search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
arcmsr(4): Use MSI if it is supported by the device.
[dragonfly.git] / sys / netinet / sctputil.c
blob00f6d52536744316a54b8825e4a2b5398f7f8a5b
1 /* $KAME: sctputil.c,v 1.36 2005/03/06 16:04:19 itojun Exp $ */
2
3 /*
4 * Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 * must display the following acknowledgement:
17 * This product includes software developed by Cisco Systems, Inc.
18 * 4. Neither the name of the project nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY CISCO SYSTEMS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL CISCO SYSTEMS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 */
34
35 #if !(defined(__OpenBSD__) || defined(__APPLE__))
36 #include "opt_ipsec.h"
37 #endif
38 #if defined(__FreeBSD__) || defined(__DragonFly__)
39 #include "opt_compat.h"
40 #include "opt_inet6.h"
41 #include "opt_inet.h"
42 #if !(defined(SCTP_BASE_FREEBSD) || defined(__DragonFly__))
43 #include "opt_mpath.h"
44 #endif /* SCTP_BASE_FREEBSD || __DragonFly__ */
45 #endif /* FreeBSD */
46 #if defined(__NetBSD__)
47 #include "opt_inet.h"
48 #endif
49 #ifdef __APPLE__
50 #include <sctp.h>
51 #elif !defined(__OpenBSD__)
52 #include "opt_sctp.h"
53 #endif
54
55 #include <sys/param.h>
56 #include <sys/systm.h>
57 #include <sys/malloc.h>
58 #include <sys/mbuf.h>
59 #include <sys/domain.h>
60 #include <sys/protosw.h>
61 #include <sys/socket.h>
62 #include <sys/socketvar.h>
63 #include <sys/proc.h>
64 #include <sys/kernel.h>
65 #include <sys/sysctl.h>
66 #include <sys/thread2.h>
67
68 #if defined(__FreeBSD__) || defined(__DragonFly__)
69 #include <sys/callout.h>
70 #else
71 #include <netinet/sctp_callout.h> /* for callout_active() */
72 #endif
73
74 #include <net/radix.h>
75 #include <net/route.h>
76
77 #ifdef INET6
78 #ifndef __OpenBSD__
79 #include <sys/domain.h>
80 #endif
81 #endif
82
83 #if (defined(__FreeBSD__) && __FreeBSD_version >= 500000)
84 #include <sys/limits.h>
85 #else
86 #include <machine/limits.h>
87 #endif
88
89 #include <net/if.h>
90 #include <net/if_types.h>
91 #include <net/route.h>
92
93 #include <netinet/in.h>
94 #include <netinet/in_systm.h>
95 #include <netinet/ip.h>
96 #include <netinet/in_pcb.h>
97 #include <netinet/in_var.h>
98 #include <netinet/ip_var.h>
99
100 #ifdef INET6
101 #include <netinet/ip6.h>
102 #include <netinet6/ip6_var.h>
103
104 #if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__APPLE__) || defined(__DragonFly_)
105 #include <netinet6/in6_pcb.h>
106 #elif defined(__OpenBSD__)
107 #include <netinet/in_pcb.h>
108 #endif
109
110 #endif /* INET6 */
111
112 #include <netinet/sctp_pcb.h>
113
114 #ifdef IPSEC
115 #ifndef __OpenBSD__
116 #include <netinet6/ipsec.h>
117 #include <netproto/key/key.h>
118 #else
119 #undef IPSEC
120 #endif
121 #endif /* IPSEC */
122
123 #include <netinet/sctputil.h>
124 #include <netinet/sctp_var.h>
125 #ifdef INET6
126 #include <netinet6/sctp6_var.h>
127 #endif
128 #include <netinet/sctp_header.h>
129 #include <netinet/sctp_output.h>
130 #include <netinet/sctp_hashdriver.h>
131 #include <netinet/sctp_uio.h>
132 #include <netinet/sctp_timer.h>
133 #include <netinet/sctp_crc32.h>
134 #include <netinet/sctp_indata.h> /* for sctp_deliver_data() */
135 #define NUMBER_OF_MTU_SIZES 18
136
137 #ifdef SCTP_DEBUG
138 extern u_int32_t sctp_debug_on;
139 #endif
140
141 #ifdef SCTP_STAT_LOGGING
142 int sctp_cwnd_log_at=0;
143 int sctp_cwnd_log_rolled=0;
144 struct sctp_cwnd_log sctp_clog[SCTP_STAT_LOG_SIZE];
145
146 void
147 sctp_clr_stat_log(void)
148 {
149 sctp_cwnd_log_at=0;
150 sctp_cwnd_log_rolled=0;
151 }
152
153 void
154 sctp_log_strm_del_alt(u_int32_t tsn, u_int16_t sseq, int from)
155 {
156
157 sctp_clog[sctp_cwnd_log_at].from = (u_int8_t)from;
158 sctp_clog[sctp_cwnd_log_at].event_type = (u_int8_t)SCTP_LOG_EVENT_STRM;
159 sctp_clog[sctp_cwnd_log_at].x.strlog.n_tsn = tsn;
160 sctp_clog[sctp_cwnd_log_at].x.strlog.n_sseq = sseq;
161 sctp_clog[sctp_cwnd_log_at].x.strlog.e_tsn = 0;
162 sctp_clog[sctp_cwnd_log_at].x.strlog.e_sseq = 0;
163 sctp_cwnd_log_at++;
164 if (sctp_cwnd_log_at >= SCTP_STAT_LOG_SIZE) {
165 sctp_cwnd_log_at = 0;
166 sctp_cwnd_log_rolled = 1;
167 }
168
169
170 }
171
172 void
173 sctp_log_map(uint32_t map, uint32_t cum, uint32_t high, int from)
174 {
175
176 sctp_clog[sctp_cwnd_log_at].from = (u_int8_t)from;
177 sctp_clog[sctp_cwnd_log_at].event_type = (u_int8_t)SCTP_LOG_EVENT_MAP;
178 sctp_clog[sctp_cwnd_log_at].x.map.base = map;
179 sctp_clog[sctp_cwnd_log_at].x.map.cum = cum;
180 sctp_clog[sctp_cwnd_log_at].x.map.high = high;
181 sctp_cwnd_log_at++;
182 if (sctp_cwnd_log_at >= SCTP_STAT_LOG_SIZE) {
183 sctp_cwnd_log_at = 0;
184 sctp_cwnd_log_rolled = 1;
185 }
186 }
187
188 void
189 sctp_log_fr(uint32_t biggest_tsn, uint32_t biggest_new_tsn, uint32_t tsn,
190 int from)
191 {
192
193 sctp_clog[sctp_cwnd_log_at].from = (u_int8_t)from;
194 sctp_clog[sctp_cwnd_log_at].event_type = (u_int8_t)SCTP_LOG_EVENT_FR;
195 sctp_clog[sctp_cwnd_log_at].x.fr.largest_tsn = biggest_tsn;
196 sctp_clog[sctp_cwnd_log_at].x.fr.largest_new_tsn = biggest_new_tsn;
197 sctp_clog[sctp_cwnd_log_at].x.fr.tsn = tsn;
198 sctp_cwnd_log_at++;
199 if (sctp_cwnd_log_at >= SCTP_STAT_LOG_SIZE) {
200 sctp_cwnd_log_at = 0;
201 sctp_cwnd_log_rolled = 1;
202 }
203 }
204
205 void
206 sctp_log_strm_del(struct sctp_tmit_chunk *chk, struct sctp_tmit_chunk *poschk,
207 int from)
208 {
209
210 if (chk == NULL) {
211 kprintf("Gak log of NULL?\n");
212 return;
213 }
214 sctp_clog[sctp_cwnd_log_at].from = (u_int8_t)from;
215 sctp_clog[sctp_cwnd_log_at].event_type = (u_int8_t)SCTP_LOG_EVENT_STRM;
216 sctp_clog[sctp_cwnd_log_at].x.strlog.n_tsn = chk->rec.data.TSN_seq;
217 sctp_clog[sctp_cwnd_log_at].x.strlog.n_sseq = chk->rec.data.stream_seq;
218 if (poschk != NULL) {
219 sctp_clog[sctp_cwnd_log_at].x.strlog.e_tsn =
220 poschk->rec.data.TSN_seq;
221 sctp_clog[sctp_cwnd_log_at].x.strlog.e_sseq =
222 poschk->rec.data.stream_seq;
223 } else {
224 sctp_clog[sctp_cwnd_log_at].x.strlog.e_tsn = 0;
225 sctp_clog[sctp_cwnd_log_at].x.strlog.e_sseq = 0;
226 }
227 sctp_cwnd_log_at++;
228 if (sctp_cwnd_log_at >= SCTP_STAT_LOG_SIZE) {
229 sctp_cwnd_log_at = 0;
230 sctp_cwnd_log_rolled = 1;
231 }
232 }
233
234 void
235 sctp_log_cwnd(struct sctp_nets *net, int augment, uint8_t from)
236 {
237
238 sctp_clog[sctp_cwnd_log_at].from = (u_int8_t)from;
239 sctp_clog[sctp_cwnd_log_at].event_type = (u_int8_t)SCTP_LOG_EVENT_CWND;
240 sctp_clog[sctp_cwnd_log_at].x.cwnd.net = net;
241 sctp_clog[sctp_cwnd_log_at].x.cwnd.cwnd_new_value = net->cwnd;
242 sctp_clog[sctp_cwnd_log_at].x.cwnd.inflight = net->flight_size;
243 sctp_clog[sctp_cwnd_log_at].x.cwnd.cwnd_augment = augment;
244 sctp_cwnd_log_at++;
245 if (sctp_cwnd_log_at >= SCTP_STAT_LOG_SIZE) {
246 sctp_cwnd_log_at = 0;
247 sctp_cwnd_log_rolled = 1;
248 }
249 }
250
251 void
252 sctp_log_maxburst(struct sctp_nets *net, int error, int burst, uint8_t from)
253 {
254 sctp_clog[sctp_cwnd_log_at].from = (u_int8_t)from;
255 sctp_clog[sctp_cwnd_log_at].event_type = (u_int8_t)SCTP_LOG_EVENT_MAXBURST;
256 sctp_clog[sctp_cwnd_log_at].x.cwnd.net = net;
257 sctp_clog[sctp_cwnd_log_at].x.cwnd.cwnd_new_value = error;
258 sctp_clog[sctp_cwnd_log_at].x.cwnd.inflight = net->flight_size;
259 sctp_clog[sctp_cwnd_log_at].x.cwnd.cwnd_augment = burst;
260 sctp_cwnd_log_at++;
261 if (sctp_cwnd_log_at >= SCTP_STAT_LOG_SIZE) {
262 sctp_cwnd_log_at = 0;
263 sctp_cwnd_log_rolled = 1;
264 }
265 }
266
267 void
268 sctp_log_rwnd(uint8_t from, u_int32_t peers_rwnd , u_int32_t snd_size, u_int32_t overhead)
269 {
270 sctp_clog[sctp_cwnd_log_at].from = (u_int8_t)from;
271 sctp_clog[sctp_cwnd_log_at].event_type = (u_int8_t)SCTP_LOG_EVENT_RWND;
272 sctp_clog[sctp_cwnd_log_at].x.rwnd.rwnd = peers_rwnd;
273 sctp_clog[sctp_cwnd_log_at].x.rwnd.send_size = snd_size;
274 sctp_clog[sctp_cwnd_log_at].x.rwnd.overhead = overhead;
275 sctp_clog[sctp_cwnd_log_at].x.rwnd.new_rwnd = 0;
276 sctp_cwnd_log_at++;
277 if (sctp_cwnd_log_at >= SCTP_STAT_LOG_SIZE) {
278 sctp_cwnd_log_at = 0;
279 sctp_cwnd_log_rolled = 1;
280 }
281 }
282
283 void
284 sctp_log_rwnd_set(uint8_t from, u_int32_t peers_rwnd , u_int32_t flight_size, u_int32_t overhead, u_int32_t a_rwndval)
285 {
286 sctp_clog[sctp_cwnd_log_at].from = (u_int8_t)from;
287 sctp_clog[sctp_cwnd_log_at].event_type = (u_int8_t)SCTP_LOG_EVENT_RWND;
288 sctp_clog[sctp_cwnd_log_at].x.rwnd.rwnd = peers_rwnd;
289 sctp_clog[sctp_cwnd_log_at].x.rwnd.send_size = flight_size;
290 sctp_clog[sctp_cwnd_log_at].x.rwnd.overhead = overhead;
291 sctp_clog[sctp_cwnd_log_at].x.rwnd.new_rwnd = a_rwndval;
292 sctp_cwnd_log_at++;
293 if (sctp_cwnd_log_at >= SCTP_STAT_LOG_SIZE) {
294 sctp_cwnd_log_at = 0;
295 sctp_cwnd_log_rolled = 1;
296 }
297 }
298
299 void
300 sctp_log_mbcnt(uint8_t from, u_int32_t total_oq , u_int32_t book, u_int32_t total_mbcnt_q, u_int32_t mbcnt)
301 {
302 sctp_clog[sctp_cwnd_log_at].from = (u_int8_t)from;
303 sctp_clog[sctp_cwnd_log_at].event_type = (u_int8_t)SCTP_LOG_EVENT_MBCNT;
304 sctp_clog[sctp_cwnd_log_at].x.mbcnt.total_queue_size = total_oq;
305 sctp_clog[sctp_cwnd_log_at].x.mbcnt.size_change = book;
306 sctp_clog[sctp_cwnd_log_at].x.mbcnt.total_queue_mb_size = total_mbcnt_q;
307 sctp_clog[sctp_cwnd_log_at].x.mbcnt.mbcnt_change = mbcnt;
308 sctp_cwnd_log_at++;
309 if (sctp_cwnd_log_at >= SCTP_STAT_LOG_SIZE) {
310 sctp_cwnd_log_at = 0;
311 sctp_cwnd_log_rolled = 1;
312 }
313 }
314
315 void
316 sctp_log_block(uint8_t from, struct socket *so, struct sctp_association *asoc)
317 {
318
319 sctp_clog[sctp_cwnd_log_at].from = (u_int8_t)from;
320 sctp_clog[sctp_cwnd_log_at].event_type = (u_int8_t)SCTP_LOG_EVENT_BLOCK;
321 sctp_clog[sctp_cwnd_log_at].x.blk.maxmb = (u_int16_t)(so->so_snd.ssb_mbmax/1024);
322 sctp_clog[sctp_cwnd_log_at].x.blk.onmb = asoc->total_output_mbuf_queue_size;
323 sctp_clog[sctp_cwnd_log_at].x.blk.maxsb = (u_int16_t)(so->so_snd.ssb_hiwat/1024);
324 sctp_clog[sctp_cwnd_log_at].x.blk.onsb = asoc->total_output_queue_size;
325 sctp_clog[sctp_cwnd_log_at].x.blk.send_sent_qcnt = (u_int16_t)(asoc->send_queue_cnt + asoc->sent_queue_cnt);
326 sctp_clog[sctp_cwnd_log_at].x.blk.stream_qcnt = (u_int16_t)asoc->stream_queue_cnt;
327 sctp_cwnd_log_at++;
328 if (sctp_cwnd_log_at >= SCTP_STAT_LOG_SIZE) {
329 sctp_cwnd_log_at = 0;
330 sctp_cwnd_log_rolled = 1;
331 }
332 }
333
334 int
335 sctp_fill_stat_log(struct mbuf *m)
336 {
337 struct sctp_cwnd_log_req *req;
338 int size_limit, num, i, at, cnt_out=0;
339
340 if (m == NULL)
341 return (EINVAL);
342
343 size_limit = (m->m_len - sizeof(struct sctp_cwnd_log_req));
344 if (size_limit < sizeof(struct sctp_cwnd_log)) {
345 return (EINVAL);
346 }
347 req = mtod(m, struct sctp_cwnd_log_req *);
348 num = size_limit/sizeof(struct sctp_cwnd_log);
349 if (sctp_cwnd_log_rolled) {
350 req->num_in_log = SCTP_STAT_LOG_SIZE;
351 } else {
352 req->num_in_log = sctp_cwnd_log_at;
353 /* if the log has not rolled, we don't
354 * let you have old data.
355 */
356 if (req->end_at > sctp_cwnd_log_at) {
357 req->end_at = sctp_cwnd_log_at;
358 }
359 }
360 if ((num < SCTP_STAT_LOG_SIZE) &&
361 ((sctp_cwnd_log_rolled) || (sctp_cwnd_log_at > num))) {
362 /* we can't return all of it */
363 if (((req->start_at == 0) && (req->end_at == 0)) ||
364 (req->start_at >= SCTP_STAT_LOG_SIZE) ||
365 (req->end_at >= SCTP_STAT_LOG_SIZE)) {
366 /* No user request or user is wacked. */
367 req->num_ret = num;
368 req->end_at = sctp_cwnd_log_at - 1;
369 if ((sctp_cwnd_log_at - num) < 0) {
370 int cc;
371 cc = num - sctp_cwnd_log_at;
372 req->start_at = SCTP_STAT_LOG_SIZE - cc;
373 } else {
374 req->start_at = sctp_cwnd_log_at - num;
375 }
376 } else {
377 /* a user request */
378 int cc;
379 if (req->start_at > req->end_at) {
380 cc = (SCTP_STAT_LOG_SIZE - req->start_at) +
381 (req->end_at + 1);
382 } else {
383
384 cc = req->end_at - req->start_at;
385 }
386 if (cc < num) {
387 num = cc;
388 }
389 req->num_ret = num;
390 }
391 } else {
392 /* We can return all of it */
393 req->start_at = 0;
394 req->end_at = sctp_cwnd_log_at - 1;
395 req->num_ret = sctp_cwnd_log_at;
396 }
397 for (i = 0, at = req->start_at; i < req->num_ret; i++) {
398 req->log[i] = sctp_clog[at];
399 cnt_out++;
400 at++;
401 if (at >= SCTP_STAT_LOG_SIZE)
402 at = 0;
403 }
404 m->m_len = (cnt_out * sizeof(struct sctp_cwnd_log_req)) + sizeof(struct sctp_cwnd_log_req);
405 return (0);
406 }
407
408 #endif
409
410 #ifdef SCTP_AUDITING_ENABLED
411 u_int8_t sctp_audit_data[SCTP_AUDIT_SIZE][2];
412 static int sctp_audit_indx = 0;
413
414 static void
415 sctp_print_audit_report(void)
416 {
417 int i;
418 int cnt;
419 cnt = 0;
420 for (i=sctp_audit_indx;i<SCTP_AUDIT_SIZE;i++) {
421 if ((sctp_audit_data[i][0] == 0xe0) &&
422 (sctp_audit_data[i][1] == 0x01)) {
423 cnt = 0;
424 kprintf("\n");
425 } else if (sctp_audit_data[i][0] == 0xf0) {
426 cnt = 0;
427 kprintf("\n");
428 } else if ((sctp_audit_data[i][0] == 0xc0) &&
429 (sctp_audit_data[i][1] == 0x01)) {
430 kprintf("\n");
431 cnt = 0;
432 }
433 kprintf("%2.2x%2.2x ", (uint32_t)sctp_audit_data[i][0],
434 (uint32_t)sctp_audit_data[i][1]);
435 cnt++;
436 if ((cnt % 14) == 0)
437 kprintf("\n");
438 }
439 for (i=0;i<sctp_audit_indx;i++) {
440 if ((sctp_audit_data[i][0] == 0xe0) &&
441 (sctp_audit_data[i][1] == 0x01)) {
442 cnt = 0;
443 kprintf("\n");
444 } else if (sctp_audit_data[i][0] == 0xf0) {
445 cnt = 0;
446 kprintf("\n");
447 } else if ((sctp_audit_data[i][0] == 0xc0) &&
448 (sctp_audit_data[i][1] == 0x01)) {
449 kprintf("\n");
450 cnt = 0;
451 }
452 kprintf("%2.2x%2.2x ", (uint32_t)sctp_audit_data[i][0],
453 (uint32_t)sctp_audit_data[i][1]);
454 cnt++;
455 if ((cnt % 14) == 0)
456 kprintf("\n");
457 }
458 kprintf("\n");
459 }
460
461 void
462 sctp_auditing(int from, struct sctp_inpcb *inp, struct sctp_tcb *stcb,
463 struct sctp_nets *net)
464 {
465 int resend_cnt, tot_out, rep, tot_book_cnt;
466 struct sctp_nets *lnet;
467 struct sctp_tmit_chunk *chk;
468
469 sctp_audit_data[sctp_audit_indx][0] = 0xAA;
470 sctp_audit_data[sctp_audit_indx][1] = 0x000000ff & from;
471 sctp_audit_indx++;
472 if (sctp_audit_indx >= SCTP_AUDIT_SIZE) {
473 sctp_audit_indx = 0;
474 }
475 if (inp == NULL) {
476 sctp_audit_data[sctp_audit_indx][0] = 0xAF;
477 sctp_audit_data[sctp_audit_indx][1] = 0x01;
478 sctp_audit_indx++;
479 if (sctp_audit_indx >= SCTP_AUDIT_SIZE) {
480 sctp_audit_indx = 0;
481 }
482 return;
483 }
484 if (stcb == NULL) {
485 sctp_audit_data[sctp_audit_indx][0] = 0xAF;
486 sctp_audit_data[sctp_audit_indx][1] = 0x02;
487 sctp_audit_indx++;
488 if (sctp_audit_indx >= SCTP_AUDIT_SIZE) {
489 sctp_audit_indx = 0;
490 }
491 return;
492 }
493 sctp_audit_data[sctp_audit_indx][0] = 0xA1;
494 sctp_audit_data[sctp_audit_indx][1] =
495 (0x000000ff & stcb->asoc.sent_queue_retran_cnt);
496 sctp_audit_indx++;
497 if (sctp_audit_indx >= SCTP_AUDIT_SIZE) {
498 sctp_audit_indx = 0;
499 }
500 rep = 0;
501 tot_book_cnt = 0;
502 resend_cnt = tot_out = 0;
503 TAILQ_FOREACH(chk, &stcb->asoc.sent_queue, sctp_next) {
504 if (chk->sent == SCTP_DATAGRAM_RESEND) {
505 resend_cnt++;
506 } else if (chk->sent < SCTP_DATAGRAM_RESEND) {
507 tot_out += chk->book_size;
508 tot_book_cnt++;
509 }
510 }
511 if (resend_cnt != stcb->asoc.sent_queue_retran_cnt) {
512 sctp_audit_data[sctp_audit_indx][0] = 0xAF;
513 sctp_audit_data[sctp_audit_indx][1] = 0xA1;
514 sctp_audit_indx++;
515 if (sctp_audit_indx >= SCTP_AUDIT_SIZE) {
516 sctp_audit_indx = 0;
517 }
518 kprintf("resend_cnt:%d asoc-tot:%d\n",
519 resend_cnt, stcb->asoc.sent_queue_retran_cnt);
520 rep = 1;
521 stcb->asoc.sent_queue_retran_cnt = resend_cnt;
522 sctp_audit_data[sctp_audit_indx][0] = 0xA2;
523 sctp_audit_data[sctp_audit_indx][1] =
524 (0x000000ff & stcb->asoc.sent_queue_retran_cnt);
525 sctp_audit_indx++;
526 if (sctp_audit_indx >= SCTP_AUDIT_SIZE) {
527 sctp_audit_indx = 0;
528 }
529 }
530 if (tot_out != stcb->asoc.total_flight) {
531 sctp_audit_data[sctp_audit_indx][0] = 0xAF;
532 sctp_audit_data[sctp_audit_indx][1] = 0xA2;
533 sctp_audit_indx++;
534 if (sctp_audit_indx >= SCTP_AUDIT_SIZE) {
535 sctp_audit_indx = 0;
536 }
537 rep = 1;
538 kprintf("tot_flt:%d asoc_tot:%d\n", tot_out,
539 (int)stcb->asoc.total_flight);
540 stcb->asoc.total_flight = tot_out;
541 }
542 if (tot_book_cnt != stcb->asoc.total_flight_count) {
543 sctp_audit_data[sctp_audit_indx][0] = 0xAF;
544 sctp_audit_data[sctp_audit_indx][1] = 0xA5;
545 sctp_audit_indx++;
546 if (sctp_audit_indx >= SCTP_AUDIT_SIZE) {
547 sctp_audit_indx = 0;
548 }
549 rep = 1;
550 kprintf("tot_flt_book:%d\n", tot_book);
551
552 stcb->asoc.total_flight_count = tot_book_cnt;
553 }
554 tot_out = 0;
555 TAILQ_FOREACH(lnet, &stcb->asoc.nets, sctp_next) {
556 tot_out += lnet->flight_size;
557 }
558 if (tot_out != stcb->asoc.total_flight) {
559 sctp_audit_data[sctp_audit_indx][0] = 0xAF;
560 sctp_audit_data[sctp_audit_indx][1] = 0xA3;
561 sctp_audit_indx++;
562 if (sctp_audit_indx >= SCTP_AUDIT_SIZE) {
563 sctp_audit_indx = 0;
564 }
565 rep = 1;
566 kprintf("real flight:%d net total was %d\n",
567 stcb->asoc.total_flight, tot_out);
568 /* now corrective action */
569 TAILQ_FOREACH(lnet, &stcb->asoc.nets, sctp_next) {
570 tot_out = 0;
571 TAILQ_FOREACH(chk, &stcb->asoc.sent_queue, sctp_next) {
572 if ((chk->whoTo == lnet) &&
573 (chk->sent < SCTP_DATAGRAM_RESEND)) {
574 tot_out += chk->book_size;
575 }
576 }
577 if (lnet->flight_size != tot_out) {
578 kprintf("net:%x flight was %d corrected to %d\n",
579 (uint32_t)lnet, lnet->flight_size, tot_out);
580 lnet->flight_size = tot_out;
581 }
582
583 }
584 }
585
586 if (rep) {
587 sctp_print_audit_report();
588 }
589 }
590
591 void
592 sctp_audit_log(u_int8_t ev, u_int8_t fd)
593 {
594 crit_enter();
595 sctp_audit_data[sctp_audit_indx][0] = ev;
596 sctp_audit_data[sctp_audit_indx][1] = fd;
597 sctp_audit_indx++;
598 if (sctp_audit_indx >= SCTP_AUDIT_SIZE) {
599 sctp_audit_indx = 0;
600 }
601 crit_exit();
602 }
603
604 #endif
605
606 /*
607 * a list of sizes based on typical mtu's, used only if next hop
608 * size not returned.
609 */
610 static int sctp_mtu_sizes[] = {
611 68,
612 296,
613 508,
614 512,
615 544,
616 576,
617 1006,
618 1492,
619 1500,
620 1536,
621 2002,
622 2048,
623 4352,
624 4464,
625 8166,
626 17914,
627 32000,
628 65535
629 };
630
631 int
632 find_next_best_mtu(int totsz)
633 {
634 int i, perfer;
635 /*
636 * if we are in here we must find the next best fit based on the
637 * size of the dg that failed to be sent.
638 */
639 perfer = 0;
640 for (i = 0; i < NUMBER_OF_MTU_SIZES; i++) {
641 if (totsz < sctp_mtu_sizes[i]) {
642 perfer = i - 1;
643 if (perfer < 0)
644 perfer = 0;
645 break;
646 }
647 }
648 return (sctp_mtu_sizes[perfer]);
649 }
650
651 void
652 sctp_fill_random_store(struct sctp_pcb *m)
653 {
654 /*
655 * Here we use the MD5/SHA-1 to hash with our good randomNumbers
656 * and our counter. The result becomes our good random numbers and
657 * we then setup to give these out. Note that we do no lockig
658 * to protect this. This is ok, since if competing folks call
659 * this we will get more gobbled gook in the random store whic
660 * is what we want. There is a danger that two guys will use
661 * the same random numbers, but thats ok too since that
662 * is random as well :->
663 */
664 m->store_at = 0;
665 sctp_hash_digest((char *)m->random_numbers, sizeof(m->random_numbers),
666 (char *)&m->random_counter, sizeof(m->random_counter),
667 (char *)m->random_store);
668 m->random_counter++;
669 }
670
671 uint32_t
672 sctp_select_initial_TSN(struct sctp_pcb *m)
673 {
674 /*
675 * A true implementation should use random selection process to
676 * get the initial stream sequence number, using RFC1750 as a
677 * good guideline
678 */
679 u_long x, *xp;
680 uint8_t *p;
681
682 if (m->initial_sequence_debug != 0) {
683 u_int32_t ret;
684 ret = m->initial_sequence_debug;
685 m->initial_sequence_debug++;
686 return (ret);
687 }
688 if ((m->store_at+sizeof(u_long)) > SCTP_SIGNATURE_SIZE) {
689 /* Refill the random store */
690 sctp_fill_random_store(m);
691 }
692 p = &m->random_store[(int)m->store_at];
693 xp = (u_long *)p;
694 x = *xp;
695 m->store_at += sizeof(u_long);
696 return (x);
697 }
698
699 u_int32_t
700 sctp_select_a_tag(struct sctp_inpcb *m)
701 {
702 u_long x, not_done;
703 struct timeval now;
704
705 SCTP_GETTIME_TIMEVAL(&now);
706 not_done = 1;
707 while (not_done) {
708 x = sctp_select_initial_TSN(&m->sctp_ep);
709 if (x == 0) {
710 /* we never use 0 */
711 continue;
712 }
713 if (sctp_is_vtag_good(m, x, &now)) {
714 not_done = 0;
715 }
716 }
717 return (x);
718 }
719
720
721 int
722 sctp_init_asoc(struct sctp_inpcb *m, struct sctp_association *asoc,
723 int for_a_init, uint32_t override_tag )
724 {
725 /*
726 * Anything set to zero is taken care of by the allocation
727 * routine's bzero
728 */
729
730 /*
731 * Up front select what scoping to apply on addresses I tell my peer
732 * Not sure what to do with these right now, we will need to come up
733 * with a way to set them. We may need to pass them through from the
734 * caller in the sctp_aloc_assoc() function.
735 */
736 int i;
737 /* init all variables to a known value.*/
738 asoc->state = SCTP_STATE_INUSE;
739 asoc->max_burst = m->sctp_ep.max_burst;
740 asoc->heart_beat_delay = m->sctp_ep.sctp_timeoutticks[SCTP_TIMER_HEARTBEAT];
741 asoc->cookie_life = m->sctp_ep.def_cookie_life;
742
743 if (override_tag) {
744 asoc->my_vtag = override_tag;
745 } else {
746 asoc->my_vtag = sctp_select_a_tag(m);
747 }
748 asoc->asconf_seq_out = asoc->str_reset_seq_out = asoc->init_seq_number = asoc->sending_seq =
749 sctp_select_initial_TSN(&m->sctp_ep);
750 asoc->t3timeout_highest_marked = asoc->asconf_seq_out;
751 /* we are opptimisitic here */
752 asoc->peer_supports_asconf = 1;
753 asoc->peer_supports_asconf_setprim = 1;
754 asoc->peer_supports_pktdrop = 1;
755
756 asoc->sent_queue_retran_cnt = 0;
757 /* This will need to be adjusted */
758 asoc->last_cwr_tsn = asoc->init_seq_number - 1;
759 asoc->last_acked_seq = asoc->init_seq_number - 1;
760 asoc->advanced_peer_ack_point = asoc->last_acked_seq;
761 asoc->asconf_seq_in = asoc->last_acked_seq;
762
763 /* here we are different, we hold the next one we expect */
764 asoc->str_reset_seq_in = asoc->last_acked_seq + 1;
765
766 asoc->initial_init_rto_max = m->sctp_ep.initial_init_rto_max;
767 asoc->initial_rto = m->sctp_ep.initial_rto;
768
769 asoc->max_init_times = m->sctp_ep.max_init_times;
770 asoc->max_send_times = m->sctp_ep.max_send_times;
771 asoc->def_net_failure = m->sctp_ep.def_net_failure;
772
773 /* ECN Nonce initialization */
774 asoc->ecn_nonce_allowed = 0;
775 asoc->receiver_nonce_sum = 1;
776 asoc->nonce_sum_expect_base = 1;
777 asoc->nonce_sum_check = 1;
778 asoc->nonce_resync_tsn = 0;
779 asoc->nonce_wait_for_ecne = 0;
780 asoc->nonce_wait_tsn = 0;
781
782 if (m->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) {
783 struct in6pcb *inp6;
784
785
786 /* Its a V6 socket */
787 inp6 = (struct in6pcb *)m;
788 asoc->ipv6_addr_legal = 1;
789 /* Now look at the binding flag to see if V4 will be legal */
790 if (
791 #if defined(__OpenBSD__)
792 (0) /* we always do dual bind */
793 #elif defined (__NetBSD__)
794 (inp6->in6p_flags & IN6P_IPV6_V6ONLY)
795 #else
796 (inp6->inp_flags & IN6P_IPV6_V6ONLY)
797 #endif
798 == 0) {
799 asoc->ipv4_addr_legal = 1;
800 } else {
801 /* V4 addresses are NOT legal on the association */
802 asoc->ipv4_addr_legal = 0;
803 }
804 } else {
805 /* Its a V4 socket, no - V6 */
806 asoc->ipv4_addr_legal = 1;
807 asoc->ipv6_addr_legal = 0;
808 }
809
810
811 asoc->my_rwnd = max(m->sctp_socket->so_rcv.ssb_hiwat, SCTP_MINIMAL_RWND);
812 asoc->peers_rwnd = m->sctp_socket->so_rcv.ssb_hiwat;
813
814 asoc->smallest_mtu = m->sctp_frag_point;
815 asoc->minrto = m->sctp_ep.sctp_minrto;
816 asoc->maxrto = m->sctp_ep.sctp_maxrto;
817
818 LIST_INIT(&asoc->sctp_local_addr_list);
819 TAILQ_INIT(&asoc->nets);
820 TAILQ_INIT(&asoc->pending_reply_queue);
821 asoc->last_asconf_ack_sent = NULL;
822 /* Setup to fill the hb random cache at first HB */
823 asoc->hb_random_idx = 4;
824
825 asoc->sctp_autoclose_ticks = m->sctp_ep.auto_close_time;
826
827 /*
828 * Now the stream parameters, here we allocate space for all
829 * streams that we request by default.
830 */
831 asoc->streamoutcnt = asoc->pre_open_streams =
832 m->sctp_ep.pre_open_stream_count;
833 asoc->strmout = kmalloc(asoc->streamoutcnt * sizeof(struct sctp_stream_out),
834 M_PCB, M_NOWAIT);
835 if (asoc->strmout == NULL) {
836 /* big trouble no memory */
837 return (ENOMEM);
838 }
839 for (i = 0; i < asoc->streamoutcnt; i++) {
840 /*
841 * inbound side must be set to 0xffff,
842 * also NOTE when we get the INIT-ACK back (for INIT sender)
843 * we MUST reduce the count (streamoutcnt) but first check
844 * if we sent to any of the upper streams that were dropped
845 * (if some were). Those that were dropped must be notified
846 * to the upper layer as failed to send.
847 */
848 asoc->strmout[i].next_sequence_sent = 0x0;
849 TAILQ_INIT(&asoc->strmout[i].outqueue);
850 asoc->strmout[i].stream_no = i;
851 asoc->strmout[i].next_spoke.tqe_next = 0;
852 asoc->strmout[i].next_spoke.tqe_prev = 0;
853 }
854 /* Now the mapping array */
855 asoc->mapping_array_size = SCTP_INITIAL_MAPPING_ARRAY;
856 #ifdef __NetBSD__
857 asoc->mapping_array = kmalloc(SCTP_INITIAL_MAPPING_ARRAY, M_PCB,
858 M_NOWAIT);
859 #else
860 asoc->mapping_array = kmalloc(asoc->mapping_array_size, M_PCB,
861 M_NOWAIT);
862 #endif
863 if (asoc->mapping_array == NULL) {
864 kfree(asoc->strmout, M_PCB);
865 return (ENOMEM);
866 }
867 memset(asoc->mapping_array, 0, asoc->mapping_array_size);
868 /* Now the init of the other outqueues */
869 TAILQ_INIT(&asoc->out_wheel);
870 TAILQ_INIT(&asoc->control_send_queue);
871 TAILQ_INIT(&asoc->send_queue);
872 TAILQ_INIT(&asoc->sent_queue);
873 TAILQ_INIT(&asoc->reasmqueue);
874 TAILQ_INIT(&asoc->delivery_queue);
875 asoc->max_inbound_streams = m->sctp_ep.max_open_streams_intome;
876
877 TAILQ_INIT(&asoc->asconf_queue);
878 return (0);
879 }
880
881 int
882 sctp_expand_mapping_array(struct sctp_association *asoc)
883 {
884 /* mapping array needs to grow */
885 u_int8_t *new_array;
886 uint16_t new_size;
887
888 new_size = asoc->mapping_array_size + SCTP_MAPPING_ARRAY_INCR;
889 #ifdef __NetBSD__
890 new_array = kmalloc(asoc->mapping_array_size + SCTP_MAPPING_ARRAY_INCR,
891 M_PCB, M_NOWAIT);
892 #else
893 new_array = kmalloc(new_size, M_PCB, M_NOWAIT);
894 #endif
895 if (new_array == NULL) {
896 /* can't get more, forget it */
897 kprintf("No memory for expansion of SCTP mapping array %d\n",
898 new_size);
899 return (-1);
900 }
901 memset(new_array, 0, new_size);
902 memcpy(new_array, asoc->mapping_array, asoc->mapping_array_size);
903 kfree(asoc->mapping_array, M_PCB);
904 asoc->mapping_array = new_array;
905 asoc->mapping_array_size = new_size;
906 return (0);
907 }
908
909 static void
910 sctp_timeout_handler(void *t)
911 {
912 struct sctp_inpcb *inp;
913 struct sctp_tcb *stcb;
914 struct sctp_nets *net;
915 struct sctp_timer *tmr;
916 int did_output, typ;
917 #if defined(__APPLE__)
918 boolean_t funnel_state;
919
920 /* get BSD kernel funnel/mutex */
921 funnel_state = thread_funnel_set(network_flock, TRUE);
922 #endif
923
924 crit_enter();
925 tmr = (struct sctp_timer *)t;
926 inp = (struct sctp_inpcb *)tmr->ep;
927 stcb = (struct sctp_tcb *)tmr->tcb;
928 net = (struct sctp_nets *)tmr->net;
929 did_output = 1;
930
931
932 #ifdef SCTP_AUDITING_ENABLED
933 sctp_audit_log(0xF0, (u_int8_t)tmr->type);
934 sctp_auditing(3, inp, stcb, net);
935 #endif
936 sctp_pegs[SCTP_TIMERS_EXP]++;
937
938 if (inp == NULL) {
939 crit_exit();
940 return;
941 }
942
943 SCTP_INP_WLOCK(inp);
944 if (inp->sctp_socket == 0) {
945 crit_exit();
946 #if defined(__APPLE__)
947 /* release BSD kernel funnel/mutex */
948 thread_funnel_set(network_flock, FALSE);
949 #endif
950 SCTP_INP_WUNLOCK(inp);
951 return;
952 }
953 if (stcb) {
954 if (stcb->asoc.state == 0) {
955 crit_exit();
956 #if defined(__APPLE__)
957 /* release BSD kernel funnel/mutex */
958 thread_funnel_set(network_flock, FALSE);
959 #endif
960 SCTP_INP_WUNLOCK(inp);
961 return;
962 }
963 }
964 #ifdef SCTP_DEBUG
965 if (sctp_debug_on & SCTP_DEBUG_TIMER1) {
966 kprintf("Timer type %d goes off\n", tmr->type);
967 }
968 #endif /* SCTP_DEBUG */
969 #ifndef __NetBSD__
970 if (!callout_active(&tmr->timer)) {
971 crit_exit();
972 #if defined(__APPLE__)
973 /* release BSD kernel funnel/mutex */
974 thread_funnel_set(network_flock, FALSE);
975 #endif
976 SCTP_INP_WUNLOCK(inp);
977 return;
978 }
979 #endif
980 #if defined(__APPLE__)
981 /* clear the callout pending status here */
982 callout_stop(&tmr->timer);
983 #endif
984 if (stcb) {
985 SCTP_TCB_LOCK(stcb);
986 }
987 SCTP_INP_INCR_REF(inp);
988 SCTP_INP_WUNLOCK(inp);
989
990 typ = tmr->type;
991 switch (tmr->type) {
992 case SCTP_TIMER_TYPE_ITERATOR:
993 {
994 struct sctp_iterator *it;
995 it = (struct sctp_iterator *)inp;
996 sctp_iterator_timer(it);
997 }
998 break;
999 /* call the handler for the appropriate timer type */
1000 case SCTP_TIMER_TYPE_SEND:
1001 sctp_pegs[SCTP_TMIT_TIMER]++;
1002 stcb->asoc.num_send_timers_up--;
1003 if (stcb->asoc.num_send_timers_up < 0) {
1004 stcb->asoc.num_send_timers_up = 0;
1005 }
1006 if (sctp_t3rxt_timer(inp, stcb, net)) {
1007 /* no need to unlock on tcb its gone */
1008
1009 goto out_decr;
1010 }
1011 #ifdef SCTP_AUDITING_ENABLED
1012 sctp_auditing(4, inp, stcb, net);
1013 #endif
1014 sctp_chunk_output(inp, stcb, 1);
1015 if ((stcb->asoc.num_send_timers_up == 0) &&
1016 (stcb->asoc.sent_queue_cnt > 0)
1017 ) {
1018 struct sctp_tmit_chunk *chk;
1019 /*
1020 * safeguard. If there on some on the sent queue
1021 * somewhere but no timers running something is
1022 * wrong... so we start a timer on the first chunk
1023 * on the send queue on whatever net it is sent to.
1024 */
1025 sctp_pegs[SCTP_T3_SAFEGRD]++;
1026 chk = TAILQ_FIRST(&stcb->asoc.sent_queue);
1027 sctp_timer_start(SCTP_TIMER_TYPE_SEND, inp, stcb,
1028 chk->whoTo);
1029 }
1030 break;
1031 case SCTP_TIMER_TYPE_INIT:
1032 if (sctp_t1init_timer(inp, stcb, net)) {
1033 /* no need to unlock on tcb its gone */
1034 goto out_decr;
1035 }
1036 /* We do output but not here */
1037 did_output = 0;
1038 break;
1039 case SCTP_TIMER_TYPE_RECV:
1040 sctp_pegs[SCTP_RECV_TIMER]++;
1041 sctp_send_sack(stcb);
1042 #ifdef SCTP_AUDITING_ENABLED
1043 sctp_auditing(4, inp, stcb, net);
1044 #endif
1045 sctp_chunk_output(inp, stcb, 4);
1046 break;
1047 case SCTP_TIMER_TYPE_SHUTDOWN:
1048 if (sctp_shutdown_timer(inp, stcb, net) ) {
1049 /* no need to unlock on tcb its gone */
1050 goto out_decr;
1051 }
1052 #ifdef SCTP_AUDITING_ENABLED
1053 sctp_auditing(4, inp, stcb, net);
1054 #endif
1055 sctp_chunk_output(inp, stcb, 5);
1056 break;
1057 case SCTP_TIMER_TYPE_HEARTBEAT:
1058 if (sctp_heartbeat_timer(inp, stcb, net)) {
1059 /* no need to unlock on tcb its gone */
1060 goto out_decr;
1061 }
1062 #ifdef SCTP_AUDITING_ENABLED
1063 sctp_auditing(4, inp, stcb, net);
1064 #endif
1065 sctp_chunk_output(inp, stcb, 6);
1066 break;
1067 case SCTP_TIMER_TYPE_COOKIE:
1068 if (sctp_cookie_timer(inp, stcb, net)) {
1069 /* no need to unlock on tcb its gone */
1070 goto out_decr;
1071 }
1072 #ifdef SCTP_AUDITING_ENABLED
1073 sctp_auditing(4, inp, stcb, net);
1074 #endif
1075 sctp_chunk_output(inp, stcb, 1);
1076 break;
1077 case SCTP_TIMER_TYPE_NEWCOOKIE:
1078 {
1079 struct timeval tv;
1080 int i, secret;
1081 SCTP_GETTIME_TIMEVAL(&tv);
1082 SCTP_INP_WLOCK(inp);
1083 inp->sctp_ep.time_of_secret_change = tv.tv_sec;
1084 inp->sctp_ep.last_secret_number =
1085 inp->sctp_ep.current_secret_number;
1086 inp->sctp_ep.current_secret_number++;
1087 if (inp->sctp_ep.current_secret_number >=
1088 SCTP_HOW_MANY_SECRETS) {
1089 inp->sctp_ep.current_secret_number = 0;
1090 }
1091 secret = (int)inp->sctp_ep.current_secret_number;
1092 for (i = 0; i < SCTP_NUMBER_OF_SECRETS; i++) {
1093 inp->sctp_ep.secret_key[secret][i] =
1094 sctp_select_initial_TSN(&inp->sctp_ep);
1095 }
1096 SCTP_INP_WUNLOCK(inp);
1097 sctp_timer_start(SCTP_TIMER_TYPE_NEWCOOKIE, inp, stcb, net);
1098 }
1099 did_output = 0;
1100 break;
1101 case SCTP_TIMER_TYPE_PATHMTURAISE:
1102 sctp_pathmtu_timer(inp, stcb, net);
1103 did_output = 0;
1104 break;
1105 case SCTP_TIMER_TYPE_SHUTDOWNACK:
1106 if (sctp_shutdownack_timer(inp, stcb, net)) {
1107 /* no need to unlock on tcb its gone */
1108 goto out_decr;
1109 }
1110 #ifdef SCTP_AUDITING_ENABLED
1111 sctp_auditing(4, inp, stcb, net);
1112 #endif
1113 sctp_chunk_output(inp, stcb, 7);
1114 break;
1115 case SCTP_TIMER_TYPE_SHUTDOWNGUARD:
1116 sctp_abort_an_association(inp, stcb,
1117 SCTP_SHUTDOWN_GUARD_EXPIRES, NULL);
1118 /* no need to unlock on tcb its gone */
1119 goto out_decr;
1120 break;
1121
1122 case SCTP_TIMER_TYPE_STRRESET:
1123 if (sctp_strreset_timer(inp, stcb, net)) {
1124 /* no need to unlock on tcb its gone */
1125 goto out_decr;
1126 }
1127 sctp_chunk_output(inp, stcb, 9);
1128 break;
1129
1130 case SCTP_TIMER_TYPE_ASCONF:
1131 if (sctp_asconf_timer(inp, stcb, net)) {
1132 /* no need to unlock on tcb its gone */
1133 goto out_decr;
1134 }
1135 #ifdef SCTP_AUDITING_ENABLED
1136 sctp_auditing(4, inp, stcb, net);
1137 #endif
1138 sctp_chunk_output(inp, stcb, 8);
1139 break;
1140
1141 case SCTP_TIMER_TYPE_AUTOCLOSE:
1142 sctp_autoclose_timer(inp, stcb, net);
1143 sctp_chunk_output(inp, stcb, 10);
1144 did_output = 0;
1145 break;
1146 case SCTP_TIMER_TYPE_INPKILL:
1147 /* special case, take away our
1148 * increment since WE are the killer
1149 */
1150 SCTP_INP_WLOCK(inp);
1151 SCTP_INP_DECR_REF(inp);
1152 SCTP_INP_WUNLOCK(inp);
1153 sctp_timer_stop(SCTP_TIMER_TYPE_INPKILL, inp, NULL, NULL);
1154 sctp_inpcb_free(inp, 1);
1155 goto out_no_decr;
1156 break;
1157 default:
1158 #ifdef SCTP_DEBUG
1159 if (sctp_debug_on & SCTP_DEBUG_TIMER1) {
1160 kprintf("sctp_timeout_handler:unknown timer %d\n",
1161 tmr->type);
1162 }
1163 #endif /* SCTP_DEBUG */
1164 break;
1165 };
1166 #ifdef SCTP_AUDITING_ENABLED
1167 sctp_audit_log(0xF1, (u_int8_t)tmr->type);
1168 sctp_auditing(5, inp, stcb, net);
1169 #endif
1170 if (did_output) {
1171 /*
1172 * Now we need to clean up the control chunk chain if an
1173 * ECNE is on it. It must be marked as UNSENT again so next
1174 * call will continue to send it until such time that we get
1175 * a CWR, to remove it. It is, however, less likely that we
1176 * will find a ecn echo on the chain though.
1177 */
1178 sctp_fix_ecn_echo(&stcb->asoc);
1179 }
1180 if (stcb) {
1181 SCTP_TCB_UNLOCK(stcb);
1182 }
1183 out_decr:
1184 SCTP_INP_WLOCK(inp);
1185 SCTP_INP_DECR_REF(inp);
1186 SCTP_INP_WUNLOCK(inp);
1187
1188 out_no_decr:
1189
1190 #ifdef SCTP_DEBUG
1191 if (sctp_debug_on & SCTP_DEBUG_TIMER1) {
1192 kprintf("Timer now complete (type %d)\n", typ);
1193 }
1194 #endif /* SCTP_DEBUG */
1195
1196 crit_exit();
1197 #if defined(__APPLE__)
1198 /* release BSD kernel funnel/mutex */
1199 thread_funnel_set(network_flock, FALSE);
1200 #endif
1201 }
1202
1203 int
1204 sctp_timer_start(int t_type, struct sctp_inpcb *inp, struct sctp_tcb *stcb,
1205 struct sctp_nets *net)
1206 {
1207 int to_ticks;
1208 struct sctp_timer *tmr;
1209
1210 if (inp == NULL)
1211 return (EFAULT);
1212
1213 to_ticks = 0;
1214
1215 tmr = NULL;
1216 switch (t_type) {
1217 case SCTP_TIMER_TYPE_ITERATOR:
1218 {
1219 struct sctp_iterator *it;
1220 it = (struct sctp_iterator *)inp;
1221 tmr = &it->tmr;
1222 to_ticks = SCTP_ITERATOR_TICKS;
1223 }
1224 break;
1225 case SCTP_TIMER_TYPE_SEND:
1226 /* Here we use the RTO timer */
1227 {
1228 int rto_val;
1229 if ((stcb == NULL) || (net == NULL)) {
1230 return (EFAULT);
1231 }
1232 tmr = &net->rxt_timer;
1233 if (net->RTO == 0) {
1234 rto_val = stcb->asoc.initial_rto;
1235 } else {
1236 rto_val = net->RTO;
1237 }
1238 to_ticks = MSEC_TO_TICKS(rto_val);
1239 }
1240 break;
1241 case SCTP_TIMER_TYPE_INIT:
1242 /*
1243 * Here we use the INIT timer default
1244 * usually about 1 minute.
1245 */
1246 if ((stcb == NULL) || (net == NULL)) {
1247 return (EFAULT);
1248 }
1249 tmr = &net->rxt_timer;
1250 if (net->RTO == 0) {
1251 to_ticks = MSEC_TO_TICKS(stcb->asoc.initial_rto);
1252 } else {
1253 to_ticks = MSEC_TO_TICKS(net->RTO);
1254 }
1255 break;
1256 case SCTP_TIMER_TYPE_RECV:
1257 /*
1258 * Here we use the Delayed-Ack timer value from the inp
1259 * ususually about 200ms.
1260 */
1261 if (stcb == NULL) {
1262 return (EFAULT);
1263 }
1264 tmr = &stcb->asoc.dack_timer;
1265 to_ticks = inp->sctp_ep.sctp_timeoutticks[SCTP_TIMER_RECV];
1266 break;
1267 case SCTP_TIMER_TYPE_SHUTDOWN:
1268 /* Here we use the RTO of the destination. */
1269 if ((stcb == NULL) || (net == NULL)) {
1270 return (EFAULT);
1271 }
1272
1273 if (net->RTO == 0) {
1274 to_ticks = MSEC_TO_TICKS(stcb->asoc.initial_rto);
1275 } else {
1276 to_ticks = MSEC_TO_TICKS(net->RTO);
1277 }
1278 tmr = &net->rxt_timer;
1279 break;
1280 case SCTP_TIMER_TYPE_HEARTBEAT:
1281 /*
1282 * the net is used here so that we can add in the RTO.
1283 * Even though we use a different timer. We also add the
1284 * HB timer PLUS a random jitter.
1285 */
1286 if (stcb == NULL) {
1287 return (EFAULT);
1288 }
1289 {
1290 uint32_t rndval;
1291 uint8_t this_random;
1292 int cnt_of_unconf=0;
1293 struct sctp_nets *lnet;
1294
1295 TAILQ_FOREACH(lnet, &stcb->asoc.nets, sctp_next) {
1296 if (lnet->dest_state & SCTP_ADDR_UNCONFIRMED) {
1297 cnt_of_unconf++;
1298 }
1299 }
1300 #ifdef SCTP_DEBUG
1301 if (sctp_debug_on & SCTP_DEBUG_TIMER1) {
1302 kprintf("HB timer to start unconfirmed:%d hb_delay:%d\n",
1303 cnt_of_unconf, stcb->asoc.heart_beat_delay);
1304 }
1305 #endif
1306 if (stcb->asoc.hb_random_idx > 3) {
1307 rndval = sctp_select_initial_TSN(&inp->sctp_ep);
1308 memcpy(stcb->asoc.hb_random_values, &rndval,
1309 sizeof(stcb->asoc.hb_random_values));
1310 this_random = stcb->asoc.hb_random_values[0];
1311 stcb->asoc.hb_random_idx = 0;
1312 stcb->asoc.hb_ect_randombit = 0;
1313 } else {
1314 this_random = stcb->asoc.hb_random_values[stcb->asoc.hb_random_idx];
1315 stcb->asoc.hb_random_idx++;
1316 stcb->asoc.hb_ect_randombit = 0;
1317 }
1318 /*
1319 * this_random will be 0 - 256 ms
1320 * RTO is in ms.
1321 */
1322 if ((stcb->asoc.heart_beat_delay == 0) &&
1323 (cnt_of_unconf == 0)) {
1324 /* no HB on this inp after confirmations */
1325 return (0);
1326 }
1327 if (net) {
1328 struct sctp_nets *lnet;
1329 int delay;
1330 delay = stcb->asoc.heart_beat_delay;
1331 TAILQ_FOREACH(lnet, &stcb->asoc.nets, sctp_next) {
1332 if ((lnet->dest_state & SCTP_ADDR_UNCONFIRMED) &&
1333 ((lnet->dest_state & SCTP_ADDR_OUT_OF_SCOPE) == 0) &&
1334 (lnet->dest_state & SCTP_ADDR_REACHABLE)) {
1335 delay = 0;
1336 }
1337 }
1338 if (net->RTO == 0) {
1339 /* Never been checked */
1340 to_ticks = this_random + stcb->asoc.initial_rto + delay;
1341 } else {
1342 /* set rto_val to the ms */
1343 to_ticks = delay + net->RTO + this_random;
1344 }
1345 } else {
1346 if (cnt_of_unconf) {
1347 to_ticks = this_random + stcb->asoc.initial_rto;
1348 } else {
1349 to_ticks = stcb->asoc.heart_beat_delay + this_random + stcb->asoc.initial_rto;
1350 }
1351 }
1352 /*
1353 * Now we must convert the to_ticks that are now in
1354 * ms to ticks.
1355 */
1356 to_ticks *= hz;
1357 to_ticks /= 1000;
1358 #ifdef SCTP_DEBUG
1359 if (sctp_debug_on & SCTP_DEBUG_TIMER1) {
1360 kprintf("Timer to expire in %d ticks\n", to_ticks);
1361 }
1362 #endif
1363 tmr = &stcb->asoc.hb_timer;
1364 }
1365 break;
1366 case SCTP_TIMER_TYPE_COOKIE:
1367 /*
1368 * Here we can use the RTO timer from the network since
1369 * one RTT was compelete. If a retran happened then we will
1370 * be using the RTO initial value.
1371 */
1372 if ((stcb == NULL) || (net == NULL)) {
1373 return (EFAULT);
1374 }
1375 if (net->RTO == 0) {
1376 to_ticks = MSEC_TO_TICKS(stcb->asoc.initial_rto);
1377 } else {
1378 to_ticks = MSEC_TO_TICKS(net->RTO);
1379 }
1380 tmr = &net->rxt_timer;
1381 break;
1382 case SCTP_TIMER_TYPE_NEWCOOKIE:
1383 /*
1384 * nothing needed but the endpoint here
1385 * ususually about 60 minutes.
1386 */
1387 tmr = &inp->sctp_ep.signature_change;
1388 to_ticks = inp->sctp_ep.sctp_timeoutticks[SCTP_TIMER_SIGNATURE];
1389 break;
1390 case SCTP_TIMER_TYPE_INPKILL:
1391 /*
1392 * The inp is setup to die. We re-use the
1393 * signature_chage timer since that has
1394 * stopped and we are in the GONE state.
1395 */
1396 tmr = &inp->sctp_ep.signature_change;
1397 to_ticks = (SCTP_INP_KILL_TIMEOUT * hz) / 1000;
1398 break;
1399 case SCTP_TIMER_TYPE_PATHMTURAISE:
1400 /*
1401 * Here we use the value found in the EP for PMTU
1402 * ususually about 10 minutes.
1403 */
1404 if (stcb == NULL) {
1405 return (EFAULT);
1406 }
1407 if (net == NULL) {
1408 return (EFAULT);
1409 }
1410 to_ticks = inp->sctp_ep.sctp_timeoutticks[SCTP_TIMER_PMTU];
1411 tmr = &net->pmtu_timer;
1412 break;
1413 case SCTP_TIMER_TYPE_SHUTDOWNACK:
1414 /* Here we use the RTO of the destination */
1415 if ((stcb == NULL) || (net == NULL)) {
1416 return (EFAULT);
1417 }
1418 if (net->RTO == 0) {
1419 to_ticks = MSEC_TO_TICKS(stcb->asoc.initial_rto);
1420 } else {
1421 to_ticks = MSEC_TO_TICKS(net->RTO);
1422 }
1423 tmr = &net->rxt_timer;
1424 break;
1425 case SCTP_TIMER_TYPE_SHUTDOWNGUARD:
1426 /*
1427 * Here we use the endpoints shutdown guard timer
1428 * usually about 3 minutes.
1429 */
1430 if (stcb == NULL) {
1431 return (EFAULT);
1432 }
1433 to_ticks = inp->sctp_ep.sctp_timeoutticks[SCTP_TIMER_MAXSHUTDOWN];
1434 tmr = &stcb->asoc.shut_guard_timer;
1435 break;
1436 case SCTP_TIMER_TYPE_STRRESET:
1437 /*
1438 * Here the timer comes from the inp
1439 * but its value is from the RTO.
1440 */
1441 if ((stcb == NULL) || (net == NULL)) {
1442 return (EFAULT);
1443 }
1444 if (net->RTO == 0) {
1445 to_ticks = MSEC_TO_TICKS(stcb->asoc.initial_rto);
1446 } else {
1447 to_ticks = MSEC_TO_TICKS(net->RTO);
1448 }
1449 tmr = &stcb->asoc.strreset_timer;
1450 break;
1451
1452 case SCTP_TIMER_TYPE_ASCONF:
1453 /*
1454 * Here the timer comes from the inp
1455 * but its value is from the RTO.
1456 */
1457 if ((stcb == NULL) || (net == NULL)) {
1458 return (EFAULT);
1459 }
1460 if (net->RTO == 0) {
1461 to_ticks = MSEC_TO_TICKS(stcb->asoc.initial_rto);
1462 } else {
1463 to_ticks = MSEC_TO_TICKS(net->RTO);
1464 }
1465 tmr = &stcb->asoc.asconf_timer;
1466 break;
1467 case SCTP_TIMER_TYPE_AUTOCLOSE:
1468 if (stcb == NULL) {
1469 return (EFAULT);
1470 }
1471 if (stcb->asoc.sctp_autoclose_ticks == 0) {
1472 /* Really an error since stcb is NOT set to autoclose */
1473 return (0);
1474 }
1475 to_ticks = stcb->asoc.sctp_autoclose_ticks;
1476 tmr = &stcb->asoc.autoclose_timer;
1477 break;
1478 default:
1479 #ifdef SCTP_DEBUG
1480 if (sctp_debug_on & SCTP_DEBUG_TIMER1) {
1481 kprintf("sctp_timer_start:Unknown timer type %d\n",
1482 t_type);
1483 }
1484 #endif /* SCTP_DEBUG */
1485 return (EFAULT);
1486 break;
1487 };
1488 if ((to_ticks <= 0) || (tmr == NULL)) {
1489 #ifdef SCTP_DEBUG
1490 if (sctp_debug_on & SCTP_DEBUG_TIMER1) {
1491 kprintf("sctp_timer_start:%d:software error to_ticks:%d tmr:%p not set ??\n",
1492 t_type, to_ticks, tmr);
1493 }
1494 #endif /* SCTP_DEBUG */
1495 return (EFAULT);
1496 }
1497 if (callout_pending(&tmr->timer)) {
1498 /*
1499 * we do NOT allow you to have it already running.
1500 * if it is we leave the current one up unchanged
1501 */
1502 return (EALREADY);
1503 }
1504 /* At this point we can proceed */
1505 if (t_type == SCTP_TIMER_TYPE_SEND) {
1506 stcb->asoc.num_send_timers_up++;
1507 }
1508 tmr->type = t_type;
1509 tmr->ep = (void *)inp;
1510 tmr->tcb = (void *)stcb;
1511 tmr->net = (void *)net;
1512 callout_reset(&tmr->timer, to_ticks, sctp_timeout_handler, tmr);
1513 return (0);
1514 }
1515
1516 int
1517 sctp_timer_stop(int t_type, struct sctp_inpcb *inp, struct sctp_tcb *stcb,
1518 struct sctp_nets *net)
1519 {
1520 struct sctp_timer *tmr;
1521
1522 if (inp == NULL)
1523 return (EFAULT);
1524
1525 tmr = NULL;
1526 switch (t_type) {
1527 case SCTP_TIMER_TYPE_ITERATOR:
1528 {
1529 struct sctp_iterator *it;
1530 it = (struct sctp_iterator *)inp;
1531 tmr = &it->tmr;
1532 }
1533 break;
1534 case SCTP_TIMER_TYPE_SEND:
1535 if ((stcb == NULL) || (net == NULL)) {
1536 return (EFAULT);
1537 }
1538 tmr = &net->rxt_timer;
1539 break;
1540 case SCTP_TIMER_TYPE_INIT:
1541 if ((stcb == NULL) || (net == NULL)) {
1542 return (EFAULT);
1543 }
1544 tmr = &net->rxt_timer;
1545 break;
1546 case SCTP_TIMER_TYPE_RECV:
1547 if (stcb == NULL) {
1548 return (EFAULT);
1549 }
1550 tmr = &stcb->asoc.dack_timer;
1551 break;
1552 case SCTP_TIMER_TYPE_SHUTDOWN:
1553 if ((stcb == NULL) || (net == NULL)) {
1554 return (EFAULT);
1555 }
1556 tmr = &net->rxt_timer;
1557 break;
1558 case SCTP_TIMER_TYPE_HEARTBEAT:
1559 if (stcb == NULL) {
1560 return (EFAULT);
1561 }
1562 tmr = &stcb->asoc.hb_timer;
1563 break;
1564 case SCTP_TIMER_TYPE_COOKIE:
1565 if ((stcb == NULL) || (net == NULL)) {
1566 return (EFAULT);
1567 }
1568 tmr = &net->rxt_timer;
1569 break;
1570 case SCTP_TIMER_TYPE_NEWCOOKIE:
1571 /* nothing needed but the endpoint here */
1572 tmr = &inp->sctp_ep.signature_change;
1573 /* We re-use the newcookie timer for
1574 * the INP kill timer. We must assure
1575 * that we do not kill it by accident.
1576 */
1577 break;
1578 case SCTP_TIMER_TYPE_INPKILL:
1579 /*
1580 * The inp is setup to die. We re-use the
1581 * signature_chage timer since that has
1582 * stopped and we are in the GONE state.
1583 */
1584 tmr = &inp->sctp_ep.signature_change;
1585 break;
1586 case SCTP_TIMER_TYPE_PATHMTURAISE:
1587 if (stcb == NULL) {
1588 return (EFAULT);
1589 }
1590 if (net == NULL) {
1591 return (EFAULT);
1592 }
1593 tmr = &net->pmtu_timer;
1594 break;
1595 case SCTP_TIMER_TYPE_SHUTDOWNACK:
1596 if ((stcb == NULL) || (net == NULL)) {
1597 return (EFAULT);
1598 }
1599 tmr = &net->rxt_timer;
1600 break;
1601 case SCTP_TIMER_TYPE_SHUTDOWNGUARD:
1602 if (stcb == NULL) {
1603 return (EFAULT);
1604 }
1605 tmr = &stcb->asoc.shut_guard_timer;
1606 break;
1607 case SCTP_TIMER_TYPE_STRRESET:
1608 if (stcb == NULL) {
1609 return (EFAULT);
1610 }
1611 tmr = &stcb->asoc.strreset_timer;
1612 break;
1613 case SCTP_TIMER_TYPE_ASCONF:
1614 if (stcb == NULL) {
1615 return (EFAULT);
1616 }
1617 tmr = &stcb->asoc.asconf_timer;
1618 break;
1619 case SCTP_TIMER_TYPE_AUTOCLOSE:
1620 if (stcb == NULL) {
1621 return (EFAULT);
1622 }
1623 tmr = &stcb->asoc.autoclose_timer;
1624 break;
1625 default:
1626 #ifdef SCTP_DEBUG
1627 if (sctp_debug_on & SCTP_DEBUG_TIMER1) {
1628 kprintf("sctp_timer_stop:Unknown timer type %d\n",
1629 t_type);
1630 }
1631 #endif /* SCTP_DEBUG */
1632 break;
1633 };
1634 if (tmr == NULL)
1635 return (EFAULT);
1636
1637 if ((tmr->type != t_type) && tmr->type) {
1638 /*
1639 * Ok we have a timer that is under joint use. Cookie timer
1640 * per chance with the SEND timer. We therefore are NOT
1641 * running the timer that the caller wants stopped. So just
1642 * return.
1643 */
1644 return (0);
1645 }
1646 if (t_type == SCTP_TIMER_TYPE_SEND) {
1647 stcb->asoc.num_send_timers_up--;
1648 if (stcb->asoc.num_send_timers_up < 0) {
1649 stcb->asoc.num_send_timers_up = 0;
1650 }
1651 }
1652 callout_stop(&tmr->timer);
1653 return (0);
1654 }
1655
1656 #ifdef SCTP_USE_ADLER32
1657 static uint32_t
1658 update_adler32(uint32_t adler, uint8_t *buf, int32_t len)
1659 {
1660 u_int32_t s1 = adler & 0xffff;
1661 u_int32_t s2 = (adler >> 16) & 0xffff;
1662 int n;
1663
1664 for (n = 0; n < len; n++, buf++) {
1665 /* s1 = (s1 + buf[n]) % BASE */
1666 /* first we add */
1667 s1 = (s1 + *buf);
1668 /*
1669 * now if we need to, we do a mod by subtracting. It seems
1670 * a bit faster since I really will only ever do one subtract
1671 * at the MOST, since buf[n] is a max of 255.
1672 */
1673 if (s1 >= SCTP_ADLER32_BASE) {
1674 s1 -= SCTP_ADLER32_BASE;
1675 }
1676 /* s2 = (s2 + s1) % BASE */
1677 /* first we add */
1678 s2 = (s2 + s1);
1679 /*
1680 * again, it is more efficent (it seems) to subtract since
1681 * the most s2 will ever be is (BASE-1 + BASE-1) in the worse
1682 * case. This would then be (2 * BASE) - 2, which will still
1683 * only do one subtract. On Intel this is much better to do
1684 * this way and avoid the divide. Have not -pg'd on sparc.
1685 */
1686 if (s2 >= SCTP_ADLER32_BASE) {
1687 s2 -= SCTP_ADLER32_BASE;
1688 }
1689 }
1690 /* Return the adler32 of the bytes buf[0..len-1] */
1691 return ((s2 << 16) + s1);
1692 }
1693
1694 #endif
1695
1696
1697 u_int32_t
1698 sctp_calculate_len(struct mbuf *m)
1699 {
1700 u_int32_t tlen=0;
1701 struct mbuf *at;
1702 at = m;
1703 while (at) {
1704 tlen += at->m_len;
1705 at = at->m_next;
1706 }
1707 return (tlen);
1708 }
1709
1710 #if defined(SCTP_WITH_NO_CSUM)
1711
1712 uint32_t
1713 sctp_calculate_sum(struct mbuf *m, int32_t *pktlen, uint32_t offset)
1714 {
1715 /*
1716 * given a mbuf chain with a packetheader offset by 'offset'
1717 * pointing at a sctphdr (with csum set to 0) go through
1718 * the chain of m_next's and calculate the SCTP checksum.
1719 * This is currently Adler32 but will change to CRC32x
1720 * soon. Also has a side bonus calculate the total length
1721 * of the mbuf chain.
1722 * Note: if offset is greater than the total mbuf length,
1723 * checksum=1, pktlen=0 is returned (ie. no real error code)
1724 */
1725 if (pktlen == NULL)
1726 return (0);
1727 *pktlen = sctp_calculate_len(m);
1728 return (0);
1729 }
1730
1731 #elif defined(SCTP_USE_INCHKSUM)
1732
1733 #include <machine/in_cksum.h>
1734
1735 uint32_t
1736 sctp_calculate_sum(struct mbuf *m, int32_t *pktlen, uint32_t offset)
1737 {
1738 /*
1739 * given a mbuf chain with a packetheader offset by 'offset'
1740 * pointing at a sctphdr (with csum set to 0) go through
1741 * the chain of m_next's and calculate the SCTP checksum.
1742 * This is currently Adler32 but will change to CRC32x
1743 * soon. Also has a side bonus calculate the total length
1744 * of the mbuf chain.
1745 * Note: if offset is greater than the total mbuf length,
1746 * checksum=1, pktlen=0 is returned (ie. no real error code)
1747 */
1748 int32_t tlen=0;
1749 struct mbuf *at;
1750 uint32_t the_sum, retsum;
1751
1752 at = m;
1753 while (at) {
1754 tlen += at->m_len;
1755 at = at->m_next;
1756 }
1757 the_sum = (uint32_t)(in_cksum_skip(m, tlen, offset));
1758 if (pktlen != NULL)
1759 *pktlen = (tlen-offset);
1760 retsum = htons(the_sum);
1761 return (the_sum);
1762 }
1763
1764 #else
1765
1766 uint32_t
1767 sctp_calculate_sum(struct mbuf *m, int32_t *pktlen, uint32_t offset)
1768 {
1769 /*
1770 * given a mbuf chain with a packetheader offset by 'offset'
1771 * pointing at a sctphdr (with csum set to 0) go through
1772 * the chain of m_next's and calculate the SCTP checksum.
1773 * This is currently Adler32 but will change to CRC32x
1774 * soon. Also has a side bonus calculate the total length
1775 * of the mbuf chain.
1776 * Note: if offset is greater than the total mbuf length,
1777 * checksum=1, pktlen=0 is returned (ie. no real error code)
1778 */
1779 int32_t tlen=0;
1780 #ifdef SCTP_USE_ADLER32
1781 uint32_t base = 1L;
1782 #else
1783 uint32_t base = 0xffffffff;
1784 #endif /* SCTP_USE_ADLER32 */
1785 struct mbuf *at;
1786 at = m;
1787 /* find the correct mbuf and offset into mbuf */
1788 while ((at != NULL) && (offset > (uint32_t)at->m_len)) {
1789 offset -= at->m_len; /* update remaining offset left */
1790 at = at->m_next;
1791 }
1792
1793 while (at != NULL) {
1794 #ifdef SCTP_USE_ADLER32
1795 base = update_adler32(base, at->m_data + offset,
1796 at->m_len - offset);
1797 #else
1798 base = update_crc32(base, at->m_data + offset,
1799 at->m_len - offset);
1800 #endif /* SCTP_USE_ADLER32 */
1801 tlen += at->m_len - offset;
1802 /* we only offset once into the first mbuf */
1803 if (offset) {
1804 offset = 0;
1805 }
1806 at = at->m_next;
1807 }
1808 if (pktlen != NULL) {
1809 *pktlen = tlen;
1810 }
1811 #ifdef SCTP_USE_ADLER32
1812 /* Adler32 */
1813 base = htonl(base);
1814 #else
1815 /* CRC-32c */
1816 base = sctp_csum_finalize(base);
1817 #endif
1818 return (base);
1819 }
1820
1821
1822 #endif
1823
1824 void
1825 sctp_mtu_size_reset(struct sctp_inpcb *inp,
1826 struct sctp_association *asoc, u_long mtu)
1827 {
1828 /*
1829 * Reset the P-MTU size on this association, this involves changing
1830 * the asoc MTU, going through ANY chunk+overhead larger than mtu
1831 * to allow the DF flag to be cleared.
1832 */
1833 struct sctp_tmit_chunk *chk;
1834 struct sctp_stream_out *strm;
1835 unsigned int eff_mtu, ovh;
1836 asoc->smallest_mtu = mtu;
1837 if (inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) {
1838 ovh = SCTP_MIN_OVERHEAD;
1839 } else {
1840 ovh = SCTP_MIN_V4_OVERHEAD;
1841 }
1842 eff_mtu = mtu - ovh;
1843 /* Now mark any chunks that need to let IP fragment */
1844 TAILQ_FOREACH(strm, &asoc->out_wheel, next_spoke) {
1845 TAILQ_FOREACH(chk, &strm->outqueue, sctp_next) {
1846 if (chk->send_size > eff_mtu) {
1847 chk->flags &= SCTP_DONT_FRAGMENT;
1848 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK;
1849 }
1850 }
1851 }
1852 TAILQ_FOREACH(chk, &asoc->send_queue, sctp_next) {
1853 if (chk->send_size > eff_mtu) {
1854 chk->flags &= SCTP_DONT_FRAGMENT;
1855 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK;
1856 }
1857 }
1858 TAILQ_FOREACH(chk, &asoc->sent_queue, sctp_next) {
1859 if (chk->send_size > eff_mtu) {
1860 chk->flags &= SCTP_DONT_FRAGMENT;
1861 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK;
1862 }
1863 }
1864 }
1865
1866
1867 /*
1868 * given an association and starting time of the current RTT period
1869 * return RTO in number of usecs
1870 * net should point to the current network
1871 */
1872 u_int32_t
1873 sctp_calculate_rto(struct sctp_tcb *stcb,
1874 struct sctp_association *asoc,
1875 struct sctp_nets *net,
1876 struct timeval *old)
1877 {
1878 /*
1879 * given an association and the starting time of the current RTT
1880 * period (in value1/value2) return RTO in number of usecs.
1881 */
1882 int calc_time = 0;
1883 int o_calctime;
1884 unsigned int new_rto = 0;
1885 int first_measure = 0;
1886 struct timeval now;
1887
1888 /************************/
1889 /* 1. calculate new RTT */
1890 /************************/
1891 /* get the current time */
1892 SCTP_GETTIME_TIMEVAL(&now);
1893 /* compute the RTT value */
1894 if ((u_long)now.tv_sec > (u_long)old->tv_sec) {
1895 calc_time = ((u_long)now.tv_sec - (u_long)old->tv_sec) * 1000;
1896 if ((u_long)now.tv_usec > (u_long)old->tv_usec) {
1897 calc_time += (((u_long)now.tv_usec -
1898 (u_long)old->tv_usec)/1000);
1899 } else if ((u_long)now.tv_usec < (u_long)old->tv_usec) {
1900 /* Borrow 1,000ms from current calculation */
1901 calc_time -= 1000;
1902 /* Add in the slop over */
1903 calc_time += ((int)now.tv_usec/1000);
1904 /* Add in the pre-second ms's */
1905 calc_time += (((int)1000000 - (int)old->tv_usec)/1000);
1906 }
1907 } else if ((u_long)now.tv_sec == (u_long)old->tv_sec) {
1908 if ((u_long)now.tv_usec > (u_long)old->tv_usec) {
1909 calc_time = ((u_long)now.tv_usec -
1910 (u_long)old->tv_usec)/1000;
1911 } else if ((u_long)now.tv_usec < (u_long)old->tv_usec) {
1912 /* impossible .. garbage in nothing out */
1913 return (((net->lastsa >> 2) + net->lastsv) >> 1);
1914 } else {
1915 /* impossible .. garbage in nothing out */
1916 return (((net->lastsa >> 2) + net->lastsv) >> 1);
1917 }
1918 } else {
1919 /* Clock wrapped? */
1920 return (((net->lastsa >> 2) + net->lastsv) >> 1);
1921 }
1922 /***************************/
1923 /* 2. update RTTVAR & SRTT */
1924 /***************************/
1925 #if 0
1926 /* if (net->lastsv || net->lastsa) {*/
1927 /* per Section 5.3.1 C3 in SCTP */
1928 /* net->lastsv = (int) *//* RTTVAR */
1929 /* (((double)(1.0 - 0.25) * (double)net->lastsv) +
1930 (double)(0.25 * (double)abs(net->lastsa - calc_time)));
1931 net->lastsa = (int) */ /* SRTT */
1932 /*(((double)(1.0 - 0.125) * (double)net->lastsa) +
1933 (double)(0.125 * (double)calc_time));
1934 } else {
1935 *//* the first RTT calculation, per C2 Section 5.3.1 */
1936 /* net->lastsa = calc_time; *//* SRTT */
1937 /* net->lastsv = calc_time / 2; *//* RTTVAR */
1938 /* }*/
1939 /* if RTTVAR goes to 0 you set to clock grainularity */
1940 /* if (net->lastsv == 0) {
1941 net->lastsv = SCTP_CLOCK_GRANULARITY;
1942 }
1943 new_rto = net->lastsa + 4 * net->lastsv;
1944 */
1945 #endif
1946 o_calctime = calc_time;
1947 /* this is Van Jacobson's integer version */
1948 if (net->RTO) {
1949 calc_time -= (net->lastsa >> 3);
1950 net->lastsa += calc_time;
1951 if (calc_time < 0) {
1952 calc_time = -calc_time;
1953 }
1954 calc_time -= (net->lastsv >> 2);
1955 net->lastsv += calc_time;
1956 if (net->lastsv == 0) {
1957 net->lastsv = SCTP_CLOCK_GRANULARITY;
1958 }
1959 } else {
1960 /* First RTO measurment */
1961 net->lastsa = calc_time;
1962 net->lastsv = calc_time >> 1;
1963 first_measure = 1;
1964 }
1965 new_rto = ((net->lastsa >> 2) + net->lastsv) >> 1;
1966 if ((new_rto > SCTP_SAT_NETWORK_MIN) &&
1967 (stcb->asoc.sat_network_lockout == 0)) {
1968 stcb->asoc.sat_network = 1;
1969 } else if ((!first_measure) && stcb->asoc.sat_network) {
1970 stcb->asoc.sat_network = 0;
1971 stcb->asoc.sat_network_lockout = 1;
1972 }
1973 /* bound it, per C6/C7 in Section 5.3.1 */
1974 if (new_rto < stcb->asoc.minrto) {
1975 new_rto = stcb->asoc.minrto;
1976 }
1977 if (new_rto > stcb->asoc.maxrto) {
1978 new_rto = stcb->asoc.maxrto;
1979 }
1980 /* we are now returning the RTT Smoothed */
1981 return ((u_int32_t)new_rto);
1982 }
1983
1984
1985 /*
1986 * return a pointer to a contiguous piece of data from the given
1987 * mbuf chain starting at 'off' for 'len' bytes. If the desired
1988 * piece spans more than one mbuf, a copy is made at 'ptr'.
1989 * caller must ensure that the buffer size is >= 'len'
1990 * returns NULL if there there isn't 'len' bytes in the chain.
1991 */
1992 caddr_t
1993 sctp_m_getptr(struct mbuf *m, int off, int len, u_int8_t *in_ptr)
1994 {
1995 uint32_t count;
1996 uint8_t *ptr;
1997 ptr = in_ptr;
1998 if ((off < 0) || (len <= 0))
1999 return (NULL);
2000
2001 /* find the desired start location */
2002 while ((m != NULL) && (off > 0)) {
2003 if (off < m->m_len)
2004 break;
2005 off -= m->m_len;
2006 m = m->m_next;
2007 }
2008 if (m == NULL)
2009 return (NULL);
2010
2011 /* is the current mbuf large enough (eg. contiguous)? */
2012 if ((m->m_len - off) >= len) {
2013 return (mtod(m, caddr_t) + off);
2014 } else {
2015 /* else, it spans more than one mbuf, so save a temp copy... */
2016 while ((m != NULL) && (len > 0)) {
2017 count = min(m->m_len - off, len);
2018 bcopy(mtod(m, caddr_t) + off, ptr, count);
2019 len -= count;
2020 ptr += count;
2021 off = 0;
2022 m = m->m_next;
2023 }
2024 if ((m == NULL) && (len > 0))
2025 return (NULL);
2026 else
2027 return ((caddr_t)in_ptr);
2028 }
2029 }
2030
2031
2032 struct sctp_paramhdr *
2033 sctp_get_next_param(struct mbuf *m,
2034 int offset,
2035 struct sctp_paramhdr *pull,
2036 int pull_limit)
2037 {
2038 /* This just provides a typed signature to Peter's Pull routine */
2039 return ((struct sctp_paramhdr *)sctp_m_getptr(m, offset, pull_limit,
2040 (u_int8_t *)pull));
2041 }
2042
2043
2044 int
2045 sctp_add_pad_tombuf(struct mbuf *m, int padlen)
2046 {
2047 /*
2048 * add padlen bytes of 0 filled padding to the end of the mbuf.
2049 * If padlen is > 3 this routine will fail.
2050 */
2051 u_int8_t *dp;
2052 int i;
2053 if (padlen > 3) {
2054 return (ENOBUFS);
2055 }
2056 if (M_TRAILINGSPACE(m)) {
2057 /*
2058 * The easy way.
2059 * We hope the majority of the time we hit here :)
2060 */
2061 dp = (u_int8_t *)(mtod(m, caddr_t) + m->m_len);
2062 m->m_len += padlen;
2063 } else {
2064 /* Hard way we must grow the mbuf */
2065 struct mbuf *tmp;
2066 MGET(tmp, MB_DONTWAIT, MT_DATA);
2067 if (tmp == NULL) {
2068 /* Out of space GAK! we are in big trouble. */
2069 return (ENOSPC);
2070 }
2071 /* setup and insert in middle */
2072 tmp->m_next = m->m_next;
2073 tmp->m_len = padlen;
2074 m->m_next = tmp;
2075 dp = mtod(tmp, u_int8_t *);
2076 }
2077 /* zero out the pad */
2078 for (i= 0; i < padlen; i++) {
2079 *dp = 0;
2080 dp++;
2081 }
2082 return (0);
2083 }
2084
2085 int
2086 sctp_pad_lastmbuf(struct mbuf *m, int padval)
2087 {
2088 /* find the last mbuf in chain and pad it */
2089 struct mbuf *m_at;
2090 m_at = m;
2091 while (m_at) {
2092 if (m_at->m_next == NULL) {
2093 return (sctp_add_pad_tombuf(m_at, padval));
2094 }
2095 m_at = m_at->m_next;
2096 }
2097 return (EFAULT);
2098 }
2099
2100 static void
2101 sctp_notify_assoc_change(u_int32_t event, struct sctp_tcb *stcb,
2102 u_int32_t error)
2103 {
2104 struct mbuf *m_notify;
2105 struct sctp_assoc_change *sac;
2106 struct sockaddr *to;
2107 struct sockaddr_in6 sin6, lsa6;
2108
2109 /*
2110 * First if we are are going down dump everything we
2111 * can to the socket rcv queue.
2112 */
2113 if ((event == SCTP_SHUTDOWN_COMP) || (event == SCTP_COMM_LOST)) {
2114 sctp_deliver_data(stcb, &stcb->asoc, NULL, 0);
2115 }
2116
2117 /*
2118 * For TCP model AND UDP connected sockets we will send
2119 * an error up when an ABORT comes in.
2120 */
2121 if (((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) ||
2122 (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL)) &&
2123 (event == SCTP_COMM_LOST)) {
2124 stcb->sctp_socket->so_error = ECONNRESET;
2125 /* Wake ANY sleepers */
2126 sowwakeup(stcb->sctp_socket);
2127 sorwakeup(stcb->sctp_socket);
2128 }
2129 #if 0
2130 if ((event == SCTP_COMM_UP) &&
2131 (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) &&
2132 (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_CONNECTED)) {
2133 soisconnected(stcb->sctp_socket);
2134 }
2135 #endif
2136 if (!(stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_RECVASSOCEVNT)) {
2137 /* event not enabled */
2138 return;
2139 }
2140 MGETHDR(m_notify, MB_DONTWAIT, MT_DATA);
2141 if (m_notify == NULL)
2142 /* no space left */
2143 return;
2144 m_notify->m_len = 0;
2145
2146 sac = mtod(m_notify, struct sctp_assoc_change *);
2147 sac->sac_type = SCTP_ASSOC_CHANGE;
2148 sac->sac_flags = 0;
2149 sac->sac_length = sizeof(struct sctp_assoc_change);
2150 sac->sac_state = event;
2151 sac->sac_error = error;
2152 /* XXX verify these stream counts */
2153 sac->sac_outbound_streams = stcb->asoc.streamoutcnt;
2154 sac->sac_inbound_streams = stcb->asoc.streamincnt;
2155 sac->sac_assoc_id = sctp_get_associd(stcb);
2156
2157 m_notify->m_flags |= M_EOR | M_NOTIFICATION;
2158 m_notify->m_pkthdr.len = sizeof(struct sctp_assoc_change);
2159 m_notify->m_pkthdr.rcvif = 0;
2160 m_notify->m_len = sizeof(struct sctp_assoc_change);
2161 m_notify->m_next = NULL;
2162
2163 /* append to socket */
2164 to = (struct sockaddr *)&stcb->asoc.primary_destination->ro._l_addr;
2165 if ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_NEEDS_MAPPED_V4) &&
2166 to->sa_family == AF_INET) {
2167 struct sockaddr_in *sin;
2168
2169 sin = (struct sockaddr_in *)to;
2170 bzero(&sin6, sizeof(sin6));
2171 sin6.sin6_family = AF_INET6;
2172 sin6.sin6_len = sizeof(struct sockaddr_in6);
2173 sin6.sin6_addr.s6_addr16[2] = 0xffff;
2174 bcopy(&sin->sin_addr, &sin6.sin6_addr.s6_addr16[3],
2175 sizeof(sin6.sin6_addr.s6_addr16[3]));
2176 sin6.sin6_port = sin->sin_port;
2177 to = (struct sockaddr *)&sin6;
2178 }
2179 /* check and strip embedded scope junk */
2180 to = (struct sockaddr *)sctp_recover_scope((struct sockaddr_in6 *)to,
2181 &lsa6);
2182 /*
2183 * We need to always notify comm changes.
2184 * if (sctp_sbspace(&stcb->sctp_socket->so_rcv) < m_notify->m_len) {
2185 * sctp_m_freem(m_notify);
2186 * return;
2187 * }
2188 */
2189 SCTP_TCB_UNLOCK(stcb);
2190 SCTP_INP_WLOCK(stcb->sctp_ep);
2191 SCTP_TCB_LOCK(stcb);
2192 lwkt_gettoken(&stcb->sctp_socket->so_rcv.ssb_token);
2193 if (!sctp_sbappendaddr_nocheck(&stcb->sctp_socket->so_rcv,
2194 to, m_notify, NULL, stcb->asoc.my_vtag, stcb->sctp_ep)) {
2195 /* not enough room */
2196 sctp_m_freem(m_notify);
2197 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2198 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2199 return;
2200 }
2201 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2202 if (((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL) == 0) &&
2203 ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) == 0)){
2204 if (sctp_add_to_socket_q(stcb->sctp_ep, stcb)) {
2205 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2206 }
2207 } else {
2208 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2209 }
2210 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2211 /* Wake up any sleeper */
2212 sctp_sorwakeup(stcb->sctp_ep, stcb->sctp_socket);
2213 sctp_sowwakeup(stcb->sctp_ep, stcb->sctp_socket);
2214 }
2215
2216 static void
2217 sctp_notify_peer_addr_change(struct sctp_tcb *stcb, uint32_t state,
2218 struct sockaddr *sa, uint32_t error)
2219 {
2220 struct mbuf *m_notify;
2221 struct sctp_paddr_change *spc;
2222 struct sockaddr *to;
2223 struct sockaddr_in6 sin6, lsa6;
2224
2225 if (!(stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_RECVPADDREVNT))
2226 /* event not enabled */
2227 return;
2228
2229 MGETHDR(m_notify, MB_DONTWAIT, MT_DATA);
2230 if (m_notify == NULL)
2231 return;
2232 m_notify->m_len = 0;
2233
2234 MCLGET(m_notify, MB_DONTWAIT);
2235 if ((m_notify->m_flags & M_EXT) != M_EXT) {
2236 sctp_m_freem(m_notify);
2237 return;
2238 }
2239
2240 spc = mtod(m_notify, struct sctp_paddr_change *);
2241 spc->spc_type = SCTP_PEER_ADDR_CHANGE;
2242 spc->spc_flags = 0;
2243 spc->spc_length = sizeof(struct sctp_paddr_change);
2244 if (sa->sa_family == AF_INET) {
2245 memcpy(&spc->spc_aaddr, sa, sizeof(struct sockaddr_in));
2246 } else {
2247 memcpy(&spc->spc_aaddr, sa, sizeof(struct sockaddr_in6));
2248 }
2249 spc->spc_state = state;
2250 spc->spc_error = error;
2251 spc->spc_assoc_id = sctp_get_associd(stcb);
2252
2253 m_notify->m_flags |= M_EOR | M_NOTIFICATION;
2254 m_notify->m_pkthdr.len = sizeof(struct sctp_paddr_change);
2255 m_notify->m_pkthdr.rcvif = 0;
2256 m_notify->m_len = sizeof(struct sctp_paddr_change);
2257 m_notify->m_next = NULL;
2258
2259 to = (struct sockaddr *)(struct sockaddr *)
2260 &stcb->asoc.primary_destination->ro._l_addr;
2261 if ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_NEEDS_MAPPED_V4) &&
2262 to->sa_family == AF_INET) {
2263 struct sockaddr_in *sin;
2264
2265 sin = (struct sockaddr_in *)to;
2266 bzero(&sin6, sizeof(sin6));
2267 sin6.sin6_family = AF_INET6;
2268 sin6.sin6_len = sizeof(struct sockaddr_in6);
2269 sin6.sin6_addr.s6_addr16[2] = 0xffff;
2270 bcopy(&sin->sin_addr, &sin6.sin6_addr.s6_addr16[3],
2271 sizeof(sin6.sin6_addr.s6_addr16[3]));
2272 sin6.sin6_port = sin->sin_port;
2273 to = (struct sockaddr *)&sin6;
2274 }
2275 /* check and strip embedded scope junk */
2276 to = (struct sockaddr *)sctp_recover_scope((struct sockaddr_in6 *)to,
2277 &lsa6);
2278
2279 if (sctp_sbspace(&stcb->sctp_socket->so_rcv) < m_notify->m_len) {
2280 sctp_m_freem(m_notify);
2281 return;
2282 }
2283 /* append to socket */
2284 SCTP_TCB_UNLOCK(stcb);
2285 SCTP_INP_WLOCK(stcb->sctp_ep);
2286 SCTP_TCB_LOCK(stcb);
2287 lwkt_gettoken(&stcb->sctp_socket->so_rcv.ssb_token);
2288 if (!sctp_sbappendaddr_nocheck(&stcb->sctp_socket->so_rcv, to,
2289 m_notify, NULL, stcb->asoc.my_vtag, stcb->sctp_ep)) {
2290 /* not enough room */
2291 sctp_m_freem(m_notify);
2292 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2293 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2294 return;
2295 }
2296 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2297 if (((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL) == 0) &&
2298 ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) == 0)){
2299 if (sctp_add_to_socket_q(stcb->sctp_ep, stcb)) {
2300 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2301 }
2302 } else {
2303 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2304 }
2305 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2306 sctp_sorwakeup(stcb->sctp_ep, stcb->sctp_socket);
2307 }
2308
2309
2310 static void
2311 sctp_notify_send_failed(struct sctp_tcb *stcb, u_int32_t error,
2312 struct sctp_tmit_chunk *chk)
2313 {
2314 struct mbuf *m_notify;
2315 struct sctp_send_failed *ssf;
2316 struct sockaddr_in6 sin6, lsa6;
2317 struct sockaddr *to;
2318 int length;
2319
2320 if (!(stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_RECVSENDFAILEVNT))
2321 /* event not enabled */
2322 return;
2323
2324 length = sizeof(struct sctp_send_failed) + chk->send_size;
2325 MGETHDR(m_notify, MB_DONTWAIT, MT_DATA);
2326 if (m_notify == NULL)
2327 /* no space left */
2328 return;
2329 m_notify->m_len = 0;
2330 ssf = mtod(m_notify, struct sctp_send_failed *);
2331 ssf->ssf_type = SCTP_SEND_FAILED;
2332 if (error == SCTP_NOTIFY_DATAGRAM_UNSENT)
2333 ssf->ssf_flags = SCTP_DATA_UNSENT;
2334 else
2335 ssf->ssf_flags = SCTP_DATA_SENT;
2336 ssf->ssf_length = length;
2337 ssf->ssf_error = error;
2338 /* not exactly what the user sent in, but should be close :) */
2339 ssf->ssf_info.sinfo_stream = chk->rec.data.stream_number;
2340 ssf->ssf_info.sinfo_ssn = chk->rec.data.stream_seq;
2341 ssf->ssf_info.sinfo_flags = chk->rec.data.rcv_flags;
2342 ssf->ssf_info.sinfo_ppid = chk->rec.data.payloadtype;
2343 ssf->ssf_info.sinfo_context = chk->rec.data.context;
2344 ssf->ssf_info.sinfo_assoc_id = sctp_get_associd(stcb);
2345 ssf->ssf_assoc_id = sctp_get_associd(stcb);
2346 m_notify->m_next = chk->data;
2347 if (m_notify->m_next == NULL)
2348 m_notify->m_flags |= M_EOR | M_NOTIFICATION;
2349 else {
2350 struct mbuf *m;
2351 m_notify->m_flags |= M_NOTIFICATION;
2352 m = m_notify;
2353 while (m->m_next != NULL)
2354 m = m->m_next;
2355 m->m_flags |= M_EOR;
2356 }
2357 m_notify->m_pkthdr.len = length;
2358 m_notify->m_pkthdr.rcvif = 0;
2359 m_notify->m_len = sizeof(struct sctp_send_failed);
2360
2361 /* Steal off the mbuf */
2362 chk->data = NULL;
2363 to = (struct sockaddr *)(struct sockaddr *)&stcb->asoc.primary_destination->ro._l_addr;
2364 if ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_NEEDS_MAPPED_V4) &&
2365 to->sa_family == AF_INET) {
2366 struct sockaddr_in *sin;
2367
2368 sin = (struct sockaddr_in *)to;
2369 bzero(&sin6, sizeof(sin6));
2370 sin6.sin6_family = AF_INET6;
2371 sin6.sin6_len = sizeof(struct sockaddr_in6);
2372 sin6.sin6_addr.s6_addr16[2] = 0xffff;
2373 bcopy(&sin->sin_addr, &sin6.sin6_addr.s6_addr16[3],
2374 sizeof(sin6.sin6_addr.s6_addr16[3]));
2375 sin6.sin6_port = sin->sin_port;
2376 to = (struct sockaddr *)&sin6;
2377 }
2378 /* check and strip embedded scope junk */
2379 to = (struct sockaddr *)sctp_recover_scope((struct sockaddr_in6 *)to,
2380 &lsa6);
2381
2382 if (sctp_sbspace(&stcb->sctp_socket->so_rcv) < m_notify->m_len) {
2383 sctp_m_freem(m_notify);
2384 return;
2385 }
2386
2387 /* append to socket */
2388 SCTP_TCB_UNLOCK(stcb);
2389 SCTP_INP_WLOCK(stcb->sctp_ep);
2390 SCTP_TCB_LOCK(stcb);
2391 lwkt_gettoken(&stcb->sctp_socket->so_rcv.ssb_token);
2392 if (!sctp_sbappendaddr_nocheck(&stcb->sctp_socket->so_rcv, to,
2393 m_notify, NULL, stcb->asoc.my_vtag, stcb->sctp_ep)) {
2394 /* not enough room */
2395 sctp_m_freem(m_notify);
2396 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2397 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2398 return;
2399 }
2400 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2401 if (((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL) == 0) &&
2402 ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) == 0)){
2403 if (sctp_add_to_socket_q(stcb->sctp_ep, stcb)) {
2404 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2405 }
2406 } else {
2407 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2408 }
2409 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2410 sctp_sorwakeup(stcb->sctp_ep, stcb->sctp_socket);
2411 }
2412
2413 static void
2414 sctp_notify_adaption_layer(struct sctp_tcb *stcb,
2415 u_int32_t error)
2416 {
2417 struct mbuf *m_notify;
2418 struct sctp_adaption_event *sai;
2419 struct sockaddr_in6 sin6, lsa6;
2420 struct sockaddr *to;
2421
2422 if (!(stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_ADAPTIONEVNT))
2423 /* event not enabled */
2424 return;
2425
2426 MGETHDR(m_notify, MB_DONTWAIT, MT_DATA);
2427 if (m_notify == NULL)
2428 /* no space left */
2429 return;
2430 m_notify->m_len = 0;
2431 sai = mtod(m_notify, struct sctp_adaption_event *);
2432 sai->sai_type = SCTP_ADAPTION_INDICATION;
2433 sai->sai_flags = 0;
2434 sai->sai_length = sizeof(struct sctp_adaption_event);
2435 sai->sai_adaption_ind = error;
2436 sai->sai_assoc_id = sctp_get_associd(stcb);
2437
2438 m_notify->m_flags |= M_EOR | M_NOTIFICATION;
2439 m_notify->m_pkthdr.len = sizeof(struct sctp_adaption_event);
2440 m_notify->m_pkthdr.rcvif = 0;
2441 m_notify->m_len = sizeof(struct sctp_adaption_event);
2442 m_notify->m_next = NULL;
2443
2444 to = (struct sockaddr *)(struct sockaddr *)&stcb->asoc.primary_destination->ro._l_addr;
2445 if ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_NEEDS_MAPPED_V4) &&
2446 (to->sa_family == AF_INET)) {
2447 struct sockaddr_in *sin;
2448
2449 sin = (struct sockaddr_in *)to;
2450 bzero(&sin6, sizeof(sin6));
2451 sin6.sin6_family = AF_INET6;
2452 sin6.sin6_len = sizeof(struct sockaddr_in6);
2453 sin6.sin6_addr.s6_addr16[2] = 0xffff;
2454 bcopy(&sin->sin_addr, &sin6.sin6_addr.s6_addr16[3],
2455 sizeof(sin6.sin6_addr.s6_addr16[3]));
2456 sin6.sin6_port = sin->sin_port;
2457 to = (struct sockaddr *)&sin6;
2458 }
2459 /* check and strip embedded scope junk */
2460 to = (struct sockaddr *)sctp_recover_scope((struct sockaddr_in6 *)to,
2461 &lsa6);
2462 if (sctp_sbspace(&stcb->sctp_socket->so_rcv) < m_notify->m_len) {
2463 sctp_m_freem(m_notify);
2464 return;
2465 }
2466 /* append to socket */
2467 SCTP_TCB_UNLOCK(stcb);
2468 SCTP_INP_WLOCK(stcb->sctp_ep);
2469 SCTP_TCB_LOCK(stcb);
2470 lwkt_gettoken(&stcb->sctp_socket->so_rcv.ssb_token);
2471 if (!sctp_sbappendaddr_nocheck(&stcb->sctp_socket->so_rcv, to,
2472 m_notify, NULL, stcb->asoc.my_vtag, stcb->sctp_ep)) {
2473 /* not enough room */
2474 sctp_m_freem(m_notify);
2475 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2476 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2477 return;
2478 }
2479 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2480 if (((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL) == 0) &&
2481 ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) == 0)){
2482 if (sctp_add_to_socket_q(stcb->sctp_ep, stcb)) {
2483 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2484 }
2485 } else {
2486 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2487 }
2488 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2489 sctp_sorwakeup(stcb->sctp_ep, stcb->sctp_socket);
2490 }
2491
2492 static void
2493 sctp_notify_partial_delivery_indication(struct sctp_tcb *stcb,
2494 u_int32_t error)
2495 {
2496 struct mbuf *m_notify;
2497 struct sctp_pdapi_event *pdapi;
2498 struct sockaddr_in6 sin6, lsa6;
2499 struct sockaddr *to;
2500
2501 if (!(stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_PDAPIEVNT))
2502 /* event not enabled */
2503 return;
2504
2505 MGETHDR(m_notify, MB_DONTWAIT, MT_DATA);
2506 if (m_notify == NULL)
2507 /* no space left */
2508 return;
2509 m_notify->m_len = 0;
2510 pdapi = mtod(m_notify, struct sctp_pdapi_event *);
2511 pdapi->pdapi_type = SCTP_PARTIAL_DELIVERY_EVENT;
2512 pdapi->pdapi_flags = 0;
2513 pdapi->pdapi_length = sizeof(struct sctp_pdapi_event);
2514 pdapi->pdapi_indication = error;
2515 pdapi->pdapi_assoc_id = sctp_get_associd(stcb);
2516
2517 m_notify->m_flags |= M_EOR | M_NOTIFICATION;
2518 m_notify->m_pkthdr.len = sizeof(struct sctp_pdapi_event);
2519 m_notify->m_pkthdr.rcvif = 0;
2520 m_notify->m_len = sizeof(struct sctp_pdapi_event);
2521 m_notify->m_next = NULL;
2522
2523 to = (struct sockaddr *)(struct sockaddr *)&stcb->asoc.primary_destination->ro._l_addr;
2524 if ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_NEEDS_MAPPED_V4) &&
2525 (to->sa_family == AF_INET)) {
2526 struct sockaddr_in *sin;
2527
2528 sin = (struct sockaddr_in *)to;
2529 bzero(&sin6, sizeof(sin6));
2530 sin6.sin6_family = AF_INET6;
2531 sin6.sin6_len = sizeof(struct sockaddr_in6);
2532 sin6.sin6_addr.s6_addr16[2] = 0xffff;
2533 bcopy(&sin->sin_addr, &sin6.sin6_addr.s6_addr16[3],
2534 sizeof(sin6.sin6_addr.s6_addr16[3]));
2535 sin6.sin6_port = sin->sin_port;
2536 to = (struct sockaddr *)&sin6;
2537 }
2538 /* check and strip embedded scope junk */
2539 to = (struct sockaddr *)sctp_recover_scope((struct sockaddr_in6 *)to,
2540 &lsa6);
2541 if (sctp_sbspace(&stcb->sctp_socket->so_rcv) < m_notify->m_len) {
2542 sctp_m_freem(m_notify);
2543 return;
2544 }
2545 /* append to socket */
2546 SCTP_TCB_UNLOCK(stcb);
2547 SCTP_INP_WLOCK(stcb->sctp_ep);
2548 SCTP_TCB_LOCK(stcb);
2549 lwkt_gettoken(&stcb->sctp_socket->so_rcv.ssb_token);
2550 if (!sctp_sbappendaddr_nocheck(&stcb->sctp_socket->so_rcv, to,
2551 m_notify, NULL, stcb->asoc.my_vtag, stcb->sctp_ep)) {
2552 /* not enough room */
2553 sctp_m_freem(m_notify);
2554 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2555 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2556 return;
2557 }
2558 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2559 if (((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL) == 0) &&
2560 ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) == 0)){
2561 if (sctp_add_to_socket_q(stcb->sctp_ep, stcb)) {
2562 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2563 }
2564 } else {
2565 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2566 }
2567 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2568 sctp_sorwakeup(stcb->sctp_ep, stcb->sctp_socket);
2569 }
2570
2571 static void
2572 sctp_notify_shutdown_event(struct sctp_tcb *stcb)
2573 {
2574 struct mbuf *m_notify;
2575 struct sctp_shutdown_event *sse;
2576 struct sockaddr_in6 sin6, lsa6;
2577 struct sockaddr *to;
2578
2579 /*
2580 * For TCP model AND UDP connected sockets we will send
2581 * an error up when an SHUTDOWN completes
2582 */
2583 if ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) ||
2584 (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL)) {
2585 /* mark socket closed for read/write and wakeup! */
2586 socantrcvmore(stcb->sctp_socket);
2587 socantsendmore(stcb->sctp_socket);
2588 }
2589
2590 if (!(stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_RECVSHUTDOWNEVNT))
2591 /* event not enabled */
2592 return;
2593
2594 MGETHDR(m_notify, MB_DONTWAIT, MT_DATA);
2595 if (m_notify == NULL)
2596 /* no space left */
2597 return;
2598 m_notify->m_len = 0;
2599 sse = mtod(m_notify, struct sctp_shutdown_event *);
2600 sse->sse_type = SCTP_SHUTDOWN_EVENT;
2601 sse->sse_flags = 0;
2602 sse->sse_length = sizeof(struct sctp_shutdown_event);
2603 sse->sse_assoc_id = sctp_get_associd(stcb);
2604
2605 m_notify->m_flags |= M_EOR | M_NOTIFICATION;
2606 m_notify->m_pkthdr.len = sizeof(struct sctp_shutdown_event);
2607 m_notify->m_pkthdr.rcvif = 0;
2608 m_notify->m_len = sizeof(struct sctp_shutdown_event);
2609 m_notify->m_next = NULL;
2610
2611 to = (struct sockaddr *)(struct sockaddr *)&stcb->asoc.primary_destination->ro._l_addr;
2612 if ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_NEEDS_MAPPED_V4) &&
2613 to->sa_family == AF_INET) {
2614 struct sockaddr_in *sin;
2615
2616 sin = (struct sockaddr_in *)to;
2617 bzero(&sin6, sizeof(sin6));
2618 sin6.sin6_family = AF_INET6;
2619 sin6.sin6_len = sizeof(struct sockaddr_in6);
2620 sin6.sin6_addr.s6_addr16[2] = 0xffff;
2621 bcopy(&sin->sin_addr, &sin6.sin6_addr.s6_addr16[3],
2622 sizeof(sin6.sin6_addr.s6_addr16[3]));
2623 sin6.sin6_port = sin->sin_port;
2624 to = (struct sockaddr *)&sin6;
2625 }
2626 /* check and strip embedded scope junk */
2627 to = (struct sockaddr *)sctp_recover_scope((struct sockaddr_in6 *)to,
2628 &lsa6);
2629 if (sctp_sbspace(&stcb->sctp_socket->so_rcv) < m_notify->m_len) {
2630 sctp_m_freem(m_notify);
2631 return;
2632 }
2633 /* append to socket */
2634 SCTP_TCB_UNLOCK(stcb);
2635 SCTP_INP_WLOCK(stcb->sctp_ep);
2636 SCTP_TCB_LOCK(stcb);
2637 lwkt_gettoken(&stcb->sctp_socket->so_rcv.ssb_token);
2638 if (!sctp_sbappendaddr_nocheck(&stcb->sctp_socket->so_rcv, to,
2639 m_notify, NULL, stcb->asoc.my_vtag, stcb->sctp_ep)) {
2640 /* not enough room */
2641 sctp_m_freem(m_notify);
2642 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2643 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2644 return;
2645 }
2646 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2647 if (((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL) == 0) &&
2648 ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) == 0)){
2649 if (sctp_add_to_socket_q(stcb->sctp_ep, stcb)) {
2650 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2651 }
2652 } else {
2653 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2654 }
2655 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2656 sctp_sorwakeup(stcb->sctp_ep, stcb->sctp_socket);
2657 }
2658
2659 static void
2660 sctp_notify_stream_reset(struct sctp_tcb *stcb,
2661 int number_entries, uint16_t *list, int flag)
2662 {
2663 struct mbuf *m_notify;
2664 struct sctp_stream_reset_event *strreset;
2665 struct sockaddr_in6 sin6, lsa6;
2666 struct sockaddr *to;
2667 int len;
2668
2669 if (!(stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_STREAM_RESETEVNT))
2670 /* event not enabled */
2671 return;
2672
2673 MGETHDR(m_notify, MB_DONTWAIT, MT_DATA);
2674 if (m_notify == NULL)
2675 /* no space left */
2676 return;
2677 m_notify->m_len = 0;
2678 len = sizeof(struct sctp_stream_reset_event) + (number_entries * sizeof(uint16_t));
2679 if (len > M_TRAILINGSPACE(m_notify)) {
2680 MCLGET(m_notify, MB_WAIT);
2681 }
2682 if (m_notify == NULL)
2683 /* no clusters */
2684 return;
2685
2686 if (len > M_TRAILINGSPACE(m_notify)) {
2687 /* never enough room */
2688 m_freem(m_notify);
2689 return;
2690 }
2691 strreset = mtod(m_notify, struct sctp_stream_reset_event *);
2692 strreset->strreset_type = SCTP_STREAM_RESET_EVENT;
2693 if (number_entries == 0) {
2694 strreset->strreset_flags = flag | SCTP_STRRESET_ALL_STREAMS;
2695 } else {
2696 strreset->strreset_flags = flag | SCTP_STRRESET_STREAM_LIST;
2697 }
2698 strreset->strreset_length = len;
2699 strreset->strreset_assoc_id = sctp_get_associd(stcb);
2700 if (number_entries) {
2701 int i;
2702 for (i=0; i<number_entries; i++) {
2703 strreset->strreset_list[i] = list[i];
2704 }
2705 }
2706 m_notify->m_flags |= M_EOR | M_NOTIFICATION;
2707 m_notify->m_pkthdr.len = len;
2708 m_notify->m_pkthdr.rcvif = 0;
2709 m_notify->m_len = len;
2710 m_notify->m_next = NULL;
2711 if (sctp_sbspace(&stcb->sctp_socket->so_rcv) < m_notify->m_len) {
2712 /* no space */
2713 sctp_m_freem(m_notify);
2714 return;
2715 }
2716 to = (struct sockaddr *)(struct sockaddr *)&stcb->asoc.primary_destination->ro._l_addr;
2717 if ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_NEEDS_MAPPED_V4) &&
2718 to->sa_family == AF_INET) {
2719 struct sockaddr_in *sin;
2720
2721 sin = (struct sockaddr_in *)to;
2722 bzero(&sin6, sizeof(sin6));
2723 sin6.sin6_family = AF_INET6;
2724 sin6.sin6_len = sizeof(struct sockaddr_in6);
2725 sin6.sin6_addr.s6_addr16[2] = 0xffff;
2726 bcopy(&sin->sin_addr, &sin6.sin6_addr.s6_addr16[3],
2727 sizeof(sin6.sin6_addr.s6_addr16[3]));
2728 sin6.sin6_port = sin->sin_port;
2729 to = (struct sockaddr *)&sin6;
2730 }
2731 /* check and strip embedded scope junk */
2732 to = (struct sockaddr *)sctp_recover_scope((struct sockaddr_in6 *)to,
2733 &lsa6);
2734 /* append to socket */
2735 SCTP_TCB_UNLOCK(stcb);
2736 SCTP_INP_WLOCK(stcb->sctp_ep);
2737 SCTP_TCB_LOCK(stcb);
2738 lwkt_gettoken(&stcb->sctp_socket->so_rcv.ssb_token);
2739 if (!sctp_sbappendaddr_nocheck(&stcb->sctp_socket->so_rcv, to,
2740 m_notify, NULL, stcb->asoc.my_vtag, stcb->sctp_ep)) {
2741 /* not enough room */
2742 sctp_m_freem(m_notify);
2743 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2744 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2745 return;
2746 }
2747 lwkt_reltoken(&stcb->sctp_socket->so_rcv.ssb_token);
2748 if (((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL) == 0) &&
2749 ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) == 0)){
2750 if (sctp_add_to_socket_q(stcb->sctp_ep, stcb)) {
2751 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2752 }
2753 } else {
2754 stcb->asoc.my_rwnd_control_len += sizeof(struct mbuf);
2755 }
2756 SCTP_INP_WUNLOCK(stcb->sctp_ep);
2757 sctp_sorwakeup(stcb->sctp_ep, stcb->sctp_socket);
2758 }
2759
2760
2761 void
2762 sctp_ulp_notify(u_int32_t notification, struct sctp_tcb *stcb,
2763 u_int32_t error, void *data)
2764 {
2765 if (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_SOCKET_GONE) {
2766 /* No notifications up when we are in a no socket state */
2767 return;
2768 }
2769 if (stcb->asoc.state & SCTP_STATE_CLOSED_SOCKET) {
2770 /* Can't send up to a closed socket any notifications */
2771 return;
2772 }
2773 switch (notification) {
2774 case SCTP_NOTIFY_ASSOC_UP:
2775 sctp_notify_assoc_change(SCTP_COMM_UP, stcb, error);
2776 break;
2777 case SCTP_NOTIFY_ASSOC_DOWN:
2778 sctp_notify_assoc_change(SCTP_SHUTDOWN_COMP, stcb, error);
2779 break;
2780 case SCTP_NOTIFY_INTERFACE_DOWN:
2781 {
2782 struct sctp_nets *net;
2783 net = (struct sctp_nets *)data;
2784 sctp_notify_peer_addr_change(stcb, SCTP_ADDR_UNREACHABLE,
2785 (struct sockaddr *)&net->ro._l_addr, error);
2786 break;
2787 }
2788 case SCTP_NOTIFY_INTERFACE_UP:
2789 {
2790 struct sctp_nets *net;
2791 net = (struct sctp_nets *)data;
2792 sctp_notify_peer_addr_change(stcb, SCTP_ADDR_AVAILABLE,
2793 (struct sockaddr *)&net->ro._l_addr, error);
2794 break;
2795 }
2796 case SCTP_NOTIFY_INTERFACE_CONFIRMED:
2797 {
2798 struct sctp_nets *net;
2799 net = (struct sctp_nets *)data;
2800 sctp_notify_peer_addr_change(stcb, SCTP_ADDR_CONFIRMED,
2801 (struct sockaddr *)&net->ro._l_addr, error);
2802 break;
2803 }
2804 case SCTP_NOTIFY_DG_FAIL:
2805 sctp_notify_send_failed(stcb, error,
2806 (struct sctp_tmit_chunk *)data);
2807 break;
2808 case SCTP_NOTIFY_ADAPTION_INDICATION:
2809 /* Here the error is the adaption indication */
2810 sctp_notify_adaption_layer(stcb, error);
2811 break;
2812 case SCTP_NOTIFY_PARTIAL_DELVIERY_INDICATION:
2813 sctp_notify_partial_delivery_indication(stcb, error);
2814 break;
2815 case SCTP_NOTIFY_STRDATA_ERR:
2816 break;
2817 case SCTP_NOTIFY_ASSOC_ABORTED:
2818 sctp_notify_assoc_change(SCTP_COMM_LOST, stcb, error);
2819 break;
2820 case SCTP_NOTIFY_PEER_OPENED_STREAM:
2821 break;
2822 case SCTP_NOTIFY_STREAM_OPENED_OK:
2823 break;
2824 case SCTP_NOTIFY_ASSOC_RESTART:
2825 sctp_notify_assoc_change(SCTP_RESTART, stcb, error);
2826 break;
2827 case SCTP_NOTIFY_HB_RESP:
2828 break;
2829 case SCTP_NOTIFY_STR_RESET_SEND:
2830 sctp_notify_stream_reset(stcb, error, ((uint16_t *)data), SCTP_STRRESET_OUTBOUND_STR);
2831 break;
2832 case SCTP_NOTIFY_STR_RESET_RECV:
2833 sctp_notify_stream_reset(stcb, error, ((uint16_t *)data), SCTP_STRRESET_INBOUND_STR);
2834 break;
2835 case SCTP_NOTIFY_ASCONF_ADD_IP:
2836 sctp_notify_peer_addr_change(stcb, SCTP_ADDR_ADDED, data,
2837 error);
2838 break;
2839 case SCTP_NOTIFY_ASCONF_DELETE_IP:
2840 sctp_notify_peer_addr_change(stcb, SCTP_ADDR_REMOVED, data,
2841 error);
2842 break;
2843 case SCTP_NOTIFY_ASCONF_SET_PRIMARY:
2844 sctp_notify_peer_addr_change(stcb, SCTP_ADDR_MADE_PRIM, data,
2845 error);
2846 break;
2847 case SCTP_NOTIFY_ASCONF_SUCCESS:
2848 break;
2849 case SCTP_NOTIFY_ASCONF_FAILED:
2850 break;
2851 case SCTP_NOTIFY_PEER_SHUTDOWN:
2852 sctp_notify_shutdown_event(stcb);
2853 break;
2854 default:
2855 #ifdef SCTP_DEBUG
2856 if (sctp_debug_on & SCTP_DEBUG_UTIL1) {
2857 kprintf("NOTIFY: unknown notification %xh (%u)\n",
2858 notification, notification);
2859 }
2860 #endif /* SCTP_DEBUG */
2861 break;
2862 } /* end switch */
2863 }
2864
2865 void
2866 sctp_report_all_outbound(struct sctp_tcb *stcb)
2867 {
2868 struct sctp_association *asoc;
2869 struct sctp_stream_out *outs;
2870 struct sctp_tmit_chunk *chk;
2871
2872 asoc = &stcb->asoc;
2873
2874 if (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_SOCKET_GONE) {
2875 return;
2876 }
2877 /* now through all the gunk freeing chunks */
2878 TAILQ_FOREACH(outs, &asoc->out_wheel, next_spoke) {
2879 /* now clean up any chunks here */
2880 chk = TAILQ_FIRST(&outs->outqueue);
2881 while (chk) {
2882 stcb->asoc.stream_queue_cnt--;
2883 TAILQ_REMOVE(&outs->outqueue, chk, sctp_next);
2884 sctp_ulp_notify(SCTP_NOTIFY_DG_FAIL, stcb,
2885 SCTP_NOTIFY_DATAGRAM_UNSENT, chk);
2886 if (chk->data) {
2887 sctp_m_freem(chk->data);
2888 chk->data = NULL;
2889 }
2890 if (chk->whoTo)
2891 sctp_free_remote_addr(chk->whoTo);
2892 chk->whoTo = NULL;
2893 chk->asoc = NULL;
2894 /* Free the chunk */
2895 SCTP_ZONE_FREE(sctppcbinfo.ipi_zone_chunk, chk);
2896 sctppcbinfo.ipi_count_chunk--;
2897 if ((int)sctppcbinfo.ipi_count_chunk < 0) {
2898 panic("Chunk count is negative");
2899 }
2900 sctppcbinfo.ipi_gencnt_chunk++;
2901 chk = TAILQ_FIRST(&outs->outqueue);
2902 }
2903 }
2904 /* pending send queue SHOULD be empty */
2905 if (!TAILQ_EMPTY(&asoc->send_queue)) {
2906 chk = TAILQ_FIRST(&asoc->send_queue);
2907 while (chk) {
2908 TAILQ_REMOVE(&asoc->send_queue, chk, sctp_next);
2909 sctp_ulp_notify(SCTP_NOTIFY_DG_FAIL, stcb, SCTP_NOTIFY_DATAGRAM_UNSENT, chk);
2910 if (chk->data) {
2911 sctp_m_freem(chk->data);
2912 chk->data = NULL;
2913 }
2914 if (chk->whoTo)
2915 sctp_free_remote_addr(chk->whoTo);
2916 chk->whoTo = NULL;
2917 SCTP_ZONE_FREE(sctppcbinfo.ipi_zone_chunk, chk);
2918 sctppcbinfo.ipi_count_chunk--;
2919 if ((int)sctppcbinfo.ipi_count_chunk < 0) {
2920 panic("Chunk count is negative");
2921 }
2922 sctppcbinfo.ipi_gencnt_chunk++;
2923 chk = TAILQ_FIRST(&asoc->send_queue);
2924 }
2925 }
2926 /* sent queue SHOULD be empty */
2927 if (!TAILQ_EMPTY(&asoc->sent_queue)) {
2928 chk = TAILQ_FIRST(&asoc->sent_queue);
2929 while (chk) {
2930 TAILQ_REMOVE(&asoc->sent_queue, chk, sctp_next);
2931 sctp_ulp_notify(SCTP_NOTIFY_DG_FAIL, stcb,
2932 SCTP_NOTIFY_DATAGRAM_SENT, chk);
2933 if (chk->data) {
2934 sctp_m_freem(chk->data);
2935 chk->data = NULL;
2936 }
2937 if (chk->whoTo)
2938 sctp_free_remote_addr(chk->whoTo);
2939 chk->whoTo = NULL;
2940 SCTP_ZONE_FREE(sctppcbinfo.ipi_zone_chunk, chk);
2941 sctppcbinfo.ipi_count_chunk--;
2942 if ((int)sctppcbinfo.ipi_count_chunk < 0) {
2943 panic("Chunk count is negative");
2944 }
2945 sctppcbinfo.ipi_gencnt_chunk++;
2946 chk = TAILQ_FIRST(&asoc->sent_queue);
2947 }
2948 }
2949 }
2950
2951 void
2952 sctp_abort_notification(struct sctp_tcb *stcb, int error)
2953 {
2954
2955 if (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_SOCKET_GONE) {
2956 return;
2957 }
2958 /* Tell them we lost the asoc */
2959 sctp_report_all_outbound(stcb);
2960 sctp_ulp_notify(SCTP_NOTIFY_ASSOC_ABORTED, stcb, error, NULL);
2961 }
2962
2963 void
2964 sctp_abort_association(struct sctp_inpcb *inp, struct sctp_tcb *stcb,
2965 struct mbuf *m, int iphlen, struct sctphdr *sh, struct mbuf *op_err)
2966 {
2967 u_int32_t vtag;
2968
2969 vtag = 0;
2970 if (stcb != NULL) {
2971 /* We have a TCB to abort, send notification too */
2972 vtag = stcb->asoc.peer_vtag;
2973 sctp_abort_notification(stcb, 0);
2974 }
2975 sctp_send_abort(m, iphlen, sh, vtag, op_err);
2976 if (stcb != NULL) {
2977 /* Ok, now lets free it */
2978 sctp_free_assoc(inp, stcb);
2979 } else {
2980 if (inp->sctp_flags & SCTP_PCB_FLAGS_SOCKET_GONE) {
2981 if (LIST_FIRST(&inp->sctp_asoc_list) == NULL) {
2982 sctp_inpcb_free(inp, 1);
2983 }
2984 }
2985 }
2986 }
2987
2988 void
2989 sctp_abort_an_association(struct sctp_inpcb *inp, struct sctp_tcb *stcb,
2990 int error, struct mbuf *op_err)
2991 {
2992 u_int32_t vtag;
2993
2994 if (stcb == NULL) {
2995 /* Got to have a TCB */
2996 if (inp->sctp_flags & SCTP_PCB_FLAGS_SOCKET_GONE) {
2997 if (LIST_FIRST(&inp->sctp_asoc_list) == NULL) {
2998 sctp_inpcb_free(inp, 1);
2999 }
3000 }
3001 return;
3002 }
3003 vtag = stcb->asoc.peer_vtag;
3004 /* notify the ulp */
3005 if ((inp->sctp_flags & SCTP_PCB_FLAGS_SOCKET_GONE) == 0)
3006 sctp_abort_notification(stcb, error);
3007 /* notify the peer */
3008 sctp_send_abort_tcb(stcb, op_err);
3009 /* now free the asoc */
3010 sctp_free_assoc(inp, stcb);
3011 }
3012
3013 void
3014 sctp_handle_ootb(struct mbuf *m, int iphlen, int offset, struct sctphdr *sh,
3015 struct sctp_inpcb *inp, struct mbuf *op_err)
3016 {
3017 struct sctp_chunkhdr *ch, chunk_buf;
3018 unsigned int chk_length;
3019
3020 /* Generate a TO address for future reference */
3021 if (inp && (inp->sctp_flags & SCTP_PCB_FLAGS_SOCKET_GONE)) {
3022 if (LIST_FIRST(&inp->sctp_asoc_list) == NULL) {
3023 sctp_inpcb_free(inp, 1);
3024 }
3025 }
3026 ch = (struct sctp_chunkhdr *)sctp_m_getptr(m, offset,
3027 sizeof(*ch), (u_int8_t *)&chunk_buf);
3028 while (ch != NULL) {
3029 chk_length = ntohs(ch->chunk_length);
3030 if (chk_length < sizeof(*ch)) {
3031 /* break to abort land */
3032 break;
3033 }
3034 switch (ch->chunk_type) {
3035 case SCTP_PACKET_DROPPED:
3036 /* we don't respond to pkt-dropped */
3037 return;
3038 case SCTP_ABORT_ASSOCIATION:
3039 /* we don't respond with an ABORT to an ABORT */
3040 return;
3041 case SCTP_SHUTDOWN_COMPLETE:
3042 /*
3043 * we ignore it since we are not waiting for it
3044 * and peer is gone
3045 */
3046 return;
3047 case SCTP_SHUTDOWN_ACK:
3048 sctp_send_shutdown_complete2(m, iphlen, sh);
3049 return;
3050 default:
3051 break;
3052 }
3053 offset += SCTP_SIZE32(chk_length);
3054 ch = (struct sctp_chunkhdr *)sctp_m_getptr(m, offset,
3055 sizeof(*ch), (u_int8_t *)&chunk_buf);
3056 }
3057 sctp_send_abort(m, iphlen, sh, 0, op_err);
3058 }
3059
3060 /*
3061 * check the inbound datagram to make sure there is not an abort
3062 * inside it, if there is return 1, else return 0.
3063 */
3064 int
3065 sctp_is_there_an_abort_here(struct mbuf *m, int iphlen, int *vtagfill)
3066 {
3067 struct sctp_chunkhdr *ch;
3068 struct sctp_init_chunk *init_chk, chunk_buf;
3069 int offset;
3070 unsigned int chk_length;
3071
3072 offset = iphlen + sizeof(struct sctphdr);
3073 ch = (struct sctp_chunkhdr *)sctp_m_getptr(m, offset, sizeof(*ch),
3074 (u_int8_t *)&chunk_buf);
3075 while (ch != NULL) {
3076 chk_length = ntohs(ch->chunk_length);
3077 if (chk_length < sizeof(*ch)) {
3078 /* packet is probably corrupt */
3079 break;
3080 }
3081 /* we seem to be ok, is it an abort? */
3082 if (ch->chunk_type == SCTP_ABORT_ASSOCIATION) {
3083 /* yep, tell them */
3084 return (1);
3085 }
3086 if (ch->chunk_type == SCTP_INITIATION) {
3087 /* need to update the Vtag */
3088 init_chk = (struct sctp_init_chunk *)sctp_m_getptr(m,
3089 offset, sizeof(*init_chk), (u_int8_t *)&chunk_buf);
3090 if (init_chk != NULL) {
3091 *vtagfill = ntohl(init_chk->init.initiate_tag);
3092 }
3093 }
3094 /* Nope, move to the next chunk */
3095 offset += SCTP_SIZE32(chk_length);
3096 ch = (struct sctp_chunkhdr *)sctp_m_getptr(m, offset,
3097 sizeof(*ch), (u_int8_t *)&chunk_buf);
3098 }
3099 return (0);
3100 }
3101
3102 /*
3103 * currently (2/02), ifa_addr embeds scope_id's and don't
3104 * have sin6_scope_id set (i.e. it's 0)
3105 * so, create this function to compare link local scopes
3106 */
3107 uint32_t
3108 sctp_is_same_scope(struct sockaddr_in6 *addr1, struct sockaddr_in6 *addr2)
3109 {
3110 struct sockaddr_in6 a, b;
3111
3112 /* save copies */
3113 a = *addr1;
3114 b = *addr2;
3115
3116 if (a.sin6_scope_id == 0)
3117 if (in6_recoverscope(&a, &a.sin6_addr, NULL)) {
3118 /* can't get scope, so can't match */
3119 return (0);
3120 }
3121 if (b.sin6_scope_id == 0)
3122 if (in6_recoverscope(&b, &b.sin6_addr, NULL)) {
3123 /* can't get scope, so can't match */
3124 return (0);
3125 }
3126 if (a.sin6_scope_id != b.sin6_scope_id)
3127 return (0);
3128
3129 return (1);
3130 }
3131
3132 /*
3133 * returns a sockaddr_in6 with embedded scope recovered and removed
3134 */
3135 struct sockaddr_in6 *
3136 sctp_recover_scope(struct sockaddr_in6 *addr, struct sockaddr_in6 *store)
3137 {
3138
3139 /* check and strip embedded scope junk */
3140 if (addr->sin6_family == AF_INET6) {
3141 if (IN6_IS_SCOPE_LINKLOCAL(&addr->sin6_addr)) {
3142 if (addr->sin6_scope_id == 0) {
3143 *store = *addr;
3144 if (!in6_recoverscope(store, &store->sin6_addr,
3145 NULL)) {
3146 /* use the recovered scope */
3147 addr = store;
3148 }
3149 /* else, return the original "to" addr */
3150 }
3151 }
3152 }
3153 return (addr);
3154 }
3155
3156 /*
3157 * are the two addresses the same? currently a "scopeless" check
3158 * returns: 1 if same, 0 if not
3159 */
3160 int
3161 sctp_cmpaddr(struct sockaddr *sa1, struct sockaddr *sa2)
3162 {
3163
3164 /* must be valid */
3165 if (sa1 == NULL || sa2 == NULL)
3166 return (0);
3167
3168 /* must be the same family */
3169 if (sa1->sa_family != sa2->sa_family)
3170 return (0);
3171
3172 if (sa1->sa_family == AF_INET6) {
3173 /* IPv6 addresses */
3174 struct sockaddr_in6 *sin6_1, *sin6_2;
3175
3176 sin6_1 = (struct sockaddr_in6 *)sa1;
3177 sin6_2 = (struct sockaddr_in6 *)sa2;
3178 return (SCTP6_ARE_ADDR_EQUAL(&sin6_1->sin6_addr,
3179 &sin6_2->sin6_addr));
3180 } else if (sa1->sa_family == AF_INET) {
3181 /* IPv4 addresses */
3182 struct sockaddr_in *sin_1, *sin_2;
3183
3184 sin_1 = (struct sockaddr_in *)sa1;
3185 sin_2 = (struct sockaddr_in *)sa2;
3186 return (sin_1->sin_addr.s_addr == sin_2->sin_addr.s_addr);
3187 } else {
3188 /* we don't do these... */
3189 return (0);
3190 }
3191 }
3192
3193 void
3194 sctp_print_address(struct sockaddr *sa)
3195 {
3196
3197 if (sa->sa_family == AF_INET6) {
3198 struct sockaddr_in6 *sin6;
3199 sin6 = (struct sockaddr_in6 *)sa;
3200 kprintf("IPv6 address: %s:%d scope:%u\n",
3201 ip6_sprintf(&sin6->sin6_addr), ntohs(sin6->sin6_port),
3202 sin6->sin6_scope_id);
3203 } else if (sa->sa_family == AF_INET) {
3204 struct sockaddr_in *sin;
3205 sin = (struct sockaddr_in *)sa;
3206 kprintf("IPv4 address: %s:%d\n", inet_ntoa(sin->sin_addr),
3207 ntohs(sin->sin_port));
3208 } else {
3209 kprintf("?\n");
3210 }
3211 }
3212
3213 void
3214 sctp_print_address_pkt(struct ip *iph, struct sctphdr *sh)
3215 {
3216 if (iph->ip_v == IPVERSION) {
3217 struct sockaddr_in lsa, fsa;
3218
3219 bzero(&lsa, sizeof(lsa));
3220 lsa.sin_len = sizeof(lsa);
3221 lsa.sin_family = AF_INET;
3222 lsa.sin_addr = iph->ip_src;
3223 lsa.sin_port = sh->src_port;
3224 bzero(&fsa, sizeof(fsa));
3225 fsa.sin_len = sizeof(fsa);
3226 fsa.sin_family = AF_INET;
3227 fsa.sin_addr = iph->ip_dst;
3228 fsa.sin_port = sh->dest_port;
3229 kprintf("src: ");
3230 sctp_print_address((struct sockaddr *)&lsa);
3231 kprintf("dest: ");
3232 sctp_print_address((struct sockaddr *)&fsa);
3233 } else if (iph->ip_v == (IPV6_VERSION >> 4)) {
3234 struct ip6_hdr *ip6;
3235 struct sockaddr_in6 lsa6, fsa6;
3236
3237 ip6 = (struct ip6_hdr *)iph;
3238 bzero(&lsa6, sizeof(lsa6));
3239 lsa6.sin6_len = sizeof(lsa6);
3240 lsa6.sin6_family = AF_INET6;
3241 lsa6.sin6_addr = ip6->ip6_src;
3242 lsa6.sin6_port = sh->src_port;
3243 bzero(&fsa6, sizeof(fsa6));
3244 fsa6.sin6_len = sizeof(fsa6);
3245 fsa6.sin6_family = AF_INET6;
3246 fsa6.sin6_addr = ip6->ip6_dst;
3247 fsa6.sin6_port = sh->dest_port;
3248 kprintf("src: ");
3249 sctp_print_address((struct sockaddr *)&lsa6);
3250 kprintf("dest: ");
3251 sctp_print_address((struct sockaddr *)&fsa6);
3252 }
3253 }
3254
3255 #if defined(__FreeBSD__) || defined(__APPLE__)
3256
3257 /* cloned from uipc_socket.c */
3258
3259 #define SCTP_SBLINKRECORD(sb, m0) do { \
3260 if ((sb)->sb_lastrecord != NULL) \
3261 (sb)->sb_lastrecord->m_nextpkt = (m0); \
3262 else \
3263 (sb)->sb_mb = (m0); \
3264 (sb)->sb_lastrecord = (m0); \
3265 } while (/*CONSTCOND*/0)
3266 #endif
3267
3268
3269 int
3270 sctp_sbappendaddr_nocheck(struct signalsockbuf *ssb, struct sockaddr *asa, struct mbuf *m0,
3271 struct mbuf *control, u_int32_t tag,
3272 struct sctp_inpcb *inp)
3273 {
3274 struct mbuf *m, *n, *nlast;
3275 int cnt=0;
3276
3277 if (m0 && (m0->m_flags & M_PKTHDR) == 0)
3278 panic("sctp_sbappendaddr_nocheck");
3279
3280 for (n = control; n; n = n->m_next) {
3281 if (n->m_next == 0) /* get pointer to last control buf */
3282 break;
3283 }
3284 if (((inp->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) == 0) ||
3285 ((inp->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL)== 0)) {
3286 uint32_t len = asa->sa_len; /* workaround GCC stupidity */
3287 if (len > MHLEN)
3288 return (0);
3289 try_again:
3290 MGETHDR(m, MB_DONTWAIT, MT_SONAME);
3291 if (m == NULL)
3292 return (0);
3293 m->m_len = 0;
3294 /* safety */
3295 if (m == m0) {
3296 kprintf("Duplicate mbuf allocated %p in and mget returned %p?\n",
3297 m0, m);
3298 if (cnt) {
3299 panic("more than once");
3300 }
3301 cnt++;
3302 goto try_again;
3303 }
3304 m->m_len = asa->sa_len;
3305 bcopy((caddr_t)asa, mtod(m, caddr_t), asa->sa_len);
3306 }
3307 else {
3308 m = NULL;
3309 }
3310 if (n)
3311 n->m_next = m0; /* concatenate data to control */
3312 else
3313 control = m0;
3314 if (m)
3315 m->m_next = control;
3316 else
3317 m = control;
3318 m->m_pkthdr.csum_data = (int)tag;
3319
3320 SOCKBUF_LOCK(ssb);
3321 for (n = m; n; n = n->m_next)
3322 sballoc(&ssb->sb, n);
3323 nlast = n;
3324 if (ssb->ssb_mb == NULL) {
3325 inp->sctp_vtag_first = tag;
3326 }
3327 if ((n = ssb->ssb_mb) != NULL) {
3328 if ((n->m_nextpkt != inp->sb_last_mpkt) && (n->m_nextpkt == NULL)) {
3329 inp->sb_last_mpkt = NULL;
3330 }
3331 if (inp->sb_last_mpkt)
3332 inp->sb_last_mpkt->m_nextpkt = m;
3333 else {
3334 while (n->m_nextpkt) {
3335 n = n->m_nextpkt;
3336 }
3337 n->m_nextpkt = m;
3338 }
3339 inp->sb_last_mpkt = m;
3340 } else {
3341 inp->sb_last_mpkt = ssb->ssb_mb = m;
3342 inp->sctp_vtag_first = tag;
3343 }
3344 SOCKBUF_UNLOCK(ssb);
3345 return (1);
3346 }
3347
3348 /*************HOLD THIS COMMENT FOR PATCH FILE OF
3349 *************ALTERNATE ROUTING CODE
3350 */
3351
3352 /*************HOLD THIS COMMENT FOR END OF PATCH FILE OF
3353 *************ALTERNATE ROUTING CODE
3354 */
3355
3356 struct mbuf *
3357 sctp_generate_invmanparam(int err)
3358 {
3359 /* Return a MBUF with a invalid mandatory parameter */
3360 struct mbuf *m;
3361
3362 MGET(m, MB_DONTWAIT, MT_DATA);
3363 if (m) {
3364 struct sctp_paramhdr *ph;
3365 m->m_len = sizeof(struct sctp_paramhdr);
3366 ph = mtod(m, struct sctp_paramhdr *);
3367 ph->param_length = htons(sizeof(struct sctp_paramhdr));
3368 ph->param_type = htons(err);
3369 }
3370 return (m);
3371 }
3372
3373 static int
3374 sctp_should_be_moved(struct mbuf *this, struct sctp_association *asoc)
3375 {
3376 struct mbuf *m;
3377 /*
3378 * given a mbuf chain, look through it finding
3379 * the M_PKTHDR and return 1 if it belongs to
3380 * the association given. We tell this by
3381 * a kludge where we stuff the my_vtag of the asoc
3382 * into the m->m_pkthdr.csum_data/csum field.
3383 */
3384 m = this;
3385 while (m) {
3386 if (m->m_flags & M_PKTHDR) {
3387 /* check it */
3388 #if defined(__OpenBSD__)
3389 if ((u_int32_t)m->m_pkthdr.csum == asoc->my_vtag)
3390 #else
3391 if ((u_int32_t)m->m_pkthdr.csum_data == asoc->my_vtag)
3392 #endif
3393 {
3394 /* Yep */
3395 return (1);
3396 }
3397 }
3398 m = m->m_next;
3399 }
3400 return (0);
3401 }
3402
3403 u_int32_t
3404 sctp_get_first_vtag_from_sb(struct socket *so)
3405 {
3406 struct mbuf *this, *at;
3407 u_int32_t retval;
3408
3409 retval = 0;
3410 lwkt_gettoken(&so->so_rcv.ssb_token);
3411 if (so->so_rcv.ssb_mb) {
3412 /* grubbing time */
3413 this = so->so_rcv.ssb_mb;
3414 while (this) {
3415 at = this;
3416 /* get to the m_pkthdr */
3417 while (at) {
3418 if (at->m_flags & M_PKTHDR)
3419 break;
3420 else {
3421 at = at->m_next;
3422 }
3423 }
3424 /* now do we have a m_pkthdr */
3425 if (at && (at->m_flags & M_PKTHDR)) {
3426 /* check it */
3427 #if defined(__OpenBSD__)
3428 if ((u_int32_t)at->m_pkthdr.csum != 0)
3429 #else
3430 if ((u_int32_t)at->m_pkthdr.csum_data != 0)
3431 #endif
3432 {
3433 /* its the one */
3434 #if defined(__OpenBSD__)
3435 retval = (u_int32_t)at->m_pkthdr.csum;
3436 #else
3437 retval =
3438 (u_int32_t)at->m_pkthdr.csum_data;
3439 #endif
3440 break;
3441 }
3442 }
3443 this = this->m_nextpkt;
3444 }
3445
3446 }
3447 lwkt_reltoken(&so->so_rcv.ssb_token);
3448 return (retval);
3449
3450 }
3451 void
3452 sctp_grub_through_socket_buffer(struct sctp_inpcb *inp, struct socket *old,
3453 struct socket *new, struct sctp_tcb *stcb)
3454 {
3455 struct mbuf **put, **take, *next, *this;
3456 struct signalsockbuf *old_sb, *new_sb;
3457 struct sctp_association *asoc;
3458 int moved_top = 0;
3459
3460 asoc = &stcb->asoc;
3461 old_sb = &old->so_rcv;
3462 new_sb = &new->so_rcv;
3463 if (old_sb->ssb_mb == NULL) {
3464 /* Nothing to move */
3465 return;
3466 }
3467 SOCKBUF_LOCK(old_sb);
3468 SOCKBUF_LOCK(new_sb);
3469 lwkt_gettoken(&old_sb->ssb_token);
3470 lwkt_gettoken(&new_sb->ssb_token);
3471
3472 if (inp->sctp_vtag_first == asoc->my_vtag) {
3473 /* First one must be moved */
3474 struct mbuf *mm;
3475 for (mm = old_sb->ssb_mb; mm; mm = mm->m_next) {
3476 /*
3477 * Go down the chain and fix
3478 * the space allocation of the
3479 * two sockets.
3480 */
3481 sbfree(&old_sb->sb, mm);
3482 sballoc(&new_sb->sb, mm);
3483 }
3484 new_sb->ssb_mb = old_sb->ssb_mb;
3485 old_sb->ssb_mb = new_sb->ssb_mb->m_nextpkt;
3486 new_sb->ssb_mb->m_nextpkt = NULL;
3487 put = &new_sb->ssb_mb->m_nextpkt;
3488 moved_top = 1;
3489 } else {
3490 put = &new_sb->ssb_mb;
3491 }
3492
3493 take = &old_sb->ssb_mb;
3494 next = old_sb->ssb_mb;
3495 while (next) {
3496 this = next;
3497 /* postion for next one */
3498 next = this->m_nextpkt;
3499 /* check the tag of this packet */
3500 if (sctp_should_be_moved(this, asoc)) {
3501 /* yes this needs to be moved */
3502 struct mbuf *mm;
3503 *take = this->m_nextpkt;
3504 this->m_nextpkt = NULL;
3505 *put = this;
3506 for (mm = this; mm; mm = mm->m_next) {
3507 /*
3508 * Go down the chain and fix
3509 * the space allocation of the
3510 * two sockets.
3511 */
3512 sbfree(&old_sb->sb, mm);
3513 sballoc(&new_sb->sb, mm);
3514 }
3515 put = &this->m_nextpkt;
3516
3517 } else {
3518 /* no advance our take point. */
3519 take = &this->m_nextpkt;
3520 }
3521 }
3522 if (moved_top) {
3523 /*
3524 * Ok so now we must re-postion vtag_first to
3525 * match the new first one since we moved the
3526 * mbuf at the top.
3527 */
3528 inp->sctp_vtag_first = sctp_get_first_vtag_from_sb(old);
3529 }
3530 lwkt_reltoken(&new_sb->ssb_token);
3531 lwkt_reltoken(&old_sb->ssb_token);
3532 SOCKBUF_UNLOCK(old_sb);
3533 SOCKBUF_UNLOCK(new_sb);
3534 }
3535
3536 void
3537 sctp_free_bufspace(struct sctp_tcb *stcb, struct sctp_association *asoc,
3538 struct sctp_tmit_chunk *tp1)
3539 {
3540 if (tp1->data == NULL) {
3541 return;
3542 }
3543 #ifdef SCTP_MBCNT_LOGGING
3544 sctp_log_mbcnt(SCTP_LOG_MBCNT_DECREASE,
3545 asoc->total_output_queue_size,
3546 tp1->book_size,
3547 asoc->total_output_mbuf_queue_size,
3548 tp1->mbcnt);
3549 #endif
3550 if (asoc->total_output_queue_size >= tp1->book_size) {
3551 asoc->total_output_queue_size -= tp1->book_size;
3552 } else {
3553 asoc->total_output_queue_size = 0;
3554 }
3555
3556 /* Now free the mbuf */
3557 if (asoc->total_output_mbuf_queue_size >= tp1->mbcnt) {
3558 asoc->total_output_mbuf_queue_size -= tp1->mbcnt;
3559 } else {
3560 asoc->total_output_mbuf_queue_size = 0;
3561 }
3562 if ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) ||
3563 (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL)) {
3564 if (stcb->sctp_socket->so_snd.ssb_cc >= tp1->book_size) {
3565 stcb->sctp_socket->so_snd.ssb_cc -= tp1->book_size;
3566 } else {
3567 stcb->sctp_socket->so_snd.ssb_cc = 0;
3568
3569 }
3570 if (stcb->sctp_socket->so_snd.ssb_mbcnt >= tp1->mbcnt) {
3571 stcb->sctp_socket->so_snd.ssb_mbcnt -= tp1->mbcnt;
3572 } else {
3573 stcb->sctp_socket->so_snd.ssb_mbcnt = 0;
3574 }
3575 }
3576 }
3577
3578 int
3579 sctp_release_pr_sctp_chunk(struct sctp_tcb *stcb, struct sctp_tmit_chunk *tp1,
3580 int reason, struct sctpchunk_listhead *queue)
3581 {
3582 int ret_sz = 0;
3583 int notdone;
3584 uint8_t foundeom = 0;
3585
3586 do {
3587 ret_sz += tp1->book_size;
3588 tp1->sent = SCTP_FORWARD_TSN_SKIP;
3589 if (tp1->data) {
3590 sctp_free_bufspace(stcb, &stcb->asoc, tp1);
3591 sctp_ulp_notify(SCTP_NOTIFY_DG_FAIL, stcb, reason, tp1);
3592 sctp_m_freem(tp1->data);
3593 tp1->data = NULL;
3594 sctp_sowwakeup(stcb->sctp_ep, stcb->sctp_socket);
3595 }
3596 if (tp1->flags & SCTP_PR_SCTP_BUFFER) {
3597 stcb->asoc.sent_queue_cnt_removeable--;
3598 }
3599 if (queue == &stcb->asoc.send_queue) {
3600 TAILQ_REMOVE(&stcb->asoc.send_queue, tp1, sctp_next);
3601 /* on to the sent queue */
3602 TAILQ_INSERT_TAIL(&stcb->asoc.sent_queue, tp1,
3603 sctp_next);
3604 stcb->asoc.sent_queue_cnt++;
3605 }
3606 if ((tp1->rec.data.rcv_flags & SCTP_DATA_NOT_FRAG) ==
3607 SCTP_DATA_NOT_FRAG) {
3608 /* not frag'ed we ae done */
3609 notdone = 0;
3610 foundeom = 1;
3611 } else if (tp1->rec.data.rcv_flags & SCTP_DATA_LAST_FRAG) {
3612 /* end of frag, we are done */
3613 notdone = 0;
3614 foundeom = 1;
3615 } else {
3616 /* Its a begin or middle piece, we must mark all of it */
3617 notdone = 1;
3618 tp1 = TAILQ_NEXT(tp1, sctp_next);
3619 }
3620 } while (tp1 && notdone);
3621 if ((foundeom == 0) && (queue == &stcb->asoc.sent_queue)) {
3622 /*
3623 * The multi-part message was scattered
3624 * across the send and sent queue.
3625 */
3626 tp1 = TAILQ_FIRST(&stcb->asoc.send_queue);
3627 /*
3628 * recurse throught the send_queue too, starting at the
3629 * beginning.
3630 */
3631 if (tp1) {
3632 ret_sz += sctp_release_pr_sctp_chunk(stcb, tp1, reason,
3633 &stcb->asoc.send_queue);
3634 } else {
3635 kprintf("hmm, nothing on the send queue and no EOM?\n");
3636 }
3637 }
3638 return (ret_sz);
3639 }
3640
3641 /*
3642 * checks to see if the given address, sa, is one that is currently
3643 * known by the kernel
3644 * note: can't distinguish the same address on multiple interfaces and
3645 * doesn't handle multiple addresses with different zone/scope id's
3646 * note: ifa_ifwithaddr() compares the entire sockaddr struct
3647 */
3648 struct ifaddr *
3649 sctp_find_ifa_by_addr(struct sockaddr *sa)
3650 {
3651 struct ifnet *ifn;
3652
3653 /* go through all our known interfaces */
3654 TAILQ_FOREACH(ifn, &ifnet, if_list) {
3655 struct ifaddr_container *ifac;
3656
3657 /* go through each interface addresses */
3658 TAILQ_FOREACH(ifac, &ifn->if_addrheads[mycpuid], ifa_link) {
3659 struct ifaddr *ifa = ifac->ifa;
3660
3661 /* correct family? */
3662 if (ifa->ifa_addr->sa_family != sa->sa_family)
3663 continue;
3664
3665 #ifdef INET6
3666 if (ifa->ifa_addr->sa_family == AF_INET6) {
3667 /* IPv6 address */
3668 struct sockaddr_in6 *sin1, *sin2, sin6_tmp;
3669 sin1 = (struct sockaddr_in6 *)ifa->ifa_addr;
3670 if (IN6_IS_SCOPE_LINKLOCAL(&sin1->sin6_addr)) {
3671 /* create a copy and clear scope */
3672 memcpy(&sin6_tmp, sin1,
3673 sizeof(struct sockaddr_in6));
3674 sin1 = &sin6_tmp;
3675 in6_clearscope(&sin1->sin6_addr);
3676 }
3677 sin2 = (struct sockaddr_in6 *)sa;
3678 if (memcmp(&sin1->sin6_addr, &sin2->sin6_addr,
3679 sizeof(struct in6_addr)) == 0) {
3680 /* found it */
3681 return (ifa);
3682 }
3683 } else
3684 #endif
3685 if (ifa->ifa_addr->sa_family == AF_INET) {
3686 /* IPv4 address */
3687 struct sockaddr_in *sin1, *sin2;
3688 sin1 = (struct sockaddr_in *)ifa->ifa_addr;
3689 sin2 = (struct sockaddr_in *)sa;
3690 if (sin1->sin_addr.s_addr ==
3691 sin2->sin_addr.s_addr) {
3692 /* found it */
3693 return (ifa);
3694 }
3695 }
3696 /* else, not AF_INET or AF_INET6, so skip */
3697 } /* end foreach ifa */
3698 } /* end foreach ifn */
3699 /* not found! */
3700 return (NULL);
3701 }
3702
3703
3704 #ifdef __APPLE__
3705 /*
3706 * here we hack in a fix for Apple's m_copym for the case where the first mbuf
3707 * in the chain is a M_PKTHDR and the length is zero
3708 */
3709 static void
3710 sctp_pkthdr_fix(struct mbuf *m)
3711 {
3712 struct mbuf *m_nxt;
3713
3714 if ((m->m_flags & M_PKTHDR) == 0) {
3715 /* not a PKTHDR */
3716 return;
3717 }
3718
3719 if (m->m_len != 0) {
3720 /* not a zero length PKTHDR mbuf */
3721 return;
3722 }
3723
3724 /* let's move in a word into the first mbuf... yes, ugly! */
3725 m_nxt = m->m_next;
3726 if (m_nxt == NULL) {
3727 /* umm... not a very useful mbuf chain... */
3728 return;
3729 }
3730 if ((size_t)m_nxt->m_len > sizeof(long)) {
3731 /* move over a long */
3732 bcopy(mtod(m_nxt, caddr_t), mtod(m, caddr_t), sizeof(long));
3733 /* update mbuf data pointers and lengths */
3734 m->m_len += sizeof(long);
3735 m_nxt->m_data += sizeof(long);
3736 m_nxt->m_len -= sizeof(long);
3737 }
3738 }
3739
3740 inline struct mbuf *
3741 sctp_m_copym(struct mbuf *m, int off, int len, int wait)
3742 {
3743 sctp_pkthdr_fix(m);
3744 return (m_copym(m, off, len, wait));
3745 }
3746 #endif /* __APPLE__ */
DragonFly BSD