]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blame - net/ipv6/tcp_ipv6.c
projects / mirror_ubuntu-jammy-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tcp: annotate tp->copied_seq lockless reads
[mirror_ubuntu-jammy-kernel.git] / net / ipv6 / tcp_ipv6.c
CommitLineData
2874c5fd 1// SPDX-License-Identifier: GPL-2.0-or-later
1da177e4
LT		 2/*
3 * TCP over IPv6
1ab1457c 4 * Linux INET6 implementation
1da177e4
LT		 5 *
6 * Authors:
1ab1457c 7 * Pedro Roque <roque@di.fc.ul.pt>
1da177e4 8 *
1ab1457c 9 * Based on:
1da177e4
LT		 10 * linux/net/ipv4/tcp.c
11 * linux/net/ipv4/tcp_input.c
12 * linux/net/ipv4/tcp_output.c
13 *
14 * Fixes:
15 * Hideaki YOSHIFUJI : sin6_scope_id support
16 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
17 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
18 * a single port at the same time.
19 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
1da177e4
LT		 20 */
21
eb4dea58 22#include <linux/bottom_half.h>
1da177e4 23#include <linux/module.h>
1da177e4
LT		 24#include <linux/errno.h>
25#include <linux/types.h>
26#include <linux/socket.h>
27#include <linux/sockios.h>
28#include <linux/net.h>
29#include <linux/jiffies.h>
30#include <linux/in.h>
31#include <linux/in6.h>
32#include <linux/netdevice.h>
33#include <linux/init.h>
34#include <linux/jhash.h>
35#include <linux/ipsec.h>
36#include <linux/times.h>
5a0e3ad6 37#include <linux/slab.h>
4aa956d8 38#include <linux/uaccess.h>
1da177e4
LT		 39#include <linux/ipv6.h>
40#include <linux/icmpv6.h>
41#include <linux/random.h>
0e219ae4 42#include <linux/indirect_call_wrapper.h>
1da177e4
LT		 43
44#include <net/tcp.h>
45#include <net/ndisc.h>
5324a040 46#include <net/inet6_hashtables.h>
8129765a 47#include <net/inet6_connection_sock.h>
1da177e4
LT		 48#include <net/ipv6.h>
49#include <net/transp_v6.h>
50#include <net/addrconf.h>
51#include <net/ip6_route.h>
52#include <net/ip6_checksum.h>
53#include <net/inet_ecn.h>
54#include <net/protocol.h>
55#include <net/xfrm.h>
1da177e4
LT		 56#include <net/snmp.h>
57#include <net/dsfield.h>
6d6ee43e 58#include <net/timewait_sock.h>
3d58b5fa 59#include <net/inet_common.h>
6e5714ea 60#include <net/secure_seq.h>
076bb0c8 61#include <net/busy_poll.h>
1da177e4 62
1da177e4
LT		 63#include <linux/proc_fs.h>
64#include <linux/seq_file.h>
65
cf80e0e4 66#include <crypto/hash.h>
cfb6eeb4
YH		 67#include <linux/scatterlist.h>
68
c24b14c4
SL		 69#include <trace/events/tcp.h>
70
a00e7444
ED		 71static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
72static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
6edafaaf 73 struct request_sock *req);
1da177e4
LT		 74
75static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
1da177e4 76
3b401a81
SH		 77static const struct inet_connection_sock_af_ops ipv6_mapped;
78static const struct inet_connection_sock_af_ops ipv6_specific;
a928630a 79#ifdef CONFIG_TCP_MD5SIG
b2e4b3de
SH		 80static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
81static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
9501f972 82#else
51723935 83static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
b71d1d42 84 const struct in6_addr *addr)
9501f972
YH		 85{
86 return NULL;
87}
a928630a 88#endif
1da177e4 89
93a77c11
ED		 90/* Helper returning the inet6 address from a given tcp socket.
91 * It can be used in TCP stack instead of inet6_sk(sk).
92 * This avoids a dereference and allow compiler optimizations.
f5d54767 93 * It is a specialized version of inet6_sk_generic().
93a77c11
ED		 94 */
95static struct ipv6_pinfo *tcp_inet6_sk(const struct sock *sk)
96{
f5d54767 97 unsigned int offset = sizeof(struct tcp6_sock) - sizeof(struct ipv6_pinfo);
93a77c11 98
f5d54767 99 return (struct ipv6_pinfo *)(((u8 *)sk) + offset);
93a77c11
ED		 100}
101
fae6ef87
NC		 102static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
103{
104 struct dst_entry *dst = skb_dst(skb);
fae6ef87 105
5037e9ef 106 if (dst && dst_hold_safe(dst)) {
ca777eff
ED		 107 const struct rt6_info *rt = (const struct rt6_info *)dst;
108
ca777eff
ED		 109 sk->sk_rx_dst = dst;
110 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
93a77c11 111 tcp_inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt);
ca777eff 112 }
fae6ef87
NC		 113}
114
84b114b9 115static u32 tcp_v6_init_seq(const struct sk_buff *skb)
1da177e4 116{
84b114b9
ED		 117 return secure_tcpv6_seq(ipv6_hdr(skb)->daddr.s6_addr32,
118 ipv6_hdr(skb)->saddr.s6_addr32,
119 tcp_hdr(skb)->dest,
120 tcp_hdr(skb)->source);
121}
122
5d2ed052 123static u32 tcp_v6_init_ts_off(const struct net *net, const struct sk_buff *skb)
84b114b9 124{
5d2ed052 125 return secure_tcpv6_ts_off(net, ipv6_hdr(skb)->daddr.s6_addr32,
84b114b9 126 ipv6_hdr(skb)->saddr.s6_addr32);
1da177e4
LT		 127}
128
d74bad4e
AI		 129static int tcp_v6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
130 int addr_len)
131{
132 /* This check is replicated from tcp_v6_connect() and intended to
133 * prevent BPF program called below from accessing bytes that are out
134 * of the bound specified by user in addr_len.
135 */
136 if (addr_len < SIN6_LEN_RFC2133)
137 return -EINVAL;
138
139 sock_owned_by_me(sk);
140
141 return BPF_CGROUP_RUN_PROG_INET6_CONNECT(sk, uaddr);
142}
143
1ab1457c 144static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
1da177e4
LT		 145 int addr_len)
146{
147 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
1ab1457c 148 struct inet_sock *inet = inet_sk(sk);
d83d8461 149 struct inet_connection_sock *icsk = inet_csk(sk);
93a77c11 150 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1da177e4 151 struct tcp_sock *tp = tcp_sk(sk);
20c59de2 152 struct in6_addr *saddr = NULL, *final_p, final;
45f6fad8 153 struct ipv6_txoptions *opt;
4c9483b2 154 struct flowi6 fl6;
1da177e4
LT		 155 struct dst_entry *dst;
156 int addr_type;
157 int err;
1946e672 158 struct inet_timewait_death_row *tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row;
1da177e4 159
1ab1457c 160 if (addr_len < SIN6_LEN_RFC2133)
1da177e4
LT		 161 return -EINVAL;
162
1ab1457c 163 if (usin->sin6_family != AF_INET6)
a02cec21 164 return -EAFNOSUPPORT;
1da177e4 165
4c9483b2 166 memset(&fl6, 0, sizeof(fl6));
1da177e4
LT		 167
168 if (np->sndflow) {
4c9483b2
DM		 169 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
170 IP6_ECN_flow_init(fl6.flowlabel);
171 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
1da177e4 172 struct ip6_flowlabel *flowlabel;
4c9483b2 173 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
59c820b2 174 if (IS_ERR(flowlabel))
1da177e4 175 return -EINVAL;
1da177e4
LT		 176 fl6_sock_release(flowlabel);
177 }
178 }
179
180 /*
1ab1457c
YH		 181 * connect() to INADDR_ANY means loopback (BSD'ism).
182 */
183
052d2369
JL		 184 if (ipv6_addr_any(&usin->sin6_addr)) {
185 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
186 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
187 &usin->sin6_addr);
188 else
189 usin->sin6_addr = in6addr_loopback;
190 }
1da177e4
LT		 191
192 addr_type = ipv6_addr_type(&usin->sin6_addr);
193
4c99aa40 194 if (addr_type & IPV6_ADDR_MULTICAST)
1da177e4
LT		 195 return -ENETUNREACH;
196
197 if (addr_type&IPV6_ADDR_LINKLOCAL) {
198 if (addr_len >= sizeof(struct sockaddr_in6) &&
199 usin->sin6_scope_id) {
200 /* If interface is set while binding, indices
201 * must coincide.
202 */
54dc3e33 203 if (!sk_dev_equal_l3scope(sk, usin->sin6_scope_id))
1da177e4
LT		 204 return -EINVAL;
205
206 sk->sk_bound_dev_if = usin->sin6_scope_id;
207 }
208
209 /* Connect to link-local address requires an interface */
210 if (!sk->sk_bound_dev_if)
211 return -EINVAL;
212 }
213
214 if (tp->rx_opt.ts_recent_stamp &&
efe4208f 215 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
1da177e4
LT		 216 tp->rx_opt.ts_recent = 0;
217 tp->rx_opt.ts_recent_stamp = 0;
218 tp->write_seq = 0;
219 }
220
efe4208f 221 sk->sk_v6_daddr = usin->sin6_addr;
4c9483b2 222 np->flow_label = fl6.flowlabel;
1da177e4
LT		 223
224 /*
225 * TCP over IPv4
226 */
227
052d2369 228 if (addr_type & IPV6_ADDR_MAPPED) {
d83d8461 229 u32 exthdrlen = icsk->icsk_ext_hdr_len;
1da177e4
LT		 230 struct sockaddr_in sin;
231
1da177e4
LT		 232 if (__ipv6_only_sock(sk))
233 return -ENETUNREACH;
234
235 sin.sin_family = AF_INET;
236 sin.sin_port = usin->sin6_port;
237 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
238
d83d8461 239 icsk->icsk_af_ops = &ipv6_mapped;
1da177e4 240 sk->sk_backlog_rcv = tcp_v4_do_rcv;
cfb6eeb4
YH		 241#ifdef CONFIG_TCP_MD5SIG
242 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
243#endif
1da177e4
LT		 244
245 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
246
247 if (err) {
d83d8461
ACM		 248 icsk->icsk_ext_hdr_len = exthdrlen;
249 icsk->icsk_af_ops = &ipv6_specific;
1da177e4 250 sk->sk_backlog_rcv = tcp_v6_do_rcv;
cfb6eeb4
YH		 251#ifdef CONFIG_TCP_MD5SIG
252 tp->af_specific = &tcp_sock_ipv6_specific;
253#endif
1da177e4 254 goto failure;
1da177e4 255 }
d1e559d0 256 np->saddr = sk->sk_v6_rcv_saddr;
1da177e4
LT		 257
258 return err;
259 }
260
efe4208f
ED		 261 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
262 saddr = &sk->sk_v6_rcv_saddr;
1da177e4 263
4c9483b2 264 fl6.flowi6_proto = IPPROTO_TCP;
efe4208f 265 fl6.daddr = sk->sk_v6_daddr;
4e3fd7a0 266 fl6.saddr = saddr ? *saddr : np->saddr;
4c9483b2
DM		 267 fl6.flowi6_oif = sk->sk_bound_dev_if;
268 fl6.flowi6_mark = sk->sk_mark;
1958b856
DM		 269 fl6.fl6_dport = usin->sin6_port;
270 fl6.fl6_sport = inet->inet_sport;
e2d118a1 271 fl6.flowi6_uid = sk->sk_uid;
1da177e4 272
1e1d04e6 273 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
45f6fad8 274 final_p = fl6_update_dst(&fl6, opt, &final);
1da177e4 275
4c9483b2 276 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
beb8d13b 277
0e0d44ab 278 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
68d0c6d3
DM		 279 if (IS_ERR(dst)) {
280 err = PTR_ERR(dst);
1da177e4 281 goto failure;
14e50e57 282 }
1da177e4 283
63159f29 284 if (!saddr) {
4c9483b2 285 saddr = &fl6.saddr;
efe4208f 286 sk->sk_v6_rcv_saddr = *saddr;
1da177e4
LT		 287 }
288
289 /* set the source address */
4e3fd7a0 290 np->saddr = *saddr;
c720c7e8 291 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 292
f83ef8c0 293 sk->sk_gso_type = SKB_GSO_TCPV6;
6bd4f355 294 ip6_dst_store(sk, dst, NULL, NULL);
1da177e4 295
d83d8461 296 icsk->icsk_ext_hdr_len = 0;
45f6fad8
ED		 297 if (opt)
298 icsk->icsk_ext_hdr_len = opt->opt_flen +
299 opt->opt_nflen;
1da177e4
LT		 300
301 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
302
c720c7e8 303 inet->inet_dport = usin->sin6_port;
1da177e4
LT		 304
305 tcp_set_state(sk, TCP_SYN_SENT);
1946e672 306 err = inet6_hash_connect(tcp_death_row, sk);
1da177e4
LT		 307 if (err)
308 goto late_failure;
309
877d1f62 310 sk_set_txhash(sk);
9e7ceb06 311
00355fa5 312 if (likely(!tp->repair)) {
00355fa5 313 if (!tp->write_seq)
84b114b9
ED		 314 tp->write_seq = secure_tcpv6_seq(np->saddr.s6_addr32,
315 sk->sk_v6_daddr.s6_addr32,
316 inet->inet_sport,
317 inet->inet_dport);
5d2ed052
ED		 318 tp->tsoffset = secure_tcpv6_ts_off(sock_net(sk),
319 np->saddr.s6_addr32,
84b114b9 320 sk->sk_v6_daddr.s6_addr32);
00355fa5 321 }
1da177e4 322
19f6d3f3
WW		 323 if (tcp_fastopen_defer_connect(sk, &err))
324 return err;
325 if (err)
326 goto late_failure;
327
1da177e4
LT		 328 err = tcp_connect(sk);
329 if (err)
330 goto late_failure;
331
332 return 0;
333
334late_failure:
335 tcp_set_state(sk, TCP_CLOSE);
1da177e4 336failure:
c720c7e8 337 inet->inet_dport = 0;
1da177e4
LT		 338 sk->sk_route_caps = 0;
339 return err;
340}
341
563d34d0
ED		 342static void tcp_v6_mtu_reduced(struct sock *sk)
343{
344 struct dst_entry *dst;
345
346 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
347 return;
348
349 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
350 if (!dst)
351 return;
352
353 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
354 tcp_sync_mss(sk, dst_mtu(dst));
355 tcp_simple_retransmit(sk);
356 }
357}
358
32bbd879 359static int tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
d5fdd6ba 360 u8 type, u8 code, int offset, __be32 info)
1da177e4 361{
4c99aa40 362 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
505cbfc5 363 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
2215089b
ED		 364 struct net *net = dev_net(skb->dev);
365 struct request_sock *fastopen;
1da177e4 366 struct ipv6_pinfo *np;
1ab1457c 367 struct tcp_sock *tp;
0a672f74 368 __u32 seq, snd_una;
2215089b 369 struct sock *sk;
9cf74903 370 bool fatal;
2215089b 371 int err;
1da177e4 372
2215089b
ED		 373 sk = __inet6_lookup_established(net, &tcp_hashinfo,
374 &hdr->daddr, th->dest,
375 &hdr->saddr, ntohs(th->source),
4297a0ef 376 skb->dev->ifindex, inet6_sdif(skb));
1da177e4 377
2215089b 378 if (!sk) {
a16292a0
ED		 379 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
380 ICMP6_MIB_INERRORS);
32bbd879 381 return -ENOENT;
1da177e4
LT		 382 }
383
384 if (sk->sk_state == TCP_TIME_WAIT) {
9469c7b4 385 inet_twsk_put(inet_twsk(sk));
32bbd879 386 return 0;
1da177e4 387 }
2215089b 388 seq = ntohl(th->seq);
9cf74903 389 fatal = icmpv6_err_convert(type, code, &err);
32bbd879
SB		 390 if (sk->sk_state == TCP_NEW_SYN_RECV) {
391 tcp_req_err(sk, seq, fatal);
392 return 0;
393 }
1da177e4
LT		 394
395 bh_lock_sock(sk);
563d34d0 396 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
02a1d6e7 397 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
1da177e4
LT		 398
399 if (sk->sk_state == TCP_CLOSE)
400 goto out;
401
93a77c11 402 if (ipv6_hdr(skb)->hop_limit < tcp_inet6_sk(sk)->min_hopcount) {
02a1d6e7 403 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
e802af9c
SH		 404 goto out;
405 }
406
1da177e4 407 tp = tcp_sk(sk);
0a672f74 408 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
d983ea6f 409 fastopen = rcu_dereference(tp->fastopen_rsk);
0a672f74 410 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
1da177e4 411 if (sk->sk_state != TCP_LISTEN &&
0a672f74 412 !between(seq, snd_una, tp->snd_nxt)) {
02a1d6e7 413 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
1da177e4
LT		 414 goto out;
415 }
416
93a77c11 417 np = tcp_inet6_sk(sk);
1da177e4 418
ec18d9a2 419 if (type == NDISC_REDIRECT) {
45caeaa5
JM		 420 if (!sock_owned_by_user(sk)) {
421 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
ec18d9a2 422
45caeaa5
JM		 423 if (dst)
424 dst->ops->redirect(dst, sk, skb);
425 }
50a75a89 426 goto out;
ec18d9a2
DM		 427 }
428
1da177e4 429 if (type == ICMPV6_PKT_TOOBIG) {
0d4f0608
ED		 430 /* We are not interested in TCP_LISTEN and open_requests
431 * (SYN-ACKs send out by Linux are always <576bytes so
432 * they should go through unfragmented).
433 */
434 if (sk->sk_state == TCP_LISTEN)
435 goto out;
436
93b36cf3
HFS		 437 if (!ip6_sk_accept_pmtu(sk))
438 goto out;
439
563d34d0
ED		 440 tp->mtu_info = ntohl(info);
441 if (!sock_owned_by_user(sk))
442 tcp_v6_mtu_reduced(sk);
d013ef2a 443 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
7aa5470c 444 &sk->sk_tsq_flags))
d013ef2a 445 sock_hold(sk);
1da177e4
LT		 446 goto out;
447 }
448
1da177e4 449
60236fdd 450 /* Might be for an request_sock */
1da177e4 451 switch (sk->sk_state) {
1da177e4 452 case TCP_SYN_SENT:
0a672f74
YC		 453 case TCP_SYN_RECV:
454 /* Only in fast or simultaneous open. If a fast open socket is
455 * is already accepted it is treated as a connected one below.
456 */
63159f29 457 if (fastopen && !fastopen->sk)
0a672f74
YC		 458 break;
459
1da177e4 460 if (!sock_owned_by_user(sk)) {
1da177e4
LT		 461 sk->sk_err = err;
462 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
463
464 tcp_done(sk);
465 } else
466 sk->sk_err_soft = err;
467 goto out;
468 }
469
470 if (!sock_owned_by_user(sk) && np->recverr) {
471 sk->sk_err = err;
472 sk->sk_error_report(sk);
473 } else
474 sk->sk_err_soft = err;
475
476out:
477 bh_unlock_sock(sk);
478 sock_put(sk);
32bbd879 479 return 0;
1da177e4
LT		 480}
481
482
0f935dbe 483static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
d6274bd8 484 struct flowi *fl,
3840a06e 485 struct request_sock *req,
ca6fb065 486 struct tcp_fastopen_cookie *foc,
b3d05147 487 enum tcp_synack_type synack_type)
1da177e4 488{
634fb979 489 struct inet_request_sock *ireq = inet_rsk(req);
93a77c11 490 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
56ac42bc 491 struct ipv6_txoptions *opt;
d6274bd8 492 struct flowi6 *fl6 = &fl->u.ip6;
4c99aa40 493 struct sk_buff *skb;
9494218f 494 int err = -ENOMEM;
1da177e4 495
9f10d3f6 496 /* First, grab a route. */
f76b33c3
ED		 497 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
498 IPPROTO_TCP)) == NULL)
fd80eb94 499 goto done;
9494218f 500
b3d05147 501 skb = tcp_make_synack(sk, dst, req, foc, synack_type);
9494218f 502
1da177e4 503 if (skb) {
634fb979
ED		 504 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
505 &ireq->ir_v6_rmt_addr);
1da177e4 506
634fb979 507 fl6->daddr = ireq->ir_v6_rmt_addr;
53b24b8f 508 if (np->repflow && ireq->pktopts)
df3687ff
FF		 509 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
510
3e4006f0 511 rcu_read_lock();
56ac42bc
HD		 512 opt = ireq->ipv6_opt;
513 if (!opt)
514 opt = rcu_dereference(np->opt);
4f6570d7
ED		 515 err = ip6_xmit(sk, skb, fl6, sk->sk_mark, opt, np->tclass,
516 sk->sk_priority);
3e4006f0 517 rcu_read_unlock();
b9df3cb8 518 err = net_xmit_eval(err);
1da177e4
LT		 519 }
520
521done:
1da177e4
LT		 522 return err;
523}
524
72659ecc 525
60236fdd 526static void tcp_v6_reqsk_destructor(struct request_sock *req)
1da177e4 527{
56ac42bc 528 kfree(inet_rsk(req)->ipv6_opt);
634fb979 529 kfree_skb(inet_rsk(req)->pktopts);
1da177e4
LT		 530}
531
cfb6eeb4 532#ifdef CONFIG_TCP_MD5SIG
b83e3deb 533static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
b71d1d42 534 const struct in6_addr *addr)
cfb6eeb4 535{
a915da9b 536 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
cfb6eeb4
YH		 537}
538
b83e3deb 539static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
fd3a154a 540 const struct sock *addr_sk)
cfb6eeb4 541{
efe4208f 542 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
cfb6eeb4
YH		 543}
544
8917a777
ID		 545static int tcp_v6_parse_md5_keys(struct sock *sk, int optname,
546 char __user *optval, int optlen)
cfb6eeb4
YH		 547{
548 struct tcp_md5sig cmd;
549 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
8917a777 550 u8 prefixlen;
cfb6eeb4
YH		 551
552 if (optlen < sizeof(cmd))
553 return -EINVAL;
554
555 if (copy_from_user(&cmd, optval, sizeof(cmd)))
556 return -EFAULT;
557
558 if (sin6->sin6_family != AF_INET6)
559 return -EINVAL;
560
8917a777
ID		 561 if (optname == TCP_MD5SIG_EXT &&
562 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
563 prefixlen = cmd.tcpm_prefixlen;
564 if (prefixlen > 128 || (ipv6_addr_v4mapped(&sin6->sin6_addr) &&
565 prefixlen > 32))
566 return -EINVAL;
567 } else {
568 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128;
569 }
570
cfb6eeb4 571 if (!cmd.tcpm_keylen) {
e773e4fa 572 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
a915da9b 573 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
8917a777 574 AF_INET, prefixlen);
a915da9b 575 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
8917a777 576 AF_INET6, prefixlen);
cfb6eeb4
YH		 577 }
578
579 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
580 return -EINVAL;
581
a915da9b
ED		 582 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
583 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
8917a777 584 AF_INET, prefixlen, cmd.tcpm_key,
6797318e 585 cmd.tcpm_keylen, GFP_KERNEL);
cfb6eeb4 586
a915da9b 587 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
8917a777
ID		 588 AF_INET6, prefixlen, cmd.tcpm_key,
589 cmd.tcpm_keylen, GFP_KERNEL);
cfb6eeb4
YH		 590}
591
19689e38
ED		 592static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp,
593 const struct in6_addr *daddr,
594 const struct in6_addr *saddr,
595 const struct tcphdr *th, int nbytes)
cfb6eeb4 596{
cfb6eeb4 597 struct tcp6_pseudohdr *bp;
49a72dfb 598 struct scatterlist sg;
19689e38 599 struct tcphdr *_th;
8d26d76d 600
19689e38 601 bp = hp->scratch;
cfb6eeb4 602 /* 1. TCP pseudo-header (RFC2460) */
4e3fd7a0
AD		 603 bp->saddr = *saddr;
604 bp->daddr = *daddr;
49a72dfb 605 bp->protocol = cpu_to_be32(IPPROTO_TCP);
00b1304c 606 bp->len = cpu_to_be32(nbytes);
cfb6eeb4 607
19689e38
ED		 608 _th = (struct tcphdr *)(bp + 1);
609 memcpy(_th, th, sizeof(*th));
610 _th->check = 0;
611
612 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
613 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
614 sizeof(*bp) + sizeof(*th));
cf80e0e4 615 return crypto_ahash_update(hp->md5_req);
49a72dfb 616}
c7da57a1 617
19689e38 618static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
b71d1d42 619 const struct in6_addr *daddr, struct in6_addr *saddr,
318cf7aa 620 const struct tcphdr *th)
49a72dfb
AL		 621{
622 struct tcp_md5sig_pool *hp;
cf80e0e4 623 struct ahash_request *req;
49a72dfb
AL		 624
625 hp = tcp_get_md5sig_pool();
626 if (!hp)
627 goto clear_hash_noput;
cf80e0e4 628 req = hp->md5_req;
49a72dfb 629
cf80e0e4 630 if (crypto_ahash_init(req))
49a72dfb 631 goto clear_hash;
19689e38 632 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
49a72dfb
AL		 633 goto clear_hash;
634 if (tcp_md5_hash_key(hp, key))
635 goto clear_hash;
cf80e0e4
HX		 636 ahash_request_set_crypt(req, NULL, md5_hash, 0);
637 if (crypto_ahash_final(req))
cfb6eeb4 638 goto clear_hash;
cfb6eeb4 639
cfb6eeb4 640 tcp_put_md5sig_pool();
cfb6eeb4 641 return 0;
49a72dfb 642
cfb6eeb4
YH		 643clear_hash:
644 tcp_put_md5sig_pool();
645clear_hash_noput:
646 memset(md5_hash, 0, 16);
49a72dfb 647 return 1;
cfb6eeb4
YH		 648}
649
39f8e58e
ED		 650static int tcp_v6_md5_hash_skb(char *md5_hash,
651 const struct tcp_md5sig_key *key,
318cf7aa 652 const struct sock *sk,
318cf7aa 653 const struct sk_buff *skb)
cfb6eeb4 654{
b71d1d42 655 const struct in6_addr *saddr, *daddr;
49a72dfb 656 struct tcp_md5sig_pool *hp;
cf80e0e4 657 struct ahash_request *req;
318cf7aa 658 const struct tcphdr *th = tcp_hdr(skb);
cfb6eeb4 659
39f8e58e
ED		 660 if (sk) { /* valid for establish/request sockets */
661 saddr = &sk->sk_v6_rcv_saddr;
efe4208f 662 daddr = &sk->sk_v6_daddr;
49a72dfb 663 } else {
b71d1d42 664 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
49a72dfb
AL		 665 saddr = &ip6h->saddr;
666 daddr = &ip6h->daddr;
cfb6eeb4 667 }
49a72dfb
AL		 668
669 hp = tcp_get_md5sig_pool();
670 if (!hp)
671 goto clear_hash_noput;
cf80e0e4 672 req = hp->md5_req;
49a72dfb 673
cf80e0e4 674 if (crypto_ahash_init(req))
49a72dfb
AL		 675 goto clear_hash;
676
19689e38 677 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len))
49a72dfb
AL		 678 goto clear_hash;
679 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
680 goto clear_hash;
681 if (tcp_md5_hash_key(hp, key))
682 goto clear_hash;
cf80e0e4
HX		 683 ahash_request_set_crypt(req, NULL, md5_hash, 0);
684 if (crypto_ahash_final(req))
49a72dfb
AL		 685 goto clear_hash;
686
687 tcp_put_md5sig_pool();
688 return 0;
689
690clear_hash:
691 tcp_put_md5sig_pool();
692clear_hash_noput:
693 memset(md5_hash, 0, 16);
694 return 1;
cfb6eeb4
YH		 695}
696
ba8e275a
ED		 697#endif
698
699static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
700 const struct sk_buff *skb)
cfb6eeb4 701{
ba8e275a 702#ifdef CONFIG_TCP_MD5SIG
cf533ea5 703 const __u8 *hash_location = NULL;
cfb6eeb4 704 struct tcp_md5sig_key *hash_expected;
b71d1d42 705 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
318cf7aa 706 const struct tcphdr *th = tcp_hdr(skb);
cfb6eeb4 707 int genhash;
cfb6eeb4
YH		 708 u8 newhash[16];
709
710 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
7d5d5525 711 hash_location = tcp_parse_md5sig_option(th);
cfb6eeb4 712
785957d3
DM		 713 /* We've parsed the options - do we have a hash? */
714 if (!hash_expected && !hash_location)
ff74e23f 715 return false;
785957d3
DM		 716
717 if (hash_expected && !hash_location) {
c10d9310 718 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
ff74e23f 719 return true;
cfb6eeb4
YH		 720 }
721
785957d3 722 if (!hash_expected && hash_location) {
c10d9310 723 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
ff74e23f 724 return true;
cfb6eeb4
YH		 725 }
726
727 /* check the signature */
49a72dfb
AL		 728 genhash = tcp_v6_md5_hash_skb(newhash,
729 hash_expected,
39f8e58e 730 NULL, skb);
49a72dfb 731
cfb6eeb4 732 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
72145a68 733 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE);
e87cc472
JP		 734 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
735 genhash ? "failed" : "mismatch",
736 &ip6h->saddr, ntohs(th->source),
737 &ip6h->daddr, ntohs(th->dest));
ff74e23f 738 return true;
cfb6eeb4 739 }
ba8e275a 740#endif
ff74e23f 741 return false;
cfb6eeb4 742}
cfb6eeb4 743
b40cf18e
ED		 744static void tcp_v6_init_req(struct request_sock *req,
745 const struct sock *sk_listener,
16bea70a
OP		 746 struct sk_buff *skb)
747{
c2027d1e 748 bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
16bea70a 749 struct inet_request_sock *ireq = inet_rsk(req);
93a77c11 750 const struct ipv6_pinfo *np = tcp_inet6_sk(sk_listener);
16bea70a
OP		 751
752 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
753 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
754
16bea70a 755 /* So that link locals have meaning */
c2027d1e 756 if ((!sk_listener->sk_bound_dev_if || l3_slave) &&
16bea70a 757 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
870c3151 758 ireq->ir_iif = tcp_v6_iif(skb);
16bea70a 759
04317daf 760 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
b40cf18e 761 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
a224772d 762 np->rxopt.bits.rxinfo ||
16bea70a
OP		 763 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
764 np->rxopt.bits.rxohlim || np->repflow)) {
63354797 765 refcount_inc(&skb->users);
16bea70a
OP		 766 ireq->pktopts = skb;
767 }
768}
769
f964629e
ED		 770static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
771 struct flowi *fl,
4396e461 772 const struct request_sock *req)
d94e0417 773{
f76b33c3 774 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
d94e0417
OP		 775}
776
c6aefafb 777struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
1da177e4 778 .family = AF_INET6,
2e6599cb 779 .obj_size = sizeof(struct tcp6_request_sock),
5db92c99 780 .rtx_syn_ack = tcp_rtx_synack,
60236fdd
ACM		 781 .send_ack = tcp_v6_reqsk_send_ack,
782 .destructor = tcp_v6_reqsk_destructor,
72659ecc 783 .send_reset = tcp_v6_send_reset,
4aa956d8 784 .syn_ack_timeout = tcp_syn_ack_timeout,
1da177e4
LT		 785};
786
b2e4b3de 787static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
2aec4a29
OP		 788 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
789 sizeof(struct ipv6hdr),
16bea70a 790#ifdef CONFIG_TCP_MD5SIG
fd3a154a 791 .req_md5_lookup = tcp_v6_md5_lookup,
e3afe7b7 792 .calc_md5_hash = tcp_v6_md5_hash_skb,
b6332e6c 793#endif
16bea70a 794 .init_req = tcp_v6_init_req,
fb7b37a7
OP		 795#ifdef CONFIG_SYN_COOKIES
796 .cookie_init_seq = cookie_v6_init_sequence,
797#endif
d94e0417 798 .route_req = tcp_v6_route_req,
84b114b9
ED		 799 .init_seq = tcp_v6_init_seq,
800 .init_ts_off = tcp_v6_init_ts_off,
d6274bd8 801 .send_synack = tcp_v6_send_synack,
16bea70a 802};
cfb6eeb4 803
a00e7444 804static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
0f85feae
ED		 805 u32 ack, u32 win, u32 tsval, u32 tsecr,
806 int oif, struct tcp_md5sig_key *key, int rst,
e9a5dcee 807 u8 tclass, __be32 label, u32 priority)
1da177e4 808{
cf533ea5
ED		 809 const struct tcphdr *th = tcp_hdr(skb);
810 struct tcphdr *t1;
1da177e4 811 struct sk_buff *buff;
4c9483b2 812 struct flowi6 fl6;
0f85feae 813 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
e5047992 814 struct sock *ctl_sk = net->ipv6.tcp_sk;
77c676da 815 unsigned int tot_len = sizeof(struct tcphdr);
adf30907 816 struct dst_entry *dst;
81ada62d 817 __be32 *topt;
00483690 818 __u32 mark = 0;
1da177e4 819
ee684b6f 820 if (tsecr)
626e264d 821 tot_len += TCPOLEN_TSTAMP_ALIGNED;
cfb6eeb4 822#ifdef CONFIG_TCP_MD5SIG
cfb6eeb4
YH		 823 if (key)
824 tot_len += TCPOLEN_MD5SIG_ALIGNED;
825#endif
826
cfb6eeb4 827 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1da177e4 828 GFP_ATOMIC);
63159f29 829 if (!buff)
1ab1457c 830 return;
1da177e4 831
cfb6eeb4 832 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1da177e4 833
d58ff351 834 t1 = skb_push(buff, tot_len);
6651ffc8 835 skb_reset_transport_header(buff);
1da177e4
LT		 836
837 /* Swap the send and the receive. */
838 memset(t1, 0, sizeof(*t1));
839 t1->dest = th->source;
840 t1->source = th->dest;
cfb6eeb4 841 t1->doff = tot_len / 4;
626e264d
IJ		 842 t1->seq = htonl(seq);
843 t1->ack_seq = htonl(ack);
844 t1->ack = !rst || !th->ack;
845 t1->rst = rst;
846 t1->window = htons(win);
1da177e4 847
81ada62d
IJ		 848 topt = (__be32 *)(t1 + 1);
849
ee684b6f 850 if (tsecr) {
626e264d
IJ		 851 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
852 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
ee684b6f
AV		 853 *topt++ = htonl(tsval);
854 *topt++ = htonl(tsecr);
626e264d
IJ		 855 }
856
cfb6eeb4
YH		 857#ifdef CONFIG_TCP_MD5SIG
858 if (key) {
81ada62d
IJ		 859 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
860 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
861 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
78e645cb
IJ		 862 &ipv6_hdr(skb)->saddr,
863 &ipv6_hdr(skb)->daddr, t1);
cfb6eeb4
YH		 864 }
865#endif
866
4c9483b2 867 memset(&fl6, 0, sizeof(fl6));
4e3fd7a0
AD		 868 fl6.daddr = ipv6_hdr(skb)->saddr;
869 fl6.saddr = ipv6_hdr(skb)->daddr;
1d13a96c 870 fl6.flowlabel = label;
1da177e4 871
e5700aff
DM		 872 buff->ip_summed = CHECKSUM_PARTIAL;
873 buff->csum = 0;
874
4c9483b2 875 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
1da177e4 876
4c9483b2 877 fl6.flowi6_proto = IPPROTO_TCP;
a36dbdb2 878 if (rt6_need_strict(&fl6.daddr) && !oif)
870c3151 879 fl6.flowi6_oif = tcp_v6_iif(skb);
9b6c14d5
DA		 880 else {
881 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
882 oif = skb->skb_iif;
883
884 fl6.flowi6_oif = oif;
885 }
1d2f7b2d 886
c67b8555
ED		 887 if (sk) {
888 if (sk->sk_state == TCP_TIME_WAIT) {
889 mark = inet_twsk(sk)->tw_mark;
890 /* autoflowlabel relies on buff->hash */
891 skb_set_hash(buff, inet_twsk(sk)->tw_txhash,
892 PKT_HASH_TYPE_L4);
893 } else {
894 mark = sk->sk_mark;
895 }
d6fb396c 896 buff->tstamp = tcp_transmit_time(sk);
c67b8555 897 }
00483690 898 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark) ?: mark;
1958b856
DM		 899 fl6.fl6_dport = t1->dest;
900 fl6.fl6_sport = t1->source;
e2d118a1 901 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
4c9483b2 902 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
1da177e4 903
c20121ae
DL		 904 /* Pass a socket to ip6_dst_lookup either it is for RST
905 * Underlying function will use this to retrieve the network
906 * namespace
907 */
0e0d44ab 908 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
68d0c6d3
DM		 909 if (!IS_ERR(dst)) {
910 skb_dst_set(buff, dst);
4f6570d7 911 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL, tclass,
e9a5dcee 912 priority);
c10d9310 913 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
68d0c6d3 914 if (rst)
c10d9310 915 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
68d0c6d3 916 return;
1da177e4
LT		 917 }
918
919 kfree_skb(buff);
920}
921
a00e7444 922static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
1da177e4 923{
cf533ea5 924 const struct tcphdr *th = tcp_hdr(skb);
323a53c4 925 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
626e264d 926 u32 seq = 0, ack_seq = 0;
fa3e5b4e 927 struct tcp_md5sig_key *key = NULL;
658ddaaf
SL		 928#ifdef CONFIG_TCP_MD5SIG
929 const __u8 *hash_location = NULL;
658ddaaf
SL		 930 unsigned char newhash[16];
931 int genhash;
932 struct sock *sk1 = NULL;
933#endif
323a53c4 934 __be32 label = 0;
e9a5dcee 935 u32 priority = 0;
323a53c4 936 struct net *net;
c24b14c4 937 int oif = 0;
1da177e4 938
626e264d 939 if (th->rst)
1da177e4
LT		 940 return;
941
c3658e8d
ED		 942 /* If sk not NULL, it means we did a successful lookup and incoming
943 * route had to be correct. prequeue might have dropped our dst.
944 */
945 if (!sk && !ipv6_unicast_destination(skb))
626e264d 946 return;
1da177e4 947
39209673 948 net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
cfb6eeb4 949#ifdef CONFIG_TCP_MD5SIG
3b24d854 950 rcu_read_lock();
658ddaaf 951 hash_location = tcp_parse_md5sig_option(th);
271c3b9b 952 if (sk && sk_fullsock(sk)) {
e46787f0
FW		 953 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr);
954 } else if (hash_location) {
658ddaaf
SL		 955 /*
956 * active side is lost. Try to find listening socket through
957 * source port, and then find md5 key through listening socket.
958 * we are not loose security here:
959 * Incoming packet is checked with md5 hash with finding key,
960 * no RST generated if md5 hash doesn't match.
961 */
323a53c4 962 sk1 = inet6_lookup_listener(net,
a583636a
CG		 963 &tcp_hashinfo, NULL, 0,
964 &ipv6h->saddr,
5ba24953 965 th->source, &ipv6h->daddr,
24b711ed
DA		 966 ntohs(th->source),
967 tcp_v6_iif_l3_slave(skb),
4297a0ef 968 tcp_v6_sdif(skb));
658ddaaf 969 if (!sk1)
3b24d854 970 goto out;
658ddaaf 971
658ddaaf
SL		 972 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
973 if (!key)
3b24d854 974 goto out;
658ddaaf 975
39f8e58e 976 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
658ddaaf 977 if (genhash || memcmp(hash_location, newhash, 16) != 0)
3b24d854 978 goto out;
658ddaaf 979 }
cfb6eeb4
YH		 980#endif
981
626e264d
IJ		 982 if (th->ack)
983 seq = ntohl(th->ack_seq);
984 else
985 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
986 (th->doff << 2);
1da177e4 987
c24b14c4
SL		 988 if (sk) {
989 oif = sk->sk_bound_dev_if;
052e0690
ED		 990 if (sk_fullsock(sk)) {
991 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
992
5c487bb9 993 trace_tcp_send_reset(sk, skb);
052e0690
ED		 994 if (np->repflow)
995 label = ip6_flowlabel(ipv6h);
e9a5dcee 996 priority = sk->sk_priority;
052e0690 997 }
f6c0f5d2 998 if (sk->sk_state == TCP_TIME_WAIT) {
50a8accf 999 label = cpu_to_be32(inet_twsk(sk)->tw_flowlabel);
f6c0f5d2
ED		 1000 priority = inet_twsk(sk)->tw_priority;
1001 }
323a53c4 1002 } else {
a346abe0 1003 if (net->ipv6.sysctl.flowlabel_reflect & FLOWLABEL_REFLECT_TCP_RESET)
323a53c4 1004 label = ip6_flowlabel(ipv6h);
c24b14c4
SL		 1005 }
1006
323a53c4 1007 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0,
e9a5dcee 1008 label, priority);
658ddaaf
SL		 1009
1010#ifdef CONFIG_TCP_MD5SIG
3b24d854
ED		 1011out:
1012 rcu_read_unlock();
658ddaaf 1013#endif
626e264d 1014}
1da177e4 1015
a00e7444 1016static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
0f85feae 1017 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
1d13a96c 1018 struct tcp_md5sig_key *key, u8 tclass,
e9a5dcee 1019 __be32 label, u32 priority)
626e264d 1020{
0f85feae 1021 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
e9a5dcee 1022 tclass, label, priority);
1da177e4
LT		 1023}
1024
1025static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1026{
8feaf0c0 1027 struct inet_timewait_sock *tw = inet_twsk(sk);
cfb6eeb4 1028 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1da177e4 1029
0f85feae 1030 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
8feaf0c0 1031 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
9a568de4 1032 tcp_time_stamp_raw() + tcptw->tw_ts_offset,
9c76a114 1033 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
f6c0f5d2 1034 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel), tw->tw_priority);
1da177e4 1035
8feaf0c0 1036 inet_twsk_put(tw);
1da177e4
LT		 1037}
1038
a00e7444 1039static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
6edafaaf 1040 struct request_sock *req)
1da177e4 1041{
3a19ce0e
DL		 1042 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
1043 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
1044 */
20a2b49f
ED		 1045 /* RFC 7323 2.3
1046 * The window field (SEG.WND) of every outgoing segment, with the
1047 * exception of <SYN> segments, MUST be right-shifted by
1048 * Rcv.Wind.Shift bits:
1049 */
0f85feae 1050 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
3a19ce0e 1051 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
20a2b49f
ED		 1052 tcp_rsk(req)->rcv_nxt,
1053 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
9a568de4 1054 tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
95a22cae 1055 req->ts_recent, sk->sk_bound_dev_if,
30791ac4 1056 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr),
e9a5dcee 1057 0, 0, sk->sk_priority);
1da177e4
LT		 1058}
1059
1060
079096f1 1061static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
1da177e4 1062{
079096f1 1063#ifdef CONFIG_SYN_COOKIES
aa8223c7 1064 const struct tcphdr *th = tcp_hdr(skb);
1da177e4 1065
af9b4738 1066 if (!th->syn)
c6aefafb 1067 sk = cookie_v6_check(sk, skb);
1da177e4
LT		 1068#endif
1069 return sk;
1070}
1071
9349d600
PP		 1072u16 tcp_v6_get_syncookie(struct sock *sk, struct ipv6hdr *iph,
1073 struct tcphdr *th, u32 *cookie)
1074{
1075 u16 mss = 0;
1076#ifdef CONFIG_SYN_COOKIES
1077 mss = tcp_get_syncookie_mss(&tcp6_request_sock_ops,
1078 &tcp_request_sock_ipv6_ops, sk, th);
1079 if (mss) {
1080 *cookie = __cookie_v6_init_sequence(iph, th, &mss);
1081 tcp_synq_overflow(sk);
1082 }
1083#endif
1084 return mss;
1085}
1086
1da177e4
LT		 1087static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1088{
1da177e4
LT		 1089 if (skb->protocol == htons(ETH_P_IP))
1090 return tcp_v4_conn_request(sk, skb);
1091
1092 if (!ipv6_unicast_destination(skb))
1ab1457c 1093 goto drop;
1da177e4 1094
1fb6f159
OP		 1095 return tcp_conn_request(&tcp6_request_sock_ops,
1096 &tcp_request_sock_ipv6_ops, sk, skb);
1da177e4
LT		 1097
1098drop:
9caad864 1099 tcp_listendrop(sk);
1da177e4
LT		 1100 return 0; /* don't send reset */
1101}
1102
ebf6c9cb
ED		 1103static void tcp_v6_restore_cb(struct sk_buff *skb)
1104{
1105 /* We need to move header back to the beginning if xfrm6_policy_check()
1106 * and tcp_v6_fill_cb() are going to be called again.
1107 * ip6_datagram_recv_specific_ctl() also expects IP6CB to be there.
1108 */
1109 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1110 sizeof(struct inet6_skb_parm));
1111}
1112
0c27171e 1113static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
4c99aa40 1114 struct request_sock *req,
5e0724d0
ED		 1115 struct dst_entry *dst,
1116 struct request_sock *req_unhash,
1117 bool *own_req)
1da177e4 1118{
634fb979 1119 struct inet_request_sock *ireq;
0c27171e 1120 struct ipv6_pinfo *newnp;
93a77c11 1121 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
45f6fad8 1122 struct ipv6_txoptions *opt;
1da177e4
LT		 1123 struct inet_sock *newinet;
1124 struct tcp_sock *newtp;
1125 struct sock *newsk;
cfb6eeb4
YH		 1126#ifdef CONFIG_TCP_MD5SIG
1127 struct tcp_md5sig_key *key;
1128#endif
3840a06e 1129 struct flowi6 fl6;
1da177e4
LT		 1130
1131 if (skb->protocol == htons(ETH_P_IP)) {
1132 /*
1133 * v6 mapped
1134 */
1135
5e0724d0
ED		 1136 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1137 req_unhash, own_req);
1da177e4 1138
63159f29 1139 if (!newsk)
1da177e4
LT		 1140 return NULL;
1141
93a77c11 1142 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1da177e4
LT		 1143
1144 newinet = inet_sk(newsk);
93a77c11 1145 newnp = tcp_inet6_sk(newsk);
1da177e4
LT		 1146 newtp = tcp_sk(newsk);
1147
1148 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1149
d1e559d0 1150 newnp->saddr = newsk->sk_v6_rcv_saddr;
1da177e4 1151
8292a17a 1152 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1da177e4 1153 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
cfb6eeb4
YH		 1154#ifdef CONFIG_TCP_MD5SIG
1155 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1156#endif
1157
83eaddab 1158 newnp->ipv6_mc_list = NULL;
676a1184
YZ		 1159 newnp->ipv6_ac_list = NULL;
1160 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1161 newnp->pktoptions = NULL;
1162 newnp->opt = NULL;
89e41309
ED		 1163 newnp->mcast_oif = inet_iif(skb);
1164 newnp->mcast_hops = ip_hdr(skb)->ttl;
1165 newnp->rcv_flowinfo = 0;
df3687ff 1166 if (np->repflow)
89e41309 1167 newnp->flow_label = 0;
1da177e4 1168
e6848976
ACM		 1169 /*
1170 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1171 * here, tcp_create_openreq_child now does this for us, see the comment in
1172 * that function for the gory details. -acme
1da177e4 1173 */
1da177e4
LT		 1174
1175 /* It is tricky place. Until this moment IPv4 tcp
8292a17a 1176 worked with IPv6 icsk.icsk_af_ops.
1da177e4
LT		 1177 Sync it now.
1178 */
d83d8461 1179 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1da177e4
LT		 1180
1181 return newsk;
1182 }
1183
634fb979 1184 ireq = inet_rsk(req);
1da177e4
LT		 1185
1186 if (sk_acceptq_is_full(sk))
1187 goto out_overflow;
1188
493f377d 1189 if (!dst) {
f76b33c3 1190 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
493f377d 1191 if (!dst)
1da177e4 1192 goto out;
1ab1457c 1193 }
1da177e4
LT		 1194
1195 newsk = tcp_create_openreq_child(sk, req, skb);
63159f29 1196 if (!newsk)
093d2823 1197 goto out_nonewsk;
1da177e4 1198
e6848976
ACM		 1199 /*
1200 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1201 * count here, tcp_create_openreq_child now does this for us, see the
1202 * comment in that function for the gory details. -acme
1203 */
1da177e4 1204
59eed279 1205 newsk->sk_gso_type = SKB_GSO_TCPV6;
6bd4f355 1206 ip6_dst_store(newsk, dst, NULL, NULL);
fae6ef87 1207 inet6_sk_rx_dst_set(newsk, skb);
1da177e4 1208
93a77c11 1209 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1da177e4
LT		 1210
1211 newtp = tcp_sk(newsk);
1212 newinet = inet_sk(newsk);
93a77c11 1213 newnp = tcp_inet6_sk(newsk);
1da177e4
LT		 1214
1215 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1216
634fb979
ED		 1217 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1218 newnp->saddr = ireq->ir_v6_loc_addr;
1219 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1220 newsk->sk_bound_dev_if = ireq->ir_iif;
1da177e4 1221
1ab1457c 1222 /* Now IPv6 options...
1da177e4
LT		 1223
1224 First: no IPv4 options.
1225 */
f6d8bd05 1226 newinet->inet_opt = NULL;
83eaddab 1227 newnp->ipv6_mc_list = NULL;
676a1184 1228 newnp->ipv6_ac_list = NULL;
d35690be 1229 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1230
1231 /* Clone RX bits */
1232 newnp->rxopt.all = np->rxopt.all;
1233
1da177e4 1234 newnp->pktoptions = NULL;
1da177e4 1235 newnp->opt = NULL;
870c3151 1236 newnp->mcast_oif = tcp_v6_iif(skb);
0660e03f 1237 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1397ed35 1238 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
df3687ff
FF		 1239 if (np->repflow)
1240 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1da177e4
LT		 1241
1242 /* Clone native IPv6 options from listening socket (if any)
1243
1244 Yes, keeping reference count would be much more clever,
1245 but we make one more one thing there: reattach optmem
1246 to newsk.
1247 */
56ac42bc
HD		 1248 opt = ireq->ipv6_opt;
1249 if (!opt)
1250 opt = rcu_dereference(np->opt);
45f6fad8
ED		 1251 if (opt) {
1252 opt = ipv6_dup_options(newsk, opt);
1253 RCU_INIT_POINTER(newnp->opt, opt);
1254 }
d83d8461 1255 inet_csk(newsk)->icsk_ext_hdr_len = 0;
45f6fad8
ED		 1256 if (opt)
1257 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1258 opt->opt_flen;
1da177e4 1259
81164413
DB		 1260 tcp_ca_openreq_child(newsk, dst);
1261
1da177e4 1262 tcp_sync_mss(newsk, dst_mtu(dst));
3541f9e8 1263 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
d135c522 1264
1da177e4
LT		 1265 tcp_initialize_rcv_mss(newsk);
1266
c720c7e8
ED		 1267 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1268 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 1269
cfb6eeb4
YH		 1270#ifdef CONFIG_TCP_MD5SIG
1271 /* Copy over the MD5 key from the original socket */
4aa956d8 1272 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
53b24b8f 1273 if (key) {
cfb6eeb4
YH		 1274 /* We're using one, so create a matching key
1275 * on the newsk structure. If we fail to get
1276 * memory, then we end up not copying the key
1277 * across. Shucks.
1278 */
efe4208f 1279 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
6797318e 1280 AF_INET6, 128, key->key, key->keylen,
7450aaf6 1281 sk_gfp_mask(sk, GFP_ATOMIC));
cfb6eeb4
YH		 1282 }
1283#endif
1284
093d2823 1285 if (__inet_inherit_port(sk, newsk) < 0) {
e337e24d
CP		 1286 inet_csk_prepare_forced_close(newsk);
1287 tcp_done(newsk);
093d2823
BS		 1288 goto out;
1289 }
5e0724d0 1290 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
805c4bc0 1291 if (*own_req) {
49a496c9 1292 tcp_move_syn(newtp, req);
805c4bc0
ED		 1293
1294 /* Clone pktoptions received with SYN, if we own the req */
1295 if (ireq->pktopts) {
1296 newnp->pktoptions = skb_clone(ireq->pktopts,
7450aaf6 1297 sk_gfp_mask(sk, GFP_ATOMIC));
805c4bc0
ED		 1298 consume_skb(ireq->pktopts);
1299 ireq->pktopts = NULL;
ebf6c9cb
ED		 1300 if (newnp->pktoptions) {
1301 tcp_v6_restore_cb(newnp->pktoptions);
805c4bc0 1302 skb_set_owner_r(newnp->pktoptions, newsk);
ebf6c9cb 1303 }
805c4bc0 1304 }
ce105008 1305 }
1da177e4
LT		 1306
1307 return newsk;
1308
1309out_overflow:
02a1d6e7 1310 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
093d2823 1311out_nonewsk:
1da177e4 1312 dst_release(dst);
093d2823 1313out:
9caad864 1314 tcp_listendrop(sk);
1da177e4
LT		 1315 return NULL;
1316}
1317
1da177e4 1318/* The socket must have it's spinlock held when we get
e994b2f0 1319 * here, unless it is a TCP_LISTEN socket.
1da177e4
LT		 1320 *
1321 * We have a potential double-lock case here, so even when
1322 * doing backlog processing we use the BH locking scheme.
1323 * This is because we cannot sleep with the original spinlock
1324 * held.
1325 */
1326static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1327{
93a77c11 1328 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1da177e4 1329 struct sk_buff *opt_skb = NULL;
93a77c11 1330 struct tcp_sock *tp;
1da177e4
LT		 1331
1332 /* Imagine: socket is IPv6. IPv4 packet arrives,
1333 goes to IPv4 receive handler and backlogged.
1334 From backlog it always goes here. Kerboom...
1335 Fortunately, tcp_rcv_established and rcv_established
1336 handle them correctly, but it is not case with
1337 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1338 */
1339
1340 if (skb->protocol == htons(ETH_P_IP))
1341 return tcp_v4_do_rcv(sk, skb);
1342
1da177e4
LT		 1343 /*
1344 * socket locking is here for SMP purposes as backlog rcv
1345 * is currently called with bh processing disabled.
1346 */
1347
1348 /* Do Stevens' IPV6_PKTOPTIONS.
1349
1350 Yes, guys, it is the only place in our code, where we
1351 may make it not affecting IPv4.
1352 The rest of code is protocol independent,
1353 and I do not like idea to uglify IPv4.
1354
1355 Actually, all the idea behind IPV6_PKTOPTIONS
1356 looks not very well thought. For now we latch
1357 options, received in the last packet, enqueued
1358 by tcp. Feel free to propose better solution.
1ab1457c 1359 --ANK (980728)
1da177e4
LT		 1360 */
1361 if (np->rxopt.all)
7450aaf6 1362 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC));
1da177e4
LT		 1363
1364 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
5d299f3d
ED		 1365 struct dst_entry *dst = sk->sk_rx_dst;
1366
bdeab991 1367 sock_rps_save_rxhash(sk, skb);
3d97379a 1368 sk_mark_napi_id(sk, skb);
5d299f3d
ED		 1369 if (dst) {
1370 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1371 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1372 dst_release(dst);
1373 sk->sk_rx_dst = NULL;
1374 }
1375 }
1376
3d97d88e 1377 tcp_rcv_established(sk, skb);
1da177e4
LT		 1378 if (opt_skb)
1379 goto ipv6_pktoptions;
1380 return 0;
1381 }
1382
12e25e10 1383 if (tcp_checksum_complete(skb))
1da177e4
LT		 1384 goto csum_err;
1385
1ab1457c 1386 if (sk->sk_state == TCP_LISTEN) {
079096f1
ED		 1387 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1388
1da177e4
LT		 1389 if (!nsk)
1390 goto discard;
1391
4c99aa40 1392 if (nsk != sk) {
1da177e4
LT		 1393 if (tcp_child_process(sk, nsk, skb))
1394 goto reset;
1395 if (opt_skb)
1396 __kfree_skb(opt_skb);
1397 return 0;
1398 }
47482f13 1399 } else
bdeab991 1400 sock_rps_save_rxhash(sk, skb);
1da177e4 1401
72ab4a86 1402 if (tcp_rcv_state_process(sk, skb))
1da177e4 1403 goto reset;
1da177e4
LT		 1404 if (opt_skb)
1405 goto ipv6_pktoptions;
1406 return 0;
1407
1408reset:
cfb6eeb4 1409 tcp_v6_send_reset(sk, skb);
1da177e4
LT		 1410discard:
1411 if (opt_skb)
1412 __kfree_skb(opt_skb);
1413 kfree_skb(skb);
1414 return 0;
1415csum_err:
c10d9310
ED		 1416 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1417 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1da177e4
LT		 1418 goto discard;
1419
1420
1421ipv6_pktoptions:
1422 /* Do you ask, what is it?
1423
1424 1. skb was enqueued by tcp.
1425 2. skb is added to tail of read queue, rather than out of order.
1426 3. socket is not in passive state.
1427 4. Finally, it really contains options, which user wants to receive.
1428 */
1429 tp = tcp_sk(sk);
1430 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1431 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
333fad53 1432 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
870c3151 1433 np->mcast_oif = tcp_v6_iif(opt_skb);
333fad53 1434 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
0660e03f 1435 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
82e9f105 1436 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1397ed35 1437 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
df3687ff
FF		 1438 if (np->repflow)
1439 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
a224772d 1440 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1da177e4 1441 skb_set_owner_r(opt_skb, sk);
8ce48623 1442 tcp_v6_restore_cb(opt_skb);
1da177e4
LT		 1443 opt_skb = xchg(&np->pktoptions, opt_skb);
1444 } else {
1445 __kfree_skb(opt_skb);
1446 opt_skb = xchg(&np->pktoptions, NULL);
1447 }
1448 }
1449
800d55f1 1450 kfree_skb(opt_skb);
1da177e4
LT		 1451 return 0;
1452}
1453
2dc49d16
ND		 1454static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1455 const struct tcphdr *th)
1456{
1457 /* This is tricky: we move IP6CB at its correct location into
1458 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1459 * _decode_session6() uses IP6CB().
1460 * barrier() makes sure compiler won't play aliasing games.
1461 */
1462 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1463 sizeof(struct inet6_skb_parm));
1464 barrier();
1465
1466 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1467 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1468 skb->len - th->doff*4);
1469 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1470 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1471 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1472 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1473 TCP_SKB_CB(skb)->sacked = 0;
98aaa913
MM		 1474 TCP_SKB_CB(skb)->has_rxtstamp =
1475 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
2dc49d16
ND		 1476}
1477
0e219ae4 1478INDIRECT_CALLABLE_SCOPE int tcp_v6_rcv(struct sk_buff *skb)
1da177e4 1479{
8b27dae5 1480 struct sk_buff *skb_to_free;
4297a0ef 1481 int sdif = inet6_sdif(skb);
cf533ea5 1482 const struct tcphdr *th;
b71d1d42 1483 const struct ipv6hdr *hdr;
3b24d854 1484 bool refcounted;
1da177e4
LT		 1485 struct sock *sk;
1486 int ret;
a86b1e30 1487 struct net *net = dev_net(skb->dev);
1da177e4
LT		 1488
1489 if (skb->pkt_type != PACKET_HOST)
1490 goto discard_it;
1491
1492 /*
1493 * Count it even if it's bad.
1494 */
90bbcc60 1495 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1da177e4
LT		 1496
1497 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1498 goto discard_it;
1499
ea1627c2 1500 th = (const struct tcphdr *)skb->data;
1da177e4 1501
ea1627c2 1502 if (unlikely(th->doff < sizeof(struct tcphdr)/4))
1da177e4
LT		 1503 goto bad_packet;
1504 if (!pskb_may_pull(skb, th->doff*4))
1505 goto discard_it;
1506
e4f45b7f 1507 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
6a5dc9e5 1508 goto csum_error;
1da177e4 1509
ea1627c2 1510 th = (const struct tcphdr *)skb->data;
e802af9c 1511 hdr = ipv6_hdr(skb);
1da177e4 1512
4bdc3d66 1513lookup:
a583636a 1514 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th),
4297a0ef 1515 th->source, th->dest, inet6_iif(skb), sdif,
3b24d854 1516 &refcounted);
1da177e4
LT		 1517 if (!sk)
1518 goto no_tcp_socket;
1519
1520process:
1521 if (sk->sk_state == TCP_TIME_WAIT)
1522 goto do_time_wait;
1523
079096f1
ED		 1524 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1525 struct request_sock *req = inet_reqsk(sk);
e0f9759f 1526 bool req_stolen = false;
7716682c 1527 struct sock *nsk;
079096f1
ED		 1528
1529 sk = req->rsk_listener;
079096f1 1530 if (tcp_v6_inbound_md5_hash(sk, skb)) {
e65c332d 1531 sk_drops_add(sk, skb);
079096f1
ED		 1532 reqsk_put(req);
1533 goto discard_it;
1534 }
4fd44a98
FL		 1535 if (tcp_checksum_complete(skb)) {
1536 reqsk_put(req);
1537 goto csum_error;
1538 }
7716682c 1539 if (unlikely(sk->sk_state != TCP_LISTEN)) {
f03f2e15 1540 inet_csk_reqsk_queue_drop_and_put(sk, req);
4bdc3d66
ED		 1541 goto lookup;
1542 }
7716682c 1543 sock_hold(sk);
3b24d854 1544 refcounted = true;
1f3b359f 1545 nsk = NULL;
eeea10b8
ED		 1546 if (!tcp_filter(sk, skb)) {
1547 th = (const struct tcphdr *)skb->data;
1548 hdr = ipv6_hdr(skb);
1549 tcp_v6_fill_cb(skb, hdr, th);
e0f9759f 1550 nsk = tcp_check_req(sk, skb, req, false, &req_stolen);
eeea10b8 1551 }
079096f1
ED		 1552 if (!nsk) {
1553 reqsk_put(req);
e0f9759f
ED		 1554 if (req_stolen) {
1555 /* Another cpu got exclusive access to req
1556 * and created a full blown socket.
1557 * Try to feed this packet to this socket
1558 * instead of discarding it.
1559 */
1560 tcp_v6_restore_cb(skb);
1561 sock_put(sk);
1562 goto lookup;
1563 }
7716682c 1564 goto discard_and_relse;
079096f1
ED		 1565 }
1566 if (nsk == sk) {
079096f1
ED		 1567 reqsk_put(req);
1568 tcp_v6_restore_cb(skb);
1569 } else if (tcp_child_process(sk, nsk, skb)) {
1570 tcp_v6_send_reset(nsk, skb);
7716682c 1571 goto discard_and_relse;
079096f1 1572 } else {
7716682c 1573 sock_put(sk);
079096f1
ED		 1574 return 0;
1575 }
1576 }
93a77c11 1577 if (hdr->hop_limit < tcp_inet6_sk(sk)->min_hopcount) {
02a1d6e7 1578 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
e802af9c
SH		 1579 goto discard_and_relse;
1580 }
1581
1da177e4
LT		 1582 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1583 goto discard_and_relse;
1584
9ea88a15
DP		 1585 if (tcp_v6_inbound_md5_hash(sk, skb))
1586 goto discard_and_relse;
9ea88a15 1587
ac6e7800 1588 if (tcp_filter(sk, skb))
1da177e4 1589 goto discard_and_relse;
ac6e7800
ED		 1590 th = (const struct tcphdr *)skb->data;
1591 hdr = ipv6_hdr(skb);
eeea10b8 1592 tcp_v6_fill_cb(skb, hdr, th);
1da177e4
LT		 1593
1594 skb->dev = NULL;
1595
e994b2f0
ED		 1596 if (sk->sk_state == TCP_LISTEN) {
1597 ret = tcp_v6_do_rcv(sk, skb);
1598 goto put_and_return;
1599 }
1600
1601 sk_incoming_cpu_update(sk);
1602
293b9c42 1603 bh_lock_sock_nested(sk);
a44d6eac 1604 tcp_segs_in(tcp_sk(sk), skb);
1da177e4
LT		 1605 ret = 0;
1606 if (!sock_owned_by_user(sk)) {
8b27dae5
ED		 1607 skb_to_free = sk->sk_rx_skb_cache;
1608 sk->sk_rx_skb_cache = NULL;
e7942d06 1609 ret = tcp_v6_do_rcv(sk, skb);
8b27dae5
ED		 1610 } else {
1611 if (tcp_add_backlog(sk, skb))
1612 goto discard_and_relse;
1613 skb_to_free = NULL;
6b03a53a 1614 }
1da177e4 1615 bh_unlock_sock(sk);
8b27dae5
ED		 1616 if (skb_to_free)
1617 __kfree_skb(skb_to_free);
e994b2f0 1618put_and_return:
3b24d854
ED		 1619 if (refcounted)
1620 sock_put(sk);
1da177e4
LT		 1621 return ret ? -1 : 0;
1622
1623no_tcp_socket:
1624 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1625 goto discard_it;
1626
2dc49d16
ND		 1627 tcp_v6_fill_cb(skb, hdr, th);
1628
12e25e10 1629 if (tcp_checksum_complete(skb)) {
6a5dc9e5 1630csum_error:
90bbcc60 1631 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1da177e4 1632bad_packet:
90bbcc60 1633 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1da177e4 1634 } else {
cfb6eeb4 1635 tcp_v6_send_reset(NULL, skb);
1da177e4
LT		 1636 }
1637
1638discard_it:
1da177e4
LT		 1639 kfree_skb(skb);
1640 return 0;
1641
1642discard_and_relse:
532182cd 1643 sk_drops_add(sk, skb);
3b24d854
ED		 1644 if (refcounted)
1645 sock_put(sk);
1da177e4
LT		 1646 goto discard_it;
1647
1648do_time_wait:
1649 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
9469c7b4 1650 inet_twsk_put(inet_twsk(sk));
1da177e4
LT		 1651 goto discard_it;
1652 }
1653
2dc49d16
ND		 1654 tcp_v6_fill_cb(skb, hdr, th);
1655
6a5dc9e5
ED		 1656 if (tcp_checksum_complete(skb)) {
1657 inet_twsk_put(inet_twsk(sk));
1658 goto csum_error;
1da177e4
LT		 1659 }
1660
9469c7b4 1661 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1da177e4
LT		 1662 case TCP_TW_SYN:
1663 {
1664 struct sock *sk2;
1665
c346dca1 1666 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
a583636a 1667 skb, __tcp_hdrlen(th),
5ba24953 1668 &ipv6_hdr(skb)->saddr, th->source,
0660e03f 1669 &ipv6_hdr(skb)->daddr,
24b711ed
DA		 1670 ntohs(th->dest),
1671 tcp_v6_iif_l3_slave(skb),
4297a0ef 1672 sdif);
53b24b8f 1673 if (sk2) {
295ff7ed 1674 struct inet_timewait_sock *tw = inet_twsk(sk);
dbe7faa4 1675 inet_twsk_deschedule_put(tw);
1da177e4 1676 sk = sk2;
4ad19de8 1677 tcp_v6_restore_cb(skb);
3b24d854 1678 refcounted = false;
1da177e4
LT		 1679 goto process;
1680 }
1da177e4 1681 }
275757e6
GS		 1682 /* to ACK */
1683 /* fall through */
1da177e4
LT		 1684 case TCP_TW_ACK:
1685 tcp_v6_timewait_ack(sk, skb);
1686 break;
1687 case TCP_TW_RST:
271c3b9b
FW		 1688 tcp_v6_send_reset(sk, skb);
1689 inet_twsk_deschedule_put(inet_twsk(sk));
1690 goto discard_it;
4aa956d8
WY		 1691 case TCP_TW_SUCCESS:
1692 ;
1da177e4
LT		 1693 }
1694 goto discard_it;
1695}
1696
97ff7ffb 1697INDIRECT_CALLABLE_SCOPE void tcp_v6_early_demux(struct sk_buff *skb)
c7109986
ED		 1698{
1699 const struct ipv6hdr *hdr;
1700 const struct tcphdr *th;
1701 struct sock *sk;
1702
1703 if (skb->pkt_type != PACKET_HOST)
1704 return;
1705
1706 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1707 return;
1708
1709 hdr = ipv6_hdr(skb);
1710 th = tcp_hdr(skb);
1711
1712 if (th->doff < sizeof(struct tcphdr) / 4)
1713 return;
1714
870c3151 1715 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
c7109986
ED		 1716 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1717 &hdr->saddr, th->source,
1718 &hdr->daddr, ntohs(th->dest),
4297a0ef 1719 inet6_iif(skb), inet6_sdif(skb));
c7109986
ED		 1720 if (sk) {
1721 skb->sk = sk;
1722 skb->destructor = sock_edemux;
f7e4eb03 1723 if (sk_fullsock(sk)) {
d0c294c5 1724 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
f3f12135 1725
c7109986 1726 if (dst)
93a77c11 1727 dst = dst_check(dst, tcp_inet6_sk(sk)->rx_dst_cookie);
c7109986 1728 if (dst &&
f3f12135 1729 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
c7109986
ED		 1730 skb_dst_set_noref(skb, dst);
1731 }
1732 }
1733}
1734
ccb7c410
DM		 1735static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1736 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1737 .twsk_unique = tcp_twsk_unique,
4aa956d8 1738 .twsk_destructor = tcp_twsk_destructor,
ccb7c410
DM		 1739};
1740
3b401a81 1741static const struct inet_connection_sock_af_ops ipv6_specific = {
543d9cfe
ACM		 1742 .queue_xmit = inet6_csk_xmit,
1743 .send_check = tcp_v6_send_check,
1744 .rebuild_header = inet6_sk_rebuild_header,
5d299f3d 1745 .sk_rx_dst_set = inet6_sk_rx_dst_set,
543d9cfe
ACM		 1746 .conn_request = tcp_v6_conn_request,
1747 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe 1748 .net_header_len = sizeof(struct ipv6hdr),
67469601 1749 .net_frag_header_len = sizeof(struct frag_hdr),
543d9cfe
ACM		 1750 .setsockopt = ipv6_setsockopt,
1751 .getsockopt = ipv6_getsockopt,
1752 .addr2sockaddr = inet6_csk_addr2sockaddr,
1753 .sockaddr_len = sizeof(struct sockaddr_in6),
3fdadf7d 1754#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1755 .compat_setsockopt = compat_ipv6_setsockopt,
1756 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1757#endif
4fab9071 1758 .mtu_reduced = tcp_v6_mtu_reduced,
1da177e4
LT		 1759};
1760
cfb6eeb4 1761#ifdef CONFIG_TCP_MD5SIG
b2e4b3de 1762static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
cfb6eeb4 1763 .md5_lookup = tcp_v6_md5_lookup,
49a72dfb 1764 .calc_md5_hash = tcp_v6_md5_hash_skb,
cfb6eeb4 1765 .md5_parse = tcp_v6_parse_md5_keys,
cfb6eeb4 1766};
a928630a 1767#endif
cfb6eeb4 1768
1da177e4
LT		 1769/*
1770 * TCP over IPv4 via INET6 API
1771 */
3b401a81 1772static const struct inet_connection_sock_af_ops ipv6_mapped = {
543d9cfe
ACM		 1773 .queue_xmit = ip_queue_xmit,
1774 .send_check = tcp_v4_send_check,
1775 .rebuild_header = inet_sk_rebuild_header,
63d02d15 1776 .sk_rx_dst_set = inet_sk_rx_dst_set,
543d9cfe
ACM		 1777 .conn_request = tcp_v6_conn_request,
1778 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe
ACM		 1779 .net_header_len = sizeof(struct iphdr),
1780 .setsockopt = ipv6_setsockopt,
1781 .getsockopt = ipv6_getsockopt,
1782 .addr2sockaddr = inet6_csk_addr2sockaddr,
1783 .sockaddr_len = sizeof(struct sockaddr_in6),
3fdadf7d 1784#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1785 .compat_setsockopt = compat_ipv6_setsockopt,
1786 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1787#endif
4fab9071 1788 .mtu_reduced = tcp_v4_mtu_reduced,
1da177e4
LT		 1789};
1790
cfb6eeb4 1791#ifdef CONFIG_TCP_MD5SIG
b2e4b3de 1792static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
cfb6eeb4 1793 .md5_lookup = tcp_v4_md5_lookup,
49a72dfb 1794 .calc_md5_hash = tcp_v4_md5_hash_skb,
cfb6eeb4 1795 .md5_parse = tcp_v6_parse_md5_keys,
cfb6eeb4 1796};
a928630a 1797#endif
cfb6eeb4 1798
1da177e4
LT		 1799/* NOTE: A lot of things set to zero explicitly by call to
1800 * sk_alloc() so need not be done here.
1801 */
1802static int tcp_v6_init_sock(struct sock *sk)
1803{
6687e988 1804 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4 1805
900f65d3 1806 tcp_init_sock(sk);
1da177e4 1807
8292a17a 1808 icsk->icsk_af_ops = &ipv6_specific;
1da177e4 1809
cfb6eeb4 1810#ifdef CONFIG_TCP_MD5SIG
ac807fa8 1811 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
cfb6eeb4
YH		 1812#endif
1813
1da177e4
LT		 1814 return 0;
1815}
1816
7d06b2e0 1817static void tcp_v6_destroy_sock(struct sock *sk)
1da177e4 1818{
1da177e4 1819 tcp_v4_destroy_sock(sk);
7d06b2e0 1820 inet6_destroy_sock(sk);
1da177e4
LT		 1821}
1822
952a10be 1823#ifdef CONFIG_PROC_FS
1da177e4 1824/* Proc filesystem TCPv6 sock list dumping. */
1ab1457c 1825static void get_openreq6(struct seq_file *seq,
aa3a0c8c 1826 const struct request_sock *req, int i)
1da177e4 1827{
fa76ce73 1828 long ttd = req->rsk_timer.expires - jiffies;
634fb979
ED		 1829 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1830 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1da177e4
LT		 1831
1832 if (ttd < 0)
1833 ttd = 0;
1834
1da177e4
LT		 1835 seq_printf(seq,
1836 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
d14c5ab6 1837 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1da177e4
LT		 1838 i,
1839 src->s6_addr32[0], src->s6_addr32[1],
1840 src->s6_addr32[2], src->s6_addr32[3],
b44084c2 1841 inet_rsk(req)->ir_num,
1da177e4
LT		 1842 dest->s6_addr32[0], dest->s6_addr32[1],
1843 dest->s6_addr32[2], dest->s6_addr32[3],
634fb979 1844 ntohs(inet_rsk(req)->ir_rmt_port),
1da177e4 1845 TCP_SYN_RECV,
4c99aa40 1846 0, 0, /* could print option size, but that is af dependent. */
1ab1457c
YH		 1847 1, /* timers active (only the expire timer) */
1848 jiffies_to_clock_t(ttd),
e6c022a4 1849 req->num_timeout,
aa3a0c8c
ED		 1850 from_kuid_munged(seq_user_ns(seq),
1851 sock_i_uid(req->rsk_listener)),
1ab1457c 1852 0, /* non standard timer */
1da177e4
LT		 1853 0, /* open_requests have no inode */
1854 0, req);
1855}
1856
1857static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1858{
b71d1d42 1859 const struct in6_addr *dest, *src;
1da177e4
LT		 1860 __u16 destp, srcp;
1861 int timer_active;
1862 unsigned long timer_expires;
cf533ea5
ED		 1863 const struct inet_sock *inet = inet_sk(sp);
1864 const struct tcp_sock *tp = tcp_sk(sp);
463c84b9 1865 const struct inet_connection_sock *icsk = inet_csk(sp);
0536fcc0 1866 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
00fd38d9
ED		 1867 int rx_queue;
1868 int state;
1da177e4 1869
efe4208f
ED		 1870 dest = &sp->sk_v6_daddr;
1871 src = &sp->sk_v6_rcv_saddr;
c720c7e8
ED		 1872 destp = ntohs(inet->inet_dport);
1873 srcp = ntohs(inet->inet_sport);
463c84b9 1874
ce3cf4ec 1875 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
57dde7f7 1876 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
ce3cf4ec 1877 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
1da177e4 1878 timer_active = 1;
463c84b9
ACM		 1879 timer_expires = icsk->icsk_timeout;
1880 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1da177e4 1881 timer_active = 4;
463c84b9 1882 timer_expires = icsk->icsk_timeout;
1da177e4
LT		 1883 } else if (timer_pending(&sp->sk_timer)) {
1884 timer_active = 2;
1885 timer_expires = sp->sk_timer.expires;
1886 } else {
1887 timer_active = 0;
1888 timer_expires = jiffies;
1889 }
1890
986ffdfd 1891 state = inet_sk_state_load(sp);
00fd38d9
ED		 1892 if (state == TCP_LISTEN)
1893 rx_queue = sp->sk_ack_backlog;
1894 else
1895 /* Because we don't lock the socket,
1896 * we might find a transient negative value.
1897 */
dba7d9b8 1898 rx_queue = max_t(int, READ_ONCE(tp->rcv_nxt) -
7db48e98 1899 READ_ONCE(tp->copied_seq), 0);
00fd38d9 1900
1da177e4
LT		 1901 seq_printf(seq,
1902 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
d14c5ab6 1903 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1da177e4
LT		 1904 i,
1905 src->s6_addr32[0], src->s6_addr32[1],
1906 src->s6_addr32[2], src->s6_addr32[3], srcp,
1907 dest->s6_addr32[0], dest->s6_addr32[1],
1908 dest->s6_addr32[2], dest->s6_addr32[3], destp,
00fd38d9
ED		 1909 state,
1910 tp->write_seq - tp->snd_una,
1911 rx_queue,
1da177e4 1912 timer_active,
a399a805 1913 jiffies_delta_to_clock_t(timer_expires - jiffies),
463c84b9 1914 icsk->icsk_retransmits,
a7cb5a49 1915 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
6687e988 1916 icsk->icsk_probes_out,
1da177e4 1917 sock_i_ino(sp),
41c6d650 1918 refcount_read(&sp->sk_refcnt), sp,
7be87351
SH		 1919 jiffies_to_clock_t(icsk->icsk_rto),
1920 jiffies_to_clock_t(icsk->icsk_ack.ato),
31954cd8 1921 (icsk->icsk_ack.quick << 1) | inet_csk_in_pingpong_mode(sp),
0b6a05c1 1922 tp->snd_cwnd,
00fd38d9 1923 state == TCP_LISTEN ?
0536fcc0 1924 fastopenq->max_qlen :
0a672f74 1925 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1da177e4
LT		 1926 );
1927}
1928
1ab1457c 1929static void get_timewait6_sock(struct seq_file *seq,
8feaf0c0 1930 struct inet_timewait_sock *tw, int i)
1da177e4 1931{
789f558c 1932 long delta = tw->tw_timer.expires - jiffies;
b71d1d42 1933 const struct in6_addr *dest, *src;
1da177e4 1934 __u16 destp, srcp;
1da177e4 1935
efe4208f
ED		 1936 dest = &tw->tw_v6_daddr;
1937 src = &tw->tw_v6_rcv_saddr;
1da177e4
LT		 1938 destp = ntohs(tw->tw_dport);
1939 srcp = ntohs(tw->tw_sport);
1940
1941 seq_printf(seq,
1942 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
71338aa7 1943 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1da177e4
LT		 1944 i,
1945 src->s6_addr32[0], src->s6_addr32[1],
1946 src->s6_addr32[2], src->s6_addr32[3], srcp,
1947 dest->s6_addr32[0], dest->s6_addr32[1],
1948 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1949 tw->tw_substate, 0, 0,
a399a805 1950 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
41c6d650 1951 refcount_read(&tw->tw_refcnt), tw);
1da177e4
LT		 1952}
1953
1da177e4
LT		 1954static int tcp6_seq_show(struct seq_file *seq, void *v)
1955{
1956 struct tcp_iter_state *st;
05dbc7b5 1957 struct sock *sk = v;
1da177e4
LT		 1958
1959 if (v == SEQ_START_TOKEN) {
1960 seq_puts(seq,
1961 " sl "
1962 "local_address "
1963 "remote_address "
1964 "st tx_queue rx_queue tr tm->when retrnsmt"
1965 " uid timeout inode\n");
1966 goto out;
1967 }
1968 st = seq->private;
1969
079096f1
ED		 1970 if (sk->sk_state == TCP_TIME_WAIT)
1971 get_timewait6_sock(seq, v, st->num);
1972 else if (sk->sk_state == TCP_NEW_SYN_RECV)
aa3a0c8c 1973 get_openreq6(seq, v, st->num);
079096f1
ED		 1974 else
1975 get_tcp6_sock(seq, v, st->num);
1da177e4
LT		 1976out:
1977 return 0;
1978}
1979
37d849bb
CH		 1980static const struct seq_operations tcp6_seq_ops = {
1981 .show = tcp6_seq_show,
1982 .start = tcp_seq_start,
1983 .next = tcp_seq_next,
1984 .stop = tcp_seq_stop,
1985};
1986
1da177e4 1987static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1da177e4 1988 .family = AF_INET6,
1da177e4
LT		 1989};
1990
2c8c1e72 1991int __net_init tcp6_proc_init(struct net *net)
1da177e4 1992{
c3506372
CH		 1993 if (!proc_create_net_data("tcp6", 0444, net->proc_net, &tcp6_seq_ops,
1994 sizeof(struct tcp_iter_state), &tcp6_seq_afinfo))
37d849bb
CH		 1995 return -ENOMEM;
1996 return 0;
1da177e4
LT		 1997}
1998
6f8b13bc 1999void tcp6_proc_exit(struct net *net)
1da177e4 2000{
37d849bb 2001 remove_proc_entry("tcp6", net->proc_net);
1da177e4
LT		 2002}
2003#endif
2004
2005struct proto tcpv6_prot = {
2006 .name = "TCPv6",
2007 .owner = THIS_MODULE,
2008 .close = tcp_close,
d74bad4e 2009 .pre_connect = tcp_v6_pre_connect,
1da177e4
LT		 2010 .connect = tcp_v6_connect,
2011 .disconnect = tcp_disconnect,
463c84b9 2012 .accept = inet_csk_accept,
1da177e4
LT		 2013 .ioctl = tcp_ioctl,
2014 .init = tcp_v6_init_sock,
2015 .destroy = tcp_v6_destroy_sock,
2016 .shutdown = tcp_shutdown,
2017 .setsockopt = tcp_setsockopt,
2018 .getsockopt = tcp_getsockopt,
4b9d07a4 2019 .keepalive = tcp_set_keepalive,
1da177e4 2020 .recvmsg = tcp_recvmsg,
7ba42910
CG		 2021 .sendmsg = tcp_sendmsg,
2022 .sendpage = tcp_sendpage,
1da177e4 2023 .backlog_rcv = tcp_v6_do_rcv,
46d3ceab 2024 .release_cb = tcp_release_cb,
496611d7 2025 .hash = inet6_hash,
ab1e0a13
ACM		 2026 .unhash = inet_unhash,
2027 .get_port = inet_csk_get_port,
1da177e4 2028 .enter_memory_pressure = tcp_enter_memory_pressure,
06044751 2029 .leave_memory_pressure = tcp_leave_memory_pressure,
c9bee3b7 2030 .stream_memory_free = tcp_stream_memory_free,
1da177e4
LT		 2031 .sockets_allocated = &tcp_sockets_allocated,
2032 .memory_allocated = &tcp_memory_allocated,
2033 .memory_pressure = &tcp_memory_pressure,
0a5578cf 2034 .orphan_count = &tcp_orphan_count,
a4fe34bf 2035 .sysctl_mem = sysctl_tcp_mem,
356d1833
ED		 2036 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
2037 .sysctl_rmem_offset = offsetof(struct net, ipv4.sysctl_tcp_rmem),
1da177e4
LT		 2038 .max_header = MAX_TCP_HEADER,
2039 .obj_size = sizeof(struct tcp6_sock),
5f0d5a3a 2040 .slab_flags = SLAB_TYPESAFE_BY_RCU,
6d6ee43e 2041 .twsk_prot = &tcp6_timewait_sock_ops,
60236fdd 2042 .rsk_prot = &tcp6_request_sock_ops,
39d8cda7 2043 .h.hashinfo = &tcp_hashinfo,
7ba42910 2044 .no_autobind = true,
543d9cfe
ACM		 2045#ifdef CONFIG_COMPAT
2046 .compat_setsockopt = compat_tcp_setsockopt,
2047 .compat_getsockopt = compat_tcp_getsockopt,
d1a4c0b3 2048#endif
c1e64e29 2049 .diag_destroy = tcp_abort,
1da177e4
LT		 2050};
2051
a8e3bb34
DA		 2052/* thinking of making this const? Don't.
2053 * early_demux can change based on sysctl.
2054 */
39294c3d 2055static struct inet6_protocol tcpv6_protocol = {
c7109986 2056 .early_demux = tcp_v6_early_demux,
dddb64bc 2057 .early_demux_handler = tcp_v6_early_demux,
1da177e4
LT		 2058 .handler = tcp_v6_rcv,
2059 .err_handler = tcp_v6_err,
2060 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2061};
2062
1da177e4
LT		 2063static struct inet_protosw tcpv6_protosw = {
2064 .type = SOCK_STREAM,
2065 .protocol = IPPROTO_TCP,
2066 .prot = &tcpv6_prot,
2067 .ops = &inet6_stream_ops,
d83d8461
ACM		 2068 .flags = INET_PROTOSW_PERMANENT |
2069 INET_PROTOSW_ICSK,
1da177e4
LT		 2070};
2071
2c8c1e72 2072static int __net_init tcpv6_net_init(struct net *net)
93ec926b 2073{
5677242f
DL		 2074 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2075 SOCK_RAW, IPPROTO_TCP, net);
93ec926b
DL		 2076}
2077
2c8c1e72 2078static void __net_exit tcpv6_net_exit(struct net *net)
93ec926b 2079{
5677242f 2080 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
b099ce26
EB		 2081}
2082
2c8c1e72 2083static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
b099ce26 2084{
1946e672 2085 inet_twsk_purge(&tcp_hashinfo, AF_INET6);
93ec926b
DL		 2086}
2087
2088static struct pernet_operations tcpv6_net_ops = {
b099ce26
EB		 2089 .init = tcpv6_net_init,
2090 .exit = tcpv6_net_exit,
2091 .exit_batch = tcpv6_net_exit_batch,
93ec926b
DL		 2092};
2093
7f4e4868 2094int __init tcpv6_init(void)
1da177e4 2095{
7f4e4868
DL		 2096 int ret;
2097
3336288a
VY		 2098 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2099 if (ret)
c6b641a4 2100 goto out;
3336288a 2101
1da177e4 2102 /* register inet6 protocol */
7f4e4868
DL		 2103 ret = inet6_register_protosw(&tcpv6_protosw);
2104 if (ret)
2105 goto out_tcpv6_protocol;
2106
93ec926b 2107 ret = register_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2108 if (ret)
2109 goto out_tcpv6_protosw;
2110out:
2111 return ret;
ae0f7d5f 2112
7f4e4868
DL		 2113out_tcpv6_protosw:
2114 inet6_unregister_protosw(&tcpv6_protosw);
3336288a
VY		 2115out_tcpv6_protocol:
2116 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
7f4e4868
DL		 2117 goto out;
2118}
2119
09f7709f 2120void tcpv6_exit(void)
7f4e4868 2121{
93ec926b 2122 unregister_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2123 inet6_unregister_protosw(&tcpv6_protosw);
2124 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
1da177e4 2125}
Ubuntu Jammy Linux kernel mirror