]> Git Repo - linux.git/blame_incremental - net/ipv6/ip6_output.c
projects / linux.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Revert "Merge branch 'ipv6-overflow-arith'"
[linux.git] / net / ipv6 / ip6_output.c
... / ...
CommitLineData
1/*
2 * IPv6 output functions
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <[email protected]>
7 *
8 * Based on linux/net/ipv4/ip_output.c
9 *
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version
13 * 2 of the License, or (at your option) any later version.
14 *
15 * Changes:
16 * A.N.Kuznetsov : airthmetics in fragmentation.
17 * extension headers are implemented.
18 * route changes now work.
19 * ip6_forward does not confuse sniffers.
20 * etc.
21 *
22 * H. von Brand : Added missing #include <linux/string.h>
23 * Imran Patel : frag id should be in NBO
24 * Kazunori MIYAZAWA @USAGI
25 * : add ip6_append_data and related functions
26 * for datagram xmit
27 */
28
29#include <linux/errno.h>
30#include <linux/kernel.h>
31#include <linux/string.h>
32#include <linux/socket.h>
33#include <linux/net.h>
34#include <linux/netdevice.h>
35#include <linux/if_arp.h>
36#include <linux/in6.h>
37#include <linux/tcp.h>
38#include <linux/route.h>
39#include <linux/module.h>
40#include <linux/slab.h>
41
42#include <linux/netfilter.h>
43#include <linux/netfilter_ipv6.h>
44
45#include <net/sock.h>
46#include <net/snmp.h>
47
48#include <net/ipv6.h>
49#include <net/ndisc.h>
50#include <net/protocol.h>
51#include <net/ip6_route.h>
52#include <net/addrconf.h>
53#include <net/rawv6.h>
54#include <net/icmp.h>
55#include <net/xfrm.h>
56#include <net/checksum.h>
57#include <linux/mroute6.h>
58
59static int ip6_finish_output2(struct sock *sk, struct sk_buff *skb)
60{
61 struct dst_entry *dst = skb_dst(skb);
62 struct net_device *dev = dst->dev;
63 struct neighbour *neigh;
64 struct in6_addr *nexthop;
65 int ret;
66
67 skb->protocol = htons(ETH_P_IPV6);
68 skb->dev = dev;
69
70 if (ipv6_addr_is_multicast(&ipv6_hdr(skb)->daddr)) {
71 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
72
73 if (!(dev->flags & IFF_LOOPBACK) && sk_mc_loop(sk) &&
74 ((mroute6_socket(dev_net(dev), skb) &&
75 !(IP6CB(skb)->flags & IP6SKB_FORWARDED)) ||
76 ipv6_chk_mcast_addr(dev, &ipv6_hdr(skb)->daddr,
77 &ipv6_hdr(skb)->saddr))) {
78 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
79
80 /* Do not check for IFF_ALLMULTI; multicast routing
81 is not supported in any case.
82 */
83 if (newskb)
84 NF_HOOK(NFPROTO_IPV6, NF_INET_POST_ROUTING,
85 sk, newskb, NULL, newskb->dev,
86 dev_loopback_xmit);
87
88 if (ipv6_hdr(skb)->hop_limit == 0) {
89 IP6_INC_STATS(dev_net(dev), idev,
90 IPSTATS_MIB_OUTDISCARDS);
91 kfree_skb(skb);
92 return 0;
93 }
94 }
95
96 IP6_UPD_PO_STATS(dev_net(dev), idev, IPSTATS_MIB_OUTMCAST,
97 skb->len);
98
99 if (IPV6_ADDR_MC_SCOPE(&ipv6_hdr(skb)->daddr) <=
100 IPV6_ADDR_SCOPE_NODELOCAL &&
101 !(dev->flags & IFF_LOOPBACK)) {
102 kfree_skb(skb);
103 return 0;
104 }
105 }
106
107 rcu_read_lock_bh();
108 nexthop = rt6_nexthop((struct rt6_info *)dst, &ipv6_hdr(skb)->daddr);
109 neigh = __ipv6_neigh_lookup_noref(dst->dev, nexthop);
110 if (unlikely(!neigh))
111 neigh = __neigh_create(&nd_tbl, nexthop, dst->dev, false);
112 if (!IS_ERR(neigh)) {
113 ret = dst_neigh_output(dst, neigh, skb);
114 rcu_read_unlock_bh();
115 return ret;
116 }
117 rcu_read_unlock_bh();
118
119 IP6_INC_STATS(dev_net(dst->dev),
120 ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);
121 kfree_skb(skb);
122 return -EINVAL;
123}
124
125static int ip6_finish_output(struct sock *sk, struct sk_buff *skb)
126{
127 if ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) ||
128 dst_allfrag(skb_dst(skb)) ||
129 (IP6CB(skb)->frag_max_size && skb->len > IP6CB(skb)->frag_max_size))
130 return ip6_fragment(sk, skb, ip6_finish_output2);
131 else
132 return ip6_finish_output2(sk, skb);
133}
134
135int ip6_output(struct sock *sk, struct sk_buff *skb)
136{
137 struct net_device *dev = skb_dst(skb)->dev;
138 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
139 if (unlikely(idev->cnf.disable_ipv6)) {
140 IP6_INC_STATS(dev_net(dev), idev,
141 IPSTATS_MIB_OUTDISCARDS);
142 kfree_skb(skb);
143 return 0;
144 }
145
146 return NF_HOOK_COND(NFPROTO_IPV6, NF_INET_POST_ROUTING, sk, skb,
147 NULL, dev,
148 ip6_finish_output,
149 !(IP6CB(skb)->flags & IP6SKB_REROUTED));
150}
151
152/*
153 * xmit an sk_buff (used by TCP, SCTP and DCCP)
154 */
155
156int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi6 *fl6,
157 struct ipv6_txoptions *opt, int tclass)
158{
159 struct net *net = sock_net(sk);
160 struct ipv6_pinfo *np = inet6_sk(sk);
161 struct in6_addr *first_hop = &fl6->daddr;
162 struct dst_entry *dst = skb_dst(skb);
163 struct ipv6hdr *hdr;
164 u8 proto = fl6->flowi6_proto;
165 int seg_len = skb->len;
166 int hlimit = -1;
167 u32 mtu;
168
169 if (opt) {
170 unsigned int head_room;
171
172 /* First: exthdrs may take lots of space (~8K for now)
173 MAX_HEADER is not enough.
174 */
175 head_room = opt->opt_nflen + opt->opt_flen;
176 seg_len += head_room;
177 head_room += sizeof(struct ipv6hdr) + LL_RESERVED_SPACE(dst->dev);
178
179 if (skb_headroom(skb) < head_room) {
180 struct sk_buff *skb2 = skb_realloc_headroom(skb, head_room);
181 if (!skb2) {
182 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
183 IPSTATS_MIB_OUTDISCARDS);
184 kfree_skb(skb);
185 return -ENOBUFS;
186 }
187 consume_skb(skb);
188 skb = skb2;
189 skb_set_owner_w(skb, sk);
190 }
191 if (opt->opt_flen)
192 ipv6_push_frag_opts(skb, opt, &proto);
193 if (opt->opt_nflen)
194 ipv6_push_nfrag_opts(skb, opt, &proto, &first_hop);
195 }
196
197 skb_push(skb, sizeof(struct ipv6hdr));
198 skb_reset_network_header(skb);
199 hdr = ipv6_hdr(skb);
200
201 /*
202 * Fill in the IPv6 header
203 */
204 if (np)
205 hlimit = np->hop_limit;
206 if (hlimit < 0)
207 hlimit = ip6_dst_hoplimit(dst);
208
209 ip6_flow_hdr(hdr, tclass, ip6_make_flowlabel(net, skb, fl6->flowlabel,
210 np->autoflowlabel, fl6));
211
212 hdr->payload_len = htons(seg_len);
213 hdr->nexthdr = proto;
214 hdr->hop_limit = hlimit;
215
216 hdr->saddr = fl6->saddr;
217 hdr->daddr = *first_hop;
218
219 skb->protocol = htons(ETH_P_IPV6);
220 skb->priority = sk->sk_priority;
221 skb->mark = sk->sk_mark;
222
223 mtu = dst_mtu(dst);
224 if ((skb->len <= mtu) || skb->ignore_df || skb_is_gso(skb)) {
225 IP6_UPD_PO_STATS(net, ip6_dst_idev(skb_dst(skb)),
226 IPSTATS_MIB_OUT, skb->len);
227 return NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, sk, skb,
228 NULL, dst->dev, dst_output_sk);
229 }
230
231 skb->dev = dst->dev;
232 ipv6_local_error(sk, EMSGSIZE, fl6, mtu);
233 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), IPSTATS_MIB_FRAGFAILS);
234 kfree_skb(skb);
235 return -EMSGSIZE;
236}
237EXPORT_SYMBOL(ip6_xmit);
238
239static int ip6_call_ra_chain(struct sk_buff *skb, int sel)
240{
241 struct ip6_ra_chain *ra;
242 struct sock *last = NULL;
243
244 read_lock(&ip6_ra_lock);
245 for (ra = ip6_ra_chain; ra; ra = ra->next) {
246 struct sock *sk = ra->sk;
247 if (sk && ra->sel == sel &&
248 (!sk->sk_bound_dev_if ||
249 sk->sk_bound_dev_if == skb->dev->ifindex)) {
250 if (last) {
251 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
252 if (skb2)
253 rawv6_rcv(last, skb2);
254 }
255 last = sk;
256 }
257 }
258
259 if (last) {
260 rawv6_rcv(last, skb);
261 read_unlock(&ip6_ra_lock);
262 return 1;
263 }
264 read_unlock(&ip6_ra_lock);
265 return 0;
266}
267
268static int ip6_forward_proxy_check(struct sk_buff *skb)
269{
270 struct ipv6hdr *hdr = ipv6_hdr(skb);
271 u8 nexthdr = hdr->nexthdr;
272 __be16 frag_off;
273 int offset;
274
275 if (ipv6_ext_hdr(nexthdr)) {
276 offset = ipv6_skip_exthdr(skb, sizeof(*hdr), &nexthdr, &frag_off);
277 if (offset < 0)
278 return 0;
279 } else
280 offset = sizeof(struct ipv6hdr);
281
282 if (nexthdr == IPPROTO_ICMPV6) {
283 struct icmp6hdr *icmp6;
284
285 if (!pskb_may_pull(skb, (skb_network_header(skb) +
286 offset + 1 - skb->data)))
287 return 0;
288
289 icmp6 = (struct icmp6hdr *)(skb_network_header(skb) + offset);
290
291 switch (icmp6->icmp6_type) {
292 case NDISC_ROUTER_SOLICITATION:
293 case NDISC_ROUTER_ADVERTISEMENT:
294 case NDISC_NEIGHBOUR_SOLICITATION:
295 case NDISC_NEIGHBOUR_ADVERTISEMENT:
296 case NDISC_REDIRECT:
297 /* For reaction involving unicast neighbor discovery
298 * message destined to the proxied address, pass it to
299 * input function.
300 */
301 return 1;
302 default:
303 break;
304 }
305 }
306
307 /*
308 * The proxying router can't forward traffic sent to a link-local
309 * address, so signal the sender and discard the packet. This
310 * behavior is clarified by the MIPv6 specification.
311 */
312 if (ipv6_addr_type(&hdr->daddr) & IPV6_ADDR_LINKLOCAL) {
313 dst_link_failure(skb);
314 return -1;
315 }
316
317 return 0;
318}
319
320static inline int ip6_forward_finish(struct sock *sk, struct sk_buff *skb)
321{
322 skb_sender_cpu_clear(skb);
323 return dst_output_sk(sk, skb);
324}
325
326static unsigned int ip6_dst_mtu_forward(const struct dst_entry *dst)
327{
328 unsigned int mtu;
329 struct inet6_dev *idev;
330
331 if (dst_metric_locked(dst, RTAX_MTU)) {
332 mtu = dst_metric_raw(dst, RTAX_MTU);
333 if (mtu)
334 return mtu;
335 }
336
337 mtu = IPV6_MIN_MTU;
338 rcu_read_lock();
339 idev = __in6_dev_get(dst->dev);
340 if (idev)
341 mtu = idev->cnf.mtu6;
342 rcu_read_unlock();
343
344 return mtu;
345}
346
347static bool ip6_pkt_too_big(const struct sk_buff *skb, unsigned int mtu)
348{
349 if (skb->len <= mtu)
350 return false;
351
352 /* ipv6 conntrack defrag sets max_frag_size + ignore_df */
353 if (IP6CB(skb)->frag_max_size && IP6CB(skb)->frag_max_size > mtu)
354 return true;
355
356 if (skb->ignore_df)
357 return false;
358
359 if (skb_is_gso(skb) && skb_gso_network_seglen(skb) <= mtu)
360 return false;
361
362 return true;
363}
364
365int ip6_forward(struct sk_buff *skb)
366{
367 struct dst_entry *dst = skb_dst(skb);
368 struct ipv6hdr *hdr = ipv6_hdr(skb);
369 struct inet6_skb_parm *opt = IP6CB(skb);
370 struct net *net = dev_net(dst->dev);
371 u32 mtu;
372
373 if (net->ipv6.devconf_all->forwarding == 0)
374 goto error;
375
376 if (skb->pkt_type != PACKET_HOST)
377 goto drop;
378
379 if (unlikely(skb->sk))
380 goto drop;
381
382 if (skb_warn_if_lro(skb))
383 goto drop;
384
385 if (!xfrm6_policy_check(NULL, XFRM_POLICY_FWD, skb)) {
386 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
387 IPSTATS_MIB_INDISCARDS);
388 goto drop;
389 }
390
391 skb_forward_csum(skb);
392
393 /*
394 * We DO NOT make any processing on
395 * RA packets, pushing them to user level AS IS
396 * without ane WARRANTY that application will be able
397 * to interpret them. The reason is that we
398 * cannot make anything clever here.
399 *
400 * We are not end-node, so that if packet contains
401 * AH/ESP, we cannot make anything.
402 * Defragmentation also would be mistake, RA packets
403 * cannot be fragmented, because there is no warranty
404 * that different fragments will go along one path. --ANK
405 */
406 if (unlikely(opt->flags & IP6SKB_ROUTERALERT)) {
407 if (ip6_call_ra_chain(skb, ntohs(opt->ra)))
408 return 0;
409 }
410
411 /*
412 * check and decrement ttl
413 */
414 if (hdr->hop_limit <= 1) {
415 /* Force OUTPUT device used as source address */
416 skb->dev = dst->dev;
417 icmpv6_send(skb, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT, 0);
418 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
419 IPSTATS_MIB_INHDRERRORS);
420
421 kfree_skb(skb);
422 return -ETIMEDOUT;
423 }
424
425 /* XXX: idev->cnf.proxy_ndp? */
426 if (net->ipv6.devconf_all->proxy_ndp &&
427 pneigh_lookup(&nd_tbl, net, &hdr->daddr, skb->dev, 0)) {
428 int proxied = ip6_forward_proxy_check(skb);
429 if (proxied > 0)
430 return ip6_input(skb);
431 else if (proxied < 0) {
432 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
433 IPSTATS_MIB_INDISCARDS);
434 goto drop;
435 }
436 }
437
438 if (!xfrm6_route_forward(skb)) {
439 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
440 IPSTATS_MIB_INDISCARDS);
441 goto drop;
442 }
443 dst = skb_dst(skb);
444
445 /* IPv6 specs say nothing about it, but it is clear that we cannot
446 send redirects to source routed frames.
447 We don't send redirects to frames decapsulated from IPsec.
448 */
449 if (skb->dev == dst->dev && opt->srcrt == 0 && !skb_sec_path(skb)) {
450 struct in6_addr *target = NULL;
451 struct inet_peer *peer;
452 struct rt6_info *rt;
453
454 /*
455 * incoming and outgoing devices are the same
456 * send a redirect.
457 */
458
459 rt = (struct rt6_info *) dst;
460 if (rt->rt6i_flags & RTF_GATEWAY)
461 target = &rt->rt6i_gateway;
462 else
463 target = &hdr->daddr;
464
465 peer = inet_getpeer_v6(net->ipv6.peers, &hdr->daddr, 1);
466
467 /* Limit redirects both by destination (here)
468 and by source (inside ndisc_send_redirect)
469 */
470 if (inet_peer_xrlim_allow(peer, 1*HZ))
471 ndisc_send_redirect(skb, target);
472 if (peer)
473 inet_putpeer(peer);
474 } else {
475 int addrtype = ipv6_addr_type(&hdr->saddr);
476
477 /* This check is security critical. */
478 if (addrtype == IPV6_ADDR_ANY ||
479 addrtype & (IPV6_ADDR_MULTICAST | IPV6_ADDR_LOOPBACK))
480 goto error;
481 if (addrtype & IPV6_ADDR_LINKLOCAL) {
482 icmpv6_send(skb, ICMPV6_DEST_UNREACH,
483 ICMPV6_NOT_NEIGHBOUR, 0);
484 goto error;
485 }
486 }
487
488 mtu = ip6_dst_mtu_forward(dst);
489 if (mtu < IPV6_MIN_MTU)
490 mtu = IPV6_MIN_MTU;
491
492 if (ip6_pkt_too_big(skb, mtu)) {
493 /* Again, force OUTPUT device used as source address */
494 skb->dev = dst->dev;
495 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
496 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
497 IPSTATS_MIB_INTOOBIGERRORS);
498 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
499 IPSTATS_MIB_FRAGFAILS);
500 kfree_skb(skb);
501 return -EMSGSIZE;
502 }
503
504 if (skb_cow(skb, dst->dev->hard_header_len)) {
505 IP6_INC_STATS_BH(net, ip6_dst_idev(dst),
506 IPSTATS_MIB_OUTDISCARDS);
507 goto drop;
508 }
509
510 hdr = ipv6_hdr(skb);
511
512 /* Mangling hops number delayed to point after skb COW */
513
514 hdr->hop_limit--;
515
516 IP6_INC_STATS_BH(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTFORWDATAGRAMS);
517 IP6_ADD_STATS_BH(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTOCTETS, skb->len);
518 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD, NULL, skb,
519 skb->dev, dst->dev,
520 ip6_forward_finish);
521
522error:
523 IP6_INC_STATS_BH(net, ip6_dst_idev(dst), IPSTATS_MIB_INADDRERRORS);
524drop:
525 kfree_skb(skb);
526 return -EINVAL;
527}
528
529static void ip6_copy_metadata(struct sk_buff *to, struct sk_buff *from)
530{
531 to->pkt_type = from->pkt_type;
532 to->priority = from->priority;
533 to->protocol = from->protocol;
534 skb_dst_drop(to);
535 skb_dst_set(to, dst_clone(skb_dst(from)));
536 to->dev = from->dev;
537 to->mark = from->mark;
538
539#ifdef CONFIG_NET_SCHED
540 to->tc_index = from->tc_index;
541#endif
542 nf_copy(to, from);
543 skb_copy_secmark(to, from);
544}
545
546int ip6_fragment(struct sock *sk, struct sk_buff *skb,
547 int (*output)(struct sock *, struct sk_buff *))
548{
549 struct sk_buff *frag;
550 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
551 struct ipv6_pinfo *np = skb->sk && !dev_recursion_level() ?
552 inet6_sk(skb->sk) : NULL;
553 struct ipv6hdr *tmp_hdr;
554 struct frag_hdr *fh;
555 unsigned int mtu, hlen, left, len;
556 int hroom, troom;
557 __be32 frag_id;
558 int ptr, offset = 0, err = 0;
559 u8 *prevhdr, nexthdr = 0;
560 struct net *net = dev_net(skb_dst(skb)->dev);
561
562 hlen = ip6_find_1stfragopt(skb, &prevhdr);
563 nexthdr = *prevhdr;
564
565 mtu = ip6_skb_dst_mtu(skb);
566
567 /* We must not fragment if the socket is set to force MTU discovery
568 * or if the skb it not generated by a local socket.
569 */
570 if (unlikely(!skb->ignore_df && skb->len > mtu))
571 goto fail_toobig;
572
573 if (IP6CB(skb)->frag_max_size) {
574 if (IP6CB(skb)->frag_max_size > mtu)
575 goto fail_toobig;
576
577 /* don't send fragments larger than what we received */
578 mtu = IP6CB(skb)->frag_max_size;
579 if (mtu < IPV6_MIN_MTU)
580 mtu = IPV6_MIN_MTU;
581 }
582
583 if (np && np->frag_size < mtu) {
584 if (np->frag_size)
585 mtu = np->frag_size;
586 }
587 mtu -= hlen + sizeof(struct frag_hdr);
588
589 frag_id = ipv6_select_ident(net, &ipv6_hdr(skb)->daddr,
590 &ipv6_hdr(skb)->saddr);
591
592 hroom = LL_RESERVED_SPACE(rt->dst.dev);
593 if (skb_has_frag_list(skb)) {
594 int first_len = skb_pagelen(skb);
595 struct sk_buff *frag2;
596
597 if (first_len - hlen > mtu ||
598 ((first_len - hlen) & 7) ||
599 skb_cloned(skb) ||
600 skb_headroom(skb) < (hroom + sizeof(struct frag_hdr)))
601 goto slow_path;
602
603 skb_walk_frags(skb, frag) {
604 /* Correct geometry. */
605 if (frag->len > mtu ||
606 ((frag->len & 7) && frag->next) ||
607 skb_headroom(frag) < (hlen + hroom + sizeof(struct frag_hdr)))
608 goto slow_path_clean;
609
610 /* Partially cloned skb? */
611 if (skb_shared(frag))
612 goto slow_path_clean;
613
614 BUG_ON(frag->sk);
615 if (skb->sk) {
616 frag->sk = skb->sk;
617 frag->destructor = sock_wfree;
618 }
619 skb->truesize -= frag->truesize;
620 }
621
622 err = 0;
623 offset = 0;
624 /* BUILD HEADER */
625
626 *prevhdr = NEXTHDR_FRAGMENT;
627 tmp_hdr = kmemdup(skb_network_header(skb), hlen, GFP_ATOMIC);
628 if (!tmp_hdr) {
629 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
630 IPSTATS_MIB_FRAGFAILS);
631 err = -ENOMEM;
632 goto fail;
633 }
634 frag = skb_shinfo(skb)->frag_list;
635 skb_frag_list_init(skb);
636
637 __skb_pull(skb, hlen);
638 fh = (struct frag_hdr *)__skb_push(skb, sizeof(struct frag_hdr));
639 __skb_push(skb, hlen);
640 skb_reset_network_header(skb);
641 memcpy(skb_network_header(skb), tmp_hdr, hlen);
642
643 fh->nexthdr = nexthdr;
644 fh->reserved = 0;
645 fh->frag_off = htons(IP6_MF);
646 fh->identification = frag_id;
647
648 first_len = skb_pagelen(skb);
649 skb->data_len = first_len - skb_headlen(skb);
650 skb->len = first_len;
651 ipv6_hdr(skb)->payload_len = htons(first_len -
652 sizeof(struct ipv6hdr));
653
654 dst_hold(&rt->dst);
655
656 for (;;) {
657 /* Prepare header of the next frame,
658 * before previous one went down. */
659 if (frag) {
660 frag->ip_summed = CHECKSUM_NONE;
661 skb_reset_transport_header(frag);
662 fh = (struct frag_hdr *)__skb_push(frag, sizeof(struct frag_hdr));
663 __skb_push(frag, hlen);
664 skb_reset_network_header(frag);
665 memcpy(skb_network_header(frag), tmp_hdr,
666 hlen);
667 offset += skb->len - hlen - sizeof(struct frag_hdr);
668 fh->nexthdr = nexthdr;
669 fh->reserved = 0;
670 fh->frag_off = htons(offset);
671 if (frag->next)
672 fh->frag_off |= htons(IP6_MF);
673 fh->identification = frag_id;
674 ipv6_hdr(frag)->payload_len =
675 htons(frag->len -
676 sizeof(struct ipv6hdr));
677 ip6_copy_metadata(frag, skb);
678 }
679
680 err = output(sk, skb);
681 if (!err)
682 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
683 IPSTATS_MIB_FRAGCREATES);
684
685 if (err || !frag)
686 break;
687
688 skb = frag;
689 frag = skb->next;
690 skb->next = NULL;
691 }
692
693 kfree(tmp_hdr);
694
695 if (err == 0) {
696 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
697 IPSTATS_MIB_FRAGOKS);
698 ip6_rt_put(rt);
699 return 0;
700 }
701
702 kfree_skb_list(frag);
703
704 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
705 IPSTATS_MIB_FRAGFAILS);
706 ip6_rt_put(rt);
707 return err;
708
709slow_path_clean:
710 skb_walk_frags(skb, frag2) {
711 if (frag2 == frag)
712 break;
713 frag2->sk = NULL;
714 frag2->destructor = NULL;
715 skb->truesize += frag2->truesize;
716 }
717 }
718
719slow_path:
720 if ((skb->ip_summed == CHECKSUM_PARTIAL) &&
721 skb_checksum_help(skb))
722 goto fail;
723
724 left = skb->len - hlen; /* Space per frame */
725 ptr = hlen; /* Where to start from */
726
727 /*
728 * Fragment the datagram.
729 */
730
731 *prevhdr = NEXTHDR_FRAGMENT;
732 troom = rt->dst.dev->needed_tailroom;
733
734 /*
735 * Keep copying data until we run out.
736 */
737 while (left > 0) {
738 len = left;
739 /* IF: it doesn't fit, use 'mtu' - the data space left */
740 if (len > mtu)
741 len = mtu;
742 /* IF: we are not sending up to and including the packet end
743 then align the next start on an eight byte boundary */
744 if (len < left) {
745 len &= ~7;
746 }
747
748 /* Allocate buffer */
749 frag = alloc_skb(len + hlen + sizeof(struct frag_hdr) +
750 hroom + troom, GFP_ATOMIC);
751 if (!frag) {
752 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
753 IPSTATS_MIB_FRAGFAILS);
754 err = -ENOMEM;
755 goto fail;
756 }
757
758 /*
759 * Set up data on packet
760 */
761
762 ip6_copy_metadata(frag, skb);
763 skb_reserve(frag, hroom);
764 skb_put(frag, len + hlen + sizeof(struct frag_hdr));
765 skb_reset_network_header(frag);
766 fh = (struct frag_hdr *)(skb_network_header(frag) + hlen);
767 frag->transport_header = (frag->network_header + hlen +
768 sizeof(struct frag_hdr));
769
770 /*
771 * Charge the memory for the fragment to any owner
772 * it might possess
773 */
774 if (skb->sk)
775 skb_set_owner_w(frag, skb->sk);
776
777 /*
778 * Copy the packet header into the new buffer.
779 */
780 skb_copy_from_linear_data(skb, skb_network_header(frag), hlen);
781
782 /*
783 * Build fragment header.
784 */
785 fh->nexthdr = nexthdr;
786 fh->reserved = 0;
787 fh->identification = frag_id;
788
789 /*
790 * Copy a block of the IP datagram.
791 */
792 BUG_ON(skb_copy_bits(skb, ptr, skb_transport_header(frag),
793 len));
794 left -= len;
795
796 fh->frag_off = htons(offset);
797 if (left > 0)
798 fh->frag_off |= htons(IP6_MF);
799 ipv6_hdr(frag)->payload_len = htons(frag->len -
800 sizeof(struct ipv6hdr));
801
802 ptr += len;
803 offset += len;
804
805 /*
806 * Put this fragment into the sending queue.
807 */
808 err = output(sk, frag);
809 if (err)
810 goto fail;
811
812 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
813 IPSTATS_MIB_FRAGCREATES);
814 }
815 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
816 IPSTATS_MIB_FRAGOKS);
817 consume_skb(skb);
818 return err;
819
820fail_toobig:
821 if (skb->sk && dst_allfrag(skb_dst(skb)))
822 sk_nocaps_add(skb->sk, NETIF_F_GSO_MASK);
823
824 skb->dev = skb_dst(skb)->dev;
825 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
826 err = -EMSGSIZE;
827
828fail:
829 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
830 IPSTATS_MIB_FRAGFAILS);
831 kfree_skb(skb);
832 return err;
833}
834
835static inline int ip6_rt_check(const struct rt6key *rt_key,
836 const struct in6_addr *fl_addr,
837 const struct in6_addr *addr_cache)
838{
839 return (rt_key->plen != 128 || !ipv6_addr_equal(fl_addr, &rt_key->addr)) &&
840 (!addr_cache || !ipv6_addr_equal(fl_addr, addr_cache));
841}
842
843static struct dst_entry *ip6_sk_dst_check(struct sock *sk,
844 struct dst_entry *dst,
845 const struct flowi6 *fl6)
846{
847 struct ipv6_pinfo *np = inet6_sk(sk);
848 struct rt6_info *rt;
849
850 if (!dst)
851 goto out;
852
853 if (dst->ops->family != AF_INET6) {
854 dst_release(dst);
855 return NULL;
856 }
857
858 rt = (struct rt6_info *)dst;
859 /* Yes, checking route validity in not connected
860 * case is not very simple. Take into account,
861 * that we do not support routing by source, TOS,
862 * and MSG_DONTROUTE --ANK (980726)
863 *
864 * 1. ip6_rt_check(): If route was host route,
865 * check that cached destination is current.
866 * If it is network route, we still may
867 * check its validity using saved pointer
868 * to the last used address: daddr_cache.
869 * We do not want to save whole address now,
870 * (because main consumer of this service
871 * is tcp, which has not this problem),
872 * so that the last trick works only on connected
873 * sockets.
874 * 2. oif also should be the same.
875 */
876 if (ip6_rt_check(&rt->rt6i_dst, &fl6->daddr, np->daddr_cache) ||
877#ifdef CONFIG_IPV6_SUBTREES
878 ip6_rt_check(&rt->rt6i_src, &fl6->saddr, np->saddr_cache) ||
879#endif
880 (!(fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF) &&
881 (fl6->flowi6_oif && fl6->flowi6_oif != dst->dev->ifindex))) {
882 dst_release(dst);
883 dst = NULL;
884 }
885
886out:
887 return dst;
888}
889
890static int ip6_dst_lookup_tail(struct net *net, struct sock *sk,
891 struct dst_entry **dst, struct flowi6 *fl6)
892{
893#ifdef CONFIG_IPV6_OPTIMISTIC_DAD
894 struct neighbour *n;
895 struct rt6_info *rt;
896#endif
897 int err;
898
899 /* The correct way to handle this would be to do
900 * ip6_route_get_saddr, and then ip6_route_output; however,
901 * the route-specific preferred source forces the
902 * ip6_route_output call _before_ ip6_route_get_saddr.
903 *
904 * In source specific routing (no src=any default route),
905 * ip6_route_output will fail given src=any saddr, though, so
906 * that's why we try it again later.
907 */
908 if (ipv6_addr_any(&fl6->saddr) && (!*dst || !(*dst)->error)) {
909 struct rt6_info *rt;
910 bool had_dst = *dst != NULL;
911
912 if (!had_dst)
913 *dst = ip6_route_output(net, sk, fl6);
914 rt = (*dst)->error ? NULL : (struct rt6_info *)*dst;
915 err = ip6_route_get_saddr(net, rt, &fl6->daddr,
916 sk ? inet6_sk(sk)->srcprefs : 0,
917 &fl6->saddr);
918 if (err)
919 goto out_err_release;
920
921 /* If we had an erroneous initial result, pretend it
922 * never existed and let the SA-enabled version take
923 * over.
924 */
925 if (!had_dst && (*dst)->error) {
926 dst_release(*dst);
927 *dst = NULL;
928 }
929 }
930
931 if (!*dst)
932 *dst = ip6_route_output(net, sk, fl6);
933
934 err = (*dst)->error;
935 if (err)
936 goto out_err_release;
937
938#ifdef CONFIG_IPV6_OPTIMISTIC_DAD
939 /*
940 * Here if the dst entry we've looked up
941 * has a neighbour entry that is in the INCOMPLETE
942 * state and the src address from the flow is
943 * marked as OPTIMISTIC, we release the found
944 * dst entry and replace it instead with the
945 * dst entry of the nexthop router
946 */
947 rt = (struct rt6_info *) *dst;
948 rcu_read_lock_bh();
949 n = __ipv6_neigh_lookup_noref(rt->dst.dev,
950 rt6_nexthop(rt, &fl6->daddr));
951 err = n && !(n->nud_state & NUD_VALID) ? -EINVAL : 0;
952 rcu_read_unlock_bh();
953
954 if (err) {
955 struct inet6_ifaddr *ifp;
956 struct flowi6 fl_gw6;
957 int redirect;
958
959 ifp = ipv6_get_ifaddr(net, &fl6->saddr,
960 (*dst)->dev, 1);
961
962 redirect = (ifp && ifp->flags & IFA_F_OPTIMISTIC);
963 if (ifp)
964 in6_ifa_put(ifp);
965
966 if (redirect) {
967 /*
968 * We need to get the dst entry for the
969 * default router instead
970 */
971 dst_release(*dst);
972 memcpy(&fl_gw6, fl6, sizeof(struct flowi6));
973 memset(&fl_gw6.daddr, 0, sizeof(struct in6_addr));
974 *dst = ip6_route_output(net, sk, &fl_gw6);
975 err = (*dst)->error;
976 if (err)
977 goto out_err_release;
978 }
979 }
980#endif
981
982 return 0;
983
984out_err_release:
985 if (err == -ENETUNREACH)
986 IP6_INC_STATS(net, NULL, IPSTATS_MIB_OUTNOROUTES);
987 dst_release(*dst);
988 *dst = NULL;
989 return err;
990}
991
992/**
993 * ip6_dst_lookup - perform route lookup on flow
994 * @sk: socket which provides route info
995 * @dst: pointer to dst_entry * for result
996 * @fl6: flow to lookup
997 *
998 * This function performs a route lookup on the given flow.
999 *
1000 * It returns zero on success, or a standard errno code on error.
1001 */
1002int ip6_dst_lookup(struct net *net, struct sock *sk, struct dst_entry **dst,
1003 struct flowi6 *fl6)
1004{
1005 *dst = NULL;
1006 return ip6_dst_lookup_tail(net, sk, dst, fl6);
1007}
1008EXPORT_SYMBOL_GPL(ip6_dst_lookup);
1009
1010/**
1011 * ip6_dst_lookup_flow - perform route lookup on flow with ipsec
1012 * @sk: socket which provides route info
1013 * @fl6: flow to lookup
1014 * @final_dst: final destination address for ipsec lookup
1015 *
1016 * This function performs a route lookup on the given flow.
1017 *
1018 * It returns a valid dst pointer on success, or a pointer encoded
1019 * error code.
1020 */
1021struct dst_entry *ip6_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1022 const struct in6_addr *final_dst)
1023{
1024 struct dst_entry *dst = NULL;
1025 int err;
1026
1027 err = ip6_dst_lookup_tail(sock_net(sk), sk, &dst, fl6);
1028 if (err)
1029 return ERR_PTR(err);
1030 if (final_dst)
1031 fl6->daddr = *final_dst;
1032 if (!fl6->flowi6_oif)
1033 fl6->flowi6_oif = dst->dev->ifindex;
1034
1035 return xfrm_lookup_route(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0);
1036}
1037EXPORT_SYMBOL_GPL(ip6_dst_lookup_flow);
1038
1039/**
1040 * ip6_sk_dst_lookup_flow - perform socket cached route lookup on flow
1041 * @sk: socket which provides the dst cache and route info
1042 * @fl6: flow to lookup
1043 * @final_dst: final destination address for ipsec lookup
1044 *
1045 * This function performs a route lookup on the given flow with the
1046 * possibility of using the cached route in the socket if it is valid.
1047 * It will take the socket dst lock when operating on the dst cache.
1048 * As a result, this function can only be used in process context.
1049 *
1050 * It returns a valid dst pointer on success, or a pointer encoded
1051 * error code.
1052 */
1053struct dst_entry *ip6_sk_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1054 const struct in6_addr *final_dst)
1055{
1056 struct dst_entry *dst = sk_dst_check(sk, inet6_sk(sk)->dst_cookie);
1057 int err;
1058
1059 dst = ip6_sk_dst_check(sk, dst, fl6);
1060
1061 err = ip6_dst_lookup_tail(sock_net(sk), sk, &dst, fl6);
1062 if (err)
1063 return ERR_PTR(err);
1064 if (final_dst)
1065 fl6->daddr = *final_dst;
1066
1067 return xfrm_lookup_route(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0);
1068}
1069EXPORT_SYMBOL_GPL(ip6_sk_dst_lookup_flow);
1070
1071static inline int ip6_ufo_append_data(struct sock *sk,
1072 struct sk_buff_head *queue,
1073 int getfrag(void *from, char *to, int offset, int len,
1074 int odd, struct sk_buff *skb),
1075 void *from, int length, int hh_len, int fragheaderlen,
1076 int transhdrlen, int mtu, unsigned int flags,
1077 const struct flowi6 *fl6)
1078
1079{
1080 struct sk_buff *skb;
1081 int err;
1082
1083 /* There is support for UDP large send offload by network
1084 * device, so create one single skb packet containing complete
1085 * udp datagram
1086 */
1087 skb = skb_peek_tail(queue);
1088 if (!skb) {
1089 skb = sock_alloc_send_skb(sk,
1090 hh_len + fragheaderlen + transhdrlen + 20,
1091 (flags & MSG_DONTWAIT), &err);
1092 if (!skb)
1093 return err;
1094
1095 /* reserve space for Hardware header */
1096 skb_reserve(skb, hh_len);
1097
1098 /* create space for UDP/IP header */
1099 skb_put(skb, fragheaderlen + transhdrlen);
1100
1101 /* initialize network header pointer */
1102 skb_reset_network_header(skb);
1103
1104 /* initialize protocol header pointer */
1105 skb->transport_header = skb->network_header + fragheaderlen;
1106
1107 skb->protocol = htons(ETH_P_IPV6);
1108 skb->csum = 0;
1109
1110 __skb_queue_tail(queue, skb);
1111 } else if (skb_is_gso(skb)) {
1112 goto append;
1113 }
1114
1115 skb->ip_summed = CHECKSUM_PARTIAL;
1116 /* Specify the length of each IPv6 datagram fragment.
1117 * It has to be a multiple of 8.
1118 */
1119 skb_shinfo(skb)->gso_size = (mtu - fragheaderlen -
1120 sizeof(struct frag_hdr)) & ~7;
1121 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
1122 skb_shinfo(skb)->ip6_frag_id = ipv6_select_ident(sock_net(sk),
1123 &fl6->daddr,
1124 &fl6->saddr);
1125
1126append:
1127 return skb_append_datato_frags(sk, skb, getfrag, from,
1128 (length - transhdrlen));
1129}
1130
1131static inline struct ipv6_opt_hdr *ip6_opt_dup(struct ipv6_opt_hdr *src,
1132 gfp_t gfp)
1133{
1134 return src ? kmemdup(src, (src->hdrlen + 1) * 8, gfp) : NULL;
1135}
1136
1137static inline struct ipv6_rt_hdr *ip6_rthdr_dup(struct ipv6_rt_hdr *src,
1138 gfp_t gfp)
1139{
1140 return src ? kmemdup(src, (src->hdrlen + 1) * 8, gfp) : NULL;
1141}
1142
1143static void ip6_append_data_mtu(unsigned int *mtu,
1144 int *maxfraglen,
1145 unsigned int fragheaderlen,
1146 struct sk_buff *skb,
1147 struct rt6_info *rt,
1148 unsigned int orig_mtu)
1149{
1150 if (!(rt->dst.flags & DST_XFRM_TUNNEL)) {
1151 if (!skb) {
1152 /* first fragment, reserve header_len */
1153 *mtu = orig_mtu - rt->dst.header_len;
1154
1155 } else {
1156 /*
1157 * this fragment is not first, the headers
1158 * space is regarded as data space.
1159 */
1160 *mtu = orig_mtu;
1161 }
1162 *maxfraglen = ((*mtu - fragheaderlen) & ~7)
1163 + fragheaderlen - sizeof(struct frag_hdr);
1164 }
1165}
1166
1167static int ip6_setup_cork(struct sock *sk, struct inet_cork_full *cork,
1168 struct inet6_cork *v6_cork,
1169 int hlimit, int tclass, struct ipv6_txoptions *opt,
1170 struct rt6_info *rt, struct flowi6 *fl6)
1171{
1172 struct ipv6_pinfo *np = inet6_sk(sk);
1173 unsigned int mtu;
1174
1175 /*
1176 * setup for corking
1177 */
1178 if (opt) {
1179 if (WARN_ON(v6_cork->opt))
1180 return -EINVAL;
1181
1182 v6_cork->opt = kzalloc(opt->tot_len, sk->sk_allocation);
1183 if (unlikely(!v6_cork->opt))
1184 return -ENOBUFS;
1185
1186 v6_cork->opt->tot_len = opt->tot_len;
1187 v6_cork->opt->opt_flen = opt->opt_flen;
1188 v6_cork->opt->opt_nflen = opt->opt_nflen;
1189
1190 v6_cork->opt->dst0opt = ip6_opt_dup(opt->dst0opt,
1191 sk->sk_allocation);
1192 if (opt->dst0opt && !v6_cork->opt->dst0opt)
1193 return -ENOBUFS;
1194
1195 v6_cork->opt->dst1opt = ip6_opt_dup(opt->dst1opt,
1196 sk->sk_allocation);
1197 if (opt->dst1opt && !v6_cork->opt->dst1opt)
1198 return -ENOBUFS;
1199
1200 v6_cork->opt->hopopt = ip6_opt_dup(opt->hopopt,
1201 sk->sk_allocation);
1202 if (opt->hopopt && !v6_cork->opt->hopopt)
1203 return -ENOBUFS;
1204
1205 v6_cork->opt->srcrt = ip6_rthdr_dup(opt->srcrt,
1206 sk->sk_allocation);
1207 if (opt->srcrt && !v6_cork->opt->srcrt)
1208 return -ENOBUFS;
1209
1210 /* need source address above miyazawa*/
1211 }
1212 dst_hold(&rt->dst);
1213 cork->base.dst = &rt->dst;
1214 cork->fl.u.ip6 = *fl6;
1215 v6_cork->hop_limit = hlimit;
1216 v6_cork->tclass = tclass;
1217 if (rt->dst.flags & DST_XFRM_TUNNEL)
1218 mtu = np->pmtudisc >= IPV6_PMTUDISC_PROBE ?
1219 rt->dst.dev->mtu : dst_mtu(&rt->dst);
1220 else
1221 mtu = np->pmtudisc >= IPV6_PMTUDISC_PROBE ?
1222 rt->dst.dev->mtu : dst_mtu(rt->dst.path);
1223 if (np->frag_size < mtu) {
1224 if (np->frag_size)
1225 mtu = np->frag_size;
1226 }
1227 cork->base.fragsize = mtu;
1228 if (dst_allfrag(rt->dst.path))
1229 cork->base.flags |= IPCORK_ALLFRAG;
1230 cork->base.length = 0;
1231
1232 return 0;
1233}
1234
1235static int __ip6_append_data(struct sock *sk,
1236 struct flowi6 *fl6,
1237 struct sk_buff_head *queue,
1238 struct inet_cork *cork,
1239 struct inet6_cork *v6_cork,
1240 struct page_frag *pfrag,
1241 int getfrag(void *from, char *to, int offset,
1242 int len, int odd, struct sk_buff *skb),
1243 void *from, int length, int transhdrlen,
1244 unsigned int flags, int dontfrag)
1245{
1246 struct sk_buff *skb, *skb_prev = NULL;
1247 unsigned int maxfraglen, fragheaderlen, mtu, orig_mtu;
1248 int exthdrlen = 0;
1249 int dst_exthdrlen = 0;
1250 int hh_len;
1251 int copy;
1252 int err;
1253 int offset = 0;
1254 __u8 tx_flags = 0;
1255 u32 tskey = 0;
1256 struct rt6_info *rt = (struct rt6_info *)cork->dst;
1257 struct ipv6_txoptions *opt = v6_cork->opt;
1258 int csummode = CHECKSUM_NONE;
1259
1260 skb = skb_peek_tail(queue);
1261 if (!skb) {
1262 exthdrlen = opt ? opt->opt_flen : 0;
1263 dst_exthdrlen = rt->dst.header_len - rt->rt6i_nfheader_len;
1264 }
1265
1266 mtu = cork->fragsize;
1267 orig_mtu = mtu;
1268
1269 hh_len = LL_RESERVED_SPACE(rt->dst.dev);
1270
1271 fragheaderlen = sizeof(struct ipv6hdr) + rt->rt6i_nfheader_len +
1272 (opt ? opt->opt_nflen : 0);
1273 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen -
1274 sizeof(struct frag_hdr);
1275
1276 if (mtu <= sizeof(struct ipv6hdr) + IPV6_MAXPLEN) {
1277 unsigned int maxnonfragsize, headersize;
1278
1279 headersize = sizeof(struct ipv6hdr) +
1280 (opt ? opt->opt_flen + opt->opt_nflen : 0) +
1281 (dst_allfrag(&rt->dst) ?
1282 sizeof(struct frag_hdr) : 0) +
1283 rt->rt6i_nfheader_len;
1284
1285 if (ip6_sk_ignore_df(sk))
1286 maxnonfragsize = sizeof(struct ipv6hdr) + IPV6_MAXPLEN;
1287 else
1288 maxnonfragsize = mtu;
1289
1290 /* dontfrag active */
1291 if ((cork->length + length > mtu - headersize) && dontfrag &&
1292 (sk->sk_protocol == IPPROTO_UDP ||
1293 sk->sk_protocol == IPPROTO_RAW)) {
1294 ipv6_local_rxpmtu(sk, fl6, mtu - headersize +
1295 sizeof(struct ipv6hdr));
1296 goto emsgsize;
1297 }
1298
1299 if (cork->length + length > maxnonfragsize - headersize) {
1300emsgsize:
1301 ipv6_local_error(sk, EMSGSIZE, fl6,
1302 mtu - headersize +
1303 sizeof(struct ipv6hdr));
1304 return -EMSGSIZE;
1305 }
1306 }
1307
1308 if (sk->sk_type == SOCK_DGRAM || sk->sk_type == SOCK_RAW) {
1309 sock_tx_timestamp(sk, &tx_flags);
1310 if (tx_flags & SKBTX_ANY_SW_TSTAMP &&
1311 sk->sk_tsflags & SOF_TIMESTAMPING_OPT_ID)
1312 tskey = sk->sk_tskey++;
1313 }
1314
1315 /* If this is the first and only packet and device
1316 * supports checksum offloading, let's use it.
1317 * Use transhdrlen, same as IPv4, because partial
1318 * sums only work when transhdrlen is set.
1319 */
1320 if (transhdrlen && sk->sk_protocol == IPPROTO_UDP &&
1321 length + fragheaderlen < mtu &&
1322 rt->dst.dev->features & NETIF_F_V6_CSUM &&
1323 !exthdrlen)
1324 csummode = CHECKSUM_PARTIAL;
1325 /*
1326 * Let's try using as much space as possible.
1327 * Use MTU if total length of the message fits into the MTU.
1328 * Otherwise, we need to reserve fragment header and
1329 * fragment alignment (= 8-15 octects, in total).
1330 *
1331 * Note that we may need to "move" the data from the tail of
1332 * of the buffer to the new fragment when we split
1333 * the message.
1334 *
1335 * FIXME: It may be fragmented into multiple chunks
1336 * at once if non-fragmentable extension headers
1337 * are too large.
1338 * --yoshfuji
1339 */
1340
1341 cork->length += length;
1342 if (((length > mtu) ||
1343 (skb && skb_is_gso(skb))) &&
1344 (sk->sk_protocol == IPPROTO_UDP) &&
1345 (rt->dst.dev->features & NETIF_F_UFO) &&
1346 (sk->sk_type == SOCK_DGRAM)) {
1347 err = ip6_ufo_append_data(sk, queue, getfrag, from, length,
1348 hh_len, fragheaderlen,
1349 transhdrlen, mtu, flags, fl6);
1350 if (err)
1351 goto error;
1352 return 0;
1353 }
1354
1355 if (!skb)
1356 goto alloc_new_skb;
1357
1358 while (length > 0) {
1359 /* Check if the remaining data fits into current packet. */
1360 copy = (cork->length <= mtu && !(cork->flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - skb->len;
1361 if (copy < length)
1362 copy = maxfraglen - skb->len;
1363
1364 if (copy <= 0) {
1365 char *data;
1366 unsigned int datalen;
1367 unsigned int fraglen;
1368 unsigned int fraggap;
1369 unsigned int alloclen;
1370alloc_new_skb:
1371 /* There's no room in the current skb */
1372 if (skb)
1373 fraggap = skb->len - maxfraglen;
1374 else
1375 fraggap = 0;
1376 /* update mtu and maxfraglen if necessary */
1377 if (!skb || !skb_prev)
1378 ip6_append_data_mtu(&mtu, &maxfraglen,
1379 fragheaderlen, skb, rt,
1380 orig_mtu);
1381
1382 skb_prev = skb;
1383
1384 /*
1385 * If remaining data exceeds the mtu,
1386 * we know we need more fragment(s).
1387 */
1388 datalen = length + fraggap;
1389
1390 if (datalen > (cork->length <= mtu && !(cork->flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - fragheaderlen)
1391 datalen = maxfraglen - fragheaderlen - rt->dst.trailer_len;
1392 if ((flags & MSG_MORE) &&
1393 !(rt->dst.dev->features&NETIF_F_SG))
1394 alloclen = mtu;
1395 else
1396 alloclen = datalen + fragheaderlen;
1397
1398 alloclen += dst_exthdrlen;
1399
1400 if (datalen != length + fraggap) {
1401 /*
1402 * this is not the last fragment, the trailer
1403 * space is regarded as data space.
1404 */
1405 datalen += rt->dst.trailer_len;
1406 }
1407
1408 alloclen += rt->dst.trailer_len;
1409 fraglen = datalen + fragheaderlen;
1410
1411 /*
1412 * We just reserve space for fragment header.
1413 * Note: this may be overallocation if the message
1414 * (without MSG_MORE) fits into the MTU.
1415 */
1416 alloclen += sizeof(struct frag_hdr);
1417
1418 if (transhdrlen) {
1419 skb = sock_alloc_send_skb(sk,
1420 alloclen + hh_len,
1421 (flags & MSG_DONTWAIT), &err);
1422 } else {
1423 skb = NULL;
1424 if (atomic_read(&sk->sk_wmem_alloc) <=
1425 2 * sk->sk_sndbuf)
1426 skb = sock_wmalloc(sk,
1427 alloclen + hh_len, 1,
1428 sk->sk_allocation);
1429 if (unlikely(!skb))
1430 err = -ENOBUFS;
1431 }
1432 if (!skb)
1433 goto error;
1434 /*
1435 * Fill in the control structures
1436 */
1437 skb->protocol = htons(ETH_P_IPV6);
1438 skb->ip_summed = csummode;
1439 skb->csum = 0;
1440 /* reserve for fragmentation and ipsec header */
1441 skb_reserve(skb, hh_len + sizeof(struct frag_hdr) +
1442 dst_exthdrlen);
1443
1444 /* Only the initial fragment is time stamped */
1445 skb_shinfo(skb)->tx_flags = tx_flags;
1446 tx_flags = 0;
1447 skb_shinfo(skb)->tskey = tskey;
1448 tskey = 0;
1449
1450 /*
1451 * Find where to start putting bytes
1452 */
1453 data = skb_put(skb, fraglen);
1454 skb_set_network_header(skb, exthdrlen);
1455 data += fragheaderlen;
1456 skb->transport_header = (skb->network_header +
1457 fragheaderlen);
1458 if (fraggap) {
1459 skb->csum = skb_copy_and_csum_bits(
1460 skb_prev, maxfraglen,
1461 data + transhdrlen, fraggap, 0);
1462 skb_prev->csum = csum_sub(skb_prev->csum,
1463 skb->csum);
1464 data += fraggap;
1465 pskb_trim_unique(skb_prev, maxfraglen);
1466 }
1467 copy = datalen - transhdrlen - fraggap;
1468
1469 if (copy < 0) {
1470 err = -EINVAL;
1471 kfree_skb(skb);
1472 goto error;
1473 } else if (copy > 0 && getfrag(from, data + transhdrlen, offset, copy, fraggap, skb) < 0) {
1474 err = -EFAULT;
1475 kfree_skb(skb);
1476 goto error;
1477 }
1478
1479 offset += copy;
1480 length -= datalen - fraggap;
1481 transhdrlen = 0;
1482 exthdrlen = 0;
1483 dst_exthdrlen = 0;
1484
1485 /*
1486 * Put the packet on the pending queue
1487 */
1488 __skb_queue_tail(queue, skb);
1489 continue;
1490 }
1491
1492 if (copy > length)
1493 copy = length;
1494
1495 if (!(rt->dst.dev->features&NETIF_F_SG)) {
1496 unsigned int off;
1497
1498 off = skb->len;
1499 if (getfrag(from, skb_put(skb, copy),
1500 offset, copy, off, skb) < 0) {
1501 __skb_trim(skb, off);
1502 err = -EFAULT;
1503 goto error;
1504 }
1505 } else {
1506 int i = skb_shinfo(skb)->nr_frags;
1507
1508 err = -ENOMEM;
1509 if (!sk_page_frag_refill(sk, pfrag))
1510 goto error;
1511
1512 if (!skb_can_coalesce(skb, i, pfrag->page,
1513 pfrag->offset)) {
1514 err = -EMSGSIZE;
1515 if (i == MAX_SKB_FRAGS)
1516 goto error;
1517
1518 __skb_fill_page_desc(skb, i, pfrag->page,
1519 pfrag->offset, 0);
1520 skb_shinfo(skb)->nr_frags = ++i;
1521 get_page(pfrag->page);
1522 }
1523 copy = min_t(int, copy, pfrag->size - pfrag->offset);
1524 if (getfrag(from,
1525 page_address(pfrag->page) + pfrag->offset,
1526 offset, copy, skb->len, skb) < 0)
1527 goto error_efault;
1528
1529 pfrag->offset += copy;
1530 skb_frag_size_add(&skb_shinfo(skb)->frags[i - 1], copy);
1531 skb->len += copy;
1532 skb->data_len += copy;
1533 skb->truesize += copy;
1534 atomic_add(copy, &sk->sk_wmem_alloc);
1535 }
1536 offset += copy;
1537 length -= copy;
1538 }
1539
1540 return 0;
1541
1542error_efault:
1543 err = -EFAULT;
1544error:
1545 cork->length -= length;
1546 IP6_INC_STATS(sock_net(sk), rt->rt6i_idev, IPSTATS_MIB_OUTDISCARDS);
1547 return err;
1548}
1549
1550int ip6_append_data(struct sock *sk,
1551 int getfrag(void *from, char *to, int offset, int len,
1552 int odd, struct sk_buff *skb),
1553 void *from, int length, int transhdrlen, int hlimit,
1554 int tclass, struct ipv6_txoptions *opt, struct flowi6 *fl6,
1555 struct rt6_info *rt, unsigned int flags, int dontfrag)
1556{
1557 struct inet_sock *inet = inet_sk(sk);
1558 struct ipv6_pinfo *np = inet6_sk(sk);
1559 int exthdrlen;
1560 int err;
1561
1562 if (flags&MSG_PROBE)
1563 return 0;
1564 if (skb_queue_empty(&sk->sk_write_queue)) {
1565 /*
1566 * setup for corking
1567 */
1568 err = ip6_setup_cork(sk, &inet->cork, &np->cork, hlimit,
1569 tclass, opt, rt, fl6);
1570 if (err)
1571 return err;
1572
1573 exthdrlen = (opt ? opt->opt_flen : 0);
1574 length += exthdrlen;
1575 transhdrlen += exthdrlen;
1576 } else {
1577 fl6 = &inet->cork.fl.u.ip6;
1578 transhdrlen = 0;
1579 }
1580
1581 return __ip6_append_data(sk, fl6, &sk->sk_write_queue, &inet->cork.base,
1582 &np->cork, sk_page_frag(sk), getfrag,
1583 from, length, transhdrlen, flags, dontfrag);
1584}
1585EXPORT_SYMBOL_GPL(ip6_append_data);
1586
1587static void ip6_cork_release(struct inet_cork_full *cork,
1588 struct inet6_cork *v6_cork)
1589{
1590 if (v6_cork->opt) {
1591 kfree(v6_cork->opt->dst0opt);
1592 kfree(v6_cork->opt->dst1opt);
1593 kfree(v6_cork->opt->hopopt);
1594 kfree(v6_cork->opt->srcrt);
1595 kfree(v6_cork->opt);
1596 v6_cork->opt = NULL;
1597 }
1598
1599 if (cork->base.dst) {
1600 dst_release(cork->base.dst);
1601 cork->base.dst = NULL;
1602 cork->base.flags &= ~IPCORK_ALLFRAG;
1603 }
1604 memset(&cork->fl, 0, sizeof(cork->fl));
1605}
1606
1607struct sk_buff *__ip6_make_skb(struct sock *sk,
1608 struct sk_buff_head *queue,
1609 struct inet_cork_full *cork,
1610 struct inet6_cork *v6_cork)
1611{
1612 struct sk_buff *skb, *tmp_skb;
1613 struct sk_buff **tail_skb;
1614 struct in6_addr final_dst_buf, *final_dst = &final_dst_buf;
1615 struct ipv6_pinfo *np = inet6_sk(sk);
1616 struct net *net = sock_net(sk);
1617 struct ipv6hdr *hdr;
1618 struct ipv6_txoptions *opt = v6_cork->opt;
1619 struct rt6_info *rt = (struct rt6_info *)cork->base.dst;
1620 struct flowi6 *fl6 = &cork->fl.u.ip6;
1621 unsigned char proto = fl6->flowi6_proto;
1622
1623 skb = __skb_dequeue(queue);
1624 if (!skb)
1625 goto out;
1626 tail_skb = &(skb_shinfo(skb)->frag_list);
1627
1628 /* move skb->data to ip header from ext header */
1629 if (skb->data < skb_network_header(skb))
1630 __skb_pull(skb, skb_network_offset(skb));
1631 while ((tmp_skb = __skb_dequeue(queue)) != NULL) {
1632 __skb_pull(tmp_skb, skb_network_header_len(skb));
1633 *tail_skb = tmp_skb;
1634 tail_skb = &(tmp_skb->next);
1635 skb->len += tmp_skb->len;
1636 skb->data_len += tmp_skb->len;
1637 skb->truesize += tmp_skb->truesize;
1638 tmp_skb->destructor = NULL;
1639 tmp_skb->sk = NULL;
1640 }
1641
1642 /* Allow local fragmentation. */
1643 skb->ignore_df = ip6_sk_ignore_df(sk);
1644
1645 *final_dst = fl6->daddr;
1646 __skb_pull(skb, skb_network_header_len(skb));
1647 if (opt && opt->opt_flen)
1648 ipv6_push_frag_opts(skb, opt, &proto);
1649 if (opt && opt->opt_nflen)
1650 ipv6_push_nfrag_opts(skb, opt, &proto, &final_dst);
1651
1652 skb_push(skb, sizeof(struct ipv6hdr));
1653 skb_reset_network_header(skb);
1654 hdr = ipv6_hdr(skb);
1655
1656 ip6_flow_hdr(hdr, v6_cork->tclass,
1657 ip6_make_flowlabel(net, skb, fl6->flowlabel,
1658 np->autoflowlabel, fl6));
1659 hdr->hop_limit = v6_cork->hop_limit;
1660 hdr->nexthdr = proto;
1661 hdr->saddr = fl6->saddr;
1662 hdr->daddr = *final_dst;
1663
1664 skb->priority = sk->sk_priority;
1665 skb->mark = sk->sk_mark;
1666
1667 skb_dst_set(skb, dst_clone(&rt->dst));
1668 IP6_UPD_PO_STATS(net, rt->rt6i_idev, IPSTATS_MIB_OUT, skb->len);
1669 if (proto == IPPROTO_ICMPV6) {
1670 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
1671
1672 ICMP6MSGOUT_INC_STATS(net, idev, icmp6_hdr(skb)->icmp6_type);
1673 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1674 }
1675
1676 ip6_cork_release(cork, v6_cork);
1677out:
1678 return skb;
1679}
1680
1681int ip6_send_skb(struct sk_buff *skb)
1682{
1683 struct net *net = sock_net(skb->sk);
1684 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
1685 int err;
1686
1687 err = ip6_local_out(skb);
1688 if (err) {
1689 if (err > 0)
1690 err = net_xmit_errno(err);
1691 if (err)
1692 IP6_INC_STATS(net, rt->rt6i_idev,
1693 IPSTATS_MIB_OUTDISCARDS);
1694 }
1695
1696 return err;
1697}
1698
1699int ip6_push_pending_frames(struct sock *sk)
1700{
1701 struct sk_buff *skb;
1702
1703 skb = ip6_finish_skb(sk);
1704 if (!skb)
1705 return 0;
1706
1707 return ip6_send_skb(skb);
1708}
1709EXPORT_SYMBOL_GPL(ip6_push_pending_frames);
1710
1711static void __ip6_flush_pending_frames(struct sock *sk,
1712 struct sk_buff_head *queue,
1713 struct inet_cork_full *cork,
1714 struct inet6_cork *v6_cork)
1715{
1716 struct sk_buff *skb;
1717
1718 while ((skb = __skb_dequeue_tail(queue)) != NULL) {
1719 if (skb_dst(skb))
1720 IP6_INC_STATS(sock_net(sk), ip6_dst_idev(skb_dst(skb)),
1721 IPSTATS_MIB_OUTDISCARDS);
1722 kfree_skb(skb);
1723 }
1724
1725 ip6_cork_release(cork, v6_cork);
1726}
1727
1728void ip6_flush_pending_frames(struct sock *sk)
1729{
1730 __ip6_flush_pending_frames(sk, &sk->sk_write_queue,
1731 &inet_sk(sk)->cork, &inet6_sk(sk)->cork);
1732}
1733EXPORT_SYMBOL_GPL(ip6_flush_pending_frames);
1734
1735struct sk_buff *ip6_make_skb(struct sock *sk,
1736 int getfrag(void *from, char *to, int offset,
1737 int len, int odd, struct sk_buff *skb),
1738 void *from, int length, int transhdrlen,
1739 int hlimit, int tclass,
1740 struct ipv6_txoptions *opt, struct flowi6 *fl6,
1741 struct rt6_info *rt, unsigned int flags,
1742 int dontfrag)
1743{
1744 struct inet_cork_full cork;
1745 struct inet6_cork v6_cork;
1746 struct sk_buff_head queue;
1747 int exthdrlen = (opt ? opt->opt_flen : 0);
1748 int err;
1749
1750 if (flags & MSG_PROBE)
1751 return NULL;
1752
1753 __skb_queue_head_init(&queue);
1754
1755 cork.base.flags = 0;
1756 cork.base.addr = 0;
1757 cork.base.opt = NULL;
1758 v6_cork.opt = NULL;
1759 err = ip6_setup_cork(sk, &cork, &v6_cork, hlimit, tclass, opt, rt, fl6);
1760 if (err)
1761 return ERR_PTR(err);
1762
1763 if (dontfrag < 0)
1764 dontfrag = inet6_sk(sk)->dontfrag;
1765
1766 err = __ip6_append_data(sk, fl6, &queue, &cork.base, &v6_cork,
1767 &current->task_frag, getfrag, from,
1768 length + exthdrlen, transhdrlen + exthdrlen,
1769 flags, dontfrag);
1770 if (err) {
1771 __ip6_flush_pending_frames(sk, &queue, &cork, &v6_cork);
1772 return ERR_PTR(err);
1773 }
1774
1775 return __ip6_make_skb(sk, &queue, &cork, &v6_cork);
1776}
Empty description
This page took 0.052614 seconds and 4 git commands to generate.