1 /* 2 * TCP over IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * $Id: tcp_ipv6.c,v 1.144 2002/02/01 22:01:04 davem Exp $ 9 * 10 * Based on: 11 * linux/net/ipv4/tcp.c 12 * linux/net/ipv4/tcp_input.c 13 * linux/net/ipv4/tcp_output.c 14 * 15 * Fixes: 16 * Hideaki YOSHIFUJI : sin6_scope_id support 17 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which 18 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind 19 * a single port at the same time. 20 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file. 21 * 22 * This program is free software; you can redistribute it and/or 23 * modify it under the terms of the GNU General Public License 24 * as published by the Free Software Foundation; either version 25 * 2 of the License, or (at your option) any later version. 26 */ 27 28 #include <linux/module.h> 29 #include <linux/config.h> 30 #include <linux/errno.h> 31 #include <linux/types.h> 32 #include <linux/socket.h> 33 #include <linux/sockios.h> 34 #include <linux/net.h> 35 #include <linux/jiffies.h> 36 #include <linux/in.h> 37 #include <linux/in6.h> 38 #include <linux/netdevice.h> 39 #include <linux/init.h> 40 #include <linux/jhash.h> 41 #include <linux/ipsec.h> 42 #include <linux/times.h> 43 44 #include <linux/ipv6.h> 45 #include <linux/icmpv6.h> 46 #include <linux/random.h> 47 48 #include <net/tcp.h> 49 #include <net/ndisc.h> 50 #include <net/inet6_hashtables.h> 51 #include <net/inet6_connection_sock.h> 52 #include <net/ipv6.h> 53 #include <net/transp_v6.h> 54 #include <net/addrconf.h> 55 #include <net/ip6_route.h> 56 #include <net/ip6_checksum.h> 57 #include <net/inet_ecn.h> 58 #include <net/protocol.h> 59 #include <net/xfrm.h> 60 #include <net/addrconf.h> 61 #include <net/snmp.h> 62 #include <net/dsfield.h> 63 #include <net/timewait_sock.h> 64 65 #include <asm/uaccess.h> 66 67 #include <linux/proc_fs.h> 68 #include <linux/seq_file.h> 69 70 /* Socket used for sending RSTs and ACKs */ 71 static struct socket *tcp6_socket; 72 73 static void tcp_v6_send_reset(struct sk_buff *skb); 74 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req); 75 static void tcp_v6_send_check(struct sock *sk, int len, 76 struct sk_buff *skb); 77 78 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb); 79 80 static struct inet_connection_sock_af_ops ipv6_mapped; 81 static struct inet_connection_sock_af_ops ipv6_specific; 82 83 static int tcp_v6_get_port(struct sock *sk, unsigned short snum) 84 { 85 return inet_csk_get_port(&tcp_hashinfo, sk, snum, 86 inet6_csk_bind_conflict); 87 } 88 89 static void tcp_v6_hash(struct sock *sk) 90 { 91 if (sk->sk_state != TCP_CLOSE) { 92 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) { 93 tcp_prot.hash(sk); 94 return; 95 } 96 local_bh_disable(); 97 __inet6_hash(&tcp_hashinfo, sk); 98 local_bh_enable(); 99 } 100 } 101 102 static __inline__ u16 tcp_v6_check(struct tcphdr *th, int len, 103 struct in6_addr *saddr, 104 struct in6_addr *daddr, 105 unsigned long base) 106 { 107 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base); 108 } 109 110 static __u32 tcp_v6_init_sequence(struct sock *sk, struct sk_buff *skb) 111 { 112 if (skb->protocol == htons(ETH_P_IPV6)) { 113 return secure_tcpv6_sequence_number(skb->nh.ipv6h->daddr.s6_addr32, 114 skb->nh.ipv6h->saddr.s6_addr32, 115 skb->h.th->dest, 116 skb->h.th->source); 117 } else { 118 return secure_tcp_sequence_number(skb->nh.iph->daddr, 119 skb->nh.iph->saddr, 120 skb->h.th->dest, 121 skb->h.th->source); 122 } 123 } 124 125 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, 126 int addr_len) 127 { 128 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; 129 struct inet_sock *inet = inet_sk(sk); 130 struct inet_connection_sock *icsk = inet_csk(sk); 131 struct ipv6_pinfo *np = inet6_sk(sk); 132 struct tcp_sock *tp = tcp_sk(sk); 133 struct in6_addr *saddr = NULL, *final_p = NULL, final; 134 struct flowi fl; 135 struct dst_entry *dst; 136 int addr_type; 137 int err; 138 139 if (addr_len < SIN6_LEN_RFC2133) 140 return -EINVAL; 141 142 if (usin->sin6_family != AF_INET6) 143 return(-EAFNOSUPPORT); 144 145 memset(&fl, 0, sizeof(fl)); 146 147 if (np->sndflow) { 148 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK; 149 IP6_ECN_flow_init(fl.fl6_flowlabel); 150 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) { 151 struct ip6_flowlabel *flowlabel; 152 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); 153 if (flowlabel == NULL) 154 return -EINVAL; 155 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst); 156 fl6_sock_release(flowlabel); 157 } 158 } 159 160 /* 161 * connect() to INADDR_ANY means loopback (BSD'ism). 162 */ 163 164 if(ipv6_addr_any(&usin->sin6_addr)) 165 usin->sin6_addr.s6_addr[15] = 0x1; 166 167 addr_type = ipv6_addr_type(&usin->sin6_addr); 168 169 if(addr_type & IPV6_ADDR_MULTICAST) 170 return -ENETUNREACH; 171 172 if (addr_type&IPV6_ADDR_LINKLOCAL) { 173 if (addr_len >= sizeof(struct sockaddr_in6) && 174 usin->sin6_scope_id) { 175 /* If interface is set while binding, indices 176 * must coincide. 177 */ 178 if (sk->sk_bound_dev_if && 179 sk->sk_bound_dev_if != usin->sin6_scope_id) 180 return -EINVAL; 181 182 sk->sk_bound_dev_if = usin->sin6_scope_id; 183 } 184 185 /* Connect to link-local address requires an interface */ 186 if (!sk->sk_bound_dev_if) 187 return -EINVAL; 188 } 189 190 if (tp->rx_opt.ts_recent_stamp && 191 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) { 192 tp->rx_opt.ts_recent = 0; 193 tp->rx_opt.ts_recent_stamp = 0; 194 tp->write_seq = 0; 195 } 196 197 ipv6_addr_copy(&np->daddr, &usin->sin6_addr); 198 np->flow_label = fl.fl6_flowlabel; 199 200 /* 201 * TCP over IPv4 202 */ 203 204 if (addr_type == IPV6_ADDR_MAPPED) { 205 u32 exthdrlen = icsk->icsk_ext_hdr_len; 206 struct sockaddr_in sin; 207 208 SOCK_DEBUG(sk, "connect: ipv4 mapped\n"); 209 210 if (__ipv6_only_sock(sk)) 211 return -ENETUNREACH; 212 213 sin.sin_family = AF_INET; 214 sin.sin_port = usin->sin6_port; 215 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3]; 216 217 icsk->icsk_af_ops = &ipv6_mapped; 218 sk->sk_backlog_rcv = tcp_v4_do_rcv; 219 220 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin)); 221 222 if (err) { 223 icsk->icsk_ext_hdr_len = exthdrlen; 224 icsk->icsk_af_ops = &ipv6_specific; 225 sk->sk_backlog_rcv = tcp_v6_do_rcv; 226 goto failure; 227 } else { 228 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF), 229 inet->saddr); 230 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF), 231 inet->rcv_saddr); 232 } 233 234 return err; 235 } 236 237 if (!ipv6_addr_any(&np->rcv_saddr)) 238 saddr = &np->rcv_saddr; 239 240 fl.proto = IPPROTO_TCP; 241 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 242 ipv6_addr_copy(&fl.fl6_src, 243 (saddr ? saddr : &np->saddr)); 244 fl.oif = sk->sk_bound_dev_if; 245 fl.fl_ip_dport = usin->sin6_port; 246 fl.fl_ip_sport = inet->sport; 247 248 if (np->opt && np->opt->srcrt) { 249 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt; 250 ipv6_addr_copy(&final, &fl.fl6_dst); 251 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 252 final_p = &final; 253 } 254 255 err = ip6_dst_lookup(sk, &dst, &fl); 256 if (err) 257 goto failure; 258 if (final_p) 259 ipv6_addr_copy(&fl.fl6_dst, final_p); 260 261 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 262 goto failure; 263 264 if (saddr == NULL) { 265 saddr = &fl.fl6_src; 266 ipv6_addr_copy(&np->rcv_saddr, saddr); 267 } 268 269 /* set the source address */ 270 ipv6_addr_copy(&np->saddr, saddr); 271 inet->rcv_saddr = LOOPBACK4_IPV6; 272 273 ip6_dst_store(sk, dst, NULL); 274 sk->sk_route_caps = dst->dev->features & 275 ~(NETIF_F_IP_CSUM | NETIF_F_TSO); 276 277 icsk->icsk_ext_hdr_len = 0; 278 if (np->opt) 279 icsk->icsk_ext_hdr_len = (np->opt->opt_flen + 280 np->opt->opt_nflen); 281 282 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 283 284 inet->dport = usin->sin6_port; 285 286 tcp_set_state(sk, TCP_SYN_SENT); 287 err = inet6_hash_connect(&tcp_death_row, sk); 288 if (err) 289 goto late_failure; 290 291 if (!tp->write_seq) 292 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32, 293 np->daddr.s6_addr32, 294 inet->sport, 295 inet->dport); 296 297 err = tcp_connect(sk); 298 if (err) 299 goto late_failure; 300 301 return 0; 302 303 late_failure: 304 tcp_set_state(sk, TCP_CLOSE); 305 __sk_dst_reset(sk); 306 failure: 307 inet->dport = 0; 308 sk->sk_route_caps = 0; 309 return err; 310 } 311 312 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 313 int type, int code, int offset, __u32 info) 314 { 315 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data; 316 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset); 317 struct ipv6_pinfo *np; 318 struct sock *sk; 319 int err; 320 struct tcp_sock *tp; 321 __u32 seq; 322 323 sk = inet6_lookup(&tcp_hashinfo, &hdr->daddr, th->dest, &hdr->saddr, 324 th->source, skb->dev->ifindex); 325 326 if (sk == NULL) { 327 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS); 328 return; 329 } 330 331 if (sk->sk_state == TCP_TIME_WAIT) { 332 inet_twsk_put((struct inet_timewait_sock *)sk); 333 return; 334 } 335 336 bh_lock_sock(sk); 337 if (sock_owned_by_user(sk)) 338 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS); 339 340 if (sk->sk_state == TCP_CLOSE) 341 goto out; 342 343 tp = tcp_sk(sk); 344 seq = ntohl(th->seq); 345 if (sk->sk_state != TCP_LISTEN && 346 !between(seq, tp->snd_una, tp->snd_nxt)) { 347 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS); 348 goto out; 349 } 350 351 np = inet6_sk(sk); 352 353 if (type == ICMPV6_PKT_TOOBIG) { 354 struct dst_entry *dst = NULL; 355 356 if (sock_owned_by_user(sk)) 357 goto out; 358 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) 359 goto out; 360 361 /* icmp should have updated the destination cache entry */ 362 dst = __sk_dst_check(sk, np->dst_cookie); 363 364 if (dst == NULL) { 365 struct inet_sock *inet = inet_sk(sk); 366 struct flowi fl; 367 368 /* BUGGG_FUTURE: Again, it is not clear how 369 to handle rthdr case. Ignore this complexity 370 for now. 371 */ 372 memset(&fl, 0, sizeof(fl)); 373 fl.proto = IPPROTO_TCP; 374 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 375 ipv6_addr_copy(&fl.fl6_src, &np->saddr); 376 fl.oif = sk->sk_bound_dev_if; 377 fl.fl_ip_dport = inet->dport; 378 fl.fl_ip_sport = inet->sport; 379 380 if ((err = ip6_dst_lookup(sk, &dst, &fl))) { 381 sk->sk_err_soft = -err; 382 goto out; 383 } 384 385 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { 386 sk->sk_err_soft = -err; 387 goto out; 388 } 389 390 } else 391 dst_hold(dst); 392 393 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) { 394 tcp_sync_mss(sk, dst_mtu(dst)); 395 tcp_simple_retransmit(sk); 396 } /* else let the usual retransmit timer handle it */ 397 dst_release(dst); 398 goto out; 399 } 400 401 icmpv6_err_convert(type, code, &err); 402 403 /* Might be for an request_sock */ 404 switch (sk->sk_state) { 405 struct request_sock *req, **prev; 406 case TCP_LISTEN: 407 if (sock_owned_by_user(sk)) 408 goto out; 409 410 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr, 411 &hdr->saddr, inet6_iif(skb)); 412 if (!req) 413 goto out; 414 415 /* ICMPs are not backlogged, hence we cannot get 416 * an established socket here. 417 */ 418 BUG_TRAP(req->sk == NULL); 419 420 if (seq != tcp_rsk(req)->snt_isn) { 421 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS); 422 goto out; 423 } 424 425 inet_csk_reqsk_queue_drop(sk, req, prev); 426 goto out; 427 428 case TCP_SYN_SENT: 429 case TCP_SYN_RECV: /* Cannot happen. 430 It can, it SYNs are crossed. --ANK */ 431 if (!sock_owned_by_user(sk)) { 432 TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS); 433 sk->sk_err = err; 434 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */ 435 436 tcp_done(sk); 437 } else 438 sk->sk_err_soft = err; 439 goto out; 440 } 441 442 if (!sock_owned_by_user(sk) && np->recverr) { 443 sk->sk_err = err; 444 sk->sk_error_report(sk); 445 } else 446 sk->sk_err_soft = err; 447 448 out: 449 bh_unlock_sock(sk); 450 sock_put(sk); 451 } 452 453 454 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req, 455 struct dst_entry *dst) 456 { 457 struct inet6_request_sock *treq = inet6_rsk(req); 458 struct ipv6_pinfo *np = inet6_sk(sk); 459 struct sk_buff * skb; 460 struct ipv6_txoptions *opt = NULL; 461 struct in6_addr * final_p = NULL, final; 462 struct flowi fl; 463 int err = -1; 464 465 memset(&fl, 0, sizeof(fl)); 466 fl.proto = IPPROTO_TCP; 467 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 468 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 469 fl.fl6_flowlabel = 0; 470 fl.oif = treq->iif; 471 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 472 fl.fl_ip_sport = inet_sk(sk)->sport; 473 474 if (dst == NULL) { 475 opt = np->opt; 476 if (opt == NULL && 477 np->rxopt.bits.osrcrt == 2 && 478 treq->pktopts) { 479 struct sk_buff *pktopts = treq->pktopts; 480 struct inet6_skb_parm *rxopt = IP6CB(pktopts); 481 if (rxopt->srcrt) 482 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr*)(pktopts->nh.raw + rxopt->srcrt)); 483 } 484 485 if (opt && opt->srcrt) { 486 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 487 ipv6_addr_copy(&final, &fl.fl6_dst); 488 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 489 final_p = &final; 490 } 491 492 err = ip6_dst_lookup(sk, &dst, &fl); 493 if (err) 494 goto done; 495 if (final_p) 496 ipv6_addr_copy(&fl.fl6_dst, final_p); 497 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 498 goto done; 499 } 500 501 skb = tcp_make_synack(sk, dst, req); 502 if (skb) { 503 struct tcphdr *th = skb->h.th; 504 505 th->check = tcp_v6_check(th, skb->len, 506 &treq->loc_addr, &treq->rmt_addr, 507 csum_partial((char *)th, skb->len, skb->csum)); 508 509 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 510 err = ip6_xmit(sk, skb, &fl, opt, 0); 511 if (err == NET_XMIT_CN) 512 err = 0; 513 } 514 515 done: 516 if (opt && opt != np->opt) 517 sock_kfree_s(sk, opt, opt->tot_len); 518 dst_release(dst); 519 return err; 520 } 521 522 static void tcp_v6_reqsk_destructor(struct request_sock *req) 523 { 524 if (inet6_rsk(req)->pktopts) 525 kfree_skb(inet6_rsk(req)->pktopts); 526 } 527 528 static struct request_sock_ops tcp6_request_sock_ops = { 529 .family = AF_INET6, 530 .obj_size = sizeof(struct tcp6_request_sock), 531 .rtx_syn_ack = tcp_v6_send_synack, 532 .send_ack = tcp_v6_reqsk_send_ack, 533 .destructor = tcp_v6_reqsk_destructor, 534 .send_reset = tcp_v6_send_reset 535 }; 536 537 static struct timewait_sock_ops tcp6_timewait_sock_ops = { 538 .twsk_obj_size = sizeof(struct tcp6_timewait_sock), 539 .twsk_unique = tcp_twsk_unique, 540 }; 541 542 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb) 543 { 544 struct ipv6_pinfo *np = inet6_sk(sk); 545 struct tcphdr *th = skb->h.th; 546 547 if (skb->ip_summed == CHECKSUM_HW) { 548 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0); 549 skb->csum = offsetof(struct tcphdr, check); 550 } else { 551 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 552 csum_partial((char *)th, th->doff<<2, 553 skb->csum)); 554 } 555 } 556 557 558 static void tcp_v6_send_reset(struct sk_buff *skb) 559 { 560 struct tcphdr *th = skb->h.th, *t1; 561 struct sk_buff *buff; 562 struct flowi fl; 563 564 if (th->rst) 565 return; 566 567 if (!ipv6_unicast_destination(skb)) 568 return; 569 570 /* 571 * We need to grab some memory, and put together an RST, 572 * and then put it into the queue to be sent. 573 */ 574 575 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr), 576 GFP_ATOMIC); 577 if (buff == NULL) 578 return; 579 580 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr)); 581 582 t1 = (struct tcphdr *) skb_push(buff,sizeof(struct tcphdr)); 583 584 /* Swap the send and the receive. */ 585 memset(t1, 0, sizeof(*t1)); 586 t1->dest = th->source; 587 t1->source = th->dest; 588 t1->doff = sizeof(*t1)/4; 589 t1->rst = 1; 590 591 if(th->ack) { 592 t1->seq = th->ack_seq; 593 } else { 594 t1->ack = 1; 595 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin 596 + skb->len - (th->doff<<2)); 597 } 598 599 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0); 600 601 memset(&fl, 0, sizeof(fl)); 602 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr); 603 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr); 604 605 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst, 606 sizeof(*t1), IPPROTO_TCP, 607 buff->csum); 608 609 fl.proto = IPPROTO_TCP; 610 fl.oif = inet6_iif(skb); 611 fl.fl_ip_dport = t1->dest; 612 fl.fl_ip_sport = t1->source; 613 614 /* sk = NULL, but it is safe for now. RST socket required. */ 615 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) { 616 617 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) { 618 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0); 619 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS); 620 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS); 621 return; 622 } 623 } 624 625 kfree_skb(buff); 626 } 627 628 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts) 629 { 630 struct tcphdr *th = skb->h.th, *t1; 631 struct sk_buff *buff; 632 struct flowi fl; 633 int tot_len = sizeof(struct tcphdr); 634 635 if (ts) 636 tot_len += 3*4; 637 638 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len, 639 GFP_ATOMIC); 640 if (buff == NULL) 641 return; 642 643 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len); 644 645 t1 = (struct tcphdr *) skb_push(buff,tot_len); 646 647 /* Swap the send and the receive. */ 648 memset(t1, 0, sizeof(*t1)); 649 t1->dest = th->source; 650 t1->source = th->dest; 651 t1->doff = tot_len/4; 652 t1->seq = htonl(seq); 653 t1->ack_seq = htonl(ack); 654 t1->ack = 1; 655 t1->window = htons(win); 656 657 if (ts) { 658 u32 *ptr = (u32*)(t1 + 1); 659 *ptr++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 660 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP); 661 *ptr++ = htonl(tcp_time_stamp); 662 *ptr = htonl(ts); 663 } 664 665 buff->csum = csum_partial((char *)t1, tot_len, 0); 666 667 memset(&fl, 0, sizeof(fl)); 668 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr); 669 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr); 670 671 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst, 672 tot_len, IPPROTO_TCP, 673 buff->csum); 674 675 fl.proto = IPPROTO_TCP; 676 fl.oif = inet6_iif(skb); 677 fl.fl_ip_dport = t1->dest; 678 fl.fl_ip_sport = t1->source; 679 680 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) { 681 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) { 682 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0); 683 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS); 684 return; 685 } 686 } 687 688 kfree_skb(buff); 689 } 690 691 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb) 692 { 693 struct inet_timewait_sock *tw = inet_twsk(sk); 694 const struct tcp_timewait_sock *tcptw = tcp_twsk(sk); 695 696 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt, 697 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale, 698 tcptw->tw_ts_recent); 699 700 inet_twsk_put(tw); 701 } 702 703 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req) 704 { 705 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent); 706 } 707 708 709 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb) 710 { 711 struct request_sock *req, **prev; 712 const struct tcphdr *th = skb->h.th; 713 struct sock *nsk; 714 715 /* Find possible connection requests. */ 716 req = inet6_csk_search_req(sk, &prev, th->source, 717 &skb->nh.ipv6h->saddr, 718 &skb->nh.ipv6h->daddr, inet6_iif(skb)); 719 if (req) 720 return tcp_check_req(sk, skb, req, prev); 721 722 nsk = __inet6_lookup_established(&tcp_hashinfo, &skb->nh.ipv6h->saddr, 723 th->source, &skb->nh.ipv6h->daddr, 724 ntohs(th->dest), inet6_iif(skb)); 725 726 if (nsk) { 727 if (nsk->sk_state != TCP_TIME_WAIT) { 728 bh_lock_sock(nsk); 729 return nsk; 730 } 731 inet_twsk_put((struct inet_timewait_sock *)nsk); 732 return NULL; 733 } 734 735 #if 0 /*def CONFIG_SYN_COOKIES*/ 736 if (!th->rst && !th->syn && th->ack) 737 sk = cookie_v6_check(sk, skb, &(IPCB(skb)->opt)); 738 #endif 739 return sk; 740 } 741 742 /* FIXME: this is substantially similar to the ipv4 code. 743 * Can some kind of merge be done? -- erics 744 */ 745 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) 746 { 747 struct inet6_request_sock *treq; 748 struct ipv6_pinfo *np = inet6_sk(sk); 749 struct tcp_options_received tmp_opt; 750 struct tcp_sock *tp = tcp_sk(sk); 751 struct request_sock *req = NULL; 752 __u32 isn = TCP_SKB_CB(skb)->when; 753 754 if (skb->protocol == htons(ETH_P_IP)) 755 return tcp_v4_conn_request(sk, skb); 756 757 if (!ipv6_unicast_destination(skb)) 758 goto drop; 759 760 /* 761 * There are no SYN attacks on IPv6, yet... 762 */ 763 if (inet_csk_reqsk_queue_is_full(sk) && !isn) { 764 if (net_ratelimit()) 765 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n"); 766 goto drop; 767 } 768 769 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) 770 goto drop; 771 772 req = inet6_reqsk_alloc(&tcp6_request_sock_ops); 773 if (req == NULL) 774 goto drop; 775 776 tcp_clear_options(&tmp_opt); 777 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 778 tmp_opt.user_mss = tp->rx_opt.user_mss; 779 780 tcp_parse_options(skb, &tmp_opt, 0); 781 782 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp; 783 tcp_openreq_init(req, &tmp_opt, skb); 784 785 treq = inet6_rsk(req); 786 ipv6_addr_copy(&treq->rmt_addr, &skb->nh.ipv6h->saddr); 787 ipv6_addr_copy(&treq->loc_addr, &skb->nh.ipv6h->daddr); 788 TCP_ECN_create_request(req, skb->h.th); 789 treq->pktopts = NULL; 790 if (ipv6_opt_accepted(sk, skb) || 791 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo || 792 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) { 793 atomic_inc(&skb->users); 794 treq->pktopts = skb; 795 } 796 treq->iif = sk->sk_bound_dev_if; 797 798 /* So that link locals have meaning */ 799 if (!sk->sk_bound_dev_if && 800 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL) 801 treq->iif = inet6_iif(skb); 802 803 if (isn == 0) 804 isn = tcp_v6_init_sequence(sk,skb); 805 806 tcp_rsk(req)->snt_isn = isn; 807 808 if (tcp_v6_send_synack(sk, req, NULL)) 809 goto drop; 810 811 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT); 812 return 0; 813 814 drop: 815 if (req) 816 reqsk_free(req); 817 818 TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS); 819 return 0; /* don't send reset */ 820 } 821 822 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, 823 struct request_sock *req, 824 struct dst_entry *dst) 825 { 826 struct inet6_request_sock *treq = inet6_rsk(req); 827 struct ipv6_pinfo *newnp, *np = inet6_sk(sk); 828 struct tcp6_sock *newtcp6sk; 829 struct inet_sock *newinet; 830 struct tcp_sock *newtp; 831 struct sock *newsk; 832 struct ipv6_txoptions *opt; 833 834 if (skb->protocol == htons(ETH_P_IP)) { 835 /* 836 * v6 mapped 837 */ 838 839 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst); 840 841 if (newsk == NULL) 842 return NULL; 843 844 newtcp6sk = (struct tcp6_sock *)newsk; 845 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 846 847 newinet = inet_sk(newsk); 848 newnp = inet6_sk(newsk); 849 newtp = tcp_sk(newsk); 850 851 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 852 853 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF), 854 newinet->daddr); 855 856 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF), 857 newinet->saddr); 858 859 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr); 860 861 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped; 862 newsk->sk_backlog_rcv = tcp_v4_do_rcv; 863 newnp->pktoptions = NULL; 864 newnp->opt = NULL; 865 newnp->mcast_oif = inet6_iif(skb); 866 newnp->mcast_hops = skb->nh.ipv6h->hop_limit; 867 868 /* 869 * No need to charge this sock to the relevant IPv6 refcnt debug socks count 870 * here, tcp_create_openreq_child now does this for us, see the comment in 871 * that function for the gory details. -acme 872 */ 873 874 /* It is tricky place. Until this moment IPv4 tcp 875 worked with IPv6 icsk.icsk_af_ops. 876 Sync it now. 877 */ 878 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie); 879 880 return newsk; 881 } 882 883 opt = np->opt; 884 885 if (sk_acceptq_is_full(sk)) 886 goto out_overflow; 887 888 if (np->rxopt.bits.osrcrt == 2 && 889 opt == NULL && treq->pktopts) { 890 struct inet6_skb_parm *rxopt = IP6CB(treq->pktopts); 891 if (rxopt->srcrt) 892 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr *)(treq->pktopts->nh.raw + rxopt->srcrt)); 893 } 894 895 if (dst == NULL) { 896 struct in6_addr *final_p = NULL, final; 897 struct flowi fl; 898 899 memset(&fl, 0, sizeof(fl)); 900 fl.proto = IPPROTO_TCP; 901 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 902 if (opt && opt->srcrt) { 903 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 904 ipv6_addr_copy(&final, &fl.fl6_dst); 905 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 906 final_p = &final; 907 } 908 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 909 fl.oif = sk->sk_bound_dev_if; 910 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 911 fl.fl_ip_sport = inet_sk(sk)->sport; 912 913 if (ip6_dst_lookup(sk, &dst, &fl)) 914 goto out; 915 916 if (final_p) 917 ipv6_addr_copy(&fl.fl6_dst, final_p); 918 919 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0) 920 goto out; 921 } 922 923 newsk = tcp_create_openreq_child(sk, req, skb); 924 if (newsk == NULL) 925 goto out; 926 927 /* 928 * No need to charge this sock to the relevant IPv6 refcnt debug socks 929 * count here, tcp_create_openreq_child now does this for us, see the 930 * comment in that function for the gory details. -acme 931 */ 932 933 ip6_dst_store(newsk, dst, NULL); 934 newsk->sk_route_caps = dst->dev->features & 935 ~(NETIF_F_IP_CSUM | NETIF_F_TSO); 936 937 newtcp6sk = (struct tcp6_sock *)newsk; 938 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 939 940 newtp = tcp_sk(newsk); 941 newinet = inet_sk(newsk); 942 newnp = inet6_sk(newsk); 943 944 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 945 946 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr); 947 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr); 948 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr); 949 newsk->sk_bound_dev_if = treq->iif; 950 951 /* Now IPv6 options... 952 953 First: no IPv4 options. 954 */ 955 newinet->opt = NULL; 956 957 /* Clone RX bits */ 958 newnp->rxopt.all = np->rxopt.all; 959 960 /* Clone pktoptions received with SYN */ 961 newnp->pktoptions = NULL; 962 if (treq->pktopts != NULL) { 963 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC); 964 kfree_skb(treq->pktopts); 965 treq->pktopts = NULL; 966 if (newnp->pktoptions) 967 skb_set_owner_r(newnp->pktoptions, newsk); 968 } 969 newnp->opt = NULL; 970 newnp->mcast_oif = inet6_iif(skb); 971 newnp->mcast_hops = skb->nh.ipv6h->hop_limit; 972 973 /* Clone native IPv6 options from listening socket (if any) 974 975 Yes, keeping reference count would be much more clever, 976 but we make one more one thing there: reattach optmem 977 to newsk. 978 */ 979 if (opt) { 980 newnp->opt = ipv6_dup_options(newsk, opt); 981 if (opt != np->opt) 982 sock_kfree_s(sk, opt, opt->tot_len); 983 } 984 985 inet_csk(newsk)->icsk_ext_hdr_len = 0; 986 if (newnp->opt) 987 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen + 988 newnp->opt->opt_flen); 989 990 tcp_sync_mss(newsk, dst_mtu(dst)); 991 newtp->advmss = dst_metric(dst, RTAX_ADVMSS); 992 tcp_initialize_rcv_mss(newsk); 993 994 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6; 995 996 __inet6_hash(&tcp_hashinfo, newsk); 997 inet_inherit_port(&tcp_hashinfo, sk, newsk); 998 999 return newsk; 1000 1001 out_overflow: 1002 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS); 1003 out: 1004 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS); 1005 if (opt && opt != np->opt) 1006 sock_kfree_s(sk, opt, opt->tot_len); 1007 dst_release(dst); 1008 return NULL; 1009 } 1010 1011 static int tcp_v6_checksum_init(struct sk_buff *skb) 1012 { 1013 if (skb->ip_summed == CHECKSUM_HW) { 1014 if (!tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr, 1015 &skb->nh.ipv6h->daddr,skb->csum)) { 1016 skb->ip_summed = CHECKSUM_UNNECESSARY; 1017 return 0; 1018 } 1019 } 1020 1021 skb->csum = ~tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr, 1022 &skb->nh.ipv6h->daddr, 0); 1023 1024 if (skb->len <= 76) { 1025 return __skb_checksum_complete(skb); 1026 } 1027 return 0; 1028 } 1029 1030 /* The socket must have it's spinlock held when we get 1031 * here. 1032 * 1033 * We have a potential double-lock case here, so even when 1034 * doing backlog processing we use the BH locking scheme. 1035 * This is because we cannot sleep with the original spinlock 1036 * held. 1037 */ 1038 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) 1039 { 1040 struct ipv6_pinfo *np = inet6_sk(sk); 1041 struct tcp_sock *tp; 1042 struct sk_buff *opt_skb = NULL; 1043 1044 /* Imagine: socket is IPv6. IPv4 packet arrives, 1045 goes to IPv4 receive handler and backlogged. 1046 From backlog it always goes here. Kerboom... 1047 Fortunately, tcp_rcv_established and rcv_established 1048 handle them correctly, but it is not case with 1049 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK 1050 */ 1051 1052 if (skb->protocol == htons(ETH_P_IP)) 1053 return tcp_v4_do_rcv(sk, skb); 1054 1055 if (sk_filter(sk, skb, 0)) 1056 goto discard; 1057 1058 /* 1059 * socket locking is here for SMP purposes as backlog rcv 1060 * is currently called with bh processing disabled. 1061 */ 1062 1063 /* Do Stevens' IPV6_PKTOPTIONS. 1064 1065 Yes, guys, it is the only place in our code, where we 1066 may make it not affecting IPv4. 1067 The rest of code is protocol independent, 1068 and I do not like idea to uglify IPv4. 1069 1070 Actually, all the idea behind IPV6_PKTOPTIONS 1071 looks not very well thought. For now we latch 1072 options, received in the last packet, enqueued 1073 by tcp. Feel free to propose better solution. 1074 --ANK (980728) 1075 */ 1076 if (np->rxopt.all) 1077 opt_skb = skb_clone(skb, GFP_ATOMIC); 1078 1079 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */ 1080 TCP_CHECK_TIMER(sk); 1081 if (tcp_rcv_established(sk, skb, skb->h.th, skb->len)) 1082 goto reset; 1083 TCP_CHECK_TIMER(sk); 1084 if (opt_skb) 1085 goto ipv6_pktoptions; 1086 return 0; 1087 } 1088 1089 if (skb->len < (skb->h.th->doff<<2) || tcp_checksum_complete(skb)) 1090 goto csum_err; 1091 1092 if (sk->sk_state == TCP_LISTEN) { 1093 struct sock *nsk = tcp_v6_hnd_req(sk, skb); 1094 if (!nsk) 1095 goto discard; 1096 1097 /* 1098 * Queue it on the new socket if the new socket is active, 1099 * otherwise we just shortcircuit this and continue with 1100 * the new socket.. 1101 */ 1102 if(nsk != sk) { 1103 if (tcp_child_process(sk, nsk, skb)) 1104 goto reset; 1105 if (opt_skb) 1106 __kfree_skb(opt_skb); 1107 return 0; 1108 } 1109 } 1110 1111 TCP_CHECK_TIMER(sk); 1112 if (tcp_rcv_state_process(sk, skb, skb->h.th, skb->len)) 1113 goto reset; 1114 TCP_CHECK_TIMER(sk); 1115 if (opt_skb) 1116 goto ipv6_pktoptions; 1117 return 0; 1118 1119 reset: 1120 tcp_v6_send_reset(skb); 1121 discard: 1122 if (opt_skb) 1123 __kfree_skb(opt_skb); 1124 kfree_skb(skb); 1125 return 0; 1126 csum_err: 1127 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1128 goto discard; 1129 1130 1131 ipv6_pktoptions: 1132 /* Do you ask, what is it? 1133 1134 1. skb was enqueued by tcp. 1135 2. skb is added to tail of read queue, rather than out of order. 1136 3. socket is not in passive state. 1137 4. Finally, it really contains options, which user wants to receive. 1138 */ 1139 tp = tcp_sk(sk); 1140 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt && 1141 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) { 1142 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo) 1143 np->mcast_oif = inet6_iif(opt_skb); 1144 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) 1145 np->mcast_hops = opt_skb->nh.ipv6h->hop_limit; 1146 if (ipv6_opt_accepted(sk, opt_skb)) { 1147 skb_set_owner_r(opt_skb, sk); 1148 opt_skb = xchg(&np->pktoptions, opt_skb); 1149 } else { 1150 __kfree_skb(opt_skb); 1151 opt_skb = xchg(&np->pktoptions, NULL); 1152 } 1153 } 1154 1155 if (opt_skb) 1156 kfree_skb(opt_skb); 1157 return 0; 1158 } 1159 1160 static int tcp_v6_rcv(struct sk_buff **pskb) 1161 { 1162 struct sk_buff *skb = *pskb; 1163 struct tcphdr *th; 1164 struct sock *sk; 1165 int ret; 1166 1167 if (skb->pkt_type != PACKET_HOST) 1168 goto discard_it; 1169 1170 /* 1171 * Count it even if it's bad. 1172 */ 1173 TCP_INC_STATS_BH(TCP_MIB_INSEGS); 1174 1175 if (!pskb_may_pull(skb, sizeof(struct tcphdr))) 1176 goto discard_it; 1177 1178 th = skb->h.th; 1179 1180 if (th->doff < sizeof(struct tcphdr)/4) 1181 goto bad_packet; 1182 if (!pskb_may_pull(skb, th->doff*4)) 1183 goto discard_it; 1184 1185 if ((skb->ip_summed != CHECKSUM_UNNECESSARY && 1186 tcp_v6_checksum_init(skb))) 1187 goto bad_packet; 1188 1189 th = skb->h.th; 1190 TCP_SKB_CB(skb)->seq = ntohl(th->seq); 1191 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin + 1192 skb->len - th->doff*4); 1193 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq); 1194 TCP_SKB_CB(skb)->when = 0; 1195 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(skb->nh.ipv6h); 1196 TCP_SKB_CB(skb)->sacked = 0; 1197 1198 sk = __inet6_lookup(&tcp_hashinfo, &skb->nh.ipv6h->saddr, th->source, 1199 &skb->nh.ipv6h->daddr, ntohs(th->dest), 1200 inet6_iif(skb)); 1201 1202 if (!sk) 1203 goto no_tcp_socket; 1204 1205 process: 1206 if (sk->sk_state == TCP_TIME_WAIT) 1207 goto do_time_wait; 1208 1209 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) 1210 goto discard_and_relse; 1211 1212 if (sk_filter(sk, skb, 0)) 1213 goto discard_and_relse; 1214 1215 skb->dev = NULL; 1216 1217 bh_lock_sock(sk); 1218 ret = 0; 1219 if (!sock_owned_by_user(sk)) { 1220 if (!tcp_prequeue(sk, skb)) 1221 ret = tcp_v6_do_rcv(sk, skb); 1222 } else 1223 sk_add_backlog(sk, skb); 1224 bh_unlock_sock(sk); 1225 1226 sock_put(sk); 1227 return ret ? -1 : 0; 1228 1229 no_tcp_socket: 1230 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) 1231 goto discard_it; 1232 1233 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1234 bad_packet: 1235 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1236 } else { 1237 tcp_v6_send_reset(skb); 1238 } 1239 1240 discard_it: 1241 1242 /* 1243 * Discard frame 1244 */ 1245 1246 kfree_skb(skb); 1247 return 0; 1248 1249 discard_and_relse: 1250 sock_put(sk); 1251 goto discard_it; 1252 1253 do_time_wait: 1254 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1255 inet_twsk_put((struct inet_timewait_sock *)sk); 1256 goto discard_it; 1257 } 1258 1259 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1260 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1261 inet_twsk_put((struct inet_timewait_sock *)sk); 1262 goto discard_it; 1263 } 1264 1265 switch (tcp_timewait_state_process((struct inet_timewait_sock *)sk, 1266 skb, th)) { 1267 case TCP_TW_SYN: 1268 { 1269 struct sock *sk2; 1270 1271 sk2 = inet6_lookup_listener(&tcp_hashinfo, 1272 &skb->nh.ipv6h->daddr, 1273 ntohs(th->dest), inet6_iif(skb)); 1274 if (sk2 != NULL) { 1275 struct inet_timewait_sock *tw = inet_twsk(sk); 1276 inet_twsk_deschedule(tw, &tcp_death_row); 1277 inet_twsk_put(tw); 1278 sk = sk2; 1279 goto process; 1280 } 1281 /* Fall through to ACK */ 1282 } 1283 case TCP_TW_ACK: 1284 tcp_v6_timewait_ack(sk, skb); 1285 break; 1286 case TCP_TW_RST: 1287 goto no_tcp_socket; 1288 case TCP_TW_SUCCESS:; 1289 } 1290 goto discard_it; 1291 } 1292 1293 static int tcp_v6_remember_stamp(struct sock *sk) 1294 { 1295 /* Alas, not yet... */ 1296 return 0; 1297 } 1298 1299 static struct inet_connection_sock_af_ops ipv6_specific = { 1300 .queue_xmit = inet6_csk_xmit, 1301 .send_check = tcp_v6_send_check, 1302 .rebuild_header = inet6_sk_rebuild_header, 1303 .conn_request = tcp_v6_conn_request, 1304 .syn_recv_sock = tcp_v6_syn_recv_sock, 1305 .remember_stamp = tcp_v6_remember_stamp, 1306 .net_header_len = sizeof(struct ipv6hdr), 1307 1308 .setsockopt = ipv6_setsockopt, 1309 .getsockopt = ipv6_getsockopt, 1310 .addr2sockaddr = inet6_csk_addr2sockaddr, 1311 .sockaddr_len = sizeof(struct sockaddr_in6) 1312 }; 1313 1314 /* 1315 * TCP over IPv4 via INET6 API 1316 */ 1317 1318 static struct inet_connection_sock_af_ops ipv6_mapped = { 1319 .queue_xmit = ip_queue_xmit, 1320 .send_check = tcp_v4_send_check, 1321 .rebuild_header = inet_sk_rebuild_header, 1322 .conn_request = tcp_v6_conn_request, 1323 .syn_recv_sock = tcp_v6_syn_recv_sock, 1324 .remember_stamp = tcp_v4_remember_stamp, 1325 .net_header_len = sizeof(struct iphdr), 1326 1327 .setsockopt = ipv6_setsockopt, 1328 .getsockopt = ipv6_getsockopt, 1329 .addr2sockaddr = inet6_csk_addr2sockaddr, 1330 .sockaddr_len = sizeof(struct sockaddr_in6) 1331 }; 1332 1333 1334 1335 /* NOTE: A lot of things set to zero explicitly by call to 1336 * sk_alloc() so need not be done here. 1337 */ 1338 static int tcp_v6_init_sock(struct sock *sk) 1339 { 1340 struct inet_connection_sock *icsk = inet_csk(sk); 1341 struct tcp_sock *tp = tcp_sk(sk); 1342 1343 skb_queue_head_init(&tp->out_of_order_queue); 1344 tcp_init_xmit_timers(sk); 1345 tcp_prequeue_init(tp); 1346 1347 icsk->icsk_rto = TCP_TIMEOUT_INIT; 1348 tp->mdev = TCP_TIMEOUT_INIT; 1349 1350 /* So many TCP implementations out there (incorrectly) count the 1351 * initial SYN frame in their delayed-ACK and congestion control 1352 * algorithms that we must have the following bandaid to talk 1353 * efficiently to them. -DaveM 1354 */ 1355 tp->snd_cwnd = 2; 1356 1357 /* See draft-stevens-tcpca-spec-01 for discussion of the 1358 * initialization of these values. 1359 */ 1360 tp->snd_ssthresh = 0x7fffffff; 1361 tp->snd_cwnd_clamp = ~0; 1362 tp->mss_cache = 536; 1363 1364 tp->reordering = sysctl_tcp_reordering; 1365 1366 sk->sk_state = TCP_CLOSE; 1367 1368 icsk->icsk_af_ops = &ipv6_specific; 1369 icsk->icsk_ca_ops = &tcp_init_congestion_ops; 1370 icsk->icsk_sync_mss = tcp_sync_mss; 1371 sk->sk_write_space = sk_stream_write_space; 1372 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE); 1373 1374 sk->sk_sndbuf = sysctl_tcp_wmem[1]; 1375 sk->sk_rcvbuf = sysctl_tcp_rmem[1]; 1376 1377 atomic_inc(&tcp_sockets_allocated); 1378 1379 return 0; 1380 } 1381 1382 static int tcp_v6_destroy_sock(struct sock *sk) 1383 { 1384 tcp_v4_destroy_sock(sk); 1385 return inet6_destroy_sock(sk); 1386 } 1387 1388 /* Proc filesystem TCPv6 sock list dumping. */ 1389 static void get_openreq6(struct seq_file *seq, 1390 struct sock *sk, struct request_sock *req, int i, int uid) 1391 { 1392 int ttd = req->expires - jiffies; 1393 struct in6_addr *src = &inet6_rsk(req)->loc_addr; 1394 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr; 1395 1396 if (ttd < 0) 1397 ttd = 0; 1398 1399 seq_printf(seq, 1400 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1401 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 1402 i, 1403 src->s6_addr32[0], src->s6_addr32[1], 1404 src->s6_addr32[2], src->s6_addr32[3], 1405 ntohs(inet_sk(sk)->sport), 1406 dest->s6_addr32[0], dest->s6_addr32[1], 1407 dest->s6_addr32[2], dest->s6_addr32[3], 1408 ntohs(inet_rsk(req)->rmt_port), 1409 TCP_SYN_RECV, 1410 0,0, /* could print option size, but that is af dependent. */ 1411 1, /* timers active (only the expire timer) */ 1412 jiffies_to_clock_t(ttd), 1413 req->retrans, 1414 uid, 1415 0, /* non standard timer */ 1416 0, /* open_requests have no inode */ 1417 0, req); 1418 } 1419 1420 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) 1421 { 1422 struct in6_addr *dest, *src; 1423 __u16 destp, srcp; 1424 int timer_active; 1425 unsigned long timer_expires; 1426 struct inet_sock *inet = inet_sk(sp); 1427 struct tcp_sock *tp = tcp_sk(sp); 1428 const struct inet_connection_sock *icsk = inet_csk(sp); 1429 struct ipv6_pinfo *np = inet6_sk(sp); 1430 1431 dest = &np->daddr; 1432 src = &np->rcv_saddr; 1433 destp = ntohs(inet->dport); 1434 srcp = ntohs(inet->sport); 1435 1436 if (icsk->icsk_pending == ICSK_TIME_RETRANS) { 1437 timer_active = 1; 1438 timer_expires = icsk->icsk_timeout; 1439 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) { 1440 timer_active = 4; 1441 timer_expires = icsk->icsk_timeout; 1442 } else if (timer_pending(&sp->sk_timer)) { 1443 timer_active = 2; 1444 timer_expires = sp->sk_timer.expires; 1445 } else { 1446 timer_active = 0; 1447 timer_expires = jiffies; 1448 } 1449 1450 seq_printf(seq, 1451 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1452 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d\n", 1453 i, 1454 src->s6_addr32[0], src->s6_addr32[1], 1455 src->s6_addr32[2], src->s6_addr32[3], srcp, 1456 dest->s6_addr32[0], dest->s6_addr32[1], 1457 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1458 sp->sk_state, 1459 tp->write_seq-tp->snd_una, tp->rcv_nxt-tp->copied_seq, 1460 timer_active, 1461 jiffies_to_clock_t(timer_expires - jiffies), 1462 icsk->icsk_retransmits, 1463 sock_i_uid(sp), 1464 icsk->icsk_probes_out, 1465 sock_i_ino(sp), 1466 atomic_read(&sp->sk_refcnt), sp, 1467 icsk->icsk_rto, 1468 icsk->icsk_ack.ato, 1469 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong, 1470 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh 1471 ); 1472 } 1473 1474 static void get_timewait6_sock(struct seq_file *seq, 1475 struct inet_timewait_sock *tw, int i) 1476 { 1477 struct in6_addr *dest, *src; 1478 __u16 destp, srcp; 1479 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw); 1480 int ttd = tw->tw_ttd - jiffies; 1481 1482 if (ttd < 0) 1483 ttd = 0; 1484 1485 dest = &tw6->tw_v6_daddr; 1486 src = &tw6->tw_v6_rcv_saddr; 1487 destp = ntohs(tw->tw_dport); 1488 srcp = ntohs(tw->tw_sport); 1489 1490 seq_printf(seq, 1491 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1492 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 1493 i, 1494 src->s6_addr32[0], src->s6_addr32[1], 1495 src->s6_addr32[2], src->s6_addr32[3], srcp, 1496 dest->s6_addr32[0], dest->s6_addr32[1], 1497 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1498 tw->tw_substate, 0, 0, 1499 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, 1500 atomic_read(&tw->tw_refcnt), tw); 1501 } 1502 1503 #ifdef CONFIG_PROC_FS 1504 static int tcp6_seq_show(struct seq_file *seq, void *v) 1505 { 1506 struct tcp_iter_state *st; 1507 1508 if (v == SEQ_START_TOKEN) { 1509 seq_puts(seq, 1510 " sl " 1511 "local_address " 1512 "remote_address " 1513 "st tx_queue rx_queue tr tm->when retrnsmt" 1514 " uid timeout inode\n"); 1515 goto out; 1516 } 1517 st = seq->private; 1518 1519 switch (st->state) { 1520 case TCP_SEQ_STATE_LISTENING: 1521 case TCP_SEQ_STATE_ESTABLISHED: 1522 get_tcp6_sock(seq, v, st->num); 1523 break; 1524 case TCP_SEQ_STATE_OPENREQ: 1525 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid); 1526 break; 1527 case TCP_SEQ_STATE_TIME_WAIT: 1528 get_timewait6_sock(seq, v, st->num); 1529 break; 1530 } 1531 out: 1532 return 0; 1533 } 1534 1535 static struct file_operations tcp6_seq_fops; 1536 static struct tcp_seq_afinfo tcp6_seq_afinfo = { 1537 .owner = THIS_MODULE, 1538 .name = "tcp6", 1539 .family = AF_INET6, 1540 .seq_show = tcp6_seq_show, 1541 .seq_fops = &tcp6_seq_fops, 1542 }; 1543 1544 int __init tcp6_proc_init(void) 1545 { 1546 return tcp_proc_register(&tcp6_seq_afinfo); 1547 } 1548 1549 void tcp6_proc_exit(void) 1550 { 1551 tcp_proc_unregister(&tcp6_seq_afinfo); 1552 } 1553 #endif 1554 1555 struct proto tcpv6_prot = { 1556 .name = "TCPv6", 1557 .owner = THIS_MODULE, 1558 .close = tcp_close, 1559 .connect = tcp_v6_connect, 1560 .disconnect = tcp_disconnect, 1561 .accept = inet_csk_accept, 1562 .ioctl = tcp_ioctl, 1563 .init = tcp_v6_init_sock, 1564 .destroy = tcp_v6_destroy_sock, 1565 .shutdown = tcp_shutdown, 1566 .setsockopt = tcp_setsockopt, 1567 .getsockopt = tcp_getsockopt, 1568 .sendmsg = tcp_sendmsg, 1569 .recvmsg = tcp_recvmsg, 1570 .backlog_rcv = tcp_v6_do_rcv, 1571 .hash = tcp_v6_hash, 1572 .unhash = tcp_unhash, 1573 .get_port = tcp_v6_get_port, 1574 .enter_memory_pressure = tcp_enter_memory_pressure, 1575 .sockets_allocated = &tcp_sockets_allocated, 1576 .memory_allocated = &tcp_memory_allocated, 1577 .memory_pressure = &tcp_memory_pressure, 1578 .orphan_count = &tcp_orphan_count, 1579 .sysctl_mem = sysctl_tcp_mem, 1580 .sysctl_wmem = sysctl_tcp_wmem, 1581 .sysctl_rmem = sysctl_tcp_rmem, 1582 .max_header = MAX_TCP_HEADER, 1583 .obj_size = sizeof(struct tcp6_sock), 1584 .twsk_prot = &tcp6_timewait_sock_ops, 1585 .rsk_prot = &tcp6_request_sock_ops, 1586 }; 1587 1588 static struct inet6_protocol tcpv6_protocol = { 1589 .handler = tcp_v6_rcv, 1590 .err_handler = tcp_v6_err, 1591 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 1592 }; 1593 1594 static struct inet_protosw tcpv6_protosw = { 1595 .type = SOCK_STREAM, 1596 .protocol = IPPROTO_TCP, 1597 .prot = &tcpv6_prot, 1598 .ops = &inet6_stream_ops, 1599 .capability = -1, 1600 .no_check = 0, 1601 .flags = INET_PROTOSW_PERMANENT | 1602 INET_PROTOSW_ICSK, 1603 }; 1604 1605 void __init tcpv6_init(void) 1606 { 1607 int err; 1608 1609 /* register inet6 protocol */ 1610 if (inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP) < 0) 1611 printk(KERN_ERR "tcpv6_init: Could not register protocol\n"); 1612 inet6_register_protosw(&tcpv6_protosw); 1613 1614 err = sock_create_kern(PF_INET6, SOCK_RAW, IPPROTO_TCP, &tcp6_socket); 1615 if (err < 0) 1616 panic("Failed to create the TCPv6 control socket.\n"); 1617 tcp6_socket->sk->sk_allocation = GFP_ATOMIC; 1618 1619 /* Unhash it so that IP input processing does not even 1620 * see it, we do not wish this socket to see incoming 1621 * packets. 1622 */ 1623 tcp6_socket->sk->sk_prot->unhash(tcp6_socket->sk); 1624 } 1625