13 Apr, 2008
4 commits
-
All IP addresses that are present in a system are duplicated on
struct sctp_sockaddr_entry. They are linked in the global list
called sctp_local_addr_list. And this struct unions IPv4 and IPv6
addresses.So, there can be rare case, when a sockaddr_in.sin_addr coincides
with the corresponding part of the sockaddr_in6 and the notifier
for IPv4 will carry away an IPv6 entry.The fix is to check the family before comparing the addresses.
Signed-off-by: Pavel Emelyanov
Signed-off-by: Vlad Yasevich
Signed-off-by: David S. Miller -
Fix 3 warnings about discarding const qualifiers:
net/sctp/ulpevent.c:862: warning: passing argument 1 of 'sctp_event2skb' discards qualifiers from pointer target type
net/sctp/sm_statefuns.c:4393: warning: passing argument 1 of 'SCTP_ASOC' discards qualifiers from pointer target type
net/sctp/socket.c:5874: warning: passing argument 1 of 'cmsg_nxthdr' discards qualifiers from pointer target typeSigned-off-by: Vlad Yasevich
Signed-off-by: David S. Miller -
When receiving an error length INIT-ACK during COOKIE-WAIT,
a 0-vtag ABORT will be responsed. This action violates the
protocol apparently. This patch achieves the following things.
1 If the INIT-ACK contains all the fixed parameters, use init-tag
recorded from INIT-ACK as vtag.
2 If the INIT-ACK doesn't contain all the fixed parameters,
just reflect its vtag.Signed-off-by: Gui Jianfeng
Signed-off-by: Vlad Yasevich
Signed-off-by: David S. Miller -
RFC 4890 has the following text:
The HMAC algorithm based on SHA-1 MUST be supported and
included in the HMAC-ALGO parameter.As a result, we need to check in sctp_verify_param() that HMAC_SHA1 is
present in the list. If not, we should probably treat this as a
protocol violation.It should also be a protocol violation if the HMAC parameter is empty.
Signed-off-by: Wei Yongjun
Signed-off-by: Vlad Yasevich
Signed-off-by: David S. Miller
21 Mar, 2008
1 commit
-
There is a race is SCTP between the loading of the module
and the access by the socket layer to the protocol functions.
In particular, a list of addresss that SCTP maintains is
not initialized prior to the registration with the protosw.
Thus it is possible for a user application to gain access
to SCTP functions before everything has been initialized.
The problem shows up as odd crashes during connection
initializtion when we try to access the SCTP address list.The solution is to refactor how we do registration and
initialize the lists prior to registering with the protosw.
Care must be taken since the address list initialization
depends on some other pieces of SCTP initialization. Also
the clean-up in case of failure now also needs to be refactored.Signed-off-by: Vlad Yasevich
Acked-by: Sridhar Samudrala
Signed-off-by: David S. Miller
18 Mar, 2008
2 commits
-
Signed-off-by: Al Viro
Signed-off-by: David S. Miller -
Signed-off-by: Al Viro
Signed-off-by: David S. Miller
12 Mar, 2008
1 commit
-
Since the lists are circular, we need to explicitely tag
the address to be deleted since we might end up freeing
the list head instead. This fixes some interesting SCTP
crashes.Signed-off-by: Chidambar 'ilLogict' Zinnoury
Signed-off-by: Vlad Yasevich
Signed-off-by: David S. Miller
06 Mar, 2008
2 commits
-
Brings max_burst socket option set/get into line with the latest ietf
socket extensions api draft, while maintaining backwards
compatibility.Signed-off-by: Neil Horman
Signed-off-by: Vlad Yasevich
Signed-off-by: David S. Miller -
If an address family is not listed in "Supported Address Types"
parameter(INIT Chunk), but the packet is sent by that family, this
address family should be considered as supported by peer. Otherwise,
an error condition will occur. For instance, if kernel receives an
IPV6 SCTP INIT chunk with "Support Address Types" parameter which
indicates just supporting IPV4 Address family. Kernel will reply an
IPV6 SCTP INIT ACK packet, but the source ipv6 address in ipv6 header
will be vacant. This is not correct.refer to RFC4460 as following:
IMPLEMENTATION NOTE: If an SCTP endpoint lists in the 'Supported
Address Types' parameter either IPv4 or IPv6, but uses the other
family for sending the packet containing the INIT chunk, or if it
also lists addresses of the other family in the INIT chunk, then
the address family that is not listed in the 'Supported Address
Types' parameter SHOULD also be considered as supported by the
receiver of the INIT chunk. The receiver of the INIT chunk SHOULD
NOT respond with any kind of error indication.Here is a fix to comply to RFC.
Signed-off-by: Gui Jianfeng
Acked-by: Vlad Yasevich
Signed-off-by: David S. Miller
01 Mar, 2008
1 commit
-
In addition to commit 160f17 ("[SCTP]: Use proc_create() to setup
->proc_fops first") use proc_create in two more places.Signed-off-by: Pavel Emelyanov
Signed-off-by: David S. Miller
29 Feb, 2008
4 commits
-
Use proc_create() to make sure that ->proc_fops be setup before gluing
PDE to main tree.Signed-off-by: Wang Chen
Signed-off-by: David S. Miller -
The new SCTP socket api (draft 16) updates the AUTH API structures.
We never exported these since we knew they would change.
Update the rest to match the draft.Signed-off-by: Vlad Yasevich
-
The chunks are stored inside a parameter structure in the kernel
and when we copy them to the user, we need to account for
the parameter header.Signed-off-by: Vlad Yasevich
-
I noticed while looking into some odd behavior in sctp, that the variable
name sctp_pf_inet6_specific was used twice to represent two different
pieces of data (its both a structure name and a pointer to that type of
structure), which is confusing to say the least, and potentially dangerous
depending on the variable scope. This patch cleans that up, and makes the
protocol and address family registration names in SCTP more regular,
increasing readability.Signed-off-by: Neil Horman
Signed-off-by: Vlad Yasevichipv6.c | 12 ++++++------
protocol.c | 12 ++++++------
2 files changed, 12 insertions(+), 12 deletions(-)
28 Feb, 2008
1 commit
-
sctp_assoc_change notification may contain the data from a received
ABORT chunk. Set the length correctly to account for that.Signed-off-by: Vlad Yasevich
20 Feb, 2008
1 commit
-
This counter is currently write-only.
Drawing an analogy with the similar tcp counter, I think
that this one should be pointed by the sockets_allocated
members of sctp_prot and sctpv6_prot.Signed-off-by: Pavel Emelyanov
Acked-by: Vlad Yasevich
Signed-off-by: David S. Miller
10 Feb, 2008
2 commits
-
This makes the code use a good proc API and the text ~50 bytes shorter.
Signed-off-by: Pavel Emelyanov
Acked-by: Vlad Yasevich
Signed-off-by: David S. Miller -
SCPT already depends in INET, so this doesn't create additional
dependencies.Signed-off-by: Pavel Emelyanov
Acked-by: Vlad Yasevich
Signed-off-by: David S. Miller
07 Feb, 2008
4 commits
-
In a few instances, we need to remove the chunk from the transmitted list
prior to freeing it. This is because the free code doesn't do that any
more and so we need to do it manually.Signed-off-by: Vlad Yasevich
-
While recevied ASCONF chunk with serial number less then needed, kernel
will treat this chunk as a retransmitted ASCONF chunk and find cached
ASCONF-ACK chunk used sctp_assoc_lookup_asconf_ack(). But this function
will always return NO-NULL. So response with cached ASCONF-ACKs chunk
will cause kernel panic.
In function sctp_assoc_lookup_asconf_ack(), if the cached ASCONF-ACKs
list asconf_ack_list is empty, or if the serial being requested does not
exists, the function as it currectly stands returns the actuall
list_head asoc->asconf_ack_list, this is not a cache ASCONF-ACK chunk
but a bogus pointer.Signed-off-by: Wei Yongjun
Signed-off-by: Vlad Yasevich -
Thomas Dreibholz has reported that port numbers are not filled
in the results of sctp_getladdrs() when the socket was bound
to an ephemeral port. This is only true, if the address was
not specified either. So, fill in the port number correctly.Signed-off-by: Vlad Yasevich
-
When we recieve a FORWARD_TSN chunk, we need to reap
all the queued fast-forwarded chunks from the ordering queue
However, if we don't have them queued, we need to see if
the next expected one is there as well. If it is, start
deliver from that point instead of waiting for the next
chunk to arrive.Signed-off-by: Vlad Yasevich
05 Feb, 2008
5 commits
-
Signed-off-by: Vlad Yasevich
-
When a user reads a partial notification message, do not
update rwnd since notifications must not be counted towards
receive window.Tested-by: Oliver Roll
Signed-off-by: Vlad Yasevich -
I was notified by Randy Stewart that lksctp claims to be
"the reference implementation". First of all, "the
refrence implementation" was the original implementation
of SCTP in usersapce written ty Randy and a few others.
Second, after looking at the definiton of 'reference implementation',
we don't really meet the requirements.Signed-off-by: Vlad Yasevich
-
If SCTP-AUTH is enabled, received AUTH chunk with BAD shared key
identifier will cause kernel panic.Test as following:
step1: enabled /proc/sys/net/sctp/auth_enable
step 2: connect to SCTP server with auth capable. Association is
established between endpoints. Then send a AUTH chunk with a bad
shareid, SCTP server will kernel panic after received that AUTH chunk.SCTP client SCTP server
INIT ---------->
(with auth capable)
AUTH chunk is like this:
AUTH chunk
Chunk type: AUTH (15)
Chunk flags: 0x00
Chunk length: 28
Shared key identifier: 10
HMAC identifier: SHA-1 (1)
HMAC: 0000000000000000000000000000000000000000The assignment of NULL to key can safely be removed, since key_for_each
(which is just list_for_each_entry under the covers does an initial
assignment to key anyway).If the endpoint_shared_keys list is empty, or if the key_id being
requested does not exist, the function as it currently stands returns
the actuall list_head (in this case endpoint_shared_keys. Since that
list_head isn't surrounded by an actuall data structure, the last
iteration through list_for_each_entry will do a container_of on key, and
we wind up returning a bogus pointer, instead of NULL, as we should.> Neil Horman wrote:
>> On Tue, Jan 22, 2008 at 05:29:20PM +0900, Wei Yongjun wrote:
>>
>> FWIW, Ack from me. The assignment of NULL to key can safely be
>> removed, since
>> key_for_each (which is just list_for_each_entry under the covers does
>> an initial
>> assignment to key anyway).
>> If the endpoint_shared_keys list is empty, or if the key_id being
>> requested does
>> not exist, the function as it currently stands returns the actuall
>> list_head (in
>> this case endpoint_shared_keys. Since that list_head isn't
>> surrounded by an
>> actuall data structure, the last iteration through
>> list_for_each_entry will do a
>> container_of on key, and we wind up returning a bogus pointer,
>> instead of NULL,
>> as we should. Wei's patch corrects that.
>>
>> Regards
>> Neil
>>
>> Acked-by: Neil Horman
>>
>
> Yep, the patch is correct.
>
> Acked-by: Vlad Yasevich
>
> -vlad
>Signed-off-by: Wei Yongjun
Acked-by: Neil Horman
Acked-by: Vlad Yasevich
Signed-off-by: David S. Miller -
If STCP is started while /proc/sys/net/sctp/auth_enable is set 0 and
association is established between endpoints. Then if
/proc/sys/net/sctp/auth_enable is set 1, a received AUTH chunk will
cause kernel panic.Test as following:
step 1: echo 0> /proc/sys/net/sctp/auth_enable
step 2:SCTP client SCTP server
INIT --------->
/proc/sys/net/sctp/auth_enable
step 4:
SCTP client SCTP server
AUTH -----------> Kernel PanicThis patch fix this probleam to treat AUTH chunk as unknow chunk if peer
has initialized with no auth capable.> Sorry for the delay. Was on vacation without net access.
>
> Wei Yongjun wrote:
>>
>>
>> This patch fix this probleam to treat AUTH chunk as unknow chunk if
>> peer has initialized with no auth capable.
>>
>> Signed-off-by: Wei Yongjun
>
> Acked-by: Vlad Yasevich
>
>>Signed-off-by: Wei Yongjun
Acked-by: Vlad Yasevich
Signed-off-by: David S. Miller
03 Feb, 2008
1 commit
-
Signed-off-by: Oliver Pinter
Signed-off-by: Adrian Bunk
01 Feb, 2008
1 commit
-
This patch fix miss of check for report unrecognized HMAC Algorithm
parameter. When AUTH is disabled, goto fall through path to report
unrecognized parameter, else, just breakSigned-off-by: Wei Yongjun
Acked-by: Neil Horman
Acked-by: Vlad Yasevich
Signed-off-by: David S. Miller
29 Jan, 2008
10 commits
-
Needed to propagate it down to the ip_route_output_flow.
Signed-off-by: Denis V. Lunev
Signed-off-by: David S. Miller -
When parameter validation fails, there should be error causes that
specify what type of failure we've encountered. If the causes are not
there, we lacked memory to allocated them. Thus make that the default
value for the error.Signed-off-by: Vlad Yasevich
Signed-off-by: David S. Miller -
Reported by Andrew Morton.
net/sctp/sm_statefuns.c: In function 'sctp_sf_do_5_1C_ack':
net/sctp/sm_statefuns.c:484: warning: 'error' may be used uninitialized in this functionSigned-off-by: David S. Miller
-
When a new address is added, we must check if the new address does not
already exists. This patch makes this check to be aware of a network
namespace, so the check will look if the address already exists for
the specified network namespace. While the addresses are browsed, the
addresses which do not belong to the namespace are discarded.Signed-off-by: Daniel Lezcano
Signed-off-by: Benjamin Thery
Signed-off-by: David S. Miller -
The patch extends the inet_addr_type and inet_dev_addr_type with the
network namespace pointer. That allows to access the different tables
relatively to the network namespace.The modification of the signature function is reported in all the
callers of the inet_addr_type using the pointer to the well known
init_net.Acked-by: Benjamin Thery
Acked-by: Daniel Lezcano
Signed-off-by: Eric W. Biederman
Signed-off-by: David S. Miller -
This patch includes many places, that only required
replacing the ctl_table-s with appropriate ctl_paths
and call register_sysctl_paths().Nothing special was done with them.
Signed-off-by: Pavel Emelyanov
Signed-off-by: David S. Miller -
This patch introduces new memory accounting functions for each network
protocol. Most of them are renamed from memory accounting functions
for stream protocols. At the same time, some stream memory accounting
functions are removed since other functions do same thing.Renaming:
sk_stream_free_skb() -> sk_wmem_free_skb()
__sk_stream_mem_reclaim() -> __sk_mem_reclaim()
sk_stream_mem_reclaim() -> sk_mem_reclaim()
sk_stream_mem_schedule -> __sk_mem_schedule()
sk_stream_pages() -> sk_mem_pages()
sk_stream_rmem_schedule() -> sk_rmem_schedule()
sk_stream_wmem_schedule() -> sk_wmem_schedule()
sk_charge_skb() -> sk_mem_charge()Removeing
sk_stream_rfree(): consolidates into sock_rfree()
sk_stream_set_owner_r(): consolidates into skb_set_owner_r()
sk_stream_mem_schedule()The following functions are added.
sk_has_account(): check if the protocol supports accounting
sk_mem_uncharge(): do the opposite of sk_mem_charge()In addition, to achieve consolidation, updating sk_wmem_queued is
removed from sk_mem_charge().Next, to consolidate memory accounting functions, this patch adds
memory accounting calls to network core functions. Moreover, present
memory accounting call is renamed to new accounting call.Finally we replace present memory accounting calls with new interface
in TCP and SCTP.Signed-off-by: Takahiro Yasui
Signed-off-by: Hideo Aoki
Signed-off-by: David S. Miller -
The Security Considerations section of RFC 5061 has the following
text:If an SCTP endpoint that supports this extension receives an INIT
that indicates that the peer supports the ASCONF extension but does
NOT support the [RFC4895] extension, the receiver of such an INIT
MUST send an ABORT in response. Note that an implementation is
allowed to silently discard such an INIT as an option as well, but
under NO circumstance is an implementation allowed to proceed with
the association setup by sending an INIT-ACK in response.An implementation that receives an INIT-ACK that indicates that the
peer does not support the [RFC4895] extension MUST NOT send the
COOKIE-ECHO to establish the association. Instead, the
implementation MUST discard the INIT-ACK and report to the upper-
layer user that an association cannot be established destroying the
Transmission Control Block (TCB).Follow the recomendations.
Signed-off-by: Vlad Yasevich
Signed-off-by: David S. Miller -
ADD-IP spec has a special case for processing ABORTs:
F4) ... One special consideration is that ABORT
Chunks arriving destined to the IP address being deleted MUST be
ignored (see Section 5.3.1 for further details).Check if the address we received on is in the DEL state, and if
so, ignore the ABORT.Signed-off-by: Vlad Yasevich
Signed-off-by: David S. Miller -
Signed-off-by: Vlad Yasevich
Signed-off-by: David S. Miller
