3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
42 #include <linux/uaccess.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/inet_common.h>
63 #include <net/secure_seq.h>
64 #include <net/busy_poll.h>
66 #include <linux/proc_fs.h>
67 #include <linux/seq_file.h>
69 #include <crypto/hash.h>
70 #include <linux/scatterlist.h>
72 #include <trace/events/tcp.h>
74 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
75 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
76 struct request_sock *req);
78 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
80 static const struct inet_connection_sock_af_ops ipv6_mapped;
81 static const struct inet_connection_sock_af_ops ipv6_specific;
82 #ifdef CONFIG_TCP_MD5SIG
83 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
84 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
86 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
87 const struct in6_addr *addr)
93 static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
95 struct dst_entry *dst = skb_dst(skb);
97 if (dst && dst_hold_safe(dst)) {
98 const struct rt6_info *rt = (const struct rt6_info *)dst;
101 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
102 inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt);
106 static u32 tcp_v6_init_seq(const struct sk_buff *skb)
108 return secure_tcpv6_seq(ipv6_hdr(skb)->daddr.s6_addr32,
109 ipv6_hdr(skb)->saddr.s6_addr32,
111 tcp_hdr(skb)->source);
114 static u32 tcp_v6_init_ts_off(const struct net *net, const struct sk_buff *skb)
116 return secure_tcpv6_ts_off(net, ipv6_hdr(skb)->daddr.s6_addr32,
117 ipv6_hdr(skb)->saddr.s6_addr32);
120 static int tcp_v6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
123 /* This check is replicated from tcp_v6_connect() and intended to
124 * prevent BPF program called below from accessing bytes that are out
125 * of the bound specified by user in addr_len.
127 if (addr_len < SIN6_LEN_RFC2133)
130 sock_owned_by_me(sk);
132 return BPF_CGROUP_RUN_PROG_INET6_CONNECT(sk, uaddr);
135 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
138 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
139 struct inet_sock *inet = inet_sk(sk);
140 struct inet_connection_sock *icsk = inet_csk(sk);
141 struct ipv6_pinfo *np = inet6_sk(sk);
142 struct tcp_sock *tp = tcp_sk(sk);
143 struct in6_addr *saddr = NULL, *final_p, final;
144 struct ipv6_txoptions *opt;
146 struct dst_entry *dst;
149 struct inet_timewait_death_row *tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row;
151 if (addr_len < SIN6_LEN_RFC2133)
154 if (usin->sin6_family != AF_INET6)
155 return -EAFNOSUPPORT;
157 memset(&fl6, 0, sizeof(fl6));
160 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
161 IP6_ECN_flow_init(fl6.flowlabel);
162 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
163 struct ip6_flowlabel *flowlabel;
164 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
167 fl6_sock_release(flowlabel);
172 * connect() to INADDR_ANY means loopback (BSD'ism).
175 if (ipv6_addr_any(&usin->sin6_addr)) {
176 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
177 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
180 usin->sin6_addr = in6addr_loopback;
183 addr_type = ipv6_addr_type(&usin->sin6_addr);
185 if (addr_type & IPV6_ADDR_MULTICAST)
188 if (addr_type&IPV6_ADDR_LINKLOCAL) {
189 if (addr_len >= sizeof(struct sockaddr_in6) &&
190 usin->sin6_scope_id) {
191 /* If interface is set while binding, indices
194 if (!sk_dev_equal_l3scope(sk, usin->sin6_scope_id))
197 sk->sk_bound_dev_if = usin->sin6_scope_id;
200 /* Connect to link-local address requires an interface */
201 if (!sk->sk_bound_dev_if)
205 if (tp->rx_opt.ts_recent_stamp &&
206 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
207 tp->rx_opt.ts_recent = 0;
208 tp->rx_opt.ts_recent_stamp = 0;
212 sk->sk_v6_daddr = usin->sin6_addr;
213 np->flow_label = fl6.flowlabel;
219 if (addr_type & IPV6_ADDR_MAPPED) {
220 u32 exthdrlen = icsk->icsk_ext_hdr_len;
221 struct sockaddr_in sin;
223 if (__ipv6_only_sock(sk))
226 sin.sin_family = AF_INET;
227 sin.sin_port = usin->sin6_port;
228 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
230 icsk->icsk_af_ops = &ipv6_mapped;
231 sk->sk_backlog_rcv = tcp_v4_do_rcv;
232 #ifdef CONFIG_TCP_MD5SIG
233 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
236 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
239 icsk->icsk_ext_hdr_len = exthdrlen;
240 icsk->icsk_af_ops = &ipv6_specific;
241 sk->sk_backlog_rcv = tcp_v6_do_rcv;
242 #ifdef CONFIG_TCP_MD5SIG
243 tp->af_specific = &tcp_sock_ipv6_specific;
247 np->saddr = sk->sk_v6_rcv_saddr;
252 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
253 saddr = &sk->sk_v6_rcv_saddr;
255 fl6.flowi6_proto = IPPROTO_TCP;
256 fl6.daddr = sk->sk_v6_daddr;
257 fl6.saddr = saddr ? *saddr : np->saddr;
258 fl6.flowi6_oif = sk->sk_bound_dev_if;
259 fl6.flowi6_mark = sk->sk_mark;
260 fl6.fl6_dport = usin->sin6_port;
261 fl6.fl6_sport = inet->inet_sport;
262 fl6.flowi6_uid = sk->sk_uid;
264 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
265 final_p = fl6_update_dst(&fl6, opt, &final);
267 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
269 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
277 sk->sk_v6_rcv_saddr = *saddr;
280 /* set the source address */
282 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
284 sk->sk_gso_type = SKB_GSO_TCPV6;
285 ip6_dst_store(sk, dst, NULL, NULL);
287 icsk->icsk_ext_hdr_len = 0;
289 icsk->icsk_ext_hdr_len = opt->opt_flen +
292 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
294 inet->inet_dport = usin->sin6_port;
296 tcp_set_state(sk, TCP_SYN_SENT);
297 err = inet6_hash_connect(tcp_death_row, sk);
303 if (likely(!tp->repair)) {
305 tp->write_seq = secure_tcpv6_seq(np->saddr.s6_addr32,
306 sk->sk_v6_daddr.s6_addr32,
309 tp->tsoffset = secure_tcpv6_ts_off(sock_net(sk),
311 sk->sk_v6_daddr.s6_addr32);
314 if (tcp_fastopen_defer_connect(sk, &err))
319 err = tcp_connect(sk);
326 tcp_set_state(sk, TCP_CLOSE);
328 inet->inet_dport = 0;
329 sk->sk_route_caps = 0;
333 static void tcp_v6_mtu_reduced(struct sock *sk)
335 struct dst_entry *dst;
337 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
340 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
344 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
345 tcp_sync_mss(sk, dst_mtu(dst));
346 tcp_simple_retransmit(sk);
350 static int tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
351 u8 type, u8 code, int offset, __be32 info)
353 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
354 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
355 struct net *net = dev_net(skb->dev);
356 struct request_sock *fastopen;
357 struct ipv6_pinfo *np;
364 sk = __inet6_lookup_established(net, &tcp_hashinfo,
365 &hdr->daddr, th->dest,
366 &hdr->saddr, ntohs(th->source),
367 skb->dev->ifindex, inet6_sdif(skb));
370 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
375 if (sk->sk_state == TCP_TIME_WAIT) {
376 inet_twsk_put(inet_twsk(sk));
379 seq = ntohl(th->seq);
380 fatal = icmpv6_err_convert(type, code, &err);
381 if (sk->sk_state == TCP_NEW_SYN_RECV) {
382 tcp_req_err(sk, seq, fatal);
387 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
388 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
390 if (sk->sk_state == TCP_CLOSE)
393 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
394 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
399 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
400 fastopen = tp->fastopen_rsk;
401 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
402 if (sk->sk_state != TCP_LISTEN &&
403 !between(seq, snd_una, tp->snd_nxt)) {
404 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
410 if (type == NDISC_REDIRECT) {
411 if (!sock_owned_by_user(sk)) {
412 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
415 dst->ops->redirect(dst, sk, skb);
420 if (type == ICMPV6_PKT_TOOBIG) {
421 /* We are not interested in TCP_LISTEN and open_requests
422 * (SYN-ACKs send out by Linux are always <576bytes so
423 * they should go through unfragmented).
425 if (sk->sk_state == TCP_LISTEN)
428 if (!ip6_sk_accept_pmtu(sk))
431 tp->mtu_info = ntohl(info);
432 if (!sock_owned_by_user(sk))
433 tcp_v6_mtu_reduced(sk);
434 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
441 /* Might be for an request_sock */
442 switch (sk->sk_state) {
445 /* Only in fast or simultaneous open. If a fast open socket is
446 * is already accepted it is treated as a connected one below.
448 if (fastopen && !fastopen->sk)
451 if (!sock_owned_by_user(sk)) {
453 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
457 sk->sk_err_soft = err;
461 if (!sock_owned_by_user(sk) && np->recverr) {
463 sk->sk_error_report(sk);
465 sk->sk_err_soft = err;
474 static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
476 struct request_sock *req,
477 struct tcp_fastopen_cookie *foc,
478 enum tcp_synack_type synack_type)
480 struct inet_request_sock *ireq = inet_rsk(req);
481 struct ipv6_pinfo *np = inet6_sk(sk);
482 struct ipv6_txoptions *opt;
483 struct flowi6 *fl6 = &fl->u.ip6;
487 /* First, grab a route. */
488 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
489 IPPROTO_TCP)) == NULL)
492 skb = tcp_make_synack(sk, dst, req, foc, synack_type);
495 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
496 &ireq->ir_v6_rmt_addr);
498 fl6->daddr = ireq->ir_v6_rmt_addr;
499 if (np->repflow && ireq->pktopts)
500 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
503 opt = ireq->ipv6_opt;
505 opt = rcu_dereference(np->opt);
506 err = ip6_xmit(sk, skb, fl6, sk->sk_mark, opt, np->tclass);
508 err = net_xmit_eval(err);
516 static void tcp_v6_reqsk_destructor(struct request_sock *req)
518 kfree(inet_rsk(req)->ipv6_opt);
519 kfree_skb(inet_rsk(req)->pktopts);
522 #ifdef CONFIG_TCP_MD5SIG
523 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
524 const struct in6_addr *addr)
526 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
529 static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
530 const struct sock *addr_sk)
532 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
535 static int tcp_v6_parse_md5_keys(struct sock *sk, int optname,
536 char __user *optval, int optlen)
538 struct tcp_md5sig cmd;
539 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
542 if (optlen < sizeof(cmd))
545 if (copy_from_user(&cmd, optval, sizeof(cmd)))
548 if (sin6->sin6_family != AF_INET6)
551 if (optname == TCP_MD5SIG_EXT &&
552 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
553 prefixlen = cmd.tcpm_prefixlen;
554 if (prefixlen > 128 || (ipv6_addr_v4mapped(&sin6->sin6_addr) &&
558 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128;
561 if (!cmd.tcpm_keylen) {
562 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
563 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
565 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
566 AF_INET6, prefixlen);
569 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
572 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
573 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
574 AF_INET, prefixlen, cmd.tcpm_key,
575 cmd.tcpm_keylen, GFP_KERNEL);
577 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
578 AF_INET6, prefixlen, cmd.tcpm_key,
579 cmd.tcpm_keylen, GFP_KERNEL);
582 static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp,
583 const struct in6_addr *daddr,
584 const struct in6_addr *saddr,
585 const struct tcphdr *th, int nbytes)
587 struct tcp6_pseudohdr *bp;
588 struct scatterlist sg;
592 /* 1. TCP pseudo-header (RFC2460) */
595 bp->protocol = cpu_to_be32(IPPROTO_TCP);
596 bp->len = cpu_to_be32(nbytes);
598 _th = (struct tcphdr *)(bp + 1);
599 memcpy(_th, th, sizeof(*th));
602 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
603 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
604 sizeof(*bp) + sizeof(*th));
605 return crypto_ahash_update(hp->md5_req);
608 static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
609 const struct in6_addr *daddr, struct in6_addr *saddr,
610 const struct tcphdr *th)
612 struct tcp_md5sig_pool *hp;
613 struct ahash_request *req;
615 hp = tcp_get_md5sig_pool();
617 goto clear_hash_noput;
620 if (crypto_ahash_init(req))
622 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
624 if (tcp_md5_hash_key(hp, key))
626 ahash_request_set_crypt(req, NULL, md5_hash, 0);
627 if (crypto_ahash_final(req))
630 tcp_put_md5sig_pool();
634 tcp_put_md5sig_pool();
636 memset(md5_hash, 0, 16);
640 static int tcp_v6_md5_hash_skb(char *md5_hash,
641 const struct tcp_md5sig_key *key,
642 const struct sock *sk,
643 const struct sk_buff *skb)
645 const struct in6_addr *saddr, *daddr;
646 struct tcp_md5sig_pool *hp;
647 struct ahash_request *req;
648 const struct tcphdr *th = tcp_hdr(skb);
650 if (sk) { /* valid for establish/request sockets */
651 saddr = &sk->sk_v6_rcv_saddr;
652 daddr = &sk->sk_v6_daddr;
654 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
655 saddr = &ip6h->saddr;
656 daddr = &ip6h->daddr;
659 hp = tcp_get_md5sig_pool();
661 goto clear_hash_noput;
664 if (crypto_ahash_init(req))
667 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len))
669 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
671 if (tcp_md5_hash_key(hp, key))
673 ahash_request_set_crypt(req, NULL, md5_hash, 0);
674 if (crypto_ahash_final(req))
677 tcp_put_md5sig_pool();
681 tcp_put_md5sig_pool();
683 memset(md5_hash, 0, 16);
689 static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
690 const struct sk_buff *skb)
692 #ifdef CONFIG_TCP_MD5SIG
693 const __u8 *hash_location = NULL;
694 struct tcp_md5sig_key *hash_expected;
695 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
696 const struct tcphdr *th = tcp_hdr(skb);
700 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
701 hash_location = tcp_parse_md5sig_option(th);
703 /* We've parsed the options - do we have a hash? */
704 if (!hash_expected && !hash_location)
707 if (hash_expected && !hash_location) {
708 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
712 if (!hash_expected && hash_location) {
713 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
717 /* check the signature */
718 genhash = tcp_v6_md5_hash_skb(newhash,
722 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
723 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE);
724 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
725 genhash ? "failed" : "mismatch",
726 &ip6h->saddr, ntohs(th->source),
727 &ip6h->daddr, ntohs(th->dest));
734 static void tcp_v6_init_req(struct request_sock *req,
735 const struct sock *sk_listener,
738 bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
739 struct inet_request_sock *ireq = inet_rsk(req);
740 const struct ipv6_pinfo *np = inet6_sk(sk_listener);
742 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
743 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
745 /* So that link locals have meaning */
746 if ((!sk_listener->sk_bound_dev_if || l3_slave) &&
747 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
748 ireq->ir_iif = tcp_v6_iif(skb);
750 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
751 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
752 np->rxopt.bits.rxinfo ||
753 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
754 np->rxopt.bits.rxohlim || np->repflow)) {
755 refcount_inc(&skb->users);
760 static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
762 const struct request_sock *req)
764 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
767 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
769 .obj_size = sizeof(struct tcp6_request_sock),
770 .rtx_syn_ack = tcp_rtx_synack,
771 .send_ack = tcp_v6_reqsk_send_ack,
772 .destructor = tcp_v6_reqsk_destructor,
773 .send_reset = tcp_v6_send_reset,
774 .syn_ack_timeout = tcp_syn_ack_timeout,
777 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
778 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
779 sizeof(struct ipv6hdr),
780 #ifdef CONFIG_TCP_MD5SIG
781 .req_md5_lookup = tcp_v6_md5_lookup,
782 .calc_md5_hash = tcp_v6_md5_hash_skb,
784 .init_req = tcp_v6_init_req,
785 #ifdef CONFIG_SYN_COOKIES
786 .cookie_init_seq = cookie_v6_init_sequence,
788 .route_req = tcp_v6_route_req,
789 .init_seq = tcp_v6_init_seq,
790 .init_ts_off = tcp_v6_init_ts_off,
791 .send_synack = tcp_v6_send_synack,
794 static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
795 u32 ack, u32 win, u32 tsval, u32 tsecr,
796 int oif, struct tcp_md5sig_key *key, int rst,
797 u8 tclass, __be32 label)
799 const struct tcphdr *th = tcp_hdr(skb);
801 struct sk_buff *buff;
803 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
804 struct sock *ctl_sk = net->ipv6.tcp_sk;
805 unsigned int tot_len = sizeof(struct tcphdr);
806 struct dst_entry *dst;
811 tot_len += TCPOLEN_TSTAMP_ALIGNED;
812 #ifdef CONFIG_TCP_MD5SIG
814 tot_len += TCPOLEN_MD5SIG_ALIGNED;
817 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
822 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
824 t1 = skb_push(buff, tot_len);
825 skb_reset_transport_header(buff);
827 /* Swap the send and the receive. */
828 memset(t1, 0, sizeof(*t1));
829 t1->dest = th->source;
830 t1->source = th->dest;
831 t1->doff = tot_len / 4;
832 t1->seq = htonl(seq);
833 t1->ack_seq = htonl(ack);
834 t1->ack = !rst || !th->ack;
836 t1->window = htons(win);
838 topt = (__be32 *)(t1 + 1);
841 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
842 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
843 *topt++ = htonl(tsval);
844 *topt++ = htonl(tsecr);
847 #ifdef CONFIG_TCP_MD5SIG
849 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
850 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
851 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
852 &ipv6_hdr(skb)->saddr,
853 &ipv6_hdr(skb)->daddr, t1);
857 memset(&fl6, 0, sizeof(fl6));
858 fl6.daddr = ipv6_hdr(skb)->saddr;
859 fl6.saddr = ipv6_hdr(skb)->daddr;
860 fl6.flowlabel = label;
862 buff->ip_summed = CHECKSUM_PARTIAL;
865 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
867 fl6.flowi6_proto = IPPROTO_TCP;
868 if (rt6_need_strict(&fl6.daddr) && !oif)
869 fl6.flowi6_oif = tcp_v6_iif(skb);
871 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
874 fl6.flowi6_oif = oif;
878 mark = (sk->sk_state == TCP_TIME_WAIT) ?
879 inet_twsk(sk)->tw_mark : sk->sk_mark;
880 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark) ?: mark;
881 fl6.fl6_dport = t1->dest;
882 fl6.fl6_sport = t1->source;
883 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
884 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
886 /* Pass a socket to ip6_dst_lookup either it is for RST
887 * Underlying function will use this to retrieve the network
890 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
892 skb_dst_set(buff, dst);
893 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL, tclass);
894 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
896 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
903 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
905 const struct tcphdr *th = tcp_hdr(skb);
906 u32 seq = 0, ack_seq = 0;
907 struct tcp_md5sig_key *key = NULL;
908 #ifdef CONFIG_TCP_MD5SIG
909 const __u8 *hash_location = NULL;
910 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
911 unsigned char newhash[16];
913 struct sock *sk1 = NULL;
920 /* If sk not NULL, it means we did a successful lookup and incoming
921 * route had to be correct. prequeue might have dropped our dst.
923 if (!sk && !ipv6_unicast_destination(skb))
926 #ifdef CONFIG_TCP_MD5SIG
928 hash_location = tcp_parse_md5sig_option(th);
929 if (sk && sk_fullsock(sk)) {
930 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr);
931 } else if (hash_location) {
933 * active side is lost. Try to find listening socket through
934 * source port, and then find md5 key through listening socket.
935 * we are not loose security here:
936 * Incoming packet is checked with md5 hash with finding key,
937 * no RST generated if md5 hash doesn't match.
939 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
940 &tcp_hashinfo, NULL, 0,
942 th->source, &ipv6h->daddr,
944 tcp_v6_iif_l3_slave(skb),
949 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
953 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
954 if (genhash || memcmp(hash_location, newhash, 16) != 0)
960 seq = ntohl(th->ack_seq);
962 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
966 oif = sk->sk_bound_dev_if;
968 trace_tcp_send_reset(sk, skb);
971 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0);
973 #ifdef CONFIG_TCP_MD5SIG
979 static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
980 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
981 struct tcp_md5sig_key *key, u8 tclass,
984 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
988 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
990 struct inet_timewait_sock *tw = inet_twsk(sk);
991 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
993 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
994 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
995 tcp_time_stamp_raw() + tcptw->tw_ts_offset,
996 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
997 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel));
1002 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
1003 struct request_sock *req)
1005 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
1006 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
1009 * The window field (SEG.WND) of every outgoing segment, with the
1010 * exception of <SYN> segments, MUST be right-shifted by
1011 * Rcv.Wind.Shift bits:
1013 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
1014 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
1015 tcp_rsk(req)->rcv_nxt,
1016 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
1017 tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
1018 req->ts_recent, sk->sk_bound_dev_if,
1019 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr),
1024 static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
1026 #ifdef CONFIG_SYN_COOKIES
1027 const struct tcphdr *th = tcp_hdr(skb);
1030 sk = cookie_v6_check(sk, skb);
1035 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1037 if (skb->protocol == htons(ETH_P_IP))
1038 return tcp_v4_conn_request(sk, skb);
1040 if (!ipv6_unicast_destination(skb))
1043 return tcp_conn_request(&tcp6_request_sock_ops,
1044 &tcp_request_sock_ipv6_ops, sk, skb);
1048 return 0; /* don't send reset */
1051 static void tcp_v6_restore_cb(struct sk_buff *skb)
1053 /* We need to move header back to the beginning if xfrm6_policy_check()
1054 * and tcp_v6_fill_cb() are going to be called again.
1055 * ip6_datagram_recv_specific_ctl() also expects IP6CB to be there.
1057 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1058 sizeof(struct inet6_skb_parm));
1061 static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
1062 struct request_sock *req,
1063 struct dst_entry *dst,
1064 struct request_sock *req_unhash,
1067 struct inet_request_sock *ireq;
1068 struct ipv6_pinfo *newnp;
1069 const struct ipv6_pinfo *np = inet6_sk(sk);
1070 struct ipv6_txoptions *opt;
1071 struct tcp6_sock *newtcp6sk;
1072 struct inet_sock *newinet;
1073 struct tcp_sock *newtp;
1075 #ifdef CONFIG_TCP_MD5SIG
1076 struct tcp_md5sig_key *key;
1080 if (skb->protocol == htons(ETH_P_IP)) {
1085 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1086 req_unhash, own_req);
1091 newtcp6sk = (struct tcp6_sock *)newsk;
1092 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1094 newinet = inet_sk(newsk);
1095 newnp = inet6_sk(newsk);
1096 newtp = tcp_sk(newsk);
1098 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1100 newnp->saddr = newsk->sk_v6_rcv_saddr;
1102 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1103 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1104 #ifdef CONFIG_TCP_MD5SIG
1105 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1108 newnp->ipv6_mc_list = NULL;
1109 newnp->ipv6_ac_list = NULL;
1110 newnp->ipv6_fl_list = NULL;
1111 newnp->pktoptions = NULL;
1113 newnp->mcast_oif = inet_iif(skb);
1114 newnp->mcast_hops = ip_hdr(skb)->ttl;
1115 newnp->rcv_flowinfo = 0;
1117 newnp->flow_label = 0;
1120 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1121 * here, tcp_create_openreq_child now does this for us, see the comment in
1122 * that function for the gory details. -acme
1125 /* It is tricky place. Until this moment IPv4 tcp
1126 worked with IPv6 icsk.icsk_af_ops.
1129 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1134 ireq = inet_rsk(req);
1136 if (sk_acceptq_is_full(sk))
1140 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
1145 newsk = tcp_create_openreq_child(sk, req, skb);
1150 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1151 * count here, tcp_create_openreq_child now does this for us, see the
1152 * comment in that function for the gory details. -acme
1155 newsk->sk_gso_type = SKB_GSO_TCPV6;
1156 ip6_dst_store(newsk, dst, NULL, NULL);
1157 inet6_sk_rx_dst_set(newsk, skb);
1159 newtcp6sk = (struct tcp6_sock *)newsk;
1160 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1162 newtp = tcp_sk(newsk);
1163 newinet = inet_sk(newsk);
1164 newnp = inet6_sk(newsk);
1166 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1168 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1169 newnp->saddr = ireq->ir_v6_loc_addr;
1170 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1171 newsk->sk_bound_dev_if = ireq->ir_iif;
1173 /* Now IPv6 options...
1175 First: no IPv4 options.
1177 newinet->inet_opt = NULL;
1178 newnp->ipv6_mc_list = NULL;
1179 newnp->ipv6_ac_list = NULL;
1180 newnp->ipv6_fl_list = NULL;
1183 newnp->rxopt.all = np->rxopt.all;
1185 newnp->pktoptions = NULL;
1187 newnp->mcast_oif = tcp_v6_iif(skb);
1188 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1189 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1191 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1193 /* Clone native IPv6 options from listening socket (if any)
1195 Yes, keeping reference count would be much more clever,
1196 but we make one more one thing there: reattach optmem
1199 opt = ireq->ipv6_opt;
1201 opt = rcu_dereference(np->opt);
1203 opt = ipv6_dup_options(newsk, opt);
1204 RCU_INIT_POINTER(newnp->opt, opt);
1206 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1208 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1211 tcp_ca_openreq_child(newsk, dst);
1213 tcp_sync_mss(newsk, dst_mtu(dst));
1214 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
1216 tcp_initialize_rcv_mss(newsk);
1218 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1219 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1221 #ifdef CONFIG_TCP_MD5SIG
1222 /* Copy over the MD5 key from the original socket */
1223 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
1225 /* We're using one, so create a matching key
1226 * on the newsk structure. If we fail to get
1227 * memory, then we end up not copying the key
1230 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
1231 AF_INET6, 128, key->key, key->keylen,
1232 sk_gfp_mask(sk, GFP_ATOMIC));
1236 if (__inet_inherit_port(sk, newsk) < 0) {
1237 inet_csk_prepare_forced_close(newsk);
1241 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
1243 tcp_move_syn(newtp, req);
1245 /* Clone pktoptions received with SYN, if we own the req */
1246 if (ireq->pktopts) {
1247 newnp->pktoptions = skb_clone(ireq->pktopts,
1248 sk_gfp_mask(sk, GFP_ATOMIC));
1249 consume_skb(ireq->pktopts);
1250 ireq->pktopts = NULL;
1251 if (newnp->pktoptions) {
1252 tcp_v6_restore_cb(newnp->pktoptions);
1253 skb_set_owner_r(newnp->pktoptions, newsk);
1261 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1269 /* The socket must have it's spinlock held when we get
1270 * here, unless it is a TCP_LISTEN socket.
1272 * We have a potential double-lock case here, so even when
1273 * doing backlog processing we use the BH locking scheme.
1274 * This is because we cannot sleep with the original spinlock
1277 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1279 struct ipv6_pinfo *np = inet6_sk(sk);
1280 struct tcp_sock *tp;
1281 struct sk_buff *opt_skb = NULL;
1283 /* Imagine: socket is IPv6. IPv4 packet arrives,
1284 goes to IPv4 receive handler and backlogged.
1285 From backlog it always goes here. Kerboom...
1286 Fortunately, tcp_rcv_established and rcv_established
1287 handle them correctly, but it is not case with
1288 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1291 if (skb->protocol == htons(ETH_P_IP))
1292 return tcp_v4_do_rcv(sk, skb);
1295 * socket locking is here for SMP purposes as backlog rcv
1296 * is currently called with bh processing disabled.
1299 /* Do Stevens' IPV6_PKTOPTIONS.
1301 Yes, guys, it is the only place in our code, where we
1302 may make it not affecting IPv4.
1303 The rest of code is protocol independent,
1304 and I do not like idea to uglify IPv4.
1306 Actually, all the idea behind IPV6_PKTOPTIONS
1307 looks not very well thought. For now we latch
1308 options, received in the last packet, enqueued
1309 by tcp. Feel free to propose better solution.
1313 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC));
1315 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1316 struct dst_entry *dst = sk->sk_rx_dst;
1318 sock_rps_save_rxhash(sk, skb);
1319 sk_mark_napi_id(sk, skb);
1321 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1322 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1324 sk->sk_rx_dst = NULL;
1328 tcp_rcv_established(sk, skb);
1330 goto ipv6_pktoptions;
1334 if (tcp_checksum_complete(skb))
1337 if (sk->sk_state == TCP_LISTEN) {
1338 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1344 if (tcp_child_process(sk, nsk, skb))
1347 __kfree_skb(opt_skb);
1351 sock_rps_save_rxhash(sk, skb);
1353 if (tcp_rcv_state_process(sk, skb))
1356 goto ipv6_pktoptions;
1360 tcp_v6_send_reset(sk, skb);
1363 __kfree_skb(opt_skb);
1367 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1368 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1373 /* Do you ask, what is it?
1375 1. skb was enqueued by tcp.
1376 2. skb is added to tail of read queue, rather than out of order.
1377 3. socket is not in passive state.
1378 4. Finally, it really contains options, which user wants to receive.
1381 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1382 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1383 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1384 np->mcast_oif = tcp_v6_iif(opt_skb);
1385 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1386 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1387 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1388 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
1390 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
1391 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1392 skb_set_owner_r(opt_skb, sk);
1393 tcp_v6_restore_cb(opt_skb);
1394 opt_skb = xchg(&np->pktoptions, opt_skb);
1396 __kfree_skb(opt_skb);
1397 opt_skb = xchg(&np->pktoptions, NULL);
1405 static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1406 const struct tcphdr *th)
1408 /* This is tricky: we move IP6CB at its correct location into
1409 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1410 * _decode_session6() uses IP6CB().
1411 * barrier() makes sure compiler won't play aliasing games.
1413 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1414 sizeof(struct inet6_skb_parm));
1417 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1418 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1419 skb->len - th->doff*4);
1420 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1421 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1422 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1423 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1424 TCP_SKB_CB(skb)->sacked = 0;
1425 TCP_SKB_CB(skb)->has_rxtstamp =
1426 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
1429 static int tcp_v6_rcv(struct sk_buff *skb)
1431 int sdif = inet6_sdif(skb);
1432 const struct tcphdr *th;
1433 const struct ipv6hdr *hdr;
1437 struct net *net = dev_net(skb->dev);
1439 if (skb->pkt_type != PACKET_HOST)
1443 * Count it even if it's bad.
1445 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1447 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1450 th = (const struct tcphdr *)skb->data;
1452 if (unlikely(th->doff < sizeof(struct tcphdr)/4))
1454 if (!pskb_may_pull(skb, th->doff*4))
1457 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
1460 th = (const struct tcphdr *)skb->data;
1461 hdr = ipv6_hdr(skb);
1464 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th),
1465 th->source, th->dest, inet6_iif(skb), sdif,
1471 if (sk->sk_state == TCP_TIME_WAIT)
1474 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1475 struct request_sock *req = inet_reqsk(sk);
1476 bool req_stolen = false;
1479 sk = req->rsk_listener;
1480 if (tcp_v6_inbound_md5_hash(sk, skb)) {
1481 sk_drops_add(sk, skb);
1485 if (tcp_checksum_complete(skb)) {
1489 if (unlikely(sk->sk_state != TCP_LISTEN)) {
1490 inet_csk_reqsk_queue_drop_and_put(sk, req);
1496 if (!tcp_filter(sk, skb)) {
1497 th = (const struct tcphdr *)skb->data;
1498 hdr = ipv6_hdr(skb);
1499 tcp_v6_fill_cb(skb, hdr, th);
1500 nsk = tcp_check_req(sk, skb, req, false, &req_stolen);
1505 /* Another cpu got exclusive access to req
1506 * and created a full blown socket.
1507 * Try to feed this packet to this socket
1508 * instead of discarding it.
1510 tcp_v6_restore_cb(skb);
1514 goto discard_and_relse;
1518 tcp_v6_restore_cb(skb);
1519 } else if (tcp_child_process(sk, nsk, skb)) {
1520 tcp_v6_send_reset(nsk, skb);
1521 goto discard_and_relse;
1527 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1528 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
1529 goto discard_and_relse;
1532 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1533 goto discard_and_relse;
1535 if (tcp_v6_inbound_md5_hash(sk, skb))
1536 goto discard_and_relse;
1538 if (tcp_filter(sk, skb))
1539 goto discard_and_relse;
1540 th = (const struct tcphdr *)skb->data;
1541 hdr = ipv6_hdr(skb);
1542 tcp_v6_fill_cb(skb, hdr, th);
1546 if (sk->sk_state == TCP_LISTEN) {
1547 ret = tcp_v6_do_rcv(sk, skb);
1548 goto put_and_return;
1551 sk_incoming_cpu_update(sk);
1553 bh_lock_sock_nested(sk);
1554 tcp_segs_in(tcp_sk(sk), skb);
1556 if (!sock_owned_by_user(sk)) {
1557 ret = tcp_v6_do_rcv(sk, skb);
1558 } else if (tcp_add_backlog(sk, skb)) {
1559 goto discard_and_relse;
1566 return ret ? -1 : 0;
1569 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1572 tcp_v6_fill_cb(skb, hdr, th);
1574 if (tcp_checksum_complete(skb)) {
1576 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1578 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1580 tcp_v6_send_reset(NULL, skb);
1588 sk_drops_add(sk, skb);
1594 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1595 inet_twsk_put(inet_twsk(sk));
1599 tcp_v6_fill_cb(skb, hdr, th);
1601 if (tcp_checksum_complete(skb)) {
1602 inet_twsk_put(inet_twsk(sk));
1606 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1611 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1612 skb, __tcp_hdrlen(th),
1613 &ipv6_hdr(skb)->saddr, th->source,
1614 &ipv6_hdr(skb)->daddr,
1616 tcp_v6_iif_l3_slave(skb),
1619 struct inet_timewait_sock *tw = inet_twsk(sk);
1620 inet_twsk_deschedule_put(tw);
1622 tcp_v6_restore_cb(skb);
1630 tcp_v6_timewait_ack(sk, skb);
1633 tcp_v6_send_reset(sk, skb);
1634 inet_twsk_deschedule_put(inet_twsk(sk));
1636 case TCP_TW_SUCCESS:
1642 static void tcp_v6_early_demux(struct sk_buff *skb)
1644 const struct ipv6hdr *hdr;
1645 const struct tcphdr *th;
1648 if (skb->pkt_type != PACKET_HOST)
1651 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1654 hdr = ipv6_hdr(skb);
1657 if (th->doff < sizeof(struct tcphdr) / 4)
1660 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
1661 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1662 &hdr->saddr, th->source,
1663 &hdr->daddr, ntohs(th->dest),
1664 inet6_iif(skb), inet6_sdif(skb));
1667 skb->destructor = sock_edemux;
1668 if (sk_fullsock(sk)) {
1669 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
1672 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
1674 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1675 skb_dst_set_noref(skb, dst);
1680 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1681 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1682 .twsk_unique = tcp_twsk_unique,
1683 .twsk_destructor = tcp_twsk_destructor,
1686 static const struct inet_connection_sock_af_ops ipv6_specific = {
1687 .queue_xmit = inet6_csk_xmit,
1688 .send_check = tcp_v6_send_check,
1689 .rebuild_header = inet6_sk_rebuild_header,
1690 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1691 .conn_request = tcp_v6_conn_request,
1692 .syn_recv_sock = tcp_v6_syn_recv_sock,
1693 .net_header_len = sizeof(struct ipv6hdr),
1694 .net_frag_header_len = sizeof(struct frag_hdr),
1695 .setsockopt = ipv6_setsockopt,
1696 .getsockopt = ipv6_getsockopt,
1697 .addr2sockaddr = inet6_csk_addr2sockaddr,
1698 .sockaddr_len = sizeof(struct sockaddr_in6),
1699 #ifdef CONFIG_COMPAT
1700 .compat_setsockopt = compat_ipv6_setsockopt,
1701 .compat_getsockopt = compat_ipv6_getsockopt,
1703 .mtu_reduced = tcp_v6_mtu_reduced,
1706 #ifdef CONFIG_TCP_MD5SIG
1707 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1708 .md5_lookup = tcp_v6_md5_lookup,
1709 .calc_md5_hash = tcp_v6_md5_hash_skb,
1710 .md5_parse = tcp_v6_parse_md5_keys,
1715 * TCP over IPv4 via INET6 API
1717 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1718 .queue_xmit = ip_queue_xmit,
1719 .send_check = tcp_v4_send_check,
1720 .rebuild_header = inet_sk_rebuild_header,
1721 .sk_rx_dst_set = inet_sk_rx_dst_set,
1722 .conn_request = tcp_v6_conn_request,
1723 .syn_recv_sock = tcp_v6_syn_recv_sock,
1724 .net_header_len = sizeof(struct iphdr),
1725 .setsockopt = ipv6_setsockopt,
1726 .getsockopt = ipv6_getsockopt,
1727 .addr2sockaddr = inet6_csk_addr2sockaddr,
1728 .sockaddr_len = sizeof(struct sockaddr_in6),
1729 #ifdef CONFIG_COMPAT
1730 .compat_setsockopt = compat_ipv6_setsockopt,
1731 .compat_getsockopt = compat_ipv6_getsockopt,
1733 .mtu_reduced = tcp_v4_mtu_reduced,
1736 #ifdef CONFIG_TCP_MD5SIG
1737 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1738 .md5_lookup = tcp_v4_md5_lookup,
1739 .calc_md5_hash = tcp_v4_md5_hash_skb,
1740 .md5_parse = tcp_v6_parse_md5_keys,
1744 /* NOTE: A lot of things set to zero explicitly by call to
1745 * sk_alloc() so need not be done here.
1747 static int tcp_v6_init_sock(struct sock *sk)
1749 struct inet_connection_sock *icsk = inet_csk(sk);
1753 icsk->icsk_af_ops = &ipv6_specific;
1755 #ifdef CONFIG_TCP_MD5SIG
1756 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1762 static void tcp_v6_destroy_sock(struct sock *sk)
1764 tcp_v4_destroy_sock(sk);
1765 inet6_destroy_sock(sk);
1768 #ifdef CONFIG_PROC_FS
1769 /* Proc filesystem TCPv6 sock list dumping. */
1770 static void get_openreq6(struct seq_file *seq,
1771 const struct request_sock *req, int i)
1773 long ttd = req->rsk_timer.expires - jiffies;
1774 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1775 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1781 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1782 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1784 src->s6_addr32[0], src->s6_addr32[1],
1785 src->s6_addr32[2], src->s6_addr32[3],
1786 inet_rsk(req)->ir_num,
1787 dest->s6_addr32[0], dest->s6_addr32[1],
1788 dest->s6_addr32[2], dest->s6_addr32[3],
1789 ntohs(inet_rsk(req)->ir_rmt_port),
1791 0, 0, /* could print option size, but that is af dependent. */
1792 1, /* timers active (only the expire timer) */
1793 jiffies_to_clock_t(ttd),
1795 from_kuid_munged(seq_user_ns(seq),
1796 sock_i_uid(req->rsk_listener)),
1797 0, /* non standard timer */
1798 0, /* open_requests have no inode */
1802 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1804 const struct in6_addr *dest, *src;
1807 unsigned long timer_expires;
1808 const struct inet_sock *inet = inet_sk(sp);
1809 const struct tcp_sock *tp = tcp_sk(sp);
1810 const struct inet_connection_sock *icsk = inet_csk(sp);
1811 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
1815 dest = &sp->sk_v6_daddr;
1816 src = &sp->sk_v6_rcv_saddr;
1817 destp = ntohs(inet->inet_dport);
1818 srcp = ntohs(inet->inet_sport);
1820 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
1821 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
1822 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
1824 timer_expires = icsk->icsk_timeout;
1825 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1827 timer_expires = icsk->icsk_timeout;
1828 } else if (timer_pending(&sp->sk_timer)) {
1830 timer_expires = sp->sk_timer.expires;
1833 timer_expires = jiffies;
1836 state = inet_sk_state_load(sp);
1837 if (state == TCP_LISTEN)
1838 rx_queue = sp->sk_ack_backlog;
1840 /* Because we don't lock the socket,
1841 * we might find a transient negative value.
1843 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
1846 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1847 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1849 src->s6_addr32[0], src->s6_addr32[1],
1850 src->s6_addr32[2], src->s6_addr32[3], srcp,
1851 dest->s6_addr32[0], dest->s6_addr32[1],
1852 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1854 tp->write_seq - tp->snd_una,
1857 jiffies_delta_to_clock_t(timer_expires - jiffies),
1858 icsk->icsk_retransmits,
1859 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1860 icsk->icsk_probes_out,
1862 refcount_read(&sp->sk_refcnt), sp,
1863 jiffies_to_clock_t(icsk->icsk_rto),
1864 jiffies_to_clock_t(icsk->icsk_ack.ato),
1865 (icsk->icsk_ack.quick << 1) | inet_csk_in_pingpong_mode(sp),
1867 state == TCP_LISTEN ?
1868 fastopenq->max_qlen :
1869 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1873 static void get_timewait6_sock(struct seq_file *seq,
1874 struct inet_timewait_sock *tw, int i)
1876 long delta = tw->tw_timer.expires - jiffies;
1877 const struct in6_addr *dest, *src;
1880 dest = &tw->tw_v6_daddr;
1881 src = &tw->tw_v6_rcv_saddr;
1882 destp = ntohs(tw->tw_dport);
1883 srcp = ntohs(tw->tw_sport);
1886 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1887 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1889 src->s6_addr32[0], src->s6_addr32[1],
1890 src->s6_addr32[2], src->s6_addr32[3], srcp,
1891 dest->s6_addr32[0], dest->s6_addr32[1],
1892 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1893 tw->tw_substate, 0, 0,
1894 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1895 refcount_read(&tw->tw_refcnt), tw);
1898 static int tcp6_seq_show(struct seq_file *seq, void *v)
1900 struct tcp_iter_state *st;
1901 struct sock *sk = v;
1903 if (v == SEQ_START_TOKEN) {
1908 "st tx_queue rx_queue tr tm->when retrnsmt"
1909 " uid timeout inode\n");
1914 if (sk->sk_state == TCP_TIME_WAIT)
1915 get_timewait6_sock(seq, v, st->num);
1916 else if (sk->sk_state == TCP_NEW_SYN_RECV)
1917 get_openreq6(seq, v, st->num);
1919 get_tcp6_sock(seq, v, st->num);
1924 static const struct seq_operations tcp6_seq_ops = {
1925 .show = tcp6_seq_show,
1926 .start = tcp_seq_start,
1927 .next = tcp_seq_next,
1928 .stop = tcp_seq_stop,
1931 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1935 int __net_init tcp6_proc_init(struct net *net)
1937 if (!proc_create_net_data("tcp6", 0444, net->proc_net, &tcp6_seq_ops,
1938 sizeof(struct tcp_iter_state), &tcp6_seq_afinfo))
1943 void tcp6_proc_exit(struct net *net)
1945 remove_proc_entry("tcp6", net->proc_net);
1949 struct proto tcpv6_prot = {
1951 .owner = THIS_MODULE,
1953 .pre_connect = tcp_v6_pre_connect,
1954 .connect = tcp_v6_connect,
1955 .disconnect = tcp_disconnect,
1956 .accept = inet_csk_accept,
1958 .init = tcp_v6_init_sock,
1959 .destroy = tcp_v6_destroy_sock,
1960 .shutdown = tcp_shutdown,
1961 .setsockopt = tcp_setsockopt,
1962 .getsockopt = tcp_getsockopt,
1963 .keepalive = tcp_set_keepalive,
1964 .recvmsg = tcp_recvmsg,
1965 .sendmsg = tcp_sendmsg,
1966 .sendpage = tcp_sendpage,
1967 .backlog_rcv = tcp_v6_do_rcv,
1968 .release_cb = tcp_release_cb,
1970 .unhash = inet_unhash,
1971 .get_port = inet_csk_get_port,
1972 .enter_memory_pressure = tcp_enter_memory_pressure,
1973 .leave_memory_pressure = tcp_leave_memory_pressure,
1974 .stream_memory_free = tcp_stream_memory_free,
1975 .sockets_allocated = &tcp_sockets_allocated,
1976 .memory_allocated = &tcp_memory_allocated,
1977 .memory_pressure = &tcp_memory_pressure,
1978 .orphan_count = &tcp_orphan_count,
1979 .sysctl_mem = sysctl_tcp_mem,
1980 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
1981 .sysctl_rmem_offset = offsetof(struct net, ipv4.sysctl_tcp_rmem),
1982 .max_header = MAX_TCP_HEADER,
1983 .obj_size = sizeof(struct tcp6_sock),
1984 .slab_flags = SLAB_TYPESAFE_BY_RCU,
1985 .twsk_prot = &tcp6_timewait_sock_ops,
1986 .rsk_prot = &tcp6_request_sock_ops,
1987 .h.hashinfo = &tcp_hashinfo,
1988 .no_autobind = true,
1989 #ifdef CONFIG_COMPAT
1990 .compat_setsockopt = compat_tcp_setsockopt,
1991 .compat_getsockopt = compat_tcp_getsockopt,
1993 .diag_destroy = tcp_abort,
1996 /* thinking of making this const? Don't.
1997 * early_demux can change based on sysctl.
1999 static struct inet6_protocol tcpv6_protocol = {
2000 .early_demux = tcp_v6_early_demux,
2001 .early_demux_handler = tcp_v6_early_demux,
2002 .handler = tcp_v6_rcv,
2003 .err_handler = tcp_v6_err,
2004 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2007 static struct inet_protosw tcpv6_protosw = {
2008 .type = SOCK_STREAM,
2009 .protocol = IPPROTO_TCP,
2010 .prot = &tcpv6_prot,
2011 .ops = &inet6_stream_ops,
2012 .flags = INET_PROTOSW_PERMANENT |
2016 static int __net_init tcpv6_net_init(struct net *net)
2018 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2019 SOCK_RAW, IPPROTO_TCP, net);
2022 static void __net_exit tcpv6_net_exit(struct net *net)
2024 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2027 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2029 inet_twsk_purge(&tcp_hashinfo, AF_INET6);
2032 static struct pernet_operations tcpv6_net_ops = {
2033 .init = tcpv6_net_init,
2034 .exit = tcpv6_net_exit,
2035 .exit_batch = tcpv6_net_exit_batch,
2038 int __init tcpv6_init(void)
2042 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2046 /* register inet6 protocol */
2047 ret = inet6_register_protosw(&tcpv6_protosw);
2049 goto out_tcpv6_protocol;
2051 ret = register_pernet_subsys(&tcpv6_net_ops);
2053 goto out_tcpv6_protosw;
2058 inet6_unregister_protosw(&tcpv6_protosw);
2060 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2064 void tcpv6_exit(void)
2066 unregister_pernet_subsys(&tcpv6_net_ops);
2067 inet6_unregister_protosw(&tcpv6_protosw);
2068 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
git.samba.org / sfrench / cifs-2.6.git / blob