projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
userns: Print out socket uids in a user namespace aware fashion.
[deliverable/linux.git] / net / ipv6 / tcp_ipv6.c
1 /*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * Based on:
9 * linux/net/ipv4/tcp.c
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
12 *
13 * Fixes:
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
19 *
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
24 */
25
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
34 #include <linux/in.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
42
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
46
47 #include <net/tcp.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
51 #include <net/ipv6.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
58 #include <net/xfrm.h>
59 #include <net/snmp.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/netdma.h>
63 #include <net/inet_common.h>
64 #include <net/secure_seq.h>
65 #include <net/tcp_memcontrol.h>
66
67 #include <asm/uaccess.h>
68
69 #include <linux/proc_fs.h>
70 #include <linux/seq_file.h>
71
72 #include <linux/crypto.h>
73 #include <linux/scatterlist.h>
74
75 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
76 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
77 struct request_sock *req);
78
79 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
80 static void __tcp_v6_send_check(struct sk_buff *skb,
81 const struct in6_addr *saddr,
82 const struct in6_addr *daddr);
83
84 static const struct inet_connection_sock_af_ops ipv6_mapped;
85 static const struct inet_connection_sock_af_ops ipv6_specific;
86 #ifdef CONFIG_TCP_MD5SIG
87 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
88 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
89 #else
90 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
91 const struct in6_addr *addr)
92 {
93 return NULL;
94 }
95 #endif
96
97 static void tcp_v6_hash(struct sock *sk)
98 {
99 if (sk->sk_state != TCP_CLOSE) {
100 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
101 tcp_prot.hash(sk);
102 return;
103 }
104 local_bh_disable();
105 __inet6_hash(sk, NULL);
106 local_bh_enable();
107 }
108 }
109
110 static __inline__ __sum16 tcp_v6_check(int len,
111 const struct in6_addr *saddr,
112 const struct in6_addr *daddr,
113 __wsum base)
114 {
115 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
116 }
117
118 static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
119 {
120 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
121 ipv6_hdr(skb)->saddr.s6_addr32,
122 tcp_hdr(skb)->dest,
123 tcp_hdr(skb)->source);
124 }
125
126 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
127 int addr_len)
128 {
129 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
130 struct inet_sock *inet = inet_sk(sk);
131 struct inet_connection_sock *icsk = inet_csk(sk);
132 struct ipv6_pinfo *np = inet6_sk(sk);
133 struct tcp_sock *tp = tcp_sk(sk);
134 struct in6_addr *saddr = NULL, *final_p, final;
135 struct rt6_info *rt;
136 struct flowi6 fl6;
137 struct dst_entry *dst;
138 int addr_type;
139 int err;
140
141 if (addr_len < SIN6_LEN_RFC2133)
142 return -EINVAL;
143
144 if (usin->sin6_family != AF_INET6)
145 return -EAFNOSUPPORT;
146
147 memset(&fl6, 0, sizeof(fl6));
148
149 if (np->sndflow) {
150 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
151 IP6_ECN_flow_init(fl6.flowlabel);
152 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
153 struct ip6_flowlabel *flowlabel;
154 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
155 if (flowlabel == NULL)
156 return -EINVAL;
157 usin->sin6_addr = flowlabel->dst;
158 fl6_sock_release(flowlabel);
159 }
160 }
161
162 /*
163 * connect() to INADDR_ANY means loopback (BSD'ism).
164 */
165
166 if(ipv6_addr_any(&usin->sin6_addr))
167 usin->sin6_addr.s6_addr[15] = 0x1;
168
169 addr_type = ipv6_addr_type(&usin->sin6_addr);
170
171 if(addr_type & IPV6_ADDR_MULTICAST)
172 return -ENETUNREACH;
173
174 if (addr_type&IPV6_ADDR_LINKLOCAL) {
175 if (addr_len >= sizeof(struct sockaddr_in6) &&
176 usin->sin6_scope_id) {
177 /* If interface is set while binding, indices
178 * must coincide.
179 */
180 if (sk->sk_bound_dev_if &&
181 sk->sk_bound_dev_if != usin->sin6_scope_id)
182 return -EINVAL;
183
184 sk->sk_bound_dev_if = usin->sin6_scope_id;
185 }
186
187 /* Connect to link-local address requires an interface */
188 if (!sk->sk_bound_dev_if)
189 return -EINVAL;
190 }
191
192 if (tp->rx_opt.ts_recent_stamp &&
193 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
194 tp->rx_opt.ts_recent = 0;
195 tp->rx_opt.ts_recent_stamp = 0;
196 tp->write_seq = 0;
197 }
198
199 np->daddr = usin->sin6_addr;
200 np->flow_label = fl6.flowlabel;
201
202 /*
203 * TCP over IPv4
204 */
205
206 if (addr_type == IPV6_ADDR_MAPPED) {
207 u32 exthdrlen = icsk->icsk_ext_hdr_len;
208 struct sockaddr_in sin;
209
210 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
211
212 if (__ipv6_only_sock(sk))
213 return -ENETUNREACH;
214
215 sin.sin_family = AF_INET;
216 sin.sin_port = usin->sin6_port;
217 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
218
219 icsk->icsk_af_ops = &ipv6_mapped;
220 sk->sk_backlog_rcv = tcp_v4_do_rcv;
221 #ifdef CONFIG_TCP_MD5SIG
222 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
223 #endif
224
225 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
226
227 if (err) {
228 icsk->icsk_ext_hdr_len = exthdrlen;
229 icsk->icsk_af_ops = &ipv6_specific;
230 sk->sk_backlog_rcv = tcp_v6_do_rcv;
231 #ifdef CONFIG_TCP_MD5SIG
232 tp->af_specific = &tcp_sock_ipv6_specific;
233 #endif
234 goto failure;
235 } else {
236 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
237 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
238 &np->rcv_saddr);
239 }
240
241 return err;
242 }
243
244 if (!ipv6_addr_any(&np->rcv_saddr))
245 saddr = &np->rcv_saddr;
246
247 fl6.flowi6_proto = IPPROTO_TCP;
248 fl6.daddr = np->daddr;
249 fl6.saddr = saddr ? *saddr : np->saddr;
250 fl6.flowi6_oif = sk->sk_bound_dev_if;
251 fl6.flowi6_mark = sk->sk_mark;
252 fl6.fl6_dport = usin->sin6_port;
253 fl6.fl6_sport = inet->inet_sport;
254
255 final_p = fl6_update_dst(&fl6, np->opt, &final);
256
257 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
258
259 dst = ip6_dst_lookup_flow(sk, &fl6, final_p, true);
260 if (IS_ERR(dst)) {
261 err = PTR_ERR(dst);
262 goto failure;
263 }
264
265 if (saddr == NULL) {
266 saddr = &fl6.saddr;
267 np->rcv_saddr = *saddr;
268 }
269
270 /* set the source address */
271 np->saddr = *saddr;
272 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
273
274 sk->sk_gso_type = SKB_GSO_TCPV6;
275 __ip6_dst_store(sk, dst, NULL, NULL);
276
277 rt = (struct rt6_info *) dst;
278 if (tcp_death_row.sysctl_tw_recycle &&
279 !tp->rx_opt.ts_recent_stamp &&
280 ipv6_addr_equal(&rt->rt6i_dst.addr, &np->daddr))
281 tcp_fetch_timewait_stamp(sk, dst);
282
283 icsk->icsk_ext_hdr_len = 0;
284 if (np->opt)
285 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
286 np->opt->opt_nflen);
287
288 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
289
290 inet->inet_dport = usin->sin6_port;
291
292 tcp_set_state(sk, TCP_SYN_SENT);
293 err = inet6_hash_connect(&tcp_death_row, sk);
294 if (err)
295 goto late_failure;
296
297 if (!tp->write_seq)
298 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
299 np->daddr.s6_addr32,
300 inet->inet_sport,
301 inet->inet_dport);
302
303 err = tcp_connect(sk);
304 if (err)
305 goto late_failure;
306
307 return 0;
308
309 late_failure:
310 tcp_set_state(sk, TCP_CLOSE);
311 __sk_dst_reset(sk);
312 failure:
313 inet->inet_dport = 0;
314 sk->sk_route_caps = 0;
315 return err;
316 }
317
318 static void tcp_v6_mtu_reduced(struct sock *sk)
319 {
320 struct dst_entry *dst;
321
322 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
323 return;
324
325 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
326 if (!dst)
327 return;
328
329 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
330 tcp_sync_mss(sk, dst_mtu(dst));
331 tcp_simple_retransmit(sk);
332 }
333 }
334
335 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
336 u8 type, u8 code, int offset, __be32 info)
337 {
338 const struct ipv6hdr *hdr = (const struct ipv6hdr*)skb->data;
339 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
340 struct ipv6_pinfo *np;
341 struct sock *sk;
342 int err;
343 struct tcp_sock *tp;
344 __u32 seq;
345 struct net *net = dev_net(skb->dev);
346
347 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
348 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
349
350 if (sk == NULL) {
351 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
352 ICMP6_MIB_INERRORS);
353 return;
354 }
355
356 if (sk->sk_state == TCP_TIME_WAIT) {
357 inet_twsk_put(inet_twsk(sk));
358 return;
359 }
360
361 bh_lock_sock(sk);
362 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
363 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
364
365 if (sk->sk_state == TCP_CLOSE)
366 goto out;
367
368 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
369 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
370 goto out;
371 }
372
373 tp = tcp_sk(sk);
374 seq = ntohl(th->seq);
375 if (sk->sk_state != TCP_LISTEN &&
376 !between(seq, tp->snd_una, tp->snd_nxt)) {
377 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
378 goto out;
379 }
380
381 np = inet6_sk(sk);
382
383 if (type == NDISC_REDIRECT) {
384 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
385
386 if (dst)
387 dst->ops->redirect(dst, sk, skb);
388 }
389
390 if (type == ICMPV6_PKT_TOOBIG) {
391 tp->mtu_info = ntohl(info);
392 if (!sock_owned_by_user(sk))
393 tcp_v6_mtu_reduced(sk);
394 else
395 set_bit(TCP_MTU_REDUCED_DEFERRED, &tp->tsq_flags);
396 goto out;
397 }
398
399 icmpv6_err_convert(type, code, &err);
400
401 /* Might be for an request_sock */
402 switch (sk->sk_state) {
403 struct request_sock *req, **prev;
404 case TCP_LISTEN:
405 if (sock_owned_by_user(sk))
406 goto out;
407
408 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
409 &hdr->saddr, inet6_iif(skb));
410 if (!req)
411 goto out;
412
413 /* ICMPs are not backlogged, hence we cannot get
414 * an established socket here.
415 */
416 WARN_ON(req->sk != NULL);
417
418 if (seq != tcp_rsk(req)->snt_isn) {
419 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
420 goto out;
421 }
422
423 inet_csk_reqsk_queue_drop(sk, req, prev);
424 goto out;
425
426 case TCP_SYN_SENT:
427 case TCP_SYN_RECV: /* Cannot happen.
428 It can, it SYNs are crossed. --ANK */
429 if (!sock_owned_by_user(sk)) {
430 sk->sk_err = err;
431 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
432
433 tcp_done(sk);
434 } else
435 sk->sk_err_soft = err;
436 goto out;
437 }
438
439 if (!sock_owned_by_user(sk) && np->recverr) {
440 sk->sk_err = err;
441 sk->sk_error_report(sk);
442 } else
443 sk->sk_err_soft = err;
444
445 out:
446 bh_unlock_sock(sk);
447 sock_put(sk);
448 }
449
450
451 static int tcp_v6_send_synack(struct sock *sk, struct dst_entry *dst,
452 struct flowi6 *fl6,
453 struct request_sock *req,
454 struct request_values *rvp,
455 u16 queue_mapping)
456 {
457 struct inet6_request_sock *treq = inet6_rsk(req);
458 struct ipv6_pinfo *np = inet6_sk(sk);
459 struct sk_buff * skb;
460 int err = -ENOMEM;
461
462 /* First, grab a route. */
463 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL)
464 goto done;
465
466 skb = tcp_make_synack(sk, dst, req, rvp);
467
468 if (skb) {
469 __tcp_v6_send_check(skb, &treq->loc_addr, &treq->rmt_addr);
470
471 fl6->daddr = treq->rmt_addr;
472 skb_set_queue_mapping(skb, queue_mapping);
473 err = ip6_xmit(sk, skb, fl6, np->opt, np->tclass);
474 err = net_xmit_eval(err);
475 }
476
477 done:
478 return err;
479 }
480
481 static int tcp_v6_rtx_synack(struct sock *sk, struct request_sock *req,
482 struct request_values *rvp)
483 {
484 struct flowi6 fl6;
485
486 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
487 return tcp_v6_send_synack(sk, NULL, &fl6, req, rvp, 0);
488 }
489
490 static void tcp_v6_reqsk_destructor(struct request_sock *req)
491 {
492 kfree_skb(inet6_rsk(req)->pktopts);
493 }
494
495 #ifdef CONFIG_TCP_MD5SIG
496 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
497 const struct in6_addr *addr)
498 {
499 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
500 }
501
502 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
503 struct sock *addr_sk)
504 {
505 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
506 }
507
508 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
509 struct request_sock *req)
510 {
511 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
512 }
513
514 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
515 int optlen)
516 {
517 struct tcp_md5sig cmd;
518 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
519
520 if (optlen < sizeof(cmd))
521 return -EINVAL;
522
523 if (copy_from_user(&cmd, optval, sizeof(cmd)))
524 return -EFAULT;
525
526 if (sin6->sin6_family != AF_INET6)
527 return -EINVAL;
528
529 if (!cmd.tcpm_keylen) {
530 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
531 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
532 AF_INET);
533 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
534 AF_INET6);
535 }
536
537 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
538 return -EINVAL;
539
540 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
541 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
542 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
543
544 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
545 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
546 }
547
548 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
549 const struct in6_addr *daddr,
550 const struct in6_addr *saddr, int nbytes)
551 {
552 struct tcp6_pseudohdr *bp;
553 struct scatterlist sg;
554
555 bp = &hp->md5_blk.ip6;
556 /* 1. TCP pseudo-header (RFC2460) */
557 bp->saddr = *saddr;
558 bp->daddr = *daddr;
559 bp->protocol = cpu_to_be32(IPPROTO_TCP);
560 bp->len = cpu_to_be32(nbytes);
561
562 sg_init_one(&sg, bp, sizeof(*bp));
563 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
564 }
565
566 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
567 const struct in6_addr *daddr, struct in6_addr *saddr,
568 const struct tcphdr *th)
569 {
570 struct tcp_md5sig_pool *hp;
571 struct hash_desc *desc;
572
573 hp = tcp_get_md5sig_pool();
574 if (!hp)
575 goto clear_hash_noput;
576 desc = &hp->md5_desc;
577
578 if (crypto_hash_init(desc))
579 goto clear_hash;
580 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
581 goto clear_hash;
582 if (tcp_md5_hash_header(hp, th))
583 goto clear_hash;
584 if (tcp_md5_hash_key(hp, key))
585 goto clear_hash;
586 if (crypto_hash_final(desc, md5_hash))
587 goto clear_hash;
588
589 tcp_put_md5sig_pool();
590 return 0;
591
592 clear_hash:
593 tcp_put_md5sig_pool();
594 clear_hash_noput:
595 memset(md5_hash, 0, 16);
596 return 1;
597 }
598
599 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
600 const struct sock *sk,
601 const struct request_sock *req,
602 const struct sk_buff *skb)
603 {
604 const struct in6_addr *saddr, *daddr;
605 struct tcp_md5sig_pool *hp;
606 struct hash_desc *desc;
607 const struct tcphdr *th = tcp_hdr(skb);
608
609 if (sk) {
610 saddr = &inet6_sk(sk)->saddr;
611 daddr = &inet6_sk(sk)->daddr;
612 } else if (req) {
613 saddr = &inet6_rsk(req)->loc_addr;
614 daddr = &inet6_rsk(req)->rmt_addr;
615 } else {
616 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
617 saddr = &ip6h->saddr;
618 daddr = &ip6h->daddr;
619 }
620
621 hp = tcp_get_md5sig_pool();
622 if (!hp)
623 goto clear_hash_noput;
624 desc = &hp->md5_desc;
625
626 if (crypto_hash_init(desc))
627 goto clear_hash;
628
629 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
630 goto clear_hash;
631 if (tcp_md5_hash_header(hp, th))
632 goto clear_hash;
633 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
634 goto clear_hash;
635 if (tcp_md5_hash_key(hp, key))
636 goto clear_hash;
637 if (crypto_hash_final(desc, md5_hash))
638 goto clear_hash;
639
640 tcp_put_md5sig_pool();
641 return 0;
642
643 clear_hash:
644 tcp_put_md5sig_pool();
645 clear_hash_noput:
646 memset(md5_hash, 0, 16);
647 return 1;
648 }
649
650 static int tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb)
651 {
652 const __u8 *hash_location = NULL;
653 struct tcp_md5sig_key *hash_expected;
654 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
655 const struct tcphdr *th = tcp_hdr(skb);
656 int genhash;
657 u8 newhash[16];
658
659 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
660 hash_location = tcp_parse_md5sig_option(th);
661
662 /* We've parsed the options - do we have a hash? */
663 if (!hash_expected && !hash_location)
664 return 0;
665
666 if (hash_expected && !hash_location) {
667 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
668 return 1;
669 }
670
671 if (!hash_expected && hash_location) {
672 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
673 return 1;
674 }
675
676 /* check the signature */
677 genhash = tcp_v6_md5_hash_skb(newhash,
678 hash_expected,
679 NULL, NULL, skb);
680
681 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
682 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
683 genhash ? "failed" : "mismatch",
684 &ip6h->saddr, ntohs(th->source),
685 &ip6h->daddr, ntohs(th->dest));
686 return 1;
687 }
688 return 0;
689 }
690 #endif
691
692 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
693 .family = AF_INET6,
694 .obj_size = sizeof(struct tcp6_request_sock),
695 .rtx_syn_ack = tcp_v6_rtx_synack,
696 .send_ack = tcp_v6_reqsk_send_ack,
697 .destructor = tcp_v6_reqsk_destructor,
698 .send_reset = tcp_v6_send_reset,
699 .syn_ack_timeout = tcp_syn_ack_timeout,
700 };
701
702 #ifdef CONFIG_TCP_MD5SIG
703 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
704 .md5_lookup = tcp_v6_reqsk_md5_lookup,
705 .calc_md5_hash = tcp_v6_md5_hash_skb,
706 };
707 #endif
708
709 static void __tcp_v6_send_check(struct sk_buff *skb,
710 const struct in6_addr *saddr, const struct in6_addr *daddr)
711 {
712 struct tcphdr *th = tcp_hdr(skb);
713
714 if (skb->ip_summed == CHECKSUM_PARTIAL) {
715 th->check = ~tcp_v6_check(skb->len, saddr, daddr, 0);
716 skb->csum_start = skb_transport_header(skb) - skb->head;
717 skb->csum_offset = offsetof(struct tcphdr, check);
718 } else {
719 th->check = tcp_v6_check(skb->len, saddr, daddr,
720 csum_partial(th, th->doff << 2,
721 skb->csum));
722 }
723 }
724
725 static void tcp_v6_send_check(struct sock *sk, struct sk_buff *skb)
726 {
727 struct ipv6_pinfo *np = inet6_sk(sk);
728
729 __tcp_v6_send_check(skb, &np->saddr, &np->daddr);
730 }
731
732 static int tcp_v6_gso_send_check(struct sk_buff *skb)
733 {
734 const struct ipv6hdr *ipv6h;
735 struct tcphdr *th;
736
737 if (!pskb_may_pull(skb, sizeof(*th)))
738 return -EINVAL;
739
740 ipv6h = ipv6_hdr(skb);
741 th = tcp_hdr(skb);
742
743 th->check = 0;
744 skb->ip_summed = CHECKSUM_PARTIAL;
745 __tcp_v6_send_check(skb, &ipv6h->saddr, &ipv6h->daddr);
746 return 0;
747 }
748
749 static struct sk_buff **tcp6_gro_receive(struct sk_buff **head,
750 struct sk_buff *skb)
751 {
752 const struct ipv6hdr *iph = skb_gro_network_header(skb);
753
754 switch (skb->ip_summed) {
755 case CHECKSUM_COMPLETE:
756 if (!tcp_v6_check(skb_gro_len(skb), &iph->saddr, &iph->daddr,
757 skb->csum)) {
758 skb->ip_summed = CHECKSUM_UNNECESSARY;
759 break;
760 }
761
762 /* fall through */
763 case CHECKSUM_NONE:
764 NAPI_GRO_CB(skb)->flush = 1;
765 return NULL;
766 }
767
768 return tcp_gro_receive(head, skb);
769 }
770
771 static int tcp6_gro_complete(struct sk_buff *skb)
772 {
773 const struct ipv6hdr *iph = ipv6_hdr(skb);
774 struct tcphdr *th = tcp_hdr(skb);
775
776 th->check = ~tcp_v6_check(skb->len - skb_transport_offset(skb),
777 &iph->saddr, &iph->daddr, 0);
778 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6;
779
780 return tcp_gro_complete(skb);
781 }
782
783 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
784 u32 ts, struct tcp_md5sig_key *key, int rst, u8 tclass)
785 {
786 const struct tcphdr *th = tcp_hdr(skb);
787 struct tcphdr *t1;
788 struct sk_buff *buff;
789 struct flowi6 fl6;
790 struct net *net = dev_net(skb_dst(skb)->dev);
791 struct sock *ctl_sk = net->ipv6.tcp_sk;
792 unsigned int tot_len = sizeof(struct tcphdr);
793 struct dst_entry *dst;
794 __be32 *topt;
795
796 if (ts)
797 tot_len += TCPOLEN_TSTAMP_ALIGNED;
798 #ifdef CONFIG_TCP_MD5SIG
799 if (key)
800 tot_len += TCPOLEN_MD5SIG_ALIGNED;
801 #endif
802
803 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
804 GFP_ATOMIC);
805 if (buff == NULL)
806 return;
807
808 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
809
810 t1 = (struct tcphdr *) skb_push(buff, tot_len);
811 skb_reset_transport_header(buff);
812
813 /* Swap the send and the receive. */
814 memset(t1, 0, sizeof(*t1));
815 t1->dest = th->source;
816 t1->source = th->dest;
817 t1->doff = tot_len / 4;
818 t1->seq = htonl(seq);
819 t1->ack_seq = htonl(ack);
820 t1->ack = !rst || !th->ack;
821 t1->rst = rst;
822 t1->window = htons(win);
823
824 topt = (__be32 *)(t1 + 1);
825
826 if (ts) {
827 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
828 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
829 *topt++ = htonl(tcp_time_stamp);
830 *topt++ = htonl(ts);
831 }
832
833 #ifdef CONFIG_TCP_MD5SIG
834 if (key) {
835 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
836 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
837 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
838 &ipv6_hdr(skb)->saddr,
839 &ipv6_hdr(skb)->daddr, t1);
840 }
841 #endif
842
843 memset(&fl6, 0, sizeof(fl6));
844 fl6.daddr = ipv6_hdr(skb)->saddr;
845 fl6.saddr = ipv6_hdr(skb)->daddr;
846
847 buff->ip_summed = CHECKSUM_PARTIAL;
848 buff->csum = 0;
849
850 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
851
852 fl6.flowi6_proto = IPPROTO_TCP;
853 fl6.flowi6_oif = inet6_iif(skb);
854 fl6.fl6_dport = t1->dest;
855 fl6.fl6_sport = t1->source;
856 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
857
858 /* Pass a socket to ip6_dst_lookup either it is for RST
859 * Underlying function will use this to retrieve the network
860 * namespace
861 */
862 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL, false);
863 if (!IS_ERR(dst)) {
864 skb_dst_set(buff, dst);
865 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
866 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
867 if (rst)
868 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
869 return;
870 }
871
872 kfree_skb(buff);
873 }
874
875 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
876 {
877 const struct tcphdr *th = tcp_hdr(skb);
878 u32 seq = 0, ack_seq = 0;
879 struct tcp_md5sig_key *key = NULL;
880 #ifdef CONFIG_TCP_MD5SIG
881 const __u8 *hash_location = NULL;
882 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
883 unsigned char newhash[16];
884 int genhash;
885 struct sock *sk1 = NULL;
886 #endif
887
888 if (th->rst)
889 return;
890
891 if (!ipv6_unicast_destination(skb))
892 return;
893
894 #ifdef CONFIG_TCP_MD5SIG
895 hash_location = tcp_parse_md5sig_option(th);
896 if (!sk && hash_location) {
897 /*
898 * active side is lost. Try to find listening socket through
899 * source port, and then find md5 key through listening socket.
900 * we are not loose security here:
901 * Incoming packet is checked with md5 hash with finding key,
902 * no RST generated if md5 hash doesn't match.
903 */
904 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
905 &tcp_hashinfo, &ipv6h->daddr,
906 ntohs(th->source), inet6_iif(skb));
907 if (!sk1)
908 return;
909
910 rcu_read_lock();
911 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
912 if (!key)
913 goto release_sk1;
914
915 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, NULL, skb);
916 if (genhash || memcmp(hash_location, newhash, 16) != 0)
917 goto release_sk1;
918 } else {
919 key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL;
920 }
921 #endif
922
923 if (th->ack)
924 seq = ntohl(th->ack_seq);
925 else
926 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
927 (th->doff << 2);
928
929 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1, 0);
930
931 #ifdef CONFIG_TCP_MD5SIG
932 release_sk1:
933 if (sk1) {
934 rcu_read_unlock();
935 sock_put(sk1);
936 }
937 #endif
938 }
939
940 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts,
941 struct tcp_md5sig_key *key, u8 tclass)
942 {
943 tcp_v6_send_response(skb, seq, ack, win, ts, key, 0, tclass);
944 }
945
946 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
947 {
948 struct inet_timewait_sock *tw = inet_twsk(sk);
949 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
950
951 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
952 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
953 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw),
954 tw->tw_tclass);
955
956 inet_twsk_put(tw);
957 }
958
959 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
960 struct request_sock *req)
961 {
962 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent,
963 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr), 0);
964 }
965
966
967 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
968 {
969 struct request_sock *req, **prev;
970 const struct tcphdr *th = tcp_hdr(skb);
971 struct sock *nsk;
972
973 /* Find possible connection requests. */
974 req = inet6_csk_search_req(sk, &prev, th->source,
975 &ipv6_hdr(skb)->saddr,
976 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
977 if (req)
978 return tcp_check_req(sk, skb, req, prev);
979
980 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
981 &ipv6_hdr(skb)->saddr, th->source,
982 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
983
984 if (nsk) {
985 if (nsk->sk_state != TCP_TIME_WAIT) {
986 bh_lock_sock(nsk);
987 return nsk;
988 }
989 inet_twsk_put(inet_twsk(nsk));
990 return NULL;
991 }
992
993 #ifdef CONFIG_SYN_COOKIES
994 if (!th->syn)
995 sk = cookie_v6_check(sk, skb);
996 #endif
997 return sk;
998 }
999
1000 /* FIXME: this is substantially similar to the ipv4 code.
1001 * Can some kind of merge be done? -- erics
1002 */
1003 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1004 {
1005 struct tcp_extend_values tmp_ext;
1006 struct tcp_options_received tmp_opt;
1007 const u8 *hash_location;
1008 struct request_sock *req;
1009 struct inet6_request_sock *treq;
1010 struct ipv6_pinfo *np = inet6_sk(sk);
1011 struct tcp_sock *tp = tcp_sk(sk);
1012 __u32 isn = TCP_SKB_CB(skb)->when;
1013 struct dst_entry *dst = NULL;
1014 struct flowi6 fl6;
1015 bool want_cookie = false;
1016
1017 if (skb->protocol == htons(ETH_P_IP))
1018 return tcp_v4_conn_request(sk, skb);
1019
1020 if (!ipv6_unicast_destination(skb))
1021 goto drop;
1022
1023 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1024 want_cookie = tcp_syn_flood_action(sk, skb, "TCPv6");
1025 if (!want_cookie)
1026 goto drop;
1027 }
1028
1029 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1030 goto drop;
1031
1032 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1033 if (req == NULL)
1034 goto drop;
1035
1036 #ifdef CONFIG_TCP_MD5SIG
1037 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1038 #endif
1039
1040 tcp_clear_options(&tmp_opt);
1041 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1042 tmp_opt.user_mss = tp->rx_opt.user_mss;
1043 tcp_parse_options(skb, &tmp_opt, &hash_location, 0, NULL);
1044
1045 if (tmp_opt.cookie_plus > 0 &&
1046 tmp_opt.saw_tstamp &&
1047 !tp->rx_opt.cookie_out_never &&
1048 (sysctl_tcp_cookie_size > 0 ||
1049 (tp->cookie_values != NULL &&
1050 tp->cookie_values->cookie_desired > 0))) {
1051 u8 *c;
1052 u32 *d;
1053 u32 *mess = &tmp_ext.cookie_bakery[COOKIE_DIGEST_WORDS];
1054 int l = tmp_opt.cookie_plus - TCPOLEN_COOKIE_BASE;
1055
1056 if (tcp_cookie_generator(&tmp_ext.cookie_bakery[0]) != 0)
1057 goto drop_and_free;
1058
1059 /* Secret recipe starts with IP addresses */
1060 d = (__force u32 *)&ipv6_hdr(skb)->daddr.s6_addr32[0];
1061 *mess++ ^= *d++;
1062 *mess++ ^= *d++;
1063 *mess++ ^= *d++;
1064 *mess++ ^= *d++;
1065 d = (__force u32 *)&ipv6_hdr(skb)->saddr.s6_addr32[0];
1066 *mess++ ^= *d++;
1067 *mess++ ^= *d++;
1068 *mess++ ^= *d++;
1069 *mess++ ^= *d++;
1070
1071 /* plus variable length Initiator Cookie */
1072 c = (u8 *)mess;
1073 while (l-- > 0)
1074 *c++ ^= *hash_location++;
1075
1076 want_cookie = false; /* not our kind of cookie */
1077 tmp_ext.cookie_out_never = 0; /* false */
1078 tmp_ext.cookie_plus = tmp_opt.cookie_plus;
1079 } else if (!tp->rx_opt.cookie_in_always) {
1080 /* redundant indications, but ensure initialization. */
1081 tmp_ext.cookie_out_never = 1; /* true */
1082 tmp_ext.cookie_plus = 0;
1083 } else {
1084 goto drop_and_free;
1085 }
1086 tmp_ext.cookie_in_always = tp->rx_opt.cookie_in_always;
1087
1088 if (want_cookie && !tmp_opt.saw_tstamp)
1089 tcp_clear_options(&tmp_opt);
1090
1091 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1092 tcp_openreq_init(req, &tmp_opt, skb);
1093
1094 treq = inet6_rsk(req);
1095 treq->rmt_addr = ipv6_hdr(skb)->saddr;
1096 treq->loc_addr = ipv6_hdr(skb)->daddr;
1097 if (!want_cookie || tmp_opt.tstamp_ok)
1098 TCP_ECN_create_request(req, skb);
1099
1100 treq->iif = sk->sk_bound_dev_if;
1101
1102 /* So that link locals have meaning */
1103 if (!sk->sk_bound_dev_if &&
1104 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1105 treq->iif = inet6_iif(skb);
1106
1107 if (!isn) {
1108 if (ipv6_opt_accepted(sk, skb) ||
1109 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1110 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1111 atomic_inc(&skb->users);
1112 treq->pktopts = skb;
1113 }
1114
1115 if (want_cookie) {
1116 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1117 req->cookie_ts = tmp_opt.tstamp_ok;
1118 goto have_isn;
1119 }
1120
1121 /* VJ's idea. We save last timestamp seen
1122 * from the destination in peer table, when entering
1123 * state TIME-WAIT, and check against it before
1124 * accepting new connection request.
1125 *
1126 * If "isn" is not zero, this request hit alive
1127 * timewait bucket, so that all the necessary checks
1128 * are made in the function processing timewait state.
1129 */
1130 if (tmp_opt.saw_tstamp &&
1131 tcp_death_row.sysctl_tw_recycle &&
1132 (dst = inet6_csk_route_req(sk, &fl6, req)) != NULL) {
1133 if (!tcp_peer_is_proven(req, dst, true)) {
1134 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_PAWSPASSIVEREJECTED);
1135 goto drop_and_release;
1136 }
1137 }
1138 /* Kill the following clause, if you dislike this way. */
1139 else if (!sysctl_tcp_syncookies &&
1140 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
1141 (sysctl_max_syn_backlog >> 2)) &&
1142 !tcp_peer_is_proven(req, dst, false)) {
1143 /* Without syncookies last quarter of
1144 * backlog is filled with destinations,
1145 * proven to be alive.
1146 * It means that we continue to communicate
1147 * to destinations, already remembered
1148 * to the moment of synflood.
1149 */
1150 LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open request from %pI6/%u\n",
1151 &treq->rmt_addr, ntohs(tcp_hdr(skb)->source));
1152 goto drop_and_release;
1153 }
1154
1155 isn = tcp_v6_init_sequence(skb);
1156 }
1157 have_isn:
1158 tcp_rsk(req)->snt_isn = isn;
1159 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1160
1161 if (security_inet_conn_request(sk, skb, req))
1162 goto drop_and_release;
1163
1164 if (tcp_v6_send_synack(sk, dst, &fl6, req,
1165 (struct request_values *)&tmp_ext,
1166 skb_get_queue_mapping(skb)) ||
1167 want_cookie)
1168 goto drop_and_free;
1169
1170 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1171 return 0;
1172
1173 drop_and_release:
1174 dst_release(dst);
1175 drop_and_free:
1176 reqsk_free(req);
1177 drop:
1178 return 0; /* don't send reset */
1179 }
1180
1181 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1182 struct request_sock *req,
1183 struct dst_entry *dst)
1184 {
1185 struct inet6_request_sock *treq;
1186 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1187 struct tcp6_sock *newtcp6sk;
1188 struct inet_sock *newinet;
1189 struct tcp_sock *newtp;
1190 struct sock *newsk;
1191 #ifdef CONFIG_TCP_MD5SIG
1192 struct tcp_md5sig_key *key;
1193 #endif
1194 struct flowi6 fl6;
1195
1196 if (skb->protocol == htons(ETH_P_IP)) {
1197 /*
1198 * v6 mapped
1199 */
1200
1201 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1202
1203 if (newsk == NULL)
1204 return NULL;
1205
1206 newtcp6sk = (struct tcp6_sock *)newsk;
1207 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1208
1209 newinet = inet_sk(newsk);
1210 newnp = inet6_sk(newsk);
1211 newtp = tcp_sk(newsk);
1212
1213 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1214
1215 ipv6_addr_set_v4mapped(newinet->inet_daddr, &newnp->daddr);
1216
1217 ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr);
1218
1219 newnp->rcv_saddr = newnp->saddr;
1220
1221 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1222 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1223 #ifdef CONFIG_TCP_MD5SIG
1224 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1225 #endif
1226
1227 newnp->ipv6_ac_list = NULL;
1228 newnp->ipv6_fl_list = NULL;
1229 newnp->pktoptions = NULL;
1230 newnp->opt = NULL;
1231 newnp->mcast_oif = inet6_iif(skb);
1232 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1233 newnp->rcv_tclass = ipv6_tclass(ipv6_hdr(skb));
1234
1235 /*
1236 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1237 * here, tcp_create_openreq_child now does this for us, see the comment in
1238 * that function for the gory details. -acme
1239 */
1240
1241 /* It is tricky place. Until this moment IPv4 tcp
1242 worked with IPv6 icsk.icsk_af_ops.
1243 Sync it now.
1244 */
1245 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1246
1247 return newsk;
1248 }
1249
1250 treq = inet6_rsk(req);
1251
1252 if (sk_acceptq_is_full(sk))
1253 goto out_overflow;
1254
1255 if (!dst) {
1256 dst = inet6_csk_route_req(sk, &fl6, req);
1257 if (!dst)
1258 goto out;
1259 }
1260
1261 newsk = tcp_create_openreq_child(sk, req, skb);
1262 if (newsk == NULL)
1263 goto out_nonewsk;
1264
1265 /*
1266 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1267 * count here, tcp_create_openreq_child now does this for us, see the
1268 * comment in that function for the gory details. -acme
1269 */
1270
1271 newsk->sk_gso_type = SKB_GSO_TCPV6;
1272 __ip6_dst_store(newsk, dst, NULL, NULL);
1273
1274 newtcp6sk = (struct tcp6_sock *)newsk;
1275 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1276
1277 newtp = tcp_sk(newsk);
1278 newinet = inet_sk(newsk);
1279 newnp = inet6_sk(newsk);
1280
1281 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1282
1283 newnp->daddr = treq->rmt_addr;
1284 newnp->saddr = treq->loc_addr;
1285 newnp->rcv_saddr = treq->loc_addr;
1286 newsk->sk_bound_dev_if = treq->iif;
1287
1288 /* Now IPv6 options...
1289
1290 First: no IPv4 options.
1291 */
1292 newinet->inet_opt = NULL;
1293 newnp->ipv6_ac_list = NULL;
1294 newnp->ipv6_fl_list = NULL;
1295
1296 /* Clone RX bits */
1297 newnp->rxopt.all = np->rxopt.all;
1298
1299 /* Clone pktoptions received with SYN */
1300 newnp->pktoptions = NULL;
1301 if (treq->pktopts != NULL) {
1302 newnp->pktoptions = skb_clone(treq->pktopts,
1303 sk_gfp_atomic(sk, GFP_ATOMIC));
1304 consume_skb(treq->pktopts);
1305 treq->pktopts = NULL;
1306 if (newnp->pktoptions)
1307 skb_set_owner_r(newnp->pktoptions, newsk);
1308 }
1309 newnp->opt = NULL;
1310 newnp->mcast_oif = inet6_iif(skb);
1311 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1312 newnp->rcv_tclass = ipv6_tclass(ipv6_hdr(skb));
1313
1314 /* Clone native IPv6 options from listening socket (if any)
1315
1316 Yes, keeping reference count would be much more clever,
1317 but we make one more one thing there: reattach optmem
1318 to newsk.
1319 */
1320 if (np->opt)
1321 newnp->opt = ipv6_dup_options(newsk, np->opt);
1322
1323 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1324 if (newnp->opt)
1325 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1326 newnp->opt->opt_flen);
1327
1328 tcp_mtup_init(newsk);
1329 tcp_sync_mss(newsk, dst_mtu(dst));
1330 newtp->advmss = dst_metric_advmss(dst);
1331 if (tcp_sk(sk)->rx_opt.user_mss &&
1332 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1333 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1334
1335 tcp_initialize_rcv_mss(newsk);
1336 if (tcp_rsk(req)->snt_synack)
1337 tcp_valid_rtt_meas(newsk,
1338 tcp_time_stamp - tcp_rsk(req)->snt_synack);
1339 newtp->total_retrans = req->retrans;
1340
1341 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1342 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1343
1344 #ifdef CONFIG_TCP_MD5SIG
1345 /* Copy over the MD5 key from the original socket */
1346 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1347 /* We're using one, so create a matching key
1348 * on the newsk structure. If we fail to get
1349 * memory, then we end up not copying the key
1350 * across. Shucks.
1351 */
1352 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newnp->daddr,
1353 AF_INET6, key->key, key->keylen,
1354 sk_gfp_atomic(sk, GFP_ATOMIC));
1355 }
1356 #endif
1357
1358 if (__inet_inherit_port(sk, newsk) < 0) {
1359 sock_put(newsk);
1360 goto out;
1361 }
1362 __inet6_hash(newsk, NULL);
1363
1364 return newsk;
1365
1366 out_overflow:
1367 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1368 out_nonewsk:
1369 dst_release(dst);
1370 out:
1371 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1372 return NULL;
1373 }
1374
1375 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1376 {
1377 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1378 if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr,
1379 &ipv6_hdr(skb)->daddr, skb->csum)) {
1380 skb->ip_summed = CHECKSUM_UNNECESSARY;
1381 return 0;
1382 }
1383 }
1384
1385 skb->csum = ~csum_unfold(tcp_v6_check(skb->len,
1386 &ipv6_hdr(skb)->saddr,
1387 &ipv6_hdr(skb)->daddr, 0));
1388
1389 if (skb->len <= 76) {
1390 return __skb_checksum_complete(skb);
1391 }
1392 return 0;
1393 }
1394
1395 /* The socket must have it's spinlock held when we get
1396 * here.
1397 *
1398 * We have a potential double-lock case here, so even when
1399 * doing backlog processing we use the BH locking scheme.
1400 * This is because we cannot sleep with the original spinlock
1401 * held.
1402 */
1403 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1404 {
1405 struct ipv6_pinfo *np = inet6_sk(sk);
1406 struct tcp_sock *tp;
1407 struct sk_buff *opt_skb = NULL;
1408
1409 /* Imagine: socket is IPv6. IPv4 packet arrives,
1410 goes to IPv4 receive handler and backlogged.
1411 From backlog it always goes here. Kerboom...
1412 Fortunately, tcp_rcv_established and rcv_established
1413 handle them correctly, but it is not case with
1414 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1415 */
1416
1417 if (skb->protocol == htons(ETH_P_IP))
1418 return tcp_v4_do_rcv(sk, skb);
1419
1420 #ifdef CONFIG_TCP_MD5SIG
1421 if (tcp_v6_inbound_md5_hash (sk, skb))
1422 goto discard;
1423 #endif
1424
1425 if (sk_filter(sk, skb))
1426 goto discard;
1427
1428 /*
1429 * socket locking is here for SMP purposes as backlog rcv
1430 * is currently called with bh processing disabled.
1431 */
1432
1433 /* Do Stevens' IPV6_PKTOPTIONS.
1434
1435 Yes, guys, it is the only place in our code, where we
1436 may make it not affecting IPv4.
1437 The rest of code is protocol independent,
1438 and I do not like idea to uglify IPv4.
1439
1440 Actually, all the idea behind IPV6_PKTOPTIONS
1441 looks not very well thought. For now we latch
1442 options, received in the last packet, enqueued
1443 by tcp. Feel free to propose better solution.
1444 --ANK (980728)
1445 */
1446 if (np->rxopt.all)
1447 opt_skb = skb_clone(skb, sk_gfp_atomic(sk, GFP_ATOMIC));
1448
1449 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1450 sock_rps_save_rxhash(sk, skb);
1451 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1452 goto reset;
1453 if (opt_skb)
1454 goto ipv6_pktoptions;
1455 return 0;
1456 }
1457
1458 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1459 goto csum_err;
1460
1461 if (sk->sk_state == TCP_LISTEN) {
1462 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1463 if (!nsk)
1464 goto discard;
1465
1466 /*
1467 * Queue it on the new socket if the new socket is active,
1468 * otherwise we just shortcircuit this and continue with
1469 * the new socket..
1470 */
1471 if(nsk != sk) {
1472 sock_rps_save_rxhash(nsk, skb);
1473 if (tcp_child_process(sk, nsk, skb))
1474 goto reset;
1475 if (opt_skb)
1476 __kfree_skb(opt_skb);
1477 return 0;
1478 }
1479 } else
1480 sock_rps_save_rxhash(sk, skb);
1481
1482 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1483 goto reset;
1484 if (opt_skb)
1485 goto ipv6_pktoptions;
1486 return 0;
1487
1488 reset:
1489 tcp_v6_send_reset(sk, skb);
1490 discard:
1491 if (opt_skb)
1492 __kfree_skb(opt_skb);
1493 kfree_skb(skb);
1494 return 0;
1495 csum_err:
1496 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1497 goto discard;
1498
1499
1500 ipv6_pktoptions:
1501 /* Do you ask, what is it?
1502
1503 1. skb was enqueued by tcp.
1504 2. skb is added to tail of read queue, rather than out of order.
1505 3. socket is not in passive state.
1506 4. Finally, it really contains options, which user wants to receive.
1507 */
1508 tp = tcp_sk(sk);
1509 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1510 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1511 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1512 np->mcast_oif = inet6_iif(opt_skb);
1513 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1514 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1515 if (np->rxopt.bits.rxtclass)
1516 np->rcv_tclass = ipv6_tclass(ipv6_hdr(skb));
1517 if (ipv6_opt_accepted(sk, opt_skb)) {
1518 skb_set_owner_r(opt_skb, sk);
1519 opt_skb = xchg(&np->pktoptions, opt_skb);
1520 } else {
1521 __kfree_skb(opt_skb);
1522 opt_skb = xchg(&np->pktoptions, NULL);
1523 }
1524 }
1525
1526 kfree_skb(opt_skb);
1527 return 0;
1528 }
1529
1530 static int tcp_v6_rcv(struct sk_buff *skb)
1531 {
1532 const struct tcphdr *th;
1533 const struct ipv6hdr *hdr;
1534 struct sock *sk;
1535 int ret;
1536 struct net *net = dev_net(skb->dev);
1537
1538 if (skb->pkt_type != PACKET_HOST)
1539 goto discard_it;
1540
1541 /*
1542 * Count it even if it's bad.
1543 */
1544 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1545
1546 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1547 goto discard_it;
1548
1549 th = tcp_hdr(skb);
1550
1551 if (th->doff < sizeof(struct tcphdr)/4)
1552 goto bad_packet;
1553 if (!pskb_may_pull(skb, th->doff*4))
1554 goto discard_it;
1555
1556 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1557 goto bad_packet;
1558
1559 th = tcp_hdr(skb);
1560 hdr = ipv6_hdr(skb);
1561 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1562 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1563 skb->len - th->doff*4);
1564 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1565 TCP_SKB_CB(skb)->when = 0;
1566 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1567 TCP_SKB_CB(skb)->sacked = 0;
1568
1569 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1570 if (!sk)
1571 goto no_tcp_socket;
1572
1573 process:
1574 if (sk->sk_state == TCP_TIME_WAIT)
1575 goto do_time_wait;
1576
1577 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1578 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1579 goto discard_and_relse;
1580 }
1581
1582 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1583 goto discard_and_relse;
1584
1585 if (sk_filter(sk, skb))
1586 goto discard_and_relse;
1587
1588 skb->dev = NULL;
1589
1590 bh_lock_sock_nested(sk);
1591 ret = 0;
1592 if (!sock_owned_by_user(sk)) {
1593 #ifdef CONFIG_NET_DMA
1594 struct tcp_sock *tp = tcp_sk(sk);
1595 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1596 tp->ucopy.dma_chan = net_dma_find_channel();
1597 if (tp->ucopy.dma_chan)
1598 ret = tcp_v6_do_rcv(sk, skb);
1599 else
1600 #endif
1601 {
1602 if (!tcp_prequeue(sk, skb))
1603 ret = tcp_v6_do_rcv(sk, skb);
1604 }
1605 } else if (unlikely(sk_add_backlog(sk, skb,
1606 sk->sk_rcvbuf + sk->sk_sndbuf))) {
1607 bh_unlock_sock(sk);
1608 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
1609 goto discard_and_relse;
1610 }
1611 bh_unlock_sock(sk);
1612
1613 sock_put(sk);
1614 return ret ? -1 : 0;
1615
1616 no_tcp_socket:
1617 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1618 goto discard_it;
1619
1620 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1621 bad_packet:
1622 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1623 } else {
1624 tcp_v6_send_reset(NULL, skb);
1625 }
1626
1627 discard_it:
1628
1629 /*
1630 * Discard frame
1631 */
1632
1633 kfree_skb(skb);
1634 return 0;
1635
1636 discard_and_relse:
1637 sock_put(sk);
1638 goto discard_it;
1639
1640 do_time_wait:
1641 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1642 inet_twsk_put(inet_twsk(sk));
1643 goto discard_it;
1644 }
1645
1646 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1647 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1648 inet_twsk_put(inet_twsk(sk));
1649 goto discard_it;
1650 }
1651
1652 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1653 case TCP_TW_SYN:
1654 {
1655 struct sock *sk2;
1656
1657 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1658 &ipv6_hdr(skb)->daddr,
1659 ntohs(th->dest), inet6_iif(skb));
1660 if (sk2 != NULL) {
1661 struct inet_timewait_sock *tw = inet_twsk(sk);
1662 inet_twsk_deschedule(tw, &tcp_death_row);
1663 inet_twsk_put(tw);
1664 sk = sk2;
1665 goto process;
1666 }
1667 /* Fall through to ACK */
1668 }
1669 case TCP_TW_ACK:
1670 tcp_v6_timewait_ack(sk, skb);
1671 break;
1672 case TCP_TW_RST:
1673 goto no_tcp_socket;
1674 case TCP_TW_SUCCESS:;
1675 }
1676 goto discard_it;
1677 }
1678
1679 static void tcp_v6_early_demux(struct sk_buff *skb)
1680 {
1681 const struct ipv6hdr *hdr;
1682 const struct tcphdr *th;
1683 struct sock *sk;
1684
1685 if (skb->pkt_type != PACKET_HOST)
1686 return;
1687
1688 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1689 return;
1690
1691 hdr = ipv6_hdr(skb);
1692 th = tcp_hdr(skb);
1693
1694 if (th->doff < sizeof(struct tcphdr) / 4)
1695 return;
1696
1697 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1698 &hdr->saddr, th->source,
1699 &hdr->daddr, ntohs(th->dest),
1700 inet6_iif(skb));
1701 if (sk) {
1702 skb->sk = sk;
1703 skb->destructor = sock_edemux;
1704 if (sk->sk_state != TCP_TIME_WAIT) {
1705 struct dst_entry *dst = sk->sk_rx_dst;
1706 struct inet_sock *icsk = inet_sk(sk);
1707 if (dst)
1708 dst = dst_check(dst, 0);
1709 if (dst &&
1710 icsk->rx_dst_ifindex == inet6_iif(skb))
1711 skb_dst_set_noref(skb, dst);
1712 }
1713 }
1714 }
1715
1716 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1717 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1718 .twsk_unique = tcp_twsk_unique,
1719 .twsk_destructor= tcp_twsk_destructor,
1720 };
1721
1722 static const struct inet_connection_sock_af_ops ipv6_specific = {
1723 .queue_xmit = inet6_csk_xmit,
1724 .send_check = tcp_v6_send_check,
1725 .rebuild_header = inet6_sk_rebuild_header,
1726 .conn_request = tcp_v6_conn_request,
1727 .syn_recv_sock = tcp_v6_syn_recv_sock,
1728 .net_header_len = sizeof(struct ipv6hdr),
1729 .net_frag_header_len = sizeof(struct frag_hdr),
1730 .setsockopt = ipv6_setsockopt,
1731 .getsockopt = ipv6_getsockopt,
1732 .addr2sockaddr = inet6_csk_addr2sockaddr,
1733 .sockaddr_len = sizeof(struct sockaddr_in6),
1734 .bind_conflict = inet6_csk_bind_conflict,
1735 #ifdef CONFIG_COMPAT
1736 .compat_setsockopt = compat_ipv6_setsockopt,
1737 .compat_getsockopt = compat_ipv6_getsockopt,
1738 #endif
1739 };
1740
1741 #ifdef CONFIG_TCP_MD5SIG
1742 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1743 .md5_lookup = tcp_v6_md5_lookup,
1744 .calc_md5_hash = tcp_v6_md5_hash_skb,
1745 .md5_parse = tcp_v6_parse_md5_keys,
1746 };
1747 #endif
1748
1749 /*
1750 * TCP over IPv4 via INET6 API
1751 */
1752
1753 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1754 .queue_xmit = ip_queue_xmit,
1755 .send_check = tcp_v4_send_check,
1756 .rebuild_header = inet_sk_rebuild_header,
1757 .conn_request = tcp_v6_conn_request,
1758 .syn_recv_sock = tcp_v6_syn_recv_sock,
1759 .net_header_len = sizeof(struct iphdr),
1760 .setsockopt = ipv6_setsockopt,
1761 .getsockopt = ipv6_getsockopt,
1762 .addr2sockaddr = inet6_csk_addr2sockaddr,
1763 .sockaddr_len = sizeof(struct sockaddr_in6),
1764 .bind_conflict = inet6_csk_bind_conflict,
1765 #ifdef CONFIG_COMPAT
1766 .compat_setsockopt = compat_ipv6_setsockopt,
1767 .compat_getsockopt = compat_ipv6_getsockopt,
1768 #endif
1769 };
1770
1771 #ifdef CONFIG_TCP_MD5SIG
1772 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1773 .md5_lookup = tcp_v4_md5_lookup,
1774 .calc_md5_hash = tcp_v4_md5_hash_skb,
1775 .md5_parse = tcp_v6_parse_md5_keys,
1776 };
1777 #endif
1778
1779 /* NOTE: A lot of things set to zero explicitly by call to
1780 * sk_alloc() so need not be done here.
1781 */
1782 static int tcp_v6_init_sock(struct sock *sk)
1783 {
1784 struct inet_connection_sock *icsk = inet_csk(sk);
1785
1786 tcp_init_sock(sk);
1787
1788 icsk->icsk_af_ops = &ipv6_specific;
1789
1790 #ifdef CONFIG_TCP_MD5SIG
1791 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1792 #endif
1793
1794 return 0;
1795 }
1796
1797 static void tcp_v6_destroy_sock(struct sock *sk)
1798 {
1799 tcp_v4_destroy_sock(sk);
1800 inet6_destroy_sock(sk);
1801 }
1802
1803 #ifdef CONFIG_PROC_FS
1804 /* Proc filesystem TCPv6 sock list dumping. */
1805 static void get_openreq6(struct seq_file *seq,
1806 const struct sock *sk, struct request_sock *req, int i, kuid_t uid)
1807 {
1808 int ttd = req->expires - jiffies;
1809 const struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1810 const struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1811
1812 if (ttd < 0)
1813 ttd = 0;
1814
1815 seq_printf(seq,
1816 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1817 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1818 i,
1819 src->s6_addr32[0], src->s6_addr32[1],
1820 src->s6_addr32[2], src->s6_addr32[3],
1821 ntohs(inet_rsk(req)->loc_port),
1822 dest->s6_addr32[0], dest->s6_addr32[1],
1823 dest->s6_addr32[2], dest->s6_addr32[3],
1824 ntohs(inet_rsk(req)->rmt_port),
1825 TCP_SYN_RECV,
1826 0,0, /* could print option size, but that is af dependent. */
1827 1, /* timers active (only the expire timer) */
1828 jiffies_to_clock_t(ttd),
1829 req->retrans,
1830 from_kuid_munged(seq_user_ns(seq), uid),
1831 0, /* non standard timer */
1832 0, /* open_requests have no inode */
1833 0, req);
1834 }
1835
1836 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1837 {
1838 const struct in6_addr *dest, *src;
1839 __u16 destp, srcp;
1840 int timer_active;
1841 unsigned long timer_expires;
1842 const struct inet_sock *inet = inet_sk(sp);
1843 const struct tcp_sock *tp = tcp_sk(sp);
1844 const struct inet_connection_sock *icsk = inet_csk(sp);
1845 const struct ipv6_pinfo *np = inet6_sk(sp);
1846
1847 dest = &np->daddr;
1848 src = &np->rcv_saddr;
1849 destp = ntohs(inet->inet_dport);
1850 srcp = ntohs(inet->inet_sport);
1851
1852 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1853 timer_active = 1;
1854 timer_expires = icsk->icsk_timeout;
1855 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1856 timer_active = 4;
1857 timer_expires = icsk->icsk_timeout;
1858 } else if (timer_pending(&sp->sk_timer)) {
1859 timer_active = 2;
1860 timer_expires = sp->sk_timer.expires;
1861 } else {
1862 timer_active = 0;
1863 timer_expires = jiffies;
1864 }
1865
1866 seq_printf(seq,
1867 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1868 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %pK %lu %lu %u %u %d\n",
1869 i,
1870 src->s6_addr32[0], src->s6_addr32[1],
1871 src->s6_addr32[2], src->s6_addr32[3], srcp,
1872 dest->s6_addr32[0], dest->s6_addr32[1],
1873 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1874 sp->sk_state,
1875 tp->write_seq-tp->snd_una,
1876 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1877 timer_active,
1878 jiffies_to_clock_t(timer_expires - jiffies),
1879 icsk->icsk_retransmits,
1880 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1881 icsk->icsk_probes_out,
1882 sock_i_ino(sp),
1883 atomic_read(&sp->sk_refcnt), sp,
1884 jiffies_to_clock_t(icsk->icsk_rto),
1885 jiffies_to_clock_t(icsk->icsk_ack.ato),
1886 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1887 tp->snd_cwnd,
1888 tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh
1889 );
1890 }
1891
1892 static void get_timewait6_sock(struct seq_file *seq,
1893 struct inet_timewait_sock *tw, int i)
1894 {
1895 const struct in6_addr *dest, *src;
1896 __u16 destp, srcp;
1897 const struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
1898 int ttd = tw->tw_ttd - jiffies;
1899
1900 if (ttd < 0)
1901 ttd = 0;
1902
1903 dest = &tw6->tw_v6_daddr;
1904 src = &tw6->tw_v6_rcv_saddr;
1905 destp = ntohs(tw->tw_dport);
1906 srcp = ntohs(tw->tw_sport);
1907
1908 seq_printf(seq,
1909 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1910 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1911 i,
1912 src->s6_addr32[0], src->s6_addr32[1],
1913 src->s6_addr32[2], src->s6_addr32[3], srcp,
1914 dest->s6_addr32[0], dest->s6_addr32[1],
1915 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1916 tw->tw_substate, 0, 0,
1917 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
1918 atomic_read(&tw->tw_refcnt), tw);
1919 }
1920
1921 static int tcp6_seq_show(struct seq_file *seq, void *v)
1922 {
1923 struct tcp_iter_state *st;
1924
1925 if (v == SEQ_START_TOKEN) {
1926 seq_puts(seq,
1927 " sl "
1928 "local_address "
1929 "remote_address "
1930 "st tx_queue rx_queue tr tm->when retrnsmt"
1931 " uid timeout inode\n");
1932 goto out;
1933 }
1934 st = seq->private;
1935
1936 switch (st->state) {
1937 case TCP_SEQ_STATE_LISTENING:
1938 case TCP_SEQ_STATE_ESTABLISHED:
1939 get_tcp6_sock(seq, v, st->num);
1940 break;
1941 case TCP_SEQ_STATE_OPENREQ:
1942 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
1943 break;
1944 case TCP_SEQ_STATE_TIME_WAIT:
1945 get_timewait6_sock(seq, v, st->num);
1946 break;
1947 }
1948 out:
1949 return 0;
1950 }
1951
1952 static const struct file_operations tcp6_afinfo_seq_fops = {
1953 .owner = THIS_MODULE,
1954 .open = tcp_seq_open,
1955 .read = seq_read,
1956 .llseek = seq_lseek,
1957 .release = seq_release_net
1958 };
1959
1960 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1961 .name = "tcp6",
1962 .family = AF_INET6,
1963 .seq_fops = &tcp6_afinfo_seq_fops,
1964 .seq_ops = {
1965 .show = tcp6_seq_show,
1966 },
1967 };
1968
1969 int __net_init tcp6_proc_init(struct net *net)
1970 {
1971 return tcp_proc_register(net, &tcp6_seq_afinfo);
1972 }
1973
1974 void tcp6_proc_exit(struct net *net)
1975 {
1976 tcp_proc_unregister(net, &tcp6_seq_afinfo);
1977 }
1978 #endif
1979
1980 struct proto tcpv6_prot = {
1981 .name = "TCPv6",
1982 .owner = THIS_MODULE,
1983 .close = tcp_close,
1984 .connect = tcp_v6_connect,
1985 .disconnect = tcp_disconnect,
1986 .accept = inet_csk_accept,
1987 .ioctl = tcp_ioctl,
1988 .init = tcp_v6_init_sock,
1989 .destroy = tcp_v6_destroy_sock,
1990 .shutdown = tcp_shutdown,
1991 .setsockopt = tcp_setsockopt,
1992 .getsockopt = tcp_getsockopt,
1993 .recvmsg = tcp_recvmsg,
1994 .sendmsg = tcp_sendmsg,
1995 .sendpage = tcp_sendpage,
1996 .backlog_rcv = tcp_v6_do_rcv,
1997 .release_cb = tcp_release_cb,
1998 .mtu_reduced = tcp_v6_mtu_reduced,
1999 .hash = tcp_v6_hash,
2000 .unhash = inet_unhash,
2001 .get_port = inet_csk_get_port,
2002 .enter_memory_pressure = tcp_enter_memory_pressure,
2003 .sockets_allocated = &tcp_sockets_allocated,
2004 .memory_allocated = &tcp_memory_allocated,
2005 .memory_pressure = &tcp_memory_pressure,
2006 .orphan_count = &tcp_orphan_count,
2007 .sysctl_wmem = sysctl_tcp_wmem,
2008 .sysctl_rmem = sysctl_tcp_rmem,
2009 .max_header = MAX_TCP_HEADER,
2010 .obj_size = sizeof(struct tcp6_sock),
2011 .slab_flags = SLAB_DESTROY_BY_RCU,
2012 .twsk_prot = &tcp6_timewait_sock_ops,
2013 .rsk_prot = &tcp6_request_sock_ops,
2014 .h.hashinfo = &tcp_hashinfo,
2015 .no_autobind = true,
2016 #ifdef CONFIG_COMPAT
2017 .compat_setsockopt = compat_tcp_setsockopt,
2018 .compat_getsockopt = compat_tcp_getsockopt,
2019 #endif
2020 #ifdef CONFIG_MEMCG_KMEM
2021 .proto_cgroup = tcp_proto_cgroup,
2022 #endif
2023 };
2024
2025 static const struct inet6_protocol tcpv6_protocol = {
2026 .early_demux = tcp_v6_early_demux,
2027 .handler = tcp_v6_rcv,
2028 .err_handler = tcp_v6_err,
2029 .gso_send_check = tcp_v6_gso_send_check,
2030 .gso_segment = tcp_tso_segment,
2031 .gro_receive = tcp6_gro_receive,
2032 .gro_complete = tcp6_gro_complete,
2033 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2034 };
2035
2036 static struct inet_protosw tcpv6_protosw = {
2037 .type = SOCK_STREAM,
2038 .protocol = IPPROTO_TCP,
2039 .prot = &tcpv6_prot,
2040 .ops = &inet6_stream_ops,
2041 .no_check = 0,
2042 .flags = INET_PROTOSW_PERMANENT |
2043 INET_PROTOSW_ICSK,
2044 };
2045
2046 static int __net_init tcpv6_net_init(struct net *net)
2047 {
2048 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2049 SOCK_RAW, IPPROTO_TCP, net);
2050 }
2051
2052 static void __net_exit tcpv6_net_exit(struct net *net)
2053 {
2054 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2055 }
2056
2057 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2058 {
2059 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
2060 }
2061
2062 static struct pernet_operations tcpv6_net_ops = {
2063 .init = tcpv6_net_init,
2064 .exit = tcpv6_net_exit,
2065 .exit_batch = tcpv6_net_exit_batch,
2066 };
2067
2068 int __init tcpv6_init(void)
2069 {
2070 int ret;
2071
2072 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2073 if (ret)
2074 goto out;
2075
2076 /* register inet6 protocol */
2077 ret = inet6_register_protosw(&tcpv6_protosw);
2078 if (ret)
2079 goto out_tcpv6_protocol;
2080
2081 ret = register_pernet_subsys(&tcpv6_net_ops);
2082 if (ret)
2083 goto out_tcpv6_protosw;
2084 out:
2085 return ret;
2086
2087 out_tcpv6_protocol:
2088 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2089 out_tcpv6_protosw:
2090 inet6_unregister_protosw(&tcpv6_protosw);
2091 goto out;
2092 }
2093
2094 void tcpv6_exit(void)
2095 {
2096 unregister_pernet_subsys(&tcpv6_net_ops);
2097 inet6_unregister_protosw(&tcpv6_protosw);
2098 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2099 }
Linux kernel - Deliverables
This page took 0.09844 seconds and 5 git commands to generate.