3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
26 #include <linux/module.h>
27 #include <linux/errno.h>
28 #include <linux/types.h>
29 #include <linux/socket.h>
30 #include <linux/sockios.h>
31 #include <linux/net.h>
32 #include <linux/jiffies.h>
34 #include <linux/in6.h>
35 #include <linux/netdevice.h>
36 #include <linux/init.h>
37 #include <linux/jhash.h>
38 #include <linux/ipsec.h>
39 #include <linux/times.h>
41 #include <linux/ipv6.h>
42 #include <linux/icmpv6.h>
43 #include <linux/random.h>
46 #include <net/ndisc.h>
47 #include <net/inet6_hashtables.h>
48 #include <net/inet6_connection_sock.h>
50 #include <net/transp_v6.h>
51 #include <net/addrconf.h>
52 #include <net/ip6_route.h>
53 #include <net/ip6_checksum.h>
54 #include <net/inet_ecn.h>
55 #include <net/protocol.h>
58 #include <net/dsfield.h>
59 #include <net/timewait_sock.h>
60 #include <net/netdma.h>
61 #include <net/inet_common.h>
63 #include <asm/uaccess.h>
65 #include <linux/proc_fs.h>
66 #include <linux/seq_file.h>
68 #include <linux/crypto.h>
69 #include <linux/scatterlist.h>
71 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
72 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
73 struct request_sock *req);
75 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
77 static struct inet_connection_sock_af_ops ipv6_mapped;
78 static struct inet_connection_sock_af_ops ipv6_specific;
79 #ifdef CONFIG_TCP_MD5SIG
80 static struct tcp_sock_af_ops tcp_sock_ipv6_specific;
81 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
83 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
84 struct in6_addr *addr)
90 static void tcp_v6_hash(struct sock *sk)
92 if (sk->sk_state != TCP_CLOSE) {
93 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
103 static __inline__ __sum16 tcp_v6_check(struct tcphdr *th, int len,
104 struct in6_addr *saddr,
105 struct in6_addr *daddr,
108 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
111 static __u32 tcp_v6_init_sequence(struct sk_buff *skb)
113 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
114 ipv6_hdr(skb)->saddr.s6_addr32,
116 tcp_hdr(skb)->source);
119 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
122 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
123 struct inet_sock *inet = inet_sk(sk);
124 struct inet_connection_sock *icsk = inet_csk(sk);
125 struct ipv6_pinfo *np = inet6_sk(sk);
126 struct tcp_sock *tp = tcp_sk(sk);
127 struct in6_addr *saddr = NULL, *final_p = NULL, final;
129 struct dst_entry *dst;
133 if (addr_len < SIN6_LEN_RFC2133)
136 if (usin->sin6_family != AF_INET6)
137 return(-EAFNOSUPPORT);
139 memset(&fl, 0, sizeof(fl));
142 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
143 IP6_ECN_flow_init(fl.fl6_flowlabel);
144 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
145 struct ip6_flowlabel *flowlabel;
146 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
147 if (flowlabel == NULL)
149 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
150 fl6_sock_release(flowlabel);
155 * connect() to INADDR_ANY means loopback (BSD'ism).
158 if(ipv6_addr_any(&usin->sin6_addr))
159 usin->sin6_addr.s6_addr[15] = 0x1;
161 addr_type = ipv6_addr_type(&usin->sin6_addr);
163 if(addr_type & IPV6_ADDR_MULTICAST)
166 if (addr_type&IPV6_ADDR_LINKLOCAL) {
167 if (addr_len >= sizeof(struct sockaddr_in6) &&
168 usin->sin6_scope_id) {
169 /* If interface is set while binding, indices
172 if (sk->sk_bound_dev_if &&
173 sk->sk_bound_dev_if != usin->sin6_scope_id)
176 sk->sk_bound_dev_if = usin->sin6_scope_id;
179 /* Connect to link-local address requires an interface */
180 if (!sk->sk_bound_dev_if)
184 if (tp->rx_opt.ts_recent_stamp &&
185 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
186 tp->rx_opt.ts_recent = 0;
187 tp->rx_opt.ts_recent_stamp = 0;
191 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
192 np->flow_label = fl.fl6_flowlabel;
198 if (addr_type == IPV6_ADDR_MAPPED) {
199 u32 exthdrlen = icsk->icsk_ext_hdr_len;
200 struct sockaddr_in sin;
202 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
204 if (__ipv6_only_sock(sk))
207 sin.sin_family = AF_INET;
208 sin.sin_port = usin->sin6_port;
209 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
211 icsk->icsk_af_ops = &ipv6_mapped;
212 sk->sk_backlog_rcv = tcp_v4_do_rcv;
213 #ifdef CONFIG_TCP_MD5SIG
214 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
217 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
220 icsk->icsk_ext_hdr_len = exthdrlen;
221 icsk->icsk_af_ops = &ipv6_specific;
222 sk->sk_backlog_rcv = tcp_v6_do_rcv;
223 #ifdef CONFIG_TCP_MD5SIG
224 tp->af_specific = &tcp_sock_ipv6_specific;
228 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
230 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
237 if (!ipv6_addr_any(&np->rcv_saddr))
238 saddr = &np->rcv_saddr;
240 fl.proto = IPPROTO_TCP;
241 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
242 ipv6_addr_copy(&fl.fl6_src,
243 (saddr ? saddr : &np->saddr));
244 fl.oif = sk->sk_bound_dev_if;
245 fl.fl_ip_dport = usin->sin6_port;
246 fl.fl_ip_sport = inet->sport;
248 if (np->opt && np->opt->srcrt) {
249 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
250 ipv6_addr_copy(&final, &fl.fl6_dst);
251 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
255 security_sk_classify_flow(sk, &fl);
257 err = ip6_dst_lookup(sk, &dst, &fl);
261 ipv6_addr_copy(&fl.fl6_dst, final_p);
263 if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) {
265 err = ip6_dst_blackhole(sk, &dst, &fl);
272 ipv6_addr_copy(&np->rcv_saddr, saddr);
275 /* set the source address */
276 ipv6_addr_copy(&np->saddr, saddr);
277 inet->rcv_saddr = LOOPBACK4_IPV6;
279 sk->sk_gso_type = SKB_GSO_TCPV6;
280 __ip6_dst_store(sk, dst, NULL, NULL);
282 icsk->icsk_ext_hdr_len = 0;
284 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
287 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
289 inet->dport = usin->sin6_port;
291 tcp_set_state(sk, TCP_SYN_SENT);
292 err = inet6_hash_connect(&tcp_death_row, sk);
297 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
302 err = tcp_connect(sk);
309 tcp_set_state(sk, TCP_CLOSE);
313 sk->sk_route_caps = 0;
317 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
318 int type, int code, int offset, __be32 info)
320 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
321 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
322 struct ipv6_pinfo *np;
327 struct net *net = dev_net(skb->dev);
329 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
330 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
333 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
338 if (sk->sk_state == TCP_TIME_WAIT) {
339 inet_twsk_put(inet_twsk(sk));
344 if (sock_owned_by_user(sk))
345 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
347 if (sk->sk_state == TCP_CLOSE)
351 seq = ntohl(th->seq);
352 if (sk->sk_state != TCP_LISTEN &&
353 !between(seq, tp->snd_una, tp->snd_nxt)) {
354 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
360 if (type == ICMPV6_PKT_TOOBIG) {
361 struct dst_entry *dst = NULL;
363 if (sock_owned_by_user(sk))
365 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
368 /* icmp should have updated the destination cache entry */
369 dst = __sk_dst_check(sk, np->dst_cookie);
372 struct inet_sock *inet = inet_sk(sk);
375 /* BUGGG_FUTURE: Again, it is not clear how
376 to handle rthdr case. Ignore this complexity
379 memset(&fl, 0, sizeof(fl));
380 fl.proto = IPPROTO_TCP;
381 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
382 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
383 fl.oif = sk->sk_bound_dev_if;
384 fl.fl_ip_dport = inet->dport;
385 fl.fl_ip_sport = inet->sport;
386 security_skb_classify_flow(skb, &fl);
388 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
389 sk->sk_err_soft = -err;
393 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
394 sk->sk_err_soft = -err;
401 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
402 tcp_sync_mss(sk, dst_mtu(dst));
403 tcp_simple_retransmit(sk);
404 } /* else let the usual retransmit timer handle it */
409 icmpv6_err_convert(type, code, &err);
411 /* Might be for an request_sock */
412 switch (sk->sk_state) {
413 struct request_sock *req, **prev;
415 if (sock_owned_by_user(sk))
418 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
419 &hdr->saddr, inet6_iif(skb));
423 /* ICMPs are not backlogged, hence we cannot get
424 * an established socket here.
426 WARN_ON(req->sk != NULL);
428 if (seq != tcp_rsk(req)->snt_isn) {
429 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
433 inet_csk_reqsk_queue_drop(sk, req, prev);
437 case TCP_SYN_RECV: /* Cannot happen.
438 It can, it SYNs are crossed. --ANK */
439 if (!sock_owned_by_user(sk)) {
441 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
445 sk->sk_err_soft = err;
449 if (!sock_owned_by_user(sk) && np->recverr) {
451 sk->sk_error_report(sk);
453 sk->sk_err_soft = err;
461 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req)
463 struct inet6_request_sock *treq = inet6_rsk(req);
464 struct ipv6_pinfo *np = inet6_sk(sk);
465 struct sk_buff * skb;
466 struct ipv6_txoptions *opt = NULL;
467 struct in6_addr * final_p = NULL, final;
469 struct dst_entry *dst;
472 memset(&fl, 0, sizeof(fl));
473 fl.proto = IPPROTO_TCP;
474 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
475 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
476 fl.fl6_flowlabel = 0;
478 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
479 fl.fl_ip_sport = inet_sk(sk)->sport;
480 security_req_classify_flow(req, &fl);
483 if (opt && opt->srcrt) {
484 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
485 ipv6_addr_copy(&final, &fl.fl6_dst);
486 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
490 err = ip6_dst_lookup(sk, &dst, &fl);
494 ipv6_addr_copy(&fl.fl6_dst, final_p);
495 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
498 skb = tcp_make_synack(sk, dst, req);
500 struct tcphdr *th = tcp_hdr(skb);
502 th->check = tcp_v6_check(th, skb->len,
503 &treq->loc_addr, &treq->rmt_addr,
504 csum_partial((char *)th, skb->len, skb->csum));
506 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
507 err = ip6_xmit(sk, skb, &fl, opt, 0);
508 err = net_xmit_eval(err);
512 if (opt && opt != np->opt)
513 sock_kfree_s(sk, opt, opt->tot_len);
518 static inline void syn_flood_warning(struct sk_buff *skb)
520 #ifdef CONFIG_SYN_COOKIES
521 if (sysctl_tcp_syncookies)
523 "TCPv6: Possible SYN flooding on port %d. "
524 "Sending cookies.\n", ntohs(tcp_hdr(skb)->dest));
528 "TCPv6: Possible SYN flooding on port %d. "
529 "Dropping request.\n", ntohs(tcp_hdr(skb)->dest));
532 static void tcp_v6_reqsk_destructor(struct request_sock *req)
534 if (inet6_rsk(req)->pktopts)
535 kfree_skb(inet6_rsk(req)->pktopts);
538 #ifdef CONFIG_TCP_MD5SIG
539 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
540 struct in6_addr *addr)
542 struct tcp_sock *tp = tcp_sk(sk);
547 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
550 for (i = 0; i < tp->md5sig_info->entries6; i++) {
551 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, addr))
552 return &tp->md5sig_info->keys6[i].base;
557 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
558 struct sock *addr_sk)
560 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
563 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
564 struct request_sock *req)
566 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
569 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer,
570 char *newkey, u8 newkeylen)
572 /* Add key to the list */
573 struct tcp_md5sig_key *key;
574 struct tcp_sock *tp = tcp_sk(sk);
575 struct tcp6_md5sig_key *keys;
577 key = tcp_v6_md5_do_lookup(sk, peer);
579 /* modify existing entry - just update that one */
582 key->keylen = newkeylen;
584 /* reallocate new list if current one is full. */
585 if (!tp->md5sig_info) {
586 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
587 if (!tp->md5sig_info) {
591 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
593 if (tcp_alloc_md5sig_pool() == NULL) {
597 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
598 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
599 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
602 tcp_free_md5sig_pool();
607 if (tp->md5sig_info->entries6)
608 memmove(keys, tp->md5sig_info->keys6,
609 (sizeof (tp->md5sig_info->keys6[0]) *
610 tp->md5sig_info->entries6));
612 kfree(tp->md5sig_info->keys6);
613 tp->md5sig_info->keys6 = keys;
614 tp->md5sig_info->alloced6++;
617 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
619 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
620 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
622 tp->md5sig_info->entries6++;
627 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
628 u8 *newkey, __u8 newkeylen)
630 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
634 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer)
636 struct tcp_sock *tp = tcp_sk(sk);
639 for (i = 0; i < tp->md5sig_info->entries6; i++) {
640 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, peer)) {
642 kfree(tp->md5sig_info->keys6[i].base.key);
643 tp->md5sig_info->entries6--;
645 if (tp->md5sig_info->entries6 == 0) {
646 kfree(tp->md5sig_info->keys6);
647 tp->md5sig_info->keys6 = NULL;
648 tp->md5sig_info->alloced6 = 0;
650 /* shrink the database */
651 if (tp->md5sig_info->entries6 != i)
652 memmove(&tp->md5sig_info->keys6[i],
653 &tp->md5sig_info->keys6[i+1],
654 (tp->md5sig_info->entries6 - i)
655 * sizeof (tp->md5sig_info->keys6[0]));
657 tcp_free_md5sig_pool();
664 static void tcp_v6_clear_md5_list (struct sock *sk)
666 struct tcp_sock *tp = tcp_sk(sk);
669 if (tp->md5sig_info->entries6) {
670 for (i = 0; i < tp->md5sig_info->entries6; i++)
671 kfree(tp->md5sig_info->keys6[i].base.key);
672 tp->md5sig_info->entries6 = 0;
673 tcp_free_md5sig_pool();
676 kfree(tp->md5sig_info->keys6);
677 tp->md5sig_info->keys6 = NULL;
678 tp->md5sig_info->alloced6 = 0;
680 if (tp->md5sig_info->entries4) {
681 for (i = 0; i < tp->md5sig_info->entries4; i++)
682 kfree(tp->md5sig_info->keys4[i].base.key);
683 tp->md5sig_info->entries4 = 0;
684 tcp_free_md5sig_pool();
687 kfree(tp->md5sig_info->keys4);
688 tp->md5sig_info->keys4 = NULL;
689 tp->md5sig_info->alloced4 = 0;
692 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
695 struct tcp_md5sig cmd;
696 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
699 if (optlen < sizeof(cmd))
702 if (copy_from_user(&cmd, optval, sizeof(cmd)))
705 if (sin6->sin6_family != AF_INET6)
708 if (!cmd.tcpm_keylen) {
709 if (!tcp_sk(sk)->md5sig_info)
711 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
712 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
713 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
716 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
719 if (!tcp_sk(sk)->md5sig_info) {
720 struct tcp_sock *tp = tcp_sk(sk);
721 struct tcp_md5sig_info *p;
723 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
728 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
731 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
734 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
735 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
736 newkey, cmd.tcpm_keylen);
738 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
741 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
742 struct in6_addr *daddr,
743 struct in6_addr *saddr, int nbytes)
745 struct tcp6_pseudohdr *bp;
746 struct scatterlist sg;
748 bp = &hp->md5_blk.ip6;
749 /* 1. TCP pseudo-header (RFC2460) */
750 ipv6_addr_copy(&bp->saddr, saddr);
751 ipv6_addr_copy(&bp->daddr, daddr);
752 bp->protocol = cpu_to_be32(IPPROTO_TCP);
753 bp->len = cpu_to_be32(nbytes);
755 sg_init_one(&sg, bp, sizeof(*bp));
756 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
759 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
760 struct in6_addr *daddr, struct in6_addr *saddr,
763 struct tcp_md5sig_pool *hp;
764 struct hash_desc *desc;
766 hp = tcp_get_md5sig_pool();
768 goto clear_hash_noput;
769 desc = &hp->md5_desc;
771 if (crypto_hash_init(desc))
773 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
775 if (tcp_md5_hash_header(hp, th))
777 if (tcp_md5_hash_key(hp, key))
779 if (crypto_hash_final(desc, md5_hash))
782 tcp_put_md5sig_pool();
786 tcp_put_md5sig_pool();
788 memset(md5_hash, 0, 16);
792 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
793 struct sock *sk, struct request_sock *req,
796 struct in6_addr *saddr, *daddr;
797 struct tcp_md5sig_pool *hp;
798 struct hash_desc *desc;
799 struct tcphdr *th = tcp_hdr(skb);
802 saddr = &inet6_sk(sk)->saddr;
803 daddr = &inet6_sk(sk)->daddr;
805 saddr = &inet6_rsk(req)->loc_addr;
806 daddr = &inet6_rsk(req)->rmt_addr;
808 struct ipv6hdr *ip6h = ipv6_hdr(skb);
809 saddr = &ip6h->saddr;
810 daddr = &ip6h->daddr;
813 hp = tcp_get_md5sig_pool();
815 goto clear_hash_noput;
816 desc = &hp->md5_desc;
818 if (crypto_hash_init(desc))
821 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
823 if (tcp_md5_hash_header(hp, th))
825 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
827 if (tcp_md5_hash_key(hp, key))
829 if (crypto_hash_final(desc, md5_hash))
832 tcp_put_md5sig_pool();
836 tcp_put_md5sig_pool();
838 memset(md5_hash, 0, 16);
842 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
844 __u8 *hash_location = NULL;
845 struct tcp_md5sig_key *hash_expected;
846 struct ipv6hdr *ip6h = ipv6_hdr(skb);
847 struct tcphdr *th = tcp_hdr(skb);
851 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
852 hash_location = tcp_parse_md5sig_option(th);
854 /* We've parsed the options - do we have a hash? */
855 if (!hash_expected && !hash_location)
858 if (hash_expected && !hash_location) {
859 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
863 if (!hash_expected && hash_location) {
864 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
868 /* check the signature */
869 genhash = tcp_v6_md5_hash_skb(newhash,
873 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
874 if (net_ratelimit()) {
875 printk(KERN_INFO "MD5 Hash %s for "
876 "(" NIP6_FMT ", %u)->"
877 "(" NIP6_FMT ", %u)\n",
878 genhash ? "failed" : "mismatch",
879 NIP6(ip6h->saddr), ntohs(th->source),
880 NIP6(ip6h->daddr), ntohs(th->dest));
888 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
890 .obj_size = sizeof(struct tcp6_request_sock),
891 .rtx_syn_ack = tcp_v6_send_synack,
892 .send_ack = tcp_v6_reqsk_send_ack,
893 .destructor = tcp_v6_reqsk_destructor,
894 .send_reset = tcp_v6_send_reset
897 #ifdef CONFIG_TCP_MD5SIG
898 static struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
899 .md5_lookup = tcp_v6_reqsk_md5_lookup,
903 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
904 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
905 .twsk_unique = tcp_twsk_unique,
906 .twsk_destructor= tcp_twsk_destructor,
909 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb)
911 struct ipv6_pinfo *np = inet6_sk(sk);
912 struct tcphdr *th = tcp_hdr(skb);
914 if (skb->ip_summed == CHECKSUM_PARTIAL) {
915 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
916 skb->csum_start = skb_transport_header(skb) - skb->head;
917 skb->csum_offset = offsetof(struct tcphdr, check);
919 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
920 csum_partial((char *)th, th->doff<<2,
925 static int tcp_v6_gso_send_check(struct sk_buff *skb)
927 struct ipv6hdr *ipv6h;
930 if (!pskb_may_pull(skb, sizeof(*th)))
933 ipv6h = ipv6_hdr(skb);
937 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
939 skb->csum_start = skb_transport_header(skb) - skb->head;
940 skb->csum_offset = offsetof(struct tcphdr, check);
941 skb->ip_summed = CHECKSUM_PARTIAL;
945 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
946 u32 ts, struct tcp_md5sig_key *key, int rst)
948 struct tcphdr *th = tcp_hdr(skb), *t1;
949 struct sk_buff *buff;
951 struct net *net = dev_net(skb->dst->dev);
952 struct sock *ctl_sk = net->ipv6.tcp_sk;
953 unsigned int tot_len = sizeof(struct tcphdr);
957 tot_len += TCPOLEN_TSTAMP_ALIGNED;
958 #ifdef CONFIG_TCP_MD5SIG
960 tot_len += TCPOLEN_MD5SIG_ALIGNED;
963 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
968 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
970 t1 = (struct tcphdr *) skb_push(buff, tot_len);
972 /* Swap the send and the receive. */
973 memset(t1, 0, sizeof(*t1));
974 t1->dest = th->source;
975 t1->source = th->dest;
976 t1->doff = tot_len / 4;
977 t1->seq = htonl(seq);
978 t1->ack_seq = htonl(ack);
979 t1->ack = !rst || !th->ack;
981 t1->window = htons(win);
983 topt = (__be32 *)(t1 + 1);
986 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
987 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
988 *topt++ = htonl(tcp_time_stamp);
992 #ifdef CONFIG_TCP_MD5SIG
994 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
995 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
996 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
997 &ipv6_hdr(skb)->saddr,
998 &ipv6_hdr(skb)->daddr, t1);
1002 buff->csum = csum_partial((char *)t1, tot_len, 0);
1004 memset(&fl, 0, sizeof(fl));
1005 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1006 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1008 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1009 tot_len, IPPROTO_TCP,
1012 fl.proto = IPPROTO_TCP;
1013 fl.oif = inet6_iif(skb);
1014 fl.fl_ip_dport = t1->dest;
1015 fl.fl_ip_sport = t1->source;
1016 security_skb_classify_flow(skb, &fl);
1018 /* Pass a socket to ip6_dst_lookup either it is for RST
1019 * Underlying function will use this to retrieve the network
1022 if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) {
1023 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1024 ip6_xmit(ctl_sk, buff, &fl, NULL, 0);
1025 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
1027 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
1035 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
1037 struct tcphdr *th = tcp_hdr(skb);
1038 u32 seq = 0, ack_seq = 0;
1039 #ifdef CONFIG_TCP_MD5SIG
1040 struct tcp_md5sig_key *key;
1046 if (!ipv6_unicast_destination(skb))
1049 #ifdef CONFIG_TCP_MD5SIG
1051 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr);
1057 seq = ntohl(th->ack_seq);
1059 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
1062 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1);
1065 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts,
1066 struct tcp_md5sig_key *key)
1068 tcp_v6_send_response(skb, seq, ack, win, ts, key, 0);
1071 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1073 struct inet_timewait_sock *tw = inet_twsk(sk);
1074 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1076 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1077 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1078 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw));
1083 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
1084 struct request_sock *req)
1086 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent,
1087 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr));
1091 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1093 struct request_sock *req, **prev;
1094 const struct tcphdr *th = tcp_hdr(skb);
1097 /* Find possible connection requests. */
1098 req = inet6_csk_search_req(sk, &prev, th->source,
1099 &ipv6_hdr(skb)->saddr,
1100 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1102 return tcp_check_req(sk, skb, req, prev);
1104 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
1105 &ipv6_hdr(skb)->saddr, th->source,
1106 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1109 if (nsk->sk_state != TCP_TIME_WAIT) {
1113 inet_twsk_put(inet_twsk(nsk));
1117 #ifdef CONFIG_SYN_COOKIES
1118 if (!th->rst && !th->syn && th->ack)
1119 sk = cookie_v6_check(sk, skb);
1124 /* FIXME: this is substantially similar to the ipv4 code.
1125 * Can some kind of merge be done? -- erics
1127 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1129 struct inet6_request_sock *treq;
1130 struct ipv6_pinfo *np = inet6_sk(sk);
1131 struct tcp_options_received tmp_opt;
1132 struct tcp_sock *tp = tcp_sk(sk);
1133 struct request_sock *req = NULL;
1134 __u32 isn = TCP_SKB_CB(skb)->when;
1135 #ifdef CONFIG_SYN_COOKIES
1136 int want_cookie = 0;
1138 #define want_cookie 0
1141 if (skb->protocol == htons(ETH_P_IP))
1142 return tcp_v4_conn_request(sk, skb);
1144 if (!ipv6_unicast_destination(skb))
1147 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1148 if (net_ratelimit())
1149 syn_flood_warning(skb);
1150 #ifdef CONFIG_SYN_COOKIES
1151 if (sysctl_tcp_syncookies)
1158 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1161 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1165 #ifdef CONFIG_TCP_MD5SIG
1166 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1169 tcp_clear_options(&tmp_opt);
1170 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1171 tmp_opt.user_mss = tp->rx_opt.user_mss;
1173 tcp_parse_options(skb, &tmp_opt, 0);
1175 if (want_cookie && !tmp_opt.saw_tstamp)
1176 tcp_clear_options(&tmp_opt);
1178 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1179 tcp_openreq_init(req, &tmp_opt, skb);
1181 treq = inet6_rsk(req);
1182 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1183 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1185 TCP_ECN_create_request(req, tcp_hdr(skb));
1188 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1189 req->cookie_ts = tmp_opt.tstamp_ok;
1191 if (ipv6_opt_accepted(sk, skb) ||
1192 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1193 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1194 atomic_inc(&skb->users);
1195 treq->pktopts = skb;
1197 treq->iif = sk->sk_bound_dev_if;
1199 /* So that link locals have meaning */
1200 if (!sk->sk_bound_dev_if &&
1201 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1202 treq->iif = inet6_iif(skb);
1204 isn = tcp_v6_init_sequence(skb);
1207 tcp_rsk(req)->snt_isn = isn;
1209 security_inet_conn_request(sk, skb, req);
1211 if (tcp_v6_send_synack(sk, req))
1215 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1223 return 0; /* don't send reset */
1226 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1227 struct request_sock *req,
1228 struct dst_entry *dst)
1230 struct inet6_request_sock *treq;
1231 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1232 struct tcp6_sock *newtcp6sk;
1233 struct inet_sock *newinet;
1234 struct tcp_sock *newtp;
1236 struct ipv6_txoptions *opt;
1237 #ifdef CONFIG_TCP_MD5SIG
1238 struct tcp_md5sig_key *key;
1241 if (skb->protocol == htons(ETH_P_IP)) {
1246 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1251 newtcp6sk = (struct tcp6_sock *)newsk;
1252 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1254 newinet = inet_sk(newsk);
1255 newnp = inet6_sk(newsk);
1256 newtp = tcp_sk(newsk);
1258 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1260 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
1263 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
1266 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1268 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1269 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1270 #ifdef CONFIG_TCP_MD5SIG
1271 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1274 newnp->pktoptions = NULL;
1276 newnp->mcast_oif = inet6_iif(skb);
1277 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1280 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1281 * here, tcp_create_openreq_child now does this for us, see the comment in
1282 * that function for the gory details. -acme
1285 /* It is tricky place. Until this moment IPv4 tcp
1286 worked with IPv6 icsk.icsk_af_ops.
1289 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1294 treq = inet6_rsk(req);
1297 if (sk_acceptq_is_full(sk))
1301 struct in6_addr *final_p = NULL, final;
1304 memset(&fl, 0, sizeof(fl));
1305 fl.proto = IPPROTO_TCP;
1306 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1307 if (opt && opt->srcrt) {
1308 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
1309 ipv6_addr_copy(&final, &fl.fl6_dst);
1310 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1313 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1314 fl.oif = sk->sk_bound_dev_if;
1315 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1316 fl.fl_ip_sport = inet_sk(sk)->sport;
1317 security_req_classify_flow(req, &fl);
1319 if (ip6_dst_lookup(sk, &dst, &fl))
1323 ipv6_addr_copy(&fl.fl6_dst, final_p);
1325 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
1329 newsk = tcp_create_openreq_child(sk, req, skb);
1334 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1335 * count here, tcp_create_openreq_child now does this for us, see the
1336 * comment in that function for the gory details. -acme
1339 newsk->sk_gso_type = SKB_GSO_TCPV6;
1340 __ip6_dst_store(newsk, dst, NULL, NULL);
1342 newtcp6sk = (struct tcp6_sock *)newsk;
1343 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1345 newtp = tcp_sk(newsk);
1346 newinet = inet_sk(newsk);
1347 newnp = inet6_sk(newsk);
1349 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1351 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1352 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1353 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1354 newsk->sk_bound_dev_if = treq->iif;
1356 /* Now IPv6 options...
1358 First: no IPv4 options.
1360 newinet->opt = NULL;
1361 newnp->ipv6_fl_list = NULL;
1364 newnp->rxopt.all = np->rxopt.all;
1366 /* Clone pktoptions received with SYN */
1367 newnp->pktoptions = NULL;
1368 if (treq->pktopts != NULL) {
1369 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1370 kfree_skb(treq->pktopts);
1371 treq->pktopts = NULL;
1372 if (newnp->pktoptions)
1373 skb_set_owner_r(newnp->pktoptions, newsk);
1376 newnp->mcast_oif = inet6_iif(skb);
1377 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1379 /* Clone native IPv6 options from listening socket (if any)
1381 Yes, keeping reference count would be much more clever,
1382 but we make one more one thing there: reattach optmem
1386 newnp->opt = ipv6_dup_options(newsk, opt);
1388 sock_kfree_s(sk, opt, opt->tot_len);
1391 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1393 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1394 newnp->opt->opt_flen);
1396 tcp_mtup_init(newsk);
1397 tcp_sync_mss(newsk, dst_mtu(dst));
1398 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1399 tcp_initialize_rcv_mss(newsk);
1401 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
1403 #ifdef CONFIG_TCP_MD5SIG
1404 /* Copy over the MD5 key from the original socket */
1405 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1406 /* We're using one, so create a matching key
1407 * on the newsk structure. If we fail to get
1408 * memory, then we end up not copying the key
1411 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1413 tcp_v6_md5_do_add(newsk, &inet6_sk(sk)->daddr,
1414 newkey, key->keylen);
1418 __inet6_hash(newsk);
1419 __inet_inherit_port(sk, newsk);
1424 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1426 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1427 if (opt && opt != np->opt)
1428 sock_kfree_s(sk, opt, opt->tot_len);
1433 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1435 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1436 if (!tcp_v6_check(tcp_hdr(skb), skb->len, &ipv6_hdr(skb)->saddr,
1437 &ipv6_hdr(skb)->daddr, skb->csum)) {
1438 skb->ip_summed = CHECKSUM_UNNECESSARY;
1443 skb->csum = ~csum_unfold(tcp_v6_check(tcp_hdr(skb), skb->len,
1444 &ipv6_hdr(skb)->saddr,
1445 &ipv6_hdr(skb)->daddr, 0));
1447 if (skb->len <= 76) {
1448 return __skb_checksum_complete(skb);
1453 /* The socket must have it's spinlock held when we get
1456 * We have a potential double-lock case here, so even when
1457 * doing backlog processing we use the BH locking scheme.
1458 * This is because we cannot sleep with the original spinlock
1461 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1463 struct ipv6_pinfo *np = inet6_sk(sk);
1464 struct tcp_sock *tp;
1465 struct sk_buff *opt_skb = NULL;
1467 /* Imagine: socket is IPv6. IPv4 packet arrives,
1468 goes to IPv4 receive handler and backlogged.
1469 From backlog it always goes here. Kerboom...
1470 Fortunately, tcp_rcv_established and rcv_established
1471 handle them correctly, but it is not case with
1472 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1475 if (skb->protocol == htons(ETH_P_IP))
1476 return tcp_v4_do_rcv(sk, skb);
1478 #ifdef CONFIG_TCP_MD5SIG
1479 if (tcp_v6_inbound_md5_hash (sk, skb))
1483 if (sk_filter(sk, skb))
1487 * socket locking is here for SMP purposes as backlog rcv
1488 * is currently called with bh processing disabled.
1491 /* Do Stevens' IPV6_PKTOPTIONS.
1493 Yes, guys, it is the only place in our code, where we
1494 may make it not affecting IPv4.
1495 The rest of code is protocol independent,
1496 and I do not like idea to uglify IPv4.
1498 Actually, all the idea behind IPV6_PKTOPTIONS
1499 looks not very well thought. For now we latch
1500 options, received in the last packet, enqueued
1501 by tcp. Feel free to propose better solution.
1505 opt_skb = skb_clone(skb, GFP_ATOMIC);
1507 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1508 TCP_CHECK_TIMER(sk);
1509 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1511 TCP_CHECK_TIMER(sk);
1513 goto ipv6_pktoptions;
1517 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1520 if (sk->sk_state == TCP_LISTEN) {
1521 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1526 * Queue it on the new socket if the new socket is active,
1527 * otherwise we just shortcircuit this and continue with
1531 if (tcp_child_process(sk, nsk, skb))
1534 __kfree_skb(opt_skb);
1539 TCP_CHECK_TIMER(sk);
1540 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1542 TCP_CHECK_TIMER(sk);
1544 goto ipv6_pktoptions;
1548 tcp_v6_send_reset(sk, skb);
1551 __kfree_skb(opt_skb);
1555 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1560 /* Do you ask, what is it?
1562 1. skb was enqueued by tcp.
1563 2. skb is added to tail of read queue, rather than out of order.
1564 3. socket is not in passive state.
1565 4. Finally, it really contains options, which user wants to receive.
1568 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1569 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1570 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1571 np->mcast_oif = inet6_iif(opt_skb);
1572 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1573 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1574 if (ipv6_opt_accepted(sk, opt_skb)) {
1575 skb_set_owner_r(opt_skb, sk);
1576 opt_skb = xchg(&np->pktoptions, opt_skb);
1578 __kfree_skb(opt_skb);
1579 opt_skb = xchg(&np->pktoptions, NULL);
1588 static int tcp_v6_rcv(struct sk_buff *skb)
1593 struct net *net = dev_net(skb->dev);
1595 if (skb->pkt_type != PACKET_HOST)
1599 * Count it even if it's bad.
1601 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1603 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1608 if (th->doff < sizeof(struct tcphdr)/4)
1610 if (!pskb_may_pull(skb, th->doff*4))
1613 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1617 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1618 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1619 skb->len - th->doff*4);
1620 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1621 TCP_SKB_CB(skb)->when = 0;
1622 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(ipv6_hdr(skb));
1623 TCP_SKB_CB(skb)->sacked = 0;
1625 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1630 if (sk->sk_state == TCP_TIME_WAIT)
1633 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1634 goto discard_and_relse;
1636 if (sk_filter(sk, skb))
1637 goto discard_and_relse;
1641 bh_lock_sock_nested(sk);
1643 if (!sock_owned_by_user(sk)) {
1644 #ifdef CONFIG_NET_DMA
1645 struct tcp_sock *tp = tcp_sk(sk);
1646 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1647 tp->ucopy.dma_chan = get_softnet_dma();
1648 if (tp->ucopy.dma_chan)
1649 ret = tcp_v6_do_rcv(sk, skb);
1653 if (!tcp_prequeue(sk, skb))
1654 ret = tcp_v6_do_rcv(sk, skb);
1657 sk_add_backlog(sk, skb);
1661 return ret ? -1 : 0;
1664 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1667 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1669 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1671 tcp_v6_send_reset(NULL, skb);
1688 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1689 inet_twsk_put(inet_twsk(sk));
1693 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1694 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1695 inet_twsk_put(inet_twsk(sk));
1699 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1704 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1705 &ipv6_hdr(skb)->daddr,
1706 ntohs(th->dest), inet6_iif(skb));
1708 struct inet_timewait_sock *tw = inet_twsk(sk);
1709 inet_twsk_deschedule(tw, &tcp_death_row);
1714 /* Fall through to ACK */
1717 tcp_v6_timewait_ack(sk, skb);
1721 case TCP_TW_SUCCESS:;
1726 static int tcp_v6_remember_stamp(struct sock *sk)
1728 /* Alas, not yet... */
1732 static struct inet_connection_sock_af_ops ipv6_specific = {
1733 .queue_xmit = inet6_csk_xmit,
1734 .send_check = tcp_v6_send_check,
1735 .rebuild_header = inet6_sk_rebuild_header,
1736 .conn_request = tcp_v6_conn_request,
1737 .syn_recv_sock = tcp_v6_syn_recv_sock,
1738 .remember_stamp = tcp_v6_remember_stamp,
1739 .net_header_len = sizeof(struct ipv6hdr),
1740 .setsockopt = ipv6_setsockopt,
1741 .getsockopt = ipv6_getsockopt,
1742 .addr2sockaddr = inet6_csk_addr2sockaddr,
1743 .sockaddr_len = sizeof(struct sockaddr_in6),
1744 .bind_conflict = inet6_csk_bind_conflict,
1745 #ifdef CONFIG_COMPAT
1746 .compat_setsockopt = compat_ipv6_setsockopt,
1747 .compat_getsockopt = compat_ipv6_getsockopt,
1751 #ifdef CONFIG_TCP_MD5SIG
1752 static struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1753 .md5_lookup = tcp_v6_md5_lookup,
1754 .calc_md5_hash = tcp_v6_md5_hash_skb,
1755 .md5_add = tcp_v6_md5_add_func,
1756 .md5_parse = tcp_v6_parse_md5_keys,
1761 * TCP over IPv4 via INET6 API
1764 static struct inet_connection_sock_af_ops ipv6_mapped = {
1765 .queue_xmit = ip_queue_xmit,
1766 .send_check = tcp_v4_send_check,
1767 .rebuild_header = inet_sk_rebuild_header,
1768 .conn_request = tcp_v6_conn_request,
1769 .syn_recv_sock = tcp_v6_syn_recv_sock,
1770 .remember_stamp = tcp_v4_remember_stamp,
1771 .net_header_len = sizeof(struct iphdr),
1772 .setsockopt = ipv6_setsockopt,
1773 .getsockopt = ipv6_getsockopt,
1774 .addr2sockaddr = inet6_csk_addr2sockaddr,
1775 .sockaddr_len = sizeof(struct sockaddr_in6),
1776 .bind_conflict = inet6_csk_bind_conflict,
1777 #ifdef CONFIG_COMPAT
1778 .compat_setsockopt = compat_ipv6_setsockopt,
1779 .compat_getsockopt = compat_ipv6_getsockopt,
1783 #ifdef CONFIG_TCP_MD5SIG
1784 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1785 .md5_lookup = tcp_v4_md5_lookup,
1786 .calc_md5_hash = tcp_v4_md5_hash_skb,
1787 .md5_add = tcp_v6_md5_add_func,
1788 .md5_parse = tcp_v6_parse_md5_keys,
1792 /* NOTE: A lot of things set to zero explicitly by call to
1793 * sk_alloc() so need not be done here.
1795 static int tcp_v6_init_sock(struct sock *sk)
1797 struct inet_connection_sock *icsk = inet_csk(sk);
1798 struct tcp_sock *tp = tcp_sk(sk);
1800 skb_queue_head_init(&tp->out_of_order_queue);
1801 tcp_init_xmit_timers(sk);
1802 tcp_prequeue_init(tp);
1804 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1805 tp->mdev = TCP_TIMEOUT_INIT;
1807 /* So many TCP implementations out there (incorrectly) count the
1808 * initial SYN frame in their delayed-ACK and congestion control
1809 * algorithms that we must have the following bandaid to talk
1810 * efficiently to them. -DaveM
1814 /* See draft-stevens-tcpca-spec-01 for discussion of the
1815 * initialization of these values.
1817 tp->snd_ssthresh = 0x7fffffff;
1818 tp->snd_cwnd_clamp = ~0;
1819 tp->mss_cache = 536;
1821 tp->reordering = sysctl_tcp_reordering;
1823 sk->sk_state = TCP_CLOSE;
1825 icsk->icsk_af_ops = &ipv6_specific;
1826 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1827 icsk->icsk_sync_mss = tcp_sync_mss;
1828 sk->sk_write_space = sk_stream_write_space;
1829 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1831 #ifdef CONFIG_TCP_MD5SIG
1832 tp->af_specific = &tcp_sock_ipv6_specific;
1835 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1836 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1838 atomic_inc(&tcp_sockets_allocated);
1843 static void tcp_v6_destroy_sock(struct sock *sk)
1845 #ifdef CONFIG_TCP_MD5SIG
1846 /* Clean up the MD5 key list */
1847 if (tcp_sk(sk)->md5sig_info)
1848 tcp_v6_clear_md5_list(sk);
1850 tcp_v4_destroy_sock(sk);
1851 inet6_destroy_sock(sk);
1854 #ifdef CONFIG_PROC_FS
1855 /* Proc filesystem TCPv6 sock list dumping. */
1856 static void get_openreq6(struct seq_file *seq,
1857 struct sock *sk, struct request_sock *req, int i, int uid)
1859 int ttd = req->expires - jiffies;
1860 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1861 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1867 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1868 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1870 src->s6_addr32[0], src->s6_addr32[1],
1871 src->s6_addr32[2], src->s6_addr32[3],
1872 ntohs(inet_sk(sk)->sport),
1873 dest->s6_addr32[0], dest->s6_addr32[1],
1874 dest->s6_addr32[2], dest->s6_addr32[3],
1875 ntohs(inet_rsk(req)->rmt_port),
1877 0,0, /* could print option size, but that is af dependent. */
1878 1, /* timers active (only the expire timer) */
1879 jiffies_to_clock_t(ttd),
1882 0, /* non standard timer */
1883 0, /* open_requests have no inode */
1887 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1889 struct in6_addr *dest, *src;
1892 unsigned long timer_expires;
1893 struct inet_sock *inet = inet_sk(sp);
1894 struct tcp_sock *tp = tcp_sk(sp);
1895 const struct inet_connection_sock *icsk = inet_csk(sp);
1896 struct ipv6_pinfo *np = inet6_sk(sp);
1899 src = &np->rcv_saddr;
1900 destp = ntohs(inet->dport);
1901 srcp = ntohs(inet->sport);
1903 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1905 timer_expires = icsk->icsk_timeout;
1906 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1908 timer_expires = icsk->icsk_timeout;
1909 } else if (timer_pending(&sp->sk_timer)) {
1911 timer_expires = sp->sk_timer.expires;
1914 timer_expires = jiffies;
1918 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1919 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %lu %lu %u %u %d\n",
1921 src->s6_addr32[0], src->s6_addr32[1],
1922 src->s6_addr32[2], src->s6_addr32[3], srcp,
1923 dest->s6_addr32[0], dest->s6_addr32[1],
1924 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1926 tp->write_seq-tp->snd_una,
1927 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1929 jiffies_to_clock_t(timer_expires - jiffies),
1930 icsk->icsk_retransmits,
1932 icsk->icsk_probes_out,
1934 atomic_read(&sp->sk_refcnt), sp,
1935 jiffies_to_clock_t(icsk->icsk_rto),
1936 jiffies_to_clock_t(icsk->icsk_ack.ato),
1937 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1938 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
1942 static void get_timewait6_sock(struct seq_file *seq,
1943 struct inet_timewait_sock *tw, int i)
1945 struct in6_addr *dest, *src;
1947 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
1948 int ttd = tw->tw_ttd - jiffies;
1953 dest = &tw6->tw_v6_daddr;
1954 src = &tw6->tw_v6_rcv_saddr;
1955 destp = ntohs(tw->tw_dport);
1956 srcp = ntohs(tw->tw_sport);
1959 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1960 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1962 src->s6_addr32[0], src->s6_addr32[1],
1963 src->s6_addr32[2], src->s6_addr32[3], srcp,
1964 dest->s6_addr32[0], dest->s6_addr32[1],
1965 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1966 tw->tw_substate, 0, 0,
1967 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
1968 atomic_read(&tw->tw_refcnt), tw);
1971 static int tcp6_seq_show(struct seq_file *seq, void *v)
1973 struct tcp_iter_state *st;
1975 if (v == SEQ_START_TOKEN) {
1980 "st tx_queue rx_queue tr tm->when retrnsmt"
1981 " uid timeout inode\n");
1986 switch (st->state) {
1987 case TCP_SEQ_STATE_LISTENING:
1988 case TCP_SEQ_STATE_ESTABLISHED:
1989 get_tcp6_sock(seq, v, st->num);
1991 case TCP_SEQ_STATE_OPENREQ:
1992 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
1994 case TCP_SEQ_STATE_TIME_WAIT:
1995 get_timewait6_sock(seq, v, st->num);
2002 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2006 .owner = THIS_MODULE,
2009 .show = tcp6_seq_show,
2013 int tcp6_proc_init(struct net *net)
2015 return tcp_proc_register(net, &tcp6_seq_afinfo);
2018 void tcp6_proc_exit(struct net *net)
2020 tcp_proc_unregister(net, &tcp6_seq_afinfo);
2024 struct proto tcpv6_prot = {
2026 .owner = THIS_MODULE,
2028 .connect = tcp_v6_connect,
2029 .disconnect = tcp_disconnect,
2030 .accept = inet_csk_accept,
2032 .init = tcp_v6_init_sock,
2033 .destroy = tcp_v6_destroy_sock,
2034 .shutdown = tcp_shutdown,
2035 .setsockopt = tcp_setsockopt,
2036 .getsockopt = tcp_getsockopt,
2037 .recvmsg = tcp_recvmsg,
2038 .backlog_rcv = tcp_v6_do_rcv,
2039 .hash = tcp_v6_hash,
2040 .unhash = inet_unhash,
2041 .get_port = inet_csk_get_port,
2042 .enter_memory_pressure = tcp_enter_memory_pressure,
2043 .sockets_allocated = &tcp_sockets_allocated,
2044 .memory_allocated = &tcp_memory_allocated,
2045 .memory_pressure = &tcp_memory_pressure,
2046 .orphan_count = &tcp_orphan_count,
2047 .sysctl_mem = sysctl_tcp_mem,
2048 .sysctl_wmem = sysctl_tcp_wmem,
2049 .sysctl_rmem = sysctl_tcp_rmem,
2050 .max_header = MAX_TCP_HEADER,
2051 .obj_size = sizeof(struct tcp6_sock),
2052 .twsk_prot = &tcp6_timewait_sock_ops,
2053 .rsk_prot = &tcp6_request_sock_ops,
2054 .h.hashinfo = &tcp_hashinfo,
2055 #ifdef CONFIG_COMPAT
2056 .compat_setsockopt = compat_tcp_setsockopt,
2057 .compat_getsockopt = compat_tcp_getsockopt,
2061 static struct inet6_protocol tcpv6_protocol = {
2062 .handler = tcp_v6_rcv,
2063 .err_handler = tcp_v6_err,
2064 .gso_send_check = tcp_v6_gso_send_check,
2065 .gso_segment = tcp_tso_segment,
2066 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2069 static struct inet_protosw tcpv6_protosw = {
2070 .type = SOCK_STREAM,
2071 .protocol = IPPROTO_TCP,
2072 .prot = &tcpv6_prot,
2073 .ops = &inet6_stream_ops,
2076 .flags = INET_PROTOSW_PERMANENT |
2080 static int tcpv6_net_init(struct net *net)
2082 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2083 SOCK_RAW, IPPROTO_TCP, net);
2086 static void tcpv6_net_exit(struct net *net)
2088 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2089 inet_twsk_purge(net, &tcp_hashinfo, &tcp_death_row, AF_INET6);
2092 static struct pernet_operations tcpv6_net_ops = {
2093 .init = tcpv6_net_init,
2094 .exit = tcpv6_net_exit,
2097 int __init tcpv6_init(void)
2101 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2105 /* register inet6 protocol */
2106 ret = inet6_register_protosw(&tcpv6_protosw);
2108 goto out_tcpv6_protocol;
2110 ret = register_pernet_subsys(&tcpv6_net_ops);
2112 goto out_tcpv6_protosw;
2117 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2119 inet6_unregister_protosw(&tcpv6_protosw);
2123 void tcpv6_exit(void)
2125 unregister_pernet_subsys(&tcpv6_net_ops);
2126 inet6_unregister_protosw(&tcpv6_protosw);
2127 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);