aboutsummaryrefslogtreecommitdiffstats
path: root/net/sctp
Commit message (Collapse)AuthorAgeFilesLines
* [SCTP]: Add back the code that accounted for FORWARD_TSN parameter in INIT.Vlad Yasevich2008-01-081-0/+6
| | | | | | | | | Some recent changes completely removed accounting for the FORWARD_TSN parameter length in the INIT and INIT-ACK chunk. This is wrong and should be restored. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Correctly handle AUTH parameters in unexpected INITVlad Yasevich2008-01-081-22/+0
| | | | | | | | | | When processing an unexpected INIT chunk, we do not need to do any preservation of the old AUTH parameters. In fact, doing such preservations will nullify AUTH and allow connection stealing. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Fix the name of the authentication event.Vlad Yasevich2008-01-081-1/+1
| | | | | | | The even should be called SCTP_AUTHENTICATION_INDICATION. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Spelling fixesJoe Perches2007-12-201-4/+4
| | | | | Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Flush fragment queue when exiting partial delivery.Vlad Yasevich2007-12-161-0/+33
| | | | | | | | | | | | At the end of partial delivery, we may have complete messages sitting on the fragment queue. These messages are stuck there until a new fragment arrives. This can comletely stall a given association. When clearing partial delivery state, flush any complete messages from the fragment queue and send them on their way up. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Fix the bind_addr info during migration.Vlad Yasevich2007-12-072-10/+28
| | | | | | | | | | During accept/migrate the code attempts to copy the addresses from the parent endpoint to the new endpoint. However, if the parent was bound to a wildcard address, then we end up pointlessly copying all of the current addresses on the system. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Add bind hash locking to the migrate codeVlad Yasevich2007-12-071-0/+6
| | | | | | | | | | SCTP accept code tries to add a newliy created socket to a bind bucket without holding a lock. On a really busy system, that can causes slab corruptions. Add a lock around this code. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* SCTP: Fix build issues with SCTP AUTH.Vlad Yasevich2007-11-292-3/+5
| | | | | | | | SCTP-AUTH requires selection of CRYPTO, HMAC and SHA1 since SHA1 is a MUST requirement for AUTH. We also support SHA256, but that's optional, so fix the code to treat it as such. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Fix chunk acceptance when no authenticated chunks were listed.Vlad Yasevich2007-11-291-1/+1
| | | | | | | | | In the case where no autheticated chunks were specified, we were still trying to verify that a given chunk needs authentication and doing so incorrectly. Add a check for parameter length to make sure we don't try to use an empty auth_chunks parameter to verify against. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Fix the supported extensions paramterVlad Yasevich2007-11-291-15/+8
| | | | | | | | | Supported extensions parameter was not coded right and ended up over-writing memory or causing skb overflows. First, remove the FWD_TSN support from as it shouldn't be there and also fix the paramter encoding. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Fix SCTP-AUTH to correctly add HMACS paramter.Vlad Yasevich2007-11-291-1/+1
| | | | | | | | There was a typo that cleared the HMACS parameters when no authenticated chunks were specified. We whould be clearing the chunks pointer instead of the hmacs. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Fix the number of HB transmissions.Vlad Yasevich2007-11-291-1/+1
| | | | | | | | | | Our treatment of Heartbeats is special in that the inital HB chunk counts against the error count for the association, where as for other chunks, only retransmissions or timeouts count against us. As a result, we had an off-by-1 situation with a number of Heartbeats we could send. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* [SCTP]: Add missing "space"Joe Perches2007-11-191-1/+1
| | | | | Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* Fix memory leak in discard case of sctp_sf_abort_violation()Jesper Juhl2007-11-121-5/+5
| | | | | | | | | | | | | | | | In net/sctp/sm_statefuns.c::sctp_sf_abort_violation() we may leak the storage allocated for 'abort' by returning from the function without using or freeing it. This happens in case "sctp_auth_recv_cid(SCTP_CID_ABORT, asoc)" is true and we jump to the 'discard' label. Spotted by the Coverity checker. The simple fix is to simply move the creation of the "abort chunk" to after the possible jump to the 'discard' label. This way we don't even have to allocate the memory at all in the problem case. Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Always flush the queue when uncorcking.Vlad Yasevich2007-11-091-3/+2
| | | | | | | | | | | | | | | When the code calls uncork, trigger a queue flush, even if the queue was not corked. Most callers that explicitely cork the queue will have additinal checks to see if they corked it. Callers who do not cork the queue expect packets to flow when they call uncork. The scneario that showcased this bug happend when we were not able to bundle DATA with outgoing COOKIE-ECHO. As a result the data just sat in the outqueue and did not get transmitted. The application expected a response, but nothing happened. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Fix PR-SCTP to deliver all the accumulated ordered chunksVlad Yasevich2007-11-091-1/+1
| | | | | | | | | | There is a small bug when we process a FWD-TSN. We'll deliver anything upto the current next expected SSN. However, if the next expected is already in the queue, it will take another chunk to trigger its delivery. The fix is to simply check the current queued SSN is the next expected one. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Make sctp_verify_param return multiple indications.Vlad Yasevich2007-11-091-74/+75
| | | | | | | | | | SCTP-AUTH and future ADD-IP updates have a requirement to do additional verification of parameters and an ability to ABORT the association if verification fails. So, introduce additional return code so that we can clear signal a required action. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Convert custom hash lists to use hlist.Vlad Yasevich2007-11-095-47/+25
| | | | | | Convert the custom hash list traversals to use hlist functions. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Use hashed lookup when looking for an association.Vlad Yasevich2007-11-091-12/+22
| | | | | | | | A SCTP endpoint may have a lot of associations on them and walking the list is fairly inefficient. Instead, use a hashed lookup, and filter out the hash list based on the endopoing we already have. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Fix a potential race between timers and receive path.Vlad Yasevich2007-11-071-0/+4
| | | | | | | | | | | | | | There is a possible race condition where the timer code will free the association and the next packet in the queue will also attempt to free the same association. The example is, when we receive an ABORT at about the same time as the retransmission timer fires. If the timer wins the race, it will free the association. Once it releases the lock, the queue processing will recieve the ABORT and will try to free the association again. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Allow ADD_IP to work with AUTH for backward compatibility.Vlad Yasevich2007-11-074-3/+19
| | | | | | | | | | This patch adds a tunable that will allow ADD_IP to work without AUTH for backward compatibility. The default value is off since the default value for ADD_IP is off as well. People who need to use ADD-IP with older implementations take risks of connection hijacking and should consider upgrading or turning this tunable on. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Correctly disable ADD-IP when AUTH is not supported.Vlad Yasevich2007-11-072-3/+4
| | | | Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Update RCU handling during the ADD-IP caseVlad Yasevich2007-11-073-12/+9
| | | | | | | | | | After learning more about rcu, it looks like the ADD-IP hadling doesn't need to call call_rcu_bh. All the rcu critical sections use rcu_read_lock, so using call_rcu_bh is wrong here. Now, restore the local_bh_disable() code blocks and use normal call_rcu() calls. Also restore the missing return statement. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP: Fix difference cases of retransmit.Vlad Yasevich2007-11-074-20/+30
| | | | | | | | | | | | | | | | | | | | | Commit d0ce92910bc04e107b2f3f2048f07e94f570035d broke several retransmit cases including fast retransmit. The reason is that we should only delay by rto while doing retranmists as a result of a timeout. Retransmit as a result of path mtu discover, fast retransmit, or other evernts that should trigger immidiate retransmissions got broken. Also, since rto is doubled prior to marking of packets elegable for retransmission, we never marked correct chunks anyway. The fix is provide a reason for a given retransmission so that we can mark chunks appropriately and to save the old rto value to do comparisons against. All regressions tests passed with this code. Spotted by Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP : Fix to process bundled ASCONF chunk correctlyWei Yongjun2007-11-071-2/+6
| | | | | | | | | | | | | | If ASCONF chunk is bundled with other chunks as the first chunk, when process the ASCONF parameters, full packet data will be process as the parameters of the ASCONF chunk, not only the real parameters. So if you send a ASCONF chunk bundled with other chunks, you will get an unexpect result. This problem also exists when ASCONF-ACK chunk is bundled with other chunks. This patch fix this problem. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* SCTP : Fix bad formatted comment in outqueue.cWei Yongjun2007-11-071-1/+2
| | | | | | | Just fix the bad format of the comment in outqueue.c. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
* [SCTP]: Use the {DEFINE|REF}_PROTO_INUSE infrastructureEric Dumazet2007-11-071-0/+6
| | | | | | | | | | | Trivial patch to make "sctcp,sctpv6" protocols uses the fast "inuse sockets" infrastructure Each protocol use then a static percpu var, instead of a dynamic one. This saves some ram and some cpu cycles Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NET]: Forget the zero_it argument of sk_alloc()Pavel Emelyanov2007-11-012-2/+3
| | | | | | | | | | | | | | | Finally, the zero_it argument can be completely removed from the callers and from the function prototype. Besides, fix the checkpatch.pl warnings about using the assignments inside if-s. This patch is rather big, and it is a part of the previous one. I splitted it wishing to make the patches more readable. Hope this particular split helped. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* SCTP endianness annotations regressionAl Viro2007-10-291-2/+2
| | | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* [CRYPTO] users: Fix up scatterlist conversion errorsHerbert Xu2007-10-272-6/+3
| | | | | | | | | This patch fixes the errors made in the users of the crypto layer during the sg_init_table conversion. It also adds a few conversions that were missing altogether. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP] net/sctp/auth.c: make 3 functions staticAdrian Bunk2007-10-261-3/+3
| | | | | | | | This patch makes three needlessly global functions static. Signed-off-by: Adrian Bunk <bunk@kernel.org> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: #if 0 sctp_update_copy_cksum()Adrian Bunk2007-10-261-0/+2
| | | | | | | | sctp_update_copy_cksum() is no longer used. Signed-off-by: Adrian Bunk <bunk@kernel.org> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge branch 'master' of ↵Linus Torvalds2007-10-251-24/+10
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 * 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: [IPV4]: Explicitly call fib_get_table() in fib_frontend.c [NET]: Use BUILD_BUG_ON in net/core/flowi.c [NET]: Remove in-code externs for some functions from net/core/dev.c [NET]: Don't declare extern variables in net/core/sysctl_net_core.c [TCP]: Remove unneeded implicit type cast when calling tcp_minshall_update() [NET]: Treat the sign of the result of skb_headroom() consistently [9P]: Fix missing unlock before return in p9_mux_poll_start [PKT_SCHED]: Fix sch_prio.c build with CONFIG_NETDEVICES_MULTIQUEUE [IPV4] ip_gre: sendto/recvfrom NBMA address [SCTP]: Consolidate sctp_ulpq_renege_xxx functions [NETLINK]: Fix ACK processing after netlink_dump_start [VLAN]: MAINTAINERS update [DCCP]: Implement SIOCINQ/FIONREAD [NET]: Validate device addr prior to interface-up
| * [SCTP]: Consolidate sctp_ulpq_renege_xxx functionsPavel Emelyanov2007-10-231-24/+10
| | | | | | | | | | | | | | | | Both are equal, except for the list to be traversed. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | SG: Change sg_set_page() to take length and offset argumentJens Axboe2007-10-242-9/+3
|/ | | | | | | | | | Most drivers need to set length and offset as well, so may as well fold those three lines into one. Add sg_assign_page() for those two locations that only needed to set the page, where the offset/length is set outside of the function context. Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
* Fix sctp compileChristian Borntraeger2007-10-231-1/+1
| | | | | | | | | | | | | | sctp fails to compile with net/sctp/sm_make_chunk.c: In function 'sctp_pack_cookie': net/sctp/sm_make_chunk.c:1516: error: implicit declaration of function 'sg_init_table' net/sctp/sm_make_chunk.c:1517: error: implicit declaration of function 'sg_set_page' use the proper include file. SCTP maintainers Vlad Yasevich and Sridhar Samudrala are CCed. Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
* Update net/ to use sg helpersJens Axboe2007-10-222-3/+6
| | | | Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
* Remove "unsafe" from module structRusty Russell2007-10-171-1/+0
| | | | | | | | | | | | | | | | | | | | Adrian Bunk points out that "unsafe" was used to mark modules touched by the deprecated MOD_INC_USE_COUNT interface, which has long gone. It's time to remove the member from the module structure, as well. If you want a module which can't unload, don't register an exit function. (Vlad Yasevich says SCTP is now safe to unload, so just remove the __unsafe there). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Acked-by: Shannon Nelson <shannon.nelson@intel.com> Acked-by: Dan Williams <dan.j.williams@intel.com> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Cc: Sridhar Samudrala <sri@us.ibm.com> Cc: Adrian Bunk <bunk@stusta.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* [IPV6]: Replace sk_buff ** with sk_buff * in input handlersHerbert Xu2007-10-151-2/+2
| | | | | | | | | With all the users of the double pointers removed from the IPv6 input path, this patch converts all occurances of sk_buff ** to sk_buff * in IPv6 input handlers. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* fix breakage in sctp getsockoptAl Viro2007-10-141-4/+6
| | | | | | | copy_to_user() into on-stack array Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* [INET]: local port range robustnessStephen Hemminger2007-10-101-5/+6
| | | | | | | | | | | | | | | Expansion of original idea from Denis V. Lunev <den@openvz.org> Add robustness and locking to the local_port_range sysctl. 1. Enforce that low < high when setting. 2. Use seqlock to ensure atomic update. The locking might seem like overkill, but there are cases where sysadmin might want to change value in the middle of a DoS attack. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: port randomizationStephen Hemminger2007-10-102-19/+5
| | | | | | | | | | | Add port randomization rather than a simple fixed rover for use with SCTP. This makes it act similar to TCP, UDP, DCCP when allocating ports. No longer need port_alloc_lock as well (suggestion by Brian Haley). Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Tie ADD-IP and AUTH functionality as required by spec.Vlad Yasevich2007-10-101-1/+12
| | | | | | | | | ADD-IP spec requires AUTH. It is, in fact, dangerous without AUTH. So, disable ADD-IP functionality if the peer claims to support ADD-IP, but not AUTH. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: API updates to suport SCTP-AUTH extensions.Vlad Yasevich2007-10-104-0/+547
| | | | | | | | | | Add SCTP-AUTH API. The API implemented here was agreed to between implementors at the 9th SCTP Interop. It will be documented in the next revision of the SCTP socket API spec. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Implement the receive and verification of AUTH chunkVlad Yasevich2007-10-106-12/+362
| | | | | | | | | This patch implements the receive path needed to process authenticated chunks. Add ability to process the AUTH chunk and handle edge cases for authenticated COOKIE-ECHO as well. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Enable the sending of the AUTH chunk.Vlad Yasevich2007-10-103-27/+155
| | | | | | | | | | | | | | | | | | | | | SCTP-AUTH, Section 6.2: Endpoints MUST send all requested chunks authenticated where this has been requested by the peer. The other chunks MAY be sent authenticated or not. If endpoint pair shared keys are used, one of them MUST be selected for authentication. To send chunks in an authenticated way, the sender MUST include these chunks after an AUTH chunk. This means that a sender MUST bundle chunks in order to authenticate them. If the endpoint has no endpoint pair shared key for the peer, it MUST use Shared Key Identifier 0 with an empty endpoint pair shared key. If there are multiple endpoint shared keys the sender selects one and uses the corresponding Shared Key Identifier Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Implete SCTP-AUTH parameter processingVlad Yasevich2007-10-104-4/+219
| | | | | | | | | | | | Implement processing for the CHUNKS, RANDOM, and HMAC parameters and deal with how this parameters are effected by association restarts. In particular, during unexpeted INIT processing, we need to reply with parameters from the original INIT chunk. Also, after restart, we need to update the old association with new peer parameters and change the association shared keys. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Implement SCTP-AUTH initializations.Vlad Yasevich2007-10-105-0/+133
| | | | | | | | The patch initializes AUTH related members of the generic SCTP structures and provides a way to enable/disable auth extension. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Implement SCTP-AUTH internalsVlad Yasevich2007-10-103-1/+749
| | | | | | | | | This patch implements the internals operations of the AUTH, such as key computation and storage. It also adds necessary variables to the SCTP data structures. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Move sysctl_sctp_[rw]mem definitions to protocol.cVlad Yasevich2007-10-102-11/+6
| | | | | | | | | The sctp_[rw]mem definitions should really be in protocol.c since that is where they are initialized. This also allows one to build a kernel without sysctl support. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>