• Xin Long's avatar
    sctp: add encap_err_lookup for udp encap socks · 89ba4917
    Xin Long authored
    As it says in rfc6951#section-5.5:
    
      "When receiving ICMP or ICMPv6 response packets, there might not be
       enough bytes in the payload to identify the SCTP association that the
       SCTP packet triggering the ICMP or ICMPv6 packet belongs to.  If a
       received ICMP or ICMPv6 packet cannot be related to a specific SCTP
       association or the verification tag cannot be verified, it MUST be
       discarded silently.  In particular, this means that the SCTP stack
       MUST NOT rely on receiving ICMP or ICMPv6 messages.  Implementation
       constraints could prevent processing received ICMP or ICMPv6
       messages."
    
    ICMP or ICMPv6 packets need to be handled, and this is implemented by
    udp encap sock .encap_err_lookup function.
    
    The .encap_err_lookup function is called in __udp(6)_lib_err_encap()
    to confirm this path does need to be updated. For sctp, what we can
    do here is check if the corresponding asoc and transport exist.
    
    Note that icmp packet process for sctp over udp is done by udp sock
    .encap_err_lookup(), and it means for now we can't do as much as
    sctp_v4/6_err() does. Also we can't do the two mappings mentioned
    in rfc6951#section-5.5.
    Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
    Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
    Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
    89ba4917
protocol.c 45.2 KB