3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/netdma.h>
63 #include <net/inet_common.h>
64 #include <net/secure_seq.h>
66 #include <asm/uaccess.h>
68 #include <linux/proc_fs.h>
69 #include <linux/seq_file.h>
71 #include <linux/crypto.h>
72 #include <linux/scatterlist.h>
74 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
75 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
76 struct request_sock *req);
78 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
79 static void __tcp_v6_send_check(struct sk_buff *skb,
80 const struct in6_addr *saddr,
81 const struct in6_addr *daddr);
83 static const struct inet_connection_sock_af_ops ipv6_mapped;
84 static const struct inet_connection_sock_af_ops ipv6_specific;
85 #ifdef CONFIG_TCP_MD5SIG
86 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
87 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
89 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
90 const struct in6_addr *addr)
96 static void tcp_v6_hash(struct sock *sk)
98 if (sk->sk_state != TCP_CLOSE) {
99 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
104 __inet6_hash(sk, NULL);
109 static __inline__ __sum16 tcp_v6_check(int len,
110 const struct in6_addr *saddr,
111 const struct in6_addr *daddr,
114 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
117 static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
119 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
120 ipv6_hdr(skb)->saddr.s6_addr32,
122 tcp_hdr(skb)->source);
125 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
128 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
129 struct inet_sock *inet = inet_sk(sk);
130 struct inet_connection_sock *icsk = inet_csk(sk);
131 struct ipv6_pinfo *np = inet6_sk(sk);
132 struct tcp_sock *tp = tcp_sk(sk);
133 struct in6_addr *saddr = NULL, *final_p, final;
136 struct dst_entry *dst;
140 if (addr_len < SIN6_LEN_RFC2133)
143 if (usin->sin6_family != AF_INET6)
144 return -EAFNOSUPPORT;
146 memset(&fl6, 0, sizeof(fl6));
149 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
150 IP6_ECN_flow_init(fl6.flowlabel);
151 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
152 struct ip6_flowlabel *flowlabel;
153 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
154 if (flowlabel == NULL)
156 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
157 fl6_sock_release(flowlabel);
162 * connect() to INADDR_ANY means loopback (BSD'ism).
165 if(ipv6_addr_any(&usin->sin6_addr))
166 usin->sin6_addr.s6_addr[15] = 0x1;
168 addr_type = ipv6_addr_type(&usin->sin6_addr);
170 if(addr_type & IPV6_ADDR_MULTICAST)
173 if (addr_type&IPV6_ADDR_LINKLOCAL) {
174 if (addr_len >= sizeof(struct sockaddr_in6) &&
175 usin->sin6_scope_id) {
176 /* If interface is set while binding, indices
179 if (sk->sk_bound_dev_if &&
180 sk->sk_bound_dev_if != usin->sin6_scope_id)
183 sk->sk_bound_dev_if = usin->sin6_scope_id;
186 /* Connect to link-local address requires an interface */
187 if (!sk->sk_bound_dev_if)
191 if (tp->rx_opt.ts_recent_stamp &&
192 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
193 tp->rx_opt.ts_recent = 0;
194 tp->rx_opt.ts_recent_stamp = 0;
198 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
199 np->flow_label = fl6.flowlabel;
205 if (addr_type == IPV6_ADDR_MAPPED) {
206 u32 exthdrlen = icsk->icsk_ext_hdr_len;
207 struct sockaddr_in sin;
209 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
211 if (__ipv6_only_sock(sk))
214 sin.sin_family = AF_INET;
215 sin.sin_port = usin->sin6_port;
216 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
218 icsk->icsk_af_ops = &ipv6_mapped;
219 sk->sk_backlog_rcv = tcp_v4_do_rcv;
220 #ifdef CONFIG_TCP_MD5SIG
221 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
224 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
227 icsk->icsk_ext_hdr_len = exthdrlen;
228 icsk->icsk_af_ops = &ipv6_specific;
229 sk->sk_backlog_rcv = tcp_v6_do_rcv;
230 #ifdef CONFIG_TCP_MD5SIG
231 tp->af_specific = &tcp_sock_ipv6_specific;
235 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
236 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
243 if (!ipv6_addr_any(&np->rcv_saddr))
244 saddr = &np->rcv_saddr;
246 fl6.flowi6_proto = IPPROTO_TCP;
247 ipv6_addr_copy(&fl6.daddr, &np->daddr);
248 ipv6_addr_copy(&fl6.saddr,
249 (saddr ? saddr : &np->saddr));
250 fl6.flowi6_oif = sk->sk_bound_dev_if;
251 fl6.flowi6_mark = sk->sk_mark;
252 fl6.fl6_dport = usin->sin6_port;
253 fl6.fl6_sport = inet->inet_sport;
255 final_p = fl6_update_dst(&fl6, np->opt, &final);
257 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
259 dst = ip6_dst_lookup_flow(sk, &fl6, final_p, true);
267 ipv6_addr_copy(&np->rcv_saddr, saddr);
270 /* set the source address */
271 ipv6_addr_copy(&np->saddr, saddr);
272 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
274 sk->sk_gso_type = SKB_GSO_TCPV6;
275 __ip6_dst_store(sk, dst, NULL, NULL);
277 rt = (struct rt6_info *) dst;
278 if (tcp_death_row.sysctl_tw_recycle &&
279 !tp->rx_opt.ts_recent_stamp &&
280 ipv6_addr_equal(&rt->rt6i_dst.addr, &np->daddr)) {
281 struct inet_peer *peer = rt6_get_peer(rt);
283 * VJ's idea. We save last timestamp seen from
284 * the destination in peer table, when entering state
285 * TIME-WAIT * and initialize rx_opt.ts_recent from it,
286 * when trying new connection.
289 inet_peer_refcheck(peer);
290 if ((u32)get_seconds() - peer->tcp_ts_stamp <= TCP_PAWS_MSL) {
291 tp->rx_opt.ts_recent_stamp = peer->tcp_ts_stamp;
292 tp->rx_opt.ts_recent = peer->tcp_ts;
297 icsk->icsk_ext_hdr_len = 0;
299 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
302 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
304 inet->inet_dport = usin->sin6_port;
306 tcp_set_state(sk, TCP_SYN_SENT);
307 err = inet6_hash_connect(&tcp_death_row, sk);
312 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
317 err = tcp_connect(sk);
324 tcp_set_state(sk, TCP_CLOSE);
327 inet->inet_dport = 0;
328 sk->sk_route_caps = 0;
332 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
333 u8 type, u8 code, int offset, __be32 info)
335 const struct ipv6hdr *hdr = (const struct ipv6hdr*)skb->data;
336 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
337 struct ipv6_pinfo *np;
342 struct net *net = dev_net(skb->dev);
344 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
345 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
348 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
353 if (sk->sk_state == TCP_TIME_WAIT) {
354 inet_twsk_put(inet_twsk(sk));
359 if (sock_owned_by_user(sk))
360 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
362 if (sk->sk_state == TCP_CLOSE)
365 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
366 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
371 seq = ntohl(th->seq);
372 if (sk->sk_state != TCP_LISTEN &&
373 !between(seq, tp->snd_una, tp->snd_nxt)) {
374 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
380 if (type == ICMPV6_PKT_TOOBIG) {
381 struct dst_entry *dst;
383 if (sock_owned_by_user(sk))
385 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
388 /* icmp should have updated the destination cache entry */
389 dst = __sk_dst_check(sk, np->dst_cookie);
392 struct inet_sock *inet = inet_sk(sk);
395 /* BUGGG_FUTURE: Again, it is not clear how
396 to handle rthdr case. Ignore this complexity
399 memset(&fl6, 0, sizeof(fl6));
400 fl6.flowi6_proto = IPPROTO_TCP;
401 ipv6_addr_copy(&fl6.daddr, &np->daddr);
402 ipv6_addr_copy(&fl6.saddr, &np->saddr);
403 fl6.flowi6_oif = sk->sk_bound_dev_if;
404 fl6.flowi6_mark = sk->sk_mark;
405 fl6.fl6_dport = inet->inet_dport;
406 fl6.fl6_sport = inet->inet_sport;
407 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
409 dst = ip6_dst_lookup_flow(sk, &fl6, NULL, false);
411 sk->sk_err_soft = -PTR_ERR(dst);
418 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
419 tcp_sync_mss(sk, dst_mtu(dst));
420 tcp_simple_retransmit(sk);
421 } /* else let the usual retransmit timer handle it */
426 icmpv6_err_convert(type, code, &err);
428 /* Might be for an request_sock */
429 switch (sk->sk_state) {
430 struct request_sock *req, **prev;
432 if (sock_owned_by_user(sk))
435 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
436 &hdr->saddr, inet6_iif(skb));
440 /* ICMPs are not backlogged, hence we cannot get
441 * an established socket here.
443 WARN_ON(req->sk != NULL);
445 if (seq != tcp_rsk(req)->snt_isn) {
446 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
450 inet_csk_reqsk_queue_drop(sk, req, prev);
454 case TCP_SYN_RECV: /* Cannot happen.
455 It can, it SYNs are crossed. --ANK */
456 if (!sock_owned_by_user(sk)) {
458 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
462 sk->sk_err_soft = err;
466 if (!sock_owned_by_user(sk) && np->recverr) {
468 sk->sk_error_report(sk);
470 sk->sk_err_soft = err;
478 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req,
479 struct request_values *rvp)
481 struct inet6_request_sock *treq = inet6_rsk(req);
482 struct ipv6_pinfo *np = inet6_sk(sk);
483 struct sk_buff * skb;
484 struct ipv6_txoptions *opt = NULL;
485 struct in6_addr * final_p, final;
487 struct dst_entry *dst;
490 memset(&fl6, 0, sizeof(fl6));
491 fl6.flowi6_proto = IPPROTO_TCP;
492 ipv6_addr_copy(&fl6.daddr, &treq->rmt_addr);
493 ipv6_addr_copy(&fl6.saddr, &treq->loc_addr);
495 fl6.flowi6_oif = treq->iif;
496 fl6.flowi6_mark = sk->sk_mark;
497 fl6.fl6_dport = inet_rsk(req)->rmt_port;
498 fl6.fl6_sport = inet_rsk(req)->loc_port;
499 security_req_classify_flow(req, flowi6_to_flowi(&fl6));
502 final_p = fl6_update_dst(&fl6, opt, &final);
504 dst = ip6_dst_lookup_flow(sk, &fl6, final_p, false);
510 skb = tcp_make_synack(sk, dst, req, rvp);
513 __tcp_v6_send_check(skb, &treq->loc_addr, &treq->rmt_addr);
515 ipv6_addr_copy(&fl6.daddr, &treq->rmt_addr);
516 err = ip6_xmit(sk, skb, &fl6, opt, np->tclass);
517 err = net_xmit_eval(err);
521 if (opt && opt != np->opt)
522 sock_kfree_s(sk, opt, opt->tot_len);
527 static int tcp_v6_rtx_synack(struct sock *sk, struct request_sock *req,
528 struct request_values *rvp)
530 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
531 return tcp_v6_send_synack(sk, req, rvp);
534 static void tcp_v6_reqsk_destructor(struct request_sock *req)
536 kfree_skb(inet6_rsk(req)->pktopts);
539 #ifdef CONFIG_TCP_MD5SIG
540 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
541 const struct in6_addr *addr)
543 struct tcp_sock *tp = tcp_sk(sk);
548 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
551 for (i = 0; i < tp->md5sig_info->entries6; i++) {
552 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, addr))
553 return &tp->md5sig_info->keys6[i].base;
558 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
559 struct sock *addr_sk)
561 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
564 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
565 struct request_sock *req)
567 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
570 static int tcp_v6_md5_do_add(struct sock *sk, const struct in6_addr *peer,
571 char *newkey, u8 newkeylen)
573 /* Add key to the list */
574 struct tcp_md5sig_key *key;
575 struct tcp_sock *tp = tcp_sk(sk);
576 struct tcp6_md5sig_key *keys;
578 key = tcp_v6_md5_do_lookup(sk, peer);
580 /* modify existing entry - just update that one */
583 key->keylen = newkeylen;
585 /* reallocate new list if current one is full. */
586 if (!tp->md5sig_info) {
587 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
588 if (!tp->md5sig_info) {
592 sk_nocaps_add(sk, NETIF_F_GSO_MASK);
594 if (tp->md5sig_info->entries6 == 0 &&
595 tcp_alloc_md5sig_pool(sk) == NULL) {
599 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
600 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
601 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
605 if (tp->md5sig_info->entries6 == 0)
606 tcp_free_md5sig_pool();
610 if (tp->md5sig_info->entries6)
611 memmove(keys, tp->md5sig_info->keys6,
612 (sizeof (tp->md5sig_info->keys6[0]) *
613 tp->md5sig_info->entries6));
615 kfree(tp->md5sig_info->keys6);
616 tp->md5sig_info->keys6 = keys;
617 tp->md5sig_info->alloced6++;
620 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
622 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
623 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
625 tp->md5sig_info->entries6++;
630 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
631 u8 *newkey, __u8 newkeylen)
633 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
637 static int tcp_v6_md5_do_del(struct sock *sk, const struct in6_addr *peer)
639 struct tcp_sock *tp = tcp_sk(sk);
642 for (i = 0; i < tp->md5sig_info->entries6; i++) {
643 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, peer)) {
645 kfree(tp->md5sig_info->keys6[i].base.key);
646 tp->md5sig_info->entries6--;
648 if (tp->md5sig_info->entries6 == 0) {
649 kfree(tp->md5sig_info->keys6);
650 tp->md5sig_info->keys6 = NULL;
651 tp->md5sig_info->alloced6 = 0;
652 tcp_free_md5sig_pool();
654 /* shrink the database */
655 if (tp->md5sig_info->entries6 != i)
656 memmove(&tp->md5sig_info->keys6[i],
657 &tp->md5sig_info->keys6[i+1],
658 (tp->md5sig_info->entries6 - i)
659 * sizeof (tp->md5sig_info->keys6[0]));
667 static void tcp_v6_clear_md5_list (struct sock *sk)
669 struct tcp_sock *tp = tcp_sk(sk);
672 if (tp->md5sig_info->entries6) {
673 for (i = 0; i < tp->md5sig_info->entries6; i++)
674 kfree(tp->md5sig_info->keys6[i].base.key);
675 tp->md5sig_info->entries6 = 0;
676 tcp_free_md5sig_pool();
679 kfree(tp->md5sig_info->keys6);
680 tp->md5sig_info->keys6 = NULL;
681 tp->md5sig_info->alloced6 = 0;
683 if (tp->md5sig_info->entries4) {
684 for (i = 0; i < tp->md5sig_info->entries4; i++)
685 kfree(tp->md5sig_info->keys4[i].base.key);
686 tp->md5sig_info->entries4 = 0;
687 tcp_free_md5sig_pool();
690 kfree(tp->md5sig_info->keys4);
691 tp->md5sig_info->keys4 = NULL;
692 tp->md5sig_info->alloced4 = 0;
695 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
698 struct tcp_md5sig cmd;
699 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
702 if (optlen < sizeof(cmd))
705 if (copy_from_user(&cmd, optval, sizeof(cmd)))
708 if (sin6->sin6_family != AF_INET6)
711 if (!cmd.tcpm_keylen) {
712 if (!tcp_sk(sk)->md5sig_info)
714 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
715 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
716 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
719 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
722 if (!tcp_sk(sk)->md5sig_info) {
723 struct tcp_sock *tp = tcp_sk(sk);
724 struct tcp_md5sig_info *p;
726 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
731 sk_nocaps_add(sk, NETIF_F_GSO_MASK);
734 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
737 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
738 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
739 newkey, cmd.tcpm_keylen);
741 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
744 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
745 const struct in6_addr *daddr,
746 const struct in6_addr *saddr, int nbytes)
748 struct tcp6_pseudohdr *bp;
749 struct scatterlist sg;
751 bp = &hp->md5_blk.ip6;
752 /* 1. TCP pseudo-header (RFC2460) */
753 ipv6_addr_copy(&bp->saddr, saddr);
754 ipv6_addr_copy(&bp->daddr, daddr);
755 bp->protocol = cpu_to_be32(IPPROTO_TCP);
756 bp->len = cpu_to_be32(nbytes);
758 sg_init_one(&sg, bp, sizeof(*bp));
759 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
762 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
763 const struct in6_addr *daddr, struct in6_addr *saddr,
764 const struct tcphdr *th)
766 struct tcp_md5sig_pool *hp;
767 struct hash_desc *desc;
769 hp = tcp_get_md5sig_pool();
771 goto clear_hash_noput;
772 desc = &hp->md5_desc;
774 if (crypto_hash_init(desc))
776 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
778 if (tcp_md5_hash_header(hp, th))
780 if (tcp_md5_hash_key(hp, key))
782 if (crypto_hash_final(desc, md5_hash))
785 tcp_put_md5sig_pool();
789 tcp_put_md5sig_pool();
791 memset(md5_hash, 0, 16);
795 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
796 const struct sock *sk,
797 const struct request_sock *req,
798 const struct sk_buff *skb)
800 const struct in6_addr *saddr, *daddr;
801 struct tcp_md5sig_pool *hp;
802 struct hash_desc *desc;
803 const struct tcphdr *th = tcp_hdr(skb);
806 saddr = &inet6_sk(sk)->saddr;
807 daddr = &inet6_sk(sk)->daddr;
809 saddr = &inet6_rsk(req)->loc_addr;
810 daddr = &inet6_rsk(req)->rmt_addr;
812 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
813 saddr = &ip6h->saddr;
814 daddr = &ip6h->daddr;
817 hp = tcp_get_md5sig_pool();
819 goto clear_hash_noput;
820 desc = &hp->md5_desc;
822 if (crypto_hash_init(desc))
825 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
827 if (tcp_md5_hash_header(hp, th))
829 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
831 if (tcp_md5_hash_key(hp, key))
833 if (crypto_hash_final(desc, md5_hash))
836 tcp_put_md5sig_pool();
840 tcp_put_md5sig_pool();
842 memset(md5_hash, 0, 16);
846 static int tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb)
848 const __u8 *hash_location = NULL;
849 struct tcp_md5sig_key *hash_expected;
850 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
851 const struct tcphdr *th = tcp_hdr(skb);
855 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
856 hash_location = tcp_parse_md5sig_option(th);
858 /* We've parsed the options - do we have a hash? */
859 if (!hash_expected && !hash_location)
862 if (hash_expected && !hash_location) {
863 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
867 if (!hash_expected && hash_location) {
868 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
872 /* check the signature */
873 genhash = tcp_v6_md5_hash_skb(newhash,
877 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
878 if (net_ratelimit()) {
879 printk(KERN_INFO "MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
880 genhash ? "failed" : "mismatch",
881 &ip6h->saddr, ntohs(th->source),
882 &ip6h->daddr, ntohs(th->dest));
890 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
892 .obj_size = sizeof(struct tcp6_request_sock),
893 .rtx_syn_ack = tcp_v6_rtx_synack,
894 .send_ack = tcp_v6_reqsk_send_ack,
895 .destructor = tcp_v6_reqsk_destructor,
896 .send_reset = tcp_v6_send_reset,
897 .syn_ack_timeout = tcp_syn_ack_timeout,
900 #ifdef CONFIG_TCP_MD5SIG
901 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
902 .md5_lookup = tcp_v6_reqsk_md5_lookup,
903 .calc_md5_hash = tcp_v6_md5_hash_skb,
907 static void __tcp_v6_send_check(struct sk_buff *skb,
908 const struct in6_addr *saddr, const struct in6_addr *daddr)
910 struct tcphdr *th = tcp_hdr(skb);
912 if (skb->ip_summed == CHECKSUM_PARTIAL) {
913 th->check = ~tcp_v6_check(skb->len, saddr, daddr, 0);
914 skb->csum_start = skb_transport_header(skb) - skb->head;
915 skb->csum_offset = offsetof(struct tcphdr, check);
917 th->check = tcp_v6_check(skb->len, saddr, daddr,
918 csum_partial(th, th->doff << 2,
923 static void tcp_v6_send_check(struct sock *sk, struct sk_buff *skb)
925 struct ipv6_pinfo *np = inet6_sk(sk);
927 __tcp_v6_send_check(skb, &np->saddr, &np->daddr);
930 static int tcp_v6_gso_send_check(struct sk_buff *skb)
932 const struct ipv6hdr *ipv6h;
935 if (!pskb_may_pull(skb, sizeof(*th)))
938 ipv6h = ipv6_hdr(skb);
942 skb->ip_summed = CHECKSUM_PARTIAL;
943 __tcp_v6_send_check(skb, &ipv6h->saddr, &ipv6h->daddr);
947 static struct sk_buff **tcp6_gro_receive(struct sk_buff **head,
950 const struct ipv6hdr *iph = skb_gro_network_header(skb);
952 switch (skb->ip_summed) {
953 case CHECKSUM_COMPLETE:
954 if (!tcp_v6_check(skb_gro_len(skb), &iph->saddr, &iph->daddr,
956 skb->ip_summed = CHECKSUM_UNNECESSARY;
962 NAPI_GRO_CB(skb)->flush = 1;
966 return tcp_gro_receive(head, skb);
969 static int tcp6_gro_complete(struct sk_buff *skb)
971 const struct ipv6hdr *iph = ipv6_hdr(skb);
972 struct tcphdr *th = tcp_hdr(skb);
974 th->check = ~tcp_v6_check(skb->len - skb_transport_offset(skb),
975 &iph->saddr, &iph->daddr, 0);
976 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6;
978 return tcp_gro_complete(skb);
981 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
982 u32 ts, struct tcp_md5sig_key *key, int rst, u8 tclass)
984 const struct tcphdr *th = tcp_hdr(skb);
986 struct sk_buff *buff;
988 struct net *net = dev_net(skb_dst(skb)->dev);
989 struct sock *ctl_sk = net->ipv6.tcp_sk;
990 unsigned int tot_len = sizeof(struct tcphdr);
991 struct dst_entry *dst;
995 tot_len += TCPOLEN_TSTAMP_ALIGNED;
996 #ifdef CONFIG_TCP_MD5SIG
998 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1001 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1006 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1008 t1 = (struct tcphdr *) skb_push(buff, tot_len);
1009 skb_reset_transport_header(buff);
1011 /* Swap the send and the receive. */
1012 memset(t1, 0, sizeof(*t1));
1013 t1->dest = th->source;
1014 t1->source = th->dest;
1015 t1->doff = tot_len / 4;
1016 t1->seq = htonl(seq);
1017 t1->ack_seq = htonl(ack);
1018 t1->ack = !rst || !th->ack;
1020 t1->window = htons(win);
1022 topt = (__be32 *)(t1 + 1);
1025 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1026 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
1027 *topt++ = htonl(tcp_time_stamp);
1028 *topt++ = htonl(ts);
1031 #ifdef CONFIG_TCP_MD5SIG
1033 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1034 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
1035 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
1036 &ipv6_hdr(skb)->saddr,
1037 &ipv6_hdr(skb)->daddr, t1);
1041 memset(&fl6, 0, sizeof(fl6));
1042 ipv6_addr_copy(&fl6.daddr, &ipv6_hdr(skb)->saddr);
1043 ipv6_addr_copy(&fl6.saddr, &ipv6_hdr(skb)->daddr);
1045 buff->ip_summed = CHECKSUM_PARTIAL;
1048 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
1050 fl6.flowi6_proto = IPPROTO_TCP;
1051 fl6.flowi6_oif = inet6_iif(skb);
1052 fl6.fl6_dport = t1->dest;
1053 fl6.fl6_sport = t1->source;
1054 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
1056 /* Pass a socket to ip6_dst_lookup either it is for RST
1057 * Underlying function will use this to retrieve the network
1060 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL, false);
1062 skb_dst_set(buff, dst);
1063 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
1064 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
1066 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
1073 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
1075 const struct tcphdr *th = tcp_hdr(skb);
1076 u32 seq = 0, ack_seq = 0;
1077 struct tcp_md5sig_key *key = NULL;
1082 if (!ipv6_unicast_destination(skb))
1085 #ifdef CONFIG_TCP_MD5SIG
1087 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr);
1091 seq = ntohl(th->ack_seq);
1093 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
1096 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1, 0);
1099 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts,
1100 struct tcp_md5sig_key *key, u8 tclass)
1102 tcp_v6_send_response(skb, seq, ack, win, ts, key, 0, tclass);
1105 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1107 struct inet_timewait_sock *tw = inet_twsk(sk);
1108 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1110 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1111 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1112 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw),
1118 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
1119 struct request_sock *req)
1121 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent,
1122 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr), 0);
1126 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1128 struct request_sock *req, **prev;
1129 const struct tcphdr *th = tcp_hdr(skb);
1132 /* Find possible connection requests. */
1133 req = inet6_csk_search_req(sk, &prev, th->source,
1134 &ipv6_hdr(skb)->saddr,
1135 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1137 return tcp_check_req(sk, skb, req, prev);
1139 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
1140 &ipv6_hdr(skb)->saddr, th->source,
1141 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1144 if (nsk->sk_state != TCP_TIME_WAIT) {
1148 inet_twsk_put(inet_twsk(nsk));
1152 #ifdef CONFIG_SYN_COOKIES
1154 sk = cookie_v6_check(sk, skb);
1159 /* FIXME: this is substantially similar to the ipv4 code.
1160 * Can some kind of merge be done? -- erics
1162 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1164 struct tcp_extend_values tmp_ext;
1165 struct tcp_options_received tmp_opt;
1166 const u8 *hash_location;
1167 struct request_sock *req;
1168 struct inet6_request_sock *treq;
1169 struct ipv6_pinfo *np = inet6_sk(sk);
1170 struct tcp_sock *tp = tcp_sk(sk);
1171 __u32 isn = TCP_SKB_CB(skb)->when;
1172 struct dst_entry *dst = NULL;
1173 int want_cookie = 0;
1175 if (skb->protocol == htons(ETH_P_IP))
1176 return tcp_v4_conn_request(sk, skb);
1178 if (!ipv6_unicast_destination(skb))
1181 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1182 want_cookie = tcp_syn_flood_action(sk, skb, "TCPv6");
1187 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1190 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1194 #ifdef CONFIG_TCP_MD5SIG
1195 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1198 tcp_clear_options(&tmp_opt);
1199 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1200 tmp_opt.user_mss = tp->rx_opt.user_mss;
1201 tcp_parse_options(skb, &tmp_opt, &hash_location, 0);
1203 if (tmp_opt.cookie_plus > 0 &&
1204 tmp_opt.saw_tstamp &&
1205 !tp->rx_opt.cookie_out_never &&
1206 (sysctl_tcp_cookie_size > 0 ||
1207 (tp->cookie_values != NULL &&
1208 tp->cookie_values->cookie_desired > 0))) {
1211 u32 *mess = &tmp_ext.cookie_bakery[COOKIE_DIGEST_WORDS];
1212 int l = tmp_opt.cookie_plus - TCPOLEN_COOKIE_BASE;
1214 if (tcp_cookie_generator(&tmp_ext.cookie_bakery[0]) != 0)
1217 /* Secret recipe starts with IP addresses */
1218 d = (__force u32 *)&ipv6_hdr(skb)->daddr.s6_addr32[0];
1223 d = (__force u32 *)&ipv6_hdr(skb)->saddr.s6_addr32[0];
1229 /* plus variable length Initiator Cookie */
1232 *c++ ^= *hash_location++;
1234 want_cookie = 0; /* not our kind of cookie */
1235 tmp_ext.cookie_out_never = 0; /* false */
1236 tmp_ext.cookie_plus = tmp_opt.cookie_plus;
1237 } else if (!tp->rx_opt.cookie_in_always) {
1238 /* redundant indications, but ensure initialization. */
1239 tmp_ext.cookie_out_never = 1; /* true */
1240 tmp_ext.cookie_plus = 0;
1244 tmp_ext.cookie_in_always = tp->rx_opt.cookie_in_always;
1246 if (want_cookie && !tmp_opt.saw_tstamp)
1247 tcp_clear_options(&tmp_opt);
1249 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1250 tcp_openreq_init(req, &tmp_opt, skb);
1252 treq = inet6_rsk(req);
1253 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1254 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1255 if (!want_cookie || tmp_opt.tstamp_ok)
1256 TCP_ECN_create_request(req, tcp_hdr(skb));
1258 treq->iif = sk->sk_bound_dev_if;
1260 /* So that link locals have meaning */
1261 if (!sk->sk_bound_dev_if &&
1262 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1263 treq->iif = inet6_iif(skb);
1266 struct inet_peer *peer = NULL;
1268 if (ipv6_opt_accepted(sk, skb) ||
1269 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1270 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1271 atomic_inc(&skb->users);
1272 treq->pktopts = skb;
1276 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1277 req->cookie_ts = tmp_opt.tstamp_ok;
1281 /* VJ's idea. We save last timestamp seen
1282 * from the destination in peer table, when entering
1283 * state TIME-WAIT, and check against it before
1284 * accepting new connection request.
1286 * If "isn" is not zero, this request hit alive
1287 * timewait bucket, so that all the necessary checks
1288 * are made in the function processing timewait state.
1290 if (tmp_opt.saw_tstamp &&
1291 tcp_death_row.sysctl_tw_recycle &&
1292 (dst = inet6_csk_route_req(sk, req)) != NULL &&
1293 (peer = rt6_get_peer((struct rt6_info *)dst)) != NULL &&
1294 ipv6_addr_equal((struct in6_addr *)peer->daddr.addr.a6,
1296 inet_peer_refcheck(peer);
1297 if ((u32)get_seconds() - peer->tcp_ts_stamp < TCP_PAWS_MSL &&
1298 (s32)(peer->tcp_ts - req->ts_recent) >
1300 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_PAWSPASSIVEREJECTED);
1301 goto drop_and_release;
1304 /* Kill the following clause, if you dislike this way. */
1305 else if (!sysctl_tcp_syncookies &&
1306 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
1307 (sysctl_max_syn_backlog >> 2)) &&
1308 (!peer || !peer->tcp_ts_stamp) &&
1309 (!dst || !dst_metric(dst, RTAX_RTT))) {
1310 /* Without syncookies last quarter of
1311 * backlog is filled with destinations,
1312 * proven to be alive.
1313 * It means that we continue to communicate
1314 * to destinations, already remembered
1315 * to the moment of synflood.
1317 LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open request from %pI6/%u\n",
1318 &treq->rmt_addr, ntohs(tcp_hdr(skb)->source));
1319 goto drop_and_release;
1322 isn = tcp_v6_init_sequence(skb);
1325 tcp_rsk(req)->snt_isn = isn;
1326 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1328 security_inet_conn_request(sk, skb, req);
1330 if (tcp_v6_send_synack(sk, req,
1331 (struct request_values *)&tmp_ext) ||
1335 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1343 return 0; /* don't send reset */
1346 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1347 struct request_sock *req,
1348 struct dst_entry *dst)
1350 struct inet6_request_sock *treq;
1351 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1352 struct tcp6_sock *newtcp6sk;
1353 struct inet_sock *newinet;
1354 struct tcp_sock *newtp;
1356 struct ipv6_txoptions *opt;
1357 #ifdef CONFIG_TCP_MD5SIG
1358 struct tcp_md5sig_key *key;
1361 if (skb->protocol == htons(ETH_P_IP)) {
1366 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1371 newtcp6sk = (struct tcp6_sock *)newsk;
1372 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1374 newinet = inet_sk(newsk);
1375 newnp = inet6_sk(newsk);
1376 newtp = tcp_sk(newsk);
1378 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1380 ipv6_addr_set_v4mapped(newinet->inet_daddr, &newnp->daddr);
1382 ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr);
1384 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1386 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1387 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1388 #ifdef CONFIG_TCP_MD5SIG
1389 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1392 newnp->ipv6_ac_list = NULL;
1393 newnp->ipv6_fl_list = NULL;
1394 newnp->pktoptions = NULL;
1396 newnp->mcast_oif = inet6_iif(skb);
1397 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1400 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1401 * here, tcp_create_openreq_child now does this for us, see the comment in
1402 * that function for the gory details. -acme
1405 /* It is tricky place. Until this moment IPv4 tcp
1406 worked with IPv6 icsk.icsk_af_ops.
1409 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1414 treq = inet6_rsk(req);
1417 if (sk_acceptq_is_full(sk))
1421 dst = inet6_csk_route_req(sk, req);
1426 newsk = tcp_create_openreq_child(sk, req, skb);
1431 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1432 * count here, tcp_create_openreq_child now does this for us, see the
1433 * comment in that function for the gory details. -acme
1436 newsk->sk_gso_type = SKB_GSO_TCPV6;
1437 __ip6_dst_store(newsk, dst, NULL, NULL);
1439 newtcp6sk = (struct tcp6_sock *)newsk;
1440 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1442 newtp = tcp_sk(newsk);
1443 newinet = inet_sk(newsk);
1444 newnp = inet6_sk(newsk);
1446 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1448 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1449 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1450 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1451 newsk->sk_bound_dev_if = treq->iif;
1453 /* Now IPv6 options...
1455 First: no IPv4 options.
1457 newinet->inet_opt = NULL;
1458 newnp->ipv6_ac_list = NULL;
1459 newnp->ipv6_fl_list = NULL;
1462 newnp->rxopt.all = np->rxopt.all;
1464 /* Clone pktoptions received with SYN */
1465 newnp->pktoptions = NULL;
1466 if (treq->pktopts != NULL) {
1467 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1468 kfree_skb(treq->pktopts);
1469 treq->pktopts = NULL;
1470 if (newnp->pktoptions)
1471 skb_set_owner_r(newnp->pktoptions, newsk);
1474 newnp->mcast_oif = inet6_iif(skb);
1475 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1477 /* Clone native IPv6 options from listening socket (if any)
1479 Yes, keeping reference count would be much more clever,
1480 but we make one more one thing there: reattach optmem
1484 newnp->opt = ipv6_dup_options(newsk, opt);
1486 sock_kfree_s(sk, opt, opt->tot_len);
1489 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1491 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1492 newnp->opt->opt_flen);
1494 tcp_mtup_init(newsk);
1495 tcp_sync_mss(newsk, dst_mtu(dst));
1496 newtp->advmss = dst_metric_advmss(dst);
1497 if (tcp_sk(sk)->rx_opt.user_mss &&
1498 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1499 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1501 tcp_initialize_rcv_mss(newsk);
1502 if (tcp_rsk(req)->snt_synack)
1503 tcp_valid_rtt_meas(newsk,
1504 tcp_time_stamp - tcp_rsk(req)->snt_synack);
1505 newtp->total_retrans = req->retrans;
1507 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1508 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1510 #ifdef CONFIG_TCP_MD5SIG
1511 /* Copy over the MD5 key from the original socket */
1512 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1513 /* We're using one, so create a matching key
1514 * on the newsk structure. If we fail to get
1515 * memory, then we end up not copying the key
1518 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1520 tcp_v6_md5_do_add(newsk, &newnp->daddr,
1521 newkey, key->keylen);
1525 if (__inet_inherit_port(sk, newsk) < 0) {
1529 __inet6_hash(newsk, NULL);
1534 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1536 if (opt && opt != np->opt)
1537 sock_kfree_s(sk, opt, opt->tot_len);
1540 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1544 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1546 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1547 if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr,
1548 &ipv6_hdr(skb)->daddr, skb->csum)) {
1549 skb->ip_summed = CHECKSUM_UNNECESSARY;
1554 skb->csum = ~csum_unfold(tcp_v6_check(skb->len,
1555 &ipv6_hdr(skb)->saddr,
1556 &ipv6_hdr(skb)->daddr, 0));
1558 if (skb->len <= 76) {
1559 return __skb_checksum_complete(skb);
1564 /* The socket must have it's spinlock held when we get
1567 * We have a potential double-lock case here, so even when
1568 * doing backlog processing we use the BH locking scheme.
1569 * This is because we cannot sleep with the original spinlock
1572 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1574 struct ipv6_pinfo *np = inet6_sk(sk);
1575 struct tcp_sock *tp;
1576 struct sk_buff *opt_skb = NULL;
1578 /* Imagine: socket is IPv6. IPv4 packet arrives,
1579 goes to IPv4 receive handler and backlogged.
1580 From backlog it always goes here. Kerboom...
1581 Fortunately, tcp_rcv_established and rcv_established
1582 handle them correctly, but it is not case with
1583 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1586 if (skb->protocol == htons(ETH_P_IP))
1587 return tcp_v4_do_rcv(sk, skb);
1589 #ifdef CONFIG_TCP_MD5SIG
1590 if (tcp_v6_inbound_md5_hash (sk, skb))
1594 if (sk_filter(sk, skb))
1598 * socket locking is here for SMP purposes as backlog rcv
1599 * is currently called with bh processing disabled.
1602 /* Do Stevens' IPV6_PKTOPTIONS.
1604 Yes, guys, it is the only place in our code, where we
1605 may make it not affecting IPv4.
1606 The rest of code is protocol independent,
1607 and I do not like idea to uglify IPv4.
1609 Actually, all the idea behind IPV6_PKTOPTIONS
1610 looks not very well thought. For now we latch
1611 options, received in the last packet, enqueued
1612 by tcp. Feel free to propose better solution.
1616 opt_skb = skb_clone(skb, GFP_ATOMIC);
1618 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1619 sock_rps_save_rxhash(sk, skb);
1620 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1623 goto ipv6_pktoptions;
1627 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1630 if (sk->sk_state == TCP_LISTEN) {
1631 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1636 * Queue it on the new socket if the new socket is active,
1637 * otherwise we just shortcircuit this and continue with
1641 sock_rps_save_rxhash(nsk, skb);
1642 if (tcp_child_process(sk, nsk, skb))
1645 __kfree_skb(opt_skb);
1649 sock_rps_save_rxhash(sk, skb);
1651 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1654 goto ipv6_pktoptions;
1658 tcp_v6_send_reset(sk, skb);
1661 __kfree_skb(opt_skb);
1665 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1670 /* Do you ask, what is it?
1672 1. skb was enqueued by tcp.
1673 2. skb is added to tail of read queue, rather than out of order.
1674 3. socket is not in passive state.
1675 4. Finally, it really contains options, which user wants to receive.
1678 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1679 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1680 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1681 np->mcast_oif = inet6_iif(opt_skb);
1682 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1683 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1684 if (ipv6_opt_accepted(sk, opt_skb)) {
1685 skb_set_owner_r(opt_skb, sk);
1686 opt_skb = xchg(&np->pktoptions, opt_skb);
1688 __kfree_skb(opt_skb);
1689 opt_skb = xchg(&np->pktoptions, NULL);
1697 static int tcp_v6_rcv(struct sk_buff *skb)
1699 const struct tcphdr *th;
1700 const struct ipv6hdr *hdr;
1703 struct net *net = dev_net(skb->dev);
1705 if (skb->pkt_type != PACKET_HOST)
1709 * Count it even if it's bad.
1711 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1713 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1718 if (th->doff < sizeof(struct tcphdr)/4)
1720 if (!pskb_may_pull(skb, th->doff*4))
1723 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1727 hdr = ipv6_hdr(skb);
1728 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1729 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1730 skb->len - th->doff*4);
1731 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1732 TCP_SKB_CB(skb)->when = 0;
1733 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1734 TCP_SKB_CB(skb)->sacked = 0;
1736 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1741 if (sk->sk_state == TCP_TIME_WAIT)
1744 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1745 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1746 goto discard_and_relse;
1749 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1750 goto discard_and_relse;
1752 if (sk_filter(sk, skb))
1753 goto discard_and_relse;
1757 bh_lock_sock_nested(sk);
1759 if (!sock_owned_by_user(sk)) {
1760 #ifdef CONFIG_NET_DMA
1761 struct tcp_sock *tp = tcp_sk(sk);
1762 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1763 tp->ucopy.dma_chan = dma_find_channel(DMA_MEMCPY);
1764 if (tp->ucopy.dma_chan)
1765 ret = tcp_v6_do_rcv(sk, skb);
1769 if (!tcp_prequeue(sk, skb))
1770 ret = tcp_v6_do_rcv(sk, skb);
1772 } else if (unlikely(sk_add_backlog(sk, skb))) {
1774 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
1775 goto discard_and_relse;
1780 return ret ? -1 : 0;
1783 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1786 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1788 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1790 tcp_v6_send_reset(NULL, skb);
1807 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1808 inet_twsk_put(inet_twsk(sk));
1812 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1813 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1814 inet_twsk_put(inet_twsk(sk));
1818 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1823 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1824 &ipv6_hdr(skb)->daddr,
1825 ntohs(th->dest), inet6_iif(skb));
1827 struct inet_timewait_sock *tw = inet_twsk(sk);
1828 inet_twsk_deschedule(tw, &tcp_death_row);
1833 /* Fall through to ACK */
1836 tcp_v6_timewait_ack(sk, skb);
1840 case TCP_TW_SUCCESS:;
1845 static struct inet_peer *tcp_v6_get_peer(struct sock *sk, bool *release_it)
1847 struct rt6_info *rt = (struct rt6_info *) __sk_dst_get(sk);
1848 struct ipv6_pinfo *np = inet6_sk(sk);
1849 struct inet_peer *peer;
1852 !ipv6_addr_equal(&np->daddr, &rt->rt6i_dst.addr)) {
1853 peer = inet_getpeer_v6(&np->daddr, 1);
1857 rt6_bind_peer(rt, 1);
1858 peer = rt->rt6i_peer;
1859 *release_it = false;
1865 static void *tcp_v6_tw_get_peer(struct sock *sk)
1867 const struct inet6_timewait_sock *tw6 = inet6_twsk(sk);
1868 const struct inet_timewait_sock *tw = inet_twsk(sk);
1870 if (tw->tw_family == AF_INET)
1871 return tcp_v4_tw_get_peer(sk);
1873 return inet_getpeer_v6(&tw6->tw_v6_daddr, 1);
1876 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1877 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1878 .twsk_unique = tcp_twsk_unique,
1879 .twsk_destructor= tcp_twsk_destructor,
1880 .twsk_getpeer = tcp_v6_tw_get_peer,
1883 static const struct inet_connection_sock_af_ops ipv6_specific = {
1884 .queue_xmit = inet6_csk_xmit,
1885 .send_check = tcp_v6_send_check,
1886 .rebuild_header = inet6_sk_rebuild_header,
1887 .conn_request = tcp_v6_conn_request,
1888 .syn_recv_sock = tcp_v6_syn_recv_sock,
1889 .get_peer = tcp_v6_get_peer,
1890 .net_header_len = sizeof(struct ipv6hdr),
1891 .setsockopt = ipv6_setsockopt,
1892 .getsockopt = ipv6_getsockopt,
1893 .addr2sockaddr = inet6_csk_addr2sockaddr,
1894 .sockaddr_len = sizeof(struct sockaddr_in6),
1895 .bind_conflict = inet6_csk_bind_conflict,
1896 #ifdef CONFIG_COMPAT
1897 .compat_setsockopt = compat_ipv6_setsockopt,
1898 .compat_getsockopt = compat_ipv6_getsockopt,
1902 #ifdef CONFIG_TCP_MD5SIG
1903 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1904 .md5_lookup = tcp_v6_md5_lookup,
1905 .calc_md5_hash = tcp_v6_md5_hash_skb,
1906 .md5_add = tcp_v6_md5_add_func,
1907 .md5_parse = tcp_v6_parse_md5_keys,
1912 * TCP over IPv4 via INET6 API
1915 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1916 .queue_xmit = ip_queue_xmit,
1917 .send_check = tcp_v4_send_check,
1918 .rebuild_header = inet_sk_rebuild_header,
1919 .conn_request = tcp_v6_conn_request,
1920 .syn_recv_sock = tcp_v6_syn_recv_sock,
1921 .get_peer = tcp_v4_get_peer,
1922 .net_header_len = sizeof(struct iphdr),
1923 .setsockopt = ipv6_setsockopt,
1924 .getsockopt = ipv6_getsockopt,
1925 .addr2sockaddr = inet6_csk_addr2sockaddr,
1926 .sockaddr_len = sizeof(struct sockaddr_in6),
1927 .bind_conflict = inet6_csk_bind_conflict,
1928 #ifdef CONFIG_COMPAT
1929 .compat_setsockopt = compat_ipv6_setsockopt,
1930 .compat_getsockopt = compat_ipv6_getsockopt,
1934 #ifdef CONFIG_TCP_MD5SIG
1935 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1936 .md5_lookup = tcp_v4_md5_lookup,
1937 .calc_md5_hash = tcp_v4_md5_hash_skb,
1938 .md5_add = tcp_v6_md5_add_func,
1939 .md5_parse = tcp_v6_parse_md5_keys,
1943 /* NOTE: A lot of things set to zero explicitly by call to
1944 * sk_alloc() so need not be done here.
1946 static int tcp_v6_init_sock(struct sock *sk)
1948 struct inet_connection_sock *icsk = inet_csk(sk);
1949 struct tcp_sock *tp = tcp_sk(sk);
1951 skb_queue_head_init(&tp->out_of_order_queue);
1952 tcp_init_xmit_timers(sk);
1953 tcp_prequeue_init(tp);
1955 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1956 tp->mdev = TCP_TIMEOUT_INIT;
1958 /* So many TCP implementations out there (incorrectly) count the
1959 * initial SYN frame in their delayed-ACK and congestion control
1960 * algorithms that we must have the following bandaid to talk
1961 * efficiently to them. -DaveM
1965 /* See draft-stevens-tcpca-spec-01 for discussion of the
1966 * initialization of these values.
1968 tp->snd_ssthresh = TCP_INFINITE_SSTHRESH;
1969 tp->snd_cwnd_clamp = ~0;
1970 tp->mss_cache = TCP_MSS_DEFAULT;
1972 tp->reordering = sysctl_tcp_reordering;
1974 sk->sk_state = TCP_CLOSE;
1976 icsk->icsk_af_ops = &ipv6_specific;
1977 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1978 icsk->icsk_sync_mss = tcp_sync_mss;
1979 sk->sk_write_space = sk_stream_write_space;
1980 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1982 #ifdef CONFIG_TCP_MD5SIG
1983 tp->af_specific = &tcp_sock_ipv6_specific;
1986 /* TCP Cookie Transactions */
1987 if (sysctl_tcp_cookie_size > 0) {
1988 /* Default, cookies without s_data_payload. */
1990 kzalloc(sizeof(*tp->cookie_values),
1992 if (tp->cookie_values != NULL)
1993 kref_init(&tp->cookie_values->kref);
1995 /* Presumed zeroed, in order of appearance:
1996 * cookie_in_always, cookie_out_never,
1997 * s_data_constant, s_data_in, s_data_out
1999 sk->sk_sndbuf = sysctl_tcp_wmem[1];
2000 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
2003 percpu_counter_inc(&tcp_sockets_allocated);
2009 static void tcp_v6_destroy_sock(struct sock *sk)
2011 #ifdef CONFIG_TCP_MD5SIG
2012 /* Clean up the MD5 key list */
2013 if (tcp_sk(sk)->md5sig_info)
2014 tcp_v6_clear_md5_list(sk);
2016 tcp_v4_destroy_sock(sk);
2017 inet6_destroy_sock(sk);
2020 #ifdef CONFIG_PROC_FS
2021 /* Proc filesystem TCPv6 sock list dumping. */
2022 static void get_openreq6(struct seq_file *seq,
2023 const struct sock *sk, struct request_sock *req, int i, int uid)
2025 int ttd = req->expires - jiffies;
2026 const struct in6_addr *src = &inet6_rsk(req)->loc_addr;
2027 const struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
2033 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2034 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
2036 src->s6_addr32[0], src->s6_addr32[1],
2037 src->s6_addr32[2], src->s6_addr32[3],
2038 ntohs(inet_rsk(req)->loc_port),
2039 dest->s6_addr32[0], dest->s6_addr32[1],
2040 dest->s6_addr32[2], dest->s6_addr32[3],
2041 ntohs(inet_rsk(req)->rmt_port),
2043 0,0, /* could print option size, but that is af dependent. */
2044 1, /* timers active (only the expire timer) */
2045 jiffies_to_clock_t(ttd),
2048 0, /* non standard timer */
2049 0, /* open_requests have no inode */
2053 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
2055 const struct in6_addr *dest, *src;
2058 unsigned long timer_expires;
2059 const struct inet_sock *inet = inet_sk(sp);
2060 const struct tcp_sock *tp = tcp_sk(sp);
2061 const struct inet_connection_sock *icsk = inet_csk(sp);
2062 const struct ipv6_pinfo *np = inet6_sk(sp);
2065 src = &np->rcv_saddr;
2066 destp = ntohs(inet->inet_dport);
2067 srcp = ntohs(inet->inet_sport);
2069 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
2071 timer_expires = icsk->icsk_timeout;
2072 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
2074 timer_expires = icsk->icsk_timeout;
2075 } else if (timer_pending(&sp->sk_timer)) {
2077 timer_expires = sp->sk_timer.expires;
2080 timer_expires = jiffies;
2084 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2085 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %pK %lu %lu %u %u %d\n",
2087 src->s6_addr32[0], src->s6_addr32[1],
2088 src->s6_addr32[2], src->s6_addr32[3], srcp,
2089 dest->s6_addr32[0], dest->s6_addr32[1],
2090 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2092 tp->write_seq-tp->snd_una,
2093 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
2095 jiffies_to_clock_t(timer_expires - jiffies),
2096 icsk->icsk_retransmits,
2098 icsk->icsk_probes_out,
2100 atomic_read(&sp->sk_refcnt), sp,
2101 jiffies_to_clock_t(icsk->icsk_rto),
2102 jiffies_to_clock_t(icsk->icsk_ack.ato),
2103 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
2105 tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh
2109 static void get_timewait6_sock(struct seq_file *seq,
2110 struct inet_timewait_sock *tw, int i)
2112 const struct in6_addr *dest, *src;
2114 const struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
2115 int ttd = tw->tw_ttd - jiffies;
2120 dest = &tw6->tw_v6_daddr;
2121 src = &tw6->tw_v6_rcv_saddr;
2122 destp = ntohs(tw->tw_dport);
2123 srcp = ntohs(tw->tw_sport);
2126 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2127 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
2129 src->s6_addr32[0], src->s6_addr32[1],
2130 src->s6_addr32[2], src->s6_addr32[3], srcp,
2131 dest->s6_addr32[0], dest->s6_addr32[1],
2132 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2133 tw->tw_substate, 0, 0,
2134 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2135 atomic_read(&tw->tw_refcnt), tw);
2138 static int tcp6_seq_show(struct seq_file *seq, void *v)
2140 struct tcp_iter_state *st;
2142 if (v == SEQ_START_TOKEN) {
2147 "st tx_queue rx_queue tr tm->when retrnsmt"
2148 " uid timeout inode\n");
2153 switch (st->state) {
2154 case TCP_SEQ_STATE_LISTENING:
2155 case TCP_SEQ_STATE_ESTABLISHED:
2156 get_tcp6_sock(seq, v, st->num);
2158 case TCP_SEQ_STATE_OPENREQ:
2159 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
2161 case TCP_SEQ_STATE_TIME_WAIT:
2162 get_timewait6_sock(seq, v, st->num);
2169 static const struct file_operations tcp6_afinfo_seq_fops = {
2170 .owner = THIS_MODULE,
2171 .open = tcp_seq_open,
2173 .llseek = seq_lseek,
2174 .release = seq_release_net
2177 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2180 .seq_fops = &tcp6_afinfo_seq_fops,
2182 .show = tcp6_seq_show,
2186 int __net_init tcp6_proc_init(struct net *net)
2188 return tcp_proc_register(net, &tcp6_seq_afinfo);
2191 void tcp6_proc_exit(struct net *net)
2193 tcp_proc_unregister(net, &tcp6_seq_afinfo);
2197 struct proto tcpv6_prot = {
2199 .owner = THIS_MODULE,
2201 .connect = tcp_v6_connect,
2202 .disconnect = tcp_disconnect,
2203 .accept = inet_csk_accept,
2205 .init = tcp_v6_init_sock,
2206 .destroy = tcp_v6_destroy_sock,
2207 .shutdown = tcp_shutdown,
2208 .setsockopt = tcp_setsockopt,
2209 .getsockopt = tcp_getsockopt,
2210 .recvmsg = tcp_recvmsg,
2211 .sendmsg = tcp_sendmsg,
2212 .sendpage = tcp_sendpage,
2213 .backlog_rcv = tcp_v6_do_rcv,
2214 .hash = tcp_v6_hash,
2215 .unhash = inet_unhash,
2216 .get_port = inet_csk_get_port,
2217 .enter_memory_pressure = tcp_enter_memory_pressure,
2218 .sockets_allocated = &tcp_sockets_allocated,
2219 .memory_allocated = &tcp_memory_allocated,
2220 .memory_pressure = &tcp_memory_pressure,
2221 .orphan_count = &tcp_orphan_count,
2222 .sysctl_mem = sysctl_tcp_mem,
2223 .sysctl_wmem = sysctl_tcp_wmem,
2224 .sysctl_rmem = sysctl_tcp_rmem,
2225 .max_header = MAX_TCP_HEADER,
2226 .obj_size = sizeof(struct tcp6_sock),
2227 .slab_flags = SLAB_DESTROY_BY_RCU,
2228 .twsk_prot = &tcp6_timewait_sock_ops,
2229 .rsk_prot = &tcp6_request_sock_ops,
2230 .h.hashinfo = &tcp_hashinfo,
2231 .no_autobind = true,
2232 #ifdef CONFIG_COMPAT
2233 .compat_setsockopt = compat_tcp_setsockopt,
2234 .compat_getsockopt = compat_tcp_getsockopt,
2238 static const struct inet6_protocol tcpv6_protocol = {
2239 .handler = tcp_v6_rcv,
2240 .err_handler = tcp_v6_err,
2241 .gso_send_check = tcp_v6_gso_send_check,
2242 .gso_segment = tcp_tso_segment,
2243 .gro_receive = tcp6_gro_receive,
2244 .gro_complete = tcp6_gro_complete,
2245 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2248 static struct inet_protosw tcpv6_protosw = {
2249 .type = SOCK_STREAM,
2250 .protocol = IPPROTO_TCP,
2251 .prot = &tcpv6_prot,
2252 .ops = &inet6_stream_ops,
2254 .flags = INET_PROTOSW_PERMANENT |
2258 static int __net_init tcpv6_net_init(struct net *net)
2260 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2261 SOCK_RAW, IPPROTO_TCP, net);
2264 static void __net_exit tcpv6_net_exit(struct net *net)
2266 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2269 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2271 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
2274 static struct pernet_operations tcpv6_net_ops = {
2275 .init = tcpv6_net_init,
2276 .exit = tcpv6_net_exit,
2277 .exit_batch = tcpv6_net_exit_batch,
2280 int __init tcpv6_init(void)
2284 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2288 /* register inet6 protocol */
2289 ret = inet6_register_protosw(&tcpv6_protosw);
2291 goto out_tcpv6_protocol;
2293 ret = register_pernet_subsys(&tcpv6_net_ops);
2295 goto out_tcpv6_protosw;
2300 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2302 inet6_unregister_protosw(&tcpv6_protosw);
2306 void tcpv6_exit(void)
2308 unregister_pernet_subsys(&tcpv6_net_ops);
2309 inet6_unregister_protosw(&tcpv6_protosw);
2310 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);