2 * IPv6 output functions
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * Based on linux/net/ipv4/ip_output.c
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version
13 * 2 of the License, or (at your option) any later version.
16 * A.N.Kuznetsov : airthmetics in fragmentation.
17 * extension headers are implemented.
18 * route changes now work.
19 * ip6_forward does not confuse sniffers.
22 * H. von Brand : Added missing #include <linux/string.h>
23 * Imran Patel : frag id should be in NBO
24 * Kazunori MIYAZAWA @USAGI
25 * : add ip6_append_data and related functions
29 #include <linux/errno.h>
30 #include <linux/kernel.h>
31 #include <linux/string.h>
32 #include <linux/socket.h>
33 #include <linux/net.h>
34 #include <linux/netdevice.h>
35 #include <linux/if_arp.h>
36 #include <linux/in6.h>
37 #include <linux/tcp.h>
38 #include <linux/route.h>
39 #include <linux/module.h>
40 #include <linux/slab.h>
42 #include <linux/netfilter.h>
43 #include <linux/netfilter_ipv6.h>
49 #include <net/ndisc.h>
50 #include <net/protocol.h>
51 #include <net/ip6_route.h>
52 #include <net/addrconf.h>
53 #include <net/rawv6.h>
56 #include <net/checksum.h>
57 #include <linux/mroute6.h>
59 int ip6_fragment(struct sk_buff
*skb
, int (*output
)(struct sk_buff
*));
61 int __ip6_local_out(struct sk_buff
*skb
)
65 len
= skb
->len
- sizeof(struct ipv6hdr
);
66 if (len
> IPV6_MAXPLEN
)
68 ipv6_hdr(skb
)->payload_len
= htons(len
);
70 return nf_hook(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, skb
, NULL
,
71 skb_dst(skb
)->dev
, dst_output
);
74 int ip6_local_out(struct sk_buff
*skb
)
78 err
= __ip6_local_out(skb
);
80 err
= dst_output(skb
);
84 EXPORT_SYMBOL_GPL(ip6_local_out
);
86 /* dev_loopback_xmit for use with netfilter. */
87 static int ip6_dev_loopback_xmit(struct sk_buff
*newskb
)
89 skb_reset_mac_header(newskb
);
90 __skb_pull(newskb
, skb_network_offset(newskb
));
91 newskb
->pkt_type
= PACKET_LOOPBACK
;
92 newskb
->ip_summed
= CHECKSUM_UNNECESSARY
;
93 WARN_ON(!skb_dst(newskb
));
99 static int ip6_finish_output2(struct sk_buff
*skb
)
101 struct dst_entry
*dst
= skb_dst(skb
);
102 struct net_device
*dev
= dst
->dev
;
103 struct neighbour
*neigh
;
105 skb
->protocol
= htons(ETH_P_IPV6
);
108 if (ipv6_addr_is_multicast(&ipv6_hdr(skb
)->daddr
)) {
109 struct inet6_dev
*idev
= ip6_dst_idev(skb_dst(skb
));
111 if (!(dev
->flags
& IFF_LOOPBACK
) && sk_mc_loop(skb
->sk
) &&
112 ((mroute6_socket(dev_net(dev
), skb
) &&
113 !(IP6CB(skb
)->flags
& IP6SKB_FORWARDED
)) ||
114 ipv6_chk_mcast_addr(dev
, &ipv6_hdr(skb
)->daddr
,
115 &ipv6_hdr(skb
)->saddr
))) {
116 struct sk_buff
*newskb
= skb_clone(skb
, GFP_ATOMIC
);
118 /* Do not check for IFF_ALLMULTI; multicast routing
119 is not supported in any case.
122 NF_HOOK(NFPROTO_IPV6
, NF_INET_POST_ROUTING
,
123 newskb
, NULL
, newskb
->dev
,
124 ip6_dev_loopback_xmit
);
126 if (ipv6_hdr(skb
)->hop_limit
== 0) {
127 IP6_INC_STATS(dev_net(dev
), idev
,
128 IPSTATS_MIB_OUTDISCARDS
);
134 IP6_UPD_PO_STATS(dev_net(dev
), idev
, IPSTATS_MIB_OUTMCAST
,
138 neigh
= dst_get_neighbour(dst
);
140 return neigh_output(neigh
, skb
);
142 IP6_INC_STATS_BH(dev_net(dst
->dev
),
143 ip6_dst_idev(dst
), IPSTATS_MIB_OUTNOROUTES
);
148 static int ip6_finish_output(struct sk_buff
*skb
)
150 if ((skb
->len
> ip6_skb_dst_mtu(skb
) && !skb_is_gso(skb
)) ||
151 dst_allfrag(skb_dst(skb
)))
152 return ip6_fragment(skb
, ip6_finish_output2
);
154 return ip6_finish_output2(skb
);
157 int ip6_output(struct sk_buff
*skb
)
159 struct net_device
*dev
= skb_dst(skb
)->dev
;
160 struct inet6_dev
*idev
= ip6_dst_idev(skb_dst(skb
));
161 if (unlikely(idev
->cnf
.disable_ipv6
)) {
162 IP6_INC_STATS(dev_net(dev
), idev
,
163 IPSTATS_MIB_OUTDISCARDS
);
168 return NF_HOOK_COND(NFPROTO_IPV6
, NF_INET_POST_ROUTING
, skb
, NULL
, dev
,
170 !(IP6CB(skb
)->flags
& IP6SKB_REROUTED
));
174 * xmit an sk_buff (used by TCP, SCTP and DCCP)
177 int ip6_xmit(struct sock
*sk
, struct sk_buff
*skb
, struct flowi6
*fl6
,
178 struct ipv6_txoptions
*opt
)
180 struct net
*net
= sock_net(sk
);
181 struct ipv6_pinfo
*np
= inet6_sk(sk
);
182 struct in6_addr
*first_hop
= &fl6
->daddr
;
183 struct dst_entry
*dst
= skb_dst(skb
);
185 u8 proto
= fl6
->flowi6_proto
;
186 int seg_len
= skb
->len
;
192 unsigned int head_room
;
194 /* First: exthdrs may take lots of space (~8K for now)
195 MAX_HEADER is not enough.
197 head_room
= opt
->opt_nflen
+ opt
->opt_flen
;
198 seg_len
+= head_room
;
199 head_room
+= sizeof(struct ipv6hdr
) + LL_RESERVED_SPACE(dst
->dev
);
201 if (skb_headroom(skb
) < head_room
) {
202 struct sk_buff
*skb2
= skb_realloc_headroom(skb
, head_room
);
204 IP6_INC_STATS(net
, ip6_dst_idev(skb_dst(skb
)),
205 IPSTATS_MIB_OUTDISCARDS
);
211 skb_set_owner_w(skb
, sk
);
214 ipv6_push_frag_opts(skb
, opt
, &proto
);
216 ipv6_push_nfrag_opts(skb
, opt
, &proto
, &first_hop
);
219 skb_push(skb
, sizeof(struct ipv6hdr
));
220 skb_reset_network_header(skb
);
224 * Fill in the IPv6 header
228 hlimit
= np
->hop_limit
;
231 hlimit
= ip6_dst_hoplimit(dst
);
233 *(__be32
*)hdr
= htonl(0x60000000 | (tclass
<< 20)) | fl6
->flowlabel
;
235 hdr
->payload_len
= htons(seg_len
);
236 hdr
->nexthdr
= proto
;
237 hdr
->hop_limit
= hlimit
;
239 ipv6_addr_copy(&hdr
->saddr
, &fl6
->saddr
);
240 ipv6_addr_copy(&hdr
->daddr
, first_hop
);
242 skb
->priority
= sk
->sk_priority
;
243 skb
->mark
= sk
->sk_mark
;
246 if ((skb
->len
<= mtu
) || skb
->local_df
|| skb_is_gso(skb
)) {
247 IP6_UPD_PO_STATS(net
, ip6_dst_idev(skb_dst(skb
)),
248 IPSTATS_MIB_OUT
, skb
->len
);
249 return NF_HOOK(NFPROTO_IPV6
, NF_INET_LOCAL_OUT
, skb
, NULL
,
250 dst
->dev
, dst_output
);
254 printk(KERN_DEBUG
"IPv6: sending pkt_too_big to self\n");
256 icmpv6_send(skb
, ICMPV6_PKT_TOOBIG
, 0, mtu
);
257 IP6_INC_STATS(net
, ip6_dst_idev(skb_dst(skb
)), IPSTATS_MIB_FRAGFAILS
);
262 EXPORT_SYMBOL(ip6_xmit
);
265 * To avoid extra problems ND packets are send through this
266 * routine. It's code duplication but I really want to avoid
267 * extra checks since ipv6_build_header is used by TCP (which
268 * is for us performance critical)
271 int ip6_nd_hdr(struct sock
*sk
, struct sk_buff
*skb
, struct net_device
*dev
,
272 const struct in6_addr
*saddr
, const struct in6_addr
*daddr
,
275 struct ipv6_pinfo
*np
= inet6_sk(sk
);
278 skb
->protocol
= htons(ETH_P_IPV6
);
281 skb_reset_network_header(skb
);
282 skb_put(skb
, sizeof(struct ipv6hdr
));
285 *(__be32
*)hdr
= htonl(0x60000000);
287 hdr
->payload_len
= htons(len
);
288 hdr
->nexthdr
= proto
;
289 hdr
->hop_limit
= np
->hop_limit
;
291 ipv6_addr_copy(&hdr
->saddr
, saddr
);
292 ipv6_addr_copy(&hdr
->daddr
, daddr
);
297 static int ip6_call_ra_chain(struct sk_buff
*skb
, int sel
)
299 struct ip6_ra_chain
*ra
;
300 struct sock
*last
= NULL
;
302 read_lock(&ip6_ra_lock
);
303 for (ra
= ip6_ra_chain
; ra
; ra
= ra
->next
) {
304 struct sock
*sk
= ra
->sk
;
305 if (sk
&& ra
->sel
== sel
&&
306 (!sk
->sk_bound_dev_if
||
307 sk
->sk_bound_dev_if
== skb
->dev
->ifindex
)) {
309 struct sk_buff
*skb2
= skb_clone(skb
, GFP_ATOMIC
);
311 rawv6_rcv(last
, skb2
);
318 rawv6_rcv(last
, skb
);
319 read_unlock(&ip6_ra_lock
);
322 read_unlock(&ip6_ra_lock
);
326 static int ip6_forward_proxy_check(struct sk_buff
*skb
)
328 struct ipv6hdr
*hdr
= ipv6_hdr(skb
);
329 u8 nexthdr
= hdr
->nexthdr
;
332 if (ipv6_ext_hdr(nexthdr
)) {
333 offset
= ipv6_skip_exthdr(skb
, sizeof(*hdr
), &nexthdr
);
337 offset
= sizeof(struct ipv6hdr
);
339 if (nexthdr
== IPPROTO_ICMPV6
) {
340 struct icmp6hdr
*icmp6
;
342 if (!pskb_may_pull(skb
, (skb_network_header(skb
) +
343 offset
+ 1 - skb
->data
)))
346 icmp6
= (struct icmp6hdr
*)(skb_network_header(skb
) + offset
);
348 switch (icmp6
->icmp6_type
) {
349 case NDISC_ROUTER_SOLICITATION
:
350 case NDISC_ROUTER_ADVERTISEMENT
:
351 case NDISC_NEIGHBOUR_SOLICITATION
:
352 case NDISC_NEIGHBOUR_ADVERTISEMENT
:
354 /* For reaction involving unicast neighbor discovery
355 * message destined to the proxied address, pass it to
365 * The proxying router can't forward traffic sent to a link-local
366 * address, so signal the sender and discard the packet. This
367 * behavior is clarified by the MIPv6 specification.
369 if (ipv6_addr_type(&hdr
->daddr
) & IPV6_ADDR_LINKLOCAL
) {
370 dst_link_failure(skb
);
377 static inline int ip6_forward_finish(struct sk_buff
*skb
)
379 return dst_output(skb
);
382 int ip6_forward(struct sk_buff
*skb
)
384 struct dst_entry
*dst
= skb_dst(skb
);
385 struct ipv6hdr
*hdr
= ipv6_hdr(skb
);
386 struct inet6_skb_parm
*opt
= IP6CB(skb
);
387 struct net
*net
= dev_net(dst
->dev
);
391 if (net
->ipv6
.devconf_all
->forwarding
== 0)
394 if (skb_warn_if_lro(skb
))
397 if (!xfrm6_policy_check(NULL
, XFRM_POLICY_FWD
, skb
)) {
398 IP6_INC_STATS(net
, ip6_dst_idev(dst
), IPSTATS_MIB_INDISCARDS
);
402 if (skb
->pkt_type
!= PACKET_HOST
)
405 skb_forward_csum(skb
);
408 * We DO NOT make any processing on
409 * RA packets, pushing them to user level AS IS
410 * without ane WARRANTY that application will be able
411 * to interpret them. The reason is that we
412 * cannot make anything clever here.
414 * We are not end-node, so that if packet contains
415 * AH/ESP, we cannot make anything.
416 * Defragmentation also would be mistake, RA packets
417 * cannot be fragmented, because there is no warranty
418 * that different fragments will go along one path. --ANK
421 u8
*ptr
= skb_network_header(skb
) + opt
->ra
;
422 if (ip6_call_ra_chain(skb
, (ptr
[2]<<8) + ptr
[3]))
427 * check and decrement ttl
429 if (hdr
->hop_limit
<= 1) {
430 /* Force OUTPUT device used as source address */
432 icmpv6_send(skb
, ICMPV6_TIME_EXCEED
, ICMPV6_EXC_HOPLIMIT
, 0);
433 IP6_INC_STATS_BH(net
,
434 ip6_dst_idev(dst
), IPSTATS_MIB_INHDRERRORS
);
440 /* XXX: idev->cnf.proxy_ndp? */
441 if (net
->ipv6
.devconf_all
->proxy_ndp
&&
442 pneigh_lookup(&nd_tbl
, net
, &hdr
->daddr
, skb
->dev
, 0)) {
443 int proxied
= ip6_forward_proxy_check(skb
);
445 return ip6_input(skb
);
446 else if (proxied
< 0) {
447 IP6_INC_STATS(net
, ip6_dst_idev(dst
),
448 IPSTATS_MIB_INDISCARDS
);
453 if (!xfrm6_route_forward(skb
)) {
454 IP6_INC_STATS(net
, ip6_dst_idev(dst
), IPSTATS_MIB_INDISCARDS
);
459 /* IPv6 specs say nothing about it, but it is clear that we cannot
460 send redirects to source routed frames.
461 We don't send redirects to frames decapsulated from IPsec.
463 n
= dst_get_neighbour(dst
);
464 if (skb
->dev
== dst
->dev
&& n
&& opt
->srcrt
== 0 && !skb_sec_path(skb
)) {
465 struct in6_addr
*target
= NULL
;
469 * incoming and outgoing devices are the same
473 rt
= (struct rt6_info
*) dst
;
474 if ((rt
->rt6i_flags
& RTF_GATEWAY
))
475 target
= (struct in6_addr
*)&n
->primary_key
;
477 target
= &hdr
->daddr
;
480 rt6_bind_peer(rt
, 1);
482 /* Limit redirects both by destination (here)
483 and by source (inside ndisc_send_redirect)
485 if (inet_peer_xrlim_allow(rt
->rt6i_peer
, 1*HZ
))
486 ndisc_send_redirect(skb
, n
, target
);
488 int addrtype
= ipv6_addr_type(&hdr
->saddr
);
490 /* This check is security critical. */
491 if (addrtype
== IPV6_ADDR_ANY
||
492 addrtype
& (IPV6_ADDR_MULTICAST
| IPV6_ADDR_LOOPBACK
))
494 if (addrtype
& IPV6_ADDR_LINKLOCAL
) {
495 icmpv6_send(skb
, ICMPV6_DEST_UNREACH
,
496 ICMPV6_NOT_NEIGHBOUR
, 0);
502 if (mtu
< IPV6_MIN_MTU
)
505 if (skb
->len
> mtu
&& !skb_is_gso(skb
)) {
506 /* Again, force OUTPUT device used as source address */
508 icmpv6_send(skb
, ICMPV6_PKT_TOOBIG
, 0, mtu
);
509 IP6_INC_STATS_BH(net
,
510 ip6_dst_idev(dst
), IPSTATS_MIB_INTOOBIGERRORS
);
511 IP6_INC_STATS_BH(net
,
512 ip6_dst_idev(dst
), IPSTATS_MIB_FRAGFAILS
);
517 if (skb_cow(skb
, dst
->dev
->hard_header_len
)) {
518 IP6_INC_STATS(net
, ip6_dst_idev(dst
), IPSTATS_MIB_OUTDISCARDS
);
524 /* Mangling hops number delayed to point after skb COW */
528 IP6_INC_STATS_BH(net
, ip6_dst_idev(dst
), IPSTATS_MIB_OUTFORWDATAGRAMS
);
529 return NF_HOOK(NFPROTO_IPV6
, NF_INET_FORWARD
, skb
, skb
->dev
, dst
->dev
,
533 IP6_INC_STATS_BH(net
, ip6_dst_idev(dst
), IPSTATS_MIB_INADDRERRORS
);
539 static void ip6_copy_metadata(struct sk_buff
*to
, struct sk_buff
*from
)
541 to
->pkt_type
= from
->pkt_type
;
542 to
->priority
= from
->priority
;
543 to
->protocol
= from
->protocol
;
545 skb_dst_set(to
, dst_clone(skb_dst(from
)));
547 to
->mark
= from
->mark
;
549 #ifdef CONFIG_NET_SCHED
550 to
->tc_index
= from
->tc_index
;
553 #if defined(CONFIG_NETFILTER_XT_TARGET_TRACE) || \
554 defined(CONFIG_NETFILTER_XT_TARGET_TRACE_MODULE)
555 to
->nf_trace
= from
->nf_trace
;
557 skb_copy_secmark(to
, from
);
560 int ip6_find_1stfragopt(struct sk_buff
*skb
, u8
**nexthdr
)
562 u16 offset
= sizeof(struct ipv6hdr
);
563 struct ipv6_opt_hdr
*exthdr
=
564 (struct ipv6_opt_hdr
*)(ipv6_hdr(skb
) + 1);
565 unsigned int packet_len
= skb
->tail
- skb
->network_header
;
567 *nexthdr
= &ipv6_hdr(skb
)->nexthdr
;
569 while (offset
+ 1 <= packet_len
) {
575 case NEXTHDR_ROUTING
:
579 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
580 if (ipv6_find_tlv(skb
, offset
, IPV6_TLV_HAO
) >= 0)
590 offset
+= ipv6_optlen(exthdr
);
591 *nexthdr
= &exthdr
->nexthdr
;
592 exthdr
= (struct ipv6_opt_hdr
*)(skb_network_header(skb
) +
599 void ipv6_select_ident(struct frag_hdr
*fhdr
, struct rt6_info
*rt
)
601 static atomic_t ipv6_fragmentation_id
;
605 struct inet_peer
*peer
;
608 rt6_bind_peer(rt
, 1);
609 peer
= rt
->rt6i_peer
;
611 fhdr
->identification
= htonl(inet_getid(peer
, 0));
616 old
= atomic_read(&ipv6_fragmentation_id
);
620 } while (atomic_cmpxchg(&ipv6_fragmentation_id
, old
, new) != old
);
621 fhdr
->identification
= htonl(new);
624 int ip6_fragment(struct sk_buff
*skb
, int (*output
)(struct sk_buff
*))
626 struct sk_buff
*frag
;
627 struct rt6_info
*rt
= (struct rt6_info
*)skb_dst(skb
);
628 struct ipv6_pinfo
*np
= skb
->sk
? inet6_sk(skb
->sk
) : NULL
;
629 struct ipv6hdr
*tmp_hdr
;
631 unsigned int mtu
, hlen
, left
, len
;
633 int ptr
, offset
= 0, err
=0;
634 u8
*prevhdr
, nexthdr
= 0;
635 struct net
*net
= dev_net(skb_dst(skb
)->dev
);
637 hlen
= ip6_find_1stfragopt(skb
, &prevhdr
);
640 mtu
= ip6_skb_dst_mtu(skb
);
642 /* We must not fragment if the socket is set to force MTU discovery
643 * or if the skb it not generated by a local socket.
645 if (!skb
->local_df
&& skb
->len
> mtu
) {
646 skb
->dev
= skb_dst(skb
)->dev
;
647 icmpv6_send(skb
, ICMPV6_PKT_TOOBIG
, 0, mtu
);
648 IP6_INC_STATS(net
, ip6_dst_idev(skb_dst(skb
)),
649 IPSTATS_MIB_FRAGFAILS
);
654 if (np
&& np
->frag_size
< mtu
) {
658 mtu
-= hlen
+ sizeof(struct frag_hdr
);
660 if (skb_has_frag_list(skb
)) {
661 int first_len
= skb_pagelen(skb
);
662 struct sk_buff
*frag2
;
664 if (first_len
- hlen
> mtu
||
665 ((first_len
- hlen
) & 7) ||
669 skb_walk_frags(skb
, frag
) {
670 /* Correct geometry. */
671 if (frag
->len
> mtu
||
672 ((frag
->len
& 7) && frag
->next
) ||
673 skb_headroom(frag
) < hlen
)
674 goto slow_path_clean
;
676 /* Partially cloned skb? */
677 if (skb_shared(frag
))
678 goto slow_path_clean
;
683 frag
->destructor
= sock_wfree
;
685 skb
->truesize
-= frag
->truesize
;
690 frag
= skb_shinfo(skb
)->frag_list
;
691 skb_frag_list_init(skb
);
694 *prevhdr
= NEXTHDR_FRAGMENT
;
695 tmp_hdr
= kmemdup(skb_network_header(skb
), hlen
, GFP_ATOMIC
);
697 IP6_INC_STATS(net
, ip6_dst_idev(skb_dst(skb
)),
698 IPSTATS_MIB_FRAGFAILS
);
702 __skb_pull(skb
, hlen
);
703 fh
= (struct frag_hdr
*)__skb_push(skb
, sizeof(struct frag_hdr
));
704 __skb_push(skb
, hlen
);
705 skb_reset_network_header(skb
);
706 memcpy(skb_network_header(skb
), tmp_hdr
, hlen
);
708 ipv6_select_ident(fh
, rt
);
709 fh
->nexthdr
= nexthdr
;
711 fh
->frag_off
= htons(IP6_MF
);
712 frag_id
= fh
->identification
;
714 first_len
= skb_pagelen(skb
);
715 skb
->data_len
= first_len
- skb_headlen(skb
);
716 skb
->len
= first_len
;
717 ipv6_hdr(skb
)->payload_len
= htons(first_len
-
718 sizeof(struct ipv6hdr
));
723 /* Prepare header of the next frame,
724 * before previous one went down. */
726 frag
->ip_summed
= CHECKSUM_NONE
;
727 skb_reset_transport_header(frag
);
728 fh
= (struct frag_hdr
*)__skb_push(frag
, sizeof(struct frag_hdr
));
729 __skb_push(frag
, hlen
);
730 skb_reset_network_header(frag
);
731 memcpy(skb_network_header(frag
), tmp_hdr
,
733 offset
+= skb
->len
- hlen
- sizeof(struct frag_hdr
);
734 fh
->nexthdr
= nexthdr
;
736 fh
->frag_off
= htons(offset
);
737 if (frag
->next
!= NULL
)
738 fh
->frag_off
|= htons(IP6_MF
);
739 fh
->identification
= frag_id
;
740 ipv6_hdr(frag
)->payload_len
=
742 sizeof(struct ipv6hdr
));
743 ip6_copy_metadata(frag
, skb
);
748 IP6_INC_STATS(net
, ip6_dst_idev(&rt
->dst
),
749 IPSTATS_MIB_FRAGCREATES
);
762 IP6_INC_STATS(net
, ip6_dst_idev(&rt
->dst
),
763 IPSTATS_MIB_FRAGOKS
);
764 dst_release(&rt
->dst
);
774 IP6_INC_STATS(net
, ip6_dst_idev(&rt
->dst
),
775 IPSTATS_MIB_FRAGFAILS
);
776 dst_release(&rt
->dst
);
780 skb_walk_frags(skb
, frag2
) {
784 frag2
->destructor
= NULL
;
785 skb
->truesize
+= frag2
->truesize
;
790 left
= skb
->len
- hlen
; /* Space per frame */
791 ptr
= hlen
; /* Where to start from */
794 * Fragment the datagram.
797 *prevhdr
= NEXTHDR_FRAGMENT
;
800 * Keep copying data until we run out.
804 /* IF: it doesn't fit, use 'mtu' - the data space left */
807 /* IF: we are not sending up to and including the packet end
808 then align the next start on an eight byte boundary */
816 if ((frag
= alloc_skb(len
+hlen
+sizeof(struct frag_hdr
)+LL_ALLOCATED_SPACE(rt
->dst
.dev
), GFP_ATOMIC
)) == NULL
) {
817 NETDEBUG(KERN_INFO
"IPv6: frag: no memory for new fragment!\n");
818 IP6_INC_STATS(net
, ip6_dst_idev(skb_dst(skb
)),
819 IPSTATS_MIB_FRAGFAILS
);
825 * Set up data on packet
828 ip6_copy_metadata(frag
, skb
);
829 skb_reserve(frag
, LL_RESERVED_SPACE(rt
->dst
.dev
));
830 skb_put(frag
, len
+ hlen
+ sizeof(struct frag_hdr
));
831 skb_reset_network_header(frag
);
832 fh
= (struct frag_hdr
*)(skb_network_header(frag
) + hlen
);
833 frag
->transport_header
= (frag
->network_header
+ hlen
+
834 sizeof(struct frag_hdr
));
837 * Charge the memory for the fragment to any owner
841 skb_set_owner_w(frag
, skb
->sk
);
844 * Copy the packet header into the new buffer.
846 skb_copy_from_linear_data(skb
, skb_network_header(frag
), hlen
);
849 * Build fragment header.
851 fh
->nexthdr
= nexthdr
;
854 ipv6_select_ident(fh
, rt
);
855 frag_id
= fh
->identification
;
857 fh
->identification
= frag_id
;
860 * Copy a block of the IP datagram.
862 if (skb_copy_bits(skb
, ptr
, skb_transport_header(frag
), len
))
866 fh
->frag_off
= htons(offset
);
868 fh
->frag_off
|= htons(IP6_MF
);
869 ipv6_hdr(frag
)->payload_len
= htons(frag
->len
-
870 sizeof(struct ipv6hdr
));
876 * Put this fragment into the sending queue.
882 IP6_INC_STATS(net
, ip6_dst_idev(skb_dst(skb
)),
883 IPSTATS_MIB_FRAGCREATES
);
885 IP6_INC_STATS(net
, ip6_dst_idev(skb_dst(skb
)),
886 IPSTATS_MIB_FRAGOKS
);
891 IP6_INC_STATS(net
, ip6_dst_idev(skb_dst(skb
)),
892 IPSTATS_MIB_FRAGFAILS
);
897 static inline int ip6_rt_check(const struct rt6key
*rt_key
,
898 const struct in6_addr
*fl_addr
,
899 const struct in6_addr
*addr_cache
)
901 return (rt_key
->plen
!= 128 || !ipv6_addr_equal(fl_addr
, &rt_key
->addr
)) &&
902 (addr_cache
== NULL
|| !ipv6_addr_equal(fl_addr
, addr_cache
));
905 static struct dst_entry
*ip6_sk_dst_check(struct sock
*sk
,
906 struct dst_entry
*dst
,
907 const struct flowi6
*fl6
)
909 struct ipv6_pinfo
*np
= inet6_sk(sk
);
910 struct rt6_info
*rt
= (struct rt6_info
*)dst
;
915 /* Yes, checking route validity in not connected
916 * case is not very simple. Take into account,
917 * that we do not support routing by source, TOS,
918 * and MSG_DONTROUTE --ANK (980726)
920 * 1. ip6_rt_check(): If route was host route,
921 * check that cached destination is current.
922 * If it is network route, we still may
923 * check its validity using saved pointer
924 * to the last used address: daddr_cache.
925 * We do not want to save whole address now,
926 * (because main consumer of this service
927 * is tcp, which has not this problem),
928 * so that the last trick works only on connected
930 * 2. oif also should be the same.
932 if (ip6_rt_check(&rt
->rt6i_dst
, &fl6
->daddr
, np
->daddr_cache
) ||
933 #ifdef CONFIG_IPV6_SUBTREES
934 ip6_rt_check(&rt
->rt6i_src
, &fl6
->saddr
, np
->saddr_cache
) ||
936 (fl6
->flowi6_oif
&& fl6
->flowi6_oif
!= dst
->dev
->ifindex
)) {
945 static int ip6_dst_lookup_tail(struct sock
*sk
,
946 struct dst_entry
**dst
, struct flowi6
*fl6
)
948 struct net
*net
= sock_net(sk
);
949 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
955 *dst
= ip6_route_output(net
, sk
, fl6
);
957 if ((err
= (*dst
)->error
))
958 goto out_err_release
;
960 if (ipv6_addr_any(&fl6
->saddr
)) {
961 struct rt6_info
*rt
= (struct rt6_info
*) *dst
;
962 err
= ip6_route_get_saddr(net
, rt
, &fl6
->daddr
,
963 sk
? inet6_sk(sk
)->srcprefs
: 0,
966 goto out_err_release
;
969 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
971 * Here if the dst entry we've looked up
972 * has a neighbour entry that is in the INCOMPLETE
973 * state and the src address from the flow is
974 * marked as OPTIMISTIC, we release the found
975 * dst entry and replace it instead with the
976 * dst entry of the nexthop router
978 n
= dst_get_neighbour(*dst
);
979 if (n
&& !(n
->nud_state
& NUD_VALID
)) {
980 struct inet6_ifaddr
*ifp
;
981 struct flowi6 fl_gw6
;
984 ifp
= ipv6_get_ifaddr(net
, &fl6
->saddr
,
987 redirect
= (ifp
&& ifp
->flags
& IFA_F_OPTIMISTIC
);
993 * We need to get the dst entry for the
994 * default router instead
997 memcpy(&fl_gw6
, fl6
, sizeof(struct flowi6
));
998 memset(&fl_gw6
.daddr
, 0, sizeof(struct in6_addr
));
999 *dst
= ip6_route_output(net
, sk
, &fl_gw6
);
1000 if ((err
= (*dst
)->error
))
1001 goto out_err_release
;
1009 if (err
== -ENETUNREACH
)
1010 IP6_INC_STATS_BH(net
, NULL
, IPSTATS_MIB_OUTNOROUTES
);
1017 * ip6_dst_lookup - perform route lookup on flow
1018 * @sk: socket which provides route info
1019 * @dst: pointer to dst_entry * for result
1020 * @fl6: flow to lookup
1022 * This function performs a route lookup on the given flow.
1024 * It returns zero on success, or a standard errno code on error.
1026 int ip6_dst_lookup(struct sock
*sk
, struct dst_entry
**dst
, struct flowi6
*fl6
)
1029 return ip6_dst_lookup_tail(sk
, dst
, fl6
);
1031 EXPORT_SYMBOL_GPL(ip6_dst_lookup
);
1034 * ip6_dst_lookup_flow - perform route lookup on flow with ipsec
1035 * @sk: socket which provides route info
1036 * @fl6: flow to lookup
1037 * @final_dst: final destination address for ipsec lookup
1038 * @can_sleep: we are in a sleepable context
1040 * This function performs a route lookup on the given flow.
1042 * It returns a valid dst pointer on success, or a pointer encoded
1045 struct dst_entry
*ip6_dst_lookup_flow(struct sock
*sk
, struct flowi6
*fl6
,
1046 const struct in6_addr
*final_dst
,
1049 struct dst_entry
*dst
= NULL
;
1052 err
= ip6_dst_lookup_tail(sk
, &dst
, fl6
);
1054 return ERR_PTR(err
);
1056 ipv6_addr_copy(&fl6
->daddr
, final_dst
);
1058 fl6
->flowi6_flags
|= FLOWI_FLAG_CAN_SLEEP
;
1060 return xfrm_lookup(sock_net(sk
), dst
, flowi6_to_flowi(fl6
), sk
, 0);
1062 EXPORT_SYMBOL_GPL(ip6_dst_lookup_flow
);
1065 * ip6_sk_dst_lookup_flow - perform socket cached route lookup on flow
1066 * @sk: socket which provides the dst cache and route info
1067 * @fl6: flow to lookup
1068 * @final_dst: final destination address for ipsec lookup
1069 * @can_sleep: we are in a sleepable context
1071 * This function performs a route lookup on the given flow with the
1072 * possibility of using the cached route in the socket if it is valid.
1073 * It will take the socket dst lock when operating on the dst cache.
1074 * As a result, this function can only be used in process context.
1076 * It returns a valid dst pointer on success, or a pointer encoded
1079 struct dst_entry
*ip6_sk_dst_lookup_flow(struct sock
*sk
, struct flowi6
*fl6
,
1080 const struct in6_addr
*final_dst
,
1083 struct dst_entry
*dst
= sk_dst_check(sk
, inet6_sk(sk
)->dst_cookie
);
1086 dst
= ip6_sk_dst_check(sk
, dst
, fl6
);
1088 err
= ip6_dst_lookup_tail(sk
, &dst
, fl6
);
1090 return ERR_PTR(err
);
1092 ipv6_addr_copy(&fl6
->daddr
, final_dst
);
1094 fl6
->flowi6_flags
|= FLOWI_FLAG_CAN_SLEEP
;
1096 return xfrm_lookup(sock_net(sk
), dst
, flowi6_to_flowi(fl6
), sk
, 0);
1098 EXPORT_SYMBOL_GPL(ip6_sk_dst_lookup_flow
);
1100 static inline int ip6_ufo_append_data(struct sock
*sk
,
1101 int getfrag(void *from
, char *to
, int offset
, int len
,
1102 int odd
, struct sk_buff
*skb
),
1103 void *from
, int length
, int hh_len
, int fragheaderlen
,
1104 int transhdrlen
, int mtu
,unsigned int flags
,
1105 struct rt6_info
*rt
)
1108 struct sk_buff
*skb
;
1111 /* There is support for UDP large send offload by network
1112 * device, so create one single skb packet containing complete
1115 if ((skb
= skb_peek_tail(&sk
->sk_write_queue
)) == NULL
) {
1116 skb
= sock_alloc_send_skb(sk
,
1117 hh_len
+ fragheaderlen
+ transhdrlen
+ 20,
1118 (flags
& MSG_DONTWAIT
), &err
);
1122 /* reserve space for Hardware header */
1123 skb_reserve(skb
, hh_len
);
1125 /* create space for UDP/IP header */
1126 skb_put(skb
,fragheaderlen
+ transhdrlen
);
1128 /* initialize network header pointer */
1129 skb_reset_network_header(skb
);
1131 /* initialize protocol header pointer */
1132 skb
->transport_header
= skb
->network_header
+ fragheaderlen
;
1134 skb
->ip_summed
= CHECKSUM_PARTIAL
;
1138 err
= skb_append_datato_frags(sk
,skb
, getfrag
, from
,
1139 (length
- transhdrlen
));
1141 struct frag_hdr fhdr
;
1143 /* Specify the length of each IPv6 datagram fragment.
1144 * It has to be a multiple of 8.
1146 skb_shinfo(skb
)->gso_size
= (mtu
- fragheaderlen
-
1147 sizeof(struct frag_hdr
)) & ~7;
1148 skb_shinfo(skb
)->gso_type
= SKB_GSO_UDP
;
1149 ipv6_select_ident(&fhdr
, rt
);
1150 skb_shinfo(skb
)->ip6_frag_id
= fhdr
.identification
;
1151 __skb_queue_tail(&sk
->sk_write_queue
, skb
);
1155 /* There is not enough support do UPD LSO,
1156 * so follow normal path
1163 static inline struct ipv6_opt_hdr
*ip6_opt_dup(struct ipv6_opt_hdr
*src
,
1166 return src
? kmemdup(src
, (src
->hdrlen
+ 1) * 8, gfp
) : NULL
;
1169 static inline struct ipv6_rt_hdr
*ip6_rthdr_dup(struct ipv6_rt_hdr
*src
,
1172 return src
? kmemdup(src
, (src
->hdrlen
+ 1) * 8, gfp
) : NULL
;
1175 int ip6_append_data(struct sock
*sk
, int getfrag(void *from
, char *to
,
1176 int offset
, int len
, int odd
, struct sk_buff
*skb
),
1177 void *from
, int length
, int transhdrlen
,
1178 int hlimit
, int tclass
, struct ipv6_txoptions
*opt
, struct flowi6
*fl6
,
1179 struct rt6_info
*rt
, unsigned int flags
, int dontfrag
)
1181 struct inet_sock
*inet
= inet_sk(sk
);
1182 struct ipv6_pinfo
*np
= inet6_sk(sk
);
1183 struct inet_cork
*cork
;
1184 struct sk_buff
*skb
;
1185 unsigned int maxfraglen
, fragheaderlen
;
1192 int csummode
= CHECKSUM_NONE
;
1195 if (flags
&MSG_PROBE
)
1197 cork
= &inet
->cork
.base
;
1198 if (skb_queue_empty(&sk
->sk_write_queue
)) {
1203 if (WARN_ON(np
->cork
.opt
))
1206 np
->cork
.opt
= kmalloc(opt
->tot_len
, sk
->sk_allocation
);
1207 if (unlikely(np
->cork
.opt
== NULL
))
1210 np
->cork
.opt
->tot_len
= opt
->tot_len
;
1211 np
->cork
.opt
->opt_flen
= opt
->opt_flen
;
1212 np
->cork
.opt
->opt_nflen
= opt
->opt_nflen
;
1214 np
->cork
.opt
->dst0opt
= ip6_opt_dup(opt
->dst0opt
,
1216 if (opt
->dst0opt
&& !np
->cork
.opt
->dst0opt
)
1219 np
->cork
.opt
->dst1opt
= ip6_opt_dup(opt
->dst1opt
,
1221 if (opt
->dst1opt
&& !np
->cork
.opt
->dst1opt
)
1224 np
->cork
.opt
->hopopt
= ip6_opt_dup(opt
->hopopt
,
1226 if (opt
->hopopt
&& !np
->cork
.opt
->hopopt
)
1229 np
->cork
.opt
->srcrt
= ip6_rthdr_dup(opt
->srcrt
,
1231 if (opt
->srcrt
&& !np
->cork
.opt
->srcrt
)
1234 /* need source address above miyazawa*/
1237 cork
->dst
= &rt
->dst
;
1238 inet
->cork
.fl
.u
.ip6
= *fl6
;
1239 np
->cork
.hop_limit
= hlimit
;
1240 np
->cork
.tclass
= tclass
;
1241 mtu
= np
->pmtudisc
== IPV6_PMTUDISC_PROBE
?
1242 rt
->dst
.dev
->mtu
: dst_mtu(rt
->dst
.path
);
1243 if (np
->frag_size
< mtu
) {
1245 mtu
= np
->frag_size
;
1247 cork
->fragsize
= mtu
;
1248 if (dst_allfrag(rt
->dst
.path
))
1249 cork
->flags
|= IPCORK_ALLFRAG
;
1251 sk
->sk_sndmsg_page
= NULL
;
1252 sk
->sk_sndmsg_off
= 0;
1253 exthdrlen
= rt
->dst
.header_len
+ (opt
? opt
->opt_flen
: 0) -
1254 rt
->rt6i_nfheader_len
;
1255 length
+= exthdrlen
;
1256 transhdrlen
+= exthdrlen
;
1258 rt
= (struct rt6_info
*)cork
->dst
;
1259 fl6
= &inet
->cork
.fl
.u
.ip6
;
1263 mtu
= cork
->fragsize
;
1266 hh_len
= LL_RESERVED_SPACE(rt
->dst
.dev
);
1268 fragheaderlen
= sizeof(struct ipv6hdr
) + rt
->rt6i_nfheader_len
+
1269 (opt
? opt
->opt_nflen
: 0);
1270 maxfraglen
= ((mtu
- fragheaderlen
) & ~7) + fragheaderlen
- sizeof(struct frag_hdr
);
1272 if (mtu
<= sizeof(struct ipv6hdr
) + IPV6_MAXPLEN
) {
1273 if (cork
->length
+ length
> sizeof(struct ipv6hdr
) + IPV6_MAXPLEN
- fragheaderlen
) {
1274 ipv6_local_error(sk
, EMSGSIZE
, fl6
, mtu
-exthdrlen
);
1279 /* For UDP, check if TX timestamp is enabled */
1280 if (sk
->sk_type
== SOCK_DGRAM
) {
1281 err
= sock_tx_timestamp(sk
, &tx_flags
);
1287 * Let's try using as much space as possible.
1288 * Use MTU if total length of the message fits into the MTU.
1289 * Otherwise, we need to reserve fragment header and
1290 * fragment alignment (= 8-15 octects, in total).
1292 * Note that we may need to "move" the data from the tail of
1293 * of the buffer to the new fragment when we split
1296 * FIXME: It may be fragmented into multiple chunks
1297 * at once if non-fragmentable extension headers
1302 cork
->length
+= length
;
1304 int proto
= sk
->sk_protocol
;
1305 if (dontfrag
&& (proto
== IPPROTO_UDP
|| proto
== IPPROTO_RAW
)){
1306 ipv6_local_rxpmtu(sk
, fl6
, mtu
-exthdrlen
);
1310 if (proto
== IPPROTO_UDP
&&
1311 (rt
->dst
.dev
->features
& NETIF_F_UFO
)) {
1313 err
= ip6_ufo_append_data(sk
, getfrag
, from
, length
,
1314 hh_len
, fragheaderlen
,
1315 transhdrlen
, mtu
, flags
, rt
);
1322 if ((skb
= skb_peek_tail(&sk
->sk_write_queue
)) == NULL
)
1325 while (length
> 0) {
1326 /* Check if the remaining data fits into current packet. */
1327 copy
= (cork
->length
<= mtu
&& !(cork
->flags
& IPCORK_ALLFRAG
) ? mtu
: maxfraglen
) - skb
->len
;
1329 copy
= maxfraglen
- skb
->len
;
1333 unsigned int datalen
;
1334 unsigned int fraglen
;
1335 unsigned int fraggap
;
1336 unsigned int alloclen
;
1337 struct sk_buff
*skb_prev
;
1341 /* There's no room in the current skb */
1343 fraggap
= skb_prev
->len
- maxfraglen
;
1348 * If remaining data exceeds the mtu,
1349 * we know we need more fragment(s).
1351 datalen
= length
+ fraggap
;
1352 if (datalen
> (cork
->length
<= mtu
&& !(cork
->flags
& IPCORK_ALLFRAG
) ? mtu
: maxfraglen
) - fragheaderlen
)
1353 datalen
= maxfraglen
- fragheaderlen
;
1355 fraglen
= datalen
+ fragheaderlen
;
1356 if ((flags
& MSG_MORE
) &&
1357 !(rt
->dst
.dev
->features
&NETIF_F_SG
))
1360 alloclen
= datalen
+ fragheaderlen
;
1363 * The last fragment gets additional space at tail.
1364 * Note: we overallocate on fragments with MSG_MODE
1365 * because we have no idea if we're the last one.
1367 if (datalen
== length
+ fraggap
)
1368 alloclen
+= rt
->dst
.trailer_len
;
1371 * We just reserve space for fragment header.
1372 * Note: this may be overallocation if the message
1373 * (without MSG_MORE) fits into the MTU.
1375 alloclen
+= sizeof(struct frag_hdr
);
1378 skb
= sock_alloc_send_skb(sk
,
1380 (flags
& MSG_DONTWAIT
), &err
);
1383 if (atomic_read(&sk
->sk_wmem_alloc
) <=
1385 skb
= sock_wmalloc(sk
,
1386 alloclen
+ hh_len
, 1,
1388 if (unlikely(skb
== NULL
))
1391 /* Only the initial fragment
1400 * Fill in the control structures
1402 skb
->ip_summed
= csummode
;
1404 /* reserve for fragmentation */
1405 skb_reserve(skb
, hh_len
+sizeof(struct frag_hdr
));
1407 if (sk
->sk_type
== SOCK_DGRAM
)
1408 skb_shinfo(skb
)->tx_flags
= tx_flags
;
1411 * Find where to start putting bytes
1413 data
= skb_put(skb
, fraglen
);
1414 skb_set_network_header(skb
, exthdrlen
);
1415 data
+= fragheaderlen
;
1416 skb
->transport_header
= (skb
->network_header
+
1419 skb
->csum
= skb_copy_and_csum_bits(
1420 skb_prev
, maxfraglen
,
1421 data
+ transhdrlen
, fraggap
, 0);
1422 skb_prev
->csum
= csum_sub(skb_prev
->csum
,
1425 pskb_trim_unique(skb_prev
, maxfraglen
);
1427 copy
= datalen
- transhdrlen
- fraggap
;
1432 } else if (copy
> 0 && getfrag(from
, data
+ transhdrlen
, offset
, copy
, fraggap
, skb
) < 0) {
1439 length
-= datalen
- fraggap
;
1442 csummode
= CHECKSUM_NONE
;
1445 * Put the packet on the pending queue
1447 __skb_queue_tail(&sk
->sk_write_queue
, skb
);
1454 if (!(rt
->dst
.dev
->features
&NETIF_F_SG
)) {
1458 if (getfrag(from
, skb_put(skb
, copy
),
1459 offset
, copy
, off
, skb
) < 0) {
1460 __skb_trim(skb
, off
);
1465 int i
= skb_shinfo(skb
)->nr_frags
;
1466 skb_frag_t
*frag
= &skb_shinfo(skb
)->frags
[i
-1];
1467 struct page
*page
= sk
->sk_sndmsg_page
;
1468 int off
= sk
->sk_sndmsg_off
;
1471 if (page
&& (left
= PAGE_SIZE
- off
) > 0) {
1474 if (page
!= frag
->page
) {
1475 if (i
== MAX_SKB_FRAGS
) {
1480 skb_fill_page_desc(skb
, i
, page
, sk
->sk_sndmsg_off
, 0);
1481 frag
= &skb_shinfo(skb
)->frags
[i
];
1483 } else if(i
< MAX_SKB_FRAGS
) {
1484 if (copy
> PAGE_SIZE
)
1486 page
= alloc_pages(sk
->sk_allocation
, 0);
1491 sk
->sk_sndmsg_page
= page
;
1492 sk
->sk_sndmsg_off
= 0;
1494 skb_fill_page_desc(skb
, i
, page
, 0, 0);
1495 frag
= &skb_shinfo(skb
)->frags
[i
];
1500 if (getfrag(from
, page_address(frag
->page
)+frag
->page_offset
+frag
->size
, offset
, copy
, skb
->len
, skb
) < 0) {
1504 sk
->sk_sndmsg_off
+= copy
;
1507 skb
->data_len
+= copy
;
1508 skb
->truesize
+= copy
;
1509 atomic_add(copy
, &sk
->sk_wmem_alloc
);
1516 cork
->length
-= length
;
1517 IP6_INC_STATS(sock_net(sk
), rt
->rt6i_idev
, IPSTATS_MIB_OUTDISCARDS
);
1521 static void ip6_cork_release(struct inet_sock
*inet
, struct ipv6_pinfo
*np
)
1524 kfree(np
->cork
.opt
->dst0opt
);
1525 kfree(np
->cork
.opt
->dst1opt
);
1526 kfree(np
->cork
.opt
->hopopt
);
1527 kfree(np
->cork
.opt
->srcrt
);
1528 kfree(np
->cork
.opt
);
1529 np
->cork
.opt
= NULL
;
1532 if (inet
->cork
.base
.dst
) {
1533 dst_release(inet
->cork
.base
.dst
);
1534 inet
->cork
.base
.dst
= NULL
;
1535 inet
->cork
.base
.flags
&= ~IPCORK_ALLFRAG
;
1537 memset(&inet
->cork
.fl
, 0, sizeof(inet
->cork
.fl
));
1540 int ip6_push_pending_frames(struct sock
*sk
)
1542 struct sk_buff
*skb
, *tmp_skb
;
1543 struct sk_buff
**tail_skb
;
1544 struct in6_addr final_dst_buf
, *final_dst
= &final_dst_buf
;
1545 struct inet_sock
*inet
= inet_sk(sk
);
1546 struct ipv6_pinfo
*np
= inet6_sk(sk
);
1547 struct net
*net
= sock_net(sk
);
1548 struct ipv6hdr
*hdr
;
1549 struct ipv6_txoptions
*opt
= np
->cork
.opt
;
1550 struct rt6_info
*rt
= (struct rt6_info
*)inet
->cork
.base
.dst
;
1551 struct flowi6
*fl6
= &inet
->cork
.fl
.u
.ip6
;
1552 unsigned char proto
= fl6
->flowi6_proto
;
1555 if ((skb
= __skb_dequeue(&sk
->sk_write_queue
)) == NULL
)
1557 tail_skb
= &(skb_shinfo(skb
)->frag_list
);
1559 /* move skb->data to ip header from ext header */
1560 if (skb
->data
< skb_network_header(skb
))
1561 __skb_pull(skb
, skb_network_offset(skb
));
1562 while ((tmp_skb
= __skb_dequeue(&sk
->sk_write_queue
)) != NULL
) {
1563 __skb_pull(tmp_skb
, skb_network_header_len(skb
));
1564 *tail_skb
= tmp_skb
;
1565 tail_skb
= &(tmp_skb
->next
);
1566 skb
->len
+= tmp_skb
->len
;
1567 skb
->data_len
+= tmp_skb
->len
;
1568 skb
->truesize
+= tmp_skb
->truesize
;
1569 tmp_skb
->destructor
= NULL
;
1573 /* Allow local fragmentation. */
1574 if (np
->pmtudisc
< IPV6_PMTUDISC_DO
)
1577 ipv6_addr_copy(final_dst
, &fl6
->daddr
);
1578 __skb_pull(skb
, skb_network_header_len(skb
));
1579 if (opt
&& opt
->opt_flen
)
1580 ipv6_push_frag_opts(skb
, opt
, &proto
);
1581 if (opt
&& opt
->opt_nflen
)
1582 ipv6_push_nfrag_opts(skb
, opt
, &proto
, &final_dst
);
1584 skb_push(skb
, sizeof(struct ipv6hdr
));
1585 skb_reset_network_header(skb
);
1586 hdr
= ipv6_hdr(skb
);
1588 *(__be32
*)hdr
= fl6
->flowlabel
|
1589 htonl(0x60000000 | ((int)np
->cork
.tclass
<< 20));
1591 hdr
->hop_limit
= np
->cork
.hop_limit
;
1592 hdr
->nexthdr
= proto
;
1593 ipv6_addr_copy(&hdr
->saddr
, &fl6
->saddr
);
1594 ipv6_addr_copy(&hdr
->daddr
, final_dst
);
1596 skb
->priority
= sk
->sk_priority
;
1597 skb
->mark
= sk
->sk_mark
;
1599 skb_dst_set(skb
, dst_clone(&rt
->dst
));
1600 IP6_UPD_PO_STATS(net
, rt
->rt6i_idev
, IPSTATS_MIB_OUT
, skb
->len
);
1601 if (proto
== IPPROTO_ICMPV6
) {
1602 struct inet6_dev
*idev
= ip6_dst_idev(skb_dst(skb
));
1604 ICMP6MSGOUT_INC_STATS_BH(net
, idev
, icmp6_hdr(skb
)->icmp6_type
);
1605 ICMP6_INC_STATS_BH(net
, idev
, ICMP6_MIB_OUTMSGS
);
1608 err
= ip6_local_out(skb
);
1611 err
= net_xmit_errno(err
);
1617 ip6_cork_release(inet
, np
);
1620 IP6_INC_STATS(net
, rt
->rt6i_idev
, IPSTATS_MIB_OUTDISCARDS
);
1624 void ip6_flush_pending_frames(struct sock
*sk
)
1626 struct sk_buff
*skb
;
1628 while ((skb
= __skb_dequeue_tail(&sk
->sk_write_queue
)) != NULL
) {
1630 IP6_INC_STATS(sock_net(sk
), ip6_dst_idev(skb_dst(skb
)),
1631 IPSTATS_MIB_OUTDISCARDS
);
1635 ip6_cork_release(inet_sk(sk
), inet6_sk(sk
));