1 /* 2 * TCP over IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * $Id: tcp_ipv6.c,v 1.144 2002/02/01 22:01:04 davem Exp $ 9 * 10 * Based on: 11 * linux/net/ipv4/tcp.c 12 * linux/net/ipv4/tcp_input.c 13 * linux/net/ipv4/tcp_output.c 14 * 15 * Fixes: 16 * Hideaki YOSHIFUJI : sin6_scope_id support 17 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which 18 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind 19 * a single port at the same time. 20 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file. 21 * 22 * This program is free software; you can redistribute it and/or 23 * modify it under the terms of the GNU General Public License 24 * as published by the Free Software Foundation; either version 25 * 2 of the License, or (at your option) any later version. 26 */ 27 28 #include <linux/module.h> 29 #include <linux/config.h> 30 #include <linux/errno.h> 31 #include <linux/types.h> 32 #include <linux/socket.h> 33 #include <linux/sockios.h> 34 #include <linux/net.h> 35 #include <linux/jiffies.h> 36 #include <linux/in.h> 37 #include <linux/in6.h> 38 #include <linux/netdevice.h> 39 #include <linux/init.h> 40 #include <linux/jhash.h> 41 #include <linux/ipsec.h> 42 #include <linux/times.h> 43 44 #include <linux/ipv6.h> 45 #include <linux/icmpv6.h> 46 #include <linux/random.h> 47 48 #include <net/tcp.h> 49 #include <net/ndisc.h> 50 #include <net/inet6_hashtables.h> 51 #include <net/ipv6.h> 52 #include <net/transp_v6.h> 53 #include <net/addrconf.h> 54 #include <net/ip6_route.h> 55 #include <net/ip6_checksum.h> 56 #include <net/inet_ecn.h> 57 #include <net/protocol.h> 58 #include <net/xfrm.h> 59 #include <net/addrconf.h> 60 #include <net/snmp.h> 61 #include <net/dsfield.h> 62 63 #include <asm/uaccess.h> 64 65 #include <linux/proc_fs.h> 66 #include <linux/seq_file.h> 67 68 static void tcp_v6_send_reset(struct sk_buff *skb); 69 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req); 70 static void tcp_v6_send_check(struct sock *sk, struct tcphdr *th, int len, 71 struct sk_buff *skb); 72 73 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb); 74 static int tcp_v6_xmit(struct sk_buff *skb, int ipfragok); 75 76 static struct tcp_func ipv6_mapped; 77 static struct tcp_func ipv6_specific; 78 79 static inline int tcp_v6_bind_conflict(const struct sock *sk, 80 const struct inet_bind_bucket *tb) 81 { 82 const struct sock *sk2; 83 const struct hlist_node *node; 84 85 /* We must walk the whole port owner list in this case. -DaveM */ 86 sk_for_each_bound(sk2, node, &tb->owners) { 87 if (sk != sk2 && 88 (!sk->sk_bound_dev_if || 89 !sk2->sk_bound_dev_if || 90 sk->sk_bound_dev_if == sk2->sk_bound_dev_if) && 91 (!sk->sk_reuse || !sk2->sk_reuse || 92 sk2->sk_state == TCP_LISTEN) && 93 ipv6_rcv_saddr_equal(sk, sk2)) 94 break; 95 } 96 97 return node != NULL; 98 } 99 100 /* Grrr, addr_type already calculated by caller, but I don't want 101 * to add some silly "cookie" argument to this method just for that. 102 * But it doesn't matter, the recalculation is in the rarest path 103 * this function ever takes. 104 */ 105 static int tcp_v6_get_port(struct sock *sk, unsigned short snum) 106 { 107 struct inet_bind_hashbucket *head; 108 struct inet_bind_bucket *tb; 109 struct hlist_node *node; 110 int ret; 111 112 local_bh_disable(); 113 if (snum == 0) { 114 int low = sysctl_local_port_range[0]; 115 int high = sysctl_local_port_range[1]; 116 int remaining = (high - low) + 1; 117 int rover = net_random() % (high - low) + low; 118 119 do { 120 head = &tcp_hashinfo.bhash[inet_bhashfn(rover, tcp_hashinfo.bhash_size)]; 121 spin_lock(&head->lock); 122 inet_bind_bucket_for_each(tb, node, &head->chain) 123 if (tb->port == rover) 124 goto next; 125 break; 126 next: 127 spin_unlock(&head->lock); 128 if (++rover > high) 129 rover = low; 130 } while (--remaining > 0); 131 132 /* Exhausted local port range during search? It is not 133 * possible for us to be holding one of the bind hash 134 * locks if this test triggers, because if 'remaining' 135 * drops to zero, we broke out of the do/while loop at 136 * the top level, not from the 'break;' statement. 137 */ 138 ret = 1; 139 if (unlikely(remaining <= 0)) 140 goto fail; 141 142 /* OK, here is the one we will use. */ 143 snum = rover; 144 } else { 145 head = &tcp_hashinfo.bhash[inet_bhashfn(snum, tcp_hashinfo.bhash_size)]; 146 spin_lock(&head->lock); 147 inet_bind_bucket_for_each(tb, node, &head->chain) 148 if (tb->port == snum) 149 goto tb_found; 150 } 151 tb = NULL; 152 goto tb_not_found; 153 tb_found: 154 if (tb && !hlist_empty(&tb->owners)) { 155 if (tb->fastreuse > 0 && sk->sk_reuse && 156 sk->sk_state != TCP_LISTEN) { 157 goto success; 158 } else { 159 ret = 1; 160 if (tcp_v6_bind_conflict(sk, tb)) 161 goto fail_unlock; 162 } 163 } 164 tb_not_found: 165 ret = 1; 166 if (tb == NULL) { 167 tb = inet_bind_bucket_create(tcp_hashinfo.bind_bucket_cachep, head, snum); 168 if (tb == NULL) 169 goto fail_unlock; 170 } 171 if (hlist_empty(&tb->owners)) { 172 if (sk->sk_reuse && sk->sk_state != TCP_LISTEN) 173 tb->fastreuse = 1; 174 else 175 tb->fastreuse = 0; 176 } else if (tb->fastreuse && 177 (!sk->sk_reuse || sk->sk_state == TCP_LISTEN)) 178 tb->fastreuse = 0; 179 180 success: 181 if (!inet_csk(sk)->icsk_bind_hash) 182 inet_bind_hash(sk, tb, snum); 183 BUG_TRAP(inet_csk(sk)->icsk_bind_hash == tb); 184 ret = 0; 185 186 fail_unlock: 187 spin_unlock(&head->lock); 188 fail: 189 local_bh_enable(); 190 return ret; 191 } 192 193 static __inline__ void __tcp_v6_hash(struct sock *sk) 194 { 195 struct hlist_head *list; 196 rwlock_t *lock; 197 198 BUG_TRAP(sk_unhashed(sk)); 199 200 if (sk->sk_state == TCP_LISTEN) { 201 list = &tcp_hashinfo.listening_hash[inet_sk_listen_hashfn(sk)]; 202 lock = &tcp_hashinfo.lhash_lock; 203 inet_listen_wlock(&tcp_hashinfo); 204 } else { 205 unsigned int hash; 206 sk->sk_hash = hash = inet6_sk_ehashfn(sk); 207 hash &= (tcp_hashinfo.ehash_size - 1); 208 list = &tcp_hashinfo.ehash[hash].chain; 209 lock = &tcp_hashinfo.ehash[hash].lock; 210 write_lock(lock); 211 } 212 213 __sk_add_node(sk, list); 214 sock_prot_inc_use(sk->sk_prot); 215 write_unlock(lock); 216 } 217 218 219 static void tcp_v6_hash(struct sock *sk) 220 { 221 if (sk->sk_state != TCP_CLOSE) { 222 struct tcp_sock *tp = tcp_sk(sk); 223 224 if (tp->af_specific == &ipv6_mapped) { 225 tcp_prot.hash(sk); 226 return; 227 } 228 local_bh_disable(); 229 __tcp_v6_hash(sk); 230 local_bh_enable(); 231 } 232 } 233 234 /* 235 * Open request hash tables. 236 */ 237 238 static u32 tcp_v6_synq_hash(const struct in6_addr *raddr, const u16 rport, const u32 rnd) 239 { 240 u32 a, b, c; 241 242 a = raddr->s6_addr32[0]; 243 b = raddr->s6_addr32[1]; 244 c = raddr->s6_addr32[2]; 245 246 a += JHASH_GOLDEN_RATIO; 247 b += JHASH_GOLDEN_RATIO; 248 c += rnd; 249 __jhash_mix(a, b, c); 250 251 a += raddr->s6_addr32[3]; 252 b += (u32) rport; 253 __jhash_mix(a, b, c); 254 255 return c & (TCP_SYNQ_HSIZE - 1); 256 } 257 258 static struct request_sock *tcp_v6_search_req(const struct sock *sk, 259 struct request_sock ***prevp, 260 __u16 rport, 261 struct in6_addr *raddr, 262 struct in6_addr *laddr, 263 int iif) 264 { 265 const struct inet_connection_sock *icsk = inet_csk(sk); 266 struct listen_sock *lopt = icsk->icsk_accept_queue.listen_opt; 267 struct request_sock *req, **prev; 268 269 for (prev = &lopt->syn_table[tcp_v6_synq_hash(raddr, rport, lopt->hash_rnd)]; 270 (req = *prev) != NULL; 271 prev = &req->dl_next) { 272 const struct tcp6_request_sock *treq = tcp6_rsk(req); 273 274 if (inet_rsk(req)->rmt_port == rport && 275 req->rsk_ops->family == AF_INET6 && 276 ipv6_addr_equal(&treq->rmt_addr, raddr) && 277 ipv6_addr_equal(&treq->loc_addr, laddr) && 278 (!treq->iif || treq->iif == iif)) { 279 BUG_TRAP(req->sk == NULL); 280 *prevp = prev; 281 return req; 282 } 283 } 284 285 return NULL; 286 } 287 288 static __inline__ u16 tcp_v6_check(struct tcphdr *th, int len, 289 struct in6_addr *saddr, 290 struct in6_addr *daddr, 291 unsigned long base) 292 { 293 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base); 294 } 295 296 static __u32 tcp_v6_init_sequence(struct sock *sk, struct sk_buff *skb) 297 { 298 if (skb->protocol == htons(ETH_P_IPV6)) { 299 return secure_tcpv6_sequence_number(skb->nh.ipv6h->daddr.s6_addr32, 300 skb->nh.ipv6h->saddr.s6_addr32, 301 skb->h.th->dest, 302 skb->h.th->source); 303 } else { 304 return secure_tcp_sequence_number(skb->nh.iph->daddr, 305 skb->nh.iph->saddr, 306 skb->h.th->dest, 307 skb->h.th->source); 308 } 309 } 310 311 static int __tcp_v6_check_established(struct sock *sk, const __u16 lport, 312 struct inet_timewait_sock **twp) 313 { 314 struct inet_sock *inet = inet_sk(sk); 315 const struct ipv6_pinfo *np = inet6_sk(sk); 316 const struct in6_addr *daddr = &np->rcv_saddr; 317 const struct in6_addr *saddr = &np->daddr; 318 const int dif = sk->sk_bound_dev_if; 319 const u32 ports = INET_COMBINED_PORTS(inet->dport, lport); 320 unsigned int hash = inet6_ehashfn(daddr, inet->num, saddr, inet->dport); 321 struct inet_ehash_bucket *head = inet_ehash_bucket(&tcp_hashinfo, hash); 322 struct sock *sk2; 323 const struct hlist_node *node; 324 struct inet_timewait_sock *tw; 325 326 prefetch(head->chain.first); 327 write_lock(&head->lock); 328 329 /* Check TIME-WAIT sockets first. */ 330 sk_for_each(sk2, node, &(head + tcp_hashinfo.ehash_size)->chain) { 331 const struct tcp6_timewait_sock *tcp6tw = tcp6_twsk(sk2); 332 333 tw = inet_twsk(sk2); 334 335 if(*((__u32 *)&(tw->tw_dport)) == ports && 336 sk2->sk_family == PF_INET6 && 337 ipv6_addr_equal(&tcp6tw->tw_v6_daddr, saddr) && 338 ipv6_addr_equal(&tcp6tw->tw_v6_rcv_saddr, daddr) && 339 sk2->sk_bound_dev_if == sk->sk_bound_dev_if) { 340 const struct tcp_timewait_sock *tcptw = tcp_twsk(sk2); 341 struct tcp_sock *tp = tcp_sk(sk); 342 343 if (tcptw->tw_ts_recent_stamp && 344 (!twp || 345 (sysctl_tcp_tw_reuse && 346 xtime.tv_sec - tcptw->tw_ts_recent_stamp > 1))) { 347 /* See comment in tcp_ipv4.c */ 348 tp->write_seq = tcptw->tw_snd_nxt + 65535 + 2; 349 if (!tp->write_seq) 350 tp->write_seq = 1; 351 tp->rx_opt.ts_recent = tcptw->tw_ts_recent; 352 tp->rx_opt.ts_recent_stamp = tcptw->tw_ts_recent_stamp; 353 sock_hold(sk2); 354 goto unique; 355 } else 356 goto not_unique; 357 } 358 } 359 tw = NULL; 360 361 /* And established part... */ 362 sk_for_each(sk2, node, &head->chain) { 363 if (INET6_MATCH(sk2, hash, saddr, daddr, ports, dif)) 364 goto not_unique; 365 } 366 367 unique: 368 BUG_TRAP(sk_unhashed(sk)); 369 __sk_add_node(sk, &head->chain); 370 sk->sk_hash = hash; 371 sock_prot_inc_use(sk->sk_prot); 372 write_unlock(&head->lock); 373 374 if (twp) { 375 *twp = tw; 376 NET_INC_STATS_BH(LINUX_MIB_TIMEWAITRECYCLED); 377 } else if (tw) { 378 /* Silly. Should hash-dance instead... */ 379 inet_twsk_deschedule(tw, &tcp_death_row); 380 NET_INC_STATS_BH(LINUX_MIB_TIMEWAITRECYCLED); 381 382 inet_twsk_put(tw); 383 } 384 return 0; 385 386 not_unique: 387 write_unlock(&head->lock); 388 return -EADDRNOTAVAIL; 389 } 390 391 static inline u32 tcpv6_port_offset(const struct sock *sk) 392 { 393 const struct inet_sock *inet = inet_sk(sk); 394 const struct ipv6_pinfo *np = inet6_sk(sk); 395 396 return secure_tcpv6_port_ephemeral(np->rcv_saddr.s6_addr32, 397 np->daddr.s6_addr32, 398 inet->dport); 399 } 400 401 static int tcp_v6_hash_connect(struct sock *sk) 402 { 403 unsigned short snum = inet_sk(sk)->num; 404 struct inet_bind_hashbucket *head; 405 struct inet_bind_bucket *tb; 406 int ret; 407 408 if (!snum) { 409 int low = sysctl_local_port_range[0]; 410 int high = sysctl_local_port_range[1]; 411 int range = high - low; 412 int i; 413 int port; 414 static u32 hint; 415 u32 offset = hint + tcpv6_port_offset(sk); 416 struct hlist_node *node; 417 struct inet_timewait_sock *tw = NULL; 418 419 local_bh_disable(); 420 for (i = 1; i <= range; i++) { 421 port = low + (i + offset) % range; 422 head = &tcp_hashinfo.bhash[inet_bhashfn(port, tcp_hashinfo.bhash_size)]; 423 spin_lock(&head->lock); 424 425 /* Does not bother with rcv_saddr checks, 426 * because the established check is already 427 * unique enough. 428 */ 429 inet_bind_bucket_for_each(tb, node, &head->chain) { 430 if (tb->port == port) { 431 BUG_TRAP(!hlist_empty(&tb->owners)); 432 if (tb->fastreuse >= 0) 433 goto next_port; 434 if (!__tcp_v6_check_established(sk, 435 port, 436 &tw)) 437 goto ok; 438 goto next_port; 439 } 440 } 441 442 tb = inet_bind_bucket_create(tcp_hashinfo.bind_bucket_cachep, head, port); 443 if (!tb) { 444 spin_unlock(&head->lock); 445 break; 446 } 447 tb->fastreuse = -1; 448 goto ok; 449 450 next_port: 451 spin_unlock(&head->lock); 452 } 453 local_bh_enable(); 454 455 return -EADDRNOTAVAIL; 456 457 ok: 458 hint += i; 459 460 /* Head lock still held and bh's disabled */ 461 inet_bind_hash(sk, tb, port); 462 if (sk_unhashed(sk)) { 463 inet_sk(sk)->sport = htons(port); 464 __tcp_v6_hash(sk); 465 } 466 spin_unlock(&head->lock); 467 468 if (tw) { 469 inet_twsk_deschedule(tw, &tcp_death_row); 470 inet_twsk_put(tw); 471 } 472 473 ret = 0; 474 goto out; 475 } 476 477 head = &tcp_hashinfo.bhash[inet_bhashfn(snum, tcp_hashinfo.bhash_size)]; 478 tb = inet_csk(sk)->icsk_bind_hash; 479 spin_lock_bh(&head->lock); 480 481 if (sk_head(&tb->owners) == sk && !sk->sk_bind_node.next) { 482 __tcp_v6_hash(sk); 483 spin_unlock_bh(&head->lock); 484 return 0; 485 } else { 486 spin_unlock(&head->lock); 487 /* No definite answer... Walk to established hash table */ 488 ret = __tcp_v6_check_established(sk, snum, NULL); 489 out: 490 local_bh_enable(); 491 return ret; 492 } 493 } 494 495 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, 496 int addr_len) 497 { 498 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; 499 struct inet_sock *inet = inet_sk(sk); 500 struct ipv6_pinfo *np = inet6_sk(sk); 501 struct tcp_sock *tp = tcp_sk(sk); 502 struct in6_addr *saddr = NULL, *final_p = NULL, final; 503 struct flowi fl; 504 struct dst_entry *dst; 505 int addr_type; 506 int err; 507 508 if (addr_len < SIN6_LEN_RFC2133) 509 return -EINVAL; 510 511 if (usin->sin6_family != AF_INET6) 512 return(-EAFNOSUPPORT); 513 514 memset(&fl, 0, sizeof(fl)); 515 516 if (np->sndflow) { 517 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK; 518 IP6_ECN_flow_init(fl.fl6_flowlabel); 519 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) { 520 struct ip6_flowlabel *flowlabel; 521 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); 522 if (flowlabel == NULL) 523 return -EINVAL; 524 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst); 525 fl6_sock_release(flowlabel); 526 } 527 } 528 529 /* 530 * connect() to INADDR_ANY means loopback (BSD'ism). 531 */ 532 533 if(ipv6_addr_any(&usin->sin6_addr)) 534 usin->sin6_addr.s6_addr[15] = 0x1; 535 536 addr_type = ipv6_addr_type(&usin->sin6_addr); 537 538 if(addr_type & IPV6_ADDR_MULTICAST) 539 return -ENETUNREACH; 540 541 if (addr_type&IPV6_ADDR_LINKLOCAL) { 542 if (addr_len >= sizeof(struct sockaddr_in6) && 543 usin->sin6_scope_id) { 544 /* If interface is set while binding, indices 545 * must coincide. 546 */ 547 if (sk->sk_bound_dev_if && 548 sk->sk_bound_dev_if != usin->sin6_scope_id) 549 return -EINVAL; 550 551 sk->sk_bound_dev_if = usin->sin6_scope_id; 552 } 553 554 /* Connect to link-local address requires an interface */ 555 if (!sk->sk_bound_dev_if) 556 return -EINVAL; 557 } 558 559 if (tp->rx_opt.ts_recent_stamp && 560 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) { 561 tp->rx_opt.ts_recent = 0; 562 tp->rx_opt.ts_recent_stamp = 0; 563 tp->write_seq = 0; 564 } 565 566 ipv6_addr_copy(&np->daddr, &usin->sin6_addr); 567 np->flow_label = fl.fl6_flowlabel; 568 569 /* 570 * TCP over IPv4 571 */ 572 573 if (addr_type == IPV6_ADDR_MAPPED) { 574 u32 exthdrlen = tp->ext_header_len; 575 struct sockaddr_in sin; 576 577 SOCK_DEBUG(sk, "connect: ipv4 mapped\n"); 578 579 if (__ipv6_only_sock(sk)) 580 return -ENETUNREACH; 581 582 sin.sin_family = AF_INET; 583 sin.sin_port = usin->sin6_port; 584 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3]; 585 586 tp->af_specific = &ipv6_mapped; 587 sk->sk_backlog_rcv = tcp_v4_do_rcv; 588 589 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin)); 590 591 if (err) { 592 tp->ext_header_len = exthdrlen; 593 tp->af_specific = &ipv6_specific; 594 sk->sk_backlog_rcv = tcp_v6_do_rcv; 595 goto failure; 596 } else { 597 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF), 598 inet->saddr); 599 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF), 600 inet->rcv_saddr); 601 } 602 603 return err; 604 } 605 606 if (!ipv6_addr_any(&np->rcv_saddr)) 607 saddr = &np->rcv_saddr; 608 609 fl.proto = IPPROTO_TCP; 610 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 611 ipv6_addr_copy(&fl.fl6_src, 612 (saddr ? saddr : &np->saddr)); 613 fl.oif = sk->sk_bound_dev_if; 614 fl.fl_ip_dport = usin->sin6_port; 615 fl.fl_ip_sport = inet->sport; 616 617 if (np->opt && np->opt->srcrt) { 618 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt; 619 ipv6_addr_copy(&final, &fl.fl6_dst); 620 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 621 final_p = &final; 622 } 623 624 err = ip6_dst_lookup(sk, &dst, &fl); 625 if (err) 626 goto failure; 627 if (final_p) 628 ipv6_addr_copy(&fl.fl6_dst, final_p); 629 630 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 631 goto failure; 632 633 if (saddr == NULL) { 634 saddr = &fl.fl6_src; 635 ipv6_addr_copy(&np->rcv_saddr, saddr); 636 } 637 638 /* set the source address */ 639 ipv6_addr_copy(&np->saddr, saddr); 640 inet->rcv_saddr = LOOPBACK4_IPV6; 641 642 ip6_dst_store(sk, dst, NULL); 643 sk->sk_route_caps = dst->dev->features & 644 ~(NETIF_F_IP_CSUM | NETIF_F_TSO); 645 646 tp->ext_header_len = 0; 647 if (np->opt) 648 tp->ext_header_len = np->opt->opt_flen + np->opt->opt_nflen; 649 650 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 651 652 inet->dport = usin->sin6_port; 653 654 tcp_set_state(sk, TCP_SYN_SENT); 655 err = tcp_v6_hash_connect(sk); 656 if (err) 657 goto late_failure; 658 659 if (!tp->write_seq) 660 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32, 661 np->daddr.s6_addr32, 662 inet->sport, 663 inet->dport); 664 665 err = tcp_connect(sk); 666 if (err) 667 goto late_failure; 668 669 return 0; 670 671 late_failure: 672 tcp_set_state(sk, TCP_CLOSE); 673 __sk_dst_reset(sk); 674 failure: 675 inet->dport = 0; 676 sk->sk_route_caps = 0; 677 return err; 678 } 679 680 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 681 int type, int code, int offset, __u32 info) 682 { 683 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data; 684 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset); 685 struct ipv6_pinfo *np; 686 struct sock *sk; 687 int err; 688 struct tcp_sock *tp; 689 __u32 seq; 690 691 sk = inet6_lookup(&tcp_hashinfo, &hdr->daddr, th->dest, &hdr->saddr, 692 th->source, skb->dev->ifindex); 693 694 if (sk == NULL) { 695 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS); 696 return; 697 } 698 699 if (sk->sk_state == TCP_TIME_WAIT) { 700 inet_twsk_put((struct inet_timewait_sock *)sk); 701 return; 702 } 703 704 bh_lock_sock(sk); 705 if (sock_owned_by_user(sk)) 706 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS); 707 708 if (sk->sk_state == TCP_CLOSE) 709 goto out; 710 711 tp = tcp_sk(sk); 712 seq = ntohl(th->seq); 713 if (sk->sk_state != TCP_LISTEN && 714 !between(seq, tp->snd_una, tp->snd_nxt)) { 715 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS); 716 goto out; 717 } 718 719 np = inet6_sk(sk); 720 721 if (type == ICMPV6_PKT_TOOBIG) { 722 struct dst_entry *dst = NULL; 723 724 if (sock_owned_by_user(sk)) 725 goto out; 726 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) 727 goto out; 728 729 /* icmp should have updated the destination cache entry */ 730 dst = __sk_dst_check(sk, np->dst_cookie); 731 732 if (dst == NULL) { 733 struct inet_sock *inet = inet_sk(sk); 734 struct flowi fl; 735 736 /* BUGGG_FUTURE: Again, it is not clear how 737 to handle rthdr case. Ignore this complexity 738 for now. 739 */ 740 memset(&fl, 0, sizeof(fl)); 741 fl.proto = IPPROTO_TCP; 742 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 743 ipv6_addr_copy(&fl.fl6_src, &np->saddr); 744 fl.oif = sk->sk_bound_dev_if; 745 fl.fl_ip_dport = inet->dport; 746 fl.fl_ip_sport = inet->sport; 747 748 if ((err = ip6_dst_lookup(sk, &dst, &fl))) { 749 sk->sk_err_soft = -err; 750 goto out; 751 } 752 753 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { 754 sk->sk_err_soft = -err; 755 goto out; 756 } 757 758 } else 759 dst_hold(dst); 760 761 if (tp->pmtu_cookie > dst_mtu(dst)) { 762 tcp_sync_mss(sk, dst_mtu(dst)); 763 tcp_simple_retransmit(sk); 764 } /* else let the usual retransmit timer handle it */ 765 dst_release(dst); 766 goto out; 767 } 768 769 icmpv6_err_convert(type, code, &err); 770 771 /* Might be for an request_sock */ 772 switch (sk->sk_state) { 773 struct request_sock *req, **prev; 774 case TCP_LISTEN: 775 if (sock_owned_by_user(sk)) 776 goto out; 777 778 req = tcp_v6_search_req(sk, &prev, th->dest, &hdr->daddr, 779 &hdr->saddr, inet6_iif(skb)); 780 if (!req) 781 goto out; 782 783 /* ICMPs are not backlogged, hence we cannot get 784 * an established socket here. 785 */ 786 BUG_TRAP(req->sk == NULL); 787 788 if (seq != tcp_rsk(req)->snt_isn) { 789 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS); 790 goto out; 791 } 792 793 inet_csk_reqsk_queue_drop(sk, req, prev); 794 goto out; 795 796 case TCP_SYN_SENT: 797 case TCP_SYN_RECV: /* Cannot happen. 798 It can, it SYNs are crossed. --ANK */ 799 if (!sock_owned_by_user(sk)) { 800 TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS); 801 sk->sk_err = err; 802 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */ 803 804 tcp_done(sk); 805 } else 806 sk->sk_err_soft = err; 807 goto out; 808 } 809 810 if (!sock_owned_by_user(sk) && np->recverr) { 811 sk->sk_err = err; 812 sk->sk_error_report(sk); 813 } else 814 sk->sk_err_soft = err; 815 816 out: 817 bh_unlock_sock(sk); 818 sock_put(sk); 819 } 820 821 822 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req, 823 struct dst_entry *dst) 824 { 825 struct tcp6_request_sock *treq = tcp6_rsk(req); 826 struct ipv6_pinfo *np = inet6_sk(sk); 827 struct sk_buff * skb; 828 struct ipv6_txoptions *opt = NULL; 829 struct in6_addr * final_p = NULL, final; 830 struct flowi fl; 831 int err = -1; 832 833 memset(&fl, 0, sizeof(fl)); 834 fl.proto = IPPROTO_TCP; 835 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 836 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 837 fl.fl6_flowlabel = 0; 838 fl.oif = treq->iif; 839 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 840 fl.fl_ip_sport = inet_sk(sk)->sport; 841 842 if (dst == NULL) { 843 opt = np->opt; 844 if (opt == NULL && 845 np->rxopt.bits.osrcrt == 2 && 846 treq->pktopts) { 847 struct sk_buff *pktopts = treq->pktopts; 848 struct inet6_skb_parm *rxopt = IP6CB(pktopts); 849 if (rxopt->srcrt) 850 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr*)(pktopts->nh.raw + rxopt->srcrt)); 851 } 852 853 if (opt && opt->srcrt) { 854 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 855 ipv6_addr_copy(&final, &fl.fl6_dst); 856 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 857 final_p = &final; 858 } 859 860 err = ip6_dst_lookup(sk, &dst, &fl); 861 if (err) 862 goto done; 863 if (final_p) 864 ipv6_addr_copy(&fl.fl6_dst, final_p); 865 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 866 goto done; 867 } 868 869 skb = tcp_make_synack(sk, dst, req); 870 if (skb) { 871 struct tcphdr *th = skb->h.th; 872 873 th->check = tcp_v6_check(th, skb->len, 874 &treq->loc_addr, &treq->rmt_addr, 875 csum_partial((char *)th, skb->len, skb->csum)); 876 877 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 878 err = ip6_xmit(sk, skb, &fl, opt, 0); 879 if (err == NET_XMIT_CN) 880 err = 0; 881 } 882 883 done: 884 if (opt && opt != np->opt) 885 sock_kfree_s(sk, opt, opt->tot_len); 886 return err; 887 } 888 889 static void tcp_v6_reqsk_destructor(struct request_sock *req) 890 { 891 if (tcp6_rsk(req)->pktopts) 892 kfree_skb(tcp6_rsk(req)->pktopts); 893 } 894 895 static struct request_sock_ops tcp6_request_sock_ops = { 896 .family = AF_INET6, 897 .obj_size = sizeof(struct tcp6_request_sock), 898 .rtx_syn_ack = tcp_v6_send_synack, 899 .send_ack = tcp_v6_reqsk_send_ack, 900 .destructor = tcp_v6_reqsk_destructor, 901 .send_reset = tcp_v6_send_reset 902 }; 903 904 static int ipv6_opt_accepted(struct sock *sk, struct sk_buff *skb) 905 { 906 struct ipv6_pinfo *np = inet6_sk(sk); 907 struct inet6_skb_parm *opt = IP6CB(skb); 908 909 if (np->rxopt.all) { 910 if ((opt->hop && (np->rxopt.bits.hopopts || np->rxopt.bits.ohopopts)) || 911 ((IPV6_FLOWINFO_MASK & *(u32*)skb->nh.raw) && np->rxopt.bits.rxflow) || 912 (opt->srcrt && (np->rxopt.bits.srcrt || np->rxopt.bits.osrcrt)) || 913 ((opt->dst1 || opt->dst0) && (np->rxopt.bits.dstopts || np->rxopt.bits.odstopts))) 914 return 1; 915 } 916 return 0; 917 } 918 919 920 static void tcp_v6_send_check(struct sock *sk, struct tcphdr *th, int len, 921 struct sk_buff *skb) 922 { 923 struct ipv6_pinfo *np = inet6_sk(sk); 924 925 if (skb->ip_summed == CHECKSUM_HW) { 926 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0); 927 skb->csum = offsetof(struct tcphdr, check); 928 } else { 929 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 930 csum_partial((char *)th, th->doff<<2, 931 skb->csum)); 932 } 933 } 934 935 936 static void tcp_v6_send_reset(struct sk_buff *skb) 937 { 938 struct tcphdr *th = skb->h.th, *t1; 939 struct sk_buff *buff; 940 struct flowi fl; 941 942 if (th->rst) 943 return; 944 945 if (!ipv6_unicast_destination(skb)) 946 return; 947 948 /* 949 * We need to grab some memory, and put together an RST, 950 * and then put it into the queue to be sent. 951 */ 952 953 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr), 954 GFP_ATOMIC); 955 if (buff == NULL) 956 return; 957 958 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr)); 959 960 t1 = (struct tcphdr *) skb_push(buff,sizeof(struct tcphdr)); 961 962 /* Swap the send and the receive. */ 963 memset(t1, 0, sizeof(*t1)); 964 t1->dest = th->source; 965 t1->source = th->dest; 966 t1->doff = sizeof(*t1)/4; 967 t1->rst = 1; 968 969 if(th->ack) { 970 t1->seq = th->ack_seq; 971 } else { 972 t1->ack = 1; 973 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin 974 + skb->len - (th->doff<<2)); 975 } 976 977 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0); 978 979 memset(&fl, 0, sizeof(fl)); 980 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr); 981 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr); 982 983 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst, 984 sizeof(*t1), IPPROTO_TCP, 985 buff->csum); 986 987 fl.proto = IPPROTO_TCP; 988 fl.oif = inet6_iif(skb); 989 fl.fl_ip_dport = t1->dest; 990 fl.fl_ip_sport = t1->source; 991 992 /* sk = NULL, but it is safe for now. RST socket required. */ 993 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) { 994 995 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) { 996 ip6_xmit(NULL, buff, &fl, NULL, 0); 997 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS); 998 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS); 999 return; 1000 } 1001 } 1002 1003 kfree_skb(buff); 1004 } 1005 1006 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts) 1007 { 1008 struct tcphdr *th = skb->h.th, *t1; 1009 struct sk_buff *buff; 1010 struct flowi fl; 1011 int tot_len = sizeof(struct tcphdr); 1012 1013 if (ts) 1014 tot_len += 3*4; 1015 1016 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len, 1017 GFP_ATOMIC); 1018 if (buff == NULL) 1019 return; 1020 1021 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len); 1022 1023 t1 = (struct tcphdr *) skb_push(buff,tot_len); 1024 1025 /* Swap the send and the receive. */ 1026 memset(t1, 0, sizeof(*t1)); 1027 t1->dest = th->source; 1028 t1->source = th->dest; 1029 t1->doff = tot_len/4; 1030 t1->seq = htonl(seq); 1031 t1->ack_seq = htonl(ack); 1032 t1->ack = 1; 1033 t1->window = htons(win); 1034 1035 if (ts) { 1036 u32 *ptr = (u32*)(t1 + 1); 1037 *ptr++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 1038 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP); 1039 *ptr++ = htonl(tcp_time_stamp); 1040 *ptr = htonl(ts); 1041 } 1042 1043 buff->csum = csum_partial((char *)t1, tot_len, 0); 1044 1045 memset(&fl, 0, sizeof(fl)); 1046 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr); 1047 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr); 1048 1049 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst, 1050 tot_len, IPPROTO_TCP, 1051 buff->csum); 1052 1053 fl.proto = IPPROTO_TCP; 1054 fl.oif = inet6_iif(skb); 1055 fl.fl_ip_dport = t1->dest; 1056 fl.fl_ip_sport = t1->source; 1057 1058 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) { 1059 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) { 1060 ip6_xmit(NULL, buff, &fl, NULL, 0); 1061 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS); 1062 return; 1063 } 1064 } 1065 1066 kfree_skb(buff); 1067 } 1068 1069 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb) 1070 { 1071 struct inet_timewait_sock *tw = inet_twsk(sk); 1072 const struct tcp_timewait_sock *tcptw = tcp_twsk(sk); 1073 1074 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt, 1075 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale, 1076 tcptw->tw_ts_recent); 1077 1078 inet_twsk_put(tw); 1079 } 1080 1081 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req) 1082 { 1083 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent); 1084 } 1085 1086 1087 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb) 1088 { 1089 struct request_sock *req, **prev; 1090 const struct tcphdr *th = skb->h.th; 1091 struct sock *nsk; 1092 1093 /* Find possible connection requests. */ 1094 req = tcp_v6_search_req(sk, &prev, th->source, &skb->nh.ipv6h->saddr, 1095 &skb->nh.ipv6h->daddr, inet6_iif(skb)); 1096 if (req) 1097 return tcp_check_req(sk, skb, req, prev); 1098 1099 nsk = __inet6_lookup_established(&tcp_hashinfo, &skb->nh.ipv6h->saddr, 1100 th->source, &skb->nh.ipv6h->daddr, 1101 ntohs(th->dest), inet6_iif(skb)); 1102 1103 if (nsk) { 1104 if (nsk->sk_state != TCP_TIME_WAIT) { 1105 bh_lock_sock(nsk); 1106 return nsk; 1107 } 1108 inet_twsk_put((struct inet_timewait_sock *)nsk); 1109 return NULL; 1110 } 1111 1112 #if 0 /*def CONFIG_SYN_COOKIES*/ 1113 if (!th->rst && !th->syn && th->ack) 1114 sk = cookie_v6_check(sk, skb, &(IPCB(skb)->opt)); 1115 #endif 1116 return sk; 1117 } 1118 1119 static void tcp_v6_synq_add(struct sock *sk, struct request_sock *req) 1120 { 1121 struct inet_connection_sock *icsk = inet_csk(sk); 1122 struct listen_sock *lopt = icsk->icsk_accept_queue.listen_opt; 1123 const u32 h = tcp_v6_synq_hash(&tcp6_rsk(req)->rmt_addr, inet_rsk(req)->rmt_port, lopt->hash_rnd); 1124 1125 reqsk_queue_hash_req(&icsk->icsk_accept_queue, h, req, TCP_TIMEOUT_INIT); 1126 inet_csk_reqsk_queue_added(sk, TCP_TIMEOUT_INIT); 1127 } 1128 1129 1130 /* FIXME: this is substantially similar to the ipv4 code. 1131 * Can some kind of merge be done? -- erics 1132 */ 1133 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) 1134 { 1135 struct tcp6_request_sock *treq; 1136 struct ipv6_pinfo *np = inet6_sk(sk); 1137 struct tcp_options_received tmp_opt; 1138 struct tcp_sock *tp = tcp_sk(sk); 1139 struct request_sock *req = NULL; 1140 __u32 isn = TCP_SKB_CB(skb)->when; 1141 1142 if (skb->protocol == htons(ETH_P_IP)) 1143 return tcp_v4_conn_request(sk, skb); 1144 1145 if (!ipv6_unicast_destination(skb)) 1146 goto drop; 1147 1148 /* 1149 * There are no SYN attacks on IPv6, yet... 1150 */ 1151 if (inet_csk_reqsk_queue_is_full(sk) && !isn) { 1152 if (net_ratelimit()) 1153 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n"); 1154 goto drop; 1155 } 1156 1157 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) 1158 goto drop; 1159 1160 req = reqsk_alloc(&tcp6_request_sock_ops); 1161 if (req == NULL) 1162 goto drop; 1163 1164 tcp_clear_options(&tmp_opt); 1165 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 1166 tmp_opt.user_mss = tp->rx_opt.user_mss; 1167 1168 tcp_parse_options(skb, &tmp_opt, 0); 1169 1170 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp; 1171 tcp_openreq_init(req, &tmp_opt, skb); 1172 1173 treq = tcp6_rsk(req); 1174 ipv6_addr_copy(&treq->rmt_addr, &skb->nh.ipv6h->saddr); 1175 ipv6_addr_copy(&treq->loc_addr, &skb->nh.ipv6h->daddr); 1176 TCP_ECN_create_request(req, skb->h.th); 1177 treq->pktopts = NULL; 1178 if (ipv6_opt_accepted(sk, skb) || 1179 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo || 1180 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) { 1181 atomic_inc(&skb->users); 1182 treq->pktopts = skb; 1183 } 1184 treq->iif = sk->sk_bound_dev_if; 1185 1186 /* So that link locals have meaning */ 1187 if (!sk->sk_bound_dev_if && 1188 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL) 1189 treq->iif = inet6_iif(skb); 1190 1191 if (isn == 0) 1192 isn = tcp_v6_init_sequence(sk,skb); 1193 1194 tcp_rsk(req)->snt_isn = isn; 1195 1196 if (tcp_v6_send_synack(sk, req, NULL)) 1197 goto drop; 1198 1199 tcp_v6_synq_add(sk, req); 1200 1201 return 0; 1202 1203 drop: 1204 if (req) 1205 reqsk_free(req); 1206 1207 TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS); 1208 return 0; /* don't send reset */ 1209 } 1210 1211 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, 1212 struct request_sock *req, 1213 struct dst_entry *dst) 1214 { 1215 struct tcp6_request_sock *treq = tcp6_rsk(req); 1216 struct ipv6_pinfo *newnp, *np = inet6_sk(sk); 1217 struct tcp6_sock *newtcp6sk; 1218 struct inet_sock *newinet; 1219 struct tcp_sock *newtp; 1220 struct sock *newsk; 1221 struct ipv6_txoptions *opt; 1222 1223 if (skb->protocol == htons(ETH_P_IP)) { 1224 /* 1225 * v6 mapped 1226 */ 1227 1228 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst); 1229 1230 if (newsk == NULL) 1231 return NULL; 1232 1233 newtcp6sk = (struct tcp6_sock *)newsk; 1234 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1235 1236 newinet = inet_sk(newsk); 1237 newnp = inet6_sk(newsk); 1238 newtp = tcp_sk(newsk); 1239 1240 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1241 1242 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF), 1243 newinet->daddr); 1244 1245 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF), 1246 newinet->saddr); 1247 1248 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr); 1249 1250 newtp->af_specific = &ipv6_mapped; 1251 newsk->sk_backlog_rcv = tcp_v4_do_rcv; 1252 newnp->pktoptions = NULL; 1253 newnp->opt = NULL; 1254 newnp->mcast_oif = inet6_iif(skb); 1255 newnp->mcast_hops = skb->nh.ipv6h->hop_limit; 1256 1257 /* 1258 * No need to charge this sock to the relevant IPv6 refcnt debug socks count 1259 * here, tcp_create_openreq_child now does this for us, see the comment in 1260 * that function for the gory details. -acme 1261 */ 1262 1263 /* It is tricky place. Until this moment IPv4 tcp 1264 worked with IPv6 af_tcp.af_specific. 1265 Sync it now. 1266 */ 1267 tcp_sync_mss(newsk, newtp->pmtu_cookie); 1268 1269 return newsk; 1270 } 1271 1272 opt = np->opt; 1273 1274 if (sk_acceptq_is_full(sk)) 1275 goto out_overflow; 1276 1277 if (np->rxopt.bits.osrcrt == 2 && 1278 opt == NULL && treq->pktopts) { 1279 struct inet6_skb_parm *rxopt = IP6CB(treq->pktopts); 1280 if (rxopt->srcrt) 1281 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr *)(treq->pktopts->nh.raw + rxopt->srcrt)); 1282 } 1283 1284 if (dst == NULL) { 1285 struct in6_addr *final_p = NULL, final; 1286 struct flowi fl; 1287 1288 memset(&fl, 0, sizeof(fl)); 1289 fl.proto = IPPROTO_TCP; 1290 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 1291 if (opt && opt->srcrt) { 1292 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 1293 ipv6_addr_copy(&final, &fl.fl6_dst); 1294 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 1295 final_p = &final; 1296 } 1297 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 1298 fl.oif = sk->sk_bound_dev_if; 1299 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 1300 fl.fl_ip_sport = inet_sk(sk)->sport; 1301 1302 if (ip6_dst_lookup(sk, &dst, &fl)) 1303 goto out; 1304 1305 if (final_p) 1306 ipv6_addr_copy(&fl.fl6_dst, final_p); 1307 1308 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0) 1309 goto out; 1310 } 1311 1312 newsk = tcp_create_openreq_child(sk, req, skb); 1313 if (newsk == NULL) 1314 goto out; 1315 1316 /* 1317 * No need to charge this sock to the relevant IPv6 refcnt debug socks 1318 * count here, tcp_create_openreq_child now does this for us, see the 1319 * comment in that function for the gory details. -acme 1320 */ 1321 1322 ip6_dst_store(newsk, dst, NULL); 1323 newsk->sk_route_caps = dst->dev->features & 1324 ~(NETIF_F_IP_CSUM | NETIF_F_TSO); 1325 1326 newtcp6sk = (struct tcp6_sock *)newsk; 1327 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1328 1329 newtp = tcp_sk(newsk); 1330 newinet = inet_sk(newsk); 1331 newnp = inet6_sk(newsk); 1332 1333 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1334 1335 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr); 1336 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr); 1337 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr); 1338 newsk->sk_bound_dev_if = treq->iif; 1339 1340 /* Now IPv6 options... 1341 1342 First: no IPv4 options. 1343 */ 1344 newinet->opt = NULL; 1345 1346 /* Clone RX bits */ 1347 newnp->rxopt.all = np->rxopt.all; 1348 1349 /* Clone pktoptions received with SYN */ 1350 newnp->pktoptions = NULL; 1351 if (treq->pktopts != NULL) { 1352 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC); 1353 kfree_skb(treq->pktopts); 1354 treq->pktopts = NULL; 1355 if (newnp->pktoptions) 1356 skb_set_owner_r(newnp->pktoptions, newsk); 1357 } 1358 newnp->opt = NULL; 1359 newnp->mcast_oif = inet6_iif(skb); 1360 newnp->mcast_hops = skb->nh.ipv6h->hop_limit; 1361 1362 /* Clone native IPv6 options from listening socket (if any) 1363 1364 Yes, keeping reference count would be much more clever, 1365 but we make one more one thing there: reattach optmem 1366 to newsk. 1367 */ 1368 if (opt) { 1369 newnp->opt = ipv6_dup_options(newsk, opt); 1370 if (opt != np->opt) 1371 sock_kfree_s(sk, opt, opt->tot_len); 1372 } 1373 1374 newtp->ext_header_len = 0; 1375 if (newnp->opt) 1376 newtp->ext_header_len = newnp->opt->opt_nflen + 1377 newnp->opt->opt_flen; 1378 1379 tcp_sync_mss(newsk, dst_mtu(dst)); 1380 newtp->advmss = dst_metric(dst, RTAX_ADVMSS); 1381 tcp_initialize_rcv_mss(newsk); 1382 1383 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6; 1384 1385 __tcp_v6_hash(newsk); 1386 inet_inherit_port(&tcp_hashinfo, sk, newsk); 1387 1388 return newsk; 1389 1390 out_overflow: 1391 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS); 1392 out: 1393 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS); 1394 if (opt && opt != np->opt) 1395 sock_kfree_s(sk, opt, opt->tot_len); 1396 dst_release(dst); 1397 return NULL; 1398 } 1399 1400 static int tcp_v6_checksum_init(struct sk_buff *skb) 1401 { 1402 if (skb->ip_summed == CHECKSUM_HW) { 1403 if (!tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr, 1404 &skb->nh.ipv6h->daddr,skb->csum)) { 1405 skb->ip_summed = CHECKSUM_UNNECESSARY; 1406 return 0; 1407 } 1408 } 1409 1410 skb->csum = ~tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr, 1411 &skb->nh.ipv6h->daddr, 0); 1412 1413 if (skb->len <= 76) { 1414 return __skb_checksum_complete(skb); 1415 } 1416 return 0; 1417 } 1418 1419 /* The socket must have it's spinlock held when we get 1420 * here. 1421 * 1422 * We have a potential double-lock case here, so even when 1423 * doing backlog processing we use the BH locking scheme. 1424 * This is because we cannot sleep with the original spinlock 1425 * held. 1426 */ 1427 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) 1428 { 1429 struct ipv6_pinfo *np = inet6_sk(sk); 1430 struct tcp_sock *tp; 1431 struct sk_buff *opt_skb = NULL; 1432 1433 /* Imagine: socket is IPv6. IPv4 packet arrives, 1434 goes to IPv4 receive handler and backlogged. 1435 From backlog it always goes here. Kerboom... 1436 Fortunately, tcp_rcv_established and rcv_established 1437 handle them correctly, but it is not case with 1438 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK 1439 */ 1440 1441 if (skb->protocol == htons(ETH_P_IP)) 1442 return tcp_v4_do_rcv(sk, skb); 1443 1444 if (sk_filter(sk, skb, 0)) 1445 goto discard; 1446 1447 /* 1448 * socket locking is here for SMP purposes as backlog rcv 1449 * is currently called with bh processing disabled. 1450 */ 1451 1452 /* Do Stevens' IPV6_PKTOPTIONS. 1453 1454 Yes, guys, it is the only place in our code, where we 1455 may make it not affecting IPv4. 1456 The rest of code is protocol independent, 1457 and I do not like idea to uglify IPv4. 1458 1459 Actually, all the idea behind IPV6_PKTOPTIONS 1460 looks not very well thought. For now we latch 1461 options, received in the last packet, enqueued 1462 by tcp. Feel free to propose better solution. 1463 --ANK (980728) 1464 */ 1465 if (np->rxopt.all) 1466 opt_skb = skb_clone(skb, GFP_ATOMIC); 1467 1468 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */ 1469 TCP_CHECK_TIMER(sk); 1470 if (tcp_rcv_established(sk, skb, skb->h.th, skb->len)) 1471 goto reset; 1472 TCP_CHECK_TIMER(sk); 1473 if (opt_skb) 1474 goto ipv6_pktoptions; 1475 return 0; 1476 } 1477 1478 if (skb->len < (skb->h.th->doff<<2) || tcp_checksum_complete(skb)) 1479 goto csum_err; 1480 1481 if (sk->sk_state == TCP_LISTEN) { 1482 struct sock *nsk = tcp_v6_hnd_req(sk, skb); 1483 if (!nsk) 1484 goto discard; 1485 1486 /* 1487 * Queue it on the new socket if the new socket is active, 1488 * otherwise we just shortcircuit this and continue with 1489 * the new socket.. 1490 */ 1491 if(nsk != sk) { 1492 if (tcp_child_process(sk, nsk, skb)) 1493 goto reset; 1494 if (opt_skb) 1495 __kfree_skb(opt_skb); 1496 return 0; 1497 } 1498 } 1499 1500 TCP_CHECK_TIMER(sk); 1501 if (tcp_rcv_state_process(sk, skb, skb->h.th, skb->len)) 1502 goto reset; 1503 TCP_CHECK_TIMER(sk); 1504 if (opt_skb) 1505 goto ipv6_pktoptions; 1506 return 0; 1507 1508 reset: 1509 tcp_v6_send_reset(skb); 1510 discard: 1511 if (opt_skb) 1512 __kfree_skb(opt_skb); 1513 kfree_skb(skb); 1514 return 0; 1515 csum_err: 1516 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1517 goto discard; 1518 1519 1520 ipv6_pktoptions: 1521 /* Do you ask, what is it? 1522 1523 1. skb was enqueued by tcp. 1524 2. skb is added to tail of read queue, rather than out of order. 1525 3. socket is not in passive state. 1526 4. Finally, it really contains options, which user wants to receive. 1527 */ 1528 tp = tcp_sk(sk); 1529 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt && 1530 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) { 1531 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo) 1532 np->mcast_oif = inet6_iif(opt_skb); 1533 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) 1534 np->mcast_hops = opt_skb->nh.ipv6h->hop_limit; 1535 if (ipv6_opt_accepted(sk, opt_skb)) { 1536 skb_set_owner_r(opt_skb, sk); 1537 opt_skb = xchg(&np->pktoptions, opt_skb); 1538 } else { 1539 __kfree_skb(opt_skb); 1540 opt_skb = xchg(&np->pktoptions, NULL); 1541 } 1542 } 1543 1544 if (opt_skb) 1545 kfree_skb(opt_skb); 1546 return 0; 1547 } 1548 1549 static int tcp_v6_rcv(struct sk_buff **pskb, unsigned int *nhoffp) 1550 { 1551 struct sk_buff *skb = *pskb; 1552 struct tcphdr *th; 1553 struct sock *sk; 1554 int ret; 1555 1556 if (skb->pkt_type != PACKET_HOST) 1557 goto discard_it; 1558 1559 /* 1560 * Count it even if it's bad. 1561 */ 1562 TCP_INC_STATS_BH(TCP_MIB_INSEGS); 1563 1564 if (!pskb_may_pull(skb, sizeof(struct tcphdr))) 1565 goto discard_it; 1566 1567 th = skb->h.th; 1568 1569 if (th->doff < sizeof(struct tcphdr)/4) 1570 goto bad_packet; 1571 if (!pskb_may_pull(skb, th->doff*4)) 1572 goto discard_it; 1573 1574 if ((skb->ip_summed != CHECKSUM_UNNECESSARY && 1575 tcp_v6_checksum_init(skb))) 1576 goto bad_packet; 1577 1578 th = skb->h.th; 1579 TCP_SKB_CB(skb)->seq = ntohl(th->seq); 1580 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin + 1581 skb->len - th->doff*4); 1582 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq); 1583 TCP_SKB_CB(skb)->when = 0; 1584 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(skb->nh.ipv6h); 1585 TCP_SKB_CB(skb)->sacked = 0; 1586 1587 sk = __inet6_lookup(&tcp_hashinfo, &skb->nh.ipv6h->saddr, th->source, 1588 &skb->nh.ipv6h->daddr, ntohs(th->dest), 1589 inet6_iif(skb)); 1590 1591 if (!sk) 1592 goto no_tcp_socket; 1593 1594 process: 1595 if (sk->sk_state == TCP_TIME_WAIT) 1596 goto do_time_wait; 1597 1598 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) 1599 goto discard_and_relse; 1600 1601 if (sk_filter(sk, skb, 0)) 1602 goto discard_and_relse; 1603 1604 skb->dev = NULL; 1605 1606 bh_lock_sock(sk); 1607 ret = 0; 1608 if (!sock_owned_by_user(sk)) { 1609 if (!tcp_prequeue(sk, skb)) 1610 ret = tcp_v6_do_rcv(sk, skb); 1611 } else 1612 sk_add_backlog(sk, skb); 1613 bh_unlock_sock(sk); 1614 1615 sock_put(sk); 1616 return ret ? -1 : 0; 1617 1618 no_tcp_socket: 1619 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) 1620 goto discard_it; 1621 1622 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1623 bad_packet: 1624 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1625 } else { 1626 tcp_v6_send_reset(skb); 1627 } 1628 1629 discard_it: 1630 1631 /* 1632 * Discard frame 1633 */ 1634 1635 kfree_skb(skb); 1636 return 0; 1637 1638 discard_and_relse: 1639 sock_put(sk); 1640 goto discard_it; 1641 1642 do_time_wait: 1643 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1644 inet_twsk_put((struct inet_timewait_sock *)sk); 1645 goto discard_it; 1646 } 1647 1648 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1649 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1650 inet_twsk_put((struct inet_timewait_sock *)sk); 1651 goto discard_it; 1652 } 1653 1654 switch (tcp_timewait_state_process((struct inet_timewait_sock *)sk, 1655 skb, th)) { 1656 case TCP_TW_SYN: 1657 { 1658 struct sock *sk2; 1659 1660 sk2 = inet6_lookup_listener(&tcp_hashinfo, 1661 &skb->nh.ipv6h->daddr, 1662 ntohs(th->dest), inet6_iif(skb)); 1663 if (sk2 != NULL) { 1664 struct inet_timewait_sock *tw = inet_twsk(sk); 1665 inet_twsk_deschedule(tw, &tcp_death_row); 1666 inet_twsk_put(tw); 1667 sk = sk2; 1668 goto process; 1669 } 1670 /* Fall through to ACK */ 1671 } 1672 case TCP_TW_ACK: 1673 tcp_v6_timewait_ack(sk, skb); 1674 break; 1675 case TCP_TW_RST: 1676 goto no_tcp_socket; 1677 case TCP_TW_SUCCESS:; 1678 } 1679 goto discard_it; 1680 } 1681 1682 static int tcp_v6_rebuild_header(struct sock *sk) 1683 { 1684 int err; 1685 struct dst_entry *dst; 1686 struct ipv6_pinfo *np = inet6_sk(sk); 1687 1688 dst = __sk_dst_check(sk, np->dst_cookie); 1689 1690 if (dst == NULL) { 1691 struct inet_sock *inet = inet_sk(sk); 1692 struct in6_addr *final_p = NULL, final; 1693 struct flowi fl; 1694 1695 memset(&fl, 0, sizeof(fl)); 1696 fl.proto = IPPROTO_TCP; 1697 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 1698 ipv6_addr_copy(&fl.fl6_src, &np->saddr); 1699 fl.fl6_flowlabel = np->flow_label; 1700 fl.oif = sk->sk_bound_dev_if; 1701 fl.fl_ip_dport = inet->dport; 1702 fl.fl_ip_sport = inet->sport; 1703 1704 if (np->opt && np->opt->srcrt) { 1705 struct rt0_hdr *rt0 = (struct rt0_hdr *) np->opt->srcrt; 1706 ipv6_addr_copy(&final, &fl.fl6_dst); 1707 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 1708 final_p = &final; 1709 } 1710 1711 err = ip6_dst_lookup(sk, &dst, &fl); 1712 if (err) { 1713 sk->sk_route_caps = 0; 1714 return err; 1715 } 1716 if (final_p) 1717 ipv6_addr_copy(&fl.fl6_dst, final_p); 1718 1719 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { 1720 sk->sk_err_soft = -err; 1721 return err; 1722 } 1723 1724 ip6_dst_store(sk, dst, NULL); 1725 sk->sk_route_caps = dst->dev->features & 1726 ~(NETIF_F_IP_CSUM | NETIF_F_TSO); 1727 } 1728 1729 return 0; 1730 } 1731 1732 static int tcp_v6_xmit(struct sk_buff *skb, int ipfragok) 1733 { 1734 struct sock *sk = skb->sk; 1735 struct inet_sock *inet = inet_sk(sk); 1736 struct ipv6_pinfo *np = inet6_sk(sk); 1737 struct flowi fl; 1738 struct dst_entry *dst; 1739 struct in6_addr *final_p = NULL, final; 1740 1741 memset(&fl, 0, sizeof(fl)); 1742 fl.proto = IPPROTO_TCP; 1743 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 1744 ipv6_addr_copy(&fl.fl6_src, &np->saddr); 1745 fl.fl6_flowlabel = np->flow_label; 1746 IP6_ECN_flow_xmit(sk, fl.fl6_flowlabel); 1747 fl.oif = sk->sk_bound_dev_if; 1748 fl.fl_ip_sport = inet->sport; 1749 fl.fl_ip_dport = inet->dport; 1750 1751 if (np->opt && np->opt->srcrt) { 1752 struct rt0_hdr *rt0 = (struct rt0_hdr *) np->opt->srcrt; 1753 ipv6_addr_copy(&final, &fl.fl6_dst); 1754 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 1755 final_p = &final; 1756 } 1757 1758 dst = __sk_dst_check(sk, np->dst_cookie); 1759 1760 if (dst == NULL) { 1761 int err = ip6_dst_lookup(sk, &dst, &fl); 1762 1763 if (err) { 1764 sk->sk_err_soft = -err; 1765 return err; 1766 } 1767 1768 if (final_p) 1769 ipv6_addr_copy(&fl.fl6_dst, final_p); 1770 1771 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { 1772 sk->sk_route_caps = 0; 1773 return err; 1774 } 1775 1776 ip6_dst_store(sk, dst, NULL); 1777 sk->sk_route_caps = dst->dev->features & 1778 ~(NETIF_F_IP_CSUM | NETIF_F_TSO); 1779 } 1780 1781 skb->dst = dst_clone(dst); 1782 1783 /* Restore final destination back after routing done */ 1784 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 1785 1786 return ip6_xmit(sk, skb, &fl, np->opt, 0); 1787 } 1788 1789 static void v6_addr2sockaddr(struct sock *sk, struct sockaddr * uaddr) 1790 { 1791 struct ipv6_pinfo *np = inet6_sk(sk); 1792 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *) uaddr; 1793 1794 sin6->sin6_family = AF_INET6; 1795 ipv6_addr_copy(&sin6->sin6_addr, &np->daddr); 1796 sin6->sin6_port = inet_sk(sk)->dport; 1797 /* We do not store received flowlabel for TCP */ 1798 sin6->sin6_flowinfo = 0; 1799 sin6->sin6_scope_id = 0; 1800 if (sk->sk_bound_dev_if && 1801 ipv6_addr_type(&sin6->sin6_addr) & IPV6_ADDR_LINKLOCAL) 1802 sin6->sin6_scope_id = sk->sk_bound_dev_if; 1803 } 1804 1805 static int tcp_v6_remember_stamp(struct sock *sk) 1806 { 1807 /* Alas, not yet... */ 1808 return 0; 1809 } 1810 1811 static struct tcp_func ipv6_specific = { 1812 .queue_xmit = tcp_v6_xmit, 1813 .send_check = tcp_v6_send_check, 1814 .rebuild_header = tcp_v6_rebuild_header, 1815 .conn_request = tcp_v6_conn_request, 1816 .syn_recv_sock = tcp_v6_syn_recv_sock, 1817 .remember_stamp = tcp_v6_remember_stamp, 1818 .net_header_len = sizeof(struct ipv6hdr), 1819 1820 .setsockopt = ipv6_setsockopt, 1821 .getsockopt = ipv6_getsockopt, 1822 .addr2sockaddr = v6_addr2sockaddr, 1823 .sockaddr_len = sizeof(struct sockaddr_in6) 1824 }; 1825 1826 /* 1827 * TCP over IPv4 via INET6 API 1828 */ 1829 1830 static struct tcp_func ipv6_mapped = { 1831 .queue_xmit = ip_queue_xmit, 1832 .send_check = tcp_v4_send_check, 1833 .rebuild_header = inet_sk_rebuild_header, 1834 .conn_request = tcp_v6_conn_request, 1835 .syn_recv_sock = tcp_v6_syn_recv_sock, 1836 .remember_stamp = tcp_v4_remember_stamp, 1837 .net_header_len = sizeof(struct iphdr), 1838 1839 .setsockopt = ipv6_setsockopt, 1840 .getsockopt = ipv6_getsockopt, 1841 .addr2sockaddr = v6_addr2sockaddr, 1842 .sockaddr_len = sizeof(struct sockaddr_in6) 1843 }; 1844 1845 1846 1847 /* NOTE: A lot of things set to zero explicitly by call to 1848 * sk_alloc() so need not be done here. 1849 */ 1850 static int tcp_v6_init_sock(struct sock *sk) 1851 { 1852 struct inet_connection_sock *icsk = inet_csk(sk); 1853 struct tcp_sock *tp = tcp_sk(sk); 1854 1855 skb_queue_head_init(&tp->out_of_order_queue); 1856 tcp_init_xmit_timers(sk); 1857 tcp_prequeue_init(tp); 1858 1859 icsk->icsk_rto = TCP_TIMEOUT_INIT; 1860 tp->mdev = TCP_TIMEOUT_INIT; 1861 1862 /* So many TCP implementations out there (incorrectly) count the 1863 * initial SYN frame in their delayed-ACK and congestion control 1864 * algorithms that we must have the following bandaid to talk 1865 * efficiently to them. -DaveM 1866 */ 1867 tp->snd_cwnd = 2; 1868 1869 /* See draft-stevens-tcpca-spec-01 for discussion of the 1870 * initialization of these values. 1871 */ 1872 tp->snd_ssthresh = 0x7fffffff; 1873 tp->snd_cwnd_clamp = ~0; 1874 tp->mss_cache = 536; 1875 1876 tp->reordering = sysctl_tcp_reordering; 1877 1878 sk->sk_state = TCP_CLOSE; 1879 1880 tp->af_specific = &ipv6_specific; 1881 icsk->icsk_ca_ops = &tcp_init_congestion_ops; 1882 sk->sk_write_space = sk_stream_write_space; 1883 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE); 1884 1885 sk->sk_sndbuf = sysctl_tcp_wmem[1]; 1886 sk->sk_rcvbuf = sysctl_tcp_rmem[1]; 1887 1888 atomic_inc(&tcp_sockets_allocated); 1889 1890 return 0; 1891 } 1892 1893 static int tcp_v6_destroy_sock(struct sock *sk) 1894 { 1895 tcp_v4_destroy_sock(sk); 1896 return inet6_destroy_sock(sk); 1897 } 1898 1899 /* Proc filesystem TCPv6 sock list dumping. */ 1900 static void get_openreq6(struct seq_file *seq, 1901 struct sock *sk, struct request_sock *req, int i, int uid) 1902 { 1903 struct in6_addr *dest, *src; 1904 int ttd = req->expires - jiffies; 1905 1906 if (ttd < 0) 1907 ttd = 0; 1908 1909 src = &tcp6_rsk(req)->loc_addr; 1910 dest = &tcp6_rsk(req)->rmt_addr; 1911 seq_printf(seq, 1912 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1913 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 1914 i, 1915 src->s6_addr32[0], src->s6_addr32[1], 1916 src->s6_addr32[2], src->s6_addr32[3], 1917 ntohs(inet_sk(sk)->sport), 1918 dest->s6_addr32[0], dest->s6_addr32[1], 1919 dest->s6_addr32[2], dest->s6_addr32[3], 1920 ntohs(inet_rsk(req)->rmt_port), 1921 TCP_SYN_RECV, 1922 0,0, /* could print option size, but that is af dependent. */ 1923 1, /* timers active (only the expire timer) */ 1924 jiffies_to_clock_t(ttd), 1925 req->retrans, 1926 uid, 1927 0, /* non standard timer */ 1928 0, /* open_requests have no inode */ 1929 0, req); 1930 } 1931 1932 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) 1933 { 1934 struct in6_addr *dest, *src; 1935 __u16 destp, srcp; 1936 int timer_active; 1937 unsigned long timer_expires; 1938 struct inet_sock *inet = inet_sk(sp); 1939 struct tcp_sock *tp = tcp_sk(sp); 1940 const struct inet_connection_sock *icsk = inet_csk(sp); 1941 struct ipv6_pinfo *np = inet6_sk(sp); 1942 1943 dest = &np->daddr; 1944 src = &np->rcv_saddr; 1945 destp = ntohs(inet->dport); 1946 srcp = ntohs(inet->sport); 1947 1948 if (icsk->icsk_pending == ICSK_TIME_RETRANS) { 1949 timer_active = 1; 1950 timer_expires = icsk->icsk_timeout; 1951 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) { 1952 timer_active = 4; 1953 timer_expires = icsk->icsk_timeout; 1954 } else if (timer_pending(&sp->sk_timer)) { 1955 timer_active = 2; 1956 timer_expires = sp->sk_timer.expires; 1957 } else { 1958 timer_active = 0; 1959 timer_expires = jiffies; 1960 } 1961 1962 seq_printf(seq, 1963 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1964 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d\n", 1965 i, 1966 src->s6_addr32[0], src->s6_addr32[1], 1967 src->s6_addr32[2], src->s6_addr32[3], srcp, 1968 dest->s6_addr32[0], dest->s6_addr32[1], 1969 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1970 sp->sk_state, 1971 tp->write_seq-tp->snd_una, tp->rcv_nxt-tp->copied_seq, 1972 timer_active, 1973 jiffies_to_clock_t(timer_expires - jiffies), 1974 icsk->icsk_retransmits, 1975 sock_i_uid(sp), 1976 icsk->icsk_probes_out, 1977 sock_i_ino(sp), 1978 atomic_read(&sp->sk_refcnt), sp, 1979 icsk->icsk_rto, 1980 icsk->icsk_ack.ato, 1981 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong, 1982 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh 1983 ); 1984 } 1985 1986 static void get_timewait6_sock(struct seq_file *seq, 1987 struct inet_timewait_sock *tw, int i) 1988 { 1989 struct in6_addr *dest, *src; 1990 __u16 destp, srcp; 1991 struct tcp6_timewait_sock *tcp6tw = tcp6_twsk((struct sock *)tw); 1992 int ttd = tw->tw_ttd - jiffies; 1993 1994 if (ttd < 0) 1995 ttd = 0; 1996 1997 dest = &tcp6tw->tw_v6_daddr; 1998 src = &tcp6tw->tw_v6_rcv_saddr; 1999 destp = ntohs(tw->tw_dport); 2000 srcp = ntohs(tw->tw_sport); 2001 2002 seq_printf(seq, 2003 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 2004 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 2005 i, 2006 src->s6_addr32[0], src->s6_addr32[1], 2007 src->s6_addr32[2], src->s6_addr32[3], srcp, 2008 dest->s6_addr32[0], dest->s6_addr32[1], 2009 dest->s6_addr32[2], dest->s6_addr32[3], destp, 2010 tw->tw_substate, 0, 0, 2011 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, 2012 atomic_read(&tw->tw_refcnt), tw); 2013 } 2014 2015 #ifdef CONFIG_PROC_FS 2016 static int tcp6_seq_show(struct seq_file *seq, void *v) 2017 { 2018 struct tcp_iter_state *st; 2019 2020 if (v == SEQ_START_TOKEN) { 2021 seq_puts(seq, 2022 " sl " 2023 "local_address " 2024 "remote_address " 2025 "st tx_queue rx_queue tr tm->when retrnsmt" 2026 " uid timeout inode\n"); 2027 goto out; 2028 } 2029 st = seq->private; 2030 2031 switch (st->state) { 2032 case TCP_SEQ_STATE_LISTENING: 2033 case TCP_SEQ_STATE_ESTABLISHED: 2034 get_tcp6_sock(seq, v, st->num); 2035 break; 2036 case TCP_SEQ_STATE_OPENREQ: 2037 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid); 2038 break; 2039 case TCP_SEQ_STATE_TIME_WAIT: 2040 get_timewait6_sock(seq, v, st->num); 2041 break; 2042 } 2043 out: 2044 return 0; 2045 } 2046 2047 static struct file_operations tcp6_seq_fops; 2048 static struct tcp_seq_afinfo tcp6_seq_afinfo = { 2049 .owner = THIS_MODULE, 2050 .name = "tcp6", 2051 .family = AF_INET6, 2052 .seq_show = tcp6_seq_show, 2053 .seq_fops = &tcp6_seq_fops, 2054 }; 2055 2056 int __init tcp6_proc_init(void) 2057 { 2058 return tcp_proc_register(&tcp6_seq_afinfo); 2059 } 2060 2061 void tcp6_proc_exit(void) 2062 { 2063 tcp_proc_unregister(&tcp6_seq_afinfo); 2064 } 2065 #endif 2066 2067 struct proto tcpv6_prot = { 2068 .name = "TCPv6", 2069 .owner = THIS_MODULE, 2070 .close = tcp_close, 2071 .connect = tcp_v6_connect, 2072 .disconnect = tcp_disconnect, 2073 .accept = inet_csk_accept, 2074 .ioctl = tcp_ioctl, 2075 .init = tcp_v6_init_sock, 2076 .destroy = tcp_v6_destroy_sock, 2077 .shutdown = tcp_shutdown, 2078 .setsockopt = tcp_setsockopt, 2079 .getsockopt = tcp_getsockopt, 2080 .sendmsg = tcp_sendmsg, 2081 .recvmsg = tcp_recvmsg, 2082 .backlog_rcv = tcp_v6_do_rcv, 2083 .hash = tcp_v6_hash, 2084 .unhash = tcp_unhash, 2085 .get_port = tcp_v6_get_port, 2086 .enter_memory_pressure = tcp_enter_memory_pressure, 2087 .sockets_allocated = &tcp_sockets_allocated, 2088 .memory_allocated = &tcp_memory_allocated, 2089 .memory_pressure = &tcp_memory_pressure, 2090 .orphan_count = &tcp_orphan_count, 2091 .sysctl_mem = sysctl_tcp_mem, 2092 .sysctl_wmem = sysctl_tcp_wmem, 2093 .sysctl_rmem = sysctl_tcp_rmem, 2094 .max_header = MAX_TCP_HEADER, 2095 .obj_size = sizeof(struct tcp6_sock), 2096 .twsk_obj_size = sizeof(struct tcp6_timewait_sock), 2097 .rsk_prot = &tcp6_request_sock_ops, 2098 }; 2099 2100 static struct inet6_protocol tcpv6_protocol = { 2101 .handler = tcp_v6_rcv, 2102 .err_handler = tcp_v6_err, 2103 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 2104 }; 2105 2106 static struct inet_protosw tcpv6_protosw = { 2107 .type = SOCK_STREAM, 2108 .protocol = IPPROTO_TCP, 2109 .prot = &tcpv6_prot, 2110 .ops = &inet6_stream_ops, 2111 .capability = -1, 2112 .no_check = 0, 2113 .flags = INET_PROTOSW_PERMANENT, 2114 }; 2115 2116 void __init tcpv6_init(void) 2117 { 2118 /* register inet6 protocol */ 2119 if (inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP) < 0) 2120 printk(KERN_ERR "tcpv6_init: Could not register protocol\n"); 2121 inet6_register_protosw(&tcpv6_protosw); 2122 } 2123