search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[NETFILTER]: x_tables: remove unused size argument to check/destroy functions
[linux-2.6.22.y-op.git] / net / ipv6 / tcp_ipv6.c
blob7f1b660493b78497d357c6bf7a301e3fc511cdba
1 /*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * $Id: tcp_ipv6.c,v 1.144 2002/02/01 22:01:04 davem Exp $
9 *
10 * Based on:
11 * linux/net/ipv4/tcp.c
12 * linux/net/ipv4/tcp_input.c
13 * linux/net/ipv4/tcp_output.c
14 *
15 * Fixes:
16 * Hideaki YOSHIFUJI : sin6_scope_id support
17 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
18 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
19 * a single port at the same time.
20 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
21 *
22 * This program is free software; you can redistribute it and/or
23 * modify it under the terms of the GNU General Public License
24 * as published by the Free Software Foundation; either version
25 * 2 of the License, or (at your option) any later version.
26 */
27
28 #include <linux/module.h>
29 #include <linux/errno.h>
30 #include <linux/types.h>
31 #include <linux/socket.h>
32 #include <linux/sockios.h>
33 #include <linux/net.h>
34 #include <linux/jiffies.h>
35 #include <linux/in.h>
36 #include <linux/in6.h>
37 #include <linux/netdevice.h>
38 #include <linux/init.h>
39 #include <linux/jhash.h>
40 #include <linux/ipsec.h>
41 #include <linux/times.h>
42
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
46
47 #include <net/tcp.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
51 #include <net/ipv6.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
58 #include <net/xfrm.h>
59 #include <net/addrconf.h>
60 #include <net/snmp.h>
61 #include <net/dsfield.h>
62 #include <net/timewait_sock.h>
63
64 #include <asm/uaccess.h>
65
66 #include <linux/proc_fs.h>
67 #include <linux/seq_file.h>
68
69 /* Socket used for sending RSTs and ACKs */
70 static struct socket *tcp6_socket;
71
72 static void tcp_v6_send_reset(struct sk_buff *skb);
73 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req);
74 static void tcp_v6_send_check(struct sock *sk, int len,
75 struct sk_buff *skb);
76
77 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
78
79 static struct inet_connection_sock_af_ops ipv6_mapped;
80 static struct inet_connection_sock_af_ops ipv6_specific;
81
82 static int tcp_v6_get_port(struct sock *sk, unsigned short snum)
83 {
84 return inet_csk_get_port(&tcp_hashinfo, sk, snum,
85 inet6_csk_bind_conflict);
86 }
87
88 static void tcp_v6_hash(struct sock *sk)
89 {
90 if (sk->sk_state != TCP_CLOSE) {
91 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
92 tcp_prot.hash(sk);
93 return;
94 }
95 local_bh_disable();
96 __inet6_hash(&tcp_hashinfo, sk);
97 local_bh_enable();
98 }
99 }
100
101 static __inline__ u16 tcp_v6_check(struct tcphdr *th, int len,
102 struct in6_addr *saddr,
103 struct in6_addr *daddr,
104 unsigned long base)
105 {
106 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
107 }
108
109 static __u32 tcp_v6_init_sequence(struct sock *sk, struct sk_buff *skb)
110 {
111 if (skb->protocol == htons(ETH_P_IPV6)) {
112 return secure_tcpv6_sequence_number(skb->nh.ipv6h->daddr.s6_addr32,
113 skb->nh.ipv6h->saddr.s6_addr32,
114 skb->h.th->dest,
115 skb->h.th->source);
116 } else {
117 return secure_tcp_sequence_number(skb->nh.iph->daddr,
118 skb->nh.iph->saddr,
119 skb->h.th->dest,
120 skb->h.th->source);
121 }
122 }
123
124 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
125 int addr_len)
126 {
127 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
128 struct inet_sock *inet = inet_sk(sk);
129 struct inet_connection_sock *icsk = inet_csk(sk);
130 struct ipv6_pinfo *np = inet6_sk(sk);
131 struct tcp_sock *tp = tcp_sk(sk);
132 struct in6_addr *saddr = NULL, *final_p = NULL, final;
133 struct flowi fl;
134 struct dst_entry *dst;
135 int addr_type;
136 int err;
137
138 if (addr_len < SIN6_LEN_RFC2133)
139 return -EINVAL;
140
141 if (usin->sin6_family != AF_INET6)
142 return(-EAFNOSUPPORT);
143
144 memset(&fl, 0, sizeof(fl));
145
146 if (np->sndflow) {
147 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
148 IP6_ECN_flow_init(fl.fl6_flowlabel);
149 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
150 struct ip6_flowlabel *flowlabel;
151 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
152 if (flowlabel == NULL)
153 return -EINVAL;
154 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
155 fl6_sock_release(flowlabel);
156 }
157 }
158
159 /*
160 * connect() to INADDR_ANY means loopback (BSD'ism).
161 */
162
163 if(ipv6_addr_any(&usin->sin6_addr))
164 usin->sin6_addr.s6_addr[15] = 0x1;
165
166 addr_type = ipv6_addr_type(&usin->sin6_addr);
167
168 if(addr_type & IPV6_ADDR_MULTICAST)
169 return -ENETUNREACH;
170
171 if (addr_type&IPV6_ADDR_LINKLOCAL) {
172 if (addr_len >= sizeof(struct sockaddr_in6) &&
173 usin->sin6_scope_id) {
174 /* If interface is set while binding, indices
175 * must coincide.
176 */
177 if (sk->sk_bound_dev_if &&
178 sk->sk_bound_dev_if != usin->sin6_scope_id)
179 return -EINVAL;
180
181 sk->sk_bound_dev_if = usin->sin6_scope_id;
182 }
183
184 /* Connect to link-local address requires an interface */
185 if (!sk->sk_bound_dev_if)
186 return -EINVAL;
187 }
188
189 if (tp->rx_opt.ts_recent_stamp &&
190 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
191 tp->rx_opt.ts_recent = 0;
192 tp->rx_opt.ts_recent_stamp = 0;
193 tp->write_seq = 0;
194 }
195
196 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
197 np->flow_label = fl.fl6_flowlabel;
198
199 /*
200 * TCP over IPv4
201 */
202
203 if (addr_type == IPV6_ADDR_MAPPED) {
204 u32 exthdrlen = icsk->icsk_ext_hdr_len;
205 struct sockaddr_in sin;
206
207 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
208
209 if (__ipv6_only_sock(sk))
210 return -ENETUNREACH;
211
212 sin.sin_family = AF_INET;
213 sin.sin_port = usin->sin6_port;
214 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
215
216 icsk->icsk_af_ops = &ipv6_mapped;
217 sk->sk_backlog_rcv = tcp_v4_do_rcv;
218
219 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
220
221 if (err) {
222 icsk->icsk_ext_hdr_len = exthdrlen;
223 icsk->icsk_af_ops = &ipv6_specific;
224 sk->sk_backlog_rcv = tcp_v6_do_rcv;
225 goto failure;
226 } else {
227 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
228 inet->saddr);
229 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
230 inet->rcv_saddr);
231 }
232
233 return err;
234 }
235
236 if (!ipv6_addr_any(&np->rcv_saddr))
237 saddr = &np->rcv_saddr;
238
239 fl.proto = IPPROTO_TCP;
240 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
241 ipv6_addr_copy(&fl.fl6_src,
242 (saddr ? saddr : &np->saddr));
243 fl.oif = sk->sk_bound_dev_if;
244 fl.fl_ip_dport = usin->sin6_port;
245 fl.fl_ip_sport = inet->sport;
246
247 if (np->opt && np->opt->srcrt) {
248 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
249 ipv6_addr_copy(&final, &fl.fl6_dst);
250 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
251 final_p = &final;
252 }
253
254 security_sk_classify_flow(sk, &fl);
255
256 err = ip6_dst_lookup(sk, &dst, &fl);
257 if (err)
258 goto failure;
259 if (final_p)
260 ipv6_addr_copy(&fl.fl6_dst, final_p);
261
262 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
263 goto failure;
264
265 if (saddr == NULL) {
266 saddr = &fl.fl6_src;
267 ipv6_addr_copy(&np->rcv_saddr, saddr);
268 }
269
270 /* set the source address */
271 ipv6_addr_copy(&np->saddr, saddr);
272 inet->rcv_saddr = LOOPBACK4_IPV6;
273
274 sk->sk_gso_type = SKB_GSO_TCPV6;
275 __ip6_dst_store(sk, dst, NULL);
276
277 icsk->icsk_ext_hdr_len = 0;
278 if (np->opt)
279 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
280 np->opt->opt_nflen);
281
282 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
283
284 inet->dport = usin->sin6_port;
285
286 tcp_set_state(sk, TCP_SYN_SENT);
287 err = inet6_hash_connect(&tcp_death_row, sk);
288 if (err)
289 goto late_failure;
290
291 if (!tp->write_seq)
292 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
293 np->daddr.s6_addr32,
294 inet->sport,
295 inet->dport);
296
297 err = tcp_connect(sk);
298 if (err)
299 goto late_failure;
300
301 return 0;
302
303 late_failure:
304 tcp_set_state(sk, TCP_CLOSE);
305 __sk_dst_reset(sk);
306 failure:
307 inet->dport = 0;
308 sk->sk_route_caps = 0;
309 return err;
310 }
311
312 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
313 int type, int code, int offset, __u32 info)
314 {
315 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
316 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
317 struct ipv6_pinfo *np;
318 struct sock *sk;
319 int err;
320 struct tcp_sock *tp;
321 __u32 seq;
322
323 sk = inet6_lookup(&tcp_hashinfo, &hdr->daddr, th->dest, &hdr->saddr,
324 th->source, skb->dev->ifindex);
325
326 if (sk == NULL) {
327 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
328 return;
329 }
330
331 if (sk->sk_state == TCP_TIME_WAIT) {
332 inet_twsk_put((struct inet_timewait_sock *)sk);
333 return;
334 }
335
336 bh_lock_sock(sk);
337 if (sock_owned_by_user(sk))
338 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
339
340 if (sk->sk_state == TCP_CLOSE)
341 goto out;
342
343 tp = tcp_sk(sk);
344 seq = ntohl(th->seq);
345 if (sk->sk_state != TCP_LISTEN &&
346 !between(seq, tp->snd_una, tp->snd_nxt)) {
347 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
348 goto out;
349 }
350
351 np = inet6_sk(sk);
352
353 if (type == ICMPV6_PKT_TOOBIG) {
354 struct dst_entry *dst = NULL;
355
356 if (sock_owned_by_user(sk))
357 goto out;
358 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
359 goto out;
360
361 /* icmp should have updated the destination cache entry */
362 dst = __sk_dst_check(sk, np->dst_cookie);
363
364 if (dst == NULL) {
365 struct inet_sock *inet = inet_sk(sk);
366 struct flowi fl;
367
368 /* BUGGG_FUTURE: Again, it is not clear how
369 to handle rthdr case. Ignore this complexity
370 for now.
371 */
372 memset(&fl, 0, sizeof(fl));
373 fl.proto = IPPROTO_TCP;
374 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
375 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
376 fl.oif = sk->sk_bound_dev_if;
377 fl.fl_ip_dport = inet->dport;
378 fl.fl_ip_sport = inet->sport;
379 security_skb_classify_flow(skb, &fl);
380
381 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
382 sk->sk_err_soft = -err;
383 goto out;
384 }
385
386 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
387 sk->sk_err_soft = -err;
388 goto out;
389 }
390
391 } else
392 dst_hold(dst);
393
394 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
395 tcp_sync_mss(sk, dst_mtu(dst));
396 tcp_simple_retransmit(sk);
397 } /* else let the usual retransmit timer handle it */
398 dst_release(dst);
399 goto out;
400 }
401
402 icmpv6_err_convert(type, code, &err);
403
404 /* Might be for an request_sock */
405 switch (sk->sk_state) {
406 struct request_sock *req, **prev;
407 case TCP_LISTEN:
408 if (sock_owned_by_user(sk))
409 goto out;
410
411 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
412 &hdr->saddr, inet6_iif(skb));
413 if (!req)
414 goto out;
415
416 /* ICMPs are not backlogged, hence we cannot get
417 * an established socket here.
418 */
419 BUG_TRAP(req->sk == NULL);
420
421 if (seq != tcp_rsk(req)->snt_isn) {
422 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
423 goto out;
424 }
425
426 inet_csk_reqsk_queue_drop(sk, req, prev);
427 goto out;
428
429 case TCP_SYN_SENT:
430 case TCP_SYN_RECV: /* Cannot happen.
431 It can, it SYNs are crossed. --ANK */
432 if (!sock_owned_by_user(sk)) {
433 sk->sk_err = err;
434 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
435
436 tcp_done(sk);
437 } else
438 sk->sk_err_soft = err;
439 goto out;
440 }
441
442 if (!sock_owned_by_user(sk) && np->recverr) {
443 sk->sk_err = err;
444 sk->sk_error_report(sk);
445 } else
446 sk->sk_err_soft = err;
447
448 out:
449 bh_unlock_sock(sk);
450 sock_put(sk);
451 }
452
453
454 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req,
455 struct dst_entry *dst)
456 {
457 struct inet6_request_sock *treq = inet6_rsk(req);
458 struct ipv6_pinfo *np = inet6_sk(sk);
459 struct sk_buff * skb;
460 struct ipv6_txoptions *opt = NULL;
461 struct in6_addr * final_p = NULL, final;
462 struct flowi fl;
463 int err = -1;
464
465 memset(&fl, 0, sizeof(fl));
466 fl.proto = IPPROTO_TCP;
467 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
468 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
469 fl.fl6_flowlabel = 0;
470 fl.oif = treq->iif;
471 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
472 fl.fl_ip_sport = inet_sk(sk)->sport;
473 security_req_classify_flow(req, &fl);
474
475 if (dst == NULL) {
476 opt = np->opt;
477 if (opt == NULL &&
478 np->rxopt.bits.osrcrt == 2 &&
479 treq->pktopts) {
480 struct sk_buff *pktopts = treq->pktopts;
481 struct inet6_skb_parm *rxopt = IP6CB(pktopts);
482 if (rxopt->srcrt)
483 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr*)(pktopts->nh.raw + rxopt->srcrt));
484 }
485
486 if (opt && opt->srcrt) {
487 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
488 ipv6_addr_copy(&final, &fl.fl6_dst);
489 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
490 final_p = &final;
491 }
492
493 err = ip6_dst_lookup(sk, &dst, &fl);
494 if (err)
495 goto done;
496 if (final_p)
497 ipv6_addr_copy(&fl.fl6_dst, final_p);
498 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
499 goto done;
500 }
501
502 skb = tcp_make_synack(sk, dst, req);
503 if (skb) {
504 struct tcphdr *th = skb->h.th;
505
506 th->check = tcp_v6_check(th, skb->len,
507 &treq->loc_addr, &treq->rmt_addr,
508 csum_partial((char *)th, skb->len, skb->csum));
509
510 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
511 err = ip6_xmit(sk, skb, &fl, opt, 0);
512 if (err == NET_XMIT_CN)
513 err = 0;
514 }
515
516 done:
517 if (opt && opt != np->opt)
518 sock_kfree_s(sk, opt, opt->tot_len);
519 dst_release(dst);
520 return err;
521 }
522
523 static void tcp_v6_reqsk_destructor(struct request_sock *req)
524 {
525 if (inet6_rsk(req)->pktopts)
526 kfree_skb(inet6_rsk(req)->pktopts);
527 }
528
529 static struct request_sock_ops tcp6_request_sock_ops = {
530 .family = AF_INET6,
531 .obj_size = sizeof(struct tcp6_request_sock),
532 .rtx_syn_ack = tcp_v6_send_synack,
533 .send_ack = tcp_v6_reqsk_send_ack,
534 .destructor = tcp_v6_reqsk_destructor,
535 .send_reset = tcp_v6_send_reset
536 };
537
538 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
539 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
540 .twsk_unique = tcp_twsk_unique,
541 };
542
543 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb)
544 {
545 struct ipv6_pinfo *np = inet6_sk(sk);
546 struct tcphdr *th = skb->h.th;
547
548 if (skb->ip_summed == CHECKSUM_PARTIAL) {
549 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
550 skb->csum = offsetof(struct tcphdr, check);
551 } else {
552 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
553 csum_partial((char *)th, th->doff<<2,
554 skb->csum));
555 }
556 }
557
558 static int tcp_v6_gso_send_check(struct sk_buff *skb)
559 {
560 struct ipv6hdr *ipv6h;
561 struct tcphdr *th;
562
563 if (!pskb_may_pull(skb, sizeof(*th)))
564 return -EINVAL;
565
566 ipv6h = skb->nh.ipv6h;
567 th = skb->h.th;
568
569 th->check = 0;
570 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
571 IPPROTO_TCP, 0);
572 skb->csum = offsetof(struct tcphdr, check);
573 skb->ip_summed = CHECKSUM_PARTIAL;
574 return 0;
575 }
576
577 static void tcp_v6_send_reset(struct sk_buff *skb)
578 {
579 struct tcphdr *th = skb->h.th, *t1;
580 struct sk_buff *buff;
581 struct flowi fl;
582
583 if (th->rst)
584 return;
585
586 if (!ipv6_unicast_destination(skb))
587 return;
588
589 /*
590 * We need to grab some memory, and put together an RST,
591 * and then put it into the queue to be sent.
592 */
593
594 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr),
595 GFP_ATOMIC);
596 if (buff == NULL)
597 return;
598
599 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr));
600
601 t1 = (struct tcphdr *) skb_push(buff,sizeof(struct tcphdr));
602
603 /* Swap the send and the receive. */
604 memset(t1, 0, sizeof(*t1));
605 t1->dest = th->source;
606 t1->source = th->dest;
607 t1->doff = sizeof(*t1)/4;
608 t1->rst = 1;
609
610 if(th->ack) {
611 t1->seq = th->ack_seq;
612 } else {
613 t1->ack = 1;
614 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin
615 + skb->len - (th->doff<<2));
616 }
617
618 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0);
619
620 memset(&fl, 0, sizeof(fl));
621 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr);
622 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr);
623
624 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
625 sizeof(*t1), IPPROTO_TCP,
626 buff->csum);
627
628 fl.proto = IPPROTO_TCP;
629 fl.oif = inet6_iif(skb);
630 fl.fl_ip_dport = t1->dest;
631 fl.fl_ip_sport = t1->source;
632 security_skb_classify_flow(skb, &fl);
633
634 /* sk = NULL, but it is safe for now. RST socket required. */
635 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
636
637 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
638 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
639 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
640 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
641 return;
642 }
643 }
644
645 kfree_skb(buff);
646 }
647
648 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts)
649 {
650 struct tcphdr *th = skb->h.th, *t1;
651 struct sk_buff *buff;
652 struct flowi fl;
653 int tot_len = sizeof(struct tcphdr);
654
655 if (ts)
656 tot_len += 3*4;
657
658 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
659 GFP_ATOMIC);
660 if (buff == NULL)
661 return;
662
663 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
664
665 t1 = (struct tcphdr *) skb_push(buff,tot_len);
666
667 /* Swap the send and the receive. */
668 memset(t1, 0, sizeof(*t1));
669 t1->dest = th->source;
670 t1->source = th->dest;
671 t1->doff = tot_len/4;
672 t1->seq = htonl(seq);
673 t1->ack_seq = htonl(ack);
674 t1->ack = 1;
675 t1->window = htons(win);
676
677 if (ts) {
678 u32 *ptr = (u32*)(t1 + 1);
679 *ptr++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
680 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
681 *ptr++ = htonl(tcp_time_stamp);
682 *ptr = htonl(ts);
683 }
684
685 buff->csum = csum_partial((char *)t1, tot_len, 0);
686
687 memset(&fl, 0, sizeof(fl));
688 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr);
689 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr);
690
691 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
692 tot_len, IPPROTO_TCP,
693 buff->csum);
694
695 fl.proto = IPPROTO_TCP;
696 fl.oif = inet6_iif(skb);
697 fl.fl_ip_dport = t1->dest;
698 fl.fl_ip_sport = t1->source;
699 security_skb_classify_flow(skb, &fl);
700
701 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
702 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
703 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
704 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
705 return;
706 }
707 }
708
709 kfree_skb(buff);
710 }
711
712 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
713 {
714 struct inet_timewait_sock *tw = inet_twsk(sk);
715 const struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
716
717 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
718 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
719 tcptw->tw_ts_recent);
720
721 inet_twsk_put(tw);
722 }
723
724 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req)
725 {
726 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent);
727 }
728
729
730 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
731 {
732 struct request_sock *req, **prev;
733 const struct tcphdr *th = skb->h.th;
734 struct sock *nsk;
735
736 /* Find possible connection requests. */
737 req = inet6_csk_search_req(sk, &prev, th->source,
738 &skb->nh.ipv6h->saddr,
739 &skb->nh.ipv6h->daddr, inet6_iif(skb));
740 if (req)
741 return tcp_check_req(sk, skb, req, prev);
742
743 nsk = __inet6_lookup_established(&tcp_hashinfo, &skb->nh.ipv6h->saddr,
744 th->source, &skb->nh.ipv6h->daddr,
745 ntohs(th->dest), inet6_iif(skb));
746
747 if (nsk) {
748 if (nsk->sk_state != TCP_TIME_WAIT) {
749 bh_lock_sock(nsk);
750 return nsk;
751 }
752 inet_twsk_put((struct inet_timewait_sock *)nsk);
753 return NULL;
754 }
755
756 #if 0 /*def CONFIG_SYN_COOKIES*/
757 if (!th->rst && !th->syn && th->ack)
758 sk = cookie_v6_check(sk, skb, &(IPCB(skb)->opt));
759 #endif
760 return sk;
761 }
762
763 /* FIXME: this is substantially similar to the ipv4 code.
764 * Can some kind of merge be done? -- erics
765 */
766 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
767 {
768 struct inet6_request_sock *treq;
769 struct ipv6_pinfo *np = inet6_sk(sk);
770 struct tcp_options_received tmp_opt;
771 struct tcp_sock *tp = tcp_sk(sk);
772 struct request_sock *req = NULL;
773 __u32 isn = TCP_SKB_CB(skb)->when;
774
775 if (skb->protocol == htons(ETH_P_IP))
776 return tcp_v4_conn_request(sk, skb);
777
778 if (!ipv6_unicast_destination(skb))
779 goto drop;
780
781 /*
782 * There are no SYN attacks on IPv6, yet...
783 */
784 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
785 if (net_ratelimit())
786 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n");
787 goto drop;
788 }
789
790 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
791 goto drop;
792
793 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
794 if (req == NULL)
795 goto drop;
796
797 tcp_clear_options(&tmp_opt);
798 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
799 tmp_opt.user_mss = tp->rx_opt.user_mss;
800
801 tcp_parse_options(skb, &tmp_opt, 0);
802
803 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
804 tcp_openreq_init(req, &tmp_opt, skb);
805
806 treq = inet6_rsk(req);
807 ipv6_addr_copy(&treq->rmt_addr, &skb->nh.ipv6h->saddr);
808 ipv6_addr_copy(&treq->loc_addr, &skb->nh.ipv6h->daddr);
809 TCP_ECN_create_request(req, skb->h.th);
810 treq->pktopts = NULL;
811 if (ipv6_opt_accepted(sk, skb) ||
812 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
813 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
814 atomic_inc(&skb->users);
815 treq->pktopts = skb;
816 }
817 treq->iif = sk->sk_bound_dev_if;
818
819 /* So that link locals have meaning */
820 if (!sk->sk_bound_dev_if &&
821 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
822 treq->iif = inet6_iif(skb);
823
824 if (isn == 0)
825 isn = tcp_v6_init_sequence(sk,skb);
826
827 tcp_rsk(req)->snt_isn = isn;
828
829 security_inet_conn_request(sk, skb, req);
830
831 if (tcp_v6_send_synack(sk, req, NULL))
832 goto drop;
833
834 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
835 return 0;
836
837 drop:
838 if (req)
839 reqsk_free(req);
840
841 return 0; /* don't send reset */
842 }
843
844 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
845 struct request_sock *req,
846 struct dst_entry *dst)
847 {
848 struct inet6_request_sock *treq = inet6_rsk(req);
849 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
850 struct tcp6_sock *newtcp6sk;
851 struct inet_sock *newinet;
852 struct tcp_sock *newtp;
853 struct sock *newsk;
854 struct ipv6_txoptions *opt;
855
856 if (skb->protocol == htons(ETH_P_IP)) {
857 /*
858 * v6 mapped
859 */
860
861 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
862
863 if (newsk == NULL)
864 return NULL;
865
866 newtcp6sk = (struct tcp6_sock *)newsk;
867 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
868
869 newinet = inet_sk(newsk);
870 newnp = inet6_sk(newsk);
871 newtp = tcp_sk(newsk);
872
873 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
874
875 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
876 newinet->daddr);
877
878 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
879 newinet->saddr);
880
881 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
882
883 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
884 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
885 newnp->pktoptions = NULL;
886 newnp->opt = NULL;
887 newnp->mcast_oif = inet6_iif(skb);
888 newnp->mcast_hops = skb->nh.ipv6h->hop_limit;
889
890 /*
891 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
892 * here, tcp_create_openreq_child now does this for us, see the comment in
893 * that function for the gory details. -acme
894 */
895
896 /* It is tricky place. Until this moment IPv4 tcp
897 worked with IPv6 icsk.icsk_af_ops.
898 Sync it now.
899 */
900 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
901
902 return newsk;
903 }
904
905 opt = np->opt;
906
907 if (sk_acceptq_is_full(sk))
908 goto out_overflow;
909
910 if (np->rxopt.bits.osrcrt == 2 &&
911 opt == NULL && treq->pktopts) {
912 struct inet6_skb_parm *rxopt = IP6CB(treq->pktopts);
913 if (rxopt->srcrt)
914 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr *)(treq->pktopts->nh.raw + rxopt->srcrt));
915 }
916
917 if (dst == NULL) {
918 struct in6_addr *final_p = NULL, final;
919 struct flowi fl;
920
921 memset(&fl, 0, sizeof(fl));
922 fl.proto = IPPROTO_TCP;
923 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
924 if (opt && opt->srcrt) {
925 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
926 ipv6_addr_copy(&final, &fl.fl6_dst);
927 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
928 final_p = &final;
929 }
930 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
931 fl.oif = sk->sk_bound_dev_if;
932 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
933 fl.fl_ip_sport = inet_sk(sk)->sport;
934 security_req_classify_flow(req, &fl);
935
936 if (ip6_dst_lookup(sk, &dst, &fl))
937 goto out;
938
939 if (final_p)
940 ipv6_addr_copy(&fl.fl6_dst, final_p);
941
942 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
943 goto out;
944 }
945
946 newsk = tcp_create_openreq_child(sk, req, skb);
947 if (newsk == NULL)
948 goto out;
949
950 /*
951 * No need to charge this sock to the relevant IPv6 refcnt debug socks
952 * count here, tcp_create_openreq_child now does this for us, see the
953 * comment in that function for the gory details. -acme
954 */
955
956 newsk->sk_gso_type = SKB_GSO_TCPV6;
957 __ip6_dst_store(newsk, dst, NULL);
958
959 newtcp6sk = (struct tcp6_sock *)newsk;
960 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
961
962 newtp = tcp_sk(newsk);
963 newinet = inet_sk(newsk);
964 newnp = inet6_sk(newsk);
965
966 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
967
968 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
969 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
970 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
971 newsk->sk_bound_dev_if = treq->iif;
972
973 /* Now IPv6 options...
974
975 First: no IPv4 options.
976 */
977 newinet->opt = NULL;
978
979 /* Clone RX bits */
980 newnp->rxopt.all = np->rxopt.all;
981
982 /* Clone pktoptions received with SYN */
983 newnp->pktoptions = NULL;
984 if (treq->pktopts != NULL) {
985 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
986 kfree_skb(treq->pktopts);
987 treq->pktopts = NULL;
988 if (newnp->pktoptions)
989 skb_set_owner_r(newnp->pktoptions, newsk);
990 }
991 newnp->opt = NULL;
992 newnp->mcast_oif = inet6_iif(skb);
993 newnp->mcast_hops = skb->nh.ipv6h->hop_limit;
994
995 /* Clone native IPv6 options from listening socket (if any)
996
997 Yes, keeping reference count would be much more clever,
998 but we make one more one thing there: reattach optmem
999 to newsk.
1000 */
1001 if (opt) {
1002 newnp->opt = ipv6_dup_options(newsk, opt);
1003 if (opt != np->opt)
1004 sock_kfree_s(sk, opt, opt->tot_len);
1005 }
1006
1007 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1008 if (newnp->opt)
1009 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1010 newnp->opt->opt_flen);
1011
1012 tcp_mtup_init(newsk);
1013 tcp_sync_mss(newsk, dst_mtu(dst));
1014 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1015 tcp_initialize_rcv_mss(newsk);
1016
1017 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
1018
1019 __inet6_hash(&tcp_hashinfo, newsk);
1020 inet_inherit_port(&tcp_hashinfo, sk, newsk);
1021
1022 return newsk;
1023
1024 out_overflow:
1025 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
1026 out:
1027 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
1028 if (opt && opt != np->opt)
1029 sock_kfree_s(sk, opt, opt->tot_len);
1030 dst_release(dst);
1031 return NULL;
1032 }
1033
1034 static int tcp_v6_checksum_init(struct sk_buff *skb)
1035 {
1036 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1037 if (!tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr,
1038 &skb->nh.ipv6h->daddr,skb->csum)) {
1039 skb->ip_summed = CHECKSUM_UNNECESSARY;
1040 return 0;
1041 }
1042 }
1043
1044 skb->csum = ~tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr,
1045 &skb->nh.ipv6h->daddr, 0);
1046
1047 if (skb->len <= 76) {
1048 return __skb_checksum_complete(skb);
1049 }
1050 return 0;
1051 }
1052
1053 /* The socket must have it's spinlock held when we get
1054 * here.
1055 *
1056 * We have a potential double-lock case here, so even when
1057 * doing backlog processing we use the BH locking scheme.
1058 * This is because we cannot sleep with the original spinlock
1059 * held.
1060 */
1061 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1062 {
1063 struct ipv6_pinfo *np = inet6_sk(sk);
1064 struct tcp_sock *tp;
1065 struct sk_buff *opt_skb = NULL;
1066
1067 /* Imagine: socket is IPv6. IPv4 packet arrives,
1068 goes to IPv4 receive handler and backlogged.
1069 From backlog it always goes here. Kerboom...
1070 Fortunately, tcp_rcv_established and rcv_established
1071 handle them correctly, but it is not case with
1072 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1073 */
1074
1075 if (skb->protocol == htons(ETH_P_IP))
1076 return tcp_v4_do_rcv(sk, skb);
1077
1078 if (sk_filter(sk, skb, 0))
1079 goto discard;
1080
1081 /*
1082 * socket locking is here for SMP purposes as backlog rcv
1083 * is currently called with bh processing disabled.
1084 */
1085
1086 /* Do Stevens' IPV6_PKTOPTIONS.
1087
1088 Yes, guys, it is the only place in our code, where we
1089 may make it not affecting IPv4.
1090 The rest of code is protocol independent,
1091 and I do not like idea to uglify IPv4.
1092
1093 Actually, all the idea behind IPV6_PKTOPTIONS
1094 looks not very well thought. For now we latch
1095 options, received in the last packet, enqueued
1096 by tcp. Feel free to propose better solution.
1097 --ANK (980728)
1098 */
1099 if (np->rxopt.all)
1100 opt_skb = skb_clone(skb, GFP_ATOMIC);
1101
1102 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1103 TCP_CHECK_TIMER(sk);
1104 if (tcp_rcv_established(sk, skb, skb->h.th, skb->len))
1105 goto reset;
1106 TCP_CHECK_TIMER(sk);
1107 if (opt_skb)
1108 goto ipv6_pktoptions;
1109 return 0;
1110 }
1111
1112 if (skb->len < (skb->h.th->doff<<2) || tcp_checksum_complete(skb))
1113 goto csum_err;
1114
1115 if (sk->sk_state == TCP_LISTEN) {
1116 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1117 if (!nsk)
1118 goto discard;
1119
1120 /*
1121 * Queue it on the new socket if the new socket is active,
1122 * otherwise we just shortcircuit this and continue with
1123 * the new socket..
1124 */
1125 if(nsk != sk) {
1126 if (tcp_child_process(sk, nsk, skb))
1127 goto reset;
1128 if (opt_skb)
1129 __kfree_skb(opt_skb);
1130 return 0;
1131 }
1132 }
1133
1134 TCP_CHECK_TIMER(sk);
1135 if (tcp_rcv_state_process(sk, skb, skb->h.th, skb->len))
1136 goto reset;
1137 TCP_CHECK_TIMER(sk);
1138 if (opt_skb)
1139 goto ipv6_pktoptions;
1140 return 0;
1141
1142 reset:
1143 tcp_v6_send_reset(skb);
1144 discard:
1145 if (opt_skb)
1146 __kfree_skb(opt_skb);
1147 kfree_skb(skb);
1148 return 0;
1149 csum_err:
1150 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1151 goto discard;
1152
1153
1154 ipv6_pktoptions:
1155 /* Do you ask, what is it?
1156
1157 1. skb was enqueued by tcp.
1158 2. skb is added to tail of read queue, rather than out of order.
1159 3. socket is not in passive state.
1160 4. Finally, it really contains options, which user wants to receive.
1161 */
1162 tp = tcp_sk(sk);
1163 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1164 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1165 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1166 np->mcast_oif = inet6_iif(opt_skb);
1167 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1168 np->mcast_hops = opt_skb->nh.ipv6h->hop_limit;
1169 if (ipv6_opt_accepted(sk, opt_skb)) {
1170 skb_set_owner_r(opt_skb, sk);
1171 opt_skb = xchg(&np->pktoptions, opt_skb);
1172 } else {
1173 __kfree_skb(opt_skb);
1174 opt_skb = xchg(&np->pktoptions, NULL);
1175 }
1176 }
1177
1178 if (opt_skb)
1179 kfree_skb(opt_skb);
1180 return 0;
1181 }
1182
1183 static int tcp_v6_rcv(struct sk_buff **pskb)
1184 {
1185 struct sk_buff *skb = *pskb;
1186 struct tcphdr *th;
1187 struct sock *sk;
1188 int ret;
1189
1190 if (skb->pkt_type != PACKET_HOST)
1191 goto discard_it;
1192
1193 /*
1194 * Count it even if it's bad.
1195 */
1196 TCP_INC_STATS_BH(TCP_MIB_INSEGS);
1197
1198 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1199 goto discard_it;
1200
1201 th = skb->h.th;
1202
1203 if (th->doff < sizeof(struct tcphdr)/4)
1204 goto bad_packet;
1205 if (!pskb_may_pull(skb, th->doff*4))
1206 goto discard_it;
1207
1208 if ((skb->ip_summed != CHECKSUM_UNNECESSARY &&
1209 tcp_v6_checksum_init(skb)))
1210 goto bad_packet;
1211
1212 th = skb->h.th;
1213 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1214 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1215 skb->len - th->doff*4);
1216 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1217 TCP_SKB_CB(skb)->when = 0;
1218 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(skb->nh.ipv6h);
1219 TCP_SKB_CB(skb)->sacked = 0;
1220
1221 sk = __inet6_lookup(&tcp_hashinfo, &skb->nh.ipv6h->saddr, th->source,
1222 &skb->nh.ipv6h->daddr, ntohs(th->dest),
1223 inet6_iif(skb));
1224
1225 if (!sk)
1226 goto no_tcp_socket;
1227
1228 process:
1229 if (sk->sk_state == TCP_TIME_WAIT)
1230 goto do_time_wait;
1231
1232 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1233 goto discard_and_relse;
1234
1235 if (sk_filter(sk, skb, 0))
1236 goto discard_and_relse;
1237
1238 skb->dev = NULL;
1239
1240 bh_lock_sock(sk);
1241 ret = 0;
1242 if (!sock_owned_by_user(sk)) {
1243 #ifdef CONFIG_NET_DMA
1244 struct tcp_sock *tp = tcp_sk(sk);
1245 if (tp->ucopy.dma_chan)
1246 ret = tcp_v6_do_rcv(sk, skb);
1247 else
1248 #endif
1249 {
1250 if (!tcp_prequeue(sk, skb))
1251 ret = tcp_v6_do_rcv(sk, skb);
1252 }
1253 } else
1254 sk_add_backlog(sk, skb);
1255 bh_unlock_sock(sk);
1256
1257 sock_put(sk);
1258 return ret ? -1 : 0;
1259
1260 no_tcp_socket:
1261 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1262 goto discard_it;
1263
1264 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1265 bad_packet:
1266 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1267 } else {
1268 tcp_v6_send_reset(skb);
1269 }
1270
1271 discard_it:
1272
1273 /*
1274 * Discard frame
1275 */
1276
1277 kfree_skb(skb);
1278 return 0;
1279
1280 discard_and_relse:
1281 sock_put(sk);
1282 goto discard_it;
1283
1284 do_time_wait:
1285 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1286 inet_twsk_put((struct inet_timewait_sock *)sk);
1287 goto discard_it;
1288 }
1289
1290 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1291 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1292 inet_twsk_put((struct inet_timewait_sock *)sk);
1293 goto discard_it;
1294 }
1295
1296 switch (tcp_timewait_state_process((struct inet_timewait_sock *)sk,
1297 skb, th)) {
1298 case TCP_TW_SYN:
1299 {
1300 struct sock *sk2;
1301
1302 sk2 = inet6_lookup_listener(&tcp_hashinfo,
1303 &skb->nh.ipv6h->daddr,
1304 ntohs(th->dest), inet6_iif(skb));
1305 if (sk2 != NULL) {
1306 struct inet_timewait_sock *tw = inet_twsk(sk);
1307 inet_twsk_deschedule(tw, &tcp_death_row);
1308 inet_twsk_put(tw);
1309 sk = sk2;
1310 goto process;
1311 }
1312 /* Fall through to ACK */
1313 }
1314 case TCP_TW_ACK:
1315 tcp_v6_timewait_ack(sk, skb);
1316 break;
1317 case TCP_TW_RST:
1318 goto no_tcp_socket;
1319 case TCP_TW_SUCCESS:;
1320 }
1321 goto discard_it;
1322 }
1323
1324 static int tcp_v6_remember_stamp(struct sock *sk)
1325 {
1326 /* Alas, not yet... */
1327 return 0;
1328 }
1329
1330 static struct inet_connection_sock_af_ops ipv6_specific = {
1331 .queue_xmit = inet6_csk_xmit,
1332 .send_check = tcp_v6_send_check,
1333 .rebuild_header = inet6_sk_rebuild_header,
1334 .conn_request = tcp_v6_conn_request,
1335 .syn_recv_sock = tcp_v6_syn_recv_sock,
1336 .remember_stamp = tcp_v6_remember_stamp,
1337 .net_header_len = sizeof(struct ipv6hdr),
1338 .setsockopt = ipv6_setsockopt,
1339 .getsockopt = ipv6_getsockopt,
1340 .addr2sockaddr = inet6_csk_addr2sockaddr,
1341 .sockaddr_len = sizeof(struct sockaddr_in6),
1342 #ifdef CONFIG_COMPAT
1343 .compat_setsockopt = compat_ipv6_setsockopt,
1344 .compat_getsockopt = compat_ipv6_getsockopt,
1345 #endif
1346 };
1347
1348 /*
1349 * TCP over IPv4 via INET6 API
1350 */
1351
1352 static struct inet_connection_sock_af_ops ipv6_mapped = {
1353 .queue_xmit = ip_queue_xmit,
1354 .send_check = tcp_v4_send_check,
1355 .rebuild_header = inet_sk_rebuild_header,
1356 .conn_request = tcp_v6_conn_request,
1357 .syn_recv_sock = tcp_v6_syn_recv_sock,
1358 .remember_stamp = tcp_v4_remember_stamp,
1359 .net_header_len = sizeof(struct iphdr),
1360 .setsockopt = ipv6_setsockopt,
1361 .getsockopt = ipv6_getsockopt,
1362 .addr2sockaddr = inet6_csk_addr2sockaddr,
1363 .sockaddr_len = sizeof(struct sockaddr_in6),
1364 #ifdef CONFIG_COMPAT
1365 .compat_setsockopt = compat_ipv6_setsockopt,
1366 .compat_getsockopt = compat_ipv6_getsockopt,
1367 #endif
1368 };
1369
1370 /* NOTE: A lot of things set to zero explicitly by call to
1371 * sk_alloc() so need not be done here.
1372 */
1373 static int tcp_v6_init_sock(struct sock *sk)
1374 {
1375 struct inet_connection_sock *icsk = inet_csk(sk);
1376 struct tcp_sock *tp = tcp_sk(sk);
1377
1378 skb_queue_head_init(&tp->out_of_order_queue);
1379 tcp_init_xmit_timers(sk);
1380 tcp_prequeue_init(tp);
1381
1382 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1383 tp->mdev = TCP_TIMEOUT_INIT;
1384
1385 /* So many TCP implementations out there (incorrectly) count the
1386 * initial SYN frame in their delayed-ACK and congestion control
1387 * algorithms that we must have the following bandaid to talk
1388 * efficiently to them. -DaveM
1389 */
1390 tp->snd_cwnd = 2;
1391
1392 /* See draft-stevens-tcpca-spec-01 for discussion of the
1393 * initialization of these values.
1394 */
1395 tp->snd_ssthresh = 0x7fffffff;
1396 tp->snd_cwnd_clamp = ~0;
1397 tp->mss_cache = 536;
1398
1399 tp->reordering = sysctl_tcp_reordering;
1400
1401 sk->sk_state = TCP_CLOSE;
1402
1403 icsk->icsk_af_ops = &ipv6_specific;
1404 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1405 icsk->icsk_sync_mss = tcp_sync_mss;
1406 sk->sk_write_space = sk_stream_write_space;
1407 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1408
1409 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1410 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1411
1412 atomic_inc(&tcp_sockets_allocated);
1413
1414 return 0;
1415 }
1416
1417 static int tcp_v6_destroy_sock(struct sock *sk)
1418 {
1419 tcp_v4_destroy_sock(sk);
1420 return inet6_destroy_sock(sk);
1421 }
1422
1423 /* Proc filesystem TCPv6 sock list dumping. */
1424 static void get_openreq6(struct seq_file *seq,
1425 struct sock *sk, struct request_sock *req, int i, int uid)
1426 {
1427 int ttd = req->expires - jiffies;
1428 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1429 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1430
1431 if (ttd < 0)
1432 ttd = 0;
1433
1434 seq_printf(seq,
1435 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1436 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1437 i,
1438 src->s6_addr32[0], src->s6_addr32[1],
1439 src->s6_addr32[2], src->s6_addr32[3],
1440 ntohs(inet_sk(sk)->sport),
1441 dest->s6_addr32[0], dest->s6_addr32[1],
1442 dest->s6_addr32[2], dest->s6_addr32[3],
1443 ntohs(inet_rsk(req)->rmt_port),
1444 TCP_SYN_RECV,
1445 0,0, /* could print option size, but that is af dependent. */
1446 1, /* timers active (only the expire timer) */
1447 jiffies_to_clock_t(ttd),
1448 req->retrans,
1449 uid,
1450 0, /* non standard timer */
1451 0, /* open_requests have no inode */
1452 0, req);
1453 }
1454
1455 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1456 {
1457 struct in6_addr *dest, *src;
1458 __u16 destp, srcp;
1459 int timer_active;
1460 unsigned long timer_expires;
1461 struct inet_sock *inet = inet_sk(sp);
1462 struct tcp_sock *tp = tcp_sk(sp);
1463 const struct inet_connection_sock *icsk = inet_csk(sp);
1464 struct ipv6_pinfo *np = inet6_sk(sp);
1465
1466 dest = &np->daddr;
1467 src = &np->rcv_saddr;
1468 destp = ntohs(inet->dport);
1469 srcp = ntohs(inet->sport);
1470
1471 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1472 timer_active = 1;
1473 timer_expires = icsk->icsk_timeout;
1474 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1475 timer_active = 4;
1476 timer_expires = icsk->icsk_timeout;
1477 } else if (timer_pending(&sp->sk_timer)) {
1478 timer_active = 2;
1479 timer_expires = sp->sk_timer.expires;
1480 } else {
1481 timer_active = 0;
1482 timer_expires = jiffies;
1483 }
1484
1485 seq_printf(seq,
1486 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1487 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d\n",
1488 i,
1489 src->s6_addr32[0], src->s6_addr32[1],
1490 src->s6_addr32[2], src->s6_addr32[3], srcp,
1491 dest->s6_addr32[0], dest->s6_addr32[1],
1492 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1493 sp->sk_state,
1494 tp->write_seq-tp->snd_una,
1495 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1496 timer_active,
1497 jiffies_to_clock_t(timer_expires - jiffies),
1498 icsk->icsk_retransmits,
1499 sock_i_uid(sp),
1500 icsk->icsk_probes_out,
1501 sock_i_ino(sp),
1502 atomic_read(&sp->sk_refcnt), sp,
1503 icsk->icsk_rto,
1504 icsk->icsk_ack.ato,
1505 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1506 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
1507 );
1508 }
1509
1510 static void get_timewait6_sock(struct seq_file *seq,
1511 struct inet_timewait_sock *tw, int i)
1512 {
1513 struct in6_addr *dest, *src;
1514 __u16 destp, srcp;
1515 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
1516 int ttd = tw->tw_ttd - jiffies;
1517
1518 if (ttd < 0)
1519 ttd = 0;
1520
1521 dest = &tw6->tw_v6_daddr;
1522 src = &tw6->tw_v6_rcv_saddr;
1523 destp = ntohs(tw->tw_dport);
1524 srcp = ntohs(tw->tw_sport);
1525
1526 seq_printf(seq,
1527 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1528 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1529 i,
1530 src->s6_addr32[0], src->s6_addr32[1],
1531 src->s6_addr32[2], src->s6_addr32[3], srcp,
1532 dest->s6_addr32[0], dest->s6_addr32[1],
1533 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1534 tw->tw_substate, 0, 0,
1535 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
1536 atomic_read(&tw->tw_refcnt), tw);
1537 }
1538
1539 #ifdef CONFIG_PROC_FS
1540 static int tcp6_seq_show(struct seq_file *seq, void *v)
1541 {
1542 struct tcp_iter_state *st;
1543
1544 if (v == SEQ_START_TOKEN) {
1545 seq_puts(seq,
1546 " sl "
1547 "local_address "
1548 "remote_address "
1549 "st tx_queue rx_queue tr tm->when retrnsmt"
1550 " uid timeout inode\n");
1551 goto out;
1552 }
1553 st = seq->private;
1554
1555 switch (st->state) {
1556 case TCP_SEQ_STATE_LISTENING:
1557 case TCP_SEQ_STATE_ESTABLISHED:
1558 get_tcp6_sock(seq, v, st->num);
1559 break;
1560 case TCP_SEQ_STATE_OPENREQ:
1561 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
1562 break;
1563 case TCP_SEQ_STATE_TIME_WAIT:
1564 get_timewait6_sock(seq, v, st->num);
1565 break;
1566 }
1567 out:
1568 return 0;
1569 }
1570
1571 static struct file_operations tcp6_seq_fops;
1572 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1573 .owner = THIS_MODULE,
1574 .name = "tcp6",
1575 .family = AF_INET6,
1576 .seq_show = tcp6_seq_show,
1577 .seq_fops = &tcp6_seq_fops,
1578 };
1579
1580 int __init tcp6_proc_init(void)
1581 {
1582 return tcp_proc_register(&tcp6_seq_afinfo);
1583 }
1584
1585 void tcp6_proc_exit(void)
1586 {
1587 tcp_proc_unregister(&tcp6_seq_afinfo);
1588 }
1589 #endif
1590
1591 struct proto tcpv6_prot = {
1592 .name = "TCPv6",
1593 .owner = THIS_MODULE,
1594 .close = tcp_close,
1595 .connect = tcp_v6_connect,
1596 .disconnect = tcp_disconnect,
1597 .accept = inet_csk_accept,
1598 .ioctl = tcp_ioctl,
1599 .init = tcp_v6_init_sock,
1600 .destroy = tcp_v6_destroy_sock,
1601 .shutdown = tcp_shutdown,
1602 .setsockopt = tcp_setsockopt,
1603 .getsockopt = tcp_getsockopt,
1604 .sendmsg = tcp_sendmsg,
1605 .recvmsg = tcp_recvmsg,
1606 .backlog_rcv = tcp_v6_do_rcv,
1607 .hash = tcp_v6_hash,
1608 .unhash = tcp_unhash,
1609 .get_port = tcp_v6_get_port,
1610 .enter_memory_pressure = tcp_enter_memory_pressure,
1611 .sockets_allocated = &tcp_sockets_allocated,
1612 .memory_allocated = &tcp_memory_allocated,
1613 .memory_pressure = &tcp_memory_pressure,
1614 .orphan_count = &tcp_orphan_count,
1615 .sysctl_mem = sysctl_tcp_mem,
1616 .sysctl_wmem = sysctl_tcp_wmem,
1617 .sysctl_rmem = sysctl_tcp_rmem,
1618 .max_header = MAX_TCP_HEADER,
1619 .obj_size = sizeof(struct tcp6_sock),
1620 .twsk_prot = &tcp6_timewait_sock_ops,
1621 .rsk_prot = &tcp6_request_sock_ops,
1622 #ifdef CONFIG_COMPAT
1623 .compat_setsockopt = compat_tcp_setsockopt,
1624 .compat_getsockopt = compat_tcp_getsockopt,
1625 #endif
1626 };
1627
1628 static struct inet6_protocol tcpv6_protocol = {
1629 .handler = tcp_v6_rcv,
1630 .err_handler = tcp_v6_err,
1631 .gso_send_check = tcp_v6_gso_send_check,
1632 .gso_segment = tcp_tso_segment,
1633 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1634 };
1635
1636 static struct inet_protosw tcpv6_protosw = {
1637 .type = SOCK_STREAM,
1638 .protocol = IPPROTO_TCP,
1639 .prot = &tcpv6_prot,
1640 .ops = &inet6_stream_ops,
1641 .capability = -1,
1642 .no_check = 0,
1643 .flags = INET_PROTOSW_PERMANENT |
1644 INET_PROTOSW_ICSK,
1645 };
1646
1647 void __init tcpv6_init(void)
1648 {
1649 /* register inet6 protocol */
1650 if (inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP) < 0)
1651 printk(KERN_ERR "tcpv6_init: Could not register protocol\n");
1652 inet6_register_protosw(&tcpv6_protosw);
1653
1654 if (inet_csk_ctl_sock_create(&tcp6_socket, PF_INET6, SOCK_RAW,
1655 IPPROTO_TCP) < 0)
1656 panic("Failed to create the TCPv6 control socket.\n");
1657 }
linux v2.6.22.y-op