]> Git Repo - linux.git/blame - net/ipv6/tcp_ipv6.c
projects / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[IPV4]: Safer reassembly
[linux.git] / net / ipv6 / tcp_ipv6.c
CommitLineData
1da177e4
LT		 1/*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <[email protected]>
7 *
8 * $Id: tcp_ipv6.c,v 1.144 2002/02/01 22:01:04 davem Exp $
9 *
10 * Based on:
11 * linux/net/ipv4/tcp.c
12 * linux/net/ipv4/tcp_input.c
13 * linux/net/ipv4/tcp_output.c
14 *
15 * Fixes:
16 * Hideaki YOSHIFUJI : sin6_scope_id support
17 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
18 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
19 * a single port at the same time.
20 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
21 *
22 * This program is free software; you can redistribute it and/or
23 * modify it under the terms of the GNU General Public License
24 * as published by the Free Software Foundation; either version
25 * 2 of the License, or (at your option) any later version.
26 */
27
28#include <linux/module.h>
29#include <linux/config.h>
30#include <linux/errno.h>
31#include <linux/types.h>
32#include <linux/socket.h>
33#include <linux/sockios.h>
34#include <linux/net.h>
35#include <linux/jiffies.h>
36#include <linux/in.h>
37#include <linux/in6.h>
38#include <linux/netdevice.h>
39#include <linux/init.h>
40#include <linux/jhash.h>
41#include <linux/ipsec.h>
42#include <linux/times.h>
43
44#include <linux/ipv6.h>
45#include <linux/icmpv6.h>
46#include <linux/random.h>
47
48#include <net/tcp.h>
49#include <net/ndisc.h>
5324a040 50#include <net/inet6_hashtables.h>
1da177e4
LT		 51#include <net/ipv6.h>
52#include <net/transp_v6.h>
53#include <net/addrconf.h>
54#include <net/ip6_route.h>
55#include <net/ip6_checksum.h>
56#include <net/inet_ecn.h>
57#include <net/protocol.h>
58#include <net/xfrm.h>
59#include <net/addrconf.h>
60#include <net/snmp.h>
61#include <net/dsfield.h>
62
63#include <asm/uaccess.h>
64
65#include <linux/proc_fs.h>
66#include <linux/seq_file.h>
67
68static void tcp_v6_send_reset(struct sk_buff *skb);
60236fdd 69static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req);
1da177e4
LT		 70static void tcp_v6_send_check(struct sock *sk, struct tcphdr *th, int len,
71 struct sk_buff *skb);
72
73static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
74static int tcp_v6_xmit(struct sk_buff *skb, int ipfragok);
75
76static struct tcp_func ipv6_mapped;
77static struct tcp_func ipv6_specific;
78
0f7ff927
ACM		 79static inline int tcp_v6_bind_conflict(const struct sock *sk,
80 const struct inet_bind_bucket *tb)
1da177e4 81{
0f7ff927
ACM		 82 const struct sock *sk2;
83 const struct hlist_node *node;
1da177e4
LT		 84
85 /* We must walk the whole port owner list in this case. -DaveM */
86 sk_for_each_bound(sk2, node, &tb->owners) {
87 if (sk != sk2 &&
88 (!sk->sk_bound_dev_if ||
89 !sk2->sk_bound_dev_if ||
90 sk->sk_bound_dev_if == sk2->sk_bound_dev_if) &&
91 (!sk->sk_reuse || !sk2->sk_reuse ||
92 sk2->sk_state == TCP_LISTEN) &&
93 ipv6_rcv_saddr_equal(sk, sk2))
94 break;
95 }
96
97 return node != NULL;
98}
99
100/* Grrr, addr_type already calculated by caller, but I don't want
101 * to add some silly "cookie" argument to this method just for that.
102 * But it doesn't matter, the recalculation is in the rarest path
103 * this function ever takes.
104 */
105static int tcp_v6_get_port(struct sock *sk, unsigned short snum)
106{
0f7ff927
ACM		 107 struct inet_bind_hashbucket *head;
108 struct inet_bind_bucket *tb;
1da177e4
LT		 109 struct hlist_node *node;
110 int ret;
111
112 local_bh_disable();
113 if (snum == 0) {
114 int low = sysctl_local_port_range[0];
115 int high = sysctl_local_port_range[1];
116 int remaining = (high - low) + 1;
6df71634 117 int rover = net_random() % (high - low) + low;
1da177e4 118
6df71634 119 do {
6e04e021 120 head = &tcp_hashinfo.bhash[inet_bhashfn(rover, tcp_hashinfo.bhash_size)];
1da177e4 121 spin_lock(&head->lock);
0f7ff927 122 inet_bind_bucket_for_each(tb, node, &head->chain)
1da177e4
LT		 123 if (tb->port == rover)
124 goto next;
125 break;
126 next:
127 spin_unlock(&head->lock);
6df71634
SH		 128 if (++rover > high)
129 rover = low;
1da177e4 130 } while (--remaining > 0);
1da177e4 131
d5d28375
DM		 132 /* Exhausted local port range during search? It is not
133 * possible for us to be holding one of the bind hash
134 * locks if this test triggers, because if 'remaining'
135 * drops to zero, we broke out of the do/while loop at
136 * the top level, not from the 'break;' statement.
137 */
1da177e4 138 ret = 1;
d5d28375 139 if (unlikely(remaining <= 0))
1da177e4
LT		 140 goto fail;
141
142 /* OK, here is the one we will use. */
143 snum = rover;
144 } else {
6e04e021 145 head = &tcp_hashinfo.bhash[inet_bhashfn(snum, tcp_hashinfo.bhash_size)];
1da177e4 146 spin_lock(&head->lock);
0f7ff927 147 inet_bind_bucket_for_each(tb, node, &head->chain)
1da177e4
LT		 148 if (tb->port == snum)
149 goto tb_found;
150 }
151 tb = NULL;
152 goto tb_not_found;
153tb_found:
154 if (tb && !hlist_empty(&tb->owners)) {
155 if (tb->fastreuse > 0 && sk->sk_reuse &&
156 sk->sk_state != TCP_LISTEN) {
157 goto success;
158 } else {
159 ret = 1;
160 if (tcp_v6_bind_conflict(sk, tb))
161 goto fail_unlock;
162 }
163 }
164tb_not_found:
165 ret = 1;
6e04e021
ACM		 166 if (tb == NULL) {
167 tb = inet_bind_bucket_create(tcp_hashinfo.bind_bucket_cachep, head, snum);
168 if (tb == NULL)
169 goto fail_unlock;
170 }
1da177e4
LT		 171 if (hlist_empty(&tb->owners)) {
172 if (sk->sk_reuse && sk->sk_state != TCP_LISTEN)
173 tb->fastreuse = 1;
174 else
175 tb->fastreuse = 0;
176 } else if (tb->fastreuse &&
177 (!sk->sk_reuse || sk->sk_state == TCP_LISTEN))
178 tb->fastreuse = 0;
179
180success:
463c84b9 181 if (!inet_csk(sk)->icsk_bind_hash)
2d8c4ce5 182 inet_bind_hash(sk, tb, snum);
463c84b9 183 BUG_TRAP(inet_csk(sk)->icsk_bind_hash == tb);
1da177e4
LT		 184 ret = 0;
185
186fail_unlock:
187 spin_unlock(&head->lock);
188fail:
189 local_bh_enable();
190 return ret;
191}
192
193static __inline__ void __tcp_v6_hash(struct sock *sk)
194{
195 struct hlist_head *list;
196 rwlock_t *lock;
197
198 BUG_TRAP(sk_unhashed(sk));
199
200 if (sk->sk_state == TCP_LISTEN) {
6e04e021
ACM		 201 list = &tcp_hashinfo.listening_hash[inet_sk_listen_hashfn(sk)];
202 lock = &tcp_hashinfo.lhash_lock;
f3f05f70 203 inet_listen_wlock(&tcp_hashinfo);
1da177e4 204 } else {
81c3d547
ED		 205 unsigned int hash;
206 sk->sk_hash = hash = inet6_sk_ehashfn(sk);
207 hash &= (tcp_hashinfo.ehash_size - 1);
208 list = &tcp_hashinfo.ehash[hash].chain;
209 lock = &tcp_hashinfo.ehash[hash].lock;
1da177e4
LT		 210 write_lock(lock);
211 }
212
213 __sk_add_node(sk, list);
214 sock_prot_inc_use(sk->sk_prot);
215 write_unlock(lock);
216}
217
218
219static void tcp_v6_hash(struct sock *sk)
220{
221 if (sk->sk_state != TCP_CLOSE) {
222 struct tcp_sock *tp = tcp_sk(sk);
223
224 if (tp->af_specific == &ipv6_mapped) {
225 tcp_prot.hash(sk);
226 return;
227 }
228 local_bh_disable();
229 __tcp_v6_hash(sk);
230 local_bh_enable();
231 }
232}
233
1da177e4
LT		 234/*
235 * Open request hash tables.
236 */
237
463c84b9 238static u32 tcp_v6_synq_hash(const struct in6_addr *raddr, const u16 rport, const u32 rnd)
1da177e4
LT		 239{
240 u32 a, b, c;
241
242 a = raddr->s6_addr32[0];
243 b = raddr->s6_addr32[1];
244 c = raddr->s6_addr32[2];
245
246 a += JHASH_GOLDEN_RATIO;
247 b += JHASH_GOLDEN_RATIO;
248 c += rnd;
249 __jhash_mix(a, b, c);
250
251 a += raddr->s6_addr32[3];
252 b += (u32) rport;
253 __jhash_mix(a, b, c);
254
255 return c & (TCP_SYNQ_HSIZE - 1);
256}
257
463c84b9 258static struct request_sock *tcp_v6_search_req(const struct sock *sk,
60236fdd 259 struct request_sock ***prevp,
1da177e4
LT		 260 __u16 rport,
261 struct in6_addr *raddr,
262 struct in6_addr *laddr,
263 int iif)
264{
463c84b9
ACM		 265 const struct inet_connection_sock *icsk = inet_csk(sk);
266 struct listen_sock *lopt = icsk->icsk_accept_queue.listen_opt;
60236fdd 267 struct request_sock *req, **prev;
1da177e4
LT		 268
269 for (prev = &lopt->syn_table[tcp_v6_synq_hash(raddr, rport, lopt->hash_rnd)];
270 (req = *prev) != NULL;
271 prev = &req->dl_next) {
2e6599cb
ACM		 272 const struct tcp6_request_sock *treq = tcp6_rsk(req);
273
274 if (inet_rsk(req)->rmt_port == rport &&
60236fdd 275 req->rsk_ops->family == AF_INET6 &&
2e6599cb
ACM		 276 ipv6_addr_equal(&treq->rmt_addr, raddr) &&
277 ipv6_addr_equal(&treq->loc_addr, laddr) &&
278 (!treq->iif || treq->iif == iif)) {
1da177e4
LT		 279 BUG_TRAP(req->sk == NULL);
280 *prevp = prev;
281 return req;
282 }
283 }
284
285 return NULL;
286}
287
288static __inline__ u16 tcp_v6_check(struct tcphdr *th, int len,
289 struct in6_addr *saddr,
290 struct in6_addr *daddr,
291 unsigned long base)
292{
293 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
294}
295
296static __u32 tcp_v6_init_sequence(struct sock *sk, struct sk_buff *skb)
297{
298 if (skb->protocol == htons(ETH_P_IPV6)) {
299 return secure_tcpv6_sequence_number(skb->nh.ipv6h->daddr.s6_addr32,
300 skb->nh.ipv6h->saddr.s6_addr32,
301 skb->h.th->dest,
302 skb->h.th->source);
303 } else {
304 return secure_tcp_sequence_number(skb->nh.iph->daddr,
305 skb->nh.iph->saddr,
306 skb->h.th->dest,
307 skb->h.th->source);
308 }
309}
310
505cbfc5 311static int __tcp_v6_check_established(struct sock *sk, const __u16 lport,
8feaf0c0 312 struct inet_timewait_sock **twp)
1da177e4
LT		 313{
314 struct inet_sock *inet = inet_sk(sk);
505cbfc5
ACM		 315 const struct ipv6_pinfo *np = inet6_sk(sk);
316 const struct in6_addr *daddr = &np->rcv_saddr;
317 const struct in6_addr *saddr = &np->daddr;
318 const int dif = sk->sk_bound_dev_if;
8feaf0c0 319 const u32 ports = INET_COMBINED_PORTS(inet->dport, lport);
81c3d547
ED		 320 unsigned int hash = inet6_ehashfn(daddr, inet->num, saddr, inet->dport);
321 struct inet_ehash_bucket *head = inet_ehash_bucket(&tcp_hashinfo, hash);
1da177e4 322 struct sock *sk2;
8feaf0c0
ACM		 323 const struct hlist_node *node;
324 struct inet_timewait_sock *tw;
1da177e4 325
81c3d547 326 prefetch(head->chain.first);
1da177e4
LT		 327 write_lock(&head->lock);
328
329 /* Check TIME-WAIT sockets first. */
6e04e021 330 sk_for_each(sk2, node, &(head + tcp_hashinfo.ehash_size)->chain) {
8feaf0c0
ACM		 331 const struct tcp6_timewait_sock *tcp6tw = tcp6_twsk(sk2);
332
333 tw = inet_twsk(sk2);
1da177e4
LT		 334
335 if(*((__u32 *)&(tw->tw_dport)) == ports &&
336 sk2->sk_family == PF_INET6 &&
8feaf0c0
ACM		 337 ipv6_addr_equal(&tcp6tw->tw_v6_daddr, saddr) &&
338 ipv6_addr_equal(&tcp6tw->tw_v6_rcv_saddr, daddr) &&
1da177e4 339 sk2->sk_bound_dev_if == sk->sk_bound_dev_if) {
8feaf0c0 340 const struct tcp_timewait_sock *tcptw = tcp_twsk(sk2);
1da177e4
LT		 341 struct tcp_sock *tp = tcp_sk(sk);
342
8feaf0c0
ACM		 343 if (tcptw->tw_ts_recent_stamp &&
344 (!twp ||
345 (sysctl_tcp_tw_reuse &&
346 xtime.tv_sec - tcptw->tw_ts_recent_stamp > 1))) {
1da177e4 347 /* See comment in tcp_ipv4.c */
8feaf0c0 348 tp->write_seq = tcptw->tw_snd_nxt + 65535 + 2;
1da177e4
LT		 349 if (!tp->write_seq)
350 tp->write_seq = 1;
8feaf0c0
ACM		 351 tp->rx_opt.ts_recent = tcptw->tw_ts_recent;
352 tp->rx_opt.ts_recent_stamp = tcptw->tw_ts_recent_stamp;
1da177e4
LT		 353 sock_hold(sk2);
354 goto unique;
355 } else
356 goto not_unique;
357 }
358 }
359 tw = NULL;
360
361 /* And established part... */
362 sk_for_each(sk2, node, &head->chain) {
81c3d547 363 if (INET6_MATCH(sk2, hash, saddr, daddr, ports, dif))
1da177e4
LT		 364 goto not_unique;
365 }
366
367unique:
368 BUG_TRAP(sk_unhashed(sk));
369 __sk_add_node(sk, &head->chain);
81c3d547 370 sk->sk_hash = hash;
1da177e4
LT		 371 sock_prot_inc_use(sk->sk_prot);
372 write_unlock(&head->lock);
373
374 if (twp) {
375 *twp = tw;
376 NET_INC_STATS_BH(LINUX_MIB_TIMEWAITRECYCLED);
377 } else if (tw) {
378 /* Silly. Should hash-dance instead... */
295ff7ed 379 inet_twsk_deschedule(tw, &tcp_death_row);
1da177e4
LT		 380 NET_INC_STATS_BH(LINUX_MIB_TIMEWAITRECYCLED);
381
8feaf0c0 382 inet_twsk_put(tw);
1da177e4
LT		 383 }
384 return 0;
385
386not_unique:
387 write_unlock(&head->lock);
388 return -EADDRNOTAVAIL;
389}
390
391static inline u32 tcpv6_port_offset(const struct sock *sk)
392{
393 const struct inet_sock *inet = inet_sk(sk);
394 const struct ipv6_pinfo *np = inet6_sk(sk);
395
396 return secure_tcpv6_port_ephemeral(np->rcv_saddr.s6_addr32,
397 np->daddr.s6_addr32,
398 inet->dport);
399}
400
401static int tcp_v6_hash_connect(struct sock *sk)
402{
403 unsigned short snum = inet_sk(sk)->num;
0f7ff927
ACM		 404 struct inet_bind_hashbucket *head;
405 struct inet_bind_bucket *tb;
1da177e4
LT		 406 int ret;
407
408 if (!snum) {
409 int low = sysctl_local_port_range[0];
410 int high = sysctl_local_port_range[1];
411 int range = high - low;
412 int i;
413 int port;
414 static u32 hint;
415 u32 offset = hint + tcpv6_port_offset(sk);
416 struct hlist_node *node;
8feaf0c0 417 struct inet_timewait_sock *tw = NULL;
1da177e4
LT		 418
419 local_bh_disable();
420 for (i = 1; i <= range; i++) {
421 port = low + (i + offset) % range;
6e04e021 422 head = &tcp_hashinfo.bhash[inet_bhashfn(port, tcp_hashinfo.bhash_size)];
1da177e4
LT		 423 spin_lock(&head->lock);
424
425 /* Does not bother with rcv_saddr checks,
426 * because the established check is already
427 * unique enough.
428 */
0f7ff927 429 inet_bind_bucket_for_each(tb, node, &head->chain) {
1da177e4
LT		 430 if (tb->port == port) {
431 BUG_TRAP(!hlist_empty(&tb->owners));
432 if (tb->fastreuse >= 0)
433 goto next_port;
434 if (!__tcp_v6_check_established(sk,
435 port,
436 &tw))
437 goto ok;
438 goto next_port;
439 }
440 }
441
6e04e021 442 tb = inet_bind_bucket_create(tcp_hashinfo.bind_bucket_cachep, head, port);
1da177e4
LT		 443 if (!tb) {
444 spin_unlock(&head->lock);
445 break;
446 }
447 tb->fastreuse = -1;
448 goto ok;
449
450 next_port:
451 spin_unlock(&head->lock);
452 }
453 local_bh_enable();
454
455 return -EADDRNOTAVAIL;
456
457ok:
458 hint += i;
459
460 /* Head lock still held and bh's disabled */
2d8c4ce5 461 inet_bind_hash(sk, tb, port);
1da177e4
LT		 462 if (sk_unhashed(sk)) {
463 inet_sk(sk)->sport = htons(port);
464 __tcp_v6_hash(sk);
465 }
466 spin_unlock(&head->lock);
467
468 if (tw) {
295ff7ed 469 inet_twsk_deschedule(tw, &tcp_death_row);
8feaf0c0 470 inet_twsk_put(tw);
1da177e4
LT		 471 }
472
473 ret = 0;
474 goto out;
475 }
476
6e04e021 477 head = &tcp_hashinfo.bhash[inet_bhashfn(snum, tcp_hashinfo.bhash_size)];
463c84b9 478 tb = inet_csk(sk)->icsk_bind_hash;
1da177e4
LT		 479 spin_lock_bh(&head->lock);
480
481 if (sk_head(&tb->owners) == sk && !sk->sk_bind_node.next) {
482 __tcp_v6_hash(sk);
483 spin_unlock_bh(&head->lock);
484 return 0;
485 } else {
486 spin_unlock(&head->lock);
487 /* No definite answer... Walk to established hash table */
488 ret = __tcp_v6_check_established(sk, snum, NULL);
489out:
490 local_bh_enable();
491 return ret;
492 }
493}
494
1da177e4
LT		 495static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
496 int addr_len)
497{
498 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
499 struct inet_sock *inet = inet_sk(sk);
500 struct ipv6_pinfo *np = inet6_sk(sk);
501 struct tcp_sock *tp = tcp_sk(sk);
502 struct in6_addr *saddr = NULL, *final_p = NULL, final;
503 struct flowi fl;
504 struct dst_entry *dst;
505 int addr_type;
506 int err;
507
508 if (addr_len < SIN6_LEN_RFC2133)
509 return -EINVAL;
510
511 if (usin->sin6_family != AF_INET6)
512 return(-EAFNOSUPPORT);
513
514 memset(&fl, 0, sizeof(fl));
515
516 if (np->sndflow) {
517 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
518 IP6_ECN_flow_init(fl.fl6_flowlabel);
519 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
520 struct ip6_flowlabel *flowlabel;
521 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
522 if (flowlabel == NULL)
523 return -EINVAL;
524 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
525 fl6_sock_release(flowlabel);
526 }
527 }
528
529 /*
530 * connect() to INADDR_ANY means loopback (BSD'ism).
531 */
532
533 if(ipv6_addr_any(&usin->sin6_addr))
534 usin->sin6_addr.s6_addr[15] = 0x1;
535
536 addr_type = ipv6_addr_type(&usin->sin6_addr);
537
538 if(addr_type & IPV6_ADDR_MULTICAST)
539 return -ENETUNREACH;
540
541 if (addr_type&IPV6_ADDR_LINKLOCAL) {
542 if (addr_len >= sizeof(struct sockaddr_in6) &&
543 usin->sin6_scope_id) {
544 /* If interface is set while binding, indices
545 * must coincide.
546 */
547 if (sk->sk_bound_dev_if &&
548 sk->sk_bound_dev_if != usin->sin6_scope_id)
549 return -EINVAL;
550
551 sk->sk_bound_dev_if = usin->sin6_scope_id;
552 }
553
554 /* Connect to link-local address requires an interface */
555 if (!sk->sk_bound_dev_if)
556 return -EINVAL;
557 }
558
559 if (tp->rx_opt.ts_recent_stamp &&
560 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
561 tp->rx_opt.ts_recent = 0;
562 tp->rx_opt.ts_recent_stamp = 0;
563 tp->write_seq = 0;
564 }
565
566 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
567 np->flow_label = fl.fl6_flowlabel;
568
569 /*
570 * TCP over IPv4
571 */
572
573 if (addr_type == IPV6_ADDR_MAPPED) {
574 u32 exthdrlen = tp->ext_header_len;
575 struct sockaddr_in sin;
576
577 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
578
579 if (__ipv6_only_sock(sk))
580 return -ENETUNREACH;
581
582 sin.sin_family = AF_INET;
583 sin.sin_port = usin->sin6_port;
584 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
585
586 tp->af_specific = &ipv6_mapped;
587 sk->sk_backlog_rcv = tcp_v4_do_rcv;
588
589 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
590
591 if (err) {
592 tp->ext_header_len = exthdrlen;
593 tp->af_specific = &ipv6_specific;
594 sk->sk_backlog_rcv = tcp_v6_do_rcv;
595 goto failure;
596 } else {
597 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
598 inet->saddr);
599 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
600 inet->rcv_saddr);
601 }
602
603 return err;
604 }
605
606 if (!ipv6_addr_any(&np->rcv_saddr))
607 saddr = &np->rcv_saddr;
608
609 fl.proto = IPPROTO_TCP;
610 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
611 ipv6_addr_copy(&fl.fl6_src,
612 (saddr ? saddr : &np->saddr));
613 fl.oif = sk->sk_bound_dev_if;
614 fl.fl_ip_dport = usin->sin6_port;
615 fl.fl_ip_sport = inet->sport;
616
617 if (np->opt && np->opt->srcrt) {
618 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
619 ipv6_addr_copy(&final, &fl.fl6_dst);
620 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
621 final_p = &final;
622 }
623
624 err = ip6_dst_lookup(sk, &dst, &fl);
625 if (err)
626 goto failure;
627 if (final_p)
628 ipv6_addr_copy(&fl.fl6_dst, final_p);
629
e104411b 630 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
1da177e4 631 goto failure;
1da177e4
LT		 632
633 if (saddr == NULL) {
634 saddr = &fl.fl6_src;
635 ipv6_addr_copy(&np->rcv_saddr, saddr);
636 }
637
638 /* set the source address */
639 ipv6_addr_copy(&np->saddr, saddr);
640 inet->rcv_saddr = LOOPBACK4_IPV6;
641
642 ip6_dst_store(sk, dst, NULL);
643 sk->sk_route_caps = dst->dev->features &
644 ~(NETIF_F_IP_CSUM | NETIF_F_TSO);
645
646 tp->ext_header_len = 0;
647 if (np->opt)
648 tp->ext_header_len = np->opt->opt_flen + np->opt->opt_nflen;
649
650 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
651
652 inet->dport = usin->sin6_port;
653
654 tcp_set_state(sk, TCP_SYN_SENT);
655 err = tcp_v6_hash_connect(sk);
656 if (err)
657 goto late_failure;
658
659 if (!tp->write_seq)
660 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
661 np->daddr.s6_addr32,
662 inet->sport,
663 inet->dport);
664
665 err = tcp_connect(sk);
666 if (err)
667 goto late_failure;
668
669 return 0;
670
671late_failure:
672 tcp_set_state(sk, TCP_CLOSE);
673 __sk_dst_reset(sk);
674failure:
675 inet->dport = 0;
676 sk->sk_route_caps = 0;
677 return err;
678}
679
680static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
681 int type, int code, int offset, __u32 info)
682{
683 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
505cbfc5 684 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
1da177e4
LT		 685 struct ipv6_pinfo *np;
686 struct sock *sk;
687 int err;
688 struct tcp_sock *tp;
689 __u32 seq;
690
505cbfc5
ACM		 691 sk = inet6_lookup(&tcp_hashinfo, &hdr->daddr, th->dest, &hdr->saddr,
692 th->source, skb->dev->ifindex);
1da177e4
LT		 693
694 if (sk == NULL) {
695 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
696 return;
697 }
698
699 if (sk->sk_state == TCP_TIME_WAIT) {
8feaf0c0 700 inet_twsk_put((struct inet_timewait_sock *)sk);
1da177e4
LT		 701 return;
702 }
703
704 bh_lock_sock(sk);
705 if (sock_owned_by_user(sk))
706 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
707
708 if (sk->sk_state == TCP_CLOSE)
709 goto out;
710
711 tp = tcp_sk(sk);
712 seq = ntohl(th->seq);
713 if (sk->sk_state != TCP_LISTEN &&
714 !between(seq, tp->snd_una, tp->snd_nxt)) {
715 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
716 goto out;
717 }
718
719 np = inet6_sk(sk);
720
721 if (type == ICMPV6_PKT_TOOBIG) {
722 struct dst_entry *dst = NULL;
723
724 if (sock_owned_by_user(sk))
725 goto out;
726 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
727 goto out;
728
729 /* icmp should have updated the destination cache entry */
730 dst = __sk_dst_check(sk, np->dst_cookie);
731
732 if (dst == NULL) {
733 struct inet_sock *inet = inet_sk(sk);
734 struct flowi fl;
735
736 /* BUGGG_FUTURE: Again, it is not clear how
737 to handle rthdr case. Ignore this complexity
738 for now.
739 */
740 memset(&fl, 0, sizeof(fl));
741 fl.proto = IPPROTO_TCP;
742 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
743 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
744 fl.oif = sk->sk_bound_dev_if;
745 fl.fl_ip_dport = inet->dport;
746 fl.fl_ip_sport = inet->sport;
747
748 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
749 sk->sk_err_soft = -err;
750 goto out;
751 }
752
753 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
754 sk->sk_err_soft = -err;
755 goto out;
756 }
757
758 } else
759 dst_hold(dst);
760
761 if (tp->pmtu_cookie > dst_mtu(dst)) {
762 tcp_sync_mss(sk, dst_mtu(dst));
763 tcp_simple_retransmit(sk);
764 } /* else let the usual retransmit timer handle it */
765 dst_release(dst);
766 goto out;
767 }
768
769 icmpv6_err_convert(type, code, &err);
770
60236fdd 771 /* Might be for an request_sock */
1da177e4 772 switch (sk->sk_state) {
60236fdd 773 struct request_sock *req, **prev;
1da177e4
LT		 774 case TCP_LISTEN:
775 if (sock_owned_by_user(sk))
776 goto out;
777
463c84b9 778 req = tcp_v6_search_req(sk, &prev, th->dest, &hdr->daddr,
505cbfc5 779 &hdr->saddr, inet6_iif(skb));
1da177e4
LT		 780 if (!req)
781 goto out;
782
783 /* ICMPs are not backlogged, hence we cannot get
784 * an established socket here.
785 */
786 BUG_TRAP(req->sk == NULL);
787
2e6599cb 788 if (seq != tcp_rsk(req)->snt_isn) {
1da177e4
LT		 789 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
790 goto out;
791 }
792
463c84b9 793 inet_csk_reqsk_queue_drop(sk, req, prev);
1da177e4
LT		 794 goto out;
795
796 case TCP_SYN_SENT:
797 case TCP_SYN_RECV: /* Cannot happen.
798 It can, it SYNs are crossed. --ANK */
799 if (!sock_owned_by_user(sk)) {
800 TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS);
801 sk->sk_err = err;
802 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
803
804 tcp_done(sk);
805 } else
806 sk->sk_err_soft = err;
807 goto out;
808 }
809
810 if (!sock_owned_by_user(sk) && np->recverr) {
811 sk->sk_err = err;
812 sk->sk_error_report(sk);
813 } else
814 sk->sk_err_soft = err;
815
816out:
817 bh_unlock_sock(sk);
818 sock_put(sk);
819}
820
821
60236fdd 822static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req,
1da177e4
LT		 823 struct dst_entry *dst)
824{
2e6599cb 825 struct tcp6_request_sock *treq = tcp6_rsk(req);
1da177e4
LT		 826 struct ipv6_pinfo *np = inet6_sk(sk);
827 struct sk_buff * skb;
828 struct ipv6_txoptions *opt = NULL;
829 struct in6_addr * final_p = NULL, final;
830 struct flowi fl;
831 int err = -1;
832
833 memset(&fl, 0, sizeof(fl));
834 fl.proto = IPPROTO_TCP;
2e6599cb
ACM		 835 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
836 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1da177e4 837 fl.fl6_flowlabel = 0;
2e6599cb
ACM		 838 fl.oif = treq->iif;
839 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1da177e4
LT		 840 fl.fl_ip_sport = inet_sk(sk)->sport;
841
842 if (dst == NULL) {
843 opt = np->opt;
844 if (opt == NULL &&
333fad53 845 np->rxopt.bits.osrcrt == 2 &&
2e6599cb
ACM		 846 treq->pktopts) {
847 struct sk_buff *pktopts = treq->pktopts;
1da177e4
LT		 848 struct inet6_skb_parm *rxopt = IP6CB(pktopts);
849 if (rxopt->srcrt)
850 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr*)(pktopts->nh.raw + rxopt->srcrt));
851 }
852
853 if (opt && opt->srcrt) {
854 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
855 ipv6_addr_copy(&final, &fl.fl6_dst);
856 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
857 final_p = &final;
858 }
859
860 err = ip6_dst_lookup(sk, &dst, &fl);
861 if (err)
862 goto done;
863 if (final_p)
864 ipv6_addr_copy(&fl.fl6_dst, final_p);
865 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
866 goto done;
867 }
868
869 skb = tcp_make_synack(sk, dst, req);
870 if (skb) {
871 struct tcphdr *th = skb->h.th;
872
873 th->check = tcp_v6_check(th, skb->len,
2e6599cb 874 &treq->loc_addr, &treq->rmt_addr,
1da177e4
LT		 875 csum_partial((char *)th, skb->len, skb->csum));
876
2e6599cb 877 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1da177e4
LT		 878 err = ip6_xmit(sk, skb, &fl, opt, 0);
879 if (err == NET_XMIT_CN)
880 err = 0;
881 }
882
883done:
1da177e4
LT		 884 if (opt && opt != np->opt)
885 sock_kfree_s(sk, opt, opt->tot_len);
886 return err;
887}
888
60236fdd 889static void tcp_v6_reqsk_destructor(struct request_sock *req)
1da177e4 890{
2e6599cb
ACM		 891 if (tcp6_rsk(req)->pktopts)
892 kfree_skb(tcp6_rsk(req)->pktopts);
1da177e4
LT		 893}
894
60236fdd 895static struct request_sock_ops tcp6_request_sock_ops = {
1da177e4 896 .family = AF_INET6,
2e6599cb 897 .obj_size = sizeof(struct tcp6_request_sock),
1da177e4 898 .rtx_syn_ack = tcp_v6_send_synack,
60236fdd
ACM		 899 .send_ack = tcp_v6_reqsk_send_ack,
900 .destructor = tcp_v6_reqsk_destructor,
1da177e4
LT		 901 .send_reset = tcp_v6_send_reset
902};
903
904static int ipv6_opt_accepted(struct sock *sk, struct sk_buff *skb)
905{
906 struct ipv6_pinfo *np = inet6_sk(sk);
907 struct inet6_skb_parm *opt = IP6CB(skb);
908
909 if (np->rxopt.all) {
333fad53
YH		 910 if ((opt->hop && (np->rxopt.bits.hopopts || np->rxopt.bits.ohopopts)) ||
911 ((IPV6_FLOWINFO_MASK & *(u32*)skb->nh.raw) && np->rxopt.bits.rxflow) ||
912 (opt->srcrt && (np->rxopt.bits.srcrt || np->rxopt.bits.osrcrt)) ||
913 ((opt->dst1 || opt->dst0) && (np->rxopt.bits.dstopts || np->rxopt.bits.odstopts)))
1da177e4
LT		 914 return 1;
915 }
916 return 0;
917}
918
919
920static void tcp_v6_send_check(struct sock *sk, struct tcphdr *th, int len,
921 struct sk_buff *skb)
922{
923 struct ipv6_pinfo *np = inet6_sk(sk);
924
925 if (skb->ip_summed == CHECKSUM_HW) {
926 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
927 skb->csum = offsetof(struct tcphdr, check);
928 } else {
929 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
930 csum_partial((char *)th, th->doff<<2,
931 skb->csum));
932 }
933}
934
935
936static void tcp_v6_send_reset(struct sk_buff *skb)
937{
938 struct tcphdr *th = skb->h.th, *t1;
939 struct sk_buff *buff;
940 struct flowi fl;
941
942 if (th->rst)
943 return;
944
945 if (!ipv6_unicast_destination(skb))
946 return;
947
948 /*
949 * We need to grab some memory, and put together an RST,
950 * and then put it into the queue to be sent.
951 */
952
953 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr),
954 GFP_ATOMIC);
955 if (buff == NULL)
956 return;
957
958 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr));
959
960 t1 = (struct tcphdr *) skb_push(buff,sizeof(struct tcphdr));
961
962 /* Swap the send and the receive. */
963 memset(t1, 0, sizeof(*t1));
964 t1->dest = th->source;
965 t1->source = th->dest;
966 t1->doff = sizeof(*t1)/4;
967 t1->rst = 1;
968
969 if(th->ack) {
970 t1->seq = th->ack_seq;
971 } else {
972 t1->ack = 1;
973 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin
974 + skb->len - (th->doff<<2));
975 }
976
977 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0);
978
979 memset(&fl, 0, sizeof(fl));
980 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr);
981 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr);
982
983 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
984 sizeof(*t1), IPPROTO_TCP,
985 buff->csum);
986
987 fl.proto = IPPROTO_TCP;
505cbfc5 988 fl.oif = inet6_iif(skb);
1da177e4
LT		 989 fl.fl_ip_dport = t1->dest;
990 fl.fl_ip_sport = t1->source;
991
992 /* sk = NULL, but it is safe for now. RST socket required. */
993 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
994
ecc51b6d
ACM		 995 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
996 ip6_xmit(NULL, buff, &fl, NULL, 0);
997 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
998 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
1da177e4 999 return;
ecc51b6d 1000 }
1da177e4
LT		 1001 }
1002
1003 kfree_skb(buff);
1004}
1005
1006static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts)
1007{
1008 struct tcphdr *th = skb->h.th, *t1;
1009 struct sk_buff *buff;
1010 struct flowi fl;
1011 int tot_len = sizeof(struct tcphdr);
1012
1013 if (ts)
1014 tot_len += 3*4;
1015
1016 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1017 GFP_ATOMIC);
1018 if (buff == NULL)
1019 return;
1020
1021 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1022
1023 t1 = (struct tcphdr *) skb_push(buff,tot_len);
1024
1025 /* Swap the send and the receive. */
1026 memset(t1, 0, sizeof(*t1));
1027 t1->dest = th->source;
1028 t1->source = th->dest;
1029 t1->doff = tot_len/4;
1030 t1->seq = htonl(seq);
1031 t1->ack_seq = htonl(ack);
1032 t1->ack = 1;
1033 t1->window = htons(win);
1034
1035 if (ts) {
1036 u32 *ptr = (u32*)(t1 + 1);
1037 *ptr++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1038 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
1039 *ptr++ = htonl(tcp_time_stamp);
1040 *ptr = htonl(ts);
1041 }
1042
1043 buff->csum = csum_partial((char *)t1, tot_len, 0);
1044
1045 memset(&fl, 0, sizeof(fl));
1046 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr);
1047 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr);
1048
1049 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1050 tot_len, IPPROTO_TCP,
1051 buff->csum);
1052
1053 fl.proto = IPPROTO_TCP;
505cbfc5 1054 fl.oif = inet6_iif(skb);
1da177e4
LT		 1055 fl.fl_ip_dport = t1->dest;
1056 fl.fl_ip_sport = t1->source;
1057
1058 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
ecc51b6d
ACM		 1059 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1060 ip6_xmit(NULL, buff, &fl, NULL, 0);
1061 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1da177e4 1062 return;
ecc51b6d 1063 }
1da177e4
LT		 1064 }
1065
1066 kfree_skb(buff);
1067}
1068
1069static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1070{
8feaf0c0
ACM		 1071 struct inet_timewait_sock *tw = inet_twsk(sk);
1072 const struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1da177e4 1073
8feaf0c0
ACM		 1074 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1075 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1076 tcptw->tw_ts_recent);
1da177e4 1077
8feaf0c0 1078 inet_twsk_put(tw);
1da177e4
LT		 1079}
1080
60236fdd 1081static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req)
1da177e4 1082{
2e6599cb 1083 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent);
1da177e4
LT		 1084}
1085
1086
1087static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1088{
60236fdd 1089 struct request_sock *req, **prev;
505cbfc5 1090 const struct tcphdr *th = skb->h.th;
1da177e4
LT		 1091 struct sock *nsk;
1092
1093 /* Find possible connection requests. */
463c84b9 1094 req = tcp_v6_search_req(sk, &prev, th->source, &skb->nh.ipv6h->saddr,
505cbfc5 1095 &skb->nh.ipv6h->daddr, inet6_iif(skb));
1da177e4
LT		 1096 if (req)
1097 return tcp_check_req(sk, skb, req, prev);
1098
505cbfc5
ACM		 1099 nsk = __inet6_lookup_established(&tcp_hashinfo, &skb->nh.ipv6h->saddr,
1100 th->source, &skb->nh.ipv6h->daddr,
1101 ntohs(th->dest), inet6_iif(skb));
1da177e4
LT		 1102
1103 if (nsk) {
1104 if (nsk->sk_state != TCP_TIME_WAIT) {
1105 bh_lock_sock(nsk);
1106 return nsk;
1107 }
8feaf0c0 1108 inet_twsk_put((struct inet_timewait_sock *)nsk);
1da177e4
LT		 1109 return NULL;
1110 }
1111
1112#if 0 /*def CONFIG_SYN_COOKIES*/
1113 if (!th->rst && !th->syn && th->ack)
1114 sk = cookie_v6_check(sk, skb, &(IPCB(skb)->opt));
1115#endif
1116 return sk;
1117}
1118
60236fdd 1119static void tcp_v6_synq_add(struct sock *sk, struct request_sock *req)
1da177e4 1120{
463c84b9
ACM		 1121 struct inet_connection_sock *icsk = inet_csk(sk);
1122 struct listen_sock *lopt = icsk->icsk_accept_queue.listen_opt;
1123 const u32 h = tcp_v6_synq_hash(&tcp6_rsk(req)->rmt_addr, inet_rsk(req)->rmt_port, lopt->hash_rnd);
1da177e4 1124
463c84b9
ACM		 1125 reqsk_queue_hash_req(&icsk->icsk_accept_queue, h, req, TCP_TIMEOUT_INIT);
1126 inet_csk_reqsk_queue_added(sk, TCP_TIMEOUT_INIT);
1da177e4
LT		 1127}
1128
1129
1130/* FIXME: this is substantially similar to the ipv4 code.
1131 * Can some kind of merge be done? -- erics
1132 */
1133static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1134{
2e6599cb 1135 struct tcp6_request_sock *treq;
1da177e4
LT		 1136 struct ipv6_pinfo *np = inet6_sk(sk);
1137 struct tcp_options_received tmp_opt;
1138 struct tcp_sock *tp = tcp_sk(sk);
60236fdd 1139 struct request_sock *req = NULL;
1da177e4
LT		 1140 __u32 isn = TCP_SKB_CB(skb)->when;
1141
1142 if (skb->protocol == htons(ETH_P_IP))
1143 return tcp_v4_conn_request(sk, skb);
1144
1145 if (!ipv6_unicast_destination(skb))
1146 goto drop;
1147
1148 /*
1149 * There are no SYN attacks on IPv6, yet...
1150 */
463c84b9 1151 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1da177e4
LT		 1152 if (net_ratelimit())
1153 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n");
1154 goto drop;
1155 }
1156
463c84b9 1157 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1da177e4
LT		 1158 goto drop;
1159
60236fdd 1160 req = reqsk_alloc(&tcp6_request_sock_ops);
1da177e4
LT		 1161 if (req == NULL)
1162 goto drop;
1163
1164 tcp_clear_options(&tmp_opt);
1165 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1166 tmp_opt.user_mss = tp->rx_opt.user_mss;
1167
1168 tcp_parse_options(skb, &tmp_opt, 0);
1169
1170 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1171 tcp_openreq_init(req, &tmp_opt, skb);
1172
2e6599cb
ACM		 1173 treq = tcp6_rsk(req);
1174 ipv6_addr_copy(&treq->rmt_addr, &skb->nh.ipv6h->saddr);
1175 ipv6_addr_copy(&treq->loc_addr, &skb->nh.ipv6h->daddr);
1da177e4 1176 TCP_ECN_create_request(req, skb->h.th);
2e6599cb 1177 treq->pktopts = NULL;
1da177e4 1178 if (ipv6_opt_accepted(sk, skb) ||
333fad53
YH		 1179 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1180 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1da177e4 1181 atomic_inc(&skb->users);
2e6599cb 1182 treq->pktopts = skb;
1da177e4 1183 }
2e6599cb 1184 treq->iif = sk->sk_bound_dev_if;
1da177e4
LT		 1185
1186 /* So that link locals have meaning */
1187 if (!sk->sk_bound_dev_if &&
2e6599cb 1188 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
505cbfc5 1189 treq->iif = inet6_iif(skb);
1da177e4
LT		 1190
1191 if (isn == 0)
1192 isn = tcp_v6_init_sequence(sk,skb);
1193
2e6599cb 1194 tcp_rsk(req)->snt_isn = isn;
1da177e4
LT		 1195
1196 if (tcp_v6_send_synack(sk, req, NULL))
1197 goto drop;
1198
1199 tcp_v6_synq_add(sk, req);
1200
1201 return 0;
1202
1203drop:
1204 if (req)
60236fdd 1205 reqsk_free(req);
1da177e4
LT		 1206
1207 TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS);
1208 return 0; /* don't send reset */
1209}
1210
1211static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
60236fdd 1212 struct request_sock *req,
1da177e4
LT		 1213 struct dst_entry *dst)
1214{
2e6599cb 1215 struct tcp6_request_sock *treq = tcp6_rsk(req);
1da177e4
LT		 1216 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1217 struct tcp6_sock *newtcp6sk;
1218 struct inet_sock *newinet;
1219 struct tcp_sock *newtp;
1220 struct sock *newsk;
1221 struct ipv6_txoptions *opt;
1222
1223 if (skb->protocol == htons(ETH_P_IP)) {
1224 /*
1225 * v6 mapped
1226 */
1227
1228 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1229
1230 if (newsk == NULL)
1231 return NULL;
1232
1233 newtcp6sk = (struct tcp6_sock *)newsk;
1234 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1235
1236 newinet = inet_sk(newsk);
1237 newnp = inet6_sk(newsk);
1238 newtp = tcp_sk(newsk);
1239
1240 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1241
1242 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
1243 newinet->daddr);
1244
1245 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
1246 newinet->saddr);
1247
1248 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1249
1250 newtp->af_specific = &ipv6_mapped;
1251 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1252 newnp->pktoptions = NULL;
1253 newnp->opt = NULL;
505cbfc5 1254 newnp->mcast_oif = inet6_iif(skb);
1da177e4
LT		 1255 newnp->mcast_hops = skb->nh.ipv6h->hop_limit;
1256
e6848976
ACM		 1257 /*
1258 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1259 * here, tcp_create_openreq_child now does this for us, see the comment in
1260 * that function for the gory details. -acme
1da177e4 1261 */
1da177e4
LT		 1262
1263 /* It is tricky place. Until this moment IPv4 tcp
1264 worked with IPv6 af_tcp.af_specific.
1265 Sync it now.
1266 */
1267 tcp_sync_mss(newsk, newtp->pmtu_cookie);
1268
1269 return newsk;
1270 }
1271
1272 opt = np->opt;
1273
1274 if (sk_acceptq_is_full(sk))
1275 goto out_overflow;
1276
333fad53 1277 if (np->rxopt.bits.osrcrt == 2 &&
2e6599cb
ACM		 1278 opt == NULL && treq->pktopts) {
1279 struct inet6_skb_parm *rxopt = IP6CB(treq->pktopts);
1da177e4 1280 if (rxopt->srcrt)
2e6599cb 1281 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr *)(treq->pktopts->nh.raw + rxopt->srcrt));
1da177e4
LT		 1282 }
1283
1284 if (dst == NULL) {
1285 struct in6_addr *final_p = NULL, final;
1286 struct flowi fl;
1287
1288 memset(&fl, 0, sizeof(fl));
1289 fl.proto = IPPROTO_TCP;
2e6599cb 1290 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1da177e4
LT		 1291 if (opt && opt->srcrt) {
1292 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
1293 ipv6_addr_copy(&final, &fl.fl6_dst);
1294 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1295 final_p = &final;
1296 }
2e6599cb 1297 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1da177e4 1298 fl.oif = sk->sk_bound_dev_if;
2e6599cb 1299 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1da177e4
LT		 1300 fl.fl_ip_sport = inet_sk(sk)->sport;
1301
1302 if (ip6_dst_lookup(sk, &dst, &fl))
1303 goto out;
1304
1305 if (final_p)
1306 ipv6_addr_copy(&fl.fl6_dst, final_p);
1307
1308 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
1309 goto out;
1310 }
1311
1312 newsk = tcp_create_openreq_child(sk, req, skb);
1313 if (newsk == NULL)
1314 goto out;
1315
e6848976
ACM		 1316 /*
1317 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1318 * count here, tcp_create_openreq_child now does this for us, see the
1319 * comment in that function for the gory details. -acme
1320 */
1da177e4
LT		 1321
1322 ip6_dst_store(newsk, dst, NULL);
1323 newsk->sk_route_caps = dst->dev->features &
1324 ~(NETIF_F_IP_CSUM | NETIF_F_TSO);
1325
1326 newtcp6sk = (struct tcp6_sock *)newsk;
1327 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1328
1329 newtp = tcp_sk(newsk);
1330 newinet = inet_sk(newsk);
1331 newnp = inet6_sk(newsk);
1332
1333 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1334
2e6599cb
ACM		 1335 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1336 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1337 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1338 newsk->sk_bound_dev_if = treq->iif;
1da177e4
LT		 1339
1340 /* Now IPv6 options...
1341
1342 First: no IPv4 options.
1343 */
1344 newinet->opt = NULL;
1345
1346 /* Clone RX bits */
1347 newnp->rxopt.all = np->rxopt.all;
1348
1349 /* Clone pktoptions received with SYN */
1350 newnp->pktoptions = NULL;
2e6599cb
ACM		 1351 if (treq->pktopts != NULL) {
1352 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1353 kfree_skb(treq->pktopts);
1354 treq->pktopts = NULL;
1da177e4
LT		 1355 if (newnp->pktoptions)
1356 skb_set_owner_r(newnp->pktoptions, newsk);
1357 }
1358 newnp->opt = NULL;
505cbfc5 1359 newnp->mcast_oif = inet6_iif(skb);
1da177e4
LT		 1360 newnp->mcast_hops = skb->nh.ipv6h->hop_limit;
1361
1362 /* Clone native IPv6 options from listening socket (if any)
1363
1364 Yes, keeping reference count would be much more clever,
1365 but we make one more one thing there: reattach optmem
1366 to newsk.
1367 */
1368 if (opt) {
1369 newnp->opt = ipv6_dup_options(newsk, opt);
1370 if (opt != np->opt)
1371 sock_kfree_s(sk, opt, opt->tot_len);
1372 }
1373
1374 newtp->ext_header_len = 0;
1375 if (newnp->opt)
1376 newtp->ext_header_len = newnp->opt->opt_nflen +
1377 newnp->opt->opt_flen;
1378
1379 tcp_sync_mss(newsk, dst_mtu(dst));
1380 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1381 tcp_initialize_rcv_mss(newsk);
1382
1383 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
1384
1385 __tcp_v6_hash(newsk);
2d8c4ce5 1386 inet_inherit_port(&tcp_hashinfo, sk, newsk);
1da177e4
LT		 1387
1388 return newsk;
1389
1390out_overflow:
1391 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
1392out:
1393 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
1394 if (opt && opt != np->opt)
1395 sock_kfree_s(sk, opt, opt->tot_len);
1396 dst_release(dst);
1397 return NULL;
1398}
1399
1400static int tcp_v6_checksum_init(struct sk_buff *skb)
1401{
1402 if (skb->ip_summed == CHECKSUM_HW) {
1da177e4 1403 if (!tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr,
fb286bb2
HX		 1404 &skb->nh.ipv6h->daddr,skb->csum)) {
1405 skb->ip_summed = CHECKSUM_UNNECESSARY;
1da177e4 1406 return 0;
fb286bb2 1407 }
1da177e4 1408 }
fb286bb2
HX		 1409
1410 skb->csum = ~tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr,
1411 &skb->nh.ipv6h->daddr, 0);
1412
1da177e4 1413 if (skb->len <= 76) {
fb286bb2 1414 return __skb_checksum_complete(skb);
1da177e4
LT		 1415 }
1416 return 0;
1417}
1418
1419/* The socket must have it's spinlock held when we get
1420 * here.
1421 *
1422 * We have a potential double-lock case here, so even when
1423 * doing backlog processing we use the BH locking scheme.
1424 * This is because we cannot sleep with the original spinlock
1425 * held.
1426 */
1427static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1428{
1429 struct ipv6_pinfo *np = inet6_sk(sk);
1430 struct tcp_sock *tp;
1431 struct sk_buff *opt_skb = NULL;
1432
1433 /* Imagine: socket is IPv6. IPv4 packet arrives,
1434 goes to IPv4 receive handler and backlogged.
1435 From backlog it always goes here. Kerboom...
1436 Fortunately, tcp_rcv_established and rcv_established
1437 handle them correctly, but it is not case with
1438 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1439 */
1440
1441 if (skb->protocol == htons(ETH_P_IP))
1442 return tcp_v4_do_rcv(sk, skb);
1443
1444 if (sk_filter(sk, skb, 0))
1445 goto discard;
1446
1447 /*
1448 * socket locking is here for SMP purposes as backlog rcv
1449 * is currently called with bh processing disabled.
1450 */
1451
1452 /* Do Stevens' IPV6_PKTOPTIONS.
1453
1454 Yes, guys, it is the only place in our code, where we
1455 may make it not affecting IPv4.
1456 The rest of code is protocol independent,
1457 and I do not like idea to uglify IPv4.
1458
1459 Actually, all the idea behind IPV6_PKTOPTIONS
1460 looks not very well thought. For now we latch
1461 options, received in the last packet, enqueued
1462 by tcp. Feel free to propose better solution.
1463 --ANK (980728)
1464 */
1465 if (np->rxopt.all)
1466 opt_skb = skb_clone(skb, GFP_ATOMIC);
1467
1468 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1469 TCP_CHECK_TIMER(sk);
1470 if (tcp_rcv_established(sk, skb, skb->h.th, skb->len))
1471 goto reset;
1472 TCP_CHECK_TIMER(sk);
1473 if (opt_skb)
1474 goto ipv6_pktoptions;
1475 return 0;
1476 }
1477
1478 if (skb->len < (skb->h.th->doff<<2) || tcp_checksum_complete(skb))
1479 goto csum_err;
1480
1481 if (sk->sk_state == TCP_LISTEN) {
1482 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1483 if (!nsk)
1484 goto discard;
1485
1486 /*
1487 * Queue it on the new socket if the new socket is active,
1488 * otherwise we just shortcircuit this and continue with
1489 * the new socket..
1490 */
1491 if(nsk != sk) {
1492 if (tcp_child_process(sk, nsk, skb))
1493 goto reset;
1494 if (opt_skb)
1495 __kfree_skb(opt_skb);
1496 return 0;
1497 }
1498 }
1499
1500 TCP_CHECK_TIMER(sk);
1501 if (tcp_rcv_state_process(sk, skb, skb->h.th, skb->len))
1502 goto reset;
1503 TCP_CHECK_TIMER(sk);
1504 if (opt_skb)
1505 goto ipv6_pktoptions;
1506 return 0;
1507
1508reset:
1509 tcp_v6_send_reset(skb);
1510discard:
1511 if (opt_skb)
1512 __kfree_skb(opt_skb);
1513 kfree_skb(skb);
1514 return 0;
1515csum_err:
1516 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1517 goto discard;
1518
1519
1520ipv6_pktoptions:
1521 /* Do you ask, what is it?
1522
1523 1. skb was enqueued by tcp.
1524 2. skb is added to tail of read queue, rather than out of order.
1525 3. socket is not in passive state.
1526 4. Finally, it really contains options, which user wants to receive.
1527 */
1528 tp = tcp_sk(sk);
1529 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1530 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
333fad53 1531 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
505cbfc5 1532 np->mcast_oif = inet6_iif(opt_skb);
333fad53 1533 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1da177e4
LT		 1534 np->mcast_hops = opt_skb->nh.ipv6h->hop_limit;
1535 if (ipv6_opt_accepted(sk, opt_skb)) {
1536 skb_set_owner_r(opt_skb, sk);
1537 opt_skb = xchg(&np->pktoptions, opt_skb);
1538 } else {
1539 __kfree_skb(opt_skb);
1540 opt_skb = xchg(&np->pktoptions, NULL);
1541 }
1542 }
1543
1544 if (opt_skb)
1545 kfree_skb(opt_skb);
1546 return 0;
1547}
1548
1549static int tcp_v6_rcv(struct sk_buff **pskb, unsigned int *nhoffp)
1550{
1551 struct sk_buff *skb = *pskb;
1552 struct tcphdr *th;
1553 struct sock *sk;
1554 int ret;
1555
1556 if (skb->pkt_type != PACKET_HOST)
1557 goto discard_it;
1558
1559 /*
1560 * Count it even if it's bad.
1561 */
1562 TCP_INC_STATS_BH(TCP_MIB_INSEGS);
1563
1564 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1565 goto discard_it;
1566
1567 th = skb->h.th;
1568
1569 if (th->doff < sizeof(struct tcphdr)/4)
1570 goto bad_packet;
1571 if (!pskb_may_pull(skb, th->doff*4))
1572 goto discard_it;
1573
1574 if ((skb->ip_summed != CHECKSUM_UNNECESSARY &&
fb286bb2 1575 tcp_v6_checksum_init(skb)))
1da177e4
LT		 1576 goto bad_packet;
1577
1578 th = skb->h.th;
1579 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1580 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1581 skb->len - th->doff*4);
1582 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1583 TCP_SKB_CB(skb)->when = 0;
1584 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(skb->nh.ipv6h);
1585 TCP_SKB_CB(skb)->sacked = 0;
1586
505cbfc5
ACM		 1587 sk = __inet6_lookup(&tcp_hashinfo, &skb->nh.ipv6h->saddr, th->source,
1588 &skb->nh.ipv6h->daddr, ntohs(th->dest),
1589 inet6_iif(skb));
1da177e4
LT		 1590
1591 if (!sk)
1592 goto no_tcp_socket;
1593
1594process:
1595 if (sk->sk_state == TCP_TIME_WAIT)
1596 goto do_time_wait;
1597
1598 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1599 goto discard_and_relse;
1600
1601 if (sk_filter(sk, skb, 0))
1602 goto discard_and_relse;
1603
1604 skb->dev = NULL;
1605
1606 bh_lock_sock(sk);
1607 ret = 0;
1608 if (!sock_owned_by_user(sk)) {
1609 if (!tcp_prequeue(sk, skb))
1610 ret = tcp_v6_do_rcv(sk, skb);
1611 } else
1612 sk_add_backlog(sk, skb);
1613 bh_unlock_sock(sk);
1614
1615 sock_put(sk);
1616 return ret ? -1 : 0;
1617
1618no_tcp_socket:
1619 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1620 goto discard_it;
1621
1622 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1623bad_packet:
1624 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1625 } else {
1626 tcp_v6_send_reset(skb);
1627 }
1628
1629discard_it:
1630
1631 /*
1632 * Discard frame
1633 */
1634
1635 kfree_skb(skb);
1636 return 0;
1637
1638discard_and_relse:
1639 sock_put(sk);
1640 goto discard_it;
1641
1642do_time_wait:
1643 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
8feaf0c0 1644 inet_twsk_put((struct inet_timewait_sock *)sk);
1da177e4
LT		 1645 goto discard_it;
1646 }
1647
1648 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1649 TCP_INC_STATS_BH(TCP_MIB_INERRS);
8feaf0c0 1650 inet_twsk_put((struct inet_timewait_sock *)sk);
1da177e4
LT		 1651 goto discard_it;
1652 }
1653
8feaf0c0
ACM		 1654 switch (tcp_timewait_state_process((struct inet_timewait_sock *)sk,
1655 skb, th)) {
1da177e4
LT		 1656 case TCP_TW_SYN:
1657 {
1658 struct sock *sk2;
1659
505cbfc5
ACM		 1660 sk2 = inet6_lookup_listener(&tcp_hashinfo,
1661 &skb->nh.ipv6h->daddr,
1662 ntohs(th->dest), inet6_iif(skb));
1da177e4 1663 if (sk2 != NULL) {
295ff7ed
ACM		 1664 struct inet_timewait_sock *tw = inet_twsk(sk);
1665 inet_twsk_deschedule(tw, &tcp_death_row);
1666 inet_twsk_put(tw);
1da177e4
LT		 1667 sk = sk2;
1668 goto process;
1669 }
1670 /* Fall through to ACK */
1671 }
1672 case TCP_TW_ACK:
1673 tcp_v6_timewait_ack(sk, skb);
1674 break;
1675 case TCP_TW_RST:
1676 goto no_tcp_socket;
1677 case TCP_TW_SUCCESS:;
1678 }
1679 goto discard_it;
1680}
1681
1682static int tcp_v6_rebuild_header(struct sock *sk)
1683{
1684 int err;
1685 struct dst_entry *dst;
1686 struct ipv6_pinfo *np = inet6_sk(sk);
1687
1688 dst = __sk_dst_check(sk, np->dst_cookie);
1689
1690 if (dst == NULL) {
1691 struct inet_sock *inet = inet_sk(sk);
1692 struct in6_addr *final_p = NULL, final;
1693 struct flowi fl;
1694
1695 memset(&fl, 0, sizeof(fl));
1696 fl.proto = IPPROTO_TCP;
1697 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
1698 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
1699 fl.fl6_flowlabel = np->flow_label;
1700 fl.oif = sk->sk_bound_dev_if;
1701 fl.fl_ip_dport = inet->dport;
1702 fl.fl_ip_sport = inet->sport;
1703
1704 if (np->opt && np->opt->srcrt) {
1705 struct rt0_hdr *rt0 = (struct rt0_hdr *) np->opt->srcrt;
1706 ipv6_addr_copy(&final, &fl.fl6_dst);
1707 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1708 final_p = &final;
1709 }
1710
1711 err = ip6_dst_lookup(sk, &dst, &fl);
1712 if (err) {
1713 sk->sk_route_caps = 0;
1714 return err;
1715 }
1716 if (final_p)
1717 ipv6_addr_copy(&fl.fl6_dst, final_p);
1718
1719 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
1720 sk->sk_err_soft = -err;
1da177e4
LT		 1721 return err;
1722 }
1723
1724 ip6_dst_store(sk, dst, NULL);
1725 sk->sk_route_caps = dst->dev->features &
1726 ~(NETIF_F_IP_CSUM | NETIF_F_TSO);
1727 }
1728
1729 return 0;
1730}
1731
1732static int tcp_v6_xmit(struct sk_buff *skb, int ipfragok)
1733{
1734 struct sock *sk = skb->sk;
1735 struct inet_sock *inet = inet_sk(sk);
1736 struct ipv6_pinfo *np = inet6_sk(sk);
1737 struct flowi fl;
1738 struct dst_entry *dst;
1739 struct in6_addr *final_p = NULL, final;
1740
1741 memset(&fl, 0, sizeof(fl));
1742 fl.proto = IPPROTO_TCP;
1743 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
1744 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
1745 fl.fl6_flowlabel = np->flow_label;
1746 IP6_ECN_flow_xmit(sk, fl.fl6_flowlabel);
1747 fl.oif = sk->sk_bound_dev_if;
1748 fl.fl_ip_sport = inet->sport;
1749 fl.fl_ip_dport = inet->dport;
1750
1751 if (np->opt && np->opt->srcrt) {
1752 struct rt0_hdr *rt0 = (struct rt0_hdr *) np->opt->srcrt;
1753 ipv6_addr_copy(&final, &fl.fl6_dst);
1754 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1755 final_p = &final;
1756 }
1757
1758 dst = __sk_dst_check(sk, np->dst_cookie);
1759
1760 if (dst == NULL) {
1761 int err = ip6_dst_lookup(sk, &dst, &fl);
1762
1763 if (err) {
1764 sk->sk_err_soft = -err;
1765 return err;
1766 }
1767
1768 if (final_p)
1769 ipv6_addr_copy(&fl.fl6_dst, final_p);
1770
1771 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
1772 sk->sk_route_caps = 0;
1da177e4
LT		 1773 return err;
1774 }
1775
1776 ip6_dst_store(sk, dst, NULL);
1777 sk->sk_route_caps = dst->dev->features &
1778 ~(NETIF_F_IP_CSUM | NETIF_F_TSO);
1779 }
1780
1781 skb->dst = dst_clone(dst);
1782
1783 /* Restore final destination back after routing done */
1784 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
1785
1786 return ip6_xmit(sk, skb, &fl, np->opt, 0);
1787}
1788
1789static void v6_addr2sockaddr(struct sock *sk, struct sockaddr * uaddr)
1790{
1791 struct ipv6_pinfo *np = inet6_sk(sk);
1792 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *) uaddr;
1793
1794 sin6->sin6_family = AF_INET6;
1795 ipv6_addr_copy(&sin6->sin6_addr, &np->daddr);
1796 sin6->sin6_port = inet_sk(sk)->dport;
1797 /* We do not store received flowlabel for TCP */
1798 sin6->sin6_flowinfo = 0;
1799 sin6->sin6_scope_id = 0;
1800 if (sk->sk_bound_dev_if &&
1801 ipv6_addr_type(&sin6->sin6_addr) & IPV6_ADDR_LINKLOCAL)
1802 sin6->sin6_scope_id = sk->sk_bound_dev_if;
1803}
1804
1805static int tcp_v6_remember_stamp(struct sock *sk)
1806{
1807 /* Alas, not yet... */
1808 return 0;
1809}
1810
1811static struct tcp_func ipv6_specific = {
1812 .queue_xmit = tcp_v6_xmit,
1813 .send_check = tcp_v6_send_check,
1814 .rebuild_header = tcp_v6_rebuild_header,
1815 .conn_request = tcp_v6_conn_request,
1816 .syn_recv_sock = tcp_v6_syn_recv_sock,
1817 .remember_stamp = tcp_v6_remember_stamp,
1818 .net_header_len = sizeof(struct ipv6hdr),
1819
1820 .setsockopt = ipv6_setsockopt,
1821 .getsockopt = ipv6_getsockopt,
1822 .addr2sockaddr = v6_addr2sockaddr,
1823 .sockaddr_len = sizeof(struct sockaddr_in6)
1824};
1825
1826/*
1827 * TCP over IPv4 via INET6 API
1828 */
1829
1830static struct tcp_func ipv6_mapped = {
1831 .queue_xmit = ip_queue_xmit,
1832 .send_check = tcp_v4_send_check,
32519f11 1833 .rebuild_header = inet_sk_rebuild_header,
1da177e4
LT		 1834 .conn_request = tcp_v6_conn_request,
1835 .syn_recv_sock = tcp_v6_syn_recv_sock,
1836 .remember_stamp = tcp_v4_remember_stamp,
1837 .net_header_len = sizeof(struct iphdr),
1838
1839 .setsockopt = ipv6_setsockopt,
1840 .getsockopt = ipv6_getsockopt,
1841 .addr2sockaddr = v6_addr2sockaddr,
1842 .sockaddr_len = sizeof(struct sockaddr_in6)
1843};
1844
1845
1846
1847/* NOTE: A lot of things set to zero explicitly by call to
1848 * sk_alloc() so need not be done here.
1849 */
1850static int tcp_v6_init_sock(struct sock *sk)
1851{
6687e988 1852 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4
LT		 1853 struct tcp_sock *tp = tcp_sk(sk);
1854
1855 skb_queue_head_init(&tp->out_of_order_queue);
1856 tcp_init_xmit_timers(sk);
1857 tcp_prequeue_init(tp);
1858
6687e988 1859 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1da177e4
LT		 1860 tp->mdev = TCP_TIMEOUT_INIT;
1861
1862 /* So many TCP implementations out there (incorrectly) count the
1863 * initial SYN frame in their delayed-ACK and congestion control
1864 * algorithms that we must have the following bandaid to talk
1865 * efficiently to them. -DaveM
1866 */
1867 tp->snd_cwnd = 2;
1868
1869 /* See draft-stevens-tcpca-spec-01 for discussion of the
1870 * initialization of these values.
1871 */
1872 tp->snd_ssthresh = 0x7fffffff;
1873 tp->snd_cwnd_clamp = ~0;
c1b4a7e6 1874 tp->mss_cache = 536;
1da177e4
LT		 1875
1876 tp->reordering = sysctl_tcp_reordering;
1877
1878 sk->sk_state = TCP_CLOSE;
1879
1880 tp->af_specific = &ipv6_specific;
6687e988 1881 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1da177e4
LT		 1882 sk->sk_write_space = sk_stream_write_space;
1883 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1884
1885 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1886 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1887
1888 atomic_inc(&tcp_sockets_allocated);
1889
1890 return 0;
1891}
1892
1893static int tcp_v6_destroy_sock(struct sock *sk)
1894{
1da177e4
LT		 1895 tcp_v4_destroy_sock(sk);
1896 return inet6_destroy_sock(sk);
1897}
1898
1899/* Proc filesystem TCPv6 sock list dumping. */
1900static void get_openreq6(struct seq_file *seq,
60236fdd 1901 struct sock *sk, struct request_sock *req, int i, int uid)
1da177e4
LT		 1902{
1903 struct in6_addr *dest, *src;
1904 int ttd = req->expires - jiffies;
1905
1906 if (ttd < 0)
1907 ttd = 0;
1908
2e6599cb
ACM		 1909 src = &tcp6_rsk(req)->loc_addr;
1910 dest = &tcp6_rsk(req)->rmt_addr;
1da177e4
LT		 1911 seq_printf(seq,
1912 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1913 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1914 i,
1915 src->s6_addr32[0], src->s6_addr32[1],
1916 src->s6_addr32[2], src->s6_addr32[3],
1917 ntohs(inet_sk(sk)->sport),
1918 dest->s6_addr32[0], dest->s6_addr32[1],
1919 dest->s6_addr32[2], dest->s6_addr32[3],
2e6599cb 1920 ntohs(inet_rsk(req)->rmt_port),
1da177e4
LT		 1921 TCP_SYN_RECV,
1922 0,0, /* could print option size, but that is af dependent. */
1923 1, /* timers active (only the expire timer) */
1924 jiffies_to_clock_t(ttd),
1925 req->retrans,
1926 uid,
1927 0, /* non standard timer */
1928 0, /* open_requests have no inode */
1929 0, req);
1930}
1931
1932static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1933{
1934 struct in6_addr *dest, *src;
1935 __u16 destp, srcp;
1936 int timer_active;
1937 unsigned long timer_expires;
1938 struct inet_sock *inet = inet_sk(sp);
1939 struct tcp_sock *tp = tcp_sk(sp);
463c84b9 1940 const struct inet_connection_sock *icsk = inet_csk(sp);
1da177e4
LT		 1941 struct ipv6_pinfo *np = inet6_sk(sp);
1942
1943 dest = &np->daddr;
1944 src = &np->rcv_saddr;
1945 destp = ntohs(inet->dport);
1946 srcp = ntohs(inet->sport);
463c84b9
ACM		 1947
1948 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1da177e4 1949 timer_active = 1;
463c84b9
ACM		 1950 timer_expires = icsk->icsk_timeout;
1951 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1da177e4 1952 timer_active = 4;
463c84b9 1953 timer_expires = icsk->icsk_timeout;
1da177e4
LT		 1954 } else if (timer_pending(&sp->sk_timer)) {
1955 timer_active = 2;
1956 timer_expires = sp->sk_timer.expires;
1957 } else {
1958 timer_active = 0;
1959 timer_expires = jiffies;
1960 }
1961
1962 seq_printf(seq,
1963 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1964 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d\n",
1965 i,
1966 src->s6_addr32[0], src->s6_addr32[1],
1967 src->s6_addr32[2], src->s6_addr32[3], srcp,
1968 dest->s6_addr32[0], dest->s6_addr32[1],
1969 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1970 sp->sk_state,
1971 tp->write_seq-tp->snd_una, tp->rcv_nxt-tp->copied_seq,
1972 timer_active,
1973 jiffies_to_clock_t(timer_expires - jiffies),
463c84b9 1974 icsk->icsk_retransmits,
1da177e4 1975 sock_i_uid(sp),
6687e988 1976 icsk->icsk_probes_out,
1da177e4
LT		 1977 sock_i_ino(sp),
1978 atomic_read(&sp->sk_refcnt), sp,
463c84b9
ACM		 1979 icsk->icsk_rto,
1980 icsk->icsk_ack.ato,
1981 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1da177e4
LT		 1982 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
1983 );
1984}
1985
1986static void get_timewait6_sock(struct seq_file *seq,
8feaf0c0 1987 struct inet_timewait_sock *tw, int i)
1da177e4
LT		 1988{
1989 struct in6_addr *dest, *src;
1990 __u16 destp, srcp;
8feaf0c0 1991 struct tcp6_timewait_sock *tcp6tw = tcp6_twsk((struct sock *)tw);
1da177e4
LT		 1992 int ttd = tw->tw_ttd - jiffies;
1993
1994 if (ttd < 0)
1995 ttd = 0;
1996
8feaf0c0
ACM		 1997 dest = &tcp6tw->tw_v6_daddr;
1998 src = &tcp6tw->tw_v6_rcv_saddr;
1da177e4
LT		 1999 destp = ntohs(tw->tw_dport);
2000 srcp = ntohs(tw->tw_sport);
2001
2002 seq_printf(seq,
2003 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2004 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
2005 i,
2006 src->s6_addr32[0], src->s6_addr32[1],
2007 src->s6_addr32[2], src->s6_addr32[3], srcp,
2008 dest->s6_addr32[0], dest->s6_addr32[1],
2009 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2010 tw->tw_substate, 0, 0,
2011 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2012 atomic_read(&tw->tw_refcnt), tw);
2013}
2014
2015#ifdef CONFIG_PROC_FS
2016static int tcp6_seq_show(struct seq_file *seq, void *v)
2017{
2018 struct tcp_iter_state *st;
2019
2020 if (v == SEQ_START_TOKEN) {
2021 seq_puts(seq,
2022 " sl "
2023 "local_address "
2024 "remote_address "
2025 "st tx_queue rx_queue tr tm->when retrnsmt"
2026 " uid timeout inode\n");
2027 goto out;
2028 }
2029 st = seq->private;
2030
2031 switch (st->state) {
2032 case TCP_SEQ_STATE_LISTENING:
2033 case TCP_SEQ_STATE_ESTABLISHED:
2034 get_tcp6_sock(seq, v, st->num);
2035 break;
2036 case TCP_SEQ_STATE_OPENREQ:
2037 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
2038 break;
2039 case TCP_SEQ_STATE_TIME_WAIT:
2040 get_timewait6_sock(seq, v, st->num);
2041 break;
2042 }
2043out:
2044 return 0;
2045}
2046
2047static struct file_operations tcp6_seq_fops;
2048static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2049 .owner = THIS_MODULE,
2050 .name = "tcp6",
2051 .family = AF_INET6,
2052 .seq_show = tcp6_seq_show,
2053 .seq_fops = &tcp6_seq_fops,
2054};
2055
2056int __init tcp6_proc_init(void)
2057{
2058 return tcp_proc_register(&tcp6_seq_afinfo);
2059}
2060
2061void tcp6_proc_exit(void)
2062{
2063 tcp_proc_unregister(&tcp6_seq_afinfo);
2064}
2065#endif
2066
2067struct proto tcpv6_prot = {
2068 .name = "TCPv6",
2069 .owner = THIS_MODULE,
2070 .close = tcp_close,
2071 .connect = tcp_v6_connect,
2072 .disconnect = tcp_disconnect,
463c84b9 2073 .accept = inet_csk_accept,
1da177e4
LT		 2074 .ioctl = tcp_ioctl,
2075 .init = tcp_v6_init_sock,
2076 .destroy = tcp_v6_destroy_sock,
2077 .shutdown = tcp_shutdown,
2078 .setsockopt = tcp_setsockopt,
2079 .getsockopt = tcp_getsockopt,
2080 .sendmsg = tcp_sendmsg,
2081 .recvmsg = tcp_recvmsg,
2082 .backlog_rcv = tcp_v6_do_rcv,
2083 .hash = tcp_v6_hash,
2084 .unhash = tcp_unhash,
2085 .get_port = tcp_v6_get_port,
2086 .enter_memory_pressure = tcp_enter_memory_pressure,
2087 .sockets_allocated = &tcp_sockets_allocated,
2088 .memory_allocated = &tcp_memory_allocated,
2089 .memory_pressure = &tcp_memory_pressure,
0a5578cf 2090 .orphan_count = &tcp_orphan_count,
1da177e4
LT		 2091 .sysctl_mem = sysctl_tcp_mem,
2092 .sysctl_wmem = sysctl_tcp_wmem,
2093 .sysctl_rmem = sysctl_tcp_rmem,
2094 .max_header = MAX_TCP_HEADER,
2095 .obj_size = sizeof(struct tcp6_sock),
8feaf0c0 2096 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
60236fdd 2097 .rsk_prot = &tcp6_request_sock_ops,
1da177e4
LT		 2098};
2099
2100static struct inet6_protocol tcpv6_protocol = {
2101 .handler = tcp_v6_rcv,
2102 .err_handler = tcp_v6_err,
2103 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2104};
2105
1da177e4
LT		 2106static struct inet_protosw tcpv6_protosw = {
2107 .type = SOCK_STREAM,
2108 .protocol = IPPROTO_TCP,
2109 .prot = &tcpv6_prot,
2110 .ops = &inet6_stream_ops,
2111 .capability = -1,
2112 .no_check = 0,
2113 .flags = INET_PROTOSW_PERMANENT,
2114};
2115
2116void __init tcpv6_init(void)
2117{
2118 /* register inet6 protocol */
2119 if (inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP) < 0)
2120 printk(KERN_ERR "tcpv6_init: Could not register protocol\n");
2121 inet6_register_protosw(&tcpv6_protosw);
2122}
Empty description
This page took 0.405398 seconds and 4 git commands to generate.