1 /* 2 * INET An implementation of the TCP/IP protocol suite for the LINUX 3 * operating system. INET is implemented using the BSD Socket 4 * interface as the means of communication with the user level. 5 * 6 * Implementation of the Transmission Control Protocol(TCP). 7 * 8 * IPv4 specific functions 9 * 10 * 11 * code split from: 12 * linux/ipv4/tcp.c 13 * linux/ipv4/tcp_input.c 14 * linux/ipv4/tcp_output.c 15 * 16 * See tcp.c for author information 17 * 18 * This program is free software; you can redistribute it and/or 19 * modify it under the terms of the GNU General Public License 20 * as published by the Free Software Foundation; either version 21 * 2 of the License, or (at your option) any later version. 22 */ 23 24 /* 25 * Changes: 26 * David S. Miller : New socket lookup architecture. 27 * This code is dedicated to John Dyson. 28 * David S. Miller : Change semantics of established hash, 29 * half is devoted to TIME_WAIT sockets 30 * and the rest go in the other half. 31 * Andi Kleen : Add support for syncookies and fixed 32 * some bugs: ip options weren't passed to 33 * the TCP layer, missed a check for an 34 * ACK bit. 35 * Andi Kleen : Implemented fast path mtu discovery. 36 * Fixed many serious bugs in the 37 * request_sock handling and moved 38 * most of it into the af independent code. 39 * Added tail drop and some other bugfixes. 40 * Added new listen semantics. 41 * Mike McLagan : Routing by source 42 * Juan Jose Ciarlante: ip_dynaddr bits 43 * Andi Kleen: various fixes. 44 * Vitaly E. Lavrov : Transparent proxy revived after year 45 * coma. 46 * Andi Kleen : Fix new listen. 47 * Andi Kleen : Fix accept error reporting. 48 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which 49 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind 50 * a single port at the same time. 51 */ 52 53 #define pr_fmt(fmt) "TCP: " fmt 54 55 #include <linux/bottom_half.h> 56 #include <linux/types.h> 57 #include <linux/fcntl.h> 58 #include <linux/module.h> 59 #include <linux/random.h> 60 #include <linux/cache.h> 61 #include <linux/jhash.h> 62 #include <linux/init.h> 63 #include <linux/times.h> 64 #include <linux/slab.h> 65 66 #include <net/net_namespace.h> 67 #include <net/icmp.h> 68 #include <net/inet_hashtables.h> 69 #include <net/tcp.h> 70 #include <net/transp_v6.h> 71 #include <net/ipv6.h> 72 #include <net/inet_common.h> 73 #include <net/timewait_sock.h> 74 #include <net/xfrm.h> 75 #include <net/netdma.h> 76 #include <net/secure_seq.h> 77 #include <net/tcp_memcontrol.h> 78 #include <net/busy_poll.h> 79 80 #include <linux/inet.h> 81 #include <linux/ipv6.h> 82 #include <linux/stddef.h> 83 #include <linux/proc_fs.h> 84 #include <linux/seq_file.h> 85 86 #include <linux/crypto.h> 87 #include <linux/scatterlist.h> 88 89 int sysctl_tcp_tw_reuse __read_mostly; 90 int sysctl_tcp_low_latency __read_mostly; 91 EXPORT_SYMBOL(sysctl_tcp_low_latency); 92 93 94 #ifdef CONFIG_TCP_MD5SIG 95 static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key, 96 __be32 daddr, __be32 saddr, const struct tcphdr *th); 97 #endif 98 99 struct inet_hashinfo tcp_hashinfo; 100 EXPORT_SYMBOL(tcp_hashinfo); 101 102 static inline __u32 tcp_v4_init_sequence(const struct sk_buff *skb) 103 { 104 return secure_tcp_sequence_number(ip_hdr(skb)->daddr, 105 ip_hdr(skb)->saddr, 106 tcp_hdr(skb)->dest, 107 tcp_hdr(skb)->source); 108 } 109 110 int tcp_twsk_unique(struct sock *sk, struct sock *sktw, void *twp) 111 { 112 const struct tcp_timewait_sock *tcptw = tcp_twsk(sktw); 113 struct tcp_sock *tp = tcp_sk(sk); 114 115 /* With PAWS, it is safe from the viewpoint 116 of data integrity. Even without PAWS it is safe provided sequence 117 spaces do not overlap i.e. at data rates <= 80Mbit/sec. 118 119 Actually, the idea is close to VJ's one, only timestamp cache is 120 held not per host, but per port pair and TW bucket is used as state 121 holder. 122 123 If TW bucket has been already destroyed we fall back to VJ's scheme 124 and use initial timestamp retrieved from peer table. 125 */ 126 if (tcptw->tw_ts_recent_stamp && 127 (twp == NULL || (sysctl_tcp_tw_reuse && 128 get_seconds() - tcptw->tw_ts_recent_stamp > 1))) { 129 tp->write_seq = tcptw->tw_snd_nxt + 65535 + 2; 130 if (tp->write_seq == 0) 131 tp->write_seq = 1; 132 tp->rx_opt.ts_recent = tcptw->tw_ts_recent; 133 tp->rx_opt.ts_recent_stamp = tcptw->tw_ts_recent_stamp; 134 sock_hold(sktw); 135 return 1; 136 } 137 138 return 0; 139 } 140 EXPORT_SYMBOL_GPL(tcp_twsk_unique); 141 142 /* This will initiate an outgoing connection. */ 143 int tcp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) 144 { 145 struct sockaddr_in *usin = (struct sockaddr_in *)uaddr; 146 struct inet_sock *inet = inet_sk(sk); 147 struct tcp_sock *tp = tcp_sk(sk); 148 __be16 orig_sport, orig_dport; 149 __be32 daddr, nexthop; 150 struct flowi4 *fl4; 151 struct rtable *rt; 152 int err; 153 struct ip_options_rcu *inet_opt; 154 155 if (addr_len < sizeof(struct sockaddr_in)) 156 return -EINVAL; 157 158 if (usin->sin_family != AF_INET) 159 return -EAFNOSUPPORT; 160 161 nexthop = daddr = usin->sin_addr.s_addr; 162 inet_opt = rcu_dereference_protected(inet->inet_opt, 163 sock_owned_by_user(sk)); 164 if (inet_opt && inet_opt->opt.srr) { 165 if (!daddr) 166 return -EINVAL; 167 nexthop = inet_opt->opt.faddr; 168 } 169 170 orig_sport = inet->inet_sport; 171 orig_dport = usin->sin_port; 172 fl4 = &inet->cork.fl.u.ip4; 173 rt = ip_route_connect(fl4, nexthop, inet->inet_saddr, 174 RT_CONN_FLAGS(sk), sk->sk_bound_dev_if, 175 IPPROTO_TCP, 176 orig_sport, orig_dport, sk); 177 if (IS_ERR(rt)) { 178 err = PTR_ERR(rt); 179 if (err == -ENETUNREACH) 180 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTNOROUTES); 181 return err; 182 } 183 184 if (rt->rt_flags & (RTCF_MULTICAST | RTCF_BROADCAST)) { 185 ip_rt_put(rt); 186 return -ENETUNREACH; 187 } 188 189 if (!inet_opt || !inet_opt->opt.srr) 190 daddr = fl4->daddr; 191 192 if (!inet->inet_saddr) 193 inet->inet_saddr = fl4->saddr; 194 inet->inet_rcv_saddr = inet->inet_saddr; 195 196 if (tp->rx_opt.ts_recent_stamp && inet->inet_daddr != daddr) { 197 /* Reset inherited state */ 198 tp->rx_opt.ts_recent = 0; 199 tp->rx_opt.ts_recent_stamp = 0; 200 if (likely(!tp->repair)) 201 tp->write_seq = 0; 202 } 203 204 if (tcp_death_row.sysctl_tw_recycle && 205 !tp->rx_opt.ts_recent_stamp && fl4->daddr == daddr) 206 tcp_fetch_timewait_stamp(sk, &rt->dst); 207 208 inet->inet_dport = usin->sin_port; 209 inet->inet_daddr = daddr; 210 211 inet_csk(sk)->icsk_ext_hdr_len = 0; 212 if (inet_opt) 213 inet_csk(sk)->icsk_ext_hdr_len = inet_opt->opt.optlen; 214 215 tp->rx_opt.mss_clamp = TCP_MSS_DEFAULT; 216 217 /* Socket identity is still unknown (sport may be zero). 218 * However we set state to SYN-SENT and not releasing socket 219 * lock select source port, enter ourselves into the hash tables and 220 * complete initialization after this. 221 */ 222 tcp_set_state(sk, TCP_SYN_SENT); 223 err = inet_hash_connect(&tcp_death_row, sk); 224 if (err) 225 goto failure; 226 227 rt = ip_route_newports(fl4, rt, orig_sport, orig_dport, 228 inet->inet_sport, inet->inet_dport, sk); 229 if (IS_ERR(rt)) { 230 err = PTR_ERR(rt); 231 rt = NULL; 232 goto failure; 233 } 234 /* OK, now commit destination to socket. */ 235 sk->sk_gso_type = SKB_GSO_TCPV4; 236 sk_setup_caps(sk, &rt->dst); 237 238 if (!tp->write_seq && likely(!tp->repair)) 239 tp->write_seq = secure_tcp_sequence_number(inet->inet_saddr, 240 inet->inet_daddr, 241 inet->inet_sport, 242 usin->sin_port); 243 244 inet->inet_id = tp->write_seq ^ jiffies; 245 246 err = tcp_connect(sk); 247 248 rt = NULL; 249 if (err) 250 goto failure; 251 252 return 0; 253 254 failure: 255 /* 256 * This unhashes the socket and releases the local port, 257 * if necessary. 258 */ 259 tcp_set_state(sk, TCP_CLOSE); 260 ip_rt_put(rt); 261 sk->sk_route_caps = 0; 262 inet->inet_dport = 0; 263 return err; 264 } 265 EXPORT_SYMBOL(tcp_v4_connect); 266 267 /* 268 * This routine reacts to ICMP_FRAG_NEEDED mtu indications as defined in RFC1191. 269 * It can be called through tcp_release_cb() if socket was owned by user 270 * at the time tcp_v4_err() was called to handle ICMP message. 271 */ 272 static void tcp_v4_mtu_reduced(struct sock *sk) 273 { 274 struct dst_entry *dst; 275 struct inet_sock *inet = inet_sk(sk); 276 u32 mtu = tcp_sk(sk)->mtu_info; 277 278 dst = inet_csk_update_pmtu(sk, mtu); 279 if (!dst) 280 return; 281 282 /* Something is about to be wrong... Remember soft error 283 * for the case, if this connection will not able to recover. 284 */ 285 if (mtu < dst_mtu(dst) && ip_dont_fragment(sk, dst)) 286 sk->sk_err_soft = EMSGSIZE; 287 288 mtu = dst_mtu(dst); 289 290 if (inet->pmtudisc != IP_PMTUDISC_DONT && 291 ip_sk_accept_pmtu(sk) && 292 inet_csk(sk)->icsk_pmtu_cookie > mtu) { 293 tcp_sync_mss(sk, mtu); 294 295 /* Resend the TCP packet because it's 296 * clear that the old packet has been 297 * dropped. This is the new "fast" path mtu 298 * discovery. 299 */ 300 tcp_simple_retransmit(sk); 301 } /* else let the usual retransmit timer handle it */ 302 } 303 304 static void do_redirect(struct sk_buff *skb, struct sock *sk) 305 { 306 struct dst_entry *dst = __sk_dst_check(sk, 0); 307 308 if (dst) 309 dst->ops->redirect(dst, sk, skb); 310 } 311 312 /* 313 * This routine is called by the ICMP module when it gets some 314 * sort of error condition. If err < 0 then the socket should 315 * be closed and the error returned to the user. If err > 0 316 * it's just the icmp type << 8 | icmp code. After adjustment 317 * header points to the first 8 bytes of the tcp header. We need 318 * to find the appropriate port. 319 * 320 * The locking strategy used here is very "optimistic". When 321 * someone else accesses the socket the ICMP is just dropped 322 * and for some paths there is no check at all. 323 * A more general error queue to queue errors for later handling 324 * is probably better. 325 * 326 */ 327 328 void tcp_v4_err(struct sk_buff *icmp_skb, u32 info) 329 { 330 const struct iphdr *iph = (const struct iphdr *)icmp_skb->data; 331 struct tcphdr *th = (struct tcphdr *)(icmp_skb->data + (iph->ihl << 2)); 332 struct inet_connection_sock *icsk; 333 struct tcp_sock *tp; 334 struct inet_sock *inet; 335 const int type = icmp_hdr(icmp_skb)->type; 336 const int code = icmp_hdr(icmp_skb)->code; 337 struct sock *sk; 338 struct sk_buff *skb; 339 struct request_sock *fastopen; 340 __u32 seq, snd_una; 341 __u32 remaining; 342 int err; 343 struct net *net = dev_net(icmp_skb->dev); 344 345 if (icmp_skb->len < (iph->ihl << 2) + 8) { 346 ICMP_INC_STATS_BH(net, ICMP_MIB_INERRORS); 347 return; 348 } 349 350 sk = inet_lookup(net, &tcp_hashinfo, iph->daddr, th->dest, 351 iph->saddr, th->source, inet_iif(icmp_skb)); 352 if (!sk) { 353 ICMP_INC_STATS_BH(net, ICMP_MIB_INERRORS); 354 return; 355 } 356 if (sk->sk_state == TCP_TIME_WAIT) { 357 inet_twsk_put(inet_twsk(sk)); 358 return; 359 } 360 361 bh_lock_sock(sk); 362 /* If too many ICMPs get dropped on busy 363 * servers this needs to be solved differently. 364 * We do take care of PMTU discovery (RFC1191) special case : 365 * we can receive locally generated ICMP messages while socket is held. 366 */ 367 if (sock_owned_by_user(sk)) { 368 if (!(type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED)) 369 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS); 370 } 371 if (sk->sk_state == TCP_CLOSE) 372 goto out; 373 374 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) { 375 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); 376 goto out; 377 } 378 379 icsk = inet_csk(sk); 380 tp = tcp_sk(sk); 381 seq = ntohl(th->seq); 382 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */ 383 fastopen = tp->fastopen_rsk; 384 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una; 385 if (sk->sk_state != TCP_LISTEN && 386 !between(seq, snd_una, tp->snd_nxt)) { 387 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS); 388 goto out; 389 } 390 391 switch (type) { 392 case ICMP_REDIRECT: 393 do_redirect(icmp_skb, sk); 394 goto out; 395 case ICMP_SOURCE_QUENCH: 396 /* Just silently ignore these. */ 397 goto out; 398 case ICMP_PARAMETERPROB: 399 err = EPROTO; 400 break; 401 case ICMP_DEST_UNREACH: 402 if (code > NR_ICMP_UNREACH) 403 goto out; 404 405 if (code == ICMP_FRAG_NEEDED) { /* PMTU discovery (RFC1191) */ 406 /* We are not interested in TCP_LISTEN and open_requests 407 * (SYN-ACKs send out by Linux are always <576bytes so 408 * they should go through unfragmented). 409 */ 410 if (sk->sk_state == TCP_LISTEN) 411 goto out; 412 413 tp->mtu_info = info; 414 if (!sock_owned_by_user(sk)) { 415 tcp_v4_mtu_reduced(sk); 416 } else { 417 if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED, &tp->tsq_flags)) 418 sock_hold(sk); 419 } 420 goto out; 421 } 422 423 err = icmp_err_convert[code].errno; 424 /* check if icmp_skb allows revert of backoff 425 * (see draft-zimmermann-tcp-lcd) */ 426 if (code != ICMP_NET_UNREACH && code != ICMP_HOST_UNREACH) 427 break; 428 if (seq != tp->snd_una || !icsk->icsk_retransmits || 429 !icsk->icsk_backoff || fastopen) 430 break; 431 432 if (sock_owned_by_user(sk)) 433 break; 434 435 icsk->icsk_backoff--; 436 inet_csk(sk)->icsk_rto = (tp->srtt_us ? __tcp_set_rto(tp) : 437 TCP_TIMEOUT_INIT) << icsk->icsk_backoff; 438 tcp_bound_rto(sk); 439 440 skb = tcp_write_queue_head(sk); 441 BUG_ON(!skb); 442 443 remaining = icsk->icsk_rto - min(icsk->icsk_rto, 444 tcp_time_stamp - TCP_SKB_CB(skb)->when); 445 446 if (remaining) { 447 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS, 448 remaining, TCP_RTO_MAX); 449 } else { 450 /* RTO revert clocked out retransmission. 451 * Will retransmit now */ 452 tcp_retransmit_timer(sk); 453 } 454 455 break; 456 case ICMP_TIME_EXCEEDED: 457 err = EHOSTUNREACH; 458 break; 459 default: 460 goto out; 461 } 462 463 switch (sk->sk_state) { 464 struct request_sock *req, **prev; 465 case TCP_LISTEN: 466 if (sock_owned_by_user(sk)) 467 goto out; 468 469 req = inet_csk_search_req(sk, &prev, th->dest, 470 iph->daddr, iph->saddr); 471 if (!req) 472 goto out; 473 474 /* ICMPs are not backlogged, hence we cannot get 475 an established socket here. 476 */ 477 WARN_ON(req->sk); 478 479 if (seq != tcp_rsk(req)->snt_isn) { 480 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS); 481 goto out; 482 } 483 484 /* 485 * Still in SYN_RECV, just remove it silently. 486 * There is no good way to pass the error to the newly 487 * created socket, and POSIX does not want network 488 * errors returned from accept(). 489 */ 490 inet_csk_reqsk_queue_drop(sk, req, prev); 491 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS); 492 goto out; 493 494 case TCP_SYN_SENT: 495 case TCP_SYN_RECV: 496 /* Only in fast or simultaneous open. If a fast open socket is 497 * is already accepted it is treated as a connected one below. 498 */ 499 if (fastopen && fastopen->sk == NULL) 500 break; 501 502 if (!sock_owned_by_user(sk)) { 503 sk->sk_err = err; 504 505 sk->sk_error_report(sk); 506 507 tcp_done(sk); 508 } else { 509 sk->sk_err_soft = err; 510 } 511 goto out; 512 } 513 514 /* If we've already connected we will keep trying 515 * until we time out, or the user gives up. 516 * 517 * rfc1122 4.2.3.9 allows to consider as hard errors 518 * only PROTO_UNREACH and PORT_UNREACH (well, FRAG_FAILED too, 519 * but it is obsoleted by pmtu discovery). 520 * 521 * Note, that in modern internet, where routing is unreliable 522 * and in each dark corner broken firewalls sit, sending random 523 * errors ordered by their masters even this two messages finally lose 524 * their original sense (even Linux sends invalid PORT_UNREACHs) 525 * 526 * Now we are in compliance with RFCs. 527 * --ANK (980905) 528 */ 529 530 inet = inet_sk(sk); 531 if (!sock_owned_by_user(sk) && inet->recverr) { 532 sk->sk_err = err; 533 sk->sk_error_report(sk); 534 } else { /* Only an error on timeout */ 535 sk->sk_err_soft = err; 536 } 537 538 out: 539 bh_unlock_sock(sk); 540 sock_put(sk); 541 } 542 543 void __tcp_v4_send_check(struct sk_buff *skb, __be32 saddr, __be32 daddr) 544 { 545 struct tcphdr *th = tcp_hdr(skb); 546 547 if (skb->ip_summed == CHECKSUM_PARTIAL) { 548 th->check = ~tcp_v4_check(skb->len, saddr, daddr, 0); 549 skb->csum_start = skb_transport_header(skb) - skb->head; 550 skb->csum_offset = offsetof(struct tcphdr, check); 551 } else { 552 th->check = tcp_v4_check(skb->len, saddr, daddr, 553 csum_partial(th, 554 th->doff << 2, 555 skb->csum)); 556 } 557 } 558 559 /* This routine computes an IPv4 TCP checksum. */ 560 void tcp_v4_send_check(struct sock *sk, struct sk_buff *skb) 561 { 562 const struct inet_sock *inet = inet_sk(sk); 563 564 __tcp_v4_send_check(skb, inet->inet_saddr, inet->inet_daddr); 565 } 566 EXPORT_SYMBOL(tcp_v4_send_check); 567 568 /* 569 * This routine will send an RST to the other tcp. 570 * 571 * Someone asks: why I NEVER use socket parameters (TOS, TTL etc.) 572 * for reset. 573 * Answer: if a packet caused RST, it is not for a socket 574 * existing in our system, if it is matched to a socket, 575 * it is just duplicate segment or bug in other side's TCP. 576 * So that we build reply only basing on parameters 577 * arrived with segment. 578 * Exception: precedence violation. We do not implement it in any case. 579 */ 580 581 static void tcp_v4_send_reset(struct sock *sk, struct sk_buff *skb) 582 { 583 const struct tcphdr *th = tcp_hdr(skb); 584 struct { 585 struct tcphdr th; 586 #ifdef CONFIG_TCP_MD5SIG 587 __be32 opt[(TCPOLEN_MD5SIG_ALIGNED >> 2)]; 588 #endif 589 } rep; 590 struct ip_reply_arg arg; 591 #ifdef CONFIG_TCP_MD5SIG 592 struct tcp_md5sig_key *key; 593 const __u8 *hash_location = NULL; 594 unsigned char newhash[16]; 595 int genhash; 596 struct sock *sk1 = NULL; 597 #endif 598 struct net *net; 599 600 /* Never send a reset in response to a reset. */ 601 if (th->rst) 602 return; 603 604 if (skb_rtable(skb)->rt_type != RTN_LOCAL) 605 return; 606 607 /* Swap the send and the receive. */ 608 memset(&rep, 0, sizeof(rep)); 609 rep.th.dest = th->source; 610 rep.th.source = th->dest; 611 rep.th.doff = sizeof(struct tcphdr) / 4; 612 rep.th.rst = 1; 613 614 if (th->ack) { 615 rep.th.seq = th->ack_seq; 616 } else { 617 rep.th.ack = 1; 618 rep.th.ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin + 619 skb->len - (th->doff << 2)); 620 } 621 622 memset(&arg, 0, sizeof(arg)); 623 arg.iov[0].iov_base = (unsigned char *)&rep; 624 arg.iov[0].iov_len = sizeof(rep.th); 625 626 #ifdef CONFIG_TCP_MD5SIG 627 hash_location = tcp_parse_md5sig_option(th); 628 if (!sk && hash_location) { 629 /* 630 * active side is lost. Try to find listening socket through 631 * source port, and then find md5 key through listening socket. 632 * we are not loose security here: 633 * Incoming packet is checked with md5 hash with finding key, 634 * no RST generated if md5 hash doesn't match. 635 */ 636 sk1 = __inet_lookup_listener(dev_net(skb_dst(skb)->dev), 637 &tcp_hashinfo, ip_hdr(skb)->saddr, 638 th->source, ip_hdr(skb)->daddr, 639 ntohs(th->source), inet_iif(skb)); 640 /* don't send rst if it can't find key */ 641 if (!sk1) 642 return; 643 rcu_read_lock(); 644 key = tcp_md5_do_lookup(sk1, (union tcp_md5_addr *) 645 &ip_hdr(skb)->saddr, AF_INET); 646 if (!key) 647 goto release_sk1; 648 649 genhash = tcp_v4_md5_hash_skb(newhash, key, NULL, NULL, skb); 650 if (genhash || memcmp(hash_location, newhash, 16) != 0) 651 goto release_sk1; 652 } else { 653 key = sk ? tcp_md5_do_lookup(sk, (union tcp_md5_addr *) 654 &ip_hdr(skb)->saddr, 655 AF_INET) : NULL; 656 } 657 658 if (key) { 659 rep.opt[0] = htonl((TCPOPT_NOP << 24) | 660 (TCPOPT_NOP << 16) | 661 (TCPOPT_MD5SIG << 8) | 662 TCPOLEN_MD5SIG); 663 /* Update length and the length the header thinks exists */ 664 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED; 665 rep.th.doff = arg.iov[0].iov_len / 4; 666 667 tcp_v4_md5_hash_hdr((__u8 *) &rep.opt[1], 668 key, ip_hdr(skb)->saddr, 669 ip_hdr(skb)->daddr, &rep.th); 670 } 671 #endif 672 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr, 673 ip_hdr(skb)->saddr, /* XXX */ 674 arg.iov[0].iov_len, IPPROTO_TCP, 0); 675 arg.csumoffset = offsetof(struct tcphdr, check) / 2; 676 arg.flags = (sk && inet_sk(sk)->transparent) ? IP_REPLY_ARG_NOSRCCHECK : 0; 677 /* When socket is gone, all binding information is lost. 678 * routing might fail in this case. No choice here, if we choose to force 679 * input interface, we will misroute in case of asymmetric route. 680 */ 681 if (sk) 682 arg.bound_dev_if = sk->sk_bound_dev_if; 683 684 net = dev_net(skb_dst(skb)->dev); 685 arg.tos = ip_hdr(skb)->tos; 686 ip_send_unicast_reply(net, skb, ip_hdr(skb)->saddr, 687 ip_hdr(skb)->daddr, &arg, arg.iov[0].iov_len); 688 689 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS); 690 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS); 691 692 #ifdef CONFIG_TCP_MD5SIG 693 release_sk1: 694 if (sk1) { 695 rcu_read_unlock(); 696 sock_put(sk1); 697 } 698 #endif 699 } 700 701 /* The code following below sending ACKs in SYN-RECV and TIME-WAIT states 702 outside socket context is ugly, certainly. What can I do? 703 */ 704 705 static void tcp_v4_send_ack(struct sk_buff *skb, u32 seq, u32 ack, 706 u32 win, u32 tsval, u32 tsecr, int oif, 707 struct tcp_md5sig_key *key, 708 int reply_flags, u8 tos) 709 { 710 const struct tcphdr *th = tcp_hdr(skb); 711 struct { 712 struct tcphdr th; 713 __be32 opt[(TCPOLEN_TSTAMP_ALIGNED >> 2) 714 #ifdef CONFIG_TCP_MD5SIG 715 + (TCPOLEN_MD5SIG_ALIGNED >> 2) 716 #endif 717 ]; 718 } rep; 719 struct ip_reply_arg arg; 720 struct net *net = dev_net(skb_dst(skb)->dev); 721 722 memset(&rep.th, 0, sizeof(struct tcphdr)); 723 memset(&arg, 0, sizeof(arg)); 724 725 arg.iov[0].iov_base = (unsigned char *)&rep; 726 arg.iov[0].iov_len = sizeof(rep.th); 727 if (tsecr) { 728 rep.opt[0] = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 729 (TCPOPT_TIMESTAMP << 8) | 730 TCPOLEN_TIMESTAMP); 731 rep.opt[1] = htonl(tsval); 732 rep.opt[2] = htonl(tsecr); 733 arg.iov[0].iov_len += TCPOLEN_TSTAMP_ALIGNED; 734 } 735 736 /* Swap the send and the receive. */ 737 rep.th.dest = th->source; 738 rep.th.source = th->dest; 739 rep.th.doff = arg.iov[0].iov_len / 4; 740 rep.th.seq = htonl(seq); 741 rep.th.ack_seq = htonl(ack); 742 rep.th.ack = 1; 743 rep.th.window = htons(win); 744 745 #ifdef CONFIG_TCP_MD5SIG 746 if (key) { 747 int offset = (tsecr) ? 3 : 0; 748 749 rep.opt[offset++] = htonl((TCPOPT_NOP << 24) | 750 (TCPOPT_NOP << 16) | 751 (TCPOPT_MD5SIG << 8) | 752 TCPOLEN_MD5SIG); 753 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED; 754 rep.th.doff = arg.iov[0].iov_len/4; 755 756 tcp_v4_md5_hash_hdr((__u8 *) &rep.opt[offset], 757 key, ip_hdr(skb)->saddr, 758 ip_hdr(skb)->daddr, &rep.th); 759 } 760 #endif 761 arg.flags = reply_flags; 762 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr, 763 ip_hdr(skb)->saddr, /* XXX */ 764 arg.iov[0].iov_len, IPPROTO_TCP, 0); 765 arg.csumoffset = offsetof(struct tcphdr, check) / 2; 766 if (oif) 767 arg.bound_dev_if = oif; 768 arg.tos = tos; 769 ip_send_unicast_reply(net, skb, ip_hdr(skb)->saddr, 770 ip_hdr(skb)->daddr, &arg, arg.iov[0].iov_len); 771 772 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS); 773 } 774 775 static void tcp_v4_timewait_ack(struct sock *sk, struct sk_buff *skb) 776 { 777 struct inet_timewait_sock *tw = inet_twsk(sk); 778 struct tcp_timewait_sock *tcptw = tcp_twsk(sk); 779 780 tcp_v4_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt, 781 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale, 782 tcp_time_stamp + tcptw->tw_ts_offset, 783 tcptw->tw_ts_recent, 784 tw->tw_bound_dev_if, 785 tcp_twsk_md5_key(tcptw), 786 tw->tw_transparent ? IP_REPLY_ARG_NOSRCCHECK : 0, 787 tw->tw_tos 788 ); 789 790 inet_twsk_put(tw); 791 } 792 793 static void tcp_v4_reqsk_send_ack(struct sock *sk, struct sk_buff *skb, 794 struct request_sock *req) 795 { 796 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV 797 * sk->sk_state == TCP_SYN_RECV -> for Fast Open. 798 */ 799 tcp_v4_send_ack(skb, (sk->sk_state == TCP_LISTEN) ? 800 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt, 801 tcp_rsk(req)->rcv_nxt, req->rcv_wnd, 802 tcp_time_stamp, 803 req->ts_recent, 804 0, 805 tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&ip_hdr(skb)->daddr, 806 AF_INET), 807 inet_rsk(req)->no_srccheck ? IP_REPLY_ARG_NOSRCCHECK : 0, 808 ip_hdr(skb)->tos); 809 } 810 811 /* 812 * Send a SYN-ACK after having received a SYN. 813 * This still operates on a request_sock only, not on a big 814 * socket. 815 */ 816 static int tcp_v4_send_synack(struct sock *sk, struct dst_entry *dst, 817 struct request_sock *req, 818 u16 queue_mapping, 819 struct tcp_fastopen_cookie *foc) 820 { 821 const struct inet_request_sock *ireq = inet_rsk(req); 822 struct flowi4 fl4; 823 int err = -1; 824 struct sk_buff *skb; 825 826 /* First, grab a route. */ 827 if (!dst && (dst = inet_csk_route_req(sk, &fl4, req)) == NULL) 828 return -1; 829 830 skb = tcp_make_synack(sk, dst, req, foc); 831 832 if (skb) { 833 __tcp_v4_send_check(skb, ireq->ir_loc_addr, ireq->ir_rmt_addr); 834 835 skb_set_queue_mapping(skb, queue_mapping); 836 err = ip_build_and_send_pkt(skb, sk, ireq->ir_loc_addr, 837 ireq->ir_rmt_addr, 838 ireq->opt); 839 err = net_xmit_eval(err); 840 if (!tcp_rsk(req)->snt_synack && !err) 841 tcp_rsk(req)->snt_synack = tcp_time_stamp; 842 } 843 844 return err; 845 } 846 847 static int tcp_v4_rtx_synack(struct sock *sk, struct request_sock *req) 848 { 849 int res = tcp_v4_send_synack(sk, NULL, req, 0, NULL); 850 851 if (!res) { 852 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS); 853 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPSYNRETRANS); 854 } 855 return res; 856 } 857 858 /* 859 * IPv4 request_sock destructor. 860 */ 861 static void tcp_v4_reqsk_destructor(struct request_sock *req) 862 { 863 kfree(inet_rsk(req)->opt); 864 } 865 866 /* 867 * Return true if a syncookie should be sent 868 */ 869 bool tcp_syn_flood_action(struct sock *sk, 870 const struct sk_buff *skb, 871 const char *proto) 872 { 873 const char *msg = "Dropping request"; 874 bool want_cookie = false; 875 struct listen_sock *lopt; 876 877 #ifdef CONFIG_SYN_COOKIES 878 if (sysctl_tcp_syncookies) { 879 msg = "Sending cookies"; 880 want_cookie = true; 881 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPREQQFULLDOCOOKIES); 882 } else 883 #endif 884 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPREQQFULLDROP); 885 886 lopt = inet_csk(sk)->icsk_accept_queue.listen_opt; 887 if (!lopt->synflood_warned && sysctl_tcp_syncookies != 2) { 888 lopt->synflood_warned = 1; 889 pr_info("%s: Possible SYN flooding on port %d. %s. Check SNMP counters.\n", 890 proto, ntohs(tcp_hdr(skb)->dest), msg); 891 } 892 return want_cookie; 893 } 894 EXPORT_SYMBOL(tcp_syn_flood_action); 895 896 /* 897 * Save and compile IPv4 options into the request_sock if needed. 898 */ 899 static struct ip_options_rcu *tcp_v4_save_options(struct sk_buff *skb) 900 { 901 const struct ip_options *opt = &(IPCB(skb)->opt); 902 struct ip_options_rcu *dopt = NULL; 903 904 if (opt && opt->optlen) { 905 int opt_size = sizeof(*dopt) + opt->optlen; 906 907 dopt = kmalloc(opt_size, GFP_ATOMIC); 908 if (dopt) { 909 if (ip_options_echo(&dopt->opt, skb)) { 910 kfree(dopt); 911 dopt = NULL; 912 } 913 } 914 } 915 return dopt; 916 } 917 918 #ifdef CONFIG_TCP_MD5SIG 919 /* 920 * RFC2385 MD5 checksumming requires a mapping of 921 * IP address->MD5 Key. 922 * We need to maintain these in the sk structure. 923 */ 924 925 /* Find the Key structure for an address. */ 926 struct tcp_md5sig_key *tcp_md5_do_lookup(struct sock *sk, 927 const union tcp_md5_addr *addr, 928 int family) 929 { 930 struct tcp_sock *tp = tcp_sk(sk); 931 struct tcp_md5sig_key *key; 932 unsigned int size = sizeof(struct in_addr); 933 struct tcp_md5sig_info *md5sig; 934 935 /* caller either holds rcu_read_lock() or socket lock */ 936 md5sig = rcu_dereference_check(tp->md5sig_info, 937 sock_owned_by_user(sk) || 938 lockdep_is_held(&sk->sk_lock.slock)); 939 if (!md5sig) 940 return NULL; 941 #if IS_ENABLED(CONFIG_IPV6) 942 if (family == AF_INET6) 943 size = sizeof(struct in6_addr); 944 #endif 945 hlist_for_each_entry_rcu(key, &md5sig->head, node) { 946 if (key->family != family) 947 continue; 948 if (!memcmp(&key->addr, addr, size)) 949 return key; 950 } 951 return NULL; 952 } 953 EXPORT_SYMBOL(tcp_md5_do_lookup); 954 955 struct tcp_md5sig_key *tcp_v4_md5_lookup(struct sock *sk, 956 struct sock *addr_sk) 957 { 958 union tcp_md5_addr *addr; 959 960 addr = (union tcp_md5_addr *)&inet_sk(addr_sk)->inet_daddr; 961 return tcp_md5_do_lookup(sk, addr, AF_INET); 962 } 963 EXPORT_SYMBOL(tcp_v4_md5_lookup); 964 965 static struct tcp_md5sig_key *tcp_v4_reqsk_md5_lookup(struct sock *sk, 966 struct request_sock *req) 967 { 968 union tcp_md5_addr *addr; 969 970 addr = (union tcp_md5_addr *)&inet_rsk(req)->ir_rmt_addr; 971 return tcp_md5_do_lookup(sk, addr, AF_INET); 972 } 973 974 /* This can be called on a newly created socket, from other files */ 975 int tcp_md5_do_add(struct sock *sk, const union tcp_md5_addr *addr, 976 int family, const u8 *newkey, u8 newkeylen, gfp_t gfp) 977 { 978 /* Add Key to the list */ 979 struct tcp_md5sig_key *key; 980 struct tcp_sock *tp = tcp_sk(sk); 981 struct tcp_md5sig_info *md5sig; 982 983 key = tcp_md5_do_lookup(sk, addr, family); 984 if (key) { 985 /* Pre-existing entry - just update that one. */ 986 memcpy(key->key, newkey, newkeylen); 987 key->keylen = newkeylen; 988 return 0; 989 } 990 991 md5sig = rcu_dereference_protected(tp->md5sig_info, 992 sock_owned_by_user(sk)); 993 if (!md5sig) { 994 md5sig = kmalloc(sizeof(*md5sig), gfp); 995 if (!md5sig) 996 return -ENOMEM; 997 998 sk_nocaps_add(sk, NETIF_F_GSO_MASK); 999 INIT_HLIST_HEAD(&md5sig->head); 1000 rcu_assign_pointer(tp->md5sig_info, md5sig); 1001 } 1002 1003 key = sock_kmalloc(sk, sizeof(*key), gfp); 1004 if (!key) 1005 return -ENOMEM; 1006 if (!tcp_alloc_md5sig_pool()) { 1007 sock_kfree_s(sk, key, sizeof(*key)); 1008 return -ENOMEM; 1009 } 1010 1011 memcpy(key->key, newkey, newkeylen); 1012 key->keylen = newkeylen; 1013 key->family = family; 1014 memcpy(&key->addr, addr, 1015 (family == AF_INET6) ? sizeof(struct in6_addr) : 1016 sizeof(struct in_addr)); 1017 hlist_add_head_rcu(&key->node, &md5sig->head); 1018 return 0; 1019 } 1020 EXPORT_SYMBOL(tcp_md5_do_add); 1021 1022 int tcp_md5_do_del(struct sock *sk, const union tcp_md5_addr *addr, int family) 1023 { 1024 struct tcp_md5sig_key *key; 1025 1026 key = tcp_md5_do_lookup(sk, addr, family); 1027 if (!key) 1028 return -ENOENT; 1029 hlist_del_rcu(&key->node); 1030 atomic_sub(sizeof(*key), &sk->sk_omem_alloc); 1031 kfree_rcu(key, rcu); 1032 return 0; 1033 } 1034 EXPORT_SYMBOL(tcp_md5_do_del); 1035 1036 static void tcp_clear_md5_list(struct sock *sk) 1037 { 1038 struct tcp_sock *tp = tcp_sk(sk); 1039 struct tcp_md5sig_key *key; 1040 struct hlist_node *n; 1041 struct tcp_md5sig_info *md5sig; 1042 1043 md5sig = rcu_dereference_protected(tp->md5sig_info, 1); 1044 1045 hlist_for_each_entry_safe(key, n, &md5sig->head, node) { 1046 hlist_del_rcu(&key->node); 1047 atomic_sub(sizeof(*key), &sk->sk_omem_alloc); 1048 kfree_rcu(key, rcu); 1049 } 1050 } 1051 1052 static int tcp_v4_parse_md5_keys(struct sock *sk, char __user *optval, 1053 int optlen) 1054 { 1055 struct tcp_md5sig cmd; 1056 struct sockaddr_in *sin = (struct sockaddr_in *)&cmd.tcpm_addr; 1057 1058 if (optlen < sizeof(cmd)) 1059 return -EINVAL; 1060 1061 if (copy_from_user(&cmd, optval, sizeof(cmd))) 1062 return -EFAULT; 1063 1064 if (sin->sin_family != AF_INET) 1065 return -EINVAL; 1066 1067 if (!cmd.tcpm_key || !cmd.tcpm_keylen) 1068 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin->sin_addr.s_addr, 1069 AF_INET); 1070 1071 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN) 1072 return -EINVAL; 1073 1074 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin->sin_addr.s_addr, 1075 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, 1076 GFP_KERNEL); 1077 } 1078 1079 static int tcp_v4_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp, 1080 __be32 daddr, __be32 saddr, int nbytes) 1081 { 1082 struct tcp4_pseudohdr *bp; 1083 struct scatterlist sg; 1084 1085 bp = &hp->md5_blk.ip4; 1086 1087 /* 1088 * 1. the TCP pseudo-header (in the order: source IP address, 1089 * destination IP address, zero-padded protocol number, and 1090 * segment length) 1091 */ 1092 bp->saddr = saddr; 1093 bp->daddr = daddr; 1094 bp->pad = 0; 1095 bp->protocol = IPPROTO_TCP; 1096 bp->len = cpu_to_be16(nbytes); 1097 1098 sg_init_one(&sg, bp, sizeof(*bp)); 1099 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp)); 1100 } 1101 1102 static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key, 1103 __be32 daddr, __be32 saddr, const struct tcphdr *th) 1104 { 1105 struct tcp_md5sig_pool *hp; 1106 struct hash_desc *desc; 1107 1108 hp = tcp_get_md5sig_pool(); 1109 if (!hp) 1110 goto clear_hash_noput; 1111 desc = &hp->md5_desc; 1112 1113 if (crypto_hash_init(desc)) 1114 goto clear_hash; 1115 if (tcp_v4_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2)) 1116 goto clear_hash; 1117 if (tcp_md5_hash_header(hp, th)) 1118 goto clear_hash; 1119 if (tcp_md5_hash_key(hp, key)) 1120 goto clear_hash; 1121 if (crypto_hash_final(desc, md5_hash)) 1122 goto clear_hash; 1123 1124 tcp_put_md5sig_pool(); 1125 return 0; 1126 1127 clear_hash: 1128 tcp_put_md5sig_pool(); 1129 clear_hash_noput: 1130 memset(md5_hash, 0, 16); 1131 return 1; 1132 } 1133 1134 int tcp_v4_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key, 1135 const struct sock *sk, const struct request_sock *req, 1136 const struct sk_buff *skb) 1137 { 1138 struct tcp_md5sig_pool *hp; 1139 struct hash_desc *desc; 1140 const struct tcphdr *th = tcp_hdr(skb); 1141 __be32 saddr, daddr; 1142 1143 if (sk) { 1144 saddr = inet_sk(sk)->inet_saddr; 1145 daddr = inet_sk(sk)->inet_daddr; 1146 } else if (req) { 1147 saddr = inet_rsk(req)->ir_loc_addr; 1148 daddr = inet_rsk(req)->ir_rmt_addr; 1149 } else { 1150 const struct iphdr *iph = ip_hdr(skb); 1151 saddr = iph->saddr; 1152 daddr = iph->daddr; 1153 } 1154 1155 hp = tcp_get_md5sig_pool(); 1156 if (!hp) 1157 goto clear_hash_noput; 1158 desc = &hp->md5_desc; 1159 1160 if (crypto_hash_init(desc)) 1161 goto clear_hash; 1162 1163 if (tcp_v4_md5_hash_pseudoheader(hp, daddr, saddr, skb->len)) 1164 goto clear_hash; 1165 if (tcp_md5_hash_header(hp, th)) 1166 goto clear_hash; 1167 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2)) 1168 goto clear_hash; 1169 if (tcp_md5_hash_key(hp, key)) 1170 goto clear_hash; 1171 if (crypto_hash_final(desc, md5_hash)) 1172 goto clear_hash; 1173 1174 tcp_put_md5sig_pool(); 1175 return 0; 1176 1177 clear_hash: 1178 tcp_put_md5sig_pool(); 1179 clear_hash_noput: 1180 memset(md5_hash, 0, 16); 1181 return 1; 1182 } 1183 EXPORT_SYMBOL(tcp_v4_md5_hash_skb); 1184 1185 static bool tcp_v4_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb) 1186 { 1187 /* 1188 * This gets called for each TCP segment that arrives 1189 * so we want to be efficient. 1190 * We have 3 drop cases: 1191 * o No MD5 hash and one expected. 1192 * o MD5 hash and we're not expecting one. 1193 * o MD5 hash and its wrong. 1194 */ 1195 const __u8 *hash_location = NULL; 1196 struct tcp_md5sig_key *hash_expected; 1197 const struct iphdr *iph = ip_hdr(skb); 1198 const struct tcphdr *th = tcp_hdr(skb); 1199 int genhash; 1200 unsigned char newhash[16]; 1201 1202 hash_expected = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&iph->saddr, 1203 AF_INET); 1204 hash_location = tcp_parse_md5sig_option(th); 1205 1206 /* We've parsed the options - do we have a hash? */ 1207 if (!hash_expected && !hash_location) 1208 return false; 1209 1210 if (hash_expected && !hash_location) { 1211 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND); 1212 return true; 1213 } 1214 1215 if (!hash_expected && hash_location) { 1216 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED); 1217 return true; 1218 } 1219 1220 /* Okay, so this is hash_expected and hash_location - 1221 * so we need to calculate the checksum. 1222 */ 1223 genhash = tcp_v4_md5_hash_skb(newhash, 1224 hash_expected, 1225 NULL, NULL, skb); 1226 1227 if (genhash || memcmp(hash_location, newhash, 16) != 0) { 1228 net_info_ratelimited("MD5 Hash failed for (%pI4, %d)->(%pI4, %d)%s\n", 1229 &iph->saddr, ntohs(th->source), 1230 &iph->daddr, ntohs(th->dest), 1231 genhash ? " tcp_v4_calc_md5_hash failed" 1232 : ""); 1233 return true; 1234 } 1235 return false; 1236 } 1237 1238 #endif 1239 1240 struct request_sock_ops tcp_request_sock_ops __read_mostly = { 1241 .family = PF_INET, 1242 .obj_size = sizeof(struct tcp_request_sock), 1243 .rtx_syn_ack = tcp_v4_rtx_synack, 1244 .send_ack = tcp_v4_reqsk_send_ack, 1245 .destructor = tcp_v4_reqsk_destructor, 1246 .send_reset = tcp_v4_send_reset, 1247 .syn_ack_timeout = tcp_syn_ack_timeout, 1248 }; 1249 1250 #ifdef CONFIG_TCP_MD5SIG 1251 static const struct tcp_request_sock_ops tcp_request_sock_ipv4_ops = { 1252 .md5_lookup = tcp_v4_reqsk_md5_lookup, 1253 .calc_md5_hash = tcp_v4_md5_hash_skb, 1254 }; 1255 #endif 1256 1257 int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb) 1258 { 1259 struct tcp_options_received tmp_opt; 1260 struct request_sock *req; 1261 struct inet_request_sock *ireq; 1262 struct tcp_sock *tp = tcp_sk(sk); 1263 struct dst_entry *dst = NULL; 1264 __be32 saddr = ip_hdr(skb)->saddr; 1265 __be32 daddr = ip_hdr(skb)->daddr; 1266 __u32 isn = TCP_SKB_CB(skb)->when; 1267 bool want_cookie = false, fastopen; 1268 struct flowi4 fl4; 1269 struct tcp_fastopen_cookie foc = { .len = -1 }; 1270 int err; 1271 1272 /* Never answer to SYNs send to broadcast or multicast */ 1273 if (skb_rtable(skb)->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) 1274 goto drop; 1275 1276 /* TW buckets are converted to open requests without 1277 * limitations, they conserve resources and peer is 1278 * evidently real one. 1279 */ 1280 if ((sysctl_tcp_syncookies == 2 || 1281 inet_csk_reqsk_queue_is_full(sk)) && !isn) { 1282 want_cookie = tcp_syn_flood_action(sk, skb, "TCP"); 1283 if (!want_cookie) 1284 goto drop; 1285 } 1286 1287 /* Accept backlog is full. If we have already queued enough 1288 * of warm entries in syn queue, drop request. It is better than 1289 * clogging syn queue with openreqs with exponentially increasing 1290 * timeout. 1291 */ 1292 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) { 1293 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS); 1294 goto drop; 1295 } 1296 1297 req = inet_reqsk_alloc(&tcp_request_sock_ops); 1298 if (!req) 1299 goto drop; 1300 1301 #ifdef CONFIG_TCP_MD5SIG 1302 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv4_ops; 1303 #endif 1304 1305 tcp_clear_options(&tmp_opt); 1306 tmp_opt.mss_clamp = TCP_MSS_DEFAULT; 1307 tmp_opt.user_mss = tp->rx_opt.user_mss; 1308 tcp_parse_options(skb, &tmp_opt, 0, want_cookie ? NULL : &foc); 1309 1310 if (want_cookie && !tmp_opt.saw_tstamp) 1311 tcp_clear_options(&tmp_opt); 1312 1313 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp; 1314 tcp_openreq_init(req, &tmp_opt, skb); 1315 1316 ireq = inet_rsk(req); 1317 ireq->ir_loc_addr = daddr; 1318 ireq->ir_rmt_addr = saddr; 1319 ireq->no_srccheck = inet_sk(sk)->transparent; 1320 ireq->opt = tcp_v4_save_options(skb); 1321 ireq->ir_mark = inet_request_mark(sk, skb); 1322 1323 if (security_inet_conn_request(sk, skb, req)) 1324 goto drop_and_free; 1325 1326 if (!want_cookie || tmp_opt.tstamp_ok) 1327 TCP_ECN_create_request(req, skb, sock_net(sk)); 1328 1329 if (want_cookie) { 1330 isn = cookie_v4_init_sequence(sk, skb, &req->mss); 1331 req->cookie_ts = tmp_opt.tstamp_ok; 1332 } else if (!isn) { 1333 /* VJ's idea. We save last timestamp seen 1334 * from the destination in peer table, when entering 1335 * state TIME-WAIT, and check against it before 1336 * accepting new connection request. 1337 * 1338 * If "isn" is not zero, this request hit alive 1339 * timewait bucket, so that all the necessary checks 1340 * are made in the function processing timewait state. 1341 */ 1342 if (tmp_opt.saw_tstamp && 1343 tcp_death_row.sysctl_tw_recycle && 1344 (dst = inet_csk_route_req(sk, &fl4, req)) != NULL && 1345 fl4.daddr == saddr) { 1346 if (!tcp_peer_is_proven(req, dst, true)) { 1347 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_PAWSPASSIVEREJECTED); 1348 goto drop_and_release; 1349 } 1350 } 1351 /* Kill the following clause, if you dislike this way. */ 1352 else if (!sysctl_tcp_syncookies && 1353 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) < 1354 (sysctl_max_syn_backlog >> 2)) && 1355 !tcp_peer_is_proven(req, dst, false)) { 1356 /* Without syncookies last quarter of 1357 * backlog is filled with destinations, 1358 * proven to be alive. 1359 * It means that we continue to communicate 1360 * to destinations, already remembered 1361 * to the moment of synflood. 1362 */ 1363 LIMIT_NETDEBUG(KERN_DEBUG pr_fmt("drop open request from %pI4/%u\n"), 1364 &saddr, ntohs(tcp_hdr(skb)->source)); 1365 goto drop_and_release; 1366 } 1367 1368 isn = tcp_v4_init_sequence(skb); 1369 } 1370 if (!dst && (dst = inet_csk_route_req(sk, &fl4, req)) == NULL) 1371 goto drop_and_free; 1372 1373 tcp_rsk(req)->snt_isn = isn; 1374 tcp_rsk(req)->snt_synack = tcp_time_stamp; 1375 tcp_openreq_init_rwin(req, sk, dst); 1376 fastopen = !want_cookie && 1377 tcp_try_fastopen(sk, skb, req, &foc, dst); 1378 err = tcp_v4_send_synack(sk, dst, req, 1379 skb_get_queue_mapping(skb), &foc); 1380 if (!fastopen) { 1381 if (err || want_cookie) 1382 goto drop_and_free; 1383 1384 tcp_rsk(req)->snt_synack = tcp_time_stamp; 1385 tcp_rsk(req)->listener = NULL; 1386 inet_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT); 1387 } 1388 1389 return 0; 1390 1391 drop_and_release: 1392 dst_release(dst); 1393 drop_and_free: 1394 reqsk_free(req); 1395 drop: 1396 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS); 1397 return 0; 1398 } 1399 EXPORT_SYMBOL(tcp_v4_conn_request); 1400 1401 1402 /* 1403 * The three way handshake has completed - we got a valid synack - 1404 * now create the new socket. 1405 */ 1406 struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb, 1407 struct request_sock *req, 1408 struct dst_entry *dst) 1409 { 1410 struct inet_request_sock *ireq; 1411 struct inet_sock *newinet; 1412 struct tcp_sock *newtp; 1413 struct sock *newsk; 1414 #ifdef CONFIG_TCP_MD5SIG 1415 struct tcp_md5sig_key *key; 1416 #endif 1417 struct ip_options_rcu *inet_opt; 1418 1419 if (sk_acceptq_is_full(sk)) 1420 goto exit_overflow; 1421 1422 newsk = tcp_create_openreq_child(sk, req, skb); 1423 if (!newsk) 1424 goto exit_nonewsk; 1425 1426 newsk->sk_gso_type = SKB_GSO_TCPV4; 1427 inet_sk_rx_dst_set(newsk, skb); 1428 1429 newtp = tcp_sk(newsk); 1430 newinet = inet_sk(newsk); 1431 ireq = inet_rsk(req); 1432 newinet->inet_daddr = ireq->ir_rmt_addr; 1433 newinet->inet_rcv_saddr = ireq->ir_loc_addr; 1434 newinet->inet_saddr = ireq->ir_loc_addr; 1435 inet_opt = ireq->opt; 1436 rcu_assign_pointer(newinet->inet_opt, inet_opt); 1437 ireq->opt = NULL; 1438 newinet->mc_index = inet_iif(skb); 1439 newinet->mc_ttl = ip_hdr(skb)->ttl; 1440 newinet->rcv_tos = ip_hdr(skb)->tos; 1441 inet_csk(newsk)->icsk_ext_hdr_len = 0; 1442 if (inet_opt) 1443 inet_csk(newsk)->icsk_ext_hdr_len = inet_opt->opt.optlen; 1444 newinet->inet_id = newtp->write_seq ^ jiffies; 1445 1446 if (!dst) { 1447 dst = inet_csk_route_child_sock(sk, newsk, req); 1448 if (!dst) 1449 goto put_and_exit; 1450 } else { 1451 /* syncookie case : see end of cookie_v4_check() */ 1452 } 1453 sk_setup_caps(newsk, dst); 1454 1455 tcp_sync_mss(newsk, dst_mtu(dst)); 1456 newtp->advmss = dst_metric_advmss(dst); 1457 if (tcp_sk(sk)->rx_opt.user_mss && 1458 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss) 1459 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss; 1460 1461 tcp_initialize_rcv_mss(newsk); 1462 1463 #ifdef CONFIG_TCP_MD5SIG 1464 /* Copy over the MD5 key from the original socket */ 1465 key = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&newinet->inet_daddr, 1466 AF_INET); 1467 if (key != NULL) { 1468 /* 1469 * We're using one, so create a matching key 1470 * on the newsk structure. If we fail to get 1471 * memory, then we end up not copying the key 1472 * across. Shucks. 1473 */ 1474 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newinet->inet_daddr, 1475 AF_INET, key->key, key->keylen, GFP_ATOMIC); 1476 sk_nocaps_add(newsk, NETIF_F_GSO_MASK); 1477 } 1478 #endif 1479 1480 if (__inet_inherit_port(sk, newsk) < 0) 1481 goto put_and_exit; 1482 __inet_hash_nolisten(newsk, NULL); 1483 1484 return newsk; 1485 1486 exit_overflow: 1487 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS); 1488 exit_nonewsk: 1489 dst_release(dst); 1490 exit: 1491 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS); 1492 return NULL; 1493 put_and_exit: 1494 inet_csk_prepare_forced_close(newsk); 1495 tcp_done(newsk); 1496 goto exit; 1497 } 1498 EXPORT_SYMBOL(tcp_v4_syn_recv_sock); 1499 1500 static struct sock *tcp_v4_hnd_req(struct sock *sk, struct sk_buff *skb) 1501 { 1502 struct tcphdr *th = tcp_hdr(skb); 1503 const struct iphdr *iph = ip_hdr(skb); 1504 struct sock *nsk; 1505 struct request_sock **prev; 1506 /* Find possible connection requests. */ 1507 struct request_sock *req = inet_csk_search_req(sk, &prev, th->source, 1508 iph->saddr, iph->daddr); 1509 if (req) 1510 return tcp_check_req(sk, skb, req, prev, false); 1511 1512 nsk = inet_lookup_established(sock_net(sk), &tcp_hashinfo, iph->saddr, 1513 th->source, iph->daddr, th->dest, inet_iif(skb)); 1514 1515 if (nsk) { 1516 if (nsk->sk_state != TCP_TIME_WAIT) { 1517 bh_lock_sock(nsk); 1518 return nsk; 1519 } 1520 inet_twsk_put(inet_twsk(nsk)); 1521 return NULL; 1522 } 1523 1524 #ifdef CONFIG_SYN_COOKIES 1525 if (!th->syn) 1526 sk = cookie_v4_check(sk, skb, &(IPCB(skb)->opt)); 1527 #endif 1528 return sk; 1529 } 1530 1531 /* The socket must have it's spinlock held when we get 1532 * here. 1533 * 1534 * We have a potential double-lock case here, so even when 1535 * doing backlog processing we use the BH locking scheme. 1536 * This is because we cannot sleep with the original spinlock 1537 * held. 1538 */ 1539 int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) 1540 { 1541 struct sock *rsk; 1542 #ifdef CONFIG_TCP_MD5SIG 1543 /* 1544 * We really want to reject the packet as early as possible 1545 * if: 1546 * o We're expecting an MD5'd packet and this is no MD5 tcp option 1547 * o There is an MD5 option and we're not expecting one 1548 */ 1549 if (tcp_v4_inbound_md5_hash(sk, skb)) 1550 goto discard; 1551 #endif 1552 1553 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */ 1554 struct dst_entry *dst = sk->sk_rx_dst; 1555 1556 sock_rps_save_rxhash(sk, skb); 1557 if (dst) { 1558 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif || 1559 dst->ops->check(dst, 0) == NULL) { 1560 dst_release(dst); 1561 sk->sk_rx_dst = NULL; 1562 } 1563 } 1564 tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len); 1565 return 0; 1566 } 1567 1568 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb)) 1569 goto csum_err; 1570 1571 if (sk->sk_state == TCP_LISTEN) { 1572 struct sock *nsk = tcp_v4_hnd_req(sk, skb); 1573 if (!nsk) 1574 goto discard; 1575 1576 if (nsk != sk) { 1577 sock_rps_save_rxhash(nsk, skb); 1578 if (tcp_child_process(sk, nsk, skb)) { 1579 rsk = nsk; 1580 goto reset; 1581 } 1582 return 0; 1583 } 1584 } else 1585 sock_rps_save_rxhash(sk, skb); 1586 1587 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) { 1588 rsk = sk; 1589 goto reset; 1590 } 1591 return 0; 1592 1593 reset: 1594 tcp_v4_send_reset(rsk, skb); 1595 discard: 1596 kfree_skb(skb); 1597 /* Be careful here. If this function gets more complicated and 1598 * gcc suffers from register pressure on the x86, sk (in %ebx) 1599 * might be destroyed here. This current version compiles correctly, 1600 * but you have been warned. 1601 */ 1602 return 0; 1603 1604 csum_err: 1605 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_CSUMERRORS); 1606 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS); 1607 goto discard; 1608 } 1609 EXPORT_SYMBOL(tcp_v4_do_rcv); 1610 1611 void tcp_v4_early_demux(struct sk_buff *skb) 1612 { 1613 const struct iphdr *iph; 1614 const struct tcphdr *th; 1615 struct sock *sk; 1616 1617 if (skb->pkt_type != PACKET_HOST) 1618 return; 1619 1620 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr))) 1621 return; 1622 1623 iph = ip_hdr(skb); 1624 th = tcp_hdr(skb); 1625 1626 if (th->doff < sizeof(struct tcphdr) / 4) 1627 return; 1628 1629 sk = __inet_lookup_established(dev_net(skb->dev), &tcp_hashinfo, 1630 iph->saddr, th->source, 1631 iph->daddr, ntohs(th->dest), 1632 skb->skb_iif); 1633 if (sk) { 1634 skb->sk = sk; 1635 skb->destructor = sock_edemux; 1636 if (sk->sk_state != TCP_TIME_WAIT) { 1637 struct dst_entry *dst = sk->sk_rx_dst; 1638 1639 if (dst) 1640 dst = dst_check(dst, 0); 1641 if (dst && 1642 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif) 1643 skb_dst_set_noref(skb, dst); 1644 } 1645 } 1646 } 1647 1648 /* Packet is added to VJ-style prequeue for processing in process 1649 * context, if a reader task is waiting. Apparently, this exciting 1650 * idea (VJ's mail "Re: query about TCP header on tcp-ip" of 07 Sep 93) 1651 * failed somewhere. Latency? Burstiness? Well, at least now we will 1652 * see, why it failed. 8)8) --ANK 1653 * 1654 */ 1655 bool tcp_prequeue(struct sock *sk, struct sk_buff *skb) 1656 { 1657 struct tcp_sock *tp = tcp_sk(sk); 1658 1659 if (sysctl_tcp_low_latency || !tp->ucopy.task) 1660 return false; 1661 1662 if (skb->len <= tcp_hdrlen(skb) && 1663 skb_queue_len(&tp->ucopy.prequeue) == 0) 1664 return false; 1665 1666 skb_dst_force(skb); 1667 __skb_queue_tail(&tp->ucopy.prequeue, skb); 1668 tp->ucopy.memory += skb->truesize; 1669 if (tp->ucopy.memory > sk->sk_rcvbuf) { 1670 struct sk_buff *skb1; 1671 1672 BUG_ON(sock_owned_by_user(sk)); 1673 1674 while ((skb1 = __skb_dequeue(&tp->ucopy.prequeue)) != NULL) { 1675 sk_backlog_rcv(sk, skb1); 1676 NET_INC_STATS_BH(sock_net(sk), 1677 LINUX_MIB_TCPPREQUEUEDROPPED); 1678 } 1679 1680 tp->ucopy.memory = 0; 1681 } else if (skb_queue_len(&tp->ucopy.prequeue) == 1) { 1682 wake_up_interruptible_sync_poll(sk_sleep(sk), 1683 POLLIN | POLLRDNORM | POLLRDBAND); 1684 if (!inet_csk_ack_scheduled(sk)) 1685 inet_csk_reset_xmit_timer(sk, ICSK_TIME_DACK, 1686 (3 * tcp_rto_min(sk)) / 4, 1687 TCP_RTO_MAX); 1688 } 1689 return true; 1690 } 1691 EXPORT_SYMBOL(tcp_prequeue); 1692 1693 /* 1694 * From tcp_input.c 1695 */ 1696 1697 int tcp_v4_rcv(struct sk_buff *skb) 1698 { 1699 const struct iphdr *iph; 1700 const struct tcphdr *th; 1701 struct sock *sk; 1702 int ret; 1703 struct net *net = dev_net(skb->dev); 1704 1705 if (skb->pkt_type != PACKET_HOST) 1706 goto discard_it; 1707 1708 /* Count it even if it's bad */ 1709 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS); 1710 1711 if (!pskb_may_pull(skb, sizeof(struct tcphdr))) 1712 goto discard_it; 1713 1714 th = tcp_hdr(skb); 1715 1716 if (th->doff < sizeof(struct tcphdr) / 4) 1717 goto bad_packet; 1718 if (!pskb_may_pull(skb, th->doff * 4)) 1719 goto discard_it; 1720 1721 /* An explanation is required here, I think. 1722 * Packet length and doff are validated by header prediction, 1723 * provided case of th->doff==0 is eliminated. 1724 * So, we defer the checks. */ 1725 1726 if (skb_checksum_init(skb, IPPROTO_TCP, inet_compute_pseudo)) 1727 goto csum_error; 1728 1729 th = tcp_hdr(skb); 1730 iph = ip_hdr(skb); 1731 TCP_SKB_CB(skb)->seq = ntohl(th->seq); 1732 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin + 1733 skb->len - th->doff * 4); 1734 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq); 1735 TCP_SKB_CB(skb)->when = 0; 1736 TCP_SKB_CB(skb)->ip_dsfield = ipv4_get_dsfield(iph); 1737 TCP_SKB_CB(skb)->sacked = 0; 1738 1739 sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest); 1740 if (!sk) 1741 goto no_tcp_socket; 1742 1743 process: 1744 if (sk->sk_state == TCP_TIME_WAIT) 1745 goto do_time_wait; 1746 1747 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) { 1748 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); 1749 goto discard_and_relse; 1750 } 1751 1752 if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb)) 1753 goto discard_and_relse; 1754 nf_reset(skb); 1755 1756 if (sk_filter(sk, skb)) 1757 goto discard_and_relse; 1758 1759 sk_mark_napi_id(sk, skb); 1760 skb->dev = NULL; 1761 1762 bh_lock_sock_nested(sk); 1763 ret = 0; 1764 if (!sock_owned_by_user(sk)) { 1765 #ifdef CONFIG_NET_DMA 1766 struct tcp_sock *tp = tcp_sk(sk); 1767 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list) 1768 tp->ucopy.dma_chan = net_dma_find_channel(); 1769 if (tp->ucopy.dma_chan) 1770 ret = tcp_v4_do_rcv(sk, skb); 1771 else 1772 #endif 1773 { 1774 if (!tcp_prequeue(sk, skb)) 1775 ret = tcp_v4_do_rcv(sk, skb); 1776 } 1777 } else if (unlikely(sk_add_backlog(sk, skb, 1778 sk->sk_rcvbuf + sk->sk_sndbuf))) { 1779 bh_unlock_sock(sk); 1780 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP); 1781 goto discard_and_relse; 1782 } 1783 bh_unlock_sock(sk); 1784 1785 sock_put(sk); 1786 1787 return ret; 1788 1789 no_tcp_socket: 1790 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) 1791 goto discard_it; 1792 1793 if (skb->len < (th->doff << 2) || tcp_checksum_complete(skb)) { 1794 csum_error: 1795 TCP_INC_STATS_BH(net, TCP_MIB_CSUMERRORS); 1796 bad_packet: 1797 TCP_INC_STATS_BH(net, TCP_MIB_INERRS); 1798 } else { 1799 tcp_v4_send_reset(NULL, skb); 1800 } 1801 1802 discard_it: 1803 /* Discard frame. */ 1804 kfree_skb(skb); 1805 return 0; 1806 1807 discard_and_relse: 1808 sock_put(sk); 1809 goto discard_it; 1810 1811 do_time_wait: 1812 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1813 inet_twsk_put(inet_twsk(sk)); 1814 goto discard_it; 1815 } 1816 1817 if (skb->len < (th->doff << 2)) { 1818 inet_twsk_put(inet_twsk(sk)); 1819 goto bad_packet; 1820 } 1821 if (tcp_checksum_complete(skb)) { 1822 inet_twsk_put(inet_twsk(sk)); 1823 goto csum_error; 1824 } 1825 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) { 1826 case TCP_TW_SYN: { 1827 struct sock *sk2 = inet_lookup_listener(dev_net(skb->dev), 1828 &tcp_hashinfo, 1829 iph->saddr, th->source, 1830 iph->daddr, th->dest, 1831 inet_iif(skb)); 1832 if (sk2) { 1833 inet_twsk_deschedule(inet_twsk(sk), &tcp_death_row); 1834 inet_twsk_put(inet_twsk(sk)); 1835 sk = sk2; 1836 goto process; 1837 } 1838 /* Fall through to ACK */ 1839 } 1840 case TCP_TW_ACK: 1841 tcp_v4_timewait_ack(sk, skb); 1842 break; 1843 case TCP_TW_RST: 1844 goto no_tcp_socket; 1845 case TCP_TW_SUCCESS:; 1846 } 1847 goto discard_it; 1848 } 1849 1850 static struct timewait_sock_ops tcp_timewait_sock_ops = { 1851 .twsk_obj_size = sizeof(struct tcp_timewait_sock), 1852 .twsk_unique = tcp_twsk_unique, 1853 .twsk_destructor= tcp_twsk_destructor, 1854 }; 1855 1856 void inet_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb) 1857 { 1858 struct dst_entry *dst = skb_dst(skb); 1859 1860 dst_hold(dst); 1861 sk->sk_rx_dst = dst; 1862 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif; 1863 } 1864 EXPORT_SYMBOL(inet_sk_rx_dst_set); 1865 1866 const struct inet_connection_sock_af_ops ipv4_specific = { 1867 .queue_xmit = ip_queue_xmit, 1868 .send_check = tcp_v4_send_check, 1869 .rebuild_header = inet_sk_rebuild_header, 1870 .sk_rx_dst_set = inet_sk_rx_dst_set, 1871 .conn_request = tcp_v4_conn_request, 1872 .syn_recv_sock = tcp_v4_syn_recv_sock, 1873 .net_header_len = sizeof(struct iphdr), 1874 .setsockopt = ip_setsockopt, 1875 .getsockopt = ip_getsockopt, 1876 .addr2sockaddr = inet_csk_addr2sockaddr, 1877 .sockaddr_len = sizeof(struct sockaddr_in), 1878 .bind_conflict = inet_csk_bind_conflict, 1879 #ifdef CONFIG_COMPAT 1880 .compat_setsockopt = compat_ip_setsockopt, 1881 .compat_getsockopt = compat_ip_getsockopt, 1882 #endif 1883 }; 1884 EXPORT_SYMBOL(ipv4_specific); 1885 1886 #ifdef CONFIG_TCP_MD5SIG 1887 static const struct tcp_sock_af_ops tcp_sock_ipv4_specific = { 1888 .md5_lookup = tcp_v4_md5_lookup, 1889 .calc_md5_hash = tcp_v4_md5_hash_skb, 1890 .md5_parse = tcp_v4_parse_md5_keys, 1891 }; 1892 #endif 1893 1894 /* NOTE: A lot of things set to zero explicitly by call to 1895 * sk_alloc() so need not be done here. 1896 */ 1897 static int tcp_v4_init_sock(struct sock *sk) 1898 { 1899 struct inet_connection_sock *icsk = inet_csk(sk); 1900 1901 tcp_init_sock(sk); 1902 1903 icsk->icsk_af_ops = &ipv4_specific; 1904 1905 #ifdef CONFIG_TCP_MD5SIG 1906 tcp_sk(sk)->af_specific = &tcp_sock_ipv4_specific; 1907 #endif 1908 1909 return 0; 1910 } 1911 1912 void tcp_v4_destroy_sock(struct sock *sk) 1913 { 1914 struct tcp_sock *tp = tcp_sk(sk); 1915 1916 tcp_clear_xmit_timers(sk); 1917 1918 tcp_cleanup_congestion_control(sk); 1919 1920 /* Cleanup up the write buffer. */ 1921 tcp_write_queue_purge(sk); 1922 1923 /* Cleans up our, hopefully empty, out_of_order_queue. */ 1924 __skb_queue_purge(&tp->out_of_order_queue); 1925 1926 #ifdef CONFIG_TCP_MD5SIG 1927 /* Clean up the MD5 key list, if any */ 1928 if (tp->md5sig_info) { 1929 tcp_clear_md5_list(sk); 1930 kfree_rcu(tp->md5sig_info, rcu); 1931 tp->md5sig_info = NULL; 1932 } 1933 #endif 1934 1935 #ifdef CONFIG_NET_DMA 1936 /* Cleans up our sk_async_wait_queue */ 1937 __skb_queue_purge(&sk->sk_async_wait_queue); 1938 #endif 1939 1940 /* Clean prequeue, it must be empty really */ 1941 __skb_queue_purge(&tp->ucopy.prequeue); 1942 1943 /* Clean up a referenced TCP bind bucket. */ 1944 if (inet_csk(sk)->icsk_bind_hash) 1945 inet_put_port(sk); 1946 1947 BUG_ON(tp->fastopen_rsk != NULL); 1948 1949 /* If socket is aborted during connect operation */ 1950 tcp_free_fastopen_req(tp); 1951 1952 sk_sockets_allocated_dec(sk); 1953 sock_release_memcg(sk); 1954 } 1955 EXPORT_SYMBOL(tcp_v4_destroy_sock); 1956 1957 #ifdef CONFIG_PROC_FS 1958 /* Proc filesystem TCP sock list dumping. */ 1959 1960 /* 1961 * Get next listener socket follow cur. If cur is NULL, get first socket 1962 * starting from bucket given in st->bucket; when st->bucket is zero the 1963 * very first socket in the hash table is returned. 1964 */ 1965 static void *listening_get_next(struct seq_file *seq, void *cur) 1966 { 1967 struct inet_connection_sock *icsk; 1968 struct hlist_nulls_node *node; 1969 struct sock *sk = cur; 1970 struct inet_listen_hashbucket *ilb; 1971 struct tcp_iter_state *st = seq->private; 1972 struct net *net = seq_file_net(seq); 1973 1974 if (!sk) { 1975 ilb = &tcp_hashinfo.listening_hash[st->bucket]; 1976 spin_lock_bh(&ilb->lock); 1977 sk = sk_nulls_head(&ilb->head); 1978 st->offset = 0; 1979 goto get_sk; 1980 } 1981 ilb = &tcp_hashinfo.listening_hash[st->bucket]; 1982 ++st->num; 1983 ++st->offset; 1984 1985 if (st->state == TCP_SEQ_STATE_OPENREQ) { 1986 struct request_sock *req = cur; 1987 1988 icsk = inet_csk(st->syn_wait_sk); 1989 req = req->dl_next; 1990 while (1) { 1991 while (req) { 1992 if (req->rsk_ops->family == st->family) { 1993 cur = req; 1994 goto out; 1995 } 1996 req = req->dl_next; 1997 } 1998 if (++st->sbucket >= icsk->icsk_accept_queue.listen_opt->nr_table_entries) 1999 break; 2000 get_req: 2001 req = icsk->icsk_accept_queue.listen_opt->syn_table[st->sbucket]; 2002 } 2003 sk = sk_nulls_next(st->syn_wait_sk); 2004 st->state = TCP_SEQ_STATE_LISTENING; 2005 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock); 2006 } else { 2007 icsk = inet_csk(sk); 2008 read_lock_bh(&icsk->icsk_accept_queue.syn_wait_lock); 2009 if (reqsk_queue_len(&icsk->icsk_accept_queue)) 2010 goto start_req; 2011 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock); 2012 sk = sk_nulls_next(sk); 2013 } 2014 get_sk: 2015 sk_nulls_for_each_from(sk, node) { 2016 if (!net_eq(sock_net(sk), net)) 2017 continue; 2018 if (sk->sk_family == st->family) { 2019 cur = sk; 2020 goto out; 2021 } 2022 icsk = inet_csk(sk); 2023 read_lock_bh(&icsk->icsk_accept_queue.syn_wait_lock); 2024 if (reqsk_queue_len(&icsk->icsk_accept_queue)) { 2025 start_req: 2026 st->uid = sock_i_uid(sk); 2027 st->syn_wait_sk = sk; 2028 st->state = TCP_SEQ_STATE_OPENREQ; 2029 st->sbucket = 0; 2030 goto get_req; 2031 } 2032 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock); 2033 } 2034 spin_unlock_bh(&ilb->lock); 2035 st->offset = 0; 2036 if (++st->bucket < INET_LHTABLE_SIZE) { 2037 ilb = &tcp_hashinfo.listening_hash[st->bucket]; 2038 spin_lock_bh(&ilb->lock); 2039 sk = sk_nulls_head(&ilb->head); 2040 goto get_sk; 2041 } 2042 cur = NULL; 2043 out: 2044 return cur; 2045 } 2046 2047 static void *listening_get_idx(struct seq_file *seq, loff_t *pos) 2048 { 2049 struct tcp_iter_state *st = seq->private; 2050 void *rc; 2051 2052 st->bucket = 0; 2053 st->offset = 0; 2054 rc = listening_get_next(seq, NULL); 2055 2056 while (rc && *pos) { 2057 rc = listening_get_next(seq, rc); 2058 --*pos; 2059 } 2060 return rc; 2061 } 2062 2063 static inline bool empty_bucket(const struct tcp_iter_state *st) 2064 { 2065 return hlist_nulls_empty(&tcp_hashinfo.ehash[st->bucket].chain); 2066 } 2067 2068 /* 2069 * Get first established socket starting from bucket given in st->bucket. 2070 * If st->bucket is zero, the very first socket in the hash is returned. 2071 */ 2072 static void *established_get_first(struct seq_file *seq) 2073 { 2074 struct tcp_iter_state *st = seq->private; 2075 struct net *net = seq_file_net(seq); 2076 void *rc = NULL; 2077 2078 st->offset = 0; 2079 for (; st->bucket <= tcp_hashinfo.ehash_mask; ++st->bucket) { 2080 struct sock *sk; 2081 struct hlist_nulls_node *node; 2082 spinlock_t *lock = inet_ehash_lockp(&tcp_hashinfo, st->bucket); 2083 2084 /* Lockless fast path for the common case of empty buckets */ 2085 if (empty_bucket(st)) 2086 continue; 2087 2088 spin_lock_bh(lock); 2089 sk_nulls_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) { 2090 if (sk->sk_family != st->family || 2091 !net_eq(sock_net(sk), net)) { 2092 continue; 2093 } 2094 rc = sk; 2095 goto out; 2096 } 2097 spin_unlock_bh(lock); 2098 } 2099 out: 2100 return rc; 2101 } 2102 2103 static void *established_get_next(struct seq_file *seq, void *cur) 2104 { 2105 struct sock *sk = cur; 2106 struct hlist_nulls_node *node; 2107 struct tcp_iter_state *st = seq->private; 2108 struct net *net = seq_file_net(seq); 2109 2110 ++st->num; 2111 ++st->offset; 2112 2113 sk = sk_nulls_next(sk); 2114 2115 sk_nulls_for_each_from(sk, node) { 2116 if (sk->sk_family == st->family && net_eq(sock_net(sk), net)) 2117 return sk; 2118 } 2119 2120 spin_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket)); 2121 ++st->bucket; 2122 return established_get_first(seq); 2123 } 2124 2125 static void *established_get_idx(struct seq_file *seq, loff_t pos) 2126 { 2127 struct tcp_iter_state *st = seq->private; 2128 void *rc; 2129 2130 st->bucket = 0; 2131 rc = established_get_first(seq); 2132 2133 while (rc && pos) { 2134 rc = established_get_next(seq, rc); 2135 --pos; 2136 } 2137 return rc; 2138 } 2139 2140 static void *tcp_get_idx(struct seq_file *seq, loff_t pos) 2141 { 2142 void *rc; 2143 struct tcp_iter_state *st = seq->private; 2144 2145 st->state = TCP_SEQ_STATE_LISTENING; 2146 rc = listening_get_idx(seq, &pos); 2147 2148 if (!rc) { 2149 st->state = TCP_SEQ_STATE_ESTABLISHED; 2150 rc = established_get_idx(seq, pos); 2151 } 2152 2153 return rc; 2154 } 2155 2156 static void *tcp_seek_last_pos(struct seq_file *seq) 2157 { 2158 struct tcp_iter_state *st = seq->private; 2159 int offset = st->offset; 2160 int orig_num = st->num; 2161 void *rc = NULL; 2162 2163 switch (st->state) { 2164 case TCP_SEQ_STATE_OPENREQ: 2165 case TCP_SEQ_STATE_LISTENING: 2166 if (st->bucket >= INET_LHTABLE_SIZE) 2167 break; 2168 st->state = TCP_SEQ_STATE_LISTENING; 2169 rc = listening_get_next(seq, NULL); 2170 while (offset-- && rc) 2171 rc = listening_get_next(seq, rc); 2172 if (rc) 2173 break; 2174 st->bucket = 0; 2175 st->state = TCP_SEQ_STATE_ESTABLISHED; 2176 /* Fallthrough */ 2177 case TCP_SEQ_STATE_ESTABLISHED: 2178 if (st->bucket > tcp_hashinfo.ehash_mask) 2179 break; 2180 rc = established_get_first(seq); 2181 while (offset-- && rc) 2182 rc = established_get_next(seq, rc); 2183 } 2184 2185 st->num = orig_num; 2186 2187 return rc; 2188 } 2189 2190 static void *tcp_seq_start(struct seq_file *seq, loff_t *pos) 2191 { 2192 struct tcp_iter_state *st = seq->private; 2193 void *rc; 2194 2195 if (*pos && *pos == st->last_pos) { 2196 rc = tcp_seek_last_pos(seq); 2197 if (rc) 2198 goto out; 2199 } 2200 2201 st->state = TCP_SEQ_STATE_LISTENING; 2202 st->num = 0; 2203 st->bucket = 0; 2204 st->offset = 0; 2205 rc = *pos ? tcp_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 2206 2207 out: 2208 st->last_pos = *pos; 2209 return rc; 2210 } 2211 2212 static void *tcp_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2213 { 2214 struct tcp_iter_state *st = seq->private; 2215 void *rc = NULL; 2216 2217 if (v == SEQ_START_TOKEN) { 2218 rc = tcp_get_idx(seq, 0); 2219 goto out; 2220 } 2221 2222 switch (st->state) { 2223 case TCP_SEQ_STATE_OPENREQ: 2224 case TCP_SEQ_STATE_LISTENING: 2225 rc = listening_get_next(seq, v); 2226 if (!rc) { 2227 st->state = TCP_SEQ_STATE_ESTABLISHED; 2228 st->bucket = 0; 2229 st->offset = 0; 2230 rc = established_get_first(seq); 2231 } 2232 break; 2233 case TCP_SEQ_STATE_ESTABLISHED: 2234 rc = established_get_next(seq, v); 2235 break; 2236 } 2237 out: 2238 ++*pos; 2239 st->last_pos = *pos; 2240 return rc; 2241 } 2242 2243 static void tcp_seq_stop(struct seq_file *seq, void *v) 2244 { 2245 struct tcp_iter_state *st = seq->private; 2246 2247 switch (st->state) { 2248 case TCP_SEQ_STATE_OPENREQ: 2249 if (v) { 2250 struct inet_connection_sock *icsk = inet_csk(st->syn_wait_sk); 2251 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock); 2252 } 2253 case TCP_SEQ_STATE_LISTENING: 2254 if (v != SEQ_START_TOKEN) 2255 spin_unlock_bh(&tcp_hashinfo.listening_hash[st->bucket].lock); 2256 break; 2257 case TCP_SEQ_STATE_ESTABLISHED: 2258 if (v) 2259 spin_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket)); 2260 break; 2261 } 2262 } 2263 2264 int tcp_seq_open(struct inode *inode, struct file *file) 2265 { 2266 struct tcp_seq_afinfo *afinfo = PDE_DATA(inode); 2267 struct tcp_iter_state *s; 2268 int err; 2269 2270 err = seq_open_net(inode, file, &afinfo->seq_ops, 2271 sizeof(struct tcp_iter_state)); 2272 if (err < 0) 2273 return err; 2274 2275 s = ((struct seq_file *)file->private_data)->private; 2276 s->family = afinfo->family; 2277 s->last_pos = 0; 2278 return 0; 2279 } 2280 EXPORT_SYMBOL(tcp_seq_open); 2281 2282 int tcp_proc_register(struct net *net, struct tcp_seq_afinfo *afinfo) 2283 { 2284 int rc = 0; 2285 struct proc_dir_entry *p; 2286 2287 afinfo->seq_ops.start = tcp_seq_start; 2288 afinfo->seq_ops.next = tcp_seq_next; 2289 afinfo->seq_ops.stop = tcp_seq_stop; 2290 2291 p = proc_create_data(afinfo->name, S_IRUGO, net->proc_net, 2292 afinfo->seq_fops, afinfo); 2293 if (!p) 2294 rc = -ENOMEM; 2295 return rc; 2296 } 2297 EXPORT_SYMBOL(tcp_proc_register); 2298 2299 void tcp_proc_unregister(struct net *net, struct tcp_seq_afinfo *afinfo) 2300 { 2301 remove_proc_entry(afinfo->name, net->proc_net); 2302 } 2303 EXPORT_SYMBOL(tcp_proc_unregister); 2304 2305 static void get_openreq4(const struct sock *sk, const struct request_sock *req, 2306 struct seq_file *f, int i, kuid_t uid) 2307 { 2308 const struct inet_request_sock *ireq = inet_rsk(req); 2309 long delta = req->expires - jiffies; 2310 2311 seq_printf(f, "%4d: %08X:%04X %08X:%04X" 2312 " %02X %08X:%08X %02X:%08lX %08X %5u %8d %u %d %pK", 2313 i, 2314 ireq->ir_loc_addr, 2315 ntohs(inet_sk(sk)->inet_sport), 2316 ireq->ir_rmt_addr, 2317 ntohs(ireq->ir_rmt_port), 2318 TCP_SYN_RECV, 2319 0, 0, /* could print option size, but that is af dependent. */ 2320 1, /* timers active (only the expire timer) */ 2321 jiffies_delta_to_clock_t(delta), 2322 req->num_timeout, 2323 from_kuid_munged(seq_user_ns(f), uid), 2324 0, /* non standard timer */ 2325 0, /* open_requests have no inode */ 2326 atomic_read(&sk->sk_refcnt), 2327 req); 2328 } 2329 2330 static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i) 2331 { 2332 int timer_active; 2333 unsigned long timer_expires; 2334 const struct tcp_sock *tp = tcp_sk(sk); 2335 const struct inet_connection_sock *icsk = inet_csk(sk); 2336 const struct inet_sock *inet = inet_sk(sk); 2337 struct fastopen_queue *fastopenq = icsk->icsk_accept_queue.fastopenq; 2338 __be32 dest = inet->inet_daddr; 2339 __be32 src = inet->inet_rcv_saddr; 2340 __u16 destp = ntohs(inet->inet_dport); 2341 __u16 srcp = ntohs(inet->inet_sport); 2342 int rx_queue; 2343 2344 if (icsk->icsk_pending == ICSK_TIME_RETRANS || 2345 icsk->icsk_pending == ICSK_TIME_EARLY_RETRANS || 2346 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) { 2347 timer_active = 1; 2348 timer_expires = icsk->icsk_timeout; 2349 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) { 2350 timer_active = 4; 2351 timer_expires = icsk->icsk_timeout; 2352 } else if (timer_pending(&sk->sk_timer)) { 2353 timer_active = 2; 2354 timer_expires = sk->sk_timer.expires; 2355 } else { 2356 timer_active = 0; 2357 timer_expires = jiffies; 2358 } 2359 2360 if (sk->sk_state == TCP_LISTEN) 2361 rx_queue = sk->sk_ack_backlog; 2362 else 2363 /* 2364 * because we dont lock socket, we might find a transient negative value 2365 */ 2366 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0); 2367 2368 seq_printf(f, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX " 2369 "%08X %5u %8d %lu %d %pK %lu %lu %u %u %d", 2370 i, src, srcp, dest, destp, sk->sk_state, 2371 tp->write_seq - tp->snd_una, 2372 rx_queue, 2373 timer_active, 2374 jiffies_delta_to_clock_t(timer_expires - jiffies), 2375 icsk->icsk_retransmits, 2376 from_kuid_munged(seq_user_ns(f), sock_i_uid(sk)), 2377 icsk->icsk_probes_out, 2378 sock_i_ino(sk), 2379 atomic_read(&sk->sk_refcnt), sk, 2380 jiffies_to_clock_t(icsk->icsk_rto), 2381 jiffies_to_clock_t(icsk->icsk_ack.ato), 2382 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong, 2383 tp->snd_cwnd, 2384 sk->sk_state == TCP_LISTEN ? 2385 (fastopenq ? fastopenq->max_qlen : 0) : 2386 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)); 2387 } 2388 2389 static void get_timewait4_sock(const struct inet_timewait_sock *tw, 2390 struct seq_file *f, int i) 2391 { 2392 __be32 dest, src; 2393 __u16 destp, srcp; 2394 s32 delta = tw->tw_ttd - inet_tw_time_stamp(); 2395 2396 dest = tw->tw_daddr; 2397 src = tw->tw_rcv_saddr; 2398 destp = ntohs(tw->tw_dport); 2399 srcp = ntohs(tw->tw_sport); 2400 2401 seq_printf(f, "%4d: %08X:%04X %08X:%04X" 2402 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK", 2403 i, src, srcp, dest, destp, tw->tw_substate, 0, 0, 2404 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0, 2405 atomic_read(&tw->tw_refcnt), tw); 2406 } 2407 2408 #define TMPSZ 150 2409 2410 static int tcp4_seq_show(struct seq_file *seq, void *v) 2411 { 2412 struct tcp_iter_state *st; 2413 struct sock *sk = v; 2414 2415 seq_setwidth(seq, TMPSZ - 1); 2416 if (v == SEQ_START_TOKEN) { 2417 seq_puts(seq, " sl local_address rem_address st tx_queue " 2418 "rx_queue tr tm->when retrnsmt uid timeout " 2419 "inode"); 2420 goto out; 2421 } 2422 st = seq->private; 2423 2424 switch (st->state) { 2425 case TCP_SEQ_STATE_LISTENING: 2426 case TCP_SEQ_STATE_ESTABLISHED: 2427 if (sk->sk_state == TCP_TIME_WAIT) 2428 get_timewait4_sock(v, seq, st->num); 2429 else 2430 get_tcp4_sock(v, seq, st->num); 2431 break; 2432 case TCP_SEQ_STATE_OPENREQ: 2433 get_openreq4(st->syn_wait_sk, v, seq, st->num, st->uid); 2434 break; 2435 } 2436 out: 2437 seq_pad(seq, '\n'); 2438 return 0; 2439 } 2440 2441 static const struct file_operations tcp_afinfo_seq_fops = { 2442 .owner = THIS_MODULE, 2443 .open = tcp_seq_open, 2444 .read = seq_read, 2445 .llseek = seq_lseek, 2446 .release = seq_release_net 2447 }; 2448 2449 static struct tcp_seq_afinfo tcp4_seq_afinfo = { 2450 .name = "tcp", 2451 .family = AF_INET, 2452 .seq_fops = &tcp_afinfo_seq_fops, 2453 .seq_ops = { 2454 .show = tcp4_seq_show, 2455 }, 2456 }; 2457 2458 static int __net_init tcp4_proc_init_net(struct net *net) 2459 { 2460 return tcp_proc_register(net, &tcp4_seq_afinfo); 2461 } 2462 2463 static void __net_exit tcp4_proc_exit_net(struct net *net) 2464 { 2465 tcp_proc_unregister(net, &tcp4_seq_afinfo); 2466 } 2467 2468 static struct pernet_operations tcp4_net_ops = { 2469 .init = tcp4_proc_init_net, 2470 .exit = tcp4_proc_exit_net, 2471 }; 2472 2473 int __init tcp4_proc_init(void) 2474 { 2475 return register_pernet_subsys(&tcp4_net_ops); 2476 } 2477 2478 void tcp4_proc_exit(void) 2479 { 2480 unregister_pernet_subsys(&tcp4_net_ops); 2481 } 2482 #endif /* CONFIG_PROC_FS */ 2483 2484 struct proto tcp_prot = { 2485 .name = "TCP", 2486 .owner = THIS_MODULE, 2487 .close = tcp_close, 2488 .connect = tcp_v4_connect, 2489 .disconnect = tcp_disconnect, 2490 .accept = inet_csk_accept, 2491 .ioctl = tcp_ioctl, 2492 .init = tcp_v4_init_sock, 2493 .destroy = tcp_v4_destroy_sock, 2494 .shutdown = tcp_shutdown, 2495 .setsockopt = tcp_setsockopt, 2496 .getsockopt = tcp_getsockopt, 2497 .recvmsg = tcp_recvmsg, 2498 .sendmsg = tcp_sendmsg, 2499 .sendpage = tcp_sendpage, 2500 .backlog_rcv = tcp_v4_do_rcv, 2501 .release_cb = tcp_release_cb, 2502 .mtu_reduced = tcp_v4_mtu_reduced, 2503 .hash = inet_hash, 2504 .unhash = inet_unhash, 2505 .get_port = inet_csk_get_port, 2506 .enter_memory_pressure = tcp_enter_memory_pressure, 2507 .stream_memory_free = tcp_stream_memory_free, 2508 .sockets_allocated = &tcp_sockets_allocated, 2509 .orphan_count = &tcp_orphan_count, 2510 .memory_allocated = &tcp_memory_allocated, 2511 .memory_pressure = &tcp_memory_pressure, 2512 .sysctl_mem = sysctl_tcp_mem, 2513 .sysctl_wmem = sysctl_tcp_wmem, 2514 .sysctl_rmem = sysctl_tcp_rmem, 2515 .max_header = MAX_TCP_HEADER, 2516 .obj_size = sizeof(struct tcp_sock), 2517 .slab_flags = SLAB_DESTROY_BY_RCU, 2518 .twsk_prot = &tcp_timewait_sock_ops, 2519 .rsk_prot = &tcp_request_sock_ops, 2520 .h.hashinfo = &tcp_hashinfo, 2521 .no_autobind = true, 2522 #ifdef CONFIG_COMPAT 2523 .compat_setsockopt = compat_tcp_setsockopt, 2524 .compat_getsockopt = compat_tcp_getsockopt, 2525 #endif 2526 #ifdef CONFIG_MEMCG_KMEM 2527 .init_cgroup = tcp_init_cgroup, 2528 .destroy_cgroup = tcp_destroy_cgroup, 2529 .proto_cgroup = tcp_proto_cgroup, 2530 #endif 2531 }; 2532 EXPORT_SYMBOL(tcp_prot); 2533 2534 static int __net_init tcp_sk_init(struct net *net) 2535 { 2536 net->ipv4.sysctl_tcp_ecn = 2; 2537 return 0; 2538 } 2539 2540 static void __net_exit tcp_sk_exit(struct net *net) 2541 { 2542 } 2543 2544 static void __net_exit tcp_sk_exit_batch(struct list_head *net_exit_list) 2545 { 2546 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET); 2547 } 2548 2549 static struct pernet_operations __net_initdata tcp_sk_ops = { 2550 .init = tcp_sk_init, 2551 .exit = tcp_sk_exit, 2552 .exit_batch = tcp_sk_exit_batch, 2553 }; 2554 2555 void __init tcp_v4_init(void) 2556 { 2557 inet_hashinfo_init(&tcp_hashinfo); 2558 if (register_pernet_subsys(&tcp_sk_ops)) 2559 panic("Failed to create the TCP control socket.\n"); 2560 } 2561