protocol.c (46823B)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* SCTP kernel implementation 3 * (C) Copyright IBM Corp. 2001, 2004 4 * Copyright (c) 1999-2000 Cisco, Inc. 5 * Copyright (c) 1999-2001 Motorola, Inc. 6 * Copyright (c) 2001 Intel Corp. 7 * Copyright (c) 2001 Nokia, Inc. 8 * Copyright (c) 2001 La Monte H.P. Yarroll 9 * 10 * This file is part of the SCTP kernel implementation 11 * 12 * Initialization/cleanup for SCTP protocol support. 13 * 14 * Please send any bug reports or fixes you make to the 15 * email address(es): 16 * lksctp developers <linux-sctp@vger.kernel.org> 17 * 18 * Written or modified by: 19 * La Monte H.P. Yarroll <piggy@acm.org> 20 * Karl Knutson <karl@athena.chicago.il.us> 21 * Jon Grimm <jgrimm@us.ibm.com> 22 * Sridhar Samudrala <sri@us.ibm.com> 23 * Daisy Chang <daisyc@us.ibm.com> 24 * Ardelle Fan <ardelle.fan@intel.com> 25 */ 26 27#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 28 29#include <linux/module.h> 30#include <linux/init.h> 31#include <linux/netdevice.h> 32#include <linux/inetdevice.h> 33#include <linux/seq_file.h> 34#include <linux/memblock.h> 35#include <linux/highmem.h> 36#include <linux/slab.h> 37#include <net/net_namespace.h> 38#include <net/protocol.h> 39#include <net/ip.h> 40#include <net/ipv6.h> 41#include <net/route.h> 42#include <net/sctp/sctp.h> 43#include <net/addrconf.h> 44#include <net/inet_common.h> 45#include <net/inet_ecn.h> 46#include <net/udp_tunnel.h> 47 48#define MAX_SCTP_PORT_HASH_ENTRIES (64 * 1024) 49 50/* Global data structures. */ 51struct sctp_globals sctp_globals __read_mostly; 52 53struct idr sctp_assocs_id; 54DEFINE_SPINLOCK(sctp_assocs_id_lock); 55 56static struct sctp_pf *sctp_pf_inet6_specific; 57static struct sctp_pf *sctp_pf_inet_specific; 58static struct sctp_af *sctp_af_v4_specific; 59static struct sctp_af *sctp_af_v6_specific; 60 61struct kmem_cache *sctp_chunk_cachep __read_mostly; 62struct kmem_cache *sctp_bucket_cachep __read_mostly; 63 64long sysctl_sctp_mem[3]; 65int sysctl_sctp_rmem[3]; 66int sysctl_sctp_wmem[3]; 67 68/* Private helper to extract ipv4 address and stash them in 69 * the protocol structure. 70 */ 71static void sctp_v4_copy_addrlist(struct list_head *addrlist, 72 struct net_device *dev) 73{ 74 struct in_device *in_dev; 75 struct in_ifaddr *ifa; 76 struct sctp_sockaddr_entry *addr; 77 78 rcu_read_lock(); 79 if ((in_dev = __in_dev_get_rcu(dev)) == NULL) { 80 rcu_read_unlock(); 81 return; 82 } 83 84 in_dev_for_each_ifa_rcu(ifa, in_dev) { 85 /* Add the address to the local list. */ 86 addr = kzalloc(sizeof(*addr), GFP_ATOMIC); 87 if (addr) { 88 addr->a.v4.sin_family = AF_INET; 89 addr->a.v4.sin_addr.s_addr = ifa->ifa_local; 90 addr->valid = 1; 91 INIT_LIST_HEAD(&addr->list); 92 list_add_tail(&addr->list, addrlist); 93 } 94 } 95 96 rcu_read_unlock(); 97} 98 99/* Extract our IP addresses from the system and stash them in the 100 * protocol structure. 101 */ 102static void sctp_get_local_addr_list(struct net *net) 103{ 104 struct net_device *dev; 105 struct list_head *pos; 106 struct sctp_af *af; 107 108 rcu_read_lock(); 109 for_each_netdev_rcu(net, dev) { 110 list_for_each(pos, &sctp_address_families) { 111 af = list_entry(pos, struct sctp_af, list); 112 af->copy_addrlist(&net->sctp.local_addr_list, dev); 113 } 114 } 115 rcu_read_unlock(); 116} 117 118/* Free the existing local addresses. */ 119static void sctp_free_local_addr_list(struct net *net) 120{ 121 struct sctp_sockaddr_entry *addr; 122 struct list_head *pos, *temp; 123 124 list_for_each_safe(pos, temp, &net->sctp.local_addr_list) { 125 addr = list_entry(pos, struct sctp_sockaddr_entry, list); 126 list_del(pos); 127 kfree(addr); 128 } 129} 130 131/* Copy the local addresses which are valid for 'scope' into 'bp'. */ 132int sctp_copy_local_addr_list(struct net *net, struct sctp_bind_addr *bp, 133 enum sctp_scope scope, gfp_t gfp, int copy_flags) 134{ 135 struct sctp_sockaddr_entry *addr; 136 union sctp_addr laddr; 137 int error = 0; 138 139 rcu_read_lock(); 140 list_for_each_entry_rcu(addr, &net->sctp.local_addr_list, list) { 141 if (!addr->valid) 142 continue; 143 if (!sctp_in_scope(net, &addr->a, scope)) 144 continue; 145 146 /* Now that the address is in scope, check to see if 147 * the address type is really supported by the local 148 * sock as well as the remote peer. 149 */ 150 if (addr->a.sa.sa_family == AF_INET && 151 (!(copy_flags & SCTP_ADDR4_ALLOWED) || 152 !(copy_flags & SCTP_ADDR4_PEERSUPP))) 153 continue; 154 if (addr->a.sa.sa_family == AF_INET6 && 155 (!(copy_flags & SCTP_ADDR6_ALLOWED) || 156 !(copy_flags & SCTP_ADDR6_PEERSUPP))) 157 continue; 158 159 laddr = addr->a; 160 /* also works for setting ipv6 address port */ 161 laddr.v4.sin_port = htons(bp->port); 162 if (sctp_bind_addr_state(bp, &laddr) != -1) 163 continue; 164 165 error = sctp_add_bind_addr(bp, &addr->a, sizeof(addr->a), 166 SCTP_ADDR_SRC, GFP_ATOMIC); 167 if (error) 168 break; 169 } 170 171 rcu_read_unlock(); 172 return error; 173} 174 175/* Copy over any ip options */ 176static void sctp_v4_copy_ip_options(struct sock *sk, struct sock *newsk) 177{ 178 struct inet_sock *newinet, *inet = inet_sk(sk); 179 struct ip_options_rcu *inet_opt, *newopt = NULL; 180 181 newinet = inet_sk(newsk); 182 183 rcu_read_lock(); 184 inet_opt = rcu_dereference(inet->inet_opt); 185 if (inet_opt) { 186 newopt = sock_kmalloc(newsk, sizeof(*inet_opt) + 187 inet_opt->opt.optlen, GFP_ATOMIC); 188 if (newopt) 189 memcpy(newopt, inet_opt, sizeof(*inet_opt) + 190 inet_opt->opt.optlen); 191 else 192 pr_err("%s: Failed to copy ip options\n", __func__); 193 } 194 RCU_INIT_POINTER(newinet->inet_opt, newopt); 195 rcu_read_unlock(); 196} 197 198/* Account for the IP options */ 199static int sctp_v4_ip_options_len(struct sock *sk) 200{ 201 struct inet_sock *inet = inet_sk(sk); 202 struct ip_options_rcu *inet_opt; 203 int len = 0; 204 205 rcu_read_lock(); 206 inet_opt = rcu_dereference(inet->inet_opt); 207 if (inet_opt) 208 len = inet_opt->opt.optlen; 209 210 rcu_read_unlock(); 211 return len; 212} 213 214/* Initialize a sctp_addr from in incoming skb. */ 215static void sctp_v4_from_skb(union sctp_addr *addr, struct sk_buff *skb, 216 int is_saddr) 217{ 218 /* Always called on head skb, so this is safe */ 219 struct sctphdr *sh = sctp_hdr(skb); 220 struct sockaddr_in *sa = &addr->v4; 221 222 addr->v4.sin_family = AF_INET; 223 224 if (is_saddr) { 225 sa->sin_port = sh->source; 226 sa->sin_addr.s_addr = ip_hdr(skb)->saddr; 227 } else { 228 sa->sin_port = sh->dest; 229 sa->sin_addr.s_addr = ip_hdr(skb)->daddr; 230 } 231 memset(sa->sin_zero, 0, sizeof(sa->sin_zero)); 232} 233 234/* Initialize an sctp_addr from a socket. */ 235static void sctp_v4_from_sk(union sctp_addr *addr, struct sock *sk) 236{ 237 addr->v4.sin_family = AF_INET; 238 addr->v4.sin_port = 0; 239 addr->v4.sin_addr.s_addr = inet_sk(sk)->inet_rcv_saddr; 240 memset(addr->v4.sin_zero, 0, sizeof(addr->v4.sin_zero)); 241} 242 243/* Initialize sk->sk_rcv_saddr from sctp_addr. */ 244static void sctp_v4_to_sk_saddr(union sctp_addr *addr, struct sock *sk) 245{ 246 inet_sk(sk)->inet_rcv_saddr = addr->v4.sin_addr.s_addr; 247} 248 249/* Initialize sk->sk_daddr from sctp_addr. */ 250static void sctp_v4_to_sk_daddr(union sctp_addr *addr, struct sock *sk) 251{ 252 inet_sk(sk)->inet_daddr = addr->v4.sin_addr.s_addr; 253} 254 255/* Initialize a sctp_addr from an address parameter. */ 256static bool sctp_v4_from_addr_param(union sctp_addr *addr, 257 union sctp_addr_param *param, 258 __be16 port, int iif) 259{ 260 if (ntohs(param->v4.param_hdr.length) < sizeof(struct sctp_ipv4addr_param)) 261 return false; 262 263 addr->v4.sin_family = AF_INET; 264 addr->v4.sin_port = port; 265 addr->v4.sin_addr.s_addr = param->v4.addr.s_addr; 266 memset(addr->v4.sin_zero, 0, sizeof(addr->v4.sin_zero)); 267 268 return true; 269} 270 271/* Initialize an address parameter from a sctp_addr and return the length 272 * of the address parameter. 273 */ 274static int sctp_v4_to_addr_param(const union sctp_addr *addr, 275 union sctp_addr_param *param) 276{ 277 int length = sizeof(struct sctp_ipv4addr_param); 278 279 param->v4.param_hdr.type = SCTP_PARAM_IPV4_ADDRESS; 280 param->v4.param_hdr.length = htons(length); 281 param->v4.addr.s_addr = addr->v4.sin_addr.s_addr; 282 283 return length; 284} 285 286/* Initialize a sctp_addr from a dst_entry. */ 287static void sctp_v4_dst_saddr(union sctp_addr *saddr, struct flowi4 *fl4, 288 __be16 port) 289{ 290 saddr->v4.sin_family = AF_INET; 291 saddr->v4.sin_port = port; 292 saddr->v4.sin_addr.s_addr = fl4->saddr; 293 memset(saddr->v4.sin_zero, 0, sizeof(saddr->v4.sin_zero)); 294} 295 296/* Compare two addresses exactly. */ 297static int sctp_v4_cmp_addr(const union sctp_addr *addr1, 298 const union sctp_addr *addr2) 299{ 300 if (addr1->sa.sa_family != addr2->sa.sa_family) 301 return 0; 302 if (addr1->v4.sin_port != addr2->v4.sin_port) 303 return 0; 304 if (addr1->v4.sin_addr.s_addr != addr2->v4.sin_addr.s_addr) 305 return 0; 306 307 return 1; 308} 309 310/* Initialize addr struct to INADDR_ANY. */ 311static void sctp_v4_inaddr_any(union sctp_addr *addr, __be16 port) 312{ 313 addr->v4.sin_family = AF_INET; 314 addr->v4.sin_addr.s_addr = htonl(INADDR_ANY); 315 addr->v4.sin_port = port; 316 memset(addr->v4.sin_zero, 0, sizeof(addr->v4.sin_zero)); 317} 318 319/* Is this a wildcard address? */ 320static int sctp_v4_is_any(const union sctp_addr *addr) 321{ 322 return htonl(INADDR_ANY) == addr->v4.sin_addr.s_addr; 323} 324 325/* This function checks if the address is a valid address to be used for 326 * SCTP binding. 327 * 328 * Output: 329 * Return 0 - If the address is a non-unicast or an illegal address. 330 * Return 1 - If the address is a unicast. 331 */ 332static int sctp_v4_addr_valid(union sctp_addr *addr, 333 struct sctp_sock *sp, 334 const struct sk_buff *skb) 335{ 336 /* IPv4 addresses not allowed */ 337 if (sp && ipv6_only_sock(sctp_opt2sk(sp))) 338 return 0; 339 340 /* Is this a non-unicast address or a unusable SCTP address? */ 341 if (IS_IPV4_UNUSABLE_ADDRESS(addr->v4.sin_addr.s_addr)) 342 return 0; 343 344 /* Is this a broadcast address? */ 345 if (skb && skb_rtable(skb)->rt_flags & RTCF_BROADCAST) 346 return 0; 347 348 return 1; 349} 350 351/* Should this be available for binding? */ 352static int sctp_v4_available(union sctp_addr *addr, struct sctp_sock *sp) 353{ 354 struct net *net = sock_net(&sp->inet.sk); 355 int ret = inet_addr_type(net, addr->v4.sin_addr.s_addr); 356 357 358 if (addr->v4.sin_addr.s_addr != htonl(INADDR_ANY) && 359 ret != RTN_LOCAL && 360 !sp->inet.freebind && 361 !net->ipv4.sysctl_ip_nonlocal_bind) 362 return 0; 363 364 if (ipv6_only_sock(sctp_opt2sk(sp))) 365 return 0; 366 367 return 1; 368} 369 370/* Checking the loopback, private and other address scopes as defined in 371 * RFC 1918. The IPv4 scoping is based on the draft for SCTP IPv4 372 * scoping <draft-stewart-tsvwg-sctp-ipv4-00.txt>. 373 * 374 * Level 0 - unusable SCTP addresses 375 * Level 1 - loopback address 376 * Level 2 - link-local addresses 377 * Level 3 - private addresses. 378 * Level 4 - global addresses 379 * For INIT and INIT-ACK address list, let L be the level of 380 * requested destination address, sender and receiver 381 * SHOULD include all of its addresses with level greater 382 * than or equal to L. 383 * 384 * IPv4 scoping can be controlled through sysctl option 385 * net.sctp.addr_scope_policy 386 */ 387static enum sctp_scope sctp_v4_scope(union sctp_addr *addr) 388{ 389 enum sctp_scope retval; 390 391 /* Check for unusable SCTP addresses. */ 392 if (IS_IPV4_UNUSABLE_ADDRESS(addr->v4.sin_addr.s_addr)) { 393 retval = SCTP_SCOPE_UNUSABLE; 394 } else if (ipv4_is_loopback(addr->v4.sin_addr.s_addr)) { 395 retval = SCTP_SCOPE_LOOPBACK; 396 } else if (ipv4_is_linklocal_169(addr->v4.sin_addr.s_addr)) { 397 retval = SCTP_SCOPE_LINK; 398 } else if (ipv4_is_private_10(addr->v4.sin_addr.s_addr) || 399 ipv4_is_private_172(addr->v4.sin_addr.s_addr) || 400 ipv4_is_private_192(addr->v4.sin_addr.s_addr) || 401 ipv4_is_test_198(addr->v4.sin_addr.s_addr)) { 402 retval = SCTP_SCOPE_PRIVATE; 403 } else { 404 retval = SCTP_SCOPE_GLOBAL; 405 } 406 407 return retval; 408} 409 410/* Returns a valid dst cache entry for the given source and destination ip 411 * addresses. If an association is passed, trys to get a dst entry with a 412 * source address that matches an address in the bind address list. 413 */ 414static void sctp_v4_get_dst(struct sctp_transport *t, union sctp_addr *saddr, 415 struct flowi *fl, struct sock *sk) 416{ 417 struct sctp_association *asoc = t->asoc; 418 struct rtable *rt; 419 struct flowi _fl; 420 struct flowi4 *fl4 = &_fl.u.ip4; 421 struct sctp_bind_addr *bp; 422 struct sctp_sockaddr_entry *laddr; 423 struct dst_entry *dst = NULL; 424 union sctp_addr *daddr = &t->ipaddr; 425 union sctp_addr dst_saddr; 426 __u8 tos = inet_sk(sk)->tos; 427 428 if (t->dscp & SCTP_DSCP_SET_MASK) 429 tos = t->dscp & SCTP_DSCP_VAL_MASK; 430 memset(&_fl, 0x0, sizeof(_fl)); 431 fl4->daddr = daddr->v4.sin_addr.s_addr; 432 fl4->fl4_dport = daddr->v4.sin_port; 433 fl4->flowi4_proto = IPPROTO_SCTP; 434 if (asoc) { 435 fl4->flowi4_tos = RT_CONN_FLAGS_TOS(asoc->base.sk, tos); 436 fl4->flowi4_oif = asoc->base.sk->sk_bound_dev_if; 437 fl4->fl4_sport = htons(asoc->base.bind_addr.port); 438 } 439 if (saddr) { 440 fl4->saddr = saddr->v4.sin_addr.s_addr; 441 if (!fl4->fl4_sport) 442 fl4->fl4_sport = saddr->v4.sin_port; 443 } 444 445 pr_debug("%s: dst:%pI4, src:%pI4 - ", __func__, &fl4->daddr, 446 &fl4->saddr); 447 448 rt = ip_route_output_key(sock_net(sk), fl4); 449 if (!IS_ERR(rt)) { 450 dst = &rt->dst; 451 t->dst = dst; 452 memcpy(fl, &_fl, sizeof(_fl)); 453 } 454 455 /* If there is no association or if a source address is passed, no 456 * more validation is required. 457 */ 458 if (!asoc || saddr) 459 goto out; 460 461 bp = &asoc->base.bind_addr; 462 463 if (dst) { 464 /* Walk through the bind address list and look for a bind 465 * address that matches the source address of the returned dst. 466 */ 467 sctp_v4_dst_saddr(&dst_saddr, fl4, htons(bp->port)); 468 rcu_read_lock(); 469 list_for_each_entry_rcu(laddr, &bp->address_list, list) { 470 if (!laddr->valid || (laddr->state == SCTP_ADDR_DEL) || 471 (laddr->state != SCTP_ADDR_SRC && 472 !asoc->src_out_of_asoc_ok)) 473 continue; 474 if (sctp_v4_cmp_addr(&dst_saddr, &laddr->a)) 475 goto out_unlock; 476 } 477 rcu_read_unlock(); 478 479 /* None of the bound addresses match the source address of the 480 * dst. So release it. 481 */ 482 dst_release(dst); 483 dst = NULL; 484 } 485 486 /* Walk through the bind address list and try to get a dst that 487 * matches a bind address as the source address. 488 */ 489 rcu_read_lock(); 490 list_for_each_entry_rcu(laddr, &bp->address_list, list) { 491 struct net_device *odev; 492 493 if (!laddr->valid) 494 continue; 495 if (laddr->state != SCTP_ADDR_SRC || 496 AF_INET != laddr->a.sa.sa_family) 497 continue; 498 499 fl4->fl4_sport = laddr->a.v4.sin_port; 500 flowi4_update_output(fl4, 501 asoc->base.sk->sk_bound_dev_if, 502 RT_CONN_FLAGS_TOS(asoc->base.sk, tos), 503 daddr->v4.sin_addr.s_addr, 504 laddr->a.v4.sin_addr.s_addr); 505 506 rt = ip_route_output_key(sock_net(sk), fl4); 507 if (IS_ERR(rt)) 508 continue; 509 510 /* Ensure the src address belongs to the output 511 * interface. 512 */ 513 odev = __ip_dev_find(sock_net(sk), laddr->a.v4.sin_addr.s_addr, 514 false); 515 if (!odev || odev->ifindex != fl4->flowi4_oif) { 516 if (!dst) { 517 dst = &rt->dst; 518 t->dst = dst; 519 memcpy(fl, &_fl, sizeof(_fl)); 520 } else { 521 dst_release(&rt->dst); 522 } 523 continue; 524 } 525 526 dst_release(dst); 527 dst = &rt->dst; 528 t->dst = dst; 529 memcpy(fl, &_fl, sizeof(_fl)); 530 break; 531 } 532 533out_unlock: 534 rcu_read_unlock(); 535out: 536 if (dst) { 537 pr_debug("rt_dst:%pI4, rt_src:%pI4\n", 538 &fl->u.ip4.daddr, &fl->u.ip4.saddr); 539 } else { 540 t->dst = NULL; 541 pr_debug("no route\n"); 542 } 543} 544 545/* For v4, the source address is cached in the route entry(dst). So no need 546 * to cache it separately and hence this is an empty routine. 547 */ 548static void sctp_v4_get_saddr(struct sctp_sock *sk, 549 struct sctp_transport *t, 550 struct flowi *fl) 551{ 552 union sctp_addr *saddr = &t->saddr; 553 struct rtable *rt = (struct rtable *)t->dst; 554 555 if (rt) { 556 saddr->v4.sin_family = AF_INET; 557 saddr->v4.sin_addr.s_addr = fl->u.ip4.saddr; 558 } 559} 560 561/* What interface did this skb arrive on? */ 562static int sctp_v4_skb_iif(const struct sk_buff *skb) 563{ 564 return inet_iif(skb); 565} 566 567/* Was this packet marked by Explicit Congestion Notification? */ 568static int sctp_v4_is_ce(const struct sk_buff *skb) 569{ 570 return INET_ECN_is_ce(ip_hdr(skb)->tos); 571} 572 573/* Create and initialize a new sk for the socket returned by accept(). */ 574static struct sock *sctp_v4_create_accept_sk(struct sock *sk, 575 struct sctp_association *asoc, 576 bool kern) 577{ 578 struct sock *newsk = sk_alloc(sock_net(sk), PF_INET, GFP_KERNEL, 579 sk->sk_prot, kern); 580 struct inet_sock *newinet; 581 582 if (!newsk) 583 goto out; 584 585 sock_init_data(NULL, newsk); 586 587 sctp_copy_sock(newsk, sk, asoc); 588 sock_reset_flag(newsk, SOCK_ZAPPED); 589 590 sctp_v4_copy_ip_options(sk, newsk); 591 592 newinet = inet_sk(newsk); 593 594 newinet->inet_daddr = asoc->peer.primary_addr.v4.sin_addr.s_addr; 595 596 sk_refcnt_debug_inc(newsk); 597 598 if (newsk->sk_prot->init(newsk)) { 599 sk_common_release(newsk); 600 newsk = NULL; 601 } 602 603out: 604 return newsk; 605} 606 607static int sctp_v4_addr_to_user(struct sctp_sock *sp, union sctp_addr *addr) 608{ 609 /* No address mapping for V4 sockets */ 610 memset(addr->v4.sin_zero, 0, sizeof(addr->v4.sin_zero)); 611 return sizeof(struct sockaddr_in); 612} 613 614/* Dump the v4 addr to the seq file. */ 615static void sctp_v4_seq_dump_addr(struct seq_file *seq, union sctp_addr *addr) 616{ 617 seq_printf(seq, "%pI4 ", &addr->v4.sin_addr); 618} 619 620static void sctp_v4_ecn_capable(struct sock *sk) 621{ 622 INET_ECN_xmit(sk); 623} 624 625static void sctp_addr_wq_timeout_handler(struct timer_list *t) 626{ 627 struct net *net = from_timer(net, t, sctp.addr_wq_timer); 628 struct sctp_sockaddr_entry *addrw, *temp; 629 struct sctp_sock *sp; 630 631 spin_lock_bh(&net->sctp.addr_wq_lock); 632 633 list_for_each_entry_safe(addrw, temp, &net->sctp.addr_waitq, list) { 634 pr_debug("%s: the first ent in wq:%p is addr:%pISc for cmd:%d at " 635 "entry:%p\n", __func__, &net->sctp.addr_waitq, &addrw->a.sa, 636 addrw->state, addrw); 637 638#if IS_ENABLED(CONFIG_IPV6) 639 /* Now we send an ASCONF for each association */ 640 /* Note. we currently don't handle link local IPv6 addressees */ 641 if (addrw->a.sa.sa_family == AF_INET6) { 642 struct in6_addr *in6; 643 644 if (ipv6_addr_type(&addrw->a.v6.sin6_addr) & 645 IPV6_ADDR_LINKLOCAL) 646 goto free_next; 647 648 in6 = (struct in6_addr *)&addrw->a.v6.sin6_addr; 649 if (ipv6_chk_addr(net, in6, NULL, 0) == 0 && 650 addrw->state == SCTP_ADDR_NEW) { 651 unsigned long timeo_val; 652 653 pr_debug("%s: this is on DAD, trying %d sec " 654 "later\n", __func__, 655 SCTP_ADDRESS_TICK_DELAY); 656 657 timeo_val = jiffies; 658 timeo_val += msecs_to_jiffies(SCTP_ADDRESS_TICK_DELAY); 659 mod_timer(&net->sctp.addr_wq_timer, timeo_val); 660 break; 661 } 662 } 663#endif 664 list_for_each_entry(sp, &net->sctp.auto_asconf_splist, auto_asconf_list) { 665 struct sock *sk; 666 667 sk = sctp_opt2sk(sp); 668 /* ignore bound-specific endpoints */ 669 if (!sctp_is_ep_boundall(sk)) 670 continue; 671 bh_lock_sock(sk); 672 if (sctp_asconf_mgmt(sp, addrw) < 0) 673 pr_debug("%s: sctp_asconf_mgmt failed\n", __func__); 674 bh_unlock_sock(sk); 675 } 676#if IS_ENABLED(CONFIG_IPV6) 677free_next: 678#endif 679 list_del(&addrw->list); 680 kfree(addrw); 681 } 682 spin_unlock_bh(&net->sctp.addr_wq_lock); 683} 684 685static void sctp_free_addr_wq(struct net *net) 686{ 687 struct sctp_sockaddr_entry *addrw; 688 struct sctp_sockaddr_entry *temp; 689 690 spin_lock_bh(&net->sctp.addr_wq_lock); 691 del_timer(&net->sctp.addr_wq_timer); 692 list_for_each_entry_safe(addrw, temp, &net->sctp.addr_waitq, list) { 693 list_del(&addrw->list); 694 kfree(addrw); 695 } 696 spin_unlock_bh(&net->sctp.addr_wq_lock); 697} 698 699/* lookup the entry for the same address in the addr_waitq 700 * sctp_addr_wq MUST be locked 701 */ 702static struct sctp_sockaddr_entry *sctp_addr_wq_lookup(struct net *net, 703 struct sctp_sockaddr_entry *addr) 704{ 705 struct sctp_sockaddr_entry *addrw; 706 707 list_for_each_entry(addrw, &net->sctp.addr_waitq, list) { 708 if (addrw->a.sa.sa_family != addr->a.sa.sa_family) 709 continue; 710 if (addrw->a.sa.sa_family == AF_INET) { 711 if (addrw->a.v4.sin_addr.s_addr == 712 addr->a.v4.sin_addr.s_addr) 713 return addrw; 714 } else if (addrw->a.sa.sa_family == AF_INET6) { 715 if (ipv6_addr_equal(&addrw->a.v6.sin6_addr, 716 &addr->a.v6.sin6_addr)) 717 return addrw; 718 } 719 } 720 return NULL; 721} 722 723void sctp_addr_wq_mgmt(struct net *net, struct sctp_sockaddr_entry *addr, int cmd) 724{ 725 struct sctp_sockaddr_entry *addrw; 726 unsigned long timeo_val; 727 728 /* first, we check if an opposite message already exist in the queue. 729 * If we found such message, it is removed. 730 * This operation is a bit stupid, but the DHCP client attaches the 731 * new address after a couple of addition and deletion of that address 732 */ 733 734 spin_lock_bh(&net->sctp.addr_wq_lock); 735 /* Offsets existing events in addr_wq */ 736 addrw = sctp_addr_wq_lookup(net, addr); 737 if (addrw) { 738 if (addrw->state != cmd) { 739 pr_debug("%s: offsets existing entry for %d, addr:%pISc " 740 "in wq:%p\n", __func__, addrw->state, &addrw->a.sa, 741 &net->sctp.addr_waitq); 742 743 list_del(&addrw->list); 744 kfree(addrw); 745 } 746 spin_unlock_bh(&net->sctp.addr_wq_lock); 747 return; 748 } 749 750 /* OK, we have to add the new address to the wait queue */ 751 addrw = kmemdup(addr, sizeof(struct sctp_sockaddr_entry), GFP_ATOMIC); 752 if (addrw == NULL) { 753 spin_unlock_bh(&net->sctp.addr_wq_lock); 754 return; 755 } 756 addrw->state = cmd; 757 list_add_tail(&addrw->list, &net->sctp.addr_waitq); 758 759 pr_debug("%s: add new entry for cmd:%d, addr:%pISc in wq:%p\n", 760 __func__, addrw->state, &addrw->a.sa, &net->sctp.addr_waitq); 761 762 if (!timer_pending(&net->sctp.addr_wq_timer)) { 763 timeo_val = jiffies; 764 timeo_val += msecs_to_jiffies(SCTP_ADDRESS_TICK_DELAY); 765 mod_timer(&net->sctp.addr_wq_timer, timeo_val); 766 } 767 spin_unlock_bh(&net->sctp.addr_wq_lock); 768} 769 770/* Event handler for inet address addition/deletion events. 771 * The sctp_local_addr_list needs to be protocted by a spin lock since 772 * multiple notifiers (say IPv4 and IPv6) may be running at the same 773 * time and thus corrupt the list. 774 * The reader side is protected with RCU. 775 */ 776static int sctp_inetaddr_event(struct notifier_block *this, unsigned long ev, 777 void *ptr) 778{ 779 struct in_ifaddr *ifa = (struct in_ifaddr *)ptr; 780 struct sctp_sockaddr_entry *addr = NULL; 781 struct sctp_sockaddr_entry *temp; 782 struct net *net = dev_net(ifa->ifa_dev->dev); 783 int found = 0; 784 785 switch (ev) { 786 case NETDEV_UP: 787 addr = kzalloc(sizeof(*addr), GFP_ATOMIC); 788 if (addr) { 789 addr->a.v4.sin_family = AF_INET; 790 addr->a.v4.sin_addr.s_addr = ifa->ifa_local; 791 addr->valid = 1; 792 spin_lock_bh(&net->sctp.local_addr_lock); 793 list_add_tail_rcu(&addr->list, &net->sctp.local_addr_list); 794 sctp_addr_wq_mgmt(net, addr, SCTP_ADDR_NEW); 795 spin_unlock_bh(&net->sctp.local_addr_lock); 796 } 797 break; 798 case NETDEV_DOWN: 799 spin_lock_bh(&net->sctp.local_addr_lock); 800 list_for_each_entry_safe(addr, temp, 801 &net->sctp.local_addr_list, list) { 802 if (addr->a.sa.sa_family == AF_INET && 803 addr->a.v4.sin_addr.s_addr == 804 ifa->ifa_local) { 805 sctp_addr_wq_mgmt(net, addr, SCTP_ADDR_DEL); 806 found = 1; 807 addr->valid = 0; 808 list_del_rcu(&addr->list); 809 break; 810 } 811 } 812 spin_unlock_bh(&net->sctp.local_addr_lock); 813 if (found) 814 kfree_rcu(addr, rcu); 815 break; 816 } 817 818 return NOTIFY_DONE; 819} 820 821/* 822 * Initialize the control inode/socket with a control endpoint data 823 * structure. This endpoint is reserved exclusively for the OOTB processing. 824 */ 825static int sctp_ctl_sock_init(struct net *net) 826{ 827 int err; 828 sa_family_t family = PF_INET; 829 830 if (sctp_get_pf_specific(PF_INET6)) 831 family = PF_INET6; 832 833 err = inet_ctl_sock_create(&net->sctp.ctl_sock, family, 834 SOCK_SEQPACKET, IPPROTO_SCTP, net); 835 836 /* If IPv6 socket could not be created, try the IPv4 socket */ 837 if (err < 0 && family == PF_INET6) 838 err = inet_ctl_sock_create(&net->sctp.ctl_sock, AF_INET, 839 SOCK_SEQPACKET, IPPROTO_SCTP, 840 net); 841 842 if (err < 0) { 843 pr_err("Failed to create the SCTP control socket\n"); 844 return err; 845 } 846 return 0; 847} 848 849static int sctp_udp_rcv(struct sock *sk, struct sk_buff *skb) 850{ 851 SCTP_INPUT_CB(skb)->encap_port = udp_hdr(skb)->source; 852 853 skb_set_transport_header(skb, sizeof(struct udphdr)); 854 sctp_rcv(skb); 855 return 0; 856} 857 858int sctp_udp_sock_start(struct net *net) 859{ 860 struct udp_tunnel_sock_cfg tuncfg = {NULL}; 861 struct udp_port_cfg udp_conf = {0}; 862 struct socket *sock; 863 int err; 864 865 udp_conf.family = AF_INET; 866 udp_conf.local_ip.s_addr = htonl(INADDR_ANY); 867 udp_conf.local_udp_port = htons(net->sctp.udp_port); 868 err = udp_sock_create(net, &udp_conf, &sock); 869 if (err) { 870 pr_err("Failed to create the SCTP UDP tunneling v4 sock\n"); 871 return err; 872 } 873 874 tuncfg.encap_type = 1; 875 tuncfg.encap_rcv = sctp_udp_rcv; 876 tuncfg.encap_err_lookup = sctp_udp_v4_err; 877 setup_udp_tunnel_sock(net, sock, &tuncfg); 878 net->sctp.udp4_sock = sock->sk; 879 880#if IS_ENABLED(CONFIG_IPV6) 881 memset(&udp_conf, 0, sizeof(udp_conf)); 882 883 udp_conf.family = AF_INET6; 884 udp_conf.local_ip6 = in6addr_any; 885 udp_conf.local_udp_port = htons(net->sctp.udp_port); 886 udp_conf.use_udp6_rx_checksums = true; 887 udp_conf.ipv6_v6only = true; 888 err = udp_sock_create(net, &udp_conf, &sock); 889 if (err) { 890 pr_err("Failed to create the SCTP UDP tunneling v6 sock\n"); 891 udp_tunnel_sock_release(net->sctp.udp4_sock->sk_socket); 892 net->sctp.udp4_sock = NULL; 893 return err; 894 } 895 896 tuncfg.encap_type = 1; 897 tuncfg.encap_rcv = sctp_udp_rcv; 898 tuncfg.encap_err_lookup = sctp_udp_v6_err; 899 setup_udp_tunnel_sock(net, sock, &tuncfg); 900 net->sctp.udp6_sock = sock->sk; 901#endif 902 903 return 0; 904} 905 906void sctp_udp_sock_stop(struct net *net) 907{ 908 if (net->sctp.udp4_sock) { 909 udp_tunnel_sock_release(net->sctp.udp4_sock->sk_socket); 910 net->sctp.udp4_sock = NULL; 911 } 912 if (net->sctp.udp6_sock) { 913 udp_tunnel_sock_release(net->sctp.udp6_sock->sk_socket); 914 net->sctp.udp6_sock = NULL; 915 } 916} 917 918/* Register address family specific functions. */ 919int sctp_register_af(struct sctp_af *af) 920{ 921 switch (af->sa_family) { 922 case AF_INET: 923 if (sctp_af_v4_specific) 924 return 0; 925 sctp_af_v4_specific = af; 926 break; 927 case AF_INET6: 928 if (sctp_af_v6_specific) 929 return 0; 930 sctp_af_v6_specific = af; 931 break; 932 default: 933 return 0; 934 } 935 936 INIT_LIST_HEAD(&af->list); 937 list_add_tail(&af->list, &sctp_address_families); 938 return 1; 939} 940 941/* Get the table of functions for manipulating a particular address 942 * family. 943 */ 944struct sctp_af *sctp_get_af_specific(sa_family_t family) 945{ 946 switch (family) { 947 case AF_INET: 948 return sctp_af_v4_specific; 949 case AF_INET6: 950 return sctp_af_v6_specific; 951 default: 952 return NULL; 953 } 954} 955 956/* Common code to initialize a AF_INET msg_name. */ 957static void sctp_inet_msgname(char *msgname, int *addr_len) 958{ 959 struct sockaddr_in *sin; 960 961 sin = (struct sockaddr_in *)msgname; 962 *addr_len = sizeof(struct sockaddr_in); 963 sin->sin_family = AF_INET; 964 memset(sin->sin_zero, 0, sizeof(sin->sin_zero)); 965} 966 967/* Copy the primary address of the peer primary address as the msg_name. */ 968static void sctp_inet_event_msgname(struct sctp_ulpevent *event, char *msgname, 969 int *addr_len) 970{ 971 struct sockaddr_in *sin, *sinfrom; 972 973 if (msgname) { 974 struct sctp_association *asoc; 975 976 asoc = event->asoc; 977 sctp_inet_msgname(msgname, addr_len); 978 sin = (struct sockaddr_in *)msgname; 979 sinfrom = &asoc->peer.primary_addr.v4; 980 sin->sin_port = htons(asoc->peer.port); 981 sin->sin_addr.s_addr = sinfrom->sin_addr.s_addr; 982 } 983} 984 985/* Initialize and copy out a msgname from an inbound skb. */ 986static void sctp_inet_skb_msgname(struct sk_buff *skb, char *msgname, int *len) 987{ 988 if (msgname) { 989 struct sctphdr *sh = sctp_hdr(skb); 990 struct sockaddr_in *sin = (struct sockaddr_in *)msgname; 991 992 sctp_inet_msgname(msgname, len); 993 sin->sin_port = sh->source; 994 sin->sin_addr.s_addr = ip_hdr(skb)->saddr; 995 } 996} 997 998/* Do we support this AF? */ 999static int sctp_inet_af_supported(sa_family_t family, struct sctp_sock *sp) 1000{ 1001 /* PF_INET only supports AF_INET addresses. */ 1002 return AF_INET == family; 1003} 1004 1005/* Address matching with wildcards allowed. */ 1006static int sctp_inet_cmp_addr(const union sctp_addr *addr1, 1007 const union sctp_addr *addr2, 1008 struct sctp_sock *opt) 1009{ 1010 /* PF_INET only supports AF_INET addresses. */ 1011 if (addr1->sa.sa_family != addr2->sa.sa_family) 1012 return 0; 1013 if (htonl(INADDR_ANY) == addr1->v4.sin_addr.s_addr || 1014 htonl(INADDR_ANY) == addr2->v4.sin_addr.s_addr) 1015 return 1; 1016 if (addr1->v4.sin_addr.s_addr == addr2->v4.sin_addr.s_addr) 1017 return 1; 1018 1019 return 0; 1020} 1021 1022/* Verify that provided sockaddr looks bindable. Common verification has 1023 * already been taken care of. 1024 */ 1025static int sctp_inet_bind_verify(struct sctp_sock *opt, union sctp_addr *addr) 1026{ 1027 return sctp_v4_available(addr, opt); 1028} 1029 1030/* Verify that sockaddr looks sendable. Common verification has already 1031 * been taken care of. 1032 */ 1033static int sctp_inet_send_verify(struct sctp_sock *opt, union sctp_addr *addr) 1034{ 1035 return 1; 1036} 1037 1038/* Fill in Supported Address Type information for INIT and INIT-ACK 1039 * chunks. Returns number of addresses supported. 1040 */ 1041static int sctp_inet_supported_addrs(const struct sctp_sock *opt, 1042 __be16 *types) 1043{ 1044 types[0] = SCTP_PARAM_IPV4_ADDRESS; 1045 return 1; 1046} 1047 1048/* Wrapper routine that calls the ip transmit routine. */ 1049static inline int sctp_v4_xmit(struct sk_buff *skb, struct sctp_transport *t) 1050{ 1051 struct dst_entry *dst = dst_clone(t->dst); 1052 struct flowi4 *fl4 = &t->fl.u.ip4; 1053 struct sock *sk = skb->sk; 1054 struct inet_sock *inet = inet_sk(sk); 1055 __u8 dscp = inet->tos; 1056 __be16 df = 0; 1057 1058 pr_debug("%s: skb:%p, len:%d, src:%pI4, dst:%pI4\n", __func__, skb, 1059 skb->len, &fl4->saddr, &fl4->daddr); 1060 1061 if (t->dscp & SCTP_DSCP_SET_MASK) 1062 dscp = t->dscp & SCTP_DSCP_VAL_MASK; 1063 1064 inet->pmtudisc = t->param_flags & SPP_PMTUD_ENABLE ? IP_PMTUDISC_DO 1065 : IP_PMTUDISC_DONT; 1066 SCTP_INC_STATS(sock_net(sk), SCTP_MIB_OUTSCTPPACKS); 1067 1068 if (!t->encap_port || !sctp_sk(sk)->udp_port) { 1069 skb_dst_set(skb, dst); 1070 return __ip_queue_xmit(sk, skb, &t->fl, dscp); 1071 } 1072 1073 if (skb_is_gso(skb)) 1074 skb_shinfo(skb)->gso_type |= SKB_GSO_UDP_TUNNEL_CSUM; 1075 1076 if (ip_dont_fragment(sk, dst) && !skb->ignore_df) 1077 df = htons(IP_DF); 1078 1079 skb->encapsulation = 1; 1080 skb_reset_inner_mac_header(skb); 1081 skb_reset_inner_transport_header(skb); 1082 skb_set_inner_ipproto(skb, IPPROTO_SCTP); 1083 udp_tunnel_xmit_skb((struct rtable *)dst, sk, skb, fl4->saddr, 1084 fl4->daddr, dscp, ip4_dst_hoplimit(dst), df, 1085 sctp_sk(sk)->udp_port, t->encap_port, false, false); 1086 return 0; 1087} 1088 1089static struct sctp_af sctp_af_inet; 1090 1091static struct sctp_pf sctp_pf_inet = { 1092 .event_msgname = sctp_inet_event_msgname, 1093 .skb_msgname = sctp_inet_skb_msgname, 1094 .af_supported = sctp_inet_af_supported, 1095 .cmp_addr = sctp_inet_cmp_addr, 1096 .bind_verify = sctp_inet_bind_verify, 1097 .send_verify = sctp_inet_send_verify, 1098 .supported_addrs = sctp_inet_supported_addrs, 1099 .create_accept_sk = sctp_v4_create_accept_sk, 1100 .addr_to_user = sctp_v4_addr_to_user, 1101 .to_sk_saddr = sctp_v4_to_sk_saddr, 1102 .to_sk_daddr = sctp_v4_to_sk_daddr, 1103 .copy_ip_options = sctp_v4_copy_ip_options, 1104 .af = &sctp_af_inet 1105}; 1106 1107/* Notifier for inetaddr addition/deletion events. */ 1108static struct notifier_block sctp_inetaddr_notifier = { 1109 .notifier_call = sctp_inetaddr_event, 1110}; 1111 1112/* Socket operations. */ 1113static const struct proto_ops inet_seqpacket_ops = { 1114 .family = PF_INET, 1115 .owner = THIS_MODULE, 1116 .release = inet_release, /* Needs to be wrapped... */ 1117 .bind = inet_bind, 1118 .connect = sctp_inet_connect, 1119 .socketpair = sock_no_socketpair, 1120 .accept = inet_accept, 1121 .getname = inet_getname, /* Semantics are different. */ 1122 .poll = sctp_poll, 1123 .ioctl = inet_ioctl, 1124 .gettstamp = sock_gettstamp, 1125 .listen = sctp_inet_listen, 1126 .shutdown = inet_shutdown, /* Looks harmless. */ 1127 .setsockopt = sock_common_setsockopt, /* IP_SOL IP_OPTION is a problem */ 1128 .getsockopt = sock_common_getsockopt, 1129 .sendmsg = inet_sendmsg, 1130 .recvmsg = inet_recvmsg, 1131 .mmap = sock_no_mmap, 1132 .sendpage = sock_no_sendpage, 1133}; 1134 1135/* Registration with AF_INET family. */ 1136static struct inet_protosw sctp_seqpacket_protosw = { 1137 .type = SOCK_SEQPACKET, 1138 .protocol = IPPROTO_SCTP, 1139 .prot = &sctp_prot, 1140 .ops = &inet_seqpacket_ops, 1141 .flags = SCTP_PROTOSW_FLAG 1142}; 1143static struct inet_protosw sctp_stream_protosw = { 1144 .type = SOCK_STREAM, 1145 .protocol = IPPROTO_SCTP, 1146 .prot = &sctp_prot, 1147 .ops = &inet_seqpacket_ops, 1148 .flags = SCTP_PROTOSW_FLAG 1149}; 1150 1151static int sctp4_rcv(struct sk_buff *skb) 1152{ 1153 SCTP_INPUT_CB(skb)->encap_port = 0; 1154 return sctp_rcv(skb); 1155} 1156 1157/* Register with IP layer. */ 1158static const struct net_protocol sctp_protocol = { 1159 .handler = sctp4_rcv, 1160 .err_handler = sctp_v4_err, 1161 .no_policy = 1, 1162 .icmp_strict_tag_validation = 1, 1163}; 1164 1165/* IPv4 address related functions. */ 1166static struct sctp_af sctp_af_inet = { 1167 .sa_family = AF_INET, 1168 .sctp_xmit = sctp_v4_xmit, 1169 .setsockopt = ip_setsockopt, 1170 .getsockopt = ip_getsockopt, 1171 .get_dst = sctp_v4_get_dst, 1172 .get_saddr = sctp_v4_get_saddr, 1173 .copy_addrlist = sctp_v4_copy_addrlist, 1174 .from_skb = sctp_v4_from_skb, 1175 .from_sk = sctp_v4_from_sk, 1176 .from_addr_param = sctp_v4_from_addr_param, 1177 .to_addr_param = sctp_v4_to_addr_param, 1178 .cmp_addr = sctp_v4_cmp_addr, 1179 .addr_valid = sctp_v4_addr_valid, 1180 .inaddr_any = sctp_v4_inaddr_any, 1181 .is_any = sctp_v4_is_any, 1182 .available = sctp_v4_available, 1183 .scope = sctp_v4_scope, 1184 .skb_iif = sctp_v4_skb_iif, 1185 .is_ce = sctp_v4_is_ce, 1186 .seq_dump_addr = sctp_v4_seq_dump_addr, 1187 .ecn_capable = sctp_v4_ecn_capable, 1188 .net_header_len = sizeof(struct iphdr), 1189 .sockaddr_len = sizeof(struct sockaddr_in), 1190 .ip_options_len = sctp_v4_ip_options_len, 1191}; 1192 1193struct sctp_pf *sctp_get_pf_specific(sa_family_t family) 1194{ 1195 switch (family) { 1196 case PF_INET: 1197 return sctp_pf_inet_specific; 1198 case PF_INET6: 1199 return sctp_pf_inet6_specific; 1200 default: 1201 return NULL; 1202 } 1203} 1204 1205/* Register the PF specific function table. */ 1206int sctp_register_pf(struct sctp_pf *pf, sa_family_t family) 1207{ 1208 switch (family) { 1209 case PF_INET: 1210 if (sctp_pf_inet_specific) 1211 return 0; 1212 sctp_pf_inet_specific = pf; 1213 break; 1214 case PF_INET6: 1215 if (sctp_pf_inet6_specific) 1216 return 0; 1217 sctp_pf_inet6_specific = pf; 1218 break; 1219 default: 1220 return 0; 1221 } 1222 return 1; 1223} 1224 1225static inline int init_sctp_mibs(struct net *net) 1226{ 1227 net->sctp.sctp_statistics = alloc_percpu(struct sctp_mib); 1228 if (!net->sctp.sctp_statistics) 1229 return -ENOMEM; 1230 return 0; 1231} 1232 1233static inline void cleanup_sctp_mibs(struct net *net) 1234{ 1235 free_percpu(net->sctp.sctp_statistics); 1236} 1237 1238static void sctp_v4_pf_init(void) 1239{ 1240 /* Initialize the SCTP specific PF functions. */ 1241 sctp_register_pf(&sctp_pf_inet, PF_INET); 1242 sctp_register_af(&sctp_af_inet); 1243} 1244 1245static void sctp_v4_pf_exit(void) 1246{ 1247 list_del(&sctp_af_inet.list); 1248} 1249 1250static int sctp_v4_protosw_init(void) 1251{ 1252 int rc; 1253 1254 rc = proto_register(&sctp_prot, 1); 1255 if (rc) 1256 return rc; 1257 1258 /* Register SCTP(UDP and TCP style) with socket layer. */ 1259 inet_register_protosw(&sctp_seqpacket_protosw); 1260 inet_register_protosw(&sctp_stream_protosw); 1261 1262 return 0; 1263} 1264 1265static void sctp_v4_protosw_exit(void) 1266{ 1267 inet_unregister_protosw(&sctp_stream_protosw); 1268 inet_unregister_protosw(&sctp_seqpacket_protosw); 1269 proto_unregister(&sctp_prot); 1270} 1271 1272static int sctp_v4_add_protocol(void) 1273{ 1274 /* Register notifier for inet address additions/deletions. */ 1275 register_inetaddr_notifier(&sctp_inetaddr_notifier); 1276 1277 /* Register SCTP with inet layer. */ 1278 if (inet_add_protocol(&sctp_protocol, IPPROTO_SCTP) < 0) 1279 return -EAGAIN; 1280 1281 return 0; 1282} 1283 1284static void sctp_v4_del_protocol(void) 1285{ 1286 inet_del_protocol(&sctp_protocol, IPPROTO_SCTP); 1287 unregister_inetaddr_notifier(&sctp_inetaddr_notifier); 1288} 1289 1290static int __net_init sctp_defaults_init(struct net *net) 1291{ 1292 int status; 1293 1294 /* 1295 * 14. Suggested SCTP Protocol Parameter Values 1296 */ 1297 /* The following protocol parameters are RECOMMENDED: */ 1298 /* RTO.Initial - 3 seconds */ 1299 net->sctp.rto_initial = SCTP_RTO_INITIAL; 1300 /* RTO.Min - 1 second */ 1301 net->sctp.rto_min = SCTP_RTO_MIN; 1302 /* RTO.Max - 60 seconds */ 1303 net->sctp.rto_max = SCTP_RTO_MAX; 1304 /* RTO.Alpha - 1/8 */ 1305 net->sctp.rto_alpha = SCTP_RTO_ALPHA; 1306 /* RTO.Beta - 1/4 */ 1307 net->sctp.rto_beta = SCTP_RTO_BETA; 1308 1309 /* Valid.Cookie.Life - 60 seconds */ 1310 net->sctp.valid_cookie_life = SCTP_DEFAULT_COOKIE_LIFE; 1311 1312 /* Whether Cookie Preservative is enabled(1) or not(0) */ 1313 net->sctp.cookie_preserve_enable = 1; 1314 1315 /* Default sctp sockets to use md5 as their hmac alg */ 1316#if defined (CONFIG_SCTP_DEFAULT_COOKIE_HMAC_MD5) 1317 net->sctp.sctp_hmac_alg = "md5"; 1318#elif defined (CONFIG_SCTP_DEFAULT_COOKIE_HMAC_SHA1) 1319 net->sctp.sctp_hmac_alg = "sha1"; 1320#else 1321 net->sctp.sctp_hmac_alg = NULL; 1322#endif 1323 1324 /* Max.Burst - 4 */ 1325 net->sctp.max_burst = SCTP_DEFAULT_MAX_BURST; 1326 1327 /* Disable of Primary Path Switchover by default */ 1328 net->sctp.ps_retrans = SCTP_PS_RETRANS_MAX; 1329 1330 /* Enable pf state by default */ 1331 net->sctp.pf_enable = 1; 1332 1333 /* Ignore pf exposure feature by default */ 1334 net->sctp.pf_expose = SCTP_PF_EXPOSE_UNSET; 1335 1336 /* Association.Max.Retrans - 10 attempts 1337 * Path.Max.Retrans - 5 attempts (per destination address) 1338 * Max.Init.Retransmits - 8 attempts 1339 */ 1340 net->sctp.max_retrans_association = 10; 1341 net->sctp.max_retrans_path = 5; 1342 net->sctp.max_retrans_init = 8; 1343 1344 /* Sendbuffer growth - do per-socket accounting */ 1345 net->sctp.sndbuf_policy = 0; 1346 1347 /* Rcvbuffer growth - do per-socket accounting */ 1348 net->sctp.rcvbuf_policy = 0; 1349 1350 /* HB.interval - 30 seconds */ 1351 net->sctp.hb_interval = SCTP_DEFAULT_TIMEOUT_HEARTBEAT; 1352 1353 /* delayed SACK timeout */ 1354 net->sctp.sack_timeout = SCTP_DEFAULT_TIMEOUT_SACK; 1355 1356 /* Disable ADDIP by default. */ 1357 net->sctp.addip_enable = 0; 1358 net->sctp.addip_noauth = 0; 1359 net->sctp.default_auto_asconf = 0; 1360 1361 /* Enable PR-SCTP by default. */ 1362 net->sctp.prsctp_enable = 1; 1363 1364 /* Disable RECONF by default. */ 1365 net->sctp.reconf_enable = 0; 1366 1367 /* Disable AUTH by default. */ 1368 net->sctp.auth_enable = 0; 1369 1370 /* Enable ECN by default. */ 1371 net->sctp.ecn_enable = 1; 1372 1373 /* Set UDP tunneling listening port to 0 by default */ 1374 net->sctp.udp_port = 0; 1375 1376 /* Set remote encap port to 0 by default */ 1377 net->sctp.encap_port = 0; 1378 1379 /* Set SCOPE policy to enabled */ 1380 net->sctp.scope_policy = SCTP_SCOPE_POLICY_ENABLE; 1381 1382 /* Set the default rwnd update threshold */ 1383 net->sctp.rwnd_upd_shift = SCTP_DEFAULT_RWND_SHIFT; 1384 1385 /* Initialize maximum autoclose timeout. */ 1386 net->sctp.max_autoclose = INT_MAX / HZ; 1387 1388 status = sctp_sysctl_net_register(net); 1389 if (status) 1390 goto err_sysctl_register; 1391 1392 /* Allocate and initialise sctp mibs. */ 1393 status = init_sctp_mibs(net); 1394 if (status) 1395 goto err_init_mibs; 1396 1397#ifdef CONFIG_PROC_FS 1398 /* Initialize proc fs directory. */ 1399 status = sctp_proc_init(net); 1400 if (status) 1401 goto err_init_proc; 1402#endif 1403 1404 sctp_dbg_objcnt_init(net); 1405 1406 /* Initialize the local address list. */ 1407 INIT_LIST_HEAD(&net->sctp.local_addr_list); 1408 spin_lock_init(&net->sctp.local_addr_lock); 1409 sctp_get_local_addr_list(net); 1410 1411 /* Initialize the address event list */ 1412 INIT_LIST_HEAD(&net->sctp.addr_waitq); 1413 INIT_LIST_HEAD(&net->sctp.auto_asconf_splist); 1414 spin_lock_init(&net->sctp.addr_wq_lock); 1415 net->sctp.addr_wq_timer.expires = 0; 1416 timer_setup(&net->sctp.addr_wq_timer, sctp_addr_wq_timeout_handler, 0); 1417 1418 return 0; 1419 1420#ifdef CONFIG_PROC_FS 1421err_init_proc: 1422 cleanup_sctp_mibs(net); 1423#endif 1424err_init_mibs: 1425 sctp_sysctl_net_unregister(net); 1426err_sysctl_register: 1427 return status; 1428} 1429 1430static void __net_exit sctp_defaults_exit(struct net *net) 1431{ 1432 /* Free the local address list */ 1433 sctp_free_addr_wq(net); 1434 sctp_free_local_addr_list(net); 1435 1436#ifdef CONFIG_PROC_FS 1437 remove_proc_subtree("sctp", net->proc_net); 1438 net->sctp.proc_net_sctp = NULL; 1439#endif 1440 cleanup_sctp_mibs(net); 1441 sctp_sysctl_net_unregister(net); 1442} 1443 1444static struct pernet_operations sctp_defaults_ops = { 1445 .init = sctp_defaults_init, 1446 .exit = sctp_defaults_exit, 1447}; 1448 1449static int __net_init sctp_ctrlsock_init(struct net *net) 1450{ 1451 int status; 1452 1453 /* Initialize the control inode/socket for handling OOTB packets. */ 1454 status = sctp_ctl_sock_init(net); 1455 if (status) 1456 pr_err("Failed to initialize the SCTP control sock\n"); 1457 1458 return status; 1459} 1460 1461static void __net_exit sctp_ctrlsock_exit(struct net *net) 1462{ 1463 /* Free the control endpoint. */ 1464 inet_ctl_sock_destroy(net->sctp.ctl_sock); 1465} 1466 1467static struct pernet_operations sctp_ctrlsock_ops = { 1468 .init = sctp_ctrlsock_init, 1469 .exit = sctp_ctrlsock_exit, 1470}; 1471 1472/* Initialize the universe into something sensible. */ 1473static __init int sctp_init(void) 1474{ 1475 unsigned long nr_pages = totalram_pages(); 1476 unsigned long limit; 1477 unsigned long goal; 1478 int max_entry_order; 1479 int num_entries; 1480 int max_share; 1481 int status; 1482 int order; 1483 int i; 1484 1485 sock_skb_cb_check_size(sizeof(struct sctp_ulpevent)); 1486 1487 /* Allocate bind_bucket and chunk caches. */ 1488 status = -ENOBUFS; 1489 sctp_bucket_cachep = kmem_cache_create("sctp_bind_bucket", 1490 sizeof(struct sctp_bind_bucket), 1491 0, SLAB_HWCACHE_ALIGN, 1492 NULL); 1493 if (!sctp_bucket_cachep) 1494 goto out; 1495 1496 sctp_chunk_cachep = kmem_cache_create("sctp_chunk", 1497 sizeof(struct sctp_chunk), 1498 0, SLAB_HWCACHE_ALIGN, 1499 NULL); 1500 if (!sctp_chunk_cachep) 1501 goto err_chunk_cachep; 1502 1503 status = percpu_counter_init(&sctp_sockets_allocated, 0, GFP_KERNEL); 1504 if (status) 1505 goto err_percpu_counter_init; 1506 1507 /* Implementation specific variables. */ 1508 1509 /* Initialize default stream count setup information. */ 1510 sctp_max_instreams = SCTP_DEFAULT_INSTREAMS; 1511 sctp_max_outstreams = SCTP_DEFAULT_OUTSTREAMS; 1512 1513 /* Initialize handle used for association ids. */ 1514 idr_init(&sctp_assocs_id); 1515 1516 limit = nr_free_buffer_pages() / 8; 1517 limit = max(limit, 128UL); 1518 sysctl_sctp_mem[0] = limit / 4 * 3; 1519 sysctl_sctp_mem[1] = limit; 1520 sysctl_sctp_mem[2] = sysctl_sctp_mem[0] * 2; 1521 1522 /* Set per-socket limits to no more than 1/128 the pressure threshold*/ 1523 limit = (sysctl_sctp_mem[1]) << (PAGE_SHIFT - 7); 1524 max_share = min(4UL*1024*1024, limit); 1525 1526 sysctl_sctp_rmem[0] = SK_MEM_QUANTUM; /* give each asoc 1 page min */ 1527 sysctl_sctp_rmem[1] = 1500 * SKB_TRUESIZE(1); 1528 sysctl_sctp_rmem[2] = max(sysctl_sctp_rmem[1], max_share); 1529 1530 sysctl_sctp_wmem[0] = SK_MEM_QUANTUM; 1531 sysctl_sctp_wmem[1] = 16*1024; 1532 sysctl_sctp_wmem[2] = max(64*1024, max_share); 1533 1534 /* Size and allocate the association hash table. 1535 * The methodology is similar to that of the tcp hash tables. 1536 * Though not identical. Start by getting a goal size 1537 */ 1538 if (nr_pages >= (128 * 1024)) 1539 goal = nr_pages >> (22 - PAGE_SHIFT); 1540 else 1541 goal = nr_pages >> (24 - PAGE_SHIFT); 1542 1543 /* Then compute the page order for said goal */ 1544 order = get_order(goal); 1545 1546 /* Now compute the required page order for the maximum sized table we 1547 * want to create 1548 */ 1549 max_entry_order = get_order(MAX_SCTP_PORT_HASH_ENTRIES * 1550 sizeof(struct sctp_bind_hashbucket)); 1551 1552 /* Limit the page order by that maximum hash table size */ 1553 order = min(order, max_entry_order); 1554 1555 /* Allocate and initialize the endpoint hash table. */ 1556 sctp_ep_hashsize = 64; 1557 sctp_ep_hashtable = 1558 kmalloc_array(64, sizeof(struct sctp_hashbucket), GFP_KERNEL); 1559 if (!sctp_ep_hashtable) { 1560 pr_err("Failed endpoint_hash alloc\n"); 1561 status = -ENOMEM; 1562 goto err_ehash_alloc; 1563 } 1564 for (i = 0; i < sctp_ep_hashsize; i++) { 1565 rwlock_init(&sctp_ep_hashtable[i].lock); 1566 INIT_HLIST_HEAD(&sctp_ep_hashtable[i].chain); 1567 } 1568 1569 /* Allocate and initialize the SCTP port hash table. 1570 * Note that order is initalized to start at the max sized 1571 * table we want to support. If we can't get that many pages 1572 * reduce the order and try again 1573 */ 1574 do { 1575 sctp_port_hashtable = (struct sctp_bind_hashbucket *) 1576 __get_free_pages(GFP_KERNEL | __GFP_NOWARN, order); 1577 } while (!sctp_port_hashtable && --order > 0); 1578 1579 if (!sctp_port_hashtable) { 1580 pr_err("Failed bind hash alloc\n"); 1581 status = -ENOMEM; 1582 goto err_bhash_alloc; 1583 } 1584 1585 /* Now compute the number of entries that will fit in the 1586 * port hash space we allocated 1587 */ 1588 num_entries = (1UL << order) * PAGE_SIZE / 1589 sizeof(struct sctp_bind_hashbucket); 1590 1591 /* And finish by rounding it down to the nearest power of two. 1592 * This wastes some memory of course, but it's needed because 1593 * the hash function operates based on the assumption that 1594 * the number of entries is a power of two. 1595 */ 1596 sctp_port_hashsize = rounddown_pow_of_two(num_entries); 1597 1598 for (i = 0; i < sctp_port_hashsize; i++) { 1599 spin_lock_init(&sctp_port_hashtable[i].lock); 1600 INIT_HLIST_HEAD(&sctp_port_hashtable[i].chain); 1601 } 1602 1603 status = sctp_transport_hashtable_init(); 1604 if (status) 1605 goto err_thash_alloc; 1606 1607 pr_info("Hash tables configured (bind %d/%d)\n", sctp_port_hashsize, 1608 num_entries); 1609 1610 sctp_sysctl_register(); 1611 1612 INIT_LIST_HEAD(&sctp_address_families); 1613 sctp_v4_pf_init(); 1614 sctp_v6_pf_init(); 1615 sctp_sched_ops_init(); 1616 1617 status = register_pernet_subsys(&sctp_defaults_ops); 1618 if (status) 1619 goto err_register_defaults; 1620 1621 status = sctp_v4_protosw_init(); 1622 if (status) 1623 goto err_protosw_init; 1624 1625 status = sctp_v6_protosw_init(); 1626 if (status) 1627 goto err_v6_protosw_init; 1628 1629 status = register_pernet_subsys(&sctp_ctrlsock_ops); 1630 if (status) 1631 goto err_register_ctrlsock; 1632 1633 status = sctp_v4_add_protocol(); 1634 if (status) 1635 goto err_add_protocol; 1636 1637 /* Register SCTP with inet6 layer. */ 1638 status = sctp_v6_add_protocol(); 1639 if (status) 1640 goto err_v6_add_protocol; 1641 1642 if (sctp_offload_init() < 0) 1643 pr_crit("%s: Cannot add SCTP protocol offload\n", __func__); 1644 1645out: 1646 return status; 1647err_v6_add_protocol: 1648 sctp_v4_del_protocol(); 1649err_add_protocol: 1650 unregister_pernet_subsys(&sctp_ctrlsock_ops); 1651err_register_ctrlsock: 1652 sctp_v6_protosw_exit(); 1653err_v6_protosw_init: 1654 sctp_v4_protosw_exit(); 1655err_protosw_init: 1656 unregister_pernet_subsys(&sctp_defaults_ops); 1657err_register_defaults: 1658 sctp_v4_pf_exit(); 1659 sctp_v6_pf_exit(); 1660 sctp_sysctl_unregister(); 1661 free_pages((unsigned long)sctp_port_hashtable, 1662 get_order(sctp_port_hashsize * 1663 sizeof(struct sctp_bind_hashbucket))); 1664err_bhash_alloc: 1665 sctp_transport_hashtable_destroy(); 1666err_thash_alloc: 1667 kfree(sctp_ep_hashtable); 1668err_ehash_alloc: 1669 percpu_counter_destroy(&sctp_sockets_allocated); 1670err_percpu_counter_init: 1671 kmem_cache_destroy(sctp_chunk_cachep); 1672err_chunk_cachep: 1673 kmem_cache_destroy(sctp_bucket_cachep); 1674 goto out; 1675} 1676 1677/* Exit handler for the SCTP protocol. */ 1678static __exit void sctp_exit(void) 1679{ 1680 /* BUG. This should probably do something useful like clean 1681 * up all the remaining associations and all that memory. 1682 */ 1683 1684 /* Unregister with inet6/inet layers. */ 1685 sctp_v6_del_protocol(); 1686 sctp_v4_del_protocol(); 1687 1688 unregister_pernet_subsys(&sctp_ctrlsock_ops); 1689 1690 /* Free protosw registrations */ 1691 sctp_v6_protosw_exit(); 1692 sctp_v4_protosw_exit(); 1693 1694 unregister_pernet_subsys(&sctp_defaults_ops); 1695 1696 /* Unregister with socket layer. */ 1697 sctp_v6_pf_exit(); 1698 sctp_v4_pf_exit(); 1699 1700 sctp_sysctl_unregister(); 1701 1702 free_pages((unsigned long)sctp_port_hashtable, 1703 get_order(sctp_port_hashsize * 1704 sizeof(struct sctp_bind_hashbucket))); 1705 kfree(sctp_ep_hashtable); 1706 sctp_transport_hashtable_destroy(); 1707 1708 percpu_counter_destroy(&sctp_sockets_allocated); 1709 1710 rcu_barrier(); /* Wait for completion of call_rcu()'s */ 1711 1712 kmem_cache_destroy(sctp_chunk_cachep); 1713 kmem_cache_destroy(sctp_bucket_cachep); 1714} 1715 1716module_init(sctp_init); 1717module_exit(sctp_exit); 1718 1719/* 1720 * __stringify doesn't likes enums, so use IPPROTO_SCTP value (132) directly. 1721 */ 1722MODULE_ALIAS("net-pf-" __stringify(PF_INET) "-proto-132"); 1723MODULE_ALIAS("net-pf-" __stringify(PF_INET6) "-proto-132"); 1724MODULE_AUTHOR("Linux Kernel SCTP developers <linux-sctp@vger.kernel.org>"); 1725MODULE_DESCRIPTION("Support for the SCTP protocol (RFC2960)"); 1726module_param_named(no_checksums, sctp_checksum_disable, bool, 0644); 1727MODULE_PARM_DESC(no_checksums, "Disable checksums computing and verification"); 1728MODULE_LICENSE("GPL");