3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * $Id: tcp_ipv6.c,v 1.144 2002/02/01 22:01:04 davem Exp $
11 * linux/net/ipv4/tcp.c
12 * linux/net/ipv4/tcp_input.c
13 * linux/net/ipv4/tcp_output.c
16 * Hideaki YOSHIFUJI : sin6_scope_id support
17 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
18 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
19 * a single port at the same time.
20 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
22 * This program is free software; you can redistribute it and/or
23 * modify it under the terms of the GNU General Public License
24 * as published by the Free Software Foundation; either version
25 * 2 of the License, or (at your option) any later version.
28 #include <linux/module.h>
29 #include <linux/errno.h>
30 #include <linux/types.h>
31 #include <linux/socket.h>
32 #include <linux/sockios.h>
33 #include <linux/net.h>
34 #include <linux/jiffies.h>
36 #include <linux/in6.h>
37 #include <linux/netdevice.h>
38 #include <linux/init.h>
39 #include <linux/jhash.h>
40 #include <linux/ipsec.h>
41 #include <linux/times.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/netdma.h>
63 #include <net/inet_common.h>
65 #include <asm/uaccess.h>
67 #include <linux/proc_fs.h>
68 #include <linux/seq_file.h>
70 #include <linux/crypto.h>
71 #include <linux/scatterlist.h>
73 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
74 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req);
75 static void tcp_v6_send_check(struct sock *sk, int len,
78 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
80 static struct inet_connection_sock_af_ops ipv6_mapped;
81 static struct inet_connection_sock_af_ops ipv6_specific;
82 #ifdef CONFIG_TCP_MD5SIG
83 static struct tcp_sock_af_ops tcp_sock_ipv6_specific;
84 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
87 static void tcp_v6_hash(struct sock *sk)
89 if (sk->sk_state != TCP_CLOSE) {
90 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
100 static __inline__ __sum16 tcp_v6_check(struct tcphdr *th, int len,
101 struct in6_addr *saddr,
102 struct in6_addr *daddr,
105 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
108 static __u32 tcp_v6_init_sequence(struct sk_buff *skb)
110 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
111 ipv6_hdr(skb)->saddr.s6_addr32,
113 tcp_hdr(skb)->source);
116 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
119 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
120 struct inet_sock *inet = inet_sk(sk);
121 struct inet_connection_sock *icsk = inet_csk(sk);
122 struct ipv6_pinfo *np = inet6_sk(sk);
123 struct tcp_sock *tp = tcp_sk(sk);
124 struct in6_addr *saddr = NULL, *final_p = NULL, final;
126 struct dst_entry *dst;
130 if (addr_len < SIN6_LEN_RFC2133)
133 if (usin->sin6_family != AF_INET6)
134 return(-EAFNOSUPPORT);
136 memset(&fl, 0, sizeof(fl));
139 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
140 IP6_ECN_flow_init(fl.fl6_flowlabel);
141 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
142 struct ip6_flowlabel *flowlabel;
143 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
144 if (flowlabel == NULL)
146 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
147 fl6_sock_release(flowlabel);
152 * connect() to INADDR_ANY means loopback (BSD'ism).
155 if(ipv6_addr_any(&usin->sin6_addr))
156 usin->sin6_addr.s6_addr[15] = 0x1;
158 addr_type = ipv6_addr_type(&usin->sin6_addr);
160 if(addr_type & IPV6_ADDR_MULTICAST)
163 if (addr_type&IPV6_ADDR_LINKLOCAL) {
164 if (addr_len >= sizeof(struct sockaddr_in6) &&
165 usin->sin6_scope_id) {
166 /* If interface is set while binding, indices
169 if (sk->sk_bound_dev_if &&
170 sk->sk_bound_dev_if != usin->sin6_scope_id)
173 sk->sk_bound_dev_if = usin->sin6_scope_id;
176 /* Connect to link-local address requires an interface */
177 if (!sk->sk_bound_dev_if)
181 if (tp->rx_opt.ts_recent_stamp &&
182 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
183 tp->rx_opt.ts_recent = 0;
184 tp->rx_opt.ts_recent_stamp = 0;
188 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
189 np->flow_label = fl.fl6_flowlabel;
195 if (addr_type == IPV6_ADDR_MAPPED) {
196 u32 exthdrlen = icsk->icsk_ext_hdr_len;
197 struct sockaddr_in sin;
199 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
201 if (__ipv6_only_sock(sk))
204 sin.sin_family = AF_INET;
205 sin.sin_port = usin->sin6_port;
206 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
208 icsk->icsk_af_ops = &ipv6_mapped;
209 sk->sk_backlog_rcv = tcp_v4_do_rcv;
210 #ifdef CONFIG_TCP_MD5SIG
211 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
214 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
217 icsk->icsk_ext_hdr_len = exthdrlen;
218 icsk->icsk_af_ops = &ipv6_specific;
219 sk->sk_backlog_rcv = tcp_v6_do_rcv;
220 #ifdef CONFIG_TCP_MD5SIG
221 tp->af_specific = &tcp_sock_ipv6_specific;
225 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
227 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
234 if (!ipv6_addr_any(&np->rcv_saddr))
235 saddr = &np->rcv_saddr;
237 fl.proto = IPPROTO_TCP;
238 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
239 ipv6_addr_copy(&fl.fl6_src,
240 (saddr ? saddr : &np->saddr));
241 fl.oif = sk->sk_bound_dev_if;
242 fl.fl_ip_dport = usin->sin6_port;
243 fl.fl_ip_sport = inet->sport;
245 if (np->opt && np->opt->srcrt) {
246 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
247 ipv6_addr_copy(&final, &fl.fl6_dst);
248 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
252 security_sk_classify_flow(sk, &fl);
254 err = ip6_dst_lookup(sk, &dst, &fl);
258 ipv6_addr_copy(&fl.fl6_dst, final_p);
260 if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) {
262 err = ip6_dst_blackhole(sk, &dst, &fl);
269 ipv6_addr_copy(&np->rcv_saddr, saddr);
272 /* set the source address */
273 ipv6_addr_copy(&np->saddr, saddr);
274 inet->rcv_saddr = LOOPBACK4_IPV6;
276 sk->sk_gso_type = SKB_GSO_TCPV6;
277 __ip6_dst_store(sk, dst, NULL, NULL);
279 icsk->icsk_ext_hdr_len = 0;
281 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
284 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
286 inet->dport = usin->sin6_port;
288 tcp_set_state(sk, TCP_SYN_SENT);
289 err = inet6_hash_connect(&tcp_death_row, sk);
294 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
299 err = tcp_connect(sk);
306 tcp_set_state(sk, TCP_CLOSE);
310 sk->sk_route_caps = 0;
314 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
315 int type, int code, int offset, __be32 info)
317 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
318 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
319 struct ipv6_pinfo *np;
325 sk = inet6_lookup(dev_net(skb->dev), &tcp_hashinfo, &hdr->daddr,
326 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
329 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
333 if (sk->sk_state == TCP_TIME_WAIT) {
334 inet_twsk_put(inet_twsk(sk));
339 if (sock_owned_by_user(sk))
340 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
342 if (sk->sk_state == TCP_CLOSE)
346 seq = ntohl(th->seq);
347 if (sk->sk_state != TCP_LISTEN &&
348 !between(seq, tp->snd_una, tp->snd_nxt)) {
349 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
355 if (type == ICMPV6_PKT_TOOBIG) {
356 struct dst_entry *dst = NULL;
358 if (sock_owned_by_user(sk))
360 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
363 /* icmp should have updated the destination cache entry */
364 dst = __sk_dst_check(sk, np->dst_cookie);
367 struct inet_sock *inet = inet_sk(sk);
370 /* BUGGG_FUTURE: Again, it is not clear how
371 to handle rthdr case. Ignore this complexity
374 memset(&fl, 0, sizeof(fl));
375 fl.proto = IPPROTO_TCP;
376 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
377 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
378 fl.oif = sk->sk_bound_dev_if;
379 fl.fl_ip_dport = inet->dport;
380 fl.fl_ip_sport = inet->sport;
381 security_skb_classify_flow(skb, &fl);
383 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
384 sk->sk_err_soft = -err;
388 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
389 sk->sk_err_soft = -err;
396 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
397 tcp_sync_mss(sk, dst_mtu(dst));
398 tcp_simple_retransmit(sk);
399 } /* else let the usual retransmit timer handle it */
404 icmpv6_err_convert(type, code, &err);
406 /* Might be for an request_sock */
407 switch (sk->sk_state) {
408 struct request_sock *req, **prev;
410 if (sock_owned_by_user(sk))
413 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
414 &hdr->saddr, inet6_iif(skb));
418 /* ICMPs are not backlogged, hence we cannot get
419 * an established socket here.
421 BUG_TRAP(req->sk == NULL);
423 if (seq != tcp_rsk(req)->snt_isn) {
424 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
428 inet_csk_reqsk_queue_drop(sk, req, prev);
432 case TCP_SYN_RECV: /* Cannot happen.
433 It can, it SYNs are crossed. --ANK */
434 if (!sock_owned_by_user(sk)) {
436 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
440 sk->sk_err_soft = err;
444 if (!sock_owned_by_user(sk) && np->recverr) {
446 sk->sk_error_report(sk);
448 sk->sk_err_soft = err;
456 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req)
458 struct inet6_request_sock *treq = inet6_rsk(req);
459 struct ipv6_pinfo *np = inet6_sk(sk);
460 struct sk_buff * skb;
461 struct ipv6_txoptions *opt = NULL;
462 struct in6_addr * final_p = NULL, final;
464 struct dst_entry *dst;
467 memset(&fl, 0, sizeof(fl));
468 fl.proto = IPPROTO_TCP;
469 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
470 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
471 fl.fl6_flowlabel = 0;
473 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
474 fl.fl_ip_sport = inet_sk(sk)->sport;
475 security_req_classify_flow(req, &fl);
478 if (opt && opt->srcrt) {
479 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
480 ipv6_addr_copy(&final, &fl.fl6_dst);
481 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
485 err = ip6_dst_lookup(sk, &dst, &fl);
489 ipv6_addr_copy(&fl.fl6_dst, final_p);
490 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
493 skb = tcp_make_synack(sk, dst, req);
495 struct tcphdr *th = tcp_hdr(skb);
497 th->check = tcp_v6_check(th, skb->len,
498 &treq->loc_addr, &treq->rmt_addr,
499 csum_partial((char *)th, skb->len, skb->csum));
501 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
502 err = ip6_xmit(sk, skb, &fl, opt, 0);
503 err = net_xmit_eval(err);
507 if (opt && opt != np->opt)
508 sock_kfree_s(sk, opt, opt->tot_len);
513 static inline void syn_flood_warning(struct sk_buff *skb)
515 #ifdef CONFIG_SYN_COOKIES
516 if (sysctl_tcp_syncookies)
518 "TCPv6: Possible SYN flooding on port %d. "
519 "Sending cookies.\n", ntohs(tcp_hdr(skb)->dest));
523 "TCPv6: Possible SYN flooding on port %d. "
524 "Dropping request.\n", ntohs(tcp_hdr(skb)->dest));
527 static void tcp_v6_reqsk_destructor(struct request_sock *req)
529 if (inet6_rsk(req)->pktopts)
530 kfree_skb(inet6_rsk(req)->pktopts);
533 #ifdef CONFIG_TCP_MD5SIG
534 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
535 struct in6_addr *addr)
537 struct tcp_sock *tp = tcp_sk(sk);
542 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
545 for (i = 0; i < tp->md5sig_info->entries6; i++) {
546 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, addr))
547 return &tp->md5sig_info->keys6[i].base;
552 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
553 struct sock *addr_sk)
555 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
558 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
559 struct request_sock *req)
561 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
564 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer,
565 char *newkey, u8 newkeylen)
567 /* Add key to the list */
568 struct tcp_md5sig_key *key;
569 struct tcp_sock *tp = tcp_sk(sk);
570 struct tcp6_md5sig_key *keys;
572 key = tcp_v6_md5_do_lookup(sk, peer);
574 /* modify existing entry - just update that one */
577 key->keylen = newkeylen;
579 /* reallocate new list if current one is full. */
580 if (!tp->md5sig_info) {
581 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
582 if (!tp->md5sig_info) {
586 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
588 if (tcp_alloc_md5sig_pool() == NULL) {
592 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
593 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
594 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
597 tcp_free_md5sig_pool();
602 if (tp->md5sig_info->entries6)
603 memmove(keys, tp->md5sig_info->keys6,
604 (sizeof (tp->md5sig_info->keys6[0]) *
605 tp->md5sig_info->entries6));
607 kfree(tp->md5sig_info->keys6);
608 tp->md5sig_info->keys6 = keys;
609 tp->md5sig_info->alloced6++;
612 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
614 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
615 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
617 tp->md5sig_info->entries6++;
622 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
623 u8 *newkey, __u8 newkeylen)
625 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
629 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer)
631 struct tcp_sock *tp = tcp_sk(sk);
634 for (i = 0; i < tp->md5sig_info->entries6; i++) {
635 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, peer)) {
637 kfree(tp->md5sig_info->keys6[i].base.key);
638 tp->md5sig_info->entries6--;
640 if (tp->md5sig_info->entries6 == 0) {
641 kfree(tp->md5sig_info->keys6);
642 tp->md5sig_info->keys6 = NULL;
643 tp->md5sig_info->alloced6 = 0;
645 /* shrink the database */
646 if (tp->md5sig_info->entries6 != i)
647 memmove(&tp->md5sig_info->keys6[i],
648 &tp->md5sig_info->keys6[i+1],
649 (tp->md5sig_info->entries6 - i)
650 * sizeof (tp->md5sig_info->keys6[0]));
652 tcp_free_md5sig_pool();
659 static void tcp_v6_clear_md5_list (struct sock *sk)
661 struct tcp_sock *tp = tcp_sk(sk);
664 if (tp->md5sig_info->entries6) {
665 for (i = 0; i < tp->md5sig_info->entries6; i++)
666 kfree(tp->md5sig_info->keys6[i].base.key);
667 tp->md5sig_info->entries6 = 0;
668 tcp_free_md5sig_pool();
671 kfree(tp->md5sig_info->keys6);
672 tp->md5sig_info->keys6 = NULL;
673 tp->md5sig_info->alloced6 = 0;
675 if (tp->md5sig_info->entries4) {
676 for (i = 0; i < tp->md5sig_info->entries4; i++)
677 kfree(tp->md5sig_info->keys4[i].base.key);
678 tp->md5sig_info->entries4 = 0;
679 tcp_free_md5sig_pool();
682 kfree(tp->md5sig_info->keys4);
683 tp->md5sig_info->keys4 = NULL;
684 tp->md5sig_info->alloced4 = 0;
687 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
690 struct tcp_md5sig cmd;
691 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
694 if (optlen < sizeof(cmd))
697 if (copy_from_user(&cmd, optval, sizeof(cmd)))
700 if (sin6->sin6_family != AF_INET6)
703 if (!cmd.tcpm_keylen) {
704 if (!tcp_sk(sk)->md5sig_info)
706 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
707 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
708 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
711 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
714 if (!tcp_sk(sk)->md5sig_info) {
715 struct tcp_sock *tp = tcp_sk(sk);
716 struct tcp_md5sig_info *p;
718 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
723 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
726 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
729 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
730 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
731 newkey, cmd.tcpm_keylen);
733 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
736 static int tcp_v6_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
737 struct in6_addr *saddr,
738 struct in6_addr *daddr,
739 struct tcphdr *th, int protocol,
742 struct scatterlist sg[4];
746 struct tcp_md5sig_pool *hp;
747 struct tcp6_pseudohdr *bp;
748 struct hash_desc *desc;
750 unsigned int nbytes = 0;
752 hp = tcp_get_md5sig_pool();
754 printk(KERN_WARNING "%s(): hash pool not found...\n", __func__);
755 goto clear_hash_noput;
757 bp = &hp->md5_blk.ip6;
758 desc = &hp->md5_desc;
760 /* 1. TCP pseudo-header (RFC2460) */
761 ipv6_addr_copy(&bp->saddr, saddr);
762 ipv6_addr_copy(&bp->daddr, daddr);
763 bp->len = htonl(tcplen);
764 bp->protocol = htonl(protocol);
766 sg_init_table(sg, 4);
768 sg_set_buf(&sg[block++], bp, sizeof(*bp));
769 nbytes += sizeof(*bp);
771 /* 2. TCP header, excluding options */
774 sg_set_buf(&sg[block++], th, sizeof(*th));
775 nbytes += sizeof(*th);
777 /* 3. TCP segment data (if any) */
778 data_len = tcplen - (th->doff << 2);
780 u8 *data = (u8 *)th + (th->doff << 2);
781 sg_set_buf(&sg[block++], data, data_len);
786 sg_set_buf(&sg[block++], key->key, key->keylen);
787 nbytes += key->keylen;
789 sg_mark_end(&sg[block - 1]);
791 /* Now store the hash into the packet */
792 err = crypto_hash_init(desc);
794 printk(KERN_WARNING "%s(): hash_init failed\n", __func__);
797 err = crypto_hash_update(desc, sg, nbytes);
799 printk(KERN_WARNING "%s(): hash_update failed\n", __func__);
802 err = crypto_hash_final(desc, md5_hash);
804 printk(KERN_WARNING "%s(): hash_final failed\n", __func__);
808 /* Reset header, and free up the crypto */
809 tcp_put_md5sig_pool();
814 tcp_put_md5sig_pool();
816 memset(md5_hash, 0, 16);
820 static int tcp_v6_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
822 struct dst_entry *dst,
823 struct request_sock *req,
824 struct tcphdr *th, int protocol,
827 struct in6_addr *saddr, *daddr;
830 saddr = &inet6_sk(sk)->saddr;
831 daddr = &inet6_sk(sk)->daddr;
833 saddr = &inet6_rsk(req)->loc_addr;
834 daddr = &inet6_rsk(req)->rmt_addr;
836 return tcp_v6_do_calc_md5_hash(md5_hash, key,
838 th, protocol, tcplen);
841 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
843 __u8 *hash_location = NULL;
844 struct tcp_md5sig_key *hash_expected;
845 struct ipv6hdr *ip6h = ipv6_hdr(skb);
846 struct tcphdr *th = tcp_hdr(skb);
850 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
851 hash_location = tcp_parse_md5sig_option(th);
853 /* do we have a hash as expected? */
854 if (!hash_expected) {
857 if (net_ratelimit()) {
858 printk(KERN_INFO "MD5 Hash NOT expected but found "
859 "(" NIP6_FMT ", %u)->"
860 "(" NIP6_FMT ", %u)\n",
861 NIP6(ip6h->saddr), ntohs(th->source),
862 NIP6(ip6h->daddr), ntohs(th->dest));
867 if (!hash_location) {
868 if (net_ratelimit()) {
869 printk(KERN_INFO "MD5 Hash expected but NOT found "
870 "(" NIP6_FMT ", %u)->"
871 "(" NIP6_FMT ", %u)\n",
872 NIP6(ip6h->saddr), ntohs(th->source),
873 NIP6(ip6h->daddr), ntohs(th->dest));
878 /* check the signature */
879 genhash = tcp_v6_do_calc_md5_hash(newhash,
881 &ip6h->saddr, &ip6h->daddr,
884 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
885 if (net_ratelimit()) {
886 printk(KERN_INFO "MD5 Hash %s for "
887 "(" NIP6_FMT ", %u)->"
888 "(" NIP6_FMT ", %u)\n",
889 genhash ? "failed" : "mismatch",
890 NIP6(ip6h->saddr), ntohs(th->source),
891 NIP6(ip6h->daddr), ntohs(th->dest));
899 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
901 .obj_size = sizeof(struct tcp6_request_sock),
902 .rtx_syn_ack = tcp_v6_send_synack,
903 .send_ack = tcp_v6_reqsk_send_ack,
904 .destructor = tcp_v6_reqsk_destructor,
905 .send_reset = tcp_v6_send_reset
908 #ifdef CONFIG_TCP_MD5SIG
909 static struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
910 .md5_lookup = tcp_v6_reqsk_md5_lookup,
914 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
915 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
916 .twsk_unique = tcp_twsk_unique,
917 .twsk_destructor= tcp_twsk_destructor,
920 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb)
922 struct ipv6_pinfo *np = inet6_sk(sk);
923 struct tcphdr *th = tcp_hdr(skb);
925 if (skb->ip_summed == CHECKSUM_PARTIAL) {
926 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
927 skb->csum_start = skb_transport_header(skb) - skb->head;
928 skb->csum_offset = offsetof(struct tcphdr, check);
930 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
931 csum_partial((char *)th, th->doff<<2,
936 static int tcp_v6_gso_send_check(struct sk_buff *skb)
938 struct ipv6hdr *ipv6h;
941 if (!pskb_may_pull(skb, sizeof(*th)))
944 ipv6h = ipv6_hdr(skb);
948 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
950 skb->csum_start = skb_transport_header(skb) - skb->head;
951 skb->csum_offset = offsetof(struct tcphdr, check);
952 skb->ip_summed = CHECKSUM_PARTIAL;
956 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
958 struct tcphdr *th = tcp_hdr(skb), *t1;
959 struct sk_buff *buff;
961 struct net *net = dev_net(skb->dst->dev);
962 struct sock *ctl_sk = net->ipv6.tcp_sk;
963 unsigned int tot_len = sizeof(*th);
964 #ifdef CONFIG_TCP_MD5SIG
965 struct tcp_md5sig_key *key;
971 if (!ipv6_unicast_destination(skb))
974 #ifdef CONFIG_TCP_MD5SIG
976 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr);
981 tot_len += TCPOLEN_MD5SIG_ALIGNED;
985 * We need to grab some memory, and put together an RST,
986 * and then put it into the queue to be sent.
989 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
994 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
996 t1 = (struct tcphdr *) skb_push(buff, tot_len);
998 /* Swap the send and the receive. */
999 memset(t1, 0, sizeof(*t1));
1000 t1->dest = th->source;
1001 t1->source = th->dest;
1002 t1->doff = tot_len / 4;
1006 t1->seq = th->ack_seq;
1009 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin
1010 + skb->len - (th->doff<<2));
1013 #ifdef CONFIG_TCP_MD5SIG
1015 __be32 *opt = (__be32*)(t1 + 1);
1016 opt[0] = htonl((TCPOPT_NOP << 24) |
1017 (TCPOPT_NOP << 16) |
1018 (TCPOPT_MD5SIG << 8) |
1020 tcp_v6_do_calc_md5_hash((__u8 *)&opt[1], key,
1021 &ipv6_hdr(skb)->daddr,
1022 &ipv6_hdr(skb)->saddr,
1023 t1, IPPROTO_TCP, tot_len);
1027 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0);
1029 memset(&fl, 0, sizeof(fl));
1030 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1031 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1033 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1034 sizeof(*t1), IPPROTO_TCP,
1037 fl.proto = IPPROTO_TCP;
1038 fl.oif = inet6_iif(skb);
1039 fl.fl_ip_dport = t1->dest;
1040 fl.fl_ip_sport = t1->source;
1041 security_skb_classify_flow(skb, &fl);
1043 /* Pass a socket to ip6_dst_lookup either it is for RST
1044 * Underlying function will use this to retrieve the network
1047 if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) {
1049 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1050 ip6_xmit(ctl_sk, buff, &fl, NULL, 0);
1051 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1052 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
1060 static void tcp_v6_send_ack(struct tcp_timewait_sock *tw,
1061 struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts)
1063 struct tcphdr *th = tcp_hdr(skb), *t1;
1064 struct sk_buff *buff;
1066 struct net *net = dev_net(skb->dev);
1067 struct sock *ctl_sk = net->ipv6.tcp_sk;
1068 unsigned int tot_len = sizeof(struct tcphdr);
1070 #ifdef CONFIG_TCP_MD5SIG
1071 struct tcp_md5sig_key *key;
1072 struct tcp_md5sig_key tw_key;
1075 #ifdef CONFIG_TCP_MD5SIG
1076 if (!tw && skb->sk) {
1077 key = tcp_v6_md5_do_lookup(skb->sk, &ipv6_hdr(skb)->daddr);
1078 } else if (tw && tw->tw_md5_keylen) {
1079 tw_key.key = tw->tw_md5_key;
1080 tw_key.keylen = tw->tw_md5_keylen;
1088 tot_len += TCPOLEN_TSTAMP_ALIGNED;
1089 #ifdef CONFIG_TCP_MD5SIG
1091 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1094 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1099 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1101 t1 = (struct tcphdr *) skb_push(buff,tot_len);
1103 /* Swap the send and the receive. */
1104 memset(t1, 0, sizeof(*t1));
1105 t1->dest = th->source;
1106 t1->source = th->dest;
1107 t1->doff = tot_len/4;
1108 t1->seq = htonl(seq);
1109 t1->ack_seq = htonl(ack);
1111 t1->window = htons(win);
1113 topt = (__be32 *)(t1 + 1);
1116 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1117 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
1118 *topt++ = htonl(tcp_time_stamp);
1122 #ifdef CONFIG_TCP_MD5SIG
1124 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1125 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
1126 tcp_v6_do_calc_md5_hash((__u8 *)topt, key,
1127 &ipv6_hdr(skb)->daddr,
1128 &ipv6_hdr(skb)->saddr,
1129 t1, IPPROTO_TCP, tot_len);
1133 buff->csum = csum_partial((char *)t1, tot_len, 0);
1135 memset(&fl, 0, sizeof(fl));
1136 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1137 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1139 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1140 tot_len, IPPROTO_TCP,
1143 fl.proto = IPPROTO_TCP;
1144 fl.oif = inet6_iif(skb);
1145 fl.fl_ip_dport = t1->dest;
1146 fl.fl_ip_sport = t1->source;
1147 security_skb_classify_flow(skb, &fl);
1149 if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) {
1150 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1151 ip6_xmit(ctl_sk, buff, &fl, NULL, 0);
1152 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1160 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1162 struct inet_timewait_sock *tw = inet_twsk(sk);
1163 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1165 tcp_v6_send_ack(tcptw, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1166 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1167 tcptw->tw_ts_recent);
1172 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req)
1174 tcp_v6_send_ack(NULL, skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent);
1178 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1180 struct request_sock *req, **prev;
1181 const struct tcphdr *th = tcp_hdr(skb);
1184 /* Find possible connection requests. */
1185 req = inet6_csk_search_req(sk, &prev, th->source,
1186 &ipv6_hdr(skb)->saddr,
1187 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1189 return tcp_check_req(sk, skb, req, prev);
1191 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
1192 &ipv6_hdr(skb)->saddr, th->source,
1193 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1196 if (nsk->sk_state != TCP_TIME_WAIT) {
1200 inet_twsk_put(inet_twsk(nsk));
1204 #ifdef CONFIG_SYN_COOKIES
1205 if (!th->rst && !th->syn && th->ack)
1206 sk = cookie_v6_check(sk, skb);
1211 /* FIXME: this is substantially similar to the ipv4 code.
1212 * Can some kind of merge be done? -- erics
1214 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1216 struct inet6_request_sock *treq;
1217 struct ipv6_pinfo *np = inet6_sk(sk);
1218 struct tcp_options_received tmp_opt;
1219 struct tcp_sock *tp = tcp_sk(sk);
1220 struct request_sock *req = NULL;
1221 __u32 isn = TCP_SKB_CB(skb)->when;
1222 #ifdef CONFIG_SYN_COOKIES
1223 int want_cookie = 0;
1225 #define want_cookie 0
1228 if (skb->protocol == htons(ETH_P_IP))
1229 return tcp_v4_conn_request(sk, skb);
1231 if (!ipv6_unicast_destination(skb))
1234 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1235 if (net_ratelimit())
1236 syn_flood_warning(skb);
1237 #ifdef CONFIG_SYN_COOKIES
1238 if (sysctl_tcp_syncookies)
1245 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1248 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1252 #ifdef CONFIG_TCP_MD5SIG
1253 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1256 tcp_clear_options(&tmp_opt);
1257 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1258 tmp_opt.user_mss = tp->rx_opt.user_mss;
1260 tcp_parse_options(skb, &tmp_opt, 0);
1262 if (want_cookie && !tmp_opt.saw_tstamp)
1263 tcp_clear_options(&tmp_opt);
1265 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1266 tcp_openreq_init(req, &tmp_opt, skb);
1268 treq = inet6_rsk(req);
1269 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1270 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1271 treq->pktopts = NULL;
1273 TCP_ECN_create_request(req, tcp_hdr(skb));
1276 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1277 req->cookie_ts = tmp_opt.tstamp_ok;
1279 if (ipv6_opt_accepted(sk, skb) ||
1280 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1281 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1282 atomic_inc(&skb->users);
1283 treq->pktopts = skb;
1285 treq->iif = sk->sk_bound_dev_if;
1287 /* So that link locals have meaning */
1288 if (!sk->sk_bound_dev_if &&
1289 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1290 treq->iif = inet6_iif(skb);
1292 isn = tcp_v6_init_sequence(skb);
1295 tcp_rsk(req)->snt_isn = isn;
1297 security_inet_conn_request(sk, skb, req);
1299 if (tcp_v6_send_synack(sk, req))
1303 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1311 return 0; /* don't send reset */
1314 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1315 struct request_sock *req,
1316 struct dst_entry *dst)
1318 struct inet6_request_sock *treq = inet6_rsk(req);
1319 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1320 struct tcp6_sock *newtcp6sk;
1321 struct inet_sock *newinet;
1322 struct tcp_sock *newtp;
1324 struct ipv6_txoptions *opt;
1325 #ifdef CONFIG_TCP_MD5SIG
1326 struct tcp_md5sig_key *key;
1329 if (skb->protocol == htons(ETH_P_IP)) {
1334 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1339 newtcp6sk = (struct tcp6_sock *)newsk;
1340 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1342 newinet = inet_sk(newsk);
1343 newnp = inet6_sk(newsk);
1344 newtp = tcp_sk(newsk);
1346 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1348 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
1351 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
1354 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1356 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1357 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1358 #ifdef CONFIG_TCP_MD5SIG
1359 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1362 newnp->pktoptions = NULL;
1364 newnp->mcast_oif = inet6_iif(skb);
1365 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1368 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1369 * here, tcp_create_openreq_child now does this for us, see the comment in
1370 * that function for the gory details. -acme
1373 /* It is tricky place. Until this moment IPv4 tcp
1374 worked with IPv6 icsk.icsk_af_ops.
1377 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1384 if (sk_acceptq_is_full(sk))
1388 struct in6_addr *final_p = NULL, final;
1391 memset(&fl, 0, sizeof(fl));
1392 fl.proto = IPPROTO_TCP;
1393 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1394 if (opt && opt->srcrt) {
1395 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
1396 ipv6_addr_copy(&final, &fl.fl6_dst);
1397 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1400 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1401 fl.oif = sk->sk_bound_dev_if;
1402 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1403 fl.fl_ip_sport = inet_sk(sk)->sport;
1404 security_req_classify_flow(req, &fl);
1406 if (ip6_dst_lookup(sk, &dst, &fl))
1410 ipv6_addr_copy(&fl.fl6_dst, final_p);
1412 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
1416 newsk = tcp_create_openreq_child(sk, req, skb);
1421 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1422 * count here, tcp_create_openreq_child now does this for us, see the
1423 * comment in that function for the gory details. -acme
1426 newsk->sk_gso_type = SKB_GSO_TCPV6;
1427 __ip6_dst_store(newsk, dst, NULL, NULL);
1429 newtcp6sk = (struct tcp6_sock *)newsk;
1430 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1432 newtp = tcp_sk(newsk);
1433 newinet = inet_sk(newsk);
1434 newnp = inet6_sk(newsk);
1436 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1438 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1439 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1440 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1441 newsk->sk_bound_dev_if = treq->iif;
1443 /* Now IPv6 options...
1445 First: no IPv4 options.
1447 newinet->opt = NULL;
1448 newnp->ipv6_fl_list = NULL;
1451 newnp->rxopt.all = np->rxopt.all;
1453 /* Clone pktoptions received with SYN */
1454 newnp->pktoptions = NULL;
1455 if (treq->pktopts != NULL) {
1456 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1457 kfree_skb(treq->pktopts);
1458 treq->pktopts = NULL;
1459 if (newnp->pktoptions)
1460 skb_set_owner_r(newnp->pktoptions, newsk);
1463 newnp->mcast_oif = inet6_iif(skb);
1464 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1466 /* Clone native IPv6 options from listening socket (if any)
1468 Yes, keeping reference count would be much more clever,
1469 but we make one more one thing there: reattach optmem
1473 newnp->opt = ipv6_dup_options(newsk, opt);
1475 sock_kfree_s(sk, opt, opt->tot_len);
1478 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1480 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1481 newnp->opt->opt_flen);
1483 tcp_mtup_init(newsk);
1484 tcp_sync_mss(newsk, dst_mtu(dst));
1485 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1486 tcp_initialize_rcv_mss(newsk);
1488 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
1490 #ifdef CONFIG_TCP_MD5SIG
1491 /* Copy over the MD5 key from the original socket */
1492 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1493 /* We're using one, so create a matching key
1494 * on the newsk structure. If we fail to get
1495 * memory, then we end up not copying the key
1498 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1500 tcp_v6_md5_do_add(newsk, &inet6_sk(sk)->daddr,
1501 newkey, key->keylen);
1505 __inet6_hash(newsk);
1506 __inet_inherit_port(sk, newsk);
1511 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
1513 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
1514 if (opt && opt != np->opt)
1515 sock_kfree_s(sk, opt, opt->tot_len);
1520 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1522 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1523 if (!tcp_v6_check(tcp_hdr(skb), skb->len, &ipv6_hdr(skb)->saddr,
1524 &ipv6_hdr(skb)->daddr, skb->csum)) {
1525 skb->ip_summed = CHECKSUM_UNNECESSARY;
1530 skb->csum = ~csum_unfold(tcp_v6_check(tcp_hdr(skb), skb->len,
1531 &ipv6_hdr(skb)->saddr,
1532 &ipv6_hdr(skb)->daddr, 0));
1534 if (skb->len <= 76) {
1535 return __skb_checksum_complete(skb);
1540 /* The socket must have it's spinlock held when we get
1543 * We have a potential double-lock case here, so even when
1544 * doing backlog processing we use the BH locking scheme.
1545 * This is because we cannot sleep with the original spinlock
1548 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1550 struct ipv6_pinfo *np = inet6_sk(sk);
1551 struct tcp_sock *tp;
1552 struct sk_buff *opt_skb = NULL;
1554 /* Imagine: socket is IPv6. IPv4 packet arrives,
1555 goes to IPv4 receive handler and backlogged.
1556 From backlog it always goes here. Kerboom...
1557 Fortunately, tcp_rcv_established and rcv_established
1558 handle them correctly, but it is not case with
1559 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1562 if (skb->protocol == htons(ETH_P_IP))
1563 return tcp_v4_do_rcv(sk, skb);
1565 #ifdef CONFIG_TCP_MD5SIG
1566 if (tcp_v6_inbound_md5_hash (sk, skb))
1570 if (sk_filter(sk, skb))
1574 * socket locking is here for SMP purposes as backlog rcv
1575 * is currently called with bh processing disabled.
1578 /* Do Stevens' IPV6_PKTOPTIONS.
1580 Yes, guys, it is the only place in our code, where we
1581 may make it not affecting IPv4.
1582 The rest of code is protocol independent,
1583 and I do not like idea to uglify IPv4.
1585 Actually, all the idea behind IPV6_PKTOPTIONS
1586 looks not very well thought. For now we latch
1587 options, received in the last packet, enqueued
1588 by tcp. Feel free to propose better solution.
1592 opt_skb = skb_clone(skb, GFP_ATOMIC);
1594 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1595 TCP_CHECK_TIMER(sk);
1596 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1598 TCP_CHECK_TIMER(sk);
1600 goto ipv6_pktoptions;
1604 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1607 if (sk->sk_state == TCP_LISTEN) {
1608 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1613 * Queue it on the new socket if the new socket is active,
1614 * otherwise we just shortcircuit this and continue with
1618 if (tcp_child_process(sk, nsk, skb))
1621 __kfree_skb(opt_skb);
1626 TCP_CHECK_TIMER(sk);
1627 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1629 TCP_CHECK_TIMER(sk);
1631 goto ipv6_pktoptions;
1635 tcp_v6_send_reset(sk, skb);
1638 __kfree_skb(opt_skb);
1642 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1647 /* Do you ask, what is it?
1649 1. skb was enqueued by tcp.
1650 2. skb is added to tail of read queue, rather than out of order.
1651 3. socket is not in passive state.
1652 4. Finally, it really contains options, which user wants to receive.
1655 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1656 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1657 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1658 np->mcast_oif = inet6_iif(opt_skb);
1659 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1660 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1661 if (ipv6_opt_accepted(sk, opt_skb)) {
1662 skb_set_owner_r(opt_skb, sk);
1663 opt_skb = xchg(&np->pktoptions, opt_skb);
1665 __kfree_skb(opt_skb);
1666 opt_skb = xchg(&np->pktoptions, NULL);
1675 static int tcp_v6_rcv(struct sk_buff *skb)
1681 if (skb->pkt_type != PACKET_HOST)
1685 * Count it even if it's bad.
1687 TCP_INC_STATS_BH(TCP_MIB_INSEGS);
1689 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1694 if (th->doff < sizeof(struct tcphdr)/4)
1696 if (!pskb_may_pull(skb, th->doff*4))
1699 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1703 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1704 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1705 skb->len - th->doff*4);
1706 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1707 TCP_SKB_CB(skb)->when = 0;
1708 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(ipv6_hdr(skb));
1709 TCP_SKB_CB(skb)->sacked = 0;
1711 sk = __inet6_lookup(dev_net(skb->dev), &tcp_hashinfo,
1712 &ipv6_hdr(skb)->saddr, th->source,
1713 &ipv6_hdr(skb)->daddr, ntohs(th->dest),
1720 if (sk->sk_state == TCP_TIME_WAIT)
1723 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1724 goto discard_and_relse;
1726 if (sk_filter(sk, skb))
1727 goto discard_and_relse;
1731 bh_lock_sock_nested(sk);
1733 if (!sock_owned_by_user(sk)) {
1734 #ifdef CONFIG_NET_DMA
1735 struct tcp_sock *tp = tcp_sk(sk);
1736 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1737 tp->ucopy.dma_chan = get_softnet_dma();
1738 if (tp->ucopy.dma_chan)
1739 ret = tcp_v6_do_rcv(sk, skb);
1743 if (!tcp_prequeue(sk, skb))
1744 ret = tcp_v6_do_rcv(sk, skb);
1747 sk_add_backlog(sk, skb);
1751 return ret ? -1 : 0;
1754 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1757 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1759 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1761 tcp_v6_send_reset(NULL, skb);
1778 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1779 inet_twsk_put(inet_twsk(sk));
1783 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1784 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1785 inet_twsk_put(inet_twsk(sk));
1789 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1794 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1795 &ipv6_hdr(skb)->daddr,
1796 ntohs(th->dest), inet6_iif(skb));
1798 struct inet_timewait_sock *tw = inet_twsk(sk);
1799 inet_twsk_deschedule(tw, &tcp_death_row);
1804 /* Fall through to ACK */
1807 tcp_v6_timewait_ack(sk, skb);
1811 case TCP_TW_SUCCESS:;
1816 static int tcp_v6_remember_stamp(struct sock *sk)
1818 /* Alas, not yet... */
1822 static struct inet_connection_sock_af_ops ipv6_specific = {
1823 .queue_xmit = inet6_csk_xmit,
1824 .send_check = tcp_v6_send_check,
1825 .rebuild_header = inet6_sk_rebuild_header,
1826 .conn_request = tcp_v6_conn_request,
1827 .syn_recv_sock = tcp_v6_syn_recv_sock,
1828 .remember_stamp = tcp_v6_remember_stamp,
1829 .net_header_len = sizeof(struct ipv6hdr),
1830 .setsockopt = ipv6_setsockopt,
1831 .getsockopt = ipv6_getsockopt,
1832 .addr2sockaddr = inet6_csk_addr2sockaddr,
1833 .sockaddr_len = sizeof(struct sockaddr_in6),
1834 .bind_conflict = inet6_csk_bind_conflict,
1835 #ifdef CONFIG_COMPAT
1836 .compat_setsockopt = compat_ipv6_setsockopt,
1837 .compat_getsockopt = compat_ipv6_getsockopt,
1841 #ifdef CONFIG_TCP_MD5SIG
1842 static struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1843 .md5_lookup = tcp_v6_md5_lookup,
1844 .calc_md5_hash = tcp_v6_calc_md5_hash,
1845 .md5_add = tcp_v6_md5_add_func,
1846 .md5_parse = tcp_v6_parse_md5_keys,
1851 * TCP over IPv4 via INET6 API
1854 static struct inet_connection_sock_af_ops ipv6_mapped = {
1855 .queue_xmit = ip_queue_xmit,
1856 .send_check = tcp_v4_send_check,
1857 .rebuild_header = inet_sk_rebuild_header,
1858 .conn_request = tcp_v6_conn_request,
1859 .syn_recv_sock = tcp_v6_syn_recv_sock,
1860 .remember_stamp = tcp_v4_remember_stamp,
1861 .net_header_len = sizeof(struct iphdr),
1862 .setsockopt = ipv6_setsockopt,
1863 .getsockopt = ipv6_getsockopt,
1864 .addr2sockaddr = inet6_csk_addr2sockaddr,
1865 .sockaddr_len = sizeof(struct sockaddr_in6),
1866 .bind_conflict = inet6_csk_bind_conflict,
1867 #ifdef CONFIG_COMPAT
1868 .compat_setsockopt = compat_ipv6_setsockopt,
1869 .compat_getsockopt = compat_ipv6_getsockopt,
1873 #ifdef CONFIG_TCP_MD5SIG
1874 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1875 .md5_lookup = tcp_v4_md5_lookup,
1876 .calc_md5_hash = tcp_v4_calc_md5_hash,
1877 .md5_add = tcp_v6_md5_add_func,
1878 .md5_parse = tcp_v6_parse_md5_keys,
1882 /* NOTE: A lot of things set to zero explicitly by call to
1883 * sk_alloc() so need not be done here.
1885 static int tcp_v6_init_sock(struct sock *sk)
1887 struct inet_connection_sock *icsk = inet_csk(sk);
1888 struct tcp_sock *tp = tcp_sk(sk);
1890 skb_queue_head_init(&tp->out_of_order_queue);
1891 tcp_init_xmit_timers(sk);
1892 tcp_prequeue_init(tp);
1894 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1895 tp->mdev = TCP_TIMEOUT_INIT;
1897 /* So many TCP implementations out there (incorrectly) count the
1898 * initial SYN frame in their delayed-ACK and congestion control
1899 * algorithms that we must have the following bandaid to talk
1900 * efficiently to them. -DaveM
1904 /* See draft-stevens-tcpca-spec-01 for discussion of the
1905 * initialization of these values.
1907 tp->snd_ssthresh = 0x7fffffff;
1908 tp->snd_cwnd_clamp = ~0;
1909 tp->mss_cache = 536;
1911 tp->reordering = sysctl_tcp_reordering;
1913 sk->sk_state = TCP_CLOSE;
1915 icsk->icsk_af_ops = &ipv6_specific;
1916 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1917 icsk->icsk_sync_mss = tcp_sync_mss;
1918 sk->sk_write_space = sk_stream_write_space;
1919 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1921 #ifdef CONFIG_TCP_MD5SIG
1922 tp->af_specific = &tcp_sock_ipv6_specific;
1925 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1926 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1928 atomic_inc(&tcp_sockets_allocated);
1933 static int tcp_v6_destroy_sock(struct sock *sk)
1935 #ifdef CONFIG_TCP_MD5SIG
1936 /* Clean up the MD5 key list */
1937 if (tcp_sk(sk)->md5sig_info)
1938 tcp_v6_clear_md5_list(sk);
1940 tcp_v4_destroy_sock(sk);
1941 return inet6_destroy_sock(sk);
1944 #ifdef CONFIG_PROC_FS
1945 /* Proc filesystem TCPv6 sock list dumping. */
1946 static void get_openreq6(struct seq_file *seq,
1947 struct sock *sk, struct request_sock *req, int i, int uid)
1949 int ttd = req->expires - jiffies;
1950 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1951 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1957 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1958 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1960 src->s6_addr32[0], src->s6_addr32[1],
1961 src->s6_addr32[2], src->s6_addr32[3],
1962 ntohs(inet_sk(sk)->sport),
1963 dest->s6_addr32[0], dest->s6_addr32[1],
1964 dest->s6_addr32[2], dest->s6_addr32[3],
1965 ntohs(inet_rsk(req)->rmt_port),
1967 0,0, /* could print option size, but that is af dependent. */
1968 1, /* timers active (only the expire timer) */
1969 jiffies_to_clock_t(ttd),
1972 0, /* non standard timer */
1973 0, /* open_requests have no inode */
1977 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1979 struct in6_addr *dest, *src;
1982 unsigned long timer_expires;
1983 struct inet_sock *inet = inet_sk(sp);
1984 struct tcp_sock *tp = tcp_sk(sp);
1985 const struct inet_connection_sock *icsk = inet_csk(sp);
1986 struct ipv6_pinfo *np = inet6_sk(sp);
1989 src = &np->rcv_saddr;
1990 destp = ntohs(inet->dport);
1991 srcp = ntohs(inet->sport);
1993 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1995 timer_expires = icsk->icsk_timeout;
1996 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1998 timer_expires = icsk->icsk_timeout;
1999 } else if (timer_pending(&sp->sk_timer)) {
2001 timer_expires = sp->sk_timer.expires;
2004 timer_expires = jiffies;
2008 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2009 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d\n",
2011 src->s6_addr32[0], src->s6_addr32[1],
2012 src->s6_addr32[2], src->s6_addr32[3], srcp,
2013 dest->s6_addr32[0], dest->s6_addr32[1],
2014 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2016 tp->write_seq-tp->snd_una,
2017 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
2019 jiffies_to_clock_t(timer_expires - jiffies),
2020 icsk->icsk_retransmits,
2022 icsk->icsk_probes_out,
2024 atomic_read(&sp->sk_refcnt), sp,
2027 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
2028 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
2032 static void get_timewait6_sock(struct seq_file *seq,
2033 struct inet_timewait_sock *tw, int i)
2035 struct in6_addr *dest, *src;
2037 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
2038 int ttd = tw->tw_ttd - jiffies;
2043 dest = &tw6->tw_v6_daddr;
2044 src = &tw6->tw_v6_rcv_saddr;
2045 destp = ntohs(tw->tw_dport);
2046 srcp = ntohs(tw->tw_sport);
2049 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2050 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
2052 src->s6_addr32[0], src->s6_addr32[1],
2053 src->s6_addr32[2], src->s6_addr32[3], srcp,
2054 dest->s6_addr32[0], dest->s6_addr32[1],
2055 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2056 tw->tw_substate, 0, 0,
2057 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2058 atomic_read(&tw->tw_refcnt), tw);
2061 static int tcp6_seq_show(struct seq_file *seq, void *v)
2063 struct tcp_iter_state *st;
2065 if (v == SEQ_START_TOKEN) {
2070 "st tx_queue rx_queue tr tm->when retrnsmt"
2071 " uid timeout inode\n");
2076 switch (st->state) {
2077 case TCP_SEQ_STATE_LISTENING:
2078 case TCP_SEQ_STATE_ESTABLISHED:
2079 get_tcp6_sock(seq, v, st->num);
2081 case TCP_SEQ_STATE_OPENREQ:
2082 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
2084 case TCP_SEQ_STATE_TIME_WAIT:
2085 get_timewait6_sock(seq, v, st->num);
2092 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2096 .owner = THIS_MODULE,
2099 .show = tcp6_seq_show,
2103 int tcp6_proc_init(struct net *net)
2105 return tcp_proc_register(net, &tcp6_seq_afinfo);
2108 void tcp6_proc_exit(struct net *net)
2110 tcp_proc_unregister(net, &tcp6_seq_afinfo);
2114 struct proto tcpv6_prot = {
2116 .owner = THIS_MODULE,
2118 .connect = tcp_v6_connect,
2119 .disconnect = tcp_disconnect,
2120 .accept = inet_csk_accept,
2122 .init = tcp_v6_init_sock,
2123 .destroy = tcp_v6_destroy_sock,
2124 .shutdown = tcp_shutdown,
2125 .setsockopt = tcp_setsockopt,
2126 .getsockopt = tcp_getsockopt,
2127 .recvmsg = tcp_recvmsg,
2128 .backlog_rcv = tcp_v6_do_rcv,
2129 .hash = tcp_v6_hash,
2130 .unhash = inet_unhash,
2131 .get_port = inet_csk_get_port,
2132 .enter_memory_pressure = tcp_enter_memory_pressure,
2133 .sockets_allocated = &tcp_sockets_allocated,
2134 .memory_allocated = &tcp_memory_allocated,
2135 .memory_pressure = &tcp_memory_pressure,
2136 .orphan_count = &tcp_orphan_count,
2137 .sysctl_mem = sysctl_tcp_mem,
2138 .sysctl_wmem = sysctl_tcp_wmem,
2139 .sysctl_rmem = sysctl_tcp_rmem,
2140 .max_header = MAX_TCP_HEADER,
2141 .obj_size = sizeof(struct tcp6_sock),
2142 .twsk_prot = &tcp6_timewait_sock_ops,
2143 .rsk_prot = &tcp6_request_sock_ops,
2144 .h.hashinfo = &tcp_hashinfo,
2145 #ifdef CONFIG_COMPAT
2146 .compat_setsockopt = compat_tcp_setsockopt,
2147 .compat_getsockopt = compat_tcp_getsockopt,
2151 static struct inet6_protocol tcpv6_protocol = {
2152 .handler = tcp_v6_rcv,
2153 .err_handler = tcp_v6_err,
2154 .gso_send_check = tcp_v6_gso_send_check,
2155 .gso_segment = tcp_tso_segment,
2156 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2159 static struct inet_protosw tcpv6_protosw = {
2160 .type = SOCK_STREAM,
2161 .protocol = IPPROTO_TCP,
2162 .prot = &tcpv6_prot,
2163 .ops = &inet6_stream_ops,
2166 .flags = INET_PROTOSW_PERMANENT |
2170 static int tcpv6_net_init(struct net *net)
2172 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2173 SOCK_RAW, IPPROTO_TCP, net);
2176 static void tcpv6_net_exit(struct net *net)
2178 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2181 static struct pernet_operations tcpv6_net_ops = {
2182 .init = tcpv6_net_init,
2183 .exit = tcpv6_net_exit,
2186 int __init tcpv6_init(void)
2190 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2194 /* register inet6 protocol */
2195 ret = inet6_register_protosw(&tcpv6_protosw);
2197 goto out_tcpv6_protocol;
2199 ret = register_pernet_subsys(&tcpv6_net_ops);
2201 goto out_tcpv6_protosw;
2206 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2208 inet6_unregister_protosw(&tcpv6_protosw);
2212 void tcpv6_exit(void)
2214 unregister_pernet_subsys(&tcpv6_net_ops);
2215 inet6_unregister_protosw(&tcpv6_protosw);
2216 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);