1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #pragma ident "%Z%%M% %I% %E% SMI" 28 29 #include <sys/types.h> 30 #include <sys/systm.h> 31 #include <sys/stream.h> 32 #include <sys/ddi.h> 33 #include <sys/sunddi.h> 34 #include <sys/kmem.h> 35 #include <sys/socket.h> 36 #include <sys/random.h> 37 38 #include <netinet/in.h> 39 #include <netinet/ip6.h> 40 #include <netinet/sctp.h> 41 42 #include <inet/common.h> 43 #include <inet/ip.h> 44 #include <inet/ip6.h> 45 #include <inet/ip_ire.h> 46 #include <inet/mi.h> 47 #include <inet/mib2.h> 48 #include <inet/nd.h> 49 #include <inet/optcom.h> 50 #include <inet/sctp_ip.h> 51 #include <inet/ipclassifier.h> 52 #include "sctp_impl.h" 53 #include "sctp_addr.h" 54 55 static struct kmem_cache *sctp_kmem_faddr_cache; 56 static void sctp_init_faddr(sctp_t *, sctp_faddr_t *, in6_addr_t *); 57 58 /* Set the source address. Refer to comments in sctp_ire2faddr(). */ 59 static void 60 set_saddr(sctp_t *sctp, sctp_faddr_t *fp, boolean_t v6) 61 { 62 if (sctp->sctp_bound_to_all) { 63 V6_SET_ZERO(fp->saddr); 64 } else { 65 fp->saddr = sctp_get_valid_addr(sctp, v6); 66 if (!v6 && IN6_IS_ADDR_V4MAPPED_ANY(&fp->saddr) || 67 v6 && IN6_IS_ADDR_UNSPECIFIED(&fp->saddr)) { 68 fp->state = SCTP_FADDRS_UNREACH; 69 /* Disable heartbeat. */ 70 fp->hb_expiry = 0; 71 fp->hb_pending = B_FALSE; 72 fp->strikes = 0; 73 } 74 } 75 } 76 77 /* 78 * Call this function to update the cached IRE of a peer addr fp. 79 */ 80 void 81 sctp_ire2faddr(sctp_t *sctp, sctp_faddr_t *fp) 82 { 83 ire_t *ire; 84 ipaddr_t addr4; 85 in6_addr_t laddr; 86 sctp_saddr_ipif_t *sp; 87 uint_t ipif_seqid; 88 int hdrlen; 89 90 /* Remove the previous cache IRE */ 91 if ((ire = fp->ire) != NULL) { 92 IRE_REFRELE_NOTR(ire); 93 fp->ire = NULL; 94 } 95 96 /* 97 * If this addr is not reachable, mark it as unconfirmed for now, the 98 * state will be changed back to unreachable later in this function 99 * if it is still the case. 100 */ 101 if (fp->state == SCTP_FADDRS_UNREACH) { 102 fp->state = SCTP_FADDRS_UNCONFIRMED; 103 } 104 105 if (fp->isv4) { 106 IN6_V4MAPPED_TO_IPADDR(&fp->faddr, addr4); 107 108 ire = ire_cache_lookup(addr4, sctp->sctp_zoneid); 109 if (ire == NULL) { 110 dprint(3, ("ire2faddr: no ire for %x:%x:%x:%x\n", 111 SCTP_PRINTADDR(fp->faddr))); 112 /* 113 * It is tempting to just leave the src addr 114 * unspecified and let IP figure it out, but we 115 * *cannot* do this, since IP may choose a src addr 116 * that is not part of this association... unless 117 * this sctp has bound to all addrs. So if the ire 118 * lookup fails, try to find one in our src addr 119 * list, unless the sctp has bound to all addrs, in 120 * which case we change the src addr to unspec. 121 * 122 * Note that if this is a v6 endpoint but it does 123 * not have any v4 address at this point (e.g. may 124 * have been deleted), sctp_get_valid_addr() will 125 * return mapped INADDR_ANY. In this case, this 126 * address should be marked not reachable so that 127 * it won't be used to send data. 128 */ 129 set_saddr(sctp, fp, B_FALSE); 130 goto set_current; 131 } 132 ipif_seqid = ire->ire_ipif->ipif_seqid; 133 dprint(2, ("ire2faddr: got ire for %x:%x:%x:%x, ", 134 SCTP_PRINTADDR(fp->faddr))); 135 dprint(2, ("src = %x\n", ire->ire_src_addr)); 136 IN6_IPADDR_TO_V4MAPPED(ire->ire_src_addr, &laddr); 137 138 /* make sure the laddr is part of this association */ 139 if ((sp = sctp_ipif_lookup(sctp, ipif_seqid)) != 140 NULL && !sp->saddr_ipif_dontsrc) { 141 fp->saddr = laddr; 142 } else { 143 ip2dbg(("ire2faddr: src addr is not part of assc\n")); 144 set_saddr(sctp, fp, B_FALSE); 145 } 146 } else { 147 ire = ire_cache_lookup_v6(&fp->faddr, sctp->sctp_zoneid); 148 if (ire == NULL) { 149 dprint(3, ("ire2faddr: no ire for %x:%x:%x:%x\n", 150 SCTP_PRINTADDR(fp->faddr))); 151 set_saddr(sctp, fp, B_TRUE); 152 goto set_current; 153 } 154 ipif_seqid = ire->ire_ipif->ipif_seqid; 155 dprint(2, ("ire2faddr: got ire for %x:%x:%x:%x, ", 156 SCTP_PRINTADDR(fp->faddr))); 157 dprint(2, ("src=%x:%x:%x:%x\n", 158 SCTP_PRINTADDR(ire->ire_src_addr_v6))); 159 laddr = ire->ire_src_addr_v6; 160 161 /* make sure the laddr is part of this association */ 162 163 if ((sp = sctp_ipif_lookup(sctp, ipif_seqid)) != 164 NULL && !sp->saddr_ipif_dontsrc) { 165 fp->saddr = laddr; 166 } else { 167 dprint(2, ("ire2faddr: src addr is not part " 168 "of assc\n")); 169 set_saddr(sctp, fp, B_TRUE); 170 } 171 } 172 173 /* Cache the IRE */ 174 IRE_REFHOLD_NOTR(ire); 175 fp->ire = ire; 176 if (fp->ire->ire_type == IRE_LOOPBACK && !sctp->sctp_loopback) 177 sctp->sctp_loopback = 1; 178 IRE_REFRELE(ire); 179 180 /* 181 * Pull out RTO information for this faddr and use it if we don't 182 * have any yet. 183 */ 184 if (fp->srtt == -1 && ire->ire_uinfo.iulp_rtt != 0) { 185 fp->srtt = ire->ire_uinfo.iulp_rtt; 186 fp->rttvar = ire->ire_uinfo.iulp_rtt_sd; 187 fp->rto = 3 * fp->srtt; 188 189 /* Bound the RTO by configured min and max values */ 190 if (fp->rto < sctp->sctp_rto_min) { 191 fp->rto = sctp->sctp_rto_min; 192 } 193 if (fp->rto > sctp->sctp_rto_max) { 194 fp->rto = sctp->sctp_rto_max; 195 } 196 } 197 198 /* 199 * Record the MTU for this faddr. If the MTU for this faddr has 200 * changed, check if the assc MTU will also change. 201 */ 202 if (fp->isv4) { 203 hdrlen = sctp->sctp_hdr_len; 204 } else { 205 hdrlen = sctp->sctp_hdr6_len; 206 } 207 if ((fp->sfa_pmss + hdrlen) != ire->ire_max_frag) { 208 /* Make sure that sfa_pmss is a multiple of SCTP_ALIGN. */ 209 fp->sfa_pmss = (ire->ire_max_frag - hdrlen) & ~(SCTP_ALIGN - 1); 210 if (fp->cwnd < (fp->sfa_pmss * 2)) { 211 fp->cwnd = fp->sfa_pmss * sctp_slow_start_initial; 212 } 213 } 214 215 set_current: 216 if (fp == sctp->sctp_current) { 217 sctp_faddr2hdraddr(fp, sctp); 218 sctp->sctp_mss = fp->sfa_pmss; 219 if (!SCTP_IS_DETACHED(sctp)) { 220 sctp_set_ulp_prop(sctp); 221 } 222 } 223 } 224 225 /*ARGSUSED*/ 226 void 227 sctp_faddr2ire(sctp_t *sctp, sctp_faddr_t *fp) 228 { 229 ire_t *ire; 230 231 if ((ire = fp->ire) == NULL) { 232 return; 233 } 234 235 mutex_enter(&ire->ire_lock); 236 237 /* If the cached IRE is going sway, there is no point to update it. */ 238 if (ire->ire_marks & IRE_MARK_CONDEMNED) { 239 mutex_exit(&ire->ire_lock); 240 IRE_REFRELE_NOTR(ire); 241 fp->ire = NULL; 242 return; 243 } 244 245 /* 246 * Only record the PMTU for this faddr if we actually have 247 * done discovery. This prevents initialized default from 248 * clobbering any real info that IP may have. 249 */ 250 if (fp->pmtu_discovered) { 251 if (fp->isv4) { 252 ire->ire_max_frag = fp->sfa_pmss + sctp->sctp_hdr_len; 253 } else { 254 ire->ire_max_frag = fp->sfa_pmss + sctp->sctp_hdr6_len; 255 } 256 } 257 258 if (fp->rtt_updates >= sctp_rtt_updates) { 259 /* 260 * If there is no old cached values, initialize them 261 * conservatively. Set them to be (1.5 * new value). 262 * This code copied from ip_ire_advise(). 263 */ 264 if (ire->ire_uinfo.iulp_rtt != 0) { 265 ire->ire_uinfo.iulp_rtt = (ire->ire_uinfo.iulp_rtt + 266 fp->srtt) >> 1; 267 } else { 268 ire->ire_uinfo.iulp_rtt = fp->srtt + 269 (fp->srtt >> 1); 270 } 271 if (ire->ire_uinfo.iulp_rtt_sd != 0) { 272 ire->ire_uinfo.iulp_rtt_sd = 273 (ire->ire_uinfo.iulp_rtt_sd + 274 fp->rttvar) >> 1; 275 } else { 276 ire->ire_uinfo.iulp_rtt_sd = fp->rttvar + 277 (fp->rttvar >> 1); 278 } 279 fp->rtt_updates = 0; 280 } 281 282 mutex_exit(&ire->ire_lock); 283 } 284 285 /* 286 * The sender must set the total length in the IP header. 287 * If sendto == NULL, the current will be used. 288 */ 289 mblk_t * 290 sctp_make_mp(sctp_t *sctp, sctp_faddr_t *sendto, int trailer) 291 { 292 mblk_t *mp; 293 size_t ipsctplen; 294 int isv4; 295 sctp_faddr_t *fp; 296 297 ASSERT(sctp->sctp_current != NULL || sendto != NULL); 298 if (sendto == NULL) { 299 fp = sctp->sctp_current; 300 } else { 301 fp = sendto; 302 } 303 isv4 = fp->isv4; 304 305 /* Try to look for another IRE again. */ 306 if (fp->ire == NULL) 307 sctp_ire2faddr(sctp, fp); 308 309 /* There is no suitable source address to use, return. */ 310 if (fp->state == SCTP_FADDRS_UNREACH) 311 return (NULL); 312 313 if (isv4) { 314 ipsctplen = sctp->sctp_hdr_len; 315 } else { 316 ipsctplen = sctp->sctp_hdr6_len; 317 } 318 319 mp = allocb(ipsctplen + sctp_wroff_xtra + trailer, BPRI_MED); 320 if (mp == NULL) { 321 ip1dbg(("sctp_make_mp: error makign mp..\n")); 322 return (NULL); 323 } 324 mp->b_rptr += sctp_wroff_xtra; 325 mp->b_wptr = mp->b_rptr + ipsctplen; 326 327 ASSERT(OK_32PTR(mp->b_wptr)); 328 329 if (isv4) { 330 ipha_t *iph = (ipha_t *)mp->b_rptr; 331 332 bcopy(sctp->sctp_iphc, mp->b_rptr, ipsctplen); 333 if (fp != sctp->sctp_current) { 334 /* fiddle with the dst addr */ 335 IN6_V4MAPPED_TO_IPADDR(&fp->faddr, iph->ipha_dst); 336 /* fix up src addr */ 337 if (!IN6_IS_ADDR_V4MAPPED_ANY(&fp->saddr)) { 338 IN6_V4MAPPED_TO_IPADDR(&fp->saddr, 339 iph->ipha_src); 340 } else if (sctp->sctp_bound_to_all) { 341 iph->ipha_src = INADDR_ANY; 342 } 343 } 344 /* set or clear the don't fragment bit */ 345 if (fp->df) { 346 iph->ipha_fragment_offset_and_flags = htons(IPH_DF); 347 } else { 348 iph->ipha_fragment_offset_and_flags = 0; 349 } 350 } else { 351 bcopy(sctp->sctp_iphc6, mp->b_rptr, ipsctplen); 352 if (fp != sctp->sctp_current) { 353 /* fiddle with the dst addr */ 354 ((ip6_t *)(mp->b_rptr))->ip6_dst = fp->faddr; 355 /* fix up src addr */ 356 if (!IN6_IS_ADDR_UNSPECIFIED(&fp->saddr)) { 357 ((ip6_t *)(mp->b_rptr))->ip6_src = fp->saddr; 358 } else if (sctp->sctp_bound_to_all) { 359 bzero(&((ip6_t *)(mp->b_rptr))->ip6_src, 360 sizeof (in6_addr_t)); 361 } 362 } 363 } 364 ASSERT(sctp->sctp_connp != NULL); 365 366 /* 367 * IP will not free this IRE if it is condemned. SCTP needs to 368 * free it. 369 */ 370 if ((fp->ire != NULL) && (fp->ire->ire_marks & IRE_MARK_CONDEMNED)) { 371 IRE_REFRELE_NOTR(fp->ire); 372 fp->ire = NULL; 373 } 374 /* Stash the conn and ire ptr info. for IP */ 375 SCTP_STASH_IPINFO(mp, fp->ire); 376 377 return (mp); 378 } 379 380 /* 381 * Notify upper layers about preferred write offset, write size. 382 */ 383 void 384 sctp_set_ulp_prop(sctp_t *sctp) 385 { 386 int hdrlen; 387 388 if (sctp->sctp_current->isv4) { 389 hdrlen = sctp->sctp_hdr_len; 390 } else { 391 hdrlen = sctp->sctp_hdr6_len; 392 } 393 ASSERT(sctp->sctp_ulpd); 394 395 ASSERT(sctp->sctp_current->sfa_pmss == sctp->sctp_mss); 396 sctp->sctp_ulp_prop(sctp->sctp_ulpd, 397 sctp_wroff_xtra + hdrlen + sizeof (sctp_data_hdr_t), 398 sctp->sctp_mss - sizeof (sctp_data_hdr_t)); 399 } 400 401 void 402 sctp_set_iplen(sctp_t *sctp, mblk_t *mp) 403 { 404 uint16_t sum = 0; 405 ipha_t *iph; 406 ip6_t *ip6h; 407 mblk_t *pmp = mp; 408 boolean_t isv4; 409 410 isv4 = (IPH_HDR_VERSION(mp->b_rptr) == IPV4_VERSION); 411 for (; pmp; pmp = pmp->b_cont) 412 sum += pmp->b_wptr - pmp->b_rptr; 413 414 if (isv4) { 415 iph = (ipha_t *)mp->b_rptr; 416 iph->ipha_length = htons(sum); 417 } else { 418 ip6h = (ip6_t *)mp->b_rptr; 419 ip6h->ip6_plen = htons(sum - ((char *)&sctp->sctp_ip6h[1] - 420 sctp->sctp_iphc6)); 421 } 422 } 423 424 int 425 sctp_compare_faddrsets(sctp_faddr_t *a1, sctp_faddr_t *a2) 426 { 427 int na1 = 0; 428 int overlap = 0; 429 int equal = 1; 430 int onematch; 431 sctp_faddr_t *fp1, *fp2; 432 433 for (fp1 = a1; fp1; fp1 = fp1->next) { 434 onematch = 0; 435 for (fp2 = a2; fp2; fp2 = fp2->next) { 436 if (IN6_ARE_ADDR_EQUAL(&fp1->faddr, &fp2->faddr)) { 437 overlap++; 438 onematch = 1; 439 break; 440 } 441 if (!onematch) { 442 equal = 0; 443 } 444 } 445 na1++; 446 } 447 448 if (equal) { 449 return (SCTP_ADDR_EQUAL); 450 } 451 if (overlap == na1) { 452 return (SCTP_ADDR_SUBSET); 453 } 454 if (overlap) { 455 return (SCTP_ADDR_OVERLAP); 456 } 457 return (SCTP_ADDR_DISJOINT); 458 } 459 460 /* 461 * Returns 0 on success, -1 on memory allocation failure. If sleep 462 * is true, should never fail. 463 * Caller must hold conn fanout lock. 464 */ 465 int 466 sctp_add_faddr(sctp_t *sctp, in6_addr_t *addr, int sleep) 467 { 468 sctp_faddr_t *faddr; 469 470 dprint(4, ("add_faddr: %x:%x:%x:%x %d\n", SCTP_PRINTADDR(*addr), 471 sleep)); 472 473 if ((faddr = kmem_cache_alloc(sctp_kmem_faddr_cache, sleep)) == NULL) { 474 return (-1); 475 } 476 477 sctp_init_faddr(sctp, faddr, addr); 478 ASSERT(faddr->next == NULL); 479 480 /* tack it on to the end */ 481 if (sctp->sctp_lastfaddr != NULL) { 482 sctp->sctp_lastfaddr->next = faddr; 483 } else { 484 /* list is empty */ 485 ASSERT(sctp->sctp_faddrs == NULL); 486 sctp->sctp_faddrs = faddr; 487 } 488 sctp->sctp_lastfaddr = faddr; 489 490 return (0); 491 } 492 493 /* 494 * Caller must hold conn fanout lock. 495 */ 496 int 497 sctp_add_faddr_first(sctp_t *sctp, in6_addr_t *addr, int sleep) 498 { 499 sctp_faddr_t *faddr; 500 501 dprint(4, ("add_faddr_first: %x:%x:%x:%x %d\n", SCTP_PRINTADDR(*addr), 502 sleep)); 503 504 if ((faddr = kmem_cache_alloc(sctp_kmem_faddr_cache, sleep)) == NULL) { 505 return (-1); 506 } 507 sctp_init_faddr(sctp, faddr, addr); 508 ASSERT(faddr->next == NULL); 509 510 /* Put it at the beginning of the list */ 511 if (sctp->sctp_faddrs != NULL) { 512 faddr->next = sctp->sctp_faddrs; 513 } else { 514 sctp->sctp_lastfaddr = faddr; 515 } 516 sctp->sctp_faddrs = faddr; 517 518 return (0); 519 } 520 521 sctp_faddr_t * 522 sctp_lookup_faddr(sctp_t *sctp, in6_addr_t *addr) 523 { 524 sctp_faddr_t *fp; 525 526 for (fp = sctp->sctp_faddrs; fp != NULL; fp = fp->next) { 527 if (IN6_ARE_ADDR_EQUAL(&fp->faddr, addr)) 528 break; 529 } 530 531 return (fp); 532 } 533 534 sctp_faddr_t * 535 sctp_lookup_faddr_nosctp(sctp_faddr_t *fp, in6_addr_t *addr) 536 { 537 for (; fp; fp = fp->next) { 538 if (IN6_ARE_ADDR_EQUAL(&fp->faddr, addr)) { 539 break; 540 } 541 } 542 543 return (fp); 544 } 545 546 void 547 sctp_faddr2hdraddr(sctp_faddr_t *fp, sctp_t *sctp) 548 { 549 if (fp->isv4) { 550 IN6_V4MAPPED_TO_IPADDR(&fp->faddr, 551 sctp->sctp_ipha->ipha_dst); 552 /* Must not allow unspec src addr if not bound to all */ 553 if (IN6_IS_ADDR_V4MAPPED_ANY(&fp->saddr) && 554 !sctp->sctp_bound_to_all) { 555 /* 556 * set the src to the first v4 saddr and hope 557 * for the best 558 */ 559 fp->saddr = sctp_get_valid_addr(sctp, B_FALSE); 560 } 561 IN6_V4MAPPED_TO_IPADDR(&fp->saddr, sctp->sctp_ipha->ipha_src); 562 /* update don't fragment bit */ 563 if (fp->df) { 564 sctp->sctp_ipha->ipha_fragment_offset_and_flags = 565 htons(IPH_DF); 566 } else { 567 sctp->sctp_ipha->ipha_fragment_offset_and_flags = 0; 568 } 569 } else { 570 sctp->sctp_ip6h->ip6_dst = fp->faddr; 571 /* Must not allow unspec src addr if not bound to all */ 572 if (IN6_IS_ADDR_UNSPECIFIED(&fp->saddr) && 573 !sctp->sctp_bound_to_all) { 574 /* 575 * set the src to the first v6 saddr and hope 576 * for the best 577 */ 578 fp->saddr = sctp_get_valid_addr(sctp, B_TRUE); 579 } 580 sctp->sctp_ip6h->ip6_src = fp->saddr; 581 } 582 } 583 584 void 585 sctp_redo_faddr_srcs(sctp_t *sctp) 586 { 587 sctp_faddr_t *fp; 588 589 for (fp = sctp->sctp_faddrs; fp != NULL; fp = fp->next) { 590 sctp_ire2faddr(sctp, fp); 591 } 592 593 sctp_faddr2hdraddr(sctp->sctp_current, sctp); 594 } 595 596 void 597 sctp_faddr_alive(sctp_t *sctp, sctp_faddr_t *fp) 598 { 599 int64_t now = lbolt64; 600 601 fp->strikes = 0; 602 sctp->sctp_strikes = 0; 603 fp->lastactive = now; 604 fp->hb_expiry = now + SET_HB_INTVL(fp); 605 fp->hb_pending = B_FALSE; 606 if (fp->state != SCTP_FADDRS_ALIVE) { 607 fp->state = SCTP_FADDRS_ALIVE; 608 sctp_intf_event(sctp, fp->faddr, SCTP_ADDR_AVAILABLE, 0); 609 610 /* If this is the primary, switch back to it now */ 611 if (fp == sctp->sctp_primary) { 612 sctp->sctp_current = fp; 613 sctp->sctp_mss = fp->sfa_pmss; 614 /* Reset the addrs in the composite header */ 615 sctp_faddr2hdraddr(fp, sctp); 616 if (!SCTP_IS_DETACHED(sctp)) { 617 sctp_set_ulp_prop(sctp); 618 } 619 } 620 } 621 if (fp->ire == NULL) { 622 /* Should have a full IRE now */ 623 sctp_ire2faddr(sctp, fp); 624 } 625 } 626 627 int 628 sctp_is_a_faddr_clean(sctp_t *sctp) 629 { 630 sctp_faddr_t *fp; 631 632 for (fp = sctp->sctp_faddrs; fp; fp = fp->next) { 633 if (fp->state == SCTP_FADDRS_ALIVE && fp->strikes == 0) { 634 return (1); 635 } 636 } 637 638 return (0); 639 } 640 641 /* 642 * Returns 0 if there is at leave one other active faddr, -1 if there 643 * are none. If there are none left, faddr_dead() will start killing the 644 * association. 645 * If the downed faddr was the current faddr, a new current faddr 646 * will be chosen. 647 */ 648 int 649 sctp_faddr_dead(sctp_t *sctp, sctp_faddr_t *fp, int newstate) 650 { 651 sctp_faddr_t *ofp; 652 653 if (fp->state == SCTP_FADDRS_ALIVE) { 654 sctp_intf_event(sctp, fp->faddr, SCTP_ADDR_UNREACHABLE, 0); 655 } 656 fp->state = newstate; 657 658 dprint(1, ("sctp_faddr_dead: %x:%x:%x:%x down (state=%d)\n", 659 SCTP_PRINTADDR(fp->faddr), newstate)); 660 661 if (fp == sctp->sctp_current) { 662 /* Current faddr down; need to switch it */ 663 sctp->sctp_current = NULL; 664 } 665 666 /* Find next alive faddr */ 667 ofp = fp; 668 for (fp = fp->next; fp; fp = fp->next) { 669 if (fp->state == SCTP_FADDRS_ALIVE) { 670 break; 671 } 672 } 673 674 if (fp == NULL) { 675 /* Continue from beginning of list */ 676 for (fp = sctp->sctp_faddrs; fp != ofp; fp = fp->next) { 677 if (fp->state == SCTP_FADDRS_ALIVE) { 678 break; 679 } 680 } 681 } 682 683 if (fp != ofp) { 684 if (sctp->sctp_current == NULL) { 685 dprint(1, ("sctp_faddr_dead: failover->%x:%x:%x:%x\n", 686 SCTP_PRINTADDR(fp->faddr))); 687 sctp->sctp_current = fp; 688 sctp->sctp_mss = fp->sfa_pmss; 689 690 /* Reset the addrs in the composite header */ 691 sctp_faddr2hdraddr(fp, sctp); 692 693 if (!SCTP_IS_DETACHED(sctp)) { 694 sctp_set_ulp_prop(sctp); 695 } 696 } 697 return (0); 698 } 699 700 701 /* All faddrs are down; kill the association */ 702 dprint(1, ("sctp_faddr_dead: all faddrs down, killing assoc\n")); 703 BUMP_MIB(&sctp_mib, sctpAborted); 704 sctp_assoc_event(sctp, sctp->sctp_state < SCTPS_ESTABLISHED ? 705 SCTP_CANT_STR_ASSOC : SCTP_COMM_LOST, 0, NULL); 706 sctp_clean_death(sctp, sctp->sctp_client_errno ? 707 sctp->sctp_client_errno : ETIMEDOUT); 708 709 return (-1); 710 } 711 712 sctp_faddr_t * 713 sctp_rotate_faddr(sctp_t *sctp, sctp_faddr_t *ofp) 714 { 715 sctp_faddr_t *nfp = NULL; 716 717 if (ofp == NULL) { 718 ofp = sctp->sctp_current; 719 } 720 721 /* Find the next live one */ 722 for (nfp = ofp->next; nfp != NULL; nfp = nfp->next) { 723 if (nfp->state == SCTP_FADDRS_ALIVE) { 724 break; 725 } 726 } 727 728 if (nfp == NULL) { 729 /* Continue from beginning of list */ 730 for (nfp = sctp->sctp_faddrs; nfp != ofp; nfp = nfp->next) { 731 if (nfp->state == SCTP_FADDRS_ALIVE) { 732 break; 733 } 734 } 735 } 736 737 /* 738 * nfp could only be NULL if all faddrs are down, and when 739 * this happens, faddr_dead() should have killed the 740 * association. Hence this assertion... 741 */ 742 ASSERT(nfp != NULL); 743 return (nfp); 744 } 745 746 void 747 sctp_unlink_faddr(sctp_t *sctp, sctp_faddr_t *fp) 748 { 749 sctp_faddr_t *fpp; 750 751 if (!sctp->sctp_faddrs) { 752 return; 753 } 754 755 if (fp->timer_mp != NULL) { 756 sctp_timer_free(fp->timer_mp); 757 fp->timer_mp = NULL; 758 fp->timer_running = 0; 759 } 760 if (fp->rc_timer_mp != NULL) { 761 sctp_timer_free(fp->rc_timer_mp); 762 fp->rc_timer_mp = NULL; 763 fp->rc_timer_running = 0; 764 } 765 if (fp->ire != NULL) { 766 IRE_REFRELE_NOTR(fp->ire); 767 fp->ire = NULL; 768 } 769 770 if (fp == sctp->sctp_faddrs) { 771 goto gotit; 772 } 773 774 for (fpp = sctp->sctp_faddrs; fpp->next != fp; fpp = fpp->next) 775 ; 776 777 gotit: 778 ASSERT(sctp->sctp_conn_tfp != NULL); 779 mutex_enter(&sctp->sctp_conn_tfp->tf_lock); 780 if (fp == sctp->sctp_faddrs) { 781 sctp->sctp_faddrs = fp->next; 782 } else { 783 fpp->next = fp->next; 784 } 785 mutex_exit(&sctp->sctp_conn_tfp->tf_lock); 786 /* XXX faddr2ire? */ 787 kmem_cache_free(sctp_kmem_faddr_cache, fp); 788 } 789 790 void 791 sctp_zap_faddrs(sctp_t *sctp, int caller_holds_lock) 792 { 793 sctp_faddr_t *fp, *fpn; 794 795 if (sctp->sctp_faddrs == NULL) { 796 ASSERT(sctp->sctp_lastfaddr == NULL); 797 return; 798 } 799 800 ASSERT(sctp->sctp_lastfaddr != NULL); 801 sctp->sctp_lastfaddr = NULL; 802 sctp->sctp_current = NULL; 803 sctp->sctp_primary = NULL; 804 805 sctp_free_faddr_timers(sctp); 806 807 if (sctp->sctp_conn_tfp != NULL && !caller_holds_lock) { 808 /* in conn fanout; need to hold lock */ 809 mutex_enter(&sctp->sctp_conn_tfp->tf_lock); 810 } 811 812 for (fp = sctp->sctp_faddrs; fp; fp = fpn) { 813 fpn = fp->next; 814 if (fp->ire != NULL) 815 IRE_REFRELE_NOTR(fp->ire); 816 kmem_cache_free(sctp_kmem_faddr_cache, fp); 817 } 818 819 sctp->sctp_faddrs = NULL; 820 821 if (sctp->sctp_conn_tfp != NULL && !caller_holds_lock) { 822 mutex_exit(&sctp->sctp_conn_tfp->tf_lock); 823 } 824 825 } 826 827 void 828 sctp_zap_addrs(sctp_t *sctp) 829 { 830 sctp_zap_faddrs(sctp, 0); 831 sctp_free_saddrs(sctp); 832 } 833 834 /* 835 * Initialize the IPv4 header. Loses any record of any IP options. 836 */ 837 int 838 sctp_header_init_ipv4(sctp_t *sctp, int sleep) 839 { 840 sctp_hdr_t *sctph; 841 842 /* 843 * This is a simple initialization. If there's 844 * already a template, it should never be too small, 845 * so reuse it. Otherwise, allocate space for the new one. 846 */ 847 if (sctp->sctp_iphc != NULL) { 848 ASSERT(sctp->sctp_iphc_len >= SCTP_MAX_COMBINED_HEADER_LENGTH); 849 bzero(sctp->sctp_iphc, sctp->sctp_iphc_len); 850 } else { 851 sctp->sctp_iphc_len = SCTP_MAX_COMBINED_HEADER_LENGTH; 852 sctp->sctp_iphc = kmem_zalloc(sctp->sctp_iphc_len, sleep); 853 if (sctp->sctp_iphc == NULL) { 854 sctp->sctp_iphc_len = 0; 855 return (ENOMEM); 856 } 857 } 858 859 sctp->sctp_ipha = (ipha_t *)sctp->sctp_iphc; 860 861 sctp->sctp_hdr_len = sizeof (ipha_t) + sizeof (sctp_hdr_t); 862 sctp->sctp_ip_hdr_len = sizeof (ipha_t); 863 sctp->sctp_ipha->ipha_length = htons(sizeof (ipha_t) + 864 sizeof (sctp_hdr_t)); 865 sctp->sctp_ipha->ipha_version_and_hdr_length 866 = (IP_VERSION << 4) | IP_SIMPLE_HDR_LENGTH_IN_WORDS; 867 868 /* 869 * These two fields should be zero, and are already set above. 870 * 871 * sctp->sctp_ipha->ipha_ident, 872 * sctp->sctp_ipha->ipha_fragment_offset_and_flags. 873 */ 874 875 sctp->sctp_ipha->ipha_ttl = sctp_ipv4_ttl; 876 sctp->sctp_ipha->ipha_protocol = IPPROTO_SCTP; 877 878 sctph = (sctp_hdr_t *)(sctp->sctp_iphc + sizeof (ipha_t)); 879 sctp->sctp_sctph = sctph; 880 881 return (0); 882 } 883 884 /* 885 * Update sctp_sticky_hdrs based on sctp_sticky_ipp. 886 * The headers include ip6i_t (if needed), ip6_t, any sticky extension 887 * headers, and the maximum size sctp header (to avoid reallocation 888 * on the fly for additional sctp options). 889 * Returns failure if can't allocate memory. 890 */ 891 int 892 sctp_build_hdrs(sctp_t *sctp) 893 { 894 char *hdrs; 895 uint_t hdrs_len; 896 ip6i_t *ip6i; 897 char buf[SCTP_MAX_HDR_LENGTH]; 898 ip6_pkt_t *ipp = &sctp->sctp_sticky_ipp; 899 in6_addr_t src; 900 in6_addr_t dst; 901 uint8_t hoplimit; 902 /* 903 * save the existing sctp header and source/dest IP addresses 904 */ 905 bcopy(sctp->sctp_sctph6, buf, sizeof (sctp_hdr_t)); 906 src = sctp->sctp_ip6h->ip6_src; 907 dst = sctp->sctp_ip6h->ip6_dst; 908 hoplimit = sctp->sctp_ip6h->ip6_hops; 909 hdrs_len = ip_total_hdrs_len_v6(ipp) + SCTP_MAX_HDR_LENGTH; 910 ASSERT(hdrs_len != 0); 911 if (hdrs_len > sctp->sctp_iphc6_len) { 912 /* Need to reallocate */ 913 hdrs = kmem_zalloc(hdrs_len, KM_NOSLEEP); 914 if (hdrs == NULL) 915 return (ENOMEM); 916 917 if (sctp->sctp_iphc6_len != 0) 918 kmem_free(sctp->sctp_iphc6, sctp->sctp_iphc6_len); 919 sctp->sctp_iphc6 = hdrs; 920 sctp->sctp_iphc6_len = hdrs_len; 921 } 922 ip_build_hdrs_v6((uchar_t *)sctp->sctp_iphc6, 923 hdrs_len - SCTP_MAX_HDR_LENGTH, ipp, IPPROTO_SCTP); 924 925 /* Set header fields not in ipp */ 926 if (ipp->ipp_fields & IPPF_HAS_IP6I) { 927 ip6i = (ip6i_t *)sctp->sctp_iphc6; 928 sctp->sctp_ip6h = (ip6_t *)&ip6i[1]; 929 } else { 930 sctp->sctp_ip6h = (ip6_t *)sctp->sctp_iphc6; 931 } 932 /* 933 * sctp->sctp_ip_hdr_len will include ip6i_t if there is one. 934 */ 935 sctp->sctp_ip_hdr6_len = hdrs_len - SCTP_MAX_HDR_LENGTH; 936 sctp->sctp_sctph6 = (sctp_hdr_t *)(sctp->sctp_iphc6 + 937 sctp->sctp_ip_hdr6_len); 938 sctp->sctp_hdr6_len = sctp->sctp_ip_hdr6_len + sizeof (sctp_hdr_t); 939 940 bcopy(buf, sctp->sctp_sctph6, sizeof (sctp_hdr_t)); 941 942 sctp->sctp_ip6h->ip6_src = src; 943 sctp->sctp_ip6h->ip6_dst = dst; 944 /* 945 * If IPV6_HOPLIMIT was set in ipp, use that value. 946 * For sticky options, if it does not exist use 947 * the default/saved value (which was set in ip_build_hdrs_v6()) 948 * All this as per RFC 2922. 949 */ 950 if (!(ipp->ipp_fields & IPPF_HOPLIMIT)) 951 sctp->sctp_ip6h->ip6_hops = hoplimit; 952 /* 953 * Set the IPv6 header payload length. 954 * If there's an ip6i_t included, don't count it in the length. 955 */ 956 sctp->sctp_ip6h->ip6_plen = sctp->sctp_hdr6_len - IPV6_HDR_LEN; 957 if (ipp->ipp_fields & IPPF_HAS_IP6I) 958 sctp->sctp_ip6h->ip6_plen -= sizeof (ip6i_t); 959 /* 960 * If we're setting extension headers after a connection 961 * has been established, and if we have a routing header 962 * among the extension headers, call ip_massage_options_v6 to 963 * manipulate the routing header/ip6_dst set the checksum 964 * difference in the sctp header template. 965 * (This happens in sctp_connect_ipv6 if the routing header 966 * is set prior to the connect.) 967 */ 968 969 if ((sctp->sctp_state >= SCTPS_COOKIE_WAIT) && 970 (sctp->sctp_sticky_ipp.ipp_fields & IPPF_RTHDR)) { 971 ip6_rthdr_t *rth; 972 973 rth = ip_find_rthdr_v6(sctp->sctp_ip6h, 974 (uint8_t *)sctp->sctp_sctph6); 975 if (rth != NULL) 976 (void) ip_massage_options_v6(sctp->sctp_ip6h, rth); 977 } 978 return (0); 979 } 980 981 /* 982 * Initialize the IPv6 header. Loses any record of any IPv6 extension headers. 983 */ 984 int 985 sctp_header_init_ipv6(sctp_t *sctp, int sleep) 986 { 987 sctp_hdr_t *sctph; 988 989 /* 990 * This is a simple initialization. If there's 991 * already a template, it should never be too small, 992 * so reuse it. Otherwise, allocate space for the new one. 993 * Ensure that there is enough space to "downgrade" the sctp_t 994 * to an IPv4 sctp_t. This requires having space for a full load 995 * of IPv4 options 996 */ 997 if (sctp->sctp_iphc6 != NULL) { 998 ASSERT(sctp->sctp_iphc6_len >= 999 SCTP_MAX_COMBINED_HEADER_LENGTH); 1000 bzero(sctp->sctp_iphc6, sctp->sctp_iphc6_len); 1001 } else { 1002 sctp->sctp_iphc6_len = SCTP_MAX_COMBINED_HEADER_LENGTH; 1003 sctp->sctp_iphc6 = kmem_zalloc(sctp->sctp_iphc_len, sleep); 1004 if (sctp->sctp_iphc6 == NULL) { 1005 sctp->sctp_iphc6_len = 0; 1006 return (ENOMEM); 1007 } 1008 } 1009 sctp->sctp_hdr6_len = IPV6_HDR_LEN + sizeof (sctp_hdr_t); 1010 sctp->sctp_ip_hdr6_len = IPV6_HDR_LEN; 1011 sctp->sctp_ip6h = (ip6_t *)sctp->sctp_iphc6; 1012 1013 /* Initialize the header template */ 1014 1015 sctp->sctp_ip6h->ip6_vcf = IPV6_DEFAULT_VERS_AND_FLOW; 1016 sctp->sctp_ip6h->ip6_plen = ntohs(sizeof (sctp_hdr_t)); 1017 sctp->sctp_ip6h->ip6_nxt = IPPROTO_SCTP; 1018 sctp->sctp_ip6h->ip6_hops = sctp_ipv6_hoplimit; 1019 1020 sctph = (sctp_hdr_t *)(sctp->sctp_iphc6 + IPV6_HDR_LEN); 1021 sctp->sctp_sctph6 = sctph; 1022 1023 return (0); 1024 } 1025 1026 /* 1027 * XXX implement more sophisticated logic 1028 */ 1029 void 1030 sctp_set_hdraddrs(sctp_t *sctp) 1031 { 1032 sctp_faddr_t *fp; 1033 int gotv4 = 0; 1034 int gotv6 = 0; 1035 1036 ASSERT(sctp->sctp_faddrs != NULL); 1037 ASSERT(sctp->sctp_nsaddrs > 0); 1038 1039 /* Set up using the primary first */ 1040 if (IN6_IS_ADDR_V4MAPPED(&sctp->sctp_primary->faddr)) { 1041 IN6_V4MAPPED_TO_IPADDR(&sctp->sctp_primary->faddr, 1042 sctp->sctp_ipha->ipha_dst); 1043 /* saddr may be unspec; make_mp() will handle this */ 1044 IN6_V4MAPPED_TO_IPADDR(&sctp->sctp_primary->saddr, 1045 sctp->sctp_ipha->ipha_src); 1046 gotv4 = 1; 1047 if (sctp->sctp_ipversion == IPV4_VERSION) { 1048 goto copyports; 1049 } 1050 } else { 1051 sctp->sctp_ip6h->ip6_dst = sctp->sctp_primary->faddr; 1052 /* saddr may be unspec; make_mp() will handle this */ 1053 sctp->sctp_ip6h->ip6_src = sctp->sctp_primary->saddr; 1054 gotv6 = 1; 1055 } 1056 1057 for (fp = sctp->sctp_faddrs; fp; fp = fp->next) { 1058 if (!gotv4 && IN6_IS_ADDR_V4MAPPED(&fp->faddr)) { 1059 IN6_V4MAPPED_TO_IPADDR(&fp->faddr, 1060 sctp->sctp_ipha->ipha_dst); 1061 /* copy in the faddr_t's saddr */ 1062 IN6_V4MAPPED_TO_IPADDR(&fp->saddr, 1063 sctp->sctp_ipha->ipha_src); 1064 gotv4 = 1; 1065 if (sctp->sctp_ipversion == IPV4_VERSION || gotv6) { 1066 break; 1067 } 1068 } else if (!gotv6) { 1069 sctp->sctp_ip6h->ip6_dst = fp->faddr; 1070 /* copy in the faddr_t's saddr */ 1071 sctp->sctp_ip6h->ip6_src = fp->saddr; 1072 gotv6 = 1; 1073 if (gotv4) { 1074 break; 1075 } 1076 } 1077 } 1078 1079 copyports: 1080 /* copy in the ports for good measure */ 1081 sctp->sctp_sctph->sh_sport = sctp->sctp_lport; 1082 sctp->sctp_sctph->sh_dport = sctp->sctp_fport; 1083 1084 sctp->sctp_sctph6->sh_sport = sctp->sctp_lport; 1085 sctp->sctp_sctph6->sh_dport = sctp->sctp_fport; 1086 } 1087 1088 void 1089 sctp_add_unrec_parm(sctp_parm_hdr_t *uph, mblk_t **errmp) 1090 { 1091 mblk_t *mp; 1092 sctp_parm_hdr_t *ph; 1093 size_t len; 1094 int pad; 1095 1096 len = sizeof (*ph) + ntohs(uph->sph_len); 1097 if ((pad = len % 4) != 0) { 1098 pad = 4 - pad; 1099 len += pad; 1100 } 1101 mp = allocb(len, BPRI_MED); 1102 if (mp == NULL) { 1103 return; 1104 } 1105 1106 ph = (sctp_parm_hdr_t *)(mp->b_rptr); 1107 ph->sph_type = htons(PARM_UNRECOGNIZED); 1108 ph->sph_len = htons(len - pad); 1109 1110 /* copy in the unrecognized parameter */ 1111 bcopy(uph, ph + 1, ntohs(uph->sph_len)); 1112 1113 mp->b_wptr = mp->b_rptr + len; 1114 if (*errmp != NULL) { 1115 linkb(*errmp, mp); 1116 } else { 1117 *errmp = mp; 1118 } 1119 } 1120 1121 /* 1122 * o Bounds checking 1123 * o Updates remaining 1124 * o Checks alignment 1125 */ 1126 sctp_parm_hdr_t * 1127 sctp_next_parm(sctp_parm_hdr_t *current, ssize_t *remaining) 1128 { 1129 int pad; 1130 uint16_t len; 1131 1132 len = ntohs(current->sph_len); 1133 *remaining -= len; 1134 if (*remaining < sizeof (*current) || len < sizeof (*current)) { 1135 return (NULL); 1136 } 1137 if ((pad = len & (SCTP_ALIGN - 1)) != 0) { 1138 pad = SCTP_ALIGN - pad; 1139 *remaining -= pad; 1140 } 1141 /*LINTED pointer cast may result in improper alignment*/ 1142 current = (sctp_parm_hdr_t *)((char *)current + len + pad); 1143 return (current); 1144 } 1145 1146 /* 1147 * Sets the address parameters given in the INIT chunk into sctp's 1148 * faddrs; if psctp is non-NULL, copies psctp's saddrs. If there are 1149 * no address parameters in the INIT chunk, a single faddr is created 1150 * from the ip hdr at the beginning of pkt. 1151 * If there already are existing addresses hanging from sctp, merge 1152 * them in, if the old info contains addresses which are not present 1153 * in this new info, get rid of them, and clean the pointers if there's 1154 * messages which have this as their target address. 1155 * 1156 * Returns 0 on success, sys errno on failure 1157 */ 1158 int 1159 sctp_get_addrparams(sctp_t *sctp, sctp_t *psctp, mblk_t *pkt, 1160 sctp_chunk_hdr_t *ich, uint_t *sctp_options) 1161 { 1162 sctp_init_chunk_t *init; 1163 ipha_t *iph; 1164 ip6_t *ip6h; 1165 in6_addr_t hdraddr[1]; 1166 sctp_parm_hdr_t *ph; 1167 ssize_t remaining; 1168 int isv4; 1169 int err; 1170 sctp_faddr_t *fp; 1171 1172 if (sctp_options != NULL) 1173 *sctp_options = 0; 1174 1175 /* inherit laddrs, if given */ 1176 if (psctp != NULL && psctp->sctp_nsaddrs > 0) { 1177 ASSERT(sctp->sctp_nsaddrs == 0); 1178 1179 err = sctp_dup_saddrs(psctp, sctp, KM_NOSLEEP); 1180 if (err != 0) 1181 return (err); 1182 } 1183 1184 /* extract the address from the IP header */ 1185 isv4 = (IPH_HDR_VERSION(pkt->b_rptr) == IPV4_VERSION); 1186 if (isv4) { 1187 iph = (ipha_t *)pkt->b_rptr; 1188 IN6_IPADDR_TO_V4MAPPED(iph->ipha_src, hdraddr); 1189 } else { 1190 ip6h = (ip6_t *)pkt->b_rptr; 1191 hdraddr[0] = ip6h->ip6_src; 1192 } 1193 1194 /* For loopback connections ignore address list */ 1195 if (sctp->sctp_loopback) 1196 goto get_from_iphdr; 1197 1198 /* Walk the params in the INIT [ACK], pulling out addr params */ 1199 remaining = ntohs(ich->sch_len) - sizeof (*ich) - 1200 sizeof (sctp_init_chunk_t); 1201 if (remaining < sizeof (*ph)) { 1202 /* no parameters */ 1203 goto get_from_iphdr; 1204 } 1205 init = (sctp_init_chunk_t *)(ich + 1); 1206 ph = (sctp_parm_hdr_t *)(init + 1); 1207 1208 while (ph != NULL) { 1209 /* params will have already been byteordered when validating */ 1210 if (ph->sph_type == htons(PARM_ADDR4)) { 1211 if (remaining >= PARM_ADDR4_LEN) { 1212 in6_addr_t addr; 1213 ipaddr_t ta; 1214 1215 /* 1216 * Screen out broad/multicasts & loopback. 1217 * If the endpoint only accepts v6 address, 1218 * go to the next one. 1219 */ 1220 bcopy(ph + 1, &ta, sizeof (ta)); 1221 if (ta == 0 || 1222 ta == INADDR_BROADCAST || 1223 ta == htonl(INADDR_LOOPBACK) || 1224 IN_MULTICAST(ta) || 1225 sctp->sctp_connp->conn_ipv6_v6only) { 1226 goto next; 1227 } 1228 /* 1229 * XXX also need to check for subnet 1230 * broadcasts. This should probably 1231 * wait until we have full access 1232 * to the ILL tables. 1233 */ 1234 1235 IN6_INADDR_TO_V4MAPPED((struct in_addr *) 1236 (ph + 1), &addr); 1237 /* Check for duplicate. */ 1238 if (sctp_lookup_faddr(sctp, &addr) != NULL) 1239 goto next; 1240 1241 /* OK, add it to the faddr set */ 1242 if (sctp_add_faddr(sctp, &addr, 1243 KM_NOSLEEP) != 0) { 1244 return (ENOMEM); 1245 } 1246 } 1247 } else if (ph->sph_type == htons(PARM_ADDR6) && 1248 sctp->sctp_family == AF_INET6) { 1249 /* An v4 socket should not take v6 addresses. */ 1250 if (remaining >= PARM_ADDR6_LEN) { 1251 in6_addr_t *addr6; 1252 1253 addr6 = (in6_addr_t *)(ph + 1); 1254 /* 1255 * Screen out link locals, mcast, loopback 1256 * and bogus v6 address. 1257 */ 1258 if (IN6_IS_ADDR_LINKLOCAL(addr6) || 1259 IN6_IS_ADDR_MULTICAST(addr6) || 1260 IN6_IS_ADDR_LOOPBACK(addr6) || 1261 IN6_IS_ADDR_V4MAPPED(addr6)) { 1262 goto next; 1263 } 1264 /* Check for duplicate. */ 1265 if (sctp_lookup_faddr(sctp, addr6) != NULL) 1266 goto next; 1267 1268 if (sctp_add_faddr(sctp, 1269 (in6_addr_t *)(ph + 1), KM_NOSLEEP) != 0) { 1270 return (ENOMEM); 1271 } 1272 } 1273 } else if (ph->sph_type == htons(PARM_FORWARD_TSN)) { 1274 if (sctp_options != NULL) 1275 *sctp_options |= SCTP_PRSCTP_OPTION; 1276 } /* else; skip */ 1277 1278 next: 1279 ph = sctp_next_parm(ph, &remaining); 1280 } 1281 1282 get_from_iphdr: 1283 /* Make sure the header's addr is in the list */ 1284 fp = sctp_lookup_faddr(sctp, hdraddr); 1285 if (fp == NULL) { 1286 /* not included; add it now */ 1287 if (sctp_add_faddr_first(sctp, hdraddr, KM_NOSLEEP) == -1) 1288 return (ENOMEM); 1289 1290 /* sctp_faddrs will be the hdr addr */ 1291 fp = sctp->sctp_faddrs; 1292 } 1293 /* make the header addr the primary */ 1294 sctp->sctp_primary = fp; 1295 sctp->sctp_current = fp; 1296 sctp->sctp_mss = fp->sfa_pmss; 1297 1298 return (0); 1299 } 1300 1301 /* 1302 * Returns 0 if the check failed and the restart should be refused, 1303 * 1 if the check succeeded. 1304 */ 1305 int 1306 sctp_secure_restart_check(mblk_t *pkt, sctp_chunk_hdr_t *ich, uint32_t ports, 1307 int sleep) 1308 { 1309 sctp_faddr_t *fp, *fpa, *fphead = NULL; 1310 sctp_parm_hdr_t *ph; 1311 ssize_t remaining; 1312 int isv4; 1313 ipha_t *iph; 1314 ip6_t *ip6h; 1315 in6_addr_t hdraddr[1]; 1316 int retval = 0; 1317 sctp_tf_t *tf; 1318 sctp_t *sctp; 1319 int compres; 1320 sctp_init_chunk_t *init; 1321 int nadded = 0; 1322 1323 /* extract the address from the IP header */ 1324 isv4 = (IPH_HDR_VERSION(pkt->b_rptr) == IPV4_VERSION); 1325 if (isv4) { 1326 iph = (ipha_t *)pkt->b_rptr; 1327 IN6_IPADDR_TO_V4MAPPED(iph->ipha_src, hdraddr); 1328 } else { 1329 ip6h = (ip6_t *)pkt->b_rptr; 1330 hdraddr[0] = ip6h->ip6_src; 1331 } 1332 1333 /* Walk the params in the INIT [ACK], pulling out addr params */ 1334 remaining = ntohs(ich->sch_len) - sizeof (*ich) - 1335 sizeof (sctp_init_chunk_t); 1336 if (remaining < sizeof (*ph)) { 1337 /* no parameters; restart OK */ 1338 return (1); 1339 } 1340 init = (sctp_init_chunk_t *)(ich + 1); 1341 ph = (sctp_parm_hdr_t *)(init + 1); 1342 1343 while (ph != NULL) { 1344 /* params will have already been byteordered when validating */ 1345 if (ph->sph_type == htons(PARM_ADDR4)) { 1346 if (remaining >= PARM_ADDR4_LEN) { 1347 in6_addr_t addr; 1348 IN6_INADDR_TO_V4MAPPED((struct in_addr *) 1349 (ph + 1), &addr); 1350 fpa = kmem_cache_alloc(sctp_kmem_faddr_cache, 1351 sleep); 1352 if (!fpa) { 1353 goto done; 1354 } 1355 bzero(fpa, sizeof (*fpa)); 1356 fpa->faddr = addr; 1357 fpa->next = NULL; 1358 } 1359 } else if (ph->sph_type == htons(PARM_ADDR6)) { 1360 if (remaining >= PARM_ADDR6_LEN) { 1361 fpa = kmem_cache_alloc(sctp_kmem_faddr_cache, 1362 sleep); 1363 if (!fpa) { 1364 goto done; 1365 } 1366 bzero(fpa, sizeof (*fpa)); 1367 bcopy(ph + 1, &fpa->faddr, 1368 sizeof (fpa->faddr)); 1369 fpa->next = NULL; 1370 } 1371 } else { 1372 /* else not addr param; skip */ 1373 fpa = NULL; 1374 } 1375 /* link in the new addr, if it was an addr param */ 1376 if (fpa) { 1377 if (!fphead) { 1378 fphead = fpa; 1379 fp = fphead; 1380 } else { 1381 fp->next = fpa; 1382 fp = fpa; 1383 } 1384 } 1385 1386 ph = sctp_next_parm(ph, &remaining); 1387 } 1388 1389 if (fphead == NULL) { 1390 /* no addr parameters; restart OK */ 1391 return (1); 1392 } 1393 1394 /* 1395 * got at least one; make sure the header's addr is 1396 * in the list 1397 */ 1398 fp = sctp_lookup_faddr_nosctp(fphead, hdraddr); 1399 if (!fp) { 1400 /* not included; add it now */ 1401 fp = kmem_cache_alloc(sctp_kmem_faddr_cache, sleep); 1402 if (!fp) { 1403 goto done; 1404 } 1405 bzero(fp, sizeof (*fp)); 1406 fp->faddr = *hdraddr; 1407 fp->next = fphead; 1408 fphead = fp; 1409 } 1410 1411 /* 1412 * Now, we can finally do the check: For each sctp instance 1413 * on the hash line for ports, compare its faddr set against 1414 * the new one. If the new one is a strict subset of any 1415 * existing sctp's faddrs, the restart is OK. However, if there 1416 * is an overlap, this could be an attack, so return failure. 1417 * If all sctp's faddrs are disjoint, this is a legitimate new 1418 * association. 1419 */ 1420 tf = &(sctp_conn_fanout[SCTP_CONN_HASH(ports)]); 1421 mutex_enter(&tf->tf_lock); 1422 1423 for (sctp = tf->tf_sctp; sctp; sctp = sctp->sctp_conn_hash_next) { 1424 if (ports != sctp->sctp_ports) { 1425 continue; 1426 } 1427 compres = sctp_compare_faddrsets(fphead, sctp->sctp_faddrs); 1428 if (compres <= SCTP_ADDR_SUBSET) { 1429 retval = 1; 1430 mutex_exit(&tf->tf_lock); 1431 goto done; 1432 } 1433 if (compres == SCTP_ADDR_OVERLAP) { 1434 dprint(1, 1435 ("new assoc from %x:%x:%x:%x overlaps with %p\n", 1436 SCTP_PRINTADDR(*hdraddr), sctp)); 1437 /* 1438 * While we still hold the lock, we need to 1439 * figure out which addresses have been 1440 * added so we can include them in the abort 1441 * we will send back. Since these faddrs will 1442 * never be used, we overload the rto field 1443 * here, setting it to 0 if the address was 1444 * not added, 1 if it was added. 1445 */ 1446 for (fp = fphead; fp; fp = fp->next) { 1447 if (sctp_lookup_faddr(sctp, &fp->faddr)) { 1448 fp->rto = 0; 1449 } else { 1450 fp->rto = 1; 1451 nadded++; 1452 } 1453 } 1454 mutex_exit(&tf->tf_lock); 1455 goto done; 1456 } 1457 } 1458 mutex_exit(&tf->tf_lock); 1459 1460 /* All faddrs are disjoint; legit new association */ 1461 retval = 1; 1462 1463 done: 1464 /* If are attempted adds, send back an abort listing the addrs */ 1465 if (nadded > 0) { 1466 void *dtail; 1467 size_t dlen; 1468 1469 dtail = kmem_alloc(PARM_ADDR6_LEN * nadded, KM_NOSLEEP); 1470 if (dtail == NULL) { 1471 goto cleanup; 1472 } 1473 1474 ph = dtail; 1475 dlen = 0; 1476 for (fp = fphead; fp; fp = fp->next) { 1477 if (fp->rto == 0) { 1478 continue; 1479 } 1480 if (IN6_IS_ADDR_V4MAPPED(&fp->faddr)) { 1481 ipaddr_t addr4; 1482 1483 ph->sph_type = htons(PARM_ADDR4); 1484 ph->sph_len = htons(PARM_ADDR4_LEN); 1485 IN6_V4MAPPED_TO_IPADDR(&fp->faddr, addr4); 1486 ph++; 1487 bcopy(&addr4, ph, sizeof (addr4)); 1488 ph = (sctp_parm_hdr_t *) 1489 ((char *)ph + sizeof (addr4)); 1490 dlen += PARM_ADDR4_LEN; 1491 } else { 1492 ph->sph_type = htons(PARM_ADDR6); 1493 ph->sph_len = htons(PARM_ADDR6_LEN); 1494 ph++; 1495 bcopy(&fp->faddr, ph, sizeof (fp->faddr)); 1496 ph = (sctp_parm_hdr_t *) 1497 ((char *)ph + sizeof (fp->faddr)); 1498 dlen += PARM_ADDR6_LEN; 1499 } 1500 } 1501 1502 /* Send off the abort */ 1503 sctp_send_abort(sctp, sctp_init2vtag(ich), 1504 SCTP_ERR_RESTART_NEW_ADDRS, dtail, dlen, pkt, 0, B_TRUE); 1505 1506 kmem_free(dtail, PARM_ADDR6_LEN * nadded); 1507 } 1508 1509 cleanup: 1510 /* Clean up */ 1511 if (fphead) { 1512 sctp_faddr_t *fpn; 1513 for (fp = fphead; fp; fp = fpn) { 1514 fpn = fp->next; 1515 kmem_cache_free(sctp_kmem_faddr_cache, fp); 1516 } 1517 } 1518 1519 return (retval); 1520 } 1521 1522 void 1523 sctp_congest_reset(sctp_t *sctp) 1524 { 1525 sctp_faddr_t *fp; 1526 1527 for (fp = sctp->sctp_faddrs; fp; fp = fp->next) { 1528 fp->ssthresh = sctp_initial_mtu; 1529 fp->cwnd = fp->sfa_pmss * sctp_slow_start_initial; 1530 fp->suna = 0; 1531 fp->pba = 0; 1532 } 1533 } 1534 1535 /* 1536 * Return zero if the buffers are identical in length and content. 1537 * This is used for comparing extension header buffers. 1538 * Note that an extension header would be declared different 1539 * even if all that changed was the next header value in that header i.e. 1540 * what really changed is the next extension header. 1541 */ 1542 boolean_t 1543 sctp_cmpbuf(void *a, uint_t alen, boolean_t b_valid, void *b, uint_t blen) 1544 { 1545 if (!b_valid) 1546 blen = 0; 1547 1548 if (alen != blen) 1549 return (B_TRUE); 1550 if (alen == 0) 1551 return (B_FALSE); /* Both zero length */ 1552 return (bcmp(a, b, alen)); 1553 } 1554 1555 /* 1556 * Preallocate memory for sctp_savebuf(). Returns B_TRUE if ok. 1557 * Return B_FALSE if memory allocation fails - don't change any state! 1558 */ 1559 boolean_t 1560 sctp_allocbuf(void **dstp, uint_t *dstlenp, boolean_t src_valid, 1561 void *src, uint_t srclen) 1562 { 1563 void *dst; 1564 1565 if (!src_valid) 1566 srclen = 0; 1567 1568 ASSERT(*dstlenp == 0); 1569 if (src != NULL && srclen != 0) { 1570 dst = mi_zalloc(srclen); 1571 if (dst == NULL) 1572 return (B_FALSE); 1573 } else { 1574 dst = NULL; 1575 } 1576 if (*dstp != NULL) { 1577 mi_free(*dstp); 1578 *dstp = NULL; 1579 *dstlenp = 0; 1580 } 1581 *dstp = dst; 1582 if (dst != NULL) 1583 *dstlenp = srclen; 1584 else 1585 *dstlenp = 0; 1586 return (B_TRUE); 1587 } 1588 1589 /* 1590 * Replace what is in *dst, *dstlen with the source. 1591 * Assumes sctp_allocbuf has already been called. 1592 */ 1593 void 1594 sctp_savebuf(void **dstp, uint_t *dstlenp, boolean_t src_valid, 1595 void *src, uint_t srclen) 1596 { 1597 if (!src_valid) 1598 srclen = 0; 1599 1600 ASSERT(*dstlenp == srclen); 1601 if (src != NULL && srclen != 0) { 1602 bcopy(src, *dstp, srclen); 1603 } 1604 } 1605 1606 static void 1607 sctp_init_faddr(sctp_t *sctp, sctp_faddr_t *fp, in6_addr_t *addr) 1608 { 1609 bcopy(addr, &fp->faddr, sizeof (*addr)); 1610 if (IN6_IS_ADDR_V4MAPPED(addr)) { 1611 fp->isv4 = 1; 1612 /* Make sure that sfa_pmss is a multiple of SCTP_ALIGN. */ 1613 fp->sfa_pmss = (sctp_initial_mtu - sctp->sctp_hdr_len) & 1614 ~(SCTP_ALIGN - 1); 1615 } else { 1616 fp->isv4 = 0; 1617 fp->sfa_pmss = (sctp_initial_mtu - sctp->sctp_hdr6_len) & 1618 ~(SCTP_ALIGN - 1); 1619 } 1620 fp->cwnd = sctp_slow_start_initial * fp->sfa_pmss; 1621 fp->rto = MIN(sctp->sctp_rto_initial, sctp->sctp_init_rto_max); 1622 fp->srtt = -1; 1623 fp->rtt_updates = 0; 1624 fp->strikes = 0; 1625 fp->max_retr = sctp->sctp_pp_max_rxt; 1626 /* Mark it as not confirmed. */ 1627 fp->state = SCTP_FADDRS_UNCONFIRMED; 1628 fp->hb_interval = sctp->sctp_hb_interval; 1629 fp->ssthresh = sctp_initial_ssthresh; 1630 fp->suna = 0; 1631 fp->pba = 0; 1632 fp->acked = 0; 1633 fp->lastactive = lbolt64; 1634 fp->timer_mp = NULL; 1635 fp->hb_pending = B_FALSE; 1636 fp->timer_running = 0; 1637 fp->df = 1; 1638 fp->pmtu_discovered = 0; 1639 fp->rc_timer_mp = NULL; 1640 fp->rc_timer_running = 0; 1641 fp->next = NULL; 1642 fp->ire = NULL; 1643 fp->T3expire = 0; 1644 (void) random_get_pseudo_bytes((uint8_t *)&fp->hb_secret, 1645 sizeof (fp->hb_secret)); 1646 fp->hb_expiry = lbolt64; 1647 1648 sctp_ire2faddr(sctp, fp); 1649 } 1650 1651 /*ARGSUSED*/ 1652 static void 1653 faddr_destructor(void *buf, void *cdrarg) 1654 { 1655 sctp_faddr_t *fp = buf; 1656 1657 ASSERT(fp->timer_mp == NULL); 1658 ASSERT(fp->timer_running == 0); 1659 1660 ASSERT(fp->rc_timer_mp == NULL); 1661 ASSERT(fp->rc_timer_running == 0); 1662 } 1663 1664 void 1665 sctp_faddr_init() 1666 { 1667 sctp_kmem_faddr_cache = kmem_cache_create("sctp_faddr_cache", 1668 sizeof (sctp_faddr_t), 0, NULL, faddr_destructor, 1669 NULL, NULL, NULL, 0); 1670 } 1671 1672 void 1673 sctp_faddr_fini() 1674 { 1675 kmem_cache_destroy(sctp_kmem_faddr_cache); 1676 } 1677