/* SCTP kernel implementation1* (C) Copyright IBM Corp. 2001, 20042* Copyright (c) 1999-2000 Cisco, Inc.3* Copyright (c) 1999-2001 Motorola, Inc.4* Copyright (c) 2001-2003 Intel Corp.5* Copyright (c) 2001-2002 Nokia, Inc.6* Copyright (c) 2001 La Monte H.P. Yarroll7*8* This file is part of the SCTP kernel implementation9*10* These functions interface with the sockets layer to implement the11* SCTP Extensions for the Sockets API.12*13* Note that the descriptions from the specification are USER level14* functions--this file is the functions which populate the struct proto15* for SCTP which is the BOTTOM of the sockets interface.16*17* This SCTP implementation is free software;18* you can redistribute it and/or modify it under the terms of19* the GNU General Public License as published by20* the Free Software Foundation; either version 2, or (at your option)21* any later version.22*23* This SCTP implementation is distributed in the hope that it24* will be useful, but WITHOUT ANY WARRANTY; without even the implied25* ************************26* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.27* See the GNU General Public License for more details.28*29* You should have received a copy of the GNU General Public License30* along with GNU CC; see the file COPYING. If not, write to31* the Free Software Foundation, 59 Temple Place - Suite 330,32* Boston, MA 02111-1307, USA.33*34* Please send any bug reports or fixes you make to the35* email address(es):36* lksctp developers <[email protected]>37*38* Or submit a bug report through the following website:39* http://www.sf.net/projects/lksctp40*41* Written or modified by:42* La Monte H.P. Yarroll <[email protected]>43* Narasimha Budihal <[email protected]>44* Karl Knutson <[email protected]>45* Jon Grimm <[email protected]>46* Xingang Guo <[email protected]>47* Daisy Chang <[email protected]>48* Sridhar Samudrala <[email protected]>49* Inaky Perez-Gonzalez <[email protected]>50* Ardelle Fan <[email protected]>51* Ryan Layer <[email protected]>52* Anup Pemmaiah <[email protected]>53* Kevin Gao <[email protected]>54*55* Any bugs reported given to us we will try to fix... any fixes shared will56* be incorporated into the next SCTP release.57*/5859#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt6061#include <linux/types.h>62#include <linux/kernel.h>63#include <linux/wait.h>64#include <linux/time.h>65#include <linux/ip.h>66#include <linux/capability.h>67#include <linux/fcntl.h>68#include <linux/poll.h>69#include <linux/init.h>70#include <linux/crypto.h>71#include <linux/slab.h>7273#include <net/ip.h>74#include <net/icmp.h>75#include <net/route.h>76#include <net/ipv6.h>77#include <net/inet_common.h>7879#include <linux/socket.h> /* for sa_family_t */80#include <net/sock.h>81#include <net/sctp/sctp.h>82#include <net/sctp/sm.h>8384/* WARNING: Please do not remove the SCTP_STATIC attribute to85* any of the functions below as they are used to export functions86* used by a project regression testsuite.87*/8889/* Forward declarations for internal helper functions. */90static int sctp_writeable(struct sock *sk);91static void sctp_wfree(struct sk_buff *skb);92static int sctp_wait_for_sndbuf(struct sctp_association *, long *timeo_p,93size_t msg_len);94static int sctp_wait_for_packet(struct sock * sk, int *err, long *timeo_p);95static int sctp_wait_for_connect(struct sctp_association *, long *timeo_p);96static int sctp_wait_for_accept(struct sock *sk, long timeo);97static void sctp_wait_for_close(struct sock *sk, long timeo);98static struct sctp_af *sctp_sockaddr_af(struct sctp_sock *opt,99union sctp_addr *addr, int len);100static int sctp_bindx_add(struct sock *, struct sockaddr *, int);101static int sctp_bindx_rem(struct sock *, struct sockaddr *, int);102static int sctp_send_asconf_add_ip(struct sock *, struct sockaddr *, int);103static int sctp_send_asconf_del_ip(struct sock *, struct sockaddr *, int);104static int sctp_send_asconf(struct sctp_association *asoc,105struct sctp_chunk *chunk);106static int sctp_do_bind(struct sock *, union sctp_addr *, int);107static int sctp_autobind(struct sock *sk);108static void sctp_sock_migrate(struct sock *, struct sock *,109struct sctp_association *, sctp_socket_type_t);110static char *sctp_hmac_alg = SCTP_COOKIE_HMAC_ALG;111112extern struct kmem_cache *sctp_bucket_cachep;113extern long sysctl_sctp_mem[3];114extern int sysctl_sctp_rmem[3];115extern int sysctl_sctp_wmem[3];116117static int sctp_memory_pressure;118static atomic_long_t sctp_memory_allocated;119struct percpu_counter sctp_sockets_allocated;120121static void sctp_enter_memory_pressure(struct sock *sk)122{123sctp_memory_pressure = 1;124}125126127/* Get the sndbuf space available at the time on the association. */128static inline int sctp_wspace(struct sctp_association *asoc)129{130int amt;131132if (asoc->ep->sndbuf_policy)133amt = asoc->sndbuf_used;134else135amt = sk_wmem_alloc_get(asoc->base.sk);136137if (amt >= asoc->base.sk->sk_sndbuf) {138if (asoc->base.sk->sk_userlocks & SOCK_SNDBUF_LOCK)139amt = 0;140else {141amt = sk_stream_wspace(asoc->base.sk);142if (amt < 0)143amt = 0;144}145} else {146amt = asoc->base.sk->sk_sndbuf - amt;147}148return amt;149}150151/* Increment the used sndbuf space count of the corresponding association by152* the size of the outgoing data chunk.153* Also, set the skb destructor for sndbuf accounting later.154*155* Since it is always 1-1 between chunk and skb, and also a new skb is always156* allocated for chunk bundling in sctp_packet_transmit(), we can use the157* destructor in the data chunk skb for the purpose of the sndbuf space158* tracking.159*/160static inline void sctp_set_owner_w(struct sctp_chunk *chunk)161{162struct sctp_association *asoc = chunk->asoc;163struct sock *sk = asoc->base.sk;164165/* The sndbuf space is tracked per association. */166sctp_association_hold(asoc);167168skb_set_owner_w(chunk->skb, sk);169170chunk->skb->destructor = sctp_wfree;171/* Save the chunk pointer in skb for sctp_wfree to use later. */172*((struct sctp_chunk **)(chunk->skb->cb)) = chunk;173174asoc->sndbuf_used += SCTP_DATA_SNDSIZE(chunk) +175sizeof(struct sk_buff) +176sizeof(struct sctp_chunk);177178atomic_add(sizeof(struct sctp_chunk), &sk->sk_wmem_alloc);179sk->sk_wmem_queued += chunk->skb->truesize;180sk_mem_charge(sk, chunk->skb->truesize);181}182183/* Verify that this is a valid address. */184static inline int sctp_verify_addr(struct sock *sk, union sctp_addr *addr,185int len)186{187struct sctp_af *af;188189/* Verify basic sockaddr. */190af = sctp_sockaddr_af(sctp_sk(sk), addr, len);191if (!af)192return -EINVAL;193194/* Is this a valid SCTP address? */195if (!af->addr_valid(addr, sctp_sk(sk), NULL))196return -EINVAL;197198if (!sctp_sk(sk)->pf->send_verify(sctp_sk(sk), (addr)))199return -EINVAL;200201return 0;202}203204/* Look up the association by its id. If this is not a UDP-style205* socket, the ID field is always ignored.206*/207struct sctp_association *sctp_id2assoc(struct sock *sk, sctp_assoc_t id)208{209struct sctp_association *asoc = NULL;210211/* If this is not a UDP-style socket, assoc id should be ignored. */212if (!sctp_style(sk, UDP)) {213/* Return NULL if the socket state is not ESTABLISHED. It214* could be a TCP-style listening socket or a socket which215* hasn't yet called connect() to establish an association.216*/217if (!sctp_sstate(sk, ESTABLISHED))218return NULL;219220/* Get the first and the only association from the list. */221if (!list_empty(&sctp_sk(sk)->ep->asocs))222asoc = list_entry(sctp_sk(sk)->ep->asocs.next,223struct sctp_association, asocs);224return asoc;225}226227/* Otherwise this is a UDP-style socket. */228if (!id || (id == (sctp_assoc_t)-1))229return NULL;230231spin_lock_bh(&sctp_assocs_id_lock);232asoc = (struct sctp_association *)idr_find(&sctp_assocs_id, (int)id);233spin_unlock_bh(&sctp_assocs_id_lock);234235if (!asoc || (asoc->base.sk != sk) || asoc->base.dead)236return NULL;237238return asoc;239}240241/* Look up the transport from an address and an assoc id. If both address and242* id are specified, the associations matching the address and the id should be243* the same.244*/245static struct sctp_transport *sctp_addr_id2transport(struct sock *sk,246struct sockaddr_storage *addr,247sctp_assoc_t id)248{249struct sctp_association *addr_asoc = NULL, *id_asoc = NULL;250struct sctp_transport *transport;251union sctp_addr *laddr = (union sctp_addr *)addr;252253addr_asoc = sctp_endpoint_lookup_assoc(sctp_sk(sk)->ep,254laddr,255&transport);256257if (!addr_asoc)258return NULL;259260id_asoc = sctp_id2assoc(sk, id);261if (id_asoc && (id_asoc != addr_asoc))262return NULL;263264sctp_get_pf_specific(sk->sk_family)->addr_v4map(sctp_sk(sk),265(union sctp_addr *)addr);266267return transport;268}269270/* API 3.1.2 bind() - UDP Style Syntax271* The syntax of bind() is,272*273* ret = bind(int sd, struct sockaddr *addr, int addrlen);274*275* sd - the socket descriptor returned by socket().276* addr - the address structure (struct sockaddr_in or struct277* sockaddr_in6 [RFC 2553]),278* addr_len - the size of the address structure.279*/280SCTP_STATIC int sctp_bind(struct sock *sk, struct sockaddr *addr, int addr_len)281{282int retval = 0;283284sctp_lock_sock(sk);285286SCTP_DEBUG_PRINTK("sctp_bind(sk: %p, addr: %p, addr_len: %d)\n",287sk, addr, addr_len);288289/* Disallow binding twice. */290if (!sctp_sk(sk)->ep->base.bind_addr.port)291retval = sctp_do_bind(sk, (union sctp_addr *)addr,292addr_len);293else294retval = -EINVAL;295296sctp_release_sock(sk);297298return retval;299}300301static long sctp_get_port_local(struct sock *, union sctp_addr *);302303/* Verify this is a valid sockaddr. */304static struct sctp_af *sctp_sockaddr_af(struct sctp_sock *opt,305union sctp_addr *addr, int len)306{307struct sctp_af *af;308309/* Check minimum size. */310if (len < sizeof (struct sockaddr))311return NULL;312313/* V4 mapped address are really of AF_INET family */314if (addr->sa.sa_family == AF_INET6 &&315ipv6_addr_v4mapped(&addr->v6.sin6_addr)) {316if (!opt->pf->af_supported(AF_INET, opt))317return NULL;318} else {319/* Does this PF support this AF? */320if (!opt->pf->af_supported(addr->sa.sa_family, opt))321return NULL;322}323324/* If we get this far, af is valid. */325af = sctp_get_af_specific(addr->sa.sa_family);326327if (len < af->sockaddr_len)328return NULL;329330return af;331}332333/* Bind a local address either to an endpoint or to an association. */334SCTP_STATIC int sctp_do_bind(struct sock *sk, union sctp_addr *addr, int len)335{336struct sctp_sock *sp = sctp_sk(sk);337struct sctp_endpoint *ep = sp->ep;338struct sctp_bind_addr *bp = &ep->base.bind_addr;339struct sctp_af *af;340unsigned short snum;341int ret = 0;342343/* Common sockaddr verification. */344af = sctp_sockaddr_af(sp, addr, len);345if (!af) {346SCTP_DEBUG_PRINTK("sctp_do_bind(sk: %p, newaddr: %p, len: %d) EINVAL\n",347sk, addr, len);348return -EINVAL;349}350351snum = ntohs(addr->v4.sin_port);352353SCTP_DEBUG_PRINTK_IPADDR("sctp_do_bind(sk: %p, new addr: ",354", port: %d, new port: %d, len: %d)\n",355sk,356addr,357bp->port, snum,358len);359360/* PF specific bind() address verification. */361if (!sp->pf->bind_verify(sp, addr))362return -EADDRNOTAVAIL;363364/* We must either be unbound, or bind to the same port.365* It's OK to allow 0 ports if we are already bound.366* We'll just inhert an already bound port in this case367*/368if (bp->port) {369if (!snum)370snum = bp->port;371else if (snum != bp->port) {372SCTP_DEBUG_PRINTK("sctp_do_bind:"373" New port %d does not match existing port "374"%d.\n", snum, bp->port);375return -EINVAL;376}377}378379if (snum && snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))380return -EACCES;381382/* See if the address matches any of the addresses we may have383* already bound before checking against other endpoints.384*/385if (sctp_bind_addr_match(bp, addr, sp))386return -EINVAL;387388/* Make sure we are allowed to bind here.389* The function sctp_get_port_local() does duplicate address390* detection.391*/392addr->v4.sin_port = htons(snum);393if ((ret = sctp_get_port_local(sk, addr))) {394return -EADDRINUSE;395}396397/* Refresh ephemeral port. */398if (!bp->port)399bp->port = inet_sk(sk)->inet_num;400401/* Add the address to the bind address list.402* Use GFP_ATOMIC since BHs will be disabled.403*/404ret = sctp_add_bind_addr(bp, addr, SCTP_ADDR_SRC, GFP_ATOMIC);405406/* Copy back into socket for getsockname() use. */407if (!ret) {408inet_sk(sk)->inet_sport = htons(inet_sk(sk)->inet_num);409af->to_sk_saddr(addr, sk);410}411412return ret;413}414415/* ADDIP Section 4.1.1 Congestion Control of ASCONF Chunks416*417* R1) One and only one ASCONF Chunk MAY be in transit and unacknowledged418* at any one time. If a sender, after sending an ASCONF chunk, decides419* it needs to transfer another ASCONF Chunk, it MUST wait until the420* ASCONF-ACK Chunk returns from the previous ASCONF Chunk before sending a421* subsequent ASCONF. Note this restriction binds each side, so at any422* time two ASCONF may be in-transit on any given association (one sent423* from each endpoint).424*/425static int sctp_send_asconf(struct sctp_association *asoc,426struct sctp_chunk *chunk)427{428int retval = 0;429430/* If there is an outstanding ASCONF chunk, queue it for later431* transmission.432*/433if (asoc->addip_last_asconf) {434list_add_tail(&chunk->list, &asoc->addip_chunk_list);435goto out;436}437438/* Hold the chunk until an ASCONF_ACK is received. */439sctp_chunk_hold(chunk);440retval = sctp_primitive_ASCONF(asoc, chunk);441if (retval)442sctp_chunk_free(chunk);443else444asoc->addip_last_asconf = chunk;445446out:447return retval;448}449450/* Add a list of addresses as bind addresses to local endpoint or451* association.452*453* Basically run through each address specified in the addrs/addrcnt454* array/length pair, determine if it is IPv6 or IPv4 and call455* sctp_do_bind() on it.456*457* If any of them fails, then the operation will be reversed and the458* ones that were added will be removed.459*460* Only sctp_setsockopt_bindx() is supposed to call this function.461*/462static int sctp_bindx_add(struct sock *sk, struct sockaddr *addrs, int addrcnt)463{464int cnt;465int retval = 0;466void *addr_buf;467struct sockaddr *sa_addr;468struct sctp_af *af;469470SCTP_DEBUG_PRINTK("sctp_bindx_add (sk: %p, addrs: %p, addrcnt: %d)\n",471sk, addrs, addrcnt);472473addr_buf = addrs;474for (cnt = 0; cnt < addrcnt; cnt++) {475/* The list may contain either IPv4 or IPv6 address;476* determine the address length for walking thru the list.477*/478sa_addr = (struct sockaddr *)addr_buf;479af = sctp_get_af_specific(sa_addr->sa_family);480if (!af) {481retval = -EINVAL;482goto err_bindx_add;483}484485retval = sctp_do_bind(sk, (union sctp_addr *)sa_addr,486af->sockaddr_len);487488addr_buf += af->sockaddr_len;489490err_bindx_add:491if (retval < 0) {492/* Failed. Cleanup the ones that have been added */493if (cnt > 0)494sctp_bindx_rem(sk, addrs, cnt);495return retval;496}497}498499return retval;500}501502/* Send an ASCONF chunk with Add IP address parameters to all the peers of the503* associations that are part of the endpoint indicating that a list of local504* addresses are added to the endpoint.505*506* If any of the addresses is already in the bind address list of the507* association, we do not send the chunk for that association. But it will not508* affect other associations.509*510* Only sctp_setsockopt_bindx() is supposed to call this function.511*/512static int sctp_send_asconf_add_ip(struct sock *sk,513struct sockaddr *addrs,514int addrcnt)515{516struct sctp_sock *sp;517struct sctp_endpoint *ep;518struct sctp_association *asoc;519struct sctp_bind_addr *bp;520struct sctp_chunk *chunk;521struct sctp_sockaddr_entry *laddr;522union sctp_addr *addr;523union sctp_addr saveaddr;524void *addr_buf;525struct sctp_af *af;526struct list_head *p;527int i;528int retval = 0;529530if (!sctp_addip_enable)531return retval;532533sp = sctp_sk(sk);534ep = sp->ep;535536SCTP_DEBUG_PRINTK("%s: (sk: %p, addrs: %p, addrcnt: %d)\n",537__func__, sk, addrs, addrcnt);538539list_for_each_entry(asoc, &ep->asocs, asocs) {540541if (!asoc->peer.asconf_capable)542continue;543544if (asoc->peer.addip_disabled_mask & SCTP_PARAM_ADD_IP)545continue;546547if (!sctp_state(asoc, ESTABLISHED))548continue;549550/* Check if any address in the packed array of addresses is551* in the bind address list of the association. If so,552* do not send the asconf chunk to its peer, but continue with553* other associations.554*/555addr_buf = addrs;556for (i = 0; i < addrcnt; i++) {557addr = (union sctp_addr *)addr_buf;558af = sctp_get_af_specific(addr->v4.sin_family);559if (!af) {560retval = -EINVAL;561goto out;562}563564if (sctp_assoc_lookup_laddr(asoc, addr))565break;566567addr_buf += af->sockaddr_len;568}569if (i < addrcnt)570continue;571572/* Use the first valid address in bind addr list of573* association as Address Parameter of ASCONF CHUNK.574*/575bp = &asoc->base.bind_addr;576p = bp->address_list.next;577laddr = list_entry(p, struct sctp_sockaddr_entry, list);578chunk = sctp_make_asconf_update_ip(asoc, &laddr->a, addrs,579addrcnt, SCTP_PARAM_ADD_IP);580if (!chunk) {581retval = -ENOMEM;582goto out;583}584585retval = sctp_send_asconf(asoc, chunk);586if (retval)587goto out;588589/* Add the new addresses to the bind address list with590* use_as_src set to 0.591*/592addr_buf = addrs;593for (i = 0; i < addrcnt; i++) {594addr = (union sctp_addr *)addr_buf;595af = sctp_get_af_specific(addr->v4.sin_family);596memcpy(&saveaddr, addr, af->sockaddr_len);597retval = sctp_add_bind_addr(bp, &saveaddr,598SCTP_ADDR_NEW, GFP_ATOMIC);599addr_buf += af->sockaddr_len;600}601}602603out:604return retval;605}606607/* Remove a list of addresses from bind addresses list. Do not remove the608* last address.609*610* Basically run through each address specified in the addrs/addrcnt611* array/length pair, determine if it is IPv6 or IPv4 and call612* sctp_del_bind() on it.613*614* If any of them fails, then the operation will be reversed and the615* ones that were removed will be added back.616*617* At least one address has to be left; if only one address is618* available, the operation will return -EBUSY.619*620* Only sctp_setsockopt_bindx() is supposed to call this function.621*/622static int sctp_bindx_rem(struct sock *sk, struct sockaddr *addrs, int addrcnt)623{624struct sctp_sock *sp = sctp_sk(sk);625struct sctp_endpoint *ep = sp->ep;626int cnt;627struct sctp_bind_addr *bp = &ep->base.bind_addr;628int retval = 0;629void *addr_buf;630union sctp_addr *sa_addr;631struct sctp_af *af;632633SCTP_DEBUG_PRINTK("sctp_bindx_rem (sk: %p, addrs: %p, addrcnt: %d)\n",634sk, addrs, addrcnt);635636addr_buf = addrs;637for (cnt = 0; cnt < addrcnt; cnt++) {638/* If the bind address list is empty or if there is only one639* bind address, there is nothing more to be removed (we need640* at least one address here).641*/642if (list_empty(&bp->address_list) ||643(sctp_list_single_entry(&bp->address_list))) {644retval = -EBUSY;645goto err_bindx_rem;646}647648sa_addr = (union sctp_addr *)addr_buf;649af = sctp_get_af_specific(sa_addr->sa.sa_family);650if (!af) {651retval = -EINVAL;652goto err_bindx_rem;653}654655if (!af->addr_valid(sa_addr, sp, NULL)) {656retval = -EADDRNOTAVAIL;657goto err_bindx_rem;658}659660if (sa_addr->v4.sin_port &&661sa_addr->v4.sin_port != htons(bp->port)) {662retval = -EINVAL;663goto err_bindx_rem;664}665666if (!sa_addr->v4.sin_port)667sa_addr->v4.sin_port = htons(bp->port);668669/* FIXME - There is probably a need to check if sk->sk_saddr and670* sk->sk_rcv_addr are currently set to one of the addresses to671* be removed. This is something which needs to be looked into672* when we are fixing the outstanding issues with multi-homing673* socket routing and failover schemes. Refer to comments in674* sctp_do_bind(). -daisy675*/676retval = sctp_del_bind_addr(bp, sa_addr);677678addr_buf += af->sockaddr_len;679err_bindx_rem:680if (retval < 0) {681/* Failed. Add the ones that has been removed back */682if (cnt > 0)683sctp_bindx_add(sk, addrs, cnt);684return retval;685}686}687688return retval;689}690691/* Send an ASCONF chunk with Delete IP address parameters to all the peers of692* the associations that are part of the endpoint indicating that a list of693* local addresses are removed from the endpoint.694*695* If any of the addresses is already in the bind address list of the696* association, we do not send the chunk for that association. But it will not697* affect other associations.698*699* Only sctp_setsockopt_bindx() is supposed to call this function.700*/701static int sctp_send_asconf_del_ip(struct sock *sk,702struct sockaddr *addrs,703int addrcnt)704{705struct sctp_sock *sp;706struct sctp_endpoint *ep;707struct sctp_association *asoc;708struct sctp_transport *transport;709struct sctp_bind_addr *bp;710struct sctp_chunk *chunk;711union sctp_addr *laddr;712void *addr_buf;713struct sctp_af *af;714struct sctp_sockaddr_entry *saddr;715int i;716int retval = 0;717718if (!sctp_addip_enable)719return retval;720721sp = sctp_sk(sk);722ep = sp->ep;723724SCTP_DEBUG_PRINTK("%s: (sk: %p, addrs: %p, addrcnt: %d)\n",725__func__, sk, addrs, addrcnt);726727list_for_each_entry(asoc, &ep->asocs, asocs) {728729if (!asoc->peer.asconf_capable)730continue;731732if (asoc->peer.addip_disabled_mask & SCTP_PARAM_DEL_IP)733continue;734735if (!sctp_state(asoc, ESTABLISHED))736continue;737738/* Check if any address in the packed array of addresses is739* not present in the bind address list of the association.740* If so, do not send the asconf chunk to its peer, but741* continue with other associations.742*/743addr_buf = addrs;744for (i = 0; i < addrcnt; i++) {745laddr = (union sctp_addr *)addr_buf;746af = sctp_get_af_specific(laddr->v4.sin_family);747if (!af) {748retval = -EINVAL;749goto out;750}751752if (!sctp_assoc_lookup_laddr(asoc, laddr))753break;754755addr_buf += af->sockaddr_len;756}757if (i < addrcnt)758continue;759760/* Find one address in the association's bind address list761* that is not in the packed array of addresses. This is to762* make sure that we do not delete all the addresses in the763* association.764*/765bp = &asoc->base.bind_addr;766laddr = sctp_find_unmatch_addr(bp, (union sctp_addr *)addrs,767addrcnt, sp);768if (!laddr)769continue;770771/* We do not need RCU protection throughout this loop772* because this is done under a socket lock from the773* setsockopt call.774*/775chunk = sctp_make_asconf_update_ip(asoc, laddr, addrs, addrcnt,776SCTP_PARAM_DEL_IP);777if (!chunk) {778retval = -ENOMEM;779goto out;780}781782/* Reset use_as_src flag for the addresses in the bind address783* list that are to be deleted.784*/785addr_buf = addrs;786for (i = 0; i < addrcnt; i++) {787laddr = (union sctp_addr *)addr_buf;788af = sctp_get_af_specific(laddr->v4.sin_family);789list_for_each_entry(saddr, &bp->address_list, list) {790if (sctp_cmp_addr_exact(&saddr->a, laddr))791saddr->state = SCTP_ADDR_DEL;792}793addr_buf += af->sockaddr_len;794}795796/* Update the route and saddr entries for all the transports797* as some of the addresses in the bind address list are798* about to be deleted and cannot be used as source addresses.799*/800list_for_each_entry(transport, &asoc->peer.transport_addr_list,801transports) {802dst_release(transport->dst);803sctp_transport_route(transport, NULL,804sctp_sk(asoc->base.sk));805}806807retval = sctp_send_asconf(asoc, chunk);808}809out:810return retval;811}812813/* Helper for tunneling sctp_bindx() requests through sctp_setsockopt()814*815* API 8.1816* int sctp_bindx(int sd, struct sockaddr *addrs, int addrcnt,817* int flags);818*819* If sd is an IPv4 socket, the addresses passed must be IPv4 addresses.820* If the sd is an IPv6 socket, the addresses passed can either be IPv4821* or IPv6 addresses.822*823* A single address may be specified as INADDR_ANY or IN6ADDR_ANY, see824* Section 3.1.2 for this usage.825*826* addrs is a pointer to an array of one or more socket addresses. Each827* address is contained in its appropriate structure (i.e. struct828* sockaddr_in or struct sockaddr_in6) the family of the address type829* must be used to distinguish the address length (note that this830* representation is termed a "packed array" of addresses). The caller831* specifies the number of addresses in the array with addrcnt.832*833* On success, sctp_bindx() returns 0. On failure, sctp_bindx() returns834* -1, and sets errno to the appropriate error code.835*836* For SCTP, the port given in each socket address must be the same, or837* sctp_bindx() will fail, setting errno to EINVAL.838*839* The flags parameter is formed from the bitwise OR of zero or more of840* the following currently defined flags:841*842* SCTP_BINDX_ADD_ADDR843*844* SCTP_BINDX_REM_ADDR845*846* SCTP_BINDX_ADD_ADDR directs SCTP to add the given addresses to the847* association, and SCTP_BINDX_REM_ADDR directs SCTP to remove the given848* addresses from the association. The two flags are mutually exclusive;849* if both are given, sctp_bindx() will fail with EINVAL. A caller may850* not remove all addresses from an association; sctp_bindx() will851* reject such an attempt with EINVAL.852*853* An application can use sctp_bindx(SCTP_BINDX_ADD_ADDR) to associate854* additional addresses with an endpoint after calling bind(). Or use855* sctp_bindx(SCTP_BINDX_REM_ADDR) to remove some addresses a listening856* socket is associated with so that no new association accepted will be857* associated with those addresses. If the endpoint supports dynamic858* address a SCTP_BINDX_REM_ADDR or SCTP_BINDX_ADD_ADDR may cause a859* endpoint to send the appropriate message to the peer to change the860* peers address lists.861*862* Adding and removing addresses from a connected association is863* optional functionality. Implementations that do not support this864* functionality should return EOPNOTSUPP.865*866* Basically do nothing but copying the addresses from user to kernel867* land and invoking either sctp_bindx_add() or sctp_bindx_rem() on the sk.868* This is used for tunneling the sctp_bindx() request through sctp_setsockopt()869* from userspace.870*871* We don't use copy_from_user() for optimization: we first do the872* sanity checks (buffer size -fast- and access check-healthy873* pointer); if all of those succeed, then we can alloc the memory874* (expensive operation) needed to copy the data to kernel. Then we do875* the copying without checking the user space area876* (__copy_from_user()).877*878* On exit there is no need to do sockfd_put(), sys_setsockopt() does879* it.880*881* sk The sk of the socket882* addrs The pointer to the addresses in user land883* addrssize Size of the addrs buffer884* op Operation to perform (add or remove, see the flags of885* sctp_bindx)886*887* Returns 0 if ok, <0 errno code on error.888*/889SCTP_STATIC int sctp_setsockopt_bindx(struct sock* sk,890struct sockaddr __user *addrs,891int addrs_size, int op)892{893struct sockaddr *kaddrs;894int err;895int addrcnt = 0;896int walk_size = 0;897struct sockaddr *sa_addr;898void *addr_buf;899struct sctp_af *af;900901SCTP_DEBUG_PRINTK("sctp_setsocktopt_bindx: sk %p addrs %p"902" addrs_size %d opt %d\n", sk, addrs, addrs_size, op);903904if (unlikely(addrs_size <= 0))905return -EINVAL;906907/* Check the user passed a healthy pointer. */908if (unlikely(!access_ok(VERIFY_READ, addrs, addrs_size)))909return -EFAULT;910911/* Alloc space for the address array in kernel memory. */912kaddrs = kmalloc(addrs_size, GFP_KERNEL);913if (unlikely(!kaddrs))914return -ENOMEM;915916if (__copy_from_user(kaddrs, addrs, addrs_size)) {917kfree(kaddrs);918return -EFAULT;919}920921/* Walk through the addrs buffer and count the number of addresses. */922addr_buf = kaddrs;923while (walk_size < addrs_size) {924if (walk_size + sizeof(sa_family_t) > addrs_size) {925kfree(kaddrs);926return -EINVAL;927}928929sa_addr = (struct sockaddr *)addr_buf;930af = sctp_get_af_specific(sa_addr->sa_family);931932/* If the address family is not supported or if this address933* causes the address buffer to overflow return EINVAL.934*/935if (!af || (walk_size + af->sockaddr_len) > addrs_size) {936kfree(kaddrs);937return -EINVAL;938}939addrcnt++;940addr_buf += af->sockaddr_len;941walk_size += af->sockaddr_len;942}943944/* Do the work. */945switch (op) {946case SCTP_BINDX_ADD_ADDR:947err = sctp_bindx_add(sk, kaddrs, addrcnt);948if (err)949goto out;950err = sctp_send_asconf_add_ip(sk, kaddrs, addrcnt);951break;952953case SCTP_BINDX_REM_ADDR:954err = sctp_bindx_rem(sk, kaddrs, addrcnt);955if (err)956goto out;957err = sctp_send_asconf_del_ip(sk, kaddrs, addrcnt);958break;959960default:961err = -EINVAL;962break;963}964965out:966kfree(kaddrs);967968return err;969}970971/* __sctp_connect(struct sock* sk, struct sockaddr *kaddrs, int addrs_size)972*973* Common routine for handling connect() and sctp_connectx().974* Connect will come in with just a single address.975*/976static int __sctp_connect(struct sock* sk,977struct sockaddr *kaddrs,978int addrs_size,979sctp_assoc_t *assoc_id)980{981struct sctp_sock *sp;982struct sctp_endpoint *ep;983struct sctp_association *asoc = NULL;984struct sctp_association *asoc2;985struct sctp_transport *transport;986union sctp_addr to;987struct sctp_af *af;988sctp_scope_t scope;989long timeo;990int err = 0;991int addrcnt = 0;992int walk_size = 0;993union sctp_addr *sa_addr = NULL;994void *addr_buf;995unsigned short port;996unsigned int f_flags = 0;997998sp = sctp_sk(sk);999ep = sp->ep;10001001/* connect() cannot be done on a socket that is already in ESTABLISHED1002* state - UDP-style peeled off socket or a TCP-style socket that1003* is already connected.1004* It cannot be done even on a TCP-style listening socket.1005*/1006if (sctp_sstate(sk, ESTABLISHED) ||1007(sctp_style(sk, TCP) && sctp_sstate(sk, LISTENING))) {1008err = -EISCONN;1009goto out_free;1010}10111012/* Walk through the addrs buffer and count the number of addresses. */1013addr_buf = kaddrs;1014while (walk_size < addrs_size) {1015if (walk_size + sizeof(sa_family_t) > addrs_size) {1016err = -EINVAL;1017goto out_free;1018}10191020sa_addr = (union sctp_addr *)addr_buf;1021af = sctp_get_af_specific(sa_addr->sa.sa_family);10221023/* If the address family is not supported or if this address1024* causes the address buffer to overflow return EINVAL.1025*/1026if (!af || (walk_size + af->sockaddr_len) > addrs_size) {1027err = -EINVAL;1028goto out_free;1029}10301031port = ntohs(sa_addr->v4.sin_port);10321033/* Save current address so we can work with it */1034memcpy(&to, sa_addr, af->sockaddr_len);10351036err = sctp_verify_addr(sk, &to, af->sockaddr_len);1037if (err)1038goto out_free;10391040/* Make sure the destination port is correctly set1041* in all addresses.1042*/1043if (asoc && asoc->peer.port && asoc->peer.port != port)1044goto out_free;104510461047/* Check if there already is a matching association on the1048* endpoint (other than the one created here).1049*/1050asoc2 = sctp_endpoint_lookup_assoc(ep, &to, &transport);1051if (asoc2 && asoc2 != asoc) {1052if (asoc2->state >= SCTP_STATE_ESTABLISHED)1053err = -EISCONN;1054else1055err = -EALREADY;1056goto out_free;1057}10581059/* If we could not find a matching association on the endpoint,1060* make sure that there is no peeled-off association matching1061* the peer address even on another socket.1062*/1063if (sctp_endpoint_is_peeled_off(ep, &to)) {1064err = -EADDRNOTAVAIL;1065goto out_free;1066}10671068if (!asoc) {1069/* If a bind() or sctp_bindx() is not called prior to1070* an sctp_connectx() call, the system picks an1071* ephemeral port and will choose an address set1072* equivalent to binding with a wildcard address.1073*/1074if (!ep->base.bind_addr.port) {1075if (sctp_autobind(sk)) {1076err = -EAGAIN;1077goto out_free;1078}1079} else {1080/*1081* If an unprivileged user inherits a 1-many1082* style socket with open associations on a1083* privileged port, it MAY be permitted to1084* accept new associations, but it SHOULD NOT1085* be permitted to open new associations.1086*/1087if (ep->base.bind_addr.port < PROT_SOCK &&1088!capable(CAP_NET_BIND_SERVICE)) {1089err = -EACCES;1090goto out_free;1091}1092}10931094scope = sctp_scope(&to);1095asoc = sctp_association_new(ep, sk, scope, GFP_KERNEL);1096if (!asoc) {1097err = -ENOMEM;1098goto out_free;1099}11001101err = sctp_assoc_set_bind_addr_from_ep(asoc, scope,1102GFP_KERNEL);1103if (err < 0) {1104goto out_free;1105}11061107}11081109/* Prime the peer's transport structures. */1110transport = sctp_assoc_add_peer(asoc, &to, GFP_KERNEL,1111SCTP_UNKNOWN);1112if (!transport) {1113err = -ENOMEM;1114goto out_free;1115}11161117addrcnt++;1118addr_buf += af->sockaddr_len;1119walk_size += af->sockaddr_len;1120}11211122/* In case the user of sctp_connectx() wants an association1123* id back, assign one now.1124*/1125if (assoc_id) {1126err = sctp_assoc_set_id(asoc, GFP_KERNEL);1127if (err < 0)1128goto out_free;1129}11301131err = sctp_primitive_ASSOCIATE(asoc, NULL);1132if (err < 0) {1133goto out_free;1134}11351136/* Initialize sk's dport and daddr for getpeername() */1137inet_sk(sk)->inet_dport = htons(asoc->peer.port);1138af = sctp_get_af_specific(sa_addr->sa.sa_family);1139af->to_sk_daddr(sa_addr, sk);1140sk->sk_err = 0;11411142/* in-kernel sockets don't generally have a file allocated to them1143* if all they do is call sock_create_kern().1144*/1145if (sk->sk_socket->file)1146f_flags = sk->sk_socket->file->f_flags;11471148timeo = sock_sndtimeo(sk, f_flags & O_NONBLOCK);11491150err = sctp_wait_for_connect(asoc, &timeo);1151if ((err == 0 || err == -EINPROGRESS) && assoc_id)1152*assoc_id = asoc->assoc_id;11531154/* Don't free association on exit. */1155asoc = NULL;11561157out_free:11581159SCTP_DEBUG_PRINTK("About to exit __sctp_connect() free asoc: %p"1160" kaddrs: %p err: %d\n",1161asoc, kaddrs, err);1162if (asoc)1163sctp_association_free(asoc);1164return err;1165}11661167/* Helper for tunneling sctp_connectx() requests through sctp_setsockopt()1168*1169* API 8.91170* int sctp_connectx(int sd, struct sockaddr *addrs, int addrcnt,1171* sctp_assoc_t *asoc);1172*1173* If sd is an IPv4 socket, the addresses passed must be IPv4 addresses.1174* If the sd is an IPv6 socket, the addresses passed can either be IPv41175* or IPv6 addresses.1176*1177* A single address may be specified as INADDR_ANY or IN6ADDR_ANY, see1178* Section 3.1.2 for this usage.1179*1180* addrs is a pointer to an array of one or more socket addresses. Each1181* address is contained in its appropriate structure (i.e. struct1182* sockaddr_in or struct sockaddr_in6) the family of the address type1183* must be used to distengish the address length (note that this1184* representation is termed a "packed array" of addresses). The caller1185* specifies the number of addresses in the array with addrcnt.1186*1187* On success, sctp_connectx() returns 0. It also sets the assoc_id to1188* the association id of the new association. On failure, sctp_connectx()1189* returns -1, and sets errno to the appropriate error code. The assoc_id1190* is not touched by the kernel.1191*1192* For SCTP, the port given in each socket address must be the same, or1193* sctp_connectx() will fail, setting errno to EINVAL.1194*1195* An application can use sctp_connectx to initiate an association with1196* an endpoint that is multi-homed. Much like sctp_bindx() this call1197* allows a caller to specify multiple addresses at which a peer can be1198* reached. The way the SCTP stack uses the list of addresses to set up1199* the association is implementation dependent. This function only1200* specifies that the stack will try to make use of all the addresses in1201* the list when needed.1202*1203* Note that the list of addresses passed in is only used for setting up1204* the association. It does not necessarily equal the set of addresses1205* the peer uses for the resulting association. If the caller wants to1206* find out the set of peer addresses, it must use sctp_getpaddrs() to1207* retrieve them after the association has been set up.1208*1209* Basically do nothing but copying the addresses from user to kernel1210* land and invoking either sctp_connectx(). This is used for tunneling1211* the sctp_connectx() request through sctp_setsockopt() from userspace.1212*1213* We don't use copy_from_user() for optimization: we first do the1214* sanity checks (buffer size -fast- and access check-healthy1215* pointer); if all of those succeed, then we can alloc the memory1216* (expensive operation) needed to copy the data to kernel. Then we do1217* the copying without checking the user space area1218* (__copy_from_user()).1219*1220* On exit there is no need to do sockfd_put(), sys_setsockopt() does1221* it.1222*1223* sk The sk of the socket1224* addrs The pointer to the addresses in user land1225* addrssize Size of the addrs buffer1226*1227* Returns >=0 if ok, <0 errno code on error.1228*/1229SCTP_STATIC int __sctp_setsockopt_connectx(struct sock* sk,1230struct sockaddr __user *addrs,1231int addrs_size,1232sctp_assoc_t *assoc_id)1233{1234int err = 0;1235struct sockaddr *kaddrs;12361237SCTP_DEBUG_PRINTK("%s - sk %p addrs %p addrs_size %d\n",1238__func__, sk, addrs, addrs_size);12391240if (unlikely(addrs_size <= 0))1241return -EINVAL;12421243/* Check the user passed a healthy pointer. */1244if (unlikely(!access_ok(VERIFY_READ, addrs, addrs_size)))1245return -EFAULT;12461247/* Alloc space for the address array in kernel memory. */1248kaddrs = kmalloc(addrs_size, GFP_KERNEL);1249if (unlikely(!kaddrs))1250return -ENOMEM;12511252if (__copy_from_user(kaddrs, addrs, addrs_size)) {1253err = -EFAULT;1254} else {1255err = __sctp_connect(sk, kaddrs, addrs_size, assoc_id);1256}12571258kfree(kaddrs);12591260return err;1261}12621263/*1264* This is an older interface. It's kept for backward compatibility1265* to the option that doesn't provide association id.1266*/1267SCTP_STATIC int sctp_setsockopt_connectx_old(struct sock* sk,1268struct sockaddr __user *addrs,1269int addrs_size)1270{1271return __sctp_setsockopt_connectx(sk, addrs, addrs_size, NULL);1272}12731274/*1275* New interface for the API. The since the API is done with a socket1276* option, to make it simple we feed back the association id is as a return1277* indication to the call. Error is always negative and association id is1278* always positive.1279*/1280SCTP_STATIC int sctp_setsockopt_connectx(struct sock* sk,1281struct sockaddr __user *addrs,1282int addrs_size)1283{1284sctp_assoc_t assoc_id = 0;1285int err = 0;12861287err = __sctp_setsockopt_connectx(sk, addrs, addrs_size, &assoc_id);12881289if (err)1290return err;1291else1292return assoc_id;1293}12941295/*1296* New (hopefully final) interface for the API.1297* We use the sctp_getaddrs_old structure so that use-space library1298* can avoid any unnecessary allocations. The only defferent part1299* is that we store the actual length of the address buffer into the1300* addrs_num structure member. That way we can re-use the existing1301* code.1302*/1303SCTP_STATIC int sctp_getsockopt_connectx3(struct sock* sk, int len,1304char __user *optval,1305int __user *optlen)1306{1307struct sctp_getaddrs_old param;1308sctp_assoc_t assoc_id = 0;1309int err = 0;13101311if (len < sizeof(param))1312return -EINVAL;13131314if (copy_from_user(¶m, optval, sizeof(param)))1315return -EFAULT;13161317err = __sctp_setsockopt_connectx(sk,1318(struct sockaddr __user *)param.addrs,1319param.addr_num, &assoc_id);13201321if (err == 0 || err == -EINPROGRESS) {1322if (copy_to_user(optval, &assoc_id, sizeof(assoc_id)))1323return -EFAULT;1324if (put_user(sizeof(assoc_id), optlen))1325return -EFAULT;1326}13271328return err;1329}13301331/* API 3.1.4 close() - UDP Style Syntax1332* Applications use close() to perform graceful shutdown (as described in1333* Section 10.1 of [SCTP]) on ALL the associations currently represented1334* by a UDP-style socket.1335*1336* The syntax is1337*1338* ret = close(int sd);1339*1340* sd - the socket descriptor of the associations to be closed.1341*1342* To gracefully shutdown a specific association represented by the1343* UDP-style socket, an application should use the sendmsg() call,1344* passing no user data, but including the appropriate flag in the1345* ancillary data (see Section xxxx).1346*1347* If sd in the close() call is a branched-off socket representing only1348* one association, the shutdown is performed on that association only.1349*1350* 4.1.6 close() - TCP Style Syntax1351*1352* Applications use close() to gracefully close down an association.1353*1354* The syntax is:1355*1356* int close(int sd);1357*1358* sd - the socket descriptor of the association to be closed.1359*1360* After an application calls close() on a socket descriptor, no further1361* socket operations will succeed on that descriptor.1362*1363* API 7.1.4 SO_LINGER1364*1365* An application using the TCP-style socket can use this option to1366* perform the SCTP ABORT primitive. The linger option structure is:1367*1368* struct linger {1369* int l_onoff; // option on/off1370* int l_linger; // linger time1371* };1372*1373* To enable the option, set l_onoff to 1. If the l_linger value is set1374* to 0, calling close() is the same as the ABORT primitive. If the1375* value is set to a negative value, the setsockopt() call will return1376* an error. If the value is set to a positive value linger_time, the1377* close() can be blocked for at most linger_time ms. If the graceful1378* shutdown phase does not finish during this period, close() will1379* return but the graceful shutdown phase continues in the system.1380*/1381SCTP_STATIC void sctp_close(struct sock *sk, long timeout)1382{1383struct sctp_endpoint *ep;1384struct sctp_association *asoc;1385struct list_head *pos, *temp;1386unsigned int data_was_unread;13871388SCTP_DEBUG_PRINTK("sctp_close(sk: 0x%p, timeout:%ld)\n", sk, timeout);13891390sctp_lock_sock(sk);1391sk->sk_shutdown = SHUTDOWN_MASK;1392sk->sk_state = SCTP_SS_CLOSING;13931394ep = sctp_sk(sk)->ep;13951396/* Clean up any skbs sitting on the receive queue. */1397data_was_unread = sctp_queue_purge_ulpevents(&sk->sk_receive_queue);1398data_was_unread += sctp_queue_purge_ulpevents(&sctp_sk(sk)->pd_lobby);13991400/* Walk all associations on an endpoint. */1401list_for_each_safe(pos, temp, &ep->asocs) {1402asoc = list_entry(pos, struct sctp_association, asocs);14031404if (sctp_style(sk, TCP)) {1405/* A closed association can still be in the list if1406* it belongs to a TCP-style listening socket that is1407* not yet accepted. If so, free it. If not, send an1408* ABORT or SHUTDOWN based on the linger options.1409*/1410if (sctp_state(asoc, CLOSED)) {1411sctp_unhash_established(asoc);1412sctp_association_free(asoc);1413continue;1414}1415}14161417if (data_was_unread || !skb_queue_empty(&asoc->ulpq.lobby) ||1418!skb_queue_empty(&asoc->ulpq.reasm) ||1419(sock_flag(sk, SOCK_LINGER) && !sk->sk_lingertime)) {1420struct sctp_chunk *chunk;14211422chunk = sctp_make_abort_user(asoc, NULL, 0);1423if (chunk)1424sctp_primitive_ABORT(asoc, chunk);1425} else1426sctp_primitive_SHUTDOWN(asoc, NULL);1427}14281429/* On a TCP-style socket, block for at most linger_time if set. */1430if (sctp_style(sk, TCP) && timeout)1431sctp_wait_for_close(sk, timeout);14321433/* This will run the backlog queue. */1434sctp_release_sock(sk);14351436/* Supposedly, no process has access to the socket, but1437* the net layers still may.1438*/1439sctp_local_bh_disable();1440sctp_bh_lock_sock(sk);14411442/* Hold the sock, since sk_common_release() will put sock_put()1443* and we have just a little more cleanup.1444*/1445sock_hold(sk);1446sk_common_release(sk);14471448sctp_bh_unlock_sock(sk);1449sctp_local_bh_enable();14501451sock_put(sk);14521453SCTP_DBG_OBJCNT_DEC(sock);1454}14551456/* Handle EPIPE error. */1457static int sctp_error(struct sock *sk, int flags, int err)1458{1459if (err == -EPIPE)1460err = sock_error(sk) ? : -EPIPE;1461if (err == -EPIPE && !(flags & MSG_NOSIGNAL))1462send_sig(SIGPIPE, current, 0);1463return err;1464}14651466/* API 3.1.3 sendmsg() - UDP Style Syntax1467*1468* An application uses sendmsg() and recvmsg() calls to transmit data to1469* and receive data from its peer.1470*1471* ssize_t sendmsg(int socket, const struct msghdr *message,1472* int flags);1473*1474* socket - the socket descriptor of the endpoint.1475* message - pointer to the msghdr structure which contains a single1476* user message and possibly some ancillary data.1477*1478* See Section 5 for complete description of the data1479* structures.1480*1481* flags - flags sent or received with the user message, see Section1482* 5 for complete description of the flags.1483*1484* Note: This function could use a rewrite especially when explicit1485* connect support comes in.1486*/1487/* BUG: We do not implement the equivalent of sk_stream_wait_memory(). */14881489SCTP_STATIC int sctp_msghdr_parse(const struct msghdr *, sctp_cmsgs_t *);14901491SCTP_STATIC int sctp_sendmsg(struct kiocb *iocb, struct sock *sk,1492struct msghdr *msg, size_t msg_len)1493{1494struct sctp_sock *sp;1495struct sctp_endpoint *ep;1496struct sctp_association *new_asoc=NULL, *asoc=NULL;1497struct sctp_transport *transport, *chunk_tp;1498struct sctp_chunk *chunk;1499union sctp_addr to;1500struct sockaddr *msg_name = NULL;1501struct sctp_sndrcvinfo default_sinfo;1502struct sctp_sndrcvinfo *sinfo;1503struct sctp_initmsg *sinit;1504sctp_assoc_t associd = 0;1505sctp_cmsgs_t cmsgs = { NULL };1506int err;1507sctp_scope_t scope;1508long timeo;1509__u16 sinfo_flags = 0;1510struct sctp_datamsg *datamsg;1511int msg_flags = msg->msg_flags;15121513SCTP_DEBUG_PRINTK("sctp_sendmsg(sk: %p, msg: %p, msg_len: %zu)\n",1514sk, msg, msg_len);15151516err = 0;1517sp = sctp_sk(sk);1518ep = sp->ep;15191520SCTP_DEBUG_PRINTK("Using endpoint: %p.\n", ep);15211522/* We cannot send a message over a TCP-style listening socket. */1523if (sctp_style(sk, TCP) && sctp_sstate(sk, LISTENING)) {1524err = -EPIPE;1525goto out_nounlock;1526}15271528/* Parse out the SCTP CMSGs. */1529err = sctp_msghdr_parse(msg, &cmsgs);15301531if (err) {1532SCTP_DEBUG_PRINTK("msghdr parse err = %x\n", err);1533goto out_nounlock;1534}15351536/* Fetch the destination address for this packet. This1537* address only selects the association--it is not necessarily1538* the address we will send to.1539* For a peeled-off socket, msg_name is ignored.1540*/1541if (!sctp_style(sk, UDP_HIGH_BANDWIDTH) && msg->msg_name) {1542int msg_namelen = msg->msg_namelen;15431544err = sctp_verify_addr(sk, (union sctp_addr *)msg->msg_name,1545msg_namelen);1546if (err)1547return err;15481549if (msg_namelen > sizeof(to))1550msg_namelen = sizeof(to);1551memcpy(&to, msg->msg_name, msg_namelen);1552msg_name = msg->msg_name;1553}15541555sinfo = cmsgs.info;1556sinit = cmsgs.init;15571558/* Did the user specify SNDRCVINFO? */1559if (sinfo) {1560sinfo_flags = sinfo->sinfo_flags;1561associd = sinfo->sinfo_assoc_id;1562}15631564SCTP_DEBUG_PRINTK("msg_len: %zu, sinfo_flags: 0x%x\n",1565msg_len, sinfo_flags);15661567/* SCTP_EOF or SCTP_ABORT cannot be set on a TCP-style socket. */1568if (sctp_style(sk, TCP) && (sinfo_flags & (SCTP_EOF | SCTP_ABORT))) {1569err = -EINVAL;1570goto out_nounlock;1571}15721573/* If SCTP_EOF is set, no data can be sent. Disallow sending zero1574* length messages when SCTP_EOF|SCTP_ABORT is not set.1575* If SCTP_ABORT is set, the message length could be non zero with1576* the msg_iov set to the user abort reason.1577*/1578if (((sinfo_flags & SCTP_EOF) && (msg_len > 0)) ||1579(!(sinfo_flags & (SCTP_EOF|SCTP_ABORT)) && (msg_len == 0))) {1580err = -EINVAL;1581goto out_nounlock;1582}15831584/* If SCTP_ADDR_OVER is set, there must be an address1585* specified in msg_name.1586*/1587if ((sinfo_flags & SCTP_ADDR_OVER) && (!msg->msg_name)) {1588err = -EINVAL;1589goto out_nounlock;1590}15911592transport = NULL;15931594SCTP_DEBUG_PRINTK("About to look up association.\n");15951596sctp_lock_sock(sk);15971598/* If a msg_name has been specified, assume this is to be used. */1599if (msg_name) {1600/* Look for a matching association on the endpoint. */1601asoc = sctp_endpoint_lookup_assoc(ep, &to, &transport);1602if (!asoc) {1603/* If we could not find a matching association on the1604* endpoint, make sure that it is not a TCP-style1605* socket that already has an association or there is1606* no peeled-off association on another socket.1607*/1608if ((sctp_style(sk, TCP) &&1609sctp_sstate(sk, ESTABLISHED)) ||1610sctp_endpoint_is_peeled_off(ep, &to)) {1611err = -EADDRNOTAVAIL;1612goto out_unlock;1613}1614}1615} else {1616asoc = sctp_id2assoc(sk, associd);1617if (!asoc) {1618err = -EPIPE;1619goto out_unlock;1620}1621}16221623if (asoc) {1624SCTP_DEBUG_PRINTK("Just looked up association: %p.\n", asoc);16251626/* We cannot send a message on a TCP-style SCTP_SS_ESTABLISHED1627* socket that has an association in CLOSED state. This can1628* happen when an accepted socket has an association that is1629* already CLOSED.1630*/1631if (sctp_state(asoc, CLOSED) && sctp_style(sk, TCP)) {1632err = -EPIPE;1633goto out_unlock;1634}16351636if (sinfo_flags & SCTP_EOF) {1637SCTP_DEBUG_PRINTK("Shutting down association: %p\n",1638asoc);1639sctp_primitive_SHUTDOWN(asoc, NULL);1640err = 0;1641goto out_unlock;1642}1643if (sinfo_flags & SCTP_ABORT) {16441645chunk = sctp_make_abort_user(asoc, msg, msg_len);1646if (!chunk) {1647err = -ENOMEM;1648goto out_unlock;1649}16501651SCTP_DEBUG_PRINTK("Aborting association: %p\n", asoc);1652sctp_primitive_ABORT(asoc, chunk);1653err = 0;1654goto out_unlock;1655}1656}16571658/* Do we need to create the association? */1659if (!asoc) {1660SCTP_DEBUG_PRINTK("There is no association yet.\n");16611662if (sinfo_flags & (SCTP_EOF | SCTP_ABORT)) {1663err = -EINVAL;1664goto out_unlock;1665}16661667/* Check for invalid stream against the stream counts,1668* either the default or the user specified stream counts.1669*/1670if (sinfo) {1671if (!sinit || (sinit && !sinit->sinit_num_ostreams)) {1672/* Check against the defaults. */1673if (sinfo->sinfo_stream >=1674sp->initmsg.sinit_num_ostreams) {1675err = -EINVAL;1676goto out_unlock;1677}1678} else {1679/* Check against the requested. */1680if (sinfo->sinfo_stream >=1681sinit->sinit_num_ostreams) {1682err = -EINVAL;1683goto out_unlock;1684}1685}1686}16871688/*1689* API 3.1.2 bind() - UDP Style Syntax1690* If a bind() or sctp_bindx() is not called prior to a1691* sendmsg() call that initiates a new association, the1692* system picks an ephemeral port and will choose an address1693* set equivalent to binding with a wildcard address.1694*/1695if (!ep->base.bind_addr.port) {1696if (sctp_autobind(sk)) {1697err = -EAGAIN;1698goto out_unlock;1699}1700} else {1701/*1702* If an unprivileged user inherits a one-to-many1703* style socket with open associations on a privileged1704* port, it MAY be permitted to accept new associations,1705* but it SHOULD NOT be permitted to open new1706* associations.1707*/1708if (ep->base.bind_addr.port < PROT_SOCK &&1709!capable(CAP_NET_BIND_SERVICE)) {1710err = -EACCES;1711goto out_unlock;1712}1713}17141715scope = sctp_scope(&to);1716new_asoc = sctp_association_new(ep, sk, scope, GFP_KERNEL);1717if (!new_asoc) {1718err = -ENOMEM;1719goto out_unlock;1720}1721asoc = new_asoc;1722err = sctp_assoc_set_bind_addr_from_ep(asoc, scope, GFP_KERNEL);1723if (err < 0) {1724err = -ENOMEM;1725goto out_free;1726}17271728/* If the SCTP_INIT ancillary data is specified, set all1729* the association init values accordingly.1730*/1731if (sinit) {1732if (sinit->sinit_num_ostreams) {1733asoc->c.sinit_num_ostreams =1734sinit->sinit_num_ostreams;1735}1736if (sinit->sinit_max_instreams) {1737asoc->c.sinit_max_instreams =1738sinit->sinit_max_instreams;1739}1740if (sinit->sinit_max_attempts) {1741asoc->max_init_attempts1742= sinit->sinit_max_attempts;1743}1744if (sinit->sinit_max_init_timeo) {1745asoc->max_init_timeo =1746msecs_to_jiffies(sinit->sinit_max_init_timeo);1747}1748}17491750/* Prime the peer's transport structures. */1751transport = sctp_assoc_add_peer(asoc, &to, GFP_KERNEL, SCTP_UNKNOWN);1752if (!transport) {1753err = -ENOMEM;1754goto out_free;1755}1756}17571758/* ASSERT: we have a valid association at this point. */1759SCTP_DEBUG_PRINTK("We have a valid association.\n");17601761if (!sinfo) {1762/* If the user didn't specify SNDRCVINFO, make up one with1763* some defaults.1764*/1765memset(&default_sinfo, 0, sizeof(default_sinfo));1766default_sinfo.sinfo_stream = asoc->default_stream;1767default_sinfo.sinfo_flags = asoc->default_flags;1768default_sinfo.sinfo_ppid = asoc->default_ppid;1769default_sinfo.sinfo_context = asoc->default_context;1770default_sinfo.sinfo_timetolive = asoc->default_timetolive;1771default_sinfo.sinfo_assoc_id = sctp_assoc2id(asoc);1772sinfo = &default_sinfo;1773}17741775/* API 7.1.7, the sndbuf size per association bounds the1776* maximum size of data that can be sent in a single send call.1777*/1778if (msg_len > sk->sk_sndbuf) {1779err = -EMSGSIZE;1780goto out_free;1781}17821783if (asoc->pmtu_pending)1784sctp_assoc_pending_pmtu(asoc);17851786/* If fragmentation is disabled and the message length exceeds the1787* association fragmentation point, return EMSGSIZE. The I-D1788* does not specify what this error is, but this looks like1789* a great fit.1790*/1791if (sctp_sk(sk)->disable_fragments && (msg_len > asoc->frag_point)) {1792err = -EMSGSIZE;1793goto out_free;1794}17951796/* Check for invalid stream. */1797if (sinfo->sinfo_stream >= asoc->c.sinit_num_ostreams) {1798err = -EINVAL;1799goto out_free;1800}18011802timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);1803if (!sctp_wspace(asoc)) {1804err = sctp_wait_for_sndbuf(asoc, &timeo, msg_len);1805if (err)1806goto out_free;1807}18081809/* If an address is passed with the sendto/sendmsg call, it is used1810* to override the primary destination address in the TCP model, or1811* when SCTP_ADDR_OVER flag is set in the UDP model.1812*/1813if ((sctp_style(sk, TCP) && msg_name) ||1814(sinfo_flags & SCTP_ADDR_OVER)) {1815chunk_tp = sctp_assoc_lookup_paddr(asoc, &to);1816if (!chunk_tp) {1817err = -EINVAL;1818goto out_free;1819}1820} else1821chunk_tp = NULL;18221823/* Auto-connect, if we aren't connected already. */1824if (sctp_state(asoc, CLOSED)) {1825err = sctp_primitive_ASSOCIATE(asoc, NULL);1826if (err < 0)1827goto out_free;1828SCTP_DEBUG_PRINTK("We associated primitively.\n");1829}18301831/* Break the message into multiple chunks of maximum size. */1832datamsg = sctp_datamsg_from_user(asoc, sinfo, msg, msg_len);1833if (!datamsg) {1834err = -ENOMEM;1835goto out_free;1836}18371838/* Now send the (possibly) fragmented message. */1839list_for_each_entry(chunk, &datamsg->chunks, frag_list) {1840sctp_chunk_hold(chunk);18411842/* Do accounting for the write space. */1843sctp_set_owner_w(chunk);18441845chunk->transport = chunk_tp;1846}18471848/* Send it to the lower layers. Note: all chunks1849* must either fail or succeed. The lower layer1850* works that way today. Keep it that way or this1851* breaks.1852*/1853err = sctp_primitive_SEND(asoc, datamsg);1854/* Did the lower layer accept the chunk? */1855if (err)1856sctp_datamsg_free(datamsg);1857else1858sctp_datamsg_put(datamsg);18591860SCTP_DEBUG_PRINTK("We sent primitively.\n");18611862if (err)1863goto out_free;1864else1865err = msg_len;18661867/* If we are already past ASSOCIATE, the lower1868* layers are responsible for association cleanup.1869*/1870goto out_unlock;18711872out_free:1873if (new_asoc)1874sctp_association_free(asoc);1875out_unlock:1876sctp_release_sock(sk);18771878out_nounlock:1879return sctp_error(sk, msg_flags, err);18801881#if 01882do_sock_err:1883if (msg_len)1884err = msg_len;1885else1886err = sock_error(sk);1887goto out;18881889do_interrupted:1890if (msg_len)1891err = msg_len;1892goto out;1893#endif /* 0 */1894}18951896/* This is an extended version of skb_pull() that removes the data from the1897* start of a skb even when data is spread across the list of skb's in the1898* frag_list. len specifies the total amount of data that needs to be removed.1899* when 'len' bytes could be removed from the skb, it returns 0.1900* If 'len' exceeds the total skb length, it returns the no. of bytes that1901* could not be removed.1902*/1903static int sctp_skb_pull(struct sk_buff *skb, int len)1904{1905struct sk_buff *list;1906int skb_len = skb_headlen(skb);1907int rlen;19081909if (len <= skb_len) {1910__skb_pull(skb, len);1911return 0;1912}1913len -= skb_len;1914__skb_pull(skb, skb_len);19151916skb_walk_frags(skb, list) {1917rlen = sctp_skb_pull(list, len);1918skb->len -= (len-rlen);1919skb->data_len -= (len-rlen);19201921if (!rlen)1922return 0;19231924len = rlen;1925}19261927return len;1928}19291930/* API 3.1.3 recvmsg() - UDP Style Syntax1931*1932* ssize_t recvmsg(int socket, struct msghdr *message,1933* int flags);1934*1935* socket - the socket descriptor of the endpoint.1936* message - pointer to the msghdr structure which contains a single1937* user message and possibly some ancillary data.1938*1939* See Section 5 for complete description of the data1940* structures.1941*1942* flags - flags sent or received with the user message, see Section1943* 5 for complete description of the flags.1944*/1945static struct sk_buff *sctp_skb_recv_datagram(struct sock *, int, int, int *);19461947SCTP_STATIC int sctp_recvmsg(struct kiocb *iocb, struct sock *sk,1948struct msghdr *msg, size_t len, int noblock,1949int flags, int *addr_len)1950{1951struct sctp_ulpevent *event = NULL;1952struct sctp_sock *sp = sctp_sk(sk);1953struct sk_buff *skb;1954int copied;1955int err = 0;1956int skb_len;19571958SCTP_DEBUG_PRINTK("sctp_recvmsg(%s: %p, %s: %p, %s: %zd, %s: %d, %s: "1959"0x%x, %s: %p)\n", "sk", sk, "msghdr", msg,1960"len", len, "knoblauch", noblock,1961"flags", flags, "addr_len", addr_len);19621963sctp_lock_sock(sk);19641965if (sctp_style(sk, TCP) && !sctp_sstate(sk, ESTABLISHED)) {1966err = -ENOTCONN;1967goto out;1968}19691970skb = sctp_skb_recv_datagram(sk, flags, noblock, &err);1971if (!skb)1972goto out;19731974/* Get the total length of the skb including any skb's in the1975* frag_list.1976*/1977skb_len = skb->len;19781979copied = skb_len;1980if (copied > len)1981copied = len;19821983err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);19841985event = sctp_skb2event(skb);19861987if (err)1988goto out_free;19891990sock_recv_ts_and_drops(msg, sk, skb);1991if (sctp_ulpevent_is_notification(event)) {1992msg->msg_flags |= MSG_NOTIFICATION;1993sp->pf->event_msgname(event, msg->msg_name, addr_len);1994} else {1995sp->pf->skb_msgname(skb, msg->msg_name, addr_len);1996}19971998/* Check if we allow SCTP_SNDRCVINFO. */1999if (sp->subscribe.sctp_data_io_event)2000sctp_ulpevent_read_sndrcvinfo(event, msg);2001#if 02002/* FIXME: we should be calling IP/IPv6 layers. */2003if (sk->sk_protinfo.af_inet.cmsg_flags)2004ip_cmsg_recv(msg, skb);2005#endif20062007err = copied;20082009/* If skb's length exceeds the user's buffer, update the skb and2010* push it back to the receive_queue so that the next call to2011* recvmsg() will return the remaining data. Don't set MSG_EOR.2012*/2013if (skb_len > copied) {2014msg->msg_flags &= ~MSG_EOR;2015if (flags & MSG_PEEK)2016goto out_free;2017sctp_skb_pull(skb, copied);2018skb_queue_head(&sk->sk_receive_queue, skb);20192020/* When only partial message is copied to the user, increase2021* rwnd by that amount. If all the data in the skb is read,2022* rwnd is updated when the event is freed.2023*/2024if (!sctp_ulpevent_is_notification(event))2025sctp_assoc_rwnd_increase(event->asoc, copied);2026goto out;2027} else if ((event->msg_flags & MSG_NOTIFICATION) ||2028(event->msg_flags & MSG_EOR))2029msg->msg_flags |= MSG_EOR;2030else2031msg->msg_flags &= ~MSG_EOR;20322033out_free:2034if (flags & MSG_PEEK) {2035/* Release the skb reference acquired after peeking the skb in2036* sctp_skb_recv_datagram().2037*/2038kfree_skb(skb);2039} else {2040/* Free the event which includes releasing the reference to2041* the owner of the skb, freeing the skb and updating the2042* rwnd.2043*/2044sctp_ulpevent_free(event);2045}2046out:2047sctp_release_sock(sk);2048return err;2049}20502051/* 7.1.12 Enable/Disable message fragmentation (SCTP_DISABLE_FRAGMENTS)2052*2053* This option is a on/off flag. If enabled no SCTP message2054* fragmentation will be performed. Instead if a message being sent2055* exceeds the current PMTU size, the message will NOT be sent and2056* instead a error will be indicated to the user.2057*/2058static int sctp_setsockopt_disable_fragments(struct sock *sk,2059char __user *optval,2060unsigned int optlen)2061{2062int val;20632064if (optlen < sizeof(int))2065return -EINVAL;20662067if (get_user(val, (int __user *)optval))2068return -EFAULT;20692070sctp_sk(sk)->disable_fragments = (val == 0) ? 0 : 1;20712072return 0;2073}20742075static int sctp_setsockopt_events(struct sock *sk, char __user *optval,2076unsigned int optlen)2077{2078struct sctp_association *asoc;2079struct sctp_ulpevent *event;20802081if (optlen > sizeof(struct sctp_event_subscribe))2082return -EINVAL;2083if (copy_from_user(&sctp_sk(sk)->subscribe, optval, optlen))2084return -EFAULT;20852086/*2087* At the time when a user app subscribes to SCTP_SENDER_DRY_EVENT,2088* if there is no data to be sent or retransmit, the stack will2089* immediately send up this notification.2090*/2091if (sctp_ulpevent_type_enabled(SCTP_SENDER_DRY_EVENT,2092&sctp_sk(sk)->subscribe)) {2093asoc = sctp_id2assoc(sk, 0);20942095if (asoc && sctp_outq_is_empty(&asoc->outqueue)) {2096event = sctp_ulpevent_make_sender_dry_event(asoc,2097GFP_ATOMIC);2098if (!event)2099return -ENOMEM;21002101sctp_ulpq_tail_event(&asoc->ulpq, event);2102}2103}21042105return 0;2106}21072108/* 7.1.8 Automatic Close of associations (SCTP_AUTOCLOSE)2109*2110* This socket option is applicable to the UDP-style socket only. When2111* set it will cause associations that are idle for more than the2112* specified number of seconds to automatically close. An association2113* being idle is defined an association that has NOT sent or received2114* user data. The special value of '0' indicates that no automatic2115* close of any associations should be performed. The option expects an2116* integer defining the number of seconds of idle time before an2117* association is closed.2118*/2119static int sctp_setsockopt_autoclose(struct sock *sk, char __user *optval,2120unsigned int optlen)2121{2122struct sctp_sock *sp = sctp_sk(sk);21232124/* Applicable to UDP-style socket only */2125if (sctp_style(sk, TCP))2126return -EOPNOTSUPP;2127if (optlen != sizeof(int))2128return -EINVAL;2129if (copy_from_user(&sp->autoclose, optval, optlen))2130return -EFAULT;2131/* make sure it won't exceed MAX_SCHEDULE_TIMEOUT */2132sp->autoclose = min_t(long, sp->autoclose, MAX_SCHEDULE_TIMEOUT / HZ);21332134return 0;2135}21362137/* 7.1.13 Peer Address Parameters (SCTP_PEER_ADDR_PARAMS)2138*2139* Applications can enable or disable heartbeats for any peer address of2140* an association, modify an address's heartbeat interval, force a2141* heartbeat to be sent immediately, and adjust the address's maximum2142* number of retransmissions sent before an address is considered2143* unreachable. The following structure is used to access and modify an2144* address's parameters:2145*2146* struct sctp_paddrparams {2147* sctp_assoc_t spp_assoc_id;2148* struct sockaddr_storage spp_address;2149* uint32_t spp_hbinterval;2150* uint16_t spp_pathmaxrxt;2151* uint32_t spp_pathmtu;2152* uint32_t spp_sackdelay;2153* uint32_t spp_flags;2154* };2155*2156* spp_assoc_id - (one-to-many style socket) This is filled in the2157* application, and identifies the association for2158* this query.2159* spp_address - This specifies which address is of interest.2160* spp_hbinterval - This contains the value of the heartbeat interval,2161* in milliseconds. If a value of zero2162* is present in this field then no changes are to2163* be made to this parameter.2164* spp_pathmaxrxt - This contains the maximum number of2165* retransmissions before this address shall be2166* considered unreachable. If a value of zero2167* is present in this field then no changes are to2168* be made to this parameter.2169* spp_pathmtu - When Path MTU discovery is disabled the value2170* specified here will be the "fixed" path mtu.2171* Note that if the spp_address field is empty2172* then all associations on this address will2173* have this fixed path mtu set upon them.2174*2175* spp_sackdelay - When delayed sack is enabled, this value specifies2176* the number of milliseconds that sacks will be delayed2177* for. This value will apply to all addresses of an2178* association if the spp_address field is empty. Note2179* also, that if delayed sack is enabled and this2180* value is set to 0, no change is made to the last2181* recorded delayed sack timer value.2182*2183* spp_flags - These flags are used to control various features2184* on an association. The flag field may contain2185* zero or more of the following options.2186*2187* SPP_HB_ENABLE - Enable heartbeats on the2188* specified address. Note that if the address2189* field is empty all addresses for the association2190* have heartbeats enabled upon them.2191*2192* SPP_HB_DISABLE - Disable heartbeats on the2193* speicifed address. Note that if the address2194* field is empty all addresses for the association2195* will have their heartbeats disabled. Note also2196* that SPP_HB_ENABLE and SPP_HB_DISABLE are2197* mutually exclusive, only one of these two should2198* be specified. Enabling both fields will have2199* undetermined results.2200*2201* SPP_HB_DEMAND - Request a user initiated heartbeat2202* to be made immediately.2203*2204* SPP_HB_TIME_IS_ZERO - Specify's that the time for2205* heartbeat delayis to be set to the value of 02206* milliseconds.2207*2208* SPP_PMTUD_ENABLE - This field will enable PMTU2209* discovery upon the specified address. Note that2210* if the address feild is empty then all addresses2211* on the association are effected.2212*2213* SPP_PMTUD_DISABLE - This field will disable PMTU2214* discovery upon the specified address. Note that2215* if the address feild is empty then all addresses2216* on the association are effected. Not also that2217* SPP_PMTUD_ENABLE and SPP_PMTUD_DISABLE are mutually2218* exclusive. Enabling both will have undetermined2219* results.2220*2221* SPP_SACKDELAY_ENABLE - Setting this flag turns2222* on delayed sack. The time specified in spp_sackdelay2223* is used to specify the sack delay for this address. Note2224* that if spp_address is empty then all addresses will2225* enable delayed sack and take on the sack delay2226* value specified in spp_sackdelay.2227* SPP_SACKDELAY_DISABLE - Setting this flag turns2228* off delayed sack. If the spp_address field is blank then2229* delayed sack is disabled for the entire association. Note2230* also that this field is mutually exclusive to2231* SPP_SACKDELAY_ENABLE, setting both will have undefined2232* results.2233*/2234static int sctp_apply_peer_addr_params(struct sctp_paddrparams *params,2235struct sctp_transport *trans,2236struct sctp_association *asoc,2237struct sctp_sock *sp,2238int hb_change,2239int pmtud_change,2240int sackdelay_change)2241{2242int error;22432244if (params->spp_flags & SPP_HB_DEMAND && trans) {2245error = sctp_primitive_REQUESTHEARTBEAT (trans->asoc, trans);2246if (error)2247return error;2248}22492250/* Note that unless the spp_flag is set to SPP_HB_ENABLE the value of2251* this field is ignored. Note also that a value of zero indicates2252* the current setting should be left unchanged.2253*/2254if (params->spp_flags & SPP_HB_ENABLE) {22552256/* Re-zero the interval if the SPP_HB_TIME_IS_ZERO is2257* set. This lets us use 0 value when this flag2258* is set.2259*/2260if (params->spp_flags & SPP_HB_TIME_IS_ZERO)2261params->spp_hbinterval = 0;22622263if (params->spp_hbinterval ||2264(params->spp_flags & SPP_HB_TIME_IS_ZERO)) {2265if (trans) {2266trans->hbinterval =2267msecs_to_jiffies(params->spp_hbinterval);2268} else if (asoc) {2269asoc->hbinterval =2270msecs_to_jiffies(params->spp_hbinterval);2271} else {2272sp->hbinterval = params->spp_hbinterval;2273}2274}2275}22762277if (hb_change) {2278if (trans) {2279trans->param_flags =2280(trans->param_flags & ~SPP_HB) | hb_change;2281} else if (asoc) {2282asoc->param_flags =2283(asoc->param_flags & ~SPP_HB) | hb_change;2284} else {2285sp->param_flags =2286(sp->param_flags & ~SPP_HB) | hb_change;2287}2288}22892290/* When Path MTU discovery is disabled the value specified here will2291* be the "fixed" path mtu (i.e. the value of the spp_flags field must2292* include the flag SPP_PMTUD_DISABLE for this field to have any2293* effect).2294*/2295if ((params->spp_flags & SPP_PMTUD_DISABLE) && params->spp_pathmtu) {2296if (trans) {2297trans->pathmtu = params->spp_pathmtu;2298sctp_assoc_sync_pmtu(asoc);2299} else if (asoc) {2300asoc->pathmtu = params->spp_pathmtu;2301sctp_frag_point(asoc, params->spp_pathmtu);2302} else {2303sp->pathmtu = params->spp_pathmtu;2304}2305}23062307if (pmtud_change) {2308if (trans) {2309int update = (trans->param_flags & SPP_PMTUD_DISABLE) &&2310(params->spp_flags & SPP_PMTUD_ENABLE);2311trans->param_flags =2312(trans->param_flags & ~SPP_PMTUD) | pmtud_change;2313if (update) {2314sctp_transport_pmtu(trans, sctp_opt2sk(sp));2315sctp_assoc_sync_pmtu(asoc);2316}2317} else if (asoc) {2318asoc->param_flags =2319(asoc->param_flags & ~SPP_PMTUD) | pmtud_change;2320} else {2321sp->param_flags =2322(sp->param_flags & ~SPP_PMTUD) | pmtud_change;2323}2324}23252326/* Note that unless the spp_flag is set to SPP_SACKDELAY_ENABLE the2327* value of this field is ignored. Note also that a value of zero2328* indicates the current setting should be left unchanged.2329*/2330if ((params->spp_flags & SPP_SACKDELAY_ENABLE) && params->spp_sackdelay) {2331if (trans) {2332trans->sackdelay =2333msecs_to_jiffies(params->spp_sackdelay);2334} else if (asoc) {2335asoc->sackdelay =2336msecs_to_jiffies(params->spp_sackdelay);2337} else {2338sp->sackdelay = params->spp_sackdelay;2339}2340}23412342if (sackdelay_change) {2343if (trans) {2344trans->param_flags =2345(trans->param_flags & ~SPP_SACKDELAY) |2346sackdelay_change;2347} else if (asoc) {2348asoc->param_flags =2349(asoc->param_flags & ~SPP_SACKDELAY) |2350sackdelay_change;2351} else {2352sp->param_flags =2353(sp->param_flags & ~SPP_SACKDELAY) |2354sackdelay_change;2355}2356}23572358/* Note that a value of zero indicates the current setting should be2359left unchanged.2360*/2361if (params->spp_pathmaxrxt) {2362if (trans) {2363trans->pathmaxrxt = params->spp_pathmaxrxt;2364} else if (asoc) {2365asoc->pathmaxrxt = params->spp_pathmaxrxt;2366} else {2367sp->pathmaxrxt = params->spp_pathmaxrxt;2368}2369}23702371return 0;2372}23732374static int sctp_setsockopt_peer_addr_params(struct sock *sk,2375char __user *optval,2376unsigned int optlen)2377{2378struct sctp_paddrparams params;2379struct sctp_transport *trans = NULL;2380struct sctp_association *asoc = NULL;2381struct sctp_sock *sp = sctp_sk(sk);2382int error;2383int hb_change, pmtud_change, sackdelay_change;23842385if (optlen != sizeof(struct sctp_paddrparams))2386return - EINVAL;23872388if (copy_from_user(¶ms, optval, optlen))2389return -EFAULT;23902391/* Validate flags and value parameters. */2392hb_change = params.spp_flags & SPP_HB;2393pmtud_change = params.spp_flags & SPP_PMTUD;2394sackdelay_change = params.spp_flags & SPP_SACKDELAY;23952396if (hb_change == SPP_HB ||2397pmtud_change == SPP_PMTUD ||2398sackdelay_change == SPP_SACKDELAY ||2399params.spp_sackdelay > 500 ||2400(params.spp_pathmtu &&2401params.spp_pathmtu < SCTP_DEFAULT_MINSEGMENT))2402return -EINVAL;24032404/* If an address other than INADDR_ANY is specified, and2405* no transport is found, then the request is invalid.2406*/2407if (!sctp_is_any(sk, ( union sctp_addr *)¶ms.spp_address)) {2408trans = sctp_addr_id2transport(sk, ¶ms.spp_address,2409params.spp_assoc_id);2410if (!trans)2411return -EINVAL;2412}24132414/* Get association, if assoc_id != 0 and the socket is a one2415* to many style socket, and an association was not found, then2416* the id was invalid.2417*/2418asoc = sctp_id2assoc(sk, params.spp_assoc_id);2419if (!asoc && params.spp_assoc_id && sctp_style(sk, UDP))2420return -EINVAL;24212422/* Heartbeat demand can only be sent on a transport or2423* association, but not a socket.2424*/2425if (params.spp_flags & SPP_HB_DEMAND && !trans && !asoc)2426return -EINVAL;24272428/* Process parameters. */2429error = sctp_apply_peer_addr_params(¶ms, trans, asoc, sp,2430hb_change, pmtud_change,2431sackdelay_change);24322433if (error)2434return error;24352436/* If changes are for association, also apply parameters to each2437* transport.2438*/2439if (!trans && asoc) {2440list_for_each_entry(trans, &asoc->peer.transport_addr_list,2441transports) {2442sctp_apply_peer_addr_params(¶ms, trans, asoc, sp,2443hb_change, pmtud_change,2444sackdelay_change);2445}2446}24472448return 0;2449}24502451/*2452* 7.1.23. Get or set delayed ack timer (SCTP_DELAYED_SACK)2453*2454* This option will effect the way delayed acks are performed. This2455* option allows you to get or set the delayed ack time, in2456* milliseconds. It also allows changing the delayed ack frequency.2457* Changing the frequency to 1 disables the delayed sack algorithm. If2458* the assoc_id is 0, then this sets or gets the endpoints default2459* values. If the assoc_id field is non-zero, then the set or get2460* effects the specified association for the one to many model (the2461* assoc_id field is ignored by the one to one model). Note that if2462* sack_delay or sack_freq are 0 when setting this option, then the2463* current values will remain unchanged.2464*2465* struct sctp_sack_info {2466* sctp_assoc_t sack_assoc_id;2467* uint32_t sack_delay;2468* uint32_t sack_freq;2469* };2470*2471* sack_assoc_id - This parameter, indicates which association the user2472* is performing an action upon. Note that if this field's value is2473* zero then the endpoints default value is changed (effecting future2474* associations only).2475*2476* sack_delay - This parameter contains the number of milliseconds that2477* the user is requesting the delayed ACK timer be set to. Note that2478* this value is defined in the standard to be between 200 and 5002479* milliseconds.2480*2481* sack_freq - This parameter contains the number of packets that must2482* be received before a sack is sent without waiting for the delay2483* timer to expire. The default value for this is 2, setting this2484* value to 1 will disable the delayed sack algorithm.2485*/24862487static int sctp_setsockopt_delayed_ack(struct sock *sk,2488char __user *optval, unsigned int optlen)2489{2490struct sctp_sack_info params;2491struct sctp_transport *trans = NULL;2492struct sctp_association *asoc = NULL;2493struct sctp_sock *sp = sctp_sk(sk);24942495if (optlen == sizeof(struct sctp_sack_info)) {2496if (copy_from_user(¶ms, optval, optlen))2497return -EFAULT;24982499if (params.sack_delay == 0 && params.sack_freq == 0)2500return 0;2501} else if (optlen == sizeof(struct sctp_assoc_value)) {2502pr_warn("Use of struct sctp_assoc_value in delayed_ack socket option deprecated\n");2503pr_warn("Use struct sctp_sack_info instead\n");2504if (copy_from_user(¶ms, optval, optlen))2505return -EFAULT;25062507if (params.sack_delay == 0)2508params.sack_freq = 1;2509else2510params.sack_freq = 0;2511} else2512return - EINVAL;25132514/* Validate value parameter. */2515if (params.sack_delay > 500)2516return -EINVAL;25172518/* Get association, if sack_assoc_id != 0 and the socket is a one2519* to many style socket, and an association was not found, then2520* the id was invalid.2521*/2522asoc = sctp_id2assoc(sk, params.sack_assoc_id);2523if (!asoc && params.sack_assoc_id && sctp_style(sk, UDP))2524return -EINVAL;25252526if (params.sack_delay) {2527if (asoc) {2528asoc->sackdelay =2529msecs_to_jiffies(params.sack_delay);2530asoc->param_flags =2531(asoc->param_flags & ~SPP_SACKDELAY) |2532SPP_SACKDELAY_ENABLE;2533} else {2534sp->sackdelay = params.sack_delay;2535sp->param_flags =2536(sp->param_flags & ~SPP_SACKDELAY) |2537SPP_SACKDELAY_ENABLE;2538}2539}25402541if (params.sack_freq == 1) {2542if (asoc) {2543asoc->param_flags =2544(asoc->param_flags & ~SPP_SACKDELAY) |2545SPP_SACKDELAY_DISABLE;2546} else {2547sp->param_flags =2548(sp->param_flags & ~SPP_SACKDELAY) |2549SPP_SACKDELAY_DISABLE;2550}2551} else if (params.sack_freq > 1) {2552if (asoc) {2553asoc->sackfreq = params.sack_freq;2554asoc->param_flags =2555(asoc->param_flags & ~SPP_SACKDELAY) |2556SPP_SACKDELAY_ENABLE;2557} else {2558sp->sackfreq = params.sack_freq;2559sp->param_flags =2560(sp->param_flags & ~SPP_SACKDELAY) |2561SPP_SACKDELAY_ENABLE;2562}2563}25642565/* If change is for association, also apply to each transport. */2566if (asoc) {2567list_for_each_entry(trans, &asoc->peer.transport_addr_list,2568transports) {2569if (params.sack_delay) {2570trans->sackdelay =2571msecs_to_jiffies(params.sack_delay);2572trans->param_flags =2573(trans->param_flags & ~SPP_SACKDELAY) |2574SPP_SACKDELAY_ENABLE;2575}2576if (params.sack_freq == 1) {2577trans->param_flags =2578(trans->param_flags & ~SPP_SACKDELAY) |2579SPP_SACKDELAY_DISABLE;2580} else if (params.sack_freq > 1) {2581trans->sackfreq = params.sack_freq;2582trans->param_flags =2583(trans->param_flags & ~SPP_SACKDELAY) |2584SPP_SACKDELAY_ENABLE;2585}2586}2587}25882589return 0;2590}25912592/* 7.1.3 Initialization Parameters (SCTP_INITMSG)2593*2594* Applications can specify protocol parameters for the default association2595* initialization. The option name argument to setsockopt() and getsockopt()2596* is SCTP_INITMSG.2597*2598* Setting initialization parameters is effective only on an unconnected2599* socket (for UDP-style sockets only future associations are effected2600* by the change). With TCP-style sockets, this option is inherited by2601* sockets derived from a listener socket.2602*/2603static int sctp_setsockopt_initmsg(struct sock *sk, char __user *optval, unsigned int optlen)2604{2605struct sctp_initmsg sinit;2606struct sctp_sock *sp = sctp_sk(sk);26072608if (optlen != sizeof(struct sctp_initmsg))2609return -EINVAL;2610if (copy_from_user(&sinit, optval, optlen))2611return -EFAULT;26122613if (sinit.sinit_num_ostreams)2614sp->initmsg.sinit_num_ostreams = sinit.sinit_num_ostreams;2615if (sinit.sinit_max_instreams)2616sp->initmsg.sinit_max_instreams = sinit.sinit_max_instreams;2617if (sinit.sinit_max_attempts)2618sp->initmsg.sinit_max_attempts = sinit.sinit_max_attempts;2619if (sinit.sinit_max_init_timeo)2620sp->initmsg.sinit_max_init_timeo = sinit.sinit_max_init_timeo;26212622return 0;2623}26242625/*2626* 7.1.14 Set default send parameters (SCTP_DEFAULT_SEND_PARAM)2627*2628* Applications that wish to use the sendto() system call may wish to2629* specify a default set of parameters that would normally be supplied2630* through the inclusion of ancillary data. This socket option allows2631* such an application to set the default sctp_sndrcvinfo structure.2632* The application that wishes to use this socket option simply passes2633* in to this call the sctp_sndrcvinfo structure defined in Section2634* 5.2.2) The input parameters accepted by this call include2635* sinfo_stream, sinfo_flags, sinfo_ppid, sinfo_context,2636* sinfo_timetolive. The user must provide the sinfo_assoc_id field in2637* to this call if the caller is using the UDP model.2638*/2639static int sctp_setsockopt_default_send_param(struct sock *sk,2640char __user *optval,2641unsigned int optlen)2642{2643struct sctp_sndrcvinfo info;2644struct sctp_association *asoc;2645struct sctp_sock *sp = sctp_sk(sk);26462647if (optlen != sizeof(struct sctp_sndrcvinfo))2648return -EINVAL;2649if (copy_from_user(&info, optval, optlen))2650return -EFAULT;26512652asoc = sctp_id2assoc(sk, info.sinfo_assoc_id);2653if (!asoc && info.sinfo_assoc_id && sctp_style(sk, UDP))2654return -EINVAL;26552656if (asoc) {2657asoc->default_stream = info.sinfo_stream;2658asoc->default_flags = info.sinfo_flags;2659asoc->default_ppid = info.sinfo_ppid;2660asoc->default_context = info.sinfo_context;2661asoc->default_timetolive = info.sinfo_timetolive;2662} else {2663sp->default_stream = info.sinfo_stream;2664sp->default_flags = info.sinfo_flags;2665sp->default_ppid = info.sinfo_ppid;2666sp->default_context = info.sinfo_context;2667sp->default_timetolive = info.sinfo_timetolive;2668}26692670return 0;2671}26722673/* 7.1.10 Set Primary Address (SCTP_PRIMARY_ADDR)2674*2675* Requests that the local SCTP stack use the enclosed peer address as2676* the association primary. The enclosed address must be one of the2677* association peer's addresses.2678*/2679static int sctp_setsockopt_primary_addr(struct sock *sk, char __user *optval,2680unsigned int optlen)2681{2682struct sctp_prim prim;2683struct sctp_transport *trans;26842685if (optlen != sizeof(struct sctp_prim))2686return -EINVAL;26872688if (copy_from_user(&prim, optval, sizeof(struct sctp_prim)))2689return -EFAULT;26902691trans = sctp_addr_id2transport(sk, &prim.ssp_addr, prim.ssp_assoc_id);2692if (!trans)2693return -EINVAL;26942695sctp_assoc_set_primary(trans->asoc, trans);26962697return 0;2698}26992700/*2701* 7.1.5 SCTP_NODELAY2702*2703* Turn on/off any Nagle-like algorithm. This means that packets are2704* generally sent as soon as possible and no unnecessary delays are2705* introduced, at the cost of more packets in the network. Expects an2706* integer boolean flag.2707*/2708static int sctp_setsockopt_nodelay(struct sock *sk, char __user *optval,2709unsigned int optlen)2710{2711int val;27122713if (optlen < sizeof(int))2714return -EINVAL;2715if (get_user(val, (int __user *)optval))2716return -EFAULT;27172718sctp_sk(sk)->nodelay = (val == 0) ? 0 : 1;2719return 0;2720}27212722/*2723*2724* 7.1.1 SCTP_RTOINFO2725*2726* The protocol parameters used to initialize and bound retransmission2727* timeout (RTO) are tunable. sctp_rtoinfo structure is used to access2728* and modify these parameters.2729* All parameters are time values, in milliseconds. A value of 0, when2730* modifying the parameters, indicates that the current value should not2731* be changed.2732*2733*/2734static int sctp_setsockopt_rtoinfo(struct sock *sk, char __user *optval, unsigned int optlen)2735{2736struct sctp_rtoinfo rtoinfo;2737struct sctp_association *asoc;27382739if (optlen != sizeof (struct sctp_rtoinfo))2740return -EINVAL;27412742if (copy_from_user(&rtoinfo, optval, optlen))2743return -EFAULT;27442745asoc = sctp_id2assoc(sk, rtoinfo.srto_assoc_id);27462747/* Set the values to the specific association */2748if (!asoc && rtoinfo.srto_assoc_id && sctp_style(sk, UDP))2749return -EINVAL;27502751if (asoc) {2752if (rtoinfo.srto_initial != 0)2753asoc->rto_initial =2754msecs_to_jiffies(rtoinfo.srto_initial);2755if (rtoinfo.srto_max != 0)2756asoc->rto_max = msecs_to_jiffies(rtoinfo.srto_max);2757if (rtoinfo.srto_min != 0)2758asoc->rto_min = msecs_to_jiffies(rtoinfo.srto_min);2759} else {2760/* If there is no association or the association-id = 02761* set the values to the endpoint.2762*/2763struct sctp_sock *sp = sctp_sk(sk);27642765if (rtoinfo.srto_initial != 0)2766sp->rtoinfo.srto_initial = rtoinfo.srto_initial;2767if (rtoinfo.srto_max != 0)2768sp->rtoinfo.srto_max = rtoinfo.srto_max;2769if (rtoinfo.srto_min != 0)2770sp->rtoinfo.srto_min = rtoinfo.srto_min;2771}27722773return 0;2774}27752776/*2777*2778* 7.1.2 SCTP_ASSOCINFO2779*2780* This option is used to tune the maximum retransmission attempts2781* of the association.2782* Returns an error if the new association retransmission value is2783* greater than the sum of the retransmission value of the peer.2784* See [SCTP] for more information.2785*2786*/2787static int sctp_setsockopt_associnfo(struct sock *sk, char __user *optval, unsigned int optlen)2788{27892790struct sctp_assocparams assocparams;2791struct sctp_association *asoc;27922793if (optlen != sizeof(struct sctp_assocparams))2794return -EINVAL;2795if (copy_from_user(&assocparams, optval, optlen))2796return -EFAULT;27972798asoc = sctp_id2assoc(sk, assocparams.sasoc_assoc_id);27992800if (!asoc && assocparams.sasoc_assoc_id && sctp_style(sk, UDP))2801return -EINVAL;28022803/* Set the values to the specific association */2804if (asoc) {2805if (assocparams.sasoc_asocmaxrxt != 0) {2806__u32 path_sum = 0;2807int paths = 0;2808struct sctp_transport *peer_addr;28092810list_for_each_entry(peer_addr, &asoc->peer.transport_addr_list,2811transports) {2812path_sum += peer_addr->pathmaxrxt;2813paths++;2814}28152816/* Only validate asocmaxrxt if we have more than2817* one path/transport. We do this because path2818* retransmissions are only counted when we have more2819* then one path.2820*/2821if (paths > 1 &&2822assocparams.sasoc_asocmaxrxt > path_sum)2823return -EINVAL;28242825asoc->max_retrans = assocparams.sasoc_asocmaxrxt;2826}28272828if (assocparams.sasoc_cookie_life != 0) {2829asoc->cookie_life.tv_sec =2830assocparams.sasoc_cookie_life / 1000;2831asoc->cookie_life.tv_usec =2832(assocparams.sasoc_cookie_life % 1000)2833* 1000;2834}2835} else {2836/* Set the values to the endpoint */2837struct sctp_sock *sp = sctp_sk(sk);28382839if (assocparams.sasoc_asocmaxrxt != 0)2840sp->assocparams.sasoc_asocmaxrxt =2841assocparams.sasoc_asocmaxrxt;2842if (assocparams.sasoc_cookie_life != 0)2843sp->assocparams.sasoc_cookie_life =2844assocparams.sasoc_cookie_life;2845}2846return 0;2847}28482849/*2850* 7.1.16 Set/clear IPv4 mapped addresses (SCTP_I_WANT_MAPPED_V4_ADDR)2851*2852* This socket option is a boolean flag which turns on or off mapped V42853* addresses. If this option is turned on and the socket is type2854* PF_INET6, then IPv4 addresses will be mapped to V6 representation.2855* If this option is turned off, then no mapping will be done of V42856* addresses and a user will receive both PF_INET6 and PF_INET type2857* addresses on the socket.2858*/2859static int sctp_setsockopt_mappedv4(struct sock *sk, char __user *optval, unsigned int optlen)2860{2861int val;2862struct sctp_sock *sp = sctp_sk(sk);28632864if (optlen < sizeof(int))2865return -EINVAL;2866if (get_user(val, (int __user *)optval))2867return -EFAULT;2868if (val)2869sp->v4mapped = 1;2870else2871sp->v4mapped = 0;28722873return 0;2874}28752876/*2877* 8.1.16. Get or Set the Maximum Fragmentation Size (SCTP_MAXSEG)2878* This option will get or set the maximum size to put in any outgoing2879* SCTP DATA chunk. If a message is larger than this size it will be2880* fragmented by SCTP into the specified size. Note that the underlying2881* SCTP implementation may fragment into smaller sized chunks when the2882* PMTU of the underlying association is smaller than the value set by2883* the user. The default value for this option is '0' which indicates2884* the user is NOT limiting fragmentation and only the PMTU will effect2885* SCTP's choice of DATA chunk size. Note also that values set larger2886* than the maximum size of an IP datagram will effectively let SCTP2887* control fragmentation (i.e. the same as setting this option to 0).2888*2889* The following structure is used to access and modify this parameter:2890*2891* struct sctp_assoc_value {2892* sctp_assoc_t assoc_id;2893* uint32_t assoc_value;2894* };2895*2896* assoc_id: This parameter is ignored for one-to-one style sockets.2897* For one-to-many style sockets this parameter indicates which2898* association the user is performing an action upon. Note that if2899* this field's value is zero then the endpoints default value is2900* changed (effecting future associations only).2901* assoc_value: This parameter specifies the maximum size in bytes.2902*/2903static int sctp_setsockopt_maxseg(struct sock *sk, char __user *optval, unsigned int optlen)2904{2905struct sctp_assoc_value params;2906struct sctp_association *asoc;2907struct sctp_sock *sp = sctp_sk(sk);2908int val;29092910if (optlen == sizeof(int)) {2911pr_warn("Use of int in maxseg socket option deprecated\n");2912pr_warn("Use struct sctp_assoc_value instead\n");2913if (copy_from_user(&val, optval, optlen))2914return -EFAULT;2915params.assoc_id = 0;2916} else if (optlen == sizeof(struct sctp_assoc_value)) {2917if (copy_from_user(¶ms, optval, optlen))2918return -EFAULT;2919val = params.assoc_value;2920} else2921return -EINVAL;29222923if ((val != 0) && ((val < 8) || (val > SCTP_MAX_CHUNK_LEN)))2924return -EINVAL;29252926asoc = sctp_id2assoc(sk, params.assoc_id);2927if (!asoc && params.assoc_id && sctp_style(sk, UDP))2928return -EINVAL;29292930if (asoc) {2931if (val == 0) {2932val = asoc->pathmtu;2933val -= sp->pf->af->net_header_len;2934val -= sizeof(struct sctphdr) +2935sizeof(struct sctp_data_chunk);2936}2937asoc->user_frag = val;2938asoc->frag_point = sctp_frag_point(asoc, asoc->pathmtu);2939} else {2940sp->user_frag = val;2941}29422943return 0;2944}294529462947/*2948* 7.1.9 Set Peer Primary Address (SCTP_SET_PEER_PRIMARY_ADDR)2949*2950* Requests that the peer mark the enclosed address as the association2951* primary. The enclosed address must be one of the association's2952* locally bound addresses. The following structure is used to make a2953* set primary request:2954*/2955static int sctp_setsockopt_peer_primary_addr(struct sock *sk, char __user *optval,2956unsigned int optlen)2957{2958struct sctp_sock *sp;2959struct sctp_association *asoc = NULL;2960struct sctp_setpeerprim prim;2961struct sctp_chunk *chunk;2962struct sctp_af *af;2963int err;29642965sp = sctp_sk(sk);29662967if (!sctp_addip_enable)2968return -EPERM;29692970if (optlen != sizeof(struct sctp_setpeerprim))2971return -EINVAL;29722973if (copy_from_user(&prim, optval, optlen))2974return -EFAULT;29752976asoc = sctp_id2assoc(sk, prim.sspp_assoc_id);2977if (!asoc)2978return -EINVAL;29792980if (!asoc->peer.asconf_capable)2981return -EPERM;29822983if (asoc->peer.addip_disabled_mask & SCTP_PARAM_SET_PRIMARY)2984return -EPERM;29852986if (!sctp_state(asoc, ESTABLISHED))2987return -ENOTCONN;29882989af = sctp_get_af_specific(prim.sspp_addr.ss_family);2990if (!af)2991return -EINVAL;29922993if (!af->addr_valid((union sctp_addr *)&prim.sspp_addr, sp, NULL))2994return -EADDRNOTAVAIL;29952996if (!sctp_assoc_lookup_laddr(asoc, (union sctp_addr *)&prim.sspp_addr))2997return -EADDRNOTAVAIL;29982999/* Create an ASCONF chunk with SET_PRIMARY parameter */3000chunk = sctp_make_asconf_set_prim(asoc,3001(union sctp_addr *)&prim.sspp_addr);3002if (!chunk)3003return -ENOMEM;30043005err = sctp_send_asconf(asoc, chunk);30063007SCTP_DEBUG_PRINTK("We set peer primary addr primitively.\n");30083009return err;3010}30113012static int sctp_setsockopt_adaptation_layer(struct sock *sk, char __user *optval,3013unsigned int optlen)3014{3015struct sctp_setadaptation adaptation;30163017if (optlen != sizeof(struct sctp_setadaptation))3018return -EINVAL;3019if (copy_from_user(&adaptation, optval, optlen))3020return -EFAULT;30213022sctp_sk(sk)->adaptation_ind = adaptation.ssb_adaptation_ind;30233024return 0;3025}30263027/*3028* 7.1.29. Set or Get the default context (SCTP_CONTEXT)3029*3030* The context field in the sctp_sndrcvinfo structure is normally only3031* used when a failed message is retrieved holding the value that was3032* sent down on the actual send call. This option allows the setting of3033* a default context on an association basis that will be received on3034* reading messages from the peer. This is especially helpful in the3035* one-2-many model for an application to keep some reference to an3036* internal state machine that is processing messages on the3037* association. Note that the setting of this value only effects3038* received messages from the peer and does not effect the value that is3039* saved with outbound messages.3040*/3041static int sctp_setsockopt_context(struct sock *sk, char __user *optval,3042unsigned int optlen)3043{3044struct sctp_assoc_value params;3045struct sctp_sock *sp;3046struct sctp_association *asoc;30473048if (optlen != sizeof(struct sctp_assoc_value))3049return -EINVAL;3050if (copy_from_user(¶ms, optval, optlen))3051return -EFAULT;30523053sp = sctp_sk(sk);30543055if (params.assoc_id != 0) {3056asoc = sctp_id2assoc(sk, params.assoc_id);3057if (!asoc)3058return -EINVAL;3059asoc->default_rcv_context = params.assoc_value;3060} else {3061sp->default_rcv_context = params.assoc_value;3062}30633064return 0;3065}30663067/*3068* 7.1.24. Get or set fragmented interleave (SCTP_FRAGMENT_INTERLEAVE)3069*3070* This options will at a minimum specify if the implementation is doing3071* fragmented interleave. Fragmented interleave, for a one to many3072* socket, is when subsequent calls to receive a message may return3073* parts of messages from different associations. Some implementations3074* may allow you to turn this value on or off. If so, when turned off,3075* no fragment interleave will occur (which will cause a head of line3076* blocking amongst multiple associations sharing the same one to many3077* socket). When this option is turned on, then each receive call may3078* come from a different association (thus the user must receive data3079* with the extended calls (e.g. sctp_recvmsg) to keep track of which3080* association each receive belongs to.3081*3082* This option takes a boolean value. A non-zero value indicates that3083* fragmented interleave is on. A value of zero indicates that3084* fragmented interleave is off.3085*3086* Note that it is important that an implementation that allows this3087* option to be turned on, have it off by default. Otherwise an unaware3088* application using the one to many model may become confused and act3089* incorrectly.3090*/3091static int sctp_setsockopt_fragment_interleave(struct sock *sk,3092char __user *optval,3093unsigned int optlen)3094{3095int val;30963097if (optlen != sizeof(int))3098return -EINVAL;3099if (get_user(val, (int __user *)optval))3100return -EFAULT;31013102sctp_sk(sk)->frag_interleave = (val == 0) ? 0 : 1;31033104return 0;3105}31063107/*3108* 8.1.21. Set or Get the SCTP Partial Delivery Point3109* (SCTP_PARTIAL_DELIVERY_POINT)3110*3111* This option will set or get the SCTP partial delivery point. This3112* point is the size of a message where the partial delivery API will be3113* invoked to help free up rwnd space for the peer. Setting this to a3114* lower value will cause partial deliveries to happen more often. The3115* calls argument is an integer that sets or gets the partial delivery3116* point. Note also that the call will fail if the user attempts to set3117* this value larger than the socket receive buffer size.3118*3119* Note that any single message having a length smaller than or equal to3120* the SCTP partial delivery point will be delivered in one single read3121* call as long as the user provided buffer is large enough to hold the3122* message.3123*/3124static int sctp_setsockopt_partial_delivery_point(struct sock *sk,3125char __user *optval,3126unsigned int optlen)3127{3128u32 val;31293130if (optlen != sizeof(u32))3131return -EINVAL;3132if (get_user(val, (int __user *)optval))3133return -EFAULT;31343135/* Note: We double the receive buffer from what the user sets3136* it to be, also initial rwnd is based on rcvbuf/2.3137*/3138if (val > (sk->sk_rcvbuf >> 1))3139return -EINVAL;31403141sctp_sk(sk)->pd_point = val;31423143return 0; /* is this the right error code? */3144}31453146/*3147* 7.1.28. Set or Get the maximum burst (SCTP_MAX_BURST)3148*3149* This option will allow a user to change the maximum burst of packets3150* that can be emitted by this association. Note that the default value3151* is 4, and some implementations may restrict this setting so that it3152* can only be lowered.3153*3154* NOTE: This text doesn't seem right. Do this on a socket basis with3155* future associations inheriting the socket value.3156*/3157static int sctp_setsockopt_maxburst(struct sock *sk,3158char __user *optval,3159unsigned int optlen)3160{3161struct sctp_assoc_value params;3162struct sctp_sock *sp;3163struct sctp_association *asoc;3164int val;3165int assoc_id = 0;31663167if (optlen == sizeof(int)) {3168pr_warn("Use of int in max_burst socket option deprecated\n");3169pr_warn("Use struct sctp_assoc_value instead\n");3170if (copy_from_user(&val, optval, optlen))3171return -EFAULT;3172} else if (optlen == sizeof(struct sctp_assoc_value)) {3173if (copy_from_user(¶ms, optval, optlen))3174return -EFAULT;3175val = params.assoc_value;3176assoc_id = params.assoc_id;3177} else3178return -EINVAL;31793180sp = sctp_sk(sk);31813182if (assoc_id != 0) {3183asoc = sctp_id2assoc(sk, assoc_id);3184if (!asoc)3185return -EINVAL;3186asoc->max_burst = val;3187} else3188sp->max_burst = val;31893190return 0;3191}31923193/*3194* 7.1.18. Add a chunk that must be authenticated (SCTP_AUTH_CHUNK)3195*3196* This set option adds a chunk type that the user is requesting to be3197* received only in an authenticated way. Changes to the list of chunks3198* will only effect future associations on the socket.3199*/3200static int sctp_setsockopt_auth_chunk(struct sock *sk,3201char __user *optval,3202unsigned int optlen)3203{3204struct sctp_authchunk val;32053206if (!sctp_auth_enable)3207return -EACCES;32083209if (optlen != sizeof(struct sctp_authchunk))3210return -EINVAL;3211if (copy_from_user(&val, optval, optlen))3212return -EFAULT;32133214switch (val.sauth_chunk) {3215case SCTP_CID_INIT:3216case SCTP_CID_INIT_ACK:3217case SCTP_CID_SHUTDOWN_COMPLETE:3218case SCTP_CID_AUTH:3219return -EINVAL;3220}32213222/* add this chunk id to the endpoint */3223return sctp_auth_ep_add_chunkid(sctp_sk(sk)->ep, val.sauth_chunk);3224}32253226/*3227* 7.1.19. Get or set the list of supported HMAC Identifiers (SCTP_HMAC_IDENT)3228*3229* This option gets or sets the list of HMAC algorithms that the local3230* endpoint requires the peer to use.3231*/3232static int sctp_setsockopt_hmac_ident(struct sock *sk,3233char __user *optval,3234unsigned int optlen)3235{3236struct sctp_hmacalgo *hmacs;3237u32 idents;3238int err;32393240if (!sctp_auth_enable)3241return -EACCES;32423243if (optlen < sizeof(struct sctp_hmacalgo))3244return -EINVAL;32453246hmacs= memdup_user(optval, optlen);3247if (IS_ERR(hmacs))3248return PTR_ERR(hmacs);32493250idents = hmacs->shmac_num_idents;3251if (idents == 0 || idents > SCTP_AUTH_NUM_HMACS ||3252(idents * sizeof(u16)) > (optlen - sizeof(struct sctp_hmacalgo))) {3253err = -EINVAL;3254goto out;3255}32563257err = sctp_auth_ep_set_hmacs(sctp_sk(sk)->ep, hmacs);3258out:3259kfree(hmacs);3260return err;3261}32623263/*3264* 7.1.20. Set a shared key (SCTP_AUTH_KEY)3265*3266* This option will set a shared secret key which is used to build an3267* association shared key.3268*/3269static int sctp_setsockopt_auth_key(struct sock *sk,3270char __user *optval,3271unsigned int optlen)3272{3273struct sctp_authkey *authkey;3274struct sctp_association *asoc;3275int ret;32763277if (!sctp_auth_enable)3278return -EACCES;32793280if (optlen <= sizeof(struct sctp_authkey))3281return -EINVAL;32823283authkey= memdup_user(optval, optlen);3284if (IS_ERR(authkey))3285return PTR_ERR(authkey);32863287if (authkey->sca_keylength > optlen - sizeof(struct sctp_authkey)) {3288ret = -EINVAL;3289goto out;3290}32913292asoc = sctp_id2assoc(sk, authkey->sca_assoc_id);3293if (!asoc && authkey->sca_assoc_id && sctp_style(sk, UDP)) {3294ret = -EINVAL;3295goto out;3296}32973298ret = sctp_auth_set_key(sctp_sk(sk)->ep, asoc, authkey);3299out:3300kfree(authkey);3301return ret;3302}33033304/*3305* 7.1.21. Get or set the active shared key (SCTP_AUTH_ACTIVE_KEY)3306*3307* This option will get or set the active shared key to be used to build3308* the association shared key.3309*/3310static int sctp_setsockopt_active_key(struct sock *sk,3311char __user *optval,3312unsigned int optlen)3313{3314struct sctp_authkeyid val;3315struct sctp_association *asoc;33163317if (!sctp_auth_enable)3318return -EACCES;33193320if (optlen != sizeof(struct sctp_authkeyid))3321return -EINVAL;3322if (copy_from_user(&val, optval, optlen))3323return -EFAULT;33243325asoc = sctp_id2assoc(sk, val.scact_assoc_id);3326if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))3327return -EINVAL;33283329return sctp_auth_set_active_key(sctp_sk(sk)->ep, asoc,3330val.scact_keynumber);3331}33323333/*3334* 7.1.22. Delete a shared key (SCTP_AUTH_DELETE_KEY)3335*3336* This set option will delete a shared secret key from use.3337*/3338static int sctp_setsockopt_del_key(struct sock *sk,3339char __user *optval,3340unsigned int optlen)3341{3342struct sctp_authkeyid val;3343struct sctp_association *asoc;33443345if (!sctp_auth_enable)3346return -EACCES;33473348if (optlen != sizeof(struct sctp_authkeyid))3349return -EINVAL;3350if (copy_from_user(&val, optval, optlen))3351return -EFAULT;33523353asoc = sctp_id2assoc(sk, val.scact_assoc_id);3354if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))3355return -EINVAL;33563357return sctp_auth_del_key_id(sctp_sk(sk)->ep, asoc,3358val.scact_keynumber);33593360}336133623363/* API 6.2 setsockopt(), getsockopt()3364*3365* Applications use setsockopt() and getsockopt() to set or retrieve3366* socket options. Socket options are used to change the default3367* behavior of sockets calls. They are described in Section 7.3368*3369* The syntax is:3370*3371* ret = getsockopt(int sd, int level, int optname, void __user *optval,3372* int __user *optlen);3373* ret = setsockopt(int sd, int level, int optname, const void __user *optval,3374* int optlen);3375*3376* sd - the socket descript.3377* level - set to IPPROTO_SCTP for all SCTP options.3378* optname - the option name.3379* optval - the buffer to store the value of the option.3380* optlen - the size of the buffer.3381*/3382SCTP_STATIC int sctp_setsockopt(struct sock *sk, int level, int optname,3383char __user *optval, unsigned int optlen)3384{3385int retval = 0;33863387SCTP_DEBUG_PRINTK("sctp_setsockopt(sk: %p... optname: %d)\n",3388sk, optname);33893390/* I can hardly begin to describe how wrong this is. This is3391* so broken as to be worse than useless. The API draft3392* REALLY is NOT helpful here... I am not convinced that the3393* semantics of setsockopt() with a level OTHER THAN SOL_SCTP3394* are at all well-founded.3395*/3396if (level != SOL_SCTP) {3397struct sctp_af *af = sctp_sk(sk)->pf->af;3398retval = af->setsockopt(sk, level, optname, optval, optlen);3399goto out_nounlock;3400}34013402sctp_lock_sock(sk);34033404switch (optname) {3405case SCTP_SOCKOPT_BINDX_ADD:3406/* 'optlen' is the size of the addresses buffer. */3407retval = sctp_setsockopt_bindx(sk, (struct sockaddr __user *)optval,3408optlen, SCTP_BINDX_ADD_ADDR);3409break;34103411case SCTP_SOCKOPT_BINDX_REM:3412/* 'optlen' is the size of the addresses buffer. */3413retval = sctp_setsockopt_bindx(sk, (struct sockaddr __user *)optval,3414optlen, SCTP_BINDX_REM_ADDR);3415break;34163417case SCTP_SOCKOPT_CONNECTX_OLD:3418/* 'optlen' is the size of the addresses buffer. */3419retval = sctp_setsockopt_connectx_old(sk,3420(struct sockaddr __user *)optval,3421optlen);3422break;34233424case SCTP_SOCKOPT_CONNECTX:3425/* 'optlen' is the size of the addresses buffer. */3426retval = sctp_setsockopt_connectx(sk,3427(struct sockaddr __user *)optval,3428optlen);3429break;34303431case SCTP_DISABLE_FRAGMENTS:3432retval = sctp_setsockopt_disable_fragments(sk, optval, optlen);3433break;34343435case SCTP_EVENTS:3436retval = sctp_setsockopt_events(sk, optval, optlen);3437break;34383439case SCTP_AUTOCLOSE:3440retval = sctp_setsockopt_autoclose(sk, optval, optlen);3441break;34423443case SCTP_PEER_ADDR_PARAMS:3444retval = sctp_setsockopt_peer_addr_params(sk, optval, optlen);3445break;34463447case SCTP_DELAYED_SACK:3448retval = sctp_setsockopt_delayed_ack(sk, optval, optlen);3449break;3450case SCTP_PARTIAL_DELIVERY_POINT:3451retval = sctp_setsockopt_partial_delivery_point(sk, optval, optlen);3452break;34533454case SCTP_INITMSG:3455retval = sctp_setsockopt_initmsg(sk, optval, optlen);3456break;3457case SCTP_DEFAULT_SEND_PARAM:3458retval = sctp_setsockopt_default_send_param(sk, optval,3459optlen);3460break;3461case SCTP_PRIMARY_ADDR:3462retval = sctp_setsockopt_primary_addr(sk, optval, optlen);3463break;3464case SCTP_SET_PEER_PRIMARY_ADDR:3465retval = sctp_setsockopt_peer_primary_addr(sk, optval, optlen);3466break;3467case SCTP_NODELAY:3468retval = sctp_setsockopt_nodelay(sk, optval, optlen);3469break;3470case SCTP_RTOINFO:3471retval = sctp_setsockopt_rtoinfo(sk, optval, optlen);3472break;3473case SCTP_ASSOCINFO:3474retval = sctp_setsockopt_associnfo(sk, optval, optlen);3475break;3476case SCTP_I_WANT_MAPPED_V4_ADDR:3477retval = sctp_setsockopt_mappedv4(sk, optval, optlen);3478break;3479case SCTP_MAXSEG:3480retval = sctp_setsockopt_maxseg(sk, optval, optlen);3481break;3482case SCTP_ADAPTATION_LAYER:3483retval = sctp_setsockopt_adaptation_layer(sk, optval, optlen);3484break;3485case SCTP_CONTEXT:3486retval = sctp_setsockopt_context(sk, optval, optlen);3487break;3488case SCTP_FRAGMENT_INTERLEAVE:3489retval = sctp_setsockopt_fragment_interleave(sk, optval, optlen);3490break;3491case SCTP_MAX_BURST:3492retval = sctp_setsockopt_maxburst(sk, optval, optlen);3493break;3494case SCTP_AUTH_CHUNK:3495retval = sctp_setsockopt_auth_chunk(sk, optval, optlen);3496break;3497case SCTP_HMAC_IDENT:3498retval = sctp_setsockopt_hmac_ident(sk, optval, optlen);3499break;3500case SCTP_AUTH_KEY:3501retval = sctp_setsockopt_auth_key(sk, optval, optlen);3502break;3503case SCTP_AUTH_ACTIVE_KEY:3504retval = sctp_setsockopt_active_key(sk, optval, optlen);3505break;3506case SCTP_AUTH_DELETE_KEY:3507retval = sctp_setsockopt_del_key(sk, optval, optlen);3508break;3509default:3510retval = -ENOPROTOOPT;3511break;3512}35133514sctp_release_sock(sk);35153516out_nounlock:3517return retval;3518}35193520/* API 3.1.6 connect() - UDP Style Syntax3521*3522* An application may use the connect() call in the UDP model to initiate an3523* association without sending data.3524*3525* The syntax is:3526*3527* ret = connect(int sd, const struct sockaddr *nam, socklen_t len);3528*3529* sd: the socket descriptor to have a new association added to.3530*3531* nam: the address structure (either struct sockaddr_in or struct3532* sockaddr_in6 defined in RFC2553 [7]).3533*3534* len: the size of the address.3535*/3536SCTP_STATIC int sctp_connect(struct sock *sk, struct sockaddr *addr,3537int addr_len)3538{3539int err = 0;3540struct sctp_af *af;35413542sctp_lock_sock(sk);35433544SCTP_DEBUG_PRINTK("%s - sk: %p, sockaddr: %p, addr_len: %d\n",3545__func__, sk, addr, addr_len);35463547/* Validate addr_len before calling common connect/connectx routine. */3548af = sctp_get_af_specific(addr->sa_family);3549if (!af || addr_len < af->sockaddr_len) {3550err = -EINVAL;3551} else {3552/* Pass correct addr len to common routine (so it knows there3553* is only one address being passed.3554*/3555err = __sctp_connect(sk, addr, af->sockaddr_len, NULL);3556}35573558sctp_release_sock(sk);3559return err;3560}35613562/* FIXME: Write comments. */3563SCTP_STATIC int sctp_disconnect(struct sock *sk, int flags)3564{3565return -EOPNOTSUPP; /* STUB */3566}35673568/* 4.1.4 accept() - TCP Style Syntax3569*3570* Applications use accept() call to remove an established SCTP3571* association from the accept queue of the endpoint. A new socket3572* descriptor will be returned from accept() to represent the newly3573* formed association.3574*/3575SCTP_STATIC struct sock *sctp_accept(struct sock *sk, int flags, int *err)3576{3577struct sctp_sock *sp;3578struct sctp_endpoint *ep;3579struct sock *newsk = NULL;3580struct sctp_association *asoc;3581long timeo;3582int error = 0;35833584sctp_lock_sock(sk);35853586sp = sctp_sk(sk);3587ep = sp->ep;35883589if (!sctp_style(sk, TCP)) {3590error = -EOPNOTSUPP;3591goto out;3592}35933594if (!sctp_sstate(sk, LISTENING)) {3595error = -EINVAL;3596goto out;3597}35983599timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);36003601error = sctp_wait_for_accept(sk, timeo);3602if (error)3603goto out;36043605/* We treat the list of associations on the endpoint as the accept3606* queue and pick the first association on the list.3607*/3608asoc = list_entry(ep->asocs.next, struct sctp_association, asocs);36093610newsk = sp->pf->create_accept_sk(sk, asoc);3611if (!newsk) {3612error = -ENOMEM;3613goto out;3614}36153616/* Populate the fields of the newsk from the oldsk and migrate the3617* asoc to the newsk.3618*/3619sctp_sock_migrate(sk, newsk, asoc, SCTP_SOCKET_TCP);36203621out:3622sctp_release_sock(sk);3623*err = error;3624return newsk;3625}36263627/* The SCTP ioctl handler. */3628SCTP_STATIC int sctp_ioctl(struct sock *sk, int cmd, unsigned long arg)3629{3630int rc = -ENOTCONN;36313632sctp_lock_sock(sk);36333634/*3635* SEQPACKET-style sockets in LISTENING state are valid, for3636* SCTP, so only discard TCP-style sockets in LISTENING state.3637*/3638if (sctp_style(sk, TCP) && sctp_sstate(sk, LISTENING))3639goto out;36403641switch (cmd) {3642case SIOCINQ: {3643struct sk_buff *skb;3644unsigned int amount = 0;36453646skb = skb_peek(&sk->sk_receive_queue);3647if (skb != NULL) {3648/*3649* We will only return the amount of this packet since3650* that is all that will be read.3651*/3652amount = skb->len;3653}3654rc = put_user(amount, (int __user *)arg);3655break;3656}3657default:3658rc = -ENOIOCTLCMD;3659break;3660}3661out:3662sctp_release_sock(sk);3663return rc;3664}36653666/* This is the function which gets called during socket creation to3667* initialized the SCTP-specific portion of the sock.3668* The sock structure should already be zero-filled memory.3669*/3670SCTP_STATIC int sctp_init_sock(struct sock *sk)3671{3672struct sctp_endpoint *ep;3673struct sctp_sock *sp;36743675SCTP_DEBUG_PRINTK("sctp_init_sock(sk: %p)\n", sk);36763677sp = sctp_sk(sk);36783679/* Initialize the SCTP per socket area. */3680switch (sk->sk_type) {3681case SOCK_SEQPACKET:3682sp->type = SCTP_SOCKET_UDP;3683break;3684case SOCK_STREAM:3685sp->type = SCTP_SOCKET_TCP;3686break;3687default:3688return -ESOCKTNOSUPPORT;3689}36903691/* Initialize default send parameters. These parameters can be3692* modified with the SCTP_DEFAULT_SEND_PARAM socket option.3693*/3694sp->default_stream = 0;3695sp->default_ppid = 0;3696sp->default_flags = 0;3697sp->default_context = 0;3698sp->default_timetolive = 0;36993700sp->default_rcv_context = 0;3701sp->max_burst = sctp_max_burst;37023703/* Initialize default setup parameters. These parameters3704* can be modified with the SCTP_INITMSG socket option or3705* overridden by the SCTP_INIT CMSG.3706*/3707sp->initmsg.sinit_num_ostreams = sctp_max_outstreams;3708sp->initmsg.sinit_max_instreams = sctp_max_instreams;3709sp->initmsg.sinit_max_attempts = sctp_max_retrans_init;3710sp->initmsg.sinit_max_init_timeo = sctp_rto_max;37113712/* Initialize default RTO related parameters. These parameters can3713* be modified for with the SCTP_RTOINFO socket option.3714*/3715sp->rtoinfo.srto_initial = sctp_rto_initial;3716sp->rtoinfo.srto_max = sctp_rto_max;3717sp->rtoinfo.srto_min = sctp_rto_min;37183719/* Initialize default association related parameters. These parameters3720* can be modified with the SCTP_ASSOCINFO socket option.3721*/3722sp->assocparams.sasoc_asocmaxrxt = sctp_max_retrans_association;3723sp->assocparams.sasoc_number_peer_destinations = 0;3724sp->assocparams.sasoc_peer_rwnd = 0;3725sp->assocparams.sasoc_local_rwnd = 0;3726sp->assocparams.sasoc_cookie_life = sctp_valid_cookie_life;37273728/* Initialize default event subscriptions. By default, all the3729* options are off.3730*/3731memset(&sp->subscribe, 0, sizeof(struct sctp_event_subscribe));37323733/* Default Peer Address Parameters. These defaults can3734* be modified via SCTP_PEER_ADDR_PARAMS3735*/3736sp->hbinterval = sctp_hb_interval;3737sp->pathmaxrxt = sctp_max_retrans_path;3738sp->pathmtu = 0; // allow default discovery3739sp->sackdelay = sctp_sack_timeout;3740sp->sackfreq = 2;3741sp->param_flags = SPP_HB_ENABLE |3742SPP_PMTUD_ENABLE |3743SPP_SACKDELAY_ENABLE;37443745/* If enabled no SCTP message fragmentation will be performed.3746* Configure through SCTP_DISABLE_FRAGMENTS socket option.3747*/3748sp->disable_fragments = 0;37493750/* Enable Nagle algorithm by default. */3751sp->nodelay = 0;37523753/* Enable by default. */3754sp->v4mapped = 1;37553756/* Auto-close idle associations after the configured3757* number of seconds. A value of 0 disables this3758* feature. Configure through the SCTP_AUTOCLOSE socket option,3759* for UDP-style sockets only.3760*/3761sp->autoclose = 0;37623763/* User specified fragmentation limit. */3764sp->user_frag = 0;37653766sp->adaptation_ind = 0;37673768sp->pf = sctp_get_pf_specific(sk->sk_family);37693770/* Control variables for partial data delivery. */3771atomic_set(&sp->pd_mode, 0);3772skb_queue_head_init(&sp->pd_lobby);3773sp->frag_interleave = 0;37743775/* Create a per socket endpoint structure. Even if we3776* change the data structure relationships, this may still3777* be useful for storing pre-connect address information.3778*/3779ep = sctp_endpoint_new(sk, GFP_KERNEL);3780if (!ep)3781return -ENOMEM;37823783sp->ep = ep;3784sp->hmac = NULL;37853786SCTP_DBG_OBJCNT_INC(sock);37873788local_bh_disable();3789percpu_counter_inc(&sctp_sockets_allocated);3790sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1);3791local_bh_enable();37923793return 0;3794}37953796/* Cleanup any SCTP per socket resources. */3797SCTP_STATIC void sctp_destroy_sock(struct sock *sk)3798{3799struct sctp_endpoint *ep;38003801SCTP_DEBUG_PRINTK("sctp_destroy_sock(sk: %p)\n", sk);38023803/* Release our hold on the endpoint. */3804ep = sctp_sk(sk)->ep;3805sctp_endpoint_free(ep);3806local_bh_disable();3807percpu_counter_dec(&sctp_sockets_allocated);3808sock_prot_inuse_add(sock_net(sk), sk->sk_prot, -1);3809local_bh_enable();3810}38113812/* API 4.1.7 shutdown() - TCP Style Syntax3813* int shutdown(int socket, int how);3814*3815* sd - the socket descriptor of the association to be closed.3816* how - Specifies the type of shutdown. The values are3817* as follows:3818* SHUT_RD3819* Disables further receive operations. No SCTP3820* protocol action is taken.3821* SHUT_WR3822* Disables further send operations, and initiates3823* the SCTP shutdown sequence.3824* SHUT_RDWR3825* Disables further send and receive operations3826* and initiates the SCTP shutdown sequence.3827*/3828SCTP_STATIC void sctp_shutdown(struct sock *sk, int how)3829{3830struct sctp_endpoint *ep;3831struct sctp_association *asoc;38323833if (!sctp_style(sk, TCP))3834return;38353836if (how & SEND_SHUTDOWN) {3837ep = sctp_sk(sk)->ep;3838if (!list_empty(&ep->asocs)) {3839asoc = list_entry(ep->asocs.next,3840struct sctp_association, asocs);3841sctp_primitive_SHUTDOWN(asoc, NULL);3842}3843}3844}38453846/* 7.2.1 Association Status (SCTP_STATUS)38473848* Applications can retrieve current status information about an3849* association, including association state, peer receiver window size,3850* number of unacked data chunks, and number of data chunks pending3851* receipt. This information is read-only.3852*/3853static int sctp_getsockopt_sctp_status(struct sock *sk, int len,3854char __user *optval,3855int __user *optlen)3856{3857struct sctp_status status;3858struct sctp_association *asoc = NULL;3859struct sctp_transport *transport;3860sctp_assoc_t associd;3861int retval = 0;38623863if (len < sizeof(status)) {3864retval = -EINVAL;3865goto out;3866}38673868len = sizeof(status);3869if (copy_from_user(&status, optval, len)) {3870retval = -EFAULT;3871goto out;3872}38733874associd = status.sstat_assoc_id;3875asoc = sctp_id2assoc(sk, associd);3876if (!asoc) {3877retval = -EINVAL;3878goto out;3879}38803881transport = asoc->peer.primary_path;38823883status.sstat_assoc_id = sctp_assoc2id(asoc);3884status.sstat_state = asoc->state;3885status.sstat_rwnd = asoc->peer.rwnd;3886status.sstat_unackdata = asoc->unack_data;38873888status.sstat_penddata = sctp_tsnmap_pending(&asoc->peer.tsn_map);3889status.sstat_instrms = asoc->c.sinit_max_instreams;3890status.sstat_outstrms = asoc->c.sinit_num_ostreams;3891status.sstat_fragmentation_point = asoc->frag_point;3892status.sstat_primary.spinfo_assoc_id = sctp_assoc2id(transport->asoc);3893memcpy(&status.sstat_primary.spinfo_address, &transport->ipaddr,3894transport->af_specific->sockaddr_len);3895/* Map ipv4 address into v4-mapped-on-v6 address. */3896sctp_get_pf_specific(sk->sk_family)->addr_v4map(sctp_sk(sk),3897(union sctp_addr *)&status.sstat_primary.spinfo_address);3898status.sstat_primary.spinfo_state = transport->state;3899status.sstat_primary.spinfo_cwnd = transport->cwnd;3900status.sstat_primary.spinfo_srtt = transport->srtt;3901status.sstat_primary.spinfo_rto = jiffies_to_msecs(transport->rto);3902status.sstat_primary.spinfo_mtu = transport->pathmtu;39033904if (status.sstat_primary.spinfo_state == SCTP_UNKNOWN)3905status.sstat_primary.spinfo_state = SCTP_ACTIVE;39063907if (put_user(len, optlen)) {3908retval = -EFAULT;3909goto out;3910}39113912SCTP_DEBUG_PRINTK("sctp_getsockopt_sctp_status(%d): %d %d %d\n",3913len, status.sstat_state, status.sstat_rwnd,3914status.sstat_assoc_id);39153916if (copy_to_user(optval, &status, len)) {3917retval = -EFAULT;3918goto out;3919}39203921out:3922return retval;3923}392439253926/* 7.2.2 Peer Address Information (SCTP_GET_PEER_ADDR_INFO)3927*3928* Applications can retrieve information about a specific peer address3929* of an association, including its reachability state, congestion3930* window, and retransmission timer values. This information is3931* read-only.3932*/3933static int sctp_getsockopt_peer_addr_info(struct sock *sk, int len,3934char __user *optval,3935int __user *optlen)3936{3937struct sctp_paddrinfo pinfo;3938struct sctp_transport *transport;3939int retval = 0;39403941if (len < sizeof(pinfo)) {3942retval = -EINVAL;3943goto out;3944}39453946len = sizeof(pinfo);3947if (copy_from_user(&pinfo, optval, len)) {3948retval = -EFAULT;3949goto out;3950}39513952transport = sctp_addr_id2transport(sk, &pinfo.spinfo_address,3953pinfo.spinfo_assoc_id);3954if (!transport)3955return -EINVAL;39563957pinfo.spinfo_assoc_id = sctp_assoc2id(transport->asoc);3958pinfo.spinfo_state = transport->state;3959pinfo.spinfo_cwnd = transport->cwnd;3960pinfo.spinfo_srtt = transport->srtt;3961pinfo.spinfo_rto = jiffies_to_msecs(transport->rto);3962pinfo.spinfo_mtu = transport->pathmtu;39633964if (pinfo.spinfo_state == SCTP_UNKNOWN)3965pinfo.spinfo_state = SCTP_ACTIVE;39663967if (put_user(len, optlen)) {3968retval = -EFAULT;3969goto out;3970}39713972if (copy_to_user(optval, &pinfo, len)) {3973retval = -EFAULT;3974goto out;3975}39763977out:3978return retval;3979}39803981/* 7.1.12 Enable/Disable message fragmentation (SCTP_DISABLE_FRAGMENTS)3982*3983* This option is a on/off flag. If enabled no SCTP message3984* fragmentation will be performed. Instead if a message being sent3985* exceeds the current PMTU size, the message will NOT be sent and3986* instead a error will be indicated to the user.3987*/3988static int sctp_getsockopt_disable_fragments(struct sock *sk, int len,3989char __user *optval, int __user *optlen)3990{3991int val;39923993if (len < sizeof(int))3994return -EINVAL;39953996len = sizeof(int);3997val = (sctp_sk(sk)->disable_fragments == 1);3998if (put_user(len, optlen))3999return -EFAULT;4000if (copy_to_user(optval, &val, len))4001return -EFAULT;4002return 0;4003}40044005/* 7.1.15 Set notification and ancillary events (SCTP_EVENTS)4006*4007* This socket option is used to specify various notifications and4008* ancillary data the user wishes to receive.4009*/4010static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval,4011int __user *optlen)4012{4013if (len < sizeof(struct sctp_event_subscribe))4014return -EINVAL;4015len = sizeof(struct sctp_event_subscribe);4016if (put_user(len, optlen))4017return -EFAULT;4018if (copy_to_user(optval, &sctp_sk(sk)->subscribe, len))4019return -EFAULT;4020return 0;4021}40224023/* 7.1.8 Automatic Close of associations (SCTP_AUTOCLOSE)4024*4025* This socket option is applicable to the UDP-style socket only. When4026* set it will cause associations that are idle for more than the4027* specified number of seconds to automatically close. An association4028* being idle is defined an association that has NOT sent or received4029* user data. The special value of '0' indicates that no automatic4030* close of any associations should be performed. The option expects an4031* integer defining the number of seconds of idle time before an4032* association is closed.4033*/4034static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optval, int __user *optlen)4035{4036/* Applicable to UDP-style socket only */4037if (sctp_style(sk, TCP))4038return -EOPNOTSUPP;4039if (len < sizeof(int))4040return -EINVAL;4041len = sizeof(int);4042if (put_user(len, optlen))4043return -EFAULT;4044if (copy_to_user(optval, &sctp_sk(sk)->autoclose, sizeof(int)))4045return -EFAULT;4046return 0;4047}40484049/* Helper routine to branch off an association to a new socket. */4050SCTP_STATIC int sctp_do_peeloff(struct sctp_association *asoc,4051struct socket **sockp)4052{4053struct sock *sk = asoc->base.sk;4054struct socket *sock;4055struct sctp_af *af;4056int err = 0;40574058/* An association cannot be branched off from an already peeled-off4059* socket, nor is this supported for tcp style sockets.4060*/4061if (!sctp_style(sk, UDP))4062return -EINVAL;40634064/* Create a new socket. */4065err = sock_create(sk->sk_family, SOCK_SEQPACKET, IPPROTO_SCTP, &sock);4066if (err < 0)4067return err;40684069sctp_copy_sock(sock->sk, sk, asoc);40704071/* Make peeled-off sockets more like 1-1 accepted sockets.4072* Set the daddr and initialize id to something more random4073*/4074af = sctp_get_af_specific(asoc->peer.primary_addr.sa.sa_family);4075af->to_sk_daddr(&asoc->peer.primary_addr, sk);40764077/* Populate the fields of the newsk from the oldsk and migrate the4078* asoc to the newsk.4079*/4080sctp_sock_migrate(sk, sock->sk, asoc, SCTP_SOCKET_UDP_HIGH_BANDWIDTH);40814082*sockp = sock;40834084return err;4085}40864087static int sctp_getsockopt_peeloff(struct sock *sk, int len, char __user *optval, int __user *optlen)4088{4089sctp_peeloff_arg_t peeloff;4090struct socket *newsock;4091int retval = 0;4092struct sctp_association *asoc;40934094if (len < sizeof(sctp_peeloff_arg_t))4095return -EINVAL;4096len = sizeof(sctp_peeloff_arg_t);4097if (copy_from_user(&peeloff, optval, len))4098return -EFAULT;40994100asoc = sctp_id2assoc(sk, peeloff.associd);4101if (!asoc) {4102retval = -EINVAL;4103goto out;4104}41054106SCTP_DEBUG_PRINTK("%s: sk: %p asoc: %p\n", __func__, sk, asoc);41074108retval = sctp_do_peeloff(asoc, &newsock);4109if (retval < 0)4110goto out;41114112/* Map the socket to an unused fd that can be returned to the user. */4113retval = sock_map_fd(newsock, 0);4114if (retval < 0) {4115sock_release(newsock);4116goto out;4117}41184119SCTP_DEBUG_PRINTK("%s: sk: %p asoc: %p newsk: %p sd: %d\n",4120__func__, sk, asoc, newsock->sk, retval);41214122/* Return the fd mapped to the new socket. */4123peeloff.sd = retval;4124if (put_user(len, optlen))4125return -EFAULT;4126if (copy_to_user(optval, &peeloff, len))4127retval = -EFAULT;41284129out:4130return retval;4131}41324133/* 7.1.13 Peer Address Parameters (SCTP_PEER_ADDR_PARAMS)4134*4135* Applications can enable or disable heartbeats for any peer address of4136* an association, modify an address's heartbeat interval, force a4137* heartbeat to be sent immediately, and adjust the address's maximum4138* number of retransmissions sent before an address is considered4139* unreachable. The following structure is used to access and modify an4140* address's parameters:4141*4142* struct sctp_paddrparams {4143* sctp_assoc_t spp_assoc_id;4144* struct sockaddr_storage spp_address;4145* uint32_t spp_hbinterval;4146* uint16_t spp_pathmaxrxt;4147* uint32_t spp_pathmtu;4148* uint32_t spp_sackdelay;4149* uint32_t spp_flags;4150* };4151*4152* spp_assoc_id - (one-to-many style socket) This is filled in the4153* application, and identifies the association for4154* this query.4155* spp_address - This specifies which address is of interest.4156* spp_hbinterval - This contains the value of the heartbeat interval,4157* in milliseconds. If a value of zero4158* is present in this field then no changes are to4159* be made to this parameter.4160* spp_pathmaxrxt - This contains the maximum number of4161* retransmissions before this address shall be4162* considered unreachable. If a value of zero4163* is present in this field then no changes are to4164* be made to this parameter.4165* spp_pathmtu - When Path MTU discovery is disabled the value4166* specified here will be the "fixed" path mtu.4167* Note that if the spp_address field is empty4168* then all associations on this address will4169* have this fixed path mtu set upon them.4170*4171* spp_sackdelay - When delayed sack is enabled, this value specifies4172* the number of milliseconds that sacks will be delayed4173* for. This value will apply to all addresses of an4174* association if the spp_address field is empty. Note4175* also, that if delayed sack is enabled and this4176* value is set to 0, no change is made to the last4177* recorded delayed sack timer value.4178*4179* spp_flags - These flags are used to control various features4180* on an association. The flag field may contain4181* zero or more of the following options.4182*4183* SPP_HB_ENABLE - Enable heartbeats on the4184* specified address. Note that if the address4185* field is empty all addresses for the association4186* have heartbeats enabled upon them.4187*4188* SPP_HB_DISABLE - Disable heartbeats on the4189* speicifed address. Note that if the address4190* field is empty all addresses for the association4191* will have their heartbeats disabled. Note also4192* that SPP_HB_ENABLE and SPP_HB_DISABLE are4193* mutually exclusive, only one of these two should4194* be specified. Enabling both fields will have4195* undetermined results.4196*4197* SPP_HB_DEMAND - Request a user initiated heartbeat4198* to be made immediately.4199*4200* SPP_PMTUD_ENABLE - This field will enable PMTU4201* discovery upon the specified address. Note that4202* if the address feild is empty then all addresses4203* on the association are effected.4204*4205* SPP_PMTUD_DISABLE - This field will disable PMTU4206* discovery upon the specified address. Note that4207* if the address feild is empty then all addresses4208* on the association are effected. Not also that4209* SPP_PMTUD_ENABLE and SPP_PMTUD_DISABLE are mutually4210* exclusive. Enabling both will have undetermined4211* results.4212*4213* SPP_SACKDELAY_ENABLE - Setting this flag turns4214* on delayed sack. The time specified in spp_sackdelay4215* is used to specify the sack delay for this address. Note4216* that if spp_address is empty then all addresses will4217* enable delayed sack and take on the sack delay4218* value specified in spp_sackdelay.4219* SPP_SACKDELAY_DISABLE - Setting this flag turns4220* off delayed sack. If the spp_address field is blank then4221* delayed sack is disabled for the entire association. Note4222* also that this field is mutually exclusive to4223* SPP_SACKDELAY_ENABLE, setting both will have undefined4224* results.4225*/4226static int sctp_getsockopt_peer_addr_params(struct sock *sk, int len,4227char __user *optval, int __user *optlen)4228{4229struct sctp_paddrparams params;4230struct sctp_transport *trans = NULL;4231struct sctp_association *asoc = NULL;4232struct sctp_sock *sp = sctp_sk(sk);42334234if (len < sizeof(struct sctp_paddrparams))4235return -EINVAL;4236len = sizeof(struct sctp_paddrparams);4237if (copy_from_user(¶ms, optval, len))4238return -EFAULT;42394240/* If an address other than INADDR_ANY is specified, and4241* no transport is found, then the request is invalid.4242*/4243if (!sctp_is_any(sk, ( union sctp_addr *)¶ms.spp_address)) {4244trans = sctp_addr_id2transport(sk, ¶ms.spp_address,4245params.spp_assoc_id);4246if (!trans) {4247SCTP_DEBUG_PRINTK("Failed no transport\n");4248return -EINVAL;4249}4250}42514252/* Get association, if assoc_id != 0 and the socket is a one4253* to many style socket, and an association was not found, then4254* the id was invalid.4255*/4256asoc = sctp_id2assoc(sk, params.spp_assoc_id);4257if (!asoc && params.spp_assoc_id && sctp_style(sk, UDP)) {4258SCTP_DEBUG_PRINTK("Failed no association\n");4259return -EINVAL;4260}42614262if (trans) {4263/* Fetch transport values. */4264params.spp_hbinterval = jiffies_to_msecs(trans->hbinterval);4265params.spp_pathmtu = trans->pathmtu;4266params.spp_pathmaxrxt = trans->pathmaxrxt;4267params.spp_sackdelay = jiffies_to_msecs(trans->sackdelay);42684269/*draft-11 doesn't say what to return in spp_flags*/4270params.spp_flags = trans->param_flags;4271} else if (asoc) {4272/* Fetch association values. */4273params.spp_hbinterval = jiffies_to_msecs(asoc->hbinterval);4274params.spp_pathmtu = asoc->pathmtu;4275params.spp_pathmaxrxt = asoc->pathmaxrxt;4276params.spp_sackdelay = jiffies_to_msecs(asoc->sackdelay);42774278/*draft-11 doesn't say what to return in spp_flags*/4279params.spp_flags = asoc->param_flags;4280} else {4281/* Fetch socket values. */4282params.spp_hbinterval = sp->hbinterval;4283params.spp_pathmtu = sp->pathmtu;4284params.spp_sackdelay = sp->sackdelay;4285params.spp_pathmaxrxt = sp->pathmaxrxt;42864287/*draft-11 doesn't say what to return in spp_flags*/4288params.spp_flags = sp->param_flags;4289}42904291if (copy_to_user(optval, ¶ms, len))4292return -EFAULT;42934294if (put_user(len, optlen))4295return -EFAULT;42964297return 0;4298}42994300/*4301* 7.1.23. Get or set delayed ack timer (SCTP_DELAYED_SACK)4302*4303* This option will effect the way delayed acks are performed. This4304* option allows you to get or set the delayed ack time, in4305* milliseconds. It also allows changing the delayed ack frequency.4306* Changing the frequency to 1 disables the delayed sack algorithm. If4307* the assoc_id is 0, then this sets or gets the endpoints default4308* values. If the assoc_id field is non-zero, then the set or get4309* effects the specified association for the one to many model (the4310* assoc_id field is ignored by the one to one model). Note that if4311* sack_delay or sack_freq are 0 when setting this option, then the4312* current values will remain unchanged.4313*4314* struct sctp_sack_info {4315* sctp_assoc_t sack_assoc_id;4316* uint32_t sack_delay;4317* uint32_t sack_freq;4318* };4319*4320* sack_assoc_id - This parameter, indicates which association the user4321* is performing an action upon. Note that if this field's value is4322* zero then the endpoints default value is changed (effecting future4323* associations only).4324*4325* sack_delay - This parameter contains the number of milliseconds that4326* the user is requesting the delayed ACK timer be set to. Note that4327* this value is defined in the standard to be between 200 and 5004328* milliseconds.4329*4330* sack_freq - This parameter contains the number of packets that must4331* be received before a sack is sent without waiting for the delay4332* timer to expire. The default value for this is 2, setting this4333* value to 1 will disable the delayed sack algorithm.4334*/4335static int sctp_getsockopt_delayed_ack(struct sock *sk, int len,4336char __user *optval,4337int __user *optlen)4338{4339struct sctp_sack_info params;4340struct sctp_association *asoc = NULL;4341struct sctp_sock *sp = sctp_sk(sk);43424343if (len >= sizeof(struct sctp_sack_info)) {4344len = sizeof(struct sctp_sack_info);43454346if (copy_from_user(¶ms, optval, len))4347return -EFAULT;4348} else if (len == sizeof(struct sctp_assoc_value)) {4349pr_warn("Use of struct sctp_assoc_value in delayed_ack socket option deprecated\n");4350pr_warn("Use struct sctp_sack_info instead\n");4351if (copy_from_user(¶ms, optval, len))4352return -EFAULT;4353} else4354return - EINVAL;43554356/* Get association, if sack_assoc_id != 0 and the socket is a one4357* to many style socket, and an association was not found, then4358* the id was invalid.4359*/4360asoc = sctp_id2assoc(sk, params.sack_assoc_id);4361if (!asoc && params.sack_assoc_id && sctp_style(sk, UDP))4362return -EINVAL;43634364if (asoc) {4365/* Fetch association values. */4366if (asoc->param_flags & SPP_SACKDELAY_ENABLE) {4367params.sack_delay = jiffies_to_msecs(4368asoc->sackdelay);4369params.sack_freq = asoc->sackfreq;43704371} else {4372params.sack_delay = 0;4373params.sack_freq = 1;4374}4375} else {4376/* Fetch socket values. */4377if (sp->param_flags & SPP_SACKDELAY_ENABLE) {4378params.sack_delay = sp->sackdelay;4379params.sack_freq = sp->sackfreq;4380} else {4381params.sack_delay = 0;4382params.sack_freq = 1;4383}4384}43854386if (copy_to_user(optval, ¶ms, len))4387return -EFAULT;43884389if (put_user(len, optlen))4390return -EFAULT;43914392return 0;4393}43944395/* 7.1.3 Initialization Parameters (SCTP_INITMSG)4396*4397* Applications can specify protocol parameters for the default association4398* initialization. The option name argument to setsockopt() and getsockopt()4399* is SCTP_INITMSG.4400*4401* Setting initialization parameters is effective only on an unconnected4402* socket (for UDP-style sockets only future associations are effected4403* by the change). With TCP-style sockets, this option is inherited by4404* sockets derived from a listener socket.4405*/4406static int sctp_getsockopt_initmsg(struct sock *sk, int len, char __user *optval, int __user *optlen)4407{4408if (len < sizeof(struct sctp_initmsg))4409return -EINVAL;4410len = sizeof(struct sctp_initmsg);4411if (put_user(len, optlen))4412return -EFAULT;4413if (copy_to_user(optval, &sctp_sk(sk)->initmsg, len))4414return -EFAULT;4415return 0;4416}441744184419static int sctp_getsockopt_peer_addrs(struct sock *sk, int len,4420char __user *optval, int __user *optlen)4421{4422struct sctp_association *asoc;4423int cnt = 0;4424struct sctp_getaddrs getaddrs;4425struct sctp_transport *from;4426void __user *to;4427union sctp_addr temp;4428struct sctp_sock *sp = sctp_sk(sk);4429int addrlen;4430size_t space_left;4431int bytes_copied;44324433if (len < sizeof(struct sctp_getaddrs))4434return -EINVAL;44354436if (copy_from_user(&getaddrs, optval, sizeof(struct sctp_getaddrs)))4437return -EFAULT;44384439/* For UDP-style sockets, id specifies the association to query. */4440asoc = sctp_id2assoc(sk, getaddrs.assoc_id);4441if (!asoc)4442return -EINVAL;44434444to = optval + offsetof(struct sctp_getaddrs,addrs);4445space_left = len - offsetof(struct sctp_getaddrs,addrs);44464447list_for_each_entry(from, &asoc->peer.transport_addr_list,4448transports) {4449memcpy(&temp, &from->ipaddr, sizeof(temp));4450sctp_get_pf_specific(sk->sk_family)->addr_v4map(sp, &temp);4451addrlen = sctp_get_af_specific(temp.sa.sa_family)->sockaddr_len;4452if (space_left < addrlen)4453return -ENOMEM;4454if (copy_to_user(to, &temp, addrlen))4455return -EFAULT;4456to += addrlen;4457cnt++;4458space_left -= addrlen;4459}44604461if (put_user(cnt, &((struct sctp_getaddrs __user *)optval)->addr_num))4462return -EFAULT;4463bytes_copied = ((char __user *)to) - optval;4464if (put_user(bytes_copied, optlen))4465return -EFAULT;44664467return 0;4468}44694470static int sctp_copy_laddrs(struct sock *sk, __u16 port, void *to,4471size_t space_left, int *bytes_copied)4472{4473struct sctp_sockaddr_entry *addr;4474union sctp_addr temp;4475int cnt = 0;4476int addrlen;44774478rcu_read_lock();4479list_for_each_entry_rcu(addr, &sctp_local_addr_list, list) {4480if (!addr->valid)4481continue;44824483if ((PF_INET == sk->sk_family) &&4484(AF_INET6 == addr->a.sa.sa_family))4485continue;4486if ((PF_INET6 == sk->sk_family) &&4487inet_v6_ipv6only(sk) &&4488(AF_INET == addr->a.sa.sa_family))4489continue;4490memcpy(&temp, &addr->a, sizeof(temp));4491if (!temp.v4.sin_port)4492temp.v4.sin_port = htons(port);44934494sctp_get_pf_specific(sk->sk_family)->addr_v4map(sctp_sk(sk),4495&temp);4496addrlen = sctp_get_af_specific(temp.sa.sa_family)->sockaddr_len;4497if (space_left < addrlen) {4498cnt = -ENOMEM;4499break;4500}4501memcpy(to, &temp, addrlen);45024503to += addrlen;4504cnt ++;4505space_left -= addrlen;4506*bytes_copied += addrlen;4507}4508rcu_read_unlock();45094510return cnt;4511}451245134514static int sctp_getsockopt_local_addrs(struct sock *sk, int len,4515char __user *optval, int __user *optlen)4516{4517struct sctp_bind_addr *bp;4518struct sctp_association *asoc;4519int cnt = 0;4520struct sctp_getaddrs getaddrs;4521struct sctp_sockaddr_entry *addr;4522void __user *to;4523union sctp_addr temp;4524struct sctp_sock *sp = sctp_sk(sk);4525int addrlen;4526int err = 0;4527size_t space_left;4528int bytes_copied = 0;4529void *addrs;4530void *buf;45314532if (len < sizeof(struct sctp_getaddrs))4533return -EINVAL;45344535if (copy_from_user(&getaddrs, optval, sizeof(struct sctp_getaddrs)))4536return -EFAULT;45374538/*4539* For UDP-style sockets, id specifies the association to query.4540* If the id field is set to the value '0' then the locally bound4541* addresses are returned without regard to any particular4542* association.4543*/4544if (0 == getaddrs.assoc_id) {4545bp = &sctp_sk(sk)->ep->base.bind_addr;4546} else {4547asoc = sctp_id2assoc(sk, getaddrs.assoc_id);4548if (!asoc)4549return -EINVAL;4550bp = &asoc->base.bind_addr;4551}45524553to = optval + offsetof(struct sctp_getaddrs,addrs);4554space_left = len - offsetof(struct sctp_getaddrs,addrs);45554556addrs = kmalloc(space_left, GFP_KERNEL);4557if (!addrs)4558return -ENOMEM;45594560/* If the endpoint is bound to 0.0.0.0 or ::0, get the valid4561* addresses from the global local address list.4562*/4563if (sctp_list_single_entry(&bp->address_list)) {4564addr = list_entry(bp->address_list.next,4565struct sctp_sockaddr_entry, list);4566if (sctp_is_any(sk, &addr->a)) {4567cnt = sctp_copy_laddrs(sk, bp->port, addrs,4568space_left, &bytes_copied);4569if (cnt < 0) {4570err = cnt;4571goto out;4572}4573goto copy_getaddrs;4574}4575}45764577buf = addrs;4578/* Protection on the bound address list is not needed since4579* in the socket option context we hold a socket lock and4580* thus the bound address list can't change.4581*/4582list_for_each_entry(addr, &bp->address_list, list) {4583memcpy(&temp, &addr->a, sizeof(temp));4584sctp_get_pf_specific(sk->sk_family)->addr_v4map(sp, &temp);4585addrlen = sctp_get_af_specific(temp.sa.sa_family)->sockaddr_len;4586if (space_left < addrlen) {4587err = -ENOMEM; /*fixme: right error?*/4588goto out;4589}4590memcpy(buf, &temp, addrlen);4591buf += addrlen;4592bytes_copied += addrlen;4593cnt ++;4594space_left -= addrlen;4595}45964597copy_getaddrs:4598if (copy_to_user(to, addrs, bytes_copied)) {4599err = -EFAULT;4600goto out;4601}4602if (put_user(cnt, &((struct sctp_getaddrs __user *)optval)->addr_num)) {4603err = -EFAULT;4604goto out;4605}4606if (put_user(bytes_copied, optlen))4607err = -EFAULT;4608out:4609kfree(addrs);4610return err;4611}46124613/* 7.1.10 Set Primary Address (SCTP_PRIMARY_ADDR)4614*4615* Requests that the local SCTP stack use the enclosed peer address as4616* the association primary. The enclosed address must be one of the4617* association peer's addresses.4618*/4619static int sctp_getsockopt_primary_addr(struct sock *sk, int len,4620char __user *optval, int __user *optlen)4621{4622struct sctp_prim prim;4623struct sctp_association *asoc;4624struct sctp_sock *sp = sctp_sk(sk);46254626if (len < sizeof(struct sctp_prim))4627return -EINVAL;46284629len = sizeof(struct sctp_prim);46304631if (copy_from_user(&prim, optval, len))4632return -EFAULT;46334634asoc = sctp_id2assoc(sk, prim.ssp_assoc_id);4635if (!asoc)4636return -EINVAL;46374638if (!asoc->peer.primary_path)4639return -ENOTCONN;46404641memcpy(&prim.ssp_addr, &asoc->peer.primary_path->ipaddr,4642asoc->peer.primary_path->af_specific->sockaddr_len);46434644sctp_get_pf_specific(sk->sk_family)->addr_v4map(sp,4645(union sctp_addr *)&prim.ssp_addr);46464647if (put_user(len, optlen))4648return -EFAULT;4649if (copy_to_user(optval, &prim, len))4650return -EFAULT;46514652return 0;4653}46544655/*4656* 7.1.11 Set Adaptation Layer Indicator (SCTP_ADAPTATION_LAYER)4657*4658* Requests that the local endpoint set the specified Adaptation Layer4659* Indication parameter for all future INIT and INIT-ACK exchanges.4660*/4661static int sctp_getsockopt_adaptation_layer(struct sock *sk, int len,4662char __user *optval, int __user *optlen)4663{4664struct sctp_setadaptation adaptation;46654666if (len < sizeof(struct sctp_setadaptation))4667return -EINVAL;46684669len = sizeof(struct sctp_setadaptation);46704671adaptation.ssb_adaptation_ind = sctp_sk(sk)->adaptation_ind;46724673if (put_user(len, optlen))4674return -EFAULT;4675if (copy_to_user(optval, &adaptation, len))4676return -EFAULT;46774678return 0;4679}46804681/*4682*4683* 7.1.14 Set default send parameters (SCTP_DEFAULT_SEND_PARAM)4684*4685* Applications that wish to use the sendto() system call may wish to4686* specify a default set of parameters that would normally be supplied4687* through the inclusion of ancillary data. This socket option allows4688* such an application to set the default sctp_sndrcvinfo structure.468946904691* The application that wishes to use this socket option simply passes4692* in to this call the sctp_sndrcvinfo structure defined in Section4693* 5.2.2) The input parameters accepted by this call include4694* sinfo_stream, sinfo_flags, sinfo_ppid, sinfo_context,4695* sinfo_timetolive. The user must provide the sinfo_assoc_id field in4696* to this call if the caller is using the UDP model.4697*4698* For getsockopt, it get the default sctp_sndrcvinfo structure.4699*/4700static int sctp_getsockopt_default_send_param(struct sock *sk,4701int len, char __user *optval,4702int __user *optlen)4703{4704struct sctp_sndrcvinfo info;4705struct sctp_association *asoc;4706struct sctp_sock *sp = sctp_sk(sk);47074708if (len < sizeof(struct sctp_sndrcvinfo))4709return -EINVAL;47104711len = sizeof(struct sctp_sndrcvinfo);47124713if (copy_from_user(&info, optval, len))4714return -EFAULT;47154716asoc = sctp_id2assoc(sk, info.sinfo_assoc_id);4717if (!asoc && info.sinfo_assoc_id && sctp_style(sk, UDP))4718return -EINVAL;47194720if (asoc) {4721info.sinfo_stream = asoc->default_stream;4722info.sinfo_flags = asoc->default_flags;4723info.sinfo_ppid = asoc->default_ppid;4724info.sinfo_context = asoc->default_context;4725info.sinfo_timetolive = asoc->default_timetolive;4726} else {4727info.sinfo_stream = sp->default_stream;4728info.sinfo_flags = sp->default_flags;4729info.sinfo_ppid = sp->default_ppid;4730info.sinfo_context = sp->default_context;4731info.sinfo_timetolive = sp->default_timetolive;4732}47334734if (put_user(len, optlen))4735return -EFAULT;4736if (copy_to_user(optval, &info, len))4737return -EFAULT;47384739return 0;4740}47414742/*4743*4744* 7.1.5 SCTP_NODELAY4745*4746* Turn on/off any Nagle-like algorithm. This means that packets are4747* generally sent as soon as possible and no unnecessary delays are4748* introduced, at the cost of more packets in the network. Expects an4749* integer boolean flag.4750*/47514752static int sctp_getsockopt_nodelay(struct sock *sk, int len,4753char __user *optval, int __user *optlen)4754{4755int val;47564757if (len < sizeof(int))4758return -EINVAL;47594760len = sizeof(int);4761val = (sctp_sk(sk)->nodelay == 1);4762if (put_user(len, optlen))4763return -EFAULT;4764if (copy_to_user(optval, &val, len))4765return -EFAULT;4766return 0;4767}47684769/*4770*4771* 7.1.1 SCTP_RTOINFO4772*4773* The protocol parameters used to initialize and bound retransmission4774* timeout (RTO) are tunable. sctp_rtoinfo structure is used to access4775* and modify these parameters.4776* All parameters are time values, in milliseconds. A value of 0, when4777* modifying the parameters, indicates that the current value should not4778* be changed.4779*4780*/4781static int sctp_getsockopt_rtoinfo(struct sock *sk, int len,4782char __user *optval,4783int __user *optlen) {4784struct sctp_rtoinfo rtoinfo;4785struct sctp_association *asoc;47864787if (len < sizeof (struct sctp_rtoinfo))4788return -EINVAL;47894790len = sizeof(struct sctp_rtoinfo);47914792if (copy_from_user(&rtoinfo, optval, len))4793return -EFAULT;47944795asoc = sctp_id2assoc(sk, rtoinfo.srto_assoc_id);47964797if (!asoc && rtoinfo.srto_assoc_id && sctp_style(sk, UDP))4798return -EINVAL;47994800/* Values corresponding to the specific association. */4801if (asoc) {4802rtoinfo.srto_initial = jiffies_to_msecs(asoc->rto_initial);4803rtoinfo.srto_max = jiffies_to_msecs(asoc->rto_max);4804rtoinfo.srto_min = jiffies_to_msecs(asoc->rto_min);4805} else {4806/* Values corresponding to the endpoint. */4807struct sctp_sock *sp = sctp_sk(sk);48084809rtoinfo.srto_initial = sp->rtoinfo.srto_initial;4810rtoinfo.srto_max = sp->rtoinfo.srto_max;4811rtoinfo.srto_min = sp->rtoinfo.srto_min;4812}48134814if (put_user(len, optlen))4815return -EFAULT;48164817if (copy_to_user(optval, &rtoinfo, len))4818return -EFAULT;48194820return 0;4821}48224823/*4824*4825* 7.1.2 SCTP_ASSOCINFO4826*4827* This option is used to tune the maximum retransmission attempts4828* of the association.4829* Returns an error if the new association retransmission value is4830* greater than the sum of the retransmission value of the peer.4831* See [SCTP] for more information.4832*4833*/4834static int sctp_getsockopt_associnfo(struct sock *sk, int len,4835char __user *optval,4836int __user *optlen)4837{48384839struct sctp_assocparams assocparams;4840struct sctp_association *asoc;4841struct list_head *pos;4842int cnt = 0;48434844if (len < sizeof (struct sctp_assocparams))4845return -EINVAL;48464847len = sizeof(struct sctp_assocparams);48484849if (copy_from_user(&assocparams, optval, len))4850return -EFAULT;48514852asoc = sctp_id2assoc(sk, assocparams.sasoc_assoc_id);48534854if (!asoc && assocparams.sasoc_assoc_id && sctp_style(sk, UDP))4855return -EINVAL;48564857/* Values correspoinding to the specific association */4858if (asoc) {4859assocparams.sasoc_asocmaxrxt = asoc->max_retrans;4860assocparams.sasoc_peer_rwnd = asoc->peer.rwnd;4861assocparams.sasoc_local_rwnd = asoc->a_rwnd;4862assocparams.sasoc_cookie_life = (asoc->cookie_life.tv_sec4863* 1000) +4864(asoc->cookie_life.tv_usec4865/ 1000);48664867list_for_each(pos, &asoc->peer.transport_addr_list) {4868cnt ++;4869}48704871assocparams.sasoc_number_peer_destinations = cnt;4872} else {4873/* Values corresponding to the endpoint */4874struct sctp_sock *sp = sctp_sk(sk);48754876assocparams.sasoc_asocmaxrxt = sp->assocparams.sasoc_asocmaxrxt;4877assocparams.sasoc_peer_rwnd = sp->assocparams.sasoc_peer_rwnd;4878assocparams.sasoc_local_rwnd = sp->assocparams.sasoc_local_rwnd;4879assocparams.sasoc_cookie_life =4880sp->assocparams.sasoc_cookie_life;4881assocparams.sasoc_number_peer_destinations =4882sp->assocparams.4883sasoc_number_peer_destinations;4884}48854886if (put_user(len, optlen))4887return -EFAULT;48884889if (copy_to_user(optval, &assocparams, len))4890return -EFAULT;48914892return 0;4893}48944895/*4896* 7.1.16 Set/clear IPv4 mapped addresses (SCTP_I_WANT_MAPPED_V4_ADDR)4897*4898* This socket option is a boolean flag which turns on or off mapped V44899* addresses. If this option is turned on and the socket is type4900* PF_INET6, then IPv4 addresses will be mapped to V6 representation.4901* If this option is turned off, then no mapping will be done of V44902* addresses and a user will receive both PF_INET6 and PF_INET type4903* addresses on the socket.4904*/4905static int sctp_getsockopt_mappedv4(struct sock *sk, int len,4906char __user *optval, int __user *optlen)4907{4908int val;4909struct sctp_sock *sp = sctp_sk(sk);49104911if (len < sizeof(int))4912return -EINVAL;49134914len = sizeof(int);4915val = sp->v4mapped;4916if (put_user(len, optlen))4917return -EFAULT;4918if (copy_to_user(optval, &val, len))4919return -EFAULT;49204921return 0;4922}49234924/*4925* 7.1.29. Set or Get the default context (SCTP_CONTEXT)4926* (chapter and verse is quoted at sctp_setsockopt_context())4927*/4928static int sctp_getsockopt_context(struct sock *sk, int len,4929char __user *optval, int __user *optlen)4930{4931struct sctp_assoc_value params;4932struct sctp_sock *sp;4933struct sctp_association *asoc;49344935if (len < sizeof(struct sctp_assoc_value))4936return -EINVAL;49374938len = sizeof(struct sctp_assoc_value);49394940if (copy_from_user(¶ms, optval, len))4941return -EFAULT;49424943sp = sctp_sk(sk);49444945if (params.assoc_id != 0) {4946asoc = sctp_id2assoc(sk, params.assoc_id);4947if (!asoc)4948return -EINVAL;4949params.assoc_value = asoc->default_rcv_context;4950} else {4951params.assoc_value = sp->default_rcv_context;4952}49534954if (put_user(len, optlen))4955return -EFAULT;4956if (copy_to_user(optval, ¶ms, len))4957return -EFAULT;49584959return 0;4960}49614962/*4963* 8.1.16. Get or Set the Maximum Fragmentation Size (SCTP_MAXSEG)4964* This option will get or set the maximum size to put in any outgoing4965* SCTP DATA chunk. If a message is larger than this size it will be4966* fragmented by SCTP into the specified size. Note that the underlying4967* SCTP implementation may fragment into smaller sized chunks when the4968* PMTU of the underlying association is smaller than the value set by4969* the user. The default value for this option is '0' which indicates4970* the user is NOT limiting fragmentation and only the PMTU will effect4971* SCTP's choice of DATA chunk size. Note also that values set larger4972* than the maximum size of an IP datagram will effectively let SCTP4973* control fragmentation (i.e. the same as setting this option to 0).4974*4975* The following structure is used to access and modify this parameter:4976*4977* struct sctp_assoc_value {4978* sctp_assoc_t assoc_id;4979* uint32_t assoc_value;4980* };4981*4982* assoc_id: This parameter is ignored for one-to-one style sockets.4983* For one-to-many style sockets this parameter indicates which4984* association the user is performing an action upon. Note that if4985* this field's value is zero then the endpoints default value is4986* changed (effecting future associations only).4987* assoc_value: This parameter specifies the maximum size in bytes.4988*/4989static int sctp_getsockopt_maxseg(struct sock *sk, int len,4990char __user *optval, int __user *optlen)4991{4992struct sctp_assoc_value params;4993struct sctp_association *asoc;49944995if (len == sizeof(int)) {4996pr_warn("Use of int in maxseg socket option deprecated\n");4997pr_warn("Use struct sctp_assoc_value instead\n");4998params.assoc_id = 0;4999} else if (len >= sizeof(struct sctp_assoc_value)) {5000len = sizeof(struct sctp_assoc_value);5001if (copy_from_user(¶ms, optval, sizeof(params)))5002return -EFAULT;5003} else5004return -EINVAL;50055006asoc = sctp_id2assoc(sk, params.assoc_id);5007if (!asoc && params.assoc_id && sctp_style(sk, UDP))5008return -EINVAL;50095010if (asoc)5011params.assoc_value = asoc->frag_point;5012else5013params.assoc_value = sctp_sk(sk)->user_frag;50145015if (put_user(len, optlen))5016return -EFAULT;5017if (len == sizeof(int)) {5018if (copy_to_user(optval, ¶ms.assoc_value, len))5019return -EFAULT;5020} else {5021if (copy_to_user(optval, ¶ms, len))5022return -EFAULT;5023}50245025return 0;5026}50275028/*5029* 7.1.24. Get or set fragmented interleave (SCTP_FRAGMENT_INTERLEAVE)5030* (chapter and verse is quoted at sctp_setsockopt_fragment_interleave())5031*/5032static int sctp_getsockopt_fragment_interleave(struct sock *sk, int len,5033char __user *optval, int __user *optlen)5034{5035int val;50365037if (len < sizeof(int))5038return -EINVAL;50395040len = sizeof(int);50415042val = sctp_sk(sk)->frag_interleave;5043if (put_user(len, optlen))5044return -EFAULT;5045if (copy_to_user(optval, &val, len))5046return -EFAULT;50475048return 0;5049}50505051/*5052* 7.1.25. Set or Get the sctp partial delivery point5053* (chapter and verse is quoted at sctp_setsockopt_partial_delivery_point())5054*/5055static int sctp_getsockopt_partial_delivery_point(struct sock *sk, int len,5056char __user *optval,5057int __user *optlen)5058{5059u32 val;50605061if (len < sizeof(u32))5062return -EINVAL;50635064len = sizeof(u32);50655066val = sctp_sk(sk)->pd_point;5067if (put_user(len, optlen))5068return -EFAULT;5069if (copy_to_user(optval, &val, len))5070return -EFAULT;50715072return 0;5073}50745075/*5076* 7.1.28. Set or Get the maximum burst (SCTP_MAX_BURST)5077* (chapter and verse is quoted at sctp_setsockopt_maxburst())5078*/5079static int sctp_getsockopt_maxburst(struct sock *sk, int len,5080char __user *optval,5081int __user *optlen)5082{5083struct sctp_assoc_value params;5084struct sctp_sock *sp;5085struct sctp_association *asoc;50865087if (len == sizeof(int)) {5088pr_warn("Use of int in max_burst socket option deprecated\n");5089pr_warn("Use struct sctp_assoc_value instead\n");5090params.assoc_id = 0;5091} else if (len >= sizeof(struct sctp_assoc_value)) {5092len = sizeof(struct sctp_assoc_value);5093if (copy_from_user(¶ms, optval, len))5094return -EFAULT;5095} else5096return -EINVAL;50975098sp = sctp_sk(sk);50995100if (params.assoc_id != 0) {5101asoc = sctp_id2assoc(sk, params.assoc_id);5102if (!asoc)5103return -EINVAL;5104params.assoc_value = asoc->max_burst;5105} else5106params.assoc_value = sp->max_burst;51075108if (len == sizeof(int)) {5109if (copy_to_user(optval, ¶ms.assoc_value, len))5110return -EFAULT;5111} else {5112if (copy_to_user(optval, ¶ms, len))5113return -EFAULT;5114}51155116return 0;51175118}51195120static int sctp_getsockopt_hmac_ident(struct sock *sk, int len,5121char __user *optval, int __user *optlen)5122{5123struct sctp_hmacalgo __user *p = (void __user *)optval;5124struct sctp_hmac_algo_param *hmacs;5125__u16 data_len = 0;5126u32 num_idents;51275128if (!sctp_auth_enable)5129return -EACCES;51305131hmacs = sctp_sk(sk)->ep->auth_hmacs_list;5132data_len = ntohs(hmacs->param_hdr.length) - sizeof(sctp_paramhdr_t);51335134if (len < sizeof(struct sctp_hmacalgo) + data_len)5135return -EINVAL;51365137len = sizeof(struct sctp_hmacalgo) + data_len;5138num_idents = data_len / sizeof(u16);51395140if (put_user(len, optlen))5141return -EFAULT;5142if (put_user(num_idents, &p->shmac_num_idents))5143return -EFAULT;5144if (copy_to_user(p->shmac_idents, hmacs->hmac_ids, data_len))5145return -EFAULT;5146return 0;5147}51485149static int sctp_getsockopt_active_key(struct sock *sk, int len,5150char __user *optval, int __user *optlen)5151{5152struct sctp_authkeyid val;5153struct sctp_association *asoc;51545155if (!sctp_auth_enable)5156return -EACCES;51575158if (len < sizeof(struct sctp_authkeyid))5159return -EINVAL;5160if (copy_from_user(&val, optval, sizeof(struct sctp_authkeyid)))5161return -EFAULT;51625163asoc = sctp_id2assoc(sk, val.scact_assoc_id);5164if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))5165return -EINVAL;51665167if (asoc)5168val.scact_keynumber = asoc->active_key_id;5169else5170val.scact_keynumber = sctp_sk(sk)->ep->active_key_id;51715172len = sizeof(struct sctp_authkeyid);5173if (put_user(len, optlen))5174return -EFAULT;5175if (copy_to_user(optval, &val, len))5176return -EFAULT;51775178return 0;5179}51805181static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len,5182char __user *optval, int __user *optlen)5183{5184struct sctp_authchunks __user *p = (void __user *)optval;5185struct sctp_authchunks val;5186struct sctp_association *asoc;5187struct sctp_chunks_param *ch;5188u32 num_chunks = 0;5189char __user *to;51905191if (!sctp_auth_enable)5192return -EACCES;51935194if (len < sizeof(struct sctp_authchunks))5195return -EINVAL;51965197if (copy_from_user(&val, optval, sizeof(struct sctp_authchunks)))5198return -EFAULT;51995200to = p->gauth_chunks;5201asoc = sctp_id2assoc(sk, val.gauth_assoc_id);5202if (!asoc)5203return -EINVAL;52045205ch = asoc->peer.peer_chunks;5206if (!ch)5207goto num;52085209/* See if the user provided enough room for all the data */5210num_chunks = ntohs(ch->param_hdr.length) - sizeof(sctp_paramhdr_t);5211if (len < num_chunks)5212return -EINVAL;52135214if (copy_to_user(to, ch->chunks, num_chunks))5215return -EFAULT;5216num:5217len = sizeof(struct sctp_authchunks) + num_chunks;5218if (put_user(len, optlen)) return -EFAULT;5219if (put_user(num_chunks, &p->gauth_number_of_chunks))5220return -EFAULT;5221return 0;5222}52235224static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len,5225char __user *optval, int __user *optlen)5226{5227struct sctp_authchunks __user *p = (void __user *)optval;5228struct sctp_authchunks val;5229struct sctp_association *asoc;5230struct sctp_chunks_param *ch;5231u32 num_chunks = 0;5232char __user *to;52335234if (!sctp_auth_enable)5235return -EACCES;52365237if (len < sizeof(struct sctp_authchunks))5238return -EINVAL;52395240if (copy_from_user(&val, optval, sizeof(struct sctp_authchunks)))5241return -EFAULT;52425243to = p->gauth_chunks;5244asoc = sctp_id2assoc(sk, val.gauth_assoc_id);5245if (!asoc && val.gauth_assoc_id && sctp_style(sk, UDP))5246return -EINVAL;52475248if (asoc)5249ch = (struct sctp_chunks_param*)asoc->c.auth_chunks;5250else5251ch = sctp_sk(sk)->ep->auth_chunk_list;52525253if (!ch)5254goto num;52555256num_chunks = ntohs(ch->param_hdr.length) - sizeof(sctp_paramhdr_t);5257if (len < sizeof(struct sctp_authchunks) + num_chunks)5258return -EINVAL;52595260if (copy_to_user(to, ch->chunks, num_chunks))5261return -EFAULT;5262num:5263len = sizeof(struct sctp_authchunks) + num_chunks;5264if (put_user(len, optlen))5265return -EFAULT;5266if (put_user(num_chunks, &p->gauth_number_of_chunks))5267return -EFAULT;52685269return 0;5270}52715272/*5273* 8.2.5. Get the Current Number of Associations (SCTP_GET_ASSOC_NUMBER)5274* This option gets the current number of associations that are attached5275* to a one-to-many style socket. The option value is an uint32_t.5276*/5277static int sctp_getsockopt_assoc_number(struct sock *sk, int len,5278char __user *optval, int __user *optlen)5279{5280struct sctp_sock *sp = sctp_sk(sk);5281struct sctp_association *asoc;5282u32 val = 0;52835284if (sctp_style(sk, TCP))5285return -EOPNOTSUPP;52865287if (len < sizeof(u32))5288return -EINVAL;52895290len = sizeof(u32);52915292list_for_each_entry(asoc, &(sp->ep->asocs), asocs) {5293val++;5294}52955296if (put_user(len, optlen))5297return -EFAULT;5298if (copy_to_user(optval, &val, len))5299return -EFAULT;53005301return 0;5302}53035304/*5305* 8.2.6. Get the Current Identifiers of Associations5306* (SCTP_GET_ASSOC_ID_LIST)5307*5308* This option gets the current list of SCTP association identifiers of5309* the SCTP associations handled by a one-to-many style socket.5310*/5311static int sctp_getsockopt_assoc_ids(struct sock *sk, int len,5312char __user *optval, int __user *optlen)5313{5314struct sctp_sock *sp = sctp_sk(sk);5315struct sctp_association *asoc;5316struct sctp_assoc_ids *ids;5317u32 num = 0;53185319if (sctp_style(sk, TCP))5320return -EOPNOTSUPP;53215322if (len < sizeof(struct sctp_assoc_ids))5323return -EINVAL;53245325list_for_each_entry(asoc, &(sp->ep->asocs), asocs) {5326num++;5327}53285329if (len < sizeof(struct sctp_assoc_ids) + sizeof(sctp_assoc_t) * num)5330return -EINVAL;53315332len = sizeof(struct sctp_assoc_ids) + sizeof(sctp_assoc_t) * num;53335334ids = kmalloc(len, GFP_KERNEL);5335if (unlikely(!ids))5336return -ENOMEM;53375338ids->gaids_number_of_ids = num;5339num = 0;5340list_for_each_entry(asoc, &(sp->ep->asocs), asocs) {5341ids->gaids_assoc_id[num++] = asoc->assoc_id;5342}53435344if (put_user(len, optlen) || copy_to_user(optval, ids, len)) {5345kfree(ids);5346return -EFAULT;5347}53485349kfree(ids);5350return 0;5351}53525353SCTP_STATIC int sctp_getsockopt(struct sock *sk, int level, int optname,5354char __user *optval, int __user *optlen)5355{5356int retval = 0;5357int len;53585359SCTP_DEBUG_PRINTK("sctp_getsockopt(sk: %p... optname: %d)\n",5360sk, optname);53615362/* I can hardly begin to describe how wrong this is. This is5363* so broken as to be worse than useless. The API draft5364* REALLY is NOT helpful here... I am not convinced that the5365* semantics of getsockopt() with a level OTHER THAN SOL_SCTP5366* are at all well-founded.5367*/5368if (level != SOL_SCTP) {5369struct sctp_af *af = sctp_sk(sk)->pf->af;53705371retval = af->getsockopt(sk, level, optname, optval, optlen);5372return retval;5373}53745375if (get_user(len, optlen))5376return -EFAULT;53775378sctp_lock_sock(sk);53795380switch (optname) {5381case SCTP_STATUS:5382retval = sctp_getsockopt_sctp_status(sk, len, optval, optlen);5383break;5384case SCTP_DISABLE_FRAGMENTS:5385retval = sctp_getsockopt_disable_fragments(sk, len, optval,5386optlen);5387break;5388case SCTP_EVENTS:5389retval = sctp_getsockopt_events(sk, len, optval, optlen);5390break;5391case SCTP_AUTOCLOSE:5392retval = sctp_getsockopt_autoclose(sk, len, optval, optlen);5393break;5394case SCTP_SOCKOPT_PEELOFF:5395retval = sctp_getsockopt_peeloff(sk, len, optval, optlen);5396break;5397case SCTP_PEER_ADDR_PARAMS:5398retval = sctp_getsockopt_peer_addr_params(sk, len, optval,5399optlen);5400break;5401case SCTP_DELAYED_SACK:5402retval = sctp_getsockopt_delayed_ack(sk, len, optval,5403optlen);5404break;5405case SCTP_INITMSG:5406retval = sctp_getsockopt_initmsg(sk, len, optval, optlen);5407break;5408case SCTP_GET_PEER_ADDRS:5409retval = sctp_getsockopt_peer_addrs(sk, len, optval,5410optlen);5411break;5412case SCTP_GET_LOCAL_ADDRS:5413retval = sctp_getsockopt_local_addrs(sk, len, optval,5414optlen);5415break;5416case SCTP_SOCKOPT_CONNECTX3:5417retval = sctp_getsockopt_connectx3(sk, len, optval, optlen);5418break;5419case SCTP_DEFAULT_SEND_PARAM:5420retval = sctp_getsockopt_default_send_param(sk, len,5421optval, optlen);5422break;5423case SCTP_PRIMARY_ADDR:5424retval = sctp_getsockopt_primary_addr(sk, len, optval, optlen);5425break;5426case SCTP_NODELAY:5427retval = sctp_getsockopt_nodelay(sk, len, optval, optlen);5428break;5429case SCTP_RTOINFO:5430retval = sctp_getsockopt_rtoinfo(sk, len, optval, optlen);5431break;5432case SCTP_ASSOCINFO:5433retval = sctp_getsockopt_associnfo(sk, len, optval, optlen);5434break;5435case SCTP_I_WANT_MAPPED_V4_ADDR:5436retval = sctp_getsockopt_mappedv4(sk, len, optval, optlen);5437break;5438case SCTP_MAXSEG:5439retval = sctp_getsockopt_maxseg(sk, len, optval, optlen);5440break;5441case SCTP_GET_PEER_ADDR_INFO:5442retval = sctp_getsockopt_peer_addr_info(sk, len, optval,5443optlen);5444break;5445case SCTP_ADAPTATION_LAYER:5446retval = sctp_getsockopt_adaptation_layer(sk, len, optval,5447optlen);5448break;5449case SCTP_CONTEXT:5450retval = sctp_getsockopt_context(sk, len, optval, optlen);5451break;5452case SCTP_FRAGMENT_INTERLEAVE:5453retval = sctp_getsockopt_fragment_interleave(sk, len, optval,5454optlen);5455break;5456case SCTP_PARTIAL_DELIVERY_POINT:5457retval = sctp_getsockopt_partial_delivery_point(sk, len, optval,5458optlen);5459break;5460case SCTP_MAX_BURST:5461retval = sctp_getsockopt_maxburst(sk, len, optval, optlen);5462break;5463case SCTP_AUTH_KEY:5464case SCTP_AUTH_CHUNK:5465case SCTP_AUTH_DELETE_KEY:5466retval = -EOPNOTSUPP;5467break;5468case SCTP_HMAC_IDENT:5469retval = sctp_getsockopt_hmac_ident(sk, len, optval, optlen);5470break;5471case SCTP_AUTH_ACTIVE_KEY:5472retval = sctp_getsockopt_active_key(sk, len, optval, optlen);5473break;5474case SCTP_PEER_AUTH_CHUNKS:5475retval = sctp_getsockopt_peer_auth_chunks(sk, len, optval,5476optlen);5477break;5478case SCTP_LOCAL_AUTH_CHUNKS:5479retval = sctp_getsockopt_local_auth_chunks(sk, len, optval,5480optlen);5481break;5482case SCTP_GET_ASSOC_NUMBER:5483retval = sctp_getsockopt_assoc_number(sk, len, optval, optlen);5484break;5485case SCTP_GET_ASSOC_ID_LIST:5486retval = sctp_getsockopt_assoc_ids(sk, len, optval, optlen);5487break;5488default:5489retval = -ENOPROTOOPT;5490break;5491}54925493sctp_release_sock(sk);5494return retval;5495}54965497static void sctp_hash(struct sock *sk)5498{5499/* STUB */5500}55015502static void sctp_unhash(struct sock *sk)5503{5504/* STUB */5505}55065507/* Check if port is acceptable. Possibly find first available port.5508*5509* The port hash table (contained in the 'global' SCTP protocol storage5510* returned by struct sctp_protocol *sctp_get_protocol()). The hash5511* table is an array of 4096 lists (sctp_bind_hashbucket). Each5512* list (the list number is the port number hashed out, so as you5513* would expect from a hash function, all the ports in a given list have5514* such a number that hashes out to the same list number; you were5515* expecting that, right?); so each list has a set of ports, with a5516* link to the socket (struct sock) that uses it, the port number and5517* a fastreuse flag (FIXME: NPI ipg).5518*/5519static struct sctp_bind_bucket *sctp_bucket_create(5520struct sctp_bind_hashbucket *head, unsigned short snum);55215522static long sctp_get_port_local(struct sock *sk, union sctp_addr *addr)5523{5524struct sctp_bind_hashbucket *head; /* hash list */5525struct sctp_bind_bucket *pp; /* hash list port iterator */5526struct hlist_node *node;5527unsigned short snum;5528int ret;55295530snum = ntohs(addr->v4.sin_port);55315532SCTP_DEBUG_PRINTK("sctp_get_port() begins, snum=%d\n", snum);5533sctp_local_bh_disable();55345535if (snum == 0) {5536/* Search for an available port. */5537int low, high, remaining, index;5538unsigned int rover;55395540inet_get_local_port_range(&low, &high);5541remaining = (high - low) + 1;5542rover = net_random() % remaining + low;55435544do {5545rover++;5546if ((rover < low) || (rover > high))5547rover = low;5548if (inet_is_reserved_local_port(rover))5549continue;5550index = sctp_phashfn(rover);5551head = &sctp_port_hashtable[index];5552sctp_spin_lock(&head->lock);5553sctp_for_each_hentry(pp, node, &head->chain)5554if (pp->port == rover)5555goto next;5556break;5557next:5558sctp_spin_unlock(&head->lock);5559} while (--remaining > 0);55605561/* Exhausted local port range during search? */5562ret = 1;5563if (remaining <= 0)5564goto fail;55655566/* OK, here is the one we will use. HEAD (the port5567* hash table list entry) is non-NULL and we hold it's5568* mutex.5569*/5570snum = rover;5571} else {5572/* We are given an specific port number; we verify5573* that it is not being used. If it is used, we will5574* exahust the search in the hash list corresponding5575* to the port number (snum) - we detect that with the5576* port iterator, pp being NULL.5577*/5578head = &sctp_port_hashtable[sctp_phashfn(snum)];5579sctp_spin_lock(&head->lock);5580sctp_for_each_hentry(pp, node, &head->chain) {5581if (pp->port == snum)5582goto pp_found;5583}5584}5585pp = NULL;5586goto pp_not_found;5587pp_found:5588if (!hlist_empty(&pp->owner)) {5589/* We had a port hash table hit - there is an5590* available port (pp != NULL) and it is being5591* used by other socket (pp->owner not empty); that other5592* socket is going to be sk2.5593*/5594int reuse = sk->sk_reuse;5595struct sock *sk2;55965597SCTP_DEBUG_PRINTK("sctp_get_port() found a possible match\n");5598if (pp->fastreuse && sk->sk_reuse &&5599sk->sk_state != SCTP_SS_LISTENING)5600goto success;56015602/* Run through the list of sockets bound to the port5603* (pp->port) [via the pointers bind_next and5604* bind_pprev in the struct sock *sk2 (pp->sk)]. On each one,5605* we get the endpoint they describe and run through5606* the endpoint's list of IP (v4 or v6) addresses,5607* comparing each of the addresses with the address of5608* the socket sk. If we find a match, then that means5609* that this port/socket (sk) combination are already5610* in an endpoint.5611*/5612sk_for_each_bound(sk2, node, &pp->owner) {5613struct sctp_endpoint *ep2;5614ep2 = sctp_sk(sk2)->ep;56155616if (sk == sk2 ||5617(reuse && sk2->sk_reuse &&5618sk2->sk_state != SCTP_SS_LISTENING))5619continue;56205621if (sctp_bind_addr_conflict(&ep2->base.bind_addr, addr,5622sctp_sk(sk2), sctp_sk(sk))) {5623ret = (long)sk2;5624goto fail_unlock;5625}5626}5627SCTP_DEBUG_PRINTK("sctp_get_port(): Found a match\n");5628}5629pp_not_found:5630/* If there was a hash table miss, create a new port. */5631ret = 1;5632if (!pp && !(pp = sctp_bucket_create(head, snum)))5633goto fail_unlock;56345635/* In either case (hit or miss), make sure fastreuse is 1 only5636* if sk->sk_reuse is too (that is, if the caller requested5637* SO_REUSEADDR on this socket -sk-).5638*/5639if (hlist_empty(&pp->owner)) {5640if (sk->sk_reuse && sk->sk_state != SCTP_SS_LISTENING)5641pp->fastreuse = 1;5642else5643pp->fastreuse = 0;5644} else if (pp->fastreuse &&5645(!sk->sk_reuse || sk->sk_state == SCTP_SS_LISTENING))5646pp->fastreuse = 0;56475648/* We are set, so fill up all the data in the hash table5649* entry, tie the socket list information with the rest of the5650* sockets FIXME: Blurry, NPI (ipg).5651*/5652success:5653if (!sctp_sk(sk)->bind_hash) {5654inet_sk(sk)->inet_num = snum;5655sk_add_bind_node(sk, &pp->owner);5656sctp_sk(sk)->bind_hash = pp;5657}5658ret = 0;56595660fail_unlock:5661sctp_spin_unlock(&head->lock);56625663fail:5664sctp_local_bh_enable();5665return ret;5666}56675668/* Assign a 'snum' port to the socket. If snum == 0, an ephemeral5669* port is requested.5670*/5671static int sctp_get_port(struct sock *sk, unsigned short snum)5672{5673long ret;5674union sctp_addr addr;5675struct sctp_af *af = sctp_sk(sk)->pf->af;56765677/* Set up a dummy address struct from the sk. */5678af->from_sk(&addr, sk);5679addr.v4.sin_port = htons(snum);56805681/* Note: sk->sk_num gets filled in if ephemeral port request. */5682ret = sctp_get_port_local(sk, &addr);56835684return ret ? 1 : 0;5685}56865687/*5688* Move a socket to LISTENING state.5689*/5690SCTP_STATIC int sctp_listen_start(struct sock *sk, int backlog)5691{5692struct sctp_sock *sp = sctp_sk(sk);5693struct sctp_endpoint *ep = sp->ep;5694struct crypto_hash *tfm = NULL;56955696/* Allocate HMAC for generating cookie. */5697if (!sctp_sk(sk)->hmac && sctp_hmac_alg) {5698tfm = crypto_alloc_hash(sctp_hmac_alg, 0, CRYPTO_ALG_ASYNC);5699if (IS_ERR(tfm)) {5700if (net_ratelimit()) {5701pr_info("failed to load transform for %s: %ld\n",5702sctp_hmac_alg, PTR_ERR(tfm));5703}5704return -ENOSYS;5705}5706sctp_sk(sk)->hmac = tfm;5707}57085709/*5710* If a bind() or sctp_bindx() is not called prior to a listen()5711* call that allows new associations to be accepted, the system5712* picks an ephemeral port and will choose an address set equivalent5713* to binding with a wildcard address.5714*5715* This is not currently spelled out in the SCTP sockets5716* extensions draft, but follows the practice as seen in TCP5717* sockets.5718*5719*/5720sk->sk_state = SCTP_SS_LISTENING;5721if (!ep->base.bind_addr.port) {5722if (sctp_autobind(sk))5723return -EAGAIN;5724} else {5725if (sctp_get_port(sk, inet_sk(sk)->inet_num)) {5726sk->sk_state = SCTP_SS_CLOSED;5727return -EADDRINUSE;5728}5729}57305731sk->sk_max_ack_backlog = backlog;5732sctp_hash_endpoint(ep);5733return 0;5734}57355736/*5737* 4.1.3 / 5.1.3 listen()5738*5739* By default, new associations are not accepted for UDP style sockets.5740* An application uses listen() to mark a socket as being able to5741* accept new associations.5742*5743* On TCP style sockets, applications use listen() to ready the SCTP5744* endpoint for accepting inbound associations.5745*5746* On both types of endpoints a backlog of '0' disables listening.5747*5748* Move a socket to LISTENING state.5749*/5750int sctp_inet_listen(struct socket *sock, int backlog)5751{5752struct sock *sk = sock->sk;5753struct sctp_endpoint *ep = sctp_sk(sk)->ep;5754int err = -EINVAL;57555756if (unlikely(backlog < 0))5757return err;57585759sctp_lock_sock(sk);57605761/* Peeled-off sockets are not allowed to listen(). */5762if (sctp_style(sk, UDP_HIGH_BANDWIDTH))5763goto out;57645765if (sock->state != SS_UNCONNECTED)5766goto out;57675768/* If backlog is zero, disable listening. */5769if (!backlog) {5770if (sctp_sstate(sk, CLOSED))5771goto out;57725773err = 0;5774sctp_unhash_endpoint(ep);5775sk->sk_state = SCTP_SS_CLOSED;5776if (sk->sk_reuse)5777sctp_sk(sk)->bind_hash->fastreuse = 1;5778goto out;5779}57805781/* If we are already listening, just update the backlog */5782if (sctp_sstate(sk, LISTENING))5783sk->sk_max_ack_backlog = backlog;5784else {5785err = sctp_listen_start(sk, backlog);5786if (err)5787goto out;5788}57895790err = 0;5791out:5792sctp_release_sock(sk);5793return err;5794}57955796/*5797* This function is done by modeling the current datagram_poll() and the5798* tcp_poll(). Note that, based on these implementations, we don't5799* lock the socket in this function, even though it seems that,5800* ideally, locking or some other mechanisms can be used to ensure5801* the integrity of the counters (sndbuf and wmem_alloc) used5802* in this place. We assume that we don't need locks either until proven5803* otherwise.5804*5805* Another thing to note is that we include the Async I/O support5806* here, again, by modeling the current TCP/UDP code. We don't have5807* a good way to test with it yet.5808*/5809unsigned int sctp_poll(struct file *file, struct socket *sock, poll_table *wait)5810{5811struct sock *sk = sock->sk;5812struct sctp_sock *sp = sctp_sk(sk);5813unsigned int mask;58145815poll_wait(file, sk_sleep(sk), wait);58165817/* A TCP-style listening socket becomes readable when the accept queue5818* is not empty.5819*/5820if (sctp_style(sk, TCP) && sctp_sstate(sk, LISTENING))5821return (!list_empty(&sp->ep->asocs)) ?5822(POLLIN | POLLRDNORM) : 0;58235824mask = 0;58255826/* Is there any exceptional events? */5827if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue))5828mask |= POLLERR;5829if (sk->sk_shutdown & RCV_SHUTDOWN)5830mask |= POLLRDHUP | POLLIN | POLLRDNORM;5831if (sk->sk_shutdown == SHUTDOWN_MASK)5832mask |= POLLHUP;58335834/* Is it readable? Reconsider this code with TCP-style support. */5835if (!skb_queue_empty(&sk->sk_receive_queue))5836mask |= POLLIN | POLLRDNORM;58375838/* The association is either gone or not ready. */5839if (!sctp_style(sk, UDP) && sctp_sstate(sk, CLOSED))5840return mask;58415842/* Is it writable? */5843if (sctp_writeable(sk)) {5844mask |= POLLOUT | POLLWRNORM;5845} else {5846set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);5847/*5848* Since the socket is not locked, the buffer5849* might be made available after the writeable check and5850* before the bit is set. This could cause a lost I/O5851* signal. tcp_poll() has a race breaker for this race5852* condition. Based on their implementation, we put5853* in the following code to cover it as well.5854*/5855if (sctp_writeable(sk))5856mask |= POLLOUT | POLLWRNORM;5857}5858return mask;5859}58605861/********************************************************************5862* 2nd Level Abstractions5863********************************************************************/58645865static struct sctp_bind_bucket *sctp_bucket_create(5866struct sctp_bind_hashbucket *head, unsigned short snum)5867{5868struct sctp_bind_bucket *pp;58695870pp = kmem_cache_alloc(sctp_bucket_cachep, GFP_ATOMIC);5871if (pp) {5872SCTP_DBG_OBJCNT_INC(bind_bucket);5873pp->port = snum;5874pp->fastreuse = 0;5875INIT_HLIST_HEAD(&pp->owner);5876hlist_add_head(&pp->node, &head->chain);5877}5878return pp;5879}58805881/* Caller must hold hashbucket lock for this tb with local BH disabled */5882static void sctp_bucket_destroy(struct sctp_bind_bucket *pp)5883{5884if (pp && hlist_empty(&pp->owner)) {5885__hlist_del(&pp->node);5886kmem_cache_free(sctp_bucket_cachep, pp);5887SCTP_DBG_OBJCNT_DEC(bind_bucket);5888}5889}58905891/* Release this socket's reference to a local port. */5892static inline void __sctp_put_port(struct sock *sk)5893{5894struct sctp_bind_hashbucket *head =5895&sctp_port_hashtable[sctp_phashfn(inet_sk(sk)->inet_num)];5896struct sctp_bind_bucket *pp;58975898sctp_spin_lock(&head->lock);5899pp = sctp_sk(sk)->bind_hash;5900__sk_del_bind_node(sk);5901sctp_sk(sk)->bind_hash = NULL;5902inet_sk(sk)->inet_num = 0;5903sctp_bucket_destroy(pp);5904sctp_spin_unlock(&head->lock);5905}59065907void sctp_put_port(struct sock *sk)5908{5909sctp_local_bh_disable();5910__sctp_put_port(sk);5911sctp_local_bh_enable();5912}59135914/*5915* The system picks an ephemeral port and choose an address set equivalent5916* to binding with a wildcard address.5917* One of those addresses will be the primary address for the association.5918* This automatically enables the multihoming capability of SCTP.5919*/5920static int sctp_autobind(struct sock *sk)5921{5922union sctp_addr autoaddr;5923struct sctp_af *af;5924__be16 port;59255926/* Initialize a local sockaddr structure to INADDR_ANY. */5927af = sctp_sk(sk)->pf->af;59285929port = htons(inet_sk(sk)->inet_num);5930af->inaddr_any(&autoaddr, port);59315932return sctp_do_bind(sk, &autoaddr, af->sockaddr_len);5933}59345935/* Parse out IPPROTO_SCTP CMSG headers. Perform only minimal validation.5936*5937* From RFC 22925938* 4.2 The cmsghdr Structure *5939*5940* When ancillary data is sent or received, any number of ancillary data5941* objects can be specified by the msg_control and msg_controllen members of5942* the msghdr structure, because each object is preceded by5943* a cmsghdr structure defining the object's length (the cmsg_len member).5944* Historically Berkeley-derived implementations have passed only one object5945* at a time, but this API allows multiple objects to be5946* passed in a single call to sendmsg() or recvmsg(). The following example5947* shows two ancillary data objects in a control buffer.5948*5949* |<--------------------------- msg_controllen -------------------------->|5950* | |5951*5952* |<----- ancillary data object ----->|<----- ancillary data object ----->|5953*5954* |<---------- CMSG_SPACE() --------->|<---------- CMSG_SPACE() --------->|5955* | | |5956*5957* |<---------- cmsg_len ---------->| |<--------- cmsg_len ----------->| |5958*5959* |<--------- CMSG_LEN() --------->| |<-------- CMSG_LEN() ---------->| |5960* | | | | |5961*5962* +-----+-----+-----+--+-----------+--+-----+-----+-----+--+-----------+--+5963* |cmsg_|cmsg_|cmsg_|XX| |XX|cmsg_|cmsg_|cmsg_|XX| |XX|5964*5965* |len |level|type |XX|cmsg_data[]|XX|len |level|type |XX|cmsg_data[]|XX|5966*5967* +-----+-----+-----+--+-----------+--+-----+-----+-----+--+-----------+--+5968* ^5969* |5970*5971* msg_control5972* points here5973*/5974SCTP_STATIC int sctp_msghdr_parse(const struct msghdr *msg,5975sctp_cmsgs_t *cmsgs)5976{5977struct cmsghdr *cmsg;5978struct msghdr *my_msg = (struct msghdr *)msg;59795980for (cmsg = CMSG_FIRSTHDR(msg);5981cmsg != NULL;5982cmsg = CMSG_NXTHDR(my_msg, cmsg)) {5983if (!CMSG_OK(my_msg, cmsg))5984return -EINVAL;59855986/* Should we parse this header or ignore? */5987if (cmsg->cmsg_level != IPPROTO_SCTP)5988continue;59895990/* Strictly check lengths following example in SCM code. */5991switch (cmsg->cmsg_type) {5992case SCTP_INIT:5993/* SCTP Socket API Extension5994* 5.2.1 SCTP Initiation Structure (SCTP_INIT)5995*5996* This cmsghdr structure provides information for5997* initializing new SCTP associations with sendmsg().5998* The SCTP_INITMSG socket option uses this same data5999* structure. This structure is not used for6000* recvmsg().6001*6002* cmsg_level cmsg_type cmsg_data[]6003* ------------ ------------ ----------------------6004* IPPROTO_SCTP SCTP_INIT struct sctp_initmsg6005*/6006if (cmsg->cmsg_len !=6007CMSG_LEN(sizeof(struct sctp_initmsg)))6008return -EINVAL;6009cmsgs->init = (struct sctp_initmsg *)CMSG_DATA(cmsg);6010break;60116012case SCTP_SNDRCV:6013/* SCTP Socket API Extension6014* 5.2.2 SCTP Header Information Structure(SCTP_SNDRCV)6015*6016* This cmsghdr structure specifies SCTP options for6017* sendmsg() and describes SCTP header information6018* about a received message through recvmsg().6019*6020* cmsg_level cmsg_type cmsg_data[]6021* ------------ ------------ ----------------------6022* IPPROTO_SCTP SCTP_SNDRCV struct sctp_sndrcvinfo6023*/6024if (cmsg->cmsg_len !=6025CMSG_LEN(sizeof(struct sctp_sndrcvinfo)))6026return -EINVAL;60276028cmsgs->info =6029(struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);60306031/* Minimally, validate the sinfo_flags. */6032if (cmsgs->info->sinfo_flags &6033~(SCTP_UNORDERED | SCTP_ADDR_OVER |6034SCTP_ABORT | SCTP_EOF))6035return -EINVAL;6036break;60376038default:6039return -EINVAL;6040}6041}6042return 0;6043}60446045/*6046* Wait for a packet..6047* Note: This function is the same function as in core/datagram.c6048* with a few modifications to make lksctp work.6049*/6050static int sctp_wait_for_packet(struct sock * sk, int *err, long *timeo_p)6051{6052int error;6053DEFINE_WAIT(wait);60546055prepare_to_wait_exclusive(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);60566057/* Socket errors? */6058error = sock_error(sk);6059if (error)6060goto out;60616062if (!skb_queue_empty(&sk->sk_receive_queue))6063goto ready;60646065/* Socket shut down? */6066if (sk->sk_shutdown & RCV_SHUTDOWN)6067goto out;60686069/* Sequenced packets can come disconnected. If so we report the6070* problem.6071*/6072error = -ENOTCONN;60736074/* Is there a good reason to think that we may receive some data? */6075if (list_empty(&sctp_sk(sk)->ep->asocs) && !sctp_sstate(sk, LISTENING))6076goto out;60776078/* Handle signals. */6079if (signal_pending(current))6080goto interrupted;60816082/* Let another process have a go. Since we are going to sleep6083* anyway. Note: This may cause odd behaviors if the message6084* does not fit in the user's buffer, but this seems to be the6085* only way to honor MSG_DONTWAIT realistically.6086*/6087sctp_release_sock(sk);6088*timeo_p = schedule_timeout(*timeo_p);6089sctp_lock_sock(sk);60906091ready:6092finish_wait(sk_sleep(sk), &wait);6093return 0;60946095interrupted:6096error = sock_intr_errno(*timeo_p);60976098out:6099finish_wait(sk_sleep(sk), &wait);6100*err = error;6101return error;6102}61036104/* Receive a datagram.6105* Note: This is pretty much the same routine as in core/datagram.c6106* with a few changes to make lksctp work.6107*/6108static struct sk_buff *sctp_skb_recv_datagram(struct sock *sk, int flags,6109int noblock, int *err)6110{6111int error;6112struct sk_buff *skb;6113long timeo;61146115timeo = sock_rcvtimeo(sk, noblock);61166117SCTP_DEBUG_PRINTK("Timeout: timeo: %ld, MAX: %ld.\n",6118timeo, MAX_SCHEDULE_TIMEOUT);61196120do {6121/* Again only user level code calls this function,6122* so nothing interrupt level6123* will suddenly eat the receive_queue.6124*6125* Look at current nfs client by the way...6126* However, this function was correct in any case. 8)6127*/6128if (flags & MSG_PEEK) {6129spin_lock_bh(&sk->sk_receive_queue.lock);6130skb = skb_peek(&sk->sk_receive_queue);6131if (skb)6132atomic_inc(&skb->users);6133spin_unlock_bh(&sk->sk_receive_queue.lock);6134} else {6135skb = skb_dequeue(&sk->sk_receive_queue);6136}61376138if (skb)6139return skb;61406141/* Caller is allowed not to check sk->sk_err before calling. */6142error = sock_error(sk);6143if (error)6144goto no_packet;61456146if (sk->sk_shutdown & RCV_SHUTDOWN)6147break;61486149/* User doesn't want to wait. */6150error = -EAGAIN;6151if (!timeo)6152goto no_packet;6153} while (sctp_wait_for_packet(sk, err, &timeo) == 0);61546155return NULL;61566157no_packet:6158*err = error;6159return NULL;6160}61616162/* If sndbuf has changed, wake up per association sndbuf waiters. */6163static void __sctp_write_space(struct sctp_association *asoc)6164{6165struct sock *sk = asoc->base.sk;6166struct socket *sock = sk->sk_socket;61676168if ((sctp_wspace(asoc) > 0) && sock) {6169if (waitqueue_active(&asoc->wait))6170wake_up_interruptible(&asoc->wait);61716172if (sctp_writeable(sk)) {6173wait_queue_head_t *wq = sk_sleep(sk);61746175if (wq && waitqueue_active(wq))6176wake_up_interruptible(wq);61776178/* Note that we try to include the Async I/O support6179* here by modeling from the current TCP/UDP code.6180* We have not tested with it yet.6181*/6182if (!(sk->sk_shutdown & SEND_SHUTDOWN))6183sock_wake_async(sock,6184SOCK_WAKE_SPACE, POLL_OUT);6185}6186}6187}61886189/* Do accounting for the sndbuf space.6190* Decrement the used sndbuf space of the corresponding association by the6191* data size which was just transmitted(freed).6192*/6193static void sctp_wfree(struct sk_buff *skb)6194{6195struct sctp_association *asoc;6196struct sctp_chunk *chunk;6197struct sock *sk;61986199/* Get the saved chunk pointer. */6200chunk = *((struct sctp_chunk **)(skb->cb));6201asoc = chunk->asoc;6202sk = asoc->base.sk;6203asoc->sndbuf_used -= SCTP_DATA_SNDSIZE(chunk) +6204sizeof(struct sk_buff) +6205sizeof(struct sctp_chunk);62066207atomic_sub(sizeof(struct sctp_chunk), &sk->sk_wmem_alloc);62086209/*6210* This undoes what is done via sctp_set_owner_w and sk_mem_charge6211*/6212sk->sk_wmem_queued -= skb->truesize;6213sk_mem_uncharge(sk, skb->truesize);62146215sock_wfree(skb);6216__sctp_write_space(asoc);62176218sctp_association_put(asoc);6219}62206221/* Do accounting for the receive space on the socket.6222* Accounting for the association is done in ulpevent.c6223* We set this as a destructor for the cloned data skbs so that6224* accounting is done at the correct time.6225*/6226void sctp_sock_rfree(struct sk_buff *skb)6227{6228struct sock *sk = skb->sk;6229struct sctp_ulpevent *event = sctp_skb2event(skb);62306231atomic_sub(event->rmem_len, &sk->sk_rmem_alloc);62326233/*6234* Mimic the behavior of sock_rfree6235*/6236sk_mem_uncharge(sk, event->rmem_len);6237}623862396240/* Helper function to wait for space in the sndbuf. */6241static int sctp_wait_for_sndbuf(struct sctp_association *asoc, long *timeo_p,6242size_t msg_len)6243{6244struct sock *sk = asoc->base.sk;6245int err = 0;6246long current_timeo = *timeo_p;6247DEFINE_WAIT(wait);62486249SCTP_DEBUG_PRINTK("wait_for_sndbuf: asoc=%p, timeo=%ld, msg_len=%zu\n",6250asoc, (long)(*timeo_p), msg_len);62516252/* Increment the association's refcnt. */6253sctp_association_hold(asoc);62546255/* Wait on the association specific sndbuf space. */6256for (;;) {6257prepare_to_wait_exclusive(&asoc->wait, &wait,6258TASK_INTERRUPTIBLE);6259if (!*timeo_p)6260goto do_nonblock;6261if (sk->sk_err || asoc->state >= SCTP_STATE_SHUTDOWN_PENDING ||6262asoc->base.dead)6263goto do_error;6264if (signal_pending(current))6265goto do_interrupted;6266if (msg_len <= sctp_wspace(asoc))6267break;62686269/* Let another process have a go. Since we are going6270* to sleep anyway.6271*/6272sctp_release_sock(sk);6273current_timeo = schedule_timeout(current_timeo);6274BUG_ON(sk != asoc->base.sk);6275sctp_lock_sock(sk);62766277*timeo_p = current_timeo;6278}62796280out:6281finish_wait(&asoc->wait, &wait);62826283/* Release the association's refcnt. */6284sctp_association_put(asoc);62856286return err;62876288do_error:6289err = -EPIPE;6290goto out;62916292do_interrupted:6293err = sock_intr_errno(*timeo_p);6294goto out;62956296do_nonblock:6297err = -EAGAIN;6298goto out;6299}63006301void sctp_data_ready(struct sock *sk, int len)6302{6303struct socket_wq *wq;63046305rcu_read_lock();6306wq = rcu_dereference(sk->sk_wq);6307if (wq_has_sleeper(wq))6308wake_up_interruptible_sync_poll(&wq->wait, POLLIN |6309POLLRDNORM | POLLRDBAND);6310sk_wake_async(sk, SOCK_WAKE_WAITD, POLL_IN);6311rcu_read_unlock();6312}63136314/* If socket sndbuf has changed, wake up all per association waiters. */6315void sctp_write_space(struct sock *sk)6316{6317struct sctp_association *asoc;63186319/* Wake up the tasks in each wait queue. */6320list_for_each_entry(asoc, &((sctp_sk(sk))->ep->asocs), asocs) {6321__sctp_write_space(asoc);6322}6323}63246325/* Is there any sndbuf space available on the socket?6326*6327* Note that sk_wmem_alloc is the sum of the send buffers on all of the6328* associations on the same socket. For a UDP-style socket with6329* multiple associations, it is possible for it to be "unwriteable"6330* prematurely. I assume that this is acceptable because6331* a premature "unwriteable" is better than an accidental "writeable" which6332* would cause an unwanted block under certain circumstances. For the 1-16333* UDP-style sockets or TCP-style sockets, this code should work.6334* - Daisy6335*/6336static int sctp_writeable(struct sock *sk)6337{6338int amt = 0;63396340amt = sk->sk_sndbuf - sk_wmem_alloc_get(sk);6341if (amt < 0)6342amt = 0;6343return amt;6344}63456346/* Wait for an association to go into ESTABLISHED state. If timeout is 0,6347* returns immediately with EINPROGRESS.6348*/6349static int sctp_wait_for_connect(struct sctp_association *asoc, long *timeo_p)6350{6351struct sock *sk = asoc->base.sk;6352int err = 0;6353long current_timeo = *timeo_p;6354DEFINE_WAIT(wait);63556356SCTP_DEBUG_PRINTK("%s: asoc=%p, timeo=%ld\n", __func__, asoc,6357(long)(*timeo_p));63586359/* Increment the association's refcnt. */6360sctp_association_hold(asoc);63616362for (;;) {6363prepare_to_wait_exclusive(&asoc->wait, &wait,6364TASK_INTERRUPTIBLE);6365if (!*timeo_p)6366goto do_nonblock;6367if (sk->sk_shutdown & RCV_SHUTDOWN)6368break;6369if (sk->sk_err || asoc->state >= SCTP_STATE_SHUTDOWN_PENDING ||6370asoc->base.dead)6371goto do_error;6372if (signal_pending(current))6373goto do_interrupted;63746375if (sctp_state(asoc, ESTABLISHED))6376break;63776378/* Let another process have a go. Since we are going6379* to sleep anyway.6380*/6381sctp_release_sock(sk);6382current_timeo = schedule_timeout(current_timeo);6383sctp_lock_sock(sk);63846385*timeo_p = current_timeo;6386}63876388out:6389finish_wait(&asoc->wait, &wait);63906391/* Release the association's refcnt. */6392sctp_association_put(asoc);63936394return err;63956396do_error:6397if (asoc->init_err_counter + 1 > asoc->max_init_attempts)6398err = -ETIMEDOUT;6399else6400err = -ECONNREFUSED;6401goto out;64026403do_interrupted:6404err = sock_intr_errno(*timeo_p);6405goto out;64066407do_nonblock:6408err = -EINPROGRESS;6409goto out;6410}64116412static int sctp_wait_for_accept(struct sock *sk, long timeo)6413{6414struct sctp_endpoint *ep;6415int err = 0;6416DEFINE_WAIT(wait);64176418ep = sctp_sk(sk)->ep;641964206421for (;;) {6422prepare_to_wait_exclusive(sk_sleep(sk), &wait,6423TASK_INTERRUPTIBLE);64246425if (list_empty(&ep->asocs)) {6426sctp_release_sock(sk);6427timeo = schedule_timeout(timeo);6428sctp_lock_sock(sk);6429}64306431err = -EINVAL;6432if (!sctp_sstate(sk, LISTENING))6433break;64346435err = 0;6436if (!list_empty(&ep->asocs))6437break;64386439err = sock_intr_errno(timeo);6440if (signal_pending(current))6441break;64426443err = -EAGAIN;6444if (!timeo)6445break;6446}64476448finish_wait(sk_sleep(sk), &wait);64496450return err;6451}64526453static void sctp_wait_for_close(struct sock *sk, long timeout)6454{6455DEFINE_WAIT(wait);64566457do {6458prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);6459if (list_empty(&sctp_sk(sk)->ep->asocs))6460break;6461sctp_release_sock(sk);6462timeout = schedule_timeout(timeout);6463sctp_lock_sock(sk);6464} while (!signal_pending(current) && timeout);64656466finish_wait(sk_sleep(sk), &wait);6467}64686469static void sctp_skb_set_owner_r_frag(struct sk_buff *skb, struct sock *sk)6470{6471struct sk_buff *frag;64726473if (!skb->data_len)6474goto done;64756476/* Don't forget the fragments. */6477skb_walk_frags(skb, frag)6478sctp_skb_set_owner_r_frag(frag, sk);64796480done:6481sctp_skb_set_owner_r(skb, sk);6482}64836484void sctp_copy_sock(struct sock *newsk, struct sock *sk,6485struct sctp_association *asoc)6486{6487struct inet_sock *inet = inet_sk(sk);6488struct inet_sock *newinet;64896490newsk->sk_type = sk->sk_type;6491newsk->sk_bound_dev_if = sk->sk_bound_dev_if;6492newsk->sk_flags = sk->sk_flags;6493newsk->sk_no_check = sk->sk_no_check;6494newsk->sk_reuse = sk->sk_reuse;64956496newsk->sk_shutdown = sk->sk_shutdown;6497newsk->sk_destruct = inet_sock_destruct;6498newsk->sk_family = sk->sk_family;6499newsk->sk_protocol = IPPROTO_SCTP;6500newsk->sk_backlog_rcv = sk->sk_prot->backlog_rcv;6501newsk->sk_sndbuf = sk->sk_sndbuf;6502newsk->sk_rcvbuf = sk->sk_rcvbuf;6503newsk->sk_lingertime = sk->sk_lingertime;6504newsk->sk_rcvtimeo = sk->sk_rcvtimeo;6505newsk->sk_sndtimeo = sk->sk_sndtimeo;65066507newinet = inet_sk(newsk);65086509/* Initialize sk's sport, dport, rcv_saddr and daddr for6510* getsockname() and getpeername()6511*/6512newinet->inet_sport = inet->inet_sport;6513newinet->inet_saddr = inet->inet_saddr;6514newinet->inet_rcv_saddr = inet->inet_rcv_saddr;6515newinet->inet_dport = htons(asoc->peer.port);6516newinet->pmtudisc = inet->pmtudisc;6517newinet->inet_id = asoc->next_tsn ^ jiffies;65186519newinet->uc_ttl = inet->uc_ttl;6520newinet->mc_loop = 1;6521newinet->mc_ttl = 1;6522newinet->mc_index = 0;6523newinet->mc_list = NULL;6524}65256526/* Populate the fields of the newsk from the oldsk and migrate the assoc6527* and its messages to the newsk.6528*/6529static void sctp_sock_migrate(struct sock *oldsk, struct sock *newsk,6530struct sctp_association *assoc,6531sctp_socket_type_t type)6532{6533struct sctp_sock *oldsp = sctp_sk(oldsk);6534struct sctp_sock *newsp = sctp_sk(newsk);6535struct sctp_bind_bucket *pp; /* hash list port iterator */6536struct sctp_endpoint *newep = newsp->ep;6537struct sk_buff *skb, *tmp;6538struct sctp_ulpevent *event;6539struct sctp_bind_hashbucket *head;65406541/* Migrate socket buffer sizes and all the socket level options to the6542* new socket.6543*/6544newsk->sk_sndbuf = oldsk->sk_sndbuf;6545newsk->sk_rcvbuf = oldsk->sk_rcvbuf;6546/* Brute force copy old sctp opt. */6547inet_sk_copy_descendant(newsk, oldsk);65486549/* Restore the ep value that was overwritten with the above structure6550* copy.6551*/6552newsp->ep = newep;6553newsp->hmac = NULL;65546555/* Hook this new socket in to the bind_hash list. */6556head = &sctp_port_hashtable[sctp_phashfn(inet_sk(oldsk)->inet_num)];6557sctp_local_bh_disable();6558sctp_spin_lock(&head->lock);6559pp = sctp_sk(oldsk)->bind_hash;6560sk_add_bind_node(newsk, &pp->owner);6561sctp_sk(newsk)->bind_hash = pp;6562inet_sk(newsk)->inet_num = inet_sk(oldsk)->inet_num;6563sctp_spin_unlock(&head->lock);6564sctp_local_bh_enable();65656566/* Copy the bind_addr list from the original endpoint to the new6567* endpoint so that we can handle restarts properly6568*/6569sctp_bind_addr_dup(&newsp->ep->base.bind_addr,6570&oldsp->ep->base.bind_addr, GFP_KERNEL);65716572/* Move any messages in the old socket's receive queue that are for the6573* peeled off association to the new socket's receive queue.6574*/6575sctp_skb_for_each(skb, &oldsk->sk_receive_queue, tmp) {6576event = sctp_skb2event(skb);6577if (event->asoc == assoc) {6578__skb_unlink(skb, &oldsk->sk_receive_queue);6579__skb_queue_tail(&newsk->sk_receive_queue, skb);6580sctp_skb_set_owner_r_frag(skb, newsk);6581}6582}65836584/* Clean up any messages pending delivery due to partial6585* delivery. Three cases:6586* 1) No partial deliver; no work.6587* 2) Peeling off partial delivery; keep pd_lobby in new pd_lobby.6588* 3) Peeling off non-partial delivery; move pd_lobby to receive_queue.6589*/6590skb_queue_head_init(&newsp->pd_lobby);6591atomic_set(&sctp_sk(newsk)->pd_mode, assoc->ulpq.pd_mode);65926593if (atomic_read(&sctp_sk(oldsk)->pd_mode)) {6594struct sk_buff_head *queue;65956596/* Decide which queue to move pd_lobby skbs to. */6597if (assoc->ulpq.pd_mode) {6598queue = &newsp->pd_lobby;6599} else6600queue = &newsk->sk_receive_queue;66016602/* Walk through the pd_lobby, looking for skbs that6603* need moved to the new socket.6604*/6605sctp_skb_for_each(skb, &oldsp->pd_lobby, tmp) {6606event = sctp_skb2event(skb);6607if (event->asoc == assoc) {6608__skb_unlink(skb, &oldsp->pd_lobby);6609__skb_queue_tail(queue, skb);6610sctp_skb_set_owner_r_frag(skb, newsk);6611}6612}66136614/* Clear up any skbs waiting for the partial6615* delivery to finish.6616*/6617if (assoc->ulpq.pd_mode)6618sctp_clear_pd(oldsk, NULL);66196620}66216622sctp_skb_for_each(skb, &assoc->ulpq.reasm, tmp)6623sctp_skb_set_owner_r_frag(skb, newsk);66246625sctp_skb_for_each(skb, &assoc->ulpq.lobby, tmp)6626sctp_skb_set_owner_r_frag(skb, newsk);66276628/* Set the type of socket to indicate that it is peeled off from the6629* original UDP-style socket or created with the accept() call on a6630* TCP-style socket..6631*/6632newsp->type = type;66336634/* Mark the new socket "in-use" by the user so that any packets6635* that may arrive on the association after we've moved it are6636* queued to the backlog. This prevents a potential race between6637* backlog processing on the old socket and new-packet processing6638* on the new socket.6639*6640* The caller has just allocated newsk so we can guarantee that other6641* paths won't try to lock it and then oldsk.6642*/6643lock_sock_nested(newsk, SINGLE_DEPTH_NESTING);6644sctp_assoc_migrate(assoc, newsk);66456646/* If the association on the newsk is already closed before accept()6647* is called, set RCV_SHUTDOWN flag.6648*/6649if (sctp_state(assoc, CLOSED) && sctp_style(newsk, TCP))6650newsk->sk_shutdown |= RCV_SHUTDOWN;66516652newsk->sk_state = SCTP_SS_ESTABLISHED;6653sctp_release_sock(newsk);6654}665566566657/* This proto struct describes the ULP interface for SCTP. */6658struct proto sctp_prot = {6659.name = "SCTP",6660.owner = THIS_MODULE,6661.close = sctp_close,6662.connect = sctp_connect,6663.disconnect = sctp_disconnect,6664.accept = sctp_accept,6665.ioctl = sctp_ioctl,6666.init = sctp_init_sock,6667.destroy = sctp_destroy_sock,6668.shutdown = sctp_shutdown,6669.setsockopt = sctp_setsockopt,6670.getsockopt = sctp_getsockopt,6671.sendmsg = sctp_sendmsg,6672.recvmsg = sctp_recvmsg,6673.bind = sctp_bind,6674.backlog_rcv = sctp_backlog_rcv,6675.hash = sctp_hash,6676.unhash = sctp_unhash,6677.get_port = sctp_get_port,6678.obj_size = sizeof(struct sctp_sock),6679.sysctl_mem = sysctl_sctp_mem,6680.sysctl_rmem = sysctl_sctp_rmem,6681.sysctl_wmem = sysctl_sctp_wmem,6682.memory_pressure = &sctp_memory_pressure,6683.enter_memory_pressure = sctp_enter_memory_pressure,6684.memory_allocated = &sctp_memory_allocated,6685.sockets_allocated = &sctp_sockets_allocated,6686};66876688#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)66896690struct proto sctpv6_prot = {6691.name = "SCTPv6",6692.owner = THIS_MODULE,6693.close = sctp_close,6694.connect = sctp_connect,6695.disconnect = sctp_disconnect,6696.accept = sctp_accept,6697.ioctl = sctp_ioctl,6698.init = sctp_init_sock,6699.destroy = sctp_destroy_sock,6700.shutdown = sctp_shutdown,6701.setsockopt = sctp_setsockopt,6702.getsockopt = sctp_getsockopt,6703.sendmsg = sctp_sendmsg,6704.recvmsg = sctp_recvmsg,6705.bind = sctp_bind,6706.backlog_rcv = sctp_backlog_rcv,6707.hash = sctp_hash,6708.unhash = sctp_unhash,6709.get_port = sctp_get_port,6710.obj_size = sizeof(struct sctp6_sock),6711.sysctl_mem = sysctl_sctp_mem,6712.sysctl_rmem = sysctl_sctp_rmem,6713.sysctl_wmem = sysctl_sctp_wmem,6714.memory_pressure = &sctp_memory_pressure,6715.enter_memory_pressure = sctp_enter_memory_pressure,6716.memory_allocated = &sctp_memory_allocated,6717.sockets_allocated = &sctp_sockets_allocated,6718};6719#endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */672067216722