projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/davej/cpufreq
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / dccp / ipv6.c
1 /*
2 * DCCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Based on net/dccp6/ipv6.c
6 *
7 * Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 #include <linux/module.h>
16 #include <linux/random.h>
17 #include <linux/xfrm.h>
18
19 #include <net/addrconf.h>
20 #include <net/inet_common.h>
21 #include <net/inet_hashtables.h>
22 #include <net/inet_sock.h>
23 #include <net/inet6_connection_sock.h>
24 #include <net/inet6_hashtables.h>
25 #include <net/ip6_route.h>
26 #include <net/ipv6.h>
27 #include <net/protocol.h>
28 #include <net/transp_v6.h>
29 #include <net/ip6_checksum.h>
30 #include <net/xfrm.h>
31
32 #include "dccp.h"
33 #include "ipv6.h"
34 #include "feat.h"
35
36 /* The per-net dccp.v6_ctl_sk is used for sending RSTs and ACKs */
37
38 static struct inet_connection_sock_af_ops dccp_ipv6_mapped;
39 static struct inet_connection_sock_af_ops dccp_ipv6_af_ops;
40
41 static void dccp_v6_hash(struct sock *sk)
42 {
43 if (sk->sk_state != DCCP_CLOSED) {
44 if (inet_csk(sk)->icsk_af_ops == &dccp_ipv6_mapped) {
45 inet_hash(sk);
46 return;
47 }
48 local_bh_disable();
49 __inet6_hash(sk);
50 local_bh_enable();
51 }
52 }
53
54 /* add pseudo-header to DCCP checksum stored in skb->csum */
55 static inline __sum16 dccp_v6_csum_finish(struct sk_buff *skb,
56 struct in6_addr *saddr,
57 struct in6_addr *daddr)
58 {
59 return csum_ipv6_magic(saddr, daddr, skb->len, IPPROTO_DCCP, skb->csum);
60 }
61
62 static inline void dccp_v6_send_check(struct sock *sk, int unused_value,
63 struct sk_buff *skb)
64 {
65 struct ipv6_pinfo *np = inet6_sk(sk);
66 struct dccp_hdr *dh = dccp_hdr(skb);
67
68 dccp_csum_outgoing(skb);
69 dh->dccph_checksum = dccp_v6_csum_finish(skb, &np->saddr, &np->daddr);
70 }
71
72 static inline __u32 secure_dccpv6_sequence_number(__be32 *saddr, __be32 *daddr,
73 __be16 sport, __be16 dport )
74 {
75 return secure_tcpv6_sequence_number(saddr, daddr, sport, dport);
76 }
77
78 static inline __u32 dccp_v6_init_sequence(struct sk_buff *skb)
79 {
80 return secure_dccpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
81 ipv6_hdr(skb)->saddr.s6_addr32,
82 dccp_hdr(skb)->dccph_dport,
83 dccp_hdr(skb)->dccph_sport );
84
85 }
86
87 static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
88 int type, int code, int offset, __be32 info)
89 {
90 struct ipv6hdr *hdr = (struct ipv6hdr *)skb->data;
91 const struct dccp_hdr *dh = (struct dccp_hdr *)(skb->data + offset);
92 struct ipv6_pinfo *np;
93 struct sock *sk;
94 int err;
95 __u64 seq;
96 struct net *net = dev_net(skb->dev);
97
98 sk = inet6_lookup(net, &dccp_hashinfo,
99 &hdr->daddr, dh->dccph_dport,
100 &hdr->saddr, dh->dccph_sport, inet6_iif(skb));
101
102 if (sk == NULL) {
103 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
104 return;
105 }
106
107 if (sk->sk_state == DCCP_TIME_WAIT) {
108 inet_twsk_put(inet_twsk(sk));
109 return;
110 }
111
112 bh_lock_sock(sk);
113 if (sock_owned_by_user(sk))
114 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
115
116 if (sk->sk_state == DCCP_CLOSED)
117 goto out;
118
119 np = inet6_sk(sk);
120
121 if (type == ICMPV6_PKT_TOOBIG) {
122 struct dst_entry *dst = NULL;
123
124 if (sock_owned_by_user(sk))
125 goto out;
126 if ((1 << sk->sk_state) & (DCCPF_LISTEN | DCCPF_CLOSED))
127 goto out;
128
129 /* icmp should have updated the destination cache entry */
130 dst = __sk_dst_check(sk, np->dst_cookie);
131 if (dst == NULL) {
132 struct inet_sock *inet = inet_sk(sk);
133 struct flowi fl;
134
135 /* BUGGG_FUTURE: Again, it is not clear how
136 to handle rthdr case. Ignore this complexity
137 for now.
138 */
139 memset(&fl, 0, sizeof(fl));
140 fl.proto = IPPROTO_DCCP;
141 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
142 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
143 fl.oif = sk->sk_bound_dev_if;
144 fl.fl_ip_dport = inet->dport;
145 fl.fl_ip_sport = inet->sport;
146 security_sk_classify_flow(sk, &fl);
147
148 err = ip6_dst_lookup(sk, &dst, &fl);
149 if (err) {
150 sk->sk_err_soft = -err;
151 goto out;
152 }
153
154 err = xfrm_lookup(&dst, &fl, sk, 0);
155 if (err < 0) {
156 sk->sk_err_soft = -err;
157 goto out;
158 }
159 } else
160 dst_hold(dst);
161
162 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
163 dccp_sync_mss(sk, dst_mtu(dst));
164 } /* else let the usual retransmit timer handle it */
165 dst_release(dst);
166 goto out;
167 }
168
169 icmpv6_err_convert(type, code, &err);
170
171 seq = dccp_hdr_seq(dh);
172 /* Might be for an request_sock */
173 switch (sk->sk_state) {
174 struct request_sock *req, **prev;
175 case DCCP_LISTEN:
176 if (sock_owned_by_user(sk))
177 goto out;
178
179 req = inet6_csk_search_req(sk, &prev, dh->dccph_dport,
180 &hdr->daddr, &hdr->saddr,
181 inet6_iif(skb));
182 if (req == NULL)
183 goto out;
184
185 /*
186 * ICMPs are not backlogged, hence we cannot get an established
187 * socket here.
188 */
189 BUG_TRAP(req->sk == NULL);
190
191 if (seq != dccp_rsk(req)->dreq_iss) {
192 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
193 goto out;
194 }
195
196 inet_csk_reqsk_queue_drop(sk, req, prev);
197 goto out;
198
199 case DCCP_REQUESTING:
200 case DCCP_RESPOND: /* Cannot happen.
201 It can, it SYNs are crossed. --ANK */
202 if (!sock_owned_by_user(sk)) {
203 DCCP_INC_STATS_BH(DCCP_MIB_ATTEMPTFAILS);
204 sk->sk_err = err;
205 /*
206 * Wake people up to see the error
207 * (see connect in sock.c)
208 */
209 sk->sk_error_report(sk);
210 dccp_done(sk);
211 } else
212 sk->sk_err_soft = err;
213 goto out;
214 }
215
216 if (!sock_owned_by_user(sk) && np->recverr) {
217 sk->sk_err = err;
218 sk->sk_error_report(sk);
219 } else
220 sk->sk_err_soft = err;
221
222 out:
223 bh_unlock_sock(sk);
224 sock_put(sk);
225 }
226
227
228 static int dccp_v6_send_response(struct sock *sk, struct request_sock *req)
229 {
230 struct inet6_request_sock *ireq6 = inet6_rsk(req);
231 struct ipv6_pinfo *np = inet6_sk(sk);
232 struct sk_buff *skb;
233 struct ipv6_txoptions *opt = NULL;
234 struct in6_addr *final_p = NULL, final;
235 struct flowi fl;
236 int err = -1;
237 struct dst_entry *dst;
238
239 memset(&fl, 0, sizeof(fl));
240 fl.proto = IPPROTO_DCCP;
241 ipv6_addr_copy(&fl.fl6_dst, &ireq6->rmt_addr);
242 ipv6_addr_copy(&fl.fl6_src, &ireq6->loc_addr);
243 fl.fl6_flowlabel = 0;
244 fl.oif = ireq6->iif;
245 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
246 fl.fl_ip_sport = inet_sk(sk)->sport;
247 security_req_classify_flow(req, &fl);
248
249 opt = np->opt;
250
251 if (opt != NULL && opt->srcrt != NULL) {
252 const struct rt0_hdr *rt0 = (struct rt0_hdr *)opt->srcrt;
253
254 ipv6_addr_copy(&final, &fl.fl6_dst);
255 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
256 final_p = &final;
257 }
258
259 err = ip6_dst_lookup(sk, &dst, &fl);
260 if (err)
261 goto done;
262
263 if (final_p)
264 ipv6_addr_copy(&fl.fl6_dst, final_p);
265
266 err = xfrm_lookup(&dst, &fl, sk, 0);
267 if (err < 0)
268 goto done;
269
270 skb = dccp_make_response(sk, dst, req);
271 if (skb != NULL) {
272 struct dccp_hdr *dh = dccp_hdr(skb);
273
274 dh->dccph_checksum = dccp_v6_csum_finish(skb,
275 &ireq6->loc_addr,
276 &ireq6->rmt_addr);
277 ipv6_addr_copy(&fl.fl6_dst, &ireq6->rmt_addr);
278 err = ip6_xmit(sk, skb, &fl, opt, 0);
279 err = net_xmit_eval(err);
280 }
281
282 done:
283 if (opt != NULL && opt != np->opt)
284 sock_kfree_s(sk, opt, opt->tot_len);
285 dst_release(dst);
286 return err;
287 }
288
289 static void dccp_v6_reqsk_destructor(struct request_sock *req)
290 {
291 if (inet6_rsk(req)->pktopts != NULL)
292 kfree_skb(inet6_rsk(req)->pktopts);
293 }
294
295 static void dccp_v6_ctl_send_reset(struct sock *sk, struct sk_buff *rxskb)
296 {
297 struct ipv6hdr *rxip6h;
298 struct sk_buff *skb;
299 struct flowi fl;
300 struct net *net = dev_net(rxskb->dst->dev);
301 struct sock *ctl_sk = net->dccp.v6_ctl_sk;
302
303 if (dccp_hdr(rxskb)->dccph_type == DCCP_PKT_RESET)
304 return;
305
306 if (!ipv6_unicast_destination(rxskb))
307 return;
308
309 skb = dccp_ctl_make_reset(ctl_sk, rxskb);
310 if (skb == NULL)
311 return;
312
313 rxip6h = ipv6_hdr(rxskb);
314 dccp_hdr(skb)->dccph_checksum = dccp_v6_csum_finish(skb, &rxip6h->saddr,
315 &rxip6h->daddr);
316
317 memset(&fl, 0, sizeof(fl));
318 ipv6_addr_copy(&fl.fl6_dst, &rxip6h->saddr);
319 ipv6_addr_copy(&fl.fl6_src, &rxip6h->daddr);
320
321 fl.proto = IPPROTO_DCCP;
322 fl.oif = inet6_iif(rxskb);
323 fl.fl_ip_dport = dccp_hdr(skb)->dccph_dport;
324 fl.fl_ip_sport = dccp_hdr(skb)->dccph_sport;
325 security_skb_classify_flow(rxskb, &fl);
326
327 /* sk = NULL, but it is safe for now. RST socket required. */
328 if (!ip6_dst_lookup(ctl_sk, &skb->dst, &fl)) {
329 if (xfrm_lookup(&skb->dst, &fl, NULL, 0) >= 0) {
330 ip6_xmit(ctl_sk, skb, &fl, NULL, 0);
331 DCCP_INC_STATS_BH(DCCP_MIB_OUTSEGS);
332 DCCP_INC_STATS_BH(DCCP_MIB_OUTRSTS);
333 return;
334 }
335 }
336
337 kfree_skb(skb);
338 }
339
340 static struct request_sock_ops dccp6_request_sock_ops = {
341 .family = AF_INET6,
342 .obj_size = sizeof(struct dccp6_request_sock),
343 .rtx_syn_ack = dccp_v6_send_response,
344 .send_ack = dccp_reqsk_send_ack,
345 .destructor = dccp_v6_reqsk_destructor,
346 .send_reset = dccp_v6_ctl_send_reset,
347 };
348
349 static struct sock *dccp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
350 {
351 const struct dccp_hdr *dh = dccp_hdr(skb);
352 const struct ipv6hdr *iph = ipv6_hdr(skb);
353 struct sock *nsk;
354 struct request_sock **prev;
355 /* Find possible connection requests. */
356 struct request_sock *req = inet6_csk_search_req(sk, &prev,
357 dh->dccph_sport,
358 &iph->saddr,
359 &iph->daddr,
360 inet6_iif(skb));
361 if (req != NULL)
362 return dccp_check_req(sk, skb, req, prev);
363
364 nsk = __inet6_lookup_established(sock_net(sk), &dccp_hashinfo,
365 &iph->saddr, dh->dccph_sport,
366 &iph->daddr, ntohs(dh->dccph_dport),
367 inet6_iif(skb));
368 if (nsk != NULL) {
369 if (nsk->sk_state != DCCP_TIME_WAIT) {
370 bh_lock_sock(nsk);
371 return nsk;
372 }
373 inet_twsk_put(inet_twsk(nsk));
374 return NULL;
375 }
376
377 return sk;
378 }
379
380 static int dccp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
381 {
382 struct request_sock *req;
383 struct dccp_request_sock *dreq;
384 struct inet6_request_sock *ireq6;
385 struct ipv6_pinfo *np = inet6_sk(sk);
386 const __be32 service = dccp_hdr_request(skb)->dccph_req_service;
387 struct dccp_skb_cb *dcb = DCCP_SKB_CB(skb);
388
389 if (skb->protocol == htons(ETH_P_IP))
390 return dccp_v4_conn_request(sk, skb);
391
392 if (!ipv6_unicast_destination(skb))
393 return 0; /* discard, don't send a reset here */
394
395 if (dccp_bad_service_code(sk, service)) {
396 dcb->dccpd_reset_code = DCCP_RESET_CODE_BAD_SERVICE_CODE;
397 goto drop;
398 }
399 /*
400 * There are no SYN attacks on IPv6, yet...
401 */
402 dcb->dccpd_reset_code = DCCP_RESET_CODE_TOO_BUSY;
403 if (inet_csk_reqsk_queue_is_full(sk))
404 goto drop;
405
406 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
407 goto drop;
408
409 req = inet6_reqsk_alloc(&dccp6_request_sock_ops);
410 if (req == NULL)
411 goto drop;
412
413 dccp_reqsk_init(req, skb);
414
415 dreq = dccp_rsk(req);
416 if (dccp_parse_options(sk, dreq, skb))
417 goto drop_and_free;
418
419 if (security_inet_conn_request(sk, skb, req))
420 goto drop_and_free;
421
422 ireq6 = inet6_rsk(req);
423 ipv6_addr_copy(&ireq6->rmt_addr, &ipv6_hdr(skb)->saddr);
424 ipv6_addr_copy(&ireq6->loc_addr, &ipv6_hdr(skb)->daddr);
425
426 if (ipv6_opt_accepted(sk, skb) ||
427 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
428 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
429 atomic_inc(&skb->users);
430 ireq6->pktopts = skb;
431 }
432 ireq6->iif = sk->sk_bound_dev_if;
433
434 /* So that link locals have meaning */
435 if (!sk->sk_bound_dev_if &&
436 ipv6_addr_type(&ireq6->rmt_addr) & IPV6_ADDR_LINKLOCAL)
437 ireq6->iif = inet6_iif(skb);
438
439 /*
440 * Step 3: Process LISTEN state
441 *
442 * Set S.ISR, S.GSR, S.SWL, S.SWH from packet or Init Cookie
443 *
444 * In fact we defer setting S.GSR, S.SWL, S.SWH to
445 * dccp_create_openreq_child.
446 */
447 dreq->dreq_isr = dcb->dccpd_seq;
448 dreq->dreq_iss = dccp_v6_init_sequence(skb);
449 dreq->dreq_service = service;
450
451 if (dccp_v6_send_response(sk, req))
452 goto drop_and_free;
453
454 inet6_csk_reqsk_queue_hash_add(sk, req, DCCP_TIMEOUT_INIT);
455 return 0;
456
457 drop_and_free:
458 reqsk_free(req);
459 drop:
460 DCCP_INC_STATS_BH(DCCP_MIB_ATTEMPTFAILS);
461 return -1;
462 }
463
464 static struct sock *dccp_v6_request_recv_sock(struct sock *sk,
465 struct sk_buff *skb,
466 struct request_sock *req,
467 struct dst_entry *dst)
468 {
469 struct inet6_request_sock *ireq6 = inet6_rsk(req);
470 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
471 struct inet_sock *newinet;
472 struct dccp_sock *newdp;
473 struct dccp6_sock *newdp6;
474 struct sock *newsk;
475 struct ipv6_txoptions *opt;
476
477 if (skb->protocol == htons(ETH_P_IP)) {
478 /*
479 * v6 mapped
480 */
481 newsk = dccp_v4_request_recv_sock(sk, skb, req, dst);
482 if (newsk == NULL)
483 return NULL;
484
485 newdp6 = (struct dccp6_sock *)newsk;
486 newdp = dccp_sk(newsk);
487 newinet = inet_sk(newsk);
488 newinet->pinet6 = &newdp6->inet6;
489 newnp = inet6_sk(newsk);
490
491 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
492
493 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
494 newinet->daddr);
495
496 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
497 newinet->saddr);
498
499 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
500
501 inet_csk(newsk)->icsk_af_ops = &dccp_ipv6_mapped;
502 newsk->sk_backlog_rcv = dccp_v4_do_rcv;
503 newnp->pktoptions = NULL;
504 newnp->opt = NULL;
505 newnp->mcast_oif = inet6_iif(skb);
506 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
507
508 /*
509 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
510 * here, dccp_create_openreq_child now does this for us, see the comment in
511 * that function for the gory details. -acme
512 */
513
514 /* It is tricky place. Until this moment IPv4 tcp
515 worked with IPv6 icsk.icsk_af_ops.
516 Sync it now.
517 */
518 dccp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
519
520 return newsk;
521 }
522
523 opt = np->opt;
524
525 if (sk_acceptq_is_full(sk))
526 goto out_overflow;
527
528 if (dst == NULL) {
529 struct in6_addr *final_p = NULL, final;
530 struct flowi fl;
531
532 memset(&fl, 0, sizeof(fl));
533 fl.proto = IPPROTO_DCCP;
534 ipv6_addr_copy(&fl.fl6_dst, &ireq6->rmt_addr);
535 if (opt != NULL && opt->srcrt != NULL) {
536 const struct rt0_hdr *rt0 = (struct rt0_hdr *)opt->srcrt;
537
538 ipv6_addr_copy(&final, &fl.fl6_dst);
539 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
540 final_p = &final;
541 }
542 ipv6_addr_copy(&fl.fl6_src, &ireq6->loc_addr);
543 fl.oif = sk->sk_bound_dev_if;
544 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
545 fl.fl_ip_sport = inet_sk(sk)->sport;
546 security_sk_classify_flow(sk, &fl);
547
548 if (ip6_dst_lookup(sk, &dst, &fl))
549 goto out;
550
551 if (final_p)
552 ipv6_addr_copy(&fl.fl6_dst, final_p);
553
554 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
555 goto out;
556 }
557
558 newsk = dccp_create_openreq_child(sk, req, skb);
559 if (newsk == NULL)
560 goto out;
561
562 /*
563 * No need to charge this sock to the relevant IPv6 refcnt debug socks
564 * count here, dccp_create_openreq_child now does this for us, see the
565 * comment in that function for the gory details. -acme
566 */
567
568 __ip6_dst_store(newsk, dst, NULL, NULL);
569 newsk->sk_route_caps = dst->dev->features & ~(NETIF_F_IP_CSUM |
570 NETIF_F_TSO);
571 newdp6 = (struct dccp6_sock *)newsk;
572 newinet = inet_sk(newsk);
573 newinet->pinet6 = &newdp6->inet6;
574 newdp = dccp_sk(newsk);
575 newnp = inet6_sk(newsk);
576
577 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
578
579 ipv6_addr_copy(&newnp->daddr, &ireq6->rmt_addr);
580 ipv6_addr_copy(&newnp->saddr, &ireq6->loc_addr);
581 ipv6_addr_copy(&newnp->rcv_saddr, &ireq6->loc_addr);
582 newsk->sk_bound_dev_if = ireq6->iif;
583
584 /* Now IPv6 options...
585
586 First: no IPv4 options.
587 */
588 newinet->opt = NULL;
589
590 /* Clone RX bits */
591 newnp->rxopt.all = np->rxopt.all;
592
593 /* Clone pktoptions received with SYN */
594 newnp->pktoptions = NULL;
595 if (ireq6->pktopts != NULL) {
596 newnp->pktoptions = skb_clone(ireq6->pktopts, GFP_ATOMIC);
597 kfree_skb(ireq6->pktopts);
598 ireq6->pktopts = NULL;
599 if (newnp->pktoptions)
600 skb_set_owner_r(newnp->pktoptions, newsk);
601 }
602 newnp->opt = NULL;
603 newnp->mcast_oif = inet6_iif(skb);
604 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
605
606 /*
607 * Clone native IPv6 options from listening socket (if any)
608 *
609 * Yes, keeping reference count would be much more clever, but we make
610 * one more one thing there: reattach optmem to newsk.
611 */
612 if (opt != NULL) {
613 newnp->opt = ipv6_dup_options(newsk, opt);
614 if (opt != np->opt)
615 sock_kfree_s(sk, opt, opt->tot_len);
616 }
617
618 inet_csk(newsk)->icsk_ext_hdr_len = 0;
619 if (newnp->opt != NULL)
620 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
621 newnp->opt->opt_flen);
622
623 dccp_sync_mss(newsk, dst_mtu(dst));
624
625 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
626
627 __inet6_hash(newsk);
628 __inet_inherit_port(sk, newsk);
629
630 return newsk;
631
632 out_overflow:
633 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
634 out:
635 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
636 if (opt != NULL && opt != np->opt)
637 sock_kfree_s(sk, opt, opt->tot_len);
638 dst_release(dst);
639 return NULL;
640 }
641
642 /* The socket must have it's spinlock held when we get
643 * here.
644 *
645 * We have a potential double-lock case here, so even when
646 * doing backlog processing we use the BH locking scheme.
647 * This is because we cannot sleep with the original spinlock
648 * held.
649 */
650 static int dccp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
651 {
652 struct ipv6_pinfo *np = inet6_sk(sk);
653 struct sk_buff *opt_skb = NULL;
654
655 /* Imagine: socket is IPv6. IPv4 packet arrives,
656 goes to IPv4 receive handler and backlogged.
657 From backlog it always goes here. Kerboom...
658 Fortunately, dccp_rcv_established and rcv_established
659 handle them correctly, but it is not case with
660 dccp_v6_hnd_req and dccp_v6_ctl_send_reset(). --ANK
661 */
662
663 if (skb->protocol == htons(ETH_P_IP))
664 return dccp_v4_do_rcv(sk, skb);
665
666 if (sk_filter(sk, skb))
667 goto discard;
668
669 /*
670 * socket locking is here for SMP purposes as backlog rcv is currently
671 * called with bh processing disabled.
672 */
673
674 /* Do Stevens' IPV6_PKTOPTIONS.
675
676 Yes, guys, it is the only place in our code, where we
677 may make it not affecting IPv4.
678 The rest of code is protocol independent,
679 and I do not like idea to uglify IPv4.
680
681 Actually, all the idea behind IPV6_PKTOPTIONS
682 looks not very well thought. For now we latch
683 options, received in the last packet, enqueued
684 by tcp. Feel free to propose better solution.
685 --ANK (980728)
686 */
687 if (np->rxopt.all)
688 /*
689 * FIXME: Add handling of IPV6_PKTOPTIONS skb. See the comments below
690 * (wrt ipv6_pktopions) and net/ipv6/tcp_ipv6.c for an example.
691 */
692 opt_skb = skb_clone(skb, GFP_ATOMIC);
693
694 if (sk->sk_state == DCCP_OPEN) { /* Fast path */
695 if (dccp_rcv_established(sk, skb, dccp_hdr(skb), skb->len))
696 goto reset;
697 if (opt_skb) {
698 /* XXX This is where we would goto ipv6_pktoptions. */
699 __kfree_skb(opt_skb);
700 }
701 return 0;
702 }
703
704 /*
705 * Step 3: Process LISTEN state
706 * If S.state == LISTEN,
707 * If P.type == Request or P contains a valid Init Cookie option,
708 * (* Must scan the packet's options to check for Init
709 * Cookies. Only Init Cookies are processed here,
710 * however; other options are processed in Step 8. This
711 * scan need only be performed if the endpoint uses Init
712 * Cookies *)
713 * (* Generate a new socket and switch to that socket *)
714 * Set S := new socket for this port pair
715 * S.state = RESPOND
716 * Choose S.ISS (initial seqno) or set from Init Cookies
717 * Initialize S.GAR := S.ISS
718 * Set S.ISR, S.GSR, S.SWL, S.SWH from packet or Init Cookies
719 * Continue with S.state == RESPOND
720 * (* A Response packet will be generated in Step 11 *)
721 * Otherwise,
722 * Generate Reset(No Connection) unless P.type == Reset
723 * Drop packet and return
724 *
725 * NOTE: the check for the packet types is done in
726 * dccp_rcv_state_process
727 */
728 if (sk->sk_state == DCCP_LISTEN) {
729 struct sock *nsk = dccp_v6_hnd_req(sk, skb);
730
731 if (nsk == NULL)
732 goto discard;
733 /*
734 * Queue it on the new socket if the new socket is active,
735 * otherwise we just shortcircuit this and continue with
736 * the new socket..
737 */
738 if (nsk != sk) {
739 if (dccp_child_process(sk, nsk, skb))
740 goto reset;
741 if (opt_skb != NULL)
742 __kfree_skb(opt_skb);
743 return 0;
744 }
745 }
746
747 if (dccp_rcv_state_process(sk, skb, dccp_hdr(skb), skb->len))
748 goto reset;
749 if (opt_skb) {
750 /* XXX This is where we would goto ipv6_pktoptions. */
751 __kfree_skb(opt_skb);
752 }
753 return 0;
754
755 reset:
756 dccp_v6_ctl_send_reset(sk, skb);
757 discard:
758 if (opt_skb != NULL)
759 __kfree_skb(opt_skb);
760 kfree_skb(skb);
761 return 0;
762 }
763
764 static int dccp_v6_rcv(struct sk_buff *skb)
765 {
766 const struct dccp_hdr *dh;
767 struct sock *sk;
768 int min_cov;
769
770 /* Step 1: Check header basics */
771
772 if (dccp_invalid_packet(skb))
773 goto discard_it;
774
775 /* Step 1: If header checksum is incorrect, drop packet and return. */
776 if (dccp_v6_csum_finish(skb, &ipv6_hdr(skb)->saddr,
777 &ipv6_hdr(skb)->daddr)) {
778 DCCP_WARN("dropped packet with invalid checksum\n");
779 goto discard_it;
780 }
781
782 dh = dccp_hdr(skb);
783
784 DCCP_SKB_CB(skb)->dccpd_seq = dccp_hdr_seq(dh);
785 DCCP_SKB_CB(skb)->dccpd_type = dh->dccph_type;
786
787 if (dccp_packet_without_ack(skb))
788 DCCP_SKB_CB(skb)->dccpd_ack_seq = DCCP_PKT_WITHOUT_ACK_SEQ;
789 else
790 DCCP_SKB_CB(skb)->dccpd_ack_seq = dccp_hdr_ack_seq(skb);
791
792 /* Step 2:
793 * Look up flow ID in table and get corresponding socket */
794 sk = __inet6_lookup(dev_net(skb->dst->dev), &dccp_hashinfo,
795 &ipv6_hdr(skb)->saddr, dh->dccph_sport,
796 &ipv6_hdr(skb)->daddr, ntohs(dh->dccph_dport),
797 inet6_iif(skb));
798 /*
799 * Step 2:
800 * If no socket ...
801 */
802 if (sk == NULL) {
803 dccp_pr_debug("failed to look up flow ID in table and "
804 "get corresponding socket\n");
805 goto no_dccp_socket;
806 }
807
808 /*
809 * Step 2:
810 * ... or S.state == TIMEWAIT,
811 * Generate Reset(No Connection) unless P.type == Reset
812 * Drop packet and return
813 */
814 if (sk->sk_state == DCCP_TIME_WAIT) {
815 dccp_pr_debug("sk->sk_state == DCCP_TIME_WAIT: do_time_wait\n");
816 inet_twsk_put(inet_twsk(sk));
817 goto no_dccp_socket;
818 }
819
820 /*
821 * RFC 4340, sec. 9.2.1: Minimum Checksum Coverage
822 * o if MinCsCov = 0, only packets with CsCov = 0 are accepted
823 * o if MinCsCov > 0, also accept packets with CsCov >= MinCsCov
824 */
825 min_cov = dccp_sk(sk)->dccps_pcrlen;
826 if (dh->dccph_cscov && (min_cov == 0 || dh->dccph_cscov < min_cov)) {
827 dccp_pr_debug("Packet CsCov %d does not satisfy MinCsCov %d\n",
828 dh->dccph_cscov, min_cov);
829 /* FIXME: send Data Dropped option (see also dccp_v4_rcv) */
830 goto discard_and_relse;
831 }
832
833 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
834 goto discard_and_relse;
835
836 return sk_receive_skb(sk, skb, 1) ? -1 : 0;
837
838 no_dccp_socket:
839 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
840 goto discard_it;
841 /*
842 * Step 2:
843 * If no socket ...
844 * Generate Reset(No Connection) unless P.type == Reset
845 * Drop packet and return
846 */
847 if (dh->dccph_type != DCCP_PKT_RESET) {
848 DCCP_SKB_CB(skb)->dccpd_reset_code =
849 DCCP_RESET_CODE_NO_CONNECTION;
850 dccp_v6_ctl_send_reset(sk, skb);
851 }
852
853 discard_it:
854 kfree_skb(skb);
855 return 0;
856
857 discard_and_relse:
858 sock_put(sk);
859 goto discard_it;
860 }
861
862 static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
863 int addr_len)
864 {
865 struct sockaddr_in6 *usin = (struct sockaddr_in6 *)uaddr;
866 struct inet_connection_sock *icsk = inet_csk(sk);
867 struct inet_sock *inet = inet_sk(sk);
868 struct ipv6_pinfo *np = inet6_sk(sk);
869 struct dccp_sock *dp = dccp_sk(sk);
870 struct in6_addr *saddr = NULL, *final_p = NULL, final;
871 struct flowi fl;
872 struct dst_entry *dst;
873 int addr_type;
874 int err;
875
876 dp->dccps_role = DCCP_ROLE_CLIENT;
877
878 if (addr_len < SIN6_LEN_RFC2133)
879 return -EINVAL;
880
881 if (usin->sin6_family != AF_INET6)
882 return -EAFNOSUPPORT;
883
884 memset(&fl, 0, sizeof(fl));
885
886 if (np->sndflow) {
887 fl.fl6_flowlabel = usin->sin6_flowinfo & IPV6_FLOWINFO_MASK;
888 IP6_ECN_flow_init(fl.fl6_flowlabel);
889 if (fl.fl6_flowlabel & IPV6_FLOWLABEL_MASK) {
890 struct ip6_flowlabel *flowlabel;
891 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
892 if (flowlabel == NULL)
893 return -EINVAL;
894 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
895 fl6_sock_release(flowlabel);
896 }
897 }
898 /*
899 * connect() to INADDR_ANY means loopback (BSD'ism).
900 */
901 if (ipv6_addr_any(&usin->sin6_addr))
902 usin->sin6_addr.s6_addr[15] = 1;
903
904 addr_type = ipv6_addr_type(&usin->sin6_addr);
905
906 if (addr_type & IPV6_ADDR_MULTICAST)
907 return -ENETUNREACH;
908
909 if (addr_type & IPV6_ADDR_LINKLOCAL) {
910 if (addr_len >= sizeof(struct sockaddr_in6) &&
911 usin->sin6_scope_id) {
912 /* If interface is set while binding, indices
913 * must coincide.
914 */
915 if (sk->sk_bound_dev_if &&
916 sk->sk_bound_dev_if != usin->sin6_scope_id)
917 return -EINVAL;
918
919 sk->sk_bound_dev_if = usin->sin6_scope_id;
920 }
921
922 /* Connect to link-local address requires an interface */
923 if (!sk->sk_bound_dev_if)
924 return -EINVAL;
925 }
926
927 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
928 np->flow_label = fl.fl6_flowlabel;
929
930 /*
931 * DCCP over IPv4
932 */
933 if (addr_type == IPV6_ADDR_MAPPED) {
934 u32 exthdrlen = icsk->icsk_ext_hdr_len;
935 struct sockaddr_in sin;
936
937 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
938
939 if (__ipv6_only_sock(sk))
940 return -ENETUNREACH;
941
942 sin.sin_family = AF_INET;
943 sin.sin_port = usin->sin6_port;
944 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
945
946 icsk->icsk_af_ops = &dccp_ipv6_mapped;
947 sk->sk_backlog_rcv = dccp_v4_do_rcv;
948
949 err = dccp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
950 if (err) {
951 icsk->icsk_ext_hdr_len = exthdrlen;
952 icsk->icsk_af_ops = &dccp_ipv6_af_ops;
953 sk->sk_backlog_rcv = dccp_v6_do_rcv;
954 goto failure;
955 } else {
956 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
957 inet->saddr);
958 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
959 inet->rcv_saddr);
960 }
961
962 return err;
963 }
964
965 if (!ipv6_addr_any(&np->rcv_saddr))
966 saddr = &np->rcv_saddr;
967
968 fl.proto = IPPROTO_DCCP;
969 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
970 ipv6_addr_copy(&fl.fl6_src, saddr ? saddr : &np->saddr);
971 fl.oif = sk->sk_bound_dev_if;
972 fl.fl_ip_dport = usin->sin6_port;
973 fl.fl_ip_sport = inet->sport;
974 security_sk_classify_flow(sk, &fl);
975
976 if (np->opt != NULL && np->opt->srcrt != NULL) {
977 const struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
978
979 ipv6_addr_copy(&final, &fl.fl6_dst);
980 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
981 final_p = &final;
982 }
983
984 err = ip6_dst_lookup(sk, &dst, &fl);
985 if (err)
986 goto failure;
987
988 if (final_p)
989 ipv6_addr_copy(&fl.fl6_dst, final_p);
990
991 err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT);
992 if (err < 0) {
993 if (err == -EREMOTE)
994 err = ip6_dst_blackhole(sk, &dst, &fl);
995 if (err < 0)
996 goto failure;
997 }
998
999 if (saddr == NULL) {
1000 saddr = &fl.fl6_src;
1001 ipv6_addr_copy(&np->rcv_saddr, saddr);
1002 }
1003
1004 /* set the source address */
1005 ipv6_addr_copy(&np->saddr, saddr);
1006 inet->rcv_saddr = LOOPBACK4_IPV6;
1007
1008 __ip6_dst_store(sk, dst, NULL, NULL);
1009
1010 icsk->icsk_ext_hdr_len = 0;
1011 if (np->opt != NULL)
1012 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
1013 np->opt->opt_nflen);
1014
1015 inet->dport = usin->sin6_port;
1016
1017 dccp_set_state(sk, DCCP_REQUESTING);
1018 err = inet6_hash_connect(&dccp_death_row, sk);
1019 if (err)
1020 goto late_failure;
1021
1022 dp->dccps_iss = secure_dccpv6_sequence_number(np->saddr.s6_addr32,
1023 np->daddr.s6_addr32,
1024 inet->sport, inet->dport);
1025 err = dccp_connect(sk);
1026 if (err)
1027 goto late_failure;
1028
1029 return 0;
1030
1031 late_failure:
1032 dccp_set_state(sk, DCCP_CLOSED);
1033 __sk_dst_reset(sk);
1034 failure:
1035 inet->dport = 0;
1036 sk->sk_route_caps = 0;
1037 return err;
1038 }
1039
1040 static struct inet_connection_sock_af_ops dccp_ipv6_af_ops = {
1041 .queue_xmit = inet6_csk_xmit,
1042 .send_check = dccp_v6_send_check,
1043 .rebuild_header = inet6_sk_rebuild_header,
1044 .conn_request = dccp_v6_conn_request,
1045 .syn_recv_sock = dccp_v6_request_recv_sock,
1046 .net_header_len = sizeof(struct ipv6hdr),
1047 .setsockopt = ipv6_setsockopt,
1048 .getsockopt = ipv6_getsockopt,
1049 .addr2sockaddr = inet6_csk_addr2sockaddr,
1050 .sockaddr_len = sizeof(struct sockaddr_in6),
1051 .bind_conflict = inet6_csk_bind_conflict,
1052 #ifdef CONFIG_COMPAT
1053 .compat_setsockopt = compat_ipv6_setsockopt,
1054 .compat_getsockopt = compat_ipv6_getsockopt,
1055 #endif
1056 };
1057
1058 /*
1059 * DCCP over IPv4 via INET6 API
1060 */
1061 static struct inet_connection_sock_af_ops dccp_ipv6_mapped = {
1062 .queue_xmit = ip_queue_xmit,
1063 .send_check = dccp_v4_send_check,
1064 .rebuild_header = inet_sk_rebuild_header,
1065 .conn_request = dccp_v6_conn_request,
1066 .syn_recv_sock = dccp_v6_request_recv_sock,
1067 .net_header_len = sizeof(struct iphdr),
1068 .setsockopt = ipv6_setsockopt,
1069 .getsockopt = ipv6_getsockopt,
1070 .addr2sockaddr = inet6_csk_addr2sockaddr,
1071 .sockaddr_len = sizeof(struct sockaddr_in6),
1072 #ifdef CONFIG_COMPAT
1073 .compat_setsockopt = compat_ipv6_setsockopt,
1074 .compat_getsockopt = compat_ipv6_getsockopt,
1075 #endif
1076 };
1077
1078 /* NOTE: A lot of things set to zero explicitly by call to
1079 * sk_alloc() so need not be done here.
1080 */
1081 static int dccp_v6_init_sock(struct sock *sk)
1082 {
1083 static __u8 dccp_v6_ctl_sock_initialized;
1084 int err = dccp_init_sock(sk, dccp_v6_ctl_sock_initialized);
1085
1086 if (err == 0) {
1087 if (unlikely(!dccp_v6_ctl_sock_initialized))
1088 dccp_v6_ctl_sock_initialized = 1;
1089 inet_csk(sk)->icsk_af_ops = &dccp_ipv6_af_ops;
1090 }
1091
1092 return err;
1093 }
1094
1095 static void dccp_v6_destroy_sock(struct sock *sk)
1096 {
1097 dccp_destroy_sock(sk);
1098 inet6_destroy_sock(sk);
1099 }
1100
1101 static struct timewait_sock_ops dccp6_timewait_sock_ops = {
1102 .twsk_obj_size = sizeof(struct dccp6_timewait_sock),
1103 };
1104
1105 static struct proto dccp_v6_prot = {
1106 .name = "DCCPv6",
1107 .owner = THIS_MODULE,
1108 .close = dccp_close,
1109 .connect = dccp_v6_connect,
1110 .disconnect = dccp_disconnect,
1111 .ioctl = dccp_ioctl,
1112 .init = dccp_v6_init_sock,
1113 .setsockopt = dccp_setsockopt,
1114 .getsockopt = dccp_getsockopt,
1115 .sendmsg = dccp_sendmsg,
1116 .recvmsg = dccp_recvmsg,
1117 .backlog_rcv = dccp_v6_do_rcv,
1118 .hash = dccp_v6_hash,
1119 .unhash = inet_unhash,
1120 .accept = inet_csk_accept,
1121 .get_port = inet_csk_get_port,
1122 .shutdown = dccp_shutdown,
1123 .destroy = dccp_v6_destroy_sock,
1124 .orphan_count = &dccp_orphan_count,
1125 .max_header = MAX_DCCP_HEADER,
1126 .obj_size = sizeof(struct dccp6_sock),
1127 .rsk_prot = &dccp6_request_sock_ops,
1128 .twsk_prot = &dccp6_timewait_sock_ops,
1129 .h.hashinfo = &dccp_hashinfo,
1130 #ifdef CONFIG_COMPAT
1131 .compat_setsockopt = compat_dccp_setsockopt,
1132 .compat_getsockopt = compat_dccp_getsockopt,
1133 #endif
1134 };
1135
1136 static struct inet6_protocol dccp_v6_protocol = {
1137 .handler = dccp_v6_rcv,
1138 .err_handler = dccp_v6_err,
1139 .flags = INET6_PROTO_NOPOLICY | INET6_PROTO_FINAL,
1140 };
1141
1142 static struct proto_ops inet6_dccp_ops = {
1143 .family = PF_INET6,
1144 .owner = THIS_MODULE,
1145 .release = inet6_release,
1146 .bind = inet6_bind,
1147 .connect = inet_stream_connect,
1148 .socketpair = sock_no_socketpair,
1149 .accept = inet_accept,
1150 .getname = inet6_getname,
1151 .poll = dccp_poll,
1152 .ioctl = inet6_ioctl,
1153 .listen = inet_dccp_listen,
1154 .shutdown = inet_shutdown,
1155 .setsockopt = sock_common_setsockopt,
1156 .getsockopt = sock_common_getsockopt,
1157 .sendmsg = inet_sendmsg,
1158 .recvmsg = sock_common_recvmsg,
1159 .mmap = sock_no_mmap,
1160 .sendpage = sock_no_sendpage,
1161 #ifdef CONFIG_COMPAT
1162 .compat_setsockopt = compat_sock_common_setsockopt,
1163 .compat_getsockopt = compat_sock_common_getsockopt,
1164 #endif
1165 };
1166
1167 static struct inet_protosw dccp_v6_protosw = {
1168 .type = SOCK_DCCP,
1169 .protocol = IPPROTO_DCCP,
1170 .prot = &dccp_v6_prot,
1171 .ops = &inet6_dccp_ops,
1172 .capability = -1,
1173 .flags = INET_PROTOSW_ICSK,
1174 };
1175
1176 static int dccp_v6_init_net(struct net *net)
1177 {
1178 int err;
1179
1180 err = inet_ctl_sock_create(&net->dccp.v6_ctl_sk, PF_INET6,
1181 SOCK_DCCP, IPPROTO_DCCP, net);
1182 return err;
1183 }
1184
1185 static void dccp_v6_exit_net(struct net *net)
1186 {
1187 inet_ctl_sock_destroy(net->dccp.v6_ctl_sk);
1188 }
1189
1190 static struct pernet_operations dccp_v6_ops = {
1191 .init = dccp_v6_init_net,
1192 .exit = dccp_v6_exit_net,
1193 };
1194
1195 static int __init dccp_v6_init(void)
1196 {
1197 int err = proto_register(&dccp_v6_prot, 1);
1198
1199 if (err != 0)
1200 goto out;
1201
1202 err = inet6_add_protocol(&dccp_v6_protocol, IPPROTO_DCCP);
1203 if (err != 0)
1204 goto out_unregister_proto;
1205
1206 inet6_register_protosw(&dccp_v6_protosw);
1207
1208 err = register_pernet_subsys(&dccp_v6_ops);
1209 if (err != 0)
1210 goto out_destroy_ctl_sock;
1211 out:
1212 return err;
1213
1214 out_destroy_ctl_sock:
1215 inet6_del_protocol(&dccp_v6_protocol, IPPROTO_DCCP);
1216 inet6_unregister_protosw(&dccp_v6_protosw);
1217 out_unregister_proto:
1218 proto_unregister(&dccp_v6_prot);
1219 goto out;
1220 }
1221
1222 static void __exit dccp_v6_exit(void)
1223 {
1224 unregister_pernet_subsys(&dccp_v6_ops);
1225 inet6_del_protocol(&dccp_v6_protocol, IPPROTO_DCCP);
1226 inet6_unregister_protosw(&dccp_v6_protosw);
1227 proto_unregister(&dccp_v6_prot);
1228 }
1229
1230 module_init(dccp_v6_init);
1231 module_exit(dccp_v6_exit);
1232
1233 /*
1234 * __stringify doesn't likes enums, so use SOCK_DCCP (6) and IPPROTO_DCCP (33)
1235 * values directly, Also cover the case where the protocol is not specified,
1236 * i.e. net-pf-PF_INET6-proto-0-type-SOCK_DCCP
1237 */
1238 MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET6, 33, 6);
1239 MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET6, 0, 6);
1240 MODULE_LICENSE("GPL");
1241 MODULE_AUTHOR("Arnaldo Carvalho de Melo <acme@mandriva.com>");
1242 MODULE_DESCRIPTION("DCCPv6 - Datagram Congestion Controlled Protocol");
kernel source for telekom puls (alcatel/mediatek)