From nobody Wed Aug 23 09:16:07 2023 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RW0vD2BNnz4rLMX; Wed, 23 Aug 2023 09:16:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RW0vD1Yhhz3GZC; Wed, 23 Aug 2023 09:16:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1692782168; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=krkeyubctl/tPvhAuzIBA4/zDWcmuL1t5c5UlqBB+hU=; b=BMbWG2aFnuOHGl14zRb4oS9XjzSRVieqGhsHAJOR/jmv3uaypxnbk/+tnZystVP/DsAJqW Fl7A7YTkD/taEUMIRaByI6jHKV8PUpNyuKLizYcVHXXP87jD5550ZeI7jdVLXE13SudfrM pJweXVavqLMzBXzGWl396rWFCLs8qKxWvQaH39PPQs2/7xSS7snmSYLaKeQc48fgw/5l9x qPhaESMYM2LgSrEW9iiBU+x9Pt5RtMLN5MB9QOB793B6zXG6x26VhanRE94zoT8urt0pbK g6+0TDWpoLLiWlG9w8j0cvgcCzxznrF7XC9RXE0gOgbDElbv7zQzub4cl5ZNrg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1692782168; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=krkeyubctl/tPvhAuzIBA4/zDWcmuL1t5c5UlqBB+hU=; b=T9jrLTrN13Gb/pImJ/H/NhtbatyrQDDLGOqPVzSTq2K5iBsbCQD7PsHvEjuYmaPwF48tFf nzV/iRhOmXECJa0S8bcN/arRZROej/YzrtX0QCOLiet8eoGA+TiVXcyF/QeVyQuCuaiwHt e9sL09wLsB+fWDtWMmA8gksmKuKUO/6Fp6mClttpsgF8syxmj5TYNdWCsuFILh7/iVVh3a suzY9V39FhnHrPIWc2Y7+T3O6ez7Fopq5Wfq+S2qpD4PMvdDoyBSZ1Uco+rAfg6U8ozF55 CQtySYnXzaOV7k6P5/CWxgIqjXbnVETFqMu0hQ2wqC2C8jSbK0HoK8xjDmSTiw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1692782168; a=rsa-sha256; cv=none; b=t4HrEvgobeJ2IRRLBtv+34CVGw+Pu70FDd4podx/r33TR+G6EIFQnkz9zpjjXP9rfT/S9Y uTF+4p7J6fO/fTBatmAK1esX5ZzWuR+zcDFl4+1vCn4M42I7tMbeg+7c0YhzviEyrMAjua ggn+fHq2ossokUu7kosEP84rrp1cL399ThV4s5v1QpxOrJvu6nbSgsTC5NPhs+B5xPDghA J0zgjfa7Jr8fpklUN2khruIrjM5wFoCc15pdYKFdflhs4vX4euk1dSjxohd8FudExggp1b bt1HmK2e33VQAemClwiqzpTkcVMxrLB+VkZqCpxw8//7JubQJfUBq1+tnUH8yQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RW0vD0cN8zfrR; Wed, 23 Aug 2023 09:16:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 37N9G7X3094946; Wed, 23 Aug 2023 09:16:07 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 37N9G7Ym094944; Wed, 23 Aug 2023 09:16:07 GMT (envelope-from git) Date: Wed, 23 Aug 2023 09:16:07 GMT Message-Id: <202308230916.37N9G7Ym094944@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Michael Tuexen Subject: git: d18c845f99cb - main - sctp: improve handling of SHUTDOWN and SHUTDOWN ACK chunks List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: tuexen X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: d18c845f99cbd2d3c0e70b3b9b09d80c655b6fb6 Auto-Submitted: auto-generated The branch main has been updated by tuexen: URL: https://cgit.FreeBSD.org/src/commit/?id=d18c845f99cbd2d3c0e70b3b9b09d80c655b6fb6 commit d18c845f99cbd2d3c0e70b3b9b09d80c655b6fb6 Author: Michael Tuexen AuthorDate: 2023-08-23 06:36:15 +0000 Commit: Michael Tuexen CommitDate: 2023-08-23 06:36:15 +0000 sctp: improve handling of SHUTDOWN and SHUTDOWN ACK chunks When handling a SHUTDOWN or SHUTDOWN ACK chunk detect if the peer is violating the protocol by not having made sure all user messages are reveived by the peer. If this situation is detected, abort the association. MFC after: 1 week --- sys/netinet/sctp_input.c | 54 +++++++++++++++++++++++++++++++++++++----------- 1 file changed, 42 insertions(+), 12 deletions(-) diff --git a/sys/netinet/sctp_input.c b/sys/netinet/sctp_input.c index f3227c913e1e..e6dc41e08909 100644 --- a/sys/netinet/sctp_input.c +++ b/sys/netinet/sctp_input.c @@ -829,6 +829,38 @@ sctp_start_net_timers(struct sctp_tcb *stcb) } } +static void +sctp_check_data_from_peer(struct sctp_tcb *stcb, int *abort_flag) +{ + char msg[SCTP_DIAG_INFO_LEN]; + struct sctp_association *asoc; + struct mbuf *op_err; + unsigned int i; + + *abort_flag = 0; + asoc = &stcb->asoc; + if (SCTP_TSN_GT(asoc->highest_tsn_inside_map, asoc->cumulative_tsn) || + SCTP_TSN_GT(asoc->highest_tsn_inside_nr_map, asoc->cumulative_tsn)) { + SCTP_SNPRINTF(msg, sizeof(msg), "Missing TSN"); + *abort_flag = 1; + } + if (!*abort_flag) { + for (i = 0; i < asoc->streamincnt; i++) { + if (!TAILQ_EMPTY(&asoc->strmin[i].inqueue) || + !TAILQ_EMPTY(&asoc->strmin[i].uno_inqueue)) { + SCTP_SNPRINTF(msg, sizeof(msg), "Missing user data"); + *abort_flag = 1; + break; + } + } + } + if (*abort_flag) { + op_err = sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, msg); + stcb->sctp_ep->last_abort_code = SCTP_FROM_SCTP_INPUT + SCTP_LOC_9; + sctp_abort_an_association(stcb->sctp_ep, stcb, op_err, false, SCTP_SO_NOT_LOCKED); + } +} + static void sctp_handle_shutdown(struct sctp_shutdown_chunk *cp, struct sctp_tcb *stcb, struct sctp_nets *net, int *abort_flag) @@ -852,12 +884,10 @@ sctp_handle_shutdown(struct sctp_shutdown_chunk *cp, if (*abort_flag) { return; } - /* - * FIXME MT: Handle the case where there are still incomplete - * received user messages or known missing user messages from the - * peer. One way to handle this is to abort the associations in this - * case. - */ + sctp_check_data_from_peer(stcb, abort_flag); + if (*abort_flag) { + return; + } if (stcb->sctp_socket) { if ((SCTP_GET_STATE(stcb) != SCTP_STATE_SHUTDOWN_RECEIVED) && (SCTP_GET_STATE(stcb) != SCTP_STATE_SHUTDOWN_ACK_SENT) && @@ -914,6 +944,8 @@ sctp_handle_shutdown_ack(struct sctp_shutdown_ack_chunk *cp SCTP_UNUSED, struct sctp_tcb *stcb, struct sctp_nets *net) { + int abort_flag; + SCTPDBG(SCTP_DEBUG_INPUT2, "sctp_handle_shutdown_ack: handling SHUTDOWN ACK\n"); if (stcb == NULL) { @@ -934,12 +966,10 @@ sctp_handle_shutdown_ack(struct sctp_shutdown_ack_chunk *cp SCTP_UNUSED, SCTP_TCB_UNLOCK(stcb); return; } - /* - * FIXME MT: Handle the case where there are still incomplete - * received user messages or known missing user messages from the - * peer. One way to handle this is to abort the associations in this - * case. - */ + sctp_check_data_from_peer(stcb, &abort_flag); + if (abort_flag) { + return; + } #ifdef INVARIANTS if (!TAILQ_EMPTY(&stcb->asoc.send_queue) || !TAILQ_EMPTY(&stcb->asoc.sent_queue) ||