3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/netdma.h>
63 #include <net/inet_common.h>
65 #include <asm/uaccess.h>
67 #include <linux/proc_fs.h>
68 #include <linux/seq_file.h>
70 #include <linux/crypto.h>
71 #include <linux/scatterlist.h>
73 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
74 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
75 struct request_sock *req);
77 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
78 static void __tcp_v6_send_check(struct sk_buff *skb,
79 struct in6_addr *saddr,
80 struct in6_addr *daddr);
82 static const struct inet_connection_sock_af_ops ipv6_mapped;
83 static const struct inet_connection_sock_af_ops ipv6_specific;
84 #ifdef CONFIG_TCP_MD5SIG
85 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
86 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
88 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
89 struct in6_addr *addr)
95 static void tcp_v6_hash(struct sock *sk)
97 if (sk->sk_state != TCP_CLOSE) {
98 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
103 __inet6_hash(sk, NULL);
108 static __inline__ __sum16 tcp_v6_check(int len,
109 struct in6_addr *saddr,
110 struct in6_addr *daddr,
113 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
116 static __u32 tcp_v6_init_sequence(struct sk_buff *skb)
118 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
119 ipv6_hdr(skb)->saddr.s6_addr32,
121 tcp_hdr(skb)->source);
124 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
127 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
128 struct inet_sock *inet = inet_sk(sk);
129 struct inet_connection_sock *icsk = inet_csk(sk);
130 struct ipv6_pinfo *np = inet6_sk(sk);
131 struct tcp_sock *tp = tcp_sk(sk);
132 struct in6_addr *saddr = NULL, *final_p, final;
134 struct dst_entry *dst;
138 if (addr_len < SIN6_LEN_RFC2133)
141 if (usin->sin6_family != AF_INET6)
142 return(-EAFNOSUPPORT);
144 memset(&fl, 0, sizeof(fl));
147 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
148 IP6_ECN_flow_init(fl.fl6_flowlabel);
149 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
150 struct ip6_flowlabel *flowlabel;
151 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
152 if (flowlabel == NULL)
154 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
155 fl6_sock_release(flowlabel);
160 * connect() to INADDR_ANY means loopback (BSD'ism).
163 if(ipv6_addr_any(&usin->sin6_addr))
164 usin->sin6_addr.s6_addr[15] = 0x1;
166 addr_type = ipv6_addr_type(&usin->sin6_addr);
168 if(addr_type & IPV6_ADDR_MULTICAST)
171 if (addr_type&IPV6_ADDR_LINKLOCAL) {
172 if (addr_len >= sizeof(struct sockaddr_in6) &&
173 usin->sin6_scope_id) {
174 /* If interface is set while binding, indices
177 if (sk->sk_bound_dev_if &&
178 sk->sk_bound_dev_if != usin->sin6_scope_id)
181 sk->sk_bound_dev_if = usin->sin6_scope_id;
184 /* Connect to link-local address requires an interface */
185 if (!sk->sk_bound_dev_if)
189 if (tp->rx_opt.ts_recent_stamp &&
190 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
191 tp->rx_opt.ts_recent = 0;
192 tp->rx_opt.ts_recent_stamp = 0;
196 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
197 np->flow_label = fl.fl6_flowlabel;
203 if (addr_type == IPV6_ADDR_MAPPED) {
204 u32 exthdrlen = icsk->icsk_ext_hdr_len;
205 struct sockaddr_in sin;
207 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
209 if (__ipv6_only_sock(sk))
212 sin.sin_family = AF_INET;
213 sin.sin_port = usin->sin6_port;
214 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
216 icsk->icsk_af_ops = &ipv6_mapped;
217 sk->sk_backlog_rcv = tcp_v4_do_rcv;
218 #ifdef CONFIG_TCP_MD5SIG
219 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
222 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
225 icsk->icsk_ext_hdr_len = exthdrlen;
226 icsk->icsk_af_ops = &ipv6_specific;
227 sk->sk_backlog_rcv = tcp_v6_do_rcv;
228 #ifdef CONFIG_TCP_MD5SIG
229 tp->af_specific = &tcp_sock_ipv6_specific;
233 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
234 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
241 if (!ipv6_addr_any(&np->rcv_saddr))
242 saddr = &np->rcv_saddr;
244 fl.proto = IPPROTO_TCP;
245 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
246 ipv6_addr_copy(&fl.fl6_src,
247 (saddr ? saddr : &np->saddr));
248 fl.oif = sk->sk_bound_dev_if;
249 fl.mark = sk->sk_mark;
250 fl.fl_ip_dport = usin->sin6_port;
251 fl.fl_ip_sport = inet->inet_sport;
253 final_p = fl6_update_dst(&fl, np->opt, &final);
255 security_sk_classify_flow(sk, &fl);
257 err = ip6_dst_lookup(sk, &dst, &fl);
261 ipv6_addr_copy(&fl.fl6_dst, final_p);
263 err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT);
266 err = ip6_dst_blackhole(sk, &dst, &fl);
273 ipv6_addr_copy(&np->rcv_saddr, saddr);
276 /* set the source address */
277 ipv6_addr_copy(&np->saddr, saddr);
278 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
280 sk->sk_gso_type = SKB_GSO_TCPV6;
281 __ip6_dst_store(sk, dst, NULL, NULL);
283 icsk->icsk_ext_hdr_len = 0;
285 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
288 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
290 inet->inet_dport = usin->sin6_port;
292 tcp_set_state(sk, TCP_SYN_SENT);
293 err = inet6_hash_connect(&tcp_death_row, sk);
298 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
303 err = tcp_connect(sk);
310 tcp_set_state(sk, TCP_CLOSE);
313 inet->inet_dport = 0;
314 sk->sk_route_caps = 0;
318 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
319 u8 type, u8 code, int offset, __be32 info)
321 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
322 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
323 struct ipv6_pinfo *np;
328 struct net *net = dev_net(skb->dev);
330 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
331 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
334 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
339 if (sk->sk_state == TCP_TIME_WAIT) {
340 inet_twsk_put(inet_twsk(sk));
345 if (sock_owned_by_user(sk))
346 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
348 if (sk->sk_state == TCP_CLOSE)
351 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
352 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
357 seq = ntohl(th->seq);
358 if (sk->sk_state != TCP_LISTEN &&
359 !between(seq, tp->snd_una, tp->snd_nxt)) {
360 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
366 if (type == ICMPV6_PKT_TOOBIG) {
367 struct dst_entry *dst = NULL;
369 if (sock_owned_by_user(sk))
371 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
374 /* icmp should have updated the destination cache entry */
375 dst = __sk_dst_check(sk, np->dst_cookie);
378 struct inet_sock *inet = inet_sk(sk);
381 /* BUGGG_FUTURE: Again, it is not clear how
382 to handle rthdr case. Ignore this complexity
385 memset(&fl, 0, sizeof(fl));
386 fl.proto = IPPROTO_TCP;
387 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
388 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
389 fl.oif = sk->sk_bound_dev_if;
390 fl.mark = sk->sk_mark;
391 fl.fl_ip_dport = inet->inet_dport;
392 fl.fl_ip_sport = inet->inet_sport;
393 security_skb_classify_flow(skb, &fl);
395 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
396 sk->sk_err_soft = -err;
400 if ((err = xfrm_lookup(net, &dst, &fl, sk, 0)) < 0) {
401 sk->sk_err_soft = -err;
408 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
409 tcp_sync_mss(sk, dst_mtu(dst));
410 tcp_simple_retransmit(sk);
411 } /* else let the usual retransmit timer handle it */
416 icmpv6_err_convert(type, code, &err);
418 /* Might be for an request_sock */
419 switch (sk->sk_state) {
420 struct request_sock *req, **prev;
422 if (sock_owned_by_user(sk))
425 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
426 &hdr->saddr, inet6_iif(skb));
430 /* ICMPs are not backlogged, hence we cannot get
431 * an established socket here.
433 WARN_ON(req->sk != NULL);
435 if (seq != tcp_rsk(req)->snt_isn) {
436 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
440 inet_csk_reqsk_queue_drop(sk, req, prev);
444 case TCP_SYN_RECV: /* Cannot happen.
445 It can, it SYNs are crossed. --ANK */
446 if (!sock_owned_by_user(sk)) {
448 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
452 sk->sk_err_soft = err;
456 if (!sock_owned_by_user(sk) && np->recverr) {
458 sk->sk_error_report(sk);
460 sk->sk_err_soft = err;
468 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req,
469 struct request_values *rvp)
471 struct inet6_request_sock *treq = inet6_rsk(req);
472 struct ipv6_pinfo *np = inet6_sk(sk);
473 struct sk_buff * skb;
474 struct ipv6_txoptions *opt = NULL;
475 struct in6_addr * final_p, final;
477 struct dst_entry *dst;
480 memset(&fl, 0, sizeof(fl));
481 fl.proto = IPPROTO_TCP;
482 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
483 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
484 fl.fl6_flowlabel = 0;
486 fl.mark = sk->sk_mark;
487 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
488 fl.fl_ip_sport = inet_rsk(req)->loc_port;
489 security_req_classify_flow(req, &fl);
492 final_p = fl6_update_dst(&fl, opt, &final);
494 err = ip6_dst_lookup(sk, &dst, &fl);
498 ipv6_addr_copy(&fl.fl6_dst, final_p);
499 if ((err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0)
502 skb = tcp_make_synack(sk, dst, req, rvp);
504 __tcp_v6_send_check(skb, &treq->loc_addr, &treq->rmt_addr);
506 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
507 err = ip6_xmit(sk, skb, &fl, opt);
508 err = net_xmit_eval(err);
512 if (opt && opt != np->opt)
513 sock_kfree_s(sk, opt, opt->tot_len);
518 static int tcp_v6_rtx_synack(struct sock *sk, struct request_sock *req,
519 struct request_values *rvp)
521 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
522 return tcp_v6_send_synack(sk, req, rvp);
525 static inline void syn_flood_warning(struct sk_buff *skb)
527 #ifdef CONFIG_SYN_COOKIES
528 if (sysctl_tcp_syncookies)
530 "TCPv6: Possible SYN flooding on port %d. "
531 "Sending cookies.\n", ntohs(tcp_hdr(skb)->dest));
535 "TCPv6: Possible SYN flooding on port %d. "
536 "Dropping request.\n", ntohs(tcp_hdr(skb)->dest));
539 static void tcp_v6_reqsk_destructor(struct request_sock *req)
541 kfree_skb(inet6_rsk(req)->pktopts);
544 #ifdef CONFIG_TCP_MD5SIG
545 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
546 struct in6_addr *addr)
548 struct tcp_sock *tp = tcp_sk(sk);
553 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
556 for (i = 0; i < tp->md5sig_info->entries6; i++) {
557 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, addr))
558 return &tp->md5sig_info->keys6[i].base;
563 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
564 struct sock *addr_sk)
566 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
569 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
570 struct request_sock *req)
572 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
575 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer,
576 char *newkey, u8 newkeylen)
578 /* Add key to the list */
579 struct tcp_md5sig_key *key;
580 struct tcp_sock *tp = tcp_sk(sk);
581 struct tcp6_md5sig_key *keys;
583 key = tcp_v6_md5_do_lookup(sk, peer);
585 /* modify existing entry - just update that one */
588 key->keylen = newkeylen;
590 /* reallocate new list if current one is full. */
591 if (!tp->md5sig_info) {
592 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
593 if (!tp->md5sig_info) {
597 sk_nocaps_add(sk, NETIF_F_GSO_MASK);
599 if (tcp_alloc_md5sig_pool(sk) == NULL) {
603 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
604 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
605 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
608 tcp_free_md5sig_pool();
613 if (tp->md5sig_info->entries6)
614 memmove(keys, tp->md5sig_info->keys6,
615 (sizeof (tp->md5sig_info->keys6[0]) *
616 tp->md5sig_info->entries6));
618 kfree(tp->md5sig_info->keys6);
619 tp->md5sig_info->keys6 = keys;
620 tp->md5sig_info->alloced6++;
623 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
625 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
626 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
628 tp->md5sig_info->entries6++;
633 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
634 u8 *newkey, __u8 newkeylen)
636 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
640 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer)
642 struct tcp_sock *tp = tcp_sk(sk);
645 for (i = 0; i < tp->md5sig_info->entries6; i++) {
646 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, peer)) {
648 kfree(tp->md5sig_info->keys6[i].base.key);
649 tp->md5sig_info->entries6--;
651 if (tp->md5sig_info->entries6 == 0) {
652 kfree(tp->md5sig_info->keys6);
653 tp->md5sig_info->keys6 = NULL;
654 tp->md5sig_info->alloced6 = 0;
656 /* shrink the database */
657 if (tp->md5sig_info->entries6 != i)
658 memmove(&tp->md5sig_info->keys6[i],
659 &tp->md5sig_info->keys6[i+1],
660 (tp->md5sig_info->entries6 - i)
661 * sizeof (tp->md5sig_info->keys6[0]));
663 tcp_free_md5sig_pool();
670 static void tcp_v6_clear_md5_list (struct sock *sk)
672 struct tcp_sock *tp = tcp_sk(sk);
675 if (tp->md5sig_info->entries6) {
676 for (i = 0; i < tp->md5sig_info->entries6; i++)
677 kfree(tp->md5sig_info->keys6[i].base.key);
678 tp->md5sig_info->entries6 = 0;
679 tcp_free_md5sig_pool();
682 kfree(tp->md5sig_info->keys6);
683 tp->md5sig_info->keys6 = NULL;
684 tp->md5sig_info->alloced6 = 0;
686 if (tp->md5sig_info->entries4) {
687 for (i = 0; i < tp->md5sig_info->entries4; i++)
688 kfree(tp->md5sig_info->keys4[i].base.key);
689 tp->md5sig_info->entries4 = 0;
690 tcp_free_md5sig_pool();
693 kfree(tp->md5sig_info->keys4);
694 tp->md5sig_info->keys4 = NULL;
695 tp->md5sig_info->alloced4 = 0;
698 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
701 struct tcp_md5sig cmd;
702 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
705 if (optlen < sizeof(cmd))
708 if (copy_from_user(&cmd, optval, sizeof(cmd)))
711 if (sin6->sin6_family != AF_INET6)
714 if (!cmd.tcpm_keylen) {
715 if (!tcp_sk(sk)->md5sig_info)
717 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
718 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
719 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
722 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
725 if (!tcp_sk(sk)->md5sig_info) {
726 struct tcp_sock *tp = tcp_sk(sk);
727 struct tcp_md5sig_info *p;
729 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
734 sk_nocaps_add(sk, NETIF_F_GSO_MASK);
737 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
740 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
741 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
742 newkey, cmd.tcpm_keylen);
744 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
747 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
748 struct in6_addr *daddr,
749 struct in6_addr *saddr, int nbytes)
751 struct tcp6_pseudohdr *bp;
752 struct scatterlist sg;
754 bp = &hp->md5_blk.ip6;
755 /* 1. TCP pseudo-header (RFC2460) */
756 ipv6_addr_copy(&bp->saddr, saddr);
757 ipv6_addr_copy(&bp->daddr, daddr);
758 bp->protocol = cpu_to_be32(IPPROTO_TCP);
759 bp->len = cpu_to_be32(nbytes);
761 sg_init_one(&sg, bp, sizeof(*bp));
762 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
765 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
766 struct in6_addr *daddr, struct in6_addr *saddr,
769 struct tcp_md5sig_pool *hp;
770 struct hash_desc *desc;
772 hp = tcp_get_md5sig_pool();
774 goto clear_hash_noput;
775 desc = &hp->md5_desc;
777 if (crypto_hash_init(desc))
779 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
781 if (tcp_md5_hash_header(hp, th))
783 if (tcp_md5_hash_key(hp, key))
785 if (crypto_hash_final(desc, md5_hash))
788 tcp_put_md5sig_pool();
792 tcp_put_md5sig_pool();
794 memset(md5_hash, 0, 16);
798 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
799 struct sock *sk, struct request_sock *req,
802 struct in6_addr *saddr, *daddr;
803 struct tcp_md5sig_pool *hp;
804 struct hash_desc *desc;
805 struct tcphdr *th = tcp_hdr(skb);
808 saddr = &inet6_sk(sk)->saddr;
809 daddr = &inet6_sk(sk)->daddr;
811 saddr = &inet6_rsk(req)->loc_addr;
812 daddr = &inet6_rsk(req)->rmt_addr;
814 struct ipv6hdr *ip6h = ipv6_hdr(skb);
815 saddr = &ip6h->saddr;
816 daddr = &ip6h->daddr;
819 hp = tcp_get_md5sig_pool();
821 goto clear_hash_noput;
822 desc = &hp->md5_desc;
824 if (crypto_hash_init(desc))
827 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
829 if (tcp_md5_hash_header(hp, th))
831 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
833 if (tcp_md5_hash_key(hp, key))
835 if (crypto_hash_final(desc, md5_hash))
838 tcp_put_md5sig_pool();
842 tcp_put_md5sig_pool();
844 memset(md5_hash, 0, 16);
848 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
850 __u8 *hash_location = NULL;
851 struct tcp_md5sig_key *hash_expected;
852 struct ipv6hdr *ip6h = ipv6_hdr(skb);
853 struct tcphdr *th = tcp_hdr(skb);
857 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
858 hash_location = tcp_parse_md5sig_option(th);
860 /* We've parsed the options - do we have a hash? */
861 if (!hash_expected && !hash_location)
864 if (hash_expected && !hash_location) {
865 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
869 if (!hash_expected && hash_location) {
870 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
874 /* check the signature */
875 genhash = tcp_v6_md5_hash_skb(newhash,
879 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
880 if (net_ratelimit()) {
881 printk(KERN_INFO "MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
882 genhash ? "failed" : "mismatch",
883 &ip6h->saddr, ntohs(th->source),
884 &ip6h->daddr, ntohs(th->dest));
892 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
894 .obj_size = sizeof(struct tcp6_request_sock),
895 .rtx_syn_ack = tcp_v6_rtx_synack,
896 .send_ack = tcp_v6_reqsk_send_ack,
897 .destructor = tcp_v6_reqsk_destructor,
898 .send_reset = tcp_v6_send_reset,
899 .syn_ack_timeout = tcp_syn_ack_timeout,
902 #ifdef CONFIG_TCP_MD5SIG
903 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
904 .md5_lookup = tcp_v6_reqsk_md5_lookup,
905 .calc_md5_hash = tcp_v6_md5_hash_skb,
909 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
910 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
911 .twsk_unique = tcp_twsk_unique,
912 .twsk_destructor= tcp_twsk_destructor,
915 static void __tcp_v6_send_check(struct sk_buff *skb,
916 struct in6_addr *saddr, struct in6_addr *daddr)
918 struct tcphdr *th = tcp_hdr(skb);
920 if (skb->ip_summed == CHECKSUM_PARTIAL) {
921 th->check = ~tcp_v6_check(skb->len, saddr, daddr, 0);
922 skb->csum_start = skb_transport_header(skb) - skb->head;
923 skb->csum_offset = offsetof(struct tcphdr, check);
925 th->check = tcp_v6_check(skb->len, saddr, daddr,
926 csum_partial(th, th->doff << 2,
931 static void tcp_v6_send_check(struct sock *sk, struct sk_buff *skb)
933 struct ipv6_pinfo *np = inet6_sk(sk);
935 __tcp_v6_send_check(skb, &np->saddr, &np->daddr);
938 static int tcp_v6_gso_send_check(struct sk_buff *skb)
940 struct ipv6hdr *ipv6h;
943 if (!pskb_may_pull(skb, sizeof(*th)))
946 ipv6h = ipv6_hdr(skb);
950 skb->ip_summed = CHECKSUM_PARTIAL;
951 __tcp_v6_send_check(skb, &ipv6h->saddr, &ipv6h->daddr);
955 static struct sk_buff **tcp6_gro_receive(struct sk_buff **head,
958 struct ipv6hdr *iph = skb_gro_network_header(skb);
960 switch (skb->ip_summed) {
961 case CHECKSUM_COMPLETE:
962 if (!tcp_v6_check(skb_gro_len(skb), &iph->saddr, &iph->daddr,
964 skb->ip_summed = CHECKSUM_UNNECESSARY;
970 NAPI_GRO_CB(skb)->flush = 1;
974 return tcp_gro_receive(head, skb);
977 static int tcp6_gro_complete(struct sk_buff *skb)
979 struct ipv6hdr *iph = ipv6_hdr(skb);
980 struct tcphdr *th = tcp_hdr(skb);
982 th->check = ~tcp_v6_check(skb->len - skb_transport_offset(skb),
983 &iph->saddr, &iph->daddr, 0);
984 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6;
986 return tcp_gro_complete(skb);
989 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
990 u32 ts, struct tcp_md5sig_key *key, int rst)
992 struct tcphdr *th = tcp_hdr(skb), *t1;
993 struct sk_buff *buff;
995 struct net *net = dev_net(skb_dst(skb)->dev);
996 struct sock *ctl_sk = net->ipv6.tcp_sk;
997 unsigned int tot_len = sizeof(struct tcphdr);
998 struct dst_entry *dst;
1002 tot_len += TCPOLEN_TSTAMP_ALIGNED;
1003 #ifdef CONFIG_TCP_MD5SIG
1005 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1008 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1013 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1015 t1 = (struct tcphdr *) skb_push(buff, tot_len);
1016 skb_reset_transport_header(buff);
1018 /* Swap the send and the receive. */
1019 memset(t1, 0, sizeof(*t1));
1020 t1->dest = th->source;
1021 t1->source = th->dest;
1022 t1->doff = tot_len / 4;
1023 t1->seq = htonl(seq);
1024 t1->ack_seq = htonl(ack);
1025 t1->ack = !rst || !th->ack;
1027 t1->window = htons(win);
1029 topt = (__be32 *)(t1 + 1);
1032 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1033 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
1034 *topt++ = htonl(tcp_time_stamp);
1035 *topt++ = htonl(ts);
1038 #ifdef CONFIG_TCP_MD5SIG
1040 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1041 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
1042 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
1043 &ipv6_hdr(skb)->saddr,
1044 &ipv6_hdr(skb)->daddr, t1);
1048 memset(&fl, 0, sizeof(fl));
1049 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1050 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1052 buff->ip_summed = CHECKSUM_PARTIAL;
1055 __tcp_v6_send_check(buff, &fl.fl6_src, &fl.fl6_dst);
1057 fl.proto = IPPROTO_TCP;
1058 fl.oif = inet6_iif(skb);
1059 fl.fl_ip_dport = t1->dest;
1060 fl.fl_ip_sport = t1->source;
1061 security_skb_classify_flow(skb, &fl);
1063 /* Pass a socket to ip6_dst_lookup either it is for RST
1064 * Underlying function will use this to retrieve the network
1067 if (!ip6_dst_lookup(ctl_sk, &dst, &fl)) {
1068 if (xfrm_lookup(net, &dst, &fl, NULL, 0) >= 0) {
1069 skb_dst_set(buff, dst);
1070 ip6_xmit(ctl_sk, buff, &fl, NULL);
1071 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
1073 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
1081 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
1083 struct tcphdr *th = tcp_hdr(skb);
1084 u32 seq = 0, ack_seq = 0;
1085 struct tcp_md5sig_key *key = NULL;
1090 if (!ipv6_unicast_destination(skb))
1093 #ifdef CONFIG_TCP_MD5SIG
1095 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr);
1099 seq = ntohl(th->ack_seq);
1101 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
1104 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1);
1107 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts,
1108 struct tcp_md5sig_key *key)
1110 tcp_v6_send_response(skb, seq, ack, win, ts, key, 0);
1113 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1115 struct inet_timewait_sock *tw = inet_twsk(sk);
1116 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1118 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1119 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1120 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw));
1125 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
1126 struct request_sock *req)
1128 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent,
1129 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr));
1133 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1135 struct request_sock *req, **prev;
1136 const struct tcphdr *th = tcp_hdr(skb);
1139 /* Find possible connection requests. */
1140 req = inet6_csk_search_req(sk, &prev, th->source,
1141 &ipv6_hdr(skb)->saddr,
1142 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1144 return tcp_check_req(sk, skb, req, prev);
1146 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
1147 &ipv6_hdr(skb)->saddr, th->source,
1148 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1151 if (nsk->sk_state != TCP_TIME_WAIT) {
1155 inet_twsk_put(inet_twsk(nsk));
1159 #ifdef CONFIG_SYN_COOKIES
1161 sk = cookie_v6_check(sk, skb);
1166 /* FIXME: this is substantially similar to the ipv4 code.
1167 * Can some kind of merge be done? -- erics
1169 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1171 struct tcp_extend_values tmp_ext;
1172 struct tcp_options_received tmp_opt;
1174 struct request_sock *req;
1175 struct inet6_request_sock *treq;
1176 struct ipv6_pinfo *np = inet6_sk(sk);
1177 struct tcp_sock *tp = tcp_sk(sk);
1178 __u32 isn = TCP_SKB_CB(skb)->when;
1179 #ifdef CONFIG_SYN_COOKIES
1180 int want_cookie = 0;
1182 #define want_cookie 0
1185 if (skb->protocol == htons(ETH_P_IP))
1186 return tcp_v4_conn_request(sk, skb);
1188 if (!ipv6_unicast_destination(skb))
1191 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1192 if (net_ratelimit())
1193 syn_flood_warning(skb);
1194 #ifdef CONFIG_SYN_COOKIES
1195 if (sysctl_tcp_syncookies)
1202 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1205 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1209 #ifdef CONFIG_TCP_MD5SIG
1210 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1213 tcp_clear_options(&tmp_opt);
1214 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1215 tmp_opt.user_mss = tp->rx_opt.user_mss;
1216 tcp_parse_options(skb, &tmp_opt, &hash_location, 0);
1218 if (tmp_opt.cookie_plus > 0 &&
1219 tmp_opt.saw_tstamp &&
1220 !tp->rx_opt.cookie_out_never &&
1221 (sysctl_tcp_cookie_size > 0 ||
1222 (tp->cookie_values != NULL &&
1223 tp->cookie_values->cookie_desired > 0))) {
1226 u32 *mess = &tmp_ext.cookie_bakery[COOKIE_DIGEST_WORDS];
1227 int l = tmp_opt.cookie_plus - TCPOLEN_COOKIE_BASE;
1229 if (tcp_cookie_generator(&tmp_ext.cookie_bakery[0]) != 0)
1232 /* Secret recipe starts with IP addresses */
1233 d = (__force u32 *)&ipv6_hdr(skb)->daddr.s6_addr32[0];
1238 d = (__force u32 *)&ipv6_hdr(skb)->saddr.s6_addr32[0];
1244 /* plus variable length Initiator Cookie */
1247 *c++ ^= *hash_location++;
1249 #ifdef CONFIG_SYN_COOKIES
1250 want_cookie = 0; /* not our kind of cookie */
1252 tmp_ext.cookie_out_never = 0; /* false */
1253 tmp_ext.cookie_plus = tmp_opt.cookie_plus;
1254 } else if (!tp->rx_opt.cookie_in_always) {
1255 /* redundant indications, but ensure initialization. */
1256 tmp_ext.cookie_out_never = 1; /* true */
1257 tmp_ext.cookie_plus = 0;
1261 tmp_ext.cookie_in_always = tp->rx_opt.cookie_in_always;
1263 if (want_cookie && !tmp_opt.saw_tstamp)
1264 tcp_clear_options(&tmp_opt);
1266 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1267 tcp_openreq_init(req, &tmp_opt, skb);
1269 treq = inet6_rsk(req);
1270 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1271 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1272 if (!want_cookie || tmp_opt.tstamp_ok)
1273 TCP_ECN_create_request(req, tcp_hdr(skb));
1276 if (ipv6_opt_accepted(sk, skb) ||
1277 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1278 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1279 atomic_inc(&skb->users);
1280 treq->pktopts = skb;
1282 treq->iif = sk->sk_bound_dev_if;
1284 /* So that link locals have meaning */
1285 if (!sk->sk_bound_dev_if &&
1286 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1287 treq->iif = inet6_iif(skb);
1289 isn = tcp_v6_init_sequence(skb);
1291 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1292 req->cookie_ts = tmp_opt.tstamp_ok;
1295 tcp_rsk(req)->snt_isn = isn;
1297 security_inet_conn_request(sk, skb, req);
1299 if (tcp_v6_send_synack(sk, req,
1300 (struct request_values *)&tmp_ext) ||
1304 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1310 return 0; /* don't send reset */
1313 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1314 struct request_sock *req,
1315 struct dst_entry *dst)
1317 struct inet6_request_sock *treq;
1318 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1319 struct tcp6_sock *newtcp6sk;
1320 struct inet_sock *newinet;
1321 struct tcp_sock *newtp;
1323 struct ipv6_txoptions *opt;
1324 #ifdef CONFIG_TCP_MD5SIG
1325 struct tcp_md5sig_key *key;
1328 if (skb->protocol == htons(ETH_P_IP)) {
1333 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1338 newtcp6sk = (struct tcp6_sock *)newsk;
1339 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1341 newinet = inet_sk(newsk);
1342 newnp = inet6_sk(newsk);
1343 newtp = tcp_sk(newsk);
1345 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1347 ipv6_addr_set_v4mapped(newinet->inet_daddr, &newnp->daddr);
1349 ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr);
1351 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1353 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1354 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1355 #ifdef CONFIG_TCP_MD5SIG
1356 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1359 newnp->pktoptions = NULL;
1361 newnp->mcast_oif = inet6_iif(skb);
1362 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1365 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1366 * here, tcp_create_openreq_child now does this for us, see the comment in
1367 * that function for the gory details. -acme
1370 /* It is tricky place. Until this moment IPv4 tcp
1371 worked with IPv6 icsk.icsk_af_ops.
1374 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1379 treq = inet6_rsk(req);
1382 if (sk_acceptq_is_full(sk))
1386 struct in6_addr *final_p, final;
1389 memset(&fl, 0, sizeof(fl));
1390 fl.proto = IPPROTO_TCP;
1391 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1392 final_p = fl6_update_dst(&fl, opt, &final);
1393 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1394 fl.oif = sk->sk_bound_dev_if;
1395 fl.mark = sk->sk_mark;
1396 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1397 fl.fl_ip_sport = inet_rsk(req)->loc_port;
1398 security_req_classify_flow(req, &fl);
1400 if (ip6_dst_lookup(sk, &dst, &fl))
1404 ipv6_addr_copy(&fl.fl6_dst, final_p);
1406 if ((xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0)
1410 newsk = tcp_create_openreq_child(sk, req, skb);
1415 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1416 * count here, tcp_create_openreq_child now does this for us, see the
1417 * comment in that function for the gory details. -acme
1420 newsk->sk_gso_type = SKB_GSO_TCPV6;
1421 __ip6_dst_store(newsk, dst, NULL, NULL);
1423 newtcp6sk = (struct tcp6_sock *)newsk;
1424 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1426 newtp = tcp_sk(newsk);
1427 newinet = inet_sk(newsk);
1428 newnp = inet6_sk(newsk);
1430 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1432 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1433 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1434 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1435 newsk->sk_bound_dev_if = treq->iif;
1437 /* Now IPv6 options...
1439 First: no IPv4 options.
1441 newinet->opt = NULL;
1442 newnp->ipv6_fl_list = NULL;
1445 newnp->rxopt.all = np->rxopt.all;
1447 /* Clone pktoptions received with SYN */
1448 newnp->pktoptions = NULL;
1449 if (treq->pktopts != NULL) {
1450 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1451 kfree_skb(treq->pktopts);
1452 treq->pktopts = NULL;
1453 if (newnp->pktoptions)
1454 skb_set_owner_r(newnp->pktoptions, newsk);
1457 newnp->mcast_oif = inet6_iif(skb);
1458 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1460 /* Clone native IPv6 options from listening socket (if any)
1462 Yes, keeping reference count would be much more clever,
1463 but we make one more one thing there: reattach optmem
1467 newnp->opt = ipv6_dup_options(newsk, opt);
1469 sock_kfree_s(sk, opt, opt->tot_len);
1472 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1474 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1475 newnp->opt->opt_flen);
1477 tcp_mtup_init(newsk);
1478 tcp_sync_mss(newsk, dst_mtu(dst));
1479 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1480 tcp_initialize_rcv_mss(newsk);
1482 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1483 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1485 #ifdef CONFIG_TCP_MD5SIG
1486 /* Copy over the MD5 key from the original socket */
1487 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1488 /* We're using one, so create a matching key
1489 * on the newsk structure. If we fail to get
1490 * memory, then we end up not copying the key
1493 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1495 tcp_v6_md5_do_add(newsk, &newnp->daddr,
1496 newkey, key->keylen);
1500 __inet6_hash(newsk, NULL);
1501 __inet_inherit_port(sk, newsk);
1506 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1508 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1509 if (opt && opt != np->opt)
1510 sock_kfree_s(sk, opt, opt->tot_len);
1515 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1517 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1518 if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr,
1519 &ipv6_hdr(skb)->daddr, skb->csum)) {
1520 skb->ip_summed = CHECKSUM_UNNECESSARY;
1525 skb->csum = ~csum_unfold(tcp_v6_check(skb->len,
1526 &ipv6_hdr(skb)->saddr,
1527 &ipv6_hdr(skb)->daddr, 0));
1529 if (skb->len <= 76) {
1530 return __skb_checksum_complete(skb);
1535 /* The socket must have it's spinlock held when we get
1538 * We have a potential double-lock case here, so even when
1539 * doing backlog processing we use the BH locking scheme.
1540 * This is because we cannot sleep with the original spinlock
1543 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1545 struct ipv6_pinfo *np = inet6_sk(sk);
1546 struct tcp_sock *tp;
1547 struct sk_buff *opt_skb = NULL;
1549 /* Imagine: socket is IPv6. IPv4 packet arrives,
1550 goes to IPv4 receive handler and backlogged.
1551 From backlog it always goes here. Kerboom...
1552 Fortunately, tcp_rcv_established and rcv_established
1553 handle them correctly, but it is not case with
1554 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1557 if (skb->protocol == htons(ETH_P_IP))
1558 return tcp_v4_do_rcv(sk, skb);
1560 #ifdef CONFIG_TCP_MD5SIG
1561 if (tcp_v6_inbound_md5_hash (sk, skb))
1565 if (sk_filter(sk, skb))
1569 * socket locking is here for SMP purposes as backlog rcv
1570 * is currently called with bh processing disabled.
1573 /* Do Stevens' IPV6_PKTOPTIONS.
1575 Yes, guys, it is the only place in our code, where we
1576 may make it not affecting IPv4.
1577 The rest of code is protocol independent,
1578 and I do not like idea to uglify IPv4.
1580 Actually, all the idea behind IPV6_PKTOPTIONS
1581 looks not very well thought. For now we latch
1582 options, received in the last packet, enqueued
1583 by tcp. Feel free to propose better solution.
1587 opt_skb = skb_clone(skb, GFP_ATOMIC);
1589 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1590 TCP_CHECK_TIMER(sk);
1591 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1593 TCP_CHECK_TIMER(sk);
1595 goto ipv6_pktoptions;
1599 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1602 if (sk->sk_state == TCP_LISTEN) {
1603 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1608 * Queue it on the new socket if the new socket is active,
1609 * otherwise we just shortcircuit this and continue with
1613 if (tcp_child_process(sk, nsk, skb))
1616 __kfree_skb(opt_skb);
1621 TCP_CHECK_TIMER(sk);
1622 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1624 TCP_CHECK_TIMER(sk);
1626 goto ipv6_pktoptions;
1630 tcp_v6_send_reset(sk, skb);
1633 __kfree_skb(opt_skb);
1637 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1642 /* Do you ask, what is it?
1644 1. skb was enqueued by tcp.
1645 2. skb is added to tail of read queue, rather than out of order.
1646 3. socket is not in passive state.
1647 4. Finally, it really contains options, which user wants to receive.
1650 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1651 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1652 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1653 np->mcast_oif = inet6_iif(opt_skb);
1654 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1655 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1656 if (ipv6_opt_accepted(sk, opt_skb)) {
1657 skb_set_owner_r(opt_skb, sk);
1658 opt_skb = xchg(&np->pktoptions, opt_skb);
1660 __kfree_skb(opt_skb);
1661 opt_skb = xchg(&np->pktoptions, NULL);
1669 static int tcp_v6_rcv(struct sk_buff *skb)
1672 struct ipv6hdr *hdr;
1675 struct net *net = dev_net(skb->dev);
1677 if (skb->pkt_type != PACKET_HOST)
1681 * Count it even if it's bad.
1683 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1685 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1690 if (th->doff < sizeof(struct tcphdr)/4)
1692 if (!pskb_may_pull(skb, th->doff*4))
1695 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1699 hdr = ipv6_hdr(skb);
1700 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1701 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1702 skb->len - th->doff*4);
1703 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1704 TCP_SKB_CB(skb)->when = 0;
1705 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(hdr);
1706 TCP_SKB_CB(skb)->sacked = 0;
1708 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1713 if (sk->sk_state == TCP_TIME_WAIT)
1716 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1717 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1718 goto discard_and_relse;
1721 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1722 goto discard_and_relse;
1724 if (sk_filter(sk, skb))
1725 goto discard_and_relse;
1729 bh_lock_sock_nested(sk);
1731 if (!sock_owned_by_user(sk)) {
1732 #ifdef CONFIG_NET_DMA
1733 struct tcp_sock *tp = tcp_sk(sk);
1734 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1735 tp->ucopy.dma_chan = dma_find_channel(DMA_MEMCPY);
1736 if (tp->ucopy.dma_chan)
1737 ret = tcp_v6_do_rcv(sk, skb);
1741 if (!tcp_prequeue(sk, skb))
1742 ret = tcp_v6_do_rcv(sk, skb);
1744 } else if (unlikely(sk_add_backlog(sk, skb))) {
1746 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
1747 goto discard_and_relse;
1752 return ret ? -1 : 0;
1755 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1758 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1760 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1762 tcp_v6_send_reset(NULL, skb);
1779 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1780 inet_twsk_put(inet_twsk(sk));
1784 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1785 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1786 inet_twsk_put(inet_twsk(sk));
1790 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1795 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1796 &ipv6_hdr(skb)->daddr,
1797 ntohs(th->dest), inet6_iif(skb));
1799 struct inet_timewait_sock *tw = inet_twsk(sk);
1800 inet_twsk_deschedule(tw, &tcp_death_row);
1805 /* Fall through to ACK */
1808 tcp_v6_timewait_ack(sk, skb);
1812 case TCP_TW_SUCCESS:;
1817 static int tcp_v6_remember_stamp(struct sock *sk)
1819 /* Alas, not yet... */
1823 static const struct inet_connection_sock_af_ops ipv6_specific = {
1824 .queue_xmit = inet6_csk_xmit,
1825 .send_check = tcp_v6_send_check,
1826 .rebuild_header = inet6_sk_rebuild_header,
1827 .conn_request = tcp_v6_conn_request,
1828 .syn_recv_sock = tcp_v6_syn_recv_sock,
1829 .remember_stamp = tcp_v6_remember_stamp,
1830 .net_header_len = sizeof(struct ipv6hdr),
1831 .setsockopt = ipv6_setsockopt,
1832 .getsockopt = ipv6_getsockopt,
1833 .addr2sockaddr = inet6_csk_addr2sockaddr,
1834 .sockaddr_len = sizeof(struct sockaddr_in6),
1835 .bind_conflict = inet6_csk_bind_conflict,
1836 #ifdef CONFIG_COMPAT
1837 .compat_setsockopt = compat_ipv6_setsockopt,
1838 .compat_getsockopt = compat_ipv6_getsockopt,
1842 #ifdef CONFIG_TCP_MD5SIG
1843 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1844 .md5_lookup = tcp_v6_md5_lookup,
1845 .calc_md5_hash = tcp_v6_md5_hash_skb,
1846 .md5_add = tcp_v6_md5_add_func,
1847 .md5_parse = tcp_v6_parse_md5_keys,
1852 * TCP over IPv4 via INET6 API
1855 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1856 .queue_xmit = ip_queue_xmit,
1857 .send_check = tcp_v4_send_check,
1858 .rebuild_header = inet_sk_rebuild_header,
1859 .conn_request = tcp_v6_conn_request,
1860 .syn_recv_sock = tcp_v6_syn_recv_sock,
1861 .remember_stamp = tcp_v4_remember_stamp,
1862 .net_header_len = sizeof(struct iphdr),
1863 .setsockopt = ipv6_setsockopt,
1864 .getsockopt = ipv6_getsockopt,
1865 .addr2sockaddr = inet6_csk_addr2sockaddr,
1866 .sockaddr_len = sizeof(struct sockaddr_in6),
1867 .bind_conflict = inet6_csk_bind_conflict,
1868 #ifdef CONFIG_COMPAT
1869 .compat_setsockopt = compat_ipv6_setsockopt,
1870 .compat_getsockopt = compat_ipv6_getsockopt,
1874 #ifdef CONFIG_TCP_MD5SIG
1875 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1876 .md5_lookup = tcp_v4_md5_lookup,
1877 .calc_md5_hash = tcp_v4_md5_hash_skb,
1878 .md5_add = tcp_v6_md5_add_func,
1879 .md5_parse = tcp_v6_parse_md5_keys,
1883 /* NOTE: A lot of things set to zero explicitly by call to
1884 * sk_alloc() so need not be done here.
1886 static int tcp_v6_init_sock(struct sock *sk)
1888 struct inet_connection_sock *icsk = inet_csk(sk);
1889 struct tcp_sock *tp = tcp_sk(sk);
1891 skb_queue_head_init(&tp->out_of_order_queue);
1892 tcp_init_xmit_timers(sk);
1893 tcp_prequeue_init(tp);
1895 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1896 tp->mdev = TCP_TIMEOUT_INIT;
1898 /* So many TCP implementations out there (incorrectly) count the
1899 * initial SYN frame in their delayed-ACK and congestion control
1900 * algorithms that we must have the following bandaid to talk
1901 * efficiently to them. -DaveM
1905 /* See draft-stevens-tcpca-spec-01 for discussion of the
1906 * initialization of these values.
1908 tp->snd_ssthresh = TCP_INFINITE_SSTHRESH;
1909 tp->snd_cwnd_clamp = ~0;
1910 tp->mss_cache = TCP_MSS_DEFAULT;
1912 tp->reordering = sysctl_tcp_reordering;
1914 sk->sk_state = TCP_CLOSE;
1916 icsk->icsk_af_ops = &ipv6_specific;
1917 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1918 icsk->icsk_sync_mss = tcp_sync_mss;
1919 sk->sk_write_space = sk_stream_write_space;
1920 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1922 #ifdef CONFIG_TCP_MD5SIG
1923 tp->af_specific = &tcp_sock_ipv6_specific;
1926 /* TCP Cookie Transactions */
1927 if (sysctl_tcp_cookie_size > 0) {
1928 /* Default, cookies without s_data_payload. */
1930 kzalloc(sizeof(*tp->cookie_values),
1932 if (tp->cookie_values != NULL)
1933 kref_init(&tp->cookie_values->kref);
1935 /* Presumed zeroed, in order of appearance:
1936 * cookie_in_always, cookie_out_never,
1937 * s_data_constant, s_data_in, s_data_out
1939 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1940 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1943 percpu_counter_inc(&tcp_sockets_allocated);
1949 static void tcp_v6_destroy_sock(struct sock *sk)
1951 #ifdef CONFIG_TCP_MD5SIG
1952 /* Clean up the MD5 key list */
1953 if (tcp_sk(sk)->md5sig_info)
1954 tcp_v6_clear_md5_list(sk);
1956 tcp_v4_destroy_sock(sk);
1957 inet6_destroy_sock(sk);
1960 #ifdef CONFIG_PROC_FS
1961 /* Proc filesystem TCPv6 sock list dumping. */
1962 static void get_openreq6(struct seq_file *seq,
1963 struct sock *sk, struct request_sock *req, int i, int uid)
1965 int ttd = req->expires - jiffies;
1966 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1967 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1973 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1974 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1976 src->s6_addr32[0], src->s6_addr32[1],
1977 src->s6_addr32[2], src->s6_addr32[3],
1978 ntohs(inet_rsk(req)->loc_port),
1979 dest->s6_addr32[0], dest->s6_addr32[1],
1980 dest->s6_addr32[2], dest->s6_addr32[3],
1981 ntohs(inet_rsk(req)->rmt_port),
1983 0,0, /* could print option size, but that is af dependent. */
1984 1, /* timers active (only the expire timer) */
1985 jiffies_to_clock_t(ttd),
1988 0, /* non standard timer */
1989 0, /* open_requests have no inode */
1993 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1995 struct in6_addr *dest, *src;
1998 unsigned long timer_expires;
1999 struct inet_sock *inet = inet_sk(sp);
2000 struct tcp_sock *tp = tcp_sk(sp);
2001 const struct inet_connection_sock *icsk = inet_csk(sp);
2002 struct ipv6_pinfo *np = inet6_sk(sp);
2005 src = &np->rcv_saddr;
2006 destp = ntohs(inet->inet_dport);
2007 srcp = ntohs(inet->inet_sport);
2009 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
2011 timer_expires = icsk->icsk_timeout;
2012 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
2014 timer_expires = icsk->icsk_timeout;
2015 } else if (timer_pending(&sp->sk_timer)) {
2017 timer_expires = sp->sk_timer.expires;
2020 timer_expires = jiffies;
2024 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2025 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %lu %lu %u %u %d\n",
2027 src->s6_addr32[0], src->s6_addr32[1],
2028 src->s6_addr32[2], src->s6_addr32[3], srcp,
2029 dest->s6_addr32[0], dest->s6_addr32[1],
2030 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2032 tp->write_seq-tp->snd_una,
2033 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
2035 jiffies_to_clock_t(timer_expires - jiffies),
2036 icsk->icsk_retransmits,
2038 icsk->icsk_probes_out,
2040 atomic_read(&sp->sk_refcnt), sp,
2041 jiffies_to_clock_t(icsk->icsk_rto),
2042 jiffies_to_clock_t(icsk->icsk_ack.ato),
2043 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
2045 tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh
2049 static void get_timewait6_sock(struct seq_file *seq,
2050 struct inet_timewait_sock *tw, int i)
2052 struct in6_addr *dest, *src;
2054 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
2055 int ttd = tw->tw_ttd - jiffies;
2060 dest = &tw6->tw_v6_daddr;
2061 src = &tw6->tw_v6_rcv_saddr;
2062 destp = ntohs(tw->tw_dport);
2063 srcp = ntohs(tw->tw_sport);
2066 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2067 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
2069 src->s6_addr32[0], src->s6_addr32[1],
2070 src->s6_addr32[2], src->s6_addr32[3], srcp,
2071 dest->s6_addr32[0], dest->s6_addr32[1],
2072 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2073 tw->tw_substate, 0, 0,
2074 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2075 atomic_read(&tw->tw_refcnt), tw);
2078 static int tcp6_seq_show(struct seq_file *seq, void *v)
2080 struct tcp_iter_state *st;
2082 if (v == SEQ_START_TOKEN) {
2087 "st tx_queue rx_queue tr tm->when retrnsmt"
2088 " uid timeout inode\n");
2093 switch (st->state) {
2094 case TCP_SEQ_STATE_LISTENING:
2095 case TCP_SEQ_STATE_ESTABLISHED:
2096 get_tcp6_sock(seq, v, st->num);
2098 case TCP_SEQ_STATE_OPENREQ:
2099 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
2101 case TCP_SEQ_STATE_TIME_WAIT:
2102 get_timewait6_sock(seq, v, st->num);
2109 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2113 .owner = THIS_MODULE,
2116 .show = tcp6_seq_show,
2120 int __net_init tcp6_proc_init(struct net *net)
2122 return tcp_proc_register(net, &tcp6_seq_afinfo);
2125 void tcp6_proc_exit(struct net *net)
2127 tcp_proc_unregister(net, &tcp6_seq_afinfo);
2131 struct proto tcpv6_prot = {
2133 .owner = THIS_MODULE,
2135 .connect = tcp_v6_connect,
2136 .disconnect = tcp_disconnect,
2137 .accept = inet_csk_accept,
2139 .init = tcp_v6_init_sock,
2140 .destroy = tcp_v6_destroy_sock,
2141 .shutdown = tcp_shutdown,
2142 .setsockopt = tcp_setsockopt,
2143 .getsockopt = tcp_getsockopt,
2144 .recvmsg = tcp_recvmsg,
2145 .sendmsg = tcp_sendmsg,
2146 .sendpage = tcp_sendpage,
2147 .backlog_rcv = tcp_v6_do_rcv,
2148 .hash = tcp_v6_hash,
2149 .unhash = inet_unhash,
2150 .get_port = inet_csk_get_port,
2151 .enter_memory_pressure = tcp_enter_memory_pressure,
2152 .sockets_allocated = &tcp_sockets_allocated,
2153 .memory_allocated = &tcp_memory_allocated,
2154 .memory_pressure = &tcp_memory_pressure,
2155 .orphan_count = &tcp_orphan_count,
2156 .sysctl_mem = sysctl_tcp_mem,
2157 .sysctl_wmem = sysctl_tcp_wmem,
2158 .sysctl_rmem = sysctl_tcp_rmem,
2159 .max_header = MAX_TCP_HEADER,
2160 .obj_size = sizeof(struct tcp6_sock),
2161 .slab_flags = SLAB_DESTROY_BY_RCU,
2162 .twsk_prot = &tcp6_timewait_sock_ops,
2163 .rsk_prot = &tcp6_request_sock_ops,
2164 .h.hashinfo = &tcp_hashinfo,
2165 .no_autobind = true,
2166 #ifdef CONFIG_COMPAT
2167 .compat_setsockopt = compat_tcp_setsockopt,
2168 .compat_getsockopt = compat_tcp_getsockopt,
2172 static const struct inet6_protocol tcpv6_protocol = {
2173 .handler = tcp_v6_rcv,
2174 .err_handler = tcp_v6_err,
2175 .gso_send_check = tcp_v6_gso_send_check,
2176 .gso_segment = tcp_tso_segment,
2177 .gro_receive = tcp6_gro_receive,
2178 .gro_complete = tcp6_gro_complete,
2179 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2182 static struct inet_protosw tcpv6_protosw = {
2183 .type = SOCK_STREAM,
2184 .protocol = IPPROTO_TCP,
2185 .prot = &tcpv6_prot,
2186 .ops = &inet6_stream_ops,
2188 .flags = INET_PROTOSW_PERMANENT |
2192 static int __net_init tcpv6_net_init(struct net *net)
2194 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2195 SOCK_RAW, IPPROTO_TCP, net);
2198 static void __net_exit tcpv6_net_exit(struct net *net)
2200 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2203 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2205 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
2208 static struct pernet_operations tcpv6_net_ops = {
2209 .init = tcpv6_net_init,
2210 .exit = tcpv6_net_exit,
2211 .exit_batch = tcpv6_net_exit_batch,
2214 int __init tcpv6_init(void)
2218 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2222 /* register inet6 protocol */
2223 ret = inet6_register_protosw(&tcpv6_protosw);
2225 goto out_tcpv6_protocol;
2227 ret = register_pernet_subsys(&tcpv6_net_ops);
2229 goto out_tcpv6_protosw;
2234 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2236 inet6_unregister_protosw(&tcpv6_protosw);
2240 void tcpv6_exit(void)
2242 unregister_pernet_subsys(&tcpv6_net_ops);
2243 inet6_unregister_protosw(&tcpv6_protosw);
2244 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
git.openpandora.org / pandora-kernel.git / blob