1. 07 Aug, 2017 1 commit
  2. 13 Mar, 2017 1 commit
  3. 10 Jan, 2016 1 commit
  4. 16 Dec, 2015 1 commit
  5. 25 Mar, 2015 1 commit
  6. 03 Jul, 2014 1 commit
  7. 20 Jun, 2014 1 commit
  8. 19 Jun, 2014 1 commit
    • Daniel Borkmann's avatar
      net: sctp: propagate sysctl errors from proc_do* properly · ff5e92c1
      Daniel Borkmann authored
      sysctl handler proc_sctp_do_hmac_alg(), proc_sctp_do_rto_min() and
      proc_sctp_do_rto_max() do not properly reflect some error cases
      when writing values via sysctl from internal proc functions such
      as proc_dointvec() and proc_dostring().
      
      In all these cases we pass the test for write != 0 and partially
      do additional work just to notice that additional sanity checks
      fail and we return with hard-coded -EINVAL while proc_do*
      functions might also return different errors. So fix this up by
      simply testing a successful return of proc_do* right after
      calling it.
      
      This also allows to propagate its return value onwards to the user.
      While touching this, also fix up some minor style issues.
      
      Fixes: 4f3fdf3b ("sctp: add check rto_min and rto_max in sysctl")
      Fixes: 3c68198e ("sctp: Make hmac algorithm selection for cookie generation dynamic")
      Signed-off-by: default avatarDaniel Borkmann <dborkman@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ff5e92c1
  9. 15 Jun, 2014 1 commit
    • Daniel Borkmann's avatar
      net: sctp: fix permissions for rto_alpha and rto_beta knobs · b58537a1
      Daniel Borkmann authored
      Commit 3fd091e7 ("[SCTP]: Remove multiple levels of msecs
      to jiffies conversions.") has silently changed permissions for
      rto_alpha and rto_beta knobs from 0644 to 0444. The purpose of
      this was to discourage users from tweaking rto_alpha and
      rto_beta knobs in production environments since they are key
      to correctly compute rtt/srtt.
      
      RFC4960 under section 6.3.1. RTO Calculation says regarding
      rto_alpha and rto_beta under rule C3 and C4:
      
        [...]
        C3)  When a new RTT measurement R' is made, set
      
             RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'|
      
             and
      
             SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R'
      
             Note: The value of SRTT used in the update to RTTVAR
             is its value before updating SRTT itself using the
             second assignment. After the computation, update
             RTO <- SRTT + 4 * RTTVAR.
      
        C4)  When data is in flight and when allowed by rule C5
             below, a new RTT measurement MUST be made each round
             trip. Furthermore, new RTT measurements SHOULD be
             made no more than once per round trip for a given
             destination transport address. There are two reasons
             for this recommendation: First, it appears that
             measuring more frequently often does not in practice
             yield any significant benefit [ALLMAN99]; second,
             if measurements are made more often, then the values
             of RTO.Alpha and RTO.Beta in rule C3 above should be
             adjusted so that SRTT and RTTVAR still adjust to
             changes at roughly the same rate (in terms of how many
             round trips it takes them to reflect new values) as
             they would if making only one measurement per
             round-trip and using RTO.Alpha and RTO.Beta as given
             in rule C3. However, the exact nature of these
             adjustments remains a research issue.
        [...]
      
      While it is discouraged to adjust rto_alpha and rto_beta
      and not further specified how to adjust them, the RFC also
      doesn't explicitly forbid it, but rather gives a RECOMMENDED
      default value (rto_alpha=3, rto_beta=2). We have a couple
      of users relying on the old permissions before they got
      changed. That said, if someone really has the urge to adjust
      them, we could allow it with a warning in the log.
      
      Fixes: 3fd091e7 ("[SCTP]: Remove multiple levels of msecs to jiffies conversions.")
      Signed-off-by: default avatarDaniel Borkmann <dborkman@redhat.com>
      Cc: Vlad Yasevich <vyasevich@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b58537a1
  10. 09 May, 2014 2 commits
    • wangweidong's avatar
      sctp: add a checking for sctp_sysctl_net_register · f66138c8
      wangweidong authored
      When register_net_sysctl failed, we should free the
      sysctl_table.
      Signed-off-by: default avatarWang Weidong <wangweidong1@huawei.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f66138c8
    • wangweidong's avatar
      Revert "sctp: optimize the sctp_sysctl_net_register" · eb9f3705
      wangweidong authored
      This revert commit efb842c4("sctp: optimize the sctp_sysctl_net_register"),
      Since it doesn't kmemdup a sysctl_table for init_net, so the
      init_net->sctp.sysctl_header->ctl_table_arg points to sctp_net_table
      which is a static array pointer. So when doing sctp_sysctl_net_unregister,
      it will free sctp_net_table, then we will get a NULL pointer dereference
      like that:
      
      [  262.948220] BUG: unable to handle kernel NULL pointer dereference at 000000000000006c
      [  262.948232] IP: [<ffffffff81144b70>] kfree+0x80/0x420
      [  262.948260] PGD db80a067 PUD dae12067 PMD 0
      [  262.948268] Oops: 0000 [#1] SMP
      [  262.948273] Modules linked in: sctp(-) crc32c_generic libcrc32c
      ...
      [  262.948338] task: ffff8800db830190 ti: ffff8800dad00000 task.ti: ffff8800dad00000
      [  262.948344] RIP: 0010:[<ffffffff81144b70>]  [<ffffffff81144b70>] kfree+0x80/0x420
      [  262.948353] RSP: 0018:ffff8800dad01d88  EFLAGS: 00010046
      [  262.948358] RAX: 0100000000000000 RBX: ffffffffa0227940 RCX: ffffea0000707888
      [  262.948363] RDX: ffffea0000707888 RSI: 0000000000000001 RDI: ffffffffa0227940
      [  262.948369] RBP: ffff8800dad01de8 R08: 0000000000000000 R09: ffff8800d9e983a9
      [  262.948374] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffffa0227940
      [  262.948380] R13: ffffffff8187cfc0 R14: 0000000000000000 R15: ffffffff8187da10
      [  262.948386] FS:  00007fa2a2658700(0000) GS:ffff880112800000(0000) knlGS:0000000000000000
      [  262.948394] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
      [  262.948400] CR2: 000000000000006c CR3: 00000000cddc0000 CR4: 00000000000006e0
      [  262.948410] Stack:
      [  262.948413]  ffff8800dad01da8 0000000000000286 0000000020227940 ffffffffa0227940
      [  262.948422]  ffff8800dad01dd8 ffffffff811b7fa1 ffffffffa0227940 ffffffffa0227940
      [  262.948431]  ffffffff8187d960 ffffffff8187cfc0 ffffffff8187d960 ffffffff8187da10
      [  262.948440] Call Trace:
      [  262.948457]  [<ffffffff811b7fa1>] ? unregister_sysctl_table+0x51/0xa0
      [  262.948476]  [<ffffffffa020d1a1>] sctp_sysctl_net_unregister+0x21/0x30 [sctp]
      [  262.948490]  [<ffffffffa020ef6d>] sctp_net_exit+0x12d/0x150 [sctp]
      [  262.948512]  [<ffffffff81394f49>] ops_exit_list+0x39/0x60
      [  262.948522]  [<ffffffff813951ed>] unregister_pernet_operations+0x3d/0x70
      [  262.948530]  [<ffffffff81395292>] unregister_pernet_subsys+0x22/0x40
      [  262.948544]  [<ffffffffa020efcc>] sctp_exit+0x3c/0x12d [sctp]
      [  262.948562]  [<ffffffff810c5e04>] SyS_delete_module+0x194/0x210
      [  262.948577]  [<ffffffff81240fde>] ? trace_hardirqs_on_thunk+0x3a/0x3f
      [  262.948587]  [<ffffffff815217a2>] system_call_fastpath+0x16/0x1b
      
      With this revert, it won't occur the Oops.
      Signed-off-by: default avatarWang Weidong <wangweidong1@huawei.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      eb9f3705
  11. 18 Apr, 2014 1 commit
    • Vlad Yasevich's avatar
      net: sctp: cache auth_enable per endpoint · b14878cc
      Vlad Yasevich authored
      Currently, it is possible to create an SCTP socket, then switch
      auth_enable via sysctl setting to 1 and crash the system on connect:
      
      Oops[#1]:
      CPU: 0 PID: 0 Comm: swapper Not tainted 3.14.1-mipsgit-20140415 #1
      task: ffffffff8056ce80 ti: ffffffff8055c000 task.ti: ffffffff8055c000
      [...]
      Call Trace:
      [<ffffffff8043c4e8>] sctp_auth_asoc_set_default_hmac+0x68/0x80
      [<ffffffff8042b300>] sctp_process_init+0x5e0/0x8a4
      [<ffffffff8042188c>] sctp_sf_do_5_1B_init+0x234/0x34c
      [<ffffffff804228c8>] sctp_do_sm+0xb4/0x1e8
      [<ffffffff80425a08>] sctp_endpoint_bh_rcv+0x1c4/0x214
      [<ffffffff8043af68>] sctp_rcv+0x588/0x630
      [<ffffffff8043e8e8>] sctp6_rcv+0x10/0x24
      [<ffffffff803acb50>] ip6_input+0x2c0/0x440
      [<ffffffff8030fc00>] __netif_receive_skb_core+0x4a8/0x564
      [<ffffffff80310650>] process_backlog+0xb4/0x18c
      [<ffffffff80313cbc>] net_rx_action+0x12c/0x210
      [<ffffffff80034254>] __do_softirq+0x17c/0x2ac
      [<ffffffff800345e0>] irq_exit+0x54/0xb0
      [<ffffffff800075a4>] ret_from_irq+0x0/0x4
      [<ffffffff800090ec>] rm7k_wait_irqoff+0x24/0x48
      [<ffffffff8005e388>] cpu_startup_entry+0xc0/0x148
      [<ffffffff805a88b0>] start_kernel+0x37c/0x398
      Code: dd0900b8  000330f8  0126302d <dcc60000> 50c0fff1  0047182a  a48306a0
      03e00008  00000000
      ---[ end trace b530b0551467f2fd ]---
      Kernel panic - not syncing: Fatal exception in interrupt
      
      What happens while auth_enable=0 in that case is, that
      ep->auth_hmacs is initialized to NULL in sctp_auth_init_hmacs()
      when endpoint is being created.
      
      After that point, if an admin switches over to auth_enable=1,
      the machine can crash due to NULL pointer dereference during
      reception of an INIT chunk. When we enter sctp_process_init()
      via sctp_sf_do_5_1B_init() in order to respond to an INIT chunk,
      the INIT verification succeeds and while we walk and process
      all INIT params via sctp_process_param() we find that
      net->sctp.auth_enable is set, therefore do not fall through,
      but invoke sctp_auth_asoc_set_default_hmac() instead, and thus,
      dereference what we have set to NULL during endpoint
      initialization phase.
      
      The fix is to make auth_enable immutable by caching its value
      during endpoint initialization, so that its original value is
      being carried along until destruction. The bug seems to originate
      from the very first days.
      
      Fix in joint work with Daniel Borkmann.
      Reported-by: default avatarJoshua Kinard <kumba@gentoo.org>
      Signed-off-by: default avatarVlad Yasevich <vyasevic@redhat.com>
      Signed-off-by: default avatarDaniel Borkmann <dborkman@redhat.com>
      Acked-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      Tested-by: default avatarJoshua Kinard <kumba@gentoo.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b14878cc
  12. 13 Feb, 2014 2 commits
  13. 26 Dec, 2013 1 commit
  14. 11 Dec, 2013 2 commits
  15. 06 Dec, 2013 1 commit
  16. 09 Aug, 2013 3 commits
  17. 25 Jul, 2013 1 commit
  18. 13 Jun, 2013 1 commit
  19. 28 Jan, 2013 1 commit
    • Vlad Yasevich's avatar
      SCTP: Free the per-net sysctl table on net exit. v2 · 5f19d121
      Vlad Yasevich authored
      Per-net sysctl table needs to be explicitly freed at
      net exit.  Otherwise we see the following with kmemleak:
      
      unreferenced object 0xffff880402d08000 (size 2048):
        comm "chrome_sandbox", pid 18437, jiffies 4310887172 (age 9097.630s)
        hex dump (first 32 bytes):
          b2 68 89 81 ff ff ff ff 20 04 04 f8 01 88 ff ff  .h...... .......
          04 00 00 00 a4 01 00 00 00 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff815b4aad>] kmemleak_alloc+0x21/0x3e
          [<ffffffff81110352>] slab_post_alloc_hook+0x28/0x2a
          [<ffffffff81113fad>] __kmalloc_track_caller+0xf1/0x104
          [<ffffffff810f10c2>] kmemdup+0x1b/0x30
          [<ffffffff81571e9f>] sctp_sysctl_net_register+0x1f/0x72
          [<ffffffff8155d305>] sctp_net_init+0x100/0x39f
          [<ffffffff814ad53c>] ops_init+0xc6/0xf5
          [<ffffffff814ad5b7>] setup_net+0x4c/0xd0
          [<ffffffff814ada5e>] copy_net_ns+0x6d/0xd6
          [<ffffffff810938b1>] create_new_namespaces+0xd7/0x147
          [<ffffffff810939f4>] copy_namespaces+0x63/0x99
          [<ffffffff81076733>] copy_process+0xa65/0x1233
          [<ffffffff81077030>] do_fork+0x10b/0x271
          [<ffffffff8100a0e9>] sys_clone+0x23/0x25
          [<ffffffff815dda73>] stub_clone+0x13/0x20
          [<ffffffffffffffff>] 0xffffffffffffffff
      
      I fixed the spelling of sysctl_header so the code actually
      compiles. -- EWB.
      Reported-by: default avatarMartin Mokrejs <mmokrejs@fold.natur.cuni.cz>
      Signed-off-by: default avatarVlad Yasevich <vyasevich@gmail.com>
      Acked-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5f19d121
  20. 26 Oct, 2012 1 commit
    • Neil Horman's avatar
      sctp: Make hmac algorithm selection for cookie generation dynamic · 3c68198e
      Neil Horman authored
      Currently sctp allows for the optional use of md5 of sha1 hmac algorithms to
      generate cookie values when establishing new connections via two build time
      config options.  Theres no real reason to make this a static selection.  We can
      add a sysctl that allows for the dynamic selection of these algorithms at run
      time, with the default value determined by the corresponding crypto library
      availability.
      This comes in handy when, for example running a system in FIPS mode, where use
      of md5 is disallowed, but SHA1 is permitted.
      
      Note: This new sysctl has no corresponding socket option to select the cookie
      hmac algorithm.  I chose not to implement that intentionally, as RFC 6458
      contains no option for this value, and I opted not to pollute the socket option
      namespace.
      
      Change notes:
      v2)
      	* Updated subject to have the proper sctp prefix as per Dave M.
      	* Replaced deafult selection options with new options that allow
      	  developers to explicitly select available hmac algs at build time
      	  as per suggestion by Vlad Y.
      Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      CC: Vlad Yasevich <vyasevich@gmail.com>
      CC: "David S. Miller" <davem@davemloft.net>
      CC: netdev@vger.kernel.org
      Acked-by: default avatarVlad Yasevich <vyasevich@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3c68198e
  21. 15 Aug, 2012 2 commits
  22. 22 Jul, 2012 1 commit
    • Neil Horman's avatar
      sctp: Implement quick failover draft from tsvwg · 5aa93bcf
      Neil Horman authored
      I've seen several attempts recently made to do quick failover of sctp transports
      by reducing various retransmit timers and counters.  While its possible to
      implement a faster failover on multihomed sctp associations, its not
      particularly robust, in that it can lead to unneeded retransmits, as well as
      false connection failures due to intermittent latency on a network.
      
      Instead, lets implement the new ietf quick failover draft found here:
      http://tools.ietf.org/html/draft-nishida-tsvwg-sctp-failover-05
      
      This will let the sctp stack identify transports that have had a small number of
      errors, and avoid using them quickly until their reliability can be
      re-established.  I've tested this out on two virt guests connected via multiple
      isolated virt networks and believe its in compliance with the above draft and
      works well.
      Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      CC: Vlad Yasevich <vyasevich@gmail.com>
      CC: Sridhar Samudrala <sri@us.ibm.com>
      CC: "David S. Miller" <davem@davemloft.net>
      CC: linux-sctp@vger.kernel.org
      CC: joe@perches.com
      Acked-by: default avatarVlad Yasevich <vyasevich@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5aa93bcf
  23. 21 Apr, 2012 2 commits
  24. 19 Dec, 2011 1 commit
  25. 02 Jun, 2011 1 commit
  26. 10 Nov, 2010 1 commit
  27. 08 Dec, 2009 1 commit
  28. 23 Nov, 2009 1 commit
  29. 18 Nov, 2009 1 commit
  30. 12 Nov, 2009 1 commit
    • Eric W. Biederman's avatar
      sysctl net: Remove unused binary sysctl code · f8572d8f
      Eric W. Biederman authored
      Now that sys_sysctl is a compatiblity wrapper around /proc/sys
      all sysctl strategy routines, and all ctl_name and strategy
      entries in the sysctl tables are unused, and can be
      revmoed.
      
      In addition neigh_sysctl_register has been modified to no longer
      take a strategy argument and it's callers have been modified not
      to pass one.
      
      Cc: "David Miller" <davem@davemloft.net>
      Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
      Cc: netdev@vger.kernel.org
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      f8572d8f
  31. 04 Sep, 2009 1 commit
    • Bhaskar Dutta's avatar
      sctp: Sysctl configuration for IPv4 Address Scoping · 72388433
      Bhaskar Dutta authored
      This patch introduces a new sysctl option to make IPv4 Address Scoping
      configurable <draft-stewart-tsvwg-sctp-ipv4-00.txt>.
      
      In networking environments where DNAT rules in iptables prerouting
      chains convert destination IP's to link-local/private IP addresses,
      SCTP connections fail to establish as the INIT chunk is dropped by the
      kernel due to address scope match failure.
      For example to support overlapping IP addresses (same IP address with
      different vlan id) a Layer-5 application listens on link local IP's,
      and there is a DNAT rule that maps the destination IP to a link local
      IP. Such applications never get the SCTP INIT if the address-scoping
      draft is strictly followed.
      
      This sysctl configuration allows SCTP to function in such
      unconventional networking environments.
      
      Sysctl options:
      0 - Disable IPv4 address scoping draft altogether
      1 - Enable IPv4 address scoping (default, current behavior)
      2 - Enable address scoping but allow IPv4 private addresses in init/init-ack
      3 - Enable address scoping but allow IPv4 link local address in init/init-ack
      Signed-off-by: default avatarBhaskar Dutta <bhaskar.dutta@globallogic.com>
      Signed-off-by: default avatarVlad Yasevich <vladislav.yasevich@hp.com>
      72388433
  32. 03 Jun, 2009 1 commit
  33. 04 Nov, 2008 1 commit
    • Alexey Dobriyan's avatar
      net: '&' redux · 6d9f239a
      Alexey Dobriyan authored
      I want to compile out proc_* and sysctl_* handlers totally and
      stub them to NULL depending on config options, however usage of &
      will prevent this, since taking adress of NULL pointer will break
      compilation.
      
      So, drop & in front of every ->proc_handler and every ->strategy
      handler, it was never needed in fact.
      Signed-off-by: default avatarAlexey Dobriyan <adobriyan@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      6d9f239a