1/* SCTP kernel implementation 2 * (C) Copyright IBM Corp. 2001, 2004 3 * Copyright (c) 1999 Cisco, Inc. 4 * Copyright (c) 1999-2001 Motorola, Inc. 5 * 6 * This file is part of the SCTP kernel implementation 7 * 8 * These functions work with the state functions in sctp_sm_statefuns.c 9 * to implement that state operations. These functions implement the 10 * steps which require modifying existing data structures. 11 * 12 * This SCTP implementation is free software; 13 * you can redistribute it and/or modify it under the terms of 14 * the GNU General Public License as published by 15 * the Free Software Foundation; either version 2, or (at your option) 16 * any later version. 17 * 18 * This SCTP implementation is distributed in the hope that it 19 * will be useful, but WITHOUT ANY WARRANTY; without even the implied 20 * ************************ 21 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 22 * See the GNU General Public License for more details. 23 * 24 * You should have received a copy of the GNU General Public License 25 * along with GNU CC; see the file COPYING. If not, write to 26 * the Free Software Foundation, 59 Temple Place - Suite 330, 27 * Boston, MA 02111-1307, USA. 28 * 29 * Please send any bug reports or fixes you make to the 30 * email address(es): 31 * lksctp developers <lksctp-developers@lists.sourceforge.net> 32 * 33 * Or submit a bug report through the following website: 34 * http://www.sf.net/projects/lksctp 35 * 36 * Written or modified by: 37 * La Monte H.P. Yarroll <piggy@acm.org> 38 * Karl Knutson <karl@athena.chicago.il.us> 39 * Jon Grimm <jgrimm@austin.ibm.com> 40 * Hui Huang <hui.huang@nokia.com> 41 * Dajiang Zhang <dajiang.zhang@nokia.com> 42 * Daisy Chang <daisyc@us.ibm.com> 43 * Sridhar Samudrala <sri@us.ibm.com> 44 * Ardelle Fan <ardelle.fan@intel.com> 45 * 46 * Any bugs reported given to us we will try to fix... any fixes shared will 47 * be incorporated into the next SCTP release. 48 */ 49 50#include <linux/skbuff.h> 51#include <linux/types.h> 52#include <linux/socket.h> 53#include <linux/ip.h> 54#include <linux/gfp.h> 55#include <net/sock.h> 56#include <net/sctp/sctp.h> 57#include <net/sctp/sm.h> 58 59static int sctp_cmd_interpreter(sctp_event_t event_type, 60 sctp_subtype_t subtype, 61 sctp_state_t state, 62 struct sctp_endpoint *ep, 63 struct sctp_association *asoc, 64 void *event_arg, 65 sctp_disposition_t status, 66 sctp_cmd_seq_t *commands, 67 gfp_t gfp); 68static int sctp_side_effects(sctp_event_t event_type, sctp_subtype_t subtype, 69 sctp_state_t state, 70 struct sctp_endpoint *ep, 71 struct sctp_association *asoc, 72 void *event_arg, 73 sctp_disposition_t status, 74 sctp_cmd_seq_t *commands, 75 gfp_t gfp); 76 77/******************************************************************** 78 * Helper functions 79 ********************************************************************/ 80 81/* A helper function for delayed processing of INET ECN CE bit. */ 82static void sctp_do_ecn_ce_work(struct sctp_association *asoc, 83 __u32 lowest_tsn) 84{ 85 /* Save the TSN away for comparison when we receive CWR */ 86 87 asoc->last_ecne_tsn = lowest_tsn; 88 asoc->need_ecne = 1; 89} 90 91/* Helper function for delayed processing of SCTP ECNE chunk. */ 92/* RFC 2960 Appendix A 93 * 94 * RFC 2481 details a specific bit for a sender to send in 95 * the header of its next outbound TCP segment to indicate to 96 * its peer that it has reduced its congestion window. This 97 * is termed the CWR bit. For SCTP the same indication is made 98 * by including the CWR chunk. This chunk contains one data 99 * element, i.e. the TSN number that was sent in the ECNE chunk. 100 * This element represents the lowest TSN number in the datagram 101 * that was originally marked with the CE bit. 102 */ 103static struct sctp_chunk *sctp_do_ecn_ecne_work(struct sctp_association *asoc, 104 __u32 lowest_tsn, 105 struct sctp_chunk *chunk) 106{ 107 struct sctp_chunk *repl; 108 109 /* Our previously transmitted packet ran into some congestion 110 * so we should take action by reducing cwnd and ssthresh 111 * and then ACK our peer that we we've done so by 112 * sending a CWR. 113 */ 114 115 /* First, try to determine if we want to actually lower 116 * our cwnd variables. Only lower them if the ECNE looks more 117 * recent than the last response. 118 */ 119 if (TSN_lt(asoc->last_cwr_tsn, lowest_tsn)) { 120 struct sctp_transport *transport; 121 122 /* Find which transport's congestion variables 123 * need to be adjusted. 124 */ 125 transport = sctp_assoc_lookup_tsn(asoc, lowest_tsn); 126 127 /* Update the congestion variables. */ 128 if (transport) 129 sctp_transport_lower_cwnd(transport, 130 SCTP_LOWER_CWND_ECNE); 131 asoc->last_cwr_tsn = lowest_tsn; 132 } 133 134 /* Always try to quiet the other end. In case of lost CWR, 135 * resend last_cwr_tsn. 136 */ 137 repl = sctp_make_cwr(asoc, asoc->last_cwr_tsn, chunk); 138 139 /* If we run out of memory, it will look like a lost CWR. We'll 140 * get back in sync eventually. 141 */ 142 return repl; 143} 144 145/* Helper function to do delayed processing of ECN CWR chunk. */ 146static void sctp_do_ecn_cwr_work(struct sctp_association *asoc, 147 __u32 lowest_tsn) 148{ 149 /* Turn off ECNE getting auto-prepended to every outgoing 150 * packet 151 */ 152 asoc->need_ecne = 0; 153} 154 155/* Generate SACK if necessary. We call this at the end of a packet. */ 156static int sctp_gen_sack(struct sctp_association *asoc, int force, 157 sctp_cmd_seq_t *commands) 158{ 159 __u32 ctsn, max_tsn_seen; 160 struct sctp_chunk *sack; 161 struct sctp_transport *trans = asoc->peer.last_data_from; 162 int error = 0; 163 164 if (force || 165 (!trans && (asoc->param_flags & SPP_SACKDELAY_DISABLE)) || 166 (trans && (trans->param_flags & SPP_SACKDELAY_DISABLE))) 167 asoc->peer.sack_needed = 1; 168 169 ctsn = sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map); 170 max_tsn_seen = sctp_tsnmap_get_max_tsn_seen(&asoc->peer.tsn_map); 171 172 /* From 12.2 Parameters necessary per association (i.e. the TCB): 173 * 174 * Ack State : This flag indicates if the next received packet 175 * : is to be responded to with a SACK. ... 176 * : When DATA chunks are out of order, SACK's 177 * : are not delayed (see Section 6). 178 * 179 * [This is actually not mentioned in Section 6, but we 180 * implement it here anyway. --piggy] 181 */ 182 if (max_tsn_seen != ctsn) 183 asoc->peer.sack_needed = 1; 184 185 /* From 6.2 Acknowledgement on Reception of DATA Chunks: 186 * 187 * Section 4.2 of [RFC2581] SHOULD be followed. Specifically, 188 * an acknowledgement SHOULD be generated for at least every 189 * second packet (not every second DATA chunk) received, and 190 * SHOULD be generated within 200 ms of the arrival of any 191 * unacknowledged DATA chunk. ... 192 */ 193 if (!asoc->peer.sack_needed) { 194 asoc->peer.sack_cnt++; 195 196 /* Set the SACK delay timeout based on the 197 * SACK delay for the last transport 198 * data was received from, or the default 199 * for the association. 200 */ 201 if (trans) { 202 /* We will need a SACK for the next packet. */ 203 if (asoc->peer.sack_cnt >= trans->sackfreq - 1) 204 asoc->peer.sack_needed = 1; 205 206 asoc->timeouts[SCTP_EVENT_TIMEOUT_SACK] = 207 trans->sackdelay; 208 } else { 209 /* We will need a SACK for the next packet. */ 210 if (asoc->peer.sack_cnt >= asoc->sackfreq - 1) 211 asoc->peer.sack_needed = 1; 212 213 asoc->timeouts[SCTP_EVENT_TIMEOUT_SACK] = 214 asoc->sackdelay; 215 } 216 217 /* Restart the SACK timer. */ 218 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_RESTART, 219 SCTP_TO(SCTP_EVENT_TIMEOUT_SACK)); 220 } else { 221 asoc->a_rwnd = asoc->rwnd; 222 sack = sctp_make_sack(asoc); 223 if (!sack) 224 goto nomem; 225 226 asoc->peer.sack_needed = 0; 227 asoc->peer.sack_cnt = 0; 228 229 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, SCTP_CHUNK(sack)); 230 231 /* Stop the SACK timer. */ 232 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_STOP, 233 SCTP_TO(SCTP_EVENT_TIMEOUT_SACK)); 234 } 235 236 return error; 237nomem: 238 error = -ENOMEM; 239 return error; 240} 241 242/* When the T3-RTX timer expires, it calls this function to create the 243 * relevant state machine event. 244 */ 245void sctp_generate_t3_rtx_event(unsigned long peer) 246{ 247 int error; 248 struct sctp_transport *transport = (struct sctp_transport *) peer; 249 struct sctp_association *asoc = transport->asoc; 250 251 /* Check whether a task is in the sock. */ 252 253 sctp_bh_lock_sock(asoc->base.sk); 254 if (sock_owned_by_user(asoc->base.sk)) { 255 SCTP_DEBUG_PRINTK("%s:Sock is busy.\n", __func__); 256 257 /* Try again later. */ 258 if (!mod_timer(&transport->T3_rtx_timer, jiffies + (HZ/20))) 259 sctp_transport_hold(transport); 260 goto out_unlock; 261 } 262 263 /* Is this transport really dead and just waiting around for 264 * the timer to let go of the reference? 265 */ 266 if (transport->dead) 267 goto out_unlock; 268 269 /* Run through the state machine. */ 270 error = sctp_do_sm(SCTP_EVENT_T_TIMEOUT, 271 SCTP_ST_TIMEOUT(SCTP_EVENT_TIMEOUT_T3_RTX), 272 asoc->state, 273 asoc->ep, asoc, 274 transport, GFP_ATOMIC); 275 276 if (error) 277 asoc->base.sk->sk_err = -error; 278 279out_unlock: 280 sctp_bh_unlock_sock(asoc->base.sk); 281 sctp_transport_put(transport); 282} 283 284/* This is a sa interface for producing timeout events. It works 285 * for timeouts which use the association as their parameter. 286 */ 287static void sctp_generate_timeout_event(struct sctp_association *asoc, 288 sctp_event_timeout_t timeout_type) 289{ 290 int error = 0; 291 292 sctp_bh_lock_sock(asoc->base.sk); 293 if (sock_owned_by_user(asoc->base.sk)) { 294 SCTP_DEBUG_PRINTK("%s:Sock is busy: timer %d\n", 295 __func__, 296 timeout_type); 297 298 /* Try again later. */ 299 if (!mod_timer(&asoc->timers[timeout_type], jiffies + (HZ/20))) 300 sctp_association_hold(asoc); 301 goto out_unlock; 302 } 303 304 /* Is this association really dead and just waiting around for 305 * the timer to let go of the reference? 306 */ 307 if (asoc->base.dead) 308 goto out_unlock; 309 310 /* Run through the state machine. */ 311 error = sctp_do_sm(SCTP_EVENT_T_TIMEOUT, 312 SCTP_ST_TIMEOUT(timeout_type), 313 asoc->state, asoc->ep, asoc, 314 (void *)timeout_type, GFP_ATOMIC); 315 316 if (error) 317 asoc->base.sk->sk_err = -error; 318 319out_unlock: 320 sctp_bh_unlock_sock(asoc->base.sk); 321 sctp_association_put(asoc); 322} 323 324static void sctp_generate_t1_cookie_event(unsigned long data) 325{ 326 struct sctp_association *asoc = (struct sctp_association *) data; 327 sctp_generate_timeout_event(asoc, SCTP_EVENT_TIMEOUT_T1_COOKIE); 328} 329 330static void sctp_generate_t1_init_event(unsigned long data) 331{ 332 struct sctp_association *asoc = (struct sctp_association *) data; 333 sctp_generate_timeout_event(asoc, SCTP_EVENT_TIMEOUT_T1_INIT); 334} 335 336static void sctp_generate_t2_shutdown_event(unsigned long data) 337{ 338 struct sctp_association *asoc = (struct sctp_association *) data; 339 sctp_generate_timeout_event(asoc, SCTP_EVENT_TIMEOUT_T2_SHUTDOWN); 340} 341 342static void sctp_generate_t4_rto_event(unsigned long data) 343{ 344 struct sctp_association *asoc = (struct sctp_association *) data; 345 sctp_generate_timeout_event(asoc, SCTP_EVENT_TIMEOUT_T4_RTO); 346} 347 348static void sctp_generate_t5_shutdown_guard_event(unsigned long data) 349{ 350 struct sctp_association *asoc = (struct sctp_association *)data; 351 sctp_generate_timeout_event(asoc, 352 SCTP_EVENT_TIMEOUT_T5_SHUTDOWN_GUARD); 353 354} /* sctp_generate_t5_shutdown_guard_event() */ 355 356static void sctp_generate_autoclose_event(unsigned long data) 357{ 358 struct sctp_association *asoc = (struct sctp_association *) data; 359 sctp_generate_timeout_event(asoc, SCTP_EVENT_TIMEOUT_AUTOCLOSE); 360} 361 362/* Generate a heart beat event. If the sock is busy, reschedule. Make 363 * sure that the transport is still valid. 364 */ 365void sctp_generate_heartbeat_event(unsigned long data) 366{ 367 int error = 0; 368 struct sctp_transport *transport = (struct sctp_transport *) data; 369 struct sctp_association *asoc = transport->asoc; 370 371 sctp_bh_lock_sock(asoc->base.sk); 372 if (sock_owned_by_user(asoc->base.sk)) { 373 SCTP_DEBUG_PRINTK("%s:Sock is busy.\n", __func__); 374 375 /* Try again later. */ 376 if (!mod_timer(&transport->hb_timer, jiffies + (HZ/20))) 377 sctp_transport_hold(transport); 378 goto out_unlock; 379 } 380 381 /* Is this structure just waiting around for us to actually 382 * get destroyed? 383 */ 384 if (transport->dead) 385 goto out_unlock; 386 387 error = sctp_do_sm(SCTP_EVENT_T_TIMEOUT, 388 SCTP_ST_TIMEOUT(SCTP_EVENT_TIMEOUT_HEARTBEAT), 389 asoc->state, asoc->ep, asoc, 390 transport, GFP_ATOMIC); 391 392 if (error) 393 asoc->base.sk->sk_err = -error; 394 395out_unlock: 396 sctp_bh_unlock_sock(asoc->base.sk); 397 sctp_transport_put(transport); 398} 399 400/* Handle the timeout of the ICMP protocol unreachable timer. Trigger 401 * the correct state machine transition that will close the association. 402 */ 403void sctp_generate_proto_unreach_event(unsigned long data) 404{ 405 struct sctp_transport *transport = (struct sctp_transport *) data; 406 struct sctp_association *asoc = transport->asoc; 407 408 sctp_bh_lock_sock(asoc->base.sk); 409 if (sock_owned_by_user(asoc->base.sk)) { 410 SCTP_DEBUG_PRINTK("%s:Sock is busy.\n", __func__); 411 412 /* Try again later. */ 413 if (!mod_timer(&transport->proto_unreach_timer, 414 jiffies + (HZ/20))) 415 sctp_association_hold(asoc); 416 goto out_unlock; 417 } 418 419 /* Is this structure just waiting around for us to actually 420 * get destroyed? 421 */ 422 if (asoc->base.dead) 423 goto out_unlock; 424 425 sctp_do_sm(SCTP_EVENT_T_OTHER, 426 SCTP_ST_OTHER(SCTP_EVENT_ICMP_PROTO_UNREACH), 427 asoc->state, asoc->ep, asoc, transport, GFP_ATOMIC); 428 429out_unlock: 430 sctp_bh_unlock_sock(asoc->base.sk); 431 sctp_association_put(asoc); 432} 433 434 435/* Inject a SACK Timeout event into the state machine. */ 436static void sctp_generate_sack_event(unsigned long data) 437{ 438 struct sctp_association *asoc = (struct sctp_association *) data; 439 sctp_generate_timeout_event(asoc, SCTP_EVENT_TIMEOUT_SACK); 440} 441 442sctp_timer_event_t *sctp_timer_events[SCTP_NUM_TIMEOUT_TYPES] = { 443 NULL, 444 sctp_generate_t1_cookie_event, 445 sctp_generate_t1_init_event, 446 sctp_generate_t2_shutdown_event, 447 NULL, 448 sctp_generate_t4_rto_event, 449 sctp_generate_t5_shutdown_guard_event, 450 NULL, 451 sctp_generate_sack_event, 452 sctp_generate_autoclose_event, 453}; 454 455 456/* RFC 2960 8.2 Path Failure Detection 457 * 458 * When its peer endpoint is multi-homed, an endpoint should keep a 459 * error counter for each of the destination transport addresses of the 460 * peer endpoint. 461 * 462 * Each time the T3-rtx timer expires on any address, or when a 463 * HEARTBEAT sent to an idle address is not acknowledged within a RTO, 464 * the error counter of that destination address will be incremented. 465 * When the value in the error counter exceeds the protocol parameter 466 * 'Path.Max.Retrans' of that destination address, the endpoint should 467 * mark the destination transport address as inactive, and a 468 * notification SHOULD be sent to the upper layer. 469 * 470 */ 471static void sctp_do_8_2_transport_strike(struct sctp_association *asoc, 472 struct sctp_transport *transport, 473 int is_hb) 474{ 475 /* The check for association's overall error counter exceeding the 476 * threshold is done in the state function. 477 */ 478 /* We are here due to a timer expiration. If the timer was 479 * not a HEARTBEAT, then normal error tracking is done. 480 * If the timer was a heartbeat, we only increment error counts 481 * when we already have an outstanding HEARTBEAT that has not 482 * been acknowledged. 483 * Additionaly, some tranport states inhibit error increments. 484 */ 485 if (!is_hb) { 486 asoc->overall_error_count++; 487 if (transport->state != SCTP_INACTIVE) 488 transport->error_count++; 489 } else if (transport->hb_sent) { 490 if (transport->state != SCTP_UNCONFIRMED) 491 asoc->overall_error_count++; 492 if (transport->state != SCTP_INACTIVE) 493 transport->error_count++; 494 } 495 496 if (transport->state != SCTP_INACTIVE && 497 (transport->error_count > transport->pathmaxrxt)) { 498 SCTP_DEBUG_PRINTK_IPADDR("transport_strike:association %p", 499 " transport IP: port:%d failed.\n", 500 asoc, 501 (&transport->ipaddr), 502 ntohs(transport->ipaddr.v4.sin_port)); 503 sctp_assoc_control_transport(asoc, transport, 504 SCTP_TRANSPORT_DOWN, 505 SCTP_FAILED_THRESHOLD); 506 } 507 508 /* E2) For the destination address for which the timer 509 * expires, set RTO <- RTO * 2 ("back off the timer"). The 510 * maximum value discussed in rule C7 above (RTO.max) may be 511 * used to provide an upper bound to this doubling operation. 512 * 513 * Special Case: the first HB doesn't trigger exponential backoff. 514 * The first unacknowledged HB triggers it. We do this with a flag 515 * that indicates that we have an outstanding HB. 516 */ 517 if (!is_hb || transport->hb_sent) { 518 transport->rto = min((transport->rto * 2), transport->asoc->rto_max); 519 } 520} 521 522/* Worker routine to handle INIT command failure. */ 523static void sctp_cmd_init_failed(sctp_cmd_seq_t *commands, 524 struct sctp_association *asoc, 525 unsigned error) 526{ 527 struct sctp_ulpevent *event; 528 529 event = sctp_ulpevent_make_assoc_change(asoc,0, SCTP_CANT_STR_ASSOC, 530 (__u16)error, 0, 0, NULL, 531 GFP_ATOMIC); 532 533 if (event) 534 sctp_add_cmd_sf(commands, SCTP_CMD_EVENT_ULP, 535 SCTP_ULPEVENT(event)); 536 537 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE, 538 SCTP_STATE(SCTP_STATE_CLOSED)); 539 540 /* SEND_FAILED sent later when cleaning up the association. */ 541 asoc->outqueue.error = error; 542 sctp_add_cmd_sf(commands, SCTP_CMD_DELETE_TCB, SCTP_NULL()); 543} 544 545/* Worker routine to handle SCTP_CMD_ASSOC_FAILED. */ 546static void sctp_cmd_assoc_failed(sctp_cmd_seq_t *commands, 547 struct sctp_association *asoc, 548 sctp_event_t event_type, 549 sctp_subtype_t subtype, 550 struct sctp_chunk *chunk, 551 unsigned error) 552{ 553 struct sctp_ulpevent *event; 554 555 /* Cancel any partial delivery in progress. */ 556 sctp_ulpq_abort_pd(&asoc->ulpq, GFP_ATOMIC); 557 558 if (event_type == SCTP_EVENT_T_CHUNK && subtype.chunk == SCTP_CID_ABORT) 559 event = sctp_ulpevent_make_assoc_change(asoc, 0, SCTP_COMM_LOST, 560 (__u16)error, 0, 0, chunk, 561 GFP_ATOMIC); 562 else 563 event = sctp_ulpevent_make_assoc_change(asoc, 0, SCTP_COMM_LOST, 564 (__u16)error, 0, 0, NULL, 565 GFP_ATOMIC); 566 if (event) 567 sctp_add_cmd_sf(commands, SCTP_CMD_EVENT_ULP, 568 SCTP_ULPEVENT(event)); 569 570 sctp_add_cmd_sf(commands, SCTP_CMD_NEW_STATE, 571 SCTP_STATE(SCTP_STATE_CLOSED)); 572 573 /* SEND_FAILED sent later when cleaning up the association. */ 574 asoc->outqueue.error = error; 575 sctp_add_cmd_sf(commands, SCTP_CMD_DELETE_TCB, SCTP_NULL()); 576} 577 578/* Process an init chunk (may be real INIT/INIT-ACK or an embedded INIT 579 * inside the cookie. In reality, this is only used for INIT-ACK processing 580 * since all other cases use "temporary" associations and can do all 581 * their work in statefuns directly. 582 */ 583static int sctp_cmd_process_init(sctp_cmd_seq_t *commands, 584 struct sctp_association *asoc, 585 struct sctp_chunk *chunk, 586 sctp_init_chunk_t *peer_init, 587 gfp_t gfp) 588{ 589 int error; 590 591 /* We only process the init as a sideeffect in a single 592 * case. This is when we process the INIT-ACK. If we 593 * fail during INIT processing (due to malloc problems), 594 * just return the error and stop processing the stack. 595 */ 596 if (!sctp_process_init(asoc, chunk->chunk_hdr->type, 597 sctp_source(chunk), peer_init, gfp)) 598 error = -ENOMEM; 599 else 600 error = 0; 601 602 return error; 603} 604 605/* Helper function to break out starting up of heartbeat timers. */ 606static void sctp_cmd_hb_timers_start(sctp_cmd_seq_t *cmds, 607 struct sctp_association *asoc) 608{ 609 struct sctp_transport *t; 610 611 /* Start a heartbeat timer for each transport on the association. 612 * hold a reference on the transport to make sure none of 613 * the needed data structures go away. 614 */ 615 list_for_each_entry(t, &asoc->peer.transport_addr_list, transports) { 616 617 if (!mod_timer(&t->hb_timer, sctp_transport_timeout(t))) 618 sctp_transport_hold(t); 619 } 620} 621 622static void sctp_cmd_hb_timers_stop(sctp_cmd_seq_t *cmds, 623 struct sctp_association *asoc) 624{ 625 struct sctp_transport *t; 626 627 /* Stop all heartbeat timers. */ 628 629 list_for_each_entry(t, &asoc->peer.transport_addr_list, 630 transports) { 631 if (del_timer(&t->hb_timer)) 632 sctp_transport_put(t); 633 } 634} 635 636/* Helper function to stop any pending T3-RTX timers */ 637static void sctp_cmd_t3_rtx_timers_stop(sctp_cmd_seq_t *cmds, 638 struct sctp_association *asoc) 639{ 640 struct sctp_transport *t; 641 642 list_for_each_entry(t, &asoc->peer.transport_addr_list, 643 transports) { 644 if (timer_pending(&t->T3_rtx_timer) && 645 del_timer(&t->T3_rtx_timer)) { 646 sctp_transport_put(t); 647 } 648 } 649} 650 651 652/* Helper function to update the heartbeat timer. */ 653static void sctp_cmd_hb_timer_update(sctp_cmd_seq_t *cmds, 654 struct sctp_transport *t) 655{ 656 /* Update the heartbeat timer. */ 657 if (!mod_timer(&t->hb_timer, sctp_transport_timeout(t))) 658 sctp_transport_hold(t); 659} 660 661/* Helper function to handle the reception of an HEARTBEAT ACK. */ 662static void sctp_cmd_transport_on(sctp_cmd_seq_t *cmds, 663 struct sctp_association *asoc, 664 struct sctp_transport *t, 665 struct sctp_chunk *chunk) 666{ 667 sctp_sender_hb_info_t *hbinfo; 668 669 /* 8.3 Upon the receipt of the HEARTBEAT ACK, the sender of the 670 * HEARTBEAT should clear the error counter of the destination 671 * transport address to which the HEARTBEAT was sent. 672 * The association's overall error count is also cleared. 673 */ 674 t->error_count = 0; 675 t->asoc->overall_error_count = 0; 676 677 /* Clear the hb_sent flag to signal that we had a good 678 * acknowledgement. 679 */ 680 t->hb_sent = 0; 681 682 /* Mark the destination transport address as active if it is not so 683 * marked. 684 */ 685 if ((t->state == SCTP_INACTIVE) || (t->state == SCTP_UNCONFIRMED)) 686 sctp_assoc_control_transport(asoc, t, SCTP_TRANSPORT_UP, 687 SCTP_HEARTBEAT_SUCCESS); 688 689 /* The receiver of the HEARTBEAT ACK should also perform an 690 * RTT measurement for that destination transport address 691 * using the time value carried in the HEARTBEAT ACK chunk. 692 * If the transport's rto_pending variable has been cleared, 693 * it was most likely due to a retransmit. However, we want 694 * to re-enable it to properly update the rto. 695 */ 696 if (t->rto_pending == 0) 697 t->rto_pending = 1; 698 699 hbinfo = (sctp_sender_hb_info_t *) chunk->skb->data; 700 sctp_transport_update_rto(t, (jiffies - hbinfo->sent_at)); 701 702 /* Update the heartbeat timer. */ 703 if (!mod_timer(&t->hb_timer, sctp_transport_timeout(t))) 704 sctp_transport_hold(t); 705} 706 707 708/* Helper function to process the process SACK command. */ 709static int sctp_cmd_process_sack(sctp_cmd_seq_t *cmds, 710 struct sctp_association *asoc, 711 struct sctp_sackhdr *sackh) 712{ 713 int err = 0; 714 715 if (sctp_outq_sack(&asoc->outqueue, sackh)) { 716 /* There are no more TSNs awaiting SACK. */ 717 err = sctp_do_sm(SCTP_EVENT_T_OTHER, 718 SCTP_ST_OTHER(SCTP_EVENT_NO_PENDING_TSN), 719 asoc->state, asoc->ep, asoc, NULL, 720 GFP_ATOMIC); 721 } 722 723 return err; 724} 725 726/* Helper function to set the timeout value for T2-SHUTDOWN timer and to set 727 * the transport for a shutdown chunk. 728 */ 729static void sctp_cmd_setup_t2(sctp_cmd_seq_t *cmds, 730 struct sctp_association *asoc, 731 struct sctp_chunk *chunk) 732{ 733 struct sctp_transport *t; 734 735 if (chunk->transport) 736 t = chunk->transport; 737 else { 738 t = sctp_assoc_choose_alter_transport(asoc, 739 asoc->shutdown_last_sent_to); 740 chunk->transport = t; 741 } 742 asoc->shutdown_last_sent_to = t; 743 asoc->timeouts[SCTP_EVENT_TIMEOUT_T2_SHUTDOWN] = t->rto; 744} 745 746/* Helper function to change the state of an association. */ 747static void sctp_cmd_new_state(sctp_cmd_seq_t *cmds, 748 struct sctp_association *asoc, 749 sctp_state_t state) 750{ 751 struct sock *sk = asoc->base.sk; 752 753 asoc->state = state; 754 755 SCTP_DEBUG_PRINTK("sctp_cmd_new_state: asoc %p[%s]\n", 756 asoc, sctp_state_tbl[state]); 757 758 if (sctp_style(sk, TCP)) { 759 /* Change the sk->sk_state of a TCP-style socket that has 760 * successfully completed a connect() call. 761 */ 762 if (sctp_state(asoc, ESTABLISHED) && sctp_sstate(sk, CLOSED)) 763 sk->sk_state = SCTP_SS_ESTABLISHED; 764 765 /* Set the RCV_SHUTDOWN flag when a SHUTDOWN is received. */ 766 if (sctp_state(asoc, SHUTDOWN_RECEIVED) && 767 sctp_sstate(sk, ESTABLISHED)) 768 sk->sk_shutdown |= RCV_SHUTDOWN; 769 } 770 771 if (sctp_state(asoc, COOKIE_WAIT)) { 772 /* Reset init timeouts since they may have been 773 * increased due to timer expirations. 774 */ 775 asoc->timeouts[SCTP_EVENT_TIMEOUT_T1_INIT] = 776 asoc->rto_initial; 777 asoc->timeouts[SCTP_EVENT_TIMEOUT_T1_COOKIE] = 778 asoc->rto_initial; 779 } 780 781 if (sctp_state(asoc, ESTABLISHED) || 782 sctp_state(asoc, CLOSED) || 783 sctp_state(asoc, SHUTDOWN_RECEIVED)) { 784 /* Wake up any processes waiting in the asoc's wait queue in 785 * sctp_wait_for_connect() or sctp_wait_for_sndbuf(). 786 */ 787 if (waitqueue_active(&asoc->wait)) 788 wake_up_interruptible(&asoc->wait); 789 790 /* Wake up any processes waiting in the sk's sleep queue of 791 * a TCP-style or UDP-style peeled-off socket in 792 * sctp_wait_for_accept() or sctp_wait_for_packet(). 793 * For a UDP-style socket, the waiters are woken up by the 794 * notifications. 795 */ 796 if (!sctp_style(sk, UDP)) 797 sk->sk_state_change(sk); 798 } 799} 800 801/* Helper function to delete an association. */ 802static void sctp_cmd_delete_tcb(sctp_cmd_seq_t *cmds, 803 struct sctp_association *asoc) 804{ 805 struct sock *sk = asoc->base.sk; 806 807 /* If it is a non-temporary association belonging to a TCP-style 808 * listening socket that is not closed, do not free it so that accept() 809 * can pick it up later. 810 */ 811 if (sctp_style(sk, TCP) && sctp_sstate(sk, LISTENING) && 812 (!asoc->temp) && (sk->sk_shutdown != SHUTDOWN_MASK)) 813 return; 814 815 sctp_unhash_established(asoc); 816 sctp_association_free(asoc); 817} 818 819/* 820 * ADDIP Section 4.1 ASCONF Chunk Procedures 821 * A4) Start a T-4 RTO timer, using the RTO value of the selected 822 * destination address (we use active path instead of primary path just 823 * because primary path may be inactive. 824 */ 825static void sctp_cmd_setup_t4(sctp_cmd_seq_t *cmds, 826 struct sctp_association *asoc, 827 struct sctp_chunk *chunk) 828{ 829 struct sctp_transport *t; 830 831 t = sctp_assoc_choose_alter_transport(asoc, chunk->transport); 832 asoc->timeouts[SCTP_EVENT_TIMEOUT_T4_RTO] = t->rto; 833 chunk->transport = t; 834} 835 836/* Process an incoming Operation Error Chunk. */ 837static void sctp_cmd_process_operr(sctp_cmd_seq_t *cmds, 838 struct sctp_association *asoc, 839 struct sctp_chunk *chunk) 840{ 841 struct sctp_errhdr *err_hdr; 842 struct sctp_ulpevent *ev; 843 844 while (chunk->chunk_end > chunk->skb->data) { 845 err_hdr = (struct sctp_errhdr *)(chunk->skb->data); 846 847 ev = sctp_ulpevent_make_remote_error(asoc, chunk, 0, 848 GFP_ATOMIC); 849 if (!ev) 850 return; 851 852 sctp_ulpq_tail_event(&asoc->ulpq, ev); 853 854 switch (err_hdr->cause) { 855 case SCTP_ERROR_UNKNOWN_CHUNK: 856 { 857 sctp_chunkhdr_t *unk_chunk_hdr; 858 859 unk_chunk_hdr = (sctp_chunkhdr_t *)err_hdr->variable; 860 switch (unk_chunk_hdr->type) { 861 /* ADDIP 4.1 A9) If the peer responds to an ASCONF with 862 * an ERROR chunk reporting that it did not recognized 863 * the ASCONF chunk type, the sender of the ASCONF MUST 864 * NOT send any further ASCONF chunks and MUST stop its 865 * T-4 timer. 866 */ 867 case SCTP_CID_ASCONF: 868 if (asoc->peer.asconf_capable == 0) 869 break; 870 871 asoc->peer.asconf_capable = 0; 872 sctp_add_cmd_sf(cmds, SCTP_CMD_TIMER_STOP, 873 SCTP_TO(SCTP_EVENT_TIMEOUT_T4_RTO)); 874 break; 875 default: 876 break; 877 } 878 break; 879 } 880 default: 881 break; 882 } 883 } 884} 885 886/* Process variable FWDTSN chunk information. */ 887static void sctp_cmd_process_fwdtsn(struct sctp_ulpq *ulpq, 888 struct sctp_chunk *chunk) 889{ 890 struct sctp_fwdtsn_skip *skip; 891 /* Walk through all the skipped SSNs */ 892 sctp_walk_fwdtsn(skip, chunk) { 893 sctp_ulpq_skip(ulpq, ntohs(skip->stream), ntohs(skip->ssn)); 894 } 895} 896 897/* Helper function to remove the association non-primary peer 898 * transports. 899 */ 900static void sctp_cmd_del_non_primary(struct sctp_association *asoc) 901{ 902 struct sctp_transport *t; 903 struct list_head *pos; 904 struct list_head *temp; 905 906 list_for_each_safe(pos, temp, &asoc->peer.transport_addr_list) { 907 t = list_entry(pos, struct sctp_transport, transports); 908 if (!sctp_cmp_addr_exact(&t->ipaddr, 909 &asoc->peer.primary_addr)) { 910 sctp_assoc_del_peer(asoc, &t->ipaddr); 911 } 912 } 913} 914 915/* Helper function to set sk_err on a 1-1 style socket. */ 916static void sctp_cmd_set_sk_err(struct sctp_association *asoc, int error) 917{ 918 struct sock *sk = asoc->base.sk; 919 920 if (!sctp_style(sk, UDP)) 921 sk->sk_err = error; 922} 923 924/* Helper function to generate an association change event */ 925static void sctp_cmd_assoc_change(sctp_cmd_seq_t *commands, 926 struct sctp_association *asoc, 927 u8 state) 928{ 929 struct sctp_ulpevent *ev; 930 931 ev = sctp_ulpevent_make_assoc_change(asoc, 0, state, 0, 932 asoc->c.sinit_num_ostreams, 933 asoc->c.sinit_max_instreams, 934 NULL, GFP_ATOMIC); 935 if (ev) 936 sctp_ulpq_tail_event(&asoc->ulpq, ev); 937} 938 939/* Helper function to generate an adaptation indication event */ 940static void sctp_cmd_adaptation_ind(sctp_cmd_seq_t *commands, 941 struct sctp_association *asoc) 942{ 943 struct sctp_ulpevent *ev; 944 945 ev = sctp_ulpevent_make_adaptation_indication(asoc, GFP_ATOMIC); 946 947 if (ev) 948 sctp_ulpq_tail_event(&asoc->ulpq, ev); 949} 950 951 952static void sctp_cmd_t1_timer_update(struct sctp_association *asoc, 953 sctp_event_timeout_t timer, 954 char *name) 955{ 956 struct sctp_transport *t; 957 958 t = asoc->init_last_sent_to; 959 asoc->init_err_counter++; 960 961 if (t->init_sent_count > (asoc->init_cycle + 1)) { 962 asoc->timeouts[timer] *= 2; 963 if (asoc->timeouts[timer] > asoc->max_init_timeo) { 964 asoc->timeouts[timer] = asoc->max_init_timeo; 965 } 966 asoc->init_cycle++; 967 SCTP_DEBUG_PRINTK( 968 "T1 %s Timeout adjustment" 969 " init_err_counter: %d" 970 " cycle: %d" 971 " timeout: %ld\n", 972 name, 973 asoc->init_err_counter, 974 asoc->init_cycle, 975 asoc->timeouts[timer]); 976 } 977 978} 979 980/* Send the whole message, chunk by chunk, to the outqueue. 981 * This way the whole message is queued up and bundling if 982 * encouraged for small fragments. 983 */ 984static int sctp_cmd_send_msg(struct sctp_association *asoc, 985 struct sctp_datamsg *msg) 986{ 987 struct sctp_chunk *chunk; 988 int error = 0; 989 990 list_for_each_entry(chunk, &msg->chunks, frag_list) { 991 error = sctp_outq_tail(&asoc->outqueue, chunk); 992 if (error) 993 break; 994 } 995 996 return error; 997} 998 999 1000/* Sent the next ASCONF packet currently stored in the association. 1001 * This happens after the ASCONF_ACK was succeffully processed. 1002 */ 1003static void sctp_cmd_send_asconf(struct sctp_association *asoc) 1004{ 1005 /* Send the next asconf chunk from the addip chunk 1006 * queue. 1007 */ 1008 if (!list_empty(&asoc->addip_chunk_list)) { 1009 struct list_head *entry = asoc->addip_chunk_list.next; 1010 struct sctp_chunk *asconf = list_entry(entry, 1011 struct sctp_chunk, list); 1012 list_del_init(entry); 1013 1014 /* Hold the chunk until an ASCONF_ACK is received. */ 1015 sctp_chunk_hold(asconf); 1016 if (sctp_primitive_ASCONF(asoc, asconf)) 1017 sctp_chunk_free(asconf); 1018 else 1019 asoc->addip_last_asconf = asconf; 1020 } 1021} 1022 1023 1024/* These three macros allow us to pull the debugging code out of the 1025 * main flow of sctp_do_sm() to keep attention focused on the real 1026 * functionality there. 1027 */ 1028#define DEBUG_PRE \ 1029 SCTP_DEBUG_PRINTK("sctp_do_sm prefn: " \ 1030 "ep %p, %s, %s, asoc %p[%s], %s\n", \ 1031 ep, sctp_evttype_tbl[event_type], \ 1032 (*debug_fn)(subtype), asoc, \ 1033 sctp_state_tbl[state], state_fn->name) 1034 1035#define DEBUG_POST \ 1036 SCTP_DEBUG_PRINTK("sctp_do_sm postfn: " \ 1037 "asoc %p, status: %s\n", \ 1038 asoc, sctp_status_tbl[status]) 1039 1040#define DEBUG_POST_SFX \ 1041 SCTP_DEBUG_PRINTK("sctp_do_sm post sfx: error %d, asoc %p[%s]\n", \ 1042 error, asoc, \ 1043 sctp_state_tbl[(asoc && sctp_id2assoc(ep->base.sk, \ 1044 sctp_assoc2id(asoc)))?asoc->state:SCTP_STATE_CLOSED]) 1045 1046/* 1047 * This is the master state machine processing function. 1048 * 1049 * If you want to understand all of lksctp, this is a 1050 * good place to start. 1051 */ 1052int sctp_do_sm(sctp_event_t event_type, sctp_subtype_t subtype, 1053 sctp_state_t state, 1054 struct sctp_endpoint *ep, 1055 struct sctp_association *asoc, 1056 void *event_arg, 1057 gfp_t gfp) 1058{ 1059 sctp_cmd_seq_t commands; 1060 const sctp_sm_table_entry_t *state_fn; 1061 sctp_disposition_t status; 1062 int error = 0; 1063 typedef const char *(printfn_t)(sctp_subtype_t); 1064 1065 static printfn_t *table[] = { 1066 NULL, sctp_cname, sctp_tname, sctp_oname, sctp_pname, 1067 }; 1068 printfn_t *debug_fn __attribute__ ((unused)) = table[event_type]; 1069 1070 /* Look up the state function, run it, and then process the 1071 * side effects. These three steps are the heart of lksctp. 1072 */ 1073 state_fn = sctp_sm_lookup_event(event_type, state, subtype); 1074 1075 sctp_init_cmd_seq(&commands); 1076 1077 DEBUG_PRE; 1078 status = (*state_fn->fn)(ep, asoc, subtype, event_arg, &commands); 1079 DEBUG_POST; 1080 1081 error = sctp_side_effects(event_type, subtype, state, 1082 ep, asoc, event_arg, status, 1083 &commands, gfp); 1084 DEBUG_POST_SFX; 1085 1086 return error; 1087} 1088 1089#undef DEBUG_PRE 1090#undef DEBUG_POST 1091 1092/***************************************************************** 1093 * This the master state function side effect processing function. 1094 *****************************************************************/ 1095static int sctp_side_effects(sctp_event_t event_type, sctp_subtype_t subtype, 1096 sctp_state_t state, 1097 struct sctp_endpoint *ep, 1098 struct sctp_association *asoc, 1099 void *event_arg, 1100 sctp_disposition_t status, 1101 sctp_cmd_seq_t *commands, 1102 gfp_t gfp) 1103{ 1104 int error; 1105 1106 if (0 != (error = sctp_cmd_interpreter(event_type, subtype, state, 1107 ep, asoc, 1108 event_arg, status, 1109 commands, gfp))) 1110 goto bail; 1111 1112 switch (status) { 1113 case SCTP_DISPOSITION_DISCARD: 1114 SCTP_DEBUG_PRINTK("Ignored sctp protocol event - state %d, " 1115 "event_type %d, event_id %d\n", 1116 state, event_type, subtype.chunk); 1117 break; 1118 1119 case SCTP_DISPOSITION_NOMEM: 1120 /* We ran out of memory, so we need to discard this 1121 * packet. 1122 */ 1123 /* BUG--we should now recover some memory, probably by 1124 * reneging... 1125 */ 1126 error = -ENOMEM; 1127 break; 1128 1129 case SCTP_DISPOSITION_DELETE_TCB: 1130 /* This should now be a command. */ 1131 break; 1132 1133 case SCTP_DISPOSITION_CONSUME: 1134 case SCTP_DISPOSITION_ABORT: 1135 /* 1136 * We should no longer have much work to do here as the 1137 * real work has been done as explicit commands above. 1138 */ 1139 break; 1140 1141 case SCTP_DISPOSITION_VIOLATION: 1142 if (net_ratelimit()) 1143 printk(KERN_ERR "sctp protocol violation state %d " 1144 "chunkid %d\n", state, subtype.chunk); 1145 break; 1146 1147 case SCTP_DISPOSITION_NOT_IMPL: 1148 printk(KERN_WARNING "sctp unimplemented feature in state %d, " 1149 "event_type %d, event_id %d\n", 1150 state, event_type, subtype.chunk); 1151 break; 1152 1153 case SCTP_DISPOSITION_BUG: 1154 printk(KERN_ERR "sctp bug in state %d, " 1155 "event_type %d, event_id %d\n", 1156 state, event_type, subtype.chunk); 1157 BUG(); 1158 break; 1159 1160 default: 1161 printk(KERN_ERR "sctp impossible disposition %d " 1162 "in state %d, event_type %d, event_id %d\n", 1163 status, state, event_type, subtype.chunk); 1164 BUG(); 1165 break; 1166 } 1167 1168bail: 1169 return error; 1170} 1171 1172/******************************************************************** 1173 * 2nd Level Abstractions 1174 ********************************************************************/ 1175 1176/* This is the side-effect interpreter. */ 1177static int sctp_cmd_interpreter(sctp_event_t event_type, 1178 sctp_subtype_t subtype, 1179 sctp_state_t state, 1180 struct sctp_endpoint *ep, 1181 struct sctp_association *asoc, 1182 void *event_arg, 1183 sctp_disposition_t status, 1184 sctp_cmd_seq_t *commands, 1185 gfp_t gfp) 1186{ 1187 int error = 0; 1188 int force; 1189 sctp_cmd_t *cmd; 1190 struct sctp_chunk *new_obj; 1191 struct sctp_chunk *chunk = NULL; 1192 struct sctp_packet *packet; 1193 struct timer_list *timer; 1194 unsigned long timeout; 1195 struct sctp_transport *t; 1196 struct sctp_sackhdr sackh; 1197 int local_cork = 0; 1198 1199 if (SCTP_EVENT_T_TIMEOUT != event_type) 1200 chunk = (struct sctp_chunk *) event_arg; 1201 1202 /* Note: This whole file is a huge candidate for rework. 1203 * For example, each command could either have its own handler, so 1204 * the loop would look like: 1205 * while (cmds) 1206 * cmd->handle(x, y, z) 1207 * --jgrimm 1208 */ 1209 while (NULL != (cmd = sctp_next_cmd(commands))) { 1210 switch (cmd->verb) { 1211 case SCTP_CMD_NOP: 1212 /* Do nothing. */ 1213 break; 1214 1215 case SCTP_CMD_NEW_ASOC: 1216 /* Register a new association. */ 1217 if (local_cork) { 1218 sctp_outq_uncork(&asoc->outqueue); 1219 local_cork = 0; 1220 } 1221 asoc = cmd->obj.ptr; 1222 /* Register with the endpoint. */ 1223 sctp_endpoint_add_asoc(ep, asoc); 1224 sctp_hash_established(asoc); 1225 break; 1226 1227 case SCTP_CMD_UPDATE_ASSOC: 1228 sctp_assoc_update(asoc, cmd->obj.ptr); 1229 break; 1230 1231 case SCTP_CMD_PURGE_OUTQUEUE: 1232 sctp_outq_teardown(&asoc->outqueue); 1233 break; 1234 1235 case SCTP_CMD_DELETE_TCB: 1236 if (local_cork) { 1237 sctp_outq_uncork(&asoc->outqueue); 1238 local_cork = 0; 1239 } 1240 /* Delete the current association. */ 1241 sctp_cmd_delete_tcb(commands, asoc); 1242 asoc = NULL; 1243 break; 1244 1245 case SCTP_CMD_NEW_STATE: 1246 /* Enter a new state. */ 1247 sctp_cmd_new_state(commands, asoc, cmd->obj.state); 1248 break; 1249 1250 case SCTP_CMD_REPORT_TSN: 1251 /* Record the arrival of a TSN. */ 1252 error = sctp_tsnmap_mark(&asoc->peer.tsn_map, 1253 cmd->obj.u32); 1254 break; 1255 1256 case SCTP_CMD_REPORT_FWDTSN: 1257 /* Move the Cumulattive TSN Ack ahead. */ 1258 sctp_tsnmap_skip(&asoc->peer.tsn_map, cmd->obj.u32); 1259 1260 /* purge the fragmentation queue */ 1261 sctp_ulpq_reasm_flushtsn(&asoc->ulpq, cmd->obj.u32); 1262 1263 /* Abort any in progress partial delivery. */ 1264 sctp_ulpq_abort_pd(&asoc->ulpq, GFP_ATOMIC); 1265 break; 1266 1267 case SCTP_CMD_PROCESS_FWDTSN: 1268 sctp_cmd_process_fwdtsn(&asoc->ulpq, cmd->obj.ptr); 1269 break; 1270 1271 case SCTP_CMD_GEN_SACK: 1272 /* Generate a Selective ACK. 1273 * The argument tells us whether to just count 1274 * the packet and MAYBE generate a SACK, or 1275 * force a SACK out. 1276 */ 1277 force = cmd->obj.i32; 1278 error = sctp_gen_sack(asoc, force, commands); 1279 break; 1280 1281 case SCTP_CMD_PROCESS_SACK: 1282 /* Process an inbound SACK. */ 1283 error = sctp_cmd_process_sack(commands, asoc, 1284 cmd->obj.ptr); 1285 break; 1286 1287 case SCTP_CMD_GEN_INIT_ACK: 1288 /* Generate an INIT ACK chunk. */ 1289 new_obj = sctp_make_init_ack(asoc, chunk, GFP_ATOMIC, 1290 0); 1291 if (!new_obj) 1292 goto nomem; 1293 1294 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, 1295 SCTP_CHUNK(new_obj)); 1296 break; 1297 1298 case SCTP_CMD_PEER_INIT: 1299 /* Process a unified INIT from the peer. 1300 * Note: Only used during INIT-ACK processing. If 1301 * there is an error just return to the outter 1302 * layer which will bail. 1303 */ 1304 error = sctp_cmd_process_init(commands, asoc, chunk, 1305 cmd->obj.ptr, gfp); 1306 break; 1307 1308 case SCTP_CMD_GEN_COOKIE_ECHO: 1309 /* Generate a COOKIE ECHO chunk. */ 1310 new_obj = sctp_make_cookie_echo(asoc, chunk); 1311 if (!new_obj) { 1312 if (cmd->obj.ptr) 1313 sctp_chunk_free(cmd->obj.ptr); 1314 goto nomem; 1315 } 1316 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, 1317 SCTP_CHUNK(new_obj)); 1318 1319 /* If there is an ERROR chunk to be sent along with 1320 * the COOKIE_ECHO, send it, too. 1321 */ 1322 if (cmd->obj.ptr) 1323 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, 1324 SCTP_CHUNK(cmd->obj.ptr)); 1325 1326 if (new_obj->transport) { 1327 new_obj->transport->init_sent_count++; 1328 asoc->init_last_sent_to = new_obj->transport; 1329 } 1330 1331 if ((asoc->peer.retran_path != 1332 asoc->peer.primary_path) && 1333 (asoc->init_err_counter > 0)) { 1334 sctp_add_cmd_sf(commands, 1335 SCTP_CMD_FORCE_PRIM_RETRAN, 1336 SCTP_NULL()); 1337 } 1338 1339 break; 1340 1341 case SCTP_CMD_GEN_SHUTDOWN: 1342 /* Generate SHUTDOWN when in SHUTDOWN_SENT state. 1343 * Reset error counts. 1344 */ 1345 asoc->overall_error_count = 0; 1346 1347 /* Generate a SHUTDOWN chunk. */ 1348 new_obj = sctp_make_shutdown(asoc, chunk); 1349 if (!new_obj) 1350 goto nomem; 1351 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, 1352 SCTP_CHUNK(new_obj)); 1353 break; 1354 1355 case SCTP_CMD_CHUNK_ULP: 1356 /* Send a chunk to the sockets layer. */ 1357 SCTP_DEBUG_PRINTK("sm_sideff: %s %p, %s %p.\n", 1358 "chunk_up:", cmd->obj.ptr, 1359 "ulpq:", &asoc->ulpq); 1360 sctp_ulpq_tail_data(&asoc->ulpq, cmd->obj.ptr, 1361 GFP_ATOMIC); 1362 break; 1363 1364 case SCTP_CMD_EVENT_ULP: 1365 /* Send a notification to the sockets layer. */ 1366 SCTP_DEBUG_PRINTK("sm_sideff: %s %p, %s %p.\n", 1367 "event_up:",cmd->obj.ptr, 1368 "ulpq:",&asoc->ulpq); 1369 sctp_ulpq_tail_event(&asoc->ulpq, cmd->obj.ptr); 1370 break; 1371 1372 case SCTP_CMD_REPLY: 1373 /* If an caller has not already corked, do cork. */ 1374 if (!asoc->outqueue.cork) { 1375 sctp_outq_cork(&asoc->outqueue); 1376 local_cork = 1; 1377 } 1378 /* Send a chunk to our peer. */ 1379 error = sctp_outq_tail(&asoc->outqueue, cmd->obj.ptr); 1380 break; 1381 1382 case SCTP_CMD_SEND_PKT: 1383 /* Send a full packet to our peer. */ 1384 packet = cmd->obj.ptr; 1385 sctp_packet_transmit(packet); 1386 sctp_ootb_pkt_free(packet); 1387 break; 1388 1389 case SCTP_CMD_T1_RETRAN: 1390 /* Mark a transport for retransmission. */ 1391 sctp_retransmit(&asoc->outqueue, cmd->obj.transport, 1392 SCTP_RTXR_T1_RTX); 1393 break; 1394 1395 case SCTP_CMD_RETRAN: 1396 /* Mark a transport for retransmission. */ 1397 sctp_retransmit(&asoc->outqueue, cmd->obj.transport, 1398 SCTP_RTXR_T3_RTX); 1399 break; 1400 1401 case SCTP_CMD_TRANSMIT: 1402 /* Kick start transmission. */ 1403 error = sctp_outq_uncork(&asoc->outqueue); 1404 local_cork = 0; 1405 break; 1406 1407 case SCTP_CMD_ECN_CE: 1408 /* Do delayed CE processing. */ 1409 sctp_do_ecn_ce_work(asoc, cmd->obj.u32); 1410 break; 1411 1412 case SCTP_CMD_ECN_ECNE: 1413 /* Do delayed ECNE processing. */ 1414 new_obj = sctp_do_ecn_ecne_work(asoc, cmd->obj.u32, 1415 chunk); 1416 if (new_obj) 1417 sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, 1418 SCTP_CHUNK(new_obj)); 1419 break; 1420 1421 case SCTP_CMD_ECN_CWR: 1422 /* Do delayed CWR processing. */ 1423 sctp_do_ecn_cwr_work(asoc, cmd->obj.u32); 1424 break; 1425 1426 case SCTP_CMD_SETUP_T2: 1427 sctp_cmd_setup_t2(commands, asoc, cmd->obj.ptr); 1428 break; 1429 1430 case SCTP_CMD_TIMER_START: 1431 timer = &asoc->timers[cmd->obj.to]; 1432 timeout = asoc->timeouts[cmd->obj.to]; 1433 BUG_ON(!timeout); 1434 1435 timer->expires = jiffies + timeout; 1436 sctp_association_hold(asoc); 1437 add_timer(timer); 1438 break; 1439 1440 case SCTP_CMD_TIMER_RESTART: 1441 timer = &asoc->timers[cmd->obj.to]; 1442 timeout = asoc->timeouts[cmd->obj.to]; 1443 if (!mod_timer(timer, jiffies + timeout)) 1444 sctp_association_hold(asoc); 1445 break; 1446 1447 case SCTP_CMD_TIMER_STOP: 1448 timer = &asoc->timers[cmd->obj.to]; 1449 if (timer_pending(timer) && del_timer(timer)) 1450 sctp_association_put(asoc); 1451 break; 1452 1453 case SCTP_CMD_INIT_CHOOSE_TRANSPORT: 1454 chunk = cmd->obj.ptr; 1455 t = sctp_assoc_choose_alter_transport(asoc, 1456 asoc->init_last_sent_to); 1457 asoc->init_last_sent_to = t; 1458 chunk->transport = t; 1459 t->init_sent_count++; 1460 /* Set the new transport as primary */ 1461 sctp_assoc_set_primary(asoc, t); 1462 break; 1463 1464 case SCTP_CMD_INIT_RESTART: 1465 /* Do the needed accounting and updates 1466 * associated with restarting an initialization 1467 * timer. Only multiply the timeout by two if 1468 * all transports have been tried at the current 1469 * timeout. 1470 */ 1471 sctp_cmd_t1_timer_update(asoc, 1472 SCTP_EVENT_TIMEOUT_T1_INIT, 1473 "INIT"); 1474 1475 sctp_add_cmd_sf(commands, SCTP_CMD_TIMER_RESTART, 1476 SCTP_TO(SCTP_EVENT_TIMEOUT_T1_INIT)); 1477 break; 1478 1479 case SCTP_CMD_COOKIEECHO_RESTART: 1480 /* Do the needed accounting and updates 1481 * associated with restarting an initialization 1482 * timer. Only multiply the timeout by two if 1483 * all transports have been tried at the current 1484 * timeout. 1485 */ 1486 sctp_cmd_t1_timer_update(asoc, 1487 SCTP_EVENT_TIMEOUT_T1_COOKIE, 1488 "COOKIE"); 1489 1490 /* If we've sent any data bundled with 1491 * COOKIE-ECHO we need to resend. 1492 */ 1493 list_for_each_entry(t, &asoc->peer.transport_addr_list, 1494 transports) { 1495 sctp_retransmit_mark(&asoc->outqueue, t, 1496 SCTP_RTXR_T1_RTX); 1497 } 1498 1499 sctp_add_cmd_sf(commands, 1500 SCTP_CMD_TIMER_RESTART, 1501 SCTP_TO(SCTP_EVENT_TIMEOUT_T1_COOKIE)); 1502 break; 1503 1504 case SCTP_CMD_INIT_FAILED: 1505 sctp_cmd_init_failed(commands, asoc, cmd->obj.err); 1506 break; 1507 1508 case SCTP_CMD_ASSOC_FAILED: 1509 sctp_cmd_assoc_failed(commands, asoc, event_type, 1510 subtype, chunk, cmd->obj.err); 1511 break; 1512 1513 case SCTP_CMD_INIT_COUNTER_INC: 1514 asoc->init_err_counter++; 1515 break; 1516 1517 case SCTP_CMD_INIT_COUNTER_RESET: 1518 asoc->init_err_counter = 0; 1519 asoc->init_cycle = 0; 1520 list_for_each_entry(t, &asoc->peer.transport_addr_list, 1521 transports) { 1522 t->init_sent_count = 0; 1523 } 1524 break; 1525 1526 case SCTP_CMD_REPORT_DUP: 1527 sctp_tsnmap_mark_dup(&asoc->peer.tsn_map, 1528 cmd->obj.u32); 1529 break; 1530 1531 case SCTP_CMD_REPORT_BAD_TAG: 1532 SCTP_DEBUG_PRINTK("vtag mismatch!\n"); 1533 break; 1534 1535 case SCTP_CMD_STRIKE: 1536 /* Mark one strike against a transport. */ 1537 sctp_do_8_2_transport_strike(asoc, cmd->obj.transport, 1538 0); 1539 break; 1540 1541 case SCTP_CMD_TRANSPORT_IDLE: 1542 t = cmd->obj.transport; 1543 sctp_transport_lower_cwnd(t, SCTP_LOWER_CWND_INACTIVE); 1544 break; 1545 1546 case SCTP_CMD_TRANSPORT_HB_SENT: 1547 t = cmd->obj.transport; 1548 sctp_do_8_2_transport_strike(asoc, t, 1); 1549 t->hb_sent = 1; 1550 break; 1551 1552 case SCTP_CMD_TRANSPORT_ON: 1553 t = cmd->obj.transport; 1554 sctp_cmd_transport_on(commands, asoc, t, chunk); 1555 break; 1556 1557 case SCTP_CMD_HB_TIMERS_START: 1558 sctp_cmd_hb_timers_start(commands, asoc); 1559 break; 1560 1561 case SCTP_CMD_HB_TIMER_UPDATE: 1562 t = cmd->obj.transport; 1563 sctp_cmd_hb_timer_update(commands, t); 1564 break; 1565 1566 case SCTP_CMD_HB_TIMERS_STOP: 1567 sctp_cmd_hb_timers_stop(commands, asoc); 1568 break; 1569 1570 case SCTP_CMD_REPORT_ERROR: 1571 error = cmd->obj.error; 1572 break; 1573 1574 case SCTP_CMD_PROCESS_CTSN: 1575 /* Dummy up a SACK for processing. */ 1576 sackh.cum_tsn_ack = cmd->obj.be32; 1577 sackh.a_rwnd = asoc->peer.rwnd + 1578 asoc->outqueue.outstanding_bytes; 1579 sackh.num_gap_ack_blocks = 0; 1580 sackh.num_dup_tsns = 0; 1581 sctp_add_cmd_sf(commands, SCTP_CMD_PROCESS_SACK, 1582 SCTP_SACKH(&sackh)); 1583 break; 1584 1585 case SCTP_CMD_DISCARD_PACKET: 1586 /* We need to discard the whole packet. 1587 * Uncork the queue since there might be 1588 * responses pending 1589 */ 1590 chunk->pdiscard = 1; 1591 if (asoc) { 1592 sctp_outq_uncork(&asoc->outqueue); 1593 local_cork = 0; 1594 } 1595 break; 1596 1597 case SCTP_CMD_RTO_PENDING: 1598 t = cmd->obj.transport; 1599 t->rto_pending = 1; 1600 break; 1601 1602 case SCTP_CMD_PART_DELIVER: 1603 sctp_ulpq_partial_delivery(&asoc->ulpq, cmd->obj.ptr, 1604 GFP_ATOMIC); 1605 break; 1606 1607 case SCTP_CMD_RENEGE: 1608 sctp_ulpq_renege(&asoc->ulpq, cmd->obj.ptr, 1609 GFP_ATOMIC); 1610 break; 1611 1612 case SCTP_CMD_SETUP_T4: 1613 sctp_cmd_setup_t4(commands, asoc, cmd->obj.ptr); 1614 break; 1615 1616 case SCTP_CMD_PROCESS_OPERR: 1617 sctp_cmd_process_operr(commands, asoc, chunk); 1618 break; 1619 case SCTP_CMD_CLEAR_INIT_TAG: 1620 asoc->peer.i.init_tag = 0; 1621 break; 1622 case SCTP_CMD_DEL_NON_PRIMARY: 1623 sctp_cmd_del_non_primary(asoc); 1624 break; 1625 case SCTP_CMD_T3_RTX_TIMERS_STOP: 1626 sctp_cmd_t3_rtx_timers_stop(commands, asoc); 1627 break; 1628 case SCTP_CMD_FORCE_PRIM_RETRAN: 1629 t = asoc->peer.retran_path; 1630 asoc->peer.retran_path = asoc->peer.primary_path; 1631 error = sctp_outq_uncork(&asoc->outqueue); 1632 local_cork = 0; 1633 asoc->peer.retran_path = t; 1634 break; 1635 case SCTP_CMD_SET_SK_ERR: 1636 sctp_cmd_set_sk_err(asoc, cmd->obj.error); 1637 break; 1638 case SCTP_CMD_ASSOC_CHANGE: 1639 sctp_cmd_assoc_change(commands, asoc, 1640 cmd->obj.u8); 1641 break; 1642 case SCTP_CMD_ADAPTATION_IND: 1643 sctp_cmd_adaptation_ind(commands, asoc); 1644 break; 1645 1646 case SCTP_CMD_ASSOC_SHKEY: 1647 error = sctp_auth_asoc_init_active_key(asoc, 1648 GFP_ATOMIC); 1649 break; 1650 case SCTP_CMD_UPDATE_INITTAG: 1651 asoc->peer.i.init_tag = cmd->obj.u32; 1652 break; 1653 case SCTP_CMD_SEND_MSG: 1654 if (!asoc->outqueue.cork) { 1655 sctp_outq_cork(&asoc->outqueue); 1656 local_cork = 1; 1657 } 1658 error = sctp_cmd_send_msg(asoc, cmd->obj.msg); 1659 break; 1660 case SCTP_CMD_SEND_NEXT_ASCONF: 1661 sctp_cmd_send_asconf(asoc); 1662 break; 1663 default: 1664 printk(KERN_WARNING "Impossible command: %u, %p\n", 1665 cmd->verb, cmd->obj.ptr); 1666 break; 1667 } 1668 1669 if (error) 1670 break; 1671 } 1672 1673out: 1674 /* If this is in response to a received chunk, wait until 1675 * we are done with the packet to open the queue so that we don't 1676 * send multiple packets in response to a single request. 1677 */ 1678 if (asoc && SCTP_EVENT_T_CHUNK == event_type && chunk) { 1679 if (chunk->end_of_packet || chunk->singleton) 1680 error = sctp_outq_uncork(&asoc->outqueue); 1681 } else if (local_cork) 1682 error = sctp_outq_uncork(&asoc->outqueue); 1683 return error; 1684nomem: 1685 error = -ENOMEM; 1686 goto out; 1687} 1688