projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge remote-tracking branch 'robh/for-next' into devicetree/next
[deliverable/linux.git] / net / ipv6 / ip6_output.c
1 /*
2 * IPv6 output functions
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * Based on linux/net/ipv4/ip_output.c
9 *
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version
13 * 2 of the License, or (at your option) any later version.
14 *
15 * Changes:
16 * A.N.Kuznetsov : airthmetics in fragmentation.
17 * extension headers are implemented.
18 * route changes now work.
19 * ip6_forward does not confuse sniffers.
20 * etc.
21 *
22 * H. von Brand : Added missing #include <linux/string.h>
23 * Imran Patel : frag id should be in NBO
24 * Kazunori MIYAZAWA @USAGI
25 * : add ip6_append_data and related functions
26 * for datagram xmit
27 */
28
29 #include <linux/errno.h>
30 #include <linux/kernel.h>
31 #include <linux/string.h>
32 #include <linux/socket.h>
33 #include <linux/net.h>
34 #include <linux/netdevice.h>
35 #include <linux/if_arp.h>
36 #include <linux/in6.h>
37 #include <linux/tcp.h>
38 #include <linux/route.h>
39 #include <linux/module.h>
40 #include <linux/slab.h>
41
42 #include <linux/netfilter.h>
43 #include <linux/netfilter_ipv6.h>
44
45 #include <net/sock.h>
46 #include <net/snmp.h>
47
48 #include <net/ipv6.h>
49 #include <net/ndisc.h>
50 #include <net/protocol.h>
51 #include <net/ip6_route.h>
52 #include <net/addrconf.h>
53 #include <net/rawv6.h>
54 #include <net/icmp.h>
55 #include <net/xfrm.h>
56 #include <net/checksum.h>
57 #include <linux/mroute6.h>
58
59 static int ip6_finish_output2(struct sock *sk, struct sk_buff *skb)
60 {
61 struct dst_entry *dst = skb_dst(skb);
62 struct net_device *dev = dst->dev;
63 struct neighbour *neigh;
64 struct in6_addr *nexthop;
65 int ret;
66
67 skb->protocol = htons(ETH_P_IPV6);
68 skb->dev = dev;
69
70 if (ipv6_addr_is_multicast(&ipv6_hdr(skb)->daddr)) {
71 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
72
73 if (!(dev->flags & IFF_LOOPBACK) && sk_mc_loop(sk) &&
74 ((mroute6_socket(dev_net(dev), skb) &&
75 !(IP6CB(skb)->flags & IP6SKB_FORWARDED)) ||
76 ipv6_chk_mcast_addr(dev, &ipv6_hdr(skb)->daddr,
77 &ipv6_hdr(skb)->saddr))) {
78 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
79
80 /* Do not check for IFF_ALLMULTI; multicast routing
81 is not supported in any case.
82 */
83 if (newskb)
84 NF_HOOK(NFPROTO_IPV6, NF_INET_POST_ROUTING,
85 sk, newskb, NULL, newskb->dev,
86 dev_loopback_xmit);
87
88 if (ipv6_hdr(skb)->hop_limit == 0) {
89 IP6_INC_STATS(dev_net(dev), idev,
90 IPSTATS_MIB_OUTDISCARDS);
91 kfree_skb(skb);
92 return 0;
93 }
94 }
95
96 IP6_UPD_PO_STATS(dev_net(dev), idev, IPSTATS_MIB_OUTMCAST,
97 skb->len);
98
99 if (IPV6_ADDR_MC_SCOPE(&ipv6_hdr(skb)->daddr) <=
100 IPV6_ADDR_SCOPE_NODELOCAL &&
101 !(dev->flags & IFF_LOOPBACK)) {
102 kfree_skb(skb);
103 return 0;
104 }
105 }
106
107 rcu_read_lock_bh();
108 nexthop = rt6_nexthop((struct rt6_info *)dst);
109 neigh = __ipv6_neigh_lookup_noref(dst->dev, nexthop);
110 if (unlikely(!neigh))
111 neigh = __neigh_create(&nd_tbl, nexthop, dst->dev, false);
112 if (!IS_ERR(neigh)) {
113 ret = dst_neigh_output(dst, neigh, skb);
114 rcu_read_unlock_bh();
115 return ret;
116 }
117 rcu_read_unlock_bh();
118
119 IP6_INC_STATS(dev_net(dst->dev),
120 ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);
121 kfree_skb(skb);
122 return -EINVAL;
123 }
124
125 static int ip6_finish_output(struct sock *sk, struct sk_buff *skb)
126 {
127 if ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) ||
128 dst_allfrag(skb_dst(skb)) ||
129 (IP6CB(skb)->frag_max_size && skb->len > IP6CB(skb)->frag_max_size))
130 return ip6_fragment(sk, skb, ip6_finish_output2);
131 else
132 return ip6_finish_output2(sk, skb);
133 }
134
135 int ip6_output(struct sock *sk, struct sk_buff *skb)
136 {
137 struct net_device *dev = skb_dst(skb)->dev;
138 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
139 if (unlikely(idev->cnf.disable_ipv6)) {
140 IP6_INC_STATS(dev_net(dev), idev,
141 IPSTATS_MIB_OUTDISCARDS);
142 kfree_skb(skb);
143 return 0;
144 }
145
146 return NF_HOOK_COND(NFPROTO_IPV6, NF_INET_POST_ROUTING, sk, skb,
147 NULL, dev,
148 ip6_finish_output,
149 !(IP6CB(skb)->flags & IP6SKB_REROUTED));
150 }
151
152 /*
153 * xmit an sk_buff (used by TCP, SCTP and DCCP)
154 */
155
156 int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi6 *fl6,
157 struct ipv6_txoptions *opt, int tclass)
158 {
159 struct net *net = sock_net(sk);
160 struct ipv6_pinfo *np = inet6_sk(sk);
161 struct in6_addr *first_hop = &fl6->daddr;
162 struct dst_entry *dst = skb_dst(skb);
163 struct ipv6hdr *hdr;
164 u8 proto = fl6->flowi6_proto;
165 int seg_len = skb->len;
166 int hlimit = -1;
167 u32 mtu;
168
169 if (opt) {
170 unsigned int head_room;
171
172 /* First: exthdrs may take lots of space (~8K for now)
173 MAX_HEADER is not enough.
174 */
175 head_room = opt->opt_nflen + opt->opt_flen;
176 seg_len += head_room;
177 head_room += sizeof(struct ipv6hdr) + LL_RESERVED_SPACE(dst->dev);
178
179 if (skb_headroom(skb) < head_room) {
180 struct sk_buff *skb2 = skb_realloc_headroom(skb, head_room);
181 if (!skb2) {
182 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
183 IPSTATS_MIB_OUTDISCARDS);
184 kfree_skb(skb);
185 return -ENOBUFS;
186 }
187 consume_skb(skb);
188 skb = skb2;
189 skb_set_owner_w(skb, sk);
190 }
191 if (opt->opt_flen)
192 ipv6_push_frag_opts(skb, opt, &proto);
193 if (opt->opt_nflen)
194 ipv6_push_nfrag_opts(skb, opt, &proto, &first_hop);
195 }
196
197 skb_push(skb, sizeof(struct ipv6hdr));
198 skb_reset_network_header(skb);
199 hdr = ipv6_hdr(skb);
200
201 /*
202 * Fill in the IPv6 header
203 */
204 if (np)
205 hlimit = np->hop_limit;
206 if (hlimit < 0)
207 hlimit = ip6_dst_hoplimit(dst);
208
209 ip6_flow_hdr(hdr, tclass, ip6_make_flowlabel(net, skb, fl6->flowlabel,
210 np->autoflowlabel));
211
212 hdr->payload_len = htons(seg_len);
213 hdr->nexthdr = proto;
214 hdr->hop_limit = hlimit;
215
216 hdr->saddr = fl6->saddr;
217 hdr->daddr = *first_hop;
218
219 skb->protocol = htons(ETH_P_IPV6);
220 skb->priority = sk->sk_priority;
221 skb->mark = sk->sk_mark;
222
223 mtu = dst_mtu(dst);
224 if ((skb->len <= mtu) || skb->ignore_df || skb_is_gso(skb)) {
225 IP6_UPD_PO_STATS(net, ip6_dst_idev(skb_dst(skb)),
226 IPSTATS_MIB_OUT, skb->len);
227 return NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, sk, skb,
228 NULL, dst->dev, dst_output_sk);
229 }
230
231 skb->dev = dst->dev;
232 ipv6_local_error(sk, EMSGSIZE, fl6, mtu);
233 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), IPSTATS_MIB_FRAGFAILS);
234 kfree_skb(skb);
235 return -EMSGSIZE;
236 }
237 EXPORT_SYMBOL(ip6_xmit);
238
239 static int ip6_call_ra_chain(struct sk_buff *skb, int sel)
240 {
241 struct ip6_ra_chain *ra;
242 struct sock *last = NULL;
243
244 read_lock(&ip6_ra_lock);
245 for (ra = ip6_ra_chain; ra; ra = ra->next) {
246 struct sock *sk = ra->sk;
247 if (sk && ra->sel == sel &&
248 (!sk->sk_bound_dev_if ||
249 sk->sk_bound_dev_if == skb->dev->ifindex)) {
250 if (last) {
251 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
252 if (skb2)
253 rawv6_rcv(last, skb2);
254 }
255 last = sk;
256 }
257 }
258
259 if (last) {
260 rawv6_rcv(last, skb);
261 read_unlock(&ip6_ra_lock);
262 return 1;
263 }
264 read_unlock(&ip6_ra_lock);
265 return 0;
266 }
267
268 static int ip6_forward_proxy_check(struct sk_buff *skb)
269 {
270 struct ipv6hdr *hdr = ipv6_hdr(skb);
271 u8 nexthdr = hdr->nexthdr;
272 __be16 frag_off;
273 int offset;
274
275 if (ipv6_ext_hdr(nexthdr)) {
276 offset = ipv6_skip_exthdr(skb, sizeof(*hdr), &nexthdr, &frag_off);
277 if (offset < 0)
278 return 0;
279 } else
280 offset = sizeof(struct ipv6hdr);
281
282 if (nexthdr == IPPROTO_ICMPV6) {
283 struct icmp6hdr *icmp6;
284
285 if (!pskb_may_pull(skb, (skb_network_header(skb) +
286 offset + 1 - skb->data)))
287 return 0;
288
289 icmp6 = (struct icmp6hdr *)(skb_network_header(skb) + offset);
290
291 switch (icmp6->icmp6_type) {
292 case NDISC_ROUTER_SOLICITATION:
293 case NDISC_ROUTER_ADVERTISEMENT:
294 case NDISC_NEIGHBOUR_SOLICITATION:
295 case NDISC_NEIGHBOUR_ADVERTISEMENT:
296 case NDISC_REDIRECT:
297 /* For reaction involving unicast neighbor discovery
298 * message destined to the proxied address, pass it to
299 * input function.
300 */
301 return 1;
302 default:
303 break;
304 }
305 }
306
307 /*
308 * The proxying router can't forward traffic sent to a link-local
309 * address, so signal the sender and discard the packet. This
310 * behavior is clarified by the MIPv6 specification.
311 */
312 if (ipv6_addr_type(&hdr->daddr) & IPV6_ADDR_LINKLOCAL) {
313 dst_link_failure(skb);
314 return -1;
315 }
316
317 return 0;
318 }
319
320 static inline int ip6_forward_finish(struct sock *sk, struct sk_buff *skb)
321 {
322 skb_sender_cpu_clear(skb);
323 return dst_output_sk(sk, skb);
324 }
325
326 static unsigned int ip6_dst_mtu_forward(const struct dst_entry *dst)
327 {
328 unsigned int mtu;
329 struct inet6_dev *idev;
330
331 if (dst_metric_locked(dst, RTAX_MTU)) {
332 mtu = dst_metric_raw(dst, RTAX_MTU);
333 if (mtu)
334 return mtu;
335 }
336
337 mtu = IPV6_MIN_MTU;
338 rcu_read_lock();
339 idev = __in6_dev_get(dst->dev);
340 if (idev)
341 mtu = idev->cnf.mtu6;
342 rcu_read_unlock();
343
344 return mtu;
345 }
346
347 static bool ip6_pkt_too_big(const struct sk_buff *skb, unsigned int mtu)
348 {
349 if (skb->len <= mtu)
350 return false;
351
352 /* ipv6 conntrack defrag sets max_frag_size + ignore_df */
353 if (IP6CB(skb)->frag_max_size && IP6CB(skb)->frag_max_size > mtu)
354 return true;
355
356 if (skb->ignore_df)
357 return false;
358
359 if (skb_is_gso(skb) && skb_gso_network_seglen(skb) <= mtu)
360 return false;
361
362 return true;
363 }
364
365 int ip6_forward(struct sk_buff *skb)
366 {
367 struct dst_entry *dst = skb_dst(skb);
368 struct ipv6hdr *hdr = ipv6_hdr(skb);
369 struct inet6_skb_parm *opt = IP6CB(skb);
370 struct net *net = dev_net(dst->dev);
371 u32 mtu;
372
373 if (net->ipv6.devconf_all->forwarding == 0)
374 goto error;
375
376 if (skb->pkt_type != PACKET_HOST)
377 goto drop;
378
379 if (skb_warn_if_lro(skb))
380 goto drop;
381
382 if (!xfrm6_policy_check(NULL, XFRM_POLICY_FWD, skb)) {
383 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
384 IPSTATS_MIB_INDISCARDS);
385 goto drop;
386 }
387
388 skb_forward_csum(skb);
389
390 /*
391 * We DO NOT make any processing on
392 * RA packets, pushing them to user level AS IS
393 * without ane WARRANTY that application will be able
394 * to interpret them. The reason is that we
395 * cannot make anything clever here.
396 *
397 * We are not end-node, so that if packet contains
398 * AH/ESP, we cannot make anything.
399 * Defragmentation also would be mistake, RA packets
400 * cannot be fragmented, because there is no warranty
401 * that different fragments will go along one path. --ANK
402 */
403 if (unlikely(opt->flags & IP6SKB_ROUTERALERT)) {
404 if (ip6_call_ra_chain(skb, ntohs(opt->ra)))
405 return 0;
406 }
407
408 /*
409 * check and decrement ttl
410 */
411 if (hdr->hop_limit <= 1) {
412 /* Force OUTPUT device used as source address */
413 skb->dev = dst->dev;
414 icmpv6_send(skb, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT, 0);
415 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
416 IPSTATS_MIB_INHDRERRORS);
417
418 kfree_skb(skb);
419 return -ETIMEDOUT;
420 }
421
422 /* XXX: idev->cnf.proxy_ndp? */
423 if (net->ipv6.devconf_all->proxy_ndp &&
424 pneigh_lookup(&nd_tbl, net, &hdr->daddr, skb->dev, 0)) {
425 int proxied = ip6_forward_proxy_check(skb);
426 if (proxied > 0)
427 return ip6_input(skb);
428 else if (proxied < 0) {
429 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
430 IPSTATS_MIB_INDISCARDS);
431 goto drop;
432 }
433 }
434
435 if (!xfrm6_route_forward(skb)) {
436 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
437 IPSTATS_MIB_INDISCARDS);
438 goto drop;
439 }
440 dst = skb_dst(skb);
441
442 /* IPv6 specs say nothing about it, but it is clear that we cannot
443 send redirects to source routed frames.
444 We don't send redirects to frames decapsulated from IPsec.
445 */
446 if (skb->dev == dst->dev && opt->srcrt == 0 && !skb_sec_path(skb)) {
447 struct in6_addr *target = NULL;
448 struct inet_peer *peer;
449 struct rt6_info *rt;
450
451 /*
452 * incoming and outgoing devices are the same
453 * send a redirect.
454 */
455
456 rt = (struct rt6_info *) dst;
457 if (rt->rt6i_flags & RTF_GATEWAY)
458 target = &rt->rt6i_gateway;
459 else
460 target = &hdr->daddr;
461
462 peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
463
464 /* Limit redirects both by destination (here)
465 and by source (inside ndisc_send_redirect)
466 */
467 if (inet_peer_xrlim_allow(peer, 1*HZ))
468 ndisc_send_redirect(skb, target);
469 if (peer)
470 inet_putpeer(peer);
471 } else {
472 int addrtype = ipv6_addr_type(&hdr->saddr);
473
474 /* This check is security critical. */
475 if (addrtype == IPV6_ADDR_ANY ||
476 addrtype & (IPV6_ADDR_MULTICAST | IPV6_ADDR_LOOPBACK))
477 goto error;
478 if (addrtype & IPV6_ADDR_LINKLOCAL) {
479 icmpv6_send(skb, ICMPV6_DEST_UNREACH,
480 ICMPV6_NOT_NEIGHBOUR, 0);
481 goto error;
482 }
483 }
484
485 mtu = ip6_dst_mtu_forward(dst);
486 if (mtu < IPV6_MIN_MTU)
487 mtu = IPV6_MIN_MTU;
488
489 if (ip6_pkt_too_big(skb, mtu)) {
490 /* Again, force OUTPUT device used as source address */
491 skb->dev = dst->dev;
492 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
493 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
494 IPSTATS_MIB_INTOOBIGERRORS);
495 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
496 IPSTATS_MIB_FRAGFAILS);
497 kfree_skb(skb);
498 return -EMSGSIZE;
499 }
500
501 if (skb_cow(skb, dst->dev->hard_header_len)) {
502 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
503 IPSTATS_MIB_OUTDISCARDS);
504 goto drop;
505 }
506
507 hdr = ipv6_hdr(skb);
508
509 /* Mangling hops number delayed to point after skb COW */
510
511 hdr->hop_limit--;
512
513 IP6_INC_STATS_BH(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTFORWDATAGRAMS);
514 IP6_ADD_STATS_BH(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTOCTETS, skb->len);
515 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD, NULL, skb,
516 skb->dev, dst->dev,
517 ip6_forward_finish);
518
519 error:
520 IP6_INC_STATS_BH(net, ip6_dst_idev(dst), IPSTATS_MIB_INADDRERRORS);
521 drop:
522 kfree_skb(skb);
523 return -EINVAL;
524 }
525
526 static void ip6_copy_metadata(struct sk_buff *to, struct sk_buff *from)
527 {
528 to->pkt_type = from->pkt_type;
529 to->priority = from->priority;
530 to->protocol = from->protocol;
531 skb_dst_drop(to);
532 skb_dst_set(to, dst_clone(skb_dst(from)));
533 to->dev = from->dev;
534 to->mark = from->mark;
535
536 #ifdef CONFIG_NET_SCHED
537 to->tc_index = from->tc_index;
538 #endif
539 nf_copy(to, from);
540 skb_copy_secmark(to, from);
541 }
542
543 int ip6_fragment(struct sock *sk, struct sk_buff *skb,
544 int (*output)(struct sock *, struct sk_buff *))
545 {
546 struct sk_buff *frag;
547 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
548 struct ipv6_pinfo *np = skb->sk && !dev_recursion_level() ?
549 inet6_sk(skb->sk) : NULL;
550 struct ipv6hdr *tmp_hdr;
551 struct frag_hdr *fh;
552 unsigned int mtu, hlen, left, len;
553 int hroom, troom;
554 __be32 frag_id = 0;
555 int ptr, offset = 0, err = 0;
556 u8 *prevhdr, nexthdr = 0;
557 struct net *net = dev_net(skb_dst(skb)->dev);
558
559 hlen = ip6_find_1stfragopt(skb, &prevhdr);
560 nexthdr = *prevhdr;
561
562 mtu = ip6_skb_dst_mtu(skb);
563
564 /* We must not fragment if the socket is set to force MTU discovery
565 * or if the skb it not generated by a local socket.
566 */
567 if (unlikely(!skb->ignore_df && skb->len > mtu) ||
568 (IP6CB(skb)->frag_max_size &&
569 IP6CB(skb)->frag_max_size > mtu)) {
570 if (skb->sk && dst_allfrag(skb_dst(skb)))
571 sk_nocaps_add(skb->sk, NETIF_F_GSO_MASK);
572
573 skb->dev = skb_dst(skb)->dev;
574 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
575 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
576 IPSTATS_MIB_FRAGFAILS);
577 kfree_skb(skb);
578 return -EMSGSIZE;
579 }
580
581 if (np && np->frag_size < mtu) {
582 if (np->frag_size)
583 mtu = np->frag_size;
584 }
585 mtu -= hlen + sizeof(struct frag_hdr);
586
587 if (skb_has_frag_list(skb)) {
588 int first_len = skb_pagelen(skb);
589 struct sk_buff *frag2;
590
591 if (first_len - hlen > mtu ||
592 ((first_len - hlen) & 7) ||
593 skb_cloned(skb))
594 goto slow_path;
595
596 skb_walk_frags(skb, frag) {
597 /* Correct geometry. */
598 if (frag->len > mtu ||
599 ((frag->len & 7) && frag->next) ||
600 skb_headroom(frag) < hlen)
601 goto slow_path_clean;
602
603 /* Partially cloned skb? */
604 if (skb_shared(frag))
605 goto slow_path_clean;
606
607 BUG_ON(frag->sk);
608 if (skb->sk) {
609 frag->sk = skb->sk;
610 frag->destructor = sock_wfree;
611 }
612 skb->truesize -= frag->truesize;
613 }
614
615 err = 0;
616 offset = 0;
617 frag = skb_shinfo(skb)->frag_list;
618 skb_frag_list_init(skb);
619 /* BUILD HEADER */
620
621 *prevhdr = NEXTHDR_FRAGMENT;
622 tmp_hdr = kmemdup(skb_network_header(skb), hlen, GFP_ATOMIC);
623 if (!tmp_hdr) {
624 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
625 IPSTATS_MIB_FRAGFAILS);
626 return -ENOMEM;
627 }
628
629 __skb_pull(skb, hlen);
630 fh = (struct frag_hdr *)__skb_push(skb, sizeof(struct frag_hdr));
631 __skb_push(skb, hlen);
632 skb_reset_network_header(skb);
633 memcpy(skb_network_header(skb), tmp_hdr, hlen);
634
635 ipv6_select_ident(net, fh, rt);
636 fh->nexthdr = nexthdr;
637 fh->reserved = 0;
638 fh->frag_off = htons(IP6_MF);
639 frag_id = fh->identification;
640
641 first_len = skb_pagelen(skb);
642 skb->data_len = first_len - skb_headlen(skb);
643 skb->len = first_len;
644 ipv6_hdr(skb)->payload_len = htons(first_len -
645 sizeof(struct ipv6hdr));
646
647 dst_hold(&rt->dst);
648
649 for (;;) {
650 /* Prepare header of the next frame,
651 * before previous one went down. */
652 if (frag) {
653 frag->ip_summed = CHECKSUM_NONE;
654 skb_reset_transport_header(frag);
655 fh = (struct frag_hdr *)__skb_push(frag, sizeof(struct frag_hdr));
656 __skb_push(frag, hlen);
657 skb_reset_network_header(frag);
658 memcpy(skb_network_header(frag), tmp_hdr,
659 hlen);
660 offset += skb->len - hlen - sizeof(struct frag_hdr);
661 fh->nexthdr = nexthdr;
662 fh->reserved = 0;
663 fh->frag_off = htons(offset);
664 if (frag->next)
665 fh->frag_off |= htons(IP6_MF);
666 fh->identification = frag_id;
667 ipv6_hdr(frag)->payload_len =
668 htons(frag->len -
669 sizeof(struct ipv6hdr));
670 ip6_copy_metadata(frag, skb);
671 }
672
673 err = output(sk, skb);
674 if (!err)
675 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
676 IPSTATS_MIB_FRAGCREATES);
677
678 if (err || !frag)
679 break;
680
681 skb = frag;
682 frag = skb->next;
683 skb->next = NULL;
684 }
685
686 kfree(tmp_hdr);
687
688 if (err == 0) {
689 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
690 IPSTATS_MIB_FRAGOKS);
691 ip6_rt_put(rt);
692 return 0;
693 }
694
695 kfree_skb_list(frag);
696
697 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
698 IPSTATS_MIB_FRAGFAILS);
699 ip6_rt_put(rt);
700 return err;
701
702 slow_path_clean:
703 skb_walk_frags(skb, frag2) {
704 if (frag2 == frag)
705 break;
706 frag2->sk = NULL;
707 frag2->destructor = NULL;
708 skb->truesize += frag2->truesize;
709 }
710 }
711
712 slow_path:
713 if ((skb->ip_summed == CHECKSUM_PARTIAL) &&
714 skb_checksum_help(skb))
715 goto fail;
716
717 left = skb->len - hlen; /* Space per frame */
718 ptr = hlen; /* Where to start from */
719
720 /*
721 * Fragment the datagram.
722 */
723
724 *prevhdr = NEXTHDR_FRAGMENT;
725 hroom = LL_RESERVED_SPACE(rt->dst.dev);
726 troom = rt->dst.dev->needed_tailroom;
727
728 /*
729 * Keep copying data until we run out.
730 */
731 while (left > 0) {
732 len = left;
733 /* IF: it doesn't fit, use 'mtu' - the data space left */
734 if (len > mtu)
735 len = mtu;
736 /* IF: we are not sending up to and including the packet end
737 then align the next start on an eight byte boundary */
738 if (len < left) {
739 len &= ~7;
740 }
741
742 /* Allocate buffer */
743 frag = alloc_skb(len + hlen + sizeof(struct frag_hdr) +
744 hroom + troom, GFP_ATOMIC);
745 if (!frag) {
746 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
747 IPSTATS_MIB_FRAGFAILS);
748 err = -ENOMEM;
749 goto fail;
750 }
751
752 /*
753 * Set up data on packet
754 */
755
756 ip6_copy_metadata(frag, skb);
757 skb_reserve(frag, hroom);
758 skb_put(frag, len + hlen + sizeof(struct frag_hdr));
759 skb_reset_network_header(frag);
760 fh = (struct frag_hdr *)(skb_network_header(frag) + hlen);
761 frag->transport_header = (frag->network_header + hlen +
762 sizeof(struct frag_hdr));
763
764 /*
765 * Charge the memory for the fragment to any owner
766 * it might possess
767 */
768 if (skb->sk)
769 skb_set_owner_w(frag, skb->sk);
770
771 /*
772 * Copy the packet header into the new buffer.
773 */
774 skb_copy_from_linear_data(skb, skb_network_header(frag), hlen);
775
776 /*
777 * Build fragment header.
778 */
779 fh->nexthdr = nexthdr;
780 fh->reserved = 0;
781 if (!frag_id) {
782 ipv6_select_ident(net, fh, rt);
783 frag_id = fh->identification;
784 } else
785 fh->identification = frag_id;
786
787 /*
788 * Copy a block of the IP datagram.
789 */
790 BUG_ON(skb_copy_bits(skb, ptr, skb_transport_header(frag),
791 len));
792 left -= len;
793
794 fh->frag_off = htons(offset);
795 if (left > 0)
796 fh->frag_off |= htons(IP6_MF);
797 ipv6_hdr(frag)->payload_len = htons(frag->len -
798 sizeof(struct ipv6hdr));
799
800 ptr += len;
801 offset += len;
802
803 /*
804 * Put this fragment into the sending queue.
805 */
806 err = output(sk, frag);
807 if (err)
808 goto fail;
809
810 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
811 IPSTATS_MIB_FRAGCREATES);
812 }
813 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
814 IPSTATS_MIB_FRAGOKS);
815 consume_skb(skb);
816 return err;
817
818 fail:
819 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
820 IPSTATS_MIB_FRAGFAILS);
821 kfree_skb(skb);
822 return err;
823 }
824
825 static inline int ip6_rt_check(const struct rt6key *rt_key,
826 const struct in6_addr *fl_addr,
827 const struct in6_addr *addr_cache)
828 {
829 return (rt_key->plen != 128 || !ipv6_addr_equal(fl_addr, &rt_key->addr)) &&
830 (!addr_cache || !ipv6_addr_equal(fl_addr, addr_cache));
831 }
832
833 static struct dst_entry *ip6_sk_dst_check(struct sock *sk,
834 struct dst_entry *dst,
835 const struct flowi6 *fl6)
836 {
837 struct ipv6_pinfo *np = inet6_sk(sk);
838 struct rt6_info *rt;
839
840 if (!dst)
841 goto out;
842
843 if (dst->ops->family != AF_INET6) {
844 dst_release(dst);
845 return NULL;
846 }
847
848 rt = (struct rt6_info *)dst;
849 /* Yes, checking route validity in not connected
850 * case is not very simple. Take into account,
851 * that we do not support routing by source, TOS,
852 * and MSG_DONTROUTE --ANK (980726)
853 *
854 * 1. ip6_rt_check(): If route was host route,
855 * check that cached destination is current.
856 * If it is network route, we still may
857 * check its validity using saved pointer
858 * to the last used address: daddr_cache.
859 * We do not want to save whole address now,
860 * (because main consumer of this service
861 * is tcp, which has not this problem),
862 * so that the last trick works only on connected
863 * sockets.
864 * 2. oif also should be the same.
865 */
866 if (ip6_rt_check(&rt->rt6i_dst, &fl6->daddr, np->daddr_cache) ||
867 #ifdef CONFIG_IPV6_SUBTREES
868 ip6_rt_check(&rt->rt6i_src, &fl6->saddr, np->saddr_cache) ||
869 #endif
870 (fl6->flowi6_oif && fl6->flowi6_oif != dst->dev->ifindex)) {
871 dst_release(dst);
872 dst = NULL;
873 }
874
875 out:
876 return dst;
877 }
878
879 static int ip6_dst_lookup_tail(struct sock *sk,
880 struct dst_entry **dst, struct flowi6 *fl6)
881 {
882 struct net *net = sock_net(sk);
883 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
884 struct neighbour *n;
885 struct rt6_info *rt;
886 #endif
887 int err;
888
889 /* The correct way to handle this would be to do
890 * ip6_route_get_saddr, and then ip6_route_output; however,
891 * the route-specific preferred source forces the
892 * ip6_route_output call _before_ ip6_route_get_saddr.
893 *
894 * In source specific routing (no src=any default route),
895 * ip6_route_output will fail given src=any saddr, though, so
896 * that's why we try it again later.
897 */
898 if (ipv6_addr_any(&fl6->saddr) && (!*dst || !(*dst)->error)) {
899 struct rt6_info *rt;
900 bool had_dst = *dst != NULL;
901
902 if (!had_dst)
903 *dst = ip6_route_output(net, sk, fl6);
904 rt = (*dst)->error ? NULL : (struct rt6_info *)*dst;
905 err = ip6_route_get_saddr(net, rt, &fl6->daddr,
906 sk ? inet6_sk(sk)->srcprefs : 0,
907 &fl6->saddr);
908 if (err)
909 goto out_err_release;
910
911 /* If we had an erroneous initial result, pretend it
912 * never existed and let the SA-enabled version take
913 * over.
914 */
915 if (!had_dst && (*dst)->error) {
916 dst_release(*dst);
917 *dst = NULL;
918 }
919 }
920
921 if (!*dst)
922 *dst = ip6_route_output(net, sk, fl6);
923
924 err = (*dst)->error;
925 if (err)
926 goto out_err_release;
927
928 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
929 /*
930 * Here if the dst entry we've looked up
931 * has a neighbour entry that is in the INCOMPLETE
932 * state and the src address from the flow is
933 * marked as OPTIMISTIC, we release the found
934 * dst entry and replace it instead with the
935 * dst entry of the nexthop router
936 */
937 rt = (struct rt6_info *) *dst;
938 rcu_read_lock_bh();
939 n = __ipv6_neigh_lookup_noref(rt->dst.dev, rt6_nexthop(rt));
940 err = n && !(n->nud_state & NUD_VALID) ? -EINVAL : 0;
941 rcu_read_unlock_bh();
942
943 if (err) {
944 struct inet6_ifaddr *ifp;
945 struct flowi6 fl_gw6;
946 int redirect;
947
948 ifp = ipv6_get_ifaddr(net, &fl6->saddr,
949 (*dst)->dev, 1);
950
951 redirect = (ifp && ifp->flags & IFA_F_OPTIMISTIC);
952 if (ifp)
953 in6_ifa_put(ifp);
954
955 if (redirect) {
956 /*
957 * We need to get the dst entry for the
958 * default router instead
959 */
960 dst_release(*dst);
961 memcpy(&fl_gw6, fl6, sizeof(struct flowi6));
962 memset(&fl_gw6.daddr, 0, sizeof(struct in6_addr));
963 *dst = ip6_route_output(net, sk, &fl_gw6);
964 err = (*dst)->error;
965 if (err)
966 goto out_err_release;
967 }
968 }
969 #endif
970
971 return 0;
972
973 out_err_release:
974 if (err == -ENETUNREACH)
975 IP6_INC_STATS(net, NULL, IPSTATS_MIB_OUTNOROUTES);
976 dst_release(*dst);
977 *dst = NULL;
978 return err;
979 }
980
981 /**
982 * ip6_dst_lookup - perform route lookup on flow
983 * @sk: socket which provides route info
984 * @dst: pointer to dst_entry * for result
985 * @fl6: flow to lookup
986 *
987 * This function performs a route lookup on the given flow.
988 *
989 * It returns zero on success, or a standard errno code on error.
990 */
991 int ip6_dst_lookup(struct sock *sk, struct dst_entry **dst, struct flowi6 *fl6)
992 {
993 *dst = NULL;
994 return ip6_dst_lookup_tail(sk, dst, fl6);
995 }
996 EXPORT_SYMBOL_GPL(ip6_dst_lookup);
997
998 /**
999 * ip6_dst_lookup_flow - perform route lookup on flow with ipsec
1000 * @sk: socket which provides route info
1001 * @fl6: flow to lookup
1002 * @final_dst: final destination address for ipsec lookup
1003 *
1004 * This function performs a route lookup on the given flow.
1005 *
1006 * It returns a valid dst pointer on success, or a pointer encoded
1007 * error code.
1008 */
1009 struct dst_entry *ip6_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1010 const struct in6_addr *final_dst)
1011 {
1012 struct dst_entry *dst = NULL;
1013 int err;
1014
1015 err = ip6_dst_lookup_tail(sk, &dst, fl6);
1016 if (err)
1017 return ERR_PTR(err);
1018 if (final_dst)
1019 fl6->daddr = *final_dst;
1020
1021 return xfrm_lookup_route(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0);
1022 }
1023 EXPORT_SYMBOL_GPL(ip6_dst_lookup_flow);
1024
1025 /**
1026 * ip6_sk_dst_lookup_flow - perform socket cached route lookup on flow
1027 * @sk: socket which provides the dst cache and route info
1028 * @fl6: flow to lookup
1029 * @final_dst: final destination address for ipsec lookup
1030 *
1031 * This function performs a route lookup on the given flow with the
1032 * possibility of using the cached route in the socket if it is valid.
1033 * It will take the socket dst lock when operating on the dst cache.
1034 * As a result, this function can only be used in process context.
1035 *
1036 * It returns a valid dst pointer on success, or a pointer encoded
1037 * error code.
1038 */
1039 struct dst_entry *ip6_sk_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1040 const struct in6_addr *final_dst)
1041 {
1042 struct dst_entry *dst = sk_dst_check(sk, inet6_sk(sk)->dst_cookie);
1043 int err;
1044
1045 dst = ip6_sk_dst_check(sk, dst, fl6);
1046
1047 err = ip6_dst_lookup_tail(sk, &dst, fl6);
1048 if (err)
1049 return ERR_PTR(err);
1050 if (final_dst)
1051 fl6->daddr = *final_dst;
1052
1053 return xfrm_lookup_route(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0);
1054 }
1055 EXPORT_SYMBOL_GPL(ip6_sk_dst_lookup_flow);
1056
1057 static inline int ip6_ufo_append_data(struct sock *sk,
1058 struct sk_buff_head *queue,
1059 int getfrag(void *from, char *to, int offset, int len,
1060 int odd, struct sk_buff *skb),
1061 void *from, int length, int hh_len, int fragheaderlen,
1062 int transhdrlen, int mtu, unsigned int flags,
1063 struct rt6_info *rt)
1064
1065 {
1066 struct sk_buff *skb;
1067 struct frag_hdr fhdr;
1068 int err;
1069
1070 /* There is support for UDP large send offload by network
1071 * device, so create one single skb packet containing complete
1072 * udp datagram
1073 */
1074 skb = skb_peek_tail(queue);
1075 if (!skb) {
1076 skb = sock_alloc_send_skb(sk,
1077 hh_len + fragheaderlen + transhdrlen + 20,
1078 (flags & MSG_DONTWAIT), &err);
1079 if (!skb)
1080 return err;
1081
1082 /* reserve space for Hardware header */
1083 skb_reserve(skb, hh_len);
1084
1085 /* create space for UDP/IP header */
1086 skb_put(skb, fragheaderlen + transhdrlen);
1087
1088 /* initialize network header pointer */
1089 skb_reset_network_header(skb);
1090
1091 /* initialize protocol header pointer */
1092 skb->transport_header = skb->network_header + fragheaderlen;
1093
1094 skb->protocol = htons(ETH_P_IPV6);
1095 skb->csum = 0;
1096
1097 __skb_queue_tail(queue, skb);
1098 } else if (skb_is_gso(skb)) {
1099 goto append;
1100 }
1101
1102 skb->ip_summed = CHECKSUM_PARTIAL;
1103 /* Specify the length of each IPv6 datagram fragment.
1104 * It has to be a multiple of 8.
1105 */
1106 skb_shinfo(skb)->gso_size = (mtu - fragheaderlen -
1107 sizeof(struct frag_hdr)) & ~7;
1108 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
1109 ipv6_select_ident(sock_net(sk), &fhdr, rt);
1110 skb_shinfo(skb)->ip6_frag_id = fhdr.identification;
1111
1112 append:
1113 return skb_append_datato_frags(sk, skb, getfrag, from,
1114 (length - transhdrlen));
1115 }
1116
1117 static inline struct ipv6_opt_hdr *ip6_opt_dup(struct ipv6_opt_hdr *src,
1118 gfp_t gfp)
1119 {
1120 return src ? kmemdup(src, (src->hdrlen + 1) * 8, gfp) : NULL;
1121 }
1122
1123 static inline struct ipv6_rt_hdr *ip6_rthdr_dup(struct ipv6_rt_hdr *src,
1124 gfp_t gfp)
1125 {
1126 return src ? kmemdup(src, (src->hdrlen + 1) * 8, gfp) : NULL;
1127 }
1128
1129 static void ip6_append_data_mtu(unsigned int *mtu,
1130 int *maxfraglen,
1131 unsigned int fragheaderlen,
1132 struct sk_buff *skb,
1133 struct rt6_info *rt,
1134 unsigned int orig_mtu)
1135 {
1136 if (!(rt->dst.flags & DST_XFRM_TUNNEL)) {
1137 if (!skb) {
1138 /* first fragment, reserve header_len */
1139 *mtu = orig_mtu - rt->dst.header_len;
1140
1141 } else {
1142 /*
1143 * this fragment is not first, the headers
1144 * space is regarded as data space.
1145 */
1146 *mtu = orig_mtu;
1147 }
1148 *maxfraglen = ((*mtu - fragheaderlen) & ~7)
1149 + fragheaderlen - sizeof(struct frag_hdr);
1150 }
1151 }
1152
1153 static int ip6_setup_cork(struct sock *sk, struct inet_cork_full *cork,
1154 struct inet6_cork *v6_cork,
1155 int hlimit, int tclass, struct ipv6_txoptions *opt,
1156 struct rt6_info *rt, struct flowi6 *fl6)
1157 {
1158 struct ipv6_pinfo *np = inet6_sk(sk);
1159 unsigned int mtu;
1160
1161 /*
1162 * setup for corking
1163 */
1164 if (opt) {
1165 if (WARN_ON(v6_cork->opt))
1166 return -EINVAL;
1167
1168 v6_cork->opt = kzalloc(opt->tot_len, sk->sk_allocation);
1169 if (unlikely(!v6_cork->opt))
1170 return -ENOBUFS;
1171
1172 v6_cork->opt->tot_len = opt->tot_len;
1173 v6_cork->opt->opt_flen = opt->opt_flen;
1174 v6_cork->opt->opt_nflen = opt->opt_nflen;
1175
1176 v6_cork->opt->dst0opt = ip6_opt_dup(opt->dst0opt,
1177 sk->sk_allocation);
1178 if (opt->dst0opt && !v6_cork->opt->dst0opt)
1179 return -ENOBUFS;
1180
1181 v6_cork->opt->dst1opt = ip6_opt_dup(opt->dst1opt,
1182 sk->sk_allocation);
1183 if (opt->dst1opt && !v6_cork->opt->dst1opt)
1184 return -ENOBUFS;
1185
1186 v6_cork->opt->hopopt = ip6_opt_dup(opt->hopopt,
1187 sk->sk_allocation);
1188 if (opt->hopopt && !v6_cork->opt->hopopt)
1189 return -ENOBUFS;
1190
1191 v6_cork->opt->srcrt = ip6_rthdr_dup(opt->srcrt,
1192 sk->sk_allocation);
1193 if (opt->srcrt && !v6_cork->opt->srcrt)
1194 return -ENOBUFS;
1195
1196 /* need source address above miyazawa*/
1197 }
1198 dst_hold(&rt->dst);
1199 cork->base.dst = &rt->dst;
1200 cork->fl.u.ip6 = *fl6;
1201 v6_cork->hop_limit = hlimit;
1202 v6_cork->tclass = tclass;
1203 if (rt->dst.flags & DST_XFRM_TUNNEL)
1204 mtu = np->pmtudisc >= IPV6_PMTUDISC_PROBE ?
1205 rt->dst.dev->mtu : dst_mtu(&rt->dst);
1206 else
1207 mtu = np->pmtudisc >= IPV6_PMTUDISC_PROBE ?
1208 rt->dst.dev->mtu : dst_mtu(rt->dst.path);
1209 if (np->frag_size < mtu) {
1210 if (np->frag_size)
1211 mtu = np->frag_size;
1212 }
1213 cork->base.fragsize = mtu;
1214 if (dst_allfrag(rt->dst.path))
1215 cork->base.flags |= IPCORK_ALLFRAG;
1216 cork->base.length = 0;
1217
1218 return 0;
1219 }
1220
1221 static int __ip6_append_data(struct sock *sk,
1222 struct flowi6 *fl6,
1223 struct sk_buff_head *queue,
1224 struct inet_cork *cork,
1225 struct inet6_cork *v6_cork,
1226 struct page_frag *pfrag,
1227 int getfrag(void *from, char *to, int offset,
1228 int len, int odd, struct sk_buff *skb),
1229 void *from, int length, int transhdrlen,
1230 unsigned int flags, int dontfrag)
1231 {
1232 struct sk_buff *skb, *skb_prev = NULL;
1233 unsigned int maxfraglen, fragheaderlen, mtu, orig_mtu;
1234 int exthdrlen = 0;
1235 int dst_exthdrlen = 0;
1236 int hh_len;
1237 int copy;
1238 int err;
1239 int offset = 0;
1240 __u8 tx_flags = 0;
1241 u32 tskey = 0;
1242 struct rt6_info *rt = (struct rt6_info *)cork->dst;
1243 struct ipv6_txoptions *opt = v6_cork->opt;
1244 int csummode = CHECKSUM_NONE;
1245
1246 skb = skb_peek_tail(queue);
1247 if (!skb) {
1248 exthdrlen = opt ? opt->opt_flen : 0;
1249 dst_exthdrlen = rt->dst.header_len - rt->rt6i_nfheader_len;
1250 }
1251
1252 mtu = cork->fragsize;
1253 orig_mtu = mtu;
1254
1255 hh_len = LL_RESERVED_SPACE(rt->dst.dev);
1256
1257 fragheaderlen = sizeof(struct ipv6hdr) + rt->rt6i_nfheader_len +
1258 (opt ? opt->opt_nflen : 0);
1259 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen -
1260 sizeof(struct frag_hdr);
1261
1262 if (mtu <= sizeof(struct ipv6hdr) + IPV6_MAXPLEN) {
1263 unsigned int maxnonfragsize, headersize;
1264
1265 headersize = sizeof(struct ipv6hdr) +
1266 (opt ? opt->opt_flen + opt->opt_nflen : 0) +
1267 (dst_allfrag(&rt->dst) ?
1268 sizeof(struct frag_hdr) : 0) +
1269 rt->rt6i_nfheader_len;
1270
1271 if (ip6_sk_ignore_df(sk))
1272 maxnonfragsize = sizeof(struct ipv6hdr) + IPV6_MAXPLEN;
1273 else
1274 maxnonfragsize = mtu;
1275
1276 /* dontfrag active */
1277 if ((cork->length + length > mtu - headersize) && dontfrag &&
1278 (sk->sk_protocol == IPPROTO_UDP ||
1279 sk->sk_protocol == IPPROTO_RAW)) {
1280 ipv6_local_rxpmtu(sk, fl6, mtu - headersize +
1281 sizeof(struct ipv6hdr));
1282 goto emsgsize;
1283 }
1284
1285 if (cork->length + length > maxnonfragsize - headersize) {
1286 emsgsize:
1287 ipv6_local_error(sk, EMSGSIZE, fl6,
1288 mtu - headersize +
1289 sizeof(struct ipv6hdr));
1290 return -EMSGSIZE;
1291 }
1292 }
1293
1294 if (sk->sk_type == SOCK_DGRAM || sk->sk_type == SOCK_RAW) {
1295 sock_tx_timestamp(sk, &tx_flags);
1296 if (tx_flags & SKBTX_ANY_SW_TSTAMP &&
1297 sk->sk_tsflags & SOF_TIMESTAMPING_OPT_ID)
1298 tskey = sk->sk_tskey++;
1299 }
1300
1301 /* If this is the first and only packet and device
1302 * supports checksum offloading, let's use it.
1303 * Use transhdrlen, same as IPv4, because partial
1304 * sums only work when transhdrlen is set.
1305 */
1306 if (transhdrlen && sk->sk_protocol == IPPROTO_UDP &&
1307 length + fragheaderlen < mtu &&
1308 rt->dst.dev->features & NETIF_F_V6_CSUM &&
1309 !exthdrlen)
1310 csummode = CHECKSUM_PARTIAL;
1311 /*
1312 * Let's try using as much space as possible.
1313 * Use MTU if total length of the message fits into the MTU.
1314 * Otherwise, we need to reserve fragment header and
1315 * fragment alignment (= 8-15 octects, in total).
1316 *
1317 * Note that we may need to "move" the data from the tail of
1318 * of the buffer to the new fragment when we split
1319 * the message.
1320 *
1321 * FIXME: It may be fragmented into multiple chunks
1322 * at once if non-fragmentable extension headers
1323 * are too large.
1324 * --yoshfuji
1325 */
1326
1327 cork->length += length;
1328 if (((length > mtu) ||
1329 (skb && skb_is_gso(skb))) &&
1330 (sk->sk_protocol == IPPROTO_UDP) &&
1331 (rt->dst.dev->features & NETIF_F_UFO) &&
1332 (sk->sk_type == SOCK_DGRAM)) {
1333 err = ip6_ufo_append_data(sk, queue, getfrag, from, length,
1334 hh_len, fragheaderlen,
1335 transhdrlen, mtu, flags, rt);
1336 if (err)
1337 goto error;
1338 return 0;
1339 }
1340
1341 if (!skb)
1342 goto alloc_new_skb;
1343
1344 while (length > 0) {
1345 /* Check if the remaining data fits into current packet. */
1346 copy = (cork->length <= mtu && !(cork->flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - skb->len;
1347 if (copy < length)
1348 copy = maxfraglen - skb->len;
1349
1350 if (copy <= 0) {
1351 char *data;
1352 unsigned int datalen;
1353 unsigned int fraglen;
1354 unsigned int fraggap;
1355 unsigned int alloclen;
1356 alloc_new_skb:
1357 /* There's no room in the current skb */
1358 if (skb)
1359 fraggap = skb->len - maxfraglen;
1360 else
1361 fraggap = 0;
1362 /* update mtu and maxfraglen if necessary */
1363 if (!skb || !skb_prev)
1364 ip6_append_data_mtu(&mtu, &maxfraglen,
1365 fragheaderlen, skb, rt,
1366 orig_mtu);
1367
1368 skb_prev = skb;
1369
1370 /*
1371 * If remaining data exceeds the mtu,
1372 * we know we need more fragment(s).
1373 */
1374 datalen = length + fraggap;
1375
1376 if (datalen > (cork->length <= mtu && !(cork->flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - fragheaderlen)
1377 datalen = maxfraglen - fragheaderlen - rt->dst.trailer_len;
1378 if ((flags & MSG_MORE) &&
1379 !(rt->dst.dev->features&NETIF_F_SG))
1380 alloclen = mtu;
1381 else
1382 alloclen = datalen + fragheaderlen;
1383
1384 alloclen += dst_exthdrlen;
1385
1386 if (datalen != length + fraggap) {
1387 /*
1388 * this is not the last fragment, the trailer
1389 * space is regarded as data space.
1390 */
1391 datalen += rt->dst.trailer_len;
1392 }
1393
1394 alloclen += rt->dst.trailer_len;
1395 fraglen = datalen + fragheaderlen;
1396
1397 /*
1398 * We just reserve space for fragment header.
1399 * Note: this may be overallocation if the message
1400 * (without MSG_MORE) fits into the MTU.
1401 */
1402 alloclen += sizeof(struct frag_hdr);
1403
1404 if (transhdrlen) {
1405 skb = sock_alloc_send_skb(sk,
1406 alloclen + hh_len,
1407 (flags & MSG_DONTWAIT), &err);
1408 } else {
1409 skb = NULL;
1410 if (atomic_read(&sk->sk_wmem_alloc) <=
1411 2 * sk->sk_sndbuf)
1412 skb = sock_wmalloc(sk,
1413 alloclen + hh_len, 1,
1414 sk->sk_allocation);
1415 if (unlikely(!skb))
1416 err = -ENOBUFS;
1417 }
1418 if (!skb)
1419 goto error;
1420 /*
1421 * Fill in the control structures
1422 */
1423 skb->protocol = htons(ETH_P_IPV6);
1424 skb->ip_summed = csummode;
1425 skb->csum = 0;
1426 /* reserve for fragmentation and ipsec header */
1427 skb_reserve(skb, hh_len + sizeof(struct frag_hdr) +
1428 dst_exthdrlen);
1429
1430 /* Only the initial fragment is time stamped */
1431 skb_shinfo(skb)->tx_flags = tx_flags;
1432 tx_flags = 0;
1433 skb_shinfo(skb)->tskey = tskey;
1434 tskey = 0;
1435
1436 /*
1437 * Find where to start putting bytes
1438 */
1439 data = skb_put(skb, fraglen);
1440 skb_set_network_header(skb, exthdrlen);
1441 data += fragheaderlen;
1442 skb->transport_header = (skb->network_header +
1443 fragheaderlen);
1444 if (fraggap) {
1445 skb->csum = skb_copy_and_csum_bits(
1446 skb_prev, maxfraglen,
1447 data + transhdrlen, fraggap, 0);
1448 skb_prev->csum = csum_sub(skb_prev->csum,
1449 skb->csum);
1450 data += fraggap;
1451 pskb_trim_unique(skb_prev, maxfraglen);
1452 }
1453 copy = datalen - transhdrlen - fraggap;
1454
1455 if (copy < 0) {
1456 err = -EINVAL;
1457 kfree_skb(skb);
1458 goto error;
1459 } else if (copy > 0 && getfrag(from, data + transhdrlen, offset, copy, fraggap, skb) < 0) {
1460 err = -EFAULT;
1461 kfree_skb(skb);
1462 goto error;
1463 }
1464
1465 offset += copy;
1466 length -= datalen - fraggap;
1467 transhdrlen = 0;
1468 exthdrlen = 0;
1469 dst_exthdrlen = 0;
1470
1471 /*
1472 * Put the packet on the pending queue
1473 */
1474 __skb_queue_tail(queue, skb);
1475 continue;
1476 }
1477
1478 if (copy > length)
1479 copy = length;
1480
1481 if (!(rt->dst.dev->features&NETIF_F_SG)) {
1482 unsigned int off;
1483
1484 off = skb->len;
1485 if (getfrag(from, skb_put(skb, copy),
1486 offset, copy, off, skb) < 0) {
1487 __skb_trim(skb, off);
1488 err = -EFAULT;
1489 goto error;
1490 }
1491 } else {
1492 int i = skb_shinfo(skb)->nr_frags;
1493
1494 err = -ENOMEM;
1495 if (!sk_page_frag_refill(sk, pfrag))
1496 goto error;
1497
1498 if (!skb_can_coalesce(skb, i, pfrag->page,
1499 pfrag->offset)) {
1500 err = -EMSGSIZE;
1501 if (i == MAX_SKB_FRAGS)
1502 goto error;
1503
1504 __skb_fill_page_desc(skb, i, pfrag->page,
1505 pfrag->offset, 0);
1506 skb_shinfo(skb)->nr_frags = ++i;
1507 get_page(pfrag->page);
1508 }
1509 copy = min_t(int, copy, pfrag->size - pfrag->offset);
1510 if (getfrag(from,
1511 page_address(pfrag->page) + pfrag->offset,
1512 offset, copy, skb->len, skb) < 0)
1513 goto error_efault;
1514
1515 pfrag->offset += copy;
1516 skb_frag_size_add(&skb_shinfo(skb)->frags[i - 1], copy);
1517 skb->len += copy;
1518 skb->data_len += copy;
1519 skb->truesize += copy;
1520 atomic_add(copy, &sk->sk_wmem_alloc);
1521 }
1522 offset += copy;
1523 length -= copy;
1524 }
1525
1526 return 0;
1527
1528 error_efault:
1529 err = -EFAULT;
1530 error:
1531 cork->length -= length;
1532 IP6_INC_STATS(sock_net(sk), rt->rt6i_idev, IPSTATS_MIB_OUTDISCARDS);
1533 return err;
1534 }
1535
1536 int ip6_append_data(struct sock *sk,
1537 int getfrag(void *from, char *to, int offset, int len,
1538 int odd, struct sk_buff *skb),
1539 void *from, int length, int transhdrlen, int hlimit,
1540 int tclass, struct ipv6_txoptions *opt, struct flowi6 *fl6,
1541 struct rt6_info *rt, unsigned int flags, int dontfrag)
1542 {
1543 struct inet_sock *inet = inet_sk(sk);
1544 struct ipv6_pinfo *np = inet6_sk(sk);
1545 int exthdrlen;
1546 int err;
1547
1548 if (flags&MSG_PROBE)
1549 return 0;
1550 if (skb_queue_empty(&sk->sk_write_queue)) {
1551 /*
1552 * setup for corking
1553 */
1554 err = ip6_setup_cork(sk, &inet->cork, &np->cork, hlimit,
1555 tclass, opt, rt, fl6);
1556 if (err)
1557 return err;
1558
1559 exthdrlen = (opt ? opt->opt_flen : 0);
1560 length += exthdrlen;
1561 transhdrlen += exthdrlen;
1562 } else {
1563 fl6 = &inet->cork.fl.u.ip6;
1564 transhdrlen = 0;
1565 }
1566
1567 return __ip6_append_data(sk, fl6, &sk->sk_write_queue, &inet->cork.base,
1568 &np->cork, sk_page_frag(sk), getfrag,
1569 from, length, transhdrlen, flags, dontfrag);
1570 }
1571 EXPORT_SYMBOL_GPL(ip6_append_data);
1572
1573 static void ip6_cork_release(struct inet_cork_full *cork,
1574 struct inet6_cork *v6_cork)
1575 {
1576 if (v6_cork->opt) {
1577 kfree(v6_cork->opt->dst0opt);
1578 kfree(v6_cork->opt->dst1opt);
1579 kfree(v6_cork->opt->hopopt);
1580 kfree(v6_cork->opt->srcrt);
1581 kfree(v6_cork->opt);
1582 v6_cork->opt = NULL;
1583 }
1584
1585 if (cork->base.dst) {
1586 dst_release(cork->base.dst);
1587 cork->base.dst = NULL;
1588 cork->base.flags &= ~IPCORK_ALLFRAG;
1589 }
1590 memset(&cork->fl, 0, sizeof(cork->fl));
1591 }
1592
1593 struct sk_buff *__ip6_make_skb(struct sock *sk,
1594 struct sk_buff_head *queue,
1595 struct inet_cork_full *cork,
1596 struct inet6_cork *v6_cork)
1597 {
1598 struct sk_buff *skb, *tmp_skb;
1599 struct sk_buff **tail_skb;
1600 struct in6_addr final_dst_buf, *final_dst = &final_dst_buf;
1601 struct ipv6_pinfo *np = inet6_sk(sk);
1602 struct net *net = sock_net(sk);
1603 struct ipv6hdr *hdr;
1604 struct ipv6_txoptions *opt = v6_cork->opt;
1605 struct rt6_info *rt = (struct rt6_info *)cork->base.dst;
1606 struct flowi6 *fl6 = &cork->fl.u.ip6;
1607 unsigned char proto = fl6->flowi6_proto;
1608
1609 skb = __skb_dequeue(queue);
1610 if (!skb)
1611 goto out;
1612 tail_skb = &(skb_shinfo(skb)->frag_list);
1613
1614 /* move skb->data to ip header from ext header */
1615 if (skb->data < skb_network_header(skb))
1616 __skb_pull(skb, skb_network_offset(skb));
1617 while ((tmp_skb = __skb_dequeue(queue)) != NULL) {
1618 __skb_pull(tmp_skb, skb_network_header_len(skb));
1619 *tail_skb = tmp_skb;
1620 tail_skb = &(tmp_skb->next);
1621 skb->len += tmp_skb->len;
1622 skb->data_len += tmp_skb->len;
1623 skb->truesize += tmp_skb->truesize;
1624 tmp_skb->destructor = NULL;
1625 tmp_skb->sk = NULL;
1626 }
1627
1628 /* Allow local fragmentation. */
1629 skb->ignore_df = ip6_sk_ignore_df(sk);
1630
1631 *final_dst = fl6->daddr;
1632 __skb_pull(skb, skb_network_header_len(skb));
1633 if (opt && opt->opt_flen)
1634 ipv6_push_frag_opts(skb, opt, &proto);
1635 if (opt && opt->opt_nflen)
1636 ipv6_push_nfrag_opts(skb, opt, &proto, &final_dst);
1637
1638 skb_push(skb, sizeof(struct ipv6hdr));
1639 skb_reset_network_header(skb);
1640 hdr = ipv6_hdr(skb);
1641
1642 ip6_flow_hdr(hdr, v6_cork->tclass,
1643 ip6_make_flowlabel(net, skb, fl6->flowlabel,
1644 np->autoflowlabel));
1645 hdr->hop_limit = v6_cork->hop_limit;
1646 hdr->nexthdr = proto;
1647 hdr->saddr = fl6->saddr;
1648 hdr->daddr = *final_dst;
1649
1650 skb->priority = sk->sk_priority;
1651 skb->mark = sk->sk_mark;
1652
1653 skb_dst_set(skb, dst_clone(&rt->dst));
1654 IP6_UPD_PO_STATS(net, rt->rt6i_idev, IPSTATS_MIB_OUT, skb->len);
1655 if (proto == IPPROTO_ICMPV6) {
1656 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
1657
1658 ICMP6MSGOUT_INC_STATS(net, idev, icmp6_hdr(skb)->icmp6_type);
1659 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1660 }
1661
1662 ip6_cork_release(cork, v6_cork);
1663 out:
1664 return skb;
1665 }
1666
1667 int ip6_send_skb(struct sk_buff *skb)
1668 {
1669 struct net *net = sock_net(skb->sk);
1670 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
1671 int err;
1672
1673 err = ip6_local_out(skb);
1674 if (err) {
1675 if (err > 0)
1676 err = net_xmit_errno(err);
1677 if (err)
1678 IP6_INC_STATS(net, rt->rt6i_idev,
1679 IPSTATS_MIB_OUTDISCARDS);
1680 }
1681
1682 return err;
1683 }
1684
1685 int ip6_push_pending_frames(struct sock *sk)
1686 {
1687 struct sk_buff *skb;
1688
1689 skb = ip6_finish_skb(sk);
1690 if (!skb)
1691 return 0;
1692
1693 return ip6_send_skb(skb);
1694 }
1695 EXPORT_SYMBOL_GPL(ip6_push_pending_frames);
1696
1697 static void __ip6_flush_pending_frames(struct sock *sk,
1698 struct sk_buff_head *queue,
1699 struct inet_cork_full *cork,
1700 struct inet6_cork *v6_cork)
1701 {
1702 struct sk_buff *skb;
1703
1704 while ((skb = __skb_dequeue_tail(queue)) != NULL) {
1705 if (skb_dst(skb))
1706 IP6_INC_STATS(sock_net(sk), ip6_dst_idev(skb_dst(skb)),
1707 IPSTATS_MIB_OUTDISCARDS);
1708 kfree_skb(skb);
1709 }
1710
1711 ip6_cork_release(cork, v6_cork);
1712 }
1713
1714 void ip6_flush_pending_frames(struct sock *sk)
1715 {
1716 __ip6_flush_pending_frames(sk, &sk->sk_write_queue,
1717 &inet_sk(sk)->cork, &inet6_sk(sk)->cork);
1718 }
1719 EXPORT_SYMBOL_GPL(ip6_flush_pending_frames);
1720
1721 struct sk_buff *ip6_make_skb(struct sock *sk,
1722 int getfrag(void *from, char *to, int offset,
1723 int len, int odd, struct sk_buff *skb),
1724 void *from, int length, int transhdrlen,
1725 int hlimit, int tclass,
1726 struct ipv6_txoptions *opt, struct flowi6 *fl6,
1727 struct rt6_info *rt, unsigned int flags,
1728 int dontfrag)
1729 {
1730 struct inet_cork_full cork;
1731 struct inet6_cork v6_cork;
1732 struct sk_buff_head queue;
1733 int exthdrlen = (opt ? opt->opt_flen : 0);
1734 int err;
1735
1736 if (flags & MSG_PROBE)
1737 return NULL;
1738
1739 __skb_queue_head_init(&queue);
1740
1741 cork.base.flags = 0;
1742 cork.base.addr = 0;
1743 cork.base.opt = NULL;
1744 v6_cork.opt = NULL;
1745 err = ip6_setup_cork(sk, &cork, &v6_cork, hlimit, tclass, opt, rt, fl6);
1746 if (err)
1747 return ERR_PTR(err);
1748
1749 if (dontfrag < 0)
1750 dontfrag = inet6_sk(sk)->dontfrag;
1751
1752 err = __ip6_append_data(sk, fl6, &queue, &cork.base, &v6_cork,
1753 &current->task_frag, getfrag, from,
1754 length + exthdrlen, transhdrlen + exthdrlen,
1755 flags, dontfrag);
1756 if (err) {
1757 __ip6_flush_pending_frames(sk, &queue, &cork, &v6_cork);
1758 return ERR_PTR(err);
1759 }
1760
1761 return __ip6_make_skb(sk, &queue, &cork, &v6_cork);
1762 }
Linux kernel - Deliverables
This page took 0.0831 seconds and 6 git commands to generate.