1 files changed, 17 insertions, 15 deletions
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 3a1767ef3201..fee5552ddf92 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -219,6 +219,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
                             gfp_t gfp, int vparam_len)
 {
        struct net *net = sock_net(asoc->base.sk);
+        struct sctp_endpoint *ep = asoc->ep;
        sctp_inithdr_t init;
        union sctp_params addrs;
        size_t chunksize;
@@ -278,7 +279,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
        chunksize += vparam_len;
        /* Account for AUTH related parameters */
-        if (net->sctp.auth_enable) {
+        if (ep->auth_enable) {
                /* Add random parameter length*/
                chunksize += sizeof(asoc->c.auth_random);
@@ -363,7 +364,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
        }
        /* Add SCTP-AUTH chunks to the parameter list */
-        if (net->sctp.auth_enable) {
+        if (ep->auth_enable) {
                sctp_addto_chunk(retval, sizeof(asoc->c.auth_random),
                                 asoc->c.auth_random);
                if (auth_hmacs)
@@ -2010,7 +2011,7 @@ static void sctp_process_ext_param(struct sctp_association *asoc,
                        /* if the peer reports AUTH, assume that he
                         * supports AUTH.
                         */
-                        if (net->sctp.auth_enable)
+                        if (asoc->ep->auth_enable)
                                asoc->peer.auth_capable = 1;
                        break;
                case SCTP_CID_ASCONF:
@@ -2102,6 +2103,7 @@ static sctp_ierror_t sctp_process_unk_param(const struct sctp_association *asoc,
 *      SCTP_IERROR_NO_ERROR - continue with the chunk
 */
 static sctp_ierror_t sctp_verify_param(struct net *net,
+                                        const struct sctp_endpoint *ep,
                                        const struct sctp_association *asoc,
                                        union sctp_params param,
                                        sctp_cid_t cid,
@@ -2152,7 +2154,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
                goto fallthrough;
        case SCTP_PARAM_RANDOM:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fallthrough;
                /* SCTP-AUTH: Secion 6.1
@@ -2169,7 +2171,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
                break;
        case SCTP_PARAM_CHUNKS:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fallthrough;
                /* SCTP-AUTH: Section 3.2
@@ -2185,7 +2187,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
                break;
        case SCTP_PARAM_HMAC_ALGO:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fallthrough;
                hmacs = (struct sctp_hmac_algo_param *)param.p;
@@ -2220,10 +2222,9 @@ fallthrough:
 }
 /* Verify the INIT packet before we process it.  */
-int sctp_verify_init(struct net *net, const struct sctp_association *asoc,
+int sctp_verify_init(struct net *net, const struct sctp_endpoint *ep,
-                     sctp_cid_t cid,
+                     const struct sctp_association *asoc, sctp_cid_t cid,
-                     sctp_init_chunk_t *peer_init,
+                     sctp_init_chunk_t *peer_init, struct sctp_chunk *chunk,
-                     struct sctp_chunk *chunk,
                     struct sctp_chunk **errp)
 {
        union sctp_params param;
@@ -2264,8 +2265,8 @@ int sctp_verify_init(struct net *net, const struct sctp_association *asoc,
        /* Verify all the variable length parameters */
        sctp_walk_params(param, peer_init, init_hdr.params) {
+                result = sctp_verify_param(net, ep, asoc, param, cid,
-                result = sctp_verify_param(net, asoc, param, cid, chunk, errp);
+                                           chunk, errp);
                switch (result) {
                case SCTP_IERROR_ABORT:
                case SCTP_IERROR_NOMEM:
@@ -2497,6 +2498,7 @@ static int sctp_process_param(struct sctp_association *asoc,
        struct sctp_af *af;
        union sctp_addr_param *addr_param;
        struct sctp_transport *t;
+        struct sctp_endpoint *ep = asoc->ep;
        /* We maintain all INIT parameters in network byte order all the
         * time.  This allows us to not worry about whether the parameters
@@ -2636,7 +2638,7 @@ do_addr_param:
                goto fall_through;
        case SCTP_PARAM_RANDOM:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fall_through;
                /* Save peer's random parameter */
@@ -2649,7 +2651,7 @@ do_addr_param:
                break;
        case SCTP_PARAM_HMAC_ALGO:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fall_through;
                /* Save peer's HMAC list */
@@ -2665,7 +2667,7 @@ do_addr_param:
                break;
        case SCTP_PARAM_CHUNKS:
-                if (!net->sctp.auth_enable)
+                if (!ep->auth_enable)
                        goto fall_through;
                asoc->peer.peer_chunks = kmemdup(param.p,

diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c index 3a1767ef3201..fee5552ddf92 100644 --- a/net/sctp/sm_make_chunk.c +++ b/net/sctp/sm_make_chunk.c
@@ -219,6 +219,7 @@ struct sctp_chunk sctp_make_init(const struct sctp_association asoc,
219	gfp_t gfp, int vparam_len)	219	gfp_t gfp, int vparam_len)
220	{	220	{
221	struct net *net = sock_net(asoc->base.sk);	221	struct net *net = sock_net(asoc->base.sk);
		222	struct sctp_endpoint *ep = asoc->ep;
222	sctp_inithdr_t init;	223	sctp_inithdr_t init;
223	union sctp_params addrs;	224	union sctp_params addrs;
224	size_t chunksize;	225	size_t chunksize;
@@ -278,7 +279,7 @@ struct sctp_chunk sctp_make_init(const struct sctp_association asoc,
278	chunksize += vparam_len;	279	chunksize += vparam_len;
279		280
280	/* Account for AUTH related parameters */	281	/* Account for AUTH related parameters */
281	if (net->sctp.auth_enable) {	282	if (ep->auth_enable) {
282	/* Add random parameter length*/	283	/* Add random parameter length*/
283	chunksize += sizeof(asoc->c.auth_random);	284	chunksize += sizeof(asoc->c.auth_random);
284		285
@@ -363,7 +364,7 @@ struct sctp_chunk sctp_make_init(const struct sctp_association asoc,
363	}	364	}
364		365
365	/* Add SCTP-AUTH chunks to the parameter list */	366	/* Add SCTP-AUTH chunks to the parameter list */
366	if (net->sctp.auth_enable) {	367	if (ep->auth_enable) {
367	sctp_addto_chunk(retval, sizeof(asoc->c.auth_random),	368	sctp_addto_chunk(retval, sizeof(asoc->c.auth_random),
368	asoc->c.auth_random);	369	asoc->c.auth_random);
369	if (auth_hmacs)	370	if (auth_hmacs)
@@ -2010,7 +2011,7 @@ static void sctp_process_ext_param(struct sctp_association *asoc,
2010	/* if the peer reports AUTH, assume that he	2011	/* if the peer reports AUTH, assume that he
2011	* supports AUTH.	2012	* supports AUTH.
2012	*/	2013	*/
2013	if (net->sctp.auth_enable)	2014	if (asoc->ep->auth_enable)
2014	asoc->peer.auth_capable = 1;	2015	asoc->peer.auth_capable = 1;
2015	break;	2016	break;
2016	case SCTP_CID_ASCONF:	2017	case SCTP_CID_ASCONF:
@@ -2102,6 +2103,7 @@ static sctp_ierror_t sctp_process_unk_param(const struct sctp_association *asoc,
2102	* SCTP_IERROR_NO_ERROR - continue with the chunk	2103	* SCTP_IERROR_NO_ERROR - continue with the chunk
2103	*/	2104	*/
2104	static sctp_ierror_t sctp_verify_param(struct net *net,	2105	static sctp_ierror_t sctp_verify_param(struct net *net,
		2106	const struct sctp_endpoint *ep,
2105	const struct sctp_association *asoc,	2107	const struct sctp_association *asoc,
2106	union sctp_params param,	2108	union sctp_params param,
2107	sctp_cid_t cid,	2109	sctp_cid_t cid,
@@ -2152,7 +2154,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
2152	goto fallthrough;	2154	goto fallthrough;
2153		2155
2154	case SCTP_PARAM_RANDOM:	2156	case SCTP_PARAM_RANDOM:
2155	if (!net->sctp.auth_enable)	2157	if (!ep->auth_enable)
2156	goto fallthrough;	2158	goto fallthrough;
2157		2159
2158	/* SCTP-AUTH: Secion 6.1	2160	/* SCTP-AUTH: Secion 6.1
@@ -2169,7 +2171,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
2169	break;	2171	break;
2170		2172
2171	case SCTP_PARAM_CHUNKS:	2173	case SCTP_PARAM_CHUNKS:
2172	if (!net->sctp.auth_enable)	2174	if (!ep->auth_enable)
2173	goto fallthrough;	2175	goto fallthrough;
2174		2176
2175	/* SCTP-AUTH: Section 3.2	2177	/* SCTP-AUTH: Section 3.2
@@ -2185,7 +2187,7 @@ static sctp_ierror_t sctp_verify_param(struct net *net,
2185	break;	2187	break;
2186		2188
2187	case SCTP_PARAM_HMAC_ALGO:	2189	case SCTP_PARAM_HMAC_ALGO:
2188	if (!net->sctp.auth_enable)	2190	if (!ep->auth_enable)
2189	goto fallthrough;	2191	goto fallthrough;
2190		2192
2191	hmacs = (struct sctp_hmac_algo_param *)param.p;	2193	hmacs = (struct sctp_hmac_algo_param *)param.p;
@@ -2220,10 +2222,9 @@ fallthrough:
2220	}	2222	}
2221		2223
2222	/* Verify the INIT packet before we process it. */	2224	/* Verify the INIT packet before we process it. */
2223	int sctp_verify_init(struct net net, const struct sctp_association asoc,	2225	int sctp_verify_init(struct net net, const struct sctp_endpoint ep,
2224	sctp_cid_t cid,	2226	const struct sctp_association *asoc, sctp_cid_t cid,
2225	sctp_init_chunk_t *peer_init,	2227	sctp_init_chunk_t peer_init, struct sctp_chunk chunk,
2226	struct sctp_chunk *chunk,
2227	struct sctp_chunk **errp)	2228	struct sctp_chunk **errp)
2228	{	2229	{
2229	union sctp_params param;	2230	union sctp_params param;
@@ -2264,8 +2265,8 @@ int sctp_verify_init(struct net net, const struct sctp_association asoc,
2264		2265
2265	/* Verify all the variable length parameters */	2266	/* Verify all the variable length parameters */
2266	sctp_walk_params(param, peer_init, init_hdr.params) {	2267	sctp_walk_params(param, peer_init, init_hdr.params) {
2267		2268	result = sctp_verify_param(net, ep, asoc, param, cid,
2268	result = sctp_verify_param(net, asoc, param, cid, chunk, errp);	2269	chunk, errp);
2269	switch (result) {	2270	switch (result) {
2270	case SCTP_IERROR_ABORT:	2271	case SCTP_IERROR_ABORT:
2271	case SCTP_IERROR_NOMEM:	2272	case SCTP_IERROR_NOMEM:
@@ -2497,6 +2498,7 @@ static int sctp_process_param(struct sctp_association *asoc,
2497	struct sctp_af *af;	2498	struct sctp_af *af;
2498	union sctp_addr_param *addr_param;	2499	union sctp_addr_param *addr_param;
2499	struct sctp_transport *t;	2500	struct sctp_transport *t;
		2501	struct sctp_endpoint *ep = asoc->ep;
2500		2502
2501	/* We maintain all INIT parameters in network byte order all the	2503	/* We maintain all INIT parameters in network byte order all the
2502	* time. This allows us to not worry about whether the parameters	2504	* time. This allows us to not worry about whether the parameters
@@ -2636,7 +2638,7 @@ do_addr_param:
2636	goto fall_through;	2638	goto fall_through;
2637		2639
2638	case SCTP_PARAM_RANDOM:	2640	case SCTP_PARAM_RANDOM:
2639	if (!net->sctp.auth_enable)	2641	if (!ep->auth_enable)
2640	goto fall_through;	2642	goto fall_through;
2641		2643
2642	/* Save peer's random parameter */	2644	/* Save peer's random parameter */
@@ -2649,7 +2651,7 @@ do_addr_param:
2649	break;	2651	break;
2650		2652
2651	case SCTP_PARAM_HMAC_ALGO:	2653	case SCTP_PARAM_HMAC_ALGO:
2652	if (!net->sctp.auth_enable)	2654	if (!ep->auth_enable)
2653	goto fall_through;	2655	goto fall_through;
2654		2656
2655	/* Save peer's HMAC list */	2657	/* Save peer's HMAC list */
@@ -2665,7 +2667,7 @@ do_addr_param:
2665	break;	2667	break;
2666		2668
2667	case SCTP_PARAM_CHUNKS:	2669	case SCTP_PARAM_CHUNKS:
2668	if (!net->sctp.auth_enable)	2670	if (!ep->auth_enable)
2669	goto fall_through;	2671	goto fall_through;
2670		2672
2671	asoc->peer.peer_chunks = kmemdup(param.p,	2673	asoc->peer.peer_chunks = kmemdup(param.p,