3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * $Id: tcp_ipv6.c,v 1.144 2002/02/01 22:01:04 davem Exp $
11 * linux/net/ipv4/tcp.c
12 * linux/net/ipv4/tcp_input.c
13 * linux/net/ipv4/tcp_output.c
16 * Hideaki YOSHIFUJI : sin6_scope_id support
17 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
18 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
19 * a single port at the same time.
20 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
22 * This program is free software; you can redistribute it and/or
23 * modify it under the terms of the GNU General Public License
24 * as published by the Free Software Foundation; either version
25 * 2 of the License, or (at your option) any later version.
28 #include <linux/module.h>
29 #include <linux/errno.h>
30 #include <linux/types.h>
31 #include <linux/socket.h>
32 #include <linux/sockios.h>
33 #include <linux/net.h>
34 #include <linux/jiffies.h>
36 #include <linux/in6.h>
37 #include <linux/netdevice.h>
38 #include <linux/init.h>
39 #include <linux/jhash.h>
40 #include <linux/ipsec.h>
41 #include <linux/times.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
63 #include <asm/uaccess.h>
65 #include <linux/proc_fs.h>
66 #include <linux/seq_file.h>
68 #include <linux/crypto.h>
69 #include <linux/scatterlist.h>
71 /* Socket used for sending RSTs and ACKs */
72 static struct socket *tcp6_socket;
74 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
75 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req);
76 static void tcp_v6_send_check(struct sock *sk, int len,
79 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
81 static struct inet_connection_sock_af_ops ipv6_mapped;
82 static struct inet_connection_sock_af_ops ipv6_specific;
83 #ifdef CONFIG_TCP_MD5SIG
84 static struct tcp_sock_af_ops tcp_sock_ipv6_specific;
85 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
88 static int tcp_v6_get_port(struct sock *sk, unsigned short snum)
90 return inet_csk_get_port(&tcp_hashinfo, sk, snum,
91 inet6_csk_bind_conflict);
94 static void tcp_v6_hash(struct sock *sk)
96 if (sk->sk_state != TCP_CLOSE) {
97 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
102 __inet6_hash(&tcp_hashinfo, sk);
107 static __inline__ __sum16 tcp_v6_check(struct tcphdr *th, int len,
108 struct in6_addr *saddr,
109 struct in6_addr *daddr,
112 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
115 static __u32 tcp_v6_init_sequence(struct sk_buff *skb)
117 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
118 ipv6_hdr(skb)->saddr.s6_addr32,
120 tcp_hdr(skb)->source);
123 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
126 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
127 struct inet_sock *inet = inet_sk(sk);
128 struct inet_connection_sock *icsk = inet_csk(sk);
129 struct ipv6_pinfo *np = inet6_sk(sk);
130 struct tcp_sock *tp = tcp_sk(sk);
131 struct in6_addr *saddr = NULL, *final_p = NULL, final;
133 struct dst_entry *dst;
137 if (addr_len < SIN6_LEN_RFC2133)
140 if (usin->sin6_family != AF_INET6)
141 return(-EAFNOSUPPORT);
143 memset(&fl, 0, sizeof(fl));
146 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
147 IP6_ECN_flow_init(fl.fl6_flowlabel);
148 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
149 struct ip6_flowlabel *flowlabel;
150 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
151 if (flowlabel == NULL)
153 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
154 fl6_sock_release(flowlabel);
159 * connect() to INADDR_ANY means loopback (BSD'ism).
162 if(ipv6_addr_any(&usin->sin6_addr))
163 usin->sin6_addr.s6_addr[15] = 0x1;
165 addr_type = ipv6_addr_type(&usin->sin6_addr);
167 if(addr_type & IPV6_ADDR_MULTICAST)
170 if (addr_type&IPV6_ADDR_LINKLOCAL) {
171 if (addr_len >= sizeof(struct sockaddr_in6) &&
172 usin->sin6_scope_id) {
173 /* If interface is set while binding, indices
176 if (sk->sk_bound_dev_if &&
177 sk->sk_bound_dev_if != usin->sin6_scope_id)
180 sk->sk_bound_dev_if = usin->sin6_scope_id;
183 /* Connect to link-local address requires an interface */
184 if (!sk->sk_bound_dev_if)
188 if (tp->rx_opt.ts_recent_stamp &&
189 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
190 tp->rx_opt.ts_recent = 0;
191 tp->rx_opt.ts_recent_stamp = 0;
195 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
196 np->flow_label = fl.fl6_flowlabel;
202 if (addr_type == IPV6_ADDR_MAPPED) {
203 u32 exthdrlen = icsk->icsk_ext_hdr_len;
204 struct sockaddr_in sin;
206 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
208 if (__ipv6_only_sock(sk))
211 sin.sin_family = AF_INET;
212 sin.sin_port = usin->sin6_port;
213 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
215 icsk->icsk_af_ops = &ipv6_mapped;
216 sk->sk_backlog_rcv = tcp_v4_do_rcv;
217 #ifdef CONFIG_TCP_MD5SIG
218 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
221 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
224 icsk->icsk_ext_hdr_len = exthdrlen;
225 icsk->icsk_af_ops = &ipv6_specific;
226 sk->sk_backlog_rcv = tcp_v6_do_rcv;
227 #ifdef CONFIG_TCP_MD5SIG
228 tp->af_specific = &tcp_sock_ipv6_specific;
232 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
234 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
241 if (!ipv6_addr_any(&np->rcv_saddr))
242 saddr = &np->rcv_saddr;
244 fl.proto = IPPROTO_TCP;
245 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
246 ipv6_addr_copy(&fl.fl6_src,
247 (saddr ? saddr : &np->saddr));
248 fl.oif = sk->sk_bound_dev_if;
249 fl.fl_ip_dport = usin->sin6_port;
250 fl.fl_ip_sport = inet->sport;
252 if (np->opt && np->opt->srcrt) {
253 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
254 ipv6_addr_copy(&final, &fl.fl6_dst);
255 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
259 security_sk_classify_flow(sk, &fl);
261 err = ip6_dst_lookup(sk, &dst, &fl);
265 ipv6_addr_copy(&fl.fl6_dst, final_p);
267 if ((err = __xfrm_lookup(&dst, &fl, sk, 1)) < 0) {
269 err = ip6_dst_blackhole(sk, &dst, &fl);
276 ipv6_addr_copy(&np->rcv_saddr, saddr);
279 /* set the source address */
280 ipv6_addr_copy(&np->saddr, saddr);
281 inet->rcv_saddr = LOOPBACK4_IPV6;
283 sk->sk_gso_type = SKB_GSO_TCPV6;
284 __ip6_dst_store(sk, dst, NULL, NULL);
286 icsk->icsk_ext_hdr_len = 0;
288 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
291 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
293 inet->dport = usin->sin6_port;
295 tcp_set_state(sk, TCP_SYN_SENT);
296 err = inet6_hash_connect(&tcp_death_row, sk);
301 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
306 err = tcp_connect(sk);
313 tcp_set_state(sk, TCP_CLOSE);
317 sk->sk_route_caps = 0;
321 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
322 int type, int code, int offset, __be32 info)
324 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
325 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
326 struct ipv6_pinfo *np;
332 sk = inet6_lookup(&tcp_hashinfo, &hdr->daddr, th->dest, &hdr->saddr,
333 th->source, skb->dev->ifindex);
336 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
340 if (sk->sk_state == TCP_TIME_WAIT) {
341 inet_twsk_put(inet_twsk(sk));
346 if (sock_owned_by_user(sk))
347 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
349 if (sk->sk_state == TCP_CLOSE)
353 seq = ntohl(th->seq);
354 if (sk->sk_state != TCP_LISTEN &&
355 !between(seq, tp->snd_una, tp->snd_nxt)) {
356 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
362 if (type == ICMPV6_PKT_TOOBIG) {
363 struct dst_entry *dst = NULL;
365 if (sock_owned_by_user(sk))
367 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
370 /* icmp should have updated the destination cache entry */
371 dst = __sk_dst_check(sk, np->dst_cookie);
374 struct inet_sock *inet = inet_sk(sk);
377 /* BUGGG_FUTURE: Again, it is not clear how
378 to handle rthdr case. Ignore this complexity
381 memset(&fl, 0, sizeof(fl));
382 fl.proto = IPPROTO_TCP;
383 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
384 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
385 fl.oif = sk->sk_bound_dev_if;
386 fl.fl_ip_dport = inet->dport;
387 fl.fl_ip_sport = inet->sport;
388 security_skb_classify_flow(skb, &fl);
390 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
391 sk->sk_err_soft = -err;
395 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
396 sk->sk_err_soft = -err;
403 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
404 tcp_sync_mss(sk, dst_mtu(dst));
405 tcp_simple_retransmit(sk);
406 } /* else let the usual retransmit timer handle it */
411 icmpv6_err_convert(type, code, &err);
413 /* Might be for an request_sock */
414 switch (sk->sk_state) {
415 struct request_sock *req, **prev;
417 if (sock_owned_by_user(sk))
420 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
421 &hdr->saddr, inet6_iif(skb));
425 /* ICMPs are not backlogged, hence we cannot get
426 * an established socket here.
428 BUG_TRAP(req->sk == NULL);
430 if (seq != tcp_rsk(req)->snt_isn) {
431 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
435 inet_csk_reqsk_queue_drop(sk, req, prev);
439 case TCP_SYN_RECV: /* Cannot happen.
440 It can, it SYNs are crossed. --ANK */
441 if (!sock_owned_by_user(sk)) {
443 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
447 sk->sk_err_soft = err;
451 if (!sock_owned_by_user(sk) && np->recverr) {
453 sk->sk_error_report(sk);
455 sk->sk_err_soft = err;
463 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req,
464 struct dst_entry *dst)
466 struct inet6_request_sock *treq = inet6_rsk(req);
467 struct ipv6_pinfo *np = inet6_sk(sk);
468 struct sk_buff * skb;
469 struct ipv6_txoptions *opt = NULL;
470 struct in6_addr * final_p = NULL, final;
474 memset(&fl, 0, sizeof(fl));
475 fl.proto = IPPROTO_TCP;
476 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
477 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
478 fl.fl6_flowlabel = 0;
480 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
481 fl.fl_ip_sport = inet_sk(sk)->sport;
482 security_req_classify_flow(req, &fl);
486 if (opt && opt->srcrt) {
487 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
488 ipv6_addr_copy(&final, &fl.fl6_dst);
489 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
493 err = ip6_dst_lookup(sk, &dst, &fl);
497 ipv6_addr_copy(&fl.fl6_dst, final_p);
498 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
502 skb = tcp_make_synack(sk, dst, req);
504 struct tcphdr *th = tcp_hdr(skb);
506 th->check = tcp_v6_check(th, skb->len,
507 &treq->loc_addr, &treq->rmt_addr,
508 csum_partial((char *)th, skb->len, skb->csum));
510 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
511 err = ip6_xmit(sk, skb, &fl, opt, 0);
512 err = net_xmit_eval(err);
516 if (opt && opt != np->opt)
517 sock_kfree_s(sk, opt, opt->tot_len);
522 static void tcp_v6_reqsk_destructor(struct request_sock *req)
524 if (inet6_rsk(req)->pktopts)
525 kfree_skb(inet6_rsk(req)->pktopts);
528 #ifdef CONFIG_TCP_MD5SIG
529 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
530 struct in6_addr *addr)
532 struct tcp_sock *tp = tcp_sk(sk);
537 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
540 for (i = 0; i < tp->md5sig_info->entries6; i++) {
541 if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, addr) == 0)
542 return &tp->md5sig_info->keys6[i].base;
547 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
548 struct sock *addr_sk)
550 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
553 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
554 struct request_sock *req)
556 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
559 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer,
560 char *newkey, u8 newkeylen)
562 /* Add key to the list */
563 struct tcp6_md5sig_key *key;
564 struct tcp_sock *tp = tcp_sk(sk);
565 struct tcp6_md5sig_key *keys;
567 key = (struct tcp6_md5sig_key*) tcp_v6_md5_do_lookup(sk, peer);
569 /* modify existing entry - just update that one */
570 kfree(key->base.key);
571 key->base.key = newkey;
572 key->base.keylen = newkeylen;
574 /* reallocate new list if current one is full. */
575 if (!tp->md5sig_info) {
576 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
577 if (!tp->md5sig_info) {
581 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
583 tcp_alloc_md5sig_pool();
584 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
585 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
586 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
589 tcp_free_md5sig_pool();
594 if (tp->md5sig_info->entries6)
595 memmove(keys, tp->md5sig_info->keys6,
596 (sizeof (tp->md5sig_info->keys6[0]) *
597 tp->md5sig_info->entries6));
599 kfree(tp->md5sig_info->keys6);
600 tp->md5sig_info->keys6 = keys;
601 tp->md5sig_info->alloced6++;
604 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
606 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
607 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
609 tp->md5sig_info->entries6++;
614 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
615 u8 *newkey, __u8 newkeylen)
617 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
621 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer)
623 struct tcp_sock *tp = tcp_sk(sk);
626 for (i = 0; i < tp->md5sig_info->entries6; i++) {
627 if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, peer) == 0) {
629 kfree(tp->md5sig_info->keys6[i].base.key);
630 tp->md5sig_info->entries6--;
632 if (tp->md5sig_info->entries6 == 0) {
633 kfree(tp->md5sig_info->keys6);
634 tp->md5sig_info->keys6 = NULL;
635 tp->md5sig_info->alloced6 = 0;
637 tcp_free_md5sig_pool();
641 /* shrink the database */
642 if (tp->md5sig_info->entries6 != i)
643 memmove(&tp->md5sig_info->keys6[i],
644 &tp->md5sig_info->keys6[i+1],
645 (tp->md5sig_info->entries6 - i)
646 * sizeof (tp->md5sig_info->keys6[0]));
653 static void tcp_v6_clear_md5_list (struct sock *sk)
655 struct tcp_sock *tp = tcp_sk(sk);
658 if (tp->md5sig_info->entries6) {
659 for (i = 0; i < tp->md5sig_info->entries6; i++)
660 kfree(tp->md5sig_info->keys6[i].base.key);
661 tp->md5sig_info->entries6 = 0;
662 tcp_free_md5sig_pool();
665 kfree(tp->md5sig_info->keys6);
666 tp->md5sig_info->keys6 = NULL;
667 tp->md5sig_info->alloced6 = 0;
669 if (tp->md5sig_info->entries4) {
670 for (i = 0; i < tp->md5sig_info->entries4; i++)
671 kfree(tp->md5sig_info->keys4[i].base.key);
672 tp->md5sig_info->entries4 = 0;
673 tcp_free_md5sig_pool();
676 kfree(tp->md5sig_info->keys4);
677 tp->md5sig_info->keys4 = NULL;
678 tp->md5sig_info->alloced4 = 0;
681 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
684 struct tcp_md5sig cmd;
685 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
688 if (optlen < sizeof(cmd))
691 if (copy_from_user(&cmd, optval, sizeof(cmd)))
694 if (sin6->sin6_family != AF_INET6)
697 if (!cmd.tcpm_keylen) {
698 if (!tcp_sk(sk)->md5sig_info)
700 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
701 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
702 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
705 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
708 if (!tcp_sk(sk)->md5sig_info) {
709 struct tcp_sock *tp = tcp_sk(sk);
710 struct tcp_md5sig_info *p;
712 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
717 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
720 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
723 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
724 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
725 newkey, cmd.tcpm_keylen);
727 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
730 static int tcp_v6_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
731 struct in6_addr *saddr,
732 struct in6_addr *daddr,
733 struct tcphdr *th, int protocol,
736 struct scatterlist sg[4];
740 struct tcp_md5sig_pool *hp;
741 struct tcp6_pseudohdr *bp;
742 struct hash_desc *desc;
744 unsigned int nbytes = 0;
746 hp = tcp_get_md5sig_pool();
748 printk(KERN_WARNING "%s(): hash pool not found...\n", __FUNCTION__);
749 goto clear_hash_noput;
751 bp = &hp->md5_blk.ip6;
752 desc = &hp->md5_desc;
754 /* 1. TCP pseudo-header (RFC2460) */
755 ipv6_addr_copy(&bp->saddr, saddr);
756 ipv6_addr_copy(&bp->daddr, daddr);
757 bp->len = htonl(tcplen);
758 bp->protocol = htonl(protocol);
760 sg_init_table(sg, 4);
762 sg_set_buf(&sg[block++], bp, sizeof(*bp));
763 nbytes += sizeof(*bp);
765 /* 2. TCP header, excluding options */
768 sg_set_buf(&sg[block++], th, sizeof(*th));
769 nbytes += sizeof(*th);
771 /* 3. TCP segment data (if any) */
772 data_len = tcplen - (th->doff << 2);
774 u8 *data = (u8 *)th + (th->doff << 2);
775 sg_set_buf(&sg[block++], data, data_len);
780 sg_set_buf(&sg[block++], key->key, key->keylen);
781 nbytes += key->keylen;
783 sg_mark_end(sg, block);
785 /* Now store the hash into the packet */
786 err = crypto_hash_init(desc);
788 printk(KERN_WARNING "%s(): hash_init failed\n", __FUNCTION__);
791 err = crypto_hash_update(desc, sg, nbytes);
793 printk(KERN_WARNING "%s(): hash_update failed\n", __FUNCTION__);
796 err = crypto_hash_final(desc, md5_hash);
798 printk(KERN_WARNING "%s(): hash_final failed\n", __FUNCTION__);
802 /* Reset header, and free up the crypto */
803 tcp_put_md5sig_pool();
808 tcp_put_md5sig_pool();
810 memset(md5_hash, 0, 16);
814 static int tcp_v6_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
816 struct dst_entry *dst,
817 struct request_sock *req,
818 struct tcphdr *th, int protocol,
821 struct in6_addr *saddr, *daddr;
824 saddr = &inet6_sk(sk)->saddr;
825 daddr = &inet6_sk(sk)->daddr;
827 saddr = &inet6_rsk(req)->loc_addr;
828 daddr = &inet6_rsk(req)->rmt_addr;
830 return tcp_v6_do_calc_md5_hash(md5_hash, key,
832 th, protocol, tcplen);
835 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
837 __u8 *hash_location = NULL;
838 struct tcp_md5sig_key *hash_expected;
839 struct ipv6hdr *ip6h = ipv6_hdr(skb);
840 struct tcphdr *th = tcp_hdr(skb);
841 int length = (th->doff << 2) - sizeof (*th);
846 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
848 /* If the TCP option is too short, we can short cut */
849 if (length < TCPOLEN_MD5SIG)
850 return hash_expected ? 1 : 0;
866 if (opsize < 2 || opsize > length)
868 if (opcode == TCPOPT_MD5SIG) {
878 /* do we have a hash as expected? */
879 if (!hash_expected) {
882 if (net_ratelimit()) {
883 printk(KERN_INFO "MD5 Hash NOT expected but found "
884 "(" NIP6_FMT ", %u)->"
885 "(" NIP6_FMT ", %u)\n",
886 NIP6(ip6h->saddr), ntohs(th->source),
887 NIP6(ip6h->daddr), ntohs(th->dest));
892 if (!hash_location) {
893 if (net_ratelimit()) {
894 printk(KERN_INFO "MD5 Hash expected but NOT found "
895 "(" NIP6_FMT ", %u)->"
896 "(" NIP6_FMT ", %u)\n",
897 NIP6(ip6h->saddr), ntohs(th->source),
898 NIP6(ip6h->daddr), ntohs(th->dest));
903 /* check the signature */
904 genhash = tcp_v6_do_calc_md5_hash(newhash,
906 &ip6h->saddr, &ip6h->daddr,
909 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
910 if (net_ratelimit()) {
911 printk(KERN_INFO "MD5 Hash %s for "
912 "(" NIP6_FMT ", %u)->"
913 "(" NIP6_FMT ", %u)\n",
914 genhash ? "failed" : "mismatch",
915 NIP6(ip6h->saddr), ntohs(th->source),
916 NIP6(ip6h->daddr), ntohs(th->dest));
924 static struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
926 .obj_size = sizeof(struct tcp6_request_sock),
927 .rtx_syn_ack = tcp_v6_send_synack,
928 .send_ack = tcp_v6_reqsk_send_ack,
929 .destructor = tcp_v6_reqsk_destructor,
930 .send_reset = tcp_v6_send_reset
933 #ifdef CONFIG_TCP_MD5SIG
934 static struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
935 .md5_lookup = tcp_v6_reqsk_md5_lookup,
939 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
940 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
941 .twsk_unique = tcp_twsk_unique,
942 .twsk_destructor= tcp_twsk_destructor,
945 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb)
947 struct ipv6_pinfo *np = inet6_sk(sk);
948 struct tcphdr *th = tcp_hdr(skb);
950 if (skb->ip_summed == CHECKSUM_PARTIAL) {
951 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
952 skb->csum_start = skb_transport_header(skb) - skb->head;
953 skb->csum_offset = offsetof(struct tcphdr, check);
955 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
956 csum_partial((char *)th, th->doff<<2,
961 static int tcp_v6_gso_send_check(struct sk_buff *skb)
963 struct ipv6hdr *ipv6h;
966 if (!pskb_may_pull(skb, sizeof(*th)))
969 ipv6h = ipv6_hdr(skb);
973 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
975 skb->csum_start = skb_transport_header(skb) - skb->head;
976 skb->csum_offset = offsetof(struct tcphdr, check);
977 skb->ip_summed = CHECKSUM_PARTIAL;
981 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
983 struct tcphdr *th = tcp_hdr(skb), *t1;
984 struct sk_buff *buff;
986 int tot_len = sizeof(*th);
987 #ifdef CONFIG_TCP_MD5SIG
988 struct tcp_md5sig_key *key;
994 if (!ipv6_unicast_destination(skb))
997 #ifdef CONFIG_TCP_MD5SIG
999 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr);
1004 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1008 * We need to grab some memory, and put together an RST,
1009 * and then put it into the queue to be sent.
1012 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1017 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1019 t1 = (struct tcphdr *) skb_push(buff, tot_len);
1021 /* Swap the send and the receive. */
1022 memset(t1, 0, sizeof(*t1));
1023 t1->dest = th->source;
1024 t1->source = th->dest;
1025 t1->doff = tot_len / 4;
1029 t1->seq = th->ack_seq;
1032 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin
1033 + skb->len - (th->doff<<2));
1036 #ifdef CONFIG_TCP_MD5SIG
1038 __be32 *opt = (__be32*)(t1 + 1);
1039 opt[0] = htonl((TCPOPT_NOP << 24) |
1040 (TCPOPT_NOP << 16) |
1041 (TCPOPT_MD5SIG << 8) |
1043 tcp_v6_do_calc_md5_hash((__u8 *)&opt[1], key,
1044 &ipv6_hdr(skb)->daddr,
1045 &ipv6_hdr(skb)->saddr,
1046 t1, IPPROTO_TCP, tot_len);
1050 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0);
1052 memset(&fl, 0, sizeof(fl));
1053 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1054 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1056 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1057 sizeof(*t1), IPPROTO_TCP,
1060 fl.proto = IPPROTO_TCP;
1061 fl.oif = inet6_iif(skb);
1062 fl.fl_ip_dport = t1->dest;
1063 fl.fl_ip_sport = t1->source;
1064 security_skb_classify_flow(skb, &fl);
1066 /* sk = NULL, but it is safe for now. RST socket required. */
1067 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
1069 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1070 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
1071 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1072 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
1080 static void tcp_v6_send_ack(struct tcp_timewait_sock *tw,
1081 struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts)
1083 struct tcphdr *th = tcp_hdr(skb), *t1;
1084 struct sk_buff *buff;
1086 int tot_len = sizeof(struct tcphdr);
1088 #ifdef CONFIG_TCP_MD5SIG
1089 struct tcp_md5sig_key *key;
1090 struct tcp_md5sig_key tw_key;
1093 #ifdef CONFIG_TCP_MD5SIG
1094 if (!tw && skb->sk) {
1095 key = tcp_v6_md5_do_lookup(skb->sk, &ipv6_hdr(skb)->daddr);
1096 } else if (tw && tw->tw_md5_keylen) {
1097 tw_key.key = tw->tw_md5_key;
1098 tw_key.keylen = tw->tw_md5_keylen;
1106 tot_len += TCPOLEN_TSTAMP_ALIGNED;
1107 #ifdef CONFIG_TCP_MD5SIG
1109 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1112 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1117 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1119 t1 = (struct tcphdr *) skb_push(buff,tot_len);
1121 /* Swap the send and the receive. */
1122 memset(t1, 0, sizeof(*t1));
1123 t1->dest = th->source;
1124 t1->source = th->dest;
1125 t1->doff = tot_len/4;
1126 t1->seq = htonl(seq);
1127 t1->ack_seq = htonl(ack);
1129 t1->window = htons(win);
1131 topt = (__be32 *)(t1 + 1);
1134 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1135 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
1136 *topt++ = htonl(tcp_time_stamp);
1140 #ifdef CONFIG_TCP_MD5SIG
1142 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1143 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
1144 tcp_v6_do_calc_md5_hash((__u8 *)topt, key,
1145 &ipv6_hdr(skb)->daddr,
1146 &ipv6_hdr(skb)->saddr,
1147 t1, IPPROTO_TCP, tot_len);
1151 buff->csum = csum_partial((char *)t1, tot_len, 0);
1153 memset(&fl, 0, sizeof(fl));
1154 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1155 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1157 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1158 tot_len, IPPROTO_TCP,
1161 fl.proto = IPPROTO_TCP;
1162 fl.oif = inet6_iif(skb);
1163 fl.fl_ip_dport = t1->dest;
1164 fl.fl_ip_sport = t1->source;
1165 security_skb_classify_flow(skb, &fl);
1167 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
1168 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1169 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
1170 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1178 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1180 struct inet_timewait_sock *tw = inet_twsk(sk);
1181 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1183 tcp_v6_send_ack(tcptw, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1184 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1185 tcptw->tw_ts_recent);
1190 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req)
1192 tcp_v6_send_ack(NULL, skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent);
1196 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1198 struct request_sock *req, **prev;
1199 const struct tcphdr *th = tcp_hdr(skb);
1202 /* Find possible connection requests. */
1203 req = inet6_csk_search_req(sk, &prev, th->source,
1204 &ipv6_hdr(skb)->saddr,
1205 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1207 return tcp_check_req(sk, skb, req, prev);
1209 nsk = __inet6_lookup_established(&tcp_hashinfo, &ipv6_hdr(skb)->saddr,
1210 th->source, &ipv6_hdr(skb)->daddr,
1211 ntohs(th->dest), inet6_iif(skb));
1214 if (nsk->sk_state != TCP_TIME_WAIT) {
1218 inet_twsk_put(inet_twsk(nsk));
1222 #if 0 /*def CONFIG_SYN_COOKIES*/
1223 if (!th->rst && !th->syn && th->ack)
1224 sk = cookie_v6_check(sk, skb, &(IPCB(skb)->opt));
1229 /* FIXME: this is substantially similar to the ipv4 code.
1230 * Can some kind of merge be done? -- erics
1232 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1234 struct inet6_request_sock *treq;
1235 struct ipv6_pinfo *np = inet6_sk(sk);
1236 struct tcp_options_received tmp_opt;
1237 struct tcp_sock *tp = tcp_sk(sk);
1238 struct request_sock *req = NULL;
1239 __u32 isn = TCP_SKB_CB(skb)->when;
1241 if (skb->protocol == htons(ETH_P_IP))
1242 return tcp_v4_conn_request(sk, skb);
1244 if (!ipv6_unicast_destination(skb))
1248 * There are no SYN attacks on IPv6, yet...
1250 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1251 if (net_ratelimit())
1252 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n");
1256 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1259 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1263 #ifdef CONFIG_TCP_MD5SIG
1264 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1267 tcp_clear_options(&tmp_opt);
1268 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1269 tmp_opt.user_mss = tp->rx_opt.user_mss;
1271 tcp_parse_options(skb, &tmp_opt, 0);
1273 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1274 tcp_openreq_init(req, &tmp_opt, skb);
1276 treq = inet6_rsk(req);
1277 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1278 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1279 TCP_ECN_create_request(req, tcp_hdr(skb));
1280 treq->pktopts = NULL;
1281 if (ipv6_opt_accepted(sk, skb) ||
1282 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1283 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1284 atomic_inc(&skb->users);
1285 treq->pktopts = skb;
1287 treq->iif = sk->sk_bound_dev_if;
1289 /* So that link locals have meaning */
1290 if (!sk->sk_bound_dev_if &&
1291 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1292 treq->iif = inet6_iif(skb);
1295 isn = tcp_v6_init_sequence(skb);
1297 tcp_rsk(req)->snt_isn = isn;
1299 security_inet_conn_request(sk, skb, req);
1301 if (tcp_v6_send_synack(sk, req, NULL))
1304 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1311 return 0; /* don't send reset */
1314 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1315 struct request_sock *req,
1316 struct dst_entry *dst)
1318 struct inet6_request_sock *treq = inet6_rsk(req);
1319 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1320 struct tcp6_sock *newtcp6sk;
1321 struct inet_sock *newinet;
1322 struct tcp_sock *newtp;
1324 struct ipv6_txoptions *opt;
1325 #ifdef CONFIG_TCP_MD5SIG
1326 struct tcp_md5sig_key *key;
1329 if (skb->protocol == htons(ETH_P_IP)) {
1334 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1339 newtcp6sk = (struct tcp6_sock *)newsk;
1340 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1342 newinet = inet_sk(newsk);
1343 newnp = inet6_sk(newsk);
1344 newtp = tcp_sk(newsk);
1346 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1348 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
1351 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
1354 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1356 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1357 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1358 #ifdef CONFIG_TCP_MD5SIG
1359 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1362 newnp->pktoptions = NULL;
1364 newnp->mcast_oif = inet6_iif(skb);
1365 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1368 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1369 * here, tcp_create_openreq_child now does this for us, see the comment in
1370 * that function for the gory details. -acme
1373 /* It is tricky place. Until this moment IPv4 tcp
1374 worked with IPv6 icsk.icsk_af_ops.
1377 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1384 if (sk_acceptq_is_full(sk))
1388 struct in6_addr *final_p = NULL, final;
1391 memset(&fl, 0, sizeof(fl));
1392 fl.proto = IPPROTO_TCP;
1393 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1394 if (opt && opt->srcrt) {
1395 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
1396 ipv6_addr_copy(&final, &fl.fl6_dst);
1397 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1400 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1401 fl.oif = sk->sk_bound_dev_if;
1402 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1403 fl.fl_ip_sport = inet_sk(sk)->sport;
1404 security_req_classify_flow(req, &fl);
1406 if (ip6_dst_lookup(sk, &dst, &fl))
1410 ipv6_addr_copy(&fl.fl6_dst, final_p);
1412 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
1416 newsk = tcp_create_openreq_child(sk, req, skb);
1421 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1422 * count here, tcp_create_openreq_child now does this for us, see the
1423 * comment in that function for the gory details. -acme
1426 newsk->sk_gso_type = SKB_GSO_TCPV6;
1427 __ip6_dst_store(newsk, dst, NULL, NULL);
1429 newtcp6sk = (struct tcp6_sock *)newsk;
1430 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1432 newtp = tcp_sk(newsk);
1433 newinet = inet_sk(newsk);
1434 newnp = inet6_sk(newsk);
1436 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1438 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1439 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1440 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1441 newsk->sk_bound_dev_if = treq->iif;
1443 /* Now IPv6 options...
1445 First: no IPv4 options.
1447 newinet->opt = NULL;
1448 newnp->ipv6_fl_list = NULL;
1451 newnp->rxopt.all = np->rxopt.all;
1453 /* Clone pktoptions received with SYN */
1454 newnp->pktoptions = NULL;
1455 if (treq->pktopts != NULL) {
1456 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1457 kfree_skb(treq->pktopts);
1458 treq->pktopts = NULL;
1459 if (newnp->pktoptions)
1460 skb_set_owner_r(newnp->pktoptions, newsk);
1463 newnp->mcast_oif = inet6_iif(skb);
1464 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1466 /* Clone native IPv6 options from listening socket (if any)
1468 Yes, keeping reference count would be much more clever,
1469 but we make one more one thing there: reattach optmem
1473 newnp->opt = ipv6_dup_options(newsk, opt);
1475 sock_kfree_s(sk, opt, opt->tot_len);
1478 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1480 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1481 newnp->opt->opt_flen);
1483 tcp_mtup_init(newsk);
1484 tcp_sync_mss(newsk, dst_mtu(dst));
1485 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1486 tcp_initialize_rcv_mss(newsk);
1488 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
1490 #ifdef CONFIG_TCP_MD5SIG
1491 /* Copy over the MD5 key from the original socket */
1492 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1493 /* We're using one, so create a matching key
1494 * on the newsk structure. If we fail to get
1495 * memory, then we end up not copying the key
1498 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1500 tcp_v6_md5_do_add(newsk, &inet6_sk(sk)->daddr,
1501 newkey, key->keylen);
1505 __inet6_hash(&tcp_hashinfo, newsk);
1506 inet_inherit_port(&tcp_hashinfo, sk, newsk);
1511 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
1513 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
1514 if (opt && opt != np->opt)
1515 sock_kfree_s(sk, opt, opt->tot_len);
1520 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1522 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1523 if (!tcp_v6_check(tcp_hdr(skb), skb->len, &ipv6_hdr(skb)->saddr,
1524 &ipv6_hdr(skb)->daddr, skb->csum)) {
1525 skb->ip_summed = CHECKSUM_UNNECESSARY;
1530 skb->csum = ~csum_unfold(tcp_v6_check(tcp_hdr(skb), skb->len,
1531 &ipv6_hdr(skb)->saddr,
1532 &ipv6_hdr(skb)->daddr, 0));
1534 if (skb->len <= 76) {
1535 return __skb_checksum_complete(skb);
1540 /* The socket must have it's spinlock held when we get
1543 * We have a potential double-lock case here, so even when
1544 * doing backlog processing we use the BH locking scheme.
1545 * This is because we cannot sleep with the original spinlock
1548 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1550 struct ipv6_pinfo *np = inet6_sk(sk);
1551 struct tcp_sock *tp;
1552 struct sk_buff *opt_skb = NULL;
1554 /* Imagine: socket is IPv6. IPv4 packet arrives,
1555 goes to IPv4 receive handler and backlogged.
1556 From backlog it always goes here. Kerboom...
1557 Fortunately, tcp_rcv_established and rcv_established
1558 handle them correctly, but it is not case with
1559 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1562 if (skb->protocol == htons(ETH_P_IP))
1563 return tcp_v4_do_rcv(sk, skb);
1565 #ifdef CONFIG_TCP_MD5SIG
1566 if (tcp_v6_inbound_md5_hash (sk, skb))
1570 if (sk_filter(sk, skb))
1574 * socket locking is here for SMP purposes as backlog rcv
1575 * is currently called with bh processing disabled.
1578 /* Do Stevens' IPV6_PKTOPTIONS.
1580 Yes, guys, it is the only place in our code, where we
1581 may make it not affecting IPv4.
1582 The rest of code is protocol independent,
1583 and I do not like idea to uglify IPv4.
1585 Actually, all the idea behind IPV6_PKTOPTIONS
1586 looks not very well thought. For now we latch
1587 options, received in the last packet, enqueued
1588 by tcp. Feel free to propose better solution.
1592 opt_skb = skb_clone(skb, GFP_ATOMIC);
1594 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1595 TCP_CHECK_TIMER(sk);
1596 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1598 TCP_CHECK_TIMER(sk);
1600 goto ipv6_pktoptions;
1604 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1607 if (sk->sk_state == TCP_LISTEN) {
1608 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1613 * Queue it on the new socket if the new socket is active,
1614 * otherwise we just shortcircuit this and continue with
1618 if (tcp_child_process(sk, nsk, skb))
1621 __kfree_skb(opt_skb);
1626 TCP_CHECK_TIMER(sk);
1627 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1629 TCP_CHECK_TIMER(sk);
1631 goto ipv6_pktoptions;
1635 tcp_v6_send_reset(sk, skb);
1638 __kfree_skb(opt_skb);
1642 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1647 /* Do you ask, what is it?
1649 1. skb was enqueued by tcp.
1650 2. skb is added to tail of read queue, rather than out of order.
1651 3. socket is not in passive state.
1652 4. Finally, it really contains options, which user wants to receive.
1655 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1656 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1657 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1658 np->mcast_oif = inet6_iif(opt_skb);
1659 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1660 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1661 if (ipv6_opt_accepted(sk, opt_skb)) {
1662 skb_set_owner_r(opt_skb, sk);
1663 opt_skb = xchg(&np->pktoptions, opt_skb);
1665 __kfree_skb(opt_skb);
1666 opt_skb = xchg(&np->pktoptions, NULL);
1675 static int tcp_v6_rcv(struct sk_buff *skb)
1681 if (skb->pkt_type != PACKET_HOST)
1685 * Count it even if it's bad.
1687 TCP_INC_STATS_BH(TCP_MIB_INSEGS);
1689 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1694 if (th->doff < sizeof(struct tcphdr)/4)
1696 if (!pskb_may_pull(skb, th->doff*4))
1699 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1703 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1704 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1705 skb->len - th->doff*4);
1706 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1707 TCP_SKB_CB(skb)->when = 0;
1708 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(ipv6_hdr(skb));
1709 TCP_SKB_CB(skb)->sacked = 0;
1711 sk = __inet6_lookup(&tcp_hashinfo, &ipv6_hdr(skb)->saddr, th->source,
1712 &ipv6_hdr(skb)->daddr, ntohs(th->dest),
1719 if (sk->sk_state == TCP_TIME_WAIT)
1722 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1723 goto discard_and_relse;
1725 if (sk_filter(sk, skb))
1726 goto discard_and_relse;
1730 bh_lock_sock_nested(sk);
1732 if (!sock_owned_by_user(sk)) {
1733 #ifdef CONFIG_NET_DMA
1734 struct tcp_sock *tp = tcp_sk(sk);
1735 if (tp->ucopy.dma_chan)
1736 ret = tcp_v6_do_rcv(sk, skb);
1740 if (!tcp_prequeue(sk, skb))
1741 ret = tcp_v6_do_rcv(sk, skb);
1744 sk_add_backlog(sk, skb);
1748 return ret ? -1 : 0;
1751 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1754 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1756 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1758 tcp_v6_send_reset(NULL, skb);
1775 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1776 inet_twsk_put(inet_twsk(sk));
1780 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1781 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1782 inet_twsk_put(inet_twsk(sk));
1786 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1791 sk2 = inet6_lookup_listener(&tcp_hashinfo,
1792 &ipv6_hdr(skb)->daddr,
1793 ntohs(th->dest), inet6_iif(skb));
1795 struct inet_timewait_sock *tw = inet_twsk(sk);
1796 inet_twsk_deschedule(tw, &tcp_death_row);
1801 /* Fall through to ACK */
1804 tcp_v6_timewait_ack(sk, skb);
1808 case TCP_TW_SUCCESS:;
1813 static int tcp_v6_remember_stamp(struct sock *sk)
1815 /* Alas, not yet... */
1819 static struct inet_connection_sock_af_ops ipv6_specific = {
1820 .queue_xmit = inet6_csk_xmit,
1821 .send_check = tcp_v6_send_check,
1822 .rebuild_header = inet6_sk_rebuild_header,
1823 .conn_request = tcp_v6_conn_request,
1824 .syn_recv_sock = tcp_v6_syn_recv_sock,
1825 .remember_stamp = tcp_v6_remember_stamp,
1826 .net_header_len = sizeof(struct ipv6hdr),
1827 .setsockopt = ipv6_setsockopt,
1828 .getsockopt = ipv6_getsockopt,
1829 .addr2sockaddr = inet6_csk_addr2sockaddr,
1830 .sockaddr_len = sizeof(struct sockaddr_in6),
1831 #ifdef CONFIG_COMPAT
1832 .compat_setsockopt = compat_ipv6_setsockopt,
1833 .compat_getsockopt = compat_ipv6_getsockopt,
1837 #ifdef CONFIG_TCP_MD5SIG
1838 static struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1839 .md5_lookup = tcp_v6_md5_lookup,
1840 .calc_md5_hash = tcp_v6_calc_md5_hash,
1841 .md5_add = tcp_v6_md5_add_func,
1842 .md5_parse = tcp_v6_parse_md5_keys,
1847 * TCP over IPv4 via INET6 API
1850 static struct inet_connection_sock_af_ops ipv6_mapped = {
1851 .queue_xmit = ip_queue_xmit,
1852 .send_check = tcp_v4_send_check,
1853 .rebuild_header = inet_sk_rebuild_header,
1854 .conn_request = tcp_v6_conn_request,
1855 .syn_recv_sock = tcp_v6_syn_recv_sock,
1856 .remember_stamp = tcp_v4_remember_stamp,
1857 .net_header_len = sizeof(struct iphdr),
1858 .setsockopt = ipv6_setsockopt,
1859 .getsockopt = ipv6_getsockopt,
1860 .addr2sockaddr = inet6_csk_addr2sockaddr,
1861 .sockaddr_len = sizeof(struct sockaddr_in6),
1862 #ifdef CONFIG_COMPAT
1863 .compat_setsockopt = compat_ipv6_setsockopt,
1864 .compat_getsockopt = compat_ipv6_getsockopt,
1868 #ifdef CONFIG_TCP_MD5SIG
1869 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1870 .md5_lookup = tcp_v4_md5_lookup,
1871 .calc_md5_hash = tcp_v4_calc_md5_hash,
1872 .md5_add = tcp_v6_md5_add_func,
1873 .md5_parse = tcp_v6_parse_md5_keys,
1877 /* NOTE: A lot of things set to zero explicitly by call to
1878 * sk_alloc() so need not be done here.
1880 static int tcp_v6_init_sock(struct sock *sk)
1882 struct inet_connection_sock *icsk = inet_csk(sk);
1883 struct tcp_sock *tp = tcp_sk(sk);
1885 skb_queue_head_init(&tp->out_of_order_queue);
1886 tcp_init_xmit_timers(sk);
1887 tcp_prequeue_init(tp);
1889 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1890 tp->mdev = TCP_TIMEOUT_INIT;
1892 /* So many TCP implementations out there (incorrectly) count the
1893 * initial SYN frame in their delayed-ACK and congestion control
1894 * algorithms that we must have the following bandaid to talk
1895 * efficiently to them. -DaveM
1899 /* See draft-stevens-tcpca-spec-01 for discussion of the
1900 * initialization of these values.
1902 tp->snd_ssthresh = 0x7fffffff;
1903 tp->snd_cwnd_clamp = ~0;
1904 tp->mss_cache = 536;
1906 tp->reordering = sysctl_tcp_reordering;
1908 sk->sk_state = TCP_CLOSE;
1910 icsk->icsk_af_ops = &ipv6_specific;
1911 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1912 icsk->icsk_sync_mss = tcp_sync_mss;
1913 sk->sk_write_space = sk_stream_write_space;
1914 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1916 #ifdef CONFIG_TCP_MD5SIG
1917 tp->af_specific = &tcp_sock_ipv6_specific;
1920 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1921 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1923 atomic_inc(&tcp_sockets_allocated);
1928 static int tcp_v6_destroy_sock(struct sock *sk)
1930 #ifdef CONFIG_TCP_MD5SIG
1931 /* Clean up the MD5 key list */
1932 if (tcp_sk(sk)->md5sig_info)
1933 tcp_v6_clear_md5_list(sk);
1935 tcp_v4_destroy_sock(sk);
1936 return inet6_destroy_sock(sk);
1939 #ifdef CONFIG_PROC_FS
1940 /* Proc filesystem TCPv6 sock list dumping. */
1941 static void get_openreq6(struct seq_file *seq,
1942 struct sock *sk, struct request_sock *req, int i, int uid)
1944 int ttd = req->expires - jiffies;
1945 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1946 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1952 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1953 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1955 src->s6_addr32[0], src->s6_addr32[1],
1956 src->s6_addr32[2], src->s6_addr32[3],
1957 ntohs(inet_sk(sk)->sport),
1958 dest->s6_addr32[0], dest->s6_addr32[1],
1959 dest->s6_addr32[2], dest->s6_addr32[3],
1960 ntohs(inet_rsk(req)->rmt_port),
1962 0,0, /* could print option size, but that is af dependent. */
1963 1, /* timers active (only the expire timer) */
1964 jiffies_to_clock_t(ttd),
1967 0, /* non standard timer */
1968 0, /* open_requests have no inode */
1972 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1974 struct in6_addr *dest, *src;
1977 unsigned long timer_expires;
1978 struct inet_sock *inet = inet_sk(sp);
1979 struct tcp_sock *tp = tcp_sk(sp);
1980 const struct inet_connection_sock *icsk = inet_csk(sp);
1981 struct ipv6_pinfo *np = inet6_sk(sp);
1984 src = &np->rcv_saddr;
1985 destp = ntohs(inet->dport);
1986 srcp = ntohs(inet->sport);
1988 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1990 timer_expires = icsk->icsk_timeout;
1991 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1993 timer_expires = icsk->icsk_timeout;
1994 } else if (timer_pending(&sp->sk_timer)) {
1996 timer_expires = sp->sk_timer.expires;
1999 timer_expires = jiffies;
2003 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2004 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d\n",
2006 src->s6_addr32[0], src->s6_addr32[1],
2007 src->s6_addr32[2], src->s6_addr32[3], srcp,
2008 dest->s6_addr32[0], dest->s6_addr32[1],
2009 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2011 tp->write_seq-tp->snd_una,
2012 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
2014 jiffies_to_clock_t(timer_expires - jiffies),
2015 icsk->icsk_retransmits,
2017 icsk->icsk_probes_out,
2019 atomic_read(&sp->sk_refcnt), sp,
2022 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
2023 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
2027 static void get_timewait6_sock(struct seq_file *seq,
2028 struct inet_timewait_sock *tw, int i)
2030 struct in6_addr *dest, *src;
2032 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
2033 int ttd = tw->tw_ttd - jiffies;
2038 dest = &tw6->tw_v6_daddr;
2039 src = &tw6->tw_v6_rcv_saddr;
2040 destp = ntohs(tw->tw_dport);
2041 srcp = ntohs(tw->tw_sport);
2044 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2045 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
2047 src->s6_addr32[0], src->s6_addr32[1],
2048 src->s6_addr32[2], src->s6_addr32[3], srcp,
2049 dest->s6_addr32[0], dest->s6_addr32[1],
2050 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2051 tw->tw_substate, 0, 0,
2052 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2053 atomic_read(&tw->tw_refcnt), tw);
2056 static int tcp6_seq_show(struct seq_file *seq, void *v)
2058 struct tcp_iter_state *st;
2060 if (v == SEQ_START_TOKEN) {
2065 "st tx_queue rx_queue tr tm->when retrnsmt"
2066 " uid timeout inode\n");
2071 switch (st->state) {
2072 case TCP_SEQ_STATE_LISTENING:
2073 case TCP_SEQ_STATE_ESTABLISHED:
2074 get_tcp6_sock(seq, v, st->num);
2076 case TCP_SEQ_STATE_OPENREQ:
2077 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
2079 case TCP_SEQ_STATE_TIME_WAIT:
2080 get_timewait6_sock(seq, v, st->num);
2087 static struct file_operations tcp6_seq_fops;
2088 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2089 .owner = THIS_MODULE,
2092 .seq_show = tcp6_seq_show,
2093 .seq_fops = &tcp6_seq_fops,
2096 int __init tcp6_proc_init(void)
2098 return tcp_proc_register(&tcp6_seq_afinfo);
2101 void tcp6_proc_exit(void)
2103 tcp_proc_unregister(&tcp6_seq_afinfo);
2107 struct proto tcpv6_prot = {
2109 .owner = THIS_MODULE,
2111 .connect = tcp_v6_connect,
2112 .disconnect = tcp_disconnect,
2113 .accept = inet_csk_accept,
2115 .init = tcp_v6_init_sock,
2116 .destroy = tcp_v6_destroy_sock,
2117 .shutdown = tcp_shutdown,
2118 .setsockopt = tcp_setsockopt,
2119 .getsockopt = tcp_getsockopt,
2120 .recvmsg = tcp_recvmsg,
2121 .backlog_rcv = tcp_v6_do_rcv,
2122 .hash = tcp_v6_hash,
2123 .unhash = tcp_unhash,
2124 .get_port = tcp_v6_get_port,
2125 .enter_memory_pressure = tcp_enter_memory_pressure,
2126 .sockets_allocated = &tcp_sockets_allocated,
2127 .memory_allocated = &tcp_memory_allocated,
2128 .memory_pressure = &tcp_memory_pressure,
2129 .orphan_count = &tcp_orphan_count,
2130 .sysctl_mem = sysctl_tcp_mem,
2131 .sysctl_wmem = sysctl_tcp_wmem,
2132 .sysctl_rmem = sysctl_tcp_rmem,
2133 .max_header = MAX_TCP_HEADER,
2134 .obj_size = sizeof(struct tcp6_sock),
2135 .twsk_prot = &tcp6_timewait_sock_ops,
2136 .rsk_prot = &tcp6_request_sock_ops,
2137 #ifdef CONFIG_COMPAT
2138 .compat_setsockopt = compat_tcp_setsockopt,
2139 .compat_getsockopt = compat_tcp_getsockopt,
2143 static struct inet6_protocol tcpv6_protocol = {
2144 .handler = tcp_v6_rcv,
2145 .err_handler = tcp_v6_err,
2146 .gso_send_check = tcp_v6_gso_send_check,
2147 .gso_segment = tcp_tso_segment,
2148 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2151 static struct inet_protosw tcpv6_protosw = {
2152 .type = SOCK_STREAM,
2153 .protocol = IPPROTO_TCP,
2154 .prot = &tcpv6_prot,
2155 .ops = &inet6_stream_ops,
2158 .flags = INET_PROTOSW_PERMANENT |
2162 void __init tcpv6_init(void)
2164 /* register inet6 protocol */
2165 if (inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP) < 0)
2166 printk(KERN_ERR "tcpv6_init: Could not register protocol\n");
2167 inet6_register_protosw(&tcpv6_protosw);
2169 if (inet_csk_ctl_sock_create(&tcp6_socket, PF_INET6, SOCK_RAW,
2171 panic("Failed to create the TCPv6 control socket.\n");
projects / linux-2.6 / blob