1 | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | /* SCTP kernel implementation |
3 | * (C) Copyright IBM Corp. 2001, 2003 |
4 | * Copyright (c) Cisco 1999,2000 |
5 | * Copyright (c) Motorola 1999,2000,2001 |
6 | * Copyright (c) La Monte H.P. Yarroll 2001 |
7 | * |
8 | * This file is part of the SCTP kernel implementation. |
9 | * |
10 | * A collection class to handle the storage of transport addresses. |
11 | * |
12 | * Please send any bug reports or fixes you make to the |
13 | * email address(es): |
14 | * lksctp developers <linux-sctp@vger.kernel.org> |
15 | * |
16 | * Written or modified by: |
17 | * La Monte H.P. Yarroll <piggy@acm.org> |
18 | * Karl Knutson <karl@athena.chicago.il.us> |
19 | * Jon Grimm <jgrimm@us.ibm.com> |
20 | * Daisy Chang <daisyc@us.ibm.com> |
21 | */ |
22 | |
23 | #include <linux/types.h> |
24 | #include <linux/slab.h> |
25 | #include <linux/in.h> |
26 | #include <net/sock.h> |
27 | #include <net/ipv6.h> |
28 | #include <net/if_inet6.h> |
29 | #include <net/sctp/sctp.h> |
30 | #include <net/sctp/sm.h> |
31 | |
32 | /* Forward declarations for internal helpers. */ |
33 | static int sctp_copy_one_addr(struct net *net, struct sctp_bind_addr *dest, |
34 | union sctp_addr *addr, enum sctp_scope scope, |
35 | gfp_t gfp, int flags); |
36 | static void sctp_bind_addr_clean(struct sctp_bind_addr *); |
37 | |
38 | /* First Level Abstractions. */ |
39 | |
40 | /* Copy 'src' to 'dest' taking 'scope' into account. Omit addresses |
41 | * in 'src' which have a broader scope than 'scope'. |
42 | */ |
43 | int sctp_bind_addr_copy(struct net *net, struct sctp_bind_addr *dest, |
44 | const struct sctp_bind_addr *src, |
45 | enum sctp_scope scope, gfp_t gfp, |
46 | int flags) |
47 | { |
48 | struct sctp_sockaddr_entry *addr; |
49 | int error = 0; |
50 | |
51 | /* All addresses share the same port. */ |
52 | dest->port = src->port; |
53 | |
54 | /* Extract the addresses which are relevant for this scope. */ |
55 | list_for_each_entry(addr, &src->address_list, list) { |
56 | error = sctp_copy_one_addr(net, dest, addr: &addr->a, scope, |
57 | gfp, flags); |
58 | if (error < 0) |
59 | goto out; |
60 | } |
61 | |
62 | /* If there are no addresses matching the scope and |
63 | * this is global scope, try to get a link scope address, with |
64 | * the assumption that we must be sitting behind a NAT. |
65 | */ |
66 | if (list_empty(head: &dest->address_list) && (SCTP_SCOPE_GLOBAL == scope)) { |
67 | list_for_each_entry(addr, &src->address_list, list) { |
68 | error = sctp_copy_one_addr(net, dest, addr: &addr->a, |
69 | scope: SCTP_SCOPE_LINK, gfp, |
70 | flags); |
71 | if (error < 0) |
72 | goto out; |
73 | } |
74 | } |
75 | |
76 | /* If somehow no addresses were found that can be used with this |
77 | * scope, it's an error. |
78 | */ |
79 | if (list_empty(head: &dest->address_list)) |
80 | error = -ENETUNREACH; |
81 | |
82 | out: |
83 | if (error) |
84 | sctp_bind_addr_clean(dest); |
85 | |
86 | return error; |
87 | } |
88 | |
89 | /* Exactly duplicate the address lists. This is necessary when doing |
90 | * peer-offs and accepts. We don't want to put all the current system |
91 | * addresses into the endpoint. That's useless. But we do want duplicat |
92 | * the list of bound addresses that the older endpoint used. |
93 | */ |
94 | int sctp_bind_addr_dup(struct sctp_bind_addr *dest, |
95 | const struct sctp_bind_addr *src, |
96 | gfp_t gfp) |
97 | { |
98 | struct sctp_sockaddr_entry *addr; |
99 | int error = 0; |
100 | |
101 | /* All addresses share the same port. */ |
102 | dest->port = src->port; |
103 | |
104 | list_for_each_entry(addr, &src->address_list, list) { |
105 | error = sctp_add_bind_addr(dest, &addr->a, new_size: sizeof(addr->a), |
106 | addr_state: 1, gfp); |
107 | if (error < 0) |
108 | break; |
109 | } |
110 | |
111 | return error; |
112 | } |
113 | |
114 | /* Initialize the SCTP_bind_addr structure for either an endpoint or |
115 | * an association. |
116 | */ |
117 | void sctp_bind_addr_init(struct sctp_bind_addr *bp, __u16 port) |
118 | { |
119 | INIT_LIST_HEAD(list: &bp->address_list); |
120 | bp->port = port; |
121 | } |
122 | |
123 | /* Dispose of the address list. */ |
124 | static void sctp_bind_addr_clean(struct sctp_bind_addr *bp) |
125 | { |
126 | struct sctp_sockaddr_entry *addr, *temp; |
127 | |
128 | /* Empty the bind address list. */ |
129 | list_for_each_entry_safe(addr, temp, &bp->address_list, list) { |
130 | list_del_rcu(entry: &addr->list); |
131 | kfree_rcu(addr, rcu); |
132 | SCTP_DBG_OBJCNT_DEC(addr); |
133 | } |
134 | } |
135 | |
136 | /* Dispose of an SCTP_bind_addr structure */ |
137 | void sctp_bind_addr_free(struct sctp_bind_addr *bp) |
138 | { |
139 | /* Empty the bind address list. */ |
140 | sctp_bind_addr_clean(bp); |
141 | } |
142 | |
143 | /* Add an address to the bind address list in the SCTP_bind_addr structure. */ |
144 | int sctp_add_bind_addr(struct sctp_bind_addr *bp, union sctp_addr *new, |
145 | int new_size, __u8 addr_state, gfp_t gfp) |
146 | { |
147 | struct sctp_sockaddr_entry *addr; |
148 | |
149 | /* Add the address to the bind address list. */ |
150 | addr = kzalloc(size: sizeof(*addr), flags: gfp); |
151 | if (!addr) |
152 | return -ENOMEM; |
153 | |
154 | memcpy(&addr->a, new, min_t(size_t, sizeof(*new), new_size)); |
155 | |
156 | /* Fix up the port if it has not yet been set. |
157 | * Both v4 and v6 have the port at the same offset. |
158 | */ |
159 | if (!addr->a.v4.sin_port) |
160 | addr->a.v4.sin_port = htons(bp->port); |
161 | |
162 | addr->state = addr_state; |
163 | addr->valid = 1; |
164 | |
165 | INIT_LIST_HEAD(list: &addr->list); |
166 | |
167 | /* We always hold a socket lock when calling this function, |
168 | * and that acts as a writer synchronizing lock. |
169 | */ |
170 | list_add_tail_rcu(new: &addr->list, head: &bp->address_list); |
171 | SCTP_DBG_OBJCNT_INC(addr); |
172 | |
173 | return 0; |
174 | } |
175 | |
176 | /* Delete an address from the bind address list in the SCTP_bind_addr |
177 | * structure. |
178 | */ |
179 | int sctp_del_bind_addr(struct sctp_bind_addr *bp, union sctp_addr *del_addr) |
180 | { |
181 | struct sctp_sockaddr_entry *addr, *temp; |
182 | int found = 0; |
183 | |
184 | /* We hold the socket lock when calling this function, |
185 | * and that acts as a writer synchronizing lock. |
186 | */ |
187 | list_for_each_entry_safe(addr, temp, &bp->address_list, list) { |
188 | if (sctp_cmp_addr_exact(ss1: &addr->a, ss2: del_addr)) { |
189 | /* Found the exact match. */ |
190 | found = 1; |
191 | addr->valid = 0; |
192 | list_del_rcu(entry: &addr->list); |
193 | break; |
194 | } |
195 | } |
196 | |
197 | if (found) { |
198 | kfree_rcu(addr, rcu); |
199 | SCTP_DBG_OBJCNT_DEC(addr); |
200 | return 0; |
201 | } |
202 | |
203 | return -EINVAL; |
204 | } |
205 | |
206 | /* Create a network byte-order representation of all the addresses |
207 | * formated as SCTP parameters. |
208 | * |
209 | * The second argument is the return value for the length. |
210 | */ |
211 | union sctp_params sctp_bind_addrs_to_raw(const struct sctp_bind_addr *bp, |
212 | int *addrs_len, |
213 | gfp_t gfp) |
214 | { |
215 | union sctp_params addrparms; |
216 | union sctp_params retval; |
217 | int addrparms_len; |
218 | union sctp_addr_param rawaddr; |
219 | int len; |
220 | struct sctp_sockaddr_entry *addr; |
221 | struct list_head *pos; |
222 | struct sctp_af *af; |
223 | |
224 | addrparms_len = 0; |
225 | len = 0; |
226 | |
227 | /* Allocate enough memory at once. */ |
228 | list_for_each(pos, &bp->address_list) { |
229 | len += sizeof(union sctp_addr_param); |
230 | } |
231 | |
232 | /* Don't even bother embedding an address if there |
233 | * is only one. |
234 | */ |
235 | if (len == sizeof(union sctp_addr_param)) { |
236 | retval.v = NULL; |
237 | goto end_raw; |
238 | } |
239 | |
240 | retval.v = kmalloc(size: len, flags: gfp); |
241 | if (!retval.v) |
242 | goto end_raw; |
243 | |
244 | addrparms = retval; |
245 | |
246 | list_for_each_entry(addr, &bp->address_list, list) { |
247 | af = sctp_get_af_specific(addr->a.v4.sin_family); |
248 | len = af->to_addr_param(&addr->a, &rawaddr); |
249 | memcpy(addrparms.v, &rawaddr, len); |
250 | addrparms.v += len; |
251 | addrparms_len += len; |
252 | } |
253 | |
254 | end_raw: |
255 | *addrs_len = addrparms_len; |
256 | return retval; |
257 | } |
258 | |
259 | /* |
260 | * Create an address list out of the raw address list format (IPv4 and IPv6 |
261 | * address parameters). |
262 | */ |
263 | int sctp_raw_to_bind_addrs(struct sctp_bind_addr *bp, __u8 *raw_addr_list, |
264 | int addrs_len, __u16 port, gfp_t gfp) |
265 | { |
266 | union sctp_addr_param *rawaddr; |
267 | struct sctp_paramhdr *param; |
268 | union sctp_addr addr; |
269 | int retval = 0; |
270 | int len; |
271 | struct sctp_af *af; |
272 | |
273 | /* Convert the raw address to standard address format */ |
274 | while (addrs_len) { |
275 | param = (struct sctp_paramhdr *)raw_addr_list; |
276 | rawaddr = (union sctp_addr_param *)raw_addr_list; |
277 | |
278 | af = sctp_get_af_specific(param_type2af(type: param->type)); |
279 | if (unlikely(!af) || |
280 | !af->from_addr_param(&addr, rawaddr, htons(port), 0)) { |
281 | retval = -EINVAL; |
282 | goto out_err; |
283 | } |
284 | |
285 | if (sctp_bind_addr_state(bp, addr: &addr) != -1) |
286 | goto next; |
287 | retval = sctp_add_bind_addr(bp, new: &addr, new_size: sizeof(addr), |
288 | addr_state: SCTP_ADDR_SRC, gfp); |
289 | if (retval) |
290 | /* Can't finish building the list, clean up. */ |
291 | goto out_err; |
292 | |
293 | next: |
294 | len = ntohs(param->length); |
295 | addrs_len -= len; |
296 | raw_addr_list += len; |
297 | } |
298 | |
299 | return retval; |
300 | |
301 | out_err: |
302 | if (retval) |
303 | sctp_bind_addr_clean(bp); |
304 | |
305 | return retval; |
306 | } |
307 | |
308 | /******************************************************************** |
309 | * 2nd Level Abstractions |
310 | ********************************************************************/ |
311 | |
312 | /* Does this contain a specified address? Allow wildcarding. */ |
313 | int sctp_bind_addr_match(struct sctp_bind_addr *bp, |
314 | const union sctp_addr *addr, |
315 | struct sctp_sock *opt) |
316 | { |
317 | struct sctp_sockaddr_entry *laddr; |
318 | int match = 0; |
319 | |
320 | rcu_read_lock(); |
321 | list_for_each_entry_rcu(laddr, &bp->address_list, list) { |
322 | if (!laddr->valid) |
323 | continue; |
324 | if (opt->pf->cmp_addr(&laddr->a, addr, opt)) { |
325 | match = 1; |
326 | break; |
327 | } |
328 | } |
329 | rcu_read_unlock(); |
330 | |
331 | return match; |
332 | } |
333 | |
334 | int sctp_bind_addrs_check(struct sctp_sock *sp, |
335 | struct sctp_sock *sp2, int cnt2) |
336 | { |
337 | struct sctp_bind_addr *bp2 = &sp2->ep->base.bind_addr; |
338 | struct sctp_bind_addr *bp = &sp->ep->base.bind_addr; |
339 | struct sctp_sockaddr_entry *laddr, *laddr2; |
340 | bool exist = false; |
341 | int cnt = 0; |
342 | |
343 | rcu_read_lock(); |
344 | list_for_each_entry_rcu(laddr, &bp->address_list, list) { |
345 | list_for_each_entry_rcu(laddr2, &bp2->address_list, list) { |
346 | if (sp->pf->af->cmp_addr(&laddr->a, &laddr2->a) && |
347 | laddr->valid && laddr2->valid) { |
348 | exist = true; |
349 | goto next; |
350 | } |
351 | } |
352 | cnt = 0; |
353 | break; |
354 | next: |
355 | cnt++; |
356 | } |
357 | rcu_read_unlock(); |
358 | |
359 | return (cnt == cnt2) ? 0 : (exist ? -EEXIST : 1); |
360 | } |
361 | |
362 | /* Does the address 'addr' conflict with any addresses in |
363 | * the bp. |
364 | */ |
365 | int sctp_bind_addr_conflict(struct sctp_bind_addr *bp, |
366 | const union sctp_addr *addr, |
367 | struct sctp_sock *bp_sp, |
368 | struct sctp_sock *addr_sp) |
369 | { |
370 | struct sctp_sockaddr_entry *laddr; |
371 | int conflict = 0; |
372 | struct sctp_sock *sp; |
373 | |
374 | /* Pick the IPv6 socket as the basis of comparison |
375 | * since it's usually a superset of the IPv4. |
376 | * If there is no IPv6 socket, then default to bind_addr. |
377 | */ |
378 | if (sctp_opt2sk(sp: bp_sp)->sk_family == AF_INET6) |
379 | sp = bp_sp; |
380 | else if (sctp_opt2sk(sp: addr_sp)->sk_family == AF_INET6) |
381 | sp = addr_sp; |
382 | else |
383 | sp = bp_sp; |
384 | |
385 | rcu_read_lock(); |
386 | list_for_each_entry_rcu(laddr, &bp->address_list, list) { |
387 | if (!laddr->valid) |
388 | continue; |
389 | |
390 | conflict = sp->pf->cmp_addr(&laddr->a, addr, sp); |
391 | if (conflict) |
392 | break; |
393 | } |
394 | rcu_read_unlock(); |
395 | |
396 | return conflict; |
397 | } |
398 | |
399 | /* Get the state of the entry in the bind_addr_list */ |
400 | int sctp_bind_addr_state(const struct sctp_bind_addr *bp, |
401 | const union sctp_addr *addr) |
402 | { |
403 | struct sctp_sockaddr_entry *laddr; |
404 | struct sctp_af *af; |
405 | |
406 | af = sctp_get_af_specific(addr->sa.sa_family); |
407 | if (unlikely(!af)) |
408 | return -1; |
409 | |
410 | list_for_each_entry_rcu(laddr, &bp->address_list, list) { |
411 | if (!laddr->valid) |
412 | continue; |
413 | if (af->cmp_addr(&laddr->a, addr)) |
414 | return laddr->state; |
415 | } |
416 | |
417 | return -1; |
418 | } |
419 | |
420 | /* Find the first address in the bind address list that is not present in |
421 | * the addrs packed array. |
422 | */ |
423 | union sctp_addr *sctp_find_unmatch_addr(struct sctp_bind_addr *bp, |
424 | const union sctp_addr *addrs, |
425 | int addrcnt, |
426 | struct sctp_sock *opt) |
427 | { |
428 | struct sctp_sockaddr_entry *laddr; |
429 | union sctp_addr *addr; |
430 | void *addr_buf; |
431 | struct sctp_af *af; |
432 | int i; |
433 | |
434 | /* This is only called sctp_send_asconf_del_ip() and we hold |
435 | * the socket lock in that code patch, so that address list |
436 | * can't change. |
437 | */ |
438 | list_for_each_entry(laddr, &bp->address_list, list) { |
439 | addr_buf = (union sctp_addr *)addrs; |
440 | for (i = 0; i < addrcnt; i++) { |
441 | addr = addr_buf; |
442 | af = sctp_get_af_specific(addr->v4.sin_family); |
443 | if (!af) |
444 | break; |
445 | |
446 | if (opt->pf->cmp_addr(&laddr->a, addr, opt)) |
447 | break; |
448 | |
449 | addr_buf += af->sockaddr_len; |
450 | } |
451 | if (i == addrcnt) |
452 | return &laddr->a; |
453 | } |
454 | |
455 | return NULL; |
456 | } |
457 | |
458 | /* Copy out addresses from the global local address list. */ |
459 | static int sctp_copy_one_addr(struct net *net, struct sctp_bind_addr *dest, |
460 | union sctp_addr *addr, enum sctp_scope scope, |
461 | gfp_t gfp, int flags) |
462 | { |
463 | int error = 0; |
464 | |
465 | if (sctp_is_any(NULL, addr)) { |
466 | error = sctp_copy_local_addr_list(net, addr: dest, scope, gfp, flags); |
467 | } else if (sctp_in_scope(net, addr, scope)) { |
468 | /* Now that the address is in scope, check to see if |
469 | * the address type is supported by local sock as |
470 | * well as the remote peer. |
471 | */ |
472 | if ((((AF_INET == addr->sa.sa_family) && |
473 | (flags & SCTP_ADDR4_ALLOWED) && |
474 | (flags & SCTP_ADDR4_PEERSUPP))) || |
475 | (((AF_INET6 == addr->sa.sa_family) && |
476 | (flags & SCTP_ADDR6_ALLOWED) && |
477 | (flags & SCTP_ADDR6_PEERSUPP)))) |
478 | error = sctp_add_bind_addr(bp: dest, new: addr, new_size: sizeof(*addr), |
479 | addr_state: SCTP_ADDR_SRC, gfp); |
480 | } |
481 | |
482 | return error; |
483 | } |
484 | |
485 | /* Is this a wildcard address? */ |
486 | int sctp_is_any(struct sock *sk, const union sctp_addr *addr) |
487 | { |
488 | unsigned short fam = 0; |
489 | struct sctp_af *af; |
490 | |
491 | /* Try to get the right address family */ |
492 | if (addr->sa.sa_family != AF_UNSPEC) |
493 | fam = addr->sa.sa_family; |
494 | else if (sk) |
495 | fam = sk->sk_family; |
496 | |
497 | af = sctp_get_af_specific(fam); |
498 | if (!af) |
499 | return 0; |
500 | |
501 | return af->is_any(addr); |
502 | } |
503 | |
504 | /* Is 'addr' valid for 'scope'? */ |
505 | int sctp_in_scope(struct net *net, const union sctp_addr *addr, |
506 | enum sctp_scope scope) |
507 | { |
508 | enum sctp_scope addr_scope = sctp_scope(addr); |
509 | |
510 | /* The unusable SCTP addresses will not be considered with |
511 | * any defined scopes. |
512 | */ |
513 | if (SCTP_SCOPE_UNUSABLE == addr_scope) |
514 | return 0; |
515 | /* |
516 | * For INIT and INIT-ACK address list, let L be the level of |
517 | * requested destination address, sender and receiver |
518 | * SHOULD include all of its addresses with level greater |
519 | * than or equal to L. |
520 | * |
521 | * Address scoping can be selectively controlled via sysctl |
522 | * option |
523 | */ |
524 | switch (net->sctp.scope_policy) { |
525 | case SCTP_SCOPE_POLICY_DISABLE: |
526 | return 1; |
527 | case SCTP_SCOPE_POLICY_ENABLE: |
528 | if (addr_scope <= scope) |
529 | return 1; |
530 | break; |
531 | case SCTP_SCOPE_POLICY_PRIVATE: |
532 | if (addr_scope <= scope || SCTP_SCOPE_PRIVATE == addr_scope) |
533 | return 1; |
534 | break; |
535 | case SCTP_SCOPE_POLICY_LINK: |
536 | if (addr_scope <= scope || SCTP_SCOPE_LINK == addr_scope) |
537 | return 1; |
538 | break; |
539 | default: |
540 | break; |
541 | } |
542 | |
543 | return 0; |
544 | } |
545 | |
546 | int sctp_is_ep_boundall(struct sock *sk) |
547 | { |
548 | struct sctp_bind_addr *bp; |
549 | struct sctp_sockaddr_entry *addr; |
550 | |
551 | bp = &sctp_sk(sk)->ep->base.bind_addr; |
552 | if (sctp_list_single_entry(head: &bp->address_list)) { |
553 | addr = list_entry(bp->address_list.next, |
554 | struct sctp_sockaddr_entry, list); |
555 | if (sctp_is_any(sk, addr: &addr->a)) |
556 | return 1; |
557 | } |
558 | return 0; |
559 | } |
560 | |
561 | /******************************************************************** |
562 | * 3rd Level Abstractions |
563 | ********************************************************************/ |
564 | |
565 | /* What is the scope of 'addr'? */ |
566 | enum sctp_scope sctp_scope(const union sctp_addr *addr) |
567 | { |
568 | struct sctp_af *af; |
569 | |
570 | af = sctp_get_af_specific(addr->sa.sa_family); |
571 | if (!af) |
572 | return SCTP_SCOPE_UNUSABLE; |
573 | |
574 | return af->scope((union sctp_addr *)addr); |
575 | } |
576 | |