projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge tag 'v3.10.103' into update
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / ipv6 / tcp_ipv6.c
CommitLineData
1da177e4
LT		 1/*
2 * TCP over IPv6
1ab1457c 3 * Linux INET6 implementation
1da177e4
LT		 4 *
5 * Authors:
1ab1457c 6 * Pedro Roque <roque@di.fc.ul.pt>
1da177e4 7 *
1ab1457c 8 * Based on:
1da177e4
LT		 9 * linux/net/ipv4/tcp.c
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
12 *
13 * Fixes:
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
19 *
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
24 */
25
eb4dea58 26#include <linux/bottom_half.h>
1da177e4 27#include <linux/module.h>
1da177e4
LT		 28#include <linux/errno.h>
29#include <linux/types.h>
30#include <linux/socket.h>
31#include <linux/sockios.h>
32#include <linux/net.h>
33#include <linux/jiffies.h>
34#include <linux/in.h>
35#include <linux/in6.h>
36#include <linux/netdevice.h>
37#include <linux/init.h>
38#include <linux/jhash.h>
39#include <linux/ipsec.h>
40#include <linux/times.h>
5a0e3ad6 41#include <linux/slab.h>
1da177e4
LT		 42
43#include <linux/ipv6.h>
44#include <linux/icmpv6.h>
45#include <linux/random.h>
46
47#include <net/tcp.h>
48#include <net/ndisc.h>
5324a040 49#include <net/inet6_hashtables.h>
8129765a 50#include <net/inet6_connection_sock.h>
1da177e4
LT		 51#include <net/ipv6.h>
52#include <net/transp_v6.h>
53#include <net/addrconf.h>
54#include <net/ip6_route.h>
55#include <net/ip6_checksum.h>
56#include <net/inet_ecn.h>
57#include <net/protocol.h>
58#include <net/xfrm.h>
1da177e4
LT		 59#include <net/snmp.h>
60#include <net/dsfield.h>
6d6ee43e 61#include <net/timewait_sock.h>
18134bed 62#include <net/netdma.h>
3d58b5fa 63#include <net/inet_common.h>
6e5714ea 64#include <net/secure_seq.h>
d1a4c0b3 65#include <net/tcp_memcontrol.h>
1da177e4
LT		 66
67#include <asm/uaccess.h>
68
69#include <linux/proc_fs.h>
70#include <linux/seq_file.h>
71
cfb6eeb4
YH		 72#include <linux/crypto.h>
73#include <linux/scatterlist.h>
74
cfb6eeb4 75static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
6edafaaf
GJ		 76static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
77 struct request_sock *req);
1da177e4
LT		 78
79static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
1da177e4 80
3b401a81
SH		 81static const struct inet_connection_sock_af_ops ipv6_mapped;
82static const struct inet_connection_sock_af_ops ipv6_specific;
a928630a 83#ifdef CONFIG_TCP_MD5SIG
b2e4b3de
SH		 84static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
85static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
9501f972
YH		 86#else
87static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
b71d1d42 88 const struct in6_addr *addr)
9501f972
YH		 89{
90 return NULL;
91}
a928630a 92#endif
1da177e4 93
fae6ef87
NC		 94static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
95{
96 struct dst_entry *dst = skb_dst(skb);
97 const struct rt6_info *rt = (const struct rt6_info *)dst;
98
99 dst_hold(dst);
100 sk->sk_rx_dst = dst;
101 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
102 if (rt->rt6i_node)
103 inet6_sk(sk)->rx_dst_cookie = rt->rt6i_node->fn_sernum;
104}
105
1da177e4
LT		 106static void tcp_v6_hash(struct sock *sk)
107{
108 if (sk->sk_state != TCP_CLOSE) {
8292a17a 109 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
1da177e4
LT		 110 tcp_prot.hash(sk);
111 return;
112 }
113 local_bh_disable();
9327f705 114 __inet6_hash(sk, NULL);
1da177e4
LT		 115 local_bh_enable();
116 }
117}
118
cf533ea5 119static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
1da177e4 120{
0660e03f
ACM		 121 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
122 ipv6_hdr(skb)->saddr.s6_addr32,
aa8223c7
ACM		 123 tcp_hdr(skb)->dest,
124 tcp_hdr(skb)->source);
1da177e4
LT		 125}
126
1ab1457c 127static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
1da177e4
LT		 128 int addr_len)
129{
130 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
1ab1457c 131 struct inet_sock *inet = inet_sk(sk);
d83d8461 132 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4
LT		 133 struct ipv6_pinfo *np = inet6_sk(sk);
134 struct tcp_sock *tp = tcp_sk(sk);
20c59de2 135 struct in6_addr *saddr = NULL, *final_p, final;
493f377d 136 struct rt6_info *rt;
4c9483b2 137 struct flowi6 fl6;
1da177e4
LT		 138 struct dst_entry *dst;
139 int addr_type;
140 int err;
141
1ab1457c 142 if (addr_len < SIN6_LEN_RFC2133)
1da177e4
LT		 143 return -EINVAL;
144
1ab1457c 145 if (usin->sin6_family != AF_INET6)
a02cec21 146 return -EAFNOSUPPORT;
1da177e4 147
4c9483b2 148 memset(&fl6, 0, sizeof(fl6));
1da177e4
LT		 149
150 if (np->sndflow) {
4c9483b2
DM		 151 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
152 IP6_ECN_flow_init(fl6.flowlabel);
153 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
1da177e4 154 struct ip6_flowlabel *flowlabel;
4c9483b2 155 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
1da177e4
LT		 156 if (flowlabel == NULL)
157 return -EINVAL;
4e3fd7a0 158 usin->sin6_addr = flowlabel->dst;
1da177e4
LT		 159 fl6_sock_release(flowlabel);
160 }
161 }
162
163 /*
1ab1457c
YH		 164 * connect() to INADDR_ANY means loopback (BSD'ism).
165 */
166
167 if(ipv6_addr_any(&usin->sin6_addr))
168 usin->sin6_addr.s6_addr[15] = 0x1;
1da177e4
LT		 169
170 addr_type = ipv6_addr_type(&usin->sin6_addr);
171
172 if(addr_type & IPV6_ADDR_MULTICAST)
173 return -ENETUNREACH;
174
175 if (addr_type&IPV6_ADDR_LINKLOCAL) {
176 if (addr_len >= sizeof(struct sockaddr_in6) &&
177 usin->sin6_scope_id) {
178 /* If interface is set while binding, indices
179 * must coincide.
180 */
181 if (sk->sk_bound_dev_if &&
182 sk->sk_bound_dev_if != usin->sin6_scope_id)
183 return -EINVAL;
184
185 sk->sk_bound_dev_if = usin->sin6_scope_id;
186 }
187
188 /* Connect to link-local address requires an interface */
189 if (!sk->sk_bound_dev_if)
190 return -EINVAL;
191 }
192
193 if (tp->rx_opt.ts_recent_stamp &&
194 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
195 tp->rx_opt.ts_recent = 0;
196 tp->rx_opt.ts_recent_stamp = 0;
197 tp->write_seq = 0;
198 }
199
4e3fd7a0 200 np->daddr = usin->sin6_addr;
4c9483b2 201 np->flow_label = fl6.flowlabel;
1da177e4
LT		 202
203 /*
204 * TCP over IPv4
205 */
206
207 if (addr_type == IPV6_ADDR_MAPPED) {
d83d8461 208 u32 exthdrlen = icsk->icsk_ext_hdr_len;
1da177e4
LT		 209 struct sockaddr_in sin;
210
211 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
212
213 if (__ipv6_only_sock(sk))
214 return -ENETUNREACH;
215
216 sin.sin_family = AF_INET;
217 sin.sin_port = usin->sin6_port;
218 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
219
d83d8461 220 icsk->icsk_af_ops = &ipv6_mapped;
1da177e4 221 sk->sk_backlog_rcv = tcp_v4_do_rcv;
cfb6eeb4
YH		 222#ifdef CONFIG_TCP_MD5SIG
223 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
224#endif
1da177e4
LT		 225
226 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
227
228 if (err) {
d83d8461
ACM		 229 icsk->icsk_ext_hdr_len = exthdrlen;
230 icsk->icsk_af_ops = &ipv6_specific;
1da177e4 231 sk->sk_backlog_rcv = tcp_v6_do_rcv;
cfb6eeb4
YH		 232#ifdef CONFIG_TCP_MD5SIG
233 tp->af_specific = &tcp_sock_ipv6_specific;
234#endif
1da177e4
LT		 235 goto failure;
236 } else {
c720c7e8
ED		 237 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
238 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
239 &np->rcv_saddr);
1da177e4
LT		 240 }
241
242 return err;
243 }
244
245 if (!ipv6_addr_any(&np->rcv_saddr))
246 saddr = &np->rcv_saddr;
247
4c9483b2 248 fl6.flowi6_proto = IPPROTO_TCP;
4e3fd7a0
AD		 249 fl6.daddr = np->daddr;
250 fl6.saddr = saddr ? *saddr : np->saddr;
4c9483b2
DM		 251 fl6.flowi6_oif = sk->sk_bound_dev_if;
252 fl6.flowi6_mark = sk->sk_mark;
1958b856
DM		 253 fl6.fl6_dport = usin->sin6_port;
254 fl6.fl6_sport = inet->inet_sport;
6fa3eb70 255 fl6.flowi6_uid = sock_i_uid(sk);
1da177e4 256
4c9483b2 257 final_p = fl6_update_dst(&fl6, np->opt, &final);
1da177e4 258
4c9483b2 259 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
beb8d13b 260
4c9483b2 261 dst = ip6_dst_lookup_flow(sk, &fl6, final_p, true);
68d0c6d3
DM		 262 if (IS_ERR(dst)) {
263 err = PTR_ERR(dst);
1da177e4 264 goto failure;
14e50e57 265 }
1da177e4
LT		 266
267 if (saddr == NULL) {
4c9483b2 268 saddr = &fl6.saddr;
4e3fd7a0 269 np->rcv_saddr = *saddr;
1da177e4
LT		 270 }
271
272 /* set the source address */
4e3fd7a0 273 np->saddr = *saddr;
c720c7e8 274 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 275
f83ef8c0 276 sk->sk_gso_type = SKB_GSO_TCPV6;
8e1ef0a9 277 __ip6_dst_store(sk, dst, NULL, NULL);
1da177e4 278
493f377d
DM		 279 rt = (struct rt6_info *) dst;
280 if (tcp_death_row.sysctl_tw_recycle &&
281 !tp->rx_opt.ts_recent_stamp &&
81166dd6
DM		 282 ipv6_addr_equal(&rt->rt6i_dst.addr, &np->daddr))
283 tcp_fetch_timewait_stamp(sk, dst);
493f377d 284
d83d8461 285 icsk->icsk_ext_hdr_len = 0;
1da177e4 286 if (np->opt)
d83d8461
ACM		 287 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
288 np->opt->opt_nflen);
1da177e4
LT		 289
290 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
291
c720c7e8 292 inet->inet_dport = usin->sin6_port;
1da177e4
LT		 293
294 tcp_set_state(sk, TCP_SYN_SENT);
d8313f5c 295 err = inet6_hash_connect(&tcp_death_row, sk);
1da177e4
LT		 296 if (err)
297 goto late_failure;
298
6fa3eb70 299 printk(KERN_INFO "net_sock, IPV6 socket[%lu] sport:%u \n", SOCK_INODE(sk->sk_socket)->i_ino, ntohs(inet->inet_sport));
2b916477 300 if (!tp->write_seq && likely(!tp->repair))
1da177e4
LT		 301 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
302 np->daddr.s6_addr32,
c720c7e8
ED		 303 inet->inet_sport,
304 inet->inet_dport);
1da177e4
LT		 305
306 err = tcp_connect(sk);
307 if (err)
308 goto late_failure;
309
310 return 0;
311
312late_failure:
313 tcp_set_state(sk, TCP_CLOSE);
314 __sk_dst_reset(sk);
315failure:
c720c7e8 316 inet->inet_dport = 0;
1da177e4
LT		 317 sk->sk_route_caps = 0;
318 return err;
319}
320
563d34d0
ED		 321static void tcp_v6_mtu_reduced(struct sock *sk)
322{
323 struct dst_entry *dst;
324
325 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
326 return;
327
328 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
329 if (!dst)
330 return;
331
332 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
333 tcp_sync_mss(sk, dst_mtu(dst));
334 tcp_simple_retransmit(sk);
335 }
336}
337
1da177e4 338static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
d5fdd6ba 339 u8 type, u8 code, int offset, __be32 info)
1da177e4 340{
b71d1d42 341 const struct ipv6hdr *hdr = (const struct ipv6hdr*)skb->data;
505cbfc5 342 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
1da177e4
LT		 343 struct ipv6_pinfo *np;
344 struct sock *sk;
345 int err;
1ab1457c 346 struct tcp_sock *tp;
1da177e4 347 __u32 seq;
ca12a1a4 348 struct net *net = dev_net(skb->dev);
1da177e4 349
ca12a1a4 350 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
d86e0dac 351 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
1da177e4
LT		 352
353 if (sk == NULL) {
e41b5368
DL		 354 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
355 ICMP6_MIB_INERRORS);
1da177e4
LT		 356 return;
357 }
358
359 if (sk->sk_state == TCP_TIME_WAIT) {
9469c7b4 360 inet_twsk_put(inet_twsk(sk));
1da177e4
LT		 361 return;
362 }
363
364 bh_lock_sock(sk);
563d34d0 365 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
de0744af 366 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
1da177e4
LT		 367
368 if (sk->sk_state == TCP_CLOSE)
369 goto out;
370
e802af9c
SH		 371 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
372 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
373 goto out;
374 }
375
1da177e4 376 tp = tcp_sk(sk);
1ab1457c 377 seq = ntohl(th->seq);
1da177e4
LT		 378 if (sk->sk_state != TCP_LISTEN &&
379 !between(seq, tp->snd_una, tp->snd_nxt)) {
de0744af 380 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
1da177e4
LT		 381 goto out;
382 }
383
384 np = inet6_sk(sk);
385
ec18d9a2
DM		 386 if (type == NDISC_REDIRECT) {
387 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
388
1ed5c48f 389 if (dst)
6700c270 390 dst->ops->redirect(dst, sk, skb);
50a75a89 391 goto out;
ec18d9a2
DM		 392 }
393
1da177e4 394 if (type == ICMPV6_PKT_TOOBIG) {
0d4f0608
ED		 395 /* We are not interested in TCP_LISTEN and open_requests
396 * (SYN-ACKs send out by Linux are always <576bytes so
397 * they should go through unfragmented).
398 */
399 if (sk->sk_state == TCP_LISTEN)
400 goto out;
401
563d34d0
ED		 402 tp->mtu_info = ntohl(info);
403 if (!sock_owned_by_user(sk))
404 tcp_v6_mtu_reduced(sk);
d013ef2a
JA		 405 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
406 &tp->tsq_flags))
407 sock_hold(sk);
1da177e4
LT		 408 goto out;
409 }
410
411 icmpv6_err_convert(type, code, &err);
412
60236fdd 413 /* Might be for an request_sock */
1da177e4 414 switch (sk->sk_state) {
60236fdd 415 struct request_sock *req, **prev;
1da177e4
LT		 416 case TCP_LISTEN:
417 if (sock_owned_by_user(sk))
418 goto out;
419
8129765a
ACM		 420 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
421 &hdr->saddr, inet6_iif(skb));
1da177e4
LT		 422 if (!req)
423 goto out;
424
425 /* ICMPs are not backlogged, hence we cannot get
426 * an established socket here.
427 */
547b792c 428 WARN_ON(req->sk != NULL);
1da177e4 429
2e6599cb 430 if (seq != tcp_rsk(req)->snt_isn) {
de0744af 431 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
1da177e4
LT		 432 goto out;
433 }
434
463c84b9 435 inet_csk_reqsk_queue_drop(sk, req, prev);
5f1e942c 436 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1da177e4
LT		 437 goto out;
438
439 case TCP_SYN_SENT:
440 case TCP_SYN_RECV: /* Cannot happen.
1ab1457c 441 It can, it SYNs are crossed. --ANK */
1da177e4 442 if (!sock_owned_by_user(sk)) {
1da177e4
LT		 443 sk->sk_err = err;
444 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
445
446 tcp_done(sk);
447 } else
448 sk->sk_err_soft = err;
449 goto out;
450 }
451
452 if (!sock_owned_by_user(sk) && np->recverr) {
453 sk->sk_err = err;
454 sk->sk_error_report(sk);
455 } else
456 sk->sk_err_soft = err;
457
458out:
459 bh_unlock_sock(sk);
460 sock_put(sk);
461}
462
463
9f10d3f6
NC		 464static int tcp_v6_send_synack(struct sock *sk, struct dst_entry *dst,
465 struct flowi6 *fl6,
3840a06e 466 struct request_sock *req,
fff32699 467 u16 queue_mapping)
1da177e4 468{
ca304b61 469 struct inet6_request_sock *treq = inet6_rsk(req);
1da177e4
LT		 470 struct ipv6_pinfo *np = inet6_sk(sk);
471 struct sk_buff * skb;
9494218f 472 int err = -ENOMEM;
1da177e4 473
9f10d3f6
NC		 474 /* First, grab a route. */
475 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL)
fd80eb94 476 goto done;
9494218f 477
1a2c6181 478 skb = tcp_make_synack(sk, dst, req, NULL);
9494218f 479
1da177e4 480 if (skb) {
8ad50d96 481 __tcp_v6_send_check(skb, &treq->loc_addr, &treq->rmt_addr);
1da177e4 482
9f10d3f6 483 fl6->daddr = treq->rmt_addr;
fff32699 484 skb_set_queue_mapping(skb, queue_mapping);
43264e0b 485 err = ip6_xmit(sk, skb, fl6, np->opt, np->tclass);
b9df3cb8 486 err = net_xmit_eval(err);
1da177e4
LT		 487 }
488
489done:
1da177e4
LT		 490 return err;
491}
492
1a2c6181 493static int tcp_v6_rtx_synack(struct sock *sk, struct request_sock *req)
72659ecc 494{
9f10d3f6 495 struct flowi6 fl6;
e6c022a4 496 int res;
9f10d3f6 497
1a2c6181 498 res = tcp_v6_send_synack(sk, NULL, &fl6, req, 0);
e6c022a4
ED		 499 if (!res)
500 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
501 return res;
72659ecc
OP		 502}
503
60236fdd 504static void tcp_v6_reqsk_destructor(struct request_sock *req)
1da177e4 505{
800d55f1 506 kfree_skb(inet6_rsk(req)->pktopts);
1da177e4
LT		 507}
508
cfb6eeb4
YH		 509#ifdef CONFIG_TCP_MD5SIG
510static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
b71d1d42 511 const struct in6_addr *addr)
cfb6eeb4 512{
a915da9b 513 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
cfb6eeb4
YH		 514}
515
516static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
517 struct sock *addr_sk)
518{
519 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
520}
521
522static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
523 struct request_sock *req)
524{
525 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
526}
527
cfb6eeb4
YH		 528static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
529 int optlen)
530{
531 struct tcp_md5sig cmd;
532 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
cfb6eeb4
YH		 533
534 if (optlen < sizeof(cmd))
535 return -EINVAL;
536
537 if (copy_from_user(&cmd, optval, sizeof(cmd)))
538 return -EFAULT;
539
540 if (sin6->sin6_family != AF_INET6)
541 return -EINVAL;
542
543 if (!cmd.tcpm_keylen) {
e773e4fa 544 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
a915da9b
ED		 545 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
546 AF_INET);
547 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
548 AF_INET6);
cfb6eeb4
YH		 549 }
550
551 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
552 return -EINVAL;
553
a915da9b
ED		 554 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
555 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
556 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
cfb6eeb4 557
a915da9b
ED		 558 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
559 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
cfb6eeb4
YH		 560}
561
49a72dfb 562static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
b71d1d42
ED		 563 const struct in6_addr *daddr,
564 const struct in6_addr *saddr, int nbytes)
cfb6eeb4 565{
cfb6eeb4 566 struct tcp6_pseudohdr *bp;
49a72dfb 567 struct scatterlist sg;
8d26d76d 568
cfb6eeb4 569 bp = &hp->md5_blk.ip6;
cfb6eeb4 570 /* 1. TCP pseudo-header (RFC2460) */
4e3fd7a0
AD		 571 bp->saddr = *saddr;
572 bp->daddr = *daddr;
49a72dfb 573 bp->protocol = cpu_to_be32(IPPROTO_TCP);
00b1304c 574 bp->len = cpu_to_be32(nbytes);
cfb6eeb4 575
49a72dfb
AL		 576 sg_init_one(&sg, bp, sizeof(*bp));
577 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
578}
c7da57a1 579
49a72dfb 580static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
b71d1d42 581 const struct in6_addr *daddr, struct in6_addr *saddr,
318cf7aa 582 const struct tcphdr *th)
49a72dfb
AL		 583{
584 struct tcp_md5sig_pool *hp;
585 struct hash_desc *desc;
586
587 hp = tcp_get_md5sig_pool();
588 if (!hp)
589 goto clear_hash_noput;
590 desc = &hp->md5_desc;
591
592 if (crypto_hash_init(desc))
593 goto clear_hash;
594 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
595 goto clear_hash;
596 if (tcp_md5_hash_header(hp, th))
597 goto clear_hash;
598 if (tcp_md5_hash_key(hp, key))
599 goto clear_hash;
600 if (crypto_hash_final(desc, md5_hash))
cfb6eeb4 601 goto clear_hash;
cfb6eeb4 602
cfb6eeb4 603 tcp_put_md5sig_pool();
cfb6eeb4 604 return 0;
49a72dfb 605
cfb6eeb4
YH		 606clear_hash:
607 tcp_put_md5sig_pool();
608clear_hash_noput:
609 memset(md5_hash, 0, 16);
49a72dfb 610 return 1;
cfb6eeb4
YH		 611}
612
49a72dfb 613static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
318cf7aa
ED		 614 const struct sock *sk,
615 const struct request_sock *req,
616 const struct sk_buff *skb)
cfb6eeb4 617{
b71d1d42 618 const struct in6_addr *saddr, *daddr;
49a72dfb
AL		 619 struct tcp_md5sig_pool *hp;
620 struct hash_desc *desc;
318cf7aa 621 const struct tcphdr *th = tcp_hdr(skb);
cfb6eeb4
YH		 622
623 if (sk) {
624 saddr = &inet6_sk(sk)->saddr;
625 daddr = &inet6_sk(sk)->daddr;
49a72dfb 626 } else if (req) {
cfb6eeb4
YH		 627 saddr = &inet6_rsk(req)->loc_addr;
628 daddr = &inet6_rsk(req)->rmt_addr;
49a72dfb 629 } else {
b71d1d42 630 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
49a72dfb
AL		 631 saddr = &ip6h->saddr;
632 daddr = &ip6h->daddr;
cfb6eeb4 633 }
49a72dfb
AL		 634
635 hp = tcp_get_md5sig_pool();
636 if (!hp)
637 goto clear_hash_noput;
638 desc = &hp->md5_desc;
639
640 if (crypto_hash_init(desc))
641 goto clear_hash;
642
643 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
644 goto clear_hash;
645 if (tcp_md5_hash_header(hp, th))
646 goto clear_hash;
647 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
648 goto clear_hash;
649 if (tcp_md5_hash_key(hp, key))
650 goto clear_hash;
651 if (crypto_hash_final(desc, md5_hash))
652 goto clear_hash;
653
654 tcp_put_md5sig_pool();
655 return 0;
656
657clear_hash:
658 tcp_put_md5sig_pool();
659clear_hash_noput:
660 memset(md5_hash, 0, 16);
661 return 1;
cfb6eeb4
YH		 662}
663
318cf7aa 664static int tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb)
cfb6eeb4 665{
cf533ea5 666 const __u8 *hash_location = NULL;
cfb6eeb4 667 struct tcp_md5sig_key *hash_expected;
b71d1d42 668 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
318cf7aa 669 const struct tcphdr *th = tcp_hdr(skb);
cfb6eeb4 670 int genhash;
cfb6eeb4
YH		 671 u8 newhash[16];
672
673 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
7d5d5525 674 hash_location = tcp_parse_md5sig_option(th);
cfb6eeb4 675
785957d3
DM		 676 /* We've parsed the options - do we have a hash? */
677 if (!hash_expected && !hash_location)
678 return 0;
679
680 if (hash_expected && !hash_location) {
681 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
cfb6eeb4
YH		 682 return 1;
683 }
684
785957d3
DM		 685 if (!hash_expected && hash_location) {
686 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
cfb6eeb4
YH		 687 return 1;
688 }
689
690 /* check the signature */
49a72dfb
AL		 691 genhash = tcp_v6_md5_hash_skb(newhash,
692 hash_expected,
693 NULL, NULL, skb);
694
cfb6eeb4 695 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
e87cc472
JP		 696 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
697 genhash ? "failed" : "mismatch",
698 &ip6h->saddr, ntohs(th->source),
699 &ip6h->daddr, ntohs(th->dest));
cfb6eeb4
YH		 700 return 1;
701 }
702 return 0;
703}
704#endif
705
c6aefafb 706struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
1da177e4 707 .family = AF_INET6,
2e6599cb 708 .obj_size = sizeof(struct tcp6_request_sock),
72659ecc 709 .rtx_syn_ack = tcp_v6_rtx_synack,
60236fdd
ACM		 710 .send_ack = tcp_v6_reqsk_send_ack,
711 .destructor = tcp_v6_reqsk_destructor,
72659ecc
OP		 712 .send_reset = tcp_v6_send_reset,
713 .syn_ack_timeout = tcp_syn_ack_timeout,
1da177e4
LT		 714};
715
cfb6eeb4 716#ifdef CONFIG_TCP_MD5SIG
b2e4b3de 717static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
cfb6eeb4 718 .md5_lookup = tcp_v6_reqsk_md5_lookup,
e3afe7b7 719 .calc_md5_hash = tcp_v6_md5_hash_skb,
cfb6eeb4 720};
b6332e6c 721#endif
cfb6eeb4 722
626e264d 723static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
ee684b6f
AV		 724 u32 tsval, u32 tsecr,
725 struct tcp_md5sig_key *key, int rst, u8 tclass)
1da177e4 726{
cf533ea5
ED		 727 const struct tcphdr *th = tcp_hdr(skb);
728 struct tcphdr *t1;
1da177e4 729 struct sk_buff *buff;
4c9483b2 730 struct flowi6 fl6;
adf30907 731 struct net *net = dev_net(skb_dst(skb)->dev);
e5047992 732 struct sock *ctl_sk = net->ipv6.tcp_sk;
77c676da 733 unsigned int tot_len = sizeof(struct tcphdr);
adf30907 734 struct dst_entry *dst;
81ada62d 735 __be32 *topt;
1da177e4 736
ee684b6f 737 if (tsecr)
626e264d 738 tot_len += TCPOLEN_TSTAMP_ALIGNED;
cfb6eeb4 739#ifdef CONFIG_TCP_MD5SIG
cfb6eeb4
YH		 740 if (key)
741 tot_len += TCPOLEN_MD5SIG_ALIGNED;
742#endif
743
cfb6eeb4 744 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1da177e4 745 GFP_ATOMIC);
1ab1457c
YH		 746 if (buff == NULL)
747 return;
1da177e4 748
cfb6eeb4 749 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1da177e4 750
cfb6eeb4 751 t1 = (struct tcphdr *) skb_push(buff, tot_len);
6651ffc8 752 skb_reset_transport_header(buff);
1da177e4
LT		 753
754 /* Swap the send and the receive. */
755 memset(t1, 0, sizeof(*t1));
756 t1->dest = th->source;
757 t1->source = th->dest;
cfb6eeb4 758 t1->doff = tot_len / 4;
626e264d
IJ		 759 t1->seq = htonl(seq);
760 t1->ack_seq = htonl(ack);
761 t1->ack = !rst || !th->ack;
762 t1->rst = rst;
763 t1->window = htons(win);
1da177e4 764
81ada62d
IJ		 765 topt = (__be32 *)(t1 + 1);
766
ee684b6f 767 if (tsecr) {
626e264d
IJ		 768 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
769 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
ee684b6f
AV		 770 *topt++ = htonl(tsval);
771 *topt++ = htonl(tsecr);
626e264d
IJ		 772 }
773
cfb6eeb4
YH		 774#ifdef CONFIG_TCP_MD5SIG
775 if (key) {
81ada62d
IJ		 776 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
777 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
778 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
78e645cb
IJ		 779 &ipv6_hdr(skb)->saddr,
780 &ipv6_hdr(skb)->daddr, t1);
cfb6eeb4
YH		 781 }
782#endif
783
4c9483b2 784 memset(&fl6, 0, sizeof(fl6));
4e3fd7a0
AD		 785 fl6.daddr = ipv6_hdr(skb)->saddr;
786 fl6.saddr = ipv6_hdr(skb)->daddr;
1da177e4 787
e5700aff
DM		 788 buff->ip_summed = CHECKSUM_PARTIAL;
789 buff->csum = 0;
790
4c9483b2 791 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
1da177e4 792
4c9483b2 793 fl6.flowi6_proto = IPPROTO_TCP;
4c675258
AK		 794 if (ipv6_addr_type(&fl6.daddr) & IPV6_ADDR_LINKLOCAL)
795 fl6.flowi6_oif = inet6_iif(skb);
6fa3eb70 796 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark);
1958b856
DM		 797 fl6.fl6_dport = t1->dest;
798 fl6.fl6_sport = t1->source;
4c9483b2 799 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
1da177e4 800
c20121ae
DL		 801 /* Pass a socket to ip6_dst_lookup either it is for RST
802 * Underlying function will use this to retrieve the network
803 * namespace
804 */
4c9483b2 805 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL, false);
68d0c6d3
DM		 806 if (!IS_ERR(dst)) {
807 skb_dst_set(buff, dst);
b903d324 808 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
68d0c6d3
DM		 809 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
810 if (rst)
811 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
812 return;
1da177e4
LT		 813 }
814
815 kfree_skb(buff);
816}
817
626e264d 818static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
1da177e4 819{
cf533ea5 820 const struct tcphdr *th = tcp_hdr(skb);
626e264d 821 u32 seq = 0, ack_seq = 0;
fa3e5b4e 822 struct tcp_md5sig_key *key = NULL;
658ddaaf
SL		 823#ifdef CONFIG_TCP_MD5SIG
824 const __u8 *hash_location = NULL;
825 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
826 unsigned char newhash[16];
827 int genhash;
828 struct sock *sk1 = NULL;
829#endif
1da177e4 830
626e264d 831 if (th->rst)
1da177e4
LT		 832 return;
833
626e264d
IJ		 834 if (!ipv6_unicast_destination(skb))
835 return;
1da177e4 836
cfb6eeb4 837#ifdef CONFIG_TCP_MD5SIG
658ddaaf
SL		 838 hash_location = tcp_parse_md5sig_option(th);
839 if (!sk && hash_location) {
840 /*
841 * active side is lost. Try to find listening socket through
842 * source port, and then find md5 key through listening socket.
843 * we are not loose security here:
844 * Incoming packet is checked with md5 hash with finding key,
845 * no RST generated if md5 hash doesn't match.
846 */
847 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
5ba24953
TH		 848 &tcp_hashinfo, &ipv6h->saddr,
849 th->source, &ipv6h->daddr,
658ddaaf
SL		 850 ntohs(th->source), inet6_iif(skb));
851 if (!sk1)
852 return;
853
854 rcu_read_lock();
855 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
856 if (!key)
857 goto release_sk1;
858
859 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, NULL, skb);
860 if (genhash || memcmp(hash_location, newhash, 16) != 0)
861 goto release_sk1;
862 } else {
863 key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL;
864 }
cfb6eeb4
YH		 865#endif
866
626e264d
IJ		 867 if (th->ack)
868 seq = ntohl(th->ack_seq);
869 else
870 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
871 (th->doff << 2);
1da177e4 872
ee684b6f 873 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, 0, key, 1, 0);
658ddaaf
SL		 874
875#ifdef CONFIG_TCP_MD5SIG
876release_sk1:
877 if (sk1) {
878 rcu_read_unlock();
879 sock_put(sk1);
880 }
881#endif
626e264d 882}
1da177e4 883
ee684b6f
AV		 884static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack,
885 u32 win, u32 tsval, u32 tsecr,
b903d324 886 struct tcp_md5sig_key *key, u8 tclass)
626e264d 887{
ee684b6f 888 tcp_v6_send_response(skb, seq, ack, win, tsval, tsecr, key, 0, tclass);
1da177e4
LT		 889}
890
891static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
892{
8feaf0c0 893 struct inet_timewait_sock *tw = inet_twsk(sk);
cfb6eeb4 894 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1da177e4 895
9501f972 896 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
8feaf0c0 897 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
ee684b6f 898 tcp_time_stamp + tcptw->tw_ts_offset,
b903d324
ED		 899 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw),
900 tw->tw_tclass);
1da177e4 901
8feaf0c0 902 inet_twsk_put(tw);
1da177e4
LT		 903}
904
6edafaaf
GJ		 905static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
906 struct request_sock *req)
1da177e4 907{
ee684b6f
AV		 908 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1,
909 req->rcv_wnd, tcp_time_stamp, req->ts_recent,
b903d324 910 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr), 0);
1da177e4
LT		 911}
912
913
914static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
915{
60236fdd 916 struct request_sock *req, **prev;
aa8223c7 917 const struct tcphdr *th = tcp_hdr(skb);
1da177e4
LT		 918 struct sock *nsk;
919
920 /* Find possible connection requests. */
8129765a 921 req = inet6_csk_search_req(sk, &prev, th->source,
0660e03f
ACM		 922 &ipv6_hdr(skb)->saddr,
923 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1da177e4 924 if (req)
8336886f 925 return tcp_check_req(sk, skb, req, prev, false);
1da177e4 926
3b1e0a65 927 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
d86e0dac
PE		 928 &ipv6_hdr(skb)->saddr, th->source,
929 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1da177e4
LT		 930
931 if (nsk) {
932 if (nsk->sk_state != TCP_TIME_WAIT) {
933 bh_lock_sock(nsk);
934 return nsk;
935 }
9469c7b4 936 inet_twsk_put(inet_twsk(nsk));
1da177e4
LT		 937 return NULL;
938 }
939
c6aefafb 940#ifdef CONFIG_SYN_COOKIES
af9b4738 941 if (!th->syn)
c6aefafb 942 sk = cookie_v6_check(sk, skb);
1da177e4
LT		 943#endif
944 return sk;
945}
946
1da177e4
LT		 947/* FIXME: this is substantially similar to the ipv4 code.
948 * Can some kind of merge be done? -- erics
949 */
950static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
951{
e6b4d113
WAS		 952 struct tcp_options_received tmp_opt;
953 struct request_sock *req;
ca304b61 954 struct inet6_request_sock *treq;
1da177e4 955 struct ipv6_pinfo *np = inet6_sk(sk);
1da177e4 956 struct tcp_sock *tp = tcp_sk(sk);
e6b4d113 957 __u32 isn = TCP_SKB_CB(skb)->when;
493f377d 958 struct dst_entry *dst = NULL;
3840a06e 959 struct flowi6 fl6;
a2a385d6 960 bool want_cookie = false;
1da177e4
LT		 961
962 if (skb->protocol == htons(ETH_P_IP))
963 return tcp_v4_conn_request(sk, skb);
964
965 if (!ipv6_unicast_destination(skb))
1ab1457c 966 goto drop;
1da177e4 967
463c84b9 968 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
946cedcc
ED		 969 want_cookie = tcp_syn_flood_action(sk, skb, "TCPv6");
970 if (!want_cookie)
971 goto drop;
1da177e4
LT		 972 }
973
5f1e942c
VS		 974 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) {
975 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1da177e4 976 goto drop;
5f1e942c 977 }
1da177e4 978
ca304b61 979 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1da177e4
LT		 980 if (req == NULL)
981 goto drop;
982
cfb6eeb4
YH		 983#ifdef CONFIG_TCP_MD5SIG
984 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
985#endif
986
1da177e4
LT		 987 tcp_clear_options(&tmp_opt);
988 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
989 tmp_opt.user_mss = tp->rx_opt.user_mss;
1a2c6181 990 tcp_parse_options(skb, &tmp_opt, 0, NULL);
1da177e4 991
4dfc2817 992 if (want_cookie && !tmp_opt.saw_tstamp)
c6aefafb 993 tcp_clear_options(&tmp_opt);
c6aefafb 994
1da177e4
LT		 995 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
996 tcp_openreq_init(req, &tmp_opt, skb);
997
ca304b61 998 treq = inet6_rsk(req);
4e3fd7a0
AD		 999 treq->rmt_addr = ipv6_hdr(skb)->saddr;
1000 treq->loc_addr = ipv6_hdr(skb)->daddr;
172d69e6 1001 if (!want_cookie || tmp_opt.tstamp_ok)
5d134f1c 1002 TCP_ECN_create_request(req, skb, sock_net(sk));
c6aefafb 1003
4d0fe50c 1004 treq->iif = sk->sk_bound_dev_if;
6fa3eb70 1005 inet_rsk(req)->ir_mark = inet_request_mark(sk, skb);
4d0fe50c
ED		 1006
1007 /* So that link locals have meaning */
1008 if (!sk->sk_bound_dev_if &&
1009 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1010 treq->iif = inet6_iif(skb);
1011
2bbdf389 1012 if (!isn) {
c6aefafb
GG		 1013 if (ipv6_opt_accepted(sk, skb) ||
1014 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1015 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1016 atomic_inc(&skb->users);
1017 treq->pktopts = skb;
1018 }
493f377d
DM		 1019
1020 if (want_cookie) {
2bbdf389
FW		 1021 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1022 req->cookie_ts = tmp_opt.tstamp_ok;
493f377d
DM		 1023 goto have_isn;
1024 }
1025
1026 /* VJ's idea. We save last timestamp seen
1027 * from the destination in peer table, when entering
1028 * state TIME-WAIT, and check against it before
1029 * accepting new connection request.
1030 *
1031 * If "isn" is not zero, this request hit alive
1032 * timewait bucket, so that all the necessary checks
1033 * are made in the function processing timewait state.
1034 */
1035 if (tmp_opt.saw_tstamp &&
1036 tcp_death_row.sysctl_tw_recycle &&
81166dd6
DM		 1037 (dst = inet6_csk_route_req(sk, &fl6, req)) != NULL) {
1038 if (!tcp_peer_is_proven(req, dst, true)) {
493f377d
DM		 1039 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_PAWSPASSIVEREJECTED);
1040 goto drop_and_release;
1041 }
1042 }
1043 /* Kill the following clause, if you dislike this way. */
1044 else if (!sysctl_tcp_syncookies &&
1045 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
1046 (sysctl_max_syn_backlog >> 2)) &&
81166dd6 1047 !tcp_peer_is_proven(req, dst, false)) {
493f377d
DM		 1048 /* Without syncookies last quarter of
1049 * backlog is filled with destinations,
1050 * proven to be alive.
1051 * It means that we continue to communicate
1052 * to destinations, already remembered
1053 * to the moment of synflood.
1054 */
1055 LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open request from %pI6/%u\n",
1056 &treq->rmt_addr, ntohs(tcp_hdr(skb)->source));
1057 goto drop_and_release;
2bbdf389 1058 }
493f377d
DM		 1059
1060 isn = tcp_v6_init_sequence(skb);
c6aefafb 1061 }
493f377d 1062have_isn:
2e6599cb 1063 tcp_rsk(req)->snt_isn = isn;
1da177e4 1064
437c5b53
NC		 1065 if (security_inet_conn_request(sk, skb, req))
1066 goto drop_and_release;
4237c75c 1067
9f10d3f6 1068 if (tcp_v6_send_synack(sk, dst, &fl6, req,
fff32699 1069 skb_get_queue_mapping(skb)) ||
4957faad 1070 want_cookie)
e6b4d113 1071 goto drop_and_free;
1da177e4 1072
016818d0 1073 tcp_rsk(req)->snt_synack = tcp_time_stamp;
8336886f 1074 tcp_rsk(req)->listener = NULL;
e6b4d113
WAS		 1075 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1076 return 0;
1da177e4 1077
493f377d
DM		 1078drop_and_release:
1079 dst_release(dst);
e6b4d113
WAS		 1080drop_and_free:
1081 reqsk_free(req);
1da177e4 1082drop:
5f1e942c 1083 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1da177e4
LT		 1084 return 0; /* don't send reset */
1085}
1086
1087static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
60236fdd 1088 struct request_sock *req,
1da177e4
LT		 1089 struct dst_entry *dst)
1090{
78d15e82 1091 struct inet6_request_sock *treq;
1da177e4
LT		 1092 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1093 struct tcp6_sock *newtcp6sk;
1094 struct inet_sock *newinet;
1095 struct tcp_sock *newtp;
1096 struct sock *newsk;
cfb6eeb4
YH		 1097#ifdef CONFIG_TCP_MD5SIG
1098 struct tcp_md5sig_key *key;
1099#endif
3840a06e 1100 struct flowi6 fl6;
1da177e4
LT		 1101
1102 if (skb->protocol == htons(ETH_P_IP)) {
1103 /*
1104 * v6 mapped
1105 */
1106
1107 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1108
1ab1457c 1109 if (newsk == NULL)
1da177e4
LT		 1110 return NULL;
1111
1112 newtcp6sk = (struct tcp6_sock *)newsk;
1113 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1114
1115 newinet = inet_sk(newsk);
1116 newnp = inet6_sk(newsk);
1117 newtp = tcp_sk(newsk);
1118
1119 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1120
c720c7e8 1121 ipv6_addr_set_v4mapped(newinet->inet_daddr, &newnp->daddr);
1da177e4 1122
c720c7e8 1123 ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr);
1da177e4 1124
4e3fd7a0 1125 newnp->rcv_saddr = newnp->saddr;
1da177e4 1126
8292a17a 1127 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1da177e4 1128 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
cfb6eeb4
YH		 1129#ifdef CONFIG_TCP_MD5SIG
1130 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1131#endif
1132
676a1184
YZ		 1133 newnp->ipv6_ac_list = NULL;
1134 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1135 newnp->pktoptions = NULL;
1136 newnp->opt = NULL;
505cbfc5 1137 newnp->mcast_oif = inet6_iif(skb);
0660e03f 1138 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
e7219858 1139 newnp->rcv_tclass = ipv6_get_dsfield(ipv6_hdr(skb));
1da177e4 1140
e6848976
ACM		 1141 /*
1142 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1143 * here, tcp_create_openreq_child now does this for us, see the comment in
1144 * that function for the gory details. -acme
1da177e4 1145 */
1da177e4
LT		 1146
1147 /* It is tricky place. Until this moment IPv4 tcp
8292a17a 1148 worked with IPv6 icsk.icsk_af_ops.
1da177e4
LT		 1149 Sync it now.
1150 */
d83d8461 1151 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1da177e4
LT		 1152
1153 return newsk;
1154 }
1155
78d15e82 1156 treq = inet6_rsk(req);
1da177e4
LT		 1157
1158 if (sk_acceptq_is_full(sk))
1159 goto out_overflow;
1160
493f377d 1161 if (!dst) {
3840a06e 1162 dst = inet6_csk_route_req(sk, &fl6, req);
493f377d 1163 if (!dst)
1da177e4 1164 goto out;
1ab1457c 1165 }
1da177e4
LT		 1166
1167 newsk = tcp_create_openreq_child(sk, req, skb);
1168 if (newsk == NULL)
093d2823 1169 goto out_nonewsk;
1da177e4 1170
e6848976
ACM		 1171 /*
1172 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1173 * count here, tcp_create_openreq_child now does this for us, see the
1174 * comment in that function for the gory details. -acme
1175 */
1da177e4 1176
59eed279 1177 newsk->sk_gso_type = SKB_GSO_TCPV6;
8e1ef0a9 1178 __ip6_dst_store(newsk, dst, NULL, NULL);
fae6ef87 1179 inet6_sk_rx_dst_set(newsk, skb);
1da177e4
LT		 1180
1181 newtcp6sk = (struct tcp6_sock *)newsk;
1182 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1183
1184 newtp = tcp_sk(newsk);
1185 newinet = inet_sk(newsk);
1186 newnp = inet6_sk(newsk);
1187
1188 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1189
4e3fd7a0
AD		 1190 newnp->daddr = treq->rmt_addr;
1191 newnp->saddr = treq->loc_addr;
1192 newnp->rcv_saddr = treq->loc_addr;
2e6599cb 1193 newsk->sk_bound_dev_if = treq->iif;
1da177e4 1194
1ab1457c 1195 /* Now IPv6 options...
1da177e4
LT		 1196
1197 First: no IPv4 options.
1198 */
f6d8bd05 1199 newinet->inet_opt = NULL;
676a1184 1200 newnp->ipv6_ac_list = NULL;
d35690be 1201 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1202
1203 /* Clone RX bits */
1204 newnp->rxopt.all = np->rxopt.all;
1205
1206 /* Clone pktoptions received with SYN */
1207 newnp->pktoptions = NULL;
2e6599cb 1208 if (treq->pktopts != NULL) {
99a1dec7
MG		 1209 newnp->pktoptions = skb_clone(treq->pktopts,
1210 sk_gfp_atomic(sk, GFP_ATOMIC));
ab185d7b 1211 consume_skb(treq->pktopts);
2e6599cb 1212 treq->pktopts = NULL;
1da177e4
LT		 1213 if (newnp->pktoptions)
1214 skb_set_owner_r(newnp->pktoptions, newsk);
1215 }
1216 newnp->opt = NULL;
505cbfc5 1217 newnp->mcast_oif = inet6_iif(skb);
0660e03f 1218 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
e7219858 1219 newnp->rcv_tclass = ipv6_get_dsfield(ipv6_hdr(skb));
1da177e4
LT		 1220
1221 /* Clone native IPv6 options from listening socket (if any)
1222
1223 Yes, keeping reference count would be much more clever,
1224 but we make one more one thing there: reattach optmem
1225 to newsk.
1226 */
43264e0b
RL		 1227 if (np->opt)
1228 newnp->opt = ipv6_dup_options(newsk, np->opt);
1da177e4 1229
d83d8461 1230 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1da177e4 1231 if (newnp->opt)
d83d8461
ACM		 1232 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1233 newnp->opt->opt_flen);
1da177e4 1234
5d424d5a 1235 tcp_mtup_init(newsk);
1da177e4 1236 tcp_sync_mss(newsk, dst_mtu(dst));
0dbaee3b 1237 newtp->advmss = dst_metric_advmss(dst);
d135c522
NC		 1238 if (tcp_sk(sk)->rx_opt.user_mss &&
1239 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1240 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1241
1da177e4 1242 tcp_initialize_rcv_mss(newsk);
623df484 1243 tcp_synack_rtt_meas(newsk, req);
e6c022a4 1244 newtp->total_retrans = req->num_retrans;
1da177e4 1245
c720c7e8
ED		 1246 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1247 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 1248
cfb6eeb4
YH		 1249#ifdef CONFIG_TCP_MD5SIG
1250 /* Copy over the MD5 key from the original socket */
1251 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1252 /* We're using one, so create a matching key
1253 * on the newsk structure. If we fail to get
1254 * memory, then we end up not copying the key
1255 * across. Shucks.
1256 */
a915da9b 1257 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newnp->daddr,
99a1dec7
MG		 1258 AF_INET6, key->key, key->keylen,
1259 sk_gfp_atomic(sk, GFP_ATOMIC));
cfb6eeb4
YH		 1260 }
1261#endif
1262
093d2823 1263 if (__inet_inherit_port(sk, newsk) < 0) {
e337e24d
CP		 1264 inet_csk_prepare_forced_close(newsk);
1265 tcp_done(newsk);
093d2823
BS		 1266 goto out;
1267 }
9327f705 1268 __inet6_hash(newsk, NULL);
1da177e4
LT		 1269
1270 return newsk;
1271
1272out_overflow:
de0744af 1273 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
093d2823 1274out_nonewsk:
1da177e4 1275 dst_release(dst);
093d2823
BS		 1276out:
1277 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1da177e4
LT		 1278 return NULL;
1279}
1280
b51655b9 1281static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1da177e4 1282{
84fa7933 1283 if (skb->ip_summed == CHECKSUM_COMPLETE) {
684f2176 1284 if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr,
0660e03f 1285 &ipv6_hdr(skb)->daddr, skb->csum)) {
fb286bb2 1286 skb->ip_summed = CHECKSUM_UNNECESSARY;
1da177e4 1287 return 0;
fb286bb2 1288 }
1da177e4 1289 }
fb286bb2 1290
684f2176 1291 skb->csum = ~csum_unfold(tcp_v6_check(skb->len,
0660e03f
ACM		 1292 &ipv6_hdr(skb)->saddr,
1293 &ipv6_hdr(skb)->daddr, 0));
fb286bb2 1294
1da177e4 1295 if (skb->len <= 76) {
fb286bb2 1296 return __skb_checksum_complete(skb);
1da177e4
LT		 1297 }
1298 return 0;
1299}
1300
1301/* The socket must have it's spinlock held when we get
1302 * here.
1303 *
1304 * We have a potential double-lock case here, so even when
1305 * doing backlog processing we use the BH locking scheme.
1306 * This is because we cannot sleep with the original spinlock
1307 * held.
1308 */
1309static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1310{
1311 struct ipv6_pinfo *np = inet6_sk(sk);
1312 struct tcp_sock *tp;
1313 struct sk_buff *opt_skb = NULL;
1314
1315 /* Imagine: socket is IPv6. IPv4 packet arrives,
1316 goes to IPv4 receive handler and backlogged.
1317 From backlog it always goes here. Kerboom...
1318 Fortunately, tcp_rcv_established and rcv_established
1319 handle them correctly, but it is not case with
1320 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1321 */
1322
1323 if (skb->protocol == htons(ETH_P_IP))
1324 return tcp_v4_do_rcv(sk, skb);
1325
cfb6eeb4
YH		 1326#ifdef CONFIG_TCP_MD5SIG
1327 if (tcp_v6_inbound_md5_hash (sk, skb))
1328 goto discard;
1329#endif
1330
fda9ef5d 1331 if (sk_filter(sk, skb))
1da177e4
LT		 1332 goto discard;
1333
1334 /*
1335 * socket locking is here for SMP purposes as backlog rcv
1336 * is currently called with bh processing disabled.
1337 */
1338
1339 /* Do Stevens' IPV6_PKTOPTIONS.
1340
1341 Yes, guys, it is the only place in our code, where we
1342 may make it not affecting IPv4.
1343 The rest of code is protocol independent,
1344 and I do not like idea to uglify IPv4.
1345
1346 Actually, all the idea behind IPV6_PKTOPTIONS
1347 looks not very well thought. For now we latch
1348 options, received in the last packet, enqueued
1349 by tcp. Feel free to propose better solution.
1ab1457c 1350 --ANK (980728)
1da177e4
LT		 1351 */
1352 if (np->rxopt.all)
99a1dec7 1353 opt_skb = skb_clone(skb, sk_gfp_atomic(sk, GFP_ATOMIC));
1da177e4
LT		 1354
1355 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
5d299f3d
ED		 1356 struct dst_entry *dst = sk->sk_rx_dst;
1357
bdeab991 1358 sock_rps_save_rxhash(sk, skb);
5d299f3d
ED		 1359 if (dst) {
1360 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1361 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1362 dst_release(dst);
1363 sk->sk_rx_dst = NULL;
1364 }
1365 }
1366
aa8223c7 1367 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1da177e4 1368 goto reset;
1da177e4
LT		 1369 if (opt_skb)
1370 goto ipv6_pktoptions;
1371 return 0;
1372 }
1373
ab6a5bb6 1374 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1da177e4
LT		 1375 goto csum_err;
1376
1ab1457c 1377 if (sk->sk_state == TCP_LISTEN) {
1da177e4
LT		 1378 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1379 if (!nsk)
1380 goto discard;
1381
1382 /*
1383 * Queue it on the new socket if the new socket is active,
1384 * otherwise we just shortcircuit this and continue with
1385 * the new socket..
1386 */
1ab1457c 1387 if(nsk != sk) {
bdeab991 1388 sock_rps_save_rxhash(nsk, skb);
1da177e4
LT		 1389 if (tcp_child_process(sk, nsk, skb))
1390 goto reset;
1391 if (opt_skb)
1392 __kfree_skb(opt_skb);
1393 return 0;
1394 }
47482f13 1395 } else
bdeab991 1396 sock_rps_save_rxhash(sk, skb);
1da177e4 1397
aa8223c7 1398 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1da177e4 1399 goto reset;
1da177e4
LT		 1400 if (opt_skb)
1401 goto ipv6_pktoptions;
1402 return 0;
1403
1404reset:
cfb6eeb4 1405 tcp_v6_send_reset(sk, skb);
1da177e4
LT		 1406discard:
1407 if (opt_skb)
1408 __kfree_skb(opt_skb);
1409 kfree_skb(skb);
1410 return 0;
1411csum_err:
6a5dc9e5 1412 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_CSUMERRORS);
63231bdd 1413 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1da177e4
LT		 1414 goto discard;
1415
1416
1417ipv6_pktoptions:
1418 /* Do you ask, what is it?
1419
1420 1. skb was enqueued by tcp.
1421 2. skb is added to tail of read queue, rather than out of order.
1422 3. socket is not in passive state.
1423 4. Finally, it really contains options, which user wants to receive.
1424 */
1425 tp = tcp_sk(sk);
1426 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1427 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
333fad53 1428 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
505cbfc5 1429 np->mcast_oif = inet6_iif(opt_skb);
333fad53 1430 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
0660e03f 1431 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
4c507d28 1432 if (np->rxopt.bits.rxtclass)
a22eb149 1433 np->rcv_tclass = ipv6_get_dsfield(ipv6_hdr(opt_skb));
1da177e4
LT		 1434 if (ipv6_opt_accepted(sk, opt_skb)) {
1435 skb_set_owner_r(opt_skb, sk);
1436 opt_skb = xchg(&np->pktoptions, opt_skb);
1437 } else {
1438 __kfree_skb(opt_skb);
1439 opt_skb = xchg(&np->pktoptions, NULL);
1440 }
1441 }
1442
800d55f1 1443 kfree_skb(opt_skb);
1da177e4
LT		 1444 return 0;
1445}
1446
e5bbef20 1447static int tcp_v6_rcv(struct sk_buff *skb)
1da177e4 1448{
cf533ea5 1449 const struct tcphdr *th;
b71d1d42 1450 const struct ipv6hdr *hdr;
1da177e4
LT		 1451 struct sock *sk;
1452 int ret;
a86b1e30 1453 struct net *net = dev_net(skb->dev);
1da177e4
LT		 1454
1455 if (skb->pkt_type != PACKET_HOST)
1456 goto discard_it;
1457
1458 /*
1459 * Count it even if it's bad.
1460 */
63231bdd 1461 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1da177e4
LT		 1462
1463 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1464 goto discard_it;
1465
aa8223c7 1466 th = tcp_hdr(skb);
1da177e4
LT		 1467
1468 if (th->doff < sizeof(struct tcphdr)/4)
1469 goto bad_packet;
1470 if (!pskb_may_pull(skb, th->doff*4))
1471 goto discard_it;
1472
60476372 1473 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
6a5dc9e5 1474 goto csum_error;
1da177e4 1475
aa8223c7 1476 th = tcp_hdr(skb);
e802af9c 1477 hdr = ipv6_hdr(skb);
1da177e4
LT		 1478 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1479 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1480 skb->len - th->doff*4);
1481 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1482 TCP_SKB_CB(skb)->when = 0;
b82d1bb4 1483 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1da177e4
LT		 1484 TCP_SKB_CB(skb)->sacked = 0;
1485
9a1f27c4 1486 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1da177e4
LT		 1487 if (!sk)
1488 goto no_tcp_socket;
1489
1490process:
1491 if (sk->sk_state == TCP_TIME_WAIT)
1492 goto do_time_wait;
1493
e802af9c
SH		 1494 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1495 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1496 goto discard_and_relse;
1497 }
1498
1da177e4
LT		 1499 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1500 goto discard_and_relse;
1501
fda9ef5d 1502 if (sk_filter(sk, skb))
1da177e4
LT		 1503 goto discard_and_relse;
1504
1505 skb->dev = NULL;
1506
293b9c42 1507 bh_lock_sock_nested(sk);
1da177e4
LT		 1508 ret = 0;
1509 if (!sock_owned_by_user(sk)) {
1a2449a8 1510#ifdef CONFIG_NET_DMA
1ab1457c 1511 struct tcp_sock *tp = tcp_sk(sk);
b4caea8a 1512 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
a2bd1140 1513 tp->ucopy.dma_chan = net_dma_find_channel();
1ab1457c
YH		 1514 if (tp->ucopy.dma_chan)
1515 ret = tcp_v6_do_rcv(sk, skb);
1516 else
1a2449a8
CL		 1517#endif
1518 {
1519 if (!tcp_prequeue(sk, skb))
1520 ret = tcp_v6_do_rcv(sk, skb);
1521 }
da882c1f
ED		 1522 } else if (unlikely(sk_add_backlog(sk, skb,
1523 sk->sk_rcvbuf + sk->sk_sndbuf))) {
6b03a53a 1524 bh_unlock_sock(sk);
6cce09f8 1525 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
6b03a53a
ZY		 1526 goto discard_and_relse;
1527 }
1da177e4
LT		 1528 bh_unlock_sock(sk);
1529
1530 sock_put(sk);
1531 return ret ? -1 : 0;
1532
1533no_tcp_socket:
1534 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1535 goto discard_it;
1536
1537 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
6a5dc9e5
ED		 1538csum_error:
1539 TCP_INC_STATS_BH(net, TCP_MIB_CSUMERRORS);
1da177e4 1540bad_packet:
63231bdd 1541 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1da177e4 1542 } else {
cfb6eeb4 1543 tcp_v6_send_reset(NULL, skb);
1da177e4
LT		 1544 }
1545
1546discard_it:
1da177e4
LT		 1547 kfree_skb(skb);
1548 return 0;
1549
1550discard_and_relse:
1551 sock_put(sk);
1552 goto discard_it;
1553
1554do_time_wait:
1555 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
9469c7b4 1556 inet_twsk_put(inet_twsk(sk));
1da177e4
LT		 1557 goto discard_it;
1558 }
1559
6a5dc9e5 1560 if (skb->len < (th->doff<<2)) {
9469c7b4 1561 inet_twsk_put(inet_twsk(sk));
6a5dc9e5
ED		 1562 goto bad_packet;
1563 }
1564 if (tcp_checksum_complete(skb)) {
1565 inet_twsk_put(inet_twsk(sk));
1566 goto csum_error;
1da177e4
LT		 1567 }
1568
9469c7b4 1569 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1da177e4
LT		 1570 case TCP_TW_SYN:
1571 {
1572 struct sock *sk2;
1573
c346dca1 1574 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
5ba24953 1575 &ipv6_hdr(skb)->saddr, th->source,
0660e03f 1576 &ipv6_hdr(skb)->daddr,
505cbfc5 1577 ntohs(th->dest), inet6_iif(skb));
1da177e4 1578 if (sk2 != NULL) {
295ff7ed
ACM		 1579 struct inet_timewait_sock *tw = inet_twsk(sk);
1580 inet_twsk_deschedule(tw, &tcp_death_row);
1581 inet_twsk_put(tw);
1da177e4
LT		 1582 sk = sk2;
1583 goto process;
1584 }
1585 /* Fall through to ACK */
1586 }
1587 case TCP_TW_ACK:
1588 tcp_v6_timewait_ack(sk, skb);
1589 break;
1590 case TCP_TW_RST:
1591 goto no_tcp_socket;
1592 case TCP_TW_SUCCESS:;
1593 }
1594 goto discard_it;
1595}
1596
c7109986
ED		 1597static void tcp_v6_early_demux(struct sk_buff *skb)
1598{
1599 const struct ipv6hdr *hdr;
1600 const struct tcphdr *th;
1601 struct sock *sk;
1602
1603 if (skb->pkt_type != PACKET_HOST)
1604 return;
1605
1606 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1607 return;
1608
1609 hdr = ipv6_hdr(skb);
1610 th = tcp_hdr(skb);
1611
1612 if (th->doff < sizeof(struct tcphdr) / 4)
1613 return;
1614
1615 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1616 &hdr->saddr, th->source,
1617 &hdr->daddr, ntohs(th->dest),
1618 inet6_iif(skb));
1619 if (sk) {
1620 skb->sk = sk;
1621 skb->destructor = sock_edemux;
1622 if (sk->sk_state != TCP_TIME_WAIT) {
1b946e38 1623 struct dst_entry *dst = ACCESS_ONCE(sk->sk_rx_dst);
f3f12135 1624
c7109986 1625 if (dst)
5d299f3d 1626 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
c7109986 1627 if (dst &&
f3f12135 1628 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
c7109986
ED		 1629 skb_dst_set_noref(skb, dst);
1630 }
1631 }
1632}
1633
ccb7c410
DM		 1634static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1635 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1636 .twsk_unique = tcp_twsk_unique,
1637 .twsk_destructor= tcp_twsk_destructor,
ccb7c410
DM		 1638};
1639
3b401a81 1640static const struct inet_connection_sock_af_ops ipv6_specific = {
543d9cfe
ACM		 1641 .queue_xmit = inet6_csk_xmit,
1642 .send_check = tcp_v6_send_check,
1643 .rebuild_header = inet6_sk_rebuild_header,
5d299f3d 1644 .sk_rx_dst_set = inet6_sk_rx_dst_set,
543d9cfe
ACM		 1645 .conn_request = tcp_v6_conn_request,
1646 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe 1647 .net_header_len = sizeof(struct ipv6hdr),
67469601 1648 .net_frag_header_len = sizeof(struct frag_hdr),
543d9cfe
ACM		 1649 .setsockopt = ipv6_setsockopt,
1650 .getsockopt = ipv6_getsockopt,
1651 .addr2sockaddr = inet6_csk_addr2sockaddr,
1652 .sockaddr_len = sizeof(struct sockaddr_in6),
ab1e0a13 1653 .bind_conflict = inet6_csk_bind_conflict,
3fdadf7d 1654#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1655 .compat_setsockopt = compat_ipv6_setsockopt,
1656 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1657#endif
5f80f4d8 1658 .mtu_reduced = tcp_v6_mtu_reduced,
1da177e4
LT		 1659};
1660
cfb6eeb4 1661#ifdef CONFIG_TCP_MD5SIG
b2e4b3de 1662static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
cfb6eeb4 1663 .md5_lookup = tcp_v6_md5_lookup,
49a72dfb 1664 .calc_md5_hash = tcp_v6_md5_hash_skb,
cfb6eeb4 1665 .md5_parse = tcp_v6_parse_md5_keys,
cfb6eeb4 1666};
a928630a 1667#endif
cfb6eeb4 1668
1da177e4
LT		 1669/*
1670 * TCP over IPv4 via INET6 API
1671 */
1672
3b401a81 1673static const struct inet_connection_sock_af_ops ipv6_mapped = {
543d9cfe
ACM		 1674 .queue_xmit = ip_queue_xmit,
1675 .send_check = tcp_v4_send_check,
1676 .rebuild_header = inet_sk_rebuild_header,
63d02d15 1677 .sk_rx_dst_set = inet_sk_rx_dst_set,
543d9cfe
ACM		 1678 .conn_request = tcp_v6_conn_request,
1679 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe
ACM		 1680 .net_header_len = sizeof(struct iphdr),
1681 .setsockopt = ipv6_setsockopt,
1682 .getsockopt = ipv6_getsockopt,
1683 .addr2sockaddr = inet6_csk_addr2sockaddr,
1684 .sockaddr_len = sizeof(struct sockaddr_in6),
ab1e0a13 1685 .bind_conflict = inet6_csk_bind_conflict,
3fdadf7d 1686#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1687 .compat_setsockopt = compat_ipv6_setsockopt,
1688 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1689#endif
5f80f4d8 1690 .mtu_reduced = tcp_v4_mtu_reduced,
1da177e4
LT		 1691};
1692
cfb6eeb4 1693#ifdef CONFIG_TCP_MD5SIG
b2e4b3de 1694static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
cfb6eeb4 1695 .md5_lookup = tcp_v4_md5_lookup,
49a72dfb 1696 .calc_md5_hash = tcp_v4_md5_hash_skb,
cfb6eeb4 1697 .md5_parse = tcp_v6_parse_md5_keys,
cfb6eeb4 1698};
a928630a 1699#endif
cfb6eeb4 1700
1da177e4
LT		 1701/* NOTE: A lot of things set to zero explicitly by call to
1702 * sk_alloc() so need not be done here.
1703 */
1704static int tcp_v6_init_sock(struct sock *sk)
1705{
6687e988 1706 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4 1707
900f65d3 1708 tcp_init_sock(sk);
1da177e4 1709
8292a17a 1710 icsk->icsk_af_ops = &ipv6_specific;
1da177e4 1711
cfb6eeb4 1712#ifdef CONFIG_TCP_MD5SIG
ac807fa8 1713 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
cfb6eeb4
YH		 1714#endif
1715
1da177e4
LT		 1716 return 0;
1717}
1718
7d06b2e0 1719static void tcp_v6_destroy_sock(struct sock *sk)
1da177e4 1720{
1da177e4 1721 tcp_v4_destroy_sock(sk);
7d06b2e0 1722 inet6_destroy_sock(sk);
1da177e4
LT		 1723}
1724
952a10be 1725#ifdef CONFIG_PROC_FS
1da177e4 1726/* Proc filesystem TCPv6 sock list dumping. */
1ab1457c 1727static void get_openreq6(struct seq_file *seq,
a7cb5a49 1728 const struct sock *sk, struct request_sock *req, int i, kuid_t uid)
1da177e4 1729{
1da177e4 1730 int ttd = req->expires - jiffies;
b71d1d42
ED		 1731 const struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1732 const struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1da177e4
LT		 1733
1734 if (ttd < 0)
1735 ttd = 0;
1736
1da177e4
LT		 1737 seq_printf(seq,
1738 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
71338aa7 1739 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1da177e4
LT		 1740 i,
1741 src->s6_addr32[0], src->s6_addr32[1],
1742 src->s6_addr32[2], src->s6_addr32[3],
fd507037 1743 ntohs(inet_rsk(req)->loc_port),
1da177e4
LT		 1744 dest->s6_addr32[0], dest->s6_addr32[1],
1745 dest->s6_addr32[2], dest->s6_addr32[3],
2e6599cb 1746 ntohs(inet_rsk(req)->rmt_port),
1da177e4
LT		 1747 TCP_SYN_RECV,
1748 0,0, /* could print option size, but that is af dependent. */
1ab1457c
YH		 1749 1, /* timers active (only the expire timer) */
1750 jiffies_to_clock_t(ttd),
e6c022a4 1751 req->num_timeout,
a7cb5a49 1752 from_kuid_munged(seq_user_ns(seq), uid),
1ab1457c 1753 0, /* non standard timer */
1da177e4
LT		 1754 0, /* open_requests have no inode */
1755 0, req);
1756}
1757
1758static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1759{
b71d1d42 1760 const struct in6_addr *dest, *src;
1da177e4
LT		 1761 __u16 destp, srcp;
1762 int timer_active;
1763 unsigned long timer_expires;
cf533ea5
ED		 1764 const struct inet_sock *inet = inet_sk(sp);
1765 const struct tcp_sock *tp = tcp_sk(sp);
463c84b9 1766 const struct inet_connection_sock *icsk = inet_csk(sp);
cf533ea5 1767 const struct ipv6_pinfo *np = inet6_sk(sp);
1da177e4
LT		 1768
1769 dest = &np->daddr;
1770 src = &np->rcv_saddr;
c720c7e8
ED		 1771 destp = ntohs(inet->inet_dport);
1772 srcp = ntohs(inet->inet_sport);
463c84b9 1773
4f6b1692
YC		 1774 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
1775 icsk->icsk_pending == ICSK_TIME_EARLY_RETRANS ||
1776 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
1da177e4 1777 timer_active = 1;
463c84b9
ACM		 1778 timer_expires = icsk->icsk_timeout;
1779 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1da177e4 1780 timer_active = 4;
463c84b9 1781 timer_expires = icsk->icsk_timeout;
1da177e4
LT		 1782 } else if (timer_pending(&sp->sk_timer)) {
1783 timer_active = 2;
1784 timer_expires = sp->sk_timer.expires;
1785 } else {
1786 timer_active = 0;
1787 timer_expires = jiffies;
1788 }
1789
1790 seq_printf(seq,
1791 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
71338aa7 1792 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %pK %lu %lu %u %u %d\n",
1da177e4
LT		 1793 i,
1794 src->s6_addr32[0], src->s6_addr32[1],
1795 src->s6_addr32[2], src->s6_addr32[3], srcp,
1796 dest->s6_addr32[0], dest->s6_addr32[1],
1797 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1ab1457c 1798 sp->sk_state,
47da8ee6
SS		 1799 tp->write_seq-tp->snd_una,
1800 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1da177e4 1801 timer_active,
a399a805 1802 jiffies_delta_to_clock_t(timer_expires - jiffies),
463c84b9 1803 icsk->icsk_retransmits,
a7cb5a49 1804 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
6687e988 1805 icsk->icsk_probes_out,
1da177e4
LT		 1806 sock_i_ino(sp),
1807 atomic_read(&sp->sk_refcnt), sp,
7be87351
SH		 1808 jiffies_to_clock_t(icsk->icsk_rto),
1809 jiffies_to_clock_t(icsk->icsk_ack.ato),
463c84b9 1810 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
0b6a05c1
IJ		 1811 tp->snd_cwnd,
1812 tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh
1da177e4
LT		 1813 );
1814}
1815
1ab1457c 1816static void get_timewait6_sock(struct seq_file *seq,
8feaf0c0 1817 struct inet_timewait_sock *tw, int i)
1da177e4 1818{
b71d1d42 1819 const struct in6_addr *dest, *src;
1da177e4 1820 __u16 destp, srcp;
cf533ea5 1821 const struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
a399a805 1822 long delta = tw->tw_ttd - jiffies;
1da177e4 1823
0fa1a53e
ACM		 1824 dest = &tw6->tw_v6_daddr;
1825 src = &tw6->tw_v6_rcv_saddr;
1da177e4
LT		 1826 destp = ntohs(tw->tw_dport);
1827 srcp = ntohs(tw->tw_sport);
1828
1829 seq_printf(seq,
1830 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
71338aa7 1831 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1da177e4
LT		 1832 i,
1833 src->s6_addr32[0], src->s6_addr32[1],
1834 src->s6_addr32[2], src->s6_addr32[3], srcp,
1835 dest->s6_addr32[0], dest->s6_addr32[1],
1836 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1837 tw->tw_substate, 0, 0,
a399a805 1838 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1da177e4
LT		 1839 atomic_read(&tw->tw_refcnt), tw);
1840}
1841
1da177e4
LT		 1842static int tcp6_seq_show(struct seq_file *seq, void *v)
1843{
1844 struct tcp_iter_state *st;
1845
1846 if (v == SEQ_START_TOKEN) {
1847 seq_puts(seq,
1848 " sl "
1849 "local_address "
1850 "remote_address "
1851 "st tx_queue rx_queue tr tm->when retrnsmt"
1852 " uid timeout inode\n");
1853 goto out;
1854 }
1855 st = seq->private;
1856
1857 switch (st->state) {
1858 case TCP_SEQ_STATE_LISTENING:
1859 case TCP_SEQ_STATE_ESTABLISHED:
1860 get_tcp6_sock(seq, v, st->num);
1861 break;
1862 case TCP_SEQ_STATE_OPENREQ:
1863 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
1864 break;
1865 case TCP_SEQ_STATE_TIME_WAIT:
1866 get_timewait6_sock(seq, v, st->num);
1867 break;
1868 }
1869out:
1870 return 0;
1871}
1872
73cb88ec
AV		 1873static const struct file_operations tcp6_afinfo_seq_fops = {
1874 .owner = THIS_MODULE,
1875 .open = tcp_seq_open,
1876 .read = seq_read,
1877 .llseek = seq_lseek,
1878 .release = seq_release_net
1879};
1880
1da177e4 1881static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1da177e4
LT		 1882 .name = "tcp6",
1883 .family = AF_INET6,
73cb88ec 1884 .seq_fops = &tcp6_afinfo_seq_fops,
9427c4b3
DL		 1885 .seq_ops = {
1886 .show = tcp6_seq_show,
1887 },
1da177e4
LT		 1888};
1889
2c8c1e72 1890int __net_init tcp6_proc_init(struct net *net)
1da177e4 1891{
6f8b13bc 1892 return tcp_proc_register(net, &tcp6_seq_afinfo);
1da177e4
LT		 1893}
1894
6f8b13bc 1895void tcp6_proc_exit(struct net *net)
1da177e4 1896{
6f8b13bc 1897 tcp_proc_unregister(net, &tcp6_seq_afinfo);
1da177e4
LT		 1898}
1899#endif
1900
f77d6021
ED		 1901static void tcp_v6_clear_sk(struct sock *sk, int size)
1902{
1903 struct inet_sock *inet = inet_sk(sk);
1904
1905 /* we do not want to clear pinet6 field, because of RCU lookups */
1906 sk_prot_clear_nulls(sk, offsetof(struct inet_sock, pinet6));
1907
1908 size -= offsetof(struct inet_sock, pinet6) + sizeof(inet->pinet6);
1909 memset(&inet->pinet6 + 1, 0, size);
1910}
1911
1da177e4
LT		 1912struct proto tcpv6_prot = {
1913 .name = "TCPv6",
1914 .owner = THIS_MODULE,
1915 .close = tcp_close,
1916 .connect = tcp_v6_connect,
1917 .disconnect = tcp_disconnect,
463c84b9 1918 .accept = inet_csk_accept,
1da177e4
LT		 1919 .ioctl = tcp_ioctl,
1920 .init = tcp_v6_init_sock,
1921 .destroy = tcp_v6_destroy_sock,
1922 .shutdown = tcp_shutdown,
1923 .setsockopt = tcp_setsockopt,
1924 .getsockopt = tcp_getsockopt,
1da177e4 1925 .recvmsg = tcp_recvmsg,
7ba42910
CG		 1926 .sendmsg = tcp_sendmsg,
1927 .sendpage = tcp_sendpage,
1da177e4 1928 .backlog_rcv = tcp_v6_do_rcv,
46d3ceab 1929 .release_cb = tcp_release_cb,
1da177e4 1930 .hash = tcp_v6_hash,
ab1e0a13
ACM		 1931 .unhash = inet_unhash,
1932 .get_port = inet_csk_get_port,
1da177e4
LT		 1933 .enter_memory_pressure = tcp_enter_memory_pressure,
1934 .sockets_allocated = &tcp_sockets_allocated,
1935 .memory_allocated = &tcp_memory_allocated,
1936 .memory_pressure = &tcp_memory_pressure,
0a5578cf 1937 .orphan_count = &tcp_orphan_count,
1da177e4
LT		 1938 .sysctl_wmem = sysctl_tcp_wmem,
1939 .sysctl_rmem = sysctl_tcp_rmem,
1940 .max_header = MAX_TCP_HEADER,
1941 .obj_size = sizeof(struct tcp6_sock),
3ab5aee7 1942 .slab_flags = SLAB_DESTROY_BY_RCU,
6d6ee43e 1943 .twsk_prot = &tcp6_timewait_sock_ops,
60236fdd 1944 .rsk_prot = &tcp6_request_sock_ops,
39d8cda7 1945 .h.hashinfo = &tcp_hashinfo,
7ba42910 1946 .no_autobind = true,
543d9cfe
ACM		 1947#ifdef CONFIG_COMPAT
1948 .compat_setsockopt = compat_tcp_setsockopt,
1949 .compat_getsockopt = compat_tcp_getsockopt,
1950#endif
c255a458 1951#ifdef CONFIG_MEMCG_KMEM
d1a4c0b3
GC		 1952 .proto_cgroup = tcp_proto_cgroup,
1953#endif
f77d6021 1954 .clear_sk = tcp_v6_clear_sk,
1da177e4
LT		 1955};
1956
41135cc8 1957static const struct inet6_protocol tcpv6_protocol = {
c7109986 1958 .early_demux = tcp_v6_early_demux,
1da177e4
LT		 1959 .handler = tcp_v6_rcv,
1960 .err_handler = tcp_v6_err,
1961 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1962};
1963
1da177e4
LT		 1964static struct inet_protosw tcpv6_protosw = {
1965 .type = SOCK_STREAM,
1966 .protocol = IPPROTO_TCP,
1967 .prot = &tcpv6_prot,
1968 .ops = &inet6_stream_ops,
1da177e4 1969 .no_check = 0,
d83d8461
ACM		 1970 .flags = INET_PROTOSW_PERMANENT |
1971 INET_PROTOSW_ICSK,
1da177e4
LT		 1972};
1973
2c8c1e72 1974static int __net_init tcpv6_net_init(struct net *net)
93ec926b 1975{
5677242f
DL		 1976 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
1977 SOCK_RAW, IPPROTO_TCP, net);
93ec926b
DL		 1978}
1979
2c8c1e72 1980static void __net_exit tcpv6_net_exit(struct net *net)
93ec926b 1981{
5677242f 1982 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
b099ce26
EB		 1983}
1984
2c8c1e72 1985static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
b099ce26
EB		 1986{
1987 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
93ec926b
DL		 1988}
1989
1990static struct pernet_operations tcpv6_net_ops = {
b099ce26
EB		 1991 .init = tcpv6_net_init,
1992 .exit = tcpv6_net_exit,
1993 .exit_batch = tcpv6_net_exit_batch,
93ec926b
DL		 1994};
1995
7f4e4868 1996int __init tcpv6_init(void)
1da177e4 1997{
7f4e4868
DL		 1998 int ret;
1999
3336288a
VY		 2000 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2001 if (ret)
c6b641a4 2002 goto out;
3336288a 2003
1da177e4 2004 /* register inet6 protocol */
7f4e4868
DL		 2005 ret = inet6_register_protosw(&tcpv6_protosw);
2006 if (ret)
2007 goto out_tcpv6_protocol;
2008
93ec926b 2009 ret = register_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2010 if (ret)
2011 goto out_tcpv6_protosw;
2012out:
2013 return ret;
ae0f7d5f 2014
7f4e4868
DL		 2015out_tcpv6_protosw:
2016 inet6_unregister_protosw(&tcpv6_protosw);
3336288a
VY		 2017out_tcpv6_protocol:
2018 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
7f4e4868
DL		 2019 goto out;
2020}
2021
09f7709f 2022void tcpv6_exit(void)
7f4e4868 2023{
93ec926b 2024 unregister_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2025 inet6_unregister_protosw(&tcpv6_protosw);
2026 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
1da177e4 2027}
kernel source for telekom puls (alcatel/mediatek)