2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * The Internet Protocol (IP) output module.
9 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
10 * Donald Becker, <becker@super.org>
11 * Alan Cox, <Alan.Cox@linux.org>
13 * Stefan Becker, <stefanb@yello.ping.de>
14 * Jorge Cwik, <jorge@laser.satlink.net>
15 * Arnt Gulbrandsen, <agulbra@nvg.unit.no>
16 * Hirokazu Takahashi, <taka@valinux.co.jp>
18 * See ip_input.c for original log
21 * Alan Cox : Missing nonblock feature in ip_build_xmit.
22 * Mike Kilburn : htons() missing in ip_build_xmit.
23 * Bradford Johnson: Fix faulty handling of some frames when
25 * Alexander Demenshin: Missing sk/skb free in ip_queue_xmit
26 * (in case if packet not accepted by
27 * output firewall rules)
28 * Mike McLagan : Routing by source
29 * Alexey Kuznetsov: use new route cache
30 * Andi Kleen: Fix broken PMTU recovery and remove
31 * some redundant tests.
32 * Vitaly E. Lavrov : Transparent proxy revived after year coma.
33 * Andi Kleen : Replace ip_reply with ip_send_reply.
34 * Andi Kleen : Split fast and slow ip_build_xmit path
35 * for decreased register pressure on x86
36 * and more readibility.
37 * Marc Boucher : When call_out_firewall returns FW_QUEUE,
38 * silently drop skb instead of failing with -EPERM.
39 * Detlev Wengorz : Copy protocol for fragments.
40 * Hirokazu Takahashi: HW checksumming for outgoing UDP
42 * Hirokazu Takahashi: sendfile() on UDP works now.
45 #include <asm/uaccess.h>
46 #include <asm/system.h>
47 #include <linux/module.h>
48 #include <linux/types.h>
49 #include <linux/kernel.h>
51 #include <linux/string.h>
52 #include <linux/errno.h>
53 #include <linux/highmem.h>
54 #include <linux/slab.h>
56 #include <linux/socket.h>
57 #include <linux/sockios.h>
59 #include <linux/inet.h>
60 #include <linux/netdevice.h>
61 #include <linux/etherdevice.h>
62 #include <linux/proc_fs.h>
63 #include <linux/stat.h>
64 #include <linux/init.h>
68 #include <net/protocol.h>
69 #include <net/route.h>
71 #include <linux/skbuff.h>
75 #include <net/checksum.h>
76 #include <net/inetpeer.h>
77 #include <linux/igmp.h>
78 #include <linux/netfilter_ipv4.h>
79 #include <linux/netfilter_bridge.h>
80 #include <linux/mroute.h>
81 #include <linux/netlink.h>
82 #include <linux/tcp.h>
84 int sysctl_ip_default_ttl __read_mostly = IPDEFTTL;
85 EXPORT_SYMBOL(sysctl_ip_default_ttl);
87 /* Generate a checksum for an outgoing IP datagram. */
88 __inline__ void ip_send_check(struct iphdr *iph)
91 iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
93 EXPORT_SYMBOL(ip_send_check);
95 int __ip_local_out(struct sk_buff *skb)
97 struct iphdr *iph = ip_hdr(skb);
99 iph->tot_len = htons(skb->len);
101 return nf_hook(NFPROTO_IPV4, NF_INET_LOCAL_OUT, skb, NULL,
102 skb_dst(skb)->dev, dst_output);
105 int ip_local_out(struct sk_buff *skb)
109 err = __ip_local_out(skb);
110 if (likely(err == 1))
111 err = dst_output(skb);
115 EXPORT_SYMBOL_GPL(ip_local_out);
117 /* dev_loopback_xmit for use with netfilter. */
118 static int ip_dev_loopback_xmit(struct sk_buff *newskb)
120 skb_reset_mac_header(newskb);
121 __skb_pull(newskb, skb_network_offset(newskb));
122 newskb->pkt_type = PACKET_LOOPBACK;
123 newskb->ip_summed = CHECKSUM_UNNECESSARY;
124 WARN_ON(!skb_dst(newskb));
125 skb_dst_force(newskb);
130 static inline int ip_select_ttl(struct inet_sock *inet, struct dst_entry *dst)
132 int ttl = inet->uc_ttl;
135 ttl = ip4_dst_hoplimit(dst);
140 * Add an ip header to a skbuff and send it out.
143 int ip_build_and_send_pkt(struct sk_buff *skb, struct sock *sk,
144 __be32 saddr, __be32 daddr, struct ip_options_rcu *opt)
146 struct inet_sock *inet = inet_sk(sk);
147 struct rtable *rt = skb_rtable(skb);
150 /* Build the IP header. */
151 skb_push(skb, sizeof(struct iphdr) + (opt ? opt->opt.optlen : 0));
152 skb_reset_network_header(skb);
156 iph->tos = inet->tos;
157 if (ip_dont_fragment(sk, &rt->dst))
158 iph->frag_off = htons(IP_DF);
161 iph->ttl = ip_select_ttl(inet, &rt->dst);
162 iph->daddr = (opt && opt->opt.srr ? opt->opt.faddr : daddr);
164 iph->protocol = sk->sk_protocol;
165 ip_select_ident(iph, &rt->dst, sk);
167 if (opt && opt->opt.optlen) {
168 iph->ihl += opt->opt.optlen>>2;
169 ip_options_build(skb, &opt->opt, daddr, rt, 0);
172 skb->priority = sk->sk_priority;
173 skb->mark = sk->sk_mark;
176 return ip_local_out(skb);
178 EXPORT_SYMBOL_GPL(ip_build_and_send_pkt);
180 static inline int ip_finish_output2(struct sk_buff *skb)
182 struct dst_entry *dst = skb_dst(skb);
183 struct rtable *rt = (struct rtable *)dst;
184 struct net_device *dev = dst->dev;
185 unsigned int hh_len = LL_RESERVED_SPACE(dev);
186 struct neighbour *neigh;
188 if (rt->rt_type == RTN_MULTICAST) {
189 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUTMCAST, skb->len);
190 } else if (rt->rt_type == RTN_BROADCAST)
191 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUTBCAST, skb->len);
193 /* Be paranoid, rather than too clever. */
194 if (unlikely(skb_headroom(skb) < hh_len && dev->header_ops)) {
195 struct sk_buff *skb2;
197 skb2 = skb_realloc_headroom(skb, LL_RESERVED_SPACE(dev));
203 skb_set_owner_w(skb2, skb->sk);
209 neigh = dst_get_neighbour_noref(dst);
211 int res = neigh_output(neigh, skb);
219 printk(KERN_DEBUG "ip_finish_output2: No header cache and no neighbour!\n");
224 static inline int ip_skb_dst_mtu(struct sk_buff *skb)
226 struct inet_sock *inet = skb->sk ? inet_sk(skb->sk) : NULL;
228 return (inet && inet->pmtudisc == IP_PMTUDISC_PROBE) ?
229 skb_dst(skb)->dev->mtu : dst_mtu(skb_dst(skb));
232 static int ip_finish_output(struct sk_buff *skb)
234 #if defined(CONFIG_NETFILTER) && defined(CONFIG_XFRM)
235 /* Policy lookup after SNAT yielded a new policy */
236 if (skb_dst(skb)->xfrm != NULL) {
237 IPCB(skb)->flags |= IPSKB_REROUTED;
238 return dst_output(skb);
241 if (skb->len > ip_skb_dst_mtu(skb) && !skb_is_gso(skb))
242 return ip_fragment(skb, ip_finish_output2);
244 return ip_finish_output2(skb);
247 int ip_mc_output(struct sk_buff *skb)
249 struct sock *sk = skb->sk;
250 struct rtable *rt = skb_rtable(skb);
251 struct net_device *dev = rt->dst.dev;
254 * If the indicated interface is up and running, send the packet.
256 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUT, skb->len);
259 skb->protocol = htons(ETH_P_IP);
262 * Multicasts are looped back for other local users
265 if (rt->rt_flags&RTCF_MULTICAST) {
267 #ifdef CONFIG_IP_MROUTE
268 /* Small optimization: do not loopback not local frames,
269 which returned after forwarding; they will be dropped
270 by ip_mr_input in any case.
271 Note, that local frames are looped back to be delivered
274 This check is duplicated in ip_mr_input at the moment.
277 ((rt->rt_flags & RTCF_LOCAL) ||
278 !(IPCB(skb)->flags & IPSKB_FORWARDED))
281 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
283 NF_HOOK(NFPROTO_IPV4, NF_INET_POST_ROUTING,
284 newskb, NULL, newskb->dev,
285 ip_dev_loopback_xmit);
288 /* Multicasts with ttl 0 must not go beyond the host */
290 if (ip_hdr(skb)->ttl == 0) {
296 if (rt->rt_flags&RTCF_BROADCAST) {
297 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
299 NF_HOOK(NFPROTO_IPV4, NF_INET_POST_ROUTING, newskb,
300 NULL, newskb->dev, ip_dev_loopback_xmit);
303 return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, skb, NULL,
304 skb->dev, ip_finish_output,
305 !(IPCB(skb)->flags & IPSKB_REROUTED));
308 int ip_output(struct sk_buff *skb)
310 struct net_device *dev = skb_dst(skb)->dev;
312 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUT, skb->len);
315 skb->protocol = htons(ETH_P_IP);
317 return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, skb, NULL, dev,
319 !(IPCB(skb)->flags & IPSKB_REROUTED));
323 * copy saddr and daddr, possibly using 64bit load/stores
325 * iph->saddr = fl4->saddr;
326 * iph->daddr = fl4->daddr;
328 static void ip_copy_addrs(struct iphdr *iph, const struct flowi4 *fl4)
330 BUILD_BUG_ON(offsetof(typeof(*fl4), daddr) !=
331 offsetof(typeof(*fl4), saddr) + sizeof(fl4->saddr));
332 memcpy(&iph->saddr, &fl4->saddr,
333 sizeof(fl4->saddr) + sizeof(fl4->daddr));
336 int ip_queue_xmit(struct sk_buff *skb, struct flowi *fl)
338 struct sock *sk = skb->sk;
339 struct inet_sock *inet = inet_sk(sk);
340 struct ip_options_rcu *inet_opt;
346 /* Skip all of this if the packet is already routed,
347 * f.e. by something like SCTP.
350 inet_opt = rcu_dereference(inet->inet_opt);
352 rt = skb_rtable(skb);
356 /* Make sure we can route this packet. */
357 rt = (struct rtable *)__sk_dst_check(sk, 0);
361 /* Use correct destination address if we have options. */
362 daddr = inet->inet_daddr;
363 if (inet_opt && inet_opt->opt.srr)
364 daddr = inet_opt->opt.faddr;
366 /* If this fails, retransmit mechanism of transport layer will
367 * keep trying until route appears or the connection times
370 rt = ip_route_output_ports(sock_net(sk), fl4, sk,
371 daddr, inet->inet_saddr,
376 sk->sk_bound_dev_if);
379 sk_setup_caps(sk, &rt->dst);
381 skb_dst_set_noref(skb, &rt->dst);
384 if (inet_opt && inet_opt->opt.is_strictroute && fl4->daddr != rt->rt_gateway)
387 /* OK, we know where to send it, allocate and build IP header. */
388 skb_push(skb, sizeof(struct iphdr) + (inet_opt ? inet_opt->opt.optlen : 0));
389 skb_reset_network_header(skb);
391 *((__be16 *)iph) = htons((4 << 12) | (5 << 8) | (inet->tos & 0xff));
392 if (ip_dont_fragment(sk, &rt->dst) && !skb->local_df)
393 iph->frag_off = htons(IP_DF);
396 iph->ttl = ip_select_ttl(inet, &rt->dst);
397 iph->protocol = sk->sk_protocol;
398 ip_copy_addrs(iph, fl4);
400 /* Transport layer set skb->h.foo itself. */
402 if (inet_opt && inet_opt->opt.optlen) {
403 iph->ihl += inet_opt->opt.optlen >> 2;
404 ip_options_build(skb, &inet_opt->opt, inet->inet_daddr, rt, 0);
407 ip_select_ident_more(iph, &rt->dst, sk,
408 (skb_shinfo(skb)->gso_segs ?: 1) - 1);
410 skb->priority = sk->sk_priority;
411 skb->mark = sk->sk_mark;
413 res = ip_local_out(skb);
419 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTNOROUTES);
421 return -EHOSTUNREACH;
423 EXPORT_SYMBOL(ip_queue_xmit);
426 static void ip_copy_metadata(struct sk_buff *to, struct sk_buff *from)
428 to->pkt_type = from->pkt_type;
429 to->priority = from->priority;
430 to->protocol = from->protocol;
432 skb_dst_copy(to, from);
434 to->mark = from->mark;
436 /* Copy the flags to each fragment. */
437 IPCB(to)->flags = IPCB(from)->flags;
439 #ifdef CONFIG_NET_SCHED
440 to->tc_index = from->tc_index;
443 #if defined(CONFIG_NETFILTER_XT_TARGET_TRACE) || \
444 defined(CONFIG_NETFILTER_XT_TARGET_TRACE_MODULE)
445 to->nf_trace = from->nf_trace;
447 #if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE)
448 to->ipvs_property = from->ipvs_property;
450 skb_copy_secmark(to, from);
454 * This IP datagram is too large to be sent in one piece. Break it up into
455 * smaller pieces (each of size equal to IP header plus
456 * a block of the data of the original IP data part) that will yet fit in a
457 * single device frame, and queue such a frame for sending.
460 int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
464 struct net_device *dev;
465 struct sk_buff *skb2;
466 unsigned int mtu, hlen, left, len, ll_rs;
468 __be16 not_last_frag;
469 struct rtable *rt = skb_rtable(skb);
475 * Point into the IP datagram header.
480 if (unlikely((iph->frag_off & htons(IP_DF)) && !skb->local_df)) {
481 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGFAILS);
482 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
483 htonl(ip_skb_dst_mtu(skb)));
489 * Setup starting values.
493 mtu = dst_mtu(&rt->dst) - hlen; /* Size of data space */
494 #ifdef CONFIG_BRIDGE_NETFILTER
496 mtu -= nf_bridge_mtu_reduction(skb);
498 IPCB(skb)->flags |= IPSKB_FRAG_COMPLETE;
500 /* When frag_list is given, use it. First, check its validity:
501 * some transformers could create wrong frag_list or break existing
502 * one, it is not prohibited. In this case fall back to copying.
504 * LATER: this step can be merged to real generation of fragments,
505 * we can switch to copy when see the first bad fragment.
507 if (skb_has_frag_list(skb)) {
508 struct sk_buff *frag, *frag2;
509 int first_len = skb_pagelen(skb);
511 if (first_len - hlen > mtu ||
512 ((first_len - hlen) & 7) ||
513 ip_is_fragment(iph) ||
517 skb_walk_frags(skb, frag) {
518 /* Correct geometry. */
519 if (frag->len > mtu ||
520 ((frag->len & 7) && frag->next) ||
521 skb_headroom(frag) < hlen)
522 goto slow_path_clean;
524 /* Partially cloned skb? */
525 if (skb_shared(frag))
526 goto slow_path_clean;
531 frag->destructor = sock_wfree;
533 skb->truesize -= frag->truesize;
536 /* Everything is OK. Generate! */
540 frag = skb_shinfo(skb)->frag_list;
541 skb_frag_list_init(skb);
542 skb->data_len = first_len - skb_headlen(skb);
543 skb->len = first_len;
544 iph->tot_len = htons(first_len);
545 iph->frag_off = htons(IP_MF);
549 /* Prepare header of the next frame,
550 * before previous one went down. */
552 frag->ip_summed = CHECKSUM_NONE;
553 skb_reset_transport_header(frag);
554 __skb_push(frag, hlen);
555 skb_reset_network_header(frag);
556 memcpy(skb_network_header(frag), iph, hlen);
558 iph->tot_len = htons(frag->len);
559 ip_copy_metadata(frag, skb);
561 ip_options_fragment(frag);
562 offset += skb->len - hlen;
563 iph->frag_off = htons(offset>>3);
564 if (frag->next != NULL)
565 iph->frag_off |= htons(IP_MF);
566 /* Ready, complete checksum */
573 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGCREATES);
583 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGOKS);
592 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGFAILS);
596 skb_walk_frags(skb, frag2) {
600 frag2->destructor = NULL;
601 skb->truesize += frag2->truesize;
606 left = skb->len - hlen; /* Space per frame */
607 ptr = hlen; /* Where to start from */
609 /* for bridged IP traffic encapsulated inside f.e. a vlan header,
610 * we need to make room for the encapsulating header
612 ll_rs = LL_RESERVED_SPACE_EXTRA(rt->dst.dev, nf_bridge_pad(skb));
615 * Fragment the datagram.
618 offset = (ntohs(iph->frag_off) & IP_OFFSET) << 3;
619 not_last_frag = iph->frag_off & htons(IP_MF);
622 * Keep copying data until we run out.
627 /* IF: it doesn't fit, use 'mtu' - the data space left */
630 /* IF: we are not sending up to and including the packet end
631 then align the next start on an eight byte boundary */
639 if ((skb2 = alloc_skb(len+hlen+ll_rs, GFP_ATOMIC)) == NULL) {
640 NETDEBUG(KERN_INFO "IP: frag: no memory for new fragment!\n");
646 * Set up data on packet
649 ip_copy_metadata(skb2, skb);
650 skb_reserve(skb2, ll_rs);
651 skb_put(skb2, len + hlen);
652 skb_reset_network_header(skb2);
653 skb2->transport_header = skb2->network_header + hlen;
656 * Charge the memory for the fragment to any owner
661 skb_set_owner_w(skb2, skb->sk);
664 * Copy the packet header into the new buffer.
667 skb_copy_from_linear_data(skb, skb_network_header(skb2), hlen);
670 * Copy a block of the IP datagram.
672 if (skb_copy_bits(skb, ptr, skb_transport_header(skb2), len))
677 * Fill in the new header fields.
680 iph->frag_off = htons((offset >> 3));
682 /* ANK: dirty, but effective trick. Upgrade options only if
683 * the segment to be fragmented was THE FIRST (otherwise,
684 * options are already fixed) and make it ONCE
685 * on the initial skb, so that all the following fragments
686 * will inherit fixed options.
689 ip_options_fragment(skb);
692 * Added AC : If we are fragmenting a fragment that's not the
693 * last fragment then keep MF on each bit
695 if (left > 0 || not_last_frag)
696 iph->frag_off |= htons(IP_MF);
701 * Put this fragment into the sending queue.
703 iph->tot_len = htons(len + hlen);
711 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGCREATES);
714 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGOKS);
719 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGFAILS);
722 EXPORT_SYMBOL(ip_fragment);
725 ip_generic_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
727 struct iovec *iov = from;
729 if (skb->ip_summed == CHECKSUM_PARTIAL) {
730 if (memcpy_fromiovecend(to, iov, offset, len) < 0)
734 if (csum_partial_copy_fromiovecend(to, iov, offset, len, &csum) < 0)
736 skb->csum = csum_block_add(skb->csum, csum, odd);
740 EXPORT_SYMBOL(ip_generic_getfrag);
743 csum_page(struct page *page, int offset, int copy)
748 csum = csum_partial(kaddr + offset, copy, 0);
753 static inline int ip_ufo_append_data(struct sock *sk,
754 struct sk_buff_head *queue,
755 int getfrag(void *from, char *to, int offset, int len,
756 int odd, struct sk_buff *skb),
757 void *from, int length, int hh_len, int fragheaderlen,
758 int transhdrlen, int maxfraglen, unsigned int flags)
763 /* There is support for UDP fragmentation offload by network
764 * device, so create one single skb packet containing complete
767 if ((skb = skb_peek_tail(queue)) == NULL) {
768 skb = sock_alloc_send_skb(sk,
769 hh_len + fragheaderlen + transhdrlen + 20,
770 (flags & MSG_DONTWAIT), &err);
775 /* reserve space for Hardware header */
776 skb_reserve(skb, hh_len);
778 /* create space for UDP/IP header */
779 skb_put(skb, fragheaderlen + transhdrlen);
781 /* initialize network header pointer */
782 skb_reset_network_header(skb);
784 /* initialize protocol header pointer */
785 skb->transport_header = skb->network_header + fragheaderlen;
787 skb->ip_summed = CHECKSUM_PARTIAL;
790 /* specify the length of each IP datagram fragment */
791 skb_shinfo(skb)->gso_size = maxfraglen - fragheaderlen;
792 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
793 __skb_queue_tail(queue, skb);
796 return skb_append_datato_frags(sk, skb, getfrag, from,
797 (length - transhdrlen));
800 static int __ip_append_data(struct sock *sk,
802 struct sk_buff_head *queue,
803 struct inet_cork *cork,
804 int getfrag(void *from, char *to, int offset,
805 int len, int odd, struct sk_buff *skb),
806 void *from, int length, int transhdrlen,
809 struct inet_sock *inet = inet_sk(sk);
812 struct ip_options *opt = cork->opt;
819 unsigned int maxfraglen, fragheaderlen;
820 int csummode = CHECKSUM_NONE;
821 struct rtable *rt = (struct rtable *)cork->dst;
823 skb = skb_peek_tail(queue);
825 exthdrlen = !skb ? rt->dst.header_len : 0;
826 mtu = cork->fragsize;
828 hh_len = LL_RESERVED_SPACE(rt->dst.dev);
830 fragheaderlen = sizeof(struct iphdr) + (opt ? opt->optlen : 0);
831 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen;
833 if (cork->length + length > 0xFFFF - fragheaderlen) {
834 ip_local_error(sk, EMSGSIZE, fl4->daddr, inet->inet_dport,
840 * transhdrlen > 0 means that this is the first fragment and we wish
841 * it won't be fragmented in the future.
844 length + fragheaderlen <= mtu &&
845 rt->dst.dev->features & NETIF_F_V4_CSUM &&
847 csummode = CHECKSUM_PARTIAL;
849 cork->length += length;
850 if (((length > mtu) || (skb && skb_is_gso(skb))) &&
851 (sk->sk_protocol == IPPROTO_UDP) &&
852 (rt->dst.dev->features & NETIF_F_UFO) && !rt->dst.header_len) {
853 err = ip_ufo_append_data(sk, queue, getfrag, from, length,
854 hh_len, fragheaderlen, transhdrlen,
861 /* So, what's going on in the loop below?
863 * We use calculated fragment length to generate chained skb,
864 * each of segments is IP fragment ready for sending to network after
865 * adding appropriate IP header.
872 /* Check if the remaining data fits into current packet. */
873 copy = mtu - skb->len;
875 copy = maxfraglen - skb->len;
878 unsigned int datalen;
879 unsigned int fraglen;
880 unsigned int fraggap;
881 unsigned int alloclen;
882 struct sk_buff *skb_prev;
886 fraggap = skb_prev->len - maxfraglen;
891 * If remaining data exceeds the mtu,
892 * we know we need more fragment(s).
894 datalen = length + fraggap;
895 if (datalen > mtu - fragheaderlen)
896 datalen = maxfraglen - fragheaderlen;
897 fraglen = datalen + fragheaderlen;
899 if ((flags & MSG_MORE) &&
900 !(rt->dst.dev->features&NETIF_F_SG))
905 alloclen += exthdrlen;
907 /* The last fragment gets additional space at tail.
908 * Note, with MSG_MORE we overallocate on fragments,
909 * because we have no idea what fragment will be
912 if (datalen == length + fraggap)
913 alloclen += rt->dst.trailer_len;
916 skb = sock_alloc_send_skb(sk,
917 alloclen + hh_len + 15,
918 (flags & MSG_DONTWAIT), &err);
921 if (atomic_read(&sk->sk_wmem_alloc) <=
923 skb = sock_wmalloc(sk,
924 alloclen + hh_len + 15, 1,
926 if (unlikely(skb == NULL))
929 /* only the initial fragment is
937 * Fill in the control structures
939 skb->ip_summed = csummode;
941 skb_reserve(skb, hh_len);
942 skb_shinfo(skb)->tx_flags = cork->tx_flags;
945 * Find where to start putting bytes.
947 data = skb_put(skb, fraglen + exthdrlen);
948 skb_set_network_header(skb, exthdrlen);
949 skb->transport_header = (skb->network_header +
951 data += fragheaderlen + exthdrlen;
954 skb->csum = skb_copy_and_csum_bits(
955 skb_prev, maxfraglen,
956 data + transhdrlen, fraggap, 0);
957 skb_prev->csum = csum_sub(skb_prev->csum,
960 pskb_trim_unique(skb_prev, maxfraglen);
963 copy = datalen - transhdrlen - fraggap;
964 if (copy > 0 && getfrag(from, data + transhdrlen, offset, copy, fraggap, skb) < 0) {
971 length -= datalen - fraggap;
974 csummode = CHECKSUM_NONE;
977 * Put the packet on the pending queue.
979 __skb_queue_tail(queue, skb);
986 if (!(rt->dst.dev->features&NETIF_F_SG)) {
990 if (getfrag(from, skb_put(skb, copy),
991 offset, copy, off, skb) < 0) {
992 __skb_trim(skb, off);
997 int i = skb_shinfo(skb)->nr_frags;
998 skb_frag_t *frag = &skb_shinfo(skb)->frags[i-1];
999 struct page *page = cork->page;
1000 int off = cork->off;
1003 if (page && (left = PAGE_SIZE - off) > 0) {
1006 if (page != skb_frag_page(frag)) {
1007 if (i == MAX_SKB_FRAGS) {
1011 skb_fill_page_desc(skb, i, page, off, 0);
1012 skb_frag_ref(skb, i);
1013 frag = &skb_shinfo(skb)->frags[i];
1015 } else if (i < MAX_SKB_FRAGS) {
1016 if (copy > PAGE_SIZE)
1018 page = alloc_pages(sk->sk_allocation, 0);
1026 skb_fill_page_desc(skb, i, page, 0, 0);
1027 frag = &skb_shinfo(skb)->frags[i];
1032 if (getfrag(from, skb_frag_address(frag)+skb_frag_size(frag),
1033 offset, copy, skb->len, skb) < 0) {
1038 skb_frag_size_add(frag, copy);
1040 skb->data_len += copy;
1041 skb->truesize += copy;
1042 atomic_add(copy, &sk->sk_wmem_alloc);
1051 cork->length -= length;
1052 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTDISCARDS);
1056 static int ip_setup_cork(struct sock *sk, struct inet_cork *cork,
1057 struct ipcm_cookie *ipc, struct rtable **rtp)
1059 struct inet_sock *inet = inet_sk(sk);
1060 struct ip_options_rcu *opt;
1064 * setup for corking.
1068 if (cork->opt == NULL) {
1069 cork->opt = kmalloc(sizeof(struct ip_options) + 40,
1071 if (unlikely(cork->opt == NULL))
1074 memcpy(cork->opt, &opt->opt, sizeof(struct ip_options) + opt->opt.optlen);
1075 cork->flags |= IPCORK_OPT;
1076 cork->addr = ipc->addr;
1082 * We steal reference to this route, caller should not release it
1085 cork->fragsize = inet->pmtudisc == IP_PMTUDISC_PROBE ?
1086 rt->dst.dev->mtu : dst_mtu(&rt->dst);
1087 cork->dst = &rt->dst;
1089 cork->tx_flags = ipc->tx_flags;
1097 * ip_append_data() and ip_append_page() can make one large IP datagram
1098 * from many pieces of data. Each pieces will be holded on the socket
1099 * until ip_push_pending_frames() is called. Each piece can be a page
1102 * Not only UDP, other transport protocols - e.g. raw sockets - can use
1103 * this interface potentially.
1105 * LATER: length must be adjusted by pad at tail, when it is required.
1107 int ip_append_data(struct sock *sk, struct flowi4 *fl4,
1108 int getfrag(void *from, char *to, int offset, int len,
1109 int odd, struct sk_buff *skb),
1110 void *from, int length, int transhdrlen,
1111 struct ipcm_cookie *ipc, struct rtable **rtp,
1114 struct inet_sock *inet = inet_sk(sk);
1117 if (flags&MSG_PROBE)
1120 if (skb_queue_empty(&sk->sk_write_queue)) {
1121 err = ip_setup_cork(sk, &inet->cork.base, ipc, rtp);
1128 return __ip_append_data(sk, fl4, &sk->sk_write_queue, &inet->cork.base, getfrag,
1129 from, length, transhdrlen, flags);
1132 ssize_t ip_append_page(struct sock *sk, struct flowi4 *fl4, struct page *page,
1133 int offset, size_t size, int flags)
1135 struct inet_sock *inet = inet_sk(sk);
1136 struct sk_buff *skb;
1138 struct ip_options *opt = NULL;
1139 struct inet_cork *cork;
1144 unsigned int maxfraglen, fragheaderlen, fraggap;
1149 if (flags&MSG_PROBE)
1152 if (skb_queue_empty(&sk->sk_write_queue))
1155 cork = &inet->cork.base;
1156 rt = (struct rtable *)cork->dst;
1157 if (cork->flags & IPCORK_OPT)
1160 if (!(rt->dst.dev->features&NETIF_F_SG))
1163 hh_len = LL_RESERVED_SPACE(rt->dst.dev);
1164 mtu = cork->fragsize;
1166 fragheaderlen = sizeof(struct iphdr) + (opt ? opt->optlen : 0);
1167 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen;
1169 if (cork->length + size > 0xFFFF - fragheaderlen) {
1170 ip_local_error(sk, EMSGSIZE, fl4->daddr, inet->inet_dport, mtu);
1174 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL)
1177 cork->length += size;
1178 if ((size + skb->len > mtu) &&
1179 (sk->sk_protocol == IPPROTO_UDP) &&
1180 (rt->dst.dev->features & NETIF_F_UFO)) {
1181 skb_shinfo(skb)->gso_size = mtu - fragheaderlen;
1182 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
1189 if (skb_is_gso(skb))
1193 /* Check if the remaining data fits into current packet. */
1194 len = mtu - skb->len;
1196 len = maxfraglen - skb->len;
1199 struct sk_buff *skb_prev;
1203 fraggap = skb_prev->len - maxfraglen;
1205 alloclen = fragheaderlen + hh_len + fraggap + 15;
1206 skb = sock_wmalloc(sk, alloclen, 1, sk->sk_allocation);
1207 if (unlikely(!skb)) {
1213 * Fill in the control structures
1215 skb->ip_summed = CHECKSUM_NONE;
1217 skb_reserve(skb, hh_len);
1220 * Find where to start putting bytes.
1222 skb_put(skb, fragheaderlen + fraggap);
1223 skb_reset_network_header(skb);
1224 skb->transport_header = (skb->network_header +
1227 skb->csum = skb_copy_and_csum_bits(skb_prev,
1229 skb_transport_header(skb),
1231 skb_prev->csum = csum_sub(skb_prev->csum,
1233 pskb_trim_unique(skb_prev, maxfraglen);
1237 * Put the packet on the pending queue.
1239 __skb_queue_tail(&sk->sk_write_queue, skb);
1243 i = skb_shinfo(skb)->nr_frags;
1246 if (skb_can_coalesce(skb, i, page, offset)) {
1247 skb_frag_size_add(&skb_shinfo(skb)->frags[i-1], len);
1248 } else if (i < MAX_SKB_FRAGS) {
1250 skb_fill_page_desc(skb, i, page, offset, len);
1256 if (skb->ip_summed == CHECKSUM_NONE) {
1258 csum = csum_page(page, offset, len);
1259 skb->csum = csum_block_add(skb->csum, csum, skb->len);
1263 skb->data_len += len;
1264 skb->truesize += len;
1265 atomic_add(len, &sk->sk_wmem_alloc);
1272 cork->length -= size;
1273 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTDISCARDS);
1277 static void ip_cork_release(struct inet_cork *cork)
1279 cork->flags &= ~IPCORK_OPT;
1282 dst_release(cork->dst);
1287 * Combined all pending IP fragments on the socket as one IP datagram
1288 * and push them out.
1290 struct sk_buff *__ip_make_skb(struct sock *sk,
1292 struct sk_buff_head *queue,
1293 struct inet_cork *cork)
1295 struct sk_buff *skb, *tmp_skb;
1296 struct sk_buff **tail_skb;
1297 struct inet_sock *inet = inet_sk(sk);
1298 struct net *net = sock_net(sk);
1299 struct ip_options *opt = NULL;
1300 struct rtable *rt = (struct rtable *)cork->dst;
1305 if ((skb = __skb_dequeue(queue)) == NULL)
1307 tail_skb = &(skb_shinfo(skb)->frag_list);
1309 /* move skb->data to ip header from ext header */
1310 if (skb->data < skb_network_header(skb))
1311 __skb_pull(skb, skb_network_offset(skb));
1312 while ((tmp_skb = __skb_dequeue(queue)) != NULL) {
1313 __skb_pull(tmp_skb, skb_network_header_len(skb));
1314 *tail_skb = tmp_skb;
1315 tail_skb = &(tmp_skb->next);
1316 skb->len += tmp_skb->len;
1317 skb->data_len += tmp_skb->len;
1318 skb->truesize += tmp_skb->truesize;
1319 tmp_skb->destructor = NULL;
1323 /* Unless user demanded real pmtu discovery (IP_PMTUDISC_DO), we allow
1324 * to fragment the frame generated here. No matter, what transforms
1325 * how transforms change size of the packet, it will come out.
1327 if (inet->pmtudisc < IP_PMTUDISC_DO)
1330 /* DF bit is set when we want to see DF on outgoing frames.
1331 * If local_df is set too, we still allow to fragment this frame
1333 if (inet->pmtudisc >= IP_PMTUDISC_DO ||
1334 (skb->len <= dst_mtu(&rt->dst) &&
1335 ip_dont_fragment(sk, &rt->dst)))
1338 if (cork->flags & IPCORK_OPT)
1341 if (rt->rt_type == RTN_MULTICAST)
1344 ttl = ip_select_ttl(inet, &rt->dst);
1346 iph = (struct iphdr *)skb->data;
1349 iph->tos = inet->tos;
1351 ip_select_ident(iph, &rt->dst, sk);
1353 iph->protocol = sk->sk_protocol;
1354 ip_copy_addrs(iph, fl4);
1357 iph->ihl += opt->optlen>>2;
1358 ip_options_build(skb, opt, cork->addr, rt, 0);
1361 skb->priority = sk->sk_priority;
1362 skb->mark = sk->sk_mark;
1364 * Steal rt from cork.dst to avoid a pair of atomic_inc/atomic_dec
1368 skb_dst_set(skb, &rt->dst);
1370 if (iph->protocol == IPPROTO_ICMP)
1371 icmp_out_count(net, ((struct icmphdr *)
1372 skb_transport_header(skb))->type);
1374 ip_cork_release(cork);
1379 int ip_send_skb(struct sk_buff *skb)
1381 struct net *net = sock_net(skb->sk);
1384 err = ip_local_out(skb);
1387 err = net_xmit_errno(err);
1389 IP_INC_STATS(net, IPSTATS_MIB_OUTDISCARDS);
1395 int ip_push_pending_frames(struct sock *sk, struct flowi4 *fl4)
1397 struct sk_buff *skb;
1399 skb = ip_finish_skb(sk, fl4);
1403 /* Netfilter gets whole the not fragmented skb. */
1404 return ip_send_skb(skb);
1408 * Throw away all pending data on the socket.
1410 static void __ip_flush_pending_frames(struct sock *sk,
1411 struct sk_buff_head *queue,
1412 struct inet_cork *cork)
1414 struct sk_buff *skb;
1416 while ((skb = __skb_dequeue_tail(queue)) != NULL)
1419 ip_cork_release(cork);
1422 void ip_flush_pending_frames(struct sock *sk)
1424 __ip_flush_pending_frames(sk, &sk->sk_write_queue, &inet_sk(sk)->cork.base);
1427 struct sk_buff *ip_make_skb(struct sock *sk,
1429 int getfrag(void *from, char *to, int offset,
1430 int len, int odd, struct sk_buff *skb),
1431 void *from, int length, int transhdrlen,
1432 struct ipcm_cookie *ipc, struct rtable **rtp,
1435 struct inet_cork cork;
1436 struct sk_buff_head queue;
1439 if (flags & MSG_PROBE)
1442 __skb_queue_head_init(&queue);
1447 err = ip_setup_cork(sk, &cork, ipc, rtp);
1449 return ERR_PTR(err);
1451 err = __ip_append_data(sk, fl4, &queue, &cork, getfrag,
1452 from, length, transhdrlen, flags);
1454 __ip_flush_pending_frames(sk, &queue, &cork);
1455 return ERR_PTR(err);
1458 return __ip_make_skb(sk, fl4, &queue, &cork);
1462 * Fetch data from kernel space and fill in checksum if needed.
1464 static int ip_reply_glue_bits(void *dptr, char *to, int offset,
1465 int len, int odd, struct sk_buff *skb)
1469 csum = csum_partial_copy_nocheck(dptr+offset, to, len, 0);
1470 skb->csum = csum_block_add(skb->csum, csum, odd);
1475 * Generic function to send a packet as reply to another packet.
1476 * Used to send TCP resets so far. ICMP should use this function too.
1478 * Should run single threaded per socket because it uses the sock
1479 * structure to pass arguments.
1481 void ip_send_reply(struct sock *sk, struct sk_buff *skb, __be32 daddr,
1482 const struct ip_reply_arg *arg, unsigned int len)
1484 struct inet_sock *inet = inet_sk(sk);
1485 struct ip_options_data replyopts;
1486 struct ipcm_cookie ipc;
1488 struct rtable *rt = skb_rtable(skb);
1490 if (ip_options_echo(&replyopts.opt.opt, skb))
1497 if (replyopts.opt.opt.optlen) {
1498 ipc.opt = &replyopts.opt;
1500 if (replyopts.opt.opt.srr)
1501 daddr = replyopts.opt.opt.faddr;
1504 flowi4_init_output(&fl4, arg->bound_dev_if, 0,
1506 RT_SCOPE_UNIVERSE, sk->sk_protocol,
1507 ip_reply_arg_flowi_flags(arg),
1508 daddr, rt->rt_spec_dst,
1509 tcp_hdr(skb)->source, tcp_hdr(skb)->dest);
1510 security_skb_classify_flow(skb, flowi4_to_flowi(&fl4));
1511 rt = ip_route_output_key(sock_net(sk), &fl4);
1515 /* And let IP do all the hard work.
1517 This chunk is not reenterable, hence spinlock.
1518 Note that it uses the fact, that this function is called
1519 with locally disabled BH and that sk cannot be already spinlocked.
1522 inet->tos = arg->tos;
1523 sk->sk_priority = skb->priority;
1524 sk->sk_protocol = ip_hdr(skb)->protocol;
1525 sk->sk_bound_dev_if = arg->bound_dev_if;
1526 ip_append_data(sk, &fl4, ip_reply_glue_bits, arg->iov->iov_base, len, 0,
1527 &ipc, &rt, MSG_DONTWAIT);
1528 if ((skb = skb_peek(&sk->sk_write_queue)) != NULL) {
1529 if (arg->csumoffset >= 0)
1530 *((__sum16 *)skb_transport_header(skb) +
1531 arg->csumoffset) = csum_fold(csum_add(skb->csum,
1533 skb->ip_summed = CHECKSUM_NONE;
1534 ip_push_pending_frames(sk, &fl4);
1542 void __init ip_init(void)
1547 #if defined(CONFIG_IP_MULTICAST) && defined(CONFIG_PROC_FS)
1548 igmp_mc_proc_init();