From patchwork Tue Oct 13 07:27:26 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 288513 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B04DDC433E7 for ; Tue, 13 Oct 2020 07:28:00 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5D7842063A for ; Tue, 13 Oct 2020 07:28:00 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="shmCcPCC" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390109AbgJMH17 (ORCPT ); Tue, 13 Oct 2020 03:27:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55368 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390091AbgJMH17 (ORCPT ); Tue, 13 Oct 2020 03:27:59 -0400 Received: from mail-pg1-x536.google.com (mail-pg1-x536.google.com [IPv6:2607:f8b0:4864:20::536]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E664C0613D0; Tue, 13 Oct 2020 00:27:59 -0700 (PDT) Received: by mail-pg1-x536.google.com with SMTP id b193so16078434pga.6; Tue, 13 Oct 2020 00:27:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=jGFHohiLMKmOcbBELvAHtKl6/eKf2Rs4EotDZ5VjkE0=; b=shmCcPCC3BKRGSsP5ReVaQM3GPq6uAoRhJHnCy/xgF7/tHsG7UmxX1JOWntvb4H8XS XxQ6QJyT7tpEotgoo/ChXHpheJw16ceGqIZxZLTh2H1wTeXpqZHPqrtKguh4FOL8ikMH L4jLVgmVH/sykm2wvHa+2TVtEwXBr6/ewHhQJT1r84uLhn0igqPLwEjleiCs0/hltI8M D2FWehMnhiDh6uvE7MboKdqaFtX4IzcIooexLxLZ2GHWedIwMTnpV3H7C2f64kqxjW8x dblBd6q07nIPx+z5CNv1oz5h8rspH31w/F7k8basO1GxlgsWGeuaD/3MIqBJCL1reLs1 BuJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=jGFHohiLMKmOcbBELvAHtKl6/eKf2Rs4EotDZ5VjkE0=; b=arykkZ+/Ro4OkthZBI2oum7ZQzq2ei3u7KASBDftOrvZD8/ifh5Dj8++Ixp52rmCnW 50KdJJjun3UJ6YR8DljCMaWCGfzipj1yu9Bnbp5WqUfJNPAR7s7ZM5opAKAlTZq+zdTB JzztDG95BpmwqmCRS8xgjW+v4HXPnXKVxppowIHYRb/74Z1+Im0j+mEz0JYOltue0bVV 95UzumQupIxTzaK0E3tvP99N/gePsXhi9/jansAckMD2n6dbIHm8f12uMYLg7c9HC7tF d/D5ysWSIZO0DaWlf0U+3fsuOV8joHr3W5pxVXWmp2CkFg476itmkDn+FRlEOwVY/hgo 4Lkg== X-Gm-Message-State: AOAM532rdOUpnlDJWo1GHkXJbAXjR3lZFNvpevUuW6CXgZs6aNd3NVOD g68BdJuL/+gLqpf0UODcBlerXOS0fiE= X-Google-Smtp-Source: ABdhPJym/DJAfIGKhdOhkBrkbaQKQhK9O9z29llMz1dn9QmEr/dBugdD+RAX16/mSgDwgqT27vQpLw== X-Received: by 2002:a63:564e:: with SMTP id g14mr9756014pgm.59.1602574078103; Tue, 13 Oct 2020 00:27:58 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id j138sm22281582pfd.19.2020.10.13.00.27.56 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:27:57 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 01/16] udp: check udp sock encap_type in __udp_lib_err Date: Tue, 13 Oct 2020 15:27:26 +0800 Message-Id: X-Mailer: git-send-email 2.1.0 In-Reply-To: References: In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org There is a chance that __udp4/6_lib_lookup() returns a udp encap sock in __udp_lib_err(), like the udp encap listening sock may use the same port as remote encap port, in which case it should go to __udp4/6_lib_err_encap() for more validation before processing the icmp packet. This patch is to check encap_type in __udp_lib_err() for the further validation for a encap sock. Signed-off-by: Xin Long --- net/ipv4/udp.c | 2 +- net/ipv6/udp.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c index 09f0a23..ca04a8a 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -702,7 +702,7 @@ int __udp4_lib_err(struct sk_buff *skb, u32 info, struct udp_table *udptable) sk = __udp4_lib_lookup(net, iph->daddr, uh->dest, iph->saddr, uh->source, skb->dev->ifindex, inet_sdif(skb), udptable, NULL); - if (!sk) { + if (!sk || udp_sk(sk)->encap_type) { /* No socket for error: try tunnels before discarding */ sk = ERR_PTR(-ENOENT); if (static_branch_unlikely(&udp_encap_needed_key)) { diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c index 29d9691..cde9b88 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c @@ -560,7 +560,7 @@ int __udp6_lib_err(struct sk_buff *skb, struct inet6_skb_parm *opt, sk = __udp6_lib_lookup(net, daddr, uh->dest, saddr, uh->source, inet6_iif(skb), inet6_sdif(skb), udptable, NULL); - if (!sk) { + if (!sk || udp_sk(sk)->encap_type) { /* No socket for error: try tunnels before discarding */ sk = ERR_PTR(-ENOENT); if (static_branch_unlikely(&udpv6_encap_needed_key)) { From patchwork Tue Oct 13 07:27:27 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 270044 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1FE59C433E7 for ; Tue, 13 Oct 2020 07:28:09 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D2BF02063A for ; Tue, 13 Oct 2020 07:28:08 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="tnF0u66X" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390120AbgJMH2I (ORCPT ); Tue, 13 Oct 2020 03:28:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55400 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390091AbgJMH2H (ORCPT ); Tue, 13 Oct 2020 03:28:07 -0400 Received: from mail-pf1-x441.google.com (mail-pf1-x441.google.com [IPv6:2607:f8b0:4864:20::441]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 73517C0613D0; Tue, 13 Oct 2020 00:28:07 -0700 (PDT) Received: by mail-pf1-x441.google.com with SMTP id c20so5583517pfr.8; Tue, 13 Oct 2020 00:28:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=NWswMQFNrJpmgSXJFGyvzsyral3mRo2RUwnr9RHwTGk=; b=tnF0u66XkMUCpMqTv/lo2ZASpfMhbzQuTZlibftVepVKx90bSGM2RaH9p5ZOGL9UXB E5JRRiq9oKcjqUcr+VM/XRC3dmzTLI89N2l9ds2jEIqn+Pp+u2OPvM8K4DaJ5IYv4QcW u8wNEGNBHp9NYIMz56Pn+CgE+ibA3hiJp8CipQH/gUteaUbY3pQJZZ7hm8V3IGAkWfAd ad5elQvn9rtXNUUb/OGB+b0XhyM1KG+84cmCUDNkCKTn8OI5gTLrHrRQ07umBGp32Cqg oTnctiTL25byLYkkRU9kRbRhdF7YftZaMDpAkX4ZDu8RhjsoaoJxpjuGusRaMg1M19yP WxOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=NWswMQFNrJpmgSXJFGyvzsyral3mRo2RUwnr9RHwTGk=; b=XLm6XTghM2UApdHDGWKzvPwfpOfRBGHvBMln1kdoGMxucYgaEZBdTH8Bxj7JjB+Bc0 V6qjhvShHPQiyiSQjlBPY2Ave1NsSOAjJg4UC4yEd6OWk+o0jTx8EmTO1cauTy+irfvd IkH69JAEar9/4EtMx6Zcjtta6XAfEPdVdkm/bmEgguonmOR2iltO1yqroDsRpzS+3aLd E1fku3pbilCCtH0Nj97zxk6fcvvwEQWmUK3CPE+wH4HpP0n5dOfvyy8eQ3l6Ewic7t1K Qg2Lr8PtpYNSPzABgKigVsUhPHHiJkFP4YuwhW3VTyCgP2c4Q6E8NbF1C657gMYOxaQ4 GMCQ== X-Gm-Message-State: AOAM532wK/obz6pC6YD6p379iMmUotEJ7Mbctinp1qK0f0U0S2DfWwG/ wXmUjfnAtfTQBm266fkmrZ9nWDWBTz0= X-Google-Smtp-Source: ABdhPJxsBuuPGPwOcn2kRAcT9ypKhMS+ulT07OyGafhplNMQAcjIiH/D2wykJGZw5ivYjwPZwg9pAg== X-Received: by 2002:a62:88ca:0:b029:156:2594:23c7 with SMTP id l193-20020a6288ca0000b0290156259423c7mr7632048pfd.12.1602574086769; Tue, 13 Oct 2020 00:28:06 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id l2sm27442296pjy.6.2020.10.13.00.28.05 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:28:06 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 02/16] udp6: move the mss check after udp gso tunnel processing Date: Tue, 13 Oct 2020 15:27:27 +0800 Message-Id: X-Mailer: git-send-email 2.1.0 In-Reply-To: References: In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org For some protocol's gso, like SCTP, it's using GSO_BY_FRAGS for gso_size. When using UDP to encapsulate its packet, it will return error in udp6_ufo_fragment() as skb->len < gso_size, and it will never go to the gso tunnel processing. So we should move this check after udp gso tunnel processing, the same as udp4_ufo_fragment() does. v1->v2: - no change. v2->v3: - not do any cleanup. Signed-off-by: Xin Long Acked-by: Willem de Bruijn --- net/ipv6/udp_offload.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/ipv6/udp_offload.c b/net/ipv6/udp_offload.c index 584157a..aa602af 100644 --- a/net/ipv6/udp_offload.c +++ b/net/ipv6/udp_offload.c @@ -28,10 +28,6 @@ static struct sk_buff *udp6_ufo_fragment(struct sk_buff *skb, int tnl_hlen; int err; - mss = skb_shinfo(skb)->gso_size; - if (unlikely(skb->len <= mss)) - goto out; - if (skb->encapsulation && skb_shinfo(skb)->gso_type & (SKB_GSO_UDP_TUNNEL|SKB_GSO_UDP_TUNNEL_CSUM)) segs = skb_udp_tunnel_segment(skb, features, true); @@ -48,6 +44,10 @@ static struct sk_buff *udp6_ufo_fragment(struct sk_buff *skb, if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP_L4) return __udp_gso_segment(skb, features); + mss = skb_shinfo(skb)->gso_size; + if (unlikely(skb->len <= mss)) + goto out; + /* Do software UFO. Complete and fill in the UDP checksum as HW cannot * do checksum of UDP packets sent as multiple IP fragments. */ From patchwork Tue Oct 13 07:27:28 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 288512 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5A5F5C433DF for ; Tue, 13 Oct 2020 07:28:18 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1E5C520872 for ; Tue, 13 Oct 2020 07:28:18 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="IneJXeAP" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390133AbgJMH2Q (ORCPT ); Tue, 13 Oct 2020 03:28:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55424 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390091AbgJMH2Q (ORCPT ); Tue, 13 Oct 2020 03:28:16 -0400 Received: from mail-pl1-x62e.google.com (mail-pl1-x62e.google.com [IPv6:2607:f8b0:4864:20::62e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E7D72C0613D0; Tue, 13 Oct 2020 00:28:15 -0700 (PDT) Received: by mail-pl1-x62e.google.com with SMTP id d23so10200440pll.7; Tue, 13 Oct 2020 00:28:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=5n9MDJ2fdPNgSTG4tMoW/SRIt8/WSpHVsbv6RmWVU3Y=; b=IneJXeAP2AYogjJidckSS6L0uH6PzRtuh2cbtkEIe+QHUxglenWggeRo9YbTCQKGFD ZAJRVJEYSm/jajfnXKgdqb8QGBQvWUYlCdpihA2cnkFhyEMnIIz3ZKXI/g20reV8LIwD 05lULbBQ+TVleetRadD+/ruiC3jxeWMiCdOgtXSrp2nNrPBqc3b0UcN0izVZf8qyO967 8h2lBr9AfvKNL95rTZO8PBHv+/BDq23/oA03PMeveySDOfK1rI23EyfAErqpuUltU/rB qj3djH53VHvR38OE+2jgR1C5jjmruEzbdR01Jza8T90/ZS+1Fp+jVv+ht+XFdlzUzoln Dd/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=5n9MDJ2fdPNgSTG4tMoW/SRIt8/WSpHVsbv6RmWVU3Y=; b=iM6UOh0EEngvDEP94U7fNQkPvB/mEuJk3FY8Iq5vLDvvUlSA5idNAMCubnBvfgI8a7 /cCnJEFDg3MIvDvd5ptjaKHt1fyybUD40VO2NDZvW95t1o3eWNAJN/eOHY63Hl+VYqhl UChPZb8XdzCOdbYipatleBnODGE7024NIztf2MkUjAEXMsiKe/P95ukfCfRFTei+qthG ftKqGfQKHPaI3EAObPZaLl7WmGpMfRMRemUP+keqmn5vCvIPINBIotG+l8pci5q7UELn dZSZ+ZoHDrbDlKEs+9XAKBAECRjG4bX+lMXQnK1+LFPTo99CatZHdx5zC8Vf4keaBO5G zV9Q== X-Gm-Message-State: AOAM531f0TqGSWhAyfZ2RFOCTEHOEblAvlg+bnSm5T4mmWGtJVuGi5ac 72l5P17tAinqmFqgXCuIc5LeyxcmH/g= X-Google-Smtp-Source: ABdhPJxo+/Jpy23MnxFz6eP3WmtW9zAnNtIjs6ZxK8+xmMCYe2/HmmfkIiIzxSRHcWEhyzTUwpYWrg== X-Received: by 2002:a17:90a:1903:: with SMTP id 3mr24682806pjg.74.1602574095104; Tue, 13 Oct 2020 00:28:15 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id n19sm21961236pfu.24.2020.10.13.00.28.13 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:28:14 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 03/16] udp: support sctp over udp in skb_udp_tunnel_segment Date: Tue, 13 Oct 2020 15:27:28 +0800 Message-Id: X-Mailer: git-send-email 2.1.0 In-Reply-To: References: In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org For the gso of sctp over udp packets, sctp_gso_segment() will be called in skb_udp_tunnel_segment(), we need to set transport_header to sctp header. As all the current HWs can't handle both crc checksum and udp checksum at the same time, the crc checksum has to be done in sctp_gso_segment() by removing the NETIF_F_SCTP_CRC flag from the features. Meanwhile, if the HW can't do udp checksum, csum and csum_start has to be set correctly, and udp checksum will be done in __skb_udp_tunnel_segment() by calling gso_make_checksum(). Thanks to Paolo, Marcelo and Guillaume for helping with this one. v1->v2: - no change. v2->v3: - remove the he NETIF_F_SCTP_CRC flag from the features. - set csum and csum_start in sctp_gso_make_checksum(). Signed-off-by: Xin Long --- net/ipv4/udp_offload.c | 3 +++ net/sctp/offload.c | 6 +++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/net/ipv4/udp_offload.c b/net/ipv4/udp_offload.c index e67a66f..4d31255 100644 --- a/net/ipv4/udp_offload.c +++ b/net/ipv4/udp_offload.c @@ -49,6 +49,7 @@ static struct sk_buff *__skb_udp_tunnel_segment(struct sk_buff *skb, __skb_pull(skb, tnl_hlen); skb_reset_mac_header(skb); skb_set_network_header(skb, skb_inner_network_offset(skb)); + skb_set_transport_header(skb, skb_inner_transport_offset(skb)); skb->mac_len = skb_inner_network_offset(skb); skb->protocol = new_protocol; @@ -67,6 +68,8 @@ static struct sk_buff *__skb_udp_tunnel_segment(struct sk_buff *skb, (NETIF_F_HW_CSUM | NETIF_F_IP_CSUM)))); features &= skb->dev->hw_enc_features; + /* CRC checksum can't be handled by HW when it's a udp tunneling packet. */ + features &= ~NETIF_F_SCTP_CRC; /* The only checksum offload we care about from here on out is the * outer one so strip the existing checksum feature flags and diff --git a/net/sctp/offload.c b/net/sctp/offload.c index 74847d6..9f6f818 100644 --- a/net/sctp/offload.c +++ b/net/sctp/offload.c @@ -27,7 +27,11 @@ static __le32 sctp_gso_make_checksum(struct sk_buff *skb) { skb->ip_summed = CHECKSUM_NONE; skb->csum_not_inet = 0; - gso_reset_checksum(skb, ~0); + /* csum and csum_start in gso cb may be needed to do the udp + * checksum when it's a udp tunneling packet. + */ + SKB_GSO_CB(skb)->csum = (__force __wsum)~0; + SKB_GSO_CB(skb)->csum_start = skb_headroom(skb) + skb->len; return sctp_compute_cksum(skb, skb_transport_offset(skb)); } From patchwork Tue Oct 13 07:27:29 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 270043 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4EC92C433DF for ; Tue, 13 Oct 2020 07:28:24 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E755320872 for ; Tue, 13 Oct 2020 07:28:23 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="jQvPWsmu" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390155AbgJMH2V (ORCPT ); Tue, 13 Oct 2020 03:28:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55436 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390091AbgJMH2T (ORCPT ); Tue, 13 Oct 2020 03:28:19 -0400 Received: from mail-pl1-x62a.google.com (mail-pl1-x62a.google.com [IPv6:2607:f8b0:4864:20::62a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 45AA2C0613D0; Tue, 13 Oct 2020 00:28:19 -0700 (PDT) Received: by mail-pl1-x62a.google.com with SMTP id h2so10190454pll.11; Tue, 13 Oct 2020 00:28:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=HG2RLk7bAh83YS4C2UPIzbvNav0ygPjqVjP+XYPnGa8=; b=jQvPWsmuJsXj0PSkBdKwoBtmaHFB5GPLXXL/hVb2QA2GA3Q9q2FpIKs0HJBQPTGWeR f+lnHvdpZh4L7HKHB+YWVq3cwxuirxPag1t91rh5F0o+/eVnrwV7gokKKaDUI11GobBU 7SImRjeuPtsalRxwpEEylhX/M3wIlIwhbgmOL39Q5Tro81k2ZGnxfNoqXFlTvMNUk0/S 88OMVF1PztUwjiR+bWASDyogTQVnu+GCcE8mNGHypZmrWJPX87qRAP+lOBZJDPvRl35d URWSi6qIxiCvazqnjjHoKERN8xzUjO20bl36flEJI/7VJrr2zog7M1eXnXKmxiCjRk6k eVuA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=HG2RLk7bAh83YS4C2UPIzbvNav0ygPjqVjP+XYPnGa8=; b=acw7WmpNhi+8sygu8D6YizoN1hkWfUx6LEh3/eke2kRIVO5LxQprJZt5OlS1n8aDUN NcvMdHVc49EO1raN6IEjgaU2EBfQHxcNKS8bYkmTMYAfLQ5L4h7JTD0nhXT84S87o8Tj +ea2tXzzNjwUoj211CUbO8H64Wwz8OdO0dMFgJ/mrehnQ/kX6PnX4A8rQRROszOd6Cr7 CgSHk554T4ec5f41+Sj9pTR3M1LiROO53661GOg/DciYuy12pWouPjQjTaJEv5ZlvM8S p4ZDmXilXdcbr3s0Ne/wjsD/LReGCvPKjieYP7O0wKV/2LnaJd+zbGy+D/HV46KgFX4y Nwjg== X-Gm-Message-State: AOAM530zcggZ1amU02wnrtSfRTTDhr0aNmGrhRip43COfAmn5J7HIHDm S/ok/KAy3RVBU7TmBqXEOhWDUniGD3w= X-Google-Smtp-Source: ABdhPJxB0J7iRqSObFz9JgUX8MLk45HC91/In/Tx8LpOqXITu7nYjF/Gvy5cYu62JufIj8DZptQQNQ== X-Received: by 2002:a17:90a:f0c6:: with SMTP id fa6mr22667670pjb.12.1602574098479; Tue, 13 Oct 2020 00:28:18 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id t3sm21270975pgm.42.2020.10.13.00.28.17 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:28:17 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 04/16] sctp: create udp4 sock and add its encap_rcv Date: Tue, 13 Oct 2020 15:27:29 +0800 Message-Id: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> X-Mailer: git-send-email 2.1.0 In-Reply-To: References: In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This patch is to add the functions to create/release udp4 sock, and set the sock's encap_rcv to process the incoming udp encap sctp packets. In sctp_udp_rcv(), as we can see, all we need to do is fix the transport header for sctp_rcv(), then it would implement the part of rfc6951#section-5.4: "When an encapsulated packet is received, the UDP header is removed. Then, the generic lookup is performed, as done by an SCTP stack whenever a packet is received, to find the association for the received SCTP packet" Note that these functions will be called in the last patch of this patchset when enabling this feature. v1->v2: - Add pr_err() when fails to create udp v4 sock. v2->v3: - Add 'select NET_UDP_TUNNEL' in sctp Kconfig. Signed-off-by: Xin Long --- include/net/netns/sctp.h | 5 +++++ include/net/sctp/constants.h | 2 ++ include/net/sctp/sctp.h | 2 ++ net/sctp/Kconfig | 1 + net/sctp/protocol.c | 43 +++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 53 insertions(+) diff --git a/include/net/netns/sctp.h b/include/net/netns/sctp.h index d8d02e4..3d10bef 100644 --- a/include/net/netns/sctp.h +++ b/include/net/netns/sctp.h @@ -22,6 +22,11 @@ struct netns_sctp { */ struct sock *ctl_sock; + /* udp tunneling listening sock. */ + struct sock *udp4_sock; + /* udp tunneling listening port. */ + int udp_port; + /* This is the global local address list. * We actively maintain this complete list of addresses on * the system by catching address add/delete events. diff --git a/include/net/sctp/constants.h b/include/net/sctp/constants.h index 122d9e2..b583166 100644 --- a/include/net/sctp/constants.h +++ b/include/net/sctp/constants.h @@ -286,6 +286,8 @@ enum { SCTP_MAX_GABS = 16 }; * functions simpler to write. */ +#define SCTP_DEFAULT_UDP_PORT 9899 /* default udp tunneling port */ + /* These are the values for pf exposure, UNUSED is to keep compatible with old * applications by default. */ diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h index 4fc747b..bfd87a0 100644 --- a/include/net/sctp/sctp.h +++ b/include/net/sctp/sctp.h @@ -84,6 +84,8 @@ int sctp_copy_local_addr_list(struct net *net, struct sctp_bind_addr *addr, struct sctp_pf *sctp_get_pf_specific(sa_family_t family); int sctp_register_pf(struct sctp_pf *, sa_family_t); void sctp_addr_wq_mgmt(struct net *, struct sctp_sockaddr_entry *, int); +int sctp_udp_sock_start(struct net *net); +void sctp_udp_sock_stop(struct net *net); /* * sctp/socket.c diff --git a/net/sctp/Kconfig b/net/sctp/Kconfig index 39d7fa9..5da599f 100644 --- a/net/sctp/Kconfig +++ b/net/sctp/Kconfig @@ -11,6 +11,7 @@ menuconfig IP_SCTP select CRYPTO_HMAC select CRYPTO_SHA1 select LIBCRC32C + select NET_UDP_TUNNEL help Stream Control Transmission Protocol diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c index 2583323..2b7a3e1 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -44,6 +44,7 @@ #include #include #include +#include #define MAX_SCTP_PORT_HASH_ENTRIES (64 * 1024) @@ -840,6 +841,45 @@ static int sctp_ctl_sock_init(struct net *net) return 0; } +static int sctp_udp_rcv(struct sock *sk, struct sk_buff *skb) +{ + skb_set_transport_header(skb, sizeof(struct udphdr)); + sctp_rcv(skb); + return 0; +} + +int sctp_udp_sock_start(struct net *net) +{ + struct udp_tunnel_sock_cfg tuncfg = {NULL}; + struct udp_port_cfg udp_conf = {0}; + struct socket *sock; + int err; + + udp_conf.family = AF_INET; + udp_conf.local_ip.s_addr = htonl(INADDR_ANY); + udp_conf.local_udp_port = htons(net->sctp.udp_port); + err = udp_sock_create(net, &udp_conf, &sock); + if (err) { + pr_err("Failed to create the SCTP udp tunneling v4 sock\n"); + return err; + } + + tuncfg.encap_type = 1; + tuncfg.encap_rcv = sctp_udp_rcv; + setup_udp_tunnel_sock(net, sock, &tuncfg); + net->sctp.udp4_sock = sock->sk; + + return 0; +} + +void sctp_udp_sock_stop(struct net *net) +{ + if (net->sctp.udp4_sock) { + udp_tunnel_sock_release(net->sctp.udp4_sock->sk_socket); + net->sctp.udp4_sock = NULL; + } +} + /* Register address family specific functions. */ int sctp_register_af(struct sctp_af *af) { @@ -1271,6 +1311,9 @@ static int __net_init sctp_defaults_init(struct net *net) /* Enable ECN by default. */ net->sctp.ecn_enable = 1; + /* Set udp tunneling listening port to default value */ + net->sctp.udp_port = SCTP_DEFAULT_UDP_PORT; + /* Set SCOPE policy to enabled */ net->sctp.scope_policy = SCTP_SCOPE_POLICY_ENABLE; From patchwork Tue Oct 13 07:27:30 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 288511 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9D6D4C433E7 for ; Tue, 13 Oct 2020 07:28:29 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5395020878 for ; Tue, 13 Oct 2020 07:28:29 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="KkOHeQyo" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390166AbgJMH22 (ORCPT ); Tue, 13 Oct 2020 03:28:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55460 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390091AbgJMH21 (ORCPT ); Tue, 13 Oct 2020 03:28:27 -0400 Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8241BC0613D2; Tue, 13 Oct 2020 00:28:27 -0700 (PDT) Received: by mail-pl1-x630.google.com with SMTP id 1so4352735ple.2; Tue, 13 Oct 2020 00:28:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=m/TiQ2lE3m4wHvHFT6+tGQzF2YHGDHHA/t6tWuUFplI=; b=KkOHeQyo6RZwUmm55eI4756KtTSZjL7yXR7rQmlrZTH2vspBv5OtS+lWiJy1ocwu9o kZMQFLxMEgsyKOQORv88r86e6viBFWSGXvImsMeVY+pYANC8R74awzxrAdr/+0OFicry +mm5k5lP607RFOT74bO0/N49vhkGP3oIsN3nj1utVRxfEHWEkWT3TKM1M2VUaV1ktFtz jCkRJo7MmFCYwnHrmI6RqmgF/5VYp4O1kMD47rxvi5xcNooOMyr4RsEdsUGXt2e4gBZh 2ilMWwE2aDvhqjB6Ap9g1BCFSLALcRxOOYhJGdM4hts6pc46YHi77VuV6MG/B16Y1af9 A+tw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=m/TiQ2lE3m4wHvHFT6+tGQzF2YHGDHHA/t6tWuUFplI=; b=Vf7ZZSoBhAi/tGJGgmZw9fKflKyX2JvJQekZEkZ6B//ms0GJoGlul8P0/5CGAdG4EL 4W6FyNeJvFqDE+rsPzKc0DRzUi8ln8Joa8UHfIkQqMqEe78fXUbo4llGiafH6OE67C89 7/+gmPJzktSYVo265ZIBLu1jTqExByd/6ThqYV5L3aAIC0OESxkujnXJ/jpXCt2Diev2 8SbNHfuBQYGZjMK0OyEtOELvsNHpOZfyXzRvd2LVFbjtsUifiIzZ6qBDuwixMT1vgdnP N7VDra9AjZvpADMQLCpixJKsB4LwxJYuFSf1nM8ZvyJC4uVby+TU4AO5cJHrkTXUFGMM 7E9w== X-Gm-Message-State: AOAM5313bbu81qSYtsU9YQ9kJffvx321uWYGG908J2B106LOQOU3w7rx 18liuSnMjxdlAg0izIztX4NeUEsuFbI= X-Google-Smtp-Source: ABdhPJwZfiJj93Vtq9dUob//y0QeY816BJW19Ay9seVdbPjf9XvjLyevb4WgMQ7zoTglHZbdK2kJoQ== X-Received: by 2002:a17:902:a588:b029:d3:7f4a:28a2 with SMTP id az8-20020a170902a588b02900d37f4a28a2mr26848525plb.26.1602574106800; Tue, 13 Oct 2020 00:28:26 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id a18sm20733153pgw.50.2020.10.13.00.28.25 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:28:26 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 05/16] sctp: create udp6 sock and set its encap_rcv Date: Tue, 13 Oct 2020 15:27:30 +0800 Message-Id: X-Mailer: git-send-email 2.1.0 In-Reply-To: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This patch is to add the udp6 sock part in sctp_udp_sock_start/stop(). udp_conf.use_udp6_rx_checksums is set to true, as: "The SCTP checksum MUST be computed for IPv4 and IPv6, and the UDP checksum SHOULD be computed for IPv4 and IPv6" says in rfc6951#section-5.3. v1->v2: - Add pr_err() when fails to create udp v6 sock. - Add #if IS_ENABLED(CONFIG_IPV6) not to create v6 sock when ipv6 is disabled. Signed-off-by: Xin Long --- include/net/netns/sctp.h | 1 + net/sctp/protocol.c | 26 ++++++++++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/include/net/netns/sctp.h b/include/net/netns/sctp.h index 3d10bef..f622945 100644 --- a/include/net/netns/sctp.h +++ b/include/net/netns/sctp.h @@ -24,6 +24,7 @@ struct netns_sctp { /* udp tunneling listening sock. */ struct sock *udp4_sock; + struct sock *udp6_sock; /* udp tunneling listening port. */ int udp_port; diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c index 2b7a3e1..49b5d75 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -869,6 +869,28 @@ int sctp_udp_sock_start(struct net *net) setup_udp_tunnel_sock(net, sock, &tuncfg); net->sctp.udp4_sock = sock->sk; +#if IS_ENABLED(CONFIG_IPV6) + memset(&udp_conf, 0, sizeof(udp_conf)); + + udp_conf.family = AF_INET6; + udp_conf.local_ip6 = in6addr_any; + udp_conf.local_udp_port = htons(net->sctp.udp_port); + udp_conf.use_udp6_rx_checksums = true; + udp_conf.ipv6_v6only = true; + err = udp_sock_create(net, &udp_conf, &sock); + if (err) { + pr_err("Failed to create the SCTP udp tunneling v6 sock\n"); + udp_tunnel_sock_release(net->sctp.udp4_sock->sk_socket); + net->sctp.udp4_sock = NULL; + return err; + } + + tuncfg.encap_type = 1; + tuncfg.encap_rcv = sctp_udp_rcv; + setup_udp_tunnel_sock(net, sock, &tuncfg); + net->sctp.udp6_sock = sock->sk; +#endif + return 0; } @@ -878,6 +900,10 @@ void sctp_udp_sock_stop(struct net *net) udp_tunnel_sock_release(net->sctp.udp4_sock->sk_socket); net->sctp.udp4_sock = NULL; } + if (net->sctp.udp6_sock) { + udp_tunnel_sock_release(net->sctp.udp6_sock->sk_socket); + net->sctp.udp6_sock = NULL; + } } /* Register address family specific functions. */ From patchwork Tue Oct 13 07:27:31 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 270042 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5B365C433E7 for ; Tue, 13 Oct 2020 07:28:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1A73120872 for ; Tue, 13 Oct 2020 07:28:37 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="j4gxN2sM" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390184AbgJMH2g (ORCPT ); Tue, 13 Oct 2020 03:28:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55486 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390091AbgJMH2g (ORCPT ); Tue, 13 Oct 2020 03:28:36 -0400 Received: from mail-pg1-x542.google.com (mail-pg1-x542.google.com [IPv6:2607:f8b0:4864:20::542]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 02E30C0613D0; Tue, 13 Oct 2020 00:28:36 -0700 (PDT) Received: by mail-pg1-x542.google.com with SMTP id o3so6974487pgr.11; Tue, 13 Oct 2020 00:28:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=mddk0RPj5RANjKGN0DxBgjaZKh24JdfVj6LOwAP3f/8=; b=j4gxN2sMBKZi1Hp+ijuVwR+tO/CfPXTlygoK2MEcsuSI/YISv22AFnF4qKw/w2PVqz Odfn5CocQHNee/qLT6T5sZ+JbZ6XkwwlXGmqZDcj9s/+G82RGk+j4bFK6nfloLLRDydf lMtmG6YFoMWRFjv3anrey9vKNckKNrwJswNpLYFpkmV+IcTtYp2ZrAfUxfkc9+Jwh8Y3 Jtn+TLPEu+em3ggf/ZtK1s78hsP7Ch4espTYihzfJTobadmzQnCQ7+zBAZXCUC1SUaAs tHKzAIAOEJ+jL25hyAkuxKCjQxsMONFOlAOkel4rEZasenljMS9N4nktQluSuGgYzo6H JYww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=mddk0RPj5RANjKGN0DxBgjaZKh24JdfVj6LOwAP3f/8=; b=T4Rh4K4/yzwwdiHkPiEYla3d1+UnTZgPL5SzG+hpRnOGB6w/dPgrXLafmNX6+3YdDC 36dMtVg+pyDGhW7hFBTvFHPeG9ffDIoz0wihjxSCEzEM7sQj16CwyMl8rvCtsVKZ9rcW d5zmy7LbZlVE/U/XZ4fFNn/U3IIguE5oVTRGRGxmRdQDPxy1f6fDHSwfcSeG9xgP15tF JnGvBvp+a4gYUlSFBKcyS3Xsd2KAfzefjjbmYySRBse1sPAnVQpXt/DUI1bHRy1H7jRO sWp6WBs9avmd4cL01E0p5SJScixdRqcAEy6ZkDZ/5K01EXi7ZGcQfcomLUvuZZpgsvw9 wwvQ== X-Gm-Message-State: AOAM532VzcrF9Q/oncuohXxrkthzto21bkzujxm+LQkQ2OR2e+zbzijx B6gTnGLqruXmmmNCxMRKGn0/ArRKAXQ= X-Google-Smtp-Source: ABdhPJx3RGGf/wDndy3+JimNOJCCTV4gcgYhKOqrezDH0+QnY1AbkdS493kicslpT9NmdPJ9EPq3oA== X-Received: by 2002:a62:6347:0:b029:155:8201:c620 with SMTP id x68-20020a6263470000b02901558201c620mr19205182pfb.23.1602574115199; Tue, 13 Oct 2020 00:28:35 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id f66sm7204921pfa.59.2020.10.13.00.28.33 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:28:34 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 06/16] sctp: add encap_err_lookup for udp encap socks Date: Tue, 13 Oct 2020 15:27:31 +0800 Message-Id: X-Mailer: git-send-email 2.1.0 In-Reply-To: References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org As it says in rfc6951#section-5.5: "When receiving ICMP or ICMPv6 response packets, there might not be enough bytes in the payload to identify the SCTP association that the SCTP packet triggering the ICMP or ICMPv6 packet belongs to. If a received ICMP or ICMPv6 packet cannot be related to a specific SCTP association or the verification tag cannot be verified, it MUST be discarded silently. In particular, this means that the SCTP stack MUST NOT rely on receiving ICMP or ICMPv6 messages. Implementation constraints could prevent processing received ICMP or ICMPv6 messages." ICMP or ICMPv6 packets need to be handled, and this is implemented by udp encap sock .encap_err_lookup function. The .encap_err_lookup function is called in __udp(6)_lib_err_encap() to confirm this path does need to be updated. For sctp, what we can do here is check if the corresponding asoc and transport exist. Note that icmp packet process for sctp over udp is done by udp sock .encap_err_lookup(), and it means for now we can't do as much as sctp_v4/6_err() does. Also we can't do the two mappings mentioned in rfc6951#section-5.5. Signed-off-by: Xin Long --- net/sctp/protocol.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c index 49b5d75..dd2d9c4 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -848,6 +848,23 @@ static int sctp_udp_rcv(struct sock *sk, struct sk_buff *skb) return 0; } +static int sctp_udp_err_lookup(struct sock *sk, struct sk_buff *skb) +{ + struct sctp_association *asoc; + struct sctp_transport *t; + int family; + + skb->transport_header += sizeof(struct udphdr); + family = (ip_hdr(skb)->version == 4) ? AF_INET : AF_INET6; + sk = sctp_err_lookup(dev_net(skb->dev), family, skb, sctp_hdr(skb), + &asoc, &t); + if (!sk) + return -ENOENT; + + sctp_err_finish(sk, t); + return 0; +} + int sctp_udp_sock_start(struct net *net) { struct udp_tunnel_sock_cfg tuncfg = {NULL}; @@ -866,6 +883,7 @@ int sctp_udp_sock_start(struct net *net) tuncfg.encap_type = 1; tuncfg.encap_rcv = sctp_udp_rcv; + tuncfg.encap_err_lookup = sctp_udp_err_lookup; setup_udp_tunnel_sock(net, sock, &tuncfg); net->sctp.udp4_sock = sock->sk; @@ -887,6 +905,7 @@ int sctp_udp_sock_start(struct net *net) tuncfg.encap_type = 1; tuncfg.encap_rcv = sctp_udp_rcv; + tuncfg.encap_err_lookup = sctp_udp_err_lookup; setup_udp_tunnel_sock(net, sock, &tuncfg); net->sctp.udp6_sock = sock->sk; #endif From patchwork Tue Oct 13 07:27:32 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 288510 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 94D3DC433DF for ; Tue, 13 Oct 2020 07:28:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4EEE120872 for ; Tue, 13 Oct 2020 07:28:46 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="JCeB98aq" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390202AbgJMH2p (ORCPT ); Tue, 13 Oct 2020 03:28:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55510 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390091AbgJMH2o (ORCPT ); Tue, 13 Oct 2020 03:28:44 -0400 Received: from mail-pl1-x633.google.com (mail-pl1-x633.google.com [IPv6:2607:f8b0:4864:20::633]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 67FEAC0613D0; Tue, 13 Oct 2020 00:28:44 -0700 (PDT) Received: by mail-pl1-x633.google.com with SMTP id c6so10200366plr.9; Tue, 13 Oct 2020 00:28:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=0NQ6rBAGodZmng5U9FvOVx+JoVKAYom7BvJGxpJCao4=; b=JCeB98aqlxMGo+CULqPIXQnAZcJdcX/EmpMVzPzpwYPBqMm3J2s7xn9MXUZo3yUOaT ogO4qvqJ/JV84G2XhDb8Tg5RxnIwqFn6rOiZRry32hzyMJeFpbfY1dttFFIYHv49wl41 oSy6yrnHUd1e+SK1Z20XMfN8pYjCGMFIqx0JR13Egc8FHy2JXFyQTwNqH+I1qMT9Oe1s to9JPInAdekIpuyTH7FiBsXQvQbJg1S2uFaKfRoCHRt3WDb1RdvcG8KL7yDWOzRWz2rg N5yhTOg/ucWpOFEDCobqB7xtOMO3MVJpj8YHYXpzHYrG8fZuS5Rnd5lCpl2WdhJIwoJu jFNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=0NQ6rBAGodZmng5U9FvOVx+JoVKAYom7BvJGxpJCao4=; b=spoMLzU5ztYrvhmO2HpXORXikFuiIrY/5yh4a7tJC3flDx7GwM7Riw2PaavGNMzaaH 8dWXXfa69q62TXt5B9LCsGxELGytdW91bbkmBz0lEkjCcn3osryj3mT1/SuSKtsTMe64 /MxqsmIxK2DEoDTVMz2Z7rRZFtQzSK6uAF7NUynt4Od/P8vR3ARDvRWb0bXI5m31g1jN H1cIwnUsIFE8A1kWilcBRBUv0upzQRQLXCpr1rgQJEj3WFHLqgIXWn+qMi0AHcThjmU3 cELgsaeCqbgEIQ/7vfWkb7Po8/u+I8MN/V9dLE5DZrRCCqk/41uUGbNRY+L3yAigObfj 368g== X-Gm-Message-State: AOAM532Xf3HQx1laeLoLlV80AS9zSFl1kx0t/l4n8seP4CSCganqBVFf 6xy9lVgBJmDTBisduXKcAPD3sGX3O2A= X-Google-Smtp-Source: ABdhPJxiiCen6QQLRqOAm9vQEWxtVkW+t7lPhUFr5THqEM29AaDHUUqtj5RPRODRDUOvtBglFrXz5w== X-Received: by 2002:a17:902:6b4a:b029:d3:e8f4:3356 with SMTP id g10-20020a1709026b4ab02900d3e8f43356mr27906581plt.0.1602574123605; Tue, 13 Oct 2020 00:28:43 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id x18sm22663228pfj.90.2020.10.13.00.28.42 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:28:42 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 07/16] sctp: add encap_port for netns sock asoc and transport Date: Tue, 13 Oct 2020 15:27:32 +0800 Message-Id: <37e9f70ffb9dea1572025b8e1c4b1f1c6e6b3da5.1602574012.git.lucien.xin@gmail.com> X-Mailer: git-send-email 2.1.0 In-Reply-To: References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org encap_port is added as per netns/sock/assoc/transport, and the latter one's encap_port inherits the former one's by default. The transport's encap_port value would mostly decide if one packet should go out with udp encapsulated or not. This patch also allows users to set netns' encap_port by sysctl. v1->v2: - Change to define encap_port as __be16 for sctp_sock, asoc and transport. Signed-off-by: Xin Long --- include/net/netns/sctp.h | 2 ++ include/net/sctp/structs.h | 6 ++++++ net/sctp/associola.c | 4 ++++ net/sctp/protocol.c | 3 +++ net/sctp/socket.c | 1 + net/sctp/sysctl.c | 10 ++++++++++ 6 files changed, 26 insertions(+) diff --git a/include/net/netns/sctp.h b/include/net/netns/sctp.h index f622945..6af7a39 100644 --- a/include/net/netns/sctp.h +++ b/include/net/netns/sctp.h @@ -27,6 +27,8 @@ struct netns_sctp { struct sock *udp6_sock; /* udp tunneling listening port. */ int udp_port; + /* udp tunneling remote encap port. */ + int encap_port; /* This is the global local address list. * We actively maintain this complete list of addresses on diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h index 0bdff38..aa98e7e 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h @@ -178,6 +178,8 @@ struct sctp_sock { */ __u32 hbinterval; + __be16 encap_port; + /* This is the max_retrans value for new associations. */ __u16 pathmaxrxt; @@ -877,6 +879,8 @@ struct sctp_transport { */ unsigned long last_time_ecne_reduced; + __be16 encap_port; + /* This is the max_retrans value for the transport and will * be initialized from the assocs value. This can be changed * using the SCTP_SET_PEER_ADDR_PARAMS socket option. @@ -1790,6 +1794,8 @@ struct sctp_association { */ unsigned long hbinterval; + __be16 encap_port; + /* This is the max_retrans value for new transports in the * association. */ diff --git a/net/sctp/associola.c b/net/sctp/associola.c index fdb69d4..336df4b 100644 --- a/net/sctp/associola.c +++ b/net/sctp/associola.c @@ -99,6 +99,8 @@ static struct sctp_association *sctp_association_init( */ asoc->hbinterval = msecs_to_jiffies(sp->hbinterval); + asoc->encap_port = sp->encap_port; + /* Initialize path max retrans value. */ asoc->pathmaxrxt = sp->pathmaxrxt; @@ -624,6 +626,8 @@ struct sctp_transport *sctp_assoc_add_peer(struct sctp_association *asoc, */ peer->hbinterval = asoc->hbinterval; + peer->encap_port = asoc->encap_port; + /* Set the path max_retrans. */ peer->pathmaxrxt = asoc->pathmaxrxt; diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c index dd2d9c4..5b74187 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -1359,6 +1359,9 @@ static int __net_init sctp_defaults_init(struct net *net) /* Set udp tunneling listening port to default value */ net->sctp.udp_port = SCTP_DEFAULT_UDP_PORT; + /* Set remote encap port to 0 by default */ + net->sctp.encap_port = 0; + /* Set SCOPE policy to enabled */ net->sctp.scope_policy = SCTP_SCOPE_POLICY_ENABLE; diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 53d0a41..09b94cd 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -4876,6 +4876,7 @@ static int sctp_init_sock(struct sock *sk) * be modified via SCTP_PEER_ADDR_PARAMS */ sp->hbinterval = net->sctp.hb_interval; + sp->encap_port = htons(net->sctp.encap_port); sp->pathmaxrxt = net->sctp.max_retrans_path; sp->pf_retrans = net->sctp.pf_retrans; sp->ps_retrans = net->sctp.ps_retrans; diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c index c16c809..ecc1b5e 100644 --- a/net/sctp/sysctl.c +++ b/net/sctp/sysctl.c @@ -36,6 +36,7 @@ static int rto_alpha_max = 1000; static int rto_beta_max = 1000; static int pf_expose_max = SCTP_PF_EXPOSE_MAX; static int ps_retrans_max = SCTP_PS_RETRANS_MAX; +static int udp_port_max = 65535; static unsigned long max_autoclose_min = 0; static unsigned long max_autoclose_max = @@ -291,6 +292,15 @@ static struct ctl_table sctp_net_table[] = { .proc_handler = proc_dointvec, }, { + .procname = "encap_port", + .data = &init_net.sctp.encap_port, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = proc_dointvec, + .extra1 = SYSCTL_ZERO, + .extra2 = &udp_port_max, + }, + { .procname = "addr_scope_policy", .data = &init_net.sctp.scope_policy, .maxlen = sizeof(int), From patchwork Tue Oct 13 07:27:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 270041 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2B23FC433DF for ; Tue, 13 Oct 2020 07:28:55 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DBCDC20872 for ; Tue, 13 Oct 2020 07:28:54 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="GyZtOc5D" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390212AbgJMH2y (ORCPT ); Tue, 13 Oct 2020 03:28:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55534 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390091AbgJMH2x (ORCPT ); Tue, 13 Oct 2020 03:28:53 -0400 Received: from mail-pj1-x1041.google.com (mail-pj1-x1041.google.com [IPv6:2607:f8b0:4864:20::1041]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E1DBC0613D0; Tue, 13 Oct 2020 00:28:53 -0700 (PDT) Received: by mail-pj1-x1041.google.com with SMTP id az3so1606082pjb.4; Tue, 13 Oct 2020 00:28:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=wwbKI6c2NhmZswtibscSDsBNiITsh3tYCdze/In9x0Q=; b=GyZtOc5Dnkr4/j76CWXU42TPYkJ0TrxdILPv1y2wOWdHVf47ZQeuOr/Fc1tOUNx57O YB7eERo2Ogg7DGkWPnW5Mi+HUqPZSi+NwqMwrYQRrkVL1N+L/Xurdtbw4GE7L263C5R/ Upgq5HtWZjVSBPRSxVp7iraWsZjS8gLt7PbitEGGmCMUkInfAadxX+Rr4QwR/euVR60k TfGwRrjBMvpoA6TktlwwEdny8SiwxmDu9wf7vS02w14NJtoqYKVmpnNqxA72TiKT2ctE OR2EMqURNGwG3wmumv7Ccjx+Y6FQlLBat40ilmDbOxLahIsQ1wIcyvcVytcGZD8orGWU CtCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=wwbKI6c2NhmZswtibscSDsBNiITsh3tYCdze/In9x0Q=; b=CFxGOhnT8eLrIHvIRwmRpFsJmc30DQ7Y79Am1x8Avx4mLBSSYDI/qPITDD13UJAfNW LPV/ySNsylUvWD2UZEmrr4cGrc8QSc529lpEETruIf6SvA5ADXtxGMJOFoU/lSHg7WKU wrnaSx9QgP5yP4GNXIG7BQGaN/hLiEYl0F9ofMH27WtMYic4CHlYgGZ72aLK1bc/NlBp PqXI+mRls5EkB8yu6cYFQ6pqrha4eCqC+Q1bb1c+F4Wr8XgmmqR2rCWwawyHV5Lvi8F7 R2BaZ6S4BpYNIRHsg4gGer2FwGhPi6URvZmUmThRaR0x00s7GkuyzQ70sKgSOxku/WBu /vzg== X-Gm-Message-State: AOAM531doMt9f96f360hLIZEiqOgHzu2kQPKISmYndnGVPNhQxDQyFYJ qJ53jtIDSBH4wz1uF4RHZAdcDo7ZCW4= X-Google-Smtp-Source: ABdhPJy+vcKB4cpuKkzzjSMeSDeQ7eWCdWNQTarBMN2XeI9WjIVVUuD5D4rNw1nELsC3Nx8rs8zK/g== X-Received: by 2002:a17:90b:3314:: with SMTP id kf20mr24653234pjb.19.1602574132222; Tue, 13 Oct 2020 00:28:52 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id fa12sm17854277pjb.25.2020.10.13.00.28.50 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:28:51 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 08/16] sctp: add SCTP_REMOTE_UDP_ENCAPS_PORT sockopt Date: Tue, 13 Oct 2020 15:27:33 +0800 Message-Id: <08854ecf72eee34d3e98e30def6940d94f97fdef.1602574012.git.lucien.xin@gmail.com> X-Mailer: git-send-email 2.1.0 In-Reply-To: <37e9f70ffb9dea1572025b8e1c4b1f1c6e6b3da5.1602574012.git.lucien.xin@gmail.com> References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> <37e9f70ffb9dea1572025b8e1c4b1f1c6e6b3da5.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This patch is to implement: rfc6951#section-6.1: Get or Set the Remote UDP Encapsulation Port Number with the param of the struct: struct sctp_udpencaps { sctp_assoc_t sue_assoc_id; struct sockaddr_storage sue_address; uint16_t sue_port; }; the encap_port of sock, assoc or transport can be changed by users, which also means it allows the different transports of the same asoc to have different encap_port value. v1->v2: - no change. v2->v3: - fix the endian warning when setting values between encap_port and sue_port. Signed-off-by: Xin Long --- include/uapi/linux/sctp.h | 7 +++ net/sctp/socket.c | 114 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 121 insertions(+) diff --git a/include/uapi/linux/sctp.h b/include/uapi/linux/sctp.h index 28ad40d..cb78e7a 100644 --- a/include/uapi/linux/sctp.h +++ b/include/uapi/linux/sctp.h @@ -140,6 +140,7 @@ typedef __s32 sctp_assoc_t; #define SCTP_ECN_SUPPORTED 130 #define SCTP_EXPOSE_POTENTIALLY_FAILED_STATE 131 #define SCTP_EXPOSE_PF_STATE SCTP_EXPOSE_POTENTIALLY_FAILED_STATE +#define SCTP_REMOTE_UDP_ENCAPS_PORT 132 /* PR-SCTP policies */ #define SCTP_PR_SCTP_NONE 0x0000 @@ -1197,6 +1198,12 @@ struct sctp_event { uint8_t se_on; }; +struct sctp_udpencaps { + sctp_assoc_t sue_assoc_id; + struct sockaddr_storage sue_address; + uint16_t sue_port; +}; + /* SCTP Stream schedulers */ enum sctp_sched_type { SCTP_SS_FCFS, diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 09b94cd..26e464b 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -4417,6 +4417,55 @@ static int sctp_setsockopt_pf_expose(struct sock *sk, return retval; } +static int sctp_setsockopt_encap_port(struct sock *sk, + struct sctp_udpencaps *encap, + unsigned int optlen) +{ + struct sctp_association *asoc; + struct sctp_transport *t; + __be16 encap_port; + + if (optlen != sizeof(*encap)) + return -EINVAL; + + /* If an address other than INADDR_ANY is specified, and + * no transport is found, then the request is invalid. + */ + encap_port = (__force __be16)encap->sue_port; + if (!sctp_is_any(sk, (union sctp_addr *)&encap->sue_address)) { + t = sctp_addr_id2transport(sk, &encap->sue_address, + encap->sue_assoc_id); + if (!t) + return -EINVAL; + + t->encap_port = encap_port; + return 0; + } + + /* Get association, if assoc_id != SCTP_FUTURE_ASSOC and the + * socket is a one to many style socket, and an association + * was not found, then the id was invalid. + */ + asoc = sctp_id2assoc(sk, encap->sue_assoc_id); + if (!asoc && encap->sue_assoc_id != SCTP_FUTURE_ASSOC && + sctp_style(sk, UDP)) + return -EINVAL; + + /* If changes are for association, also apply encap to each + * transport. + */ + if (asoc) { + list_for_each_entry(t, &asoc->peer.transport_addr_list, + transports) + t->encap_port = encap_port; + + return 0; + } + + sctp_sk(sk)->encap_port = encap_port; + return 0; +} + /* API 6.2 setsockopt(), getsockopt() * * Applications use setsockopt() and getsockopt() to set or retrieve @@ -4636,6 +4685,9 @@ static int sctp_setsockopt(struct sock *sk, int level, int optname, case SCTP_EXPOSE_POTENTIALLY_FAILED_STATE: retval = sctp_setsockopt_pf_expose(sk, kopt, optlen); break; + case SCTP_REMOTE_UDP_ENCAPS_PORT: + retval = sctp_setsockopt_encap_port(sk, kopt, optlen); + break; default: retval = -ENOPROTOOPT; break; @@ -7791,6 +7843,65 @@ static int sctp_getsockopt_pf_expose(struct sock *sk, int len, return retval; } +static int sctp_getsockopt_encap_port(struct sock *sk, int len, + char __user *optval, int __user *optlen) +{ + struct sctp_association *asoc; + struct sctp_udpencaps encap; + struct sctp_transport *t; + __be16 encap_port; + + if (len < sizeof(encap)) + return -EINVAL; + + len = sizeof(encap); + if (copy_from_user(&encap, optval, len)) + return -EFAULT; + + /* If an address other than INADDR_ANY is specified, and + * no transport is found, then the request is invalid. + */ + if (!sctp_is_any(sk, (union sctp_addr *)&encap.sue_address)) { + t = sctp_addr_id2transport(sk, &encap.sue_address, + encap.sue_assoc_id); + if (!t) { + pr_debug("%s: failed no transport\n", __func__); + return -EINVAL; + } + + encap_port = t->encap_port; + goto out; + } + + /* Get association, if assoc_id != SCTP_FUTURE_ASSOC and the + * socket is a one to many style socket, and an association + * was not found, then the id was invalid. + */ + asoc = sctp_id2assoc(sk, encap.sue_assoc_id); + if (!asoc && encap.sue_assoc_id != SCTP_FUTURE_ASSOC && + sctp_style(sk, UDP)) { + pr_debug("%s: failed no association\n", __func__); + return -EINVAL; + } + + if (asoc) { + encap_port = asoc->encap_port; + goto out; + } + + encap_port = sctp_sk(sk)->encap_port; + +out: + encap.sue_port = (__force uint16_t)encap_port; + if (copy_to_user(optval, &encap, len)) + return -EFAULT; + + if (put_user(len, optlen)) + return -EFAULT; + + return 0; +} + static int sctp_getsockopt(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen) { @@ -8011,6 +8122,9 @@ static int sctp_getsockopt(struct sock *sk, int level, int optname, case SCTP_EXPOSE_POTENTIALLY_FAILED_STATE: retval = sctp_getsockopt_pf_expose(sk, len, optval, optlen); break; + case SCTP_REMOTE_UDP_ENCAPS_PORT: + retval = sctp_getsockopt_encap_port(sk, len, optval, optlen); + break; default: retval = -ENOPROTOOPT; break; From patchwork Tue Oct 13 07:27:34 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 288509 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B7E1BC433E7 for ; Tue, 13 Oct 2020 07:29:00 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 775E720872 for ; Tue, 13 Oct 2020 07:29:00 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="vROqWLGr" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390226AbgJMH26 (ORCPT ); Tue, 13 Oct 2020 03:28:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55546 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390091AbgJMH24 (ORCPT ); Tue, 13 Oct 2020 03:28:56 -0400 Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 718F3C0613D0; Tue, 13 Oct 2020 00:28:56 -0700 (PDT) Received: by mail-pf1-x431.google.com with SMTP id j18so3634653pfa.0; Tue, 13 Oct 2020 00:28:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=iNzHGEAnbQnBSq+cqEMlnX9SeC26Mbv1uc1rY7stx/g=; b=vROqWLGrxp7jTopMSR7eQyOdSPqKJzS4zvQmCd9ulkGl3pGGiU2ounCv9yDwKAcupz MXEjVoKsI6Ac/vYw1/krcETcIgGKTWIteNwBRwjR2xsgeeGq4kTPSZNaWIXdoJzYSuYA UNQyRs1LDECHGQzxcqiBkMCewsjeA0Qi/E3HCQ3P/HNMX9rx/Yn4MNRKr8TO2tz+AwkK /42inAduZVCpyNL5ShUQmj189/F6/noQNcPqcfqfIGXFQzO7RIv3DNJ/Qjz2UZrLgVWt Y5YBHv4tkgvAVpvTBm4JbZl85e+2xFNKc+7d+cQqufkL0hDrylDLgN1E73yqrdR5dmbl rwQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=iNzHGEAnbQnBSq+cqEMlnX9SeC26Mbv1uc1rY7stx/g=; b=gw0uVljfksonH0fsQmtlqlKr/J7uKQdfH9YGgWjWwNUv48ASAHTWYw7exop5t25jt2 gX6S0wpfV1xSTOy3A6uEK+EgMRIf6OAwwwlRuB4x1uLX5ADhqjHVno7ooQD6avd6T52/ jLCBTra0HBkv5tIg2WuGGHJ2mWTQfU/WePI6vyCZ7W0vOvpuorzPqF+oobbLxrKGdpx4 xWCh6/ZEB+1LcODXG6HA/DUyfH9cYUJnexJiIY5gQvJVkGMgIYRrCyL21C7do5ph5AKz TzBUaHR13d0K2lw0QsJFBgl+2LMTahNbatEMJ3WCgEcitHcDo32JzczQeerjhAOiokDP n3lQ== X-Gm-Message-State: AOAM532ST2adbS84HIB6hqGjyXLi5CnVqIC4QjgxpJuoX6VeFPEbJlky 3ImM5N/tj+/m2lS5/Bv8uIbg9eAboY8= X-Google-Smtp-Source: ABdhPJxoXTWzZVMweftDLitdPKPOGdpgPKUXrDV5iCTn/vXRFtseCfHLzWMVYbfED7fL7Pc1PfZydQ== X-Received: by 2002:a65:5ace:: with SMTP id d14mr16170961pgt.323.1602574135582; Tue, 13 Oct 2020 00:28:55 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id x29sm15309450pfp.152.2020.10.13.00.28.54 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:28:55 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 09/16] sctp: allow changing transport encap_port by peer packets Date: Tue, 13 Oct 2020 15:27:34 +0800 Message-Id: <732baa9aef67a1b0d0b4d69f47149b41a49bbd76.1602574012.git.lucien.xin@gmail.com> X-Mailer: git-send-email 2.1.0 In-Reply-To: <08854ecf72eee34d3e98e30def6940d94f97fdef.1602574012.git.lucien.xin@gmail.com> References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> <37e9f70ffb9dea1572025b8e1c4b1f1c6e6b3da5.1602574012.git.lucien.xin@gmail.com> <08854ecf72eee34d3e98e30def6940d94f97fdef.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org As rfc6951#section-5.4 says: "After finding the SCTP association (which includes checking the verification tag), the UDP source port MUST be stored as the encapsulation port for the destination address the SCTP packet is received from (see Section 5.1). When a non-encapsulated SCTP packet is received by the SCTP stack, the encapsulation of outgoing packets belonging to the same association and the corresponding destination address MUST be disabled." transport encap_port should be updated by a validated incoming packet's udp src port. We save the udp src port in sctp_input_cb->encap_port, and then update the transport in two places: 1. right after vtag is verified, which is required by RFC, and this allows the existent transports to be updated by the chunks that can only be processed on an asoc. 2. right before processing the 'init' where the transports are added, and this allows building a sctp over udp connection by client with the server not knowing the remote encap port. 3. when processing ootb_pkt and creating the temporary transport for the reply pkt. Note that sctp_input_cb->header is removed, as it's not used any more in sctp. v1->v2: - Change encap_port as __be16 for sctp_input_cb. Signed-off-by: Xin Long --- include/net/sctp/sm.h | 1 + include/net/sctp/structs.h | 7 +------ net/sctp/ipv6.c | 1 + net/sctp/protocol.c | 11 ++++++++++- net/sctp/sm_make_chunk.c | 1 + net/sctp/sm_statefuns.c | 2 ++ 6 files changed, 16 insertions(+), 7 deletions(-) diff --git a/include/net/sctp/sm.h b/include/net/sctp/sm.h index 5c491a3..a499341 100644 --- a/include/net/sctp/sm.h +++ b/include/net/sctp/sm.h @@ -380,6 +380,7 @@ sctp_vtag_verify(const struct sctp_chunk *chunk, if (ntohl(chunk->sctp_hdr->vtag) == asoc->c.my_vtag) return 1; + chunk->transport->encap_port = SCTP_INPUT_CB(chunk->skb)->encap_port; return 0; } diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h index aa98e7e..81464ae 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h @@ -1120,14 +1120,9 @@ static inline void sctp_outq_cork(struct sctp_outq *q) * sctp_input_cb is currently used on rx and sock rx queue */ struct sctp_input_cb { - union { - struct inet_skb_parm h4; -#if IS_ENABLED(CONFIG_IPV6) - struct inet6_skb_parm h6; -#endif - } header; struct sctp_chunk *chunk; struct sctp_af *af; + __be16 encap_port; }; #define SCTP_INPUT_CB(__skb) ((struct sctp_input_cb *)&((__skb)->cb[0])) diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index 8a58f42..a064bf2 100644 --- a/net/sctp/ipv6.c +++ b/net/sctp/ipv6.c @@ -1053,6 +1053,7 @@ static struct inet_protosw sctpv6_stream_protosw = { static int sctp6_rcv(struct sk_buff *skb) { + memset(skb->cb, 0, sizeof(skb->cb)); return sctp_rcv(skb) ? -1 : 0; } diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c index 5b74187..0d16e5e 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -843,6 +843,9 @@ static int sctp_ctl_sock_init(struct net *net) static int sctp_udp_rcv(struct sock *sk, struct sk_buff *skb) { + memset(skb->cb, 0, sizeof(skb->cb)); + SCTP_INPUT_CB(skb)->encap_port = udp_hdr(skb)->source; + skb_set_transport_header(skb, sizeof(struct udphdr)); sctp_rcv(skb); return 0; @@ -1139,9 +1142,15 @@ static struct inet_protosw sctp_stream_protosw = { .flags = SCTP_PROTOSW_FLAG }; +static int sctp4_rcv(struct sk_buff *skb) +{ + memset(skb->cb, 0, sizeof(skb->cb)); + return sctp_rcv(skb); +} + /* Register with IP layer. */ static const struct net_protocol sctp_protocol = { - .handler = sctp_rcv, + .handler = sctp4_rcv, .err_handler = sctp_v4_err, .no_policy = 1, .netns_ok = 1, diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c index 9a56ae2..21d0ff1 100644 --- a/net/sctp/sm_make_chunk.c +++ b/net/sctp/sm_make_chunk.c @@ -2321,6 +2321,7 @@ int sctp_process_init(struct sctp_association *asoc, struct sctp_chunk *chunk, * added as the primary transport. The source address seems to * be a better choice than any of the embedded addresses. */ + asoc->encap_port = SCTP_INPUT_CB(chunk->skb)->encap_port; if (!sctp_assoc_add_peer(asoc, peer_addr, gfp, SCTP_ACTIVE)) goto nomem; diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c index c669f8b..8edab15 100644 --- a/net/sctp/sm_statefuns.c +++ b/net/sctp/sm_statefuns.c @@ -6268,6 +6268,8 @@ static struct sctp_packet *sctp_ootb_pkt_new( if (!transport) goto nomem; + transport->encap_port = SCTP_INPUT_CB(chunk->skb)->encap_port; + /* Cache a route for the transport with the chunk's destination as * the source address. */ From patchwork Tue Oct 13 07:27:35 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 270040 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id EEB39C433E7 for ; Tue, 13 Oct 2020 07:29:06 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AB20720872 for ; Tue, 13 Oct 2020 07:29:06 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="QyQZXHpB" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390238AbgJMH3G (ORCPT ); Tue, 13 Oct 2020 03:29:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55578 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390054AbgJMH3F (ORCPT ); Tue, 13 Oct 2020 03:29:05 -0400 Received: from mail-pj1-x1036.google.com (mail-pj1-x1036.google.com [IPv6:2607:f8b0:4864:20::1036]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B5815C0613D0; Tue, 13 Oct 2020 00:29:04 -0700 (PDT) Received: by mail-pj1-x1036.google.com with SMTP id g16so167605pjv.3; Tue, 13 Oct 2020 00:29:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=c/V+vNDJrOspJRGxife48bCWIoOHzBRQJZlEDRIn4AA=; b=QyQZXHpBIf34iisy7I4EFjzoZ/q4d1K8oBQfHgknidG73CG52qSRjFQC0TCnOXebft R7KqD21Zm5M6fuq7RGNo64ZMdpxsCSR+VJ8FK9hCKPrjEoNeVMDsUcBdJfg+FWWkRrV+ GDpz9o3UOPAYYA3tBpr5lUoP+jojf9CDKHwzej+UnZuhn1gjRdKHhW9hW9e+Ms8DaWEG c7J6j1pw10cKXJdCljWjRK/OmfU8Y0k3FxkunnBcAUDXmB03Jb+s+QTMwKQnZywDsHvk iMhF10cmlO7rEWTHohIp/q444zYDK1K8EsFAXJxz2S95Kw7XfvLwxDF8gSTrRMEo8ex6 EAVw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=c/V+vNDJrOspJRGxife48bCWIoOHzBRQJZlEDRIn4AA=; b=raykKK+VeQExWfLhAyWz5llGRX/i/lKQM77gPn/6tYagQ5pfV19jWB+/6boQDGrzE2 62GSdv1JtYg7cPlP1Zlz/sD69VHs8JaZK0jhgs6rj0rZWXzVKTGKWFbUggd4hwVHDhnE spsBhcz7kqQdVFuJ9mHKCuh9oqvTr6tpwWXoQ9mye41Icc7aGtl5T+I/o5KC+xYVMIy0 rSqQI/eUZJpNPYQWfSPsH+7CvZKU0GMfDk9qzUGBX2/WrJvSBxsbVO6hgH3MR4Mi7kLs 3AiKLjPACdgOX5J2ac03nIpSrRTRUxMsV0HhD89SVIBspHKzAt3Dlvfkkk2U113vEojv w0Qw== X-Gm-Message-State: AOAM532NHkMgYBwj6R5oN566lxBVaKSJHjUriIU4qTWoiB0bAR8sQpA0 teNrxt94Y2ll9tujCmDJtdHF5hKYCKU= X-Google-Smtp-Source: ABdhPJzrwGq4VqGarxSvT4MlVDTkL6QunpUwQ7sxlEvExcaGNty32JBFUgmWZylLkLPv3ImdbHK4XA== X-Received: by 2002:a17:902:ec02:b029:d1:fc2b:fe95 with SMTP id l2-20020a170902ec02b02900d1fc2bfe95mr28008816pld.79.1602574143942; Tue, 13 Oct 2020 00:29:03 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id t17sm8769335pjs.39.2020.10.13.00.29.02 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:29:03 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 10/16] sctp: add udphdr to overhead when udp_port is set Date: Tue, 13 Oct 2020 15:27:35 +0800 Message-Id: <4885b112360b734e25714499346e6dc22246a87d.1602574012.git.lucien.xin@gmail.com> X-Mailer: git-send-email 2.1.0 In-Reply-To: <732baa9aef67a1b0d0b4d69f47149b41a49bbd76.1602574012.git.lucien.xin@gmail.com> References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> <37e9f70ffb9dea1572025b8e1c4b1f1c6e6b3da5.1602574012.git.lucien.xin@gmail.com> <08854ecf72eee34d3e98e30def6940d94f97fdef.1602574012.git.lucien.xin@gmail.com> <732baa9aef67a1b0d0b4d69f47149b41a49bbd76.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org sctp_mtu_payload() is for calculating the frag size before making chunks from a msg. So we should only add udphdr size to overhead when udp socks are listening, as only then sctp can handle the incoming sctp over udp packets and outgoing sctp over udp packets will be possible. Note that we can't do this according to transport->encap_port, as different transports may be set to different values, while the chunks were made before choosing the transport, we could not be able to meet all rfc6951#section-5.6 recommends. v1->v2: - Add udp_port for sctp_sock to avoid a potential race issue, it will be used in xmit path in the next patch. Signed-off-by: Xin Long --- include/net/sctp/sctp.h | 7 +++++-- include/net/sctp/structs.h | 1 + net/sctp/socket.c | 1 + 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h index bfd87a0..86f74f2 100644 --- a/include/net/sctp/sctp.h +++ b/include/net/sctp/sctp.h @@ -578,10 +578,13 @@ static inline __u32 sctp_mtu_payload(const struct sctp_sock *sp, { __u32 overhead = sizeof(struct sctphdr) + extra; - if (sp) + if (sp) { overhead += sp->pf->af->net_header_len; - else + if (sp->udp_port) + overhead += sizeof(struct udphdr); + } else { overhead += sizeof(struct ipv6hdr); + } if (WARN_ON_ONCE(mtu && mtu <= overhead)) mtu = overhead; diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h index 81464ae..80f7149 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h @@ -178,6 +178,7 @@ struct sctp_sock { */ __u32 hbinterval; + __be16 udp_port; __be16 encap_port; /* This is the max_retrans value for new associations. */ diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 26e464b..8e1dcfb 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -4928,6 +4928,7 @@ static int sctp_init_sock(struct sock *sk) * be modified via SCTP_PEER_ADDR_PARAMS */ sp->hbinterval = net->sctp.hb_interval; + sp->udp_port = htons(net->sctp.udp_port); sp->encap_port = htons(net->sctp.encap_port); sp->pathmaxrxt = net->sctp.max_retrans_path; sp->pf_retrans = net->sctp.pf_retrans; From patchwork Tue Oct 13 07:27:36 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 288508 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5B266C433E7 for ; Tue, 13 Oct 2020 07:29:15 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 20D8E20872 for ; Tue, 13 Oct 2020 07:29:15 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="uFm0nPRd" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390244AbgJMH3O (ORCPT ); Tue, 13 Oct 2020 03:29:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55602 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390040AbgJMH3N (ORCPT ); Tue, 13 Oct 2020 03:29:13 -0400 Received: from mail-pl1-x644.google.com (mail-pl1-x644.google.com [IPv6:2607:f8b0:4864:20::644]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 15E84C0613D0; Tue, 13 Oct 2020 00:29:13 -0700 (PDT) Received: by mail-pl1-x644.google.com with SMTP id w11so2462631pll.8; Tue, 13 Oct 2020 00:29:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=ccnTdRi301/TdXAApcTfL39DiVa+OmKFQ/8+9UDuAeU=; b=uFm0nPRdexEfeAeht+VaJhrfPzdGjqeuDyl8D61RPqeCrFkTjDYwF7Nd7cVmOwgqmx B1/+GSqy+xe/FTEUJFGd9MML+kXT+pcatMA+pVf5YPKNmvpU0ye+DOkyvntsdQPcD3KC kkgK4nGhtkiQ6FHdAYJqEK7M0V5eiQqBA1NHoeUf3cBmmjsXRvDVmTLUq4gjMI4Yb8uL gZAuL714Ys3yXk7LG/NOyu2sdUSJskTmJbU/8OQ8zVECLFhJkfXOfd42bfIfvrPD6+QH ehP4BW0Rm7/3qVh3JKeM8vUZ9y3Hpa+sCH6hwuhn6Ech1JCkw+1FF9dEAPHvZKhbhV3j B0VA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=ccnTdRi301/TdXAApcTfL39DiVa+OmKFQ/8+9UDuAeU=; b=QmZh8fKR8if1/MyIe9vLAPCDz2yd/dpx72HEtPfeanvc6T31REvtJZRsBkb6FyvIWv Hrg2Y398ugYMWJ1goK+SiWUIo2IlT/Fg9wkP4eTLO+4BX92fmxUp5P867cCcI8703I6x nVE7aCnTXsqsTcE3Z5ivxZFem99QQ8FLtCDqUI9rkcDa3S8m4WVXVTKl7aTBCga5aoJb 7Np3hnWGHYXPc+EhVjsi807ujayD1mr/9sqbKTXCq6BLI0Hsi7NXWlcj3Ll4lnWN0XKl Eq1yuGMNtDEf4S1n1CSVcaPYmx4ErKkVtgaQ+3s7pMv/I3xLcGckwklGqbVyvVnU9pne cuaA== X-Gm-Message-State: AOAM532BYhjcJmozv+3/AY4fRlsneXJZxA5xufai1p3KDnt3MoCdrw3e MMVsiSbwDr+s0+OqInROyWlNi4egbYw= X-Google-Smtp-Source: ABdhPJx7cSDwY/jkqvWdz4StqIYA311wcRU9xIMgr4xZxpbTpEiFkF2GUFFn2ngtrRcvpdBAu0+Xgw== X-Received: by 2002:a17:902:a5ca:b029:d3:7d11:2a80 with SMTP id t10-20020a170902a5cab02900d37d112a80mr26069707plq.58.1602574152358; Tue, 13 Oct 2020 00:29:12 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id g1sm22098759pfm.124.2020.10.13.00.29.11 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:29:11 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 11/16] sctp: call sk_setup_caps in sctp_packet_transmit instead Date: Tue, 13 Oct 2020 15:27:36 +0800 Message-Id: X-Mailer: git-send-email 2.1.0 In-Reply-To: <4885b112360b734e25714499346e6dc22246a87d.1602574012.git.lucien.xin@gmail.com> References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> <37e9f70ffb9dea1572025b8e1c4b1f1c6e6b3da5.1602574012.git.lucien.xin@gmail.com> <08854ecf72eee34d3e98e30def6940d94f97fdef.1602574012.git.lucien.xin@gmail.com> <732baa9aef67a1b0d0b4d69f47149b41a49bbd76.1602574012.git.lucien.xin@gmail.com> <4885b112360b734e25714499346e6dc22246a87d.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org sk_setup_caps() was originally called in Commit 90017accff61 ("sctp: Add GSO support"), as: "We have to refresh this in case we are xmiting to more than one transport at a time" This actually happens in the loop of sctp_outq_flush_transports(), and it shouldn't be tied to gso, so move it out of gso part and before sctp_packet_pack(). Signed-off-by: Xin Long --- net/sctp/output.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/net/sctp/output.c b/net/sctp/output.c index 1441eaf..fb16500 100644 --- a/net/sctp/output.c +++ b/net/sctp/output.c @@ -508,12 +508,6 @@ static int sctp_packet_pack(struct sctp_packet *packet, sizeof(struct inet6_skb_parm))); skb_shinfo(head)->gso_segs = pkt_count; skb_shinfo(head)->gso_size = GSO_BY_FRAGS; - rcu_read_lock(); - if (skb_dst(head) != tp->dst) { - dst_hold(tp->dst); - sk_setup_caps(sk, tp->dst); - } - rcu_read_unlock(); goto chksum; } @@ -593,6 +587,13 @@ int sctp_packet_transmit(struct sctp_packet *packet, gfp_t gfp) } skb_dst_set(head, dst); + rcu_read_lock(); + if (__sk_dst_get(sk) != tp->dst) { + dst_hold(tp->dst); + sk_setup_caps(sk, tp->dst); + } + rcu_read_unlock(); + /* pack up chunks */ pkt_count = sctp_packet_pack(packet, head, gso, gfp); if (!pkt_count) { From patchwork Tue Oct 13 07:27:37 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 270039 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 92E8BC433DF for ; Tue, 13 Oct 2020 07:29:22 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 55B0A208D5 for ; Tue, 13 Oct 2020 07:29:22 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="cFTcAUoz" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390260AbgJMH3W (ORCPT ); Tue, 13 Oct 2020 03:29:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55630 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390040AbgJMH3V (ORCPT ); Tue, 13 Oct 2020 03:29:21 -0400 Received: from mail-pf1-x434.google.com (mail-pf1-x434.google.com [IPv6:2607:f8b0:4864:20::434]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 942F3C0613D0; Tue, 13 Oct 2020 00:29:21 -0700 (PDT) Received: by mail-pf1-x434.google.com with SMTP id e10so16203925pfj.1; Tue, 13 Oct 2020 00:29:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=vxgUs2t02Y6T7ju2jCDcB1sbv2HoOE9Ilv7QfTc5UB0=; b=cFTcAUozYLI7Z+VWMW26GGAHbCGKgt9MQyfSZy5bCLDLRtiXlrbzL0ss9UfNV26UHR HvPsSMRCIKUwPEWDdWKmhbiefdi+oaz1dXf73fPICuQlfu38MJrbjhwPND3wL/KhobUB y51AWaFY3eeiV4rI1qMj9wpe5NEh0aekz3JRB5VImJw98aSK8PHlWd5Erje2tUSSx+y3 SeC0Cmatg3meqQtYlgSp9BpoPglsVjJG+BzWM7xJZzB+t/F2KEToxPo3D1Gjqol4o1LK 5LBq01/ABZpf2vF/TJ2ZoW/Fw8S5F0fwjjSFsQ7y6UpfyL0u9rT1D59N52T4gKdMgyqf ODig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=vxgUs2t02Y6T7ju2jCDcB1sbv2HoOE9Ilv7QfTc5UB0=; b=T3xu/0puo629kk5pXMBpopIhH3nY9g5kECGdfAXorpN17zDQHC7eZlr536cwBkHCL9 qOB3DqVOMzqZp6kgADIGNPPFKNM7zOhm4BdTsdari3NGvxsQ+golgkzgJmX2+xgSzQcA 5fvKZav/gc2eLEdd2aUOwE4Ka1q7K7NYDf9YwaAPbOeUHQ1fQioJMEAZoNOZ28YmZDt+ vKaP57Ok0MRwctZNlq8/3aP6gMFeBBTIM6hVThc2DX2P8lmBqXM/vkn0I26X+tie8MqS ICVG2f6kHeL0YiYD7nPmiT5kijWnIzgFnlDeZt+XV+mop+1HU2zxVSJZOKFTWX/X162h FaoA== X-Gm-Message-State: AOAM532xwrlLdrJ6BLIik+fI18cbId3bt37pmv+eaCMb5hEJXIeequQJ HV6PVOBIjKQw/VhHTjQJMbsTbVQuixI= X-Google-Smtp-Source: ABdhPJzw6KYgizsP2NaIDEfVwFDPQYpsvS4G/0W595JOfRPAbV50ZBJ5T0Pb/MGaKWOKRnCzGP0wqg== X-Received: by 2002:aa7:96ce:0:b029:155:8c02:e74a with SMTP id h14-20020aa796ce0000b02901558c02e74amr18389734pfq.32.1602574160756; Tue, 13 Oct 2020 00:29:20 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id y13sm21175630pfl.166.2020.10.13.00.29.19 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:29:20 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 12/16] sctp: support for sending packet over udp4 sock Date: Tue, 13 Oct 2020 15:27:37 +0800 Message-Id: <46f33eb9331b7e1e688a7f125201ad600ae83fbd.1602574012.git.lucien.xin@gmail.com> X-Mailer: git-send-email 2.1.0 In-Reply-To: References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> <37e9f70ffb9dea1572025b8e1c4b1f1c6e6b3da5.1602574012.git.lucien.xin@gmail.com> <08854ecf72eee34d3e98e30def6940d94f97fdef.1602574012.git.lucien.xin@gmail.com> <732baa9aef67a1b0d0b4d69f47149b41a49bbd76.1602574012.git.lucien.xin@gmail.com> <4885b112360b734e25714499346e6dc22246a87d.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This patch does what the rfc6951#section-5.3 says for ipv4: "Within the UDP header, the source port MUST be the local UDP encapsulation port number of the SCTP stack, and the destination port MUST be the remote UDP encapsulation port number maintained for the association and the destination address to which the packet is sent (see Section 5.1). Because the SCTP packet is the UDP payload, the length of the UDP packet MUST be the length of the SCTP packet plus the size of the UDP header. The SCTP checksum MUST be computed for IPv4 and IPv6, and the UDP checksum SHOULD be computed for IPv4 and IPv6." Some places need to be adjusted in sctp_packet_transmit(): 1. For non-gso packets, when transport's encap_port is set, sctp checksum has to be done in sctp_packet_pack(), as the outer udp will use ip_summed = CHECKSUM_PARTIAL to do the offload setting for checksum. 2. Delay calling dst_clone() and skb_dst_set() for non-udp packets until sctp_v4_xmit(), as for udp packets, skb_dst_set() is not needed before calling udp_tunnel_xmit_skb(). then in sctp_v4_xmit(): 1. Go to udp_tunnel_xmit_skb() only when transport->encap_port and net->sctp.udp_port both are set, as these are one for dst port and another for src port. 2. For gso packet, SKB_GSO_UDP_TUNNEL_CSUM is set for gso_type, and with this udp checksum can be done in __skb_udp_tunnel_segment() for each segments after the sctp gso. 3. inner_mac_header and inner_transport_header are set, as these will be needed in __skb_udp_tunnel_segment() to find the right headers. 4. df and ttl are calculated, as these are the required params by udp_tunnel_xmit_skb(). 5. nocheck param has to be false, as "the UDP checksum SHOULD be computed for IPv4 and IPv6", says in rfc6951#section-5.3. v1->v2: - Use sp->udp_port instead in sctp_v4_xmit(), which is more safe. Signed-off-by: Xin Long --- net/sctp/output.c | 9 +++------ net/sctp/protocol.c | 41 ++++++++++++++++++++++++++++++----------- 2 files changed, 33 insertions(+), 17 deletions(-) diff --git a/net/sctp/output.c b/net/sctp/output.c index fb16500..6614c9f 100644 --- a/net/sctp/output.c +++ b/net/sctp/output.c @@ -514,8 +514,8 @@ static int sctp_packet_pack(struct sctp_packet *packet, if (sctp_checksum_disable) return 1; - if (!(skb_dst(head)->dev->features & NETIF_F_SCTP_CRC) || - dst_xfrm(skb_dst(head)) || packet->ipfragok) { + if (!(tp->dst->dev->features & NETIF_F_SCTP_CRC) || + dst_xfrm(tp->dst) || packet->ipfragok || tp->encap_port) { struct sctphdr *sh = (struct sctphdr *)skb_transport_header(head); @@ -542,7 +542,6 @@ int sctp_packet_transmit(struct sctp_packet *packet, gfp_t gfp) struct sctp_association *asoc = tp->asoc; struct sctp_chunk *chunk, *tmp; int pkt_count, gso = 0; - struct dst_entry *dst; struct sk_buff *head; struct sctphdr *sh; struct sock *sk; @@ -579,13 +578,11 @@ int sctp_packet_transmit(struct sctp_packet *packet, gfp_t gfp) sh->checksum = 0; /* drop packet if no dst */ - dst = dst_clone(tp->dst); - if (!dst) { + if (!tp->dst) { IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTNOROUTES); kfree_skb(head); goto out; } - skb_dst_set(head, dst); rcu_read_lock(); if (__sk_dst_get(sk) != tp->dst) { diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c index 0d16e5e..be002b7 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -1059,25 +1059,44 @@ static int sctp_inet_supported_addrs(const struct sctp_sock *opt, } /* Wrapper routine that calls the ip transmit routine. */ -static inline int sctp_v4_xmit(struct sk_buff *skb, - struct sctp_transport *transport) +static inline int sctp_v4_xmit(struct sk_buff *skb, struct sctp_transport *t) { - struct inet_sock *inet = inet_sk(skb->sk); + struct dst_entry *dst = dst_clone(t->dst); + struct flowi4 *fl4 = &t->fl.u.ip4; + struct sock *sk = skb->sk; + struct inet_sock *inet = inet_sk(sk); __u8 dscp = inet->tos; + __be16 df = 0; pr_debug("%s: skb:%p, len:%d, src:%pI4, dst:%pI4\n", __func__, skb, - skb->len, &transport->fl.u.ip4.saddr, - &transport->fl.u.ip4.daddr); + skb->len, &fl4->saddr, &fl4->daddr); + + if (t->dscp & SCTP_DSCP_SET_MASK) + dscp = t->dscp & SCTP_DSCP_VAL_MASK; - if (transport->dscp & SCTP_DSCP_SET_MASK) - dscp = transport->dscp & SCTP_DSCP_VAL_MASK; + inet->pmtudisc = t->param_flags & SPP_PMTUD_ENABLE ? IP_PMTUDISC_DO + : IP_PMTUDISC_DONT; + SCTP_INC_STATS(sock_net(sk), SCTP_MIB_OUTSCTPPACKS); - inet->pmtudisc = transport->param_flags & SPP_PMTUD_ENABLE ? - IP_PMTUDISC_DO : IP_PMTUDISC_DONT; + if (!t->encap_port || !sctp_sk(sk)->udp_port) { + skb_dst_set(skb, dst); + return __ip_queue_xmit(sk, skb, &t->fl, dscp); + } + + if (skb_is_gso(skb)) + skb_shinfo(skb)->gso_type |= SKB_GSO_UDP_TUNNEL_CSUM; - SCTP_INC_STATS(sock_net(&inet->sk), SCTP_MIB_OUTSCTPPACKS); + if (ip_dont_fragment(sk, dst) && !skb->ignore_df) + df = htons(IP_DF); - return __ip_queue_xmit(&inet->sk, skb, &transport->fl, dscp); + skb->encapsulation = 1; + skb_reset_inner_mac_header(skb); + skb_reset_inner_transport_header(skb); + skb_set_inner_ipproto(skb, IPPROTO_SCTP); + udp_tunnel_xmit_skb((struct rtable *)dst, sk, skb, fl4->saddr, + fl4->daddr, dscp, ip4_dst_hoplimit(dst), df, + sctp_sk(sk)->udp_port, t->encap_port, false, false); + return 0; } static struct sctp_af sctp_af_inet; From patchwork Tue Oct 13 07:27:38 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 288507 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5479DC433E7 for ; Tue, 13 Oct 2020 07:29:32 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1D3F820878 for ; Tue, 13 Oct 2020 07:29:32 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="O97GTLRt" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390287AbgJMH3b (ORCPT ); Tue, 13 Oct 2020 03:29:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55654 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390040AbgJMH3b (ORCPT ); Tue, 13 Oct 2020 03:29:31 -0400 Received: from mail-pl1-x642.google.com (mail-pl1-x642.google.com [IPv6:2607:f8b0:4864:20::642]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D088CC0613D0; Tue, 13 Oct 2020 00:29:29 -0700 (PDT) Received: by mail-pl1-x642.google.com with SMTP id p11so10200569pld.5; Tue, 13 Oct 2020 00:29:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=zpcgNpTt1Eopd9QaDKGy8sWqns6Rwfi4+2UKE6Sn+wQ=; b=O97GTLRtn6UX8SRqec/Oq2uokgNhHd03+Z0nVj5R2covIwshJwhjQRMwDS87Os5XHw +qnAKZJo10pTh5tf/zy4LGdFSDNNetTGh7TX8r5kDQ6Y6agkOAgglveYUR3H3YEa6P7V AmwqOiLDt70xU6NImnT/j56TCUtyxfHyilDST/4YkOPwjD3IbhWsaRh1AWgQcgUPcaKZ hGvSaUVAJL5bjkSaZ92S366FDRVhume9kZ0sJNw/dWtflm5x0aMBVyHpvtxkjthhVb/K 6ZMpR97/5Q4ISUq0fsIKIg+MwaHnk5fWHMdQjJ/L41RDKhAmTeuoE9+wrahYT7brPs5K C5nA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=zpcgNpTt1Eopd9QaDKGy8sWqns6Rwfi4+2UKE6Sn+wQ=; b=SXHgIp+JitY0bvNwet4CJaPhxPdmchEUumre5HtqUHnKlElFtoYwwq62fF4An9sO7Z 5TCQOdz3MivYk1opgu+DhwLCYGlIx26CPd1klRKDHLSf9RbvMtB3Fr8F4OOmpG78b8do slXi6Q/A3unrvapQgfYlwshDxKaEtG2/9sDjwv7svDkw3Pf88jf8G3Pb2NQRurloDWDA 7q8Py0sM0Q8VNTJw3Jgyi1sS6vEJq0duaxhtbXSIjl5TrP+qNwzNvM+bpLmtWcSIh69x M7ZSy1FawEszZie0bIXAJrBNdMccMuXKTuw1P4pwk+OsQdpFQPZY+Go4Ew1UFiyfMWAE qdsQ== X-Gm-Message-State: AOAM531l6AQwioquQA9oLpPLv8LglkuOtE1fQODfhVI6S65HwUqGCyp1 dviVRFe6B+yl4gVNeA8B0YyRXBGecYI= X-Google-Smtp-Source: ABdhPJyk+JhvBLWAwHmlIfHz8QTnISCzVXUeHYCsqLOXuF7iyPwQhDVt7xfVgmi5zd5GWTD+nMQfFQ== X-Received: by 2002:a17:90a:a111:: with SMTP id s17mr24714455pjp.28.1602574169160; Tue, 13 Oct 2020 00:29:29 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id b3sm21762739pfd.66.2020.10.13.00.29.28 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:29:28 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 13/16] sctp: support for sending packet over udp6 sock Date: Tue, 13 Oct 2020 15:27:38 +0800 Message-Id: X-Mailer: git-send-email 2.1.0 In-Reply-To: <46f33eb9331b7e1e688a7f125201ad600ae83fbd.1602574012.git.lucien.xin@gmail.com> References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> <37e9f70ffb9dea1572025b8e1c4b1f1c6e6b3da5.1602574012.git.lucien.xin@gmail.com> <08854ecf72eee34d3e98e30def6940d94f97fdef.1602574012.git.lucien.xin@gmail.com> <732baa9aef67a1b0d0b4d69f47149b41a49bbd76.1602574012.git.lucien.xin@gmail.com> <4885b112360b734e25714499346e6dc22246a87d.1602574012.git.lucien.xin@gmail.com> <46f33eb9331b7e1e688a7f125201ad600ae83fbd.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This one basically does the similar things in sctp_v6_xmit as does for udp4 sock in the last patch, just note that: 1. label needs to be calculated, as it's the param of udp_tunnel6_xmit_skb(). 2. The 'nocheck' param of udp_tunnel6_xmit_skb() is false, as required by RFC. v1->v2: - Use sp->udp_port instead in sctp_v6_xmit(), which is more safe. Signed-off-by: Xin Long --- net/sctp/ipv6.c | 43 ++++++++++++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 11 deletions(-) diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index a064bf2..814754d 100644 --- a/net/sctp/ipv6.c +++ b/net/sctp/ipv6.c @@ -55,6 +55,7 @@ #include #include #include +#include #include @@ -191,33 +192,53 @@ static int sctp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, return ret; } -static int sctp_v6_xmit(struct sk_buff *skb, struct sctp_transport *transport) +static int sctp_v6_xmit(struct sk_buff *skb, struct sctp_transport *t) { + struct dst_entry *dst = dst_clone(t->dst); + struct flowi6 *fl6 = &t->fl.u.ip6; struct sock *sk = skb->sk; struct ipv6_pinfo *np = inet6_sk(sk); - struct flowi6 *fl6 = &transport->fl.u.ip6; __u8 tclass = np->tclass; - int res; + __be32 label; pr_debug("%s: skb:%p, len:%d, src:%pI6 dst:%pI6\n", __func__, skb, skb->len, &fl6->saddr, &fl6->daddr); - if (transport->dscp & SCTP_DSCP_SET_MASK) - tclass = transport->dscp & SCTP_DSCP_VAL_MASK; + if (t->dscp & SCTP_DSCP_SET_MASK) + tclass = t->dscp & SCTP_DSCP_VAL_MASK; if (INET_ECN_is_capable(tclass)) IP6_ECN_flow_xmit(sk, fl6->flowlabel); - if (!(transport->param_flags & SPP_PMTUD_ENABLE)) + if (!(t->param_flags & SPP_PMTUD_ENABLE)) skb->ignore_df = 1; SCTP_INC_STATS(sock_net(sk), SCTP_MIB_OUTSCTPPACKS); - rcu_read_lock(); - res = ip6_xmit(sk, skb, fl6, sk->sk_mark, rcu_dereference(np->opt), - tclass, sk->sk_priority); - rcu_read_unlock(); - return res; + if (!t->encap_port || !sctp_sk(sk)->udp_port) { + int res; + + skb_dst_set(skb, dst); + rcu_read_lock(); + res = ip6_xmit(sk, skb, fl6, sk->sk_mark, + rcu_dereference(np->opt), + tclass, sk->sk_priority); + rcu_read_unlock(); + return res; + } + + if (skb_is_gso(skb)) + skb_shinfo(skb)->gso_type |= SKB_GSO_UDP_TUNNEL_CSUM; + + skb->encapsulation = 1; + skb_reset_inner_mac_header(skb); + skb_reset_inner_transport_header(skb); + skb_set_inner_ipproto(skb, IPPROTO_SCTP); + label = ip6_make_flowlabel(sock_net(sk), skb, fl6->flowlabel, true, fl6); + + return udp_tunnel6_xmit_skb(dst, sk, skb, NULL, &fl6->saddr, + &fl6->daddr, tclass, ip6_dst_hoplimit(dst), + label, sctp_sk(sk)->udp_port, t->encap_port, false); } /* Returns the dst cache entry for the given source and destination ip From patchwork Tue Oct 13 07:27:39 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 270038 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9DCAEC433DF for ; Tue, 13 Oct 2020 07:29:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5809720878 for ; Tue, 13 Oct 2020 07:29:36 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="J7h6Z6Bn" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390303AbgJMH3g (ORCPT ); Tue, 13 Oct 2020 03:29:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55666 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390040AbgJMH3d (ORCPT ); Tue, 13 Oct 2020 03:29:33 -0400 Received: from mail-pg1-x541.google.com (mail-pg1-x541.google.com [IPv6:2607:f8b0:4864:20::541]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4059CC0613D0; Tue, 13 Oct 2020 00:29:33 -0700 (PDT) Received: by mail-pg1-x541.google.com with SMTP id g29so17004201pgl.2; Tue, 13 Oct 2020 00:29:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=wT/TsOhKuL5HL67D4xz7aT44ptac/zTxHCX64c9ov/Y=; b=J7h6Z6BnCda6JKtR/eMmAr7EO4y+y+t2w+xV5CiQOPYvV0qpBkQ1EB0OK3PdmirQ2Y 2sKQO3kk2SoE4m1IFFBPNztsztsXvHzIVZwZ7XcjSQleOeUMp638Q79j6wIBNvvMJamJ rix9wlclN0FsUn4MOlMZqHDgmcmQQ0gtGK/1eGgx+9SQrLlHuS1lgsdtThDNOM1HDHoj SK96j9FT6IxZqQEhdrLJ9mxfhQb/b/HekxWUq6EyOrLvSjV+EA3rbrspHbn4mlvJiADA N5zgJUgrZhaTqtUAusdl1bFsqErSIPFhuoNOFejLw4gY3yseKP7dGmVnrOnggBC9gg2B bxCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=wT/TsOhKuL5HL67D4xz7aT44ptac/zTxHCX64c9ov/Y=; b=dTjfClYPsv9jitWOE/IHL4uhMolgCbMUdl6zYtB8zLQYgp+yaZCcc2O4qODbLi3X20 17IShZuh3h/9AYwZB7zYbrd7qUAb5zzezYFDw77f1r0uPFP/Hhj9rFIXH6HCJt81Rj97 0zt4+fiqBz6kQhsusAKk/ntPA/s19r9joZLEo7cJ5hXpqbkeETE3XCJJ9Sy4AyGx3Jnh Ygh7BjPz6FUYC2wfm3UXnllD41T31Ev3mOQFzrdQBp1MH1n9NhHDpcqPrctuqTDK5Vq+ w21FX7/khw672+2VW4Dr3eOTsMYpUFfKE77m8Y9707qpSXriAzqK4EU2vMRyv8HRaw3l wdZA== X-Gm-Message-State: AOAM532qihio75iZrrR4VmUjGnB7ZO3hUGmMDDNY36rB7q19lSfDSR3+ 8Q/hZj/K6zd3lqBgs+bSvvUEO33sDSo= X-Google-Smtp-Source: ABdhPJyb4XwwPpIy6qgE+DQU4Nrw9gf01IzDu/KuGOzeKhCFrem/vzdNqY2Ou4i1Iqae0SCoN5IMUw== X-Received: by 2002:a63:f015:: with SMTP id k21mr16286383pgh.422.1602574172511; Tue, 13 Oct 2020 00:29:32 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id cv15sm1082796pjb.20.2020.10.13.00.29.31 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:29:31 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 14/16] sctp: add the error cause for new encapsulation port restart Date: Tue, 13 Oct 2020 15:27:39 +0800 Message-Id: X-Mailer: git-send-email 2.1.0 In-Reply-To: References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> <37e9f70ffb9dea1572025b8e1c4b1f1c6e6b3da5.1602574012.git.lucien.xin@gmail.com> <08854ecf72eee34d3e98e30def6940d94f97fdef.1602574012.git.lucien.xin@gmail.com> <732baa9aef67a1b0d0b4d69f47149b41a49bbd76.1602574012.git.lucien.xin@gmail.com> <4885b112360b734e25714499346e6dc22246a87d.1602574012.git.lucien.xin@gmail.com> <46f33eb9331b7e1e688a7f125201ad600ae83fbd.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This patch is to add the function to make the abort chunk with the error cause for new encapsulation port restart, defined on Section 4.4 in draft-tuexen-tsvwg-sctp-udp-encaps-cons-03. v1->v2: - no change. v2->v3: - no need to call htons() when setting nep.cur_port/new_port. Signed-off-by: Xin Long --- include/linux/sctp.h | 20 ++++++++++++++++++++ include/net/sctp/sm.h | 3 +++ net/sctp/sm_make_chunk.c | 20 ++++++++++++++++++++ 3 files changed, 43 insertions(+) diff --git a/include/linux/sctp.h b/include/linux/sctp.h index 7673123..bb19265 100644 --- a/include/linux/sctp.h +++ b/include/linux/sctp.h @@ -482,11 +482,13 @@ enum sctp_error { * 11 Restart of an association with new addresses * 12 User Initiated Abort * 13 Protocol Violation + * 14 Restart of an Association with New Encapsulation Port */ SCTP_ERROR_RESTART = cpu_to_be16(0x0b), SCTP_ERROR_USER_ABORT = cpu_to_be16(0x0c), SCTP_ERROR_PROTO_VIOLATION = cpu_to_be16(0x0d), + SCTP_ERROR_NEW_ENCAP_PORT = cpu_to_be16(0x0e), /* ADDIP Section 3.3 New Error Causes * @@ -793,4 +795,22 @@ enum { SCTP_FLOWLABEL_VAL_MASK = 0xfffff }; +/* UDP Encapsulation + * draft-tuexen-tsvwg-sctp-udp-encaps-cons-03.html#section-4-4 + * + * The error cause indicating an "Restart of an Association with + * New Encapsulation Port" + * + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Cause Code = 14 | Cause Length = 8 | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Current Encapsulation Port | New Encapsulation Port | + * +-------------------------------+-------------------------------+ + */ +struct sctp_new_encap_port_hdr { + __be16 cur_port; + __be16 new_port; +}; + #endif /* __LINUX_SCTP_H__ */ diff --git a/include/net/sctp/sm.h b/include/net/sctp/sm.h index a499341..fd223c9 100644 --- a/include/net/sctp/sm.h +++ b/include/net/sctp/sm.h @@ -221,6 +221,9 @@ struct sctp_chunk *sctp_make_violation_paramlen( struct sctp_chunk *sctp_make_violation_max_retrans( const struct sctp_association *asoc, const struct sctp_chunk *chunk); +struct sctp_chunk *sctp_make_new_encap_port( + const struct sctp_association *asoc, + const struct sctp_chunk *chunk); struct sctp_chunk *sctp_make_heartbeat(const struct sctp_association *asoc, const struct sctp_transport *transport); struct sctp_chunk *sctp_make_heartbeat_ack(const struct sctp_association *asoc, diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c index 21d0ff1..f77484d 100644 --- a/net/sctp/sm_make_chunk.c +++ b/net/sctp/sm_make_chunk.c @@ -1142,6 +1142,26 @@ struct sctp_chunk *sctp_make_violation_max_retrans( return retval; } +struct sctp_chunk *sctp_make_new_encap_port(const struct sctp_association *asoc, + const struct sctp_chunk *chunk) +{ + struct sctp_new_encap_port_hdr nep; + struct sctp_chunk *retval; + + retval = sctp_make_abort(asoc, chunk, + sizeof(struct sctp_errhdr) + sizeof(nep)); + if (!retval) + goto nodata; + + sctp_init_cause(retval, SCTP_ERROR_NEW_ENCAP_PORT, sizeof(nep)); + nep.cur_port = SCTP_INPUT_CB(chunk->skb)->encap_port; + nep.new_port = chunk->transport->encap_port; + sctp_addto_chunk(retval, sizeof(nep), &nep); + +nodata: + return retval; +} + /* Make a HEARTBEAT chunk. */ struct sctp_chunk *sctp_make_heartbeat(const struct sctp_association *asoc, const struct sctp_transport *transport) From patchwork Tue Oct 13 07:27:40 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 288506 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E356BC433E7 for ; Tue, 13 Oct 2020 07:29:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A8C6520872 for ; Tue, 13 Oct 2020 07:29:42 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="FFYloyTf" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390313AbgJMH3m (ORCPT ); Tue, 13 Oct 2020 03:29:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55692 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390145AbgJMH3l (ORCPT ); Tue, 13 Oct 2020 03:29:41 -0400 Received: from mail-pj1-x1043.google.com (mail-pj1-x1043.google.com [IPv6:2607:f8b0:4864:20::1043]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 93B51C0613D0; Tue, 13 Oct 2020 00:29:41 -0700 (PDT) Received: by mail-pj1-x1043.google.com with SMTP id a17so1615405pju.1; Tue, 13 Oct 2020 00:29:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=p4SMhWw/GkelBn53iaflgFeeujBM4zh1mzJ+1B9emc0=; b=FFYloyTfJeEXEanWK8kIpdVWRJSnZFph49CEzVuE8TU2GIlbvt3c5E+/jO/FLhlFgF J1fK58d1NLwS63BT71inAsekQFgHj3LhJp75yPn5Wsn3VLRZfrlKCgHOJ4KzMvFg1fCz tH+xzlgIOa4XkK9YXO1rsyIBd5A3tZI2fl+lAYrg5yWRQi3MdExTrS04fVig3Y7DHjEr LZhnK0G3VGjdLFPQwmL+PLNuAcRBZQz5uwmnAi11WD3G0YTeLz0wNM3fvcB//iCF7XD8 6FLGEYMONN0epyVUtHpZCALDffxpOgKAZZ1cw/+t6lXG6ki+//kCnZkfarisD4gDg89v MDwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=p4SMhWw/GkelBn53iaflgFeeujBM4zh1mzJ+1B9emc0=; b=Qr++fMe0iqvOsKWI389pEw6GgJRRyVwlSQfH+yO78RSwpB2xdXZTu+jnucen9Edqdi OZt4+FE3S0n5uuavFNidKFF42hY67vTt/kl+5XXPQpzi4AKyDh+E2EYfaNo+EYbB4w74 OLJHv3ZFADocvmYYqik8NYLKAVN1qgFVDILG5VK3LeybjGbXsJs5HqTBIXvRk5S6C5eb 8kvm7y2liVdWHQ+L7NOOKHZsosxowWXVTTQ1vt3cczhS08WCyp/YEVCy4opl/1bUtkwc RUPROIoRTaTqUW48n3S86VdGg4qeundV5IxmuXyP19sUNrX9q9K2vmdDJNj0nHp3U0d1 yNKg== X-Gm-Message-State: AOAM530ofsTyDXqXaMjfJYWuhhlYiahXWvTxhQmEcvcQyN5ankPJurJs k51p30bX5K6t4q3PtkTONVPtHId3+wM= X-Google-Smtp-Source: ABdhPJzWRfLJhFltIL39Elf8xJcZhSyQDpZvTQe5ad/+mK8Z84pwmwgs2fIvLaZYVU86Tz8IXZnsxw== X-Received: by 2002:a17:90a:7c44:: with SMTP id e4mr22944797pjl.167.1602574180891; Tue, 13 Oct 2020 00:29:40 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id x22sm21995628pfp.181.2020.10.13.00.29.39 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:29:40 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 15/16] sctp: handle the init chunk matching an existing asoc Date: Tue, 13 Oct 2020 15:27:40 +0800 Message-Id: <59d083919cccb32dad7aec119d00c5300b0c2800.1602574012.git.lucien.xin@gmail.com> X-Mailer: git-send-email 2.1.0 In-Reply-To: References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> <37e9f70ffb9dea1572025b8e1c4b1f1c6e6b3da5.1602574012.git.lucien.xin@gmail.com> <08854ecf72eee34d3e98e30def6940d94f97fdef.1602574012.git.lucien.xin@gmail.com> <732baa9aef67a1b0d0b4d69f47149b41a49bbd76.1602574012.git.lucien.xin@gmail.com> <4885b112360b734e25714499346e6dc22246a87d.1602574012.git.lucien.xin@gmail.com> <46f33eb9331b7e1e688a7f125201ad600ae83fbd.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This is from Section 4 of draft-tuexen-tsvwg-sctp-udp-encaps-cons-03, and it requires responding with an abort chunk with an error cause when the udp source port of the received init chunk doesn't match the encap port of the transport. Signed-off-by: Xin Long --- net/sctp/sm_statefuns.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c index 8edab15..244a5d8 100644 --- a/net/sctp/sm_statefuns.c +++ b/net/sctp/sm_statefuns.c @@ -87,6 +87,13 @@ static enum sctp_disposition sctp_sf_tabort_8_4_8( const union sctp_subtype type, void *arg, struct sctp_cmd_seq *commands); +static enum sctp_disposition sctp_sf_new_encap_port( + struct net *net, + const struct sctp_endpoint *ep, + const struct sctp_association *asoc, + const union sctp_subtype type, + void *arg, + struct sctp_cmd_seq *commands); static struct sctp_sackhdr *sctp_sm_pull_sack(struct sctp_chunk *chunk); static enum sctp_disposition sctp_stop_t1_and_abort( @@ -1493,6 +1500,10 @@ static enum sctp_disposition sctp_sf_do_unexpected_init( if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) return sctp_sf_violation_chunklen(net, ep, asoc, type, arg, commands); + + if (SCTP_INPUT_CB(chunk->skb)->encap_port != chunk->transport->encap_port) + return sctp_sf_new_encap_port(net, ep, asoc, type, arg, commands); + /* Grab the INIT header. */ chunk->subh.init_hdr = (struct sctp_inithdr *)chunk->skb->data; @@ -3392,6 +3403,45 @@ static enum sctp_disposition sctp_sf_tabort_8_4_8( sctp_packet_append_chunk(packet, abort); + sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT, SCTP_PACKET(packet)); + + SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS); + + sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + return SCTP_DISPOSITION_CONSUME; +} + +/* Handling of SCTP Packets Containing an INIT Chunk Matching an + * Existing Associations when the udp encap port is incorrect. + * + * From Section 4 at draft-tuexen-tsvwg-sctp-udp-encaps-cons-03. + */ +static enum sctp_disposition sctp_sf_new_encap_port( + struct net *net, + const struct sctp_endpoint *ep, + const struct sctp_association *asoc, + const union sctp_subtype type, + void *arg, + struct sctp_cmd_seq *commands) +{ + struct sctp_packet *packet = NULL; + struct sctp_chunk *chunk = arg; + struct sctp_chunk *abort; + + packet = sctp_ootb_pkt_new(net, asoc, chunk); + if (!packet) + return SCTP_DISPOSITION_NOMEM; + + abort = sctp_make_new_encap_port(asoc, chunk); + if (!abort) { + sctp_ootb_pkt_free(packet); + return SCTP_DISPOSITION_NOMEM; + } + + abort->skb->sk = ep->base.sk; + + sctp_packet_append_chunk(packet, abort); + sctp_add_cmd_sf(commands, SCTP_CMD_SEND_PKT, SCTP_PACKET(packet)); From patchwork Tue Oct 13 07:27:41 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xin Long X-Patchwork-Id: 270037 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 19165C433E7 for ; Tue, 13 Oct 2020 07:29:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id BD67820872 for ; Tue, 13 Oct 2020 07:29:51 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="UolpU46t" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390340AbgJMH3v (ORCPT ); Tue, 13 Oct 2020 03:29:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55716 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390145AbgJMH3u (ORCPT ); Tue, 13 Oct 2020 03:29:50 -0400 Received: from mail-pl1-x642.google.com (mail-pl1-x642.google.com [IPv6:2607:f8b0:4864:20::642]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 933AFC0613D0; Tue, 13 Oct 2020 00:29:50 -0700 (PDT) Received: by mail-pl1-x642.google.com with SMTP id t18so10205331plo.1; Tue, 13 Oct 2020 00:29:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=M+hPPlgTv2YdBHtRGeycL5jpqPJPwGINWtjJsu2TNcc=; b=UolpU46tg6AHwTYwut+u5m6Z2I4Ts2n43AywtTrizrLh74mWZVEnbatBSbfkIPPEL1 icinaYTpN+DIFZnarHD2AOBQ/1ZYb/XacaWKfjXilItaJgU2ORsUQYuz6eMav2EhIxd9 q9xdcFENtIcvMtm4lH6HoLyPSjDUQUcImn5WpjFJJXapvZKuaoBbvDZoWV7quNDr3ZwD dRD8baz1yMlKNr9Vw7Ftu7mdBphxLJ0I5wHPjo4vEIV6GozziM/tPFiVK180xDAywdXv v53RPow1ktFsuhVPqcmDRYFcPwYXuqZZzNnOrA6IVehUnlEDUun/v/7XJ2gVmWT1OKxl jZFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=M+hPPlgTv2YdBHtRGeycL5jpqPJPwGINWtjJsu2TNcc=; b=UgGUH4fAM+lAKJuU0MSL1CKNNMc4W2zr3Dy9hM20FXvSh0xof+dTQawV3oZv3bYwHP L2b4XxgaWV0GEG8rtAEPgiaTuM6UjaZ8W2DRxXnJ5KiOibgb1r7BQO4bif7kMh1J2szw K54m3eEMDEEWpVmLwJMrXfhwJj/FnUt86Os/UfM1p+ln75reWyOk/JDafF5FRgL8+kOv XYyL+psvpPk2WojNDxABBHTpTudnRhEXMa5uAAQub6buxqzRXa9O08dPwpe62zoC74Ee TdNrOZbKZDWCg9gHd0EB3Qe44m7U2FMpHNaj7CwqQtD3LOK2/SQc3F9Vgrl1zL9nTRC1 uxMw== X-Gm-Message-State: AOAM531sh/MIHbp9U288J+0n//DfG9CW4HOvAkq4hBTNRHMUmer9RtO8 Jh48M4rrrYaeq+KRXuba748nutYNNGg= X-Google-Smtp-Source: ABdhPJzyeWcToTujcfD73qaqE+kkkvJfRo4uVxpfwnQIsXQV3ozCXXOzo/sRPviDTzz7o+7Evu43gQ== X-Received: by 2002:a17:90b:e92:: with SMTP id fv18mr24945941pjb.42.1602574189400; Tue, 13 Oct 2020 00:29:49 -0700 (PDT) Received: from localhost ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id g9sm21098081pgm.79.2020.10.13.00.29.48 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 00:29:48 -0700 (PDT) From: Xin Long To: network dev , linux-sctp@vger.kernel.org Cc: Marcelo Ricardo Leitner , Neil Horman , Michael Tuexen , davem@davemloft.net, gnault@redhat.com, pabeni@redhat.com, willemdebruijn.kernel@gmail.com Subject: [PATCHv3 net-next 16/16] sctp: enable udp tunneling socks Date: Tue, 13 Oct 2020 15:27:41 +0800 Message-Id: X-Mailer: git-send-email 2.1.0 In-Reply-To: <59d083919cccb32dad7aec119d00c5300b0c2800.1602574012.git.lucien.xin@gmail.com> References: <7159fb58f44f9ff00ca5b3b8a26ee3aa2fd1bf8a.1602574012.git.lucien.xin@gmail.com> <37e9f70ffb9dea1572025b8e1c4b1f1c6e6b3da5.1602574012.git.lucien.xin@gmail.com> <08854ecf72eee34d3e98e30def6940d94f97fdef.1602574012.git.lucien.xin@gmail.com> <732baa9aef67a1b0d0b4d69f47149b41a49bbd76.1602574012.git.lucien.xin@gmail.com> <4885b112360b734e25714499346e6dc22246a87d.1602574012.git.lucien.xin@gmail.com> <46f33eb9331b7e1e688a7f125201ad600ae83fbd.1602574012.git.lucien.xin@gmail.com> <59d083919cccb32dad7aec119d00c5300b0c2800.1602574012.git.lucien.xin@gmail.com> In-Reply-To: References: Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This patch is to enable udp tunneling socks by calling sctp_udp_sock_start() in sctp_ctrlsock_init(), and sctp_udp_sock_stop() in sctp_ctrlsock_exit(). Also add sysctl udp_port to allow changing the listening sock's port by users. Wit this patch, the whole sctp over udp feature can be enabled and used. v1->v2: - Also update ctl_sock udp_port in proc_sctp_do_udp_port() where netns udp_port gets changed. v2->v3: - call htons() when setting sk udp_port from netns udp_port. Signed-off-by: Xin Long --- net/sctp/protocol.c | 5 +++++ net/sctp/sysctl.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c index be002b7..79fb4b5 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -1469,6 +1469,10 @@ static int __net_init sctp_ctrlsock_init(struct net *net) if (status) pr_err("Failed to initialize the SCTP control sock\n"); + status = sctp_udp_sock_start(net); + if (status) + pr_err("Failed to initialize the SCTP udp tunneling sock\n"); + return status; } @@ -1476,6 +1480,7 @@ static void __net_exit sctp_ctrlsock_exit(struct net *net) { /* Free the control endpoint. */ inet_ctl_sock_destroy(net->sctp.ctl_sock); + sctp_udp_sock_stop(net); } static struct pernet_operations sctp_ctrlsock_ops = { diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c index ecc1b5e..4395659 100644 --- a/net/sctp/sysctl.c +++ b/net/sctp/sysctl.c @@ -49,6 +49,8 @@ static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); +static int proc_sctp_do_udp_port(struct ctl_table *ctl, int write, void *buffer, + size_t *lenp, loff_t *ppos); static int proc_sctp_do_alpha_beta(struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); static int proc_sctp_do_auth(struct ctl_table *ctl, int write, @@ -292,6 +294,15 @@ static struct ctl_table sctp_net_table[] = { .proc_handler = proc_dointvec, }, { + .procname = "udp_port", + .data = &init_net.sctp.udp_port, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = proc_sctp_do_udp_port, + .extra1 = SYSCTL_ZERO, + .extra2 = &udp_port_max, + }, + { .procname = "encap_port", .data = &init_net.sctp.encap_port, .maxlen = sizeof(int), @@ -487,6 +498,45 @@ static int proc_sctp_do_auth(struct ctl_table *ctl, int write, return ret; } +static int proc_sctp_do_udp_port(struct ctl_table *ctl, int write, + void *buffer, size_t *lenp, loff_t *ppos) +{ + struct net *net = current->nsproxy->net_ns; + unsigned int min = *(unsigned int *)ctl->extra1; + unsigned int max = *(unsigned int *)ctl->extra2; + struct ctl_table tbl; + int ret, new_value; + + memset(&tbl, 0, sizeof(struct ctl_table)); + tbl.maxlen = sizeof(unsigned int); + + if (write) + tbl.data = &new_value; + else + tbl.data = &net->sctp.udp_port; + + ret = proc_dointvec(&tbl, write, buffer, lenp, ppos); + if (write && ret == 0) { + struct sock *sk = net->sctp.ctl_sock; + + if (new_value > max || new_value < min) + return -EINVAL; + + net->sctp.udp_port = new_value; + sctp_udp_sock_stop(net); + ret = sctp_udp_sock_start(net); + if (ret) + net->sctp.udp_port = 0; + + /* Update the value in the control socket */ + lock_sock(sk); + sctp_sk(sk)->udp_port = htons(net->sctp.udp_port); + release_sock(sk); + } + + return ret; +} + int sctp_sysctl_net_register(struct net *net) { struct ctl_table *table;