2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * Implementation of the Transmission Control Protocol(TCP).
8 * Version: $Id: tcp_ipv4.c,v 1.240 2002/02/01 22:01:04 davem Exp $
10 * IPv4 specific functions
15 * linux/ipv4/tcp_input.c
16 * linux/ipv4/tcp_output.c
18 * See tcp.c for author information
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
28 * David S. Miller : New socket lookup architecture.
29 * This code is dedicated to John Dyson.
30 * David S. Miller : Change semantics of established hash,
31 * half is devoted to TIME_WAIT sockets
32 * and the rest go in the other half.
33 * Andi Kleen : Add support for syncookies and fixed
34 * some bugs: ip options weren't passed to
35 * the TCP layer, missed a check for an
37 * Andi Kleen : Implemented fast path mtu discovery.
38 * Fixed many serious bugs in the
39 * request_sock handling and moved
40 * most of it into the af independent code.
41 * Added tail drop and some other bugfixes.
42 * Added new listen semantics.
43 * Mike McLagan : Routing by source
44 * Juan Jose Ciarlante: ip_dynaddr bits
45 * Andi Kleen: various fixes.
46 * Vitaly E. Lavrov : Transparent proxy revived after year
48 * Andi Kleen : Fix new listen.
49 * Andi Kleen : Fix accept error reporting.
50 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
51 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
52 * a single port at the same time.
56 #include <linux/types.h>
57 #include <linux/fcntl.h>
58 #include <linux/module.h>
59 #include <linux/random.h>
60 #include <linux/cache.h>
61 #include <linux/jhash.h>
62 #include <linux/init.h>
63 #include <linux/times.h>
65 #include <net/net_namespace.h>
67 #include <net/inet_hashtables.h>
69 #include <net/transp_v6.h>
71 #include <net/inet_common.h>
72 #include <net/timewait_sock.h>
74 #include <net/netdma.h>
76 #include <linux/inet.h>
77 #include <linux/ipv6.h>
78 #include <linux/stddef.h>
79 #include <linux/proc_fs.h>
80 #include <linux/seq_file.h>
82 #include <linux/crypto.h>
83 #include <linux/scatterlist.h>
85 int sysctl_tcp_tw_reuse __read_mostly;
86 int sysctl_tcp_low_latency __read_mostly;
88 /* Check TCP sequence numbers in ICMP packets. */
89 #define ICMP_MIN_LENGTH 8
91 /* Socket used for sending RSTs */
92 static struct socket *tcp_socket __read_mostly;
94 void tcp_v4_send_check(struct sock *sk, int len, struct sk_buff *skb);
96 #ifdef CONFIG_TCP_MD5SIG
97 static struct tcp_md5sig_key *tcp_v4_md5_do_lookup(struct sock *sk,
99 static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
100 __be32 saddr, __be32 daddr,
101 struct tcphdr *th, int protocol,
105 struct inet_hashinfo __cacheline_aligned tcp_hashinfo = {
106 .lhash_lock = __RW_LOCK_UNLOCKED(tcp_hashinfo.lhash_lock),
107 .lhash_users = ATOMIC_INIT(0),
108 .lhash_wait = __WAIT_QUEUE_HEAD_INITIALIZER(tcp_hashinfo.lhash_wait),
111 static int tcp_v4_get_port(struct sock *sk, unsigned short snum)
113 return inet_csk_get_port(&tcp_hashinfo, sk, snum,
114 inet_csk_bind_conflict);
117 static void tcp_v4_hash(struct sock *sk)
119 inet_hash(&tcp_hashinfo, sk);
122 void tcp_unhash(struct sock *sk)
124 inet_unhash(&tcp_hashinfo, sk);
127 static inline __u32 tcp_v4_init_sequence(struct sk_buff *skb)
129 return secure_tcp_sequence_number(ip_hdr(skb)->daddr,
132 tcp_hdr(skb)->source);
135 int tcp_twsk_unique(struct sock *sk, struct sock *sktw, void *twp)
137 const struct tcp_timewait_sock *tcptw = tcp_twsk(sktw);
138 struct tcp_sock *tp = tcp_sk(sk);
140 /* With PAWS, it is safe from the viewpoint
141 of data integrity. Even without PAWS it is safe provided sequence
142 spaces do not overlap i.e. at data rates <= 80Mbit/sec.
144 Actually, the idea is close to VJ's one, only timestamp cache is
145 held not per host, but per port pair and TW bucket is used as state
148 If TW bucket has been already destroyed we fall back to VJ's scheme
149 and use initial timestamp retrieved from peer table.
151 if (tcptw->tw_ts_recent_stamp &&
152 (twp == NULL || (sysctl_tcp_tw_reuse &&
153 get_seconds() - tcptw->tw_ts_recent_stamp > 1))) {
154 tp->write_seq = tcptw->tw_snd_nxt + 65535 + 2;
155 if (tp->write_seq == 0)
157 tp->rx_opt.ts_recent = tcptw->tw_ts_recent;
158 tp->rx_opt.ts_recent_stamp = tcptw->tw_ts_recent_stamp;
166 EXPORT_SYMBOL_GPL(tcp_twsk_unique);
168 /* This will initiate an outgoing connection. */
169 int tcp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
171 struct inet_sock *inet = inet_sk(sk);
172 struct tcp_sock *tp = tcp_sk(sk);
173 struct sockaddr_in *usin = (struct sockaddr_in *)uaddr;
175 __be32 daddr, nexthop;
179 if (addr_len < sizeof(struct sockaddr_in))
182 if (usin->sin_family != AF_INET)
183 return -EAFNOSUPPORT;
185 nexthop = daddr = usin->sin_addr.s_addr;
186 if (inet->opt && inet->opt->srr) {
189 nexthop = inet->opt->faddr;
192 tmp = ip_route_connect(&rt, nexthop, inet->saddr,
193 RT_CONN_FLAGS(sk), sk->sk_bound_dev_if,
195 inet->sport, usin->sin_port, sk, 1);
197 if (tmp == -ENETUNREACH)
198 IP_INC_STATS_BH(IPSTATS_MIB_OUTNOROUTES);
202 if (rt->rt_flags & (RTCF_MULTICAST | RTCF_BROADCAST)) {
207 if (!inet->opt || !inet->opt->srr)
211 inet->saddr = rt->rt_src;
212 inet->rcv_saddr = inet->saddr;
214 if (tp->rx_opt.ts_recent_stamp && inet->daddr != daddr) {
215 /* Reset inherited state */
216 tp->rx_opt.ts_recent = 0;
217 tp->rx_opt.ts_recent_stamp = 0;
221 if (tcp_death_row.sysctl_tw_recycle &&
222 !tp->rx_opt.ts_recent_stamp && rt->rt_dst == daddr) {
223 struct inet_peer *peer = rt_get_peer(rt);
225 * VJ's idea. We save last timestamp seen from
226 * the destination in peer table, when entering state
227 * TIME-WAIT * and initialize rx_opt.ts_recent from it,
228 * when trying new connection.
231 peer->tcp_ts_stamp + TCP_PAWS_MSL >= get_seconds()) {
232 tp->rx_opt.ts_recent_stamp = peer->tcp_ts_stamp;
233 tp->rx_opt.ts_recent = peer->tcp_ts;
237 inet->dport = usin->sin_port;
240 inet_csk(sk)->icsk_ext_hdr_len = 0;
242 inet_csk(sk)->icsk_ext_hdr_len = inet->opt->optlen;
244 tp->rx_opt.mss_clamp = 536;
246 /* Socket identity is still unknown (sport may be zero).
247 * However we set state to SYN-SENT and not releasing socket
248 * lock select source port, enter ourselves into the hash tables and
249 * complete initialization after this.
251 tcp_set_state(sk, TCP_SYN_SENT);
252 err = inet_hash_connect(&tcp_death_row, sk);
256 err = ip_route_newports(&rt, IPPROTO_TCP,
257 inet->sport, inet->dport, sk);
261 /* OK, now commit destination to socket. */
262 sk->sk_gso_type = SKB_GSO_TCPV4;
263 sk_setup_caps(sk, &rt->u.dst);
266 tp->write_seq = secure_tcp_sequence_number(inet->saddr,
271 inet->id = tp->write_seq ^ jiffies;
273 err = tcp_connect(sk);
282 * This unhashes the socket and releases the local port,
285 tcp_set_state(sk, TCP_CLOSE);
287 sk->sk_route_caps = 0;
293 * This routine does path mtu discovery as defined in RFC1191.
295 static void do_pmtu_discovery(struct sock *sk, struct iphdr *iph, u32 mtu)
297 struct dst_entry *dst;
298 struct inet_sock *inet = inet_sk(sk);
300 /* We are not interested in TCP_LISTEN and open_requests (SYN-ACKs
301 * send out by Linux are always <576bytes so they should go through
304 if (sk->sk_state == TCP_LISTEN)
307 /* We don't check in the destentry if pmtu discovery is forbidden
308 * on this route. We just assume that no packet_to_big packets
309 * are send back when pmtu discovery is not active.
310 * There is a small race when the user changes this flag in the
311 * route, but I think that's acceptable.
313 if ((dst = __sk_dst_check(sk, 0)) == NULL)
316 dst->ops->update_pmtu(dst, mtu);
318 /* Something is about to be wrong... Remember soft error
319 * for the case, if this connection will not able to recover.
321 if (mtu < dst_mtu(dst) && ip_dont_fragment(sk, dst))
322 sk->sk_err_soft = EMSGSIZE;
326 if (inet->pmtudisc != IP_PMTUDISC_DONT &&
327 inet_csk(sk)->icsk_pmtu_cookie > mtu) {
328 tcp_sync_mss(sk, mtu);
330 /* Resend the TCP packet because it's
331 * clear that the old packet has been
332 * dropped. This is the new "fast" path mtu
335 tcp_simple_retransmit(sk);
336 } /* else let the usual retransmit timer handle it */
340 * This routine is called by the ICMP module when it gets some
341 * sort of error condition. If err < 0 then the socket should
342 * be closed and the error returned to the user. If err > 0
343 * it's just the icmp type << 8 | icmp code. After adjustment
344 * header points to the first 8 bytes of the tcp header. We need
345 * to find the appropriate port.
347 * The locking strategy used here is very "optimistic". When
348 * someone else accesses the socket the ICMP is just dropped
349 * and for some paths there is no check at all.
350 * A more general error queue to queue errors for later handling
351 * is probably better.
355 void tcp_v4_err(struct sk_buff *skb, u32 info)
357 struct iphdr *iph = (struct iphdr *)skb->data;
358 struct tcphdr *th = (struct tcphdr *)(skb->data + (iph->ihl << 2));
360 struct inet_sock *inet;
361 const int type = icmp_hdr(skb)->type;
362 const int code = icmp_hdr(skb)->code;
367 if (skb->len < (iph->ihl << 2) + 8) {
368 ICMP_INC_STATS_BH(ICMP_MIB_INERRORS);
372 sk = inet_lookup(&tcp_hashinfo, iph->daddr, th->dest, iph->saddr,
373 th->source, inet_iif(skb));
375 ICMP_INC_STATS_BH(ICMP_MIB_INERRORS);
378 if (sk->sk_state == TCP_TIME_WAIT) {
379 inet_twsk_put(inet_twsk(sk));
384 /* If too many ICMPs get dropped on busy
385 * servers this needs to be solved differently.
387 if (sock_owned_by_user(sk))
388 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
390 if (sk->sk_state == TCP_CLOSE)
394 seq = ntohl(th->seq);
395 if (sk->sk_state != TCP_LISTEN &&
396 !between(seq, tp->snd_una, tp->snd_nxt)) {
397 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
402 case ICMP_SOURCE_QUENCH:
403 /* Just silently ignore these. */
405 case ICMP_PARAMETERPROB:
408 case ICMP_DEST_UNREACH:
409 if (code > NR_ICMP_UNREACH)
412 if (code == ICMP_FRAG_NEEDED) { /* PMTU discovery (RFC1191) */
413 if (!sock_owned_by_user(sk))
414 do_pmtu_discovery(sk, iph, info);
418 err = icmp_err_convert[code].errno;
420 case ICMP_TIME_EXCEEDED:
427 switch (sk->sk_state) {
428 struct request_sock *req, **prev;
430 if (sock_owned_by_user(sk))
433 req = inet_csk_search_req(sk, &prev, th->dest,
434 iph->daddr, iph->saddr);
438 /* ICMPs are not backlogged, hence we cannot get
439 an established socket here.
443 if (seq != tcp_rsk(req)->snt_isn) {
444 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
449 * Still in SYN_RECV, just remove it silently.
450 * There is no good way to pass the error to the newly
451 * created socket, and POSIX does not want network
452 * errors returned from accept().
454 inet_csk_reqsk_queue_drop(sk, req, prev);
458 case TCP_SYN_RECV: /* Cannot happen.
459 It can f.e. if SYNs crossed.
461 if (!sock_owned_by_user(sk)) {
464 sk->sk_error_report(sk);
468 sk->sk_err_soft = err;
473 /* If we've already connected we will keep trying
474 * until we time out, or the user gives up.
476 * rfc1122 4.2.3.9 allows to consider as hard errors
477 * only PROTO_UNREACH and PORT_UNREACH (well, FRAG_FAILED too,
478 * but it is obsoleted by pmtu discovery).
480 * Note, that in modern internet, where routing is unreliable
481 * and in each dark corner broken firewalls sit, sending random
482 * errors ordered by their masters even this two messages finally lose
483 * their original sense (even Linux sends invalid PORT_UNREACHs)
485 * Now we are in compliance with RFCs.
490 if (!sock_owned_by_user(sk) && inet->recverr) {
492 sk->sk_error_report(sk);
493 } else { /* Only an error on timeout */
494 sk->sk_err_soft = err;
502 /* This routine computes an IPv4 TCP checksum. */
503 void tcp_v4_send_check(struct sock *sk, int len, struct sk_buff *skb)
505 struct inet_sock *inet = inet_sk(sk);
506 struct tcphdr *th = tcp_hdr(skb);
508 if (skb->ip_summed == CHECKSUM_PARTIAL) {
509 th->check = ~tcp_v4_check(len, inet->saddr,
511 skb->csum_start = skb_transport_header(skb) - skb->head;
512 skb->csum_offset = offsetof(struct tcphdr, check);
514 th->check = tcp_v4_check(len, inet->saddr, inet->daddr,
515 csum_partial((char *)th,
521 int tcp_v4_gso_send_check(struct sk_buff *skb)
523 const struct iphdr *iph;
526 if (!pskb_may_pull(skb, sizeof(*th)))
533 th->check = ~tcp_v4_check(skb->len, iph->saddr, iph->daddr, 0);
534 skb->csum_start = skb_transport_header(skb) - skb->head;
535 skb->csum_offset = offsetof(struct tcphdr, check);
536 skb->ip_summed = CHECKSUM_PARTIAL;
541 * This routine will send an RST to the other tcp.
543 * Someone asks: why I NEVER use socket parameters (TOS, TTL etc.)
545 * Answer: if a packet caused RST, it is not for a socket
546 * existing in our system, if it is matched to a socket,
547 * it is just duplicate segment or bug in other side's TCP.
548 * So that we build reply only basing on parameters
549 * arrived with segment.
550 * Exception: precedence violation. We do not implement it in any case.
553 static void tcp_v4_send_reset(struct sock *sk, struct sk_buff *skb)
555 struct tcphdr *th = tcp_hdr(skb);
558 #ifdef CONFIG_TCP_MD5SIG
559 __be32 opt[(TCPOLEN_MD5SIG_ALIGNED >> 2)];
562 struct ip_reply_arg arg;
563 #ifdef CONFIG_TCP_MD5SIG
564 struct tcp_md5sig_key *key;
567 /* Never send a reset in response to a reset. */
571 if (((struct rtable *)skb->dst)->rt_type != RTN_LOCAL)
574 /* Swap the send and the receive. */
575 memset(&rep, 0, sizeof(rep));
576 rep.th.dest = th->source;
577 rep.th.source = th->dest;
578 rep.th.doff = sizeof(struct tcphdr) / 4;
582 rep.th.seq = th->ack_seq;
585 rep.th.ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin +
586 skb->len - (th->doff << 2));
589 memset(&arg, 0, sizeof(arg));
590 arg.iov[0].iov_base = (unsigned char *)&rep;
591 arg.iov[0].iov_len = sizeof(rep.th);
593 #ifdef CONFIG_TCP_MD5SIG
594 key = sk ? tcp_v4_md5_do_lookup(sk, ip_hdr(skb)->daddr) : NULL;
596 rep.opt[0] = htonl((TCPOPT_NOP << 24) |
598 (TCPOPT_MD5SIG << 8) |
600 /* Update length and the length the header thinks exists */
601 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED;
602 rep.th.doff = arg.iov[0].iov_len / 4;
604 tcp_v4_do_calc_md5_hash((__u8 *)&rep.opt[1],
608 &rep.th, IPPROTO_TCP,
612 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr,
613 ip_hdr(skb)->saddr, /* XXX */
614 sizeof(struct tcphdr), IPPROTO_TCP, 0);
615 arg.csumoffset = offsetof(struct tcphdr, check) / 2;
617 ip_send_reply(tcp_socket->sk, skb, &arg, arg.iov[0].iov_len);
619 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
620 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
623 /* The code following below sending ACKs in SYN-RECV and TIME-WAIT states
624 outside socket context is ugly, certainly. What can I do?
627 static void tcp_v4_send_ack(struct tcp_timewait_sock *twsk,
628 struct sk_buff *skb, u32 seq, u32 ack,
631 struct tcphdr *th = tcp_hdr(skb);
634 __be32 opt[(TCPOLEN_TSTAMP_ALIGNED >> 2)
635 #ifdef CONFIG_TCP_MD5SIG
636 + (TCPOLEN_MD5SIG_ALIGNED >> 2)
640 struct ip_reply_arg arg;
641 #ifdef CONFIG_TCP_MD5SIG
642 struct tcp_md5sig_key *key;
643 struct tcp_md5sig_key tw_key;
646 memset(&rep.th, 0, sizeof(struct tcphdr));
647 memset(&arg, 0, sizeof(arg));
649 arg.iov[0].iov_base = (unsigned char *)&rep;
650 arg.iov[0].iov_len = sizeof(rep.th);
652 rep.opt[0] = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
653 (TCPOPT_TIMESTAMP << 8) |
655 rep.opt[1] = htonl(tcp_time_stamp);
656 rep.opt[2] = htonl(ts);
657 arg.iov[0].iov_len += TCPOLEN_TSTAMP_ALIGNED;
660 /* Swap the send and the receive. */
661 rep.th.dest = th->source;
662 rep.th.source = th->dest;
663 rep.th.doff = arg.iov[0].iov_len / 4;
664 rep.th.seq = htonl(seq);
665 rep.th.ack_seq = htonl(ack);
667 rep.th.window = htons(win);
669 #ifdef CONFIG_TCP_MD5SIG
671 * The SKB holds an imcoming packet, but may not have a valid ->sk
672 * pointer. This is especially the case when we're dealing with a
673 * TIME_WAIT ack, because the sk structure is long gone, and only
674 * the tcp_timewait_sock remains. So the md5 key is stashed in that
675 * structure, and we use it in preference. I believe that (twsk ||
676 * skb->sk) holds true, but we program defensively.
678 if (!twsk && skb->sk) {
679 key = tcp_v4_md5_do_lookup(skb->sk, ip_hdr(skb)->daddr);
680 } else if (twsk && twsk->tw_md5_keylen) {
681 tw_key.key = twsk->tw_md5_key;
682 tw_key.keylen = twsk->tw_md5_keylen;
688 int offset = (ts) ? 3 : 0;
690 rep.opt[offset++] = htonl((TCPOPT_NOP << 24) |
692 (TCPOPT_MD5SIG << 8) |
694 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED;
695 rep.th.doff = arg.iov[0].iov_len/4;
697 tcp_v4_do_calc_md5_hash((__u8 *)&rep.opt[offset],
701 &rep.th, IPPROTO_TCP,
705 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr,
706 ip_hdr(skb)->saddr, /* XXX */
707 arg.iov[0].iov_len, IPPROTO_TCP, 0);
708 arg.csumoffset = offsetof(struct tcphdr, check) / 2;
710 arg.bound_dev_if = twsk->tw_sk.tw_bound_dev_if;
712 ip_send_reply(tcp_socket->sk, skb, &arg, arg.iov[0].iov_len);
714 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
717 static void tcp_v4_timewait_ack(struct sock *sk, struct sk_buff *skb)
719 struct inet_timewait_sock *tw = inet_twsk(sk);
720 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
722 tcp_v4_send_ack(tcptw, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
723 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
724 tcptw->tw_ts_recent);
729 static void tcp_v4_reqsk_send_ack(struct sk_buff *skb,
730 struct request_sock *req)
732 tcp_v4_send_ack(NULL, skb, tcp_rsk(req)->snt_isn + 1,
733 tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd,
738 * Send a SYN-ACK after having received an ACK.
739 * This still operates on a request_sock only, not on a big
742 static int tcp_v4_send_synack(struct sock *sk, struct request_sock *req,
743 struct dst_entry *dst)
745 const struct inet_request_sock *ireq = inet_rsk(req);
747 struct sk_buff * skb;
749 /* First, grab a route. */
750 if (!dst && (dst = inet_csk_route_req(sk, req)) == NULL)
753 skb = tcp_make_synack(sk, dst, req);
756 struct tcphdr *th = tcp_hdr(skb);
758 th->check = tcp_v4_check(skb->len,
761 csum_partial((char *)th, skb->len,
764 err = ip_build_and_send_pkt(skb, sk, ireq->loc_addr,
767 err = net_xmit_eval(err);
776 * IPv4 request_sock destructor.
778 static void tcp_v4_reqsk_destructor(struct request_sock *req)
780 kfree(inet_rsk(req)->opt);
783 #ifdef CONFIG_SYN_COOKIES
784 static void syn_flood_warning(struct sk_buff *skb)
786 static unsigned long warntime;
788 if (time_after(jiffies, (warntime + HZ * 60))) {
791 "possible SYN flooding on port %d. Sending cookies.\n",
792 ntohs(tcp_hdr(skb)->dest));
798 * Save and compile IPv4 options into the request_sock if needed.
800 static struct ip_options *tcp_v4_save_options(struct sock *sk,
803 struct ip_options *opt = &(IPCB(skb)->opt);
804 struct ip_options *dopt = NULL;
806 if (opt && opt->optlen) {
807 int opt_size = optlength(opt);
808 dopt = kmalloc(opt_size, GFP_ATOMIC);
810 if (ip_options_echo(dopt, skb)) {
819 #ifdef CONFIG_TCP_MD5SIG
821 * RFC2385 MD5 checksumming requires a mapping of
822 * IP address->MD5 Key.
823 * We need to maintain these in the sk structure.
826 /* Find the Key structure for an address. */
827 static struct tcp_md5sig_key *
828 tcp_v4_md5_do_lookup(struct sock *sk, __be32 addr)
830 struct tcp_sock *tp = tcp_sk(sk);
833 if (!tp->md5sig_info || !tp->md5sig_info->entries4)
835 for (i = 0; i < tp->md5sig_info->entries4; i++) {
836 if (tp->md5sig_info->keys4[i].addr == addr)
837 return &tp->md5sig_info->keys4[i].base;
842 struct tcp_md5sig_key *tcp_v4_md5_lookup(struct sock *sk,
843 struct sock *addr_sk)
845 return tcp_v4_md5_do_lookup(sk, inet_sk(addr_sk)->daddr);
848 EXPORT_SYMBOL(tcp_v4_md5_lookup);
850 static struct tcp_md5sig_key *tcp_v4_reqsk_md5_lookup(struct sock *sk,
851 struct request_sock *req)
853 return tcp_v4_md5_do_lookup(sk, inet_rsk(req)->rmt_addr);
856 /* This can be called on a newly created socket, from other files */
857 int tcp_v4_md5_do_add(struct sock *sk, __be32 addr,
858 u8 *newkey, u8 newkeylen)
860 /* Add Key to the list */
861 struct tcp_md5sig_key *key;
862 struct tcp_sock *tp = tcp_sk(sk);
863 struct tcp4_md5sig_key *keys;
865 key = tcp_v4_md5_do_lookup(sk, addr);
867 /* Pre-existing entry - just update that one. */
870 key->keylen = newkeylen;
872 struct tcp_md5sig_info *md5sig;
874 if (!tp->md5sig_info) {
875 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info),
877 if (!tp->md5sig_info) {
881 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
883 if (tcp_alloc_md5sig_pool() == NULL) {
887 md5sig = tp->md5sig_info;
889 if (md5sig->alloced4 == md5sig->entries4) {
890 keys = kmalloc((sizeof(*keys) *
891 (md5sig->entries4 + 1)), GFP_ATOMIC);
894 tcp_free_md5sig_pool();
898 if (md5sig->entries4)
899 memcpy(keys, md5sig->keys4,
900 sizeof(*keys) * md5sig->entries4);
902 /* Free old key list, and reference new one */
904 kfree(md5sig->keys4);
905 md5sig->keys4 = keys;
909 md5sig->keys4[md5sig->entries4 - 1].addr = addr;
910 md5sig->keys4[md5sig->entries4 - 1].base.key = newkey;
911 md5sig->keys4[md5sig->entries4 - 1].base.keylen = newkeylen;
916 EXPORT_SYMBOL(tcp_v4_md5_do_add);
918 static int tcp_v4_md5_add_func(struct sock *sk, struct sock *addr_sk,
919 u8 *newkey, u8 newkeylen)
921 return tcp_v4_md5_do_add(sk, inet_sk(addr_sk)->daddr,
925 int tcp_v4_md5_do_del(struct sock *sk, __be32 addr)
927 struct tcp_sock *tp = tcp_sk(sk);
930 for (i = 0; i < tp->md5sig_info->entries4; i++) {
931 if (tp->md5sig_info->keys4[i].addr == addr) {
933 kfree(tp->md5sig_info->keys4[i].base.key);
934 tp->md5sig_info->entries4--;
936 if (tp->md5sig_info->entries4 == 0) {
937 kfree(tp->md5sig_info->keys4);
938 tp->md5sig_info->keys4 = NULL;
939 tp->md5sig_info->alloced4 = 0;
940 } else if (tp->md5sig_info->entries4 != i) {
941 /* Need to do some manipulation */
942 memcpy(&tp->md5sig_info->keys4[i],
943 &tp->md5sig_info->keys4[i+1],
944 (tp->md5sig_info->entries4 - i) *
945 sizeof(struct tcp4_md5sig_key));
947 tcp_free_md5sig_pool();
954 EXPORT_SYMBOL(tcp_v4_md5_do_del);
956 static void tcp_v4_clear_md5_list(struct sock *sk)
958 struct tcp_sock *tp = tcp_sk(sk);
960 /* Free each key, then the set of key keys,
961 * the crypto element, and then decrement our
962 * hold on the last resort crypto.
964 if (tp->md5sig_info->entries4) {
966 for (i = 0; i < tp->md5sig_info->entries4; i++)
967 kfree(tp->md5sig_info->keys4[i].base.key);
968 tp->md5sig_info->entries4 = 0;
969 tcp_free_md5sig_pool();
971 if (tp->md5sig_info->keys4) {
972 kfree(tp->md5sig_info->keys4);
973 tp->md5sig_info->keys4 = NULL;
974 tp->md5sig_info->alloced4 = 0;
978 static int tcp_v4_parse_md5_keys(struct sock *sk, char __user *optval,
981 struct tcp_md5sig cmd;
982 struct sockaddr_in *sin = (struct sockaddr_in *)&cmd.tcpm_addr;
985 if (optlen < sizeof(cmd))
988 if (copy_from_user(&cmd, optval, sizeof(cmd)))
991 if (sin->sin_family != AF_INET)
994 if (!cmd.tcpm_key || !cmd.tcpm_keylen) {
995 if (!tcp_sk(sk)->md5sig_info)
997 return tcp_v4_md5_do_del(sk, sin->sin_addr.s_addr);
1000 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
1003 if (!tcp_sk(sk)->md5sig_info) {
1004 struct tcp_sock *tp = tcp_sk(sk);
1005 struct tcp_md5sig_info *p = kzalloc(sizeof(*p), GFP_KERNEL);
1010 tp->md5sig_info = p;
1011 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
1014 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
1017 return tcp_v4_md5_do_add(sk, sin->sin_addr.s_addr,
1018 newkey, cmd.tcpm_keylen);
1021 static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
1022 __be32 saddr, __be32 daddr,
1023 struct tcphdr *th, int protocol,
1026 struct scatterlist sg[4];
1029 __sum16 old_checksum;
1030 struct tcp_md5sig_pool *hp;
1031 struct tcp4_pseudohdr *bp;
1032 struct hash_desc *desc;
1034 unsigned int nbytes = 0;
1037 * Okay, so RFC2385 is turned on for this connection,
1038 * so we need to generate the MD5 hash for the packet now.
1041 hp = tcp_get_md5sig_pool();
1043 goto clear_hash_noput;
1045 bp = &hp->md5_blk.ip4;
1046 desc = &hp->md5_desc;
1049 * 1. the TCP pseudo-header (in the order: source IP address,
1050 * destination IP address, zero-padded protocol number, and
1056 bp->protocol = protocol;
1057 bp->len = htons(tcplen);
1059 sg_init_table(sg, 4);
1061 sg_set_buf(&sg[block++], bp, sizeof(*bp));
1062 nbytes += sizeof(*bp);
1064 /* 2. the TCP header, excluding options, and assuming a
1067 old_checksum = th->check;
1069 sg_set_buf(&sg[block++], th, sizeof(struct tcphdr));
1070 nbytes += sizeof(struct tcphdr);
1072 /* 3. the TCP segment data (if any) */
1073 data_len = tcplen - (th->doff << 2);
1075 unsigned char *data = (unsigned char *)th + (th->doff << 2);
1076 sg_set_buf(&sg[block++], data, data_len);
1080 /* 4. an independently-specified key or password, known to both
1081 * TCPs and presumably connection-specific
1083 sg_set_buf(&sg[block++], key->key, key->keylen);
1084 nbytes += key->keylen;
1086 sg_mark_end(&sg[block - 1]);
1088 /* Now store the Hash into the packet */
1089 err = crypto_hash_init(desc);
1092 err = crypto_hash_update(desc, sg, nbytes);
1095 err = crypto_hash_final(desc, md5_hash);
1099 /* Reset header, and free up the crypto */
1100 tcp_put_md5sig_pool();
1101 th->check = old_checksum;
1106 tcp_put_md5sig_pool();
1108 memset(md5_hash, 0, 16);
1112 int tcp_v4_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
1114 struct dst_entry *dst,
1115 struct request_sock *req,
1116 struct tcphdr *th, int protocol,
1119 __be32 saddr, daddr;
1122 saddr = inet_sk(sk)->saddr;
1123 daddr = inet_sk(sk)->daddr;
1125 struct rtable *rt = (struct rtable *)dst;
1130 return tcp_v4_do_calc_md5_hash(md5_hash, key,
1132 th, protocol, tcplen);
1135 EXPORT_SYMBOL(tcp_v4_calc_md5_hash);
1137 static int tcp_v4_inbound_md5_hash(struct sock *sk, struct sk_buff *skb)
1140 * This gets called for each TCP segment that arrives
1141 * so we want to be efficient.
1142 * We have 3 drop cases:
1143 * o No MD5 hash and one expected.
1144 * o MD5 hash and we're not expecting one.
1145 * o MD5 hash and its wrong.
1147 __u8 *hash_location = NULL;
1148 struct tcp_md5sig_key *hash_expected;
1149 const struct iphdr *iph = ip_hdr(skb);
1150 struct tcphdr *th = tcp_hdr(skb);
1151 int length = (th->doff << 2) - sizeof(struct tcphdr);
1154 unsigned char newhash[16];
1156 hash_expected = tcp_v4_md5_do_lookup(sk, iph->saddr);
1159 * If the TCP option length is less than the TCP_MD5SIG
1160 * option length, then we can shortcut
1162 if (length < TCPOLEN_MD5SIG) {
1169 /* Okay, we can't shortcut - we have to grub through the options */
1170 ptr = (unsigned char *)(th + 1);
1171 while (length > 0) {
1172 int opcode = *ptr++;
1185 if (opsize > length)
1188 if (opcode == TCPOPT_MD5SIG) {
1189 hash_location = ptr;
1197 /* We've parsed the options - do we have a hash? */
1198 if (!hash_expected && !hash_location)
1201 if (hash_expected && !hash_location) {
1202 LIMIT_NETDEBUG(KERN_INFO "MD5 Hash expected but NOT found "
1203 "(" NIPQUAD_FMT ", %d)->(" NIPQUAD_FMT ", %d)\n",
1204 NIPQUAD(iph->saddr), ntohs(th->source),
1205 NIPQUAD(iph->daddr), ntohs(th->dest));
1209 if (!hash_expected && hash_location) {
1210 LIMIT_NETDEBUG(KERN_INFO "MD5 Hash NOT expected but found "
1211 "(" NIPQUAD_FMT ", %d)->(" NIPQUAD_FMT ", %d)\n",
1212 NIPQUAD(iph->saddr), ntohs(th->source),
1213 NIPQUAD(iph->daddr), ntohs(th->dest));
1217 /* Okay, so this is hash_expected and hash_location -
1218 * so we need to calculate the checksum.
1220 genhash = tcp_v4_do_calc_md5_hash(newhash,
1222 iph->saddr, iph->daddr,
1223 th, sk->sk_protocol,
1226 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
1227 if (net_ratelimit()) {
1228 printk(KERN_INFO "MD5 Hash failed for "
1229 "(" NIPQUAD_FMT ", %d)->(" NIPQUAD_FMT ", %d)%s\n",
1230 NIPQUAD(iph->saddr), ntohs(th->source),
1231 NIPQUAD(iph->daddr), ntohs(th->dest),
1232 genhash ? " tcp_v4_calc_md5_hash failed" : "");
1241 struct request_sock_ops tcp_request_sock_ops __read_mostly = {
1243 .obj_size = sizeof(struct tcp_request_sock),
1244 .rtx_syn_ack = tcp_v4_send_synack,
1245 .send_ack = tcp_v4_reqsk_send_ack,
1246 .destructor = tcp_v4_reqsk_destructor,
1247 .send_reset = tcp_v4_send_reset,
1250 #ifdef CONFIG_TCP_MD5SIG
1251 static struct tcp_request_sock_ops tcp_request_sock_ipv4_ops = {
1252 .md5_lookup = tcp_v4_reqsk_md5_lookup,
1256 static struct timewait_sock_ops tcp_timewait_sock_ops = {
1257 .twsk_obj_size = sizeof(struct tcp_timewait_sock),
1258 .twsk_unique = tcp_twsk_unique,
1259 .twsk_destructor= tcp_twsk_destructor,
1262 int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1264 struct inet_request_sock *ireq;
1265 struct tcp_options_received tmp_opt;
1266 struct request_sock *req;
1267 __be32 saddr = ip_hdr(skb)->saddr;
1268 __be32 daddr = ip_hdr(skb)->daddr;
1269 __u32 isn = TCP_SKB_CB(skb)->when;
1270 struct dst_entry *dst = NULL;
1271 #ifdef CONFIG_SYN_COOKIES
1272 int want_cookie = 0;
1274 #define want_cookie 0 /* Argh, why doesn't gcc optimize this :( */
1277 /* Never answer to SYNs send to broadcast or multicast */
1278 if (((struct rtable *)skb->dst)->rt_flags &
1279 (RTCF_BROADCAST | RTCF_MULTICAST))
1282 /* TW buckets are converted to open requests without
1283 * limitations, they conserve resources and peer is
1284 * evidently real one.
1286 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1287 #ifdef CONFIG_SYN_COOKIES
1288 if (sysctl_tcp_syncookies) {
1295 /* Accept backlog is full. If we have already queued enough
1296 * of warm entries in syn queue, drop request. It is better than
1297 * clogging syn queue with openreqs with exponentially increasing
1300 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1303 req = reqsk_alloc(&tcp_request_sock_ops);
1307 #ifdef CONFIG_TCP_MD5SIG
1308 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv4_ops;
1311 tcp_clear_options(&tmp_opt);
1312 tmp_opt.mss_clamp = 536;
1313 tmp_opt.user_mss = tcp_sk(sk)->rx_opt.user_mss;
1315 tcp_parse_options(skb, &tmp_opt, 0);
1318 tcp_clear_options(&tmp_opt);
1319 tmp_opt.saw_tstamp = 0;
1322 if (tmp_opt.saw_tstamp && !tmp_opt.rcv_tsval) {
1323 /* Some OSes (unknown ones, but I see them on web server, which
1324 * contains information interesting only for windows'
1325 * users) do not send their stamp in SYN. It is easy case.
1326 * We simply do not advertise TS support.
1328 tmp_opt.saw_tstamp = 0;
1329 tmp_opt.tstamp_ok = 0;
1331 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1333 tcp_openreq_init(req, &tmp_opt, skb);
1335 if (security_inet_conn_request(sk, skb, req))
1338 ireq = inet_rsk(req);
1339 ireq->loc_addr = daddr;
1340 ireq->rmt_addr = saddr;
1341 ireq->opt = tcp_v4_save_options(sk, skb);
1343 TCP_ECN_create_request(req, tcp_hdr(skb));
1346 #ifdef CONFIG_SYN_COOKIES
1347 syn_flood_warning(skb);
1349 isn = cookie_v4_init_sequence(sk, skb, &req->mss);
1351 struct inet_peer *peer = NULL;
1353 /* VJ's idea. We save last timestamp seen
1354 * from the destination in peer table, when entering
1355 * state TIME-WAIT, and check against it before
1356 * accepting new connection request.
1358 * If "isn" is not zero, this request hit alive
1359 * timewait bucket, so that all the necessary checks
1360 * are made in the function processing timewait state.
1362 if (tmp_opt.saw_tstamp &&
1363 tcp_death_row.sysctl_tw_recycle &&
1364 (dst = inet_csk_route_req(sk, req)) != NULL &&
1365 (peer = rt_get_peer((struct rtable *)dst)) != NULL &&
1366 peer->v4daddr == saddr) {
1367 if (get_seconds() < peer->tcp_ts_stamp + TCP_PAWS_MSL &&
1368 (s32)(peer->tcp_ts - req->ts_recent) >
1370 NET_INC_STATS_BH(LINUX_MIB_PAWSPASSIVEREJECTED);
1375 /* Kill the following clause, if you dislike this way. */
1376 else if (!sysctl_tcp_syncookies &&
1377 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
1378 (sysctl_max_syn_backlog >> 2)) &&
1379 (!peer || !peer->tcp_ts_stamp) &&
1380 (!dst || !dst_metric(dst, RTAX_RTT))) {
1381 /* Without syncookies last quarter of
1382 * backlog is filled with destinations,
1383 * proven to be alive.
1384 * It means that we continue to communicate
1385 * to destinations, already remembered
1386 * to the moment of synflood.
1388 LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open "
1389 "request from %u.%u.%u.%u/%u\n",
1391 ntohs(tcp_hdr(skb)->source));
1396 isn = tcp_v4_init_sequence(skb);
1398 tcp_rsk(req)->snt_isn = isn;
1400 if (tcp_v4_send_synack(sk, req, dst))
1406 inet_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1418 * The three way handshake has completed - we got a valid synack -
1419 * now create the new socket.
1421 struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1422 struct request_sock *req,
1423 struct dst_entry *dst)
1425 struct inet_request_sock *ireq;
1426 struct inet_sock *newinet;
1427 struct tcp_sock *newtp;
1429 #ifdef CONFIG_TCP_MD5SIG
1430 struct tcp_md5sig_key *key;
1433 if (sk_acceptq_is_full(sk))
1436 if (!dst && (dst = inet_csk_route_req(sk, req)) == NULL)
1439 newsk = tcp_create_openreq_child(sk, req, skb);
1443 newsk->sk_gso_type = SKB_GSO_TCPV4;
1444 sk_setup_caps(newsk, dst);
1446 newtp = tcp_sk(newsk);
1447 newinet = inet_sk(newsk);
1448 ireq = inet_rsk(req);
1449 newinet->daddr = ireq->rmt_addr;
1450 newinet->rcv_saddr = ireq->loc_addr;
1451 newinet->saddr = ireq->loc_addr;
1452 newinet->opt = ireq->opt;
1454 newinet->mc_index = inet_iif(skb);
1455 newinet->mc_ttl = ip_hdr(skb)->ttl;
1456 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1458 inet_csk(newsk)->icsk_ext_hdr_len = newinet->opt->optlen;
1459 newinet->id = newtp->write_seq ^ jiffies;
1461 tcp_mtup_init(newsk);
1462 tcp_sync_mss(newsk, dst_mtu(dst));
1463 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1464 tcp_initialize_rcv_mss(newsk);
1466 #ifdef CONFIG_TCP_MD5SIG
1467 /* Copy over the MD5 key from the original socket */
1468 if ((key = tcp_v4_md5_do_lookup(sk, newinet->daddr)) != NULL) {
1470 * We're using one, so create a matching key
1471 * on the newsk structure. If we fail to get
1472 * memory, then we end up not copying the key
1475 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1477 tcp_v4_md5_do_add(newsk, inet_sk(sk)->daddr,
1478 newkey, key->keylen);
1482 __inet_hash(&tcp_hashinfo, newsk, 0);
1483 __inet_inherit_port(&tcp_hashinfo, sk, newsk);
1488 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
1490 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
1495 static struct sock *tcp_v4_hnd_req(struct sock *sk, struct sk_buff *skb)
1497 struct tcphdr *th = tcp_hdr(skb);
1498 const struct iphdr *iph = ip_hdr(skb);
1500 struct request_sock **prev;
1501 /* Find possible connection requests. */
1502 struct request_sock *req = inet_csk_search_req(sk, &prev, th->source,
1503 iph->saddr, iph->daddr);
1505 return tcp_check_req(sk, skb, req, prev);
1507 nsk = inet_lookup_established(&tcp_hashinfo, iph->saddr, th->source,
1508 iph->daddr, th->dest, inet_iif(skb));
1511 if (nsk->sk_state != TCP_TIME_WAIT) {
1515 inet_twsk_put(inet_twsk(nsk));
1519 #ifdef CONFIG_SYN_COOKIES
1520 if (!th->rst && !th->syn && th->ack)
1521 sk = cookie_v4_check(sk, skb, &(IPCB(skb)->opt));
1526 static __sum16 tcp_v4_checksum_init(struct sk_buff *skb)
1528 const struct iphdr *iph = ip_hdr(skb);
1530 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1531 if (!tcp_v4_check(skb->len, iph->saddr,
1532 iph->daddr, skb->csum)) {
1533 skb->ip_summed = CHECKSUM_UNNECESSARY;
1538 skb->csum = csum_tcpudp_nofold(iph->saddr, iph->daddr,
1539 skb->len, IPPROTO_TCP, 0);
1541 if (skb->len <= 76) {
1542 return __skb_checksum_complete(skb);
1548 /* The socket must have it's spinlock held when we get
1551 * We have a potential double-lock case here, so even when
1552 * doing backlog processing we use the BH locking scheme.
1553 * This is because we cannot sleep with the original spinlock
1556 int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
1559 #ifdef CONFIG_TCP_MD5SIG
1561 * We really want to reject the packet as early as possible
1563 * o We're expecting an MD5'd packet and this is no MD5 tcp option
1564 * o There is an MD5 option and we're not expecting one
1566 if (tcp_v4_inbound_md5_hash(sk, skb))
1570 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1571 TCP_CHECK_TIMER(sk);
1572 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len)) {
1576 TCP_CHECK_TIMER(sk);
1580 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1583 if (sk->sk_state == TCP_LISTEN) {
1584 struct sock *nsk = tcp_v4_hnd_req(sk, skb);
1589 if (tcp_child_process(sk, nsk, skb)) {
1597 TCP_CHECK_TIMER(sk);
1598 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) {
1602 TCP_CHECK_TIMER(sk);
1606 tcp_v4_send_reset(rsk, skb);
1609 /* Be careful here. If this function gets more complicated and
1610 * gcc suffers from register pressure on the x86, sk (in %ebx)
1611 * might be destroyed here. This current version compiles correctly,
1612 * but you have been warned.
1617 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1625 int tcp_v4_rcv(struct sk_buff *skb)
1627 const struct iphdr *iph;
1632 if (skb->pkt_type != PACKET_HOST)
1635 /* Count it even if it's bad */
1636 TCP_INC_STATS_BH(TCP_MIB_INSEGS);
1638 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1643 if (th->doff < sizeof(struct tcphdr) / 4)
1645 if (!pskb_may_pull(skb, th->doff * 4))
1648 /* An explanation is required here, I think.
1649 * Packet length and doff are validated by header prediction,
1650 * provided case of th->doff==0 is eliminated.
1651 * So, we defer the checks. */
1652 if (!skb_csum_unnecessary(skb) && tcp_v4_checksum_init(skb))
1657 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1658 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1659 skb->len - th->doff * 4);
1660 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1661 TCP_SKB_CB(skb)->when = 0;
1662 TCP_SKB_CB(skb)->flags = iph->tos;
1663 TCP_SKB_CB(skb)->sacked = 0;
1665 sk = __inet_lookup(&tcp_hashinfo, iph->saddr, th->source,
1666 iph->daddr, th->dest, inet_iif(skb));
1671 if (sk->sk_state == TCP_TIME_WAIT)
1674 if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb))
1675 goto discard_and_relse;
1678 if (sk_filter(sk, skb))
1679 goto discard_and_relse;
1683 bh_lock_sock_nested(sk);
1685 if (!sock_owned_by_user(sk)) {
1686 #ifdef CONFIG_NET_DMA
1687 struct tcp_sock *tp = tcp_sk(sk);
1688 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1689 tp->ucopy.dma_chan = get_softnet_dma();
1690 if (tp->ucopy.dma_chan)
1691 ret = tcp_v4_do_rcv(sk, skb);
1695 if (!tcp_prequeue(sk, skb))
1696 ret = tcp_v4_do_rcv(sk, skb);
1699 sk_add_backlog(sk, skb);
1707 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
1710 if (skb->len < (th->doff << 2) || tcp_checksum_complete(skb)) {
1712 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1714 tcp_v4_send_reset(NULL, skb);
1718 /* Discard frame. */
1727 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1728 inet_twsk_put(inet_twsk(sk));
1732 if (skb->len < (th->doff << 2) || tcp_checksum_complete(skb)) {
1733 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1734 inet_twsk_put(inet_twsk(sk));
1737 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1739 struct sock *sk2 = inet_lookup_listener(&tcp_hashinfo,
1740 iph->daddr, th->dest,
1743 inet_twsk_deschedule(inet_twsk(sk), &tcp_death_row);
1744 inet_twsk_put(inet_twsk(sk));
1748 /* Fall through to ACK */
1751 tcp_v4_timewait_ack(sk, skb);
1755 case TCP_TW_SUCCESS:;
1760 /* VJ's idea. Save last timestamp seen from this destination
1761 * and hold it at least for normal timewait interval to use for duplicate
1762 * segment detection in subsequent connections, before they enter synchronized
1766 int tcp_v4_remember_stamp(struct sock *sk)
1768 struct inet_sock *inet = inet_sk(sk);
1769 struct tcp_sock *tp = tcp_sk(sk);
1770 struct rtable *rt = (struct rtable *)__sk_dst_get(sk);
1771 struct inet_peer *peer = NULL;
1774 if (!rt || rt->rt_dst != inet->daddr) {
1775 peer = inet_getpeer(inet->daddr, 1);
1779 rt_bind_peer(rt, 1);
1784 if ((s32)(peer->tcp_ts - tp->rx_opt.ts_recent) <= 0 ||
1785 (peer->tcp_ts_stamp + TCP_PAWS_MSL < get_seconds() &&
1786 peer->tcp_ts_stamp <= tp->rx_opt.ts_recent_stamp)) {
1787 peer->tcp_ts_stamp = tp->rx_opt.ts_recent_stamp;
1788 peer->tcp_ts = tp->rx_opt.ts_recent;
1798 int tcp_v4_tw_remember_stamp(struct inet_timewait_sock *tw)
1800 struct inet_peer *peer = inet_getpeer(tw->tw_daddr, 1);
1803 const struct tcp_timewait_sock *tcptw = tcp_twsk((struct sock *)tw);
1805 if ((s32)(peer->tcp_ts - tcptw->tw_ts_recent) <= 0 ||
1806 (peer->tcp_ts_stamp + TCP_PAWS_MSL < get_seconds() &&
1807 peer->tcp_ts_stamp <= tcptw->tw_ts_recent_stamp)) {
1808 peer->tcp_ts_stamp = tcptw->tw_ts_recent_stamp;
1809 peer->tcp_ts = tcptw->tw_ts_recent;
1818 struct inet_connection_sock_af_ops ipv4_specific = {
1819 .queue_xmit = ip_queue_xmit,
1820 .send_check = tcp_v4_send_check,
1821 .rebuild_header = inet_sk_rebuild_header,
1822 .conn_request = tcp_v4_conn_request,
1823 .syn_recv_sock = tcp_v4_syn_recv_sock,
1824 .remember_stamp = tcp_v4_remember_stamp,
1825 .net_header_len = sizeof(struct iphdr),
1826 .setsockopt = ip_setsockopt,
1827 .getsockopt = ip_getsockopt,
1828 .addr2sockaddr = inet_csk_addr2sockaddr,
1829 .sockaddr_len = sizeof(struct sockaddr_in),
1830 #ifdef CONFIG_COMPAT
1831 .compat_setsockopt = compat_ip_setsockopt,
1832 .compat_getsockopt = compat_ip_getsockopt,
1836 #ifdef CONFIG_TCP_MD5SIG
1837 static struct tcp_sock_af_ops tcp_sock_ipv4_specific = {
1838 .md5_lookup = tcp_v4_md5_lookup,
1839 .calc_md5_hash = tcp_v4_calc_md5_hash,
1840 .md5_add = tcp_v4_md5_add_func,
1841 .md5_parse = tcp_v4_parse_md5_keys,
1845 /* NOTE: A lot of things set to zero explicitly by call to
1846 * sk_alloc() so need not be done here.
1848 static int tcp_v4_init_sock(struct sock *sk)
1850 struct inet_connection_sock *icsk = inet_csk(sk);
1851 struct tcp_sock *tp = tcp_sk(sk);
1853 skb_queue_head_init(&tp->out_of_order_queue);
1854 tcp_init_xmit_timers(sk);
1855 tcp_prequeue_init(tp);
1857 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1858 tp->mdev = TCP_TIMEOUT_INIT;
1860 /* So many TCP implementations out there (incorrectly) count the
1861 * initial SYN frame in their delayed-ACK and congestion control
1862 * algorithms that we must have the following bandaid to talk
1863 * efficiently to them. -DaveM
1867 /* See draft-stevens-tcpca-spec-01 for discussion of the
1868 * initialization of these values.
1870 tp->snd_ssthresh = 0x7fffffff; /* Infinity */
1871 tp->snd_cwnd_clamp = ~0;
1872 tp->mss_cache = 536;
1874 tp->reordering = sysctl_tcp_reordering;
1875 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1877 sk->sk_state = TCP_CLOSE;
1879 sk->sk_write_space = sk_stream_write_space;
1880 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1882 icsk->icsk_af_ops = &ipv4_specific;
1883 icsk->icsk_sync_mss = tcp_sync_mss;
1884 #ifdef CONFIG_TCP_MD5SIG
1885 tp->af_specific = &tcp_sock_ipv4_specific;
1888 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1889 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1891 atomic_inc(&tcp_sockets_allocated);
1896 int tcp_v4_destroy_sock(struct sock *sk)
1898 struct tcp_sock *tp = tcp_sk(sk);
1900 tcp_clear_xmit_timers(sk);
1902 tcp_cleanup_congestion_control(sk);
1904 /* Cleanup up the write buffer. */
1905 tcp_write_queue_purge(sk);
1907 /* Cleans up our, hopefully empty, out_of_order_queue. */
1908 __skb_queue_purge(&tp->out_of_order_queue);
1910 #ifdef CONFIG_TCP_MD5SIG
1911 /* Clean up the MD5 key list, if any */
1912 if (tp->md5sig_info) {
1913 tcp_v4_clear_md5_list(sk);
1914 kfree(tp->md5sig_info);
1915 tp->md5sig_info = NULL;
1919 #ifdef CONFIG_NET_DMA
1920 /* Cleans up our sk_async_wait_queue */
1921 __skb_queue_purge(&sk->sk_async_wait_queue);
1924 /* Clean prequeue, it must be empty really */
1925 __skb_queue_purge(&tp->ucopy.prequeue);
1927 /* Clean up a referenced TCP bind bucket. */
1928 if (inet_csk(sk)->icsk_bind_hash)
1929 inet_put_port(&tcp_hashinfo, sk);
1932 * If sendmsg cached page exists, toss it.
1934 if (sk->sk_sndmsg_page) {
1935 __free_page(sk->sk_sndmsg_page);
1936 sk->sk_sndmsg_page = NULL;
1939 atomic_dec(&tcp_sockets_allocated);
1944 EXPORT_SYMBOL(tcp_v4_destroy_sock);
1946 #ifdef CONFIG_PROC_FS
1947 /* Proc filesystem TCP sock list dumping. */
1949 static inline struct inet_timewait_sock *tw_head(struct hlist_head *head)
1951 return hlist_empty(head) ? NULL :
1952 list_entry(head->first, struct inet_timewait_sock, tw_node);
1955 static inline struct inet_timewait_sock *tw_next(struct inet_timewait_sock *tw)
1957 return tw->tw_node.next ?
1958 hlist_entry(tw->tw_node.next, typeof(*tw), tw_node) : NULL;
1961 static void *listening_get_next(struct seq_file *seq, void *cur)
1963 struct inet_connection_sock *icsk;
1964 struct hlist_node *node;
1965 struct sock *sk = cur;
1966 struct tcp_iter_state* st = seq->private;
1970 sk = sk_head(&tcp_hashinfo.listening_hash[0]);
1976 if (st->state == TCP_SEQ_STATE_OPENREQ) {
1977 struct request_sock *req = cur;
1979 icsk = inet_csk(st->syn_wait_sk);
1983 if (req->rsk_ops->family == st->family) {
1989 if (++st->sbucket >= icsk->icsk_accept_queue.listen_opt->nr_table_entries)
1992 req = icsk->icsk_accept_queue.listen_opt->syn_table[st->sbucket];
1994 sk = sk_next(st->syn_wait_sk);
1995 st->state = TCP_SEQ_STATE_LISTENING;
1996 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
1998 icsk = inet_csk(sk);
1999 read_lock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2000 if (reqsk_queue_len(&icsk->icsk_accept_queue))
2002 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2006 sk_for_each_from(sk, node) {
2007 if (sk->sk_family == st->family) {
2011 icsk = inet_csk(sk);
2012 read_lock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2013 if (reqsk_queue_len(&icsk->icsk_accept_queue)) {
2015 st->uid = sock_i_uid(sk);
2016 st->syn_wait_sk = sk;
2017 st->state = TCP_SEQ_STATE_OPENREQ;
2021 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2023 if (++st->bucket < INET_LHTABLE_SIZE) {
2024 sk = sk_head(&tcp_hashinfo.listening_hash[st->bucket]);
2032 static void *listening_get_idx(struct seq_file *seq, loff_t *pos)
2034 void *rc = listening_get_next(seq, NULL);
2036 while (rc && *pos) {
2037 rc = listening_get_next(seq, rc);
2043 static void *established_get_first(struct seq_file *seq)
2045 struct tcp_iter_state* st = seq->private;
2048 for (st->bucket = 0; st->bucket < tcp_hashinfo.ehash_size; ++st->bucket) {
2050 struct hlist_node *node;
2051 struct inet_timewait_sock *tw;
2052 rwlock_t *lock = inet_ehash_lockp(&tcp_hashinfo, st->bucket);
2055 sk_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
2056 if (sk->sk_family != st->family) {
2062 st->state = TCP_SEQ_STATE_TIME_WAIT;
2063 inet_twsk_for_each(tw, node,
2064 &tcp_hashinfo.ehash[st->bucket].twchain) {
2065 if (tw->tw_family != st->family) {
2071 read_unlock_bh(lock);
2072 st->state = TCP_SEQ_STATE_ESTABLISHED;
2078 static void *established_get_next(struct seq_file *seq, void *cur)
2080 struct sock *sk = cur;
2081 struct inet_timewait_sock *tw;
2082 struct hlist_node *node;
2083 struct tcp_iter_state* st = seq->private;
2087 if (st->state == TCP_SEQ_STATE_TIME_WAIT) {
2091 while (tw && tw->tw_family != st->family) {
2098 read_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2099 st->state = TCP_SEQ_STATE_ESTABLISHED;
2101 if (++st->bucket < tcp_hashinfo.ehash_size) {
2102 read_lock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2103 sk = sk_head(&tcp_hashinfo.ehash[st->bucket].chain);
2111 sk_for_each_from(sk, node) {
2112 if (sk->sk_family == st->family)
2116 st->state = TCP_SEQ_STATE_TIME_WAIT;
2117 tw = tw_head(&tcp_hashinfo.ehash[st->bucket].twchain);
2125 static void *established_get_idx(struct seq_file *seq, loff_t pos)
2127 void *rc = established_get_first(seq);
2130 rc = established_get_next(seq, rc);
2136 static void *tcp_get_idx(struct seq_file *seq, loff_t pos)
2139 struct tcp_iter_state* st = seq->private;
2141 inet_listen_lock(&tcp_hashinfo);
2142 st->state = TCP_SEQ_STATE_LISTENING;
2143 rc = listening_get_idx(seq, &pos);
2146 inet_listen_unlock(&tcp_hashinfo);
2147 st->state = TCP_SEQ_STATE_ESTABLISHED;
2148 rc = established_get_idx(seq, pos);
2154 static void *tcp_seq_start(struct seq_file *seq, loff_t *pos)
2156 struct tcp_iter_state* st = seq->private;
2157 st->state = TCP_SEQ_STATE_LISTENING;
2159 return *pos ? tcp_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2162 static void *tcp_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2165 struct tcp_iter_state* st;
2167 if (v == SEQ_START_TOKEN) {
2168 rc = tcp_get_idx(seq, 0);
2173 switch (st->state) {
2174 case TCP_SEQ_STATE_OPENREQ:
2175 case TCP_SEQ_STATE_LISTENING:
2176 rc = listening_get_next(seq, v);
2178 inet_listen_unlock(&tcp_hashinfo);
2179 st->state = TCP_SEQ_STATE_ESTABLISHED;
2180 rc = established_get_first(seq);
2183 case TCP_SEQ_STATE_ESTABLISHED:
2184 case TCP_SEQ_STATE_TIME_WAIT:
2185 rc = established_get_next(seq, v);
2193 static void tcp_seq_stop(struct seq_file *seq, void *v)
2195 struct tcp_iter_state* st = seq->private;
2197 switch (st->state) {
2198 case TCP_SEQ_STATE_OPENREQ:
2200 struct inet_connection_sock *icsk = inet_csk(st->syn_wait_sk);
2201 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2203 case TCP_SEQ_STATE_LISTENING:
2204 if (v != SEQ_START_TOKEN)
2205 inet_listen_unlock(&tcp_hashinfo);
2207 case TCP_SEQ_STATE_TIME_WAIT:
2208 case TCP_SEQ_STATE_ESTABLISHED:
2210 read_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2215 static int tcp_seq_open(struct inode *inode, struct file *file)
2217 struct tcp_seq_afinfo *afinfo = PDE(inode)->data;
2218 struct seq_file *seq;
2219 struct tcp_iter_state *s;
2222 if (unlikely(afinfo == NULL))
2225 s = kzalloc(sizeof(*s), GFP_KERNEL);
2228 s->family = afinfo->family;
2229 s->seq_ops.start = tcp_seq_start;
2230 s->seq_ops.next = tcp_seq_next;
2231 s->seq_ops.show = afinfo->seq_show;
2232 s->seq_ops.stop = tcp_seq_stop;
2234 rc = seq_open(file, &s->seq_ops);
2237 seq = file->private_data;
2246 int tcp_proc_register(struct tcp_seq_afinfo *afinfo)
2249 struct proc_dir_entry *p;
2253 afinfo->seq_fops->owner = afinfo->owner;
2254 afinfo->seq_fops->open = tcp_seq_open;
2255 afinfo->seq_fops->read = seq_read;
2256 afinfo->seq_fops->llseek = seq_lseek;
2257 afinfo->seq_fops->release = seq_release_private;
2259 p = proc_net_fops_create(&init_net, afinfo->name, S_IRUGO, afinfo->seq_fops);
2267 void tcp_proc_unregister(struct tcp_seq_afinfo *afinfo)
2271 proc_net_remove(&init_net, afinfo->name);
2272 memset(afinfo->seq_fops, 0, sizeof(*afinfo->seq_fops));
2275 static void get_openreq4(struct sock *sk, struct request_sock *req,
2276 char *tmpbuf, int i, int uid)
2278 const struct inet_request_sock *ireq = inet_rsk(req);
2279 int ttd = req->expires - jiffies;
2281 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
2282 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %p",
2285 ntohs(inet_sk(sk)->sport),
2287 ntohs(ireq->rmt_port),
2289 0, 0, /* could print option size, but that is af dependent. */
2290 1, /* timers active (only the expire timer) */
2291 jiffies_to_clock_t(ttd),
2294 0, /* non standard timer */
2295 0, /* open_requests have no inode */
2296 atomic_read(&sk->sk_refcnt),
2300 static void get_tcp4_sock(struct sock *sk, char *tmpbuf, int i)
2303 unsigned long timer_expires;
2304 struct tcp_sock *tp = tcp_sk(sk);
2305 const struct inet_connection_sock *icsk = inet_csk(sk);
2306 struct inet_sock *inet = inet_sk(sk);
2307 __be32 dest = inet->daddr;
2308 __be32 src = inet->rcv_saddr;
2309 __u16 destp = ntohs(inet->dport);
2310 __u16 srcp = ntohs(inet->sport);
2312 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
2314 timer_expires = icsk->icsk_timeout;
2315 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
2317 timer_expires = icsk->icsk_timeout;
2318 } else if (timer_pending(&sk->sk_timer)) {
2320 timer_expires = sk->sk_timer.expires;
2323 timer_expires = jiffies;
2326 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
2327 "%08X %5d %8d %lu %d %p %u %u %u %u %d",
2328 i, src, srcp, dest, destp, sk->sk_state,
2329 tp->write_seq - tp->snd_una,
2330 sk->sk_state == TCP_LISTEN ? sk->sk_ack_backlog :
2331 (tp->rcv_nxt - tp->copied_seq),
2333 jiffies_to_clock_t(timer_expires - jiffies),
2334 icsk->icsk_retransmits,
2336 icsk->icsk_probes_out,
2338 atomic_read(&sk->sk_refcnt), sk,
2341 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
2343 tp->snd_ssthresh >= 0xFFFF ? -1 : tp->snd_ssthresh);
2346 static void get_timewait4_sock(struct inet_timewait_sock *tw,
2347 char *tmpbuf, int i)
2351 int ttd = tw->tw_ttd - jiffies;
2356 dest = tw->tw_daddr;
2357 src = tw->tw_rcv_saddr;
2358 destp = ntohs(tw->tw_dport);
2359 srcp = ntohs(tw->tw_sport);
2361 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
2362 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p",
2363 i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
2364 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2365 atomic_read(&tw->tw_refcnt), tw);
2370 static int tcp4_seq_show(struct seq_file *seq, void *v)
2372 struct tcp_iter_state* st;
2373 char tmpbuf[TMPSZ + 1];
2375 if (v == SEQ_START_TOKEN) {
2376 seq_printf(seq, "%-*s\n", TMPSZ - 1,
2377 " sl local_address rem_address st tx_queue "
2378 "rx_queue tr tm->when retrnsmt uid timeout "
2384 switch (st->state) {
2385 case TCP_SEQ_STATE_LISTENING:
2386 case TCP_SEQ_STATE_ESTABLISHED:
2387 get_tcp4_sock(v, tmpbuf, st->num);
2389 case TCP_SEQ_STATE_OPENREQ:
2390 get_openreq4(st->syn_wait_sk, v, tmpbuf, st->num, st->uid);
2392 case TCP_SEQ_STATE_TIME_WAIT:
2393 get_timewait4_sock(v, tmpbuf, st->num);
2396 seq_printf(seq, "%-*s\n", TMPSZ - 1, tmpbuf);
2401 static struct file_operations tcp4_seq_fops;
2402 static struct tcp_seq_afinfo tcp4_seq_afinfo = {
2403 .owner = THIS_MODULE,
2406 .seq_show = tcp4_seq_show,
2407 .seq_fops = &tcp4_seq_fops,
2410 int __init tcp4_proc_init(void)
2412 return tcp_proc_register(&tcp4_seq_afinfo);
2415 void tcp4_proc_exit(void)
2417 tcp_proc_unregister(&tcp4_seq_afinfo);
2419 #endif /* CONFIG_PROC_FS */
2421 DEFINE_PROTO_INUSE(tcp)
2423 struct proto tcp_prot = {
2425 .owner = THIS_MODULE,
2427 .connect = tcp_v4_connect,
2428 .disconnect = tcp_disconnect,
2429 .accept = inet_csk_accept,
2431 .init = tcp_v4_init_sock,
2432 .destroy = tcp_v4_destroy_sock,
2433 .shutdown = tcp_shutdown,
2434 .setsockopt = tcp_setsockopt,
2435 .getsockopt = tcp_getsockopt,
2436 .recvmsg = tcp_recvmsg,
2437 .backlog_rcv = tcp_v4_do_rcv,
2438 .hash = tcp_v4_hash,
2439 .unhash = tcp_unhash,
2440 .get_port = tcp_v4_get_port,
2441 .enter_memory_pressure = tcp_enter_memory_pressure,
2442 .sockets_allocated = &tcp_sockets_allocated,
2443 .orphan_count = &tcp_orphan_count,
2444 .memory_allocated = &tcp_memory_allocated,
2445 .memory_pressure = &tcp_memory_pressure,
2446 .sysctl_mem = sysctl_tcp_mem,
2447 .sysctl_wmem = sysctl_tcp_wmem,
2448 .sysctl_rmem = sysctl_tcp_rmem,
2449 .max_header = MAX_TCP_HEADER,
2450 .obj_size = sizeof(struct tcp_sock),
2451 .twsk_prot = &tcp_timewait_sock_ops,
2452 .rsk_prot = &tcp_request_sock_ops,
2453 #ifdef CONFIG_COMPAT
2454 .compat_setsockopt = compat_tcp_setsockopt,
2455 .compat_getsockopt = compat_tcp_getsockopt,
2457 REF_PROTO_INUSE(tcp)
2460 void __init tcp_v4_init(struct net_proto_family *ops)
2462 if (inet_csk_ctl_sock_create(&tcp_socket, PF_INET, SOCK_RAW,
2464 panic("Failed to create the TCP control socket.\n");
2467 EXPORT_SYMBOL(ipv4_specific);
2468 EXPORT_SYMBOL(tcp_hashinfo);
2469 EXPORT_SYMBOL(tcp_prot);
2470 EXPORT_SYMBOL(tcp_unhash);
2471 EXPORT_SYMBOL(tcp_v4_conn_request);
2472 EXPORT_SYMBOL(tcp_v4_connect);
2473 EXPORT_SYMBOL(tcp_v4_do_rcv);
2474 EXPORT_SYMBOL(tcp_v4_remember_stamp);
2475 EXPORT_SYMBOL(tcp_v4_send_check);
2476 EXPORT_SYMBOL(tcp_v4_syn_recv_sock);
2478 #ifdef CONFIG_PROC_FS
2479 EXPORT_SYMBOL(tcp_proc_register);
2480 EXPORT_SYMBOL(tcp_proc_unregister);
2482 EXPORT_SYMBOL(sysctl_tcp_low_latency);
git.samba.org / sfrench / cifs-2.6.git / blob