1 /* 2 * TCP over IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on: 9 * linux/net/ipv4/tcp.c 10 * linux/net/ipv4/tcp_input.c 11 * linux/net/ipv4/tcp_output.c 12 * 13 * Fixes: 14 * Hideaki YOSHIFUJI : sin6_scope_id support 15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which 16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind 17 * a single port at the same time. 18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file. 19 * 20 * This program is free software; you can redistribute it and/or 21 * modify it under the terms of the GNU General Public License 22 * as published by the Free Software Foundation; either version 23 * 2 of the License, or (at your option) any later version. 24 */ 25 26 #include <linux/bottom_half.h> 27 #include <linux/module.h> 28 #include <linux/errno.h> 29 #include <linux/types.h> 30 #include <linux/socket.h> 31 #include <linux/sockios.h> 32 #include <linux/net.h> 33 #include <linux/jiffies.h> 34 #include <linux/in.h> 35 #include <linux/in6.h> 36 #include <linux/netdevice.h> 37 #include <linux/init.h> 38 #include <linux/jhash.h> 39 #include <linux/ipsec.h> 40 #include <linux/times.h> 41 42 #include <linux/ipv6.h> 43 #include <linux/icmpv6.h> 44 #include <linux/random.h> 45 46 #include <net/tcp.h> 47 #include <net/ndisc.h> 48 #include <net/inet6_hashtables.h> 49 #include <net/inet6_connection_sock.h> 50 #include <net/ipv6.h> 51 #include <net/transp_v6.h> 52 #include <net/addrconf.h> 53 #include <net/ip6_route.h> 54 #include <net/ip6_checksum.h> 55 #include <net/inet_ecn.h> 56 #include <net/protocol.h> 57 #include <net/xfrm.h> 58 #include <net/snmp.h> 59 #include <net/dsfield.h> 60 #include <net/timewait_sock.h> 61 #include <net/netdma.h> 62 #include <net/inet_common.h> 63 64 #include <asm/uaccess.h> 65 66 #include <linux/proc_fs.h> 67 #include <linux/seq_file.h> 68 69 #include <linux/crypto.h> 70 #include <linux/scatterlist.h> 71 72 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb); 73 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb, 74 struct request_sock *req); 75 76 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb); 77 78 static struct inet_connection_sock_af_ops ipv6_mapped; 79 static struct inet_connection_sock_af_ops ipv6_specific; 80 #ifdef CONFIG_TCP_MD5SIG 81 static struct tcp_sock_af_ops tcp_sock_ipv6_specific; 82 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific; 83 #else 84 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk, 85 struct in6_addr *addr) 86 { 87 return NULL; 88 } 89 #endif 90 91 static void tcp_v6_hash(struct sock *sk) 92 { 93 if (sk->sk_state != TCP_CLOSE) { 94 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) { 95 tcp_prot.hash(sk); 96 return; 97 } 98 local_bh_disable(); 99 __inet6_hash(sk); 100 local_bh_enable(); 101 } 102 } 103 104 static __inline__ __sum16 tcp_v6_check(int len, 105 struct in6_addr *saddr, 106 struct in6_addr *daddr, 107 __wsum base) 108 { 109 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base); 110 } 111 112 static __u32 tcp_v6_init_sequence(struct sk_buff *skb) 113 { 114 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32, 115 ipv6_hdr(skb)->saddr.s6_addr32, 116 tcp_hdr(skb)->dest, 117 tcp_hdr(skb)->source); 118 } 119 120 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, 121 int addr_len) 122 { 123 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; 124 struct inet_sock *inet = inet_sk(sk); 125 struct inet_connection_sock *icsk = inet_csk(sk); 126 struct ipv6_pinfo *np = inet6_sk(sk); 127 struct tcp_sock *tp = tcp_sk(sk); 128 struct in6_addr *saddr = NULL, *final_p = NULL, final; 129 struct flowi fl; 130 struct dst_entry *dst; 131 int addr_type; 132 int err; 133 134 if (addr_len < SIN6_LEN_RFC2133) 135 return -EINVAL; 136 137 if (usin->sin6_family != AF_INET6) 138 return(-EAFNOSUPPORT); 139 140 memset(&fl, 0, sizeof(fl)); 141 142 if (np->sndflow) { 143 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK; 144 IP6_ECN_flow_init(fl.fl6_flowlabel); 145 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) { 146 struct ip6_flowlabel *flowlabel; 147 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); 148 if (flowlabel == NULL) 149 return -EINVAL; 150 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst); 151 fl6_sock_release(flowlabel); 152 } 153 } 154 155 /* 156 * connect() to INADDR_ANY means loopback (BSD'ism). 157 */ 158 159 if(ipv6_addr_any(&usin->sin6_addr)) 160 usin->sin6_addr.s6_addr[15] = 0x1; 161 162 addr_type = ipv6_addr_type(&usin->sin6_addr); 163 164 if(addr_type & IPV6_ADDR_MULTICAST) 165 return -ENETUNREACH; 166 167 if (addr_type&IPV6_ADDR_LINKLOCAL) { 168 if (addr_len >= sizeof(struct sockaddr_in6) && 169 usin->sin6_scope_id) { 170 /* If interface is set while binding, indices 171 * must coincide. 172 */ 173 if (sk->sk_bound_dev_if && 174 sk->sk_bound_dev_if != usin->sin6_scope_id) 175 return -EINVAL; 176 177 sk->sk_bound_dev_if = usin->sin6_scope_id; 178 } 179 180 /* Connect to link-local address requires an interface */ 181 if (!sk->sk_bound_dev_if) 182 return -EINVAL; 183 } 184 185 if (tp->rx_opt.ts_recent_stamp && 186 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) { 187 tp->rx_opt.ts_recent = 0; 188 tp->rx_opt.ts_recent_stamp = 0; 189 tp->write_seq = 0; 190 } 191 192 ipv6_addr_copy(&np->daddr, &usin->sin6_addr); 193 np->flow_label = fl.fl6_flowlabel; 194 195 /* 196 * TCP over IPv4 197 */ 198 199 if (addr_type == IPV6_ADDR_MAPPED) { 200 u32 exthdrlen = icsk->icsk_ext_hdr_len; 201 struct sockaddr_in sin; 202 203 SOCK_DEBUG(sk, "connect: ipv4 mapped\n"); 204 205 if (__ipv6_only_sock(sk)) 206 return -ENETUNREACH; 207 208 sin.sin_family = AF_INET; 209 sin.sin_port = usin->sin6_port; 210 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3]; 211 212 icsk->icsk_af_ops = &ipv6_mapped; 213 sk->sk_backlog_rcv = tcp_v4_do_rcv; 214 #ifdef CONFIG_TCP_MD5SIG 215 tp->af_specific = &tcp_sock_ipv6_mapped_specific; 216 #endif 217 218 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin)); 219 220 if (err) { 221 icsk->icsk_ext_hdr_len = exthdrlen; 222 icsk->icsk_af_ops = &ipv6_specific; 223 sk->sk_backlog_rcv = tcp_v6_do_rcv; 224 #ifdef CONFIG_TCP_MD5SIG 225 tp->af_specific = &tcp_sock_ipv6_specific; 226 #endif 227 goto failure; 228 } else { 229 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF), 230 inet->saddr); 231 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF), 232 inet->rcv_saddr); 233 } 234 235 return err; 236 } 237 238 if (!ipv6_addr_any(&np->rcv_saddr)) 239 saddr = &np->rcv_saddr; 240 241 fl.proto = IPPROTO_TCP; 242 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 243 ipv6_addr_copy(&fl.fl6_src, 244 (saddr ? saddr : &np->saddr)); 245 fl.oif = sk->sk_bound_dev_if; 246 fl.fl_ip_dport = usin->sin6_port; 247 fl.fl_ip_sport = inet->sport; 248 249 if (np->opt && np->opt->srcrt) { 250 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt; 251 ipv6_addr_copy(&final, &fl.fl6_dst); 252 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 253 final_p = &final; 254 } 255 256 security_sk_classify_flow(sk, &fl); 257 258 err = ip6_dst_lookup(sk, &dst, &fl); 259 if (err) 260 goto failure; 261 if (final_p) 262 ipv6_addr_copy(&fl.fl6_dst, final_p); 263 264 err = __xfrm_lookup(sock_net(sk), &dst, &fl, sk, XFRM_LOOKUP_WAIT); 265 if (err < 0) { 266 if (err == -EREMOTE) 267 err = ip6_dst_blackhole(sk, &dst, &fl); 268 if (err < 0) 269 goto failure; 270 } 271 272 if (saddr == NULL) { 273 saddr = &fl.fl6_src; 274 ipv6_addr_copy(&np->rcv_saddr, saddr); 275 } 276 277 /* set the source address */ 278 ipv6_addr_copy(&np->saddr, saddr); 279 inet->rcv_saddr = LOOPBACK4_IPV6; 280 281 sk->sk_gso_type = SKB_GSO_TCPV6; 282 __ip6_dst_store(sk, dst, NULL, NULL); 283 284 icsk->icsk_ext_hdr_len = 0; 285 if (np->opt) 286 icsk->icsk_ext_hdr_len = (np->opt->opt_flen + 287 np->opt->opt_nflen); 288 289 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 290 291 inet->dport = usin->sin6_port; 292 293 tcp_set_state(sk, TCP_SYN_SENT); 294 err = inet6_hash_connect(&tcp_death_row, sk); 295 if (err) 296 goto late_failure; 297 298 if (!tp->write_seq) 299 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32, 300 np->daddr.s6_addr32, 301 inet->sport, 302 inet->dport); 303 304 err = tcp_connect(sk); 305 if (err) 306 goto late_failure; 307 308 return 0; 309 310 late_failure: 311 tcp_set_state(sk, TCP_CLOSE); 312 __sk_dst_reset(sk); 313 failure: 314 inet->dport = 0; 315 sk->sk_route_caps = 0; 316 return err; 317 } 318 319 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 320 u8 type, u8 code, int offset, __be32 info) 321 { 322 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data; 323 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset); 324 struct ipv6_pinfo *np; 325 struct sock *sk; 326 int err; 327 struct tcp_sock *tp; 328 __u32 seq; 329 struct net *net = dev_net(skb->dev); 330 331 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr, 332 th->dest, &hdr->saddr, th->source, skb->dev->ifindex); 333 334 if (sk == NULL) { 335 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev), 336 ICMP6_MIB_INERRORS); 337 return; 338 } 339 340 if (sk->sk_state == TCP_TIME_WAIT) { 341 inet_twsk_put(inet_twsk(sk)); 342 return; 343 } 344 345 bh_lock_sock(sk); 346 if (sock_owned_by_user(sk)) 347 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS); 348 349 if (sk->sk_state == TCP_CLOSE) 350 goto out; 351 352 tp = tcp_sk(sk); 353 seq = ntohl(th->seq); 354 if (sk->sk_state != TCP_LISTEN && 355 !between(seq, tp->snd_una, tp->snd_nxt)) { 356 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS); 357 goto out; 358 } 359 360 np = inet6_sk(sk); 361 362 if (type == ICMPV6_PKT_TOOBIG) { 363 struct dst_entry *dst = NULL; 364 365 if (sock_owned_by_user(sk)) 366 goto out; 367 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) 368 goto out; 369 370 /* icmp should have updated the destination cache entry */ 371 dst = __sk_dst_check(sk, np->dst_cookie); 372 373 if (dst == NULL) { 374 struct inet_sock *inet = inet_sk(sk); 375 struct flowi fl; 376 377 /* BUGGG_FUTURE: Again, it is not clear how 378 to handle rthdr case. Ignore this complexity 379 for now. 380 */ 381 memset(&fl, 0, sizeof(fl)); 382 fl.proto = IPPROTO_TCP; 383 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 384 ipv6_addr_copy(&fl.fl6_src, &np->saddr); 385 fl.oif = sk->sk_bound_dev_if; 386 fl.fl_ip_dport = inet->dport; 387 fl.fl_ip_sport = inet->sport; 388 security_skb_classify_flow(skb, &fl); 389 390 if ((err = ip6_dst_lookup(sk, &dst, &fl))) { 391 sk->sk_err_soft = -err; 392 goto out; 393 } 394 395 if ((err = xfrm_lookup(net, &dst, &fl, sk, 0)) < 0) { 396 sk->sk_err_soft = -err; 397 goto out; 398 } 399 400 } else 401 dst_hold(dst); 402 403 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) { 404 tcp_sync_mss(sk, dst_mtu(dst)); 405 tcp_simple_retransmit(sk); 406 } /* else let the usual retransmit timer handle it */ 407 dst_release(dst); 408 goto out; 409 } 410 411 icmpv6_err_convert(type, code, &err); 412 413 /* Might be for an request_sock */ 414 switch (sk->sk_state) { 415 struct request_sock *req, **prev; 416 case TCP_LISTEN: 417 if (sock_owned_by_user(sk)) 418 goto out; 419 420 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr, 421 &hdr->saddr, inet6_iif(skb)); 422 if (!req) 423 goto out; 424 425 /* ICMPs are not backlogged, hence we cannot get 426 * an established socket here. 427 */ 428 WARN_ON(req->sk != NULL); 429 430 if (seq != tcp_rsk(req)->snt_isn) { 431 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS); 432 goto out; 433 } 434 435 inet_csk_reqsk_queue_drop(sk, req, prev); 436 goto out; 437 438 case TCP_SYN_SENT: 439 case TCP_SYN_RECV: /* Cannot happen. 440 It can, it SYNs are crossed. --ANK */ 441 if (!sock_owned_by_user(sk)) { 442 sk->sk_err = err; 443 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */ 444 445 tcp_done(sk); 446 } else 447 sk->sk_err_soft = err; 448 goto out; 449 } 450 451 if (!sock_owned_by_user(sk) && np->recverr) { 452 sk->sk_err = err; 453 sk->sk_error_report(sk); 454 } else 455 sk->sk_err_soft = err; 456 457 out: 458 bh_unlock_sock(sk); 459 sock_put(sk); 460 } 461 462 463 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req) 464 { 465 struct inet6_request_sock *treq = inet6_rsk(req); 466 struct ipv6_pinfo *np = inet6_sk(sk); 467 struct sk_buff * skb; 468 struct ipv6_txoptions *opt = NULL; 469 struct in6_addr * final_p = NULL, final; 470 struct flowi fl; 471 struct dst_entry *dst; 472 int err = -1; 473 474 memset(&fl, 0, sizeof(fl)); 475 fl.proto = IPPROTO_TCP; 476 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 477 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 478 fl.fl6_flowlabel = 0; 479 fl.oif = treq->iif; 480 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 481 fl.fl_ip_sport = inet_rsk(req)->loc_port; 482 security_req_classify_flow(req, &fl); 483 484 opt = np->opt; 485 if (opt && opt->srcrt) { 486 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 487 ipv6_addr_copy(&final, &fl.fl6_dst); 488 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 489 final_p = &final; 490 } 491 492 err = ip6_dst_lookup(sk, &dst, &fl); 493 if (err) 494 goto done; 495 if (final_p) 496 ipv6_addr_copy(&fl.fl6_dst, final_p); 497 if ((err = xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0) 498 goto done; 499 500 skb = tcp_make_synack(sk, dst, req); 501 if (skb) { 502 struct tcphdr *th = tcp_hdr(skb); 503 504 th->check = tcp_v6_check(skb->len, 505 &treq->loc_addr, &treq->rmt_addr, 506 csum_partial(th, skb->len, skb->csum)); 507 508 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 509 err = ip6_xmit(sk, skb, &fl, opt, 0); 510 err = net_xmit_eval(err); 511 } 512 513 done: 514 if (opt && opt != np->opt) 515 sock_kfree_s(sk, opt, opt->tot_len); 516 dst_release(dst); 517 return err; 518 } 519 520 static inline void syn_flood_warning(struct sk_buff *skb) 521 { 522 #ifdef CONFIG_SYN_COOKIES 523 if (sysctl_tcp_syncookies) 524 printk(KERN_INFO 525 "TCPv6: Possible SYN flooding on port %d. " 526 "Sending cookies.\n", ntohs(tcp_hdr(skb)->dest)); 527 else 528 #endif 529 printk(KERN_INFO 530 "TCPv6: Possible SYN flooding on port %d. " 531 "Dropping request.\n", ntohs(tcp_hdr(skb)->dest)); 532 } 533 534 static void tcp_v6_reqsk_destructor(struct request_sock *req) 535 { 536 kfree_skb(inet6_rsk(req)->pktopts); 537 } 538 539 #ifdef CONFIG_TCP_MD5SIG 540 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk, 541 struct in6_addr *addr) 542 { 543 struct tcp_sock *tp = tcp_sk(sk); 544 int i; 545 546 BUG_ON(tp == NULL); 547 548 if (!tp->md5sig_info || !tp->md5sig_info->entries6) 549 return NULL; 550 551 for (i = 0; i < tp->md5sig_info->entries6; i++) { 552 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, addr)) 553 return &tp->md5sig_info->keys6[i].base; 554 } 555 return NULL; 556 } 557 558 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk, 559 struct sock *addr_sk) 560 { 561 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr); 562 } 563 564 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk, 565 struct request_sock *req) 566 { 567 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr); 568 } 569 570 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer, 571 char *newkey, u8 newkeylen) 572 { 573 /* Add key to the list */ 574 struct tcp_md5sig_key *key; 575 struct tcp_sock *tp = tcp_sk(sk); 576 struct tcp6_md5sig_key *keys; 577 578 key = tcp_v6_md5_do_lookup(sk, peer); 579 if (key) { 580 /* modify existing entry - just update that one */ 581 kfree(key->key); 582 key->key = newkey; 583 key->keylen = newkeylen; 584 } else { 585 /* reallocate new list if current one is full. */ 586 if (!tp->md5sig_info) { 587 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC); 588 if (!tp->md5sig_info) { 589 kfree(newkey); 590 return -ENOMEM; 591 } 592 sk->sk_route_caps &= ~NETIF_F_GSO_MASK; 593 } 594 if (tcp_alloc_md5sig_pool() == NULL) { 595 kfree(newkey); 596 return -ENOMEM; 597 } 598 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) { 599 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) * 600 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC); 601 602 if (!keys) { 603 tcp_free_md5sig_pool(); 604 kfree(newkey); 605 return -ENOMEM; 606 } 607 608 if (tp->md5sig_info->entries6) 609 memmove(keys, tp->md5sig_info->keys6, 610 (sizeof (tp->md5sig_info->keys6[0]) * 611 tp->md5sig_info->entries6)); 612 613 kfree(tp->md5sig_info->keys6); 614 tp->md5sig_info->keys6 = keys; 615 tp->md5sig_info->alloced6++; 616 } 617 618 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr, 619 peer); 620 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey; 621 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen; 622 623 tp->md5sig_info->entries6++; 624 } 625 return 0; 626 } 627 628 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk, 629 u8 *newkey, __u8 newkeylen) 630 { 631 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr, 632 newkey, newkeylen); 633 } 634 635 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer) 636 { 637 struct tcp_sock *tp = tcp_sk(sk); 638 int i; 639 640 for (i = 0; i < tp->md5sig_info->entries6; i++) { 641 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, peer)) { 642 /* Free the key */ 643 kfree(tp->md5sig_info->keys6[i].base.key); 644 tp->md5sig_info->entries6--; 645 646 if (tp->md5sig_info->entries6 == 0) { 647 kfree(tp->md5sig_info->keys6); 648 tp->md5sig_info->keys6 = NULL; 649 tp->md5sig_info->alloced6 = 0; 650 } else { 651 /* shrink the database */ 652 if (tp->md5sig_info->entries6 != i) 653 memmove(&tp->md5sig_info->keys6[i], 654 &tp->md5sig_info->keys6[i+1], 655 (tp->md5sig_info->entries6 - i) 656 * sizeof (tp->md5sig_info->keys6[0])); 657 } 658 tcp_free_md5sig_pool(); 659 return 0; 660 } 661 } 662 return -ENOENT; 663 } 664 665 static void tcp_v6_clear_md5_list (struct sock *sk) 666 { 667 struct tcp_sock *tp = tcp_sk(sk); 668 int i; 669 670 if (tp->md5sig_info->entries6) { 671 for (i = 0; i < tp->md5sig_info->entries6; i++) 672 kfree(tp->md5sig_info->keys6[i].base.key); 673 tp->md5sig_info->entries6 = 0; 674 tcp_free_md5sig_pool(); 675 } 676 677 kfree(tp->md5sig_info->keys6); 678 tp->md5sig_info->keys6 = NULL; 679 tp->md5sig_info->alloced6 = 0; 680 681 if (tp->md5sig_info->entries4) { 682 for (i = 0; i < tp->md5sig_info->entries4; i++) 683 kfree(tp->md5sig_info->keys4[i].base.key); 684 tp->md5sig_info->entries4 = 0; 685 tcp_free_md5sig_pool(); 686 } 687 688 kfree(tp->md5sig_info->keys4); 689 tp->md5sig_info->keys4 = NULL; 690 tp->md5sig_info->alloced4 = 0; 691 } 692 693 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval, 694 int optlen) 695 { 696 struct tcp_md5sig cmd; 697 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr; 698 u8 *newkey; 699 700 if (optlen < sizeof(cmd)) 701 return -EINVAL; 702 703 if (copy_from_user(&cmd, optval, sizeof(cmd))) 704 return -EFAULT; 705 706 if (sin6->sin6_family != AF_INET6) 707 return -EINVAL; 708 709 if (!cmd.tcpm_keylen) { 710 if (!tcp_sk(sk)->md5sig_info) 711 return -ENOENT; 712 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) 713 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]); 714 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr); 715 } 716 717 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN) 718 return -EINVAL; 719 720 if (!tcp_sk(sk)->md5sig_info) { 721 struct tcp_sock *tp = tcp_sk(sk); 722 struct tcp_md5sig_info *p; 723 724 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL); 725 if (!p) 726 return -ENOMEM; 727 728 tp->md5sig_info = p; 729 sk->sk_route_caps &= ~NETIF_F_GSO_MASK; 730 } 731 732 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL); 733 if (!newkey) 734 return -ENOMEM; 735 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) { 736 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3], 737 newkey, cmd.tcpm_keylen); 738 } 739 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen); 740 } 741 742 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp, 743 struct in6_addr *daddr, 744 struct in6_addr *saddr, int nbytes) 745 { 746 struct tcp6_pseudohdr *bp; 747 struct scatterlist sg; 748 749 bp = &hp->md5_blk.ip6; 750 /* 1. TCP pseudo-header (RFC2460) */ 751 ipv6_addr_copy(&bp->saddr, saddr); 752 ipv6_addr_copy(&bp->daddr, daddr); 753 bp->protocol = cpu_to_be32(IPPROTO_TCP); 754 bp->len = cpu_to_be32(nbytes); 755 756 sg_init_one(&sg, bp, sizeof(*bp)); 757 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp)); 758 } 759 760 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key, 761 struct in6_addr *daddr, struct in6_addr *saddr, 762 struct tcphdr *th) 763 { 764 struct tcp_md5sig_pool *hp; 765 struct hash_desc *desc; 766 767 hp = tcp_get_md5sig_pool(); 768 if (!hp) 769 goto clear_hash_noput; 770 desc = &hp->md5_desc; 771 772 if (crypto_hash_init(desc)) 773 goto clear_hash; 774 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2)) 775 goto clear_hash; 776 if (tcp_md5_hash_header(hp, th)) 777 goto clear_hash; 778 if (tcp_md5_hash_key(hp, key)) 779 goto clear_hash; 780 if (crypto_hash_final(desc, md5_hash)) 781 goto clear_hash; 782 783 tcp_put_md5sig_pool(); 784 return 0; 785 786 clear_hash: 787 tcp_put_md5sig_pool(); 788 clear_hash_noput: 789 memset(md5_hash, 0, 16); 790 return 1; 791 } 792 793 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key, 794 struct sock *sk, struct request_sock *req, 795 struct sk_buff *skb) 796 { 797 struct in6_addr *saddr, *daddr; 798 struct tcp_md5sig_pool *hp; 799 struct hash_desc *desc; 800 struct tcphdr *th = tcp_hdr(skb); 801 802 if (sk) { 803 saddr = &inet6_sk(sk)->saddr; 804 daddr = &inet6_sk(sk)->daddr; 805 } else if (req) { 806 saddr = &inet6_rsk(req)->loc_addr; 807 daddr = &inet6_rsk(req)->rmt_addr; 808 } else { 809 struct ipv6hdr *ip6h = ipv6_hdr(skb); 810 saddr = &ip6h->saddr; 811 daddr = &ip6h->daddr; 812 } 813 814 hp = tcp_get_md5sig_pool(); 815 if (!hp) 816 goto clear_hash_noput; 817 desc = &hp->md5_desc; 818 819 if (crypto_hash_init(desc)) 820 goto clear_hash; 821 822 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len)) 823 goto clear_hash; 824 if (tcp_md5_hash_header(hp, th)) 825 goto clear_hash; 826 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2)) 827 goto clear_hash; 828 if (tcp_md5_hash_key(hp, key)) 829 goto clear_hash; 830 if (crypto_hash_final(desc, md5_hash)) 831 goto clear_hash; 832 833 tcp_put_md5sig_pool(); 834 return 0; 835 836 clear_hash: 837 tcp_put_md5sig_pool(); 838 clear_hash_noput: 839 memset(md5_hash, 0, 16); 840 return 1; 841 } 842 843 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb) 844 { 845 __u8 *hash_location = NULL; 846 struct tcp_md5sig_key *hash_expected; 847 struct ipv6hdr *ip6h = ipv6_hdr(skb); 848 struct tcphdr *th = tcp_hdr(skb); 849 int genhash; 850 u8 newhash[16]; 851 852 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr); 853 hash_location = tcp_parse_md5sig_option(th); 854 855 /* We've parsed the options - do we have a hash? */ 856 if (!hash_expected && !hash_location) 857 return 0; 858 859 if (hash_expected && !hash_location) { 860 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND); 861 return 1; 862 } 863 864 if (!hash_expected && hash_location) { 865 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED); 866 return 1; 867 } 868 869 /* check the signature */ 870 genhash = tcp_v6_md5_hash_skb(newhash, 871 hash_expected, 872 NULL, NULL, skb); 873 874 if (genhash || memcmp(hash_location, newhash, 16) != 0) { 875 if (net_ratelimit()) { 876 printk(KERN_INFO "MD5 Hash %s for (%pI6, %u)->(%pI6, %u)\n", 877 genhash ? "failed" : "mismatch", 878 &ip6h->saddr, ntohs(th->source), 879 &ip6h->daddr, ntohs(th->dest)); 880 } 881 return 1; 882 } 883 return 0; 884 } 885 #endif 886 887 struct request_sock_ops tcp6_request_sock_ops __read_mostly = { 888 .family = AF_INET6, 889 .obj_size = sizeof(struct tcp6_request_sock), 890 .rtx_syn_ack = tcp_v6_send_synack, 891 .send_ack = tcp_v6_reqsk_send_ack, 892 .destructor = tcp_v6_reqsk_destructor, 893 .send_reset = tcp_v6_send_reset 894 }; 895 896 #ifdef CONFIG_TCP_MD5SIG 897 static struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = { 898 .md5_lookup = tcp_v6_reqsk_md5_lookup, 899 }; 900 #endif 901 902 static struct timewait_sock_ops tcp6_timewait_sock_ops = { 903 .twsk_obj_size = sizeof(struct tcp6_timewait_sock), 904 .twsk_unique = tcp_twsk_unique, 905 .twsk_destructor= tcp_twsk_destructor, 906 }; 907 908 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb) 909 { 910 struct ipv6_pinfo *np = inet6_sk(sk); 911 struct tcphdr *th = tcp_hdr(skb); 912 913 if (skb->ip_summed == CHECKSUM_PARTIAL) { 914 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0); 915 skb->csum_start = skb_transport_header(skb) - skb->head; 916 skb->csum_offset = offsetof(struct tcphdr, check); 917 } else { 918 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 919 csum_partial(th, th->doff<<2, 920 skb->csum)); 921 } 922 } 923 924 static int tcp_v6_gso_send_check(struct sk_buff *skb) 925 { 926 struct ipv6hdr *ipv6h; 927 struct tcphdr *th; 928 929 if (!pskb_may_pull(skb, sizeof(*th))) 930 return -EINVAL; 931 932 ipv6h = ipv6_hdr(skb); 933 th = tcp_hdr(skb); 934 935 th->check = 0; 936 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len, 937 IPPROTO_TCP, 0); 938 skb->csum_start = skb_transport_header(skb) - skb->head; 939 skb->csum_offset = offsetof(struct tcphdr, check); 940 skb->ip_summed = CHECKSUM_PARTIAL; 941 return 0; 942 } 943 944 static struct sk_buff **tcp6_gro_receive(struct sk_buff **head, 945 struct sk_buff *skb) 946 { 947 struct ipv6hdr *iph = skb_gro_network_header(skb); 948 949 switch (skb->ip_summed) { 950 case CHECKSUM_COMPLETE: 951 if (!tcp_v6_check(skb_gro_len(skb), &iph->saddr, &iph->daddr, 952 skb->csum)) { 953 skb->ip_summed = CHECKSUM_UNNECESSARY; 954 break; 955 } 956 957 /* fall through */ 958 case CHECKSUM_NONE: 959 NAPI_GRO_CB(skb)->flush = 1; 960 return NULL; 961 } 962 963 return tcp_gro_receive(head, skb); 964 } 965 966 static int tcp6_gro_complete(struct sk_buff *skb) 967 { 968 struct ipv6hdr *iph = ipv6_hdr(skb); 969 struct tcphdr *th = tcp_hdr(skb); 970 971 th->check = ~tcp_v6_check(skb->len - skb_transport_offset(skb), 972 &iph->saddr, &iph->daddr, 0); 973 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6; 974 975 return tcp_gro_complete(skb); 976 } 977 978 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win, 979 u32 ts, struct tcp_md5sig_key *key, int rst) 980 { 981 struct tcphdr *th = tcp_hdr(skb), *t1; 982 struct sk_buff *buff; 983 struct flowi fl; 984 struct net *net = dev_net(skb_dst(skb)->dev); 985 struct sock *ctl_sk = net->ipv6.tcp_sk; 986 unsigned int tot_len = sizeof(struct tcphdr); 987 struct dst_entry *dst; 988 __be32 *topt; 989 990 if (ts) 991 tot_len += TCPOLEN_TSTAMP_ALIGNED; 992 #ifdef CONFIG_TCP_MD5SIG 993 if (key) 994 tot_len += TCPOLEN_MD5SIG_ALIGNED; 995 #endif 996 997 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len, 998 GFP_ATOMIC); 999 if (buff == NULL) 1000 return; 1001 1002 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len); 1003 1004 t1 = (struct tcphdr *) skb_push(buff, tot_len); 1005 1006 /* Swap the send and the receive. */ 1007 memset(t1, 0, sizeof(*t1)); 1008 t1->dest = th->source; 1009 t1->source = th->dest; 1010 t1->doff = tot_len / 4; 1011 t1->seq = htonl(seq); 1012 t1->ack_seq = htonl(ack); 1013 t1->ack = !rst || !th->ack; 1014 t1->rst = rst; 1015 t1->window = htons(win); 1016 1017 topt = (__be32 *)(t1 + 1); 1018 1019 if (ts) { 1020 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 1021 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP); 1022 *topt++ = htonl(tcp_time_stamp); 1023 *topt++ = htonl(ts); 1024 } 1025 1026 #ifdef CONFIG_TCP_MD5SIG 1027 if (key) { 1028 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 1029 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG); 1030 tcp_v6_md5_hash_hdr((__u8 *)topt, key, 1031 &ipv6_hdr(skb)->saddr, 1032 &ipv6_hdr(skb)->daddr, t1); 1033 } 1034 #endif 1035 1036 buff->csum = csum_partial(t1, tot_len, 0); 1037 1038 memset(&fl, 0, sizeof(fl)); 1039 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr); 1040 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr); 1041 1042 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst, 1043 tot_len, IPPROTO_TCP, 1044 buff->csum); 1045 1046 fl.proto = IPPROTO_TCP; 1047 fl.oif = inet6_iif(skb); 1048 fl.fl_ip_dport = t1->dest; 1049 fl.fl_ip_sport = t1->source; 1050 security_skb_classify_flow(skb, &fl); 1051 1052 /* Pass a socket to ip6_dst_lookup either it is for RST 1053 * Underlying function will use this to retrieve the network 1054 * namespace 1055 */ 1056 if (!ip6_dst_lookup(ctl_sk, &dst, &fl)) { 1057 if (xfrm_lookup(net, &dst, &fl, NULL, 0) >= 0) { 1058 skb_dst_set(buff, dst); 1059 ip6_xmit(ctl_sk, buff, &fl, NULL, 0); 1060 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS); 1061 if (rst) 1062 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS); 1063 return; 1064 } 1065 } 1066 1067 kfree_skb(buff); 1068 } 1069 1070 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb) 1071 { 1072 struct tcphdr *th = tcp_hdr(skb); 1073 u32 seq = 0, ack_seq = 0; 1074 struct tcp_md5sig_key *key = NULL; 1075 1076 if (th->rst) 1077 return; 1078 1079 if (!ipv6_unicast_destination(skb)) 1080 return; 1081 1082 #ifdef CONFIG_TCP_MD5SIG 1083 if (sk) 1084 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr); 1085 #endif 1086 1087 if (th->ack) 1088 seq = ntohl(th->ack_seq); 1089 else 1090 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len - 1091 (th->doff << 2); 1092 1093 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1); 1094 } 1095 1096 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts, 1097 struct tcp_md5sig_key *key) 1098 { 1099 tcp_v6_send_response(skb, seq, ack, win, ts, key, 0); 1100 } 1101 1102 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb) 1103 { 1104 struct inet_timewait_sock *tw = inet_twsk(sk); 1105 struct tcp_timewait_sock *tcptw = tcp_twsk(sk); 1106 1107 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt, 1108 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale, 1109 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw)); 1110 1111 inet_twsk_put(tw); 1112 } 1113 1114 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb, 1115 struct request_sock *req) 1116 { 1117 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent, 1118 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr)); 1119 } 1120 1121 1122 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb) 1123 { 1124 struct request_sock *req, **prev; 1125 const struct tcphdr *th = tcp_hdr(skb); 1126 struct sock *nsk; 1127 1128 /* Find possible connection requests. */ 1129 req = inet6_csk_search_req(sk, &prev, th->source, 1130 &ipv6_hdr(skb)->saddr, 1131 &ipv6_hdr(skb)->daddr, inet6_iif(skb)); 1132 if (req) 1133 return tcp_check_req(sk, skb, req, prev); 1134 1135 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo, 1136 &ipv6_hdr(skb)->saddr, th->source, 1137 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb)); 1138 1139 if (nsk) { 1140 if (nsk->sk_state != TCP_TIME_WAIT) { 1141 bh_lock_sock(nsk); 1142 return nsk; 1143 } 1144 inet_twsk_put(inet_twsk(nsk)); 1145 return NULL; 1146 } 1147 1148 #ifdef CONFIG_SYN_COOKIES 1149 if (!th->rst && !th->syn && th->ack) 1150 sk = cookie_v6_check(sk, skb); 1151 #endif 1152 return sk; 1153 } 1154 1155 /* FIXME: this is substantially similar to the ipv4 code. 1156 * Can some kind of merge be done? -- erics 1157 */ 1158 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) 1159 { 1160 struct inet6_request_sock *treq; 1161 struct ipv6_pinfo *np = inet6_sk(sk); 1162 struct tcp_options_received tmp_opt; 1163 struct tcp_sock *tp = tcp_sk(sk); 1164 struct request_sock *req = NULL; 1165 __u32 isn = TCP_SKB_CB(skb)->when; 1166 #ifdef CONFIG_SYN_COOKIES 1167 int want_cookie = 0; 1168 #else 1169 #define want_cookie 0 1170 #endif 1171 1172 if (skb->protocol == htons(ETH_P_IP)) 1173 return tcp_v4_conn_request(sk, skb); 1174 1175 if (!ipv6_unicast_destination(skb)) 1176 goto drop; 1177 1178 if (inet_csk_reqsk_queue_is_full(sk) && !isn) { 1179 if (net_ratelimit()) 1180 syn_flood_warning(skb); 1181 #ifdef CONFIG_SYN_COOKIES 1182 if (sysctl_tcp_syncookies) 1183 want_cookie = 1; 1184 else 1185 #endif 1186 goto drop; 1187 } 1188 1189 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) 1190 goto drop; 1191 1192 req = inet6_reqsk_alloc(&tcp6_request_sock_ops); 1193 if (req == NULL) 1194 goto drop; 1195 1196 #ifdef CONFIG_TCP_MD5SIG 1197 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops; 1198 #endif 1199 1200 tcp_clear_options(&tmp_opt); 1201 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 1202 tmp_opt.user_mss = tp->rx_opt.user_mss; 1203 1204 tcp_parse_options(skb, &tmp_opt, 0); 1205 1206 if (want_cookie && !tmp_opt.saw_tstamp) 1207 tcp_clear_options(&tmp_opt); 1208 1209 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp; 1210 tcp_openreq_init(req, &tmp_opt, skb); 1211 1212 treq = inet6_rsk(req); 1213 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr); 1214 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr); 1215 if (!want_cookie) 1216 TCP_ECN_create_request(req, tcp_hdr(skb)); 1217 1218 if (want_cookie) { 1219 isn = cookie_v6_init_sequence(sk, skb, &req->mss); 1220 req->cookie_ts = tmp_opt.tstamp_ok; 1221 } else if (!isn) { 1222 if (ipv6_opt_accepted(sk, skb) || 1223 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo || 1224 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) { 1225 atomic_inc(&skb->users); 1226 treq->pktopts = skb; 1227 } 1228 treq->iif = sk->sk_bound_dev_if; 1229 1230 /* So that link locals have meaning */ 1231 if (!sk->sk_bound_dev_if && 1232 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL) 1233 treq->iif = inet6_iif(skb); 1234 1235 isn = tcp_v6_init_sequence(skb); 1236 } 1237 1238 tcp_rsk(req)->snt_isn = isn; 1239 1240 security_inet_conn_request(sk, skb, req); 1241 1242 if (tcp_v6_send_synack(sk, req)) 1243 goto drop; 1244 1245 if (!want_cookie) { 1246 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT); 1247 return 0; 1248 } 1249 1250 drop: 1251 if (req) 1252 reqsk_free(req); 1253 1254 return 0; /* don't send reset */ 1255 } 1256 1257 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, 1258 struct request_sock *req, 1259 struct dst_entry *dst) 1260 { 1261 struct inet6_request_sock *treq; 1262 struct ipv6_pinfo *newnp, *np = inet6_sk(sk); 1263 struct tcp6_sock *newtcp6sk; 1264 struct inet_sock *newinet; 1265 struct tcp_sock *newtp; 1266 struct sock *newsk; 1267 struct ipv6_txoptions *opt; 1268 #ifdef CONFIG_TCP_MD5SIG 1269 struct tcp_md5sig_key *key; 1270 #endif 1271 1272 if (skb->protocol == htons(ETH_P_IP)) { 1273 /* 1274 * v6 mapped 1275 */ 1276 1277 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst); 1278 1279 if (newsk == NULL) 1280 return NULL; 1281 1282 newtcp6sk = (struct tcp6_sock *)newsk; 1283 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1284 1285 newinet = inet_sk(newsk); 1286 newnp = inet6_sk(newsk); 1287 newtp = tcp_sk(newsk); 1288 1289 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1290 1291 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF), 1292 newinet->daddr); 1293 1294 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF), 1295 newinet->saddr); 1296 1297 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr); 1298 1299 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped; 1300 newsk->sk_backlog_rcv = tcp_v4_do_rcv; 1301 #ifdef CONFIG_TCP_MD5SIG 1302 newtp->af_specific = &tcp_sock_ipv6_mapped_specific; 1303 #endif 1304 1305 newnp->pktoptions = NULL; 1306 newnp->opt = NULL; 1307 newnp->mcast_oif = inet6_iif(skb); 1308 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit; 1309 1310 /* 1311 * No need to charge this sock to the relevant IPv6 refcnt debug socks count 1312 * here, tcp_create_openreq_child now does this for us, see the comment in 1313 * that function for the gory details. -acme 1314 */ 1315 1316 /* It is tricky place. Until this moment IPv4 tcp 1317 worked with IPv6 icsk.icsk_af_ops. 1318 Sync it now. 1319 */ 1320 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie); 1321 1322 return newsk; 1323 } 1324 1325 treq = inet6_rsk(req); 1326 opt = np->opt; 1327 1328 if (sk_acceptq_is_full(sk)) 1329 goto out_overflow; 1330 1331 if (dst == NULL) { 1332 struct in6_addr *final_p = NULL, final; 1333 struct flowi fl; 1334 1335 memset(&fl, 0, sizeof(fl)); 1336 fl.proto = IPPROTO_TCP; 1337 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 1338 if (opt && opt->srcrt) { 1339 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 1340 ipv6_addr_copy(&final, &fl.fl6_dst); 1341 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 1342 final_p = &final; 1343 } 1344 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 1345 fl.oif = sk->sk_bound_dev_if; 1346 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 1347 fl.fl_ip_sport = inet_rsk(req)->loc_port; 1348 security_req_classify_flow(req, &fl); 1349 1350 if (ip6_dst_lookup(sk, &dst, &fl)) 1351 goto out; 1352 1353 if (final_p) 1354 ipv6_addr_copy(&fl.fl6_dst, final_p); 1355 1356 if ((xfrm_lookup(sock_net(sk), &dst, &fl, sk, 0)) < 0) 1357 goto out; 1358 } 1359 1360 newsk = tcp_create_openreq_child(sk, req, skb); 1361 if (newsk == NULL) 1362 goto out; 1363 1364 /* 1365 * No need to charge this sock to the relevant IPv6 refcnt debug socks 1366 * count here, tcp_create_openreq_child now does this for us, see the 1367 * comment in that function for the gory details. -acme 1368 */ 1369 1370 newsk->sk_gso_type = SKB_GSO_TCPV6; 1371 __ip6_dst_store(newsk, dst, NULL, NULL); 1372 1373 newtcp6sk = (struct tcp6_sock *)newsk; 1374 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1375 1376 newtp = tcp_sk(newsk); 1377 newinet = inet_sk(newsk); 1378 newnp = inet6_sk(newsk); 1379 1380 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1381 1382 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr); 1383 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr); 1384 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr); 1385 newsk->sk_bound_dev_if = treq->iif; 1386 1387 /* Now IPv6 options... 1388 1389 First: no IPv4 options. 1390 */ 1391 newinet->opt = NULL; 1392 newnp->ipv6_fl_list = NULL; 1393 1394 /* Clone RX bits */ 1395 newnp->rxopt.all = np->rxopt.all; 1396 1397 /* Clone pktoptions received with SYN */ 1398 newnp->pktoptions = NULL; 1399 if (treq->pktopts != NULL) { 1400 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC); 1401 kfree_skb(treq->pktopts); 1402 treq->pktopts = NULL; 1403 if (newnp->pktoptions) 1404 skb_set_owner_r(newnp->pktoptions, newsk); 1405 } 1406 newnp->opt = NULL; 1407 newnp->mcast_oif = inet6_iif(skb); 1408 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit; 1409 1410 /* Clone native IPv6 options from listening socket (if any) 1411 1412 Yes, keeping reference count would be much more clever, 1413 but we make one more one thing there: reattach optmem 1414 to newsk. 1415 */ 1416 if (opt) { 1417 newnp->opt = ipv6_dup_options(newsk, opt); 1418 if (opt != np->opt) 1419 sock_kfree_s(sk, opt, opt->tot_len); 1420 } 1421 1422 inet_csk(newsk)->icsk_ext_hdr_len = 0; 1423 if (newnp->opt) 1424 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen + 1425 newnp->opt->opt_flen); 1426 1427 tcp_mtup_init(newsk); 1428 tcp_sync_mss(newsk, dst_mtu(dst)); 1429 newtp->advmss = dst_metric(dst, RTAX_ADVMSS); 1430 tcp_initialize_rcv_mss(newsk); 1431 1432 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6; 1433 1434 #ifdef CONFIG_TCP_MD5SIG 1435 /* Copy over the MD5 key from the original socket */ 1436 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) { 1437 /* We're using one, so create a matching key 1438 * on the newsk structure. If we fail to get 1439 * memory, then we end up not copying the key 1440 * across. Shucks. 1441 */ 1442 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC); 1443 if (newkey != NULL) 1444 tcp_v6_md5_do_add(newsk, &inet6_sk(sk)->daddr, 1445 newkey, key->keylen); 1446 } 1447 #endif 1448 1449 __inet6_hash(newsk); 1450 __inet_inherit_port(sk, newsk); 1451 1452 return newsk; 1453 1454 out_overflow: 1455 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS); 1456 out: 1457 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS); 1458 if (opt && opt != np->opt) 1459 sock_kfree_s(sk, opt, opt->tot_len); 1460 dst_release(dst); 1461 return NULL; 1462 } 1463 1464 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb) 1465 { 1466 if (skb->ip_summed == CHECKSUM_COMPLETE) { 1467 if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr, 1468 &ipv6_hdr(skb)->daddr, skb->csum)) { 1469 skb->ip_summed = CHECKSUM_UNNECESSARY; 1470 return 0; 1471 } 1472 } 1473 1474 skb->csum = ~csum_unfold(tcp_v6_check(skb->len, 1475 &ipv6_hdr(skb)->saddr, 1476 &ipv6_hdr(skb)->daddr, 0)); 1477 1478 if (skb->len <= 76) { 1479 return __skb_checksum_complete(skb); 1480 } 1481 return 0; 1482 } 1483 1484 /* The socket must have it's spinlock held when we get 1485 * here. 1486 * 1487 * We have a potential double-lock case here, so even when 1488 * doing backlog processing we use the BH locking scheme. 1489 * This is because we cannot sleep with the original spinlock 1490 * held. 1491 */ 1492 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) 1493 { 1494 struct ipv6_pinfo *np = inet6_sk(sk); 1495 struct tcp_sock *tp; 1496 struct sk_buff *opt_skb = NULL; 1497 1498 /* Imagine: socket is IPv6. IPv4 packet arrives, 1499 goes to IPv4 receive handler and backlogged. 1500 From backlog it always goes here. Kerboom... 1501 Fortunately, tcp_rcv_established and rcv_established 1502 handle them correctly, but it is not case with 1503 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK 1504 */ 1505 1506 if (skb->protocol == htons(ETH_P_IP)) 1507 return tcp_v4_do_rcv(sk, skb); 1508 1509 #ifdef CONFIG_TCP_MD5SIG 1510 if (tcp_v6_inbound_md5_hash (sk, skb)) 1511 goto discard; 1512 #endif 1513 1514 if (sk_filter(sk, skb)) 1515 goto discard; 1516 1517 /* 1518 * socket locking is here for SMP purposes as backlog rcv 1519 * is currently called with bh processing disabled. 1520 */ 1521 1522 /* Do Stevens' IPV6_PKTOPTIONS. 1523 1524 Yes, guys, it is the only place in our code, where we 1525 may make it not affecting IPv4. 1526 The rest of code is protocol independent, 1527 and I do not like idea to uglify IPv4. 1528 1529 Actually, all the idea behind IPV6_PKTOPTIONS 1530 looks not very well thought. For now we latch 1531 options, received in the last packet, enqueued 1532 by tcp. Feel free to propose better solution. 1533 --ANK (980728) 1534 */ 1535 if (np->rxopt.all) 1536 opt_skb = skb_clone(skb, GFP_ATOMIC); 1537 1538 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */ 1539 TCP_CHECK_TIMER(sk); 1540 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len)) 1541 goto reset; 1542 TCP_CHECK_TIMER(sk); 1543 if (opt_skb) 1544 goto ipv6_pktoptions; 1545 return 0; 1546 } 1547 1548 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb)) 1549 goto csum_err; 1550 1551 if (sk->sk_state == TCP_LISTEN) { 1552 struct sock *nsk = tcp_v6_hnd_req(sk, skb); 1553 if (!nsk) 1554 goto discard; 1555 1556 /* 1557 * Queue it on the new socket if the new socket is active, 1558 * otherwise we just shortcircuit this and continue with 1559 * the new socket.. 1560 */ 1561 if(nsk != sk) { 1562 if (tcp_child_process(sk, nsk, skb)) 1563 goto reset; 1564 if (opt_skb) 1565 __kfree_skb(opt_skb); 1566 return 0; 1567 } 1568 } 1569 1570 TCP_CHECK_TIMER(sk); 1571 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) 1572 goto reset; 1573 TCP_CHECK_TIMER(sk); 1574 if (opt_skb) 1575 goto ipv6_pktoptions; 1576 return 0; 1577 1578 reset: 1579 tcp_v6_send_reset(sk, skb); 1580 discard: 1581 if (opt_skb) 1582 __kfree_skb(opt_skb); 1583 kfree_skb(skb); 1584 return 0; 1585 csum_err: 1586 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS); 1587 goto discard; 1588 1589 1590 ipv6_pktoptions: 1591 /* Do you ask, what is it? 1592 1593 1. skb was enqueued by tcp. 1594 2. skb is added to tail of read queue, rather than out of order. 1595 3. socket is not in passive state. 1596 4. Finally, it really contains options, which user wants to receive. 1597 */ 1598 tp = tcp_sk(sk); 1599 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt && 1600 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) { 1601 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo) 1602 np->mcast_oif = inet6_iif(opt_skb); 1603 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) 1604 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit; 1605 if (ipv6_opt_accepted(sk, opt_skb)) { 1606 skb_set_owner_r(opt_skb, sk); 1607 opt_skb = xchg(&np->pktoptions, opt_skb); 1608 } else { 1609 __kfree_skb(opt_skb); 1610 opt_skb = xchg(&np->pktoptions, NULL); 1611 } 1612 } 1613 1614 kfree_skb(opt_skb); 1615 return 0; 1616 } 1617 1618 static int tcp_v6_rcv(struct sk_buff *skb) 1619 { 1620 struct tcphdr *th; 1621 struct sock *sk; 1622 int ret; 1623 struct net *net = dev_net(skb->dev); 1624 1625 if (skb->pkt_type != PACKET_HOST) 1626 goto discard_it; 1627 1628 /* 1629 * Count it even if it's bad. 1630 */ 1631 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS); 1632 1633 if (!pskb_may_pull(skb, sizeof(struct tcphdr))) 1634 goto discard_it; 1635 1636 th = tcp_hdr(skb); 1637 1638 if (th->doff < sizeof(struct tcphdr)/4) 1639 goto bad_packet; 1640 if (!pskb_may_pull(skb, th->doff*4)) 1641 goto discard_it; 1642 1643 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb)) 1644 goto bad_packet; 1645 1646 th = tcp_hdr(skb); 1647 TCP_SKB_CB(skb)->seq = ntohl(th->seq); 1648 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin + 1649 skb->len - th->doff*4); 1650 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq); 1651 TCP_SKB_CB(skb)->when = 0; 1652 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(ipv6_hdr(skb)); 1653 TCP_SKB_CB(skb)->sacked = 0; 1654 1655 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest); 1656 if (!sk) 1657 goto no_tcp_socket; 1658 1659 process: 1660 if (sk->sk_state == TCP_TIME_WAIT) 1661 goto do_time_wait; 1662 1663 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) 1664 goto discard_and_relse; 1665 1666 if (sk_filter(sk, skb)) 1667 goto discard_and_relse; 1668 1669 skb->dev = NULL; 1670 1671 bh_lock_sock_nested(sk); 1672 ret = 0; 1673 if (!sock_owned_by_user(sk)) { 1674 #ifdef CONFIG_NET_DMA 1675 struct tcp_sock *tp = tcp_sk(sk); 1676 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list) 1677 tp->ucopy.dma_chan = dma_find_channel(DMA_MEMCPY); 1678 if (tp->ucopy.dma_chan) 1679 ret = tcp_v6_do_rcv(sk, skb); 1680 else 1681 #endif 1682 { 1683 if (!tcp_prequeue(sk, skb)) 1684 ret = tcp_v6_do_rcv(sk, skb); 1685 } 1686 } else 1687 sk_add_backlog(sk, skb); 1688 bh_unlock_sock(sk); 1689 1690 sock_put(sk); 1691 return ret ? -1 : 0; 1692 1693 no_tcp_socket: 1694 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) 1695 goto discard_it; 1696 1697 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1698 bad_packet: 1699 TCP_INC_STATS_BH(net, TCP_MIB_INERRS); 1700 } else { 1701 tcp_v6_send_reset(NULL, skb); 1702 } 1703 1704 discard_it: 1705 1706 /* 1707 * Discard frame 1708 */ 1709 1710 kfree_skb(skb); 1711 return 0; 1712 1713 discard_and_relse: 1714 sock_put(sk); 1715 goto discard_it; 1716 1717 do_time_wait: 1718 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1719 inet_twsk_put(inet_twsk(sk)); 1720 goto discard_it; 1721 } 1722 1723 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1724 TCP_INC_STATS_BH(net, TCP_MIB_INERRS); 1725 inet_twsk_put(inet_twsk(sk)); 1726 goto discard_it; 1727 } 1728 1729 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) { 1730 case TCP_TW_SYN: 1731 { 1732 struct sock *sk2; 1733 1734 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo, 1735 &ipv6_hdr(skb)->daddr, 1736 ntohs(th->dest), inet6_iif(skb)); 1737 if (sk2 != NULL) { 1738 struct inet_timewait_sock *tw = inet_twsk(sk); 1739 inet_twsk_deschedule(tw, &tcp_death_row); 1740 inet_twsk_put(tw); 1741 sk = sk2; 1742 goto process; 1743 } 1744 /* Fall through to ACK */ 1745 } 1746 case TCP_TW_ACK: 1747 tcp_v6_timewait_ack(sk, skb); 1748 break; 1749 case TCP_TW_RST: 1750 goto no_tcp_socket; 1751 case TCP_TW_SUCCESS:; 1752 } 1753 goto discard_it; 1754 } 1755 1756 static int tcp_v6_remember_stamp(struct sock *sk) 1757 { 1758 /* Alas, not yet... */ 1759 return 0; 1760 } 1761 1762 static struct inet_connection_sock_af_ops ipv6_specific = { 1763 .queue_xmit = inet6_csk_xmit, 1764 .send_check = tcp_v6_send_check, 1765 .rebuild_header = inet6_sk_rebuild_header, 1766 .conn_request = tcp_v6_conn_request, 1767 .syn_recv_sock = tcp_v6_syn_recv_sock, 1768 .remember_stamp = tcp_v6_remember_stamp, 1769 .net_header_len = sizeof(struct ipv6hdr), 1770 .setsockopt = ipv6_setsockopt, 1771 .getsockopt = ipv6_getsockopt, 1772 .addr2sockaddr = inet6_csk_addr2sockaddr, 1773 .sockaddr_len = sizeof(struct sockaddr_in6), 1774 .bind_conflict = inet6_csk_bind_conflict, 1775 #ifdef CONFIG_COMPAT 1776 .compat_setsockopt = compat_ipv6_setsockopt, 1777 .compat_getsockopt = compat_ipv6_getsockopt, 1778 #endif 1779 }; 1780 1781 #ifdef CONFIG_TCP_MD5SIG 1782 static struct tcp_sock_af_ops tcp_sock_ipv6_specific = { 1783 .md5_lookup = tcp_v6_md5_lookup, 1784 .calc_md5_hash = tcp_v6_md5_hash_skb, 1785 .md5_add = tcp_v6_md5_add_func, 1786 .md5_parse = tcp_v6_parse_md5_keys, 1787 }; 1788 #endif 1789 1790 /* 1791 * TCP over IPv4 via INET6 API 1792 */ 1793 1794 static struct inet_connection_sock_af_ops ipv6_mapped = { 1795 .queue_xmit = ip_queue_xmit, 1796 .send_check = tcp_v4_send_check, 1797 .rebuild_header = inet_sk_rebuild_header, 1798 .conn_request = tcp_v6_conn_request, 1799 .syn_recv_sock = tcp_v6_syn_recv_sock, 1800 .remember_stamp = tcp_v4_remember_stamp, 1801 .net_header_len = sizeof(struct iphdr), 1802 .setsockopt = ipv6_setsockopt, 1803 .getsockopt = ipv6_getsockopt, 1804 .addr2sockaddr = inet6_csk_addr2sockaddr, 1805 .sockaddr_len = sizeof(struct sockaddr_in6), 1806 .bind_conflict = inet6_csk_bind_conflict, 1807 #ifdef CONFIG_COMPAT 1808 .compat_setsockopt = compat_ipv6_setsockopt, 1809 .compat_getsockopt = compat_ipv6_getsockopt, 1810 #endif 1811 }; 1812 1813 #ifdef CONFIG_TCP_MD5SIG 1814 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = { 1815 .md5_lookup = tcp_v4_md5_lookup, 1816 .calc_md5_hash = tcp_v4_md5_hash_skb, 1817 .md5_add = tcp_v6_md5_add_func, 1818 .md5_parse = tcp_v6_parse_md5_keys, 1819 }; 1820 #endif 1821 1822 /* NOTE: A lot of things set to zero explicitly by call to 1823 * sk_alloc() so need not be done here. 1824 */ 1825 static int tcp_v6_init_sock(struct sock *sk) 1826 { 1827 struct inet_connection_sock *icsk = inet_csk(sk); 1828 struct tcp_sock *tp = tcp_sk(sk); 1829 1830 skb_queue_head_init(&tp->out_of_order_queue); 1831 tcp_init_xmit_timers(sk); 1832 tcp_prequeue_init(tp); 1833 1834 icsk->icsk_rto = TCP_TIMEOUT_INIT; 1835 tp->mdev = TCP_TIMEOUT_INIT; 1836 1837 /* So many TCP implementations out there (incorrectly) count the 1838 * initial SYN frame in their delayed-ACK and congestion control 1839 * algorithms that we must have the following bandaid to talk 1840 * efficiently to them. -DaveM 1841 */ 1842 tp->snd_cwnd = 2; 1843 1844 /* See draft-stevens-tcpca-spec-01 for discussion of the 1845 * initialization of these values. 1846 */ 1847 tp->snd_ssthresh = 0x7fffffff; 1848 tp->snd_cwnd_clamp = ~0; 1849 tp->mss_cache = 536; 1850 1851 tp->reordering = sysctl_tcp_reordering; 1852 1853 sk->sk_state = TCP_CLOSE; 1854 1855 icsk->icsk_af_ops = &ipv6_specific; 1856 icsk->icsk_ca_ops = &tcp_init_congestion_ops; 1857 icsk->icsk_sync_mss = tcp_sync_mss; 1858 sk->sk_write_space = sk_stream_write_space; 1859 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE); 1860 1861 #ifdef CONFIG_TCP_MD5SIG 1862 tp->af_specific = &tcp_sock_ipv6_specific; 1863 #endif 1864 1865 sk->sk_sndbuf = sysctl_tcp_wmem[1]; 1866 sk->sk_rcvbuf = sysctl_tcp_rmem[1]; 1867 1868 local_bh_disable(); 1869 percpu_counter_inc(&tcp_sockets_allocated); 1870 local_bh_enable(); 1871 1872 return 0; 1873 } 1874 1875 static void tcp_v6_destroy_sock(struct sock *sk) 1876 { 1877 #ifdef CONFIG_TCP_MD5SIG 1878 /* Clean up the MD5 key list */ 1879 if (tcp_sk(sk)->md5sig_info) 1880 tcp_v6_clear_md5_list(sk); 1881 #endif 1882 tcp_v4_destroy_sock(sk); 1883 inet6_destroy_sock(sk); 1884 } 1885 1886 #ifdef CONFIG_PROC_FS 1887 /* Proc filesystem TCPv6 sock list dumping. */ 1888 static void get_openreq6(struct seq_file *seq, 1889 struct sock *sk, struct request_sock *req, int i, int uid) 1890 { 1891 int ttd = req->expires - jiffies; 1892 struct in6_addr *src = &inet6_rsk(req)->loc_addr; 1893 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr; 1894 1895 if (ttd < 0) 1896 ttd = 0; 1897 1898 seq_printf(seq, 1899 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1900 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 1901 i, 1902 src->s6_addr32[0], src->s6_addr32[1], 1903 src->s6_addr32[2], src->s6_addr32[3], 1904 ntohs(inet_rsk(req)->loc_port), 1905 dest->s6_addr32[0], dest->s6_addr32[1], 1906 dest->s6_addr32[2], dest->s6_addr32[3], 1907 ntohs(inet_rsk(req)->rmt_port), 1908 TCP_SYN_RECV, 1909 0,0, /* could print option size, but that is af dependent. */ 1910 1, /* timers active (only the expire timer) */ 1911 jiffies_to_clock_t(ttd), 1912 req->retrans, 1913 uid, 1914 0, /* non standard timer */ 1915 0, /* open_requests have no inode */ 1916 0, req); 1917 } 1918 1919 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) 1920 { 1921 struct in6_addr *dest, *src; 1922 __u16 destp, srcp; 1923 int timer_active; 1924 unsigned long timer_expires; 1925 struct inet_sock *inet = inet_sk(sp); 1926 struct tcp_sock *tp = tcp_sk(sp); 1927 const struct inet_connection_sock *icsk = inet_csk(sp); 1928 struct ipv6_pinfo *np = inet6_sk(sp); 1929 1930 dest = &np->daddr; 1931 src = &np->rcv_saddr; 1932 destp = ntohs(inet->dport); 1933 srcp = ntohs(inet->sport); 1934 1935 if (icsk->icsk_pending == ICSK_TIME_RETRANS) { 1936 timer_active = 1; 1937 timer_expires = icsk->icsk_timeout; 1938 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) { 1939 timer_active = 4; 1940 timer_expires = icsk->icsk_timeout; 1941 } else if (timer_pending(&sp->sk_timer)) { 1942 timer_active = 2; 1943 timer_expires = sp->sk_timer.expires; 1944 } else { 1945 timer_active = 0; 1946 timer_expires = jiffies; 1947 } 1948 1949 seq_printf(seq, 1950 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1951 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %lu %lu %u %u %d\n", 1952 i, 1953 src->s6_addr32[0], src->s6_addr32[1], 1954 src->s6_addr32[2], src->s6_addr32[3], srcp, 1955 dest->s6_addr32[0], dest->s6_addr32[1], 1956 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1957 sp->sk_state, 1958 tp->write_seq-tp->snd_una, 1959 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq), 1960 timer_active, 1961 jiffies_to_clock_t(timer_expires - jiffies), 1962 icsk->icsk_retransmits, 1963 sock_i_uid(sp), 1964 icsk->icsk_probes_out, 1965 sock_i_ino(sp), 1966 atomic_read(&sp->sk_refcnt), sp, 1967 jiffies_to_clock_t(icsk->icsk_rto), 1968 jiffies_to_clock_t(icsk->icsk_ack.ato), 1969 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong, 1970 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh 1971 ); 1972 } 1973 1974 static void get_timewait6_sock(struct seq_file *seq, 1975 struct inet_timewait_sock *tw, int i) 1976 { 1977 struct in6_addr *dest, *src; 1978 __u16 destp, srcp; 1979 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw); 1980 int ttd = tw->tw_ttd - jiffies; 1981 1982 if (ttd < 0) 1983 ttd = 0; 1984 1985 dest = &tw6->tw_v6_daddr; 1986 src = &tw6->tw_v6_rcv_saddr; 1987 destp = ntohs(tw->tw_dport); 1988 srcp = ntohs(tw->tw_sport); 1989 1990 seq_printf(seq, 1991 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1992 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 1993 i, 1994 src->s6_addr32[0], src->s6_addr32[1], 1995 src->s6_addr32[2], src->s6_addr32[3], srcp, 1996 dest->s6_addr32[0], dest->s6_addr32[1], 1997 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1998 tw->tw_substate, 0, 0, 1999 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, 2000 atomic_read(&tw->tw_refcnt), tw); 2001 } 2002 2003 static int tcp6_seq_show(struct seq_file *seq, void *v) 2004 { 2005 struct tcp_iter_state *st; 2006 2007 if (v == SEQ_START_TOKEN) { 2008 seq_puts(seq, 2009 " sl " 2010 "local_address " 2011 "remote_address " 2012 "st tx_queue rx_queue tr tm->when retrnsmt" 2013 " uid timeout inode\n"); 2014 goto out; 2015 } 2016 st = seq->private; 2017 2018 switch (st->state) { 2019 case TCP_SEQ_STATE_LISTENING: 2020 case TCP_SEQ_STATE_ESTABLISHED: 2021 get_tcp6_sock(seq, v, st->num); 2022 break; 2023 case TCP_SEQ_STATE_OPENREQ: 2024 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid); 2025 break; 2026 case TCP_SEQ_STATE_TIME_WAIT: 2027 get_timewait6_sock(seq, v, st->num); 2028 break; 2029 } 2030 out: 2031 return 0; 2032 } 2033 2034 static struct tcp_seq_afinfo tcp6_seq_afinfo = { 2035 .name = "tcp6", 2036 .family = AF_INET6, 2037 .seq_fops = { 2038 .owner = THIS_MODULE, 2039 }, 2040 .seq_ops = { 2041 .show = tcp6_seq_show, 2042 }, 2043 }; 2044 2045 int tcp6_proc_init(struct net *net) 2046 { 2047 return tcp_proc_register(net, &tcp6_seq_afinfo); 2048 } 2049 2050 void tcp6_proc_exit(struct net *net) 2051 { 2052 tcp_proc_unregister(net, &tcp6_seq_afinfo); 2053 } 2054 #endif 2055 2056 struct proto tcpv6_prot = { 2057 .name = "TCPv6", 2058 .owner = THIS_MODULE, 2059 .close = tcp_close, 2060 .connect = tcp_v6_connect, 2061 .disconnect = tcp_disconnect, 2062 .accept = inet_csk_accept, 2063 .ioctl = tcp_ioctl, 2064 .init = tcp_v6_init_sock, 2065 .destroy = tcp_v6_destroy_sock, 2066 .shutdown = tcp_shutdown, 2067 .setsockopt = tcp_setsockopt, 2068 .getsockopt = tcp_getsockopt, 2069 .recvmsg = tcp_recvmsg, 2070 .backlog_rcv = tcp_v6_do_rcv, 2071 .hash = tcp_v6_hash, 2072 .unhash = inet_unhash, 2073 .get_port = inet_csk_get_port, 2074 .enter_memory_pressure = tcp_enter_memory_pressure, 2075 .sockets_allocated = &tcp_sockets_allocated, 2076 .memory_allocated = &tcp_memory_allocated, 2077 .memory_pressure = &tcp_memory_pressure, 2078 .orphan_count = &tcp_orphan_count, 2079 .sysctl_mem = sysctl_tcp_mem, 2080 .sysctl_wmem = sysctl_tcp_wmem, 2081 .sysctl_rmem = sysctl_tcp_rmem, 2082 .max_header = MAX_TCP_HEADER, 2083 .obj_size = sizeof(struct tcp6_sock), 2084 .slab_flags = SLAB_DESTROY_BY_RCU, 2085 .twsk_prot = &tcp6_timewait_sock_ops, 2086 .rsk_prot = &tcp6_request_sock_ops, 2087 .h.hashinfo = &tcp_hashinfo, 2088 #ifdef CONFIG_COMPAT 2089 .compat_setsockopt = compat_tcp_setsockopt, 2090 .compat_getsockopt = compat_tcp_getsockopt, 2091 #endif 2092 }; 2093 2094 static struct inet6_protocol tcpv6_protocol = { 2095 .handler = tcp_v6_rcv, 2096 .err_handler = tcp_v6_err, 2097 .gso_send_check = tcp_v6_gso_send_check, 2098 .gso_segment = tcp_tso_segment, 2099 .gro_receive = tcp6_gro_receive, 2100 .gro_complete = tcp6_gro_complete, 2101 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 2102 }; 2103 2104 static struct inet_protosw tcpv6_protosw = { 2105 .type = SOCK_STREAM, 2106 .protocol = IPPROTO_TCP, 2107 .prot = &tcpv6_prot, 2108 .ops = &inet6_stream_ops, 2109 .capability = -1, 2110 .no_check = 0, 2111 .flags = INET_PROTOSW_PERMANENT | 2112 INET_PROTOSW_ICSK, 2113 }; 2114 2115 static int tcpv6_net_init(struct net *net) 2116 { 2117 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6, 2118 SOCK_RAW, IPPROTO_TCP, net); 2119 } 2120 2121 static void tcpv6_net_exit(struct net *net) 2122 { 2123 inet_ctl_sock_destroy(net->ipv6.tcp_sk); 2124 inet_twsk_purge(net, &tcp_hashinfo, &tcp_death_row, AF_INET6); 2125 } 2126 2127 static struct pernet_operations tcpv6_net_ops = { 2128 .init = tcpv6_net_init, 2129 .exit = tcpv6_net_exit, 2130 }; 2131 2132 int __init tcpv6_init(void) 2133 { 2134 int ret; 2135 2136 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP); 2137 if (ret) 2138 goto out; 2139 2140 /* register inet6 protocol */ 2141 ret = inet6_register_protosw(&tcpv6_protosw); 2142 if (ret) 2143 goto out_tcpv6_protocol; 2144 2145 ret = register_pernet_subsys(&tcpv6_net_ops); 2146 if (ret) 2147 goto out_tcpv6_protosw; 2148 out: 2149 return ret; 2150 2151 out_tcpv6_protocol: 2152 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP); 2153 out_tcpv6_protosw: 2154 inet6_unregister_protosw(&tcpv6_protosw); 2155 goto out; 2156 } 2157 2158 void tcpv6_exit(void) 2159 { 2160 unregister_pernet_subsys(&tcpv6_net_ops); 2161 inet6_unregister_protosw(&tcpv6_protosw); 2162 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP); 2163 } 2164