1 /* 2 * TCP over IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on: 9 * linux/net/ipv4/tcp.c 10 * linux/net/ipv4/tcp_input.c 11 * linux/net/ipv4/tcp_output.c 12 * 13 * Fixes: 14 * Hideaki YOSHIFUJI : sin6_scope_id support 15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which 16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind 17 * a single port at the same time. 18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file. 19 * 20 * This program is free software; you can redistribute it and/or 21 * modify it under the terms of the GNU General Public License 22 * as published by the Free Software Foundation; either version 23 * 2 of the License, or (at your option) any later version. 24 */ 25 26 #include <linux/bottom_half.h> 27 #include <linux/module.h> 28 #include <linux/errno.h> 29 #include <linux/types.h> 30 #include <linux/socket.h> 31 #include <linux/sockios.h> 32 #include <linux/net.h> 33 #include <linux/jiffies.h> 34 #include <linux/in.h> 35 #include <linux/in6.h> 36 #include <linux/netdevice.h> 37 #include <linux/init.h> 38 #include <linux/jhash.h> 39 #include <linux/ipsec.h> 40 #include <linux/times.h> 41 #include <linux/slab.h> 42 43 #include <linux/ipv6.h> 44 #include <linux/icmpv6.h> 45 #include <linux/random.h> 46 47 #include <net/tcp.h> 48 #include <net/ndisc.h> 49 #include <net/inet6_hashtables.h> 50 #include <net/inet6_connection_sock.h> 51 #include <net/ipv6.h> 52 #include <net/transp_v6.h> 53 #include <net/addrconf.h> 54 #include <net/ip6_route.h> 55 #include <net/ip6_checksum.h> 56 #include <net/inet_ecn.h> 57 #include <net/protocol.h> 58 #include <net/xfrm.h> 59 #include <net/snmp.h> 60 #include <net/dsfield.h> 61 #include <net/timewait_sock.h> 62 #include <net/netdma.h> 63 #include <net/inet_common.h> 64 #include <net/secure_seq.h> 65 #include <net/tcp_memcontrol.h> 66 67 #include <asm/uaccess.h> 68 69 #include <linux/proc_fs.h> 70 #include <linux/seq_file.h> 71 72 #include <linux/crypto.h> 73 #include <linux/scatterlist.h> 74 75 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb); 76 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb, 77 struct request_sock *req); 78 79 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb); 80 static void __tcp_v6_send_check(struct sk_buff *skb, 81 const struct in6_addr *saddr, 82 const struct in6_addr *daddr); 83 84 static const struct inet_connection_sock_af_ops ipv6_mapped; 85 static const struct inet_connection_sock_af_ops ipv6_specific; 86 #ifdef CONFIG_TCP_MD5SIG 87 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific; 88 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific; 89 #else 90 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk, 91 const struct in6_addr *addr) 92 { 93 return NULL; 94 } 95 #endif 96 97 static void tcp_v6_hash(struct sock *sk) 98 { 99 if (sk->sk_state != TCP_CLOSE) { 100 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) { 101 tcp_prot.hash(sk); 102 return; 103 } 104 local_bh_disable(); 105 __inet6_hash(sk, NULL); 106 local_bh_enable(); 107 } 108 } 109 110 static __inline__ __sum16 tcp_v6_check(int len, 111 const struct in6_addr *saddr, 112 const struct in6_addr *daddr, 113 __wsum base) 114 { 115 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base); 116 } 117 118 static __u32 tcp_v6_init_sequence(const struct sk_buff *skb) 119 { 120 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32, 121 ipv6_hdr(skb)->saddr.s6_addr32, 122 tcp_hdr(skb)->dest, 123 tcp_hdr(skb)->source); 124 } 125 126 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, 127 int addr_len) 128 { 129 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; 130 struct inet_sock *inet = inet_sk(sk); 131 struct inet_connection_sock *icsk = inet_csk(sk); 132 struct ipv6_pinfo *np = inet6_sk(sk); 133 struct tcp_sock *tp = tcp_sk(sk); 134 struct in6_addr *saddr = NULL, *final_p, final; 135 struct rt6_info *rt; 136 struct flowi6 fl6; 137 struct dst_entry *dst; 138 int addr_type; 139 int err; 140 141 if (addr_len < SIN6_LEN_RFC2133) 142 return -EINVAL; 143 144 if (usin->sin6_family != AF_INET6) 145 return -EAFNOSUPPORT; 146 147 memset(&fl6, 0, sizeof(fl6)); 148 149 if (np->sndflow) { 150 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK; 151 IP6_ECN_flow_init(fl6.flowlabel); 152 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) { 153 struct ip6_flowlabel *flowlabel; 154 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel); 155 if (flowlabel == NULL) 156 return -EINVAL; 157 usin->sin6_addr = flowlabel->dst; 158 fl6_sock_release(flowlabel); 159 } 160 } 161 162 /* 163 * connect() to INADDR_ANY means loopback (BSD'ism). 164 */ 165 166 if(ipv6_addr_any(&usin->sin6_addr)) 167 usin->sin6_addr.s6_addr[15] = 0x1; 168 169 addr_type = ipv6_addr_type(&usin->sin6_addr); 170 171 if(addr_type & IPV6_ADDR_MULTICAST) 172 return -ENETUNREACH; 173 174 if (addr_type&IPV6_ADDR_LINKLOCAL) { 175 if (addr_len >= sizeof(struct sockaddr_in6) && 176 usin->sin6_scope_id) { 177 /* If interface is set while binding, indices 178 * must coincide. 179 */ 180 if (sk->sk_bound_dev_if && 181 sk->sk_bound_dev_if != usin->sin6_scope_id) 182 return -EINVAL; 183 184 sk->sk_bound_dev_if = usin->sin6_scope_id; 185 } 186 187 /* Connect to link-local address requires an interface */ 188 if (!sk->sk_bound_dev_if) 189 return -EINVAL; 190 } 191 192 if (tp->rx_opt.ts_recent_stamp && 193 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) { 194 tp->rx_opt.ts_recent = 0; 195 tp->rx_opt.ts_recent_stamp = 0; 196 tp->write_seq = 0; 197 } 198 199 np->daddr = usin->sin6_addr; 200 np->flow_label = fl6.flowlabel; 201 202 /* 203 * TCP over IPv4 204 */ 205 206 if (addr_type == IPV6_ADDR_MAPPED) { 207 u32 exthdrlen = icsk->icsk_ext_hdr_len; 208 struct sockaddr_in sin; 209 210 SOCK_DEBUG(sk, "connect: ipv4 mapped\n"); 211 212 if (__ipv6_only_sock(sk)) 213 return -ENETUNREACH; 214 215 sin.sin_family = AF_INET; 216 sin.sin_port = usin->sin6_port; 217 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3]; 218 219 icsk->icsk_af_ops = &ipv6_mapped; 220 sk->sk_backlog_rcv = tcp_v4_do_rcv; 221 #ifdef CONFIG_TCP_MD5SIG 222 tp->af_specific = &tcp_sock_ipv6_mapped_specific; 223 #endif 224 225 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin)); 226 227 if (err) { 228 icsk->icsk_ext_hdr_len = exthdrlen; 229 icsk->icsk_af_ops = &ipv6_specific; 230 sk->sk_backlog_rcv = tcp_v6_do_rcv; 231 #ifdef CONFIG_TCP_MD5SIG 232 tp->af_specific = &tcp_sock_ipv6_specific; 233 #endif 234 goto failure; 235 } else { 236 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr); 237 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr, 238 &np->rcv_saddr); 239 } 240 241 return err; 242 } 243 244 if (!ipv6_addr_any(&np->rcv_saddr)) 245 saddr = &np->rcv_saddr; 246 247 fl6.flowi6_proto = IPPROTO_TCP; 248 fl6.daddr = np->daddr; 249 fl6.saddr = saddr ? *saddr : np->saddr; 250 fl6.flowi6_oif = sk->sk_bound_dev_if; 251 fl6.flowi6_mark = sk->sk_mark; 252 fl6.fl6_dport = usin->sin6_port; 253 fl6.fl6_sport = inet->inet_sport; 254 255 final_p = fl6_update_dst(&fl6, np->opt, &final); 256 257 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6)); 258 259 dst = ip6_dst_lookup_flow(sk, &fl6, final_p, true); 260 if (IS_ERR(dst)) { 261 err = PTR_ERR(dst); 262 goto failure; 263 } 264 265 if (saddr == NULL) { 266 saddr = &fl6.saddr; 267 np->rcv_saddr = *saddr; 268 } 269 270 /* set the source address */ 271 np->saddr = *saddr; 272 inet->inet_rcv_saddr = LOOPBACK4_IPV6; 273 274 sk->sk_gso_type = SKB_GSO_TCPV6; 275 __ip6_dst_store(sk, dst, NULL, NULL); 276 277 rt = (struct rt6_info *) dst; 278 if (tcp_death_row.sysctl_tw_recycle && 279 !tp->rx_opt.ts_recent_stamp && 280 ipv6_addr_equal(&rt->rt6i_dst.addr, &np->daddr)) 281 tcp_fetch_timewait_stamp(sk, dst); 282 283 icsk->icsk_ext_hdr_len = 0; 284 if (np->opt) 285 icsk->icsk_ext_hdr_len = (np->opt->opt_flen + 286 np->opt->opt_nflen); 287 288 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 289 290 inet->inet_dport = usin->sin6_port; 291 292 tcp_set_state(sk, TCP_SYN_SENT); 293 err = inet6_hash_connect(&tcp_death_row, sk); 294 if (err) 295 goto late_failure; 296 297 if (!tp->write_seq) 298 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32, 299 np->daddr.s6_addr32, 300 inet->inet_sport, 301 inet->inet_dport); 302 303 err = tcp_connect(sk); 304 if (err) 305 goto late_failure; 306 307 return 0; 308 309 late_failure: 310 tcp_set_state(sk, TCP_CLOSE); 311 __sk_dst_reset(sk); 312 failure: 313 inet->inet_dport = 0; 314 sk->sk_route_caps = 0; 315 return err; 316 } 317 318 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 319 u8 type, u8 code, int offset, __be32 info) 320 { 321 const struct ipv6hdr *hdr = (const struct ipv6hdr*)skb->data; 322 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset); 323 struct ipv6_pinfo *np; 324 struct sock *sk; 325 int err; 326 struct tcp_sock *tp; 327 __u32 seq; 328 struct net *net = dev_net(skb->dev); 329 330 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr, 331 th->dest, &hdr->saddr, th->source, skb->dev->ifindex); 332 333 if (sk == NULL) { 334 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev), 335 ICMP6_MIB_INERRORS); 336 return; 337 } 338 339 if (sk->sk_state == TCP_TIME_WAIT) { 340 inet_twsk_put(inet_twsk(sk)); 341 return; 342 } 343 344 bh_lock_sock(sk); 345 if (sock_owned_by_user(sk)) 346 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS); 347 348 if (sk->sk_state == TCP_CLOSE) 349 goto out; 350 351 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) { 352 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); 353 goto out; 354 } 355 356 tp = tcp_sk(sk); 357 seq = ntohl(th->seq); 358 if (sk->sk_state != TCP_LISTEN && 359 !between(seq, tp->snd_una, tp->snd_nxt)) { 360 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS); 361 goto out; 362 } 363 364 np = inet6_sk(sk); 365 366 if (type == ICMPV6_PKT_TOOBIG) { 367 struct dst_entry *dst; 368 369 if (sock_owned_by_user(sk)) 370 goto out; 371 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) 372 goto out; 373 374 /* icmp should have updated the destination cache entry */ 375 dst = __sk_dst_check(sk, np->dst_cookie); 376 377 if (dst == NULL) { 378 struct inet_sock *inet = inet_sk(sk); 379 struct flowi6 fl6; 380 381 /* BUGGG_FUTURE: Again, it is not clear how 382 to handle rthdr case. Ignore this complexity 383 for now. 384 */ 385 memset(&fl6, 0, sizeof(fl6)); 386 fl6.flowi6_proto = IPPROTO_TCP; 387 fl6.daddr = np->daddr; 388 fl6.saddr = np->saddr; 389 fl6.flowi6_oif = sk->sk_bound_dev_if; 390 fl6.flowi6_mark = sk->sk_mark; 391 fl6.fl6_dport = inet->inet_dport; 392 fl6.fl6_sport = inet->inet_sport; 393 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6)); 394 395 dst = ip6_dst_lookup_flow(sk, &fl6, NULL, false); 396 if (IS_ERR(dst)) { 397 sk->sk_err_soft = -PTR_ERR(dst); 398 goto out; 399 } 400 401 } else 402 dst_hold(dst); 403 404 dst->ops->update_pmtu(dst, ntohl(info)); 405 406 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) { 407 tcp_sync_mss(sk, dst_mtu(dst)); 408 tcp_simple_retransmit(sk); 409 } /* else let the usual retransmit timer handle it */ 410 dst_release(dst); 411 goto out; 412 } 413 414 icmpv6_err_convert(type, code, &err); 415 416 /* Might be for an request_sock */ 417 switch (sk->sk_state) { 418 struct request_sock *req, **prev; 419 case TCP_LISTEN: 420 if (sock_owned_by_user(sk)) 421 goto out; 422 423 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr, 424 &hdr->saddr, inet6_iif(skb)); 425 if (!req) 426 goto out; 427 428 /* ICMPs are not backlogged, hence we cannot get 429 * an established socket here. 430 */ 431 WARN_ON(req->sk != NULL); 432 433 if (seq != tcp_rsk(req)->snt_isn) { 434 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS); 435 goto out; 436 } 437 438 inet_csk_reqsk_queue_drop(sk, req, prev); 439 goto out; 440 441 case TCP_SYN_SENT: 442 case TCP_SYN_RECV: /* Cannot happen. 443 It can, it SYNs are crossed. --ANK */ 444 if (!sock_owned_by_user(sk)) { 445 sk->sk_err = err; 446 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */ 447 448 tcp_done(sk); 449 } else 450 sk->sk_err_soft = err; 451 goto out; 452 } 453 454 if (!sock_owned_by_user(sk) && np->recverr) { 455 sk->sk_err = err; 456 sk->sk_error_report(sk); 457 } else 458 sk->sk_err_soft = err; 459 460 out: 461 bh_unlock_sock(sk); 462 sock_put(sk); 463 } 464 465 466 static int tcp_v6_send_synack(struct sock *sk, struct dst_entry *dst, 467 struct flowi6 *fl6, 468 struct request_sock *req, 469 struct request_values *rvp, 470 u16 queue_mapping) 471 { 472 struct inet6_request_sock *treq = inet6_rsk(req); 473 struct ipv6_pinfo *np = inet6_sk(sk); 474 struct sk_buff * skb; 475 int err = -ENOMEM; 476 477 /* First, grab a route. */ 478 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL) 479 goto done; 480 481 skb = tcp_make_synack(sk, dst, req, rvp); 482 483 if (skb) { 484 __tcp_v6_send_check(skb, &treq->loc_addr, &treq->rmt_addr); 485 486 fl6->daddr = treq->rmt_addr; 487 skb_set_queue_mapping(skb, queue_mapping); 488 err = ip6_xmit(sk, skb, fl6, np->opt, np->tclass); 489 err = net_xmit_eval(err); 490 } 491 492 done: 493 return err; 494 } 495 496 static int tcp_v6_rtx_synack(struct sock *sk, struct request_sock *req, 497 struct request_values *rvp) 498 { 499 struct flowi6 fl6; 500 501 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS); 502 return tcp_v6_send_synack(sk, NULL, &fl6, req, rvp, 0); 503 } 504 505 static void tcp_v6_reqsk_destructor(struct request_sock *req) 506 { 507 kfree_skb(inet6_rsk(req)->pktopts); 508 } 509 510 #ifdef CONFIG_TCP_MD5SIG 511 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk, 512 const struct in6_addr *addr) 513 { 514 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6); 515 } 516 517 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk, 518 struct sock *addr_sk) 519 { 520 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr); 521 } 522 523 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk, 524 struct request_sock *req) 525 { 526 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr); 527 } 528 529 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval, 530 int optlen) 531 { 532 struct tcp_md5sig cmd; 533 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr; 534 535 if (optlen < sizeof(cmd)) 536 return -EINVAL; 537 538 if (copy_from_user(&cmd, optval, sizeof(cmd))) 539 return -EFAULT; 540 541 if (sin6->sin6_family != AF_INET6) 542 return -EINVAL; 543 544 if (!cmd.tcpm_keylen) { 545 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) 546 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3], 547 AF_INET); 548 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr, 549 AF_INET6); 550 } 551 552 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN) 553 return -EINVAL; 554 555 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) 556 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3], 557 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL); 558 559 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr, 560 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL); 561 } 562 563 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp, 564 const struct in6_addr *daddr, 565 const struct in6_addr *saddr, int nbytes) 566 { 567 struct tcp6_pseudohdr *bp; 568 struct scatterlist sg; 569 570 bp = &hp->md5_blk.ip6; 571 /* 1. TCP pseudo-header (RFC2460) */ 572 bp->saddr = *saddr; 573 bp->daddr = *daddr; 574 bp->protocol = cpu_to_be32(IPPROTO_TCP); 575 bp->len = cpu_to_be32(nbytes); 576 577 sg_init_one(&sg, bp, sizeof(*bp)); 578 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp)); 579 } 580 581 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key, 582 const struct in6_addr *daddr, struct in6_addr *saddr, 583 const struct tcphdr *th) 584 { 585 struct tcp_md5sig_pool *hp; 586 struct hash_desc *desc; 587 588 hp = tcp_get_md5sig_pool(); 589 if (!hp) 590 goto clear_hash_noput; 591 desc = &hp->md5_desc; 592 593 if (crypto_hash_init(desc)) 594 goto clear_hash; 595 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2)) 596 goto clear_hash; 597 if (tcp_md5_hash_header(hp, th)) 598 goto clear_hash; 599 if (tcp_md5_hash_key(hp, key)) 600 goto clear_hash; 601 if (crypto_hash_final(desc, md5_hash)) 602 goto clear_hash; 603 604 tcp_put_md5sig_pool(); 605 return 0; 606 607 clear_hash: 608 tcp_put_md5sig_pool(); 609 clear_hash_noput: 610 memset(md5_hash, 0, 16); 611 return 1; 612 } 613 614 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key, 615 const struct sock *sk, 616 const struct request_sock *req, 617 const struct sk_buff *skb) 618 { 619 const struct in6_addr *saddr, *daddr; 620 struct tcp_md5sig_pool *hp; 621 struct hash_desc *desc; 622 const struct tcphdr *th = tcp_hdr(skb); 623 624 if (sk) { 625 saddr = &inet6_sk(sk)->saddr; 626 daddr = &inet6_sk(sk)->daddr; 627 } else if (req) { 628 saddr = &inet6_rsk(req)->loc_addr; 629 daddr = &inet6_rsk(req)->rmt_addr; 630 } else { 631 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 632 saddr = &ip6h->saddr; 633 daddr = &ip6h->daddr; 634 } 635 636 hp = tcp_get_md5sig_pool(); 637 if (!hp) 638 goto clear_hash_noput; 639 desc = &hp->md5_desc; 640 641 if (crypto_hash_init(desc)) 642 goto clear_hash; 643 644 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len)) 645 goto clear_hash; 646 if (tcp_md5_hash_header(hp, th)) 647 goto clear_hash; 648 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2)) 649 goto clear_hash; 650 if (tcp_md5_hash_key(hp, key)) 651 goto clear_hash; 652 if (crypto_hash_final(desc, md5_hash)) 653 goto clear_hash; 654 655 tcp_put_md5sig_pool(); 656 return 0; 657 658 clear_hash: 659 tcp_put_md5sig_pool(); 660 clear_hash_noput: 661 memset(md5_hash, 0, 16); 662 return 1; 663 } 664 665 static int tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb) 666 { 667 const __u8 *hash_location = NULL; 668 struct tcp_md5sig_key *hash_expected; 669 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 670 const struct tcphdr *th = tcp_hdr(skb); 671 int genhash; 672 u8 newhash[16]; 673 674 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr); 675 hash_location = tcp_parse_md5sig_option(th); 676 677 /* We've parsed the options - do we have a hash? */ 678 if (!hash_expected && !hash_location) 679 return 0; 680 681 if (hash_expected && !hash_location) { 682 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND); 683 return 1; 684 } 685 686 if (!hash_expected && hash_location) { 687 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED); 688 return 1; 689 } 690 691 /* check the signature */ 692 genhash = tcp_v6_md5_hash_skb(newhash, 693 hash_expected, 694 NULL, NULL, skb); 695 696 if (genhash || memcmp(hash_location, newhash, 16) != 0) { 697 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n", 698 genhash ? "failed" : "mismatch", 699 &ip6h->saddr, ntohs(th->source), 700 &ip6h->daddr, ntohs(th->dest)); 701 return 1; 702 } 703 return 0; 704 } 705 #endif 706 707 struct request_sock_ops tcp6_request_sock_ops __read_mostly = { 708 .family = AF_INET6, 709 .obj_size = sizeof(struct tcp6_request_sock), 710 .rtx_syn_ack = tcp_v6_rtx_synack, 711 .send_ack = tcp_v6_reqsk_send_ack, 712 .destructor = tcp_v6_reqsk_destructor, 713 .send_reset = tcp_v6_send_reset, 714 .syn_ack_timeout = tcp_syn_ack_timeout, 715 }; 716 717 #ifdef CONFIG_TCP_MD5SIG 718 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = { 719 .md5_lookup = tcp_v6_reqsk_md5_lookup, 720 .calc_md5_hash = tcp_v6_md5_hash_skb, 721 }; 722 #endif 723 724 static void __tcp_v6_send_check(struct sk_buff *skb, 725 const struct in6_addr *saddr, const struct in6_addr *daddr) 726 { 727 struct tcphdr *th = tcp_hdr(skb); 728 729 if (skb->ip_summed == CHECKSUM_PARTIAL) { 730 th->check = ~tcp_v6_check(skb->len, saddr, daddr, 0); 731 skb->csum_start = skb_transport_header(skb) - skb->head; 732 skb->csum_offset = offsetof(struct tcphdr, check); 733 } else { 734 th->check = tcp_v6_check(skb->len, saddr, daddr, 735 csum_partial(th, th->doff << 2, 736 skb->csum)); 737 } 738 } 739 740 static void tcp_v6_send_check(struct sock *sk, struct sk_buff *skb) 741 { 742 struct ipv6_pinfo *np = inet6_sk(sk); 743 744 __tcp_v6_send_check(skb, &np->saddr, &np->daddr); 745 } 746 747 static int tcp_v6_gso_send_check(struct sk_buff *skb) 748 { 749 const struct ipv6hdr *ipv6h; 750 struct tcphdr *th; 751 752 if (!pskb_may_pull(skb, sizeof(*th))) 753 return -EINVAL; 754 755 ipv6h = ipv6_hdr(skb); 756 th = tcp_hdr(skb); 757 758 th->check = 0; 759 skb->ip_summed = CHECKSUM_PARTIAL; 760 __tcp_v6_send_check(skb, &ipv6h->saddr, &ipv6h->daddr); 761 return 0; 762 } 763 764 static struct sk_buff **tcp6_gro_receive(struct sk_buff **head, 765 struct sk_buff *skb) 766 { 767 const struct ipv6hdr *iph = skb_gro_network_header(skb); 768 769 switch (skb->ip_summed) { 770 case CHECKSUM_COMPLETE: 771 if (!tcp_v6_check(skb_gro_len(skb), &iph->saddr, &iph->daddr, 772 skb->csum)) { 773 skb->ip_summed = CHECKSUM_UNNECESSARY; 774 break; 775 } 776 777 /* fall through */ 778 case CHECKSUM_NONE: 779 NAPI_GRO_CB(skb)->flush = 1; 780 return NULL; 781 } 782 783 return tcp_gro_receive(head, skb); 784 } 785 786 static int tcp6_gro_complete(struct sk_buff *skb) 787 { 788 const struct ipv6hdr *iph = ipv6_hdr(skb); 789 struct tcphdr *th = tcp_hdr(skb); 790 791 th->check = ~tcp_v6_check(skb->len - skb_transport_offset(skb), 792 &iph->saddr, &iph->daddr, 0); 793 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6; 794 795 return tcp_gro_complete(skb); 796 } 797 798 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win, 799 u32 ts, struct tcp_md5sig_key *key, int rst, u8 tclass) 800 { 801 const struct tcphdr *th = tcp_hdr(skb); 802 struct tcphdr *t1; 803 struct sk_buff *buff; 804 struct flowi6 fl6; 805 struct net *net = dev_net(skb_dst(skb)->dev); 806 struct sock *ctl_sk = net->ipv6.tcp_sk; 807 unsigned int tot_len = sizeof(struct tcphdr); 808 struct dst_entry *dst; 809 __be32 *topt; 810 811 if (ts) 812 tot_len += TCPOLEN_TSTAMP_ALIGNED; 813 #ifdef CONFIG_TCP_MD5SIG 814 if (key) 815 tot_len += TCPOLEN_MD5SIG_ALIGNED; 816 #endif 817 818 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len, 819 GFP_ATOMIC); 820 if (buff == NULL) 821 return; 822 823 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len); 824 825 t1 = (struct tcphdr *) skb_push(buff, tot_len); 826 skb_reset_transport_header(buff); 827 828 /* Swap the send and the receive. */ 829 memset(t1, 0, sizeof(*t1)); 830 t1->dest = th->source; 831 t1->source = th->dest; 832 t1->doff = tot_len / 4; 833 t1->seq = htonl(seq); 834 t1->ack_seq = htonl(ack); 835 t1->ack = !rst || !th->ack; 836 t1->rst = rst; 837 t1->window = htons(win); 838 839 topt = (__be32 *)(t1 + 1); 840 841 if (ts) { 842 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 843 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP); 844 *topt++ = htonl(tcp_time_stamp); 845 *topt++ = htonl(ts); 846 } 847 848 #ifdef CONFIG_TCP_MD5SIG 849 if (key) { 850 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 851 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG); 852 tcp_v6_md5_hash_hdr((__u8 *)topt, key, 853 &ipv6_hdr(skb)->saddr, 854 &ipv6_hdr(skb)->daddr, t1); 855 } 856 #endif 857 858 memset(&fl6, 0, sizeof(fl6)); 859 fl6.daddr = ipv6_hdr(skb)->saddr; 860 fl6.saddr = ipv6_hdr(skb)->daddr; 861 862 buff->ip_summed = CHECKSUM_PARTIAL; 863 buff->csum = 0; 864 865 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr); 866 867 fl6.flowi6_proto = IPPROTO_TCP; 868 fl6.flowi6_oif = inet6_iif(skb); 869 fl6.fl6_dport = t1->dest; 870 fl6.fl6_sport = t1->source; 871 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6)); 872 873 /* Pass a socket to ip6_dst_lookup either it is for RST 874 * Underlying function will use this to retrieve the network 875 * namespace 876 */ 877 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL, false); 878 if (!IS_ERR(dst)) { 879 skb_dst_set(buff, dst); 880 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass); 881 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS); 882 if (rst) 883 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS); 884 return; 885 } 886 887 kfree_skb(buff); 888 } 889 890 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb) 891 { 892 const struct tcphdr *th = tcp_hdr(skb); 893 u32 seq = 0, ack_seq = 0; 894 struct tcp_md5sig_key *key = NULL; 895 #ifdef CONFIG_TCP_MD5SIG 896 const __u8 *hash_location = NULL; 897 struct ipv6hdr *ipv6h = ipv6_hdr(skb); 898 unsigned char newhash[16]; 899 int genhash; 900 struct sock *sk1 = NULL; 901 #endif 902 903 if (th->rst) 904 return; 905 906 if (!ipv6_unicast_destination(skb)) 907 return; 908 909 #ifdef CONFIG_TCP_MD5SIG 910 hash_location = tcp_parse_md5sig_option(th); 911 if (!sk && hash_location) { 912 /* 913 * active side is lost. Try to find listening socket through 914 * source port, and then find md5 key through listening socket. 915 * we are not loose security here: 916 * Incoming packet is checked with md5 hash with finding key, 917 * no RST generated if md5 hash doesn't match. 918 */ 919 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev), 920 &tcp_hashinfo, &ipv6h->daddr, 921 ntohs(th->source), inet6_iif(skb)); 922 if (!sk1) 923 return; 924 925 rcu_read_lock(); 926 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr); 927 if (!key) 928 goto release_sk1; 929 930 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, NULL, skb); 931 if (genhash || memcmp(hash_location, newhash, 16) != 0) 932 goto release_sk1; 933 } else { 934 key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL; 935 } 936 #endif 937 938 if (th->ack) 939 seq = ntohl(th->ack_seq); 940 else 941 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len - 942 (th->doff << 2); 943 944 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1, 0); 945 946 #ifdef CONFIG_TCP_MD5SIG 947 release_sk1: 948 if (sk1) { 949 rcu_read_unlock(); 950 sock_put(sk1); 951 } 952 #endif 953 } 954 955 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts, 956 struct tcp_md5sig_key *key, u8 tclass) 957 { 958 tcp_v6_send_response(skb, seq, ack, win, ts, key, 0, tclass); 959 } 960 961 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb) 962 { 963 struct inet_timewait_sock *tw = inet_twsk(sk); 964 struct tcp_timewait_sock *tcptw = tcp_twsk(sk); 965 966 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt, 967 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale, 968 tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw), 969 tw->tw_tclass); 970 971 inet_twsk_put(tw); 972 } 973 974 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb, 975 struct request_sock *req) 976 { 977 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent, 978 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr), 0); 979 } 980 981 982 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb) 983 { 984 struct request_sock *req, **prev; 985 const struct tcphdr *th = tcp_hdr(skb); 986 struct sock *nsk; 987 988 /* Find possible connection requests. */ 989 req = inet6_csk_search_req(sk, &prev, th->source, 990 &ipv6_hdr(skb)->saddr, 991 &ipv6_hdr(skb)->daddr, inet6_iif(skb)); 992 if (req) 993 return tcp_check_req(sk, skb, req, prev); 994 995 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo, 996 &ipv6_hdr(skb)->saddr, th->source, 997 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb)); 998 999 if (nsk) { 1000 if (nsk->sk_state != TCP_TIME_WAIT) { 1001 bh_lock_sock(nsk); 1002 return nsk; 1003 } 1004 inet_twsk_put(inet_twsk(nsk)); 1005 return NULL; 1006 } 1007 1008 #ifdef CONFIG_SYN_COOKIES 1009 if (!th->syn) 1010 sk = cookie_v6_check(sk, skb); 1011 #endif 1012 return sk; 1013 } 1014 1015 /* FIXME: this is substantially similar to the ipv4 code. 1016 * Can some kind of merge be done? -- erics 1017 */ 1018 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) 1019 { 1020 struct tcp_extend_values tmp_ext; 1021 struct tcp_options_received tmp_opt; 1022 const u8 *hash_location; 1023 struct request_sock *req; 1024 struct inet6_request_sock *treq; 1025 struct ipv6_pinfo *np = inet6_sk(sk); 1026 struct tcp_sock *tp = tcp_sk(sk); 1027 __u32 isn = TCP_SKB_CB(skb)->when; 1028 struct dst_entry *dst = NULL; 1029 struct flowi6 fl6; 1030 bool want_cookie = false; 1031 1032 if (skb->protocol == htons(ETH_P_IP)) 1033 return tcp_v4_conn_request(sk, skb); 1034 1035 if (!ipv6_unicast_destination(skb)) 1036 goto drop; 1037 1038 if (inet_csk_reqsk_queue_is_full(sk) && !isn) { 1039 want_cookie = tcp_syn_flood_action(sk, skb, "TCPv6"); 1040 if (!want_cookie) 1041 goto drop; 1042 } 1043 1044 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) 1045 goto drop; 1046 1047 req = inet6_reqsk_alloc(&tcp6_request_sock_ops); 1048 if (req == NULL) 1049 goto drop; 1050 1051 #ifdef CONFIG_TCP_MD5SIG 1052 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops; 1053 #endif 1054 1055 tcp_clear_options(&tmp_opt); 1056 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 1057 tmp_opt.user_mss = tp->rx_opt.user_mss; 1058 tcp_parse_options(skb, &tmp_opt, &hash_location, 0); 1059 1060 if (tmp_opt.cookie_plus > 0 && 1061 tmp_opt.saw_tstamp && 1062 !tp->rx_opt.cookie_out_never && 1063 (sysctl_tcp_cookie_size > 0 || 1064 (tp->cookie_values != NULL && 1065 tp->cookie_values->cookie_desired > 0))) { 1066 u8 *c; 1067 u32 *d; 1068 u32 *mess = &tmp_ext.cookie_bakery[COOKIE_DIGEST_WORDS]; 1069 int l = tmp_opt.cookie_plus - TCPOLEN_COOKIE_BASE; 1070 1071 if (tcp_cookie_generator(&tmp_ext.cookie_bakery[0]) != 0) 1072 goto drop_and_free; 1073 1074 /* Secret recipe starts with IP addresses */ 1075 d = (__force u32 *)&ipv6_hdr(skb)->daddr.s6_addr32[0]; 1076 *mess++ ^= *d++; 1077 *mess++ ^= *d++; 1078 *mess++ ^= *d++; 1079 *mess++ ^= *d++; 1080 d = (__force u32 *)&ipv6_hdr(skb)->saddr.s6_addr32[0]; 1081 *mess++ ^= *d++; 1082 *mess++ ^= *d++; 1083 *mess++ ^= *d++; 1084 *mess++ ^= *d++; 1085 1086 /* plus variable length Initiator Cookie */ 1087 c = (u8 *)mess; 1088 while (l-- > 0) 1089 *c++ ^= *hash_location++; 1090 1091 want_cookie = false; /* not our kind of cookie */ 1092 tmp_ext.cookie_out_never = 0; /* false */ 1093 tmp_ext.cookie_plus = tmp_opt.cookie_plus; 1094 } else if (!tp->rx_opt.cookie_in_always) { 1095 /* redundant indications, but ensure initialization. */ 1096 tmp_ext.cookie_out_never = 1; /* true */ 1097 tmp_ext.cookie_plus = 0; 1098 } else { 1099 goto drop_and_free; 1100 } 1101 tmp_ext.cookie_in_always = tp->rx_opt.cookie_in_always; 1102 1103 if (want_cookie && !tmp_opt.saw_tstamp) 1104 tcp_clear_options(&tmp_opt); 1105 1106 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp; 1107 tcp_openreq_init(req, &tmp_opt, skb); 1108 1109 treq = inet6_rsk(req); 1110 treq->rmt_addr = ipv6_hdr(skb)->saddr; 1111 treq->loc_addr = ipv6_hdr(skb)->daddr; 1112 if (!want_cookie || tmp_opt.tstamp_ok) 1113 TCP_ECN_create_request(req, skb); 1114 1115 treq->iif = sk->sk_bound_dev_if; 1116 1117 /* So that link locals have meaning */ 1118 if (!sk->sk_bound_dev_if && 1119 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL) 1120 treq->iif = inet6_iif(skb); 1121 1122 if (!isn) { 1123 if (ipv6_opt_accepted(sk, skb) || 1124 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo || 1125 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) { 1126 atomic_inc(&skb->users); 1127 treq->pktopts = skb; 1128 } 1129 1130 if (want_cookie) { 1131 isn = cookie_v6_init_sequence(sk, skb, &req->mss); 1132 req->cookie_ts = tmp_opt.tstamp_ok; 1133 goto have_isn; 1134 } 1135 1136 /* VJ's idea. We save last timestamp seen 1137 * from the destination in peer table, when entering 1138 * state TIME-WAIT, and check against it before 1139 * accepting new connection request. 1140 * 1141 * If "isn" is not zero, this request hit alive 1142 * timewait bucket, so that all the necessary checks 1143 * are made in the function processing timewait state. 1144 */ 1145 if (tmp_opt.saw_tstamp && 1146 tcp_death_row.sysctl_tw_recycle && 1147 (dst = inet6_csk_route_req(sk, &fl6, req)) != NULL) { 1148 if (!tcp_peer_is_proven(req, dst, true)) { 1149 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_PAWSPASSIVEREJECTED); 1150 goto drop_and_release; 1151 } 1152 } 1153 /* Kill the following clause, if you dislike this way. */ 1154 else if (!sysctl_tcp_syncookies && 1155 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) < 1156 (sysctl_max_syn_backlog >> 2)) && 1157 !tcp_peer_is_proven(req, dst, false)) { 1158 /* Without syncookies last quarter of 1159 * backlog is filled with destinations, 1160 * proven to be alive. 1161 * It means that we continue to communicate 1162 * to destinations, already remembered 1163 * to the moment of synflood. 1164 */ 1165 LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open request from %pI6/%u\n", 1166 &treq->rmt_addr, ntohs(tcp_hdr(skb)->source)); 1167 goto drop_and_release; 1168 } 1169 1170 isn = tcp_v6_init_sequence(skb); 1171 } 1172 have_isn: 1173 tcp_rsk(req)->snt_isn = isn; 1174 tcp_rsk(req)->snt_synack = tcp_time_stamp; 1175 1176 if (security_inet_conn_request(sk, skb, req)) 1177 goto drop_and_release; 1178 1179 if (tcp_v6_send_synack(sk, dst, &fl6, req, 1180 (struct request_values *)&tmp_ext, 1181 skb_get_queue_mapping(skb)) || 1182 want_cookie) 1183 goto drop_and_free; 1184 1185 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT); 1186 return 0; 1187 1188 drop_and_release: 1189 dst_release(dst); 1190 drop_and_free: 1191 reqsk_free(req); 1192 drop: 1193 return 0; /* don't send reset */ 1194 } 1195 1196 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, 1197 struct request_sock *req, 1198 struct dst_entry *dst) 1199 { 1200 struct inet6_request_sock *treq; 1201 struct ipv6_pinfo *newnp, *np = inet6_sk(sk); 1202 struct tcp6_sock *newtcp6sk; 1203 struct inet_sock *newinet; 1204 struct tcp_sock *newtp; 1205 struct sock *newsk; 1206 #ifdef CONFIG_TCP_MD5SIG 1207 struct tcp_md5sig_key *key; 1208 #endif 1209 struct flowi6 fl6; 1210 1211 if (skb->protocol == htons(ETH_P_IP)) { 1212 /* 1213 * v6 mapped 1214 */ 1215 1216 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst); 1217 1218 if (newsk == NULL) 1219 return NULL; 1220 1221 newtcp6sk = (struct tcp6_sock *)newsk; 1222 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1223 1224 newinet = inet_sk(newsk); 1225 newnp = inet6_sk(newsk); 1226 newtp = tcp_sk(newsk); 1227 1228 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1229 1230 ipv6_addr_set_v4mapped(newinet->inet_daddr, &newnp->daddr); 1231 1232 ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr); 1233 1234 newnp->rcv_saddr = newnp->saddr; 1235 1236 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped; 1237 newsk->sk_backlog_rcv = tcp_v4_do_rcv; 1238 #ifdef CONFIG_TCP_MD5SIG 1239 newtp->af_specific = &tcp_sock_ipv6_mapped_specific; 1240 #endif 1241 1242 newnp->ipv6_ac_list = NULL; 1243 newnp->ipv6_fl_list = NULL; 1244 newnp->pktoptions = NULL; 1245 newnp->opt = NULL; 1246 newnp->mcast_oif = inet6_iif(skb); 1247 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit; 1248 newnp->rcv_tclass = ipv6_tclass(ipv6_hdr(skb)); 1249 1250 /* 1251 * No need to charge this sock to the relevant IPv6 refcnt debug socks count 1252 * here, tcp_create_openreq_child now does this for us, see the comment in 1253 * that function for the gory details. -acme 1254 */ 1255 1256 /* It is tricky place. Until this moment IPv4 tcp 1257 worked with IPv6 icsk.icsk_af_ops. 1258 Sync it now. 1259 */ 1260 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie); 1261 1262 return newsk; 1263 } 1264 1265 treq = inet6_rsk(req); 1266 1267 if (sk_acceptq_is_full(sk)) 1268 goto out_overflow; 1269 1270 if (!dst) { 1271 dst = inet6_csk_route_req(sk, &fl6, req); 1272 if (!dst) 1273 goto out; 1274 } 1275 1276 newsk = tcp_create_openreq_child(sk, req, skb); 1277 if (newsk == NULL) 1278 goto out_nonewsk; 1279 1280 /* 1281 * No need to charge this sock to the relevant IPv6 refcnt debug socks 1282 * count here, tcp_create_openreq_child now does this for us, see the 1283 * comment in that function for the gory details. -acme 1284 */ 1285 1286 newsk->sk_gso_type = SKB_GSO_TCPV6; 1287 __ip6_dst_store(newsk, dst, NULL, NULL); 1288 1289 newtcp6sk = (struct tcp6_sock *)newsk; 1290 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1291 1292 newtp = tcp_sk(newsk); 1293 newinet = inet_sk(newsk); 1294 newnp = inet6_sk(newsk); 1295 1296 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1297 1298 newnp->daddr = treq->rmt_addr; 1299 newnp->saddr = treq->loc_addr; 1300 newnp->rcv_saddr = treq->loc_addr; 1301 newsk->sk_bound_dev_if = treq->iif; 1302 1303 /* Now IPv6 options... 1304 1305 First: no IPv4 options. 1306 */ 1307 newinet->inet_opt = NULL; 1308 newnp->ipv6_ac_list = NULL; 1309 newnp->ipv6_fl_list = NULL; 1310 1311 /* Clone RX bits */ 1312 newnp->rxopt.all = np->rxopt.all; 1313 1314 /* Clone pktoptions received with SYN */ 1315 newnp->pktoptions = NULL; 1316 if (treq->pktopts != NULL) { 1317 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC); 1318 consume_skb(treq->pktopts); 1319 treq->pktopts = NULL; 1320 if (newnp->pktoptions) 1321 skb_set_owner_r(newnp->pktoptions, newsk); 1322 } 1323 newnp->opt = NULL; 1324 newnp->mcast_oif = inet6_iif(skb); 1325 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit; 1326 newnp->rcv_tclass = ipv6_tclass(ipv6_hdr(skb)); 1327 1328 /* Clone native IPv6 options from listening socket (if any) 1329 1330 Yes, keeping reference count would be much more clever, 1331 but we make one more one thing there: reattach optmem 1332 to newsk. 1333 */ 1334 if (np->opt) 1335 newnp->opt = ipv6_dup_options(newsk, np->opt); 1336 1337 inet_csk(newsk)->icsk_ext_hdr_len = 0; 1338 if (newnp->opt) 1339 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen + 1340 newnp->opt->opt_flen); 1341 1342 tcp_mtup_init(newsk); 1343 tcp_sync_mss(newsk, dst_mtu(dst)); 1344 newtp->advmss = dst_metric_advmss(dst); 1345 if (tcp_sk(sk)->rx_opt.user_mss && 1346 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss) 1347 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss; 1348 1349 tcp_initialize_rcv_mss(newsk); 1350 if (tcp_rsk(req)->snt_synack) 1351 tcp_valid_rtt_meas(newsk, 1352 tcp_time_stamp - tcp_rsk(req)->snt_synack); 1353 newtp->total_retrans = req->retrans; 1354 1355 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6; 1356 newinet->inet_rcv_saddr = LOOPBACK4_IPV6; 1357 1358 #ifdef CONFIG_TCP_MD5SIG 1359 /* Copy over the MD5 key from the original socket */ 1360 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) { 1361 /* We're using one, so create a matching key 1362 * on the newsk structure. If we fail to get 1363 * memory, then we end up not copying the key 1364 * across. Shucks. 1365 */ 1366 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newnp->daddr, 1367 AF_INET6, key->key, key->keylen, GFP_ATOMIC); 1368 } 1369 #endif 1370 1371 if (__inet_inherit_port(sk, newsk) < 0) { 1372 sock_put(newsk); 1373 goto out; 1374 } 1375 __inet6_hash(newsk, NULL); 1376 1377 return newsk; 1378 1379 out_overflow: 1380 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS); 1381 out_nonewsk: 1382 dst_release(dst); 1383 out: 1384 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS); 1385 return NULL; 1386 } 1387 1388 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb) 1389 { 1390 if (skb->ip_summed == CHECKSUM_COMPLETE) { 1391 if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr, 1392 &ipv6_hdr(skb)->daddr, skb->csum)) { 1393 skb->ip_summed = CHECKSUM_UNNECESSARY; 1394 return 0; 1395 } 1396 } 1397 1398 skb->csum = ~csum_unfold(tcp_v6_check(skb->len, 1399 &ipv6_hdr(skb)->saddr, 1400 &ipv6_hdr(skb)->daddr, 0)); 1401 1402 if (skb->len <= 76) { 1403 return __skb_checksum_complete(skb); 1404 } 1405 return 0; 1406 } 1407 1408 /* The socket must have it's spinlock held when we get 1409 * here. 1410 * 1411 * We have a potential double-lock case here, so even when 1412 * doing backlog processing we use the BH locking scheme. 1413 * This is because we cannot sleep with the original spinlock 1414 * held. 1415 */ 1416 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) 1417 { 1418 struct ipv6_pinfo *np = inet6_sk(sk); 1419 struct tcp_sock *tp; 1420 struct sk_buff *opt_skb = NULL; 1421 1422 /* Imagine: socket is IPv6. IPv4 packet arrives, 1423 goes to IPv4 receive handler and backlogged. 1424 From backlog it always goes here. Kerboom... 1425 Fortunately, tcp_rcv_established and rcv_established 1426 handle them correctly, but it is not case with 1427 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK 1428 */ 1429 1430 if (skb->protocol == htons(ETH_P_IP)) 1431 return tcp_v4_do_rcv(sk, skb); 1432 1433 #ifdef CONFIG_TCP_MD5SIG 1434 if (tcp_v6_inbound_md5_hash (sk, skb)) 1435 goto discard; 1436 #endif 1437 1438 if (sk_filter(sk, skb)) 1439 goto discard; 1440 1441 /* 1442 * socket locking is here for SMP purposes as backlog rcv 1443 * is currently called with bh processing disabled. 1444 */ 1445 1446 /* Do Stevens' IPV6_PKTOPTIONS. 1447 1448 Yes, guys, it is the only place in our code, where we 1449 may make it not affecting IPv4. 1450 The rest of code is protocol independent, 1451 and I do not like idea to uglify IPv4. 1452 1453 Actually, all the idea behind IPV6_PKTOPTIONS 1454 looks not very well thought. For now we latch 1455 options, received in the last packet, enqueued 1456 by tcp. Feel free to propose better solution. 1457 --ANK (980728) 1458 */ 1459 if (np->rxopt.all) 1460 opt_skb = skb_clone(skb, GFP_ATOMIC); 1461 1462 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */ 1463 sock_rps_save_rxhash(sk, skb); 1464 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len)) 1465 goto reset; 1466 if (opt_skb) 1467 goto ipv6_pktoptions; 1468 return 0; 1469 } 1470 1471 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb)) 1472 goto csum_err; 1473 1474 if (sk->sk_state == TCP_LISTEN) { 1475 struct sock *nsk = tcp_v6_hnd_req(sk, skb); 1476 if (!nsk) 1477 goto discard; 1478 1479 /* 1480 * Queue it on the new socket if the new socket is active, 1481 * otherwise we just shortcircuit this and continue with 1482 * the new socket.. 1483 */ 1484 if(nsk != sk) { 1485 sock_rps_save_rxhash(nsk, skb); 1486 if (tcp_child_process(sk, nsk, skb)) 1487 goto reset; 1488 if (opt_skb) 1489 __kfree_skb(opt_skb); 1490 return 0; 1491 } 1492 } else 1493 sock_rps_save_rxhash(sk, skb); 1494 1495 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) 1496 goto reset; 1497 if (opt_skb) 1498 goto ipv6_pktoptions; 1499 return 0; 1500 1501 reset: 1502 tcp_v6_send_reset(sk, skb); 1503 discard: 1504 if (opt_skb) 1505 __kfree_skb(opt_skb); 1506 kfree_skb(skb); 1507 return 0; 1508 csum_err: 1509 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS); 1510 goto discard; 1511 1512 1513 ipv6_pktoptions: 1514 /* Do you ask, what is it? 1515 1516 1. skb was enqueued by tcp. 1517 2. skb is added to tail of read queue, rather than out of order. 1518 3. socket is not in passive state. 1519 4. Finally, it really contains options, which user wants to receive. 1520 */ 1521 tp = tcp_sk(sk); 1522 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt && 1523 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) { 1524 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo) 1525 np->mcast_oif = inet6_iif(opt_skb); 1526 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) 1527 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit; 1528 if (np->rxopt.bits.rxtclass) 1529 np->rcv_tclass = ipv6_tclass(ipv6_hdr(skb)); 1530 if (ipv6_opt_accepted(sk, opt_skb)) { 1531 skb_set_owner_r(opt_skb, sk); 1532 opt_skb = xchg(&np->pktoptions, opt_skb); 1533 } else { 1534 __kfree_skb(opt_skb); 1535 opt_skb = xchg(&np->pktoptions, NULL); 1536 } 1537 } 1538 1539 kfree_skb(opt_skb); 1540 return 0; 1541 } 1542 1543 static int tcp_v6_rcv(struct sk_buff *skb) 1544 { 1545 const struct tcphdr *th; 1546 const struct ipv6hdr *hdr; 1547 struct sock *sk; 1548 int ret; 1549 struct net *net = dev_net(skb->dev); 1550 1551 if (skb->pkt_type != PACKET_HOST) 1552 goto discard_it; 1553 1554 /* 1555 * Count it even if it's bad. 1556 */ 1557 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS); 1558 1559 if (!pskb_may_pull(skb, sizeof(struct tcphdr))) 1560 goto discard_it; 1561 1562 th = tcp_hdr(skb); 1563 1564 if (th->doff < sizeof(struct tcphdr)/4) 1565 goto bad_packet; 1566 if (!pskb_may_pull(skb, th->doff*4)) 1567 goto discard_it; 1568 1569 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb)) 1570 goto bad_packet; 1571 1572 th = tcp_hdr(skb); 1573 hdr = ipv6_hdr(skb); 1574 TCP_SKB_CB(skb)->seq = ntohl(th->seq); 1575 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin + 1576 skb->len - th->doff*4); 1577 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq); 1578 TCP_SKB_CB(skb)->when = 0; 1579 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr); 1580 TCP_SKB_CB(skb)->sacked = 0; 1581 1582 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest); 1583 if (!sk) 1584 goto no_tcp_socket; 1585 1586 process: 1587 if (sk->sk_state == TCP_TIME_WAIT) 1588 goto do_time_wait; 1589 1590 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) { 1591 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); 1592 goto discard_and_relse; 1593 } 1594 1595 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) 1596 goto discard_and_relse; 1597 1598 if (sk_filter(sk, skb)) 1599 goto discard_and_relse; 1600 1601 skb->dev = NULL; 1602 1603 bh_lock_sock_nested(sk); 1604 ret = 0; 1605 if (!sock_owned_by_user(sk)) { 1606 #ifdef CONFIG_NET_DMA 1607 struct tcp_sock *tp = tcp_sk(sk); 1608 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list) 1609 tp->ucopy.dma_chan = net_dma_find_channel(); 1610 if (tp->ucopy.dma_chan) 1611 ret = tcp_v6_do_rcv(sk, skb); 1612 else 1613 #endif 1614 { 1615 if (!tcp_prequeue(sk, skb)) 1616 ret = tcp_v6_do_rcv(sk, skb); 1617 } 1618 } else if (unlikely(sk_add_backlog(sk, skb, 1619 sk->sk_rcvbuf + sk->sk_sndbuf))) { 1620 bh_unlock_sock(sk); 1621 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP); 1622 goto discard_and_relse; 1623 } 1624 bh_unlock_sock(sk); 1625 1626 sock_put(sk); 1627 return ret ? -1 : 0; 1628 1629 no_tcp_socket: 1630 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) 1631 goto discard_it; 1632 1633 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1634 bad_packet: 1635 TCP_INC_STATS_BH(net, TCP_MIB_INERRS); 1636 } else { 1637 tcp_v6_send_reset(NULL, skb); 1638 } 1639 1640 discard_it: 1641 1642 /* 1643 * Discard frame 1644 */ 1645 1646 kfree_skb(skb); 1647 return 0; 1648 1649 discard_and_relse: 1650 sock_put(sk); 1651 goto discard_it; 1652 1653 do_time_wait: 1654 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1655 inet_twsk_put(inet_twsk(sk)); 1656 goto discard_it; 1657 } 1658 1659 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1660 TCP_INC_STATS_BH(net, TCP_MIB_INERRS); 1661 inet_twsk_put(inet_twsk(sk)); 1662 goto discard_it; 1663 } 1664 1665 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) { 1666 case TCP_TW_SYN: 1667 { 1668 struct sock *sk2; 1669 1670 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo, 1671 &ipv6_hdr(skb)->daddr, 1672 ntohs(th->dest), inet6_iif(skb)); 1673 if (sk2 != NULL) { 1674 struct inet_timewait_sock *tw = inet_twsk(sk); 1675 inet_twsk_deschedule(tw, &tcp_death_row); 1676 inet_twsk_put(tw); 1677 sk = sk2; 1678 goto process; 1679 } 1680 /* Fall through to ACK */ 1681 } 1682 case TCP_TW_ACK: 1683 tcp_v6_timewait_ack(sk, skb); 1684 break; 1685 case TCP_TW_RST: 1686 goto no_tcp_socket; 1687 case TCP_TW_SUCCESS:; 1688 } 1689 goto discard_it; 1690 } 1691 1692 static struct timewait_sock_ops tcp6_timewait_sock_ops = { 1693 .twsk_obj_size = sizeof(struct tcp6_timewait_sock), 1694 .twsk_unique = tcp_twsk_unique, 1695 .twsk_destructor= tcp_twsk_destructor, 1696 }; 1697 1698 static const struct inet_connection_sock_af_ops ipv6_specific = { 1699 .queue_xmit = inet6_csk_xmit, 1700 .send_check = tcp_v6_send_check, 1701 .rebuild_header = inet6_sk_rebuild_header, 1702 .conn_request = tcp_v6_conn_request, 1703 .syn_recv_sock = tcp_v6_syn_recv_sock, 1704 .net_header_len = sizeof(struct ipv6hdr), 1705 .net_frag_header_len = sizeof(struct frag_hdr), 1706 .setsockopt = ipv6_setsockopt, 1707 .getsockopt = ipv6_getsockopt, 1708 .addr2sockaddr = inet6_csk_addr2sockaddr, 1709 .sockaddr_len = sizeof(struct sockaddr_in6), 1710 .bind_conflict = inet6_csk_bind_conflict, 1711 #ifdef CONFIG_COMPAT 1712 .compat_setsockopt = compat_ipv6_setsockopt, 1713 .compat_getsockopt = compat_ipv6_getsockopt, 1714 #endif 1715 }; 1716 1717 #ifdef CONFIG_TCP_MD5SIG 1718 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = { 1719 .md5_lookup = tcp_v6_md5_lookup, 1720 .calc_md5_hash = tcp_v6_md5_hash_skb, 1721 .md5_parse = tcp_v6_parse_md5_keys, 1722 }; 1723 #endif 1724 1725 /* 1726 * TCP over IPv4 via INET6 API 1727 */ 1728 1729 static const struct inet_connection_sock_af_ops ipv6_mapped = { 1730 .queue_xmit = ip_queue_xmit, 1731 .send_check = tcp_v4_send_check, 1732 .rebuild_header = inet_sk_rebuild_header, 1733 .conn_request = tcp_v6_conn_request, 1734 .syn_recv_sock = tcp_v6_syn_recv_sock, 1735 .net_header_len = sizeof(struct iphdr), 1736 .setsockopt = ipv6_setsockopt, 1737 .getsockopt = ipv6_getsockopt, 1738 .addr2sockaddr = inet6_csk_addr2sockaddr, 1739 .sockaddr_len = sizeof(struct sockaddr_in6), 1740 .bind_conflict = inet6_csk_bind_conflict, 1741 #ifdef CONFIG_COMPAT 1742 .compat_setsockopt = compat_ipv6_setsockopt, 1743 .compat_getsockopt = compat_ipv6_getsockopt, 1744 #endif 1745 }; 1746 1747 #ifdef CONFIG_TCP_MD5SIG 1748 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = { 1749 .md5_lookup = tcp_v4_md5_lookup, 1750 .calc_md5_hash = tcp_v4_md5_hash_skb, 1751 .md5_parse = tcp_v6_parse_md5_keys, 1752 }; 1753 #endif 1754 1755 /* NOTE: A lot of things set to zero explicitly by call to 1756 * sk_alloc() so need not be done here. 1757 */ 1758 static int tcp_v6_init_sock(struct sock *sk) 1759 { 1760 struct inet_connection_sock *icsk = inet_csk(sk); 1761 1762 tcp_init_sock(sk); 1763 1764 icsk->icsk_af_ops = &ipv6_specific; 1765 1766 #ifdef CONFIG_TCP_MD5SIG 1767 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific; 1768 #endif 1769 1770 return 0; 1771 } 1772 1773 static void tcp_v6_destroy_sock(struct sock *sk) 1774 { 1775 tcp_v4_destroy_sock(sk); 1776 inet6_destroy_sock(sk); 1777 } 1778 1779 #ifdef CONFIG_PROC_FS 1780 /* Proc filesystem TCPv6 sock list dumping. */ 1781 static void get_openreq6(struct seq_file *seq, 1782 const struct sock *sk, struct request_sock *req, int i, int uid) 1783 { 1784 int ttd = req->expires - jiffies; 1785 const struct in6_addr *src = &inet6_rsk(req)->loc_addr; 1786 const struct in6_addr *dest = &inet6_rsk(req)->rmt_addr; 1787 1788 if (ttd < 0) 1789 ttd = 0; 1790 1791 seq_printf(seq, 1792 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1793 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n", 1794 i, 1795 src->s6_addr32[0], src->s6_addr32[1], 1796 src->s6_addr32[2], src->s6_addr32[3], 1797 ntohs(inet_rsk(req)->loc_port), 1798 dest->s6_addr32[0], dest->s6_addr32[1], 1799 dest->s6_addr32[2], dest->s6_addr32[3], 1800 ntohs(inet_rsk(req)->rmt_port), 1801 TCP_SYN_RECV, 1802 0,0, /* could print option size, but that is af dependent. */ 1803 1, /* timers active (only the expire timer) */ 1804 jiffies_to_clock_t(ttd), 1805 req->retrans, 1806 uid, 1807 0, /* non standard timer */ 1808 0, /* open_requests have no inode */ 1809 0, req); 1810 } 1811 1812 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) 1813 { 1814 const struct in6_addr *dest, *src; 1815 __u16 destp, srcp; 1816 int timer_active; 1817 unsigned long timer_expires; 1818 const struct inet_sock *inet = inet_sk(sp); 1819 const struct tcp_sock *tp = tcp_sk(sp); 1820 const struct inet_connection_sock *icsk = inet_csk(sp); 1821 const struct ipv6_pinfo *np = inet6_sk(sp); 1822 1823 dest = &np->daddr; 1824 src = &np->rcv_saddr; 1825 destp = ntohs(inet->inet_dport); 1826 srcp = ntohs(inet->inet_sport); 1827 1828 if (icsk->icsk_pending == ICSK_TIME_RETRANS) { 1829 timer_active = 1; 1830 timer_expires = icsk->icsk_timeout; 1831 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) { 1832 timer_active = 4; 1833 timer_expires = icsk->icsk_timeout; 1834 } else if (timer_pending(&sp->sk_timer)) { 1835 timer_active = 2; 1836 timer_expires = sp->sk_timer.expires; 1837 } else { 1838 timer_active = 0; 1839 timer_expires = jiffies; 1840 } 1841 1842 seq_printf(seq, 1843 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1844 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %pK %lu %lu %u %u %d\n", 1845 i, 1846 src->s6_addr32[0], src->s6_addr32[1], 1847 src->s6_addr32[2], src->s6_addr32[3], srcp, 1848 dest->s6_addr32[0], dest->s6_addr32[1], 1849 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1850 sp->sk_state, 1851 tp->write_seq-tp->snd_una, 1852 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq), 1853 timer_active, 1854 jiffies_to_clock_t(timer_expires - jiffies), 1855 icsk->icsk_retransmits, 1856 sock_i_uid(sp), 1857 icsk->icsk_probes_out, 1858 sock_i_ino(sp), 1859 atomic_read(&sp->sk_refcnt), sp, 1860 jiffies_to_clock_t(icsk->icsk_rto), 1861 jiffies_to_clock_t(icsk->icsk_ack.ato), 1862 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong, 1863 tp->snd_cwnd, 1864 tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh 1865 ); 1866 } 1867 1868 static void get_timewait6_sock(struct seq_file *seq, 1869 struct inet_timewait_sock *tw, int i) 1870 { 1871 const struct in6_addr *dest, *src; 1872 __u16 destp, srcp; 1873 const struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw); 1874 int ttd = tw->tw_ttd - jiffies; 1875 1876 if (ttd < 0) 1877 ttd = 0; 1878 1879 dest = &tw6->tw_v6_daddr; 1880 src = &tw6->tw_v6_rcv_saddr; 1881 destp = ntohs(tw->tw_dport); 1882 srcp = ntohs(tw->tw_sport); 1883 1884 seq_printf(seq, 1885 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1886 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n", 1887 i, 1888 src->s6_addr32[0], src->s6_addr32[1], 1889 src->s6_addr32[2], src->s6_addr32[3], srcp, 1890 dest->s6_addr32[0], dest->s6_addr32[1], 1891 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1892 tw->tw_substate, 0, 0, 1893 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, 1894 atomic_read(&tw->tw_refcnt), tw); 1895 } 1896 1897 static int tcp6_seq_show(struct seq_file *seq, void *v) 1898 { 1899 struct tcp_iter_state *st; 1900 1901 if (v == SEQ_START_TOKEN) { 1902 seq_puts(seq, 1903 " sl " 1904 "local_address " 1905 "remote_address " 1906 "st tx_queue rx_queue tr tm->when retrnsmt" 1907 " uid timeout inode\n"); 1908 goto out; 1909 } 1910 st = seq->private; 1911 1912 switch (st->state) { 1913 case TCP_SEQ_STATE_LISTENING: 1914 case TCP_SEQ_STATE_ESTABLISHED: 1915 get_tcp6_sock(seq, v, st->num); 1916 break; 1917 case TCP_SEQ_STATE_OPENREQ: 1918 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid); 1919 break; 1920 case TCP_SEQ_STATE_TIME_WAIT: 1921 get_timewait6_sock(seq, v, st->num); 1922 break; 1923 } 1924 out: 1925 return 0; 1926 } 1927 1928 static const struct file_operations tcp6_afinfo_seq_fops = { 1929 .owner = THIS_MODULE, 1930 .open = tcp_seq_open, 1931 .read = seq_read, 1932 .llseek = seq_lseek, 1933 .release = seq_release_net 1934 }; 1935 1936 static struct tcp_seq_afinfo tcp6_seq_afinfo = { 1937 .name = "tcp6", 1938 .family = AF_INET6, 1939 .seq_fops = &tcp6_afinfo_seq_fops, 1940 .seq_ops = { 1941 .show = tcp6_seq_show, 1942 }, 1943 }; 1944 1945 int __net_init tcp6_proc_init(struct net *net) 1946 { 1947 return tcp_proc_register(net, &tcp6_seq_afinfo); 1948 } 1949 1950 void tcp6_proc_exit(struct net *net) 1951 { 1952 tcp_proc_unregister(net, &tcp6_seq_afinfo); 1953 } 1954 #endif 1955 1956 struct proto tcpv6_prot = { 1957 .name = "TCPv6", 1958 .owner = THIS_MODULE, 1959 .close = tcp_close, 1960 .connect = tcp_v6_connect, 1961 .disconnect = tcp_disconnect, 1962 .accept = inet_csk_accept, 1963 .ioctl = tcp_ioctl, 1964 .init = tcp_v6_init_sock, 1965 .destroy = tcp_v6_destroy_sock, 1966 .shutdown = tcp_shutdown, 1967 .setsockopt = tcp_setsockopt, 1968 .getsockopt = tcp_getsockopt, 1969 .recvmsg = tcp_recvmsg, 1970 .sendmsg = tcp_sendmsg, 1971 .sendpage = tcp_sendpage, 1972 .backlog_rcv = tcp_v6_do_rcv, 1973 .release_cb = tcp_release_cb, 1974 .hash = tcp_v6_hash, 1975 .unhash = inet_unhash, 1976 .get_port = inet_csk_get_port, 1977 .enter_memory_pressure = tcp_enter_memory_pressure, 1978 .sockets_allocated = &tcp_sockets_allocated, 1979 .memory_allocated = &tcp_memory_allocated, 1980 .memory_pressure = &tcp_memory_pressure, 1981 .orphan_count = &tcp_orphan_count, 1982 .sysctl_wmem = sysctl_tcp_wmem, 1983 .sysctl_rmem = sysctl_tcp_rmem, 1984 .max_header = MAX_TCP_HEADER, 1985 .obj_size = sizeof(struct tcp6_sock), 1986 .slab_flags = SLAB_DESTROY_BY_RCU, 1987 .twsk_prot = &tcp6_timewait_sock_ops, 1988 .rsk_prot = &tcp6_request_sock_ops, 1989 .h.hashinfo = &tcp_hashinfo, 1990 .no_autobind = true, 1991 #ifdef CONFIG_COMPAT 1992 .compat_setsockopt = compat_tcp_setsockopt, 1993 .compat_getsockopt = compat_tcp_getsockopt, 1994 #endif 1995 #ifdef CONFIG_CGROUP_MEM_RES_CTLR_KMEM 1996 .proto_cgroup = tcp_proto_cgroup, 1997 #endif 1998 }; 1999 2000 static const struct inet6_protocol tcpv6_protocol = { 2001 .handler = tcp_v6_rcv, 2002 .err_handler = tcp_v6_err, 2003 .gso_send_check = tcp_v6_gso_send_check, 2004 .gso_segment = tcp_tso_segment, 2005 .gro_receive = tcp6_gro_receive, 2006 .gro_complete = tcp6_gro_complete, 2007 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 2008 }; 2009 2010 static struct inet_protosw tcpv6_protosw = { 2011 .type = SOCK_STREAM, 2012 .protocol = IPPROTO_TCP, 2013 .prot = &tcpv6_prot, 2014 .ops = &inet6_stream_ops, 2015 .no_check = 0, 2016 .flags = INET_PROTOSW_PERMANENT | 2017 INET_PROTOSW_ICSK, 2018 }; 2019 2020 static int __net_init tcpv6_net_init(struct net *net) 2021 { 2022 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6, 2023 SOCK_RAW, IPPROTO_TCP, net); 2024 } 2025 2026 static void __net_exit tcpv6_net_exit(struct net *net) 2027 { 2028 inet_ctl_sock_destroy(net->ipv6.tcp_sk); 2029 } 2030 2031 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list) 2032 { 2033 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6); 2034 } 2035 2036 static struct pernet_operations tcpv6_net_ops = { 2037 .init = tcpv6_net_init, 2038 .exit = tcpv6_net_exit, 2039 .exit_batch = tcpv6_net_exit_batch, 2040 }; 2041 2042 int __init tcpv6_init(void) 2043 { 2044 int ret; 2045 2046 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP); 2047 if (ret) 2048 goto out; 2049 2050 /* register inet6 protocol */ 2051 ret = inet6_register_protosw(&tcpv6_protosw); 2052 if (ret) 2053 goto out_tcpv6_protocol; 2054 2055 ret = register_pernet_subsys(&tcpv6_net_ops); 2056 if (ret) 2057 goto out_tcpv6_protosw; 2058 out: 2059 return ret; 2060 2061 out_tcpv6_protocol: 2062 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP); 2063 out_tcpv6_protosw: 2064 inet6_unregister_protosw(&tcpv6_protosw); 2065 goto out; 2066 } 2067 2068 void tcpv6_exit(void) 2069 { 2070 unregister_pernet_subsys(&tcpv6_net_ops); 2071 inet6_unregister_protosw(&tcpv6_protosw); 2072 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP); 2073 } 2074