]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - net/ipv6/tcp_ipv6.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
inet: rename some inet_sock fields
[mirror_ubuntu-bionic-kernel.git] / net / ipv6 / tcp_ipv6.c
1 /*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * Based on:
9 * linux/net/ipv4/tcp.c
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
12 *
13 * Fixes:
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
19 *
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
24 */
25
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
34 #include <linux/in.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41
42 #include <linux/ipv6.h>
43 #include <linux/icmpv6.h>
44 #include <linux/random.h>
45
46 #include <net/tcp.h>
47 #include <net/ndisc.h>
48 #include <net/inet6_hashtables.h>
49 #include <net/inet6_connection_sock.h>
50 #include <net/ipv6.h>
51 #include <net/transp_v6.h>
52 #include <net/addrconf.h>
53 #include <net/ip6_route.h>
54 #include <net/ip6_checksum.h>
55 #include <net/inet_ecn.h>
56 #include <net/protocol.h>
57 #include <net/xfrm.h>
58 #include <net/snmp.h>
59 #include <net/dsfield.h>
60 #include <net/timewait_sock.h>
61 #include <net/netdma.h>
62 #include <net/inet_common.h>
63
64 #include <asm/uaccess.h>
65
66 #include <linux/proc_fs.h>
67 #include <linux/seq_file.h>
68
69 #include <linux/crypto.h>
70 #include <linux/scatterlist.h>
71
72 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
73 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
74 struct request_sock *req);
75
76 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
77
78 static const struct inet_connection_sock_af_ops ipv6_mapped;
79 static const struct inet_connection_sock_af_ops ipv6_specific;
80 #ifdef CONFIG_TCP_MD5SIG
81 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
82 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
83 #else
84 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
85 struct in6_addr *addr)
86 {
87 return NULL;
88 }
89 #endif
90
91 static void tcp_v6_hash(struct sock *sk)
92 {
93 if (sk->sk_state != TCP_CLOSE) {
94 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
95 tcp_prot.hash(sk);
96 return;
97 }
98 local_bh_disable();
99 __inet6_hash(sk);
100 local_bh_enable();
101 }
102 }
103
104 static __inline__ __sum16 tcp_v6_check(int len,
105 struct in6_addr *saddr,
106 struct in6_addr *daddr,
107 __wsum base)
108 {
109 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
110 }
111
112 static __u32 tcp_v6_init_sequence(struct sk_buff *skb)
113 {
114 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
115 ipv6_hdr(skb)->saddr.s6_addr32,
116 tcp_hdr(skb)->dest,
117 tcp_hdr(skb)->source);
118 }
119
120 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
121 int addr_len)
122 {
123 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
124 struct inet_sock *inet = inet_sk(sk);
125 struct inet_connection_sock *icsk = inet_csk(sk);
126 struct ipv6_pinfo *np = inet6_sk(sk);
127 struct tcp_sock *tp = tcp_sk(sk);
128 struct in6_addr *saddr = NULL, *final_p = NULL, final;
129 struct flowi fl;
130 struct dst_entry *dst;
131 int addr_type;
132 int err;
133
134 if (addr_len < SIN6_LEN_RFC2133)
135 return -EINVAL;
136
137 if (usin->sin6_family != AF_INET6)
138 return(-EAFNOSUPPORT);
139
140 memset(&fl, 0, sizeof(fl));
141
142 if (np->sndflow) {
143 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
144 IP6_ECN_flow_init(fl.fl6_flowlabel);
145 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
146 struct ip6_flowlabel *flowlabel;
147 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
148 if (flowlabel == NULL)
149 return -EINVAL;
150 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
151 fl6_sock_release(flowlabel);
152 }
153 }
154
155 /*
156 * connect() to INADDR_ANY means loopback (BSD'ism).
157 */
158
159 if(ipv6_addr_any(&usin->sin6_addr))
160 usin->sin6_addr.s6_addr[15] = 0x1;
161
162 addr_type = ipv6_addr_type(&usin->sin6_addr);
163
164 if(addr_type & IPV6_ADDR_MULTICAST)
165 return -ENETUNREACH;
166
167 if (addr_type&IPV6_ADDR_LINKLOCAL) {
168 if (addr_len >= sizeof(struct sockaddr_in6) &&
169 usin->sin6_scope_id) {
170 /* If interface is set while binding, indices
171 * must coincide.
172 */
173 if (sk->sk_bound_dev_if &&
174 sk->sk_bound_dev_if != usin->sin6_scope_id)
175 return -EINVAL;
176
177 sk->sk_bound_dev_if = usin->sin6_scope_id;
178 }
179
180 /* Connect to link-local address requires an interface */
181 if (!sk->sk_bound_dev_if)
182 return -EINVAL;
183 }
184
185 if (tp->rx_opt.ts_recent_stamp &&
186 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
187 tp->rx_opt.ts_recent = 0;
188 tp->rx_opt.ts_recent_stamp = 0;
189 tp->write_seq = 0;
190 }
191
192 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
193 np->flow_label = fl.fl6_flowlabel;
194
195 /*
196 * TCP over IPv4
197 */
198
199 if (addr_type == IPV6_ADDR_MAPPED) {
200 u32 exthdrlen = icsk->icsk_ext_hdr_len;
201 struct sockaddr_in sin;
202
203 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
204
205 if (__ipv6_only_sock(sk))
206 return -ENETUNREACH;
207
208 sin.sin_family = AF_INET;
209 sin.sin_port = usin->sin6_port;
210 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
211
212 icsk->icsk_af_ops = &ipv6_mapped;
213 sk->sk_backlog_rcv = tcp_v4_do_rcv;
214 #ifdef CONFIG_TCP_MD5SIG
215 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
216 #endif
217
218 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
219
220 if (err) {
221 icsk->icsk_ext_hdr_len = exthdrlen;
222 icsk->icsk_af_ops = &ipv6_specific;
223 sk->sk_backlog_rcv = tcp_v6_do_rcv;
224 #ifdef CONFIG_TCP_MD5SIG
225 tp->af_specific = &tcp_sock_ipv6_specific;
226 #endif
227 goto failure;
228 } else {
229 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
230 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
231 &np->rcv_saddr);
232 }
233
234 return err;
235 }
236
237 if (!ipv6_addr_any(&np->rcv_saddr))
238 saddr = &np->rcv_saddr;
239
240 fl.proto = IPPROTO_TCP;
241 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
242 ipv6_addr_copy(&fl.fl6_src,
243 (saddr ? saddr : &np->saddr));
244 fl.oif = sk->sk_bound_dev_if;
245 fl.mark = sk->sk_mark;
246 fl.fl_ip_dport = usin->sin6_port;
247 fl.fl_ip_sport = inet->inet_sport;
248
249 if (np->opt && np->opt->srcrt) {
250 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
251 ipv6_addr_copy(&final, &fl.fl6_dst);
252 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
253 final_p = &final;
254 }
255
256 security_sk_classify_flow(sk, &fl);
257
258 err = ip6_dst_lookup(sk, &dst, &fl);
259 if (err)
260 goto failure;
261 if (final_p)
262 ipv6_addr_copy(&fl.fl6_dst, final_p);
263
264 err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT);
265 if (err < 0) {
266 if (err == -EREMOTE)
267 err = ip6_dst_blackhole(sk, &dst, &fl);
268 if (err < 0)
269 goto failure;
270 }
271
272 if (saddr == NULL) {
273 saddr = &fl.fl6_src;
274 ipv6_addr_copy(&np->rcv_saddr, saddr);
275 }
276
277 /* set the source address */
278 ipv6_addr_copy(&np->saddr, saddr);
279 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
280
281 sk->sk_gso_type = SKB_GSO_TCPV6;
282 __ip6_dst_store(sk, dst, NULL, NULL);
283
284 icsk->icsk_ext_hdr_len = 0;
285 if (np->opt)
286 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
287 np->opt->opt_nflen);
288
289 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
290
291 inet->inet_dport = usin->sin6_port;
292
293 tcp_set_state(sk, TCP_SYN_SENT);
294 err = inet6_hash_connect(&tcp_death_row, sk);
295 if (err)
296 goto late_failure;
297
298 if (!tp->write_seq)
299 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
300 np->daddr.s6_addr32,
301 inet->inet_sport,
302 inet->inet_dport);
303
304 err = tcp_connect(sk);
305 if (err)
306 goto late_failure;
307
308 return 0;
309
310 late_failure:
311 tcp_set_state(sk, TCP_CLOSE);
312 __sk_dst_reset(sk);
313 failure:
314 inet->inet_dport = 0;
315 sk->sk_route_caps = 0;
316 return err;
317 }
318
319 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
320 u8 type, u8 code, int offset, __be32 info)
321 {
322 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
323 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
324 struct ipv6_pinfo *np;
325 struct sock *sk;
326 int err;
327 struct tcp_sock *tp;
328 __u32 seq;
329 struct net *net = dev_net(skb->dev);
330
331 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
332 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
333
334 if (sk == NULL) {
335 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
336 ICMP6_MIB_INERRORS);
337 return;
338 }
339
340 if (sk->sk_state == TCP_TIME_WAIT) {
341 inet_twsk_put(inet_twsk(sk));
342 return;
343 }
344
345 bh_lock_sock(sk);
346 if (sock_owned_by_user(sk))
347 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
348
349 if (sk->sk_state == TCP_CLOSE)
350 goto out;
351
352 tp = tcp_sk(sk);
353 seq = ntohl(th->seq);
354 if (sk->sk_state != TCP_LISTEN &&
355 !between(seq, tp->snd_una, tp->snd_nxt)) {
356 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
357 goto out;
358 }
359
360 np = inet6_sk(sk);
361
362 if (type == ICMPV6_PKT_TOOBIG) {
363 struct dst_entry *dst = NULL;
364
365 if (sock_owned_by_user(sk))
366 goto out;
367 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
368 goto out;
369
370 /* icmp should have updated the destination cache entry */
371 dst = __sk_dst_check(sk, np->dst_cookie);
372
373 if (dst == NULL) {
374 struct inet_sock *inet = inet_sk(sk);
375 struct flowi fl;
376
377 /* BUGGG_FUTURE: Again, it is not clear how
378 to handle rthdr case. Ignore this complexity
379 for now.
380 */
381 memset(&fl, 0, sizeof(fl));
382 fl.proto = IPPROTO_TCP;
383 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
384 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
385 fl.oif = sk->sk_bound_dev_if;
386 fl.mark = sk->sk_mark;
387 fl.fl_ip_dport = inet->inet_dport;
388 fl.fl_ip_sport = inet->inet_sport;
389 security_skb_classify_flow(skb, &fl);
390
391 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
392 sk->sk_err_soft = -err;
393 goto out;
394 }
395
396 if ((err = xfrm_lookup(net, &dst, &fl, sk, 0)) < 0) {
397 sk->sk_err_soft = -err;
398 goto out;
399 }
400
401 } else
402 dst_hold(dst);
403
404 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
405 tcp_sync_mss(sk, dst_mtu(dst));
406 tcp_simple_retransmit(sk);
407 } /* else let the usual retransmit timer handle it */
408 dst_release(dst);
409 goto out;
410 }
411
412 icmpv6_err_convert(type, code, &err);
413
414 /* Might be for an request_sock */
415 switch (sk->sk_state) {
416 struct request_sock *req, **prev;
417 case TCP_LISTEN:
418 if (sock_owned_by_user(sk))
419 goto out;
420
421 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
422 &hdr->saddr, inet6_iif(skb));
423 if (!req)
424 goto out;
425
426 /* ICMPs are not backlogged, hence we cannot get
427 * an established socket here.
428 */
429 WARN_ON(req->sk != NULL);
430
431 if (seq != tcp_rsk(req)->snt_isn) {
432 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
433 goto out;
434 }
435
436 inet_csk_reqsk_queue_drop(sk, req, prev);
437 goto out;
438
439 case TCP_SYN_SENT:
440 case TCP_SYN_RECV: /* Cannot happen.
441 It can, it SYNs are crossed. --ANK */
442 if (!sock_owned_by_user(sk)) {
443 sk->sk_err = err;
444 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
445
446 tcp_done(sk);
447 } else
448 sk->sk_err_soft = err;
449 goto out;
450 }
451
452 if (!sock_owned_by_user(sk) && np->recverr) {
453 sk->sk_err = err;
454 sk->sk_error_report(sk);
455 } else
456 sk->sk_err_soft = err;
457
458 out:
459 bh_unlock_sock(sk);
460 sock_put(sk);
461 }
462
463
464 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req)
465 {
466 struct inet6_request_sock *treq = inet6_rsk(req);
467 struct ipv6_pinfo *np = inet6_sk(sk);
468 struct sk_buff * skb;
469 struct ipv6_txoptions *opt = NULL;
470 struct in6_addr * final_p = NULL, final;
471 struct flowi fl;
472 struct dst_entry *dst;
473 int err = -1;
474
475 memset(&fl, 0, sizeof(fl));
476 fl.proto = IPPROTO_TCP;
477 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
478 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
479 fl.fl6_flowlabel = 0;
480 fl.oif = treq->iif;
481 fl.mark = sk->sk_mark;
482 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
483 fl.fl_ip_sport = inet_rsk(req)->loc_port;
484 security_req_classify_flow(req, &fl);
485
486 opt = np->opt;
487 if (opt && opt->srcrt) {
488 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
489 ipv6_addr_copy(&final, &fl.fl6_dst);
490 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
491 final_p = &final;
492 }
493
494 err = ip6_dst_lookup(sk, &dst, &fl);
495 if (err)
496 goto done;
497 if (final_p)
498 ipv6_addr_copy(&fl.fl6_dst, final_p);
499 if ((err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0)
500 goto done;
501
502 skb = tcp_make_synack(sk, dst, req);
503 if (skb) {
504 struct tcphdr *th = tcp_hdr(skb);
505
506 th->check = tcp_v6_check(skb->len,
507 &treq->loc_addr, &treq->rmt_addr,
508 csum_partial(th, skb->len, skb->csum));
509
510 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
511 err = ip6_xmit(sk, skb, &fl, opt, 0);
512 err = net_xmit_eval(err);
513 }
514
515 done:
516 if (opt && opt != np->opt)
517 sock_kfree_s(sk, opt, opt->tot_len);
518 dst_release(dst);
519 return err;
520 }
521
522 static inline void syn_flood_warning(struct sk_buff *skb)
523 {
524 #ifdef CONFIG_SYN_COOKIES
525 if (sysctl_tcp_syncookies)
526 printk(KERN_INFO
527 "TCPv6: Possible SYN flooding on port %d. "
528 "Sending cookies.\n", ntohs(tcp_hdr(skb)->dest));
529 else
530 #endif
531 printk(KERN_INFO
532 "TCPv6: Possible SYN flooding on port %d. "
533 "Dropping request.\n", ntohs(tcp_hdr(skb)->dest));
534 }
535
536 static void tcp_v6_reqsk_destructor(struct request_sock *req)
537 {
538 kfree_skb(inet6_rsk(req)->pktopts);
539 }
540
541 #ifdef CONFIG_TCP_MD5SIG
542 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
543 struct in6_addr *addr)
544 {
545 struct tcp_sock *tp = tcp_sk(sk);
546 int i;
547
548 BUG_ON(tp == NULL);
549
550 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
551 return NULL;
552
553 for (i = 0; i < tp->md5sig_info->entries6; i++) {
554 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, addr))
555 return &tp->md5sig_info->keys6[i].base;
556 }
557 return NULL;
558 }
559
560 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
561 struct sock *addr_sk)
562 {
563 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
564 }
565
566 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
567 struct request_sock *req)
568 {
569 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
570 }
571
572 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer,
573 char *newkey, u8 newkeylen)
574 {
575 /* Add key to the list */
576 struct tcp_md5sig_key *key;
577 struct tcp_sock *tp = tcp_sk(sk);
578 struct tcp6_md5sig_key *keys;
579
580 key = tcp_v6_md5_do_lookup(sk, peer);
581 if (key) {
582 /* modify existing entry - just update that one */
583 kfree(key->key);
584 key->key = newkey;
585 key->keylen = newkeylen;
586 } else {
587 /* reallocate new list if current one is full. */
588 if (!tp->md5sig_info) {
589 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
590 if (!tp->md5sig_info) {
591 kfree(newkey);
592 return -ENOMEM;
593 }
594 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
595 }
596 if (tcp_alloc_md5sig_pool(sk) == NULL) {
597 kfree(newkey);
598 return -ENOMEM;
599 }
600 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
601 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
602 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
603
604 if (!keys) {
605 tcp_free_md5sig_pool();
606 kfree(newkey);
607 return -ENOMEM;
608 }
609
610 if (tp->md5sig_info->entries6)
611 memmove(keys, tp->md5sig_info->keys6,
612 (sizeof (tp->md5sig_info->keys6[0]) *
613 tp->md5sig_info->entries6));
614
615 kfree(tp->md5sig_info->keys6);
616 tp->md5sig_info->keys6 = keys;
617 tp->md5sig_info->alloced6++;
618 }
619
620 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
621 peer);
622 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
623 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
624
625 tp->md5sig_info->entries6++;
626 }
627 return 0;
628 }
629
630 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
631 u8 *newkey, __u8 newkeylen)
632 {
633 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
634 newkey, newkeylen);
635 }
636
637 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer)
638 {
639 struct tcp_sock *tp = tcp_sk(sk);
640 int i;
641
642 for (i = 0; i < tp->md5sig_info->entries6; i++) {
643 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, peer)) {
644 /* Free the key */
645 kfree(tp->md5sig_info->keys6[i].base.key);
646 tp->md5sig_info->entries6--;
647
648 if (tp->md5sig_info->entries6 == 0) {
649 kfree(tp->md5sig_info->keys6);
650 tp->md5sig_info->keys6 = NULL;
651 tp->md5sig_info->alloced6 = 0;
652 } else {
653 /* shrink the database */
654 if (tp->md5sig_info->entries6 != i)
655 memmove(&tp->md5sig_info->keys6[i],
656 &tp->md5sig_info->keys6[i+1],
657 (tp->md5sig_info->entries6 - i)
658 * sizeof (tp->md5sig_info->keys6[0]));
659 }
660 tcp_free_md5sig_pool();
661 return 0;
662 }
663 }
664 return -ENOENT;
665 }
666
667 static void tcp_v6_clear_md5_list (struct sock *sk)
668 {
669 struct tcp_sock *tp = tcp_sk(sk);
670 int i;
671
672 if (tp->md5sig_info->entries6) {
673 for (i = 0; i < tp->md5sig_info->entries6; i++)
674 kfree(tp->md5sig_info->keys6[i].base.key);
675 tp->md5sig_info->entries6 = 0;
676 tcp_free_md5sig_pool();
677 }
678
679 kfree(tp->md5sig_info->keys6);
680 tp->md5sig_info->keys6 = NULL;
681 tp->md5sig_info->alloced6 = 0;
682
683 if (tp->md5sig_info->entries4) {
684 for (i = 0; i < tp->md5sig_info->entries4; i++)
685 kfree(tp->md5sig_info->keys4[i].base.key);
686 tp->md5sig_info->entries4 = 0;
687 tcp_free_md5sig_pool();
688 }
689
690 kfree(tp->md5sig_info->keys4);
691 tp->md5sig_info->keys4 = NULL;
692 tp->md5sig_info->alloced4 = 0;
693 }
694
695 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
696 int optlen)
697 {
698 struct tcp_md5sig cmd;
699 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
700 u8 *newkey;
701
702 if (optlen < sizeof(cmd))
703 return -EINVAL;
704
705 if (copy_from_user(&cmd, optval, sizeof(cmd)))
706 return -EFAULT;
707
708 if (sin6->sin6_family != AF_INET6)
709 return -EINVAL;
710
711 if (!cmd.tcpm_keylen) {
712 if (!tcp_sk(sk)->md5sig_info)
713 return -ENOENT;
714 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
715 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
716 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
717 }
718
719 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
720 return -EINVAL;
721
722 if (!tcp_sk(sk)->md5sig_info) {
723 struct tcp_sock *tp = tcp_sk(sk);
724 struct tcp_md5sig_info *p;
725
726 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
727 if (!p)
728 return -ENOMEM;
729
730 tp->md5sig_info = p;
731 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
732 }
733
734 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
735 if (!newkey)
736 return -ENOMEM;
737 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
738 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
739 newkey, cmd.tcpm_keylen);
740 }
741 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
742 }
743
744 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
745 struct in6_addr *daddr,
746 struct in6_addr *saddr, int nbytes)
747 {
748 struct tcp6_pseudohdr *bp;
749 struct scatterlist sg;
750
751 bp = &hp->md5_blk.ip6;
752 /* 1. TCP pseudo-header (RFC2460) */
753 ipv6_addr_copy(&bp->saddr, saddr);
754 ipv6_addr_copy(&bp->daddr, daddr);
755 bp->protocol = cpu_to_be32(IPPROTO_TCP);
756 bp->len = cpu_to_be32(nbytes);
757
758 sg_init_one(&sg, bp, sizeof(*bp));
759 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
760 }
761
762 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
763 struct in6_addr *daddr, struct in6_addr *saddr,
764 struct tcphdr *th)
765 {
766 struct tcp_md5sig_pool *hp;
767 struct hash_desc *desc;
768
769 hp = tcp_get_md5sig_pool();
770 if (!hp)
771 goto clear_hash_noput;
772 desc = &hp->md5_desc;
773
774 if (crypto_hash_init(desc))
775 goto clear_hash;
776 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
777 goto clear_hash;
778 if (tcp_md5_hash_header(hp, th))
779 goto clear_hash;
780 if (tcp_md5_hash_key(hp, key))
781 goto clear_hash;
782 if (crypto_hash_final(desc, md5_hash))
783 goto clear_hash;
784
785 tcp_put_md5sig_pool();
786 return 0;
787
788 clear_hash:
789 tcp_put_md5sig_pool();
790 clear_hash_noput:
791 memset(md5_hash, 0, 16);
792 return 1;
793 }
794
795 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
796 struct sock *sk, struct request_sock *req,
797 struct sk_buff *skb)
798 {
799 struct in6_addr *saddr, *daddr;
800 struct tcp_md5sig_pool *hp;
801 struct hash_desc *desc;
802 struct tcphdr *th = tcp_hdr(skb);
803
804 if (sk) {
805 saddr = &inet6_sk(sk)->saddr;
806 daddr = &inet6_sk(sk)->daddr;
807 } else if (req) {
808 saddr = &inet6_rsk(req)->loc_addr;
809 daddr = &inet6_rsk(req)->rmt_addr;
810 } else {
811 struct ipv6hdr *ip6h = ipv6_hdr(skb);
812 saddr = &ip6h->saddr;
813 daddr = &ip6h->daddr;
814 }
815
816 hp = tcp_get_md5sig_pool();
817 if (!hp)
818 goto clear_hash_noput;
819 desc = &hp->md5_desc;
820
821 if (crypto_hash_init(desc))
822 goto clear_hash;
823
824 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
825 goto clear_hash;
826 if (tcp_md5_hash_header(hp, th))
827 goto clear_hash;
828 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
829 goto clear_hash;
830 if (tcp_md5_hash_key(hp, key))
831 goto clear_hash;
832 if (crypto_hash_final(desc, md5_hash))
833 goto clear_hash;
834
835 tcp_put_md5sig_pool();
836 return 0;
837
838 clear_hash:
839 tcp_put_md5sig_pool();
840 clear_hash_noput:
841 memset(md5_hash, 0, 16);
842 return 1;
843 }
844
845 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
846 {
847 __u8 *hash_location = NULL;
848 struct tcp_md5sig_key *hash_expected;
849 struct ipv6hdr *ip6h = ipv6_hdr(skb);
850 struct tcphdr *th = tcp_hdr(skb);
851 int genhash;
852 u8 newhash[16];
853
854 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
855 hash_location = tcp_parse_md5sig_option(th);
856
857 /* We've parsed the options - do we have a hash? */
858 if (!hash_expected && !hash_location)
859 return 0;
860
861 if (hash_expected && !hash_location) {
862 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
863 return 1;
864 }
865
866 if (!hash_expected && hash_location) {
867 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
868 return 1;
869 }
870
871 /* check the signature */
872 genhash = tcp_v6_md5_hash_skb(newhash,
873 hash_expected,
874 NULL, NULL, skb);
875
876 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
877 if (net_ratelimit()) {
878 printk(KERN_INFO "MD5 Hash %s for (%pI6, %u)->(%pI6, %u)\n",
879 genhash ? "failed" : "mismatch",
880 &ip6h->saddr, ntohs(th->source),
881 &ip6h->daddr, ntohs(th->dest));
882 }
883 return 1;
884 }
885 return 0;
886 }
887 #endif
888
889 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
890 .family = AF_INET6,
891 .obj_size = sizeof(struct tcp6_request_sock),
892 .rtx_syn_ack = tcp_v6_send_synack,
893 .send_ack = tcp_v6_reqsk_send_ack,
894 .destructor = tcp_v6_reqsk_destructor,
895 .send_reset = tcp_v6_send_reset
896 };
897
898 #ifdef CONFIG_TCP_MD5SIG
899 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
900 .md5_lookup = tcp_v6_reqsk_md5_lookup,
901 .calc_md5_hash = tcp_v6_md5_hash_skb,
902 };
903 #endif
904
905 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
906 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
907 .twsk_unique = tcp_twsk_unique,
908 .twsk_destructor= tcp_twsk_destructor,
909 };
910
911 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb)
912 {
913 struct ipv6_pinfo *np = inet6_sk(sk);
914 struct tcphdr *th = tcp_hdr(skb);
915
916 if (skb->ip_summed == CHECKSUM_PARTIAL) {
917 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
918 skb->csum_start = skb_transport_header(skb) - skb->head;
919 skb->csum_offset = offsetof(struct tcphdr, check);
920 } else {
921 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
922 csum_partial(th, th->doff<<2,
923 skb->csum));
924 }
925 }
926
927 static int tcp_v6_gso_send_check(struct sk_buff *skb)
928 {
929 struct ipv6hdr *ipv6h;
930 struct tcphdr *th;
931
932 if (!pskb_may_pull(skb, sizeof(*th)))
933 return -EINVAL;
934
935 ipv6h = ipv6_hdr(skb);
936 th = tcp_hdr(skb);
937
938 th->check = 0;
939 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
940 IPPROTO_TCP, 0);
941 skb->csum_start = skb_transport_header(skb) - skb->head;
942 skb->csum_offset = offsetof(struct tcphdr, check);
943 skb->ip_summed = CHECKSUM_PARTIAL;
944 return 0;
945 }
946
947 static struct sk_buff **tcp6_gro_receive(struct sk_buff **head,
948 struct sk_buff *skb)
949 {
950 struct ipv6hdr *iph = skb_gro_network_header(skb);
951
952 switch (skb->ip_summed) {
953 case CHECKSUM_COMPLETE:
954 if (!tcp_v6_check(skb_gro_len(skb), &iph->saddr, &iph->daddr,
955 skb->csum)) {
956 skb->ip_summed = CHECKSUM_UNNECESSARY;
957 break;
958 }
959
960 /* fall through */
961 case CHECKSUM_NONE:
962 NAPI_GRO_CB(skb)->flush = 1;
963 return NULL;
964 }
965
966 return tcp_gro_receive(head, skb);
967 }
968
969 static int tcp6_gro_complete(struct sk_buff *skb)
970 {
971 struct ipv6hdr *iph = ipv6_hdr(skb);
972 struct tcphdr *th = tcp_hdr(skb);
973
974 th->check = ~tcp_v6_check(skb->len - skb_transport_offset(skb),
975 &iph->saddr, &iph->daddr, 0);
976 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6;
977
978 return tcp_gro_complete(skb);
979 }
980
981 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
982 u32 ts, struct tcp_md5sig_key *key, int rst)
983 {
984 struct tcphdr *th = tcp_hdr(skb), *t1;
985 struct sk_buff *buff;
986 struct flowi fl;
987 struct net *net = dev_net(skb_dst(skb)->dev);
988 struct sock *ctl_sk = net->ipv6.tcp_sk;
989 unsigned int tot_len = sizeof(struct tcphdr);
990 struct dst_entry *dst;
991 __be32 *topt;
992
993 if (ts)
994 tot_len += TCPOLEN_TSTAMP_ALIGNED;
995 #ifdef CONFIG_TCP_MD5SIG
996 if (key)
997 tot_len += TCPOLEN_MD5SIG_ALIGNED;
998 #endif
999
1000 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1001 GFP_ATOMIC);
1002 if (buff == NULL)
1003 return;
1004
1005 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1006
1007 t1 = (struct tcphdr *) skb_push(buff, tot_len);
1008 skb_reset_transport_header(skb);
1009
1010 /* Swap the send and the receive. */
1011 memset(t1, 0, sizeof(*t1));
1012 t1->dest = th->source;
1013 t1->source = th->dest;
1014 t1->doff = tot_len / 4;
1015 t1->seq = htonl(seq);
1016 t1->ack_seq = htonl(ack);
1017 t1->ack = !rst || !th->ack;
1018 t1->rst = rst;
1019 t1->window = htons(win);
1020
1021 topt = (__be32 *)(t1 + 1);
1022
1023 if (ts) {
1024 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1025 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
1026 *topt++ = htonl(tcp_time_stamp);
1027 *topt++ = htonl(ts);
1028 }
1029
1030 #ifdef CONFIG_TCP_MD5SIG
1031 if (key) {
1032 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1033 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
1034 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
1035 &ipv6_hdr(skb)->saddr,
1036 &ipv6_hdr(skb)->daddr, t1);
1037 }
1038 #endif
1039
1040 buff->csum = csum_partial(t1, tot_len, 0);
1041
1042 memset(&fl, 0, sizeof(fl));
1043 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1044 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1045
1046 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1047 tot_len, IPPROTO_TCP,
1048 buff->csum);
1049
1050 fl.proto = IPPROTO_TCP;
1051 fl.oif = inet6_iif(skb);
1052 fl.fl_ip_dport = t1->dest;
1053 fl.fl_ip_sport = t1->source;
1054 security_skb_classify_flow(skb, &fl);
1055
1056 /* Pass a socket to ip6_dst_lookup either it is for RST
1057 * Underlying function will use this to retrieve the network
1058 * namespace
1059 */
1060 if (!ip6_dst_lookup(ctl_sk, &dst, &fl)) {
1061 if (xfrm_lookup(net, &dst, &fl, NULL, 0) >= 0) {
1062 skb_dst_set(buff, dst);
1063 ip6_xmit(ctl_sk, buff, &fl, NULL, 0);
1064 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
1065 if (rst)
1066 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
1067 return;
1068 }
1069 }
1070
1071 kfree_skb(buff);
1072 }
1073
1074 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
1075 {
1076 struct tcphdr *th = tcp_hdr(skb);
1077 u32 seq = 0, ack_seq = 0;
1078 struct tcp_md5sig_key *key = NULL;
1079
1080 if (th->rst)
1081 return;
1082
1083 if (!ipv6_unicast_destination(skb))
1084 return;
1085
1086 #ifdef CONFIG_TCP_MD5SIG
1087 if (sk)
1088 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr);
1089 #endif
1090
1091 if (th->ack)
1092 seq = ntohl(th->ack_seq);
1093 else
1094 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
1095 (th->doff << 2);
1096
1097 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1);
1098 }
1099
1100 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts,
1101 struct tcp_md5sig_key *key)
1102 {
1103 tcp_v6_send_response(skb, seq, ack, win, ts, key, 0);
1104 }
1105
1106 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1107 {
1108 struct inet_timewait_sock *tw = inet_twsk(sk);
1109 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1110
1111 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1112 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1113 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw));
1114
1115 inet_twsk_put(tw);
1116 }
1117
1118 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
1119 struct request_sock *req)
1120 {
1121 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent,
1122 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr));
1123 }
1124
1125
1126 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1127 {
1128 struct request_sock *req, **prev;
1129 const struct tcphdr *th = tcp_hdr(skb);
1130 struct sock *nsk;
1131
1132 /* Find possible connection requests. */
1133 req = inet6_csk_search_req(sk, &prev, th->source,
1134 &ipv6_hdr(skb)->saddr,
1135 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1136 if (req)
1137 return tcp_check_req(sk, skb, req, prev);
1138
1139 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
1140 &ipv6_hdr(skb)->saddr, th->source,
1141 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1142
1143 if (nsk) {
1144 if (nsk->sk_state != TCP_TIME_WAIT) {
1145 bh_lock_sock(nsk);
1146 return nsk;
1147 }
1148 inet_twsk_put(inet_twsk(nsk));
1149 return NULL;
1150 }
1151
1152 #ifdef CONFIG_SYN_COOKIES
1153 if (!th->rst && !th->syn && th->ack)
1154 sk = cookie_v6_check(sk, skb);
1155 #endif
1156 return sk;
1157 }
1158
1159 /* FIXME: this is substantially similar to the ipv4 code.
1160 * Can some kind of merge be done? -- erics
1161 */
1162 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1163 {
1164 struct inet6_request_sock *treq;
1165 struct ipv6_pinfo *np = inet6_sk(sk);
1166 struct tcp_options_received tmp_opt;
1167 struct tcp_sock *tp = tcp_sk(sk);
1168 struct request_sock *req = NULL;
1169 __u32 isn = TCP_SKB_CB(skb)->when;
1170 #ifdef CONFIG_SYN_COOKIES
1171 int want_cookie = 0;
1172 #else
1173 #define want_cookie 0
1174 #endif
1175
1176 if (skb->protocol == htons(ETH_P_IP))
1177 return tcp_v4_conn_request(sk, skb);
1178
1179 if (!ipv6_unicast_destination(skb))
1180 goto drop;
1181
1182 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1183 if (net_ratelimit())
1184 syn_flood_warning(skb);
1185 #ifdef CONFIG_SYN_COOKIES
1186 if (sysctl_tcp_syncookies)
1187 want_cookie = 1;
1188 else
1189 #endif
1190 goto drop;
1191 }
1192
1193 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1194 goto drop;
1195
1196 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1197 if (req == NULL)
1198 goto drop;
1199
1200 #ifdef CONFIG_TCP_MD5SIG
1201 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1202 #endif
1203
1204 tcp_clear_options(&tmp_opt);
1205 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1206 tmp_opt.user_mss = tp->rx_opt.user_mss;
1207
1208 tcp_parse_options(skb, &tmp_opt, 0);
1209
1210 if (want_cookie && !tmp_opt.saw_tstamp)
1211 tcp_clear_options(&tmp_opt);
1212
1213 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1214 tcp_openreq_init(req, &tmp_opt, skb);
1215
1216 treq = inet6_rsk(req);
1217 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1218 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1219 if (!want_cookie)
1220 TCP_ECN_create_request(req, tcp_hdr(skb));
1221
1222 if (want_cookie) {
1223 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1224 req->cookie_ts = tmp_opt.tstamp_ok;
1225 } else if (!isn) {
1226 if (ipv6_opt_accepted(sk, skb) ||
1227 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1228 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1229 atomic_inc(&skb->users);
1230 treq->pktopts = skb;
1231 }
1232 treq->iif = sk->sk_bound_dev_if;
1233
1234 /* So that link locals have meaning */
1235 if (!sk->sk_bound_dev_if &&
1236 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1237 treq->iif = inet6_iif(skb);
1238
1239 isn = tcp_v6_init_sequence(skb);
1240 }
1241
1242 tcp_rsk(req)->snt_isn = isn;
1243
1244 security_inet_conn_request(sk, skb, req);
1245
1246 if (tcp_v6_send_synack(sk, req))
1247 goto drop;
1248
1249 if (!want_cookie) {
1250 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1251 return 0;
1252 }
1253
1254 drop:
1255 if (req)
1256 reqsk_free(req);
1257
1258 return 0; /* don't send reset */
1259 }
1260
1261 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1262 struct request_sock *req,
1263 struct dst_entry *dst)
1264 {
1265 struct inet6_request_sock *treq;
1266 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1267 struct tcp6_sock *newtcp6sk;
1268 struct inet_sock *newinet;
1269 struct tcp_sock *newtp;
1270 struct sock *newsk;
1271 struct ipv6_txoptions *opt;
1272 #ifdef CONFIG_TCP_MD5SIG
1273 struct tcp_md5sig_key *key;
1274 #endif
1275
1276 if (skb->protocol == htons(ETH_P_IP)) {
1277 /*
1278 * v6 mapped
1279 */
1280
1281 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1282
1283 if (newsk == NULL)
1284 return NULL;
1285
1286 newtcp6sk = (struct tcp6_sock *)newsk;
1287 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1288
1289 newinet = inet_sk(newsk);
1290 newnp = inet6_sk(newsk);
1291 newtp = tcp_sk(newsk);
1292
1293 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1294
1295 ipv6_addr_set_v4mapped(newinet->inet_daddr, &newnp->daddr);
1296
1297 ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr);
1298
1299 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1300
1301 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1302 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1303 #ifdef CONFIG_TCP_MD5SIG
1304 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1305 #endif
1306
1307 newnp->pktoptions = NULL;
1308 newnp->opt = NULL;
1309 newnp->mcast_oif = inet6_iif(skb);
1310 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1311
1312 /*
1313 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1314 * here, tcp_create_openreq_child now does this for us, see the comment in
1315 * that function for the gory details. -acme
1316 */
1317
1318 /* It is tricky place. Until this moment IPv4 tcp
1319 worked with IPv6 icsk.icsk_af_ops.
1320 Sync it now.
1321 */
1322 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1323
1324 return newsk;
1325 }
1326
1327 treq = inet6_rsk(req);
1328 opt = np->opt;
1329
1330 if (sk_acceptq_is_full(sk))
1331 goto out_overflow;
1332
1333 if (dst == NULL) {
1334 struct in6_addr *final_p = NULL, final;
1335 struct flowi fl;
1336
1337 memset(&fl, 0, sizeof(fl));
1338 fl.proto = IPPROTO_TCP;
1339 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1340 if (opt && opt->srcrt) {
1341 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
1342 ipv6_addr_copy(&final, &fl.fl6_dst);
1343 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1344 final_p = &final;
1345 }
1346 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1347 fl.oif = sk->sk_bound_dev_if;
1348 fl.mark = sk->sk_mark;
1349 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1350 fl.fl_ip_sport = inet_rsk(req)->loc_port;
1351 security_req_classify_flow(req, &fl);
1352
1353 if (ip6_dst_lookup(sk, &dst, &fl))
1354 goto out;
1355
1356 if (final_p)
1357 ipv6_addr_copy(&fl.fl6_dst, final_p);
1358
1359 if ((xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0)
1360 goto out;
1361 }
1362
1363 newsk = tcp_create_openreq_child(sk, req, skb);
1364 if (newsk == NULL)
1365 goto out;
1366
1367 /*
1368 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1369 * count here, tcp_create_openreq_child now does this for us, see the
1370 * comment in that function for the gory details. -acme
1371 */
1372
1373 newsk->sk_gso_type = SKB_GSO_TCPV6;
1374 __ip6_dst_store(newsk, dst, NULL, NULL);
1375
1376 newtcp6sk = (struct tcp6_sock *)newsk;
1377 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1378
1379 newtp = tcp_sk(newsk);
1380 newinet = inet_sk(newsk);
1381 newnp = inet6_sk(newsk);
1382
1383 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1384
1385 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1386 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1387 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1388 newsk->sk_bound_dev_if = treq->iif;
1389
1390 /* Now IPv6 options...
1391
1392 First: no IPv4 options.
1393 */
1394 newinet->opt = NULL;
1395 newnp->ipv6_fl_list = NULL;
1396
1397 /* Clone RX bits */
1398 newnp->rxopt.all = np->rxopt.all;
1399
1400 /* Clone pktoptions received with SYN */
1401 newnp->pktoptions = NULL;
1402 if (treq->pktopts != NULL) {
1403 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1404 kfree_skb(treq->pktopts);
1405 treq->pktopts = NULL;
1406 if (newnp->pktoptions)
1407 skb_set_owner_r(newnp->pktoptions, newsk);
1408 }
1409 newnp->opt = NULL;
1410 newnp->mcast_oif = inet6_iif(skb);
1411 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1412
1413 /* Clone native IPv6 options from listening socket (if any)
1414
1415 Yes, keeping reference count would be much more clever,
1416 but we make one more one thing there: reattach optmem
1417 to newsk.
1418 */
1419 if (opt) {
1420 newnp->opt = ipv6_dup_options(newsk, opt);
1421 if (opt != np->opt)
1422 sock_kfree_s(sk, opt, opt->tot_len);
1423 }
1424
1425 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1426 if (newnp->opt)
1427 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1428 newnp->opt->opt_flen);
1429
1430 tcp_mtup_init(newsk);
1431 tcp_sync_mss(newsk, dst_mtu(dst));
1432 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1433 tcp_initialize_rcv_mss(newsk);
1434
1435 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1436 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1437
1438 #ifdef CONFIG_TCP_MD5SIG
1439 /* Copy over the MD5 key from the original socket */
1440 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1441 /* We're using one, so create a matching key
1442 * on the newsk structure. If we fail to get
1443 * memory, then we end up not copying the key
1444 * across. Shucks.
1445 */
1446 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1447 if (newkey != NULL)
1448 tcp_v6_md5_do_add(newsk, &newnp->daddr,
1449 newkey, key->keylen);
1450 }
1451 #endif
1452
1453 __inet6_hash(newsk);
1454 __inet_inherit_port(sk, newsk);
1455
1456 return newsk;
1457
1458 out_overflow:
1459 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1460 out:
1461 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1462 if (opt && opt != np->opt)
1463 sock_kfree_s(sk, opt, opt->tot_len);
1464 dst_release(dst);
1465 return NULL;
1466 }
1467
1468 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1469 {
1470 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1471 if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr,
1472 &ipv6_hdr(skb)->daddr, skb->csum)) {
1473 skb->ip_summed = CHECKSUM_UNNECESSARY;
1474 return 0;
1475 }
1476 }
1477
1478 skb->csum = ~csum_unfold(tcp_v6_check(skb->len,
1479 &ipv6_hdr(skb)->saddr,
1480 &ipv6_hdr(skb)->daddr, 0));
1481
1482 if (skb->len <= 76) {
1483 return __skb_checksum_complete(skb);
1484 }
1485 return 0;
1486 }
1487
1488 /* The socket must have it's spinlock held when we get
1489 * here.
1490 *
1491 * We have a potential double-lock case here, so even when
1492 * doing backlog processing we use the BH locking scheme.
1493 * This is because we cannot sleep with the original spinlock
1494 * held.
1495 */
1496 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1497 {
1498 struct ipv6_pinfo *np = inet6_sk(sk);
1499 struct tcp_sock *tp;
1500 struct sk_buff *opt_skb = NULL;
1501
1502 /* Imagine: socket is IPv6. IPv4 packet arrives,
1503 goes to IPv4 receive handler and backlogged.
1504 From backlog it always goes here. Kerboom...
1505 Fortunately, tcp_rcv_established and rcv_established
1506 handle them correctly, but it is not case with
1507 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1508 */
1509
1510 if (skb->protocol == htons(ETH_P_IP))
1511 return tcp_v4_do_rcv(sk, skb);
1512
1513 #ifdef CONFIG_TCP_MD5SIG
1514 if (tcp_v6_inbound_md5_hash (sk, skb))
1515 goto discard;
1516 #endif
1517
1518 if (sk_filter(sk, skb))
1519 goto discard;
1520
1521 /*
1522 * socket locking is here for SMP purposes as backlog rcv
1523 * is currently called with bh processing disabled.
1524 */
1525
1526 /* Do Stevens' IPV6_PKTOPTIONS.
1527
1528 Yes, guys, it is the only place in our code, where we
1529 may make it not affecting IPv4.
1530 The rest of code is protocol independent,
1531 and I do not like idea to uglify IPv4.
1532
1533 Actually, all the idea behind IPV6_PKTOPTIONS
1534 looks not very well thought. For now we latch
1535 options, received in the last packet, enqueued
1536 by tcp. Feel free to propose better solution.
1537 --ANK (980728)
1538 */
1539 if (np->rxopt.all)
1540 opt_skb = skb_clone(skb, GFP_ATOMIC);
1541
1542 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1543 TCP_CHECK_TIMER(sk);
1544 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1545 goto reset;
1546 TCP_CHECK_TIMER(sk);
1547 if (opt_skb)
1548 goto ipv6_pktoptions;
1549 return 0;
1550 }
1551
1552 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1553 goto csum_err;
1554
1555 if (sk->sk_state == TCP_LISTEN) {
1556 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1557 if (!nsk)
1558 goto discard;
1559
1560 /*
1561 * Queue it on the new socket if the new socket is active,
1562 * otherwise we just shortcircuit this and continue with
1563 * the new socket..
1564 */
1565 if(nsk != sk) {
1566 if (tcp_child_process(sk, nsk, skb))
1567 goto reset;
1568 if (opt_skb)
1569 __kfree_skb(opt_skb);
1570 return 0;
1571 }
1572 }
1573
1574 TCP_CHECK_TIMER(sk);
1575 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1576 goto reset;
1577 TCP_CHECK_TIMER(sk);
1578 if (opt_skb)
1579 goto ipv6_pktoptions;
1580 return 0;
1581
1582 reset:
1583 tcp_v6_send_reset(sk, skb);
1584 discard:
1585 if (opt_skb)
1586 __kfree_skb(opt_skb);
1587 kfree_skb(skb);
1588 return 0;
1589 csum_err:
1590 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1591 goto discard;
1592
1593
1594 ipv6_pktoptions:
1595 /* Do you ask, what is it?
1596
1597 1. skb was enqueued by tcp.
1598 2. skb is added to tail of read queue, rather than out of order.
1599 3. socket is not in passive state.
1600 4. Finally, it really contains options, which user wants to receive.
1601 */
1602 tp = tcp_sk(sk);
1603 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1604 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1605 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1606 np->mcast_oif = inet6_iif(opt_skb);
1607 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1608 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1609 if (ipv6_opt_accepted(sk, opt_skb)) {
1610 skb_set_owner_r(opt_skb, sk);
1611 opt_skb = xchg(&np->pktoptions, opt_skb);
1612 } else {
1613 __kfree_skb(opt_skb);
1614 opt_skb = xchg(&np->pktoptions, NULL);
1615 }
1616 }
1617
1618 kfree_skb(opt_skb);
1619 return 0;
1620 }
1621
1622 static int tcp_v6_rcv(struct sk_buff *skb)
1623 {
1624 struct tcphdr *th;
1625 struct sock *sk;
1626 int ret;
1627 struct net *net = dev_net(skb->dev);
1628
1629 if (skb->pkt_type != PACKET_HOST)
1630 goto discard_it;
1631
1632 /*
1633 * Count it even if it's bad.
1634 */
1635 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1636
1637 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1638 goto discard_it;
1639
1640 th = tcp_hdr(skb);
1641
1642 if (th->doff < sizeof(struct tcphdr)/4)
1643 goto bad_packet;
1644 if (!pskb_may_pull(skb, th->doff*4))
1645 goto discard_it;
1646
1647 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1648 goto bad_packet;
1649
1650 th = tcp_hdr(skb);
1651 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1652 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1653 skb->len - th->doff*4);
1654 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1655 TCP_SKB_CB(skb)->when = 0;
1656 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(ipv6_hdr(skb));
1657 TCP_SKB_CB(skb)->sacked = 0;
1658
1659 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1660 if (!sk)
1661 goto no_tcp_socket;
1662
1663 process:
1664 if (sk->sk_state == TCP_TIME_WAIT)
1665 goto do_time_wait;
1666
1667 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1668 goto discard_and_relse;
1669
1670 if (sk_filter(sk, skb))
1671 goto discard_and_relse;
1672
1673 skb->dev = NULL;
1674
1675 bh_lock_sock_nested(sk);
1676 ret = 0;
1677 if (!sock_owned_by_user(sk)) {
1678 #ifdef CONFIG_NET_DMA
1679 struct tcp_sock *tp = tcp_sk(sk);
1680 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1681 tp->ucopy.dma_chan = dma_find_channel(DMA_MEMCPY);
1682 if (tp->ucopy.dma_chan)
1683 ret = tcp_v6_do_rcv(sk, skb);
1684 else
1685 #endif
1686 {
1687 if (!tcp_prequeue(sk, skb))
1688 ret = tcp_v6_do_rcv(sk, skb);
1689 }
1690 } else
1691 sk_add_backlog(sk, skb);
1692 bh_unlock_sock(sk);
1693
1694 sock_put(sk);
1695 return ret ? -1 : 0;
1696
1697 no_tcp_socket:
1698 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1699 goto discard_it;
1700
1701 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1702 bad_packet:
1703 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1704 } else {
1705 tcp_v6_send_reset(NULL, skb);
1706 }
1707
1708 discard_it:
1709
1710 /*
1711 * Discard frame
1712 */
1713
1714 kfree_skb(skb);
1715 return 0;
1716
1717 discard_and_relse:
1718 sock_put(sk);
1719 goto discard_it;
1720
1721 do_time_wait:
1722 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1723 inet_twsk_put(inet_twsk(sk));
1724 goto discard_it;
1725 }
1726
1727 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1728 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1729 inet_twsk_put(inet_twsk(sk));
1730 goto discard_it;
1731 }
1732
1733 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1734 case TCP_TW_SYN:
1735 {
1736 struct sock *sk2;
1737
1738 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1739 &ipv6_hdr(skb)->daddr,
1740 ntohs(th->dest), inet6_iif(skb));
1741 if (sk2 != NULL) {
1742 struct inet_timewait_sock *tw = inet_twsk(sk);
1743 inet_twsk_deschedule(tw, &tcp_death_row);
1744 inet_twsk_put(tw);
1745 sk = sk2;
1746 goto process;
1747 }
1748 /* Fall through to ACK */
1749 }
1750 case TCP_TW_ACK:
1751 tcp_v6_timewait_ack(sk, skb);
1752 break;
1753 case TCP_TW_RST:
1754 goto no_tcp_socket;
1755 case TCP_TW_SUCCESS:;
1756 }
1757 goto discard_it;
1758 }
1759
1760 static int tcp_v6_remember_stamp(struct sock *sk)
1761 {
1762 /* Alas, not yet... */
1763 return 0;
1764 }
1765
1766 static const struct inet_connection_sock_af_ops ipv6_specific = {
1767 .queue_xmit = inet6_csk_xmit,
1768 .send_check = tcp_v6_send_check,
1769 .rebuild_header = inet6_sk_rebuild_header,
1770 .conn_request = tcp_v6_conn_request,
1771 .syn_recv_sock = tcp_v6_syn_recv_sock,
1772 .remember_stamp = tcp_v6_remember_stamp,
1773 .net_header_len = sizeof(struct ipv6hdr),
1774 .setsockopt = ipv6_setsockopt,
1775 .getsockopt = ipv6_getsockopt,
1776 .addr2sockaddr = inet6_csk_addr2sockaddr,
1777 .sockaddr_len = sizeof(struct sockaddr_in6),
1778 .bind_conflict = inet6_csk_bind_conflict,
1779 #ifdef CONFIG_COMPAT
1780 .compat_setsockopt = compat_ipv6_setsockopt,
1781 .compat_getsockopt = compat_ipv6_getsockopt,
1782 #endif
1783 };
1784
1785 #ifdef CONFIG_TCP_MD5SIG
1786 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1787 .md5_lookup = tcp_v6_md5_lookup,
1788 .calc_md5_hash = tcp_v6_md5_hash_skb,
1789 .md5_add = tcp_v6_md5_add_func,
1790 .md5_parse = tcp_v6_parse_md5_keys,
1791 };
1792 #endif
1793
1794 /*
1795 * TCP over IPv4 via INET6 API
1796 */
1797
1798 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1799 .queue_xmit = ip_queue_xmit,
1800 .send_check = tcp_v4_send_check,
1801 .rebuild_header = inet_sk_rebuild_header,
1802 .conn_request = tcp_v6_conn_request,
1803 .syn_recv_sock = tcp_v6_syn_recv_sock,
1804 .remember_stamp = tcp_v4_remember_stamp,
1805 .net_header_len = sizeof(struct iphdr),
1806 .setsockopt = ipv6_setsockopt,
1807 .getsockopt = ipv6_getsockopt,
1808 .addr2sockaddr = inet6_csk_addr2sockaddr,
1809 .sockaddr_len = sizeof(struct sockaddr_in6),
1810 .bind_conflict = inet6_csk_bind_conflict,
1811 #ifdef CONFIG_COMPAT
1812 .compat_setsockopt = compat_ipv6_setsockopt,
1813 .compat_getsockopt = compat_ipv6_getsockopt,
1814 #endif
1815 };
1816
1817 #ifdef CONFIG_TCP_MD5SIG
1818 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1819 .md5_lookup = tcp_v4_md5_lookup,
1820 .calc_md5_hash = tcp_v4_md5_hash_skb,
1821 .md5_add = tcp_v6_md5_add_func,
1822 .md5_parse = tcp_v6_parse_md5_keys,
1823 };
1824 #endif
1825
1826 /* NOTE: A lot of things set to zero explicitly by call to
1827 * sk_alloc() so need not be done here.
1828 */
1829 static int tcp_v6_init_sock(struct sock *sk)
1830 {
1831 struct inet_connection_sock *icsk = inet_csk(sk);
1832 struct tcp_sock *tp = tcp_sk(sk);
1833
1834 skb_queue_head_init(&tp->out_of_order_queue);
1835 tcp_init_xmit_timers(sk);
1836 tcp_prequeue_init(tp);
1837
1838 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1839 tp->mdev = TCP_TIMEOUT_INIT;
1840
1841 /* So many TCP implementations out there (incorrectly) count the
1842 * initial SYN frame in their delayed-ACK and congestion control
1843 * algorithms that we must have the following bandaid to talk
1844 * efficiently to them. -DaveM
1845 */
1846 tp->snd_cwnd = 2;
1847
1848 /* See draft-stevens-tcpca-spec-01 for discussion of the
1849 * initialization of these values.
1850 */
1851 tp->snd_ssthresh = TCP_INFINITE_SSTHRESH;
1852 tp->snd_cwnd_clamp = ~0;
1853 tp->mss_cache = 536;
1854
1855 tp->reordering = sysctl_tcp_reordering;
1856
1857 sk->sk_state = TCP_CLOSE;
1858
1859 icsk->icsk_af_ops = &ipv6_specific;
1860 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1861 icsk->icsk_sync_mss = tcp_sync_mss;
1862 sk->sk_write_space = sk_stream_write_space;
1863 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1864
1865 #ifdef CONFIG_TCP_MD5SIG
1866 tp->af_specific = &tcp_sock_ipv6_specific;
1867 #endif
1868
1869 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1870 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1871
1872 local_bh_disable();
1873 percpu_counter_inc(&tcp_sockets_allocated);
1874 local_bh_enable();
1875
1876 return 0;
1877 }
1878
1879 static void tcp_v6_destroy_sock(struct sock *sk)
1880 {
1881 #ifdef CONFIG_TCP_MD5SIG
1882 /* Clean up the MD5 key list */
1883 if (tcp_sk(sk)->md5sig_info)
1884 tcp_v6_clear_md5_list(sk);
1885 #endif
1886 tcp_v4_destroy_sock(sk);
1887 inet6_destroy_sock(sk);
1888 }
1889
1890 #ifdef CONFIG_PROC_FS
1891 /* Proc filesystem TCPv6 sock list dumping. */
1892 static void get_openreq6(struct seq_file *seq,
1893 struct sock *sk, struct request_sock *req, int i, int uid)
1894 {
1895 int ttd = req->expires - jiffies;
1896 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1897 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1898
1899 if (ttd < 0)
1900 ttd = 0;
1901
1902 seq_printf(seq,
1903 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1904 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1905 i,
1906 src->s6_addr32[0], src->s6_addr32[1],
1907 src->s6_addr32[2], src->s6_addr32[3],
1908 ntohs(inet_rsk(req)->loc_port),
1909 dest->s6_addr32[0], dest->s6_addr32[1],
1910 dest->s6_addr32[2], dest->s6_addr32[3],
1911 ntohs(inet_rsk(req)->rmt_port),
1912 TCP_SYN_RECV,
1913 0,0, /* could print option size, but that is af dependent. */
1914 1, /* timers active (only the expire timer) */
1915 jiffies_to_clock_t(ttd),
1916 req->retrans,
1917 uid,
1918 0, /* non standard timer */
1919 0, /* open_requests have no inode */
1920 0, req);
1921 }
1922
1923 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1924 {
1925 struct in6_addr *dest, *src;
1926 __u16 destp, srcp;
1927 int timer_active;
1928 unsigned long timer_expires;
1929 struct inet_sock *inet = inet_sk(sp);
1930 struct tcp_sock *tp = tcp_sk(sp);
1931 const struct inet_connection_sock *icsk = inet_csk(sp);
1932 struct ipv6_pinfo *np = inet6_sk(sp);
1933
1934 dest = &np->daddr;
1935 src = &np->rcv_saddr;
1936 destp = ntohs(inet->inet_dport);
1937 srcp = ntohs(inet->inet_sport);
1938
1939 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1940 timer_active = 1;
1941 timer_expires = icsk->icsk_timeout;
1942 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1943 timer_active = 4;
1944 timer_expires = icsk->icsk_timeout;
1945 } else if (timer_pending(&sp->sk_timer)) {
1946 timer_active = 2;
1947 timer_expires = sp->sk_timer.expires;
1948 } else {
1949 timer_active = 0;
1950 timer_expires = jiffies;
1951 }
1952
1953 seq_printf(seq,
1954 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1955 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %lu %lu %u %u %d\n",
1956 i,
1957 src->s6_addr32[0], src->s6_addr32[1],
1958 src->s6_addr32[2], src->s6_addr32[3], srcp,
1959 dest->s6_addr32[0], dest->s6_addr32[1],
1960 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1961 sp->sk_state,
1962 tp->write_seq-tp->snd_una,
1963 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1964 timer_active,
1965 jiffies_to_clock_t(timer_expires - jiffies),
1966 icsk->icsk_retransmits,
1967 sock_i_uid(sp),
1968 icsk->icsk_probes_out,
1969 sock_i_ino(sp),
1970 atomic_read(&sp->sk_refcnt), sp,
1971 jiffies_to_clock_t(icsk->icsk_rto),
1972 jiffies_to_clock_t(icsk->icsk_ack.ato),
1973 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1974 tp->snd_cwnd,
1975 tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh
1976 );
1977 }
1978
1979 static void get_timewait6_sock(struct seq_file *seq,
1980 struct inet_timewait_sock *tw, int i)
1981 {
1982 struct in6_addr *dest, *src;
1983 __u16 destp, srcp;
1984 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
1985 int ttd = tw->tw_ttd - jiffies;
1986
1987 if (ttd < 0)
1988 ttd = 0;
1989
1990 dest = &tw6->tw_v6_daddr;
1991 src = &tw6->tw_v6_rcv_saddr;
1992 destp = ntohs(tw->tw_dport);
1993 srcp = ntohs(tw->tw_sport);
1994
1995 seq_printf(seq,
1996 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1997 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1998 i,
1999 src->s6_addr32[0], src->s6_addr32[1],
2000 src->s6_addr32[2], src->s6_addr32[3], srcp,
2001 dest->s6_addr32[0], dest->s6_addr32[1],
2002 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2003 tw->tw_substate, 0, 0,
2004 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2005 atomic_read(&tw->tw_refcnt), tw);
2006 }
2007
2008 static int tcp6_seq_show(struct seq_file *seq, void *v)
2009 {
2010 struct tcp_iter_state *st;
2011
2012 if (v == SEQ_START_TOKEN) {
2013 seq_puts(seq,
2014 " sl "
2015 "local_address "
2016 "remote_address "
2017 "st tx_queue rx_queue tr tm->when retrnsmt"
2018 " uid timeout inode\n");
2019 goto out;
2020 }
2021 st = seq->private;
2022
2023 switch (st->state) {
2024 case TCP_SEQ_STATE_LISTENING:
2025 case TCP_SEQ_STATE_ESTABLISHED:
2026 get_tcp6_sock(seq, v, st->num);
2027 break;
2028 case TCP_SEQ_STATE_OPENREQ:
2029 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
2030 break;
2031 case TCP_SEQ_STATE_TIME_WAIT:
2032 get_timewait6_sock(seq, v, st->num);
2033 break;
2034 }
2035 out:
2036 return 0;
2037 }
2038
2039 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2040 .name = "tcp6",
2041 .family = AF_INET6,
2042 .seq_fops = {
2043 .owner = THIS_MODULE,
2044 },
2045 .seq_ops = {
2046 .show = tcp6_seq_show,
2047 },
2048 };
2049
2050 int tcp6_proc_init(struct net *net)
2051 {
2052 return tcp_proc_register(net, &tcp6_seq_afinfo);
2053 }
2054
2055 void tcp6_proc_exit(struct net *net)
2056 {
2057 tcp_proc_unregister(net, &tcp6_seq_afinfo);
2058 }
2059 #endif
2060
2061 struct proto tcpv6_prot = {
2062 .name = "TCPv6",
2063 .owner = THIS_MODULE,
2064 .close = tcp_close,
2065 .connect = tcp_v6_connect,
2066 .disconnect = tcp_disconnect,
2067 .accept = inet_csk_accept,
2068 .ioctl = tcp_ioctl,
2069 .init = tcp_v6_init_sock,
2070 .destroy = tcp_v6_destroy_sock,
2071 .shutdown = tcp_shutdown,
2072 .setsockopt = tcp_setsockopt,
2073 .getsockopt = tcp_getsockopt,
2074 .recvmsg = tcp_recvmsg,
2075 .backlog_rcv = tcp_v6_do_rcv,
2076 .hash = tcp_v6_hash,
2077 .unhash = inet_unhash,
2078 .get_port = inet_csk_get_port,
2079 .enter_memory_pressure = tcp_enter_memory_pressure,
2080 .sockets_allocated = &tcp_sockets_allocated,
2081 .memory_allocated = &tcp_memory_allocated,
2082 .memory_pressure = &tcp_memory_pressure,
2083 .orphan_count = &tcp_orphan_count,
2084 .sysctl_mem = sysctl_tcp_mem,
2085 .sysctl_wmem = sysctl_tcp_wmem,
2086 .sysctl_rmem = sysctl_tcp_rmem,
2087 .max_header = MAX_TCP_HEADER,
2088 .obj_size = sizeof(struct tcp6_sock),
2089 .slab_flags = SLAB_DESTROY_BY_RCU,
2090 .twsk_prot = &tcp6_timewait_sock_ops,
2091 .rsk_prot = &tcp6_request_sock_ops,
2092 .h.hashinfo = &tcp_hashinfo,
2093 #ifdef CONFIG_COMPAT
2094 .compat_setsockopt = compat_tcp_setsockopt,
2095 .compat_getsockopt = compat_tcp_getsockopt,
2096 #endif
2097 };
2098
2099 static const struct inet6_protocol tcpv6_protocol = {
2100 .handler = tcp_v6_rcv,
2101 .err_handler = tcp_v6_err,
2102 .gso_send_check = tcp_v6_gso_send_check,
2103 .gso_segment = tcp_tso_segment,
2104 .gro_receive = tcp6_gro_receive,
2105 .gro_complete = tcp6_gro_complete,
2106 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2107 };
2108
2109 static struct inet_protosw tcpv6_protosw = {
2110 .type = SOCK_STREAM,
2111 .protocol = IPPROTO_TCP,
2112 .prot = &tcpv6_prot,
2113 .ops = &inet6_stream_ops,
2114 .capability = -1,
2115 .no_check = 0,
2116 .flags = INET_PROTOSW_PERMANENT |
2117 INET_PROTOSW_ICSK,
2118 };
2119
2120 static int tcpv6_net_init(struct net *net)
2121 {
2122 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2123 SOCK_RAW, IPPROTO_TCP, net);
2124 }
2125
2126 static void tcpv6_net_exit(struct net *net)
2127 {
2128 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2129 inet_twsk_purge(net, &tcp_hashinfo, &tcp_death_row, AF_INET6);
2130 }
2131
2132 static struct pernet_operations tcpv6_net_ops = {
2133 .init = tcpv6_net_init,
2134 .exit = tcpv6_net_exit,
2135 };
2136
2137 int __init tcpv6_init(void)
2138 {
2139 int ret;
2140
2141 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2142 if (ret)
2143 goto out;
2144
2145 /* register inet6 protocol */
2146 ret = inet6_register_protosw(&tcpv6_protosw);
2147 if (ret)
2148 goto out_tcpv6_protocol;
2149
2150 ret = register_pernet_subsys(&tcpv6_net_ops);
2151 if (ret)
2152 goto out_tcpv6_protosw;
2153 out:
2154 return ret;
2155
2156 out_tcpv6_protocol:
2157 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2158 out_tcpv6_protosw:
2159 inet6_unregister_protosw(&tcpv6_protosw);
2160 goto out;
2161 }
2162
2163 void tcpv6_exit(void)
2164 {
2165 unregister_pernet_subsys(&tcpv6_net_ops);
2166 inet6_unregister_protosw(&tcpv6_protosw);
2167 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2168 }
ubuntu-bionic-kernel mirror