dccp: Feature activation handlers
[linux-2.6.git] / net / dccp / feat.c
1 /*
2  *  net/dccp/feat.c
3  *
4  *  An implementation of the DCCP protocol
5  *  Andrea Bittau <a.bittau@cs.ucl.ac.uk>
6  *
7  *  ASSUMPTIONS
8  *  -----------
9  *  o Feature negotiation is coordinated with connection setup (as in TCP), wild
10  *    changes of parameters of an established connection are not supported.
11  *  o All currently known SP features have 1-byte quantities. If in the future
12  *    extensions of RFCs 4340..42 define features with item lengths larger than
13  *    one byte, a feature-specific extension of the code will be required.
14  *
15  *  This program is free software; you can redistribute it and/or
16  *  modify it under the terms of the GNU General Public License
17  *  as published by the Free Software Foundation; either version
18  *  2 of the License, or (at your option) any later version.
19  */
20
21 #include <linux/module.h>
22
23 #include "ccid.h"
24 #include "feat.h"
25
26 #define DCCP_FEAT_SP_NOAGREE (-123)
27
28 /*
29  * Feature activation handlers.
30  *
31  * These all use an u64 argument, to provide enough room for NN/SP features. At
32  * this stage the negotiated values have been checked to be within their range.
33  */
34 static int dccp_hdlr_ccid(struct sock *sk, u64 ccid, bool rx)
35 {
36         struct dccp_sock *dp = dccp_sk(sk);
37         struct ccid *new_ccid = ccid_new(ccid, sk, rx, gfp_any());
38
39         if (new_ccid == NULL)
40                 return -ENOMEM;
41
42         if (rx) {
43                 ccid_hc_rx_delete(dp->dccps_hc_rx_ccid, sk);
44                 dp->dccps_hc_rx_ccid = new_ccid;
45         } else {
46                 ccid_hc_tx_delete(dp->dccps_hc_tx_ccid, sk);
47                 dp->dccps_hc_tx_ccid = new_ccid;
48         }
49         return 0;
50 }
51
52 static int dccp_hdlr_seq_win(struct sock *sk, u64 seq_win, bool rx)
53 {
54         if (!rx)
55                 dccp_msk(sk)->dccpms_sequence_window = seq_win;
56         return 0;
57 }
58
59 static int dccp_hdlr_ack_ratio(struct sock *sk, u64 ratio, bool rx)
60 {
61         if (rx)
62                 dccp_sk(sk)->dccps_r_ack_ratio = ratio;
63         else
64                 dccp_sk(sk)->dccps_l_ack_ratio = ratio;
65         return 0;
66 }
67
68 static int dccp_hdlr_ackvec(struct sock *sk, u64 enable, bool rx)
69 {
70         struct dccp_sock *dp = dccp_sk(sk);
71
72         if (rx) {
73                 if (enable && dp->dccps_hc_rx_ackvec == NULL) {
74                         dp->dccps_hc_rx_ackvec = dccp_ackvec_alloc(gfp_any());
75                         if (dp->dccps_hc_rx_ackvec == NULL)
76                                 return -ENOMEM;
77                 } else if (!enable) {
78                         dccp_ackvec_free(dp->dccps_hc_rx_ackvec);
79                         dp->dccps_hc_rx_ackvec = NULL;
80                 }
81         }
82         return 0;
83 }
84
85 static int dccp_hdlr_ndp(struct sock *sk, u64 enable, bool rx)
86 {
87         if (!rx)
88                 dccp_msk(sk)->dccpms_send_ndp_count = (enable > 0);
89         return 0;
90 }
91
92 /*
93  * Minimum Checksum Coverage is located at the RX side (9.2.1). This means that
94  * `rx' holds when the sending peer informs about his partial coverage via a
95  * ChangeR() option. In the other case, we are the sender and the receiver
96  * announces its coverage via ChangeL() options. The policy here is to honour
97  * such communication by enabling the corresponding partial coverage - but only
98  * if it has not been set manually before; the warning here means that all
99  * packets will be dropped.
100  */
101 static int dccp_hdlr_min_cscov(struct sock *sk, u64 cscov, bool rx)
102 {
103         struct dccp_sock *dp = dccp_sk(sk);
104
105         if (rx)
106                 dp->dccps_pcrlen = cscov;
107         else {
108                 if (dp->dccps_pcslen == 0)
109                         dp->dccps_pcslen = cscov;
110                 else if (cscov > dp->dccps_pcslen)
111                         DCCP_WARN("CsCov %u too small, peer requires >= %u\n",
112                                   dp->dccps_pcslen, (u8)cscov);
113         }
114         return 0;
115 }
116
117 static const struct {
118         u8                      feat_num;               /* DCCPF_xxx */
119         enum dccp_feat_type     rxtx;                   /* RX or TX  */
120         enum dccp_feat_type     reconciliation;         /* SP or NN  */
121         u8                      default_value;          /* as in 6.4 */
122         int (*activation_hdlr)(struct sock *sk, u64 val, bool rx);
123 /*
124  *    Lookup table for location and type of features (from RFC 4340/4342)
125  *  +--------------------------+----+-----+----+----+---------+-----------+
126  *  | Feature                  | Location | Reconc. | Initial |  Section  |
127  *  |                          | RX | TX  | SP | NN |  Value  | Reference |
128  *  +--------------------------+----+-----+----+----+---------+-----------+
129  *  | DCCPF_CCID               |    |  X  | X  |    |   2     | 10        |
130  *  | DCCPF_SHORT_SEQNOS       |    |  X  | X  |    |   0     |  7.6.1    |
131  *  | DCCPF_SEQUENCE_WINDOW    |    |  X  |    | X  | 100     |  7.5.2    |
132  *  | DCCPF_ECN_INCAPABLE      | X  |     | X  |    |   0     | 12.1      |
133  *  | DCCPF_ACK_RATIO          |    |  X  |    | X  |   2     | 11.3      |
134  *  | DCCPF_SEND_ACK_VECTOR    | X  |     | X  |    |   0     | 11.5      |
135  *  | DCCPF_SEND_NDP_COUNT     |    |  X  | X  |    |   0     |  7.7.2    |
136  *  | DCCPF_MIN_CSUM_COVER     | X  |     | X  |    |   0     |  9.2.1    |
137  *  | DCCPF_DATA_CHECKSUM      | X  |     | X  |    |   0     |  9.3.1    |
138  *  | DCCPF_SEND_LEV_RATE      | X  |     | X  |    |   0     | 4342/8.4  |
139  *  +--------------------------+----+-----+----+----+---------+-----------+
140  */
141 } dccp_feat_table[] = {
142         { DCCPF_CCID,            FEAT_AT_TX, FEAT_SP, 2,   dccp_hdlr_ccid     },
143         { DCCPF_SHORT_SEQNOS,    FEAT_AT_TX, FEAT_SP, 0,   NULL },
144         { DCCPF_SEQUENCE_WINDOW, FEAT_AT_TX, FEAT_NN, 100, dccp_hdlr_seq_win  },
145         { DCCPF_ECN_INCAPABLE,   FEAT_AT_RX, FEAT_SP, 0,   NULL },
146         { DCCPF_ACK_RATIO,       FEAT_AT_TX, FEAT_NN, 2,   dccp_hdlr_ack_ratio},
147         { DCCPF_SEND_ACK_VECTOR, FEAT_AT_RX, FEAT_SP, 0,   dccp_hdlr_ackvec   },
148         { DCCPF_SEND_NDP_COUNT,  FEAT_AT_TX, FEAT_SP, 0,   dccp_hdlr_ndp      },
149         { DCCPF_MIN_CSUM_COVER,  FEAT_AT_RX, FEAT_SP, 0,   dccp_hdlr_min_cscov},
150         { DCCPF_DATA_CHECKSUM,   FEAT_AT_RX, FEAT_SP, 0,   NULL },
151         { DCCPF_SEND_LEV_RATE,   FEAT_AT_RX, FEAT_SP, 0,   NULL },
152 };
153 #define DCCP_FEAT_SUPPORTED_MAX         ARRAY_SIZE(dccp_feat_table)
154
155 /**
156  * dccp_feat_index  -  Hash function to map feature number into array position
157  * Returns consecutive array index or -1 if the feature is not understood.
158  */
159 static int dccp_feat_index(u8 feat_num)
160 {
161         /* The first 9 entries are occupied by the types from RFC 4340, 6.4 */
162         if (feat_num > DCCPF_RESERVED && feat_num <= DCCPF_DATA_CHECKSUM)
163                 return feat_num - 1;
164
165         /*
166          * Other features: add cases for new feature types here after adding
167          * them to the above table.
168          */
169         switch (feat_num) {
170         case DCCPF_SEND_LEV_RATE:
171                         return DCCP_FEAT_SUPPORTED_MAX - 1;
172         }
173         return -1;
174 }
175
176 static u8 dccp_feat_type(u8 feat_num)
177 {
178         int idx = dccp_feat_index(feat_num);
179
180         if (idx < 0)
181                 return FEAT_UNKNOWN;
182         return dccp_feat_table[idx].reconciliation;
183 }
184
185 static int dccp_feat_default_value(u8 feat_num)
186 {
187         int idx = dccp_feat_index(feat_num);
188
189         return idx < 0 ? : dccp_feat_table[idx].default_value;
190 }
191
192 static int __dccp_feat_activate(struct sock *sk, const int idx,
193                                 const bool is_local, dccp_feat_val const *fval)
194 {
195         bool rx;
196         u64 val;
197
198         if (idx < 0 || idx >= DCCP_FEAT_SUPPORTED_MAX)
199                 return -1;
200         if (dccp_feat_table[idx].activation_hdlr == NULL)
201                 return 0;
202
203         if (fval == NULL) {
204                 val = dccp_feat_table[idx].default_value;
205         } else if (dccp_feat_table[idx].reconciliation == FEAT_SP) {
206                 if (fval->sp.vec == NULL) {
207                         /*
208                          * This can happen when an empty Confirm is sent
209                          * for an SP (i.e. known) feature. In this case
210                          * we would be using the default anyway.
211                          */
212                         DCCP_CRIT("Feature #%d undefined: using default", idx);
213                         val = dccp_feat_table[idx].default_value;
214                 } else {
215                         val = fval->sp.vec[0];
216                 }
217         } else {
218                 val = fval->nn;
219         }
220
221         /* Location is RX if this is a local-RX or remote-TX feature */
222         rx = (is_local == (dccp_feat_table[idx].rxtx == FEAT_AT_RX));
223
224         return dccp_feat_table[idx].activation_hdlr(sk, val, rx);
225 }
226
227 /* Test for "Req'd" feature (RFC 4340, 6.4) */
228 static inline int dccp_feat_must_be_understood(u8 feat_num)
229 {
230         return  feat_num == DCCPF_CCID || feat_num == DCCPF_SHORT_SEQNOS ||
231                 feat_num == DCCPF_SEQUENCE_WINDOW;
232 }
233
234 /* copy constructor, fval must not already contain allocated memory */
235 static int dccp_feat_clone_sp_val(dccp_feat_val *fval, u8 const *val, u8 len)
236 {
237         fval->sp.len = len;
238         if (fval->sp.len > 0) {
239                 fval->sp.vec = kmemdup(val, len, gfp_any());
240                 if (fval->sp.vec == NULL) {
241                         fval->sp.len = 0;
242                         return -ENOBUFS;
243                 }
244         }
245         return 0;
246 }
247
248 static void dccp_feat_val_destructor(u8 feat_num, dccp_feat_val *val)
249 {
250         if (unlikely(val == NULL))
251                 return;
252         if (dccp_feat_type(feat_num) == FEAT_SP)
253                 kfree(val->sp.vec);
254         memset(val, 0, sizeof(*val));
255 }
256
257 static struct dccp_feat_entry *
258               dccp_feat_clone_entry(struct dccp_feat_entry const *original)
259 {
260         struct dccp_feat_entry *new;
261         u8 type = dccp_feat_type(original->feat_num);
262
263         if (type == FEAT_UNKNOWN)
264                 return NULL;
265
266         new = kmemdup(original, sizeof(struct dccp_feat_entry), gfp_any());
267         if (new == NULL)
268                 return NULL;
269
270         if (type == FEAT_SP && dccp_feat_clone_sp_val(&new->val,
271                                                       original->val.sp.vec,
272                                                       original->val.sp.len)) {
273                 kfree(new);
274                 return NULL;
275         }
276         return new;
277 }
278
279 static void dccp_feat_entry_destructor(struct dccp_feat_entry *entry)
280 {
281         if (entry != NULL) {
282                 dccp_feat_val_destructor(entry->feat_num, &entry->val);
283                 kfree(entry);
284         }
285 }
286
287 /*
288  * List management functions
289  *
290  * Feature negotiation lists rely on and maintain the following invariants:
291  * - each feat_num in the list is known, i.e. we know its type and default value
292  * - each feat_num/is_local combination is unique (old entries are overwritten)
293  * - SP values are always freshly allocated
294  * - list is sorted in increasing order of feature number (faster lookup)
295  */
296 static struct dccp_feat_entry *dccp_feat_list_lookup(struct list_head *fn_list,
297                                                      u8 feat_num, bool is_local)
298 {
299         struct dccp_feat_entry *entry;
300
301         list_for_each_entry(entry, fn_list, node)
302                 if (entry->feat_num == feat_num && entry->is_local == is_local)
303                         return entry;
304                 else if (entry->feat_num > feat_num)
305                         break;
306         return NULL;
307 }
308
309 /**
310  * dccp_feat_entry_new  -  Central list update routine (called by all others)
311  * @head:  list to add to
312  * @feat:  feature number
313  * @local: whether the local (1) or remote feature with number @feat is meant
314  * This is the only constructor and serves to ensure the above invariants.
315  */
316 static struct dccp_feat_entry *
317               dccp_feat_entry_new(struct list_head *head, u8 feat, bool local)
318 {
319         struct dccp_feat_entry *entry;
320
321         list_for_each_entry(entry, head, node)
322                 if (entry->feat_num == feat && entry->is_local == local) {
323                         dccp_feat_val_destructor(entry->feat_num, &entry->val);
324                         return entry;
325                 } else if (entry->feat_num > feat) {
326                         head = &entry->node;
327                         break;
328                 }
329
330         entry = kmalloc(sizeof(*entry), gfp_any());
331         if (entry != NULL) {
332                 entry->feat_num = feat;
333                 entry->is_local = local;
334                 list_add_tail(&entry->node, head);
335         }
336         return entry;
337 }
338
339 /**
340  * dccp_feat_push_change  -  Add/overwrite a Change option in the list
341  * @fn_list: feature-negotiation list to update
342  * @feat: one of %dccp_feature_numbers
343  * @local: whether local (1) or remote (0) @feat_num is meant
344  * @needs_mandatory: whether to use Mandatory feature negotiation options
345  * @fval: pointer to NN/SP value to be inserted (will be copied)
346  */
347 static int dccp_feat_push_change(struct list_head *fn_list, u8 feat, u8 local,
348                                  u8 mandatory, dccp_feat_val *fval)
349 {
350         struct dccp_feat_entry *new = dccp_feat_entry_new(fn_list, feat, local);
351
352         if (new == NULL)
353                 return -ENOMEM;
354
355         new->feat_num        = feat;
356         new->is_local        = local;
357         new->state           = FEAT_INITIALISING;
358         new->needs_confirm   = 0;
359         new->empty_confirm   = 0;
360         new->val             = *fval;
361         new->needs_mandatory = mandatory;
362
363         return 0;
364 }
365
366 /**
367  * dccp_feat_push_confirm  -  Add a Confirm entry to the FN list
368  * @fn_list: feature-negotiation list to add to
369  * @feat: one of %dccp_feature_numbers
370  * @local: whether local (1) or remote (0) @feat_num is being confirmed
371  * @fval: pointer to NN/SP value to be inserted or NULL
372  * Returns 0 on success, a Reset code for further processing otherwise.
373  */
374 static int dccp_feat_push_confirm(struct list_head *fn_list, u8 feat, u8 local,
375                                   dccp_feat_val *fval)
376 {
377         struct dccp_feat_entry *new = dccp_feat_entry_new(fn_list, feat, local);
378
379         if (new == NULL)
380                 return DCCP_RESET_CODE_TOO_BUSY;
381
382         new->feat_num        = feat;
383         new->is_local        = local;
384         new->state           = FEAT_STABLE;     /* transition in 6.6.2 */
385         new->needs_confirm   = 1;
386         new->empty_confirm   = (fval == NULL);
387         new->val.nn          = 0;               /* zeroes the whole structure */
388         if (!new->empty_confirm)
389                 new->val     = *fval;
390         new->needs_mandatory = 0;
391
392         return 0;
393 }
394
395 static int dccp_push_empty_confirm(struct list_head *fn_list, u8 feat, u8 local)
396 {
397         return dccp_feat_push_confirm(fn_list, feat, local, NULL);
398 }
399
400 static inline void dccp_feat_list_pop(struct dccp_feat_entry *entry)
401 {
402         list_del(&entry->node);
403         dccp_feat_entry_destructor(entry);
404 }
405
406 void dccp_feat_list_purge(struct list_head *fn_list)
407 {
408         struct dccp_feat_entry *entry, *next;
409
410         list_for_each_entry_safe(entry, next, fn_list, node)
411                 dccp_feat_entry_destructor(entry);
412         INIT_LIST_HEAD(fn_list);
413 }
414 EXPORT_SYMBOL_GPL(dccp_feat_list_purge);
415
416 /* generate @to as full clone of @from - @to must not contain any nodes */
417 int dccp_feat_clone_list(struct list_head const *from, struct list_head *to)
418 {
419         struct dccp_feat_entry *entry, *new;
420
421         INIT_LIST_HEAD(to);
422         list_for_each_entry(entry, from, node) {
423                 new = dccp_feat_clone_entry(entry);
424                 if (new == NULL)
425                         goto cloning_failed;
426                 list_add_tail(&new->node, to);
427         }
428         return 0;
429
430 cloning_failed:
431         dccp_feat_list_purge(to);
432         return -ENOMEM;
433 }
434
435 /**
436  * dccp_feat_valid_nn_length  -  Enforce length constraints on NN options
437  * Length is between 0 and %DCCP_OPTVAL_MAXLEN. Used for outgoing packets only,
438  * incoming options are accepted as long as their values are valid.
439  */
440 static u8 dccp_feat_valid_nn_length(u8 feat_num)
441 {
442         if (feat_num == DCCPF_ACK_RATIO)        /* RFC 4340, 11.3 and 6.6.8 */
443                 return 2;
444         if (feat_num == DCCPF_SEQUENCE_WINDOW)  /* RFC 4340, 7.5.2 and 6.5  */
445                 return 6;
446         return 0;
447 }
448
449 static u8 dccp_feat_is_valid_nn_val(u8 feat_num, u64 val)
450 {
451         switch (feat_num) {
452         case DCCPF_ACK_RATIO:
453                 return val <= DCCPF_ACK_RATIO_MAX;
454         case DCCPF_SEQUENCE_WINDOW:
455                 return val >= DCCPF_SEQ_WMIN && val <= DCCPF_SEQ_WMAX;
456         }
457         return 0;       /* feature unknown - so we can't tell */
458 }
459
460 /* check that SP values are within the ranges defined in RFC 4340 */
461 static u8 dccp_feat_is_valid_sp_val(u8 feat_num, u8 val)
462 {
463         switch (feat_num) {
464         case DCCPF_CCID:
465                 return val == DCCPC_CCID2 || val == DCCPC_CCID3;
466         /* Type-check Boolean feature values: */
467         case DCCPF_SHORT_SEQNOS:
468         case DCCPF_ECN_INCAPABLE:
469         case DCCPF_SEND_ACK_VECTOR:
470         case DCCPF_SEND_NDP_COUNT:
471         case DCCPF_DATA_CHECKSUM:
472         case DCCPF_SEND_LEV_RATE:
473                 return val < 2;
474         case DCCPF_MIN_CSUM_COVER:
475                 return val < 16;
476         }
477         return 0;                       /* feature unknown */
478 }
479
480 static u8 dccp_feat_sp_list_ok(u8 feat_num, u8 const *sp_list, u8 sp_len)
481 {
482         if (sp_list == NULL || sp_len < 1)
483                 return 0;
484         while (sp_len--)
485                 if (!dccp_feat_is_valid_sp_val(feat_num, *sp_list++))
486                         return 0;
487         return 1;
488 }
489
490 /**
491  * dccp_feat_insert_opts  -  Generate FN options from current list state
492  * @skb: next sk_buff to be sent to the peer
493  * @dp: for client during handshake and general negotiation
494  * @dreq: used by the server only (all Changes/Confirms in LISTEN/RESPOND)
495  */
496 int dccp_feat_insert_opts(struct dccp_sock *dp, struct dccp_request_sock *dreq,
497                           struct sk_buff *skb)
498 {
499         struct list_head *fn = dreq ? &dreq->dreq_featneg : &dp->dccps_featneg;
500         struct dccp_feat_entry *pos, *next;
501         u8 opt, type, len, *ptr, nn_in_nbo[DCCP_OPTVAL_MAXLEN];
502         bool rpt;
503
504         /* put entries into @skb in the order they appear in the list */
505         list_for_each_entry_safe_reverse(pos, next, fn, node) {
506                 opt  = dccp_feat_genopt(pos);
507                 type = dccp_feat_type(pos->feat_num);
508                 rpt  = false;
509
510                 if (pos->empty_confirm) {
511                         len = 0;
512                         ptr = NULL;
513                 } else {
514                         if (type == FEAT_SP) {
515                                 len = pos->val.sp.len;
516                                 ptr = pos->val.sp.vec;
517                                 rpt = pos->needs_confirm;
518                         } else if (type == FEAT_NN) {
519                                 len = dccp_feat_valid_nn_length(pos->feat_num);
520                                 ptr = nn_in_nbo;
521                                 dccp_encode_value_var(pos->val.nn, ptr, len);
522                         } else {
523                                 DCCP_BUG("unknown feature %u", pos->feat_num);
524                                 return -1;
525                         }
526                 }
527
528                 if (dccp_insert_fn_opt(skb, opt, pos->feat_num, ptr, len, rpt))
529                         return -1;
530                 if (pos->needs_mandatory && dccp_insert_option_mandatory(skb))
531                         return -1;
532                 /*
533                  * Enter CHANGING after transmitting the Change option (6.6.2).
534                  */
535                 if (pos->state == FEAT_INITIALISING)
536                         pos->state = FEAT_CHANGING;
537         }
538         return 0;
539 }
540
541 /**
542  * __feat_register_nn  -  Register new NN value on socket
543  * @fn: feature-negotiation list to register with
544  * @feat: an NN feature from %dccp_feature_numbers
545  * @mandatory: use Mandatory option if 1
546  * @nn_val: value to register (restricted to 4 bytes)
547  * Note that NN features are local by definition (RFC 4340, 6.3.2).
548  */
549 static int __feat_register_nn(struct list_head *fn, u8 feat,
550                               u8 mandatory, u64 nn_val)
551 {
552         dccp_feat_val fval = { .nn = nn_val };
553
554         if (dccp_feat_type(feat) != FEAT_NN ||
555             !dccp_feat_is_valid_nn_val(feat, nn_val))
556                 return -EINVAL;
557
558         /* Don't bother with default values, they will be activated anyway. */
559         if (nn_val - (u64)dccp_feat_default_value(feat) == 0)
560                 return 0;
561
562         return dccp_feat_push_change(fn, feat, 1, mandatory, &fval);
563 }
564
565 /**
566  * __feat_register_sp  -  Register new SP value/list on socket
567  * @fn: feature-negotiation list to register with
568  * @feat: an SP feature from %dccp_feature_numbers
569  * @is_local: whether the local (1) or the remote (0) @feat is meant
570  * @mandatory: use Mandatory option if 1
571  * @sp_val: SP value followed by optional preference list
572  * @sp_len: length of @sp_val in bytes
573  */
574 static int __feat_register_sp(struct list_head *fn, u8 feat, u8 is_local,
575                               u8 mandatory, u8 const *sp_val, u8 sp_len)
576 {
577         dccp_feat_val fval;
578
579         if (dccp_feat_type(feat) != FEAT_SP ||
580             !dccp_feat_sp_list_ok(feat, sp_val, sp_len))
581                 return -EINVAL;
582
583         /* Avoid negotiating alien CCIDs by only advertising supported ones */
584         if (feat == DCCPF_CCID && !ccid_support_check(sp_val, sp_len))
585                 return -EOPNOTSUPP;
586
587         if (dccp_feat_clone_sp_val(&fval, sp_val, sp_len))
588                 return -ENOMEM;
589
590         return dccp_feat_push_change(fn, feat, is_local, mandatory, &fval);
591 }
592
593 /**
594  * dccp_feat_register_sp  -  Register requests to change SP feature values
595  * @sk: client or listening socket
596  * @feat: one of %dccp_feature_numbers
597  * @is_local: whether the local (1) or remote (0) @feat is meant
598  * @list: array of preferred values, in descending order of preference
599  * @len: length of @list in bytes
600  */
601 int dccp_feat_register_sp(struct sock *sk, u8 feat, u8 is_local,
602                           u8 const *list, u8 len)
603 {        /* any changes must be registered before establishing the connection */
604         if (sk->sk_state != DCCP_CLOSED)
605                 return -EISCONN;
606         if (dccp_feat_type(feat) != FEAT_SP)
607                 return -EINVAL;
608         return __feat_register_sp(&dccp_sk(sk)->dccps_featneg, feat, is_local,
609                                   0, list, len);
610 }
611
612 /* Analogous to dccp_feat_register_sp(), but for non-negotiable values */
613 int dccp_feat_register_nn(struct sock *sk, u8 feat, u64 val)
614 {
615         /* any changes must be registered before establishing the connection */
616         if (sk->sk_state != DCCP_CLOSED)
617                 return -EISCONN;
618         if (dccp_feat_type(feat) != FEAT_NN)
619                 return -EINVAL;
620         return __feat_register_nn(&dccp_sk(sk)->dccps_featneg, feat, 0, val);
621 }
622
623 /*
624  *      Tracking features whose value depend on the choice of CCID
625  *
626  * This is designed with an extension in mind so that a list walk could be done
627  * before activating any features. However, the existing framework was found to
628  * work satisfactorily up until now, the automatic verification is left open.
629  * When adding new CCIDs, add a corresponding dependency table here.
630  */
631 static const struct ccid_dependency *dccp_feat_ccid_deps(u8 ccid, bool is_local)
632 {
633         static const struct ccid_dependency ccid2_dependencies[2][2] = {
634                 /*
635                  * CCID2 mandates Ack Vectors (RFC 4341, 4.): as CCID is a TX
636                  * feature and Send Ack Vector is an RX feature, `is_local'
637                  * needs to be reversed.
638                  */
639                 {       /* Dependencies of the receiver-side (remote) CCID2 */
640                         {
641                                 .dependent_feat = DCCPF_SEND_ACK_VECTOR,
642                                 .is_local       = true,
643                                 .is_mandatory   = true,
644                                 .val            = 1
645                         },
646                         { 0, 0, 0, 0 }
647                 },
648                 {       /* Dependencies of the sender-side (local) CCID2 */
649                         {
650                                 .dependent_feat = DCCPF_SEND_ACK_VECTOR,
651                                 .is_local       = false,
652                                 .is_mandatory   = true,
653                                 .val            = 1
654                         },
655                         { 0, 0, 0, 0 }
656                 }
657         };
658         static const struct ccid_dependency ccid3_dependencies[2][5] = {
659                 {       /*
660                          * Dependencies of the receiver-side CCID3
661                          */
662                         {       /* locally disable Ack Vectors */
663                                 .dependent_feat = DCCPF_SEND_ACK_VECTOR,
664                                 .is_local       = true,
665                                 .is_mandatory   = false,
666                                 .val            = 0
667                         },
668                         {       /* see below why Send Loss Event Rate is on */
669                                 .dependent_feat = DCCPF_SEND_LEV_RATE,
670                                 .is_local       = true,
671                                 .is_mandatory   = true,
672                                 .val            = 1
673                         },
674                         {       /* NDP Count is needed as per RFC 4342, 6.1.1 */
675                                 .dependent_feat = DCCPF_SEND_NDP_COUNT,
676                                 .is_local       = false,
677                                 .is_mandatory   = true,
678                                 .val            = 1
679                         },
680                         { 0, 0, 0, 0 },
681                 },
682                 {       /*
683                          * CCID3 at the TX side: we request that the HC-receiver
684                          * will not send Ack Vectors (they will be ignored, so
685                          * Mandatory is not set); we enable Send Loss Event Rate
686                          * (Mandatory since the implementation does not support
687                          * the Loss Intervals option of RFC 4342, 8.6).
688                          * The last two options are for peer's information only.
689                         */
690                         {
691                                 .dependent_feat = DCCPF_SEND_ACK_VECTOR,
692                                 .is_local       = false,
693                                 .is_mandatory   = false,
694                                 .val            = 0
695                         },
696                         {
697                                 .dependent_feat = DCCPF_SEND_LEV_RATE,
698                                 .is_local       = false,
699                                 .is_mandatory   = true,
700                                 .val            = 1
701                         },
702                         {       /* this CCID does not support Ack Ratio */
703                                 .dependent_feat = DCCPF_ACK_RATIO,
704                                 .is_local       = true,
705                                 .is_mandatory   = false,
706                                 .val            = 0
707                         },
708                         {       /* tell receiver we are sending NDP counts */
709                                 .dependent_feat = DCCPF_SEND_NDP_COUNT,
710                                 .is_local       = true,
711                                 .is_mandatory   = false,
712                                 .val            = 1
713                         },
714                         { 0, 0, 0, 0 }
715                 }
716         };
717         switch (ccid) {
718         case DCCPC_CCID2:
719                 return ccid2_dependencies[is_local];
720         case DCCPC_CCID3:
721                 return ccid3_dependencies[is_local];
722         default:
723                 return NULL;
724         }
725 }
726
727 /**
728  * dccp_feat_propagate_ccid - Resolve dependencies of features on choice of CCID
729  * @fn: feature-negotiation list to update
730  * @id: CCID number to track
731  * @is_local: whether TX CCID (1) or RX CCID (0) is meant
732  * This function needs to be called after registering all other features.
733  */
734 static int dccp_feat_propagate_ccid(struct list_head *fn, u8 id, bool is_local)
735 {
736         const struct ccid_dependency *table = dccp_feat_ccid_deps(id, is_local);
737         int i, rc = (table == NULL);
738
739         for (i = 0; rc == 0 && table[i].dependent_feat != DCCPF_RESERVED; i++)
740                 if (dccp_feat_type(table[i].dependent_feat) == FEAT_SP)
741                         rc = __feat_register_sp(fn, table[i].dependent_feat,
742                                                     table[i].is_local,
743                                                     table[i].is_mandatory,
744                                                     &table[i].val, 1);
745                 else
746                         rc = __feat_register_nn(fn, table[i].dependent_feat,
747                                                     table[i].is_mandatory,
748                                                     table[i].val);
749         return rc;
750 }
751
752 /**
753  * dccp_feat_finalise_settings  -  Finalise settings before starting negotiation
754  * @dp: client or listening socket (settings will be inherited)
755  * This is called after all registrations (socket initialisation, sysctls, and
756  * sockopt calls), and before sending the first packet containing Change options
757  * (ie. client-Request or server-Response), to ensure internal consistency.
758  */
759 int dccp_feat_finalise_settings(struct dccp_sock *dp)
760 {
761         struct list_head *fn = &dp->dccps_featneg;
762         struct dccp_feat_entry *entry;
763         int i = 2, ccids[2] = { -1, -1 };
764
765         /*
766          * Propagating CCIDs:
767          * 1) not useful to propagate CCID settings if this host advertises more
768          *    than one CCID: the choice of CCID  may still change - if this is
769          *    the client, or if this is the server and the client sends
770          *    singleton CCID values.
771          * 2) since is that propagate_ccid changes the list, we defer changing
772          *    the sorted list until after the traversal.
773          */
774         list_for_each_entry(entry, fn, node)
775                 if (entry->feat_num == DCCPF_CCID && entry->val.sp.len == 1)
776                         ccids[entry->is_local] = entry->val.sp.vec[0];
777         while (i--)
778                 if (ccids[i] > 0 && dccp_feat_propagate_ccid(fn, ccids[i], i))
779                         return -1;
780         return 0;
781 }
782
783 /**
784  * dccp_feat_server_ccid_dependencies  -  Resolve CCID-dependent features
785  * It is the server which resolves the dependencies once the CCID has been
786  * fully negotiated. If no CCID has been negotiated, it uses the default CCID.
787  */
788 int dccp_feat_server_ccid_dependencies(struct dccp_request_sock *dreq)
789 {
790         struct list_head *fn = &dreq->dreq_featneg;
791         struct dccp_feat_entry *entry;
792         u8 is_local, ccid;
793
794         for (is_local = 0; is_local <= 1; is_local++) {
795                 entry = dccp_feat_list_lookup(fn, DCCPF_CCID, is_local);
796
797                 if (entry != NULL && !entry->empty_confirm)
798                         ccid = entry->val.sp.vec[0];
799                 else
800                         ccid = dccp_feat_default_value(DCCPF_CCID);
801
802                 if (dccp_feat_propagate_ccid(fn, ccid, is_local))
803                         return -1;
804         }
805         return 0;
806 }
807
808 static int dccp_feat_update_ccid(struct sock *sk, u8 type, u8 new_ccid_nr)
809 {
810         struct dccp_sock *dp = dccp_sk(sk);
811         struct dccp_minisock *dmsk = dccp_msk(sk);
812         /* figure out if we are changing our CCID or the peer's */
813         const int rx = type == DCCPO_CHANGE_R;
814         const u8 ccid_nr = rx ? dmsk->dccpms_rx_ccid : dmsk->dccpms_tx_ccid;
815         struct ccid *new_ccid;
816
817         /* Check if nothing is being changed. */
818         if (ccid_nr == new_ccid_nr)
819                 return 0;
820
821         new_ccid = ccid_new(new_ccid_nr, sk, rx, GFP_ATOMIC);
822         if (new_ccid == NULL)
823                 return -ENOMEM;
824
825         if (rx) {
826                 ccid_hc_rx_delete(dp->dccps_hc_rx_ccid, sk);
827                 dp->dccps_hc_rx_ccid = new_ccid;
828                 dmsk->dccpms_rx_ccid = new_ccid_nr;
829         } else {
830                 ccid_hc_tx_delete(dp->dccps_hc_tx_ccid, sk);
831                 dp->dccps_hc_tx_ccid = new_ccid;
832                 dmsk->dccpms_tx_ccid = new_ccid_nr;
833         }
834
835         return 0;
836 }
837
838 static int dccp_feat_update(struct sock *sk, u8 type, u8 feat, u8 val)
839 {
840         dccp_feat_debug(type, feat, val);
841
842         switch (feat) {
843         case DCCPF_CCID:
844                 return dccp_feat_update_ccid(sk, type, val);
845         default:
846                 dccp_pr_debug("UNIMPLEMENTED: %s(%d, ...)\n",
847                               dccp_feat_typename(type), feat);
848                 break;
849         }
850         return 0;
851 }
852
853 /* Select the first entry in @servlist that also occurs in @clilist (6.3.1) */
854 static int dccp_feat_preflist_match(u8 *servlist, u8 slen, u8 *clilist, u8 clen)
855 {
856         u8 c, s;
857
858         for (s = 0; s < slen; s++)
859                 for (c = 0; c < clen; c++)
860                         if (servlist[s] == clilist[c])
861                                 return servlist[s];
862         return -1;
863 }
864
865 /**
866  * dccp_feat_prefer  -  Move preferred entry to the start of array
867  * Reorder the @array_len elements in @array so that @preferred_value comes
868  * first. Returns >0 to indicate that @preferred_value does occur in @array.
869  */
870 static u8 dccp_feat_prefer(u8 preferred_value, u8 *array, u8 array_len)
871 {
872         u8 i, does_occur = 0;
873
874         if (array != NULL) {
875                 for (i = 0; i < array_len; i++)
876                         if (array[i] == preferred_value) {
877                                 array[i] = array[0];
878                                 does_occur++;
879                         }
880                 if (does_occur)
881                         array[0] = preferred_value;
882         }
883         return does_occur;
884 }
885
886 /**
887  * dccp_feat_reconcile  -  Reconcile SP preference lists
888  *  @fval: SP list to reconcile into
889  *  @arr: received SP preference list
890  *  @len: length of @arr in bytes
891  *  @is_server: whether this side is the server (and @fv is the server's list)
892  *  @reorder: whether to reorder the list in @fv after reconciling with @arr
893  * When successful, > 0 is returned and the reconciled list is in @fval.
894  * A value of 0 means that negotiation failed (no shared entry).
895  */
896 static int dccp_feat_reconcile(dccp_feat_val *fv, u8 *arr, u8 len,
897                                bool is_server, bool reorder)
898 {
899         int rc;
900
901         if (!fv->sp.vec || !arr) {
902                 DCCP_CRIT("NULL feature value or array");
903                 return 0;
904         }
905
906         if (is_server)
907                 rc = dccp_feat_preflist_match(fv->sp.vec, fv->sp.len, arr, len);
908         else
909                 rc = dccp_feat_preflist_match(arr, len, fv->sp.vec, fv->sp.len);
910
911         if (!reorder)
912                 return rc;
913         if (rc < 0)
914                 return 0;
915
916         /*
917          * Reorder list: used for activating features and in dccp_insert_fn_opt.
918          */
919         return dccp_feat_prefer(rc, fv->sp.vec, fv->sp.len);
920 }
921
922 #ifdef __this_is_the_old_framework_and_will_be_removed_later_in_a_subsequent_patch
923 static int dccp_feat_reconcile(struct sock *sk, struct dccp_opt_pend *opt,
924                                u8 *rpref, u8 rlen)
925 {
926         struct dccp_sock *dp = dccp_sk(sk);
927         u8 *spref, slen, *res = NULL;
928         int i, j, rc, agree = 1;
929
930         BUG_ON(rpref == NULL);
931
932         /* check if we are the black sheep */
933         if (dp->dccps_role == DCCP_ROLE_CLIENT) {
934                 spref = rpref;
935                 slen  = rlen;
936                 rpref = opt->dccpop_val;
937                 rlen  = opt->dccpop_len;
938         } else {
939                 spref = opt->dccpop_val;
940                 slen  = opt->dccpop_len;
941         }
942         /*
943          * Now we have server preference list in spref and client preference in
944          * rpref
945          */
946         BUG_ON(spref == NULL);
947         BUG_ON(rpref == NULL);
948
949         /* FIXME sanity check vals */
950
951         /* Are values in any order?  XXX Lame "algorithm" here */
952         for (i = 0; i < slen; i++) {
953                 for (j = 0; j < rlen; j++) {
954                         if (spref[i] == rpref[j]) {
955                                 res = &spref[i];
956                                 break;
957                         }
958                 }
959                 if (res)
960                         break;
961         }
962
963         /* we didn't agree on anything */
964         if (res == NULL) {
965                 /* confirm previous value */
966                 switch (opt->dccpop_feat) {
967                 case DCCPF_CCID:
968                         /* XXX did i get this right? =P */
969                         if (opt->dccpop_type == DCCPO_CHANGE_L)
970                                 res = &dccp_msk(sk)->dccpms_tx_ccid;
971                         else
972                                 res = &dccp_msk(sk)->dccpms_rx_ccid;
973                         break;
974
975                 default:
976                         DCCP_BUG("Fell through, feat=%d", opt->dccpop_feat);
977                         /* XXX implement res */
978                         return -EFAULT;
979                 }
980
981                 dccp_pr_debug("Don't agree... reconfirming %d\n", *res);
982                 agree = 0; /* this is used for mandatory options... */
983         }
984
985         /* need to put result and our preference list */
986         rlen = 1 + opt->dccpop_len;
987         rpref = kmalloc(rlen, GFP_ATOMIC);
988         if (rpref == NULL)
989                 return -ENOMEM;
990
991         *rpref = *res;
992         memcpy(&rpref[1], opt->dccpop_val, opt->dccpop_len);
993
994         /* put it in the "confirm queue" */
995         if (opt->dccpop_sc == NULL) {
996                 opt->dccpop_sc = kmalloc(sizeof(*opt->dccpop_sc), GFP_ATOMIC);
997                 if (opt->dccpop_sc == NULL) {
998                         kfree(rpref);
999                         return -ENOMEM;
1000                 }
1001         } else {
1002                 /* recycle the confirm slot */
1003                 BUG_ON(opt->dccpop_sc->dccpoc_val == NULL);
1004                 kfree(opt->dccpop_sc->dccpoc_val);
1005                 dccp_pr_debug("recycling confirm slot\n");
1006         }
1007         memset(opt->dccpop_sc, 0, sizeof(*opt->dccpop_sc));
1008
1009         opt->dccpop_sc->dccpoc_val = rpref;
1010         opt->dccpop_sc->dccpoc_len = rlen;
1011
1012         /* update the option on our side [we are about to send the confirm] */
1013         rc = dccp_feat_update(sk, opt->dccpop_type, opt->dccpop_feat, *res);
1014         if (rc) {
1015                 kfree(opt->dccpop_sc->dccpoc_val);
1016                 kfree(opt->dccpop_sc);
1017                 opt->dccpop_sc = NULL;
1018                 return rc;
1019         }
1020
1021         dccp_pr_debug("Will confirm %d\n", *rpref);
1022
1023         /* say we want to change to X but we just got a confirm X, suppress our
1024          * change
1025          */
1026         if (!opt->dccpop_conf) {
1027                 if (*opt->dccpop_val == *res)
1028                         opt->dccpop_conf = 1;
1029                 dccp_pr_debug("won't ask for change of same feature\n");
1030         }
1031
1032         return agree ? 0 : DCCP_FEAT_SP_NOAGREE; /* used for mandatory opts */
1033 }
1034
1035 static int dccp_feat_sp(struct sock *sk, u8 type, u8 feature, u8 *val, u8 len)
1036 {
1037         struct dccp_minisock *dmsk = dccp_msk(sk);
1038         struct dccp_opt_pend *opt;
1039         int rc = 1;
1040         u8 t;
1041
1042         /*
1043          * We received a CHANGE.  We gotta match it against our own preference
1044          * list.  If we got a CHANGE_R it means it's a change for us, so we need
1045          * to compare our CHANGE_L list.
1046          */
1047         if (type == DCCPO_CHANGE_L)
1048                 t = DCCPO_CHANGE_R;
1049         else
1050                 t = DCCPO_CHANGE_L;
1051
1052         /* find our preference list for this feature */
1053         list_for_each_entry(opt, &dmsk->dccpms_pending, dccpop_node) {
1054                 if (opt->dccpop_type != t || opt->dccpop_feat != feature)
1055                         continue;
1056
1057                 /* find the winner from the two preference lists */
1058                 rc = dccp_feat_reconcile(sk, opt, val, len);
1059                 break;
1060         }
1061
1062         /* We didn't deal with the change.  This can happen if we have no
1063          * preference list for the feature.  In fact, it just shouldn't
1064          * happen---if we understand a feature, we should have a preference list
1065          * with at least the default value.
1066          */
1067         BUG_ON(rc == 1);
1068
1069         return rc;
1070 }
1071
1072 static int dccp_feat_nn(struct sock *sk, u8 type, u8 feature, u8 *val, u8 len)
1073 {
1074         struct dccp_opt_pend *opt;
1075         struct dccp_minisock *dmsk = dccp_msk(sk);
1076         u8 *copy;
1077         int rc;
1078
1079         /* NN features must be Change L (sec. 6.3.2) */
1080         if (type != DCCPO_CHANGE_L) {
1081                 dccp_pr_debug("received %s for NN feature %d\n",
1082                                 dccp_feat_typename(type), feature);
1083                 return -EFAULT;
1084         }
1085
1086         /* XXX sanity check opt val */
1087
1088         /* copy option so we can confirm it */
1089         opt = kzalloc(sizeof(*opt), GFP_ATOMIC);
1090         if (opt == NULL)
1091                 return -ENOMEM;
1092
1093         copy = kmemdup(val, len, GFP_ATOMIC);
1094         if (copy == NULL) {
1095                 kfree(opt);
1096                 return -ENOMEM;
1097         }
1098
1099         opt->dccpop_type = DCCPO_CONFIRM_R; /* NN can only confirm R */
1100         opt->dccpop_feat = feature;
1101         opt->dccpop_val  = copy;
1102         opt->dccpop_len  = len;
1103
1104         /* change feature */
1105         rc = dccp_feat_update(sk, type, feature, *val);
1106         if (rc) {
1107                 kfree(opt->dccpop_val);
1108                 kfree(opt);
1109                 return rc;
1110         }
1111
1112         dccp_feat_debug(type, feature, *copy);
1113
1114         list_add_tail(&opt->dccpop_node, &dmsk->dccpms_conf);
1115
1116         return 0;
1117 }
1118
1119 static void dccp_feat_empty_confirm(struct dccp_minisock *dmsk,
1120                                     u8 type, u8 feature)
1121 {
1122         /* XXX check if other confirms for that are queued and recycle slot */
1123         struct dccp_opt_pend *opt = kzalloc(sizeof(*opt), GFP_ATOMIC);
1124
1125         if (opt == NULL) {
1126                 /* XXX what do we do?  Ignoring should be fine.  It's a change
1127                  * after all =P
1128                  */
1129                 return;
1130         }
1131
1132         switch (type) {
1133         case DCCPO_CHANGE_L:
1134                 opt->dccpop_type = DCCPO_CONFIRM_R;
1135                 break;
1136         case DCCPO_CHANGE_R:
1137                 opt->dccpop_type = DCCPO_CONFIRM_L;
1138                 break;
1139         default:
1140                 DCCP_WARN("invalid type %d\n", type);
1141                 kfree(opt);
1142                 return;
1143         }
1144         opt->dccpop_feat = feature;
1145         opt->dccpop_val  = NULL;
1146         opt->dccpop_len  = 0;
1147
1148         /* change feature */
1149         dccp_pr_debug("Empty %s(%d)\n", dccp_feat_typename(type), feature);
1150
1151         list_add_tail(&opt->dccpop_node, &dmsk->dccpms_conf);
1152 }
1153
1154 static void dccp_feat_flush_confirm(struct sock *sk)
1155 {
1156         struct dccp_minisock *dmsk = dccp_msk(sk);
1157         /* Check if there is anything to confirm in the first place */
1158         int yes = !list_empty(&dmsk->dccpms_conf);
1159
1160         if (!yes) {
1161                 struct dccp_opt_pend *opt;
1162
1163                 list_for_each_entry(opt, &dmsk->dccpms_pending, dccpop_node) {
1164                         if (opt->dccpop_conf) {
1165                                 yes = 1;
1166                                 break;
1167                         }
1168                 }
1169         }
1170
1171         if (!yes)
1172                 return;
1173
1174         /* OK there is something to confirm... */
1175         /* XXX check if packet is in flight?  Send delayed ack?? */
1176         if (sk->sk_state == DCCP_OPEN)
1177                 dccp_send_ack(sk);
1178 }
1179
1180 int dccp_feat_change_recv(struct sock *sk, u8 type, u8 feature, u8 *val, u8 len)
1181 {
1182         int rc;
1183
1184         /* Ignore Change requests other than during connection setup */
1185         if (sk->sk_state != DCCP_LISTEN && sk->sk_state != DCCP_REQUESTING)
1186                 return 0;
1187         dccp_feat_debug(type, feature, *val);
1188
1189         /* figure out if it's SP or NN feature */
1190         switch (feature) {
1191         /* deal with SP features */
1192         case DCCPF_CCID:
1193                 /* XXX Obsoleted by next patch
1194                 rc = dccp_feat_sp(sk, type, feature, val, len); */
1195                 break;
1196
1197         /* deal with NN features */
1198         case DCCPF_ACK_RATIO:
1199                 /* XXX Obsoleted by next patch
1200                 rc = dccp_feat_nn(sk, type, feature, val, len); */
1201                 break;
1202
1203         /* XXX implement other features */
1204         default:
1205                 dccp_pr_debug("UNIMPLEMENTED: not handling %s(%d, ...)\n",
1206                               dccp_feat_typename(type), feature);
1207                 rc = -EFAULT;
1208                 break;
1209         }
1210
1211         /* check if there were problems changing features */
1212         if (rc) {
1213                 /* If we don't agree on SP, we sent a confirm for old value.
1214                  * However we propagate rc to caller in case option was
1215                  * mandatory
1216                  */
1217                 if (rc != DCCP_FEAT_SP_NOAGREE)
1218                         dccp_feat_empty_confirm(dccp_msk(sk), type, feature);
1219         }
1220
1221         /* generate the confirm [if required] */
1222         dccp_feat_flush_confirm(sk);
1223
1224         return rc;
1225 }
1226
1227 EXPORT_SYMBOL_GPL(dccp_feat_change_recv);
1228
1229 int dccp_feat_confirm_recv(struct sock *sk, u8 type, u8 feature,
1230                            u8 *val, u8 len)
1231 {
1232         u8 t;
1233         struct dccp_opt_pend *opt;
1234         struct dccp_minisock *dmsk = dccp_msk(sk);
1235         int found = 0;
1236         int all_confirmed = 1;
1237
1238         /* Ignore Confirm options other than during connection setup */
1239         if (sk->sk_state != DCCP_LISTEN && sk->sk_state != DCCP_REQUESTING)
1240                 return 0;
1241         dccp_feat_debug(type, feature, *val);
1242
1243         /* locate our change request */
1244         switch (type) {
1245         case DCCPO_CONFIRM_L: t = DCCPO_CHANGE_R; break;
1246         case DCCPO_CONFIRM_R: t = DCCPO_CHANGE_L; break;
1247         default:              DCCP_WARN("invalid type %d\n", type);
1248                               return 1;
1249
1250         }
1251         /* XXX sanity check feature value */
1252
1253         list_for_each_entry(opt, &dmsk->dccpms_pending, dccpop_node) {
1254                 if (!opt->dccpop_conf && opt->dccpop_type == t &&
1255                     opt->dccpop_feat == feature) {
1256                         found = 1;
1257                         dccp_pr_debug("feature %d found\n", opt->dccpop_feat);
1258
1259                         /* XXX do sanity check */
1260
1261                         opt->dccpop_conf = 1;
1262
1263                         /* We got a confirmation---change the option */
1264                         dccp_feat_update(sk, opt->dccpop_type,
1265                                          opt->dccpop_feat, *val);
1266
1267                         /* XXX check the return value of dccp_feat_update */
1268                         break;
1269                 }
1270
1271                 if (!opt->dccpop_conf)
1272                         all_confirmed = 0;
1273         }
1274
1275         if (!found)
1276                 dccp_pr_debug("%s(%d, ...) never requested\n",
1277                               dccp_feat_typename(type), feature);
1278         return 0;
1279 }
1280
1281 EXPORT_SYMBOL_GPL(dccp_feat_confirm_recv);
1282 #endif  /* (later) */
1283
1284 void dccp_feat_clean(struct dccp_minisock *dmsk)
1285 {
1286         struct dccp_opt_pend *opt, *next;
1287
1288         list_for_each_entry_safe(opt, next, &dmsk->dccpms_pending,
1289                                  dccpop_node) {
1290                 BUG_ON(opt->dccpop_val == NULL);
1291                 kfree(opt->dccpop_val);
1292
1293                 if (opt->dccpop_sc != NULL) {
1294                         BUG_ON(opt->dccpop_sc->dccpoc_val == NULL);
1295                         kfree(opt->dccpop_sc->dccpoc_val);
1296                         kfree(opt->dccpop_sc);
1297                 }
1298
1299                 kfree(opt);
1300         }
1301         INIT_LIST_HEAD(&dmsk->dccpms_pending);
1302
1303         list_for_each_entry_safe(opt, next, &dmsk->dccpms_conf, dccpop_node) {
1304                 BUG_ON(opt == NULL);
1305                 if (opt->dccpop_val != NULL)
1306                         kfree(opt->dccpop_val);
1307                 kfree(opt);
1308         }
1309         INIT_LIST_HEAD(&dmsk->dccpms_conf);
1310 }
1311
1312 EXPORT_SYMBOL_GPL(dccp_feat_clean);
1313
1314 /* this is to be called only when a listening sock creates its child.  It is
1315  * assumed by the function---the confirm is not duplicated, but rather it is
1316  * "passed on".
1317  */
1318 int dccp_feat_clone(struct sock *oldsk, struct sock *newsk)
1319 {
1320         struct dccp_minisock *olddmsk = dccp_msk(oldsk);
1321         struct dccp_minisock *newdmsk = dccp_msk(newsk);
1322         struct dccp_opt_pend *opt;
1323         int rc = 0;
1324
1325         INIT_LIST_HEAD(&newdmsk->dccpms_pending);
1326         INIT_LIST_HEAD(&newdmsk->dccpms_conf);
1327
1328         list_for_each_entry(opt, &olddmsk->dccpms_pending, dccpop_node) {
1329                 struct dccp_opt_pend *newopt;
1330                 /* copy the value of the option */
1331                 u8 *val = kmemdup(opt->dccpop_val, opt->dccpop_len, GFP_ATOMIC);
1332
1333                 if (val == NULL)
1334                         goto out_clean;
1335
1336                 newopt = kmemdup(opt, sizeof(*newopt), GFP_ATOMIC);
1337                 if (newopt == NULL) {
1338                         kfree(val);
1339                         goto out_clean;
1340                 }
1341
1342                 /* insert the option */
1343                 newopt->dccpop_val = val;
1344                 list_add_tail(&newopt->dccpop_node, &newdmsk->dccpms_pending);
1345
1346                 /* XXX what happens with backlogs and multiple connections at
1347                  * once...
1348                  */
1349                 /* the master socket no longer needs to worry about confirms */
1350                 opt->dccpop_sc = NULL; /* it's not a memleak---new socket has it */
1351
1352                 /* reset state for a new socket */
1353                 opt->dccpop_conf = 0;
1354         }
1355
1356         /* XXX not doing anything about the conf queue */
1357
1358 out:
1359         return rc;
1360
1361 out_clean:
1362         dccp_feat_clean(newdmsk);
1363         rc = -ENOMEM;
1364         goto out;
1365 }
1366
1367 EXPORT_SYMBOL_GPL(dccp_feat_clone);
1368
1369 /**
1370  * dccp_feat_change_recv  -  Process incoming ChangeL/R options
1371  * @fn: feature-negotiation list to update
1372  * @is_mandatory: whether the Change was preceded by a Mandatory option
1373  * @opt: %DCCPO_CHANGE_L or %DCCPO_CHANGE_R
1374  * @feat: one of %dccp_feature_numbers
1375  * @val: NN value or SP value/preference list
1376  * @len: length of @val in bytes
1377  * @server: whether this node is the server (1) or the client (0)
1378  */
1379 static u8 dccp_feat_change_recv(struct list_head *fn, u8 is_mandatory, u8 opt,
1380                                 u8 feat, u8 *val, u8 len, const bool server)
1381 {
1382         u8 defval, type = dccp_feat_type(feat);
1383         const bool local = (opt == DCCPO_CHANGE_R);
1384         struct dccp_feat_entry *entry;
1385         dccp_feat_val fval;
1386
1387         if (len == 0 || type == FEAT_UNKNOWN)           /* 6.1 and 6.6.8 */
1388                 goto unknown_feature_or_value;
1389
1390         /*
1391          *      Negotiation of NN features: Change R is invalid, so there is no
1392          *      simultaneous negotiation; hence we do not look up in the list.
1393          */
1394         if (type == FEAT_NN) {
1395                 if (local || len > sizeof(fval.nn))
1396                         goto unknown_feature_or_value;
1397
1398                 /* 6.3.2: "The feature remote MUST accept any valid value..." */
1399                 fval.nn = dccp_decode_value_var(val, len);
1400                 if (!dccp_feat_is_valid_nn_val(feat, fval.nn))
1401                         goto unknown_feature_or_value;
1402
1403                 return dccp_feat_push_confirm(fn, feat, local, &fval);
1404         }
1405
1406         /*
1407          *      Unidirectional/simultaneous negotiation of SP features (6.3.1)
1408          */
1409         entry = dccp_feat_list_lookup(fn, feat, local);
1410         if (entry == NULL) {
1411                 /*
1412                  * No particular preferences have been registered. We deal with
1413                  * this situation by assuming that all valid values are equally
1414                  * acceptable, and apply the following checks:
1415                  * - if the peer's list is a singleton, we accept a valid value;
1416                  * - if we are the server, we first try to see if the peer (the
1417                  *   client) advertises the default value. If yes, we use it,
1418                  *   otherwise we accept the preferred value;
1419                  * - else if we are the client, we use the first list element.
1420                  */
1421                 if (dccp_feat_clone_sp_val(&fval, val, 1))
1422                         return DCCP_RESET_CODE_TOO_BUSY;
1423
1424                 if (len > 1 && server) {
1425                         defval = dccp_feat_default_value(feat);
1426                         if (dccp_feat_preflist_match(&defval, 1, val, len) > -1)
1427                                 fval.sp.vec[0] = defval;
1428                 } else if (!dccp_feat_is_valid_sp_val(feat, fval.sp.vec[0])) {
1429                         kfree(fval.sp.vec);
1430                         goto unknown_feature_or_value;
1431                 }
1432
1433                 /* Treat unsupported CCIDs like invalid values */
1434                 if (feat == DCCPF_CCID && !ccid_support_check(fval.sp.vec, 1)) {
1435                         kfree(fval.sp.vec);
1436                         goto not_valid_or_not_known;
1437                 }
1438
1439                 return dccp_feat_push_confirm(fn, feat, local, &fval);
1440
1441         } else if (entry->state == FEAT_UNSTABLE) {     /* 6.6.2 */
1442                 return 0;
1443         }
1444
1445         if (dccp_feat_reconcile(&entry->val, val, len, server, true)) {
1446                 entry->empty_confirm = 0;
1447         } else if (is_mandatory) {
1448                 return DCCP_RESET_CODE_MANDATORY_ERROR;
1449         } else if (entry->state == FEAT_INITIALISING) {
1450                 /*
1451                  * Failed simultaneous negotiation (server only): try to `save'
1452                  * the connection by checking whether entry contains the default
1453                  * value for @feat. If yes, send an empty Confirm to signal that
1454                  * the received Change was not understood - which implies using
1455                  * the default value.
1456                  * If this also fails, we use Reset as the last resort.
1457                  */
1458                 WARN_ON(!server);
1459                 defval = dccp_feat_default_value(feat);
1460                 if (!dccp_feat_reconcile(&entry->val, &defval, 1, server, true))
1461                         return DCCP_RESET_CODE_OPTION_ERROR;
1462                 entry->empty_confirm = 1;
1463         }
1464         entry->needs_confirm   = 1;
1465         entry->needs_mandatory = 0;
1466         entry->state           = FEAT_STABLE;
1467         return 0;
1468
1469 unknown_feature_or_value:
1470         if (!is_mandatory)
1471                 return dccp_push_empty_confirm(fn, feat, local);
1472
1473 not_valid_or_not_known:
1474         return is_mandatory ? DCCP_RESET_CODE_MANDATORY_ERROR
1475                             : DCCP_RESET_CODE_OPTION_ERROR;
1476 }
1477
1478 /**
1479  * dccp_feat_confirm_recv  -  Process received Confirm options
1480  * @fn: feature-negotiation list to update
1481  * @is_mandatory: whether @opt was preceded by a Mandatory option
1482  * @opt: %DCCPO_CONFIRM_L or %DCCPO_CONFIRM_R
1483  * @feat: one of %dccp_feature_numbers
1484  * @val: NN value or SP value/preference list
1485  * @len: length of @val in bytes
1486  * @server: whether this node is server (1) or client (0)
1487  */
1488 static u8 dccp_feat_confirm_recv(struct list_head *fn, u8 is_mandatory, u8 opt,
1489                                  u8 feat, u8 *val, u8 len, const bool server)
1490 {
1491         u8 *plist, plen, type = dccp_feat_type(feat);
1492         const bool local = (opt == DCCPO_CONFIRM_R);
1493         struct dccp_feat_entry *entry = dccp_feat_list_lookup(fn, feat, local);
1494
1495         if (entry == NULL) {    /* nothing queued: ignore or handle error */
1496                 if (is_mandatory && type == FEAT_UNKNOWN)
1497                         return DCCP_RESET_CODE_MANDATORY_ERROR;
1498
1499                 if (!local && type == FEAT_NN)          /* 6.3.2 */
1500                         goto confirmation_failed;
1501                 return 0;
1502         }
1503
1504         if (entry->state != FEAT_CHANGING)              /* 6.6.2 */
1505                 return 0;
1506
1507         if (len == 0) {
1508                 if (dccp_feat_must_be_understood(feat)) /* 6.6.7 */
1509                         goto confirmation_failed;
1510                 /*
1511                  * Empty Confirm during connection setup: this means reverting
1512                  * to the `old' value, which in this case is the default. Since
1513                  * we handle default values automatically when no other values
1514                  * have been set, we revert to the old value by removing this
1515                  * entry from the list.
1516                  */
1517                 dccp_feat_list_pop(entry);
1518                 return 0;
1519         }
1520
1521         if (type == FEAT_NN) {
1522                 if (len > sizeof(entry->val.nn))
1523                         goto confirmation_failed;
1524
1525                 if (entry->val.nn == dccp_decode_value_var(val, len))
1526                         goto confirmation_succeeded;
1527
1528                 DCCP_WARN("Bogus Confirm for non-existing value\n");
1529                 goto confirmation_failed;
1530         }
1531
1532         /*
1533          * Parsing SP Confirms: the first element of @val is the preferred
1534          * SP value which the peer confirms, the remainder depends on @len.
1535          * Note that only the confirmed value need to be a valid SP value.
1536          */
1537         if (!dccp_feat_is_valid_sp_val(feat, *val))
1538                 goto confirmation_failed;
1539
1540         if (len == 1) {         /* peer didn't supply a preference list */
1541                 plist = val;
1542                 plen  = len;
1543         } else {                /* preferred value + preference list */
1544                 plist = val + 1;
1545                 plen  = len - 1;
1546         }
1547
1548         /* Check whether the peer got the reconciliation right (6.6.8) */
1549         if (dccp_feat_reconcile(&entry->val, plist, plen, server, 0) != *val) {
1550                 DCCP_WARN("Confirm selected the wrong value %u\n", *val);
1551                 return DCCP_RESET_CODE_OPTION_ERROR;
1552         }
1553         entry->val.sp.vec[0] = *val;
1554
1555 confirmation_succeeded:
1556         entry->state = FEAT_STABLE;
1557         return 0;
1558
1559 confirmation_failed:
1560         DCCP_WARN("Confirmation failed\n");
1561         return is_mandatory ? DCCP_RESET_CODE_MANDATORY_ERROR
1562                             : DCCP_RESET_CODE_OPTION_ERROR;
1563 }
1564
1565 /**
1566  * dccp_feat_parse_options  -  Process Feature-Negotiation Options
1567  * @sk: for general use and used by the client during connection setup
1568  * @dreq: used by the server during connection setup
1569  * @mandatory: whether @opt was preceded by a Mandatory option
1570  * @opt: %DCCPO_CHANGE_L | %DCCPO_CHANGE_R | %DCCPO_CONFIRM_L | %DCCPO_CONFIRM_R
1571  * @feat: one of %dccp_feature_numbers
1572  * @val: value contents of @opt
1573  * @len: length of @val in bytes
1574  * Returns 0 on success, a Reset code for ending the connection otherwise.
1575  */
1576 int dccp_feat_parse_options(struct sock *sk, struct dccp_request_sock *dreq,
1577                             u8 mandatory, u8 opt, u8 feat, u8 *val, u8 len)
1578 {
1579         struct dccp_sock *dp = dccp_sk(sk);
1580         struct list_head *fn = dreq ? &dreq->dreq_featneg : &dp->dccps_featneg;
1581         bool server = false;
1582
1583         switch (sk->sk_state) {
1584         /*
1585          *      Negotiation during connection setup
1586          */
1587         case DCCP_LISTEN:
1588                 server = true;                  /* fall through */
1589         case DCCP_REQUESTING:
1590                 switch (opt) {
1591                 case DCCPO_CHANGE_L:
1592                 case DCCPO_CHANGE_R:
1593                         return dccp_feat_change_recv(fn, mandatory, opt, feat,
1594                                                      val, len, server);
1595                 case DCCPO_CONFIRM_R:
1596                 case DCCPO_CONFIRM_L:
1597                         return dccp_feat_confirm_recv(fn, mandatory, opt, feat,
1598                                                       val, len, server);
1599                 }
1600         }
1601         return 0;       /* ignore FN options in all other states */
1602 }
1603
1604 int dccp_feat_init(struct sock *sk)
1605 {
1606         struct dccp_sock *dp = dccp_sk(sk);
1607         struct dccp_minisock *dmsk = dccp_msk(sk);
1608         int rc;
1609
1610         INIT_LIST_HEAD(&dmsk->dccpms_pending);  /* XXX no longer used */
1611         INIT_LIST_HEAD(&dmsk->dccpms_conf);     /* XXX no longer used */
1612
1613         /* CCID L */
1614         rc = __feat_register_sp(&dp->dccps_featneg, DCCPF_CCID, 1, 0,
1615                                 &dmsk->dccpms_tx_ccid, 1);
1616         if (rc)
1617                 goto out;
1618
1619         /* CCID R */
1620         rc = __feat_register_sp(&dp->dccps_featneg, DCCPF_CCID, 0, 0,
1621                                 &dmsk->dccpms_rx_ccid, 1);
1622         if (rc)
1623                 goto out;
1624
1625         /* Ack ratio */
1626         rc = __feat_register_nn(&dp->dccps_featneg, DCCPF_ACK_RATIO, 0,
1627                                 dp->dccps_l_ack_ratio);
1628 out:
1629         return rc;
1630 }
1631
1632 EXPORT_SYMBOL_GPL(dccp_feat_init);
1633
1634 int dccp_feat_activate_values(struct sock *sk, struct list_head *fn_list)
1635 {
1636         struct dccp_sock *dp = dccp_sk(sk);
1637         struct dccp_feat_entry *cur, *next;
1638         int idx;
1639         dccp_feat_val *fvals[DCCP_FEAT_SUPPORTED_MAX][2] = {
1640                  [0 ... DCCP_FEAT_SUPPORTED_MAX-1] = { NULL, NULL }
1641         };
1642
1643         list_for_each_entry(cur, fn_list, node) {
1644                 /*
1645                  * An empty Confirm means that either an unknown feature type
1646                  * or an invalid value was present. In the first case there is
1647                  * nothing to activate, in the other the default value is used.
1648                  */
1649                 if (cur->empty_confirm)
1650                         continue;
1651
1652                 idx = dccp_feat_index(cur->feat_num);
1653                 if (idx < 0) {
1654                         DCCP_BUG("Unknown feature %u", cur->feat_num);
1655                         goto activation_failed;
1656                 }
1657                 if (cur->state != FEAT_STABLE) {
1658                         DCCP_CRIT("Negotiation of %s %u failed in state %u",
1659                                   cur->is_local ? "local" : "remote",
1660                                   cur->feat_num, cur->state);
1661                         goto activation_failed;
1662                 }
1663                 fvals[idx][cur->is_local] = &cur->val;
1664         }
1665
1666         /*
1667          * Activate in decreasing order of index, so that the CCIDs are always
1668          * activated as the last feature. This avoids the case where a CCID
1669          * relies on the initialisation of one or more features that it depends
1670          * on (e.g. Send NDP Count, Send Ack Vector, and Ack Ratio features).
1671          */
1672         for (idx = DCCP_FEAT_SUPPORTED_MAX; --idx >= 0;)
1673                 if (__dccp_feat_activate(sk, idx, 0, fvals[idx][0]) ||
1674                     __dccp_feat_activate(sk, idx, 1, fvals[idx][1])) {
1675                         DCCP_CRIT("Could not activate %d", idx);
1676                         goto activation_failed;
1677                 }
1678
1679         /* Clean up Change options which have been confirmed already */
1680         list_for_each_entry_safe(cur, next, fn_list, node)
1681                 if (!cur->needs_confirm)
1682                         dccp_feat_list_pop(cur);
1683
1684         dccp_pr_debug("Activation OK\n");
1685         return 0;
1686
1687 activation_failed:
1688         /*
1689          * We clean up everything that may have been allocated, since
1690          * it is difficult to track at which stage negotiation failed.
1691          * This is ok, since all allocation functions below are robust
1692          * against NULL arguments.
1693          */
1694         ccid_hc_rx_delete(dp->dccps_hc_rx_ccid, sk);
1695         ccid_hc_tx_delete(dp->dccps_hc_tx_ccid, sk);
1696         dp->dccps_hc_rx_ccid = dp->dccps_hc_tx_ccid = NULL;
1697         dccp_ackvec_free(dp->dccps_hc_rx_ackvec);
1698         dp->dccps_hc_rx_ackvec = NULL;
1699         return -1;
1700 }
1701
1702 #ifdef CONFIG_IP_DCCP_DEBUG
1703 const char *dccp_feat_typename(const u8 type)
1704 {
1705         switch(type) {
1706         case DCCPO_CHANGE_L:  return("ChangeL");
1707         case DCCPO_CONFIRM_L: return("ConfirmL");
1708         case DCCPO_CHANGE_R:  return("ChangeR");
1709         case DCCPO_CONFIRM_R: return("ConfirmR");
1710         /* the following case must not appear in feature negotation  */
1711         default:              dccp_pr_debug("unknown type %d [BUG!]\n", type);
1712         }
1713         return NULL;
1714 }
1715
1716 EXPORT_SYMBOL_GPL(dccp_feat_typename);
1717
1718 const char *dccp_feat_name(const u8 feat)
1719 {
1720         static const char *feature_names[] = {
1721                 [DCCPF_RESERVED]        = "Reserved",
1722                 [DCCPF_CCID]            = "CCID",
1723                 [DCCPF_SHORT_SEQNOS]    = "Allow Short Seqnos",
1724                 [DCCPF_SEQUENCE_WINDOW] = "Sequence Window",
1725                 [DCCPF_ECN_INCAPABLE]   = "ECN Incapable",
1726                 [DCCPF_ACK_RATIO]       = "Ack Ratio",
1727                 [DCCPF_SEND_ACK_VECTOR] = "Send ACK Vector",
1728                 [DCCPF_SEND_NDP_COUNT]  = "Send NDP Count",
1729                 [DCCPF_MIN_CSUM_COVER]  = "Min. Csum Coverage",
1730                 [DCCPF_DATA_CHECKSUM]   = "Send Data Checksum",
1731         };
1732         if (feat > DCCPF_DATA_CHECKSUM && feat < DCCPF_MIN_CCID_SPECIFIC)
1733                 return feature_names[DCCPF_RESERVED];
1734
1735         if (feat ==  DCCPF_SEND_LEV_RATE)
1736                 return "Send Loss Event Rate";
1737         if (feat >= DCCPF_MIN_CCID_SPECIFIC)
1738                 return "CCID-specific";
1739
1740         return feature_names[feat];
1741 }
1742
1743 EXPORT_SYMBOL_GPL(dccp_feat_name);
1744 #endif /* CONFIG_IP_DCCP_DEBUG */