1 /* SCTP kernel implementation 2 * (C) Copyright IBM Corp. 2001, 2004 3 * Copyright (c) 1999-2000 Cisco, Inc. 4 * Copyright (c) 1999-2001 Motorola, Inc. 5 * Copyright (c) 2001 Intel Corp. 6 * Copyright (c) 2001 Nokia, Inc. 7 * Copyright (c) 2001 La Monte H.P. Yarroll 8 * 9 * This abstraction carries sctp events to the ULP (sockets). 10 * 11 * This SCTP implementation is free software; 12 * you can redistribute it and/or modify it under the terms of 13 * the GNU General Public License as published by 14 * the Free Software Foundation; either version 2, or (at your option) 15 * any later version. 16 * 17 * This SCTP implementation is distributed in the hope that it 18 * will be useful, but WITHOUT ANY WARRANTY; without even the implied 19 * ************************ 20 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 21 * See the GNU General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public License 24 * along with GNU CC; see the file COPYING. If not, see 25 * <http://www.gnu.org/licenses/>. 26 * 27 * Please send any bug reports or fixes you make to the 28 * email address(es): 29 * lksctp developers <[email protected]> 30 * 31 * Written or modified by: 32 * Jon Grimm <[email protected]> 33 * La Monte H.P. Yarroll <[email protected]> 34 * Sridhar Samudrala <[email protected]> 35 */ 36 37 #include <linux/slab.h> 38 #include <linux/types.h> 39 #include <linux/skbuff.h> 40 #include <net/sock.h> 41 #include <net/busy_poll.h> 42 #include <net/sctp/structs.h> 43 #include <net/sctp/sctp.h> 44 #include <net/sctp/sm.h> 45 46 /* Forward declarations for internal helpers. */ 47 static struct sctp_ulpevent *sctp_ulpq_reasm(struct sctp_ulpq *ulpq, 48 struct sctp_ulpevent *); 49 static struct sctp_ulpevent *sctp_ulpq_order(struct sctp_ulpq *, 50 struct sctp_ulpevent *); 51 static void sctp_ulpq_reasm_drain(struct sctp_ulpq *ulpq); 52 53 /* 1st Level Abstractions */ 54 55 /* Initialize a ULP queue from a block of memory. */ 56 struct sctp_ulpq *sctp_ulpq_init(struct sctp_ulpq *ulpq, 57 struct sctp_association *asoc) 58 { 59 memset(ulpq, 0, sizeof(struct sctp_ulpq)); 60 61 ulpq->asoc = asoc; 62 skb_queue_head_init(&ulpq->reasm); 63 skb_queue_head_init(&ulpq->lobby); 64 ulpq->pd_mode = 0; 65 66 return ulpq; 67 } 68 69 70 /* Flush the reassembly and ordering queues. */ 71 void sctp_ulpq_flush(struct sctp_ulpq *ulpq) 72 { 73 struct sk_buff *skb; 74 struct sctp_ulpevent *event; 75 76 while ((skb = __skb_dequeue(&ulpq->lobby)) != NULL) { 77 event = sctp_skb2event(skb); 78 sctp_ulpevent_free(event); 79 } 80 81 while ((skb = __skb_dequeue(&ulpq->reasm)) != NULL) { 82 event = sctp_skb2event(skb); 83 sctp_ulpevent_free(event); 84 } 85 86 } 87 88 /* Dispose of a ulpqueue. */ 89 void sctp_ulpq_free(struct sctp_ulpq *ulpq) 90 { 91 sctp_ulpq_flush(ulpq); 92 } 93 94 /* Process an incoming DATA chunk. */ 95 int sctp_ulpq_tail_data(struct sctp_ulpq *ulpq, struct sctp_chunk *chunk, 96 gfp_t gfp) 97 { 98 struct sk_buff_head temp; 99 struct sctp_ulpevent *event; 100 int event_eor = 0; 101 102 /* Create an event from the incoming chunk. */ 103 event = sctp_ulpevent_make_rcvmsg(chunk->asoc, chunk, gfp); 104 if (!event) 105 return -ENOMEM; 106 107 event->ssn = ntohs(chunk->subh.data_hdr->ssn); 108 event->ppid = chunk->subh.data_hdr->ppid; 109 110 /* Do reassembly if needed. */ 111 event = sctp_ulpq_reasm(ulpq, event); 112 113 /* Do ordering if needed. */ 114 if ((event) && (event->msg_flags & MSG_EOR)) { 115 /* Create a temporary list to collect chunks on. */ 116 skb_queue_head_init(&temp); 117 __skb_queue_tail(&temp, sctp_event2skb(event)); 118 119 event = sctp_ulpq_order(ulpq, event); 120 } 121 122 /* Send event to the ULP. 'event' is the sctp_ulpevent for 123 * very first SKB on the 'temp' list. 124 */ 125 if (event) { 126 event_eor = (event->msg_flags & MSG_EOR) ? 1 : 0; 127 sctp_ulpq_tail_event(ulpq, event); 128 } 129 130 return event_eor; 131 } 132 133 /* Add a new event for propagation to the ULP. */ 134 /* Clear the partial delivery mode for this socket. Note: This 135 * assumes that no association is currently in partial delivery mode. 136 */ 137 int sctp_clear_pd(struct sock *sk, struct sctp_association *asoc) 138 { 139 struct sctp_sock *sp = sctp_sk(sk); 140 141 if (atomic_dec_and_test(&sp->pd_mode)) { 142 /* This means there are no other associations in PD, so 143 * we can go ahead and clear out the lobby in one shot 144 */ 145 if (!skb_queue_empty(&sp->pd_lobby)) { 146 skb_queue_splice_tail_init(&sp->pd_lobby, 147 &sk->sk_receive_queue); 148 return 1; 149 } 150 } else { 151 /* There are other associations in PD, so we only need to 152 * pull stuff out of the lobby that belongs to the 153 * associations that is exiting PD (all of its notifications 154 * are posted here). 155 */ 156 if (!skb_queue_empty(&sp->pd_lobby) && asoc) { 157 struct sk_buff *skb, *tmp; 158 struct sctp_ulpevent *event; 159 160 sctp_skb_for_each(skb, &sp->pd_lobby, tmp) { 161 event = sctp_skb2event(skb); 162 if (event->asoc == asoc) { 163 __skb_unlink(skb, &sp->pd_lobby); 164 __skb_queue_tail(&sk->sk_receive_queue, 165 skb); 166 } 167 } 168 } 169 } 170 171 return 0; 172 } 173 174 /* Set the pd_mode on the socket and ulpq */ 175 static void sctp_ulpq_set_pd(struct sctp_ulpq *ulpq) 176 { 177 struct sctp_sock *sp = sctp_sk(ulpq->asoc->base.sk); 178 179 atomic_inc(&sp->pd_mode); 180 ulpq->pd_mode = 1; 181 } 182 183 /* Clear the pd_mode and restart any pending messages waiting for delivery. */ 184 static int sctp_ulpq_clear_pd(struct sctp_ulpq *ulpq) 185 { 186 ulpq->pd_mode = 0; 187 sctp_ulpq_reasm_drain(ulpq); 188 return sctp_clear_pd(ulpq->asoc->base.sk, ulpq->asoc); 189 } 190 191 /* If the SKB of 'event' is on a list, it is the first such member 192 * of that list. 193 */ 194 int sctp_ulpq_tail_event(struct sctp_ulpq *ulpq, struct sctp_ulpevent *event) 195 { 196 struct sock *sk = ulpq->asoc->base.sk; 197 struct sctp_sock *sp = sctp_sk(sk); 198 struct sk_buff_head *queue, *skb_list; 199 struct sk_buff *skb = sctp_event2skb(event); 200 int clear_pd = 0; 201 202 skb_list = (struct sk_buff_head *) skb->prev; 203 204 /* If the socket is just going to throw this away, do not 205 * even try to deliver it. 206 */ 207 if (sk->sk_shutdown & RCV_SHUTDOWN && 208 (sk->sk_shutdown & SEND_SHUTDOWN || 209 !sctp_ulpevent_is_notification(event))) 210 goto out_free; 211 212 if (!sctp_ulpevent_is_notification(event)) { 213 sk_mark_napi_id(sk, skb); 214 sk_incoming_cpu_update(sk); 215 } 216 /* Check if the user wishes to receive this event. */ 217 if (!sctp_ulpevent_is_enabled(event, &sp->subscribe)) 218 goto out_free; 219 220 /* If we are in partial delivery mode, post to the lobby until 221 * partial delivery is cleared, unless, of course _this_ is 222 * the association the cause of the partial delivery. 223 */ 224 225 if (atomic_read(&sp->pd_mode) == 0) { 226 queue = &sk->sk_receive_queue; 227 } else { 228 if (ulpq->pd_mode) { 229 /* If the association is in partial delivery, we 230 * need to finish delivering the partially processed 231 * packet before passing any other data. This is 232 * because we don't truly support stream interleaving. 233 */ 234 if ((event->msg_flags & MSG_NOTIFICATION) || 235 (SCTP_DATA_NOT_FRAG == 236 (event->msg_flags & SCTP_DATA_FRAG_MASK))) 237 queue = &sp->pd_lobby; 238 else { 239 clear_pd = event->msg_flags & MSG_EOR; 240 queue = &sk->sk_receive_queue; 241 } 242 } else { 243 /* 244 * If fragment interleave is enabled, we 245 * can queue this to the receive queue instead 246 * of the lobby. 247 */ 248 if (sp->frag_interleave) 249 queue = &sk->sk_receive_queue; 250 else 251 queue = &sp->pd_lobby; 252 } 253 } 254 255 /* If we are harvesting multiple skbs they will be 256 * collected on a list. 257 */ 258 if (skb_list) 259 skb_queue_splice_tail_init(skb_list, queue); 260 else 261 __skb_queue_tail(queue, skb); 262 263 /* Did we just complete partial delivery and need to get 264 * rolling again? Move pending data to the receive 265 * queue. 266 */ 267 if (clear_pd) 268 sctp_ulpq_clear_pd(ulpq); 269 270 if (queue == &sk->sk_receive_queue && !sp->data_ready_signalled) { 271 if (!sock_owned_by_user(sk)) 272 sp->data_ready_signalled = 1; 273 sk->sk_data_ready(sk); 274 } 275 return 1; 276 277 out_free: 278 if (skb_list) 279 sctp_queue_purge_ulpevents(skb_list); 280 else 281 sctp_ulpevent_free(event); 282 283 return 0; 284 } 285 286 /* 2nd Level Abstractions */ 287 288 /* Helper function to store chunks that need to be reassembled. */ 289 static void sctp_ulpq_store_reasm(struct sctp_ulpq *ulpq, 290 struct sctp_ulpevent *event) 291 { 292 struct sk_buff *pos; 293 struct sctp_ulpevent *cevent; 294 __u32 tsn, ctsn; 295 296 tsn = event->tsn; 297 298 /* See if it belongs at the end. */ 299 pos = skb_peek_tail(&ulpq->reasm); 300 if (!pos) { 301 __skb_queue_tail(&ulpq->reasm, sctp_event2skb(event)); 302 return; 303 } 304 305 /* Short circuit just dropping it at the end. */ 306 cevent = sctp_skb2event(pos); 307 ctsn = cevent->tsn; 308 if (TSN_lt(ctsn, tsn)) { 309 __skb_queue_tail(&ulpq->reasm, sctp_event2skb(event)); 310 return; 311 } 312 313 /* Find the right place in this list. We store them by TSN. */ 314 skb_queue_walk(&ulpq->reasm, pos) { 315 cevent = sctp_skb2event(pos); 316 ctsn = cevent->tsn; 317 318 if (TSN_lt(tsn, ctsn)) 319 break; 320 } 321 322 /* Insert before pos. */ 323 __skb_queue_before(&ulpq->reasm, pos, sctp_event2skb(event)); 324 325 } 326 327 /* Helper function to return an event corresponding to the reassembled 328 * datagram. 329 * This routine creates a re-assembled skb given the first and last skb's 330 * as stored in the reassembly queue. The skb's may be non-linear if the sctp 331 * payload was fragmented on the way and ip had to reassemble them. 332 * We add the rest of skb's to the first skb's fraglist. 333 */ 334 struct sctp_ulpevent *sctp_make_reassembled_event(struct net *net, 335 struct sk_buff_head *queue, 336 struct sk_buff *f_frag, 337 struct sk_buff *l_frag) 338 { 339 struct sk_buff *pos; 340 struct sk_buff *new = NULL; 341 struct sctp_ulpevent *event; 342 struct sk_buff *pnext, *last; 343 struct sk_buff *list = skb_shinfo(f_frag)->frag_list; 344 345 /* Store the pointer to the 2nd skb */ 346 if (f_frag == l_frag) 347 pos = NULL; 348 else 349 pos = f_frag->next; 350 351 /* Get the last skb in the f_frag's frag_list if present. */ 352 for (last = list; list; last = list, list = list->next) 353 ; 354 355 /* Add the list of remaining fragments to the first fragments 356 * frag_list. 357 */ 358 if (last) 359 last->next = pos; 360 else { 361 if (skb_cloned(f_frag)) { 362 /* This is a cloned skb, we can't just modify 363 * the frag_list. We need a new skb to do that. 364 * Instead of calling skb_unshare(), we'll do it 365 * ourselves since we need to delay the free. 366 */ 367 new = skb_copy(f_frag, GFP_ATOMIC); 368 if (!new) 369 return NULL; /* try again later */ 370 371 sctp_skb_set_owner_r(new, f_frag->sk); 372 373 skb_shinfo(new)->frag_list = pos; 374 } else 375 skb_shinfo(f_frag)->frag_list = pos; 376 } 377 378 /* Remove the first fragment from the reassembly queue. */ 379 __skb_unlink(f_frag, queue); 380 381 /* if we did unshare, then free the old skb and re-assign */ 382 if (new) { 383 kfree_skb(f_frag); 384 f_frag = new; 385 } 386 387 while (pos) { 388 389 pnext = pos->next; 390 391 /* Update the len and data_len fields of the first fragment. */ 392 f_frag->len += pos->len; 393 f_frag->data_len += pos->len; 394 395 /* Remove the fragment from the reassembly queue. */ 396 __skb_unlink(pos, queue); 397 398 /* Break if we have reached the last fragment. */ 399 if (pos == l_frag) 400 break; 401 pos->next = pnext; 402 pos = pnext; 403 } 404 405 event = sctp_skb2event(f_frag); 406 SCTP_INC_STATS(net, SCTP_MIB_REASMUSRMSGS); 407 408 return event; 409 } 410 411 412 /* Helper function to check if an incoming chunk has filled up the last 413 * missing fragment in a SCTP datagram and return the corresponding event. 414 */ 415 static struct sctp_ulpevent *sctp_ulpq_retrieve_reassembled(struct sctp_ulpq *ulpq) 416 { 417 struct sk_buff *pos; 418 struct sctp_ulpevent *cevent; 419 struct sk_buff *first_frag = NULL; 420 __u32 ctsn, next_tsn; 421 struct sctp_ulpevent *retval = NULL; 422 struct sk_buff *pd_first = NULL; 423 struct sk_buff *pd_last = NULL; 424 size_t pd_len = 0; 425 struct sctp_association *asoc; 426 u32 pd_point; 427 428 /* Initialized to 0 just to avoid compiler warning message. Will 429 * never be used with this value. It is referenced only after it 430 * is set when we find the first fragment of a message. 431 */ 432 next_tsn = 0; 433 434 /* The chunks are held in the reasm queue sorted by TSN. 435 * Walk through the queue sequentially and look for a sequence of 436 * fragmented chunks that complete a datagram. 437 * 'first_frag' and next_tsn are reset when we find a chunk which 438 * is the first fragment of a datagram. Once these 2 fields are set 439 * we expect to find the remaining middle fragments and the last 440 * fragment in order. If not, first_frag is reset to NULL and we 441 * start the next pass when we find another first fragment. 442 * 443 * There is a potential to do partial delivery if user sets 444 * SCTP_PARTIAL_DELIVERY_POINT option. Lets count some things here 445 * to see if can do PD. 446 */ 447 skb_queue_walk(&ulpq->reasm, pos) { 448 cevent = sctp_skb2event(pos); 449 ctsn = cevent->tsn; 450 451 switch (cevent->msg_flags & SCTP_DATA_FRAG_MASK) { 452 case SCTP_DATA_FIRST_FRAG: 453 /* If this "FIRST_FRAG" is the first 454 * element in the queue, then count it towards 455 * possible PD. 456 */ 457 if (pos == ulpq->reasm.next) { 458 pd_first = pos; 459 pd_last = pos; 460 pd_len = pos->len; 461 } else { 462 pd_first = NULL; 463 pd_last = NULL; 464 pd_len = 0; 465 } 466 467 first_frag = pos; 468 next_tsn = ctsn + 1; 469 break; 470 471 case SCTP_DATA_MIDDLE_FRAG: 472 if ((first_frag) && (ctsn == next_tsn)) { 473 next_tsn++; 474 if (pd_first) { 475 pd_last = pos; 476 pd_len += pos->len; 477 } 478 } else 479 first_frag = NULL; 480 break; 481 482 case SCTP_DATA_LAST_FRAG: 483 if (first_frag && (ctsn == next_tsn)) 484 goto found; 485 else 486 first_frag = NULL; 487 break; 488 } 489 } 490 491 asoc = ulpq->asoc; 492 if (pd_first) { 493 /* Make sure we can enter partial deliver. 494 * We can trigger partial delivery only if framgent 495 * interleave is set, or the socket is not already 496 * in partial delivery. 497 */ 498 if (!sctp_sk(asoc->base.sk)->frag_interleave && 499 atomic_read(&sctp_sk(asoc->base.sk)->pd_mode)) 500 goto done; 501 502 cevent = sctp_skb2event(pd_first); 503 pd_point = sctp_sk(asoc->base.sk)->pd_point; 504 if (pd_point && pd_point <= pd_len) { 505 retval = sctp_make_reassembled_event(sock_net(asoc->base.sk), 506 &ulpq->reasm, 507 pd_first, 508 pd_last); 509 if (retval) 510 sctp_ulpq_set_pd(ulpq); 511 } 512 } 513 done: 514 return retval; 515 found: 516 retval = sctp_make_reassembled_event(sock_net(ulpq->asoc->base.sk), 517 &ulpq->reasm, first_frag, pos); 518 if (retval) 519 retval->msg_flags |= MSG_EOR; 520 goto done; 521 } 522 523 /* Retrieve the next set of fragments of a partial message. */ 524 static struct sctp_ulpevent *sctp_ulpq_retrieve_partial(struct sctp_ulpq *ulpq) 525 { 526 struct sk_buff *pos, *last_frag, *first_frag; 527 struct sctp_ulpevent *cevent; 528 __u32 ctsn, next_tsn; 529 int is_last; 530 struct sctp_ulpevent *retval; 531 532 /* The chunks are held in the reasm queue sorted by TSN. 533 * Walk through the queue sequentially and look for the first 534 * sequence of fragmented chunks. 535 */ 536 537 if (skb_queue_empty(&ulpq->reasm)) 538 return NULL; 539 540 last_frag = first_frag = NULL; 541 retval = NULL; 542 next_tsn = 0; 543 is_last = 0; 544 545 skb_queue_walk(&ulpq->reasm, pos) { 546 cevent = sctp_skb2event(pos); 547 ctsn = cevent->tsn; 548 549 switch (cevent->msg_flags & SCTP_DATA_FRAG_MASK) { 550 case SCTP_DATA_FIRST_FRAG: 551 if (!first_frag) 552 return NULL; 553 goto done; 554 case SCTP_DATA_MIDDLE_FRAG: 555 if (!first_frag) { 556 first_frag = pos; 557 next_tsn = ctsn + 1; 558 last_frag = pos; 559 } else if (next_tsn == ctsn) { 560 next_tsn++; 561 last_frag = pos; 562 } else 563 goto done; 564 break; 565 case SCTP_DATA_LAST_FRAG: 566 if (!first_frag) 567 first_frag = pos; 568 else if (ctsn != next_tsn) 569 goto done; 570 last_frag = pos; 571 is_last = 1; 572 goto done; 573 default: 574 return NULL; 575 } 576 } 577 578 /* We have the reassembled event. There is no need to look 579 * further. 580 */ 581 done: 582 retval = sctp_make_reassembled_event(sock_net(ulpq->asoc->base.sk), 583 &ulpq->reasm, first_frag, last_frag); 584 if (retval && is_last) 585 retval->msg_flags |= MSG_EOR; 586 587 return retval; 588 } 589 590 591 /* Helper function to reassemble chunks. Hold chunks on the reasm queue that 592 * need reassembling. 593 */ 594 static struct sctp_ulpevent *sctp_ulpq_reasm(struct sctp_ulpq *ulpq, 595 struct sctp_ulpevent *event) 596 { 597 struct sctp_ulpevent *retval = NULL; 598 599 /* Check if this is part of a fragmented message. */ 600 if (SCTP_DATA_NOT_FRAG == (event->msg_flags & SCTP_DATA_FRAG_MASK)) { 601 event->msg_flags |= MSG_EOR; 602 return event; 603 } 604 605 sctp_ulpq_store_reasm(ulpq, event); 606 if (!ulpq->pd_mode) 607 retval = sctp_ulpq_retrieve_reassembled(ulpq); 608 else { 609 __u32 ctsn, ctsnap; 610 611 /* Do not even bother unless this is the next tsn to 612 * be delivered. 613 */ 614 ctsn = event->tsn; 615 ctsnap = sctp_tsnmap_get_ctsn(&ulpq->asoc->peer.tsn_map); 616 if (TSN_lte(ctsn, ctsnap)) 617 retval = sctp_ulpq_retrieve_partial(ulpq); 618 } 619 620 return retval; 621 } 622 623 /* Retrieve the first part (sequential fragments) for partial delivery. */ 624 static struct sctp_ulpevent *sctp_ulpq_retrieve_first(struct sctp_ulpq *ulpq) 625 { 626 struct sk_buff *pos, *last_frag, *first_frag; 627 struct sctp_ulpevent *cevent; 628 __u32 ctsn, next_tsn; 629 struct sctp_ulpevent *retval; 630 631 /* The chunks are held in the reasm queue sorted by TSN. 632 * Walk through the queue sequentially and look for a sequence of 633 * fragmented chunks that start a datagram. 634 */ 635 636 if (skb_queue_empty(&ulpq->reasm)) 637 return NULL; 638 639 last_frag = first_frag = NULL; 640 retval = NULL; 641 next_tsn = 0; 642 643 skb_queue_walk(&ulpq->reasm, pos) { 644 cevent = sctp_skb2event(pos); 645 ctsn = cevent->tsn; 646 647 switch (cevent->msg_flags & SCTP_DATA_FRAG_MASK) { 648 case SCTP_DATA_FIRST_FRAG: 649 if (!first_frag) { 650 first_frag = pos; 651 next_tsn = ctsn + 1; 652 last_frag = pos; 653 } else 654 goto done; 655 break; 656 657 case SCTP_DATA_MIDDLE_FRAG: 658 if (!first_frag) 659 return NULL; 660 if (ctsn == next_tsn) { 661 next_tsn++; 662 last_frag = pos; 663 } else 664 goto done; 665 break; 666 667 case SCTP_DATA_LAST_FRAG: 668 if (!first_frag) 669 return NULL; 670 else 671 goto done; 672 break; 673 674 default: 675 return NULL; 676 } 677 } 678 679 /* We have the reassembled event. There is no need to look 680 * further. 681 */ 682 done: 683 retval = sctp_make_reassembled_event(sock_net(ulpq->asoc->base.sk), 684 &ulpq->reasm, first_frag, last_frag); 685 return retval; 686 } 687 688 /* 689 * Flush out stale fragments from the reassembly queue when processing 690 * a Forward TSN. 691 * 692 * RFC 3758, Section 3.6 693 * 694 * After receiving and processing a FORWARD TSN, the data receiver MUST 695 * take cautions in updating its re-assembly queue. The receiver MUST 696 * remove any partially reassembled message, which is still missing one 697 * or more TSNs earlier than or equal to the new cumulative TSN point. 698 * In the event that the receiver has invoked the partial delivery API, 699 * a notification SHOULD also be generated to inform the upper layer API 700 * that the message being partially delivered will NOT be completed. 701 */ 702 void sctp_ulpq_reasm_flushtsn(struct sctp_ulpq *ulpq, __u32 fwd_tsn) 703 { 704 struct sk_buff *pos, *tmp; 705 struct sctp_ulpevent *event; 706 __u32 tsn; 707 708 if (skb_queue_empty(&ulpq->reasm)) 709 return; 710 711 skb_queue_walk_safe(&ulpq->reasm, pos, tmp) { 712 event = sctp_skb2event(pos); 713 tsn = event->tsn; 714 715 /* Since the entire message must be abandoned by the 716 * sender (item A3 in Section 3.5, RFC 3758), we can 717 * free all fragments on the list that are less then 718 * or equal to ctsn_point 719 */ 720 if (TSN_lte(tsn, fwd_tsn)) { 721 __skb_unlink(pos, &ulpq->reasm); 722 sctp_ulpevent_free(event); 723 } else 724 break; 725 } 726 } 727 728 /* 729 * Drain the reassembly queue. If we just cleared parted delivery, it 730 * is possible that the reassembly queue will contain already reassembled 731 * messages. Retrieve any such messages and give them to the user. 732 */ 733 static void sctp_ulpq_reasm_drain(struct sctp_ulpq *ulpq) 734 { 735 struct sctp_ulpevent *event = NULL; 736 struct sk_buff_head temp; 737 738 if (skb_queue_empty(&ulpq->reasm)) 739 return; 740 741 while ((event = sctp_ulpq_retrieve_reassembled(ulpq)) != NULL) { 742 /* Do ordering if needed. */ 743 if ((event) && (event->msg_flags & MSG_EOR)) { 744 skb_queue_head_init(&temp); 745 __skb_queue_tail(&temp, sctp_event2skb(event)); 746 747 event = sctp_ulpq_order(ulpq, event); 748 } 749 750 /* Send event to the ULP. 'event' is the 751 * sctp_ulpevent for very first SKB on the temp' list. 752 */ 753 if (event) 754 sctp_ulpq_tail_event(ulpq, event); 755 } 756 } 757 758 759 /* Helper function to gather skbs that have possibly become 760 * ordered by an an incoming chunk. 761 */ 762 static void sctp_ulpq_retrieve_ordered(struct sctp_ulpq *ulpq, 763 struct sctp_ulpevent *event) 764 { 765 struct sk_buff_head *event_list; 766 struct sk_buff *pos, *tmp; 767 struct sctp_ulpevent *cevent; 768 struct sctp_stream *stream; 769 __u16 sid, csid, cssn; 770 771 sid = event->stream; 772 stream = &ulpq->asoc->stream; 773 774 event_list = (struct sk_buff_head *) sctp_event2skb(event)->prev; 775 776 /* We are holding the chunks by stream, by SSN. */ 777 sctp_skb_for_each(pos, &ulpq->lobby, tmp) { 778 cevent = (struct sctp_ulpevent *) pos->cb; 779 csid = cevent->stream; 780 cssn = cevent->ssn; 781 782 /* Have we gone too far? */ 783 if (csid > sid) 784 break; 785 786 /* Have we not gone far enough? */ 787 if (csid < sid) 788 continue; 789 790 if (cssn != sctp_ssn_peek(stream, in, sid)) 791 break; 792 793 /* Found it, so mark in the stream. */ 794 sctp_ssn_next(stream, in, sid); 795 796 __skb_unlink(pos, &ulpq->lobby); 797 798 /* Attach all gathered skbs to the event. */ 799 __skb_queue_tail(event_list, pos); 800 } 801 } 802 803 /* Helper function to store chunks needing ordering. */ 804 static void sctp_ulpq_store_ordered(struct sctp_ulpq *ulpq, 805 struct sctp_ulpevent *event) 806 { 807 struct sk_buff *pos; 808 struct sctp_ulpevent *cevent; 809 __u16 sid, csid; 810 __u16 ssn, cssn; 811 812 pos = skb_peek_tail(&ulpq->lobby); 813 if (!pos) { 814 __skb_queue_tail(&ulpq->lobby, sctp_event2skb(event)); 815 return; 816 } 817 818 sid = event->stream; 819 ssn = event->ssn; 820 821 cevent = (struct sctp_ulpevent *) pos->cb; 822 csid = cevent->stream; 823 cssn = cevent->ssn; 824 if (sid > csid) { 825 __skb_queue_tail(&ulpq->lobby, sctp_event2skb(event)); 826 return; 827 } 828 829 if ((sid == csid) && SSN_lt(cssn, ssn)) { 830 __skb_queue_tail(&ulpq->lobby, sctp_event2skb(event)); 831 return; 832 } 833 834 /* Find the right place in this list. We store them by 835 * stream ID and then by SSN. 836 */ 837 skb_queue_walk(&ulpq->lobby, pos) { 838 cevent = (struct sctp_ulpevent *) pos->cb; 839 csid = cevent->stream; 840 cssn = cevent->ssn; 841 842 if (csid > sid) 843 break; 844 if (csid == sid && SSN_lt(ssn, cssn)) 845 break; 846 } 847 848 849 /* Insert before pos. */ 850 __skb_queue_before(&ulpq->lobby, pos, sctp_event2skb(event)); 851 } 852 853 static struct sctp_ulpevent *sctp_ulpq_order(struct sctp_ulpq *ulpq, 854 struct sctp_ulpevent *event) 855 { 856 __u16 sid, ssn; 857 struct sctp_stream *stream; 858 859 /* Check if this message needs ordering. */ 860 if (event->msg_flags & SCTP_DATA_UNORDERED) 861 return event; 862 863 /* Note: The stream ID must be verified before this routine. */ 864 sid = event->stream; 865 ssn = event->ssn; 866 stream = &ulpq->asoc->stream; 867 868 /* Is this the expected SSN for this stream ID? */ 869 if (ssn != sctp_ssn_peek(stream, in, sid)) { 870 /* We've received something out of order, so find where it 871 * needs to be placed. We order by stream and then by SSN. 872 */ 873 sctp_ulpq_store_ordered(ulpq, event); 874 return NULL; 875 } 876 877 /* Mark that the next chunk has been found. */ 878 sctp_ssn_next(stream, in, sid); 879 880 /* Go find any other chunks that were waiting for 881 * ordering. 882 */ 883 sctp_ulpq_retrieve_ordered(ulpq, event); 884 885 return event; 886 } 887 888 /* Helper function to gather skbs that have possibly become 889 * ordered by forward tsn skipping their dependencies. 890 */ 891 static void sctp_ulpq_reap_ordered(struct sctp_ulpq *ulpq, __u16 sid) 892 { 893 struct sk_buff *pos, *tmp; 894 struct sctp_ulpevent *cevent; 895 struct sctp_ulpevent *event; 896 struct sctp_stream *stream; 897 struct sk_buff_head temp; 898 struct sk_buff_head *lobby = &ulpq->lobby; 899 __u16 csid, cssn; 900 901 stream = &ulpq->asoc->stream; 902 903 /* We are holding the chunks by stream, by SSN. */ 904 skb_queue_head_init(&temp); 905 event = NULL; 906 sctp_skb_for_each(pos, lobby, tmp) { 907 cevent = (struct sctp_ulpevent *) pos->cb; 908 csid = cevent->stream; 909 cssn = cevent->ssn; 910 911 /* Have we gone too far? */ 912 if (csid > sid) 913 break; 914 915 /* Have we not gone far enough? */ 916 if (csid < sid) 917 continue; 918 919 /* see if this ssn has been marked by skipping */ 920 if (!SSN_lt(cssn, sctp_ssn_peek(stream, in, csid))) 921 break; 922 923 __skb_unlink(pos, lobby); 924 if (!event) 925 /* Create a temporary list to collect chunks on. */ 926 event = sctp_skb2event(pos); 927 928 /* Attach all gathered skbs to the event. */ 929 __skb_queue_tail(&temp, pos); 930 } 931 932 /* If we didn't reap any data, see if the next expected SSN 933 * is next on the queue and if so, use that. 934 */ 935 if (event == NULL && pos != (struct sk_buff *)lobby) { 936 cevent = (struct sctp_ulpevent *) pos->cb; 937 csid = cevent->stream; 938 cssn = cevent->ssn; 939 940 if (csid == sid && cssn == sctp_ssn_peek(stream, in, csid)) { 941 sctp_ssn_next(stream, in, csid); 942 __skb_unlink(pos, lobby); 943 __skb_queue_tail(&temp, pos); 944 event = sctp_skb2event(pos); 945 } 946 } 947 948 /* Send event to the ULP. 'event' is the sctp_ulpevent for 949 * very first SKB on the 'temp' list. 950 */ 951 if (event) { 952 /* see if we have more ordered that we can deliver */ 953 sctp_ulpq_retrieve_ordered(ulpq, event); 954 sctp_ulpq_tail_event(ulpq, event); 955 } 956 } 957 958 /* Skip over an SSN. This is used during the processing of 959 * Forwared TSN chunk to skip over the abandoned ordered data 960 */ 961 void sctp_ulpq_skip(struct sctp_ulpq *ulpq, __u16 sid, __u16 ssn) 962 { 963 struct sctp_stream *stream; 964 965 /* Note: The stream ID must be verified before this routine. */ 966 stream = &ulpq->asoc->stream; 967 968 /* Is this an old SSN? If so ignore. */ 969 if (SSN_lt(ssn, sctp_ssn_peek(stream, in, sid))) 970 return; 971 972 /* Mark that we are no longer expecting this SSN or lower. */ 973 sctp_ssn_skip(stream, in, sid, ssn); 974 975 /* Go find any other chunks that were waiting for 976 * ordering and deliver them if needed. 977 */ 978 sctp_ulpq_reap_ordered(ulpq, sid); 979 } 980 981 __u16 sctp_ulpq_renege_list(struct sctp_ulpq *ulpq, struct sk_buff_head *list, 982 __u16 needed) 983 { 984 __u16 freed = 0; 985 __u32 tsn, last_tsn; 986 struct sk_buff *skb, *flist, *last; 987 struct sctp_ulpevent *event; 988 struct sctp_tsnmap *tsnmap; 989 990 tsnmap = &ulpq->asoc->peer.tsn_map; 991 992 while ((skb = skb_peek_tail(list)) != NULL) { 993 event = sctp_skb2event(skb); 994 tsn = event->tsn; 995 996 /* Don't renege below the Cumulative TSN ACK Point. */ 997 if (TSN_lte(tsn, sctp_tsnmap_get_ctsn(tsnmap))) 998 break; 999 1000 /* Events in ordering queue may have multiple fragments 1001 * corresponding to additional TSNs. Sum the total 1002 * freed space; find the last TSN. 1003 */ 1004 freed += skb_headlen(skb); 1005 flist = skb_shinfo(skb)->frag_list; 1006 for (last = flist; flist; flist = flist->next) { 1007 last = flist; 1008 freed += skb_headlen(last); 1009 } 1010 if (last) 1011 last_tsn = sctp_skb2event(last)->tsn; 1012 else 1013 last_tsn = tsn; 1014 1015 /* Unlink the event, then renege all applicable TSNs. */ 1016 __skb_unlink(skb, list); 1017 sctp_ulpevent_free(event); 1018 while (TSN_lte(tsn, last_tsn)) { 1019 sctp_tsnmap_renege(tsnmap, tsn); 1020 tsn++; 1021 } 1022 if (freed >= needed) 1023 return freed; 1024 } 1025 1026 return freed; 1027 } 1028 1029 /* Renege 'needed' bytes from the ordering queue. */ 1030 static __u16 sctp_ulpq_renege_order(struct sctp_ulpq *ulpq, __u16 needed) 1031 { 1032 return sctp_ulpq_renege_list(ulpq, &ulpq->lobby, needed); 1033 } 1034 1035 /* Renege 'needed' bytes from the reassembly queue. */ 1036 static __u16 sctp_ulpq_renege_frags(struct sctp_ulpq *ulpq, __u16 needed) 1037 { 1038 return sctp_ulpq_renege_list(ulpq, &ulpq->reasm, needed); 1039 } 1040 1041 /* Partial deliver the first message as there is pressure on rwnd. */ 1042 void sctp_ulpq_partial_delivery(struct sctp_ulpq *ulpq, 1043 gfp_t gfp) 1044 { 1045 struct sctp_ulpevent *event; 1046 struct sctp_association *asoc; 1047 struct sctp_sock *sp; 1048 __u32 ctsn; 1049 struct sk_buff *skb; 1050 1051 asoc = ulpq->asoc; 1052 sp = sctp_sk(asoc->base.sk); 1053 1054 /* If the association is already in Partial Delivery mode 1055 * we have nothing to do. 1056 */ 1057 if (ulpq->pd_mode) 1058 return; 1059 1060 /* Data must be at or below the Cumulative TSN ACK Point to 1061 * start partial delivery. 1062 */ 1063 skb = skb_peek(&asoc->ulpq.reasm); 1064 if (skb != NULL) { 1065 ctsn = sctp_skb2event(skb)->tsn; 1066 if (!TSN_lte(ctsn, sctp_tsnmap_get_ctsn(&asoc->peer.tsn_map))) 1067 return; 1068 } 1069 1070 /* If the user enabled fragment interleave socket option, 1071 * multiple associations can enter partial delivery. 1072 * Otherwise, we can only enter partial delivery if the 1073 * socket is not in partial deliver mode. 1074 */ 1075 if (sp->frag_interleave || atomic_read(&sp->pd_mode) == 0) { 1076 /* Is partial delivery possible? */ 1077 event = sctp_ulpq_retrieve_first(ulpq); 1078 /* Send event to the ULP. */ 1079 if (event) { 1080 sctp_ulpq_tail_event(ulpq, event); 1081 sctp_ulpq_set_pd(ulpq); 1082 return; 1083 } 1084 } 1085 } 1086 1087 /* Renege some packets to make room for an incoming chunk. */ 1088 void sctp_ulpq_renege(struct sctp_ulpq *ulpq, struct sctp_chunk *chunk, 1089 gfp_t gfp) 1090 { 1091 struct sctp_association *asoc; 1092 __u16 needed, freed; 1093 1094 asoc = ulpq->asoc; 1095 1096 if (chunk) { 1097 needed = ntohs(chunk->chunk_hdr->length); 1098 needed -= sizeof(struct sctp_data_chunk); 1099 } else 1100 needed = SCTP_DEFAULT_MAXWINDOW; 1101 1102 freed = 0; 1103 1104 if (skb_queue_empty(&asoc->base.sk->sk_receive_queue)) { 1105 freed = sctp_ulpq_renege_order(ulpq, needed); 1106 if (freed < needed) { 1107 freed += sctp_ulpq_renege_frags(ulpq, needed - freed); 1108 } 1109 } 1110 /* If able to free enough room, accept this chunk. */ 1111 if (chunk && (freed >= needed)) { 1112 int retval; 1113 retval = sctp_ulpq_tail_data(ulpq, chunk, gfp); 1114 /* 1115 * Enter partial delivery if chunk has not been 1116 * delivered; otherwise, drain the reassembly queue. 1117 */ 1118 if (retval <= 0) 1119 sctp_ulpq_partial_delivery(ulpq, gfp); 1120 else if (retval == 1) 1121 sctp_ulpq_reasm_drain(ulpq); 1122 } 1123 1124 sk_mem_reclaim(asoc->base.sk); 1125 } 1126 1127 1128 1129 /* Notify the application if an association is aborted and in 1130 * partial delivery mode. Send up any pending received messages. 1131 */ 1132 void sctp_ulpq_abort_pd(struct sctp_ulpq *ulpq, gfp_t gfp) 1133 { 1134 struct sctp_ulpevent *ev = NULL; 1135 struct sock *sk; 1136 struct sctp_sock *sp; 1137 1138 if (!ulpq->pd_mode) 1139 return; 1140 1141 sk = ulpq->asoc->base.sk; 1142 sp = sctp_sk(sk); 1143 if (sctp_ulpevent_type_enabled(SCTP_PARTIAL_DELIVERY_EVENT, 1144 &sctp_sk(sk)->subscribe)) 1145 ev = sctp_ulpevent_make_pdapi(ulpq->asoc, 1146 SCTP_PARTIAL_DELIVERY_ABORTED, 1147 gfp); 1148 if (ev) 1149 __skb_queue_tail(&sk->sk_receive_queue, sctp_event2skb(ev)); 1150 1151 /* If there is data waiting, send it up the socket now. */ 1152 if ((sctp_ulpq_clear_pd(ulpq) || ev) && !sp->data_ready_signalled) { 1153 sp->data_ready_signalled = 1; 1154 sk->sk_data_ready(sk); 1155 } 1156 } 1157