1 /* 2 * TCP over IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on: 9 * linux/net/ipv4/tcp.c 10 * linux/net/ipv4/tcp_input.c 11 * linux/net/ipv4/tcp_output.c 12 * 13 * Fixes: 14 * Hideaki YOSHIFUJI : sin6_scope_id support 15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which 16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind 17 * a single port at the same time. 18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file. 19 * 20 * This program is free software; you can redistribute it and/or 21 * modify it under the terms of the GNU General Public License 22 * as published by the Free Software Foundation; either version 23 * 2 of the License, or (at your option) any later version. 24 */ 25 26 #include <linux/module.h> 27 #include <linux/errno.h> 28 #include <linux/types.h> 29 #include <linux/socket.h> 30 #include <linux/sockios.h> 31 #include <linux/net.h> 32 #include <linux/jiffies.h> 33 #include <linux/in.h> 34 #include <linux/in6.h> 35 #include <linux/netdevice.h> 36 #include <linux/init.h> 37 #include <linux/jhash.h> 38 #include <linux/ipsec.h> 39 #include <linux/times.h> 40 41 #include <linux/ipv6.h> 42 #include <linux/icmpv6.h> 43 #include <linux/random.h> 44 45 #include <net/tcp.h> 46 #include <net/ndisc.h> 47 #include <net/inet6_hashtables.h> 48 #include <net/inet6_connection_sock.h> 49 #include <net/ipv6.h> 50 #include <net/transp_v6.h> 51 #include <net/addrconf.h> 52 #include <net/ip6_route.h> 53 #include <net/ip6_checksum.h> 54 #include <net/inet_ecn.h> 55 #include <net/protocol.h> 56 #include <net/xfrm.h> 57 #include <net/snmp.h> 58 #include <net/dsfield.h> 59 #include <net/timewait_sock.h> 60 #include <net/netdma.h> 61 #include <net/inet_common.h> 62 63 #include <asm/uaccess.h> 64 65 #include <linux/proc_fs.h> 66 #include <linux/seq_file.h> 67 68 #include <linux/crypto.h> 69 #include <linux/scatterlist.h> 70 71 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb); 72 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb, 73 struct request_sock *req); 74 75 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb); 76 77 static struct inet_connection_sock_af_ops ipv6_mapped; 78 static struct inet_connection_sock_af_ops ipv6_specific; 79 #ifdef CONFIG_TCP_MD5SIG 80 static struct tcp_sock_af_ops tcp_sock_ipv6_specific; 81 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific; 82 #else 83 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk, 84 struct in6_addr *addr) 85 { 86 return NULL; 87 } 88 #endif 89 90 static void tcp_v6_hash(struct sock *sk) 91 { 92 if (sk->sk_state != TCP_CLOSE) { 93 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) { 94 tcp_prot.hash(sk); 95 return; 96 } 97 local_bh_disable(); 98 __inet6_hash(sk); 99 local_bh_enable(); 100 } 101 } 102 103 static __inline__ __sum16 tcp_v6_check(struct tcphdr *th, int len, 104 struct in6_addr *saddr, 105 struct in6_addr *daddr, 106 __wsum base) 107 { 108 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base); 109 } 110 111 static __u32 tcp_v6_init_sequence(struct sk_buff *skb) 112 { 113 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32, 114 ipv6_hdr(skb)->saddr.s6_addr32, 115 tcp_hdr(skb)->dest, 116 tcp_hdr(skb)->source); 117 } 118 119 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, 120 int addr_len) 121 { 122 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; 123 struct inet_sock *inet = inet_sk(sk); 124 struct inet_connection_sock *icsk = inet_csk(sk); 125 struct ipv6_pinfo *np = inet6_sk(sk); 126 struct tcp_sock *tp = tcp_sk(sk); 127 struct in6_addr *saddr = NULL, *final_p = NULL, final; 128 struct flowi fl; 129 struct dst_entry *dst; 130 int addr_type; 131 int err; 132 133 if (addr_len < SIN6_LEN_RFC2133) 134 return -EINVAL; 135 136 if (usin->sin6_family != AF_INET6) 137 return(-EAFNOSUPPORT); 138 139 memset(&fl, 0, sizeof(fl)); 140 141 if (np->sndflow) { 142 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK; 143 IP6_ECN_flow_init(fl.fl6_flowlabel); 144 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) { 145 struct ip6_flowlabel *flowlabel; 146 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); 147 if (flowlabel == NULL) 148 return -EINVAL; 149 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst); 150 fl6_sock_release(flowlabel); 151 } 152 } 153 154 /* 155 * connect() to INADDR_ANY means loopback (BSD'ism). 156 */ 157 158 if(ipv6_addr_any(&usin->sin6_addr)) 159 usin->sin6_addr.s6_addr[15] = 0x1; 160 161 addr_type = ipv6_addr_type(&usin->sin6_addr); 162 163 if(addr_type & IPV6_ADDR_MULTICAST) 164 return -ENETUNREACH; 165 166 if (addr_type&IPV6_ADDR_LINKLOCAL) { 167 if (addr_len >= sizeof(struct sockaddr_in6) && 168 usin->sin6_scope_id) { 169 /* If interface is set while binding, indices 170 * must coincide. 171 */ 172 if (sk->sk_bound_dev_if && 173 sk->sk_bound_dev_if != usin->sin6_scope_id) 174 return -EINVAL; 175 176 sk->sk_bound_dev_if = usin->sin6_scope_id; 177 } 178 179 /* Connect to link-local address requires an interface */ 180 if (!sk->sk_bound_dev_if) 181 return -EINVAL; 182 } 183 184 if (tp->rx_opt.ts_recent_stamp && 185 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) { 186 tp->rx_opt.ts_recent = 0; 187 tp->rx_opt.ts_recent_stamp = 0; 188 tp->write_seq = 0; 189 } 190 191 ipv6_addr_copy(&np->daddr, &usin->sin6_addr); 192 np->flow_label = fl.fl6_flowlabel; 193 194 /* 195 * TCP over IPv4 196 */ 197 198 if (addr_type == IPV6_ADDR_MAPPED) { 199 u32 exthdrlen = icsk->icsk_ext_hdr_len; 200 struct sockaddr_in sin; 201 202 SOCK_DEBUG(sk, "connect: ipv4 mapped\n"); 203 204 if (__ipv6_only_sock(sk)) 205 return -ENETUNREACH; 206 207 sin.sin_family = AF_INET; 208 sin.sin_port = usin->sin6_port; 209 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3]; 210 211 icsk->icsk_af_ops = &ipv6_mapped; 212 sk->sk_backlog_rcv = tcp_v4_do_rcv; 213 #ifdef CONFIG_TCP_MD5SIG 214 tp->af_specific = &tcp_sock_ipv6_mapped_specific; 215 #endif 216 217 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin)); 218 219 if (err) { 220 icsk->icsk_ext_hdr_len = exthdrlen; 221 icsk->icsk_af_ops = &ipv6_specific; 222 sk->sk_backlog_rcv = tcp_v6_do_rcv; 223 #ifdef CONFIG_TCP_MD5SIG 224 tp->af_specific = &tcp_sock_ipv6_specific; 225 #endif 226 goto failure; 227 } else { 228 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF), 229 inet->saddr); 230 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF), 231 inet->rcv_saddr); 232 } 233 234 return err; 235 } 236 237 if (!ipv6_addr_any(&np->rcv_saddr)) 238 saddr = &np->rcv_saddr; 239 240 fl.proto = IPPROTO_TCP; 241 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 242 ipv6_addr_copy(&fl.fl6_src, 243 (saddr ? saddr : &np->saddr)); 244 fl.oif = sk->sk_bound_dev_if; 245 fl.fl_ip_dport = usin->sin6_port; 246 fl.fl_ip_sport = inet->sport; 247 248 if (np->opt && np->opt->srcrt) { 249 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt; 250 ipv6_addr_copy(&final, &fl.fl6_dst); 251 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 252 final_p = &final; 253 } 254 255 security_sk_classify_flow(sk, &fl); 256 257 err = ip6_dst_lookup(sk, &dst, &fl); 258 if (err) 259 goto failure; 260 if (final_p) 261 ipv6_addr_copy(&fl.fl6_dst, final_p); 262 263 if ((err = __xfrm_lookup(&dst, &fl, sk, XFRM_LOOKUP_WAIT)) < 0) { 264 if (err == -EREMOTE) 265 err = ip6_dst_blackhole(sk, &dst, &fl); 266 if (err < 0) 267 goto failure; 268 } 269 270 if (saddr == NULL) { 271 saddr = &fl.fl6_src; 272 ipv6_addr_copy(&np->rcv_saddr, saddr); 273 } 274 275 /* set the source address */ 276 ipv6_addr_copy(&np->saddr, saddr); 277 inet->rcv_saddr = LOOPBACK4_IPV6; 278 279 sk->sk_gso_type = SKB_GSO_TCPV6; 280 __ip6_dst_store(sk, dst, NULL, NULL); 281 282 icsk->icsk_ext_hdr_len = 0; 283 if (np->opt) 284 icsk->icsk_ext_hdr_len = (np->opt->opt_flen + 285 np->opt->opt_nflen); 286 287 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 288 289 inet->dport = usin->sin6_port; 290 291 tcp_set_state(sk, TCP_SYN_SENT); 292 err = inet6_hash_connect(&tcp_death_row, sk); 293 if (err) 294 goto late_failure; 295 296 if (!tp->write_seq) 297 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32, 298 np->daddr.s6_addr32, 299 inet->sport, 300 inet->dport); 301 302 err = tcp_connect(sk); 303 if (err) 304 goto late_failure; 305 306 return 0; 307 308 late_failure: 309 tcp_set_state(sk, TCP_CLOSE); 310 __sk_dst_reset(sk); 311 failure: 312 inet->dport = 0; 313 sk->sk_route_caps = 0; 314 return err; 315 } 316 317 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 318 int type, int code, int offset, __be32 info) 319 { 320 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data; 321 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset); 322 struct ipv6_pinfo *np; 323 struct sock *sk; 324 int err; 325 struct tcp_sock *tp; 326 __u32 seq; 327 struct net *net = dev_net(skb->dev); 328 329 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr, 330 th->dest, &hdr->saddr, th->source, skb->dev->ifindex); 331 332 if (sk == NULL) { 333 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev), 334 ICMP6_MIB_INERRORS); 335 return; 336 } 337 338 if (sk->sk_state == TCP_TIME_WAIT) { 339 inet_twsk_put(inet_twsk(sk)); 340 return; 341 } 342 343 bh_lock_sock(sk); 344 if (sock_owned_by_user(sk)) 345 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS); 346 347 if (sk->sk_state == TCP_CLOSE) 348 goto out; 349 350 tp = tcp_sk(sk); 351 seq = ntohl(th->seq); 352 if (sk->sk_state != TCP_LISTEN && 353 !between(seq, tp->snd_una, tp->snd_nxt)) { 354 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS); 355 goto out; 356 } 357 358 np = inet6_sk(sk); 359 360 if (type == ICMPV6_PKT_TOOBIG) { 361 struct dst_entry *dst = NULL; 362 363 if (sock_owned_by_user(sk)) 364 goto out; 365 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) 366 goto out; 367 368 /* icmp should have updated the destination cache entry */ 369 dst = __sk_dst_check(sk, np->dst_cookie); 370 371 if (dst == NULL) { 372 struct inet_sock *inet = inet_sk(sk); 373 struct flowi fl; 374 375 /* BUGGG_FUTURE: Again, it is not clear how 376 to handle rthdr case. Ignore this complexity 377 for now. 378 */ 379 memset(&fl, 0, sizeof(fl)); 380 fl.proto = IPPROTO_TCP; 381 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 382 ipv6_addr_copy(&fl.fl6_src, &np->saddr); 383 fl.oif = sk->sk_bound_dev_if; 384 fl.fl_ip_dport = inet->dport; 385 fl.fl_ip_sport = inet->sport; 386 security_skb_classify_flow(skb, &fl); 387 388 if ((err = ip6_dst_lookup(sk, &dst, &fl))) { 389 sk->sk_err_soft = -err; 390 goto out; 391 } 392 393 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { 394 sk->sk_err_soft = -err; 395 goto out; 396 } 397 398 } else 399 dst_hold(dst); 400 401 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) { 402 tcp_sync_mss(sk, dst_mtu(dst)); 403 tcp_simple_retransmit(sk); 404 } /* else let the usual retransmit timer handle it */ 405 dst_release(dst); 406 goto out; 407 } 408 409 icmpv6_err_convert(type, code, &err); 410 411 /* Might be for an request_sock */ 412 switch (sk->sk_state) { 413 struct request_sock *req, **prev; 414 case TCP_LISTEN: 415 if (sock_owned_by_user(sk)) 416 goto out; 417 418 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr, 419 &hdr->saddr, inet6_iif(skb)); 420 if (!req) 421 goto out; 422 423 /* ICMPs are not backlogged, hence we cannot get 424 * an established socket here. 425 */ 426 WARN_ON(req->sk != NULL); 427 428 if (seq != tcp_rsk(req)->snt_isn) { 429 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS); 430 goto out; 431 } 432 433 inet_csk_reqsk_queue_drop(sk, req, prev); 434 goto out; 435 436 case TCP_SYN_SENT: 437 case TCP_SYN_RECV: /* Cannot happen. 438 It can, it SYNs are crossed. --ANK */ 439 if (!sock_owned_by_user(sk)) { 440 sk->sk_err = err; 441 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */ 442 443 tcp_done(sk); 444 } else 445 sk->sk_err_soft = err; 446 goto out; 447 } 448 449 if (!sock_owned_by_user(sk) && np->recverr) { 450 sk->sk_err = err; 451 sk->sk_error_report(sk); 452 } else 453 sk->sk_err_soft = err; 454 455 out: 456 bh_unlock_sock(sk); 457 sock_put(sk); 458 } 459 460 461 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req) 462 { 463 struct inet6_request_sock *treq = inet6_rsk(req); 464 struct ipv6_pinfo *np = inet6_sk(sk); 465 struct sk_buff * skb; 466 struct ipv6_txoptions *opt = NULL; 467 struct in6_addr * final_p = NULL, final; 468 struct flowi fl; 469 struct dst_entry *dst; 470 int err = -1; 471 472 memset(&fl, 0, sizeof(fl)); 473 fl.proto = IPPROTO_TCP; 474 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 475 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 476 fl.fl6_flowlabel = 0; 477 fl.oif = treq->iif; 478 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 479 fl.fl_ip_sport = inet_rsk(req)->loc_port; 480 security_req_classify_flow(req, &fl); 481 482 opt = np->opt; 483 if (opt && opt->srcrt) { 484 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 485 ipv6_addr_copy(&final, &fl.fl6_dst); 486 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 487 final_p = &final; 488 } 489 490 err = ip6_dst_lookup(sk, &dst, &fl); 491 if (err) 492 goto done; 493 if (final_p) 494 ipv6_addr_copy(&fl.fl6_dst, final_p); 495 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 496 goto done; 497 498 skb = tcp_make_synack(sk, dst, req); 499 if (skb) { 500 struct tcphdr *th = tcp_hdr(skb); 501 502 th->check = tcp_v6_check(th, skb->len, 503 &treq->loc_addr, &treq->rmt_addr, 504 csum_partial((char *)th, skb->len, skb->csum)); 505 506 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 507 err = ip6_xmit(sk, skb, &fl, opt, 0); 508 err = net_xmit_eval(err); 509 } 510 511 done: 512 if (opt && opt != np->opt) 513 sock_kfree_s(sk, opt, opt->tot_len); 514 dst_release(dst); 515 return err; 516 } 517 518 static inline void syn_flood_warning(struct sk_buff *skb) 519 { 520 #ifdef CONFIG_SYN_COOKIES 521 if (sysctl_tcp_syncookies) 522 printk(KERN_INFO 523 "TCPv6: Possible SYN flooding on port %d. " 524 "Sending cookies.\n", ntohs(tcp_hdr(skb)->dest)); 525 else 526 #endif 527 printk(KERN_INFO 528 "TCPv6: Possible SYN flooding on port %d. " 529 "Dropping request.\n", ntohs(tcp_hdr(skb)->dest)); 530 } 531 532 static void tcp_v6_reqsk_destructor(struct request_sock *req) 533 { 534 if (inet6_rsk(req)->pktopts) 535 kfree_skb(inet6_rsk(req)->pktopts); 536 } 537 538 #ifdef CONFIG_TCP_MD5SIG 539 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk, 540 struct in6_addr *addr) 541 { 542 struct tcp_sock *tp = tcp_sk(sk); 543 int i; 544 545 BUG_ON(tp == NULL); 546 547 if (!tp->md5sig_info || !tp->md5sig_info->entries6) 548 return NULL; 549 550 for (i = 0; i < tp->md5sig_info->entries6; i++) { 551 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, addr)) 552 return &tp->md5sig_info->keys6[i].base; 553 } 554 return NULL; 555 } 556 557 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk, 558 struct sock *addr_sk) 559 { 560 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr); 561 } 562 563 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk, 564 struct request_sock *req) 565 { 566 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr); 567 } 568 569 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer, 570 char *newkey, u8 newkeylen) 571 { 572 /* Add key to the list */ 573 struct tcp_md5sig_key *key; 574 struct tcp_sock *tp = tcp_sk(sk); 575 struct tcp6_md5sig_key *keys; 576 577 key = tcp_v6_md5_do_lookup(sk, peer); 578 if (key) { 579 /* modify existing entry - just update that one */ 580 kfree(key->key); 581 key->key = newkey; 582 key->keylen = newkeylen; 583 } else { 584 /* reallocate new list if current one is full. */ 585 if (!tp->md5sig_info) { 586 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC); 587 if (!tp->md5sig_info) { 588 kfree(newkey); 589 return -ENOMEM; 590 } 591 sk->sk_route_caps &= ~NETIF_F_GSO_MASK; 592 } 593 if (tcp_alloc_md5sig_pool() == NULL) { 594 kfree(newkey); 595 return -ENOMEM; 596 } 597 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) { 598 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) * 599 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC); 600 601 if (!keys) { 602 tcp_free_md5sig_pool(); 603 kfree(newkey); 604 return -ENOMEM; 605 } 606 607 if (tp->md5sig_info->entries6) 608 memmove(keys, tp->md5sig_info->keys6, 609 (sizeof (tp->md5sig_info->keys6[0]) * 610 tp->md5sig_info->entries6)); 611 612 kfree(tp->md5sig_info->keys6); 613 tp->md5sig_info->keys6 = keys; 614 tp->md5sig_info->alloced6++; 615 } 616 617 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr, 618 peer); 619 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey; 620 tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen; 621 622 tp->md5sig_info->entries6++; 623 } 624 return 0; 625 } 626 627 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk, 628 u8 *newkey, __u8 newkeylen) 629 { 630 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr, 631 newkey, newkeylen); 632 } 633 634 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer) 635 { 636 struct tcp_sock *tp = tcp_sk(sk); 637 int i; 638 639 for (i = 0; i < tp->md5sig_info->entries6; i++) { 640 if (ipv6_addr_equal(&tp->md5sig_info->keys6[i].addr, peer)) { 641 /* Free the key */ 642 kfree(tp->md5sig_info->keys6[i].base.key); 643 tp->md5sig_info->entries6--; 644 645 if (tp->md5sig_info->entries6 == 0) { 646 kfree(tp->md5sig_info->keys6); 647 tp->md5sig_info->keys6 = NULL; 648 tp->md5sig_info->alloced6 = 0; 649 } else { 650 /* shrink the database */ 651 if (tp->md5sig_info->entries6 != i) 652 memmove(&tp->md5sig_info->keys6[i], 653 &tp->md5sig_info->keys6[i+1], 654 (tp->md5sig_info->entries6 - i) 655 * sizeof (tp->md5sig_info->keys6[0])); 656 } 657 tcp_free_md5sig_pool(); 658 return 0; 659 } 660 } 661 return -ENOENT; 662 } 663 664 static void tcp_v6_clear_md5_list (struct sock *sk) 665 { 666 struct tcp_sock *tp = tcp_sk(sk); 667 int i; 668 669 if (tp->md5sig_info->entries6) { 670 for (i = 0; i < tp->md5sig_info->entries6; i++) 671 kfree(tp->md5sig_info->keys6[i].base.key); 672 tp->md5sig_info->entries6 = 0; 673 tcp_free_md5sig_pool(); 674 } 675 676 kfree(tp->md5sig_info->keys6); 677 tp->md5sig_info->keys6 = NULL; 678 tp->md5sig_info->alloced6 = 0; 679 680 if (tp->md5sig_info->entries4) { 681 for (i = 0; i < tp->md5sig_info->entries4; i++) 682 kfree(tp->md5sig_info->keys4[i].base.key); 683 tp->md5sig_info->entries4 = 0; 684 tcp_free_md5sig_pool(); 685 } 686 687 kfree(tp->md5sig_info->keys4); 688 tp->md5sig_info->keys4 = NULL; 689 tp->md5sig_info->alloced4 = 0; 690 } 691 692 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval, 693 int optlen) 694 { 695 struct tcp_md5sig cmd; 696 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr; 697 u8 *newkey; 698 699 if (optlen < sizeof(cmd)) 700 return -EINVAL; 701 702 if (copy_from_user(&cmd, optval, sizeof(cmd))) 703 return -EFAULT; 704 705 if (sin6->sin6_family != AF_INET6) 706 return -EINVAL; 707 708 if (!cmd.tcpm_keylen) { 709 if (!tcp_sk(sk)->md5sig_info) 710 return -ENOENT; 711 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) 712 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]); 713 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr); 714 } 715 716 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN) 717 return -EINVAL; 718 719 if (!tcp_sk(sk)->md5sig_info) { 720 struct tcp_sock *tp = tcp_sk(sk); 721 struct tcp_md5sig_info *p; 722 723 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL); 724 if (!p) 725 return -ENOMEM; 726 727 tp->md5sig_info = p; 728 sk->sk_route_caps &= ~NETIF_F_GSO_MASK; 729 } 730 731 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL); 732 if (!newkey) 733 return -ENOMEM; 734 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) { 735 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3], 736 newkey, cmd.tcpm_keylen); 737 } 738 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen); 739 } 740 741 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp, 742 struct in6_addr *daddr, 743 struct in6_addr *saddr, int nbytes) 744 { 745 struct tcp6_pseudohdr *bp; 746 struct scatterlist sg; 747 748 bp = &hp->md5_blk.ip6; 749 /* 1. TCP pseudo-header (RFC2460) */ 750 ipv6_addr_copy(&bp->saddr, saddr); 751 ipv6_addr_copy(&bp->daddr, daddr); 752 bp->protocol = cpu_to_be32(IPPROTO_TCP); 753 bp->len = cpu_to_be32(nbytes); 754 755 sg_init_one(&sg, bp, sizeof(*bp)); 756 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp)); 757 } 758 759 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key, 760 struct in6_addr *daddr, struct in6_addr *saddr, 761 struct tcphdr *th) 762 { 763 struct tcp_md5sig_pool *hp; 764 struct hash_desc *desc; 765 766 hp = tcp_get_md5sig_pool(); 767 if (!hp) 768 goto clear_hash_noput; 769 desc = &hp->md5_desc; 770 771 if (crypto_hash_init(desc)) 772 goto clear_hash; 773 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2)) 774 goto clear_hash; 775 if (tcp_md5_hash_header(hp, th)) 776 goto clear_hash; 777 if (tcp_md5_hash_key(hp, key)) 778 goto clear_hash; 779 if (crypto_hash_final(desc, md5_hash)) 780 goto clear_hash; 781 782 tcp_put_md5sig_pool(); 783 return 0; 784 785 clear_hash: 786 tcp_put_md5sig_pool(); 787 clear_hash_noput: 788 memset(md5_hash, 0, 16); 789 return 1; 790 } 791 792 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key, 793 struct sock *sk, struct request_sock *req, 794 struct sk_buff *skb) 795 { 796 struct in6_addr *saddr, *daddr; 797 struct tcp_md5sig_pool *hp; 798 struct hash_desc *desc; 799 struct tcphdr *th = tcp_hdr(skb); 800 801 if (sk) { 802 saddr = &inet6_sk(sk)->saddr; 803 daddr = &inet6_sk(sk)->daddr; 804 } else if (req) { 805 saddr = &inet6_rsk(req)->loc_addr; 806 daddr = &inet6_rsk(req)->rmt_addr; 807 } else { 808 struct ipv6hdr *ip6h = ipv6_hdr(skb); 809 saddr = &ip6h->saddr; 810 daddr = &ip6h->daddr; 811 } 812 813 hp = tcp_get_md5sig_pool(); 814 if (!hp) 815 goto clear_hash_noput; 816 desc = &hp->md5_desc; 817 818 if (crypto_hash_init(desc)) 819 goto clear_hash; 820 821 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len)) 822 goto clear_hash; 823 if (tcp_md5_hash_header(hp, th)) 824 goto clear_hash; 825 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2)) 826 goto clear_hash; 827 if (tcp_md5_hash_key(hp, key)) 828 goto clear_hash; 829 if (crypto_hash_final(desc, md5_hash)) 830 goto clear_hash; 831 832 tcp_put_md5sig_pool(); 833 return 0; 834 835 clear_hash: 836 tcp_put_md5sig_pool(); 837 clear_hash_noput: 838 memset(md5_hash, 0, 16); 839 return 1; 840 } 841 842 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb) 843 { 844 __u8 *hash_location = NULL; 845 struct tcp_md5sig_key *hash_expected; 846 struct ipv6hdr *ip6h = ipv6_hdr(skb); 847 struct tcphdr *th = tcp_hdr(skb); 848 int genhash; 849 u8 newhash[16]; 850 851 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr); 852 hash_location = tcp_parse_md5sig_option(th); 853 854 /* We've parsed the options - do we have a hash? */ 855 if (!hash_expected && !hash_location) 856 return 0; 857 858 if (hash_expected && !hash_location) { 859 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND); 860 return 1; 861 } 862 863 if (!hash_expected && hash_location) { 864 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED); 865 return 1; 866 } 867 868 /* check the signature */ 869 genhash = tcp_v6_md5_hash_skb(newhash, 870 hash_expected, 871 NULL, NULL, skb); 872 873 if (genhash || memcmp(hash_location, newhash, 16) != 0) { 874 if (net_ratelimit()) { 875 printk(KERN_INFO "MD5 Hash %s for " 876 "(" NIP6_FMT ", %u)->" 877 "(" NIP6_FMT ", %u)\n", 878 genhash ? "failed" : "mismatch", 879 NIP6(ip6h->saddr), ntohs(th->source), 880 NIP6(ip6h->daddr), ntohs(th->dest)); 881 } 882 return 1; 883 } 884 return 0; 885 } 886 #endif 887 888 struct request_sock_ops tcp6_request_sock_ops __read_mostly = { 889 .family = AF_INET6, 890 .obj_size = sizeof(struct tcp6_request_sock), 891 .rtx_syn_ack = tcp_v6_send_synack, 892 .send_ack = tcp_v6_reqsk_send_ack, 893 .destructor = tcp_v6_reqsk_destructor, 894 .send_reset = tcp_v6_send_reset 895 }; 896 897 #ifdef CONFIG_TCP_MD5SIG 898 static struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = { 899 .md5_lookup = tcp_v6_reqsk_md5_lookup, 900 }; 901 #endif 902 903 static struct timewait_sock_ops tcp6_timewait_sock_ops = { 904 .twsk_obj_size = sizeof(struct tcp6_timewait_sock), 905 .twsk_unique = tcp_twsk_unique, 906 .twsk_destructor= tcp_twsk_destructor, 907 }; 908 909 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb) 910 { 911 struct ipv6_pinfo *np = inet6_sk(sk); 912 struct tcphdr *th = tcp_hdr(skb); 913 914 if (skb->ip_summed == CHECKSUM_PARTIAL) { 915 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0); 916 skb->csum_start = skb_transport_header(skb) - skb->head; 917 skb->csum_offset = offsetof(struct tcphdr, check); 918 } else { 919 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 920 csum_partial((char *)th, th->doff<<2, 921 skb->csum)); 922 } 923 } 924 925 static int tcp_v6_gso_send_check(struct sk_buff *skb) 926 { 927 struct ipv6hdr *ipv6h; 928 struct tcphdr *th; 929 930 if (!pskb_may_pull(skb, sizeof(*th))) 931 return -EINVAL; 932 933 ipv6h = ipv6_hdr(skb); 934 th = tcp_hdr(skb); 935 936 th->check = 0; 937 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len, 938 IPPROTO_TCP, 0); 939 skb->csum_start = skb_transport_header(skb) - skb->head; 940 skb->csum_offset = offsetof(struct tcphdr, check); 941 skb->ip_summed = CHECKSUM_PARTIAL; 942 return 0; 943 } 944 945 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win, 946 u32 ts, struct tcp_md5sig_key *key, int rst) 947 { 948 struct tcphdr *th = tcp_hdr(skb), *t1; 949 struct sk_buff *buff; 950 struct flowi fl; 951 struct net *net = dev_net(skb->dst->dev); 952 struct sock *ctl_sk = net->ipv6.tcp_sk; 953 unsigned int tot_len = sizeof(struct tcphdr); 954 __be32 *topt; 955 956 if (ts) 957 tot_len += TCPOLEN_TSTAMP_ALIGNED; 958 #ifdef CONFIG_TCP_MD5SIG 959 if (key) 960 tot_len += TCPOLEN_MD5SIG_ALIGNED; 961 #endif 962 963 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len, 964 GFP_ATOMIC); 965 if (buff == NULL) 966 return; 967 968 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len); 969 970 t1 = (struct tcphdr *) skb_push(buff, tot_len); 971 972 /* Swap the send and the receive. */ 973 memset(t1, 0, sizeof(*t1)); 974 t1->dest = th->source; 975 t1->source = th->dest; 976 t1->doff = tot_len / 4; 977 t1->seq = htonl(seq); 978 t1->ack_seq = htonl(ack); 979 t1->ack = !rst || !th->ack; 980 t1->rst = rst; 981 t1->window = htons(win); 982 983 topt = (__be32 *)(t1 + 1); 984 985 if (ts) { 986 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 987 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP); 988 *topt++ = htonl(tcp_time_stamp); 989 *topt++ = htonl(ts); 990 } 991 992 #ifdef CONFIG_TCP_MD5SIG 993 if (key) { 994 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 995 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG); 996 tcp_v6_md5_hash_hdr((__u8 *)topt, key, 997 &ipv6_hdr(skb)->saddr, 998 &ipv6_hdr(skb)->daddr, t1); 999 } 1000 #endif 1001 1002 buff->csum = csum_partial((char *)t1, tot_len, 0); 1003 1004 memset(&fl, 0, sizeof(fl)); 1005 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr); 1006 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr); 1007 1008 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst, 1009 tot_len, IPPROTO_TCP, 1010 buff->csum); 1011 1012 fl.proto = IPPROTO_TCP; 1013 fl.oif = inet6_iif(skb); 1014 fl.fl_ip_dport = t1->dest; 1015 fl.fl_ip_sport = t1->source; 1016 security_skb_classify_flow(skb, &fl); 1017 1018 /* Pass a socket to ip6_dst_lookup either it is for RST 1019 * Underlying function will use this to retrieve the network 1020 * namespace 1021 */ 1022 if (!ip6_dst_lookup(ctl_sk, &buff->dst, &fl)) { 1023 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) { 1024 ip6_xmit(ctl_sk, buff, &fl, NULL, 0); 1025 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS); 1026 if (rst) 1027 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS); 1028 return; 1029 } 1030 } 1031 1032 kfree_skb(buff); 1033 } 1034 1035 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb) 1036 { 1037 struct tcphdr *th = tcp_hdr(skb); 1038 u32 seq = 0, ack_seq = 0; 1039 struct tcp_md5sig_key *key = NULL; 1040 1041 if (th->rst) 1042 return; 1043 1044 if (!ipv6_unicast_destination(skb)) 1045 return; 1046 1047 #ifdef CONFIG_TCP_MD5SIG 1048 if (sk) 1049 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr); 1050 #endif 1051 1052 if (th->ack) 1053 seq = ntohl(th->ack_seq); 1054 else 1055 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len - 1056 (th->doff << 2); 1057 1058 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1); 1059 } 1060 1061 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts, 1062 struct tcp_md5sig_key *key) 1063 { 1064 tcp_v6_send_response(skb, seq, ack, win, ts, key, 0); 1065 } 1066 1067 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb) 1068 { 1069 struct inet_timewait_sock *tw = inet_twsk(sk); 1070 struct tcp_timewait_sock *tcptw = tcp_twsk(sk); 1071 1072 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt, 1073 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale, 1074 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw)); 1075 1076 inet_twsk_put(tw); 1077 } 1078 1079 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb, 1080 struct request_sock *req) 1081 { 1082 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent, 1083 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr)); 1084 } 1085 1086 1087 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb) 1088 { 1089 struct request_sock *req, **prev; 1090 const struct tcphdr *th = tcp_hdr(skb); 1091 struct sock *nsk; 1092 1093 /* Find possible connection requests. */ 1094 req = inet6_csk_search_req(sk, &prev, th->source, 1095 &ipv6_hdr(skb)->saddr, 1096 &ipv6_hdr(skb)->daddr, inet6_iif(skb)); 1097 if (req) 1098 return tcp_check_req(sk, skb, req, prev); 1099 1100 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo, 1101 &ipv6_hdr(skb)->saddr, th->source, 1102 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb)); 1103 1104 if (nsk) { 1105 if (nsk->sk_state != TCP_TIME_WAIT) { 1106 bh_lock_sock(nsk); 1107 return nsk; 1108 } 1109 inet_twsk_put(inet_twsk(nsk)); 1110 return NULL; 1111 } 1112 1113 #ifdef CONFIG_SYN_COOKIES 1114 if (!th->rst && !th->syn && th->ack) 1115 sk = cookie_v6_check(sk, skb); 1116 #endif 1117 return sk; 1118 } 1119 1120 /* FIXME: this is substantially similar to the ipv4 code. 1121 * Can some kind of merge be done? -- erics 1122 */ 1123 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) 1124 { 1125 struct inet6_request_sock *treq; 1126 struct ipv6_pinfo *np = inet6_sk(sk); 1127 struct tcp_options_received tmp_opt; 1128 struct tcp_sock *tp = tcp_sk(sk); 1129 struct request_sock *req = NULL; 1130 __u32 isn = TCP_SKB_CB(skb)->when; 1131 #ifdef CONFIG_SYN_COOKIES 1132 int want_cookie = 0; 1133 #else 1134 #define want_cookie 0 1135 #endif 1136 1137 if (skb->protocol == htons(ETH_P_IP)) 1138 return tcp_v4_conn_request(sk, skb); 1139 1140 if (!ipv6_unicast_destination(skb)) 1141 goto drop; 1142 1143 if (inet_csk_reqsk_queue_is_full(sk) && !isn) { 1144 if (net_ratelimit()) 1145 syn_flood_warning(skb); 1146 #ifdef CONFIG_SYN_COOKIES 1147 if (sysctl_tcp_syncookies) 1148 want_cookie = 1; 1149 else 1150 #endif 1151 goto drop; 1152 } 1153 1154 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) 1155 goto drop; 1156 1157 req = inet6_reqsk_alloc(&tcp6_request_sock_ops); 1158 if (req == NULL) 1159 goto drop; 1160 1161 #ifdef CONFIG_TCP_MD5SIG 1162 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops; 1163 #endif 1164 1165 tcp_clear_options(&tmp_opt); 1166 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 1167 tmp_opt.user_mss = tp->rx_opt.user_mss; 1168 1169 tcp_parse_options(skb, &tmp_opt, 0); 1170 1171 if (want_cookie && !tmp_opt.saw_tstamp) 1172 tcp_clear_options(&tmp_opt); 1173 1174 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp; 1175 tcp_openreq_init(req, &tmp_opt, skb); 1176 1177 treq = inet6_rsk(req); 1178 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr); 1179 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr); 1180 if (!want_cookie) 1181 TCP_ECN_create_request(req, tcp_hdr(skb)); 1182 1183 if (want_cookie) { 1184 isn = cookie_v6_init_sequence(sk, skb, &req->mss); 1185 req->cookie_ts = tmp_opt.tstamp_ok; 1186 } else if (!isn) { 1187 if (ipv6_opt_accepted(sk, skb) || 1188 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo || 1189 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) { 1190 atomic_inc(&skb->users); 1191 treq->pktopts = skb; 1192 } 1193 treq->iif = sk->sk_bound_dev_if; 1194 1195 /* So that link locals have meaning */ 1196 if (!sk->sk_bound_dev_if && 1197 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL) 1198 treq->iif = inet6_iif(skb); 1199 1200 isn = tcp_v6_init_sequence(skb); 1201 } 1202 1203 tcp_rsk(req)->snt_isn = isn; 1204 1205 security_inet_conn_request(sk, skb, req); 1206 1207 if (tcp_v6_send_synack(sk, req)) 1208 goto drop; 1209 1210 if (!want_cookie) { 1211 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT); 1212 return 0; 1213 } 1214 1215 drop: 1216 if (req) 1217 reqsk_free(req); 1218 1219 return 0; /* don't send reset */ 1220 } 1221 1222 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, 1223 struct request_sock *req, 1224 struct dst_entry *dst) 1225 { 1226 struct inet6_request_sock *treq; 1227 struct ipv6_pinfo *newnp, *np = inet6_sk(sk); 1228 struct tcp6_sock *newtcp6sk; 1229 struct inet_sock *newinet; 1230 struct tcp_sock *newtp; 1231 struct sock *newsk; 1232 struct ipv6_txoptions *opt; 1233 #ifdef CONFIG_TCP_MD5SIG 1234 struct tcp_md5sig_key *key; 1235 #endif 1236 1237 if (skb->protocol == htons(ETH_P_IP)) { 1238 /* 1239 * v6 mapped 1240 */ 1241 1242 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst); 1243 1244 if (newsk == NULL) 1245 return NULL; 1246 1247 newtcp6sk = (struct tcp6_sock *)newsk; 1248 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1249 1250 newinet = inet_sk(newsk); 1251 newnp = inet6_sk(newsk); 1252 newtp = tcp_sk(newsk); 1253 1254 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1255 1256 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF), 1257 newinet->daddr); 1258 1259 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF), 1260 newinet->saddr); 1261 1262 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr); 1263 1264 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped; 1265 newsk->sk_backlog_rcv = tcp_v4_do_rcv; 1266 #ifdef CONFIG_TCP_MD5SIG 1267 newtp->af_specific = &tcp_sock_ipv6_mapped_specific; 1268 #endif 1269 1270 newnp->pktoptions = NULL; 1271 newnp->opt = NULL; 1272 newnp->mcast_oif = inet6_iif(skb); 1273 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit; 1274 1275 /* 1276 * No need to charge this sock to the relevant IPv6 refcnt debug socks count 1277 * here, tcp_create_openreq_child now does this for us, see the comment in 1278 * that function for the gory details. -acme 1279 */ 1280 1281 /* It is tricky place. Until this moment IPv4 tcp 1282 worked with IPv6 icsk.icsk_af_ops. 1283 Sync it now. 1284 */ 1285 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie); 1286 1287 return newsk; 1288 } 1289 1290 treq = inet6_rsk(req); 1291 opt = np->opt; 1292 1293 if (sk_acceptq_is_full(sk)) 1294 goto out_overflow; 1295 1296 if (dst == NULL) { 1297 struct in6_addr *final_p = NULL, final; 1298 struct flowi fl; 1299 1300 memset(&fl, 0, sizeof(fl)); 1301 fl.proto = IPPROTO_TCP; 1302 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 1303 if (opt && opt->srcrt) { 1304 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 1305 ipv6_addr_copy(&final, &fl.fl6_dst); 1306 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 1307 final_p = &final; 1308 } 1309 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 1310 fl.oif = sk->sk_bound_dev_if; 1311 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 1312 fl.fl_ip_sport = inet_rsk(req)->loc_port; 1313 security_req_classify_flow(req, &fl); 1314 1315 if (ip6_dst_lookup(sk, &dst, &fl)) 1316 goto out; 1317 1318 if (final_p) 1319 ipv6_addr_copy(&fl.fl6_dst, final_p); 1320 1321 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0) 1322 goto out; 1323 } 1324 1325 newsk = tcp_create_openreq_child(sk, req, skb); 1326 if (newsk == NULL) 1327 goto out; 1328 1329 /* 1330 * No need to charge this sock to the relevant IPv6 refcnt debug socks 1331 * count here, tcp_create_openreq_child now does this for us, see the 1332 * comment in that function for the gory details. -acme 1333 */ 1334 1335 newsk->sk_gso_type = SKB_GSO_TCPV6; 1336 __ip6_dst_store(newsk, dst, NULL, NULL); 1337 1338 newtcp6sk = (struct tcp6_sock *)newsk; 1339 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1340 1341 newtp = tcp_sk(newsk); 1342 newinet = inet_sk(newsk); 1343 newnp = inet6_sk(newsk); 1344 1345 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1346 1347 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr); 1348 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr); 1349 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr); 1350 newsk->sk_bound_dev_if = treq->iif; 1351 1352 /* Now IPv6 options... 1353 1354 First: no IPv4 options. 1355 */ 1356 newinet->opt = NULL; 1357 newnp->ipv6_fl_list = NULL; 1358 1359 /* Clone RX bits */ 1360 newnp->rxopt.all = np->rxopt.all; 1361 1362 /* Clone pktoptions received with SYN */ 1363 newnp->pktoptions = NULL; 1364 if (treq->pktopts != NULL) { 1365 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC); 1366 kfree_skb(treq->pktopts); 1367 treq->pktopts = NULL; 1368 if (newnp->pktoptions) 1369 skb_set_owner_r(newnp->pktoptions, newsk); 1370 } 1371 newnp->opt = NULL; 1372 newnp->mcast_oif = inet6_iif(skb); 1373 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit; 1374 1375 /* Clone native IPv6 options from listening socket (if any) 1376 1377 Yes, keeping reference count would be much more clever, 1378 but we make one more one thing there: reattach optmem 1379 to newsk. 1380 */ 1381 if (opt) { 1382 newnp->opt = ipv6_dup_options(newsk, opt); 1383 if (opt != np->opt) 1384 sock_kfree_s(sk, opt, opt->tot_len); 1385 } 1386 1387 inet_csk(newsk)->icsk_ext_hdr_len = 0; 1388 if (newnp->opt) 1389 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen + 1390 newnp->opt->opt_flen); 1391 1392 tcp_mtup_init(newsk); 1393 tcp_sync_mss(newsk, dst_mtu(dst)); 1394 newtp->advmss = dst_metric(dst, RTAX_ADVMSS); 1395 tcp_initialize_rcv_mss(newsk); 1396 1397 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6; 1398 1399 #ifdef CONFIG_TCP_MD5SIG 1400 /* Copy over the MD5 key from the original socket */ 1401 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) { 1402 /* We're using one, so create a matching key 1403 * on the newsk structure. If we fail to get 1404 * memory, then we end up not copying the key 1405 * across. Shucks. 1406 */ 1407 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC); 1408 if (newkey != NULL) 1409 tcp_v6_md5_do_add(newsk, &inet6_sk(sk)->daddr, 1410 newkey, key->keylen); 1411 } 1412 #endif 1413 1414 __inet6_hash(newsk); 1415 __inet_inherit_port(sk, newsk); 1416 1417 return newsk; 1418 1419 out_overflow: 1420 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS); 1421 out: 1422 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS); 1423 if (opt && opt != np->opt) 1424 sock_kfree_s(sk, opt, opt->tot_len); 1425 dst_release(dst); 1426 return NULL; 1427 } 1428 1429 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb) 1430 { 1431 if (skb->ip_summed == CHECKSUM_COMPLETE) { 1432 if (!tcp_v6_check(tcp_hdr(skb), skb->len, &ipv6_hdr(skb)->saddr, 1433 &ipv6_hdr(skb)->daddr, skb->csum)) { 1434 skb->ip_summed = CHECKSUM_UNNECESSARY; 1435 return 0; 1436 } 1437 } 1438 1439 skb->csum = ~csum_unfold(tcp_v6_check(tcp_hdr(skb), skb->len, 1440 &ipv6_hdr(skb)->saddr, 1441 &ipv6_hdr(skb)->daddr, 0)); 1442 1443 if (skb->len <= 76) { 1444 return __skb_checksum_complete(skb); 1445 } 1446 return 0; 1447 } 1448 1449 /* The socket must have it's spinlock held when we get 1450 * here. 1451 * 1452 * We have a potential double-lock case here, so even when 1453 * doing backlog processing we use the BH locking scheme. 1454 * This is because we cannot sleep with the original spinlock 1455 * held. 1456 */ 1457 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) 1458 { 1459 struct ipv6_pinfo *np = inet6_sk(sk); 1460 struct tcp_sock *tp; 1461 struct sk_buff *opt_skb = NULL; 1462 1463 /* Imagine: socket is IPv6. IPv4 packet arrives, 1464 goes to IPv4 receive handler and backlogged. 1465 From backlog it always goes here. Kerboom... 1466 Fortunately, tcp_rcv_established and rcv_established 1467 handle them correctly, but it is not case with 1468 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK 1469 */ 1470 1471 if (skb->protocol == htons(ETH_P_IP)) 1472 return tcp_v4_do_rcv(sk, skb); 1473 1474 #ifdef CONFIG_TCP_MD5SIG 1475 if (tcp_v6_inbound_md5_hash (sk, skb)) 1476 goto discard; 1477 #endif 1478 1479 if (sk_filter(sk, skb)) 1480 goto discard; 1481 1482 /* 1483 * socket locking is here for SMP purposes as backlog rcv 1484 * is currently called with bh processing disabled. 1485 */ 1486 1487 /* Do Stevens' IPV6_PKTOPTIONS. 1488 1489 Yes, guys, it is the only place in our code, where we 1490 may make it not affecting IPv4. 1491 The rest of code is protocol independent, 1492 and I do not like idea to uglify IPv4. 1493 1494 Actually, all the idea behind IPV6_PKTOPTIONS 1495 looks not very well thought. For now we latch 1496 options, received in the last packet, enqueued 1497 by tcp. Feel free to propose better solution. 1498 --ANK (980728) 1499 */ 1500 if (np->rxopt.all) 1501 opt_skb = skb_clone(skb, GFP_ATOMIC); 1502 1503 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */ 1504 TCP_CHECK_TIMER(sk); 1505 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len)) 1506 goto reset; 1507 TCP_CHECK_TIMER(sk); 1508 if (opt_skb) 1509 goto ipv6_pktoptions; 1510 return 0; 1511 } 1512 1513 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb)) 1514 goto csum_err; 1515 1516 if (sk->sk_state == TCP_LISTEN) { 1517 struct sock *nsk = tcp_v6_hnd_req(sk, skb); 1518 if (!nsk) 1519 goto discard; 1520 1521 /* 1522 * Queue it on the new socket if the new socket is active, 1523 * otherwise we just shortcircuit this and continue with 1524 * the new socket.. 1525 */ 1526 if(nsk != sk) { 1527 if (tcp_child_process(sk, nsk, skb)) 1528 goto reset; 1529 if (opt_skb) 1530 __kfree_skb(opt_skb); 1531 return 0; 1532 } 1533 } 1534 1535 TCP_CHECK_TIMER(sk); 1536 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) 1537 goto reset; 1538 TCP_CHECK_TIMER(sk); 1539 if (opt_skb) 1540 goto ipv6_pktoptions; 1541 return 0; 1542 1543 reset: 1544 tcp_v6_send_reset(sk, skb); 1545 discard: 1546 if (opt_skb) 1547 __kfree_skb(opt_skb); 1548 kfree_skb(skb); 1549 return 0; 1550 csum_err: 1551 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS); 1552 goto discard; 1553 1554 1555 ipv6_pktoptions: 1556 /* Do you ask, what is it? 1557 1558 1. skb was enqueued by tcp. 1559 2. skb is added to tail of read queue, rather than out of order. 1560 3. socket is not in passive state. 1561 4. Finally, it really contains options, which user wants to receive. 1562 */ 1563 tp = tcp_sk(sk); 1564 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt && 1565 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) { 1566 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo) 1567 np->mcast_oif = inet6_iif(opt_skb); 1568 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) 1569 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit; 1570 if (ipv6_opt_accepted(sk, opt_skb)) { 1571 skb_set_owner_r(opt_skb, sk); 1572 opt_skb = xchg(&np->pktoptions, opt_skb); 1573 } else { 1574 __kfree_skb(opt_skb); 1575 opt_skb = xchg(&np->pktoptions, NULL); 1576 } 1577 } 1578 1579 if (opt_skb) 1580 kfree_skb(opt_skb); 1581 return 0; 1582 } 1583 1584 static int tcp_v6_rcv(struct sk_buff *skb) 1585 { 1586 struct tcphdr *th; 1587 struct sock *sk; 1588 int ret; 1589 struct net *net = dev_net(skb->dev); 1590 1591 if (skb->pkt_type != PACKET_HOST) 1592 goto discard_it; 1593 1594 /* 1595 * Count it even if it's bad. 1596 */ 1597 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS); 1598 1599 if (!pskb_may_pull(skb, sizeof(struct tcphdr))) 1600 goto discard_it; 1601 1602 th = tcp_hdr(skb); 1603 1604 if (th->doff < sizeof(struct tcphdr)/4) 1605 goto bad_packet; 1606 if (!pskb_may_pull(skb, th->doff*4)) 1607 goto discard_it; 1608 1609 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb)) 1610 goto bad_packet; 1611 1612 th = tcp_hdr(skb); 1613 TCP_SKB_CB(skb)->seq = ntohl(th->seq); 1614 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin + 1615 skb->len - th->doff*4); 1616 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq); 1617 TCP_SKB_CB(skb)->when = 0; 1618 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(ipv6_hdr(skb)); 1619 TCP_SKB_CB(skb)->sacked = 0; 1620 1621 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest); 1622 if (!sk) 1623 goto no_tcp_socket; 1624 1625 process: 1626 if (sk->sk_state == TCP_TIME_WAIT) 1627 goto do_time_wait; 1628 1629 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) 1630 goto discard_and_relse; 1631 1632 if (sk_filter(sk, skb)) 1633 goto discard_and_relse; 1634 1635 skb->dev = NULL; 1636 1637 bh_lock_sock_nested(sk); 1638 ret = 0; 1639 if (!sock_owned_by_user(sk)) { 1640 #ifdef CONFIG_NET_DMA 1641 struct tcp_sock *tp = tcp_sk(sk); 1642 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list) 1643 tp->ucopy.dma_chan = get_softnet_dma(); 1644 if (tp->ucopy.dma_chan) 1645 ret = tcp_v6_do_rcv(sk, skb); 1646 else 1647 #endif 1648 { 1649 if (!tcp_prequeue(sk, skb)) 1650 ret = tcp_v6_do_rcv(sk, skb); 1651 } 1652 } else 1653 sk_add_backlog(sk, skb); 1654 bh_unlock_sock(sk); 1655 1656 sock_put(sk); 1657 return ret ? -1 : 0; 1658 1659 no_tcp_socket: 1660 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) 1661 goto discard_it; 1662 1663 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1664 bad_packet: 1665 TCP_INC_STATS_BH(net, TCP_MIB_INERRS); 1666 } else { 1667 tcp_v6_send_reset(NULL, skb); 1668 } 1669 1670 discard_it: 1671 1672 /* 1673 * Discard frame 1674 */ 1675 1676 kfree_skb(skb); 1677 return 0; 1678 1679 discard_and_relse: 1680 sock_put(sk); 1681 goto discard_it; 1682 1683 do_time_wait: 1684 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1685 inet_twsk_put(inet_twsk(sk)); 1686 goto discard_it; 1687 } 1688 1689 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1690 TCP_INC_STATS_BH(net, TCP_MIB_INERRS); 1691 inet_twsk_put(inet_twsk(sk)); 1692 goto discard_it; 1693 } 1694 1695 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) { 1696 case TCP_TW_SYN: 1697 { 1698 struct sock *sk2; 1699 1700 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo, 1701 &ipv6_hdr(skb)->daddr, 1702 ntohs(th->dest), inet6_iif(skb)); 1703 if (sk2 != NULL) { 1704 struct inet_timewait_sock *tw = inet_twsk(sk); 1705 inet_twsk_deschedule(tw, &tcp_death_row); 1706 inet_twsk_put(tw); 1707 sk = sk2; 1708 goto process; 1709 } 1710 /* Fall through to ACK */ 1711 } 1712 case TCP_TW_ACK: 1713 tcp_v6_timewait_ack(sk, skb); 1714 break; 1715 case TCP_TW_RST: 1716 goto no_tcp_socket; 1717 case TCP_TW_SUCCESS:; 1718 } 1719 goto discard_it; 1720 } 1721 1722 static int tcp_v6_remember_stamp(struct sock *sk) 1723 { 1724 /* Alas, not yet... */ 1725 return 0; 1726 } 1727 1728 static struct inet_connection_sock_af_ops ipv6_specific = { 1729 .queue_xmit = inet6_csk_xmit, 1730 .send_check = tcp_v6_send_check, 1731 .rebuild_header = inet6_sk_rebuild_header, 1732 .conn_request = tcp_v6_conn_request, 1733 .syn_recv_sock = tcp_v6_syn_recv_sock, 1734 .remember_stamp = tcp_v6_remember_stamp, 1735 .net_header_len = sizeof(struct ipv6hdr), 1736 .setsockopt = ipv6_setsockopt, 1737 .getsockopt = ipv6_getsockopt, 1738 .addr2sockaddr = inet6_csk_addr2sockaddr, 1739 .sockaddr_len = sizeof(struct sockaddr_in6), 1740 .bind_conflict = inet6_csk_bind_conflict, 1741 #ifdef CONFIG_COMPAT 1742 .compat_setsockopt = compat_ipv6_setsockopt, 1743 .compat_getsockopt = compat_ipv6_getsockopt, 1744 #endif 1745 }; 1746 1747 #ifdef CONFIG_TCP_MD5SIG 1748 static struct tcp_sock_af_ops tcp_sock_ipv6_specific = { 1749 .md5_lookup = tcp_v6_md5_lookup, 1750 .calc_md5_hash = tcp_v6_md5_hash_skb, 1751 .md5_add = tcp_v6_md5_add_func, 1752 .md5_parse = tcp_v6_parse_md5_keys, 1753 }; 1754 #endif 1755 1756 /* 1757 * TCP over IPv4 via INET6 API 1758 */ 1759 1760 static struct inet_connection_sock_af_ops ipv6_mapped = { 1761 .queue_xmit = ip_queue_xmit, 1762 .send_check = tcp_v4_send_check, 1763 .rebuild_header = inet_sk_rebuild_header, 1764 .conn_request = tcp_v6_conn_request, 1765 .syn_recv_sock = tcp_v6_syn_recv_sock, 1766 .remember_stamp = tcp_v4_remember_stamp, 1767 .net_header_len = sizeof(struct iphdr), 1768 .setsockopt = ipv6_setsockopt, 1769 .getsockopt = ipv6_getsockopt, 1770 .addr2sockaddr = inet6_csk_addr2sockaddr, 1771 .sockaddr_len = sizeof(struct sockaddr_in6), 1772 .bind_conflict = inet6_csk_bind_conflict, 1773 #ifdef CONFIG_COMPAT 1774 .compat_setsockopt = compat_ipv6_setsockopt, 1775 .compat_getsockopt = compat_ipv6_getsockopt, 1776 #endif 1777 }; 1778 1779 #ifdef CONFIG_TCP_MD5SIG 1780 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = { 1781 .md5_lookup = tcp_v4_md5_lookup, 1782 .calc_md5_hash = tcp_v4_md5_hash_skb, 1783 .md5_add = tcp_v6_md5_add_func, 1784 .md5_parse = tcp_v6_parse_md5_keys, 1785 }; 1786 #endif 1787 1788 /* NOTE: A lot of things set to zero explicitly by call to 1789 * sk_alloc() so need not be done here. 1790 */ 1791 static int tcp_v6_init_sock(struct sock *sk) 1792 { 1793 struct inet_connection_sock *icsk = inet_csk(sk); 1794 struct tcp_sock *tp = tcp_sk(sk); 1795 1796 skb_queue_head_init(&tp->out_of_order_queue); 1797 tcp_init_xmit_timers(sk); 1798 tcp_prequeue_init(tp); 1799 1800 icsk->icsk_rto = TCP_TIMEOUT_INIT; 1801 tp->mdev = TCP_TIMEOUT_INIT; 1802 1803 /* So many TCP implementations out there (incorrectly) count the 1804 * initial SYN frame in their delayed-ACK and congestion control 1805 * algorithms that we must have the following bandaid to talk 1806 * efficiently to them. -DaveM 1807 */ 1808 tp->snd_cwnd = 2; 1809 1810 /* See draft-stevens-tcpca-spec-01 for discussion of the 1811 * initialization of these values. 1812 */ 1813 tp->snd_ssthresh = 0x7fffffff; 1814 tp->snd_cwnd_clamp = ~0; 1815 tp->mss_cache = 536; 1816 1817 tp->reordering = sysctl_tcp_reordering; 1818 1819 sk->sk_state = TCP_CLOSE; 1820 1821 icsk->icsk_af_ops = &ipv6_specific; 1822 icsk->icsk_ca_ops = &tcp_init_congestion_ops; 1823 icsk->icsk_sync_mss = tcp_sync_mss; 1824 sk->sk_write_space = sk_stream_write_space; 1825 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE); 1826 1827 #ifdef CONFIG_TCP_MD5SIG 1828 tp->af_specific = &tcp_sock_ipv6_specific; 1829 #endif 1830 1831 sk->sk_sndbuf = sysctl_tcp_wmem[1]; 1832 sk->sk_rcvbuf = sysctl_tcp_rmem[1]; 1833 1834 atomic_inc(&tcp_sockets_allocated); 1835 1836 return 0; 1837 } 1838 1839 static void tcp_v6_destroy_sock(struct sock *sk) 1840 { 1841 #ifdef CONFIG_TCP_MD5SIG 1842 /* Clean up the MD5 key list */ 1843 if (tcp_sk(sk)->md5sig_info) 1844 tcp_v6_clear_md5_list(sk); 1845 #endif 1846 tcp_v4_destroy_sock(sk); 1847 inet6_destroy_sock(sk); 1848 } 1849 1850 #ifdef CONFIG_PROC_FS 1851 /* Proc filesystem TCPv6 sock list dumping. */ 1852 static void get_openreq6(struct seq_file *seq, 1853 struct sock *sk, struct request_sock *req, int i, int uid) 1854 { 1855 int ttd = req->expires - jiffies; 1856 struct in6_addr *src = &inet6_rsk(req)->loc_addr; 1857 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr; 1858 1859 if (ttd < 0) 1860 ttd = 0; 1861 1862 seq_printf(seq, 1863 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1864 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 1865 i, 1866 src->s6_addr32[0], src->s6_addr32[1], 1867 src->s6_addr32[2], src->s6_addr32[3], 1868 ntohs(inet_rsk(req)->loc_port), 1869 dest->s6_addr32[0], dest->s6_addr32[1], 1870 dest->s6_addr32[2], dest->s6_addr32[3], 1871 ntohs(inet_rsk(req)->rmt_port), 1872 TCP_SYN_RECV, 1873 0,0, /* could print option size, but that is af dependent. */ 1874 1, /* timers active (only the expire timer) */ 1875 jiffies_to_clock_t(ttd), 1876 req->retrans, 1877 uid, 1878 0, /* non standard timer */ 1879 0, /* open_requests have no inode */ 1880 0, req); 1881 } 1882 1883 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) 1884 { 1885 struct in6_addr *dest, *src; 1886 __u16 destp, srcp; 1887 int timer_active; 1888 unsigned long timer_expires; 1889 struct inet_sock *inet = inet_sk(sp); 1890 struct tcp_sock *tp = tcp_sk(sp); 1891 const struct inet_connection_sock *icsk = inet_csk(sp); 1892 struct ipv6_pinfo *np = inet6_sk(sp); 1893 1894 dest = &np->daddr; 1895 src = &np->rcv_saddr; 1896 destp = ntohs(inet->dport); 1897 srcp = ntohs(inet->sport); 1898 1899 if (icsk->icsk_pending == ICSK_TIME_RETRANS) { 1900 timer_active = 1; 1901 timer_expires = icsk->icsk_timeout; 1902 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) { 1903 timer_active = 4; 1904 timer_expires = icsk->icsk_timeout; 1905 } else if (timer_pending(&sp->sk_timer)) { 1906 timer_active = 2; 1907 timer_expires = sp->sk_timer.expires; 1908 } else { 1909 timer_active = 0; 1910 timer_expires = jiffies; 1911 } 1912 1913 seq_printf(seq, 1914 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1915 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %lu %lu %u %u %d\n", 1916 i, 1917 src->s6_addr32[0], src->s6_addr32[1], 1918 src->s6_addr32[2], src->s6_addr32[3], srcp, 1919 dest->s6_addr32[0], dest->s6_addr32[1], 1920 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1921 sp->sk_state, 1922 tp->write_seq-tp->snd_una, 1923 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq), 1924 timer_active, 1925 jiffies_to_clock_t(timer_expires - jiffies), 1926 icsk->icsk_retransmits, 1927 sock_i_uid(sp), 1928 icsk->icsk_probes_out, 1929 sock_i_ino(sp), 1930 atomic_read(&sp->sk_refcnt), sp, 1931 jiffies_to_clock_t(icsk->icsk_rto), 1932 jiffies_to_clock_t(icsk->icsk_ack.ato), 1933 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong, 1934 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh 1935 ); 1936 } 1937 1938 static void get_timewait6_sock(struct seq_file *seq, 1939 struct inet_timewait_sock *tw, int i) 1940 { 1941 struct in6_addr *dest, *src; 1942 __u16 destp, srcp; 1943 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw); 1944 int ttd = tw->tw_ttd - jiffies; 1945 1946 if (ttd < 0) 1947 ttd = 0; 1948 1949 dest = &tw6->tw_v6_daddr; 1950 src = &tw6->tw_v6_rcv_saddr; 1951 destp = ntohs(tw->tw_dport); 1952 srcp = ntohs(tw->tw_sport); 1953 1954 seq_printf(seq, 1955 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1956 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 1957 i, 1958 src->s6_addr32[0], src->s6_addr32[1], 1959 src->s6_addr32[2], src->s6_addr32[3], srcp, 1960 dest->s6_addr32[0], dest->s6_addr32[1], 1961 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1962 tw->tw_substate, 0, 0, 1963 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, 1964 atomic_read(&tw->tw_refcnt), tw); 1965 } 1966 1967 static int tcp6_seq_show(struct seq_file *seq, void *v) 1968 { 1969 struct tcp_iter_state *st; 1970 1971 if (v == SEQ_START_TOKEN) { 1972 seq_puts(seq, 1973 " sl " 1974 "local_address " 1975 "remote_address " 1976 "st tx_queue rx_queue tr tm->when retrnsmt" 1977 " uid timeout inode\n"); 1978 goto out; 1979 } 1980 st = seq->private; 1981 1982 switch (st->state) { 1983 case TCP_SEQ_STATE_LISTENING: 1984 case TCP_SEQ_STATE_ESTABLISHED: 1985 get_tcp6_sock(seq, v, st->num); 1986 break; 1987 case TCP_SEQ_STATE_OPENREQ: 1988 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid); 1989 break; 1990 case TCP_SEQ_STATE_TIME_WAIT: 1991 get_timewait6_sock(seq, v, st->num); 1992 break; 1993 } 1994 out: 1995 return 0; 1996 } 1997 1998 static struct tcp_seq_afinfo tcp6_seq_afinfo = { 1999 .name = "tcp6", 2000 .family = AF_INET6, 2001 .seq_fops = { 2002 .owner = THIS_MODULE, 2003 }, 2004 .seq_ops = { 2005 .show = tcp6_seq_show, 2006 }, 2007 }; 2008 2009 int tcp6_proc_init(struct net *net) 2010 { 2011 return tcp_proc_register(net, &tcp6_seq_afinfo); 2012 } 2013 2014 void tcp6_proc_exit(struct net *net) 2015 { 2016 tcp_proc_unregister(net, &tcp6_seq_afinfo); 2017 } 2018 #endif 2019 2020 struct proto tcpv6_prot = { 2021 .name = "TCPv6", 2022 .owner = THIS_MODULE, 2023 .close = tcp_close, 2024 .connect = tcp_v6_connect, 2025 .disconnect = tcp_disconnect, 2026 .accept = inet_csk_accept, 2027 .ioctl = tcp_ioctl, 2028 .init = tcp_v6_init_sock, 2029 .destroy = tcp_v6_destroy_sock, 2030 .shutdown = tcp_shutdown, 2031 .setsockopt = tcp_setsockopt, 2032 .getsockopt = tcp_getsockopt, 2033 .recvmsg = tcp_recvmsg, 2034 .backlog_rcv = tcp_v6_do_rcv, 2035 .hash = tcp_v6_hash, 2036 .unhash = inet_unhash, 2037 .get_port = inet_csk_get_port, 2038 .enter_memory_pressure = tcp_enter_memory_pressure, 2039 .sockets_allocated = &tcp_sockets_allocated, 2040 .memory_allocated = &tcp_memory_allocated, 2041 .memory_pressure = &tcp_memory_pressure, 2042 .orphan_count = &tcp_orphan_count, 2043 .sysctl_mem = sysctl_tcp_mem, 2044 .sysctl_wmem = sysctl_tcp_wmem, 2045 .sysctl_rmem = sysctl_tcp_rmem, 2046 .max_header = MAX_TCP_HEADER, 2047 .obj_size = sizeof(struct tcp6_sock), 2048 .twsk_prot = &tcp6_timewait_sock_ops, 2049 .rsk_prot = &tcp6_request_sock_ops, 2050 .h.hashinfo = &tcp_hashinfo, 2051 #ifdef CONFIG_COMPAT 2052 .compat_setsockopt = compat_tcp_setsockopt, 2053 .compat_getsockopt = compat_tcp_getsockopt, 2054 #endif 2055 }; 2056 2057 static struct inet6_protocol tcpv6_protocol = { 2058 .handler = tcp_v6_rcv, 2059 .err_handler = tcp_v6_err, 2060 .gso_send_check = tcp_v6_gso_send_check, 2061 .gso_segment = tcp_tso_segment, 2062 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 2063 }; 2064 2065 static struct inet_protosw tcpv6_protosw = { 2066 .type = SOCK_STREAM, 2067 .protocol = IPPROTO_TCP, 2068 .prot = &tcpv6_prot, 2069 .ops = &inet6_stream_ops, 2070 .capability = -1, 2071 .no_check = 0, 2072 .flags = INET_PROTOSW_PERMANENT | 2073 INET_PROTOSW_ICSK, 2074 }; 2075 2076 static int tcpv6_net_init(struct net *net) 2077 { 2078 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6, 2079 SOCK_RAW, IPPROTO_TCP, net); 2080 } 2081 2082 static void tcpv6_net_exit(struct net *net) 2083 { 2084 inet_ctl_sock_destroy(net->ipv6.tcp_sk); 2085 inet_twsk_purge(net, &tcp_hashinfo, &tcp_death_row, AF_INET6); 2086 } 2087 2088 static struct pernet_operations tcpv6_net_ops = { 2089 .init = tcpv6_net_init, 2090 .exit = tcpv6_net_exit, 2091 }; 2092 2093 int __init tcpv6_init(void) 2094 { 2095 int ret; 2096 2097 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP); 2098 if (ret) 2099 goto out; 2100 2101 /* register inet6 protocol */ 2102 ret = inet6_register_protosw(&tcpv6_protosw); 2103 if (ret) 2104 goto out_tcpv6_protocol; 2105 2106 ret = register_pernet_subsys(&tcpv6_net_ops); 2107 if (ret) 2108 goto out_tcpv6_protosw; 2109 out: 2110 return ret; 2111 2112 out_tcpv6_protocol: 2113 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP); 2114 out_tcpv6_protosw: 2115 inet6_unregister_protosw(&tcpv6_protosw); 2116 goto out; 2117 } 2118 2119 void tcpv6_exit(void) 2120 { 2121 unregister_pernet_subsys(&tcpv6_net_ops); 2122 inet6_unregister_protosw(&tcpv6_protosw); 2123 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP); 2124 } 2125