1. 24 11月, 2009 1 次提交
  2. 14 11月, 2009 1 次提交
    • V
      sctp: Set source addresses on the association before adding transports · 409b95af
      Vlad Yasevich 提交于
      Recent commit 8da645e1
      	sctp: Get rid of an extra routing lookup when adding a transport
      introduced a regression in the connection setup.  The behavior was
      
      different between IPv4 and IPv6.  IPv4 case ended up working because the
      route lookup routing returned a NULL route, which triggered another
      route lookup later in the output patch that succeeded.  In the IPv6 case,
      a valid route was returned for first call, but we could not find a valid
      source address at the time since the source addresses were not set on the
      association yet.  Thus resulted in a hung connection.
      
      The solution is to set the source addresses on the association prior to
      adding peers.
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      409b95af
  3. 05 9月, 2009 7 次提交
    • V
      sctp: Catch bogus stream sequence numbers · f1751c57
      Vlad Yasevich 提交于
      Since our TSN map is capable of holding at most a 4K chunk gap,
      there is no way that during this gap, a stream sequence number
      (unsigned short) can wrap such that the new number is smaller
      then the next expected one.  If such a case is encountered,
      this is a protocol violation.
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      f1751c57
    • V
      sctp: Failover transmitted list on transport delete · 31b02e15
      Vlad Yasevich 提交于
      Add-IP feature allows users to delete an active transport.  If that
      transport has chunks in flight, those chunks need to be moved to another
      transport or association may get into unrecoverable state.
      Reported-by: NRafael Laufer <rlaufer@cisco.com>
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      31b02e15
    • V
      sctp: Fix error count increments that were results of HEARTBEATS · b9f84786
      Vlad Yasevich 提交于
      SCTP RFC 4960 states that unacknowledged HEARTBEATS count as
      errors agains a given transport or endpoint.  As such, we
      should increment the error counts for only for unacknowledged
      HB, otherwise we detect failure too soon.  This goes for both
      the overall error count and the path error count.
      
      Now, there is a difference in how the detection is done
      between the two.  The path error detection is done after
      the increment, so to detect it properly, we actually need
      to exceed the path threshold.  The overall error detection
      is done _BEFORE_ the increment.  Thus to detect the failure,
      it's enough for the error count to match the threshold.
      This is why all the state functions use '>=' to detect failure,
      while path detection uses '>'.
      
      Thanks goes to Chunbo Luo <chunbo.luo@windriver.com> who first
      proposed patches to fix this issue and made me re-read the spec
      and the code to figure out how this cruft really works.
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      b9f84786
    • W
      sctp: fix check the chunk length of received HEARTBEAT-ACK chunk · dadb50cc
      Wei Yongjun 提交于
      The receiver of the HEARTBEAT should respond with a HEARTBEAT ACK
      that contains the Heartbeat Information field copied from the
      received HEARTBEAT chunk. So the received HEARTBEAT-ACK chunk
      must have a length of:
        sizeof(sctp_chunkhdr_t) + sizeof(sctp_sender_hb_info_t)
      
      A badly formatted HB-ACK chunk, it is possible that we may access
      invalid memory.  We should really make sure that the chunk format
      is what we expect, before attempting to touch the data.
      Signed-off-by: NWei Yongjun <yjwei@cn.fujitsu.com>
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      dadb50cc
    • W
      sctp: drop SHUTDOWN chunk if the TSN is less than the CTSN · a2f36eec
      Wei Yongjun 提交于
      If Cumulative TSN Ack field of SHUTDOWN chunk is less than the
      Cumulative TSN Ack Point then drop the SHUTDOWN chunk.
      Signed-off-by: NWei Yongjun <yjwei@cn.fujitsu.com>
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      a2f36eec
    • V
      sctp: Send user messages to the lower layer as one · 9c5c62be
      Vlad Yasevich 提交于
      Currenlty, sctp breaks up user messages into fragments and
      sends each fragment to the lower layer by itself.  This means
      that for each fragment we go all the way down the stack
      and back up.  This also discourages bundling of multiple
      fragments when they can fit into a sigle packet (ex: due
      to user setting a low fragmentation threashold).
      
      We introduce a new command SCTP_CMD_SND_MSG and hand the
      whole message down state machine.  The state machine and
      the side-effect parser will cork the queue, add all chunks
      from the message to the queue, and then un-cork the queue
      thus causing the chunks to get transmitted.
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      9c5c62be
    • V
      sctp: Disallow new connection on a closing socket · bec9640b
      Vlad Yasevich 提交于
      If a socket has a lot of association that are in the process of
      of being closed/aborted, it is possible for a remote to establish
      new associations during the time period that the old ones are shutting
      down.  If this was a result of a close() call, there will be no socket
      and will cause a memory leak.  We'll prevent this by setting the
      socket state to CLOSING and disallow new associations when in this state.
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      bec9640b
  4. 03 6月, 2009 2 次提交
  5. 03 3月, 2009 2 次提交
  6. 06 1月, 2009 1 次提交
  7. 26 12月, 2008 1 次提交
  8. 31 10月, 2008 1 次提交
  9. 30 10月, 2008 1 次提交
  10. 29 10月, 2008 1 次提交
  11. 23 10月, 2008 2 次提交
  12. 10 10月, 2008 3 次提交
  13. 01 10月, 2008 3 次提交
    • V
      sctp: enable cookie-echo retransmission transport switch · 96cd0d3d
      Vlad Yasevich 提交于
      This patch enables cookie-echo retransmission transport switch
      feature. If COOKIE-ECHO retransmission happens, it will be sent
      to the address other than the one last sent to.
      Signed-off-by: NGui Jianfeng <guijianfeng@cn.fujitsu.com>
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      96cd0d3d
    • W
      sctp: Fix the SNMP counter of SCTP_MIB_OUTOFBLUES · 8190f89d
      Wei Yongjun 提交于
      RFC3873 defined SCTP_MIB_OUTOFBLUES:
      
       sctpOutOfBlues OBJECT-TYPE
         SYNTAX         Counter32
         MAX-ACCESS     read-only
         STATUS         current
         DESCRIPTION
              "The number of out of the blue packets received by the host.
              An out of the blue packet is an SCTP packet correctly formed,
              including the proper checksum, but for which the receiver was
              unable to identify an appropriate association."
         REFERENCE
              "Section 8.4 in RFC2960 deals with the Out-Of-The-Blue
               (OOTB) packet definition and procedures."
      
      But OOTB packet INIT, INIT-ACK and SHUTDOWN-ACK(COOKIE-WAIT or
      COOKIE-ECHOED state) are not counted by SCTP_MIB_OUTOFBLUES.
      
      Case 1(INIT):
      
      Endpoint A               Endpoint B
      (CLOSED)                 (CLOSED)
      
       INIT     ---------->
                <----------    ABORT
      
      Case 2(INIT-ACK):
      
      Endpoint A               Endpoint B
      (CLOSED)                 (CLOSED)
      
       INIT-ACK  ---------->
                 <----------   ABORT
      
      Case 3(SHUTDOWN-ACK):
      
      Endpoint A               Endpoint B
      (CLOSED)                 (CLOSED)
      
                <----------    INIT
       SHUTDOWN-ACK  ---------->
                 <----------   SHUTDOWN-COMPLETE
      
      Case 4(SHUTDOWN-ACK):
      
      Endpoint A               Endpoint B
      (CLOSED)                 (COOKIE-ECHOED)
      
       SHUTDOWN-ACK  ---------->
                 <----------   SHUTDOWN-COMPLETE
      
      This patch fixed the problem.
      Signed-off-by: NWei Yongjun <yjwei@cn.fujitsu.com>
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      8190f89d
    • W
      sctp: Fix to start T5-shutdown-guard timer while enter SHUTDOWN-SENT state · 536428a9
      Wei Yongjun 提交于
      RFC 4960: Section 9.2
      The sender of the SHUTDOWN MAY also start an overall guard timer
      'T5-shutdown-guard' to bound the overall time for the shutdown
      sequence.  At the expiration of this timer, the sender SHOULD abort
      the association by sending an ABORT chunk.  If the 'T5-shutdown-
      guard' timer is used, it SHOULD be set to the recommended value of 5
      times 'RTO.Max'.
      
      The timer 'T5-shutdown-guard' is used to counter the overall time
      for shutdown sequence, and it's start by the sender of the SHUTDOWN.
      So timer 'T5-shutdown-guard' should be start when we send the first
      SHUTDOWN chunk and enter the SHUTDOWN-SENT state, not start when we
      receipt of the SHUTDOWN primitive and enter SHUTDOWN-PENDING state.
      
      If 'T5-shutdown-guard' timer is start at SHUTDOWN-PENDING state, the
      association may be ABORT while data is still transmitting.
      Signed-off-by: NWei Yongjun <yjwei@cn.fujitsu.com>
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      536428a9
  14. 30 9月, 2008 1 次提交
  15. 08 7月, 2008 1 次提交
  16. 20 6月, 2008 1 次提交
    • V
      sctp: Follow security requirement of responding with 1 packet · 2e3216cd
      Vlad Yasevich 提交于
      RFC 4960, Section 11.4. Protection of Non-SCTP-Capable Hosts
      
      When an SCTP stack receives a packet containing multiple control or
      DATA chunks and the processing of the packet requires the sending of
      multiple chunks in response, the sender of the response chunk(s) MUST
      NOT send more than one packet.  If bundling is supported, multiple
      response chunks that fit into a single packet MAY be bundled together
      into one single response packet.  If bundling is not supported, then
      the sender MUST NOT send more than one response chunk and MUST
      discard all other responses.  Note that this rule does NOT apply to a
      SACK chunk, since a SACK chunk is, in itself, a response to DATA and
      a SACK does not require a response of more DATA.
      
      We implement this by not servicing our outqueue until we reach the end
      of the packet.  This enables maximum bundling.  We also identify
      'response' chunks and make sure that we only send 1 packet when sending
      such chunks.
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      2e3216cd
  17. 13 4月, 2008 3 次提交
  18. 28 3月, 2008 1 次提交
  19. 24 3月, 2008 1 次提交
  20. 06 3月, 2008 1 次提交
  21. 01 3月, 2008 1 次提交
  22. 05 2月, 2008 2 次提交
    • V
      [SCTP]: Stop claiming that this is a "reference implementation" · 60c778b2
      Vlad Yasevich 提交于
      I was notified by Randy Stewart that lksctp claims to be
      "the reference implementation".  First of all, "the
      refrence implementation" was the original implementation
      of SCTP in usersapce written ty Randy and a few others.
      Second, after looking at the definiton of 'reference implementation',
      we don't really meet the requirements.
      Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      60c778b2
    • W
      [SCTP]: Fix kernel panic while received AUTH chunk while enabled auth · d2f19fa1
      Wei Yongjun 提交于
      If STCP is started while /proc/sys/net/sctp/auth_enable is set 0 and
      association is established between endpoints. Then if
      /proc/sys/net/sctp/auth_enable is set 1, a received AUTH chunk will
      cause kernel panic.
      
      Test as following:
      step 1: echo 0> /proc/sys/net/sctp/auth_enable
      step 2:
      
         SCTP client                  SCTP server
            INIT          --------->
                          <---------   INIT-ACK
            COOKIE-ECHO   --------->
                          <---------   COOKIE-ACK
      step 3:
          echo 1> /proc/sys/net/sctp/auth_enable
      step 4:
         SCTP client                  SCTP server
             AUTH        ----------->  Kernel Panic
      
      
      This patch fix this probleam to treat AUTH chunk as unknow chunk if peer 
      has initialized with no auth capable.
      
      > Sorry for the delay.  Was on vacation without net access.
      >
      > Wei Yongjun wrote:
      >>
      >>
      >> This patch fix this probleam to treat AUTH chunk as unknow chunk if 
      >> peer has initialized with no auth capable.
      >>
      >> Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
      >
      > Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com>
      >
      >>
      Signed-off-by: NWei Yongjun <yjwei@cn.fujitsu.com>
      Acked-by: NVlad Yasevich <vladislav.yasevich@hp.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d2f19fa1
  23. 03 2月, 2008 1 次提交
  24. 29 1月, 2008 1 次提交