1 /* 2 * TCP over IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on: 9 * linux/net/ipv4/tcp.c 10 * linux/net/ipv4/tcp_input.c 11 * linux/net/ipv4/tcp_output.c 12 * 13 * Fixes: 14 * Hideaki YOSHIFUJI : sin6_scope_id support 15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which 16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind 17 * a single port at the same time. 18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file. 19 * 20 * This program is free software; you can redistribute it and/or 21 * modify it under the terms of the GNU General Public License 22 * as published by the Free Software Foundation; either version 23 * 2 of the License, or (at your option) any later version. 24 */ 25 26 #include <linux/bottom_half.h> 27 #include <linux/module.h> 28 #include <linux/errno.h> 29 #include <linux/types.h> 30 #include <linux/socket.h> 31 #include <linux/sockios.h> 32 #include <linux/net.h> 33 #include <linux/jiffies.h> 34 #include <linux/in.h> 35 #include <linux/in6.h> 36 #include <linux/netdevice.h> 37 #include <linux/init.h> 38 #include <linux/jhash.h> 39 #include <linux/ipsec.h> 40 #include <linux/times.h> 41 #include <linux/slab.h> 42 #include <linux/uaccess.h> 43 #include <linux/ipv6.h> 44 #include <linux/icmpv6.h> 45 #include <linux/random.h> 46 47 #include <net/tcp.h> 48 #include <net/ndisc.h> 49 #include <net/inet6_hashtables.h> 50 #include <net/inet6_connection_sock.h> 51 #include <net/ipv6.h> 52 #include <net/transp_v6.h> 53 #include <net/addrconf.h> 54 #include <net/ip6_route.h> 55 #include <net/ip6_checksum.h> 56 #include <net/inet_ecn.h> 57 #include <net/protocol.h> 58 #include <net/xfrm.h> 59 #include <net/snmp.h> 60 #include <net/dsfield.h> 61 #include <net/timewait_sock.h> 62 #include <net/inet_common.h> 63 #include <net/secure_seq.h> 64 #include <net/busy_poll.h> 65 66 #include <linux/proc_fs.h> 67 #include <linux/seq_file.h> 68 69 #include <crypto/hash.h> 70 #include <linux/scatterlist.h> 71 72 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb); 73 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb, 74 struct request_sock *req); 75 76 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb); 77 78 static const struct inet_connection_sock_af_ops ipv6_mapped; 79 static const struct inet_connection_sock_af_ops ipv6_specific; 80 #ifdef CONFIG_TCP_MD5SIG 81 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific; 82 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific; 83 #else 84 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk, 85 const struct in6_addr *addr) 86 { 87 return NULL; 88 } 89 #endif 90 91 static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb) 92 { 93 struct dst_entry *dst = skb_dst(skb); 94 95 if (dst && dst_hold_safe(dst)) { 96 const struct rt6_info *rt = (const struct rt6_info *)dst; 97 98 sk->sk_rx_dst = dst; 99 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif; 100 inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt); 101 } 102 } 103 104 static u32 tcp_v6_init_seq_and_tsoff(const struct sk_buff *skb, u32 *tsoff) 105 { 106 return secure_tcpv6_seq_and_tsoff(ipv6_hdr(skb)->daddr.s6_addr32, 107 ipv6_hdr(skb)->saddr.s6_addr32, 108 tcp_hdr(skb)->dest, 109 tcp_hdr(skb)->source, tsoff); 110 } 111 112 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, 113 int addr_len) 114 { 115 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; 116 struct inet_sock *inet = inet_sk(sk); 117 struct inet_connection_sock *icsk = inet_csk(sk); 118 struct ipv6_pinfo *np = inet6_sk(sk); 119 struct tcp_sock *tp = tcp_sk(sk); 120 struct in6_addr *saddr = NULL, *final_p, final; 121 struct ipv6_txoptions *opt; 122 struct flowi6 fl6; 123 struct dst_entry *dst; 124 int addr_type; 125 u32 seq; 126 int err; 127 struct inet_timewait_death_row *tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row; 128 129 if (addr_len < SIN6_LEN_RFC2133) 130 return -EINVAL; 131 132 if (usin->sin6_family != AF_INET6) 133 return -EAFNOSUPPORT; 134 135 memset(&fl6, 0, sizeof(fl6)); 136 137 if (np->sndflow) { 138 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK; 139 IP6_ECN_flow_init(fl6.flowlabel); 140 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) { 141 struct ip6_flowlabel *flowlabel; 142 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel); 143 if (!flowlabel) 144 return -EINVAL; 145 fl6_sock_release(flowlabel); 146 } 147 } 148 149 /* 150 * connect() to INADDR_ANY means loopback (BSD'ism). 151 */ 152 153 if (ipv6_addr_any(&usin->sin6_addr)) { 154 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr)) 155 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK), 156 &usin->sin6_addr); 157 else 158 usin->sin6_addr = in6addr_loopback; 159 } 160 161 addr_type = ipv6_addr_type(&usin->sin6_addr); 162 163 if (addr_type & IPV6_ADDR_MULTICAST) 164 return -ENETUNREACH; 165 166 if (addr_type&IPV6_ADDR_LINKLOCAL) { 167 if (addr_len >= sizeof(struct sockaddr_in6) && 168 usin->sin6_scope_id) { 169 /* If interface is set while binding, indices 170 * must coincide. 171 */ 172 if (sk->sk_bound_dev_if && 173 sk->sk_bound_dev_if != usin->sin6_scope_id) 174 return -EINVAL; 175 176 sk->sk_bound_dev_if = usin->sin6_scope_id; 177 } 178 179 /* Connect to link-local address requires an interface */ 180 if (!sk->sk_bound_dev_if) 181 return -EINVAL; 182 } 183 184 if (tp->rx_opt.ts_recent_stamp && 185 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) { 186 tp->rx_opt.ts_recent = 0; 187 tp->rx_opt.ts_recent_stamp = 0; 188 tp->write_seq = 0; 189 } 190 191 sk->sk_v6_daddr = usin->sin6_addr; 192 np->flow_label = fl6.flowlabel; 193 194 /* 195 * TCP over IPv4 196 */ 197 198 if (addr_type & IPV6_ADDR_MAPPED) { 199 u32 exthdrlen = icsk->icsk_ext_hdr_len; 200 struct sockaddr_in sin; 201 202 SOCK_DEBUG(sk, "connect: ipv4 mapped\n"); 203 204 if (__ipv6_only_sock(sk)) 205 return -ENETUNREACH; 206 207 sin.sin_family = AF_INET; 208 sin.sin_port = usin->sin6_port; 209 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3]; 210 211 icsk->icsk_af_ops = &ipv6_mapped; 212 sk->sk_backlog_rcv = tcp_v4_do_rcv; 213 #ifdef CONFIG_TCP_MD5SIG 214 tp->af_specific = &tcp_sock_ipv6_mapped_specific; 215 #endif 216 217 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin)); 218 219 if (err) { 220 icsk->icsk_ext_hdr_len = exthdrlen; 221 icsk->icsk_af_ops = &ipv6_specific; 222 sk->sk_backlog_rcv = tcp_v6_do_rcv; 223 #ifdef CONFIG_TCP_MD5SIG 224 tp->af_specific = &tcp_sock_ipv6_specific; 225 #endif 226 goto failure; 227 } 228 np->saddr = sk->sk_v6_rcv_saddr; 229 230 return err; 231 } 232 233 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr)) 234 saddr = &sk->sk_v6_rcv_saddr; 235 236 fl6.flowi6_proto = IPPROTO_TCP; 237 fl6.daddr = sk->sk_v6_daddr; 238 fl6.saddr = saddr ? *saddr : np->saddr; 239 fl6.flowi6_oif = sk->sk_bound_dev_if; 240 fl6.flowi6_mark = sk->sk_mark; 241 fl6.fl6_dport = usin->sin6_port; 242 fl6.fl6_sport = inet->inet_sport; 243 fl6.flowi6_uid = sk->sk_uid; 244 245 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk)); 246 final_p = fl6_update_dst(&fl6, opt, &final); 247 248 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6)); 249 250 dst = ip6_dst_lookup_flow(sk, &fl6, final_p); 251 if (IS_ERR(dst)) { 252 err = PTR_ERR(dst); 253 goto failure; 254 } 255 256 if (!saddr) { 257 saddr = &fl6.saddr; 258 sk->sk_v6_rcv_saddr = *saddr; 259 } 260 261 /* set the source address */ 262 np->saddr = *saddr; 263 inet->inet_rcv_saddr = LOOPBACK4_IPV6; 264 265 sk->sk_gso_type = SKB_GSO_TCPV6; 266 ip6_dst_store(sk, dst, NULL, NULL); 267 268 icsk->icsk_ext_hdr_len = 0; 269 if (opt) 270 icsk->icsk_ext_hdr_len = opt->opt_flen + 271 opt->opt_nflen; 272 273 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 274 275 inet->inet_dport = usin->sin6_port; 276 277 tcp_set_state(sk, TCP_SYN_SENT); 278 err = inet6_hash_connect(tcp_death_row, sk); 279 if (err) 280 goto late_failure; 281 282 sk_set_txhash(sk); 283 284 if (likely(!tp->repair)) { 285 seq = secure_tcpv6_seq_and_tsoff(np->saddr.s6_addr32, 286 sk->sk_v6_daddr.s6_addr32, 287 inet->inet_sport, 288 inet->inet_dport, 289 &tp->tsoffset); 290 if (!tp->write_seq) 291 tp->write_seq = seq; 292 } 293 294 if (tcp_fastopen_defer_connect(sk, &err)) 295 return err; 296 if (err) 297 goto late_failure; 298 299 err = tcp_connect(sk); 300 if (err) 301 goto late_failure; 302 303 return 0; 304 305 late_failure: 306 tcp_set_state(sk, TCP_CLOSE); 307 failure: 308 inet->inet_dport = 0; 309 sk->sk_route_caps = 0; 310 return err; 311 } 312 313 static void tcp_v6_mtu_reduced(struct sock *sk) 314 { 315 struct dst_entry *dst; 316 317 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) 318 return; 319 320 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info); 321 if (!dst) 322 return; 323 324 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) { 325 tcp_sync_mss(sk, dst_mtu(dst)); 326 tcp_simple_retransmit(sk); 327 } 328 } 329 330 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 331 u8 type, u8 code, int offset, __be32 info) 332 { 333 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data; 334 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset); 335 struct net *net = dev_net(skb->dev); 336 struct request_sock *fastopen; 337 struct ipv6_pinfo *np; 338 struct tcp_sock *tp; 339 __u32 seq, snd_una; 340 struct sock *sk; 341 bool fatal; 342 int err; 343 344 sk = __inet6_lookup_established(net, &tcp_hashinfo, 345 &hdr->daddr, th->dest, 346 &hdr->saddr, ntohs(th->source), 347 skb->dev->ifindex); 348 349 if (!sk) { 350 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev), 351 ICMP6_MIB_INERRORS); 352 return; 353 } 354 355 if (sk->sk_state == TCP_TIME_WAIT) { 356 inet_twsk_put(inet_twsk(sk)); 357 return; 358 } 359 seq = ntohl(th->seq); 360 fatal = icmpv6_err_convert(type, code, &err); 361 if (sk->sk_state == TCP_NEW_SYN_RECV) 362 return tcp_req_err(sk, seq, fatal); 363 364 bh_lock_sock(sk); 365 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG) 366 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS); 367 368 if (sk->sk_state == TCP_CLOSE) 369 goto out; 370 371 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) { 372 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP); 373 goto out; 374 } 375 376 tp = tcp_sk(sk); 377 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */ 378 fastopen = tp->fastopen_rsk; 379 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una; 380 if (sk->sk_state != TCP_LISTEN && 381 !between(seq, snd_una, tp->snd_nxt)) { 382 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS); 383 goto out; 384 } 385 386 np = inet6_sk(sk); 387 388 if (type == NDISC_REDIRECT) { 389 if (!sock_owned_by_user(sk)) { 390 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie); 391 392 if (dst) 393 dst->ops->redirect(dst, sk, skb); 394 } 395 goto out; 396 } 397 398 if (type == ICMPV6_PKT_TOOBIG) { 399 /* We are not interested in TCP_LISTEN and open_requests 400 * (SYN-ACKs send out by Linux are always <576bytes so 401 * they should go through unfragmented). 402 */ 403 if (sk->sk_state == TCP_LISTEN) 404 goto out; 405 406 if (!ip6_sk_accept_pmtu(sk)) 407 goto out; 408 409 tp->mtu_info = ntohl(info); 410 if (!sock_owned_by_user(sk)) 411 tcp_v6_mtu_reduced(sk); 412 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED, 413 &sk->sk_tsq_flags)) 414 sock_hold(sk); 415 goto out; 416 } 417 418 419 /* Might be for an request_sock */ 420 switch (sk->sk_state) { 421 case TCP_SYN_SENT: 422 case TCP_SYN_RECV: 423 /* Only in fast or simultaneous open. If a fast open socket is 424 * is already accepted it is treated as a connected one below. 425 */ 426 if (fastopen && !fastopen->sk) 427 break; 428 429 if (!sock_owned_by_user(sk)) { 430 sk->sk_err = err; 431 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */ 432 433 tcp_done(sk); 434 } else 435 sk->sk_err_soft = err; 436 goto out; 437 } 438 439 if (!sock_owned_by_user(sk) && np->recverr) { 440 sk->sk_err = err; 441 sk->sk_error_report(sk); 442 } else 443 sk->sk_err_soft = err; 444 445 out: 446 bh_unlock_sock(sk); 447 sock_put(sk); 448 } 449 450 451 static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst, 452 struct flowi *fl, 453 struct request_sock *req, 454 struct tcp_fastopen_cookie *foc, 455 enum tcp_synack_type synack_type) 456 { 457 struct inet_request_sock *ireq = inet_rsk(req); 458 struct ipv6_pinfo *np = inet6_sk(sk); 459 struct ipv6_txoptions *opt; 460 struct flowi6 *fl6 = &fl->u.ip6; 461 struct sk_buff *skb; 462 int err = -ENOMEM; 463 464 /* First, grab a route. */ 465 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req, 466 IPPROTO_TCP)) == NULL) 467 goto done; 468 469 skb = tcp_make_synack(sk, dst, req, foc, synack_type); 470 471 if (skb) { 472 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr, 473 &ireq->ir_v6_rmt_addr); 474 475 fl6->daddr = ireq->ir_v6_rmt_addr; 476 if (np->repflow && ireq->pktopts) 477 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts)); 478 479 rcu_read_lock(); 480 opt = ireq->ipv6_opt; 481 if (!opt) 482 opt = rcu_dereference(np->opt); 483 err = ip6_xmit(sk, skb, fl6, sk->sk_mark, opt, np->tclass); 484 rcu_read_unlock(); 485 err = net_xmit_eval(err); 486 } 487 488 done: 489 return err; 490 } 491 492 493 static void tcp_v6_reqsk_destructor(struct request_sock *req) 494 { 495 kfree(inet_rsk(req)->ipv6_opt); 496 kfree_skb(inet_rsk(req)->pktopts); 497 } 498 499 #ifdef CONFIG_TCP_MD5SIG 500 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk, 501 const struct in6_addr *addr) 502 { 503 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6); 504 } 505 506 static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk, 507 const struct sock *addr_sk) 508 { 509 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr); 510 } 511 512 static int tcp_v6_parse_md5_keys(struct sock *sk, char __user *optval, 513 int optlen) 514 { 515 struct tcp_md5sig cmd; 516 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr; 517 518 if (optlen < sizeof(cmd)) 519 return -EINVAL; 520 521 if (copy_from_user(&cmd, optval, sizeof(cmd))) 522 return -EFAULT; 523 524 if (sin6->sin6_family != AF_INET6) 525 return -EINVAL; 526 527 if (!cmd.tcpm_keylen) { 528 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) 529 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3], 530 AF_INET); 531 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr, 532 AF_INET6); 533 } 534 535 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN) 536 return -EINVAL; 537 538 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) 539 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3], 540 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL); 541 542 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr, 543 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL); 544 } 545 546 static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp, 547 const struct in6_addr *daddr, 548 const struct in6_addr *saddr, 549 const struct tcphdr *th, int nbytes) 550 { 551 struct tcp6_pseudohdr *bp; 552 struct scatterlist sg; 553 struct tcphdr *_th; 554 555 bp = hp->scratch; 556 /* 1. TCP pseudo-header (RFC2460) */ 557 bp->saddr = *saddr; 558 bp->daddr = *daddr; 559 bp->protocol = cpu_to_be32(IPPROTO_TCP); 560 bp->len = cpu_to_be32(nbytes); 561 562 _th = (struct tcphdr *)(bp + 1); 563 memcpy(_th, th, sizeof(*th)); 564 _th->check = 0; 565 566 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th)); 567 ahash_request_set_crypt(hp->md5_req, &sg, NULL, 568 sizeof(*bp) + sizeof(*th)); 569 return crypto_ahash_update(hp->md5_req); 570 } 571 572 static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key, 573 const struct in6_addr *daddr, struct in6_addr *saddr, 574 const struct tcphdr *th) 575 { 576 struct tcp_md5sig_pool *hp; 577 struct ahash_request *req; 578 579 hp = tcp_get_md5sig_pool(); 580 if (!hp) 581 goto clear_hash_noput; 582 req = hp->md5_req; 583 584 if (crypto_ahash_init(req)) 585 goto clear_hash; 586 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2)) 587 goto clear_hash; 588 if (tcp_md5_hash_key(hp, key)) 589 goto clear_hash; 590 ahash_request_set_crypt(req, NULL, md5_hash, 0); 591 if (crypto_ahash_final(req)) 592 goto clear_hash; 593 594 tcp_put_md5sig_pool(); 595 return 0; 596 597 clear_hash: 598 tcp_put_md5sig_pool(); 599 clear_hash_noput: 600 memset(md5_hash, 0, 16); 601 return 1; 602 } 603 604 static int tcp_v6_md5_hash_skb(char *md5_hash, 605 const struct tcp_md5sig_key *key, 606 const struct sock *sk, 607 const struct sk_buff *skb) 608 { 609 const struct in6_addr *saddr, *daddr; 610 struct tcp_md5sig_pool *hp; 611 struct ahash_request *req; 612 const struct tcphdr *th = tcp_hdr(skb); 613 614 if (sk) { /* valid for establish/request sockets */ 615 saddr = &sk->sk_v6_rcv_saddr; 616 daddr = &sk->sk_v6_daddr; 617 } else { 618 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 619 saddr = &ip6h->saddr; 620 daddr = &ip6h->daddr; 621 } 622 623 hp = tcp_get_md5sig_pool(); 624 if (!hp) 625 goto clear_hash_noput; 626 req = hp->md5_req; 627 628 if (crypto_ahash_init(req)) 629 goto clear_hash; 630 631 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len)) 632 goto clear_hash; 633 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2)) 634 goto clear_hash; 635 if (tcp_md5_hash_key(hp, key)) 636 goto clear_hash; 637 ahash_request_set_crypt(req, NULL, md5_hash, 0); 638 if (crypto_ahash_final(req)) 639 goto clear_hash; 640 641 tcp_put_md5sig_pool(); 642 return 0; 643 644 clear_hash: 645 tcp_put_md5sig_pool(); 646 clear_hash_noput: 647 memset(md5_hash, 0, 16); 648 return 1; 649 } 650 651 #endif 652 653 static bool tcp_v6_inbound_md5_hash(const struct sock *sk, 654 const struct sk_buff *skb) 655 { 656 #ifdef CONFIG_TCP_MD5SIG 657 const __u8 *hash_location = NULL; 658 struct tcp_md5sig_key *hash_expected; 659 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 660 const struct tcphdr *th = tcp_hdr(skb); 661 int genhash; 662 u8 newhash[16]; 663 664 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr); 665 hash_location = tcp_parse_md5sig_option(th); 666 667 /* We've parsed the options - do we have a hash? */ 668 if (!hash_expected && !hash_location) 669 return false; 670 671 if (hash_expected && !hash_location) { 672 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND); 673 return true; 674 } 675 676 if (!hash_expected && hash_location) { 677 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED); 678 return true; 679 } 680 681 /* check the signature */ 682 genhash = tcp_v6_md5_hash_skb(newhash, 683 hash_expected, 684 NULL, skb); 685 686 if (genhash || memcmp(hash_location, newhash, 16) != 0) { 687 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE); 688 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n", 689 genhash ? "failed" : "mismatch", 690 &ip6h->saddr, ntohs(th->source), 691 &ip6h->daddr, ntohs(th->dest)); 692 return true; 693 } 694 #endif 695 return false; 696 } 697 698 static void tcp_v6_init_req(struct request_sock *req, 699 const struct sock *sk_listener, 700 struct sk_buff *skb) 701 { 702 struct inet_request_sock *ireq = inet_rsk(req); 703 const struct ipv6_pinfo *np = inet6_sk(sk_listener); 704 705 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr; 706 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr; 707 708 /* So that link locals have meaning */ 709 if (!sk_listener->sk_bound_dev_if && 710 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL) 711 ireq->ir_iif = tcp_v6_iif(skb); 712 713 if (!TCP_SKB_CB(skb)->tcp_tw_isn && 714 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) || 715 np->rxopt.bits.rxinfo || 716 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim || 717 np->rxopt.bits.rxohlim || np->repflow)) { 718 atomic_inc(&skb->users); 719 ireq->pktopts = skb; 720 } 721 } 722 723 static struct dst_entry *tcp_v6_route_req(const struct sock *sk, 724 struct flowi *fl, 725 const struct request_sock *req) 726 { 727 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP); 728 } 729 730 struct request_sock_ops tcp6_request_sock_ops __read_mostly = { 731 .family = AF_INET6, 732 .obj_size = sizeof(struct tcp6_request_sock), 733 .rtx_syn_ack = tcp_rtx_synack, 734 .send_ack = tcp_v6_reqsk_send_ack, 735 .destructor = tcp_v6_reqsk_destructor, 736 .send_reset = tcp_v6_send_reset, 737 .syn_ack_timeout = tcp_syn_ack_timeout, 738 }; 739 740 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = { 741 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - 742 sizeof(struct ipv6hdr), 743 #ifdef CONFIG_TCP_MD5SIG 744 .req_md5_lookup = tcp_v6_md5_lookup, 745 .calc_md5_hash = tcp_v6_md5_hash_skb, 746 #endif 747 .init_req = tcp_v6_init_req, 748 #ifdef CONFIG_SYN_COOKIES 749 .cookie_init_seq = cookie_v6_init_sequence, 750 #endif 751 .route_req = tcp_v6_route_req, 752 .init_seq_tsoff = tcp_v6_init_seq_and_tsoff, 753 .send_synack = tcp_v6_send_synack, 754 }; 755 756 static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq, 757 u32 ack, u32 win, u32 tsval, u32 tsecr, 758 int oif, struct tcp_md5sig_key *key, int rst, 759 u8 tclass, __be32 label) 760 { 761 const struct tcphdr *th = tcp_hdr(skb); 762 struct tcphdr *t1; 763 struct sk_buff *buff; 764 struct flowi6 fl6; 765 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev); 766 struct sock *ctl_sk = net->ipv6.tcp_sk; 767 unsigned int tot_len = sizeof(struct tcphdr); 768 struct dst_entry *dst; 769 __be32 *topt; 770 771 if (tsecr) 772 tot_len += TCPOLEN_TSTAMP_ALIGNED; 773 #ifdef CONFIG_TCP_MD5SIG 774 if (key) 775 tot_len += TCPOLEN_MD5SIG_ALIGNED; 776 #endif 777 778 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len, 779 GFP_ATOMIC); 780 if (!buff) 781 return; 782 783 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len); 784 785 t1 = (struct tcphdr *) skb_push(buff, tot_len); 786 skb_reset_transport_header(buff); 787 788 /* Swap the send and the receive. */ 789 memset(t1, 0, sizeof(*t1)); 790 t1->dest = th->source; 791 t1->source = th->dest; 792 t1->doff = tot_len / 4; 793 t1->seq = htonl(seq); 794 t1->ack_seq = htonl(ack); 795 t1->ack = !rst || !th->ack; 796 t1->rst = rst; 797 t1->window = htons(win); 798 799 topt = (__be32 *)(t1 + 1); 800 801 if (tsecr) { 802 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 803 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP); 804 *topt++ = htonl(tsval); 805 *topt++ = htonl(tsecr); 806 } 807 808 #ifdef CONFIG_TCP_MD5SIG 809 if (key) { 810 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 811 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG); 812 tcp_v6_md5_hash_hdr((__u8 *)topt, key, 813 &ipv6_hdr(skb)->saddr, 814 &ipv6_hdr(skb)->daddr, t1); 815 } 816 #endif 817 818 memset(&fl6, 0, sizeof(fl6)); 819 fl6.daddr = ipv6_hdr(skb)->saddr; 820 fl6.saddr = ipv6_hdr(skb)->daddr; 821 fl6.flowlabel = label; 822 823 buff->ip_summed = CHECKSUM_PARTIAL; 824 buff->csum = 0; 825 826 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr); 827 828 fl6.flowi6_proto = IPPROTO_TCP; 829 if (rt6_need_strict(&fl6.daddr) && !oif) 830 fl6.flowi6_oif = tcp_v6_iif(skb); 831 else { 832 if (!oif && netif_index_is_l3_master(net, skb->skb_iif)) 833 oif = skb->skb_iif; 834 835 fl6.flowi6_oif = oif; 836 } 837 838 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark); 839 fl6.fl6_dport = t1->dest; 840 fl6.fl6_sport = t1->source; 841 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL); 842 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6)); 843 844 /* Pass a socket to ip6_dst_lookup either it is for RST 845 * Underlying function will use this to retrieve the network 846 * namespace 847 */ 848 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL); 849 if (!IS_ERR(dst)) { 850 skb_dst_set(buff, dst); 851 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL, tclass); 852 TCP_INC_STATS(net, TCP_MIB_OUTSEGS); 853 if (rst) 854 TCP_INC_STATS(net, TCP_MIB_OUTRSTS); 855 return; 856 } 857 858 kfree_skb(buff); 859 } 860 861 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb) 862 { 863 const struct tcphdr *th = tcp_hdr(skb); 864 u32 seq = 0, ack_seq = 0; 865 struct tcp_md5sig_key *key = NULL; 866 #ifdef CONFIG_TCP_MD5SIG 867 const __u8 *hash_location = NULL; 868 struct ipv6hdr *ipv6h = ipv6_hdr(skb); 869 unsigned char newhash[16]; 870 int genhash; 871 struct sock *sk1 = NULL; 872 #endif 873 int oif; 874 875 if (th->rst) 876 return; 877 878 /* If sk not NULL, it means we did a successful lookup and incoming 879 * route had to be correct. prequeue might have dropped our dst. 880 */ 881 if (!sk && !ipv6_unicast_destination(skb)) 882 return; 883 884 #ifdef CONFIG_TCP_MD5SIG 885 rcu_read_lock(); 886 hash_location = tcp_parse_md5sig_option(th); 887 if (sk && sk_fullsock(sk)) { 888 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr); 889 } else if (hash_location) { 890 /* 891 * active side is lost. Try to find listening socket through 892 * source port, and then find md5 key through listening socket. 893 * we are not loose security here: 894 * Incoming packet is checked with md5 hash with finding key, 895 * no RST generated if md5 hash doesn't match. 896 */ 897 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev), 898 &tcp_hashinfo, NULL, 0, 899 &ipv6h->saddr, 900 th->source, &ipv6h->daddr, 901 ntohs(th->source), tcp_v6_iif(skb)); 902 if (!sk1) 903 goto out; 904 905 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr); 906 if (!key) 907 goto out; 908 909 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb); 910 if (genhash || memcmp(hash_location, newhash, 16) != 0) 911 goto out; 912 } 913 #endif 914 915 if (th->ack) 916 seq = ntohl(th->ack_seq); 917 else 918 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len - 919 (th->doff << 2); 920 921 oif = sk ? sk->sk_bound_dev_if : 0; 922 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0); 923 924 #ifdef CONFIG_TCP_MD5SIG 925 out: 926 rcu_read_unlock(); 927 #endif 928 } 929 930 static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq, 931 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif, 932 struct tcp_md5sig_key *key, u8 tclass, 933 __be32 label) 934 { 935 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0, 936 tclass, label); 937 } 938 939 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb) 940 { 941 struct inet_timewait_sock *tw = inet_twsk(sk); 942 struct tcp_timewait_sock *tcptw = tcp_twsk(sk); 943 944 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt, 945 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale, 946 tcp_time_stamp + tcptw->tw_ts_offset, 947 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw), 948 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel)); 949 950 inet_twsk_put(tw); 951 } 952 953 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb, 954 struct request_sock *req) 955 { 956 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV 957 * sk->sk_state == TCP_SYN_RECV -> for Fast Open. 958 */ 959 /* RFC 7323 2.3 960 * The window field (SEG.WND) of every outgoing segment, with the 961 * exception of <SYN> segments, MUST be right-shifted by 962 * Rcv.Wind.Shift bits: 963 */ 964 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ? 965 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt, 966 tcp_rsk(req)->rcv_nxt, 967 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale, 968 tcp_time_stamp + tcp_rsk(req)->ts_off, 969 req->ts_recent, sk->sk_bound_dev_if, 970 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr), 971 0, 0); 972 } 973 974 975 static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb) 976 { 977 #ifdef CONFIG_SYN_COOKIES 978 const struct tcphdr *th = tcp_hdr(skb); 979 980 if (!th->syn) 981 sk = cookie_v6_check(sk, skb); 982 #endif 983 return sk; 984 } 985 986 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) 987 { 988 if (skb->protocol == htons(ETH_P_IP)) 989 return tcp_v4_conn_request(sk, skb); 990 991 if (!ipv6_unicast_destination(skb)) 992 goto drop; 993 994 return tcp_conn_request(&tcp6_request_sock_ops, 995 &tcp_request_sock_ipv6_ops, sk, skb); 996 997 drop: 998 tcp_listendrop(sk); 999 return 0; /* don't send reset */ 1000 } 1001 1002 static void tcp_v6_restore_cb(struct sk_buff *skb) 1003 { 1004 /* We need to move header back to the beginning if xfrm6_policy_check() 1005 * and tcp_v6_fill_cb() are going to be called again. 1006 * ip6_datagram_recv_specific_ctl() also expects IP6CB to be there. 1007 */ 1008 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6, 1009 sizeof(struct inet6_skb_parm)); 1010 } 1011 1012 static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb, 1013 struct request_sock *req, 1014 struct dst_entry *dst, 1015 struct request_sock *req_unhash, 1016 bool *own_req) 1017 { 1018 struct inet_request_sock *ireq; 1019 struct ipv6_pinfo *newnp; 1020 const struct ipv6_pinfo *np = inet6_sk(sk); 1021 struct ipv6_txoptions *opt; 1022 struct tcp6_sock *newtcp6sk; 1023 struct inet_sock *newinet; 1024 struct tcp_sock *newtp; 1025 struct sock *newsk; 1026 #ifdef CONFIG_TCP_MD5SIG 1027 struct tcp_md5sig_key *key; 1028 #endif 1029 struct flowi6 fl6; 1030 1031 if (skb->protocol == htons(ETH_P_IP)) { 1032 /* 1033 * v6 mapped 1034 */ 1035 1036 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst, 1037 req_unhash, own_req); 1038 1039 if (!newsk) 1040 return NULL; 1041 1042 newtcp6sk = (struct tcp6_sock *)newsk; 1043 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1044 1045 newinet = inet_sk(newsk); 1046 newnp = inet6_sk(newsk); 1047 newtp = tcp_sk(newsk); 1048 1049 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1050 1051 newnp->saddr = newsk->sk_v6_rcv_saddr; 1052 1053 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped; 1054 newsk->sk_backlog_rcv = tcp_v4_do_rcv; 1055 #ifdef CONFIG_TCP_MD5SIG 1056 newtp->af_specific = &tcp_sock_ipv6_mapped_specific; 1057 #endif 1058 1059 newnp->ipv6_ac_list = NULL; 1060 newnp->ipv6_fl_list = NULL; 1061 newnp->pktoptions = NULL; 1062 newnp->opt = NULL; 1063 newnp->mcast_oif = tcp_v6_iif(skb); 1064 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit; 1065 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb)); 1066 if (np->repflow) 1067 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb)); 1068 1069 /* 1070 * No need to charge this sock to the relevant IPv6 refcnt debug socks count 1071 * here, tcp_create_openreq_child now does this for us, see the comment in 1072 * that function for the gory details. -acme 1073 */ 1074 1075 /* It is tricky place. Until this moment IPv4 tcp 1076 worked with IPv6 icsk.icsk_af_ops. 1077 Sync it now. 1078 */ 1079 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie); 1080 1081 return newsk; 1082 } 1083 1084 ireq = inet_rsk(req); 1085 1086 if (sk_acceptq_is_full(sk)) 1087 goto out_overflow; 1088 1089 if (!dst) { 1090 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP); 1091 if (!dst) 1092 goto out; 1093 } 1094 1095 newsk = tcp_create_openreq_child(sk, req, skb); 1096 if (!newsk) 1097 goto out_nonewsk; 1098 1099 /* 1100 * No need to charge this sock to the relevant IPv6 refcnt debug socks 1101 * count here, tcp_create_openreq_child now does this for us, see the 1102 * comment in that function for the gory details. -acme 1103 */ 1104 1105 newsk->sk_gso_type = SKB_GSO_TCPV6; 1106 ip6_dst_store(newsk, dst, NULL, NULL); 1107 inet6_sk_rx_dst_set(newsk, skb); 1108 1109 newtcp6sk = (struct tcp6_sock *)newsk; 1110 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1111 1112 newtp = tcp_sk(newsk); 1113 newinet = inet_sk(newsk); 1114 newnp = inet6_sk(newsk); 1115 1116 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1117 1118 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr; 1119 newnp->saddr = ireq->ir_v6_loc_addr; 1120 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr; 1121 newsk->sk_bound_dev_if = ireq->ir_iif; 1122 1123 /* Now IPv6 options... 1124 1125 First: no IPv4 options. 1126 */ 1127 newinet->inet_opt = NULL; 1128 newnp->ipv6_ac_list = NULL; 1129 newnp->ipv6_fl_list = NULL; 1130 1131 /* Clone RX bits */ 1132 newnp->rxopt.all = np->rxopt.all; 1133 1134 newnp->pktoptions = NULL; 1135 newnp->opt = NULL; 1136 newnp->mcast_oif = tcp_v6_iif(skb); 1137 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit; 1138 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb)); 1139 if (np->repflow) 1140 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb)); 1141 1142 /* Clone native IPv6 options from listening socket (if any) 1143 1144 Yes, keeping reference count would be much more clever, 1145 but we make one more one thing there: reattach optmem 1146 to newsk. 1147 */ 1148 opt = ireq->ipv6_opt; 1149 if (!opt) 1150 opt = rcu_dereference(np->opt); 1151 if (opt) { 1152 opt = ipv6_dup_options(newsk, opt); 1153 RCU_INIT_POINTER(newnp->opt, opt); 1154 } 1155 inet_csk(newsk)->icsk_ext_hdr_len = 0; 1156 if (opt) 1157 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen + 1158 opt->opt_flen; 1159 1160 tcp_ca_openreq_child(newsk, dst); 1161 1162 tcp_sync_mss(newsk, dst_mtu(dst)); 1163 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst)); 1164 1165 tcp_initialize_rcv_mss(newsk); 1166 1167 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6; 1168 newinet->inet_rcv_saddr = LOOPBACK4_IPV6; 1169 1170 #ifdef CONFIG_TCP_MD5SIG 1171 /* Copy over the MD5 key from the original socket */ 1172 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr); 1173 if (key) { 1174 /* We're using one, so create a matching key 1175 * on the newsk structure. If we fail to get 1176 * memory, then we end up not copying the key 1177 * across. Shucks. 1178 */ 1179 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr, 1180 AF_INET6, key->key, key->keylen, 1181 sk_gfp_mask(sk, GFP_ATOMIC)); 1182 } 1183 #endif 1184 1185 if (__inet_inherit_port(sk, newsk) < 0) { 1186 inet_csk_prepare_forced_close(newsk); 1187 tcp_done(newsk); 1188 goto out; 1189 } 1190 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash)); 1191 if (*own_req) { 1192 tcp_move_syn(newtp, req); 1193 1194 /* Clone pktoptions received with SYN, if we own the req */ 1195 if (ireq->pktopts) { 1196 newnp->pktoptions = skb_clone(ireq->pktopts, 1197 sk_gfp_mask(sk, GFP_ATOMIC)); 1198 consume_skb(ireq->pktopts); 1199 ireq->pktopts = NULL; 1200 if (newnp->pktoptions) { 1201 tcp_v6_restore_cb(newnp->pktoptions); 1202 skb_set_owner_r(newnp->pktoptions, newsk); 1203 } 1204 } 1205 } 1206 1207 return newsk; 1208 1209 out_overflow: 1210 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS); 1211 out_nonewsk: 1212 dst_release(dst); 1213 out: 1214 tcp_listendrop(sk); 1215 return NULL; 1216 } 1217 1218 /* The socket must have it's spinlock held when we get 1219 * here, unless it is a TCP_LISTEN socket. 1220 * 1221 * We have a potential double-lock case here, so even when 1222 * doing backlog processing we use the BH locking scheme. 1223 * This is because we cannot sleep with the original spinlock 1224 * held. 1225 */ 1226 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) 1227 { 1228 struct ipv6_pinfo *np = inet6_sk(sk); 1229 struct tcp_sock *tp; 1230 struct sk_buff *opt_skb = NULL; 1231 1232 /* Imagine: socket is IPv6. IPv4 packet arrives, 1233 goes to IPv4 receive handler and backlogged. 1234 From backlog it always goes here. Kerboom... 1235 Fortunately, tcp_rcv_established and rcv_established 1236 handle them correctly, but it is not case with 1237 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK 1238 */ 1239 1240 if (skb->protocol == htons(ETH_P_IP)) 1241 return tcp_v4_do_rcv(sk, skb); 1242 1243 if (tcp_filter(sk, skb)) 1244 goto discard; 1245 1246 /* 1247 * socket locking is here for SMP purposes as backlog rcv 1248 * is currently called with bh processing disabled. 1249 */ 1250 1251 /* Do Stevens' IPV6_PKTOPTIONS. 1252 1253 Yes, guys, it is the only place in our code, where we 1254 may make it not affecting IPv4. 1255 The rest of code is protocol independent, 1256 and I do not like idea to uglify IPv4. 1257 1258 Actually, all the idea behind IPV6_PKTOPTIONS 1259 looks not very well thought. For now we latch 1260 options, received in the last packet, enqueued 1261 by tcp. Feel free to propose better solution. 1262 --ANK (980728) 1263 */ 1264 if (np->rxopt.all) 1265 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC)); 1266 1267 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */ 1268 struct dst_entry *dst = sk->sk_rx_dst; 1269 1270 sock_rps_save_rxhash(sk, skb); 1271 sk_mark_napi_id(sk, skb); 1272 if (dst) { 1273 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif || 1274 dst->ops->check(dst, np->rx_dst_cookie) == NULL) { 1275 dst_release(dst); 1276 sk->sk_rx_dst = NULL; 1277 } 1278 } 1279 1280 tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len); 1281 if (opt_skb) 1282 goto ipv6_pktoptions; 1283 return 0; 1284 } 1285 1286 if (tcp_checksum_complete(skb)) 1287 goto csum_err; 1288 1289 if (sk->sk_state == TCP_LISTEN) { 1290 struct sock *nsk = tcp_v6_cookie_check(sk, skb); 1291 1292 if (!nsk) 1293 goto discard; 1294 1295 if (nsk != sk) { 1296 if (tcp_child_process(sk, nsk, skb)) 1297 goto reset; 1298 if (opt_skb) 1299 __kfree_skb(opt_skb); 1300 return 0; 1301 } 1302 } else 1303 sock_rps_save_rxhash(sk, skb); 1304 1305 if (tcp_rcv_state_process(sk, skb)) 1306 goto reset; 1307 if (opt_skb) 1308 goto ipv6_pktoptions; 1309 return 0; 1310 1311 reset: 1312 tcp_v6_send_reset(sk, skb); 1313 discard: 1314 if (opt_skb) 1315 __kfree_skb(opt_skb); 1316 kfree_skb(skb); 1317 return 0; 1318 csum_err: 1319 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS); 1320 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS); 1321 goto discard; 1322 1323 1324 ipv6_pktoptions: 1325 /* Do you ask, what is it? 1326 1327 1. skb was enqueued by tcp. 1328 2. skb is added to tail of read queue, rather than out of order. 1329 3. socket is not in passive state. 1330 4. Finally, it really contains options, which user wants to receive. 1331 */ 1332 tp = tcp_sk(sk); 1333 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt && 1334 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) { 1335 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo) 1336 np->mcast_oif = tcp_v6_iif(opt_skb); 1337 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) 1338 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit; 1339 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass) 1340 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb)); 1341 if (np->repflow) 1342 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb)); 1343 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) { 1344 skb_set_owner_r(opt_skb, sk); 1345 tcp_v6_restore_cb(opt_skb); 1346 opt_skb = xchg(&np->pktoptions, opt_skb); 1347 } else { 1348 __kfree_skb(opt_skb); 1349 opt_skb = xchg(&np->pktoptions, NULL); 1350 } 1351 } 1352 1353 kfree_skb(opt_skb); 1354 return 0; 1355 } 1356 1357 static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr, 1358 const struct tcphdr *th) 1359 { 1360 /* This is tricky: we move IP6CB at its correct location into 1361 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because 1362 * _decode_session6() uses IP6CB(). 1363 * barrier() makes sure compiler won't play aliasing games. 1364 */ 1365 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb), 1366 sizeof(struct inet6_skb_parm)); 1367 barrier(); 1368 1369 TCP_SKB_CB(skb)->seq = ntohl(th->seq); 1370 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin + 1371 skb->len - th->doff*4); 1372 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq); 1373 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th); 1374 TCP_SKB_CB(skb)->tcp_tw_isn = 0; 1375 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr); 1376 TCP_SKB_CB(skb)->sacked = 0; 1377 } 1378 1379 static int tcp_v6_rcv(struct sk_buff *skb) 1380 { 1381 const struct tcphdr *th; 1382 const struct ipv6hdr *hdr; 1383 bool refcounted; 1384 struct sock *sk; 1385 int ret; 1386 struct net *net = dev_net(skb->dev); 1387 1388 if (skb->pkt_type != PACKET_HOST) 1389 goto discard_it; 1390 1391 /* 1392 * Count it even if it's bad. 1393 */ 1394 __TCP_INC_STATS(net, TCP_MIB_INSEGS); 1395 1396 if (!pskb_may_pull(skb, sizeof(struct tcphdr))) 1397 goto discard_it; 1398 1399 th = (const struct tcphdr *)skb->data; 1400 1401 if (unlikely(th->doff < sizeof(struct tcphdr)/4)) 1402 goto bad_packet; 1403 if (!pskb_may_pull(skb, th->doff*4)) 1404 goto discard_it; 1405 1406 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo)) 1407 goto csum_error; 1408 1409 th = (const struct tcphdr *)skb->data; 1410 hdr = ipv6_hdr(skb); 1411 1412 lookup: 1413 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th), 1414 th->source, th->dest, inet6_iif(skb), 1415 &refcounted); 1416 if (!sk) 1417 goto no_tcp_socket; 1418 1419 process: 1420 if (sk->sk_state == TCP_TIME_WAIT) 1421 goto do_time_wait; 1422 1423 if (sk->sk_state == TCP_NEW_SYN_RECV) { 1424 struct request_sock *req = inet_reqsk(sk); 1425 struct sock *nsk; 1426 1427 sk = req->rsk_listener; 1428 tcp_v6_fill_cb(skb, hdr, th); 1429 if (tcp_v6_inbound_md5_hash(sk, skb)) { 1430 sk_drops_add(sk, skb); 1431 reqsk_put(req); 1432 goto discard_it; 1433 } 1434 if (unlikely(sk->sk_state != TCP_LISTEN)) { 1435 inet_csk_reqsk_queue_drop_and_put(sk, req); 1436 goto lookup; 1437 } 1438 sock_hold(sk); 1439 refcounted = true; 1440 nsk = tcp_check_req(sk, skb, req, false); 1441 if (!nsk) { 1442 reqsk_put(req); 1443 goto discard_and_relse; 1444 } 1445 if (nsk == sk) { 1446 reqsk_put(req); 1447 tcp_v6_restore_cb(skb); 1448 } else if (tcp_child_process(sk, nsk, skb)) { 1449 tcp_v6_send_reset(nsk, skb); 1450 goto discard_and_relse; 1451 } else { 1452 sock_put(sk); 1453 return 0; 1454 } 1455 } 1456 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) { 1457 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP); 1458 goto discard_and_relse; 1459 } 1460 1461 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) 1462 goto discard_and_relse; 1463 1464 tcp_v6_fill_cb(skb, hdr, th); 1465 1466 if (tcp_v6_inbound_md5_hash(sk, skb)) 1467 goto discard_and_relse; 1468 1469 if (tcp_filter(sk, skb)) 1470 goto discard_and_relse; 1471 th = (const struct tcphdr *)skb->data; 1472 hdr = ipv6_hdr(skb); 1473 1474 skb->dev = NULL; 1475 1476 if (sk->sk_state == TCP_LISTEN) { 1477 ret = tcp_v6_do_rcv(sk, skb); 1478 goto put_and_return; 1479 } 1480 1481 sk_incoming_cpu_update(sk); 1482 1483 bh_lock_sock_nested(sk); 1484 tcp_segs_in(tcp_sk(sk), skb); 1485 ret = 0; 1486 if (!sock_owned_by_user(sk)) { 1487 if (!tcp_prequeue(sk, skb)) 1488 ret = tcp_v6_do_rcv(sk, skb); 1489 } else if (tcp_add_backlog(sk, skb)) { 1490 goto discard_and_relse; 1491 } 1492 bh_unlock_sock(sk); 1493 1494 put_and_return: 1495 if (refcounted) 1496 sock_put(sk); 1497 return ret ? -1 : 0; 1498 1499 no_tcp_socket: 1500 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) 1501 goto discard_it; 1502 1503 tcp_v6_fill_cb(skb, hdr, th); 1504 1505 if (tcp_checksum_complete(skb)) { 1506 csum_error: 1507 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS); 1508 bad_packet: 1509 __TCP_INC_STATS(net, TCP_MIB_INERRS); 1510 } else { 1511 tcp_v6_send_reset(NULL, skb); 1512 } 1513 1514 discard_it: 1515 kfree_skb(skb); 1516 return 0; 1517 1518 discard_and_relse: 1519 sk_drops_add(sk, skb); 1520 if (refcounted) 1521 sock_put(sk); 1522 goto discard_it; 1523 1524 do_time_wait: 1525 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1526 inet_twsk_put(inet_twsk(sk)); 1527 goto discard_it; 1528 } 1529 1530 tcp_v6_fill_cb(skb, hdr, th); 1531 1532 if (tcp_checksum_complete(skb)) { 1533 inet_twsk_put(inet_twsk(sk)); 1534 goto csum_error; 1535 } 1536 1537 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) { 1538 case TCP_TW_SYN: 1539 { 1540 struct sock *sk2; 1541 1542 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo, 1543 skb, __tcp_hdrlen(th), 1544 &ipv6_hdr(skb)->saddr, th->source, 1545 &ipv6_hdr(skb)->daddr, 1546 ntohs(th->dest), tcp_v6_iif(skb)); 1547 if (sk2) { 1548 struct inet_timewait_sock *tw = inet_twsk(sk); 1549 inet_twsk_deschedule_put(tw); 1550 sk = sk2; 1551 tcp_v6_restore_cb(skb); 1552 refcounted = false; 1553 goto process; 1554 } 1555 /* Fall through to ACK */ 1556 } 1557 case TCP_TW_ACK: 1558 tcp_v6_timewait_ack(sk, skb); 1559 break; 1560 case TCP_TW_RST: 1561 tcp_v6_restore_cb(skb); 1562 tcp_v6_send_reset(sk, skb); 1563 inet_twsk_deschedule_put(inet_twsk(sk)); 1564 goto discard_it; 1565 case TCP_TW_SUCCESS: 1566 ; 1567 } 1568 goto discard_it; 1569 } 1570 1571 static void tcp_v6_early_demux(struct sk_buff *skb) 1572 { 1573 const struct ipv6hdr *hdr; 1574 const struct tcphdr *th; 1575 struct sock *sk; 1576 1577 if (skb->pkt_type != PACKET_HOST) 1578 return; 1579 1580 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr))) 1581 return; 1582 1583 hdr = ipv6_hdr(skb); 1584 th = tcp_hdr(skb); 1585 1586 if (th->doff < sizeof(struct tcphdr) / 4) 1587 return; 1588 1589 /* Note : We use inet6_iif() here, not tcp_v6_iif() */ 1590 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo, 1591 &hdr->saddr, th->source, 1592 &hdr->daddr, ntohs(th->dest), 1593 inet6_iif(skb)); 1594 if (sk) { 1595 skb->sk = sk; 1596 skb->destructor = sock_edemux; 1597 if (sk_fullsock(sk)) { 1598 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst); 1599 1600 if (dst) 1601 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie); 1602 if (dst && 1603 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif) 1604 skb_dst_set_noref(skb, dst); 1605 } 1606 } 1607 } 1608 1609 static struct timewait_sock_ops tcp6_timewait_sock_ops = { 1610 .twsk_obj_size = sizeof(struct tcp6_timewait_sock), 1611 .twsk_unique = tcp_twsk_unique, 1612 .twsk_destructor = tcp_twsk_destructor, 1613 }; 1614 1615 static const struct inet_connection_sock_af_ops ipv6_specific = { 1616 .queue_xmit = inet6_csk_xmit, 1617 .send_check = tcp_v6_send_check, 1618 .rebuild_header = inet6_sk_rebuild_header, 1619 .sk_rx_dst_set = inet6_sk_rx_dst_set, 1620 .conn_request = tcp_v6_conn_request, 1621 .syn_recv_sock = tcp_v6_syn_recv_sock, 1622 .net_header_len = sizeof(struct ipv6hdr), 1623 .net_frag_header_len = sizeof(struct frag_hdr), 1624 .setsockopt = ipv6_setsockopt, 1625 .getsockopt = ipv6_getsockopt, 1626 .addr2sockaddr = inet6_csk_addr2sockaddr, 1627 .sockaddr_len = sizeof(struct sockaddr_in6), 1628 #ifdef CONFIG_COMPAT 1629 .compat_setsockopt = compat_ipv6_setsockopt, 1630 .compat_getsockopt = compat_ipv6_getsockopt, 1631 #endif 1632 .mtu_reduced = tcp_v6_mtu_reduced, 1633 }; 1634 1635 #ifdef CONFIG_TCP_MD5SIG 1636 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = { 1637 .md5_lookup = tcp_v6_md5_lookup, 1638 .calc_md5_hash = tcp_v6_md5_hash_skb, 1639 .md5_parse = tcp_v6_parse_md5_keys, 1640 }; 1641 #endif 1642 1643 /* 1644 * TCP over IPv4 via INET6 API 1645 */ 1646 static const struct inet_connection_sock_af_ops ipv6_mapped = { 1647 .queue_xmit = ip_queue_xmit, 1648 .send_check = tcp_v4_send_check, 1649 .rebuild_header = inet_sk_rebuild_header, 1650 .sk_rx_dst_set = inet_sk_rx_dst_set, 1651 .conn_request = tcp_v6_conn_request, 1652 .syn_recv_sock = tcp_v6_syn_recv_sock, 1653 .net_header_len = sizeof(struct iphdr), 1654 .setsockopt = ipv6_setsockopt, 1655 .getsockopt = ipv6_getsockopt, 1656 .addr2sockaddr = inet6_csk_addr2sockaddr, 1657 .sockaddr_len = sizeof(struct sockaddr_in6), 1658 #ifdef CONFIG_COMPAT 1659 .compat_setsockopt = compat_ipv6_setsockopt, 1660 .compat_getsockopt = compat_ipv6_getsockopt, 1661 #endif 1662 .mtu_reduced = tcp_v4_mtu_reduced, 1663 }; 1664 1665 #ifdef CONFIG_TCP_MD5SIG 1666 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = { 1667 .md5_lookup = tcp_v4_md5_lookup, 1668 .calc_md5_hash = tcp_v4_md5_hash_skb, 1669 .md5_parse = tcp_v6_parse_md5_keys, 1670 }; 1671 #endif 1672 1673 /* NOTE: A lot of things set to zero explicitly by call to 1674 * sk_alloc() so need not be done here. 1675 */ 1676 static int tcp_v6_init_sock(struct sock *sk) 1677 { 1678 struct inet_connection_sock *icsk = inet_csk(sk); 1679 1680 tcp_init_sock(sk); 1681 1682 icsk->icsk_af_ops = &ipv6_specific; 1683 1684 #ifdef CONFIG_TCP_MD5SIG 1685 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific; 1686 #endif 1687 1688 return 0; 1689 } 1690 1691 static void tcp_v6_destroy_sock(struct sock *sk) 1692 { 1693 tcp_v4_destroy_sock(sk); 1694 inet6_destroy_sock(sk); 1695 } 1696 1697 #ifdef CONFIG_PROC_FS 1698 /* Proc filesystem TCPv6 sock list dumping. */ 1699 static void get_openreq6(struct seq_file *seq, 1700 const struct request_sock *req, int i) 1701 { 1702 long ttd = req->rsk_timer.expires - jiffies; 1703 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr; 1704 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr; 1705 1706 if (ttd < 0) 1707 ttd = 0; 1708 1709 seq_printf(seq, 1710 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1711 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n", 1712 i, 1713 src->s6_addr32[0], src->s6_addr32[1], 1714 src->s6_addr32[2], src->s6_addr32[3], 1715 inet_rsk(req)->ir_num, 1716 dest->s6_addr32[0], dest->s6_addr32[1], 1717 dest->s6_addr32[2], dest->s6_addr32[3], 1718 ntohs(inet_rsk(req)->ir_rmt_port), 1719 TCP_SYN_RECV, 1720 0, 0, /* could print option size, but that is af dependent. */ 1721 1, /* timers active (only the expire timer) */ 1722 jiffies_to_clock_t(ttd), 1723 req->num_timeout, 1724 from_kuid_munged(seq_user_ns(seq), 1725 sock_i_uid(req->rsk_listener)), 1726 0, /* non standard timer */ 1727 0, /* open_requests have no inode */ 1728 0, req); 1729 } 1730 1731 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) 1732 { 1733 const struct in6_addr *dest, *src; 1734 __u16 destp, srcp; 1735 int timer_active; 1736 unsigned long timer_expires; 1737 const struct inet_sock *inet = inet_sk(sp); 1738 const struct tcp_sock *tp = tcp_sk(sp); 1739 const struct inet_connection_sock *icsk = inet_csk(sp); 1740 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq; 1741 int rx_queue; 1742 int state; 1743 1744 dest = &sp->sk_v6_daddr; 1745 src = &sp->sk_v6_rcv_saddr; 1746 destp = ntohs(inet->inet_dport); 1747 srcp = ntohs(inet->inet_sport); 1748 1749 if (icsk->icsk_pending == ICSK_TIME_RETRANS || 1750 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT || 1751 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) { 1752 timer_active = 1; 1753 timer_expires = icsk->icsk_timeout; 1754 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) { 1755 timer_active = 4; 1756 timer_expires = icsk->icsk_timeout; 1757 } else if (timer_pending(&sp->sk_timer)) { 1758 timer_active = 2; 1759 timer_expires = sp->sk_timer.expires; 1760 } else { 1761 timer_active = 0; 1762 timer_expires = jiffies; 1763 } 1764 1765 state = sk_state_load(sp); 1766 if (state == TCP_LISTEN) 1767 rx_queue = sp->sk_ack_backlog; 1768 else 1769 /* Because we don't lock the socket, 1770 * we might find a transient negative value. 1771 */ 1772 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0); 1773 1774 seq_printf(seq, 1775 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1776 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n", 1777 i, 1778 src->s6_addr32[0], src->s6_addr32[1], 1779 src->s6_addr32[2], src->s6_addr32[3], srcp, 1780 dest->s6_addr32[0], dest->s6_addr32[1], 1781 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1782 state, 1783 tp->write_seq - tp->snd_una, 1784 rx_queue, 1785 timer_active, 1786 jiffies_delta_to_clock_t(timer_expires - jiffies), 1787 icsk->icsk_retransmits, 1788 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), 1789 icsk->icsk_probes_out, 1790 sock_i_ino(sp), 1791 atomic_read(&sp->sk_refcnt), sp, 1792 jiffies_to_clock_t(icsk->icsk_rto), 1793 jiffies_to_clock_t(icsk->icsk_ack.ato), 1794 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong, 1795 tp->snd_cwnd, 1796 state == TCP_LISTEN ? 1797 fastopenq->max_qlen : 1798 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh) 1799 ); 1800 } 1801 1802 static void get_timewait6_sock(struct seq_file *seq, 1803 struct inet_timewait_sock *tw, int i) 1804 { 1805 long delta = tw->tw_timer.expires - jiffies; 1806 const struct in6_addr *dest, *src; 1807 __u16 destp, srcp; 1808 1809 dest = &tw->tw_v6_daddr; 1810 src = &tw->tw_v6_rcv_saddr; 1811 destp = ntohs(tw->tw_dport); 1812 srcp = ntohs(tw->tw_sport); 1813 1814 seq_printf(seq, 1815 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1816 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n", 1817 i, 1818 src->s6_addr32[0], src->s6_addr32[1], 1819 src->s6_addr32[2], src->s6_addr32[3], srcp, 1820 dest->s6_addr32[0], dest->s6_addr32[1], 1821 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1822 tw->tw_substate, 0, 0, 1823 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0, 1824 atomic_read(&tw->tw_refcnt), tw); 1825 } 1826 1827 static int tcp6_seq_show(struct seq_file *seq, void *v) 1828 { 1829 struct tcp_iter_state *st; 1830 struct sock *sk = v; 1831 1832 if (v == SEQ_START_TOKEN) { 1833 seq_puts(seq, 1834 " sl " 1835 "local_address " 1836 "remote_address " 1837 "st tx_queue rx_queue tr tm->when retrnsmt" 1838 " uid timeout inode\n"); 1839 goto out; 1840 } 1841 st = seq->private; 1842 1843 if (sk->sk_state == TCP_TIME_WAIT) 1844 get_timewait6_sock(seq, v, st->num); 1845 else if (sk->sk_state == TCP_NEW_SYN_RECV) 1846 get_openreq6(seq, v, st->num); 1847 else 1848 get_tcp6_sock(seq, v, st->num); 1849 out: 1850 return 0; 1851 } 1852 1853 static const struct file_operations tcp6_afinfo_seq_fops = { 1854 .owner = THIS_MODULE, 1855 .open = tcp_seq_open, 1856 .read = seq_read, 1857 .llseek = seq_lseek, 1858 .release = seq_release_net 1859 }; 1860 1861 static struct tcp_seq_afinfo tcp6_seq_afinfo = { 1862 .name = "tcp6", 1863 .family = AF_INET6, 1864 .seq_fops = &tcp6_afinfo_seq_fops, 1865 .seq_ops = { 1866 .show = tcp6_seq_show, 1867 }, 1868 }; 1869 1870 int __net_init tcp6_proc_init(struct net *net) 1871 { 1872 return tcp_proc_register(net, &tcp6_seq_afinfo); 1873 } 1874 1875 void tcp6_proc_exit(struct net *net) 1876 { 1877 tcp_proc_unregister(net, &tcp6_seq_afinfo); 1878 } 1879 #endif 1880 1881 struct proto tcpv6_prot = { 1882 .name = "TCPv6", 1883 .owner = THIS_MODULE, 1884 .close = tcp_close, 1885 .connect = tcp_v6_connect, 1886 .disconnect = tcp_disconnect, 1887 .accept = inet_csk_accept, 1888 .ioctl = tcp_ioctl, 1889 .init = tcp_v6_init_sock, 1890 .destroy = tcp_v6_destroy_sock, 1891 .shutdown = tcp_shutdown, 1892 .setsockopt = tcp_setsockopt, 1893 .getsockopt = tcp_getsockopt, 1894 .keepalive = tcp_set_keepalive, 1895 .recvmsg = tcp_recvmsg, 1896 .sendmsg = tcp_sendmsg, 1897 .sendpage = tcp_sendpage, 1898 .backlog_rcv = tcp_v6_do_rcv, 1899 .release_cb = tcp_release_cb, 1900 .hash = inet6_hash, 1901 .unhash = inet_unhash, 1902 .get_port = inet_csk_get_port, 1903 .enter_memory_pressure = tcp_enter_memory_pressure, 1904 .stream_memory_free = tcp_stream_memory_free, 1905 .sockets_allocated = &tcp_sockets_allocated, 1906 .memory_allocated = &tcp_memory_allocated, 1907 .memory_pressure = &tcp_memory_pressure, 1908 .orphan_count = &tcp_orphan_count, 1909 .sysctl_mem = sysctl_tcp_mem, 1910 .sysctl_wmem = sysctl_tcp_wmem, 1911 .sysctl_rmem = sysctl_tcp_rmem, 1912 .max_header = MAX_TCP_HEADER, 1913 .obj_size = sizeof(struct tcp6_sock), 1914 .slab_flags = SLAB_DESTROY_BY_RCU, 1915 .twsk_prot = &tcp6_timewait_sock_ops, 1916 .rsk_prot = &tcp6_request_sock_ops, 1917 .h.hashinfo = &tcp_hashinfo, 1918 .no_autobind = true, 1919 #ifdef CONFIG_COMPAT 1920 .compat_setsockopt = compat_tcp_setsockopt, 1921 .compat_getsockopt = compat_tcp_getsockopt, 1922 #endif 1923 .diag_destroy = tcp_abort, 1924 }; 1925 1926 static struct inet6_protocol tcpv6_protocol = { 1927 .early_demux = tcp_v6_early_demux, 1928 .early_demux_handler = tcp_v6_early_demux, 1929 .handler = tcp_v6_rcv, 1930 .err_handler = tcp_v6_err, 1931 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 1932 }; 1933 1934 static struct inet_protosw tcpv6_protosw = { 1935 .type = SOCK_STREAM, 1936 .protocol = IPPROTO_TCP, 1937 .prot = &tcpv6_prot, 1938 .ops = &inet6_stream_ops, 1939 .flags = INET_PROTOSW_PERMANENT | 1940 INET_PROTOSW_ICSK, 1941 }; 1942 1943 static int __net_init tcpv6_net_init(struct net *net) 1944 { 1945 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6, 1946 SOCK_RAW, IPPROTO_TCP, net); 1947 } 1948 1949 static void __net_exit tcpv6_net_exit(struct net *net) 1950 { 1951 inet_ctl_sock_destroy(net->ipv6.tcp_sk); 1952 } 1953 1954 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list) 1955 { 1956 inet_twsk_purge(&tcp_hashinfo, AF_INET6); 1957 } 1958 1959 static struct pernet_operations tcpv6_net_ops = { 1960 .init = tcpv6_net_init, 1961 .exit = tcpv6_net_exit, 1962 .exit_batch = tcpv6_net_exit_batch, 1963 }; 1964 1965 int __init tcpv6_init(void) 1966 { 1967 int ret; 1968 1969 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP); 1970 if (ret) 1971 goto out; 1972 1973 /* register inet6 protocol */ 1974 ret = inet6_register_protosw(&tcpv6_protosw); 1975 if (ret) 1976 goto out_tcpv6_protocol; 1977 1978 ret = register_pernet_subsys(&tcpv6_net_ops); 1979 if (ret) 1980 goto out_tcpv6_protosw; 1981 out: 1982 return ret; 1983 1984 out_tcpv6_protosw: 1985 inet6_unregister_protosw(&tcpv6_protosw); 1986 out_tcpv6_protocol: 1987 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP); 1988 goto out; 1989 } 1990 1991 void tcpv6_exit(void) 1992 { 1993 unregister_pernet_subsys(&tcpv6_net_ops); 1994 inet6_unregister_protosw(&tcpv6_protosw); 1995 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP); 1996 } 1997