18e8caf97SThomas Gleixner // SPDX-License-Identifier: GPL-2.0-or-later
260c778b2SVlad Yasevich /* SCTP kernel implementation
31da177e4SLinus Torvalds * Copyright (c) 1999-2000 Cisco, Inc.
41da177e4SLinus Torvalds * Copyright (c) 1999-2001 Motorola, Inc.
51da177e4SLinus Torvalds * Copyright (c) 2001-2002 International Business Machines, Corp.
61da177e4SLinus Torvalds * Copyright (c) 2001 Intel Corp.
71da177e4SLinus Torvalds * Copyright (c) 2001 Nokia, Inc.
81da177e4SLinus Torvalds * Copyright (c) 2001 La Monte H.P. Yarroll
91da177e4SLinus Torvalds *
1060c778b2SVlad Yasevich * This file is part of the SCTP kernel implementation
111da177e4SLinus Torvalds *
121da177e4SLinus Torvalds * This abstraction represents an SCTP endpoint.
131da177e4SLinus Torvalds *
141da177e4SLinus Torvalds * Please send any bug reports or fixes you make to the
151da177e4SLinus Torvalds * email address(es):
1691705c61SDaniel Borkmann * lksctp developers <linux-sctp@vger.kernel.org>
171da177e4SLinus Torvalds *
181da177e4SLinus Torvalds * Written or modified by:
191da177e4SLinus Torvalds * La Monte H.P. Yarroll <piggy@acm.org>
201da177e4SLinus Torvalds * Karl Knutson <karl@athena.chicago.il.us>
211da177e4SLinus Torvalds * Jon Grimm <jgrimm@austin.ibm.com>
221da177e4SLinus Torvalds * Daisy Chang <daisyc@us.ibm.com>
231da177e4SLinus Torvalds * Dajiang Zhang <dajiang.zhang@nokia.com>
241da177e4SLinus Torvalds */
251da177e4SLinus Torvalds
261da177e4SLinus Torvalds #include <linux/types.h>
271da177e4SLinus Torvalds #include <linux/slab.h>
281da177e4SLinus Torvalds #include <linux/in.h>
291da177e4SLinus Torvalds #include <linux/random.h> /* get_random_bytes() */
301da177e4SLinus Torvalds #include <net/sock.h>
311da177e4SLinus Torvalds #include <net/ipv6.h>
321da177e4SLinus Torvalds #include <net/sctp/sctp.h>
331da177e4SLinus Torvalds #include <net/sctp/sm.h>
341da177e4SLinus Torvalds
351da177e4SLinus Torvalds /* Forward declarations for internal helpers. */
36c4028958SDavid Howells static void sctp_endpoint_bh_rcv(struct work_struct *work);
371da177e4SLinus Torvalds
381da177e4SLinus Torvalds /*
391da177e4SLinus Torvalds * Initialize the base fields of the endpoint structure.
401da177e4SLinus Torvalds */
sctp_endpoint_init(struct sctp_endpoint * ep,struct sock * sk,gfp_t gfp)411da177e4SLinus Torvalds static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
423182cd84SAlexey Dobriyan struct sock *sk,
43dd0fc66fSAl Viro gfp_t gfp)
441da177e4SLinus Torvalds {
45e1fc3b14SEric W. Biederman struct net *net = sock_net(sk);
46a29a5bd4SVlad Yasevich struct sctp_shared_key *null_key;
47a29a5bd4SVlad Yasevich
48b68dbcabSVlad Yasevich ep->digest = kzalloc(SCTP_SIGNATURE_SIZE, gfp);
49b68dbcabSVlad Yasevich if (!ep->digest)
50b68dbcabSVlad Yasevich return NULL;
51b68dbcabSVlad Yasevich
524e27428fSXin Long ep->asconf_enable = net->sctp.addip_enable;
53b14878ccSVlad Yasevich ep->auth_enable = net->sctp.auth_enable;
54b14878ccSVlad Yasevich if (ep->auth_enable) {
5503f96127SXin Long if (sctp_auth_init(ep, gfp))
56a29a5bd4SVlad Yasevich goto nomem;
574e27428fSXin Long if (ep->asconf_enable) {
5803f96127SXin Long sctp_auth_ep_add_chunkid(ep, SCTP_CID_ASCONF);
5903f96127SXin Long sctp_auth_ep_add_chunkid(ep, SCTP_CID_ASCONF_ACK);
60a29a5bd4SVlad Yasevich }
61a29a5bd4SVlad Yasevich }
62a29a5bd4SVlad Yasevich
631da177e4SLinus Torvalds /* Initialize the base structure. */
641da177e4SLinus Torvalds /* What type of endpoint are we? */
651da177e4SLinus Torvalds ep->base.type = SCTP_EP_TYPE_SOCKET;
661da177e4SLinus Torvalds
671da177e4SLinus Torvalds /* Initialize the basic object fields. */
68c638457aSReshetova, Elena refcount_set(&ep->base.refcnt, 1);
690022d2ddSDaniel Borkmann ep->base.dead = false;
701da177e4SLinus Torvalds
711da177e4SLinus Torvalds /* Create an input queue. */
721da177e4SLinus Torvalds sctp_inq_init(&ep->base.inqueue);
731da177e4SLinus Torvalds
741da177e4SLinus Torvalds /* Set its top-half handler */
75c4028958SDavid Howells sctp_inq_set_th_handler(&ep->base.inqueue, sctp_endpoint_bh_rcv);
761da177e4SLinus Torvalds
771da177e4SLinus Torvalds /* Initialize the bind addr area */
781da177e4SLinus Torvalds sctp_bind_addr_init(&ep->base.bind_addr, 0);
791da177e4SLinus Torvalds
801da177e4SLinus Torvalds /* Create the lists of associations. */
811da177e4SLinus Torvalds INIT_LIST_HEAD(&ep->asocs);
821da177e4SLinus Torvalds
831da177e4SLinus Torvalds /* Use SCTP specific send buffer space queues. */
84e1fc3b14SEric W. Biederman ep->sndbuf_policy = net->sctp.sndbuf_policy;
854d93df0aSNeil Horman
86561b1733SWei Yongjun sk->sk_data_ready = sctp_data_ready;
871da177e4SLinus Torvalds sk->sk_write_space = sctp_write_space;
881da177e4SLinus Torvalds sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
891da177e4SLinus Torvalds
90049b3ff5SNeil Horman /* Get the receive buffer policy for this endpoint */
91e1fc3b14SEric W. Biederman ep->rcvbuf_policy = net->sctp.rcvbuf_policy;
92049b3ff5SNeil Horman
931da177e4SLinus Torvalds /* Initialize the secret key used with cookie. */
94570617e7SDaniel Borkmann get_random_bytes(ep->secret_key, sizeof(ep->secret_key));
951da177e4SLinus Torvalds
96a29a5bd4SVlad Yasevich /* SCTP-AUTH extensions*/
97a29a5bd4SVlad Yasevich INIT_LIST_HEAD(&ep->endpoint_shared_keys);
9881ce0dbcSDan Carpenter null_key = sctp_auth_shkey_create(0, gfp);
99a29a5bd4SVlad Yasevich if (!null_key)
10060208f79SXin Long goto nomem_shkey;
101a29a5bd4SVlad Yasevich
102a29a5bd4SVlad Yasevich list_add(&null_key->key_list, &ep->endpoint_shared_keys);
103a29a5bd4SVlad Yasevich
104a29a5bd4SVlad Yasevich /* Add the null key to the endpoint shared keys list and
105a29a5bd4SVlad Yasevich * set the hmcas and chunks pointers.
106a29a5bd4SVlad Yasevich */
10728aa4c26SXin Long ep->prsctp_enable = net->sctp.prsctp_enable;
108c28445c3SXin Long ep->reconf_enable = net->sctp.reconf_enable;
1091b0b8114SXin Long ep->ecn_enable = net->sctp.ecn_enable;
110a29a5bd4SVlad Yasevich
11125bff6d5SXin Long /* Remember who we are attached to. */
11225bff6d5SXin Long ep->base.sk = sk;
11331243461SXin Long ep->base.net = sock_net(sk);
11425bff6d5SXin Long sock_hold(ep->base.sk);
11525bff6d5SXin Long
1161da177e4SLinus Torvalds return ep;
117a29a5bd4SVlad Yasevich
11860208f79SXin Long nomem_shkey:
11903f96127SXin Long sctp_auth_free(ep);
120a29a5bd4SVlad Yasevich nomem:
121a29a5bd4SVlad Yasevich kfree(ep->digest);
122a29a5bd4SVlad Yasevich return NULL;
123a29a5bd4SVlad Yasevich
1241da177e4SLinus Torvalds }
1251da177e4SLinus Torvalds
1261da177e4SLinus Torvalds /* Create a sctp_endpoint with all that boring stuff initialized.
1271da177e4SLinus Torvalds * Returns NULL if there isn't enough memory.
1281da177e4SLinus Torvalds */
sctp_endpoint_new(struct sock * sk,gfp_t gfp)129dd0fc66fSAl Viro struct sctp_endpoint *sctp_endpoint_new(struct sock *sk, gfp_t gfp)
1301da177e4SLinus Torvalds {
1311da177e4SLinus Torvalds struct sctp_endpoint *ep;
1321da177e4SLinus Torvalds
1331da177e4SLinus Torvalds /* Build a local endpoint. */
134939cfa75SDaniel Borkmann ep = kzalloc(sizeof(*ep), gfp);
1351da177e4SLinus Torvalds if (!ep)
1361da177e4SLinus Torvalds goto fail;
137939cfa75SDaniel Borkmann
1381da177e4SLinus Torvalds if (!sctp_endpoint_init(ep, sk, gfp))
1391da177e4SLinus Torvalds goto fail_init;
140ff2266cdSDaniel Borkmann
1411da177e4SLinus Torvalds SCTP_DBG_OBJCNT_INC(ep);
1421da177e4SLinus Torvalds return ep;
1431da177e4SLinus Torvalds
1441da177e4SLinus Torvalds fail_init:
1451da177e4SLinus Torvalds kfree(ep);
1461da177e4SLinus Torvalds fail:
1471da177e4SLinus Torvalds return NULL;
1481da177e4SLinus Torvalds }
1491da177e4SLinus Torvalds
1501da177e4SLinus Torvalds /* Add an association to an endpoint. */
sctp_endpoint_add_asoc(struct sctp_endpoint * ep,struct sctp_association * asoc)1511da177e4SLinus Torvalds void sctp_endpoint_add_asoc(struct sctp_endpoint *ep,
1521da177e4SLinus Torvalds struct sctp_association *asoc)
1531da177e4SLinus Torvalds {
1541da177e4SLinus Torvalds struct sock *sk = ep->base.sk;
1551da177e4SLinus Torvalds
156de76e695SVlad Yasevich /* If this is a temporary association, don't bother
157de76e695SVlad Yasevich * since we'll be removing it shortly and don't
158de76e695SVlad Yasevich * want anyone to find it anyway.
159de76e695SVlad Yasevich */
160de76e695SVlad Yasevich if (asoc->temp)
161de76e695SVlad Yasevich return;
162de76e695SVlad Yasevich
1631da177e4SLinus Torvalds /* Now just add it to our list of asocs */
1641da177e4SLinus Torvalds list_add_tail(&asoc->asocs, &ep->asocs);
1651da177e4SLinus Torvalds
1661da177e4SLinus Torvalds /* Increment the backlog value for a TCP-style listening socket. */
1671da177e4SLinus Torvalds if (sctp_style(sk, TCP) && sctp_sstate(sk, LISTENING))
1687976a11bSEric Dumazet sk_acceptq_added(sk);
1691da177e4SLinus Torvalds }
1701da177e4SLinus Torvalds
1711da177e4SLinus Torvalds /* Free the endpoint structure. Delay cleanup until
1721da177e4SLinus Torvalds * all users have released their reference count on this structure.
1731da177e4SLinus Torvalds */
sctp_endpoint_free(struct sctp_endpoint * ep)1741da177e4SLinus Torvalds void sctp_endpoint_free(struct sctp_endpoint *ep)
1751da177e4SLinus Torvalds {
1760022d2ddSDaniel Borkmann ep->base.dead = true;
177cfdeef32SVlad Yasevich
178cbabf463SYafang Shao inet_sk_set_state(ep->base.sk, SCTP_SS_CLOSED);
179cfdeef32SVlad Yasevich
180cfdeef32SVlad Yasevich /* Unlink this endpoint, so we can't find it again! */
181cfdeef32SVlad Yasevich sctp_unhash_endpoint(ep);
182cfdeef32SVlad Yasevich
1831da177e4SLinus Torvalds sctp_endpoint_put(ep);
1841da177e4SLinus Torvalds }
1851da177e4SLinus Torvalds
1861da177e4SLinus Torvalds /* Final destructor for endpoint. */
sctp_endpoint_destroy_rcu(struct rcu_head * head)1875ec7d18dSXin Long static void sctp_endpoint_destroy_rcu(struct rcu_head *head)
1885ec7d18dSXin Long {
1895ec7d18dSXin Long struct sctp_endpoint *ep = container_of(head, struct sctp_endpoint, rcu);
1905ec7d18dSXin Long struct sock *sk = ep->base.sk;
1915ec7d18dSXin Long
1925ec7d18dSXin Long sctp_sk(sk)->ep = NULL;
1935ec7d18dSXin Long sock_put(sk);
1945ec7d18dSXin Long
1955ec7d18dSXin Long kfree(ep);
1965ec7d18dSXin Long SCTP_DBG_OBJCNT_DEC(ep);
1975ec7d18dSXin Long }
1985ec7d18dSXin Long
sctp_endpoint_destroy(struct sctp_endpoint * ep)1991da177e4SLinus Torvalds static void sctp_endpoint_destroy(struct sctp_endpoint *ep)
2001da177e4SLinus Torvalds {
2010a2fbac1SDaniel Borkmann struct sock *sk;
2021da177e4SLinus Torvalds
203bb33381dSDaniel Borkmann if (unlikely(!ep->base.dead)) {
204bb33381dSDaniel Borkmann WARN(1, "Attempt to destroy undead endpoint %p!\n", ep);
205bb33381dSDaniel Borkmann return;
206bb33381dSDaniel Borkmann }
2071da177e4SLinus Torvalds
208b68dbcabSVlad Yasevich /* Free the digest buffer */
209b68dbcabSVlad Yasevich kfree(ep->digest);
210b68dbcabSVlad Yasevich
211a29a5bd4SVlad Yasevich /* SCTP-AUTH: Free up AUTH releated data such as shared keys
212a29a5bd4SVlad Yasevich * chunks and hmacs arrays that were allocated
213a29a5bd4SVlad Yasevich */
214a29a5bd4SVlad Yasevich sctp_auth_destroy_keys(&ep->endpoint_shared_keys);
21503f96127SXin Long sctp_auth_free(ep);
216a29a5bd4SVlad Yasevich
2171da177e4SLinus Torvalds /* Cleanup. */
2181da177e4SLinus Torvalds sctp_inq_free(&ep->base.inqueue);
2191da177e4SLinus Torvalds sctp_bind_addr_free(&ep->base.bind_addr);
2201da177e4SLinus Torvalds
221570617e7SDaniel Borkmann memset(ep->secret_key, 0, sizeof(ep->secret_key));
222b5c37fe6SDaniel Borkmann
2230a2fbac1SDaniel Borkmann sk = ep->base.sk;
2240a2fbac1SDaniel Borkmann /* Remove and free the port */
2250a2fbac1SDaniel Borkmann if (sctp_sk(sk)->bind_hash)
2260a2fbac1SDaniel Borkmann sctp_put_port(sk);
2270a2fbac1SDaniel Borkmann
2285ec7d18dSXin Long call_rcu(&ep->rcu, sctp_endpoint_destroy_rcu);
2291da177e4SLinus Torvalds }
2301da177e4SLinus Torvalds
2311da177e4SLinus Torvalds /* Hold a reference to an endpoint. */
sctp_endpoint_hold(struct sctp_endpoint * ep)2325ec7d18dSXin Long int sctp_endpoint_hold(struct sctp_endpoint *ep)
2331da177e4SLinus Torvalds {
2345ec7d18dSXin Long return refcount_inc_not_zero(&ep->base.refcnt);
2351da177e4SLinus Torvalds }
2361da177e4SLinus Torvalds
2371da177e4SLinus Torvalds /* Release a reference to an endpoint and clean up if there are
2381da177e4SLinus Torvalds * no more references.
2391da177e4SLinus Torvalds */
sctp_endpoint_put(struct sctp_endpoint * ep)2401da177e4SLinus Torvalds void sctp_endpoint_put(struct sctp_endpoint *ep)
2411da177e4SLinus Torvalds {
242c638457aSReshetova, Elena if (refcount_dec_and_test(&ep->base.refcnt))
2431da177e4SLinus Torvalds sctp_endpoint_destroy(ep);
2441da177e4SLinus Torvalds }
2451da177e4SLinus Torvalds
2461da177e4SLinus Torvalds /* Is this the endpoint we are looking for? */
sctp_endpoint_is_match(struct sctp_endpoint * ep,struct net * net,const union sctp_addr * laddr,int dif,int sdif)2471da177e4SLinus Torvalds struct sctp_endpoint *sctp_endpoint_is_match(struct sctp_endpoint *ep,
2484cdadcbcSEric W. Biederman struct net *net,
249*0af03170SXin Long const union sctp_addr *laddr,
250*0af03170SXin Long int dif, int sdif)
2511da177e4SLinus Torvalds {
252*0af03170SXin Long int bound_dev_if = READ_ONCE(ep->base.sk->sk_bound_dev_if);
253559cf710SVlad Yasevich struct sctp_endpoint *retval = NULL;
2541da177e4SLinus Torvalds
255*0af03170SXin Long if (net_eq(ep->base.net, net) &&
256*0af03170SXin Long sctp_sk_bound_dev_eq(net, bound_dev_if, dif, sdif) &&
257*0af03170SXin Long (htons(ep->base.bind_addr.port) == laddr->v4.sin_port)) {
2581da177e4SLinus Torvalds if (sctp_bind_addr_match(&ep->base.bind_addr, laddr,
259559cf710SVlad Yasevich sctp_sk(ep->base.sk)))
2601da177e4SLinus Torvalds retval = ep;
2611da177e4SLinus Torvalds }
2621da177e4SLinus Torvalds
2631da177e4SLinus Torvalds return retval;
2641da177e4SLinus Torvalds }
2651da177e4SLinus Torvalds
2661da177e4SLinus Torvalds /* Find the association that goes with this chunk.
2674f008781SXin Long * We lookup the transport from hashtable at first, then get association
2684f008781SXin Long * through t->assoc.
2691da177e4SLinus Torvalds */
sctp_endpoint_lookup_assoc(const struct sctp_endpoint * ep,const union sctp_addr * paddr,struct sctp_transport ** transport)270c79c0666SXin Long struct sctp_association *sctp_endpoint_lookup_assoc(
2711da177e4SLinus Torvalds const struct sctp_endpoint *ep,
2721da177e4SLinus Torvalds const union sctp_addr *paddr,
2731da177e4SLinus Torvalds struct sctp_transport **transport)
2741da177e4SLinus Torvalds {
275123ed979SVlad Yasevich struct sctp_association *asoc = NULL;
2764f008781SXin Long struct sctp_transport *t;
2771da177e4SLinus Torvalds
2781da177e4SLinus Torvalds *transport = NULL;
279deb85a6eSVlad Yasevich
280deb85a6eSVlad Yasevich /* If the local port is not set, there can't be any associations
281deb85a6eSVlad Yasevich * on this endpoint.
282deb85a6eSVlad Yasevich */
283deb85a6eSVlad Yasevich if (!ep->base.bind_addr.port)
2845cb2cd68SXin Long return NULL;
2855cb2cd68SXin Long
2865cb2cd68SXin Long rcu_read_lock();
2874f008781SXin Long t = sctp_epaddr_lookup_transport(ep, paddr);
288dd7445adSXin Long if (!t)
2894f008781SXin Long goto out;
290deb85a6eSVlad Yasevich
291123ed979SVlad Yasevich *transport = t;
2924f008781SXin Long asoc = t->asoc;
293deb85a6eSVlad Yasevich out:
2945cb2cd68SXin Long rcu_read_unlock();
295123ed979SVlad Yasevich return asoc;
2961da177e4SLinus Torvalds }
2971da177e4SLinus Torvalds
2981da177e4SLinus Torvalds /* Look for any peeled off association from the endpoint that matches the
2991da177e4SLinus Torvalds * given peer address.
3001da177e4SLinus Torvalds */
sctp_endpoint_is_peeled_off(struct sctp_endpoint * ep,const union sctp_addr * paddr)30153066538SXin Long bool sctp_endpoint_is_peeled_off(struct sctp_endpoint *ep,
3021da177e4SLinus Torvalds const union sctp_addr *paddr)
3031da177e4SLinus Torvalds {
304*0af03170SXin Long int bound_dev_if = READ_ONCE(ep->base.sk->sk_bound_dev_if);
3051da177e4SLinus Torvalds struct sctp_sockaddr_entry *addr;
3064e7696d9SXin Long struct net *net = ep->base.net;
3071da177e4SLinus Torvalds struct sctp_bind_addr *bp;
3081da177e4SLinus Torvalds
3091da177e4SLinus Torvalds bp = &ep->base.bind_addr;
310559cf710SVlad Yasevich /* This function is called with the socket lock held,
311559cf710SVlad Yasevich * so the address_list can not change.
312559cf710SVlad Yasevich */
313559cf710SVlad Yasevich list_for_each_entry(addr, &bp->address_list, list) {
314*0af03170SXin Long if (sctp_has_association(net, &addr->a, paddr,
315*0af03170SXin Long bound_dev_if, bound_dev_if))
31653066538SXin Long return true;
3171da177e4SLinus Torvalds }
3181da177e4SLinus Torvalds
31953066538SXin Long return false;
3201da177e4SLinus Torvalds }
3211da177e4SLinus Torvalds
3221da177e4SLinus Torvalds /* Do delayed input processing. This is scheduled by sctp_rcv().
3231da177e4SLinus Torvalds * This may be called on BH or task time.
3241da177e4SLinus Torvalds */
sctp_endpoint_bh_rcv(struct work_struct * work)325c4028958SDavid Howells static void sctp_endpoint_bh_rcv(struct work_struct *work)
3261da177e4SLinus Torvalds {
327c4028958SDavid Howells struct sctp_endpoint *ep =
328c4028958SDavid Howells container_of(work, struct sctp_endpoint,
329c4028958SDavid Howells base.inqueue.immediate);
3301da177e4SLinus Torvalds struct sctp_association *asoc;
3311da177e4SLinus Torvalds struct sock *sk;
33255e26eb9SEric W. Biederman struct net *net;
3331da177e4SLinus Torvalds struct sctp_transport *transport;
3341da177e4SLinus Torvalds struct sctp_chunk *chunk;
3351da177e4SLinus Torvalds struct sctp_inq *inqueue;
336bfc6f827SXin Long union sctp_subtype subtype;
33752106019SXin Long enum sctp_state state;
3381da177e4SLinus Torvalds int error = 0;
33942b2aa86SJustin P. Mattock int first_time = 1; /* is this the first time through the loop */
3401da177e4SLinus Torvalds
3411da177e4SLinus Torvalds if (ep->base.dead)
3421da177e4SLinus Torvalds return;
3431da177e4SLinus Torvalds
3441da177e4SLinus Torvalds asoc = NULL;
3451da177e4SLinus Torvalds inqueue = &ep->base.inqueue;
3461da177e4SLinus Torvalds sk = ep->base.sk;
34755e26eb9SEric W. Biederman net = sock_net(sk);
3481da177e4SLinus Torvalds
3491da177e4SLinus Torvalds while (NULL != (chunk = sctp_inq_pop(inqueue))) {
3501da177e4SLinus Torvalds subtype = SCTP_ST_CHUNK(chunk->chunk_hdr->type);
3511da177e4SLinus Torvalds
352bbd0d598SVlad Yasevich /* If the first chunk in the packet is AUTH, do special
353bbd0d598SVlad Yasevich * processing specified in Section 6.3 of SCTP-AUTH spec
354bbd0d598SVlad Yasevich */
355bbd0d598SVlad Yasevich if (first_time && (subtype.chunk == SCTP_CID_AUTH)) {
356bbd0d598SVlad Yasevich struct sctp_chunkhdr *next_hdr;
357bbd0d598SVlad Yasevich
358bbd0d598SVlad Yasevich next_hdr = sctp_inq_peek(inqueue);
359bbd0d598SVlad Yasevich if (!next_hdr)
360bbd0d598SVlad Yasevich goto normal;
361bbd0d598SVlad Yasevich
362bbd0d598SVlad Yasevich /* If the next chunk is COOKIE-ECHO, skip the AUTH
363bbd0d598SVlad Yasevich * chunk while saving a pointer to it so we can do
364bbd0d598SVlad Yasevich * Authentication later (during cookie-echo
365bbd0d598SVlad Yasevich * processing).
366bbd0d598SVlad Yasevich */
367bbd0d598SVlad Yasevich if (next_hdr->type == SCTP_CID_COOKIE_ECHO) {
368bbd0d598SVlad Yasevich chunk->auth_chunk = skb_clone(chunk->skb,
369bbd0d598SVlad Yasevich GFP_ATOMIC);
370bbd0d598SVlad Yasevich chunk->auth = 1;
371bbd0d598SVlad Yasevich continue;
372bbd0d598SVlad Yasevich }
373bbd0d598SVlad Yasevich }
374bbd0d598SVlad Yasevich normal:
3751da177e4SLinus Torvalds /* We might have grown an association since last we
3761da177e4SLinus Torvalds * looked, so try again.
3771da177e4SLinus Torvalds *
3781da177e4SLinus Torvalds * This happens when we've just processed our
3791da177e4SLinus Torvalds * COOKIE-ECHO chunk.
3801da177e4SLinus Torvalds */
3811da177e4SLinus Torvalds if (NULL == chunk->asoc) {
3821da177e4SLinus Torvalds asoc = sctp_endpoint_lookup_assoc(ep,
3831da177e4SLinus Torvalds sctp_source(chunk),
3841da177e4SLinus Torvalds &transport);
3851da177e4SLinus Torvalds chunk->asoc = asoc;
3861da177e4SLinus Torvalds chunk->transport = transport;
3871da177e4SLinus Torvalds }
3881da177e4SLinus Torvalds
3891da177e4SLinus Torvalds state = asoc ? asoc->state : SCTP_STATE_CLOSED;
390bbd0d598SVlad Yasevich if (sctp_auth_recv_cid(subtype.chunk, asoc) && !chunk->auth)
391bbd0d598SVlad Yasevich continue;
3921da177e4SLinus Torvalds
3931da177e4SLinus Torvalds /* Remember where the last DATA chunk came from so we
3941da177e4SLinus Torvalds * know where to send the SACK.
3951da177e4SLinus Torvalds */
3961da177e4SLinus Torvalds if (asoc && sctp_chunk_is_data(chunk))
3971da177e4SLinus Torvalds asoc->peer.last_data_from = chunk->transport;
398196d6759SMichele Baldessari else {
3994e7696d9SXin Long SCTP_INC_STATS(ep->base.net, SCTP_MIB_INCTRLCHUNKS);
400196d6759SMichele Baldessari if (asoc)
401196d6759SMichele Baldessari asoc->stats.ictrlchunks++;
402196d6759SMichele Baldessari }
4031da177e4SLinus Torvalds
4041da177e4SLinus Torvalds if (chunk->transport)
405e575235fSDaniel Borkmann chunk->transport->last_time_heard = ktime_get();
4061da177e4SLinus Torvalds
40755e26eb9SEric W. Biederman error = sctp_do_sm(net, SCTP_EVENT_T_CHUNK, subtype, state,
4081da177e4SLinus Torvalds ep, asoc, chunk, GFP_ATOMIC);
4091da177e4SLinus Torvalds
4101da177e4SLinus Torvalds if (error && chunk)
4111da177e4SLinus Torvalds chunk->pdiscard = 1;
4121da177e4SLinus Torvalds
4131da177e4SLinus Torvalds /* Check to see if the endpoint is freed in response to
4141da177e4SLinus Torvalds * the incoming chunk. If so, get out of the while loop.
4151da177e4SLinus Torvalds */
4161da177e4SLinus Torvalds if (!sctp_sk(sk)->ep)
4171da177e4SLinus Torvalds break;
418bbd0d598SVlad Yasevich
419bbd0d598SVlad Yasevich if (first_time)
420bbd0d598SVlad Yasevich first_time = 0;
4211da177e4SLinus Torvalds }
4221da177e4SLinus Torvalds }
423