/* Check TCP sequence numbers in ICMP packets. */
#define ICMP_MIN_LENGTH 8
-/* Socket used for sending RSTs */
-static struct socket *tcp_socket __read_mostly;
-
void tcp_v4_send_check(struct sock *sk, int len, struct sk_buff *skb);
#ifdef CONFIG_TCP_MD5SIG
sizeof(struct tcphdr), IPPROTO_TCP, 0);
arg.csumoffset = offsetof(struct tcphdr, check) / 2;
- ip_send_reply(tcp_socket->sk, skb, &arg, arg.iov[0].iov_len);
+ ip_send_reply(dev_net(skb->dst->dev)->ipv4.tcp_sock, skb,
+ &arg, arg.iov[0].iov_len);
TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
if (twsk)
arg.bound_dev_if = twsk->tw_sk.tw_bound_dev_if;
- ip_send_reply(tcp_socket->sk, skb, &arg, arg.iov[0].iov_len);
+ ip_send_reply(dev_net(skb->dev)->ipv4.tcp_sock, skb,
+ &arg, arg.iov[0].iov_len);
TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
}
tcp_parse_options(skb, &tmp_opt, 0);
- if (want_cookie) {
+ if (want_cookie && !tmp_opt.saw_tstamp)
tcp_clear_options(&tmp_opt);
- tmp_opt.saw_tstamp = 0;
- }
if (tmp_opt.saw_tstamp && !tmp_opt.rcv_tsval) {
/* Some OSes (unknown ones, but I see them on web server, which
if (want_cookie) {
#ifdef CONFIG_SYN_COOKIES
syn_flood_warning(skb);
+ req->cookie_ts = tmp_opt.tstamp_ok;
#endif
isn = cookie_v4_init_sequence(sk, skb, &req->mss);
} else if (!isn) {
* to the moment of synflood.
*/
LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open "
- "request from %u.%u.%u.%u/%u\n",
+ "request from " NIPQUAD_FMT "/%u\n",
NIPQUAD(saddr),
ntohs(tcp_hdr(skb)->source));
goto drop_and_release;
if (req)
return tcp_check_req(sk, skb, req, prev);
- nsk = inet_lookup_established(sk->sk_net, &tcp_hashinfo, iph->saddr,
+ nsk = inet_lookup_established(sock_net(sk), &tcp_hashinfo, iph->saddr,
th->source, iph->daddr, th->dest, inet_iif(skb));
if (nsk) {
struct hlist_node *node;
struct sock *sk = cur;
struct tcp_iter_state* st = seq->private;
- struct net *net = st->net;
+ struct net *net = seq_file_net(seq);
if (!sk) {
st->bucket = 0;
while (1) {
while (req) {
if (req->rsk_ops->family == st->family &&
- req->sk->sk_net == net) {
+ net_eq(sock_net(req->sk), net)) {
cur = req;
goto out;
}
}
get_sk:
sk_for_each_from(sk, node) {
- if (sk->sk_family == st->family && sk->sk_net == net) {
+ if (sk->sk_family == st->family && net_eq(sock_net(sk), net)) {
cur = sk;
goto out;
}
static void *established_get_first(struct seq_file *seq)
{
struct tcp_iter_state* st = seq->private;
- struct net *net = st->net;
+ struct net *net = seq_file_net(seq);
void *rc = NULL;
for (st->bucket = 0; st->bucket < tcp_hashinfo.ehash_size; ++st->bucket) {
read_lock_bh(lock);
sk_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
if (sk->sk_family != st->family ||
- sk->sk_net != net) {
+ !net_eq(sock_net(sk), net)) {
continue;
}
rc = sk;
inet_twsk_for_each(tw, node,
&tcp_hashinfo.ehash[st->bucket].twchain) {
if (tw->tw_family != st->family ||
- tw->tw_net != net) {
+ !net_eq(twsk_net(tw), net)) {
continue;
}
rc = tw;
struct inet_timewait_sock *tw;
struct hlist_node *node;
struct tcp_iter_state* st = seq->private;
- struct net *net = st->net;
+ struct net *net = seq_file_net(seq);
++st->num;
tw = cur;
tw = tw_next(tw);
get_tw:
- while (tw && (tw->tw_family != st->family || tw->tw_net != net)) {
+ while (tw && (tw->tw_family != st->family || !net_eq(twsk_net(tw), net))) {
tw = tw_next(tw);
}
if (tw) {
sk = sk_next(sk);
sk_for_each_from(sk, node) {
- if (sk->sk_family == st->family && sk->sk_net == net)
+ if (sk->sk_family == st->family && net_eq(sock_net(sk), net))
goto found;
}
static int tcp_seq_open(struct inode *inode, struct file *file)
{
struct tcp_seq_afinfo *afinfo = PDE(inode)->data;
- struct seq_file *seq;
struct tcp_iter_state *s;
- struct net *net;
- int rc;
-
- if (unlikely(afinfo == NULL))
- return -EINVAL;
-
- s = kzalloc(sizeof(*s), GFP_KERNEL);
- if (!s)
- return -ENOMEM;
+ int err;
- rc = -ENXIO;
- net = get_proc_net(inode);
- if (!net)
- goto out_kfree;
+ err = seq_open_net(inode, file, &afinfo->seq_ops,
+ sizeof(struct tcp_iter_state));
+ if (err < 0)
+ return err;
+ s = ((struct seq_file *)file->private_data)->private;
s->family = afinfo->family;
- s->seq_ops.start = tcp_seq_start;
- s->seq_ops.next = tcp_seq_next;
- s->seq_ops.show = afinfo->seq_show;
- s->seq_ops.stop = tcp_seq_stop;
- s->net = net;
-
- rc = seq_open(file, &s->seq_ops);
- if (rc)
- goto out_put_net;
- seq = file->private_data;
- seq->private = s;
-out:
- return rc;
-out_put_net:
- put_net(net);
-out_kfree:
- kfree(s);
- goto out;
-}
-
-static int tcp_seq_release(struct inode *inode, struct file *file)
-{
- struct seq_file *seq = file->private_data;
- struct tcp_iter_state *s = seq->private;
-
- put_net(s->net);
- seq_release_private(inode, file);
return 0;
}
int rc = 0;
struct proc_dir_entry *p;
- if (!afinfo)
- return -EINVAL;
- afinfo->seq_fops->owner = afinfo->owner;
- afinfo->seq_fops->open = tcp_seq_open;
- afinfo->seq_fops->read = seq_read;
- afinfo->seq_fops->llseek = seq_lseek;
- afinfo->seq_fops->release = tcp_seq_release;
-
- p = proc_net_fops_create(net, afinfo->name, S_IRUGO, afinfo->seq_fops);
- if (p)
- p->data = afinfo;
- else
+ afinfo->seq_fops.open = tcp_seq_open;
+ afinfo->seq_fops.read = seq_read;
+ afinfo->seq_fops.llseek = seq_lseek;
+ afinfo->seq_fops.release = seq_release_net;
+
+ afinfo->seq_ops.start = tcp_seq_start;
+ afinfo->seq_ops.next = tcp_seq_next;
+ afinfo->seq_ops.stop = tcp_seq_stop;
+
+ p = proc_create_data(afinfo->name, S_IRUGO, net->proc_net,
+ &afinfo->seq_fops, afinfo);
+ if (!p)
rc = -ENOMEM;
return rc;
}
void tcp_proc_unregister(struct net *net, struct tcp_seq_afinfo *afinfo)
{
- if (!afinfo)
- return;
proc_net_remove(net, afinfo->name);
- memset(afinfo->seq_fops, 0, sizeof(*afinfo->seq_fops));
}
static void get_openreq4(struct sock *sk, struct request_sock *req,
- char *tmpbuf, int i, int uid)
+ struct seq_file *f, int i, int uid, int *len)
{
const struct inet_request_sock *ireq = inet_rsk(req);
int ttd = req->expires - jiffies;
- sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
- " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %p",
+ seq_printf(f, "%4d: %08X:%04X %08X:%04X"
+ " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %p%n",
i,
ireq->loc_addr,
ntohs(inet_sk(sk)->sport),
0, /* non standard timer */
0, /* open_requests have no inode */
atomic_read(&sk->sk_refcnt),
- req);
+ req,
+ len);
}
-static void get_tcp4_sock(struct sock *sk, char *tmpbuf, int i)
+static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
{
int timer_active;
unsigned long timer_expires;
timer_expires = jiffies;
}
- sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
- "%08X %5d %8d %lu %d %p %u %u %u %u %d",
+ seq_printf(f, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
+ "%08X %5d %8d %lu %d %p %u %u %u %u %d%n",
i, src, srcp, dest, destp, sk->sk_state,
tp->write_seq - tp->snd_una,
sk->sk_state == TCP_LISTEN ? sk->sk_ack_backlog :
icsk->icsk_ack.ato,
(icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
tp->snd_cwnd,
- tp->snd_ssthresh >= 0xFFFF ? -1 : tp->snd_ssthresh);
+ tp->snd_ssthresh >= 0xFFFF ? -1 : tp->snd_ssthresh,
+ len);
}
static void get_timewait4_sock(struct inet_timewait_sock *tw,
- char *tmpbuf, int i)
+ struct seq_file *f, int i, int *len)
{
__be32 dest, src;
__u16 destp, srcp;
destp = ntohs(tw->tw_dport);
srcp = ntohs(tw->tw_sport);
- sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
- " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p",
+ seq_printf(f, "%4d: %08X:%04X %08X:%04X"
+ " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p%n",
i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
- atomic_read(&tw->tw_refcnt), tw);
+ atomic_read(&tw->tw_refcnt), tw, len);
}
#define TMPSZ 150
static int tcp4_seq_show(struct seq_file *seq, void *v)
{
struct tcp_iter_state* st;
- char tmpbuf[TMPSZ + 1];
+ int len;
if (v == SEQ_START_TOKEN) {
seq_printf(seq, "%-*s\n", TMPSZ - 1,
switch (st->state) {
case TCP_SEQ_STATE_LISTENING:
case TCP_SEQ_STATE_ESTABLISHED:
- get_tcp4_sock(v, tmpbuf, st->num);
+ get_tcp4_sock(v, seq, st->num, &len);
break;
case TCP_SEQ_STATE_OPENREQ:
- get_openreq4(st->syn_wait_sk, v, tmpbuf, st->num, st->uid);
+ get_openreq4(st->syn_wait_sk, v, seq, st->num, st->uid, &len);
break;
case TCP_SEQ_STATE_TIME_WAIT:
- get_timewait4_sock(v, tmpbuf, st->num);
+ get_timewait4_sock(v, seq, st->num, &len);
break;
}
- seq_printf(seq, "%-*s\n", TMPSZ - 1, tmpbuf);
+ seq_printf(seq, "%*s\n", TMPSZ - 1 - len, "");
out:
return 0;
}
-static struct file_operations tcp4_seq_fops;
static struct tcp_seq_afinfo tcp4_seq_afinfo = {
- .owner = THIS_MODULE,
.name = "tcp",
.family = AF_INET,
- .seq_show = tcp4_seq_show,
- .seq_fops = &tcp4_seq_fops,
+ .seq_fops = {
+ .owner = THIS_MODULE,
+ },
+ .seq_ops = {
+ .show = tcp4_seq_show,
+ },
};
static int tcp4_proc_init_net(struct net *net)
}
#endif /* CONFIG_PROC_FS */
-DEFINE_PROTO_INUSE(tcp)
-
struct proto tcp_prot = {
.name = "TCP",
.owner = THIS_MODULE,
.compat_setsockopt = compat_tcp_setsockopt,
.compat_getsockopt = compat_tcp_getsockopt,
#endif
- REF_PROTO_INUSE(tcp)
+};
+
+
+static int __net_init tcp_sk_init(struct net *net)
+{
+ return inet_ctl_sock_create(&net->ipv4.tcp_sock,
+ PF_INET, SOCK_RAW, IPPROTO_TCP, net);
+}
+
+static void __net_exit tcp_sk_exit(struct net *net)
+{
+ inet_ctl_sock_destroy(net->ipv4.tcp_sock);
+}
+
+static struct pernet_operations __net_initdata tcp_sk_ops = {
+ .init = tcp_sk_init,
+ .exit = tcp_sk_exit,
};
void __init tcp_v4_init(void)
{
- if (inet_csk_ctl_sock_create(&tcp_socket, PF_INET, SOCK_RAW,
- IPPROTO_TCP) < 0)
+ if (register_pernet_device(&tcp_sk_ops))
panic("Failed to create the TCP control socket.\n");
}