]> bbs.cooldavid.org Git - net-next-2.6.git/blame - net/ipv6/tcp_ipv6.c
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[CONNECTOR]: Add userspace example code into Documentation/connector/
[net-next-2.6.git] / net / ipv6 / tcp_ipv6.c
CommitLineData
1da177e4
LT		 1/*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * $Id: tcp_ipv6.c,v 1.144 2002/02/01 22:01:04 davem Exp $
9 *
10 * Based on:
11 * linux/net/ipv4/tcp.c
12 * linux/net/ipv4/tcp_input.c
13 * linux/net/ipv4/tcp_output.c
14 *
15 * Fixes:
16 * Hideaki YOSHIFUJI : sin6_scope_id support
17 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
18 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
19 * a single port at the same time.
20 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
21 *
22 * This program is free software; you can redistribute it and/or
23 * modify it under the terms of the GNU General Public License
24 * as published by the Free Software Foundation; either version
25 * 2 of the License, or (at your option) any later version.
26 */
27
28#include <linux/module.h>
1da177e4
LT		 29#include <linux/errno.h>
30#include <linux/types.h>
31#include <linux/socket.h>
32#include <linux/sockios.h>
33#include <linux/net.h>
34#include <linux/jiffies.h>
35#include <linux/in.h>
36#include <linux/in6.h>
37#include <linux/netdevice.h>
38#include <linux/init.h>
39#include <linux/jhash.h>
40#include <linux/ipsec.h>
41#include <linux/times.h>
42
43#include <linux/ipv6.h>
44#include <linux/icmpv6.h>
45#include <linux/random.h>
46
47#include <net/tcp.h>
48#include <net/ndisc.h>
5324a040 49#include <net/inet6_hashtables.h>
8129765a 50#include <net/inet6_connection_sock.h>
1da177e4
LT		 51#include <net/ipv6.h>
52#include <net/transp_v6.h>
53#include <net/addrconf.h>
54#include <net/ip6_route.h>
55#include <net/ip6_checksum.h>
56#include <net/inet_ecn.h>
57#include <net/protocol.h>
58#include <net/xfrm.h>
59#include <net/addrconf.h>
60#include <net/snmp.h>
61#include <net/dsfield.h>
6d6ee43e 62#include <net/timewait_sock.h>
1da177e4
LT		 63
64#include <asm/uaccess.h>
65
66#include <linux/proc_fs.h>
67#include <linux/seq_file.h>
68
ae0f7d5f
DW		 69/* Socket used for sending RSTs and ACKs */
70static struct socket *tcp6_socket;
71
1da177e4 72static void tcp_v6_send_reset(struct sk_buff *skb);
60236fdd 73static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req);
8292a17a 74static void tcp_v6_send_check(struct sock *sk, int len,
1da177e4
LT		 75 struct sk_buff *skb);
76
77static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
1da177e4 78
8292a17a
ACM		 79static struct inet_connection_sock_af_ops ipv6_mapped;
80static struct inet_connection_sock_af_ops ipv6_specific;
1da177e4 81
1da177e4
LT		 82static int tcp_v6_get_port(struct sock *sk, unsigned short snum)
83{
971af18b
ACM		 84 return inet_csk_get_port(&tcp_hashinfo, sk, snum,
85 inet6_csk_bind_conflict);
1da177e4
LT		 86}
87
1da177e4
LT		 88static void tcp_v6_hash(struct sock *sk)
89{
90 if (sk->sk_state != TCP_CLOSE) {
8292a17a 91 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
1da177e4
LT		 92 tcp_prot.hash(sk);
93 return;
94 }
95 local_bh_disable();
90b19d31 96 __inet6_hash(&tcp_hashinfo, sk);
1da177e4
LT		 97 local_bh_enable();
98 }
99}
100
1da177e4
LT		 101static __inline__ u16 tcp_v6_check(struct tcphdr *th, int len,
102 struct in6_addr *saddr,
103 struct in6_addr *daddr,
104 unsigned long base)
105{
106 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
107}
108
109static __u32 tcp_v6_init_sequence(struct sock *sk, struct sk_buff *skb)
110{
111 if (skb->protocol == htons(ETH_P_IPV6)) {
112 return secure_tcpv6_sequence_number(skb->nh.ipv6h->daddr.s6_addr32,
113 skb->nh.ipv6h->saddr.s6_addr32,
114 skb->h.th->dest,
115 skb->h.th->source);
116 } else {
117 return secure_tcp_sequence_number(skb->nh.iph->daddr,
118 skb->nh.iph->saddr,
119 skb->h.th->dest,
120 skb->h.th->source);
121 }
122}
123
1da177e4
LT		 124static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
125 int addr_len)
126{
127 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
d83d8461
ACM		 128 struct inet_sock *inet = inet_sk(sk);
129 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4
LT		 130 struct ipv6_pinfo *np = inet6_sk(sk);
131 struct tcp_sock *tp = tcp_sk(sk);
132 struct in6_addr *saddr = NULL, *final_p = NULL, final;
133 struct flowi fl;
134 struct dst_entry *dst;
135 int addr_type;
136 int err;
137
138 if (addr_len < SIN6_LEN_RFC2133)
139 return -EINVAL;
140
141 if (usin->sin6_family != AF_INET6)
142 return(-EAFNOSUPPORT);
143
144 memset(&fl, 0, sizeof(fl));
145
146 if (np->sndflow) {
147 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
148 IP6_ECN_flow_init(fl.fl6_flowlabel);
149 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
150 struct ip6_flowlabel *flowlabel;
151 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
152 if (flowlabel == NULL)
153 return -EINVAL;
154 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
155 fl6_sock_release(flowlabel);
156 }
157 }
158
159 /*
160 * connect() to INADDR_ANY means loopback (BSD'ism).
161 */
162
163 if(ipv6_addr_any(&usin->sin6_addr))
164 usin->sin6_addr.s6_addr[15] = 0x1;
165
166 addr_type = ipv6_addr_type(&usin->sin6_addr);
167
168 if(addr_type & IPV6_ADDR_MULTICAST)
169 return -ENETUNREACH;
170
171 if (addr_type&IPV6_ADDR_LINKLOCAL) {
172 if (addr_len >= sizeof(struct sockaddr_in6) &&
173 usin->sin6_scope_id) {
174 /* If interface is set while binding, indices
175 * must coincide.
176 */
177 if (sk->sk_bound_dev_if &&
178 sk->sk_bound_dev_if != usin->sin6_scope_id)
179 return -EINVAL;
180
181 sk->sk_bound_dev_if = usin->sin6_scope_id;
182 }
183
184 /* Connect to link-local address requires an interface */
185 if (!sk->sk_bound_dev_if)
186 return -EINVAL;
187 }
188
189 if (tp->rx_opt.ts_recent_stamp &&
190 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
191 tp->rx_opt.ts_recent = 0;
192 tp->rx_opt.ts_recent_stamp = 0;
193 tp->write_seq = 0;
194 }
195
196 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
197 np->flow_label = fl.fl6_flowlabel;
198
199 /*
200 * TCP over IPv4
201 */
202
203 if (addr_type == IPV6_ADDR_MAPPED) {
d83d8461 204 u32 exthdrlen = icsk->icsk_ext_hdr_len;
1da177e4
LT		 205 struct sockaddr_in sin;
206
207 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
208
209 if (__ipv6_only_sock(sk))
210 return -ENETUNREACH;
211
212 sin.sin_family = AF_INET;
213 sin.sin_port = usin->sin6_port;
214 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
215
d83d8461 216 icsk->icsk_af_ops = &ipv6_mapped;
1da177e4
LT		 217 sk->sk_backlog_rcv = tcp_v4_do_rcv;
218
219 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
220
221 if (err) {
d83d8461
ACM		 222 icsk->icsk_ext_hdr_len = exthdrlen;
223 icsk->icsk_af_ops = &ipv6_specific;
1da177e4
LT		 224 sk->sk_backlog_rcv = tcp_v6_do_rcv;
225 goto failure;
226 } else {
227 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
228 inet->saddr);
229 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
230 inet->rcv_saddr);
231 }
232
233 return err;
234 }
235
236 if (!ipv6_addr_any(&np->rcv_saddr))
237 saddr = &np->rcv_saddr;
238
239 fl.proto = IPPROTO_TCP;
240 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
241 ipv6_addr_copy(&fl.fl6_src,
242 (saddr ? saddr : &np->saddr));
243 fl.oif = sk->sk_bound_dev_if;
244 fl.fl_ip_dport = usin->sin6_port;
245 fl.fl_ip_sport = inet->sport;
246
247 if (np->opt && np->opt->srcrt) {
248 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
249 ipv6_addr_copy(&final, &fl.fl6_dst);
250 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
251 final_p = &final;
252 }
253
254 err = ip6_dst_lookup(sk, &dst, &fl);
255 if (err)
256 goto failure;
257 if (final_p)
258 ipv6_addr_copy(&fl.fl6_dst, final_p);
259
e104411b 260 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
1da177e4 261 goto failure;
1da177e4
LT		 262
263 if (saddr == NULL) {
264 saddr = &fl.fl6_src;
265 ipv6_addr_copy(&np->rcv_saddr, saddr);
266 }
267
268 /* set the source address */
269 ipv6_addr_copy(&np->saddr, saddr);
270 inet->rcv_saddr = LOOPBACK4_IPV6;
271
f83ef8c0 272 sk->sk_gso_type = SKB_GSO_TCPV6;
497c615a 273 __ip6_dst_store(sk, dst, NULL);
1da177e4 274
d83d8461 275 icsk->icsk_ext_hdr_len = 0;
1da177e4 276 if (np->opt)
d83d8461
ACM		 277 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
278 np->opt->opt_nflen);
1da177e4
LT		 279
280 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
281
282 inet->dport = usin->sin6_port;
283
284 tcp_set_state(sk, TCP_SYN_SENT);
d8313f5c 285 err = inet6_hash_connect(&tcp_death_row, sk);
1da177e4
LT		 286 if (err)
287 goto late_failure;
288
289 if (!tp->write_seq)
290 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
291 np->daddr.s6_addr32,
292 inet->sport,
293 inet->dport);
294
295 err = tcp_connect(sk);
296 if (err)
297 goto late_failure;
298
299 return 0;
300
301late_failure:
302 tcp_set_state(sk, TCP_CLOSE);
303 __sk_dst_reset(sk);
304failure:
305 inet->dport = 0;
306 sk->sk_route_caps = 0;
307 return err;
308}
309
310static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
311 int type, int code, int offset, __u32 info)
312{
313 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
505cbfc5 314 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
1da177e4
LT		 315 struct ipv6_pinfo *np;
316 struct sock *sk;
317 int err;
318 struct tcp_sock *tp;
319 __u32 seq;
320
505cbfc5
ACM		 321 sk = inet6_lookup(&tcp_hashinfo, &hdr->daddr, th->dest, &hdr->saddr,
322 th->source, skb->dev->ifindex);
1da177e4
LT		 323
324 if (sk == NULL) {
325 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
326 return;
327 }
328
329 if (sk->sk_state == TCP_TIME_WAIT) {
8feaf0c0 330 inet_twsk_put((struct inet_timewait_sock *)sk);
1da177e4
LT		 331 return;
332 }
333
334 bh_lock_sock(sk);
335 if (sock_owned_by_user(sk))
336 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
337
338 if (sk->sk_state == TCP_CLOSE)
339 goto out;
340
341 tp = tcp_sk(sk);
342 seq = ntohl(th->seq);
343 if (sk->sk_state != TCP_LISTEN &&
344 !between(seq, tp->snd_una, tp->snd_nxt)) {
345 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
346 goto out;
347 }
348
349 np = inet6_sk(sk);
350
351 if (type == ICMPV6_PKT_TOOBIG) {
352 struct dst_entry *dst = NULL;
353
354 if (sock_owned_by_user(sk))
355 goto out;
356 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
357 goto out;
358
359 /* icmp should have updated the destination cache entry */
360 dst = __sk_dst_check(sk, np->dst_cookie);
361
362 if (dst == NULL) {
363 struct inet_sock *inet = inet_sk(sk);
364 struct flowi fl;
365
366 /* BUGGG_FUTURE: Again, it is not clear how
367 to handle rthdr case. Ignore this complexity
368 for now.
369 */
370 memset(&fl, 0, sizeof(fl));
371 fl.proto = IPPROTO_TCP;
372 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
373 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
374 fl.oif = sk->sk_bound_dev_if;
375 fl.fl_ip_dport = inet->dport;
376 fl.fl_ip_sport = inet->sport;
377
378 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
379 sk->sk_err_soft = -err;
380 goto out;
381 }
382
383 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
384 sk->sk_err_soft = -err;
385 goto out;
386 }
387
388 } else
389 dst_hold(dst);
390
d83d8461 391 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
1da177e4
LT		 392 tcp_sync_mss(sk, dst_mtu(dst));
393 tcp_simple_retransmit(sk);
394 } /* else let the usual retransmit timer handle it */
395 dst_release(dst);
396 goto out;
397 }
398
399 icmpv6_err_convert(type, code, &err);
400
60236fdd 401 /* Might be for an request_sock */
1da177e4 402 switch (sk->sk_state) {
60236fdd 403 struct request_sock *req, **prev;
1da177e4
LT		 404 case TCP_LISTEN:
405 if (sock_owned_by_user(sk))
406 goto out;
407
8129765a
ACM		 408 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
409 &hdr->saddr, inet6_iif(skb));
1da177e4
LT		 410 if (!req)
411 goto out;
412
413 /* ICMPs are not backlogged, hence we cannot get
414 * an established socket here.
415 */
416 BUG_TRAP(req->sk == NULL);
417
2e6599cb 418 if (seq != tcp_rsk(req)->snt_isn) {
1da177e4
LT		 419 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
420 goto out;
421 }
422
463c84b9 423 inet_csk_reqsk_queue_drop(sk, req, prev);
1da177e4
LT		 424 goto out;
425
426 case TCP_SYN_SENT:
427 case TCP_SYN_RECV: /* Cannot happen.
428 It can, it SYNs are crossed. --ANK */
429 if (!sock_owned_by_user(sk)) {
1da177e4
LT		 430 sk->sk_err = err;
431 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
432
433 tcp_done(sk);
434 } else
435 sk->sk_err_soft = err;
436 goto out;
437 }
438
439 if (!sock_owned_by_user(sk) && np->recverr) {
440 sk->sk_err = err;
441 sk->sk_error_report(sk);
442 } else
443 sk->sk_err_soft = err;
444
445out:
446 bh_unlock_sock(sk);
447 sock_put(sk);
448}
449
450
60236fdd 451static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req,
1da177e4
LT		 452 struct dst_entry *dst)
453{
ca304b61 454 struct inet6_request_sock *treq = inet6_rsk(req);
1da177e4
LT		 455 struct ipv6_pinfo *np = inet6_sk(sk);
456 struct sk_buff * skb;
457 struct ipv6_txoptions *opt = NULL;
458 struct in6_addr * final_p = NULL, final;
459 struct flowi fl;
460 int err = -1;
461
462 memset(&fl, 0, sizeof(fl));
463 fl.proto = IPPROTO_TCP;
2e6599cb
ACM		 464 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
465 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1da177e4 466 fl.fl6_flowlabel = 0;
2e6599cb
ACM		 467 fl.oif = treq->iif;
468 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1da177e4
LT		 469 fl.fl_ip_sport = inet_sk(sk)->sport;
470
471 if (dst == NULL) {
472 opt = np->opt;
473 if (opt == NULL &&
333fad53 474 np->rxopt.bits.osrcrt == 2 &&
2e6599cb
ACM		 475 treq->pktopts) {
476 struct sk_buff *pktopts = treq->pktopts;
1da177e4
LT		 477 struct inet6_skb_parm *rxopt = IP6CB(pktopts);
478 if (rxopt->srcrt)
479 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr*)(pktopts->nh.raw + rxopt->srcrt));
480 }
481
482 if (opt && opt->srcrt) {
483 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
484 ipv6_addr_copy(&final, &fl.fl6_dst);
485 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
486 final_p = &final;
487 }
488
489 err = ip6_dst_lookup(sk, &dst, &fl);
490 if (err)
491 goto done;
492 if (final_p)
493 ipv6_addr_copy(&fl.fl6_dst, final_p);
494 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
495 goto done;
496 }
497
498 skb = tcp_make_synack(sk, dst, req);
499 if (skb) {
500 struct tcphdr *th = skb->h.th;
501
502 th->check = tcp_v6_check(th, skb->len,
2e6599cb 503 &treq->loc_addr, &treq->rmt_addr,
1da177e4
LT		 504 csum_partial((char *)th, skb->len, skb->csum));
505
2e6599cb 506 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1da177e4
LT		 507 err = ip6_xmit(sk, skb, &fl, opt, 0);
508 if (err == NET_XMIT_CN)
509 err = 0;
510 }
511
512done:
1da177e4
LT		 513 if (opt && opt != np->opt)
514 sock_kfree_s(sk, opt, opt->tot_len);
78b91042 515 dst_release(dst);
1da177e4
LT		 516 return err;
517}
518
60236fdd 519static void tcp_v6_reqsk_destructor(struct request_sock *req)
1da177e4 520{
ca304b61
ACM		 521 if (inet6_rsk(req)->pktopts)
522 kfree_skb(inet6_rsk(req)->pktopts);
1da177e4
LT		 523}
524
60236fdd 525static struct request_sock_ops tcp6_request_sock_ops = {
1da177e4 526 .family = AF_INET6,
2e6599cb 527 .obj_size = sizeof(struct tcp6_request_sock),
1da177e4 528 .rtx_syn_ack = tcp_v6_send_synack,
60236fdd
ACM		 529 .send_ack = tcp_v6_reqsk_send_ack,
530 .destructor = tcp_v6_reqsk_destructor,
1da177e4
LT		 531 .send_reset = tcp_v6_send_reset
532};
533
6d6ee43e
ACM		 534static struct timewait_sock_ops tcp6_timewait_sock_ops = {
535 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
536 .twsk_unique = tcp_twsk_unique,
537};
538
8292a17a 539static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb)
1da177e4
LT		 540{
541 struct ipv6_pinfo *np = inet6_sk(sk);
8292a17a 542 struct tcphdr *th = skb->h.th;
1da177e4
LT		 543
544 if (skb->ip_summed == CHECKSUM_HW) {
545 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
546 skb->csum = offsetof(struct tcphdr, check);
547 } else {
548 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
549 csum_partial((char *)th, th->doff<<2,
550 skb->csum));
551 }
552}
553
a430a43d
HX		 554static int tcp_v6_gso_send_check(struct sk_buff *skb)
555{
556 struct ipv6hdr *ipv6h;
557 struct tcphdr *th;
558
559 if (!pskb_may_pull(skb, sizeof(*th)))
560 return -EINVAL;
561
562 ipv6h = skb->nh.ipv6h;
563 th = skb->h.th;
564
565 th->check = 0;
566 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
567 IPPROTO_TCP, 0);
568 skb->csum = offsetof(struct tcphdr, check);
569 skb->ip_summed = CHECKSUM_HW;
570 return 0;
571}
1da177e4
LT		 572
573static void tcp_v6_send_reset(struct sk_buff *skb)
574{
575 struct tcphdr *th = skb->h.th, *t1;
576 struct sk_buff *buff;
577 struct flowi fl;
578
579 if (th->rst)
580 return;
581
582 if (!ipv6_unicast_destination(skb))
583 return;
584
585 /*
586 * We need to grab some memory, and put together an RST,
587 * and then put it into the queue to be sent.
588 */
589
590 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr),
591 GFP_ATOMIC);
592 if (buff == NULL)
593 return;
594
595 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr));
596
597 t1 = (struct tcphdr *) skb_push(buff,sizeof(struct tcphdr));
598
599 /* Swap the send and the receive. */
600 memset(t1, 0, sizeof(*t1));
601 t1->dest = th->source;
602 t1->source = th->dest;
603 t1->doff = sizeof(*t1)/4;
604 t1->rst = 1;
605
606 if(th->ack) {
607 t1->seq = th->ack_seq;
608 } else {
609 t1->ack = 1;
610 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin
611 + skb->len - (th->doff<<2));
612 }
613
614 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0);
615
616 memset(&fl, 0, sizeof(fl));
617 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr);
618 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr);
619
620 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
621 sizeof(*t1), IPPROTO_TCP,
622 buff->csum);
623
624 fl.proto = IPPROTO_TCP;
505cbfc5 625 fl.oif = inet6_iif(skb);
1da177e4
LT		 626 fl.fl_ip_dport = t1->dest;
627 fl.fl_ip_sport = t1->source;
628
629 /* sk = NULL, but it is safe for now. RST socket required. */
630 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
631
ecc51b6d 632 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
ae0f7d5f 633 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
ecc51b6d
ACM		 634 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
635 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
1da177e4 636 return;
ecc51b6d 637 }
1da177e4
LT		 638 }
639
640 kfree_skb(buff);
641}
642
643static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts)
644{
645 struct tcphdr *th = skb->h.th, *t1;
646 struct sk_buff *buff;
647 struct flowi fl;
648 int tot_len = sizeof(struct tcphdr);
649
650 if (ts)
651 tot_len += 3*4;
652
653 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
654 GFP_ATOMIC);
655 if (buff == NULL)
656 return;
657
658 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
659
660 t1 = (struct tcphdr *) skb_push(buff,tot_len);
661
662 /* Swap the send and the receive. */
663 memset(t1, 0, sizeof(*t1));
664 t1->dest = th->source;
665 t1->source = th->dest;
666 t1->doff = tot_len/4;
667 t1->seq = htonl(seq);
668 t1->ack_seq = htonl(ack);
669 t1->ack = 1;
670 t1->window = htons(win);
671
672 if (ts) {
673 u32 *ptr = (u32*)(t1 + 1);
674 *ptr++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
675 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
676 *ptr++ = htonl(tcp_time_stamp);
677 *ptr = htonl(ts);
678 }
679
680 buff->csum = csum_partial((char *)t1, tot_len, 0);
681
682 memset(&fl, 0, sizeof(fl));
683 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr);
684 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr);
685
686 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
687 tot_len, IPPROTO_TCP,
688 buff->csum);
689
690 fl.proto = IPPROTO_TCP;
505cbfc5 691 fl.oif = inet6_iif(skb);
1da177e4
LT		 692 fl.fl_ip_dport = t1->dest;
693 fl.fl_ip_sport = t1->source;
694
695 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
ecc51b6d 696 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
ae0f7d5f 697 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
ecc51b6d 698 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1da177e4 699 return;
ecc51b6d 700 }
1da177e4
LT		 701 }
702
703 kfree_skb(buff);
704}
705
706static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
707{
8feaf0c0
ACM		 708 struct inet_timewait_sock *tw = inet_twsk(sk);
709 const struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1da177e4 710
8feaf0c0
ACM		 711 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
712 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
713 tcptw->tw_ts_recent);
1da177e4 714
8feaf0c0 715 inet_twsk_put(tw);
1da177e4
LT		 716}
717
60236fdd 718static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req)
1da177e4 719{
2e6599cb 720 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent);
1da177e4
LT		 721}
722
723
724static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
725{
60236fdd 726 struct request_sock *req, **prev;
505cbfc5 727 const struct tcphdr *th = skb->h.th;
1da177e4
LT		 728 struct sock *nsk;
729
730 /* Find possible connection requests. */
8129765a
ACM		 731 req = inet6_csk_search_req(sk, &prev, th->source,
732 &skb->nh.ipv6h->saddr,
733 &skb->nh.ipv6h->daddr, inet6_iif(skb));
1da177e4
LT		 734 if (req)
735 return tcp_check_req(sk, skb, req, prev);
736
505cbfc5
ACM		 737 nsk = __inet6_lookup_established(&tcp_hashinfo, &skb->nh.ipv6h->saddr,
738 th->source, &skb->nh.ipv6h->daddr,
739 ntohs(th->dest), inet6_iif(skb));
1da177e4
LT		 740
741 if (nsk) {
742 if (nsk->sk_state != TCP_TIME_WAIT) {
743 bh_lock_sock(nsk);
744 return nsk;
745 }
8feaf0c0 746 inet_twsk_put((struct inet_timewait_sock *)nsk);
1da177e4
LT		 747 return NULL;
748 }
749
750#if 0 /*def CONFIG_SYN_COOKIES*/
751 if (!th->rst && !th->syn && th->ack)
752 sk = cookie_v6_check(sk, skb, &(IPCB(skb)->opt));
753#endif
754 return sk;
755}
756
1da177e4
LT		 757/* FIXME: this is substantially similar to the ipv4 code.
758 * Can some kind of merge be done? -- erics
759 */
760static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
761{
ca304b61 762 struct inet6_request_sock *treq;
1da177e4
LT		 763 struct ipv6_pinfo *np = inet6_sk(sk);
764 struct tcp_options_received tmp_opt;
765 struct tcp_sock *tp = tcp_sk(sk);
60236fdd 766 struct request_sock *req = NULL;
1da177e4
LT		 767 __u32 isn = TCP_SKB_CB(skb)->when;
768
769 if (skb->protocol == htons(ETH_P_IP))
770 return tcp_v4_conn_request(sk, skb);
771
772 if (!ipv6_unicast_destination(skb))
773 goto drop;
774
775 /*
776 * There are no SYN attacks on IPv6, yet...
777 */
463c84b9 778 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1da177e4
LT		 779 if (net_ratelimit())
780 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n");
781 goto drop;
782 }
783
463c84b9 784 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1da177e4
LT		 785 goto drop;
786
ca304b61 787 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1da177e4
LT		 788 if (req == NULL)
789 goto drop;
790
791 tcp_clear_options(&tmp_opt);
792 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
793 tmp_opt.user_mss = tp->rx_opt.user_mss;
794
795 tcp_parse_options(skb, &tmp_opt, 0);
796
797 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
798 tcp_openreq_init(req, &tmp_opt, skb);
799
ca304b61 800 treq = inet6_rsk(req);
2e6599cb
ACM		 801 ipv6_addr_copy(&treq->rmt_addr, &skb->nh.ipv6h->saddr);
802 ipv6_addr_copy(&treq->loc_addr, &skb->nh.ipv6h->daddr);
1da177e4 803 TCP_ECN_create_request(req, skb->h.th);
2e6599cb 804 treq->pktopts = NULL;
1da177e4 805 if (ipv6_opt_accepted(sk, skb) ||
333fad53
YH		 806 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
807 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1da177e4 808 atomic_inc(&skb->users);
2e6599cb 809 treq->pktopts = skb;
1da177e4 810 }
2e6599cb 811 treq->iif = sk->sk_bound_dev_if;
1da177e4
LT		 812
813 /* So that link locals have meaning */
814 if (!sk->sk_bound_dev_if &&
2e6599cb 815 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
505cbfc5 816 treq->iif = inet6_iif(skb);
1da177e4
LT		 817
818 if (isn == 0)
819 isn = tcp_v6_init_sequence(sk,skb);
820
2e6599cb 821 tcp_rsk(req)->snt_isn = isn;
1da177e4
LT		 822
823 if (tcp_v6_send_synack(sk, req, NULL))
824 goto drop;
825
8129765a 826 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1da177e4
LT		 827 return 0;
828
829drop:
830 if (req)
60236fdd 831 reqsk_free(req);
1da177e4 832
1da177e4
LT		 833 return 0; /* don't send reset */
834}
835
836static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
60236fdd 837 struct request_sock *req,
1da177e4
LT		 838 struct dst_entry *dst)
839{
ca304b61 840 struct inet6_request_sock *treq = inet6_rsk(req);
1da177e4
LT		 841 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
842 struct tcp6_sock *newtcp6sk;
843 struct inet_sock *newinet;
844 struct tcp_sock *newtp;
845 struct sock *newsk;
846 struct ipv6_txoptions *opt;
847
848 if (skb->protocol == htons(ETH_P_IP)) {
849 /*
850 * v6 mapped
851 */
852
853 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
854
855 if (newsk == NULL)
856 return NULL;
857
858 newtcp6sk = (struct tcp6_sock *)newsk;
859 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
860
861 newinet = inet_sk(newsk);
862 newnp = inet6_sk(newsk);
863 newtp = tcp_sk(newsk);
864
865 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
866
867 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
868 newinet->daddr);
869
870 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
871 newinet->saddr);
872
873 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
874
8292a17a 875 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1da177e4
LT		 876 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
877 newnp->pktoptions = NULL;
878 newnp->opt = NULL;
505cbfc5 879 newnp->mcast_oif = inet6_iif(skb);
1da177e4
LT		 880 newnp->mcast_hops = skb->nh.ipv6h->hop_limit;
881
e6848976
ACM		 882 /*
883 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
884 * here, tcp_create_openreq_child now does this for us, see the comment in
885 * that function for the gory details. -acme
1da177e4 886 */
1da177e4
LT		 887
888 /* It is tricky place. Until this moment IPv4 tcp
8292a17a 889 worked with IPv6 icsk.icsk_af_ops.
1da177e4
LT		 890 Sync it now.
891 */
d83d8461 892 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1da177e4
LT		 893
894 return newsk;
895 }
896
897 opt = np->opt;
898
899 if (sk_acceptq_is_full(sk))
900 goto out_overflow;
901
333fad53 902 if (np->rxopt.bits.osrcrt == 2 &&
2e6599cb
ACM		 903 opt == NULL && treq->pktopts) {
904 struct inet6_skb_parm *rxopt = IP6CB(treq->pktopts);
1da177e4 905 if (rxopt->srcrt)
2e6599cb 906 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr *)(treq->pktopts->nh.raw + rxopt->srcrt));
1da177e4
LT		 907 }
908
909 if (dst == NULL) {
910 struct in6_addr *final_p = NULL, final;
911 struct flowi fl;
912
913 memset(&fl, 0, sizeof(fl));
914 fl.proto = IPPROTO_TCP;
2e6599cb 915 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1da177e4
LT		 916 if (opt && opt->srcrt) {
917 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
918 ipv6_addr_copy(&final, &fl.fl6_dst);
919 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
920 final_p = &final;
921 }
2e6599cb 922 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1da177e4 923 fl.oif = sk->sk_bound_dev_if;
2e6599cb 924 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1da177e4
LT		 925 fl.fl_ip_sport = inet_sk(sk)->sport;
926
927 if (ip6_dst_lookup(sk, &dst, &fl))
928 goto out;
929
930 if (final_p)
931 ipv6_addr_copy(&fl.fl6_dst, final_p);
932
933 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
934 goto out;
935 }
936
937 newsk = tcp_create_openreq_child(sk, req, skb);
938 if (newsk == NULL)
939 goto out;
940
e6848976
ACM		 941 /*
942 * No need to charge this sock to the relevant IPv6 refcnt debug socks
943 * count here, tcp_create_openreq_child now does this for us, see the
944 * comment in that function for the gory details. -acme
945 */
1da177e4 946
f83ef8c0 947 sk->sk_gso_type = SKB_GSO_TCPV6;
497c615a 948 __ip6_dst_store(newsk, dst, NULL);
1da177e4
LT		 949
950 newtcp6sk = (struct tcp6_sock *)newsk;
951 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
952
953 newtp = tcp_sk(newsk);
954 newinet = inet_sk(newsk);
955 newnp = inet6_sk(newsk);
956
957 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
958
2e6599cb
ACM		 959 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
960 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
961 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
962 newsk->sk_bound_dev_if = treq->iif;
1da177e4
LT		 963
964 /* Now IPv6 options...
965
966 First: no IPv4 options.
967 */
968 newinet->opt = NULL;
969
970 /* Clone RX bits */
971 newnp->rxopt.all = np->rxopt.all;
972
973 /* Clone pktoptions received with SYN */
974 newnp->pktoptions = NULL;
2e6599cb
ACM		 975 if (treq->pktopts != NULL) {
976 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
977 kfree_skb(treq->pktopts);
978 treq->pktopts = NULL;
1da177e4
LT		 979 if (newnp->pktoptions)
980 skb_set_owner_r(newnp->pktoptions, newsk);
981 }
982 newnp->opt = NULL;
505cbfc5 983 newnp->mcast_oif = inet6_iif(skb);
1da177e4
LT		 984 newnp->mcast_hops = skb->nh.ipv6h->hop_limit;
985
986 /* Clone native IPv6 options from listening socket (if any)
987
988 Yes, keeping reference count would be much more clever,
989 but we make one more one thing there: reattach optmem
990 to newsk.
991 */
992 if (opt) {
993 newnp->opt = ipv6_dup_options(newsk, opt);
994 if (opt != np->opt)
995 sock_kfree_s(sk, opt, opt->tot_len);
996 }
997
d83d8461 998 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1da177e4 999 if (newnp->opt)
d83d8461
ACM		 1000 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1001 newnp->opt->opt_flen);
1da177e4 1002
5d424d5a 1003 tcp_mtup_init(newsk);
1da177e4
LT		 1004 tcp_sync_mss(newsk, dst_mtu(dst));
1005 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1006 tcp_initialize_rcv_mss(newsk);
1007
1008 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
1009
90b19d31 1010 __inet6_hash(&tcp_hashinfo, newsk);
2d8c4ce5 1011 inet_inherit_port(&tcp_hashinfo, sk, newsk);
1da177e4
LT		 1012
1013 return newsk;
1014
1015out_overflow:
1016 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
1017out:
1018 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
1019 if (opt && opt != np->opt)
1020 sock_kfree_s(sk, opt, opt->tot_len);
1021 dst_release(dst);
1022 return NULL;
1023}
1024
1025static int tcp_v6_checksum_init(struct sk_buff *skb)
1026{
1027 if (skb->ip_summed == CHECKSUM_HW) {
1da177e4 1028 if (!tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr,
fb286bb2
HX		 1029 &skb->nh.ipv6h->daddr,skb->csum)) {
1030 skb->ip_summed = CHECKSUM_UNNECESSARY;
1da177e4 1031 return 0;
fb286bb2 1032 }
1da177e4 1033 }
fb286bb2
HX		 1034
1035 skb->csum = ~tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr,
1036 &skb->nh.ipv6h->daddr, 0);
1037
1da177e4 1038 if (skb->len <= 76) {
fb286bb2 1039 return __skb_checksum_complete(skb);
1da177e4
LT		 1040 }
1041 return 0;
1042}
1043
1044/* The socket must have it's spinlock held when we get
1045 * here.
1046 *
1047 * We have a potential double-lock case here, so even when
1048 * doing backlog processing we use the BH locking scheme.
1049 * This is because we cannot sleep with the original spinlock
1050 * held.
1051 */
1052static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1053{
1054 struct ipv6_pinfo *np = inet6_sk(sk);
1055 struct tcp_sock *tp;
1056 struct sk_buff *opt_skb = NULL;
1057
1058 /* Imagine: socket is IPv6. IPv4 packet arrives,
1059 goes to IPv4 receive handler and backlogged.
1060 From backlog it always goes here. Kerboom...
1061 Fortunately, tcp_rcv_established and rcv_established
1062 handle them correctly, but it is not case with
1063 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1064 */
1065
1066 if (skb->protocol == htons(ETH_P_IP))
1067 return tcp_v4_do_rcv(sk, skb);
1068
1069 if (sk_filter(sk, skb, 0))
1070 goto discard;
1071
1072 /*
1073 * socket locking is here for SMP purposes as backlog rcv
1074 * is currently called with bh processing disabled.
1075 */
1076
1077 /* Do Stevens' IPV6_PKTOPTIONS.
1078
1079 Yes, guys, it is the only place in our code, where we
1080 may make it not affecting IPv4.
1081 The rest of code is protocol independent,
1082 and I do not like idea to uglify IPv4.
1083
1084 Actually, all the idea behind IPV6_PKTOPTIONS
1085 looks not very well thought. For now we latch
1086 options, received in the last packet, enqueued
1087 by tcp. Feel free to propose better solution.
1088 --ANK (980728)
1089 */
1090 if (np->rxopt.all)
1091 opt_skb = skb_clone(skb, GFP_ATOMIC);
1092
1093 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1094 TCP_CHECK_TIMER(sk);
1095 if (tcp_rcv_established(sk, skb, skb->h.th, skb->len))
1096 goto reset;
1097 TCP_CHECK_TIMER(sk);
1098 if (opt_skb)
1099 goto ipv6_pktoptions;
1100 return 0;
1101 }
1102
1103 if (skb->len < (skb->h.th->doff<<2) || tcp_checksum_complete(skb))
1104 goto csum_err;
1105
1106 if (sk->sk_state == TCP_LISTEN) {
1107 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1108 if (!nsk)
1109 goto discard;
1110
1111 /*
1112 * Queue it on the new socket if the new socket is active,
1113 * otherwise we just shortcircuit this and continue with
1114 * the new socket..
1115 */
1116 if(nsk != sk) {
1117 if (tcp_child_process(sk, nsk, skb))
1118 goto reset;
1119 if (opt_skb)
1120 __kfree_skb(opt_skb);
1121 return 0;
1122 }
1123 }
1124
1125 TCP_CHECK_TIMER(sk);
1126 if (tcp_rcv_state_process(sk, skb, skb->h.th, skb->len))
1127 goto reset;
1128 TCP_CHECK_TIMER(sk);
1129 if (opt_skb)
1130 goto ipv6_pktoptions;
1131 return 0;
1132
1133reset:
1134 tcp_v6_send_reset(skb);
1135discard:
1136 if (opt_skb)
1137 __kfree_skb(opt_skb);
1138 kfree_skb(skb);
1139 return 0;
1140csum_err:
1141 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1142 goto discard;
1143
1144
1145ipv6_pktoptions:
1146 /* Do you ask, what is it?
1147
1148 1. skb was enqueued by tcp.
1149 2. skb is added to tail of read queue, rather than out of order.
1150 3. socket is not in passive state.
1151 4. Finally, it really contains options, which user wants to receive.
1152 */
1153 tp = tcp_sk(sk);
1154 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1155 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
333fad53 1156 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
505cbfc5 1157 np->mcast_oif = inet6_iif(opt_skb);
333fad53 1158 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1da177e4
LT		 1159 np->mcast_hops = opt_skb->nh.ipv6h->hop_limit;
1160 if (ipv6_opt_accepted(sk, opt_skb)) {
1161 skb_set_owner_r(opt_skb, sk);
1162 opt_skb = xchg(&np->pktoptions, opt_skb);
1163 } else {
1164 __kfree_skb(opt_skb);
1165 opt_skb = xchg(&np->pktoptions, NULL);
1166 }
1167 }
1168
1169 if (opt_skb)
1170 kfree_skb(opt_skb);
1171 return 0;
1172}
1173
951dbc8a 1174static int tcp_v6_rcv(struct sk_buff **pskb)
1da177e4
LT		 1175{
1176 struct sk_buff *skb = *pskb;
1177 struct tcphdr *th;
1178 struct sock *sk;
1179 int ret;
1180
1181 if (skb->pkt_type != PACKET_HOST)
1182 goto discard_it;
1183
1184 /*
1185 * Count it even if it's bad.
1186 */
1187 TCP_INC_STATS_BH(TCP_MIB_INSEGS);
1188
1189 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1190 goto discard_it;
1191
1192 th = skb->h.th;
1193
1194 if (th->doff < sizeof(struct tcphdr)/4)
1195 goto bad_packet;
1196 if (!pskb_may_pull(skb, th->doff*4))
1197 goto discard_it;
1198
1199 if ((skb->ip_summed != CHECKSUM_UNNECESSARY &&
fb286bb2 1200 tcp_v6_checksum_init(skb)))
1da177e4
LT		 1201 goto bad_packet;
1202
1203 th = skb->h.th;
1204 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1205 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1206 skb->len - th->doff*4);
1207 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1208 TCP_SKB_CB(skb)->when = 0;
1209 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(skb->nh.ipv6h);
1210 TCP_SKB_CB(skb)->sacked = 0;
1211
505cbfc5
ACM		 1212 sk = __inet6_lookup(&tcp_hashinfo, &skb->nh.ipv6h->saddr, th->source,
1213 &skb->nh.ipv6h->daddr, ntohs(th->dest),
1214 inet6_iif(skb));
1da177e4
LT		 1215
1216 if (!sk)
1217 goto no_tcp_socket;
1218
1219process:
1220 if (sk->sk_state == TCP_TIME_WAIT)
1221 goto do_time_wait;
1222
1223 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1224 goto discard_and_relse;
1225
1226 if (sk_filter(sk, skb, 0))
1227 goto discard_and_relse;
1228
1229 skb->dev = NULL;
1230
1231 bh_lock_sock(sk);
1232 ret = 0;
1233 if (!sock_owned_by_user(sk)) {
1a2449a8
CL		 1234#ifdef CONFIG_NET_DMA
1235 struct tcp_sock *tp = tcp_sk(sk);
1236 if (tp->ucopy.dma_chan)
1237 ret = tcp_v6_do_rcv(sk, skb);
1238 else
1239#endif
1240 {
1241 if (!tcp_prequeue(sk, skb))
1242 ret = tcp_v6_do_rcv(sk, skb);
1243 }
1da177e4
LT		 1244 } else
1245 sk_add_backlog(sk, skb);
1246 bh_unlock_sock(sk);
1247
1248 sock_put(sk);
1249 return ret ? -1 : 0;
1250
1251no_tcp_socket:
1252 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1253 goto discard_it;
1254
1255 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1256bad_packet:
1257 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1258 } else {
1259 tcp_v6_send_reset(skb);
1260 }
1261
1262discard_it:
1263
1264 /*
1265 * Discard frame
1266 */
1267
1268 kfree_skb(skb);
1269 return 0;
1270
1271discard_and_relse:
1272 sock_put(sk);
1273 goto discard_it;
1274
1275do_time_wait:
1276 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
8feaf0c0 1277 inet_twsk_put((struct inet_timewait_sock *)sk);
1da177e4
LT		 1278 goto discard_it;
1279 }
1280
1281 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1282 TCP_INC_STATS_BH(TCP_MIB_INERRS);
8feaf0c0 1283 inet_twsk_put((struct inet_timewait_sock *)sk);
1da177e4
LT		 1284 goto discard_it;
1285 }
1286
8feaf0c0
ACM		 1287 switch (tcp_timewait_state_process((struct inet_timewait_sock *)sk,
1288 skb, th)) {
1da177e4
LT		 1289 case TCP_TW_SYN:
1290 {
1291 struct sock *sk2;
1292
505cbfc5
ACM		 1293 sk2 = inet6_lookup_listener(&tcp_hashinfo,
1294 &skb->nh.ipv6h->daddr,
1295 ntohs(th->dest), inet6_iif(skb));
1da177e4 1296 if (sk2 != NULL) {
295ff7ed
ACM		 1297 struct inet_timewait_sock *tw = inet_twsk(sk);
1298 inet_twsk_deschedule(tw, &tcp_death_row);
1299 inet_twsk_put(tw);
1da177e4
LT		 1300 sk = sk2;
1301 goto process;
1302 }
1303 /* Fall through to ACK */
1304 }
1305 case TCP_TW_ACK:
1306 tcp_v6_timewait_ack(sk, skb);
1307 break;
1308 case TCP_TW_RST:
1309 goto no_tcp_socket;
1310 case TCP_TW_SUCCESS:;
1311 }
1312 goto discard_it;
1313}
1314
1da177e4
LT		 1315static int tcp_v6_remember_stamp(struct sock *sk)
1316{
1317 /* Alas, not yet... */
1318 return 0;
1319}
1320
8292a17a 1321static struct inet_connection_sock_af_ops ipv6_specific = {
543d9cfe
ACM		 1322 .queue_xmit = inet6_csk_xmit,
1323 .send_check = tcp_v6_send_check,
1324 .rebuild_header = inet6_sk_rebuild_header,
1325 .conn_request = tcp_v6_conn_request,
1326 .syn_recv_sock = tcp_v6_syn_recv_sock,
1327 .remember_stamp = tcp_v6_remember_stamp,
1328 .net_header_len = sizeof(struct ipv6hdr),
1329 .setsockopt = ipv6_setsockopt,
1330 .getsockopt = ipv6_getsockopt,
1331 .addr2sockaddr = inet6_csk_addr2sockaddr,
1332 .sockaddr_len = sizeof(struct sockaddr_in6),
3fdadf7d 1333#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1334 .compat_setsockopt = compat_ipv6_setsockopt,
1335 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1336#endif
1da177e4
LT		 1337};
1338
1339/*
1340 * TCP over IPv4 via INET6 API
1341 */
1342
8292a17a 1343static struct inet_connection_sock_af_ops ipv6_mapped = {
543d9cfe
ACM		 1344 .queue_xmit = ip_queue_xmit,
1345 .send_check = tcp_v4_send_check,
1346 .rebuild_header = inet_sk_rebuild_header,
1347 .conn_request = tcp_v6_conn_request,
1348 .syn_recv_sock = tcp_v6_syn_recv_sock,
1349 .remember_stamp = tcp_v4_remember_stamp,
1350 .net_header_len = sizeof(struct iphdr),
1351 .setsockopt = ipv6_setsockopt,
1352 .getsockopt = ipv6_getsockopt,
1353 .addr2sockaddr = inet6_csk_addr2sockaddr,
1354 .sockaddr_len = sizeof(struct sockaddr_in6),
3fdadf7d 1355#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1356 .compat_setsockopt = compat_ipv6_setsockopt,
1357 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1358#endif
1da177e4
LT		 1359};
1360
1da177e4
LT		 1361/* NOTE: A lot of things set to zero explicitly by call to
1362 * sk_alloc() so need not be done here.
1363 */
1364static int tcp_v6_init_sock(struct sock *sk)
1365{
6687e988 1366 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4
LT		 1367 struct tcp_sock *tp = tcp_sk(sk);
1368
1369 skb_queue_head_init(&tp->out_of_order_queue);
1370 tcp_init_xmit_timers(sk);
1371 tcp_prequeue_init(tp);
1372
6687e988 1373 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1da177e4
LT		 1374 tp->mdev = TCP_TIMEOUT_INIT;
1375
1376 /* So many TCP implementations out there (incorrectly) count the
1377 * initial SYN frame in their delayed-ACK and congestion control
1378 * algorithms that we must have the following bandaid to talk
1379 * efficiently to them. -DaveM
1380 */
1381 tp->snd_cwnd = 2;
1382
1383 /* See draft-stevens-tcpca-spec-01 for discussion of the
1384 * initialization of these values.
1385 */
1386 tp->snd_ssthresh = 0x7fffffff;
1387 tp->snd_cwnd_clamp = ~0;
c1b4a7e6 1388 tp->mss_cache = 536;
1da177e4
LT		 1389
1390 tp->reordering = sysctl_tcp_reordering;
1391
1392 sk->sk_state = TCP_CLOSE;
1393
8292a17a 1394 icsk->icsk_af_ops = &ipv6_specific;
6687e988 1395 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
d83d8461 1396 icsk->icsk_sync_mss = tcp_sync_mss;
1da177e4
LT		 1397 sk->sk_write_space = sk_stream_write_space;
1398 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1399
1400 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1401 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1402
1403 atomic_inc(&tcp_sockets_allocated);
1404
1405 return 0;
1406}
1407
1408static int tcp_v6_destroy_sock(struct sock *sk)
1409{
1da177e4
LT		 1410 tcp_v4_destroy_sock(sk);
1411 return inet6_destroy_sock(sk);
1412}
1413
1414/* Proc filesystem TCPv6 sock list dumping. */
1415static void get_openreq6(struct seq_file *seq,
60236fdd 1416 struct sock *sk, struct request_sock *req, int i, int uid)
1da177e4 1417{
1da177e4 1418 int ttd = req->expires - jiffies;
ca304b61
ACM		 1419 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1420 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1da177e4
LT		 1421
1422 if (ttd < 0)
1423 ttd = 0;
1424
1da177e4
LT		 1425 seq_printf(seq,
1426 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1427 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1428 i,
1429 src->s6_addr32[0], src->s6_addr32[1],
1430 src->s6_addr32[2], src->s6_addr32[3],
1431 ntohs(inet_sk(sk)->sport),
1432 dest->s6_addr32[0], dest->s6_addr32[1],
1433 dest->s6_addr32[2], dest->s6_addr32[3],
2e6599cb 1434 ntohs(inet_rsk(req)->rmt_port),
1da177e4
LT		 1435 TCP_SYN_RECV,
1436 0,0, /* could print option size, but that is af dependent. */
1437 1, /* timers active (only the expire timer) */
1438 jiffies_to_clock_t(ttd),
1439 req->retrans,
1440 uid,
1441 0, /* non standard timer */
1442 0, /* open_requests have no inode */
1443 0, req);
1444}
1445
1446static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1447{
1448 struct in6_addr *dest, *src;
1449 __u16 destp, srcp;
1450 int timer_active;
1451 unsigned long timer_expires;
1452 struct inet_sock *inet = inet_sk(sp);
1453 struct tcp_sock *tp = tcp_sk(sp);
463c84b9 1454 const struct inet_connection_sock *icsk = inet_csk(sp);
1da177e4
LT		 1455 struct ipv6_pinfo *np = inet6_sk(sp);
1456
1457 dest = &np->daddr;
1458 src = &np->rcv_saddr;
1459 destp = ntohs(inet->dport);
1460 srcp = ntohs(inet->sport);
463c84b9
ACM		 1461
1462 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1da177e4 1463 timer_active = 1;
463c84b9
ACM		 1464 timer_expires = icsk->icsk_timeout;
1465 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1da177e4 1466 timer_active = 4;
463c84b9 1467 timer_expires = icsk->icsk_timeout;
1da177e4
LT		 1468 } else if (timer_pending(&sp->sk_timer)) {
1469 timer_active = 2;
1470 timer_expires = sp->sk_timer.expires;
1471 } else {
1472 timer_active = 0;
1473 timer_expires = jiffies;
1474 }
1475
1476 seq_printf(seq,
1477 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1478 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d\n",
1479 i,
1480 src->s6_addr32[0], src->s6_addr32[1],
1481 src->s6_addr32[2], src->s6_addr32[3], srcp,
1482 dest->s6_addr32[0], dest->s6_addr32[1],
1483 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1484 sp->sk_state,
47da8ee6
SS		 1485 tp->write_seq-tp->snd_una,
1486 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1da177e4
LT		 1487 timer_active,
1488 jiffies_to_clock_t(timer_expires - jiffies),
463c84b9 1489 icsk->icsk_retransmits,
1da177e4 1490 sock_i_uid(sp),
6687e988 1491 icsk->icsk_probes_out,
1da177e4
LT		 1492 sock_i_ino(sp),
1493 atomic_read(&sp->sk_refcnt), sp,
463c84b9
ACM		 1494 icsk->icsk_rto,
1495 icsk->icsk_ack.ato,
1496 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1da177e4
LT		 1497 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
1498 );
1499}
1500
1501static void get_timewait6_sock(struct seq_file *seq,
8feaf0c0 1502 struct inet_timewait_sock *tw, int i)
1da177e4
LT		 1503{
1504 struct in6_addr *dest, *src;
1505 __u16 destp, srcp;
0fa1a53e 1506 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
1da177e4
LT		 1507 int ttd = tw->tw_ttd - jiffies;
1508
1509 if (ttd < 0)
1510 ttd = 0;
1511
0fa1a53e
ACM		 1512 dest = &tw6->tw_v6_daddr;
1513 src = &tw6->tw_v6_rcv_saddr;
1da177e4
LT		 1514 destp = ntohs(tw->tw_dport);
1515 srcp = ntohs(tw->tw_sport);
1516
1517 seq_printf(seq,
1518 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1519 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1520 i,
1521 src->s6_addr32[0], src->s6_addr32[1],
1522 src->s6_addr32[2], src->s6_addr32[3], srcp,
1523 dest->s6_addr32[0], dest->s6_addr32[1],
1524 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1525 tw->tw_substate, 0, 0,
1526 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
1527 atomic_read(&tw->tw_refcnt), tw);
1528}
1529
1530#ifdef CONFIG_PROC_FS
1531static int tcp6_seq_show(struct seq_file *seq, void *v)
1532{
1533 struct tcp_iter_state *st;
1534
1535 if (v == SEQ_START_TOKEN) {
1536 seq_puts(seq,
1537 " sl "
1538 "local_address "
1539 "remote_address "
1540 "st tx_queue rx_queue tr tm->when retrnsmt"
1541 " uid timeout inode\n");
1542 goto out;
1543 }
1544 st = seq->private;
1545
1546 switch (st->state) {
1547 case TCP_SEQ_STATE_LISTENING:
1548 case TCP_SEQ_STATE_ESTABLISHED:
1549 get_tcp6_sock(seq, v, st->num);
1550 break;
1551 case TCP_SEQ_STATE_OPENREQ:
1552 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
1553 break;
1554 case TCP_SEQ_STATE_TIME_WAIT:
1555 get_timewait6_sock(seq, v, st->num);
1556 break;
1557 }
1558out:
1559 return 0;
1560}
1561
1562static struct file_operations tcp6_seq_fops;
1563static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1564 .owner = THIS_MODULE,
1565 .name = "tcp6",
1566 .family = AF_INET6,
1567 .seq_show = tcp6_seq_show,
1568 .seq_fops = &tcp6_seq_fops,
1569};
1570
1571int __init tcp6_proc_init(void)
1572{
1573 return tcp_proc_register(&tcp6_seq_afinfo);
1574}
1575
1576void tcp6_proc_exit(void)
1577{
1578 tcp_proc_unregister(&tcp6_seq_afinfo);
1579}
1580#endif
1581
1582struct proto tcpv6_prot = {
1583 .name = "TCPv6",
1584 .owner = THIS_MODULE,
1585 .close = tcp_close,
1586 .connect = tcp_v6_connect,
1587 .disconnect = tcp_disconnect,
463c84b9 1588 .accept = inet_csk_accept,
1da177e4
LT		 1589 .ioctl = tcp_ioctl,
1590 .init = tcp_v6_init_sock,
1591 .destroy = tcp_v6_destroy_sock,
1592 .shutdown = tcp_shutdown,
1593 .setsockopt = tcp_setsockopt,
1594 .getsockopt = tcp_getsockopt,
1595 .sendmsg = tcp_sendmsg,
1596 .recvmsg = tcp_recvmsg,
1597 .backlog_rcv = tcp_v6_do_rcv,
1598 .hash = tcp_v6_hash,
1599 .unhash = tcp_unhash,
1600 .get_port = tcp_v6_get_port,
1601 .enter_memory_pressure = tcp_enter_memory_pressure,
1602 .sockets_allocated = &tcp_sockets_allocated,
1603 .memory_allocated = &tcp_memory_allocated,
1604 .memory_pressure = &tcp_memory_pressure,
0a5578cf 1605 .orphan_count = &tcp_orphan_count,
1da177e4
LT		 1606 .sysctl_mem = sysctl_tcp_mem,
1607 .sysctl_wmem = sysctl_tcp_wmem,
1608 .sysctl_rmem = sysctl_tcp_rmem,
1609 .max_header = MAX_TCP_HEADER,
1610 .obj_size = sizeof(struct tcp6_sock),
6d6ee43e 1611 .twsk_prot = &tcp6_timewait_sock_ops,
60236fdd 1612 .rsk_prot = &tcp6_request_sock_ops,
543d9cfe
ACM		 1613#ifdef CONFIG_COMPAT
1614 .compat_setsockopt = compat_tcp_setsockopt,
1615 .compat_getsockopt = compat_tcp_getsockopt,
1616#endif
1da177e4
LT		 1617};
1618
1619static struct inet6_protocol tcpv6_protocol = {
1620 .handler = tcp_v6_rcv,
1621 .err_handler = tcp_v6_err,
a430a43d 1622 .gso_send_check = tcp_v6_gso_send_check,
adcfc7d0 1623 .gso_segment = tcp_tso_segment,
1da177e4
LT		 1624 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1625};
1626
1da177e4
LT		 1627static struct inet_protosw tcpv6_protosw = {
1628 .type = SOCK_STREAM,
1629 .protocol = IPPROTO_TCP,
1630 .prot = &tcpv6_prot,
1631 .ops = &inet6_stream_ops,
1632 .capability = -1,
1633 .no_check = 0,
d83d8461
ACM		 1634 .flags = INET_PROTOSW_PERMANENT |
1635 INET_PROTOSW_ICSK,
1da177e4
LT		 1636};
1637
1638void __init tcpv6_init(void)
1639{
1640 /* register inet6 protocol */
1641 if (inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP) < 0)
1642 printk(KERN_ERR "tcpv6_init: Could not register protocol\n");
1643 inet6_register_protosw(&tcpv6_protosw);
ae0f7d5f 1644
c4d93909
ACM		 1645 if (inet_csk_ctl_sock_create(&tcp6_socket, PF_INET6, SOCK_RAW,
1646 IPPROTO_TCP) < 0)
ae0f7d5f 1647 panic("Failed to create the TCPv6 control socket.\n");
1da177e4 1648}
Clone of davem's net-next-2.6 tree