]> git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/blame - net/ipv6/tcp_ipv6.c
projects / mirror_ubuntu-focal-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
[mirror_ubuntu-focal-kernel.git] / net / ipv6 / tcp_ipv6.c
CommitLineData
2874c5fd 1// SPDX-License-Identifier: GPL-2.0-or-later
1da177e4
LT		 2/*
3 * TCP over IPv6
1ab1457c 4 * Linux INET6 implementation
1da177e4
LT		 5 *
6 * Authors:
1ab1457c 7 * Pedro Roque <roque@di.fc.ul.pt>
1da177e4 8 *
1ab1457c 9 * Based on:
1da177e4
LT		 10 * linux/net/ipv4/tcp.c
11 * linux/net/ipv4/tcp_input.c
12 * linux/net/ipv4/tcp_output.c
13 *
14 * Fixes:
15 * Hideaki YOSHIFUJI : sin6_scope_id support
16 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
17 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
18 * a single port at the same time.
19 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
1da177e4
LT		 20 */
21
eb4dea58 22#include <linux/bottom_half.h>
1da177e4 23#include <linux/module.h>
1da177e4
LT		 24#include <linux/errno.h>
25#include <linux/types.h>
26#include <linux/socket.h>
27#include <linux/sockios.h>
28#include <linux/net.h>
29#include <linux/jiffies.h>
30#include <linux/in.h>
31#include <linux/in6.h>
32#include <linux/netdevice.h>
33#include <linux/init.h>
34#include <linux/jhash.h>
35#include <linux/ipsec.h>
36#include <linux/times.h>
5a0e3ad6 37#include <linux/slab.h>
4aa956d8 38#include <linux/uaccess.h>
1da177e4
LT		 39#include <linux/ipv6.h>
40#include <linux/icmpv6.h>
41#include <linux/random.h>
0e219ae4 42#include <linux/indirect_call_wrapper.h>
1da177e4
LT		 43
44#include <net/tcp.h>
45#include <net/ndisc.h>
5324a040 46#include <net/inet6_hashtables.h>
8129765a 47#include <net/inet6_connection_sock.h>
1da177e4
LT		 48#include <net/ipv6.h>
49#include <net/transp_v6.h>
50#include <net/addrconf.h>
51#include <net/ip6_route.h>
52#include <net/ip6_checksum.h>
53#include <net/inet_ecn.h>
54#include <net/protocol.h>
55#include <net/xfrm.h>
1da177e4
LT		 56#include <net/snmp.h>
57#include <net/dsfield.h>
6d6ee43e 58#include <net/timewait_sock.h>
3d58b5fa 59#include <net/inet_common.h>
6e5714ea 60#include <net/secure_seq.h>
076bb0c8 61#include <net/busy_poll.h>
1da177e4 62
1da177e4
LT		 63#include <linux/proc_fs.h>
64#include <linux/seq_file.h>
65
cf80e0e4 66#include <crypto/hash.h>
cfb6eeb4
YH		 67#include <linux/scatterlist.h>
68
c24b14c4
SL		 69#include <trace/events/tcp.h>
70
a00e7444
ED		 71static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
72static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
6edafaaf 73 struct request_sock *req);
1da177e4
LT		 74
75static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
1da177e4 76
3b401a81
SH		 77static const struct inet_connection_sock_af_ops ipv6_mapped;
78static const struct inet_connection_sock_af_ops ipv6_specific;
a928630a 79#ifdef CONFIG_TCP_MD5SIG
b2e4b3de
SH		 80static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
81static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
9501f972 82#else
51723935 83static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
b71d1d42 84 const struct in6_addr *addr)
9501f972
YH		 85{
86 return NULL;
87}
a928630a 88#endif
1da177e4 89
93a77c11
ED		 90/* Helper returning the inet6 address from a given tcp socket.
91 * It can be used in TCP stack instead of inet6_sk(sk).
92 * This avoids a dereference and allow compiler optimizations.
f5d54767 93 * It is a specialized version of inet6_sk_generic().
93a77c11
ED		 94 */
95static struct ipv6_pinfo *tcp_inet6_sk(const struct sock *sk)
96{
f5d54767 97 unsigned int offset = sizeof(struct tcp6_sock) - sizeof(struct ipv6_pinfo);
93a77c11 98
f5d54767 99 return (struct ipv6_pinfo *)(((u8 *)sk) + offset);
93a77c11
ED		 100}
101
fae6ef87
NC		 102static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
103{
104 struct dst_entry *dst = skb_dst(skb);
fae6ef87 105
5037e9ef 106 if (dst && dst_hold_safe(dst)) {
ca777eff
ED		 107 const struct rt6_info *rt = (const struct rt6_info *)dst;
108
ca777eff
ED		 109 sk->sk_rx_dst = dst;
110 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
93a77c11 111 tcp_inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt);
ca777eff 112 }
fae6ef87
NC		 113}
114
84b114b9 115static u32 tcp_v6_init_seq(const struct sk_buff *skb)
1da177e4 116{
84b114b9
ED		 117 return secure_tcpv6_seq(ipv6_hdr(skb)->daddr.s6_addr32,
118 ipv6_hdr(skb)->saddr.s6_addr32,
119 tcp_hdr(skb)->dest,
120 tcp_hdr(skb)->source);
121}
122
5d2ed052 123static u32 tcp_v6_init_ts_off(const struct net *net, const struct sk_buff *skb)
84b114b9 124{
5d2ed052 125 return secure_tcpv6_ts_off(net, ipv6_hdr(skb)->daddr.s6_addr32,
84b114b9 126 ipv6_hdr(skb)->saddr.s6_addr32);
1da177e4
LT		 127}
128
d74bad4e
AI		 129static int tcp_v6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
130 int addr_len)
131{
132 /* This check is replicated from tcp_v6_connect() and intended to
133 * prevent BPF program called below from accessing bytes that are out
134 * of the bound specified by user in addr_len.
135 */
136 if (addr_len < SIN6_LEN_RFC2133)
137 return -EINVAL;
138
139 sock_owned_by_me(sk);
140
141 return BPF_CGROUP_RUN_PROG_INET6_CONNECT(sk, uaddr);
142}
143
1ab1457c 144static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
1da177e4
LT		 145 int addr_len)
146{
147 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
1ab1457c 148 struct inet_sock *inet = inet_sk(sk);
d83d8461 149 struct inet_connection_sock *icsk = inet_csk(sk);
93a77c11 150 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1da177e4 151 struct tcp_sock *tp = tcp_sk(sk);
20c59de2 152 struct in6_addr *saddr = NULL, *final_p, final;
45f6fad8 153 struct ipv6_txoptions *opt;
4c9483b2 154 struct flowi6 fl6;
1da177e4
LT		 155 struct dst_entry *dst;
156 int addr_type;
157 int err;
1946e672 158 struct inet_timewait_death_row *tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row;
1da177e4 159
1ab1457c 160 if (addr_len < SIN6_LEN_RFC2133)
1da177e4
LT		 161 return -EINVAL;
162
1ab1457c 163 if (usin->sin6_family != AF_INET6)
a02cec21 164 return -EAFNOSUPPORT;
1da177e4 165
4c9483b2 166 memset(&fl6, 0, sizeof(fl6));
1da177e4
LT		 167
168 if (np->sndflow) {
4c9483b2
DM		 169 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
170 IP6_ECN_flow_init(fl6.flowlabel);
171 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
1da177e4 172 struct ip6_flowlabel *flowlabel;
4c9483b2 173 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
63159f29 174 if (!flowlabel)
1da177e4 175 return -EINVAL;
1da177e4
LT		 176 fl6_sock_release(flowlabel);
177 }
178 }
179
180 /*
1ab1457c
YH		 181 * connect() to INADDR_ANY means loopback (BSD'ism).
182 */
183
052d2369
JL		 184 if (ipv6_addr_any(&usin->sin6_addr)) {
185 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
186 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
187 &usin->sin6_addr);
188 else
189 usin->sin6_addr = in6addr_loopback;
190 }
1da177e4
LT		 191
192 addr_type = ipv6_addr_type(&usin->sin6_addr);
193
4c99aa40 194 if (addr_type & IPV6_ADDR_MULTICAST)
1da177e4
LT		 195 return -ENETUNREACH;
196
197 if (addr_type&IPV6_ADDR_LINKLOCAL) {
198 if (addr_len >= sizeof(struct sockaddr_in6) &&
199 usin->sin6_scope_id) {
200 /* If interface is set while binding, indices
201 * must coincide.
202 */
54dc3e33 203 if (!sk_dev_equal_l3scope(sk, usin->sin6_scope_id))
1da177e4
LT		 204 return -EINVAL;
205
206 sk->sk_bound_dev_if = usin->sin6_scope_id;
207 }
208
209 /* Connect to link-local address requires an interface */
210 if (!sk->sk_bound_dev_if)
211 return -EINVAL;
212 }
213
214 if (tp->rx_opt.ts_recent_stamp &&
efe4208f 215 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
1da177e4
LT		 216 tp->rx_opt.ts_recent = 0;
217 tp->rx_opt.ts_recent_stamp = 0;
218 tp->write_seq = 0;
219 }
220
efe4208f 221 sk->sk_v6_daddr = usin->sin6_addr;
4c9483b2 222 np->flow_label = fl6.flowlabel;
1da177e4
LT		 223
224 /*
225 * TCP over IPv4
226 */
227
052d2369 228 if (addr_type & IPV6_ADDR_MAPPED) {
d83d8461 229 u32 exthdrlen = icsk->icsk_ext_hdr_len;
1da177e4
LT		 230 struct sockaddr_in sin;
231
1da177e4
LT		 232 if (__ipv6_only_sock(sk))
233 return -ENETUNREACH;
234
235 sin.sin_family = AF_INET;
236 sin.sin_port = usin->sin6_port;
237 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
238
d83d8461 239 icsk->icsk_af_ops = &ipv6_mapped;
1da177e4 240 sk->sk_backlog_rcv = tcp_v4_do_rcv;
cfb6eeb4
YH		 241#ifdef CONFIG_TCP_MD5SIG
242 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
243#endif
1da177e4
LT		 244
245 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
246
247 if (err) {
d83d8461
ACM		 248 icsk->icsk_ext_hdr_len = exthdrlen;
249 icsk->icsk_af_ops = &ipv6_specific;
1da177e4 250 sk->sk_backlog_rcv = tcp_v6_do_rcv;
cfb6eeb4
YH		 251#ifdef CONFIG_TCP_MD5SIG
252 tp->af_specific = &tcp_sock_ipv6_specific;
253#endif
1da177e4 254 goto failure;
1da177e4 255 }
d1e559d0 256 np->saddr = sk->sk_v6_rcv_saddr;
1da177e4
LT		 257
258 return err;
259 }
260
efe4208f
ED		 261 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
262 saddr = &sk->sk_v6_rcv_saddr;
1da177e4 263
4c9483b2 264 fl6.flowi6_proto = IPPROTO_TCP;
efe4208f 265 fl6.daddr = sk->sk_v6_daddr;
4e3fd7a0 266 fl6.saddr = saddr ? *saddr : np->saddr;
4c9483b2
DM		 267 fl6.flowi6_oif = sk->sk_bound_dev_if;
268 fl6.flowi6_mark = sk->sk_mark;
1958b856
DM		 269 fl6.fl6_dport = usin->sin6_port;
270 fl6.fl6_sport = inet->inet_sport;
e2d118a1 271 fl6.flowi6_uid = sk->sk_uid;
1da177e4 272
1e1d04e6 273 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
45f6fad8 274 final_p = fl6_update_dst(&fl6, opt, &final);
1da177e4 275
4c9483b2 276 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
beb8d13b 277
0e0d44ab 278 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
68d0c6d3
DM		 279 if (IS_ERR(dst)) {
280 err = PTR_ERR(dst);
1da177e4 281 goto failure;
14e50e57 282 }
1da177e4 283
63159f29 284 if (!saddr) {
4c9483b2 285 saddr = &fl6.saddr;
efe4208f 286 sk->sk_v6_rcv_saddr = *saddr;
1da177e4
LT		 287 }
288
289 /* set the source address */
4e3fd7a0 290 np->saddr = *saddr;
c720c7e8 291 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 292
f83ef8c0 293 sk->sk_gso_type = SKB_GSO_TCPV6;
6bd4f355 294 ip6_dst_store(sk, dst, NULL, NULL);
1da177e4 295
d83d8461 296 icsk->icsk_ext_hdr_len = 0;
45f6fad8
ED		 297 if (opt)
298 icsk->icsk_ext_hdr_len = opt->opt_flen +
299 opt->opt_nflen;
1da177e4
LT		 300
301 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
302
c720c7e8 303 inet->inet_dport = usin->sin6_port;
1da177e4
LT		 304
305 tcp_set_state(sk, TCP_SYN_SENT);
1946e672 306 err = inet6_hash_connect(tcp_death_row, sk);
1da177e4
LT		 307 if (err)
308 goto late_failure;
309
877d1f62 310 sk_set_txhash(sk);
9e7ceb06 311
00355fa5 312 if (likely(!tp->repair)) {
00355fa5 313 if (!tp->write_seq)
84b114b9
ED		 314 tp->write_seq = secure_tcpv6_seq(np->saddr.s6_addr32,
315 sk->sk_v6_daddr.s6_addr32,
316 inet->inet_sport,
317 inet->inet_dport);
5d2ed052
ED		 318 tp->tsoffset = secure_tcpv6_ts_off(sock_net(sk),
319 np->saddr.s6_addr32,
84b114b9 320 sk->sk_v6_daddr.s6_addr32);
00355fa5 321 }
1da177e4 322
19f6d3f3
WW		 323 if (tcp_fastopen_defer_connect(sk, &err))
324 return err;
325 if (err)
326 goto late_failure;
327
1da177e4
LT		 328 err = tcp_connect(sk);
329 if (err)
330 goto late_failure;
331
332 return 0;
333
334late_failure:
335 tcp_set_state(sk, TCP_CLOSE);
1da177e4 336failure:
c720c7e8 337 inet->inet_dport = 0;
1da177e4
LT		 338 sk->sk_route_caps = 0;
339 return err;
340}
341
563d34d0
ED		 342static void tcp_v6_mtu_reduced(struct sock *sk)
343{
344 struct dst_entry *dst;
345
346 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
347 return;
348
349 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
350 if (!dst)
351 return;
352
353 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
354 tcp_sync_mss(sk, dst_mtu(dst));
355 tcp_simple_retransmit(sk);
356 }
357}
358
32bbd879 359static int tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
d5fdd6ba 360 u8 type, u8 code, int offset, __be32 info)
1da177e4 361{
4c99aa40 362 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
505cbfc5 363 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
2215089b
ED		 364 struct net *net = dev_net(skb->dev);
365 struct request_sock *fastopen;
1da177e4 366 struct ipv6_pinfo *np;
1ab1457c 367 struct tcp_sock *tp;
0a672f74 368 __u32 seq, snd_una;
2215089b 369 struct sock *sk;
9cf74903 370 bool fatal;
2215089b 371 int err;
1da177e4 372
2215089b
ED		 373 sk = __inet6_lookup_established(net, &tcp_hashinfo,
374 &hdr->daddr, th->dest,
375 &hdr->saddr, ntohs(th->source),
4297a0ef 376 skb->dev->ifindex, inet6_sdif(skb));
1da177e4 377
2215089b 378 if (!sk) {
a16292a0
ED		 379 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
380 ICMP6_MIB_INERRORS);
32bbd879 381 return -ENOENT;
1da177e4
LT		 382 }
383
384 if (sk->sk_state == TCP_TIME_WAIT) {
9469c7b4 385 inet_twsk_put(inet_twsk(sk));
32bbd879 386 return 0;
1da177e4 387 }
2215089b 388 seq = ntohl(th->seq);
9cf74903 389 fatal = icmpv6_err_convert(type, code, &err);
32bbd879
SB		 390 if (sk->sk_state == TCP_NEW_SYN_RECV) {
391 tcp_req_err(sk, seq, fatal);
392 return 0;
393 }
1da177e4
LT		 394
395 bh_lock_sock(sk);
563d34d0 396 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
02a1d6e7 397 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
1da177e4
LT		 398
399 if (sk->sk_state == TCP_CLOSE)
400 goto out;
401
93a77c11 402 if (ipv6_hdr(skb)->hop_limit < tcp_inet6_sk(sk)->min_hopcount) {
02a1d6e7 403 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
e802af9c
SH		 404 goto out;
405 }
406
1da177e4 407 tp = tcp_sk(sk);
0a672f74
YC		 408 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
409 fastopen = tp->fastopen_rsk;
410 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
1da177e4 411 if (sk->sk_state != TCP_LISTEN &&
0a672f74 412 !between(seq, snd_una, tp->snd_nxt)) {
02a1d6e7 413 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
1da177e4
LT		 414 goto out;
415 }
416
93a77c11 417 np = tcp_inet6_sk(sk);
1da177e4 418
ec18d9a2 419 if (type == NDISC_REDIRECT) {
45caeaa5
JM		 420 if (!sock_owned_by_user(sk)) {
421 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
ec18d9a2 422
45caeaa5
JM		 423 if (dst)
424 dst->ops->redirect(dst, sk, skb);
425 }
50a75a89 426 goto out;
ec18d9a2
DM		 427 }
428
1da177e4 429 if (type == ICMPV6_PKT_TOOBIG) {
0d4f0608
ED		 430 /* We are not interested in TCP_LISTEN and open_requests
431 * (SYN-ACKs send out by Linux are always <576bytes so
432 * they should go through unfragmented).
433 */
434 if (sk->sk_state == TCP_LISTEN)
435 goto out;
436
93b36cf3
HFS		 437 if (!ip6_sk_accept_pmtu(sk))
438 goto out;
439
563d34d0
ED		 440 tp->mtu_info = ntohl(info);
441 if (!sock_owned_by_user(sk))
442 tcp_v6_mtu_reduced(sk);
d013ef2a 443 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
7aa5470c 444 &sk->sk_tsq_flags))
d013ef2a 445 sock_hold(sk);
1da177e4
LT		 446 goto out;
447 }
448
1da177e4 449
60236fdd 450 /* Might be for an request_sock */
1da177e4 451 switch (sk->sk_state) {
1da177e4 452 case TCP_SYN_SENT:
0a672f74
YC		 453 case TCP_SYN_RECV:
454 /* Only in fast or simultaneous open. If a fast open socket is
455 * is already accepted it is treated as a connected one below.
456 */
63159f29 457 if (fastopen && !fastopen->sk)
0a672f74
YC		 458 break;
459
1da177e4 460 if (!sock_owned_by_user(sk)) {
1da177e4
LT		 461 sk->sk_err = err;
462 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
463
464 tcp_done(sk);
465 } else
466 sk->sk_err_soft = err;
467 goto out;
468 }
469
470 if (!sock_owned_by_user(sk) && np->recverr) {
471 sk->sk_err = err;
472 sk->sk_error_report(sk);
473 } else
474 sk->sk_err_soft = err;
475
476out:
477 bh_unlock_sock(sk);
478 sock_put(sk);
32bbd879 479 return 0;
1da177e4
LT		 480}
481
482
0f935dbe 483static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
d6274bd8 484 struct flowi *fl,
3840a06e 485 struct request_sock *req,
ca6fb065 486 struct tcp_fastopen_cookie *foc,
b3d05147 487 enum tcp_synack_type synack_type)
1da177e4 488{
634fb979 489 struct inet_request_sock *ireq = inet_rsk(req);
93a77c11 490 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
56ac42bc 491 struct ipv6_txoptions *opt;
d6274bd8 492 struct flowi6 *fl6 = &fl->u.ip6;
4c99aa40 493 struct sk_buff *skb;
9494218f 494 int err = -ENOMEM;
1da177e4 495
9f10d3f6 496 /* First, grab a route. */
f76b33c3
ED		 497 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
498 IPPROTO_TCP)) == NULL)
fd80eb94 499 goto done;
9494218f 500
b3d05147 501 skb = tcp_make_synack(sk, dst, req, foc, synack_type);
9494218f 502
1da177e4 503 if (skb) {
634fb979
ED		 504 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
505 &ireq->ir_v6_rmt_addr);
1da177e4 506
634fb979 507 fl6->daddr = ireq->ir_v6_rmt_addr;
53b24b8f 508 if (np->repflow && ireq->pktopts)
df3687ff
FF		 509 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
510
3e4006f0 511 rcu_read_lock();
56ac42bc
HD		 512 opt = ireq->ipv6_opt;
513 if (!opt)
514 opt = rcu_dereference(np->opt);
92e55f41 515 err = ip6_xmit(sk, skb, fl6, sk->sk_mark, opt, np->tclass);
3e4006f0 516 rcu_read_unlock();
b9df3cb8 517 err = net_xmit_eval(err);
1da177e4
LT		 518 }
519
520done:
1da177e4
LT		 521 return err;
522}
523
72659ecc 524
60236fdd 525static void tcp_v6_reqsk_destructor(struct request_sock *req)
1da177e4 526{
56ac42bc 527 kfree(inet_rsk(req)->ipv6_opt);
634fb979 528 kfree_skb(inet_rsk(req)->pktopts);
1da177e4
LT		 529}
530
cfb6eeb4 531#ifdef CONFIG_TCP_MD5SIG
b83e3deb 532static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
b71d1d42 533 const struct in6_addr *addr)
cfb6eeb4 534{
a915da9b 535 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
cfb6eeb4
YH		 536}
537
b83e3deb 538static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
fd3a154a 539 const struct sock *addr_sk)
cfb6eeb4 540{
efe4208f 541 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
cfb6eeb4
YH		 542}
543
8917a777
ID		 544static int tcp_v6_parse_md5_keys(struct sock *sk, int optname,
545 char __user *optval, int optlen)
cfb6eeb4
YH		 546{
547 struct tcp_md5sig cmd;
548 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
8917a777 549 u8 prefixlen;
cfb6eeb4
YH		 550
551 if (optlen < sizeof(cmd))
552 return -EINVAL;
553
554 if (copy_from_user(&cmd, optval, sizeof(cmd)))
555 return -EFAULT;
556
557 if (sin6->sin6_family != AF_INET6)
558 return -EINVAL;
559
8917a777
ID		 560 if (optname == TCP_MD5SIG_EXT &&
561 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
562 prefixlen = cmd.tcpm_prefixlen;
563 if (prefixlen > 128 || (ipv6_addr_v4mapped(&sin6->sin6_addr) &&
564 prefixlen > 32))
565 return -EINVAL;
566 } else {
567 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128;
568 }
569
cfb6eeb4 570 if (!cmd.tcpm_keylen) {
e773e4fa 571 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
a915da9b 572 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
8917a777 573 AF_INET, prefixlen);
a915da9b 574 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
8917a777 575 AF_INET6, prefixlen);
cfb6eeb4
YH		 576 }
577
578 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
579 return -EINVAL;
580
a915da9b
ED		 581 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
582 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
8917a777 583 AF_INET, prefixlen, cmd.tcpm_key,
6797318e 584 cmd.tcpm_keylen, GFP_KERNEL);
cfb6eeb4 585
a915da9b 586 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
8917a777
ID		 587 AF_INET6, prefixlen, cmd.tcpm_key,
588 cmd.tcpm_keylen, GFP_KERNEL);
cfb6eeb4
YH		 589}
590
19689e38
ED		 591static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp,
592 const struct in6_addr *daddr,
593 const struct in6_addr *saddr,
594 const struct tcphdr *th, int nbytes)
cfb6eeb4 595{
cfb6eeb4 596 struct tcp6_pseudohdr *bp;
49a72dfb 597 struct scatterlist sg;
19689e38 598 struct tcphdr *_th;
8d26d76d 599
19689e38 600 bp = hp->scratch;
cfb6eeb4 601 /* 1. TCP pseudo-header (RFC2460) */
4e3fd7a0
AD		 602 bp->saddr = *saddr;
603 bp->daddr = *daddr;
49a72dfb 604 bp->protocol = cpu_to_be32(IPPROTO_TCP);
00b1304c 605 bp->len = cpu_to_be32(nbytes);
cfb6eeb4 606
19689e38
ED		 607 _th = (struct tcphdr *)(bp + 1);
608 memcpy(_th, th, sizeof(*th));
609 _th->check = 0;
610
611 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
612 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
613 sizeof(*bp) + sizeof(*th));
cf80e0e4 614 return crypto_ahash_update(hp->md5_req);
49a72dfb 615}
c7da57a1 616
19689e38 617static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
b71d1d42 618 const struct in6_addr *daddr, struct in6_addr *saddr,
318cf7aa 619 const struct tcphdr *th)
49a72dfb
AL		 620{
621 struct tcp_md5sig_pool *hp;
cf80e0e4 622 struct ahash_request *req;
49a72dfb
AL		 623
624 hp = tcp_get_md5sig_pool();
625 if (!hp)
626 goto clear_hash_noput;
cf80e0e4 627 req = hp->md5_req;
49a72dfb 628
cf80e0e4 629 if (crypto_ahash_init(req))
49a72dfb 630 goto clear_hash;
19689e38 631 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
49a72dfb
AL		 632 goto clear_hash;
633 if (tcp_md5_hash_key(hp, key))
634 goto clear_hash;
cf80e0e4
HX		 635 ahash_request_set_crypt(req, NULL, md5_hash, 0);
636 if (crypto_ahash_final(req))
cfb6eeb4 637 goto clear_hash;
cfb6eeb4 638
cfb6eeb4 639 tcp_put_md5sig_pool();
cfb6eeb4 640 return 0;
49a72dfb 641
cfb6eeb4
YH		 642clear_hash:
643 tcp_put_md5sig_pool();
644clear_hash_noput:
645 memset(md5_hash, 0, 16);
49a72dfb 646 return 1;
cfb6eeb4
YH		 647}
648
39f8e58e
ED		 649static int tcp_v6_md5_hash_skb(char *md5_hash,
650 const struct tcp_md5sig_key *key,
318cf7aa 651 const struct sock *sk,
318cf7aa 652 const struct sk_buff *skb)
cfb6eeb4 653{
b71d1d42 654 const struct in6_addr *saddr, *daddr;
49a72dfb 655 struct tcp_md5sig_pool *hp;
cf80e0e4 656 struct ahash_request *req;
318cf7aa 657 const struct tcphdr *th = tcp_hdr(skb);
cfb6eeb4 658
39f8e58e
ED		 659 if (sk) { /* valid for establish/request sockets */
660 saddr = &sk->sk_v6_rcv_saddr;
efe4208f 661 daddr = &sk->sk_v6_daddr;
49a72dfb 662 } else {
b71d1d42 663 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
49a72dfb
AL		 664 saddr = &ip6h->saddr;
665 daddr = &ip6h->daddr;
cfb6eeb4 666 }
49a72dfb
AL		 667
668 hp = tcp_get_md5sig_pool();
669 if (!hp)
670 goto clear_hash_noput;
cf80e0e4 671 req = hp->md5_req;
49a72dfb 672
cf80e0e4 673 if (crypto_ahash_init(req))
49a72dfb
AL		 674 goto clear_hash;
675
19689e38 676 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len))
49a72dfb
AL		 677 goto clear_hash;
678 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
679 goto clear_hash;
680 if (tcp_md5_hash_key(hp, key))
681 goto clear_hash;
cf80e0e4
HX		 682 ahash_request_set_crypt(req, NULL, md5_hash, 0);
683 if (crypto_ahash_final(req))
49a72dfb
AL		 684 goto clear_hash;
685
686 tcp_put_md5sig_pool();
687 return 0;
688
689clear_hash:
690 tcp_put_md5sig_pool();
691clear_hash_noput:
692 memset(md5_hash, 0, 16);
693 return 1;
cfb6eeb4
YH		 694}
695
ba8e275a
ED		 696#endif
697
698static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
699 const struct sk_buff *skb)
cfb6eeb4 700{
ba8e275a 701#ifdef CONFIG_TCP_MD5SIG
cf533ea5 702 const __u8 *hash_location = NULL;
cfb6eeb4 703 struct tcp_md5sig_key *hash_expected;
b71d1d42 704 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
318cf7aa 705 const struct tcphdr *th = tcp_hdr(skb);
cfb6eeb4 706 int genhash;
cfb6eeb4
YH		 707 u8 newhash[16];
708
709 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
7d5d5525 710 hash_location = tcp_parse_md5sig_option(th);
cfb6eeb4 711
785957d3
DM		 712 /* We've parsed the options - do we have a hash? */
713 if (!hash_expected && !hash_location)
ff74e23f 714 return false;
785957d3
DM		 715
716 if (hash_expected && !hash_location) {
c10d9310 717 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
ff74e23f 718 return true;
cfb6eeb4
YH		 719 }
720
785957d3 721 if (!hash_expected && hash_location) {
c10d9310 722 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
ff74e23f 723 return true;
cfb6eeb4
YH		 724 }
725
726 /* check the signature */
49a72dfb
AL		 727 genhash = tcp_v6_md5_hash_skb(newhash,
728 hash_expected,
39f8e58e 729 NULL, skb);
49a72dfb 730
cfb6eeb4 731 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
72145a68 732 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE);
e87cc472
JP		 733 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
734 genhash ? "failed" : "mismatch",
735 &ip6h->saddr, ntohs(th->source),
736 &ip6h->daddr, ntohs(th->dest));
ff74e23f 737 return true;
cfb6eeb4 738 }
ba8e275a 739#endif
ff74e23f 740 return false;
cfb6eeb4 741}
cfb6eeb4 742
b40cf18e
ED		 743static void tcp_v6_init_req(struct request_sock *req,
744 const struct sock *sk_listener,
16bea70a
OP		 745 struct sk_buff *skb)
746{
c2027d1e 747 bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
16bea70a 748 struct inet_request_sock *ireq = inet_rsk(req);
93a77c11 749 const struct ipv6_pinfo *np = tcp_inet6_sk(sk_listener);
16bea70a
OP		 750
751 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
752 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
753
16bea70a 754 /* So that link locals have meaning */
c2027d1e 755 if ((!sk_listener->sk_bound_dev_if || l3_slave) &&
16bea70a 756 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
870c3151 757 ireq->ir_iif = tcp_v6_iif(skb);
16bea70a 758
04317daf 759 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
b40cf18e 760 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
a224772d 761 np->rxopt.bits.rxinfo ||
16bea70a
OP		 762 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
763 np->rxopt.bits.rxohlim || np->repflow)) {
63354797 764 refcount_inc(&skb->users);
16bea70a
OP		 765 ireq->pktopts = skb;
766 }
767}
768
f964629e
ED		 769static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
770 struct flowi *fl,
4396e461 771 const struct request_sock *req)
d94e0417 772{
f76b33c3 773 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
d94e0417
OP		 774}
775
c6aefafb 776struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
1da177e4 777 .family = AF_INET6,
2e6599cb 778 .obj_size = sizeof(struct tcp6_request_sock),
5db92c99 779 .rtx_syn_ack = tcp_rtx_synack,
60236fdd
ACM		 780 .send_ack = tcp_v6_reqsk_send_ack,
781 .destructor = tcp_v6_reqsk_destructor,
72659ecc 782 .send_reset = tcp_v6_send_reset,
4aa956d8 783 .syn_ack_timeout = tcp_syn_ack_timeout,
1da177e4
LT		 784};
785
b2e4b3de 786static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
2aec4a29
OP		 787 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
788 sizeof(struct ipv6hdr),
16bea70a 789#ifdef CONFIG_TCP_MD5SIG
fd3a154a 790 .req_md5_lookup = tcp_v6_md5_lookup,
e3afe7b7 791 .calc_md5_hash = tcp_v6_md5_hash_skb,
b6332e6c 792#endif
16bea70a 793 .init_req = tcp_v6_init_req,
fb7b37a7
OP		 794#ifdef CONFIG_SYN_COOKIES
795 .cookie_init_seq = cookie_v6_init_sequence,
796#endif
d94e0417 797 .route_req = tcp_v6_route_req,
84b114b9
ED		 798 .init_seq = tcp_v6_init_seq,
799 .init_ts_off = tcp_v6_init_ts_off,
d6274bd8 800 .send_synack = tcp_v6_send_synack,
16bea70a 801};
cfb6eeb4 802
a00e7444 803static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
0f85feae
ED		 804 u32 ack, u32 win, u32 tsval, u32 tsecr,
805 int oif, struct tcp_md5sig_key *key, int rst,
5119bd16 806 u8 tclass, __be32 label)
1da177e4 807{
cf533ea5
ED		 808 const struct tcphdr *th = tcp_hdr(skb);
809 struct tcphdr *t1;
1da177e4 810 struct sk_buff *buff;
4c9483b2 811 struct flowi6 fl6;
0f85feae 812 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
e5047992 813 struct sock *ctl_sk = net->ipv6.tcp_sk;
77c676da 814 unsigned int tot_len = sizeof(struct tcphdr);
adf30907 815 struct dst_entry *dst;
81ada62d 816 __be32 *topt;
00483690 817 __u32 mark = 0;
1da177e4 818
ee684b6f 819 if (tsecr)
626e264d 820 tot_len += TCPOLEN_TSTAMP_ALIGNED;
cfb6eeb4 821#ifdef CONFIG_TCP_MD5SIG
cfb6eeb4
YH		 822 if (key)
823 tot_len += TCPOLEN_MD5SIG_ALIGNED;
824#endif
825
cfb6eeb4 826 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1da177e4 827 GFP_ATOMIC);
63159f29 828 if (!buff)
1ab1457c 829 return;
1da177e4 830
cfb6eeb4 831 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1da177e4 832
d58ff351 833 t1 = skb_push(buff, tot_len);
6651ffc8 834 skb_reset_transport_header(buff);
1da177e4
LT		 835
836 /* Swap the send and the receive. */
837 memset(t1, 0, sizeof(*t1));
838 t1->dest = th->source;
839 t1->source = th->dest;
cfb6eeb4 840 t1->doff = tot_len / 4;
626e264d
IJ		 841 t1->seq = htonl(seq);
842 t1->ack_seq = htonl(ack);
843 t1->ack = !rst || !th->ack;
844 t1->rst = rst;
845 t1->window = htons(win);
1da177e4 846
81ada62d
IJ		 847 topt = (__be32 *)(t1 + 1);
848
ee684b6f 849 if (tsecr) {
626e264d
IJ		 850 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
851 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
ee684b6f
AV		 852 *topt++ = htonl(tsval);
853 *topt++ = htonl(tsecr);
626e264d
IJ		 854 }
855
cfb6eeb4
YH		 856#ifdef CONFIG_TCP_MD5SIG
857 if (key) {
81ada62d
IJ		 858 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
859 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
860 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
78e645cb
IJ		 861 &ipv6_hdr(skb)->saddr,
862 &ipv6_hdr(skb)->daddr, t1);
cfb6eeb4
YH		 863 }
864#endif
865
4c9483b2 866 memset(&fl6, 0, sizeof(fl6));
4e3fd7a0
AD		 867 fl6.daddr = ipv6_hdr(skb)->saddr;
868 fl6.saddr = ipv6_hdr(skb)->daddr;
1d13a96c 869 fl6.flowlabel = label;
1da177e4 870
e5700aff
DM		 871 buff->ip_summed = CHECKSUM_PARTIAL;
872 buff->csum = 0;
873
4c9483b2 874 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
1da177e4 875
4c9483b2 876 fl6.flowi6_proto = IPPROTO_TCP;
a36dbdb2 877 if (rt6_need_strict(&fl6.daddr) && !oif)
870c3151 878 fl6.flowi6_oif = tcp_v6_iif(skb);
9b6c14d5
DA		 879 else {
880 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
881 oif = skb->skb_iif;
882
883 fl6.flowi6_oif = oif;
884 }
1d2f7b2d 885
00483690
JM		 886 if (sk)
887 mark = (sk->sk_state == TCP_TIME_WAIT) ?
888 inet_twsk(sk)->tw_mark : sk->sk_mark;
889 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark) ?: mark;
1958b856
DM		 890 fl6.fl6_dport = t1->dest;
891 fl6.fl6_sport = t1->source;
e2d118a1 892 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
4c9483b2 893 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
1da177e4 894
c20121ae
DL		 895 /* Pass a socket to ip6_dst_lookup either it is for RST
896 * Underlying function will use this to retrieve the network
897 * namespace
898 */
0e0d44ab 899 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
68d0c6d3
DM		 900 if (!IS_ERR(dst)) {
901 skb_dst_set(buff, dst);
92e55f41 902 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL, tclass);
c10d9310 903 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
68d0c6d3 904 if (rst)
c10d9310 905 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
68d0c6d3 906 return;
1da177e4
LT		 907 }
908
909 kfree_skb(buff);
910}
911
a00e7444 912static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
1da177e4 913{
cf533ea5 914 const struct tcphdr *th = tcp_hdr(skb);
626e264d 915 u32 seq = 0, ack_seq = 0;
fa3e5b4e 916 struct tcp_md5sig_key *key = NULL;
658ddaaf
SL		 917#ifdef CONFIG_TCP_MD5SIG
918 const __u8 *hash_location = NULL;
919 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
920 unsigned char newhash[16];
921 int genhash;
922 struct sock *sk1 = NULL;
923#endif
c24b14c4 924 int oif = 0;
1da177e4 925
626e264d 926 if (th->rst)
1da177e4
LT		 927 return;
928
c3658e8d
ED		 929 /* If sk not NULL, it means we did a successful lookup and incoming
930 * route had to be correct. prequeue might have dropped our dst.
931 */
932 if (!sk && !ipv6_unicast_destination(skb))
626e264d 933 return;
1da177e4 934
cfb6eeb4 935#ifdef CONFIG_TCP_MD5SIG
3b24d854 936 rcu_read_lock();
658ddaaf 937 hash_location = tcp_parse_md5sig_option(th);
271c3b9b 938 if (sk && sk_fullsock(sk)) {
e46787f0
FW		 939 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr);
940 } else if (hash_location) {
658ddaaf
SL		 941 /*
942 * active side is lost. Try to find listening socket through
943 * source port, and then find md5 key through listening socket.
944 * we are not loose security here:
945 * Incoming packet is checked with md5 hash with finding key,
946 * no RST generated if md5 hash doesn't match.
947 */
948 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
a583636a
CG		 949 &tcp_hashinfo, NULL, 0,
950 &ipv6h->saddr,
5ba24953 951 th->source, &ipv6h->daddr,
24b711ed
DA		 952 ntohs(th->source),
953 tcp_v6_iif_l3_slave(skb),
4297a0ef 954 tcp_v6_sdif(skb));
658ddaaf 955 if (!sk1)
3b24d854 956 goto out;
658ddaaf 957
658ddaaf
SL		 958 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
959 if (!key)
3b24d854 960 goto out;
658ddaaf 961
39f8e58e 962 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
658ddaaf 963 if (genhash || memcmp(hash_location, newhash, 16) != 0)
3b24d854 964 goto out;
658ddaaf 965 }
cfb6eeb4
YH		 966#endif
967
626e264d
IJ		 968 if (th->ack)
969 seq = ntohl(th->ack_seq);
970 else
971 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
972 (th->doff << 2);
1da177e4 973
c24b14c4
SL		 974 if (sk) {
975 oif = sk->sk_bound_dev_if;
5c487bb9
SL		 976 if (sk_fullsock(sk))
977 trace_tcp_send_reset(sk, skb);
c24b14c4
SL		 978 }
979
0f85feae 980 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0);
658ddaaf
SL		 981
982#ifdef CONFIG_TCP_MD5SIG
3b24d854
ED		 983out:
984 rcu_read_unlock();
658ddaaf 985#endif
626e264d 986}
1da177e4 987
a00e7444 988static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
0f85feae 989 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
1d13a96c 990 struct tcp_md5sig_key *key, u8 tclass,
5119bd16 991 __be32 label)
626e264d 992{
0f85feae
ED		 993 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
994 tclass, label);
1da177e4
LT		 995}
996
997static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
998{
8feaf0c0 999 struct inet_timewait_sock *tw = inet_twsk(sk);
cfb6eeb4 1000 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1da177e4 1001
0f85feae 1002 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
8feaf0c0 1003 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
9a568de4 1004 tcp_time_stamp_raw() + tcptw->tw_ts_offset,
9c76a114 1005 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
21858cd0 1006 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel));
1da177e4 1007
8feaf0c0 1008 inet_twsk_put(tw);
1da177e4
LT		 1009}
1010
a00e7444 1011static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
6edafaaf 1012 struct request_sock *req)
1da177e4 1013{
3a19ce0e
DL		 1014 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
1015 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
1016 */
20a2b49f
ED		 1017 /* RFC 7323 2.3
1018 * The window field (SEG.WND) of every outgoing segment, with the
1019 * exception of <SYN> segments, MUST be right-shifted by
1020 * Rcv.Wind.Shift bits:
1021 */
0f85feae 1022 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
3a19ce0e 1023 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
20a2b49f
ED		 1024 tcp_rsk(req)->rcv_nxt,
1025 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
9a568de4 1026 tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
95a22cae 1027 req->ts_recent, sk->sk_bound_dev_if,
30791ac4 1028 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr),
1d13a96c 1029 0, 0);
1da177e4
LT		 1030}
1031
1032
079096f1 1033static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
1da177e4 1034{
079096f1 1035#ifdef CONFIG_SYN_COOKIES
aa8223c7 1036 const struct tcphdr *th = tcp_hdr(skb);
1da177e4 1037
af9b4738 1038 if (!th->syn)
c6aefafb 1039 sk = cookie_v6_check(sk, skb);
1da177e4
LT		 1040#endif
1041 return sk;
1042}
1043
1da177e4
LT		 1044static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1045{
1da177e4
LT		 1046 if (skb->protocol == htons(ETH_P_IP))
1047 return tcp_v4_conn_request(sk, skb);
1048
1049 if (!ipv6_unicast_destination(skb))
1ab1457c 1050 goto drop;
1da177e4 1051
1fb6f159
OP		 1052 return tcp_conn_request(&tcp6_request_sock_ops,
1053 &tcp_request_sock_ipv6_ops, sk, skb);
1da177e4
LT		 1054
1055drop:
9caad864 1056 tcp_listendrop(sk);
1da177e4
LT		 1057 return 0; /* don't send reset */
1058}
1059
ebf6c9cb
ED		 1060static void tcp_v6_restore_cb(struct sk_buff *skb)
1061{
1062 /* We need to move header back to the beginning if xfrm6_policy_check()
1063 * and tcp_v6_fill_cb() are going to be called again.
1064 * ip6_datagram_recv_specific_ctl() also expects IP6CB to be there.
1065 */
1066 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1067 sizeof(struct inet6_skb_parm));
1068}
1069
0c27171e 1070static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
4c99aa40 1071 struct request_sock *req,
5e0724d0
ED		 1072 struct dst_entry *dst,
1073 struct request_sock *req_unhash,
1074 bool *own_req)
1da177e4 1075{
634fb979 1076 struct inet_request_sock *ireq;
0c27171e 1077 struct ipv6_pinfo *newnp;
93a77c11 1078 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
45f6fad8 1079 struct ipv6_txoptions *opt;
1da177e4
LT		 1080 struct inet_sock *newinet;
1081 struct tcp_sock *newtp;
1082 struct sock *newsk;
cfb6eeb4
YH		 1083#ifdef CONFIG_TCP_MD5SIG
1084 struct tcp_md5sig_key *key;
1085#endif
3840a06e 1086 struct flowi6 fl6;
1da177e4
LT		 1087
1088 if (skb->protocol == htons(ETH_P_IP)) {
1089 /*
1090 * v6 mapped
1091 */
1092
5e0724d0
ED		 1093 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1094 req_unhash, own_req);
1da177e4 1095
63159f29 1096 if (!newsk)
1da177e4
LT		 1097 return NULL;
1098
93a77c11 1099 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1da177e4
LT		 1100
1101 newinet = inet_sk(newsk);
93a77c11 1102 newnp = tcp_inet6_sk(newsk);
1da177e4
LT		 1103 newtp = tcp_sk(newsk);
1104
1105 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1106
d1e559d0 1107 newnp->saddr = newsk->sk_v6_rcv_saddr;
1da177e4 1108
8292a17a 1109 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1da177e4 1110 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
cfb6eeb4
YH		 1111#ifdef CONFIG_TCP_MD5SIG
1112 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1113#endif
1114
83eaddab 1115 newnp->ipv6_mc_list = NULL;
676a1184
YZ		 1116 newnp->ipv6_ac_list = NULL;
1117 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1118 newnp->pktoptions = NULL;
1119 newnp->opt = NULL;
89e41309
ED		 1120 newnp->mcast_oif = inet_iif(skb);
1121 newnp->mcast_hops = ip_hdr(skb)->ttl;
1122 newnp->rcv_flowinfo = 0;
df3687ff 1123 if (np->repflow)
89e41309 1124 newnp->flow_label = 0;
1da177e4 1125
e6848976
ACM		 1126 /*
1127 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1128 * here, tcp_create_openreq_child now does this for us, see the comment in
1129 * that function for the gory details. -acme
1da177e4 1130 */
1da177e4
LT		 1131
1132 /* It is tricky place. Until this moment IPv4 tcp
8292a17a 1133 worked with IPv6 icsk.icsk_af_ops.
1da177e4
LT		 1134 Sync it now.
1135 */
d83d8461 1136 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1da177e4
LT		 1137
1138 return newsk;
1139 }
1140
634fb979 1141 ireq = inet_rsk(req);
1da177e4
LT		 1142
1143 if (sk_acceptq_is_full(sk))
1144 goto out_overflow;
1145
493f377d 1146 if (!dst) {
f76b33c3 1147 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
493f377d 1148 if (!dst)
1da177e4 1149 goto out;
1ab1457c 1150 }
1da177e4
LT		 1151
1152 newsk = tcp_create_openreq_child(sk, req, skb);
63159f29 1153 if (!newsk)
093d2823 1154 goto out_nonewsk;
1da177e4 1155
e6848976
ACM		 1156 /*
1157 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1158 * count here, tcp_create_openreq_child now does this for us, see the
1159 * comment in that function for the gory details. -acme
1160 */
1da177e4 1161
59eed279 1162 newsk->sk_gso_type = SKB_GSO_TCPV6;
6bd4f355 1163 ip6_dst_store(newsk, dst, NULL, NULL);
fae6ef87 1164 inet6_sk_rx_dst_set(newsk, skb);
1da177e4 1165
93a77c11 1166 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1da177e4
LT		 1167
1168 newtp = tcp_sk(newsk);
1169 newinet = inet_sk(newsk);
93a77c11 1170 newnp = tcp_inet6_sk(newsk);
1da177e4
LT		 1171
1172 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1173
634fb979
ED		 1174 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1175 newnp->saddr = ireq->ir_v6_loc_addr;
1176 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1177 newsk->sk_bound_dev_if = ireq->ir_iif;
1da177e4 1178
1ab1457c 1179 /* Now IPv6 options...
1da177e4
LT		 1180
1181 First: no IPv4 options.
1182 */
f6d8bd05 1183 newinet->inet_opt = NULL;
83eaddab 1184 newnp->ipv6_mc_list = NULL;
676a1184 1185 newnp->ipv6_ac_list = NULL;
d35690be 1186 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1187
1188 /* Clone RX bits */
1189 newnp->rxopt.all = np->rxopt.all;
1190
1da177e4 1191 newnp->pktoptions = NULL;
1da177e4 1192 newnp->opt = NULL;
870c3151 1193 newnp->mcast_oif = tcp_v6_iif(skb);
0660e03f 1194 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1397ed35 1195 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
df3687ff
FF		 1196 if (np->repflow)
1197 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1da177e4
LT		 1198
1199 /* Clone native IPv6 options from listening socket (if any)
1200
1201 Yes, keeping reference count would be much more clever,
1202 but we make one more one thing there: reattach optmem
1203 to newsk.
1204 */
56ac42bc
HD		 1205 opt = ireq->ipv6_opt;
1206 if (!opt)
1207 opt = rcu_dereference(np->opt);
45f6fad8
ED		 1208 if (opt) {
1209 opt = ipv6_dup_options(newsk, opt);
1210 RCU_INIT_POINTER(newnp->opt, opt);
1211 }
d83d8461 1212 inet_csk(newsk)->icsk_ext_hdr_len = 0;
45f6fad8
ED		 1213 if (opt)
1214 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1215 opt->opt_flen;
1da177e4 1216
81164413
DB		 1217 tcp_ca_openreq_child(newsk, dst);
1218
1da177e4 1219 tcp_sync_mss(newsk, dst_mtu(dst));
3541f9e8 1220 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
d135c522 1221
1da177e4
LT		 1222 tcp_initialize_rcv_mss(newsk);
1223
c720c7e8
ED		 1224 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1225 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 1226
cfb6eeb4
YH		 1227#ifdef CONFIG_TCP_MD5SIG
1228 /* Copy over the MD5 key from the original socket */
4aa956d8 1229 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
53b24b8f 1230 if (key) {
cfb6eeb4
YH		 1231 /* We're using one, so create a matching key
1232 * on the newsk structure. If we fail to get
1233 * memory, then we end up not copying the key
1234 * across. Shucks.
1235 */
efe4208f 1236 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
6797318e 1237 AF_INET6, 128, key->key, key->keylen,
7450aaf6 1238 sk_gfp_mask(sk, GFP_ATOMIC));
cfb6eeb4
YH		 1239 }
1240#endif
1241
093d2823 1242 if (__inet_inherit_port(sk, newsk) < 0) {
e337e24d
CP		 1243 inet_csk_prepare_forced_close(newsk);
1244 tcp_done(newsk);
093d2823
BS		 1245 goto out;
1246 }
5e0724d0 1247 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
805c4bc0 1248 if (*own_req) {
49a496c9 1249 tcp_move_syn(newtp, req);
805c4bc0
ED		 1250
1251 /* Clone pktoptions received with SYN, if we own the req */
1252 if (ireq->pktopts) {
1253 newnp->pktoptions = skb_clone(ireq->pktopts,
7450aaf6 1254 sk_gfp_mask(sk, GFP_ATOMIC));
805c4bc0
ED		 1255 consume_skb(ireq->pktopts);
1256 ireq->pktopts = NULL;
ebf6c9cb
ED		 1257 if (newnp->pktoptions) {
1258 tcp_v6_restore_cb(newnp->pktoptions);
805c4bc0 1259 skb_set_owner_r(newnp->pktoptions, newsk);
ebf6c9cb 1260 }
805c4bc0 1261 }
ce105008 1262 }
1da177e4
LT		 1263
1264 return newsk;
1265
1266out_overflow:
02a1d6e7 1267 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
093d2823 1268out_nonewsk:
1da177e4 1269 dst_release(dst);
093d2823 1270out:
9caad864 1271 tcp_listendrop(sk);
1da177e4
LT		 1272 return NULL;
1273}
1274
1da177e4 1275/* The socket must have it's spinlock held when we get
e994b2f0 1276 * here, unless it is a TCP_LISTEN socket.
1da177e4
LT		 1277 *
1278 * We have a potential double-lock case here, so even when
1279 * doing backlog processing we use the BH locking scheme.
1280 * This is because we cannot sleep with the original spinlock
1281 * held.
1282 */
1283static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1284{
93a77c11 1285 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1da177e4 1286 struct sk_buff *opt_skb = NULL;
93a77c11 1287 struct tcp_sock *tp;
1da177e4
LT		 1288
1289 /* Imagine: socket is IPv6. IPv4 packet arrives,
1290 goes to IPv4 receive handler and backlogged.
1291 From backlog it always goes here. Kerboom...
1292 Fortunately, tcp_rcv_established and rcv_established
1293 handle them correctly, but it is not case with
1294 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1295 */
1296
1297 if (skb->protocol == htons(ETH_P_IP))
1298 return tcp_v4_do_rcv(sk, skb);
1299
1da177e4
LT		 1300 /*
1301 * socket locking is here for SMP purposes as backlog rcv
1302 * is currently called with bh processing disabled.
1303 */
1304
1305 /* Do Stevens' IPV6_PKTOPTIONS.
1306
1307 Yes, guys, it is the only place in our code, where we
1308 may make it not affecting IPv4.
1309 The rest of code is protocol independent,
1310 and I do not like idea to uglify IPv4.
1311
1312 Actually, all the idea behind IPV6_PKTOPTIONS
1313 looks not very well thought. For now we latch
1314 options, received in the last packet, enqueued
1315 by tcp. Feel free to propose better solution.
1ab1457c 1316 --ANK (980728)
1da177e4
LT		 1317 */
1318 if (np->rxopt.all)
7450aaf6 1319 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC));
1da177e4
LT		 1320
1321 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
5d299f3d
ED		 1322 struct dst_entry *dst = sk->sk_rx_dst;
1323
bdeab991 1324 sock_rps_save_rxhash(sk, skb);
3d97379a 1325 sk_mark_napi_id(sk, skb);
5d299f3d
ED		 1326 if (dst) {
1327 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1328 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1329 dst_release(dst);
1330 sk->sk_rx_dst = NULL;
1331 }
1332 }
1333
3d97d88e 1334 tcp_rcv_established(sk, skb);
1da177e4
LT		 1335 if (opt_skb)
1336 goto ipv6_pktoptions;
1337 return 0;
1338 }
1339
12e25e10 1340 if (tcp_checksum_complete(skb))
1da177e4
LT		 1341 goto csum_err;
1342
1ab1457c 1343 if (sk->sk_state == TCP_LISTEN) {
079096f1
ED		 1344 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1345
1da177e4
LT		 1346 if (!nsk)
1347 goto discard;
1348
4c99aa40 1349 if (nsk != sk) {
1da177e4
LT		 1350 if (tcp_child_process(sk, nsk, skb))
1351 goto reset;
1352 if (opt_skb)
1353 __kfree_skb(opt_skb);
1354 return 0;
1355 }
47482f13 1356 } else
bdeab991 1357 sock_rps_save_rxhash(sk, skb);
1da177e4 1358
72ab4a86 1359 if (tcp_rcv_state_process(sk, skb))
1da177e4 1360 goto reset;
1da177e4
LT		 1361 if (opt_skb)
1362 goto ipv6_pktoptions;
1363 return 0;
1364
1365reset:
cfb6eeb4 1366 tcp_v6_send_reset(sk, skb);
1da177e4
LT		 1367discard:
1368 if (opt_skb)
1369 __kfree_skb(opt_skb);
1370 kfree_skb(skb);
1371 return 0;
1372csum_err:
c10d9310
ED		 1373 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1374 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1da177e4
LT		 1375 goto discard;
1376
1377
1378ipv6_pktoptions:
1379 /* Do you ask, what is it?
1380
1381 1. skb was enqueued by tcp.
1382 2. skb is added to tail of read queue, rather than out of order.
1383 3. socket is not in passive state.
1384 4. Finally, it really contains options, which user wants to receive.
1385 */
1386 tp = tcp_sk(sk);
1387 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1388 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
333fad53 1389 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
870c3151 1390 np->mcast_oif = tcp_v6_iif(opt_skb);
333fad53 1391 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
0660e03f 1392 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
82e9f105 1393 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1397ed35 1394 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
df3687ff
FF		 1395 if (np->repflow)
1396 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
a224772d 1397 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1da177e4 1398 skb_set_owner_r(opt_skb, sk);
8ce48623 1399 tcp_v6_restore_cb(opt_skb);
1da177e4
LT		 1400 opt_skb = xchg(&np->pktoptions, opt_skb);
1401 } else {
1402 __kfree_skb(opt_skb);
1403 opt_skb = xchg(&np->pktoptions, NULL);
1404 }
1405 }
1406
800d55f1 1407 kfree_skb(opt_skb);
1da177e4
LT		 1408 return 0;
1409}
1410
2dc49d16
ND		 1411static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1412 const struct tcphdr *th)
1413{
1414 /* This is tricky: we move IP6CB at its correct location into
1415 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1416 * _decode_session6() uses IP6CB().
1417 * barrier() makes sure compiler won't play aliasing games.
1418 */
1419 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1420 sizeof(struct inet6_skb_parm));
1421 barrier();
1422
1423 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1424 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1425 skb->len - th->doff*4);
1426 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1427 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1428 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1429 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1430 TCP_SKB_CB(skb)->sacked = 0;
98aaa913
MM		 1431 TCP_SKB_CB(skb)->has_rxtstamp =
1432 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
2dc49d16
ND		 1433}
1434
0e219ae4 1435INDIRECT_CALLABLE_SCOPE int tcp_v6_rcv(struct sk_buff *skb)
1da177e4 1436{
8b27dae5 1437 struct sk_buff *skb_to_free;
4297a0ef 1438 int sdif = inet6_sdif(skb);
cf533ea5 1439 const struct tcphdr *th;
b71d1d42 1440 const struct ipv6hdr *hdr;
3b24d854 1441 bool refcounted;
1da177e4
LT		 1442 struct sock *sk;
1443 int ret;
a86b1e30 1444 struct net *net = dev_net(skb->dev);
1da177e4
LT		 1445
1446 if (skb->pkt_type != PACKET_HOST)
1447 goto discard_it;
1448
1449 /*
1450 * Count it even if it's bad.
1451 */
90bbcc60 1452 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1da177e4
LT		 1453
1454 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1455 goto discard_it;
1456
ea1627c2 1457 th = (const struct tcphdr *)skb->data;
1da177e4 1458
ea1627c2 1459 if (unlikely(th->doff < sizeof(struct tcphdr)/4))
1da177e4
LT		 1460 goto bad_packet;
1461 if (!pskb_may_pull(skb, th->doff*4))
1462 goto discard_it;
1463
e4f45b7f 1464 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
6a5dc9e5 1465 goto csum_error;
1da177e4 1466
ea1627c2 1467 th = (const struct tcphdr *)skb->data;
e802af9c 1468 hdr = ipv6_hdr(skb);
1da177e4 1469
4bdc3d66 1470lookup:
a583636a 1471 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th),
4297a0ef 1472 th->source, th->dest, inet6_iif(skb), sdif,
3b24d854 1473 &refcounted);
1da177e4
LT		 1474 if (!sk)
1475 goto no_tcp_socket;
1476
1477process:
1478 if (sk->sk_state == TCP_TIME_WAIT)
1479 goto do_time_wait;
1480
079096f1
ED		 1481 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1482 struct request_sock *req = inet_reqsk(sk);
e0f9759f 1483 bool req_stolen = false;
7716682c 1484 struct sock *nsk;
079096f1
ED		 1485
1486 sk = req->rsk_listener;
079096f1 1487 if (tcp_v6_inbound_md5_hash(sk, skb)) {
e65c332d 1488 sk_drops_add(sk, skb);
079096f1
ED		 1489 reqsk_put(req);
1490 goto discard_it;
1491 }
4fd44a98
FL		 1492 if (tcp_checksum_complete(skb)) {
1493 reqsk_put(req);
1494 goto csum_error;
1495 }
7716682c 1496 if (unlikely(sk->sk_state != TCP_LISTEN)) {
f03f2e15 1497 inet_csk_reqsk_queue_drop_and_put(sk, req);
4bdc3d66
ED		 1498 goto lookup;
1499 }
7716682c 1500 sock_hold(sk);
3b24d854 1501 refcounted = true;
1f3b359f 1502 nsk = NULL;
eeea10b8
ED		 1503 if (!tcp_filter(sk, skb)) {
1504 th = (const struct tcphdr *)skb->data;
1505 hdr = ipv6_hdr(skb);
1506 tcp_v6_fill_cb(skb, hdr, th);
e0f9759f 1507 nsk = tcp_check_req(sk, skb, req, false, &req_stolen);
eeea10b8 1508 }
079096f1
ED		 1509 if (!nsk) {
1510 reqsk_put(req);
e0f9759f
ED		 1511 if (req_stolen) {
1512 /* Another cpu got exclusive access to req
1513 * and created a full blown socket.
1514 * Try to feed this packet to this socket
1515 * instead of discarding it.
1516 */
1517 tcp_v6_restore_cb(skb);
1518 sock_put(sk);
1519 goto lookup;
1520 }
7716682c 1521 goto discard_and_relse;
079096f1
ED		 1522 }
1523 if (nsk == sk) {
079096f1
ED		 1524 reqsk_put(req);
1525 tcp_v6_restore_cb(skb);
1526 } else if (tcp_child_process(sk, nsk, skb)) {
1527 tcp_v6_send_reset(nsk, skb);
7716682c 1528 goto discard_and_relse;
079096f1 1529 } else {
7716682c 1530 sock_put(sk);
079096f1
ED		 1531 return 0;
1532 }
1533 }
93a77c11 1534 if (hdr->hop_limit < tcp_inet6_sk(sk)->min_hopcount) {
02a1d6e7 1535 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
e802af9c
SH		 1536 goto discard_and_relse;
1537 }
1538
1da177e4
LT		 1539 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1540 goto discard_and_relse;
1541
9ea88a15
DP		 1542 if (tcp_v6_inbound_md5_hash(sk, skb))
1543 goto discard_and_relse;
9ea88a15 1544
ac6e7800 1545 if (tcp_filter(sk, skb))
1da177e4 1546 goto discard_and_relse;
ac6e7800
ED		 1547 th = (const struct tcphdr *)skb->data;
1548 hdr = ipv6_hdr(skb);
eeea10b8 1549 tcp_v6_fill_cb(skb, hdr, th);
1da177e4
LT		 1550
1551 skb->dev = NULL;
1552
e994b2f0
ED		 1553 if (sk->sk_state == TCP_LISTEN) {
1554 ret = tcp_v6_do_rcv(sk, skb);
1555 goto put_and_return;
1556 }
1557
1558 sk_incoming_cpu_update(sk);
1559
293b9c42 1560 bh_lock_sock_nested(sk);
a44d6eac 1561 tcp_segs_in(tcp_sk(sk), skb);
1da177e4
LT		 1562 ret = 0;
1563 if (!sock_owned_by_user(sk)) {
8b27dae5
ED		 1564 skb_to_free = sk->sk_rx_skb_cache;
1565 sk->sk_rx_skb_cache = NULL;
e7942d06 1566 ret = tcp_v6_do_rcv(sk, skb);
8b27dae5
ED		 1567 } else {
1568 if (tcp_add_backlog(sk, skb))
1569 goto discard_and_relse;
1570 skb_to_free = NULL;
6b03a53a 1571 }
1da177e4 1572 bh_unlock_sock(sk);
8b27dae5
ED		 1573 if (skb_to_free)
1574 __kfree_skb(skb_to_free);
e994b2f0 1575put_and_return:
3b24d854
ED		 1576 if (refcounted)
1577 sock_put(sk);
1da177e4
LT		 1578 return ret ? -1 : 0;
1579
1580no_tcp_socket:
1581 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1582 goto discard_it;
1583
2dc49d16
ND		 1584 tcp_v6_fill_cb(skb, hdr, th);
1585
12e25e10 1586 if (tcp_checksum_complete(skb)) {
6a5dc9e5 1587csum_error:
90bbcc60 1588 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1da177e4 1589bad_packet:
90bbcc60 1590 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1da177e4 1591 } else {
cfb6eeb4 1592 tcp_v6_send_reset(NULL, skb);
1da177e4
LT		 1593 }
1594
1595discard_it:
1da177e4
LT		 1596 kfree_skb(skb);
1597 return 0;
1598
1599discard_and_relse:
532182cd 1600 sk_drops_add(sk, skb);
3b24d854
ED		 1601 if (refcounted)
1602 sock_put(sk);
1da177e4
LT		 1603 goto discard_it;
1604
1605do_time_wait:
1606 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
9469c7b4 1607 inet_twsk_put(inet_twsk(sk));
1da177e4
LT		 1608 goto discard_it;
1609 }
1610
2dc49d16
ND		 1611 tcp_v6_fill_cb(skb, hdr, th);
1612
6a5dc9e5
ED		 1613 if (tcp_checksum_complete(skb)) {
1614 inet_twsk_put(inet_twsk(sk));
1615 goto csum_error;
1da177e4
LT		 1616 }
1617
9469c7b4 1618 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1da177e4
LT		 1619 case TCP_TW_SYN:
1620 {
1621 struct sock *sk2;
1622
c346dca1 1623 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
a583636a 1624 skb, __tcp_hdrlen(th),
5ba24953 1625 &ipv6_hdr(skb)->saddr, th->source,
0660e03f 1626 &ipv6_hdr(skb)->daddr,
24b711ed
DA		 1627 ntohs(th->dest),
1628 tcp_v6_iif_l3_slave(skb),
4297a0ef 1629 sdif);
53b24b8f 1630 if (sk2) {
295ff7ed 1631 struct inet_timewait_sock *tw = inet_twsk(sk);
dbe7faa4 1632 inet_twsk_deschedule_put(tw);
1da177e4 1633 sk = sk2;
4ad19de8 1634 tcp_v6_restore_cb(skb);
3b24d854 1635 refcounted = false;
1da177e4
LT		 1636 goto process;
1637 }
1da177e4 1638 }
275757e6
GS		 1639 /* to ACK */
1640 /* fall through */
1da177e4
LT		 1641 case TCP_TW_ACK:
1642 tcp_v6_timewait_ack(sk, skb);
1643 break;
1644 case TCP_TW_RST:
271c3b9b
FW		 1645 tcp_v6_send_reset(sk, skb);
1646 inet_twsk_deschedule_put(inet_twsk(sk));
1647 goto discard_it;
4aa956d8
WY		 1648 case TCP_TW_SUCCESS:
1649 ;
1da177e4
LT		 1650 }
1651 goto discard_it;
1652}
1653
97ff7ffb 1654INDIRECT_CALLABLE_SCOPE void tcp_v6_early_demux(struct sk_buff *skb)
c7109986
ED		 1655{
1656 const struct ipv6hdr *hdr;
1657 const struct tcphdr *th;
1658 struct sock *sk;
1659
1660 if (skb->pkt_type != PACKET_HOST)
1661 return;
1662
1663 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1664 return;
1665
1666 hdr = ipv6_hdr(skb);
1667 th = tcp_hdr(skb);
1668
1669 if (th->doff < sizeof(struct tcphdr) / 4)
1670 return;
1671
870c3151 1672 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
c7109986
ED		 1673 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1674 &hdr->saddr, th->source,
1675 &hdr->daddr, ntohs(th->dest),
4297a0ef 1676 inet6_iif(skb), inet6_sdif(skb));
c7109986
ED		 1677 if (sk) {
1678 skb->sk = sk;
1679 skb->destructor = sock_edemux;
f7e4eb03 1680 if (sk_fullsock(sk)) {
d0c294c5 1681 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
f3f12135 1682
c7109986 1683 if (dst)
93a77c11 1684 dst = dst_check(dst, tcp_inet6_sk(sk)->rx_dst_cookie);
c7109986 1685 if (dst &&
f3f12135 1686 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
c7109986
ED		 1687 skb_dst_set_noref(skb, dst);
1688 }
1689 }
1690}
1691
ccb7c410
DM		 1692static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1693 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1694 .twsk_unique = tcp_twsk_unique,
4aa956d8 1695 .twsk_destructor = tcp_twsk_destructor,
ccb7c410
DM		 1696};
1697
3b401a81 1698static const struct inet_connection_sock_af_ops ipv6_specific = {
543d9cfe
ACM		 1699 .queue_xmit = inet6_csk_xmit,
1700 .send_check = tcp_v6_send_check,
1701 .rebuild_header = inet6_sk_rebuild_header,
5d299f3d 1702 .sk_rx_dst_set = inet6_sk_rx_dst_set,
543d9cfe
ACM		 1703 .conn_request = tcp_v6_conn_request,
1704 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe 1705 .net_header_len = sizeof(struct ipv6hdr),
67469601 1706 .net_frag_header_len = sizeof(struct frag_hdr),
543d9cfe
ACM		 1707 .setsockopt = ipv6_setsockopt,
1708 .getsockopt = ipv6_getsockopt,
1709 .addr2sockaddr = inet6_csk_addr2sockaddr,
1710 .sockaddr_len = sizeof(struct sockaddr_in6),
3fdadf7d 1711#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1712 .compat_setsockopt = compat_ipv6_setsockopt,
1713 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1714#endif
4fab9071 1715 .mtu_reduced = tcp_v6_mtu_reduced,
1da177e4
LT		 1716};
1717
cfb6eeb4 1718#ifdef CONFIG_TCP_MD5SIG
b2e4b3de 1719static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
cfb6eeb4 1720 .md5_lookup = tcp_v6_md5_lookup,
49a72dfb 1721 .calc_md5_hash = tcp_v6_md5_hash_skb,
cfb6eeb4 1722 .md5_parse = tcp_v6_parse_md5_keys,
cfb6eeb4 1723};
a928630a 1724#endif
cfb6eeb4 1725
1da177e4
LT		 1726/*
1727 * TCP over IPv4 via INET6 API
1728 */
3b401a81 1729static const struct inet_connection_sock_af_ops ipv6_mapped = {
543d9cfe
ACM		 1730 .queue_xmit = ip_queue_xmit,
1731 .send_check = tcp_v4_send_check,
1732 .rebuild_header = inet_sk_rebuild_header,
63d02d15 1733 .sk_rx_dst_set = inet_sk_rx_dst_set,
543d9cfe
ACM		 1734 .conn_request = tcp_v6_conn_request,
1735 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe
ACM		 1736 .net_header_len = sizeof(struct iphdr),
1737 .setsockopt = ipv6_setsockopt,
1738 .getsockopt = ipv6_getsockopt,
1739 .addr2sockaddr = inet6_csk_addr2sockaddr,
1740 .sockaddr_len = sizeof(struct sockaddr_in6),
3fdadf7d 1741#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1742 .compat_setsockopt = compat_ipv6_setsockopt,
1743 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1744#endif
4fab9071 1745 .mtu_reduced = tcp_v4_mtu_reduced,
1da177e4
LT		 1746};
1747
cfb6eeb4 1748#ifdef CONFIG_TCP_MD5SIG
b2e4b3de 1749static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
cfb6eeb4 1750 .md5_lookup = tcp_v4_md5_lookup,
49a72dfb 1751 .calc_md5_hash = tcp_v4_md5_hash_skb,
cfb6eeb4 1752 .md5_parse = tcp_v6_parse_md5_keys,
cfb6eeb4 1753};
a928630a 1754#endif
cfb6eeb4 1755
1da177e4
LT		 1756/* NOTE: A lot of things set to zero explicitly by call to
1757 * sk_alloc() so need not be done here.
1758 */
1759static int tcp_v6_init_sock(struct sock *sk)
1760{
6687e988 1761 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4 1762
900f65d3 1763 tcp_init_sock(sk);
1da177e4 1764
8292a17a 1765 icsk->icsk_af_ops = &ipv6_specific;
1da177e4 1766
cfb6eeb4 1767#ifdef CONFIG_TCP_MD5SIG
ac807fa8 1768 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
cfb6eeb4
YH		 1769#endif
1770
1da177e4
LT		 1771 return 0;
1772}
1773
7d06b2e0 1774static void tcp_v6_destroy_sock(struct sock *sk)
1da177e4 1775{
1da177e4 1776 tcp_v4_destroy_sock(sk);
7d06b2e0 1777 inet6_destroy_sock(sk);
1da177e4
LT		 1778}
1779
952a10be 1780#ifdef CONFIG_PROC_FS
1da177e4 1781/* Proc filesystem TCPv6 sock list dumping. */
1ab1457c 1782static void get_openreq6(struct seq_file *seq,
aa3a0c8c 1783 const struct request_sock *req, int i)
1da177e4 1784{
fa76ce73 1785 long ttd = req->rsk_timer.expires - jiffies;
634fb979
ED		 1786 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1787 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1da177e4
LT		 1788
1789 if (ttd < 0)
1790 ttd = 0;
1791
1da177e4
LT		 1792 seq_printf(seq,
1793 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
d14c5ab6 1794 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1da177e4
LT		 1795 i,
1796 src->s6_addr32[0], src->s6_addr32[1],
1797 src->s6_addr32[2], src->s6_addr32[3],
b44084c2 1798 inet_rsk(req)->ir_num,
1da177e4
LT		 1799 dest->s6_addr32[0], dest->s6_addr32[1],
1800 dest->s6_addr32[2], dest->s6_addr32[3],
634fb979 1801 ntohs(inet_rsk(req)->ir_rmt_port),
1da177e4 1802 TCP_SYN_RECV,
4c99aa40 1803 0, 0, /* could print option size, but that is af dependent. */
1ab1457c
YH		 1804 1, /* timers active (only the expire timer) */
1805 jiffies_to_clock_t(ttd),
e6c022a4 1806 req->num_timeout,
aa3a0c8c
ED		 1807 from_kuid_munged(seq_user_ns(seq),
1808 sock_i_uid(req->rsk_listener)),
1ab1457c 1809 0, /* non standard timer */
1da177e4
LT		 1810 0, /* open_requests have no inode */
1811 0, req);
1812}
1813
1814static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1815{
b71d1d42 1816 const struct in6_addr *dest, *src;
1da177e4
LT		 1817 __u16 destp, srcp;
1818 int timer_active;
1819 unsigned long timer_expires;
cf533ea5
ED		 1820 const struct inet_sock *inet = inet_sk(sp);
1821 const struct tcp_sock *tp = tcp_sk(sp);
463c84b9 1822 const struct inet_connection_sock *icsk = inet_csk(sp);
0536fcc0 1823 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
00fd38d9
ED		 1824 int rx_queue;
1825 int state;
1da177e4 1826
efe4208f
ED		 1827 dest = &sp->sk_v6_daddr;
1828 src = &sp->sk_v6_rcv_saddr;
c720c7e8
ED		 1829 destp = ntohs(inet->inet_dport);
1830 srcp = ntohs(inet->inet_sport);
463c84b9 1831
ce3cf4ec 1832 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
57dde7f7 1833 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
ce3cf4ec 1834 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
1da177e4 1835 timer_active = 1;
463c84b9
ACM		 1836 timer_expires = icsk->icsk_timeout;
1837 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1da177e4 1838 timer_active = 4;
463c84b9 1839 timer_expires = icsk->icsk_timeout;
1da177e4
LT		 1840 } else if (timer_pending(&sp->sk_timer)) {
1841 timer_active = 2;
1842 timer_expires = sp->sk_timer.expires;
1843 } else {
1844 timer_active = 0;
1845 timer_expires = jiffies;
1846 }
1847
986ffdfd 1848 state = inet_sk_state_load(sp);
00fd38d9
ED		 1849 if (state == TCP_LISTEN)
1850 rx_queue = sp->sk_ack_backlog;
1851 else
1852 /* Because we don't lock the socket,
1853 * we might find a transient negative value.
1854 */
1855 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
1856
1da177e4
LT		 1857 seq_printf(seq,
1858 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
d14c5ab6 1859 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1da177e4
LT		 1860 i,
1861 src->s6_addr32[0], src->s6_addr32[1],
1862 src->s6_addr32[2], src->s6_addr32[3], srcp,
1863 dest->s6_addr32[0], dest->s6_addr32[1],
1864 dest->s6_addr32[2], dest->s6_addr32[3], destp,
00fd38d9
ED		 1865 state,
1866 tp->write_seq - tp->snd_una,
1867 rx_queue,
1da177e4 1868 timer_active,
a399a805 1869 jiffies_delta_to_clock_t(timer_expires - jiffies),
463c84b9 1870 icsk->icsk_retransmits,
a7cb5a49 1871 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
6687e988 1872 icsk->icsk_probes_out,
1da177e4 1873 sock_i_ino(sp),
41c6d650 1874 refcount_read(&sp->sk_refcnt), sp,
7be87351
SH		 1875 jiffies_to_clock_t(icsk->icsk_rto),
1876 jiffies_to_clock_t(icsk->icsk_ack.ato),
31954cd8 1877 (icsk->icsk_ack.quick << 1) | inet_csk_in_pingpong_mode(sp),
0b6a05c1 1878 tp->snd_cwnd,
00fd38d9 1879 state == TCP_LISTEN ?
0536fcc0 1880 fastopenq->max_qlen :
0a672f74 1881 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1da177e4
LT		 1882 );
1883}
1884
1ab1457c 1885static void get_timewait6_sock(struct seq_file *seq,
8feaf0c0 1886 struct inet_timewait_sock *tw, int i)
1da177e4 1887{
789f558c 1888 long delta = tw->tw_timer.expires - jiffies;
b71d1d42 1889 const struct in6_addr *dest, *src;
1da177e4 1890 __u16 destp, srcp;
1da177e4 1891
efe4208f
ED		 1892 dest = &tw->tw_v6_daddr;
1893 src = &tw->tw_v6_rcv_saddr;
1da177e4
LT		 1894 destp = ntohs(tw->tw_dport);
1895 srcp = ntohs(tw->tw_sport);
1896
1897 seq_printf(seq,
1898 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
71338aa7 1899 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1da177e4
LT		 1900 i,
1901 src->s6_addr32[0], src->s6_addr32[1],
1902 src->s6_addr32[2], src->s6_addr32[3], srcp,
1903 dest->s6_addr32[0], dest->s6_addr32[1],
1904 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1905 tw->tw_substate, 0, 0,
a399a805 1906 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
41c6d650 1907 refcount_read(&tw->tw_refcnt), tw);
1da177e4
LT		 1908}
1909
1da177e4
LT		 1910static int tcp6_seq_show(struct seq_file *seq, void *v)
1911{
1912 struct tcp_iter_state *st;
05dbc7b5 1913 struct sock *sk = v;
1da177e4
LT		 1914
1915 if (v == SEQ_START_TOKEN) {
1916 seq_puts(seq,
1917 " sl "
1918 "local_address "
1919 "remote_address "
1920 "st tx_queue rx_queue tr tm->when retrnsmt"
1921 " uid timeout inode\n");
1922 goto out;
1923 }
1924 st = seq->private;
1925
079096f1
ED		 1926 if (sk->sk_state == TCP_TIME_WAIT)
1927 get_timewait6_sock(seq, v, st->num);
1928 else if (sk->sk_state == TCP_NEW_SYN_RECV)
aa3a0c8c 1929 get_openreq6(seq, v, st->num);
079096f1
ED		 1930 else
1931 get_tcp6_sock(seq, v, st->num);
1da177e4
LT		 1932out:
1933 return 0;
1934}
1935
37d849bb
CH		 1936static const struct seq_operations tcp6_seq_ops = {
1937 .show = tcp6_seq_show,
1938 .start = tcp_seq_start,
1939 .next = tcp_seq_next,
1940 .stop = tcp_seq_stop,
1941};
1942
1da177e4 1943static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1da177e4 1944 .family = AF_INET6,
1da177e4
LT		 1945};
1946
2c8c1e72 1947int __net_init tcp6_proc_init(struct net *net)
1da177e4 1948{
c3506372
CH		 1949 if (!proc_create_net_data("tcp6", 0444, net->proc_net, &tcp6_seq_ops,
1950 sizeof(struct tcp_iter_state), &tcp6_seq_afinfo))
37d849bb
CH		 1951 return -ENOMEM;
1952 return 0;
1da177e4
LT		 1953}
1954
6f8b13bc 1955void tcp6_proc_exit(struct net *net)
1da177e4 1956{
37d849bb 1957 remove_proc_entry("tcp6", net->proc_net);
1da177e4
LT		 1958}
1959#endif
1960
1961struct proto tcpv6_prot = {
1962 .name = "TCPv6",
1963 .owner = THIS_MODULE,
1964 .close = tcp_close,
d74bad4e 1965 .pre_connect = tcp_v6_pre_connect,
1da177e4
LT		 1966 .connect = tcp_v6_connect,
1967 .disconnect = tcp_disconnect,
463c84b9 1968 .accept = inet_csk_accept,
1da177e4
LT		 1969 .ioctl = tcp_ioctl,
1970 .init = tcp_v6_init_sock,
1971 .destroy = tcp_v6_destroy_sock,
1972 .shutdown = tcp_shutdown,
1973 .setsockopt = tcp_setsockopt,
1974 .getsockopt = tcp_getsockopt,
4b9d07a4 1975 .keepalive = tcp_set_keepalive,
1da177e4 1976 .recvmsg = tcp_recvmsg,
7ba42910
CG		 1977 .sendmsg = tcp_sendmsg,
1978 .sendpage = tcp_sendpage,
1da177e4 1979 .backlog_rcv = tcp_v6_do_rcv,
46d3ceab 1980 .release_cb = tcp_release_cb,
496611d7 1981 .hash = inet6_hash,
ab1e0a13
ACM		 1982 .unhash = inet_unhash,
1983 .get_port = inet_csk_get_port,
1da177e4 1984 .enter_memory_pressure = tcp_enter_memory_pressure,
06044751 1985 .leave_memory_pressure = tcp_leave_memory_pressure,
c9bee3b7 1986 .stream_memory_free = tcp_stream_memory_free,
1da177e4
LT		 1987 .sockets_allocated = &tcp_sockets_allocated,
1988 .memory_allocated = &tcp_memory_allocated,
1989 .memory_pressure = &tcp_memory_pressure,
0a5578cf 1990 .orphan_count = &tcp_orphan_count,
a4fe34bf 1991 .sysctl_mem = sysctl_tcp_mem,
356d1833
ED		 1992 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
1993 .sysctl_rmem_offset = offsetof(struct net, ipv4.sysctl_tcp_rmem),
1da177e4
LT		 1994 .max_header = MAX_TCP_HEADER,
1995 .obj_size = sizeof(struct tcp6_sock),
5f0d5a3a 1996 .slab_flags = SLAB_TYPESAFE_BY_RCU,
6d6ee43e 1997 .twsk_prot = &tcp6_timewait_sock_ops,
60236fdd 1998 .rsk_prot = &tcp6_request_sock_ops,
39d8cda7 1999 .h.hashinfo = &tcp_hashinfo,
7ba42910 2000 .no_autobind = true,
543d9cfe
ACM		 2001#ifdef CONFIG_COMPAT
2002 .compat_setsockopt = compat_tcp_setsockopt,
2003 .compat_getsockopt = compat_tcp_getsockopt,
d1a4c0b3 2004#endif
c1e64e29 2005 .diag_destroy = tcp_abort,
1da177e4
LT		 2006};
2007
a8e3bb34
DA		 2008/* thinking of making this const? Don't.
2009 * early_demux can change based on sysctl.
2010 */
39294c3d 2011static struct inet6_protocol tcpv6_protocol = {
c7109986 2012 .early_demux = tcp_v6_early_demux,
dddb64bc 2013 .early_demux_handler = tcp_v6_early_demux,
1da177e4
LT		 2014 .handler = tcp_v6_rcv,
2015 .err_handler = tcp_v6_err,
2016 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2017};
2018
1da177e4
LT		 2019static struct inet_protosw tcpv6_protosw = {
2020 .type = SOCK_STREAM,
2021 .protocol = IPPROTO_TCP,
2022 .prot = &tcpv6_prot,
2023 .ops = &inet6_stream_ops,
d83d8461
ACM		 2024 .flags = INET_PROTOSW_PERMANENT |
2025 INET_PROTOSW_ICSK,
1da177e4
LT		 2026};
2027
2c8c1e72 2028static int __net_init tcpv6_net_init(struct net *net)
93ec926b 2029{
5677242f
DL		 2030 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2031 SOCK_RAW, IPPROTO_TCP, net);
93ec926b
DL		 2032}
2033
2c8c1e72 2034static void __net_exit tcpv6_net_exit(struct net *net)
93ec926b 2035{
5677242f 2036 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
b099ce26
EB		 2037}
2038
2c8c1e72 2039static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
b099ce26 2040{
1946e672 2041 inet_twsk_purge(&tcp_hashinfo, AF_INET6);
93ec926b
DL		 2042}
2043
2044static struct pernet_operations tcpv6_net_ops = {
b099ce26
EB		 2045 .init = tcpv6_net_init,
2046 .exit = tcpv6_net_exit,
2047 .exit_batch = tcpv6_net_exit_batch,
93ec926b
DL		 2048};
2049
7f4e4868 2050int __init tcpv6_init(void)
1da177e4 2051{
7f4e4868
DL		 2052 int ret;
2053
3336288a
VY		 2054 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2055 if (ret)
c6b641a4 2056 goto out;
3336288a 2057
1da177e4 2058 /* register inet6 protocol */
7f4e4868
DL		 2059 ret = inet6_register_protosw(&tcpv6_protosw);
2060 if (ret)
2061 goto out_tcpv6_protocol;
2062
93ec926b 2063 ret = register_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2064 if (ret)
2065 goto out_tcpv6_protosw;
2066out:
2067 return ret;
ae0f7d5f 2068
7f4e4868
DL		 2069out_tcpv6_protosw:
2070 inet6_unregister_protosw(&tcpv6_protosw);
3336288a
VY		 2071out_tcpv6_protocol:
2072 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
7f4e4868
DL		 2073 goto out;
2074}
2075
09f7709f 2076void tcpv6_exit(void)
7f4e4868 2077{
93ec926b 2078 unregister_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2079 inet6_unregister_protosw(&tcpv6_protosw);
2080 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
1da177e4 2081}
Ubuntu Focal Linux kernel mirror