3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/netdma.h>
63 #include <net/inet_common.h>
65 #include <asm/uaccess.h>
67 #include <linux/proc_fs.h>
68 #include <linux/seq_file.h>
70 #include <linux/crypto.h>
71 #include <linux/scatterlist.h>
73 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
74 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
75 struct request_sock *req);
77 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
78 static void __tcp_v6_send_check(struct sk_buff *skb,
79 struct in6_addr *saddr,
80 struct in6_addr *daddr);
82 static const struct inet_connection_sock_af_ops ipv6_mapped;
83 static const struct inet_connection_sock_af_ops ipv6_specific;
84 #ifdef CONFIG_TCP_MD5SIG
85 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
86 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
88 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
89 struct in6_addr *addr)
95 static void tcp_v6_hash(struct sock *sk)
97 if (sk->sk_state != TCP_CLOSE) {
98 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
103 __inet6_hash(sk, NULL);
108 static __inline__ __sum16 tcp_v6_check(int len,
109 struct in6_addr *saddr,
110 struct in6_addr *daddr,
113 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
116 static __u32 tcp_v6_init_sequence(struct sk_buff *skb)
118 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
119 ipv6_hdr(skb)->saddr.s6_addr32,
121 tcp_hdr(skb)->source);
124 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
127 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
128 struct inet_sock *inet = inet_sk(sk);
129 struct inet_connection_sock *icsk = inet_csk(sk);
130 struct ipv6_pinfo *np = inet6_sk(sk);
131 struct tcp_sock *tp = tcp_sk(sk);
132 struct in6_addr *saddr = NULL, *final_p, final;
134 struct dst_entry *dst;
138 if (addr_len < SIN6_LEN_RFC2133)
141 if (usin->sin6_family != AF_INET6)
142 return -EAFNOSUPPORT;
144 memset(&fl, 0, sizeof(fl));
147 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
148 IP6_ECN_flow_init(fl.fl6_flowlabel);
149 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
150 struct ip6_flowlabel *flowlabel;
151 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
152 if (flowlabel == NULL)
154 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
155 fl6_sock_release(flowlabel);
160 * connect() to INADDR_ANY means loopback (BSD'ism).
163 if(ipv6_addr_any(&usin->sin6_addr))
164 usin->sin6_addr.s6_addr[15] = 0x1;
166 addr_type = ipv6_addr_type(&usin->sin6_addr);
168 if(addr_type & IPV6_ADDR_MULTICAST)
171 if (addr_type&IPV6_ADDR_LINKLOCAL) {
172 if (addr_len >= sizeof(struct sockaddr_in6) &&
173 usin->sin6_scope_id) {
174 /* If interface is set while binding, indices
177 if (sk->sk_bound_dev_if &&
178 sk->sk_bound_dev_if != usin->sin6_scope_id)
181 sk->sk_bound_dev_if = usin->sin6_scope_id;
184 /* Connect to link-local address requires an interface */
185 if (!sk->sk_bound_dev_if)
189 if (tp->rx_opt.ts_recent_stamp &&
190 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
191 tp->rx_opt.ts_recent = 0;
192 tp->rx_opt.ts_recent_stamp = 0;
196 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
197 np->flow_label = fl.fl6_flowlabel;
203 if (addr_type == IPV6_ADDR_MAPPED) {
204 u32 exthdrlen = icsk->icsk_ext_hdr_len;
205 struct sockaddr_in sin;
207 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
209 if (__ipv6_only_sock(sk))
212 sin.sin_family = AF_INET;
213 sin.sin_port = usin->sin6_port;
214 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
216 icsk->icsk_af_ops = &ipv6_mapped;
217 sk->sk_backlog_rcv = tcp_v4_do_rcv;
218 #ifdef CONFIG_TCP_MD5SIG
219 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
222 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
225 icsk->icsk_ext_hdr_len = exthdrlen;
226 icsk->icsk_af_ops = &ipv6_specific;
227 sk->sk_backlog_rcv = tcp_v6_do_rcv;
228 #ifdef CONFIG_TCP_MD5SIG
229 tp->af_specific = &tcp_sock_ipv6_specific;
233 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
234 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
241 if (!ipv6_addr_any(&np->rcv_saddr))
242 saddr = &np->rcv_saddr;
244 fl.proto = IPPROTO_TCP;
245 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
246 ipv6_addr_copy(&fl.fl6_src,
247 (saddr ? saddr : &np->saddr));
248 fl.oif = sk->sk_bound_dev_if;
249 fl.mark = sk->sk_mark;
250 fl.fl_ip_dport = usin->sin6_port;
251 fl.fl_ip_sport = inet->inet_sport;
253 final_p = fl6_update_dst(&fl, np->opt, &final);
255 security_sk_classify_flow(sk, &fl);
257 err = ip6_dst_lookup(sk, &dst, &fl);
261 ipv6_addr_copy(&fl.fl6_dst, final_p);
263 err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT);
266 err = ip6_dst_blackhole(sk, &dst, &fl);
273 ipv6_addr_copy(&np->rcv_saddr, saddr);
276 /* set the source address */
277 ipv6_addr_copy(&np->saddr, saddr);
278 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
280 sk->sk_gso_type = SKB_GSO_TCPV6;
281 __ip6_dst_store(sk, dst, NULL, NULL);
283 icsk->icsk_ext_hdr_len = 0;
285 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
288 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
290 inet->inet_dport = usin->sin6_port;
292 tcp_set_state(sk, TCP_SYN_SENT);
293 err = inet6_hash_connect(&tcp_death_row, sk);
298 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
303 err = tcp_connect(sk);
310 tcp_set_state(sk, TCP_CLOSE);
313 inet->inet_dport = 0;
314 sk->sk_route_caps = 0;
318 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
319 u8 type, u8 code, int offset, __be32 info)
321 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
322 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
323 struct ipv6_pinfo *np;
328 struct net *net = dev_net(skb->dev);
330 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
331 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
334 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
339 if (sk->sk_state == TCP_TIME_WAIT) {
340 inet_twsk_put(inet_twsk(sk));
345 if (sock_owned_by_user(sk))
346 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
348 if (sk->sk_state == TCP_CLOSE)
351 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
352 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
357 seq = ntohl(th->seq);
358 if (sk->sk_state != TCP_LISTEN &&
359 !between(seq, tp->snd_una, tp->snd_nxt)) {
360 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
366 if (type == ICMPV6_PKT_TOOBIG) {
367 struct dst_entry *dst = NULL;
369 if (sock_owned_by_user(sk))
371 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
374 /* icmp should have updated the destination cache entry */
375 dst = __sk_dst_check(sk, np->dst_cookie);
378 struct inet_sock *inet = inet_sk(sk);
381 /* BUGGG_FUTURE: Again, it is not clear how
382 to handle rthdr case. Ignore this complexity
385 memset(&fl, 0, sizeof(fl));
386 fl.proto = IPPROTO_TCP;
387 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
388 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
389 fl.oif = sk->sk_bound_dev_if;
390 fl.mark = sk->sk_mark;
391 fl.fl_ip_dport = inet->inet_dport;
392 fl.fl_ip_sport = inet->inet_sport;
393 security_skb_classify_flow(skb, &fl);
395 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
396 sk->sk_err_soft = -err;
400 if ((err = xfrm_lookup(net, &dst, &fl, sk, 0)) < 0) {
401 sk->sk_err_soft = -err;
408 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
409 tcp_sync_mss(sk, dst_mtu(dst));
410 tcp_simple_retransmit(sk);
411 } /* else let the usual retransmit timer handle it */
416 icmpv6_err_convert(type, code, &err);
418 /* Might be for an request_sock */
419 switch (sk->sk_state) {
420 struct request_sock *req, **prev;
422 if (sock_owned_by_user(sk))
425 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
426 &hdr->saddr, inet6_iif(skb));
430 /* ICMPs are not backlogged, hence we cannot get
431 * an established socket here.
433 WARN_ON(req->sk != NULL);
435 if (seq != tcp_rsk(req)->snt_isn) {
436 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
440 inet_csk_reqsk_queue_drop(sk, req, prev);
444 case TCP_SYN_RECV: /* Cannot happen.
445 It can, it SYNs are crossed. --ANK */
446 if (!sock_owned_by_user(sk)) {
448 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
452 sk->sk_err_soft = err;
456 if (!sock_owned_by_user(sk) && np->recverr) {
458 sk->sk_error_report(sk);
460 sk->sk_err_soft = err;
468 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req,
469 struct request_values *rvp)
471 struct inet6_request_sock *treq = inet6_rsk(req);
472 struct ipv6_pinfo *np = inet6_sk(sk);
473 struct sk_buff * skb;
474 struct ipv6_txoptions *opt = NULL;
475 struct in6_addr * final_p, final;
477 struct dst_entry *dst;
480 memset(&fl, 0, sizeof(fl));
481 fl.proto = IPPROTO_TCP;
482 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
483 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
484 fl.fl6_flowlabel = 0;
486 fl.mark = sk->sk_mark;
487 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
488 fl.fl_ip_sport = inet_rsk(req)->loc_port;
489 security_req_classify_flow(req, &fl);
492 final_p = fl6_update_dst(&fl, opt, &final);
494 err = ip6_dst_lookup(sk, &dst, &fl);
498 ipv6_addr_copy(&fl.fl6_dst, final_p);
499 if ((err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0)
502 skb = tcp_make_synack(sk, dst, req, rvp);
504 __tcp_v6_send_check(skb, &treq->loc_addr, &treq->rmt_addr);
506 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
507 err = ip6_xmit(sk, skb, &fl, opt);
508 err = net_xmit_eval(err);
512 if (opt && opt != np->opt)
513 sock_kfree_s(sk, opt, opt->tot_len);
518 static int tcp_v6_rtx_synack(struct sock *sk, struct request_sock *req,
519 struct request_values *rvp)
521 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
522 return tcp_v6_send_synack(sk, req, rvp);
525 static inline void syn_flood_warning(struct sk_buff *skb)
527 #ifdef CONFIG_SYN_COOKIES
528 if (sysctl_tcp_syncookies)
530 "TCPv6: Possible SYN flooding on port %d. "
531 "Sending cookies.\n", ntohs(tcp_hdr(skb)->dest));
535 "TCPv6: Possible SYN flooding on port %d. "
536 "Dropping request.\n", ntohs(tcp_hdr(skb)->dest));
539 static void tcp_v6_reqsk_destructor(struct request_sock *req)
541 kfree_skb(inet6_rsk(req)->pktopts);
544 #ifdef CONFIG_TCP_MD5SIG
545 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
546 struct in6_addr *addr)
548 struct tcp_sock *tp = tcp_sk(sk);
553 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
556 for (i = 0; i < tp->md5sig_info->entries6; i++) {
557 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, addr))
558 return &tp->md5sig_info->keys6[i].base;
563 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
564 struct sock *addr_sk)
566 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
569 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
570 struct request_sock *req)
572 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
575 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer,
576 char *newkey, u8 newkeylen)
578 /* Add key to the list */
579 struct tcp_md5sig_key *key;
580 struct tcp_sock *tp = tcp_sk(sk);
581 struct tcp6_md5sig_key *keys;
583 key = tcp_v6_md5_do_lookup(sk, peer);
585 /* modify existing entry - just update that one */
588 key->keylen = newkeylen;
590 /* reallocate new list if current one is full. */
591 if (!tp->md5sig_info) {
592 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
593 if (!tp->md5sig_info) {
597 sk_nocaps_add(sk, NETIF_F_GSO_MASK);
599 if (tcp_alloc_md5sig_pool(sk) == NULL) {
603 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
604 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
605 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
608 tcp_free_md5sig_pool();
613 if (tp->md5sig_info->entries6)
614 memmove(keys, tp->md5sig_info->keys6,
615 (sizeof (tp->md5sig_info->keys6[0]) *
616 tp->md5sig_info->entries6));
618 kfree(tp->md5sig_info->keys6);
619 tp->md5sig_info->keys6 = keys;
620 tp->md5sig_info->alloced6++;
623 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
625 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
626 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
628 tp->md5sig_info->entries6++;
633 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
634 u8 *newkey, __u8 newkeylen)
636 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
640 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer)
642 struct tcp_sock *tp = tcp_sk(sk);
645 for (i = 0; i < tp->md5sig_info->entries6; i++) {
646 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, peer)) {
648 kfree(tp->md5sig_info->keys6[i].base.key);
649 tp->md5sig_info->entries6--;
651 if (tp->md5sig_info->entries6 == 0) {
652 kfree(tp->md5sig_info->keys6);
653 tp->md5sig_info->keys6 = NULL;
654 tp->md5sig_info->alloced6 = 0;
656 /* shrink the database */
657 if (tp->md5sig_info->entries6 != i)
658 memmove(&tp->md5sig_info->keys6[i],
659 &tp->md5sig_info->keys6[i+1],
660 (tp->md5sig_info->entries6 - i)
661 * sizeof (tp->md5sig_info->keys6[0]));
663 tcp_free_md5sig_pool();
670 static void tcp_v6_clear_md5_list (struct sock *sk)
672 struct tcp_sock *tp = tcp_sk(sk);
675 if (tp->md5sig_info->entries6) {
676 for (i = 0; i < tp->md5sig_info->entries6; i++)
677 kfree(tp->md5sig_info->keys6[i].base.key);
678 tp->md5sig_info->entries6 = 0;
679 tcp_free_md5sig_pool();
682 kfree(tp->md5sig_info->keys6);
683 tp->md5sig_info->keys6 = NULL;
684 tp->md5sig_info->alloced6 = 0;
686 if (tp->md5sig_info->entries4) {
687 for (i = 0; i < tp->md5sig_info->entries4; i++)
688 kfree(tp->md5sig_info->keys4[i].base.key);
689 tp->md5sig_info->entries4 = 0;
690 tcp_free_md5sig_pool();
693 kfree(tp->md5sig_info->keys4);
694 tp->md5sig_info->keys4 = NULL;
695 tp->md5sig_info->alloced4 = 0;
698 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
701 struct tcp_md5sig cmd;
702 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
705 if (optlen < sizeof(cmd))
708 if (copy_from_user(&cmd, optval, sizeof(cmd)))
711 if (sin6->sin6_family != AF_INET6)
714 if (!cmd.tcpm_keylen) {
715 if (!tcp_sk(sk)->md5sig_info)
717 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
718 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
719 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
722 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
725 if (!tcp_sk(sk)->md5sig_info) {
726 struct tcp_sock *tp = tcp_sk(sk);
727 struct tcp_md5sig_info *p;
729 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
734 sk_nocaps_add(sk, NETIF_F_GSO_MASK);
737 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
740 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
741 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
742 newkey, cmd.tcpm_keylen);
744 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
747 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
748 struct in6_addr *daddr,
749 struct in6_addr *saddr, int nbytes)
751 struct tcp6_pseudohdr *bp;
752 struct scatterlist sg;
754 bp = &hp->md5_blk.ip6;
755 /* 1. TCP pseudo-header (RFC2460) */
756 ipv6_addr_copy(&bp->saddr, saddr);
757 ipv6_addr_copy(&bp->daddr, daddr);
758 bp->protocol = cpu_to_be32(IPPROTO_TCP);
759 bp->len = cpu_to_be32(nbytes);
761 sg_init_one(&sg, bp, sizeof(*bp));
762 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
765 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
766 struct in6_addr *daddr, struct in6_addr *saddr,
769 struct tcp_md5sig_pool *hp;
770 struct hash_desc *desc;
772 hp = tcp_get_md5sig_pool();
774 goto clear_hash_noput;
775 desc = &hp->md5_desc;
777 if (crypto_hash_init(desc))
779 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
781 if (tcp_md5_hash_header(hp, th))
783 if (tcp_md5_hash_key(hp, key))
785 if (crypto_hash_final(desc, md5_hash))
788 tcp_put_md5sig_pool();
792 tcp_put_md5sig_pool();
794 memset(md5_hash, 0, 16);
798 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
799 struct sock *sk, struct request_sock *req,
802 struct in6_addr *saddr, *daddr;
803 struct tcp_md5sig_pool *hp;
804 struct hash_desc *desc;
805 struct tcphdr *th = tcp_hdr(skb);
808 saddr = &inet6_sk(sk)->saddr;
809 daddr = &inet6_sk(sk)->daddr;
811 saddr = &inet6_rsk(req)->loc_addr;
812 daddr = &inet6_rsk(req)->rmt_addr;
814 struct ipv6hdr *ip6h = ipv6_hdr(skb);
815 saddr = &ip6h->saddr;
816 daddr = &ip6h->daddr;
819 hp = tcp_get_md5sig_pool();
821 goto clear_hash_noput;
822 desc = &hp->md5_desc;
824 if (crypto_hash_init(desc))
827 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
829 if (tcp_md5_hash_header(hp, th))
831 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
833 if (tcp_md5_hash_key(hp, key))
835 if (crypto_hash_final(desc, md5_hash))
838 tcp_put_md5sig_pool();
842 tcp_put_md5sig_pool();
844 memset(md5_hash, 0, 16);
848 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
850 __u8 *hash_location = NULL;
851 struct tcp_md5sig_key *hash_expected;
852 struct ipv6hdr *ip6h = ipv6_hdr(skb);
853 struct tcphdr *th = tcp_hdr(skb);
857 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
858 hash_location = tcp_parse_md5sig_option(th);
860 /* We've parsed the options - do we have a hash? */
861 if (!hash_expected && !hash_location)
864 if (hash_expected && !hash_location) {
865 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
869 if (!hash_expected && hash_location) {
870 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
874 /* check the signature */
875 genhash = tcp_v6_md5_hash_skb(newhash,
879 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
880 if (net_ratelimit()) {
881 printk(KERN_INFO "MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
882 genhash ? "failed" : "mismatch",
883 &ip6h->saddr, ntohs(th->source),
884 &ip6h->daddr, ntohs(th->dest));
892 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
894 .obj_size = sizeof(struct tcp6_request_sock),
895 .rtx_syn_ack = tcp_v6_rtx_synack,
896 .send_ack = tcp_v6_reqsk_send_ack,
897 .destructor = tcp_v6_reqsk_destructor,
898 .send_reset = tcp_v6_send_reset,
899 .syn_ack_timeout = tcp_syn_ack_timeout,
902 #ifdef CONFIG_TCP_MD5SIG
903 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
904 .md5_lookup = tcp_v6_reqsk_md5_lookup,
905 .calc_md5_hash = tcp_v6_md5_hash_skb,
909 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
910 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
911 .twsk_unique = tcp_twsk_unique,
912 .twsk_destructor= tcp_twsk_destructor,
915 static void __tcp_v6_send_check(struct sk_buff *skb,
916 struct in6_addr *saddr, struct in6_addr *daddr)
918 struct tcphdr *th = tcp_hdr(skb);
920 if (skb->ip_summed == CHECKSUM_PARTIAL) {
921 th->check = ~tcp_v6_check(skb->len, saddr, daddr, 0);
922 skb->csum_start = skb_transport_header(skb) - skb->head;
923 skb->csum_offset = offsetof(struct tcphdr, check);
925 th->check = tcp_v6_check(skb->len, saddr, daddr,
926 csum_partial(th, th->doff << 2,
931 static void tcp_v6_send_check(struct sock *sk, struct sk_buff *skb)
933 struct ipv6_pinfo *np = inet6_sk(sk);
935 __tcp_v6_send_check(skb, &np->saddr, &np->daddr);
938 static int tcp_v6_gso_send_check(struct sk_buff *skb)
940 struct ipv6hdr *ipv6h;
943 if (!pskb_may_pull(skb, sizeof(*th)))
946 ipv6h = ipv6_hdr(skb);
950 skb->ip_summed = CHECKSUM_PARTIAL;
951 __tcp_v6_send_check(skb, &ipv6h->saddr, &ipv6h->daddr);
955 static struct sk_buff **tcp6_gro_receive(struct sk_buff **head,
958 struct ipv6hdr *iph = skb_gro_network_header(skb);
960 switch (skb->ip_summed) {
961 case CHECKSUM_COMPLETE:
962 if (!tcp_v6_check(skb_gro_len(skb), &iph->saddr, &iph->daddr,
964 skb->ip_summed = CHECKSUM_UNNECESSARY;
970 NAPI_GRO_CB(skb)->flush = 1;
974 return tcp_gro_receive(head, skb);
977 static int tcp6_gro_complete(struct sk_buff *skb)
979 struct ipv6hdr *iph = ipv6_hdr(skb);
980 struct tcphdr *th = tcp_hdr(skb);
982 th->check = ~tcp_v6_check(skb->len - skb_transport_offset(skb),
983 &iph->saddr, &iph->daddr, 0);
984 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6;
986 return tcp_gro_complete(skb);
989 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
990 u32 ts, struct tcp_md5sig_key *key, int rst)
992 struct tcphdr *th = tcp_hdr(skb), *t1;
993 struct sk_buff *buff;
995 struct net *net = dev_net(skb_dst(skb)->dev);
996 struct sock *ctl_sk = net->ipv6.tcp_sk;
997 unsigned int tot_len = sizeof(struct tcphdr);
998 struct dst_entry *dst;
1002 tot_len += TCPOLEN_TSTAMP_ALIGNED;
1003 #ifdef CONFIG_TCP_MD5SIG
1005 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1008 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1013 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1015 t1 = (struct tcphdr *) skb_push(buff, tot_len);
1016 skb_reset_transport_header(buff);
1018 /* Swap the send and the receive. */
1019 memset(t1, 0, sizeof(*t1));
1020 t1->dest = th->source;
1021 t1->source = th->dest;
1022 t1->doff = tot_len / 4;
1023 t1->seq = htonl(seq);
1024 t1->ack_seq = htonl(ack);
1025 t1->ack = !rst || !th->ack;
1027 t1->window = htons(win);
1029 topt = (__be32 *)(t1 + 1);
1032 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1033 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
1034 *topt++ = htonl(tcp_time_stamp);
1035 *topt++ = htonl(ts);
1038 #ifdef CONFIG_TCP_MD5SIG
1040 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1041 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
1042 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
1043 &ipv6_hdr(skb)->saddr,
1044 &ipv6_hdr(skb)->daddr, t1);
1048 memset(&fl, 0, sizeof(fl));
1049 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1050 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1052 buff->ip_summed = CHECKSUM_PARTIAL;
1055 __tcp_v6_send_check(buff, &fl.fl6_src, &fl.fl6_dst);
1057 fl.proto = IPPROTO_TCP;
1058 fl.oif = inet6_iif(skb);
1059 fl.fl_ip_dport = t1->dest;
1060 fl.fl_ip_sport = t1->source;
1061 security_skb_classify_flow(skb, &fl);
1063 /* Pass a socket to ip6_dst_lookup either it is for RST
1064 * Underlying function will use this to retrieve the network
1067 if (!ip6_dst_lookup(ctl_sk, &dst, &fl)) {
1068 if (xfrm_lookup(net, &dst, &fl, NULL, 0) >= 0) {
1069 skb_dst_set(buff, dst);
1070 ip6_xmit(ctl_sk, buff, &fl, NULL);
1071 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
1073 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
1081 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
1083 struct tcphdr *th = tcp_hdr(skb);
1084 u32 seq = 0, ack_seq = 0;
1085 struct tcp_md5sig_key *key = NULL;
1090 if (!ipv6_unicast_destination(skb))
1093 #ifdef CONFIG_TCP_MD5SIG
1095 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr);
1099 seq = ntohl(th->ack_seq);
1101 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
1104 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1);
1107 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts,
1108 struct tcp_md5sig_key *key)
1110 tcp_v6_send_response(skb, seq, ack, win, ts, key, 0);
1113 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1115 struct inet_timewait_sock *tw = inet_twsk(sk);
1116 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1118 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1119 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1120 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw));
1125 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
1126 struct request_sock *req)
1128 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent,
1129 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr));
1133 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1135 struct request_sock *req, **prev;
1136 const struct tcphdr *th = tcp_hdr(skb);
1139 /* Find possible connection requests. */
1140 req = inet6_csk_search_req(sk, &prev, th->source,
1141 &ipv6_hdr(skb)->saddr,
1142 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1144 return tcp_check_req(sk, skb, req, prev);
1146 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
1147 &ipv6_hdr(skb)->saddr, th->source,
1148 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1151 if (nsk->sk_state != TCP_TIME_WAIT) {
1155 inet_twsk_put(inet_twsk(nsk));
1159 #ifdef CONFIG_SYN_COOKIES
1161 sk = cookie_v6_check(sk, skb);
1166 /* FIXME: this is substantially similar to the ipv4 code.
1167 * Can some kind of merge be done? -- erics
1169 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1171 struct tcp_extend_values tmp_ext;
1172 struct tcp_options_received tmp_opt;
1174 struct request_sock *req;
1175 struct inet6_request_sock *treq;
1176 struct ipv6_pinfo *np = inet6_sk(sk);
1177 struct tcp_sock *tp = tcp_sk(sk);
1178 __u32 isn = TCP_SKB_CB(skb)->when;
1179 #ifdef CONFIG_SYN_COOKIES
1180 int want_cookie = 0;
1182 #define want_cookie 0
1185 if (skb->protocol == htons(ETH_P_IP))
1186 return tcp_v4_conn_request(sk, skb);
1188 if (!ipv6_unicast_destination(skb))
1191 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1192 if (net_ratelimit())
1193 syn_flood_warning(skb);
1194 #ifdef CONFIG_SYN_COOKIES
1195 if (sysctl_tcp_syncookies)
1202 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1205 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1209 #ifdef CONFIG_TCP_MD5SIG
1210 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1213 tcp_clear_options(&tmp_opt);
1214 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1215 tmp_opt.user_mss = tp->rx_opt.user_mss;
1216 tcp_parse_options(skb, &tmp_opt, &hash_location, 0);
1218 if (tmp_opt.cookie_plus > 0 &&
1219 tmp_opt.saw_tstamp &&
1220 !tp->rx_opt.cookie_out_never &&
1221 (sysctl_tcp_cookie_size > 0 ||
1222 (tp->cookie_values != NULL &&
1223 tp->cookie_values->cookie_desired > 0))) {
1226 u32 *mess = &tmp_ext.cookie_bakery[COOKIE_DIGEST_WORDS];
1227 int l = tmp_opt.cookie_plus - TCPOLEN_COOKIE_BASE;
1229 if (tcp_cookie_generator(&tmp_ext.cookie_bakery[0]) != 0)
1232 /* Secret recipe starts with IP addresses */
1233 d = (__force u32 *)&ipv6_hdr(skb)->daddr.s6_addr32[0];
1238 d = (__force u32 *)&ipv6_hdr(skb)->saddr.s6_addr32[0];
1244 /* plus variable length Initiator Cookie */
1247 *c++ ^= *hash_location++;
1249 #ifdef CONFIG_SYN_COOKIES
1250 want_cookie = 0; /* not our kind of cookie */
1252 tmp_ext.cookie_out_never = 0; /* false */
1253 tmp_ext.cookie_plus = tmp_opt.cookie_plus;
1254 } else if (!tp->rx_opt.cookie_in_always) {
1255 /* redundant indications, but ensure initialization. */
1256 tmp_ext.cookie_out_never = 1; /* true */
1257 tmp_ext.cookie_plus = 0;
1261 tmp_ext.cookie_in_always = tp->rx_opt.cookie_in_always;
1263 if (want_cookie && !tmp_opt.saw_tstamp)
1264 tcp_clear_options(&tmp_opt);
1266 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1267 tcp_openreq_init(req, &tmp_opt, skb);
1269 treq = inet6_rsk(req);
1270 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1271 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1272 if (!want_cookie || tmp_opt.tstamp_ok)
1273 TCP_ECN_create_request(req, tcp_hdr(skb));
1276 if (ipv6_opt_accepted(sk, skb) ||
1277 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1278 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1279 atomic_inc(&skb->users);
1280 treq->pktopts = skb;
1282 treq->iif = sk->sk_bound_dev_if;
1284 /* So that link locals have meaning */
1285 if (!sk->sk_bound_dev_if &&
1286 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1287 treq->iif = inet6_iif(skb);
1289 isn = tcp_v6_init_sequence(skb);
1291 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1292 req->cookie_ts = tmp_opt.tstamp_ok;
1295 tcp_rsk(req)->snt_isn = isn;
1297 security_inet_conn_request(sk, skb, req);
1299 if (tcp_v6_send_synack(sk, req,
1300 (struct request_values *)&tmp_ext) ||
1304 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1310 return 0; /* don't send reset */
1313 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1314 struct request_sock *req,
1315 struct dst_entry *dst)
1317 struct inet6_request_sock *treq;
1318 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1319 struct tcp6_sock *newtcp6sk;
1320 struct inet_sock *newinet;
1321 struct tcp_sock *newtp;
1323 struct ipv6_txoptions *opt;
1324 #ifdef CONFIG_TCP_MD5SIG
1325 struct tcp_md5sig_key *key;
1328 if (skb->protocol == htons(ETH_P_IP)) {
1333 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1338 newtcp6sk = (struct tcp6_sock *)newsk;
1339 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1341 newinet = inet_sk(newsk);
1342 newnp = inet6_sk(newsk);
1343 newtp = tcp_sk(newsk);
1345 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1347 ipv6_addr_set_v4mapped(newinet->inet_daddr, &newnp->daddr);
1349 ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr);
1351 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1353 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1354 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1355 #ifdef CONFIG_TCP_MD5SIG
1356 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1359 newnp->pktoptions = NULL;
1361 newnp->mcast_oif = inet6_iif(skb);
1362 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1365 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1366 * here, tcp_create_openreq_child now does this for us, see the comment in
1367 * that function for the gory details. -acme
1370 /* It is tricky place. Until this moment IPv4 tcp
1371 worked with IPv6 icsk.icsk_af_ops.
1374 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1379 treq = inet6_rsk(req);
1382 if (sk_acceptq_is_full(sk))
1386 struct in6_addr *final_p, final;
1389 memset(&fl, 0, sizeof(fl));
1390 fl.proto = IPPROTO_TCP;
1391 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1392 final_p = fl6_update_dst(&fl, opt, &final);
1393 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1394 fl.oif = sk->sk_bound_dev_if;
1395 fl.mark = sk->sk_mark;
1396 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1397 fl.fl_ip_sport = inet_rsk(req)->loc_port;
1398 security_req_classify_flow(req, &fl);
1400 if (ip6_dst_lookup(sk, &dst, &fl))
1404 ipv6_addr_copy(&fl.fl6_dst, final_p);
1406 if ((xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0)
1410 newsk = tcp_create_openreq_child(sk, req, skb);
1415 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1416 * count here, tcp_create_openreq_child now does this for us, see the
1417 * comment in that function for the gory details. -acme
1420 newsk->sk_gso_type = SKB_GSO_TCPV6;
1421 __ip6_dst_store(newsk, dst, NULL, NULL);
1423 newtcp6sk = (struct tcp6_sock *)newsk;
1424 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1426 newtp = tcp_sk(newsk);
1427 newinet = inet_sk(newsk);
1428 newnp = inet6_sk(newsk);
1430 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1432 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1433 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1434 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1435 newsk->sk_bound_dev_if = treq->iif;
1437 /* Now IPv6 options...
1439 First: no IPv4 options.
1441 newinet->opt = NULL;
1442 newnp->ipv6_fl_list = NULL;
1445 newnp->rxopt.all = np->rxopt.all;
1447 /* Clone pktoptions received with SYN */
1448 newnp->pktoptions = NULL;
1449 if (treq->pktopts != NULL) {
1450 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1451 kfree_skb(treq->pktopts);
1452 treq->pktopts = NULL;
1453 if (newnp->pktoptions)
1454 skb_set_owner_r(newnp->pktoptions, newsk);
1457 newnp->mcast_oif = inet6_iif(skb);
1458 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1460 /* Clone native IPv6 options from listening socket (if any)
1462 Yes, keeping reference count would be much more clever,
1463 but we make one more one thing there: reattach optmem
1467 newnp->opt = ipv6_dup_options(newsk, opt);
1469 sock_kfree_s(sk, opt, opt->tot_len);
1472 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1474 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1475 newnp->opt->opt_flen);
1477 tcp_mtup_init(newsk);
1478 tcp_sync_mss(newsk, dst_mtu(dst));
1479 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1480 tcp_initialize_rcv_mss(newsk);
1482 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1483 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1485 #ifdef CONFIG_TCP_MD5SIG
1486 /* Copy over the MD5 key from the original socket */
1487 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1488 /* We're using one, so create a matching key
1489 * on the newsk structure. If we fail to get
1490 * memory, then we end up not copying the key
1493 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1495 tcp_v6_md5_do_add(newsk, &newnp->daddr,
1496 newkey, key->keylen);
1500 if (__inet_inherit_port(sk, newsk) < 0) {
1504 __inet6_hash(newsk, NULL);
1509 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1511 if (opt && opt != np->opt)
1512 sock_kfree_s(sk, opt, opt->tot_len);
1515 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1519 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1521 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1522 if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr,
1523 &ipv6_hdr(skb)->daddr, skb->csum)) {
1524 skb->ip_summed = CHECKSUM_UNNECESSARY;
1529 skb->csum = ~csum_unfold(tcp_v6_check(skb->len,
1530 &ipv6_hdr(skb)->saddr,
1531 &ipv6_hdr(skb)->daddr, 0));
1533 if (skb->len <= 76) {
1534 return __skb_checksum_complete(skb);
1539 /* The socket must have it's spinlock held when we get
1542 * We have a potential double-lock case here, so even when
1543 * doing backlog processing we use the BH locking scheme.
1544 * This is because we cannot sleep with the original spinlock
1547 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1549 struct ipv6_pinfo *np = inet6_sk(sk);
1550 struct tcp_sock *tp;
1551 struct sk_buff *opt_skb = NULL;
1553 /* Imagine: socket is IPv6. IPv4 packet arrives,
1554 goes to IPv4 receive handler and backlogged.
1555 From backlog it always goes here. Kerboom...
1556 Fortunately, tcp_rcv_established and rcv_established
1557 handle them correctly, but it is not case with
1558 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1561 if (skb->protocol == htons(ETH_P_IP))
1562 return tcp_v4_do_rcv(sk, skb);
1564 #ifdef CONFIG_TCP_MD5SIG
1565 if (tcp_v6_inbound_md5_hash (sk, skb))
1569 if (sk_filter(sk, skb))
1573 * socket locking is here for SMP purposes as backlog rcv
1574 * is currently called with bh processing disabled.
1577 /* Do Stevens' IPV6_PKTOPTIONS.
1579 Yes, guys, it is the only place in our code, where we
1580 may make it not affecting IPv4.
1581 The rest of code is protocol independent,
1582 and I do not like idea to uglify IPv4.
1584 Actually, all the idea behind IPV6_PKTOPTIONS
1585 looks not very well thought. For now we latch
1586 options, received in the last packet, enqueued
1587 by tcp. Feel free to propose better solution.
1591 opt_skb = skb_clone(skb, GFP_ATOMIC);
1593 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1594 TCP_CHECK_TIMER(sk);
1595 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1597 TCP_CHECK_TIMER(sk);
1599 goto ipv6_pktoptions;
1603 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1606 if (sk->sk_state == TCP_LISTEN) {
1607 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1612 * Queue it on the new socket if the new socket is active,
1613 * otherwise we just shortcircuit this and continue with
1617 if (tcp_child_process(sk, nsk, skb))
1620 __kfree_skb(opt_skb);
1625 TCP_CHECK_TIMER(sk);
1626 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1628 TCP_CHECK_TIMER(sk);
1630 goto ipv6_pktoptions;
1634 tcp_v6_send_reset(sk, skb);
1637 __kfree_skb(opt_skb);
1641 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1646 /* Do you ask, what is it?
1648 1. skb was enqueued by tcp.
1649 2. skb is added to tail of read queue, rather than out of order.
1650 3. socket is not in passive state.
1651 4. Finally, it really contains options, which user wants to receive.
1654 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1655 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1656 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1657 np->mcast_oif = inet6_iif(opt_skb);
1658 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1659 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1660 if (ipv6_opt_accepted(sk, opt_skb)) {
1661 skb_set_owner_r(opt_skb, sk);
1662 opt_skb = xchg(&np->pktoptions, opt_skb);
1664 __kfree_skb(opt_skb);
1665 opt_skb = xchg(&np->pktoptions, NULL);
1673 static int tcp_v6_rcv(struct sk_buff *skb)
1676 struct ipv6hdr *hdr;
1679 struct net *net = dev_net(skb->dev);
1681 if (skb->pkt_type != PACKET_HOST)
1685 * Count it even if it's bad.
1687 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1689 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1694 if (th->doff < sizeof(struct tcphdr)/4)
1696 if (!pskb_may_pull(skb, th->doff*4))
1699 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1703 hdr = ipv6_hdr(skb);
1704 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1705 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1706 skb->len - th->doff*4);
1707 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1708 TCP_SKB_CB(skb)->when = 0;
1709 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(hdr);
1710 TCP_SKB_CB(skb)->sacked = 0;
1712 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1717 if (sk->sk_state == TCP_TIME_WAIT)
1720 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1721 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1722 goto discard_and_relse;
1725 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1726 goto discard_and_relse;
1728 if (sk_filter(sk, skb))
1729 goto discard_and_relse;
1733 bh_lock_sock_nested(sk);
1735 if (!sock_owned_by_user(sk)) {
1736 #ifdef CONFIG_NET_DMA
1737 struct tcp_sock *tp = tcp_sk(sk);
1738 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1739 tp->ucopy.dma_chan = dma_find_channel(DMA_MEMCPY);
1740 if (tp->ucopy.dma_chan)
1741 ret = tcp_v6_do_rcv(sk, skb);
1745 if (!tcp_prequeue(sk, skb))
1746 ret = tcp_v6_do_rcv(sk, skb);
1748 } else if (unlikely(sk_add_backlog(sk, skb))) {
1750 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
1751 goto discard_and_relse;
1756 return ret ? -1 : 0;
1759 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1762 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1764 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1766 tcp_v6_send_reset(NULL, skb);
1783 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1784 inet_twsk_put(inet_twsk(sk));
1788 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1789 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1790 inet_twsk_put(inet_twsk(sk));
1794 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1799 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1800 &ipv6_hdr(skb)->daddr,
1801 ntohs(th->dest), inet6_iif(skb));
1803 struct inet_timewait_sock *tw = inet_twsk(sk);
1804 inet_twsk_deschedule(tw, &tcp_death_row);
1809 /* Fall through to ACK */
1812 tcp_v6_timewait_ack(sk, skb);
1816 case TCP_TW_SUCCESS:;
1821 static int tcp_v6_remember_stamp(struct sock *sk)
1823 /* Alas, not yet... */
1827 static const struct inet_connection_sock_af_ops ipv6_specific = {
1828 .queue_xmit = inet6_csk_xmit,
1829 .send_check = tcp_v6_send_check,
1830 .rebuild_header = inet6_sk_rebuild_header,
1831 .conn_request = tcp_v6_conn_request,
1832 .syn_recv_sock = tcp_v6_syn_recv_sock,
1833 .remember_stamp = tcp_v6_remember_stamp,
1834 .net_header_len = sizeof(struct ipv6hdr),
1835 .setsockopt = ipv6_setsockopt,
1836 .getsockopt = ipv6_getsockopt,
1837 .addr2sockaddr = inet6_csk_addr2sockaddr,
1838 .sockaddr_len = sizeof(struct sockaddr_in6),
1839 .bind_conflict = inet6_csk_bind_conflict,
1840 #ifdef CONFIG_COMPAT
1841 .compat_setsockopt = compat_ipv6_setsockopt,
1842 .compat_getsockopt = compat_ipv6_getsockopt,
1846 #ifdef CONFIG_TCP_MD5SIG
1847 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1848 .md5_lookup = tcp_v6_md5_lookup,
1849 .calc_md5_hash = tcp_v6_md5_hash_skb,
1850 .md5_add = tcp_v6_md5_add_func,
1851 .md5_parse = tcp_v6_parse_md5_keys,
1856 * TCP over IPv4 via INET6 API
1859 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1860 .queue_xmit = ip_queue_xmit,
1861 .send_check = tcp_v4_send_check,
1862 .rebuild_header = inet_sk_rebuild_header,
1863 .conn_request = tcp_v6_conn_request,
1864 .syn_recv_sock = tcp_v6_syn_recv_sock,
1865 .remember_stamp = tcp_v4_remember_stamp,
1866 .net_header_len = sizeof(struct iphdr),
1867 .setsockopt = ipv6_setsockopt,
1868 .getsockopt = ipv6_getsockopt,
1869 .addr2sockaddr = inet6_csk_addr2sockaddr,
1870 .sockaddr_len = sizeof(struct sockaddr_in6),
1871 .bind_conflict = inet6_csk_bind_conflict,
1872 #ifdef CONFIG_COMPAT
1873 .compat_setsockopt = compat_ipv6_setsockopt,
1874 .compat_getsockopt = compat_ipv6_getsockopt,
1878 #ifdef CONFIG_TCP_MD5SIG
1879 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1880 .md5_lookup = tcp_v4_md5_lookup,
1881 .calc_md5_hash = tcp_v4_md5_hash_skb,
1882 .md5_add = tcp_v6_md5_add_func,
1883 .md5_parse = tcp_v6_parse_md5_keys,
1887 /* NOTE: A lot of things set to zero explicitly by call to
1888 * sk_alloc() so need not be done here.
1890 static int tcp_v6_init_sock(struct sock *sk)
1892 struct inet_connection_sock *icsk = inet_csk(sk);
1893 struct tcp_sock *tp = tcp_sk(sk);
1895 skb_queue_head_init(&tp->out_of_order_queue);
1896 tcp_init_xmit_timers(sk);
1897 tcp_prequeue_init(tp);
1899 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1900 tp->mdev = TCP_TIMEOUT_INIT;
1902 /* So many TCP implementations out there (incorrectly) count the
1903 * initial SYN frame in their delayed-ACK and congestion control
1904 * algorithms that we must have the following bandaid to talk
1905 * efficiently to them. -DaveM
1909 /* See draft-stevens-tcpca-spec-01 for discussion of the
1910 * initialization of these values.
1912 tp->snd_ssthresh = TCP_INFINITE_SSTHRESH;
1913 tp->snd_cwnd_clamp = ~0;
1914 tp->mss_cache = TCP_MSS_DEFAULT;
1916 tp->reordering = sysctl_tcp_reordering;
1918 sk->sk_state = TCP_CLOSE;
1920 icsk->icsk_af_ops = &ipv6_specific;
1921 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1922 icsk->icsk_sync_mss = tcp_sync_mss;
1923 sk->sk_write_space = sk_stream_write_space;
1924 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1926 #ifdef CONFIG_TCP_MD5SIG
1927 tp->af_specific = &tcp_sock_ipv6_specific;
1930 /* TCP Cookie Transactions */
1931 if (sysctl_tcp_cookie_size > 0) {
1932 /* Default, cookies without s_data_payload. */
1934 kzalloc(sizeof(*tp->cookie_values),
1936 if (tp->cookie_values != NULL)
1937 kref_init(&tp->cookie_values->kref);
1939 /* Presumed zeroed, in order of appearance:
1940 * cookie_in_always, cookie_out_never,
1941 * s_data_constant, s_data_in, s_data_out
1943 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1944 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1947 percpu_counter_inc(&tcp_sockets_allocated);
1953 static void tcp_v6_destroy_sock(struct sock *sk)
1955 #ifdef CONFIG_TCP_MD5SIG
1956 /* Clean up the MD5 key list */
1957 if (tcp_sk(sk)->md5sig_info)
1958 tcp_v6_clear_md5_list(sk);
1960 tcp_v4_destroy_sock(sk);
1961 inet6_destroy_sock(sk);
1964 #ifdef CONFIG_PROC_FS
1965 /* Proc filesystem TCPv6 sock list dumping. */
1966 static void get_openreq6(struct seq_file *seq,
1967 struct sock *sk, struct request_sock *req, int i, int uid)
1969 int ttd = req->expires - jiffies;
1970 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1971 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1977 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1978 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1980 src->s6_addr32[0], src->s6_addr32[1],
1981 src->s6_addr32[2], src->s6_addr32[3],
1982 ntohs(inet_rsk(req)->loc_port),
1983 dest->s6_addr32[0], dest->s6_addr32[1],
1984 dest->s6_addr32[2], dest->s6_addr32[3],
1985 ntohs(inet_rsk(req)->rmt_port),
1987 0,0, /* could print option size, but that is af dependent. */
1988 1, /* timers active (only the expire timer) */
1989 jiffies_to_clock_t(ttd),
1992 0, /* non standard timer */
1993 0, /* open_requests have no inode */
1997 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1999 struct in6_addr *dest, *src;
2002 unsigned long timer_expires;
2003 struct inet_sock *inet = inet_sk(sp);
2004 struct tcp_sock *tp = tcp_sk(sp);
2005 const struct inet_connection_sock *icsk = inet_csk(sp);
2006 struct ipv6_pinfo *np = inet6_sk(sp);
2009 src = &np->rcv_saddr;
2010 destp = ntohs(inet->inet_dport);
2011 srcp = ntohs(inet->inet_sport);
2013 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
2015 timer_expires = icsk->icsk_timeout;
2016 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
2018 timer_expires = icsk->icsk_timeout;
2019 } else if (timer_pending(&sp->sk_timer)) {
2021 timer_expires = sp->sk_timer.expires;
2024 timer_expires = jiffies;
2028 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2029 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %lu %lu %u %u %d\n",
2031 src->s6_addr32[0], src->s6_addr32[1],
2032 src->s6_addr32[2], src->s6_addr32[3], srcp,
2033 dest->s6_addr32[0], dest->s6_addr32[1],
2034 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2036 tp->write_seq-tp->snd_una,
2037 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
2039 jiffies_to_clock_t(timer_expires - jiffies),
2040 icsk->icsk_retransmits,
2042 icsk->icsk_probes_out,
2044 atomic_read(&sp->sk_refcnt), sp,
2045 jiffies_to_clock_t(icsk->icsk_rto),
2046 jiffies_to_clock_t(icsk->icsk_ack.ato),
2047 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
2049 tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh
2053 static void get_timewait6_sock(struct seq_file *seq,
2054 struct inet_timewait_sock *tw, int i)
2056 struct in6_addr *dest, *src;
2058 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
2059 int ttd = tw->tw_ttd - jiffies;
2064 dest = &tw6->tw_v6_daddr;
2065 src = &tw6->tw_v6_rcv_saddr;
2066 destp = ntohs(tw->tw_dport);
2067 srcp = ntohs(tw->tw_sport);
2070 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2071 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
2073 src->s6_addr32[0], src->s6_addr32[1],
2074 src->s6_addr32[2], src->s6_addr32[3], srcp,
2075 dest->s6_addr32[0], dest->s6_addr32[1],
2076 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2077 tw->tw_substate, 0, 0,
2078 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2079 atomic_read(&tw->tw_refcnt), tw);
2082 static int tcp6_seq_show(struct seq_file *seq, void *v)
2084 struct tcp_iter_state *st;
2086 if (v == SEQ_START_TOKEN) {
2091 "st tx_queue rx_queue tr tm->when retrnsmt"
2092 " uid timeout inode\n");
2097 switch (st->state) {
2098 case TCP_SEQ_STATE_LISTENING:
2099 case TCP_SEQ_STATE_ESTABLISHED:
2100 get_tcp6_sock(seq, v, st->num);
2102 case TCP_SEQ_STATE_OPENREQ:
2103 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
2105 case TCP_SEQ_STATE_TIME_WAIT:
2106 get_timewait6_sock(seq, v, st->num);
2113 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2117 .owner = THIS_MODULE,
2120 .show = tcp6_seq_show,
2124 int __net_init tcp6_proc_init(struct net *net)
2126 return tcp_proc_register(net, &tcp6_seq_afinfo);
2129 void tcp6_proc_exit(struct net *net)
2131 tcp_proc_unregister(net, &tcp6_seq_afinfo);
2135 struct proto tcpv6_prot = {
2137 .owner = THIS_MODULE,
2139 .connect = tcp_v6_connect,
2140 .disconnect = tcp_disconnect,
2141 .accept = inet_csk_accept,
2143 .init = tcp_v6_init_sock,
2144 .destroy = tcp_v6_destroy_sock,
2145 .shutdown = tcp_shutdown,
2146 .setsockopt = tcp_setsockopt,
2147 .getsockopt = tcp_getsockopt,
2148 .recvmsg = tcp_recvmsg,
2149 .sendmsg = tcp_sendmsg,
2150 .sendpage = tcp_sendpage,
2151 .backlog_rcv = tcp_v6_do_rcv,
2152 .hash = tcp_v6_hash,
2153 .unhash = inet_unhash,
2154 .get_port = inet_csk_get_port,
2155 .enter_memory_pressure = tcp_enter_memory_pressure,
2156 .sockets_allocated = &tcp_sockets_allocated,
2157 .memory_allocated = &tcp_memory_allocated,
2158 .memory_pressure = &tcp_memory_pressure,
2159 .orphan_count = &tcp_orphan_count,
2160 .sysctl_mem = sysctl_tcp_mem,
2161 .sysctl_wmem = sysctl_tcp_wmem,
2162 .sysctl_rmem = sysctl_tcp_rmem,
2163 .max_header = MAX_TCP_HEADER,
2164 .obj_size = sizeof(struct tcp6_sock),
2165 .slab_flags = SLAB_DESTROY_BY_RCU,
2166 .twsk_prot = &tcp6_timewait_sock_ops,
2167 .rsk_prot = &tcp6_request_sock_ops,
2168 .h.hashinfo = &tcp_hashinfo,
2169 .no_autobind = true,
2170 #ifdef CONFIG_COMPAT
2171 .compat_setsockopt = compat_tcp_setsockopt,
2172 .compat_getsockopt = compat_tcp_getsockopt,
2176 static const struct inet6_protocol tcpv6_protocol = {
2177 .handler = tcp_v6_rcv,
2178 .err_handler = tcp_v6_err,
2179 .gso_send_check = tcp_v6_gso_send_check,
2180 .gso_segment = tcp_tso_segment,
2181 .gro_receive = tcp6_gro_receive,
2182 .gro_complete = tcp6_gro_complete,
2183 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2186 static struct inet_protosw tcpv6_protosw = {
2187 .type = SOCK_STREAM,
2188 .protocol = IPPROTO_TCP,
2189 .prot = &tcpv6_prot,
2190 .ops = &inet6_stream_ops,
2192 .flags = INET_PROTOSW_PERMANENT |
2196 static int __net_init tcpv6_net_init(struct net *net)
2198 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2199 SOCK_RAW, IPPROTO_TCP, net);
2202 static void __net_exit tcpv6_net_exit(struct net *net)
2204 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2207 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2209 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
2212 static struct pernet_operations tcpv6_net_ops = {
2213 .init = tcpv6_net_init,
2214 .exit = tcpv6_net_exit,
2215 .exit_batch = tcpv6_net_exit_batch,
2218 int __init tcpv6_init(void)
2222 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2226 /* register inet6 protocol */
2227 ret = inet6_register_protosw(&tcpv6_protosw);
2229 goto out_tcpv6_protocol;
2231 ret = register_pernet_subsys(&tcpv6_net_ops);
2233 goto out_tcpv6_protosw;
2238 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2240 inet6_unregister_protosw(&tcpv6_protosw);
2244 void tcpv6_exit(void)
2246 unregister_pernet_subsys(&tcpv6_net_ops);
2247 inet6_unregister_protosw(&tcpv6_protosw);
2248 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
git://bbs.cooldavid.org / net-next-2.6.git / blob