1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved. 24 */ 25 26 #include <sys/types.h> 27 #include <sys/systm.h> 28 #include <sys/stream.h> 29 #include <sys/ddi.h> 30 #include <sys/sunddi.h> 31 #include <sys/strsubr.h> 32 #include <sys/strsun.h> 33 34 #include <netinet/in.h> 35 #include <netinet/ip6.h> 36 37 #include <inet/ipsec_impl.h> 38 #include <inet/common.h> 39 #include <inet/ip.h> 40 #include <inet/ip6.h> 41 #include <inet/mib2.h> 42 #include <inet/nd.h> 43 #include <inet/optcom.h> 44 #include <inet/sctp_ip.h> 45 #include <inet/ipclassifier.h> 46 #include "sctp_impl.h" 47 48 void 49 sctp_send_shutdown(sctp_t *sctp, int rexmit) 50 { 51 mblk_t *smp; 52 mblk_t *sendmp; 53 sctp_chunk_hdr_t *sch; 54 uint32_t *ctsn; 55 sctp_faddr_t *fp; 56 sctp_stack_t *sctps = sctp->sctp_sctps; 57 58 if (sctp->sctp_state != SCTPS_ESTABLISHED && 59 sctp->sctp_state != SCTPS_SHUTDOWN_PENDING && 60 sctp->sctp_state != SCTPS_SHUTDOWN_SENT) { 61 return; 62 } 63 64 if (sctp->sctp_state == SCTPS_ESTABLISHED) { 65 sctp->sctp_state = SCTPS_SHUTDOWN_PENDING; 66 /* 67 * We set an upper bound on how long we will 68 * wait for a shutdown-ack from the peer. This 69 * is to prevent the receiver from attempting 70 * to create a half-closed state indefinately. 71 * See archive from IETF TSVWG mailing list 72 * for June 2001 for more information. 73 * Since we will not be calculating RTTs after 74 * sending the shutdown, we can overload out_time 75 * to track how long we have waited. 76 */ 77 sctp->sctp_out_time = ddi_get_lbolt64(); 78 } 79 80 /* 81 * If there is unsent (or unacked) data, wait for it to get ack'd 82 */ 83 if (sctp->sctp_xmit_head != NULL || sctp->sctp_xmit_unsent != NULL) { 84 return; 85 } 86 87 /* rotate faddrs if we are retransmitting */ 88 if (!rexmit) { 89 fp = sctp->sctp_current; 90 } else { 91 fp = sctp_rotate_faddr(sctp, sctp->sctp_shutdown_faddr); 92 } 93 94 sctp->sctp_shutdown_faddr = fp; 95 96 /* Link in a SACK if resending the shutdown */ 97 if (sctp->sctp_state > SCTPS_SHUTDOWN_PENDING && 98 (sendmp = sctp_make_sack(sctp, fp, NULL)) != NULL) { 99 100 smp = allocb(sizeof (*sch) + sizeof (*ctsn), BPRI_MED); 101 if (smp == NULL) { 102 freemsg(sendmp); 103 goto done; 104 } 105 linkb(sendmp, smp); 106 107 sch = (sctp_chunk_hdr_t *)smp->b_rptr; 108 smp->b_wptr = smp->b_rptr + sizeof (*sch) + sizeof (*ctsn); 109 } else { 110 sendmp = sctp_make_mp(sctp, fp, 111 sizeof (*sch) + sizeof (*ctsn)); 112 if (sendmp == NULL) { 113 SCTP_KSTAT(sctps, sctp_send_shutdown_failed); 114 goto done; 115 } 116 sch = (sctp_chunk_hdr_t *)sendmp->b_wptr; 117 sendmp->b_wptr += sizeof (*sch) + sizeof (*ctsn); 118 119 /* shutdown w/o sack, update lastacked */ 120 sctp->sctp_lastacked = sctp->sctp_ftsn - 1; 121 } 122 123 sch->sch_id = CHUNK_SHUTDOWN; 124 sch->sch_flags = 0; 125 sch->sch_len = htons(sizeof (*sch) + sizeof (*ctsn)); 126 127 ctsn = (uint32_t *)(sch + 1); 128 *ctsn = htonl(sctp->sctp_lastacked); 129 130 /* Link the shutdown chunk in after the IP/SCTP header */ 131 132 BUMP_LOCAL(sctp->sctp_obchunks); 133 134 /* Send the shutdown and restart the timer */ 135 sctp_set_iplen(sctp, sendmp, fp->sf_ixa); 136 (void) conn_ip_output(sendmp, fp->sf_ixa); 137 BUMP_LOCAL(sctp->sctp_opkts); 138 139 done: 140 sctp->sctp_state = SCTPS_SHUTDOWN_SENT; 141 SCTP_FADDR_TIMER_RESTART(sctp, sctp->sctp_current, 142 sctp->sctp_current->sf_rto); 143 } 144 145 int 146 sctp_shutdown_received(sctp_t *sctp, sctp_chunk_hdr_t *sch, boolean_t crwsd, 147 boolean_t rexmit, sctp_faddr_t *fp) 148 { 149 mblk_t *samp; 150 uint32_t *tsn; 151 int trysend = 0; 152 153 if (sctp->sctp_state != SCTPS_SHUTDOWN_ACK_SENT) 154 sctp->sctp_state = SCTPS_SHUTDOWN_RECEIVED; 155 156 /* Extract and process the TSN in the shutdown chunk */ 157 if (sch != NULL) { 158 tsn = (uint32_t *)(sch + 1); 159 /* not already acked */ 160 if (!SEQ_LT(ntohl(*tsn), sctp->sctp_lastack_rxd)) 161 trysend = sctp_cumack(sctp, ntohl(*tsn), &samp); 162 } 163 164 /* Don't allow sending new data */ 165 if (!SCTP_IS_DETACHED(sctp) && !sctp->sctp_ulp_discon_done) { 166 sctp->sctp_ulp_opctl(sctp->sctp_ulpd, SOCK_OPCTL_SHUT_SEND, 0); 167 sctp->sctp_ulp_discon_done = B_TRUE; 168 } 169 170 /* 171 * If there is unsent or unacked data, try sending them out now. 172 * The other side should acknowledge them. After we have flushed 173 * the transmit queue, we can complete the shutdown sequence. 174 */ 175 if (sctp->sctp_xmit_head != NULL || sctp->sctp_xmit_unsent != NULL) 176 return (1); 177 178 if (fp == NULL) { 179 /* rotate faddrs if we are retransmitting */ 180 if (!rexmit) 181 fp = sctp->sctp_current; 182 else 183 fp = sctp_rotate_faddr(sctp, sctp->sctp_shutdown_faddr); 184 } 185 186 sctp_send_shutdown_ack(sctp, fp, crwsd); 187 188 return (trysend); 189 } 190 191 void 192 sctp_shutdown_complete(sctp_t *sctp) 193 { 194 mblk_t *scmp; 195 sctp_chunk_hdr_t *scch; 196 sctp_stack_t *sctps = sctp->sctp_sctps; 197 198 scmp = sctp_make_mp(sctp, sctp->sctp_current, sizeof (*scch)); 199 if (scmp == NULL) { 200 /* XXX use timer approach */ 201 SCTP_KSTAT(sctps, sctp_send_shutdown_comp_failed); 202 return; 203 } 204 205 scch = (sctp_chunk_hdr_t *)scmp->b_wptr; 206 scch->sch_id = CHUNK_SHUTDOWN_COMPLETE; 207 scch->sch_flags = 0; 208 scch->sch_len = htons(sizeof (*scch)); 209 210 scmp->b_wptr += sizeof (*scch); 211 212 BUMP_LOCAL(sctp->sctp_obchunks); 213 214 sctp_set_iplen(sctp, scmp, sctp->sctp_current->sf_ixa); 215 (void) conn_ip_output(scmp, sctp->sctp_current->sf_ixa); 216 BUMP_LOCAL(sctp->sctp_opkts); 217 } 218 219 /* 220 * Similar to sctp_shutdown_complete(), except that since this 221 * is out-of-the-blue, we can't use an sctp's association information, 222 * and instead must draw all necessary info from the incoming packet. 223 */ 224 void 225 sctp_ootb_shutdown_ack(mblk_t *mp, uint_t ip_hdr_len, ip_recv_attr_t *ira, 226 ip_stack_t *ipst) 227 { 228 boolean_t isv4; 229 ipha_t *ipha = NULL; 230 ip6_t *ip6h = NULL; 231 sctp_hdr_t *insctph; 232 sctp_chunk_hdr_t *scch; 233 int i; 234 uint16_t port; 235 mblk_t *mp1; 236 netstack_t *ns = ipst->ips_netstack; 237 sctp_stack_t *sctps = ns->netstack_sctp; 238 ip_xmit_attr_t ixas; 239 240 bzero(&ixas, sizeof (ixas)); 241 242 isv4 = (IPH_HDR_VERSION(mp->b_rptr) == IPV4_VERSION); 243 244 ASSERT(MBLKL(mp) >= sizeof (*insctph) + sizeof (*scch) + 245 (isv4 ? sizeof (ipha_t) : sizeof (ip6_t))); 246 247 /* 248 * Check to see if we can reuse the incoming mblk. There should 249 * not be other reference. Since this packet comes from below, 250 * there should be enough header space to fill in what the lower 251 * layers want to add. 252 */ 253 if (DB_REF(mp) != 1) { 254 mp1 = allocb(MBLKL(mp) + sctps->sctps_wroff_xtra, BPRI_MED); 255 if (mp1 == NULL) { 256 freeb(mp); 257 return; 258 } 259 mp1->b_rptr += sctps->sctps_wroff_xtra; 260 bcopy(mp->b_rptr, mp1->b_rptr, MBLKL(mp)); 261 freeb(mp); 262 mp = mp1; 263 } else { 264 DB_CKSUMFLAGS(mp) = 0; 265 } 266 267 ixas.ixa_pktlen = ip_hdr_len + sizeof (*insctph) + sizeof (*scch); 268 ixas.ixa_ip_hdr_length = ip_hdr_len; 269 mp->b_wptr = (mp->b_rptr + ixas.ixa_pktlen); 270 271 /* 272 * We follow the logic in tcp_xmit_early_reset() in that we skip 273 * reversing source route (i.e. replace all IP options with EOL). 274 */ 275 if (isv4) { 276 ipaddr_t v4addr; 277 278 ipha = (ipha_t *)mp->b_rptr; 279 for (i = IP_SIMPLE_HDR_LENGTH; i < (int)ip_hdr_len; i++) 280 mp->b_rptr[i] = IPOPT_EOL; 281 /* Swap addresses */ 282 ipha->ipha_length = htons(ixas.ixa_pktlen); 283 v4addr = ipha->ipha_src; 284 ipha->ipha_src = ipha->ipha_dst; 285 ipha->ipha_dst = v4addr; 286 ipha->ipha_ident = 0; 287 ipha->ipha_ttl = (uchar_t)sctps->sctps_ipv4_ttl; 288 289 ixas.ixa_flags = IXAF_BASIC_SIMPLE_V4; 290 } else { 291 in6_addr_t v6addr; 292 293 ip6h = (ip6_t *)mp->b_rptr; 294 /* Remove any extension headers assuming partial overlay */ 295 if (ip_hdr_len > IPV6_HDR_LEN) { 296 uint8_t *to; 297 298 to = mp->b_rptr + ip_hdr_len - IPV6_HDR_LEN; 299 ovbcopy(ip6h, to, IPV6_HDR_LEN); 300 mp->b_rptr += ip_hdr_len - IPV6_HDR_LEN; 301 ip_hdr_len = IPV6_HDR_LEN; 302 ip6h = (ip6_t *)mp->b_rptr; 303 ip6h->ip6_nxt = IPPROTO_SCTP; 304 } 305 ip6h->ip6_plen = htons(ixas.ixa_pktlen - IPV6_HDR_LEN); 306 v6addr = ip6h->ip6_src; 307 ip6h->ip6_src = ip6h->ip6_dst; 308 ip6h->ip6_dst = v6addr; 309 ip6h->ip6_hops = (uchar_t)sctps->sctps_ipv6_hoplimit; 310 311 ixas.ixa_flags = IXAF_BASIC_SIMPLE_V6; 312 if (IN6_IS_ADDR_LINKSCOPE(&ip6h->ip6_dst)) { 313 ixas.ixa_flags |= IXAF_SCOPEID_SET; 314 ixas.ixa_scopeid = ira->ira_ruifindex; 315 } 316 } 317 318 insctph = (sctp_hdr_t *)(mp->b_rptr + ip_hdr_len); 319 320 /* Swap ports. Verification tag is reused. */ 321 port = insctph->sh_sport; 322 insctph->sh_sport = insctph->sh_dport; 323 insctph->sh_dport = port; 324 325 /* Lay in the shutdown complete chunk */ 326 scch = (sctp_chunk_hdr_t *)(insctph + 1); 327 scch->sch_id = CHUNK_SHUTDOWN_COMPLETE; 328 scch->sch_len = htons(sizeof (*scch)); 329 scch->sch_flags = 0; 330 331 /* Set the T-bit */ 332 SCTP_SET_TBIT(scch); 333 334 ixas.ixa_protocol = IPPROTO_SCTP; 335 ixas.ixa_zoneid = ira->ira_zoneid; 336 ixas.ixa_ipst = ipst; 337 ixas.ixa_ifindex = 0; 338 339 if (ira->ira_flags & IRAF_IPSEC_SECURE) { 340 /* 341 * Apply IPsec based on how IPsec was applied to 342 * the packet that was out of the blue. 343 */ 344 if (!ipsec_in_to_out(ira, &ixas, mp, ipha, ip6h)) { 345 BUMP_MIB(&ipst->ips_ip_mib, ipIfStatsOutDiscards); 346 /* Note: mp already consumed and ip_drop_packet done */ 347 return; 348 } 349 } else { 350 /* 351 * This is in clear. The message we are building 352 * here should go out in clear, independent of our policy. 353 */ 354 ixas.ixa_flags |= IXAF_NO_IPSEC; 355 } 356 357 (void) ip_output_simple(mp, &ixas); 358 ixa_cleanup(&ixas); 359 } 360 361 /* 362 * Called from sctp_input_data() and sctp_shutdown_received(). 363 * Send a SHUTDOWN ACK chunk to the peer SCTP endpoint and change SCTP state. 364 * This should be done after all data (unacked and unsend) has been 365 * acknowledged. 366 */ 367 void 368 sctp_send_shutdown_ack(sctp_t *sctp, sctp_faddr_t *fp, boolean_t crwsd) 369 { 370 mblk_t *samp; 371 sctp_chunk_hdr_t *sach; 372 sctp_stack_t *sctps = sctp->sctp_sctps; 373 374 ASSERT(sctp->sctp_xmit_unacked == NULL); 375 ASSERT(sctp->sctp_lastack_rxd == (sctp->sctp_ltsn - 1)); 376 ASSERT(fp != NULL); 377 378 sctp->sctp_shutdown_faddr = fp; 379 380 samp = sctp_make_mp(sctp, fp, sizeof (*sach)); 381 if (samp == NULL) { 382 SCTP_KSTAT(sctps, sctp_send_shutdown_ack_failed); 383 goto dotimer; 384 } 385 386 sach = (sctp_chunk_hdr_t *)samp->b_wptr; 387 sach->sch_id = CHUNK_SHUTDOWN_ACK; 388 sach->sch_flags = 0; 389 sach->sch_len = htons(sizeof (*sach)); 390 391 samp->b_wptr += sizeof (*sach); 392 /* 393 * bundle a "cookie received while shutting down" error if 394 * the caller asks for it. 395 */ 396 if (crwsd) { 397 mblk_t *errmp; 398 399 errmp = sctp_make_err(sctp, SCTP_ERR_COOKIE_SHUT, NULL, 0); 400 if (errmp != NULL) { 401 linkb(samp, errmp); 402 BUMP_LOCAL(sctp->sctp_obchunks); 403 } 404 } 405 406 BUMP_LOCAL(sctp->sctp_obchunks); 407 408 sctp_set_iplen(sctp, samp, fp->sf_ixa); 409 (void) conn_ip_output(samp, fp->sf_ixa); 410 BUMP_LOCAL(sctp->sctp_opkts); 411 412 dotimer: 413 sctp->sctp_state = SCTPS_SHUTDOWN_ACK_SENT; 414 SCTP_FADDR_TIMER_RESTART(sctp, fp, fp->sf_rto); 415 } 416