1 /* 2 * TCP over IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * $Id: tcp_ipv6.c,v 1.144 2002/02/01 22:01:04 davem Exp $ 9 * 10 * Based on: 11 * linux/net/ipv4/tcp.c 12 * linux/net/ipv4/tcp_input.c 13 * linux/net/ipv4/tcp_output.c 14 * 15 * Fixes: 16 * Hideaki YOSHIFUJI : sin6_scope_id support 17 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which 18 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind 19 * a single port at the same time. 20 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file. 21 * 22 * This program is free software; you can redistribute it and/or 23 * modify it under the terms of the GNU General Public License 24 * as published by the Free Software Foundation; either version 25 * 2 of the License, or (at your option) any later version. 26 */ 27 28 #include <linux/module.h> 29 #include <linux/errno.h> 30 #include <linux/types.h> 31 #include <linux/socket.h> 32 #include <linux/sockios.h> 33 #include <linux/net.h> 34 #include <linux/jiffies.h> 35 #include <linux/in.h> 36 #include <linux/in6.h> 37 #include <linux/netdevice.h> 38 #include <linux/init.h> 39 #include <linux/jhash.h> 40 #include <linux/ipsec.h> 41 #include <linux/times.h> 42 43 #include <linux/ipv6.h> 44 #include <linux/icmpv6.h> 45 #include <linux/random.h> 46 47 #include <net/tcp.h> 48 #include <net/ndisc.h> 49 #include <net/inet6_hashtables.h> 50 #include <net/inet6_connection_sock.h> 51 #include <net/ipv6.h> 52 #include <net/transp_v6.h> 53 #include <net/addrconf.h> 54 #include <net/ip6_route.h> 55 #include <net/ip6_checksum.h> 56 #include <net/inet_ecn.h> 57 #include <net/protocol.h> 58 #include <net/xfrm.h> 59 #include <net/addrconf.h> 60 #include <net/snmp.h> 61 #include <net/dsfield.h> 62 #include <net/timewait_sock.h> 63 64 #include <asm/uaccess.h> 65 66 #include <linux/proc_fs.h> 67 #include <linux/seq_file.h> 68 69 /* Socket used for sending RSTs and ACKs */ 70 static struct socket *tcp6_socket; 71 72 static void tcp_v6_send_reset(struct sk_buff *skb); 73 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req); 74 static void tcp_v6_send_check(struct sock *sk, int len, 75 struct sk_buff *skb); 76 77 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb); 78 79 static struct inet_connection_sock_af_ops ipv6_mapped; 80 static struct inet_connection_sock_af_ops ipv6_specific; 81 82 static int tcp_v6_get_port(struct sock *sk, unsigned short snum) 83 { 84 return inet_csk_get_port(&tcp_hashinfo, sk, snum, 85 inet6_csk_bind_conflict); 86 } 87 88 static void tcp_v6_hash(struct sock *sk) 89 { 90 if (sk->sk_state != TCP_CLOSE) { 91 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) { 92 tcp_prot.hash(sk); 93 return; 94 } 95 local_bh_disable(); 96 __inet6_hash(&tcp_hashinfo, sk); 97 local_bh_enable(); 98 } 99 } 100 101 static __inline__ u16 tcp_v6_check(struct tcphdr *th, int len, 102 struct in6_addr *saddr, 103 struct in6_addr *daddr, 104 unsigned long base) 105 { 106 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base); 107 } 108 109 static __u32 tcp_v6_init_sequence(struct sock *sk, struct sk_buff *skb) 110 { 111 if (skb->protocol == htons(ETH_P_IPV6)) { 112 return secure_tcpv6_sequence_number(skb->nh.ipv6h->daddr.s6_addr32, 113 skb->nh.ipv6h->saddr.s6_addr32, 114 skb->h.th->dest, 115 skb->h.th->source); 116 } else { 117 return secure_tcp_sequence_number(skb->nh.iph->daddr, 118 skb->nh.iph->saddr, 119 skb->h.th->dest, 120 skb->h.th->source); 121 } 122 } 123 124 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, 125 int addr_len) 126 { 127 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; 128 struct inet_sock *inet = inet_sk(sk); 129 struct inet_connection_sock *icsk = inet_csk(sk); 130 struct ipv6_pinfo *np = inet6_sk(sk); 131 struct tcp_sock *tp = tcp_sk(sk); 132 struct in6_addr *saddr = NULL, *final_p = NULL, final; 133 struct flowi fl; 134 struct dst_entry *dst; 135 int addr_type; 136 int err; 137 138 if (addr_len < SIN6_LEN_RFC2133) 139 return -EINVAL; 140 141 if (usin->sin6_family != AF_INET6) 142 return(-EAFNOSUPPORT); 143 144 memset(&fl, 0, sizeof(fl)); 145 146 if (np->sndflow) { 147 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK; 148 IP6_ECN_flow_init(fl.fl6_flowlabel); 149 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) { 150 struct ip6_flowlabel *flowlabel; 151 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); 152 if (flowlabel == NULL) 153 return -EINVAL; 154 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst); 155 fl6_sock_release(flowlabel); 156 } 157 } 158 159 /* 160 * connect() to INADDR_ANY means loopback (BSD'ism). 161 */ 162 163 if(ipv6_addr_any(&usin->sin6_addr)) 164 usin->sin6_addr.s6_addr[15] = 0x1; 165 166 addr_type = ipv6_addr_type(&usin->sin6_addr); 167 168 if(addr_type & IPV6_ADDR_MULTICAST) 169 return -ENETUNREACH; 170 171 if (addr_type&IPV6_ADDR_LINKLOCAL) { 172 if (addr_len >= sizeof(struct sockaddr_in6) && 173 usin->sin6_scope_id) { 174 /* If interface is set while binding, indices 175 * must coincide. 176 */ 177 if (sk->sk_bound_dev_if && 178 sk->sk_bound_dev_if != usin->sin6_scope_id) 179 return -EINVAL; 180 181 sk->sk_bound_dev_if = usin->sin6_scope_id; 182 } 183 184 /* Connect to link-local address requires an interface */ 185 if (!sk->sk_bound_dev_if) 186 return -EINVAL; 187 } 188 189 if (tp->rx_opt.ts_recent_stamp && 190 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) { 191 tp->rx_opt.ts_recent = 0; 192 tp->rx_opt.ts_recent_stamp = 0; 193 tp->write_seq = 0; 194 } 195 196 ipv6_addr_copy(&np->daddr, &usin->sin6_addr); 197 np->flow_label = fl.fl6_flowlabel; 198 199 /* 200 * TCP over IPv4 201 */ 202 203 if (addr_type == IPV6_ADDR_MAPPED) { 204 u32 exthdrlen = icsk->icsk_ext_hdr_len; 205 struct sockaddr_in sin; 206 207 SOCK_DEBUG(sk, "connect: ipv4 mapped\n"); 208 209 if (__ipv6_only_sock(sk)) 210 return -ENETUNREACH; 211 212 sin.sin_family = AF_INET; 213 sin.sin_port = usin->sin6_port; 214 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3]; 215 216 icsk->icsk_af_ops = &ipv6_mapped; 217 sk->sk_backlog_rcv = tcp_v4_do_rcv; 218 219 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin)); 220 221 if (err) { 222 icsk->icsk_ext_hdr_len = exthdrlen; 223 icsk->icsk_af_ops = &ipv6_specific; 224 sk->sk_backlog_rcv = tcp_v6_do_rcv; 225 goto failure; 226 } else { 227 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF), 228 inet->saddr); 229 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF), 230 inet->rcv_saddr); 231 } 232 233 return err; 234 } 235 236 if (!ipv6_addr_any(&np->rcv_saddr)) 237 saddr = &np->rcv_saddr; 238 239 fl.proto = IPPROTO_TCP; 240 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 241 ipv6_addr_copy(&fl.fl6_src, 242 (saddr ? saddr : &np->saddr)); 243 fl.oif = sk->sk_bound_dev_if; 244 fl.fl_ip_dport = usin->sin6_port; 245 fl.fl_ip_sport = inet->sport; 246 247 if (np->opt && np->opt->srcrt) { 248 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt; 249 ipv6_addr_copy(&final, &fl.fl6_dst); 250 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 251 final_p = &final; 252 } 253 254 err = ip6_dst_lookup(sk, &dst, &fl); 255 if (err) 256 goto failure; 257 if (final_p) 258 ipv6_addr_copy(&fl.fl6_dst, final_p); 259 260 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 261 goto failure; 262 263 if (saddr == NULL) { 264 saddr = &fl.fl6_src; 265 ipv6_addr_copy(&np->rcv_saddr, saddr); 266 } 267 268 /* set the source address */ 269 ipv6_addr_copy(&np->saddr, saddr); 270 inet->rcv_saddr = LOOPBACK4_IPV6; 271 272 sk->sk_gso_type = SKB_GSO_TCPV6; 273 __ip6_dst_store(sk, dst, NULL); 274 275 icsk->icsk_ext_hdr_len = 0; 276 if (np->opt) 277 icsk->icsk_ext_hdr_len = (np->opt->opt_flen + 278 np->opt->opt_nflen); 279 280 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 281 282 inet->dport = usin->sin6_port; 283 284 tcp_set_state(sk, TCP_SYN_SENT); 285 err = inet6_hash_connect(&tcp_death_row, sk); 286 if (err) 287 goto late_failure; 288 289 if (!tp->write_seq) 290 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32, 291 np->daddr.s6_addr32, 292 inet->sport, 293 inet->dport); 294 295 err = tcp_connect(sk); 296 if (err) 297 goto late_failure; 298 299 return 0; 300 301 late_failure: 302 tcp_set_state(sk, TCP_CLOSE); 303 __sk_dst_reset(sk); 304 failure: 305 inet->dport = 0; 306 sk->sk_route_caps = 0; 307 return err; 308 } 309 310 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 311 int type, int code, int offset, __u32 info) 312 { 313 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data; 314 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset); 315 struct ipv6_pinfo *np; 316 struct sock *sk; 317 int err; 318 struct tcp_sock *tp; 319 __u32 seq; 320 321 sk = inet6_lookup(&tcp_hashinfo, &hdr->daddr, th->dest, &hdr->saddr, 322 th->source, skb->dev->ifindex); 323 324 if (sk == NULL) { 325 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS); 326 return; 327 } 328 329 if (sk->sk_state == TCP_TIME_WAIT) { 330 inet_twsk_put((struct inet_timewait_sock *)sk); 331 return; 332 } 333 334 bh_lock_sock(sk); 335 if (sock_owned_by_user(sk)) 336 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS); 337 338 if (sk->sk_state == TCP_CLOSE) 339 goto out; 340 341 tp = tcp_sk(sk); 342 seq = ntohl(th->seq); 343 if (sk->sk_state != TCP_LISTEN && 344 !between(seq, tp->snd_una, tp->snd_nxt)) { 345 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS); 346 goto out; 347 } 348 349 np = inet6_sk(sk); 350 351 if (type == ICMPV6_PKT_TOOBIG) { 352 struct dst_entry *dst = NULL; 353 354 if (sock_owned_by_user(sk)) 355 goto out; 356 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) 357 goto out; 358 359 /* icmp should have updated the destination cache entry */ 360 dst = __sk_dst_check(sk, np->dst_cookie); 361 362 if (dst == NULL) { 363 struct inet_sock *inet = inet_sk(sk); 364 struct flowi fl; 365 366 /* BUGGG_FUTURE: Again, it is not clear how 367 to handle rthdr case. Ignore this complexity 368 for now. 369 */ 370 memset(&fl, 0, sizeof(fl)); 371 fl.proto = IPPROTO_TCP; 372 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 373 ipv6_addr_copy(&fl.fl6_src, &np->saddr); 374 fl.oif = sk->sk_bound_dev_if; 375 fl.fl_ip_dport = inet->dport; 376 fl.fl_ip_sport = inet->sport; 377 378 if ((err = ip6_dst_lookup(sk, &dst, &fl))) { 379 sk->sk_err_soft = -err; 380 goto out; 381 } 382 383 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { 384 sk->sk_err_soft = -err; 385 goto out; 386 } 387 388 } else 389 dst_hold(dst); 390 391 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) { 392 tcp_sync_mss(sk, dst_mtu(dst)); 393 tcp_simple_retransmit(sk); 394 } /* else let the usual retransmit timer handle it */ 395 dst_release(dst); 396 goto out; 397 } 398 399 icmpv6_err_convert(type, code, &err); 400 401 /* Might be for an request_sock */ 402 switch (sk->sk_state) { 403 struct request_sock *req, **prev; 404 case TCP_LISTEN: 405 if (sock_owned_by_user(sk)) 406 goto out; 407 408 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr, 409 &hdr->saddr, inet6_iif(skb)); 410 if (!req) 411 goto out; 412 413 /* ICMPs are not backlogged, hence we cannot get 414 * an established socket here. 415 */ 416 BUG_TRAP(req->sk == NULL); 417 418 if (seq != tcp_rsk(req)->snt_isn) { 419 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS); 420 goto out; 421 } 422 423 inet_csk_reqsk_queue_drop(sk, req, prev); 424 goto out; 425 426 case TCP_SYN_SENT: 427 case TCP_SYN_RECV: /* Cannot happen. 428 It can, it SYNs are crossed. --ANK */ 429 if (!sock_owned_by_user(sk)) { 430 sk->sk_err = err; 431 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */ 432 433 tcp_done(sk); 434 } else 435 sk->sk_err_soft = err; 436 goto out; 437 } 438 439 if (!sock_owned_by_user(sk) && np->recverr) { 440 sk->sk_err = err; 441 sk->sk_error_report(sk); 442 } else 443 sk->sk_err_soft = err; 444 445 out: 446 bh_unlock_sock(sk); 447 sock_put(sk); 448 } 449 450 451 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req, 452 struct dst_entry *dst) 453 { 454 struct inet6_request_sock *treq = inet6_rsk(req); 455 struct ipv6_pinfo *np = inet6_sk(sk); 456 struct sk_buff * skb; 457 struct ipv6_txoptions *opt = NULL; 458 struct in6_addr * final_p = NULL, final; 459 struct flowi fl; 460 int err = -1; 461 462 memset(&fl, 0, sizeof(fl)); 463 fl.proto = IPPROTO_TCP; 464 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 465 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 466 fl.fl6_flowlabel = 0; 467 fl.oif = treq->iif; 468 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 469 fl.fl_ip_sport = inet_sk(sk)->sport; 470 471 if (dst == NULL) { 472 opt = np->opt; 473 if (opt == NULL && 474 np->rxopt.bits.osrcrt == 2 && 475 treq->pktopts) { 476 struct sk_buff *pktopts = treq->pktopts; 477 struct inet6_skb_parm *rxopt = IP6CB(pktopts); 478 if (rxopt->srcrt) 479 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr*)(pktopts->nh.raw + rxopt->srcrt)); 480 } 481 482 if (opt && opt->srcrt) { 483 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 484 ipv6_addr_copy(&final, &fl.fl6_dst); 485 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 486 final_p = &final; 487 } 488 489 err = ip6_dst_lookup(sk, &dst, &fl); 490 if (err) 491 goto done; 492 if (final_p) 493 ipv6_addr_copy(&fl.fl6_dst, final_p); 494 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 495 goto done; 496 } 497 498 skb = tcp_make_synack(sk, dst, req); 499 if (skb) { 500 struct tcphdr *th = skb->h.th; 501 502 th->check = tcp_v6_check(th, skb->len, 503 &treq->loc_addr, &treq->rmt_addr, 504 csum_partial((char *)th, skb->len, skb->csum)); 505 506 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 507 err = ip6_xmit(sk, skb, &fl, opt, 0); 508 if (err == NET_XMIT_CN) 509 err = 0; 510 } 511 512 done: 513 if (opt && opt != np->opt) 514 sock_kfree_s(sk, opt, opt->tot_len); 515 dst_release(dst); 516 return err; 517 } 518 519 static void tcp_v6_reqsk_destructor(struct request_sock *req) 520 { 521 if (inet6_rsk(req)->pktopts) 522 kfree_skb(inet6_rsk(req)->pktopts); 523 } 524 525 static struct request_sock_ops tcp6_request_sock_ops = { 526 .family = AF_INET6, 527 .obj_size = sizeof(struct tcp6_request_sock), 528 .rtx_syn_ack = tcp_v6_send_synack, 529 .send_ack = tcp_v6_reqsk_send_ack, 530 .destructor = tcp_v6_reqsk_destructor, 531 .send_reset = tcp_v6_send_reset 532 }; 533 534 static struct timewait_sock_ops tcp6_timewait_sock_ops = { 535 .twsk_obj_size = sizeof(struct tcp6_timewait_sock), 536 .twsk_unique = tcp_twsk_unique, 537 }; 538 539 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb) 540 { 541 struct ipv6_pinfo *np = inet6_sk(sk); 542 struct tcphdr *th = skb->h.th; 543 544 if (skb->ip_summed == CHECKSUM_HW) { 545 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0); 546 skb->csum = offsetof(struct tcphdr, check); 547 } else { 548 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 549 csum_partial((char *)th, th->doff<<2, 550 skb->csum)); 551 } 552 } 553 554 static int tcp_v6_gso_send_check(struct sk_buff *skb) 555 { 556 struct ipv6hdr *ipv6h; 557 struct tcphdr *th; 558 559 if (!pskb_may_pull(skb, sizeof(*th))) 560 return -EINVAL; 561 562 ipv6h = skb->nh.ipv6h; 563 th = skb->h.th; 564 565 th->check = 0; 566 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len, 567 IPPROTO_TCP, 0); 568 skb->csum = offsetof(struct tcphdr, check); 569 skb->ip_summed = CHECKSUM_HW; 570 return 0; 571 } 572 573 static void tcp_v6_send_reset(struct sk_buff *skb) 574 { 575 struct tcphdr *th = skb->h.th, *t1; 576 struct sk_buff *buff; 577 struct flowi fl; 578 579 if (th->rst) 580 return; 581 582 if (!ipv6_unicast_destination(skb)) 583 return; 584 585 /* 586 * We need to grab some memory, and put together an RST, 587 * and then put it into the queue to be sent. 588 */ 589 590 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr), 591 GFP_ATOMIC); 592 if (buff == NULL) 593 return; 594 595 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr)); 596 597 t1 = (struct tcphdr *) skb_push(buff,sizeof(struct tcphdr)); 598 599 /* Swap the send and the receive. */ 600 memset(t1, 0, sizeof(*t1)); 601 t1->dest = th->source; 602 t1->source = th->dest; 603 t1->doff = sizeof(*t1)/4; 604 t1->rst = 1; 605 606 if(th->ack) { 607 t1->seq = th->ack_seq; 608 } else { 609 t1->ack = 1; 610 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin 611 + skb->len - (th->doff<<2)); 612 } 613 614 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0); 615 616 memset(&fl, 0, sizeof(fl)); 617 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr); 618 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr); 619 620 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst, 621 sizeof(*t1), IPPROTO_TCP, 622 buff->csum); 623 624 fl.proto = IPPROTO_TCP; 625 fl.oif = inet6_iif(skb); 626 fl.fl_ip_dport = t1->dest; 627 fl.fl_ip_sport = t1->source; 628 629 /* sk = NULL, but it is safe for now. RST socket required. */ 630 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) { 631 632 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) { 633 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0); 634 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS); 635 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS); 636 return; 637 } 638 } 639 640 kfree_skb(buff); 641 } 642 643 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts) 644 { 645 struct tcphdr *th = skb->h.th, *t1; 646 struct sk_buff *buff; 647 struct flowi fl; 648 int tot_len = sizeof(struct tcphdr); 649 650 if (ts) 651 tot_len += 3*4; 652 653 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len, 654 GFP_ATOMIC); 655 if (buff == NULL) 656 return; 657 658 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len); 659 660 t1 = (struct tcphdr *) skb_push(buff,tot_len); 661 662 /* Swap the send and the receive. */ 663 memset(t1, 0, sizeof(*t1)); 664 t1->dest = th->source; 665 t1->source = th->dest; 666 t1->doff = tot_len/4; 667 t1->seq = htonl(seq); 668 t1->ack_seq = htonl(ack); 669 t1->ack = 1; 670 t1->window = htons(win); 671 672 if (ts) { 673 u32 *ptr = (u32*)(t1 + 1); 674 *ptr++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 675 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP); 676 *ptr++ = htonl(tcp_time_stamp); 677 *ptr = htonl(ts); 678 } 679 680 buff->csum = csum_partial((char *)t1, tot_len, 0); 681 682 memset(&fl, 0, sizeof(fl)); 683 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr); 684 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr); 685 686 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst, 687 tot_len, IPPROTO_TCP, 688 buff->csum); 689 690 fl.proto = IPPROTO_TCP; 691 fl.oif = inet6_iif(skb); 692 fl.fl_ip_dport = t1->dest; 693 fl.fl_ip_sport = t1->source; 694 695 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) { 696 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) { 697 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0); 698 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS); 699 return; 700 } 701 } 702 703 kfree_skb(buff); 704 } 705 706 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb) 707 { 708 struct inet_timewait_sock *tw = inet_twsk(sk); 709 const struct tcp_timewait_sock *tcptw = tcp_twsk(sk); 710 711 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt, 712 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale, 713 tcptw->tw_ts_recent); 714 715 inet_twsk_put(tw); 716 } 717 718 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req) 719 { 720 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent); 721 } 722 723 724 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb) 725 { 726 struct request_sock *req, **prev; 727 const struct tcphdr *th = skb->h.th; 728 struct sock *nsk; 729 730 /* Find possible connection requests. */ 731 req = inet6_csk_search_req(sk, &prev, th->source, 732 &skb->nh.ipv6h->saddr, 733 &skb->nh.ipv6h->daddr, inet6_iif(skb)); 734 if (req) 735 return tcp_check_req(sk, skb, req, prev); 736 737 nsk = __inet6_lookup_established(&tcp_hashinfo, &skb->nh.ipv6h->saddr, 738 th->source, &skb->nh.ipv6h->daddr, 739 ntohs(th->dest), inet6_iif(skb)); 740 741 if (nsk) { 742 if (nsk->sk_state != TCP_TIME_WAIT) { 743 bh_lock_sock(nsk); 744 return nsk; 745 } 746 inet_twsk_put((struct inet_timewait_sock *)nsk); 747 return NULL; 748 } 749 750 #if 0 /*def CONFIG_SYN_COOKIES*/ 751 if (!th->rst && !th->syn && th->ack) 752 sk = cookie_v6_check(sk, skb, &(IPCB(skb)->opt)); 753 #endif 754 return sk; 755 } 756 757 /* FIXME: this is substantially similar to the ipv4 code. 758 * Can some kind of merge be done? -- erics 759 */ 760 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) 761 { 762 struct inet6_request_sock *treq; 763 struct ipv6_pinfo *np = inet6_sk(sk); 764 struct tcp_options_received tmp_opt; 765 struct tcp_sock *tp = tcp_sk(sk); 766 struct request_sock *req = NULL; 767 __u32 isn = TCP_SKB_CB(skb)->when; 768 769 if (skb->protocol == htons(ETH_P_IP)) 770 return tcp_v4_conn_request(sk, skb); 771 772 if (!ipv6_unicast_destination(skb)) 773 goto drop; 774 775 /* 776 * There are no SYN attacks on IPv6, yet... 777 */ 778 if (inet_csk_reqsk_queue_is_full(sk) && !isn) { 779 if (net_ratelimit()) 780 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n"); 781 goto drop; 782 } 783 784 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) 785 goto drop; 786 787 req = inet6_reqsk_alloc(&tcp6_request_sock_ops); 788 if (req == NULL) 789 goto drop; 790 791 tcp_clear_options(&tmp_opt); 792 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 793 tmp_opt.user_mss = tp->rx_opt.user_mss; 794 795 tcp_parse_options(skb, &tmp_opt, 0); 796 797 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp; 798 tcp_openreq_init(req, &tmp_opt, skb); 799 800 treq = inet6_rsk(req); 801 ipv6_addr_copy(&treq->rmt_addr, &skb->nh.ipv6h->saddr); 802 ipv6_addr_copy(&treq->loc_addr, &skb->nh.ipv6h->daddr); 803 TCP_ECN_create_request(req, skb->h.th); 804 treq->pktopts = NULL; 805 if (ipv6_opt_accepted(sk, skb) || 806 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo || 807 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) { 808 atomic_inc(&skb->users); 809 treq->pktopts = skb; 810 } 811 treq->iif = sk->sk_bound_dev_if; 812 813 /* So that link locals have meaning */ 814 if (!sk->sk_bound_dev_if && 815 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL) 816 treq->iif = inet6_iif(skb); 817 818 if (isn == 0) 819 isn = tcp_v6_init_sequence(sk,skb); 820 821 tcp_rsk(req)->snt_isn = isn; 822 823 if (tcp_v6_send_synack(sk, req, NULL)) 824 goto drop; 825 826 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT); 827 return 0; 828 829 drop: 830 if (req) 831 reqsk_free(req); 832 833 return 0; /* don't send reset */ 834 } 835 836 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, 837 struct request_sock *req, 838 struct dst_entry *dst) 839 { 840 struct inet6_request_sock *treq = inet6_rsk(req); 841 struct ipv6_pinfo *newnp, *np = inet6_sk(sk); 842 struct tcp6_sock *newtcp6sk; 843 struct inet_sock *newinet; 844 struct tcp_sock *newtp; 845 struct sock *newsk; 846 struct ipv6_txoptions *opt; 847 848 if (skb->protocol == htons(ETH_P_IP)) { 849 /* 850 * v6 mapped 851 */ 852 853 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst); 854 855 if (newsk == NULL) 856 return NULL; 857 858 newtcp6sk = (struct tcp6_sock *)newsk; 859 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 860 861 newinet = inet_sk(newsk); 862 newnp = inet6_sk(newsk); 863 newtp = tcp_sk(newsk); 864 865 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 866 867 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF), 868 newinet->daddr); 869 870 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF), 871 newinet->saddr); 872 873 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr); 874 875 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped; 876 newsk->sk_backlog_rcv = tcp_v4_do_rcv; 877 newnp->pktoptions = NULL; 878 newnp->opt = NULL; 879 newnp->mcast_oif = inet6_iif(skb); 880 newnp->mcast_hops = skb->nh.ipv6h->hop_limit; 881 882 /* 883 * No need to charge this sock to the relevant IPv6 refcnt debug socks count 884 * here, tcp_create_openreq_child now does this for us, see the comment in 885 * that function for the gory details. -acme 886 */ 887 888 /* It is tricky place. Until this moment IPv4 tcp 889 worked with IPv6 icsk.icsk_af_ops. 890 Sync it now. 891 */ 892 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie); 893 894 return newsk; 895 } 896 897 opt = np->opt; 898 899 if (sk_acceptq_is_full(sk)) 900 goto out_overflow; 901 902 if (np->rxopt.bits.osrcrt == 2 && 903 opt == NULL && treq->pktopts) { 904 struct inet6_skb_parm *rxopt = IP6CB(treq->pktopts); 905 if (rxopt->srcrt) 906 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr *)(treq->pktopts->nh.raw + rxopt->srcrt)); 907 } 908 909 if (dst == NULL) { 910 struct in6_addr *final_p = NULL, final; 911 struct flowi fl; 912 913 memset(&fl, 0, sizeof(fl)); 914 fl.proto = IPPROTO_TCP; 915 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 916 if (opt && opt->srcrt) { 917 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 918 ipv6_addr_copy(&final, &fl.fl6_dst); 919 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 920 final_p = &final; 921 } 922 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 923 fl.oif = sk->sk_bound_dev_if; 924 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 925 fl.fl_ip_sport = inet_sk(sk)->sport; 926 927 if (ip6_dst_lookup(sk, &dst, &fl)) 928 goto out; 929 930 if (final_p) 931 ipv6_addr_copy(&fl.fl6_dst, final_p); 932 933 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0) 934 goto out; 935 } 936 937 newsk = tcp_create_openreq_child(sk, req, skb); 938 if (newsk == NULL) 939 goto out; 940 941 /* 942 * No need to charge this sock to the relevant IPv6 refcnt debug socks 943 * count here, tcp_create_openreq_child now does this for us, see the 944 * comment in that function for the gory details. -acme 945 */ 946 947 sk->sk_gso_type = SKB_GSO_TCPV6; 948 __ip6_dst_store(newsk, dst, NULL); 949 950 newtcp6sk = (struct tcp6_sock *)newsk; 951 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 952 953 newtp = tcp_sk(newsk); 954 newinet = inet_sk(newsk); 955 newnp = inet6_sk(newsk); 956 957 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 958 959 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr); 960 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr); 961 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr); 962 newsk->sk_bound_dev_if = treq->iif; 963 964 /* Now IPv6 options... 965 966 First: no IPv4 options. 967 */ 968 newinet->opt = NULL; 969 970 /* Clone RX bits */ 971 newnp->rxopt.all = np->rxopt.all; 972 973 /* Clone pktoptions received with SYN */ 974 newnp->pktoptions = NULL; 975 if (treq->pktopts != NULL) { 976 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC); 977 kfree_skb(treq->pktopts); 978 treq->pktopts = NULL; 979 if (newnp->pktoptions) 980 skb_set_owner_r(newnp->pktoptions, newsk); 981 } 982 newnp->opt = NULL; 983 newnp->mcast_oif = inet6_iif(skb); 984 newnp->mcast_hops = skb->nh.ipv6h->hop_limit; 985 986 /* Clone native IPv6 options from listening socket (if any) 987 988 Yes, keeping reference count would be much more clever, 989 but we make one more one thing there: reattach optmem 990 to newsk. 991 */ 992 if (opt) { 993 newnp->opt = ipv6_dup_options(newsk, opt); 994 if (opt != np->opt) 995 sock_kfree_s(sk, opt, opt->tot_len); 996 } 997 998 inet_csk(newsk)->icsk_ext_hdr_len = 0; 999 if (newnp->opt) 1000 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen + 1001 newnp->opt->opt_flen); 1002 1003 tcp_mtup_init(newsk); 1004 tcp_sync_mss(newsk, dst_mtu(dst)); 1005 newtp->advmss = dst_metric(dst, RTAX_ADVMSS); 1006 tcp_initialize_rcv_mss(newsk); 1007 1008 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6; 1009 1010 __inet6_hash(&tcp_hashinfo, newsk); 1011 inet_inherit_port(&tcp_hashinfo, sk, newsk); 1012 1013 return newsk; 1014 1015 out_overflow: 1016 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS); 1017 out: 1018 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS); 1019 if (opt && opt != np->opt) 1020 sock_kfree_s(sk, opt, opt->tot_len); 1021 dst_release(dst); 1022 return NULL; 1023 } 1024 1025 static int tcp_v6_checksum_init(struct sk_buff *skb) 1026 { 1027 if (skb->ip_summed == CHECKSUM_HW) { 1028 if (!tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr, 1029 &skb->nh.ipv6h->daddr,skb->csum)) { 1030 skb->ip_summed = CHECKSUM_UNNECESSARY; 1031 return 0; 1032 } 1033 } 1034 1035 skb->csum = ~tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr, 1036 &skb->nh.ipv6h->daddr, 0); 1037 1038 if (skb->len <= 76) { 1039 return __skb_checksum_complete(skb); 1040 } 1041 return 0; 1042 } 1043 1044 /* The socket must have it's spinlock held when we get 1045 * here. 1046 * 1047 * We have a potential double-lock case here, so even when 1048 * doing backlog processing we use the BH locking scheme. 1049 * This is because we cannot sleep with the original spinlock 1050 * held. 1051 */ 1052 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) 1053 { 1054 struct ipv6_pinfo *np = inet6_sk(sk); 1055 struct tcp_sock *tp; 1056 struct sk_buff *opt_skb = NULL; 1057 1058 /* Imagine: socket is IPv6. IPv4 packet arrives, 1059 goes to IPv4 receive handler and backlogged. 1060 From backlog it always goes here. Kerboom... 1061 Fortunately, tcp_rcv_established and rcv_established 1062 handle them correctly, but it is not case with 1063 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK 1064 */ 1065 1066 if (skb->protocol == htons(ETH_P_IP)) 1067 return tcp_v4_do_rcv(sk, skb); 1068 1069 if (sk_filter(sk, skb, 0)) 1070 goto discard; 1071 1072 /* 1073 * socket locking is here for SMP purposes as backlog rcv 1074 * is currently called with bh processing disabled. 1075 */ 1076 1077 /* Do Stevens' IPV6_PKTOPTIONS. 1078 1079 Yes, guys, it is the only place in our code, where we 1080 may make it not affecting IPv4. 1081 The rest of code is protocol independent, 1082 and I do not like idea to uglify IPv4. 1083 1084 Actually, all the idea behind IPV6_PKTOPTIONS 1085 looks not very well thought. For now we latch 1086 options, received in the last packet, enqueued 1087 by tcp. Feel free to propose better solution. 1088 --ANK (980728) 1089 */ 1090 if (np->rxopt.all) 1091 opt_skb = skb_clone(skb, GFP_ATOMIC); 1092 1093 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */ 1094 TCP_CHECK_TIMER(sk); 1095 if (tcp_rcv_established(sk, skb, skb->h.th, skb->len)) 1096 goto reset; 1097 TCP_CHECK_TIMER(sk); 1098 if (opt_skb) 1099 goto ipv6_pktoptions; 1100 return 0; 1101 } 1102 1103 if (skb->len < (skb->h.th->doff<<2) || tcp_checksum_complete(skb)) 1104 goto csum_err; 1105 1106 if (sk->sk_state == TCP_LISTEN) { 1107 struct sock *nsk = tcp_v6_hnd_req(sk, skb); 1108 if (!nsk) 1109 goto discard; 1110 1111 /* 1112 * Queue it on the new socket if the new socket is active, 1113 * otherwise we just shortcircuit this and continue with 1114 * the new socket.. 1115 */ 1116 if(nsk != sk) { 1117 if (tcp_child_process(sk, nsk, skb)) 1118 goto reset; 1119 if (opt_skb) 1120 __kfree_skb(opt_skb); 1121 return 0; 1122 } 1123 } 1124 1125 TCP_CHECK_TIMER(sk); 1126 if (tcp_rcv_state_process(sk, skb, skb->h.th, skb->len)) 1127 goto reset; 1128 TCP_CHECK_TIMER(sk); 1129 if (opt_skb) 1130 goto ipv6_pktoptions; 1131 return 0; 1132 1133 reset: 1134 tcp_v6_send_reset(skb); 1135 discard: 1136 if (opt_skb) 1137 __kfree_skb(opt_skb); 1138 kfree_skb(skb); 1139 return 0; 1140 csum_err: 1141 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1142 goto discard; 1143 1144 1145 ipv6_pktoptions: 1146 /* Do you ask, what is it? 1147 1148 1. skb was enqueued by tcp. 1149 2. skb is added to tail of read queue, rather than out of order. 1150 3. socket is not in passive state. 1151 4. Finally, it really contains options, which user wants to receive. 1152 */ 1153 tp = tcp_sk(sk); 1154 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt && 1155 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) { 1156 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo) 1157 np->mcast_oif = inet6_iif(opt_skb); 1158 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) 1159 np->mcast_hops = opt_skb->nh.ipv6h->hop_limit; 1160 if (ipv6_opt_accepted(sk, opt_skb)) { 1161 skb_set_owner_r(opt_skb, sk); 1162 opt_skb = xchg(&np->pktoptions, opt_skb); 1163 } else { 1164 __kfree_skb(opt_skb); 1165 opt_skb = xchg(&np->pktoptions, NULL); 1166 } 1167 } 1168 1169 if (opt_skb) 1170 kfree_skb(opt_skb); 1171 return 0; 1172 } 1173 1174 static int tcp_v6_rcv(struct sk_buff **pskb) 1175 { 1176 struct sk_buff *skb = *pskb; 1177 struct tcphdr *th; 1178 struct sock *sk; 1179 int ret; 1180 1181 if (skb->pkt_type != PACKET_HOST) 1182 goto discard_it; 1183 1184 /* 1185 * Count it even if it's bad. 1186 */ 1187 TCP_INC_STATS_BH(TCP_MIB_INSEGS); 1188 1189 if (!pskb_may_pull(skb, sizeof(struct tcphdr))) 1190 goto discard_it; 1191 1192 th = skb->h.th; 1193 1194 if (th->doff < sizeof(struct tcphdr)/4) 1195 goto bad_packet; 1196 if (!pskb_may_pull(skb, th->doff*4)) 1197 goto discard_it; 1198 1199 if ((skb->ip_summed != CHECKSUM_UNNECESSARY && 1200 tcp_v6_checksum_init(skb))) 1201 goto bad_packet; 1202 1203 th = skb->h.th; 1204 TCP_SKB_CB(skb)->seq = ntohl(th->seq); 1205 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin + 1206 skb->len - th->doff*4); 1207 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq); 1208 TCP_SKB_CB(skb)->when = 0; 1209 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(skb->nh.ipv6h); 1210 TCP_SKB_CB(skb)->sacked = 0; 1211 1212 sk = __inet6_lookup(&tcp_hashinfo, &skb->nh.ipv6h->saddr, th->source, 1213 &skb->nh.ipv6h->daddr, ntohs(th->dest), 1214 inet6_iif(skb)); 1215 1216 if (!sk) 1217 goto no_tcp_socket; 1218 1219 process: 1220 if (sk->sk_state == TCP_TIME_WAIT) 1221 goto do_time_wait; 1222 1223 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) 1224 goto discard_and_relse; 1225 1226 if (sk_filter(sk, skb, 0)) 1227 goto discard_and_relse; 1228 1229 skb->dev = NULL; 1230 1231 bh_lock_sock(sk); 1232 ret = 0; 1233 if (!sock_owned_by_user(sk)) { 1234 #ifdef CONFIG_NET_DMA 1235 struct tcp_sock *tp = tcp_sk(sk); 1236 if (tp->ucopy.dma_chan) 1237 ret = tcp_v6_do_rcv(sk, skb); 1238 else 1239 #endif 1240 { 1241 if (!tcp_prequeue(sk, skb)) 1242 ret = tcp_v6_do_rcv(sk, skb); 1243 } 1244 } else 1245 sk_add_backlog(sk, skb); 1246 bh_unlock_sock(sk); 1247 1248 sock_put(sk); 1249 return ret ? -1 : 0; 1250 1251 no_tcp_socket: 1252 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) 1253 goto discard_it; 1254 1255 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1256 bad_packet: 1257 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1258 } else { 1259 tcp_v6_send_reset(skb); 1260 } 1261 1262 discard_it: 1263 1264 /* 1265 * Discard frame 1266 */ 1267 1268 kfree_skb(skb); 1269 return 0; 1270 1271 discard_and_relse: 1272 sock_put(sk); 1273 goto discard_it; 1274 1275 do_time_wait: 1276 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1277 inet_twsk_put((struct inet_timewait_sock *)sk); 1278 goto discard_it; 1279 } 1280 1281 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1282 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1283 inet_twsk_put((struct inet_timewait_sock *)sk); 1284 goto discard_it; 1285 } 1286 1287 switch (tcp_timewait_state_process((struct inet_timewait_sock *)sk, 1288 skb, th)) { 1289 case TCP_TW_SYN: 1290 { 1291 struct sock *sk2; 1292 1293 sk2 = inet6_lookup_listener(&tcp_hashinfo, 1294 &skb->nh.ipv6h->daddr, 1295 ntohs(th->dest), inet6_iif(skb)); 1296 if (sk2 != NULL) { 1297 struct inet_timewait_sock *tw = inet_twsk(sk); 1298 inet_twsk_deschedule(tw, &tcp_death_row); 1299 inet_twsk_put(tw); 1300 sk = sk2; 1301 goto process; 1302 } 1303 /* Fall through to ACK */ 1304 } 1305 case TCP_TW_ACK: 1306 tcp_v6_timewait_ack(sk, skb); 1307 break; 1308 case TCP_TW_RST: 1309 goto no_tcp_socket; 1310 case TCP_TW_SUCCESS:; 1311 } 1312 goto discard_it; 1313 } 1314 1315 static int tcp_v6_remember_stamp(struct sock *sk) 1316 { 1317 /* Alas, not yet... */ 1318 return 0; 1319 } 1320 1321 static struct inet_connection_sock_af_ops ipv6_specific = { 1322 .queue_xmit = inet6_csk_xmit, 1323 .send_check = tcp_v6_send_check, 1324 .rebuild_header = inet6_sk_rebuild_header, 1325 .conn_request = tcp_v6_conn_request, 1326 .syn_recv_sock = tcp_v6_syn_recv_sock, 1327 .remember_stamp = tcp_v6_remember_stamp, 1328 .net_header_len = sizeof(struct ipv6hdr), 1329 .setsockopt = ipv6_setsockopt, 1330 .getsockopt = ipv6_getsockopt, 1331 .addr2sockaddr = inet6_csk_addr2sockaddr, 1332 .sockaddr_len = sizeof(struct sockaddr_in6), 1333 #ifdef CONFIG_COMPAT 1334 .compat_setsockopt = compat_ipv6_setsockopt, 1335 .compat_getsockopt = compat_ipv6_getsockopt, 1336 #endif 1337 }; 1338 1339 /* 1340 * TCP over IPv4 via INET6 API 1341 */ 1342 1343 static struct inet_connection_sock_af_ops ipv6_mapped = { 1344 .queue_xmit = ip_queue_xmit, 1345 .send_check = tcp_v4_send_check, 1346 .rebuild_header = inet_sk_rebuild_header, 1347 .conn_request = tcp_v6_conn_request, 1348 .syn_recv_sock = tcp_v6_syn_recv_sock, 1349 .remember_stamp = tcp_v4_remember_stamp, 1350 .net_header_len = sizeof(struct iphdr), 1351 .setsockopt = ipv6_setsockopt, 1352 .getsockopt = ipv6_getsockopt, 1353 .addr2sockaddr = inet6_csk_addr2sockaddr, 1354 .sockaddr_len = sizeof(struct sockaddr_in6), 1355 #ifdef CONFIG_COMPAT 1356 .compat_setsockopt = compat_ipv6_setsockopt, 1357 .compat_getsockopt = compat_ipv6_getsockopt, 1358 #endif 1359 }; 1360 1361 /* NOTE: A lot of things set to zero explicitly by call to 1362 * sk_alloc() so need not be done here. 1363 */ 1364 static int tcp_v6_init_sock(struct sock *sk) 1365 { 1366 struct inet_connection_sock *icsk = inet_csk(sk); 1367 struct tcp_sock *tp = tcp_sk(sk); 1368 1369 skb_queue_head_init(&tp->out_of_order_queue); 1370 tcp_init_xmit_timers(sk); 1371 tcp_prequeue_init(tp); 1372 1373 icsk->icsk_rto = TCP_TIMEOUT_INIT; 1374 tp->mdev = TCP_TIMEOUT_INIT; 1375 1376 /* So many TCP implementations out there (incorrectly) count the 1377 * initial SYN frame in their delayed-ACK and congestion control 1378 * algorithms that we must have the following bandaid to talk 1379 * efficiently to them. -DaveM 1380 */ 1381 tp->snd_cwnd = 2; 1382 1383 /* See draft-stevens-tcpca-spec-01 for discussion of the 1384 * initialization of these values. 1385 */ 1386 tp->snd_ssthresh = 0x7fffffff; 1387 tp->snd_cwnd_clamp = ~0; 1388 tp->mss_cache = 536; 1389 1390 tp->reordering = sysctl_tcp_reordering; 1391 1392 sk->sk_state = TCP_CLOSE; 1393 1394 icsk->icsk_af_ops = &ipv6_specific; 1395 icsk->icsk_ca_ops = &tcp_init_congestion_ops; 1396 icsk->icsk_sync_mss = tcp_sync_mss; 1397 sk->sk_write_space = sk_stream_write_space; 1398 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE); 1399 1400 sk->sk_sndbuf = sysctl_tcp_wmem[1]; 1401 sk->sk_rcvbuf = sysctl_tcp_rmem[1]; 1402 1403 atomic_inc(&tcp_sockets_allocated); 1404 1405 return 0; 1406 } 1407 1408 static int tcp_v6_destroy_sock(struct sock *sk) 1409 { 1410 tcp_v4_destroy_sock(sk); 1411 return inet6_destroy_sock(sk); 1412 } 1413 1414 /* Proc filesystem TCPv6 sock list dumping. */ 1415 static void get_openreq6(struct seq_file *seq, 1416 struct sock *sk, struct request_sock *req, int i, int uid) 1417 { 1418 int ttd = req->expires - jiffies; 1419 struct in6_addr *src = &inet6_rsk(req)->loc_addr; 1420 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr; 1421 1422 if (ttd < 0) 1423 ttd = 0; 1424 1425 seq_printf(seq, 1426 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1427 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 1428 i, 1429 src->s6_addr32[0], src->s6_addr32[1], 1430 src->s6_addr32[2], src->s6_addr32[3], 1431 ntohs(inet_sk(sk)->sport), 1432 dest->s6_addr32[0], dest->s6_addr32[1], 1433 dest->s6_addr32[2], dest->s6_addr32[3], 1434 ntohs(inet_rsk(req)->rmt_port), 1435 TCP_SYN_RECV, 1436 0,0, /* could print option size, but that is af dependent. */ 1437 1, /* timers active (only the expire timer) */ 1438 jiffies_to_clock_t(ttd), 1439 req->retrans, 1440 uid, 1441 0, /* non standard timer */ 1442 0, /* open_requests have no inode */ 1443 0, req); 1444 } 1445 1446 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) 1447 { 1448 struct in6_addr *dest, *src; 1449 __u16 destp, srcp; 1450 int timer_active; 1451 unsigned long timer_expires; 1452 struct inet_sock *inet = inet_sk(sp); 1453 struct tcp_sock *tp = tcp_sk(sp); 1454 const struct inet_connection_sock *icsk = inet_csk(sp); 1455 struct ipv6_pinfo *np = inet6_sk(sp); 1456 1457 dest = &np->daddr; 1458 src = &np->rcv_saddr; 1459 destp = ntohs(inet->dport); 1460 srcp = ntohs(inet->sport); 1461 1462 if (icsk->icsk_pending == ICSK_TIME_RETRANS) { 1463 timer_active = 1; 1464 timer_expires = icsk->icsk_timeout; 1465 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) { 1466 timer_active = 4; 1467 timer_expires = icsk->icsk_timeout; 1468 } else if (timer_pending(&sp->sk_timer)) { 1469 timer_active = 2; 1470 timer_expires = sp->sk_timer.expires; 1471 } else { 1472 timer_active = 0; 1473 timer_expires = jiffies; 1474 } 1475 1476 seq_printf(seq, 1477 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1478 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d\n", 1479 i, 1480 src->s6_addr32[0], src->s6_addr32[1], 1481 src->s6_addr32[2], src->s6_addr32[3], srcp, 1482 dest->s6_addr32[0], dest->s6_addr32[1], 1483 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1484 sp->sk_state, 1485 tp->write_seq-tp->snd_una, 1486 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq), 1487 timer_active, 1488 jiffies_to_clock_t(timer_expires - jiffies), 1489 icsk->icsk_retransmits, 1490 sock_i_uid(sp), 1491 icsk->icsk_probes_out, 1492 sock_i_ino(sp), 1493 atomic_read(&sp->sk_refcnt), sp, 1494 icsk->icsk_rto, 1495 icsk->icsk_ack.ato, 1496 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong, 1497 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh 1498 ); 1499 } 1500 1501 static void get_timewait6_sock(struct seq_file *seq, 1502 struct inet_timewait_sock *tw, int i) 1503 { 1504 struct in6_addr *dest, *src; 1505 __u16 destp, srcp; 1506 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw); 1507 int ttd = tw->tw_ttd - jiffies; 1508 1509 if (ttd < 0) 1510 ttd = 0; 1511 1512 dest = &tw6->tw_v6_daddr; 1513 src = &tw6->tw_v6_rcv_saddr; 1514 destp = ntohs(tw->tw_dport); 1515 srcp = ntohs(tw->tw_sport); 1516 1517 seq_printf(seq, 1518 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1519 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 1520 i, 1521 src->s6_addr32[0], src->s6_addr32[1], 1522 src->s6_addr32[2], src->s6_addr32[3], srcp, 1523 dest->s6_addr32[0], dest->s6_addr32[1], 1524 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1525 tw->tw_substate, 0, 0, 1526 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, 1527 atomic_read(&tw->tw_refcnt), tw); 1528 } 1529 1530 #ifdef CONFIG_PROC_FS 1531 static int tcp6_seq_show(struct seq_file *seq, void *v) 1532 { 1533 struct tcp_iter_state *st; 1534 1535 if (v == SEQ_START_TOKEN) { 1536 seq_puts(seq, 1537 " sl " 1538 "local_address " 1539 "remote_address " 1540 "st tx_queue rx_queue tr tm->when retrnsmt" 1541 " uid timeout inode\n"); 1542 goto out; 1543 } 1544 st = seq->private; 1545 1546 switch (st->state) { 1547 case TCP_SEQ_STATE_LISTENING: 1548 case TCP_SEQ_STATE_ESTABLISHED: 1549 get_tcp6_sock(seq, v, st->num); 1550 break; 1551 case TCP_SEQ_STATE_OPENREQ: 1552 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid); 1553 break; 1554 case TCP_SEQ_STATE_TIME_WAIT: 1555 get_timewait6_sock(seq, v, st->num); 1556 break; 1557 } 1558 out: 1559 return 0; 1560 } 1561 1562 static struct file_operations tcp6_seq_fops; 1563 static struct tcp_seq_afinfo tcp6_seq_afinfo = { 1564 .owner = THIS_MODULE, 1565 .name = "tcp6", 1566 .family = AF_INET6, 1567 .seq_show = tcp6_seq_show, 1568 .seq_fops = &tcp6_seq_fops, 1569 }; 1570 1571 int __init tcp6_proc_init(void) 1572 { 1573 return tcp_proc_register(&tcp6_seq_afinfo); 1574 } 1575 1576 void tcp6_proc_exit(void) 1577 { 1578 tcp_proc_unregister(&tcp6_seq_afinfo); 1579 } 1580 #endif 1581 1582 struct proto tcpv6_prot = { 1583 .name = "TCPv6", 1584 .owner = THIS_MODULE, 1585 .close = tcp_close, 1586 .connect = tcp_v6_connect, 1587 .disconnect = tcp_disconnect, 1588 .accept = inet_csk_accept, 1589 .ioctl = tcp_ioctl, 1590 .init = tcp_v6_init_sock, 1591 .destroy = tcp_v6_destroy_sock, 1592 .shutdown = tcp_shutdown, 1593 .setsockopt = tcp_setsockopt, 1594 .getsockopt = tcp_getsockopt, 1595 .sendmsg = tcp_sendmsg, 1596 .recvmsg = tcp_recvmsg, 1597 .backlog_rcv = tcp_v6_do_rcv, 1598 .hash = tcp_v6_hash, 1599 .unhash = tcp_unhash, 1600 .get_port = tcp_v6_get_port, 1601 .enter_memory_pressure = tcp_enter_memory_pressure, 1602 .sockets_allocated = &tcp_sockets_allocated, 1603 .memory_allocated = &tcp_memory_allocated, 1604 .memory_pressure = &tcp_memory_pressure, 1605 .orphan_count = &tcp_orphan_count, 1606 .sysctl_mem = sysctl_tcp_mem, 1607 .sysctl_wmem = sysctl_tcp_wmem, 1608 .sysctl_rmem = sysctl_tcp_rmem, 1609 .max_header = MAX_TCP_HEADER, 1610 .obj_size = sizeof(struct tcp6_sock), 1611 .twsk_prot = &tcp6_timewait_sock_ops, 1612 .rsk_prot = &tcp6_request_sock_ops, 1613 #ifdef CONFIG_COMPAT 1614 .compat_setsockopt = compat_tcp_setsockopt, 1615 .compat_getsockopt = compat_tcp_getsockopt, 1616 #endif 1617 }; 1618 1619 static struct inet6_protocol tcpv6_protocol = { 1620 .handler = tcp_v6_rcv, 1621 .err_handler = tcp_v6_err, 1622 .gso_send_check = tcp_v6_gso_send_check, 1623 .gso_segment = tcp_tso_segment, 1624 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 1625 }; 1626 1627 static struct inet_protosw tcpv6_protosw = { 1628 .type = SOCK_STREAM, 1629 .protocol = IPPROTO_TCP, 1630 .prot = &tcpv6_prot, 1631 .ops = &inet6_stream_ops, 1632 .capability = -1, 1633 .no_check = 0, 1634 .flags = INET_PROTOSW_PERMANENT | 1635 INET_PROTOSW_ICSK, 1636 }; 1637 1638 void __init tcpv6_init(void) 1639 { 1640 /* register inet6 protocol */ 1641 if (inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP) < 0) 1642 printk(KERN_ERR "tcpv6_init: Could not register protocol\n"); 1643 inet6_register_protosw(&tcpv6_protosw); 1644 1645 if (inet_csk_ctl_sock_create(&tcp6_socket, PF_INET6, SOCK_RAW, 1646 IPPROTO_TCP) < 0) 1647 panic("Failed to create the TCPv6 control socket.\n"); 1648 } 1649