xref: /openbmc/linux/net/sctp/stream.c (revision 1cac4f26)
1 /* SCTP kernel implementation
2  * (C) Copyright IBM Corp. 2001, 2004
3  * Copyright (c) 1999-2000 Cisco, Inc.
4  * Copyright (c) 1999-2001 Motorola, Inc.
5  * Copyright (c) 2001 Intel Corp.
6  *
7  * This file is part of the SCTP kernel implementation
8  *
9  * This file contains sctp stream maniuplation primitives and helpers.
10  *
11  * This SCTP implementation is free software;
12  * you can redistribute it and/or modify it under the terms of
13  * the GNU General Public License as published by
14  * the Free Software Foundation; either version 2, or (at your option)
15  * any later version.
16  *
17  * This SCTP implementation is distributed in the hope that it
18  * will be useful, but WITHOUT ANY WARRANTY; without even the implied
19  *                 ************************
20  * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21  * See the GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with GNU CC; see the file COPYING.  If not, see
25  * <http://www.gnu.org/licenses/>.
26  *
27  * Please send any bug reports or fixes you make to the
28  * email address(es):
29  *    lksctp developers <linux-sctp@vger.kernel.org>
30  *
31  * Written or modified by:
32  *    Xin Long <lucien.xin@gmail.com>
33  */
34 
35 #include <linux/list.h>
36 #include <net/sctp/sctp.h>
37 #include <net/sctp/sm.h>
38 #include <net/sctp/stream_sched.h>
39 
40 static struct flex_array *fa_alloc(size_t elem_size, size_t elem_count,
41 				   gfp_t gfp)
42 {
43 	struct flex_array *result;
44 	int err;
45 
46 	result = flex_array_alloc(elem_size, elem_count, gfp);
47 	if (result) {
48 		err = flex_array_prealloc(result, 0, elem_count, gfp);
49 		if (err) {
50 			flex_array_free(result);
51 			result = NULL;
52 		}
53 	}
54 
55 	return result;
56 }
57 
58 static void fa_free(struct flex_array *fa)
59 {
60 	if (fa)
61 		flex_array_free(fa);
62 }
63 
64 static void fa_copy(struct flex_array *fa, struct flex_array *from,
65 		    size_t index, size_t count)
66 {
67 	void *elem;
68 
69 	while (count--) {
70 		elem = flex_array_get(from, index);
71 		flex_array_put(fa, index, elem, 0);
72 		index++;
73 	}
74 }
75 
76 static void fa_zero(struct flex_array *fa, size_t index, size_t count)
77 {
78 	void *elem;
79 
80 	while (count--) {
81 		elem = flex_array_get(fa, index);
82 		memset(elem, 0, fa->element_size);
83 		index++;
84 	}
85 }
86 
87 /* Migrates chunks from stream queues to new stream queues if needed,
88  * but not across associations. Also, removes those chunks to streams
89  * higher than the new max.
90  */
91 static void sctp_stream_outq_migrate(struct sctp_stream *stream,
92 				     struct sctp_stream *new, __u16 outcnt)
93 {
94 	struct sctp_association *asoc;
95 	struct sctp_chunk *ch, *temp;
96 	struct sctp_outq *outq;
97 	int i;
98 
99 	asoc = container_of(stream, struct sctp_association, stream);
100 	outq = &asoc->outqueue;
101 
102 	list_for_each_entry_safe(ch, temp, &outq->out_chunk_list, list) {
103 		__u16 sid = sctp_chunk_stream_no(ch);
104 
105 		if (sid < outcnt)
106 			continue;
107 
108 		sctp_sched_dequeue_common(outq, ch);
109 		/* No need to call dequeue_done here because
110 		 * the chunks are not scheduled by now.
111 		 */
112 
113 		/* Mark as failed send. */
114 		sctp_chunk_fail(ch, (__force __u32)SCTP_ERROR_INV_STRM);
115 		if (asoc->peer.prsctp_capable &&
116 		    SCTP_PR_PRIO_ENABLED(ch->sinfo.sinfo_flags))
117 			asoc->sent_cnt_removable--;
118 
119 		sctp_chunk_free(ch);
120 	}
121 
122 	if (new) {
123 		/* Here we actually move the old ext stuff into the new
124 		 * buffer, because we want to keep it. Then
125 		 * sctp_stream_update will swap ->out pointers.
126 		 */
127 		for (i = 0; i < outcnt; i++) {
128 			kfree(SCTP_SO(new, i)->ext);
129 			SCTP_SO(new, i)->ext = SCTP_SO(stream, i)->ext;
130 			SCTP_SO(stream, i)->ext = NULL;
131 		}
132 	}
133 
134 	for (i = outcnt; i < stream->outcnt; i++)
135 		kfree(SCTP_SO(stream, i)->ext);
136 }
137 
138 static int sctp_stream_alloc_out(struct sctp_stream *stream, __u16 outcnt,
139 				 gfp_t gfp)
140 {
141 	struct flex_array *out;
142 	size_t elem_size = sizeof(struct sctp_stream_out);
143 
144 	out = fa_alloc(elem_size, outcnt, gfp);
145 	if (!out)
146 		return -ENOMEM;
147 
148 	if (stream->out) {
149 		fa_copy(out, stream->out, 0, min(outcnt, stream->outcnt));
150 		fa_free(stream->out);
151 	}
152 
153 	if (outcnt > stream->outcnt)
154 		fa_zero(out, stream->outcnt, (outcnt - stream->outcnt));
155 
156 	stream->out = out;
157 
158 	return 0;
159 }
160 
161 static int sctp_stream_alloc_in(struct sctp_stream *stream, __u16 incnt,
162 				gfp_t gfp)
163 {
164 	struct flex_array *in;
165 	size_t elem_size = sizeof(struct sctp_stream_in);
166 
167 	in = fa_alloc(elem_size, incnt, gfp);
168 	if (!in)
169 		return -ENOMEM;
170 
171 	if (stream->in) {
172 		fa_copy(in, stream->in, 0, min(incnt, stream->incnt));
173 		fa_free(stream->in);
174 	}
175 
176 	if (incnt > stream->incnt)
177 		fa_zero(in, stream->incnt, (incnt - stream->incnt));
178 
179 	stream->in = in;
180 
181 	return 0;
182 }
183 
184 int sctp_stream_init(struct sctp_stream *stream, __u16 outcnt, __u16 incnt,
185 		     gfp_t gfp)
186 {
187 	struct sctp_sched_ops *sched = sctp_sched_ops_from_stream(stream);
188 	int i, ret = 0;
189 
190 	gfp |= __GFP_NOWARN;
191 
192 	/* Initial stream->out size may be very big, so free it and alloc
193 	 * a new one with new outcnt to save memory if needed.
194 	 */
195 	if (outcnt == stream->outcnt)
196 		goto in;
197 
198 	/* Filter out chunks queued on streams that won't exist anymore */
199 	sched->unsched_all(stream);
200 	sctp_stream_outq_migrate(stream, NULL, outcnt);
201 	sched->sched_all(stream);
202 
203 	ret = sctp_stream_alloc_out(stream, outcnt, gfp);
204 	if (ret)
205 		goto out;
206 
207 	stream->outcnt = outcnt;
208 	for (i = 0; i < stream->outcnt; i++)
209 		SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
210 
211 	sched->init(stream);
212 
213 in:
214 	sctp_stream_interleave_init(stream);
215 	if (!incnt)
216 		goto out;
217 
218 	ret = sctp_stream_alloc_in(stream, incnt, gfp);
219 	if (ret) {
220 		sched->free(stream);
221 		fa_free(stream->out);
222 		stream->out = NULL;
223 		stream->outcnt = 0;
224 		goto out;
225 	}
226 
227 	stream->incnt = incnt;
228 
229 out:
230 	return ret;
231 }
232 
233 int sctp_stream_init_ext(struct sctp_stream *stream, __u16 sid)
234 {
235 	struct sctp_stream_out_ext *soute;
236 
237 	soute = kzalloc(sizeof(*soute), GFP_KERNEL);
238 	if (!soute)
239 		return -ENOMEM;
240 	SCTP_SO(stream, sid)->ext = soute;
241 
242 	return sctp_sched_init_sid(stream, sid, GFP_KERNEL);
243 }
244 
245 void sctp_stream_free(struct sctp_stream *stream)
246 {
247 	struct sctp_sched_ops *sched = sctp_sched_ops_from_stream(stream);
248 	int i;
249 
250 	sched->free(stream);
251 	for (i = 0; i < stream->outcnt; i++)
252 		kfree(SCTP_SO(stream, i)->ext);
253 	fa_free(stream->out);
254 	fa_free(stream->in);
255 }
256 
257 void sctp_stream_clear(struct sctp_stream *stream)
258 {
259 	int i;
260 
261 	for (i = 0; i < stream->outcnt; i++) {
262 		SCTP_SO(stream, i)->mid = 0;
263 		SCTP_SO(stream, i)->mid_uo = 0;
264 	}
265 
266 	for (i = 0; i < stream->incnt; i++)
267 		SCTP_SI(stream, i)->mid = 0;
268 }
269 
270 void sctp_stream_update(struct sctp_stream *stream, struct sctp_stream *new)
271 {
272 	struct sctp_sched_ops *sched = sctp_sched_ops_from_stream(stream);
273 
274 	sched->unsched_all(stream);
275 	sctp_stream_outq_migrate(stream, new, new->outcnt);
276 	sctp_stream_free(stream);
277 
278 	stream->out = new->out;
279 	stream->in  = new->in;
280 	stream->outcnt = new->outcnt;
281 	stream->incnt  = new->incnt;
282 
283 	sched->sched_all(stream);
284 
285 	new->out = NULL;
286 	new->in  = NULL;
287 	new->outcnt = 0;
288 	new->incnt  = 0;
289 }
290 
291 static int sctp_send_reconf(struct sctp_association *asoc,
292 			    struct sctp_chunk *chunk)
293 {
294 	struct net *net = sock_net(asoc->base.sk);
295 	int retval = 0;
296 
297 	retval = sctp_primitive_RECONF(net, asoc, chunk);
298 	if (retval)
299 		sctp_chunk_free(chunk);
300 
301 	return retval;
302 }
303 
304 static bool sctp_stream_outq_is_empty(struct sctp_stream *stream,
305 				      __u16 str_nums, __be16 *str_list)
306 {
307 	struct sctp_association *asoc;
308 	__u16 i;
309 
310 	asoc = container_of(stream, struct sctp_association, stream);
311 	if (!asoc->outqueue.out_qlen)
312 		return true;
313 
314 	if (!str_nums)
315 		return false;
316 
317 	for (i = 0; i < str_nums; i++) {
318 		__u16 sid = ntohs(str_list[i]);
319 
320 		if (SCTP_SO(stream, sid)->ext &&
321 		    !list_empty(&SCTP_SO(stream, sid)->ext->outq))
322 			return false;
323 	}
324 
325 	return true;
326 }
327 
328 int sctp_send_reset_streams(struct sctp_association *asoc,
329 			    struct sctp_reset_streams *params)
330 {
331 	struct sctp_stream *stream = &asoc->stream;
332 	__u16 i, str_nums, *str_list;
333 	struct sctp_chunk *chunk;
334 	int retval = -EINVAL;
335 	__be16 *nstr_list;
336 	bool out, in;
337 
338 	if (!asoc->peer.reconf_capable ||
339 	    !(asoc->strreset_enable & SCTP_ENABLE_RESET_STREAM_REQ)) {
340 		retval = -ENOPROTOOPT;
341 		goto out;
342 	}
343 
344 	if (asoc->strreset_outstanding) {
345 		retval = -EINPROGRESS;
346 		goto out;
347 	}
348 
349 	out = params->srs_flags & SCTP_STREAM_RESET_OUTGOING;
350 	in  = params->srs_flags & SCTP_STREAM_RESET_INCOMING;
351 	if (!out && !in)
352 		goto out;
353 
354 	str_nums = params->srs_number_streams;
355 	str_list = params->srs_stream_list;
356 	if (str_nums) {
357 		int param_len = 0;
358 
359 		if (out) {
360 			for (i = 0; i < str_nums; i++)
361 				if (str_list[i] >= stream->outcnt)
362 					goto out;
363 
364 			param_len = str_nums * sizeof(__u16) +
365 				    sizeof(struct sctp_strreset_outreq);
366 		}
367 
368 		if (in) {
369 			for (i = 0; i < str_nums; i++)
370 				if (str_list[i] >= stream->incnt)
371 					goto out;
372 
373 			param_len += str_nums * sizeof(__u16) +
374 				     sizeof(struct sctp_strreset_inreq);
375 		}
376 
377 		if (param_len > SCTP_MAX_CHUNK_LEN -
378 				sizeof(struct sctp_reconf_chunk))
379 			goto out;
380 	}
381 
382 	nstr_list = kcalloc(str_nums, sizeof(__be16), GFP_KERNEL);
383 	if (!nstr_list) {
384 		retval = -ENOMEM;
385 		goto out;
386 	}
387 
388 	for (i = 0; i < str_nums; i++)
389 		nstr_list[i] = htons(str_list[i]);
390 
391 	if (out && !sctp_stream_outq_is_empty(stream, str_nums, nstr_list)) {
392 		retval = -EAGAIN;
393 		goto out;
394 	}
395 
396 	chunk = sctp_make_strreset_req(asoc, str_nums, nstr_list, out, in);
397 
398 	kfree(nstr_list);
399 
400 	if (!chunk) {
401 		retval = -ENOMEM;
402 		goto out;
403 	}
404 
405 	if (out) {
406 		if (str_nums)
407 			for (i = 0; i < str_nums; i++)
408 				SCTP_SO(stream, str_list[i])->state =
409 						       SCTP_STREAM_CLOSED;
410 		else
411 			for (i = 0; i < stream->outcnt; i++)
412 				SCTP_SO(stream, i)->state = SCTP_STREAM_CLOSED;
413 	}
414 
415 	asoc->strreset_chunk = chunk;
416 	sctp_chunk_hold(asoc->strreset_chunk);
417 
418 	retval = sctp_send_reconf(asoc, chunk);
419 	if (retval) {
420 		sctp_chunk_put(asoc->strreset_chunk);
421 		asoc->strreset_chunk = NULL;
422 		if (!out)
423 			goto out;
424 
425 		if (str_nums)
426 			for (i = 0; i < str_nums; i++)
427 				SCTP_SO(stream, str_list[i])->state =
428 						       SCTP_STREAM_OPEN;
429 		else
430 			for (i = 0; i < stream->outcnt; i++)
431 				SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
432 
433 		goto out;
434 	}
435 
436 	asoc->strreset_outstanding = out + in;
437 
438 out:
439 	return retval;
440 }
441 
442 int sctp_send_reset_assoc(struct sctp_association *asoc)
443 {
444 	struct sctp_stream *stream = &asoc->stream;
445 	struct sctp_chunk *chunk = NULL;
446 	int retval;
447 	__u16 i;
448 
449 	if (!asoc->peer.reconf_capable ||
450 	    !(asoc->strreset_enable & SCTP_ENABLE_RESET_ASSOC_REQ))
451 		return -ENOPROTOOPT;
452 
453 	if (asoc->strreset_outstanding)
454 		return -EINPROGRESS;
455 
456 	if (!sctp_outq_is_empty(&asoc->outqueue))
457 		return -EAGAIN;
458 
459 	chunk = sctp_make_strreset_tsnreq(asoc);
460 	if (!chunk)
461 		return -ENOMEM;
462 
463 	/* Block further xmit of data until this request is completed */
464 	for (i = 0; i < stream->outcnt; i++)
465 		SCTP_SO(stream, i)->state = SCTP_STREAM_CLOSED;
466 
467 	asoc->strreset_chunk = chunk;
468 	sctp_chunk_hold(asoc->strreset_chunk);
469 
470 	retval = sctp_send_reconf(asoc, chunk);
471 	if (retval) {
472 		sctp_chunk_put(asoc->strreset_chunk);
473 		asoc->strreset_chunk = NULL;
474 
475 		for (i = 0; i < stream->outcnt; i++)
476 			SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
477 
478 		return retval;
479 	}
480 
481 	asoc->strreset_outstanding = 1;
482 
483 	return 0;
484 }
485 
486 int sctp_send_add_streams(struct sctp_association *asoc,
487 			  struct sctp_add_streams *params)
488 {
489 	struct sctp_stream *stream = &asoc->stream;
490 	struct sctp_chunk *chunk = NULL;
491 	int retval;
492 	__u32 outcnt, incnt;
493 	__u16 out, in;
494 
495 	if (!asoc->peer.reconf_capable ||
496 	    !(asoc->strreset_enable & SCTP_ENABLE_CHANGE_ASSOC_REQ)) {
497 		retval = -ENOPROTOOPT;
498 		goto out;
499 	}
500 
501 	if (asoc->strreset_outstanding) {
502 		retval = -EINPROGRESS;
503 		goto out;
504 	}
505 
506 	out = params->sas_outstrms;
507 	in  = params->sas_instrms;
508 	outcnt = stream->outcnt + out;
509 	incnt = stream->incnt + in;
510 	if (outcnt > SCTP_MAX_STREAM || incnt > SCTP_MAX_STREAM ||
511 	    (!out && !in)) {
512 		retval = -EINVAL;
513 		goto out;
514 	}
515 
516 	if (out) {
517 		retval = sctp_stream_alloc_out(stream, outcnt, GFP_KERNEL);
518 		if (retval)
519 			goto out;
520 	}
521 
522 	chunk = sctp_make_strreset_addstrm(asoc, out, in);
523 	if (!chunk) {
524 		retval = -ENOMEM;
525 		goto out;
526 	}
527 
528 	asoc->strreset_chunk = chunk;
529 	sctp_chunk_hold(asoc->strreset_chunk);
530 
531 	retval = sctp_send_reconf(asoc, chunk);
532 	if (retval) {
533 		sctp_chunk_put(asoc->strreset_chunk);
534 		asoc->strreset_chunk = NULL;
535 		goto out;
536 	}
537 
538 	stream->outcnt = outcnt;
539 
540 	asoc->strreset_outstanding = !!out + !!in;
541 
542 out:
543 	return retval;
544 }
545 
546 static struct sctp_paramhdr *sctp_chunk_lookup_strreset_param(
547 			struct sctp_association *asoc, __be32 resp_seq,
548 			__be16 type)
549 {
550 	struct sctp_chunk *chunk = asoc->strreset_chunk;
551 	struct sctp_reconf_chunk *hdr;
552 	union sctp_params param;
553 
554 	if (!chunk)
555 		return NULL;
556 
557 	hdr = (struct sctp_reconf_chunk *)chunk->chunk_hdr;
558 	sctp_walk_params(param, hdr, params) {
559 		/* sctp_strreset_tsnreq is actually the basic structure
560 		 * of all stream reconf params, so it's safe to use it
561 		 * to access request_seq.
562 		 */
563 		struct sctp_strreset_tsnreq *req = param.v;
564 
565 		if ((!resp_seq || req->request_seq == resp_seq) &&
566 		    (!type || type == req->param_hdr.type))
567 			return param.v;
568 	}
569 
570 	return NULL;
571 }
572 
573 static void sctp_update_strreset_result(struct sctp_association *asoc,
574 					__u32 result)
575 {
576 	asoc->strreset_result[1] = asoc->strreset_result[0];
577 	asoc->strreset_result[0] = result;
578 }
579 
580 struct sctp_chunk *sctp_process_strreset_outreq(
581 				struct sctp_association *asoc,
582 				union sctp_params param,
583 				struct sctp_ulpevent **evp)
584 {
585 	struct sctp_strreset_outreq *outreq = param.v;
586 	struct sctp_stream *stream = &asoc->stream;
587 	__u32 result = SCTP_STRRESET_DENIED;
588 	__u16 i, nums, flags = 0;
589 	__be16 *str_p = NULL;
590 	__u32 request_seq;
591 
592 	request_seq = ntohl(outreq->request_seq);
593 
594 	if (ntohl(outreq->send_reset_at_tsn) >
595 	    sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map)) {
596 		result = SCTP_STRRESET_IN_PROGRESS;
597 		goto err;
598 	}
599 
600 	if (TSN_lt(asoc->strreset_inseq, request_seq) ||
601 	    TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
602 		result = SCTP_STRRESET_ERR_BAD_SEQNO;
603 		goto err;
604 	} else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
605 		i = asoc->strreset_inseq - request_seq - 1;
606 		result = asoc->strreset_result[i];
607 		goto err;
608 	}
609 	asoc->strreset_inseq++;
610 
611 	/* Check strreset_enable after inseq inc, as sender cannot tell
612 	 * the peer doesn't enable strreset after receiving response with
613 	 * result denied, as well as to keep consistent with bsd.
614 	 */
615 	if (!(asoc->strreset_enable & SCTP_ENABLE_RESET_STREAM_REQ))
616 		goto out;
617 
618 	if (asoc->strreset_chunk) {
619 		if (!sctp_chunk_lookup_strreset_param(
620 				asoc, outreq->response_seq,
621 				SCTP_PARAM_RESET_IN_REQUEST)) {
622 			/* same process with outstanding isn't 0 */
623 			result = SCTP_STRRESET_ERR_IN_PROGRESS;
624 			goto out;
625 		}
626 
627 		asoc->strreset_outstanding--;
628 		asoc->strreset_outseq++;
629 
630 		if (!asoc->strreset_outstanding) {
631 			struct sctp_transport *t;
632 
633 			t = asoc->strreset_chunk->transport;
634 			if (del_timer(&t->reconf_timer))
635 				sctp_transport_put(t);
636 
637 			sctp_chunk_put(asoc->strreset_chunk);
638 			asoc->strreset_chunk = NULL;
639 		}
640 
641 		flags = SCTP_STREAM_RESET_INCOMING_SSN;
642 	}
643 
644 	nums = (ntohs(param.p->length) - sizeof(*outreq)) / sizeof(__u16);
645 	if (nums) {
646 		str_p = outreq->list_of_streams;
647 		for (i = 0; i < nums; i++) {
648 			if (ntohs(str_p[i]) >= stream->incnt) {
649 				result = SCTP_STRRESET_ERR_WRONG_SSN;
650 				goto out;
651 			}
652 		}
653 
654 		for (i = 0; i < nums; i++)
655 			SCTP_SI(stream, ntohs(str_p[i]))->mid = 0;
656 	} else {
657 		for (i = 0; i < stream->incnt; i++)
658 			SCTP_SI(stream, i)->mid = 0;
659 	}
660 
661 	result = SCTP_STRRESET_PERFORMED;
662 
663 	*evp = sctp_ulpevent_make_stream_reset_event(asoc,
664 		flags | SCTP_STREAM_RESET_OUTGOING_SSN, nums, str_p,
665 		GFP_ATOMIC);
666 
667 out:
668 	sctp_update_strreset_result(asoc, result);
669 err:
670 	return sctp_make_strreset_resp(asoc, result, request_seq);
671 }
672 
673 struct sctp_chunk *sctp_process_strreset_inreq(
674 				struct sctp_association *asoc,
675 				union sctp_params param,
676 				struct sctp_ulpevent **evp)
677 {
678 	struct sctp_strreset_inreq *inreq = param.v;
679 	struct sctp_stream *stream = &asoc->stream;
680 	__u32 result = SCTP_STRRESET_DENIED;
681 	struct sctp_chunk *chunk = NULL;
682 	__u32 request_seq;
683 	__u16 i, nums;
684 	__be16 *str_p;
685 
686 	request_seq = ntohl(inreq->request_seq);
687 	if (TSN_lt(asoc->strreset_inseq, request_seq) ||
688 	    TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
689 		result = SCTP_STRRESET_ERR_BAD_SEQNO;
690 		goto err;
691 	} else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
692 		i = asoc->strreset_inseq - request_seq - 1;
693 		result = asoc->strreset_result[i];
694 		if (result == SCTP_STRRESET_PERFORMED)
695 			return NULL;
696 		goto err;
697 	}
698 	asoc->strreset_inseq++;
699 
700 	if (!(asoc->strreset_enable & SCTP_ENABLE_RESET_STREAM_REQ))
701 		goto out;
702 
703 	if (asoc->strreset_outstanding) {
704 		result = SCTP_STRRESET_ERR_IN_PROGRESS;
705 		goto out;
706 	}
707 
708 	nums = (ntohs(param.p->length) - sizeof(*inreq)) / sizeof(__u16);
709 	str_p = inreq->list_of_streams;
710 	for (i = 0; i < nums; i++) {
711 		if (ntohs(str_p[i]) >= stream->outcnt) {
712 			result = SCTP_STRRESET_ERR_WRONG_SSN;
713 			goto out;
714 		}
715 	}
716 
717 	if (!sctp_stream_outq_is_empty(stream, nums, str_p)) {
718 		result = SCTP_STRRESET_IN_PROGRESS;
719 		asoc->strreset_inseq--;
720 		goto err;
721 	}
722 
723 	chunk = sctp_make_strreset_req(asoc, nums, str_p, 1, 0);
724 	if (!chunk)
725 		goto out;
726 
727 	if (nums)
728 		for (i = 0; i < nums; i++)
729 			SCTP_SO(stream, ntohs(str_p[i]))->state =
730 					       SCTP_STREAM_CLOSED;
731 	else
732 		for (i = 0; i < stream->outcnt; i++)
733 			SCTP_SO(stream, i)->state = SCTP_STREAM_CLOSED;
734 
735 	asoc->strreset_chunk = chunk;
736 	asoc->strreset_outstanding = 1;
737 	sctp_chunk_hold(asoc->strreset_chunk);
738 
739 	result = SCTP_STRRESET_PERFORMED;
740 
741 	*evp = sctp_ulpevent_make_stream_reset_event(asoc,
742 		SCTP_STREAM_RESET_INCOMING_SSN, nums, str_p, GFP_ATOMIC);
743 
744 out:
745 	sctp_update_strreset_result(asoc, result);
746 err:
747 	if (!chunk)
748 		chunk =  sctp_make_strreset_resp(asoc, result, request_seq);
749 
750 	return chunk;
751 }
752 
753 struct sctp_chunk *sctp_process_strreset_tsnreq(
754 				struct sctp_association *asoc,
755 				union sctp_params param,
756 				struct sctp_ulpevent **evp)
757 {
758 	__u32 init_tsn = 0, next_tsn = 0, max_tsn_seen;
759 	struct sctp_strreset_tsnreq *tsnreq = param.v;
760 	struct sctp_stream *stream = &asoc->stream;
761 	__u32 result = SCTP_STRRESET_DENIED;
762 	__u32 request_seq;
763 	__u16 i;
764 
765 	request_seq = ntohl(tsnreq->request_seq);
766 	if (TSN_lt(asoc->strreset_inseq, request_seq) ||
767 	    TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
768 		result = SCTP_STRRESET_ERR_BAD_SEQNO;
769 		goto err;
770 	} else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
771 		i = asoc->strreset_inseq - request_seq - 1;
772 		result = asoc->strreset_result[i];
773 		if (result == SCTP_STRRESET_PERFORMED) {
774 			next_tsn = asoc->ctsn_ack_point + 1;
775 			init_tsn =
776 				sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map) + 1;
777 		}
778 		goto err;
779 	}
780 
781 	if (!sctp_outq_is_empty(&asoc->outqueue)) {
782 		result = SCTP_STRRESET_IN_PROGRESS;
783 		goto err;
784 	}
785 
786 	asoc->strreset_inseq++;
787 
788 	if (!(asoc->strreset_enable & SCTP_ENABLE_RESET_ASSOC_REQ))
789 		goto out;
790 
791 	if (asoc->strreset_outstanding) {
792 		result = SCTP_STRRESET_ERR_IN_PROGRESS;
793 		goto out;
794 	}
795 
796 	/* G4: The same processing as though a FWD-TSN chunk (as defined in
797 	 *     [RFC3758]) with all streams affected and a new cumulative TSN
798 	 *     ACK of the Receiver's Next TSN minus 1 were received MUST be
799 	 *     performed.
800 	 */
801 	max_tsn_seen = sctp_tsnmap_get_max_tsn_seen(&asoc->peer.tsn_map);
802 	asoc->stream.si->report_ftsn(&asoc->ulpq, max_tsn_seen);
803 
804 	/* G1: Compute an appropriate value for the Receiver's Next TSN -- the
805 	 *     TSN that the peer should use to send the next DATA chunk.  The
806 	 *     value SHOULD be the smallest TSN not acknowledged by the
807 	 *     receiver of the request plus 2^31.
808 	 */
809 	init_tsn = sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map) + (1 << 31);
810 	sctp_tsnmap_init(&asoc->peer.tsn_map, SCTP_TSN_MAP_INITIAL,
811 			 init_tsn, GFP_ATOMIC);
812 
813 	/* G3: The same processing as though a SACK chunk with no gap report
814 	 *     and a cumulative TSN ACK of the Sender's Next TSN minus 1 were
815 	 *     received MUST be performed.
816 	 */
817 	sctp_outq_free(&asoc->outqueue);
818 
819 	/* G2: Compute an appropriate value for the local endpoint's next TSN,
820 	 *     i.e., the next TSN assigned by the receiver of the SSN/TSN reset
821 	 *     chunk.  The value SHOULD be the highest TSN sent by the receiver
822 	 *     of the request plus 1.
823 	 */
824 	next_tsn = asoc->next_tsn;
825 	asoc->ctsn_ack_point = next_tsn - 1;
826 	asoc->adv_peer_ack_point = asoc->ctsn_ack_point;
827 
828 	/* G5:  The next expected and outgoing SSNs MUST be reset to 0 for all
829 	 *      incoming and outgoing streams.
830 	 */
831 	for (i = 0; i < stream->outcnt; i++) {
832 		SCTP_SO(stream, i)->mid = 0;
833 		SCTP_SO(stream, i)->mid_uo = 0;
834 	}
835 	for (i = 0; i < stream->incnt; i++)
836 		SCTP_SI(stream, i)->mid = 0;
837 
838 	result = SCTP_STRRESET_PERFORMED;
839 
840 	*evp = sctp_ulpevent_make_assoc_reset_event(asoc, 0, init_tsn,
841 						    next_tsn, GFP_ATOMIC);
842 
843 out:
844 	sctp_update_strreset_result(asoc, result);
845 err:
846 	return sctp_make_strreset_tsnresp(asoc, result, request_seq,
847 					  next_tsn, init_tsn);
848 }
849 
850 struct sctp_chunk *sctp_process_strreset_addstrm_out(
851 				struct sctp_association *asoc,
852 				union sctp_params param,
853 				struct sctp_ulpevent **evp)
854 {
855 	struct sctp_strreset_addstrm *addstrm = param.v;
856 	struct sctp_stream *stream = &asoc->stream;
857 	__u32 result = SCTP_STRRESET_DENIED;
858 	__u32 request_seq, incnt;
859 	__u16 in, i;
860 
861 	request_seq = ntohl(addstrm->request_seq);
862 	if (TSN_lt(asoc->strreset_inseq, request_seq) ||
863 	    TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
864 		result = SCTP_STRRESET_ERR_BAD_SEQNO;
865 		goto err;
866 	} else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
867 		i = asoc->strreset_inseq - request_seq - 1;
868 		result = asoc->strreset_result[i];
869 		goto err;
870 	}
871 	asoc->strreset_inseq++;
872 
873 	if (!(asoc->strreset_enable & SCTP_ENABLE_CHANGE_ASSOC_REQ))
874 		goto out;
875 
876 	if (asoc->strreset_chunk) {
877 		if (!sctp_chunk_lookup_strreset_param(
878 			asoc, 0, SCTP_PARAM_RESET_ADD_IN_STREAMS)) {
879 			/* same process with outstanding isn't 0 */
880 			result = SCTP_STRRESET_ERR_IN_PROGRESS;
881 			goto out;
882 		}
883 
884 		asoc->strreset_outstanding--;
885 		asoc->strreset_outseq++;
886 
887 		if (!asoc->strreset_outstanding) {
888 			struct sctp_transport *t;
889 
890 			t = asoc->strreset_chunk->transport;
891 			if (del_timer(&t->reconf_timer))
892 				sctp_transport_put(t);
893 
894 			sctp_chunk_put(asoc->strreset_chunk);
895 			asoc->strreset_chunk = NULL;
896 		}
897 	}
898 
899 	in = ntohs(addstrm->number_of_streams);
900 	incnt = stream->incnt + in;
901 	if (!in || incnt > SCTP_MAX_STREAM)
902 		goto out;
903 
904 	if (sctp_stream_alloc_in(stream, incnt, GFP_ATOMIC))
905 		goto out;
906 
907 	stream->incnt = incnt;
908 
909 	result = SCTP_STRRESET_PERFORMED;
910 
911 	*evp = sctp_ulpevent_make_stream_change_event(asoc,
912 		0, ntohs(addstrm->number_of_streams), 0, GFP_ATOMIC);
913 
914 out:
915 	sctp_update_strreset_result(asoc, result);
916 err:
917 	return sctp_make_strreset_resp(asoc, result, request_seq);
918 }
919 
920 struct sctp_chunk *sctp_process_strreset_addstrm_in(
921 				struct sctp_association *asoc,
922 				union sctp_params param,
923 				struct sctp_ulpevent **evp)
924 {
925 	struct sctp_strreset_addstrm *addstrm = param.v;
926 	struct sctp_stream *stream = &asoc->stream;
927 	__u32 result = SCTP_STRRESET_DENIED;
928 	struct sctp_chunk *chunk = NULL;
929 	__u32 request_seq, outcnt;
930 	__u16 out, i;
931 	int ret;
932 
933 	request_seq = ntohl(addstrm->request_seq);
934 	if (TSN_lt(asoc->strreset_inseq, request_seq) ||
935 	    TSN_lt(request_seq, asoc->strreset_inseq - 2)) {
936 		result = SCTP_STRRESET_ERR_BAD_SEQNO;
937 		goto err;
938 	} else if (TSN_lt(request_seq, asoc->strreset_inseq)) {
939 		i = asoc->strreset_inseq - request_seq - 1;
940 		result = asoc->strreset_result[i];
941 		if (result == SCTP_STRRESET_PERFORMED)
942 			return NULL;
943 		goto err;
944 	}
945 	asoc->strreset_inseq++;
946 
947 	if (!(asoc->strreset_enable & SCTP_ENABLE_CHANGE_ASSOC_REQ))
948 		goto out;
949 
950 	if (asoc->strreset_outstanding) {
951 		result = SCTP_STRRESET_ERR_IN_PROGRESS;
952 		goto out;
953 	}
954 
955 	out = ntohs(addstrm->number_of_streams);
956 	outcnt = stream->outcnt + out;
957 	if (!out || outcnt > SCTP_MAX_STREAM)
958 		goto out;
959 
960 	ret = sctp_stream_alloc_out(stream, outcnt, GFP_ATOMIC);
961 	if (ret)
962 		goto out;
963 
964 	chunk = sctp_make_strreset_addstrm(asoc, out, 0);
965 	if (!chunk)
966 		goto out;
967 
968 	asoc->strreset_chunk = chunk;
969 	asoc->strreset_outstanding = 1;
970 	sctp_chunk_hold(asoc->strreset_chunk);
971 
972 	stream->outcnt = outcnt;
973 
974 	result = SCTP_STRRESET_PERFORMED;
975 
976 	*evp = sctp_ulpevent_make_stream_change_event(asoc,
977 		0, 0, ntohs(addstrm->number_of_streams), GFP_ATOMIC);
978 
979 out:
980 	sctp_update_strreset_result(asoc, result);
981 err:
982 	if (!chunk)
983 		chunk = sctp_make_strreset_resp(asoc, result, request_seq);
984 
985 	return chunk;
986 }
987 
988 struct sctp_chunk *sctp_process_strreset_resp(
989 				struct sctp_association *asoc,
990 				union sctp_params param,
991 				struct sctp_ulpevent **evp)
992 {
993 	struct sctp_stream *stream = &asoc->stream;
994 	struct sctp_strreset_resp *resp = param.v;
995 	struct sctp_transport *t;
996 	__u16 i, nums, flags = 0;
997 	struct sctp_paramhdr *req;
998 	__u32 result;
999 
1000 	req = sctp_chunk_lookup_strreset_param(asoc, resp->response_seq, 0);
1001 	if (!req)
1002 		return NULL;
1003 
1004 	result = ntohl(resp->result);
1005 	if (result != SCTP_STRRESET_PERFORMED) {
1006 		/* if in progress, do nothing but retransmit */
1007 		if (result == SCTP_STRRESET_IN_PROGRESS)
1008 			return NULL;
1009 		else if (result == SCTP_STRRESET_DENIED)
1010 			flags = SCTP_STREAM_RESET_DENIED;
1011 		else
1012 			flags = SCTP_STREAM_RESET_FAILED;
1013 	}
1014 
1015 	if (req->type == SCTP_PARAM_RESET_OUT_REQUEST) {
1016 		struct sctp_strreset_outreq *outreq;
1017 		__be16 *str_p;
1018 
1019 		outreq = (struct sctp_strreset_outreq *)req;
1020 		str_p = outreq->list_of_streams;
1021 		nums = (ntohs(outreq->param_hdr.length) - sizeof(*outreq)) /
1022 		       sizeof(__u16);
1023 
1024 		if (result == SCTP_STRRESET_PERFORMED) {
1025 			struct sctp_stream_out *sout;
1026 			if (nums) {
1027 				for (i = 0; i < nums; i++) {
1028 					sout = SCTP_SO(stream, ntohs(str_p[i]));
1029 					sout->mid = 0;
1030 					sout->mid_uo = 0;
1031 				}
1032 			} else {
1033 				for (i = 0; i < stream->outcnt; i++) {
1034 					sout = SCTP_SO(stream, i);
1035 					sout->mid = 0;
1036 					sout->mid_uo = 0;
1037 				}
1038 			}
1039 
1040 			flags = SCTP_STREAM_RESET_OUTGOING_SSN;
1041 		}
1042 
1043 		for (i = 0; i < stream->outcnt; i++)
1044 			SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
1045 
1046 		*evp = sctp_ulpevent_make_stream_reset_event(asoc, flags,
1047 			nums, str_p, GFP_ATOMIC);
1048 	} else if (req->type == SCTP_PARAM_RESET_IN_REQUEST) {
1049 		struct sctp_strreset_inreq *inreq;
1050 		__be16 *str_p;
1051 
1052 		/* if the result is performed, it's impossible for inreq */
1053 		if (result == SCTP_STRRESET_PERFORMED)
1054 			return NULL;
1055 
1056 		inreq = (struct sctp_strreset_inreq *)req;
1057 		str_p = inreq->list_of_streams;
1058 		nums = (ntohs(inreq->param_hdr.length) - sizeof(*inreq)) /
1059 		       sizeof(__u16);
1060 
1061 		*evp = sctp_ulpevent_make_stream_reset_event(asoc, flags,
1062 			nums, str_p, GFP_ATOMIC);
1063 	} else if (req->type == SCTP_PARAM_RESET_TSN_REQUEST) {
1064 		struct sctp_strreset_resptsn *resptsn;
1065 		__u32 stsn, rtsn;
1066 
1067 		/* check for resptsn, as sctp_verify_reconf didn't do it*/
1068 		if (ntohs(param.p->length) != sizeof(*resptsn))
1069 			return NULL;
1070 
1071 		resptsn = (struct sctp_strreset_resptsn *)resp;
1072 		stsn = ntohl(resptsn->senders_next_tsn);
1073 		rtsn = ntohl(resptsn->receivers_next_tsn);
1074 
1075 		if (result == SCTP_STRRESET_PERFORMED) {
1076 			__u32 mtsn = sctp_tsnmap_get_max_tsn_seen(
1077 						&asoc->peer.tsn_map);
1078 			LIST_HEAD(temp);
1079 
1080 			asoc->stream.si->report_ftsn(&asoc->ulpq, mtsn);
1081 
1082 			sctp_tsnmap_init(&asoc->peer.tsn_map,
1083 					 SCTP_TSN_MAP_INITIAL,
1084 					 stsn, GFP_ATOMIC);
1085 
1086 			/* Clean up sacked and abandoned queues only. As the
1087 			 * out_chunk_list may not be empty, splice it to temp,
1088 			 * then get it back after sctp_outq_free is done.
1089 			 */
1090 			list_splice_init(&asoc->outqueue.out_chunk_list, &temp);
1091 			sctp_outq_free(&asoc->outqueue);
1092 			list_splice_init(&temp, &asoc->outqueue.out_chunk_list);
1093 
1094 			asoc->next_tsn = rtsn;
1095 			asoc->ctsn_ack_point = asoc->next_tsn - 1;
1096 			asoc->adv_peer_ack_point = asoc->ctsn_ack_point;
1097 
1098 			for (i = 0; i < stream->outcnt; i++) {
1099 				SCTP_SO(stream, i)->mid = 0;
1100 				SCTP_SO(stream, i)->mid_uo = 0;
1101 			}
1102 			for (i = 0; i < stream->incnt; i++)
1103 				SCTP_SI(stream, i)->mid = 0;
1104 		}
1105 
1106 		for (i = 0; i < stream->outcnt; i++)
1107 			SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
1108 
1109 		*evp = sctp_ulpevent_make_assoc_reset_event(asoc, flags,
1110 			stsn, rtsn, GFP_ATOMIC);
1111 	} else if (req->type == SCTP_PARAM_RESET_ADD_OUT_STREAMS) {
1112 		struct sctp_strreset_addstrm *addstrm;
1113 		__u16 number;
1114 
1115 		addstrm = (struct sctp_strreset_addstrm *)req;
1116 		nums = ntohs(addstrm->number_of_streams);
1117 		number = stream->outcnt - nums;
1118 
1119 		if (result == SCTP_STRRESET_PERFORMED)
1120 			for (i = number; i < stream->outcnt; i++)
1121 				SCTP_SO(stream, i)->state = SCTP_STREAM_OPEN;
1122 		else
1123 			stream->outcnt = number;
1124 
1125 		*evp = sctp_ulpevent_make_stream_change_event(asoc, flags,
1126 			0, nums, GFP_ATOMIC);
1127 	} else if (req->type == SCTP_PARAM_RESET_ADD_IN_STREAMS) {
1128 		struct sctp_strreset_addstrm *addstrm;
1129 
1130 		/* if the result is performed, it's impossible for addstrm in
1131 		 * request.
1132 		 */
1133 		if (result == SCTP_STRRESET_PERFORMED)
1134 			return NULL;
1135 
1136 		addstrm = (struct sctp_strreset_addstrm *)req;
1137 		nums = ntohs(addstrm->number_of_streams);
1138 
1139 		*evp = sctp_ulpevent_make_stream_change_event(asoc, flags,
1140 			nums, 0, GFP_ATOMIC);
1141 	}
1142 
1143 	asoc->strreset_outstanding--;
1144 	asoc->strreset_outseq++;
1145 
1146 	/* remove everything for this reconf request */
1147 	if (!asoc->strreset_outstanding) {
1148 		t = asoc->strreset_chunk->transport;
1149 		if (del_timer(&t->reconf_timer))
1150 			sctp_transport_put(t);
1151 
1152 		sctp_chunk_put(asoc->strreset_chunk);
1153 		asoc->strreset_chunk = NULL;
1154 	}
1155 
1156 	return NULL;
1157 }
1158