Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * IPv6 output functions | |
1ab1457c | 3 | * Linux INET6 implementation |
1da177e4 LT |
4 | * |
5 | * Authors: | |
1ab1457c | 6 | * Pedro Roque <roque@di.fc.ul.pt> |
1da177e4 | 7 | * |
1da177e4 LT |
8 | * Based on linux/net/ipv4/ip_output.c |
9 | * | |
10 | * This program is free software; you can redistribute it and/or | |
11 | * modify it under the terms of the GNU General Public License | |
12 | * as published by the Free Software Foundation; either version | |
13 | * 2 of the License, or (at your option) any later version. | |
14 | * | |
15 | * Changes: | |
16 | * A.N.Kuznetsov : airthmetics in fragmentation. | |
17 | * extension headers are implemented. | |
18 | * route changes now work. | |
19 | * ip6_forward does not confuse sniffers. | |
20 | * etc. | |
21 | * | |
22 | * H. von Brand : Added missing #include <linux/string.h> | |
23 | * Imran Patel : frag id should be in NBO | |
24 | * Kazunori MIYAZAWA @USAGI | |
25 | * : add ip6_append_data and related functions | |
26 | * for datagram xmit | |
27 | */ | |
28 | ||
1da177e4 | 29 | #include <linux/errno.h> |
ef76bc23 | 30 | #include <linux/kernel.h> |
1da177e4 LT |
31 | #include <linux/string.h> |
32 | #include <linux/socket.h> | |
33 | #include <linux/net.h> | |
34 | #include <linux/netdevice.h> | |
35 | #include <linux/if_arp.h> | |
36 | #include <linux/in6.h> | |
37 | #include <linux/tcp.h> | |
38 | #include <linux/route.h> | |
b59f45d0 | 39 | #include <linux/module.h> |
5a0e3ad6 | 40 | #include <linux/slab.h> |
1da177e4 LT |
41 | |
42 | #include <linux/netfilter.h> | |
43 | #include <linux/netfilter_ipv6.h> | |
44 | ||
45 | #include <net/sock.h> | |
46 | #include <net/snmp.h> | |
47 | ||
48 | #include <net/ipv6.h> | |
49 | #include <net/ndisc.h> | |
50 | #include <net/protocol.h> | |
51 | #include <net/ip6_route.h> | |
52 | #include <net/addrconf.h> | |
53 | #include <net/rawv6.h> | |
54 | #include <net/icmp.h> | |
55 | #include <net/xfrm.h> | |
56 | #include <net/checksum.h> | |
7bc570c8 | 57 | #include <linux/mroute6.h> |
1da177e4 | 58 | |
ef76bc23 HX |
59 | int __ip6_local_out(struct sk_buff *skb) |
60 | { | |
61 | int len; | |
62 | ||
63 | len = skb->len - sizeof(struct ipv6hdr); | |
64 | if (len > IPV6_MAXPLEN) | |
65 | len = 0; | |
66 | ipv6_hdr(skb)->payload_len = htons(len); | |
67 | ||
b2e0b385 JE |
68 | return nf_hook(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, |
69 | skb_dst(skb)->dev, dst_output); | |
ef76bc23 HX |
70 | } |
71 | ||
72 | int ip6_local_out(struct sk_buff *skb) | |
73 | { | |
74 | int err; | |
75 | ||
76 | err = __ip6_local_out(skb); | |
77 | if (likely(err == 1)) | |
78 | err = dst_output(skb); | |
79 | ||
80 | return err; | |
81 | } | |
82 | EXPORT_SYMBOL_GPL(ip6_local_out); | |
83 | ||
9e508490 | 84 | static int ip6_finish_output2(struct sk_buff *skb) |
1da177e4 | 85 | { |
adf30907 | 86 | struct dst_entry *dst = skb_dst(skb); |
1da177e4 | 87 | struct net_device *dev = dst->dev; |
f6b72b62 | 88 | struct neighbour *neigh; |
6fd6ce20 YH |
89 | struct in6_addr *nexthop; |
90 | int ret; | |
1da177e4 LT |
91 | |
92 | skb->protocol = htons(ETH_P_IPV6); | |
93 | skb->dev = dev; | |
94 | ||
0660e03f | 95 | if (ipv6_addr_is_multicast(&ipv6_hdr(skb)->daddr)) { |
adf30907 | 96 | struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb)); |
1da177e4 | 97 | |
7ad6848c | 98 | if (!(dev->flags & IFF_LOOPBACK) && sk_mc_loop(skb->sk) && |
d1db275d | 99 | ((mroute6_socket(dev_net(dev), skb) && |
bd91b8bf | 100 | !(IP6CB(skb)->flags & IP6SKB_FORWARDED)) || |
7bc570c8 YH |
101 | ipv6_chk_mcast_addr(dev, &ipv6_hdr(skb)->daddr, |
102 | &ipv6_hdr(skb)->saddr))) { | |
1da177e4 LT |
103 | struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC); |
104 | ||
105 | /* Do not check for IFF_ALLMULTI; multicast routing | |
106 | is not supported in any case. | |
107 | */ | |
108 | if (newskb) | |
b2e0b385 JE |
109 | NF_HOOK(NFPROTO_IPV6, NF_INET_POST_ROUTING, |
110 | newskb, NULL, newskb->dev, | |
95603e22 | 111 | dev_loopback_xmit); |
1da177e4 | 112 | |
0660e03f | 113 | if (ipv6_hdr(skb)->hop_limit == 0) { |
3bd653c8 DL |
114 | IP6_INC_STATS(dev_net(dev), idev, |
115 | IPSTATS_MIB_OUTDISCARDS); | |
1da177e4 LT |
116 | kfree_skb(skb); |
117 | return 0; | |
118 | } | |
119 | } | |
120 | ||
edf391ff NH |
121 | IP6_UPD_PO_STATS(dev_net(dev), idev, IPSTATS_MIB_OUTMCAST, |
122 | skb->len); | |
dd408515 HFS |
123 | |
124 | if (IPV6_ADDR_MC_SCOPE(&ipv6_hdr(skb)->daddr) <= | |
125 | IPV6_ADDR_SCOPE_NODELOCAL && | |
126 | !(dev->flags & IFF_LOOPBACK)) { | |
127 | kfree_skb(skb); | |
128 | return 0; | |
129 | } | |
1da177e4 LT |
130 | } |
131 | ||
6fd6ce20 | 132 | rcu_read_lock_bh(); |
044d6efb | 133 | nexthop = rt6_nexthop((struct rt6_info *)dst); |
6fd6ce20 YH |
134 | neigh = __ipv6_neigh_lookup_noref(dst->dev, nexthop); |
135 | if (unlikely(!neigh)) | |
136 | neigh = __neigh_create(&nd_tbl, nexthop, dst->dev, false); | |
137 | if (!IS_ERR(neigh)) { | |
138 | ret = dst_neigh_output(dst, neigh, skb); | |
139 | rcu_read_unlock_bh(); | |
140 | return ret; | |
141 | } | |
142 | rcu_read_unlock_bh(); | |
05e3aa09 | 143 | |
e761bada HFS |
144 | IP6_INC_STATS(dev_net(dst->dev), |
145 | ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES); | |
9e508490 JE |
146 | kfree_skb(skb); |
147 | return -EINVAL; | |
1da177e4 LT |
148 | } |
149 | ||
9e508490 JE |
150 | static int ip6_finish_output(struct sk_buff *skb) |
151 | { | |
152 | if ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) || | |
2d9a3096 JP |
153 | dst_allfrag(skb_dst(skb)) || |
154 | (IP6CB(skb)->frag_max_size && skb->len > IP6CB(skb)->frag_max_size)) | |
9e508490 JE |
155 | return ip6_fragment(skb, ip6_finish_output2); |
156 | else | |
157 | return ip6_finish_output2(skb); | |
158 | } | |
159 | ||
1da177e4 LT |
160 | int ip6_output(struct sk_buff *skb) |
161 | { | |
9e508490 | 162 | struct net_device *dev = skb_dst(skb)->dev; |
adf30907 | 163 | struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb)); |
778d80be | 164 | if (unlikely(idev->cnf.disable_ipv6)) { |
9e508490 | 165 | IP6_INC_STATS(dev_net(dev), idev, |
3bd653c8 | 166 | IPSTATS_MIB_OUTDISCARDS); |
778d80be YH |
167 | kfree_skb(skb); |
168 | return 0; | |
169 | } | |
170 | ||
9c6eb28a JE |
171 | return NF_HOOK_COND(NFPROTO_IPV6, NF_INET_POST_ROUTING, skb, NULL, dev, |
172 | ip6_finish_output, | |
173 | !(IP6CB(skb)->flags & IP6SKB_REROUTED)); | |
1da177e4 LT |
174 | } |
175 | ||
1da177e4 | 176 | /* |
b5d43998 | 177 | * xmit an sk_buff (used by TCP, SCTP and DCCP) |
1da177e4 LT |
178 | */ |
179 | ||
4c9483b2 | 180 | int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi6 *fl6, |
b903d324 | 181 | struct ipv6_txoptions *opt, int tclass) |
1da177e4 | 182 | { |
3bd653c8 | 183 | struct net *net = sock_net(sk); |
b30bd282 | 184 | struct ipv6_pinfo *np = inet6_sk(sk); |
4c9483b2 | 185 | struct in6_addr *first_hop = &fl6->daddr; |
adf30907 | 186 | struct dst_entry *dst = skb_dst(skb); |
1da177e4 | 187 | struct ipv6hdr *hdr; |
4c9483b2 | 188 | u8 proto = fl6->flowi6_proto; |
1da177e4 | 189 | int seg_len = skb->len; |
e651f03a | 190 | int hlimit = -1; |
1da177e4 LT |
191 | u32 mtu; |
192 | ||
193 | if (opt) { | |
c2636b4d | 194 | unsigned int head_room; |
1da177e4 LT |
195 | |
196 | /* First: exthdrs may take lots of space (~8K for now) | |
197 | MAX_HEADER is not enough. | |
198 | */ | |
199 | head_room = opt->opt_nflen + opt->opt_flen; | |
200 | seg_len += head_room; | |
201 | head_room += sizeof(struct ipv6hdr) + LL_RESERVED_SPACE(dst->dev); | |
202 | ||
203 | if (skb_headroom(skb) < head_room) { | |
204 | struct sk_buff *skb2 = skb_realloc_headroom(skb, head_room); | |
a11d206d | 205 | if (skb2 == NULL) { |
adf30907 | 206 | IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), |
a11d206d YH |
207 | IPSTATS_MIB_OUTDISCARDS); |
208 | kfree_skb(skb); | |
1da177e4 LT |
209 | return -ENOBUFS; |
210 | } | |
808db80a | 211 | consume_skb(skb); |
a11d206d | 212 | skb = skb2; |
83d7eb29 | 213 | skb_set_owner_w(skb, sk); |
1da177e4 LT |
214 | } |
215 | if (opt->opt_flen) | |
216 | ipv6_push_frag_opts(skb, opt, &proto); | |
217 | if (opt->opt_nflen) | |
218 | ipv6_push_nfrag_opts(skb, opt, &proto, &first_hop); | |
219 | } | |
220 | ||
e2d1bca7 ACM |
221 | skb_push(skb, sizeof(struct ipv6hdr)); |
222 | skb_reset_network_header(skb); | |
0660e03f | 223 | hdr = ipv6_hdr(skb); |
1da177e4 LT |
224 | |
225 | /* | |
226 | * Fill in the IPv6 header | |
227 | */ | |
b903d324 | 228 | if (np) |
1da177e4 LT |
229 | hlimit = np->hop_limit; |
230 | if (hlimit < 0) | |
6b75d090 | 231 | hlimit = ip6_dst_hoplimit(dst); |
1da177e4 | 232 | |
3e4e4c1f | 233 | ip6_flow_hdr(hdr, tclass, fl6->flowlabel); |
41a1f8ea | 234 | |
1da177e4 LT |
235 | hdr->payload_len = htons(seg_len); |
236 | hdr->nexthdr = proto; | |
237 | hdr->hop_limit = hlimit; | |
238 | ||
4e3fd7a0 AD |
239 | hdr->saddr = fl6->saddr; |
240 | hdr->daddr = *first_hop; | |
1da177e4 | 241 | |
a2c2064f | 242 | skb->priority = sk->sk_priority; |
4a19ec58 | 243 | skb->mark = sk->sk_mark; |
a2c2064f | 244 | |
1da177e4 | 245 | mtu = dst_mtu(dst); |
283d07ac | 246 | if ((skb->len <= mtu) || skb->local_df || skb_is_gso(skb)) { |
adf30907 | 247 | IP6_UPD_PO_STATS(net, ip6_dst_idev(skb_dst(skb)), |
edf391ff | 248 | IPSTATS_MIB_OUT, skb->len); |
b2e0b385 JE |
249 | return NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, |
250 | dst->dev, dst_output); | |
1da177e4 LT |
251 | } |
252 | ||
1da177e4 | 253 | skb->dev = dst->dev; |
f4e53e29 | 254 | ipv6_local_error(sk, EMSGSIZE, fl6, mtu); |
adf30907 | 255 | IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), IPSTATS_MIB_FRAGFAILS); |
1da177e4 LT |
256 | kfree_skb(skb); |
257 | return -EMSGSIZE; | |
258 | } | |
259 | ||
7159039a YH |
260 | EXPORT_SYMBOL(ip6_xmit); |
261 | ||
1da177e4 LT |
262 | static int ip6_call_ra_chain(struct sk_buff *skb, int sel) |
263 | { | |
264 | struct ip6_ra_chain *ra; | |
265 | struct sock *last = NULL; | |
266 | ||
267 | read_lock(&ip6_ra_lock); | |
268 | for (ra = ip6_ra_chain; ra; ra = ra->next) { | |
269 | struct sock *sk = ra->sk; | |
0bd1b59b AM |
270 | if (sk && ra->sel == sel && |
271 | (!sk->sk_bound_dev_if || | |
272 | sk->sk_bound_dev_if == skb->dev->ifindex)) { | |
1da177e4 LT |
273 | if (last) { |
274 | struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); | |
275 | if (skb2) | |
276 | rawv6_rcv(last, skb2); | |
277 | } | |
278 | last = sk; | |
279 | } | |
280 | } | |
281 | ||
282 | if (last) { | |
283 | rawv6_rcv(last, skb); | |
284 | read_unlock(&ip6_ra_lock); | |
285 | return 1; | |
286 | } | |
287 | read_unlock(&ip6_ra_lock); | |
288 | return 0; | |
289 | } | |
290 | ||
e21e0b5f VN |
291 | static int ip6_forward_proxy_check(struct sk_buff *skb) |
292 | { | |
0660e03f | 293 | struct ipv6hdr *hdr = ipv6_hdr(skb); |
e21e0b5f | 294 | u8 nexthdr = hdr->nexthdr; |
75f2811c | 295 | __be16 frag_off; |
e21e0b5f VN |
296 | int offset; |
297 | ||
298 | if (ipv6_ext_hdr(nexthdr)) { | |
75f2811c | 299 | offset = ipv6_skip_exthdr(skb, sizeof(*hdr), &nexthdr, &frag_off); |
e21e0b5f VN |
300 | if (offset < 0) |
301 | return 0; | |
302 | } else | |
303 | offset = sizeof(struct ipv6hdr); | |
304 | ||
305 | if (nexthdr == IPPROTO_ICMPV6) { | |
306 | struct icmp6hdr *icmp6; | |
307 | ||
d56f90a7 ACM |
308 | if (!pskb_may_pull(skb, (skb_network_header(skb) + |
309 | offset + 1 - skb->data))) | |
e21e0b5f VN |
310 | return 0; |
311 | ||
d56f90a7 | 312 | icmp6 = (struct icmp6hdr *)(skb_network_header(skb) + offset); |
e21e0b5f VN |
313 | |
314 | switch (icmp6->icmp6_type) { | |
315 | case NDISC_ROUTER_SOLICITATION: | |
316 | case NDISC_ROUTER_ADVERTISEMENT: | |
317 | case NDISC_NEIGHBOUR_SOLICITATION: | |
318 | case NDISC_NEIGHBOUR_ADVERTISEMENT: | |
319 | case NDISC_REDIRECT: | |
320 | /* For reaction involving unicast neighbor discovery | |
321 | * message destined to the proxied address, pass it to | |
322 | * input function. | |
323 | */ | |
324 | return 1; | |
325 | default: | |
326 | break; | |
327 | } | |
328 | } | |
329 | ||
74553b09 VN |
330 | /* |
331 | * The proxying router can't forward traffic sent to a link-local | |
332 | * address, so signal the sender and discard the packet. This | |
333 | * behavior is clarified by the MIPv6 specification. | |
334 | */ | |
335 | if (ipv6_addr_type(&hdr->daddr) & IPV6_ADDR_LINKLOCAL) { | |
336 | dst_link_failure(skb); | |
337 | return -1; | |
338 | } | |
339 | ||
e21e0b5f VN |
340 | return 0; |
341 | } | |
342 | ||
1da177e4 LT |
343 | static inline int ip6_forward_finish(struct sk_buff *skb) |
344 | { | |
345 | return dst_output(skb); | |
346 | } | |
347 | ||
d868190c FW |
348 | static bool ip6_pkt_too_big(const struct sk_buff *skb, unsigned int mtu) |
349 | { | |
bbdd224c | 350 | if (skb->len <= mtu) |
d868190c FW |
351 | return false; |
352 | ||
bbdd224c | 353 | /* ipv6 conntrack defrag sets max_frag_size + local_df */ |
d868190c FW |
354 | if (IP6CB(skb)->frag_max_size && IP6CB(skb)->frag_max_size > mtu) |
355 | return true; | |
356 | ||
bbdd224c FW |
357 | if (skb->local_df) |
358 | return false; | |
359 | ||
d868190c FW |
360 | if (skb_is_gso(skb) && skb_gso_network_seglen(skb) <= mtu) |
361 | return false; | |
362 | ||
363 | return true; | |
364 | } | |
365 | ||
1da177e4 LT |
366 | int ip6_forward(struct sk_buff *skb) |
367 | { | |
adf30907 | 368 | struct dst_entry *dst = skb_dst(skb); |
0660e03f | 369 | struct ipv6hdr *hdr = ipv6_hdr(skb); |
1da177e4 | 370 | struct inet6_skb_parm *opt = IP6CB(skb); |
c346dca1 | 371 | struct net *net = dev_net(dst->dev); |
14f3ad6f | 372 | u32 mtu; |
1ab1457c | 373 | |
53b7997f | 374 | if (net->ipv6.devconf_all->forwarding == 0) |
1da177e4 LT |
375 | goto error; |
376 | ||
4497b076 BH |
377 | if (skb_warn_if_lro(skb)) |
378 | goto drop; | |
379 | ||
1da177e4 | 380 | if (!xfrm6_policy_check(NULL, XFRM_POLICY_FWD, skb)) { |
3bd653c8 | 381 | IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_INDISCARDS); |
1da177e4 LT |
382 | goto drop; |
383 | } | |
384 | ||
72b43d08 AK |
385 | if (skb->pkt_type != PACKET_HOST) |
386 | goto drop; | |
387 | ||
35fc92a9 | 388 | skb_forward_csum(skb); |
1da177e4 LT |
389 | |
390 | /* | |
391 | * We DO NOT make any processing on | |
392 | * RA packets, pushing them to user level AS IS | |
393 | * without ane WARRANTY that application will be able | |
394 | * to interpret them. The reason is that we | |
395 | * cannot make anything clever here. | |
396 | * | |
397 | * We are not end-node, so that if packet contains | |
398 | * AH/ESP, we cannot make anything. | |
399 | * Defragmentation also would be mistake, RA packets | |
400 | * cannot be fragmented, because there is no warranty | |
401 | * that different fragments will go along one path. --ANK | |
402 | */ | |
ab4eb353 YH |
403 | if (unlikely(opt->flags & IP6SKB_ROUTERALERT)) { |
404 | if (ip6_call_ra_chain(skb, ntohs(opt->ra))) | |
1da177e4 LT |
405 | return 0; |
406 | } | |
407 | ||
408 | /* | |
409 | * check and decrement ttl | |
410 | */ | |
411 | if (hdr->hop_limit <= 1) { | |
412 | /* Force OUTPUT device used as source address */ | |
413 | skb->dev = dst->dev; | |
3ffe533c | 414 | icmpv6_send(skb, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT, 0); |
483a47d2 DL |
415 | IP6_INC_STATS_BH(net, |
416 | ip6_dst_idev(dst), IPSTATS_MIB_INHDRERRORS); | |
1da177e4 LT |
417 | |
418 | kfree_skb(skb); | |
419 | return -ETIMEDOUT; | |
420 | } | |
421 | ||
fbea49e1 | 422 | /* XXX: idev->cnf.proxy_ndp? */ |
53b7997f | 423 | if (net->ipv6.devconf_all->proxy_ndp && |
8a3edd80 | 424 | pneigh_lookup(&nd_tbl, net, &hdr->daddr, skb->dev, 0)) { |
74553b09 VN |
425 | int proxied = ip6_forward_proxy_check(skb); |
426 | if (proxied > 0) | |
e21e0b5f | 427 | return ip6_input(skb); |
74553b09 | 428 | else if (proxied < 0) { |
3bd653c8 DL |
429 | IP6_INC_STATS(net, ip6_dst_idev(dst), |
430 | IPSTATS_MIB_INDISCARDS); | |
74553b09 VN |
431 | goto drop; |
432 | } | |
e21e0b5f VN |
433 | } |
434 | ||
1da177e4 | 435 | if (!xfrm6_route_forward(skb)) { |
3bd653c8 | 436 | IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_INDISCARDS); |
1da177e4 LT |
437 | goto drop; |
438 | } | |
adf30907 | 439 | dst = skb_dst(skb); |
1da177e4 LT |
440 | |
441 | /* IPv6 specs say nothing about it, but it is clear that we cannot | |
442 | send redirects to source routed frames. | |
1e5dc146 | 443 | We don't send redirects to frames decapsulated from IPsec. |
1da177e4 | 444 | */ |
c45a3dfb | 445 | if (skb->dev == dst->dev && opt->srcrt == 0 && !skb_sec_path(skb)) { |
1da177e4 | 446 | struct in6_addr *target = NULL; |
fbfe95a4 | 447 | struct inet_peer *peer; |
1da177e4 | 448 | struct rt6_info *rt; |
1da177e4 LT |
449 | |
450 | /* | |
451 | * incoming and outgoing devices are the same | |
452 | * send a redirect. | |
453 | */ | |
454 | ||
455 | rt = (struct rt6_info *) dst; | |
c45a3dfb DM |
456 | if (rt->rt6i_flags & RTF_GATEWAY) |
457 | target = &rt->rt6i_gateway; | |
1da177e4 LT |
458 | else |
459 | target = &hdr->daddr; | |
460 | ||
1d861aa4 | 461 | peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1); |
92d86829 | 462 | |
1da177e4 LT |
463 | /* Limit redirects both by destination (here) |
464 | and by source (inside ndisc_send_redirect) | |
465 | */ | |
fbfe95a4 | 466 | if (inet_peer_xrlim_allow(peer, 1*HZ)) |
4991969a | 467 | ndisc_send_redirect(skb, target); |
1d861aa4 DM |
468 | if (peer) |
469 | inet_putpeer(peer); | |
5bb1ab09 DS |
470 | } else { |
471 | int addrtype = ipv6_addr_type(&hdr->saddr); | |
472 | ||
1da177e4 | 473 | /* This check is security critical. */ |
f81b2e7d YH |
474 | if (addrtype == IPV6_ADDR_ANY || |
475 | addrtype & (IPV6_ADDR_MULTICAST | IPV6_ADDR_LOOPBACK)) | |
5bb1ab09 DS |
476 | goto error; |
477 | if (addrtype & IPV6_ADDR_LINKLOCAL) { | |
478 | icmpv6_send(skb, ICMPV6_DEST_UNREACH, | |
3ffe533c | 479 | ICMPV6_NOT_NEIGHBOUR, 0); |
5bb1ab09 DS |
480 | goto error; |
481 | } | |
1da177e4 LT |
482 | } |
483 | ||
14f3ad6f UW |
484 | mtu = dst_mtu(dst); |
485 | if (mtu < IPV6_MIN_MTU) | |
486 | mtu = IPV6_MIN_MTU; | |
487 | ||
d868190c | 488 | if (ip6_pkt_too_big(skb, mtu)) { |
1da177e4 LT |
489 | /* Again, force OUTPUT device used as source address */ |
490 | skb->dev = dst->dev; | |
14f3ad6f | 491 | icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu); |
483a47d2 DL |
492 | IP6_INC_STATS_BH(net, |
493 | ip6_dst_idev(dst), IPSTATS_MIB_INTOOBIGERRORS); | |
494 | IP6_INC_STATS_BH(net, | |
495 | ip6_dst_idev(dst), IPSTATS_MIB_FRAGFAILS); | |
1da177e4 LT |
496 | kfree_skb(skb); |
497 | return -EMSGSIZE; | |
498 | } | |
499 | ||
500 | if (skb_cow(skb, dst->dev->hard_header_len)) { | |
3bd653c8 | 501 | IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTDISCARDS); |
1da177e4 LT |
502 | goto drop; |
503 | } | |
504 | ||
0660e03f | 505 | hdr = ipv6_hdr(skb); |
1da177e4 LT |
506 | |
507 | /* Mangling hops number delayed to point after skb COW */ | |
1ab1457c | 508 | |
1da177e4 LT |
509 | hdr->hop_limit--; |
510 | ||
483a47d2 | 511 | IP6_INC_STATS_BH(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTFORWDATAGRAMS); |
2d8dbb04 | 512 | IP6_ADD_STATS_BH(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTOCTETS, skb->len); |
b2e0b385 | 513 | return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD, skb, skb->dev, dst->dev, |
6e23ae2a | 514 | ip6_forward_finish); |
1da177e4 LT |
515 | |
516 | error: | |
483a47d2 | 517 | IP6_INC_STATS_BH(net, ip6_dst_idev(dst), IPSTATS_MIB_INADDRERRORS); |
1da177e4 LT |
518 | drop: |
519 | kfree_skb(skb); | |
520 | return -EINVAL; | |
521 | } | |
522 | ||
523 | static void ip6_copy_metadata(struct sk_buff *to, struct sk_buff *from) | |
524 | { | |
525 | to->pkt_type = from->pkt_type; | |
526 | to->priority = from->priority; | |
527 | to->protocol = from->protocol; | |
adf30907 ED |
528 | skb_dst_drop(to); |
529 | skb_dst_set(to, dst_clone(skb_dst(from))); | |
1da177e4 | 530 | to->dev = from->dev; |
82e91ffe | 531 | to->mark = from->mark; |
1da177e4 LT |
532 | |
533 | #ifdef CONFIG_NET_SCHED | |
534 | to->tc_index = from->tc_index; | |
535 | #endif | |
e7ac05f3 | 536 | nf_copy(to, from); |
07a93626 | 537 | #if IS_ENABLED(CONFIG_NETFILTER_XT_TARGET_TRACE) |
ba9dda3a JK |
538 | to->nf_trace = from->nf_trace; |
539 | #endif | |
984bc16c | 540 | skb_copy_secmark(to, from); |
1da177e4 LT |
541 | } |
542 | ||
ff1f69a8 ED |
543 | static void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt) |
544 | { | |
545 | static u32 ip6_idents_hashrnd __read_mostly; | |
546 | static bool hashrnd_initialized = false; | |
547 | u32 hash, id; | |
548 | ||
549 | if (unlikely(!hashrnd_initialized)) { | |
550 | hashrnd_initialized = true; | |
551 | get_random_bytes(&ip6_idents_hashrnd, sizeof(ip6_idents_hashrnd)); | |
552 | } | |
553 | hash = __ipv6_addr_jhash(&rt->rt6i_dst.addr, ip6_idents_hashrnd); | |
4176df01 ED |
554 | hash = __ipv6_addr_jhash(&rt->rt6i_src.addr, hash); |
555 | ||
ff1f69a8 ED |
556 | id = ip_idents_reserve(hash, 1); |
557 | fhdr->identification = htonl(id); | |
558 | } | |
559 | ||
ad0081e4 | 560 | int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *)) |
1da177e4 | 561 | { |
1da177e4 | 562 | struct sk_buff *frag; |
adf30907 | 563 | struct rt6_info *rt = (struct rt6_info*)skb_dst(skb); |
d91675f9 | 564 | struct ipv6_pinfo *np = skb->sk ? inet6_sk(skb->sk) : NULL; |
1da177e4 LT |
565 | struct ipv6hdr *tmp_hdr; |
566 | struct frag_hdr *fh; | |
567 | unsigned int mtu, hlen, left, len; | |
a7ae1992 | 568 | int hroom, troom; |
ae08e1f0 | 569 | __be32 frag_id = 0; |
1da177e4 LT |
570 | int ptr, offset = 0, err=0; |
571 | u8 *prevhdr, nexthdr = 0; | |
adf30907 | 572 | struct net *net = dev_net(skb_dst(skb)->dev); |
1da177e4 | 573 | |
1da177e4 LT |
574 | hlen = ip6_find_1stfragopt(skb, &prevhdr); |
575 | nexthdr = *prevhdr; | |
576 | ||
628a5c56 | 577 | mtu = ip6_skb_dst_mtu(skb); |
b881ef76 JH |
578 | |
579 | /* We must not fragment if the socket is set to force MTU discovery | |
14f3ad6f | 580 | * or if the skb it not generated by a local socket. |
b881ef76 | 581 | */ |
4cdd3408 PM |
582 | if (unlikely(!skb->local_df && skb->len > mtu) || |
583 | (IP6CB(skb)->frag_max_size && | |
584 | IP6CB(skb)->frag_max_size > mtu)) { | |
a34a101e ED |
585 | if (skb->sk && dst_allfrag(skb_dst(skb))) |
586 | sk_nocaps_add(skb->sk, NETIF_F_GSO_MASK); | |
587 | ||
adf30907 | 588 | skb->dev = skb_dst(skb)->dev; |
3ffe533c | 589 | icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu); |
adf30907 | 590 | IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), |
3bd653c8 | 591 | IPSTATS_MIB_FRAGFAILS); |
b881ef76 JH |
592 | kfree_skb(skb); |
593 | return -EMSGSIZE; | |
594 | } | |
595 | ||
d91675f9 YH |
596 | if (np && np->frag_size < mtu) { |
597 | if (np->frag_size) | |
598 | mtu = np->frag_size; | |
599 | } | |
600 | mtu -= hlen + sizeof(struct frag_hdr); | |
1da177e4 | 601 | |
21dc3301 | 602 | if (skb_has_frag_list(skb)) { |
1da177e4 | 603 | int first_len = skb_pagelen(skb); |
3d13008e | 604 | struct sk_buff *frag2; |
1da177e4 LT |
605 | |
606 | if (first_len - hlen > mtu || | |
607 | ((first_len - hlen) & 7) || | |
608 | skb_cloned(skb)) | |
609 | goto slow_path; | |
610 | ||
4d9092bb | 611 | skb_walk_frags(skb, frag) { |
1da177e4 LT |
612 | /* Correct geometry. */ |
613 | if (frag->len > mtu || | |
614 | ((frag->len & 7) && frag->next) || | |
615 | skb_headroom(frag) < hlen) | |
3d13008e | 616 | goto slow_path_clean; |
1da177e4 | 617 | |
1da177e4 LT |
618 | /* Partially cloned skb? */ |
619 | if (skb_shared(frag)) | |
3d13008e | 620 | goto slow_path_clean; |
2fdba6b0 HX |
621 | |
622 | BUG_ON(frag->sk); | |
623 | if (skb->sk) { | |
2fdba6b0 HX |
624 | frag->sk = skb->sk; |
625 | frag->destructor = sock_wfree; | |
2fdba6b0 | 626 | } |
3d13008e | 627 | skb->truesize -= frag->truesize; |
1da177e4 LT |
628 | } |
629 | ||
630 | err = 0; | |
631 | offset = 0; | |
632 | frag = skb_shinfo(skb)->frag_list; | |
4d9092bb | 633 | skb_frag_list_init(skb); |
1da177e4 LT |
634 | /* BUILD HEADER */ |
635 | ||
9a217a1c | 636 | *prevhdr = NEXTHDR_FRAGMENT; |
d56f90a7 | 637 | tmp_hdr = kmemdup(skb_network_header(skb), hlen, GFP_ATOMIC); |
1da177e4 | 638 | if (!tmp_hdr) { |
adf30907 | 639 | IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), |
3bd653c8 | 640 | IPSTATS_MIB_FRAGFAILS); |
1da177e4 LT |
641 | return -ENOMEM; |
642 | } | |
643 | ||
1da177e4 LT |
644 | __skb_pull(skb, hlen); |
645 | fh = (struct frag_hdr*)__skb_push(skb, sizeof(struct frag_hdr)); | |
e2d1bca7 ACM |
646 | __skb_push(skb, hlen); |
647 | skb_reset_network_header(skb); | |
d56f90a7 | 648 | memcpy(skb_network_header(skb), tmp_hdr, hlen); |
1da177e4 | 649 | |
87c48fa3 | 650 | ipv6_select_ident(fh, rt); |
1da177e4 LT |
651 | fh->nexthdr = nexthdr; |
652 | fh->reserved = 0; | |
653 | fh->frag_off = htons(IP6_MF); | |
654 | frag_id = fh->identification; | |
655 | ||
656 | first_len = skb_pagelen(skb); | |
657 | skb->data_len = first_len - skb_headlen(skb); | |
658 | skb->len = first_len; | |
0660e03f ACM |
659 | ipv6_hdr(skb)->payload_len = htons(first_len - |
660 | sizeof(struct ipv6hdr)); | |
a11d206d | 661 | |
d8d1f30b | 662 | dst_hold(&rt->dst); |
1da177e4 LT |
663 | |
664 | for (;;) { | |
665 | /* Prepare header of the next frame, | |
666 | * before previous one went down. */ | |
667 | if (frag) { | |
668 | frag->ip_summed = CHECKSUM_NONE; | |
badff6d0 | 669 | skb_reset_transport_header(frag); |
1da177e4 | 670 | fh = (struct frag_hdr*)__skb_push(frag, sizeof(struct frag_hdr)); |
e2d1bca7 ACM |
671 | __skb_push(frag, hlen); |
672 | skb_reset_network_header(frag); | |
d56f90a7 ACM |
673 | memcpy(skb_network_header(frag), tmp_hdr, |
674 | hlen); | |
1da177e4 LT |
675 | offset += skb->len - hlen - sizeof(struct frag_hdr); |
676 | fh->nexthdr = nexthdr; | |
677 | fh->reserved = 0; | |
678 | fh->frag_off = htons(offset); | |
679 | if (frag->next != NULL) | |
680 | fh->frag_off |= htons(IP6_MF); | |
681 | fh->identification = frag_id; | |
0660e03f ACM |
682 | ipv6_hdr(frag)->payload_len = |
683 | htons(frag->len - | |
684 | sizeof(struct ipv6hdr)); | |
1da177e4 LT |
685 | ip6_copy_metadata(frag, skb); |
686 | } | |
1ab1457c | 687 | |
1da177e4 | 688 | err = output(skb); |
dafee490 | 689 | if(!err) |
d8d1f30b | 690 | IP6_INC_STATS(net, ip6_dst_idev(&rt->dst), |
3bd653c8 | 691 | IPSTATS_MIB_FRAGCREATES); |
dafee490 | 692 | |
1da177e4 LT |
693 | if (err || !frag) |
694 | break; | |
695 | ||
696 | skb = frag; | |
697 | frag = skb->next; | |
698 | skb->next = NULL; | |
699 | } | |
700 | ||
a51482bd | 701 | kfree(tmp_hdr); |
1da177e4 LT |
702 | |
703 | if (err == 0) { | |
d8d1f30b | 704 | IP6_INC_STATS(net, ip6_dst_idev(&rt->dst), |
3bd653c8 | 705 | IPSTATS_MIB_FRAGOKS); |
94e187c0 | 706 | ip6_rt_put(rt); |
1da177e4 LT |
707 | return 0; |
708 | } | |
709 | ||
710 | while (frag) { | |
711 | skb = frag->next; | |
712 | kfree_skb(frag); | |
713 | frag = skb; | |
714 | } | |
715 | ||
d8d1f30b | 716 | IP6_INC_STATS(net, ip6_dst_idev(&rt->dst), |
3bd653c8 | 717 | IPSTATS_MIB_FRAGFAILS); |
94e187c0 | 718 | ip6_rt_put(rt); |
1da177e4 | 719 | return err; |
3d13008e ED |
720 | |
721 | slow_path_clean: | |
722 | skb_walk_frags(skb, frag2) { | |
723 | if (frag2 == frag) | |
724 | break; | |
725 | frag2->sk = NULL; | |
726 | frag2->destructor = NULL; | |
727 | skb->truesize += frag2->truesize; | |
728 | } | |
1da177e4 LT |
729 | } |
730 | ||
731 | slow_path: | |
72e843bb ED |
732 | if ((skb->ip_summed == CHECKSUM_PARTIAL) && |
733 | skb_checksum_help(skb)) | |
734 | goto fail; | |
735 | ||
1da177e4 LT |
736 | left = skb->len - hlen; /* Space per frame */ |
737 | ptr = hlen; /* Where to start from */ | |
738 | ||
739 | /* | |
740 | * Fragment the datagram. | |
741 | */ | |
742 | ||
a7ae1992 HX |
743 | hroom = LL_RESERVED_SPACE(rt->dst.dev); |
744 | troom = rt->dst.dev->needed_tailroom; | |
1da177e4 LT |
745 | |
746 | /* | |
747 | * Keep copying data until we run out. | |
748 | */ | |
749 | while(left > 0) { | |
cb93d3f4 FW |
750 | u8 *fragnexthdr_offset; |
751 | ||
1da177e4 LT |
752 | len = left; |
753 | /* IF: it doesn't fit, use 'mtu' - the data space left */ | |
754 | if (len > mtu) | |
755 | len = mtu; | |
25985edc | 756 | /* IF: we are not sending up to and including the packet end |
1da177e4 LT |
757 | then align the next start on an eight byte boundary */ |
758 | if (len < left) { | |
759 | len &= ~7; | |
760 | } | |
761 | /* | |
762 | * Allocate buffer. | |
763 | */ | |
764 | ||
a7ae1992 HX |
765 | if ((frag = alloc_skb(len + hlen + sizeof(struct frag_hdr) + |
766 | hroom + troom, GFP_ATOMIC)) == NULL) { | |
64ce2073 | 767 | NETDEBUG(KERN_INFO "IPv6: frag: no memory for new fragment!\n"); |
adf30907 | 768 | IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), |
a11d206d | 769 | IPSTATS_MIB_FRAGFAILS); |
1da177e4 LT |
770 | err = -ENOMEM; |
771 | goto fail; | |
772 | } | |
773 | ||
774 | /* | |
775 | * Set up data on packet | |
776 | */ | |
777 | ||
778 | ip6_copy_metadata(frag, skb); | |
a7ae1992 | 779 | skb_reserve(frag, hroom); |
1da177e4 | 780 | skb_put(frag, len + hlen + sizeof(struct frag_hdr)); |
c1d2bbe1 | 781 | skb_reset_network_header(frag); |
badff6d0 | 782 | fh = (struct frag_hdr *)(skb_network_header(frag) + hlen); |
b0e380b1 ACM |
783 | frag->transport_header = (frag->network_header + hlen + |
784 | sizeof(struct frag_hdr)); | |
1da177e4 LT |
785 | |
786 | /* | |
787 | * Charge the memory for the fragment to any owner | |
788 | * it might possess | |
789 | */ | |
790 | if (skb->sk) | |
791 | skb_set_owner_w(frag, skb->sk); | |
792 | ||
793 | /* | |
794 | * Copy the packet header into the new buffer. | |
795 | */ | |
d626f62b | 796 | skb_copy_from_linear_data(skb, skb_network_header(frag), hlen); |
1da177e4 | 797 | |
cb93d3f4 FW |
798 | fragnexthdr_offset = skb_network_header(frag); |
799 | fragnexthdr_offset += prevhdr - skb_network_header(skb); | |
800 | *fragnexthdr_offset = NEXTHDR_FRAGMENT; | |
801 | ||
1da177e4 LT |
802 | /* |
803 | * Build fragment header. | |
804 | */ | |
805 | fh->nexthdr = nexthdr; | |
806 | fh->reserved = 0; | |
f36d6ab1 | 807 | if (!frag_id) { |
87c48fa3 | 808 | ipv6_select_ident(fh, rt); |
1da177e4 LT |
809 | frag_id = fh->identification; |
810 | } else | |
811 | fh->identification = frag_id; | |
812 | ||
813 | /* | |
814 | * Copy a block of the IP datagram. | |
815 | */ | |
8984e41d | 816 | if (skb_copy_bits(skb, ptr, skb_transport_header(frag), len)) |
1da177e4 LT |
817 | BUG(); |
818 | left -= len; | |
819 | ||
820 | fh->frag_off = htons(offset); | |
821 | if (left > 0) | |
822 | fh->frag_off |= htons(IP6_MF); | |
0660e03f ACM |
823 | ipv6_hdr(frag)->payload_len = htons(frag->len - |
824 | sizeof(struct ipv6hdr)); | |
1da177e4 LT |
825 | |
826 | ptr += len; | |
827 | offset += len; | |
828 | ||
829 | /* | |
830 | * Put this fragment into the sending queue. | |
831 | */ | |
1da177e4 LT |
832 | err = output(frag); |
833 | if (err) | |
834 | goto fail; | |
dafee490 | 835 | |
adf30907 | 836 | IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), |
3bd653c8 | 837 | IPSTATS_MIB_FRAGCREATES); |
1da177e4 | 838 | } |
adf30907 | 839 | IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), |
a11d206d | 840 | IPSTATS_MIB_FRAGOKS); |
808db80a | 841 | consume_skb(skb); |
1da177e4 LT |
842 | return err; |
843 | ||
844 | fail: | |
adf30907 | 845 | IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), |
a11d206d | 846 | IPSTATS_MIB_FRAGFAILS); |
1ab1457c | 847 | kfree_skb(skb); |
1da177e4 LT |
848 | return err; |
849 | } | |
850 | ||
b71d1d42 ED |
851 | static inline int ip6_rt_check(const struct rt6key *rt_key, |
852 | const struct in6_addr *fl_addr, | |
853 | const struct in6_addr *addr_cache) | |
cf6b1982 | 854 | { |
a02cec21 ED |
855 | return (rt_key->plen != 128 || !ipv6_addr_equal(fl_addr, &rt_key->addr)) && |
856 | (addr_cache == NULL || !ipv6_addr_equal(fl_addr, addr_cache)); | |
cf6b1982 YH |
857 | } |
858 | ||
497c615a HX |
859 | static struct dst_entry *ip6_sk_dst_check(struct sock *sk, |
860 | struct dst_entry *dst, | |
b71d1d42 | 861 | const struct flowi6 *fl6) |
1da177e4 | 862 | { |
497c615a | 863 | struct ipv6_pinfo *np = inet6_sk(sk); |
a963a37d | 864 | struct rt6_info *rt; |
1da177e4 | 865 | |
497c615a HX |
866 | if (!dst) |
867 | goto out; | |
868 | ||
a963a37d ED |
869 | if (dst->ops->family != AF_INET6) { |
870 | dst_release(dst); | |
871 | return NULL; | |
872 | } | |
873 | ||
874 | rt = (struct rt6_info *)dst; | |
497c615a HX |
875 | /* Yes, checking route validity in not connected |
876 | * case is not very simple. Take into account, | |
877 | * that we do not support routing by source, TOS, | |
878 | * and MSG_DONTROUTE --ANK (980726) | |
879 | * | |
cf6b1982 YH |
880 | * 1. ip6_rt_check(): If route was host route, |
881 | * check that cached destination is current. | |
497c615a HX |
882 | * If it is network route, we still may |
883 | * check its validity using saved pointer | |
884 | * to the last used address: daddr_cache. | |
885 | * We do not want to save whole address now, | |
886 | * (because main consumer of this service | |
887 | * is tcp, which has not this problem), | |
888 | * so that the last trick works only on connected | |
889 | * sockets. | |
890 | * 2. oif also should be the same. | |
891 | */ | |
4c9483b2 | 892 | if (ip6_rt_check(&rt->rt6i_dst, &fl6->daddr, np->daddr_cache) || |
8e1ef0a9 | 893 | #ifdef CONFIG_IPV6_SUBTREES |
4c9483b2 | 894 | ip6_rt_check(&rt->rt6i_src, &fl6->saddr, np->saddr_cache) || |
8e1ef0a9 | 895 | #endif |
4c9483b2 | 896 | (fl6->flowi6_oif && fl6->flowi6_oif != dst->dev->ifindex)) { |
497c615a HX |
897 | dst_release(dst); |
898 | dst = NULL; | |
1da177e4 LT |
899 | } |
900 | ||
497c615a HX |
901 | out: |
902 | return dst; | |
903 | } | |
904 | ||
905 | static int ip6_dst_lookup_tail(struct sock *sk, | |
4c9483b2 | 906 | struct dst_entry **dst, struct flowi6 *fl6) |
497c615a | 907 | { |
3b1e0a65 | 908 | struct net *net = sock_net(sk); |
69cce1d1 DM |
909 | #ifdef CONFIG_IPV6_OPTIMISTIC_DAD |
910 | struct neighbour *n; | |
97cac082 | 911 | struct rt6_info *rt; |
69cce1d1 DM |
912 | #endif |
913 | int err; | |
497c615a | 914 | |
1da177e4 | 915 | if (*dst == NULL) |
4c9483b2 | 916 | *dst = ip6_route_output(net, sk, fl6); |
1da177e4 LT |
917 | |
918 | if ((err = (*dst)->error)) | |
919 | goto out_err_release; | |
920 | ||
4c9483b2 | 921 | if (ipv6_addr_any(&fl6->saddr)) { |
c3968a85 DW |
922 | struct rt6_info *rt = (struct rt6_info *) *dst; |
923 | err = ip6_route_get_saddr(net, rt, &fl6->daddr, | |
924 | sk ? inet6_sk(sk)->srcprefs : 0, | |
925 | &fl6->saddr); | |
44456d37 | 926 | if (err) |
1da177e4 | 927 | goto out_err_release; |
1da177e4 LT |
928 | } |
929 | ||
95c385b4 | 930 | #ifdef CONFIG_IPV6_OPTIMISTIC_DAD |
e550dfb0 NH |
931 | /* |
932 | * Here if the dst entry we've looked up | |
933 | * has a neighbour entry that is in the INCOMPLETE | |
934 | * state and the src address from the flow is | |
935 | * marked as OPTIMISTIC, we release the found | |
936 | * dst entry and replace it instead with the | |
937 | * dst entry of the nexthop router | |
938 | */ | |
c56bf6fe | 939 | rt = (struct rt6_info *) *dst; |
707be1ff | 940 | rcu_read_lock_bh(); |
044d6efb | 941 | n = __ipv6_neigh_lookup_noref(rt->dst.dev, rt6_nexthop(rt)); |
707be1ff YH |
942 | err = n && !(n->nud_state & NUD_VALID) ? -EINVAL : 0; |
943 | rcu_read_unlock_bh(); | |
944 | ||
945 | if (err) { | |
e550dfb0 | 946 | struct inet6_ifaddr *ifp; |
4c9483b2 | 947 | struct flowi6 fl_gw6; |
e550dfb0 NH |
948 | int redirect; |
949 | ||
4c9483b2 | 950 | ifp = ipv6_get_ifaddr(net, &fl6->saddr, |
e550dfb0 NH |
951 | (*dst)->dev, 1); |
952 | ||
953 | redirect = (ifp && ifp->flags & IFA_F_OPTIMISTIC); | |
954 | if (ifp) | |
955 | in6_ifa_put(ifp); | |
956 | ||
957 | if (redirect) { | |
958 | /* | |
959 | * We need to get the dst entry for the | |
960 | * default router instead | |
961 | */ | |
962 | dst_release(*dst); | |
4c9483b2 DM |
963 | memcpy(&fl_gw6, fl6, sizeof(struct flowi6)); |
964 | memset(&fl_gw6.daddr, 0, sizeof(struct in6_addr)); | |
965 | *dst = ip6_route_output(net, sk, &fl_gw6); | |
e550dfb0 NH |
966 | if ((err = (*dst)->error)) |
967 | goto out_err_release; | |
95c385b4 | 968 | } |
e550dfb0 | 969 | } |
95c385b4 NH |
970 | #endif |
971 | ||
1da177e4 LT |
972 | return 0; |
973 | ||
974 | out_err_release: | |
ca46f9c8 | 975 | if (err == -ENETUNREACH) |
483a47d2 | 976 | IP6_INC_STATS_BH(net, NULL, IPSTATS_MIB_OUTNOROUTES); |
1da177e4 LT |
977 | dst_release(*dst); |
978 | *dst = NULL; | |
979 | return err; | |
980 | } | |
34a0b3cd | 981 | |
497c615a HX |
982 | /** |
983 | * ip6_dst_lookup - perform route lookup on flow | |
984 | * @sk: socket which provides route info | |
985 | * @dst: pointer to dst_entry * for result | |
4c9483b2 | 986 | * @fl6: flow to lookup |
497c615a HX |
987 | * |
988 | * This function performs a route lookup on the given flow. | |
989 | * | |
990 | * It returns zero on success, or a standard errno code on error. | |
991 | */ | |
4c9483b2 | 992 | int ip6_dst_lookup(struct sock *sk, struct dst_entry **dst, struct flowi6 *fl6) |
497c615a HX |
993 | { |
994 | *dst = NULL; | |
4c9483b2 | 995 | return ip6_dst_lookup_tail(sk, dst, fl6); |
497c615a | 996 | } |
3cf3dc6c ACM |
997 | EXPORT_SYMBOL_GPL(ip6_dst_lookup); |
998 | ||
497c615a | 999 | /** |
68d0c6d3 DM |
1000 | * ip6_dst_lookup_flow - perform route lookup on flow with ipsec |
1001 | * @sk: socket which provides route info | |
4c9483b2 | 1002 | * @fl6: flow to lookup |
68d0c6d3 | 1003 | * @final_dst: final destination address for ipsec lookup |
a1414715 | 1004 | * @can_sleep: we are in a sleepable context |
68d0c6d3 DM |
1005 | * |
1006 | * This function performs a route lookup on the given flow. | |
1007 | * | |
1008 | * It returns a valid dst pointer on success, or a pointer encoded | |
1009 | * error code. | |
1010 | */ | |
4c9483b2 | 1011 | struct dst_entry *ip6_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6, |
68d0c6d3 | 1012 | const struct in6_addr *final_dst, |
a1414715 | 1013 | bool can_sleep) |
68d0c6d3 DM |
1014 | { |
1015 | struct dst_entry *dst = NULL; | |
1016 | int err; | |
1017 | ||
4c9483b2 | 1018 | err = ip6_dst_lookup_tail(sk, &dst, fl6); |
68d0c6d3 DM |
1019 | if (err) |
1020 | return ERR_PTR(err); | |
1021 | if (final_dst) | |
4e3fd7a0 | 1022 | fl6->daddr = *final_dst; |
2774c131 | 1023 | if (can_sleep) |
4c9483b2 | 1024 | fl6->flowi6_flags |= FLOWI_FLAG_CAN_SLEEP; |
2774c131 | 1025 | |
4c9483b2 | 1026 | return xfrm_lookup(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0); |
68d0c6d3 DM |
1027 | } |
1028 | EXPORT_SYMBOL_GPL(ip6_dst_lookup_flow); | |
1029 | ||
1030 | /** | |
1031 | * ip6_sk_dst_lookup_flow - perform socket cached route lookup on flow | |
497c615a | 1032 | * @sk: socket which provides the dst cache and route info |
4c9483b2 | 1033 | * @fl6: flow to lookup |
68d0c6d3 | 1034 | * @final_dst: final destination address for ipsec lookup |
a1414715 | 1035 | * @can_sleep: we are in a sleepable context |
497c615a HX |
1036 | * |
1037 | * This function performs a route lookup on the given flow with the | |
1038 | * possibility of using the cached route in the socket if it is valid. | |
1039 | * It will take the socket dst lock when operating on the dst cache. | |
1040 | * As a result, this function can only be used in process context. | |
1041 | * | |
68d0c6d3 DM |
1042 | * It returns a valid dst pointer on success, or a pointer encoded |
1043 | * error code. | |
497c615a | 1044 | */ |
4c9483b2 | 1045 | struct dst_entry *ip6_sk_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6, |
68d0c6d3 | 1046 | const struct in6_addr *final_dst, |
a1414715 | 1047 | bool can_sleep) |
497c615a | 1048 | { |
68d0c6d3 DM |
1049 | struct dst_entry *dst = sk_dst_check(sk, inet6_sk(sk)->dst_cookie); |
1050 | int err; | |
497c615a | 1051 | |
4c9483b2 | 1052 | dst = ip6_sk_dst_check(sk, dst, fl6); |
68d0c6d3 | 1053 | |
4c9483b2 | 1054 | err = ip6_dst_lookup_tail(sk, &dst, fl6); |
68d0c6d3 DM |
1055 | if (err) |
1056 | return ERR_PTR(err); | |
1057 | if (final_dst) | |
4e3fd7a0 | 1058 | fl6->daddr = *final_dst; |
2774c131 | 1059 | if (can_sleep) |
4c9483b2 | 1060 | fl6->flowi6_flags |= FLOWI_FLAG_CAN_SLEEP; |
2774c131 | 1061 | |
4c9483b2 | 1062 | return xfrm_lookup(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0); |
497c615a | 1063 | } |
68d0c6d3 | 1064 | EXPORT_SYMBOL_GPL(ip6_sk_dst_lookup_flow); |
497c615a | 1065 | |
34a0b3cd | 1066 | static inline int ip6_ufo_append_data(struct sock *sk, |
e89e9cf5 AR |
1067 | int getfrag(void *from, char *to, int offset, int len, |
1068 | int odd, struct sk_buff *skb), | |
1069 | void *from, int length, int hh_len, int fragheaderlen, | |
87c48fa3 ED |
1070 | int transhdrlen, int mtu,unsigned int flags, |
1071 | struct rt6_info *rt) | |
e89e9cf5 AR |
1072 | |
1073 | { | |
1074 | struct sk_buff *skb; | |
1075 | int err; | |
1076 | ||
1077 | /* There is support for UDP large send offload by network | |
1078 | * device, so create one single skb packet containing complete | |
1079 | * udp datagram | |
1080 | */ | |
1081 | if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL) { | |
f5a30bc1 HFS |
1082 | struct frag_hdr fhdr; |
1083 | ||
e89e9cf5 AR |
1084 | skb = sock_alloc_send_skb(sk, |
1085 | hh_len + fragheaderlen + transhdrlen + 20, | |
1086 | (flags & MSG_DONTWAIT), &err); | |
1087 | if (skb == NULL) | |
504744e4 | 1088 | return err; |
e89e9cf5 AR |
1089 | |
1090 | /* reserve space for Hardware header */ | |
1091 | skb_reserve(skb, hh_len); | |
1092 | ||
1093 | /* create space for UDP/IP header */ | |
1094 | skb_put(skb,fragheaderlen + transhdrlen); | |
1095 | ||
1096 | /* initialize network header pointer */ | |
c1d2bbe1 | 1097 | skb_reset_network_header(skb); |
e89e9cf5 AR |
1098 | |
1099 | /* initialize protocol header pointer */ | |
b0e380b1 | 1100 | skb->transport_header = skb->network_header + fragheaderlen; |
e89e9cf5 | 1101 | |
84fa7933 | 1102 | skb->ip_summed = CHECKSUM_PARTIAL; |
e89e9cf5 | 1103 | skb->csum = 0; |
e89e9cf5 | 1104 | |
c31d5326 SS |
1105 | /* Specify the length of each IPv6 datagram fragment. |
1106 | * It has to be a multiple of 8. | |
1107 | */ | |
1108 | skb_shinfo(skb)->gso_size = (mtu - fragheaderlen - | |
1109 | sizeof(struct frag_hdr)) & ~7; | |
f83ef8c0 | 1110 | skb_shinfo(skb)->gso_type = SKB_GSO_UDP; |
87c48fa3 | 1111 | ipv6_select_ident(&fhdr, rt); |
e89e9cf5 AR |
1112 | skb_shinfo(skb)->ip6_frag_id = fhdr.identification; |
1113 | __skb_queue_tail(&sk->sk_write_queue, skb); | |
e89e9cf5 | 1114 | } |
e89e9cf5 | 1115 | |
f5a30bc1 HFS |
1116 | return skb_append_datato_frags(sk, skb, getfrag, from, |
1117 | (length - transhdrlen)); | |
e89e9cf5 | 1118 | } |
1da177e4 | 1119 | |
0178b695 HX |
1120 | static inline struct ipv6_opt_hdr *ip6_opt_dup(struct ipv6_opt_hdr *src, |
1121 | gfp_t gfp) | |
1122 | { | |
1123 | return src ? kmemdup(src, (src->hdrlen + 1) * 8, gfp) : NULL; | |
1124 | } | |
1125 | ||
1126 | static inline struct ipv6_rt_hdr *ip6_rthdr_dup(struct ipv6_rt_hdr *src, | |
1127 | gfp_t gfp) | |
1128 | { | |
1129 | return src ? kmemdup(src, (src->hdrlen + 1) * 8, gfp) : NULL; | |
1130 | } | |
1131 | ||
7852c5bf | 1132 | static void ip6_append_data_mtu(unsigned int *mtu, |
0c183379 G |
1133 | int *maxfraglen, |
1134 | unsigned int fragheaderlen, | |
1135 | struct sk_buff *skb, | |
7852c5bf | 1136 | struct rt6_info *rt, |
8e5612a2 | 1137 | unsigned int orig_mtu) |
0c183379 G |
1138 | { |
1139 | if (!(rt->dst.flags & DST_XFRM_TUNNEL)) { | |
1140 | if (skb == NULL) { | |
1141 | /* first fragment, reserve header_len */ | |
8e5612a2 | 1142 | *mtu = orig_mtu - rt->dst.header_len; |
0c183379 G |
1143 | |
1144 | } else { | |
1145 | /* | |
1146 | * this fragment is not first, the headers | |
1147 | * space is regarded as data space. | |
1148 | */ | |
8e5612a2 | 1149 | *mtu = orig_mtu; |
0c183379 G |
1150 | } |
1151 | *maxfraglen = ((*mtu - fragheaderlen) & ~7) | |
1152 | + fragheaderlen - sizeof(struct frag_hdr); | |
1153 | } | |
1154 | } | |
1155 | ||
41a1f8ea YH |
1156 | int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to, |
1157 | int offset, int len, int odd, struct sk_buff *skb), | |
1158 | void *from, int length, int transhdrlen, | |
4c9483b2 | 1159 | int hlimit, int tclass, struct ipv6_txoptions *opt, struct flowi6 *fl6, |
13b52cd4 | 1160 | struct rt6_info *rt, unsigned int flags, int dontfrag) |
1da177e4 LT |
1161 | { |
1162 | struct inet_sock *inet = inet_sk(sk); | |
1163 | struct ipv6_pinfo *np = inet6_sk(sk); | |
bdc712b4 | 1164 | struct inet_cork *cork; |
0c183379 | 1165 | struct sk_buff *skb, *skb_prev = NULL; |
8e5612a2 | 1166 | unsigned int maxfraglen, fragheaderlen, mtu, orig_mtu; |
1da177e4 | 1167 | int exthdrlen; |
299b0767 | 1168 | int dst_exthdrlen; |
1da177e4 | 1169 | int hh_len; |
1da177e4 LT |
1170 | int copy; |
1171 | int err; | |
1172 | int offset = 0; | |
a693e698 | 1173 | __u8 tx_flags = 0; |
1da177e4 LT |
1174 | |
1175 | if (flags&MSG_PROBE) | |
1176 | return 0; | |
bdc712b4 | 1177 | cork = &inet->cork.base; |
1da177e4 LT |
1178 | if (skb_queue_empty(&sk->sk_write_queue)) { |
1179 | /* | |
1180 | * setup for corking | |
1181 | */ | |
1182 | if (opt) { | |
0178b695 | 1183 | if (WARN_ON(np->cork.opt)) |
1da177e4 | 1184 | return -EINVAL; |
0178b695 | 1185 | |
284041ef | 1186 | np->cork.opt = kzalloc(opt->tot_len, sk->sk_allocation); |
0178b695 HX |
1187 | if (unlikely(np->cork.opt == NULL)) |
1188 | return -ENOBUFS; | |
1189 | ||
1190 | np->cork.opt->tot_len = opt->tot_len; | |
1191 | np->cork.opt->opt_flen = opt->opt_flen; | |
1192 | np->cork.opt->opt_nflen = opt->opt_nflen; | |
1193 | ||
1194 | np->cork.opt->dst0opt = ip6_opt_dup(opt->dst0opt, | |
1195 | sk->sk_allocation); | |
1196 | if (opt->dst0opt && !np->cork.opt->dst0opt) | |
1197 | return -ENOBUFS; | |
1198 | ||
1199 | np->cork.opt->dst1opt = ip6_opt_dup(opt->dst1opt, | |
1200 | sk->sk_allocation); | |
1201 | if (opt->dst1opt && !np->cork.opt->dst1opt) | |
1202 | return -ENOBUFS; | |
1203 | ||
1204 | np->cork.opt->hopopt = ip6_opt_dup(opt->hopopt, | |
1205 | sk->sk_allocation); | |
1206 | if (opt->hopopt && !np->cork.opt->hopopt) | |
1207 | return -ENOBUFS; | |
1208 | ||
1209 | np->cork.opt->srcrt = ip6_rthdr_dup(opt->srcrt, | |
1210 | sk->sk_allocation); | |
1211 | if (opt->srcrt && !np->cork.opt->srcrt) | |
1212 | return -ENOBUFS; | |
1213 | ||
1da177e4 LT |
1214 | /* need source address above miyazawa*/ |
1215 | } | |
d8d1f30b | 1216 | dst_hold(&rt->dst); |
bdc712b4 | 1217 | cork->dst = &rt->dst; |
4c9483b2 | 1218 | inet->cork.fl.u.ip6 = *fl6; |
1da177e4 | 1219 | np->cork.hop_limit = hlimit; |
41a1f8ea | 1220 | np->cork.tclass = tclass; |
0c183379 G |
1221 | if (rt->dst.flags & DST_XFRM_TUNNEL) |
1222 | mtu = np->pmtudisc == IPV6_PMTUDISC_PROBE ? | |
1223 | rt->dst.dev->mtu : dst_mtu(&rt->dst); | |
1224 | else | |
1225 | mtu = np->pmtudisc == IPV6_PMTUDISC_PROBE ? | |
1226 | rt->dst.dev->mtu : dst_mtu(rt->dst.path); | |
c7503609 | 1227 | if (np->frag_size < mtu) { |
d91675f9 YH |
1228 | if (np->frag_size) |
1229 | mtu = np->frag_size; | |
1230 | } | |
bdc712b4 | 1231 | cork->fragsize = mtu; |
d8d1f30b | 1232 | if (dst_allfrag(rt->dst.path)) |
bdc712b4 DM |
1233 | cork->flags |= IPCORK_ALLFRAG; |
1234 | cork->length = 0; | |
7efdba5b | 1235 | exthdrlen = (opt ? opt->opt_flen : 0); |
1da177e4 LT |
1236 | length += exthdrlen; |
1237 | transhdrlen += exthdrlen; | |
7efdba5b | 1238 | dst_exthdrlen = rt->dst.header_len - rt->rt6i_nfheader_len; |
1da177e4 | 1239 | } else { |
bdc712b4 | 1240 | rt = (struct rt6_info *)cork->dst; |
4c9483b2 | 1241 | fl6 = &inet->cork.fl.u.ip6; |
0178b695 | 1242 | opt = np->cork.opt; |
1da177e4 LT |
1243 | transhdrlen = 0; |
1244 | exthdrlen = 0; | |
299b0767 | 1245 | dst_exthdrlen = 0; |
bdc712b4 | 1246 | mtu = cork->fragsize; |
1da177e4 | 1247 | } |
8e5612a2 | 1248 | orig_mtu = mtu; |
1da177e4 | 1249 | |
d8d1f30b | 1250 | hh_len = LL_RESERVED_SPACE(rt->dst.dev); |
1da177e4 | 1251 | |
a1b05140 | 1252 | fragheaderlen = sizeof(struct ipv6hdr) + rt->rt6i_nfheader_len + |
b4ce9277 | 1253 | (opt ? opt->opt_nflen : 0); |
1da177e4 LT |
1254 | maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen - sizeof(struct frag_hdr); |
1255 | ||
1256 | if (mtu <= sizeof(struct ipv6hdr) + IPV6_MAXPLEN) { | |
bdc712b4 | 1257 | if (cork->length + length > sizeof(struct ipv6hdr) + IPV6_MAXPLEN - fragheaderlen) { |
4c9483b2 | 1258 | ipv6_local_error(sk, EMSGSIZE, fl6, mtu-exthdrlen); |
1da177e4 LT |
1259 | return -EMSGSIZE; |
1260 | } | |
1261 | } | |
1262 | ||
a693e698 | 1263 | /* For UDP, check if TX timestamp is enabled */ |
bf84a010 DB |
1264 | if (sk->sk_type == SOCK_DGRAM) |
1265 | sock_tx_timestamp(sk, &tx_flags); | |
a693e698 | 1266 | |
1da177e4 LT |
1267 | /* |
1268 | * Let's try using as much space as possible. | |
1269 | * Use MTU if total length of the message fits into the MTU. | |
1270 | * Otherwise, we need to reserve fragment header and | |
1271 | * fragment alignment (= 8-15 octects, in total). | |
1272 | * | |
1273 | * Note that we may need to "move" the data from the tail of | |
1ab1457c | 1274 | * of the buffer to the new fragment when we split |
1da177e4 LT |
1275 | * the message. |
1276 | * | |
1ab1457c | 1277 | * FIXME: It may be fragmented into multiple chunks |
1da177e4 LT |
1278 | * at once if non-fragmentable extension headers |
1279 | * are too large. | |
1ab1457c | 1280 | * --yoshfuji |
1da177e4 LT |
1281 | */ |
1282 | ||
f5a30bc1 HFS |
1283 | if ((length > mtu) && dontfrag && (sk->sk_protocol == IPPROTO_UDP || |
1284 | sk->sk_protocol == IPPROTO_RAW)) { | |
1285 | ipv6_local_rxpmtu(sk, fl6, mtu-exthdrlen); | |
1286 | return -EMSGSIZE; | |
1287 | } | |
4b340ae2 | 1288 | |
f5a30bc1 HFS |
1289 | skb = skb_peek_tail(&sk->sk_write_queue); |
1290 | cork->length += length; | |
1291 | if (((length > mtu) || | |
b90cd7b9 | 1292 | (skb && skb_has_frags(skb))) && |
f5a30bc1 | 1293 | (sk->sk_protocol == IPPROTO_UDP) && |
6b313008 MK |
1294 | (rt->dst.dev->features & NETIF_F_UFO) && |
1295 | (sk->sk_type == SOCK_DGRAM)) { | |
f5a30bc1 HFS |
1296 | err = ip6_ufo_append_data(sk, getfrag, from, length, |
1297 | hh_len, fragheaderlen, | |
1298 | transhdrlen, mtu, flags, rt); | |
1299 | if (err) | |
1300 | goto error; | |
1301 | return 0; | |
e89e9cf5 | 1302 | } |
1da177e4 | 1303 | |
f5a30bc1 | 1304 | if (!skb) |
1da177e4 LT |
1305 | goto alloc_new_skb; |
1306 | ||
1307 | while (length > 0) { | |
1308 | /* Check if the remaining data fits into current packet. */ | |
bdc712b4 | 1309 | copy = (cork->length <= mtu && !(cork->flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - skb->len; |
1da177e4 LT |
1310 | if (copy < length) |
1311 | copy = maxfraglen - skb->len; | |
1312 | ||
1313 | if (copy <= 0) { | |
1314 | char *data; | |
1315 | unsigned int datalen; | |
1316 | unsigned int fraglen; | |
1317 | unsigned int fraggap; | |
1318 | unsigned int alloclen; | |
1da177e4 | 1319 | alloc_new_skb: |
1da177e4 | 1320 | /* There's no room in the current skb */ |
0c183379 G |
1321 | if (skb) |
1322 | fraggap = skb->len - maxfraglen; | |
1da177e4 LT |
1323 | else |
1324 | fraggap = 0; | |
0c183379 G |
1325 | /* update mtu and maxfraglen if necessary */ |
1326 | if (skb == NULL || skb_prev == NULL) | |
1327 | ip6_append_data_mtu(&mtu, &maxfraglen, | |
7852c5bf | 1328 | fragheaderlen, skb, rt, |
8e5612a2 | 1329 | orig_mtu); |
0c183379 G |
1330 | |
1331 | skb_prev = skb; | |
1da177e4 LT |
1332 | |
1333 | /* | |
1334 | * If remaining data exceeds the mtu, | |
1335 | * we know we need more fragment(s). | |
1336 | */ | |
1337 | datalen = length + fraggap; | |
1da177e4 | 1338 | |
0c183379 G |
1339 | if (datalen > (cork->length <= mtu && !(cork->flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - fragheaderlen) |
1340 | datalen = maxfraglen - fragheaderlen - rt->dst.trailer_len; | |
1da177e4 | 1341 | if ((flags & MSG_MORE) && |
d8d1f30b | 1342 | !(rt->dst.dev->features&NETIF_F_SG)) |
1da177e4 LT |
1343 | alloclen = mtu; |
1344 | else | |
1345 | alloclen = datalen + fragheaderlen; | |
1346 | ||
299b0767 SK |
1347 | alloclen += dst_exthdrlen; |
1348 | ||
0c183379 G |
1349 | if (datalen != length + fraggap) { |
1350 | /* | |
1351 | * this is not the last fragment, the trailer | |
1352 | * space is regarded as data space. | |
1353 | */ | |
1354 | datalen += rt->dst.trailer_len; | |
1355 | } | |
1356 | ||
1357 | alloclen += rt->dst.trailer_len; | |
1358 | fraglen = datalen + fragheaderlen; | |
1da177e4 LT |
1359 | |
1360 | /* | |
1361 | * We just reserve space for fragment header. | |
1ab1457c | 1362 | * Note: this may be overallocation if the message |
1da177e4 LT |
1363 | * (without MSG_MORE) fits into the MTU. |
1364 | */ | |
1365 | alloclen += sizeof(struct frag_hdr); | |
1366 | ||
1367 | if (transhdrlen) { | |
1368 | skb = sock_alloc_send_skb(sk, | |
1369 | alloclen + hh_len, | |
1370 | (flags & MSG_DONTWAIT), &err); | |
1371 | } else { | |
1372 | skb = NULL; | |
1373 | if (atomic_read(&sk->sk_wmem_alloc) <= | |
1374 | 2 * sk->sk_sndbuf) | |
1375 | skb = sock_wmalloc(sk, | |
1376 | alloclen + hh_len, 1, | |
1377 | sk->sk_allocation); | |
1378 | if (unlikely(skb == NULL)) | |
1379 | err = -ENOBUFS; | |
a693e698 AB |
1380 | else { |
1381 | /* Only the initial fragment | |
1382 | * is time stamped. | |
1383 | */ | |
1384 | tx_flags = 0; | |
1385 | } | |
1da177e4 LT |
1386 | } |
1387 | if (skb == NULL) | |
1388 | goto error; | |
1389 | /* | |
1390 | * Fill in the control structures | |
1391 | */ | |
d7f7c0ac | 1392 | skb->ip_summed = CHECKSUM_NONE; |
1da177e4 | 1393 | skb->csum = 0; |
1f85851e G |
1394 | /* reserve for fragmentation and ipsec header */ |
1395 | skb_reserve(skb, hh_len + sizeof(struct frag_hdr) + | |
1396 | dst_exthdrlen); | |
1da177e4 | 1397 | |
a693e698 AB |
1398 | if (sk->sk_type == SOCK_DGRAM) |
1399 | skb_shinfo(skb)->tx_flags = tx_flags; | |
1400 | ||
1da177e4 LT |
1401 | /* |
1402 | * Find where to start putting bytes | |
1403 | */ | |
1f85851e G |
1404 | data = skb_put(skb, fraglen); |
1405 | skb_set_network_header(skb, exthdrlen); | |
1406 | data += fragheaderlen; | |
b0e380b1 ACM |
1407 | skb->transport_header = (skb->network_header + |
1408 | fragheaderlen); | |
1da177e4 LT |
1409 | if (fraggap) { |
1410 | skb->csum = skb_copy_and_csum_bits( | |
1411 | skb_prev, maxfraglen, | |
1412 | data + transhdrlen, fraggap, 0); | |
1413 | skb_prev->csum = csum_sub(skb_prev->csum, | |
1414 | skb->csum); | |
1415 | data += fraggap; | |
e9fa4f7b | 1416 | pskb_trim_unique(skb_prev, maxfraglen); |
1da177e4 LT |
1417 | } |
1418 | copy = datalen - transhdrlen - fraggap; | |
299b0767 | 1419 | |
1da177e4 LT |
1420 | if (copy < 0) { |
1421 | err = -EINVAL; | |
1422 | kfree_skb(skb); | |
1423 | goto error; | |
1424 | } else if (copy > 0 && getfrag(from, data + transhdrlen, offset, copy, fraggap, skb) < 0) { | |
1425 | err = -EFAULT; | |
1426 | kfree_skb(skb); | |
1427 | goto error; | |
1428 | } | |
1429 | ||
1430 | offset += copy; | |
1431 | length -= datalen - fraggap; | |
1432 | transhdrlen = 0; | |
1433 | exthdrlen = 0; | |
299b0767 | 1434 | dst_exthdrlen = 0; |
1da177e4 LT |
1435 | |
1436 | /* | |
1437 | * Put the packet on the pending queue | |
1438 | */ | |
1439 | __skb_queue_tail(&sk->sk_write_queue, skb); | |
1440 | continue; | |
1441 | } | |
1442 | ||
1443 | if (copy > length) | |
1444 | copy = length; | |
1445 | ||
d8d1f30b | 1446 | if (!(rt->dst.dev->features&NETIF_F_SG)) { |
1da177e4 LT |
1447 | unsigned int off; |
1448 | ||
1449 | off = skb->len; | |
1450 | if (getfrag(from, skb_put(skb, copy), | |
1451 | offset, copy, off, skb) < 0) { | |
1452 | __skb_trim(skb, off); | |
1453 | err = -EFAULT; | |
1454 | goto error; | |
1455 | } | |
1456 | } else { | |
1457 | int i = skb_shinfo(skb)->nr_frags; | |
5640f768 | 1458 | struct page_frag *pfrag = sk_page_frag(sk); |
1da177e4 | 1459 | |
5640f768 ED |
1460 | err = -ENOMEM; |
1461 | if (!sk_page_frag_refill(sk, pfrag)) | |
1da177e4 | 1462 | goto error; |
5640f768 ED |
1463 | |
1464 | if (!skb_can_coalesce(skb, i, pfrag->page, | |
1465 | pfrag->offset)) { | |
1466 | err = -EMSGSIZE; | |
1467 | if (i == MAX_SKB_FRAGS) | |
1468 | goto error; | |
1469 | ||
1470 | __skb_fill_page_desc(skb, i, pfrag->page, | |
1471 | pfrag->offset, 0); | |
1472 | skb_shinfo(skb)->nr_frags = ++i; | |
1473 | get_page(pfrag->page); | |
1da177e4 | 1474 | } |
5640f768 | 1475 | copy = min_t(int, copy, pfrag->size - pfrag->offset); |
9e903e08 | 1476 | if (getfrag(from, |
5640f768 ED |
1477 | page_address(pfrag->page) + pfrag->offset, |
1478 | offset, copy, skb->len, skb) < 0) | |
1479 | goto error_efault; | |
1480 | ||
1481 | pfrag->offset += copy; | |
1482 | skb_frag_size_add(&skb_shinfo(skb)->frags[i - 1], copy); | |
1da177e4 LT |
1483 | skb->len += copy; |
1484 | skb->data_len += copy; | |
f945fa7a HX |
1485 | skb->truesize += copy; |
1486 | atomic_add(copy, &sk->sk_wmem_alloc); | |
1da177e4 LT |
1487 | } |
1488 | offset += copy; | |
1489 | length -= copy; | |
1490 | } | |
5640f768 | 1491 | |
1da177e4 | 1492 | return 0; |
5640f768 ED |
1493 | |
1494 | error_efault: | |
1495 | err = -EFAULT; | |
1da177e4 | 1496 | error: |
bdc712b4 | 1497 | cork->length -= length; |
3bd653c8 | 1498 | IP6_INC_STATS(sock_net(sk), rt->rt6i_idev, IPSTATS_MIB_OUTDISCARDS); |
1da177e4 LT |
1499 | return err; |
1500 | } | |
a495f836 | 1501 | EXPORT_SYMBOL_GPL(ip6_append_data); |
1da177e4 | 1502 | |
bf138862 PE |
1503 | static void ip6_cork_release(struct inet_sock *inet, struct ipv6_pinfo *np) |
1504 | { | |
0178b695 HX |
1505 | if (np->cork.opt) { |
1506 | kfree(np->cork.opt->dst0opt); | |
1507 | kfree(np->cork.opt->dst1opt); | |
1508 | kfree(np->cork.opt->hopopt); | |
1509 | kfree(np->cork.opt->srcrt); | |
1510 | kfree(np->cork.opt); | |
1511 | np->cork.opt = NULL; | |
1512 | } | |
1513 | ||
bdc712b4 DM |
1514 | if (inet->cork.base.dst) { |
1515 | dst_release(inet->cork.base.dst); | |
1516 | inet->cork.base.dst = NULL; | |
1517 | inet->cork.base.flags &= ~IPCORK_ALLFRAG; | |
bf138862 PE |
1518 | } |
1519 | memset(&inet->cork.fl, 0, sizeof(inet->cork.fl)); | |
1520 | } | |
1521 | ||
1da177e4 LT |
1522 | int ip6_push_pending_frames(struct sock *sk) |
1523 | { | |
1524 | struct sk_buff *skb, *tmp_skb; | |
1525 | struct sk_buff **tail_skb; | |
1526 | struct in6_addr final_dst_buf, *final_dst = &final_dst_buf; | |
1527 | struct inet_sock *inet = inet_sk(sk); | |
1528 | struct ipv6_pinfo *np = inet6_sk(sk); | |
3bd653c8 | 1529 | struct net *net = sock_net(sk); |
1da177e4 LT |
1530 | struct ipv6hdr *hdr; |
1531 | struct ipv6_txoptions *opt = np->cork.opt; | |
bdc712b4 | 1532 | struct rt6_info *rt = (struct rt6_info *)inet->cork.base.dst; |
4c9483b2 DM |
1533 | struct flowi6 *fl6 = &inet->cork.fl.u.ip6; |
1534 | unsigned char proto = fl6->flowi6_proto; | |
1da177e4 LT |
1535 | int err = 0; |
1536 | ||
1537 | if ((skb = __skb_dequeue(&sk->sk_write_queue)) == NULL) | |
1538 | goto out; | |
1539 | tail_skb = &(skb_shinfo(skb)->frag_list); | |
1540 | ||
1541 | /* move skb->data to ip header from ext header */ | |
d56f90a7 | 1542 | if (skb->data < skb_network_header(skb)) |
bbe735e4 | 1543 | __skb_pull(skb, skb_network_offset(skb)); |
1da177e4 | 1544 | while ((tmp_skb = __skb_dequeue(&sk->sk_write_queue)) != NULL) { |
cfe1fc77 | 1545 | __skb_pull(tmp_skb, skb_network_header_len(skb)); |
1da177e4 LT |
1546 | *tail_skb = tmp_skb; |
1547 | tail_skb = &(tmp_skb->next); | |
1548 | skb->len += tmp_skb->len; | |
1549 | skb->data_len += tmp_skb->len; | |
1da177e4 | 1550 | skb->truesize += tmp_skb->truesize; |
1da177e4 LT |
1551 | tmp_skb->destructor = NULL; |
1552 | tmp_skb->sk = NULL; | |
1da177e4 LT |
1553 | } |
1554 | ||
28a89453 | 1555 | /* Allow local fragmentation. */ |
b5c15fc0 | 1556 | if (np->pmtudisc < IPV6_PMTUDISC_DO) |
28a89453 HX |
1557 | skb->local_df = 1; |
1558 | ||
4e3fd7a0 | 1559 | *final_dst = fl6->daddr; |
cfe1fc77 | 1560 | __skb_pull(skb, skb_network_header_len(skb)); |
1da177e4 LT |
1561 | if (opt && opt->opt_flen) |
1562 | ipv6_push_frag_opts(skb, opt, &proto); | |
1563 | if (opt && opt->opt_nflen) | |
1564 | ipv6_push_nfrag_opts(skb, opt, &proto, &final_dst); | |
1565 | ||
e2d1bca7 ACM |
1566 | skb_push(skb, sizeof(struct ipv6hdr)); |
1567 | skb_reset_network_header(skb); | |
0660e03f | 1568 | hdr = ipv6_hdr(skb); |
1ab1457c | 1569 | |
3e4e4c1f | 1570 | ip6_flow_hdr(hdr, np->cork.tclass, fl6->flowlabel); |
1da177e4 LT |
1571 | hdr->hop_limit = np->cork.hop_limit; |
1572 | hdr->nexthdr = proto; | |
4e3fd7a0 AD |
1573 | hdr->saddr = fl6->saddr; |
1574 | hdr->daddr = *final_dst; | |
1da177e4 | 1575 | |
a2c2064f | 1576 | skb->priority = sk->sk_priority; |
4a19ec58 | 1577 | skb->mark = sk->sk_mark; |
a2c2064f | 1578 | |
d8d1f30b | 1579 | skb_dst_set(skb, dst_clone(&rt->dst)); |
edf391ff | 1580 | IP6_UPD_PO_STATS(net, rt->rt6i_idev, IPSTATS_MIB_OUT, skb->len); |
14878f75 | 1581 | if (proto == IPPROTO_ICMPV6) { |
adf30907 | 1582 | struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb)); |
14878f75 | 1583 | |
2e6f312e HFS |
1584 | ICMP6MSGOUT_INC_STATS(net, idev, icmp6_hdr(skb)->icmp6_type); |
1585 | ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS); | |
14878f75 DS |
1586 | } |
1587 | ||
ef76bc23 | 1588 | err = ip6_local_out(skb); |
1da177e4 LT |
1589 | if (err) { |
1590 | if (err > 0) | |
6ce9e7b5 | 1591 | err = net_xmit_errno(err); |
1da177e4 LT |
1592 | if (err) |
1593 | goto error; | |
1594 | } | |
1595 | ||
1596 | out: | |
bf138862 | 1597 | ip6_cork_release(inet, np); |
1da177e4 LT |
1598 | return err; |
1599 | error: | |
06254914 | 1600 | IP6_INC_STATS(net, rt->rt6i_idev, IPSTATS_MIB_OUTDISCARDS); |
1da177e4 LT |
1601 | goto out; |
1602 | } | |
a495f836 | 1603 | EXPORT_SYMBOL_GPL(ip6_push_pending_frames); |
1da177e4 LT |
1604 | |
1605 | void ip6_flush_pending_frames(struct sock *sk) | |
1606 | { | |
1da177e4 LT |
1607 | struct sk_buff *skb; |
1608 | ||
1609 | while ((skb = __skb_dequeue_tail(&sk->sk_write_queue)) != NULL) { | |
adf30907 ED |
1610 | if (skb_dst(skb)) |
1611 | IP6_INC_STATS(sock_net(sk), ip6_dst_idev(skb_dst(skb)), | |
e1f52208 | 1612 | IPSTATS_MIB_OUTDISCARDS); |
1da177e4 LT |
1613 | kfree_skb(skb); |
1614 | } | |
1615 | ||
bf138862 | 1616 | ip6_cork_release(inet_sk(sk), inet6_sk(sk)); |
1da177e4 | 1617 | } |
a495f836 | 1618 | EXPORT_SYMBOL_GPL(ip6_flush_pending_frames); |