aboutsummaryrefslogtreecommitdiff
path: root/net/sctp
AgeCommit message (Collapse)Author
2007-12-07[SCTP]: Fix the bind_addr info during migration.Vlad Yasevich
During accept/migrate the code attempts to copy the addresses from the parent endpoint to the new endpoint. However, if the parent was bound to a wildcard address, then we end up pointlessly copying all of the current addresses on the system. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-12-07[SCTP]: Add bind hash locking to the migrate codeVlad Yasevich
SCTP accept code tries to add a newliy created socket to a bind bucket without holding a lock. On a really busy system, that can causes slab corruptions. Add a lock around this code. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-11-29SCTP: Fix build issues with SCTP AUTH.Vlad Yasevich
SCTP-AUTH requires selection of CRYPTO, HMAC and SHA1 since SHA1 is a MUST requirement for AUTH. We also support SHA256, but that's optional, so fix the code to treat it as such. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-29SCTP: Fix chunk acceptance when no authenticated chunks were listed.Vlad Yasevich
In the case where no autheticated chunks were specified, we were still trying to verify that a given chunk needs authentication and doing so incorrectly. Add a check for parameter length to make sure we don't try to use an empty auth_chunks parameter to verify against. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-29SCTP: Fix the supported extensions paramterVlad Yasevich
Supported extensions parameter was not coded right and ended up over-writing memory or causing skb overflows. First, remove the FWD_TSN support from as it shouldn't be there and also fix the paramter encoding. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-29SCTP: Fix SCTP-AUTH to correctly add HMACS paramter.Vlad Yasevich
There was a typo that cleared the HMACS parameters when no authenticated chunks were specified. We whould be clearing the chunks pointer instead of the hmacs. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-29SCTP: Fix the number of HB transmissions.Vlad Yasevich
Our treatment of Heartbeats is special in that the inital HB chunk counts against the error count for the association, where as for other chunks, only retransmissions or timeouts count against us. As a result, we had an off-by-1 situation with a number of Heartbeats we could send. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-19[SCTP]: Add missing "space"Joe Perches
Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-11-12Fix memory leak in discard case of sctp_sf_abort_violation()Jesper Juhl
In net/sctp/sm_statefuns.c::sctp_sf_abort_violation() we may leak the storage allocated for 'abort' by returning from the function without using or freeing it. This happens in case "sctp_auth_recv_cid(SCTP_CID_ABORT, asoc)" is true and we jump to the 'discard' label. Spotted by the Coverity checker. The simple fix is to simply move the creation of the "abort chunk" to after the possible jump to the 'discard' label. This way we don't even have to allocate the memory at all in the problem case. Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-09SCTP: Always flush the queue when uncorcking.Vlad Yasevich
When the code calls uncork, trigger a queue flush, even if the queue was not corked. Most callers that explicitely cork the queue will have additinal checks to see if they corked it. Callers who do not cork the queue expect packets to flow when they call uncork. The scneario that showcased this bug happend when we were not able to bundle DATA with outgoing COOKIE-ECHO. As a result the data just sat in the outqueue and did not get transmitted. The application expected a response, but nothing happened. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-09SCTP: Fix PR-SCTP to deliver all the accumulated ordered chunksVlad Yasevich
There is a small bug when we process a FWD-TSN. We'll deliver anything upto the current next expected SSN. However, if the next expected is already in the queue, it will take another chunk to trigger its delivery. The fix is to simply check the current queued SSN is the next expected one. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-09SCTP: Make sctp_verify_param return multiple indications.Vlad Yasevich
SCTP-AUTH and future ADD-IP updates have a requirement to do additional verification of parameters and an ability to ABORT the association if verification fails. So, introduce additional return code so that we can clear signal a required action. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-09SCTP: Convert custom hash lists to use hlist.Vlad Yasevich
Convert the custom hash list traversals to use hlist functions. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-09SCTP: Use hashed lookup when looking for an association.Vlad Yasevich
A SCTP endpoint may have a lot of associations on them and walking the list is fairly inefficient. Instead, use a hashed lookup, and filter out the hash list based on the endopoing we already have. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-07SCTP: Fix a potential race between timers and receive path.Vlad Yasevich
There is a possible race condition where the timer code will free the association and the next packet in the queue will also attempt to free the same association. The example is, when we receive an ABORT at about the same time as the retransmission timer fires. If the timer wins the race, it will free the association. Once it releases the lock, the queue processing will recieve the ABORT and will try to free the association again. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-07SCTP: Allow ADD_IP to work with AUTH for backward compatibility.Vlad Yasevich
This patch adds a tunable that will allow ADD_IP to work without AUTH for backward compatibility. The default value is off since the default value for ADD_IP is off as well. People who need to use ADD-IP with older implementations take risks of connection hijacking and should consider upgrading or turning this tunable on. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-07SCTP: Correctly disable ADD-IP when AUTH is not supported.Vlad Yasevich
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-07SCTP: Update RCU handling during the ADD-IP caseVlad Yasevich
After learning more about rcu, it looks like the ADD-IP hadling doesn't need to call call_rcu_bh. All the rcu critical sections use rcu_read_lock, so using call_rcu_bh is wrong here. Now, restore the local_bh_disable() code blocks and use normal call_rcu() calls. Also restore the missing return statement. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-07SCTP: Fix difference cases of retransmit.Vlad Yasevich
Commit d0ce92910bc04e107b2f3f2048f07e94f570035d broke several retransmit cases including fast retransmit. The reason is that we should only delay by rto while doing retranmists as a result of a timeout. Retransmit as a result of path mtu discover, fast retransmit, or other evernts that should trigger immidiate retransmissions got broken. Also, since rto is doubled prior to marking of packets elegable for retransmission, we never marked correct chunks anyway. The fix is provide a reason for a given retransmission so that we can mark chunks appropriately and to save the old rto value to do comparisons against. All regressions tests passed with this code. Spotted by Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-07SCTP : Fix to process bundled ASCONF chunk correctlyWei Yongjun
If ASCONF chunk is bundled with other chunks as the first chunk, when process the ASCONF parameters, full packet data will be process as the parameters of the ASCONF chunk, not only the real parameters. So if you send a ASCONF chunk bundled with other chunks, you will get an unexpect result. This problem also exists when ASCONF-ACK chunk is bundled with other chunks. This patch fix this problem. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-07SCTP : Fix bad formatted comment in outqueue.cWei Yongjun
Just fix the bad format of the comment in outqueue.c. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-11-07[SCTP]: Use the {DEFINE|REF}_PROTO_INUSE infrastructureEric Dumazet
Trivial patch to make "sctcp,sctpv6" protocols uses the fast "inuse sockets" infrastructure Each protocol use then a static percpu var, instead of a dynamic one. This saves some ram and some cpu cycles Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-11-01[NET]: Forget the zero_it argument of sk_alloc()Pavel Emelyanov
Finally, the zero_it argument can be completely removed from the callers and from the function prototype. Besides, fix the checkpatch.pl warnings about using the assignments inside if-s. This patch is rather big, and it is a part of the previous one. I splitted it wishing to make the patches more readable. Hope this particular split helped. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-29SCTP endianness annotations regressionAl Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-27[CRYPTO] users: Fix up scatterlist conversion errorsHerbert Xu
This patch fixes the errors made in the users of the crypto layer during the sg_init_table conversion. It also adds a few conversions that were missing altogether. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-26[SCTP] net/sctp/auth.c: make 3 functions staticAdrian Bunk
This patch makes three needlessly global functions static. Signed-off-by: Adrian Bunk <bunk@kernel.org> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-26[SCTP]: #if 0 sctp_update_copy_cksum()Adrian Bunk
sctp_update_copy_cksum() is no longer used. Signed-off-by: Adrian Bunk <bunk@kernel.org> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-25Merge branch 'master' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 * 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: [IPV4]: Explicitly call fib_get_table() in fib_frontend.c [NET]: Use BUILD_BUG_ON in net/core/flowi.c [NET]: Remove in-code externs for some functions from net/core/dev.c [NET]: Don't declare extern variables in net/core/sysctl_net_core.c [TCP]: Remove unneeded implicit type cast when calling tcp_minshall_update() [NET]: Treat the sign of the result of skb_headroom() consistently [9P]: Fix missing unlock before return in p9_mux_poll_start [PKT_SCHED]: Fix sch_prio.c build with CONFIG_NETDEVICES_MULTIQUEUE [IPV4] ip_gre: sendto/recvfrom NBMA address [SCTP]: Consolidate sctp_ulpq_renege_xxx functions [NETLINK]: Fix ACK processing after netlink_dump_start [VLAN]: MAINTAINERS update [DCCP]: Implement SIOCINQ/FIONREAD [NET]: Validate device addr prior to interface-up
2007-10-24SG: Change sg_set_page() to take length and offset argumentJens Axboe
Most drivers need to set length and offset as well, so may as well fold those three lines into one. Add sg_assign_page() for those two locations that only needed to set the page, where the offset/length is set outside of the function context. Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2007-10-23[SCTP]: Consolidate sctp_ulpq_renege_xxx functionsPavel Emelyanov
Both are equal, except for the list to be traversed. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-23Fix sctp compileChristian Borntraeger
sctp fails to compile with net/sctp/sm_make_chunk.c: In function 'sctp_pack_cookie': net/sctp/sm_make_chunk.c:1516: error: implicit declaration of function 'sg_init_table' net/sctp/sm_make_chunk.c:1517: error: implicit declaration of function 'sg_set_page' use the proper include file. SCTP maintainers Vlad Yasevich and Sridhar Samudrala are CCed. Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2007-10-22Update net/ to use sg helpersJens Axboe
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2007-10-17Remove "unsafe" from module structRusty Russell
Adrian Bunk points out that "unsafe" was used to mark modules touched by the deprecated MOD_INC_USE_COUNT interface, which has long gone. It's time to remove the member from the module structure, as well. If you want a module which can't unload, don't register an exit function. (Vlad Yasevich says SCTP is now safe to unload, so just remove the __unsafe there). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Acked-by: Shannon Nelson <shannon.nelson@intel.com> Acked-by: Dan Williams <dan.j.williams@intel.com> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Cc: Sridhar Samudrala <sri@us.ibm.com> Cc: Adrian Bunk <bunk@stusta.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-15[IPV6]: Replace sk_buff ** with sk_buff * in input handlersHerbert Xu
With all the users of the double pointers removed from the IPv6 input path, this patch converts all occurances of sk_buff ** to sk_buff * in IPv6 input handlers. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-14fix breakage in sctp getsockoptAl Viro
copy_to_user() into on-stack array Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-10[INET]: local port range robustnessStephen Hemminger
Expansion of original idea from Denis V. Lunev <den@openvz.org> Add robustness and locking to the local_port_range sysctl. 1. Enforce that low < high when setting. 2. Use seqlock to ensure atomic update. The locking might seem like overkill, but there are cases where sysadmin might want to change value in the middle of a DoS attack. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP]: port randomizationStephen Hemminger
Add port randomization rather than a simple fixed rover for use with SCTP. This makes it act similar to TCP, UDP, DCCP when allocating ports. No longer need port_alloc_lock as well (suggestion by Brian Haley). Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP]: Tie ADD-IP and AUTH functionality as required by spec.Vlad Yasevich
ADD-IP spec requires AUTH. It is, in fact, dangerous without AUTH. So, disable ADD-IP functionality if the peer claims to support ADD-IP, but not AUTH. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP]: API updates to suport SCTP-AUTH extensions.Vlad Yasevich
Add SCTP-AUTH API. The API implemented here was agreed to between implementors at the 9th SCTP Interop. It will be documented in the next revision of the SCTP socket API spec. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP]: Implement the receive and verification of AUTH chunkVlad Yasevich
This patch implements the receive path needed to process authenticated chunks. Add ability to process the AUTH chunk and handle edge cases for authenticated COOKIE-ECHO as well. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP]: Enable the sending of the AUTH chunk.Vlad Yasevich
SCTP-AUTH, Section 6.2: Endpoints MUST send all requested chunks authenticated where this has been requested by the peer. The other chunks MAY be sent authenticated or not. If endpoint pair shared keys are used, one of them MUST be selected for authentication. To send chunks in an authenticated way, the sender MUST include these chunks after an AUTH chunk. This means that a sender MUST bundle chunks in order to authenticate them. If the endpoint has no endpoint pair shared key for the peer, it MUST use Shared Key Identifier 0 with an empty endpoint pair shared key. If there are multiple endpoint shared keys the sender selects one and uses the corresponding Shared Key Identifier Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP]: Implete SCTP-AUTH parameter processingVlad Yasevich
Implement processing for the CHUNKS, RANDOM, and HMAC parameters and deal with how this parameters are effected by association restarts. In particular, during unexpeted INIT processing, we need to reply with parameters from the original INIT chunk. Also, after restart, we need to update the old association with new peer parameters and change the association shared keys. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP]: Implement SCTP-AUTH initializations.Vlad Yasevich
The patch initializes AUTH related members of the generic SCTP structures and provides a way to enable/disable auth extension. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP]: Implement SCTP-AUTH internalsVlad Yasevich
This patch implements the internals operations of the AUTH, such as key computation and storage. It also adds necessary variables to the SCTP data structures. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP]: Move sysctl_sctp_[rw]mem definitions to protocol.cVlad Yasevich
The sctp_[rw]mem definitions should really be in protocol.c since that is where they are initialized. This also allows one to build a kernel without sysctl support. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP]: Implement the Supported Extensions ParameterVlad Yasevich
SCTP Supported Extenions parameter is specified in Section 4.2.7 of the ADD-IP draft (soon to be RFC). The parameter is encoded as: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Parameter Type = 0x8008 | Parameter Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CHUNK TYPE 1 | CHUNK TYPE 2 | CHUNK TYPE 3 | CHUNK TYPE 4 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | .... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CHUNK TYPE N | PAD | PAD | PAD | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ It contains a list of chunks that a particular SCTP extension uses. Current extensions supported are Partial Reliability (FWD-TSN) and ADD-IP (ASCONF and ASCONF-ACK). When implementing new extensions (AUTH, PKT-DROP, etc..), new chunks need to be added to this parameter. Parameter processing would be modified to negotiate support for these new features. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP] net/sctp/socket.c: make 3 variables staticAdrian Bunk
This patch makes the following needlessly global variables static: - sctp_memory_pressure - sctp_memory_allocated - sctp_sockets_allocated Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[SCTP]: Make sctp_addto_param() static.Adrian Bunk
sctp_addto_param() can become static. Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[NET]: Make the device list and device lookups per namespace.Eric W. Biederman
This patch makes most of the generic device layer network namespace safe. This patch makes dev_base_head a network namespace variable, and then it picks up a few associated variables. The functions: dev_getbyhwaddr dev_getfirsthwbytype dev_get_by_flags dev_get_by_name __dev_get_by_name dev_get_by_index __dev_get_by_index dev_ioctl dev_ethtool dev_load wireless_process_ioctl were modified to take a network namespace argument, and deal with it. vlan_ioctl_set and brioctl_set were modified so their hooks will receive a network namespace argument. So basically anthing in the core of the network stack that was affected to by the change of dev_base was modified to handle multiple network namespaces. The rest of the network stack was simply modified to explicitly use &init_net the initial network namespace. This can be fixed when those components of the network stack are modified to handle multiple network namespaces. For now the ifindex generator is left global. Fundametally ifindex numbers are per namespace, or else we will have corner case problems with migration when we get that far. At the same time there are assumptions in the network stack that the ifindex of a network device won't change. Making the ifindex number global seems a good compromise until the network stack can cope with ifindex changes when you change namespaces, and the like. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10[NET]: Make socket creation namespace safe.Eric W. Biederman
This patch passes in the namespace a new socket should be created in and has the socket code do the appropriate reference counting. By virtue of this all socket create methods are touched. In addition the socket create methods are modified so that they will fail if you attempt to create a socket in a non-default network namespace. Failing if we attempt to create a socket outside of the default network namespace ensures that as we incrementally make the network stack network namespace aware we will not export functionality that someone has not audited and made certain is network namespace safe. Allowing us to partially enable network namespaces before all of the exotic protocols are supported. Any protocol layers I have missed will fail to compile because I now pass an extra parameter into the socket creation code. [ Integrated AF_IUCV build fixes from Andrew Morton... -DaveM ] Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>