]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - net/ipv6/tcp_ipv6.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tcp: md5: remove request sock argument of calc_md5_hash()
[mirror_ubuntu-bionic-kernel.git] / net / ipv6 / tcp_ipv6.c
1 /*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * Based on:
9 * linux/net/ipv4/tcp.c
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
12 *
13 * Fixes:
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
19 *
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
24 */
25
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
34 #include <linux/in.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
42 #include <linux/uaccess.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
46
47 #include <net/tcp.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
51 #include <net/ipv6.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
58 #include <net/xfrm.h>
59 #include <net/snmp.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/inet_common.h>
63 #include <net/secure_seq.h>
64 #include <net/tcp_memcontrol.h>
65 #include <net/busy_poll.h>
66
67 #include <linux/proc_fs.h>
68 #include <linux/seq_file.h>
69
70 #include <linux/crypto.h>
71 #include <linux/scatterlist.h>
72
73 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
74 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
75 struct request_sock *req);
76
77 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
78
79 static const struct inet_connection_sock_af_ops ipv6_mapped;
80 static const struct inet_connection_sock_af_ops ipv6_specific;
81 #ifdef CONFIG_TCP_MD5SIG
82 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
83 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
84 #else
85 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
86 const struct in6_addr *addr)
87 {
88 return NULL;
89 }
90 #endif
91
92 static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
93 {
94 struct dst_entry *dst = skb_dst(skb);
95
96 if (dst) {
97 const struct rt6_info *rt = (const struct rt6_info *)dst;
98
99 dst_hold(dst);
100 sk->sk_rx_dst = dst;
101 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
102 if (rt->rt6i_node)
103 inet6_sk(sk)->rx_dst_cookie = rt->rt6i_node->fn_sernum;
104 }
105 }
106
107 static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
108 {
109 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
110 ipv6_hdr(skb)->saddr.s6_addr32,
111 tcp_hdr(skb)->dest,
112 tcp_hdr(skb)->source);
113 }
114
115 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
116 int addr_len)
117 {
118 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
119 struct inet_sock *inet = inet_sk(sk);
120 struct inet_connection_sock *icsk = inet_csk(sk);
121 struct ipv6_pinfo *np = inet6_sk(sk);
122 struct tcp_sock *tp = tcp_sk(sk);
123 struct in6_addr *saddr = NULL, *final_p, final;
124 struct rt6_info *rt;
125 struct flowi6 fl6;
126 struct dst_entry *dst;
127 int addr_type;
128 int err;
129
130 if (addr_len < SIN6_LEN_RFC2133)
131 return -EINVAL;
132
133 if (usin->sin6_family != AF_INET6)
134 return -EAFNOSUPPORT;
135
136 memset(&fl6, 0, sizeof(fl6));
137
138 if (np->sndflow) {
139 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
140 IP6_ECN_flow_init(fl6.flowlabel);
141 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
142 struct ip6_flowlabel *flowlabel;
143 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
144 if (flowlabel == NULL)
145 return -EINVAL;
146 fl6_sock_release(flowlabel);
147 }
148 }
149
150 /*
151 * connect() to INADDR_ANY means loopback (BSD'ism).
152 */
153
154 if (ipv6_addr_any(&usin->sin6_addr))
155 usin->sin6_addr.s6_addr[15] = 0x1;
156
157 addr_type = ipv6_addr_type(&usin->sin6_addr);
158
159 if (addr_type & IPV6_ADDR_MULTICAST)
160 return -ENETUNREACH;
161
162 if (addr_type&IPV6_ADDR_LINKLOCAL) {
163 if (addr_len >= sizeof(struct sockaddr_in6) &&
164 usin->sin6_scope_id) {
165 /* If interface is set while binding, indices
166 * must coincide.
167 */
168 if (sk->sk_bound_dev_if &&
169 sk->sk_bound_dev_if != usin->sin6_scope_id)
170 return -EINVAL;
171
172 sk->sk_bound_dev_if = usin->sin6_scope_id;
173 }
174
175 /* Connect to link-local address requires an interface */
176 if (!sk->sk_bound_dev_if)
177 return -EINVAL;
178 }
179
180 if (tp->rx_opt.ts_recent_stamp &&
181 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
182 tp->rx_opt.ts_recent = 0;
183 tp->rx_opt.ts_recent_stamp = 0;
184 tp->write_seq = 0;
185 }
186
187 sk->sk_v6_daddr = usin->sin6_addr;
188 np->flow_label = fl6.flowlabel;
189
190 /*
191 * TCP over IPv4
192 */
193
194 if (addr_type == IPV6_ADDR_MAPPED) {
195 u32 exthdrlen = icsk->icsk_ext_hdr_len;
196 struct sockaddr_in sin;
197
198 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
199
200 if (__ipv6_only_sock(sk))
201 return -ENETUNREACH;
202
203 sin.sin_family = AF_INET;
204 sin.sin_port = usin->sin6_port;
205 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
206
207 icsk->icsk_af_ops = &ipv6_mapped;
208 sk->sk_backlog_rcv = tcp_v4_do_rcv;
209 #ifdef CONFIG_TCP_MD5SIG
210 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
211 #endif
212
213 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
214
215 if (err) {
216 icsk->icsk_ext_hdr_len = exthdrlen;
217 icsk->icsk_af_ops = &ipv6_specific;
218 sk->sk_backlog_rcv = tcp_v6_do_rcv;
219 #ifdef CONFIG_TCP_MD5SIG
220 tp->af_specific = &tcp_sock_ipv6_specific;
221 #endif
222 goto failure;
223 }
224 np->saddr = sk->sk_v6_rcv_saddr;
225
226 return err;
227 }
228
229 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
230 saddr = &sk->sk_v6_rcv_saddr;
231
232 fl6.flowi6_proto = IPPROTO_TCP;
233 fl6.daddr = sk->sk_v6_daddr;
234 fl6.saddr = saddr ? *saddr : np->saddr;
235 fl6.flowi6_oif = sk->sk_bound_dev_if;
236 fl6.flowi6_mark = sk->sk_mark;
237 fl6.fl6_dport = usin->sin6_port;
238 fl6.fl6_sport = inet->inet_sport;
239
240 final_p = fl6_update_dst(&fl6, np->opt, &final);
241
242 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
243
244 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
245 if (IS_ERR(dst)) {
246 err = PTR_ERR(dst);
247 goto failure;
248 }
249
250 if (saddr == NULL) {
251 saddr = &fl6.saddr;
252 sk->sk_v6_rcv_saddr = *saddr;
253 }
254
255 /* set the source address */
256 np->saddr = *saddr;
257 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
258
259 sk->sk_gso_type = SKB_GSO_TCPV6;
260 __ip6_dst_store(sk, dst, NULL, NULL);
261
262 rt = (struct rt6_info *) dst;
263 if (tcp_death_row.sysctl_tw_recycle &&
264 !tp->rx_opt.ts_recent_stamp &&
265 ipv6_addr_equal(&rt->rt6i_dst.addr, &sk->sk_v6_daddr))
266 tcp_fetch_timewait_stamp(sk, dst);
267
268 icsk->icsk_ext_hdr_len = 0;
269 if (np->opt)
270 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
271 np->opt->opt_nflen);
272
273 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
274
275 inet->inet_dport = usin->sin6_port;
276
277 tcp_set_state(sk, TCP_SYN_SENT);
278 err = inet6_hash_connect(&tcp_death_row, sk);
279 if (err)
280 goto late_failure;
281
282 ip6_set_txhash(sk);
283
284 if (!tp->write_seq && likely(!tp->repair))
285 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
286 sk->sk_v6_daddr.s6_addr32,
287 inet->inet_sport,
288 inet->inet_dport);
289
290 err = tcp_connect(sk);
291 if (err)
292 goto late_failure;
293
294 return 0;
295
296 late_failure:
297 tcp_set_state(sk, TCP_CLOSE);
298 __sk_dst_reset(sk);
299 failure:
300 inet->inet_dport = 0;
301 sk->sk_route_caps = 0;
302 return err;
303 }
304
305 static void tcp_v6_mtu_reduced(struct sock *sk)
306 {
307 struct dst_entry *dst;
308
309 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
310 return;
311
312 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
313 if (!dst)
314 return;
315
316 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
317 tcp_sync_mss(sk, dst_mtu(dst));
318 tcp_simple_retransmit(sk);
319 }
320 }
321
322 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
323 u8 type, u8 code, int offset, __be32 info)
324 {
325 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
326 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
327 struct net *net = dev_net(skb->dev);
328 struct request_sock *fastopen;
329 struct ipv6_pinfo *np;
330 struct tcp_sock *tp;
331 __u32 seq, snd_una;
332 struct sock *sk;
333 int err;
334
335 sk = __inet6_lookup_established(net, &tcp_hashinfo,
336 &hdr->daddr, th->dest,
337 &hdr->saddr, ntohs(th->source),
338 skb->dev->ifindex);
339
340 if (!sk) {
341 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
342 ICMP6_MIB_INERRORS);
343 return;
344 }
345
346 if (sk->sk_state == TCP_TIME_WAIT) {
347 inet_twsk_put(inet_twsk(sk));
348 return;
349 }
350 seq = ntohl(th->seq);
351 if (sk->sk_state == TCP_NEW_SYN_RECV)
352 return tcp_req_err(sk, seq);
353
354 bh_lock_sock(sk);
355 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
356 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
357
358 if (sk->sk_state == TCP_CLOSE)
359 goto out;
360
361 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
362 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
363 goto out;
364 }
365
366 tp = tcp_sk(sk);
367 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
368 fastopen = tp->fastopen_rsk;
369 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
370 if (sk->sk_state != TCP_LISTEN &&
371 !between(seq, snd_una, tp->snd_nxt)) {
372 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
373 goto out;
374 }
375
376 np = inet6_sk(sk);
377
378 if (type == NDISC_REDIRECT) {
379 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
380
381 if (dst)
382 dst->ops->redirect(dst, sk, skb);
383 goto out;
384 }
385
386 if (type == ICMPV6_PKT_TOOBIG) {
387 /* We are not interested in TCP_LISTEN and open_requests
388 * (SYN-ACKs send out by Linux are always <576bytes so
389 * they should go through unfragmented).
390 */
391 if (sk->sk_state == TCP_LISTEN)
392 goto out;
393
394 if (!ip6_sk_accept_pmtu(sk))
395 goto out;
396
397 tp->mtu_info = ntohl(info);
398 if (!sock_owned_by_user(sk))
399 tcp_v6_mtu_reduced(sk);
400 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
401 &tp->tsq_flags))
402 sock_hold(sk);
403 goto out;
404 }
405
406 icmpv6_err_convert(type, code, &err);
407
408 /* Might be for an request_sock */
409 switch (sk->sk_state) {
410 case TCP_SYN_SENT:
411 case TCP_SYN_RECV:
412 /* Only in fast or simultaneous open. If a fast open socket is
413 * is already accepted it is treated as a connected one below.
414 */
415 if (fastopen && fastopen->sk == NULL)
416 break;
417
418 if (!sock_owned_by_user(sk)) {
419 sk->sk_err = err;
420 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
421
422 tcp_done(sk);
423 } else
424 sk->sk_err_soft = err;
425 goto out;
426 }
427
428 if (!sock_owned_by_user(sk) && np->recverr) {
429 sk->sk_err = err;
430 sk->sk_error_report(sk);
431 } else
432 sk->sk_err_soft = err;
433
434 out:
435 bh_unlock_sock(sk);
436 sock_put(sk);
437 }
438
439
440 static int tcp_v6_send_synack(struct sock *sk, struct dst_entry *dst,
441 struct flowi *fl,
442 struct request_sock *req,
443 u16 queue_mapping,
444 struct tcp_fastopen_cookie *foc)
445 {
446 struct inet_request_sock *ireq = inet_rsk(req);
447 struct ipv6_pinfo *np = inet6_sk(sk);
448 struct flowi6 *fl6 = &fl->u.ip6;
449 struct sk_buff *skb;
450 int err = -ENOMEM;
451
452 /* First, grab a route. */
453 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL)
454 goto done;
455
456 skb = tcp_make_synack(sk, dst, req, foc);
457
458 if (skb) {
459 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
460 &ireq->ir_v6_rmt_addr);
461
462 fl6->daddr = ireq->ir_v6_rmt_addr;
463 if (np->repflow && (ireq->pktopts != NULL))
464 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
465
466 skb_set_queue_mapping(skb, queue_mapping);
467 err = ip6_xmit(sk, skb, fl6, np->opt, np->tclass);
468 err = net_xmit_eval(err);
469 }
470
471 done:
472 return err;
473 }
474
475
476 static void tcp_v6_reqsk_destructor(struct request_sock *req)
477 {
478 kfree_skb(inet_rsk(req)->pktopts);
479 }
480
481 #ifdef CONFIG_TCP_MD5SIG
482 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
483 const struct in6_addr *addr)
484 {
485 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
486 }
487
488 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
489 struct sock *addr_sk)
490 {
491 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
492 }
493
494 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
495 struct request_sock *req)
496 {
497 return tcp_v6_md5_do_lookup(sk, &inet_rsk(req)->ir_v6_rmt_addr);
498 }
499
500 static int tcp_v6_parse_md5_keys(struct sock *sk, char __user *optval,
501 int optlen)
502 {
503 struct tcp_md5sig cmd;
504 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
505
506 if (optlen < sizeof(cmd))
507 return -EINVAL;
508
509 if (copy_from_user(&cmd, optval, sizeof(cmd)))
510 return -EFAULT;
511
512 if (sin6->sin6_family != AF_INET6)
513 return -EINVAL;
514
515 if (!cmd.tcpm_keylen) {
516 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
517 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
518 AF_INET);
519 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
520 AF_INET6);
521 }
522
523 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
524 return -EINVAL;
525
526 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
527 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
528 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
529
530 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
531 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
532 }
533
534 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
535 const struct in6_addr *daddr,
536 const struct in6_addr *saddr, int nbytes)
537 {
538 struct tcp6_pseudohdr *bp;
539 struct scatterlist sg;
540
541 bp = &hp->md5_blk.ip6;
542 /* 1. TCP pseudo-header (RFC2460) */
543 bp->saddr = *saddr;
544 bp->daddr = *daddr;
545 bp->protocol = cpu_to_be32(IPPROTO_TCP);
546 bp->len = cpu_to_be32(nbytes);
547
548 sg_init_one(&sg, bp, sizeof(*bp));
549 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
550 }
551
552 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
553 const struct in6_addr *daddr, struct in6_addr *saddr,
554 const struct tcphdr *th)
555 {
556 struct tcp_md5sig_pool *hp;
557 struct hash_desc *desc;
558
559 hp = tcp_get_md5sig_pool();
560 if (!hp)
561 goto clear_hash_noput;
562 desc = &hp->md5_desc;
563
564 if (crypto_hash_init(desc))
565 goto clear_hash;
566 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
567 goto clear_hash;
568 if (tcp_md5_hash_header(hp, th))
569 goto clear_hash;
570 if (tcp_md5_hash_key(hp, key))
571 goto clear_hash;
572 if (crypto_hash_final(desc, md5_hash))
573 goto clear_hash;
574
575 tcp_put_md5sig_pool();
576 return 0;
577
578 clear_hash:
579 tcp_put_md5sig_pool();
580 clear_hash_noput:
581 memset(md5_hash, 0, 16);
582 return 1;
583 }
584
585 static int tcp_v6_md5_hash_skb(char *md5_hash,
586 const struct tcp_md5sig_key *key,
587 const struct sock *sk,
588 const struct sk_buff *skb)
589 {
590 const struct in6_addr *saddr, *daddr;
591 struct tcp_md5sig_pool *hp;
592 struct hash_desc *desc;
593 const struct tcphdr *th = tcp_hdr(skb);
594
595 if (sk) { /* valid for establish/request sockets */
596 saddr = &sk->sk_v6_rcv_saddr;
597 daddr = &sk->sk_v6_daddr;
598 } else {
599 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
600 saddr = &ip6h->saddr;
601 daddr = &ip6h->daddr;
602 }
603
604 hp = tcp_get_md5sig_pool();
605 if (!hp)
606 goto clear_hash_noput;
607 desc = &hp->md5_desc;
608
609 if (crypto_hash_init(desc))
610 goto clear_hash;
611
612 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
613 goto clear_hash;
614 if (tcp_md5_hash_header(hp, th))
615 goto clear_hash;
616 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
617 goto clear_hash;
618 if (tcp_md5_hash_key(hp, key))
619 goto clear_hash;
620 if (crypto_hash_final(desc, md5_hash))
621 goto clear_hash;
622
623 tcp_put_md5sig_pool();
624 return 0;
625
626 clear_hash:
627 tcp_put_md5sig_pool();
628 clear_hash_noput:
629 memset(md5_hash, 0, 16);
630 return 1;
631 }
632
633 static bool tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb)
634 {
635 const __u8 *hash_location = NULL;
636 struct tcp_md5sig_key *hash_expected;
637 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
638 const struct tcphdr *th = tcp_hdr(skb);
639 int genhash;
640 u8 newhash[16];
641
642 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
643 hash_location = tcp_parse_md5sig_option(th);
644
645 /* We've parsed the options - do we have a hash? */
646 if (!hash_expected && !hash_location)
647 return false;
648
649 if (hash_expected && !hash_location) {
650 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
651 return true;
652 }
653
654 if (!hash_expected && hash_location) {
655 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
656 return true;
657 }
658
659 /* check the signature */
660 genhash = tcp_v6_md5_hash_skb(newhash,
661 hash_expected,
662 NULL, skb);
663
664 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
665 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
666 genhash ? "failed" : "mismatch",
667 &ip6h->saddr, ntohs(th->source),
668 &ip6h->daddr, ntohs(th->dest));
669 return true;
670 }
671 return false;
672 }
673 #endif
674
675 static void tcp_v6_init_req(struct request_sock *req, struct sock *sk,
676 struct sk_buff *skb)
677 {
678 struct inet_request_sock *ireq = inet_rsk(req);
679 struct ipv6_pinfo *np = inet6_sk(sk);
680
681 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
682 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
683
684 /* So that link locals have meaning */
685 if (!sk->sk_bound_dev_if &&
686 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
687 ireq->ir_iif = tcp_v6_iif(skb);
688
689 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
690 (ipv6_opt_accepted(sk, skb, &TCP_SKB_CB(skb)->header.h6) ||
691 np->rxopt.bits.rxinfo ||
692 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
693 np->rxopt.bits.rxohlim || np->repflow)) {
694 atomic_inc(&skb->users);
695 ireq->pktopts = skb;
696 }
697 ireq->ireq_family = AF_INET6;
698 }
699
700 static struct dst_entry *tcp_v6_route_req(struct sock *sk, struct flowi *fl,
701 const struct request_sock *req,
702 bool *strict)
703 {
704 if (strict)
705 *strict = true;
706 return inet6_csk_route_req(sk, &fl->u.ip6, req);
707 }
708
709 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
710 .family = AF_INET6,
711 .obj_size = sizeof(struct tcp6_request_sock),
712 .rtx_syn_ack = tcp_rtx_synack,
713 .send_ack = tcp_v6_reqsk_send_ack,
714 .destructor = tcp_v6_reqsk_destructor,
715 .send_reset = tcp_v6_send_reset,
716 .syn_ack_timeout = tcp_syn_ack_timeout,
717 };
718
719 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
720 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
721 sizeof(struct ipv6hdr),
722 #ifdef CONFIG_TCP_MD5SIG
723 .md5_lookup = tcp_v6_reqsk_md5_lookup,
724 .calc_md5_hash = tcp_v6_md5_hash_skb,
725 #endif
726 .init_req = tcp_v6_init_req,
727 #ifdef CONFIG_SYN_COOKIES
728 .cookie_init_seq = cookie_v6_init_sequence,
729 #endif
730 .route_req = tcp_v6_route_req,
731 .init_seq = tcp_v6_init_sequence,
732 .send_synack = tcp_v6_send_synack,
733 .queue_hash_add = inet6_csk_reqsk_queue_hash_add,
734 };
735
736 static void tcp_v6_send_response(struct sock *sk, struct sk_buff *skb, u32 seq,
737 u32 ack, u32 win, u32 tsval, u32 tsecr,
738 int oif, struct tcp_md5sig_key *key, int rst,
739 u8 tclass, u32 label)
740 {
741 const struct tcphdr *th = tcp_hdr(skb);
742 struct tcphdr *t1;
743 struct sk_buff *buff;
744 struct flowi6 fl6;
745 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
746 struct sock *ctl_sk = net->ipv6.tcp_sk;
747 unsigned int tot_len = sizeof(struct tcphdr);
748 struct dst_entry *dst;
749 __be32 *topt;
750
751 if (tsecr)
752 tot_len += TCPOLEN_TSTAMP_ALIGNED;
753 #ifdef CONFIG_TCP_MD5SIG
754 if (key)
755 tot_len += TCPOLEN_MD5SIG_ALIGNED;
756 #endif
757
758 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
759 GFP_ATOMIC);
760 if (buff == NULL)
761 return;
762
763 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
764
765 t1 = (struct tcphdr *) skb_push(buff, tot_len);
766 skb_reset_transport_header(buff);
767
768 /* Swap the send and the receive. */
769 memset(t1, 0, sizeof(*t1));
770 t1->dest = th->source;
771 t1->source = th->dest;
772 t1->doff = tot_len / 4;
773 t1->seq = htonl(seq);
774 t1->ack_seq = htonl(ack);
775 t1->ack = !rst || !th->ack;
776 t1->rst = rst;
777 t1->window = htons(win);
778
779 topt = (__be32 *)(t1 + 1);
780
781 if (tsecr) {
782 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
783 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
784 *topt++ = htonl(tsval);
785 *topt++ = htonl(tsecr);
786 }
787
788 #ifdef CONFIG_TCP_MD5SIG
789 if (key) {
790 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
791 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
792 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
793 &ipv6_hdr(skb)->saddr,
794 &ipv6_hdr(skb)->daddr, t1);
795 }
796 #endif
797
798 memset(&fl6, 0, sizeof(fl6));
799 fl6.daddr = ipv6_hdr(skb)->saddr;
800 fl6.saddr = ipv6_hdr(skb)->daddr;
801 fl6.flowlabel = label;
802
803 buff->ip_summed = CHECKSUM_PARTIAL;
804 buff->csum = 0;
805
806 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
807
808 fl6.flowi6_proto = IPPROTO_TCP;
809 if (rt6_need_strict(&fl6.daddr) && !oif)
810 fl6.flowi6_oif = tcp_v6_iif(skb);
811 else
812 fl6.flowi6_oif = oif;
813 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark);
814 fl6.fl6_dport = t1->dest;
815 fl6.fl6_sport = t1->source;
816 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
817
818 /* Pass a socket to ip6_dst_lookup either it is for RST
819 * Underlying function will use this to retrieve the network
820 * namespace
821 */
822 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
823 if (!IS_ERR(dst)) {
824 skb_dst_set(buff, dst);
825 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
826 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
827 if (rst)
828 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
829 return;
830 }
831
832 kfree_skb(buff);
833 }
834
835 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
836 {
837 const struct tcphdr *th = tcp_hdr(skb);
838 u32 seq = 0, ack_seq = 0;
839 struct tcp_md5sig_key *key = NULL;
840 #ifdef CONFIG_TCP_MD5SIG
841 const __u8 *hash_location = NULL;
842 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
843 unsigned char newhash[16];
844 int genhash;
845 struct sock *sk1 = NULL;
846 #endif
847 int oif;
848
849 if (th->rst)
850 return;
851
852 /* If sk not NULL, it means we did a successful lookup and incoming
853 * route had to be correct. prequeue might have dropped our dst.
854 */
855 if (!sk && !ipv6_unicast_destination(skb))
856 return;
857
858 #ifdef CONFIG_TCP_MD5SIG
859 hash_location = tcp_parse_md5sig_option(th);
860 if (!sk && hash_location) {
861 /*
862 * active side is lost. Try to find listening socket through
863 * source port, and then find md5 key through listening socket.
864 * we are not loose security here:
865 * Incoming packet is checked with md5 hash with finding key,
866 * no RST generated if md5 hash doesn't match.
867 */
868 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
869 &tcp_hashinfo, &ipv6h->saddr,
870 th->source, &ipv6h->daddr,
871 ntohs(th->source), tcp_v6_iif(skb));
872 if (!sk1)
873 return;
874
875 rcu_read_lock();
876 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
877 if (!key)
878 goto release_sk1;
879
880 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
881 if (genhash || memcmp(hash_location, newhash, 16) != 0)
882 goto release_sk1;
883 } else {
884 key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL;
885 }
886 #endif
887
888 if (th->ack)
889 seq = ntohl(th->ack_seq);
890 else
891 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
892 (th->doff << 2);
893
894 oif = sk ? sk->sk_bound_dev_if : 0;
895 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0);
896
897 #ifdef CONFIG_TCP_MD5SIG
898 release_sk1:
899 if (sk1) {
900 rcu_read_unlock();
901 sock_put(sk1);
902 }
903 #endif
904 }
905
906 static void tcp_v6_send_ack(struct sock *sk, struct sk_buff *skb, u32 seq,
907 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
908 struct tcp_md5sig_key *key, u8 tclass,
909 u32 label)
910 {
911 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
912 tclass, label);
913 }
914
915 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
916 {
917 struct inet_timewait_sock *tw = inet_twsk(sk);
918 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
919
920 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
921 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
922 tcp_time_stamp + tcptw->tw_ts_offset,
923 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
924 tw->tw_tclass, (tw->tw_flowlabel << 12));
925
926 inet_twsk_put(tw);
927 }
928
929 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
930 struct request_sock *req)
931 {
932 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
933 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
934 */
935 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
936 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
937 tcp_rsk(req)->rcv_nxt, req->rcv_wnd,
938 tcp_time_stamp, req->ts_recent, sk->sk_bound_dev_if,
939 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr),
940 0, 0);
941 }
942
943
944 static struct sock *tcp_v6_hnd_req(struct sock *sk, struct sk_buff *skb)
945 {
946 const struct tcphdr *th = tcp_hdr(skb);
947 struct request_sock *req;
948 struct sock *nsk;
949
950 /* Find possible connection requests. */
951 req = inet6_csk_search_req(sk, th->source,
952 &ipv6_hdr(skb)->saddr,
953 &ipv6_hdr(skb)->daddr, tcp_v6_iif(skb));
954 if (req) {
955 nsk = tcp_check_req(sk, skb, req, false);
956 reqsk_put(req);
957 return nsk;
958 }
959 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
960 &ipv6_hdr(skb)->saddr, th->source,
961 &ipv6_hdr(skb)->daddr, ntohs(th->dest),
962 tcp_v6_iif(skb));
963
964 if (nsk) {
965 if (nsk->sk_state != TCP_TIME_WAIT) {
966 bh_lock_sock(nsk);
967 return nsk;
968 }
969 inet_twsk_put(inet_twsk(nsk));
970 return NULL;
971 }
972
973 #ifdef CONFIG_SYN_COOKIES
974 if (!th->syn)
975 sk = cookie_v6_check(sk, skb);
976 #endif
977 return sk;
978 }
979
980 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
981 {
982 if (skb->protocol == htons(ETH_P_IP))
983 return tcp_v4_conn_request(sk, skb);
984
985 if (!ipv6_unicast_destination(skb))
986 goto drop;
987
988 return tcp_conn_request(&tcp6_request_sock_ops,
989 &tcp_request_sock_ipv6_ops, sk, skb);
990
991 drop:
992 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
993 return 0; /* don't send reset */
994 }
995
996 static struct sock *tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
997 struct request_sock *req,
998 struct dst_entry *dst)
999 {
1000 struct inet_request_sock *ireq;
1001 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1002 struct tcp6_sock *newtcp6sk;
1003 struct inet_sock *newinet;
1004 struct tcp_sock *newtp;
1005 struct sock *newsk;
1006 #ifdef CONFIG_TCP_MD5SIG
1007 struct tcp_md5sig_key *key;
1008 #endif
1009 struct flowi6 fl6;
1010
1011 if (skb->protocol == htons(ETH_P_IP)) {
1012 /*
1013 * v6 mapped
1014 */
1015
1016 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1017
1018 if (newsk == NULL)
1019 return NULL;
1020
1021 newtcp6sk = (struct tcp6_sock *)newsk;
1022 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1023
1024 newinet = inet_sk(newsk);
1025 newnp = inet6_sk(newsk);
1026 newtp = tcp_sk(newsk);
1027
1028 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1029
1030 newnp->saddr = newsk->sk_v6_rcv_saddr;
1031
1032 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1033 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1034 #ifdef CONFIG_TCP_MD5SIG
1035 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1036 #endif
1037
1038 newnp->ipv6_ac_list = NULL;
1039 newnp->ipv6_fl_list = NULL;
1040 newnp->pktoptions = NULL;
1041 newnp->opt = NULL;
1042 newnp->mcast_oif = tcp_v6_iif(skb);
1043 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1044 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1045 if (np->repflow)
1046 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1047
1048 /*
1049 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1050 * here, tcp_create_openreq_child now does this for us, see the comment in
1051 * that function for the gory details. -acme
1052 */
1053
1054 /* It is tricky place. Until this moment IPv4 tcp
1055 worked with IPv6 icsk.icsk_af_ops.
1056 Sync it now.
1057 */
1058 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1059
1060 return newsk;
1061 }
1062
1063 ireq = inet_rsk(req);
1064
1065 if (sk_acceptq_is_full(sk))
1066 goto out_overflow;
1067
1068 if (!dst) {
1069 dst = inet6_csk_route_req(sk, &fl6, req);
1070 if (!dst)
1071 goto out;
1072 }
1073
1074 newsk = tcp_create_openreq_child(sk, req, skb);
1075 if (newsk == NULL)
1076 goto out_nonewsk;
1077
1078 /*
1079 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1080 * count here, tcp_create_openreq_child now does this for us, see the
1081 * comment in that function for the gory details. -acme
1082 */
1083
1084 newsk->sk_gso_type = SKB_GSO_TCPV6;
1085 __ip6_dst_store(newsk, dst, NULL, NULL);
1086 inet6_sk_rx_dst_set(newsk, skb);
1087
1088 newtcp6sk = (struct tcp6_sock *)newsk;
1089 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1090
1091 newtp = tcp_sk(newsk);
1092 newinet = inet_sk(newsk);
1093 newnp = inet6_sk(newsk);
1094
1095 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1096
1097 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1098 newnp->saddr = ireq->ir_v6_loc_addr;
1099 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1100 newsk->sk_bound_dev_if = ireq->ir_iif;
1101
1102 ip6_set_txhash(newsk);
1103
1104 /* Now IPv6 options...
1105
1106 First: no IPv4 options.
1107 */
1108 newinet->inet_opt = NULL;
1109 newnp->ipv6_ac_list = NULL;
1110 newnp->ipv6_fl_list = NULL;
1111
1112 /* Clone RX bits */
1113 newnp->rxopt.all = np->rxopt.all;
1114
1115 /* Clone pktoptions received with SYN */
1116 newnp->pktoptions = NULL;
1117 if (ireq->pktopts != NULL) {
1118 newnp->pktoptions = skb_clone(ireq->pktopts,
1119 sk_gfp_atomic(sk, GFP_ATOMIC));
1120 consume_skb(ireq->pktopts);
1121 ireq->pktopts = NULL;
1122 if (newnp->pktoptions)
1123 skb_set_owner_r(newnp->pktoptions, newsk);
1124 }
1125 newnp->opt = NULL;
1126 newnp->mcast_oif = tcp_v6_iif(skb);
1127 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1128 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1129 if (np->repflow)
1130 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1131
1132 /* Clone native IPv6 options from listening socket (if any)
1133
1134 Yes, keeping reference count would be much more clever,
1135 but we make one more one thing there: reattach optmem
1136 to newsk.
1137 */
1138 if (np->opt)
1139 newnp->opt = ipv6_dup_options(newsk, np->opt);
1140
1141 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1142 if (newnp->opt)
1143 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1144 newnp->opt->opt_flen);
1145
1146 tcp_ca_openreq_child(newsk, dst);
1147
1148 tcp_sync_mss(newsk, dst_mtu(dst));
1149 newtp->advmss = dst_metric_advmss(dst);
1150 if (tcp_sk(sk)->rx_opt.user_mss &&
1151 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1152 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1153
1154 tcp_initialize_rcv_mss(newsk);
1155
1156 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1157 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1158
1159 #ifdef CONFIG_TCP_MD5SIG
1160 /* Copy over the MD5 key from the original socket */
1161 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
1162 if (key != NULL) {
1163 /* We're using one, so create a matching key
1164 * on the newsk structure. If we fail to get
1165 * memory, then we end up not copying the key
1166 * across. Shucks.
1167 */
1168 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
1169 AF_INET6, key->key, key->keylen,
1170 sk_gfp_atomic(sk, GFP_ATOMIC));
1171 }
1172 #endif
1173
1174 if (__inet_inherit_port(sk, newsk) < 0) {
1175 inet_csk_prepare_forced_close(newsk);
1176 tcp_done(newsk);
1177 goto out;
1178 }
1179 __inet_hash(newsk, NULL);
1180
1181 return newsk;
1182
1183 out_overflow:
1184 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1185 out_nonewsk:
1186 dst_release(dst);
1187 out:
1188 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1189 return NULL;
1190 }
1191
1192 /* The socket must have it's spinlock held when we get
1193 * here.
1194 *
1195 * We have a potential double-lock case here, so even when
1196 * doing backlog processing we use the BH locking scheme.
1197 * This is because we cannot sleep with the original spinlock
1198 * held.
1199 */
1200 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1201 {
1202 struct ipv6_pinfo *np = inet6_sk(sk);
1203 struct tcp_sock *tp;
1204 struct sk_buff *opt_skb = NULL;
1205
1206 /* Imagine: socket is IPv6. IPv4 packet arrives,
1207 goes to IPv4 receive handler and backlogged.
1208 From backlog it always goes here. Kerboom...
1209 Fortunately, tcp_rcv_established and rcv_established
1210 handle them correctly, but it is not case with
1211 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1212 */
1213
1214 if (skb->protocol == htons(ETH_P_IP))
1215 return tcp_v4_do_rcv(sk, skb);
1216
1217 if (sk_filter(sk, skb))
1218 goto discard;
1219
1220 /*
1221 * socket locking is here for SMP purposes as backlog rcv
1222 * is currently called with bh processing disabled.
1223 */
1224
1225 /* Do Stevens' IPV6_PKTOPTIONS.
1226
1227 Yes, guys, it is the only place in our code, where we
1228 may make it not affecting IPv4.
1229 The rest of code is protocol independent,
1230 and I do not like idea to uglify IPv4.
1231
1232 Actually, all the idea behind IPV6_PKTOPTIONS
1233 looks not very well thought. For now we latch
1234 options, received in the last packet, enqueued
1235 by tcp. Feel free to propose better solution.
1236 --ANK (980728)
1237 */
1238 if (np->rxopt.all)
1239 opt_skb = skb_clone(skb, sk_gfp_atomic(sk, GFP_ATOMIC));
1240
1241 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1242 struct dst_entry *dst = sk->sk_rx_dst;
1243
1244 sock_rps_save_rxhash(sk, skb);
1245 sk_mark_napi_id(sk, skb);
1246 if (dst) {
1247 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1248 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1249 dst_release(dst);
1250 sk->sk_rx_dst = NULL;
1251 }
1252 }
1253
1254 tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len);
1255 if (opt_skb)
1256 goto ipv6_pktoptions;
1257 return 0;
1258 }
1259
1260 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1261 goto csum_err;
1262
1263 if (sk->sk_state == TCP_LISTEN) {
1264 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1265 if (!nsk)
1266 goto discard;
1267
1268 /*
1269 * Queue it on the new socket if the new socket is active,
1270 * otherwise we just shortcircuit this and continue with
1271 * the new socket..
1272 */
1273 if (nsk != sk) {
1274 sock_rps_save_rxhash(nsk, skb);
1275 sk_mark_napi_id(sk, skb);
1276 if (tcp_child_process(sk, nsk, skb))
1277 goto reset;
1278 if (opt_skb)
1279 __kfree_skb(opt_skb);
1280 return 0;
1281 }
1282 } else
1283 sock_rps_save_rxhash(sk, skb);
1284
1285 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1286 goto reset;
1287 if (opt_skb)
1288 goto ipv6_pktoptions;
1289 return 0;
1290
1291 reset:
1292 tcp_v6_send_reset(sk, skb);
1293 discard:
1294 if (opt_skb)
1295 __kfree_skb(opt_skb);
1296 kfree_skb(skb);
1297 return 0;
1298 csum_err:
1299 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_CSUMERRORS);
1300 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1301 goto discard;
1302
1303
1304 ipv6_pktoptions:
1305 /* Do you ask, what is it?
1306
1307 1. skb was enqueued by tcp.
1308 2. skb is added to tail of read queue, rather than out of order.
1309 3. socket is not in passive state.
1310 4. Finally, it really contains options, which user wants to receive.
1311 */
1312 tp = tcp_sk(sk);
1313 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1314 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1315 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1316 np->mcast_oif = tcp_v6_iif(opt_skb);
1317 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1318 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1319 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1320 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
1321 if (np->repflow)
1322 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
1323 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1324 skb_set_owner_r(opt_skb, sk);
1325 opt_skb = xchg(&np->pktoptions, opt_skb);
1326 } else {
1327 __kfree_skb(opt_skb);
1328 opt_skb = xchg(&np->pktoptions, NULL);
1329 }
1330 }
1331
1332 kfree_skb(opt_skb);
1333 return 0;
1334 }
1335
1336 static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1337 const struct tcphdr *th)
1338 {
1339 /* This is tricky: we move IP6CB at its correct location into
1340 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1341 * _decode_session6() uses IP6CB().
1342 * barrier() makes sure compiler won't play aliasing games.
1343 */
1344 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1345 sizeof(struct inet6_skb_parm));
1346 barrier();
1347
1348 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1349 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1350 skb->len - th->doff*4);
1351 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1352 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1353 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1354 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1355 TCP_SKB_CB(skb)->sacked = 0;
1356 }
1357
1358 static int tcp_v6_rcv(struct sk_buff *skb)
1359 {
1360 const struct tcphdr *th;
1361 const struct ipv6hdr *hdr;
1362 struct sock *sk;
1363 int ret;
1364 struct net *net = dev_net(skb->dev);
1365
1366 if (skb->pkt_type != PACKET_HOST)
1367 goto discard_it;
1368
1369 /*
1370 * Count it even if it's bad.
1371 */
1372 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1373
1374 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1375 goto discard_it;
1376
1377 th = tcp_hdr(skb);
1378
1379 if (th->doff < sizeof(struct tcphdr)/4)
1380 goto bad_packet;
1381 if (!pskb_may_pull(skb, th->doff*4))
1382 goto discard_it;
1383
1384 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
1385 goto csum_error;
1386
1387 th = tcp_hdr(skb);
1388 hdr = ipv6_hdr(skb);
1389
1390 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest,
1391 inet6_iif(skb));
1392 if (!sk)
1393 goto no_tcp_socket;
1394
1395 process:
1396 if (sk->sk_state == TCP_TIME_WAIT)
1397 goto do_time_wait;
1398
1399 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1400 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1401 goto discard_and_relse;
1402 }
1403
1404 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1405 goto discard_and_relse;
1406
1407 tcp_v6_fill_cb(skb, hdr, th);
1408
1409 #ifdef CONFIG_TCP_MD5SIG
1410 if (tcp_v6_inbound_md5_hash(sk, skb))
1411 goto discard_and_relse;
1412 #endif
1413
1414 if (sk_filter(sk, skb))
1415 goto discard_and_relse;
1416
1417 sk_incoming_cpu_update(sk);
1418 skb->dev = NULL;
1419
1420 bh_lock_sock_nested(sk);
1421 ret = 0;
1422 if (!sock_owned_by_user(sk)) {
1423 if (!tcp_prequeue(sk, skb))
1424 ret = tcp_v6_do_rcv(sk, skb);
1425 } else if (unlikely(sk_add_backlog(sk, skb,
1426 sk->sk_rcvbuf + sk->sk_sndbuf))) {
1427 bh_unlock_sock(sk);
1428 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
1429 goto discard_and_relse;
1430 }
1431 bh_unlock_sock(sk);
1432
1433 sock_put(sk);
1434 return ret ? -1 : 0;
1435
1436 no_tcp_socket:
1437 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1438 goto discard_it;
1439
1440 tcp_v6_fill_cb(skb, hdr, th);
1441
1442 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1443 csum_error:
1444 TCP_INC_STATS_BH(net, TCP_MIB_CSUMERRORS);
1445 bad_packet:
1446 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1447 } else {
1448 tcp_v6_send_reset(NULL, skb);
1449 }
1450
1451 discard_it:
1452 kfree_skb(skb);
1453 return 0;
1454
1455 discard_and_relse:
1456 sock_put(sk);
1457 goto discard_it;
1458
1459 do_time_wait:
1460 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1461 inet_twsk_put(inet_twsk(sk));
1462 goto discard_it;
1463 }
1464
1465 tcp_v6_fill_cb(skb, hdr, th);
1466
1467 if (skb->len < (th->doff<<2)) {
1468 inet_twsk_put(inet_twsk(sk));
1469 goto bad_packet;
1470 }
1471 if (tcp_checksum_complete(skb)) {
1472 inet_twsk_put(inet_twsk(sk));
1473 goto csum_error;
1474 }
1475
1476 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1477 case TCP_TW_SYN:
1478 {
1479 struct sock *sk2;
1480
1481 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1482 &ipv6_hdr(skb)->saddr, th->source,
1483 &ipv6_hdr(skb)->daddr,
1484 ntohs(th->dest), tcp_v6_iif(skb));
1485 if (sk2 != NULL) {
1486 struct inet_timewait_sock *tw = inet_twsk(sk);
1487 inet_twsk_deschedule(tw, &tcp_death_row);
1488 inet_twsk_put(tw);
1489 sk = sk2;
1490 goto process;
1491 }
1492 /* Fall through to ACK */
1493 }
1494 case TCP_TW_ACK:
1495 tcp_v6_timewait_ack(sk, skb);
1496 break;
1497 case TCP_TW_RST:
1498 goto no_tcp_socket;
1499 case TCP_TW_SUCCESS:
1500 ;
1501 }
1502 goto discard_it;
1503 }
1504
1505 static void tcp_v6_early_demux(struct sk_buff *skb)
1506 {
1507 const struct ipv6hdr *hdr;
1508 const struct tcphdr *th;
1509 struct sock *sk;
1510
1511 if (skb->pkt_type != PACKET_HOST)
1512 return;
1513
1514 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1515 return;
1516
1517 hdr = ipv6_hdr(skb);
1518 th = tcp_hdr(skb);
1519
1520 if (th->doff < sizeof(struct tcphdr) / 4)
1521 return;
1522
1523 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
1524 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1525 &hdr->saddr, th->source,
1526 &hdr->daddr, ntohs(th->dest),
1527 inet6_iif(skb));
1528 if (sk) {
1529 skb->sk = sk;
1530 skb->destructor = sock_edemux;
1531 if (sk_fullsock(sk)) {
1532 struct dst_entry *dst = sk->sk_rx_dst;
1533
1534 if (dst)
1535 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
1536 if (dst &&
1537 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1538 skb_dst_set_noref(skb, dst);
1539 }
1540 }
1541 }
1542
1543 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1544 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1545 .twsk_unique = tcp_twsk_unique,
1546 .twsk_destructor = tcp_twsk_destructor,
1547 };
1548
1549 static const struct inet_connection_sock_af_ops ipv6_specific = {
1550 .queue_xmit = inet6_csk_xmit,
1551 .send_check = tcp_v6_send_check,
1552 .rebuild_header = inet6_sk_rebuild_header,
1553 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1554 .conn_request = tcp_v6_conn_request,
1555 .syn_recv_sock = tcp_v6_syn_recv_sock,
1556 .net_header_len = sizeof(struct ipv6hdr),
1557 .net_frag_header_len = sizeof(struct frag_hdr),
1558 .setsockopt = ipv6_setsockopt,
1559 .getsockopt = ipv6_getsockopt,
1560 .addr2sockaddr = inet6_csk_addr2sockaddr,
1561 .sockaddr_len = sizeof(struct sockaddr_in6),
1562 .bind_conflict = inet6_csk_bind_conflict,
1563 #ifdef CONFIG_COMPAT
1564 .compat_setsockopt = compat_ipv6_setsockopt,
1565 .compat_getsockopt = compat_ipv6_getsockopt,
1566 #endif
1567 .mtu_reduced = tcp_v6_mtu_reduced,
1568 };
1569
1570 #ifdef CONFIG_TCP_MD5SIG
1571 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1572 .md5_lookup = tcp_v6_md5_lookup,
1573 .calc_md5_hash = tcp_v6_md5_hash_skb,
1574 .md5_parse = tcp_v6_parse_md5_keys,
1575 };
1576 #endif
1577
1578 /*
1579 * TCP over IPv4 via INET6 API
1580 */
1581 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1582 .queue_xmit = ip_queue_xmit,
1583 .send_check = tcp_v4_send_check,
1584 .rebuild_header = inet_sk_rebuild_header,
1585 .sk_rx_dst_set = inet_sk_rx_dst_set,
1586 .conn_request = tcp_v6_conn_request,
1587 .syn_recv_sock = tcp_v6_syn_recv_sock,
1588 .net_header_len = sizeof(struct iphdr),
1589 .setsockopt = ipv6_setsockopt,
1590 .getsockopt = ipv6_getsockopt,
1591 .addr2sockaddr = inet6_csk_addr2sockaddr,
1592 .sockaddr_len = sizeof(struct sockaddr_in6),
1593 .bind_conflict = inet6_csk_bind_conflict,
1594 #ifdef CONFIG_COMPAT
1595 .compat_setsockopt = compat_ipv6_setsockopt,
1596 .compat_getsockopt = compat_ipv6_getsockopt,
1597 #endif
1598 .mtu_reduced = tcp_v4_mtu_reduced,
1599 };
1600
1601 #ifdef CONFIG_TCP_MD5SIG
1602 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1603 .md5_lookup = tcp_v4_md5_lookup,
1604 .calc_md5_hash = tcp_v4_md5_hash_skb,
1605 .md5_parse = tcp_v6_parse_md5_keys,
1606 };
1607 #endif
1608
1609 /* NOTE: A lot of things set to zero explicitly by call to
1610 * sk_alloc() so need not be done here.
1611 */
1612 static int tcp_v6_init_sock(struct sock *sk)
1613 {
1614 struct inet_connection_sock *icsk = inet_csk(sk);
1615
1616 tcp_init_sock(sk);
1617
1618 icsk->icsk_af_ops = &ipv6_specific;
1619
1620 #ifdef CONFIG_TCP_MD5SIG
1621 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1622 #endif
1623
1624 return 0;
1625 }
1626
1627 static void tcp_v6_destroy_sock(struct sock *sk)
1628 {
1629 tcp_v4_destroy_sock(sk);
1630 inet6_destroy_sock(sk);
1631 }
1632
1633 #ifdef CONFIG_PROC_FS
1634 /* Proc filesystem TCPv6 sock list dumping. */
1635 static void get_openreq6(struct seq_file *seq,
1636 struct request_sock *req, int i, kuid_t uid)
1637 {
1638 long ttd = req->rsk_timer.expires - jiffies;
1639 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1640 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1641
1642 if (ttd < 0)
1643 ttd = 0;
1644
1645 seq_printf(seq,
1646 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1647 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1648 i,
1649 src->s6_addr32[0], src->s6_addr32[1],
1650 src->s6_addr32[2], src->s6_addr32[3],
1651 inet_rsk(req)->ir_num,
1652 dest->s6_addr32[0], dest->s6_addr32[1],
1653 dest->s6_addr32[2], dest->s6_addr32[3],
1654 ntohs(inet_rsk(req)->ir_rmt_port),
1655 TCP_SYN_RECV,
1656 0, 0, /* could print option size, but that is af dependent. */
1657 1, /* timers active (only the expire timer) */
1658 jiffies_to_clock_t(ttd),
1659 req->num_timeout,
1660 from_kuid_munged(seq_user_ns(seq), uid),
1661 0, /* non standard timer */
1662 0, /* open_requests have no inode */
1663 0, req);
1664 }
1665
1666 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1667 {
1668 const struct in6_addr *dest, *src;
1669 __u16 destp, srcp;
1670 int timer_active;
1671 unsigned long timer_expires;
1672 const struct inet_sock *inet = inet_sk(sp);
1673 const struct tcp_sock *tp = tcp_sk(sp);
1674 const struct inet_connection_sock *icsk = inet_csk(sp);
1675 struct fastopen_queue *fastopenq = icsk->icsk_accept_queue.fastopenq;
1676
1677 dest = &sp->sk_v6_daddr;
1678 src = &sp->sk_v6_rcv_saddr;
1679 destp = ntohs(inet->inet_dport);
1680 srcp = ntohs(inet->inet_sport);
1681
1682 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1683 timer_active = 1;
1684 timer_expires = icsk->icsk_timeout;
1685 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1686 timer_active = 4;
1687 timer_expires = icsk->icsk_timeout;
1688 } else if (timer_pending(&sp->sk_timer)) {
1689 timer_active = 2;
1690 timer_expires = sp->sk_timer.expires;
1691 } else {
1692 timer_active = 0;
1693 timer_expires = jiffies;
1694 }
1695
1696 seq_printf(seq,
1697 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1698 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1699 i,
1700 src->s6_addr32[0], src->s6_addr32[1],
1701 src->s6_addr32[2], src->s6_addr32[3], srcp,
1702 dest->s6_addr32[0], dest->s6_addr32[1],
1703 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1704 sp->sk_state,
1705 tp->write_seq-tp->snd_una,
1706 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1707 timer_active,
1708 jiffies_delta_to_clock_t(timer_expires - jiffies),
1709 icsk->icsk_retransmits,
1710 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1711 icsk->icsk_probes_out,
1712 sock_i_ino(sp),
1713 atomic_read(&sp->sk_refcnt), sp,
1714 jiffies_to_clock_t(icsk->icsk_rto),
1715 jiffies_to_clock_t(icsk->icsk_ack.ato),
1716 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
1717 tp->snd_cwnd,
1718 sp->sk_state == TCP_LISTEN ?
1719 (fastopenq ? fastopenq->max_qlen : 0) :
1720 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1721 );
1722 }
1723
1724 static void get_timewait6_sock(struct seq_file *seq,
1725 struct inet_timewait_sock *tw, int i)
1726 {
1727 const struct in6_addr *dest, *src;
1728 __u16 destp, srcp;
1729 s32 delta = tw->tw_ttd - inet_tw_time_stamp();
1730
1731 dest = &tw->tw_v6_daddr;
1732 src = &tw->tw_v6_rcv_saddr;
1733 destp = ntohs(tw->tw_dport);
1734 srcp = ntohs(tw->tw_sport);
1735
1736 seq_printf(seq,
1737 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1738 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1739 i,
1740 src->s6_addr32[0], src->s6_addr32[1],
1741 src->s6_addr32[2], src->s6_addr32[3], srcp,
1742 dest->s6_addr32[0], dest->s6_addr32[1],
1743 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1744 tw->tw_substate, 0, 0,
1745 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1746 atomic_read(&tw->tw_refcnt), tw);
1747 }
1748
1749 static int tcp6_seq_show(struct seq_file *seq, void *v)
1750 {
1751 struct tcp_iter_state *st;
1752 struct sock *sk = v;
1753
1754 if (v == SEQ_START_TOKEN) {
1755 seq_puts(seq,
1756 " sl "
1757 "local_address "
1758 "remote_address "
1759 "st tx_queue rx_queue tr tm->when retrnsmt"
1760 " uid timeout inode\n");
1761 goto out;
1762 }
1763 st = seq->private;
1764
1765 switch (st->state) {
1766 case TCP_SEQ_STATE_LISTENING:
1767 case TCP_SEQ_STATE_ESTABLISHED:
1768 if (sk->sk_state == TCP_TIME_WAIT)
1769 get_timewait6_sock(seq, v, st->num);
1770 else
1771 get_tcp6_sock(seq, v, st->num);
1772 break;
1773 case TCP_SEQ_STATE_OPENREQ:
1774 get_openreq6(seq, v, st->num, st->uid);
1775 break;
1776 }
1777 out:
1778 return 0;
1779 }
1780
1781 static const struct file_operations tcp6_afinfo_seq_fops = {
1782 .owner = THIS_MODULE,
1783 .open = tcp_seq_open,
1784 .read = seq_read,
1785 .llseek = seq_lseek,
1786 .release = seq_release_net
1787 };
1788
1789 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1790 .name = "tcp6",
1791 .family = AF_INET6,
1792 .seq_fops = &tcp6_afinfo_seq_fops,
1793 .seq_ops = {
1794 .show = tcp6_seq_show,
1795 },
1796 };
1797
1798 int __net_init tcp6_proc_init(struct net *net)
1799 {
1800 return tcp_proc_register(net, &tcp6_seq_afinfo);
1801 }
1802
1803 void tcp6_proc_exit(struct net *net)
1804 {
1805 tcp_proc_unregister(net, &tcp6_seq_afinfo);
1806 }
1807 #endif
1808
1809 static void tcp_v6_clear_sk(struct sock *sk, int size)
1810 {
1811 struct inet_sock *inet = inet_sk(sk);
1812
1813 /* we do not want to clear pinet6 field, because of RCU lookups */
1814 sk_prot_clear_nulls(sk, offsetof(struct inet_sock, pinet6));
1815
1816 size -= offsetof(struct inet_sock, pinet6) + sizeof(inet->pinet6);
1817 memset(&inet->pinet6 + 1, 0, size);
1818 }
1819
1820 struct proto tcpv6_prot = {
1821 .name = "TCPv6",
1822 .owner = THIS_MODULE,
1823 .close = tcp_close,
1824 .connect = tcp_v6_connect,
1825 .disconnect = tcp_disconnect,
1826 .accept = inet_csk_accept,
1827 .ioctl = tcp_ioctl,
1828 .init = tcp_v6_init_sock,
1829 .destroy = tcp_v6_destroy_sock,
1830 .shutdown = tcp_shutdown,
1831 .setsockopt = tcp_setsockopt,
1832 .getsockopt = tcp_getsockopt,
1833 .recvmsg = tcp_recvmsg,
1834 .sendmsg = tcp_sendmsg,
1835 .sendpage = tcp_sendpage,
1836 .backlog_rcv = tcp_v6_do_rcv,
1837 .release_cb = tcp_release_cb,
1838 .hash = inet_hash,
1839 .unhash = inet_unhash,
1840 .get_port = inet_csk_get_port,
1841 .enter_memory_pressure = tcp_enter_memory_pressure,
1842 .stream_memory_free = tcp_stream_memory_free,
1843 .sockets_allocated = &tcp_sockets_allocated,
1844 .memory_allocated = &tcp_memory_allocated,
1845 .memory_pressure = &tcp_memory_pressure,
1846 .orphan_count = &tcp_orphan_count,
1847 .sysctl_mem = sysctl_tcp_mem,
1848 .sysctl_wmem = sysctl_tcp_wmem,
1849 .sysctl_rmem = sysctl_tcp_rmem,
1850 .max_header = MAX_TCP_HEADER,
1851 .obj_size = sizeof(struct tcp6_sock),
1852 .slab_flags = SLAB_DESTROY_BY_RCU,
1853 .twsk_prot = &tcp6_timewait_sock_ops,
1854 .rsk_prot = &tcp6_request_sock_ops,
1855 .h.hashinfo = &tcp_hashinfo,
1856 .no_autobind = true,
1857 #ifdef CONFIG_COMPAT
1858 .compat_setsockopt = compat_tcp_setsockopt,
1859 .compat_getsockopt = compat_tcp_getsockopt,
1860 #endif
1861 #ifdef CONFIG_MEMCG_KMEM
1862 .proto_cgroup = tcp_proto_cgroup,
1863 #endif
1864 .clear_sk = tcp_v6_clear_sk,
1865 };
1866
1867 static const struct inet6_protocol tcpv6_protocol = {
1868 .early_demux = tcp_v6_early_demux,
1869 .handler = tcp_v6_rcv,
1870 .err_handler = tcp_v6_err,
1871 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1872 };
1873
1874 static struct inet_protosw tcpv6_protosw = {
1875 .type = SOCK_STREAM,
1876 .protocol = IPPROTO_TCP,
1877 .prot = &tcpv6_prot,
1878 .ops = &inet6_stream_ops,
1879 .flags = INET_PROTOSW_PERMANENT |
1880 INET_PROTOSW_ICSK,
1881 };
1882
1883 static int __net_init tcpv6_net_init(struct net *net)
1884 {
1885 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
1886 SOCK_RAW, IPPROTO_TCP, net);
1887 }
1888
1889 static void __net_exit tcpv6_net_exit(struct net *net)
1890 {
1891 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
1892 }
1893
1894 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
1895 {
1896 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
1897 }
1898
1899 static struct pernet_operations tcpv6_net_ops = {
1900 .init = tcpv6_net_init,
1901 .exit = tcpv6_net_exit,
1902 .exit_batch = tcpv6_net_exit_batch,
1903 };
1904
1905 int __init tcpv6_init(void)
1906 {
1907 int ret;
1908
1909 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
1910 if (ret)
1911 goto out;
1912
1913 /* register inet6 protocol */
1914 ret = inet6_register_protosw(&tcpv6_protosw);
1915 if (ret)
1916 goto out_tcpv6_protocol;
1917
1918 ret = register_pernet_subsys(&tcpv6_net_ops);
1919 if (ret)
1920 goto out_tcpv6_protosw;
1921 out:
1922 return ret;
1923
1924 out_tcpv6_protosw:
1925 inet6_unregister_protosw(&tcpv6_protosw);
1926 out_tcpv6_protocol:
1927 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
1928 goto out;
1929 }
1930
1931 void tcpv6_exit(void)
1932 {
1933 unregister_pernet_subsys(&tcpv6_net_ops);
1934 inet6_unregister_protosw(&tcpv6_protosw);
1935 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
1936 }
ubuntu-bionic-kernel mirror