diff options
author | Marco Varlese <marco.varlese@suse.com> | 2018-09-27 16:43:57 +0200 |
---|---|---|
committer | Damjan Marion <dmarion@me.com> | 2018-10-01 09:41:57 +0000 |
commit | 9382673d93d94f10348d61b7e7e7375883f74f5e (patch) | |
tree | 648577d22625e3c3ea615cde980e2f9616bfbb4f /src/vnet/sctp | |
parent | 2e2372117d35191a0e6c096c5f989930de6e12b1 (diff) |
SCTP: fix overflow issue with timestamp
Change-Id: I03bb47a2baa4375b7bf9347d95c4cc8de37fe510
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
Diffstat (limited to 'src/vnet/sctp')
-rw-r--r-- | src/vnet/sctp/sctp.c | 4 | ||||
-rw-r--r-- | src/vnet/sctp/sctp.h | 26 | ||||
-rw-r--r-- | src/vnet/sctp/sctp_input.c | 14 | ||||
-rw-r--r-- | src/vnet/sctp/sctp_output.c | 6 | ||||
-rw-r--r-- | src/vnet/sctp/sctp_packet.h | 2 |
5 files changed, 29 insertions, 23 deletions
diff --git a/src/vnet/sctp/sctp.c b/src/vnet/sctp/sctp.c index ffa86343b47..f97039c7936 100644 --- a/src/vnet/sctp/sctp.c +++ b/src/vnet/sctp/sctp.c @@ -712,13 +712,13 @@ sctp_expired_timers_cb (u32 conn_index, u32 timer_id) { sctp_connection_t *sctp_conn; + SCTP_DBG ("%s expired", sctp_timer_to_string (timer_id)); + sctp_conn = sctp_connection_get (conn_index, vlib_get_thread_index ()); /* note: the connection may have already disappeared */ if (PREDICT_FALSE (sctp_conn == 0)) return; - SCTP_DBG ("%s expired", sctp_timer_to_string (timer_id)); - if (sctp_conn->sub_conn[conn_index].unacknowledged_hb > SCTP_PATH_MAX_RETRANS) { diff --git a/src/vnet/sctp/sctp.h b/src/vnet/sctp/sctp.h index 5f19566d240..577c2aff8b0 100644 --- a/src/vnet/sctp/sctp.h +++ b/src/vnet/sctp/sctp.h @@ -112,11 +112,11 @@ typedef struct _sctp_sub_connection u32 ssthresh; /**< Slow-start threshold (in bytes), which is used by the sender to distinguish slow-start and congestion avoidance phases. */ - u32 rtt_ts; /**< USED to hold the timestamp of when the packet has been sent */ + u64 rtt_ts; /**< USED to hold the timestamp of when the packet has been sent */ u32 RTO; /**< The current retransmission timeout value. */ - u32 SRTT; /**< The current smoothed round-trip time. */ - f32 RTTVAR; /**< The current RTT variation. */ + u64 SRTT; /**< The current smoothed round-trip time. */ + f64 RTTVAR; /**< The current RTT variation. */ u32 partially_acked_bytes; /**< The tracking method for increase of cwnd when in congestion avoidance mode (see Section 7.2.2).*/ @@ -134,10 +134,10 @@ typedef struct _sctp_sub_connection Every time the RTT calculation completes (i.e., the DATA chunk is SACK'd), clear this flag. */ - u32 last_seen; /**< The time to which this destination was last sent a packet to. + u64 last_seen; /**< The time to which this destination was last sent a packet to. This can be used to determine if a HEARTBEAT is needed. */ - u32 last_data_ts; /**< Used to hold the timestamp value of last time we sent a DATA chunk */ + u64 last_data_ts; /**< Used to hold the timestamp value of last time we sent a DATA chunk */ u8 unacknowledged_hb; /**< Used to track how many unacknowledged heartbeats we had; If more than SCTP_PATH_MAX_RETRANS then connection is considered unreachable. */ @@ -489,7 +489,7 @@ typedef struct _sctp_main u8 log2_tstamp_clocks_per_tick; f64 tstamp_ticks_per_clock; - u32 *time_now; + u64 *time_now; /** per-worker tx buffer free lists */ u32 **tx_buffers; @@ -582,7 +582,7 @@ sctp_half_open_connection_del (sctp_connection_t * tc) clib_spinlock_unlock_if_init (&sctp_main->half_open_lock); } -always_inline u32 +always_inline u64 sctp_set_time_now (u32 thread_index) { sctp_main.time_now[thread_index] = clib_cpu_time_now () @@ -665,7 +665,7 @@ sctp_get_connection_from_transport (transport_connection_t * tconn) return (sctp_connection_t *) sub; } -always_inline u32 +always_inline u64 sctp_time_now (void) { return sctp_main.time_now[vlib_get_thread_index ()]; @@ -677,11 +677,11 @@ always_inline void sctp_calculate_rto (sctp_connection_t * sctp_conn, u8 conn_idx) { /* See RFC4960, 6.3.1. RTO Calculation */ - u32 RTO = 0; - f32 RTTVAR = 0; - u32 now = sctp_time_now (); - u32 prev_ts = sctp_conn->sub_conn[conn_idx].rtt_ts; - u32 R = prev_ts - now; + u64 RTO = 0; + f64 RTTVAR = 0; + u64 now = sctp_time_now (); + u64 prev_ts = sctp_conn->sub_conn[conn_idx].rtt_ts; + u64 R = prev_ts - now; if (sctp_conn->sub_conn[conn_idx].RTO == 0) // C1: Let's initialize our RTO { diff --git a/src/vnet/sctp/sctp_input.c b/src/vnet/sctp/sctp_input.c index bca34f1a25c..4f6214501e2 100644 --- a/src/vnet/sctp/sctp_input.c +++ b/src/vnet/sctp/sctp_input.c @@ -851,7 +851,7 @@ sctp_handle_cookie_echo (sctp_header_t * sctp_hdr, sctp_connection_t * sctp_conn, u8 idx, vlib_buffer_t * b0, u16 * next0) { - u32 now = sctp_time_now (); + u64 now = sctp_time_now (); sctp_cookie_echo_chunk_t *cookie_echo = (sctp_cookie_echo_chunk_t *) sctp_hdr; @@ -864,10 +864,11 @@ sctp_handle_cookie_echo (sctp_header_t * sctp_hdr, sctp_calculate_rto (sctp_conn, idx); - u32 creation_time = - clib_net_to_host_u32 (cookie_echo->cookie.creation_time); - u32 cookie_lifespan = + u64 creation_time = + clib_net_to_host_u64 (cookie_echo->cookie.creation_time); + u64 cookie_lifespan = clib_net_to_host_u32 (cookie_echo->cookie.cookie_lifespan); + if (now > creation_time + cookie_lifespan) { SCTP_DBG ("now (%u) > creation_time (%u) + cookie_lifespan (%u)", @@ -1516,6 +1517,11 @@ sctp_handle_sack (sctp_selective_ack_chunk_t * sack_chunk, /* Check that the LOCALLY generated tag is being used by the REMOTE peer as the verification tag */ if (sctp_conn->local_tag != sack_chunk->sctp_hdr.verification_tag) { + SCTP_ADV_DBG + ("sctp_conn->local_tag != sack_chunk->sctp_hdr.verification_tag"); + + *next0 = sctp_next_drop (sctp_conn->sub_conn[idx].c_is_ip4); + return SCTP_ERROR_INVALID_TAG; } diff --git a/src/vnet/sctp/sctp_output.c b/src/vnet/sctp/sctp_output.c index 33063e7ef21..e69ff5c1529 100644 --- a/src/vnet/sctp/sctp_output.c +++ b/src/vnet/sctp/sctp_output.c @@ -779,7 +779,7 @@ sctp_prepare_initack_chunk_for_collision (sctp_connection_t * sctp_conn, clib_host_to_net_u16 (SCTP_STATE_COOKIE_TYPE); state_cookie_param->param_hdr.length = clib_host_to_net_u16 (sizeof (sctp_state_cookie_param_t)); - state_cookie_param->creation_time = clib_host_to_net_u32 (sctp_time_now ()); + state_cookie_param->creation_time = clib_host_to_net_u64 (sctp_time_now ()); state_cookie_param->cookie_lifespan = clib_host_to_net_u32 (SCTP_VALID_COOKIE_LIFE); @@ -919,7 +919,7 @@ sctp_prepare_initack_chunk (sctp_connection_t * sctp_conn, u8 idx, clib_host_to_net_u16 (SCTP_STATE_COOKIE_TYPE); state_cookie_param->param_hdr.length = clib_host_to_net_u16 (sizeof (sctp_state_cookie_param_t)); - state_cookie_param->creation_time = clib_host_to_net_u32 (sctp_time_now ()); + state_cookie_param->creation_time = clib_host_to_net_u64 (sctp_time_now ()); state_cookie_param->cookie_lifespan = clib_host_to_net_u32 (SCTP_VALID_COOKIE_LIFE); @@ -1239,7 +1239,7 @@ sctp_send_heartbeat (sctp_connection_t * sctp_conn) vlib_main_t *vm = vlib_get_main (); u8 i; - u32 now = sctp_time_now (); + u64 now = sctp_time_now (); for (i = 0; i < MAX_SCTP_CONNECTIONS; i++) { diff --git a/src/vnet/sctp/sctp_packet.h b/src/vnet/sctp/sctp_packet.h index 0cee3f26174..427e2f39496 100644 --- a/src/vnet/sctp/sctp_packet.h +++ b/src/vnet/sctp/sctp_packet.h @@ -713,7 +713,7 @@ typedef struct sctp_opt_params_hdr_t param_hdr; unsigned char mac[SHA1_OUTPUT_LENGTH]; /* RFC 2104 */ - u32 creation_time; + u64 creation_time; u32 cookie_lifespan; } sctp_state_cookie_param_t; |