summaryrefslogtreecommitdiff
path: root/sys/netinet/sctp_pcb.c
Commit message (Collapse)AuthorAgeFilesLines
* Ensure variables are initialized before used.Michael Tuexen2020-10-061-0/+1
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=366483
* Remove dead stores reported by clang static code analysisMichael Tuexen2020-10-061-1/+1
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=366482
* Improve the input validation and processing of cookies.Michael Tuexen2020-09-291-2/+5
| | | | | | | | | | | | | | This avoids setting the association in an inconsistent state, which could result in a use-after-free situation. This can be triggered by a malicious peer, if the peer can modify the cookie without the local endpoint recognizing it. Thanks to Ned Williamson for reporting the issue. MFC after: 3 days Notes: svn path=/head/; revision=366248
* Minor cleanup.Michael Tuexen2020-09-281-1/+1
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=366226
* Whitespace changes.Michael Tuexen2020-09-241-3/+0
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=366114
* net: clean up empty lines in .c and .h filesMateusz Guzik2020-09-011-54/+0
| | | | Notes: svn path=/head/; revision=365071
* Improve the handling of concurrent send() calls for SCTP sockets,Michael Tuexen2020-08-161-2/+7
| | | | | | | | | | | especially when having the explicit EOR mode enabled. Reported by: Megan2013678@protonmail.com Reported by: syzbot+bc02585076c3cc977f9b@syzkaller.appspotmail.com MFC after: 3 days Notes: svn path=/head/; revision=364268
* Clear the pointer to the socket when closing it also in case ofMichael Tuexen2020-07-231-0/+5
| | | | | | | | | | | an ungraceful operation. This fixes a use-after-free bug found and reported by Taylor Brandstetter of Google by testing the userland stack. MFC after: 1 week Notes: svn path=/head/; revision=363456
* Add reference counts for inp/stcb/net when timers are running.Michael Tuexen2020-07-191-26/+47
| | | | | | | | | | | This avoids a use-after-free reported for the userland stack. Thanks to Taylor Brandstetter for suggesting a patch for the userland stack. MFC after: 1 week Notes: svn path=/head/; revision=363323
* Remove code which is not needed.Michael Tuexen2020-07-181-3/+0
| | | | | | | MFC after: 1 week Notes: svn path=/head/; revision=363309
* Improve the locking of address lists by adding some asserts andMichael Tuexen2020-07-171-23/+41
| | | | | | | | | | rearranging the addition of address such that the lock is not given up during checking and adding. MFC after: 1 week Notes: svn path=/head/; revision=363275
* Move the definition of SCTP's system_base_info into sctp_crc32.c.Mark Johnston2020-06-221-2/+0
| | | | | | | | | | | | | This file is the only SCTP source file compiled into the kernel when SCTP_SUPPORT is configured. sctp_delayed_checksum() references a couple of counters defined in system_base_info, so the change allows these counters to be referenced in a kernel compiled without "options SCTP". Submitted by: tuexen MFC with: r362338 Notes: svn path=/head/; revision=362497
* Remove usage of empty macro.Michael Tuexen2020-06-131-8/+0
| | | | | | | MFC after: 1 week Notes: svn path=/head/; revision=362155
* More cleanups due to ifdef cleanup done upstreamMichael Tuexen2020-06-121-10/+6
| | | | | | | MFC after: 1 week Notes: svn path=/head/; revision=362106
* Non-functional changes due to upstream cleanup.Michael Tuexen2020-06-111-1/+0
| | | | | | | MFC after: 1 week Notes: svn path=/head/; revision=362054
* Whitespace cleanups and removal of a stale comment.Michael Tuexen2020-06-081-2/+0
| | | | | | | MFC after: 1 week Notes: svn path=/head/; revision=361934
* Fix typo in comment.Michael Tuexen2020-06-061-1/+1
| | | | | | | | Submitted by Orgad Shaneh for the userland stack. MFC after: 1 week Notes: svn path=/head/; revision=361877
* Non-functional changes due to cleanup (upstream removing of Panda support)Michael Tuexen2020-06-061-10/+3
| | | | | | | | | of the code MFC after: 1 week Notes: svn path=/head/; revision=361872
* Replace snprintf() by SCTP_SNPRINTF() and let SCTP_SNPRINTF() mapMichael Tuexen2020-05-191-4/+4
| | | | | | | | to snprintf() on FreeBSD. This allows to check for failures of snprintf() on platforms other than FreeBSD kernel. Notes: svn path=/head/; revision=361243
* Revert r361209:Michael Tuexen2020-05-191-14/+6
| | | | | | | | | | | | | cem noted that on FreeBSD snprintf() can not fail and code should not check for that. A followup commit will replace the usage of snprintf() in the SCTP sources with a variadic macro SCTP_SNPRINTF, which will simply map to snprintf() on FreeBSD and do a checking similar to r361209 on other platforms. Notes: svn path=/head/; revision=361242
* Cleanup, no functional change intended.Michael Tuexen2020-05-181-5/+1
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=361224
* Handle failures of snprintf().Michael Tuexen2020-05-181-6/+14
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=361209
* Non-functional changes, cleanups.Michael Tuexen2020-05-171-2/+0
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=361145
* Convert route caching to nexthop caching.Alexander V. Chernikov2020-04-251-22/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This change is build on top of nexthop objects introduced in r359823. Nexthops are separate datastructures, containing all necessary information to perform packet forwarding such as gateway interface and mtu. Nexthops are shared among the routes, providing more pre-computed cache-efficient data while requiring less memory. Splitting the LPM code and the attached data solves multiple long-standing problems in the routing layer, drastically reduces the coupling with outher parts of the stack and allows to transparently introduce faster lookup algorithms. Route caching was (re)introduced to minimise (slow) routing lookups, allowing for notably better performance for large TCP senders. Caching works by acquiring rtentry reference, which is protected by per-rtentry mutex. If the routing table is changed (checked by comparing the rtable generation id) or link goes down, cache record gets withdrawn. Nexthops have the same reference counting interface, backed by refcount(9). This change merely replaces rtentry with the actual forwarding nextop as a cached object, which is mostly mechanical. Other moving parts like cache cleanup on rtable change remains the same. Differential Revision: https://reviews.freebsd.org/D24340 Notes: svn path=/head/; revision=360292
* Handle integer overflows correctly when converting msecs and secs toMichael Tuexen2020-03-281-8/+8
| | | | | | | | | | | | | ticks and vice versa. These issues were caught by recently added panic() calls on INVARIANTS systems. Reported by: syzbot+b44787b4be7096cd1590@syzkaller.appspotmail.com Reported by: syzbot+35f82d22805c1e899685@syzkaller.appspotmail.com MFC after: 1 week Notes: svn path=/head/; revision=359405
* Revert https://svnweb.freebsd.org/changeset/base/357829Michael Tuexen2020-03-251-25/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This introduces a regression reported by koobs@ when running a pyhton test suite on a loaded system. This patch resulted in a failing accept() call, when the association was setup and gracefully shutdown by the peer before accept was called. So the following packetdrill script would fail: +0.0 socket(..., SOCK_STREAM, IPPROTO_SCTP) = 3 +0.0 bind(3, ..., ...) = 0 +0.0 listen(3, 1) = 0 +0.0 < sctp: INIT[flgs=0, tag=1, a_rwnd=15000, os=1, is=1, tsn=1] +0.0 > sctp: INIT_ACK[flgs=0, tag=2, a_rwnd=..., os=..., is=..., tsn=1, ...] +0.1 < sctp: COOKIE_ECHO[flgs=0, len=..., val=...] +0.0 > sctp: COOKIE_ACK[flgs=0] +0.0 < sctp: DATA[flgs=BE, len=116, tsn=1, sid=0, ssn=0, ppid=0] +0.0 > sctp: SACK[flgs=0, cum_tsn=1, a_rwnd=..., gaps=[], dups=[]] +0.0 < sctp: SHUTDOWN[flgs=0, cum_tsn=0] +0.0 > sctp: SHUTDOWN_ACK[flgs=0] +0.0 < sctp: SHUTDOWN_COMPLETE[flgs=0] +0.0 accept(3, ..., ...) = 4 +0.0 close(3) = 0 +0.0 recv(4, ..., 4096, 0) = 100 +0.0 recv(4, ..., 4096, 0) = 0 +0.0 close(4) = 0 Reported by: koops@ Notes: svn path=/head/; revision=359302
* Consistently provide arguments for timer start and stop routines.Michael Tuexen2020-03-191-4/+2
| | | | | | | | This is another step in cleaning up timer handling. MFC after: 1 week Notes: svn path=/head/; revision=359152
* Don't panic under INVARIANTS when we can't allocate memory for storingMichael Tuexen2020-02-121-3/+0
| | | | | | | | | | a vtag in time wait. This issue was found by running syzkaller. MFC after: 1 week Notes: svn path=/head/; revision=357830
* Mark the socket as disconnected when freeing the association the firstMichael Tuexen2020-02-121-25/+25
| | | | | | | | | | time. This issue was found by running syzkaller. MFC after: 1 week Notes: svn path=/head/; revision=357829
* Revert https://svnweb.freebsd.org/changeset/base/357761Michael Tuexen2020-02-111-2/+2
| | | | | | | This was suggested by cem@ Notes: svn path=/head/; revision=357775
* Don't start an SCTP timer using a net, which has been removed.Michael Tuexen2020-02-111-0/+1
| | | | | | | | Submitted by: Taylor Brandstetter MFC after: 1 week Notes: svn path=/head/; revision=357768
* Use an int instead of a bool variable, since bool is not supportedMichael Tuexen2020-02-111-2/+2
| | | | | | | on all platforms the stack is running on in userland. Notes: svn path=/head/; revision=357761
* Stop the PMTU and HB timer when removing a net, not when freeing it.Michael Tuexen2020-02-091-1/+7
| | | | | | | | Submitted by: Taylor Brandstetter MFC after: 1 week Notes: svn path=/head/; revision=357708
* Cleanup timer handling.Michael Tuexen2020-02-091-45/+6
| | | | | | | | Submitted by: Taylor Brandstetter MFC after: 1 week Notes: svn path=/head/; revision=357705
* Remove unused timer.Michael Tuexen2020-02-041-5/+0
| | | | | | | Submitted by: Taylor Brandstetter Notes: svn path=/head/; revision=357501
* Return -1 consistently if an error occurs.Michael Tuexen2020-01-051-1/+1
| | | | | | | MFC after: 1 week Notes: svn path=/head/; revision=356377
* Improve input validation for some parameters having a too smallMichael Tuexen2019-12-201-1/+4
| | | | | | | | | | | | reported length. Thanks to Natalie Silvanovich from Google for finding one of these issues in the SCTP userland stack and reporting it. MFC after: 1 week Notes: svn path=/head/; revision=355931
* Move SCTP DTrace probe definitions into a .c file.Mark Johnston2019-10-131-1/+0
| | | | | | | | | | | | | Previously they were defined in a header which was included exactly once. Change this to follow the usual practice of putting definitions in C files. No functional change intended. Discussed with: tuexen MFC after: 1 week Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=353477
* Improve function definition.Michael Tuexen2019-08-311-1/+1
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=351641
* Improve consistency. No functional change.Michael Tuexen2019-08-051-3/+4
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=350588
* IPv6 cleanup: kernelBjoern A. Zeeb2019-08-021-6/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Finish what was started a few years ago and harmonize IPv6 and IPv4 kernel names. We are down to very few places now that it is feasible to do the change for everything remaining with causing too much disturbance. Remove "aliases" for IPv6 names which confusingly could indicate that we are talking about a different data structure or field or have two fields, one for each address family. Try to follow common conventions used in FreeBSD. * Rename sin6p to sin6 as that is how it is spelt in most places. * Remove "aliases" (#defines) for: - in6pcb which really is an inpcb and nothing separate - sotoin6pcb which is sotoinpcb (as per above) - in6p_sp which is inp_sp - in6p_flowinfo which is inp_flow * Try to use ia6 for in6_addr rather than in6p. * With all these gone also rename the in6p variables to inp as that is what we call it in most of the network stack including parts of netinet6. The reasons behind this cleanup are that we try to further unify netinet and netinet6 code where possible and that people will less ignore one or the other protocol family when doing code changes as they may not have spotted places due to different names for the same thing. No functional changes. Discussed with: tuexen (SCTP changes) MFC after: 3 months Sponsored by: Netflix Notes: svn path=/head/; revision=350531
* Fix socket state handling when freeing an SCTP endpoint.Michael Tuexen2019-07-151-6/+5
| | | | | | | | | This issue was found by runing syzkaller. MFC after: 1 week Notes: svn path=/head/; revision=349998
* When calling sctp_initialize_auth_params(), the inp must have atMichael Tuexen2019-07-141-2/+5
| | | | | | | | | | | least a read lock. To avoid more complex locking dances, just call it in sctp_aloc_assoc() when the write lock is still held. Reported by: syzbot+08a486f7e6966f1c3cfb@syzkaller.appspotmail.com MFC after: 1 week Notes: svn path=/head/; revision=349986
* Improve locking when tearing down an SCTP association.Michael Tuexen2019-03-251-1/+3
| | | | | | | | | | This is joint work with rrs@ and the issue was found by syzkaller. MFC after: 1 week Notes: svn path=/head/; revision=345504
* Allocate an assocition id and register the stcb with holding the lock.Michael Tuexen2019-03-031-7/+2
| | | | | | | | | | | | This avoids a race where stcbs can be found, which are not completely initialized. This was found by running syzkaller. MFC after: 3 days Notes: svn path=/head/; revision=344742
* Refactor the SHUTDOWN_PENDING state handling.Michael Tuexen2018-08-211-1/+0
| | | | | | | | | | | | This is not a functional change but a preperation for the upcoming DTrace support. It is necessary to change the state in one logical operation, even if it involves clearing the sub state SHUTDOWN_PENDING. MFC after: 1 month Notes: svn path=/head/; revision=338134
* Use the stacb instead of the asoc in state macros.Michael Tuexen2018-08-131-25/+25
| | | | | | | | This is not a functional change. Just a preparation for upcoming dtrace state change provider support. Notes: svn path=/head/; revision=337708
* Use consistently the macors to modify the assoc state.Michael Tuexen2018-08-131-10/+10
| | | | | | | No functional change. Notes: svn path=/head/; revision=337706
* Whitespace changes due to changes in ident.Michael Tuexen2018-07-191-0/+16
| | | | Notes: svn path=/head/; revision=336511
* Revert https://svnweb.freebsd.org/changeset/base/336503Michael Tuexen2018-07-191-36/+21
| | | | | | | since I also ran the export script with different parameters. Notes: svn path=/head/; revision=336508
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-07 19:22:04 +0000