3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
26 #include <linux/module.h>
27 #include <linux/errno.h>
28 #include <linux/types.h>
29 #include <linux/socket.h>
30 #include <linux/sockios.h>
31 #include <linux/net.h>
32 #include <linux/jiffies.h>
34 #include <linux/in6.h>
35 #include <linux/netdevice.h>
36 #include <linux/init.h>
37 #include <linux/jhash.h>
38 #include <linux/ipsec.h>
39 #include <linux/times.h>
41 #include <linux/ipv6.h>
42 #include <linux/icmpv6.h>
43 #include <linux/random.h>
46 #include <net/ndisc.h>
47 #include <net/inet6_hashtables.h>
48 #include <net/inet6_connection_sock.h>
50 #include <net/transp_v6.h>
51 #include <net/addrconf.h>
52 #include <net/ip6_route.h>
53 #include <net/ip6_checksum.h>
54 #include <net/inet_ecn.h>
55 #include <net/protocol.h>
58 #include <net/dsfield.h>
59 #include <net/timewait_sock.h>
60 #include <net/netdma.h>
61 #include <net/inet_common.h>
63 #include <asm/uaccess.h>
65 #include <linux/proc_fs.h>
66 #include <linux/seq_file.h>
68 #include <linux/crypto.h>
69 #include <linux/scatterlist.h>
71 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
72 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req);
74 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
76 static struct inet_connection_sock_af_ops ipv6_mapped;
77 static struct inet_connection_sock_af_ops ipv6_specific;
78 #ifdef CONFIG_TCP_MD5SIG
79 static struct tcp_sock_af_ops tcp_sock_ipv6_specific;
80 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
82 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
83 struct in6_addr *addr)
89 static void tcp_v6_hash(struct sock *sk)
91 if (sk->sk_state != TCP_CLOSE) {
92 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
102 static __inline__ __sum16 tcp_v6_check(struct tcphdr *th, int len,
103 struct in6_addr *saddr,
104 struct in6_addr *daddr,
107 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
110 static __u32 tcp_v6_init_sequence(struct sk_buff *skb)
112 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
113 ipv6_hdr(skb)->saddr.s6_addr32,
115 tcp_hdr(skb)->source);
118 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
121 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
122 struct inet_sock *inet = inet_sk(sk);
123 struct inet_connection_sock *icsk = inet_csk(sk);
124 struct ipv6_pinfo *np = inet6_sk(sk);
125 struct tcp_sock *tp = tcp_sk(sk);
126 struct in6_addr *saddr = NULL, *final_p = NULL, final;
128 struct dst_entry *dst;
132 if (addr_len < SIN6_LEN_RFC2133)
135 if (usin->sin6_family != AF_INET6)
136 return(-EAFNOSUPPORT);
138 memset(&fl, 0, sizeof(fl));
141 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
142 IP6_ECN_flow_init(fl.fl6_flowlabel);
143 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
144 struct ip6_flowlabel *flowlabel;
145 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
146 if (flowlabel == NULL)
148 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
149 fl6_sock_release(flowlabel);
154 * connect() to INADDR_ANY means loopback (BSD'ism).
157 if(ipv6_addr_any(&usin->sin6_addr))
158 usin->sin6_addr.s6_addr[15] = 0x1;
160 addr_type = ipv6_addr_type(&usin->sin6_addr);
162 if(addr_type & IPV6_ADDR_MULTICAST)
165 if (addr_type&IPV6_ADDR_LINKLOCAL) {
166 if (addr_len >= sizeof(struct sockaddr_in6) &&
167 usin->sin6_scope_id) {
168 /* If interface is set while binding, indices
171 if (sk->sk_bound_dev_if &&
172 sk->sk_bound_dev_if != usin->sin6_scope_id)
175 sk->sk_bound_dev_if = usin->sin6_scope_id;
178 /* Connect to link-local address requires an interface */
179 if (!sk->sk_bound_dev_if)
183 if (tp->rx_opt.ts_recent_stamp &&
184 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
185 tp->rx_opt.ts_recent = 0;
186 tp->rx_opt.ts_recent_stamp = 0;
190 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
191 np->flow_label = fl.fl6_flowlabel;
197 if (addr_type == IPV6_ADDR_MAPPED) {
198 u32 exthdrlen = icsk->icsk_ext_hdr_len;
199 struct sockaddr_in sin;
201 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
203 if (__ipv6_only_sock(sk))
206 sin.sin_family = AF_INET;
207 sin.sin_port = usin->sin6_port;
208 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
210 icsk->icsk_af_ops = &ipv6_mapped;
211 sk->sk_backlog_rcv = tcp_v4_do_rcv;
212 #ifdef CONFIG_TCP_MD5SIG
213 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
216 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
219 icsk->icsk_ext_hdr_len = exthdrlen;
220 icsk->icsk_af_ops = &ipv6_specific;
221 sk->sk_backlog_rcv = tcp_v6_do_rcv;
222 #ifdef CONFIG_TCP_MD5SIG
223 tp->af_specific = &tcp_sock_ipv6_specific;
227 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
229 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
236 if (!ipv6_addr_any(&np->rcv_saddr))
237 saddr = &np->rcv_saddr;
239 fl.proto = IPPROTO_TCP;
240 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
241 ipv6_addr_copy(&fl.fl6_src,
242 (saddr ? saddr : &np->saddr));
243 fl.oif = sk->sk_bound_dev_if;
244 fl.fl_ip_dport = usin->sin6_port;
245 fl.fl_ip_sport = inet->sport;
247 if (np->opt && np->opt->srcrt) {
248 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
249 ipv6_addr_copy(&final, &fl.fl6_dst);
250 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
254 security_sk_classify_flow(sk, &fl);
256 err = ip6_dst_lookup(sk, &dst, &fl);
260 ipv6_addr_copy(&fl.fl6_dst, final_p);
262 if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) {
264 err = ip6_dst_blackhole(sk, &dst, &fl);
271 ipv6_addr_copy(&np->rcv_saddr, saddr);
274 /* set the source address */
275 ipv6_addr_copy(&np->saddr, saddr);
276 inet->rcv_saddr = LOOPBACK4_IPV6;
278 sk->sk_gso_type = SKB_GSO_TCPV6;
279 __ip6_dst_store(sk, dst, NULL, NULL);
281 icsk->icsk_ext_hdr_len = 0;
283 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
286 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
288 inet->dport = usin->sin6_port;
290 tcp_set_state(sk, TCP_SYN_SENT);
291 err = inet6_hash_connect(&tcp_death_row, sk);
296 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
301 err = tcp_connect(sk);
308 tcp_set_state(sk, TCP_CLOSE);
312 sk->sk_route_caps = 0;
316 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
317 int type, int code, int offset, __be32 info)
319 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
320 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
321 struct ipv6_pinfo *np;
326 struct net *net = dev_net(skb->dev);
328 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
329 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
332 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
336 if (sk->sk_state == TCP_TIME_WAIT) {
337 inet_twsk_put(inet_twsk(sk));
342 if (sock_owned_by_user(sk))
343 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
345 if (sk->sk_state == TCP_CLOSE)
349 seq = ntohl(th->seq);
350 if (sk->sk_state != TCP_LISTEN &&
351 !between(seq, tp->snd_una, tp->snd_nxt)) {
352 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
358 if (type == ICMPV6_PKT_TOOBIG) {
359 struct dst_entry *dst = NULL;
361 if (sock_owned_by_user(sk))
363 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
366 /* icmp should have updated the destination cache entry */
367 dst = __sk_dst_check(sk, np->dst_cookie);
370 struct inet_sock *inet = inet_sk(sk);
373 /* BUGGG_FUTURE: Again, it is not clear how
374 to handle rthdr case. Ignore this complexity
377 memset(&fl, 0, sizeof(fl));
378 fl.proto = IPPROTO_TCP;
379 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
380 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
381 fl.oif = sk->sk_bound_dev_if;
382 fl.fl_ip_dport = inet->dport;
383 fl.fl_ip_sport = inet->sport;
384 security_skb_classify_flow(skb, &fl);
386 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
387 sk->sk_err_soft = -err;
391 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
392 sk->sk_err_soft = -err;
399 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
400 tcp_sync_mss(sk, dst_mtu(dst));
401 tcp_simple_retransmit(sk);
402 } /* else let the usual retransmit timer handle it */
407 icmpv6_err_convert(type, code, &err);
409 /* Might be for an request_sock */
410 switch (sk->sk_state) {
411 struct request_sock *req, **prev;
413 if (sock_owned_by_user(sk))
416 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
417 &hdr->saddr, inet6_iif(skb));
421 /* ICMPs are not backlogged, hence we cannot get
422 * an established socket here.
424 WARN_ON(req->sk != NULL);
426 if (seq != tcp_rsk(req)->snt_isn) {
427 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
431 inet_csk_reqsk_queue_drop(sk, req, prev);
435 case TCP_SYN_RECV: /* Cannot happen.
436 It can, it SYNs are crossed. --ANK */
437 if (!sock_owned_by_user(sk)) {
439 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
443 sk->sk_err_soft = err;
447 if (!sock_owned_by_user(sk) && np->recverr) {
449 sk->sk_error_report(sk);
451 sk->sk_err_soft = err;
459 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req)
461 struct inet6_request_sock *treq = inet6_rsk(req);
462 struct ipv6_pinfo *np = inet6_sk(sk);
463 struct sk_buff * skb;
464 struct ipv6_txoptions *opt = NULL;
465 struct in6_addr * final_p = NULL, final;
467 struct dst_entry *dst;
470 memset(&fl, 0, sizeof(fl));
471 fl.proto = IPPROTO_TCP;
472 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
473 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
474 fl.fl6_flowlabel = 0;
476 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
477 fl.fl_ip_sport = inet_sk(sk)->sport;
478 security_req_classify_flow(req, &fl);
481 if (opt && opt->srcrt) {
482 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
483 ipv6_addr_copy(&final, &fl.fl6_dst);
484 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
488 err = ip6_dst_lookup(sk, &dst, &fl);
492 ipv6_addr_copy(&fl.fl6_dst, final_p);
493 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
496 skb = tcp_make_synack(sk, dst, req);
498 struct tcphdr *th = tcp_hdr(skb);
500 th->check = tcp_v6_check(th, skb->len,
501 &treq->loc_addr, &treq->rmt_addr,
502 csum_partial((char *)th, skb->len, skb->csum));
504 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
505 err = ip6_xmit(sk, skb, &fl, opt, 0);
506 err = net_xmit_eval(err);
510 if (opt && opt != np->opt)
511 sock_kfree_s(sk, opt, opt->tot_len);
516 static inline void syn_flood_warning(struct sk_buff *skb)
518 #ifdef CONFIG_SYN_COOKIES
519 if (sysctl_tcp_syncookies)
521 "TCPv6: Possible SYN flooding on port %d. "
522 "Sending cookies.\n", ntohs(tcp_hdr(skb)->dest));
526 "TCPv6: Possible SYN flooding on port %d. "
527 "Dropping request.\n", ntohs(tcp_hdr(skb)->dest));
530 static void tcp_v6_reqsk_destructor(struct request_sock *req)
532 if (inet6_rsk(req)->pktopts)
533 kfree_skb(inet6_rsk(req)->pktopts);
536 #ifdef CONFIG_TCP_MD5SIG
537 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
538 struct in6_addr *addr)
540 struct tcp_sock *tp = tcp_sk(sk);
545 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
548 for (i = 0; i < tp->md5sig_info->entries6; i++) {
549 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, addr))
550 return &tp->md5sig_info->keys6[i].base;
555 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
556 struct sock *addr_sk)
558 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
561 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
562 struct request_sock *req)
564 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
567 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer,
568 char *newkey, u8 newkeylen)
570 /* Add key to the list */
571 struct tcp_md5sig_key *key;
572 struct tcp_sock *tp = tcp_sk(sk);
573 struct tcp6_md5sig_key *keys;
575 key = tcp_v6_md5_do_lookup(sk, peer);
577 /* modify existing entry - just update that one */
580 key->keylen = newkeylen;
582 /* reallocate new list if current one is full. */
583 if (!tp->md5sig_info) {
584 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
585 if (!tp->md5sig_info) {
589 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
591 if (tcp_alloc_md5sig_pool() == NULL) {
595 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
596 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
597 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
600 tcp_free_md5sig_pool();
605 if (tp->md5sig_info->entries6)
606 memmove(keys, tp->md5sig_info->keys6,
607 (sizeof (tp->md5sig_info->keys6[0]) *
608 tp->md5sig_info->entries6));
610 kfree(tp->md5sig_info->keys6);
611 tp->md5sig_info->keys6 = keys;
612 tp->md5sig_info->alloced6++;
615 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
617 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
618 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
620 tp->md5sig_info->entries6++;
625 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
626 u8 *newkey, __u8 newkeylen)
628 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
632 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer)
634 struct tcp_sock *tp = tcp_sk(sk);
637 for (i = 0; i < tp->md5sig_info->entries6; i++) {
638 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, peer)) {
640 kfree(tp->md5sig_info->keys6[i].base.key);
641 tp->md5sig_info->entries6--;
643 if (tp->md5sig_info->entries6 == 0) {
644 kfree(tp->md5sig_info->keys6);
645 tp->md5sig_info->keys6 = NULL;
646 tp->md5sig_info->alloced6 = 0;
648 /* shrink the database */
649 if (tp->md5sig_info->entries6 != i)
650 memmove(&tp->md5sig_info->keys6[i],
651 &tp->md5sig_info->keys6[i+1],
652 (tp->md5sig_info->entries6 - i)
653 * sizeof (tp->md5sig_info->keys6[0]));
655 tcp_free_md5sig_pool();
662 static void tcp_v6_clear_md5_list (struct sock *sk)
664 struct tcp_sock *tp = tcp_sk(sk);
667 if (tp->md5sig_info->entries6) {
668 for (i = 0; i < tp->md5sig_info->entries6; i++)
669 kfree(tp->md5sig_info->keys6[i].base.key);
670 tp->md5sig_info->entries6 = 0;
671 tcp_free_md5sig_pool();
674 kfree(tp->md5sig_info->keys6);
675 tp->md5sig_info->keys6 = NULL;
676 tp->md5sig_info->alloced6 = 0;
678 if (tp->md5sig_info->entries4) {
679 for (i = 0; i < tp->md5sig_info->entries4; i++)
680 kfree(tp->md5sig_info->keys4[i].base.key);
681 tp->md5sig_info->entries4 = 0;
682 tcp_free_md5sig_pool();
685 kfree(tp->md5sig_info->keys4);
686 tp->md5sig_info->keys4 = NULL;
687 tp->md5sig_info->alloced4 = 0;
690 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
693 struct tcp_md5sig cmd;
694 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
697 if (optlen < sizeof(cmd))
700 if (copy_from_user(&cmd, optval, sizeof(cmd)))
703 if (sin6->sin6_family != AF_INET6)
706 if (!cmd.tcpm_keylen) {
707 if (!tcp_sk(sk)->md5sig_info)
709 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
710 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
711 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
714 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
717 if (!tcp_sk(sk)->md5sig_info) {
718 struct tcp_sock *tp = tcp_sk(sk);
719 struct tcp_md5sig_info *p;
721 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
726 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
729 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
732 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
733 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
734 newkey, cmd.tcpm_keylen);
736 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
739 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
740 struct in6_addr *daddr,
741 struct in6_addr *saddr, int nbytes)
743 struct tcp6_pseudohdr *bp;
744 struct scatterlist sg;
746 bp = &hp->md5_blk.ip6;
747 /* 1. TCP pseudo-header (RFC2460) */
748 ipv6_addr_copy(&bp->saddr, saddr);
749 ipv6_addr_copy(&bp->daddr, daddr);
750 bp->protocol = cpu_to_be32(IPPROTO_TCP);
751 bp->len = cpu_to_be32(nbytes);
753 sg_init_one(&sg, bp, sizeof(*bp));
754 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
757 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
758 struct in6_addr *daddr, struct in6_addr *saddr,
761 struct tcp_md5sig_pool *hp;
762 struct hash_desc *desc;
764 hp = tcp_get_md5sig_pool();
766 goto clear_hash_noput;
767 desc = &hp->md5_desc;
769 if (crypto_hash_init(desc))
771 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
773 if (tcp_md5_hash_header(hp, th))
775 if (tcp_md5_hash_key(hp, key))
777 if (crypto_hash_final(desc, md5_hash))
780 tcp_put_md5sig_pool();
784 tcp_put_md5sig_pool();
786 memset(md5_hash, 0, 16);
790 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
791 struct sock *sk, struct request_sock *req,
794 struct in6_addr *saddr, *daddr;
795 struct tcp_md5sig_pool *hp;
796 struct hash_desc *desc;
797 struct tcphdr *th = tcp_hdr(skb);
800 saddr = &inet6_sk(sk)->saddr;
801 daddr = &inet6_sk(sk)->daddr;
803 saddr = &inet6_rsk(req)->loc_addr;
804 daddr = &inet6_rsk(req)->rmt_addr;
806 struct ipv6hdr *ip6h = ipv6_hdr(skb);
807 saddr = &ip6h->saddr;
808 daddr = &ip6h->daddr;
811 hp = tcp_get_md5sig_pool();
813 goto clear_hash_noput;
814 desc = &hp->md5_desc;
816 if (crypto_hash_init(desc))
819 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
821 if (tcp_md5_hash_header(hp, th))
823 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
825 if (tcp_md5_hash_key(hp, key))
827 if (crypto_hash_final(desc, md5_hash))
830 tcp_put_md5sig_pool();
834 tcp_put_md5sig_pool();
836 memset(md5_hash, 0, 16);
840 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
842 __u8 *hash_location = NULL;
843 struct tcp_md5sig_key *hash_expected;
844 struct ipv6hdr *ip6h = ipv6_hdr(skb);
845 struct tcphdr *th = tcp_hdr(skb);
849 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
850 hash_location = tcp_parse_md5sig_option(th);
852 /* We've parsed the options - do we have a hash? */
853 if (!hash_expected && !hash_location)
856 if (hash_expected && !hash_location) {
857 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
861 if (!hash_expected && hash_location) {
862 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
866 /* check the signature */
867 genhash = tcp_v6_md5_hash_skb(newhash,
871 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
872 if (net_ratelimit()) {
873 printk(KERN_INFO "MD5 Hash %s for "
874 "(" NIP6_FMT ", %u)->"
875 "(" NIP6_FMT ", %u)\n",
876 genhash ? "failed" : "mismatch",
877 NIP6(ip6h->saddr), ntohs(th->source),
878 NIP6(ip6h->daddr), ntohs(th->dest));
886 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
888 .obj_size = sizeof(struct tcp6_request_sock),
889 .rtx_syn_ack = tcp_v6_send_synack,
890 .send_ack = tcp_v6_reqsk_send_ack,
891 .destructor = tcp_v6_reqsk_destructor,
892 .send_reset = tcp_v6_send_reset
895 #ifdef CONFIG_TCP_MD5SIG
896 static struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
897 .md5_lookup = tcp_v6_reqsk_md5_lookup,
901 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
902 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
903 .twsk_unique = tcp_twsk_unique,
904 .twsk_destructor= tcp_twsk_destructor,
907 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb)
909 struct ipv6_pinfo *np = inet6_sk(sk);
910 struct tcphdr *th = tcp_hdr(skb);
912 if (skb->ip_summed == CHECKSUM_PARTIAL) {
913 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
914 skb->csum_start = skb_transport_header(skb) - skb->head;
915 skb->csum_offset = offsetof(struct tcphdr, check);
917 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
918 csum_partial((char *)th, th->doff<<2,
923 static int tcp_v6_gso_send_check(struct sk_buff *skb)
925 struct ipv6hdr *ipv6h;
928 if (!pskb_may_pull(skb, sizeof(*th)))
931 ipv6h = ipv6_hdr(skb);
935 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
937 skb->csum_start = skb_transport_header(skb) - skb->head;
938 skb->csum_offset = offsetof(struct tcphdr, check);
939 skb->ip_summed = CHECKSUM_PARTIAL;
943 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
945 struct tcphdr *th = tcp_hdr(skb), *t1;
946 struct sk_buff *buff;
948 struct net *net = dev_net(skb->dst->dev);
949 struct sock *ctl_sk = net->ipv6.tcp_sk;
950 unsigned int tot_len = sizeof(*th);
951 #ifdef CONFIG_TCP_MD5SIG
952 struct tcp_md5sig_key *key;
958 if (!ipv6_unicast_destination(skb))
961 #ifdef CONFIG_TCP_MD5SIG
963 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr);
968 tot_len += TCPOLEN_MD5SIG_ALIGNED;
972 * We need to grab some memory, and put together an RST,
973 * and then put it into the queue to be sent.
976 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
981 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
983 t1 = (struct tcphdr *) skb_push(buff, tot_len);
985 /* Swap the send and the receive. */
986 memset(t1, 0, sizeof(*t1));
987 t1->dest = th->source;
988 t1->source = th->dest;
989 t1->doff = tot_len / 4;
993 t1->seq = th->ack_seq;
996 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin
997 + skb->len - (th->doff<<2));
1000 #ifdef CONFIG_TCP_MD5SIG
1002 __be32 *opt = (__be32*)(t1 + 1);
1003 opt[0] = htonl((TCPOPT_NOP << 24) |
1004 (TCPOPT_NOP << 16) |
1005 (TCPOPT_MD5SIG << 8) |
1007 tcp_v6_md5_hash_hdr((__u8 *)&opt[1], key,
1008 &ipv6_hdr(skb)->daddr,
1009 &ipv6_hdr(skb)->saddr, t1);
1013 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0);
1015 memset(&fl, 0, sizeof(fl));
1016 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1017 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1019 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1020 sizeof(*t1), IPPROTO_TCP,
1023 fl.proto = IPPROTO_TCP;
1024 fl.oif = inet6_iif(skb);
1025 fl.fl_ip_dport = t1->dest;
1026 fl.fl_ip_sport = t1->source;
1027 security_skb_classify_flow(skb, &fl);
1029 /* Pass a socket to ip6_dst_lookup either it is for RST
1030 * Underlying function will use this to retrieve the network
1033 if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) {
1035 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1036 ip6_xmit(ctl_sk, buff, &fl, NULL, 0);
1037 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
1038 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
1046 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts,
1047 struct tcp_md5sig_key *key)
1049 struct tcphdr *th = tcp_hdr(skb), *t1;
1050 struct sk_buff *buff;
1052 struct net *net = dev_net(skb->dev);
1053 struct sock *ctl_sk = net->ipv6.tcp_sk;
1054 unsigned int tot_len = sizeof(struct tcphdr);
1058 tot_len += TCPOLEN_TSTAMP_ALIGNED;
1059 #ifdef CONFIG_TCP_MD5SIG
1061 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1064 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1069 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1071 t1 = (struct tcphdr *) skb_push(buff,tot_len);
1073 /* Swap the send and the receive. */
1074 memset(t1, 0, sizeof(*t1));
1075 t1->dest = th->source;
1076 t1->source = th->dest;
1077 t1->doff = tot_len/4;
1078 t1->seq = htonl(seq);
1079 t1->ack_seq = htonl(ack);
1081 t1->window = htons(win);
1083 topt = (__be32 *)(t1 + 1);
1086 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1087 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
1088 *topt++ = htonl(tcp_time_stamp);
1092 #ifdef CONFIG_TCP_MD5SIG
1094 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1095 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
1096 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
1097 &ipv6_hdr(skb)->saddr,
1098 &ipv6_hdr(skb)->daddr, t1);
1102 buff->csum = csum_partial((char *)t1, tot_len, 0);
1104 memset(&fl, 0, sizeof(fl));
1105 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1106 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1108 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1109 tot_len, IPPROTO_TCP,
1112 fl.proto = IPPROTO_TCP;
1113 fl.oif = inet6_iif(skb);
1114 fl.fl_ip_dport = t1->dest;
1115 fl.fl_ip_sport = t1->source;
1116 security_skb_classify_flow(skb, &fl);
1118 if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) {
1119 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1120 ip6_xmit(ctl_sk, buff, &fl, NULL, 0);
1121 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
1129 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1131 struct inet_timewait_sock *tw = inet_twsk(sk);
1132 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1134 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1135 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1136 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw));
1141 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req)
1143 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent,
1144 tcp_v6_md5_do_lookup(skb->sk, &ipv6_hdr(skb)->daddr));
1148 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1150 struct request_sock *req, **prev;
1151 const struct tcphdr *th = tcp_hdr(skb);
1154 /* Find possible connection requests. */
1155 req = inet6_csk_search_req(sk, &prev, th->source,
1156 &ipv6_hdr(skb)->saddr,
1157 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1159 return tcp_check_req(sk, skb, req, prev);
1161 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
1162 &ipv6_hdr(skb)->saddr, th->source,
1163 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1166 if (nsk->sk_state != TCP_TIME_WAIT) {
1170 inet_twsk_put(inet_twsk(nsk));
1174 #ifdef CONFIG_SYN_COOKIES
1175 if (!th->rst && !th->syn && th->ack)
1176 sk = cookie_v6_check(sk, skb);
1181 /* FIXME: this is substantially similar to the ipv4 code.
1182 * Can some kind of merge be done? -- erics
1184 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1186 struct inet6_request_sock *treq;
1187 struct ipv6_pinfo *np = inet6_sk(sk);
1188 struct tcp_options_received tmp_opt;
1189 struct tcp_sock *tp = tcp_sk(sk);
1190 struct request_sock *req = NULL;
1191 __u32 isn = TCP_SKB_CB(skb)->when;
1192 #ifdef CONFIG_SYN_COOKIES
1193 int want_cookie = 0;
1195 #define want_cookie 0
1198 if (skb->protocol == htons(ETH_P_IP))
1199 return tcp_v4_conn_request(sk, skb);
1201 if (!ipv6_unicast_destination(skb))
1204 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1205 if (net_ratelimit())
1206 syn_flood_warning(skb);
1207 #ifdef CONFIG_SYN_COOKIES
1208 if (sysctl_tcp_syncookies)
1215 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1218 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1222 #ifdef CONFIG_TCP_MD5SIG
1223 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1226 tcp_clear_options(&tmp_opt);
1227 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1228 tmp_opt.user_mss = tp->rx_opt.user_mss;
1230 tcp_parse_options(skb, &tmp_opt, 0);
1232 if (want_cookie && !tmp_opt.saw_tstamp)
1233 tcp_clear_options(&tmp_opt);
1235 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1236 tcp_openreq_init(req, &tmp_opt, skb);
1238 treq = inet6_rsk(req);
1239 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1240 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1242 TCP_ECN_create_request(req, tcp_hdr(skb));
1245 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1246 req->cookie_ts = tmp_opt.tstamp_ok;
1248 if (ipv6_opt_accepted(sk, skb) ||
1249 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1250 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1251 atomic_inc(&skb->users);
1252 treq->pktopts = skb;
1254 treq->iif = sk->sk_bound_dev_if;
1256 /* So that link locals have meaning */
1257 if (!sk->sk_bound_dev_if &&
1258 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1259 treq->iif = inet6_iif(skb);
1261 isn = tcp_v6_init_sequence(skb);
1264 tcp_rsk(req)->snt_isn = isn;
1266 security_inet_conn_request(sk, skb, req);
1268 if (tcp_v6_send_synack(sk, req))
1272 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1280 return 0; /* don't send reset */
1283 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1284 struct request_sock *req,
1285 struct dst_entry *dst)
1287 struct inet6_request_sock *treq = inet6_rsk(req);
1288 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1289 struct tcp6_sock *newtcp6sk;
1290 struct inet_sock *newinet;
1291 struct tcp_sock *newtp;
1293 struct ipv6_txoptions *opt;
1294 #ifdef CONFIG_TCP_MD5SIG
1295 struct tcp_md5sig_key *key;
1298 if (skb->protocol == htons(ETH_P_IP)) {
1303 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1308 newtcp6sk = (struct tcp6_sock *)newsk;
1309 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1311 newinet = inet_sk(newsk);
1312 newnp = inet6_sk(newsk);
1313 newtp = tcp_sk(newsk);
1315 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1317 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
1320 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
1323 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1325 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1326 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1327 #ifdef CONFIG_TCP_MD5SIG
1328 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1331 newnp->pktoptions = NULL;
1333 newnp->mcast_oif = inet6_iif(skb);
1334 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1337 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1338 * here, tcp_create_openreq_child now does this for us, see the comment in
1339 * that function for the gory details. -acme
1342 /* It is tricky place. Until this moment IPv4 tcp
1343 worked with IPv6 icsk.icsk_af_ops.
1346 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1353 if (sk_acceptq_is_full(sk))
1357 struct in6_addr *final_p = NULL, final;
1360 memset(&fl, 0, sizeof(fl));
1361 fl.proto = IPPROTO_TCP;
1362 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1363 if (opt && opt->srcrt) {
1364 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
1365 ipv6_addr_copy(&final, &fl.fl6_dst);
1366 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1369 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1370 fl.oif = sk->sk_bound_dev_if;
1371 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1372 fl.fl_ip_sport = inet_sk(sk)->sport;
1373 security_req_classify_flow(req, &fl);
1375 if (ip6_dst_lookup(sk, &dst, &fl))
1379 ipv6_addr_copy(&fl.fl6_dst, final_p);
1381 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
1385 newsk = tcp_create_openreq_child(sk, req, skb);
1390 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1391 * count here, tcp_create_openreq_child now does this for us, see the
1392 * comment in that function for the gory details. -acme
1395 newsk->sk_gso_type = SKB_GSO_TCPV6;
1396 __ip6_dst_store(newsk, dst, NULL, NULL);
1398 newtcp6sk = (struct tcp6_sock *)newsk;
1399 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1401 newtp = tcp_sk(newsk);
1402 newinet = inet_sk(newsk);
1403 newnp = inet6_sk(newsk);
1405 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1407 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1408 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1409 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1410 newsk->sk_bound_dev_if = treq->iif;
1412 /* Now IPv6 options...
1414 First: no IPv4 options.
1416 newinet->opt = NULL;
1417 newnp->ipv6_fl_list = NULL;
1420 newnp->rxopt.all = np->rxopt.all;
1422 /* Clone pktoptions received with SYN */
1423 newnp->pktoptions = NULL;
1424 if (treq->pktopts != NULL) {
1425 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1426 kfree_skb(treq->pktopts);
1427 treq->pktopts = NULL;
1428 if (newnp->pktoptions)
1429 skb_set_owner_r(newnp->pktoptions, newsk);
1432 newnp->mcast_oif = inet6_iif(skb);
1433 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1435 /* Clone native IPv6 options from listening socket (if any)
1437 Yes, keeping reference count would be much more clever,
1438 but we make one more one thing there: reattach optmem
1442 newnp->opt = ipv6_dup_options(newsk, opt);
1444 sock_kfree_s(sk, opt, opt->tot_len);
1447 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1449 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1450 newnp->opt->opt_flen);
1452 tcp_mtup_init(newsk);
1453 tcp_sync_mss(newsk, dst_mtu(dst));
1454 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1455 tcp_initialize_rcv_mss(newsk);
1457 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
1459 #ifdef CONFIG_TCP_MD5SIG
1460 /* Copy over the MD5 key from the original socket */
1461 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1462 /* We're using one, so create a matching key
1463 * on the newsk structure. If we fail to get
1464 * memory, then we end up not copying the key
1467 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1469 tcp_v6_md5_do_add(newsk, &inet6_sk(sk)->daddr,
1470 newkey, key->keylen);
1474 __inet6_hash(newsk);
1475 __inet_inherit_port(sk, newsk);
1480 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1482 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1483 if (opt && opt != np->opt)
1484 sock_kfree_s(sk, opt, opt->tot_len);
1489 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1491 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1492 if (!tcp_v6_check(tcp_hdr(skb), skb->len, &ipv6_hdr(skb)->saddr,
1493 &ipv6_hdr(skb)->daddr, skb->csum)) {
1494 skb->ip_summed = CHECKSUM_UNNECESSARY;
1499 skb->csum = ~csum_unfold(tcp_v6_check(tcp_hdr(skb), skb->len,
1500 &ipv6_hdr(skb)->saddr,
1501 &ipv6_hdr(skb)->daddr, 0));
1503 if (skb->len <= 76) {
1504 return __skb_checksum_complete(skb);
1509 /* The socket must have it's spinlock held when we get
1512 * We have a potential double-lock case here, so even when
1513 * doing backlog processing we use the BH locking scheme.
1514 * This is because we cannot sleep with the original spinlock
1517 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1519 struct ipv6_pinfo *np = inet6_sk(sk);
1520 struct tcp_sock *tp;
1521 struct sk_buff *opt_skb = NULL;
1523 /* Imagine: socket is IPv6. IPv4 packet arrives,
1524 goes to IPv4 receive handler and backlogged.
1525 From backlog it always goes here. Kerboom...
1526 Fortunately, tcp_rcv_established and rcv_established
1527 handle them correctly, but it is not case with
1528 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1531 if (skb->protocol == htons(ETH_P_IP))
1532 return tcp_v4_do_rcv(sk, skb);
1534 #ifdef CONFIG_TCP_MD5SIG
1535 if (tcp_v6_inbound_md5_hash (sk, skb))
1539 if (sk_filter(sk, skb))
1543 * socket locking is here for SMP purposes as backlog rcv
1544 * is currently called with bh processing disabled.
1547 /* Do Stevens' IPV6_PKTOPTIONS.
1549 Yes, guys, it is the only place in our code, where we
1550 may make it not affecting IPv4.
1551 The rest of code is protocol independent,
1552 and I do not like idea to uglify IPv4.
1554 Actually, all the idea behind IPV6_PKTOPTIONS
1555 looks not very well thought. For now we latch
1556 options, received in the last packet, enqueued
1557 by tcp. Feel free to propose better solution.
1561 opt_skb = skb_clone(skb, GFP_ATOMIC);
1563 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1564 TCP_CHECK_TIMER(sk);
1565 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1567 TCP_CHECK_TIMER(sk);
1569 goto ipv6_pktoptions;
1573 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1576 if (sk->sk_state == TCP_LISTEN) {
1577 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1582 * Queue it on the new socket if the new socket is active,
1583 * otherwise we just shortcircuit this and continue with
1587 if (tcp_child_process(sk, nsk, skb))
1590 __kfree_skb(opt_skb);
1595 TCP_CHECK_TIMER(sk);
1596 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1598 TCP_CHECK_TIMER(sk);
1600 goto ipv6_pktoptions;
1604 tcp_v6_send_reset(sk, skb);
1607 __kfree_skb(opt_skb);
1611 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1616 /* Do you ask, what is it?
1618 1. skb was enqueued by tcp.
1619 2. skb is added to tail of read queue, rather than out of order.
1620 3. socket is not in passive state.
1621 4. Finally, it really contains options, which user wants to receive.
1624 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1625 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1626 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1627 np->mcast_oif = inet6_iif(opt_skb);
1628 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1629 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1630 if (ipv6_opt_accepted(sk, opt_skb)) {
1631 skb_set_owner_r(opt_skb, sk);
1632 opt_skb = xchg(&np->pktoptions, opt_skb);
1634 __kfree_skb(opt_skb);
1635 opt_skb = xchg(&np->pktoptions, NULL);
1644 static int tcp_v6_rcv(struct sk_buff *skb)
1649 struct net *net = dev_net(skb->dev);
1651 if (skb->pkt_type != PACKET_HOST)
1655 * Count it even if it's bad.
1657 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1659 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1664 if (th->doff < sizeof(struct tcphdr)/4)
1666 if (!pskb_may_pull(skb, th->doff*4))
1669 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1673 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1674 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1675 skb->len - th->doff*4);
1676 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1677 TCP_SKB_CB(skb)->when = 0;
1678 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(ipv6_hdr(skb));
1679 TCP_SKB_CB(skb)->sacked = 0;
1681 sk = __inet6_lookup(net, &tcp_hashinfo,
1682 &ipv6_hdr(skb)->saddr, th->source,
1683 &ipv6_hdr(skb)->daddr, ntohs(th->dest),
1690 if (sk->sk_state == TCP_TIME_WAIT)
1693 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1694 goto discard_and_relse;
1696 if (sk_filter(sk, skb))
1697 goto discard_and_relse;
1701 bh_lock_sock_nested(sk);
1703 if (!sock_owned_by_user(sk)) {
1704 #ifdef CONFIG_NET_DMA
1705 struct tcp_sock *tp = tcp_sk(sk);
1706 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1707 tp->ucopy.dma_chan = get_softnet_dma();
1708 if (tp->ucopy.dma_chan)
1709 ret = tcp_v6_do_rcv(sk, skb);
1713 if (!tcp_prequeue(sk, skb))
1714 ret = tcp_v6_do_rcv(sk, skb);
1717 sk_add_backlog(sk, skb);
1721 return ret ? -1 : 0;
1724 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1727 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1729 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1731 tcp_v6_send_reset(NULL, skb);
1748 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1749 inet_twsk_put(inet_twsk(sk));
1753 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1754 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1755 inet_twsk_put(inet_twsk(sk));
1759 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1764 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1765 &ipv6_hdr(skb)->daddr,
1766 ntohs(th->dest), inet6_iif(skb));
1768 struct inet_timewait_sock *tw = inet_twsk(sk);
1769 inet_twsk_deschedule(tw, &tcp_death_row);
1774 /* Fall through to ACK */
1777 tcp_v6_timewait_ack(sk, skb);
1781 case TCP_TW_SUCCESS:;
1786 static int tcp_v6_remember_stamp(struct sock *sk)
1788 /* Alas, not yet... */
1792 static struct inet_connection_sock_af_ops ipv6_specific = {
1793 .queue_xmit = inet6_csk_xmit,
1794 .send_check = tcp_v6_send_check,
1795 .rebuild_header = inet6_sk_rebuild_header,
1796 .conn_request = tcp_v6_conn_request,
1797 .syn_recv_sock = tcp_v6_syn_recv_sock,
1798 .remember_stamp = tcp_v6_remember_stamp,
1799 .net_header_len = sizeof(struct ipv6hdr),
1800 .setsockopt = ipv6_setsockopt,
1801 .getsockopt = ipv6_getsockopt,
1802 .addr2sockaddr = inet6_csk_addr2sockaddr,
1803 .sockaddr_len = sizeof(struct sockaddr_in6),
1804 .bind_conflict = inet6_csk_bind_conflict,
1805 #ifdef CONFIG_COMPAT
1806 .compat_setsockopt = compat_ipv6_setsockopt,
1807 .compat_getsockopt = compat_ipv6_getsockopt,
1811 #ifdef CONFIG_TCP_MD5SIG
1812 static struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1813 .md5_lookup = tcp_v6_md5_lookup,
1814 .calc_md5_hash = tcp_v6_md5_hash_skb,
1815 .md5_add = tcp_v6_md5_add_func,
1816 .md5_parse = tcp_v6_parse_md5_keys,
1821 * TCP over IPv4 via INET6 API
1824 static struct inet_connection_sock_af_ops ipv6_mapped = {
1825 .queue_xmit = ip_queue_xmit,
1826 .send_check = tcp_v4_send_check,
1827 .rebuild_header = inet_sk_rebuild_header,
1828 .conn_request = tcp_v6_conn_request,
1829 .syn_recv_sock = tcp_v6_syn_recv_sock,
1830 .remember_stamp = tcp_v4_remember_stamp,
1831 .net_header_len = sizeof(struct iphdr),
1832 .setsockopt = ipv6_setsockopt,
1833 .getsockopt = ipv6_getsockopt,
1834 .addr2sockaddr = inet6_csk_addr2sockaddr,
1835 .sockaddr_len = sizeof(struct sockaddr_in6),
1836 .bind_conflict = inet6_csk_bind_conflict,
1837 #ifdef CONFIG_COMPAT
1838 .compat_setsockopt = compat_ipv6_setsockopt,
1839 .compat_getsockopt = compat_ipv6_getsockopt,
1843 #ifdef CONFIG_TCP_MD5SIG
1844 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1845 .md5_lookup = tcp_v4_md5_lookup,
1846 .calc_md5_hash = tcp_v4_md5_hash_skb,
1847 .md5_add = tcp_v6_md5_add_func,
1848 .md5_parse = tcp_v6_parse_md5_keys,
1852 /* NOTE: A lot of things set to zero explicitly by call to
1853 * sk_alloc() so need not be done here.
1855 static int tcp_v6_init_sock(struct sock *sk)
1857 struct inet_connection_sock *icsk = inet_csk(sk);
1858 struct tcp_sock *tp = tcp_sk(sk);
1860 skb_queue_head_init(&tp->out_of_order_queue);
1861 tcp_init_xmit_timers(sk);
1862 tcp_prequeue_init(tp);
1864 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1865 tp->mdev = TCP_TIMEOUT_INIT;
1867 /* So many TCP implementations out there (incorrectly) count the
1868 * initial SYN frame in their delayed-ACK and congestion control
1869 * algorithms that we must have the following bandaid to talk
1870 * efficiently to them. -DaveM
1874 /* See draft-stevens-tcpca-spec-01 for discussion of the
1875 * initialization of these values.
1877 tp->snd_ssthresh = 0x7fffffff;
1878 tp->snd_cwnd_clamp = ~0;
1879 tp->mss_cache = 536;
1881 tp->reordering = sysctl_tcp_reordering;
1883 sk->sk_state = TCP_CLOSE;
1885 icsk->icsk_af_ops = &ipv6_specific;
1886 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1887 icsk->icsk_sync_mss = tcp_sync_mss;
1888 sk->sk_write_space = sk_stream_write_space;
1889 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1891 #ifdef CONFIG_TCP_MD5SIG
1892 tp->af_specific = &tcp_sock_ipv6_specific;
1895 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1896 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1898 atomic_inc(&tcp_sockets_allocated);
1903 static void tcp_v6_destroy_sock(struct sock *sk)
1905 #ifdef CONFIG_TCP_MD5SIG
1906 /* Clean up the MD5 key list */
1907 if (tcp_sk(sk)->md5sig_info)
1908 tcp_v6_clear_md5_list(sk);
1910 tcp_v4_destroy_sock(sk);
1911 inet6_destroy_sock(sk);
1914 #ifdef CONFIG_PROC_FS
1915 /* Proc filesystem TCPv6 sock list dumping. */
1916 static void get_openreq6(struct seq_file *seq,
1917 struct sock *sk, struct request_sock *req, int i, int uid)
1919 int ttd = req->expires - jiffies;
1920 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1921 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1927 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1928 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1930 src->s6_addr32[0], src->s6_addr32[1],
1931 src->s6_addr32[2], src->s6_addr32[3],
1932 ntohs(inet_sk(sk)->sport),
1933 dest->s6_addr32[0], dest->s6_addr32[1],
1934 dest->s6_addr32[2], dest->s6_addr32[3],
1935 ntohs(inet_rsk(req)->rmt_port),
1937 0,0, /* could print option size, but that is af dependent. */
1938 1, /* timers active (only the expire timer) */
1939 jiffies_to_clock_t(ttd),
1942 0, /* non standard timer */
1943 0, /* open_requests have no inode */
1947 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1949 struct in6_addr *dest, *src;
1952 unsigned long timer_expires;
1953 struct inet_sock *inet = inet_sk(sp);
1954 struct tcp_sock *tp = tcp_sk(sp);
1955 const struct inet_connection_sock *icsk = inet_csk(sp);
1956 struct ipv6_pinfo *np = inet6_sk(sp);
1959 src = &np->rcv_saddr;
1960 destp = ntohs(inet->dport);
1961 srcp = ntohs(inet->sport);
1963 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1965 timer_expires = icsk->icsk_timeout;
1966 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1968 timer_expires = icsk->icsk_timeout;
1969 } else if (timer_pending(&sp->sk_timer)) {
1971 timer_expires = sp->sk_timer.expires;
1974 timer_expires = jiffies;
1978 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1979 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %lu %lu %u %u %d\n",
1981 src->s6_addr32[0], src->s6_addr32[1],
1982 src->s6_addr32[2], src->s6_addr32[3], srcp,
1983 dest->s6_addr32[0], dest->s6_addr32[1],
1984 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1986 tp->write_seq-tp->snd_una,
1987 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1989 jiffies_to_clock_t(timer_expires - jiffies),
1990 icsk->icsk_retransmits,
1992 icsk->icsk_probes_out,
1994 atomic_read(&sp->sk_refcnt), sp,
1995 jiffies_to_clock_t(icsk->icsk_rto),
1996 jiffies_to_clock_t(icsk->icsk_ack.ato),
1997 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1998 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
2002 static void get_timewait6_sock(struct seq_file *seq,
2003 struct inet_timewait_sock *tw, int i)
2005 struct in6_addr *dest, *src;
2007 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
2008 int ttd = tw->tw_ttd - jiffies;
2013 dest = &tw6->tw_v6_daddr;
2014 src = &tw6->tw_v6_rcv_saddr;
2015 destp = ntohs(tw->tw_dport);
2016 srcp = ntohs(tw->tw_sport);
2019 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2020 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
2022 src->s6_addr32[0], src->s6_addr32[1],
2023 src->s6_addr32[2], src->s6_addr32[3], srcp,
2024 dest->s6_addr32[0], dest->s6_addr32[1],
2025 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2026 tw->tw_substate, 0, 0,
2027 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2028 atomic_read(&tw->tw_refcnt), tw);
2031 static int tcp6_seq_show(struct seq_file *seq, void *v)
2033 struct tcp_iter_state *st;
2035 if (v == SEQ_START_TOKEN) {
2040 "st tx_queue rx_queue tr tm->when retrnsmt"
2041 " uid timeout inode\n");
2046 switch (st->state) {
2047 case TCP_SEQ_STATE_LISTENING:
2048 case TCP_SEQ_STATE_ESTABLISHED:
2049 get_tcp6_sock(seq, v, st->num);
2051 case TCP_SEQ_STATE_OPENREQ:
2052 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
2054 case TCP_SEQ_STATE_TIME_WAIT:
2055 get_timewait6_sock(seq, v, st->num);
2062 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2066 .owner = THIS_MODULE,
2069 .show = tcp6_seq_show,
2073 int tcp6_proc_init(struct net *net)
2075 return tcp_proc_register(net, &tcp6_seq_afinfo);
2078 void tcp6_proc_exit(struct net *net)
2080 tcp_proc_unregister(net, &tcp6_seq_afinfo);
2084 struct proto tcpv6_prot = {
2086 .owner = THIS_MODULE,
2088 .connect = tcp_v6_connect,
2089 .disconnect = tcp_disconnect,
2090 .accept = inet_csk_accept,
2092 .init = tcp_v6_init_sock,
2093 .destroy = tcp_v6_destroy_sock,
2094 .shutdown = tcp_shutdown,
2095 .setsockopt = tcp_setsockopt,
2096 .getsockopt = tcp_getsockopt,
2097 .recvmsg = tcp_recvmsg,
2098 .backlog_rcv = tcp_v6_do_rcv,
2099 .hash = tcp_v6_hash,
2100 .unhash = inet_unhash,
2101 .get_port = inet_csk_get_port,
2102 .enter_memory_pressure = tcp_enter_memory_pressure,
2103 .sockets_allocated = &tcp_sockets_allocated,
2104 .memory_allocated = &tcp_memory_allocated,
2105 .memory_pressure = &tcp_memory_pressure,
2106 .orphan_count = &tcp_orphan_count,
2107 .sysctl_mem = sysctl_tcp_mem,
2108 .sysctl_wmem = sysctl_tcp_wmem,
2109 .sysctl_rmem = sysctl_tcp_rmem,
2110 .max_header = MAX_TCP_HEADER,
2111 .obj_size = sizeof(struct tcp6_sock),
2112 .twsk_prot = &tcp6_timewait_sock_ops,
2113 .rsk_prot = &tcp6_request_sock_ops,
2114 .h.hashinfo = &tcp_hashinfo,
2115 #ifdef CONFIG_COMPAT
2116 .compat_setsockopt = compat_tcp_setsockopt,
2117 .compat_getsockopt = compat_tcp_getsockopt,
2121 static struct inet6_protocol tcpv6_protocol = {
2122 .handler = tcp_v6_rcv,
2123 .err_handler = tcp_v6_err,
2124 .gso_send_check = tcp_v6_gso_send_check,
2125 .gso_segment = tcp_tso_segment,
2126 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2129 static struct inet_protosw tcpv6_protosw = {
2130 .type = SOCK_STREAM,
2131 .protocol = IPPROTO_TCP,
2132 .prot = &tcpv6_prot,
2133 .ops = &inet6_stream_ops,
2136 .flags = INET_PROTOSW_PERMANENT |
2140 static int tcpv6_net_init(struct net *net)
2142 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2143 SOCK_RAW, IPPROTO_TCP, net);
2146 static void tcpv6_net_exit(struct net *net)
2148 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2151 static struct pernet_operations tcpv6_net_ops = {
2152 .init = tcpv6_net_init,
2153 .exit = tcpv6_net_exit,
2156 int __init tcpv6_init(void)
2160 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2164 /* register inet6 protocol */
2165 ret = inet6_register_protosw(&tcpv6_protosw);
2167 goto out_tcpv6_protocol;
2169 ret = register_pernet_subsys(&tcpv6_net_ops);
2171 goto out_tcpv6_protosw;
2176 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2178 inet6_unregister_protosw(&tcpv6_protosw);
2182 void tcpv6_exit(void)
2184 unregister_pernet_subsys(&tcpv6_net_ops);
2185 inet6_unregister_protosw(&tcpv6_protosw);
2186 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
projects / linux-2.6 / blob