Revision tags: v2.6.27-rc6, v2.6.27-rc5, v2.6.27-rc4, v2.6.27-rc3, v2.6.27-rc2, v2.6.27-rc1 |
|
#
c226ef9b |
| 25-Jul-2008 |
Neil Horman <nhorman@tuxdriver.com> |
sctp: reduce memory footprint of sctp_chunk structure
sctp_chunks should be put on a diet. This is some of the low hanging fruit that we can strip out. Changes all the __s8/__u8 flags to bitfields
sctp: reduce memory footprint of sctp_chunk structure
sctp_chunks should be put on a diet. This is some of the low hanging fruit that we can strip out. Changes all the __s8/__u8 flags to bitfields. Saves 12 bytes per chunk.
Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
show more ...
|
#
ba016670 |
| 30-Sep-2008 |
Wei Yongjun <yjwei@cn.fujitsu.com> |
sctp: Fix kernel panic while process protocol violation parameter
Since call to function sctp_sf_abort_violation() need paramter 'arg' with 'struct sctp_chunk' type, it will read the chunk type and
sctp: Fix kernel panic while process protocol violation parameter
Since call to function sctp_sf_abort_violation() need paramter 'arg' with 'struct sctp_chunk' type, it will read the chunk type and chunk length from the chunk_hdr member of chunk. But call to sctp_sf_violation_paramlen() always with 'struct sctp_paramhdr' type's parameter, it will be passed to sctp_sf_abort_violation(). This may cause kernel panic.
sctp_sf_violation_paramlen() |-- sctp_sf_abort_violation() |-- sctp_make_abort_violation()
This patch fixed this problem. This patch also fix two place which called sctp_sf_violation_paramlen() with wrong paramter type.
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
#
add52379 |
| 18-Sep-2008 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH
If INIT-ACK is received with SupportedExtensions parameter which indicates that the peer does not support AUTH, the packet will
sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH
If INIT-ACK is received with SupportedExtensions parameter which indicates that the peer does not support AUTH, the packet will be silently ignore, and sctp_process_init() do cleanup all of the transports in the association. When T1-Init timer is expires, OOPS happen while we try to choose a different init transport.
The solution is to only clean up the non-active transports, i.e the ones that the peer added. However, that introduces a problem with sctp_connectx(), because we don't mark the proper state for the transports provided by the user. So, we'll simply mark user-provided transports as ACTIVE. That will allow INIT retransmissions to work properly in the sctp_connectx() context and prevent the crash.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
#
0ef46e28 |
| 18-Sep-2008 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
sctp: do not enable peer features if we can't do them.
Do not enable peer features like addip and auth, if they are administratively disabled localy. If the peer resports that he supports something
sctp: do not enable peer features if we can't do them.
Do not enable peer features like addip and auth, if they are administratively disabled localy. If the peer resports that he supports something that we don't, neither end can use it so enabling it is pointless. This solves a problem when talking to a peer that has auth and addip enabled while we do not. Found by Andrei Pelinescu-Onciul <andrei@iptel.org>.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
#
7dab83de |
| 19-Jul-2008 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
sctp: Support ipv6only AF_INET6 sockets.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
Revision tags: v2.6.26, v2.6.26-rc9, v2.6.26-rc8, v2.6.26-rc7, v2.6.26-rc6, v2.6.26-rc5, v2.6.26-rc4, v2.6.26-rc3 |
|
#
c1cc678a |
| 14-May-2008 |
Patrick McHardy <kaber@trash.net> |
sctp: Fix use of uninitialized pointer
Introduced by c4492586 (sctp: Add address type check while process paramaters of ASCONF chunk):
net/sctp/sm_make_chunk.c: In function 'sctp_process_asconf': n
sctp: Fix use of uninitialized pointer
Introduced by c4492586 (sctp: Add address type check while process paramaters of ASCONF chunk):
net/sctp/sm_make_chunk.c: In function 'sctp_process_asconf': net/sctp/sm_make_chunk.c:2828: warning: 'addr_param' may be used uninitialized in this function net/sctp/sm_make_chunk.c:2828: note: 'addr_param' was declared here
Signed-off-by: Patrick McHardy <kaber@trash.net> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
Revision tags: v2.6.26-rc2 |
|
#
c4492586 |
| 09-May-2008 |
Wei Yongjun <yjwei@cn.fujitsu.com> |
sctp: Add address type check while process paramaters of ASCONF chunk
If socket is create by AF_INET type, add IPv6 address to asoc will cause kernel panic while packet is transmitted on that transp
sctp: Add address type check while process paramaters of ASCONF chunk
If socket is create by AF_INET type, add IPv6 address to asoc will cause kernel panic while packet is transmitted on that transport.
This patch add address type check before process paramaters of ASCONF chunk. If peer is not support this address type, return with error invald parameter.
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
#
6e40a915 |
| 09-May-2008 |
Wei Yongjun <yjwei@cn.fujitsu.com> |
sctp: Do not enable peer IPv6 address support on PF_INET socket
If socket is create by PF_INET type, it can not used IPv6 address to send/recv DATA, So we can not used IPv6 address even if peer tell
sctp: Do not enable peer IPv6 address support on PF_INET socket
If socket is create by PF_INET type, it can not used IPv6 address to send/recv DATA, So we can not used IPv6 address even if peer tell us it support IPv6 address. This patch fix to only enabled peer IPv6 address support on PF_INET6 socket.
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
Revision tags: v2.6.26-rc1, v2.6.25 |
|
#
9dbc15f0 |
| 12-Apr-2008 |
Robert P. J. Day <rpjday@crashcourse.ca> |
[SCTP]: "list_for_each()" -> "list_for_each_entry()" where appropriate.
Replacing (almost) all invocations of list_for_each() with list_for_each_entry() tightens up the code and allows for the delet
[SCTP]: "list_for_each()" -> "list_for_each_entry()" where appropriate.
Replacing (almost) all invocations of list_for_each() with list_for_each_entry() tightens up the code and allows for the deletion of numerous list iterator variables that are no longer necessary.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
#
72da7b38 |
| 12-Apr-2008 |
Wei Yongjun <yjwei@cn.fujitsu.com> |
[SCTP]: Add check for hmac_algo parameter in sctp_verify_param()
RFC 4890 has the following text:
The HMAC algorithm based on SHA-1 MUST be supported and included in the HMAC-ALGO parameter.
A
[SCTP]: Add check for hmac_algo parameter in sctp_verify_param()
RFC 4890 has the following text:
The HMAC algorithm based on SHA-1 MUST be supported and included in the HMAC-ALGO parameter.
As a result, we need to check in sctp_verify_param() that HMAC_SHA1 is present in the list. If not, we should probably treat this as a protocol violation.
It should also be a protocol violation if the HMAC parameter is empty.
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
Revision tags: v2.6.25-rc9, v2.6.25-rc8, v2.6.25-rc7 |
|
#
2444844c |
| 24-Mar-2008 |
Florian Westphal <fw@strlen.de> |
[SCTP]: Replace char msg[] with static const char[].
133886 2004 220 136110 213ae sctp.new/sctp.o 134018 2004 220 136242 21432 sctp.old/sctp.o
Signed-off-by: Florian Westphal <f
[SCTP]: Replace char msg[] with static const char[].
133886 2004 220 136110 213ae sctp.new/sctp.o 134018 2004 220 136242 21432 sctp.old/sctp.o
Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
Revision tags: v2.6.25-rc6, v2.6.25-rc5 |
|
#
140ee960 |
| 05-Mar-2008 |
Gui Jianfeng <guijianfeng@cn.fujitsu.com> |
SCTP: Fix chunk parameter processing bug
If an address family is not listed in "Supported Address Types" parameter(INIT Chunk), but the packet is sent by that family, this address family should be c
SCTP: Fix chunk parameter processing bug
If an address family is not listed in "Supported Address Types" parameter(INIT Chunk), but the packet is sent by that family, this address family should be considered as supported by peer. Otherwise, an error condition will occur. For instance, if kernel receives an IPV6 SCTP INIT chunk with "Support Address Types" parameter which indicates just supporting IPV4 Address family. Kernel will reply an IPV6 SCTP INIT ACK packet, but the source ipv6 address in ipv6 header will be vacant. This is not correct.
refer to RFC4460 as following: IMPLEMENTATION NOTE: If an SCTP endpoint lists in the 'Supported Address Types' parameter either IPv4 or IPv6, but uses the other family for sending the packet containing the INIT chunk, or if it also lists addresses of the other family in the INIT chunk, then the address family that is not listed in the 'Supported Address Types' parameter SHOULD also be considered as supported by the receiver of the INIT chunk. The receiver of the INIT chunk SHOULD NOT respond with any kind of error indication.
Here is a fix to comply to RFC.
Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
Revision tags: v2.6.25-rc4, v2.6.25-rc3, v2.6.25-rc2, v2.6.25-rc1 |
|
#
5f9646c3 |
| 05-Feb-2008 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
[SCTP]: Make sure the chunk is off the transmitted list prior to freeing.
In a few instances, we need to remove the chunk from the transmitted list prior to freeing it. This is because the free cod
[SCTP]: Make sure the chunk is off the transmitted list prior to freeing.
In a few instances, we need to remove the chunk from the transmitted list prior to freeing it. This is because the free code doesn't do that any more and so we need to do it manually.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
show more ...
|
Revision tags: v2.6.24, v2.6.24-rc8 |
|
#
60c778b2 |
| 11-Jan-2008 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
[SCTP]: Stop claiming that this is a "reference implementation"
I was notified by Randy Stewart that lksctp claims to be "the reference implementation". First of all, "the refrence implementation"
[SCTP]: Stop claiming that this is a "reference implementation"
I was notified by Randy Stewart that lksctp claims to be "the reference implementation". First of all, "the refrence implementation" was the original implementation of SCTP in usersapce written ty Randy and a few others. Second, after looking at the definiton of 'reference implementation', we don't really meet the requirements.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
show more ...
|
#
ec9dbb1c |
| 28-Jan-2008 |
Wei Yongjun <yjwei@cn.fujitsu.com> |
[SCTP]: Fix miss of report unrecognized HMAC Algorithm parameter
This patch fix miss of check for report unrecognized HMAC Algorithm parameter. When AUTH is disabled, goto fall through path to repo
[SCTP]: Fix miss of report unrecognized HMAC Algorithm parameter
This patch fix miss of check for report unrecognized HMAC Algorithm parameter. When AUTH is disabled, goto fall through path to report unrecognized parameter, else, just break
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
Revision tags: v2.6.24-rc7, v2.6.24-rc6 |
|
#
d6701191 |
| 20-Dec-2007 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
[SCTP]: Follow Add-IP security consideratiosn wrt INIT/INIT-ACK
The Security Considerations section of RFC 5061 has the following text:
If an SCTP endpoint that supports this extension receives
[SCTP]: Follow Add-IP security consideratiosn wrt INIT/INIT-ACK
The Security Considerations section of RFC 5061 has the following text:
If an SCTP endpoint that supports this extension receives an INIT that indicates that the peer supports the ASCONF extension but does NOT support the [RFC4895] extension, the receiver of such an INIT MUST send an ABORT in response. Note that an implementation is allowed to silently discard such an INIT as an option as well, but under NO circumstance is an implementation allowed to proceed with the association setup by sending an INIT-ACK in response.
An implementation that receives an INIT-ACK that indicates that the peer does not support the [RFC4895] extension MUST NOT send the COOKIE-ECHO to establish the association. Instead, the implementation MUST discard the INIT-ACK and report to the upper- layer user that an association cannot be established destroying the Transmission Control Block (TCB).
Follow the recomendations.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
#
f57d96b2 |
| 20-Dec-2007 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
[SCTP]: Change use_as_src into a full address state
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
a08de64d |
| 20-Dec-2007 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
[SCTP]: Update ASCONF processing to conform to spec.
The processing of the ASCONF chunks has changed a lot in the spec. New items are: 1. A list of ASCONF-ACK chunks is now cached 2. The so
[SCTP]: Update ASCONF processing to conform to spec.
The processing of the ASCONF chunks has changed a lot in the spec. New items are: 1. A list of ASCONF-ACK chunks is now cached 2. The source of the packet is used in response. 3. New handling for unexpect ASCONF chunks.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
#
d6de3097 |
| 20-Dec-2007 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
[SCTP]: Add the handling of "Set Primary IP Address" parameter to INIT
The ADD-IP "Set Primary IP Address" parameter is allowed in the INIT/INIT-ACK exchange. Allow processing of this parameter dur
[SCTP]: Add the handling of "Set Primary IP Address" parameter to INIT
The ADD-IP "Set Primary IP Address" parameter is allowed in the INIT/INIT-ACK exchange. Allow processing of this parameter during the INIT/INIT-ACK.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
#
42e30bf3 |
| 20-Dec-2007 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
[SCTP]: Handle the wildcard ADD-IP Address parameter
The Address Parameter in the parameter list of the ASCONF chunk may be a wildcard address. In this case special processing is required. For the
[SCTP]: Handle the wildcard ADD-IP Address parameter
The Address Parameter in the parameter list of the ASCONF chunk may be a wildcard address. In this case special processing is required. For the 'add' case, the source IP of the packet is added. In the 'del' case, all addresses except the source IP of packet are removed. In the "mark primary" case, the source address is marked as primary.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
#
036b579b |
| 07-Jan-2008 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
[SCTP]: Add back the code that accounted for FORWARD_TSN parameter in INIT.
Some recent changes completely removed accounting for the FORWARD_TSN parameter length in the INIT and INIT-ACK chunk. Th
[SCTP]: Add back the code that accounted for FORWARD_TSN parameter in INIT.
Some recent changes completely removed accounting for the FORWARD_TSN parameter length in the INIT and INIT-ACK chunk. This is wrong and should be restored.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
show more ...
|
#
7aa1b54b |
| 20-Dec-2007 |
Joe Perches <joe@perches.com> |
[SCTP]: Spelling fixes
Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
Revision tags: v2.6.24-rc5, v2.6.24-rc4 |
|
#
8ee4be37 |
| 29-Nov-2007 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
SCTP: Fix the supported extensions paramter
Supported extensions parameter was not coded right and ended up over-writing memory or causing skb overflows. First, remove the FWD_TSN support from as i
SCTP: Fix the supported extensions paramter
Supported extensions parameter was not coded right and ended up over-writing memory or causing skb overflows. First, remove the FWD_TSN support from as it shouldn't be there and also fix the paramter encoding.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
show more ...
|
#
9baffaa6 |
| 29-Nov-2007 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
SCTP: Fix SCTP-AUTH to correctly add HMACS paramter.
There was a typo that cleared the HMACS parameters when no authenticated chunks were specified. We whould be clearing the chunks pointer instead
SCTP: Fix SCTP-AUTH to correctly add HMACS paramter.
There was a typo that cleared the HMACS parameters when no authenticated chunks were specified. We whould be clearing the chunks pointer instead of the hmacs.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
show more ...
|
Revision tags: v2.6.24-rc3 |
|
#
7ab90804 |
| 09-Nov-2007 |
Vlad Yasevich <vladislav.yasevich@hp.com> |
SCTP: Make sctp_verify_param return multiple indications.
SCTP-AUTH and future ADD-IP updates have a requirement to do additional verification of parameters and an ability to ABORT the association i
SCTP: Make sctp_verify_param return multiple indications.
SCTP-AUTH and future ADD-IP updates have a requirement to do additional verification of parameters and an ability to ABORT the association if verification fails. So, introduce additional return code so that we can clear signal a required action.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
show more ...
|