1/* SCTP kernel implementation
2 * Copyright (c) 1999-2000 Cisco, Inc.
3 * Copyright (c) 1999-2001 Motorola, Inc.
4 * Copyright (c) 2002 International Business Machines, Corp.
5 *
6 * This file is part of the SCTP kernel implementation
7 *
8 * These functions are the methods for accessing the SCTP inqueue.
9 *
10 * An SCTP inqueue is a queue into which you push SCTP packets
11 * (which might be bundles or fragments of chunks) and out of which you
12 * pop SCTP whole chunks.
13 *
14 * This SCTP implementation is free software;
15 * you can redistribute it and/or modify it under the terms of
16 * the GNU General Public License as published by
17 * the Free Software Foundation; either version 2, or (at your option)
18 * any later version.
19 *
20 * This SCTP implementation is distributed in the hope that it
21 * will be useful, but WITHOUT ANY WARRANTY; without even the implied
22 *                 ************************
23 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
24 * See the GNU General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with GNU CC; see the file COPYING.  If not, write to
28 * the Free Software Foundation, 59 Temple Place - Suite 330,
29 * Boston, MA 02111-1307, USA.
30 *
31 * Please send any bug reports or fixes you make to the
32 * email address(es):
33 *    lksctp developers <lksctp-developers@lists.sourceforge.net>
34 *
35 * Or submit a bug report through the following website:
36 *    http://www.sf.net/projects/lksctp
37 *
38 * Written or modified by:
39 *    La Monte H.P. Yarroll <piggy@acm.org>
40 *    Karl Knutson <karl@athena.chicago.il.us>
41 *
42 * Any bugs reported given to us we will try to fix... any fixes shared will
43 * be incorporated into the next SCTP release.
44 */
45
46#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
47
48#include <net/sctp/sctp.h>
49#include <net/sctp/sm.h>
50#include <linux/interrupt.h>
51#include <linux/slab.h>
52
53/* Initialize an SCTP inqueue.  */
54void sctp_inq_init(struct sctp_inq *queue)
55{
56	INIT_LIST_HEAD(&queue->in_chunk_list);
57	queue->in_progress = NULL;
58
59	/* Create a task for delivering data.  */
60	INIT_WORK(&queue->immediate, NULL);
61}
62
63/* Release the memory associated with an SCTP inqueue.  */
64void sctp_inq_free(struct sctp_inq *queue)
65{
66	struct sctp_chunk *chunk, *tmp;
67
68	/* Empty the queue.  */
69	list_for_each_entry_safe(chunk, tmp, &queue->in_chunk_list, list) {
70		list_del_init(&chunk->list);
71		sctp_chunk_free(chunk);
72	}
73
74	/* If there is a packet which is currently being worked on,
75	 * free it as well.
76	 */
77	if (queue->in_progress) {
78		sctp_chunk_free(queue->in_progress);
79		queue->in_progress = NULL;
80	}
81}
82
83/* Put a new packet in an SCTP inqueue.
84 * We assume that packet->sctp_hdr is set and in host byte order.
85 */
86void sctp_inq_push(struct sctp_inq *q, struct sctp_chunk *chunk)
87{
88	/* Directly call the packet handling routine. */
89	if (chunk->rcvr->dead) {
90		sctp_chunk_free(chunk);
91		return;
92	}
93
94	/* We are now calling this either from the soft interrupt
95	 * or from the backlog processing.
96	 * Eventually, we should clean up inqueue to not rely
97	 * on the BH related data structures.
98	 */
99	list_add_tail(&chunk->list, &q->in_chunk_list);
100	if (chunk->asoc)
101		chunk->asoc->stats.ipackets++;
102	q->immediate.func(&q->immediate);
103}
104
105/* Peek at the next chunk on the inqeue. */
106struct sctp_chunkhdr *sctp_inq_peek(struct sctp_inq *queue)
107{
108	struct sctp_chunk *chunk;
109	sctp_chunkhdr_t *ch = NULL;
110
111	chunk = queue->in_progress;
112	/* If there is no more chunks in this packet, say so */
113	if (chunk->singleton ||
114	    chunk->end_of_packet ||
115	    chunk->pdiscard)
116		    return NULL;
117
118	ch = (sctp_chunkhdr_t *)chunk->chunk_end;
119
120	return ch;
121}
122
123
124/* Extract a chunk from an SCTP inqueue.
125 *
126 * WARNING:  If you need to put the chunk on another queue, you need to
127 * make a shallow copy (clone) of it.
128 */
129struct sctp_chunk *sctp_inq_pop(struct sctp_inq *queue)
130{
131	struct sctp_chunk *chunk;
132	sctp_chunkhdr_t *ch = NULL;
133
134	/* The assumption is that we are safe to process the chunks
135	 * at this time.
136	 */
137
138	if ((chunk = queue->in_progress)) {
139		/* There is a packet that we have been working on.
140		 * Any post processing work to do before we move on?
141		 */
142		if (chunk->singleton ||
143		    chunk->end_of_packet ||
144		    chunk->pdiscard) {
145			sctp_chunk_free(chunk);
146			chunk = queue->in_progress = NULL;
147		} else {
148			/* Nothing to do. Next chunk in the packet, please. */
149			ch = (sctp_chunkhdr_t *) chunk->chunk_end;
150
151			/* Force chunk->skb->data to chunk->chunk_end.  */
152			skb_pull(chunk->skb,
153				 chunk->chunk_end - chunk->skb->data);
154
155			/* Verify that we have at least chunk headers
156			 * worth of buffer left.
157			 */
158			if (skb_headlen(chunk->skb) < sizeof(sctp_chunkhdr_t)) {
159				sctp_chunk_free(chunk);
160				chunk = queue->in_progress = NULL;
161			}
162		}
163	}
164
165	/* Do we need to take the next packet out of the queue to process? */
166	if (!chunk) {
167		struct list_head *entry;
168
169		/* Is the queue empty?  */
170		if (list_empty(&queue->in_chunk_list))
171			return NULL;
172
173		entry = queue->in_chunk_list.next;
174		chunk = queue->in_progress =
175			list_entry(entry, struct sctp_chunk, list);
176		list_del_init(entry);
177
178		/* This is the first chunk in the packet.  */
179		chunk->singleton = 1;
180		ch = (sctp_chunkhdr_t *) chunk->skb->data;
181		chunk->data_accepted = 0;
182	}
183
184	chunk->chunk_hdr = ch;
185	chunk->chunk_end = ((__u8 *)ch) + WORD_ROUND(ntohs(ch->length));
186	/* In the unlikely case of an IP reassembly, the skb could be
187	 * non-linear. If so, update chunk_end so that it doesn't go past
188	 * the skb->tail.
189	 */
190	if (unlikely(skb_is_nonlinear(chunk->skb))) {
191		if (chunk->chunk_end > skb_tail_pointer(chunk->skb))
192			chunk->chunk_end = skb_tail_pointer(chunk->skb);
193	}
194	skb_pull(chunk->skb, sizeof(sctp_chunkhdr_t));
195	chunk->subh.v = NULL; /* Subheader is no longer valid.  */
196
197	if (chunk->chunk_end < skb_tail_pointer(chunk->skb)) {
198		/* This is not a singleton */
199		chunk->singleton = 0;
200	} else if (chunk->chunk_end > skb_tail_pointer(chunk->skb)) {
201		/* RFC 2960, Section 6.10  Bundling
202		 *
203		 * Partial chunks MUST NOT be placed in an SCTP packet.
204		 * If the receiver detects a partial chunk, it MUST drop
205		 * the chunk.
206		 *
207		 * Since the end of the chunk is past the end of our buffer
208		 * (which contains the whole packet, we can freely discard
209		 * the whole packet.
210		 */
211		sctp_chunk_free(chunk);
212		chunk = queue->in_progress = NULL;
213
214		return NULL;
215	} else {
216		/* We are at the end of the packet, so mark the chunk
217		 * in case we need to send a SACK.
218		 */
219		chunk->end_of_packet = 1;
220	}
221
222	SCTP_DEBUG_PRINTK("+++sctp_inq_pop+++ chunk %p[%s],"
223			  " length %d, skb->len %d\n",chunk,
224			  sctp_cname(SCTP_ST_CHUNK(chunk->chunk_hdr->type)),
225			  ntohs(chunk->chunk_hdr->length), chunk->skb->len);
226	return chunk;
227}
228
229/* Set a top-half handler.
230 *
231 * Originally, we the top-half handler was scheduled as a BH.  We now
232 * call the handler directly in sctp_inq_push() at a time that
233 * we know we are lock safe.
234 * The intent is that this routine will pull stuff out of the
235 * inqueue and process it.
236 */
237void sctp_inq_set_th_handler(struct sctp_inq *q, work_func_t callback)
238{
239	INIT_WORK(&q->immediate, callback);
240}
241
242