1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* SCTP kernel implementation
3 * (C) Copyright IBM Corp. 2001, 2004
4 * Copyright (c) 1999-2000 Cisco, Inc.
5 * Copyright (c) 1999-2001 Motorola, Inc.
6 * Copyright (c) 2001 Intel Corp.
7 *
8 * This file is part of the SCTP kernel implementation
9 *
10 * This file contains sctp stream maniuplation primitives and helpers.
11 *
12 * Please send any bug reports or fixes you make to the
13 * email address(es):
14 * lksctp developers <linux-sctp@vger.kernel.org>
15 *
16 * Written or modified by:
17 * Xin Long <lucien.xin@gmail.com>
18 */
19
20 #include <linux/list.h>
21 #include <net/sctp/sctp.h>
22 #include <net/sctp/sm.h>
23 #include <net/sctp/stream_sched.h>
24
sctp_stream_shrink_out(struct sctp_stream * stream,__u16 outcnt)25 static void sctp_stream_shrink_out(struct sctp_stream *stream, __u16 outcnt)
26 {
27 struct sctp_association *asoc;
28 struct sctp_chunk *ch, *temp;
29 struct sctp_outq *outq;
30
31 asoc = container_of(stream, struct sctp_association, stream);
32 outq = &asoc->outqueue;
33
34 list_for_each_entry_safe(ch, temp, &outq->out_chunk_list, list) {
35 __u16 sid = sctp_chunk_stream_no(ch);
36
37 if (sid < outcnt)
38 continue;
39
40 sctp_sched_dequeue_common(outq, ch);
41 /* No need to call dequeue_done here because
42 * the chunks are not scheduled by now.
43 */
44
45 /* Mark as failed send. */
46 sctp_chunk_fail(ch, (__force __u32)SCTP_ERROR_INV_STRM);
47 if (asoc->peer.prsctp_capable &&
48 SCTP_PR_PRIO_ENABLED(ch->sinfo.sinfo_flags))
49 asoc->sent_cnt_removable--;
50
51 sctp_chunk_free(ch);
52 }
53 }
54
55 /* Migrates chunks from stream queues to new stream queues if needed,
56 * but not across associations. Also, removes those chunks to streams
57 * higher than the new max.
58 */
sctp_stream_outq_migrate(struct sctp_stream * stream,struct sctp_stream * new,__u16 outcnt)59 static void sctp_stream_outq_migrate(struct sctp_stream *stream,
60 struct sctp_stream *new, __u16 outcnt)
61 {
62 int i;
63
64 if (stream->outcnt > outcnt)
65 sctp_stream_shrink_out(stream, outcnt);
66
67 if (new) {
68 /* Here we actually move the old ext stuff into the new
69 * buffer, because we want to keep it. Then
70 * sctp_stream_update will swap ->out pointers.
71 */
72 for (i = 0; i < outcnt; i++) {
73 kfree(SCTP_SO(new, i)->ext);
74 SCTP_SO(new, i)->ext = SCTP_SO(stream, i)->ext;
75 SCTP_SO(stream, i)->ext = NULL;
76 }
77 }
78
79 for (i = outcnt; i < stream->outcnt; i++) {
80 kfree(SCTP_SO(stream, i)->ext);
81 SCTP_SO(stream, i)->ext = NULL;
82 }
83 }
84
sctp_stream_alloc_out(struct sctp_stream * stream,__u16 outcnt,gfp_t gfp)85 static int sctp_stream_alloc_out(struct sctp_stream *stream, __u16 outcnt,
86 gfp_t gfp)
87 {
88 int ret;
89
90 if (outcnt <= stream->outcnt)
91 goto out;
92
93 ret = genradix_prealloc(&stream->out, outcnt, gfp);
94 if (ret)
95 return ret;
96
97 out:
98 stream->outcnt = outcnt;
99 return 0;
100 }
101
sctp_stream_alloc_in(struct sctp_stream * stream,__u16 incnt,gfp_t gfp)102 static int sctp_stream_alloc_in(struct sctp_stream *stream, __u16 incnt,
103 gfp_t gfp)
104 {
105 int ret;
106
107 if (incnt <= stream->incnt)
108 goto out;
109
110 ret = genradix_prealloc(&stream->in, incnt, gfp);
111 if (ret)
112 return ret;
113
114 out:
115 stream->incnt = incnt;
116 return 0;
117 }
118
sctp_stream_init(struct sctp_stream * stream,__u16 outcnt,__u16 incnt,gfp_t gfp)119 int sctp_stream_init(struct sctp_stream *stream, __u16 outcnt, __u16 incnt,
120 gfp_t gfp)
121 {
122 struct sctp_sched_ops *sched = sctp_sched_ops_from_stream(stream);
123 int i, ret = 0;
124
125 gfp |= __GFP_NOWARN;
126
127 /* Initial stream->out size may be very big, so free it and alloc
128 * a new one with new outcnt to save memory if needed.
129 */
130 if (outcnt == stream->outcnt)
131 goto handle_in;
132
133 /* Filter out chunks queued on streams that won't exist anymore */
134 sched->unsched_all(stream);
135 sctp_stream_outq_migrate(stream, NULL, outcnt);
136 sched->sched_all(stream);
137
138 ret = sctp_stream_alloc_out(stream, outcnt, gfp);
139 if (ret)
140 return ret;
141
142 for (i = 0; i < stream->outcnt; i++)
143 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
144
145 handle_in:
146 sctp_stream_interleave_init(stream);
147 if (!incnt)
148 return 0;
149
150 return sctp_stream_alloc_in(stream, incnt, gfp);
151 }
152
sctp_stream_init_ext(struct sctp_stream * stream,__u16 sid)153 int sctp_stream_init_ext(struct sctp_stream *stream, __u16 sid)
154 {
155 struct sctp_stream_out_ext *soute;
156 int ret;
157
158 soute = kzalloc(sizeof(*soute), GFP_KERNEL);
159 if (!soute)
160 return -ENOMEM;
161 SCTP_SO(stream, sid)->ext = soute;
162
163 ret = sctp_sched_init_sid(stream, sid, GFP_KERNEL);
164 if (ret) {
165 kfree(SCTP_SO(stream, sid)->ext);
166 SCTP_SO(stream, sid)->ext = NULL;
167 }
168
169 return ret;
170 }
171
sctp_stream_free(struct sctp_stream * stream)172 void sctp_stream_free(struct sctp_stream *stream)
173 {
174 struct sctp_sched_ops *sched = sctp_sched_ops_from_stream(stream);
175 int i;
176
177 sched->free(stream);
178 for (i = 0; i < stream->outcnt; i++)
179 kfree(SCTP_SO(stream, i)->ext);
180 genradix_free(&stream->out);
181 genradix_free(&stream->in);
182 }
183
sctp_stream_clear(struct sctp_stream * stream)184 void sctp_stream_clear(struct sctp_stream *stream)
185 {
186 int i;
187
188 for (i = 0; i < stream->outcnt; i++) {
189 SCTP_SO(stream, i)->mid = 0;
190 SCTP_SO(stream, i)->mid_uo = 0;
191 }
192
193 for (i = 0; i < stream->incnt; i++)
194 SCTP_SI(stream, i)->mid = 0;
195 }
196
sctp_stream_update(struct sctp_stream * stream,struct sctp_stream * new)197 void sctp_stream_update(struct sctp_stream *stream, struct sctp_stream *new)
198 {
199 struct sctp_sched_ops *sched = sctp_sched_ops_from_stream(stream);
200
201 sched->unsched_all(stream);
202 sctp_stream_outq_migrate(stream, new, new->outcnt);
203 sctp_stream_free(stream);
204
205 stream->out = new->out;
206 stream->in = new->in;
207 stream->outcnt = new->outcnt;
208 stream->incnt = new->incnt;
209
210 sched->sched_all(stream);
211
212 new->out.tree.root = NULL;
213 new->in.tree.root = NULL;
214 new->outcnt = 0;
215 new->incnt = 0;
216 }
217
sctp_send_reconf(struct sctp_association * asoc,struct sctp_chunk * chunk)218 static int sctp_send_reconf(struct sctp_association *asoc,
219 struct sctp_chunk *chunk)
220 {
221 int retval = 0;
222
223 retval = sctp_primitive_RECONF(asoc->base.net, asoc, chunk);
224 if (retval)
225 sctp_chunk_free(chunk);
226
227 return retval;
228 }
229
sctp_stream_outq_is_empty(struct sctp_stream * stream,__u16 str_nums,__be16 * str_list)230 static bool sctp_stream_outq_is_empty(struct sctp_stream *stream,
231 __u16 str_nums, __be16 *str_list)
232 {
233 struct sctp_association *asoc;
234 __u16 i;
235
236 asoc = container_of(stream, struct sctp_association, stream);
237 if (!asoc->outqueue.out_qlen)
238 return true;
239
240 if (!str_nums)
241 return false;
242
243 for (i = 0; i < str_nums; i++) {
244 __u16 sid = ntohs(str_list[i]);
245
246 if (SCTP_SO(stream, sid)->ext &&
247 !list_empty(&SCTP_SO(stream, sid)->ext->outq))
248 return false;
249 }
250
251 return true;
252 }
253
sctp_send_reset_streams(struct sctp_association * asoc,struct sctp_reset_streams * params)254 int sctp_send_reset_streams(struct sctp_association *asoc,
255 struct sctp_reset_streams *params)
256 {
257 struct sctp_stream *stream = &asoc->stream;
258 __u16 i, str_nums, *str_list;
259 struct sctp_chunk *chunk;
260 int retval = -EINVAL;
261 __be16 *nstr_list;
262 bool out, in;
263
264 if (!asoc->peer.reconf_capable ||
265 !(asoc->strreset_enable & SCTP_ENABLE_RESET_STREAM_REQ)) {
266 retval = -ENOPROTOOPT;
267 goto out;
268 }
269
270 if (asoc->strreset_outstanding) {
271 retval = -EINPROGRESS;
272 goto out;
273 }
274
275 out = params->srs_flags & SCTP_STREAM_RESET_OUTGOING;
276 in = params->srs_flags & SCTP_STREAM_RESET_INCOMING;
277 if (!out && !in)
278 goto out;
279
280 str_nums = params->srs_number_streams;
281 str_list = params->srs_stream_list;
282 if (str_nums) {
283 int param_len = 0;
284
285 if (out) {
286 for (i = 0; i < str_nums; i++)
287 if (str_list[i] >= stream->outcnt)
288 goto out;
289
290 param_len = str_nums * sizeof(__u16) +
291 sizeof(struct sctp_strreset_outreq);
292 }
293
294 if (in) {
295 for (i = 0; i < str_nums; i++)
296 if (str_list[i] >= stream->incnt)
297 goto out;
298
299 param_len += str_nums * sizeof(__u16) +
300 sizeof(struct sctp_strreset_inreq);
301 }
302
303 if (param_len > SCTP_MAX_CHUNK_LEN -
304 sizeof(struct sctp_reconf_chunk))
305 goto out;
306 }
307
308 nstr_list = kcalloc(str_nums, sizeof(__be16), GFP_KERNEL);
309 if (!nstr_list) {
310 retval = -ENOMEM;
311 goto out;
312 }
313
314 for (i = 0; i < str_nums; i++)
315 nstr_list[i] = htons(str_list[i]);
316
317 if (out && !sctp_stream_outq_is_empty(stream, str_nums, nstr_list)) {
318 kfree(nstr_list);
319 retval = -EAGAIN;
320 goto out;
321 }
322
323 chunk = sctp_make_strreset_req(asoc, str_nums, nstr_list, out, in);
324
325 kfree(nstr_list);
326
327 if (!chunk) {
328 retval = -ENOMEM;
329 goto out;
330 }
331
332 if (out) {
333 if (str_nums)
334 for (i = 0; i < str_nums; i++)
335 SCTP_SO(stream, str_list[i])->state =
336 SCTP_STREAM_CLOSED;
337 else
338 for (i = 0; i < stream->outcnt; i++)
339 SCTP_SO(stream, i)->state = SCTP_STREAM_CLOSED;
340 }
341
342 asoc->strreset_chunk = chunk;
343 sctp_chunk_hold(asoc->strreset_chunk);
344
345 retval = sctp_send_reconf(asoc, chunk);
346 if (retval) {
347 sctp_chunk_put(asoc->strreset_chunk);
348 asoc->strreset_chunk = NULL;
349 if (!out)
350 goto out;
351
352 if (str_nums)
353 for (i = 0; i < str_nums; i++)
354 SCTP_SO(stream, str_list[i])->state =
355 SCTP_STREAM_OPEN;
356 else
357 for (i = 0; i < stream->outcnt; i++)
358 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
359
360 goto out;
361 }
362
363 asoc->strreset_outstanding = out + in;
364
365 out:
366 return retval;
367 }
368
sctp_send_reset_assoc(struct sctp_association * asoc)369 int sctp_send_reset_assoc(struct sctp_association *asoc)
370 {
371 struct sctp_stream *stream = &asoc->stream;
372 struct sctp_chunk *chunk = NULL;
373 int retval;
374 __u16 i;
375
376 if (!asoc->peer.reconf_capable ||
377 !(asoc->strreset_enable & SCTP_ENABLE_RESET_ASSOC_REQ))
378 return -ENOPROTOOPT;
379
380 if (asoc->strreset_outstanding)
381 return -EINPROGRESS;
382
383 if (!sctp_outq_is_empty(&asoc->outqueue))
384 return -EAGAIN;
385
386 chunk = sctp_make_strreset_tsnreq(asoc);
387 if (!chunk)
388 return -ENOMEM;
389
390 /* Block further xmit of data until this request is completed */
391 for (i = 0; i < stream->outcnt; i++)
392 SCTP_SO(stream, i)->state = SCTP_STREAM_CLOSED;
393
394 asoc->strreset_chunk = chunk;
395 sctp_chunk_hold(asoc->strreset_chunk);
396
397 retval = sctp_send_reconf(asoc, chunk);
398 if (retval) {
399 sctp_chunk_put(asoc->strreset_chunk);
400 asoc->strreset_chunk = NULL;
401
402 for (i = 0; i < stream->outcnt; i++)
403 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
404
405 return retval;
406 }
407
408 asoc->strreset_outstanding = 1;
409
410 return 0;
411 }
412
sctp_send_add_streams(struct sctp_association * asoc,struct sctp_add_streams * params)413 int sctp_send_add_streams(struct sctp_association *asoc,
414 struct sctp_add_streams *params)
415 {
416 struct sctp_stream *stream = &asoc->stream;
417 struct sctp_chunk *chunk = NULL;
418 int retval;
419 __u32 outcnt, incnt;
420 __u16 out, in;
421
422 if (!asoc->peer.reconf_capable ||
423 !(asoc->strreset_enable & SCTP_ENABLE_CHANGE_ASSOC_REQ)) {
424 retval = -ENOPROTOOPT;
425 goto out;
426 }
427
428 if (asoc->strreset_outstanding) {
429 retval = -EINPROGRESS;
430 goto out;
431 }
432
433 out = params->sas_outstrms;
434 in = params->sas_instrms;
435 outcnt = stream->outcnt + out;
436 incnt = stream->incnt + in;
437 if (outcnt > SCTP_MAX_STREAM || incnt > SCTP_MAX_STREAM ||
438 (!out && !in)) {
439 retval = -EINVAL;
440 goto out;
441 }
442
443 if (out) {
444 retval = sctp_stream_alloc_out(stream, outcnt, GFP_KERNEL);
445 if (retval)
446 goto out;
447 }
448
449 chunk = sctp_make_strreset_addstrm(asoc, out, in);
450 if (!chunk) {
451 retval = -ENOMEM;
452 goto out;
453 }
454
455 asoc->strreset_chunk = chunk;
456 sctp_chunk_hold(asoc->strreset_chunk);
457
458 retval = sctp_send_reconf(asoc, chunk);
459 if (retval) {
460 sctp_chunk_put(asoc->strreset_chunk);
461 asoc->strreset_chunk = NULL;
462 goto out;
463 }
464
465 asoc->strreset_outstanding = !!out + !!in;
466
467 out:
468 return retval;
469 }
470
sctp_chunk_lookup_strreset_param(struct sctp_association * asoc,__be32 resp_seq,__be16 type)471 static struct sctp_paramhdr *sctp_chunk_lookup_strreset_param(
472 struct sctp_association *asoc, __be32 resp_seq,
473 __be16 type)
474 {
475 struct sctp_chunk *chunk = asoc->strreset_chunk;
476 struct sctp_reconf_chunk *hdr;
477 union sctp_params param;
478
479 if (!chunk)
480 return NULL;
481
482 hdr = (struct sctp_reconf_chunk *)chunk->chunk_hdr;
483 sctp_walk_params(param, hdr, params) {
484 /* sctp_strreset_tsnreq is actually the basic structure
485 * of all stream reconf params, so it's safe to use it
486 * to access request_seq.
487 */
488 struct sctp_strreset_tsnreq *req = param.v;
489
490 if ((!resp_seq || req->request_seq == resp_seq) &&
491 (!type || type == req->param_hdr.type))
492 return param.v;
493 }
494
495 return NULL;
496 }
497
sctp_update_strreset_result(struct sctp_association * asoc,__u32 result)498 static void sctp_update_strreset_result(struct sctp_association *asoc,
499 __u32 result)
500 {
501 asoc->strreset_result[1] = asoc->strreset_result[0];
502 asoc->strreset_result[0] = result;
503 }
504
sctp_process_strreset_outreq(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)505 struct sctp_chunk *sctp_process_strreset_outreq(
506 struct sctp_association *asoc,
507 union sctp_params param,
508 struct sctp_ulpevent **evp)
509 {
510 struct sctp_strreset_outreq *outreq = param.v;
511 struct sctp_stream *stream = &asoc->stream;
512 __u32 result = SCTP_STRRESET_DENIED;
513 __be16 *str_p = NULL;
514 __u32 request_seq;
515 __u16 i, nums;
516
517 request_seq = ntohl(outreq->request_seq);
518
519 if (ntohl(outreq->send_reset_at_tsn) >
520 sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map)) {
521 result = SCTP_STRRESET_IN_PROGRESS;
522 goto err;
523 }
524
525 if (TSN_lt(asoc->strreset_inseq, request_seq) ||
526 TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
527 result = SCTP_STRRESET_ERR_BAD_SEQNO;
528 goto err;
529 } else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
530 i = asoc->strreset_inseq - request_seq - 1;
531 result = asoc->strreset_result[i];
532 goto err;
533 }
534 asoc->strreset_inseq++;
535
536 /* Check strreset_enable after inseq inc, as sender cannot tell
537 * the peer doesn't enable strreset after receiving response with
538 * result denied, as well as to keep consistent with bsd.
539 */
540 if (!(asoc->strreset_enable & SCTP_ENABLE_RESET_STREAM_REQ))
541 goto out;
542
543 nums = (ntohs(param.p->length) - sizeof(*outreq)) / sizeof(__u16);
544 str_p = outreq->list_of_streams;
545 for (i = 0; i < nums; i++) {
546 if (ntohs(str_p[i]) >= stream->incnt) {
547 result = SCTP_STRRESET_ERR_WRONG_SSN;
548 goto out;
549 }
550 }
551
552 if (asoc->strreset_chunk) {
553 if (!sctp_chunk_lookup_strreset_param(
554 asoc, outreq->response_seq,
555 SCTP_PARAM_RESET_IN_REQUEST)) {
556 /* same process with outstanding isn't 0 */
557 result = SCTP_STRRESET_ERR_IN_PROGRESS;
558 goto out;
559 }
560
561 asoc->strreset_outstanding--;
562 asoc->strreset_outseq++;
563
564 if (!asoc->strreset_outstanding) {
565 struct sctp_transport *t;
566
567 t = asoc->strreset_chunk->transport;
568 if (del_timer(&t->reconf_timer))
569 sctp_transport_put(t);
570
571 sctp_chunk_put(asoc->strreset_chunk);
572 asoc->strreset_chunk = NULL;
573 }
574 }
575
576 if (nums)
577 for (i = 0; i < nums; i++)
578 SCTP_SI(stream, ntohs(str_p[i]))->mid = 0;
579 else
580 for (i = 0; i < stream->incnt; i++)
581 SCTP_SI(stream, i)->mid = 0;
582
583 result = SCTP_STRRESET_PERFORMED;
584
585 *evp = sctp_ulpevent_make_stream_reset_event(asoc,
586 SCTP_STREAM_RESET_INCOMING_SSN, nums, str_p, GFP_ATOMIC);
587
588 out:
589 sctp_update_strreset_result(asoc, result);
590 err:
591 return sctp_make_strreset_resp(asoc, result, request_seq);
592 }
593
sctp_process_strreset_inreq(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)594 struct sctp_chunk *sctp_process_strreset_inreq(
595 struct sctp_association *asoc,
596 union sctp_params param,
597 struct sctp_ulpevent **evp)
598 {
599 struct sctp_strreset_inreq *inreq = param.v;
600 struct sctp_stream *stream = &asoc->stream;
601 __u32 result = SCTP_STRRESET_DENIED;
602 struct sctp_chunk *chunk = NULL;
603 __u32 request_seq;
604 __u16 i, nums;
605 __be16 *str_p;
606
607 request_seq = ntohl(inreq->request_seq);
608 if (TSN_lt(asoc->strreset_inseq, request_seq) ||
609 TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
610 result = SCTP_STRRESET_ERR_BAD_SEQNO;
611 goto err;
612 } else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
613 i = asoc->strreset_inseq - request_seq - 1;
614 result = asoc->strreset_result[i];
615 if (result == SCTP_STRRESET_PERFORMED)
616 return NULL;
617 goto err;
618 }
619 asoc->strreset_inseq++;
620
621 if (!(asoc->strreset_enable & SCTP_ENABLE_RESET_STREAM_REQ))
622 goto out;
623
624 if (asoc->strreset_outstanding) {
625 result = SCTP_STRRESET_ERR_IN_PROGRESS;
626 goto out;
627 }
628
629 nums = (ntohs(param.p->length) - sizeof(*inreq)) / sizeof(__u16);
630 str_p = inreq->list_of_streams;
631 for (i = 0; i < nums; i++) {
632 if (ntohs(str_p[i]) >= stream->outcnt) {
633 result = SCTP_STRRESET_ERR_WRONG_SSN;
634 goto out;
635 }
636 }
637
638 if (!sctp_stream_outq_is_empty(stream, nums, str_p)) {
639 result = SCTP_STRRESET_IN_PROGRESS;
640 asoc->strreset_inseq--;
641 goto err;
642 }
643
644 chunk = sctp_make_strreset_req(asoc, nums, str_p, 1, 0);
645 if (!chunk)
646 goto out;
647
648 if (nums)
649 for (i = 0; i < nums; i++)
650 SCTP_SO(stream, ntohs(str_p[i]))->state =
651 SCTP_STREAM_CLOSED;
652 else
653 for (i = 0; i < stream->outcnt; i++)
654 SCTP_SO(stream, i)->state = SCTP_STREAM_CLOSED;
655
656 asoc->strreset_chunk = chunk;
657 asoc->strreset_outstanding = 1;
658 sctp_chunk_hold(asoc->strreset_chunk);
659
660 result = SCTP_STRRESET_PERFORMED;
661
662 out:
663 sctp_update_strreset_result(asoc, result);
664 err:
665 if (!chunk)
666 chunk = sctp_make_strreset_resp(asoc, result, request_seq);
667
668 return chunk;
669 }
670
sctp_process_strreset_tsnreq(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)671 struct sctp_chunk *sctp_process_strreset_tsnreq(
672 struct sctp_association *asoc,
673 union sctp_params param,
674 struct sctp_ulpevent **evp)
675 {
676 __u32 init_tsn = 0, next_tsn = 0, max_tsn_seen;
677 struct sctp_strreset_tsnreq *tsnreq = param.v;
678 struct sctp_stream *stream = &asoc->stream;
679 __u32 result = SCTP_STRRESET_DENIED;
680 __u32 request_seq;
681 __u16 i;
682
683 request_seq = ntohl(tsnreq->request_seq);
684 if (TSN_lt(asoc->strreset_inseq, request_seq) ||
685 TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
686 result = SCTP_STRRESET_ERR_BAD_SEQNO;
687 goto err;
688 } else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
689 i = asoc->strreset_inseq - request_seq - 1;
690 result = asoc->strreset_result[i];
691 if (result == SCTP_STRRESET_PERFORMED) {
692 next_tsn = asoc->ctsn_ack_point + 1;
693 init_tsn =
694 sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map) + 1;
695 }
696 goto err;
697 }
698
699 if (!sctp_outq_is_empty(&asoc->outqueue)) {
700 result = SCTP_STRRESET_IN_PROGRESS;
701 goto err;
702 }
703
704 asoc->strreset_inseq++;
705
706 if (!(asoc->strreset_enable & SCTP_ENABLE_RESET_ASSOC_REQ))
707 goto out;
708
709 if (asoc->strreset_outstanding) {
710 result = SCTP_STRRESET_ERR_IN_PROGRESS;
711 goto out;
712 }
713
714 /* G4: The same processing as though a FWD-TSN chunk (as defined in
715 * [RFC3758]) with all streams affected and a new cumulative TSN
716 * ACK of the Receiver's Next TSN minus 1 were received MUST be
717 * performed.
718 */
719 max_tsn_seen = sctp_tsnmap_get_max_tsn_seen(&asoc->peer.tsn_map);
720 asoc->stream.si->report_ftsn(&asoc->ulpq, max_tsn_seen);
721
722 /* G1: Compute an appropriate value for the Receiver's Next TSN -- the
723 * TSN that the peer should use to send the next DATA chunk. The
724 * value SHOULD be the smallest TSN not acknowledged by the
725 * receiver of the request plus 2^31.
726 */
727 init_tsn = sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map) + (1 << 31);
728 sctp_tsnmap_init(&asoc->peer.tsn_map, SCTP_TSN_MAP_INITIAL,
729 init_tsn, GFP_ATOMIC);
730
731 /* G3: The same processing as though a SACK chunk with no gap report
732 * and a cumulative TSN ACK of the Sender's Next TSN minus 1 were
733 * received MUST be performed.
734 */
735 sctp_outq_free(&asoc->outqueue);
736
737 /* G2: Compute an appropriate value for the local endpoint's next TSN,
738 * i.e., the next TSN assigned by the receiver of the SSN/TSN reset
739 * chunk. The value SHOULD be the highest TSN sent by the receiver
740 * of the request plus 1.
741 */
742 next_tsn = asoc->next_tsn;
743 asoc->ctsn_ack_point = next_tsn - 1;
744 asoc->adv_peer_ack_point = asoc->ctsn_ack_point;
745
746 /* G5: The next expected and outgoing SSNs MUST be reset to 0 for all
747 * incoming and outgoing streams.
748 */
749 for (i = 0; i < stream->outcnt; i++) {
750 SCTP_SO(stream, i)->mid = 0;
751 SCTP_SO(stream, i)->mid_uo = 0;
752 }
753 for (i = 0; i < stream->incnt; i++)
754 SCTP_SI(stream, i)->mid = 0;
755
756 result = SCTP_STRRESET_PERFORMED;
757
758 *evp = sctp_ulpevent_make_assoc_reset_event(asoc, 0, init_tsn,
759 next_tsn, GFP_ATOMIC);
760
761 out:
762 sctp_update_strreset_result(asoc, result);
763 err:
764 return sctp_make_strreset_tsnresp(asoc, result, request_seq,
765 next_tsn, init_tsn);
766 }
767
sctp_process_strreset_addstrm_out(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)768 struct sctp_chunk *sctp_process_strreset_addstrm_out(
769 struct sctp_association *asoc,
770 union sctp_params param,
771 struct sctp_ulpevent **evp)
772 {
773 struct sctp_strreset_addstrm *addstrm = param.v;
774 struct sctp_stream *stream = &asoc->stream;
775 __u32 result = SCTP_STRRESET_DENIED;
776 __u32 request_seq, incnt;
777 __u16 in, i;
778
779 request_seq = ntohl(addstrm->request_seq);
780 if (TSN_lt(asoc->strreset_inseq, request_seq) ||
781 TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
782 result = SCTP_STRRESET_ERR_BAD_SEQNO;
783 goto err;
784 } else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
785 i = asoc->strreset_inseq - request_seq - 1;
786 result = asoc->strreset_result[i];
787 goto err;
788 }
789 asoc->strreset_inseq++;
790
791 if (!(asoc->strreset_enable & SCTP_ENABLE_CHANGE_ASSOC_REQ))
792 goto out;
793
794 in = ntohs(addstrm->number_of_streams);
795 incnt = stream->incnt + in;
796 if (!in || incnt > SCTP_MAX_STREAM)
797 goto out;
798
799 if (sctp_stream_alloc_in(stream, incnt, GFP_ATOMIC))
800 goto out;
801
802 if (asoc->strreset_chunk) {
803 if (!sctp_chunk_lookup_strreset_param(
804 asoc, 0, SCTP_PARAM_RESET_ADD_IN_STREAMS)) {
805 /* same process with outstanding isn't 0 */
806 result = SCTP_STRRESET_ERR_IN_PROGRESS;
807 goto out;
808 }
809
810 asoc->strreset_outstanding--;
811 asoc->strreset_outseq++;
812
813 if (!asoc->strreset_outstanding) {
814 struct sctp_transport *t;
815
816 t = asoc->strreset_chunk->transport;
817 if (del_timer(&t->reconf_timer))
818 sctp_transport_put(t);
819
820 sctp_chunk_put(asoc->strreset_chunk);
821 asoc->strreset_chunk = NULL;
822 }
823 }
824
825 stream->incnt = incnt;
826
827 result = SCTP_STRRESET_PERFORMED;
828
829 *evp = sctp_ulpevent_make_stream_change_event(asoc,
830 0, ntohs(addstrm->number_of_streams), 0, GFP_ATOMIC);
831
832 out:
833 sctp_update_strreset_result(asoc, result);
834 err:
835 return sctp_make_strreset_resp(asoc, result, request_seq);
836 }
837
sctp_process_strreset_addstrm_in(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)838 struct sctp_chunk *sctp_process_strreset_addstrm_in(
839 struct sctp_association *asoc,
840 union sctp_params param,
841 struct sctp_ulpevent **evp)
842 {
843 struct sctp_strreset_addstrm *addstrm = param.v;
844 struct sctp_stream *stream = &asoc->stream;
845 __u32 result = SCTP_STRRESET_DENIED;
846 struct sctp_chunk *chunk = NULL;
847 __u32 request_seq, outcnt;
848 __u16 out, i;
849 int ret;
850
851 request_seq = ntohl(addstrm->request_seq);
852 if (TSN_lt(asoc->strreset_inseq, request_seq) ||
853 TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
854 result = SCTP_STRRESET_ERR_BAD_SEQNO;
855 goto err;
856 } else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
857 i = asoc->strreset_inseq - request_seq - 1;
858 result = asoc->strreset_result[i];
859 if (result == SCTP_STRRESET_PERFORMED)
860 return NULL;
861 goto err;
862 }
863 asoc->strreset_inseq++;
864
865 if (!(asoc->strreset_enable & SCTP_ENABLE_CHANGE_ASSOC_REQ))
866 goto out;
867
868 if (asoc->strreset_outstanding) {
869 result = SCTP_STRRESET_ERR_IN_PROGRESS;
870 goto out;
871 }
872
873 out = ntohs(addstrm->number_of_streams);
874 outcnt = stream->outcnt + out;
875 if (!out || outcnt > SCTP_MAX_STREAM)
876 goto out;
877
878 ret = sctp_stream_alloc_out(stream, outcnt, GFP_ATOMIC);
879 if (ret)
880 goto out;
881
882 chunk = sctp_make_strreset_addstrm(asoc, out, 0);
883 if (!chunk)
884 goto out;
885
886 asoc->strreset_chunk = chunk;
887 asoc->strreset_outstanding = 1;
888 sctp_chunk_hold(asoc->strreset_chunk);
889
890 stream->outcnt = outcnt;
891
892 result = SCTP_STRRESET_PERFORMED;
893
894 out:
895 sctp_update_strreset_result(asoc, result);
896 err:
897 if (!chunk)
898 chunk = sctp_make_strreset_resp(asoc, result, request_seq);
899
900 return chunk;
901 }
902
sctp_process_strreset_resp(struct sctp_association * asoc,union sctp_params param,struct sctp_ulpevent ** evp)903 struct sctp_chunk *sctp_process_strreset_resp(
904 struct sctp_association *asoc,
905 union sctp_params param,
906 struct sctp_ulpevent **evp)
907 {
908 struct sctp_stream *stream = &asoc->stream;
909 struct sctp_strreset_resp *resp = param.v;
910 struct sctp_transport *t;
911 __u16 i, nums, flags = 0;
912 struct sctp_paramhdr *req;
913 __u32 result;
914
915 req = sctp_chunk_lookup_strreset_param(asoc, resp->response_seq, 0);
916 if (!req)
917 return NULL;
918
919 result = ntohl(resp->result);
920 if (result != SCTP_STRRESET_PERFORMED) {
921 /* if in progress, do nothing but retransmit */
922 if (result == SCTP_STRRESET_IN_PROGRESS)
923 return NULL;
924 else if (result == SCTP_STRRESET_DENIED)
925 flags = SCTP_STREAM_RESET_DENIED;
926 else
927 flags = SCTP_STREAM_RESET_FAILED;
928 }
929
930 if (req->type == SCTP_PARAM_RESET_OUT_REQUEST) {
931 struct sctp_strreset_outreq *outreq;
932 __be16 *str_p;
933
934 outreq = (struct sctp_strreset_outreq *)req;
935 str_p = outreq->list_of_streams;
936 nums = (ntohs(outreq->param_hdr.length) - sizeof(*outreq)) /
937 sizeof(__u16);
938
939 if (result == SCTP_STRRESET_PERFORMED) {
940 struct sctp_stream_out *sout;
941 if (nums) {
942 for (i = 0; i < nums; i++) {
943 sout = SCTP_SO(stream, ntohs(str_p[i]));
944 sout->mid = 0;
945 sout->mid_uo = 0;
946 }
947 } else {
948 for (i = 0; i < stream->outcnt; i++) {
949 sout = SCTP_SO(stream, i);
950 sout->mid = 0;
951 sout->mid_uo = 0;
952 }
953 }
954 }
955
956 flags |= SCTP_STREAM_RESET_OUTGOING_SSN;
957
958 for (i = 0; i < stream->outcnt; i++)
959 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
960
961 *evp = sctp_ulpevent_make_stream_reset_event(asoc, flags,
962 nums, str_p, GFP_ATOMIC);
963 } else if (req->type == SCTP_PARAM_RESET_IN_REQUEST) {
964 struct sctp_strreset_inreq *inreq;
965 __be16 *str_p;
966
967 /* if the result is performed, it's impossible for inreq */
968 if (result == SCTP_STRRESET_PERFORMED)
969 return NULL;
970
971 inreq = (struct sctp_strreset_inreq *)req;
972 str_p = inreq->list_of_streams;
973 nums = (ntohs(inreq->param_hdr.length) - sizeof(*inreq)) /
974 sizeof(__u16);
975
976 flags |= SCTP_STREAM_RESET_INCOMING_SSN;
977
978 *evp = sctp_ulpevent_make_stream_reset_event(asoc, flags,
979 nums, str_p, GFP_ATOMIC);
980 } else if (req->type == SCTP_PARAM_RESET_TSN_REQUEST) {
981 struct sctp_strreset_resptsn *resptsn;
982 __u32 stsn, rtsn;
983
984 /* check for resptsn, as sctp_verify_reconf didn't do it*/
985 if (ntohs(param.p->length) != sizeof(*resptsn))
986 return NULL;
987
988 resptsn = (struct sctp_strreset_resptsn *)resp;
989 stsn = ntohl(resptsn->senders_next_tsn);
990 rtsn = ntohl(resptsn->receivers_next_tsn);
991
992 if (result == SCTP_STRRESET_PERFORMED) {
993 __u32 mtsn = sctp_tsnmap_get_max_tsn_seen(
994 &asoc->peer.tsn_map);
995 LIST_HEAD(temp);
996
997 asoc->stream.si->report_ftsn(&asoc->ulpq, mtsn);
998
999 sctp_tsnmap_init(&asoc->peer.tsn_map,
1000 SCTP_TSN_MAP_INITIAL,
1001 stsn, GFP_ATOMIC);
1002
1003 /* Clean up sacked and abandoned queues only. As the
1004 * out_chunk_list may not be empty, splice it to temp,
1005 * then get it back after sctp_outq_free is done.
1006 */
1007 list_splice_init(&asoc->outqueue.out_chunk_list, &temp);
1008 sctp_outq_free(&asoc->outqueue);
1009 list_splice_init(&temp, &asoc->outqueue.out_chunk_list);
1010
1011 asoc->next_tsn = rtsn;
1012 asoc->ctsn_ack_point = asoc->next_tsn - 1;
1013 asoc->adv_peer_ack_point = asoc->ctsn_ack_point;
1014
1015 for (i = 0; i < stream->outcnt; i++) {
1016 SCTP_SO(stream, i)->mid = 0;
1017 SCTP_SO(stream, i)->mid_uo = 0;
1018 }
1019 for (i = 0; i < stream->incnt; i++)
1020 SCTP_SI(stream, i)->mid = 0;
1021 }
1022
1023 for (i = 0; i < stream->outcnt; i++)
1024 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
1025
1026 *evp = sctp_ulpevent_make_assoc_reset_event(asoc, flags,
1027 stsn, rtsn, GFP_ATOMIC);
1028 } else if (req->type == SCTP_PARAM_RESET_ADD_OUT_STREAMS) {
1029 struct sctp_strreset_addstrm *addstrm;
1030 __u16 number;
1031
1032 addstrm = (struct sctp_strreset_addstrm *)req;
1033 nums = ntohs(addstrm->number_of_streams);
1034 number = stream->outcnt - nums;
1035
1036 if (result == SCTP_STRRESET_PERFORMED) {
1037 for (i = number; i < stream->outcnt; i++)
1038 SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
1039 } else {
1040 sctp_stream_shrink_out(stream, number);
1041 stream->outcnt = number;
1042 }
1043
1044 *evp = sctp_ulpevent_make_stream_change_event(asoc, flags,
1045 0, nums, GFP_ATOMIC);
1046 } else if (req->type == SCTP_PARAM_RESET_ADD_IN_STREAMS) {
1047 struct sctp_strreset_addstrm *addstrm;
1048
1049 /* if the result is performed, it's impossible for addstrm in
1050 * request.
1051 */
1052 if (result == SCTP_STRRESET_PERFORMED)
1053 return NULL;
1054
1055 addstrm = (struct sctp_strreset_addstrm *)req;
1056 nums = ntohs(addstrm->number_of_streams);
1057
1058 *evp = sctp_ulpevent_make_stream_change_event(asoc, flags,
1059 nums, 0, GFP_ATOMIC);
1060 }
1061
1062 asoc->strreset_outstanding--;
1063 asoc->strreset_outseq++;
1064
1065 /* remove everything for this reconf request */
1066 if (!asoc->strreset_outstanding) {
1067 t = asoc->strreset_chunk->transport;
1068 if (del_timer(&t->reconf_timer))
1069 sctp_transport_put(t);
1070
1071 sctp_chunk_put(asoc->strreset_chunk);
1072 asoc->strreset_chunk = NULL;
1073 }
1074
1075 return NULL;
1076 }
1077