3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
26 #include <linux/module.h>
27 #include <linux/errno.h>
28 #include <linux/types.h>
29 #include <linux/socket.h>
30 #include <linux/sockios.h>
31 #include <linux/net.h>
32 #include <linux/jiffies.h>
34 #include <linux/in6.h>
35 #include <linux/netdevice.h>
36 #include <linux/init.h>
37 #include <linux/jhash.h>
38 #include <linux/ipsec.h>
39 #include <linux/times.h>
41 #include <linux/ipv6.h>
42 #include <linux/icmpv6.h>
43 #include <linux/random.h>
46 #include <net/ndisc.h>
47 #include <net/inet6_hashtables.h>
48 #include <net/inet6_connection_sock.h>
50 #include <net/transp_v6.h>
51 #include <net/addrconf.h>
52 #include <net/ip6_route.h>
53 #include <net/ip6_checksum.h>
54 #include <net/inet_ecn.h>
55 #include <net/protocol.h>
58 #include <net/dsfield.h>
59 #include <net/timewait_sock.h>
60 #include <net/netdma.h>
61 #include <net/inet_common.h>
63 #include <asm/uaccess.h>
65 #include <linux/proc_fs.h>
66 #include <linux/seq_file.h>
68 #include <linux/crypto.h>
69 #include <linux/scatterlist.h>
71 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
72 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
73 struct request_sock *req);
75 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
77 static struct inet_connection_sock_af_ops ipv6_mapped;
78 static struct inet_connection_sock_af_ops ipv6_specific;
79 #ifdef CONFIG_TCP_MD5SIG
80 static struct tcp_sock_af_ops tcp_sock_ipv6_specific;
81 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
83 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
84 struct in6_addr *addr)
90 static void tcp_v6_hash(struct sock *sk)
92 if (sk->sk_state != TCP_CLOSE) {
93 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
103 static __inline__ __sum16 tcp_v6_check(struct tcphdr *th, int len,
104 struct in6_addr *saddr,
105 struct in6_addr *daddr,
108 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
111 static __u32 tcp_v6_init_sequence(struct sk_buff *skb)
113 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
114 ipv6_hdr(skb)->saddr.s6_addr32,
116 tcp_hdr(skb)->source);
119 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
122 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
123 struct inet_sock *inet = inet_sk(sk);
124 struct inet_connection_sock *icsk = inet_csk(sk);
125 struct ipv6_pinfo *np = inet6_sk(sk);
126 struct tcp_sock *tp = tcp_sk(sk);
127 struct in6_addr *saddr = NULL, *final_p = NULL, final;
129 struct dst_entry *dst;
133 if (addr_len < SIN6_LEN_RFC2133)
136 if (usin->sin6_family != AF_INET6)
137 return(-EAFNOSUPPORT);
139 memset(&fl, 0, sizeof(fl));
142 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
143 IP6_ECN_flow_init(fl.fl6_flowlabel);
144 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
145 struct ip6_flowlabel *flowlabel;
146 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
147 if (flowlabel == NULL)
149 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
150 fl6_sock_release(flowlabel);
155 * connect() to INADDR_ANY means loopback (BSD'ism).
158 if(ipv6_addr_any(&usin->sin6_addr))
159 usin->sin6_addr.s6_addr[15] = 0x1;
161 addr_type = ipv6_addr_type(&usin->sin6_addr);
163 if(addr_type & IPV6_ADDR_MULTICAST)
166 if (addr_type&IPV6_ADDR_LINKLOCAL) {
167 if (addr_len >= sizeof(struct sockaddr_in6) &&
168 usin->sin6_scope_id) {
169 /* If interface is set while binding, indices
172 if (sk->sk_bound_dev_if &&
173 sk->sk_bound_dev_if != usin->sin6_scope_id)
176 sk->sk_bound_dev_if = usin->sin6_scope_id;
179 /* Connect to link-local address requires an interface */
180 if (!sk->sk_bound_dev_if)
184 if (tp->rx_opt.ts_recent_stamp &&
185 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
186 tp->rx_opt.ts_recent = 0;
187 tp->rx_opt.ts_recent_stamp = 0;
191 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
192 np->flow_label = fl.fl6_flowlabel;
198 if (addr_type == IPV6_ADDR_MAPPED) {
199 u32 exthdrlen = icsk->icsk_ext_hdr_len;
200 struct sockaddr_in sin;
202 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
204 if (__ipv6_only_sock(sk))
207 sin.sin_family = AF_INET;
208 sin.sin_port = usin->sin6_port;
209 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
211 icsk->icsk_af_ops = &ipv6_mapped;
212 sk->sk_backlog_rcv = tcp_v4_do_rcv;
213 #ifdef CONFIG_TCP_MD5SIG
214 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
217 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
220 icsk->icsk_ext_hdr_len = exthdrlen;
221 icsk->icsk_af_ops = &ipv6_specific;
222 sk->sk_backlog_rcv = tcp_v6_do_rcv;
223 #ifdef CONFIG_TCP_MD5SIG
224 tp->af_specific = &tcp_sock_ipv6_specific;
228 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
230 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
237 if (!ipv6_addr_any(&np->rcv_saddr))
238 saddr = &np->rcv_saddr;
240 fl.proto = IPPROTO_TCP;
241 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
242 ipv6_addr_copy(&fl.fl6_src,
243 (saddr ? saddr : &np->saddr));
244 fl.oif = sk->sk_bound_dev_if;
245 fl.fl_ip_dport = usin->sin6_port;
246 fl.fl_ip_sport = inet->sport;
248 if (np->opt && np->opt->srcrt) {
249 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
250 ipv6_addr_copy(&final, &fl.fl6_dst);
251 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
255 security_sk_classify_flow(sk, &fl);
257 err = ip6_dst_lookup(sk, &dst, &fl);
261 ipv6_addr_copy(&fl.fl6_dst, final_p);
263 err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT);
266 err = ip6_dst_blackhole(sk, &dst, &fl);
273 ipv6_addr_copy(&np->rcv_saddr, saddr);
276 /* set the source address */
277 ipv6_addr_copy(&np->saddr, saddr);
278 inet->rcv_saddr = LOOPBACK4_IPV6;
280 sk->sk_gso_type = SKB_GSO_TCPV6;
281 __ip6_dst_store(sk, dst, NULL, NULL);
283 icsk->icsk_ext_hdr_len = 0;
285 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
288 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
290 inet->dport = usin->sin6_port;
292 tcp_set_state(sk, TCP_SYN_SENT);
293 err = inet6_hash_connect(&tcp_death_row, sk);
298 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
303 err = tcp_connect(sk);
310 tcp_set_state(sk, TCP_CLOSE);
314 sk->sk_route_caps = 0;
318 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
319 int type, int code, int offset, __be32 info)
321 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
322 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
323 struct ipv6_pinfo *np;
328 struct net *net = dev_net(skb->dev);
330 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
331 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
334 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
339 if (sk->sk_state == TCP_TIME_WAIT) {
340 inet_twsk_put(inet_twsk(sk));
345 if (sock_owned_by_user(sk))
346 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
348 if (sk->sk_state == TCP_CLOSE)
352 seq = ntohl(th->seq);
353 if (sk->sk_state != TCP_LISTEN &&
354 !between(seq, tp->snd_una, tp->snd_nxt)) {
355 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
361 if (type == ICMPV6_PKT_TOOBIG) {
362 struct dst_entry *dst = NULL;
364 if (sock_owned_by_user(sk))
366 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
369 /* icmp should have updated the destination cache entry */
370 dst = __sk_dst_check(sk, np->dst_cookie);
373 struct inet_sock *inet = inet_sk(sk);
376 /* BUGGG_FUTURE: Again, it is not clear how
377 to handle rthdr case. Ignore this complexity
380 memset(&fl, 0, sizeof(fl));
381 fl.proto = IPPROTO_TCP;
382 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
383 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
384 fl.oif = sk->sk_bound_dev_if;
385 fl.fl_ip_dport = inet->dport;
386 fl.fl_ip_sport = inet->sport;
387 security_skb_classify_flow(skb, &fl);
389 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
390 sk->sk_err_soft = -err;
394 if ((err = xfrm_lookup(net, &dst, &fl, sk, 0)) < 0) {
395 sk->sk_err_soft = -err;
402 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
403 tcp_sync_mss(sk, dst_mtu(dst));
404 tcp_simple_retransmit(sk);
405 } /* else let the usual retransmit timer handle it */
410 icmpv6_err_convert(type, code, &err);
412 /* Might be for an request_sock */
413 switch (sk->sk_state) {
414 struct request_sock *req, **prev;
416 if (sock_owned_by_user(sk))
419 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
420 &hdr->saddr, inet6_iif(skb));
424 /* ICMPs are not backlogged, hence we cannot get
425 * an established socket here.
427 WARN_ON(req->sk != NULL);
429 if (seq != tcp_rsk(req)->snt_isn) {
430 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
434 inet_csk_reqsk_queue_drop(sk, req, prev);
438 case TCP_SYN_RECV: /* Cannot happen.
439 It can, it SYNs are crossed. --ANK */
440 if (!sock_owned_by_user(sk)) {
442 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
446 sk->sk_err_soft = err;
450 if (!sock_owned_by_user(sk) && np->recverr) {
452 sk->sk_error_report(sk);
454 sk->sk_err_soft = err;
462 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req)
464 struct inet6_request_sock *treq = inet6_rsk(req);
465 struct ipv6_pinfo *np = inet6_sk(sk);
466 struct sk_buff * skb;
467 struct ipv6_txoptions *opt = NULL;
468 struct in6_addr * final_p = NULL, final;
470 struct dst_entry *dst;
473 memset(&fl, 0, sizeof(fl));
474 fl.proto = IPPROTO_TCP;
475 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
476 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
477 fl.fl6_flowlabel = 0;
479 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
480 fl.fl_ip_sport = inet_rsk(req)->loc_port;
481 security_req_classify_flow(req, &fl);
484 if (opt && opt->srcrt) {
485 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
486 ipv6_addr_copy(&final, &fl.fl6_dst);
487 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
491 err = ip6_dst_lookup(sk, &dst, &fl);
495 ipv6_addr_copy(&fl.fl6_dst, final_p);
496 if ((err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0)
499 skb = tcp_make_synack(sk, dst, req);
501 struct tcphdr *th = tcp_hdr(skb);
503 th->check = tcp_v6_check(th, skb->len,
504 &treq->loc_addr, &treq->rmt_addr,
505 csum_partial(th, skb->len, skb->csum));
507 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
508 err = ip6_xmit(sk, skb, &fl, opt, 0);
509 err = net_xmit_eval(err);
513 if (opt && opt != np->opt)
514 sock_kfree_s(sk, opt, opt->tot_len);
519 static inline void syn_flood_warning(struct sk_buff *skb)
521 #ifdef CONFIG_SYN_COOKIES
522 if (sysctl_tcp_syncookies)
524 "TCPv6: Possible SYN flooding on port %d. "
525 "Sending cookies.\n", ntohs(tcp_hdr(skb)->dest));
529 "TCPv6: Possible SYN flooding on port %d. "
530 "Dropping request.\n", ntohs(tcp_hdr(skb)->dest));
533 static void tcp_v6_reqsk_destructor(struct request_sock *req)
535 if (inet6_rsk(req)->pktopts)
536 kfree_skb(inet6_rsk(req)->pktopts);
539 #ifdef CONFIG_TCP_MD5SIG
540 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
541 struct in6_addr *addr)
543 struct tcp_sock *tp = tcp_sk(sk);
548 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
551 for (i = 0; i < tp->md5sig_info->entries6; i++) {
552 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, addr))
553 return &tp->md5sig_info->keys6[i].base;
558 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
559 struct sock *addr_sk)
561 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
564 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
565 struct request_sock *req)
567 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
570 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer,
571 char *newkey, u8 newkeylen)
573 /* Add key to the list */
574 struct tcp_md5sig_key *key;
575 struct tcp_sock *tp = tcp_sk(sk);
576 struct tcp6_md5sig_key *keys;
578 key = tcp_v6_md5_do_lookup(sk, peer);
580 /* modify existing entry - just update that one */
583 key->keylen = newkeylen;
585 /* reallocate new list if current one is full. */
586 if (!tp->md5sig_info) {
587 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
588 if (!tp->md5sig_info) {
592 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
594 if (tcp_alloc_md5sig_pool() == NULL) {
598 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
599 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
600 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
603 tcp_free_md5sig_pool();
608 if (tp->md5sig_info->entries6)
609 memmove(keys, tp->md5sig_info->keys6,
610 (sizeof (tp->md5sig_info->keys6[0]) *
611 tp->md5sig_info->entries6));
613 kfree(tp->md5sig_info->keys6);
614 tp->md5sig_info->keys6 = keys;
615 tp->md5sig_info->alloced6++;
618 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
620 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
621 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
623 tp->md5sig_info->entries6++;
628 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
629 u8 *newkey, __u8 newkeylen)
631 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
635 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer)
637 struct tcp_sock *tp = tcp_sk(sk);
640 for (i = 0; i < tp->md5sig_info->entries6; i++) {
641 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, peer)) {
643 kfree(tp->md5sig_info->keys6[i].base.key);
644 tp->md5sig_info->entries6--;
646 if (tp->md5sig_info->entries6 == 0) {
647 kfree(tp->md5sig_info->keys6);
648 tp->md5sig_info->keys6 = NULL;
649 tp->md5sig_info->alloced6 = 0;
651 /* shrink the database */
652 if (tp->md5sig_info->entries6 != i)
653 memmove(&tp->md5sig_info->keys6[i],
654 &tp->md5sig_info->keys6[i+1],
655 (tp->md5sig_info->entries6 - i)
656 * sizeof (tp->md5sig_info->keys6[0]));
658 tcp_free_md5sig_pool();
665 static void tcp_v6_clear_md5_list (struct sock *sk)
667 struct tcp_sock *tp = tcp_sk(sk);
670 if (tp->md5sig_info->entries6) {
671 for (i = 0; i < tp->md5sig_info->entries6; i++)
672 kfree(tp->md5sig_info->keys6[i].base.key);
673 tp->md5sig_info->entries6 = 0;
674 tcp_free_md5sig_pool();
677 kfree(tp->md5sig_info->keys6);
678 tp->md5sig_info->keys6 = NULL;
679 tp->md5sig_info->alloced6 = 0;
681 if (tp->md5sig_info->entries4) {
682 for (i = 0; i < tp->md5sig_info->entries4; i++)
683 kfree(tp->md5sig_info->keys4[i].base.key);
684 tp->md5sig_info->entries4 = 0;
685 tcp_free_md5sig_pool();
688 kfree(tp->md5sig_info->keys4);
689 tp->md5sig_info->keys4 = NULL;
690 tp->md5sig_info->alloced4 = 0;
693 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
696 struct tcp_md5sig cmd;
697 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
700 if (optlen < sizeof(cmd))
703 if (copy_from_user(&cmd, optval, sizeof(cmd)))
706 if (sin6->sin6_family != AF_INET6)
709 if (!cmd.tcpm_keylen) {
710 if (!tcp_sk(sk)->md5sig_info)
712 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
713 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
714 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
717 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
720 if (!tcp_sk(sk)->md5sig_info) {
721 struct tcp_sock *tp = tcp_sk(sk);
722 struct tcp_md5sig_info *p;
724 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
729 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
732 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
735 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
736 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
737 newkey, cmd.tcpm_keylen);
739 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
742 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
743 struct in6_addr *daddr,
744 struct in6_addr *saddr, int nbytes)
746 struct tcp6_pseudohdr *bp;
747 struct scatterlist sg;
749 bp = &hp->md5_blk.ip6;
750 /* 1. TCP pseudo-header (RFC2460) */
751 ipv6_addr_copy(&bp->saddr, saddr);
752 ipv6_addr_copy(&bp->daddr, daddr);
753 bp->protocol = cpu_to_be32(IPPROTO_TCP);
754 bp->len = cpu_to_be32(nbytes);
756 sg_init_one(&sg, bp, sizeof(*bp));
757 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
760 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
761 struct in6_addr *daddr, struct in6_addr *saddr,
764 struct tcp_md5sig_pool *hp;
765 struct hash_desc *desc;
767 hp = tcp_get_md5sig_pool();
769 goto clear_hash_noput;
770 desc = &hp->md5_desc;
772 if (crypto_hash_init(desc))
774 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
776 if (tcp_md5_hash_header(hp, th))
778 if (tcp_md5_hash_key(hp, key))
780 if (crypto_hash_final(desc, md5_hash))
783 tcp_put_md5sig_pool();
787 tcp_put_md5sig_pool();
789 memset(md5_hash, 0, 16);
793 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
794 struct sock *sk, struct request_sock *req,
797 struct in6_addr *saddr, *daddr;
798 struct tcp_md5sig_pool *hp;
799 struct hash_desc *desc;
800 struct tcphdr *th = tcp_hdr(skb);
803 saddr = &inet6_sk(sk)->saddr;
804 daddr = &inet6_sk(sk)->daddr;
806 saddr = &inet6_rsk(req)->loc_addr;
807 daddr = &inet6_rsk(req)->rmt_addr;
809 struct ipv6hdr *ip6h = ipv6_hdr(skb);
810 saddr = &ip6h->saddr;
811 daddr = &ip6h->daddr;
814 hp = tcp_get_md5sig_pool();
816 goto clear_hash_noput;
817 desc = &hp->md5_desc;
819 if (crypto_hash_init(desc))
822 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
824 if (tcp_md5_hash_header(hp, th))
826 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
828 if (tcp_md5_hash_key(hp, key))
830 if (crypto_hash_final(desc, md5_hash))
833 tcp_put_md5sig_pool();
837 tcp_put_md5sig_pool();
839 memset(md5_hash, 0, 16);
843 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
845 __u8 *hash_location = NULL;
846 struct tcp_md5sig_key *hash_expected;
847 struct ipv6hdr *ip6h = ipv6_hdr(skb);
848 struct tcphdr *th = tcp_hdr(skb);
852 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
853 hash_location = tcp_parse_md5sig_option(th);
855 /* We've parsed the options - do we have a hash? */
856 if (!hash_expected && !hash_location)
859 if (hash_expected && !hash_location) {
860 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
864 if (!hash_expected && hash_location) {
865 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
869 /* check the signature */
870 genhash = tcp_v6_md5_hash_skb(newhash,
874 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
875 if (net_ratelimit()) {
876 printk(KERN_INFO "MD5 Hash %s for (%pI6, %u)->(%pI6, %u)\n",
877 genhash ? "failed" : "mismatch",
878 &ip6h->saddr, ntohs(th->source),
879 &ip6h->daddr, ntohs(th->dest));
887 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
889 .obj_size = sizeof(struct tcp6_request_sock),
890 .rtx_syn_ack = tcp_v6_send_synack,
891 .send_ack = tcp_v6_reqsk_send_ack,
892 .destructor = tcp_v6_reqsk_destructor,
893 .send_reset = tcp_v6_send_reset
896 #ifdef CONFIG_TCP_MD5SIG
897 static struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
898 .md5_lookup = tcp_v6_reqsk_md5_lookup,
902 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
903 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
904 .twsk_unique = tcp_twsk_unique,
905 .twsk_destructor= tcp_twsk_destructor,
908 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb)
910 struct ipv6_pinfo *np = inet6_sk(sk);
911 struct tcphdr *th = tcp_hdr(skb);
913 if (skb->ip_summed == CHECKSUM_PARTIAL) {
914 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
915 skb->csum_start = skb_transport_header(skb) - skb->head;
916 skb->csum_offset = offsetof(struct tcphdr, check);
918 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
919 csum_partial(th, th->doff<<2,
924 static int tcp_v6_gso_send_check(struct sk_buff *skb)
926 struct ipv6hdr *ipv6h;
929 if (!pskb_may_pull(skb, sizeof(*th)))
932 ipv6h = ipv6_hdr(skb);
936 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
938 skb->csum_start = skb_transport_header(skb) - skb->head;
939 skb->csum_offset = offsetof(struct tcphdr, check);
940 skb->ip_summed = CHECKSUM_PARTIAL;
944 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
945 u32 ts, struct tcp_md5sig_key *key, int rst)
947 struct tcphdr *th = tcp_hdr(skb), *t1;
948 struct sk_buff *buff;
950 struct net *net = dev_net(skb->dst->dev);
951 struct sock *ctl_sk = net->ipv6.tcp_sk;
952 unsigned int tot_len = sizeof(struct tcphdr);
956 tot_len += TCPOLEN_TSTAMP_ALIGNED;
957 #ifdef CONFIG_TCP_MD5SIG
959 tot_len += TCPOLEN_MD5SIG_ALIGNED;
962 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
967 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
969 t1 = (struct tcphdr *) skb_push(buff, tot_len);
971 /* Swap the send and the receive. */
972 memset(t1, 0, sizeof(*t1));
973 t1->dest = th->source;
974 t1->source = th->dest;
975 t1->doff = tot_len / 4;
976 t1->seq = htonl(seq);
977 t1->ack_seq = htonl(ack);
978 t1->ack = !rst || !th->ack;
980 t1->window = htons(win);
982 topt = (__be32 *)(t1 + 1);
985 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
986 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
987 *topt++ = htonl(tcp_time_stamp);
991 #ifdef CONFIG_TCP_MD5SIG
993 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
994 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
995 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
996 &ipv6_hdr(skb)->saddr,
997 &ipv6_hdr(skb)->daddr, t1);
1001 buff->csum = csum_partial(t1, tot_len, 0);
1003 memset(&fl, 0, sizeof(fl));
1004 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1005 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1007 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1008 tot_len, IPPROTO_TCP,
1011 fl.proto = IPPROTO_TCP;
1012 fl.oif = inet6_iif(skb);
1013 fl.fl_ip_dport = t1->dest;
1014 fl.fl_ip_sport = t1->source;
1015 security_skb_classify_flow(skb, &fl);
1017 /* Pass a socket to ip6_dst_lookup either it is for RST
1018 * Underlying function will use this to retrieve the network
1021 if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) {
1022 if (xfrm_lookup(net, &buff->dst, &fl, NULL, 0) >= 0) {
1023 ip6_xmit(ctl_sk, buff, &fl, NULL, 0);
1024 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
1026 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
1034 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
1036 struct tcphdr *th = tcp_hdr(skb);
1037 u32 seq = 0, ack_seq = 0;
1038 struct tcp_md5sig_key *key = NULL;
1043 if (!ipv6_unicast_destination(skb))
1046 #ifdef CONFIG_TCP_MD5SIG
1048 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr);
1052 seq = ntohl(th->ack_seq);
1054 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
1057 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1);
1060 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts,
1061 struct tcp_md5sig_key *key)
1063 tcp_v6_send_response(skb, seq, ack, win, ts, key, 0);
1066 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1068 struct inet_timewait_sock *tw = inet_twsk(sk);
1069 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1071 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1072 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1073 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw));
1078 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
1079 struct request_sock *req)
1081 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent,
1082 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr));
1086 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1088 struct request_sock *req, **prev;
1089 const struct tcphdr *th = tcp_hdr(skb);
1092 /* Find possible connection requests. */
1093 req = inet6_csk_search_req(sk, &prev, th->source,
1094 &ipv6_hdr(skb)->saddr,
1095 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1097 return tcp_check_req(sk, skb, req, prev);
1099 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
1100 &ipv6_hdr(skb)->saddr, th->source,
1101 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1104 if (nsk->sk_state != TCP_TIME_WAIT) {
1108 inet_twsk_put(inet_twsk(nsk));
1112 #ifdef CONFIG_SYN_COOKIES
1113 if (!th->rst && !th->syn && th->ack)
1114 sk = cookie_v6_check(sk, skb);
1119 /* FIXME: this is substantially similar to the ipv4 code.
1120 * Can some kind of merge be done? -- erics
1122 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1124 struct inet6_request_sock *treq;
1125 struct ipv6_pinfo *np = inet6_sk(sk);
1126 struct tcp_options_received tmp_opt;
1127 struct tcp_sock *tp = tcp_sk(sk);
1128 struct request_sock *req = NULL;
1129 __u32 isn = TCP_SKB_CB(skb)->when;
1130 #ifdef CONFIG_SYN_COOKIES
1131 int want_cookie = 0;
1133 #define want_cookie 0
1136 if (skb->protocol == htons(ETH_P_IP))
1137 return tcp_v4_conn_request(sk, skb);
1139 if (!ipv6_unicast_destination(skb))
1142 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1143 if (net_ratelimit())
1144 syn_flood_warning(skb);
1145 #ifdef CONFIG_SYN_COOKIES
1146 if (sysctl_tcp_syncookies)
1153 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1156 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1160 #ifdef CONFIG_TCP_MD5SIG
1161 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1164 tcp_clear_options(&tmp_opt);
1165 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1166 tmp_opt.user_mss = tp->rx_opt.user_mss;
1168 tcp_parse_options(skb, &tmp_opt, 0);
1170 if (want_cookie && !tmp_opt.saw_tstamp)
1171 tcp_clear_options(&tmp_opt);
1173 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1174 tcp_openreq_init(req, &tmp_opt, skb);
1176 treq = inet6_rsk(req);
1177 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1178 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1180 TCP_ECN_create_request(req, tcp_hdr(skb));
1183 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1184 req->cookie_ts = tmp_opt.tstamp_ok;
1186 if (ipv6_opt_accepted(sk, skb) ||
1187 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1188 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1189 atomic_inc(&skb->users);
1190 treq->pktopts = skb;
1192 treq->iif = sk->sk_bound_dev_if;
1194 /* So that link locals have meaning */
1195 if (!sk->sk_bound_dev_if &&
1196 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1197 treq->iif = inet6_iif(skb);
1199 isn = tcp_v6_init_sequence(skb);
1202 tcp_rsk(req)->snt_isn = isn;
1204 security_inet_conn_request(sk, skb, req);
1206 if (tcp_v6_send_synack(sk, req))
1210 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1218 return 0; /* don't send reset */
1221 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1222 struct request_sock *req,
1223 struct dst_entry *dst)
1225 struct inet6_request_sock *treq;
1226 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1227 struct tcp6_sock *newtcp6sk;
1228 struct inet_sock *newinet;
1229 struct tcp_sock *newtp;
1231 struct ipv6_txoptions *opt;
1232 #ifdef CONFIG_TCP_MD5SIG
1233 struct tcp_md5sig_key *key;
1236 if (skb->protocol == htons(ETH_P_IP)) {
1241 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1246 newtcp6sk = (struct tcp6_sock *)newsk;
1247 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1249 newinet = inet_sk(newsk);
1250 newnp = inet6_sk(newsk);
1251 newtp = tcp_sk(newsk);
1253 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1255 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
1258 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
1261 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1263 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1264 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1265 #ifdef CONFIG_TCP_MD5SIG
1266 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1269 newnp->pktoptions = NULL;
1271 newnp->mcast_oif = inet6_iif(skb);
1272 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1275 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1276 * here, tcp_create_openreq_child now does this for us, see the comment in
1277 * that function for the gory details. -acme
1280 /* It is tricky place. Until this moment IPv4 tcp
1281 worked with IPv6 icsk.icsk_af_ops.
1284 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1289 treq = inet6_rsk(req);
1292 if (sk_acceptq_is_full(sk))
1296 struct in6_addr *final_p = NULL, final;
1299 memset(&fl, 0, sizeof(fl));
1300 fl.proto = IPPROTO_TCP;
1301 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1302 if (opt && opt->srcrt) {
1303 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
1304 ipv6_addr_copy(&final, &fl.fl6_dst);
1305 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1308 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1309 fl.oif = sk->sk_bound_dev_if;
1310 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1311 fl.fl_ip_sport = inet_rsk(req)->loc_port;
1312 security_req_classify_flow(req, &fl);
1314 if (ip6_dst_lookup(sk, &dst, &fl))
1318 ipv6_addr_copy(&fl.fl6_dst, final_p);
1320 if ((xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0)
1324 newsk = tcp_create_openreq_child(sk, req, skb);
1329 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1330 * count here, tcp_create_openreq_child now does this for us, see the
1331 * comment in that function for the gory details. -acme
1334 newsk->sk_gso_type = SKB_GSO_TCPV6;
1335 __ip6_dst_store(newsk, dst, NULL, NULL);
1337 newtcp6sk = (struct tcp6_sock *)newsk;
1338 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1340 newtp = tcp_sk(newsk);
1341 newinet = inet_sk(newsk);
1342 newnp = inet6_sk(newsk);
1344 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1346 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1347 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1348 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1349 newsk->sk_bound_dev_if = treq->iif;
1351 /* Now IPv6 options...
1353 First: no IPv4 options.
1355 newinet->opt = NULL;
1356 newnp->ipv6_fl_list = NULL;
1359 newnp->rxopt.all = np->rxopt.all;
1361 /* Clone pktoptions received with SYN */
1362 newnp->pktoptions = NULL;
1363 if (treq->pktopts != NULL) {
1364 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1365 kfree_skb(treq->pktopts);
1366 treq->pktopts = NULL;
1367 if (newnp->pktoptions)
1368 skb_set_owner_r(newnp->pktoptions, newsk);
1371 newnp->mcast_oif = inet6_iif(skb);
1372 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1374 /* Clone native IPv6 options from listening socket (if any)
1376 Yes, keeping reference count would be much more clever,
1377 but we make one more one thing there: reattach optmem
1381 newnp->opt = ipv6_dup_options(newsk, opt);
1383 sock_kfree_s(sk, opt, opt->tot_len);
1386 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1388 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1389 newnp->opt->opt_flen);
1391 tcp_mtup_init(newsk);
1392 tcp_sync_mss(newsk, dst_mtu(dst));
1393 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1394 tcp_initialize_rcv_mss(newsk);
1396 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
1398 #ifdef CONFIG_TCP_MD5SIG
1399 /* Copy over the MD5 key from the original socket */
1400 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1401 /* We're using one, so create a matching key
1402 * on the newsk structure. If we fail to get
1403 * memory, then we end up not copying the key
1406 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1408 tcp_v6_md5_do_add(newsk, &inet6_sk(sk)->daddr,
1409 newkey, key->keylen);
1413 __inet6_hash(newsk);
1414 __inet_inherit_port(sk, newsk);
1419 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1421 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1422 if (opt && opt != np->opt)
1423 sock_kfree_s(sk, opt, opt->tot_len);
1428 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1430 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1431 if (!tcp_v6_check(tcp_hdr(skb), skb->len, &ipv6_hdr(skb)->saddr,
1432 &ipv6_hdr(skb)->daddr, skb->csum)) {
1433 skb->ip_summed = CHECKSUM_UNNECESSARY;
1438 skb->csum = ~csum_unfold(tcp_v6_check(tcp_hdr(skb), skb->len,
1439 &ipv6_hdr(skb)->saddr,
1440 &ipv6_hdr(skb)->daddr, 0));
1442 if (skb->len <= 76) {
1443 return __skb_checksum_complete(skb);
1448 /* The socket must have it's spinlock held when we get
1451 * We have a potential double-lock case here, so even when
1452 * doing backlog processing we use the BH locking scheme.
1453 * This is because we cannot sleep with the original spinlock
1456 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1458 struct ipv6_pinfo *np = inet6_sk(sk);
1459 struct tcp_sock *tp;
1460 struct sk_buff *opt_skb = NULL;
1462 /* Imagine: socket is IPv6. IPv4 packet arrives,
1463 goes to IPv4 receive handler and backlogged.
1464 From backlog it always goes here. Kerboom...
1465 Fortunately, tcp_rcv_established and rcv_established
1466 handle them correctly, but it is not case with
1467 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1470 if (skb->protocol == htons(ETH_P_IP))
1471 return tcp_v4_do_rcv(sk, skb);
1473 #ifdef CONFIG_TCP_MD5SIG
1474 if (tcp_v6_inbound_md5_hash (sk, skb))
1478 if (sk_filter(sk, skb))
1482 * socket locking is here for SMP purposes as backlog rcv
1483 * is currently called with bh processing disabled.
1486 /* Do Stevens' IPV6_PKTOPTIONS.
1488 Yes, guys, it is the only place in our code, where we
1489 may make it not affecting IPv4.
1490 The rest of code is protocol independent,
1491 and I do not like idea to uglify IPv4.
1493 Actually, all the idea behind IPV6_PKTOPTIONS
1494 looks not very well thought. For now we latch
1495 options, received in the last packet, enqueued
1496 by tcp. Feel free to propose better solution.
1500 opt_skb = skb_clone(skb, GFP_ATOMIC);
1502 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1503 TCP_CHECK_TIMER(sk);
1504 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1506 TCP_CHECK_TIMER(sk);
1508 goto ipv6_pktoptions;
1512 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1515 if (sk->sk_state == TCP_LISTEN) {
1516 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1521 * Queue it on the new socket if the new socket is active,
1522 * otherwise we just shortcircuit this and continue with
1526 if (tcp_child_process(sk, nsk, skb))
1529 __kfree_skb(opt_skb);
1534 TCP_CHECK_TIMER(sk);
1535 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1537 TCP_CHECK_TIMER(sk);
1539 goto ipv6_pktoptions;
1543 tcp_v6_send_reset(sk, skb);
1546 __kfree_skb(opt_skb);
1550 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1555 /* Do you ask, what is it?
1557 1. skb was enqueued by tcp.
1558 2. skb is added to tail of read queue, rather than out of order.
1559 3. socket is not in passive state.
1560 4. Finally, it really contains options, which user wants to receive.
1563 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1564 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1565 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1566 np->mcast_oif = inet6_iif(opt_skb);
1567 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1568 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1569 if (ipv6_opt_accepted(sk, opt_skb)) {
1570 skb_set_owner_r(opt_skb, sk);
1571 opt_skb = xchg(&np->pktoptions, opt_skb);
1573 __kfree_skb(opt_skb);
1574 opt_skb = xchg(&np->pktoptions, NULL);
1583 static int tcp_v6_rcv(struct sk_buff *skb)
1588 struct net *net = dev_net(skb->dev);
1590 if (skb->pkt_type != PACKET_HOST)
1594 * Count it even if it's bad.
1596 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1598 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1603 if (th->doff < sizeof(struct tcphdr)/4)
1605 if (!pskb_may_pull(skb, th->doff*4))
1608 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1612 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1613 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1614 skb->len - th->doff*4);
1615 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1616 TCP_SKB_CB(skb)->when = 0;
1617 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(ipv6_hdr(skb));
1618 TCP_SKB_CB(skb)->sacked = 0;
1620 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1625 if (sk->sk_state == TCP_TIME_WAIT)
1628 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1629 goto discard_and_relse;
1631 if (sk_filter(sk, skb))
1632 goto discard_and_relse;
1636 bh_lock_sock_nested(sk);
1638 if (!sock_owned_by_user(sk)) {
1639 #ifdef CONFIG_NET_DMA
1640 struct tcp_sock *tp = tcp_sk(sk);
1641 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1642 tp->ucopy.dma_chan = get_softnet_dma();
1643 if (tp->ucopy.dma_chan)
1644 ret = tcp_v6_do_rcv(sk, skb);
1648 if (!tcp_prequeue(sk, skb))
1649 ret = tcp_v6_do_rcv(sk, skb);
1652 sk_add_backlog(sk, skb);
1656 return ret ? -1 : 0;
1659 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1662 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1664 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1666 tcp_v6_send_reset(NULL, skb);
1683 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1684 inet_twsk_put(inet_twsk(sk));
1688 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1689 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1690 inet_twsk_put(inet_twsk(sk));
1694 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1699 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1700 &ipv6_hdr(skb)->daddr,
1701 ntohs(th->dest), inet6_iif(skb));
1703 struct inet_timewait_sock *tw = inet_twsk(sk);
1704 inet_twsk_deschedule(tw, &tcp_death_row);
1709 /* Fall through to ACK */
1712 tcp_v6_timewait_ack(sk, skb);
1716 case TCP_TW_SUCCESS:;
1721 static int tcp_v6_remember_stamp(struct sock *sk)
1723 /* Alas, not yet... */
1727 static struct inet_connection_sock_af_ops ipv6_specific = {
1728 .queue_xmit = inet6_csk_xmit,
1729 .send_check = tcp_v6_send_check,
1730 .rebuild_header = inet6_sk_rebuild_header,
1731 .conn_request = tcp_v6_conn_request,
1732 .syn_recv_sock = tcp_v6_syn_recv_sock,
1733 .remember_stamp = tcp_v6_remember_stamp,
1734 .net_header_len = sizeof(struct ipv6hdr),
1735 .setsockopt = ipv6_setsockopt,
1736 .getsockopt = ipv6_getsockopt,
1737 .addr2sockaddr = inet6_csk_addr2sockaddr,
1738 .sockaddr_len = sizeof(struct sockaddr_in6),
1739 .bind_conflict = inet6_csk_bind_conflict,
1740 #ifdef CONFIG_COMPAT
1741 .compat_setsockopt = compat_ipv6_setsockopt,
1742 .compat_getsockopt = compat_ipv6_getsockopt,
1746 #ifdef CONFIG_TCP_MD5SIG
1747 static struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1748 .md5_lookup = tcp_v6_md5_lookup,
1749 .calc_md5_hash = tcp_v6_md5_hash_skb,
1750 .md5_add = tcp_v6_md5_add_func,
1751 .md5_parse = tcp_v6_parse_md5_keys,
1756 * TCP over IPv4 via INET6 API
1759 static struct inet_connection_sock_af_ops ipv6_mapped = {
1760 .queue_xmit = ip_queue_xmit,
1761 .send_check = tcp_v4_send_check,
1762 .rebuild_header = inet_sk_rebuild_header,
1763 .conn_request = tcp_v6_conn_request,
1764 .syn_recv_sock = tcp_v6_syn_recv_sock,
1765 .remember_stamp = tcp_v4_remember_stamp,
1766 .net_header_len = sizeof(struct iphdr),
1767 .setsockopt = ipv6_setsockopt,
1768 .getsockopt = ipv6_getsockopt,
1769 .addr2sockaddr = inet6_csk_addr2sockaddr,
1770 .sockaddr_len = sizeof(struct sockaddr_in6),
1771 .bind_conflict = inet6_csk_bind_conflict,
1772 #ifdef CONFIG_COMPAT
1773 .compat_setsockopt = compat_ipv6_setsockopt,
1774 .compat_getsockopt = compat_ipv6_getsockopt,
1778 #ifdef CONFIG_TCP_MD5SIG
1779 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1780 .md5_lookup = tcp_v4_md5_lookup,
1781 .calc_md5_hash = tcp_v4_md5_hash_skb,
1782 .md5_add = tcp_v6_md5_add_func,
1783 .md5_parse = tcp_v6_parse_md5_keys,
1787 /* NOTE: A lot of things set to zero explicitly by call to
1788 * sk_alloc() so need not be done here.
1790 static int tcp_v6_init_sock(struct sock *sk)
1792 struct inet_connection_sock *icsk = inet_csk(sk);
1793 struct tcp_sock *tp = tcp_sk(sk);
1795 skb_queue_head_init(&tp->out_of_order_queue);
1796 tcp_init_xmit_timers(sk);
1797 tcp_prequeue_init(tp);
1799 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1800 tp->mdev = TCP_TIMEOUT_INIT;
1802 /* So many TCP implementations out there (incorrectly) count the
1803 * initial SYN frame in their delayed-ACK and congestion control
1804 * algorithms that we must have the following bandaid to talk
1805 * efficiently to them. -DaveM
1809 /* See draft-stevens-tcpca-spec-01 for discussion of the
1810 * initialization of these values.
1812 tp->snd_ssthresh = 0x7fffffff;
1813 tp->snd_cwnd_clamp = ~0;
1814 tp->mss_cache = 536;
1816 tp->reordering = sysctl_tcp_reordering;
1818 sk->sk_state = TCP_CLOSE;
1820 icsk->icsk_af_ops = &ipv6_specific;
1821 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1822 icsk->icsk_sync_mss = tcp_sync_mss;
1823 sk->sk_write_space = sk_stream_write_space;
1824 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1826 #ifdef CONFIG_TCP_MD5SIG
1827 tp->af_specific = &tcp_sock_ipv6_specific;
1830 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1831 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1833 percpu_counter_inc(&tcp_sockets_allocated);
1838 static void tcp_v6_destroy_sock(struct sock *sk)
1840 #ifdef CONFIG_TCP_MD5SIG
1841 /* Clean up the MD5 key list */
1842 if (tcp_sk(sk)->md5sig_info)
1843 tcp_v6_clear_md5_list(sk);
1845 tcp_v4_destroy_sock(sk);
1846 inet6_destroy_sock(sk);
1849 #ifdef CONFIG_PROC_FS
1850 /* Proc filesystem TCPv6 sock list dumping. */
1851 static void get_openreq6(struct seq_file *seq,
1852 struct sock *sk, struct request_sock *req, int i, int uid)
1854 int ttd = req->expires - jiffies;
1855 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1856 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1862 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1863 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1865 src->s6_addr32[0], src->s6_addr32[1],
1866 src->s6_addr32[2], src->s6_addr32[3],
1867 ntohs(inet_rsk(req)->loc_port),
1868 dest->s6_addr32[0], dest->s6_addr32[1],
1869 dest->s6_addr32[2], dest->s6_addr32[3],
1870 ntohs(inet_rsk(req)->rmt_port),
1872 0,0, /* could print option size, but that is af dependent. */
1873 1, /* timers active (only the expire timer) */
1874 jiffies_to_clock_t(ttd),
1877 0, /* non standard timer */
1878 0, /* open_requests have no inode */
1882 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1884 struct in6_addr *dest, *src;
1887 unsigned long timer_expires;
1888 struct inet_sock *inet = inet_sk(sp);
1889 struct tcp_sock *tp = tcp_sk(sp);
1890 const struct inet_connection_sock *icsk = inet_csk(sp);
1891 struct ipv6_pinfo *np = inet6_sk(sp);
1894 src = &np->rcv_saddr;
1895 destp = ntohs(inet->dport);
1896 srcp = ntohs(inet->sport);
1898 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1900 timer_expires = icsk->icsk_timeout;
1901 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1903 timer_expires = icsk->icsk_timeout;
1904 } else if (timer_pending(&sp->sk_timer)) {
1906 timer_expires = sp->sk_timer.expires;
1909 timer_expires = jiffies;
1913 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1914 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %lu %lu %u %u %d\n",
1916 src->s6_addr32[0], src->s6_addr32[1],
1917 src->s6_addr32[2], src->s6_addr32[3], srcp,
1918 dest->s6_addr32[0], dest->s6_addr32[1],
1919 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1921 tp->write_seq-tp->snd_una,
1922 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1924 jiffies_to_clock_t(timer_expires - jiffies),
1925 icsk->icsk_retransmits,
1927 icsk->icsk_probes_out,
1929 atomic_read(&sp->sk_refcnt), sp,
1930 jiffies_to_clock_t(icsk->icsk_rto),
1931 jiffies_to_clock_t(icsk->icsk_ack.ato),
1932 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1933 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
1937 static void get_timewait6_sock(struct seq_file *seq,
1938 struct inet_timewait_sock *tw, int i)
1940 struct in6_addr *dest, *src;
1942 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
1943 int ttd = tw->tw_ttd - jiffies;
1948 dest = &tw6->tw_v6_daddr;
1949 src = &tw6->tw_v6_rcv_saddr;
1950 destp = ntohs(tw->tw_dport);
1951 srcp = ntohs(tw->tw_sport);
1954 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1955 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1957 src->s6_addr32[0], src->s6_addr32[1],
1958 src->s6_addr32[2], src->s6_addr32[3], srcp,
1959 dest->s6_addr32[0], dest->s6_addr32[1],
1960 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1961 tw->tw_substate, 0, 0,
1962 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
1963 atomic_read(&tw->tw_refcnt), tw);
1966 static int tcp6_seq_show(struct seq_file *seq, void *v)
1968 struct tcp_iter_state *st;
1970 if (v == SEQ_START_TOKEN) {
1975 "st tx_queue rx_queue tr tm->when retrnsmt"
1976 " uid timeout inode\n");
1981 switch (st->state) {
1982 case TCP_SEQ_STATE_LISTENING:
1983 case TCP_SEQ_STATE_ESTABLISHED:
1984 get_tcp6_sock(seq, v, st->num);
1986 case TCP_SEQ_STATE_OPENREQ:
1987 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
1989 case TCP_SEQ_STATE_TIME_WAIT:
1990 get_timewait6_sock(seq, v, st->num);
1997 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2001 .owner = THIS_MODULE,
2004 .show = tcp6_seq_show,
2008 int tcp6_proc_init(struct net *net)
2010 return tcp_proc_register(net, &tcp6_seq_afinfo);
2013 void tcp6_proc_exit(struct net *net)
2015 tcp_proc_unregister(net, &tcp6_seq_afinfo);
2019 struct proto tcpv6_prot = {
2021 .owner = THIS_MODULE,
2023 .connect = tcp_v6_connect,
2024 .disconnect = tcp_disconnect,
2025 .accept = inet_csk_accept,
2027 .init = tcp_v6_init_sock,
2028 .destroy = tcp_v6_destroy_sock,
2029 .shutdown = tcp_shutdown,
2030 .setsockopt = tcp_setsockopt,
2031 .getsockopt = tcp_getsockopt,
2032 .recvmsg = tcp_recvmsg,
2033 .backlog_rcv = tcp_v6_do_rcv,
2034 .hash = tcp_v6_hash,
2035 .unhash = inet_unhash,
2036 .get_port = inet_csk_get_port,
2037 .enter_memory_pressure = tcp_enter_memory_pressure,
2038 .sockets_allocated = &tcp_sockets_allocated,
2039 .memory_allocated = &tcp_memory_allocated,
2040 .memory_pressure = &tcp_memory_pressure,
2041 .orphan_count = &tcp_orphan_count,
2042 .sysctl_mem = sysctl_tcp_mem,
2043 .sysctl_wmem = sysctl_tcp_wmem,
2044 .sysctl_rmem = sysctl_tcp_rmem,
2045 .max_header = MAX_TCP_HEADER,
2046 .obj_size = sizeof(struct tcp6_sock),
2047 .slab_flags = SLAB_DESTROY_BY_RCU,
2048 .twsk_prot = &tcp6_timewait_sock_ops,
2049 .rsk_prot = &tcp6_request_sock_ops,
2050 .h.hashinfo = &tcp_hashinfo,
2051 #ifdef CONFIG_COMPAT
2052 .compat_setsockopt = compat_tcp_setsockopt,
2053 .compat_getsockopt = compat_tcp_getsockopt,
2057 static struct inet6_protocol tcpv6_protocol = {
2058 .handler = tcp_v6_rcv,
2059 .err_handler = tcp_v6_err,
2060 .gso_send_check = tcp_v6_gso_send_check,
2061 .gso_segment = tcp_tso_segment,
2062 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2065 static struct inet_protosw tcpv6_protosw = {
2066 .type = SOCK_STREAM,
2067 .protocol = IPPROTO_TCP,
2068 .prot = &tcpv6_prot,
2069 .ops = &inet6_stream_ops,
2072 .flags = INET_PROTOSW_PERMANENT |
2076 static int tcpv6_net_init(struct net *net)
2078 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2079 SOCK_RAW, IPPROTO_TCP, net);
2082 static void tcpv6_net_exit(struct net *net)
2084 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2085 inet_twsk_purge(net, &tcp_hashinfo, &tcp_death_row, AF_INET6);
2088 static struct pernet_operations tcpv6_net_ops = {
2089 .init = tcpv6_net_init,
2090 .exit = tcpv6_net_exit,
2093 int __init tcpv6_init(void)
2097 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2101 /* register inet6 protocol */
2102 ret = inet6_register_protosw(&tcpv6_protosw);
2104 goto out_tcpv6_protocol;
2106 ret = register_pernet_subsys(&tcpv6_net_ops);
2108 goto out_tcpv6_protosw;
2113 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2115 inet6_unregister_protosw(&tcpv6_protosw);
2119 void tcpv6_exit(void)
2121 unregister_pernet_subsys(&tcpv6_net_ops);
2122 inet6_unregister_protosw(&tcpv6_protosw);
2123 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
projects / linux-2.6 / blob