3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * $Id: tcp_ipv6.c,v 1.144 2002/02/01 22:01:04 davem Exp $
11 * linux/net/ipv4/tcp.c
12 * linux/net/ipv4/tcp_input.c
13 * linux/net/ipv4/tcp_output.c
16 * Hideaki YOSHIFUJI : sin6_scope_id support
17 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
18 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
19 * a single port at the same time.
20 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
22 * This program is free software; you can redistribute it and/or
23 * modify it under the terms of the GNU General Public License
24 * as published by the Free Software Foundation; either version
25 * 2 of the License, or (at your option) any later version.
28 #include <linux/module.h>
29 #include <linux/errno.h>
30 #include <linux/types.h>
31 #include <linux/socket.h>
32 #include <linux/sockios.h>
33 #include <linux/net.h>
34 #include <linux/jiffies.h>
36 #include <linux/in6.h>
37 #include <linux/netdevice.h>
38 #include <linux/init.h>
39 #include <linux/jhash.h>
40 #include <linux/ipsec.h>
41 #include <linux/times.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/netdma.h>
64 #include <asm/uaccess.h>
66 #include <linux/proc_fs.h>
67 #include <linux/seq_file.h>
69 #include <linux/crypto.h>
70 #include <linux/scatterlist.h>
72 /* Socket used for sending RSTs and ACKs */
73 static struct socket *tcp6_socket;
75 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
76 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req);
77 static void tcp_v6_send_check(struct sock *sk, int len,
80 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
82 static struct inet_connection_sock_af_ops ipv6_mapped;
83 static struct inet_connection_sock_af_ops ipv6_specific;
84 #ifdef CONFIG_TCP_MD5SIG
85 static struct tcp_sock_af_ops tcp_sock_ipv6_specific;
86 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
89 static int tcp_v6_get_port(struct sock *sk, unsigned short snum)
91 return inet_csk_get_port(&tcp_hashinfo, sk, snum,
92 inet6_csk_bind_conflict);
95 static void tcp_v6_hash(struct sock *sk)
97 if (sk->sk_state != TCP_CLOSE) {
98 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
103 __inet6_hash(&tcp_hashinfo, sk);
108 static __inline__ __sum16 tcp_v6_check(struct tcphdr *th, int len,
109 struct in6_addr *saddr,
110 struct in6_addr *daddr,
113 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
116 static __u32 tcp_v6_init_sequence(struct sk_buff *skb)
118 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
119 ipv6_hdr(skb)->saddr.s6_addr32,
121 tcp_hdr(skb)->source);
124 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
127 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
128 struct inet_sock *inet = inet_sk(sk);
129 struct inet_connection_sock *icsk = inet_csk(sk);
130 struct ipv6_pinfo *np = inet6_sk(sk);
131 struct tcp_sock *tp = tcp_sk(sk);
132 struct in6_addr *saddr = NULL, *final_p = NULL, final;
134 struct dst_entry *dst;
138 if (addr_len < SIN6_LEN_RFC2133)
141 if (usin->sin6_family != AF_INET6)
142 return(-EAFNOSUPPORT);
144 memset(&fl, 0, sizeof(fl));
147 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
148 IP6_ECN_flow_init(fl.fl6_flowlabel);
149 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
150 struct ip6_flowlabel *flowlabel;
151 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
152 if (flowlabel == NULL)
154 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
155 fl6_sock_release(flowlabel);
160 * connect() to INADDR_ANY means loopback (BSD'ism).
163 if(ipv6_addr_any(&usin->sin6_addr))
164 usin->sin6_addr.s6_addr[15] = 0x1;
166 addr_type = ipv6_addr_type(&usin->sin6_addr);
168 if(addr_type & IPV6_ADDR_MULTICAST)
171 if (addr_type&IPV6_ADDR_LINKLOCAL) {
172 if (addr_len >= sizeof(struct sockaddr_in6) &&
173 usin->sin6_scope_id) {
174 /* If interface is set while binding, indices
177 if (sk->sk_bound_dev_if &&
178 sk->sk_bound_dev_if != usin->sin6_scope_id)
181 sk->sk_bound_dev_if = usin->sin6_scope_id;
184 /* Connect to link-local address requires an interface */
185 if (!sk->sk_bound_dev_if)
189 if (tp->rx_opt.ts_recent_stamp &&
190 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
191 tp->rx_opt.ts_recent = 0;
192 tp->rx_opt.ts_recent_stamp = 0;
196 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
197 np->flow_label = fl.fl6_flowlabel;
203 if (addr_type == IPV6_ADDR_MAPPED) {
204 u32 exthdrlen = icsk->icsk_ext_hdr_len;
205 struct sockaddr_in sin;
207 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
209 if (__ipv6_only_sock(sk))
212 sin.sin_family = AF_INET;
213 sin.sin_port = usin->sin6_port;
214 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
216 icsk->icsk_af_ops = &ipv6_mapped;
217 sk->sk_backlog_rcv = tcp_v4_do_rcv;
218 #ifdef CONFIG_TCP_MD5SIG
219 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
222 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
225 icsk->icsk_ext_hdr_len = exthdrlen;
226 icsk->icsk_af_ops = &ipv6_specific;
227 sk->sk_backlog_rcv = tcp_v6_do_rcv;
228 #ifdef CONFIG_TCP_MD5SIG
229 tp->af_specific = &tcp_sock_ipv6_specific;
233 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
235 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
242 if (!ipv6_addr_any(&np->rcv_saddr))
243 saddr = &np->rcv_saddr;
245 fl.proto = IPPROTO_TCP;
246 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
247 ipv6_addr_copy(&fl.fl6_src,
248 (saddr ? saddr : &np->saddr));
249 fl.oif = sk->sk_bound_dev_if;
250 fl.fl_ip_dport = usin->sin6_port;
251 fl.fl_ip_sport = inet->sport;
253 if (np->opt && np->opt->srcrt) {
254 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
255 ipv6_addr_copy(&final, &fl.fl6_dst);
256 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
260 security_sk_classify_flow(sk, &fl);
262 err = ip6_dst_lookup(sk, &dst, &fl);
266 ipv6_addr_copy(&fl.fl6_dst, final_p);
268 if ((err = __xfrm_lookup(&dst, &fl, sk, 1)) < 0) {
270 err = ip6_dst_blackhole(sk, &dst, &fl);
277 ipv6_addr_copy(&np->rcv_saddr, saddr);
280 /* set the source address */
281 ipv6_addr_copy(&np->saddr, saddr);
282 inet->rcv_saddr = LOOPBACK4_IPV6;
284 sk->sk_gso_type = SKB_GSO_TCPV6;
285 __ip6_dst_store(sk, dst, NULL, NULL);
287 icsk->icsk_ext_hdr_len = 0;
289 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
292 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
294 inet->dport = usin->sin6_port;
296 tcp_set_state(sk, TCP_SYN_SENT);
297 err = inet6_hash_connect(&tcp_death_row, sk);
302 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
307 err = tcp_connect(sk);
314 tcp_set_state(sk, TCP_CLOSE);
318 sk->sk_route_caps = 0;
322 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
323 int type, int code, int offset, __be32 info)
325 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
326 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
327 struct ipv6_pinfo *np;
333 sk = inet6_lookup(&tcp_hashinfo, &hdr->daddr, th->dest, &hdr->saddr,
334 th->source, skb->dev->ifindex);
337 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
341 if (sk->sk_state == TCP_TIME_WAIT) {
342 inet_twsk_put(inet_twsk(sk));
347 if (sock_owned_by_user(sk))
348 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
350 if (sk->sk_state == TCP_CLOSE)
354 seq = ntohl(th->seq);
355 if (sk->sk_state != TCP_LISTEN &&
356 !between(seq, tp->snd_una, tp->snd_nxt)) {
357 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
363 if (type == ICMPV6_PKT_TOOBIG) {
364 struct dst_entry *dst = NULL;
366 if (sock_owned_by_user(sk))
368 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
371 /* icmp should have updated the destination cache entry */
372 dst = __sk_dst_check(sk, np->dst_cookie);
375 struct inet_sock *inet = inet_sk(sk);
378 /* BUGGG_FUTURE: Again, it is not clear how
379 to handle rthdr case. Ignore this complexity
382 memset(&fl, 0, sizeof(fl));
383 fl.proto = IPPROTO_TCP;
384 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
385 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
386 fl.oif = sk->sk_bound_dev_if;
387 fl.fl_ip_dport = inet->dport;
388 fl.fl_ip_sport = inet->sport;
389 security_skb_classify_flow(skb, &fl);
391 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
392 sk->sk_err_soft = -err;
396 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
397 sk->sk_err_soft = -err;
404 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
405 tcp_sync_mss(sk, dst_mtu(dst));
406 tcp_simple_retransmit(sk);
407 } /* else let the usual retransmit timer handle it */
412 icmpv6_err_convert(type, code, &err);
414 /* Might be for an request_sock */
415 switch (sk->sk_state) {
416 struct request_sock *req, **prev;
418 if (sock_owned_by_user(sk))
421 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
422 &hdr->saddr, inet6_iif(skb));
426 /* ICMPs are not backlogged, hence we cannot get
427 * an established socket here.
429 BUG_TRAP(req->sk == NULL);
431 if (seq != tcp_rsk(req)->snt_isn) {
432 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
436 inet_csk_reqsk_queue_drop(sk, req, prev);
440 case TCP_SYN_RECV: /* Cannot happen.
441 It can, it SYNs are crossed. --ANK */
442 if (!sock_owned_by_user(sk)) {
444 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
448 sk->sk_err_soft = err;
452 if (!sock_owned_by_user(sk) && np->recverr) {
454 sk->sk_error_report(sk);
456 sk->sk_err_soft = err;
464 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req,
465 struct dst_entry *dst)
467 struct inet6_request_sock *treq = inet6_rsk(req);
468 struct ipv6_pinfo *np = inet6_sk(sk);
469 struct sk_buff * skb;
470 struct ipv6_txoptions *opt = NULL;
471 struct in6_addr * final_p = NULL, final;
475 memset(&fl, 0, sizeof(fl));
476 fl.proto = IPPROTO_TCP;
477 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
478 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
479 fl.fl6_flowlabel = 0;
481 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
482 fl.fl_ip_sport = inet_sk(sk)->sport;
483 security_req_classify_flow(req, &fl);
487 if (opt && opt->srcrt) {
488 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
489 ipv6_addr_copy(&final, &fl.fl6_dst);
490 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
494 err = ip6_dst_lookup(sk, &dst, &fl);
498 ipv6_addr_copy(&fl.fl6_dst, final_p);
499 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
503 skb = tcp_make_synack(sk, dst, req);
505 struct tcphdr *th = tcp_hdr(skb);
507 th->check = tcp_v6_check(th, skb->len,
508 &treq->loc_addr, &treq->rmt_addr,
509 csum_partial((char *)th, skb->len, skb->csum));
511 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
512 err = ip6_xmit(sk, skb, &fl, opt, 0);
513 err = net_xmit_eval(err);
517 if (opt && opt != np->opt)
518 sock_kfree_s(sk, opt, opt->tot_len);
523 static void tcp_v6_reqsk_destructor(struct request_sock *req)
525 if (inet6_rsk(req)->pktopts)
526 kfree_skb(inet6_rsk(req)->pktopts);
529 #ifdef CONFIG_TCP_MD5SIG
530 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
531 struct in6_addr *addr)
533 struct tcp_sock *tp = tcp_sk(sk);
538 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
541 for (i = 0; i < tp->md5sig_info->entries6; i++) {
542 if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, addr) == 0)
543 return &tp->md5sig_info->keys6[i].base;
548 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
549 struct sock *addr_sk)
551 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
554 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
555 struct request_sock *req)
557 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
560 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer,
561 char *newkey, u8 newkeylen)
563 /* Add key to the list */
564 struct tcp_md5sig_key *key;
565 struct tcp_sock *tp = tcp_sk(sk);
566 struct tcp6_md5sig_key *keys;
568 key = tcp_v6_md5_do_lookup(sk, peer);
570 /* modify existing entry - just update that one */
573 key->keylen = newkeylen;
575 /* reallocate new list if current one is full. */
576 if (!tp->md5sig_info) {
577 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
578 if (!tp->md5sig_info) {
582 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
584 if (tcp_alloc_md5sig_pool() == NULL) {
588 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
589 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
590 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
593 tcp_free_md5sig_pool();
598 if (tp->md5sig_info->entries6)
599 memmove(keys, tp->md5sig_info->keys6,
600 (sizeof (tp->md5sig_info->keys6[0]) *
601 tp->md5sig_info->entries6));
603 kfree(tp->md5sig_info->keys6);
604 tp->md5sig_info->keys6 = keys;
605 tp->md5sig_info->alloced6++;
608 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
610 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
611 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
613 tp->md5sig_info->entries6++;
618 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
619 u8 *newkey, __u8 newkeylen)
621 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
625 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer)
627 struct tcp_sock *tp = tcp_sk(sk);
630 for (i = 0; i < tp->md5sig_info->entries6; i++) {
631 if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, peer) == 0) {
633 kfree(tp->md5sig_info->keys6[i].base.key);
634 tp->md5sig_info->entries6--;
636 if (tp->md5sig_info->entries6 == 0) {
637 kfree(tp->md5sig_info->keys6);
638 tp->md5sig_info->keys6 = NULL;
639 tp->md5sig_info->alloced6 = 0;
641 tcp_free_md5sig_pool();
645 /* shrink the database */
646 if (tp->md5sig_info->entries6 != i)
647 memmove(&tp->md5sig_info->keys6[i],
648 &tp->md5sig_info->keys6[i+1],
649 (tp->md5sig_info->entries6 - i)
650 * sizeof (tp->md5sig_info->keys6[0]));
657 static void tcp_v6_clear_md5_list (struct sock *sk)
659 struct tcp_sock *tp = tcp_sk(sk);
662 if (tp->md5sig_info->entries6) {
663 for (i = 0; i < tp->md5sig_info->entries6; i++)
664 kfree(tp->md5sig_info->keys6[i].base.key);
665 tp->md5sig_info->entries6 = 0;
666 tcp_free_md5sig_pool();
669 kfree(tp->md5sig_info->keys6);
670 tp->md5sig_info->keys6 = NULL;
671 tp->md5sig_info->alloced6 = 0;
673 if (tp->md5sig_info->entries4) {
674 for (i = 0; i < tp->md5sig_info->entries4; i++)
675 kfree(tp->md5sig_info->keys4[i].base.key);
676 tp->md5sig_info->entries4 = 0;
677 tcp_free_md5sig_pool();
680 kfree(tp->md5sig_info->keys4);
681 tp->md5sig_info->keys4 = NULL;
682 tp->md5sig_info->alloced4 = 0;
685 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
688 struct tcp_md5sig cmd;
689 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
692 if (optlen < sizeof(cmd))
695 if (copy_from_user(&cmd, optval, sizeof(cmd)))
698 if (sin6->sin6_family != AF_INET6)
701 if (!cmd.tcpm_keylen) {
702 if (!tcp_sk(sk)->md5sig_info)
704 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
705 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
706 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
709 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
712 if (!tcp_sk(sk)->md5sig_info) {
713 struct tcp_sock *tp = tcp_sk(sk);
714 struct tcp_md5sig_info *p;
716 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
721 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
724 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
727 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
728 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
729 newkey, cmd.tcpm_keylen);
731 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
734 static int tcp_v6_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
735 struct in6_addr *saddr,
736 struct in6_addr *daddr,
737 struct tcphdr *th, int protocol,
740 struct scatterlist sg[4];
744 struct tcp_md5sig_pool *hp;
745 struct tcp6_pseudohdr *bp;
746 struct hash_desc *desc;
748 unsigned int nbytes = 0;
750 hp = tcp_get_md5sig_pool();
752 printk(KERN_WARNING "%s(): hash pool not found...\n", __FUNCTION__);
753 goto clear_hash_noput;
755 bp = &hp->md5_blk.ip6;
756 desc = &hp->md5_desc;
758 /* 1. TCP pseudo-header (RFC2460) */
759 ipv6_addr_copy(&bp->saddr, saddr);
760 ipv6_addr_copy(&bp->daddr, daddr);
761 bp->len = htonl(tcplen);
762 bp->protocol = htonl(protocol);
764 sg_init_table(sg, 4);
766 sg_set_buf(&sg[block++], bp, sizeof(*bp));
767 nbytes += sizeof(*bp);
769 /* 2. TCP header, excluding options */
772 sg_set_buf(&sg[block++], th, sizeof(*th));
773 nbytes += sizeof(*th);
775 /* 3. TCP segment data (if any) */
776 data_len = tcplen - (th->doff << 2);
778 u8 *data = (u8 *)th + (th->doff << 2);
779 sg_set_buf(&sg[block++], data, data_len);
784 sg_set_buf(&sg[block++], key->key, key->keylen);
785 nbytes += key->keylen;
787 sg_mark_end(&sg[block - 1]);
789 /* Now store the hash into the packet */
790 err = crypto_hash_init(desc);
792 printk(KERN_WARNING "%s(): hash_init failed\n", __FUNCTION__);
795 err = crypto_hash_update(desc, sg, nbytes);
797 printk(KERN_WARNING "%s(): hash_update failed\n", __FUNCTION__);
800 err = crypto_hash_final(desc, md5_hash);
802 printk(KERN_WARNING "%s(): hash_final failed\n", __FUNCTION__);
806 /* Reset header, and free up the crypto */
807 tcp_put_md5sig_pool();
812 tcp_put_md5sig_pool();
814 memset(md5_hash, 0, 16);
818 static int tcp_v6_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
820 struct dst_entry *dst,
821 struct request_sock *req,
822 struct tcphdr *th, int protocol,
825 struct in6_addr *saddr, *daddr;
828 saddr = &inet6_sk(sk)->saddr;
829 daddr = &inet6_sk(sk)->daddr;
831 saddr = &inet6_rsk(req)->loc_addr;
832 daddr = &inet6_rsk(req)->rmt_addr;
834 return tcp_v6_do_calc_md5_hash(md5_hash, key,
836 th, protocol, tcplen);
839 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
841 __u8 *hash_location = NULL;
842 struct tcp_md5sig_key *hash_expected;
843 struct ipv6hdr *ip6h = ipv6_hdr(skb);
844 struct tcphdr *th = tcp_hdr(skb);
845 int length = (th->doff << 2) - sizeof (*th);
850 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
852 /* If the TCP option is too short, we can short cut */
853 if (length < TCPOLEN_MD5SIG)
854 return hash_expected ? 1 : 0;
870 if (opsize < 2 || opsize > length)
872 if (opcode == TCPOPT_MD5SIG) {
882 /* do we have a hash as expected? */
883 if (!hash_expected) {
886 if (net_ratelimit()) {
887 printk(KERN_INFO "MD5 Hash NOT expected but found "
888 "(" NIP6_FMT ", %u)->"
889 "(" NIP6_FMT ", %u)\n",
890 NIP6(ip6h->saddr), ntohs(th->source),
891 NIP6(ip6h->daddr), ntohs(th->dest));
896 if (!hash_location) {
897 if (net_ratelimit()) {
898 printk(KERN_INFO "MD5 Hash expected but NOT found "
899 "(" NIP6_FMT ", %u)->"
900 "(" NIP6_FMT ", %u)\n",
901 NIP6(ip6h->saddr), ntohs(th->source),
902 NIP6(ip6h->daddr), ntohs(th->dest));
907 /* check the signature */
908 genhash = tcp_v6_do_calc_md5_hash(newhash,
910 &ip6h->saddr, &ip6h->daddr,
913 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
914 if (net_ratelimit()) {
915 printk(KERN_INFO "MD5 Hash %s for "
916 "(" NIP6_FMT ", %u)->"
917 "(" NIP6_FMT ", %u)\n",
918 genhash ? "failed" : "mismatch",
919 NIP6(ip6h->saddr), ntohs(th->source),
920 NIP6(ip6h->daddr), ntohs(th->dest));
928 static struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
930 .obj_size = sizeof(struct tcp6_request_sock),
931 .rtx_syn_ack = tcp_v6_send_synack,
932 .send_ack = tcp_v6_reqsk_send_ack,
933 .destructor = tcp_v6_reqsk_destructor,
934 .send_reset = tcp_v6_send_reset
937 #ifdef CONFIG_TCP_MD5SIG
938 static struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
939 .md5_lookup = tcp_v6_reqsk_md5_lookup,
943 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
944 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
945 .twsk_unique = tcp_twsk_unique,
946 .twsk_destructor= tcp_twsk_destructor,
949 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb)
951 struct ipv6_pinfo *np = inet6_sk(sk);
952 struct tcphdr *th = tcp_hdr(skb);
954 if (skb->ip_summed == CHECKSUM_PARTIAL) {
955 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
956 skb->csum_start = skb_transport_header(skb) - skb->head;
957 skb->csum_offset = offsetof(struct tcphdr, check);
959 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
960 csum_partial((char *)th, th->doff<<2,
965 static int tcp_v6_gso_send_check(struct sk_buff *skb)
967 struct ipv6hdr *ipv6h;
970 if (!pskb_may_pull(skb, sizeof(*th)))
973 ipv6h = ipv6_hdr(skb);
977 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
979 skb->csum_start = skb_transport_header(skb) - skb->head;
980 skb->csum_offset = offsetof(struct tcphdr, check);
981 skb->ip_summed = CHECKSUM_PARTIAL;
985 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
987 struct tcphdr *th = tcp_hdr(skb), *t1;
988 struct sk_buff *buff;
990 int tot_len = sizeof(*th);
991 #ifdef CONFIG_TCP_MD5SIG
992 struct tcp_md5sig_key *key;
998 if (!ipv6_unicast_destination(skb))
1001 #ifdef CONFIG_TCP_MD5SIG
1003 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr);
1008 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1012 * We need to grab some memory, and put together an RST,
1013 * and then put it into the queue to be sent.
1016 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1021 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1023 t1 = (struct tcphdr *) skb_push(buff, tot_len);
1025 /* Swap the send and the receive. */
1026 memset(t1, 0, sizeof(*t1));
1027 t1->dest = th->source;
1028 t1->source = th->dest;
1029 t1->doff = tot_len / 4;
1033 t1->seq = th->ack_seq;
1036 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin
1037 + skb->len - (th->doff<<2));
1040 #ifdef CONFIG_TCP_MD5SIG
1042 __be32 *opt = (__be32*)(t1 + 1);
1043 opt[0] = htonl((TCPOPT_NOP << 24) |
1044 (TCPOPT_NOP << 16) |
1045 (TCPOPT_MD5SIG << 8) |
1047 tcp_v6_do_calc_md5_hash((__u8 *)&opt[1], key,
1048 &ipv6_hdr(skb)->daddr,
1049 &ipv6_hdr(skb)->saddr,
1050 t1, IPPROTO_TCP, tot_len);
1054 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0);
1056 memset(&fl, 0, sizeof(fl));
1057 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1058 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1060 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1061 sizeof(*t1), IPPROTO_TCP,
1064 fl.proto = IPPROTO_TCP;
1065 fl.oif = inet6_iif(skb);
1066 fl.fl_ip_dport = t1->dest;
1067 fl.fl_ip_sport = t1->source;
1068 security_skb_classify_flow(skb, &fl);
1070 /* sk = NULL, but it is safe for now. RST socket required. */
1071 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
1073 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1074 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
1075 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1076 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
1084 static void tcp_v6_send_ack(struct tcp_timewait_sock *tw,
1085 struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts)
1087 struct tcphdr *th = tcp_hdr(skb), *t1;
1088 struct sk_buff *buff;
1090 int tot_len = sizeof(struct tcphdr);
1092 #ifdef CONFIG_TCP_MD5SIG
1093 struct tcp_md5sig_key *key;
1094 struct tcp_md5sig_key tw_key;
1097 #ifdef CONFIG_TCP_MD5SIG
1098 if (!tw && skb->sk) {
1099 key = tcp_v6_md5_do_lookup(skb->sk, &ipv6_hdr(skb)->daddr);
1100 } else if (tw && tw->tw_md5_keylen) {
1101 tw_key.key = tw->tw_md5_key;
1102 tw_key.keylen = tw->tw_md5_keylen;
1110 tot_len += TCPOLEN_TSTAMP_ALIGNED;
1111 #ifdef CONFIG_TCP_MD5SIG
1113 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1116 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1121 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1123 t1 = (struct tcphdr *) skb_push(buff,tot_len);
1125 /* Swap the send and the receive. */
1126 memset(t1, 0, sizeof(*t1));
1127 t1->dest = th->source;
1128 t1->source = th->dest;
1129 t1->doff = tot_len/4;
1130 t1->seq = htonl(seq);
1131 t1->ack_seq = htonl(ack);
1133 t1->window = htons(win);
1135 topt = (__be32 *)(t1 + 1);
1138 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1139 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
1140 *topt++ = htonl(tcp_time_stamp);
1144 #ifdef CONFIG_TCP_MD5SIG
1146 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1147 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
1148 tcp_v6_do_calc_md5_hash((__u8 *)topt, key,
1149 &ipv6_hdr(skb)->daddr,
1150 &ipv6_hdr(skb)->saddr,
1151 t1, IPPROTO_TCP, tot_len);
1155 buff->csum = csum_partial((char *)t1, tot_len, 0);
1157 memset(&fl, 0, sizeof(fl));
1158 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1159 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1161 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1162 tot_len, IPPROTO_TCP,
1165 fl.proto = IPPROTO_TCP;
1166 fl.oif = inet6_iif(skb);
1167 fl.fl_ip_dport = t1->dest;
1168 fl.fl_ip_sport = t1->source;
1169 security_skb_classify_flow(skb, &fl);
1171 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
1172 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1173 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
1174 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1182 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1184 struct inet_timewait_sock *tw = inet_twsk(sk);
1185 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1187 tcp_v6_send_ack(tcptw, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1188 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1189 tcptw->tw_ts_recent);
1194 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req)
1196 tcp_v6_send_ack(NULL, skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent);
1200 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1202 struct request_sock *req, **prev;
1203 const struct tcphdr *th = tcp_hdr(skb);
1206 /* Find possible connection requests. */
1207 req = inet6_csk_search_req(sk, &prev, th->source,
1208 &ipv6_hdr(skb)->saddr,
1209 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1211 return tcp_check_req(sk, skb, req, prev);
1213 nsk = __inet6_lookup_established(&tcp_hashinfo, &ipv6_hdr(skb)->saddr,
1214 th->source, &ipv6_hdr(skb)->daddr,
1215 ntohs(th->dest), inet6_iif(skb));
1218 if (nsk->sk_state != TCP_TIME_WAIT) {
1222 inet_twsk_put(inet_twsk(nsk));
1226 #if 0 /*def CONFIG_SYN_COOKIES*/
1227 if (!th->rst && !th->syn && th->ack)
1228 sk = cookie_v6_check(sk, skb, &(IPCB(skb)->opt));
1233 /* FIXME: this is substantially similar to the ipv4 code.
1234 * Can some kind of merge be done? -- erics
1236 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1238 struct inet6_request_sock *treq;
1239 struct ipv6_pinfo *np = inet6_sk(sk);
1240 struct tcp_options_received tmp_opt;
1241 struct tcp_sock *tp = tcp_sk(sk);
1242 struct request_sock *req = NULL;
1243 __u32 isn = TCP_SKB_CB(skb)->when;
1245 if (skb->protocol == htons(ETH_P_IP))
1246 return tcp_v4_conn_request(sk, skb);
1248 if (!ipv6_unicast_destination(skb))
1252 * There are no SYN attacks on IPv6, yet...
1254 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1255 if (net_ratelimit())
1256 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n");
1260 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1263 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1267 #ifdef CONFIG_TCP_MD5SIG
1268 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1271 tcp_clear_options(&tmp_opt);
1272 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1273 tmp_opt.user_mss = tp->rx_opt.user_mss;
1275 tcp_parse_options(skb, &tmp_opt, 0);
1277 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1278 tcp_openreq_init(req, &tmp_opt, skb);
1280 treq = inet6_rsk(req);
1281 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1282 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1283 TCP_ECN_create_request(req, tcp_hdr(skb));
1284 treq->pktopts = NULL;
1285 if (ipv6_opt_accepted(sk, skb) ||
1286 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1287 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1288 atomic_inc(&skb->users);
1289 treq->pktopts = skb;
1291 treq->iif = sk->sk_bound_dev_if;
1293 /* So that link locals have meaning */
1294 if (!sk->sk_bound_dev_if &&
1295 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1296 treq->iif = inet6_iif(skb);
1299 isn = tcp_v6_init_sequence(skb);
1301 tcp_rsk(req)->snt_isn = isn;
1303 security_inet_conn_request(sk, skb, req);
1305 if (tcp_v6_send_synack(sk, req, NULL))
1308 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1315 return 0; /* don't send reset */
1318 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1319 struct request_sock *req,
1320 struct dst_entry *dst)
1322 struct inet6_request_sock *treq = inet6_rsk(req);
1323 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1324 struct tcp6_sock *newtcp6sk;
1325 struct inet_sock *newinet;
1326 struct tcp_sock *newtp;
1328 struct ipv6_txoptions *opt;
1329 #ifdef CONFIG_TCP_MD5SIG
1330 struct tcp_md5sig_key *key;
1333 if (skb->protocol == htons(ETH_P_IP)) {
1338 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1343 newtcp6sk = (struct tcp6_sock *)newsk;
1344 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1346 newinet = inet_sk(newsk);
1347 newnp = inet6_sk(newsk);
1348 newtp = tcp_sk(newsk);
1350 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1352 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
1355 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
1358 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1360 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1361 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1362 #ifdef CONFIG_TCP_MD5SIG
1363 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1366 newnp->pktoptions = NULL;
1368 newnp->mcast_oif = inet6_iif(skb);
1369 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1372 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1373 * here, tcp_create_openreq_child now does this for us, see the comment in
1374 * that function for the gory details. -acme
1377 /* It is tricky place. Until this moment IPv4 tcp
1378 worked with IPv6 icsk.icsk_af_ops.
1381 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1388 if (sk_acceptq_is_full(sk))
1392 struct in6_addr *final_p = NULL, final;
1395 memset(&fl, 0, sizeof(fl));
1396 fl.proto = IPPROTO_TCP;
1397 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1398 if (opt && opt->srcrt) {
1399 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
1400 ipv6_addr_copy(&final, &fl.fl6_dst);
1401 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1404 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1405 fl.oif = sk->sk_bound_dev_if;
1406 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1407 fl.fl_ip_sport = inet_sk(sk)->sport;
1408 security_req_classify_flow(req, &fl);
1410 if (ip6_dst_lookup(sk, &dst, &fl))
1414 ipv6_addr_copy(&fl.fl6_dst, final_p);
1416 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
1420 newsk = tcp_create_openreq_child(sk, req, skb);
1425 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1426 * count here, tcp_create_openreq_child now does this for us, see the
1427 * comment in that function for the gory details. -acme
1430 newsk->sk_gso_type = SKB_GSO_TCPV6;
1431 __ip6_dst_store(newsk, dst, NULL, NULL);
1433 newtcp6sk = (struct tcp6_sock *)newsk;
1434 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1436 newtp = tcp_sk(newsk);
1437 newinet = inet_sk(newsk);
1438 newnp = inet6_sk(newsk);
1440 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1442 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1443 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1444 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1445 newsk->sk_bound_dev_if = treq->iif;
1447 /* Now IPv6 options...
1449 First: no IPv4 options.
1451 newinet->opt = NULL;
1452 newnp->ipv6_fl_list = NULL;
1455 newnp->rxopt.all = np->rxopt.all;
1457 /* Clone pktoptions received with SYN */
1458 newnp->pktoptions = NULL;
1459 if (treq->pktopts != NULL) {
1460 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1461 kfree_skb(treq->pktopts);
1462 treq->pktopts = NULL;
1463 if (newnp->pktoptions)
1464 skb_set_owner_r(newnp->pktoptions, newsk);
1467 newnp->mcast_oif = inet6_iif(skb);
1468 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1470 /* Clone native IPv6 options from listening socket (if any)
1472 Yes, keeping reference count would be much more clever,
1473 but we make one more one thing there: reattach optmem
1477 newnp->opt = ipv6_dup_options(newsk, opt);
1479 sock_kfree_s(sk, opt, opt->tot_len);
1482 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1484 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1485 newnp->opt->opt_flen);
1487 tcp_mtup_init(newsk);
1488 tcp_sync_mss(newsk, dst_mtu(dst));
1489 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1490 tcp_initialize_rcv_mss(newsk);
1492 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
1494 #ifdef CONFIG_TCP_MD5SIG
1495 /* Copy over the MD5 key from the original socket */
1496 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1497 /* We're using one, so create a matching key
1498 * on the newsk structure. If we fail to get
1499 * memory, then we end up not copying the key
1502 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1504 tcp_v6_md5_do_add(newsk, &inet6_sk(sk)->daddr,
1505 newkey, key->keylen);
1509 __inet6_hash(&tcp_hashinfo, newsk);
1510 inet_inherit_port(&tcp_hashinfo, sk, newsk);
1515 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
1517 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
1518 if (opt && opt != np->opt)
1519 sock_kfree_s(sk, opt, opt->tot_len);
1524 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1526 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1527 if (!tcp_v6_check(tcp_hdr(skb), skb->len, &ipv6_hdr(skb)->saddr,
1528 &ipv6_hdr(skb)->daddr, skb->csum)) {
1529 skb->ip_summed = CHECKSUM_UNNECESSARY;
1534 skb->csum = ~csum_unfold(tcp_v6_check(tcp_hdr(skb), skb->len,
1535 &ipv6_hdr(skb)->saddr,
1536 &ipv6_hdr(skb)->daddr, 0));
1538 if (skb->len <= 76) {
1539 return __skb_checksum_complete(skb);
1544 /* The socket must have it's spinlock held when we get
1547 * We have a potential double-lock case here, so even when
1548 * doing backlog processing we use the BH locking scheme.
1549 * This is because we cannot sleep with the original spinlock
1552 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1554 struct ipv6_pinfo *np = inet6_sk(sk);
1555 struct tcp_sock *tp;
1556 struct sk_buff *opt_skb = NULL;
1558 /* Imagine: socket is IPv6. IPv4 packet arrives,
1559 goes to IPv4 receive handler and backlogged.
1560 From backlog it always goes here. Kerboom...
1561 Fortunately, tcp_rcv_established and rcv_established
1562 handle them correctly, but it is not case with
1563 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1566 if (skb->protocol == htons(ETH_P_IP))
1567 return tcp_v4_do_rcv(sk, skb);
1569 #ifdef CONFIG_TCP_MD5SIG
1570 if (tcp_v6_inbound_md5_hash (sk, skb))
1574 if (sk_filter(sk, skb))
1578 * socket locking is here for SMP purposes as backlog rcv
1579 * is currently called with bh processing disabled.
1582 /* Do Stevens' IPV6_PKTOPTIONS.
1584 Yes, guys, it is the only place in our code, where we
1585 may make it not affecting IPv4.
1586 The rest of code is protocol independent,
1587 and I do not like idea to uglify IPv4.
1589 Actually, all the idea behind IPV6_PKTOPTIONS
1590 looks not very well thought. For now we latch
1591 options, received in the last packet, enqueued
1592 by tcp. Feel free to propose better solution.
1596 opt_skb = skb_clone(skb, GFP_ATOMIC);
1598 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1599 TCP_CHECK_TIMER(sk);
1600 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1602 TCP_CHECK_TIMER(sk);
1604 goto ipv6_pktoptions;
1608 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1611 if (sk->sk_state == TCP_LISTEN) {
1612 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1617 * Queue it on the new socket if the new socket is active,
1618 * otherwise we just shortcircuit this and continue with
1622 if (tcp_child_process(sk, nsk, skb))
1625 __kfree_skb(opt_skb);
1630 TCP_CHECK_TIMER(sk);
1631 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1633 TCP_CHECK_TIMER(sk);
1635 goto ipv6_pktoptions;
1639 tcp_v6_send_reset(sk, skb);
1642 __kfree_skb(opt_skb);
1646 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1651 /* Do you ask, what is it?
1653 1. skb was enqueued by tcp.
1654 2. skb is added to tail of read queue, rather than out of order.
1655 3. socket is not in passive state.
1656 4. Finally, it really contains options, which user wants to receive.
1659 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1660 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1661 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1662 np->mcast_oif = inet6_iif(opt_skb);
1663 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1664 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1665 if (ipv6_opt_accepted(sk, opt_skb)) {
1666 skb_set_owner_r(opt_skb, sk);
1667 opt_skb = xchg(&np->pktoptions, opt_skb);
1669 __kfree_skb(opt_skb);
1670 opt_skb = xchg(&np->pktoptions, NULL);
1679 static int tcp_v6_rcv(struct sk_buff *skb)
1685 if (skb->pkt_type != PACKET_HOST)
1689 * Count it even if it's bad.
1691 TCP_INC_STATS_BH(TCP_MIB_INSEGS);
1693 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1698 if (th->doff < sizeof(struct tcphdr)/4)
1700 if (!pskb_may_pull(skb, th->doff*4))
1703 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1707 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1708 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1709 skb->len - th->doff*4);
1710 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1711 TCP_SKB_CB(skb)->when = 0;
1712 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(ipv6_hdr(skb));
1713 TCP_SKB_CB(skb)->sacked = 0;
1715 sk = __inet6_lookup(&tcp_hashinfo, &ipv6_hdr(skb)->saddr, th->source,
1716 &ipv6_hdr(skb)->daddr, ntohs(th->dest),
1723 if (sk->sk_state == TCP_TIME_WAIT)
1726 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1727 goto discard_and_relse;
1729 if (sk_filter(sk, skb))
1730 goto discard_and_relse;
1734 bh_lock_sock_nested(sk);
1736 if (!sock_owned_by_user(sk)) {
1737 #ifdef CONFIG_NET_DMA
1738 struct tcp_sock *tp = tcp_sk(sk);
1739 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1740 tp->ucopy.dma_chan = get_softnet_dma();
1741 if (tp->ucopy.dma_chan)
1742 ret = tcp_v6_do_rcv(sk, skb);
1746 if (!tcp_prequeue(sk, skb))
1747 ret = tcp_v6_do_rcv(sk, skb);
1750 sk_add_backlog(sk, skb);
1754 return ret ? -1 : 0;
1757 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1760 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1762 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1764 tcp_v6_send_reset(NULL, skb);
1781 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1782 inet_twsk_put(inet_twsk(sk));
1786 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1787 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1788 inet_twsk_put(inet_twsk(sk));
1792 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1797 sk2 = inet6_lookup_listener(&tcp_hashinfo,
1798 &ipv6_hdr(skb)->daddr,
1799 ntohs(th->dest), inet6_iif(skb));
1801 struct inet_timewait_sock *tw = inet_twsk(sk);
1802 inet_twsk_deschedule(tw, &tcp_death_row);
1807 /* Fall through to ACK */
1810 tcp_v6_timewait_ack(sk, skb);
1814 case TCP_TW_SUCCESS:;
1819 static int tcp_v6_remember_stamp(struct sock *sk)
1821 /* Alas, not yet... */
1825 static struct inet_connection_sock_af_ops ipv6_specific = {
1826 .queue_xmit = inet6_csk_xmit,
1827 .send_check = tcp_v6_send_check,
1828 .rebuild_header = inet6_sk_rebuild_header,
1829 .conn_request = tcp_v6_conn_request,
1830 .syn_recv_sock = tcp_v6_syn_recv_sock,
1831 .remember_stamp = tcp_v6_remember_stamp,
1832 .net_header_len = sizeof(struct ipv6hdr),
1833 .setsockopt = ipv6_setsockopt,
1834 .getsockopt = ipv6_getsockopt,
1835 .addr2sockaddr = inet6_csk_addr2sockaddr,
1836 .sockaddr_len = sizeof(struct sockaddr_in6),
1837 #ifdef CONFIG_COMPAT
1838 .compat_setsockopt = compat_ipv6_setsockopt,
1839 .compat_getsockopt = compat_ipv6_getsockopt,
1843 #ifdef CONFIG_TCP_MD5SIG
1844 static struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1845 .md5_lookup = tcp_v6_md5_lookup,
1846 .calc_md5_hash = tcp_v6_calc_md5_hash,
1847 .md5_add = tcp_v6_md5_add_func,
1848 .md5_parse = tcp_v6_parse_md5_keys,
1853 * TCP over IPv4 via INET6 API
1856 static struct inet_connection_sock_af_ops ipv6_mapped = {
1857 .queue_xmit = ip_queue_xmit,
1858 .send_check = tcp_v4_send_check,
1859 .rebuild_header = inet_sk_rebuild_header,
1860 .conn_request = tcp_v6_conn_request,
1861 .syn_recv_sock = tcp_v6_syn_recv_sock,
1862 .remember_stamp = tcp_v4_remember_stamp,
1863 .net_header_len = sizeof(struct iphdr),
1864 .setsockopt = ipv6_setsockopt,
1865 .getsockopt = ipv6_getsockopt,
1866 .addr2sockaddr = inet6_csk_addr2sockaddr,
1867 .sockaddr_len = sizeof(struct sockaddr_in6),
1868 #ifdef CONFIG_COMPAT
1869 .compat_setsockopt = compat_ipv6_setsockopt,
1870 .compat_getsockopt = compat_ipv6_getsockopt,
1874 #ifdef CONFIG_TCP_MD5SIG
1875 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1876 .md5_lookup = tcp_v4_md5_lookup,
1877 .calc_md5_hash = tcp_v4_calc_md5_hash,
1878 .md5_add = tcp_v6_md5_add_func,
1879 .md5_parse = tcp_v6_parse_md5_keys,
1883 /* NOTE: A lot of things set to zero explicitly by call to
1884 * sk_alloc() so need not be done here.
1886 static int tcp_v6_init_sock(struct sock *sk)
1888 struct inet_connection_sock *icsk = inet_csk(sk);
1889 struct tcp_sock *tp = tcp_sk(sk);
1891 skb_queue_head_init(&tp->out_of_order_queue);
1892 tcp_init_xmit_timers(sk);
1893 tcp_prequeue_init(tp);
1895 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1896 tp->mdev = TCP_TIMEOUT_INIT;
1898 /* So many TCP implementations out there (incorrectly) count the
1899 * initial SYN frame in their delayed-ACK and congestion control
1900 * algorithms that we must have the following bandaid to talk
1901 * efficiently to them. -DaveM
1905 /* See draft-stevens-tcpca-spec-01 for discussion of the
1906 * initialization of these values.
1908 tp->snd_ssthresh = 0x7fffffff;
1909 tp->snd_cwnd_clamp = ~0;
1910 tp->mss_cache = 536;
1912 tp->reordering = sysctl_tcp_reordering;
1914 sk->sk_state = TCP_CLOSE;
1916 icsk->icsk_af_ops = &ipv6_specific;
1917 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1918 icsk->icsk_sync_mss = tcp_sync_mss;
1919 sk->sk_write_space = sk_stream_write_space;
1920 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1922 #ifdef CONFIG_TCP_MD5SIG
1923 tp->af_specific = &tcp_sock_ipv6_specific;
1926 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1927 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1929 atomic_inc(&tcp_sockets_allocated);
1934 static int tcp_v6_destroy_sock(struct sock *sk)
1936 #ifdef CONFIG_TCP_MD5SIG
1937 /* Clean up the MD5 key list */
1938 if (tcp_sk(sk)->md5sig_info)
1939 tcp_v6_clear_md5_list(sk);
1941 tcp_v4_destroy_sock(sk);
1942 return inet6_destroy_sock(sk);
1945 #ifdef CONFIG_PROC_FS
1946 /* Proc filesystem TCPv6 sock list dumping. */
1947 static void get_openreq6(struct seq_file *seq,
1948 struct sock *sk, struct request_sock *req, int i, int uid)
1950 int ttd = req->expires - jiffies;
1951 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1952 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1958 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1959 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1961 src->s6_addr32[0], src->s6_addr32[1],
1962 src->s6_addr32[2], src->s6_addr32[3],
1963 ntohs(inet_sk(sk)->sport),
1964 dest->s6_addr32[0], dest->s6_addr32[1],
1965 dest->s6_addr32[2], dest->s6_addr32[3],
1966 ntohs(inet_rsk(req)->rmt_port),
1968 0,0, /* could print option size, but that is af dependent. */
1969 1, /* timers active (only the expire timer) */
1970 jiffies_to_clock_t(ttd),
1973 0, /* non standard timer */
1974 0, /* open_requests have no inode */
1978 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1980 struct in6_addr *dest, *src;
1983 unsigned long timer_expires;
1984 struct inet_sock *inet = inet_sk(sp);
1985 struct tcp_sock *tp = tcp_sk(sp);
1986 const struct inet_connection_sock *icsk = inet_csk(sp);
1987 struct ipv6_pinfo *np = inet6_sk(sp);
1990 src = &np->rcv_saddr;
1991 destp = ntohs(inet->dport);
1992 srcp = ntohs(inet->sport);
1994 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1996 timer_expires = icsk->icsk_timeout;
1997 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1999 timer_expires = icsk->icsk_timeout;
2000 } else if (timer_pending(&sp->sk_timer)) {
2002 timer_expires = sp->sk_timer.expires;
2005 timer_expires = jiffies;
2009 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2010 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d\n",
2012 src->s6_addr32[0], src->s6_addr32[1],
2013 src->s6_addr32[2], src->s6_addr32[3], srcp,
2014 dest->s6_addr32[0], dest->s6_addr32[1],
2015 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2017 tp->write_seq-tp->snd_una,
2018 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
2020 jiffies_to_clock_t(timer_expires - jiffies),
2021 icsk->icsk_retransmits,
2023 icsk->icsk_probes_out,
2025 atomic_read(&sp->sk_refcnt), sp,
2028 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
2029 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
2033 static void get_timewait6_sock(struct seq_file *seq,
2034 struct inet_timewait_sock *tw, int i)
2036 struct in6_addr *dest, *src;
2038 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
2039 int ttd = tw->tw_ttd - jiffies;
2044 dest = &tw6->tw_v6_daddr;
2045 src = &tw6->tw_v6_rcv_saddr;
2046 destp = ntohs(tw->tw_dport);
2047 srcp = ntohs(tw->tw_sport);
2050 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2051 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
2053 src->s6_addr32[0], src->s6_addr32[1],
2054 src->s6_addr32[2], src->s6_addr32[3], srcp,
2055 dest->s6_addr32[0], dest->s6_addr32[1],
2056 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2057 tw->tw_substate, 0, 0,
2058 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2059 atomic_read(&tw->tw_refcnt), tw);
2062 static int tcp6_seq_show(struct seq_file *seq, void *v)
2064 struct tcp_iter_state *st;
2066 if (v == SEQ_START_TOKEN) {
2071 "st tx_queue rx_queue tr tm->when retrnsmt"
2072 " uid timeout inode\n");
2077 switch (st->state) {
2078 case TCP_SEQ_STATE_LISTENING:
2079 case TCP_SEQ_STATE_ESTABLISHED:
2080 get_tcp6_sock(seq, v, st->num);
2082 case TCP_SEQ_STATE_OPENREQ:
2083 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
2085 case TCP_SEQ_STATE_TIME_WAIT:
2086 get_timewait6_sock(seq, v, st->num);
2093 static struct file_operations tcp6_seq_fops;
2094 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2095 .owner = THIS_MODULE,
2098 .seq_show = tcp6_seq_show,
2099 .seq_fops = &tcp6_seq_fops,
2102 int __init tcp6_proc_init(void)
2104 return tcp_proc_register(&tcp6_seq_afinfo);
2107 void tcp6_proc_exit(void)
2109 tcp_proc_unregister(&tcp6_seq_afinfo);
2113 DEFINE_PROTO_INUSE(tcpv6)
2115 struct proto tcpv6_prot = {
2117 .owner = THIS_MODULE,
2119 .connect = tcp_v6_connect,
2120 .disconnect = tcp_disconnect,
2121 .accept = inet_csk_accept,
2123 .init = tcp_v6_init_sock,
2124 .destroy = tcp_v6_destroy_sock,
2125 .shutdown = tcp_shutdown,
2126 .setsockopt = tcp_setsockopt,
2127 .getsockopt = tcp_getsockopt,
2128 .recvmsg = tcp_recvmsg,
2129 .backlog_rcv = tcp_v6_do_rcv,
2130 .hash = tcp_v6_hash,
2131 .unhash = tcp_unhash,
2132 .get_port = tcp_v6_get_port,
2133 .enter_memory_pressure = tcp_enter_memory_pressure,
2134 .sockets_allocated = &tcp_sockets_allocated,
2135 .memory_allocated = &tcp_memory_allocated,
2136 .memory_pressure = &tcp_memory_pressure,
2137 .orphan_count = &tcp_orphan_count,
2138 .sysctl_mem = sysctl_tcp_mem,
2139 .sysctl_wmem = sysctl_tcp_wmem,
2140 .sysctl_rmem = sysctl_tcp_rmem,
2141 .max_header = MAX_TCP_HEADER,
2142 .obj_size = sizeof(struct tcp6_sock),
2143 .twsk_prot = &tcp6_timewait_sock_ops,
2144 .rsk_prot = &tcp6_request_sock_ops,
2145 #ifdef CONFIG_COMPAT
2146 .compat_setsockopt = compat_tcp_setsockopt,
2147 .compat_getsockopt = compat_tcp_getsockopt,
2149 REF_PROTO_INUSE(tcpv6)
2152 static struct inet6_protocol tcpv6_protocol = {
2153 .handler = tcp_v6_rcv,
2154 .err_handler = tcp_v6_err,
2155 .gso_send_check = tcp_v6_gso_send_check,
2156 .gso_segment = tcp_tso_segment,
2157 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2160 static struct inet_protosw tcpv6_protosw = {
2161 .type = SOCK_STREAM,
2162 .protocol = IPPROTO_TCP,
2163 .prot = &tcpv6_prot,
2164 .ops = &inet6_stream_ops,
2167 .flags = INET_PROTOSW_PERMANENT |
2171 void __init tcpv6_init(void)
2173 /* register inet6 protocol */
2174 if (inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP) < 0)
2175 printk(KERN_ERR "tcpv6_init: Could not register protocol\n");
2176 inet6_register_protosw(&tcpv6_protosw);
2178 if (inet_csk_ctl_sock_create(&tcp6_socket, PF_INET6, SOCK_RAW,
2180 panic("Failed to create the TCPv6 control socket.\n");
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob