3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
42 #include <linux/uaccess.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/inet_common.h>
63 #include <net/secure_seq.h>
64 #include <net/tcp_memcontrol.h>
65 #include <net/busy_poll.h>
67 #include <linux/proc_fs.h>
68 #include <linux/seq_file.h>
70 #include <linux/crypto.h>
71 #include <linux/scatterlist.h>
73 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
74 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
75 struct request_sock *req);
77 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
79 static const struct inet_connection_sock_af_ops ipv6_mapped;
80 static const struct inet_connection_sock_af_ops ipv6_specific;
81 #ifdef CONFIG_TCP_MD5SIG
82 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
83 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
85 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
86 const struct in6_addr *addr)
92 static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
94 struct dst_entry *dst = skb_dst(skb);
96 if (dst && dst_hold_safe(dst)) {
97 const struct rt6_info *rt = (const struct rt6_info *)dst;
100 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
101 inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt);
105 static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
107 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
108 ipv6_hdr(skb)->saddr.s6_addr32,
110 tcp_hdr(skb)->source);
113 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
116 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
117 struct inet_sock *inet = inet_sk(sk);
118 struct inet_connection_sock *icsk = inet_csk(sk);
119 struct ipv6_pinfo *np = inet6_sk(sk);
120 struct tcp_sock *tp = tcp_sk(sk);
121 struct in6_addr *saddr = NULL, *final_p, final;
122 struct ipv6_txoptions *opt;
124 struct dst_entry *dst;
128 if (addr_len < SIN6_LEN_RFC2133)
131 if (usin->sin6_family != AF_INET6)
132 return -EAFNOSUPPORT;
134 memset(&fl6, 0, sizeof(fl6));
137 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
138 IP6_ECN_flow_init(fl6.flowlabel);
139 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
140 struct ip6_flowlabel *flowlabel;
141 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
144 fl6_sock_release(flowlabel);
149 * connect() to INADDR_ANY means loopback (BSD'ism).
152 if (ipv6_addr_any(&usin->sin6_addr))
153 usin->sin6_addr.s6_addr[15] = 0x1;
155 addr_type = ipv6_addr_type(&usin->sin6_addr);
157 if (addr_type & IPV6_ADDR_MULTICAST)
160 if (addr_type&IPV6_ADDR_LINKLOCAL) {
161 if (addr_len >= sizeof(struct sockaddr_in6) &&
162 usin->sin6_scope_id) {
163 /* If interface is set while binding, indices
166 if (sk->sk_bound_dev_if &&
167 sk->sk_bound_dev_if != usin->sin6_scope_id)
170 sk->sk_bound_dev_if = usin->sin6_scope_id;
173 /* Connect to link-local address requires an interface */
174 if (!sk->sk_bound_dev_if)
178 if (tp->rx_opt.ts_recent_stamp &&
179 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
180 tp->rx_opt.ts_recent = 0;
181 tp->rx_opt.ts_recent_stamp = 0;
185 sk->sk_v6_daddr = usin->sin6_addr;
186 np->flow_label = fl6.flowlabel;
192 if (addr_type == IPV6_ADDR_MAPPED) {
193 u32 exthdrlen = icsk->icsk_ext_hdr_len;
194 struct sockaddr_in sin;
196 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
198 if (__ipv6_only_sock(sk))
201 sin.sin_family = AF_INET;
202 sin.sin_port = usin->sin6_port;
203 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
205 icsk->icsk_af_ops = &ipv6_mapped;
206 sk->sk_backlog_rcv = tcp_v4_do_rcv;
207 #ifdef CONFIG_TCP_MD5SIG
208 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
211 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
214 icsk->icsk_ext_hdr_len = exthdrlen;
215 icsk->icsk_af_ops = &ipv6_specific;
216 sk->sk_backlog_rcv = tcp_v6_do_rcv;
217 #ifdef CONFIG_TCP_MD5SIG
218 tp->af_specific = &tcp_sock_ipv6_specific;
222 np->saddr = sk->sk_v6_rcv_saddr;
227 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
228 saddr = &sk->sk_v6_rcv_saddr;
230 fl6.flowi6_proto = IPPROTO_TCP;
231 fl6.daddr = sk->sk_v6_daddr;
232 fl6.saddr = saddr ? *saddr : np->saddr;
233 fl6.flowi6_oif = sk->sk_bound_dev_if;
234 fl6.flowi6_mark = sk->sk_mark;
235 fl6.fl6_dport = usin->sin6_port;
236 fl6.fl6_sport = inet->inet_sport;
237 fl6.flowi6_uid = sock_i_uid(sk);
239 opt = rcu_dereference_protected(np->opt, sock_owned_by_user(sk));
240 final_p = fl6_update_dst(&fl6, opt, &final);
242 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
244 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
252 sk->sk_v6_rcv_saddr = *saddr;
255 /* set the source address */
257 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
259 sk->sk_gso_type = SKB_GSO_TCPV6;
260 ip6_dst_store(sk, dst, NULL, NULL);
262 if (tcp_death_row.sysctl_tw_recycle &&
263 !tp->rx_opt.ts_recent_stamp &&
264 ipv6_addr_equal(&fl6.daddr, &sk->sk_v6_daddr))
265 tcp_fetch_timewait_stamp(sk, dst);
267 icsk->icsk_ext_hdr_len = 0;
269 icsk->icsk_ext_hdr_len = opt->opt_flen +
272 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
274 inet->inet_dport = usin->sin6_port;
276 tcp_set_state(sk, TCP_SYN_SENT);
277 err = inet6_hash_connect(&tcp_death_row, sk);
283 if (!tp->write_seq && likely(!tp->repair))
284 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
285 sk->sk_v6_daddr.s6_addr32,
289 err = tcp_connect(sk);
296 tcp_set_state(sk, TCP_CLOSE);
299 inet->inet_dport = 0;
300 sk->sk_route_caps = 0;
304 static void tcp_v6_mtu_reduced(struct sock *sk)
306 struct dst_entry *dst;
308 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
311 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
315 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
316 tcp_sync_mss(sk, dst_mtu(dst));
317 tcp_simple_retransmit(sk);
321 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
322 u8 type, u8 code, int offset, __be32 info)
324 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
325 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
326 struct net *net = dev_net(skb->dev);
327 struct request_sock *fastopen;
328 struct ipv6_pinfo *np;
335 sk = __inet6_lookup_established(net, &tcp_hashinfo,
336 &hdr->daddr, th->dest,
337 &hdr->saddr, ntohs(th->source),
341 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
346 if (sk->sk_state == TCP_TIME_WAIT) {
347 inet_twsk_put(inet_twsk(sk));
350 seq = ntohl(th->seq);
351 fatal = icmpv6_err_convert(type, code, &err);
352 if (sk->sk_state == TCP_NEW_SYN_RECV)
353 return tcp_req_err(sk, seq, fatal);
356 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
357 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
359 if (sk->sk_state == TCP_CLOSE)
362 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
363 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
368 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
369 fastopen = tp->fastopen_rsk;
370 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
371 if (sk->sk_state != TCP_LISTEN &&
372 !between(seq, snd_una, tp->snd_nxt)) {
373 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
379 if (type == NDISC_REDIRECT) {
380 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
383 dst->ops->redirect(dst, sk, skb);
387 if (type == ICMPV6_PKT_TOOBIG) {
388 /* We are not interested in TCP_LISTEN and open_requests
389 * (SYN-ACKs send out by Linux are always <576bytes so
390 * they should go through unfragmented).
392 if (sk->sk_state == TCP_LISTEN)
395 if (!ip6_sk_accept_pmtu(sk))
398 tp->mtu_info = ntohl(info);
399 if (!sock_owned_by_user(sk))
400 tcp_v6_mtu_reduced(sk);
401 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
408 /* Might be for an request_sock */
409 switch (sk->sk_state) {
412 /* Only in fast or simultaneous open. If a fast open socket is
413 * is already accepted it is treated as a connected one below.
415 if (fastopen && !fastopen->sk)
418 if (!sock_owned_by_user(sk)) {
420 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
424 sk->sk_err_soft = err;
428 if (!sock_owned_by_user(sk) && np->recverr) {
430 sk->sk_error_report(sk);
432 sk->sk_err_soft = err;
440 static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
442 struct request_sock *req,
443 struct tcp_fastopen_cookie *foc,
446 struct inet_request_sock *ireq = inet_rsk(req);
447 struct ipv6_pinfo *np = inet6_sk(sk);
448 struct flowi6 *fl6 = &fl->u.ip6;
452 /* First, grab a route. */
453 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
454 IPPROTO_TCP)) == NULL)
457 skb = tcp_make_synack(sk, dst, req, foc, attach_req);
460 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
461 &ireq->ir_v6_rmt_addr);
463 fl6->daddr = ireq->ir_v6_rmt_addr;
464 if (np->repflow && ireq->pktopts)
465 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
468 err = ip6_xmit(sk, skb, fl6, rcu_dereference(np->opt),
471 err = net_xmit_eval(err);
479 static void tcp_v6_reqsk_destructor(struct request_sock *req)
481 kfree_skb(inet_rsk(req)->pktopts);
484 #ifdef CONFIG_TCP_MD5SIG
485 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
486 const struct in6_addr *addr)
488 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
491 static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
492 const struct sock *addr_sk)
494 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
497 static int tcp_v6_parse_md5_keys(struct sock *sk, char __user *optval,
500 struct tcp_md5sig cmd;
501 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
503 if (optlen < sizeof(cmd))
506 if (copy_from_user(&cmd, optval, sizeof(cmd)))
509 if (sin6->sin6_family != AF_INET6)
512 if (!cmd.tcpm_keylen) {
513 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
514 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
516 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
520 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
523 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
524 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
525 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
527 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
528 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
531 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
532 const struct in6_addr *daddr,
533 const struct in6_addr *saddr, int nbytes)
535 struct tcp6_pseudohdr *bp;
536 struct scatterlist sg;
538 bp = &hp->md5_blk.ip6;
539 /* 1. TCP pseudo-header (RFC2460) */
542 bp->protocol = cpu_to_be32(IPPROTO_TCP);
543 bp->len = cpu_to_be32(nbytes);
545 sg_init_one(&sg, bp, sizeof(*bp));
546 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
549 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
550 const struct in6_addr *daddr, struct in6_addr *saddr,
551 const struct tcphdr *th)
553 struct tcp_md5sig_pool *hp;
554 struct hash_desc *desc;
556 hp = tcp_get_md5sig_pool();
558 goto clear_hash_noput;
559 desc = &hp->md5_desc;
561 if (crypto_hash_init(desc))
563 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
565 if (tcp_md5_hash_header(hp, th))
567 if (tcp_md5_hash_key(hp, key))
569 if (crypto_hash_final(desc, md5_hash))
572 tcp_put_md5sig_pool();
576 tcp_put_md5sig_pool();
578 memset(md5_hash, 0, 16);
582 static int tcp_v6_md5_hash_skb(char *md5_hash,
583 const struct tcp_md5sig_key *key,
584 const struct sock *sk,
585 const struct sk_buff *skb)
587 const struct in6_addr *saddr, *daddr;
588 struct tcp_md5sig_pool *hp;
589 struct hash_desc *desc;
590 const struct tcphdr *th = tcp_hdr(skb);
592 if (sk) { /* valid for establish/request sockets */
593 saddr = &sk->sk_v6_rcv_saddr;
594 daddr = &sk->sk_v6_daddr;
596 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
597 saddr = &ip6h->saddr;
598 daddr = &ip6h->daddr;
601 hp = tcp_get_md5sig_pool();
603 goto clear_hash_noput;
604 desc = &hp->md5_desc;
606 if (crypto_hash_init(desc))
609 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
611 if (tcp_md5_hash_header(hp, th))
613 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
615 if (tcp_md5_hash_key(hp, key))
617 if (crypto_hash_final(desc, md5_hash))
620 tcp_put_md5sig_pool();
624 tcp_put_md5sig_pool();
626 memset(md5_hash, 0, 16);
632 static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
633 const struct sk_buff *skb)
635 #ifdef CONFIG_TCP_MD5SIG
636 const __u8 *hash_location = NULL;
637 struct tcp_md5sig_key *hash_expected;
638 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
639 const struct tcphdr *th = tcp_hdr(skb);
643 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
644 hash_location = tcp_parse_md5sig_option(th);
646 /* We've parsed the options - do we have a hash? */
647 if (!hash_expected && !hash_location)
650 if (hash_expected && !hash_location) {
651 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
655 if (!hash_expected && hash_location) {
656 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
660 /* check the signature */
661 genhash = tcp_v6_md5_hash_skb(newhash,
665 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
666 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
667 genhash ? "failed" : "mismatch",
668 &ip6h->saddr, ntohs(th->source),
669 &ip6h->daddr, ntohs(th->dest));
676 static void tcp_v6_init_req(struct request_sock *req,
677 const struct sock *sk_listener,
680 struct inet_request_sock *ireq = inet_rsk(req);
681 const struct ipv6_pinfo *np = inet6_sk(sk_listener);
683 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
684 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
686 /* So that link locals have meaning */
687 if (!sk_listener->sk_bound_dev_if &&
688 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
689 ireq->ir_iif = tcp_v6_iif(skb);
691 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
692 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
693 np->rxopt.bits.rxinfo ||
694 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
695 np->rxopt.bits.rxohlim || np->repflow)) {
696 atomic_inc(&skb->users);
701 static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
703 const struct request_sock *req,
708 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
711 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
713 .obj_size = sizeof(struct tcp6_request_sock),
714 .rtx_syn_ack = tcp_rtx_synack,
715 .send_ack = tcp_v6_reqsk_send_ack,
716 .destructor = tcp_v6_reqsk_destructor,
717 .send_reset = tcp_v6_send_reset,
718 .syn_ack_timeout = tcp_syn_ack_timeout,
721 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
722 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
723 sizeof(struct ipv6hdr),
724 #ifdef CONFIG_TCP_MD5SIG
725 .req_md5_lookup = tcp_v6_md5_lookup,
726 .calc_md5_hash = tcp_v6_md5_hash_skb,
728 .init_req = tcp_v6_init_req,
729 #ifdef CONFIG_SYN_COOKIES
730 .cookie_init_seq = cookie_v6_init_sequence,
732 .route_req = tcp_v6_route_req,
733 .init_seq = tcp_v6_init_sequence,
734 .send_synack = tcp_v6_send_synack,
737 static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
738 u32 ack, u32 win, u32 tsval, u32 tsecr,
739 int oif, struct tcp_md5sig_key *key, int rst,
740 u8 tclass, u32 label)
742 const struct tcphdr *th = tcp_hdr(skb);
744 struct sk_buff *buff;
746 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
747 struct sock *ctl_sk = net->ipv6.tcp_sk;
748 unsigned int tot_len = sizeof(struct tcphdr);
749 struct dst_entry *dst;
753 tot_len += TCPOLEN_TSTAMP_ALIGNED;
754 #ifdef CONFIG_TCP_MD5SIG
756 tot_len += TCPOLEN_MD5SIG_ALIGNED;
759 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
764 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
766 t1 = (struct tcphdr *) skb_push(buff, tot_len);
767 skb_reset_transport_header(buff);
769 /* Swap the send and the receive. */
770 memset(t1, 0, sizeof(*t1));
771 t1->dest = th->source;
772 t1->source = th->dest;
773 t1->doff = tot_len / 4;
774 t1->seq = htonl(seq);
775 t1->ack_seq = htonl(ack);
776 t1->ack = !rst || !th->ack;
778 t1->window = htons(win);
780 topt = (__be32 *)(t1 + 1);
783 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
784 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
785 *topt++ = htonl(tsval);
786 *topt++ = htonl(tsecr);
789 #ifdef CONFIG_TCP_MD5SIG
791 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
792 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
793 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
794 &ipv6_hdr(skb)->saddr,
795 &ipv6_hdr(skb)->daddr, t1);
799 memset(&fl6, 0, sizeof(fl6));
800 fl6.daddr = ipv6_hdr(skb)->saddr;
801 fl6.saddr = ipv6_hdr(skb)->daddr;
802 fl6.flowlabel = label;
804 buff->ip_summed = CHECKSUM_PARTIAL;
807 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
809 fl6.flowi6_proto = IPPROTO_TCP;
810 if (rt6_need_strict(&fl6.daddr) && !oif)
811 fl6.flowi6_oif = tcp_v6_iif(skb);
813 fl6.flowi6_oif = oif;
814 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark);
815 fl6.fl6_dport = t1->dest;
816 fl6.fl6_sport = t1->source;
817 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
819 /* Pass a socket to ip6_dst_lookup either it is for RST
820 * Underlying function will use this to retrieve the network
823 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
825 skb_dst_set(buff, dst);
826 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
827 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
829 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
836 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
838 const struct tcphdr *th = tcp_hdr(skb);
839 u32 seq = 0, ack_seq = 0;
840 struct tcp_md5sig_key *key = NULL;
841 #ifdef CONFIG_TCP_MD5SIG
842 const __u8 *hash_location = NULL;
843 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
844 unsigned char newhash[16];
846 struct sock *sk1 = NULL;
853 /* If sk not NULL, it means we did a successful lookup and incoming
854 * route had to be correct. prequeue might have dropped our dst.
856 if (!sk && !ipv6_unicast_destination(skb))
859 #ifdef CONFIG_TCP_MD5SIG
860 hash_location = tcp_parse_md5sig_option(th);
861 if (!sk && hash_location) {
863 * active side is lost. Try to find listening socket through
864 * source port, and then find md5 key through listening socket.
865 * we are not loose security here:
866 * Incoming packet is checked with md5 hash with finding key,
867 * no RST generated if md5 hash doesn't match.
869 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
870 &tcp_hashinfo, &ipv6h->saddr,
871 th->source, &ipv6h->daddr,
872 ntohs(th->source), tcp_v6_iif(skb));
877 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
881 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
882 if (genhash || memcmp(hash_location, newhash, 16) != 0)
885 key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL;
890 seq = ntohl(th->ack_seq);
892 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
895 oif = sk ? sk->sk_bound_dev_if : 0;
896 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0);
898 #ifdef CONFIG_TCP_MD5SIG
907 static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
908 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
909 struct tcp_md5sig_key *key, u8 tclass,
912 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
916 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
918 struct inet_timewait_sock *tw = inet_twsk(sk);
919 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
921 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
922 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
923 tcp_time_stamp + tcptw->tw_ts_offset,
924 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
925 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel));
930 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
931 struct request_sock *req)
933 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
934 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
936 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
937 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
938 tcp_rsk(req)->rcv_nxt, req->rsk_rcv_wnd,
939 tcp_time_stamp, req->ts_recent, sk->sk_bound_dev_if,
940 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr),
945 static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
947 #ifdef CONFIG_SYN_COOKIES
948 const struct tcphdr *th = tcp_hdr(skb);
951 sk = cookie_v6_check(sk, skb);
956 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
958 if (skb->protocol == htons(ETH_P_IP))
959 return tcp_v4_conn_request(sk, skb);
961 if (!ipv6_unicast_destination(skb))
964 return tcp_conn_request(&tcp6_request_sock_ops,
965 &tcp_request_sock_ipv6_ops, sk, skb);
968 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
969 return 0; /* don't send reset */
972 static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
973 struct request_sock *req,
974 struct dst_entry *dst,
975 struct request_sock *req_unhash,
978 struct inet_request_sock *ireq;
979 struct ipv6_pinfo *newnp;
980 const struct ipv6_pinfo *np = inet6_sk(sk);
981 struct ipv6_txoptions *opt;
982 struct tcp6_sock *newtcp6sk;
983 struct inet_sock *newinet;
984 struct tcp_sock *newtp;
986 #ifdef CONFIG_TCP_MD5SIG
987 struct tcp_md5sig_key *key;
991 if (skb->protocol == htons(ETH_P_IP)) {
996 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
997 req_unhash, own_req);
1002 newtcp6sk = (struct tcp6_sock *)newsk;
1003 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1005 newinet = inet_sk(newsk);
1006 newnp = inet6_sk(newsk);
1007 newtp = tcp_sk(newsk);
1009 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1011 newnp->saddr = newsk->sk_v6_rcv_saddr;
1013 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1014 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1015 #ifdef CONFIG_TCP_MD5SIG
1016 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1019 newnp->ipv6_ac_list = NULL;
1020 newnp->ipv6_fl_list = NULL;
1021 newnp->pktoptions = NULL;
1023 newnp->mcast_oif = tcp_v6_iif(skb);
1024 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1025 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1027 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1030 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1031 * here, tcp_create_openreq_child now does this for us, see the comment in
1032 * that function for the gory details. -acme
1035 /* It is tricky place. Until this moment IPv4 tcp
1036 worked with IPv6 icsk.icsk_af_ops.
1039 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1044 ireq = inet_rsk(req);
1046 if (sk_acceptq_is_full(sk))
1050 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
1055 newsk = tcp_create_openreq_child(sk, req, skb);
1060 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1061 * count here, tcp_create_openreq_child now does this for us, see the
1062 * comment in that function for the gory details. -acme
1065 newsk->sk_gso_type = SKB_GSO_TCPV6;
1066 ip6_dst_store(newsk, dst, NULL, NULL);
1067 inet6_sk_rx_dst_set(newsk, skb);
1069 newtcp6sk = (struct tcp6_sock *)newsk;
1070 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1072 newtp = tcp_sk(newsk);
1073 newinet = inet_sk(newsk);
1074 newnp = inet6_sk(newsk);
1076 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1078 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1079 newnp->saddr = ireq->ir_v6_loc_addr;
1080 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1081 newsk->sk_bound_dev_if = ireq->ir_iif;
1083 /* Now IPv6 options...
1085 First: no IPv4 options.
1087 newinet->inet_opt = NULL;
1088 newnp->ipv6_ac_list = NULL;
1089 newnp->ipv6_fl_list = NULL;
1092 newnp->rxopt.all = np->rxopt.all;
1094 newnp->pktoptions = NULL;
1096 newnp->mcast_oif = tcp_v6_iif(skb);
1097 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1098 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1100 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1102 /* Clone native IPv6 options from listening socket (if any)
1104 Yes, keeping reference count would be much more clever,
1105 but we make one more one thing there: reattach optmem
1108 opt = rcu_dereference(np->opt);
1110 opt = ipv6_dup_options(newsk, opt);
1111 RCU_INIT_POINTER(newnp->opt, opt);
1113 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1115 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1118 tcp_ca_openreq_child(newsk, dst);
1120 tcp_sync_mss(newsk, dst_mtu(dst));
1121 newtp->advmss = dst_metric_advmss(dst);
1122 if (tcp_sk(sk)->rx_opt.user_mss &&
1123 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1124 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1126 tcp_initialize_rcv_mss(newsk);
1128 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1129 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1131 #ifdef CONFIG_TCP_MD5SIG
1132 /* Copy over the MD5 key from the original socket */
1133 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
1135 /* We're using one, so create a matching key
1136 * on the newsk structure. If we fail to get
1137 * memory, then we end up not copying the key
1140 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
1141 AF_INET6, key->key, key->keylen,
1142 sk_gfp_atomic(sk, GFP_ATOMIC));
1146 if (__inet_inherit_port(sk, newsk) < 0) {
1147 inet_csk_prepare_forced_close(newsk);
1151 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
1153 tcp_move_syn(newtp, req);
1155 /* Clone pktoptions received with SYN, if we own the req */
1156 if (ireq->pktopts) {
1157 newnp->pktoptions = skb_clone(ireq->pktopts,
1158 sk_gfp_atomic(sk, GFP_ATOMIC));
1159 consume_skb(ireq->pktopts);
1160 ireq->pktopts = NULL;
1161 if (newnp->pktoptions)
1162 skb_set_owner_r(newnp->pktoptions, newsk);
1169 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1173 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1177 /* The socket must have it's spinlock held when we get
1178 * here, unless it is a TCP_LISTEN socket.
1180 * We have a potential double-lock case here, so even when
1181 * doing backlog processing we use the BH locking scheme.
1182 * This is because we cannot sleep with the original spinlock
1185 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1187 struct ipv6_pinfo *np = inet6_sk(sk);
1188 struct tcp_sock *tp;
1189 struct sk_buff *opt_skb = NULL;
1191 /* Imagine: socket is IPv6. IPv4 packet arrives,
1192 goes to IPv4 receive handler and backlogged.
1193 From backlog it always goes here. Kerboom...
1194 Fortunately, tcp_rcv_established and rcv_established
1195 handle them correctly, but it is not case with
1196 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1199 if (skb->protocol == htons(ETH_P_IP))
1200 return tcp_v4_do_rcv(sk, skb);
1202 if (sk_filter(sk, skb))
1206 * socket locking is here for SMP purposes as backlog rcv
1207 * is currently called with bh processing disabled.
1210 /* Do Stevens' IPV6_PKTOPTIONS.
1212 Yes, guys, it is the only place in our code, where we
1213 may make it not affecting IPv4.
1214 The rest of code is protocol independent,
1215 and I do not like idea to uglify IPv4.
1217 Actually, all the idea behind IPV6_PKTOPTIONS
1218 looks not very well thought. For now we latch
1219 options, received in the last packet, enqueued
1220 by tcp. Feel free to propose better solution.
1224 opt_skb = skb_clone(skb, sk_gfp_atomic(sk, GFP_ATOMIC));
1226 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1227 struct dst_entry *dst = sk->sk_rx_dst;
1229 sock_rps_save_rxhash(sk, skb);
1230 sk_mark_napi_id(sk, skb);
1232 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1233 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1235 sk->sk_rx_dst = NULL;
1239 tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len);
1241 goto ipv6_pktoptions;
1245 if (tcp_checksum_complete(skb))
1248 if (sk->sk_state == TCP_LISTEN) {
1249 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1255 sock_rps_save_rxhash(nsk, skb);
1256 sk_mark_napi_id(nsk, skb);
1257 if (tcp_child_process(sk, nsk, skb))
1260 __kfree_skb(opt_skb);
1264 sock_rps_save_rxhash(sk, skb);
1266 if (tcp_rcv_state_process(sk, skb))
1269 goto ipv6_pktoptions;
1273 tcp_v6_send_reset(sk, skb);
1276 __kfree_skb(opt_skb);
1280 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_CSUMERRORS);
1281 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1286 /* Do you ask, what is it?
1288 1. skb was enqueued by tcp.
1289 2. skb is added to tail of read queue, rather than out of order.
1290 3. socket is not in passive state.
1291 4. Finally, it really contains options, which user wants to receive.
1294 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1295 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1296 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1297 np->mcast_oif = tcp_v6_iif(opt_skb);
1298 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1299 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1300 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1301 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
1303 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
1304 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1305 skb_set_owner_r(opt_skb, sk);
1306 opt_skb = xchg(&np->pktoptions, opt_skb);
1308 __kfree_skb(opt_skb);
1309 opt_skb = xchg(&np->pktoptions, NULL);
1317 static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1318 const struct tcphdr *th)
1320 /* This is tricky: we move IP6CB at its correct location into
1321 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1322 * _decode_session6() uses IP6CB().
1323 * barrier() makes sure compiler won't play aliasing games.
1325 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1326 sizeof(struct inet6_skb_parm));
1329 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1330 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1331 skb->len - th->doff*4);
1332 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1333 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1334 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1335 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1336 TCP_SKB_CB(skb)->sacked = 0;
1339 static void tcp_v6_restore_cb(struct sk_buff *skb)
1341 /* We need to move header back to the beginning if xfrm6_policy_check()
1342 * and tcp_v6_fill_cb() are going to be called again.
1344 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1345 sizeof(struct inet6_skb_parm));
1348 static int tcp_v6_rcv(struct sk_buff *skb)
1350 const struct tcphdr *th;
1351 const struct ipv6hdr *hdr;
1354 struct net *net = dev_net(skb->dev);
1356 if (skb->pkt_type != PACKET_HOST)
1360 * Count it even if it's bad.
1362 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1364 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1369 if (th->doff < sizeof(struct tcphdr)/4)
1371 if (!pskb_may_pull(skb, th->doff*4))
1374 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
1378 hdr = ipv6_hdr(skb);
1381 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest,
1387 if (sk->sk_state == TCP_TIME_WAIT)
1390 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1391 struct request_sock *req = inet_reqsk(sk);
1394 sk = req->rsk_listener;
1395 tcp_v6_fill_cb(skb, hdr, th);
1396 if (tcp_v6_inbound_md5_hash(sk, skb)) {
1400 if (unlikely(sk->sk_state != TCP_LISTEN)) {
1401 inet_csk_reqsk_queue_drop_and_put(sk, req);
1405 nsk = tcp_check_req(sk, skb, req, false);
1408 goto discard_and_relse;
1412 tcp_v6_restore_cb(skb);
1413 } else if (tcp_child_process(sk, nsk, skb)) {
1414 tcp_v6_send_reset(nsk, skb);
1415 goto discard_and_relse;
1421 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1422 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1423 goto discard_and_relse;
1426 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1427 goto discard_and_relse;
1429 tcp_v6_fill_cb(skb, hdr, th);
1431 if (tcp_v6_inbound_md5_hash(sk, skb))
1432 goto discard_and_relse;
1434 if (sk_filter(sk, skb))
1435 goto discard_and_relse;
1439 if (sk->sk_state == TCP_LISTEN) {
1440 ret = tcp_v6_do_rcv(sk, skb);
1441 goto put_and_return;
1444 sk_incoming_cpu_update(sk);
1446 bh_lock_sock_nested(sk);
1447 tcp_sk(sk)->segs_in += max_t(u16, 1, skb_shinfo(skb)->gso_segs);
1449 if (!sock_owned_by_user(sk)) {
1450 if (!tcp_prequeue(sk, skb))
1451 ret = tcp_v6_do_rcv(sk, skb);
1452 } else if (unlikely(sk_add_backlog(sk, skb,
1453 sk->sk_rcvbuf + sk->sk_sndbuf))) {
1455 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
1456 goto discard_and_relse;
1462 return ret ? -1 : 0;
1465 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1468 tcp_v6_fill_cb(skb, hdr, th);
1470 if (tcp_checksum_complete(skb)) {
1472 TCP_INC_STATS_BH(net, TCP_MIB_CSUMERRORS);
1474 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1476 tcp_v6_send_reset(NULL, skb);
1488 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1489 inet_twsk_put(inet_twsk(sk));
1493 tcp_v6_fill_cb(skb, hdr, th);
1495 if (tcp_checksum_complete(skb)) {
1496 inet_twsk_put(inet_twsk(sk));
1500 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1505 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1506 &ipv6_hdr(skb)->saddr, th->source,
1507 &ipv6_hdr(skb)->daddr,
1508 ntohs(th->dest), tcp_v6_iif(skb));
1510 struct inet_timewait_sock *tw = inet_twsk(sk);
1511 inet_twsk_deschedule_put(tw);
1513 tcp_v6_restore_cb(skb);
1516 /* Fall through to ACK */
1519 tcp_v6_timewait_ack(sk, skb);
1522 tcp_v6_restore_cb(skb);
1524 case TCP_TW_SUCCESS:
1530 static void tcp_v6_early_demux(struct sk_buff *skb)
1532 const struct ipv6hdr *hdr;
1533 const struct tcphdr *th;
1536 if (skb->pkt_type != PACKET_HOST)
1539 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1542 hdr = ipv6_hdr(skb);
1545 if (th->doff < sizeof(struct tcphdr) / 4)
1548 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
1549 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1550 &hdr->saddr, th->source,
1551 &hdr->daddr, ntohs(th->dest),
1555 skb->destructor = sock_edemux;
1556 if (sk_fullsock(sk)) {
1557 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
1560 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
1562 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1563 skb_dst_set_noref(skb, dst);
1568 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1569 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1570 .twsk_unique = tcp_twsk_unique,
1571 .twsk_destructor = tcp_twsk_destructor,
1574 static const struct inet_connection_sock_af_ops ipv6_specific = {
1575 .queue_xmit = inet6_csk_xmit,
1576 .send_check = tcp_v6_send_check,
1577 .rebuild_header = inet6_sk_rebuild_header,
1578 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1579 .conn_request = tcp_v6_conn_request,
1580 .syn_recv_sock = tcp_v6_syn_recv_sock,
1581 .net_header_len = sizeof(struct ipv6hdr),
1582 .net_frag_header_len = sizeof(struct frag_hdr),
1583 .setsockopt = ipv6_setsockopt,
1584 .getsockopt = ipv6_getsockopt,
1585 .addr2sockaddr = inet6_csk_addr2sockaddr,
1586 .sockaddr_len = sizeof(struct sockaddr_in6),
1587 .bind_conflict = inet6_csk_bind_conflict,
1588 #ifdef CONFIG_COMPAT
1589 .compat_setsockopt = compat_ipv6_setsockopt,
1590 .compat_getsockopt = compat_ipv6_getsockopt,
1592 .mtu_reduced = tcp_v6_mtu_reduced,
1595 #ifdef CONFIG_TCP_MD5SIG
1596 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1597 .md5_lookup = tcp_v6_md5_lookup,
1598 .calc_md5_hash = tcp_v6_md5_hash_skb,
1599 .md5_parse = tcp_v6_parse_md5_keys,
1604 * TCP over IPv4 via INET6 API
1606 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1607 .queue_xmit = ip_queue_xmit,
1608 .send_check = tcp_v4_send_check,
1609 .rebuild_header = inet_sk_rebuild_header,
1610 .sk_rx_dst_set = inet_sk_rx_dst_set,
1611 .conn_request = tcp_v6_conn_request,
1612 .syn_recv_sock = tcp_v6_syn_recv_sock,
1613 .net_header_len = sizeof(struct iphdr),
1614 .setsockopt = ipv6_setsockopt,
1615 .getsockopt = ipv6_getsockopt,
1616 .addr2sockaddr = inet6_csk_addr2sockaddr,
1617 .sockaddr_len = sizeof(struct sockaddr_in6),
1618 .bind_conflict = inet6_csk_bind_conflict,
1619 #ifdef CONFIG_COMPAT
1620 .compat_setsockopt = compat_ipv6_setsockopt,
1621 .compat_getsockopt = compat_ipv6_getsockopt,
1623 .mtu_reduced = tcp_v4_mtu_reduced,
1626 #ifdef CONFIG_TCP_MD5SIG
1627 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1628 .md5_lookup = tcp_v4_md5_lookup,
1629 .calc_md5_hash = tcp_v4_md5_hash_skb,
1630 .md5_parse = tcp_v6_parse_md5_keys,
1634 /* NOTE: A lot of things set to zero explicitly by call to
1635 * sk_alloc() so need not be done here.
1637 static int tcp_v6_init_sock(struct sock *sk)
1639 struct inet_connection_sock *icsk = inet_csk(sk);
1643 icsk->icsk_af_ops = &ipv6_specific;
1645 #ifdef CONFIG_TCP_MD5SIG
1646 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1652 static void tcp_v6_destroy_sock(struct sock *sk)
1654 tcp_v4_destroy_sock(sk);
1655 inet6_destroy_sock(sk);
1658 #ifdef CONFIG_PROC_FS
1659 /* Proc filesystem TCPv6 sock list dumping. */
1660 static void get_openreq6(struct seq_file *seq,
1661 const struct request_sock *req, int i)
1663 long ttd = req->rsk_timer.expires - jiffies;
1664 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1665 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1671 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1672 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1674 src->s6_addr32[0], src->s6_addr32[1],
1675 src->s6_addr32[2], src->s6_addr32[3],
1676 inet_rsk(req)->ir_num,
1677 dest->s6_addr32[0], dest->s6_addr32[1],
1678 dest->s6_addr32[2], dest->s6_addr32[3],
1679 ntohs(inet_rsk(req)->ir_rmt_port),
1681 0, 0, /* could print option size, but that is af dependent. */
1682 1, /* timers active (only the expire timer) */
1683 jiffies_to_clock_t(ttd),
1685 from_kuid_munged(seq_user_ns(seq),
1686 sock_i_uid(req->rsk_listener)),
1687 0, /* non standard timer */
1688 0, /* open_requests have no inode */
1692 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1694 const struct in6_addr *dest, *src;
1697 unsigned long timer_expires;
1698 const struct inet_sock *inet = inet_sk(sp);
1699 const struct tcp_sock *tp = tcp_sk(sp);
1700 const struct inet_connection_sock *icsk = inet_csk(sp);
1701 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
1705 dest = &sp->sk_v6_daddr;
1706 src = &sp->sk_v6_rcv_saddr;
1707 destp = ntohs(inet->inet_dport);
1708 srcp = ntohs(inet->inet_sport);
1710 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1712 timer_expires = icsk->icsk_timeout;
1713 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1715 timer_expires = icsk->icsk_timeout;
1716 } else if (timer_pending(&sp->sk_timer)) {
1718 timer_expires = sp->sk_timer.expires;
1721 timer_expires = jiffies;
1724 state = sk_state_load(sp);
1725 if (state == TCP_LISTEN)
1726 rx_queue = sp->sk_ack_backlog;
1728 /* Because we don't lock the socket,
1729 * we might find a transient negative value.
1731 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
1734 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1735 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1737 src->s6_addr32[0], src->s6_addr32[1],
1738 src->s6_addr32[2], src->s6_addr32[3], srcp,
1739 dest->s6_addr32[0], dest->s6_addr32[1],
1740 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1742 tp->write_seq - tp->snd_una,
1745 jiffies_delta_to_clock_t(timer_expires - jiffies),
1746 icsk->icsk_retransmits,
1747 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1748 icsk->icsk_probes_out,
1750 atomic_read(&sp->sk_refcnt), sp,
1751 jiffies_to_clock_t(icsk->icsk_rto),
1752 jiffies_to_clock_t(icsk->icsk_ack.ato),
1753 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
1755 state == TCP_LISTEN ?
1756 fastopenq->max_qlen :
1757 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1761 static void get_timewait6_sock(struct seq_file *seq,
1762 struct inet_timewait_sock *tw, int i)
1764 long delta = tw->tw_timer.expires - jiffies;
1765 const struct in6_addr *dest, *src;
1768 dest = &tw->tw_v6_daddr;
1769 src = &tw->tw_v6_rcv_saddr;
1770 destp = ntohs(tw->tw_dport);
1771 srcp = ntohs(tw->tw_sport);
1774 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1775 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1777 src->s6_addr32[0], src->s6_addr32[1],
1778 src->s6_addr32[2], src->s6_addr32[3], srcp,
1779 dest->s6_addr32[0], dest->s6_addr32[1],
1780 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1781 tw->tw_substate, 0, 0,
1782 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1783 atomic_read(&tw->tw_refcnt), tw);
1786 static int tcp6_seq_show(struct seq_file *seq, void *v)
1788 struct tcp_iter_state *st;
1789 struct sock *sk = v;
1791 if (v == SEQ_START_TOKEN) {
1796 "st tx_queue rx_queue tr tm->when retrnsmt"
1797 " uid timeout inode\n");
1802 if (sk->sk_state == TCP_TIME_WAIT)
1803 get_timewait6_sock(seq, v, st->num);
1804 else if (sk->sk_state == TCP_NEW_SYN_RECV)
1805 get_openreq6(seq, v, st->num);
1807 get_tcp6_sock(seq, v, st->num);
1812 static const struct file_operations tcp6_afinfo_seq_fops = {
1813 .owner = THIS_MODULE,
1814 .open = tcp_seq_open,
1816 .llseek = seq_lseek,
1817 .release = seq_release_net
1820 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1823 .seq_fops = &tcp6_afinfo_seq_fops,
1825 .show = tcp6_seq_show,
1829 int __net_init tcp6_proc_init(struct net *net)
1831 return tcp_proc_register(net, &tcp6_seq_afinfo);
1834 void tcp6_proc_exit(struct net *net)
1836 tcp_proc_unregister(net, &tcp6_seq_afinfo);
1840 static void tcp_v6_clear_sk(struct sock *sk, int size)
1842 struct inet_sock *inet = inet_sk(sk);
1844 /* we do not want to clear pinet6 field, because of RCU lookups */
1845 sk_prot_clear_nulls(sk, offsetof(struct inet_sock, pinet6));
1847 size -= offsetof(struct inet_sock, pinet6) + sizeof(inet->pinet6);
1848 memset(&inet->pinet6 + 1, 0, size);
1851 struct proto tcpv6_prot = {
1853 .owner = THIS_MODULE,
1855 .connect = tcp_v6_connect,
1856 .disconnect = tcp_disconnect,
1857 .accept = inet_csk_accept,
1859 .init = tcp_v6_init_sock,
1860 .destroy = tcp_v6_destroy_sock,
1861 .shutdown = tcp_shutdown,
1862 .setsockopt = tcp_setsockopt,
1863 .getsockopt = tcp_getsockopt,
1864 .recvmsg = tcp_recvmsg,
1865 .sendmsg = tcp_sendmsg,
1866 .sendpage = tcp_sendpage,
1867 .backlog_rcv = tcp_v6_do_rcv,
1868 .release_cb = tcp_release_cb,
1870 .unhash = inet_unhash,
1871 .get_port = inet_csk_get_port,
1872 .enter_memory_pressure = tcp_enter_memory_pressure,
1873 .stream_memory_free = tcp_stream_memory_free,
1874 .sockets_allocated = &tcp_sockets_allocated,
1875 .memory_allocated = &tcp_memory_allocated,
1876 .memory_pressure = &tcp_memory_pressure,
1877 .orphan_count = &tcp_orphan_count,
1878 .sysctl_mem = sysctl_tcp_mem,
1879 .sysctl_wmem = sysctl_tcp_wmem,
1880 .sysctl_rmem = sysctl_tcp_rmem,
1881 .max_header = MAX_TCP_HEADER,
1882 .obj_size = sizeof(struct tcp6_sock),
1883 .slab_flags = SLAB_DESTROY_BY_RCU,
1884 .twsk_prot = &tcp6_timewait_sock_ops,
1885 .rsk_prot = &tcp6_request_sock_ops,
1886 .h.hashinfo = &tcp_hashinfo,
1887 .no_autobind = true,
1888 #ifdef CONFIG_COMPAT
1889 .compat_setsockopt = compat_tcp_setsockopt,
1890 .compat_getsockopt = compat_tcp_getsockopt,
1892 #ifdef CONFIG_MEMCG_KMEM
1893 .proto_cgroup = tcp_proto_cgroup,
1895 .clear_sk = tcp_v6_clear_sk,
1898 static const struct inet6_protocol tcpv6_protocol = {
1899 .early_demux = tcp_v6_early_demux,
1900 .handler = tcp_v6_rcv,
1901 .err_handler = tcp_v6_err,
1902 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1905 static struct inet_protosw tcpv6_protosw = {
1906 .type = SOCK_STREAM,
1907 .protocol = IPPROTO_TCP,
1908 .prot = &tcpv6_prot,
1909 .ops = &inet6_stream_ops,
1910 .flags = INET_PROTOSW_PERMANENT |
1914 static int __net_init tcpv6_net_init(struct net *net)
1916 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
1917 SOCK_RAW, IPPROTO_TCP, net);
1920 static void __net_exit tcpv6_net_exit(struct net *net)
1922 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
1925 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
1927 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
1930 static struct pernet_operations tcpv6_net_ops = {
1931 .init = tcpv6_net_init,
1932 .exit = tcpv6_net_exit,
1933 .exit_batch = tcpv6_net_exit_batch,
1936 int __init tcpv6_init(void)
1940 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
1944 /* register inet6 protocol */
1945 ret = inet6_register_protosw(&tcpv6_protosw);
1947 goto out_tcpv6_protocol;
1949 ret = register_pernet_subsys(&tcpv6_net_ops);
1951 goto out_tcpv6_protosw;
1956 inet6_unregister_protosw(&tcpv6_protosw);
1958 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
1962 void tcpv6_exit(void)
1964 unregister_pernet_subsys(&tcpv6_net_ops);
1965 inet6_unregister_protosw(&tcpv6_protosw);
1966 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
projects / firefly-linux-kernel-4.4.55.git / blob