1 /*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * Based on:
9 * linux/net/ipv4/tcp.c
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
12 *
13 * Fixes:
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
19 *
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
24 */
25
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
34 #include <linux/in.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
42 #include <linux/uaccess.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
46
47 #include <net/tcp.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
51 #include <net/ipv6.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
58 #include <net/xfrm.h>
59 #include <net/snmp.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/inet_common.h>
63 #include <net/secure_seq.h>
64 #include <net/busy_poll.h>
65
66 #include <linux/proc_fs.h>
67 #include <linux/seq_file.h>
68
69 #include <crypto/hash.h>
70 #include <linux/scatterlist.h>
71
72 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
73 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
74 struct request_sock *req);
75
76 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
77
78 static const struct inet_connection_sock_af_ops ipv6_mapped;
79 static const struct inet_connection_sock_af_ops ipv6_specific;
80 #ifdef CONFIG_TCP_MD5SIG
81 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
82 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
83 #else
84 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
85 const struct in6_addr *addr)
86 {
87 return NULL;
88 }
89 #endif
90
91 static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
92 {
93 struct dst_entry *dst = skb_dst(skb);
94
95 if (dst && dst_hold_safe(dst)) {
96 const struct rt6_info *rt = (const struct rt6_info *)dst;
97
98 sk->sk_rx_dst = dst;
99 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
100 inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt);
101 }
102 }
103
104 static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
105 {
106 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
107 ipv6_hdr(skb)->saddr.s6_addr32,
108 tcp_hdr(skb)->dest,
109 tcp_hdr(skb)->source);
110 }
111
112 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
113 int addr_len)
114 {
115 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
116 struct inet_sock *inet = inet_sk(sk);
117 struct inet_connection_sock *icsk = inet_csk(sk);
118 struct ipv6_pinfo *np = inet6_sk(sk);
119 struct tcp_sock *tp = tcp_sk(sk);
120 struct in6_addr *saddr = NULL, *final_p, final;
121 struct ipv6_txoptions *opt;
122 struct flowi6 fl6;
123 struct dst_entry *dst;
124 int addr_type;
125 int err;
126
127 if (addr_len < SIN6_LEN_RFC2133)
128 return -EINVAL;
129
130 if (usin->sin6_family != AF_INET6)
131 return -EAFNOSUPPORT;
132
133 memset(&fl6, 0, sizeof(fl6));
134
135 if (np->sndflow) {
136 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
137 IP6_ECN_flow_init(fl6.flowlabel);
138 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
139 struct ip6_flowlabel *flowlabel;
140 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
141 if (!flowlabel)
142 return -EINVAL;
143 fl6_sock_release(flowlabel);
144 }
145 }
146
147 /*
148 * connect() to INADDR_ANY means loopback (BSD'ism).
149 */
150
151 if (ipv6_addr_any(&usin->sin6_addr))
152 usin->sin6_addr.s6_addr[15] = 0x1;
153
154 addr_type = ipv6_addr_type(&usin->sin6_addr);
155
156 if (addr_type & IPV6_ADDR_MULTICAST)
157 return -ENETUNREACH;
158
159 if (addr_type&IPV6_ADDR_LINKLOCAL) {
160 if (addr_len >= sizeof(struct sockaddr_in6) &&
161 usin->sin6_scope_id) {
162 /* If interface is set while binding, indices
163 * must coincide.
164 */
165 if (sk->sk_bound_dev_if &&
166 sk->sk_bound_dev_if != usin->sin6_scope_id)
167 return -EINVAL;
168
169 sk->sk_bound_dev_if = usin->sin6_scope_id;
170 }
171
172 /* Connect to link-local address requires an interface */
173 if (!sk->sk_bound_dev_if)
174 return -EINVAL;
175 }
176
177 if (tp->rx_opt.ts_recent_stamp &&
178 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
179 tp->rx_opt.ts_recent = 0;
180 tp->rx_opt.ts_recent_stamp = 0;
181 tp->write_seq = 0;
182 }
183
184 sk->sk_v6_daddr = usin->sin6_addr;
185 np->flow_label = fl6.flowlabel;
186
187 /*
188 * TCP over IPv4
189 */
190
191 if (addr_type == IPV6_ADDR_MAPPED) {
192 u32 exthdrlen = icsk->icsk_ext_hdr_len;
193 struct sockaddr_in sin;
194
195 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
196
197 if (__ipv6_only_sock(sk))
198 return -ENETUNREACH;
199
200 sin.sin_family = AF_INET;
201 sin.sin_port = usin->sin6_port;
202 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
203
204 icsk->icsk_af_ops = &ipv6_mapped;
205 sk->sk_backlog_rcv = tcp_v4_do_rcv;
206 #ifdef CONFIG_TCP_MD5SIG
207 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
208 #endif
209
210 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
211
212 if (err) {
213 icsk->icsk_ext_hdr_len = exthdrlen;
214 icsk->icsk_af_ops = &ipv6_specific;
215 sk->sk_backlog_rcv = tcp_v6_do_rcv;
216 #ifdef CONFIG_TCP_MD5SIG
217 tp->af_specific = &tcp_sock_ipv6_specific;
218 #endif
219 goto failure;
220 }
221 np->saddr = sk->sk_v6_rcv_saddr;
222
223 return err;
224 }
225
226 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
227 saddr = &sk->sk_v6_rcv_saddr;
228
229 fl6.flowi6_proto = IPPROTO_TCP;
230 fl6.daddr = sk->sk_v6_daddr;
231 fl6.saddr = saddr ? *saddr : np->saddr;
232 fl6.flowi6_oif = sk->sk_bound_dev_if;
233 fl6.flowi6_mark = sk->sk_mark;
234 fl6.fl6_dport = usin->sin6_port;
235 fl6.fl6_sport = inet->inet_sport;
236
237 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
238 final_p = fl6_update_dst(&fl6, opt, &final);
239
240 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
241
242 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
243 if (IS_ERR(dst)) {
244 err = PTR_ERR(dst);
245 goto failure;
246 }
247
248 if (!saddr) {
249 saddr = &fl6.saddr;
250 sk->sk_v6_rcv_saddr = *saddr;
251 }
252
253 /* set the source address */
254 np->saddr = *saddr;
255 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
256
257 sk->sk_gso_type = SKB_GSO_TCPV6;
258 ip6_dst_store(sk, dst, NULL, NULL);
259
260 if (tcp_death_row.sysctl_tw_recycle &&
261 !tp->rx_opt.ts_recent_stamp &&
262 ipv6_addr_equal(&fl6.daddr, &sk->sk_v6_daddr))
263 tcp_fetch_timewait_stamp(sk, dst);
264
265 icsk->icsk_ext_hdr_len = 0;
266 if (opt)
267 icsk->icsk_ext_hdr_len = opt->opt_flen +
268 opt->opt_nflen;
269
270 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
271
272 inet->inet_dport = usin->sin6_port;
273
274 tcp_set_state(sk, TCP_SYN_SENT);
275 err = inet6_hash_connect(&tcp_death_row, sk);
276 if (err)
277 goto late_failure;
278
279 sk_set_txhash(sk);
280
281 if (!tp->write_seq && likely(!tp->repair))
282 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
283 sk->sk_v6_daddr.s6_addr32,
284 inet->inet_sport,
285 inet->inet_dport);
286
287 err = tcp_connect(sk);
288 if (err)
289 goto late_failure;
290
291 return 0;
292
293 late_failure:
294 tcp_set_state(sk, TCP_CLOSE);
295 __sk_dst_reset(sk);
296 failure:
297 inet->inet_dport = 0;
298 sk->sk_route_caps = 0;
299 return err;
300 }
301
302 static void tcp_v6_mtu_reduced(struct sock *sk)
303 {
304 struct dst_entry *dst;
305
306 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
307 return;
308
309 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
310 if (!dst)
311 return;
312
313 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
314 tcp_sync_mss(sk, dst_mtu(dst));
315 tcp_simple_retransmit(sk);
316 }
317 }
318
319 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
320 u8 type, u8 code, int offset, __be32 info)
321 {
322 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
323 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
324 struct net *net = dev_net(skb->dev);
325 struct request_sock *fastopen;
326 struct ipv6_pinfo *np;
327 struct tcp_sock *tp;
328 __u32 seq, snd_una;
329 struct sock *sk;
330 bool fatal;
331 int err;
332
333 sk = __inet6_lookup_established(net, &tcp_hashinfo,
334 &hdr->daddr, th->dest,
335 &hdr->saddr, ntohs(th->source),
336 skb->dev->ifindex);
337
338 if (!sk) {
339 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
340 ICMP6_MIB_INERRORS);
341 return;
342 }
343
344 if (sk->sk_state == TCP_TIME_WAIT) {
345 inet_twsk_put(inet_twsk(sk));
346 return;
347 }
348 seq = ntohl(th->seq);
349 fatal = icmpv6_err_convert(type, code, &err);
350 if (sk->sk_state == TCP_NEW_SYN_RECV)
351 return tcp_req_err(sk, seq, fatal);
352
353 bh_lock_sock(sk);
354 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
355 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
356
357 if (sk->sk_state == TCP_CLOSE)
358 goto out;
359
360 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
361 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
362 goto out;
363 }
364
365 tp = tcp_sk(sk);
366 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
367 fastopen = tp->fastopen_rsk;
368 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
369 if (sk->sk_state != TCP_LISTEN &&
370 !between(seq, snd_una, tp->snd_nxt)) {
371 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
372 goto out;
373 }
374
375 np = inet6_sk(sk);
376
377 if (type == NDISC_REDIRECT) {
378 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
379
380 if (dst)
381 dst->ops->redirect(dst, sk, skb);
382 goto out;
383 }
384
385 if (type == ICMPV6_PKT_TOOBIG) {
386 /* We are not interested in TCP_LISTEN and open_requests
387 * (SYN-ACKs send out by Linux are always <576bytes so
388 * they should go through unfragmented).
389 */
390 if (sk->sk_state == TCP_LISTEN)
391 goto out;
392
393 if (!ip6_sk_accept_pmtu(sk))
394 goto out;
395
396 tp->mtu_info = ntohl(info);
397 if (!sock_owned_by_user(sk))
398 tcp_v6_mtu_reduced(sk);
399 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
400 &tp->tsq_flags))
401 sock_hold(sk);
402 goto out;
403 }
404
405
406 /* Might be for an request_sock */
407 switch (sk->sk_state) {
408 case TCP_SYN_SENT:
409 case TCP_SYN_RECV:
410 /* Only in fast or simultaneous open. If a fast open socket is
411 * is already accepted it is treated as a connected one below.
412 */
413 if (fastopen && !fastopen->sk)
414 break;
415
416 if (!sock_owned_by_user(sk)) {
417 sk->sk_err = err;
418 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
419
420 tcp_done(sk);
421 } else
422 sk->sk_err_soft = err;
423 goto out;
424 }
425
426 if (!sock_owned_by_user(sk) && np->recverr) {
427 sk->sk_err = err;
428 sk->sk_error_report(sk);
429 } else
430 sk->sk_err_soft = err;
431
432 out:
433 bh_unlock_sock(sk);
434 sock_put(sk);
435 }
436
437
438 static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
439 struct flowi *fl,
440 struct request_sock *req,
441 struct tcp_fastopen_cookie *foc,
442 enum tcp_synack_type synack_type)
443 {
444 struct inet_request_sock *ireq = inet_rsk(req);
445 struct ipv6_pinfo *np = inet6_sk(sk);
446 struct ipv6_txoptions *opt;
447 struct flowi6 *fl6 = &fl->u.ip6;
448 struct sk_buff *skb;
449 int err = -ENOMEM;
450
451 /* First, grab a route. */
452 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
453 IPPROTO_TCP)) == NULL)
454 goto done;
455
456 skb = tcp_make_synack(sk, dst, req, foc, synack_type);
457
458 if (skb) {
459 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
460 &ireq->ir_v6_rmt_addr);
461
462 fl6->daddr = ireq->ir_v6_rmt_addr;
463 if (np->repflow && ireq->pktopts)
464 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
465
466 rcu_read_lock();
467 opt = ireq->ipv6_opt;
468 if (!opt)
469 opt = rcu_dereference(np->opt);
470 err = ip6_xmit(sk, skb, fl6, opt, np->tclass);
471 rcu_read_unlock();
472 err = net_xmit_eval(err);
473 }
474
475 done:
476 return err;
477 }
478
479
480 static void tcp_v6_reqsk_destructor(struct request_sock *req)
481 {
482 kfree(inet_rsk(req)->ipv6_opt);
483 kfree_skb(inet_rsk(req)->pktopts);
484 }
485
486 #ifdef CONFIG_TCP_MD5SIG
487 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
488 const struct in6_addr *addr)
489 {
490 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
491 }
492
493 static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
494 const struct sock *addr_sk)
495 {
496 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
497 }
498
499 static int tcp_v6_parse_md5_keys(struct sock *sk, char __user *optval,
500 int optlen)
501 {
502 struct tcp_md5sig cmd;
503 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
504
505 if (optlen < sizeof(cmd))
506 return -EINVAL;
507
508 if (copy_from_user(&cmd, optval, sizeof(cmd)))
509 return -EFAULT;
510
511 if (sin6->sin6_family != AF_INET6)
512 return -EINVAL;
513
514 if (!cmd.tcpm_keylen) {
515 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
516 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
517 AF_INET);
518 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
519 AF_INET6);
520 }
521
522 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
523 return -EINVAL;
524
525 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
526 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
527 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
528
529 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
530 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
531 }
532
533 static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp,
534 const struct in6_addr *daddr,
535 const struct in6_addr *saddr,
536 const struct tcphdr *th, int nbytes)
537 {
538 struct tcp6_pseudohdr *bp;
539 struct scatterlist sg;
540 struct tcphdr *_th;
541
542 bp = hp->scratch;
543 /* 1. TCP pseudo-header (RFC2460) */
544 bp->saddr = *saddr;
545 bp->daddr = *daddr;
546 bp->protocol = cpu_to_be32(IPPROTO_TCP);
547 bp->len = cpu_to_be32(nbytes);
548
549 _th = (struct tcphdr *)(bp + 1);
550 memcpy(_th, th, sizeof(*th));
551 _th->check = 0;
552
553 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
554 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
555 sizeof(*bp) + sizeof(*th));
556 return crypto_ahash_update(hp->md5_req);
557 }
558
559 static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
560 const struct in6_addr *daddr, struct in6_addr *saddr,
561 const struct tcphdr *th)
562 {
563 struct tcp_md5sig_pool *hp;
564 struct ahash_request *req;
565
566 hp = tcp_get_md5sig_pool();
567 if (!hp)
568 goto clear_hash_noput;
569 req = hp->md5_req;
570
571 if (crypto_ahash_init(req))
572 goto clear_hash;
573 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
574 goto clear_hash;
575 if (tcp_md5_hash_key(hp, key))
576 goto clear_hash;
577 ahash_request_set_crypt(req, NULL, md5_hash, 0);
578 if (crypto_ahash_final(req))
579 goto clear_hash;
580
581 tcp_put_md5sig_pool();
582 return 0;
583
584 clear_hash:
585 tcp_put_md5sig_pool();
586 clear_hash_noput:
587 memset(md5_hash, 0, 16);
588 return 1;
589 }
590
591 static int tcp_v6_md5_hash_skb(char *md5_hash,
592 const struct tcp_md5sig_key *key,
593 const struct sock *sk,
594 const struct sk_buff *skb)
595 {
596 const struct in6_addr *saddr, *daddr;
597 struct tcp_md5sig_pool *hp;
598 struct ahash_request *req;
599 const struct tcphdr *th = tcp_hdr(skb);
600
601 if (sk) { /* valid for establish/request sockets */
602 saddr = &sk->sk_v6_rcv_saddr;
603 daddr = &sk->sk_v6_daddr;
604 } else {
605 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
606 saddr = &ip6h->saddr;
607 daddr = &ip6h->daddr;
608 }
609
610 hp = tcp_get_md5sig_pool();
611 if (!hp)
612 goto clear_hash_noput;
613 req = hp->md5_req;
614
615 if (crypto_ahash_init(req))
616 goto clear_hash;
617
618 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len))
619 goto clear_hash;
620 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
621 goto clear_hash;
622 if (tcp_md5_hash_key(hp, key))
623 goto clear_hash;
624 ahash_request_set_crypt(req, NULL, md5_hash, 0);
625 if (crypto_ahash_final(req))
626 goto clear_hash;
627
628 tcp_put_md5sig_pool();
629 return 0;
630
631 clear_hash:
632 tcp_put_md5sig_pool();
633 clear_hash_noput:
634 memset(md5_hash, 0, 16);
635 return 1;
636 }
637
638 #endif
639
640 static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
641 const struct sk_buff *skb)
642 {
643 #ifdef CONFIG_TCP_MD5SIG
644 const __u8 *hash_location = NULL;
645 struct tcp_md5sig_key *hash_expected;
646 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
647 const struct tcphdr *th = tcp_hdr(skb);
648 int genhash;
649 u8 newhash[16];
650
651 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
652 hash_location = tcp_parse_md5sig_option(th);
653
654 /* We've parsed the options - do we have a hash? */
655 if (!hash_expected && !hash_location)
656 return false;
657
658 if (hash_expected && !hash_location) {
659 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
660 return true;
661 }
662
663 if (!hash_expected && hash_location) {
664 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
665 return true;
666 }
667
668 /* check the signature */
669 genhash = tcp_v6_md5_hash_skb(newhash,
670 hash_expected,
671 NULL, skb);
672
673 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
674 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
675 genhash ? "failed" : "mismatch",
676 &ip6h->saddr, ntohs(th->source),
677 &ip6h->daddr, ntohs(th->dest));
678 return true;
679 }
680 #endif
681 return false;
682 }
683
684 static void tcp_v6_init_req(struct request_sock *req,
685 const struct sock *sk_listener,
686 struct sk_buff *skb)
687 {
688 struct inet_request_sock *ireq = inet_rsk(req);
689 const struct ipv6_pinfo *np = inet6_sk(sk_listener);
690
691 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
692 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
693
694 /* So that link locals have meaning */
695 if (!sk_listener->sk_bound_dev_if &&
696 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
697 ireq->ir_iif = tcp_v6_iif(skb);
698
699 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
700 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
701 np->rxopt.bits.rxinfo ||
702 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
703 np->rxopt.bits.rxohlim || np->repflow)) {
704 atomic_inc(&skb->users);
705 ireq->pktopts = skb;
706 }
707 }
708
709 static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
710 struct flowi *fl,
711 const struct request_sock *req,
712 bool *strict)
713 {
714 if (strict)
715 *strict = true;
716 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
717 }
718
719 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
720 .family = AF_INET6,
721 .obj_size = sizeof(struct tcp6_request_sock),
722 .rtx_syn_ack = tcp_rtx_synack,
723 .send_ack = tcp_v6_reqsk_send_ack,
724 .destructor = tcp_v6_reqsk_destructor,
725 .send_reset = tcp_v6_send_reset,
726 .syn_ack_timeout = tcp_syn_ack_timeout,
727 };
728
729 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
730 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
731 sizeof(struct ipv6hdr),
732 #ifdef CONFIG_TCP_MD5SIG
733 .req_md5_lookup = tcp_v6_md5_lookup,
734 .calc_md5_hash = tcp_v6_md5_hash_skb,
735 #endif
736 .init_req = tcp_v6_init_req,
737 #ifdef CONFIG_SYN_COOKIES
738 .cookie_init_seq = cookie_v6_init_sequence,
739 #endif
740 .route_req = tcp_v6_route_req,
741 .init_seq = tcp_v6_init_sequence,
742 .send_synack = tcp_v6_send_synack,
743 };
744
745 static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
746 u32 ack, u32 win, u32 tsval, u32 tsecr,
747 int oif, struct tcp_md5sig_key *key, int rst,
748 u8 tclass, __be32 label)
749 {
750 const struct tcphdr *th = tcp_hdr(skb);
751 struct tcphdr *t1;
752 struct sk_buff *buff;
753 struct flowi6 fl6;
754 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
755 struct sock *ctl_sk = net->ipv6.tcp_sk;
756 unsigned int tot_len = sizeof(struct tcphdr);
757 struct dst_entry *dst;
758 __be32 *topt;
759
760 if (tsecr)
761 tot_len += TCPOLEN_TSTAMP_ALIGNED;
762 #ifdef CONFIG_TCP_MD5SIG
763 if (key)
764 tot_len += TCPOLEN_MD5SIG_ALIGNED;
765 #endif
766
767 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
768 GFP_ATOMIC);
769 if (!buff)
770 return;
771
772 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
773
774 t1 = (struct tcphdr *) skb_push(buff, tot_len);
775 skb_reset_transport_header(buff);
776
777 /* Swap the send and the receive. */
778 memset(t1, 0, sizeof(*t1));
779 t1->dest = th->source;
780 t1->source = th->dest;
781 t1->doff = tot_len / 4;
782 t1->seq = htonl(seq);
783 t1->ack_seq = htonl(ack);
784 t1->ack = !rst || !th->ack;
785 t1->rst = rst;
786 t1->window = htons(win);
787
788 topt = (__be32 *)(t1 + 1);
789
790 if (tsecr) {
791 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
792 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
793 *topt++ = htonl(tsval);
794 *topt++ = htonl(tsecr);
795 }
796
797 #ifdef CONFIG_TCP_MD5SIG
798 if (key) {
799 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
800 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
801 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
802 &ipv6_hdr(skb)->saddr,
803 &ipv6_hdr(skb)->daddr, t1);
804 }
805 #endif
806
807 memset(&fl6, 0, sizeof(fl6));
808 fl6.daddr = ipv6_hdr(skb)->saddr;
809 fl6.saddr = ipv6_hdr(skb)->daddr;
810 fl6.flowlabel = label;
811
812 buff->ip_summed = CHECKSUM_PARTIAL;
813 buff->csum = 0;
814
815 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
816
817 fl6.flowi6_proto = IPPROTO_TCP;
818 if (rt6_need_strict(&fl6.daddr) && !oif)
819 fl6.flowi6_oif = tcp_v6_iif(skb);
820 else {
821 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
822 oif = skb->skb_iif;
823
824 fl6.flowi6_oif = oif;
825 }
826
827 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark);
828 fl6.fl6_dport = t1->dest;
829 fl6.fl6_sport = t1->source;
830 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
831
832 /* Pass a socket to ip6_dst_lookup either it is for RST
833 * Underlying function will use this to retrieve the network
834 * namespace
835 */
836 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
837 if (!IS_ERR(dst)) {
838 skb_dst_set(buff, dst);
839 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
840 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
841 if (rst)
842 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
843 return;
844 }
845
846 kfree_skb(buff);
847 }
848
849 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
850 {
851 const struct tcphdr *th = tcp_hdr(skb);
852 u32 seq = 0, ack_seq = 0;
853 struct tcp_md5sig_key *key = NULL;
854 #ifdef CONFIG_TCP_MD5SIG
855 const __u8 *hash_location = NULL;
856 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
857 unsigned char newhash[16];
858 int genhash;
859 struct sock *sk1 = NULL;
860 #endif
861 int oif;
862
863 if (th->rst)
864 return;
865
866 /* If sk not NULL, it means we did a successful lookup and incoming
867 * route had to be correct. prequeue might have dropped our dst.
868 */
869 if (!sk && !ipv6_unicast_destination(skb))
870 return;
871
872 #ifdef CONFIG_TCP_MD5SIG
873 rcu_read_lock();
874 hash_location = tcp_parse_md5sig_option(th);
875 if (sk && sk_fullsock(sk)) {
876 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr);
877 } else if (hash_location) {
878 /*
879 * active side is lost. Try to find listening socket through
880 * source port, and then find md5 key through listening socket.
881 * we are not loose security here:
882 * Incoming packet is checked with md5 hash with finding key,
883 * no RST generated if md5 hash doesn't match.
884 */
885 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
886 &tcp_hashinfo, NULL, 0,
887 &ipv6h->saddr,
888 th->source, &ipv6h->daddr,
889 ntohs(th->source), tcp_v6_iif(skb));
890 if (!sk1)
891 goto out;
892
893 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
894 if (!key)
895 goto out;
896
897 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
898 if (genhash || memcmp(hash_location, newhash, 16) != 0)
899 goto out;
900 }
901 #endif
902
903 if (th->ack)
904 seq = ntohl(th->ack_seq);
905 else
906 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
907 (th->doff << 2);
908
909 oif = sk ? sk->sk_bound_dev_if : 0;
910 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0);
911
912 #ifdef CONFIG_TCP_MD5SIG
913 out:
914 rcu_read_unlock();
915 #endif
916 }
917
918 static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
919 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
920 struct tcp_md5sig_key *key, u8 tclass,
921 __be32 label)
922 {
923 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
924 tclass, label);
925 }
926
927 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
928 {
929 struct inet_timewait_sock *tw = inet_twsk(sk);
930 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
931
932 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
933 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
934 tcp_time_stamp + tcptw->tw_ts_offset,
935 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
936 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel));
937
938 inet_twsk_put(tw);
939 }
940
941 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
942 struct request_sock *req)
943 {
944 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
945 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
946 */
947 /* RFC 7323 2.3
948 * The window field (SEG.WND) of every outgoing segment, with the
949 * exception of <SYN> segments, MUST be right-shifted by
950 * Rcv.Wind.Shift bits:
951 */
952 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
953 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
954 tcp_rsk(req)->rcv_nxt,
955 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
956 tcp_time_stamp, req->ts_recent, sk->sk_bound_dev_if,
957 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr),
958 0, 0);
959 }
960
961
962 static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
963 {
964 #ifdef CONFIG_SYN_COOKIES
965 const struct tcphdr *th = tcp_hdr(skb);
966
967 if (!th->syn)
968 sk = cookie_v6_check(sk, skb);
969 #endif
970 return sk;
971 }
972
973 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
974 {
975 if (skb->protocol == htons(ETH_P_IP))
976 return tcp_v4_conn_request(sk, skb);
977
978 if (!ipv6_unicast_destination(skb))
979 goto drop;
980
981 return tcp_conn_request(&tcp6_request_sock_ops,
982 &tcp_request_sock_ipv6_ops, sk, skb);
983
984 drop:
985 tcp_listendrop(sk);
986 return 0; /* don't send reset */
987 }
988
989 static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
990 struct request_sock *req,
991 struct dst_entry *dst,
992 struct request_sock *req_unhash,
993 bool *own_req)
994 {
995 struct inet_request_sock *ireq;
996 struct ipv6_pinfo *newnp;
997 const struct ipv6_pinfo *np = inet6_sk(sk);
998 struct ipv6_txoptions *opt;
999 struct tcp6_sock *newtcp6sk;
1000 struct inet_sock *newinet;
1001 struct tcp_sock *newtp;
1002 struct sock *newsk;
1003 #ifdef CONFIG_TCP_MD5SIG
1004 struct tcp_md5sig_key *key;
1005 #endif
1006 struct flowi6 fl6;
1007
1008 if (skb->protocol == htons(ETH_P_IP)) {
1009 /*
1010 * v6 mapped
1011 */
1012
1013 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1014 req_unhash, own_req);
1015
1016 if (!newsk)
1017 return NULL;
1018
1019 newtcp6sk = (struct tcp6_sock *)newsk;
1020 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1021
1022 newinet = inet_sk(newsk);
1023 newnp = inet6_sk(newsk);
1024 newtp = tcp_sk(newsk);
1025
1026 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1027
1028 newnp->saddr = newsk->sk_v6_rcv_saddr;
1029
1030 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1031 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1032 #ifdef CONFIG_TCP_MD5SIG
1033 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1034 #endif
1035
1036 newnp->ipv6_ac_list = NULL;
1037 newnp->ipv6_fl_list = NULL;
1038 newnp->pktoptions = NULL;
1039 newnp->opt = NULL;
1040 newnp->mcast_oif = tcp_v6_iif(skb);
1041 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1042 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1043 if (np->repflow)
1044 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1045
1046 /*
1047 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1048 * here, tcp_create_openreq_child now does this for us, see the comment in
1049 * that function for the gory details. -acme
1050 */
1051
1052 /* It is tricky place. Until this moment IPv4 tcp
1053 worked with IPv6 icsk.icsk_af_ops.
1054 Sync it now.
1055 */
1056 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1057
1058 return newsk;
1059 }
1060
1061 ireq = inet_rsk(req);
1062
1063 if (sk_acceptq_is_full(sk))
1064 goto out_overflow;
1065
1066 if (!dst) {
1067 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
1068 if (!dst)
1069 goto out;
1070 }
1071
1072 newsk = tcp_create_openreq_child(sk, req, skb);
1073 if (!newsk)
1074 goto out_nonewsk;
1075
1076 /*
1077 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1078 * count here, tcp_create_openreq_child now does this for us, see the
1079 * comment in that function for the gory details. -acme
1080 */
1081
1082 newsk->sk_gso_type = SKB_GSO_TCPV6;
1083 ip6_dst_store(newsk, dst, NULL, NULL);
1084 inet6_sk_rx_dst_set(newsk, skb);
1085
1086 newtcp6sk = (struct tcp6_sock *)newsk;
1087 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1088
1089 newtp = tcp_sk(newsk);
1090 newinet = inet_sk(newsk);
1091 newnp = inet6_sk(newsk);
1092
1093 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1094
1095 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1096 newnp->saddr = ireq->ir_v6_loc_addr;
1097 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1098 newsk->sk_bound_dev_if = ireq->ir_iif;
1099
1100 /* Now IPv6 options...
1101
1102 First: no IPv4 options.
1103 */
1104 newinet->inet_opt = NULL;
1105 newnp->ipv6_ac_list = NULL;
1106 newnp->ipv6_fl_list = NULL;
1107
1108 /* Clone RX bits */
1109 newnp->rxopt.all = np->rxopt.all;
1110
1111 newnp->pktoptions = NULL;
1112 newnp->opt = NULL;
1113 newnp->mcast_oif = tcp_v6_iif(skb);
1114 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1115 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1116 if (np->repflow)
1117 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1118
1119 /* Clone native IPv6 options from listening socket (if any)
1120
1121 Yes, keeping reference count would be much more clever,
1122 but we make one more one thing there: reattach optmem
1123 to newsk.
1124 */
1125 opt = ireq->ipv6_opt;
1126 if (!opt)
1127 opt = rcu_dereference(np->opt);
1128 if (opt) {
1129 opt = ipv6_dup_options(newsk, opt);
1130 RCU_INIT_POINTER(newnp->opt, opt);
1131 }
1132 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1133 if (opt)
1134 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1135 opt->opt_flen;
1136
1137 tcp_ca_openreq_child(newsk, dst);
1138
1139 tcp_sync_mss(newsk, dst_mtu(dst));
1140 newtp->advmss = dst_metric_advmss(dst);
1141 if (tcp_sk(sk)->rx_opt.user_mss &&
1142 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1143 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1144
1145 tcp_initialize_rcv_mss(newsk);
1146
1147 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1148 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1149
1150 #ifdef CONFIG_TCP_MD5SIG
1151 /* Copy over the MD5 key from the original socket */
1152 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
1153 if (key) {
1154 /* We're using one, so create a matching key
1155 * on the newsk structure. If we fail to get
1156 * memory, then we end up not copying the key
1157 * across. Shucks.
1158 */
1159 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
1160 AF_INET6, key->key, key->keylen,
1161 sk_gfp_mask(sk, GFP_ATOMIC));
1162 }
1163 #endif
1164
1165 if (__inet_inherit_port(sk, newsk) < 0) {
1166 inet_csk_prepare_forced_close(newsk);
1167 tcp_done(newsk);
1168 goto out;
1169 }
1170 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
1171 if (*own_req) {
1172 tcp_move_syn(newtp, req);
1173
1174 /* Clone pktoptions received with SYN, if we own the req */
1175 if (ireq->pktopts) {
1176 newnp->pktoptions = skb_clone(ireq->pktopts,
1177 sk_gfp_mask(sk, GFP_ATOMIC));
1178 consume_skb(ireq->pktopts);
1179 ireq->pktopts = NULL;
1180 if (newnp->pktoptions)
1181 skb_set_owner_r(newnp->pktoptions, newsk);
1182 }
1183 }
1184
1185 return newsk;
1186
1187 out_overflow:
1188 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1189 out_nonewsk:
1190 dst_release(dst);
1191 out:
1192 tcp_listendrop(sk);
1193 return NULL;
1194 }
1195
1196 static void tcp_v6_restore_cb(struct sk_buff *skb)
1197 {
1198 /* We need to move header back to the beginning if xfrm6_policy_check()
1199 * and tcp_v6_fill_cb() are going to be called again.
1200 * ip6_datagram_recv_specific_ctl() also expects IP6CB to be there.
1201 */
1202 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1203 sizeof(struct inet6_skb_parm));
1204 }
1205
1206 /* The socket must have it's spinlock held when we get
1207 * here, unless it is a TCP_LISTEN socket.
1208 *
1209 * We have a potential double-lock case here, so even when
1210 * doing backlog processing we use the BH locking scheme.
1211 * This is because we cannot sleep with the original spinlock
1212 * held.
1213 */
1214 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1215 {
1216 struct ipv6_pinfo *np = inet6_sk(sk);
1217 struct tcp_sock *tp;
1218 struct sk_buff *opt_skb = NULL;
1219
1220 /* Imagine: socket is IPv6. IPv4 packet arrives,
1221 goes to IPv4 receive handler and backlogged.
1222 From backlog it always goes here. Kerboom...
1223 Fortunately, tcp_rcv_established and rcv_established
1224 handle them correctly, but it is not case with
1225 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1226 */
1227
1228 if (skb->protocol == htons(ETH_P_IP))
1229 return tcp_v4_do_rcv(sk, skb);
1230
1231 if (tcp_filter(sk, skb))
1232 goto discard;
1233
1234 /*
1235 * socket locking is here for SMP purposes as backlog rcv
1236 * is currently called with bh processing disabled.
1237 */
1238
1239 /* Do Stevens' IPV6_PKTOPTIONS.
1240
1241 Yes, guys, it is the only place in our code, where we
1242 may make it not affecting IPv4.
1243 The rest of code is protocol independent,
1244 and I do not like idea to uglify IPv4.
1245
1246 Actually, all the idea behind IPV6_PKTOPTIONS
1247 looks not very well thought. For now we latch
1248 options, received in the last packet, enqueued
1249 by tcp. Feel free to propose better solution.
1250 --ANK (980728)
1251 */
1252 if (np->rxopt.all)
1253 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC));
1254
1255 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1256 struct dst_entry *dst = sk->sk_rx_dst;
1257
1258 sock_rps_save_rxhash(sk, skb);
1259 sk_mark_napi_id(sk, skb);
1260 if (dst) {
1261 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1262 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1263 dst_release(dst);
1264 sk->sk_rx_dst = NULL;
1265 }
1266 }
1267
1268 tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len);
1269 if (opt_skb)
1270 goto ipv6_pktoptions;
1271 return 0;
1272 }
1273
1274 if (tcp_checksum_complete(skb))
1275 goto csum_err;
1276
1277 if (sk->sk_state == TCP_LISTEN) {
1278 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1279
1280 if (!nsk)
1281 goto discard;
1282
1283 if (nsk != sk) {
1284 sock_rps_save_rxhash(nsk, skb);
1285 sk_mark_napi_id(nsk, skb);
1286 if (tcp_child_process(sk, nsk, skb))
1287 goto reset;
1288 if (opt_skb)
1289 __kfree_skb(opt_skb);
1290 return 0;
1291 }
1292 } else
1293 sock_rps_save_rxhash(sk, skb);
1294
1295 if (tcp_rcv_state_process(sk, skb))
1296 goto reset;
1297 if (opt_skb)
1298 goto ipv6_pktoptions;
1299 return 0;
1300
1301 reset:
1302 tcp_v6_send_reset(sk, skb);
1303 discard:
1304 if (opt_skb)
1305 __kfree_skb(opt_skb);
1306 kfree_skb(skb);
1307 return 0;
1308 csum_err:
1309 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1310 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1311 goto discard;
1312
1313
1314 ipv6_pktoptions:
1315 /* Do you ask, what is it?
1316
1317 1. skb was enqueued by tcp.
1318 2. skb is added to tail of read queue, rather than out of order.
1319 3. socket is not in passive state.
1320 4. Finally, it really contains options, which user wants to receive.
1321 */
1322 tp = tcp_sk(sk);
1323 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1324 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1325 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1326 np->mcast_oif = tcp_v6_iif(opt_skb);
1327 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1328 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1329 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1330 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
1331 if (np->repflow)
1332 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
1333 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1334 skb_set_owner_r(opt_skb, sk);
1335 tcp_v6_restore_cb(opt_skb);
1336 opt_skb = xchg(&np->pktoptions, opt_skb);
1337 } else {
1338 __kfree_skb(opt_skb);
1339 opt_skb = xchg(&np->pktoptions, NULL);
1340 }
1341 }
1342
1343 kfree_skb(opt_skb);
1344 return 0;
1345 }
1346
1347 static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1348 const struct tcphdr *th)
1349 {
1350 /* This is tricky: we move IP6CB at its correct location into
1351 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1352 * _decode_session6() uses IP6CB().
1353 * barrier() makes sure compiler won't play aliasing games.
1354 */
1355 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1356 sizeof(struct inet6_skb_parm));
1357 barrier();
1358
1359 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1360 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1361 skb->len - th->doff*4);
1362 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1363 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1364 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1365 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1366 TCP_SKB_CB(skb)->sacked = 0;
1367 }
1368
1369 static int tcp_v6_rcv(struct sk_buff *skb)
1370 {
1371 const struct tcphdr *th;
1372 const struct ipv6hdr *hdr;
1373 bool refcounted;
1374 struct sock *sk;
1375 int ret;
1376 struct net *net = dev_net(skb->dev);
1377
1378 if (skb->pkt_type != PACKET_HOST)
1379 goto discard_it;
1380
1381 /*
1382 * Count it even if it's bad.
1383 */
1384 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1385
1386 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1387 goto discard_it;
1388
1389 th = (const struct tcphdr *)skb->data;
1390
1391 if (unlikely(th->doff < sizeof(struct tcphdr)/4))
1392 goto bad_packet;
1393 if (!pskb_may_pull(skb, th->doff*4))
1394 goto discard_it;
1395
1396 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
1397 goto csum_error;
1398
1399 th = (const struct tcphdr *)skb->data;
1400 hdr = ipv6_hdr(skb);
1401
1402 lookup:
1403 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th),
1404 th->source, th->dest, inet6_iif(skb),
1405 &refcounted);
1406 if (!sk)
1407 goto no_tcp_socket;
1408
1409 process:
1410 if (sk->sk_state == TCP_TIME_WAIT)
1411 goto do_time_wait;
1412
1413 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1414 struct request_sock *req = inet_reqsk(sk);
1415 struct sock *nsk;
1416
1417 sk = req->rsk_listener;
1418 tcp_v6_fill_cb(skb, hdr, th);
1419 if (tcp_v6_inbound_md5_hash(sk, skb)) {
1420 reqsk_put(req);
1421 goto discard_it;
1422 }
1423 if (unlikely(sk->sk_state != TCP_LISTEN)) {
1424 inet_csk_reqsk_queue_drop_and_put(sk, req);
1425 goto lookup;
1426 }
1427 sock_hold(sk);
1428 refcounted = true;
1429 nsk = tcp_check_req(sk, skb, req, false);
1430 if (!nsk) {
1431 reqsk_put(req);
1432 goto discard_and_relse;
1433 }
1434 if (nsk == sk) {
1435 reqsk_put(req);
1436 tcp_v6_restore_cb(skb);
1437 } else if (tcp_child_process(sk, nsk, skb)) {
1438 tcp_v6_send_reset(nsk, skb);
1439 goto discard_and_relse;
1440 } else {
1441 sock_put(sk);
1442 return 0;
1443 }
1444 }
1445 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1446 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
1447 goto discard_and_relse;
1448 }
1449
1450 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1451 goto discard_and_relse;
1452
1453 tcp_v6_fill_cb(skb, hdr, th);
1454
1455 if (tcp_v6_inbound_md5_hash(sk, skb))
1456 goto discard_and_relse;
1457
1458 if (tcp_filter(sk, skb))
1459 goto discard_and_relse;
1460 th = (const struct tcphdr *)skb->data;
1461 hdr = ipv6_hdr(skb);
1462
1463 skb->dev = NULL;
1464
1465 if (sk->sk_state == TCP_LISTEN) {
1466 ret = tcp_v6_do_rcv(sk, skb);
1467 goto put_and_return;
1468 }
1469
1470 sk_incoming_cpu_update(sk);
1471
1472 bh_lock_sock_nested(sk);
1473 tcp_segs_in(tcp_sk(sk), skb);
1474 ret = 0;
1475 if (!sock_owned_by_user(sk)) {
1476 if (!tcp_prequeue(sk, skb))
1477 ret = tcp_v6_do_rcv(sk, skb);
1478 } else if (unlikely(sk_add_backlog(sk, skb,
1479 sk->sk_rcvbuf + sk->sk_sndbuf))) {
1480 bh_unlock_sock(sk);
1481 __NET_INC_STATS(net, LINUX_MIB_TCPBACKLOGDROP);
1482 goto discard_and_relse;
1483 }
1484 bh_unlock_sock(sk);
1485
1486 put_and_return:
1487 if (refcounted)
1488 sock_put(sk);
1489 return ret ? -1 : 0;
1490
1491 no_tcp_socket:
1492 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1493 goto discard_it;
1494
1495 tcp_v6_fill_cb(skb, hdr, th);
1496
1497 if (tcp_checksum_complete(skb)) {
1498 csum_error:
1499 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1500 bad_packet:
1501 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1502 } else {
1503 tcp_v6_send_reset(NULL, skb);
1504 }
1505
1506 discard_it:
1507 kfree_skb(skb);
1508 return 0;
1509
1510 discard_and_relse:
1511 sk_drops_add(sk, skb);
1512 if (refcounted)
1513 sock_put(sk);
1514 goto discard_it;
1515
1516 do_time_wait:
1517 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1518 inet_twsk_put(inet_twsk(sk));
1519 goto discard_it;
1520 }
1521
1522 tcp_v6_fill_cb(skb, hdr, th);
1523
1524 if (tcp_checksum_complete(skb)) {
1525 inet_twsk_put(inet_twsk(sk));
1526 goto csum_error;
1527 }
1528
1529 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1530 case TCP_TW_SYN:
1531 {
1532 struct sock *sk2;
1533
1534 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1535 skb, __tcp_hdrlen(th),
1536 &ipv6_hdr(skb)->saddr, th->source,
1537 &ipv6_hdr(skb)->daddr,
1538 ntohs(th->dest), tcp_v6_iif(skb));
1539 if (sk2) {
1540 struct inet_timewait_sock *tw = inet_twsk(sk);
1541 inet_twsk_deschedule_put(tw);
1542 sk = sk2;
1543 tcp_v6_restore_cb(skb);
1544 refcounted = false;
1545 goto process;
1546 }
1547 /* Fall through to ACK */
1548 }
1549 case TCP_TW_ACK:
1550 tcp_v6_timewait_ack(sk, skb);
1551 break;
1552 case TCP_TW_RST:
1553 tcp_v6_restore_cb(skb);
1554 tcp_v6_send_reset(sk, skb);
1555 inet_twsk_deschedule_put(inet_twsk(sk));
1556 goto discard_it;
1557 case TCP_TW_SUCCESS:
1558 ;
1559 }
1560 goto discard_it;
1561 }
1562
1563 static void tcp_v6_early_demux(struct sk_buff *skb)
1564 {
1565 const struct ipv6hdr *hdr;
1566 const struct tcphdr *th;
1567 struct sock *sk;
1568
1569 if (skb->pkt_type != PACKET_HOST)
1570 return;
1571
1572 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1573 return;
1574
1575 hdr = ipv6_hdr(skb);
1576 th = tcp_hdr(skb);
1577
1578 if (th->doff < sizeof(struct tcphdr) / 4)
1579 return;
1580
1581 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
1582 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1583 &hdr->saddr, th->source,
1584 &hdr->daddr, ntohs(th->dest),
1585 inet6_iif(skb));
1586 if (sk) {
1587 skb->sk = sk;
1588 skb->destructor = sock_edemux;
1589 if (sk_fullsock(sk)) {
1590 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
1591
1592 if (dst)
1593 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
1594 if (dst &&
1595 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1596 skb_dst_set_noref(skb, dst);
1597 }
1598 }
1599 }
1600
1601 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1602 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1603 .twsk_unique = tcp_twsk_unique,
1604 .twsk_destructor = tcp_twsk_destructor,
1605 };
1606
1607 static const struct inet_connection_sock_af_ops ipv6_specific = {
1608 .queue_xmit = inet6_csk_xmit,
1609 .send_check = tcp_v6_send_check,
1610 .rebuild_header = inet6_sk_rebuild_header,
1611 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1612 .conn_request = tcp_v6_conn_request,
1613 .syn_recv_sock = tcp_v6_syn_recv_sock,
1614 .net_header_len = sizeof(struct ipv6hdr),
1615 .net_frag_header_len = sizeof(struct frag_hdr),
1616 .setsockopt = ipv6_setsockopt,
1617 .getsockopt = ipv6_getsockopt,
1618 .addr2sockaddr = inet6_csk_addr2sockaddr,
1619 .sockaddr_len = sizeof(struct sockaddr_in6),
1620 .bind_conflict = inet6_csk_bind_conflict,
1621 #ifdef CONFIG_COMPAT
1622 .compat_setsockopt = compat_ipv6_setsockopt,
1623 .compat_getsockopt = compat_ipv6_getsockopt,
1624 #endif
1625 .mtu_reduced = tcp_v6_mtu_reduced,
1626 };
1627
1628 #ifdef CONFIG_TCP_MD5SIG
1629 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1630 .md5_lookup = tcp_v6_md5_lookup,
1631 .calc_md5_hash = tcp_v6_md5_hash_skb,
1632 .md5_parse = tcp_v6_parse_md5_keys,
1633 };
1634 #endif
1635
1636 /*
1637 * TCP over IPv4 via INET6 API
1638 */
1639 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1640 .queue_xmit = ip_queue_xmit,
1641 .send_check = tcp_v4_send_check,
1642 .rebuild_header = inet_sk_rebuild_header,
1643 .sk_rx_dst_set = inet_sk_rx_dst_set,
1644 .conn_request = tcp_v6_conn_request,
1645 .syn_recv_sock = tcp_v6_syn_recv_sock,
1646 .net_header_len = sizeof(struct iphdr),
1647 .setsockopt = ipv6_setsockopt,
1648 .getsockopt = ipv6_getsockopt,
1649 .addr2sockaddr = inet6_csk_addr2sockaddr,
1650 .sockaddr_len = sizeof(struct sockaddr_in6),
1651 .bind_conflict = inet6_csk_bind_conflict,
1652 #ifdef CONFIG_COMPAT
1653 .compat_setsockopt = compat_ipv6_setsockopt,
1654 .compat_getsockopt = compat_ipv6_getsockopt,
1655 #endif
1656 .mtu_reduced = tcp_v4_mtu_reduced,
1657 };
1658
1659 #ifdef CONFIG_TCP_MD5SIG
1660 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1661 .md5_lookup = tcp_v4_md5_lookup,
1662 .calc_md5_hash = tcp_v4_md5_hash_skb,
1663 .md5_parse = tcp_v6_parse_md5_keys,
1664 };
1665 #endif
1666
1667 /* NOTE: A lot of things set to zero explicitly by call to
1668 * sk_alloc() so need not be done here.
1669 */
1670 static int tcp_v6_init_sock(struct sock *sk)
1671 {
1672 struct inet_connection_sock *icsk = inet_csk(sk);
1673
1674 tcp_init_sock(sk);
1675
1676 icsk->icsk_af_ops = &ipv6_specific;
1677
1678 #ifdef CONFIG_TCP_MD5SIG
1679 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1680 #endif
1681
1682 return 0;
1683 }
1684
1685 static void tcp_v6_destroy_sock(struct sock *sk)
1686 {
1687 tcp_v4_destroy_sock(sk);
1688 inet6_destroy_sock(sk);
1689 }
1690
1691 #ifdef CONFIG_PROC_FS
1692 /* Proc filesystem TCPv6 sock list dumping. */
1693 static void get_openreq6(struct seq_file *seq,
1694 const struct request_sock *req, int i)
1695 {
1696 long ttd = req->rsk_timer.expires - jiffies;
1697 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1698 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1699
1700 if (ttd < 0)
1701 ttd = 0;
1702
1703 seq_printf(seq,
1704 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1705 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1706 i,
1707 src->s6_addr32[0], src->s6_addr32[1],
1708 src->s6_addr32[2], src->s6_addr32[3],
1709 inet_rsk(req)->ir_num,
1710 dest->s6_addr32[0], dest->s6_addr32[1],
1711 dest->s6_addr32[2], dest->s6_addr32[3],
1712 ntohs(inet_rsk(req)->ir_rmt_port),
1713 TCP_SYN_RECV,
1714 0, 0, /* could print option size, but that is af dependent. */
1715 1, /* timers active (only the expire timer) */
1716 jiffies_to_clock_t(ttd),
1717 req->num_timeout,
1718 from_kuid_munged(seq_user_ns(seq),
1719 sock_i_uid(req->rsk_listener)),
1720 0, /* non standard timer */
1721 0, /* open_requests have no inode */
1722 0, req);
1723 }
1724
1725 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1726 {
1727 const struct in6_addr *dest, *src;
1728 __u16 destp, srcp;
1729 int timer_active;
1730 unsigned long timer_expires;
1731 const struct inet_sock *inet = inet_sk(sp);
1732 const struct tcp_sock *tp = tcp_sk(sp);
1733 const struct inet_connection_sock *icsk = inet_csk(sp);
1734 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
1735 int rx_queue;
1736 int state;
1737
1738 dest = &sp->sk_v6_daddr;
1739 src = &sp->sk_v6_rcv_saddr;
1740 destp = ntohs(inet->inet_dport);
1741 srcp = ntohs(inet->inet_sport);
1742
1743 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
1744 icsk->icsk_pending == ICSK_TIME_EARLY_RETRANS ||
1745 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
1746 timer_active = 1;
1747 timer_expires = icsk->icsk_timeout;
1748 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1749 timer_active = 4;
1750 timer_expires = icsk->icsk_timeout;
1751 } else if (timer_pending(&sp->sk_timer)) {
1752 timer_active = 2;
1753 timer_expires = sp->sk_timer.expires;
1754 } else {
1755 timer_active = 0;
1756 timer_expires = jiffies;
1757 }
1758
1759 state = sk_state_load(sp);
1760 if (state == TCP_LISTEN)
1761 rx_queue = sp->sk_ack_backlog;
1762 else
1763 /* Because we don't lock the socket,
1764 * we might find a transient negative value.
1765 */
1766 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
1767
1768 seq_printf(seq,
1769 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1770 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1771 i,
1772 src->s6_addr32[0], src->s6_addr32[1],
1773 src->s6_addr32[2], src->s6_addr32[3], srcp,
1774 dest->s6_addr32[0], dest->s6_addr32[1],
1775 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1776 state,
1777 tp->write_seq - tp->snd_una,
1778 rx_queue,
1779 timer_active,
1780 jiffies_delta_to_clock_t(timer_expires - jiffies),
1781 icsk->icsk_retransmits,
1782 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1783 icsk->icsk_probes_out,
1784 sock_i_ino(sp),
1785 atomic_read(&sp->sk_refcnt), sp,
1786 jiffies_to_clock_t(icsk->icsk_rto),
1787 jiffies_to_clock_t(icsk->icsk_ack.ato),
1788 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
1789 tp->snd_cwnd,
1790 state == TCP_LISTEN ?
1791 fastopenq->max_qlen :
1792 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1793 );
1794 }
1795
1796 static void get_timewait6_sock(struct seq_file *seq,
1797 struct inet_timewait_sock *tw, int i)
1798 {
1799 long delta = tw->tw_timer.expires - jiffies;
1800 const struct in6_addr *dest, *src;
1801 __u16 destp, srcp;
1802
1803 dest = &tw->tw_v6_daddr;
1804 src = &tw->tw_v6_rcv_saddr;
1805 destp = ntohs(tw->tw_dport);
1806 srcp = ntohs(tw->tw_sport);
1807
1808 seq_printf(seq,
1809 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1810 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1811 i,
1812 src->s6_addr32[0], src->s6_addr32[1],
1813 src->s6_addr32[2], src->s6_addr32[3], srcp,
1814 dest->s6_addr32[0], dest->s6_addr32[1],
1815 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1816 tw->tw_substate, 0, 0,
1817 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1818 atomic_read(&tw->tw_refcnt), tw);
1819 }
1820
1821 static int tcp6_seq_show(struct seq_file *seq, void *v)
1822 {
1823 struct tcp_iter_state *st;
1824 struct sock *sk = v;
1825
1826 if (v == SEQ_START_TOKEN) {
1827 seq_puts(seq,
1828 " sl "
1829 "local_address "
1830 "remote_address "
1831 "st tx_queue rx_queue tr tm->when retrnsmt"
1832 " uid timeout inode\n");
1833 goto out;
1834 }
1835 st = seq->private;
1836
1837 if (sk->sk_state == TCP_TIME_WAIT)
1838 get_timewait6_sock(seq, v, st->num);
1839 else if (sk->sk_state == TCP_NEW_SYN_RECV)
1840 get_openreq6(seq, v, st->num);
1841 else
1842 get_tcp6_sock(seq, v, st->num);
1843 out:
1844 return 0;
1845 }
1846
1847 static const struct file_operations tcp6_afinfo_seq_fops = {
1848 .owner = THIS_MODULE,
1849 .open = tcp_seq_open,
1850 .read = seq_read,
1851 .llseek = seq_lseek,
1852 .release = seq_release_net
1853 };
1854
1855 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1856 .name = "tcp6",
1857 .family = AF_INET6,
1858 .seq_fops = &tcp6_afinfo_seq_fops,
1859 .seq_ops = {
1860 .show = tcp6_seq_show,
1861 },
1862 };
1863
1864 int __net_init tcp6_proc_init(struct net *net)
1865 {
1866 return tcp_proc_register(net, &tcp6_seq_afinfo);
1867 }
1868
1869 void tcp6_proc_exit(struct net *net)
1870 {
1871 tcp_proc_unregister(net, &tcp6_seq_afinfo);
1872 }
1873 #endif
1874
1875 static void tcp_v6_clear_sk(struct sock *sk, int size)
1876 {
1877 struct inet_sock *inet = inet_sk(sk);
1878
1879 /* we do not want to clear pinet6 field, because of RCU lookups */
1880 sk_prot_clear_nulls(sk, offsetof(struct inet_sock, pinet6));
1881
1882 size -= offsetof(struct inet_sock, pinet6) + sizeof(inet->pinet6);
1883 memset(&inet->pinet6 + 1, 0, size);
1884 }
1885
1886 struct proto tcpv6_prot = {
1887 .name = "TCPv6",
1888 .owner = THIS_MODULE,
1889 .close = tcp_close,
1890 .connect = tcp_v6_connect,
1891 .disconnect = tcp_disconnect,
1892 .accept = inet_csk_accept,
1893 .ioctl = tcp_ioctl,
1894 .init = tcp_v6_init_sock,
1895 .destroy = tcp_v6_destroy_sock,
1896 .shutdown = tcp_shutdown,
1897 .setsockopt = tcp_setsockopt,
1898 .getsockopt = tcp_getsockopt,
1899 .recvmsg = tcp_recvmsg,
1900 .sendmsg = tcp_sendmsg,
1901 .sendpage = tcp_sendpage,
1902 .backlog_rcv = tcp_v6_do_rcv,
1903 .release_cb = tcp_release_cb,
1904 .hash = inet6_hash,
1905 .unhash = inet_unhash,
1906 .get_port = inet_csk_get_port,
1907 .enter_memory_pressure = tcp_enter_memory_pressure,
1908 .stream_memory_free = tcp_stream_memory_free,
1909 .sockets_allocated = &tcp_sockets_allocated,
1910 .memory_allocated = &tcp_memory_allocated,
1911 .memory_pressure = &tcp_memory_pressure,
1912 .orphan_count = &tcp_orphan_count,
1913 .sysctl_mem = sysctl_tcp_mem,
1914 .sysctl_wmem = sysctl_tcp_wmem,
1915 .sysctl_rmem = sysctl_tcp_rmem,
1916 .max_header = MAX_TCP_HEADER,
1917 .obj_size = sizeof(struct tcp6_sock),
1918 .slab_flags = SLAB_DESTROY_BY_RCU,
1919 .twsk_prot = &tcp6_timewait_sock_ops,
1920 .rsk_prot = &tcp6_request_sock_ops,
1921 .h.hashinfo = &tcp_hashinfo,
1922 .no_autobind = true,
1923 #ifdef CONFIG_COMPAT
1924 .compat_setsockopt = compat_tcp_setsockopt,
1925 .compat_getsockopt = compat_tcp_getsockopt,
1926 #endif
1927 .clear_sk = tcp_v6_clear_sk,
1928 .diag_destroy = tcp_abort,
1929 };
1930
1931 static const struct inet6_protocol tcpv6_protocol = {
1932 .early_demux = tcp_v6_early_demux,
1933 .handler = tcp_v6_rcv,
1934 .err_handler = tcp_v6_err,
1935 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1936 };
1937
1938 static struct inet_protosw tcpv6_protosw = {
1939 .type = SOCK_STREAM,
1940 .protocol = IPPROTO_TCP,
1941 .prot = &tcpv6_prot,
1942 .ops = &inet6_stream_ops,
1943 .flags = INET_PROTOSW_PERMANENT |
1944 INET_PROTOSW_ICSK,
1945 };
1946
1947 static int __net_init tcpv6_net_init(struct net *net)
1948 {
1949 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
1950 SOCK_RAW, IPPROTO_TCP, net);
1951 }
1952
1953 static void __net_exit tcpv6_net_exit(struct net *net)
1954 {
1955 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
1956 }
1957
1958 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
1959 {
1960 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
1961 }
1962
1963 static struct pernet_operations tcpv6_net_ops = {
1964 .init = tcpv6_net_init,
1965 .exit = tcpv6_net_exit,
1966 .exit_batch = tcpv6_net_exit_batch,
1967 };
1968
1969 int __init tcpv6_init(void)
1970 {
1971 int ret;
1972
1973 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
1974 if (ret)
1975 goto out;
1976
1977 /* register inet6 protocol */
1978 ret = inet6_register_protosw(&tcpv6_protosw);
1979 if (ret)
1980 goto out_tcpv6_protocol;
1981
1982 ret = register_pernet_subsys(&tcpv6_net_ops);
1983 if (ret)
1984 goto out_tcpv6_protosw;
1985 out:
1986 return ret;
1987
1988 out_tcpv6_protosw:
1989 inet6_unregister_protosw(&tcpv6_protosw);
1990 out_tcpv6_protocol:
1991 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
1992 goto out;
1993 }
1994
1995 void tcpv6_exit(void)
1996 {
1997 unregister_pernet_subsys(&tcpv6_net_ops);
1998 inet6_unregister_protosw(&tcpv6_protosw);
1999 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2000 }
2001
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.