3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
26 #include <linux/module.h>
27 #include <linux/errno.h>
28 #include <linux/types.h>
29 #include <linux/socket.h>
30 #include <linux/sockios.h>
31 #include <linux/net.h>
32 #include <linux/jiffies.h>
34 #include <linux/in6.h>
35 #include <linux/netdevice.h>
36 #include <linux/init.h>
37 #include <linux/jhash.h>
38 #include <linux/ipsec.h>
39 #include <linux/times.h>
41 #include <linux/ipv6.h>
42 #include <linux/icmpv6.h>
43 #include <linux/random.h>
46 #include <net/ndisc.h>
47 #include <net/inet6_hashtables.h>
48 #include <net/inet6_connection_sock.h>
50 #include <net/transp_v6.h>
51 #include <net/addrconf.h>
52 #include <net/ip6_route.h>
53 #include <net/ip6_checksum.h>
54 #include <net/inet_ecn.h>
55 #include <net/protocol.h>
58 #include <net/dsfield.h>
59 #include <net/timewait_sock.h>
60 #include <net/netdma.h>
61 #include <net/inet_common.h>
63 #include <asm/uaccess.h>
65 #include <linux/proc_fs.h>
66 #include <linux/seq_file.h>
68 #include <linux/crypto.h>
69 #include <linux/scatterlist.h>
71 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
72 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req);
74 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
76 static struct inet_connection_sock_af_ops ipv6_mapped;
77 static struct inet_connection_sock_af_ops ipv6_specific;
78 #ifdef CONFIG_TCP_MD5SIG
79 static struct tcp_sock_af_ops tcp_sock_ipv6_specific;
80 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
82 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
83 struct in6_addr *addr)
89 static void tcp_v6_hash(struct sock *sk)
91 if (sk->sk_state != TCP_CLOSE) {
92 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
102 static __inline__ __sum16 tcp_v6_check(struct tcphdr *th, int len,
103 struct in6_addr *saddr,
104 struct in6_addr *daddr,
107 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
110 static __u32 tcp_v6_init_sequence(struct sk_buff *skb)
112 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
113 ipv6_hdr(skb)->saddr.s6_addr32,
115 tcp_hdr(skb)->source);
118 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
121 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
122 struct inet_sock *inet = inet_sk(sk);
123 struct inet_connection_sock *icsk = inet_csk(sk);
124 struct ipv6_pinfo *np = inet6_sk(sk);
125 struct tcp_sock *tp = tcp_sk(sk);
126 struct in6_addr *saddr = NULL, *final_p = NULL, final;
128 struct dst_entry *dst;
132 if (addr_len < SIN6_LEN_RFC2133)
135 if (usin->sin6_family != AF_INET6)
136 return(-EAFNOSUPPORT);
138 memset(&fl, 0, sizeof(fl));
141 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
142 IP6_ECN_flow_init(fl.fl6_flowlabel);
143 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
144 struct ip6_flowlabel *flowlabel;
145 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
146 if (flowlabel == NULL)
148 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
149 fl6_sock_release(flowlabel);
154 * connect() to INADDR_ANY means loopback (BSD'ism).
157 if(ipv6_addr_any(&usin->sin6_addr))
158 usin->sin6_addr.s6_addr[15] = 0x1;
160 addr_type = ipv6_addr_type(&usin->sin6_addr);
162 if(addr_type & IPV6_ADDR_MULTICAST)
165 if (addr_type&IPV6_ADDR_LINKLOCAL) {
166 if (addr_len >= sizeof(struct sockaddr_in6) &&
167 usin->sin6_scope_id) {
168 /* If interface is set while binding, indices
171 if (sk->sk_bound_dev_if &&
172 sk->sk_bound_dev_if != usin->sin6_scope_id)
175 sk->sk_bound_dev_if = usin->sin6_scope_id;
178 /* Connect to link-local address requires an interface */
179 if (!sk->sk_bound_dev_if)
183 if (tp->rx_opt.ts_recent_stamp &&
184 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
185 tp->rx_opt.ts_recent = 0;
186 tp->rx_opt.ts_recent_stamp = 0;
190 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
191 np->flow_label = fl.fl6_flowlabel;
197 if (addr_type == IPV6_ADDR_MAPPED) {
198 u32 exthdrlen = icsk->icsk_ext_hdr_len;
199 struct sockaddr_in sin;
201 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
203 if (__ipv6_only_sock(sk))
206 sin.sin_family = AF_INET;
207 sin.sin_port = usin->sin6_port;
208 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
210 icsk->icsk_af_ops = &ipv6_mapped;
211 sk->sk_backlog_rcv = tcp_v4_do_rcv;
212 #ifdef CONFIG_TCP_MD5SIG
213 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
216 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
219 icsk->icsk_ext_hdr_len = exthdrlen;
220 icsk->icsk_af_ops = &ipv6_specific;
221 sk->sk_backlog_rcv = tcp_v6_do_rcv;
222 #ifdef CONFIG_TCP_MD5SIG
223 tp->af_specific = &tcp_sock_ipv6_specific;
227 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
229 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
236 if (!ipv6_addr_any(&np->rcv_saddr))
237 saddr = &np->rcv_saddr;
239 fl.proto = IPPROTO_TCP;
240 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
241 ipv6_addr_copy(&fl.fl6_src,
242 (saddr ? saddr : &np->saddr));
243 fl.oif = sk->sk_bound_dev_if;
244 fl.fl_ip_dport = usin->sin6_port;
245 fl.fl_ip_sport = inet->sport;
247 if (np->opt && np->opt->srcrt) {
248 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
249 ipv6_addr_copy(&final, &fl.fl6_dst);
250 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
254 security_sk_classify_flow(sk, &fl);
256 err = ip6_dst_lookup(sk, &dst, &fl);
260 ipv6_addr_copy(&fl.fl6_dst, final_p);
262 if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) {
264 err = ip6_dst_blackhole(sk, &dst, &fl);
271 ipv6_addr_copy(&np->rcv_saddr, saddr);
274 /* set the source address */
275 ipv6_addr_copy(&np->saddr, saddr);
276 inet->rcv_saddr = LOOPBACK4_IPV6;
278 sk->sk_gso_type = SKB_GSO_TCPV6;
279 __ip6_dst_store(sk, dst, NULL, NULL);
281 icsk->icsk_ext_hdr_len = 0;
283 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
286 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
288 inet->dport = usin->sin6_port;
290 tcp_set_state(sk, TCP_SYN_SENT);
291 err = inet6_hash_connect(&tcp_death_row, sk);
296 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
301 err = tcp_connect(sk);
308 tcp_set_state(sk, TCP_CLOSE);
312 sk->sk_route_caps = 0;
316 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
317 int type, int code, int offset, __be32 info)
319 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
320 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
321 struct ipv6_pinfo *np;
327 sk = inet6_lookup(dev_net(skb->dev), &tcp_hashinfo, &hdr->daddr,
328 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
331 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
335 if (sk->sk_state == TCP_TIME_WAIT) {
336 inet_twsk_put(inet_twsk(sk));
341 if (sock_owned_by_user(sk))
342 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
344 if (sk->sk_state == TCP_CLOSE)
348 seq = ntohl(th->seq);
349 if (sk->sk_state != TCP_LISTEN &&
350 !between(seq, tp->snd_una, tp->snd_nxt)) {
351 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
357 if (type == ICMPV6_PKT_TOOBIG) {
358 struct dst_entry *dst = NULL;
360 if (sock_owned_by_user(sk))
362 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
365 /* icmp should have updated the destination cache entry */
366 dst = __sk_dst_check(sk, np->dst_cookie);
369 struct inet_sock *inet = inet_sk(sk);
372 /* BUGGG_FUTURE: Again, it is not clear how
373 to handle rthdr case. Ignore this complexity
376 memset(&fl, 0, sizeof(fl));
377 fl.proto = IPPROTO_TCP;
378 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
379 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
380 fl.oif = sk->sk_bound_dev_if;
381 fl.fl_ip_dport = inet->dport;
382 fl.fl_ip_sport = inet->sport;
383 security_skb_classify_flow(skb, &fl);
385 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
386 sk->sk_err_soft = -err;
390 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
391 sk->sk_err_soft = -err;
398 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
399 tcp_sync_mss(sk, dst_mtu(dst));
400 tcp_simple_retransmit(sk);
401 } /* else let the usual retransmit timer handle it */
406 icmpv6_err_convert(type, code, &err);
408 /* Might be for an request_sock */
409 switch (sk->sk_state) {
410 struct request_sock *req, **prev;
412 if (sock_owned_by_user(sk))
415 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
416 &hdr->saddr, inet6_iif(skb));
420 /* ICMPs are not backlogged, hence we cannot get
421 * an established socket here.
423 BUG_TRAP(req->sk == NULL);
425 if (seq != tcp_rsk(req)->snt_isn) {
426 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
430 inet_csk_reqsk_queue_drop(sk, req, prev);
434 case TCP_SYN_RECV: /* Cannot happen.
435 It can, it SYNs are crossed. --ANK */
436 if (!sock_owned_by_user(sk)) {
438 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
442 sk->sk_err_soft = err;
446 if (!sock_owned_by_user(sk) && np->recverr) {
448 sk->sk_error_report(sk);
450 sk->sk_err_soft = err;
458 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req)
460 struct inet6_request_sock *treq = inet6_rsk(req);
461 struct ipv6_pinfo *np = inet6_sk(sk);
462 struct sk_buff * skb;
463 struct ipv6_txoptions *opt = NULL;
464 struct in6_addr * final_p = NULL, final;
466 struct dst_entry *dst;
469 memset(&fl, 0, sizeof(fl));
470 fl.proto = IPPROTO_TCP;
471 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
472 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
473 fl.fl6_flowlabel = 0;
475 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
476 fl.fl_ip_sport = inet_sk(sk)->sport;
477 security_req_classify_flow(req, &fl);
480 if (opt && opt->srcrt) {
481 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
482 ipv6_addr_copy(&final, &fl.fl6_dst);
483 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
487 err = ip6_dst_lookup(sk, &dst, &fl);
491 ipv6_addr_copy(&fl.fl6_dst, final_p);
492 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
495 skb = tcp_make_synack(sk, dst, req);
497 struct tcphdr *th = tcp_hdr(skb);
499 th->check = tcp_v6_check(th, skb->len,
500 &treq->loc_addr, &treq->rmt_addr,
501 csum_partial((char *)th, skb->len, skb->csum));
503 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
504 err = ip6_xmit(sk, skb, &fl, opt, 0);
505 err = net_xmit_eval(err);
509 if (opt && opt != np->opt)
510 sock_kfree_s(sk, opt, opt->tot_len);
515 static inline void syn_flood_warning(struct sk_buff *skb)
517 #ifdef CONFIG_SYN_COOKIES
518 if (sysctl_tcp_syncookies)
520 "TCPv6: Possible SYN flooding on port %d. "
521 "Sending cookies.\n", ntohs(tcp_hdr(skb)->dest));
525 "TCPv6: Possible SYN flooding on port %d. "
526 "Dropping request.\n", ntohs(tcp_hdr(skb)->dest));
529 static void tcp_v6_reqsk_destructor(struct request_sock *req)
531 if (inet6_rsk(req)->pktopts)
532 kfree_skb(inet6_rsk(req)->pktopts);
535 #ifdef CONFIG_TCP_MD5SIG
536 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
537 struct in6_addr *addr)
539 struct tcp_sock *tp = tcp_sk(sk);
544 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
547 for (i = 0; i < tp->md5sig_info->entries6; i++) {
548 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, addr))
549 return &tp->md5sig_info->keys6[i].base;
554 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
555 struct sock *addr_sk)
557 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
560 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
561 struct request_sock *req)
563 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
566 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer,
567 char *newkey, u8 newkeylen)
569 /* Add key to the list */
570 struct tcp_md5sig_key *key;
571 struct tcp_sock *tp = tcp_sk(sk);
572 struct tcp6_md5sig_key *keys;
574 key = tcp_v6_md5_do_lookup(sk, peer);
576 /* modify existing entry - just update that one */
579 key->keylen = newkeylen;
581 /* reallocate new list if current one is full. */
582 if (!tp->md5sig_info) {
583 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
584 if (!tp->md5sig_info) {
588 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
590 if (tcp_alloc_md5sig_pool() == NULL) {
594 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
595 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
596 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
599 tcp_free_md5sig_pool();
604 if (tp->md5sig_info->entries6)
605 memmove(keys, tp->md5sig_info->keys6,
606 (sizeof (tp->md5sig_info->keys6[0]) *
607 tp->md5sig_info->entries6));
609 kfree(tp->md5sig_info->keys6);
610 tp->md5sig_info->keys6 = keys;
611 tp->md5sig_info->alloced6++;
614 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
616 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
617 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
619 tp->md5sig_info->entries6++;
624 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
625 u8 *newkey, __u8 newkeylen)
627 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
631 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer)
633 struct tcp_sock *tp = tcp_sk(sk);
636 for (i = 0; i < tp->md5sig_info->entries6; i++) {
637 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, peer)) {
639 kfree(tp->md5sig_info->keys6[i].base.key);
640 tp->md5sig_info->entries6--;
642 if (tp->md5sig_info->entries6 == 0) {
643 kfree(tp->md5sig_info->keys6);
644 tp->md5sig_info->keys6 = NULL;
645 tp->md5sig_info->alloced6 = 0;
647 /* shrink the database */
648 if (tp->md5sig_info->entries6 != i)
649 memmove(&tp->md5sig_info->keys6[i],
650 &tp->md5sig_info->keys6[i+1],
651 (tp->md5sig_info->entries6 - i)
652 * sizeof (tp->md5sig_info->keys6[0]));
654 tcp_free_md5sig_pool();
661 static void tcp_v6_clear_md5_list (struct sock *sk)
663 struct tcp_sock *tp = tcp_sk(sk);
666 if (tp->md5sig_info->entries6) {
667 for (i = 0; i < tp->md5sig_info->entries6; i++)
668 kfree(tp->md5sig_info->keys6[i].base.key);
669 tp->md5sig_info->entries6 = 0;
670 tcp_free_md5sig_pool();
673 kfree(tp->md5sig_info->keys6);
674 tp->md5sig_info->keys6 = NULL;
675 tp->md5sig_info->alloced6 = 0;
677 if (tp->md5sig_info->entries4) {
678 for (i = 0; i < tp->md5sig_info->entries4; i++)
679 kfree(tp->md5sig_info->keys4[i].base.key);
680 tp->md5sig_info->entries4 = 0;
681 tcp_free_md5sig_pool();
684 kfree(tp->md5sig_info->keys4);
685 tp->md5sig_info->keys4 = NULL;
686 tp->md5sig_info->alloced4 = 0;
689 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
692 struct tcp_md5sig cmd;
693 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
696 if (optlen < sizeof(cmd))
699 if (copy_from_user(&cmd, optval, sizeof(cmd)))
702 if (sin6->sin6_family != AF_INET6)
705 if (!cmd.tcpm_keylen) {
706 if (!tcp_sk(sk)->md5sig_info)
708 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
709 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
710 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
713 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
716 if (!tcp_sk(sk)->md5sig_info) {
717 struct tcp_sock *tp = tcp_sk(sk);
718 struct tcp_md5sig_info *p;
720 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
725 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
728 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
731 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
732 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
733 newkey, cmd.tcpm_keylen);
735 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
738 static int tcp_v6_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
739 struct in6_addr *saddr,
740 struct in6_addr *daddr,
741 struct tcphdr *th, unsigned int tcplen)
743 struct tcp_md5sig_pool *hp;
744 struct tcp6_pseudohdr *bp;
747 hp = tcp_get_md5sig_pool();
749 printk(KERN_WARNING "%s(): hash pool not found...\n", __func__);
750 goto clear_hash_noput;
753 bp = &hp->md5_blk.ip6;
755 /* 1. TCP pseudo-header (RFC2460) */
756 ipv6_addr_copy(&bp->saddr, saddr);
757 ipv6_addr_copy(&bp->daddr, daddr);
758 bp->len = htonl(tcplen);
759 bp->protocol = htonl(IPPROTO_TCP);
761 err = tcp_calc_md5_hash(md5_hash, key, sizeof(*bp),
767 /* Free up the crypto pool */
768 tcp_put_md5sig_pool();
772 tcp_put_md5sig_pool();
774 memset(md5_hash, 0, 16);
778 static int tcp_v6_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
780 struct dst_entry *dst,
781 struct request_sock *req,
782 struct tcphdr *th, unsigned int tcplen)
784 struct in6_addr *saddr, *daddr;
787 saddr = &inet6_sk(sk)->saddr;
788 daddr = &inet6_sk(sk)->daddr;
790 saddr = &inet6_rsk(req)->loc_addr;
791 daddr = &inet6_rsk(req)->rmt_addr;
793 return tcp_v6_do_calc_md5_hash(md5_hash, key,
798 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
800 __u8 *hash_location = NULL;
801 struct tcp_md5sig_key *hash_expected;
802 struct ipv6hdr *ip6h = ipv6_hdr(skb);
803 struct tcphdr *th = tcp_hdr(skb);
807 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
808 hash_location = tcp_parse_md5sig_option(th);
810 /* do we have a hash as expected? */
811 if (!hash_expected) {
814 if (net_ratelimit()) {
815 printk(KERN_INFO "MD5 Hash NOT expected but found "
816 "(" NIP6_FMT ", %u)->"
817 "(" NIP6_FMT ", %u)\n",
818 NIP6(ip6h->saddr), ntohs(th->source),
819 NIP6(ip6h->daddr), ntohs(th->dest));
824 if (!hash_location) {
825 if (net_ratelimit()) {
826 printk(KERN_INFO "MD5 Hash expected but NOT found "
827 "(" NIP6_FMT ", %u)->"
828 "(" NIP6_FMT ", %u)\n",
829 NIP6(ip6h->saddr), ntohs(th->source),
830 NIP6(ip6h->daddr), ntohs(th->dest));
835 /* check the signature */
836 genhash = tcp_v6_do_calc_md5_hash(newhash,
838 &ip6h->saddr, &ip6h->daddr,
840 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
841 if (net_ratelimit()) {
842 printk(KERN_INFO "MD5 Hash %s for "
843 "(" NIP6_FMT ", %u)->"
844 "(" NIP6_FMT ", %u)\n",
845 genhash ? "failed" : "mismatch",
846 NIP6(ip6h->saddr), ntohs(th->source),
847 NIP6(ip6h->daddr), ntohs(th->dest));
855 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
857 .obj_size = sizeof(struct tcp6_request_sock),
858 .rtx_syn_ack = tcp_v6_send_synack,
859 .send_ack = tcp_v6_reqsk_send_ack,
860 .destructor = tcp_v6_reqsk_destructor,
861 .send_reset = tcp_v6_send_reset
864 #ifdef CONFIG_TCP_MD5SIG
865 static struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
866 .md5_lookup = tcp_v6_reqsk_md5_lookup,
870 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
871 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
872 .twsk_unique = tcp_twsk_unique,
873 .twsk_destructor= tcp_twsk_destructor,
876 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb)
878 struct ipv6_pinfo *np = inet6_sk(sk);
879 struct tcphdr *th = tcp_hdr(skb);
881 if (skb->ip_summed == CHECKSUM_PARTIAL) {
882 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
883 skb->csum_start = skb_transport_header(skb) - skb->head;
884 skb->csum_offset = offsetof(struct tcphdr, check);
886 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
887 csum_partial((char *)th, th->doff<<2,
892 static int tcp_v6_gso_send_check(struct sk_buff *skb)
894 struct ipv6hdr *ipv6h;
897 if (!pskb_may_pull(skb, sizeof(*th)))
900 ipv6h = ipv6_hdr(skb);
904 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
906 skb->csum_start = skb_transport_header(skb) - skb->head;
907 skb->csum_offset = offsetof(struct tcphdr, check);
908 skb->ip_summed = CHECKSUM_PARTIAL;
912 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
914 struct tcphdr *th = tcp_hdr(skb), *t1;
915 struct sk_buff *buff;
917 struct net *net = dev_net(skb->dst->dev);
918 struct sock *ctl_sk = net->ipv6.tcp_sk;
919 unsigned int tot_len = sizeof(*th);
920 #ifdef CONFIG_TCP_MD5SIG
921 struct tcp_md5sig_key *key;
927 if (!ipv6_unicast_destination(skb))
930 #ifdef CONFIG_TCP_MD5SIG
932 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr);
937 tot_len += TCPOLEN_MD5SIG_ALIGNED;
941 * We need to grab some memory, and put together an RST,
942 * and then put it into the queue to be sent.
945 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
950 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
952 t1 = (struct tcphdr *) skb_push(buff, tot_len);
954 /* Swap the send and the receive. */
955 memset(t1, 0, sizeof(*t1));
956 t1->dest = th->source;
957 t1->source = th->dest;
958 t1->doff = tot_len / 4;
962 t1->seq = th->ack_seq;
965 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin
966 + skb->len - (th->doff<<2));
969 #ifdef CONFIG_TCP_MD5SIG
971 __be32 *opt = (__be32*)(t1 + 1);
972 opt[0] = htonl((TCPOPT_NOP << 24) |
974 (TCPOPT_MD5SIG << 8) |
976 tcp_v6_do_calc_md5_hash((__u8 *)&opt[1], key,
977 &ipv6_hdr(skb)->daddr,
978 &ipv6_hdr(skb)->saddr,
983 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0);
985 memset(&fl, 0, sizeof(fl));
986 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
987 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
989 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
990 sizeof(*t1), IPPROTO_TCP,
993 fl.proto = IPPROTO_TCP;
994 fl.oif = inet6_iif(skb);
995 fl.fl_ip_dport = t1->dest;
996 fl.fl_ip_sport = t1->source;
997 security_skb_classify_flow(skb, &fl);
999 /* Pass a socket to ip6_dst_lookup either it is for RST
1000 * Underlying function will use this to retrieve the network
1003 if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) {
1005 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1006 ip6_xmit(ctl_sk, buff, &fl, NULL, 0);
1007 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1008 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
1016 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts,
1017 struct tcp_md5sig_key *key)
1019 struct tcphdr *th = tcp_hdr(skb), *t1;
1020 struct sk_buff *buff;
1022 struct net *net = dev_net(skb->dev);
1023 struct sock *ctl_sk = net->ipv6.tcp_sk;
1024 unsigned int tot_len = sizeof(struct tcphdr);
1028 tot_len += TCPOLEN_TSTAMP_ALIGNED;
1029 #ifdef CONFIG_TCP_MD5SIG
1031 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1034 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1039 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1041 t1 = (struct tcphdr *) skb_push(buff,tot_len);
1043 /* Swap the send and the receive. */
1044 memset(t1, 0, sizeof(*t1));
1045 t1->dest = th->source;
1046 t1->source = th->dest;
1047 t1->doff = tot_len/4;
1048 t1->seq = htonl(seq);
1049 t1->ack_seq = htonl(ack);
1051 t1->window = htons(win);
1053 topt = (__be32 *)(t1 + 1);
1056 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1057 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
1058 *topt++ = htonl(tcp_time_stamp);
1062 #ifdef CONFIG_TCP_MD5SIG
1064 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1065 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
1066 tcp_v6_do_calc_md5_hash((__u8 *)topt, key,
1067 &ipv6_hdr(skb)->daddr,
1068 &ipv6_hdr(skb)->saddr,
1073 buff->csum = csum_partial((char *)t1, tot_len, 0);
1075 memset(&fl, 0, sizeof(fl));
1076 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1077 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1079 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1080 tot_len, IPPROTO_TCP,
1083 fl.proto = IPPROTO_TCP;
1084 fl.oif = inet6_iif(skb);
1085 fl.fl_ip_dport = t1->dest;
1086 fl.fl_ip_sport = t1->source;
1087 security_skb_classify_flow(skb, &fl);
1089 if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) {
1090 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1091 ip6_xmit(ctl_sk, buff, &fl, NULL, 0);
1092 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1100 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1102 struct inet_timewait_sock *tw = inet_twsk(sk);
1103 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1105 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1106 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1107 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw));
1112 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req)
1114 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent,
1115 tcp_v6_md5_do_lookup(skb->sk, &ipv6_hdr(skb)->daddr));
1119 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1121 struct request_sock *req, **prev;
1122 const struct tcphdr *th = tcp_hdr(skb);
1125 /* Find possible connection requests. */
1126 req = inet6_csk_search_req(sk, &prev, th->source,
1127 &ipv6_hdr(skb)->saddr,
1128 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1130 return tcp_check_req(sk, skb, req, prev);
1132 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
1133 &ipv6_hdr(skb)->saddr, th->source,
1134 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1137 if (nsk->sk_state != TCP_TIME_WAIT) {
1141 inet_twsk_put(inet_twsk(nsk));
1145 #ifdef CONFIG_SYN_COOKIES
1146 if (!th->rst && !th->syn && th->ack)
1147 sk = cookie_v6_check(sk, skb);
1152 /* FIXME: this is substantially similar to the ipv4 code.
1153 * Can some kind of merge be done? -- erics
1155 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1157 struct inet6_request_sock *treq;
1158 struct ipv6_pinfo *np = inet6_sk(sk);
1159 struct tcp_options_received tmp_opt;
1160 struct tcp_sock *tp = tcp_sk(sk);
1161 struct request_sock *req = NULL;
1162 __u32 isn = TCP_SKB_CB(skb)->when;
1163 #ifdef CONFIG_SYN_COOKIES
1164 int want_cookie = 0;
1166 #define want_cookie 0
1169 if (skb->protocol == htons(ETH_P_IP))
1170 return tcp_v4_conn_request(sk, skb);
1172 if (!ipv6_unicast_destination(skb))
1175 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1176 if (net_ratelimit())
1177 syn_flood_warning(skb);
1178 #ifdef CONFIG_SYN_COOKIES
1179 if (sysctl_tcp_syncookies)
1186 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1189 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1193 #ifdef CONFIG_TCP_MD5SIG
1194 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1197 tcp_clear_options(&tmp_opt);
1198 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1199 tmp_opt.user_mss = tp->rx_opt.user_mss;
1201 tcp_parse_options(skb, &tmp_opt, 0);
1203 if (want_cookie && !tmp_opt.saw_tstamp)
1204 tcp_clear_options(&tmp_opt);
1206 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1207 tcp_openreq_init(req, &tmp_opt, skb);
1209 treq = inet6_rsk(req);
1210 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1211 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1213 TCP_ECN_create_request(req, tcp_hdr(skb));
1216 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1217 req->cookie_ts = tmp_opt.tstamp_ok;
1219 if (ipv6_opt_accepted(sk, skb) ||
1220 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1221 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1222 atomic_inc(&skb->users);
1223 treq->pktopts = skb;
1225 treq->iif = sk->sk_bound_dev_if;
1227 /* So that link locals have meaning */
1228 if (!sk->sk_bound_dev_if &&
1229 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1230 treq->iif = inet6_iif(skb);
1232 isn = tcp_v6_init_sequence(skb);
1235 tcp_rsk(req)->snt_isn = isn;
1237 security_inet_conn_request(sk, skb, req);
1239 if (tcp_v6_send_synack(sk, req))
1243 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1251 return 0; /* don't send reset */
1254 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1255 struct request_sock *req,
1256 struct dst_entry *dst)
1258 struct inet6_request_sock *treq = inet6_rsk(req);
1259 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1260 struct tcp6_sock *newtcp6sk;
1261 struct inet_sock *newinet;
1262 struct tcp_sock *newtp;
1264 struct ipv6_txoptions *opt;
1265 #ifdef CONFIG_TCP_MD5SIG
1266 struct tcp_md5sig_key *key;
1269 if (skb->protocol == htons(ETH_P_IP)) {
1274 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1279 newtcp6sk = (struct tcp6_sock *)newsk;
1280 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1282 newinet = inet_sk(newsk);
1283 newnp = inet6_sk(newsk);
1284 newtp = tcp_sk(newsk);
1286 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1288 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
1291 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
1294 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1296 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1297 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1298 #ifdef CONFIG_TCP_MD5SIG
1299 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1302 newnp->pktoptions = NULL;
1304 newnp->mcast_oif = inet6_iif(skb);
1305 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1308 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1309 * here, tcp_create_openreq_child now does this for us, see the comment in
1310 * that function for the gory details. -acme
1313 /* It is tricky place. Until this moment IPv4 tcp
1314 worked with IPv6 icsk.icsk_af_ops.
1317 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1324 if (sk_acceptq_is_full(sk))
1328 struct in6_addr *final_p = NULL, final;
1331 memset(&fl, 0, sizeof(fl));
1332 fl.proto = IPPROTO_TCP;
1333 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1334 if (opt && opt->srcrt) {
1335 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
1336 ipv6_addr_copy(&final, &fl.fl6_dst);
1337 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1340 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1341 fl.oif = sk->sk_bound_dev_if;
1342 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1343 fl.fl_ip_sport = inet_sk(sk)->sport;
1344 security_req_classify_flow(req, &fl);
1346 if (ip6_dst_lookup(sk, &dst, &fl))
1350 ipv6_addr_copy(&fl.fl6_dst, final_p);
1352 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
1356 newsk = tcp_create_openreq_child(sk, req, skb);
1361 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1362 * count here, tcp_create_openreq_child now does this for us, see the
1363 * comment in that function for the gory details. -acme
1366 newsk->sk_gso_type = SKB_GSO_TCPV6;
1367 __ip6_dst_store(newsk, dst, NULL, NULL);
1369 newtcp6sk = (struct tcp6_sock *)newsk;
1370 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1372 newtp = tcp_sk(newsk);
1373 newinet = inet_sk(newsk);
1374 newnp = inet6_sk(newsk);
1376 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1378 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1379 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1380 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1381 newsk->sk_bound_dev_if = treq->iif;
1383 /* Now IPv6 options...
1385 First: no IPv4 options.
1387 newinet->opt = NULL;
1388 newnp->ipv6_fl_list = NULL;
1391 newnp->rxopt.all = np->rxopt.all;
1393 /* Clone pktoptions received with SYN */
1394 newnp->pktoptions = NULL;
1395 if (treq->pktopts != NULL) {
1396 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1397 kfree_skb(treq->pktopts);
1398 treq->pktopts = NULL;
1399 if (newnp->pktoptions)
1400 skb_set_owner_r(newnp->pktoptions, newsk);
1403 newnp->mcast_oif = inet6_iif(skb);
1404 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1406 /* Clone native IPv6 options from listening socket (if any)
1408 Yes, keeping reference count would be much more clever,
1409 but we make one more one thing there: reattach optmem
1413 newnp->opt = ipv6_dup_options(newsk, opt);
1415 sock_kfree_s(sk, opt, opt->tot_len);
1418 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1420 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1421 newnp->opt->opt_flen);
1423 tcp_mtup_init(newsk);
1424 tcp_sync_mss(newsk, dst_mtu(dst));
1425 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1426 tcp_initialize_rcv_mss(newsk);
1428 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
1430 #ifdef CONFIG_TCP_MD5SIG
1431 /* Copy over the MD5 key from the original socket */
1432 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1433 /* We're using one, so create a matching key
1434 * on the newsk structure. If we fail to get
1435 * memory, then we end up not copying the key
1438 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1440 tcp_v6_md5_do_add(newsk, &inet6_sk(sk)->daddr,
1441 newkey, key->keylen);
1445 __inet6_hash(newsk);
1446 __inet_inherit_port(sk, newsk);
1451 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
1453 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
1454 if (opt && opt != np->opt)
1455 sock_kfree_s(sk, opt, opt->tot_len);
1460 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1462 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1463 if (!tcp_v6_check(tcp_hdr(skb), skb->len, &ipv6_hdr(skb)->saddr,
1464 &ipv6_hdr(skb)->daddr, skb->csum)) {
1465 skb->ip_summed = CHECKSUM_UNNECESSARY;
1470 skb->csum = ~csum_unfold(tcp_v6_check(tcp_hdr(skb), skb->len,
1471 &ipv6_hdr(skb)->saddr,
1472 &ipv6_hdr(skb)->daddr, 0));
1474 if (skb->len <= 76) {
1475 return __skb_checksum_complete(skb);
1480 /* The socket must have it's spinlock held when we get
1483 * We have a potential double-lock case here, so even when
1484 * doing backlog processing we use the BH locking scheme.
1485 * This is because we cannot sleep with the original spinlock
1488 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1490 struct ipv6_pinfo *np = inet6_sk(sk);
1491 struct tcp_sock *tp;
1492 struct sk_buff *opt_skb = NULL;
1494 /* Imagine: socket is IPv6. IPv4 packet arrives,
1495 goes to IPv4 receive handler and backlogged.
1496 From backlog it always goes here. Kerboom...
1497 Fortunately, tcp_rcv_established and rcv_established
1498 handle them correctly, but it is not case with
1499 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1502 if (skb->protocol == htons(ETH_P_IP))
1503 return tcp_v4_do_rcv(sk, skb);
1505 #ifdef CONFIG_TCP_MD5SIG
1506 if (tcp_v6_inbound_md5_hash (sk, skb))
1510 if (sk_filter(sk, skb))
1514 * socket locking is here for SMP purposes as backlog rcv
1515 * is currently called with bh processing disabled.
1518 /* Do Stevens' IPV6_PKTOPTIONS.
1520 Yes, guys, it is the only place in our code, where we
1521 may make it not affecting IPv4.
1522 The rest of code is protocol independent,
1523 and I do not like idea to uglify IPv4.
1525 Actually, all the idea behind IPV6_PKTOPTIONS
1526 looks not very well thought. For now we latch
1527 options, received in the last packet, enqueued
1528 by tcp. Feel free to propose better solution.
1532 opt_skb = skb_clone(skb, GFP_ATOMIC);
1534 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1535 TCP_CHECK_TIMER(sk);
1536 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1538 TCP_CHECK_TIMER(sk);
1540 goto ipv6_pktoptions;
1544 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1547 if (sk->sk_state == TCP_LISTEN) {
1548 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1553 * Queue it on the new socket if the new socket is active,
1554 * otherwise we just shortcircuit this and continue with
1558 if (tcp_child_process(sk, nsk, skb))
1561 __kfree_skb(opt_skb);
1566 TCP_CHECK_TIMER(sk);
1567 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1569 TCP_CHECK_TIMER(sk);
1571 goto ipv6_pktoptions;
1575 tcp_v6_send_reset(sk, skb);
1578 __kfree_skb(opt_skb);
1582 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1587 /* Do you ask, what is it?
1589 1. skb was enqueued by tcp.
1590 2. skb is added to tail of read queue, rather than out of order.
1591 3. socket is not in passive state.
1592 4. Finally, it really contains options, which user wants to receive.
1595 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1596 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1597 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1598 np->mcast_oif = inet6_iif(opt_skb);
1599 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1600 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1601 if (ipv6_opt_accepted(sk, opt_skb)) {
1602 skb_set_owner_r(opt_skb, sk);
1603 opt_skb = xchg(&np->pktoptions, opt_skb);
1605 __kfree_skb(opt_skb);
1606 opt_skb = xchg(&np->pktoptions, NULL);
1615 static int tcp_v6_rcv(struct sk_buff *skb)
1620 struct net *net = dev_net(skb->dev);
1622 if (skb->pkt_type != PACKET_HOST)
1626 * Count it even if it's bad.
1628 TCP_INC_STATS_BH(TCP_MIB_INSEGS);
1630 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1635 if (th->doff < sizeof(struct tcphdr)/4)
1637 if (!pskb_may_pull(skb, th->doff*4))
1640 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1644 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1645 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1646 skb->len - th->doff*4);
1647 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1648 TCP_SKB_CB(skb)->when = 0;
1649 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(ipv6_hdr(skb));
1650 TCP_SKB_CB(skb)->sacked = 0;
1652 sk = __inet6_lookup(net, &tcp_hashinfo,
1653 &ipv6_hdr(skb)->saddr, th->source,
1654 &ipv6_hdr(skb)->daddr, ntohs(th->dest),
1661 if (sk->sk_state == TCP_TIME_WAIT)
1664 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1665 goto discard_and_relse;
1667 if (sk_filter(sk, skb))
1668 goto discard_and_relse;
1672 bh_lock_sock_nested(sk);
1674 if (!sock_owned_by_user(sk)) {
1675 #ifdef CONFIG_NET_DMA
1676 struct tcp_sock *tp = tcp_sk(sk);
1677 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1678 tp->ucopy.dma_chan = get_softnet_dma();
1679 if (tp->ucopy.dma_chan)
1680 ret = tcp_v6_do_rcv(sk, skb);
1684 if (!tcp_prequeue(sk, skb))
1685 ret = tcp_v6_do_rcv(sk, skb);
1688 sk_add_backlog(sk, skb);
1692 return ret ? -1 : 0;
1695 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1698 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1700 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1702 tcp_v6_send_reset(NULL, skb);
1719 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1720 inet_twsk_put(inet_twsk(sk));
1724 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1725 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1726 inet_twsk_put(inet_twsk(sk));
1730 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1735 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1736 &ipv6_hdr(skb)->daddr,
1737 ntohs(th->dest), inet6_iif(skb));
1739 struct inet_timewait_sock *tw = inet_twsk(sk);
1740 inet_twsk_deschedule(tw, &tcp_death_row);
1745 /* Fall through to ACK */
1748 tcp_v6_timewait_ack(sk, skb);
1752 case TCP_TW_SUCCESS:;
1757 static int tcp_v6_remember_stamp(struct sock *sk)
1759 /* Alas, not yet... */
1763 static struct inet_connection_sock_af_ops ipv6_specific = {
1764 .queue_xmit = inet6_csk_xmit,
1765 .send_check = tcp_v6_send_check,
1766 .rebuild_header = inet6_sk_rebuild_header,
1767 .conn_request = tcp_v6_conn_request,
1768 .syn_recv_sock = tcp_v6_syn_recv_sock,
1769 .remember_stamp = tcp_v6_remember_stamp,
1770 .net_header_len = sizeof(struct ipv6hdr),
1771 .setsockopt = ipv6_setsockopt,
1772 .getsockopt = ipv6_getsockopt,
1773 .addr2sockaddr = inet6_csk_addr2sockaddr,
1774 .sockaddr_len = sizeof(struct sockaddr_in6),
1775 .bind_conflict = inet6_csk_bind_conflict,
1776 #ifdef CONFIG_COMPAT
1777 .compat_setsockopt = compat_ipv6_setsockopt,
1778 .compat_getsockopt = compat_ipv6_getsockopt,
1782 #ifdef CONFIG_TCP_MD5SIG
1783 static struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1784 .md5_lookup = tcp_v6_md5_lookup,
1785 .calc_md5_hash = tcp_v6_calc_md5_hash,
1786 .md5_add = tcp_v6_md5_add_func,
1787 .md5_parse = tcp_v6_parse_md5_keys,
1792 * TCP over IPv4 via INET6 API
1795 static struct inet_connection_sock_af_ops ipv6_mapped = {
1796 .queue_xmit = ip_queue_xmit,
1797 .send_check = tcp_v4_send_check,
1798 .rebuild_header = inet_sk_rebuild_header,
1799 .conn_request = tcp_v6_conn_request,
1800 .syn_recv_sock = tcp_v6_syn_recv_sock,
1801 .remember_stamp = tcp_v4_remember_stamp,
1802 .net_header_len = sizeof(struct iphdr),
1803 .setsockopt = ipv6_setsockopt,
1804 .getsockopt = ipv6_getsockopt,
1805 .addr2sockaddr = inet6_csk_addr2sockaddr,
1806 .sockaddr_len = sizeof(struct sockaddr_in6),
1807 .bind_conflict = inet6_csk_bind_conflict,
1808 #ifdef CONFIG_COMPAT
1809 .compat_setsockopt = compat_ipv6_setsockopt,
1810 .compat_getsockopt = compat_ipv6_getsockopt,
1814 #ifdef CONFIG_TCP_MD5SIG
1815 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1816 .md5_lookup = tcp_v4_md5_lookup,
1817 .calc_md5_hash = tcp_v4_calc_md5_hash,
1818 .md5_add = tcp_v6_md5_add_func,
1819 .md5_parse = tcp_v6_parse_md5_keys,
1823 /* NOTE: A lot of things set to zero explicitly by call to
1824 * sk_alloc() so need not be done here.
1826 static int tcp_v6_init_sock(struct sock *sk)
1828 struct inet_connection_sock *icsk = inet_csk(sk);
1829 struct tcp_sock *tp = tcp_sk(sk);
1831 skb_queue_head_init(&tp->out_of_order_queue);
1832 tcp_init_xmit_timers(sk);
1833 tcp_prequeue_init(tp);
1835 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1836 tp->mdev = TCP_TIMEOUT_INIT;
1838 /* So many TCP implementations out there (incorrectly) count the
1839 * initial SYN frame in their delayed-ACK and congestion control
1840 * algorithms that we must have the following bandaid to talk
1841 * efficiently to them. -DaveM
1845 /* See draft-stevens-tcpca-spec-01 for discussion of the
1846 * initialization of these values.
1848 tp->snd_ssthresh = 0x7fffffff;
1849 tp->snd_cwnd_clamp = ~0;
1850 tp->mss_cache = 536;
1852 tp->reordering = sysctl_tcp_reordering;
1854 sk->sk_state = TCP_CLOSE;
1856 icsk->icsk_af_ops = &ipv6_specific;
1857 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1858 icsk->icsk_sync_mss = tcp_sync_mss;
1859 sk->sk_write_space = sk_stream_write_space;
1860 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1862 #ifdef CONFIG_TCP_MD5SIG
1863 tp->af_specific = &tcp_sock_ipv6_specific;
1866 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1867 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1869 atomic_inc(&tcp_sockets_allocated);
1874 static void tcp_v6_destroy_sock(struct sock *sk)
1876 #ifdef CONFIG_TCP_MD5SIG
1877 /* Clean up the MD5 key list */
1878 if (tcp_sk(sk)->md5sig_info)
1879 tcp_v6_clear_md5_list(sk);
1881 tcp_v4_destroy_sock(sk);
1882 inet6_destroy_sock(sk);
1885 #ifdef CONFIG_PROC_FS
1886 /* Proc filesystem TCPv6 sock list dumping. */
1887 static void get_openreq6(struct seq_file *seq,
1888 struct sock *sk, struct request_sock *req, int i, int uid)
1890 int ttd = req->expires - jiffies;
1891 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1892 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1898 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1899 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1901 src->s6_addr32[0], src->s6_addr32[1],
1902 src->s6_addr32[2], src->s6_addr32[3],
1903 ntohs(inet_sk(sk)->sport),
1904 dest->s6_addr32[0], dest->s6_addr32[1],
1905 dest->s6_addr32[2], dest->s6_addr32[3],
1906 ntohs(inet_rsk(req)->rmt_port),
1908 0,0, /* could print option size, but that is af dependent. */
1909 1, /* timers active (only the expire timer) */
1910 jiffies_to_clock_t(ttd),
1913 0, /* non standard timer */
1914 0, /* open_requests have no inode */
1918 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1920 struct in6_addr *dest, *src;
1923 unsigned long timer_expires;
1924 struct inet_sock *inet = inet_sk(sp);
1925 struct tcp_sock *tp = tcp_sk(sp);
1926 const struct inet_connection_sock *icsk = inet_csk(sp);
1927 struct ipv6_pinfo *np = inet6_sk(sp);
1930 src = &np->rcv_saddr;
1931 destp = ntohs(inet->dport);
1932 srcp = ntohs(inet->sport);
1934 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1936 timer_expires = icsk->icsk_timeout;
1937 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1939 timer_expires = icsk->icsk_timeout;
1940 } else if (timer_pending(&sp->sk_timer)) {
1942 timer_expires = sp->sk_timer.expires;
1945 timer_expires = jiffies;
1949 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1950 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %lu %lu %u %u %d\n",
1952 src->s6_addr32[0], src->s6_addr32[1],
1953 src->s6_addr32[2], src->s6_addr32[3], srcp,
1954 dest->s6_addr32[0], dest->s6_addr32[1],
1955 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1957 tp->write_seq-tp->snd_una,
1958 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1960 jiffies_to_clock_t(timer_expires - jiffies),
1961 icsk->icsk_retransmits,
1963 icsk->icsk_probes_out,
1965 atomic_read(&sp->sk_refcnt), sp,
1966 jiffies_to_clock_t(icsk->icsk_rto),
1967 jiffies_to_clock_t(icsk->icsk_ack.ato),
1968 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1969 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
1973 static void get_timewait6_sock(struct seq_file *seq,
1974 struct inet_timewait_sock *tw, int i)
1976 struct in6_addr *dest, *src;
1978 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
1979 int ttd = tw->tw_ttd - jiffies;
1984 dest = &tw6->tw_v6_daddr;
1985 src = &tw6->tw_v6_rcv_saddr;
1986 destp = ntohs(tw->tw_dport);
1987 srcp = ntohs(tw->tw_sport);
1990 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1991 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1993 src->s6_addr32[0], src->s6_addr32[1],
1994 src->s6_addr32[2], src->s6_addr32[3], srcp,
1995 dest->s6_addr32[0], dest->s6_addr32[1],
1996 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1997 tw->tw_substate, 0, 0,
1998 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
1999 atomic_read(&tw->tw_refcnt), tw);
2002 static int tcp6_seq_show(struct seq_file *seq, void *v)
2004 struct tcp_iter_state *st;
2006 if (v == SEQ_START_TOKEN) {
2011 "st tx_queue rx_queue tr tm->when retrnsmt"
2012 " uid timeout inode\n");
2017 switch (st->state) {
2018 case TCP_SEQ_STATE_LISTENING:
2019 case TCP_SEQ_STATE_ESTABLISHED:
2020 get_tcp6_sock(seq, v, st->num);
2022 case TCP_SEQ_STATE_OPENREQ:
2023 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
2025 case TCP_SEQ_STATE_TIME_WAIT:
2026 get_timewait6_sock(seq, v, st->num);
2033 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2037 .owner = THIS_MODULE,
2040 .show = tcp6_seq_show,
2044 int tcp6_proc_init(struct net *net)
2046 return tcp_proc_register(net, &tcp6_seq_afinfo);
2049 void tcp6_proc_exit(struct net *net)
2051 tcp_proc_unregister(net, &tcp6_seq_afinfo);
2055 struct proto tcpv6_prot = {
2057 .owner = THIS_MODULE,
2059 .connect = tcp_v6_connect,
2060 .disconnect = tcp_disconnect,
2061 .accept = inet_csk_accept,
2063 .init = tcp_v6_init_sock,
2064 .destroy = tcp_v6_destroy_sock,
2065 .shutdown = tcp_shutdown,
2066 .setsockopt = tcp_setsockopt,
2067 .getsockopt = tcp_getsockopt,
2068 .recvmsg = tcp_recvmsg,
2069 .backlog_rcv = tcp_v6_do_rcv,
2070 .hash = tcp_v6_hash,
2071 .unhash = inet_unhash,
2072 .get_port = inet_csk_get_port,
2073 .enter_memory_pressure = tcp_enter_memory_pressure,
2074 .sockets_allocated = &tcp_sockets_allocated,
2075 .memory_allocated = &tcp_memory_allocated,
2076 .memory_pressure = &tcp_memory_pressure,
2077 .orphan_count = &tcp_orphan_count,
2078 .sysctl_mem = sysctl_tcp_mem,
2079 .sysctl_wmem = sysctl_tcp_wmem,
2080 .sysctl_rmem = sysctl_tcp_rmem,
2081 .max_header = MAX_TCP_HEADER,
2082 .obj_size = sizeof(struct tcp6_sock),
2083 .twsk_prot = &tcp6_timewait_sock_ops,
2084 .rsk_prot = &tcp6_request_sock_ops,
2085 .h.hashinfo = &tcp_hashinfo,
2086 #ifdef CONFIG_COMPAT
2087 .compat_setsockopt = compat_tcp_setsockopt,
2088 .compat_getsockopt = compat_tcp_getsockopt,
2092 static struct inet6_protocol tcpv6_protocol = {
2093 .handler = tcp_v6_rcv,
2094 .err_handler = tcp_v6_err,
2095 .gso_send_check = tcp_v6_gso_send_check,
2096 .gso_segment = tcp_tso_segment,
2097 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2100 static struct inet_protosw tcpv6_protosw = {
2101 .type = SOCK_STREAM,
2102 .protocol = IPPROTO_TCP,
2103 .prot = &tcpv6_prot,
2104 .ops = &inet6_stream_ops,
2107 .flags = INET_PROTOSW_PERMANENT |
2111 static int tcpv6_net_init(struct net *net)
2113 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2114 SOCK_RAW, IPPROTO_TCP, net);
2117 static void tcpv6_net_exit(struct net *net)
2119 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2122 static struct pernet_operations tcpv6_net_ops = {
2123 .init = tcpv6_net_init,
2124 .exit = tcpv6_net_exit,
2127 int __init tcpv6_init(void)
2131 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2135 /* register inet6 protocol */
2136 ret = inet6_register_protosw(&tcpv6_protosw);
2138 goto out_tcpv6_protocol;
2140 ret = register_pernet_subsys(&tcpv6_net_ops);
2142 goto out_tcpv6_protosw;
2147 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2149 inet6_unregister_protosw(&tcpv6_protosw);
2153 void tcpv6_exit(void)
2155 unregister_pernet_subsys(&tcpv6_net_ops);
2156 inet6_unregister_protosw(&tcpv6_protosw);
2157 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob