2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * Implementation of the Transmission Control Protocol(TCP).
8 * IPv4 specific functions
13 * linux/ipv4/tcp_input.c
14 * linux/ipv4/tcp_output.c
16 * See tcp.c for author information
18 * This program is free software; you can redistribute it and/or
19 * modify it under the terms of the GNU General Public License
20 * as published by the Free Software Foundation; either version
21 * 2 of the License, or (at your option) any later version.
26 * David S. Miller : New socket lookup architecture.
27 * This code is dedicated to John Dyson.
28 * David S. Miller : Change semantics of established hash,
29 * half is devoted to TIME_WAIT sockets
30 * and the rest go in the other half.
31 * Andi Kleen : Add support for syncookies and fixed
32 * some bugs: ip options weren't passed to
33 * the TCP layer, missed a check for an
35 * Andi Kleen : Implemented fast path mtu discovery.
36 * Fixed many serious bugs in the
37 * request_sock handling and moved
38 * most of it into the af independent code.
39 * Added tail drop and some other bugfixes.
40 * Added new listen semantics.
41 * Mike McLagan : Routing by source
42 * Juan Jose Ciarlante: ip_dynaddr bits
43 * Andi Kleen: various fixes.
44 * Vitaly E. Lavrov : Transparent proxy revived after year
46 * Andi Kleen : Fix new listen.
47 * Andi Kleen : Fix accept error reporting.
48 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
49 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
50 * a single port at the same time.
54 #include <linux/types.h>
55 #include <linux/fcntl.h>
56 #include <linux/module.h>
57 #include <linux/random.h>
58 #include <linux/cache.h>
59 #include <linux/jhash.h>
60 #include <linux/init.h>
61 #include <linux/times.h>
63 #include <net/net_namespace.h>
65 #include <net/inet_hashtables.h>
67 #include <net/transp_v6.h>
69 #include <net/inet_common.h>
70 #include <net/timewait_sock.h>
72 #include <net/netdma.h>
74 #include <linux/inet.h>
75 #include <linux/ipv6.h>
76 #include <linux/stddef.h>
77 #include <linux/proc_fs.h>
78 #include <linux/seq_file.h>
80 #include <linux/crypto.h>
81 #include <linux/scatterlist.h>
83 int sysctl_tcp_tw_reuse __read_mostly;
84 int sysctl_tcp_low_latency __read_mostly;
86 /* Check TCP sequence numbers in ICMP packets. */
87 #define ICMP_MIN_LENGTH 8
89 void tcp_v4_send_check(struct sock *sk, int len, struct sk_buff *skb);
91 #ifdef CONFIG_TCP_MD5SIG
92 static struct tcp_md5sig_key *tcp_v4_md5_do_lookup(struct sock *sk,
94 static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
95 __be32 saddr, __be32 daddr,
96 struct tcphdr *th, unsigned int tcplen);
99 struct tcp_md5sig_key *tcp_v4_md5_do_lookup(struct sock *sk, __be32 addr)
105 struct inet_hashinfo __cacheline_aligned tcp_hashinfo = {
106 .lhash_lock = __RW_LOCK_UNLOCKED(tcp_hashinfo.lhash_lock),
107 .lhash_users = ATOMIC_INIT(0),
108 .lhash_wait = __WAIT_QUEUE_HEAD_INITIALIZER(tcp_hashinfo.lhash_wait),
111 static inline __u32 tcp_v4_init_sequence(struct sk_buff *skb)
113 return secure_tcp_sequence_number(ip_hdr(skb)->daddr,
116 tcp_hdr(skb)->source);
119 int tcp_twsk_unique(struct sock *sk, struct sock *sktw, void *twp)
121 const struct tcp_timewait_sock *tcptw = tcp_twsk(sktw);
122 struct tcp_sock *tp = tcp_sk(sk);
124 /* With PAWS, it is safe from the viewpoint
125 of data integrity. Even without PAWS it is safe provided sequence
126 spaces do not overlap i.e. at data rates <= 80Mbit/sec.
128 Actually, the idea is close to VJ's one, only timestamp cache is
129 held not per host, but per port pair and TW bucket is used as state
132 If TW bucket has been already destroyed we fall back to VJ's scheme
133 and use initial timestamp retrieved from peer table.
135 if (tcptw->tw_ts_recent_stamp &&
136 (twp == NULL || (sysctl_tcp_tw_reuse &&
137 get_seconds() - tcptw->tw_ts_recent_stamp > 1))) {
138 tp->write_seq = tcptw->tw_snd_nxt + 65535 + 2;
139 if (tp->write_seq == 0)
141 tp->rx_opt.ts_recent = tcptw->tw_ts_recent;
142 tp->rx_opt.ts_recent_stamp = tcptw->tw_ts_recent_stamp;
150 EXPORT_SYMBOL_GPL(tcp_twsk_unique);
152 /* This will initiate an outgoing connection. */
153 int tcp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
155 struct inet_sock *inet = inet_sk(sk);
156 struct tcp_sock *tp = tcp_sk(sk);
157 struct sockaddr_in *usin = (struct sockaddr_in *)uaddr;
159 __be32 daddr, nexthop;
163 if (addr_len < sizeof(struct sockaddr_in))
166 if (usin->sin_family != AF_INET)
167 return -EAFNOSUPPORT;
169 nexthop = daddr = usin->sin_addr.s_addr;
170 if (inet->opt && inet->opt->srr) {
173 nexthop = inet->opt->faddr;
176 tmp = ip_route_connect(&rt, nexthop, inet->saddr,
177 RT_CONN_FLAGS(sk), sk->sk_bound_dev_if,
179 inet->sport, usin->sin_port, sk, 1);
181 if (tmp == -ENETUNREACH)
182 IP_INC_STATS_BH(IPSTATS_MIB_OUTNOROUTES);
186 if (rt->rt_flags & (RTCF_MULTICAST | RTCF_BROADCAST)) {
191 if (!inet->opt || !inet->opt->srr)
195 inet->saddr = rt->rt_src;
196 inet->rcv_saddr = inet->saddr;
198 if (tp->rx_opt.ts_recent_stamp && inet->daddr != daddr) {
199 /* Reset inherited state */
200 tp->rx_opt.ts_recent = 0;
201 tp->rx_opt.ts_recent_stamp = 0;
205 if (tcp_death_row.sysctl_tw_recycle &&
206 !tp->rx_opt.ts_recent_stamp && rt->rt_dst == daddr) {
207 struct inet_peer *peer = rt_get_peer(rt);
209 * VJ's idea. We save last timestamp seen from
210 * the destination in peer table, when entering state
211 * TIME-WAIT * and initialize rx_opt.ts_recent from it,
212 * when trying new connection.
215 peer->tcp_ts_stamp + TCP_PAWS_MSL >= get_seconds()) {
216 tp->rx_opt.ts_recent_stamp = peer->tcp_ts_stamp;
217 tp->rx_opt.ts_recent = peer->tcp_ts;
221 inet->dport = usin->sin_port;
224 inet_csk(sk)->icsk_ext_hdr_len = 0;
226 inet_csk(sk)->icsk_ext_hdr_len = inet->opt->optlen;
228 tp->rx_opt.mss_clamp = 536;
230 /* Socket identity is still unknown (sport may be zero).
231 * However we set state to SYN-SENT and not releasing socket
232 * lock select source port, enter ourselves into the hash tables and
233 * complete initialization after this.
235 tcp_set_state(sk, TCP_SYN_SENT);
236 err = inet_hash_connect(&tcp_death_row, sk);
240 err = ip_route_newports(&rt, IPPROTO_TCP,
241 inet->sport, inet->dport, sk);
245 /* OK, now commit destination to socket. */
246 sk->sk_gso_type = SKB_GSO_TCPV4;
247 sk_setup_caps(sk, &rt->u.dst);
250 tp->write_seq = secure_tcp_sequence_number(inet->saddr,
255 inet->id = tp->write_seq ^ jiffies;
257 err = tcp_connect(sk);
266 * This unhashes the socket and releases the local port,
269 tcp_set_state(sk, TCP_CLOSE);
271 sk->sk_route_caps = 0;
277 * This routine does path mtu discovery as defined in RFC1191.
279 static void do_pmtu_discovery(struct sock *sk, struct iphdr *iph, u32 mtu)
281 struct dst_entry *dst;
282 struct inet_sock *inet = inet_sk(sk);
284 /* We are not interested in TCP_LISTEN and open_requests (SYN-ACKs
285 * send out by Linux are always <576bytes so they should go through
288 if (sk->sk_state == TCP_LISTEN)
291 /* We don't check in the destentry if pmtu discovery is forbidden
292 * on this route. We just assume that no packet_to_big packets
293 * are send back when pmtu discovery is not active.
294 * There is a small race when the user changes this flag in the
295 * route, but I think that's acceptable.
297 if ((dst = __sk_dst_check(sk, 0)) == NULL)
300 dst->ops->update_pmtu(dst, mtu);
302 /* Something is about to be wrong... Remember soft error
303 * for the case, if this connection will not able to recover.
305 if (mtu < dst_mtu(dst) && ip_dont_fragment(sk, dst))
306 sk->sk_err_soft = EMSGSIZE;
310 if (inet->pmtudisc != IP_PMTUDISC_DONT &&
311 inet_csk(sk)->icsk_pmtu_cookie > mtu) {
312 tcp_sync_mss(sk, mtu);
314 /* Resend the TCP packet because it's
315 * clear that the old packet has been
316 * dropped. This is the new "fast" path mtu
319 tcp_simple_retransmit(sk);
320 } /* else let the usual retransmit timer handle it */
324 * This routine is called by the ICMP module when it gets some
325 * sort of error condition. If err < 0 then the socket should
326 * be closed and the error returned to the user. If err > 0
327 * it's just the icmp type << 8 | icmp code. After adjustment
328 * header points to the first 8 bytes of the tcp header. We need
329 * to find the appropriate port.
331 * The locking strategy used here is very "optimistic". When
332 * someone else accesses the socket the ICMP is just dropped
333 * and for some paths there is no check at all.
334 * A more general error queue to queue errors for later handling
335 * is probably better.
339 void tcp_v4_err(struct sk_buff *skb, u32 info)
341 struct iphdr *iph = (struct iphdr *)skb->data;
342 struct tcphdr *th = (struct tcphdr *)(skb->data + (iph->ihl << 2));
344 struct inet_sock *inet;
345 const int type = icmp_hdr(skb)->type;
346 const int code = icmp_hdr(skb)->code;
351 if (skb->len < (iph->ihl << 2) + 8) {
352 ICMP_INC_STATS_BH(ICMP_MIB_INERRORS);
356 sk = inet_lookup(dev_net(skb->dev), &tcp_hashinfo, iph->daddr, th->dest,
357 iph->saddr, th->source, inet_iif(skb));
359 ICMP_INC_STATS_BH(ICMP_MIB_INERRORS);
362 if (sk->sk_state == TCP_TIME_WAIT) {
363 inet_twsk_put(inet_twsk(sk));
368 /* If too many ICMPs get dropped on busy
369 * servers this needs to be solved differently.
371 if (sock_owned_by_user(sk))
372 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
374 if (sk->sk_state == TCP_CLOSE)
378 seq = ntohl(th->seq);
379 if (sk->sk_state != TCP_LISTEN &&
380 !between(seq, tp->snd_una, tp->snd_nxt)) {
381 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
386 case ICMP_SOURCE_QUENCH:
387 /* Just silently ignore these. */
389 case ICMP_PARAMETERPROB:
392 case ICMP_DEST_UNREACH:
393 if (code > NR_ICMP_UNREACH)
396 if (code == ICMP_FRAG_NEEDED) { /* PMTU discovery (RFC1191) */
397 if (!sock_owned_by_user(sk))
398 do_pmtu_discovery(sk, iph, info);
402 err = icmp_err_convert[code].errno;
404 case ICMP_TIME_EXCEEDED:
411 switch (sk->sk_state) {
412 struct request_sock *req, **prev;
414 if (sock_owned_by_user(sk))
417 req = inet_csk_search_req(sk, &prev, th->dest,
418 iph->daddr, iph->saddr);
422 /* ICMPs are not backlogged, hence we cannot get
423 an established socket here.
427 if (seq != tcp_rsk(req)->snt_isn) {
428 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
433 * Still in SYN_RECV, just remove it silently.
434 * There is no good way to pass the error to the newly
435 * created socket, and POSIX does not want network
436 * errors returned from accept().
438 inet_csk_reqsk_queue_drop(sk, req, prev);
442 case TCP_SYN_RECV: /* Cannot happen.
443 It can f.e. if SYNs crossed.
445 if (!sock_owned_by_user(sk)) {
448 sk->sk_error_report(sk);
452 sk->sk_err_soft = err;
457 /* If we've already connected we will keep trying
458 * until we time out, or the user gives up.
460 * rfc1122 4.2.3.9 allows to consider as hard errors
461 * only PROTO_UNREACH and PORT_UNREACH (well, FRAG_FAILED too,
462 * but it is obsoleted by pmtu discovery).
464 * Note, that in modern internet, where routing is unreliable
465 * and in each dark corner broken firewalls sit, sending random
466 * errors ordered by their masters even this two messages finally lose
467 * their original sense (even Linux sends invalid PORT_UNREACHs)
469 * Now we are in compliance with RFCs.
474 if (!sock_owned_by_user(sk) && inet->recverr) {
476 sk->sk_error_report(sk);
477 } else { /* Only an error on timeout */
478 sk->sk_err_soft = err;
486 /* This routine computes an IPv4 TCP checksum. */
487 void tcp_v4_send_check(struct sock *sk, int len, struct sk_buff *skb)
489 struct inet_sock *inet = inet_sk(sk);
490 struct tcphdr *th = tcp_hdr(skb);
492 if (skb->ip_summed == CHECKSUM_PARTIAL) {
493 th->check = ~tcp_v4_check(len, inet->saddr,
495 skb->csum_start = skb_transport_header(skb) - skb->head;
496 skb->csum_offset = offsetof(struct tcphdr, check);
498 th->check = tcp_v4_check(len, inet->saddr, inet->daddr,
499 csum_partial((char *)th,
505 int tcp_v4_gso_send_check(struct sk_buff *skb)
507 const struct iphdr *iph;
510 if (!pskb_may_pull(skb, sizeof(*th)))
517 th->check = ~tcp_v4_check(skb->len, iph->saddr, iph->daddr, 0);
518 skb->csum_start = skb_transport_header(skb) - skb->head;
519 skb->csum_offset = offsetof(struct tcphdr, check);
520 skb->ip_summed = CHECKSUM_PARTIAL;
525 * This routine will send an RST to the other tcp.
527 * Someone asks: why I NEVER use socket parameters (TOS, TTL etc.)
529 * Answer: if a packet caused RST, it is not for a socket
530 * existing in our system, if it is matched to a socket,
531 * it is just duplicate segment or bug in other side's TCP.
532 * So that we build reply only basing on parameters
533 * arrived with segment.
534 * Exception: precedence violation. We do not implement it in any case.
537 static void tcp_v4_send_reset(struct sock *sk, struct sk_buff *skb)
539 struct tcphdr *th = tcp_hdr(skb);
542 #ifdef CONFIG_TCP_MD5SIG
543 __be32 opt[(TCPOLEN_MD5SIG_ALIGNED >> 2)];
546 struct ip_reply_arg arg;
547 #ifdef CONFIG_TCP_MD5SIG
548 struct tcp_md5sig_key *key;
551 /* Never send a reset in response to a reset. */
555 if (skb->rtable->rt_type != RTN_LOCAL)
558 /* Swap the send and the receive. */
559 memset(&rep, 0, sizeof(rep));
560 rep.th.dest = th->source;
561 rep.th.source = th->dest;
562 rep.th.doff = sizeof(struct tcphdr) / 4;
566 rep.th.seq = th->ack_seq;
569 rep.th.ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin +
570 skb->len - (th->doff << 2));
573 memset(&arg, 0, sizeof(arg));
574 arg.iov[0].iov_base = (unsigned char *)&rep;
575 arg.iov[0].iov_len = sizeof(rep.th);
577 #ifdef CONFIG_TCP_MD5SIG
578 key = sk ? tcp_v4_md5_do_lookup(sk, ip_hdr(skb)->daddr) : NULL;
580 rep.opt[0] = htonl((TCPOPT_NOP << 24) |
582 (TCPOPT_MD5SIG << 8) |
584 /* Update length and the length the header thinks exists */
585 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED;
586 rep.th.doff = arg.iov[0].iov_len / 4;
588 tcp_v4_do_calc_md5_hash((__u8 *)&rep.opt[1],
592 &rep.th, arg.iov[0].iov_len);
595 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr,
596 ip_hdr(skb)->saddr, /* XXX */
597 sizeof(struct tcphdr), IPPROTO_TCP, 0);
598 arg.csumoffset = offsetof(struct tcphdr, check) / 2;
600 ip_send_reply(dev_net(skb->dst->dev)->ipv4.tcp_sock, skb,
601 &arg, arg.iov[0].iov_len);
603 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
604 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
607 /* The code following below sending ACKs in SYN-RECV and TIME-WAIT states
608 outside socket context is ugly, certainly. What can I do?
611 static void tcp_v4_send_ack(struct sk_buff *skb, u32 seq, u32 ack,
612 u32 win, u32 ts, int oif,
613 struct tcp_md5sig_key *key)
615 struct tcphdr *th = tcp_hdr(skb);
618 __be32 opt[(TCPOLEN_TSTAMP_ALIGNED >> 2)
619 #ifdef CONFIG_TCP_MD5SIG
620 + (TCPOLEN_MD5SIG_ALIGNED >> 2)
624 struct ip_reply_arg arg;
626 memset(&rep.th, 0, sizeof(struct tcphdr));
627 memset(&arg, 0, sizeof(arg));
629 arg.iov[0].iov_base = (unsigned char *)&rep;
630 arg.iov[0].iov_len = sizeof(rep.th);
632 rep.opt[0] = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
633 (TCPOPT_TIMESTAMP << 8) |
635 rep.opt[1] = htonl(tcp_time_stamp);
636 rep.opt[2] = htonl(ts);
637 arg.iov[0].iov_len += TCPOLEN_TSTAMP_ALIGNED;
640 /* Swap the send and the receive. */
641 rep.th.dest = th->source;
642 rep.th.source = th->dest;
643 rep.th.doff = arg.iov[0].iov_len / 4;
644 rep.th.seq = htonl(seq);
645 rep.th.ack_seq = htonl(ack);
647 rep.th.window = htons(win);
649 #ifdef CONFIG_TCP_MD5SIG
651 int offset = (ts) ? 3 : 0;
653 rep.opt[offset++] = htonl((TCPOPT_NOP << 24) |
655 (TCPOPT_MD5SIG << 8) |
657 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED;
658 rep.th.doff = arg.iov[0].iov_len/4;
660 tcp_v4_do_calc_md5_hash((__u8 *)&rep.opt[offset],
664 &rep.th, arg.iov[0].iov_len);
667 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr,
668 ip_hdr(skb)->saddr, /* XXX */
669 arg.iov[0].iov_len, IPPROTO_TCP, 0);
670 arg.csumoffset = offsetof(struct tcphdr, check) / 2;
672 arg.bound_dev_if = oif;
674 ip_send_reply(dev_net(skb->dev)->ipv4.tcp_sock, skb,
675 &arg, arg.iov[0].iov_len);
677 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
680 static void tcp_v4_timewait_ack(struct sock *sk, struct sk_buff *skb)
682 struct inet_timewait_sock *tw = inet_twsk(sk);
683 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
685 tcp_v4_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
686 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
689 tcp_twsk_md5_key(tcptw)
695 static void tcp_v4_reqsk_send_ack(struct sk_buff *skb,
696 struct request_sock *req)
698 tcp_v4_send_ack(skb, tcp_rsk(req)->snt_isn + 1,
699 tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd,
702 tcp_v4_md5_do_lookup(skb->sk, ip_hdr(skb)->daddr));
706 * Send a SYN-ACK after having received a SYN.
707 * This still operates on a request_sock only, not on a big
710 static int __tcp_v4_send_synack(struct sock *sk, struct request_sock *req,
711 struct dst_entry *dst)
713 const struct inet_request_sock *ireq = inet_rsk(req);
715 struct sk_buff * skb;
717 /* First, grab a route. */
718 if (!dst && (dst = inet_csk_route_req(sk, req)) == NULL)
721 skb = tcp_make_synack(sk, dst, req);
724 struct tcphdr *th = tcp_hdr(skb);
726 th->check = tcp_v4_check(skb->len,
729 csum_partial((char *)th, skb->len,
732 err = ip_build_and_send_pkt(skb, sk, ireq->loc_addr,
735 err = net_xmit_eval(err);
742 static int tcp_v4_send_synack(struct sock *sk, struct request_sock *req)
744 return __tcp_v4_send_synack(sk, req, NULL);
748 * IPv4 request_sock destructor.
750 static void tcp_v4_reqsk_destructor(struct request_sock *req)
752 kfree(inet_rsk(req)->opt);
755 #ifdef CONFIG_SYN_COOKIES
756 static void syn_flood_warning(struct sk_buff *skb)
758 static unsigned long warntime;
760 if (time_after(jiffies, (warntime + HZ * 60))) {
763 "possible SYN flooding on port %d. Sending cookies.\n",
764 ntohs(tcp_hdr(skb)->dest));
770 * Save and compile IPv4 options into the request_sock if needed.
772 static struct ip_options *tcp_v4_save_options(struct sock *sk,
775 struct ip_options *opt = &(IPCB(skb)->opt);
776 struct ip_options *dopt = NULL;
778 if (opt && opt->optlen) {
779 int opt_size = optlength(opt);
780 dopt = kmalloc(opt_size, GFP_ATOMIC);
782 if (ip_options_echo(dopt, skb)) {
791 #ifdef CONFIG_TCP_MD5SIG
793 * RFC2385 MD5 checksumming requires a mapping of
794 * IP address->MD5 Key.
795 * We need to maintain these in the sk structure.
798 /* Find the Key structure for an address. */
799 static struct tcp_md5sig_key *
800 tcp_v4_md5_do_lookup(struct sock *sk, __be32 addr)
802 struct tcp_sock *tp = tcp_sk(sk);
805 if (!tp->md5sig_info || !tp->md5sig_info->entries4)
807 for (i = 0; i < tp->md5sig_info->entries4; i++) {
808 if (tp->md5sig_info->keys4[i].addr == addr)
809 return &tp->md5sig_info->keys4[i].base;
814 struct tcp_md5sig_key *tcp_v4_md5_lookup(struct sock *sk,
815 struct sock *addr_sk)
817 return tcp_v4_md5_do_lookup(sk, inet_sk(addr_sk)->daddr);
820 EXPORT_SYMBOL(tcp_v4_md5_lookup);
822 static struct tcp_md5sig_key *tcp_v4_reqsk_md5_lookup(struct sock *sk,
823 struct request_sock *req)
825 return tcp_v4_md5_do_lookup(sk, inet_rsk(req)->rmt_addr);
828 /* This can be called on a newly created socket, from other files */
829 int tcp_v4_md5_do_add(struct sock *sk, __be32 addr,
830 u8 *newkey, u8 newkeylen)
832 /* Add Key to the list */
833 struct tcp_md5sig_key *key;
834 struct tcp_sock *tp = tcp_sk(sk);
835 struct tcp4_md5sig_key *keys;
837 key = tcp_v4_md5_do_lookup(sk, addr);
839 /* Pre-existing entry - just update that one. */
842 key->keylen = newkeylen;
844 struct tcp_md5sig_info *md5sig;
846 if (!tp->md5sig_info) {
847 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info),
849 if (!tp->md5sig_info) {
853 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
855 if (tcp_alloc_md5sig_pool() == NULL) {
859 md5sig = tp->md5sig_info;
861 if (md5sig->alloced4 == md5sig->entries4) {
862 keys = kmalloc((sizeof(*keys) *
863 (md5sig->entries4 + 1)), GFP_ATOMIC);
866 tcp_free_md5sig_pool();
870 if (md5sig->entries4)
871 memcpy(keys, md5sig->keys4,
872 sizeof(*keys) * md5sig->entries4);
874 /* Free old key list, and reference new one */
875 kfree(md5sig->keys4);
876 md5sig->keys4 = keys;
880 md5sig->keys4[md5sig->entries4 - 1].addr = addr;
881 md5sig->keys4[md5sig->entries4 - 1].base.key = newkey;
882 md5sig->keys4[md5sig->entries4 - 1].base.keylen = newkeylen;
887 EXPORT_SYMBOL(tcp_v4_md5_do_add);
889 static int tcp_v4_md5_add_func(struct sock *sk, struct sock *addr_sk,
890 u8 *newkey, u8 newkeylen)
892 return tcp_v4_md5_do_add(sk, inet_sk(addr_sk)->daddr,
896 int tcp_v4_md5_do_del(struct sock *sk, __be32 addr)
898 struct tcp_sock *tp = tcp_sk(sk);
901 for (i = 0; i < tp->md5sig_info->entries4; i++) {
902 if (tp->md5sig_info->keys4[i].addr == addr) {
904 kfree(tp->md5sig_info->keys4[i].base.key);
905 tp->md5sig_info->entries4--;
907 if (tp->md5sig_info->entries4 == 0) {
908 kfree(tp->md5sig_info->keys4);
909 tp->md5sig_info->keys4 = NULL;
910 tp->md5sig_info->alloced4 = 0;
911 } else if (tp->md5sig_info->entries4 != i) {
912 /* Need to do some manipulation */
913 memmove(&tp->md5sig_info->keys4[i],
914 &tp->md5sig_info->keys4[i+1],
915 (tp->md5sig_info->entries4 - i) *
916 sizeof(struct tcp4_md5sig_key));
918 tcp_free_md5sig_pool();
925 EXPORT_SYMBOL(tcp_v4_md5_do_del);
927 static void tcp_v4_clear_md5_list(struct sock *sk)
929 struct tcp_sock *tp = tcp_sk(sk);
931 /* Free each key, then the set of key keys,
932 * the crypto element, and then decrement our
933 * hold on the last resort crypto.
935 if (tp->md5sig_info->entries4) {
937 for (i = 0; i < tp->md5sig_info->entries4; i++)
938 kfree(tp->md5sig_info->keys4[i].base.key);
939 tp->md5sig_info->entries4 = 0;
940 tcp_free_md5sig_pool();
942 if (tp->md5sig_info->keys4) {
943 kfree(tp->md5sig_info->keys4);
944 tp->md5sig_info->keys4 = NULL;
945 tp->md5sig_info->alloced4 = 0;
949 static int tcp_v4_parse_md5_keys(struct sock *sk, char __user *optval,
952 struct tcp_md5sig cmd;
953 struct sockaddr_in *sin = (struct sockaddr_in *)&cmd.tcpm_addr;
956 if (optlen < sizeof(cmd))
959 if (copy_from_user(&cmd, optval, sizeof(cmd)))
962 if (sin->sin_family != AF_INET)
965 if (!cmd.tcpm_key || !cmd.tcpm_keylen) {
966 if (!tcp_sk(sk)->md5sig_info)
968 return tcp_v4_md5_do_del(sk, sin->sin_addr.s_addr);
971 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
974 if (!tcp_sk(sk)->md5sig_info) {
975 struct tcp_sock *tp = tcp_sk(sk);
976 struct tcp_md5sig_info *p = kzalloc(sizeof(*p), GFP_KERNEL);
982 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
985 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
988 return tcp_v4_md5_do_add(sk, sin->sin_addr.s_addr,
989 newkey, cmd.tcpm_keylen);
992 static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
993 __be32 saddr, __be32 daddr,
997 struct tcp_md5sig_pool *hp;
998 struct tcp4_pseudohdr *bp;
1002 * Okay, so RFC2385 is turned on for this connection,
1003 * so we need to generate the MD5 hash for the packet now.
1006 hp = tcp_get_md5sig_pool();
1008 goto clear_hash_noput;
1010 bp = &hp->md5_blk.ip4;
1013 * The TCP pseudo-header (in the order: source IP address,
1014 * destination IP address, zero-padded protocol number, and
1020 bp->protocol = IPPROTO_TCP;
1021 bp->len = htons(tcplen);
1023 err = tcp_calc_md5_hash(md5_hash, key, sizeof(*bp),
1028 /* Free up the crypto pool */
1029 tcp_put_md5sig_pool();
1033 tcp_put_md5sig_pool();
1035 memset(md5_hash, 0, 16);
1039 int tcp_v4_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
1041 struct dst_entry *dst,
1042 struct request_sock *req,
1044 unsigned int tcplen)
1046 __be32 saddr, daddr;
1049 saddr = inet_sk(sk)->saddr;
1050 daddr = inet_sk(sk)->daddr;
1052 struct rtable *rt = (struct rtable *)dst;
1057 return tcp_v4_do_calc_md5_hash(md5_hash, key,
1062 EXPORT_SYMBOL(tcp_v4_calc_md5_hash);
1064 static int tcp_v4_inbound_md5_hash(struct sock *sk, struct sk_buff *skb)
1067 * This gets called for each TCP segment that arrives
1068 * so we want to be efficient.
1069 * We have 3 drop cases:
1070 * o No MD5 hash and one expected.
1071 * o MD5 hash and we're not expecting one.
1072 * o MD5 hash and its wrong.
1074 __u8 *hash_location = NULL;
1075 struct tcp_md5sig_key *hash_expected;
1076 const struct iphdr *iph = ip_hdr(skb);
1077 struct tcphdr *th = tcp_hdr(skb);
1079 unsigned char newhash[16];
1081 hash_expected = tcp_v4_md5_do_lookup(sk, iph->saddr);
1082 hash_location = tcp_parse_md5sig_option(th);
1084 /* We've parsed the options - do we have a hash? */
1085 if (!hash_expected && !hash_location)
1088 if (hash_expected && !hash_location) {
1089 LIMIT_NETDEBUG(KERN_INFO "MD5 Hash expected but NOT found "
1090 "(" NIPQUAD_FMT ", %d)->(" NIPQUAD_FMT ", %d)\n",
1091 NIPQUAD(iph->saddr), ntohs(th->source),
1092 NIPQUAD(iph->daddr), ntohs(th->dest));
1096 if (!hash_expected && hash_location) {
1097 LIMIT_NETDEBUG(KERN_INFO "MD5 Hash NOT expected but found "
1098 "(" NIPQUAD_FMT ", %d)->(" NIPQUAD_FMT ", %d)\n",
1099 NIPQUAD(iph->saddr), ntohs(th->source),
1100 NIPQUAD(iph->daddr), ntohs(th->dest));
1104 /* Okay, so this is hash_expected and hash_location -
1105 * so we need to calculate the checksum.
1107 genhash = tcp_v4_do_calc_md5_hash(newhash,
1109 iph->saddr, iph->daddr,
1112 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
1113 if (net_ratelimit()) {
1114 printk(KERN_INFO "MD5 Hash failed for "
1115 "(" NIPQUAD_FMT ", %d)->(" NIPQUAD_FMT ", %d)%s\n",
1116 NIPQUAD(iph->saddr), ntohs(th->source),
1117 NIPQUAD(iph->daddr), ntohs(th->dest),
1118 genhash ? " tcp_v4_calc_md5_hash failed" : "");
1127 struct request_sock_ops tcp_request_sock_ops __read_mostly = {
1129 .obj_size = sizeof(struct tcp_request_sock),
1130 .rtx_syn_ack = tcp_v4_send_synack,
1131 .send_ack = tcp_v4_reqsk_send_ack,
1132 .destructor = tcp_v4_reqsk_destructor,
1133 .send_reset = tcp_v4_send_reset,
1136 #ifdef CONFIG_TCP_MD5SIG
1137 static struct tcp_request_sock_ops tcp_request_sock_ipv4_ops = {
1138 .md5_lookup = tcp_v4_reqsk_md5_lookup,
1142 static struct timewait_sock_ops tcp_timewait_sock_ops = {
1143 .twsk_obj_size = sizeof(struct tcp_timewait_sock),
1144 .twsk_unique = tcp_twsk_unique,
1145 .twsk_destructor= tcp_twsk_destructor,
1148 int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1150 struct inet_request_sock *ireq;
1151 struct tcp_options_received tmp_opt;
1152 struct request_sock *req;
1153 __be32 saddr = ip_hdr(skb)->saddr;
1154 __be32 daddr = ip_hdr(skb)->daddr;
1155 __u32 isn = TCP_SKB_CB(skb)->when;
1156 struct dst_entry *dst = NULL;
1157 #ifdef CONFIG_SYN_COOKIES
1158 int want_cookie = 0;
1160 #define want_cookie 0 /* Argh, why doesn't gcc optimize this :( */
1163 /* Never answer to SYNs send to broadcast or multicast */
1164 if (skb->rtable->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST))
1167 /* TW buckets are converted to open requests without
1168 * limitations, they conserve resources and peer is
1169 * evidently real one.
1171 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1172 #ifdef CONFIG_SYN_COOKIES
1173 if (sysctl_tcp_syncookies) {
1180 /* Accept backlog is full. If we have already queued enough
1181 * of warm entries in syn queue, drop request. It is better than
1182 * clogging syn queue with openreqs with exponentially increasing
1185 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1188 req = inet_reqsk_alloc(&tcp_request_sock_ops);
1192 #ifdef CONFIG_TCP_MD5SIG
1193 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv4_ops;
1196 tcp_clear_options(&tmp_opt);
1197 tmp_opt.mss_clamp = 536;
1198 tmp_opt.user_mss = tcp_sk(sk)->rx_opt.user_mss;
1200 tcp_parse_options(skb, &tmp_opt, 0);
1202 if (want_cookie && !tmp_opt.saw_tstamp)
1203 tcp_clear_options(&tmp_opt);
1205 if (tmp_opt.saw_tstamp && !tmp_opt.rcv_tsval) {
1206 /* Some OSes (unknown ones, but I see them on web server, which
1207 * contains information interesting only for windows'
1208 * users) do not send their stamp in SYN. It is easy case.
1209 * We simply do not advertise TS support.
1211 tmp_opt.saw_tstamp = 0;
1212 tmp_opt.tstamp_ok = 0;
1214 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1216 tcp_openreq_init(req, &tmp_opt, skb);
1218 if (security_inet_conn_request(sk, skb, req))
1221 ireq = inet_rsk(req);
1222 ireq->loc_addr = daddr;
1223 ireq->rmt_addr = saddr;
1224 ireq->opt = tcp_v4_save_options(sk, skb);
1226 TCP_ECN_create_request(req, tcp_hdr(skb));
1229 #ifdef CONFIG_SYN_COOKIES
1230 syn_flood_warning(skb);
1231 req->cookie_ts = tmp_opt.tstamp_ok;
1233 isn = cookie_v4_init_sequence(sk, skb, &req->mss);
1235 struct inet_peer *peer = NULL;
1237 /* VJ's idea. We save last timestamp seen
1238 * from the destination in peer table, when entering
1239 * state TIME-WAIT, and check against it before
1240 * accepting new connection request.
1242 * If "isn" is not zero, this request hit alive
1243 * timewait bucket, so that all the necessary checks
1244 * are made in the function processing timewait state.
1246 if (tmp_opt.saw_tstamp &&
1247 tcp_death_row.sysctl_tw_recycle &&
1248 (dst = inet_csk_route_req(sk, req)) != NULL &&
1249 (peer = rt_get_peer((struct rtable *)dst)) != NULL &&
1250 peer->v4daddr == saddr) {
1251 if (get_seconds() < peer->tcp_ts_stamp + TCP_PAWS_MSL &&
1252 (s32)(peer->tcp_ts - req->ts_recent) >
1254 NET_INC_STATS_BH(LINUX_MIB_PAWSPASSIVEREJECTED);
1255 goto drop_and_release;
1258 /* Kill the following clause, if you dislike this way. */
1259 else if (!sysctl_tcp_syncookies &&
1260 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
1261 (sysctl_max_syn_backlog >> 2)) &&
1262 (!peer || !peer->tcp_ts_stamp) &&
1263 (!dst || !dst_metric(dst, RTAX_RTT))) {
1264 /* Without syncookies last quarter of
1265 * backlog is filled with destinations,
1266 * proven to be alive.
1267 * It means that we continue to communicate
1268 * to destinations, already remembered
1269 * to the moment of synflood.
1271 LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open "
1272 "request from " NIPQUAD_FMT "/%u\n",
1274 ntohs(tcp_hdr(skb)->source));
1275 goto drop_and_release;
1278 isn = tcp_v4_init_sequence(skb);
1280 tcp_rsk(req)->snt_isn = isn;
1282 if (__tcp_v4_send_synack(sk, req, dst) || want_cookie)
1285 inet_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1298 * The three way handshake has completed - we got a valid synack -
1299 * now create the new socket.
1301 struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1302 struct request_sock *req,
1303 struct dst_entry *dst)
1305 struct inet_request_sock *ireq;
1306 struct inet_sock *newinet;
1307 struct tcp_sock *newtp;
1309 #ifdef CONFIG_TCP_MD5SIG
1310 struct tcp_md5sig_key *key;
1313 if (sk_acceptq_is_full(sk))
1316 if (!dst && (dst = inet_csk_route_req(sk, req)) == NULL)
1319 newsk = tcp_create_openreq_child(sk, req, skb);
1323 newsk->sk_gso_type = SKB_GSO_TCPV4;
1324 sk_setup_caps(newsk, dst);
1326 newtp = tcp_sk(newsk);
1327 newinet = inet_sk(newsk);
1328 ireq = inet_rsk(req);
1329 newinet->daddr = ireq->rmt_addr;
1330 newinet->rcv_saddr = ireq->loc_addr;
1331 newinet->saddr = ireq->loc_addr;
1332 newinet->opt = ireq->opt;
1334 newinet->mc_index = inet_iif(skb);
1335 newinet->mc_ttl = ip_hdr(skb)->ttl;
1336 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1338 inet_csk(newsk)->icsk_ext_hdr_len = newinet->opt->optlen;
1339 newinet->id = newtp->write_seq ^ jiffies;
1341 tcp_mtup_init(newsk);
1342 tcp_sync_mss(newsk, dst_mtu(dst));
1343 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1344 tcp_initialize_rcv_mss(newsk);
1346 #ifdef CONFIG_TCP_MD5SIG
1347 /* Copy over the MD5 key from the original socket */
1348 if ((key = tcp_v4_md5_do_lookup(sk, newinet->daddr)) != NULL) {
1350 * We're using one, so create a matching key
1351 * on the newsk structure. If we fail to get
1352 * memory, then we end up not copying the key
1355 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1357 tcp_v4_md5_do_add(newsk, inet_sk(sk)->daddr,
1358 newkey, key->keylen);
1362 __inet_hash_nolisten(newsk);
1363 __inet_inherit_port(sk, newsk);
1368 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
1370 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
1375 static struct sock *tcp_v4_hnd_req(struct sock *sk, struct sk_buff *skb)
1377 struct tcphdr *th = tcp_hdr(skb);
1378 const struct iphdr *iph = ip_hdr(skb);
1380 struct request_sock **prev;
1381 /* Find possible connection requests. */
1382 struct request_sock *req = inet_csk_search_req(sk, &prev, th->source,
1383 iph->saddr, iph->daddr);
1385 return tcp_check_req(sk, skb, req, prev);
1387 nsk = inet_lookup_established(sock_net(sk), &tcp_hashinfo, iph->saddr,
1388 th->source, iph->daddr, th->dest, inet_iif(skb));
1391 if (nsk->sk_state != TCP_TIME_WAIT) {
1395 inet_twsk_put(inet_twsk(nsk));
1399 #ifdef CONFIG_SYN_COOKIES
1400 if (!th->rst && !th->syn && th->ack)
1401 sk = cookie_v4_check(sk, skb, &(IPCB(skb)->opt));
1406 static __sum16 tcp_v4_checksum_init(struct sk_buff *skb)
1408 const struct iphdr *iph = ip_hdr(skb);
1410 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1411 if (!tcp_v4_check(skb->len, iph->saddr,
1412 iph->daddr, skb->csum)) {
1413 skb->ip_summed = CHECKSUM_UNNECESSARY;
1418 skb->csum = csum_tcpudp_nofold(iph->saddr, iph->daddr,
1419 skb->len, IPPROTO_TCP, 0);
1421 if (skb->len <= 76) {
1422 return __skb_checksum_complete(skb);
1428 /* The socket must have it's spinlock held when we get
1431 * We have a potential double-lock case here, so even when
1432 * doing backlog processing we use the BH locking scheme.
1433 * This is because we cannot sleep with the original spinlock
1436 int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
1439 #ifdef CONFIG_TCP_MD5SIG
1441 * We really want to reject the packet as early as possible
1443 * o We're expecting an MD5'd packet and this is no MD5 tcp option
1444 * o There is an MD5 option and we're not expecting one
1446 if (tcp_v4_inbound_md5_hash(sk, skb))
1450 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1451 TCP_CHECK_TIMER(sk);
1452 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len)) {
1456 TCP_CHECK_TIMER(sk);
1460 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1463 if (sk->sk_state == TCP_LISTEN) {
1464 struct sock *nsk = tcp_v4_hnd_req(sk, skb);
1469 if (tcp_child_process(sk, nsk, skb)) {
1477 TCP_CHECK_TIMER(sk);
1478 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) {
1482 TCP_CHECK_TIMER(sk);
1486 tcp_v4_send_reset(rsk, skb);
1489 /* Be careful here. If this function gets more complicated and
1490 * gcc suffers from register pressure on the x86, sk (in %ebx)
1491 * might be destroyed here. This current version compiles correctly,
1492 * but you have been warned.
1497 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1505 int tcp_v4_rcv(struct sk_buff *skb)
1507 const struct iphdr *iph;
1512 if (skb->pkt_type != PACKET_HOST)
1515 /* Count it even if it's bad */
1516 TCP_INC_STATS_BH(TCP_MIB_INSEGS);
1518 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1523 if (th->doff < sizeof(struct tcphdr) / 4)
1525 if (!pskb_may_pull(skb, th->doff * 4))
1528 /* An explanation is required here, I think.
1529 * Packet length and doff are validated by header prediction,
1530 * provided case of th->doff==0 is eliminated.
1531 * So, we defer the checks. */
1532 if (!skb_csum_unnecessary(skb) && tcp_v4_checksum_init(skb))
1537 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1538 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1539 skb->len - th->doff * 4);
1540 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1541 TCP_SKB_CB(skb)->when = 0;
1542 TCP_SKB_CB(skb)->flags = iph->tos;
1543 TCP_SKB_CB(skb)->sacked = 0;
1545 sk = __inet_lookup(dev_net(skb->dev), &tcp_hashinfo, iph->saddr,
1546 th->source, iph->daddr, th->dest, inet_iif(skb));
1551 if (sk->sk_state == TCP_TIME_WAIT)
1554 if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb))
1555 goto discard_and_relse;
1558 if (sk_filter(sk, skb))
1559 goto discard_and_relse;
1563 bh_lock_sock_nested(sk);
1565 if (!sock_owned_by_user(sk)) {
1566 #ifdef CONFIG_NET_DMA
1567 struct tcp_sock *tp = tcp_sk(sk);
1568 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1569 tp->ucopy.dma_chan = get_softnet_dma();
1570 if (tp->ucopy.dma_chan)
1571 ret = tcp_v4_do_rcv(sk, skb);
1575 if (!tcp_prequeue(sk, skb))
1576 ret = tcp_v4_do_rcv(sk, skb);
1579 sk_add_backlog(sk, skb);
1587 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
1590 if (skb->len < (th->doff << 2) || tcp_checksum_complete(skb)) {
1592 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1594 tcp_v4_send_reset(NULL, skb);
1598 /* Discard frame. */
1607 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1608 inet_twsk_put(inet_twsk(sk));
1612 if (skb->len < (th->doff << 2) || tcp_checksum_complete(skb)) {
1613 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1614 inet_twsk_put(inet_twsk(sk));
1617 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1619 struct sock *sk2 = inet_lookup_listener(dev_net(skb->dev),
1621 iph->daddr, th->dest,
1624 inet_twsk_deschedule(inet_twsk(sk), &tcp_death_row);
1625 inet_twsk_put(inet_twsk(sk));
1629 /* Fall through to ACK */
1632 tcp_v4_timewait_ack(sk, skb);
1636 case TCP_TW_SUCCESS:;
1641 /* VJ's idea. Save last timestamp seen from this destination
1642 * and hold it at least for normal timewait interval to use for duplicate
1643 * segment detection in subsequent connections, before they enter synchronized
1647 int tcp_v4_remember_stamp(struct sock *sk)
1649 struct inet_sock *inet = inet_sk(sk);
1650 struct tcp_sock *tp = tcp_sk(sk);
1651 struct rtable *rt = (struct rtable *)__sk_dst_get(sk);
1652 struct inet_peer *peer = NULL;
1655 if (!rt || rt->rt_dst != inet->daddr) {
1656 peer = inet_getpeer(inet->daddr, 1);
1660 rt_bind_peer(rt, 1);
1665 if ((s32)(peer->tcp_ts - tp->rx_opt.ts_recent) <= 0 ||
1666 (peer->tcp_ts_stamp + TCP_PAWS_MSL < get_seconds() &&
1667 peer->tcp_ts_stamp <= tp->rx_opt.ts_recent_stamp)) {
1668 peer->tcp_ts_stamp = tp->rx_opt.ts_recent_stamp;
1669 peer->tcp_ts = tp->rx_opt.ts_recent;
1679 int tcp_v4_tw_remember_stamp(struct inet_timewait_sock *tw)
1681 struct inet_peer *peer = inet_getpeer(tw->tw_daddr, 1);
1684 const struct tcp_timewait_sock *tcptw = tcp_twsk((struct sock *)tw);
1686 if ((s32)(peer->tcp_ts - tcptw->tw_ts_recent) <= 0 ||
1687 (peer->tcp_ts_stamp + TCP_PAWS_MSL < get_seconds() &&
1688 peer->tcp_ts_stamp <= tcptw->tw_ts_recent_stamp)) {
1689 peer->tcp_ts_stamp = tcptw->tw_ts_recent_stamp;
1690 peer->tcp_ts = tcptw->tw_ts_recent;
1699 struct inet_connection_sock_af_ops ipv4_specific = {
1700 .queue_xmit = ip_queue_xmit,
1701 .send_check = tcp_v4_send_check,
1702 .rebuild_header = inet_sk_rebuild_header,
1703 .conn_request = tcp_v4_conn_request,
1704 .syn_recv_sock = tcp_v4_syn_recv_sock,
1705 .remember_stamp = tcp_v4_remember_stamp,
1706 .net_header_len = sizeof(struct iphdr),
1707 .setsockopt = ip_setsockopt,
1708 .getsockopt = ip_getsockopt,
1709 .addr2sockaddr = inet_csk_addr2sockaddr,
1710 .sockaddr_len = sizeof(struct sockaddr_in),
1711 .bind_conflict = inet_csk_bind_conflict,
1712 #ifdef CONFIG_COMPAT
1713 .compat_setsockopt = compat_ip_setsockopt,
1714 .compat_getsockopt = compat_ip_getsockopt,
1718 #ifdef CONFIG_TCP_MD5SIG
1719 static struct tcp_sock_af_ops tcp_sock_ipv4_specific = {
1720 .md5_lookup = tcp_v4_md5_lookup,
1721 .calc_md5_hash = tcp_v4_calc_md5_hash,
1722 .md5_add = tcp_v4_md5_add_func,
1723 .md5_parse = tcp_v4_parse_md5_keys,
1727 /* NOTE: A lot of things set to zero explicitly by call to
1728 * sk_alloc() so need not be done here.
1730 static int tcp_v4_init_sock(struct sock *sk)
1732 struct inet_connection_sock *icsk = inet_csk(sk);
1733 struct tcp_sock *tp = tcp_sk(sk);
1735 skb_queue_head_init(&tp->out_of_order_queue);
1736 tcp_init_xmit_timers(sk);
1737 tcp_prequeue_init(tp);
1739 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1740 tp->mdev = TCP_TIMEOUT_INIT;
1742 /* So many TCP implementations out there (incorrectly) count the
1743 * initial SYN frame in their delayed-ACK and congestion control
1744 * algorithms that we must have the following bandaid to talk
1745 * efficiently to them. -DaveM
1749 /* See draft-stevens-tcpca-spec-01 for discussion of the
1750 * initialization of these values.
1752 tp->snd_ssthresh = 0x7fffffff; /* Infinity */
1753 tp->snd_cwnd_clamp = ~0;
1754 tp->mss_cache = 536;
1756 tp->reordering = sysctl_tcp_reordering;
1757 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1759 sk->sk_state = TCP_CLOSE;
1761 sk->sk_write_space = sk_stream_write_space;
1762 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1764 icsk->icsk_af_ops = &ipv4_specific;
1765 icsk->icsk_sync_mss = tcp_sync_mss;
1766 #ifdef CONFIG_TCP_MD5SIG
1767 tp->af_specific = &tcp_sock_ipv4_specific;
1770 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1771 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1773 atomic_inc(&tcp_sockets_allocated);
1778 int tcp_v4_destroy_sock(struct sock *sk)
1780 struct tcp_sock *tp = tcp_sk(sk);
1782 tcp_clear_xmit_timers(sk);
1784 tcp_cleanup_congestion_control(sk);
1786 /* Cleanup up the write buffer. */
1787 tcp_write_queue_purge(sk);
1789 /* Cleans up our, hopefully empty, out_of_order_queue. */
1790 __skb_queue_purge(&tp->out_of_order_queue);
1792 #ifdef CONFIG_TCP_MD5SIG
1793 /* Clean up the MD5 key list, if any */
1794 if (tp->md5sig_info) {
1795 tcp_v4_clear_md5_list(sk);
1796 kfree(tp->md5sig_info);
1797 tp->md5sig_info = NULL;
1801 #ifdef CONFIG_NET_DMA
1802 /* Cleans up our sk_async_wait_queue */
1803 __skb_queue_purge(&sk->sk_async_wait_queue);
1806 /* Clean prequeue, it must be empty really */
1807 __skb_queue_purge(&tp->ucopy.prequeue);
1809 /* Clean up a referenced TCP bind bucket. */
1810 if (inet_csk(sk)->icsk_bind_hash)
1814 * If sendmsg cached page exists, toss it.
1816 if (sk->sk_sndmsg_page) {
1817 __free_page(sk->sk_sndmsg_page);
1818 sk->sk_sndmsg_page = NULL;
1821 atomic_dec(&tcp_sockets_allocated);
1826 EXPORT_SYMBOL(tcp_v4_destroy_sock);
1828 #ifdef CONFIG_PROC_FS
1829 /* Proc filesystem TCP sock list dumping. */
1831 static inline struct inet_timewait_sock *tw_head(struct hlist_head *head)
1833 return hlist_empty(head) ? NULL :
1834 list_entry(head->first, struct inet_timewait_sock, tw_node);
1837 static inline struct inet_timewait_sock *tw_next(struct inet_timewait_sock *tw)
1839 return tw->tw_node.next ?
1840 hlist_entry(tw->tw_node.next, typeof(*tw), tw_node) : NULL;
1843 static void *listening_get_next(struct seq_file *seq, void *cur)
1845 struct inet_connection_sock *icsk;
1846 struct hlist_node *node;
1847 struct sock *sk = cur;
1848 struct tcp_iter_state* st = seq->private;
1849 struct net *net = seq_file_net(seq);
1853 sk = sk_head(&tcp_hashinfo.listening_hash[0]);
1859 if (st->state == TCP_SEQ_STATE_OPENREQ) {
1860 struct request_sock *req = cur;
1862 icsk = inet_csk(st->syn_wait_sk);
1866 if (req->rsk_ops->family == st->family &&
1867 net_eq(sock_net(req->sk), net)) {
1873 if (++st->sbucket >= icsk->icsk_accept_queue.listen_opt->nr_table_entries)
1876 req = icsk->icsk_accept_queue.listen_opt->syn_table[st->sbucket];
1878 sk = sk_next(st->syn_wait_sk);
1879 st->state = TCP_SEQ_STATE_LISTENING;
1880 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
1882 icsk = inet_csk(sk);
1883 read_lock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
1884 if (reqsk_queue_len(&icsk->icsk_accept_queue))
1886 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
1890 sk_for_each_from(sk, node) {
1891 if (sk->sk_family == st->family && net_eq(sock_net(sk), net)) {
1895 icsk = inet_csk(sk);
1896 read_lock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
1897 if (reqsk_queue_len(&icsk->icsk_accept_queue)) {
1899 st->uid = sock_i_uid(sk);
1900 st->syn_wait_sk = sk;
1901 st->state = TCP_SEQ_STATE_OPENREQ;
1905 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
1907 if (++st->bucket < INET_LHTABLE_SIZE) {
1908 sk = sk_head(&tcp_hashinfo.listening_hash[st->bucket]);
1916 static void *listening_get_idx(struct seq_file *seq, loff_t *pos)
1918 void *rc = listening_get_next(seq, NULL);
1920 while (rc && *pos) {
1921 rc = listening_get_next(seq, rc);
1927 static void *established_get_first(struct seq_file *seq)
1929 struct tcp_iter_state* st = seq->private;
1930 struct net *net = seq_file_net(seq);
1933 for (st->bucket = 0; st->bucket < tcp_hashinfo.ehash_size; ++st->bucket) {
1935 struct hlist_node *node;
1936 struct inet_timewait_sock *tw;
1937 rwlock_t *lock = inet_ehash_lockp(&tcp_hashinfo, st->bucket);
1940 sk_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
1941 if (sk->sk_family != st->family ||
1942 !net_eq(sock_net(sk), net)) {
1948 st->state = TCP_SEQ_STATE_TIME_WAIT;
1949 inet_twsk_for_each(tw, node,
1950 &tcp_hashinfo.ehash[st->bucket].twchain) {
1951 if (tw->tw_family != st->family ||
1952 !net_eq(twsk_net(tw), net)) {
1958 read_unlock_bh(lock);
1959 st->state = TCP_SEQ_STATE_ESTABLISHED;
1965 static void *established_get_next(struct seq_file *seq, void *cur)
1967 struct sock *sk = cur;
1968 struct inet_timewait_sock *tw;
1969 struct hlist_node *node;
1970 struct tcp_iter_state* st = seq->private;
1971 struct net *net = seq_file_net(seq);
1975 if (st->state == TCP_SEQ_STATE_TIME_WAIT) {
1979 while (tw && (tw->tw_family != st->family || !net_eq(twsk_net(tw), net))) {
1986 read_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
1987 st->state = TCP_SEQ_STATE_ESTABLISHED;
1989 if (++st->bucket < tcp_hashinfo.ehash_size) {
1990 read_lock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
1991 sk = sk_head(&tcp_hashinfo.ehash[st->bucket].chain);
1999 sk_for_each_from(sk, node) {
2000 if (sk->sk_family == st->family && net_eq(sock_net(sk), net))
2004 st->state = TCP_SEQ_STATE_TIME_WAIT;
2005 tw = tw_head(&tcp_hashinfo.ehash[st->bucket].twchain);
2013 static void *established_get_idx(struct seq_file *seq, loff_t pos)
2015 void *rc = established_get_first(seq);
2018 rc = established_get_next(seq, rc);
2024 static void *tcp_get_idx(struct seq_file *seq, loff_t pos)
2027 struct tcp_iter_state* st = seq->private;
2029 inet_listen_lock(&tcp_hashinfo);
2030 st->state = TCP_SEQ_STATE_LISTENING;
2031 rc = listening_get_idx(seq, &pos);
2034 inet_listen_unlock(&tcp_hashinfo);
2035 st->state = TCP_SEQ_STATE_ESTABLISHED;
2036 rc = established_get_idx(seq, pos);
2042 static void *tcp_seq_start(struct seq_file *seq, loff_t *pos)
2044 struct tcp_iter_state* st = seq->private;
2045 st->state = TCP_SEQ_STATE_LISTENING;
2047 return *pos ? tcp_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2050 static void *tcp_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2053 struct tcp_iter_state* st;
2055 if (v == SEQ_START_TOKEN) {
2056 rc = tcp_get_idx(seq, 0);
2061 switch (st->state) {
2062 case TCP_SEQ_STATE_OPENREQ:
2063 case TCP_SEQ_STATE_LISTENING:
2064 rc = listening_get_next(seq, v);
2066 inet_listen_unlock(&tcp_hashinfo);
2067 st->state = TCP_SEQ_STATE_ESTABLISHED;
2068 rc = established_get_first(seq);
2071 case TCP_SEQ_STATE_ESTABLISHED:
2072 case TCP_SEQ_STATE_TIME_WAIT:
2073 rc = established_get_next(seq, v);
2081 static void tcp_seq_stop(struct seq_file *seq, void *v)
2083 struct tcp_iter_state* st = seq->private;
2085 switch (st->state) {
2086 case TCP_SEQ_STATE_OPENREQ:
2088 struct inet_connection_sock *icsk = inet_csk(st->syn_wait_sk);
2089 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2091 case TCP_SEQ_STATE_LISTENING:
2092 if (v != SEQ_START_TOKEN)
2093 inet_listen_unlock(&tcp_hashinfo);
2095 case TCP_SEQ_STATE_TIME_WAIT:
2096 case TCP_SEQ_STATE_ESTABLISHED:
2098 read_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2103 static int tcp_seq_open(struct inode *inode, struct file *file)
2105 struct tcp_seq_afinfo *afinfo = PDE(inode)->data;
2106 struct tcp_iter_state *s;
2109 err = seq_open_net(inode, file, &afinfo->seq_ops,
2110 sizeof(struct tcp_iter_state));
2114 s = ((struct seq_file *)file->private_data)->private;
2115 s->family = afinfo->family;
2119 int tcp_proc_register(struct net *net, struct tcp_seq_afinfo *afinfo)
2122 struct proc_dir_entry *p;
2124 afinfo->seq_fops.open = tcp_seq_open;
2125 afinfo->seq_fops.read = seq_read;
2126 afinfo->seq_fops.llseek = seq_lseek;
2127 afinfo->seq_fops.release = seq_release_net;
2129 afinfo->seq_ops.start = tcp_seq_start;
2130 afinfo->seq_ops.next = tcp_seq_next;
2131 afinfo->seq_ops.stop = tcp_seq_stop;
2133 p = proc_create_data(afinfo->name, S_IRUGO, net->proc_net,
2134 &afinfo->seq_fops, afinfo);
2140 void tcp_proc_unregister(struct net *net, struct tcp_seq_afinfo *afinfo)
2142 proc_net_remove(net, afinfo->name);
2145 static void get_openreq4(struct sock *sk, struct request_sock *req,
2146 struct seq_file *f, int i, int uid, int *len)
2148 const struct inet_request_sock *ireq = inet_rsk(req);
2149 int ttd = req->expires - jiffies;
2151 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
2152 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %p%n",
2155 ntohs(inet_sk(sk)->sport),
2157 ntohs(ireq->rmt_port),
2159 0, 0, /* could print option size, but that is af dependent. */
2160 1, /* timers active (only the expire timer) */
2161 jiffies_to_clock_t(ttd),
2164 0, /* non standard timer */
2165 0, /* open_requests have no inode */
2166 atomic_read(&sk->sk_refcnt),
2171 static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
2174 unsigned long timer_expires;
2175 struct tcp_sock *tp = tcp_sk(sk);
2176 const struct inet_connection_sock *icsk = inet_csk(sk);
2177 struct inet_sock *inet = inet_sk(sk);
2178 __be32 dest = inet->daddr;
2179 __be32 src = inet->rcv_saddr;
2180 __u16 destp = ntohs(inet->dport);
2181 __u16 srcp = ntohs(inet->sport);
2183 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
2185 timer_expires = icsk->icsk_timeout;
2186 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
2188 timer_expires = icsk->icsk_timeout;
2189 } else if (timer_pending(&sk->sk_timer)) {
2191 timer_expires = sk->sk_timer.expires;
2194 timer_expires = jiffies;
2197 seq_printf(f, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
2198 "%08X %5d %8d %lu %d %p %u %u %u %u %d%n",
2199 i, src, srcp, dest, destp, sk->sk_state,
2200 tp->write_seq - tp->snd_una,
2201 sk->sk_state == TCP_LISTEN ? sk->sk_ack_backlog :
2202 (tp->rcv_nxt - tp->copied_seq),
2204 jiffies_to_clock_t(timer_expires - jiffies),
2205 icsk->icsk_retransmits,
2207 icsk->icsk_probes_out,
2209 atomic_read(&sk->sk_refcnt), sk,
2212 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
2214 tp->snd_ssthresh >= 0xFFFF ? -1 : tp->snd_ssthresh,
2218 static void get_timewait4_sock(struct inet_timewait_sock *tw,
2219 struct seq_file *f, int i, int *len)
2223 int ttd = tw->tw_ttd - jiffies;
2228 dest = tw->tw_daddr;
2229 src = tw->tw_rcv_saddr;
2230 destp = ntohs(tw->tw_dport);
2231 srcp = ntohs(tw->tw_sport);
2233 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
2234 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p%n",
2235 i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
2236 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2237 atomic_read(&tw->tw_refcnt), tw, len);
2242 static int tcp4_seq_show(struct seq_file *seq, void *v)
2244 struct tcp_iter_state* st;
2247 if (v == SEQ_START_TOKEN) {
2248 seq_printf(seq, "%-*s\n", TMPSZ - 1,
2249 " sl local_address rem_address st tx_queue "
2250 "rx_queue tr tm->when retrnsmt uid timeout "
2256 switch (st->state) {
2257 case TCP_SEQ_STATE_LISTENING:
2258 case TCP_SEQ_STATE_ESTABLISHED:
2259 get_tcp4_sock(v, seq, st->num, &len);
2261 case TCP_SEQ_STATE_OPENREQ:
2262 get_openreq4(st->syn_wait_sk, v, seq, st->num, st->uid, &len);
2264 case TCP_SEQ_STATE_TIME_WAIT:
2265 get_timewait4_sock(v, seq, st->num, &len);
2268 seq_printf(seq, "%*s\n", TMPSZ - 1 - len, "");
2273 static struct tcp_seq_afinfo tcp4_seq_afinfo = {
2277 .owner = THIS_MODULE,
2280 .show = tcp4_seq_show,
2284 static int tcp4_proc_init_net(struct net *net)
2286 return tcp_proc_register(net, &tcp4_seq_afinfo);
2289 static void tcp4_proc_exit_net(struct net *net)
2291 tcp_proc_unregister(net, &tcp4_seq_afinfo);
2294 static struct pernet_operations tcp4_net_ops = {
2295 .init = tcp4_proc_init_net,
2296 .exit = tcp4_proc_exit_net,
2299 int __init tcp4_proc_init(void)
2301 return register_pernet_subsys(&tcp4_net_ops);
2304 void tcp4_proc_exit(void)
2306 unregister_pernet_subsys(&tcp4_net_ops);
2308 #endif /* CONFIG_PROC_FS */
2310 struct proto tcp_prot = {
2312 .owner = THIS_MODULE,
2314 .connect = tcp_v4_connect,
2315 .disconnect = tcp_disconnect,
2316 .accept = inet_csk_accept,
2318 .init = tcp_v4_init_sock,
2319 .destroy = tcp_v4_destroy_sock,
2320 .shutdown = tcp_shutdown,
2321 .setsockopt = tcp_setsockopt,
2322 .getsockopt = tcp_getsockopt,
2323 .recvmsg = tcp_recvmsg,
2324 .backlog_rcv = tcp_v4_do_rcv,
2326 .unhash = inet_unhash,
2327 .get_port = inet_csk_get_port,
2328 .enter_memory_pressure = tcp_enter_memory_pressure,
2329 .sockets_allocated = &tcp_sockets_allocated,
2330 .orphan_count = &tcp_orphan_count,
2331 .memory_allocated = &tcp_memory_allocated,
2332 .memory_pressure = &tcp_memory_pressure,
2333 .sysctl_mem = sysctl_tcp_mem,
2334 .sysctl_wmem = sysctl_tcp_wmem,
2335 .sysctl_rmem = sysctl_tcp_rmem,
2336 .max_header = MAX_TCP_HEADER,
2337 .obj_size = sizeof(struct tcp_sock),
2338 .twsk_prot = &tcp_timewait_sock_ops,
2339 .rsk_prot = &tcp_request_sock_ops,
2340 .h.hashinfo = &tcp_hashinfo,
2341 #ifdef CONFIG_COMPAT
2342 .compat_setsockopt = compat_tcp_setsockopt,
2343 .compat_getsockopt = compat_tcp_getsockopt,
2348 static int __net_init tcp_sk_init(struct net *net)
2350 return inet_ctl_sock_create(&net->ipv4.tcp_sock,
2351 PF_INET, SOCK_RAW, IPPROTO_TCP, net);
2354 static void __net_exit tcp_sk_exit(struct net *net)
2356 inet_ctl_sock_destroy(net->ipv4.tcp_sock);
2359 static struct pernet_operations __net_initdata tcp_sk_ops = {
2360 .init = tcp_sk_init,
2361 .exit = tcp_sk_exit,
2364 void __init tcp_v4_init(void)
2366 if (register_pernet_device(&tcp_sk_ops))
2367 panic("Failed to create the TCP control socket.\n");
2370 EXPORT_SYMBOL(ipv4_specific);
2371 EXPORT_SYMBOL(tcp_hashinfo);
2372 EXPORT_SYMBOL(tcp_prot);
2373 EXPORT_SYMBOL(tcp_v4_conn_request);
2374 EXPORT_SYMBOL(tcp_v4_connect);
2375 EXPORT_SYMBOL(tcp_v4_do_rcv);
2376 EXPORT_SYMBOL(tcp_v4_remember_stamp);
2377 EXPORT_SYMBOL(tcp_v4_send_check);
2378 EXPORT_SYMBOL(tcp_v4_syn_recv_sock);
2380 #ifdef CONFIG_PROC_FS
2381 EXPORT_SYMBOL(tcp_proc_register);
2382 EXPORT_SYMBOL(tcp_proc_unregister);
2384 EXPORT_SYMBOL(sysctl_tcp_low_latency);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob