search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 5.1.15
[linux/fpc-iii.git] / net / ipv6 / tcp_ipv6.c
blob44d431849d391d6903d263ae547fc9bed1e67aa7
1 /*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * Based on:
9 * linux/net/ipv4/tcp.c
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
12 *
13 * Fixes:
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
19 *
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
24 */
25
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
34 #include <linux/in.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
42 #include <linux/uaccess.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
46
47 #include <net/tcp.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
51 #include <net/ipv6.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
58 #include <net/xfrm.h>
59 #include <net/snmp.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/inet_common.h>
63 #include <net/secure_seq.h>
64 #include <net/busy_poll.h>
65
66 #include <linux/proc_fs.h>
67 #include <linux/seq_file.h>
68
69 #include <crypto/hash.h>
70 #include <linux/scatterlist.h>
71
72 #include <trace/events/tcp.h>
73
74 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
75 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
76 struct request_sock *req);
77
78 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
79
80 static const struct inet_connection_sock_af_ops ipv6_mapped;
81 static const struct inet_connection_sock_af_ops ipv6_specific;
82 #ifdef CONFIG_TCP_MD5SIG
83 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
84 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
85 #else
86 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
87 const struct in6_addr *addr)
88 {
89 return NULL;
90 }
91 #endif
92
93 static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
94 {
95 struct dst_entry *dst = skb_dst(skb);
96
97 if (dst && dst_hold_safe(dst)) {
98 const struct rt6_info *rt = (const struct rt6_info *)dst;
99
100 sk->sk_rx_dst = dst;
101 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
102 inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt);
103 }
104 }
105
106 static u32 tcp_v6_init_seq(const struct sk_buff *skb)
107 {
108 return secure_tcpv6_seq(ipv6_hdr(skb)->daddr.s6_addr32,
109 ipv6_hdr(skb)->saddr.s6_addr32,
110 tcp_hdr(skb)->dest,
111 tcp_hdr(skb)->source);
112 }
113
114 static u32 tcp_v6_init_ts_off(const struct net *net, const struct sk_buff *skb)
115 {
116 return secure_tcpv6_ts_off(net, ipv6_hdr(skb)->daddr.s6_addr32,
117 ipv6_hdr(skb)->saddr.s6_addr32);
118 }
119
120 static int tcp_v6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
121 int addr_len)
122 {
123 /* This check is replicated from tcp_v6_connect() and intended to
124 * prevent BPF program called below from accessing bytes that are out
125 * of the bound specified by user in addr_len.
126 */
127 if (addr_len < SIN6_LEN_RFC2133)
128 return -EINVAL;
129
130 sock_owned_by_me(sk);
131
132 return BPF_CGROUP_RUN_PROG_INET6_CONNECT(sk, uaddr);
133 }
134
135 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
136 int addr_len)
137 {
138 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
139 struct inet_sock *inet = inet_sk(sk);
140 struct inet_connection_sock *icsk = inet_csk(sk);
141 struct ipv6_pinfo *np = inet6_sk(sk);
142 struct tcp_sock *tp = tcp_sk(sk);
143 struct in6_addr *saddr = NULL, *final_p, final;
144 struct ipv6_txoptions *opt;
145 struct flowi6 fl6;
146 struct dst_entry *dst;
147 int addr_type;
148 int err;
149 struct inet_timewait_death_row *tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row;
150
151 if (addr_len < SIN6_LEN_RFC2133)
152 return -EINVAL;
153
154 if (usin->sin6_family != AF_INET6)
155 return -EAFNOSUPPORT;
156
157 memset(&fl6, 0, sizeof(fl6));
158
159 if (np->sndflow) {
160 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
161 IP6_ECN_flow_init(fl6.flowlabel);
162 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
163 struct ip6_flowlabel *flowlabel;
164 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
165 if (!flowlabel)
166 return -EINVAL;
167 fl6_sock_release(flowlabel);
168 }
169 }
170
171 /*
172 * connect() to INADDR_ANY means loopback (BSD'ism).
173 */
174
175 if (ipv6_addr_any(&usin->sin6_addr)) {
176 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
177 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
178 &usin->sin6_addr);
179 else
180 usin->sin6_addr = in6addr_loopback;
181 }
182
183 addr_type = ipv6_addr_type(&usin->sin6_addr);
184
185 if (addr_type & IPV6_ADDR_MULTICAST)
186 return -ENETUNREACH;
187
188 if (addr_type&IPV6_ADDR_LINKLOCAL) {
189 if (addr_len >= sizeof(struct sockaddr_in6) &&
190 usin->sin6_scope_id) {
191 /* If interface is set while binding, indices
192 * must coincide.
193 */
194 if (!sk_dev_equal_l3scope(sk, usin->sin6_scope_id))
195 return -EINVAL;
196
197 sk->sk_bound_dev_if = usin->sin6_scope_id;
198 }
199
200 /* Connect to link-local address requires an interface */
201 if (!sk->sk_bound_dev_if)
202 return -EINVAL;
203 }
204
205 if (tp->rx_opt.ts_recent_stamp &&
206 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
207 tp->rx_opt.ts_recent = 0;
208 tp->rx_opt.ts_recent_stamp = 0;
209 tp->write_seq = 0;
210 }
211
212 sk->sk_v6_daddr = usin->sin6_addr;
213 np->flow_label = fl6.flowlabel;
214
215 /*
216 * TCP over IPv4
217 */
218
219 if (addr_type & IPV6_ADDR_MAPPED) {
220 u32 exthdrlen = icsk->icsk_ext_hdr_len;
221 struct sockaddr_in sin;
222
223 if (__ipv6_only_sock(sk))
224 return -ENETUNREACH;
225
226 sin.sin_family = AF_INET;
227 sin.sin_port = usin->sin6_port;
228 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
229
230 icsk->icsk_af_ops = &ipv6_mapped;
231 sk->sk_backlog_rcv = tcp_v4_do_rcv;
232 #ifdef CONFIG_TCP_MD5SIG
233 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
234 #endif
235
236 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
237
238 if (err) {
239 icsk->icsk_ext_hdr_len = exthdrlen;
240 icsk->icsk_af_ops = &ipv6_specific;
241 sk->sk_backlog_rcv = tcp_v6_do_rcv;
242 #ifdef CONFIG_TCP_MD5SIG
243 tp->af_specific = &tcp_sock_ipv6_specific;
244 #endif
245 goto failure;
246 }
247 np->saddr = sk->sk_v6_rcv_saddr;
248
249 return err;
250 }
251
252 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
253 saddr = &sk->sk_v6_rcv_saddr;
254
255 fl6.flowi6_proto = IPPROTO_TCP;
256 fl6.daddr = sk->sk_v6_daddr;
257 fl6.saddr = saddr ? *saddr : np->saddr;
258 fl6.flowi6_oif = sk->sk_bound_dev_if;
259 fl6.flowi6_mark = sk->sk_mark;
260 fl6.fl6_dport = usin->sin6_port;
261 fl6.fl6_sport = inet->inet_sport;
262 fl6.flowi6_uid = sk->sk_uid;
263
264 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
265 final_p = fl6_update_dst(&fl6, opt, &final);
266
267 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
268
269 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
270 if (IS_ERR(dst)) {
271 err = PTR_ERR(dst);
272 goto failure;
273 }
274
275 if (!saddr) {
276 saddr = &fl6.saddr;
277 sk->sk_v6_rcv_saddr = *saddr;
278 }
279
280 /* set the source address */
281 np->saddr = *saddr;
282 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
283
284 sk->sk_gso_type = SKB_GSO_TCPV6;
285 ip6_dst_store(sk, dst, NULL, NULL);
286
287 icsk->icsk_ext_hdr_len = 0;
288 if (opt)
289 icsk->icsk_ext_hdr_len = opt->opt_flen +
290 opt->opt_nflen;
291
292 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
293
294 inet->inet_dport = usin->sin6_port;
295
296 tcp_set_state(sk, TCP_SYN_SENT);
297 err = inet6_hash_connect(tcp_death_row, sk);
298 if (err)
299 goto late_failure;
300
301 sk_set_txhash(sk);
302
303 if (likely(!tp->repair)) {
304 if (!tp->write_seq)
305 tp->write_seq = secure_tcpv6_seq(np->saddr.s6_addr32,
306 sk->sk_v6_daddr.s6_addr32,
307 inet->inet_sport,
308 inet->inet_dport);
309 tp->tsoffset = secure_tcpv6_ts_off(sock_net(sk),
310 np->saddr.s6_addr32,
311 sk->sk_v6_daddr.s6_addr32);
312 }
313
314 if (tcp_fastopen_defer_connect(sk, &err))
315 return err;
316 if (err)
317 goto late_failure;
318
319 err = tcp_connect(sk);
320 if (err)
321 goto late_failure;
322
323 return 0;
324
325 late_failure:
326 tcp_set_state(sk, TCP_CLOSE);
327 failure:
328 inet->inet_dport = 0;
329 sk->sk_route_caps = 0;
330 return err;
331 }
332
333 static void tcp_v6_mtu_reduced(struct sock *sk)
334 {
335 struct dst_entry *dst;
336
337 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
338 return;
339
340 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
341 if (!dst)
342 return;
343
344 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
345 tcp_sync_mss(sk, dst_mtu(dst));
346 tcp_simple_retransmit(sk);
347 }
348 }
349
350 static int tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
351 u8 type, u8 code, int offset, __be32 info)
352 {
353 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
354 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
355 struct net *net = dev_net(skb->dev);
356 struct request_sock *fastopen;
357 struct ipv6_pinfo *np;
358 struct tcp_sock *tp;
359 __u32 seq, snd_una;
360 struct sock *sk;
361 bool fatal;
362 int err;
363
364 sk = __inet6_lookup_established(net, &tcp_hashinfo,
365 &hdr->daddr, th->dest,
366 &hdr->saddr, ntohs(th->source),
367 skb->dev->ifindex, inet6_sdif(skb));
368
369 if (!sk) {
370 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
371 ICMP6_MIB_INERRORS);
372 return -ENOENT;
373 }
374
375 if (sk->sk_state == TCP_TIME_WAIT) {
376 inet_twsk_put(inet_twsk(sk));
377 return 0;
378 }
379 seq = ntohl(th->seq);
380 fatal = icmpv6_err_convert(type, code, &err);
381 if (sk->sk_state == TCP_NEW_SYN_RECV) {
382 tcp_req_err(sk, seq, fatal);
383 return 0;
384 }
385
386 bh_lock_sock(sk);
387 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
388 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
389
390 if (sk->sk_state == TCP_CLOSE)
391 goto out;
392
393 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
394 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
395 goto out;
396 }
397
398 tp = tcp_sk(sk);
399 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
400 fastopen = tp->fastopen_rsk;
401 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
402 if (sk->sk_state != TCP_LISTEN &&
403 !between(seq, snd_una, tp->snd_nxt)) {
404 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
405 goto out;
406 }
407
408 np = inet6_sk(sk);
409
410 if (type == NDISC_REDIRECT) {
411 if (!sock_owned_by_user(sk)) {
412 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
413
414 if (dst)
415 dst->ops->redirect(dst, sk, skb);
416 }
417 goto out;
418 }
419
420 if (type == ICMPV6_PKT_TOOBIG) {
421 /* We are not interested in TCP_LISTEN and open_requests
422 * (SYN-ACKs send out by Linux are always <576bytes so
423 * they should go through unfragmented).
424 */
425 if (sk->sk_state == TCP_LISTEN)
426 goto out;
427
428 if (!ip6_sk_accept_pmtu(sk))
429 goto out;
430
431 tp->mtu_info = ntohl(info);
432 if (!sock_owned_by_user(sk))
433 tcp_v6_mtu_reduced(sk);
434 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
435 &sk->sk_tsq_flags))
436 sock_hold(sk);
437 goto out;
438 }
439
440
441 /* Might be for an request_sock */
442 switch (sk->sk_state) {
443 case TCP_SYN_SENT:
444 case TCP_SYN_RECV:
445 /* Only in fast or simultaneous open. If a fast open socket is
446 * is already accepted it is treated as a connected one below.
447 */
448 if (fastopen && !fastopen->sk)
449 break;
450
451 if (!sock_owned_by_user(sk)) {
452 sk->sk_err = err;
453 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
454
455 tcp_done(sk);
456 } else
457 sk->sk_err_soft = err;
458 goto out;
459 }
460
461 if (!sock_owned_by_user(sk) && np->recverr) {
462 sk->sk_err = err;
463 sk->sk_error_report(sk);
464 } else
465 sk->sk_err_soft = err;
466
467 out:
468 bh_unlock_sock(sk);
469 sock_put(sk);
470 return 0;
471 }
472
473
474 static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
475 struct flowi *fl,
476 struct request_sock *req,
477 struct tcp_fastopen_cookie *foc,
478 enum tcp_synack_type synack_type)
479 {
480 struct inet_request_sock *ireq = inet_rsk(req);
481 struct ipv6_pinfo *np = inet6_sk(sk);
482 struct ipv6_txoptions *opt;
483 struct flowi6 *fl6 = &fl->u.ip6;
484 struct sk_buff *skb;
485 int err = -ENOMEM;
486
487 /* First, grab a route. */
488 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
489 IPPROTO_TCP)) == NULL)
490 goto done;
491
492 skb = tcp_make_synack(sk, dst, req, foc, synack_type);
493
494 if (skb) {
495 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
496 &ireq->ir_v6_rmt_addr);
497
498 fl6->daddr = ireq->ir_v6_rmt_addr;
499 if (np->repflow && ireq->pktopts)
500 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
501
502 rcu_read_lock();
503 opt = ireq->ipv6_opt;
504 if (!opt)
505 opt = rcu_dereference(np->opt);
506 err = ip6_xmit(sk, skb, fl6, sk->sk_mark, opt, np->tclass);
507 rcu_read_unlock();
508 err = net_xmit_eval(err);
509 }
510
511 done:
512 return err;
513 }
514
515
516 static void tcp_v6_reqsk_destructor(struct request_sock *req)
517 {
518 kfree(inet_rsk(req)->ipv6_opt);
519 kfree_skb(inet_rsk(req)->pktopts);
520 }
521
522 #ifdef CONFIG_TCP_MD5SIG
523 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
524 const struct in6_addr *addr)
525 {
526 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
527 }
528
529 static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
530 const struct sock *addr_sk)
531 {
532 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
533 }
534
535 static int tcp_v6_parse_md5_keys(struct sock *sk, int optname,
536 char __user *optval, int optlen)
537 {
538 struct tcp_md5sig cmd;
539 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
540 u8 prefixlen;
541
542 if (optlen < sizeof(cmd))
543 return -EINVAL;
544
545 if (copy_from_user(&cmd, optval, sizeof(cmd)))
546 return -EFAULT;
547
548 if (sin6->sin6_family != AF_INET6)
549 return -EINVAL;
550
551 if (optname == TCP_MD5SIG_EXT &&
552 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
553 prefixlen = cmd.tcpm_prefixlen;
554 if (prefixlen > 128 || (ipv6_addr_v4mapped(&sin6->sin6_addr) &&
555 prefixlen > 32))
556 return -EINVAL;
557 } else {
558 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128;
559 }
560
561 if (!cmd.tcpm_keylen) {
562 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
563 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
564 AF_INET, prefixlen);
565 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
566 AF_INET6, prefixlen);
567 }
568
569 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
570 return -EINVAL;
571
572 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
573 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
574 AF_INET, prefixlen, cmd.tcpm_key,
575 cmd.tcpm_keylen, GFP_KERNEL);
576
577 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
578 AF_INET6, prefixlen, cmd.tcpm_key,
579 cmd.tcpm_keylen, GFP_KERNEL);
580 }
581
582 static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp,
583 const struct in6_addr *daddr,
584 const struct in6_addr *saddr,
585 const struct tcphdr *th, int nbytes)
586 {
587 struct tcp6_pseudohdr *bp;
588 struct scatterlist sg;
589 struct tcphdr *_th;
590
591 bp = hp->scratch;
592 /* 1. TCP pseudo-header (RFC2460) */
593 bp->saddr = *saddr;
594 bp->daddr = *daddr;
595 bp->protocol = cpu_to_be32(IPPROTO_TCP);
596 bp->len = cpu_to_be32(nbytes);
597
598 _th = (struct tcphdr *)(bp + 1);
599 memcpy(_th, th, sizeof(*th));
600 _th->check = 0;
601
602 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
603 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
604 sizeof(*bp) + sizeof(*th));
605 return crypto_ahash_update(hp->md5_req);
606 }
607
608 static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
609 const struct in6_addr *daddr, struct in6_addr *saddr,
610 const struct tcphdr *th)
611 {
612 struct tcp_md5sig_pool *hp;
613 struct ahash_request *req;
614
615 hp = tcp_get_md5sig_pool();
616 if (!hp)
617 goto clear_hash_noput;
618 req = hp->md5_req;
619
620 if (crypto_ahash_init(req))
621 goto clear_hash;
622 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
623 goto clear_hash;
624 if (tcp_md5_hash_key(hp, key))
625 goto clear_hash;
626 ahash_request_set_crypt(req, NULL, md5_hash, 0);
627 if (crypto_ahash_final(req))
628 goto clear_hash;
629
630 tcp_put_md5sig_pool();
631 return 0;
632
633 clear_hash:
634 tcp_put_md5sig_pool();
635 clear_hash_noput:
636 memset(md5_hash, 0, 16);
637 return 1;
638 }
639
640 static int tcp_v6_md5_hash_skb(char *md5_hash,
641 const struct tcp_md5sig_key *key,
642 const struct sock *sk,
643 const struct sk_buff *skb)
644 {
645 const struct in6_addr *saddr, *daddr;
646 struct tcp_md5sig_pool *hp;
647 struct ahash_request *req;
648 const struct tcphdr *th = tcp_hdr(skb);
649
650 if (sk) { /* valid for establish/request sockets */
651 saddr = &sk->sk_v6_rcv_saddr;
652 daddr = &sk->sk_v6_daddr;
653 } else {
654 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
655 saddr = &ip6h->saddr;
656 daddr = &ip6h->daddr;
657 }
658
659 hp = tcp_get_md5sig_pool();
660 if (!hp)
661 goto clear_hash_noput;
662 req = hp->md5_req;
663
664 if (crypto_ahash_init(req))
665 goto clear_hash;
666
667 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len))
668 goto clear_hash;
669 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
670 goto clear_hash;
671 if (tcp_md5_hash_key(hp, key))
672 goto clear_hash;
673 ahash_request_set_crypt(req, NULL, md5_hash, 0);
674 if (crypto_ahash_final(req))
675 goto clear_hash;
676
677 tcp_put_md5sig_pool();
678 return 0;
679
680 clear_hash:
681 tcp_put_md5sig_pool();
682 clear_hash_noput:
683 memset(md5_hash, 0, 16);
684 return 1;
685 }
686
687 #endif
688
689 static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
690 const struct sk_buff *skb)
691 {
692 #ifdef CONFIG_TCP_MD5SIG
693 const __u8 *hash_location = NULL;
694 struct tcp_md5sig_key *hash_expected;
695 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
696 const struct tcphdr *th = tcp_hdr(skb);
697 int genhash;
698 u8 newhash[16];
699
700 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
701 hash_location = tcp_parse_md5sig_option(th);
702
703 /* We've parsed the options - do we have a hash? */
704 if (!hash_expected && !hash_location)
705 return false;
706
707 if (hash_expected && !hash_location) {
708 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
709 return true;
710 }
711
712 if (!hash_expected && hash_location) {
713 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
714 return true;
715 }
716
717 /* check the signature */
718 genhash = tcp_v6_md5_hash_skb(newhash,
719 hash_expected,
720 NULL, skb);
721
722 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
723 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE);
724 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
725 genhash ? "failed" : "mismatch",
726 &ip6h->saddr, ntohs(th->source),
727 &ip6h->daddr, ntohs(th->dest));
728 return true;
729 }
730 #endif
731 return false;
732 }
733
734 static void tcp_v6_init_req(struct request_sock *req,
735 const struct sock *sk_listener,
736 struct sk_buff *skb)
737 {
738 bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
739 struct inet_request_sock *ireq = inet_rsk(req);
740 const struct ipv6_pinfo *np = inet6_sk(sk_listener);
741
742 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
743 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
744
745 /* So that link locals have meaning */
746 if ((!sk_listener->sk_bound_dev_if || l3_slave) &&
747 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
748 ireq->ir_iif = tcp_v6_iif(skb);
749
750 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
751 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
752 np->rxopt.bits.rxinfo ||
753 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
754 np->rxopt.bits.rxohlim || np->repflow)) {
755 refcount_inc(&skb->users);
756 ireq->pktopts = skb;
757 }
758 }
759
760 static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
761 struct flowi *fl,
762 const struct request_sock *req)
763 {
764 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
765 }
766
767 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
768 .family = AF_INET6,
769 .obj_size = sizeof(struct tcp6_request_sock),
770 .rtx_syn_ack = tcp_rtx_synack,
771 .send_ack = tcp_v6_reqsk_send_ack,
772 .destructor = tcp_v6_reqsk_destructor,
773 .send_reset = tcp_v6_send_reset,
774 .syn_ack_timeout = tcp_syn_ack_timeout,
775 };
776
777 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
778 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
779 sizeof(struct ipv6hdr),
780 #ifdef CONFIG_TCP_MD5SIG
781 .req_md5_lookup = tcp_v6_md5_lookup,
782 .calc_md5_hash = tcp_v6_md5_hash_skb,
783 #endif
784 .init_req = tcp_v6_init_req,
785 #ifdef CONFIG_SYN_COOKIES
786 .cookie_init_seq = cookie_v6_init_sequence,
787 #endif
788 .route_req = tcp_v6_route_req,
789 .init_seq = tcp_v6_init_seq,
790 .init_ts_off = tcp_v6_init_ts_off,
791 .send_synack = tcp_v6_send_synack,
792 };
793
794 static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
795 u32 ack, u32 win, u32 tsval, u32 tsecr,
796 int oif, struct tcp_md5sig_key *key, int rst,
797 u8 tclass, __be32 label)
798 {
799 const struct tcphdr *th = tcp_hdr(skb);
800 struct tcphdr *t1;
801 struct sk_buff *buff;
802 struct flowi6 fl6;
803 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
804 struct sock *ctl_sk = net->ipv6.tcp_sk;
805 unsigned int tot_len = sizeof(struct tcphdr);
806 struct dst_entry *dst;
807 __be32 *topt;
808 __u32 mark = 0;
809
810 if (tsecr)
811 tot_len += TCPOLEN_TSTAMP_ALIGNED;
812 #ifdef CONFIG_TCP_MD5SIG
813 if (key)
814 tot_len += TCPOLEN_MD5SIG_ALIGNED;
815 #endif
816
817 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
818 GFP_ATOMIC);
819 if (!buff)
820 return;
821
822 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
823
824 t1 = skb_push(buff, tot_len);
825 skb_reset_transport_header(buff);
826
827 /* Swap the send and the receive. */
828 memset(t1, 0, sizeof(*t1));
829 t1->dest = th->source;
830 t1->source = th->dest;
831 t1->doff = tot_len / 4;
832 t1->seq = htonl(seq);
833 t1->ack_seq = htonl(ack);
834 t1->ack = !rst || !th->ack;
835 t1->rst = rst;
836 t1->window = htons(win);
837
838 topt = (__be32 *)(t1 + 1);
839
840 if (tsecr) {
841 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
842 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
843 *topt++ = htonl(tsval);
844 *topt++ = htonl(tsecr);
845 }
846
847 #ifdef CONFIG_TCP_MD5SIG
848 if (key) {
849 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
850 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
851 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
852 &ipv6_hdr(skb)->saddr,
853 &ipv6_hdr(skb)->daddr, t1);
854 }
855 #endif
856
857 memset(&fl6, 0, sizeof(fl6));
858 fl6.daddr = ipv6_hdr(skb)->saddr;
859 fl6.saddr = ipv6_hdr(skb)->daddr;
860 fl6.flowlabel = label;
861
862 buff->ip_summed = CHECKSUM_PARTIAL;
863 buff->csum = 0;
864
865 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
866
867 fl6.flowi6_proto = IPPROTO_TCP;
868 if (rt6_need_strict(&fl6.daddr) && !oif)
869 fl6.flowi6_oif = tcp_v6_iif(skb);
870 else {
871 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
872 oif = skb->skb_iif;
873
874 fl6.flowi6_oif = oif;
875 }
876
877 if (sk)
878 mark = (sk->sk_state == TCP_TIME_WAIT) ?
879 inet_twsk(sk)->tw_mark : sk->sk_mark;
880 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark) ?: mark;
881 fl6.fl6_dport = t1->dest;
882 fl6.fl6_sport = t1->source;
883 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
884 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
885
886 /* Pass a socket to ip6_dst_lookup either it is for RST
887 * Underlying function will use this to retrieve the network
888 * namespace
889 */
890 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
891 if (!IS_ERR(dst)) {
892 skb_dst_set(buff, dst);
893 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL, tclass);
894 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
895 if (rst)
896 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
897 return;
898 }
899
900 kfree_skb(buff);
901 }
902
903 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
904 {
905 const struct tcphdr *th = tcp_hdr(skb);
906 u32 seq = 0, ack_seq = 0;
907 struct tcp_md5sig_key *key = NULL;
908 #ifdef CONFIG_TCP_MD5SIG
909 const __u8 *hash_location = NULL;
910 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
911 unsigned char newhash[16];
912 int genhash;
913 struct sock *sk1 = NULL;
914 #endif
915 int oif = 0;
916
917 if (th->rst)
918 return;
919
920 /* If sk not NULL, it means we did a successful lookup and incoming
921 * route had to be correct. prequeue might have dropped our dst.
922 */
923 if (!sk && !ipv6_unicast_destination(skb))
924 return;
925
926 #ifdef CONFIG_TCP_MD5SIG
927 rcu_read_lock();
928 hash_location = tcp_parse_md5sig_option(th);
929 if (sk && sk_fullsock(sk)) {
930 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr);
931 } else if (hash_location) {
932 /*
933 * active side is lost. Try to find listening socket through
934 * source port, and then find md5 key through listening socket.
935 * we are not loose security here:
936 * Incoming packet is checked with md5 hash with finding key,
937 * no RST generated if md5 hash doesn't match.
938 */
939 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
940 &tcp_hashinfo, NULL, 0,
941 &ipv6h->saddr,
942 th->source, &ipv6h->daddr,
943 ntohs(th->source),
944 tcp_v6_iif_l3_slave(skb),
945 tcp_v6_sdif(skb));
946 if (!sk1)
947 goto out;
948
949 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
950 if (!key)
951 goto out;
952
953 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
954 if (genhash || memcmp(hash_location, newhash, 16) != 0)
955 goto out;
956 }
957 #endif
958
959 if (th->ack)
960 seq = ntohl(th->ack_seq);
961 else
962 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
963 (th->doff << 2);
964
965 if (sk) {
966 oif = sk->sk_bound_dev_if;
967 if (sk_fullsock(sk))
968 trace_tcp_send_reset(sk, skb);
969 }
970
971 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0);
972
973 #ifdef CONFIG_TCP_MD5SIG
974 out:
975 rcu_read_unlock();
976 #endif
977 }
978
979 static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
980 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
981 struct tcp_md5sig_key *key, u8 tclass,
982 __be32 label)
983 {
984 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
985 tclass, label);
986 }
987
988 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
989 {
990 struct inet_timewait_sock *tw = inet_twsk(sk);
991 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
992
993 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
994 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
995 tcp_time_stamp_raw() + tcptw->tw_ts_offset,
996 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
997 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel));
998
999 inet_twsk_put(tw);
1000 }
1001
1002 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
1003 struct request_sock *req)
1004 {
1005 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
1006 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
1007 */
1008 /* RFC 7323 2.3
1009 * The window field (SEG.WND) of every outgoing segment, with the
1010 * exception of <SYN> segments, MUST be right-shifted by
1011 * Rcv.Wind.Shift bits:
1012 */
1013 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
1014 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
1015 tcp_rsk(req)->rcv_nxt,
1016 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
1017 tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
1018 req->ts_recent, sk->sk_bound_dev_if,
1019 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr),
1020 0, 0);
1021 }
1022
1023
1024 static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
1025 {
1026 #ifdef CONFIG_SYN_COOKIES
1027 const struct tcphdr *th = tcp_hdr(skb);
1028
1029 if (!th->syn)
1030 sk = cookie_v6_check(sk, skb);
1031 #endif
1032 return sk;
1033 }
1034
1035 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1036 {
1037 if (skb->protocol == htons(ETH_P_IP))
1038 return tcp_v4_conn_request(sk, skb);
1039
1040 if (!ipv6_unicast_destination(skb))
1041 goto drop;
1042
1043 return tcp_conn_request(&tcp6_request_sock_ops,
1044 &tcp_request_sock_ipv6_ops, sk, skb);
1045
1046 drop:
1047 tcp_listendrop(sk);
1048 return 0; /* don't send reset */
1049 }
1050
1051 static void tcp_v6_restore_cb(struct sk_buff *skb)
1052 {
1053 /* We need to move header back to the beginning if xfrm6_policy_check()
1054 * and tcp_v6_fill_cb() are going to be called again.
1055 * ip6_datagram_recv_specific_ctl() also expects IP6CB to be there.
1056 */
1057 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1058 sizeof(struct inet6_skb_parm));
1059 }
1060
1061 static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
1062 struct request_sock *req,
1063 struct dst_entry *dst,
1064 struct request_sock *req_unhash,
1065 bool *own_req)
1066 {
1067 struct inet_request_sock *ireq;
1068 struct ipv6_pinfo *newnp;
1069 const struct ipv6_pinfo *np = inet6_sk(sk);
1070 struct ipv6_txoptions *opt;
1071 struct tcp6_sock *newtcp6sk;
1072 struct inet_sock *newinet;
1073 struct tcp_sock *newtp;
1074 struct sock *newsk;
1075 #ifdef CONFIG_TCP_MD5SIG
1076 struct tcp_md5sig_key *key;
1077 #endif
1078 struct flowi6 fl6;
1079
1080 if (skb->protocol == htons(ETH_P_IP)) {
1081 /*
1082 * v6 mapped
1083 */
1084
1085 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1086 req_unhash, own_req);
1087
1088 if (!newsk)
1089 return NULL;
1090
1091 newtcp6sk = (struct tcp6_sock *)newsk;
1092 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1093
1094 newinet = inet_sk(newsk);
1095 newnp = inet6_sk(newsk);
1096 newtp = tcp_sk(newsk);
1097
1098 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1099
1100 newnp->saddr = newsk->sk_v6_rcv_saddr;
1101
1102 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1103 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1104 #ifdef CONFIG_TCP_MD5SIG
1105 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1106 #endif
1107
1108 newnp->ipv6_mc_list = NULL;
1109 newnp->ipv6_ac_list = NULL;
1110 newnp->ipv6_fl_list = NULL;
1111 newnp->pktoptions = NULL;
1112 newnp->opt = NULL;
1113 newnp->mcast_oif = inet_iif(skb);
1114 newnp->mcast_hops = ip_hdr(skb)->ttl;
1115 newnp->rcv_flowinfo = 0;
1116 if (np->repflow)
1117 newnp->flow_label = 0;
1118
1119 /*
1120 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1121 * here, tcp_create_openreq_child now does this for us, see the comment in
1122 * that function for the gory details. -acme
1123 */
1124
1125 /* It is tricky place. Until this moment IPv4 tcp
1126 worked with IPv6 icsk.icsk_af_ops.
1127 Sync it now.
1128 */
1129 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1130
1131 return newsk;
1132 }
1133
1134 ireq = inet_rsk(req);
1135
1136 if (sk_acceptq_is_full(sk))
1137 goto out_overflow;
1138
1139 if (!dst) {
1140 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
1141 if (!dst)
1142 goto out;
1143 }
1144
1145 newsk = tcp_create_openreq_child(sk, req, skb);
1146 if (!newsk)
1147 goto out_nonewsk;
1148
1149 /*
1150 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1151 * count here, tcp_create_openreq_child now does this for us, see the
1152 * comment in that function for the gory details. -acme
1153 */
1154
1155 newsk->sk_gso_type = SKB_GSO_TCPV6;
1156 ip6_dst_store(newsk, dst, NULL, NULL);
1157 inet6_sk_rx_dst_set(newsk, skb);
1158
1159 newtcp6sk = (struct tcp6_sock *)newsk;
1160 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1161
1162 newtp = tcp_sk(newsk);
1163 newinet = inet_sk(newsk);
1164 newnp = inet6_sk(newsk);
1165
1166 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1167
1168 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1169 newnp->saddr = ireq->ir_v6_loc_addr;
1170 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1171 newsk->sk_bound_dev_if = ireq->ir_iif;
1172
1173 /* Now IPv6 options...
1174
1175 First: no IPv4 options.
1176 */
1177 newinet->inet_opt = NULL;
1178 newnp->ipv6_mc_list = NULL;
1179 newnp->ipv6_ac_list = NULL;
1180 newnp->ipv6_fl_list = NULL;
1181
1182 /* Clone RX bits */
1183 newnp->rxopt.all = np->rxopt.all;
1184
1185 newnp->pktoptions = NULL;
1186 newnp->opt = NULL;
1187 newnp->mcast_oif = tcp_v6_iif(skb);
1188 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1189 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1190 if (np->repflow)
1191 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1192
1193 /* Clone native IPv6 options from listening socket (if any)
1194
1195 Yes, keeping reference count would be much more clever,
1196 but we make one more one thing there: reattach optmem
1197 to newsk.
1198 */
1199 opt = ireq->ipv6_opt;
1200 if (!opt)
1201 opt = rcu_dereference(np->opt);
1202 if (opt) {
1203 opt = ipv6_dup_options(newsk, opt);
1204 RCU_INIT_POINTER(newnp->opt, opt);
1205 }
1206 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1207 if (opt)
1208 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1209 opt->opt_flen;
1210
1211 tcp_ca_openreq_child(newsk, dst);
1212
1213 tcp_sync_mss(newsk, dst_mtu(dst));
1214 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
1215
1216 tcp_initialize_rcv_mss(newsk);
1217
1218 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1219 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1220
1221 #ifdef CONFIG_TCP_MD5SIG
1222 /* Copy over the MD5 key from the original socket */
1223 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
1224 if (key) {
1225 /* We're using one, so create a matching key
1226 * on the newsk structure. If we fail to get
1227 * memory, then we end up not copying the key
1228 * across. Shucks.
1229 */
1230 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
1231 AF_INET6, 128, key->key, key->keylen,
1232 sk_gfp_mask(sk, GFP_ATOMIC));
1233 }
1234 #endif
1235
1236 if (__inet_inherit_port(sk, newsk) < 0) {
1237 inet_csk_prepare_forced_close(newsk);
1238 tcp_done(newsk);
1239 goto out;
1240 }
1241 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
1242 if (*own_req) {
1243 tcp_move_syn(newtp, req);
1244
1245 /* Clone pktoptions received with SYN, if we own the req */
1246 if (ireq->pktopts) {
1247 newnp->pktoptions = skb_clone(ireq->pktopts,
1248 sk_gfp_mask(sk, GFP_ATOMIC));
1249 consume_skb(ireq->pktopts);
1250 ireq->pktopts = NULL;
1251 if (newnp->pktoptions) {
1252 tcp_v6_restore_cb(newnp->pktoptions);
1253 skb_set_owner_r(newnp->pktoptions, newsk);
1254 }
1255 }
1256 }
1257
1258 return newsk;
1259
1260 out_overflow:
1261 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1262 out_nonewsk:
1263 dst_release(dst);
1264 out:
1265 tcp_listendrop(sk);
1266 return NULL;
1267 }
1268
1269 /* The socket must have it's spinlock held when we get
1270 * here, unless it is a TCP_LISTEN socket.
1271 *
1272 * We have a potential double-lock case here, so even when
1273 * doing backlog processing we use the BH locking scheme.
1274 * This is because we cannot sleep with the original spinlock
1275 * held.
1276 */
1277 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1278 {
1279 struct ipv6_pinfo *np = inet6_sk(sk);
1280 struct tcp_sock *tp;
1281 struct sk_buff *opt_skb = NULL;
1282
1283 /* Imagine: socket is IPv6. IPv4 packet arrives,
1284 goes to IPv4 receive handler and backlogged.
1285 From backlog it always goes here. Kerboom...
1286 Fortunately, tcp_rcv_established and rcv_established
1287 handle them correctly, but it is not case with
1288 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1289 */
1290
1291 if (skb->protocol == htons(ETH_P_IP))
1292 return tcp_v4_do_rcv(sk, skb);
1293
1294 /*
1295 * socket locking is here for SMP purposes as backlog rcv
1296 * is currently called with bh processing disabled.
1297 */
1298
1299 /* Do Stevens' IPV6_PKTOPTIONS.
1300
1301 Yes, guys, it is the only place in our code, where we
1302 may make it not affecting IPv4.
1303 The rest of code is protocol independent,
1304 and I do not like idea to uglify IPv4.
1305
1306 Actually, all the idea behind IPV6_PKTOPTIONS
1307 looks not very well thought. For now we latch
1308 options, received in the last packet, enqueued
1309 by tcp. Feel free to propose better solution.
1310 --ANK (980728)
1311 */
1312 if (np->rxopt.all)
1313 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC));
1314
1315 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1316 struct dst_entry *dst = sk->sk_rx_dst;
1317
1318 sock_rps_save_rxhash(sk, skb);
1319 sk_mark_napi_id(sk, skb);
1320 if (dst) {
1321 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1322 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1323 dst_release(dst);
1324 sk->sk_rx_dst = NULL;
1325 }
1326 }
1327
1328 tcp_rcv_established(sk, skb);
1329 if (opt_skb)
1330 goto ipv6_pktoptions;
1331 return 0;
1332 }
1333
1334 if (tcp_checksum_complete(skb))
1335 goto csum_err;
1336
1337 if (sk->sk_state == TCP_LISTEN) {
1338 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1339
1340 if (!nsk)
1341 goto discard;
1342
1343 if (nsk != sk) {
1344 if (tcp_child_process(sk, nsk, skb))
1345 goto reset;
1346 if (opt_skb)
1347 __kfree_skb(opt_skb);
1348 return 0;
1349 }
1350 } else
1351 sock_rps_save_rxhash(sk, skb);
1352
1353 if (tcp_rcv_state_process(sk, skb))
1354 goto reset;
1355 if (opt_skb)
1356 goto ipv6_pktoptions;
1357 return 0;
1358
1359 reset:
1360 tcp_v6_send_reset(sk, skb);
1361 discard:
1362 if (opt_skb)
1363 __kfree_skb(opt_skb);
1364 kfree_skb(skb);
1365 return 0;
1366 csum_err:
1367 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1368 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1369 goto discard;
1370
1371
1372 ipv6_pktoptions:
1373 /* Do you ask, what is it?
1374
1375 1. skb was enqueued by tcp.
1376 2. skb is added to tail of read queue, rather than out of order.
1377 3. socket is not in passive state.
1378 4. Finally, it really contains options, which user wants to receive.
1379 */
1380 tp = tcp_sk(sk);
1381 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1382 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1383 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1384 np->mcast_oif = tcp_v6_iif(opt_skb);
1385 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1386 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1387 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1388 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
1389 if (np->repflow)
1390 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
1391 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1392 skb_set_owner_r(opt_skb, sk);
1393 tcp_v6_restore_cb(opt_skb);
1394 opt_skb = xchg(&np->pktoptions, opt_skb);
1395 } else {
1396 __kfree_skb(opt_skb);
1397 opt_skb = xchg(&np->pktoptions, NULL);
1398 }
1399 }
1400
1401 kfree_skb(opt_skb);
1402 return 0;
1403 }
1404
1405 static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1406 const struct tcphdr *th)
1407 {
1408 /* This is tricky: we move IP6CB at its correct location into
1409 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1410 * _decode_session6() uses IP6CB().
1411 * barrier() makes sure compiler won't play aliasing games.
1412 */
1413 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1414 sizeof(struct inet6_skb_parm));
1415 barrier();
1416
1417 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1418 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1419 skb->len - th->doff*4);
1420 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1421 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1422 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1423 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1424 TCP_SKB_CB(skb)->sacked = 0;
1425 TCP_SKB_CB(skb)->has_rxtstamp =
1426 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
1427 }
1428
1429 static int tcp_v6_rcv(struct sk_buff *skb)
1430 {
1431 int sdif = inet6_sdif(skb);
1432 const struct tcphdr *th;
1433 const struct ipv6hdr *hdr;
1434 bool refcounted;
1435 struct sock *sk;
1436 int ret;
1437 struct net *net = dev_net(skb->dev);
1438
1439 if (skb->pkt_type != PACKET_HOST)
1440 goto discard_it;
1441
1442 /*
1443 * Count it even if it's bad.
1444 */
1445 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1446
1447 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1448 goto discard_it;
1449
1450 th = (const struct tcphdr *)skb->data;
1451
1452 if (unlikely(th->doff < sizeof(struct tcphdr)/4))
1453 goto bad_packet;
1454 if (!pskb_may_pull(skb, th->doff*4))
1455 goto discard_it;
1456
1457 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
1458 goto csum_error;
1459
1460 th = (const struct tcphdr *)skb->data;
1461 hdr = ipv6_hdr(skb);
1462
1463 lookup:
1464 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th),
1465 th->source, th->dest, inet6_iif(skb), sdif,
1466 &refcounted);
1467 if (!sk)
1468 goto no_tcp_socket;
1469
1470 process:
1471 if (sk->sk_state == TCP_TIME_WAIT)
1472 goto do_time_wait;
1473
1474 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1475 struct request_sock *req = inet_reqsk(sk);
1476 bool req_stolen = false;
1477 struct sock *nsk;
1478
1479 sk = req->rsk_listener;
1480 if (tcp_v6_inbound_md5_hash(sk, skb)) {
1481 sk_drops_add(sk, skb);
1482 reqsk_put(req);
1483 goto discard_it;
1484 }
1485 if (tcp_checksum_complete(skb)) {
1486 reqsk_put(req);
1487 goto csum_error;
1488 }
1489 if (unlikely(sk->sk_state != TCP_LISTEN)) {
1490 inet_csk_reqsk_queue_drop_and_put(sk, req);
1491 goto lookup;
1492 }
1493 sock_hold(sk);
1494 refcounted = true;
1495 nsk = NULL;
1496 if (!tcp_filter(sk, skb)) {
1497 th = (const struct tcphdr *)skb->data;
1498 hdr = ipv6_hdr(skb);
1499 tcp_v6_fill_cb(skb, hdr, th);
1500 nsk = tcp_check_req(sk, skb, req, false, &req_stolen);
1501 }
1502 if (!nsk) {
1503 reqsk_put(req);
1504 if (req_stolen) {
1505 /* Another cpu got exclusive access to req
1506 * and created a full blown socket.
1507 * Try to feed this packet to this socket
1508 * instead of discarding it.
1509 */
1510 tcp_v6_restore_cb(skb);
1511 sock_put(sk);
1512 goto lookup;
1513 }
1514 goto discard_and_relse;
1515 }
1516 if (nsk == sk) {
1517 reqsk_put(req);
1518 tcp_v6_restore_cb(skb);
1519 } else if (tcp_child_process(sk, nsk, skb)) {
1520 tcp_v6_send_reset(nsk, skb);
1521 goto discard_and_relse;
1522 } else {
1523 sock_put(sk);
1524 return 0;
1525 }
1526 }
1527 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1528 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
1529 goto discard_and_relse;
1530 }
1531
1532 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1533 goto discard_and_relse;
1534
1535 if (tcp_v6_inbound_md5_hash(sk, skb))
1536 goto discard_and_relse;
1537
1538 if (tcp_filter(sk, skb))
1539 goto discard_and_relse;
1540 th = (const struct tcphdr *)skb->data;
1541 hdr = ipv6_hdr(skb);
1542 tcp_v6_fill_cb(skb, hdr, th);
1543
1544 skb->dev = NULL;
1545
1546 if (sk->sk_state == TCP_LISTEN) {
1547 ret = tcp_v6_do_rcv(sk, skb);
1548 goto put_and_return;
1549 }
1550
1551 sk_incoming_cpu_update(sk);
1552
1553 bh_lock_sock_nested(sk);
1554 tcp_segs_in(tcp_sk(sk), skb);
1555 ret = 0;
1556 if (!sock_owned_by_user(sk)) {
1557 ret = tcp_v6_do_rcv(sk, skb);
1558 } else if (tcp_add_backlog(sk, skb)) {
1559 goto discard_and_relse;
1560 }
1561 bh_unlock_sock(sk);
1562
1563 put_and_return:
1564 if (refcounted)
1565 sock_put(sk);
1566 return ret ? -1 : 0;
1567
1568 no_tcp_socket:
1569 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1570 goto discard_it;
1571
1572 tcp_v6_fill_cb(skb, hdr, th);
1573
1574 if (tcp_checksum_complete(skb)) {
1575 csum_error:
1576 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1577 bad_packet:
1578 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1579 } else {
1580 tcp_v6_send_reset(NULL, skb);
1581 }
1582
1583 discard_it:
1584 kfree_skb(skb);
1585 return 0;
1586
1587 discard_and_relse:
1588 sk_drops_add(sk, skb);
1589 if (refcounted)
1590 sock_put(sk);
1591 goto discard_it;
1592
1593 do_time_wait:
1594 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1595 inet_twsk_put(inet_twsk(sk));
1596 goto discard_it;
1597 }
1598
1599 tcp_v6_fill_cb(skb, hdr, th);
1600
1601 if (tcp_checksum_complete(skb)) {
1602 inet_twsk_put(inet_twsk(sk));
1603 goto csum_error;
1604 }
1605
1606 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1607 case TCP_TW_SYN:
1608 {
1609 struct sock *sk2;
1610
1611 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1612 skb, __tcp_hdrlen(th),
1613 &ipv6_hdr(skb)->saddr, th->source,
1614 &ipv6_hdr(skb)->daddr,
1615 ntohs(th->dest),
1616 tcp_v6_iif_l3_slave(skb),
1617 sdif);
1618 if (sk2) {
1619 struct inet_timewait_sock *tw = inet_twsk(sk);
1620 inet_twsk_deschedule_put(tw);
1621 sk = sk2;
1622 tcp_v6_restore_cb(skb);
1623 refcounted = false;
1624 goto process;
1625 }
1626 }
1627 /* to ACK */
1628 /* fall through */
1629 case TCP_TW_ACK:
1630 tcp_v6_timewait_ack(sk, skb);
1631 break;
1632 case TCP_TW_RST:
1633 tcp_v6_send_reset(sk, skb);
1634 inet_twsk_deschedule_put(inet_twsk(sk));
1635 goto discard_it;
1636 case TCP_TW_SUCCESS:
1637 ;
1638 }
1639 goto discard_it;
1640 }
1641
1642 static void tcp_v6_early_demux(struct sk_buff *skb)
1643 {
1644 const struct ipv6hdr *hdr;
1645 const struct tcphdr *th;
1646 struct sock *sk;
1647
1648 if (skb->pkt_type != PACKET_HOST)
1649 return;
1650
1651 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1652 return;
1653
1654 hdr = ipv6_hdr(skb);
1655 th = tcp_hdr(skb);
1656
1657 if (th->doff < sizeof(struct tcphdr) / 4)
1658 return;
1659
1660 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
1661 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1662 &hdr->saddr, th->source,
1663 &hdr->daddr, ntohs(th->dest),
1664 inet6_iif(skb), inet6_sdif(skb));
1665 if (sk) {
1666 skb->sk = sk;
1667 skb->destructor = sock_edemux;
1668 if (sk_fullsock(sk)) {
1669 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
1670
1671 if (dst)
1672 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
1673 if (dst &&
1674 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1675 skb_dst_set_noref(skb, dst);
1676 }
1677 }
1678 }
1679
1680 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1681 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1682 .twsk_unique = tcp_twsk_unique,
1683 .twsk_destructor = tcp_twsk_destructor,
1684 };
1685
1686 static const struct inet_connection_sock_af_ops ipv6_specific = {
1687 .queue_xmit = inet6_csk_xmit,
1688 .send_check = tcp_v6_send_check,
1689 .rebuild_header = inet6_sk_rebuild_header,
1690 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1691 .conn_request = tcp_v6_conn_request,
1692 .syn_recv_sock = tcp_v6_syn_recv_sock,
1693 .net_header_len = sizeof(struct ipv6hdr),
1694 .net_frag_header_len = sizeof(struct frag_hdr),
1695 .setsockopt = ipv6_setsockopt,
1696 .getsockopt = ipv6_getsockopt,
1697 .addr2sockaddr = inet6_csk_addr2sockaddr,
1698 .sockaddr_len = sizeof(struct sockaddr_in6),
1699 #ifdef CONFIG_COMPAT
1700 .compat_setsockopt = compat_ipv6_setsockopt,
1701 .compat_getsockopt = compat_ipv6_getsockopt,
1702 #endif
1703 .mtu_reduced = tcp_v6_mtu_reduced,
1704 };
1705
1706 #ifdef CONFIG_TCP_MD5SIG
1707 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1708 .md5_lookup = tcp_v6_md5_lookup,
1709 .calc_md5_hash = tcp_v6_md5_hash_skb,
1710 .md5_parse = tcp_v6_parse_md5_keys,
1711 };
1712 #endif
1713
1714 /*
1715 * TCP over IPv4 via INET6 API
1716 */
1717 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1718 .queue_xmit = ip_queue_xmit,
1719 .send_check = tcp_v4_send_check,
1720 .rebuild_header = inet_sk_rebuild_header,
1721 .sk_rx_dst_set = inet_sk_rx_dst_set,
1722 .conn_request = tcp_v6_conn_request,
1723 .syn_recv_sock = tcp_v6_syn_recv_sock,
1724 .net_header_len = sizeof(struct iphdr),
1725 .setsockopt = ipv6_setsockopt,
1726 .getsockopt = ipv6_getsockopt,
1727 .addr2sockaddr = inet6_csk_addr2sockaddr,
1728 .sockaddr_len = sizeof(struct sockaddr_in6),
1729 #ifdef CONFIG_COMPAT
1730 .compat_setsockopt = compat_ipv6_setsockopt,
1731 .compat_getsockopt = compat_ipv6_getsockopt,
1732 #endif
1733 .mtu_reduced = tcp_v4_mtu_reduced,
1734 };
1735
1736 #ifdef CONFIG_TCP_MD5SIG
1737 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1738 .md5_lookup = tcp_v4_md5_lookup,
1739 .calc_md5_hash = tcp_v4_md5_hash_skb,
1740 .md5_parse = tcp_v6_parse_md5_keys,
1741 };
1742 #endif
1743
1744 /* NOTE: A lot of things set to zero explicitly by call to
1745 * sk_alloc() so need not be done here.
1746 */
1747 static int tcp_v6_init_sock(struct sock *sk)
1748 {
1749 struct inet_connection_sock *icsk = inet_csk(sk);
1750
1751 tcp_init_sock(sk);
1752
1753 icsk->icsk_af_ops = &ipv6_specific;
1754
1755 #ifdef CONFIG_TCP_MD5SIG
1756 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1757 #endif
1758
1759 return 0;
1760 }
1761
1762 static void tcp_v6_destroy_sock(struct sock *sk)
1763 {
1764 tcp_v4_destroy_sock(sk);
1765 inet6_destroy_sock(sk);
1766 }
1767
1768 #ifdef CONFIG_PROC_FS
1769 /* Proc filesystem TCPv6 sock list dumping. */
1770 static void get_openreq6(struct seq_file *seq,
1771 const struct request_sock *req, int i)
1772 {
1773 long ttd = req->rsk_timer.expires - jiffies;
1774 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1775 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1776
1777 if (ttd < 0)
1778 ttd = 0;
1779
1780 seq_printf(seq,
1781 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1782 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1783 i,
1784 src->s6_addr32[0], src->s6_addr32[1],
1785 src->s6_addr32[2], src->s6_addr32[3],
1786 inet_rsk(req)->ir_num,
1787 dest->s6_addr32[0], dest->s6_addr32[1],
1788 dest->s6_addr32[2], dest->s6_addr32[3],
1789 ntohs(inet_rsk(req)->ir_rmt_port),
1790 TCP_SYN_RECV,
1791 0, 0, /* could print option size, but that is af dependent. */
1792 1, /* timers active (only the expire timer) */
1793 jiffies_to_clock_t(ttd),
1794 req->num_timeout,
1795 from_kuid_munged(seq_user_ns(seq),
1796 sock_i_uid(req->rsk_listener)),
1797 0, /* non standard timer */
1798 0, /* open_requests have no inode */
1799 0, req);
1800 }
1801
1802 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1803 {
1804 const struct in6_addr *dest, *src;
1805 __u16 destp, srcp;
1806 int timer_active;
1807 unsigned long timer_expires;
1808 const struct inet_sock *inet = inet_sk(sp);
1809 const struct tcp_sock *tp = tcp_sk(sp);
1810 const struct inet_connection_sock *icsk = inet_csk(sp);
1811 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
1812 int rx_queue;
1813 int state;
1814
1815 dest = &sp->sk_v6_daddr;
1816 src = &sp->sk_v6_rcv_saddr;
1817 destp = ntohs(inet->inet_dport);
1818 srcp = ntohs(inet->inet_sport);
1819
1820 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
1821 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
1822 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
1823 timer_active = 1;
1824 timer_expires = icsk->icsk_timeout;
1825 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1826 timer_active = 4;
1827 timer_expires = icsk->icsk_timeout;
1828 } else if (timer_pending(&sp->sk_timer)) {
1829 timer_active = 2;
1830 timer_expires = sp->sk_timer.expires;
1831 } else {
1832 timer_active = 0;
1833 timer_expires = jiffies;
1834 }
1835
1836 state = inet_sk_state_load(sp);
1837 if (state == TCP_LISTEN)
1838 rx_queue = sp->sk_ack_backlog;
1839 else
1840 /* Because we don't lock the socket,
1841 * we might find a transient negative value.
1842 */
1843 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
1844
1845 seq_printf(seq,
1846 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1847 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1848 i,
1849 src->s6_addr32[0], src->s6_addr32[1],
1850 src->s6_addr32[2], src->s6_addr32[3], srcp,
1851 dest->s6_addr32[0], dest->s6_addr32[1],
1852 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1853 state,
1854 tp->write_seq - tp->snd_una,
1855 rx_queue,
1856 timer_active,
1857 jiffies_delta_to_clock_t(timer_expires - jiffies),
1858 icsk->icsk_retransmits,
1859 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1860 icsk->icsk_probes_out,
1861 sock_i_ino(sp),
1862 refcount_read(&sp->sk_refcnt), sp,
1863 jiffies_to_clock_t(icsk->icsk_rto),
1864 jiffies_to_clock_t(icsk->icsk_ack.ato),
1865 (icsk->icsk_ack.quick << 1) | inet_csk_in_pingpong_mode(sp),
1866 tp->snd_cwnd,
1867 state == TCP_LISTEN ?
1868 fastopenq->max_qlen :
1869 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1870 );
1871 }
1872
1873 static void get_timewait6_sock(struct seq_file *seq,
1874 struct inet_timewait_sock *tw, int i)
1875 {
1876 long delta = tw->tw_timer.expires - jiffies;
1877 const struct in6_addr *dest, *src;
1878 __u16 destp, srcp;
1879
1880 dest = &tw->tw_v6_daddr;
1881 src = &tw->tw_v6_rcv_saddr;
1882 destp = ntohs(tw->tw_dport);
1883 srcp = ntohs(tw->tw_sport);
1884
1885 seq_printf(seq,
1886 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1887 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1888 i,
1889 src->s6_addr32[0], src->s6_addr32[1],
1890 src->s6_addr32[2], src->s6_addr32[3], srcp,
1891 dest->s6_addr32[0], dest->s6_addr32[1],
1892 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1893 tw->tw_substate, 0, 0,
1894 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1895 refcount_read(&tw->tw_refcnt), tw);
1896 }
1897
1898 static int tcp6_seq_show(struct seq_file *seq, void *v)
1899 {
1900 struct tcp_iter_state *st;
1901 struct sock *sk = v;
1902
1903 if (v == SEQ_START_TOKEN) {
1904 seq_puts(seq,
1905 " sl "
1906 "local_address "
1907 "remote_address "
1908 "st tx_queue rx_queue tr tm->when retrnsmt"
1909 " uid timeout inode\n");
1910 goto out;
1911 }
1912 st = seq->private;
1913
1914 if (sk->sk_state == TCP_TIME_WAIT)
1915 get_timewait6_sock(seq, v, st->num);
1916 else if (sk->sk_state == TCP_NEW_SYN_RECV)
1917 get_openreq6(seq, v, st->num);
1918 else
1919 get_tcp6_sock(seq, v, st->num);
1920 out:
1921 return 0;
1922 }
1923
1924 static const struct seq_operations tcp6_seq_ops = {
1925 .show = tcp6_seq_show,
1926 .start = tcp_seq_start,
1927 .next = tcp_seq_next,
1928 .stop = tcp_seq_stop,
1929 };
1930
1931 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1932 .family = AF_INET6,
1933 };
1934
1935 int __net_init tcp6_proc_init(struct net *net)
1936 {
1937 if (!proc_create_net_data("tcp6", 0444, net->proc_net, &tcp6_seq_ops,
1938 sizeof(struct tcp_iter_state), &tcp6_seq_afinfo))
1939 return -ENOMEM;
1940 return 0;
1941 }
1942
1943 void tcp6_proc_exit(struct net *net)
1944 {
1945 remove_proc_entry("tcp6", net->proc_net);
1946 }
1947 #endif
1948
1949 struct proto tcpv6_prot = {
1950 .name = "TCPv6",
1951 .owner = THIS_MODULE,
1952 .close = tcp_close,
1953 .pre_connect = tcp_v6_pre_connect,
1954 .connect = tcp_v6_connect,
1955 .disconnect = tcp_disconnect,
1956 .accept = inet_csk_accept,
1957 .ioctl = tcp_ioctl,
1958 .init = tcp_v6_init_sock,
1959 .destroy = tcp_v6_destroy_sock,
1960 .shutdown = tcp_shutdown,
1961 .setsockopt = tcp_setsockopt,
1962 .getsockopt = tcp_getsockopt,
1963 .keepalive = tcp_set_keepalive,
1964 .recvmsg = tcp_recvmsg,
1965 .sendmsg = tcp_sendmsg,
1966 .sendpage = tcp_sendpage,
1967 .backlog_rcv = tcp_v6_do_rcv,
1968 .release_cb = tcp_release_cb,
1969 .hash = inet6_hash,
1970 .unhash = inet_unhash,
1971 .get_port = inet_csk_get_port,
1972 .enter_memory_pressure = tcp_enter_memory_pressure,
1973 .leave_memory_pressure = tcp_leave_memory_pressure,
1974 .stream_memory_free = tcp_stream_memory_free,
1975 .sockets_allocated = &tcp_sockets_allocated,
1976 .memory_allocated = &tcp_memory_allocated,
1977 .memory_pressure = &tcp_memory_pressure,
1978 .orphan_count = &tcp_orphan_count,
1979 .sysctl_mem = sysctl_tcp_mem,
1980 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
1981 .sysctl_rmem_offset = offsetof(struct net, ipv4.sysctl_tcp_rmem),
1982 .max_header = MAX_TCP_HEADER,
1983 .obj_size = sizeof(struct tcp6_sock),
1984 .slab_flags = SLAB_TYPESAFE_BY_RCU,
1985 .twsk_prot = &tcp6_timewait_sock_ops,
1986 .rsk_prot = &tcp6_request_sock_ops,
1987 .h.hashinfo = &tcp_hashinfo,
1988 .no_autobind = true,
1989 #ifdef CONFIG_COMPAT
1990 .compat_setsockopt = compat_tcp_setsockopt,
1991 .compat_getsockopt = compat_tcp_getsockopt,
1992 #endif
1993 .diag_destroy = tcp_abort,
1994 };
1995
1996 /* thinking of making this const? Don't.
1997 * early_demux can change based on sysctl.
1998 */
1999 static struct inet6_protocol tcpv6_protocol = {
2000 .early_demux = tcp_v6_early_demux,
2001 .early_demux_handler = tcp_v6_early_demux,
2002 .handler = tcp_v6_rcv,
2003 .err_handler = tcp_v6_err,
2004 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2005 };
2006
2007 static struct inet_protosw tcpv6_protosw = {
2008 .type = SOCK_STREAM,
2009 .protocol = IPPROTO_TCP,
2010 .prot = &tcpv6_prot,
2011 .ops = &inet6_stream_ops,
2012 .flags = INET_PROTOSW_PERMANENT |
2013 INET_PROTOSW_ICSK,
2014 };
2015
2016 static int __net_init tcpv6_net_init(struct net *net)
2017 {
2018 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2019 SOCK_RAW, IPPROTO_TCP, net);
2020 }
2021
2022 static void __net_exit tcpv6_net_exit(struct net *net)
2023 {
2024 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2025 }
2026
2027 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2028 {
2029 inet_twsk_purge(&tcp_hashinfo, AF_INET6);
2030 }
2031
2032 static struct pernet_operations tcpv6_net_ops = {
2033 .init = tcpv6_net_init,
2034 .exit = tcpv6_net_exit,
2035 .exit_batch = tcpv6_net_exit_batch,
2036 };
2037
2038 int __init tcpv6_init(void)
2039 {
2040 int ret;
2041
2042 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2043 if (ret)
2044 goto out;
2045
2046 /* register inet6 protocol */
2047 ret = inet6_register_protosw(&tcpv6_protosw);
2048 if (ret)
2049 goto out_tcpv6_protocol;
2050
2051 ret = register_pernet_subsys(&tcpv6_net_ops);
2052 if (ret)
2053 goto out_tcpv6_protosw;
2054 out:
2055 return ret;
2056
2057 out_tcpv6_protosw:
2058 inet6_unregister_protosw(&tcpv6_protosw);
2059 out_tcpv6_protocol:
2060 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2061 goto out;
2062 }
2063
2064 void tcpv6_exit(void)
2065 {
2066 unregister_pernet_subsys(&tcpv6_net_ops);
2067 inet6_unregister_protosw(&tcpv6_protosw);
2068 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2069 }
Linux with added FPC-III support