lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <1344116083-6596-1-git-send-email-jan.ariyasu@hp.com>
Date:	Sat,  4 Aug 2012 15:34:43 -0600
From:	Jan Ariyasu <jan.ariyasu@...il.com>
To:	Vlad Yasevich <vyasevich@...il.com>,
	"David S. Miller" <davem@...emloft.net>,
	linux-sctp@...r.kernel.org, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Cc:	Jan Ariyasu <jan.ariyasu@...com>
Subject: [PATCH 13/13] SCTP: make socket-initialization use per-namespace protocol parameters.

Made the last few protocol parameters per-namespace; sndbuf_policy,
rcvbuf_policy, addip_enable, addip_noauth_enable and prsctp_enable.

Signed-off-by: Jan Ariyasu <jan.ariyasu@...com>
---
 net/sctp/endpointola.c   |    6 ++---
 net/sctp/protocol.c      |    6 ++---
 net/sctp/sm_statefuns.c  |   12 ++++++---
 net/sctp/sm_statetable.c |    4 +--
 net/sctp/socket.c        |   67 +++++++++++++++++++++++++++-------------------
 5 files changed, 55 insertions(+), 40 deletions(-)

diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c
index 5fa20a1..b919d71 100644
--- a/net/sctp/endpointola.c
+++ b/net/sctp/endpointola.c
@@ -109,7 +109,7 @@ static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
 		/* If the Add-IP functionality is enabled, we must
 		 * authenticate, ASCONF and ASCONF-ACK chunks
 		 */
-		if (sctp_addip_enable) {
+		if (net_params->addip_enable) {
 			auth_chunks->chunks[0] = SCTP_CID_ASCONF;
 			auth_chunks->chunks[1] = SCTP_CID_ASCONF_ACK;
 			auth_chunks->param_hdr.length =
@@ -143,14 +143,14 @@ static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
 	INIT_LIST_HEAD(&ep->asocs);
 
 	/* Use SCTP specific send buffer space queues.  */
-	ep->sndbuf_policy = sctp_sndbuf_policy;
+	ep->sndbuf_policy = net_params->sndbuf_policy;
 
 	sk->sk_data_ready = sctp_data_ready;
 	sk->sk_write_space = sctp_write_space;
 	sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
 
 	/* Get the receive buffer policy for this endpoint */
-	ep->rcvbuf_policy = sctp_rcvbuf_policy;
+	ep->rcvbuf_policy = net_params->rcvbuf_policy;
 
 	/* Initialize the secret key used with cookie. */
 	get_random_bytes(&ep->secret_key[0], SCTP_SECRET_SIZE);
diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c
index 6862bf0..b819424 100644
--- a/net/sctp/protocol.c
+++ b/net/sctp/protocol.c
@@ -665,7 +665,8 @@ void sctp_addr_wq_timeout_handler(unsigned long arg)
 			}
 		}
 #endif
-		list_for_each_entry(sp, &sctp_auto_asconf_splist, auto_asconf_list) {
+		list_for_each_entry(sp, &net_params->auto_asconf_splist,
+				    auto_asconf_list) {
 			struct sock *sk;
 
 			sk = sctp_opt2sk(sp);
@@ -1082,6 +1083,7 @@ static const struct net_protocol sctp_protocol = {
 	.handler     = sctp_rcv,
 	.err_handler = sctp_v4_err,
 	.no_policy   = 1,
+	.netns_ok    = 1,
 };
 
 /* IPv4 address related functions.  */
@@ -1658,8 +1660,6 @@ SCTP_STATIC __init int sctp_init(void)
 	sctp_v4_pf_init();
 	sctp_v6_pf_init();
 
-
-
 	/* Register SCTP protocol */
 	status = sctp_v4_protosw_init();
 	if (status)
diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index 8f41f42..0778f05 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -3594,6 +3594,8 @@ sctp_disposition_t sctp_sf_do_asconf(struct net *net,
 	union sctp_addr_param	*addr_param;
 	__u32			serial;
 	int			length;
+	struct sctp_net_params *net_params =
+		sctp_get_params(net);
 
 	if (!sctp_vtag_verify(chunk, asoc)) {
 		sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG,
@@ -3607,9 +3609,9 @@ sctp_disposition_t sctp_sf_do_asconf(struct net *net,
 	 * is received unauthenticated it MUST be silently discarded as
 	 * described in [I-D.ietf-tsvwg-sctp-auth].
 	 */
-	if (!sctp_addip_noauth && !chunk->auth)
-		return sctp_sf_discard_chunk(net, ep, asoc, type,
-					     arg, commands);
+	if (!net_params->addip_noauth_enable && !chunk->auth)
+		return sctp_sf_discard_chunk(net, ep, asoc, type, arg,
+					     commands);
 
 	/* Make sure that the ASCONF ADDIP chunk has a valid length.  */
 	if (!sctp_chunk_length_valid(chunk, sizeof(sctp_addip_chunk_t)))
@@ -3723,6 +3725,8 @@ sctp_disposition_t sctp_sf_do_asconf_ack(struct net *net,
 	struct sctp_paramhdr	*err_param = NULL;
 	sctp_addiphdr_t		*addip_hdr;
 	__u32			sent_serial, rcvd_serial;
+	struct sctp_net_params  *net_params =
+		sctp_get_params(net);
 
 	if (!sctp_vtag_verify(asconf_ack, asoc)) {
 		sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG,
@@ -3736,7 +3740,7 @@ sctp_disposition_t sctp_sf_do_asconf_ack(struct net *net,
 	 * is received unauthenticated it MUST be silently discarded as
 	 * described in [I-D.ietf-tsvwg-sctp-auth].
 	 */
-	if (!sctp_addip_noauth && !asconf_ack->auth)
+	if (!net_params->addip_noauth_enable && !asconf_ack->auth)
 		return sctp_sf_discard_chunk(net, ep, asoc, type, arg,
 					     commands);
 
diff --git a/net/sctp/sm_statetable.c b/net/sctp/sm_statetable.c
index 5177130..b5d1801 100644
--- a/net/sctp/sm_statetable.c
+++ b/net/sctp/sm_statetable.c
@@ -919,12 +919,12 @@ static const sctp_sm_table_entry_t *sctp_chunk_event_lookup(struct net *net,
 	if (cid <= SCTP_CID_BASE_MAX)
 		return &chunk_event_table[cid][state];
 
-	if (sctp_prsctp_enable) {
+	if (net_params->prsctp_enable) {
 		if (cid == SCTP_CID_FWD_TSN)
 			return &prsctp_chunk_event_table[0][state];
 	}
 
-	if (sctp_addip_enable) {
+	if (net_params->addip_enable) {
 		if (cid == SCTP_CID_ASCONF)
 			return &addip_chunk_event_table[0][state];
 
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index e8148a0..219712c 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -534,8 +534,10 @@ static int sctp_send_asconf_add_ip(struct net		*net,
 	struct list_head		*p;
 	int 				i;
 	int 				retval = 0;
+	struct sctp_net_params		*net_params =
+		sctp_get_params(net);
 
-	if (!sctp_addip_enable)
+	if (!net_params->addip_enable)
 		return retval;
 
 	sp = sctp_sk(sk);
@@ -737,9 +739,11 @@ static int sctp_send_asconf_del_ip(struct net		*net,
 	int 			i;
 	int 			retval = 0;
 	int			stored = 0;
+	struct sctp_net_params	*net_params =
+		sctp_get_params(net);
 
 	chunk = NULL;
-	if (!sctp_addip_enable)
+	if (!net_params->addip_enable)
 		return retval;
 
 	sp = sctp_sk(sk);
@@ -1077,6 +1081,7 @@ static int __sctp_connect(struct sock* sk,
 	void *addr_buf;
 	unsigned short port;
 	unsigned int f_flags = 0;
+	struct net *net = sock_net(sk);
 
 	sp = sctp_sk(sk);
 	ep = sp->ep;
@@ -1181,9 +1186,8 @@ static int __sctp_connect(struct sock* sk,
 				goto out_free;
 			}
 
-			err = sctp_assoc_set_bind_addr_from_ep(asoc,
-							sock_net(sk), scope,
-							GFP_KERNEL);
+			err = sctp_assoc_set_bind_addr_from_ep(asoc, net,
+							scope, GFP_KERNEL);
 			if (err < 0) {
 				goto out_free;
 			}
@@ -1212,7 +1216,7 @@ static int __sctp_connect(struct sock* sk,
 			goto out_free;
 	}
 
-	err = sctp_primitive_ASSOCIATE(sock_net(sk), asoc, NULL);
+	err = sctp_primitive_ASSOCIATE(net, asoc, NULL);
 	if (err < 0) {
 		goto out_free;
 	}
@@ -3059,10 +3063,12 @@ static int sctp_setsockopt_peer_primary_addr(struct sock *sk, char __user *optva
 	struct sctp_chunk	*chunk;
 	struct sctp_af		*af;
 	int 			err;
+	struct sctp_net_params	*net_params =
+		sctp_get_params(sock_net(sk));
 
 	sp = sctp_sk(sk);
 
-	if (!sctp_addip_enable)
+	if (!net_params->addip_enable)
 		return -EPERM;
 
 	if (optlen != sizeof(struct sctp_setpeerprim))
@@ -3417,9 +3423,8 @@ static int sctp_setsockopt_active_key(struct sock *sk,
 {
 	struct sctp_authkeyid val;
 	struct sctp_association *asoc;
-	struct net *net = sock_net(sk);
 	struct sctp_net_params *net_params =
-		sctp_get_params(net);
+		sctp_get_params(sock_net(sk));
 
 	if (!net_params->auth_enable)
 		return -EACCES;
@@ -3433,8 +3438,8 @@ static int sctp_setsockopt_active_key(struct sock *sk,
 	if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))
 		return -EINVAL;
 
-	return sctp_auth_set_active_key(net, sctp_sk(sk)->ep, asoc,
-					val.scact_keynumber);
+	return sctp_auth_set_active_key(sock_net(sk), sctp_sk(sk)->ep,
+					asoc, val.scact_keynumber);
 }
 
 /*
@@ -3487,6 +3492,8 @@ static int sctp_setsockopt_auto_asconf(struct sock *sk, char __user *optval,
 {
 	int val;
 	struct sctp_sock *sp = sctp_sk(sk);
+	struct sctp_net_params  *net_params =
+		sctp_get_params(sock_net(sk));
 
 	if (optlen < sizeof(int))
 		return -EINVAL;
@@ -3502,7 +3509,7 @@ static int sctp_setsockopt_auto_asconf(struct sock *sk, char __user *optval,
 		sp->do_auto_asconf = 0;
 	} else if (val && !sp->do_auto_asconf) {
 		list_add_tail(&sp->auto_asconf_list,
-		    &sctp_auto_asconf_splist);
+		    &net_params->auto_asconf_splist);
 		sp->do_auto_asconf = 1;
 	}
 	return 0;
@@ -3876,6 +3883,8 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
 {
 	struct sctp_endpoint *ep;
 	struct sctp_sock *sp;
+	struct sctp_net_params *net_params =
+		sctp_get_params(sock_net(sk));
 
 	SCTP_DEBUG_PRINTK("sctp_init_sock(sk: %p)\n", sk);
 
@@ -3903,32 +3912,32 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
 	sp->default_timetolive = 0;
 
 	sp->default_rcv_context = 0;
-	sp->max_burst = sctp_max_burst;
+	sp->max_burst = net_params->max_burst;
 
 	/* Initialize default setup parameters. These parameters
 	 * can be modified with the SCTP_INITMSG socket option or
 	 * overridden by the SCTP_INIT CMSG.
 	 */
-	sp->initmsg.sinit_num_ostreams   = sctp_max_outstreams;
-	sp->initmsg.sinit_max_instreams  = sctp_max_instreams;
-	sp->initmsg.sinit_max_attempts   = sctp_max_retrans_init;
-	sp->initmsg.sinit_max_init_timeo = sctp_rto_max;
+	sp->initmsg.sinit_num_ostreams   = net_params->max_outstreams;
+	sp->initmsg.sinit_max_instreams  = net_params->max_instreams;
+	sp->initmsg.sinit_max_attempts   = net_params->max_retrans_init;
+	sp->initmsg.sinit_max_init_timeo = net_params->rto_max;
 
 	/* Initialize default RTO related parameters.  These parameters can
 	 * be modified for with the SCTP_RTOINFO socket option.
 	 */
-	sp->rtoinfo.srto_initial = sctp_rto_initial;
-	sp->rtoinfo.srto_max     = sctp_rto_max;
-	sp->rtoinfo.srto_min     = sctp_rto_min;
+	sp->rtoinfo.srto_initial = net_params->rto_initial;
+	sp->rtoinfo.srto_max     = net_params->rto_max;
+	sp->rtoinfo.srto_min     = net_params->rto_min;
 
 	/* Initialize default association related parameters. These parameters
 	 * can be modified with the SCTP_ASSOCINFO socket option.
 	 */
-	sp->assocparams.sasoc_asocmaxrxt = sctp_max_retrans_association;
+	sp->assocparams.sasoc_asocmaxrxt = net_params->max_retrans_association;
 	sp->assocparams.sasoc_number_peer_destinations = 0;
 	sp->assocparams.sasoc_peer_rwnd = 0;
 	sp->assocparams.sasoc_local_rwnd = 0;
-	sp->assocparams.sasoc_cookie_life = sctp_valid_cookie_life;
+	sp->assocparams.sasoc_cookie_life = net_params->valid_cookie_life;
 
 	/* Initialize default event subscriptions. By default, all the
 	 * options are off.
@@ -3938,10 +3947,10 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
 	/* Default Peer Address Parameters.  These defaults can
 	 * be modified via SCTP_PEER_ADDR_PARAMS
 	 */
-	sp->hbinterval  = sctp_hb_interval;
-	sp->pathmaxrxt  = sctp_max_retrans_path;
+	sp->hbinterval  = net_params->hb_interval;
+	sp->pathmaxrxt  = net_params->max_retrans_path;
 	sp->pathmtu     = 0; // allow default discovery
-	sp->sackdelay   = sctp_sack_timeout;
+	sp->sackdelay   = net_params->sack_timeout;
 	sp->sackfreq	= 2;
 	sp->param_flags = SPP_HB_ENABLE |
 			  SPP_PMTUD_ENABLE |
@@ -3993,9 +4002,9 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
 	local_bh_disable();
 	percpu_counter_inc(&sctp_sockets_allocated);
 	sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1);
-	if (sctp_default_auto_asconf) {
+	if (net_params->default_auto_asconf) {
 		list_add_tail(&sp->auto_asconf_list,
-		    &sctp_auto_asconf_splist);
+		    &net_params->auto_asconf_splist);
 		sp->do_auto_asconf = 1;
 	} else
 		sp->do_auto_asconf = 0;
@@ -4684,9 +4693,11 @@ static int sctp_copy_laddrs(struct sock *sk, __u16 port, void *to,
 	union sctp_addr temp;
 	int cnt = 0;
 	int addrlen;
+	struct sctp_net_params *net_params =
+		sctp_get_params(sock_net(sk));
 
 	rcu_read_lock();
-	list_for_each_entry_rcu(addr, &sctp_local_addr_list, list) {
+	list_for_each_entry_rcu(addr, &net_params->local_addr_list, list) {
 		if (!addr->valid)
 			continue;
 
-- 
1.7.9.5

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ