]> bbs.cooldavid.org Git - net-next-2.6.git/blame - net/ipv6/ip6_output.c
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[IPV6]: Added GSO support for TCPv6
[net-next-2.6.git] / net / ipv6 / ip6_output.c
CommitLineData
1da177e4
LT		 1/*
2 * IPv6 output functions
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * $Id: ip6_output.c,v 1.34 2002/02/01 22:01:04 davem Exp $
9 *
10 * Based on linux/net/ipv4/ip_output.c
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version
15 * 2 of the License, or (at your option) any later version.
16 *
17 * Changes:
18 * A.N.Kuznetsov : airthmetics in fragmentation.
19 * extension headers are implemented.
20 * route changes now work.
21 * ip6_forward does not confuse sniffers.
22 * etc.
23 *
24 * H. von Brand : Added missing #include <linux/string.h>
25 * Imran Patel : frag id should be in NBO
26 * Kazunori MIYAZAWA @USAGI
27 * : add ip6_append_data and related functions
28 * for datagram xmit
29 */
30
31#include <linux/config.h>
32#include <linux/errno.h>
33#include <linux/types.h>
34#include <linux/string.h>
35#include <linux/socket.h>
36#include <linux/net.h>
37#include <linux/netdevice.h>
38#include <linux/if_arp.h>
39#include <linux/in6.h>
40#include <linux/tcp.h>
41#include <linux/route.h>
b59f45d0 42#include <linux/module.h>
1da177e4
LT		 43
44#include <linux/netfilter.h>
45#include <linux/netfilter_ipv6.h>
46
47#include <net/sock.h>
48#include <net/snmp.h>
49
50#include <net/ipv6.h>
51#include <net/ndisc.h>
52#include <net/protocol.h>
53#include <net/ip6_route.h>
54#include <net/addrconf.h>
55#include <net/rawv6.h>
56#include <net/icmp.h>
57#include <net/xfrm.h>
58#include <net/checksum.h>
59
60static int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *));
61
62static __inline__ void ipv6_select_ident(struct sk_buff *skb, struct frag_hdr *fhdr)
63{
64 static u32 ipv6_fragmentation_id = 1;
65 static DEFINE_SPINLOCK(ip6_id_lock);
66
67 spin_lock_bh(&ip6_id_lock);
68 fhdr->identification = htonl(ipv6_fragmentation_id);
69 if (++ipv6_fragmentation_id == 0)
70 ipv6_fragmentation_id = 1;
71 spin_unlock_bh(&ip6_id_lock);
72}
73
74static inline int ip6_output_finish(struct sk_buff *skb)
75{
76
77 struct dst_entry *dst = skb->dst;
78 struct hh_cache *hh = dst->hh;
79
80 if (hh) {
81 int hh_alen;
82
83 read_lock_bh(&hh->hh_lock);
84 hh_alen = HH_DATA_ALIGN(hh->hh_len);
85 memcpy(skb->data - hh_alen, hh->hh_data, hh_alen);
86 read_unlock_bh(&hh->hh_lock);
87 skb_push(skb, hh->hh_len);
88 return hh->hh_output(skb);
89 } else if (dst->neighbour)
90 return dst->neighbour->output(skb);
91
92 IP6_INC_STATS_BH(IPSTATS_MIB_OUTNOROUTES);
93 kfree_skb(skb);
94 return -EINVAL;
95
96}
97
98/* dev_loopback_xmit for use with netfilter. */
99static int ip6_dev_loopback_xmit(struct sk_buff *newskb)
100{
101 newskb->mac.raw = newskb->data;
102 __skb_pull(newskb, newskb->nh.raw - newskb->data);
103 newskb->pkt_type = PACKET_LOOPBACK;
104 newskb->ip_summed = CHECKSUM_UNNECESSARY;
105 BUG_TRAP(newskb->dst);
106
107 netif_rx(newskb);
108 return 0;
109}
110
111
112static int ip6_output2(struct sk_buff *skb)
113{
114 struct dst_entry *dst = skb->dst;
115 struct net_device *dev = dst->dev;
116
117 skb->protocol = htons(ETH_P_IPV6);
118 skb->dev = dev;
119
120 if (ipv6_addr_is_multicast(&skb->nh.ipv6h->daddr)) {
121 struct ipv6_pinfo* np = skb->sk ? inet6_sk(skb->sk) : NULL;
122
123 if (!(dev->flags & IFF_LOOPBACK) && (!np || np->mc_loop) &&
124 ipv6_chk_mcast_addr(dev, &skb->nh.ipv6h->daddr,
125 &skb->nh.ipv6h->saddr)) {
126 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
127
128 /* Do not check for IFF_ALLMULTI; multicast routing
129 is not supported in any case.
130 */
131 if (newskb)
132 NF_HOOK(PF_INET6, NF_IP6_POST_ROUTING, newskb, NULL,
133 newskb->dev,
134 ip6_dev_loopback_xmit);
135
136 if (skb->nh.ipv6h->hop_limit == 0) {
137 IP6_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
138 kfree_skb(skb);
139 return 0;
140 }
141 }
142
143 IP6_INC_STATS(IPSTATS_MIB_OUTMCASTPKTS);
144 }
145
146 return NF_HOOK(PF_INET6, NF_IP6_POST_ROUTING, skb,NULL, skb->dev,ip6_output_finish);
147}
148
149int ip6_output(struct sk_buff *skb)
150{
7967168c 151 if ((skb->len > dst_mtu(skb->dst) && !skb_shinfo(skb)->gso_size) ||
e89e9cf5 152 dst_allfrag(skb->dst))
1da177e4
LT		 153 return ip6_fragment(skb, ip6_output2);
154 else
155 return ip6_output2(skb);
156}
157
1da177e4
LT		 158/*
159 * xmit an sk_buff (used by TCP)
160 */
161
162int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi *fl,
163 struct ipv6_txoptions *opt, int ipfragok)
164{
b30bd282 165 struct ipv6_pinfo *np = inet6_sk(sk);
1da177e4
LT		 166 struct in6_addr *first_hop = &fl->fl6_dst;
167 struct dst_entry *dst = skb->dst;
168 struct ipv6hdr *hdr;
169 u8 proto = fl->proto;
170 int seg_len = skb->len;
41a1f8ea 171 int hlimit, tclass;
1da177e4
LT		 172 u32 mtu;
173
174 if (opt) {
175 int head_room;
176
177 /* First: exthdrs may take lots of space (~8K for now)
178 MAX_HEADER is not enough.
179 */
180 head_room = opt->opt_nflen + opt->opt_flen;
181 seg_len += head_room;
182 head_room += sizeof(struct ipv6hdr) + LL_RESERVED_SPACE(dst->dev);
183
184 if (skb_headroom(skb) < head_room) {
185 struct sk_buff *skb2 = skb_realloc_headroom(skb, head_room);
186 kfree_skb(skb);
187 skb = skb2;
188 if (skb == NULL) {
189 IP6_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
190 return -ENOBUFS;
191 }
192 if (sk)
193 skb_set_owner_w(skb, sk);
194 }
195 if (opt->opt_flen)
196 ipv6_push_frag_opts(skb, opt, &proto);
197 if (opt->opt_nflen)
198 ipv6_push_nfrag_opts(skb, opt, &proto, &first_hop);
199 }
200
201 hdr = skb->nh.ipv6h = (struct ipv6hdr*)skb_push(skb, sizeof(struct ipv6hdr));
202
203 /*
204 * Fill in the IPv6 header
205 */
206
1da177e4
LT		 207 hlimit = -1;
208 if (np)
209 hlimit = np->hop_limit;
210 if (hlimit < 0)
211 hlimit = dst_metric(dst, RTAX_HOPLIMIT);
212 if (hlimit < 0)
213 hlimit = ipv6_get_hoplimit(dst->dev);
214
41a1f8ea
YH		 215 tclass = -1;
216 if (np)
217 tclass = np->tclass;
218 if (tclass < 0)
219 tclass = 0;
220
221 *(u32 *)hdr = htonl(0x60000000 | (tclass << 20)) | fl->fl6_flowlabel;
222
1da177e4
LT		 223 hdr->payload_len = htons(seg_len);
224 hdr->nexthdr = proto;
225 hdr->hop_limit = hlimit;
226
227 ipv6_addr_copy(&hdr->saddr, &fl->fl6_src);
228 ipv6_addr_copy(&hdr->daddr, first_hop);
229
a2c2064f
PM		 230 skb->priority = sk->sk_priority;
231
1da177e4 232 mtu = dst_mtu(dst);
f83ef8c0 233 if ((skb->len <= mtu) || ipfragok || skb_shinfo(skb)->gso_size) {
1da177e4 234 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
6869c4d8
HW		 235 return NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, dst->dev,
236 dst_output);
1da177e4
LT		 237 }
238
239 if (net_ratelimit())
240 printk(KERN_DEBUG "IPv6: sending pkt_too_big to self\n");
241 skb->dev = dst->dev;
242 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu, skb->dev);
243 IP6_INC_STATS(IPSTATS_MIB_FRAGFAILS);
244 kfree_skb(skb);
245 return -EMSGSIZE;
246}
247
248/*
249 * To avoid extra problems ND packets are send through this
250 * routine. It's code duplication but I really want to avoid
251 * extra checks since ipv6_build_header is used by TCP (which
252 * is for us performance critical)
253 */
254
255int ip6_nd_hdr(struct sock *sk, struct sk_buff *skb, struct net_device *dev,
256 struct in6_addr *saddr, struct in6_addr *daddr,
257 int proto, int len)
258{
259 struct ipv6_pinfo *np = inet6_sk(sk);
260 struct ipv6hdr *hdr;
261 int totlen;
262
263 skb->protocol = htons(ETH_P_IPV6);
264 skb->dev = dev;
265
266 totlen = len + sizeof(struct ipv6hdr);
267
268 hdr = (struct ipv6hdr *) skb_put(skb, sizeof(struct ipv6hdr));
269 skb->nh.ipv6h = hdr;
270
271 *(u32*)hdr = htonl(0x60000000);
272
273 hdr->payload_len = htons(len);
274 hdr->nexthdr = proto;
275 hdr->hop_limit = np->hop_limit;
276
277 ipv6_addr_copy(&hdr->saddr, saddr);
278 ipv6_addr_copy(&hdr->daddr, daddr);
279
280 return 0;
281}
282
283static int ip6_call_ra_chain(struct sk_buff *skb, int sel)
284{
285 struct ip6_ra_chain *ra;
286 struct sock *last = NULL;
287
288 read_lock(&ip6_ra_lock);
289 for (ra = ip6_ra_chain; ra; ra = ra->next) {
290 struct sock *sk = ra->sk;
0bd1b59b
AM		 291 if (sk && ra->sel == sel &&
292 (!sk->sk_bound_dev_if ||
293 sk->sk_bound_dev_if == skb->dev->ifindex)) {
1da177e4
LT		 294 if (last) {
295 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
296 if (skb2)
297 rawv6_rcv(last, skb2);
298 }
299 last = sk;
300 }
301 }
302
303 if (last) {
304 rawv6_rcv(last, skb);
305 read_unlock(&ip6_ra_lock);
306 return 1;
307 }
308 read_unlock(&ip6_ra_lock);
309 return 0;
310}
311
312static inline int ip6_forward_finish(struct sk_buff *skb)
313{
314 return dst_output(skb);
315}
316
317int ip6_forward(struct sk_buff *skb)
318{
319 struct dst_entry *dst = skb->dst;
320 struct ipv6hdr *hdr = skb->nh.ipv6h;
321 struct inet6_skb_parm *opt = IP6CB(skb);
322
323 if (ipv6_devconf.forwarding == 0)
324 goto error;
325
326 if (!xfrm6_policy_check(NULL, XFRM_POLICY_FWD, skb)) {
327 IP6_INC_STATS(IPSTATS_MIB_INDISCARDS);
328 goto drop;
329 }
330
331 skb->ip_summed = CHECKSUM_NONE;
332
333 /*
334 * We DO NOT make any processing on
335 * RA packets, pushing them to user level AS IS
336 * without ane WARRANTY that application will be able
337 * to interpret them. The reason is that we
338 * cannot make anything clever here.
339 *
340 * We are not end-node, so that if packet contains
341 * AH/ESP, we cannot make anything.
342 * Defragmentation also would be mistake, RA packets
343 * cannot be fragmented, because there is no warranty
344 * that different fragments will go along one path. --ANK
345 */
346 if (opt->ra) {
347 u8 *ptr = skb->nh.raw + opt->ra;
348 if (ip6_call_ra_chain(skb, (ptr[2]<<8) + ptr[3]))
349 return 0;
350 }
351
352 /*
353 * check and decrement ttl
354 */
355 if (hdr->hop_limit <= 1) {
356 /* Force OUTPUT device used as source address */
357 skb->dev = dst->dev;
358 icmpv6_send(skb, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT,
359 0, skb->dev);
360
361 kfree_skb(skb);
362 return -ETIMEDOUT;
363 }
364
365 if (!xfrm6_route_forward(skb)) {
366 IP6_INC_STATS(IPSTATS_MIB_INDISCARDS);
367 goto drop;
368 }
369 dst = skb->dst;
370
371 /* IPv6 specs say nothing about it, but it is clear that we cannot
372 send redirects to source routed frames.
373 */
374 if (skb->dev == dst->dev && dst->neighbour && opt->srcrt == 0) {
375 struct in6_addr *target = NULL;
376 struct rt6_info *rt;
377 struct neighbour *n = dst->neighbour;
378
379 /*
380 * incoming and outgoing devices are the same
381 * send a redirect.
382 */
383
384 rt = (struct rt6_info *) dst;
385 if ((rt->rt6i_flags & RTF_GATEWAY))
386 target = (struct in6_addr*)&n->primary_key;
387 else
388 target = &hdr->daddr;
389
390 /* Limit redirects both by destination (here)
391 and by source (inside ndisc_send_redirect)
392 */
393 if (xrlim_allow(dst, 1*HZ))
394 ndisc_send_redirect(skb, n, target);
395 } else if (ipv6_addr_type(&hdr->saddr)&(IPV6_ADDR_MULTICAST|IPV6_ADDR_LOOPBACK
396 |IPV6_ADDR_LINKLOCAL)) {
397 /* This check is security critical. */
398 goto error;
399 }
400
401 if (skb->len > dst_mtu(dst)) {
402 /* Again, force OUTPUT device used as source address */
403 skb->dev = dst->dev;
404 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, dst_mtu(dst), skb->dev);
405 IP6_INC_STATS_BH(IPSTATS_MIB_INTOOBIGERRORS);
406 IP6_INC_STATS_BH(IPSTATS_MIB_FRAGFAILS);
407 kfree_skb(skb);
408 return -EMSGSIZE;
409 }
410
411 if (skb_cow(skb, dst->dev->hard_header_len)) {
412 IP6_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
413 goto drop;
414 }
415
416 hdr = skb->nh.ipv6h;
417
418 /* Mangling hops number delayed to point after skb COW */
419
420 hdr->hop_limit--;
421
422 IP6_INC_STATS_BH(IPSTATS_MIB_OUTFORWDATAGRAMS);
423 return NF_HOOK(PF_INET6,NF_IP6_FORWARD, skb, skb->dev, dst->dev, ip6_forward_finish);
424
425error:
426 IP6_INC_STATS_BH(IPSTATS_MIB_INADDRERRORS);
427drop:
428 kfree_skb(skb);
429 return -EINVAL;
430}
431
432static void ip6_copy_metadata(struct sk_buff *to, struct sk_buff *from)
433{
434 to->pkt_type = from->pkt_type;
435 to->priority = from->priority;
436 to->protocol = from->protocol;
1da177e4
LT		 437 dst_release(to->dst);
438 to->dst = dst_clone(from->dst);
439 to->dev = from->dev;
440
441#ifdef CONFIG_NET_SCHED
442 to->tc_index = from->tc_index;
443#endif
444#ifdef CONFIG_NETFILTER
445 to->nfmark = from->nfmark;
446 /* Connection association is same as pre-frag packet */
9fb9cbb1 447 nf_conntrack_put(to->nfct);
1da177e4
LT		 448 to->nfct = from->nfct;
449 nf_conntrack_get(to->nfct);
450 to->nfctinfo = from->nfctinfo;
9fb9cbb1
YK		 451#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
452 nf_conntrack_put_reasm(to->nfct_reasm);
453 to->nfct_reasm = from->nfct_reasm;
454 nf_conntrack_get_reasm(to->nfct_reasm);
455#endif
1da177e4
LT		 456#ifdef CONFIG_BRIDGE_NETFILTER
457 nf_bridge_put(to->nf_bridge);
458 to->nf_bridge = from->nf_bridge;
459 nf_bridge_get(to->nf_bridge);
460#endif
1da177e4 461#endif
984bc16c 462 skb_copy_secmark(to, from);
1da177e4
LT		 463}
464
465int ip6_find_1stfragopt(struct sk_buff *skb, u8 **nexthdr)
466{
467 u16 offset = sizeof(struct ipv6hdr);
468 struct ipv6_opt_hdr *exthdr = (struct ipv6_opt_hdr*)(skb->nh.ipv6h + 1);
469 unsigned int packet_len = skb->tail - skb->nh.raw;
470 int found_rhdr = 0;
471 *nexthdr = &skb->nh.ipv6h->nexthdr;
472
473 while (offset + 1 <= packet_len) {
474
475 switch (**nexthdr) {
476
477 case NEXTHDR_HOP:
478 case NEXTHDR_ROUTING:
479 case NEXTHDR_DEST:
480 if (**nexthdr == NEXTHDR_ROUTING) found_rhdr = 1;
481 if (**nexthdr == NEXTHDR_DEST && found_rhdr) return offset;
482 offset += ipv6_optlen(exthdr);
483 *nexthdr = &exthdr->nexthdr;
484 exthdr = (struct ipv6_opt_hdr*)(skb->nh.raw + offset);
485 break;
486 default :
487 return offset;
488 }
489 }
490
491 return offset;
492}
b59f45d0 493EXPORT_SYMBOL_GPL(ip6_find_1stfragopt);
1da177e4
LT		 494
495static int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
496{
497 struct net_device *dev;
498 struct sk_buff *frag;
499 struct rt6_info *rt = (struct rt6_info*)skb->dst;
d91675f9 500 struct ipv6_pinfo *np = skb->sk ? inet6_sk(skb->sk) : NULL;
1da177e4
LT		 501 struct ipv6hdr *tmp_hdr;
502 struct frag_hdr *fh;
503 unsigned int mtu, hlen, left, len;
504 u32 frag_id = 0;
505 int ptr, offset = 0, err=0;
506 u8 *prevhdr, nexthdr = 0;
507
508 dev = rt->u.dst.dev;
509 hlen = ip6_find_1stfragopt(skb, &prevhdr);
510 nexthdr = *prevhdr;
511
d91675f9
YH		 512 mtu = dst_mtu(&rt->u.dst);
513 if (np && np->frag_size < mtu) {
514 if (np->frag_size)
515 mtu = np->frag_size;
516 }
517 mtu -= hlen + sizeof(struct frag_hdr);
1da177e4
LT		 518
519 if (skb_shinfo(skb)->frag_list) {
520 int first_len = skb_pagelen(skb);
521
522 if (first_len - hlen > mtu ||
523 ((first_len - hlen) & 7) ||
524 skb_cloned(skb))
525 goto slow_path;
526
527 for (frag = skb_shinfo(skb)->frag_list; frag; frag = frag->next) {
528 /* Correct geometry. */
529 if (frag->len > mtu ||
530 ((frag->len & 7) && frag->next) ||
531 skb_headroom(frag) < hlen)
532 goto slow_path;
533
1da177e4
LT		 534 /* Partially cloned skb? */
535 if (skb_shared(frag))
536 goto slow_path;
2fdba6b0
HX		 537
538 BUG_ON(frag->sk);
539 if (skb->sk) {
540 sock_hold(skb->sk);
541 frag->sk = skb->sk;
542 frag->destructor = sock_wfree;
543 skb->truesize -= frag->truesize;
544 }
1da177e4
LT		 545 }
546
547 err = 0;
548 offset = 0;
549 frag = skb_shinfo(skb)->frag_list;
550 skb_shinfo(skb)->frag_list = NULL;
551 /* BUILD HEADER */
552
553 tmp_hdr = kmalloc(hlen, GFP_ATOMIC);
554 if (!tmp_hdr) {
555 IP6_INC_STATS(IPSTATS_MIB_FRAGFAILS);
556 return -ENOMEM;
557 }
558
559 *prevhdr = NEXTHDR_FRAGMENT;
560 memcpy(tmp_hdr, skb->nh.raw, hlen);
561 __skb_pull(skb, hlen);
562 fh = (struct frag_hdr*)__skb_push(skb, sizeof(struct frag_hdr));
563 skb->nh.raw = __skb_push(skb, hlen);
564 memcpy(skb->nh.raw, tmp_hdr, hlen);
565
566 ipv6_select_ident(skb, fh);
567 fh->nexthdr = nexthdr;
568 fh->reserved = 0;
569 fh->frag_off = htons(IP6_MF);
570 frag_id = fh->identification;
571
572 first_len = skb_pagelen(skb);
573 skb->data_len = first_len - skb_headlen(skb);
574 skb->len = first_len;
575 skb->nh.ipv6h->payload_len = htons(first_len - sizeof(struct ipv6hdr));
576
577
578 for (;;) {
579 /* Prepare header of the next frame,
580 * before previous one went down. */
581 if (frag) {
582 frag->ip_summed = CHECKSUM_NONE;
583 frag->h.raw = frag->data;
584 fh = (struct frag_hdr*)__skb_push(frag, sizeof(struct frag_hdr));
585 frag->nh.raw = __skb_push(frag, hlen);
586 memcpy(frag->nh.raw, tmp_hdr, hlen);
587 offset += skb->len - hlen - sizeof(struct frag_hdr);
588 fh->nexthdr = nexthdr;
589 fh->reserved = 0;
590 fh->frag_off = htons(offset);
591 if (frag->next != NULL)
592 fh->frag_off |= htons(IP6_MF);
593 fh->identification = frag_id;
594 frag->nh.ipv6h->payload_len = htons(frag->len - sizeof(struct ipv6hdr));
595 ip6_copy_metadata(frag, skb);
596 }
597
598 err = output(skb);
599 if (err || !frag)
600 break;
601
602 skb = frag;
603 frag = skb->next;
604 skb->next = NULL;
605 }
606
a51482bd 607 kfree(tmp_hdr);
1da177e4
LT		 608
609 if (err == 0) {
610 IP6_INC_STATS(IPSTATS_MIB_FRAGOKS);
611 return 0;
612 }
613
614 while (frag) {
615 skb = frag->next;
616 kfree_skb(frag);
617 frag = skb;
618 }
619
620 IP6_INC_STATS(IPSTATS_MIB_FRAGFAILS);
621 return err;
622 }
623
624slow_path:
625 left = skb->len - hlen; /* Space per frame */
626 ptr = hlen; /* Where to start from */
627
628 /*
629 * Fragment the datagram.
630 */
631
632 *prevhdr = NEXTHDR_FRAGMENT;
633
634 /*
635 * Keep copying data until we run out.
636 */
637 while(left > 0) {
638 len = left;
639 /* IF: it doesn't fit, use 'mtu' - the data space left */
640 if (len > mtu)
641 len = mtu;
642 /* IF: we are not sending upto and including the packet end
643 then align the next start on an eight byte boundary */
644 if (len < left) {
645 len &= ~7;
646 }
647 /*
648 * Allocate buffer.
649 */
650
651 if ((frag = alloc_skb(len+hlen+sizeof(struct frag_hdr)+LL_RESERVED_SPACE(rt->u.dst.dev), GFP_ATOMIC)) == NULL) {
64ce2073 652 NETDEBUG(KERN_INFO "IPv6: frag: no memory for new fragment!\n");
1da177e4
LT		 653 IP6_INC_STATS(IPSTATS_MIB_FRAGFAILS);
654 err = -ENOMEM;
655 goto fail;
656 }
657
658 /*
659 * Set up data on packet
660 */
661
662 ip6_copy_metadata(frag, skb);
663 skb_reserve(frag, LL_RESERVED_SPACE(rt->u.dst.dev));
664 skb_put(frag, len + hlen + sizeof(struct frag_hdr));
665 frag->nh.raw = frag->data;
666 fh = (struct frag_hdr*)(frag->data + hlen);
667 frag->h.raw = frag->data + hlen + sizeof(struct frag_hdr);
668
669 /*
670 * Charge the memory for the fragment to any owner
671 * it might possess
672 */
673 if (skb->sk)
674 skb_set_owner_w(frag, skb->sk);
675
676 /*
677 * Copy the packet header into the new buffer.
678 */
679 memcpy(frag->nh.raw, skb->data, hlen);
680
681 /*
682 * Build fragment header.
683 */
684 fh->nexthdr = nexthdr;
685 fh->reserved = 0;
f36d6ab1 686 if (!frag_id) {
1da177e4
LT		 687 ipv6_select_ident(skb, fh);
688 frag_id = fh->identification;
689 } else
690 fh->identification = frag_id;
691
692 /*
693 * Copy a block of the IP datagram.
694 */
695 if (skb_copy_bits(skb, ptr, frag->h.raw, len))
696 BUG();
697 left -= len;
698
699 fh->frag_off = htons(offset);
700 if (left > 0)
701 fh->frag_off |= htons(IP6_MF);
702 frag->nh.ipv6h->payload_len = htons(frag->len - sizeof(struct ipv6hdr));
703
704 ptr += len;
705 offset += len;
706
707 /*
708 * Put this fragment into the sending queue.
709 */
710
711 IP6_INC_STATS(IPSTATS_MIB_FRAGCREATES);
712
713 err = output(frag);
714 if (err)
715 goto fail;
716 }
717 kfree_skb(skb);
718 IP6_INC_STATS(IPSTATS_MIB_FRAGOKS);
719 return err;
720
721fail:
722 kfree_skb(skb);
723 IP6_INC_STATS(IPSTATS_MIB_FRAGFAILS);
724 return err;
725}
726
727int ip6_dst_lookup(struct sock *sk, struct dst_entry **dst, struct flowi *fl)
728{
729 int err = 0;
730
731 *dst = NULL;
732 if (sk) {
733 struct ipv6_pinfo *np = inet6_sk(sk);
734
735 *dst = sk_dst_check(sk, np->dst_cookie);
736 if (*dst) {
737 struct rt6_info *rt = (struct rt6_info*)*dst;
738
d76e60a5
DM		 739 /* Yes, checking route validity in not connected
740 * case is not very simple. Take into account,
741 * that we do not support routing by source, TOS,
742 * and MSG_DONTROUTE --ANK (980726)
743 *
744 * 1. If route was host route, check that
745 * cached destination is current.
746 * If it is network route, we still may
747 * check its validity using saved pointer
748 * to the last used address: daddr_cache.
749 * We do not want to save whole address now,
750 * (because main consumer of this service
751 * is tcp, which has not this problem),
752 * so that the last trick works only on connected
753 * sockets.
754 * 2. oif also should be the same.
755 */
1da177e4 756 if (((rt->rt6i_dst.plen != 128 ||
d76e60a5
DM		 757 !ipv6_addr_equal(&fl->fl6_dst,
758 &rt->rt6i_dst.addr))
1da177e4 759 && (np->daddr_cache == NULL ||
d76e60a5
DM		 760 !ipv6_addr_equal(&fl->fl6_dst,
761 np->daddr_cache)))
1da177e4
LT		 762 || (fl->oif && fl->oif != (*dst)->dev->ifindex)) {
763 dst_release(*dst);
764 *dst = NULL;
765 }
766 }
767 }
768
769 if (*dst == NULL)
770 *dst = ip6_route_output(sk, fl);
771
772 if ((err = (*dst)->error))
773 goto out_err_release;
774
775 if (ipv6_addr_any(&fl->fl6_src)) {
776 err = ipv6_get_saddr(*dst, &fl->fl6_dst, &fl->fl6_src);
777
44456d37 778 if (err)
1da177e4 779 goto out_err_release;
1da177e4
LT		 780 }
781
782 return 0;
783
784out_err_release:
785 dst_release(*dst);
786 *dst = NULL;
787 return err;
788}
34a0b3cd 789
3cf3dc6c
ACM		 790EXPORT_SYMBOL_GPL(ip6_dst_lookup);
791
34a0b3cd 792static inline int ip6_ufo_append_data(struct sock *sk,
e89e9cf5
AR		 793 int getfrag(void *from, char *to, int offset, int len,
794 int odd, struct sk_buff *skb),
795 void *from, int length, int hh_len, int fragheaderlen,
796 int transhdrlen, int mtu,unsigned int flags)
797
798{
799 struct sk_buff *skb;
800 int err;
801
802 /* There is support for UDP large send offload by network
803 * device, so create one single skb packet containing complete
804 * udp datagram
805 */
806 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL) {
807 skb = sock_alloc_send_skb(sk,
808 hh_len + fragheaderlen + transhdrlen + 20,
809 (flags & MSG_DONTWAIT), &err);
810 if (skb == NULL)
811 return -ENOMEM;
812
813 /* reserve space for Hardware header */
814 skb_reserve(skb, hh_len);
815
816 /* create space for UDP/IP header */
817 skb_put(skb,fragheaderlen + transhdrlen);
818
819 /* initialize network header pointer */
820 skb->nh.raw = skb->data;
821
822 /* initialize protocol header pointer */
823 skb->h.raw = skb->data + fragheaderlen;
824
825 skb->ip_summed = CHECKSUM_HW;
826 skb->csum = 0;
827 sk->sk_sndmsg_off = 0;
828 }
829
830 err = skb_append_datato_frags(sk,skb, getfrag, from,
831 (length - transhdrlen));
832 if (!err) {
833 struct frag_hdr fhdr;
834
835 /* specify the length of each IP datagram fragment*/
7967168c
HX		 836 skb_shinfo(skb)->gso_size = mtu - fragheaderlen -
837 sizeof(struct frag_hdr);
f83ef8c0 838 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
e89e9cf5
AR		 839 ipv6_select_ident(skb, &fhdr);
840 skb_shinfo(skb)->ip6_frag_id = fhdr.identification;
841 __skb_queue_tail(&sk->sk_write_queue, skb);
842
843 return 0;
844 }
845 /* There is not enough support do UPD LSO,
846 * so follow normal path
847 */
848 kfree_skb(skb);
849
850 return err;
851}
1da177e4 852
41a1f8ea
YH		 853int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to,
854 int offset, int len, int odd, struct sk_buff *skb),
855 void *from, int length, int transhdrlen,
856 int hlimit, int tclass, struct ipv6_txoptions *opt, struct flowi *fl,
857 struct rt6_info *rt, unsigned int flags)
1da177e4
LT		 858{
859 struct inet_sock *inet = inet_sk(sk);
860 struct ipv6_pinfo *np = inet6_sk(sk);
861 struct sk_buff *skb;
862 unsigned int maxfraglen, fragheaderlen;
863 int exthdrlen;
864 int hh_len;
865 int mtu;
866 int copy;
867 int err;
868 int offset = 0;
869 int csummode = CHECKSUM_NONE;
870
871 if (flags&MSG_PROBE)
872 return 0;
873 if (skb_queue_empty(&sk->sk_write_queue)) {
874 /*
875 * setup for corking
876 */
877 if (opt) {
878 if (np->cork.opt == NULL) {
879 np->cork.opt = kmalloc(opt->tot_len,
880 sk->sk_allocation);
881 if (unlikely(np->cork.opt == NULL))
882 return -ENOBUFS;
883 } else if (np->cork.opt->tot_len < opt->tot_len) {
884 printk(KERN_DEBUG "ip6_append_data: invalid option length\n");
885 return -EINVAL;
886 }
887 memcpy(np->cork.opt, opt, opt->tot_len);
888 inet->cork.flags |= IPCORK_OPT;
889 /* need source address above miyazawa*/
890 }
891 dst_hold(&rt->u.dst);
892 np->cork.rt = rt;
893 inet->cork.fl = *fl;
894 np->cork.hop_limit = hlimit;
41a1f8ea 895 np->cork.tclass = tclass;
d91675f9 896 mtu = dst_mtu(rt->u.dst.path);
c7503609 897 if (np->frag_size < mtu) {
d91675f9
YH		 898 if (np->frag_size)
899 mtu = np->frag_size;
900 }
901 inet->cork.fragsize = mtu;
1da177e4
LT		 902 if (dst_allfrag(rt->u.dst.path))
903 inet->cork.flags |= IPCORK_ALLFRAG;
904 inet->cork.length = 0;
905 sk->sk_sndmsg_page = NULL;
906 sk->sk_sndmsg_off = 0;
907 exthdrlen = rt->u.dst.header_len + (opt ? opt->opt_flen : 0);
908 length += exthdrlen;
909 transhdrlen += exthdrlen;
910 } else {
911 rt = np->cork.rt;
912 fl = &inet->cork.fl;
913 if (inet->cork.flags & IPCORK_OPT)
914 opt = np->cork.opt;
915 transhdrlen = 0;
916 exthdrlen = 0;
917 mtu = inet->cork.fragsize;
918 }
919
920 hh_len = LL_RESERVED_SPACE(rt->u.dst.dev);
921
922 fragheaderlen = sizeof(struct ipv6hdr) + (opt ? opt->opt_nflen : 0);
923 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen - sizeof(struct frag_hdr);
924
925 if (mtu <= sizeof(struct ipv6hdr) + IPV6_MAXPLEN) {
926 if (inet->cork.length + length > sizeof(struct ipv6hdr) + IPV6_MAXPLEN - fragheaderlen) {
927 ipv6_local_error(sk, EMSGSIZE, fl, mtu-exthdrlen);
928 return -EMSGSIZE;
929 }
930 }
931
932 /*
933 * Let's try using as much space as possible.
934 * Use MTU if total length of the message fits into the MTU.
935 * Otherwise, we need to reserve fragment header and
936 * fragment alignment (= 8-15 octects, in total).
937 *
938 * Note that we may need to "move" the data from the tail of
939 * of the buffer to the new fragment when we split
940 * the message.
941 *
942 * FIXME: It may be fragmented into multiple chunks
943 * at once if non-fragmentable extension headers
944 * are too large.
945 * --yoshfuji
946 */
947
948 inet->cork.length += length;
e89e9cf5
AR		 949 if (((length > mtu) && (sk->sk_protocol == IPPROTO_UDP)) &&
950 (rt->u.dst.dev->features & NETIF_F_UFO)) {
951
baa829d8
PM		 952 err = ip6_ufo_append_data(sk, getfrag, from, length, hh_len,
953 fragheaderlen, transhdrlen, mtu,
954 flags);
955 if (err)
e89e9cf5 956 goto error;
e89e9cf5
AR		 957 return 0;
958 }
1da177e4
LT		 959
960 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL)
961 goto alloc_new_skb;
962
963 while (length > 0) {
964 /* Check if the remaining data fits into current packet. */
965 copy = (inet->cork.length <= mtu && !(inet->cork.flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - skb->len;
966 if (copy < length)
967 copy = maxfraglen - skb->len;
968
969 if (copy <= 0) {
970 char *data;
971 unsigned int datalen;
972 unsigned int fraglen;
973 unsigned int fraggap;
974 unsigned int alloclen;
975 struct sk_buff *skb_prev;
976alloc_new_skb:
977 skb_prev = skb;
978
979 /* There's no room in the current skb */
980 if (skb_prev)
981 fraggap = skb_prev->len - maxfraglen;
982 else
983 fraggap = 0;
984
985 /*
986 * If remaining data exceeds the mtu,
987 * we know we need more fragment(s).
988 */
989 datalen = length + fraggap;
990 if (datalen > (inet->cork.length <= mtu && !(inet->cork.flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - fragheaderlen)
991 datalen = maxfraglen - fragheaderlen;
992
993 fraglen = datalen + fragheaderlen;
994 if ((flags & MSG_MORE) &&
995 !(rt->u.dst.dev->features&NETIF_F_SG))
996 alloclen = mtu;
997 else
998 alloclen = datalen + fragheaderlen;
999
1000 /*
1001 * The last fragment gets additional space at tail.
1002 * Note: we overallocate on fragments with MSG_MODE
1003 * because we have no idea if we're the last one.
1004 */
1005 if (datalen == length + fraggap)
1006 alloclen += rt->u.dst.trailer_len;
1007
1008 /*
1009 * We just reserve space for fragment header.
1010 * Note: this may be overallocation if the message
1011 * (without MSG_MORE) fits into the MTU.
1012 */
1013 alloclen += sizeof(struct frag_hdr);
1014
1015 if (transhdrlen) {
1016 skb = sock_alloc_send_skb(sk,
1017 alloclen + hh_len,
1018 (flags & MSG_DONTWAIT), &err);
1019 } else {
1020 skb = NULL;
1021 if (atomic_read(&sk->sk_wmem_alloc) <=
1022 2 * sk->sk_sndbuf)
1023 skb = sock_wmalloc(sk,
1024 alloclen + hh_len, 1,
1025 sk->sk_allocation);
1026 if (unlikely(skb == NULL))
1027 err = -ENOBUFS;
1028 }
1029 if (skb == NULL)
1030 goto error;
1031 /*
1032 * Fill in the control structures
1033 */
1034 skb->ip_summed = csummode;
1035 skb->csum = 0;
1036 /* reserve for fragmentation */
1037 skb_reserve(skb, hh_len+sizeof(struct frag_hdr));
1038
1039 /*
1040 * Find where to start putting bytes
1041 */
1042 data = skb_put(skb, fraglen);
1043 skb->nh.raw = data + exthdrlen;
1044 data += fragheaderlen;
1045 skb->h.raw = data + exthdrlen;
1046
1047 if (fraggap) {
1048 skb->csum = skb_copy_and_csum_bits(
1049 skb_prev, maxfraglen,
1050 data + transhdrlen, fraggap, 0);
1051 skb_prev->csum = csum_sub(skb_prev->csum,
1052 skb->csum);
1053 data += fraggap;
1054 skb_trim(skb_prev, maxfraglen);
1055 }
1056 copy = datalen - transhdrlen - fraggap;
1057 if (copy < 0) {
1058 err = -EINVAL;
1059 kfree_skb(skb);
1060 goto error;
1061 } else if (copy > 0 && getfrag(from, data + transhdrlen, offset, copy, fraggap, skb) < 0) {
1062 err = -EFAULT;
1063 kfree_skb(skb);
1064 goto error;
1065 }
1066
1067 offset += copy;
1068 length -= datalen - fraggap;
1069 transhdrlen = 0;
1070 exthdrlen = 0;
1071 csummode = CHECKSUM_NONE;
1072
1073 /*
1074 * Put the packet on the pending queue
1075 */
1076 __skb_queue_tail(&sk->sk_write_queue, skb);
1077 continue;
1078 }
1079
1080 if (copy > length)
1081 copy = length;
1082
1083 if (!(rt->u.dst.dev->features&NETIF_F_SG)) {
1084 unsigned int off;
1085
1086 off = skb->len;
1087 if (getfrag(from, skb_put(skb, copy),
1088 offset, copy, off, skb) < 0) {
1089 __skb_trim(skb, off);
1090 err = -EFAULT;
1091 goto error;
1092 }
1093 } else {
1094 int i = skb_shinfo(skb)->nr_frags;
1095 skb_frag_t *frag = &skb_shinfo(skb)->frags[i-1];
1096 struct page *page = sk->sk_sndmsg_page;
1097 int off = sk->sk_sndmsg_off;
1098 unsigned int left;
1099
1100 if (page && (left = PAGE_SIZE - off) > 0) {
1101 if (copy >= left)
1102 copy = left;
1103 if (page != frag->page) {
1104 if (i == MAX_SKB_FRAGS) {
1105 err = -EMSGSIZE;
1106 goto error;
1107 }
1108 get_page(page);
1109 skb_fill_page_desc(skb, i, page, sk->sk_sndmsg_off, 0);
1110 frag = &skb_shinfo(skb)->frags[i];
1111 }
1112 } else if(i < MAX_SKB_FRAGS) {
1113 if (copy > PAGE_SIZE)
1114 copy = PAGE_SIZE;
1115 page = alloc_pages(sk->sk_allocation, 0);
1116 if (page == NULL) {
1117 err = -ENOMEM;
1118 goto error;
1119 }
1120 sk->sk_sndmsg_page = page;
1121 sk->sk_sndmsg_off = 0;
1122
1123 skb_fill_page_desc(skb, i, page, 0, 0);
1124 frag = &skb_shinfo(skb)->frags[i];
1125 skb->truesize += PAGE_SIZE;
1126 atomic_add(PAGE_SIZE, &sk->sk_wmem_alloc);
1127 } else {
1128 err = -EMSGSIZE;
1129 goto error;
1130 }
1131 if (getfrag(from, page_address(frag->page)+frag->page_offset+frag->size, offset, copy, skb->len, skb) < 0) {
1132 err = -EFAULT;
1133 goto error;
1134 }
1135 sk->sk_sndmsg_off += copy;
1136 frag->size += copy;
1137 skb->len += copy;
1138 skb->data_len += copy;
1139 }
1140 offset += copy;
1141 length -= copy;
1142 }
1143 return 0;
1144error:
1145 inet->cork.length -= length;
1146 IP6_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
1147 return err;
1148}
1149
1150int ip6_push_pending_frames(struct sock *sk)
1151{
1152 struct sk_buff *skb, *tmp_skb;
1153 struct sk_buff **tail_skb;
1154 struct in6_addr final_dst_buf, *final_dst = &final_dst_buf;
1155 struct inet_sock *inet = inet_sk(sk);
1156 struct ipv6_pinfo *np = inet6_sk(sk);
1157 struct ipv6hdr *hdr;
1158 struct ipv6_txoptions *opt = np->cork.opt;
1159 struct rt6_info *rt = np->cork.rt;
1160 struct flowi *fl = &inet->cork.fl;
1161 unsigned char proto = fl->proto;
1162 int err = 0;
1163
1164 if ((skb = __skb_dequeue(&sk->sk_write_queue)) == NULL)
1165 goto out;
1166 tail_skb = &(skb_shinfo(skb)->frag_list);
1167
1168 /* move skb->data to ip header from ext header */
1169 if (skb->data < skb->nh.raw)
1170 __skb_pull(skb, skb->nh.raw - skb->data);
1171 while ((tmp_skb = __skb_dequeue(&sk->sk_write_queue)) != NULL) {
1172 __skb_pull(tmp_skb, skb->h.raw - skb->nh.raw);
1173 *tail_skb = tmp_skb;
1174 tail_skb = &(tmp_skb->next);
1175 skb->len += tmp_skb->len;
1176 skb->data_len += tmp_skb->len;
1da177e4
LT		 1177 skb->truesize += tmp_skb->truesize;
1178 __sock_put(tmp_skb->sk);
1179 tmp_skb->destructor = NULL;
1180 tmp_skb->sk = NULL;
1da177e4
LT		 1181 }
1182
1183 ipv6_addr_copy(final_dst, &fl->fl6_dst);
1184 __skb_pull(skb, skb->h.raw - skb->nh.raw);
1185 if (opt && opt->opt_flen)
1186 ipv6_push_frag_opts(skb, opt, &proto);
1187 if (opt && opt->opt_nflen)
1188 ipv6_push_nfrag_opts(skb, opt, &proto, &final_dst);
1189
1190 skb->nh.ipv6h = hdr = (struct ipv6hdr*) skb_push(skb, sizeof(struct ipv6hdr));
1191
41a1f8ea
YH		 1192 *(u32*)hdr = fl->fl6_flowlabel |
1193 htonl(0x60000000 | ((int)np->cork.tclass << 20));
1da177e4
LT		 1194
1195 if (skb->len <= sizeof(struct ipv6hdr) + IPV6_MAXPLEN)
1196 hdr->payload_len = htons(skb->len - sizeof(struct ipv6hdr));
1197 else
1198 hdr->payload_len = 0;
1199 hdr->hop_limit = np->cork.hop_limit;
1200 hdr->nexthdr = proto;
1201 ipv6_addr_copy(&hdr->saddr, &fl->fl6_src);
1202 ipv6_addr_copy(&hdr->daddr, final_dst);
1203
a2c2064f
PM		 1204 skb->priority = sk->sk_priority;
1205
1da177e4
LT		 1206 skb->dst = dst_clone(&rt->u.dst);
1207 IP6_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
1208 err = NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, skb, NULL, skb->dst->dev, dst_output);
1209 if (err) {
1210 if (err > 0)
3320da89 1211 err = np->recverr ? net_xmit_errno(err) : 0;
1da177e4
LT		 1212 if (err)
1213 goto error;
1214 }
1215
1216out:
1217 inet->cork.flags &= ~IPCORK_OPT;
a51482bd
JJ		 1218 kfree(np->cork.opt);
1219 np->cork.opt = NULL;
1da177e4
LT		 1220 if (np->cork.rt) {
1221 dst_release(&np->cork.rt->u.dst);
1222 np->cork.rt = NULL;
1223 inet->cork.flags &= ~IPCORK_ALLFRAG;
1224 }
1225 memset(&inet->cork.fl, 0, sizeof(inet->cork.fl));
1226 return err;
1227error:
1228 goto out;
1229}
1230
1231void ip6_flush_pending_frames(struct sock *sk)
1232{
1233 struct inet_sock *inet = inet_sk(sk);
1234 struct ipv6_pinfo *np = inet6_sk(sk);
1235 struct sk_buff *skb;
1236
1237 while ((skb = __skb_dequeue_tail(&sk->sk_write_queue)) != NULL) {
1238 IP6_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
1239 kfree_skb(skb);
1240 }
1241
1242 inet->cork.flags &= ~IPCORK_OPT;
1243
a51482bd
JJ		 1244 kfree(np->cork.opt);
1245 np->cork.opt = NULL;
1da177e4
LT		 1246 if (np->cork.rt) {
1247 dst_release(&np->cork.rt->u.dst);
1248 np->cork.rt = NULL;
1249 inet->cork.flags &= ~IPCORK_ALLFRAG;
1250 }
1251 memset(&inet->cork.fl, 0, sizeof(inet->cork.fl));
1252}
Clone of davem's net-next-2.6 tree