you can redistribute it and/or modify it under the terms of |
15 | * the GNU General Public License as published by | |
16 | * the Free Software Foundation; either version 2, or (at your option) | |
17 | * any later version. | |
18 | * | |
60c778b2 | 19 | * The SCTP implementation is distributed in the hope that it |
1da177e4 LT |
20 | * will be useful, but WITHOUT ANY WARRANTY; without even the implied |
21 | * ************************ | |
22 | * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | |
23 | * See the GNU General Public License for more details. | |
24 | * | |
25 | * You should have received a copy of the GNU General Public License | |
26 | * along with GNU CC; see the file COPYING. If not, write to | |
27 | * the Free Software Foundation, 59 Temple Place - Suite 330, | |
28 | * Boston, MA 02111-1307, USA. | |
29 | * | |
30 | * Please send any bug reports or fixes you make to the | |
31 | * email address(es): | |
32 | * lksctp developers <lksctp-developers@lists.sourceforge.net> | |
33 | * | |
34 | * Or submit a bug report through the following website: | |
35 | * http://www.sf.net/projects/lksctp | |
36 | * | |
37 | * Written or modified by: | |
38 | * La Monte H.P. Yarroll <piggy@acm.org> | |
39 | * Karl Knutson <karl@athena.chicago.il.us> | |
40 | * Jon Grimm <jgrimm@austin.ibm.com> | |
41 | * Daisy Chang <daisyc@us.ibm.com> | |
42 | * Dajiang Zhang <dajiang.zhang@nokia.com> | |
43 | * | |
44 | * Any bugs reported given to us we will try to fix... any fixes shared will | |
45 | * be incorporated into the next SCTP release. | |
46 | */ | |
47 | ||
48 | #include <linux/types.h> | |
1da177e4 LT |
49 | #include <linux/slab.h> |
50 | #include <linux/in.h> | |
51 | #include <linux/random.h> /* get_random_bytes() */ | |
52 | #include <linux/crypto.h> | |
53 | #include <net/sock.h> | |
54 | #include <net/ipv6.h> | |
55 | #include <net/sctp/sctp.h> | |
56 | #include <net/sctp/sm.h> | |
57 | ||
58 | /* Forward declarations for internal helpers. */ | |
c4028958 | 59 | static void sctp_endpoint_bh_rcv(struct work_struct *work); |
1da177e4 LT |
60 | |
61 | /* | |
62 | * Initialize the base fields of the endpoint structure. | |
63 | */ | |
64 | static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep, | |
3182cd84 | 65 | struct sock *sk, |
dd0fc66f | 66 | gfp_t gfp) |
1da177e4 | 67 | { |
a29a5bd4 VY |
68 | struct sctp_hmac_algo_param *auth_hmacs = NULL; |
69 | struct sctp_chunks_param *auth_chunks = NULL; | |
70 | struct sctp_shared_key *null_key; | |
71 | int err; | |
72 | ||
1da177e4 LT |
73 | memset(ep, 0, sizeof(struct sctp_endpoint)); |
74 | ||
b68dbcab VY |
75 | ep->digest = kzalloc(SCTP_SIGNATURE_SIZE, gfp); |
76 | if (!ep->digest) | |
77 | return NULL; | |
78 | ||
a29a5bd4 VY |
79 | if (sctp_auth_enable) { |
80 | /* Allocate space for HMACS and CHUNKS authentication | |
81 | * variables. There are arrays that we encode directly | |
82 | * into parameters to make the rest of the operations easier. | |
83 | */ | |
84 | auth_hmacs = kzalloc(sizeof(sctp_hmac_algo_param_t) + | |
85 | sizeof(__u16) * SCTP_AUTH_NUM_HMACS, gfp); | |
86 | if (!auth_hmacs) | |
87 | goto nomem; | |
88 | ||
89 | auth_chunks = kzalloc(sizeof(sctp_chunks_param_t) + | |
90 | SCTP_NUM_CHUNK_TYPES, gfp); | |
91 | if (!auth_chunks) | |
92 | goto nomem; | |
93 | ||
94 | /* Initialize the HMACS parameter. | |
95 | * SCTP-AUTH: Section 3.3 | |
96 | * Every endpoint supporting SCTP chunk authentication MUST | |
97 | * support the HMAC based on the SHA-1 algorithm. | |
98 | */ | |
99 | auth_hmacs->param_hdr.type = SCTP_PARAM_HMAC_ALGO; | |
100 | auth_hmacs->param_hdr.length = | |
101 | htons(sizeof(sctp_paramhdr_t) + 2); | |
102 | auth_hmacs->hmac_ids[0] = htons(SCTP_AUTH_HMAC_ID_SHA1); | |
103 | ||
104 | /* Initialize the CHUNKS parameter */ | |
105 | auth_chunks->param_hdr.type = SCTP_PARAM_CHUNKS; | |
5e739d17 | 106 | auth_chunks->param_hdr.length = htons(sizeof(sctp_paramhdr_t)); |
a29a5bd4 VY |
107 | |
108 | /* If the Add-IP functionality is enabled, we must | |
109 | * authenticate, ASCONF and ASCONF-ACK chunks | |
110 | */ | |
111 | if (sctp_addip_enable) { | |
112 | auth_chunks->chunks[0] = SCTP_CID_ASCONF; | |
113 | auth_chunks->chunks[1] = SCTP_CID_ASCONF_ACK; | |
cb0dc77d AV |
114 | auth_chunks->param_hdr.length = |
115 | htons(sizeof(sctp_paramhdr_t) + 2); | |
a29a5bd4 VY |
116 | } |
117 | } | |
118 | ||
1da177e4 LT |
119 | /* Initialize the base structure. */ |
120 | /* What type of endpoint are we? */ | |
121 | ep->base.type = SCTP_EP_TYPE_SOCKET; | |
122 | ||
123 | /* Initialize the basic object fields. */ | |
124 | atomic_set(&ep->base.refcnt, 1); | |
125 | ep->base.dead = 0; | |
126 | ep->base.malloced = 1; | |
127 | ||
128 | /* Create an input queue. */ | |
129 | sctp_inq_init(&ep->base.inqueue); | |
130 | ||
131 | /* Set its top-half handler */ | |
c4028958 | 132 | sctp_inq_set_th_handler(&ep->base.inqueue, sctp_endpoint_bh_rcv); |
1da177e4 LT |
133 | |
134 | /* Initialize the bind addr area */ | |
135 | sctp_bind_addr_init(&ep->base.bind_addr, 0); | |
1da177e4 LT |
136 | |
137 | /* Remember who we are attached to. */ | |
138 | ep->base.sk = sk; | |
139 | sock_hold(ep->base.sk); | |
140 | ||
141 | /* Create the lists of associations. */ | |
142 | INIT_LIST_HEAD(&ep->asocs); | |
143 | ||
1da177e4 | 144 | /* Use SCTP specific send buffer space queues. */ |
4eb701df | 145 | ep->sndbuf_policy = sctp_sndbuf_policy; |
4d93df0a | 146 | |
1da177e4 LT |
147 | sk->sk_write_space = sctp_write_space; |
148 | sock_set_flag(sk, SOCK_USE_WRITE_QUEUE); | |
149 | ||
049b3ff5 NH |
150 | /* Get the receive buffer policy for this endpoint */ |
151 | ep->rcvbuf_policy = sctp_rcvbuf_policy; | |
152 | ||
1da177e4 LT |
153 | /* Initialize the secret key used with cookie. */ |
154 | get_random_bytes(&ep->secret_key[0], SCTP_SECRET_SIZE); | |
155 | ep->last_key = ep->current_key = 0; | |
156 | ep->key_changed_at = jiffies; | |
157 | ||
a29a5bd4 VY |
158 | /* SCTP-AUTH extensions*/ |
159 | INIT_LIST_HEAD(&ep->endpoint_shared_keys); | |
160 | null_key = sctp_auth_shkey_create(0, GFP_KERNEL); | |
161 | if (!null_key) | |
162 | goto nomem; | |
163 | ||
164 | list_add(&null_key->key_list, &ep->endpoint_shared_keys); | |
165 | ||
166 | /* Allocate and initialize transorms arrays for suported HMACs. */ | |
167 | err = sctp_auth_init_hmacs(ep, gfp); | |
168 | if (err) | |
169 | goto nomem_hmacs; | |
170 | ||
171 | /* Add the null key to the endpoint shared keys list and | |
172 | * set the hmcas and chunks pointers. | |
173 | */ | |
174 | ep->auth_hmacs_list = auth_hmacs; | |
175 | ep->auth_chunk_list = auth_chunks; | |
176 | ||
1da177e4 | 177 | return ep; |
a29a5bd4 VY |
178 | |
179 | nomem_hmacs: | |
180 | sctp_auth_destroy_keys(&ep->endpoint_shared_keys); | |
181 | nomem: | |
182 | /* Free all allocations */ | |
183 | kfree(auth_hmacs); | |
184 | kfree(auth_chunks); | |
185 | kfree(ep->digest); | |
186 | return NULL; | |
187 | ||
1da177e4 LT |
188 | } |
189 | ||
190 | /* Create a sctp_endpoint with all that boring stuff initialized. | |
191 | * Returns NULL if there isn't enough memory. | |
192 | */ | |
dd0fc66f | 193 | struct sctp_endpoint *sctp_endpoint_new(struct sock *sk, gfp_t gfp) |
1da177e4 LT |
194 | { |
195 | struct sctp_endpoint *ep; | |
196 | ||
197 | /* Build a local endpoint. */ | |
198 | ep = t_new(struct sctp_endpoint, gfp); | |
199 | if (!ep) | |
200 | goto fail; | |
201 | if (!sctp_endpoint_init(ep, sk, gfp)) | |
202 | goto fail_init; | |
203 | ep->base.malloced = 1; | |
204 | SCTP_DBG_OBJCNT_INC(ep); | |
205 | return ep; | |
206 | ||
207 | fail_init: | |
208 | kfree(ep); | |
209 | fail: | |
210 | return NULL; | |
211 | } | |
212 | ||
213 | /* Add an association to an endpoint. */ | |
214 | void sctp_endpoint_add_asoc(struct sctp_endpoint *ep, | |
215 | struct sctp_association *asoc) | |
216 | { | |
217 | struct sock *sk = ep->base.sk; | |
218 | ||
de76e695 VY |
219 | /* If this is a temporary association, don't bother |
220 | * since we'll be removing it shortly and don't | |
221 | * want anyone to find it anyway. | |
222 | */ | |
223 | if (asoc->temp) | |
224 | return; | |
225 | ||
1da177e4 LT |
226 | /* Now just add it to our list of asocs */ |
227 | list_add_tail(&asoc->asocs, &ep->asocs); | |
228 | ||
229 | /* Increment the backlog value for a TCP-style listening socket. */ | |
230 | if (sctp_style(sk, TCP) && sctp_sstate(sk, LISTENING)) | |
231 | sk->sk_ack_backlog++; | |
232 | } | |
233 | ||
234 | /* Free the endpoint structure. Delay cleanup until | |
235 | * all users have released their reference count on this structure. | |
236 | */ | |
237 | void sctp_endpoint_free(struct sctp_endpoint *ep) | |
238 | { | |
239 | ep->base.dead = 1; | |
cfdeef32 VY |
240 | |
241 | ep->base.sk->sk_state = SCTP_SS_CLOSED; | |
242 | ||
243 | /* Unlink this endpoint, so we can't find it again! */ | |
244 | sctp_unhash_endpoint(ep); | |
245 | ||
1da177e4 LT |
246 | sctp_endpoint_put(ep); |
247 | } | |
248 | ||
249 | /* Final destructor for endpoint. */ | |
250 | static void sctp_endpoint_destroy(struct sctp_endpoint *ep) | |
251 | { | |
252 | SCTP_ASSERT(ep->base.dead, "Endpoint is not dead", return); | |
253 | ||
1da177e4 | 254 | /* Free up the HMAC transform. */ |
1b489e11 | 255 | crypto_free_hash(sctp_sk(ep->base.sk)->hmac); |
1da177e4 | 256 | |
b68dbcab VY |
257 | /* Free the digest buffer */ |
258 | kfree(ep->digest); | |
259 | ||
a29a5bd4 VY |
260 | /* SCTP-AUTH: Free up AUTH releated data such as shared keys |
261 | * chunks and hmacs arrays that were allocated | |
262 | */ | |
263 | sctp_auth_destroy_keys(&ep->endpoint_shared_keys); | |
264 | kfree(ep->auth_hmacs_list); | |
265 | kfree(ep->auth_chunk_list); | |
266 | ||
267 | /* AUTH - Free any allocated HMAC transform containers */ | |
268 | sctp_auth_destroy_hmacs(ep->auth_hmacs); | |
269 | ||
1da177e4 LT |
270 | /* Cleanup. */ |
271 | sctp_inq_free(&ep->base.inqueue); | |
272 | sctp_bind_addr_free(&ep->base.bind_addr); | |
273 | ||
274 | /* Remove and free the port */ | |
275 | if (sctp_sk(ep->base.sk)->bind_hash) | |
276 | sctp_put_port(ep->base.sk); | |
277 | ||
278 | /* Give up our hold on the sock. */ | |
279 | if (ep->base.sk) | |
280 | sock_put(ep->base.sk); | |
281 | ||
282 | /* Finally, free up our memory. */ | |
283 | if (ep->base.malloced) { | |
284 | kfree(ep); | |
285 | SCTP_DBG_OBJCNT_DEC(ep); | |
286 | } | |
287 | } | |
288 | ||
289 | /* Hold a reference to an endpoint. */ | |
290 | void sctp_endpoint_hold(struct sctp_endpoint *ep) | |
291 | { | |
292 | atomic_inc(&ep->base.refcnt); | |
293 | } | |
294 | ||
295 | /* Release a reference to an endpoint and clean up if there are | |
296 | * no more references. | |
297 | */ | |
298 | void sctp_endpoint_put(struct sctp_endpoint *ep) | |
299 | { | |
300 | if (atomic_dec_and_test(&ep->base.refcnt)) | |
301 | sctp_endpoint_destroy(ep); | |
302 | } | |
303 | ||
304 | /* Is this the endpoint we are looking for? */ | |
305 | struct sctp_endpoint *sctp_endpoint_is_match(struct sctp_endpoint *ep, | |
306 | const union sctp_addr *laddr) | |
307 | { | |
559cf710 | 308 | struct sctp_endpoint *retval = NULL; |
1da177e4 | 309 | |
1c7d1fc1 | 310 | if (htons(ep->base.bind_addr.port) == laddr->v4.sin_port) { |
1da177e4 | 311 | if (sctp_bind_addr_match(&ep->base.bind_addr, laddr, |
559cf710 | 312 | sctp_sk(ep->base.sk))) |
1da177e4 | 313 | retval = ep; |
1da177e4 LT |
314 | } |
315 | ||
1da177e4 LT |
316 | return retval; |
317 | } | |
318 | ||
319 | /* Find the association that goes with this chunk. | |
320 | * We do a linear search of the associations for this endpoint. | |
321 | * We return the matching transport address too. | |
322 | */ | |
323 | static struct sctp_association *__sctp_endpoint_lookup_assoc( | |
324 | const struct sctp_endpoint *ep, | |
325 | const union sctp_addr *paddr, | |
326 | struct sctp_transport **transport) | |
327 | { | |
123ed979 VY |
328 | struct sctp_association *asoc = NULL; |
329 | struct sctp_transport *t = NULL; | |
330 | struct sctp_hashbucket *head; | |
331 | struct sctp_ep_common *epb; | |
d970dbf8 | 332 | struct hlist_node *node; |
123ed979 | 333 | int hash; |
1da177e4 | 334 | int rport; |
1da177e4 | 335 | |
123ed979 | 336 | *transport = NULL; |
cd4ff034 | 337 | rport = ntohs(paddr->v4.sin_port); |
1da177e4 | 338 | |
123ed979 VY |
339 | hash = sctp_assoc_hashfn(ep->base.bind_addr.port, rport); |
340 | head = &sctp_assoc_hashtable[hash]; | |
341 | read_lock(&head->lock); | |
d970dbf8 | 342 | sctp_for_each_hentry(epb, node, &head->chain) { |
123ed979 VY |
343 | asoc = sctp_assoc(epb); |
344 | if (asoc->ep != ep || rport != asoc->peer.port) | |
345 | goto next; | |
346 | ||
347 | t = sctp_assoc_lookup_paddr(asoc, paddr); | |
348 | if (t) { | |
349 | *transport = t; | |
350 | break; | |
1da177e4 | 351 | } |
123ed979 VY |
352 | next: |
353 | asoc = NULL; | |
1da177e4 | 354 | } |
123ed979 VY |
355 | read_unlock(&head->lock); |
356 | return asoc; | |
1da177e4 LT |
357 | } |
358 | ||
359 | /* Lookup association on an endpoint based on a peer address. BH-safe. */ | |
360 | struct sctp_association *sctp_endpoint_lookup_assoc( | |
361 | const struct sctp_endpoint *ep, | |
362 | const union sctp_addr *paddr, | |
363 | struct sctp_transport **transport) | |
364 | { | |
365 | struct sctp_association *asoc; | |
366 | ||
367 | sctp_local_bh_disable(); | |
368 | asoc = __sctp_endpoint_lookup_assoc(ep, paddr, transport); | |
369 | sctp_local_bh_enable(); | |
370 | ||
371 | return asoc; | |
372 | } | |
373 | ||
374 | /* Look for any peeled off association from the endpoint that matches the | |
375 | * given peer address. | |
376 | */ | |
377 | int sctp_endpoint_is_peeled_off(struct sctp_endpoint *ep, | |
378 | const union sctp_addr *paddr) | |
379 | { | |
1da177e4 LT |
380 | struct sctp_sockaddr_entry *addr; |
381 | struct sctp_bind_addr *bp; | |
382 | ||
1da177e4 | 383 | bp = &ep->base.bind_addr; |
559cf710 VY |
384 | /* This function is called with the socket lock held, |
385 | * so the address_list can not change. | |
386 | */ | |
387 | list_for_each_entry(addr, &bp->address_list, list) { | |
388 | if (sctp_has_association(&addr->a, paddr)) | |
1da177e4 | 389 | return 1; |
1da177e4 | 390 | } |
1da177e4 LT |
391 | |
392 | return 0; | |
393 | } | |
394 | ||
395 | /* Do delayed input processing. This is scheduled by sctp_rcv(). | |
396 | * This may be called on BH or task time. | |
397 | */ | |
c4028958 | 398 | static void sctp_endpoint_bh_rcv(struct work_struct *work) |
1da177e4 | 399 | { |
c4028958 DH |
400 | struct sctp_endpoint *ep = |
401 | container_of(work, struct sctp_endpoint, | |
402 | base.inqueue.immediate); | |
1da177e4 LT |
403 | struct sctp_association *asoc; |
404 | struct sock *sk; | |
405 | struct sctp_transport *transport; | |
406 | struct sctp_chunk *chunk; | |
407 | struct sctp_inq *inqueue; | |
408 | sctp_subtype_t subtype; | |
409 | sctp_state_t state; | |
410 | int error = 0; | |
bbd0d598 | 411 | int first_time = 1; /* is this the first time through the looop */ |
1da177e4 LT |
412 | |
413 | if (ep->base.dead) | |
414 | return; | |
415 | ||
416 | asoc = NULL; | |
417 | inqueue = &ep->base.inqueue; | |
418 | sk = ep->base.sk; | |
419 | ||
420 | while (NULL != (chunk = sctp_inq_pop(inqueue))) { | |
421 | subtype = SCTP_ST_CHUNK(chunk->chunk_hdr->type); | |
422 | ||
bbd0d598 VY |
423 | /* If the first chunk in the packet is AUTH, do special |
424 | * processing specified in Section 6.3 of SCTP-AUTH spec | |
425 | */ | |
426 | if (first_time && (subtype.chunk == SCTP_CID_AUTH)) { | |
427 | struct sctp_chunkhdr *next_hdr; | |
428 | ||
429 | next_hdr = sctp_inq_peek(inqueue); | |
430 | if (!next_hdr) | |
431 | goto normal; | |
432 | ||
433 | /* If the next chunk is COOKIE-ECHO, skip the AUTH | |
434 | * chunk while saving a pointer to it so we can do | |
435 | * Authentication later (during cookie-echo | |
436 | * processing). | |
437 | */ | |
438 | if (next_hdr->type == SCTP_CID_COOKIE_ECHO) { | |
439 | chunk->auth_chunk = skb_clone(chunk->skb, | |
440 | GFP_ATOMIC); | |
441 | chunk->auth = 1; | |
442 | continue; | |
443 | } | |
444 | } | |
445 | normal: | |
1da177e4 LT |
446 | /* We might have grown an association since last we |
447 | * looked, so try again. | |
448 | * | |
449 | * This happens when we've just processed our | |
450 | * COOKIE-ECHO chunk. | |
451 | */ | |
452 | if (NULL == chunk->asoc) { | |
453 | asoc = sctp_endpoint_lookup_assoc(ep, | |
454 | sctp_source(chunk), | |
455 | &transport); | |
456 | chunk->asoc = asoc; | |
457 | chunk->transport = transport; | |
458 | } | |
459 | ||
460 | state = asoc ? asoc->state : SCTP_STATE_CLOSED; | |
bbd0d598 VY |
461 | if (sctp_auth_recv_cid(subtype.chunk, asoc) && !chunk->auth) |
462 | continue; | |
1da177e4 LT |
463 | |
464 | /* Remember where the last DATA chunk came from so we | |
465 | * know where to send the SACK. | |
466 | */ | |
467 | if (asoc && sctp_chunk_is_data(chunk)) | |
468 | asoc->peer.last_data_from = chunk->transport; | |
469 | else | |
470 | SCTP_INC_STATS(SCTP_MIB_INCTRLCHUNKS); | |
471 | ||
472 | if (chunk->transport) | |
473 | chunk->transport->last_time_heard = jiffies; | |
474 | ||
475 | error = sctp_do_sm(SCTP_EVENT_T_CHUNK, subtype, state, | |
d808ad9a | 476 | ep, asoc, chunk, GFP_ATOMIC); |
1da177e4 LT |
477 | |
478 | if (error && chunk) | |
479 | chunk->pdiscard = 1; | |
480 | ||
481 | /* Check to see if the endpoint is freed in response to | |
482 | * the incoming chunk. If so, get out of the while loop. | |
483 | */ | |
484 | if (!sctp_sk(sk)->ep) | |
485 | break; | |
bbd0d598 VY |
486 | |
487 | if (first_time) | |
488 | first_time = 0; | |
1da177e4 LT |
489 | } |
490 | } |