dccp: Remove obsolete parts of the old CCID interface
[linux-2.6.git] / net / dccp / feat.c
index d90caa7..a0d5891 100644 (file)
@@ -1,8 +1,12 @@
 /*
  *  net/dccp/feat.c
  *
- *  An implementation of the DCCP protocol
- *  Andrea Bittau <a.bittau@cs.ucl.ac.uk>
+ *  Feature negotiation for the DCCP protocol (RFC 4340, section 6)
+ *
+ *  Copyright (c) 2008 Gerrit Renker <gerrit@erg.abdn.ac.uk>
+ *  Rewrote from scratch, some bits from earlier code by
+ *  Copyright (c) 2005 Andrea Bittau <a.bittau@cs.ucl.ac.uk>
+ *
  *
  *  ASSUMPTIONS
  *  -----------
  *  as published by the Free Software Foundation; either version
  *  2 of the License, or (at your option) any later version.
  */
-
 #include <linux/module.h>
-
 #include "ccid.h"
 #include "feat.h"
 
-#define DCCP_FEAT_SP_NOAGREE (-123)
+/*
+ * Feature activation handlers.
+ *
+ * These all use an u64 argument, to provide enough room for NN/SP features. At
+ * this stage the negotiated values have been checked to be within their range.
+ */
+static int dccp_hdlr_ccid(struct sock *sk, u64 ccid, bool rx)
+{
+       struct dccp_sock *dp = dccp_sk(sk);
+       struct ccid *new_ccid = ccid_new(ccid, sk, rx, gfp_any());
+
+       if (new_ccid == NULL)
+               return -ENOMEM;
+
+       if (rx) {
+               ccid_hc_rx_delete(dp->dccps_hc_rx_ccid, sk);
+               dp->dccps_hc_rx_ccid = new_ccid;
+       } else {
+               ccid_hc_tx_delete(dp->dccps_hc_tx_ccid, sk);
+               dp->dccps_hc_tx_ccid = new_ccid;
+       }
+       return 0;
+}
+
+static int dccp_hdlr_seq_win(struct sock *sk, u64 seq_win, bool rx)
+{
+       if (!rx)
+               dccp_msk(sk)->dccpms_sequence_window = seq_win;
+       return 0;
+}
+
+static int dccp_hdlr_ack_ratio(struct sock *sk, u64 ratio, bool rx)
+{
+       if (rx)
+               dccp_sk(sk)->dccps_r_ack_ratio = ratio;
+       else
+               dccp_sk(sk)->dccps_l_ack_ratio = ratio;
+       return 0;
+}
+
+static int dccp_hdlr_ackvec(struct sock *sk, u64 enable, bool rx)
+{
+       struct dccp_sock *dp = dccp_sk(sk);
+
+       if (rx) {
+               if (enable && dp->dccps_hc_rx_ackvec == NULL) {
+                       dp->dccps_hc_rx_ackvec = dccp_ackvec_alloc(gfp_any());
+                       if (dp->dccps_hc_rx_ackvec == NULL)
+                               return -ENOMEM;
+               } else if (!enable) {
+                       dccp_ackvec_free(dp->dccps_hc_rx_ackvec);
+                       dp->dccps_hc_rx_ackvec = NULL;
+               }
+       }
+       return 0;
+}
+
+static int dccp_hdlr_ndp(struct sock *sk, u64 enable, bool rx)
+{
+       if (!rx)
+               dccp_msk(sk)->dccpms_send_ndp_count = (enable > 0);
+       return 0;
+}
+
+/*
+ * Minimum Checksum Coverage is located at the RX side (9.2.1). This means that
+ * `rx' holds when the sending peer informs about his partial coverage via a
+ * ChangeR() option. In the other case, we are the sender and the receiver
+ * announces its coverage via ChangeL() options. The policy here is to honour
+ * such communication by enabling the corresponding partial coverage - but only
+ * if it has not been set manually before; the warning here means that all
+ * packets will be dropped.
+ */
+static int dccp_hdlr_min_cscov(struct sock *sk, u64 cscov, bool rx)
+{
+       struct dccp_sock *dp = dccp_sk(sk);
+
+       if (rx)
+               dp->dccps_pcrlen = cscov;
+       else {
+               if (dp->dccps_pcslen == 0)
+                       dp->dccps_pcslen = cscov;
+               else if (cscov > dp->dccps_pcslen)
+                       DCCP_WARN("CsCov %u too small, peer requires >= %u\n",
+                                 dp->dccps_pcslen, (u8)cscov);
+       }
+       return 0;
+}
 
 static const struct {
        u8                      feat_num;               /* DCCPF_xxx */
        enum dccp_feat_type     rxtx;                   /* RX or TX  */
        enum dccp_feat_type     reconciliation;         /* SP or NN  */
        u8                      default_value;          /* as in 6.4 */
+       int (*activation_hdlr)(struct sock *sk, u64 val, bool rx);
 /*
  *    Lookup table for location and type of features (from RFC 4340/4342)
  *  +--------------------------+----+-----+----+----+---------+-----------+
@@ -49,16 +139,16 @@ static const struct {
  *  +--------------------------+----+-----+----+----+---------+-----------+
  */
 } dccp_feat_table[] = {
-       { DCCPF_CCID,            FEAT_AT_TX, FEAT_SP, 2 },
-       { DCCPF_SHORT_SEQNOS,    FEAT_AT_TX, FEAT_SP, 0 },
-       { DCCPF_SEQUENCE_WINDOW, FEAT_AT_TX, FEAT_NN, 100 },
-       { DCCPF_ECN_INCAPABLE,   FEAT_AT_RX, FEAT_SP, 0 },
-       { DCCPF_ACK_RATIO,       FEAT_AT_TX, FEAT_NN, 2 },
-       { DCCPF_SEND_ACK_VECTOR, FEAT_AT_RX, FEAT_SP, 0 },
-       { DCCPF_SEND_NDP_COUNT,  FEAT_AT_TX, FEAT_SP, 0 },
-       { DCCPF_MIN_CSUM_COVER,  FEAT_AT_RX, FEAT_SP, 0 },
-       { DCCPF_DATA_CHECKSUM,   FEAT_AT_RX, FEAT_SP, 0 },
-       { DCCPF_SEND_LEV_RATE,   FEAT_AT_RX, FEAT_SP, 0 },
+       { DCCPF_CCID,            FEAT_AT_TX, FEAT_SP, 2,   dccp_hdlr_ccid     },
+       { DCCPF_SHORT_SEQNOS,    FEAT_AT_TX, FEAT_SP, 0,   NULL },
+       { DCCPF_SEQUENCE_WINDOW, FEAT_AT_TX, FEAT_NN, 100, dccp_hdlr_seq_win  },
+       { DCCPF_ECN_INCAPABLE,   FEAT_AT_RX, FEAT_SP, 0,   NULL },
+       { DCCPF_ACK_RATIO,       FEAT_AT_TX, FEAT_NN, 2,   dccp_hdlr_ack_ratio},
+       { DCCPF_SEND_ACK_VECTOR, FEAT_AT_RX, FEAT_SP, 0,   dccp_hdlr_ackvec   },
+       { DCCPF_SEND_NDP_COUNT,  FEAT_AT_TX, FEAT_SP, 0,   dccp_hdlr_ndp      },
+       { DCCPF_MIN_CSUM_COVER,  FEAT_AT_RX, FEAT_SP, 0,   dccp_hdlr_min_cscov},
+       { DCCPF_DATA_CHECKSUM,   FEAT_AT_RX, FEAT_SP, 0,   NULL },
+       { DCCPF_SEND_LEV_RATE,   FEAT_AT_RX, FEAT_SP, 0,   NULL },
 };
 #define DCCP_FEAT_SUPPORTED_MAX                ARRAY_SIZE(dccp_feat_table)
 
@@ -104,6 +194,48 @@ static int dccp_feat_default_value(u8 feat_num)
        return idx < 0 ? 0 : dccp_feat_table[idx].default_value;
 }
 
+static int __dccp_feat_activate(struct sock *sk, const int idx,
+                               const bool is_local, dccp_feat_val const *fval)
+{
+       bool rx;
+       u64 val;
+
+       if (idx < 0 || idx >= DCCP_FEAT_SUPPORTED_MAX)
+               return -1;
+       if (dccp_feat_table[idx].activation_hdlr == NULL)
+               return 0;
+
+       if (fval == NULL) {
+               val = dccp_feat_table[idx].default_value;
+       } else if (dccp_feat_table[idx].reconciliation == FEAT_SP) {
+               if (fval->sp.vec == NULL) {
+                       /*
+                        * This can happen when an empty Confirm is sent
+                        * for an SP (i.e. known) feature. In this case
+                        * we would be using the default anyway.
+                        */
+                       DCCP_CRIT("Feature #%d undefined: using default", idx);
+                       val = dccp_feat_table[idx].default_value;
+               } else {
+                       val = fval->sp.vec[0];
+               }
+       } else {
+               val = fval->nn;
+       }
+
+       /* Location is RX if this is a local-RX or remote-TX feature */
+       rx = (is_local == (dccp_feat_table[idx].rxtx == FEAT_AT_RX));
+
+       return dccp_feat_table[idx].activation_hdlr(sk, val, rx);
+}
+
+/* Test for "Req'd" feature (RFC 4340, 6.4) */
+static inline int dccp_feat_must_be_understood(u8 feat_num)
+{
+       return  feat_num == DCCPF_CCID || feat_num == DCCPF_SHORT_SEQNOS ||
+               feat_num == DCCPF_SEQUENCE_WINDOW;
+}
+
 /* copy constructor, fval must not already contain allocated memory */
 static int dccp_feat_clone_sp_val(dccp_feat_val *fval, u8 const *val, u8 len)
 {
@@ -237,6 +369,40 @@ static int dccp_feat_push_change(struct list_head *fn_list, u8 feat, u8 local,
        return 0;
 }
 
+/**
+ * dccp_feat_push_confirm  -  Add a Confirm entry to the FN list
+ * @fn_list: feature-negotiation list to add to
+ * @feat: one of %dccp_feature_numbers
+ * @local: whether local (1) or remote (0) @feat_num is being confirmed
+ * @fval: pointer to NN/SP value to be inserted or NULL
+ * Returns 0 on success, a Reset code for further processing otherwise.
+ */
+static int dccp_feat_push_confirm(struct list_head *fn_list, u8 feat, u8 local,
+                                 dccp_feat_val *fval)
+{
+       struct dccp_feat_entry *new = dccp_feat_entry_new(fn_list, feat, local);
+
+       if (new == NULL)
+               return DCCP_RESET_CODE_TOO_BUSY;
+
+       new->feat_num        = feat;
+       new->is_local        = local;
+       new->state           = FEAT_STABLE;     /* transition in 6.6.2 */
+       new->needs_confirm   = 1;
+       new->empty_confirm   = (fval == NULL);
+       new->val.nn          = 0;               /* zeroes the whole structure */
+       if (!new->empty_confirm)
+               new->val     = *fval;
+       new->needs_mandatory = 0;
+
+       return 0;
+}
+
+static int dccp_push_empty_confirm(struct list_head *fn_list, u8 feat, u8 local)
+{
+       return dccp_feat_push_confirm(fn_list, feat, local, NULL);
+}
+
 static inline void dccp_feat_list_pop(struct dccp_feat_entry *entry)
 {
        list_del(&entry->node);
@@ -645,494 +811,310 @@ int dccp_feat_server_ccid_dependencies(struct dccp_request_sock *dreq)
        return 0;
 }
 
-static int dccp_feat_update_ccid(struct sock *sk, u8 type, u8 new_ccid_nr)
+/* Select the first entry in @servlist that also occurs in @clilist (6.3.1) */
+static int dccp_feat_preflist_match(u8 *servlist, u8 slen, u8 *clilist, u8 clen)
 {
-       struct dccp_sock *dp = dccp_sk(sk);
-       struct dccp_minisock *dmsk = dccp_msk(sk);
-       /* figure out if we are changing our CCID or the peer's */
-       const int rx = type == DCCPO_CHANGE_R;
-       const u8 ccid_nr = rx ? dmsk->dccpms_rx_ccid : dmsk->dccpms_tx_ccid;
-       struct ccid *new_ccid;
-
-       /* Check if nothing is being changed. */
-       if (ccid_nr == new_ccid_nr)
-               return 0;
-
-       new_ccid = ccid_new(new_ccid_nr, sk, rx, GFP_ATOMIC);
-       if (new_ccid == NULL)
-               return -ENOMEM;
-
-       if (rx) {
-               ccid_hc_rx_delete(dp->dccps_hc_rx_ccid, sk);
-               dp->dccps_hc_rx_ccid = new_ccid;
-               dmsk->dccpms_rx_ccid = new_ccid_nr;
-       } else {
-               ccid_hc_tx_delete(dp->dccps_hc_tx_ccid, sk);
-               dp->dccps_hc_tx_ccid = new_ccid;
-               dmsk->dccpms_tx_ccid = new_ccid_nr;
-       }
+       u8 c, s;
 
-       return 0;
+       for (s = 0; s < slen; s++)
+               for (c = 0; c < clen; c++)
+                       if (servlist[s] == clilist[c])
+                               return servlist[s];
+       return -1;
 }
 
-static int dccp_feat_update(struct sock *sk, u8 type, u8 feat, u8 val)
+/**
+ * dccp_feat_prefer  -  Move preferred entry to the start of array
+ * Reorder the @array_len elements in @array so that @preferred_value comes
+ * first. Returns >0 to indicate that @preferred_value does occur in @array.
+ */
+static u8 dccp_feat_prefer(u8 preferred_value, u8 *array, u8 array_len)
 {
-       dccp_feat_debug(type, feat, val);
+       u8 i, does_occur = 0;
 
-       switch (feat) {
-       case DCCPF_CCID:
-               return dccp_feat_update_ccid(sk, type, val);
-       default:
-               dccp_pr_debug("UNIMPLEMENTED: %s(%d, ...)\n",
-                             dccp_feat_typename(type), feat);
-               break;
+       if (array != NULL) {
+               for (i = 0; i < array_len; i++)
+                       if (array[i] == preferred_value) {
+                               array[i] = array[0];
+                               does_occur++;
+                       }
+               if (does_occur)
+                       array[0] = preferred_value;
        }
-       return 0;
+       return does_occur;
 }
 
-static int dccp_feat_reconcile(struct sock *sk, struct dccp_opt_pend *opt,
-                              u8 *rpref, u8 rlen)
+/**
+ * dccp_feat_reconcile  -  Reconcile SP preference lists
+ *  @fval: SP list to reconcile into
+ *  @arr: received SP preference list
+ *  @len: length of @arr in bytes
+ *  @is_server: whether this side is the server (and @fv is the server's list)
+ *  @reorder: whether to reorder the list in @fv after reconciling with @arr
+ * When successful, > 0 is returned and the reconciled list is in @fval.
+ * A value of 0 means that negotiation failed (no shared entry).
+ */
+static int dccp_feat_reconcile(dccp_feat_val *fv, u8 *arr, u8 len,
+                              bool is_server, bool reorder)
 {
-       struct dccp_sock *dp = dccp_sk(sk);
-       u8 *spref, slen, *res = NULL;
-       int i, j, rc, agree = 1;
-
-       BUG_ON(rpref == NULL);
-
-       /* check if we are the black sheep */
-       if (dp->dccps_role == DCCP_ROLE_CLIENT) {
-               spref = rpref;
-               slen  = rlen;
-               rpref = opt->dccpop_val;
-               rlen  = opt->dccpop_len;
-       } else {
-               spref = opt->dccpop_val;
-               slen  = opt->dccpop_len;
-       }
-       /*
-        * Now we have server preference list in spref and client preference in
-        * rpref
-        */
-       BUG_ON(spref == NULL);
-       BUG_ON(rpref == NULL);
-
-       /* FIXME sanity check vals */
-
-       /* Are values in any order?  XXX Lame "algorithm" here */
-       for (i = 0; i < slen; i++) {
-               for (j = 0; j < rlen; j++) {
-                       if (spref[i] == rpref[j]) {
-                               res = &spref[i];
-                               break;
-                       }
-               }
-               if (res)
-                       break;
-       }
-
-       /* we didn't agree on anything */
-       if (res == NULL) {
-               /* confirm previous value */
-               switch (opt->dccpop_feat) {
-               case DCCPF_CCID:
-                       /* XXX did i get this right? =P */
-                       if (opt->dccpop_type == DCCPO_CHANGE_L)
-                               res = &dccp_msk(sk)->dccpms_tx_ccid;
-                       else
-                               res = &dccp_msk(sk)->dccpms_rx_ccid;
-                       break;
-
-               default:
-                       DCCP_BUG("Fell through, feat=%d", opt->dccpop_feat);
-                       /* XXX implement res */
-                       return -EFAULT;
-               }
-
-               dccp_pr_debug("Don't agree... reconfirming %d\n", *res);
-               agree = 0; /* this is used for mandatory options... */
-       }
-
-       /* need to put result and our preference list */
-       rlen = 1 + opt->dccpop_len;
-       rpref = kmalloc(rlen, GFP_ATOMIC);
-       if (rpref == NULL)
-               return -ENOMEM;
-
-       *rpref = *res;
-       memcpy(&rpref[1], opt->dccpop_val, opt->dccpop_len);
+       int rc;
 
-       /* put it in the "confirm queue" */
-       if (opt->dccpop_sc == NULL) {
-               opt->dccpop_sc = kmalloc(sizeof(*opt->dccpop_sc), GFP_ATOMIC);
-               if (opt->dccpop_sc == NULL) {
-                       kfree(rpref);
-                       return -ENOMEM;
-               }
-       } else {
-               /* recycle the confirm slot */
-               BUG_ON(opt->dccpop_sc->dccpoc_val == NULL);
-               kfree(opt->dccpop_sc->dccpoc_val);
-               dccp_pr_debug("recycling confirm slot\n");
+       if (!fv->sp.vec || !arr) {
+               DCCP_CRIT("NULL feature value or array");
+               return 0;
        }
-       memset(opt->dccpop_sc, 0, sizeof(*opt->dccpop_sc));
 
-       opt->dccpop_sc->dccpoc_val = rpref;
-       opt->dccpop_sc->dccpoc_len = rlen;
+       if (is_server)
+               rc = dccp_feat_preflist_match(fv->sp.vec, fv->sp.len, arr, len);
+       else
+               rc = dccp_feat_preflist_match(arr, len, fv->sp.vec, fv->sp.len);
 
-       /* update the option on our side [we are about to send the confirm] */
-       rc = dccp_feat_update(sk, opt->dccpop_type, opt->dccpop_feat, *res);
-       if (rc) {
-               kfree(opt->dccpop_sc->dccpoc_val);
-               kfree(opt->dccpop_sc);
-               opt->dccpop_sc = NULL;
+       if (!reorder)
                return rc;
-       }
-
-       dccp_pr_debug("Will confirm %d\n", *rpref);
+       if (rc < 0)
+               return 0;
 
-       /* say we want to change to X but we just got a confirm X, suppress our
-        * change
+       /*
+        * Reorder list: used for activating features and in dccp_insert_fn_opt.
         */
-       if (!opt->dccpop_conf) {
-               if (*opt->dccpop_val == *res)
-                       opt->dccpop_conf = 1;
-               dccp_pr_debug("won't ask for change of same feature\n");
-       }
-
-       return agree ? 0 : DCCP_FEAT_SP_NOAGREE; /* used for mandatory opts */
+       return dccp_feat_prefer(rc, fv->sp.vec, fv->sp.len);
 }
 
-static int dccp_feat_sp(struct sock *sk, u8 type, u8 feature, u8 *val, u8 len)
+/**
+ * dccp_feat_change_recv  -  Process incoming ChangeL/R options
+ * @fn: feature-negotiation list to update
+ * @is_mandatory: whether the Change was preceded by a Mandatory option
+ * @opt: %DCCPO_CHANGE_L or %DCCPO_CHANGE_R
+ * @feat: one of %dccp_feature_numbers
+ * @val: NN value or SP value/preference list
+ * @len: length of @val in bytes
+ * @server: whether this node is the server (1) or the client (0)
+ */
+static u8 dccp_feat_change_recv(struct list_head *fn, u8 is_mandatory, u8 opt,
+                               u8 feat, u8 *val, u8 len, const bool server)
 {
-       struct dccp_minisock *dmsk = dccp_msk(sk);
-       struct dccp_opt_pend *opt;
-       int rc = 1;
-       u8 t;
+       u8 defval, type = dccp_feat_type(feat);
+       const bool local = (opt == DCCPO_CHANGE_R);
+       struct dccp_feat_entry *entry;
+       dccp_feat_val fval;
+
+       if (len == 0 || type == FEAT_UNKNOWN)           /* 6.1 and 6.6.8 */
+               goto unknown_feature_or_value;
 
        /*
-        * We received a CHANGE.  We gotta match it against our own preference
-        * list.  If we got a CHANGE_R it means it's a change for us, so we need
-        * to compare our CHANGE_L list.
+        *      Negotiation of NN features: Change R is invalid, so there is no
+        *      simultaneous negotiation; hence we do not look up in the list.
         */
-       if (type == DCCPO_CHANGE_L)
-               t = DCCPO_CHANGE_R;
-       else
-               t = DCCPO_CHANGE_L;
+       if (type == FEAT_NN) {
+               if (local || len > sizeof(fval.nn))
+                       goto unknown_feature_or_value;
 
-       /* find our preference list for this feature */
-       list_for_each_entry(opt, &dmsk->dccpms_pending, dccpop_node) {
-               if (opt->dccpop_type != t || opt->dccpop_feat != feature)
-                       continue;
+               /* 6.3.2: "The feature remote MUST accept any valid value..." */
+               fval.nn = dccp_decode_value_var(val, len);
+               if (!dccp_feat_is_valid_nn_val(feat, fval.nn))
+                       goto unknown_feature_or_value;
 
-               /* find the winner from the two preference lists */
-               rc = dccp_feat_reconcile(sk, opt, val, len);
-               break;
+               return dccp_feat_push_confirm(fn, feat, local, &fval);
        }
 
-       /* We didn't deal with the change.  This can happen if we have no
-        * preference list for the feature.  In fact, it just shouldn't
-        * happen---if we understand a feature, we should have a preference list
-        * with at least the default value.
+       /*
+        *      Unidirectional/simultaneous negotiation of SP features (6.3.1)
         */
-       BUG_ON(rc == 1);
-
-       return rc;
-}
-
-static int dccp_feat_nn(struct sock *sk, u8 type, u8 feature, u8 *val, u8 len)
-{
-       struct dccp_opt_pend *opt;
-       struct dccp_minisock *dmsk = dccp_msk(sk);
-       u8 *copy;
-       int rc;
-
-       /* NN features must be Change L (sec. 6.3.2) */
-       if (type != DCCPO_CHANGE_L) {
-               dccp_pr_debug("received %s for NN feature %d\n",
-                               dccp_feat_typename(type), feature);
-               return -EFAULT;
-       }
-
-       /* XXX sanity check opt val */
-
-       /* copy option so we can confirm it */
-       opt = kzalloc(sizeof(*opt), GFP_ATOMIC);
-       if (opt == NULL)
-               return -ENOMEM;
+       entry = dccp_feat_list_lookup(fn, feat, local);
+       if (entry == NULL) {
+               /*
+                * No particular preferences have been registered. We deal with
+                * this situation by assuming that all valid values are equally
+                * acceptable, and apply the following checks:
+                * - if the peer's list is a singleton, we accept a valid value;
+                * - if we are the server, we first try to see if the peer (the
+                *   client) advertises the default value. If yes, we use it,
+                *   otherwise we accept the preferred value;
+                * - else if we are the client, we use the first list element.
+                */
+               if (dccp_feat_clone_sp_val(&fval, val, 1))
+                       return DCCP_RESET_CODE_TOO_BUSY;
+
+               if (len > 1 && server) {
+                       defval = dccp_feat_default_value(feat);
+                       if (dccp_feat_preflist_match(&defval, 1, val, len) > -1)
+                               fval.sp.vec[0] = defval;
+               } else if (!dccp_feat_is_valid_sp_val(feat, fval.sp.vec[0])) {
+                       kfree(fval.sp.vec);
+                       goto unknown_feature_or_value;
+               }
 
-       copy = kmemdup(val, len, GFP_ATOMIC);
-       if (copy == NULL) {
-               kfree(opt);
-               return -ENOMEM;
-       }
+               /* Treat unsupported CCIDs like invalid values */
+               if (feat == DCCPF_CCID && !ccid_support_check(fval.sp.vec, 1)) {
+                       kfree(fval.sp.vec);
+                       goto not_valid_or_not_known;
+               }
 
-       opt->dccpop_type = DCCPO_CONFIRM_R; /* NN can only confirm R */
-       opt->dccpop_feat = feature;
-       opt->dccpop_val  = copy;
-       opt->dccpop_len  = len;
+               return dccp_feat_push_confirm(fn, feat, local, &fval);
 
-       /* change feature */
-       rc = dccp_feat_update(sk, type, feature, *val);
-       if (rc) {
-               kfree(opt->dccpop_val);
-               kfree(opt);
-               return rc;
+       } else if (entry->state == FEAT_UNSTABLE) {     /* 6.6.2 */
+               return 0;
        }
 
-       dccp_feat_debug(type, feature, *copy);
-
-       list_add_tail(&opt->dccpop_node, &dmsk->dccpms_conf);
-
-       return 0;
-}
-
-static void dccp_feat_empty_confirm(struct dccp_minisock *dmsk,
-                                   u8 type, u8 feature)
-{
-       /* XXX check if other confirms for that are queued and recycle slot */
-       struct dccp_opt_pend *opt = kzalloc(sizeof(*opt), GFP_ATOMIC);
-
-       if (opt == NULL) {
-               /* XXX what do we do?  Ignoring should be fine.  It's a change
-                * after all =P
+       if (dccp_feat_reconcile(&entry->val, val, len, server, true)) {
+               entry->empty_confirm = 0;
+       } else if (is_mandatory) {
+               return DCCP_RESET_CODE_MANDATORY_ERROR;
+       } else if (entry->state == FEAT_INITIALISING) {
+               /*
+                * Failed simultaneous negotiation (server only): try to `save'
+                * the connection by checking whether entry contains the default
+                * value for @feat. If yes, send an empty Confirm to signal that
+                * the received Change was not understood - which implies using
+                * the default value.
+                * If this also fails, we use Reset as the last resort.
                 */
-               return;
-       }
-
-       switch (type) {
-       case DCCPO_CHANGE_L:
-               opt->dccpop_type = DCCPO_CONFIRM_R;
-               break;
-       case DCCPO_CHANGE_R:
-               opt->dccpop_type = DCCPO_CONFIRM_L;
-               break;
-       default:
-               DCCP_WARN("invalid type %d\n", type);
-               kfree(opt);
-               return;
+               WARN_ON(!server);
+               defval = dccp_feat_default_value(feat);
+               if (!dccp_feat_reconcile(&entry->val, &defval, 1, server, true))
+                       return DCCP_RESET_CODE_OPTION_ERROR;
+               entry->empty_confirm = 1;
        }
-       opt->dccpop_feat = feature;
-       opt->dccpop_val  = NULL;
-       opt->dccpop_len  = 0;
+       entry->needs_confirm   = 1;
+       entry->needs_mandatory = 0;
+       entry->state           = FEAT_STABLE;
+       return 0;
 
-       /* change feature */
-       dccp_pr_debug("Empty %s(%d)\n", dccp_feat_typename(type), feature);
+unknown_feature_or_value:
+       if (!is_mandatory)
+               return dccp_push_empty_confirm(fn, feat, local);
 
-       list_add_tail(&opt->dccpop_node, &dmsk->dccpms_conf);
+not_valid_or_not_known:
+       return is_mandatory ? DCCP_RESET_CODE_MANDATORY_ERROR
+                           : DCCP_RESET_CODE_OPTION_ERROR;
 }
 
-static void dccp_feat_flush_confirm(struct sock *sk)
+/**
+ * dccp_feat_confirm_recv  -  Process received Confirm options
+ * @fn: feature-negotiation list to update
+ * @is_mandatory: whether @opt was preceded by a Mandatory option
+ * @opt: %DCCPO_CONFIRM_L or %DCCPO_CONFIRM_R
+ * @feat: one of %dccp_feature_numbers
+ * @val: NN value or SP value/preference list
+ * @len: length of @val in bytes
+ * @server: whether this node is server (1) or client (0)
+ */
+static u8 dccp_feat_confirm_recv(struct list_head *fn, u8 is_mandatory, u8 opt,
+                                u8 feat, u8 *val, u8 len, const bool server)
 {
-       struct dccp_minisock *dmsk = dccp_msk(sk);
-       /* Check if there is anything to confirm in the first place */
-       int yes = !list_empty(&dmsk->dccpms_conf);
+       u8 *plist, plen, type = dccp_feat_type(feat);
+       const bool local = (opt == DCCPO_CONFIRM_R);
+       struct dccp_feat_entry *entry = dccp_feat_list_lookup(fn, feat, local);
 
-       if (!yes) {
-               struct dccp_opt_pend *opt;
+       if (entry == NULL) {    /* nothing queued: ignore or handle error */
+               if (is_mandatory && type == FEAT_UNKNOWN)
+                       return DCCP_RESET_CODE_MANDATORY_ERROR;
 
-               list_for_each_entry(opt, &dmsk->dccpms_pending, dccpop_node) {
-                       if (opt->dccpop_conf) {
-                               yes = 1;
-                               break;
-                       }
-               }
+               if (!local && type == FEAT_NN)          /* 6.3.2 */
+                       goto confirmation_failed;
+               return 0;
        }
 
-       if (!yes)
-               return;
-
-       /* OK there is something to confirm... */
-       /* XXX check if packet is in flight?  Send delayed ack?? */
-       if (sk->sk_state == DCCP_OPEN)
-               dccp_send_ack(sk);
-}
-
-int dccp_feat_change_recv(struct sock *sk, u8 type, u8 feature, u8 *val, u8 len)
-{
-       int rc;
-
-       /* Ignore Change requests other than during connection setup */
-       if (sk->sk_state != DCCP_LISTEN && sk->sk_state != DCCP_REQUESTING)
+       if (entry->state != FEAT_CHANGING)              /* 6.6.2 */
                return 0;
-       dccp_feat_debug(type, feature, *val);
 
-       /* figure out if it's SP or NN feature */
-       switch (feature) {
-       /* deal with SP features */
-       case DCCPF_CCID:
-               rc = dccp_feat_sp(sk, type, feature, val, len);
-               break;
-
-       /* deal with NN features */
-       case DCCPF_ACK_RATIO:
-               rc = dccp_feat_nn(sk, type, feature, val, len);
-               break;
-
-       /* XXX implement other features */
-       default:
-               dccp_pr_debug("UNIMPLEMENTED: not handling %s(%d, ...)\n",
-                             dccp_feat_typename(type), feature);
-               rc = -EFAULT;
-               break;
-       }
-
-       /* check if there were problems changing features */
-       if (rc) {
-               /* If we don't agree on SP, we sent a confirm for old value.
-                * However we propagate rc to caller in case option was
-                * mandatory
+       if (len == 0) {
+               if (dccp_feat_must_be_understood(feat)) /* 6.6.7 */
+                       goto confirmation_failed;
+               /*
+                * Empty Confirm during connection setup: this means reverting
+                * to the `old' value, which in this case is the default. Since
+                * we handle default values automatically when no other values
+                * have been set, we revert to the old value by removing this
+                * entry from the list.
                 */
-               if (rc != DCCP_FEAT_SP_NOAGREE)
-                       dccp_feat_empty_confirm(dccp_msk(sk), type, feature);
-       }
-
-       /* generate the confirm [if required] */
-       dccp_feat_flush_confirm(sk);
-
-       return rc;
-}
-
-EXPORT_SYMBOL_GPL(dccp_feat_change_recv);
-
-int dccp_feat_confirm_recv(struct sock *sk, u8 type, u8 feature,
-                          u8 *val, u8 len)
-{
-       u8 t;
-       struct dccp_opt_pend *opt;
-       struct dccp_minisock *dmsk = dccp_msk(sk);
-       int found = 0;
-       int all_confirmed = 1;
-
-       /* Ignore Confirm options other than during connection setup */
-       if (sk->sk_state != DCCP_LISTEN && sk->sk_state != DCCP_REQUESTING)
+               dccp_feat_list_pop(entry);
                return 0;
-       dccp_feat_debug(type, feature, *val);
-
-       /* locate our change request */
-       switch (type) {
-       case DCCPO_CONFIRM_L: t = DCCPO_CHANGE_R; break;
-       case DCCPO_CONFIRM_R: t = DCCPO_CHANGE_L; break;
-       default:              DCCP_WARN("invalid type %d\n", type);
-                             return 1;
-
        }
-       /* XXX sanity check feature value */
-
-       list_for_each_entry(opt, &dmsk->dccpms_pending, dccpop_node) {
-               if (!opt->dccpop_conf && opt->dccpop_type == t &&
-                   opt->dccpop_feat == feature) {
-                       found = 1;
-                       dccp_pr_debug("feature %d found\n", opt->dccpop_feat);
 
-                       /* XXX do sanity check */
+       if (type == FEAT_NN) {
+               if (len > sizeof(entry->val.nn))
+                       goto confirmation_failed;
 
-                       opt->dccpop_conf = 1;
+               if (entry->val.nn == dccp_decode_value_var(val, len))
+                       goto confirmation_succeeded;
 
-                       /* We got a confirmation---change the option */
-                       dccp_feat_update(sk, opt->dccpop_type,
-                                        opt->dccpop_feat, *val);
+               DCCP_WARN("Bogus Confirm for non-existing value\n");
+               goto confirmation_failed;
+       }
 
-                       /* XXX check the return value of dccp_feat_update */
-                       break;
-               }
+       /*
+        * Parsing SP Confirms: the first element of @val is the preferred
+        * SP value which the peer confirms, the remainder depends on @len.
+        * Note that only the confirmed value need to be a valid SP value.
+        */
+       if (!dccp_feat_is_valid_sp_val(feat, *val))
+               goto confirmation_failed;
+
+       if (len == 1) {         /* peer didn't supply a preference list */
+               plist = val;
+               plen  = len;
+       } else {                /* preferred value + preference list */
+               plist = val + 1;
+               plen  = len - 1;
+       }
 
-               if (!opt->dccpop_conf)
-                       all_confirmed = 0;
+       /* Check whether the peer got the reconciliation right (6.6.8) */
+       if (dccp_feat_reconcile(&entry->val, plist, plen, server, 0) != *val) {
+               DCCP_WARN("Confirm selected the wrong value %u\n", *val);
+               return DCCP_RESET_CODE_OPTION_ERROR;
        }
+       entry->val.sp.vec[0] = *val;
 
-       if (!found)
-               dccp_pr_debug("%s(%d, ...) never requested\n",
-                             dccp_feat_typename(type), feature);
+confirmation_succeeded:
+       entry->state = FEAT_STABLE;
        return 0;
-}
-
-EXPORT_SYMBOL_GPL(dccp_feat_confirm_recv);
-
-void dccp_feat_clean(struct dccp_minisock *dmsk)
-{
-       struct dccp_opt_pend *opt, *next;
-
-       list_for_each_entry_safe(opt, next, &dmsk->dccpms_pending,
-                                dccpop_node) {
-               BUG_ON(opt->dccpop_val == NULL);
-               kfree(opt->dccpop_val);
-
-               if (opt->dccpop_sc != NULL) {
-                       BUG_ON(opt->dccpop_sc->dccpoc_val == NULL);
-                       kfree(opt->dccpop_sc->dccpoc_val);
-                       kfree(opt->dccpop_sc);
-               }
-
-               kfree(opt);
-       }
-       INIT_LIST_HEAD(&dmsk->dccpms_pending);
 
-       list_for_each_entry_safe(opt, next, &dmsk->dccpms_conf, dccpop_node) {
-               BUG_ON(opt == NULL);
-               if (opt->dccpop_val != NULL)
-                       kfree(opt->dccpop_val);
-               kfree(opt);
-       }
-       INIT_LIST_HEAD(&dmsk->dccpms_conf);
+confirmation_failed:
+       DCCP_WARN("Confirmation failed\n");
+       return is_mandatory ? DCCP_RESET_CODE_MANDATORY_ERROR
+                           : DCCP_RESET_CODE_OPTION_ERROR;
 }
 
-EXPORT_SYMBOL_GPL(dccp_feat_clean);
-
-/* this is to be called only when a listening sock creates its child.  It is
- * assumed by the function---the confirm is not duplicated, but rather it is
- * "passed on".
+/**
+ * dccp_feat_parse_options  -  Process Feature-Negotiation Options
+ * @sk: for general use and used by the client during connection setup
+ * @dreq: used by the server during connection setup
+ * @mandatory: whether @opt was preceded by a Mandatory option
+ * @opt: %DCCPO_CHANGE_L | %DCCPO_CHANGE_R | %DCCPO_CONFIRM_L | %DCCPO_CONFIRM_R
+ * @feat: one of %dccp_feature_numbers
+ * @val: value contents of @opt
+ * @len: length of @val in bytes
+ * Returns 0 on success, a Reset code for ending the connection otherwise.
  */
-int dccp_feat_clone(struct sock *oldsk, struct sock *newsk)
+int dccp_feat_parse_options(struct sock *sk, struct dccp_request_sock *dreq,
+                           u8 mandatory, u8 opt, u8 feat, u8 *val, u8 len)
 {
-       struct dccp_minisock *olddmsk = dccp_msk(oldsk);
-       struct dccp_minisock *newdmsk = dccp_msk(newsk);
-       struct dccp_opt_pend *opt;
-       int rc = 0;
-
-       INIT_LIST_HEAD(&newdmsk->dccpms_pending);
-       INIT_LIST_HEAD(&newdmsk->dccpms_conf);
-
-       list_for_each_entry(opt, &olddmsk->dccpms_pending, dccpop_node) {
-               struct dccp_opt_pend *newopt;
-               /* copy the value of the option */
-               u8 *val = kmemdup(opt->dccpop_val, opt->dccpop_len, GFP_ATOMIC);
-
-               if (val == NULL)
-                       goto out_clean;
-
-               newopt = kmemdup(opt, sizeof(*newopt), GFP_ATOMIC);
-               if (newopt == NULL) {
-                       kfree(val);
-                       goto out_clean;
-               }
-
-               /* insert the option */
-               newopt->dccpop_val = val;
-               list_add_tail(&newopt->dccpop_node, &newdmsk->dccpms_pending);
-
-               /* XXX what happens with backlogs and multiple connections at
-                * once...
-                */
-               /* the master socket no longer needs to worry about confirms */
-               opt->dccpop_sc = NULL; /* it's not a memleak---new socket has it */
+       struct dccp_sock *dp = dccp_sk(sk);
+       struct list_head *fn = dreq ? &dreq->dreq_featneg : &dp->dccps_featneg;
+       bool server = false;
 
-               /* reset state for a new socket */
-               opt->dccpop_conf = 0;
+       switch (sk->sk_state) {
+       /*
+        *      Negotiation during connection setup
+        */
+       case DCCP_LISTEN:
+               server = true;                  /* fall through */
+       case DCCP_REQUESTING:
+               switch (opt) {
+               case DCCPO_CHANGE_L:
+               case DCCPO_CHANGE_R:
+                       return dccp_feat_change_recv(fn, mandatory, opt, feat,
+                                                    val, len, server);
+               case DCCPO_CONFIRM_R:
+               case DCCPO_CONFIRM_L:
+                       return dccp_feat_confirm_recv(fn, mandatory, opt, feat,
+                                                     val, len, server);
+               }
        }
-
-       /* XXX not doing anything about the conf queue */
-
-out:
-       return rc;
-
-out_clean:
-       dccp_feat_clean(newdmsk);
-       rc = -ENOMEM;
-       goto out;
+       return 0;       /* ignore FN options in all other states */
 }
 
-EXPORT_SYMBOL_GPL(dccp_feat_clone);
-
 int dccp_feat_init(struct sock *sk)
 {
        struct dccp_sock *dp = dccp_sk(sk);
@@ -1142,27 +1124,82 @@ int dccp_feat_init(struct sock *sk)
        INIT_LIST_HEAD(&dmsk->dccpms_pending);  /* XXX no longer used */
        INIT_LIST_HEAD(&dmsk->dccpms_conf);     /* XXX no longer used */
 
-       /* CCID L */
-       rc = __feat_register_sp(&dp->dccps_featneg, DCCPF_CCID, 1, 0,
-                               &dmsk->dccpms_tx_ccid, 1);
-       if (rc)
-               goto out;
-
-       /* CCID R */
-       rc = __feat_register_sp(&dp->dccps_featneg, DCCPF_CCID, 0, 0,
-                               &dmsk->dccpms_rx_ccid, 1);
-       if (rc)
-               goto out;
-
        /* Ack ratio */
        rc = __feat_register_nn(&dp->dccps_featneg, DCCPF_ACK_RATIO, 0,
                                dp->dccps_l_ack_ratio);
-out:
        return rc;
 }
 
 EXPORT_SYMBOL_GPL(dccp_feat_init);
 
+int dccp_feat_activate_values(struct sock *sk, struct list_head *fn_list)
+{
+       struct dccp_sock *dp = dccp_sk(sk);
+       struct dccp_feat_entry *cur, *next;
+       int idx;
+       dccp_feat_val *fvals[DCCP_FEAT_SUPPORTED_MAX][2] = {
+                [0 ... DCCP_FEAT_SUPPORTED_MAX-1] = { NULL, NULL }
+       };
+
+       list_for_each_entry(cur, fn_list, node) {
+               /*
+                * An empty Confirm means that either an unknown feature type
+                * or an invalid value was present. In the first case there is
+                * nothing to activate, in the other the default value is used.
+                */
+               if (cur->empty_confirm)
+                       continue;
+
+               idx = dccp_feat_index(cur->feat_num);
+               if (idx < 0) {
+                       DCCP_BUG("Unknown feature %u", cur->feat_num);
+                       goto activation_failed;
+               }
+               if (cur->state != FEAT_STABLE) {
+                       DCCP_CRIT("Negotiation of %s %u failed in state %u",
+                                 cur->is_local ? "local" : "remote",
+                                 cur->feat_num, cur->state);
+                       goto activation_failed;
+               }
+               fvals[idx][cur->is_local] = &cur->val;
+       }
+
+       /*
+        * Activate in decreasing order of index, so that the CCIDs are always
+        * activated as the last feature. This avoids the case where a CCID
+        * relies on the initialisation of one or more features that it depends
+        * on (e.g. Send NDP Count, Send Ack Vector, and Ack Ratio features).
+        */
+       for (idx = DCCP_FEAT_SUPPORTED_MAX; --idx >= 0;)
+               if (__dccp_feat_activate(sk, idx, 0, fvals[idx][0]) ||
+                   __dccp_feat_activate(sk, idx, 1, fvals[idx][1])) {
+                       DCCP_CRIT("Could not activate %d", idx);
+                       goto activation_failed;
+               }
+
+       /* Clean up Change options which have been confirmed already */
+       list_for_each_entry_safe(cur, next, fn_list, node)
+               if (!cur->needs_confirm)
+                       dccp_feat_list_pop(cur);
+
+       dccp_pr_debug("Activation OK\n");
+       return 0;
+
+activation_failed:
+       /*
+        * We clean up everything that may have been allocated, since
+        * it is difficult to track at which stage negotiation failed.
+        * This is ok, since all allocation functions below are robust
+        * against NULL arguments.
+        */
+       ccid_hc_rx_delete(dp->dccps_hc_rx_ccid, sk);
+       ccid_hc_tx_delete(dp->dccps_hc_tx_ccid, sk);
+       dp->dccps_hc_rx_ccid = dp->dccps_hc_tx_ccid = NULL;
+       dccp_ackvec_free(dp->dccps_hc_rx_ackvec);
+       dp->dccps_hc_rx_ackvec = NULL;
+       return -1;
+}
+
 #ifdef CONFIG_IP_DCCP_DEBUG
 const char *dccp_feat_typename(const u8 type)
 {