Commit Graph

272 Commits

Author SHA1 Message Date
Michael Tuexen
689ed08920 Improve locking when tearing down an SCTP association.
This is joint work with rrs@ and the issue was found by
syzkaller.

MFC after:		1 week
2019-03-25 15:23:20 +00:00
Michael Tuexen
be62c88b80 Allocate an assocition id and register the stcb with holding the lock.
This avoids a race where stcbs can be found, which are not completely
initialized.

This was found by running syzkaller.

MFC after:		3 days
2019-03-03 19:55:06 +00:00
Michael Tuexen
1a0b021677 Refactor the SHUTDOWN_PENDING state handling.
This is not a functional change but a preperation for the upcoming
DTrace support. It is necessary to change the state in one
logical operation, even if it involves clearing the sub state
SHUTDOWN_PENDING.

MFC after:		1 month
2018-08-21 13:25:32 +00:00
Michael Tuexen
839d21d62e Use the stacb instead of the asoc in state macros.
This is not a functional change. Just a preparation for upcoming
dtrace state change provider support.
2018-08-13 13:58:45 +00:00
Michael Tuexen
61a2188021 Use consistently the macors to modify the assoc state.
No functional change.
2018-08-13 11:56:21 +00:00
Michael Tuexen
0053ed28ff Whitespace changes due to changes in ident. 2018-07-19 20:16:33 +00:00
Michael Tuexen
b0471b4b95 Revert https://svnweb.freebsd.org/changeset/base/336503
since I also ran the export script with different parameters.
2018-07-19 20:11:14 +00:00
Michael Tuexen
7679e49dd4 Whitespace changes due to change if ident. 2018-07-19 19:33:42 +00:00
Michael Tuexen
13500cbb61 Don't overflow a buffer if we receive an INIT or INIT-ACK chunk
without a RANDOM parameter but with a CHUNKS or HMAC-ALGO parameter.
Please note that sending this combination violates the specification.

Thnanks to Ronald E. Crane for reporting the issue for the userland
stack.

MFC after:	3 days
2018-06-02 16:28:10 +00:00
Pedro F. Giffuni
51369649b0 sys: further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:43:44 +00:00
Michael Tuexen
28a6adde1d Allow the setting of the MTU for future paths using an SCTP socket option.
This functionality was missing.

MFC after:	1 week
2017-11-03 20:46:12 +00:00
Michael Tuexen
afb908dada Add missing socket lock.
MFC after:	1 week
2017-09-22 06:07:47 +00:00
Michael Tuexen
2c62ba7377 Protect the address workqueue timer by a mutex.
MFC after:	1 week
2017-09-20 21:29:54 +00:00
Michael Tuexen
0c4622dab2 Silence a Coverity warning from scanning the usrsctp library.
MFC after:	3 days
2017-09-09 20:08:26 +00:00
Michael Tuexen
5ba7f91f9d Use memset/memcpy instead of bzero/bcopy.
Just use one variant instead of both. Use the memset/memcpy
ones since they cause less problems in crossplatform deployment.

MFC after:	1 week
2017-07-19 14:28:58 +00:00
Michael Tuexen
28cd0699b6 Fix the accounting and add code to detect errors in accounting.
Joint work with rrs@
MFC after:	1 week
2017-07-19 12:27:40 +00:00
Michael Tuexen
f4358911bf Handle sctp_get_next_param() in a consistent way.
This addresses an issue found by Felix Weinrank using libfuzz.
While there, use also consistent nameing.

MFC after:	3 days
2017-06-23 21:01:57 +00:00
Gleb Smirnoff
12d8a8e7a3 The desired lock here is socket buffer, not socket.
Right now they match, but won't in future.
2017-06-08 06:34:09 +00:00
Michael Tuexen
5d08768a2b Use the SCTP_PCB_FLAGS_ACCEPTING flags to check for listeners.
While there, use a macro for checking the listen state to allow for
easier changes if required.

This done to help glebius@ with his listen changes.
2017-05-26 16:29:00 +00:00
Michael Tuexen
10e0318afa Allow SCTP to use the hostcache.
This patch allows the MTU stored in the hostcache to be used as an
initial value for SCTP paths. When an ICMP PTB message is received,
store the MTU in the hostcache.

MFC after:	1 week
2017-04-29 19:20:50 +00:00
Andrey V. Elsukov
627c036f65 Remove IPsec related PCB code from SCTP.
The inpcb structure has inp_sp pointer that is initialized by
ipsec_init_pcbpolicy() function. This pointer keeps strorage for IPsec
security policies associated with a specific socket.
An application can use IP_IPSEC_POLICY and IPV6_IPSEC_POLICY socket
options to configure these security policies. Then ip[6]_output()
uses inpcb pointer to specify that an outgoing packet is associated
with some socket. And IPSEC_OUTPUT() method can use a security policy
stored in the inp_sp. For inbound packet the protocol-specific input
routine uses IPSEC_CHECK_POLICY() method to check that a packet conforms
to inbound security policy configured in the inpcb.

SCTP protocol doesn't specify inpcb for ip[6]_output() when it sends
packets. Thus IPSEC_OUTPUT() method does not consider such packets as
associated with some socket and can not apply security policies
from inpcb, even if they are configured. Since IPSEC_CHECK_POLICY()
method is called from protocol-specific input routine, it can specify
inpcb pointer and associated with socket inbound policy will be
checked. But there are two problems:
1. Such check is asymmetric, becasue we can not apply security policy
from inpcb for outgoing packet.
2. IPSEC_CHECK_POLICY() expects that caller holds INPCB lock and
access to inp_sp is protected. But for SCTP this is not correct,
becasue SCTP uses own locks to protect inpcb.

To fix these problems remove IPsec related PCB code from SCTP.
This imply that IP_IPSEC_POLICY and IPV6_IPSEC_POLICY socket options
will be not applicable to SCTP sockets. To be able correctly check
inbound security policies for SCTP, mark its protocol header with
the PR_LASTHDR flag.

Reported by:	tuexen
Reviewed by:	tuexen
Differential Revision:	https://reviews.freebsd.org/D9538
2017-02-13 11:37:52 +00:00
Andrey V. Elsukov
fcf596178b Merge projects/ipsec into head/.
Small summary
 -------------

o Almost all IPsec releated code was moved into sys/netipsec.
o New kernel modules added: ipsec.ko and tcpmd5.ko. New kernel
  option IPSEC_SUPPORT added. It enables support for loading
  and unloading of ipsec.ko and tcpmd5.ko kernel modules.
o IPSEC_NAT_T option was removed. Now NAT-T support is enabled by
  default. The UDP_ENCAP_ESPINUDP_NON_IKE encapsulation type
  support was removed. Added TCP/UDP checksum handling for
  inbound packets that were decapsulated by transport mode SAs.
  setkey(8) modified to show run-time NAT-T configuration of SA.
o New network pseudo interface if_ipsec(4) added. For now it is
  build as part of ipsec.ko module (or with IPSEC kernel).
  It implements IPsec virtual tunnels to create route-based VPNs.
o The network stack now invokes IPsec functions using special
  methods. The only one header file <netipsec/ipsec_support.h>
  should be included to declare all the needed things to work
  with IPsec.
o All IPsec protocols handlers (ESP/AH/IPCOMP protosw) were removed.
  Now these protocols are handled directly via IPsec methods.
o TCP_SIGNATURE support was reworked to be more close to RFC.
o PF_KEY SADB was reworked:
  - now all security associations stored in the single SPI namespace,
    and all SAs MUST have unique SPI.
  - several hash tables added to speed up lookups in SADB.
  - SADB now uses rmlock to protect access, and concurrent threads
    can do SA lookups in the same time.
  - many PF_KEY message handlers were reworked to reflect changes
    in SADB.
  - SADB_UPDATE message was extended to support new PF_KEY headers:
    SADB_X_EXT_NEW_ADDRESS_SRC and SADB_X_EXT_NEW_ADDRESS_DST. They
    can be used by IKE daemon to change SA addresses.
o ipsecrequest and secpolicy structures were cardinally changed to
  avoid locking protection for ipsecrequest. Now we support
  only limited number (4) of bundled SAs, but they are supported
  for both INET and INET6.
o INPCB security policy cache was introduced. Each PCB now caches
  used security policies to avoid SP lookup for each packet.
o For inbound security policies added the mode, when the kernel does
  check for full history of applied IPsec transforms.
o References counting rules for security policies and security
  associations were changed. The proper SA locking added into xform
  code.
o xform code was also changed. Now it is possible to unregister xforms.
  tdb_xxx structures were changed and renamed to reflect changes in
  SADB/SPDB, and changed rules for locking and refcounting.

Reviewed by:	gnn, wblock
Obtained from:	Yandex LLC
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D9352
2017-02-06 08:49:57 +00:00
Michael Tuexen
b7b84c0e02 Whitespace changes.
The toolchain for processing the sources has been updated. No functional
change.

MFC after:	3 days
2016-12-26 11:06:41 +00:00
Michael Tuexen
49656eefc8 Cleanup the names of SSN, SID, TSN, FSN, PPID and MID.
This made a couple of bugs visible in handling SSN wrap-arounds
when using DATA chunks. Now bulk transfer seems to work fine...
This fixes the issue reported in
https://github.com/sctplab/usrsctp/issues/111

MFC after:	1 week
2016-12-07 19:30:59 +00:00
Michael Tuexen
859422cc12 Mark the socket as un-writable when it is 1-to-1 and the SCTP association
is freed.

MFC after:	1 month
2016-10-13 13:53:01 +00:00
Michael Tuexen
4c7fb0cf6e Whitespace changes.
MFC after: 1 month
2016-10-13 13:38:14 +00:00
Michael Tuexen
4d58b0c3a9 Remove stream queue entry consistently from wheel.
While there, improve the handling of drain.

MFC after:	3 days
2016-08-07 12:51:13 +00:00
Michael Tuexen
d1ea5fa9c2 Fix various bugs in relation to the I-DATA chunk support
This is joint work with rrs.

MFC after:	3 days
2016-08-06 12:33:15 +00:00
Sepherosa Ziehau
36ad8372d4 net: Use M_HASHTYPE_OPAQUE_HASH if the mbuf flowid has hash properties
Reviewed by:	hps, erj, tuexen
Sponsored by:	Microsoft OSTC
Differential Revision:	https://reviews.freebsd.org/D6688
2016-06-07 04:51:50 +00:00
Pedro F. Giffuni
cd0a4ff6a5 netinet/sctp*: minor spelling fixes in comments.
No functional change.

Reviewed by:	tuexen
2016-05-02 20:56:11 +00:00
Michael Tuexen
ec70917ffa When a client uses UDP encapsulation and lists IP addresses in the INIT
chunk, enable UDP encapsulation for all those addresses.
This helps clients using a userland stack to support multihoming if
they are not behind a NAT.

MFC after: 1 week
2016-05-01 21:48:55 +00:00
Michael Tuexen
7154bf4a41 Add the UDP encaps port as a parameter to sctp_add_remote_addr().
This is currently only a code change without any functional
change. But this allows to set the remote encapsulation port
in a more detailed way, which will be provided in a follow-up
commit.

MFC after: 1 week
2016-04-30 14:25:00 +00:00
Randall Stewart
44249214d3 This is work done by Michael Tuexen and myself at the IETF. This
adds the new I-Data (Interleaved Data) message. This allows a user
to be able to have complete freedom from Head Of Line blocking that
was previously there due to the in-ability to send multiple large
messages without the TSN's being in sequence. The code as been
tested with Michaels various packet drill scripts as well as
inter-networking between the IETF's location in Argentina and Germany.
2016-04-07 09:10:34 +00:00
Michael Tuexen
76f8482a93 Restrict local addresses until they are acked by the peer.
MFC after: 1 week
2016-03-28 19:31:10 +00:00
Michael Tuexen
64a3a6304e Use the SCTP level pointer, not the interface level.
MFC after:	3 days
2016-02-19 11:25:18 +00:00
Michael Tuexen
467f0d55b4 Whitespace changes. 2016-02-16 20:33:18 +00:00
Michael Tuexen
2b1c7de4d8 Improve the teardown of the SCTP stack.
Obtained from:	bz@
MFC after: 1 week
2016-02-16 19:36:25 +00:00
Michael Tuexen
79b67faaf6 Always look in the TCP pool.
This fixes issues with a restarting peer when the listening
1-to-1 style socket is closed.

MFC after: 3 days
2016-01-28 16:05:46 +00:00
Michael Tuexen
c7e732ae61 Fix a bug in INIT handling on accepted 1-to-1 style sockets when the
listener is closed.
This fix allows the following packetdrill test to pass:
// Setup a connected, blocking 1-to-1 style socket
+0.0 socket(..., SOCK_STREAM, IPPROTO_SCTP) = 3
// Check the handshake with en empty(!) cookie
+0.0 bind(3, ..., ...) = 0
+0.0 listen(3, 1) = 0
+0.0 < sctp: INIT[flgs=0, tag=1, a_rwnd=1500, os=1, is=1, tsn=1]
+0.0 > sctp: INIT_ACK[flgs=0, tag=2, a_rwnd=..., os=..., is=..., tsn=1, ...]
+0.0 < sctp: COOKIE_ECHO[flgs=0, len=..., val=...]
+0.0 > sctp: COOKIE_ACK[flgs=0]
+0.0 accept(3, ..., ...) = 4
+0.0 close(3) = 0
// Inject an INIT chunk and expect an INIT-ACK
+0.0 < sctp: INIT[flgs=0, tag=3, a_rwnd=1500, os=1, is=1, tsn=1]
+0.0 > sctp: INIT_ACK[flgs=0, tag=..., a_rwnd=..., os=..., is=..., tsn=..., ...]

MFC after:	3 days
2016-01-15 00:26:15 +00:00
Michael Tuexen
c979034b18 Fix the allocation of outgoing streams:
* When processing a cookie, use the number of
  streams announced in the INIT-ACK.
* When sending an INIT-ACK for an existing
  association, use the value from the association,
  not from the end-point.

MFC after:	1 week
2015-12-06 16:17:57 +00:00
Michael Tuexen
3bf2363dca Fix the handling of IPSec policies in the SCTP stack. At least
make sure they are not leaked...

MFC after: 	1 week
2015-11-21 18:21:16 +00:00
Michael Tuexen
e5d23883bf Revert part of r291137 which seems correct, bit does not fix the
resource problem I'm currently hunting down.

MFC after:	1 week
X-MFC with:	291137
2015-11-21 16:46:59 +00:00
Michael Tuexen
8ca16419bb Don't send SHUTDOWN chunk when the association is in a front state
and the applications calls shutdown(..., SHUT_WR) or
shutdown(..., SHUT_RDWR).

MFC after:	1 week.
2015-11-21 16:25:09 +00:00
Michael Tuexen
6e9c45e0ee Use __func__ instead of __FUNCTION__.
This allows to compile the userland stack without errors using gcc5.
Thanks to saghul for makeing me aware and providing the patch.

MFC after: 1 week
2015-10-19 11:17:54 +00:00
Michael Tuexen
267dbe63a1 Provide consistent error causes whenever an ABORT chunk is sent.
MFC after:	1 week
2015-07-27 22:35:54 +00:00
Michael Tuexen
d089f9b915 Add FIB support for SCTP.
This fixes https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200379

MFC after: 3 days
2015-06-17 15:20:14 +00:00
Michael Tuexen
d60568d78a Retire SCTP_DONT_DO_PRIVADDR_SCOPE which was never defined.
MFC after: 3 days
2015-05-28 18:52:32 +00:00
Michael Tuexen
b7d130befc Fix and cleanup the debug information. This has no user-visible changes.
Thanks to Irene Ruengeler for proving a patch.

MFC after: 3 days
2015-05-28 16:00:23 +00:00
Michael Tuexen
0426123f75 Fix two bugs which resulted in a screwed up end point list:
* Use a save way to walk throught a list while manipulting it.
* Have to appropiate locks in place.
Joint work with rrs@

MFC after: 3 days
2015-03-24 21:12:45 +00:00
Michael Tuexen
59b6d5be4e Add a SCTP socket option to limit the cwnd for each path.
MFC after: 1 month
2015-03-10 19:49:25 +00:00