aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2012-08-07 03:29:57 -0400
committerDavid S. Miller <davem@davemloft.net>2012-08-15 02:32:16 -0400
commite1fc3b14f9a90d9591016749289f2c3d7b35fbf4 (patch)
tree709a6cfe1ac2d7164c9661a8c393a91d83ee6c85
parentf53b5b097e58361668b785eff9f7bcd12b4255ec (diff)
sctp: Make sysctl tunables per net
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat
-rw-r--r--include/net/netns/sctp.h90
-rw-r--r--include/net/sctp/structs.h116
-rw-r--r--net/sctp/associola.c10
-rw-r--r--net/sctp/auth.c20
-rw-r--r--net/sctp/bind_addr.c2
-rw-r--r--net/sctp/endpointola.c9
-rw-r--r--net/sctp/input.c2
-rw-r--r--net/sctp/protocol.c128
-rw-r--r--net/sctp/sm_make_chunk.c47
-rw-r--r--net/sctp/sm_statefuns.c4
-rw-r--r--net/sctp/sm_statetable.c6
-rw-r--r--net/sctp/socket.c65
-rw-r--r--net/sctp/sysctl.c185
-rw-r--r--net/sctp/transport.c15
14 files changed, 355 insertions, 344 deletions
diff --git a/include/net/netns/sctp.h b/include/net/netns/sctp.h
index 9576b60cbd2..5e5eb1f9f14 100644
--- a/include/net/netns/sctp.h
+++ b/include/net/netns/sctp.h
@@ -36,6 +36,96 @@ struct netns_sctp {
36 /* Lock that protects the local_addr_list writers */ 36 /* Lock that protects the local_addr_list writers */
37 spinlock_t local_addr_lock; 37 spinlock_t local_addr_lock;
38 38
39 /* RFC2960 Section 14. Suggested SCTP Protocol Parameter Values
40 *
41 * The following protocol parameters are RECOMMENDED:
42 *
43 * RTO.Initial - 3 seconds
44 * RTO.Min - 1 second
45 * RTO.Max - 60 seconds
46 * RTO.Alpha - 1/8 (3 when converted to right shifts.)
47 * RTO.Beta - 1/4 (2 when converted to right shifts.)
48 */
49 unsigned int rto_initial;
50 unsigned int rto_min;
51 unsigned int rto_max;
52
53 /* Note: rto_alpha and rto_beta are really defined as inverse
54 * powers of two to facilitate integer operations.
55 */
56 int rto_alpha;
57 int rto_beta;
58
59 /* Max.Burst - 4 */
60 int max_burst;
61
62 /* Whether Cookie Preservative is enabled(1) or not(0) */
63 int cookie_preserve_enable;
64
65 /* Valid.Cookie.Life - 60 seconds */
66 unsigned int valid_cookie_life;
67
68 /* Delayed SACK timeout 200ms default*/
69 unsigned int sack_timeout;
70
71 /* HB.interval - 30 seconds */
72 unsigned int hb_interval;
73
74 /* Association.Max.Retrans - 10 attempts
75 * Path.Max.Retrans - 5 attempts (per destination address)
76 * Max.Init.Retransmits - 8 attempts
77 */
78 int max_retrans_association;
79 int max_retrans_path;
80 int max_retrans_init;
81 /* Potentially-Failed.Max.Retrans sysctl value
82 * taken from:
83 * http://tools.ietf.org/html/draft-nishida-tsvwg-sctp-failover-05
84 */
85 int pf_retrans;
86
87 /*
88 * Policy for preforming sctp/socket accounting
89 * 0 - do socket level accounting, all assocs share sk_sndbuf
90 * 1 - do sctp accounting, each asoc may use sk_sndbuf bytes
91 */
92 int sndbuf_policy;
93
94 /*
95 * Policy for preforming sctp/socket accounting
96 * 0 - do socket level accounting, all assocs share sk_rcvbuf
97 * 1 - do sctp accounting, each asoc may use sk_rcvbuf bytes
98 */
99 int rcvbuf_policy;
100
101 int default_auto_asconf;
102
103 /* Flag to indicate if addip is enabled. */
104 int addip_enable;
105 int addip_noauth;
106
107 /* Flag to indicate if PR-SCTP is enabled. */
108 int prsctp_enable;
109
110 /* Flag to idicate if SCTP-AUTH is enabled */
111 int auth_enable;
112
113 /*
114 * Policy to control SCTP IPv4 address scoping
115 * 0 - Disable IPv4 address scoping
116 * 1 - Enable IPv4 address scoping
117 * 2 - Selectively allow only IPv4 private addresses
118 * 3 - Selectively allow only IPv4 link local address
119 */
120 int scope_policy;
121
122 /* Threshold for rwnd update SACKS. Receive buffer shifted this many
123 * bits is an indicator of when to send and window update SACK.
124 */
125 int rwnd_upd_shift;
126
127 /* Threshold for autoclose timeout, in seconds. */
128 unsigned long max_autoclose;
39}; 129};
40 130
41#endif /* __NETNS_SCTP_H__ */ 131#endif /* __NETNS_SCTP_H__ */
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
index 18052b42120..0fef00f5d3c 100644
--- a/include/net/sctp/structs.h
+++ b/include/net/sctp/structs.h
@@ -119,69 +119,6 @@ struct sctp_hashbucket {
119 119
120/* The SCTP globals structure. */ 120/* The SCTP globals structure. */
121extern struct sctp_globals { 121extern struct sctp_globals {
122 /* RFC2960 Section 14. Suggested SCTP Protocol Parameter Values
123 *
124 * The following protocol parameters are RECOMMENDED:
125 *
126 * RTO.Initial - 3 seconds
127 * RTO.Min - 1 second
128 * RTO.Max - 60 seconds
129 * RTO.Alpha - 1/8 (3 when converted to right shifts.)
130 * RTO.Beta - 1/4 (2 when converted to right shifts.)
131 */
132 unsigned int rto_initial;
133 unsigned int rto_min;
134 unsigned int rto_max;
135
136 /* Note: rto_alpha and rto_beta are really defined as inverse
137 * powers of two to facilitate integer operations.
138 */
139 int rto_alpha;
140 int rto_beta;
141
142 /* Max.Burst - 4 */
143 int max_burst;
144
145 /* Whether Cookie Preservative is enabled(1) or not(0) */
146 int cookie_preserve_enable;
147
148 /* Valid.Cookie.Life - 60 seconds */
149 unsigned int valid_cookie_life;
150
151 /* Delayed SACK timeout 200ms default*/
152 unsigned int sack_timeout;
153
154 /* HB.interval - 30 seconds */
155 unsigned int hb_interval;
156
157 /* Association.Max.Retrans - 10 attempts
158 * Path.Max.Retrans - 5 attempts (per destination address)
159 * Max.Init.Retransmits - 8 attempts
160 */
161 int max_retrans_association;
162 int max_retrans_path;
163 int max_retrans_init;
164
165 /* Potentially-Failed.Max.Retrans sysctl value
166 * taken from:
167 * http://tools.ietf.org/html/draft-nishida-tsvwg-sctp-failover-05
168 */
169 int pf_retrans;
170
171 /*
172 * Policy for preforming sctp/socket accounting
173 * 0 - do socket level accounting, all assocs share sk_sndbuf
174 * 1 - do sctp accounting, each asoc may use sk_sndbuf bytes
175 */
176 int sndbuf_policy;
177
178 /*
179 * Policy for preforming sctp/socket accounting
180 * 0 - do socket level accounting, all assocs share sk_rcvbuf
181 * 1 - do sctp accounting, each asoc may use sk_rcvbuf bytes
182 */
183 int rcvbuf_policy;
184
185 /* The following variables are implementation specific. */ 122 /* The following variables are implementation specific. */
186 123
187 /* Default initialization values to be applied to new associations. */ 124 /* Default initialization values to be applied to new associations. */
@@ -205,56 +142,11 @@ extern struct sctp_globals {
205 int port_hashsize; 142 int port_hashsize;
206 struct sctp_bind_hashbucket *port_hashtable; 143 struct sctp_bind_hashbucket *port_hashtable;
207 144
208 int default_auto_asconf;
209
210 /* Flag to indicate if addip is enabled. */
211 int addip_enable;
212 int addip_noauth_enable;
213
214 /* Flag to indicate if PR-SCTP is enabled. */
215 int prsctp_enable;
216
217 /* Flag to idicate if SCTP-AUTH is enabled */
218 int auth_enable;
219
220 /*
221 * Policy to control SCTP IPv4 address scoping
222 * 0 - Disable IPv4 address scoping
223 * 1 - Enable IPv4 address scoping
224 * 2 - Selectively allow only IPv4 private addresses
225 * 3 - Selectively allow only IPv4 link local address
226 */
227 int ipv4_scope_policy;
228
229 /* Flag to indicate whether computing and verifying checksum 145 /* Flag to indicate whether computing and verifying checksum
230 * is disabled. */ 146 * is disabled. */
231 bool checksum_disable; 147 bool checksum_disable;
232
233 /* Threshold for rwnd update SACKS. Receive buffer shifted this many
234 * bits is an indicator of when to send and window update SACK.
235 */
236 int rwnd_update_shift;
237
238 /* Threshold for autoclose timeout, in seconds. */
239 unsigned long max_autoclose;
240} sctp_globals; 148} sctp_globals;
241 149
242#define sctp_rto_initial (sctp_globals.rto_initial)
243#define sctp_rto_min (sctp_globals.rto_min)
244#define sctp_rto_max (sctp_globals.rto_max)
245#define sctp_rto_alpha (sctp_globals.rto_alpha)
246#define sctp_rto_beta (sctp_globals.rto_beta)
247#define sctp_max_burst (sctp_globals.max_burst)
248#define sctp_valid_cookie_life (sctp_globals.valid_cookie_life)
249#define sctp_cookie_preserve_enable (sctp_globals.cookie_preserve_enable)
250#define sctp_max_retrans_association (sctp_globals.max_retrans_association)
251#define sctp_sndbuf_policy (sctp_globals.sndbuf_policy)
252#define sctp_rcvbuf_policy (sctp_globals.rcvbuf_policy)
253#define sctp_max_retrans_path (sctp_globals.max_retrans_path)
254#define sctp_pf_retrans (sctp_globals.pf_retrans)
255#define sctp_max_retrans_init (sctp_globals.max_retrans_init)
256#define sctp_sack_timeout (sctp_globals.sack_timeout)
257#define sctp_hb_interval (sctp_globals.hb_interval)
258#define sctp_max_instreams (sctp_globals.max_instreams) 150#define sctp_max_instreams (sctp_globals.max_instreams)
259#define sctp_max_outstreams (sctp_globals.max_outstreams) 151#define sctp_max_outstreams (sctp_globals.max_outstreams)
260#define sctp_address_families (sctp_globals.address_families) 152#define sctp_address_families (sctp_globals.address_families)
@@ -264,15 +156,7 @@ extern struct sctp_globals {
264#define sctp_assoc_hashtable (sctp_globals.assoc_hashtable) 156#define sctp_assoc_hashtable (sctp_globals.assoc_hashtable)
265#define sctp_port_hashsize (sctp_globals.port_hashsize) 157#define sctp_port_hashsize (sctp_globals.port_hashsize)
266#define sctp_port_hashtable (sctp_globals.port_hashtable) 158#define sctp_port_hashtable (sctp_globals.port_hashtable)
267#define sctp_default_auto_asconf (sctp_globals.default_auto_asconf)
268#define sctp_scope_policy (sctp_globals.ipv4_scope_policy)
269#define sctp_addip_enable (sctp_globals.addip_enable)
270#define sctp_addip_noauth (sctp_globals.addip_noauth_enable)
271#define sctp_prsctp_enable (sctp_globals.prsctp_enable)
272#define sctp_auth_enable (sctp_globals.auth_enable)
273#define sctp_checksum_disable (sctp_globals.checksum_disable) 159#define sctp_checksum_disable (sctp_globals.checksum_disable)
274#define sctp_rwnd_upd_shift (sctp_globals.rwnd_update_shift)
275#define sctp_max_autoclose (sctp_globals.max_autoclose)
276 160
277/* SCTP Socket type: UDP or TCP style. */ 161/* SCTP Socket type: UDP or TCP style. */
278typedef enum { 162typedef enum {
diff --git a/net/sctp/associola.c b/net/sctp/associola.c
index 93a4513c85e..b1ef3bc301a 100644
--- a/net/sctp/associola.c
+++ b/net/sctp/associola.c
@@ -82,6 +82,7 @@ static struct sctp_association *sctp_association_init(struct sctp_association *a
82 sctp_scope_t scope, 82 sctp_scope_t scope,
83 gfp_t gfp) 83 gfp_t gfp)
84{ 84{
85 struct net *net = sock_net(sk);
85 struct sctp_sock *sp; 86 struct sctp_sock *sp;
86 int i; 87 int i;
87 sctp_paramhdr_t *p; 88 sctp_paramhdr_t *p;
@@ -124,7 +125,7 @@ static struct sctp_association *sctp_association_init(struct sctp_association *a
124 * socket values. 125 * socket values.
125 */ 126 */
126 asoc->max_retrans = sp->assocparams.sasoc_asocmaxrxt; 127 asoc->max_retrans = sp->assocparams.sasoc_asocmaxrxt;
127 asoc->pf_retrans = sctp_pf_retrans; 128 asoc->pf_retrans = net->sctp.pf_retrans;
128 129
129 asoc->rto_initial = msecs_to_jiffies(sp->rtoinfo.srto_initial); 130 asoc->rto_initial = msecs_to_jiffies(sp->rtoinfo.srto_initial);
130 asoc->rto_max = msecs_to_jiffies(sp->rtoinfo.srto_max); 131 asoc->rto_max = msecs_to_jiffies(sp->rtoinfo.srto_max);
@@ -175,7 +176,7 @@ static struct sctp_association *sctp_association_init(struct sctp_association *a
175 asoc->timeouts[SCTP_EVENT_TIMEOUT_HEARTBEAT] = 0; 176 asoc->timeouts[SCTP_EVENT_TIMEOUT_HEARTBEAT] = 0;
176 asoc->timeouts[SCTP_EVENT_TIMEOUT_SACK] = asoc->sackdelay; 177 asoc->timeouts[SCTP_EVENT_TIMEOUT_SACK] = asoc->sackdelay;
177 asoc->timeouts[SCTP_EVENT_TIMEOUT_AUTOCLOSE] = 178 asoc->timeouts[SCTP_EVENT_TIMEOUT_AUTOCLOSE] =
178 min_t(unsigned long, sp->autoclose, sctp_max_autoclose) * HZ; 179 min_t(unsigned long, sp->autoclose, net->sctp.max_autoclose) * HZ;
179 180
180 /* Initializes the timers */ 181 /* Initializes the timers */
181 for (i = SCTP_EVENT_TIMEOUT_NONE; i < SCTP_NUM_TIMEOUT_TYPES; ++i) 182 for (i = SCTP_EVENT_TIMEOUT_NONE; i < SCTP_NUM_TIMEOUT_TYPES; ++i)
@@ -281,7 +282,7 @@ static struct sctp_association *sctp_association_init(struct sctp_association *a
281 * and will revert old behavior. 282 * and will revert old behavior.
282 */ 283 */
283 asoc->peer.asconf_capable = 0; 284 asoc->peer.asconf_capable = 0;
284 if (sctp_addip_noauth) 285 if (net->sctp.addip_noauth)
285 asoc->peer.asconf_capable = 1; 286 asoc->peer.asconf_capable = 1;
286 asoc->asconf_addr_del_pending = NULL; 287 asoc->asconf_addr_del_pending = NULL;
287 asoc->src_out_of_asoc_ok = 0; 288 asoc->src_out_of_asoc_ok = 0;
@@ -1418,6 +1419,7 @@ void sctp_assoc_sync_pmtu(struct sock *sk, struct sctp_association *asoc)
1418/* Should we send a SACK to update our peer? */ 1419/* Should we send a SACK to update our peer? */
1419static inline int sctp_peer_needs_update(struct sctp_association *asoc) 1420static inline int sctp_peer_needs_update(struct sctp_association *asoc)
1420{ 1421{
1422 struct net *net = sock_net(asoc->base.sk);
1421 switch (asoc->state) { 1423 switch (asoc->state) {
1422 case SCTP_STATE_ESTABLISHED: 1424 case SCTP_STATE_ESTABLISHED:
1423 case SCTP_STATE_SHUTDOWN_PENDING: 1425 case SCTP_STATE_SHUTDOWN_PENDING:
@@ -1425,7 +1427,7 @@ static inline int sctp_peer_needs_update(struct sctp_association *asoc)
1425 case SCTP_STATE_SHUTDOWN_SENT: 1427 case SCTP_STATE_SHUTDOWN_SENT:
1426 if ((asoc->rwnd > asoc->a_rwnd) && 1428 if ((asoc->rwnd > asoc->a_rwnd) &&
1427 ((asoc->rwnd - asoc->a_rwnd) >= max_t(__u32, 1429 ((asoc->rwnd - asoc->a_rwnd) >= max_t(__u32,
1428 (asoc->base.sk->sk_rcvbuf >> sctp_rwnd_upd_shift), 1430 (asoc->base.sk->sk_rcvbuf >> net->sctp.rwnd_upd_shift),
1429 asoc->pathmtu))) 1431 asoc->pathmtu)))
1430 return 1; 1432 return 1;
1431 break; 1433 break;
diff --git a/net/sctp/auth.c b/net/sctp/auth.c
index bf812048cf6..aaa6c121ecc 100644
--- a/net/sctp/auth.c
+++ b/net/sctp/auth.c
@@ -392,13 +392,14 @@ nomem:
392 */ 392 */
393int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp) 393int sctp_auth_asoc_init_active_key(struct sctp_association *asoc, gfp_t gfp)
394{ 394{
395 struct net *net = sock_net(asoc->base.sk);
395 struct sctp_auth_bytes *secret; 396 struct sctp_auth_bytes *secret;
396 struct sctp_shared_key *ep_key; 397 struct sctp_shared_key *ep_key;
397 398
398 /* If we don't support AUTH, or peer is not capable 399 /* If we don't support AUTH, or peer is not capable
399 * we don't need to do anything. 400 * we don't need to do anything.
400 */ 401 */
401 if (!sctp_auth_enable || !asoc->peer.auth_capable) 402 if (!net->sctp.auth_enable || !asoc->peer.auth_capable)
402 return 0; 403 return 0;
403 404
404 /* If the key_id is non-zero and we couldn't find an 405 /* If the key_id is non-zero and we couldn't find an
@@ -445,11 +446,12 @@ struct sctp_shared_key *sctp_auth_get_shkey(
445 */ 446 */
446int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp) 447int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp)
447{ 448{
449 struct net *net = sock_net(ep->base.sk);
448 struct crypto_hash *tfm = NULL; 450 struct crypto_hash *tfm = NULL;
449 __u16 id; 451 __u16 id;
450 452
451 /* if the transforms are already allocted, we are done */ 453 /* if the transforms are already allocted, we are done */
452 if (!sctp_auth_enable) { 454 if (!net->sctp.auth_enable) {
453 ep->auth_hmacs = NULL; 455 ep->auth_hmacs = NULL;
454 return 0; 456 return 0;
455 } 457 }
@@ -674,7 +676,12 @@ static int __sctp_auth_cid(sctp_cid_t chunk, struct sctp_chunks_param *param)
674/* Check if peer requested that this chunk is authenticated */ 676/* Check if peer requested that this chunk is authenticated */
675int sctp_auth_send_cid(sctp_cid_t chunk, const struct sctp_association *asoc) 677int sctp_auth_send_cid(sctp_cid_t chunk, const struct sctp_association *asoc)
676{ 678{
677 if (!sctp_auth_enable || !asoc || !asoc->peer.auth_capable) 679 struct net *net;
680 if (!asoc)
681 return 0;
682
683 net = sock_net(asoc->base.sk);
684 if (!net->sctp.auth_enable || !asoc->peer.auth_capable)
678 return 0; 685 return 0;
679 686
680 return __sctp_auth_cid(chunk, asoc->peer.peer_chunks); 687 return __sctp_auth_cid(chunk, asoc->peer.peer_chunks);
@@ -683,7 +690,12 @@ int sctp_auth_send_cid(sctp_cid_t chunk, const struct sctp_association *asoc)
683/* Check if we requested that peer authenticate this chunk. */ 690/* Check if we requested that peer authenticate this chunk. */
684int sctp_auth_recv_cid(sctp_cid_t chunk, const struct sctp_association *asoc) 691int sctp_auth_recv_cid(sctp_cid_t chunk, const struct sctp_association *asoc)
685{ 692{
686 if (!sctp_auth_enable || !asoc) 693 struct net *net;
694 if (!asoc)
695 return 0;
696
697 net = sock_net(asoc->base.sk);
698 if (!net->sctp.auth_enable);
687 return 0; 699 return 0;
688 700
689 return __sctp_auth_cid(chunk, 701 return __sctp_auth_cid(chunk,
diff --git a/net/sctp/bind_addr.c b/net/sctp/bind_addr.c
index 23389ba44e3..d886b3bf84f 100644
--- a/net/sctp/bind_addr.c
+++ b/net/sctp/bind_addr.c
@@ -512,7 +512,7 @@ int sctp_in_scope(struct net *net, const union sctp_addr *addr, sctp_scope_t sco
512 * Address scoping can be selectively controlled via sysctl 512 * Address scoping can be selectively controlled via sysctl
513 * option 513 * option
514 */ 514 */
515 switch (sctp_scope_policy) { 515 switch (net->sctp.scope_policy) {
516 case SCTP_SCOPE_POLICY_DISABLE: 516 case SCTP_SCOPE_POLICY_DISABLE:
517 return 1; 517 return 1;
518 case SCTP_SCOPE_POLICY_ENABLE: 518 case SCTP_SCOPE_POLICY_ENABLE:
diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c
index 8315792ef2b..1859e2bc83d 100644
--- a/net/sctp/endpointola.c
+++ b/net/sctp/endpointola.c
@@ -65,6 +65,7 @@ static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
65 struct sock *sk, 65 struct sock *sk,
66 gfp_t gfp) 66 gfp_t gfp)
67{ 67{
68 struct net *net = sock_net(sk);
68 struct sctp_hmac_algo_param *auth_hmacs = NULL; 69 struct sctp_hmac_algo_param *auth_hmacs = NULL;
69 struct sctp_chunks_param *auth_chunks = NULL; 70 struct sctp_chunks_param *auth_chunks = NULL;
70 struct sctp_shared_key *null_key; 71 struct sctp_shared_key *null_key;
@@ -74,7 +75,7 @@ static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
74 if (!ep->digest) 75 if (!ep->digest)
75 return NULL; 76 return NULL;
76 77
77 if (sctp_auth_enable) { 78 if (net->sctp.auth_enable) {
78 /* Allocate space for HMACS and CHUNKS authentication 79 /* Allocate space for HMACS and CHUNKS authentication
79 * variables. There are arrays that we encode directly 80 * variables. There are arrays that we encode directly
80 * into parameters to make the rest of the operations easier. 81 * into parameters to make the rest of the operations easier.
@@ -106,7 +107,7 @@ static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
106 /* If the Add-IP functionality is enabled, we must 107 /* If the Add-IP functionality is enabled, we must
107 * authenticate, ASCONF and ASCONF-ACK chunks 108 * authenticate, ASCONF and ASCONF-ACK chunks
108 */ 109 */
109 if (sctp_addip_enable) { 110 if (net->sctp.addip_enable) {
110 auth_chunks->chunks[0] = SCTP_CID_ASCONF; 111 auth_chunks->chunks[0] = SCTP_CID_ASCONF;
111 auth_chunks->chunks[1] = SCTP_CID_ASCONF_ACK; 112 auth_chunks->chunks[1] = SCTP_CID_ASCONF_ACK;
112 auth_chunks->param_hdr.length = 113 auth_chunks->param_hdr.length =
@@ -140,14 +141,14 @@ static struct sctp_endpoint *sctp_endpoint_init(struct sctp_endpoint *ep,
140 INIT_LIST_HEAD(&ep->asocs); 141 INIT_LIST_HEAD(&ep->asocs);
141 142
142 /* Use SCTP specific send buffer space queues. */ 143 /* Use SCTP specific send buffer space queues. */
143 ep->sndbuf_policy = sctp_sndbuf_policy; 144 ep->sndbuf_policy = net->sctp.sndbuf_policy;
144 145
145 sk->sk_data_ready = sctp_data_ready; 146 sk->sk_data_ready = sctp_data_ready;
146 sk->sk_write_space = sctp_write_space; 147 sk->sk_write_space = sctp_write_space;
147 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE); 148 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
148 149
149 /* Get the receive buffer policy for this endpoint */ 150 /* Get the receive buffer policy for this endpoint */
150 ep->rcvbuf_policy = sctp_rcvbuf_policy; 151 ep->rcvbuf_policy = net->sctp.rcvbuf_policy;
151 152
152 /* Initialize the secret key used with cookie. */ 153 /* Initialize the secret key used with cookie. */
153 get_random_bytes(&ep->secret_key[0], SCTP_SECRET_SIZE); 154 get_random_bytes(&ep->secret_key[0], SCTP_SECRET_SIZE);
diff --git a/net/sctp/input.c b/net/sctp/input.c
index a2ceb70ee06..25dfe738047 100644
--- a/net/sctp/input.c
+++ b/net/sctp/input.c
@@ -1094,7 +1094,7 @@ static struct sctp_association *__sctp_rcv_walk_lookup(struct net *net,
1094 break; 1094 break;
1095 1095
1096 case SCTP_CID_ASCONF: 1096 case SCTP_CID_ASCONF:
1097 if (have_auth || sctp_addip_noauth) 1097 if (have_auth || net->sctp.addip_noauth)
1098 asoc = __sctp_rcv_asconf_lookup( 1098 asoc = __sctp_rcv_asconf_lookup(
1099 net, ch, laddr, 1099 net, ch, laddr,
1100 sctp_hdr(skb)->source, 1100 sctp_hdr(skb)->source,
diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c
index 59965bdea07..2d518425d59 100644
--- a/net/sctp/protocol.c
+++ b/net/sctp/protocol.c
@@ -1169,6 +1169,70 @@ static int sctp_net_init(struct net *net)
1169{ 1169{
1170 int status; 1170 int status;
1171 1171
1172 /*
1173 * 14. Suggested SCTP Protocol Parameter Values
1174 */
1175 /* The following protocol parameters are RECOMMENDED: */
1176 /* RTO.Initial - 3 seconds */
1177 net->sctp.rto_initial = SCTP_RTO_INITIAL;
1178 /* RTO.Min - 1 second */
1179 net->sctp.rto_min = SCTP_RTO_MIN;
1180 /* RTO.Max - 60 seconds */
1181 net->sctp.rto_max = SCTP_RTO_MAX;
1182 /* RTO.Alpha - 1/8 */
1183 net->sctp.rto_alpha = SCTP_RTO_ALPHA;
1184 /* RTO.Beta - 1/4 */
1185 net->sctp.rto_beta = SCTP_RTO_BETA;
1186
1187 /* Valid.Cookie.Life - 60 seconds */
1188 net->sctp.valid_cookie_life = SCTP_DEFAULT_COOKIE_LIFE;
1189
1190 /* Whether Cookie Preservative is enabled(1) or not(0) */
1191 net->sctp.cookie_preserve_enable = 1;
1192
1193 /* Max.Burst - 4 */
1194 net->sctp.max_burst = SCTP_DEFAULT_MAX_BURST;
1195
1196 /* Association.Max.Retrans - 10 attempts
1197 * Path.Max.Retrans - 5 attempts (per destination address)
1198 * Max.Init.Retransmits - 8 attempts
1199 */
1200 net->sctp.max_retrans_association = 10;
1201 net->sctp.max_retrans_path = 5;
1202 net->sctp.max_retrans_init = 8;
1203
1204 /* Sendbuffer growth - do per-socket accounting */
1205 net->sctp.sndbuf_policy = 0;
1206
1207 /* Rcvbuffer growth - do per-socket accounting */
1208 net->sctp.rcvbuf_policy = 0;
1209
1210 /* HB.interval - 30 seconds */
1211 net->sctp.hb_interval = SCTP_DEFAULT_TIMEOUT_HEARTBEAT;
1212
1213 /* delayed SACK timeout */
1214 net->sctp.sack_timeout = SCTP_DEFAULT_TIMEOUT_SACK;
1215
1216 /* Disable ADDIP by default. */
1217 net->sctp.addip_enable = 0;
1218 net->sctp.addip_noauth = 0;
1219 net->sctp.default_auto_asconf = 0;
1220
1221 /* Enable PR-SCTP by default. */
1222 net->sctp.prsctp_enable = 1;
1223
1224 /* Disable AUTH by default. */
1225 net->sctp.auth_enable = 0;
1226
1227 /* Set SCOPE policy to enabled */
1228 net->sctp.scope_policy = SCTP_SCOPE_POLICY_ENABLE;
1229
1230 /* Set the default rwnd update threshold */
1231 net->sctp.rwnd_upd_shift = SCTP_DEFAULT_RWND_SHIFT;
1232
1233 /* Initialize maximum autoclose timeout. */
1234 net->sctp.max_autoclose = INT_MAX / HZ;
1235
1172 status = sctp_sysctl_net_register(net); 1236 status = sctp_sysctl_net_register(net);
1173 if (status) 1237 if (status)
1174 goto err_sysctl_register; 1238 goto err_sysctl_register;
@@ -1272,59 +1336,12 @@ SCTP_STATIC __init int sctp_init(void)
1272 if (status) 1336 if (status)
1273 goto err_percpu_counter_init; 1337 goto err_percpu_counter_init;
1274 1338
1275 /*
1276 * 14. Suggested SCTP Protocol Parameter Values
1277 */
1278 /* The following protocol parameters are RECOMMENDED: */
1279 /* RTO.Initial - 3 seconds */
1280 sctp_rto_initial = SCTP_RTO_INITIAL;
1281 /* RTO.Min - 1 second */
1282 sctp_rto_min = SCTP_RTO_MIN;
1283 /* RTO.Max - 60 seconds */
1284 sctp_rto_max = SCTP_RTO_MAX;
1285 /* RTO.Alpha - 1/8 */
1286 sctp_rto_alpha = SCTP_RTO_ALPHA;
1287 /* RTO.Beta - 1/4 */
1288 sctp_rto_beta = SCTP_RTO_BETA;
1289
1290 /* Valid.Cookie.Life - 60 seconds */
1291 sctp_valid_cookie_life = SCTP_DEFAULT_COOKIE_LIFE;
1292
1293 /* Whether Cookie Preservative is enabled(1) or not(0) */
1294 sctp_cookie_preserve_enable = 1;
1295
1296 /* Max.Burst - 4 */
1297 sctp_max_burst = SCTP_DEFAULT_MAX_BURST;
1298
1299 /* Association.Max.Retrans - 10 attempts
1300 * Path.Max.Retrans - 5 attempts (per destination address)
1301 * Max.Init.Retransmits - 8 attempts
1302 */
1303 sctp_max_retrans_association = 10;
1304 sctp_max_retrans_path = 5;
1305 sctp_max_retrans_init = 8;
1306
1307 /* Sendbuffer growth - do per-socket accounting */
1308 sctp_sndbuf_policy = 0;
1309
1310 /* Rcvbuffer growth - do per-socket accounting */
1311 sctp_rcvbuf_policy = 0;
1312
1313 /* HB.interval - 30 seconds */
1314 sctp_hb_interval = SCTP_DEFAULT_TIMEOUT_HEARTBEAT;
1315
1316 /* delayed SACK timeout */
1317 sctp_sack_timeout = SCTP_DEFAULT_TIMEOUT_SACK;
1318
1319 /* Implementation specific variables. */ 1339 /* Implementation specific variables. */
1320 1340
1321 /* Initialize default stream count setup information. */ 1341 /* Initialize default stream count setup information. */
1322 sctp_max_instreams = SCTP_DEFAULT_INSTREAMS; 1342 sctp_max_instreams = SCTP_DEFAULT_INSTREAMS;
1323 sctp_max_outstreams = SCTP_DEFAULT_OUTSTREAMS; 1343 sctp_max_outstreams = SCTP_DEFAULT_OUTSTREAMS;
1324 1344
1325 /* Initialize maximum autoclose timeout. */
1326 sctp_max_autoclose = INT_MAX / HZ;
1327
1328 /* Initialize handle used for association ids. */ 1345 /* Initialize handle used for association ids. */
1329 idr_init(&sctp_assocs_id); 1346 idr_init(&sctp_assocs_id);
1330 1347
@@ -1411,23 +1428,6 @@ SCTP_STATIC __init int sctp_init(void)
1411 pr_info("Hash tables configured (established %d bind %d)\n", 1428 pr_info("Hash tables configured (established %d bind %d)\n",
1412 sctp_assoc_hashsize, sctp_port_hashsize); 1429 sctp_assoc_hashsize, sctp_port_hashsize);
1413 1430
1414 /* Disable ADDIP by default. */
1415 sctp_addip_enable = 0;
1416 sctp_addip_noauth = 0;
1417 sctp_default_auto_asconf = 0;
1418
1419 /* Enable PR-SCTP by default. */
1420 sctp_prsctp_enable = 1;
1421
1422 /* Disable AUTH by default. */
1423 sctp_auth_enable = 0;
1424
1425 /* Set SCOPE policy to enabled */
1426 sctp_scope_policy = SCTP_SCOPE_POLICY_ENABLE;
1427
1428 /* Set the default rwnd update threshold */
1429 sctp_rwnd_upd_shift = SCTP_DEFAULT_RWND_SHIFT;
1430
1431 sctp_sysctl_register(); 1431 sctp_sysctl_register();
1432 1432
1433 INIT_LIST_HEAD(&sctp_address_families); 1433 INIT_LIST_HEAD(&sctp_address_families);
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index a4b096f85a6..fbe1636309a 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -198,6 +198,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
198 const struct sctp_bind_addr *bp, 198 const struct sctp_bind_addr *bp,
199 gfp_t gfp, int vparam_len) 199 gfp_t gfp, int vparam_len)
200{ 200{
201 struct net *net = sock_net(asoc->base.sk);
201 sctp_inithdr_t init; 202 sctp_inithdr_t init;
202 union sctp_params addrs; 203 union sctp_params addrs;
203 size_t chunksize; 204 size_t chunksize;
@@ -237,7 +238,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
237 chunksize += WORD_ROUND(SCTP_SAT_LEN(num_types)); 238 chunksize += WORD_ROUND(SCTP_SAT_LEN(num_types));
238 chunksize += sizeof(ecap_param); 239 chunksize += sizeof(ecap_param);
239 240
240 if (sctp_prsctp_enable) 241 if (net->sctp.prsctp_enable)
241 chunksize += sizeof(prsctp_param); 242 chunksize += sizeof(prsctp_param);
242 243
243 /* ADDIP: Section 4.2.7: 244 /* ADDIP: Section 4.2.7:
@@ -245,7 +246,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
245 * the ASCONF,the ASCONF-ACK, and the AUTH chunks in its INIT and 246 * the ASCONF,the ASCONF-ACK, and the AUTH chunks in its INIT and
246 * INIT-ACK parameters. 247 * INIT-ACK parameters.
247 */ 248 */
248 if (sctp_addip_enable) { 249 if (net->sctp.addip_enable) {
249 extensions[num_ext] = SCTP_CID_ASCONF; 250 extensions[num_ext] = SCTP_CID_ASCONF;
250 extensions[num_ext+1] = SCTP_CID_ASCONF_ACK; 251 extensions[num_ext+1] = SCTP_CID_ASCONF_ACK;
251 num_ext += 2; 252 num_ext += 2;
@@ -257,7 +258,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
257 chunksize += vparam_len; 258 chunksize += vparam_len;
258 259
259 /* Account for AUTH related parameters */ 260 /* Account for AUTH related parameters */
260 if (sctp_auth_enable) { 261 if (net->sctp.auth_enable) {
261 /* Add random parameter length*/ 262 /* Add random parameter length*/
262 chunksize += sizeof(asoc->c.auth_random); 263 chunksize += sizeof(asoc->c.auth_random);
263 264
@@ -331,7 +332,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
331 sctp_addto_param(retval, num_ext, extensions); 332 sctp_addto_param(retval, num_ext, extensions);
332 } 333 }
333 334
334 if (sctp_prsctp_enable) 335 if (net->sctp.prsctp_enable)
335 sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param); 336 sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param);
336 337
337 if (sp->adaptation_ind) { 338 if (sp->adaptation_ind) {
@@ -342,7 +343,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
342 } 343 }
343 344
344 /* Add SCTP-AUTH chunks to the parameter list */ 345 /* Add SCTP-AUTH chunks to the parameter list */
345 if (sctp_auth_enable) { 346 if (net->sctp.auth_enable) {
346 sctp_addto_chunk(retval, sizeof(asoc->c.auth_random), 347 sctp_addto_chunk(retval, sizeof(asoc->c.auth_random),
347 asoc->c.auth_random); 348 asoc->c.auth_random);
348 if (auth_hmacs) 349 if (auth_hmacs)
@@ -1964,10 +1965,10 @@ static int sctp_verify_ext_param(struct net *net, union sctp_params param)
1964 * only if ADD-IP is turned on and we are not backward-compatible 1965 * only if ADD-IP is turned on and we are not backward-compatible
1965 * mode. 1966 * mode.
1966 */ 1967 */
1967 if (sctp_addip_noauth) 1968 if (net->sctp.addip_noauth)
1968 return 1; 1969 return 1;
1969 1970
1970 if (sctp_addip_enable && !have_auth && have_asconf) 1971 if (net->sctp.addip_enable && !have_auth && have_asconf)
1971 return 0; 1972 return 0;
1972 1973
1973 return 1; 1974 return 1;
@@ -1976,13 +1977,14 @@ static int sctp_verify_ext_param(struct net *net, union sctp_params param)
1976static void sctp_process_ext_param(struct sctp_association *asoc, 1977static void sctp_process_ext_param(struct sctp_association *asoc,
1977 union sctp_params param) 1978 union sctp_params param)
1978{ 1979{
1980 struct net *net = sock_net(asoc->base.sk);
1979 __u16 num_ext = ntohs(param.p->length) - sizeof(sctp_paramhdr_t); 1981 __u16 num_ext = ntohs(param.p->length) - sizeof(sctp_paramhdr_t);
1980 int i; 1982 int i;
1981 1983
1982 for (i = 0; i < num_ext; i++) { 1984 for (i = 0; i < num_ext; i++) {
1983 switch (param.ext->chunks[i]) { 1985 switch (param.ext->chunks[i]) {
1984 case SCTP_CID_FWD_TSN: 1986 case SCTP_CID_FWD_TSN:
1985 if (sctp_prsctp_enable && 1987 if (net->sctp.prsctp_enable &&
1986 !asoc->peer.prsctp_capable) 1988 !asoc->peer.prsctp_capable)
1987 asoc->peer.prsctp_capable = 1; 1989 asoc->peer.prsctp_capable = 1;
1988 break; 1990 break;
@@ -1990,12 +1992,12 @@ static void sctp_process_ext_param(struct sctp_association *asoc,
1990 /* if the peer reports AUTH, assume that he 1992 /* if the peer reports AUTH, assume that he
1991 * supports AUTH. 1993 * supports AUTH.
1992 */ 1994 */
1993 if (sctp_auth_enable) 1995 if (net->sctp.auth_enable)
1994 asoc->peer.auth_capable = 1; 1996 asoc->peer.auth_capable = 1;
1995 break; 1997 break;
1996 case SCTP_CID_ASCONF: 1998 case SCTP_CID_ASCONF:
1997 case SCTP_CID_ASCONF_ACK: 1999 case SCTP_CID_ASCONF_ACK:
1998 if (sctp_addip_enable) 2000 if (net->sctp.addip_enable)
1999 asoc->peer.asconf_capable = 1; 2001 asoc->peer.asconf_capable = 1;
2000 break; 2002 break;
2001 default: 2003 default:
@@ -2116,7 +2118,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
2116 break; 2118 break;
2117 2119
2118 case SCTP_PARAM_SET_PRIMARY: 2120 case SCTP_PARAM_SET_PRIMARY:
2119 if (sctp_addip_enable) 2121 if (net->sctp.addip_enable)
2120 break; 2122 break;
2121 goto fallthrough; 2123 goto fallthrough;
2122 2124
@@ -2127,12 +2129,12 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
2127 break; 2129 break;
2128 2130
2129 case SCTP_PARAM_FWD_TSN_SUPPORT: 2131 case SCTP_PARAM_FWD_TSN_SUPPORT:
2130 if (sctp_prsctp_enable) 2132 if (net->sctp.prsctp_enable)
2131 break; 2133 break;
2132 goto fallthrough; 2134 goto fallthrough;
2133 2135
2134 case SCTP_PARAM_RANDOM: 2136 case SCTP_PARAM_RANDOM:
2135 if (!sctp_auth_enable) 2137 if (!net->sctp.auth_enable)
2136 goto fallthrough; 2138 goto fallthrough;
2137 2139
2138 /* SCTP-AUTH: Secion 6.1 2140 /* SCTP-AUTH: Secion 6.1
@@ -2149,7 +2151,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
2149 break; 2151 break;
2150 2152
2151 case SCTP_PARAM_CHUNKS: 2153 case SCTP_PARAM_CHUNKS:
2152 if (!sctp_auth_enable) 2154 if (!net->sctp.auth_enable)
2153 goto fallthrough; 2155 goto fallthrough;
2154 2156
2155 /* SCTP-AUTH: Section 3.2 2157 /* SCTP-AUTH: Section 3.2
@@ -2165,7 +2167,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
2165 break; 2167 break;
2166 2168
2167 case SCTP_PARAM_HMAC_ALGO: 2169 case SCTP_PARAM_HMAC_ALGO:
2168 if (!sctp_auth_enable) 2170 if (!net->sctp.auth_enable)
2169 goto fallthrough; 2171 goto fallthrough;
2170 2172
2171 hmacs = (struct sctp_hmac_algo_param *)param.p; 2173 hmacs = (struct sctp_hmac_algo_param *)param.p;
@@ -2271,6 +2273,7 @@ int sctp_process_init(struct sctp_association *asoc, struct sctp_chunk *chunk,
2271 const union sctp_addr *peer_addr, 2273 const union sctp_addr *peer_addr,
2272 sctp_init_chunk_t *peer_init, gfp_t gfp) 2274 sctp_init_chunk_t *peer_init, gfp_t gfp)
2273{ 2275{
2276 struct net *net = sock_net(asoc->base.sk);
2274 union sctp_params param; 2277 union sctp_params param;
2275 struct sctp_transport *transport; 2278 struct sctp_transport *transport;
2276 struct list_head *pos, *temp; 2279 struct list_head *pos, *temp;
@@ -2327,7 +2330,7 @@ int sctp_process_init(struct sctp_association *asoc, struct sctp_chunk *chunk,
2327 * also give us an option to silently ignore the packet, which 2330 * also give us an option to silently ignore the packet, which
2328 * is what we'll do here. 2331 * is what we'll do here.
2329 */ 2332 */
2330 if (!sctp_addip_noauth && 2333 if (!net->sctp.addip_noauth &&
2331 (asoc->peer.asconf_capable && !asoc->peer.auth_capable)) { 2334 (asoc->peer.asconf_capable && !asoc->peer.auth_capable)) {
2332 asoc->peer.addip_disabled_mask |= (SCTP_PARAM_ADD_IP | 2335 asoc->peer.addip_disabled_mask |= (SCTP_PARAM_ADD_IP |
2333 SCTP_PARAM_DEL_IP | 2336 SCTP_PARAM_DEL_IP |
@@ -2502,7 +2505,7 @@ do_addr_param:
2502 break; 2505 break;
2503 2506
2504 case SCTP_PARAM_COOKIE_PRESERVATIVE: 2507 case SCTP_PARAM_COOKIE_PRESERVATIVE:
2505 if (!sctp_cookie_preserve_enable) 2508 if (!net->sctp.cookie_preserve_enable)
2506 break; 2509 break;
2507 2510
2508 stale = ntohl(param.life->lifespan_increment); 2511 stale = ntohl(param.life->lifespan_increment);
@@ -2582,7 +2585,7 @@ do_addr_param:
2582 break; 2585 break;
2583 2586
2584 case SCTP_PARAM_SET_PRIMARY: 2587 case SCTP_PARAM_SET_PRIMARY:
2585 if (!sctp_addip_enable) 2588 if (!net->sctp.addip_enable)
2586 goto fall_through; 2589 goto fall_through;
2587 2590
2588 addr_param = param.v + sizeof(sctp_addip_param_t); 2591 addr_param = param.v + sizeof(sctp_addip_param_t);
@@ -2609,7 +2612,7 @@ do_addr_param:
2609 break; 2612 break;
2610 2613
2611 case SCTP_PARAM_FWD_TSN_SUPPORT: 2614 case SCTP_PARAM_FWD_TSN_SUPPORT:
2612 if (sctp_prsctp_enable) { 2615 if (net->sctp.prsctp_enable) {
2613 asoc->peer.prsctp_capable = 1; 2616 asoc->peer.prsctp_capable = 1;
2614 break; 2617 break;
2615 } 2618 }
@@ -2617,7 +2620,7 @@ do_addr_param:
2617 goto fall_through; 2620 goto fall_through;
2618 2621
2619 case SCTP_PARAM_RANDOM: 2622 case SCTP_PARAM_RANDOM:
2620 if (!sctp_auth_enable) 2623 if (!net->sctp.auth_enable)
2621 goto fall_through; 2624 goto fall_through;
2622 2625
2623 /* Save peer's random parameter */ 2626 /* Save peer's random parameter */
@@ -2630,7 +2633,7 @@ do_addr_param:
2630 break; 2633 break;
2631 2634
2632 case SCTP_PARAM_HMAC_ALGO: 2635 case SCTP_PARAM_HMAC_ALGO:
2633 if (!sctp_auth_enable) 2636 if (!net->sctp.auth_enable)
2634 goto fall_through; 2637 goto fall_through;
2635 2638
2636 /* Save peer's HMAC list */ 2639 /* Save peer's HMAC list */
@@ -2646,7 +2649,7 @@ do_addr_param:
2646 break; 2649 break;
2647 2650
2648 case SCTP_PARAM_CHUNKS: 2651 case SCTP_PARAM_CHUNKS:
2649 if (!sctp_auth_enable) 2652 if (!net->sctp.auth_enable)
2650 goto fall_through; 2653 goto fall_through;
2651 2654
2652 asoc->peer.peer_chunks = kmemdup(param.p, 2655 asoc->peer.peer_chunks = kmemdup(param.p,
diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index e17ada47afc..094813b6c3c 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -3586,7 +3586,7 @@ sctp_disposition_t sctp_sf_do_asconf(struct net *net,
3586 * is received unauthenticated it MUST be silently discarded as 3586 * is received unauthenticated it MUST be silently discarded as
3587 * described in [I-D.ietf-tsvwg-sctp-auth]. 3587 * described in [I-D.ietf-tsvwg-sctp-auth].
3588 */ 3588 */
3589 if (!sctp_addip_noauth && !chunk->auth) 3589 if (!net->sctp.addip_noauth && !chunk->auth)
3590 return sctp_sf_discard_chunk(net, ep, asoc, type, arg, commands); 3590 return sctp_sf_discard_chunk(net, ep, asoc, type, arg, commands);
3591 3591
3592 /* Make sure that the ASCONF ADDIP chunk has a valid length. */ 3592 /* Make sure that the ASCONF ADDIP chunk has a valid length. */
@@ -3713,7 +3713,7 @@ sctp_disposition_t sctp_sf_do_asconf_ack(struct net *net,
3713 * is received unauthenticated it MUST be silently discarded as 3713 * is received unauthenticated it MUST be silently discarded as
3714 * described in [I-D.ietf-tsvwg-sctp-auth]. 3714 * described in [I-D.ietf-tsvwg-sctp-auth].
3715 */ 3715 */
3716 if (!sctp_addip_noauth && !asconf_ack->auth) 3716 if (!net->sctp.addip_noauth && !asconf_ack->auth)
3717 return sctp_sf_discard_chunk(net, ep, asoc, type, arg, commands); 3717 return sctp_sf_discard_chunk(net, ep, asoc, type, arg, commands);
3718 3718
3719 /* Make sure that the ADDIP chunk has a valid length. */ 3719 /* Make sure that the ADDIP chunk has a valid length. */
diff --git a/net/sctp/sm_statetable.c b/net/sctp/sm_statetable.c
index 4a029d79828..84d98d8a5a7 100644
--- a/net/sctp/sm_statetable.c
+++ b/net/sctp/sm_statetable.c
@@ -918,12 +918,12 @@ static const sctp_sm_table_entry_t *sctp_chunk_event_lookup(struct net *net,
918 if (cid <= SCTP_CID_BASE_MAX) 918 if (cid <= SCTP_CID_BASE_MAX)
919 return &chunk_event_table[cid][state]; 919 return &chunk_event_table[cid][state];
920 920
921 if (sctp_prsctp_enable) { 921 if (net->sctp.prsctp_enable) {
922 if (cid == SCTP_CID_FWD_TSN) 922 if (cid == SCTP_CID_FWD_TSN)
923 return &prsctp_chunk_event_table[0][state]; 923 return &prsctp_chunk_event_table[0][state];
924 } 924 }
925 925
926 if (sctp_addip_enable) { 926 if (net->sctp.addip_enable) {
927 if (cid == SCTP_CID_ASCONF) 927 if (cid == SCTP_CID_ASCONF)
928 return &addip_chunk_event_table[0][state]; 928 return &addip_chunk_event_table[0][state];
929 929
@@ -931,7 +931,7 @@ static const sctp_sm_table_entry_t *sctp_chunk_event_lookup(struct net *net,
931 return &addip_chunk_event_table[1][state]; 931 return &addip_chunk_event_table[1][state];
932 } 932 }
933 933
934 if (sctp_auth_enable) { 934 if (net->sctp.auth_enable) {
935 if (cid == SCTP_CID_AUTH) 935 if (cid == SCTP_CID_AUTH)
936 return &auth_chunk_event_table[0][state]; 936 return &auth_chunk_event_table[0][state];
937 } 937 }
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index a6a4226a922..d37d24ff197 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -516,6 +516,7 @@ static int sctp_send_asconf_add_ip(struct sock *sk,
516 struct sockaddr *addrs, 516 struct sockaddr *addrs,
517 int addrcnt) 517 int addrcnt)
518{ 518{
519 struct net *net = sock_net(sk);
519 struct sctp_sock *sp; 520 struct sctp_sock *sp;
520 struct sctp_endpoint *ep; 521 struct sctp_endpoint *ep;
521 struct sctp_association *asoc; 522 struct sctp_association *asoc;
@@ -530,7 +531,7 @@ static int sctp_send_asconf_add_ip(struct sock *sk,
530 int i; 531 int i;
531 int retval = 0; 532 int retval = 0;
532 533
533 if (!sctp_addip_enable) 534 if (!net->sctp.addip_enable)
534 return retval; 535 return retval;
535 536
536 sp = sctp_sk(sk); 537 sp = sctp_sk(sk);
@@ -718,6 +719,7 @@ static int sctp_send_asconf_del_ip(struct sock *sk,
718 struct sockaddr *addrs, 719 struct sockaddr *addrs,
719 int addrcnt) 720 int addrcnt)
720{ 721{
722 struct net *net = sock_net(sk);
721 struct sctp_sock *sp; 723 struct sctp_sock *sp;
722 struct sctp_endpoint *ep; 724 struct sctp_endpoint *ep;
723 struct sctp_association *asoc; 725 struct sctp_association *asoc;
@@ -733,7 +735,7 @@ static int sctp_send_asconf_del_ip(struct sock *sk,
733 int stored = 0; 735 int stored = 0;
734 736
735 chunk = NULL; 737 chunk = NULL;
736 if (!sctp_addip_enable) 738 if (!net->sctp.addip_enable)
737 return retval; 739 return retval;
738 740
739 sp = sctp_sk(sk); 741 sp = sctp_sk(sk);
@@ -3039,6 +3041,7 @@ static int sctp_setsockopt_maxseg(struct sock *sk, char __user *optval, unsigned
3039static int sctp_setsockopt_peer_primary_addr(struct sock *sk, char __user *optval, 3041static int sctp_setsockopt_peer_primary_addr(struct sock *sk, char __user *optval,
3040 unsigned int optlen) 3042 unsigned int optlen)
3041{ 3043{
3044 struct net *net = sock_net(sk);
3042 struct sctp_sock *sp; 3045 struct sctp_sock *sp;
3043 struct sctp_association *asoc = NULL; 3046 struct sctp_association *asoc = NULL;
3044 struct sctp_setpeerprim prim; 3047 struct sctp_setpeerprim prim;
@@ -3048,7 +3051,7 @@ static int sctp_setsockopt_peer_primary_addr(struct sock *sk, char __user *optva
3048 3051
3049 sp = sctp_sk(sk); 3052 sp = sctp_sk(sk);
3050 3053
3051 if (!sctp_addip_enable) 3054 if (!net->sctp.addip_enable)
3052 return -EPERM; 3055 return -EPERM;
3053 3056
3054 if (optlen != sizeof(struct sctp_setpeerprim)) 3057 if (optlen != sizeof(struct sctp_setpeerprim))
@@ -3285,9 +3288,10 @@ static int sctp_setsockopt_auth_chunk(struct sock *sk,
3285 char __user *optval, 3288 char __user *optval,
3286 unsigned int optlen) 3289 unsigned int optlen)
3287{ 3290{
3291 struct net *net = sock_net(sk);
3288 struct sctp_authchunk val; 3292 struct sctp_authchunk val;
3289 3293
3290 if (!sctp_auth_enable) 3294 if (!net->sctp.auth_enable)
3291 return -EACCES; 3295 return -EACCES;
3292 3296
3293 if (optlen != sizeof(struct sctp_authchunk)) 3297 if (optlen != sizeof(struct sctp_authchunk))
@@ -3317,11 +3321,12 @@ static int sctp_setsockopt_hmac_ident(struct sock *sk,
3317 char __user *optval, 3321 char __user *optval,
3318 unsigned int optlen) 3322 unsigned int optlen)
3319{ 3323{
3324 struct net *net = sock_net(sk);
3320 struct sctp_hmacalgo *hmacs; 3325 struct sctp_hmacalgo *hmacs;
3321 u32 idents; 3326 u32 idents;
3322 int err; 3327 int err;
3323 3328
3324 if (!sctp_auth_enable) 3329 if (!net->sctp.auth_enable)
3325 return -EACCES; 3330 return -EACCES;
3326 3331
3327 if (optlen < sizeof(struct sctp_hmacalgo)) 3332 if (optlen < sizeof(struct sctp_hmacalgo))
@@ -3354,11 +3359,12 @@ static int sctp_setsockopt_auth_key(struct sock *sk,
3354 char __user *optval, 3359 char __user *optval,
3355 unsigned int optlen) 3360 unsigned int optlen)
3356{ 3361{
3362 struct net *net = sock_net(sk);
3357 struct sctp_authkey *authkey; 3363 struct sctp_authkey *authkey;
3358 struct sctp_association *asoc; 3364 struct sctp_association *asoc;
3359 int ret; 3365 int ret;
3360 3366
3361 if (!sctp_auth_enable) 3367 if (!net->sctp.auth_enable)
3362 return -EACCES; 3368 return -EACCES;
3363 3369
3364 if (optlen <= sizeof(struct sctp_authkey)) 3370 if (optlen <= sizeof(struct sctp_authkey))
@@ -3395,10 +3401,11 @@ static int sctp_setsockopt_active_key(struct sock *sk,
3395 char __user *optval, 3401 char __user *optval,
3396 unsigned int optlen) 3402 unsigned int optlen)
3397{ 3403{
3404 struct net *net = sock_net(sk);
3398 struct sctp_authkeyid val; 3405 struct sctp_authkeyid val;
3399 struct sctp_association *asoc; 3406 struct sctp_association *asoc;
3400 3407
3401 if (!sctp_auth_enable) 3408 if (!net->sctp.auth_enable)
3402 return -EACCES; 3409 return -EACCES;
3403 3410
3404 if (optlen != sizeof(struct sctp_authkeyid)) 3411 if (optlen != sizeof(struct sctp_authkeyid))
@@ -3423,10 +3430,11 @@ static int sctp_setsockopt_del_key(struct sock *sk,
3423 char __user *optval, 3430 char __user *optval,
3424 unsigned int optlen) 3431 unsigned int optlen)
3425{ 3432{
3433 struct net *net = sock_net(sk);
3426 struct sctp_authkeyid val; 3434 struct sctp_authkeyid val;
3427 struct sctp_association *asoc; 3435 struct sctp_association *asoc;
3428 3436
3429 if (!sctp_auth_enable) 3437 if (!net->sctp.auth_enable)
3430 return -EACCES; 3438 return -EACCES;
3431 3439
3432 if (optlen != sizeof(struct sctp_authkeyid)) 3440 if (optlen != sizeof(struct sctp_authkeyid))
@@ -3849,6 +3857,7 @@ out:
3849 */ 3857 */
3850SCTP_STATIC int sctp_init_sock(struct sock *sk) 3858SCTP_STATIC int sctp_init_sock(struct sock *sk)
3851{ 3859{
3860 struct net *net = sock_net(sk);
3852 struct sctp_endpoint *ep; 3861 struct sctp_endpoint *ep;
3853 struct sctp_sock *sp; 3862 struct sctp_sock *sp;
3854 3863
@@ -3878,7 +3887,7 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
3878 sp->default_timetolive = 0; 3887 sp->default_timetolive = 0;
3879 3888
3880 sp->default_rcv_context = 0; 3889 sp->default_rcv_context = 0;
3881 sp->max_burst = sctp_max_burst; 3890 sp->max_burst = net->sctp.max_burst;
3882 3891
3883 /* Initialize default setup parameters. These parameters 3892 /* Initialize default setup parameters. These parameters
3884 * can be modified with the SCTP_INITMSG socket option or 3893 * can be modified with the SCTP_INITMSG socket option or
@@ -3886,24 +3895,24 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
3886 */ 3895 */
3887 sp->initmsg.sinit_num_ostreams = sctp_max_outstreams; 3896 sp->initmsg.sinit_num_ostreams = sctp_max_outstreams;
3888 sp->initmsg.sinit_max_instreams = sctp_max_instreams; 3897 sp->initmsg.sinit_max_instreams = sctp_max_instreams;
3889 sp->initmsg.sinit_max_attempts = sctp_max_retrans_init; 3898 sp->initmsg.sinit_max_attempts = net->sctp.max_retrans_init;
3890 sp->initmsg.sinit_max_init_timeo = sctp_rto_max; 3899 sp->initmsg.sinit_max_init_timeo = net->sctp.rto_max;
3891 3900
3892 /* Initialize default RTO related parameters. These parameters can 3901 /* Initialize default RTO related parameters. These parameters can
3893 * be modified for with the SCTP_RTOINFO socket option. 3902 * be modified for with the SCTP_RTOINFO socket option.
3894 */ 3903 */
3895 sp->rtoinfo.srto_initial = sctp_rto_initial; 3904 sp->rtoinfo.srto_initial = net->sctp.rto_initial;
3896 sp->rtoinfo.srto_max = sctp_rto_max; 3905 sp->rtoinfo.srto_max = net->sctp.rto_max;
3897 sp->rtoinfo.srto_min = sctp_rto_min; 3906 sp->rtoinfo.srto_min = net->sctp.rto_min;
3898 3907
3899 /* Initialize default association related parameters. These parameters 3908 /* Initialize default association related parameters. These parameters
3900 * can be modified with the SCTP_ASSOCINFO socket option. 3909 * can be modified with the SCTP_ASSOCINFO socket option.
3901 */ 3910 */
3902 sp->assocparams.sasoc_asocmaxrxt = sctp_max_retrans_association; 3911 sp->assocparams.sasoc_asocmaxrxt = net->sctp.max_retrans_association;
3903 sp->assocparams.sasoc_number_peer_destinations = 0; 3912 sp->assocparams.sasoc_number_peer_destinations = 0;
3904 sp->assocparams.sasoc_peer_rwnd = 0; 3913 sp->assocparams.sasoc_peer_rwnd = 0;
3905 sp->assocparams.sasoc_local_rwnd = 0; 3914 sp->assocparams.sasoc_local_rwnd = 0;
3906 sp->assocparams.sasoc_cookie_life = sctp_valid_cookie_life; 3915 sp->assocparams.sasoc_cookie_life = net->sctp.valid_cookie_life;
3907 3916
3908 /* Initialize default event subscriptions. By default, all the 3917 /* Initialize default event subscriptions. By default, all the
3909 * options are off. 3918 * options are off.
@@ -3913,10 +3922,10 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
3913 /* Default Peer Address Parameters. These defaults can 3922 /* Default Peer Address Parameters. These defaults can
3914 * be modified via SCTP_PEER_ADDR_PARAMS 3923 * be modified via SCTP_PEER_ADDR_PARAMS
3915 */ 3924 */
3916 sp->hbinterval = sctp_hb_interval; 3925 sp->hbinterval = net->sctp.hb_interval;
3917 sp->pathmaxrxt = sctp_max_retrans_path; 3926 sp->pathmaxrxt = net->sctp.max_retrans_path;
3918 sp->pathmtu = 0; // allow default discovery 3927 sp->pathmtu = 0; // allow default discovery
3919 sp->sackdelay = sctp_sack_timeout; 3928 sp->sackdelay = net->sctp.sack_timeout;
3920 sp->sackfreq = 2; 3929 sp->sackfreq = 2;
3921 sp->param_flags = SPP_HB_ENABLE | 3930 sp->param_flags = SPP_HB_ENABLE |
3922 SPP_PMTUD_ENABLE | 3931 SPP_PMTUD_ENABLE |
@@ -3967,10 +3976,10 @@ SCTP_STATIC int sctp_init_sock(struct sock *sk)
3967 3976
3968 local_bh_disable(); 3977 local_bh_disable();
3969 percpu_counter_inc(&sctp_sockets_allocated); 3978 percpu_counter_inc(&sctp_sockets_allocated);
3970 sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1); 3979 sock_prot_inuse_add(net, sk->sk_prot, 1);
3971 if (sctp_default_auto_asconf) { 3980 if (net->sctp.default_auto_asconf) {
3972 list_add_tail(&sp->auto_asconf_list, 3981 list_add_tail(&sp->auto_asconf_list,
3973 &sock_net(sk)->sctp.auto_asconf_splist); 3982 &net->sctp.auto_asconf_splist);
3974 sp->do_auto_asconf = 1; 3983 sp->do_auto_asconf = 1;
3975 } else 3984 } else
3976 sp->do_auto_asconf = 0; 3985 sp->do_auto_asconf = 0;
@@ -5307,12 +5316,13 @@ static int sctp_getsockopt_maxburst(struct sock *sk, int len,
5307static int sctp_getsockopt_hmac_ident(struct sock *sk, int len, 5316static int sctp_getsockopt_hmac_ident(struct sock *sk, int len,
5308 char __user *optval, int __user *optlen) 5317 char __user *optval, int __user *optlen)
5309{ 5318{
5319 struct net *net = sock_net(sk);
5310 struct sctp_hmacalgo __user *p = (void __user *)optval; 5320 struct sctp_hmacalgo __user *p = (void __user *)optval;
5311 struct sctp_hmac_algo_param *hmacs; 5321 struct sctp_hmac_algo_param *hmacs;
5312 __u16 data_len = 0; 5322 __u16 data_len = 0;
5313 u32 num_idents; 5323 u32 num_idents;
5314 5324
5315 if (!sctp_auth_enable) 5325 if (!net->sctp.auth_enable)
5316 return -EACCES; 5326 return -EACCES;
5317 5327
5318 hmacs = sctp_sk(sk)->ep->auth_hmacs_list; 5328 hmacs = sctp_sk(sk)->ep->auth_hmacs_list;
@@ -5336,10 +5346,11 @@ static int sctp_getsockopt_hmac_ident(struct sock *sk, int len,
5336static int sctp_getsockopt_active_key(struct sock *sk, int len, 5346static int sctp_getsockopt_active_key(struct sock *sk, int len,
5337 char __user *optval, int __user *optlen) 5347 char __user *optval, int __user *optlen)
5338{ 5348{
5349 struct net *net = sock_net(sk);
5339 struct sctp_authkeyid val; 5350 struct sctp_authkeyid val;
5340 struct sctp_association *asoc; 5351 struct sctp_association *asoc;
5341 5352
5342 if (!sctp_auth_enable) 5353 if (!net->sctp.auth_enable)
5343 return -EACCES; 5354 return -EACCES;
5344 5355
5345 if (len < sizeof(struct sctp_authkeyid)) 5356 if (len < sizeof(struct sctp_authkeyid))
@@ -5368,6 +5379,7 @@ static int sctp_getsockopt_active_key(struct sock *sk, int len,
5368static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len, 5379static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len,
5369 char __user *optval, int __user *optlen) 5380 char __user *optval, int __user *optlen)
5370{ 5381{
5382 struct net *net = sock_net(sk);
5371 struct sctp_authchunks __user *p = (void __user *)optval; 5383 struct sctp_authchunks __user *p = (void __user *)optval;
5372 struct sctp_authchunks val; 5384 struct sctp_authchunks val;
5373 struct sctp_association *asoc; 5385 struct sctp_association *asoc;
@@ -5375,7 +5387,7 @@ static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len,
5375 u32 num_chunks = 0; 5387 u32 num_chunks = 0;
5376 char __user *to; 5388 char __user *to;
5377 5389
5378 if (!sctp_auth_enable) 5390 if (!net->sctp.auth_enable)
5379 return -EACCES; 5391 return -EACCES;
5380 5392
5381 if (len < sizeof(struct sctp_authchunks)) 5393 if (len < sizeof(struct sctp_authchunks))
@@ -5411,6 +5423,7 @@ num:
5411static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len, 5423static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len,
5412 char __user *optval, int __user *optlen) 5424 char __user *optval, int __user *optlen)
5413{ 5425{
5426 struct net *net = sock_net(sk);
5414 struct sctp_authchunks __user *p = (void __user *)optval; 5427 struct sctp_authchunks __user *p = (void __user *)optval;
5415 struct sctp_authchunks val; 5428 struct sctp_authchunks val;
5416 struct sctp_association *asoc; 5429 struct sctp_association *asoc;
@@ -5418,7 +5431,7 @@ static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len,
5418 u32 num_chunks = 0; 5431 u32 num_chunks = 0;
5419 char __user *to; 5432 char __user *to;
5420 5433
5421 if (!sctp_auth_enable) 5434 if (!net->sctp.auth_enable)
5422 return -EACCES; 5435 return -EACCES;
5423 5436
5424 if (len < sizeof(struct sctp_authchunks)) 5437 if (len < sizeof(struct sctp_authchunks))
diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c
index bee36c408dd..70e3ba5cb50 100644
--- a/net/sctp/sysctl.c
+++ b/net/sctp/sysctl.c
@@ -64,8 +64,34 @@ extern int sysctl_sctp_wmem[3];
64 64
65static ctl_table sctp_table[] = { 65static ctl_table sctp_table[] = {
66 { 66 {
67 .procname = "sctp_mem",
68 .data = &sysctl_sctp_mem,
69 .maxlen = sizeof(sysctl_sctp_mem),
70 .mode = 0644,
71 .proc_handler = proc_doulongvec_minmax
72 },
73 {
74 .procname = "sctp_rmem",
75 .data = &sysctl_sctp_rmem,
76 .maxlen = sizeof(sysctl_sctp_rmem),
77 .mode = 0644,
78 .proc_handler = proc_dointvec,
79 },
80 {
81 .procname = "sctp_wmem",
82 .data = &sysctl_sctp_wmem,
83 .maxlen = sizeof(sysctl_sctp_wmem),
84 .mode = 0644,
85 .proc_handler = proc_dointvec,
86 },
87
88 { /* sentinel */ }
89};
90
91static ctl_table sctp_net_table[] = {
92 {
67 .procname = "rto_initial", 93 .procname = "rto_initial",
68 .data = &sctp_rto_initial, 94 .data = &init_net.sctp.rto_initial,
69 .maxlen = sizeof(unsigned int), 95 .maxlen = sizeof(unsigned int),
70 .mode = 0644, 96 .mode = 0644,
71 .proc_handler = proc_dointvec_minmax, 97 .proc_handler = proc_dointvec_minmax,
@@ -74,7 +100,7 @@ static ctl_table sctp_table[] = {
74 }, 100 },
75 { 101 {
76 .procname = "rto_min", 102 .procname = "rto_min",
77 .data = &sctp_rto_min, 103 .data = &init_net.sctp.rto_min,
78 .maxlen = sizeof(unsigned int), 104 .maxlen = sizeof(unsigned int),
79 .mode = 0644, 105 .mode = 0644,
80 .proc_handler = proc_dointvec_minmax, 106 .proc_handler = proc_dointvec_minmax,
@@ -83,7 +109,7 @@ static ctl_table sctp_table[] = {
83 }, 109 },
84 { 110 {
85 .procname = "rto_max", 111 .procname = "rto_max",
86 .data = &sctp_rto_max, 112 .data = &init_net.sctp.rto_max,
87 .maxlen = sizeof(unsigned int), 113 .maxlen = sizeof(unsigned int),
88 .mode = 0644, 114 .mode = 0644,
89 .proc_handler = proc_dointvec_minmax, 115 .proc_handler = proc_dointvec_minmax,
@@ -91,17 +117,22 @@ static ctl_table sctp_table[] = {
91 .extra2 = &timer_max 117 .extra2 = &timer_max
92 }, 118 },
93 { 119 {
94 .procname = "valid_cookie_life", 120 .procname = "rto_alpha_exp_divisor",
95 .data = &sctp_valid_cookie_life, 121 .data = &init_net.sctp.rto_alpha,
96 .maxlen = sizeof(unsigned int), 122 .maxlen = sizeof(int),
97 .mode = 0644, 123 .mode = 0444,
98 .proc_handler = proc_dointvec_minmax, 124 .proc_handler = proc_dointvec,
99 .extra1 = &one, 125 },
100 .extra2 = &timer_max 126 {
127 .procname = "rto_beta_exp_divisor",
128 .data = &init_net.sctp.rto_beta,
129 .maxlen = sizeof(int),
130 .mode = 0444,
131 .proc_handler = proc_dointvec,
101 }, 132 },
102 { 133 {
103 .procname = "max_burst", 134 .procname = "max_burst",
104 .data = &sctp_max_burst, 135 .data = &init_net.sctp.max_burst,
105 .maxlen = sizeof(int), 136 .maxlen = sizeof(int),
106 .mode = 0644, 137 .mode = 0644,
107 .proc_handler = proc_dointvec_minmax, 138 .proc_handler = proc_dointvec_minmax,
@@ -109,31 +140,42 @@ static ctl_table sctp_table[] = {
109 .extra2 = &int_max 140 .extra2 = &int_max
110 }, 141 },
111 { 142 {
112 .procname = "association_max_retrans", 143 .procname = "cookie_preserve_enable",
113 .data = &sctp_max_retrans_association, 144 .data = &init_net.sctp.cookie_preserve_enable,
114 .maxlen = sizeof(int), 145 .maxlen = sizeof(int),
115 .mode = 0644, 146 .mode = 0644,
147 .proc_handler = proc_dointvec,
148 },
149 {
150 .procname = "valid_cookie_life",
151 .data = &init_net.sctp.valid_cookie_life,
152 .maxlen = sizeof(unsigned int),
153 .mode = 0644,
116 .proc_handler = proc_dointvec_minmax, 154 .proc_handler = proc_dointvec_minmax,
117 .extra1 = &one, 155 .extra1 = &one,
118 .extra2 = &int_max 156 .extra2 = &timer_max
119 }, 157 },
120 { 158 {
121 .procname = "sndbuf_policy", 159 .procname = "sack_timeout",
122 .data = &sctp_sndbuf_policy, 160 .data = &init_net.sctp.sack_timeout,
123 .maxlen = sizeof(int), 161 .maxlen = sizeof(int),
124 .mode = 0644, 162 .mode = 0644,
125 .proc_handler = proc_dointvec, 163 .proc_handler = proc_dointvec_minmax,
164 .extra1 = &sack_timer_min,
165 .extra2 = &sack_timer_max,
126 }, 166 },
127 { 167 {
128 .procname = "rcvbuf_policy", 168 .procname = "hb_interval",
129 .data = &sctp_rcvbuf_policy, 169 .data = &init_net.sctp.hb_interval,
130 .maxlen = sizeof(int), 170 .maxlen = sizeof(unsigned int),
131 .mode = 0644, 171 .mode = 0644,
132 .proc_handler = proc_dointvec, 172 .proc_handler = proc_dointvec_minmax,
173 .extra1 = &one,
174 .extra2 = &timer_max
133 }, 175 },
134 { 176 {
135 .procname = "path_max_retrans", 177 .procname = "association_max_retrans",
136 .data = &sctp_max_retrans_path, 178 .data = &init_net.sctp.max_retrans_association,
137 .maxlen = sizeof(int), 179 .maxlen = sizeof(int),
138 .mode = 0644, 180 .mode = 0644,
139 .proc_handler = proc_dointvec_minmax, 181 .proc_handler = proc_dointvec_minmax,
@@ -141,17 +183,17 @@ static ctl_table sctp_table[] = {
141 .extra2 = &int_max 183 .extra2 = &int_max
142 }, 184 },
143 { 185 {
144 .procname = "pf_retrans", 186 .procname = "path_max_retrans",
145 .data = &sctp_pf_retrans, 187 .data = &init_net.sctp.max_retrans_path,
146 .maxlen = sizeof(int), 188 .maxlen = sizeof(int),
147 .mode = 0644, 189 .mode = 0644,
148 .proc_handler = proc_dointvec_minmax, 190 .proc_handler = proc_dointvec_minmax,
149 .extra1 = &zero, 191 .extra1 = &one,
150 .extra2 = &int_max 192 .extra2 = &int_max
151 }, 193 },
152 { 194 {
153 .procname = "max_init_retransmits", 195 .procname = "max_init_retransmits",
154 .data = &sctp_max_retrans_init, 196 .data = &init_net.sctp.max_retrans_init,
155 .maxlen = sizeof(int), 197 .maxlen = sizeof(int),
156 .mode = 0644, 198 .mode = 0644,
157 .proc_handler = proc_dointvec_minmax, 199 .proc_handler = proc_dointvec_minmax,
@@ -159,103 +201,66 @@ static ctl_table sctp_table[] = {
159 .extra2 = &int_max 201 .extra2 = &int_max
160 }, 202 },
161 { 203 {
162 .procname = "hb_interval", 204 .procname = "pf_retrans",
163 .data = &sctp_hb_interval, 205 .data = &init_net.sctp.pf_retrans,
164 .maxlen = sizeof(unsigned int), 206 .maxlen = sizeof(int),
165 .mode = 0644, 207 .mode = 0644,
166 .proc_handler = proc_dointvec_minmax, 208 .proc_handler = proc_dointvec_minmax,
167 .extra1 = &one, 209 .extra1 = &zero,
168 .extra2 = &timer_max 210 .extra2 = &int_max
169 }, 211 },
170 { 212 {
171 .procname = "cookie_preserve_enable", 213 .procname = "sndbuf_policy",
172 .data = &sctp_cookie_preserve_enable, 214 .data = &init_net.sctp.sndbuf_policy,
173 .maxlen = sizeof(int), 215 .maxlen = sizeof(int),
174 .mode = 0644, 216 .mode = 0644,
175 .proc_handler = proc_dointvec, 217 .proc_handler = proc_dointvec,
176 }, 218 },
177 { 219 {
178 .procname = "rto_alpha_exp_divisor", 220 .procname = "rcvbuf_policy",
179 .data = &sctp_rto_alpha, 221 .data = &init_net.sctp.rcvbuf_policy,
180 .maxlen = sizeof(int),
181 .mode = 0444,
182 .proc_handler = proc_dointvec,
183 },
184 {
185 .procname = "rto_beta_exp_divisor",
186 .data = &sctp_rto_beta,
187 .maxlen = sizeof(int),
188 .mode = 0444,
189 .proc_handler = proc_dointvec,
190 },
191 {
192 .procname = "addip_enable",
193 .data = &sctp_addip_enable,
194 .maxlen = sizeof(int), 222 .maxlen = sizeof(int),
195 .mode = 0644, 223 .mode = 0644,
196 .proc_handler = proc_dointvec, 224 .proc_handler = proc_dointvec,
197 }, 225 },
198 { 226 {
199 .procname = "default_auto_asconf", 227 .procname = "default_auto_asconf",
200 .data = &sctp_default_auto_asconf, 228 .data = &init_net.sctp.default_auto_asconf,
201 .maxlen = sizeof(int), 229 .maxlen = sizeof(int),
202 .mode = 0644, 230 .mode = 0644,
203 .proc_handler = proc_dointvec, 231 .proc_handler = proc_dointvec,
204 }, 232 },
205 { 233 {
206 .procname = "prsctp_enable", 234 .procname = "addip_enable",
207 .data = &sctp_prsctp_enable, 235 .data = &init_net.sctp.addip_enable,
208 .maxlen = sizeof(int), 236 .maxlen = sizeof(int),
209 .mode = 0644, 237 .mode = 0644,
210 .proc_handler = proc_dointvec, 238 .proc_handler = proc_dointvec,
211 }, 239 },
212 { 240 {
213 .procname = "sack_timeout", 241 .procname = "addip_noauth_enable",
214 .data = &sctp_sack_timeout, 242 .data = &init_net.sctp.addip_noauth,
215 .maxlen = sizeof(int), 243 .maxlen = sizeof(int),
216 .mode = 0644, 244 .mode = 0644,
217 .proc_handler = proc_dointvec_minmax,
218 .extra1 = &sack_timer_min,
219 .extra2 = &sack_timer_max,
220 },
221 {
222 .procname = "sctp_mem",
223 .data = &sysctl_sctp_mem,
224 .maxlen = sizeof(sysctl_sctp_mem),
225 .mode = 0644,
226 .proc_handler = proc_doulongvec_minmax
227 },
228 {
229 .procname = "sctp_rmem",
230 .data = &sysctl_sctp_rmem,
231 .maxlen = sizeof(sysctl_sctp_rmem),
232 .mode = 0644,
233 .proc_handler = proc_dointvec, 245 .proc_handler = proc_dointvec,
234 }, 246 },
235 { 247 {
236 .procname = "sctp_wmem", 248 .procname = "prsctp_enable",
237 .data = &sysctl_sctp_wmem, 249 .data = &init_net.sctp.prsctp_enable,
238 .maxlen = sizeof(sysctl_sctp_wmem),
239 .mode = 0644,
240 .proc_handler = proc_dointvec,
241 },
242 {
243 .procname = "auth_enable",
244 .data = &sctp_auth_enable,
245 .maxlen = sizeof(int), 250 .maxlen = sizeof(int),
246 .mode = 0644, 251 .mode = 0644,
247 .proc_handler = proc_dointvec, 252 .proc_handler = proc_dointvec,
248 }, 253 },
249 { 254 {
250 .procname = "addip_noauth_enable", 255 .procname = "auth_enable",
251 .data = &sctp_addip_noauth, 256 .data = &init_net.sctp.auth_enable,
252 .maxlen = sizeof(int), 257 .maxlen = sizeof(int),
253 .mode = 0644, 258 .mode = 0644,
254 .proc_handler = proc_dointvec, 259 .proc_handler = proc_dointvec,
255 }, 260 },
256 { 261 {
257 .procname = "addr_scope_policy", 262 .procname = "addr_scope_policy",
258 .data = &sctp_scope_policy, 263 .data = &init_net.sctp.scope_policy,
259 .maxlen = sizeof(int), 264 .maxlen = sizeof(int),
260 .mode = 0644, 265 .mode = 0644,
261 .proc_handler = proc_dointvec_minmax, 266 .proc_handler = proc_dointvec_minmax,
@@ -264,7 +269,7 @@ static ctl_table sctp_table[] = {
264 }, 269 },
265 { 270 {
266 .procname = "rwnd_update_shift", 271 .procname = "rwnd_update_shift",
267 .data = &sctp_rwnd_upd_shift, 272 .data = &init_net.sctp.rwnd_upd_shift,
268 .maxlen = sizeof(int), 273 .maxlen = sizeof(int),
269 .mode = 0644, 274 .mode = 0644,
270 .proc_handler = &proc_dointvec_minmax, 275 .proc_handler = &proc_dointvec_minmax,
@@ -273,7 +278,7 @@ static ctl_table sctp_table[] = {
273 }, 278 },
274 { 279 {
275 .procname = "max_autoclose", 280 .procname = "max_autoclose",
276 .data = &sctp_max_autoclose, 281 .data = &init_net.sctp.max_autoclose,
277 .maxlen = sizeof(unsigned long), 282 .maxlen = sizeof(unsigned long),
278 .mode = 0644, 283 .mode = 0644,
279 .proc_handler = &proc_doulongvec_minmax, 284 .proc_handler = &proc_doulongvec_minmax,
@@ -284,18 +289,18 @@ static ctl_table sctp_table[] = {
284 { /* sentinel */ } 289 { /* sentinel */ }
285}; 290};
286 291
287static ctl_table sctp_net_table[] = {
288 { /* sentinel */ }
289};
290
291int sctp_sysctl_net_register(struct net *net) 292int sctp_sysctl_net_register(struct net *net)
292{ 293{
293 struct ctl_table *table; 294 struct ctl_table *table;
295 int i;
294 296
295 table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL); 297 table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL);
296 if (!table) 298 if (!table)
297 return -ENOMEM; 299 return -ENOMEM;
298 300
301 for (i = 0; table[i].data; i++)
302 table[i].data += (char *)(&net->sctp) - (char *)&init_net.sctp;
303
299 net->sctp.sysctl_header = register_net_sysctl(net, "net/sctp", table); 304 net->sctp.sysctl_header = register_net_sysctl(net, "net/sctp", table);
300 return 0; 305 return 0;
301} 306}
diff --git a/net/sctp/transport.c b/net/sctp/transport.c
index aada963c9d6..953c21e4af9 100644
--- a/net/sctp/transport.c
+++ b/net/sctp/transport.c
@@ -77,7 +77,7 @@ static struct sctp_transport *sctp_transport_init(struct net *net,
77 * given destination transport address, set RTO to the protocol 77 * given destination transport address, set RTO to the protocol
78 * parameter 'RTO.Initial'. 78 * parameter 'RTO.Initial'.
79 */ 79 */
80 peer->rto = msecs_to_jiffies(sctp_rto_initial); 80 peer->rto = msecs_to_jiffies(net->sctp.rto_initial);
81 81
82 peer->last_time_heard = jiffies; 82 peer->last_time_heard = jiffies;
83 peer->last_time_ecne_reduced = jiffies; 83 peer->last_time_ecne_reduced = jiffies;
@@ -87,8 +87,8 @@ static struct sctp_transport *sctp_transport_init(struct net *net,
87 SPP_SACKDELAY_ENABLE; 87 SPP_SACKDELAY_ENABLE;
88 88
89 /* Initialize the default path max_retrans. */ 89 /* Initialize the default path max_retrans. */
90 peer->pathmaxrxt = sctp_max_retrans_path; 90 peer->pathmaxrxt = net->sctp.max_retrans_path;
91 peer->pf_retrans = sctp_pf_retrans; 91 peer->pf_retrans = net->sctp.pf_retrans;
92 92
93 INIT_LIST_HEAD(&peer->transmitted); 93 INIT_LIST_HEAD(&peer->transmitted);
94 INIT_LIST_HEAD(&peer->send_ready); 94 INIT_LIST_HEAD(&peer->send_ready);
@@ -318,6 +318,7 @@ void sctp_transport_update_rto(struct sctp_transport *tp, __u32 rtt)
318 SCTP_ASSERT(tp->rto_pending, "rto_pending not set", return); 318 SCTP_ASSERT(tp->rto_pending, "rto_pending not set", return);
319 319
320 if (tp->rttvar || tp->srtt) { 320 if (tp->rttvar || tp->srtt) {
321 struct net *net = sock_net(tp->asoc->base.sk);
321 /* 6.3.1 C3) When a new RTT measurement R' is made, set 322 /* 6.3.1 C3) When a new RTT measurement R' is made, set
322 * RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'| 323 * RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'|
323 * SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R' 324 * SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R'
@@ -329,10 +330,10 @@ void sctp_transport_update_rto(struct sctp_transport *tp, __u32 rtt)
329 * For example, assuming the default value of RTO.Alpha of 330 * For example, assuming the default value of RTO.Alpha of
330 * 1/8, rto_alpha would be expressed as 3. 331 * 1/8, rto_alpha would be expressed as 3.
331 */ 332 */
332 tp->rttvar = tp->rttvar - (tp->rttvar >> sctp_rto_beta) 333 tp->rttvar = tp->rttvar - (tp->rttvar >> net->sctp.rto_beta)
333 + ((abs(tp->srtt - rtt)) >> sctp_rto_beta); 334 + ((abs(tp->srtt - rtt)) >> net->sctp.rto_beta);
334 tp->srtt = tp->srtt - (tp->srtt >> sctp_rto_alpha) 335 tp->srtt = tp->srtt - (tp->srtt >> net->sctp.rto_alpha)
335 + (rtt >> sctp_rto_alpha); 336 + (rtt >> net->sctp.rto_alpha);
336 } else { 337 } else {
337 /* 6.3.1 C2) When the first RTT measurement R is made, set 338 /* 6.3.1 C2) When the first RTT measurement R is made, set
338 * SRTT <- R, RTTVAR <- R/2. 339 * SRTT <- R, RTTVAR <- R/2.
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-17 13:29:30 -0400