18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 28c2ecf20Sopenharmony_ci/* SCTP kernel implementation 38c2ecf20Sopenharmony_ci * Copyright (c) 1999-2000 Cisco, Inc. 48c2ecf20Sopenharmony_ci * Copyright (c) 1999-2001 Motorola, Inc. 58c2ecf20Sopenharmony_ci * Copyright (c) 2002 International Business Machines, Corp. 68c2ecf20Sopenharmony_ci * 78c2ecf20Sopenharmony_ci * This file is part of the SCTP kernel implementation 88c2ecf20Sopenharmony_ci * 98c2ecf20Sopenharmony_ci * These functions are the methods for accessing the SCTP inqueue. 108c2ecf20Sopenharmony_ci * 118c2ecf20Sopenharmony_ci * An SCTP inqueue is a queue into which you push SCTP packets 128c2ecf20Sopenharmony_ci * (which might be bundles or fragments of chunks) and out of which you 138c2ecf20Sopenharmony_ci * pop SCTP whole chunks. 148c2ecf20Sopenharmony_ci * 158c2ecf20Sopenharmony_ci * Please send any bug reports or fixes you make to the 168c2ecf20Sopenharmony_ci * email address(es): 178c2ecf20Sopenharmony_ci * lksctp developers <linux-sctp@vger.kernel.org> 188c2ecf20Sopenharmony_ci * 198c2ecf20Sopenharmony_ci * Written or modified by: 208c2ecf20Sopenharmony_ci * La Monte H.P. Yarroll <piggy@acm.org> 218c2ecf20Sopenharmony_ci * Karl Knutson <karl@athena.chicago.il.us> 228c2ecf20Sopenharmony_ci */ 238c2ecf20Sopenharmony_ci 248c2ecf20Sopenharmony_ci#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 258c2ecf20Sopenharmony_ci 268c2ecf20Sopenharmony_ci#include <net/sctp/sctp.h> 278c2ecf20Sopenharmony_ci#include <net/sctp/sm.h> 288c2ecf20Sopenharmony_ci#include <linux/interrupt.h> 298c2ecf20Sopenharmony_ci#include <linux/slab.h> 308c2ecf20Sopenharmony_ci 318c2ecf20Sopenharmony_ci/* Initialize an SCTP inqueue. */ 328c2ecf20Sopenharmony_civoid sctp_inq_init(struct sctp_inq *queue) 338c2ecf20Sopenharmony_ci{ 348c2ecf20Sopenharmony_ci INIT_LIST_HEAD(&queue->in_chunk_list); 358c2ecf20Sopenharmony_ci queue->in_progress = NULL; 368c2ecf20Sopenharmony_ci 378c2ecf20Sopenharmony_ci /* Create a task for delivering data. */ 388c2ecf20Sopenharmony_ci INIT_WORK(&queue->immediate, NULL); 398c2ecf20Sopenharmony_ci} 408c2ecf20Sopenharmony_ci 418c2ecf20Sopenharmony_ci/* Release the memory associated with an SCTP inqueue. */ 428c2ecf20Sopenharmony_civoid sctp_inq_free(struct sctp_inq *queue) 438c2ecf20Sopenharmony_ci{ 448c2ecf20Sopenharmony_ci struct sctp_chunk *chunk, *tmp; 458c2ecf20Sopenharmony_ci 468c2ecf20Sopenharmony_ci /* Empty the queue. */ 478c2ecf20Sopenharmony_ci list_for_each_entry_safe(chunk, tmp, &queue->in_chunk_list, list) { 488c2ecf20Sopenharmony_ci list_del_init(&chunk->list); 498c2ecf20Sopenharmony_ci sctp_chunk_free(chunk); 508c2ecf20Sopenharmony_ci } 518c2ecf20Sopenharmony_ci 528c2ecf20Sopenharmony_ci /* If there is a packet which is currently being worked on, 538c2ecf20Sopenharmony_ci * free it as well. 548c2ecf20Sopenharmony_ci */ 558c2ecf20Sopenharmony_ci if (queue->in_progress) { 568c2ecf20Sopenharmony_ci sctp_chunk_free(queue->in_progress); 578c2ecf20Sopenharmony_ci queue->in_progress = NULL; 588c2ecf20Sopenharmony_ci } 598c2ecf20Sopenharmony_ci} 608c2ecf20Sopenharmony_ci 618c2ecf20Sopenharmony_ci/* Put a new packet in an SCTP inqueue. 628c2ecf20Sopenharmony_ci * We assume that packet->sctp_hdr is set and in host byte order. 638c2ecf20Sopenharmony_ci */ 648c2ecf20Sopenharmony_civoid sctp_inq_push(struct sctp_inq *q, struct sctp_chunk *chunk) 658c2ecf20Sopenharmony_ci{ 668c2ecf20Sopenharmony_ci /* Directly call the packet handling routine. */ 678c2ecf20Sopenharmony_ci if (chunk->rcvr->dead) { 688c2ecf20Sopenharmony_ci sctp_chunk_free(chunk); 698c2ecf20Sopenharmony_ci return; 708c2ecf20Sopenharmony_ci } 718c2ecf20Sopenharmony_ci 728c2ecf20Sopenharmony_ci /* We are now calling this either from the soft interrupt 738c2ecf20Sopenharmony_ci * or from the backlog processing. 748c2ecf20Sopenharmony_ci * Eventually, we should clean up inqueue to not rely 758c2ecf20Sopenharmony_ci * on the BH related data structures. 768c2ecf20Sopenharmony_ci */ 778c2ecf20Sopenharmony_ci list_add_tail(&chunk->list, &q->in_chunk_list); 788c2ecf20Sopenharmony_ci if (chunk->asoc) 798c2ecf20Sopenharmony_ci chunk->asoc->stats.ipackets++; 808c2ecf20Sopenharmony_ci q->immediate.func(&q->immediate); 818c2ecf20Sopenharmony_ci} 828c2ecf20Sopenharmony_ci 838c2ecf20Sopenharmony_ci/* Peek at the next chunk on the inqeue. */ 848c2ecf20Sopenharmony_cistruct sctp_chunkhdr *sctp_inq_peek(struct sctp_inq *queue) 858c2ecf20Sopenharmony_ci{ 868c2ecf20Sopenharmony_ci struct sctp_chunk *chunk; 878c2ecf20Sopenharmony_ci struct sctp_chunkhdr *ch = NULL; 888c2ecf20Sopenharmony_ci 898c2ecf20Sopenharmony_ci chunk = queue->in_progress; 908c2ecf20Sopenharmony_ci /* If there is no more chunks in this packet, say so */ 918c2ecf20Sopenharmony_ci if (chunk->singleton || 928c2ecf20Sopenharmony_ci chunk->end_of_packet || 938c2ecf20Sopenharmony_ci chunk->pdiscard) 948c2ecf20Sopenharmony_ci return NULL; 958c2ecf20Sopenharmony_ci 968c2ecf20Sopenharmony_ci ch = (struct sctp_chunkhdr *)chunk->chunk_end; 978c2ecf20Sopenharmony_ci 988c2ecf20Sopenharmony_ci return ch; 998c2ecf20Sopenharmony_ci} 1008c2ecf20Sopenharmony_ci 1018c2ecf20Sopenharmony_ci 1028c2ecf20Sopenharmony_ci/* Extract a chunk from an SCTP inqueue. 1038c2ecf20Sopenharmony_ci * 1048c2ecf20Sopenharmony_ci * WARNING: If you need to put the chunk on another queue, you need to 1058c2ecf20Sopenharmony_ci * make a shallow copy (clone) of it. 1068c2ecf20Sopenharmony_ci */ 1078c2ecf20Sopenharmony_cistruct sctp_chunk *sctp_inq_pop(struct sctp_inq *queue) 1088c2ecf20Sopenharmony_ci{ 1098c2ecf20Sopenharmony_ci struct sctp_chunk *chunk; 1108c2ecf20Sopenharmony_ci struct sctp_chunkhdr *ch = NULL; 1118c2ecf20Sopenharmony_ci 1128c2ecf20Sopenharmony_ci /* The assumption is that we are safe to process the chunks 1138c2ecf20Sopenharmony_ci * at this time. 1148c2ecf20Sopenharmony_ci */ 1158c2ecf20Sopenharmony_ci 1168c2ecf20Sopenharmony_ci chunk = queue->in_progress; 1178c2ecf20Sopenharmony_ci if (chunk) { 1188c2ecf20Sopenharmony_ci /* There is a packet that we have been working on. 1198c2ecf20Sopenharmony_ci * Any post processing work to do before we move on? 1208c2ecf20Sopenharmony_ci */ 1218c2ecf20Sopenharmony_ci if (chunk->singleton || 1228c2ecf20Sopenharmony_ci chunk->end_of_packet || 1238c2ecf20Sopenharmony_ci chunk->pdiscard) { 1248c2ecf20Sopenharmony_ci if (chunk->head_skb == chunk->skb) { 1258c2ecf20Sopenharmony_ci chunk->skb = skb_shinfo(chunk->skb)->frag_list; 1268c2ecf20Sopenharmony_ci goto new_skb; 1278c2ecf20Sopenharmony_ci } 1288c2ecf20Sopenharmony_ci if (chunk->skb->next) { 1298c2ecf20Sopenharmony_ci chunk->skb = chunk->skb->next; 1308c2ecf20Sopenharmony_ci goto new_skb; 1318c2ecf20Sopenharmony_ci } 1328c2ecf20Sopenharmony_ci 1338c2ecf20Sopenharmony_ci if (chunk->head_skb) 1348c2ecf20Sopenharmony_ci chunk->skb = chunk->head_skb; 1358c2ecf20Sopenharmony_ci sctp_chunk_free(chunk); 1368c2ecf20Sopenharmony_ci chunk = queue->in_progress = NULL; 1378c2ecf20Sopenharmony_ci } else { 1388c2ecf20Sopenharmony_ci /* Nothing to do. Next chunk in the packet, please. */ 1398c2ecf20Sopenharmony_ci ch = (struct sctp_chunkhdr *)chunk->chunk_end; 1408c2ecf20Sopenharmony_ci /* Force chunk->skb->data to chunk->chunk_end. */ 1418c2ecf20Sopenharmony_ci skb_pull(chunk->skb, chunk->chunk_end - chunk->skb->data); 1428c2ecf20Sopenharmony_ci /* We are guaranteed to pull a SCTP header. */ 1438c2ecf20Sopenharmony_ci } 1448c2ecf20Sopenharmony_ci } 1458c2ecf20Sopenharmony_ci 1468c2ecf20Sopenharmony_ci /* Do we need to take the next packet out of the queue to process? */ 1478c2ecf20Sopenharmony_ci if (!chunk) { 1488c2ecf20Sopenharmony_ci struct list_head *entry; 1498c2ecf20Sopenharmony_ci 1508c2ecf20Sopenharmony_cinext_chunk: 1518c2ecf20Sopenharmony_ci /* Is the queue empty? */ 1528c2ecf20Sopenharmony_ci entry = sctp_list_dequeue(&queue->in_chunk_list); 1538c2ecf20Sopenharmony_ci if (!entry) 1548c2ecf20Sopenharmony_ci return NULL; 1558c2ecf20Sopenharmony_ci 1568c2ecf20Sopenharmony_ci chunk = list_entry(entry, struct sctp_chunk, list); 1578c2ecf20Sopenharmony_ci 1588c2ecf20Sopenharmony_ci if (skb_is_gso(chunk->skb) && skb_is_gso_sctp(chunk->skb)) { 1598c2ecf20Sopenharmony_ci /* GSO-marked skbs but without frags, handle 1608c2ecf20Sopenharmony_ci * them normally 1618c2ecf20Sopenharmony_ci */ 1628c2ecf20Sopenharmony_ci if (skb_shinfo(chunk->skb)->frag_list) 1638c2ecf20Sopenharmony_ci chunk->head_skb = chunk->skb; 1648c2ecf20Sopenharmony_ci 1658c2ecf20Sopenharmony_ci /* skbs with "cover letter" */ 1668c2ecf20Sopenharmony_ci if (chunk->head_skb && chunk->skb->data_len == chunk->skb->len) 1678c2ecf20Sopenharmony_ci chunk->skb = skb_shinfo(chunk->skb)->frag_list; 1688c2ecf20Sopenharmony_ci 1698c2ecf20Sopenharmony_ci if (WARN_ON(!chunk->skb)) { 1708c2ecf20Sopenharmony_ci __SCTP_INC_STATS(dev_net(chunk->skb->dev), SCTP_MIB_IN_PKT_DISCARDS); 1718c2ecf20Sopenharmony_ci sctp_chunk_free(chunk); 1728c2ecf20Sopenharmony_ci goto next_chunk; 1738c2ecf20Sopenharmony_ci } 1748c2ecf20Sopenharmony_ci } 1758c2ecf20Sopenharmony_ci 1768c2ecf20Sopenharmony_ci if (chunk->asoc) 1778c2ecf20Sopenharmony_ci sock_rps_save_rxhash(chunk->asoc->base.sk, chunk->skb); 1788c2ecf20Sopenharmony_ci 1798c2ecf20Sopenharmony_ci queue->in_progress = chunk; 1808c2ecf20Sopenharmony_ci 1818c2ecf20Sopenharmony_cinew_skb: 1828c2ecf20Sopenharmony_ci /* This is the first chunk in the packet. */ 1838c2ecf20Sopenharmony_ci ch = (struct sctp_chunkhdr *)chunk->skb->data; 1848c2ecf20Sopenharmony_ci chunk->singleton = 1; 1858c2ecf20Sopenharmony_ci chunk->data_accepted = 0; 1868c2ecf20Sopenharmony_ci chunk->pdiscard = 0; 1878c2ecf20Sopenharmony_ci chunk->auth = 0; 1888c2ecf20Sopenharmony_ci chunk->has_asconf = 0; 1898c2ecf20Sopenharmony_ci chunk->end_of_packet = 0; 1908c2ecf20Sopenharmony_ci if (chunk->head_skb) { 1918c2ecf20Sopenharmony_ci struct sctp_input_cb 1928c2ecf20Sopenharmony_ci *cb = SCTP_INPUT_CB(chunk->skb), 1938c2ecf20Sopenharmony_ci *head_cb = SCTP_INPUT_CB(chunk->head_skb); 1948c2ecf20Sopenharmony_ci 1958c2ecf20Sopenharmony_ci cb->chunk = head_cb->chunk; 1968c2ecf20Sopenharmony_ci cb->af = head_cb->af; 1978c2ecf20Sopenharmony_ci } 1988c2ecf20Sopenharmony_ci } 1998c2ecf20Sopenharmony_ci 2008c2ecf20Sopenharmony_ci chunk->chunk_hdr = ch; 2018c2ecf20Sopenharmony_ci chunk->chunk_end = ((__u8 *)ch) + SCTP_PAD4(ntohs(ch->length)); 2028c2ecf20Sopenharmony_ci skb_pull(chunk->skb, sizeof(*ch)); 2038c2ecf20Sopenharmony_ci chunk->subh.v = NULL; /* Subheader is no longer valid. */ 2048c2ecf20Sopenharmony_ci 2058c2ecf20Sopenharmony_ci if (chunk->chunk_end + sizeof(*ch) <= skb_tail_pointer(chunk->skb)) { 2068c2ecf20Sopenharmony_ci /* This is not a singleton */ 2078c2ecf20Sopenharmony_ci chunk->singleton = 0; 2088c2ecf20Sopenharmony_ci } else if (chunk->chunk_end > skb_tail_pointer(chunk->skb)) { 2098c2ecf20Sopenharmony_ci /* Discard inside state machine. */ 2108c2ecf20Sopenharmony_ci chunk->pdiscard = 1; 2118c2ecf20Sopenharmony_ci chunk->chunk_end = skb_tail_pointer(chunk->skb); 2128c2ecf20Sopenharmony_ci } else { 2138c2ecf20Sopenharmony_ci /* We are at the end of the packet, so mark the chunk 2148c2ecf20Sopenharmony_ci * in case we need to send a SACK. 2158c2ecf20Sopenharmony_ci */ 2168c2ecf20Sopenharmony_ci chunk->end_of_packet = 1; 2178c2ecf20Sopenharmony_ci } 2188c2ecf20Sopenharmony_ci 2198c2ecf20Sopenharmony_ci pr_debug("+++sctp_inq_pop+++ chunk:%p[%s], length:%d, skb->len:%d\n", 2208c2ecf20Sopenharmony_ci chunk, sctp_cname(SCTP_ST_CHUNK(chunk->chunk_hdr->type)), 2218c2ecf20Sopenharmony_ci ntohs(chunk->chunk_hdr->length), chunk->skb->len); 2228c2ecf20Sopenharmony_ci 2238c2ecf20Sopenharmony_ci return chunk; 2248c2ecf20Sopenharmony_ci} 2258c2ecf20Sopenharmony_ci 2268c2ecf20Sopenharmony_ci/* Set a top-half handler. 2278c2ecf20Sopenharmony_ci * 2288c2ecf20Sopenharmony_ci * Originally, we the top-half handler was scheduled as a BH. We now 2298c2ecf20Sopenharmony_ci * call the handler directly in sctp_inq_push() at a time that 2308c2ecf20Sopenharmony_ci * we know we are lock safe. 2318c2ecf20Sopenharmony_ci * The intent is that this routine will pull stuff out of the 2328c2ecf20Sopenharmony_ci * inqueue and process it. 2338c2ecf20Sopenharmony_ci */ 2348c2ecf20Sopenharmony_civoid sctp_inq_set_th_handler(struct sctp_inq *q, work_func_t callback) 2358c2ecf20Sopenharmony_ci{ 2368c2ecf20Sopenharmony_ci INIT_WORK(&q->immediate, callback); 2378c2ecf20Sopenharmony_ci} 238