3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/netdma.h>
63 #include <net/inet_common.h>
64 #include <net/secure_seq.h>
65 #include <net/tcp_memcontrol.h>
67 #include <asm/uaccess.h>
69 #include <linux/proc_fs.h>
70 #include <linux/seq_file.h>
72 #include <linux/crypto.h>
73 #include <linux/scatterlist.h>
75 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
76 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
77 struct request_sock *req);
79 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
81 static const struct inet_connection_sock_af_ops ipv6_mapped;
82 static const struct inet_connection_sock_af_ops ipv6_specific;
83 #ifdef CONFIG_TCP_MD5SIG
84 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
85 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
87 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
88 const struct in6_addr *addr)
94 static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
96 struct dst_entry *dst = skb_dst(skb);
97 const struct rt6_info *rt = (const struct rt6_info *)dst;
101 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
103 inet6_sk(sk)->rx_dst_cookie = rt->rt6i_node->fn_sernum;
106 static void tcp_v6_hash(struct sock *sk)
108 if (sk->sk_state != TCP_CLOSE) {
109 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
114 __inet6_hash(sk, NULL);
119 static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
121 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
122 ipv6_hdr(skb)->saddr.s6_addr32,
124 tcp_hdr(skb)->source);
127 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
130 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
131 struct inet_sock *inet = inet_sk(sk);
132 struct inet_connection_sock *icsk = inet_csk(sk);
133 struct ipv6_pinfo *np = inet6_sk(sk);
134 struct tcp_sock *tp = tcp_sk(sk);
135 struct in6_addr *saddr = NULL, *final_p, final;
138 struct dst_entry *dst;
142 if (addr_len < SIN6_LEN_RFC2133)
145 if (usin->sin6_family != AF_INET6)
146 return -EAFNOSUPPORT;
148 memset(&fl6, 0, sizeof(fl6));
151 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
152 IP6_ECN_flow_init(fl6.flowlabel);
153 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
154 struct ip6_flowlabel *flowlabel;
155 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
156 if (flowlabel == NULL)
158 usin->sin6_addr = flowlabel->dst;
159 fl6_sock_release(flowlabel);
164 * connect() to INADDR_ANY means loopback (BSD'ism).
167 if(ipv6_addr_any(&usin->sin6_addr))
168 usin->sin6_addr.s6_addr[15] = 0x1;
170 addr_type = ipv6_addr_type(&usin->sin6_addr);
172 if(addr_type & IPV6_ADDR_MULTICAST)
175 if (addr_type&IPV6_ADDR_LINKLOCAL) {
176 if (addr_len >= sizeof(struct sockaddr_in6) &&
177 usin->sin6_scope_id) {
178 /* If interface is set while binding, indices
181 if (sk->sk_bound_dev_if &&
182 sk->sk_bound_dev_if != usin->sin6_scope_id)
185 sk->sk_bound_dev_if = usin->sin6_scope_id;
188 /* Connect to link-local address requires an interface */
189 if (!sk->sk_bound_dev_if)
193 if (tp->rx_opt.ts_recent_stamp &&
194 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
195 tp->rx_opt.ts_recent = 0;
196 tp->rx_opt.ts_recent_stamp = 0;
200 np->daddr = usin->sin6_addr;
201 np->flow_label = fl6.flowlabel;
207 if (addr_type == IPV6_ADDR_MAPPED) {
208 u32 exthdrlen = icsk->icsk_ext_hdr_len;
209 struct sockaddr_in sin;
211 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
213 if (__ipv6_only_sock(sk))
216 sin.sin_family = AF_INET;
217 sin.sin_port = usin->sin6_port;
218 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
220 icsk->icsk_af_ops = &ipv6_mapped;
221 sk->sk_backlog_rcv = tcp_v4_do_rcv;
222 #ifdef CONFIG_TCP_MD5SIG
223 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
226 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
229 icsk->icsk_ext_hdr_len = exthdrlen;
230 icsk->icsk_af_ops = &ipv6_specific;
231 sk->sk_backlog_rcv = tcp_v6_do_rcv;
232 #ifdef CONFIG_TCP_MD5SIG
233 tp->af_specific = &tcp_sock_ipv6_specific;
237 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
238 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
245 if (!ipv6_addr_any(&np->rcv_saddr))
246 saddr = &np->rcv_saddr;
248 fl6.flowi6_proto = IPPROTO_TCP;
249 fl6.daddr = np->daddr;
250 fl6.saddr = saddr ? *saddr : np->saddr;
251 fl6.flowi6_oif = sk->sk_bound_dev_if;
252 fl6.flowi6_mark = sk->sk_mark;
253 fl6.fl6_dport = usin->sin6_port;
254 fl6.fl6_sport = inet->inet_sport;
256 final_p = fl6_update_dst(&fl6, np->opt, &final);
258 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
260 dst = ip6_dst_lookup_flow(sk, &fl6, final_p, true);
268 np->rcv_saddr = *saddr;
271 /* set the source address */
273 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
275 sk->sk_gso_type = SKB_GSO_TCPV6;
276 __ip6_dst_store(sk, dst, NULL, NULL);
278 rt = (struct rt6_info *) dst;
279 if (tcp_death_row.sysctl_tw_recycle &&
280 !tp->rx_opt.ts_recent_stamp &&
281 ipv6_addr_equal(&rt->rt6i_dst.addr, &np->daddr))
282 tcp_fetch_timewait_stamp(sk, dst);
284 icsk->icsk_ext_hdr_len = 0;
286 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
289 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
291 inet->inet_dport = usin->sin6_port;
293 tcp_set_state(sk, TCP_SYN_SENT);
294 err = inet6_hash_connect(&tcp_death_row, sk);
298 if (!tp->write_seq && likely(!tp->repair))
299 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
304 err = tcp_connect(sk);
311 tcp_set_state(sk, TCP_CLOSE);
314 inet->inet_dport = 0;
315 sk->sk_route_caps = 0;
319 static void tcp_v6_mtu_reduced(struct sock *sk)
321 struct dst_entry *dst;
323 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
326 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
330 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
331 tcp_sync_mss(sk, dst_mtu(dst));
332 tcp_simple_retransmit(sk);
336 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
337 u8 type, u8 code, int offset, __be32 info)
339 const struct ipv6hdr *hdr = (const struct ipv6hdr*)skb->data;
340 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
341 struct ipv6_pinfo *np;
346 struct net *net = dev_net(skb->dev);
348 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
349 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
352 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
357 if (sk->sk_state == TCP_TIME_WAIT) {
358 inet_twsk_put(inet_twsk(sk));
363 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
364 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
366 if (sk->sk_state == TCP_CLOSE)
369 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
370 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
375 seq = ntohl(th->seq);
376 if (sk->sk_state != TCP_LISTEN &&
377 !between(seq, tp->snd_una, tp->snd_nxt)) {
378 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
384 if (type == NDISC_REDIRECT) {
385 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
388 dst->ops->redirect(dst, sk, skb);
391 if (type == ICMPV6_PKT_TOOBIG) {
392 /* We are not interested in TCP_LISTEN and open_requests
393 * (SYN-ACKs send out by Linux are always <576bytes so
394 * they should go through unfragmented).
396 if (sk->sk_state == TCP_LISTEN)
399 tp->mtu_info = ntohl(info);
400 if (!sock_owned_by_user(sk))
401 tcp_v6_mtu_reduced(sk);
402 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
408 icmpv6_err_convert(type, code, &err);
410 /* Might be for an request_sock */
411 switch (sk->sk_state) {
412 struct request_sock *req, **prev;
414 if (sock_owned_by_user(sk))
417 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
418 &hdr->saddr, inet6_iif(skb));
422 /* ICMPs are not backlogged, hence we cannot get
423 * an established socket here.
425 WARN_ON(req->sk != NULL);
427 if (seq != tcp_rsk(req)->snt_isn) {
428 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
432 inet_csk_reqsk_queue_drop(sk, req, prev);
433 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
437 case TCP_SYN_RECV: /* Cannot happen.
438 It can, it SYNs are crossed. --ANK */
439 if (!sock_owned_by_user(sk)) {
441 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
445 sk->sk_err_soft = err;
449 if (!sock_owned_by_user(sk) && np->recverr) {
451 sk->sk_error_report(sk);
453 sk->sk_err_soft = err;
461 static int tcp_v6_send_synack(struct sock *sk, struct dst_entry *dst,
463 struct request_sock *req,
466 struct inet6_request_sock *treq = inet6_rsk(req);
467 struct ipv6_pinfo *np = inet6_sk(sk);
468 struct sk_buff * skb;
471 /* First, grab a route. */
472 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL)
475 skb = tcp_make_synack(sk, dst, req, NULL);
478 __tcp_v6_send_check(skb, &treq->loc_addr, &treq->rmt_addr);
480 fl6->daddr = treq->rmt_addr;
481 skb_set_queue_mapping(skb, queue_mapping);
482 err = ip6_xmit(sk, skb, fl6, np->opt, np->tclass);
483 err = net_xmit_eval(err);
490 static int tcp_v6_rtx_synack(struct sock *sk, struct request_sock *req)
495 res = tcp_v6_send_synack(sk, NULL, &fl6, req, 0);
497 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
501 static void tcp_v6_reqsk_destructor(struct request_sock *req)
503 kfree_skb(inet6_rsk(req)->pktopts);
506 #ifdef CONFIG_TCP_MD5SIG
507 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
508 const struct in6_addr *addr)
510 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
513 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
514 struct sock *addr_sk)
516 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
519 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
520 struct request_sock *req)
522 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
525 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
528 struct tcp_md5sig cmd;
529 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
531 if (optlen < sizeof(cmd))
534 if (copy_from_user(&cmd, optval, sizeof(cmd)))
537 if (sin6->sin6_family != AF_INET6)
540 if (!cmd.tcpm_keylen) {
541 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
542 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
544 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
548 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
551 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
552 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
553 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
555 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
556 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
559 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
560 const struct in6_addr *daddr,
561 const struct in6_addr *saddr, int nbytes)
563 struct tcp6_pseudohdr *bp;
564 struct scatterlist sg;
566 bp = &hp->md5_blk.ip6;
567 /* 1. TCP pseudo-header (RFC2460) */
570 bp->protocol = cpu_to_be32(IPPROTO_TCP);
571 bp->len = cpu_to_be32(nbytes);
573 sg_init_one(&sg, bp, sizeof(*bp));
574 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
577 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
578 const struct in6_addr *daddr, struct in6_addr *saddr,
579 const struct tcphdr *th)
581 struct tcp_md5sig_pool *hp;
582 struct hash_desc *desc;
584 hp = tcp_get_md5sig_pool();
586 goto clear_hash_noput;
587 desc = &hp->md5_desc;
589 if (crypto_hash_init(desc))
591 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
593 if (tcp_md5_hash_header(hp, th))
595 if (tcp_md5_hash_key(hp, key))
597 if (crypto_hash_final(desc, md5_hash))
600 tcp_put_md5sig_pool();
604 tcp_put_md5sig_pool();
606 memset(md5_hash, 0, 16);
610 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
611 const struct sock *sk,
612 const struct request_sock *req,
613 const struct sk_buff *skb)
615 const struct in6_addr *saddr, *daddr;
616 struct tcp_md5sig_pool *hp;
617 struct hash_desc *desc;
618 const struct tcphdr *th = tcp_hdr(skb);
621 saddr = &inet6_sk(sk)->saddr;
622 daddr = &inet6_sk(sk)->daddr;
624 saddr = &inet6_rsk(req)->loc_addr;
625 daddr = &inet6_rsk(req)->rmt_addr;
627 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
628 saddr = &ip6h->saddr;
629 daddr = &ip6h->daddr;
632 hp = tcp_get_md5sig_pool();
634 goto clear_hash_noput;
635 desc = &hp->md5_desc;
637 if (crypto_hash_init(desc))
640 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
642 if (tcp_md5_hash_header(hp, th))
644 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
646 if (tcp_md5_hash_key(hp, key))
648 if (crypto_hash_final(desc, md5_hash))
651 tcp_put_md5sig_pool();
655 tcp_put_md5sig_pool();
657 memset(md5_hash, 0, 16);
661 static int tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb)
663 const __u8 *hash_location = NULL;
664 struct tcp_md5sig_key *hash_expected;
665 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
666 const struct tcphdr *th = tcp_hdr(skb);
670 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
671 hash_location = tcp_parse_md5sig_option(th);
673 /* We've parsed the options - do we have a hash? */
674 if (!hash_expected && !hash_location)
677 if (hash_expected && !hash_location) {
678 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
682 if (!hash_expected && hash_location) {
683 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
687 /* check the signature */
688 genhash = tcp_v6_md5_hash_skb(newhash,
692 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
693 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
694 genhash ? "failed" : "mismatch",
695 &ip6h->saddr, ntohs(th->source),
696 &ip6h->daddr, ntohs(th->dest));
703 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
705 .obj_size = sizeof(struct tcp6_request_sock),
706 .rtx_syn_ack = tcp_v6_rtx_synack,
707 .send_ack = tcp_v6_reqsk_send_ack,
708 .destructor = tcp_v6_reqsk_destructor,
709 .send_reset = tcp_v6_send_reset,
710 .syn_ack_timeout = tcp_syn_ack_timeout,
713 #ifdef CONFIG_TCP_MD5SIG
714 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
715 .md5_lookup = tcp_v6_reqsk_md5_lookup,
716 .calc_md5_hash = tcp_v6_md5_hash_skb,
720 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
721 u32 tsval, u32 tsecr,
722 struct tcp_md5sig_key *key, int rst, u8 tclass)
724 const struct tcphdr *th = tcp_hdr(skb);
726 struct sk_buff *buff;
728 struct net *net = dev_net(skb_dst(skb)->dev);
729 struct sock *ctl_sk = net->ipv6.tcp_sk;
730 unsigned int tot_len = sizeof(struct tcphdr);
731 struct dst_entry *dst;
735 tot_len += TCPOLEN_TSTAMP_ALIGNED;
736 #ifdef CONFIG_TCP_MD5SIG
738 tot_len += TCPOLEN_MD5SIG_ALIGNED;
741 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
746 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
748 t1 = (struct tcphdr *) skb_push(buff, tot_len);
749 skb_reset_transport_header(buff);
751 /* Swap the send and the receive. */
752 memset(t1, 0, sizeof(*t1));
753 t1->dest = th->source;
754 t1->source = th->dest;
755 t1->doff = tot_len / 4;
756 t1->seq = htonl(seq);
757 t1->ack_seq = htonl(ack);
758 t1->ack = !rst || !th->ack;
760 t1->window = htons(win);
762 topt = (__be32 *)(t1 + 1);
765 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
766 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
767 *topt++ = htonl(tsval);
768 *topt++ = htonl(tsecr);
771 #ifdef CONFIG_TCP_MD5SIG
773 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
774 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
775 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
776 &ipv6_hdr(skb)->saddr,
777 &ipv6_hdr(skb)->daddr, t1);
781 memset(&fl6, 0, sizeof(fl6));
782 fl6.daddr = ipv6_hdr(skb)->saddr;
783 fl6.saddr = ipv6_hdr(skb)->daddr;
785 buff->ip_summed = CHECKSUM_PARTIAL;
788 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
790 fl6.flowi6_proto = IPPROTO_TCP;
791 if (ipv6_addr_type(&fl6.daddr) & IPV6_ADDR_LINKLOCAL)
792 fl6.flowi6_oif = inet6_iif(skb);
793 fl6.fl6_dport = t1->dest;
794 fl6.fl6_sport = t1->source;
795 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
797 /* Pass a socket to ip6_dst_lookup either it is for RST
798 * Underlying function will use this to retrieve the network
801 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL, false);
803 skb_dst_set(buff, dst);
804 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
805 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
807 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
814 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
816 const struct tcphdr *th = tcp_hdr(skb);
817 u32 seq = 0, ack_seq = 0;
818 struct tcp_md5sig_key *key = NULL;
819 #ifdef CONFIG_TCP_MD5SIG
820 const __u8 *hash_location = NULL;
821 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
822 unsigned char newhash[16];
824 struct sock *sk1 = NULL;
830 if (!ipv6_unicast_destination(skb))
833 #ifdef CONFIG_TCP_MD5SIG
834 hash_location = tcp_parse_md5sig_option(th);
835 if (!sk && hash_location) {
837 * active side is lost. Try to find listening socket through
838 * source port, and then find md5 key through listening socket.
839 * we are not loose security here:
840 * Incoming packet is checked with md5 hash with finding key,
841 * no RST generated if md5 hash doesn't match.
843 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
844 &tcp_hashinfo, &ipv6h->saddr,
845 th->source, &ipv6h->daddr,
846 ntohs(th->source), inet6_iif(skb));
851 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
855 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, NULL, skb);
856 if (genhash || memcmp(hash_location, newhash, 16) != 0)
859 key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL;
864 seq = ntohl(th->ack_seq);
866 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
869 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, 0, key, 1, 0);
871 #ifdef CONFIG_TCP_MD5SIG
880 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack,
881 u32 win, u32 tsval, u32 tsecr,
882 struct tcp_md5sig_key *key, u8 tclass)
884 tcp_v6_send_response(skb, seq, ack, win, tsval, tsecr, key, 0, tclass);
887 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
889 struct inet_timewait_sock *tw = inet_twsk(sk);
890 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
892 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
893 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
894 tcp_time_stamp + tcptw->tw_ts_offset,
895 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw),
901 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
902 struct request_sock *req)
904 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1,
905 req->rcv_wnd, tcp_time_stamp, req->ts_recent,
906 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr), 0);
910 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
912 struct request_sock *req, **prev;
913 const struct tcphdr *th = tcp_hdr(skb);
916 /* Find possible connection requests. */
917 req = inet6_csk_search_req(sk, &prev, th->source,
918 &ipv6_hdr(skb)->saddr,
919 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
921 return tcp_check_req(sk, skb, req, prev, false);
923 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
924 &ipv6_hdr(skb)->saddr, th->source,
925 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
928 if (nsk->sk_state != TCP_TIME_WAIT) {
932 inet_twsk_put(inet_twsk(nsk));
936 #ifdef CONFIG_SYN_COOKIES
938 sk = cookie_v6_check(sk, skb);
943 /* FIXME: this is substantially similar to the ipv4 code.
944 * Can some kind of merge be done? -- erics
946 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
948 struct tcp_options_received tmp_opt;
949 struct request_sock *req;
950 struct inet6_request_sock *treq;
951 struct ipv6_pinfo *np = inet6_sk(sk);
952 struct tcp_sock *tp = tcp_sk(sk);
953 __u32 isn = TCP_SKB_CB(skb)->when;
954 struct dst_entry *dst = NULL;
956 bool want_cookie = false;
958 if (skb->protocol == htons(ETH_P_IP))
959 return tcp_v4_conn_request(sk, skb);
961 if (!ipv6_unicast_destination(skb))
964 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
965 want_cookie = tcp_syn_flood_action(sk, skb, "TCPv6");
970 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) {
971 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
975 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
979 #ifdef CONFIG_TCP_MD5SIG
980 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
983 tcp_clear_options(&tmp_opt);
984 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
985 tmp_opt.user_mss = tp->rx_opt.user_mss;
986 tcp_parse_options(skb, &tmp_opt, 0, NULL);
988 if (want_cookie && !tmp_opt.saw_tstamp)
989 tcp_clear_options(&tmp_opt);
991 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
992 tcp_openreq_init(req, &tmp_opt, skb);
994 treq = inet6_rsk(req);
995 treq->rmt_addr = ipv6_hdr(skb)->saddr;
996 treq->loc_addr = ipv6_hdr(skb)->daddr;
997 if (!want_cookie || tmp_opt.tstamp_ok)
998 TCP_ECN_create_request(req, skb, sock_net(sk));
1000 treq->iif = sk->sk_bound_dev_if;
1002 /* So that link locals have meaning */
1003 if (!sk->sk_bound_dev_if &&
1004 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1005 treq->iif = inet6_iif(skb);
1008 if (ipv6_opt_accepted(sk, skb) ||
1009 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1010 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1011 atomic_inc(&skb->users);
1012 treq->pktopts = skb;
1016 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1017 req->cookie_ts = tmp_opt.tstamp_ok;
1021 /* VJ's idea. We save last timestamp seen
1022 * from the destination in peer table, when entering
1023 * state TIME-WAIT, and check against it before
1024 * accepting new connection request.
1026 * If "isn" is not zero, this request hit alive
1027 * timewait bucket, so that all the necessary checks
1028 * are made in the function processing timewait state.
1030 if (tmp_opt.saw_tstamp &&
1031 tcp_death_row.sysctl_tw_recycle &&
1032 (dst = inet6_csk_route_req(sk, &fl6, req)) != NULL) {
1033 if (!tcp_peer_is_proven(req, dst, true)) {
1034 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_PAWSPASSIVEREJECTED);
1035 goto drop_and_release;
1038 /* Kill the following clause, if you dislike this way. */
1039 else if (!sysctl_tcp_syncookies &&
1040 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
1041 (sysctl_max_syn_backlog >> 2)) &&
1042 !tcp_peer_is_proven(req, dst, false)) {
1043 /* Without syncookies last quarter of
1044 * backlog is filled with destinations,
1045 * proven to be alive.
1046 * It means that we continue to communicate
1047 * to destinations, already remembered
1048 * to the moment of synflood.
1050 LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open request from %pI6/%u\n",
1051 &treq->rmt_addr, ntohs(tcp_hdr(skb)->source));
1052 goto drop_and_release;
1055 isn = tcp_v6_init_sequence(skb);
1058 tcp_rsk(req)->snt_isn = isn;
1060 if (security_inet_conn_request(sk, skb, req))
1061 goto drop_and_release;
1063 if (tcp_v6_send_synack(sk, dst, &fl6, req,
1064 skb_get_queue_mapping(skb)) ||
1068 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1069 tcp_rsk(req)->listener = NULL;
1070 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1078 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1079 return 0; /* don't send reset */
1082 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1083 struct request_sock *req,
1084 struct dst_entry *dst)
1086 struct inet6_request_sock *treq;
1087 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1088 struct tcp6_sock *newtcp6sk;
1089 struct inet_sock *newinet;
1090 struct tcp_sock *newtp;
1092 #ifdef CONFIG_TCP_MD5SIG
1093 struct tcp_md5sig_key *key;
1097 if (skb->protocol == htons(ETH_P_IP)) {
1102 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1107 newtcp6sk = (struct tcp6_sock *)newsk;
1108 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1110 newinet = inet_sk(newsk);
1111 newnp = inet6_sk(newsk);
1112 newtp = tcp_sk(newsk);
1114 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1116 ipv6_addr_set_v4mapped(newinet->inet_daddr, &newnp->daddr);
1118 ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr);
1120 newnp->rcv_saddr = newnp->saddr;
1122 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1123 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1124 #ifdef CONFIG_TCP_MD5SIG
1125 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1128 newnp->ipv6_ac_list = NULL;
1129 newnp->ipv6_fl_list = NULL;
1130 newnp->pktoptions = NULL;
1132 newnp->mcast_oif = inet6_iif(skb);
1133 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1134 newnp->rcv_tclass = ipv6_get_dsfield(ipv6_hdr(skb));
1137 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1138 * here, tcp_create_openreq_child now does this for us, see the comment in
1139 * that function for the gory details. -acme
1142 /* It is tricky place. Until this moment IPv4 tcp
1143 worked with IPv6 icsk.icsk_af_ops.
1146 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1151 treq = inet6_rsk(req);
1153 if (sk_acceptq_is_full(sk))
1157 dst = inet6_csk_route_req(sk, &fl6, req);
1162 newsk = tcp_create_openreq_child(sk, req, skb);
1167 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1168 * count here, tcp_create_openreq_child now does this for us, see the
1169 * comment in that function for the gory details. -acme
1172 newsk->sk_gso_type = SKB_GSO_TCPV6;
1173 __ip6_dst_store(newsk, dst, NULL, NULL);
1174 inet6_sk_rx_dst_set(newsk, skb);
1176 newtcp6sk = (struct tcp6_sock *)newsk;
1177 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1179 newtp = tcp_sk(newsk);
1180 newinet = inet_sk(newsk);
1181 newnp = inet6_sk(newsk);
1183 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1185 newnp->daddr = treq->rmt_addr;
1186 newnp->saddr = treq->loc_addr;
1187 newnp->rcv_saddr = treq->loc_addr;
1188 newsk->sk_bound_dev_if = treq->iif;
1190 /* Now IPv6 options...
1192 First: no IPv4 options.
1194 newinet->inet_opt = NULL;
1195 newnp->ipv6_ac_list = NULL;
1196 newnp->ipv6_fl_list = NULL;
1199 newnp->rxopt.all = np->rxopt.all;
1201 /* Clone pktoptions received with SYN */
1202 newnp->pktoptions = NULL;
1203 if (treq->pktopts != NULL) {
1204 newnp->pktoptions = skb_clone(treq->pktopts,
1205 sk_gfp_atomic(sk, GFP_ATOMIC));
1206 consume_skb(treq->pktopts);
1207 treq->pktopts = NULL;
1208 if (newnp->pktoptions)
1209 skb_set_owner_r(newnp->pktoptions, newsk);
1212 newnp->mcast_oif = inet6_iif(skb);
1213 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1214 newnp->rcv_tclass = ipv6_get_dsfield(ipv6_hdr(skb));
1216 /* Clone native IPv6 options from listening socket (if any)
1218 Yes, keeping reference count would be much more clever,
1219 but we make one more one thing there: reattach optmem
1223 newnp->opt = ipv6_dup_options(newsk, np->opt);
1225 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1227 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1228 newnp->opt->opt_flen);
1230 tcp_mtup_init(newsk);
1231 tcp_sync_mss(newsk, dst_mtu(dst));
1232 newtp->advmss = dst_metric_advmss(dst);
1233 if (tcp_sk(sk)->rx_opt.user_mss &&
1234 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1235 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1237 tcp_initialize_rcv_mss(newsk);
1238 tcp_synack_rtt_meas(newsk, req);
1239 newtp->total_retrans = req->num_retrans;
1241 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1242 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1244 #ifdef CONFIG_TCP_MD5SIG
1245 /* Copy over the MD5 key from the original socket */
1246 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1247 /* We're using one, so create a matching key
1248 * on the newsk structure. If we fail to get
1249 * memory, then we end up not copying the key
1252 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newnp->daddr,
1253 AF_INET6, key->key, key->keylen,
1254 sk_gfp_atomic(sk, GFP_ATOMIC));
1258 if (__inet_inherit_port(sk, newsk) < 0) {
1259 inet_csk_prepare_forced_close(newsk);
1263 __inet6_hash(newsk, NULL);
1268 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1272 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1276 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1278 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1279 if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr,
1280 &ipv6_hdr(skb)->daddr, skb->csum)) {
1281 skb->ip_summed = CHECKSUM_UNNECESSARY;
1286 skb->csum = ~csum_unfold(tcp_v6_check(skb->len,
1287 &ipv6_hdr(skb)->saddr,
1288 &ipv6_hdr(skb)->daddr, 0));
1290 if (skb->len <= 76) {
1291 return __skb_checksum_complete(skb);
1296 /* The socket must have it's spinlock held when we get
1299 * We have a potential double-lock case here, so even when
1300 * doing backlog processing we use the BH locking scheme.
1301 * This is because we cannot sleep with the original spinlock
1304 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1306 struct ipv6_pinfo *np = inet6_sk(sk);
1307 struct tcp_sock *tp;
1308 struct sk_buff *opt_skb = NULL;
1310 /* Imagine: socket is IPv6. IPv4 packet arrives,
1311 goes to IPv4 receive handler and backlogged.
1312 From backlog it always goes here. Kerboom...
1313 Fortunately, tcp_rcv_established and rcv_established
1314 handle them correctly, but it is not case with
1315 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1318 if (skb->protocol == htons(ETH_P_IP))
1319 return tcp_v4_do_rcv(sk, skb);
1321 #ifdef CONFIG_TCP_MD5SIG
1322 if (tcp_v6_inbound_md5_hash (sk, skb))
1326 if (sk_filter(sk, skb))
1330 * socket locking is here for SMP purposes as backlog rcv
1331 * is currently called with bh processing disabled.
1334 /* Do Stevens' IPV6_PKTOPTIONS.
1336 Yes, guys, it is the only place in our code, where we
1337 may make it not affecting IPv4.
1338 The rest of code is protocol independent,
1339 and I do not like idea to uglify IPv4.
1341 Actually, all the idea behind IPV6_PKTOPTIONS
1342 looks not very well thought. For now we latch
1343 options, received in the last packet, enqueued
1344 by tcp. Feel free to propose better solution.
1348 opt_skb = skb_clone(skb, sk_gfp_atomic(sk, GFP_ATOMIC));
1350 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1351 struct dst_entry *dst = sk->sk_rx_dst;
1353 sock_rps_save_rxhash(sk, skb);
1355 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1356 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1358 sk->sk_rx_dst = NULL;
1362 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1365 goto ipv6_pktoptions;
1369 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1372 if (sk->sk_state == TCP_LISTEN) {
1373 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1378 * Queue it on the new socket if the new socket is active,
1379 * otherwise we just shortcircuit this and continue with
1383 sock_rps_save_rxhash(nsk, skb);
1384 if (tcp_child_process(sk, nsk, skb))
1387 __kfree_skb(opt_skb);
1391 sock_rps_save_rxhash(sk, skb);
1393 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1396 goto ipv6_pktoptions;
1400 tcp_v6_send_reset(sk, skb);
1403 __kfree_skb(opt_skb);
1407 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1412 /* Do you ask, what is it?
1414 1. skb was enqueued by tcp.
1415 2. skb is added to tail of read queue, rather than out of order.
1416 3. socket is not in passive state.
1417 4. Finally, it really contains options, which user wants to receive.
1420 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1421 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1422 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1423 np->mcast_oif = inet6_iif(opt_skb);
1424 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1425 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1426 if (np->rxopt.bits.rxtclass)
1427 np->rcv_tclass = ipv6_get_dsfield(ipv6_hdr(skb));
1428 if (ipv6_opt_accepted(sk, opt_skb)) {
1429 skb_set_owner_r(opt_skb, sk);
1430 opt_skb = xchg(&np->pktoptions, opt_skb);
1432 __kfree_skb(opt_skb);
1433 opt_skb = xchg(&np->pktoptions, NULL);
1441 static int tcp_v6_rcv(struct sk_buff *skb)
1443 const struct tcphdr *th;
1444 const struct ipv6hdr *hdr;
1447 struct net *net = dev_net(skb->dev);
1449 if (skb->pkt_type != PACKET_HOST)
1453 * Count it even if it's bad.
1455 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1457 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1462 if (th->doff < sizeof(struct tcphdr)/4)
1464 if (!pskb_may_pull(skb, th->doff*4))
1467 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1471 hdr = ipv6_hdr(skb);
1472 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1473 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1474 skb->len - th->doff*4);
1475 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1476 TCP_SKB_CB(skb)->when = 0;
1477 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1478 TCP_SKB_CB(skb)->sacked = 0;
1480 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1485 if (sk->sk_state == TCP_TIME_WAIT)
1488 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1489 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1490 goto discard_and_relse;
1493 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1494 goto discard_and_relse;
1496 if (sk_filter(sk, skb))
1497 goto discard_and_relse;
1501 bh_lock_sock_nested(sk);
1503 if (!sock_owned_by_user(sk)) {
1504 #ifdef CONFIG_NET_DMA
1505 struct tcp_sock *tp = tcp_sk(sk);
1506 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1507 tp->ucopy.dma_chan = net_dma_find_channel();
1508 if (tp->ucopy.dma_chan)
1509 ret = tcp_v6_do_rcv(sk, skb);
1513 if (!tcp_prequeue(sk, skb))
1514 ret = tcp_v6_do_rcv(sk, skb);
1516 } else if (unlikely(sk_add_backlog(sk, skb,
1517 sk->sk_rcvbuf + sk->sk_sndbuf))) {
1519 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
1520 goto discard_and_relse;
1525 return ret ? -1 : 0;
1528 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1531 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1533 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1535 tcp_v6_send_reset(NULL, skb);
1552 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1553 inet_twsk_put(inet_twsk(sk));
1557 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1558 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1559 inet_twsk_put(inet_twsk(sk));
1563 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1568 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1569 &ipv6_hdr(skb)->saddr, th->source,
1570 &ipv6_hdr(skb)->daddr,
1571 ntohs(th->dest), inet6_iif(skb));
1573 struct inet_timewait_sock *tw = inet_twsk(sk);
1574 inet_twsk_deschedule(tw, &tcp_death_row);
1579 /* Fall through to ACK */
1582 tcp_v6_timewait_ack(sk, skb);
1586 case TCP_TW_SUCCESS:;
1591 static void tcp_v6_early_demux(struct sk_buff *skb)
1593 const struct ipv6hdr *hdr;
1594 const struct tcphdr *th;
1597 if (skb->pkt_type != PACKET_HOST)
1600 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1603 hdr = ipv6_hdr(skb);
1606 if (th->doff < sizeof(struct tcphdr) / 4)
1609 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1610 &hdr->saddr, th->source,
1611 &hdr->daddr, ntohs(th->dest),
1615 skb->destructor = sock_edemux;
1616 if (sk->sk_state != TCP_TIME_WAIT) {
1617 struct dst_entry *dst = sk->sk_rx_dst;
1620 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
1622 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1623 skb_dst_set_noref(skb, dst);
1628 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1629 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1630 .twsk_unique = tcp_twsk_unique,
1631 .twsk_destructor= tcp_twsk_destructor,
1634 static const struct inet_connection_sock_af_ops ipv6_specific = {
1635 .queue_xmit = inet6_csk_xmit,
1636 .send_check = tcp_v6_send_check,
1637 .rebuild_header = inet6_sk_rebuild_header,
1638 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1639 .conn_request = tcp_v6_conn_request,
1640 .syn_recv_sock = tcp_v6_syn_recv_sock,
1641 .net_header_len = sizeof(struct ipv6hdr),
1642 .net_frag_header_len = sizeof(struct frag_hdr),
1643 .setsockopt = ipv6_setsockopt,
1644 .getsockopt = ipv6_getsockopt,
1645 .addr2sockaddr = inet6_csk_addr2sockaddr,
1646 .sockaddr_len = sizeof(struct sockaddr_in6),
1647 .bind_conflict = inet6_csk_bind_conflict,
1648 #ifdef CONFIG_COMPAT
1649 .compat_setsockopt = compat_ipv6_setsockopt,
1650 .compat_getsockopt = compat_ipv6_getsockopt,
1654 #ifdef CONFIG_TCP_MD5SIG
1655 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1656 .md5_lookup = tcp_v6_md5_lookup,
1657 .calc_md5_hash = tcp_v6_md5_hash_skb,
1658 .md5_parse = tcp_v6_parse_md5_keys,
1663 * TCP over IPv4 via INET6 API
1666 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1667 .queue_xmit = ip_queue_xmit,
1668 .send_check = tcp_v4_send_check,
1669 .rebuild_header = inet_sk_rebuild_header,
1670 .sk_rx_dst_set = inet_sk_rx_dst_set,
1671 .conn_request = tcp_v6_conn_request,
1672 .syn_recv_sock = tcp_v6_syn_recv_sock,
1673 .net_header_len = sizeof(struct iphdr),
1674 .setsockopt = ipv6_setsockopt,
1675 .getsockopt = ipv6_getsockopt,
1676 .addr2sockaddr = inet6_csk_addr2sockaddr,
1677 .sockaddr_len = sizeof(struct sockaddr_in6),
1678 .bind_conflict = inet6_csk_bind_conflict,
1679 #ifdef CONFIG_COMPAT
1680 .compat_setsockopt = compat_ipv6_setsockopt,
1681 .compat_getsockopt = compat_ipv6_getsockopt,
1685 #ifdef CONFIG_TCP_MD5SIG
1686 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1687 .md5_lookup = tcp_v4_md5_lookup,
1688 .calc_md5_hash = tcp_v4_md5_hash_skb,
1689 .md5_parse = tcp_v6_parse_md5_keys,
1693 /* NOTE: A lot of things set to zero explicitly by call to
1694 * sk_alloc() so need not be done here.
1696 static int tcp_v6_init_sock(struct sock *sk)
1698 struct inet_connection_sock *icsk = inet_csk(sk);
1702 icsk->icsk_af_ops = &ipv6_specific;
1704 #ifdef CONFIG_TCP_MD5SIG
1705 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1711 static void tcp_v6_destroy_sock(struct sock *sk)
1713 tcp_v4_destroy_sock(sk);
1714 inet6_destroy_sock(sk);
1717 #ifdef CONFIG_PROC_FS
1718 /* Proc filesystem TCPv6 sock list dumping. */
1719 static void get_openreq6(struct seq_file *seq,
1720 const struct sock *sk, struct request_sock *req, int i, kuid_t uid)
1722 int ttd = req->expires - jiffies;
1723 const struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1724 const struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1730 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1731 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1733 src->s6_addr32[0], src->s6_addr32[1],
1734 src->s6_addr32[2], src->s6_addr32[3],
1735 ntohs(inet_rsk(req)->loc_port),
1736 dest->s6_addr32[0], dest->s6_addr32[1],
1737 dest->s6_addr32[2], dest->s6_addr32[3],
1738 ntohs(inet_rsk(req)->rmt_port),
1740 0,0, /* could print option size, but that is af dependent. */
1741 1, /* timers active (only the expire timer) */
1742 jiffies_to_clock_t(ttd),
1744 from_kuid_munged(seq_user_ns(seq), uid),
1745 0, /* non standard timer */
1746 0, /* open_requests have no inode */
1750 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1752 const struct in6_addr *dest, *src;
1755 unsigned long timer_expires;
1756 const struct inet_sock *inet = inet_sk(sp);
1757 const struct tcp_sock *tp = tcp_sk(sp);
1758 const struct inet_connection_sock *icsk = inet_csk(sp);
1759 const struct ipv6_pinfo *np = inet6_sk(sp);
1762 src = &np->rcv_saddr;
1763 destp = ntohs(inet->inet_dport);
1764 srcp = ntohs(inet->inet_sport);
1766 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1768 timer_expires = icsk->icsk_timeout;
1769 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1771 timer_expires = icsk->icsk_timeout;
1772 } else if (timer_pending(&sp->sk_timer)) {
1774 timer_expires = sp->sk_timer.expires;
1777 timer_expires = jiffies;
1781 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1782 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %pK %lu %lu %u %u %d\n",
1784 src->s6_addr32[0], src->s6_addr32[1],
1785 src->s6_addr32[2], src->s6_addr32[3], srcp,
1786 dest->s6_addr32[0], dest->s6_addr32[1],
1787 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1789 tp->write_seq-tp->snd_una,
1790 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1792 jiffies_delta_to_clock_t(timer_expires - jiffies),
1793 icsk->icsk_retransmits,
1794 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1795 icsk->icsk_probes_out,
1797 atomic_read(&sp->sk_refcnt), sp,
1798 jiffies_to_clock_t(icsk->icsk_rto),
1799 jiffies_to_clock_t(icsk->icsk_ack.ato),
1800 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1802 tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh
1806 static void get_timewait6_sock(struct seq_file *seq,
1807 struct inet_timewait_sock *tw, int i)
1809 const struct in6_addr *dest, *src;
1811 const struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
1812 long delta = tw->tw_ttd - jiffies;
1814 dest = &tw6->tw_v6_daddr;
1815 src = &tw6->tw_v6_rcv_saddr;
1816 destp = ntohs(tw->tw_dport);
1817 srcp = ntohs(tw->tw_sport);
1820 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1821 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1823 src->s6_addr32[0], src->s6_addr32[1],
1824 src->s6_addr32[2], src->s6_addr32[3], srcp,
1825 dest->s6_addr32[0], dest->s6_addr32[1],
1826 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1827 tw->tw_substate, 0, 0,
1828 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1829 atomic_read(&tw->tw_refcnt), tw);
1832 static int tcp6_seq_show(struct seq_file *seq, void *v)
1834 struct tcp_iter_state *st;
1836 if (v == SEQ_START_TOKEN) {
1841 "st tx_queue rx_queue tr tm->when retrnsmt"
1842 " uid timeout inode\n");
1847 switch (st->state) {
1848 case TCP_SEQ_STATE_LISTENING:
1849 case TCP_SEQ_STATE_ESTABLISHED:
1850 get_tcp6_sock(seq, v, st->num);
1852 case TCP_SEQ_STATE_OPENREQ:
1853 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
1855 case TCP_SEQ_STATE_TIME_WAIT:
1856 get_timewait6_sock(seq, v, st->num);
1863 static const struct file_operations tcp6_afinfo_seq_fops = {
1864 .owner = THIS_MODULE,
1865 .open = tcp_seq_open,
1867 .llseek = seq_lseek,
1868 .release = seq_release_net
1871 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1874 .seq_fops = &tcp6_afinfo_seq_fops,
1876 .show = tcp6_seq_show,
1880 int __net_init tcp6_proc_init(struct net *net)
1882 return tcp_proc_register(net, &tcp6_seq_afinfo);
1885 void tcp6_proc_exit(struct net *net)
1887 tcp_proc_unregister(net, &tcp6_seq_afinfo);
1891 struct proto tcpv6_prot = {
1893 .owner = THIS_MODULE,
1895 .connect = tcp_v6_connect,
1896 .disconnect = tcp_disconnect,
1897 .accept = inet_csk_accept,
1899 .init = tcp_v6_init_sock,
1900 .destroy = tcp_v6_destroy_sock,
1901 .shutdown = tcp_shutdown,
1902 .setsockopt = tcp_setsockopt,
1903 .getsockopt = tcp_getsockopt,
1904 .recvmsg = tcp_recvmsg,
1905 .sendmsg = tcp_sendmsg,
1906 .sendpage = tcp_sendpage,
1907 .backlog_rcv = tcp_v6_do_rcv,
1908 .release_cb = tcp_release_cb,
1909 .mtu_reduced = tcp_v6_mtu_reduced,
1910 .hash = tcp_v6_hash,
1911 .unhash = inet_unhash,
1912 .get_port = inet_csk_get_port,
1913 .enter_memory_pressure = tcp_enter_memory_pressure,
1914 .sockets_allocated = &tcp_sockets_allocated,
1915 .memory_allocated = &tcp_memory_allocated,
1916 .memory_pressure = &tcp_memory_pressure,
1917 .orphan_count = &tcp_orphan_count,
1918 .sysctl_wmem = sysctl_tcp_wmem,
1919 .sysctl_rmem = sysctl_tcp_rmem,
1920 .max_header = MAX_TCP_HEADER,
1921 .obj_size = sizeof(struct tcp6_sock),
1922 .slab_flags = SLAB_DESTROY_BY_RCU,
1923 .twsk_prot = &tcp6_timewait_sock_ops,
1924 .rsk_prot = &tcp6_request_sock_ops,
1925 .h.hashinfo = &tcp_hashinfo,
1926 .no_autobind = true,
1927 #ifdef CONFIG_COMPAT
1928 .compat_setsockopt = compat_tcp_setsockopt,
1929 .compat_getsockopt = compat_tcp_getsockopt,
1931 #ifdef CONFIG_MEMCG_KMEM
1932 .proto_cgroup = tcp_proto_cgroup,
1936 static const struct inet6_protocol tcpv6_protocol = {
1937 .early_demux = tcp_v6_early_demux,
1938 .handler = tcp_v6_rcv,
1939 .err_handler = tcp_v6_err,
1940 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1943 static struct inet_protosw tcpv6_protosw = {
1944 .type = SOCK_STREAM,
1945 .protocol = IPPROTO_TCP,
1946 .prot = &tcpv6_prot,
1947 .ops = &inet6_stream_ops,
1949 .flags = INET_PROTOSW_PERMANENT |
1953 static int __net_init tcpv6_net_init(struct net *net)
1955 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
1956 SOCK_RAW, IPPROTO_TCP, net);
1959 static void __net_exit tcpv6_net_exit(struct net *net)
1961 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
1964 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
1966 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
1969 static struct pernet_operations tcpv6_net_ops = {
1970 .init = tcpv6_net_init,
1971 .exit = tcpv6_net_exit,
1972 .exit_batch = tcpv6_net_exit_batch,
1975 int __init tcpv6_init(void)
1979 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
1983 /* register inet6 protocol */
1984 ret = inet6_register_protosw(&tcpv6_protosw);
1986 goto out_tcpv6_protocol;
1988 ret = register_pernet_subsys(&tcpv6_net_ops);
1990 goto out_tcpv6_protosw;
1995 inet6_unregister_protosw(&tcpv6_protosw);
1997 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2001 void tcpv6_exit(void)
2003 unregister_pernet_subsys(&tcpv6_net_ops);
2004 inet6_unregister_protosw(&tcpv6_protosw);
2005 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
projects / karo-tx-linux.git / blob