projects / deliverable / linux.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville...
[deliverable/linux.git] / net / ipv6 / tcp_ipv6.c
... / ...
CommitLineData
1/*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * Based on:
9 * linux/net/ipv4/tcp.c
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
12 *
13 * Fixes:
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
19 *
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
24 */
25
26#include <linux/bottom_half.h>
27#include <linux/module.h>
28#include <linux/errno.h>
29#include <linux/types.h>
30#include <linux/socket.h>
31#include <linux/sockios.h>
32#include <linux/net.h>
33#include <linux/jiffies.h>
34#include <linux/in.h>
35#include <linux/in6.h>
36#include <linux/netdevice.h>
37#include <linux/init.h>
38#include <linux/jhash.h>
39#include <linux/ipsec.h>
40#include <linux/times.h>
41#include <linux/slab.h>
42
43#include <linux/ipv6.h>
44#include <linux/icmpv6.h>
45#include <linux/random.h>
46
47#include <net/tcp.h>
48#include <net/ndisc.h>
49#include <net/inet6_hashtables.h>
50#include <net/inet6_connection_sock.h>
51#include <net/ipv6.h>
52#include <net/transp_v6.h>
53#include <net/addrconf.h>
54#include <net/ip6_route.h>
55#include <net/ip6_checksum.h>
56#include <net/inet_ecn.h>
57#include <net/protocol.h>
58#include <net/xfrm.h>
59#include <net/snmp.h>
60#include <net/dsfield.h>
61#include <net/timewait_sock.h>
62#include <net/netdma.h>
63#include <net/inet_common.h>
64#include <net/secure_seq.h>
65#include <net/tcp_memcontrol.h>
66#include <net/busy_poll.h>
67
68#include <asm/uaccess.h>
69
70#include <linux/proc_fs.h>
71#include <linux/seq_file.h>
72
73#include <linux/crypto.h>
74#include <linux/scatterlist.h>
75
76static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
77static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
78 struct request_sock *req);
79
80static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
81
82static const struct inet_connection_sock_af_ops ipv6_mapped;
83static const struct inet_connection_sock_af_ops ipv6_specific;
84#ifdef CONFIG_TCP_MD5SIG
85static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
86static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
87#else
88static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
89 const struct in6_addr *addr)
90{
91 return NULL;
92}
93#endif
94
95static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
96{
97 struct dst_entry *dst = skb_dst(skb);
98 const struct rt6_info *rt = (const struct rt6_info *)dst;
99
100 dst_hold(dst);
101 sk->sk_rx_dst = dst;
102 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
103 if (rt->rt6i_node)
104 inet6_sk(sk)->rx_dst_cookie = rt->rt6i_node->fn_sernum;
105}
106
107static void tcp_v6_hash(struct sock *sk)
108{
109 if (sk->sk_state != TCP_CLOSE) {
110 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
111 tcp_prot.hash(sk);
112 return;
113 }
114 local_bh_disable();
115 __inet6_hash(sk, NULL);
116 local_bh_enable();
117 }
118}
119
120static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
121{
122 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
123 ipv6_hdr(skb)->saddr.s6_addr32,
124 tcp_hdr(skb)->dest,
125 tcp_hdr(skb)->source);
126}
127
128static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
129 int addr_len)
130{
131 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
132 struct inet_sock *inet = inet_sk(sk);
133 struct inet_connection_sock *icsk = inet_csk(sk);
134 struct ipv6_pinfo *np = inet6_sk(sk);
135 struct tcp_sock *tp = tcp_sk(sk);
136 struct in6_addr *saddr = NULL, *final_p, final;
137 struct rt6_info *rt;
138 struct flowi6 fl6;
139 struct dst_entry *dst;
140 int addr_type;
141 int err;
142
143 if (addr_len < SIN6_LEN_RFC2133)
144 return -EINVAL;
145
146 if (usin->sin6_family != AF_INET6)
147 return -EAFNOSUPPORT;
148
149 memset(&fl6, 0, sizeof(fl6));
150
151 if (np->sndflow) {
152 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
153 IP6_ECN_flow_init(fl6.flowlabel);
154 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
155 struct ip6_flowlabel *flowlabel;
156 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
157 if (flowlabel == NULL)
158 return -EINVAL;
159 fl6_sock_release(flowlabel);
160 }
161 }
162
163 /*
164 * connect() to INADDR_ANY means loopback (BSD'ism).
165 */
166
167 if (ipv6_addr_any(&usin->sin6_addr))
168 usin->sin6_addr.s6_addr[15] = 0x1;
169
170 addr_type = ipv6_addr_type(&usin->sin6_addr);
171
172 if (addr_type & IPV6_ADDR_MULTICAST)
173 return -ENETUNREACH;
174
175 if (addr_type&IPV6_ADDR_LINKLOCAL) {
176 if (addr_len >= sizeof(struct sockaddr_in6) &&
177 usin->sin6_scope_id) {
178 /* If interface is set while binding, indices
179 * must coincide.
180 */
181 if (sk->sk_bound_dev_if &&
182 sk->sk_bound_dev_if != usin->sin6_scope_id)
183 return -EINVAL;
184
185 sk->sk_bound_dev_if = usin->sin6_scope_id;
186 }
187
188 /* Connect to link-local address requires an interface */
189 if (!sk->sk_bound_dev_if)
190 return -EINVAL;
191 }
192
193 if (tp->rx_opt.ts_recent_stamp &&
194 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
195 tp->rx_opt.ts_recent = 0;
196 tp->rx_opt.ts_recent_stamp = 0;
197 tp->write_seq = 0;
198 }
199
200 sk->sk_v6_daddr = usin->sin6_addr;
201 np->flow_label = fl6.flowlabel;
202
203 /*
204 * TCP over IPv4
205 */
206
207 if (addr_type == IPV6_ADDR_MAPPED) {
208 u32 exthdrlen = icsk->icsk_ext_hdr_len;
209 struct sockaddr_in sin;
210
211 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
212
213 if (__ipv6_only_sock(sk))
214 return -ENETUNREACH;
215
216 sin.sin_family = AF_INET;
217 sin.sin_port = usin->sin6_port;
218 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
219
220 icsk->icsk_af_ops = &ipv6_mapped;
221 sk->sk_backlog_rcv = tcp_v4_do_rcv;
222#ifdef CONFIG_TCP_MD5SIG
223 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
224#endif
225
226 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
227
228 if (err) {
229 icsk->icsk_ext_hdr_len = exthdrlen;
230 icsk->icsk_af_ops = &ipv6_specific;
231 sk->sk_backlog_rcv = tcp_v6_do_rcv;
232#ifdef CONFIG_TCP_MD5SIG
233 tp->af_specific = &tcp_sock_ipv6_specific;
234#endif
235 goto failure;
236 } else {
237 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
238 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
239 &sk->sk_v6_rcv_saddr);
240 }
241
242 return err;
243 }
244
245 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
246 saddr = &sk->sk_v6_rcv_saddr;
247
248 fl6.flowi6_proto = IPPROTO_TCP;
249 fl6.daddr = sk->sk_v6_daddr;
250 fl6.saddr = saddr ? *saddr : np->saddr;
251 fl6.flowi6_oif = sk->sk_bound_dev_if;
252 fl6.flowi6_mark = sk->sk_mark;
253 fl6.fl6_dport = usin->sin6_port;
254 fl6.fl6_sport = inet->inet_sport;
255
256 final_p = fl6_update_dst(&fl6, np->opt, &final);
257
258 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
259
260 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
261 if (IS_ERR(dst)) {
262 err = PTR_ERR(dst);
263 goto failure;
264 }
265
266 if (saddr == NULL) {
267 saddr = &fl6.saddr;
268 sk->sk_v6_rcv_saddr = *saddr;
269 }
270
271 /* set the source address */
272 np->saddr = *saddr;
273 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
274
275 sk->sk_gso_type = SKB_GSO_TCPV6;
276 __ip6_dst_store(sk, dst, NULL, NULL);
277
278 rt = (struct rt6_info *) dst;
279 if (tcp_death_row.sysctl_tw_recycle &&
280 !tp->rx_opt.ts_recent_stamp &&
281 ipv6_addr_equal(&rt->rt6i_dst.addr, &sk->sk_v6_daddr))
282 tcp_fetch_timewait_stamp(sk, dst);
283
284 icsk->icsk_ext_hdr_len = 0;
285 if (np->opt)
286 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
287 np->opt->opt_nflen);
288
289 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
290
291 inet->inet_dport = usin->sin6_port;
292
293 tcp_set_state(sk, TCP_SYN_SENT);
294 err = inet6_hash_connect(&tcp_death_row, sk);
295 if (err)
296 goto late_failure;
297
298 if (!tp->write_seq && likely(!tp->repair))
299 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
300 sk->sk_v6_daddr.s6_addr32,
301 inet->inet_sport,
302 inet->inet_dport);
303
304 err = tcp_connect(sk);
305 if (err)
306 goto late_failure;
307
308 return 0;
309
310late_failure:
311 tcp_set_state(sk, TCP_CLOSE);
312 __sk_dst_reset(sk);
313failure:
314 inet->inet_dport = 0;
315 sk->sk_route_caps = 0;
316 return err;
317}
318
319static void tcp_v6_mtu_reduced(struct sock *sk)
320{
321 struct dst_entry *dst;
322
323 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
324 return;
325
326 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
327 if (!dst)
328 return;
329
330 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
331 tcp_sync_mss(sk, dst_mtu(dst));
332 tcp_simple_retransmit(sk);
333 }
334}
335
336static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
337 u8 type, u8 code, int offset, __be32 info)
338{
339 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
340 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
341 struct ipv6_pinfo *np;
342 struct sock *sk;
343 int err;
344 struct tcp_sock *tp;
345 __u32 seq;
346 struct net *net = dev_net(skb->dev);
347
348 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
349 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
350
351 if (sk == NULL) {
352 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
353 ICMP6_MIB_INERRORS);
354 return;
355 }
356
357 if (sk->sk_state == TCP_TIME_WAIT) {
358 inet_twsk_put(inet_twsk(sk));
359 return;
360 }
361
362 bh_lock_sock(sk);
363 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
364 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
365
366 if (sk->sk_state == TCP_CLOSE)
367 goto out;
368
369 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
370 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
371 goto out;
372 }
373
374 tp = tcp_sk(sk);
375 seq = ntohl(th->seq);
376 if (sk->sk_state != TCP_LISTEN &&
377 !between(seq, tp->snd_una, tp->snd_nxt)) {
378 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
379 goto out;
380 }
381
382 np = inet6_sk(sk);
383
384 if (type == NDISC_REDIRECT) {
385 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
386
387 if (dst)
388 dst->ops->redirect(dst, sk, skb);
389 goto out;
390 }
391
392 if (type == ICMPV6_PKT_TOOBIG) {
393 /* We are not interested in TCP_LISTEN and open_requests
394 * (SYN-ACKs send out by Linux are always <576bytes so
395 * they should go through unfragmented).
396 */
397 if (sk->sk_state == TCP_LISTEN)
398 goto out;
399
400 if (!ip6_sk_accept_pmtu(sk))
401 goto out;
402
403 tp->mtu_info = ntohl(info);
404 if (!sock_owned_by_user(sk))
405 tcp_v6_mtu_reduced(sk);
406 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
407 &tp->tsq_flags))
408 sock_hold(sk);
409 goto out;
410 }
411
412 icmpv6_err_convert(type, code, &err);
413
414 /* Might be for an request_sock */
415 switch (sk->sk_state) {
416 struct request_sock *req, **prev;
417 case TCP_LISTEN:
418 if (sock_owned_by_user(sk))
419 goto out;
420
421 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
422 &hdr->saddr, inet6_iif(skb));
423 if (!req)
424 goto out;
425
426 /* ICMPs are not backlogged, hence we cannot get
427 * an established socket here.
428 */
429 WARN_ON(req->sk != NULL);
430
431 if (seq != tcp_rsk(req)->snt_isn) {
432 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
433 goto out;
434 }
435
436 inet_csk_reqsk_queue_drop(sk, req, prev);
437 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
438 goto out;
439
440 case TCP_SYN_SENT:
441 case TCP_SYN_RECV: /* Cannot happen.
442 It can, it SYNs are crossed. --ANK */
443 if (!sock_owned_by_user(sk)) {
444 sk->sk_err = err;
445 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
446
447 tcp_done(sk);
448 } else
449 sk->sk_err_soft = err;
450 goto out;
451 }
452
453 if (!sock_owned_by_user(sk) && np->recverr) {
454 sk->sk_err = err;
455 sk->sk_error_report(sk);
456 } else
457 sk->sk_err_soft = err;
458
459out:
460 bh_unlock_sock(sk);
461 sock_put(sk);
462}
463
464
465static int tcp_v6_send_synack(struct sock *sk, struct dst_entry *dst,
466 struct flowi6 *fl6,
467 struct request_sock *req,
468 u16 queue_mapping)
469{
470 struct inet_request_sock *ireq = inet_rsk(req);
471 struct ipv6_pinfo *np = inet6_sk(sk);
472 struct sk_buff *skb;
473 int err = -ENOMEM;
474
475 /* First, grab a route. */
476 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL)
477 goto done;
478
479 skb = tcp_make_synack(sk, dst, req, NULL);
480
481 if (skb) {
482 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
483 &ireq->ir_v6_rmt_addr);
484
485 fl6->daddr = ireq->ir_v6_rmt_addr;
486 skb_set_queue_mapping(skb, queue_mapping);
487 err = ip6_xmit(sk, skb, fl6, np->opt, np->tclass);
488 err = net_xmit_eval(err);
489 }
490
491done:
492 return err;
493}
494
495static int tcp_v6_rtx_synack(struct sock *sk, struct request_sock *req)
496{
497 struct flowi6 fl6;
498 int res;
499
500 res = tcp_v6_send_synack(sk, NULL, &fl6, req, 0);
501 if (!res)
502 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
503 return res;
504}
505
506static void tcp_v6_reqsk_destructor(struct request_sock *req)
507{
508 kfree_skb(inet_rsk(req)->pktopts);
509}
510
511#ifdef CONFIG_TCP_MD5SIG
512static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
513 const struct in6_addr *addr)
514{
515 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
516}
517
518static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
519 struct sock *addr_sk)
520{
521 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
522}
523
524static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
525 struct request_sock *req)
526{
527 return tcp_v6_md5_do_lookup(sk, &inet_rsk(req)->ir_v6_rmt_addr);
528}
529
530static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
531 int optlen)
532{
533 struct tcp_md5sig cmd;
534 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
535
536 if (optlen < sizeof(cmd))
537 return -EINVAL;
538
539 if (copy_from_user(&cmd, optval, sizeof(cmd)))
540 return -EFAULT;
541
542 if (sin6->sin6_family != AF_INET6)
543 return -EINVAL;
544
545 if (!cmd.tcpm_keylen) {
546 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
547 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
548 AF_INET);
549 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
550 AF_INET6);
551 }
552
553 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
554 return -EINVAL;
555
556 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
557 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
558 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
559
560 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
561 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
562}
563
564static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
565 const struct in6_addr *daddr,
566 const struct in6_addr *saddr, int nbytes)
567{
568 struct tcp6_pseudohdr *bp;
569 struct scatterlist sg;
570
571 bp = &hp->md5_blk.ip6;
572 /* 1. TCP pseudo-header (RFC2460) */
573 bp->saddr = *saddr;
574 bp->daddr = *daddr;
575 bp->protocol = cpu_to_be32(IPPROTO_TCP);
576 bp->len = cpu_to_be32(nbytes);
577
578 sg_init_one(&sg, bp, sizeof(*bp));
579 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
580}
581
582static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
583 const struct in6_addr *daddr, struct in6_addr *saddr,
584 const struct tcphdr *th)
585{
586 struct tcp_md5sig_pool *hp;
587 struct hash_desc *desc;
588
589 hp = tcp_get_md5sig_pool();
590 if (!hp)
591 goto clear_hash_noput;
592 desc = &hp->md5_desc;
593
594 if (crypto_hash_init(desc))
595 goto clear_hash;
596 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
597 goto clear_hash;
598 if (tcp_md5_hash_header(hp, th))
599 goto clear_hash;
600 if (tcp_md5_hash_key(hp, key))
601 goto clear_hash;
602 if (crypto_hash_final(desc, md5_hash))
603 goto clear_hash;
604
605 tcp_put_md5sig_pool();
606 return 0;
607
608clear_hash:
609 tcp_put_md5sig_pool();
610clear_hash_noput:
611 memset(md5_hash, 0, 16);
612 return 1;
613}
614
615static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
616 const struct sock *sk,
617 const struct request_sock *req,
618 const struct sk_buff *skb)
619{
620 const struct in6_addr *saddr, *daddr;
621 struct tcp_md5sig_pool *hp;
622 struct hash_desc *desc;
623 const struct tcphdr *th = tcp_hdr(skb);
624
625 if (sk) {
626 saddr = &inet6_sk(sk)->saddr;
627 daddr = &sk->sk_v6_daddr;
628 } else if (req) {
629 saddr = &inet_rsk(req)->ir_v6_loc_addr;
630 daddr = &inet_rsk(req)->ir_v6_rmt_addr;
631 } else {
632 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
633 saddr = &ip6h->saddr;
634 daddr = &ip6h->daddr;
635 }
636
637 hp = tcp_get_md5sig_pool();
638 if (!hp)
639 goto clear_hash_noput;
640 desc = &hp->md5_desc;
641
642 if (crypto_hash_init(desc))
643 goto clear_hash;
644
645 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
646 goto clear_hash;
647 if (tcp_md5_hash_header(hp, th))
648 goto clear_hash;
649 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
650 goto clear_hash;
651 if (tcp_md5_hash_key(hp, key))
652 goto clear_hash;
653 if (crypto_hash_final(desc, md5_hash))
654 goto clear_hash;
655
656 tcp_put_md5sig_pool();
657 return 0;
658
659clear_hash:
660 tcp_put_md5sig_pool();
661clear_hash_noput:
662 memset(md5_hash, 0, 16);
663 return 1;
664}
665
666static int tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb)
667{
668 const __u8 *hash_location = NULL;
669 struct tcp_md5sig_key *hash_expected;
670 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
671 const struct tcphdr *th = tcp_hdr(skb);
672 int genhash;
673 u8 newhash[16];
674
675 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
676 hash_location = tcp_parse_md5sig_option(th);
677
678 /* We've parsed the options - do we have a hash? */
679 if (!hash_expected && !hash_location)
680 return 0;
681
682 if (hash_expected && !hash_location) {
683 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
684 return 1;
685 }
686
687 if (!hash_expected && hash_location) {
688 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
689 return 1;
690 }
691
692 /* check the signature */
693 genhash = tcp_v6_md5_hash_skb(newhash,
694 hash_expected,
695 NULL, NULL, skb);
696
697 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
698 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
699 genhash ? "failed" : "mismatch",
700 &ip6h->saddr, ntohs(th->source),
701 &ip6h->daddr, ntohs(th->dest));
702 return 1;
703 }
704 return 0;
705}
706#endif
707
708struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
709 .family = AF_INET6,
710 .obj_size = sizeof(struct tcp6_request_sock),
711 .rtx_syn_ack = tcp_v6_rtx_synack,
712 .send_ack = tcp_v6_reqsk_send_ack,
713 .destructor = tcp_v6_reqsk_destructor,
714 .send_reset = tcp_v6_send_reset,
715 .syn_ack_timeout = tcp_syn_ack_timeout,
716};
717
718#ifdef CONFIG_TCP_MD5SIG
719static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
720 .md5_lookup = tcp_v6_reqsk_md5_lookup,
721 .calc_md5_hash = tcp_v6_md5_hash_skb,
722};
723#endif
724
725static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
726 u32 tsval, u32 tsecr,
727 struct tcp_md5sig_key *key, int rst, u8 tclass)
728{
729 const struct tcphdr *th = tcp_hdr(skb);
730 struct tcphdr *t1;
731 struct sk_buff *buff;
732 struct flowi6 fl6;
733 struct net *net = dev_net(skb_dst(skb)->dev);
734 struct sock *ctl_sk = net->ipv6.tcp_sk;
735 unsigned int tot_len = sizeof(struct tcphdr);
736 struct dst_entry *dst;
737 __be32 *topt;
738
739 if (tsecr)
740 tot_len += TCPOLEN_TSTAMP_ALIGNED;
741#ifdef CONFIG_TCP_MD5SIG
742 if (key)
743 tot_len += TCPOLEN_MD5SIG_ALIGNED;
744#endif
745
746 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
747 GFP_ATOMIC);
748 if (buff == NULL)
749 return;
750
751 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
752
753 t1 = (struct tcphdr *) skb_push(buff, tot_len);
754 skb_reset_transport_header(buff);
755
756 /* Swap the send and the receive. */
757 memset(t1, 0, sizeof(*t1));
758 t1->dest = th->source;
759 t1->source = th->dest;
760 t1->doff = tot_len / 4;
761 t1->seq = htonl(seq);
762 t1->ack_seq = htonl(ack);
763 t1->ack = !rst || !th->ack;
764 t1->rst = rst;
765 t1->window = htons(win);
766
767 topt = (__be32 *)(t1 + 1);
768
769 if (tsecr) {
770 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
771 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
772 *topt++ = htonl(tsval);
773 *topt++ = htonl(tsecr);
774 }
775
776#ifdef CONFIG_TCP_MD5SIG
777 if (key) {
778 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
779 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
780 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
781 &ipv6_hdr(skb)->saddr,
782 &ipv6_hdr(skb)->daddr, t1);
783 }
784#endif
785
786 memset(&fl6, 0, sizeof(fl6));
787 fl6.daddr = ipv6_hdr(skb)->saddr;
788 fl6.saddr = ipv6_hdr(skb)->daddr;
789
790 buff->ip_summed = CHECKSUM_PARTIAL;
791 buff->csum = 0;
792
793 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
794
795 fl6.flowi6_proto = IPPROTO_TCP;
796 if (ipv6_addr_type(&fl6.daddr) & IPV6_ADDR_LINKLOCAL)
797 fl6.flowi6_oif = inet6_iif(skb);
798 fl6.fl6_dport = t1->dest;
799 fl6.fl6_sport = t1->source;
800 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
801
802 /* Pass a socket to ip6_dst_lookup either it is for RST
803 * Underlying function will use this to retrieve the network
804 * namespace
805 */
806 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
807 if (!IS_ERR(dst)) {
808 skb_dst_set(buff, dst);
809 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
810 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
811 if (rst)
812 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
813 return;
814 }
815
816 kfree_skb(buff);
817}
818
819static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
820{
821 const struct tcphdr *th = tcp_hdr(skb);
822 u32 seq = 0, ack_seq = 0;
823 struct tcp_md5sig_key *key = NULL;
824#ifdef CONFIG_TCP_MD5SIG
825 const __u8 *hash_location = NULL;
826 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
827 unsigned char newhash[16];
828 int genhash;
829 struct sock *sk1 = NULL;
830#endif
831
832 if (th->rst)
833 return;
834
835 if (!ipv6_unicast_destination(skb))
836 return;
837
838#ifdef CONFIG_TCP_MD5SIG
839 hash_location = tcp_parse_md5sig_option(th);
840 if (!sk && hash_location) {
841 /*
842 * active side is lost. Try to find listening socket through
843 * source port, and then find md5 key through listening socket.
844 * we are not loose security here:
845 * Incoming packet is checked with md5 hash with finding key,
846 * no RST generated if md5 hash doesn't match.
847 */
848 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
849 &tcp_hashinfo, &ipv6h->saddr,
850 th->source, &ipv6h->daddr,
851 ntohs(th->source), inet6_iif(skb));
852 if (!sk1)
853 return;
854
855 rcu_read_lock();
856 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
857 if (!key)
858 goto release_sk1;
859
860 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, NULL, skb);
861 if (genhash || memcmp(hash_location, newhash, 16) != 0)
862 goto release_sk1;
863 } else {
864 key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL;
865 }
866#endif
867
868 if (th->ack)
869 seq = ntohl(th->ack_seq);
870 else
871 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
872 (th->doff << 2);
873
874 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, 0, key, 1, 0);
875
876#ifdef CONFIG_TCP_MD5SIG
877release_sk1:
878 if (sk1) {
879 rcu_read_unlock();
880 sock_put(sk1);
881 }
882#endif
883}
884
885static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack,
886 u32 win, u32 tsval, u32 tsecr,
887 struct tcp_md5sig_key *key, u8 tclass)
888{
889 tcp_v6_send_response(skb, seq, ack, win, tsval, tsecr, key, 0, tclass);
890}
891
892static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
893{
894 struct inet_timewait_sock *tw = inet_twsk(sk);
895 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
896
897 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
898 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
899 tcp_time_stamp + tcptw->tw_ts_offset,
900 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw),
901 tw->tw_tclass);
902
903 inet_twsk_put(tw);
904}
905
906static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
907 struct request_sock *req)
908{
909 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1,
910 req->rcv_wnd, tcp_time_stamp, req->ts_recent,
911 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr), 0);
912}
913
914
915static struct sock *tcp_v6_hnd_req(struct sock *sk, struct sk_buff *skb)
916{
917 struct request_sock *req, **prev;
918 const struct tcphdr *th = tcp_hdr(skb);
919 struct sock *nsk;
920
921 /* Find possible connection requests. */
922 req = inet6_csk_search_req(sk, &prev, th->source,
923 &ipv6_hdr(skb)->saddr,
924 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
925 if (req)
926 return tcp_check_req(sk, skb, req, prev, false);
927
928 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
929 &ipv6_hdr(skb)->saddr, th->source,
930 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
931
932 if (nsk) {
933 if (nsk->sk_state != TCP_TIME_WAIT) {
934 bh_lock_sock(nsk);
935 return nsk;
936 }
937 inet_twsk_put(inet_twsk(nsk));
938 return NULL;
939 }
940
941#ifdef CONFIG_SYN_COOKIES
942 if (!th->syn)
943 sk = cookie_v6_check(sk, skb);
944#endif
945 return sk;
946}
947
948/* FIXME: this is substantially similar to the ipv4 code.
949 * Can some kind of merge be done? -- erics
950 */
951static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
952{
953 struct tcp_options_received tmp_opt;
954 struct request_sock *req;
955 struct inet_request_sock *ireq;
956 struct ipv6_pinfo *np = inet6_sk(sk);
957 struct tcp_sock *tp = tcp_sk(sk);
958 __u32 isn = TCP_SKB_CB(skb)->when;
959 struct dst_entry *dst = NULL;
960 struct flowi6 fl6;
961 bool want_cookie = false;
962
963 if (skb->protocol == htons(ETH_P_IP))
964 return tcp_v4_conn_request(sk, skb);
965
966 if (!ipv6_unicast_destination(skb))
967 goto drop;
968
969 if ((sysctl_tcp_syncookies == 2 ||
970 inet_csk_reqsk_queue_is_full(sk)) && !isn) {
971 want_cookie = tcp_syn_flood_action(sk, skb, "TCPv6");
972 if (!want_cookie)
973 goto drop;
974 }
975
976 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) {
977 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
978 goto drop;
979 }
980
981 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
982 if (req == NULL)
983 goto drop;
984
985#ifdef CONFIG_TCP_MD5SIG
986 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
987#endif
988
989 tcp_clear_options(&tmp_opt);
990 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
991 tmp_opt.user_mss = tp->rx_opt.user_mss;
992 tcp_parse_options(skb, &tmp_opt, 0, NULL);
993
994 if (want_cookie && !tmp_opt.saw_tstamp)
995 tcp_clear_options(&tmp_opt);
996
997 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
998 tcp_openreq_init(req, &tmp_opt, skb);
999
1000 ireq = inet_rsk(req);
1001 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
1002 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
1003 if (!want_cookie || tmp_opt.tstamp_ok)
1004 TCP_ECN_create_request(req, skb, sock_net(sk));
1005
1006 ireq->ir_iif = sk->sk_bound_dev_if;
1007
1008 /* So that link locals have meaning */
1009 if (!sk->sk_bound_dev_if &&
1010 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
1011 ireq->ir_iif = inet6_iif(skb);
1012
1013 if (!isn) {
1014 if (ipv6_opt_accepted(sk, skb) ||
1015 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1016 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1017 atomic_inc(&skb->users);
1018 ireq->pktopts = skb;
1019 }
1020
1021 if (want_cookie) {
1022 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1023 req->cookie_ts = tmp_opt.tstamp_ok;
1024 goto have_isn;
1025 }
1026
1027 /* VJ's idea. We save last timestamp seen
1028 * from the destination in peer table, when entering
1029 * state TIME-WAIT, and check against it before
1030 * accepting new connection request.
1031 *
1032 * If "isn" is not zero, this request hit alive
1033 * timewait bucket, so that all the necessary checks
1034 * are made in the function processing timewait state.
1035 */
1036 if (tmp_opt.saw_tstamp &&
1037 tcp_death_row.sysctl_tw_recycle &&
1038 (dst = inet6_csk_route_req(sk, &fl6, req)) != NULL) {
1039 if (!tcp_peer_is_proven(req, dst, true)) {
1040 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_PAWSPASSIVEREJECTED);
1041 goto drop_and_release;
1042 }
1043 }
1044 /* Kill the following clause, if you dislike this way. */
1045 else if (!sysctl_tcp_syncookies &&
1046 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
1047 (sysctl_max_syn_backlog >> 2)) &&
1048 !tcp_peer_is_proven(req, dst, false)) {
1049 /* Without syncookies last quarter of
1050 * backlog is filled with destinations,
1051 * proven to be alive.
1052 * It means that we continue to communicate
1053 * to destinations, already remembered
1054 * to the moment of synflood.
1055 */
1056 LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open request from %pI6/%u\n",
1057 &ireq->ir_v6_rmt_addr, ntohs(tcp_hdr(skb)->source));
1058 goto drop_and_release;
1059 }
1060
1061 isn = tcp_v6_init_sequence(skb);
1062 }
1063have_isn:
1064 tcp_rsk(req)->snt_isn = isn;
1065
1066 if (security_inet_conn_request(sk, skb, req))
1067 goto drop_and_release;
1068
1069 if (tcp_v6_send_synack(sk, dst, &fl6, req,
1070 skb_get_queue_mapping(skb)) ||
1071 want_cookie)
1072 goto drop_and_free;
1073
1074 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1075 tcp_rsk(req)->listener = NULL;
1076 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1077 return 0;
1078
1079drop_and_release:
1080 dst_release(dst);
1081drop_and_free:
1082 reqsk_free(req);
1083drop:
1084 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1085 return 0; /* don't send reset */
1086}
1087
1088static struct sock *tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1089 struct request_sock *req,
1090 struct dst_entry *dst)
1091{
1092 struct inet_request_sock *ireq;
1093 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1094 struct tcp6_sock *newtcp6sk;
1095 struct inet_sock *newinet;
1096 struct tcp_sock *newtp;
1097 struct sock *newsk;
1098#ifdef CONFIG_TCP_MD5SIG
1099 struct tcp_md5sig_key *key;
1100#endif
1101 struct flowi6 fl6;
1102
1103 if (skb->protocol == htons(ETH_P_IP)) {
1104 /*
1105 * v6 mapped
1106 */
1107
1108 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1109
1110 if (newsk == NULL)
1111 return NULL;
1112
1113 newtcp6sk = (struct tcp6_sock *)newsk;
1114 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1115
1116 newinet = inet_sk(newsk);
1117 newnp = inet6_sk(newsk);
1118 newtp = tcp_sk(newsk);
1119
1120 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1121
1122 ipv6_addr_set_v4mapped(newinet->inet_daddr, &newsk->sk_v6_daddr);
1123
1124 ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr);
1125
1126 newsk->sk_v6_rcv_saddr = newnp->saddr;
1127
1128 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1129 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1130#ifdef CONFIG_TCP_MD5SIG
1131 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1132#endif
1133
1134 newnp->ipv6_ac_list = NULL;
1135 newnp->ipv6_fl_list = NULL;
1136 newnp->pktoptions = NULL;
1137 newnp->opt = NULL;
1138 newnp->mcast_oif = inet6_iif(skb);
1139 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1140 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1141
1142 /*
1143 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1144 * here, tcp_create_openreq_child now does this for us, see the comment in
1145 * that function for the gory details. -acme
1146 */
1147
1148 /* It is tricky place. Until this moment IPv4 tcp
1149 worked with IPv6 icsk.icsk_af_ops.
1150 Sync it now.
1151 */
1152 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1153
1154 return newsk;
1155 }
1156
1157 ireq = inet_rsk(req);
1158
1159 if (sk_acceptq_is_full(sk))
1160 goto out_overflow;
1161
1162 if (!dst) {
1163 dst = inet6_csk_route_req(sk, &fl6, req);
1164 if (!dst)
1165 goto out;
1166 }
1167
1168 newsk = tcp_create_openreq_child(sk, req, skb);
1169 if (newsk == NULL)
1170 goto out_nonewsk;
1171
1172 /*
1173 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1174 * count here, tcp_create_openreq_child now does this for us, see the
1175 * comment in that function for the gory details. -acme
1176 */
1177
1178 newsk->sk_gso_type = SKB_GSO_TCPV6;
1179 __ip6_dst_store(newsk, dst, NULL, NULL);
1180 inet6_sk_rx_dst_set(newsk, skb);
1181
1182 newtcp6sk = (struct tcp6_sock *)newsk;
1183 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1184
1185 newtp = tcp_sk(newsk);
1186 newinet = inet_sk(newsk);
1187 newnp = inet6_sk(newsk);
1188
1189 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1190
1191 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1192 newnp->saddr = ireq->ir_v6_loc_addr;
1193 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1194 newsk->sk_bound_dev_if = ireq->ir_iif;
1195
1196 /* Now IPv6 options...
1197
1198 First: no IPv4 options.
1199 */
1200 newinet->inet_opt = NULL;
1201 newnp->ipv6_ac_list = NULL;
1202 newnp->ipv6_fl_list = NULL;
1203
1204 /* Clone RX bits */
1205 newnp->rxopt.all = np->rxopt.all;
1206
1207 /* Clone pktoptions received with SYN */
1208 newnp->pktoptions = NULL;
1209 if (ireq->pktopts != NULL) {
1210 newnp->pktoptions = skb_clone(ireq->pktopts,
1211 sk_gfp_atomic(sk, GFP_ATOMIC));
1212 consume_skb(ireq->pktopts);
1213 ireq->pktopts = NULL;
1214 if (newnp->pktoptions)
1215 skb_set_owner_r(newnp->pktoptions, newsk);
1216 }
1217 newnp->opt = NULL;
1218 newnp->mcast_oif = inet6_iif(skb);
1219 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1220 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1221
1222 /* Clone native IPv6 options from listening socket (if any)
1223
1224 Yes, keeping reference count would be much more clever,
1225 but we make one more one thing there: reattach optmem
1226 to newsk.
1227 */
1228 if (np->opt)
1229 newnp->opt = ipv6_dup_options(newsk, np->opt);
1230
1231 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1232 if (newnp->opt)
1233 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1234 newnp->opt->opt_flen);
1235
1236 tcp_mtup_init(newsk);
1237 tcp_sync_mss(newsk, dst_mtu(dst));
1238 newtp->advmss = dst_metric_advmss(dst);
1239 if (tcp_sk(sk)->rx_opt.user_mss &&
1240 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1241 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1242
1243 tcp_initialize_rcv_mss(newsk);
1244
1245 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1246 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1247
1248#ifdef CONFIG_TCP_MD5SIG
1249 /* Copy over the MD5 key from the original socket */
1250 if ((key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr)) != NULL) {
1251 /* We're using one, so create a matching key
1252 * on the newsk structure. If we fail to get
1253 * memory, then we end up not copying the key
1254 * across. Shucks.
1255 */
1256 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
1257 AF_INET6, key->key, key->keylen,
1258 sk_gfp_atomic(sk, GFP_ATOMIC));
1259 }
1260#endif
1261
1262 if (__inet_inherit_port(sk, newsk) < 0) {
1263 inet_csk_prepare_forced_close(newsk);
1264 tcp_done(newsk);
1265 goto out;
1266 }
1267 __inet6_hash(newsk, NULL);
1268
1269 return newsk;
1270
1271out_overflow:
1272 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1273out_nonewsk:
1274 dst_release(dst);
1275out:
1276 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1277 return NULL;
1278}
1279
1280static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1281{
1282 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1283 if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr,
1284 &ipv6_hdr(skb)->daddr, skb->csum)) {
1285 skb->ip_summed = CHECKSUM_UNNECESSARY;
1286 return 0;
1287 }
1288 }
1289
1290 skb->csum = ~csum_unfold(tcp_v6_check(skb->len,
1291 &ipv6_hdr(skb)->saddr,
1292 &ipv6_hdr(skb)->daddr, 0));
1293
1294 if (skb->len <= 76) {
1295 return __skb_checksum_complete(skb);
1296 }
1297 return 0;
1298}
1299
1300/* The socket must have it's spinlock held when we get
1301 * here.
1302 *
1303 * We have a potential double-lock case here, so even when
1304 * doing backlog processing we use the BH locking scheme.
1305 * This is because we cannot sleep with the original spinlock
1306 * held.
1307 */
1308static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1309{
1310 struct ipv6_pinfo *np = inet6_sk(sk);
1311 struct tcp_sock *tp;
1312 struct sk_buff *opt_skb = NULL;
1313
1314 /* Imagine: socket is IPv6. IPv4 packet arrives,
1315 goes to IPv4 receive handler and backlogged.
1316 From backlog it always goes here. Kerboom...
1317 Fortunately, tcp_rcv_established and rcv_established
1318 handle them correctly, but it is not case with
1319 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1320 */
1321
1322 if (skb->protocol == htons(ETH_P_IP))
1323 return tcp_v4_do_rcv(sk, skb);
1324
1325#ifdef CONFIG_TCP_MD5SIG
1326 if (tcp_v6_inbound_md5_hash (sk, skb))
1327 goto discard;
1328#endif
1329
1330 if (sk_filter(sk, skb))
1331 goto discard;
1332
1333 /*
1334 * socket locking is here for SMP purposes as backlog rcv
1335 * is currently called with bh processing disabled.
1336 */
1337
1338 /* Do Stevens' IPV6_PKTOPTIONS.
1339
1340 Yes, guys, it is the only place in our code, where we
1341 may make it not affecting IPv4.
1342 The rest of code is protocol independent,
1343 and I do not like idea to uglify IPv4.
1344
1345 Actually, all the idea behind IPV6_PKTOPTIONS
1346 looks not very well thought. For now we latch
1347 options, received in the last packet, enqueued
1348 by tcp. Feel free to propose better solution.
1349 --ANK (980728)
1350 */
1351 if (np->rxopt.all)
1352 opt_skb = skb_clone(skb, sk_gfp_atomic(sk, GFP_ATOMIC));
1353
1354 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1355 struct dst_entry *dst = sk->sk_rx_dst;
1356
1357 sock_rps_save_rxhash(sk, skb);
1358 if (dst) {
1359 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1360 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1361 dst_release(dst);
1362 sk->sk_rx_dst = NULL;
1363 }
1364 }
1365
1366 tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len);
1367 if (opt_skb)
1368 goto ipv6_pktoptions;
1369 return 0;
1370 }
1371
1372 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1373 goto csum_err;
1374
1375 if (sk->sk_state == TCP_LISTEN) {
1376 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1377 if (!nsk)
1378 goto discard;
1379
1380 /*
1381 * Queue it on the new socket if the new socket is active,
1382 * otherwise we just shortcircuit this and continue with
1383 * the new socket..
1384 */
1385 if (nsk != sk) {
1386 sock_rps_save_rxhash(nsk, skb);
1387 if (tcp_child_process(sk, nsk, skb))
1388 goto reset;
1389 if (opt_skb)
1390 __kfree_skb(opt_skb);
1391 return 0;
1392 }
1393 } else
1394 sock_rps_save_rxhash(sk, skb);
1395
1396 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1397 goto reset;
1398 if (opt_skb)
1399 goto ipv6_pktoptions;
1400 return 0;
1401
1402reset:
1403 tcp_v6_send_reset(sk, skb);
1404discard:
1405 if (opt_skb)
1406 __kfree_skb(opt_skb);
1407 kfree_skb(skb);
1408 return 0;
1409csum_err:
1410 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_CSUMERRORS);
1411 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1412 goto discard;
1413
1414
1415ipv6_pktoptions:
1416 /* Do you ask, what is it?
1417
1418 1. skb was enqueued by tcp.
1419 2. skb is added to tail of read queue, rather than out of order.
1420 3. socket is not in passive state.
1421 4. Finally, it really contains options, which user wants to receive.
1422 */
1423 tp = tcp_sk(sk);
1424 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1425 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1426 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1427 np->mcast_oif = inet6_iif(opt_skb);
1428 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1429 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1430 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1431 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
1432 if (ipv6_opt_accepted(sk, opt_skb)) {
1433 skb_set_owner_r(opt_skb, sk);
1434 opt_skb = xchg(&np->pktoptions, opt_skb);
1435 } else {
1436 __kfree_skb(opt_skb);
1437 opt_skb = xchg(&np->pktoptions, NULL);
1438 }
1439 }
1440
1441 kfree_skb(opt_skb);
1442 return 0;
1443}
1444
1445static int tcp_v6_rcv(struct sk_buff *skb)
1446{
1447 const struct tcphdr *th;
1448 const struct ipv6hdr *hdr;
1449 struct sock *sk;
1450 int ret;
1451 struct net *net = dev_net(skb->dev);
1452
1453 if (skb->pkt_type != PACKET_HOST)
1454 goto discard_it;
1455
1456 /*
1457 * Count it even if it's bad.
1458 */
1459 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1460
1461 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1462 goto discard_it;
1463
1464 th = tcp_hdr(skb);
1465
1466 if (th->doff < sizeof(struct tcphdr)/4)
1467 goto bad_packet;
1468 if (!pskb_may_pull(skb, th->doff*4))
1469 goto discard_it;
1470
1471 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1472 goto csum_error;
1473
1474 th = tcp_hdr(skb);
1475 hdr = ipv6_hdr(skb);
1476 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1477 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1478 skb->len - th->doff*4);
1479 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1480 TCP_SKB_CB(skb)->when = 0;
1481 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1482 TCP_SKB_CB(skb)->sacked = 0;
1483
1484 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1485 if (!sk)
1486 goto no_tcp_socket;
1487
1488process:
1489 if (sk->sk_state == TCP_TIME_WAIT)
1490 goto do_time_wait;
1491
1492 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1493 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1494 goto discard_and_relse;
1495 }
1496
1497 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1498 goto discard_and_relse;
1499
1500 if (sk_filter(sk, skb))
1501 goto discard_and_relse;
1502
1503 sk_mark_napi_id(sk, skb);
1504 skb->dev = NULL;
1505
1506 bh_lock_sock_nested(sk);
1507 ret = 0;
1508 if (!sock_owned_by_user(sk)) {
1509#ifdef CONFIG_NET_DMA
1510 struct tcp_sock *tp = tcp_sk(sk);
1511 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1512 tp->ucopy.dma_chan = net_dma_find_channel();
1513 if (tp->ucopy.dma_chan)
1514 ret = tcp_v6_do_rcv(sk, skb);
1515 else
1516#endif
1517 {
1518 if (!tcp_prequeue(sk, skb))
1519 ret = tcp_v6_do_rcv(sk, skb);
1520 }
1521 } else if (unlikely(sk_add_backlog(sk, skb,
1522 sk->sk_rcvbuf + sk->sk_sndbuf))) {
1523 bh_unlock_sock(sk);
1524 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
1525 goto discard_and_relse;
1526 }
1527 bh_unlock_sock(sk);
1528
1529 sock_put(sk);
1530 return ret ? -1 : 0;
1531
1532no_tcp_socket:
1533 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1534 goto discard_it;
1535
1536 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1537csum_error:
1538 TCP_INC_STATS_BH(net, TCP_MIB_CSUMERRORS);
1539bad_packet:
1540 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1541 } else {
1542 tcp_v6_send_reset(NULL, skb);
1543 }
1544
1545discard_it:
1546 kfree_skb(skb);
1547 return 0;
1548
1549discard_and_relse:
1550 sock_put(sk);
1551 goto discard_it;
1552
1553do_time_wait:
1554 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1555 inet_twsk_put(inet_twsk(sk));
1556 goto discard_it;
1557 }
1558
1559 if (skb->len < (th->doff<<2)) {
1560 inet_twsk_put(inet_twsk(sk));
1561 goto bad_packet;
1562 }
1563 if (tcp_checksum_complete(skb)) {
1564 inet_twsk_put(inet_twsk(sk));
1565 goto csum_error;
1566 }
1567
1568 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1569 case TCP_TW_SYN:
1570 {
1571 struct sock *sk2;
1572
1573 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1574 &ipv6_hdr(skb)->saddr, th->source,
1575 &ipv6_hdr(skb)->daddr,
1576 ntohs(th->dest), inet6_iif(skb));
1577 if (sk2 != NULL) {
1578 struct inet_timewait_sock *tw = inet_twsk(sk);
1579 inet_twsk_deschedule(tw, &tcp_death_row);
1580 inet_twsk_put(tw);
1581 sk = sk2;
1582 goto process;
1583 }
1584 /* Fall through to ACK */
1585 }
1586 case TCP_TW_ACK:
1587 tcp_v6_timewait_ack(sk, skb);
1588 break;
1589 case TCP_TW_RST:
1590 goto no_tcp_socket;
1591 case TCP_TW_SUCCESS:;
1592 }
1593 goto discard_it;
1594}
1595
1596static void tcp_v6_early_demux(struct sk_buff *skb)
1597{
1598 const struct ipv6hdr *hdr;
1599 const struct tcphdr *th;
1600 struct sock *sk;
1601
1602 if (skb->pkt_type != PACKET_HOST)
1603 return;
1604
1605 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1606 return;
1607
1608 hdr = ipv6_hdr(skb);
1609 th = tcp_hdr(skb);
1610
1611 if (th->doff < sizeof(struct tcphdr) / 4)
1612 return;
1613
1614 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1615 &hdr->saddr, th->source,
1616 &hdr->daddr, ntohs(th->dest),
1617 inet6_iif(skb));
1618 if (sk) {
1619 skb->sk = sk;
1620 skb->destructor = sock_edemux;
1621 if (sk->sk_state != TCP_TIME_WAIT) {
1622 struct dst_entry *dst = sk->sk_rx_dst;
1623
1624 if (dst)
1625 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
1626 if (dst &&
1627 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1628 skb_dst_set_noref(skb, dst);
1629 }
1630 }
1631}
1632
1633static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1634 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1635 .twsk_unique = tcp_twsk_unique,
1636 .twsk_destructor= tcp_twsk_destructor,
1637};
1638
1639static const struct inet_connection_sock_af_ops ipv6_specific = {
1640 .queue_xmit = inet6_csk_xmit,
1641 .send_check = tcp_v6_send_check,
1642 .rebuild_header = inet6_sk_rebuild_header,
1643 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1644 .conn_request = tcp_v6_conn_request,
1645 .syn_recv_sock = tcp_v6_syn_recv_sock,
1646 .net_header_len = sizeof(struct ipv6hdr),
1647 .net_frag_header_len = sizeof(struct frag_hdr),
1648 .setsockopt = ipv6_setsockopt,
1649 .getsockopt = ipv6_getsockopt,
1650 .addr2sockaddr = inet6_csk_addr2sockaddr,
1651 .sockaddr_len = sizeof(struct sockaddr_in6),
1652 .bind_conflict = inet6_csk_bind_conflict,
1653#ifdef CONFIG_COMPAT
1654 .compat_setsockopt = compat_ipv6_setsockopt,
1655 .compat_getsockopt = compat_ipv6_getsockopt,
1656#endif
1657};
1658
1659#ifdef CONFIG_TCP_MD5SIG
1660static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1661 .md5_lookup = tcp_v6_md5_lookup,
1662 .calc_md5_hash = tcp_v6_md5_hash_skb,
1663 .md5_parse = tcp_v6_parse_md5_keys,
1664};
1665#endif
1666
1667/*
1668 * TCP over IPv4 via INET6 API
1669 */
1670
1671static const struct inet_connection_sock_af_ops ipv6_mapped = {
1672 .queue_xmit = ip_queue_xmit,
1673 .send_check = tcp_v4_send_check,
1674 .rebuild_header = inet_sk_rebuild_header,
1675 .sk_rx_dst_set = inet_sk_rx_dst_set,
1676 .conn_request = tcp_v6_conn_request,
1677 .syn_recv_sock = tcp_v6_syn_recv_sock,
1678 .net_header_len = sizeof(struct iphdr),
1679 .setsockopt = ipv6_setsockopt,
1680 .getsockopt = ipv6_getsockopt,
1681 .addr2sockaddr = inet6_csk_addr2sockaddr,
1682 .sockaddr_len = sizeof(struct sockaddr_in6),
1683 .bind_conflict = inet6_csk_bind_conflict,
1684#ifdef CONFIG_COMPAT
1685 .compat_setsockopt = compat_ipv6_setsockopt,
1686 .compat_getsockopt = compat_ipv6_getsockopt,
1687#endif
1688};
1689
1690#ifdef CONFIG_TCP_MD5SIG
1691static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1692 .md5_lookup = tcp_v4_md5_lookup,
1693 .calc_md5_hash = tcp_v4_md5_hash_skb,
1694 .md5_parse = tcp_v6_parse_md5_keys,
1695};
1696#endif
1697
1698/* NOTE: A lot of things set to zero explicitly by call to
1699 * sk_alloc() so need not be done here.
1700 */
1701static int tcp_v6_init_sock(struct sock *sk)
1702{
1703 struct inet_connection_sock *icsk = inet_csk(sk);
1704
1705 tcp_init_sock(sk);
1706
1707 icsk->icsk_af_ops = &ipv6_specific;
1708
1709#ifdef CONFIG_TCP_MD5SIG
1710 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1711#endif
1712
1713 return 0;
1714}
1715
1716static void tcp_v6_destroy_sock(struct sock *sk)
1717{
1718 tcp_v4_destroy_sock(sk);
1719 inet6_destroy_sock(sk);
1720}
1721
1722#ifdef CONFIG_PROC_FS
1723/* Proc filesystem TCPv6 sock list dumping. */
1724static void get_openreq6(struct seq_file *seq,
1725 const struct sock *sk, struct request_sock *req, int i, kuid_t uid)
1726{
1727 int ttd = req->expires - jiffies;
1728 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1729 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1730
1731 if (ttd < 0)
1732 ttd = 0;
1733
1734 seq_printf(seq,
1735 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1736 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1737 i,
1738 src->s6_addr32[0], src->s6_addr32[1],
1739 src->s6_addr32[2], src->s6_addr32[3],
1740 inet_rsk(req)->ir_num,
1741 dest->s6_addr32[0], dest->s6_addr32[1],
1742 dest->s6_addr32[2], dest->s6_addr32[3],
1743 ntohs(inet_rsk(req)->ir_rmt_port),
1744 TCP_SYN_RECV,
1745 0, 0, /* could print option size, but that is af dependent. */
1746 1, /* timers active (only the expire timer) */
1747 jiffies_to_clock_t(ttd),
1748 req->num_timeout,
1749 from_kuid_munged(seq_user_ns(seq), uid),
1750 0, /* non standard timer */
1751 0, /* open_requests have no inode */
1752 0, req);
1753}
1754
1755static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1756{
1757 const struct in6_addr *dest, *src;
1758 __u16 destp, srcp;
1759 int timer_active;
1760 unsigned long timer_expires;
1761 const struct inet_sock *inet = inet_sk(sp);
1762 const struct tcp_sock *tp = tcp_sk(sp);
1763 const struct inet_connection_sock *icsk = inet_csk(sp);
1764
1765 dest = &sp->sk_v6_daddr;
1766 src = &sp->sk_v6_rcv_saddr;
1767 destp = ntohs(inet->inet_dport);
1768 srcp = ntohs(inet->inet_sport);
1769
1770 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1771 timer_active = 1;
1772 timer_expires = icsk->icsk_timeout;
1773 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1774 timer_active = 4;
1775 timer_expires = icsk->icsk_timeout;
1776 } else if (timer_pending(&sp->sk_timer)) {
1777 timer_active = 2;
1778 timer_expires = sp->sk_timer.expires;
1779 } else {
1780 timer_active = 0;
1781 timer_expires = jiffies;
1782 }
1783
1784 seq_printf(seq,
1785 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1786 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1787 i,
1788 src->s6_addr32[0], src->s6_addr32[1],
1789 src->s6_addr32[2], src->s6_addr32[3], srcp,
1790 dest->s6_addr32[0], dest->s6_addr32[1],
1791 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1792 sp->sk_state,
1793 tp->write_seq-tp->snd_una,
1794 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1795 timer_active,
1796 jiffies_delta_to_clock_t(timer_expires - jiffies),
1797 icsk->icsk_retransmits,
1798 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1799 icsk->icsk_probes_out,
1800 sock_i_ino(sp),
1801 atomic_read(&sp->sk_refcnt), sp,
1802 jiffies_to_clock_t(icsk->icsk_rto),
1803 jiffies_to_clock_t(icsk->icsk_ack.ato),
1804 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
1805 tp->snd_cwnd,
1806 tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh
1807 );
1808}
1809
1810static void get_timewait6_sock(struct seq_file *seq,
1811 struct inet_timewait_sock *tw, int i)
1812{
1813 const struct in6_addr *dest, *src;
1814 __u16 destp, srcp;
1815 s32 delta = tw->tw_ttd - inet_tw_time_stamp();
1816
1817 dest = &tw->tw_v6_daddr;
1818 src = &tw->tw_v6_rcv_saddr;
1819 destp = ntohs(tw->tw_dport);
1820 srcp = ntohs(tw->tw_sport);
1821
1822 seq_printf(seq,
1823 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1824 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1825 i,
1826 src->s6_addr32[0], src->s6_addr32[1],
1827 src->s6_addr32[2], src->s6_addr32[3], srcp,
1828 dest->s6_addr32[0], dest->s6_addr32[1],
1829 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1830 tw->tw_substate, 0, 0,
1831 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1832 atomic_read(&tw->tw_refcnt), tw);
1833}
1834
1835static int tcp6_seq_show(struct seq_file *seq, void *v)
1836{
1837 struct tcp_iter_state *st;
1838 struct sock *sk = v;
1839
1840 if (v == SEQ_START_TOKEN) {
1841 seq_puts(seq,
1842 " sl "
1843 "local_address "
1844 "remote_address "
1845 "st tx_queue rx_queue tr tm->when retrnsmt"
1846 " uid timeout inode\n");
1847 goto out;
1848 }
1849 st = seq->private;
1850
1851 switch (st->state) {
1852 case TCP_SEQ_STATE_LISTENING:
1853 case TCP_SEQ_STATE_ESTABLISHED:
1854 if (sk->sk_state == TCP_TIME_WAIT)
1855 get_timewait6_sock(seq, v, st->num);
1856 else
1857 get_tcp6_sock(seq, v, st->num);
1858 break;
1859 case TCP_SEQ_STATE_OPENREQ:
1860 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
1861 break;
1862 }
1863out:
1864 return 0;
1865}
1866
1867static const struct file_operations tcp6_afinfo_seq_fops = {
1868 .owner = THIS_MODULE,
1869 .open = tcp_seq_open,
1870 .read = seq_read,
1871 .llseek = seq_lseek,
1872 .release = seq_release_net
1873};
1874
1875static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1876 .name = "tcp6",
1877 .family = AF_INET6,
1878 .seq_fops = &tcp6_afinfo_seq_fops,
1879 .seq_ops = {
1880 .show = tcp6_seq_show,
1881 },
1882};
1883
1884int __net_init tcp6_proc_init(struct net *net)
1885{
1886 return tcp_proc_register(net, &tcp6_seq_afinfo);
1887}
1888
1889void tcp6_proc_exit(struct net *net)
1890{
1891 tcp_proc_unregister(net, &tcp6_seq_afinfo);
1892}
1893#endif
1894
1895static void tcp_v6_clear_sk(struct sock *sk, int size)
1896{
1897 struct inet_sock *inet = inet_sk(sk);
1898
1899 /* we do not want to clear pinet6 field, because of RCU lookups */
1900 sk_prot_clear_nulls(sk, offsetof(struct inet_sock, pinet6));
1901
1902 size -= offsetof(struct inet_sock, pinet6) + sizeof(inet->pinet6);
1903 memset(&inet->pinet6 + 1, 0, size);
1904}
1905
1906struct proto tcpv6_prot = {
1907 .name = "TCPv6",
1908 .owner = THIS_MODULE,
1909 .close = tcp_close,
1910 .connect = tcp_v6_connect,
1911 .disconnect = tcp_disconnect,
1912 .accept = inet_csk_accept,
1913 .ioctl = tcp_ioctl,
1914 .init = tcp_v6_init_sock,
1915 .destroy = tcp_v6_destroy_sock,
1916 .shutdown = tcp_shutdown,
1917 .setsockopt = tcp_setsockopt,
1918 .getsockopt = tcp_getsockopt,
1919 .recvmsg = tcp_recvmsg,
1920 .sendmsg = tcp_sendmsg,
1921 .sendpage = tcp_sendpage,
1922 .backlog_rcv = tcp_v6_do_rcv,
1923 .release_cb = tcp_release_cb,
1924 .mtu_reduced = tcp_v6_mtu_reduced,
1925 .hash = tcp_v6_hash,
1926 .unhash = inet_unhash,
1927 .get_port = inet_csk_get_port,
1928 .enter_memory_pressure = tcp_enter_memory_pressure,
1929 .stream_memory_free = tcp_stream_memory_free,
1930 .sockets_allocated = &tcp_sockets_allocated,
1931 .memory_allocated = &tcp_memory_allocated,
1932 .memory_pressure = &tcp_memory_pressure,
1933 .orphan_count = &tcp_orphan_count,
1934 .sysctl_mem = sysctl_tcp_mem,
1935 .sysctl_wmem = sysctl_tcp_wmem,
1936 .sysctl_rmem = sysctl_tcp_rmem,
1937 .max_header = MAX_TCP_HEADER,
1938 .obj_size = sizeof(struct tcp6_sock),
1939 .slab_flags = SLAB_DESTROY_BY_RCU,
1940 .twsk_prot = &tcp6_timewait_sock_ops,
1941 .rsk_prot = &tcp6_request_sock_ops,
1942 .h.hashinfo = &tcp_hashinfo,
1943 .no_autobind = true,
1944#ifdef CONFIG_COMPAT
1945 .compat_setsockopt = compat_tcp_setsockopt,
1946 .compat_getsockopt = compat_tcp_getsockopt,
1947#endif
1948#ifdef CONFIG_MEMCG_KMEM
1949 .proto_cgroup = tcp_proto_cgroup,
1950#endif
1951 .clear_sk = tcp_v6_clear_sk,
1952};
1953
1954static const struct inet6_protocol tcpv6_protocol = {
1955 .early_demux = tcp_v6_early_demux,
1956 .handler = tcp_v6_rcv,
1957 .err_handler = tcp_v6_err,
1958 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1959};
1960
1961static struct inet_protosw tcpv6_protosw = {
1962 .type = SOCK_STREAM,
1963 .protocol = IPPROTO_TCP,
1964 .prot = &tcpv6_prot,
1965 .ops = &inet6_stream_ops,
1966 .no_check = 0,
1967 .flags = INET_PROTOSW_PERMANENT |
1968 INET_PROTOSW_ICSK,
1969};
1970
1971static int __net_init tcpv6_net_init(struct net *net)
1972{
1973 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
1974 SOCK_RAW, IPPROTO_TCP, net);
1975}
1976
1977static void __net_exit tcpv6_net_exit(struct net *net)
1978{
1979 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
1980}
1981
1982static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
1983{
1984 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
1985}
1986
1987static struct pernet_operations tcpv6_net_ops = {
1988 .init = tcpv6_net_init,
1989 .exit = tcpv6_net_exit,
1990 .exit_batch = tcpv6_net_exit_batch,
1991};
1992
1993int __init tcpv6_init(void)
1994{
1995 int ret;
1996
1997 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
1998 if (ret)
1999 goto out;
2000
2001 /* register inet6 protocol */
2002 ret = inet6_register_protosw(&tcpv6_protosw);
2003 if (ret)
2004 goto out_tcpv6_protocol;
2005
2006 ret = register_pernet_subsys(&tcpv6_net_ops);
2007 if (ret)
2008 goto out_tcpv6_protosw;
2009out:
2010 return ret;
2011
2012out_tcpv6_protosw:
2013 inet6_unregister_protosw(&tcpv6_protosw);
2014out_tcpv6_protocol:
2015 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2016 goto out;
2017}
2018
2019void tcpv6_exit(void)
2020{
2021 unregister_pernet_subsys(&tcpv6_net_ops);
2022 inet6_unregister_protosw(&tcpv6_protosw);
2023 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2024}
Linux kernel - Deliverables
This page took 0.032343 seconds and 5 git commands to generate.