projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tcp: resets are misrouted
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / ipv6 / tcp_ipv6.c
1 /*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * Based on:
9 * linux/net/ipv4/tcp.c
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
12 *
13 * Fixes:
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
19 *
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
24 */
25
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
34 #include <linux/in.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
42
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
46
47 #include <net/tcp.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
51 #include <net/ipv6.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
58 #include <net/xfrm.h>
59 #include <net/snmp.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/netdma.h>
63 #include <net/inet_common.h>
64 #include <net/secure_seq.h>
65 #include <net/tcp_memcontrol.h>
66
67 #include <asm/uaccess.h>
68
69 #include <linux/proc_fs.h>
70 #include <linux/seq_file.h>
71
72 #include <linux/crypto.h>
73 #include <linux/scatterlist.h>
74
75 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
76 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
77 struct request_sock *req);
78
79 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
80 static void __tcp_v6_send_check(struct sk_buff *skb,
81 const struct in6_addr *saddr,
82 const struct in6_addr *daddr);
83
84 static const struct inet_connection_sock_af_ops ipv6_mapped;
85 static const struct inet_connection_sock_af_ops ipv6_specific;
86 #ifdef CONFIG_TCP_MD5SIG
87 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
88 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
89 #else
90 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
91 const struct in6_addr *addr)
92 {
93 return NULL;
94 }
95 #endif
96
97 static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
98 {
99 struct dst_entry *dst = skb_dst(skb);
100 const struct rt6_info *rt = (const struct rt6_info *)dst;
101
102 dst_hold(dst);
103 sk->sk_rx_dst = dst;
104 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
105 if (rt->rt6i_node)
106 inet6_sk(sk)->rx_dst_cookie = rt->rt6i_node->fn_sernum;
107 }
108
109 static void tcp_v6_hash(struct sock *sk)
110 {
111 if (sk->sk_state != TCP_CLOSE) {
112 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
113 tcp_prot.hash(sk);
114 return;
115 }
116 local_bh_disable();
117 __inet6_hash(sk, NULL);
118 local_bh_enable();
119 }
120 }
121
122 static __inline__ __sum16 tcp_v6_check(int len,
123 const struct in6_addr *saddr,
124 const struct in6_addr *daddr,
125 __wsum base)
126 {
127 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
128 }
129
130 static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
131 {
132 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
133 ipv6_hdr(skb)->saddr.s6_addr32,
134 tcp_hdr(skb)->dest,
135 tcp_hdr(skb)->source);
136 }
137
138 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
139 int addr_len)
140 {
141 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
142 struct inet_sock *inet = inet_sk(sk);
143 struct inet_connection_sock *icsk = inet_csk(sk);
144 struct ipv6_pinfo *np = inet6_sk(sk);
145 struct tcp_sock *tp = tcp_sk(sk);
146 struct in6_addr *saddr = NULL, *final_p, final;
147 struct rt6_info *rt;
148 struct flowi6 fl6;
149 struct dst_entry *dst;
150 int addr_type;
151 int err;
152
153 if (addr_len < SIN6_LEN_RFC2133)
154 return -EINVAL;
155
156 if (usin->sin6_family != AF_INET6)
157 return -EAFNOSUPPORT;
158
159 memset(&fl6, 0, sizeof(fl6));
160
161 if (np->sndflow) {
162 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
163 IP6_ECN_flow_init(fl6.flowlabel);
164 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
165 struct ip6_flowlabel *flowlabel;
166 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
167 if (flowlabel == NULL)
168 return -EINVAL;
169 usin->sin6_addr = flowlabel->dst;
170 fl6_sock_release(flowlabel);
171 }
172 }
173
174 /*
175 * connect() to INADDR_ANY means loopback (BSD'ism).
176 */
177
178 if(ipv6_addr_any(&usin->sin6_addr))
179 usin->sin6_addr.s6_addr[15] = 0x1;
180
181 addr_type = ipv6_addr_type(&usin->sin6_addr);
182
183 if(addr_type & IPV6_ADDR_MULTICAST)
184 return -ENETUNREACH;
185
186 if (addr_type&IPV6_ADDR_LINKLOCAL) {
187 if (addr_len >= sizeof(struct sockaddr_in6) &&
188 usin->sin6_scope_id) {
189 /* If interface is set while binding, indices
190 * must coincide.
191 */
192 if (sk->sk_bound_dev_if &&
193 sk->sk_bound_dev_if != usin->sin6_scope_id)
194 return -EINVAL;
195
196 sk->sk_bound_dev_if = usin->sin6_scope_id;
197 }
198
199 /* Connect to link-local address requires an interface */
200 if (!sk->sk_bound_dev_if)
201 return -EINVAL;
202 }
203
204 if (tp->rx_opt.ts_recent_stamp &&
205 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
206 tp->rx_opt.ts_recent = 0;
207 tp->rx_opt.ts_recent_stamp = 0;
208 tp->write_seq = 0;
209 }
210
211 np->daddr = usin->sin6_addr;
212 np->flow_label = fl6.flowlabel;
213
214 /*
215 * TCP over IPv4
216 */
217
218 if (addr_type == IPV6_ADDR_MAPPED) {
219 u32 exthdrlen = icsk->icsk_ext_hdr_len;
220 struct sockaddr_in sin;
221
222 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
223
224 if (__ipv6_only_sock(sk))
225 return -ENETUNREACH;
226
227 sin.sin_family = AF_INET;
228 sin.sin_port = usin->sin6_port;
229 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
230
231 icsk->icsk_af_ops = &ipv6_mapped;
232 sk->sk_backlog_rcv = tcp_v4_do_rcv;
233 #ifdef CONFIG_TCP_MD5SIG
234 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
235 #endif
236
237 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
238
239 if (err) {
240 icsk->icsk_ext_hdr_len = exthdrlen;
241 icsk->icsk_af_ops = &ipv6_specific;
242 sk->sk_backlog_rcv = tcp_v6_do_rcv;
243 #ifdef CONFIG_TCP_MD5SIG
244 tp->af_specific = &tcp_sock_ipv6_specific;
245 #endif
246 goto failure;
247 } else {
248 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
249 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
250 &np->rcv_saddr);
251 }
252
253 return err;
254 }
255
256 if (!ipv6_addr_any(&np->rcv_saddr))
257 saddr = &np->rcv_saddr;
258
259 fl6.flowi6_proto = IPPROTO_TCP;
260 fl6.daddr = np->daddr;
261 fl6.saddr = saddr ? *saddr : np->saddr;
262 fl6.flowi6_oif = sk->sk_bound_dev_if;
263 fl6.flowi6_mark = sk->sk_mark;
264 fl6.fl6_dport = usin->sin6_port;
265 fl6.fl6_sport = inet->inet_sport;
266
267 final_p = fl6_update_dst(&fl6, np->opt, &final);
268
269 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
270
271 dst = ip6_dst_lookup_flow(sk, &fl6, final_p, true);
272 if (IS_ERR(dst)) {
273 err = PTR_ERR(dst);
274 goto failure;
275 }
276
277 if (saddr == NULL) {
278 saddr = &fl6.saddr;
279 np->rcv_saddr = *saddr;
280 }
281
282 /* set the source address */
283 np->saddr = *saddr;
284 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
285
286 sk->sk_gso_type = SKB_GSO_TCPV6;
287 __ip6_dst_store(sk, dst, NULL, NULL);
288
289 rt = (struct rt6_info *) dst;
290 if (tcp_death_row.sysctl_tw_recycle &&
291 !tp->rx_opt.ts_recent_stamp &&
292 ipv6_addr_equal(&rt->rt6i_dst.addr, &np->daddr))
293 tcp_fetch_timewait_stamp(sk, dst);
294
295 icsk->icsk_ext_hdr_len = 0;
296 if (np->opt)
297 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
298 np->opt->opt_nflen);
299
300 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
301
302 inet->inet_dport = usin->sin6_port;
303
304 tcp_set_state(sk, TCP_SYN_SENT);
305 err = inet6_hash_connect(&tcp_death_row, sk);
306 if (err)
307 goto late_failure;
308
309 if (!tp->write_seq)
310 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
311 np->daddr.s6_addr32,
312 inet->inet_sport,
313 inet->inet_dport);
314
315 err = tcp_connect(sk);
316 if (err)
317 goto late_failure;
318
319 return 0;
320
321 late_failure:
322 tcp_set_state(sk, TCP_CLOSE);
323 __sk_dst_reset(sk);
324 failure:
325 inet->inet_dport = 0;
326 sk->sk_route_caps = 0;
327 return err;
328 }
329
330 static void tcp_v6_mtu_reduced(struct sock *sk)
331 {
332 struct dst_entry *dst;
333
334 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
335 return;
336
337 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
338 if (!dst)
339 return;
340
341 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
342 tcp_sync_mss(sk, dst_mtu(dst));
343 tcp_simple_retransmit(sk);
344 }
345 }
346
347 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
348 u8 type, u8 code, int offset, __be32 info)
349 {
350 const struct ipv6hdr *hdr = (const struct ipv6hdr*)skb->data;
351 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
352 struct ipv6_pinfo *np;
353 struct sock *sk;
354 int err;
355 struct tcp_sock *tp;
356 __u32 seq;
357 struct net *net = dev_net(skb->dev);
358
359 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
360 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
361
362 if (sk == NULL) {
363 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
364 ICMP6_MIB_INERRORS);
365 return;
366 }
367
368 if (sk->sk_state == TCP_TIME_WAIT) {
369 inet_twsk_put(inet_twsk(sk));
370 return;
371 }
372
373 bh_lock_sock(sk);
374 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
375 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
376
377 if (sk->sk_state == TCP_CLOSE)
378 goto out;
379
380 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
381 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
382 goto out;
383 }
384
385 tp = tcp_sk(sk);
386 seq = ntohl(th->seq);
387 if (sk->sk_state != TCP_LISTEN &&
388 !between(seq, tp->snd_una, tp->snd_nxt)) {
389 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
390 goto out;
391 }
392
393 np = inet6_sk(sk);
394
395 if (type == NDISC_REDIRECT) {
396 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
397
398 if (dst)
399 dst->ops->redirect(dst, sk, skb);
400 }
401
402 if (type == ICMPV6_PKT_TOOBIG) {
403 tp->mtu_info = ntohl(info);
404 if (!sock_owned_by_user(sk))
405 tcp_v6_mtu_reduced(sk);
406 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
407 &tp->tsq_flags))
408 sock_hold(sk);
409 goto out;
410 }
411
412 icmpv6_err_convert(type, code, &err);
413
414 /* Might be for an request_sock */
415 switch (sk->sk_state) {
416 struct request_sock *req, **prev;
417 case TCP_LISTEN:
418 if (sock_owned_by_user(sk))
419 goto out;
420
421 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
422 &hdr->saddr, inet6_iif(skb));
423 if (!req)
424 goto out;
425
426 /* ICMPs are not backlogged, hence we cannot get
427 * an established socket here.
428 */
429 WARN_ON(req->sk != NULL);
430
431 if (seq != tcp_rsk(req)->snt_isn) {
432 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
433 goto out;
434 }
435
436 inet_csk_reqsk_queue_drop(sk, req, prev);
437 goto out;
438
439 case TCP_SYN_SENT:
440 case TCP_SYN_RECV: /* Cannot happen.
441 It can, it SYNs are crossed. --ANK */
442 if (!sock_owned_by_user(sk)) {
443 sk->sk_err = err;
444 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
445
446 tcp_done(sk);
447 } else
448 sk->sk_err_soft = err;
449 goto out;
450 }
451
452 if (!sock_owned_by_user(sk) && np->recverr) {
453 sk->sk_err = err;
454 sk->sk_error_report(sk);
455 } else
456 sk->sk_err_soft = err;
457
458 out:
459 bh_unlock_sock(sk);
460 sock_put(sk);
461 }
462
463
464 static int tcp_v6_send_synack(struct sock *sk, struct dst_entry *dst,
465 struct flowi6 *fl6,
466 struct request_sock *req,
467 struct request_values *rvp,
468 u16 queue_mapping)
469 {
470 struct inet6_request_sock *treq = inet6_rsk(req);
471 struct ipv6_pinfo *np = inet6_sk(sk);
472 struct sk_buff * skb;
473 int err = -ENOMEM;
474
475 /* First, grab a route. */
476 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL)
477 goto done;
478
479 skb = tcp_make_synack(sk, dst, req, rvp, NULL);
480
481 if (skb) {
482 __tcp_v6_send_check(skb, &treq->loc_addr, &treq->rmt_addr);
483
484 fl6->daddr = treq->rmt_addr;
485 skb_set_queue_mapping(skb, queue_mapping);
486 err = ip6_xmit(sk, skb, fl6, np->opt, np->tclass);
487 err = net_xmit_eval(err);
488 }
489
490 done:
491 return err;
492 }
493
494 static int tcp_v6_rtx_synack(struct sock *sk, struct request_sock *req,
495 struct request_values *rvp)
496 {
497 struct flowi6 fl6;
498
499 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
500 return tcp_v6_send_synack(sk, NULL, &fl6, req, rvp, 0);
501 }
502
503 static void tcp_v6_reqsk_destructor(struct request_sock *req)
504 {
505 kfree_skb(inet6_rsk(req)->pktopts);
506 }
507
508 #ifdef CONFIG_TCP_MD5SIG
509 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
510 const struct in6_addr *addr)
511 {
512 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
513 }
514
515 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
516 struct sock *addr_sk)
517 {
518 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
519 }
520
521 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
522 struct request_sock *req)
523 {
524 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
525 }
526
527 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
528 int optlen)
529 {
530 struct tcp_md5sig cmd;
531 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
532
533 if (optlen < sizeof(cmd))
534 return -EINVAL;
535
536 if (copy_from_user(&cmd, optval, sizeof(cmd)))
537 return -EFAULT;
538
539 if (sin6->sin6_family != AF_INET6)
540 return -EINVAL;
541
542 if (!cmd.tcpm_keylen) {
543 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
544 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
545 AF_INET);
546 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
547 AF_INET6);
548 }
549
550 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
551 return -EINVAL;
552
553 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
554 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
555 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
556
557 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
558 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
559 }
560
561 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
562 const struct in6_addr *daddr,
563 const struct in6_addr *saddr, int nbytes)
564 {
565 struct tcp6_pseudohdr *bp;
566 struct scatterlist sg;
567
568 bp = &hp->md5_blk.ip6;
569 /* 1. TCP pseudo-header (RFC2460) */
570 bp->saddr = *saddr;
571 bp->daddr = *daddr;
572 bp->protocol = cpu_to_be32(IPPROTO_TCP);
573 bp->len = cpu_to_be32(nbytes);
574
575 sg_init_one(&sg, bp, sizeof(*bp));
576 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
577 }
578
579 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
580 const struct in6_addr *daddr, struct in6_addr *saddr,
581 const struct tcphdr *th)
582 {
583 struct tcp_md5sig_pool *hp;
584 struct hash_desc *desc;
585
586 hp = tcp_get_md5sig_pool();
587 if (!hp)
588 goto clear_hash_noput;
589 desc = &hp->md5_desc;
590
591 if (crypto_hash_init(desc))
592 goto clear_hash;
593 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
594 goto clear_hash;
595 if (tcp_md5_hash_header(hp, th))
596 goto clear_hash;
597 if (tcp_md5_hash_key(hp, key))
598 goto clear_hash;
599 if (crypto_hash_final(desc, md5_hash))
600 goto clear_hash;
601
602 tcp_put_md5sig_pool();
603 return 0;
604
605 clear_hash:
606 tcp_put_md5sig_pool();
607 clear_hash_noput:
608 memset(md5_hash, 0, 16);
609 return 1;
610 }
611
612 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
613 const struct sock *sk,
614 const struct request_sock *req,
615 const struct sk_buff *skb)
616 {
617 const struct in6_addr *saddr, *daddr;
618 struct tcp_md5sig_pool *hp;
619 struct hash_desc *desc;
620 const struct tcphdr *th = tcp_hdr(skb);
621
622 if (sk) {
623 saddr = &inet6_sk(sk)->saddr;
624 daddr = &inet6_sk(sk)->daddr;
625 } else if (req) {
626 saddr = &inet6_rsk(req)->loc_addr;
627 daddr = &inet6_rsk(req)->rmt_addr;
628 } else {
629 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
630 saddr = &ip6h->saddr;
631 daddr = &ip6h->daddr;
632 }
633
634 hp = tcp_get_md5sig_pool();
635 if (!hp)
636 goto clear_hash_noput;
637 desc = &hp->md5_desc;
638
639 if (crypto_hash_init(desc))
640 goto clear_hash;
641
642 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
643 goto clear_hash;
644 if (tcp_md5_hash_header(hp, th))
645 goto clear_hash;
646 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
647 goto clear_hash;
648 if (tcp_md5_hash_key(hp, key))
649 goto clear_hash;
650 if (crypto_hash_final(desc, md5_hash))
651 goto clear_hash;
652
653 tcp_put_md5sig_pool();
654 return 0;
655
656 clear_hash:
657 tcp_put_md5sig_pool();
658 clear_hash_noput:
659 memset(md5_hash, 0, 16);
660 return 1;
661 }
662
663 static int tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb)
664 {
665 const __u8 *hash_location = NULL;
666 struct tcp_md5sig_key *hash_expected;
667 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
668 const struct tcphdr *th = tcp_hdr(skb);
669 int genhash;
670 u8 newhash[16];
671
672 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
673 hash_location = tcp_parse_md5sig_option(th);
674
675 /* We've parsed the options - do we have a hash? */
676 if (!hash_expected && !hash_location)
677 return 0;
678
679 if (hash_expected && !hash_location) {
680 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
681 return 1;
682 }
683
684 if (!hash_expected && hash_location) {
685 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
686 return 1;
687 }
688
689 /* check the signature */
690 genhash = tcp_v6_md5_hash_skb(newhash,
691 hash_expected,
692 NULL, NULL, skb);
693
694 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
695 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
696 genhash ? "failed" : "mismatch",
697 &ip6h->saddr, ntohs(th->source),
698 &ip6h->daddr, ntohs(th->dest));
699 return 1;
700 }
701 return 0;
702 }
703 #endif
704
705 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
706 .family = AF_INET6,
707 .obj_size = sizeof(struct tcp6_request_sock),
708 .rtx_syn_ack = tcp_v6_rtx_synack,
709 .send_ack = tcp_v6_reqsk_send_ack,
710 .destructor = tcp_v6_reqsk_destructor,
711 .send_reset = tcp_v6_send_reset,
712 .syn_ack_timeout = tcp_syn_ack_timeout,
713 };
714
715 #ifdef CONFIG_TCP_MD5SIG
716 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
717 .md5_lookup = tcp_v6_reqsk_md5_lookup,
718 .calc_md5_hash = tcp_v6_md5_hash_skb,
719 };
720 #endif
721
722 static void __tcp_v6_send_check(struct sk_buff *skb,
723 const struct in6_addr *saddr, const struct in6_addr *daddr)
724 {
725 struct tcphdr *th = tcp_hdr(skb);
726
727 if (skb->ip_summed == CHECKSUM_PARTIAL) {
728 th->check = ~tcp_v6_check(skb->len, saddr, daddr, 0);
729 skb->csum_start = skb_transport_header(skb) - skb->head;
730 skb->csum_offset = offsetof(struct tcphdr, check);
731 } else {
732 th->check = tcp_v6_check(skb->len, saddr, daddr,
733 csum_partial(th, th->doff << 2,
734 skb->csum));
735 }
736 }
737
738 static void tcp_v6_send_check(struct sock *sk, struct sk_buff *skb)
739 {
740 struct ipv6_pinfo *np = inet6_sk(sk);
741
742 __tcp_v6_send_check(skb, &np->saddr, &np->daddr);
743 }
744
745 static int tcp_v6_gso_send_check(struct sk_buff *skb)
746 {
747 const struct ipv6hdr *ipv6h;
748 struct tcphdr *th;
749
750 if (!pskb_may_pull(skb, sizeof(*th)))
751 return -EINVAL;
752
753 ipv6h = ipv6_hdr(skb);
754 th = tcp_hdr(skb);
755
756 th->check = 0;
757 skb->ip_summed = CHECKSUM_PARTIAL;
758 __tcp_v6_send_check(skb, &ipv6h->saddr, &ipv6h->daddr);
759 return 0;
760 }
761
762 static struct sk_buff **tcp6_gro_receive(struct sk_buff **head,
763 struct sk_buff *skb)
764 {
765 const struct ipv6hdr *iph = skb_gro_network_header(skb);
766 __wsum wsum;
767 __sum16 sum;
768
769 switch (skb->ip_summed) {
770 case CHECKSUM_COMPLETE:
771 if (!tcp_v6_check(skb_gro_len(skb), &iph->saddr, &iph->daddr,
772 skb->csum)) {
773 skb->ip_summed = CHECKSUM_UNNECESSARY;
774 break;
775 }
776 flush:
777 NAPI_GRO_CB(skb)->flush = 1;
778 return NULL;
779
780 case CHECKSUM_NONE:
781 wsum = ~csum_unfold(csum_ipv6_magic(&iph->saddr, &iph->daddr,
782 skb_gro_len(skb),
783 IPPROTO_TCP, 0));
784 sum = csum_fold(skb_checksum(skb,
785 skb_gro_offset(skb),
786 skb_gro_len(skb),
787 wsum));
788 if (sum)
789 goto flush;
790
791 skb->ip_summed = CHECKSUM_UNNECESSARY;
792 break;
793 }
794
795 return tcp_gro_receive(head, skb);
796 }
797
798 static int tcp6_gro_complete(struct sk_buff *skb)
799 {
800 const struct ipv6hdr *iph = ipv6_hdr(skb);
801 struct tcphdr *th = tcp_hdr(skb);
802
803 th->check = ~tcp_v6_check(skb->len - skb_transport_offset(skb),
804 &iph->saddr, &iph->daddr, 0);
805 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6;
806
807 return tcp_gro_complete(skb);
808 }
809
810 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
811 u32 ts, struct tcp_md5sig_key *key, int rst, u8 tclass)
812 {
813 const struct tcphdr *th = tcp_hdr(skb);
814 struct tcphdr *t1;
815 struct sk_buff *buff;
816 struct flowi6 fl6;
817 struct net *net = dev_net(skb_dst(skb)->dev);
818 struct sock *ctl_sk = net->ipv6.tcp_sk;
819 unsigned int tot_len = sizeof(struct tcphdr);
820 struct dst_entry *dst;
821 __be32 *topt;
822
823 if (ts)
824 tot_len += TCPOLEN_TSTAMP_ALIGNED;
825 #ifdef CONFIG_TCP_MD5SIG
826 if (key)
827 tot_len += TCPOLEN_MD5SIG_ALIGNED;
828 #endif
829
830 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
831 GFP_ATOMIC);
832 if (buff == NULL)
833 return;
834
835 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
836
837 t1 = (struct tcphdr *) skb_push(buff, tot_len);
838 skb_reset_transport_header(buff);
839
840 /* Swap the send and the receive. */
841 memset(t1, 0, sizeof(*t1));
842 t1->dest = th->source;
843 t1->source = th->dest;
844 t1->doff = tot_len / 4;
845 t1->seq = htonl(seq);
846 t1->ack_seq = htonl(ack);
847 t1->ack = !rst || !th->ack;
848 t1->rst = rst;
849 t1->window = htons(win);
850
851 topt = (__be32 *)(t1 + 1);
852
853 if (ts) {
854 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
855 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
856 *topt++ = htonl(tcp_time_stamp);
857 *topt++ = htonl(ts);
858 }
859
860 #ifdef CONFIG_TCP_MD5SIG
861 if (key) {
862 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
863 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
864 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
865 &ipv6_hdr(skb)->saddr,
866 &ipv6_hdr(skb)->daddr, t1);
867 }
868 #endif
869
870 memset(&fl6, 0, sizeof(fl6));
871 fl6.daddr = ipv6_hdr(skb)->saddr;
872 fl6.saddr = ipv6_hdr(skb)->daddr;
873
874 buff->ip_summed = CHECKSUM_PARTIAL;
875 buff->csum = 0;
876
877 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
878
879 fl6.flowi6_proto = IPPROTO_TCP;
880 if (ipv6_addr_type(&fl6.daddr) & IPV6_ADDR_LINKLOCAL)
881 fl6.flowi6_oif = inet6_iif(skb);
882 fl6.fl6_dport = t1->dest;
883 fl6.fl6_sport = t1->source;
884 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
885
886 /* Pass a socket to ip6_dst_lookup either it is for RST
887 * Underlying function will use this to retrieve the network
888 * namespace
889 */
890 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL, false);
891 if (!IS_ERR(dst)) {
892 skb_dst_set(buff, dst);
893 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
894 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
895 if (rst)
896 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
897 return;
898 }
899
900 kfree_skb(buff);
901 }
902
903 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
904 {
905 const struct tcphdr *th = tcp_hdr(skb);
906 u32 seq = 0, ack_seq = 0;
907 struct tcp_md5sig_key *key = NULL;
908 #ifdef CONFIG_TCP_MD5SIG
909 const __u8 *hash_location = NULL;
910 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
911 unsigned char newhash[16];
912 int genhash;
913 struct sock *sk1 = NULL;
914 #endif
915
916 if (th->rst)
917 return;
918
919 if (!ipv6_unicast_destination(skb))
920 return;
921
922 #ifdef CONFIG_TCP_MD5SIG
923 hash_location = tcp_parse_md5sig_option(th);
924 if (!sk && hash_location) {
925 /*
926 * active side is lost. Try to find listening socket through
927 * source port, and then find md5 key through listening socket.
928 * we are not loose security here:
929 * Incoming packet is checked with md5 hash with finding key,
930 * no RST generated if md5 hash doesn't match.
931 */
932 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
933 &tcp_hashinfo, &ipv6h->daddr,
934 ntohs(th->source), inet6_iif(skb));
935 if (!sk1)
936 return;
937
938 rcu_read_lock();
939 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
940 if (!key)
941 goto release_sk1;
942
943 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, NULL, skb);
944 if (genhash || memcmp(hash_location, newhash, 16) != 0)
945 goto release_sk1;
946 } else {
947 key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL;
948 }
949 #endif
950
951 if (th->ack)
952 seq = ntohl(th->ack_seq);
953 else
954 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
955 (th->doff << 2);
956
957 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1, 0);
958
959 #ifdef CONFIG_TCP_MD5SIG
960 release_sk1:
961 if (sk1) {
962 rcu_read_unlock();
963 sock_put(sk1);
964 }
965 #endif
966 }
967
968 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts,
969 struct tcp_md5sig_key *key, u8 tclass)
970 {
971 tcp_v6_send_response(skb, seq, ack, win, ts, key, 0, tclass);
972 }
973
974 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
975 {
976 struct inet_timewait_sock *tw = inet_twsk(sk);
977 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
978
979 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
980 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
981 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw),
982 tw->tw_tclass);
983
984 inet_twsk_put(tw);
985 }
986
987 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
988 struct request_sock *req)
989 {
990 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent,
991 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr), 0);
992 }
993
994
995 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
996 {
997 struct request_sock *req, **prev;
998 const struct tcphdr *th = tcp_hdr(skb);
999 struct sock *nsk;
1000
1001 /* Find possible connection requests. */
1002 req = inet6_csk_search_req(sk, &prev, th->source,
1003 &ipv6_hdr(skb)->saddr,
1004 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1005 if (req)
1006 return tcp_check_req(sk, skb, req, prev, false);
1007
1008 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
1009 &ipv6_hdr(skb)->saddr, th->source,
1010 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1011
1012 if (nsk) {
1013 if (nsk->sk_state != TCP_TIME_WAIT) {
1014 bh_lock_sock(nsk);
1015 return nsk;
1016 }
1017 inet_twsk_put(inet_twsk(nsk));
1018 return NULL;
1019 }
1020
1021 #ifdef CONFIG_SYN_COOKIES
1022 if (!th->syn)
1023 sk = cookie_v6_check(sk, skb);
1024 #endif
1025 return sk;
1026 }
1027
1028 /* FIXME: this is substantially similar to the ipv4 code.
1029 * Can some kind of merge be done? -- erics
1030 */
1031 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1032 {
1033 struct tcp_extend_values tmp_ext;
1034 struct tcp_options_received tmp_opt;
1035 const u8 *hash_location;
1036 struct request_sock *req;
1037 struct inet6_request_sock *treq;
1038 struct ipv6_pinfo *np = inet6_sk(sk);
1039 struct tcp_sock *tp = tcp_sk(sk);
1040 __u32 isn = TCP_SKB_CB(skb)->when;
1041 struct dst_entry *dst = NULL;
1042 struct flowi6 fl6;
1043 bool want_cookie = false;
1044
1045 if (skb->protocol == htons(ETH_P_IP))
1046 return tcp_v4_conn_request(sk, skb);
1047
1048 if (!ipv6_unicast_destination(skb))
1049 goto drop;
1050
1051 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1052 want_cookie = tcp_syn_flood_action(sk, skb, "TCPv6");
1053 if (!want_cookie)
1054 goto drop;
1055 }
1056
1057 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1058 goto drop;
1059
1060 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1061 if (req == NULL)
1062 goto drop;
1063
1064 #ifdef CONFIG_TCP_MD5SIG
1065 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1066 #endif
1067
1068 tcp_clear_options(&tmp_opt);
1069 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1070 tmp_opt.user_mss = tp->rx_opt.user_mss;
1071 tcp_parse_options(skb, &tmp_opt, &hash_location, 0, NULL);
1072
1073 if (tmp_opt.cookie_plus > 0 &&
1074 tmp_opt.saw_tstamp &&
1075 !tp->rx_opt.cookie_out_never &&
1076 (sysctl_tcp_cookie_size > 0 ||
1077 (tp->cookie_values != NULL &&
1078 tp->cookie_values->cookie_desired > 0))) {
1079 u8 *c;
1080 u32 *d;
1081 u32 *mess = &tmp_ext.cookie_bakery[COOKIE_DIGEST_WORDS];
1082 int l = tmp_opt.cookie_plus - TCPOLEN_COOKIE_BASE;
1083
1084 if (tcp_cookie_generator(&tmp_ext.cookie_bakery[0]) != 0)
1085 goto drop_and_free;
1086
1087 /* Secret recipe starts with IP addresses */
1088 d = (__force u32 *)&ipv6_hdr(skb)->daddr.s6_addr32[0];
1089 *mess++ ^= *d++;
1090 *mess++ ^= *d++;
1091 *mess++ ^= *d++;
1092 *mess++ ^= *d++;
1093 d = (__force u32 *)&ipv6_hdr(skb)->saddr.s6_addr32[0];
1094 *mess++ ^= *d++;
1095 *mess++ ^= *d++;
1096 *mess++ ^= *d++;
1097 *mess++ ^= *d++;
1098
1099 /* plus variable length Initiator Cookie */
1100 c = (u8 *)mess;
1101 while (l-- > 0)
1102 *c++ ^= *hash_location++;
1103
1104 want_cookie = false; /* not our kind of cookie */
1105 tmp_ext.cookie_out_never = 0; /* false */
1106 tmp_ext.cookie_plus = tmp_opt.cookie_plus;
1107 } else if (!tp->rx_opt.cookie_in_always) {
1108 /* redundant indications, but ensure initialization. */
1109 tmp_ext.cookie_out_never = 1; /* true */
1110 tmp_ext.cookie_plus = 0;
1111 } else {
1112 goto drop_and_free;
1113 }
1114 tmp_ext.cookie_in_always = tp->rx_opt.cookie_in_always;
1115
1116 if (want_cookie && !tmp_opt.saw_tstamp)
1117 tcp_clear_options(&tmp_opt);
1118
1119 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1120 tcp_openreq_init(req, &tmp_opt, skb);
1121
1122 treq = inet6_rsk(req);
1123 treq->rmt_addr = ipv6_hdr(skb)->saddr;
1124 treq->loc_addr = ipv6_hdr(skb)->daddr;
1125 if (!want_cookie || tmp_opt.tstamp_ok)
1126 TCP_ECN_create_request(req, skb);
1127
1128 treq->iif = sk->sk_bound_dev_if;
1129
1130 /* So that link locals have meaning */
1131 if (!sk->sk_bound_dev_if &&
1132 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1133 treq->iif = inet6_iif(skb);
1134
1135 if (!isn) {
1136 if (ipv6_opt_accepted(sk, skb) ||
1137 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1138 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1139 atomic_inc(&skb->users);
1140 treq->pktopts = skb;
1141 }
1142
1143 if (want_cookie) {
1144 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1145 req->cookie_ts = tmp_opt.tstamp_ok;
1146 goto have_isn;
1147 }
1148
1149 /* VJ's idea. We save last timestamp seen
1150 * from the destination in peer table, when entering
1151 * state TIME-WAIT, and check against it before
1152 * accepting new connection request.
1153 *
1154 * If "isn" is not zero, this request hit alive
1155 * timewait bucket, so that all the necessary checks
1156 * are made in the function processing timewait state.
1157 */
1158 if (tmp_opt.saw_tstamp &&
1159 tcp_death_row.sysctl_tw_recycle &&
1160 (dst = inet6_csk_route_req(sk, &fl6, req)) != NULL) {
1161 if (!tcp_peer_is_proven(req, dst, true)) {
1162 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_PAWSPASSIVEREJECTED);
1163 goto drop_and_release;
1164 }
1165 }
1166 /* Kill the following clause, if you dislike this way. */
1167 else if (!sysctl_tcp_syncookies &&
1168 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
1169 (sysctl_max_syn_backlog >> 2)) &&
1170 !tcp_peer_is_proven(req, dst, false)) {
1171 /* Without syncookies last quarter of
1172 * backlog is filled with destinations,
1173 * proven to be alive.
1174 * It means that we continue to communicate
1175 * to destinations, already remembered
1176 * to the moment of synflood.
1177 */
1178 LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open request from %pI6/%u\n",
1179 &treq->rmt_addr, ntohs(tcp_hdr(skb)->source));
1180 goto drop_and_release;
1181 }
1182
1183 isn = tcp_v6_init_sequence(skb);
1184 }
1185 have_isn:
1186 tcp_rsk(req)->snt_isn = isn;
1187
1188 if (security_inet_conn_request(sk, skb, req))
1189 goto drop_and_release;
1190
1191 if (tcp_v6_send_synack(sk, dst, &fl6, req,
1192 (struct request_values *)&tmp_ext,
1193 skb_get_queue_mapping(skb)) ||
1194 want_cookie)
1195 goto drop_and_free;
1196
1197 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1198 tcp_rsk(req)->listener = NULL;
1199 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1200 return 0;
1201
1202 drop_and_release:
1203 dst_release(dst);
1204 drop_and_free:
1205 reqsk_free(req);
1206 drop:
1207 return 0; /* don't send reset */
1208 }
1209
1210 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1211 struct request_sock *req,
1212 struct dst_entry *dst)
1213 {
1214 struct inet6_request_sock *treq;
1215 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1216 struct tcp6_sock *newtcp6sk;
1217 struct inet_sock *newinet;
1218 struct tcp_sock *newtp;
1219 struct sock *newsk;
1220 #ifdef CONFIG_TCP_MD5SIG
1221 struct tcp_md5sig_key *key;
1222 #endif
1223 struct flowi6 fl6;
1224
1225 if (skb->protocol == htons(ETH_P_IP)) {
1226 /*
1227 * v6 mapped
1228 */
1229
1230 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1231
1232 if (newsk == NULL)
1233 return NULL;
1234
1235 newtcp6sk = (struct tcp6_sock *)newsk;
1236 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1237
1238 newinet = inet_sk(newsk);
1239 newnp = inet6_sk(newsk);
1240 newtp = tcp_sk(newsk);
1241
1242 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1243
1244 ipv6_addr_set_v4mapped(newinet->inet_daddr, &newnp->daddr);
1245
1246 ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr);
1247
1248 newnp->rcv_saddr = newnp->saddr;
1249
1250 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1251 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1252 #ifdef CONFIG_TCP_MD5SIG
1253 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1254 #endif
1255
1256 newnp->ipv6_ac_list = NULL;
1257 newnp->ipv6_fl_list = NULL;
1258 newnp->pktoptions = NULL;
1259 newnp->opt = NULL;
1260 newnp->mcast_oif = inet6_iif(skb);
1261 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1262 newnp->rcv_tclass = ipv6_tclass(ipv6_hdr(skb));
1263
1264 /*
1265 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1266 * here, tcp_create_openreq_child now does this for us, see the comment in
1267 * that function for the gory details. -acme
1268 */
1269
1270 /* It is tricky place. Until this moment IPv4 tcp
1271 worked with IPv6 icsk.icsk_af_ops.
1272 Sync it now.
1273 */
1274 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1275
1276 return newsk;
1277 }
1278
1279 treq = inet6_rsk(req);
1280
1281 if (sk_acceptq_is_full(sk))
1282 goto out_overflow;
1283
1284 if (!dst) {
1285 dst = inet6_csk_route_req(sk, &fl6, req);
1286 if (!dst)
1287 goto out;
1288 }
1289
1290 newsk = tcp_create_openreq_child(sk, req, skb);
1291 if (newsk == NULL)
1292 goto out_nonewsk;
1293
1294 /*
1295 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1296 * count here, tcp_create_openreq_child now does this for us, see the
1297 * comment in that function for the gory details. -acme
1298 */
1299
1300 newsk->sk_gso_type = SKB_GSO_TCPV6;
1301 __ip6_dst_store(newsk, dst, NULL, NULL);
1302 inet6_sk_rx_dst_set(newsk, skb);
1303
1304 newtcp6sk = (struct tcp6_sock *)newsk;
1305 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1306
1307 newtp = tcp_sk(newsk);
1308 newinet = inet_sk(newsk);
1309 newnp = inet6_sk(newsk);
1310
1311 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1312
1313 newnp->daddr = treq->rmt_addr;
1314 newnp->saddr = treq->loc_addr;
1315 newnp->rcv_saddr = treq->loc_addr;
1316 newsk->sk_bound_dev_if = treq->iif;
1317
1318 /* Now IPv6 options...
1319
1320 First: no IPv4 options.
1321 */
1322 newinet->inet_opt = NULL;
1323 newnp->ipv6_ac_list = NULL;
1324 newnp->ipv6_fl_list = NULL;
1325
1326 /* Clone RX bits */
1327 newnp->rxopt.all = np->rxopt.all;
1328
1329 /* Clone pktoptions received with SYN */
1330 newnp->pktoptions = NULL;
1331 if (treq->pktopts != NULL) {
1332 newnp->pktoptions = skb_clone(treq->pktopts,
1333 sk_gfp_atomic(sk, GFP_ATOMIC));
1334 consume_skb(treq->pktopts);
1335 treq->pktopts = NULL;
1336 if (newnp->pktoptions)
1337 skb_set_owner_r(newnp->pktoptions, newsk);
1338 }
1339 newnp->opt = NULL;
1340 newnp->mcast_oif = inet6_iif(skb);
1341 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1342 newnp->rcv_tclass = ipv6_tclass(ipv6_hdr(skb));
1343
1344 /* Clone native IPv6 options from listening socket (if any)
1345
1346 Yes, keeping reference count would be much more clever,
1347 but we make one more one thing there: reattach optmem
1348 to newsk.
1349 */
1350 if (np->opt)
1351 newnp->opt = ipv6_dup_options(newsk, np->opt);
1352
1353 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1354 if (newnp->opt)
1355 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1356 newnp->opt->opt_flen);
1357
1358 tcp_mtup_init(newsk);
1359 tcp_sync_mss(newsk, dst_mtu(dst));
1360 newtp->advmss = dst_metric_advmss(dst);
1361 if (tcp_sk(sk)->rx_opt.user_mss &&
1362 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1363 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1364
1365 tcp_initialize_rcv_mss(newsk);
1366 tcp_synack_rtt_meas(newsk, req);
1367 newtp->total_retrans = req->retrans;
1368
1369 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1370 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1371
1372 #ifdef CONFIG_TCP_MD5SIG
1373 /* Copy over the MD5 key from the original socket */
1374 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1375 /* We're using one, so create a matching key
1376 * on the newsk structure. If we fail to get
1377 * memory, then we end up not copying the key
1378 * across. Shucks.
1379 */
1380 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newnp->daddr,
1381 AF_INET6, key->key, key->keylen,
1382 sk_gfp_atomic(sk, GFP_ATOMIC));
1383 }
1384 #endif
1385
1386 if (__inet_inherit_port(sk, newsk) < 0) {
1387 sock_put(newsk);
1388 goto out;
1389 }
1390 __inet6_hash(newsk, NULL);
1391
1392 return newsk;
1393
1394 out_overflow:
1395 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1396 out_nonewsk:
1397 dst_release(dst);
1398 out:
1399 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1400 return NULL;
1401 }
1402
1403 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1404 {
1405 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1406 if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr,
1407 &ipv6_hdr(skb)->daddr, skb->csum)) {
1408 skb->ip_summed = CHECKSUM_UNNECESSARY;
1409 return 0;
1410 }
1411 }
1412
1413 skb->csum = ~csum_unfold(tcp_v6_check(skb->len,
1414 &ipv6_hdr(skb)->saddr,
1415 &ipv6_hdr(skb)->daddr, 0));
1416
1417 if (skb->len <= 76) {
1418 return __skb_checksum_complete(skb);
1419 }
1420 return 0;
1421 }
1422
1423 /* The socket must have it's spinlock held when we get
1424 * here.
1425 *
1426 * We have a potential double-lock case here, so even when
1427 * doing backlog processing we use the BH locking scheme.
1428 * This is because we cannot sleep with the original spinlock
1429 * held.
1430 */
1431 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1432 {
1433 struct ipv6_pinfo *np = inet6_sk(sk);
1434 struct tcp_sock *tp;
1435 struct sk_buff *opt_skb = NULL;
1436
1437 /* Imagine: socket is IPv6. IPv4 packet arrives,
1438 goes to IPv4 receive handler and backlogged.
1439 From backlog it always goes here. Kerboom...
1440 Fortunately, tcp_rcv_established and rcv_established
1441 handle them correctly, but it is not case with
1442 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1443 */
1444
1445 if (skb->protocol == htons(ETH_P_IP))
1446 return tcp_v4_do_rcv(sk, skb);
1447
1448 #ifdef CONFIG_TCP_MD5SIG
1449 if (tcp_v6_inbound_md5_hash (sk, skb))
1450 goto discard;
1451 #endif
1452
1453 if (sk_filter(sk, skb))
1454 goto discard;
1455
1456 /*
1457 * socket locking is here for SMP purposes as backlog rcv
1458 * is currently called with bh processing disabled.
1459 */
1460
1461 /* Do Stevens' IPV6_PKTOPTIONS.
1462
1463 Yes, guys, it is the only place in our code, where we
1464 may make it not affecting IPv4.
1465 The rest of code is protocol independent,
1466 and I do not like idea to uglify IPv4.
1467
1468 Actually, all the idea behind IPV6_PKTOPTIONS
1469 looks not very well thought. For now we latch
1470 options, received in the last packet, enqueued
1471 by tcp. Feel free to propose better solution.
1472 --ANK (980728)
1473 */
1474 if (np->rxopt.all)
1475 opt_skb = skb_clone(skb, sk_gfp_atomic(sk, GFP_ATOMIC));
1476
1477 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1478 struct dst_entry *dst = sk->sk_rx_dst;
1479
1480 sock_rps_save_rxhash(sk, skb);
1481 if (dst) {
1482 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1483 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1484 dst_release(dst);
1485 sk->sk_rx_dst = NULL;
1486 }
1487 }
1488
1489 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1490 goto reset;
1491 if (opt_skb)
1492 goto ipv6_pktoptions;
1493 return 0;
1494 }
1495
1496 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1497 goto csum_err;
1498
1499 if (sk->sk_state == TCP_LISTEN) {
1500 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1501 if (!nsk)
1502 goto discard;
1503
1504 /*
1505 * Queue it on the new socket if the new socket is active,
1506 * otherwise we just shortcircuit this and continue with
1507 * the new socket..
1508 */
1509 if(nsk != sk) {
1510 sock_rps_save_rxhash(nsk, skb);
1511 if (tcp_child_process(sk, nsk, skb))
1512 goto reset;
1513 if (opt_skb)
1514 __kfree_skb(opt_skb);
1515 return 0;
1516 }
1517 } else
1518 sock_rps_save_rxhash(sk, skb);
1519
1520 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1521 goto reset;
1522 if (opt_skb)
1523 goto ipv6_pktoptions;
1524 return 0;
1525
1526 reset:
1527 tcp_v6_send_reset(sk, skb);
1528 discard:
1529 if (opt_skb)
1530 __kfree_skb(opt_skb);
1531 kfree_skb(skb);
1532 return 0;
1533 csum_err:
1534 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1535 goto discard;
1536
1537
1538 ipv6_pktoptions:
1539 /* Do you ask, what is it?
1540
1541 1. skb was enqueued by tcp.
1542 2. skb is added to tail of read queue, rather than out of order.
1543 3. socket is not in passive state.
1544 4. Finally, it really contains options, which user wants to receive.
1545 */
1546 tp = tcp_sk(sk);
1547 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1548 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1549 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1550 np->mcast_oif = inet6_iif(opt_skb);
1551 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1552 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1553 if (np->rxopt.bits.rxtclass)
1554 np->rcv_tclass = ipv6_tclass(ipv6_hdr(skb));
1555 if (ipv6_opt_accepted(sk, opt_skb)) {
1556 skb_set_owner_r(opt_skb, sk);
1557 opt_skb = xchg(&np->pktoptions, opt_skb);
1558 } else {
1559 __kfree_skb(opt_skb);
1560 opt_skb = xchg(&np->pktoptions, NULL);
1561 }
1562 }
1563
1564 kfree_skb(opt_skb);
1565 return 0;
1566 }
1567
1568 static int tcp_v6_rcv(struct sk_buff *skb)
1569 {
1570 const struct tcphdr *th;
1571 const struct ipv6hdr *hdr;
1572 struct sock *sk;
1573 int ret;
1574 struct net *net = dev_net(skb->dev);
1575
1576 if (skb->pkt_type != PACKET_HOST)
1577 goto discard_it;
1578
1579 /*
1580 * Count it even if it's bad.
1581 */
1582 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1583
1584 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1585 goto discard_it;
1586
1587 th = tcp_hdr(skb);
1588
1589 if (th->doff < sizeof(struct tcphdr)/4)
1590 goto bad_packet;
1591 if (!pskb_may_pull(skb, th->doff*4))
1592 goto discard_it;
1593
1594 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1595 goto bad_packet;
1596
1597 th = tcp_hdr(skb);
1598 hdr = ipv6_hdr(skb);
1599 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1600 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1601 skb->len - th->doff*4);
1602 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1603 TCP_SKB_CB(skb)->when = 0;
1604 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1605 TCP_SKB_CB(skb)->sacked = 0;
1606
1607 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1608 if (!sk)
1609 goto no_tcp_socket;
1610
1611 process:
1612 if (sk->sk_state == TCP_TIME_WAIT)
1613 goto do_time_wait;
1614
1615 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1616 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1617 goto discard_and_relse;
1618 }
1619
1620 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1621 goto discard_and_relse;
1622
1623 if (sk_filter(sk, skb))
1624 goto discard_and_relse;
1625
1626 skb->dev = NULL;
1627
1628 bh_lock_sock_nested(sk);
1629 ret = 0;
1630 if (!sock_owned_by_user(sk)) {
1631 #ifdef CONFIG_NET_DMA
1632 struct tcp_sock *tp = tcp_sk(sk);
1633 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1634 tp->ucopy.dma_chan = net_dma_find_channel();
1635 if (tp->ucopy.dma_chan)
1636 ret = tcp_v6_do_rcv(sk, skb);
1637 else
1638 #endif
1639 {
1640 if (!tcp_prequeue(sk, skb))
1641 ret = tcp_v6_do_rcv(sk, skb);
1642 }
1643 } else if (unlikely(sk_add_backlog(sk, skb,
1644 sk->sk_rcvbuf + sk->sk_sndbuf))) {
1645 bh_unlock_sock(sk);
1646 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
1647 goto discard_and_relse;
1648 }
1649 bh_unlock_sock(sk);
1650
1651 sock_put(sk);
1652 return ret ? -1 : 0;
1653
1654 no_tcp_socket:
1655 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1656 goto discard_it;
1657
1658 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1659 bad_packet:
1660 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1661 } else {
1662 tcp_v6_send_reset(NULL, skb);
1663 }
1664
1665 discard_it:
1666
1667 /*
1668 * Discard frame
1669 */
1670
1671 kfree_skb(skb);
1672 return 0;
1673
1674 discard_and_relse:
1675 sock_put(sk);
1676 goto discard_it;
1677
1678 do_time_wait:
1679 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1680 inet_twsk_put(inet_twsk(sk));
1681 goto discard_it;
1682 }
1683
1684 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1685 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1686 inet_twsk_put(inet_twsk(sk));
1687 goto discard_it;
1688 }
1689
1690 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1691 case TCP_TW_SYN:
1692 {
1693 struct sock *sk2;
1694
1695 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1696 &ipv6_hdr(skb)->daddr,
1697 ntohs(th->dest), inet6_iif(skb));
1698 if (sk2 != NULL) {
1699 struct inet_timewait_sock *tw = inet_twsk(sk);
1700 inet_twsk_deschedule(tw, &tcp_death_row);
1701 inet_twsk_put(tw);
1702 sk = sk2;
1703 goto process;
1704 }
1705 /* Fall through to ACK */
1706 }
1707 case TCP_TW_ACK:
1708 tcp_v6_timewait_ack(sk, skb);
1709 break;
1710 case TCP_TW_RST:
1711 goto no_tcp_socket;
1712 case TCP_TW_SUCCESS:;
1713 }
1714 goto discard_it;
1715 }
1716
1717 static void tcp_v6_early_demux(struct sk_buff *skb)
1718 {
1719 const struct ipv6hdr *hdr;
1720 const struct tcphdr *th;
1721 struct sock *sk;
1722
1723 if (skb->pkt_type != PACKET_HOST)
1724 return;
1725
1726 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1727 return;
1728
1729 hdr = ipv6_hdr(skb);
1730 th = tcp_hdr(skb);
1731
1732 if (th->doff < sizeof(struct tcphdr) / 4)
1733 return;
1734
1735 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1736 &hdr->saddr, th->source,
1737 &hdr->daddr, ntohs(th->dest),
1738 inet6_iif(skb));
1739 if (sk) {
1740 skb->sk = sk;
1741 skb->destructor = sock_edemux;
1742 if (sk->sk_state != TCP_TIME_WAIT) {
1743 struct dst_entry *dst = sk->sk_rx_dst;
1744 struct inet_sock *icsk = inet_sk(sk);
1745 if (dst)
1746 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
1747 if (dst &&
1748 icsk->rx_dst_ifindex == skb->skb_iif)
1749 skb_dst_set_noref(skb, dst);
1750 }
1751 }
1752 }
1753
1754 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1755 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1756 .twsk_unique = tcp_twsk_unique,
1757 .twsk_destructor= tcp_twsk_destructor,
1758 };
1759
1760 static const struct inet_connection_sock_af_ops ipv6_specific = {
1761 .queue_xmit = inet6_csk_xmit,
1762 .send_check = tcp_v6_send_check,
1763 .rebuild_header = inet6_sk_rebuild_header,
1764 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1765 .conn_request = tcp_v6_conn_request,
1766 .syn_recv_sock = tcp_v6_syn_recv_sock,
1767 .net_header_len = sizeof(struct ipv6hdr),
1768 .net_frag_header_len = sizeof(struct frag_hdr),
1769 .setsockopt = ipv6_setsockopt,
1770 .getsockopt = ipv6_getsockopt,
1771 .addr2sockaddr = inet6_csk_addr2sockaddr,
1772 .sockaddr_len = sizeof(struct sockaddr_in6),
1773 .bind_conflict = inet6_csk_bind_conflict,
1774 #ifdef CONFIG_COMPAT
1775 .compat_setsockopt = compat_ipv6_setsockopt,
1776 .compat_getsockopt = compat_ipv6_getsockopt,
1777 #endif
1778 };
1779
1780 #ifdef CONFIG_TCP_MD5SIG
1781 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1782 .md5_lookup = tcp_v6_md5_lookup,
1783 .calc_md5_hash = tcp_v6_md5_hash_skb,
1784 .md5_parse = tcp_v6_parse_md5_keys,
1785 };
1786 #endif
1787
1788 /*
1789 * TCP over IPv4 via INET6 API
1790 */
1791
1792 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1793 .queue_xmit = ip_queue_xmit,
1794 .send_check = tcp_v4_send_check,
1795 .rebuild_header = inet_sk_rebuild_header,
1796 .sk_rx_dst_set = inet_sk_rx_dst_set,
1797 .conn_request = tcp_v6_conn_request,
1798 .syn_recv_sock = tcp_v6_syn_recv_sock,
1799 .net_header_len = sizeof(struct iphdr),
1800 .setsockopt = ipv6_setsockopt,
1801 .getsockopt = ipv6_getsockopt,
1802 .addr2sockaddr = inet6_csk_addr2sockaddr,
1803 .sockaddr_len = sizeof(struct sockaddr_in6),
1804 .bind_conflict = inet6_csk_bind_conflict,
1805 #ifdef CONFIG_COMPAT
1806 .compat_setsockopt = compat_ipv6_setsockopt,
1807 .compat_getsockopt = compat_ipv6_getsockopt,
1808 #endif
1809 };
1810
1811 #ifdef CONFIG_TCP_MD5SIG
1812 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1813 .md5_lookup = tcp_v4_md5_lookup,
1814 .calc_md5_hash = tcp_v4_md5_hash_skb,
1815 .md5_parse = tcp_v6_parse_md5_keys,
1816 };
1817 #endif
1818
1819 /* NOTE: A lot of things set to zero explicitly by call to
1820 * sk_alloc() so need not be done here.
1821 */
1822 static int tcp_v6_init_sock(struct sock *sk)
1823 {
1824 struct inet_connection_sock *icsk = inet_csk(sk);
1825
1826 tcp_init_sock(sk);
1827
1828 icsk->icsk_af_ops = &ipv6_specific;
1829
1830 #ifdef CONFIG_TCP_MD5SIG
1831 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1832 #endif
1833
1834 return 0;
1835 }
1836
1837 static void tcp_v6_destroy_sock(struct sock *sk)
1838 {
1839 tcp_v4_destroy_sock(sk);
1840 inet6_destroy_sock(sk);
1841 }
1842
1843 #ifdef CONFIG_PROC_FS
1844 /* Proc filesystem TCPv6 sock list dumping. */
1845 static void get_openreq6(struct seq_file *seq,
1846 const struct sock *sk, struct request_sock *req, int i, kuid_t uid)
1847 {
1848 int ttd = req->expires - jiffies;
1849 const struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1850 const struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1851
1852 if (ttd < 0)
1853 ttd = 0;
1854
1855 seq_printf(seq,
1856 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1857 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1858 i,
1859 src->s6_addr32[0], src->s6_addr32[1],
1860 src->s6_addr32[2], src->s6_addr32[3],
1861 ntohs(inet_rsk(req)->loc_port),
1862 dest->s6_addr32[0], dest->s6_addr32[1],
1863 dest->s6_addr32[2], dest->s6_addr32[3],
1864 ntohs(inet_rsk(req)->rmt_port),
1865 TCP_SYN_RECV,
1866 0,0, /* could print option size, but that is af dependent. */
1867 1, /* timers active (only the expire timer) */
1868 jiffies_to_clock_t(ttd),
1869 req->retrans,
1870 from_kuid_munged(seq_user_ns(seq), uid),
1871 0, /* non standard timer */
1872 0, /* open_requests have no inode */
1873 0, req);
1874 }
1875
1876 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1877 {
1878 const struct in6_addr *dest, *src;
1879 __u16 destp, srcp;
1880 int timer_active;
1881 unsigned long timer_expires;
1882 const struct inet_sock *inet = inet_sk(sp);
1883 const struct tcp_sock *tp = tcp_sk(sp);
1884 const struct inet_connection_sock *icsk = inet_csk(sp);
1885 const struct ipv6_pinfo *np = inet6_sk(sp);
1886
1887 dest = &np->daddr;
1888 src = &np->rcv_saddr;
1889 destp = ntohs(inet->inet_dport);
1890 srcp = ntohs(inet->inet_sport);
1891
1892 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1893 timer_active = 1;
1894 timer_expires = icsk->icsk_timeout;
1895 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1896 timer_active = 4;
1897 timer_expires = icsk->icsk_timeout;
1898 } else if (timer_pending(&sp->sk_timer)) {
1899 timer_active = 2;
1900 timer_expires = sp->sk_timer.expires;
1901 } else {
1902 timer_active = 0;
1903 timer_expires = jiffies;
1904 }
1905
1906 seq_printf(seq,
1907 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1908 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %pK %lu %lu %u %u %d\n",
1909 i,
1910 src->s6_addr32[0], src->s6_addr32[1],
1911 src->s6_addr32[2], src->s6_addr32[3], srcp,
1912 dest->s6_addr32[0], dest->s6_addr32[1],
1913 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1914 sp->sk_state,
1915 tp->write_seq-tp->snd_una,
1916 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1917 timer_active,
1918 jiffies_delta_to_clock_t(timer_expires - jiffies),
1919 icsk->icsk_retransmits,
1920 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1921 icsk->icsk_probes_out,
1922 sock_i_ino(sp),
1923 atomic_read(&sp->sk_refcnt), sp,
1924 jiffies_to_clock_t(icsk->icsk_rto),
1925 jiffies_to_clock_t(icsk->icsk_ack.ato),
1926 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1927 tp->snd_cwnd,
1928 tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh
1929 );
1930 }
1931
1932 static void get_timewait6_sock(struct seq_file *seq,
1933 struct inet_timewait_sock *tw, int i)
1934 {
1935 const struct in6_addr *dest, *src;
1936 __u16 destp, srcp;
1937 const struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
1938 long delta = tw->tw_ttd - jiffies;
1939
1940 dest = &tw6->tw_v6_daddr;
1941 src = &tw6->tw_v6_rcv_saddr;
1942 destp = ntohs(tw->tw_dport);
1943 srcp = ntohs(tw->tw_sport);
1944
1945 seq_printf(seq,
1946 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1947 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1948 i,
1949 src->s6_addr32[0], src->s6_addr32[1],
1950 src->s6_addr32[2], src->s6_addr32[3], srcp,
1951 dest->s6_addr32[0], dest->s6_addr32[1],
1952 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1953 tw->tw_substate, 0, 0,
1954 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1955 atomic_read(&tw->tw_refcnt), tw);
1956 }
1957
1958 static int tcp6_seq_show(struct seq_file *seq, void *v)
1959 {
1960 struct tcp_iter_state *st;
1961
1962 if (v == SEQ_START_TOKEN) {
1963 seq_puts(seq,
1964 " sl "
1965 "local_address "
1966 "remote_address "
1967 "st tx_queue rx_queue tr tm->when retrnsmt"
1968 " uid timeout inode\n");
1969 goto out;
1970 }
1971 st = seq->private;
1972
1973 switch (st->state) {
1974 case TCP_SEQ_STATE_LISTENING:
1975 case TCP_SEQ_STATE_ESTABLISHED:
1976 get_tcp6_sock(seq, v, st->num);
1977 break;
1978 case TCP_SEQ_STATE_OPENREQ:
1979 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
1980 break;
1981 case TCP_SEQ_STATE_TIME_WAIT:
1982 get_timewait6_sock(seq, v, st->num);
1983 break;
1984 }
1985 out:
1986 return 0;
1987 }
1988
1989 static const struct file_operations tcp6_afinfo_seq_fops = {
1990 .owner = THIS_MODULE,
1991 .open = tcp_seq_open,
1992 .read = seq_read,
1993 .llseek = seq_lseek,
1994 .release = seq_release_net
1995 };
1996
1997 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1998 .name = "tcp6",
1999 .family = AF_INET6,
2000 .seq_fops = &tcp6_afinfo_seq_fops,
2001 .seq_ops = {
2002 .show = tcp6_seq_show,
2003 },
2004 };
2005
2006 int __net_init tcp6_proc_init(struct net *net)
2007 {
2008 return tcp_proc_register(net, &tcp6_seq_afinfo);
2009 }
2010
2011 void tcp6_proc_exit(struct net *net)
2012 {
2013 tcp_proc_unregister(net, &tcp6_seq_afinfo);
2014 }
2015 #endif
2016
2017 struct proto tcpv6_prot = {
2018 .name = "TCPv6",
2019 .owner = THIS_MODULE,
2020 .close = tcp_close,
2021 .connect = tcp_v6_connect,
2022 .disconnect = tcp_disconnect,
2023 .accept = inet_csk_accept,
2024 .ioctl = tcp_ioctl,
2025 .init = tcp_v6_init_sock,
2026 .destroy = tcp_v6_destroy_sock,
2027 .shutdown = tcp_shutdown,
2028 .setsockopt = tcp_setsockopt,
2029 .getsockopt = tcp_getsockopt,
2030 .recvmsg = tcp_recvmsg,
2031 .sendmsg = tcp_sendmsg,
2032 .sendpage = tcp_sendpage,
2033 .backlog_rcv = tcp_v6_do_rcv,
2034 .release_cb = tcp_release_cb,
2035 .mtu_reduced = tcp_v6_mtu_reduced,
2036 .hash = tcp_v6_hash,
2037 .unhash = inet_unhash,
2038 .get_port = inet_csk_get_port,
2039 .enter_memory_pressure = tcp_enter_memory_pressure,
2040 .sockets_allocated = &tcp_sockets_allocated,
2041 .memory_allocated = &tcp_memory_allocated,
2042 .memory_pressure = &tcp_memory_pressure,
2043 .orphan_count = &tcp_orphan_count,
2044 .sysctl_wmem = sysctl_tcp_wmem,
2045 .sysctl_rmem = sysctl_tcp_rmem,
2046 .max_header = MAX_TCP_HEADER,
2047 .obj_size = sizeof(struct tcp6_sock),
2048 .slab_flags = SLAB_DESTROY_BY_RCU,
2049 .twsk_prot = &tcp6_timewait_sock_ops,
2050 .rsk_prot = &tcp6_request_sock_ops,
2051 .h.hashinfo = &tcp_hashinfo,
2052 .no_autobind = true,
2053 #ifdef CONFIG_COMPAT
2054 .compat_setsockopt = compat_tcp_setsockopt,
2055 .compat_getsockopt = compat_tcp_getsockopt,
2056 #endif
2057 #ifdef CONFIG_MEMCG_KMEM
2058 .proto_cgroup = tcp_proto_cgroup,
2059 #endif
2060 };
2061
2062 static const struct inet6_protocol tcpv6_protocol = {
2063 .early_demux = tcp_v6_early_demux,
2064 .handler = tcp_v6_rcv,
2065 .err_handler = tcp_v6_err,
2066 .gso_send_check = tcp_v6_gso_send_check,
2067 .gso_segment = tcp_tso_segment,
2068 .gro_receive = tcp6_gro_receive,
2069 .gro_complete = tcp6_gro_complete,
2070 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2071 };
2072
2073 static struct inet_protosw tcpv6_protosw = {
2074 .type = SOCK_STREAM,
2075 .protocol = IPPROTO_TCP,
2076 .prot = &tcpv6_prot,
2077 .ops = &inet6_stream_ops,
2078 .no_check = 0,
2079 .flags = INET_PROTOSW_PERMANENT |
2080 INET_PROTOSW_ICSK,
2081 };
2082
2083 static int __net_init tcpv6_net_init(struct net *net)
2084 {
2085 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2086 SOCK_RAW, IPPROTO_TCP, net);
2087 }
2088
2089 static void __net_exit tcpv6_net_exit(struct net *net)
2090 {
2091 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2092 }
2093
2094 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2095 {
2096 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
2097 }
2098
2099 static struct pernet_operations tcpv6_net_ops = {
2100 .init = tcpv6_net_init,
2101 .exit = tcpv6_net_exit,
2102 .exit_batch = tcpv6_net_exit_batch,
2103 };
2104
2105 int __init tcpv6_init(void)
2106 {
2107 int ret;
2108
2109 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2110 if (ret)
2111 goto out;
2112
2113 /* register inet6 protocol */
2114 ret = inet6_register_protosw(&tcpv6_protosw);
2115 if (ret)
2116 goto out_tcpv6_protocol;
2117
2118 ret = register_pernet_subsys(&tcpv6_net_ops);
2119 if (ret)
2120 goto out_tcpv6_protosw;
2121 out:
2122 return ret;
2123
2124 out_tcpv6_protocol:
2125 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2126 out_tcpv6_protosw:
2127 inet6_unregister_protosw(&tcpv6_protosw);
2128 goto out;
2129 }
2130
2131 void tcpv6_exit(void)
2132 {
2133 unregister_pernet_subsys(&tcpv6_net_ops);
2134 inet6_unregister_protosw(&tcpv6_protosw);
2135 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2136 }
kernel source for telekom puls (alcatel/mediatek)