1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0-or-later
2*4882a593Smuzhiyun /* SCTP kernel implementation
3*4882a593Smuzhiyun * Copyright (c) 1999-2000 Cisco, Inc.
4*4882a593Smuzhiyun * Copyright (c) 1999-2001 Motorola, Inc.
5*4882a593Smuzhiyun * Copyright (c) 2002 International Business Machines, Corp.
6*4882a593Smuzhiyun *
7*4882a593Smuzhiyun * This file is part of the SCTP kernel implementation
8*4882a593Smuzhiyun *
9*4882a593Smuzhiyun * These functions are the methods for accessing the SCTP inqueue.
10*4882a593Smuzhiyun *
11*4882a593Smuzhiyun * An SCTP inqueue is a queue into which you push SCTP packets
12*4882a593Smuzhiyun * (which might be bundles or fragments of chunks) and out of which you
13*4882a593Smuzhiyun * pop SCTP whole chunks.
14*4882a593Smuzhiyun *
15*4882a593Smuzhiyun * Please send any bug reports or fixes you make to the
16*4882a593Smuzhiyun * email address(es):
17*4882a593Smuzhiyun * lksctp developers <linux-sctp@vger.kernel.org>
18*4882a593Smuzhiyun *
19*4882a593Smuzhiyun * Written or modified by:
20*4882a593Smuzhiyun * La Monte H.P. Yarroll <piggy@acm.org>
21*4882a593Smuzhiyun * Karl Knutson <karl@athena.chicago.il.us>
22*4882a593Smuzhiyun */
23*4882a593Smuzhiyun
24*4882a593Smuzhiyun #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
25*4882a593Smuzhiyun
26*4882a593Smuzhiyun #include <net/sctp/sctp.h>
27*4882a593Smuzhiyun #include <net/sctp/sm.h>
28*4882a593Smuzhiyun #include <linux/interrupt.h>
29*4882a593Smuzhiyun #include <linux/slab.h>
30*4882a593Smuzhiyun
31*4882a593Smuzhiyun /* Initialize an SCTP inqueue. */
sctp_inq_init(struct sctp_inq * queue)32*4882a593Smuzhiyun void sctp_inq_init(struct sctp_inq *queue)
33*4882a593Smuzhiyun {
34*4882a593Smuzhiyun INIT_LIST_HEAD(&queue->in_chunk_list);
35*4882a593Smuzhiyun queue->in_progress = NULL;
36*4882a593Smuzhiyun
37*4882a593Smuzhiyun /* Create a task for delivering data. */
38*4882a593Smuzhiyun INIT_WORK(&queue->immediate, NULL);
39*4882a593Smuzhiyun }
40*4882a593Smuzhiyun
41*4882a593Smuzhiyun /* Release the memory associated with an SCTP inqueue. */
sctp_inq_free(struct sctp_inq * queue)42*4882a593Smuzhiyun void sctp_inq_free(struct sctp_inq *queue)
43*4882a593Smuzhiyun {
44*4882a593Smuzhiyun struct sctp_chunk *chunk, *tmp;
45*4882a593Smuzhiyun
46*4882a593Smuzhiyun /* Empty the queue. */
47*4882a593Smuzhiyun list_for_each_entry_safe(chunk, tmp, &queue->in_chunk_list, list) {
48*4882a593Smuzhiyun list_del_init(&chunk->list);
49*4882a593Smuzhiyun sctp_chunk_free(chunk);
50*4882a593Smuzhiyun }
51*4882a593Smuzhiyun
52*4882a593Smuzhiyun /* If there is a packet which is currently being worked on,
53*4882a593Smuzhiyun * free it as well.
54*4882a593Smuzhiyun */
55*4882a593Smuzhiyun if (queue->in_progress) {
56*4882a593Smuzhiyun sctp_chunk_free(queue->in_progress);
57*4882a593Smuzhiyun queue->in_progress = NULL;
58*4882a593Smuzhiyun }
59*4882a593Smuzhiyun }
60*4882a593Smuzhiyun
61*4882a593Smuzhiyun /* Put a new packet in an SCTP inqueue.
62*4882a593Smuzhiyun * We assume that packet->sctp_hdr is set and in host byte order.
63*4882a593Smuzhiyun */
sctp_inq_push(struct sctp_inq * q,struct sctp_chunk * chunk)64*4882a593Smuzhiyun void sctp_inq_push(struct sctp_inq *q, struct sctp_chunk *chunk)
65*4882a593Smuzhiyun {
66*4882a593Smuzhiyun /* Directly call the packet handling routine. */
67*4882a593Smuzhiyun if (chunk->rcvr->dead) {
68*4882a593Smuzhiyun sctp_chunk_free(chunk);
69*4882a593Smuzhiyun return;
70*4882a593Smuzhiyun }
71*4882a593Smuzhiyun
72*4882a593Smuzhiyun /* We are now calling this either from the soft interrupt
73*4882a593Smuzhiyun * or from the backlog processing.
74*4882a593Smuzhiyun * Eventually, we should clean up inqueue to not rely
75*4882a593Smuzhiyun * on the BH related data structures.
76*4882a593Smuzhiyun */
77*4882a593Smuzhiyun list_add_tail(&chunk->list, &q->in_chunk_list);
78*4882a593Smuzhiyun if (chunk->asoc)
79*4882a593Smuzhiyun chunk->asoc->stats.ipackets++;
80*4882a593Smuzhiyun q->immediate.func(&q->immediate);
81*4882a593Smuzhiyun }
82*4882a593Smuzhiyun
83*4882a593Smuzhiyun /* Peek at the next chunk on the inqeue. */
sctp_inq_peek(struct sctp_inq * queue)84*4882a593Smuzhiyun struct sctp_chunkhdr *sctp_inq_peek(struct sctp_inq *queue)
85*4882a593Smuzhiyun {
86*4882a593Smuzhiyun struct sctp_chunk *chunk;
87*4882a593Smuzhiyun struct sctp_chunkhdr *ch = NULL;
88*4882a593Smuzhiyun
89*4882a593Smuzhiyun chunk = queue->in_progress;
90*4882a593Smuzhiyun /* If there is no more chunks in this packet, say so */
91*4882a593Smuzhiyun if (chunk->singleton ||
92*4882a593Smuzhiyun chunk->end_of_packet ||
93*4882a593Smuzhiyun chunk->pdiscard)
94*4882a593Smuzhiyun return NULL;
95*4882a593Smuzhiyun
96*4882a593Smuzhiyun ch = (struct sctp_chunkhdr *)chunk->chunk_end;
97*4882a593Smuzhiyun
98*4882a593Smuzhiyun return ch;
99*4882a593Smuzhiyun }
100*4882a593Smuzhiyun
101*4882a593Smuzhiyun
102*4882a593Smuzhiyun /* Extract a chunk from an SCTP inqueue.
103*4882a593Smuzhiyun *
104*4882a593Smuzhiyun * WARNING: If you need to put the chunk on another queue, you need to
105*4882a593Smuzhiyun * make a shallow copy (clone) of it.
106*4882a593Smuzhiyun */
sctp_inq_pop(struct sctp_inq * queue)107*4882a593Smuzhiyun struct sctp_chunk *sctp_inq_pop(struct sctp_inq *queue)
108*4882a593Smuzhiyun {
109*4882a593Smuzhiyun struct sctp_chunk *chunk;
110*4882a593Smuzhiyun struct sctp_chunkhdr *ch = NULL;
111*4882a593Smuzhiyun
112*4882a593Smuzhiyun /* The assumption is that we are safe to process the chunks
113*4882a593Smuzhiyun * at this time.
114*4882a593Smuzhiyun */
115*4882a593Smuzhiyun
116*4882a593Smuzhiyun chunk = queue->in_progress;
117*4882a593Smuzhiyun if (chunk) {
118*4882a593Smuzhiyun /* There is a packet that we have been working on.
119*4882a593Smuzhiyun * Any post processing work to do before we move on?
120*4882a593Smuzhiyun */
121*4882a593Smuzhiyun if (chunk->singleton ||
122*4882a593Smuzhiyun chunk->end_of_packet ||
123*4882a593Smuzhiyun chunk->pdiscard) {
124*4882a593Smuzhiyun if (chunk->head_skb == chunk->skb) {
125*4882a593Smuzhiyun chunk->skb = skb_shinfo(chunk->skb)->frag_list;
126*4882a593Smuzhiyun goto new_skb;
127*4882a593Smuzhiyun }
128*4882a593Smuzhiyun if (chunk->skb->next) {
129*4882a593Smuzhiyun chunk->skb = chunk->skb->next;
130*4882a593Smuzhiyun goto new_skb;
131*4882a593Smuzhiyun }
132*4882a593Smuzhiyun
133*4882a593Smuzhiyun if (chunk->head_skb)
134*4882a593Smuzhiyun chunk->skb = chunk->head_skb;
135*4882a593Smuzhiyun sctp_chunk_free(chunk);
136*4882a593Smuzhiyun chunk = queue->in_progress = NULL;
137*4882a593Smuzhiyun } else {
138*4882a593Smuzhiyun /* Nothing to do. Next chunk in the packet, please. */
139*4882a593Smuzhiyun ch = (struct sctp_chunkhdr *)chunk->chunk_end;
140*4882a593Smuzhiyun /* Force chunk->skb->data to chunk->chunk_end. */
141*4882a593Smuzhiyun skb_pull(chunk->skb, chunk->chunk_end - chunk->skb->data);
142*4882a593Smuzhiyun /* We are guaranteed to pull a SCTP header. */
143*4882a593Smuzhiyun }
144*4882a593Smuzhiyun }
145*4882a593Smuzhiyun
146*4882a593Smuzhiyun /* Do we need to take the next packet out of the queue to process? */
147*4882a593Smuzhiyun if (!chunk) {
148*4882a593Smuzhiyun struct list_head *entry;
149*4882a593Smuzhiyun
150*4882a593Smuzhiyun next_chunk:
151*4882a593Smuzhiyun /* Is the queue empty? */
152*4882a593Smuzhiyun entry = sctp_list_dequeue(&queue->in_chunk_list);
153*4882a593Smuzhiyun if (!entry)
154*4882a593Smuzhiyun return NULL;
155*4882a593Smuzhiyun
156*4882a593Smuzhiyun chunk = list_entry(entry, struct sctp_chunk, list);
157*4882a593Smuzhiyun
158*4882a593Smuzhiyun if (skb_is_gso(chunk->skb) && skb_is_gso_sctp(chunk->skb)) {
159*4882a593Smuzhiyun /* GSO-marked skbs but without frags, handle
160*4882a593Smuzhiyun * them normally
161*4882a593Smuzhiyun */
162*4882a593Smuzhiyun if (skb_shinfo(chunk->skb)->frag_list)
163*4882a593Smuzhiyun chunk->head_skb = chunk->skb;
164*4882a593Smuzhiyun
165*4882a593Smuzhiyun /* skbs with "cover letter" */
166*4882a593Smuzhiyun if (chunk->head_skb && chunk->skb->data_len == chunk->skb->len)
167*4882a593Smuzhiyun chunk->skb = skb_shinfo(chunk->skb)->frag_list;
168*4882a593Smuzhiyun
169*4882a593Smuzhiyun if (WARN_ON(!chunk->skb)) {
170*4882a593Smuzhiyun __SCTP_INC_STATS(dev_net(chunk->skb->dev), SCTP_MIB_IN_PKT_DISCARDS);
171*4882a593Smuzhiyun sctp_chunk_free(chunk);
172*4882a593Smuzhiyun goto next_chunk;
173*4882a593Smuzhiyun }
174*4882a593Smuzhiyun }
175*4882a593Smuzhiyun
176*4882a593Smuzhiyun if (chunk->asoc)
177*4882a593Smuzhiyun sock_rps_save_rxhash(chunk->asoc->base.sk, chunk->skb);
178*4882a593Smuzhiyun
179*4882a593Smuzhiyun queue->in_progress = chunk;
180*4882a593Smuzhiyun
181*4882a593Smuzhiyun new_skb:
182*4882a593Smuzhiyun /* This is the first chunk in the packet. */
183*4882a593Smuzhiyun ch = (struct sctp_chunkhdr *)chunk->skb->data;
184*4882a593Smuzhiyun chunk->singleton = 1;
185*4882a593Smuzhiyun chunk->data_accepted = 0;
186*4882a593Smuzhiyun chunk->pdiscard = 0;
187*4882a593Smuzhiyun chunk->auth = 0;
188*4882a593Smuzhiyun chunk->has_asconf = 0;
189*4882a593Smuzhiyun chunk->end_of_packet = 0;
190*4882a593Smuzhiyun if (chunk->head_skb) {
191*4882a593Smuzhiyun struct sctp_input_cb
192*4882a593Smuzhiyun *cb = SCTP_INPUT_CB(chunk->skb),
193*4882a593Smuzhiyun *head_cb = SCTP_INPUT_CB(chunk->head_skb);
194*4882a593Smuzhiyun
195*4882a593Smuzhiyun cb->chunk = head_cb->chunk;
196*4882a593Smuzhiyun cb->af = head_cb->af;
197*4882a593Smuzhiyun }
198*4882a593Smuzhiyun }
199*4882a593Smuzhiyun
200*4882a593Smuzhiyun chunk->chunk_hdr = ch;
201*4882a593Smuzhiyun chunk->chunk_end = ((__u8 *)ch) + SCTP_PAD4(ntohs(ch->length));
202*4882a593Smuzhiyun skb_pull(chunk->skb, sizeof(*ch));
203*4882a593Smuzhiyun chunk->subh.v = NULL; /* Subheader is no longer valid. */
204*4882a593Smuzhiyun
205*4882a593Smuzhiyun if (chunk->chunk_end + sizeof(*ch) <= skb_tail_pointer(chunk->skb)) {
206*4882a593Smuzhiyun /* This is not a singleton */
207*4882a593Smuzhiyun chunk->singleton = 0;
208*4882a593Smuzhiyun } else if (chunk->chunk_end > skb_tail_pointer(chunk->skb)) {
209*4882a593Smuzhiyun /* Discard inside state machine. */
210*4882a593Smuzhiyun chunk->pdiscard = 1;
211*4882a593Smuzhiyun chunk->chunk_end = skb_tail_pointer(chunk->skb);
212*4882a593Smuzhiyun } else {
213*4882a593Smuzhiyun /* We are at the end of the packet, so mark the chunk
214*4882a593Smuzhiyun * in case we need to send a SACK.
215*4882a593Smuzhiyun */
216*4882a593Smuzhiyun chunk->end_of_packet = 1;
217*4882a593Smuzhiyun }
218*4882a593Smuzhiyun
219*4882a593Smuzhiyun pr_debug("+++sctp_inq_pop+++ chunk:%p[%s], length:%d, skb->len:%d\n",
220*4882a593Smuzhiyun chunk, sctp_cname(SCTP_ST_CHUNK(chunk->chunk_hdr->type)),
221*4882a593Smuzhiyun ntohs(chunk->chunk_hdr->length), chunk->skb->len);
222*4882a593Smuzhiyun
223*4882a593Smuzhiyun return chunk;
224*4882a593Smuzhiyun }
225*4882a593Smuzhiyun
226*4882a593Smuzhiyun /* Set a top-half handler.
227*4882a593Smuzhiyun *
228*4882a593Smuzhiyun * Originally, we the top-half handler was scheduled as a BH. We now
229*4882a593Smuzhiyun * call the handler directly in sctp_inq_push() at a time that
230*4882a593Smuzhiyun * we know we are lock safe.
231*4882a593Smuzhiyun * The intent is that this routine will pull stuff out of the
232*4882a593Smuzhiyun * inqueue and process it.
233*4882a593Smuzhiyun */
sctp_inq_set_th_handler(struct sctp_inq * q,work_func_t callback)234*4882a593Smuzhiyun void sctp_inq_set_th_handler(struct sctp_inq *q, work_func_t callback)
235*4882a593Smuzhiyun {
236*4882a593Smuzhiyun INIT_WORK(&q->immediate, callback);
237*4882a593Smuzhiyun }
238