search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fs: fix address space warnings in ioctl_fiemap()
[linux-2.6.git] / net / ipv4 / ip_output.c
blob04c7b3ba6b39118ed47c1778f3b10e76fd31e599
1 /*
2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
5 *
6 * The Internet Protocol (IP) output module.
7 *
8 * Authors: Ross Biro
9 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
10 * Donald Becker, <becker@super.org>
11 * Alan Cox, <Alan.Cox@linux.org>
12 * Richard Underwood
13 * Stefan Becker, <stefanb@yello.ping.de>
14 * Jorge Cwik, <jorge@laser.satlink.net>
15 * Arnt Gulbrandsen, <agulbra@nvg.unit.no>
16 * Hirokazu Takahashi, <taka@valinux.co.jp>
17 *
18 * See ip_input.c for original log
19 *
20 * Fixes:
21 * Alan Cox : Missing nonblock feature in ip_build_xmit.
22 * Mike Kilburn : htons() missing in ip_build_xmit.
23 * Bradford Johnson: Fix faulty handling of some frames when
24 * no route is found.
25 * Alexander Demenshin: Missing sk/skb free in ip_queue_xmit
26 * (in case if packet not accepted by
27 * output firewall rules)
28 * Mike McLagan : Routing by source
29 * Alexey Kuznetsov: use new route cache
30 * Andi Kleen: Fix broken PMTU recovery and remove
31 * some redundant tests.
32 * Vitaly E. Lavrov : Transparent proxy revived after year coma.
33 * Andi Kleen : Replace ip_reply with ip_send_reply.
34 * Andi Kleen : Split fast and slow ip_build_xmit path
35 * for decreased register pressure on x86
36 * and more readibility.
37 * Marc Boucher : When call_out_firewall returns FW_QUEUE,
38 * silently drop skb instead of failing with -EPERM.
39 * Detlev Wengorz : Copy protocol for fragments.
40 * Hirokazu Takahashi: HW checksumming for outgoing UDP
41 * datagrams.
42 * Hirokazu Takahashi: sendfile() on UDP works now.
43 */
44
45 #include <asm/uaccess.h>
46 #include <asm/system.h>
47 #include <linux/module.h>
48 #include <linux/types.h>
49 #include <linux/kernel.h>
50 #include <linux/mm.h>
51 #include <linux/string.h>
52 #include <linux/errno.h>
53 #include <linux/highmem.h>
54 #include <linux/slab.h>
55
56 #include <linux/socket.h>
57 #include <linux/sockios.h>
58 #include <linux/in.h>
59 #include <linux/inet.h>
60 #include <linux/netdevice.h>
61 #include <linux/etherdevice.h>
62 #include <linux/proc_fs.h>
63 #include <linux/stat.h>
64 #include <linux/init.h>
65
66 #include <net/snmp.h>
67 #include <net/ip.h>
68 #include <net/protocol.h>
69 #include <net/route.h>
70 #include <net/xfrm.h>
71 #include <linux/skbuff.h>
72 #include <net/sock.h>
73 #include <net/arp.h>
74 #include <net/icmp.h>
75 #include <net/checksum.h>
76 #include <net/inetpeer.h>
77 #include <linux/igmp.h>
78 #include <linux/netfilter_ipv4.h>
79 #include <linux/netfilter_bridge.h>
80 #include <linux/mroute.h>
81 #include <linux/netlink.h>
82 #include <linux/tcp.h>
83
84 int sysctl_ip_default_ttl __read_mostly = IPDEFTTL;
85 EXPORT_SYMBOL(sysctl_ip_default_ttl);
86
87 /* Generate a checksum for an outgoing IP datagram. */
88 __inline__ void ip_send_check(struct iphdr *iph)
89 {
90 iph->check = 0;
91 iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
92 }
93 EXPORT_SYMBOL(ip_send_check);
94
95 int __ip_local_out(struct sk_buff *skb)
96 {
97 struct iphdr *iph = ip_hdr(skb);
98
99 iph->tot_len = htons(skb->len);
100 ip_send_check(iph);
101 return nf_hook(NFPROTO_IPV4, NF_INET_LOCAL_OUT, skb, NULL,
102 skb_dst(skb)->dev, dst_output);
103 }
104
105 int ip_local_out(struct sk_buff *skb)
106 {
107 int err;
108
109 err = __ip_local_out(skb);
110 if (likely(err == 1))
111 err = dst_output(skb);
112
113 return err;
114 }
115 EXPORT_SYMBOL_GPL(ip_local_out);
116
117 /* dev_loopback_xmit for use with netfilter. */
118 static int ip_dev_loopback_xmit(struct sk_buff *newskb)
119 {
120 skb_reset_mac_header(newskb);
121 __skb_pull(newskb, skb_network_offset(newskb));
122 newskb->pkt_type = PACKET_LOOPBACK;
123 newskb->ip_summed = CHECKSUM_UNNECESSARY;
124 WARN_ON(!skb_dst(newskb));
125 netif_rx_ni(newskb);
126 return 0;
127 }
128
129 static inline int ip_select_ttl(struct inet_sock *inet, struct dst_entry *dst)
130 {
131 int ttl = inet->uc_ttl;
132
133 if (ttl < 0)
134 ttl = ip4_dst_hoplimit(dst);
135 return ttl;
136 }
137
138 /*
139 * Add an ip header to a skbuff and send it out.
140 *
141 */
142 int ip_build_and_send_pkt(struct sk_buff *skb, struct sock *sk,
143 __be32 saddr, __be32 daddr, struct ip_options *opt)
144 {
145 struct inet_sock *inet = inet_sk(sk);
146 struct rtable *rt = skb_rtable(skb);
147 struct iphdr *iph;
148
149 /* Build the IP header. */
150 skb_push(skb, sizeof(struct iphdr) + (opt ? opt->optlen : 0));
151 skb_reset_network_header(skb);
152 iph = ip_hdr(skb);
153 iph->version = 4;
154 iph->ihl = 5;
155 iph->tos = inet->tos;
156 if (ip_dont_fragment(sk, &rt->dst))
157 iph->frag_off = htons(IP_DF);
158 else
159 iph->frag_off = 0;
160 iph->ttl = ip_select_ttl(inet, &rt->dst);
161 iph->daddr = rt->rt_dst;
162 iph->saddr = rt->rt_src;
163 iph->protocol = sk->sk_protocol;
164 ip_select_ident(iph, &rt->dst, sk);
165
166 if (opt && opt->optlen) {
167 iph->ihl += opt->optlen>>2;
168 ip_options_build(skb, opt, daddr, rt, 0);
169 }
170
171 skb->priority = sk->sk_priority;
172 skb->mark = sk->sk_mark;
173
174 /* Send it out. */
175 return ip_local_out(skb);
176 }
177 EXPORT_SYMBOL_GPL(ip_build_and_send_pkt);
178
179 static inline int ip_finish_output2(struct sk_buff *skb)
180 {
181 struct dst_entry *dst = skb_dst(skb);
182 struct rtable *rt = (struct rtable *)dst;
183 struct net_device *dev = dst->dev;
184 unsigned int hh_len = LL_RESERVED_SPACE(dev);
185
186 if (rt->rt_type == RTN_MULTICAST) {
187 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUTMCAST, skb->len);
188 } else if (rt->rt_type == RTN_BROADCAST)
189 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUTBCAST, skb->len);
190
191 /* Be paranoid, rather than too clever. */
192 if (unlikely(skb_headroom(skb) < hh_len && dev->header_ops)) {
193 struct sk_buff *skb2;
194
195 skb2 = skb_realloc_headroom(skb, LL_RESERVED_SPACE(dev));
196 if (skb2 == NULL) {
197 kfree_skb(skb);
198 return -ENOMEM;
199 }
200 if (skb->sk)
201 skb_set_owner_w(skb2, skb->sk);
202 kfree_skb(skb);
203 skb = skb2;
204 }
205
206 if (dst->hh)
207 return neigh_hh_output(dst->hh, skb);
208 else if (dst->neighbour)
209 return dst->neighbour->output(skb);
210
211 if (net_ratelimit())
212 printk(KERN_DEBUG "ip_finish_output2: No header cache and no neighbour!\n");
213 kfree_skb(skb);
214 return -EINVAL;
215 }
216
217 static inline int ip_skb_dst_mtu(struct sk_buff *skb)
218 {
219 struct inet_sock *inet = skb->sk ? inet_sk(skb->sk) : NULL;
220
221 return (inet && inet->pmtudisc == IP_PMTUDISC_PROBE) ?
222 skb_dst(skb)->dev->mtu : dst_mtu(skb_dst(skb));
223 }
224
225 static int ip_finish_output(struct sk_buff *skb)
226 {
227 #if defined(CONFIG_NETFILTER) && defined(CONFIG_XFRM)
228 /* Policy lookup after SNAT yielded a new policy */
229 if (skb_dst(skb)->xfrm != NULL) {
230 IPCB(skb)->flags |= IPSKB_REROUTED;
231 return dst_output(skb);
232 }
233 #endif
234 if (skb->len > ip_skb_dst_mtu(skb) && !skb_is_gso(skb))
235 return ip_fragment(skb, ip_finish_output2);
236 else
237 return ip_finish_output2(skb);
238 }
239
240 int ip_mc_output(struct sk_buff *skb)
241 {
242 struct sock *sk = skb->sk;
243 struct rtable *rt = skb_rtable(skb);
244 struct net_device *dev = rt->dst.dev;
245
246 /*
247 * If the indicated interface is up and running, send the packet.
248 */
249 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUT, skb->len);
250
251 skb->dev = dev;
252 skb->protocol = htons(ETH_P_IP);
253
254 /*
255 * Multicasts are looped back for other local users
256 */
257
258 if (rt->rt_flags&RTCF_MULTICAST) {
259 if (sk_mc_loop(sk)
260 #ifdef CONFIG_IP_MROUTE
261 /* Small optimization: do not loopback not local frames,
262 which returned after forwarding; they will be dropped
263 by ip_mr_input in any case.
264 Note, that local frames are looped back to be delivered
265 to local recipients.
266
267 This check is duplicated in ip_mr_input at the moment.
268 */
269 &&
270 ((rt->rt_flags & RTCF_LOCAL) ||
271 !(IPCB(skb)->flags & IPSKB_FORWARDED))
272 #endif
273 ) {
274 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
275 if (newskb)
276 NF_HOOK(NFPROTO_IPV4, NF_INET_POST_ROUTING,
277 newskb, NULL, newskb->dev,
278 ip_dev_loopback_xmit);
279 }
280
281 /* Multicasts with ttl 0 must not go beyond the host */
282
283 if (ip_hdr(skb)->ttl == 0) {
284 kfree_skb(skb);
285 return 0;
286 }
287 }
288
289 if (rt->rt_flags&RTCF_BROADCAST) {
290 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
291 if (newskb)
292 NF_HOOK(NFPROTO_IPV4, NF_INET_POST_ROUTING, newskb,
293 NULL, newskb->dev, ip_dev_loopback_xmit);
294 }
295
296 return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, skb, NULL,
297 skb->dev, ip_finish_output,
298 !(IPCB(skb)->flags & IPSKB_REROUTED));
299 }
300
301 int ip_output(struct sk_buff *skb)
302 {
303 struct net_device *dev = skb_dst(skb)->dev;
304
305 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUT, skb->len);
306
307 skb->dev = dev;
308 skb->protocol = htons(ETH_P_IP);
309
310 return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, skb, NULL, dev,
311 ip_finish_output,
312 !(IPCB(skb)->flags & IPSKB_REROUTED));
313 }
314
315 int ip_queue_xmit(struct sk_buff *skb)
316 {
317 struct sock *sk = skb->sk;
318 struct inet_sock *inet = inet_sk(sk);
319 struct ip_options *opt = inet->opt;
320 struct rtable *rt;
321 struct iphdr *iph;
322 int res;
323
324 /* Skip all of this if the packet is already routed,
325 * f.e. by something like SCTP.
326 */
327 rcu_read_lock();
328 rt = skb_rtable(skb);
329 if (rt != NULL)
330 goto packet_routed;
331
332 /* Make sure we can route this packet. */
333 rt = (struct rtable *)__sk_dst_check(sk, 0);
334 if (rt == NULL) {
335 __be32 daddr;
336
337 /* Use correct destination address if we have options. */
338 daddr = inet->inet_daddr;
339 if(opt && opt->srr)
340 daddr = opt->faddr;
341
342 {
343 struct flowi fl = { .oif = sk->sk_bound_dev_if,
344 .mark = sk->sk_mark,
345 .fl4_dst = daddr,
346 .fl4_src = inet->inet_saddr,
347 .fl4_tos = RT_CONN_FLAGS(sk),
348 .proto = sk->sk_protocol,
349 .flags = inet_sk_flowi_flags(sk),
350 .fl_ip_sport = inet->inet_sport,
351 .fl_ip_dport = inet->inet_dport };
352
353 /* If this fails, retransmit mechanism of transport layer will
354 * keep trying until route appears or the connection times
355 * itself out.
356 */
357 security_sk_classify_flow(sk, &fl);
358 if (ip_route_output_flow(sock_net(sk), &rt, &fl, sk, 0))
359 goto no_route;
360 }
361 sk_setup_caps(sk, &rt->dst);
362 }
363 skb_dst_set_noref(skb, &rt->dst);
364
365 packet_routed:
366 if (opt && opt->is_strictroute && rt->rt_dst != rt->rt_gateway)
367 goto no_route;
368
369 /* OK, we know where to send it, allocate and build IP header. */
370 skb_push(skb, sizeof(struct iphdr) + (opt ? opt->optlen : 0));
371 skb_reset_network_header(skb);
372 iph = ip_hdr(skb);
373 *((__be16 *)iph) = htons((4 << 12) | (5 << 8) | (inet->tos & 0xff));
374 if (ip_dont_fragment(sk, &rt->dst) && !skb->local_df)
375 iph->frag_off = htons(IP_DF);
376 else
377 iph->frag_off = 0;
378 iph->ttl = ip_select_ttl(inet, &rt->dst);
379 iph->protocol = sk->sk_protocol;
380 iph->saddr = rt->rt_src;
381 iph->daddr = rt->rt_dst;
382 /* Transport layer set skb->h.foo itself. */
383
384 if (opt && opt->optlen) {
385 iph->ihl += opt->optlen >> 2;
386 ip_options_build(skb, opt, inet->inet_daddr, rt, 0);
387 }
388
389 ip_select_ident_more(iph, &rt->dst, sk,
390 (skb_shinfo(skb)->gso_segs ?: 1) - 1);
391
392 skb->priority = sk->sk_priority;
393 skb->mark = sk->sk_mark;
394
395 res = ip_local_out(skb);
396 rcu_read_unlock();
397 return res;
398
399 no_route:
400 rcu_read_unlock();
401 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTNOROUTES);
402 kfree_skb(skb);
403 return -EHOSTUNREACH;
404 }
405 EXPORT_SYMBOL(ip_queue_xmit);
406
407
408 static void ip_copy_metadata(struct sk_buff *to, struct sk_buff *from)
409 {
410 to->pkt_type = from->pkt_type;
411 to->priority = from->priority;
412 to->protocol = from->protocol;
413 skb_dst_drop(to);
414 skb_dst_copy(to, from);
415 to->dev = from->dev;
416 to->mark = from->mark;
417
418 /* Copy the flags to each fragment. */
419 IPCB(to)->flags = IPCB(from)->flags;
420
421 #ifdef CONFIG_NET_SCHED
422 to->tc_index = from->tc_index;
423 #endif
424 nf_copy(to, from);
425 #if defined(CONFIG_NETFILTER_XT_TARGET_TRACE) || \
426 defined(CONFIG_NETFILTER_XT_TARGET_TRACE_MODULE)
427 to->nf_trace = from->nf_trace;
428 #endif
429 #if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE)
430 to->ipvs_property = from->ipvs_property;
431 #endif
432 skb_copy_secmark(to, from);
433 }
434
435 /*
436 * This IP datagram is too large to be sent in one piece. Break it up into
437 * smaller pieces (each of size equal to IP header plus
438 * a block of the data of the original IP data part) that will yet fit in a
439 * single device frame, and queue such a frame for sending.
440 */
441
442 int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
443 {
444 struct iphdr *iph;
445 int ptr;
446 struct net_device *dev;
447 struct sk_buff *skb2;
448 unsigned int mtu, hlen, left, len, ll_rs;
449 int offset;
450 __be16 not_last_frag;
451 struct rtable *rt = skb_rtable(skb);
452 int err = 0;
453
454 dev = rt->dst.dev;
455
456 /*
457 * Point into the IP datagram header.
458 */
459
460 iph = ip_hdr(skb);
461
462 if (unlikely((iph->frag_off & htons(IP_DF)) && !skb->local_df)) {
463 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGFAILS);
464 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
465 htonl(ip_skb_dst_mtu(skb)));
466 kfree_skb(skb);
467 return -EMSGSIZE;
468 }
469
470 /*
471 * Setup starting values.
472 */
473
474 hlen = iph->ihl * 4;
475 mtu = dst_mtu(&rt->dst) - hlen; /* Size of data space */
476 #ifdef CONFIG_BRIDGE_NETFILTER
477 if (skb->nf_bridge)
478 mtu -= nf_bridge_mtu_reduction(skb);
479 #endif
480 IPCB(skb)->flags |= IPSKB_FRAG_COMPLETE;
481
482 /* When frag_list is given, use it. First, check its validity:
483 * some transformers could create wrong frag_list or break existing
484 * one, it is not prohibited. In this case fall back to copying.
485 *
486 * LATER: this step can be merged to real generation of fragments,
487 * we can switch to copy when see the first bad fragment.
488 */
489 if (skb_has_frag_list(skb)) {
490 struct sk_buff *frag, *frag2;
491 int first_len = skb_pagelen(skb);
492
493 if (first_len - hlen > mtu ||
494 ((first_len - hlen) & 7) ||
495 (iph->frag_off & htons(IP_MF|IP_OFFSET)) ||
496 skb_cloned(skb))
497 goto slow_path;
498
499 skb_walk_frags(skb, frag) {
500 /* Correct geometry. */
501 if (frag->len > mtu ||
502 ((frag->len & 7) && frag->next) ||
503 skb_headroom(frag) < hlen)
504 goto slow_path_clean;
505
506 /* Partially cloned skb? */
507 if (skb_shared(frag))
508 goto slow_path_clean;
509
510 BUG_ON(frag->sk);
511 if (skb->sk) {
512 frag->sk = skb->sk;
513 frag->destructor = sock_wfree;
514 }
515 skb->truesize -= frag->truesize;
516 }
517
518 /* Everything is OK. Generate! */
519
520 err = 0;
521 offset = 0;
522 frag = skb_shinfo(skb)->frag_list;
523 skb_frag_list_init(skb);
524 skb->data_len = first_len - skb_headlen(skb);
525 skb->len = first_len;
526 iph->tot_len = htons(first_len);
527 iph->frag_off = htons(IP_MF);
528 ip_send_check(iph);
529
530 for (;;) {
531 /* Prepare header of the next frame,
532 * before previous one went down. */
533 if (frag) {
534 frag->ip_summed = CHECKSUM_NONE;
535 skb_reset_transport_header(frag);
536 __skb_push(frag, hlen);
537 skb_reset_network_header(frag);
538 memcpy(skb_network_header(frag), iph, hlen);
539 iph = ip_hdr(frag);
540 iph->tot_len = htons(frag->len);
541 ip_copy_metadata(frag, skb);
542 if (offset == 0)
543 ip_options_fragment(frag);
544 offset += skb->len - hlen;
545 iph->frag_off = htons(offset>>3);
546 if (frag->next != NULL)
547 iph->frag_off |= htons(IP_MF);
548 /* Ready, complete checksum */
549 ip_send_check(iph);
550 }
551
552 err = output(skb);
553
554 if (!err)
555 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGCREATES);
556 if (err || !frag)
557 break;
558
559 skb = frag;
560 frag = skb->next;
561 skb->next = NULL;
562 }
563
564 if (err == 0) {
565 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGOKS);
566 return 0;
567 }
568
569 while (frag) {
570 skb = frag->next;
571 kfree_skb(frag);
572 frag = skb;
573 }
574 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGFAILS);
575 return err;
576
577 slow_path_clean:
578 skb_walk_frags(skb, frag2) {
579 if (frag2 == frag)
580 break;
581 frag2->sk = NULL;
582 frag2->destructor = NULL;
583 skb->truesize += frag2->truesize;
584 }
585 }
586
587 slow_path:
588 left = skb->len - hlen; /* Space per frame */
589 ptr = hlen; /* Where to start from */
590
591 /* for bridged IP traffic encapsulated inside f.e. a vlan header,
592 * we need to make room for the encapsulating header
593 */
594 ll_rs = LL_RESERVED_SPACE_EXTRA(rt->dst.dev, nf_bridge_pad(skb));
595
596 /*
597 * Fragment the datagram.
598 */
599
600 offset = (ntohs(iph->frag_off) & IP_OFFSET) << 3;
601 not_last_frag = iph->frag_off & htons(IP_MF);
602
603 /*
604 * Keep copying data until we run out.
605 */
606
607 while (left > 0) {
608 len = left;
609 /* IF: it doesn't fit, use 'mtu' - the data space left */
610 if (len > mtu)
611 len = mtu;
612 /* IF: we are not sending upto and including the packet end
613 then align the next start on an eight byte boundary */
614 if (len < left) {
615 len &= ~7;
616 }
617 /*
618 * Allocate buffer.
619 */
620
621 if ((skb2 = alloc_skb(len+hlen+ll_rs, GFP_ATOMIC)) == NULL) {
622 NETDEBUG(KERN_INFO "IP: frag: no memory for new fragment!\n");
623 err = -ENOMEM;
624 goto fail;
625 }
626
627 /*
628 * Set up data on packet
629 */
630
631 ip_copy_metadata(skb2, skb);
632 skb_reserve(skb2, ll_rs);
633 skb_put(skb2, len + hlen);
634 skb_reset_network_header(skb2);
635 skb2->transport_header = skb2->network_header + hlen;
636
637 /*
638 * Charge the memory for the fragment to any owner
639 * it might possess
640 */
641
642 if (skb->sk)
643 skb_set_owner_w(skb2, skb->sk);
644
645 /*
646 * Copy the packet header into the new buffer.
647 */
648
649 skb_copy_from_linear_data(skb, skb_network_header(skb2), hlen);
650
651 /*
652 * Copy a block of the IP datagram.
653 */
654 if (skb_copy_bits(skb, ptr, skb_transport_header(skb2), len))
655 BUG();
656 left -= len;
657
658 /*
659 * Fill in the new header fields.
660 */
661 iph = ip_hdr(skb2);
662 iph->frag_off = htons((offset >> 3));
663
664 /* ANK: dirty, but effective trick. Upgrade options only if
665 * the segment to be fragmented was THE FIRST (otherwise,
666 * options are already fixed) and make it ONCE
667 * on the initial skb, so that all the following fragments
668 * will inherit fixed options.
669 */
670 if (offset == 0)
671 ip_options_fragment(skb);
672
673 /*
674 * Added AC : If we are fragmenting a fragment that's not the
675 * last fragment then keep MF on each bit
676 */
677 if (left > 0 || not_last_frag)
678 iph->frag_off |= htons(IP_MF);
679 ptr += len;
680 offset += len;
681
682 /*
683 * Put this fragment into the sending queue.
684 */
685 iph->tot_len = htons(len + hlen);
686
687 ip_send_check(iph);
688
689 err = output(skb2);
690 if (err)
691 goto fail;
692
693 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGCREATES);
694 }
695 kfree_skb(skb);
696 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGOKS);
697 return err;
698
699 fail:
700 kfree_skb(skb);
701 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGFAILS);
702 return err;
703 }
704 EXPORT_SYMBOL(ip_fragment);
705
706 int
707 ip_generic_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
708 {
709 struct iovec *iov = from;
710
711 if (skb->ip_summed == CHECKSUM_PARTIAL) {
712 if (memcpy_fromiovecend(to, iov, offset, len) < 0)
713 return -EFAULT;
714 } else {
715 __wsum csum = 0;
716 if (csum_partial_copy_fromiovecend(to, iov, offset, len, &csum) < 0)
717 return -EFAULT;
718 skb->csum = csum_block_add(skb->csum, csum, odd);
719 }
720 return 0;
721 }
722 EXPORT_SYMBOL(ip_generic_getfrag);
723
724 static inline __wsum
725 csum_page(struct page *page, int offset, int copy)
726 {
727 char *kaddr;
728 __wsum csum;
729 kaddr = kmap(page);
730 csum = csum_partial(kaddr + offset, copy, 0);
731 kunmap(page);
732 return csum;
733 }
734
735 static inline int ip_ufo_append_data(struct sock *sk,
736 int getfrag(void *from, char *to, int offset, int len,
737 int odd, struct sk_buff *skb),
738 void *from, int length, int hh_len, int fragheaderlen,
739 int transhdrlen, int mtu, unsigned int flags)
740 {
741 struct sk_buff *skb;
742 int err;
743
744 /* There is support for UDP fragmentation offload by network
745 * device, so create one single skb packet containing complete
746 * udp datagram
747 */
748 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL) {
749 skb = sock_alloc_send_skb(sk,
750 hh_len + fragheaderlen + transhdrlen + 20,
751 (flags & MSG_DONTWAIT), &err);
752
753 if (skb == NULL)
754 return err;
755
756 /* reserve space for Hardware header */
757 skb_reserve(skb, hh_len);
758
759 /* create space for UDP/IP header */
760 skb_put(skb, fragheaderlen + transhdrlen);
761
762 /* initialize network header pointer */
763 skb_reset_network_header(skb);
764
765 /* initialize protocol header pointer */
766 skb->transport_header = skb->network_header + fragheaderlen;
767
768 skb->ip_summed = CHECKSUM_PARTIAL;
769 skb->csum = 0;
770 sk->sk_sndmsg_off = 0;
771
772 /* specify the length of each IP datagram fragment */
773 skb_shinfo(skb)->gso_size = mtu - fragheaderlen;
774 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
775 __skb_queue_tail(&sk->sk_write_queue, skb);
776 }
777
778 return skb_append_datato_frags(sk, skb, getfrag, from,
779 (length - transhdrlen));
780 }
781
782 /*
783 * ip_append_data() and ip_append_page() can make one large IP datagram
784 * from many pieces of data. Each pieces will be holded on the socket
785 * until ip_push_pending_frames() is called. Each piece can be a page
786 * or non-page data.
787 *
788 * Not only UDP, other transport protocols - e.g. raw sockets - can use
789 * this interface potentially.
790 *
791 * LATER: length must be adjusted by pad at tail, when it is required.
792 */
793 int ip_append_data(struct sock *sk,
794 int getfrag(void *from, char *to, int offset, int len,
795 int odd, struct sk_buff *skb),
796 void *from, int length, int transhdrlen,
797 struct ipcm_cookie *ipc, struct rtable **rtp,
798 unsigned int flags)
799 {
800 struct inet_sock *inet = inet_sk(sk);
801 struct sk_buff *skb;
802
803 struct ip_options *opt = NULL;
804 int hh_len;
805 int exthdrlen;
806 int mtu;
807 int copy;
808 int err;
809 int offset = 0;
810 unsigned int maxfraglen, fragheaderlen;
811 int csummode = CHECKSUM_NONE;
812 struct rtable *rt;
813
814 if (flags&MSG_PROBE)
815 return 0;
816
817 if (skb_queue_empty(&sk->sk_write_queue)) {
818 /*
819 * setup for corking.
820 */
821 opt = ipc->opt;
822 if (opt) {
823 if (inet->cork.opt == NULL) {
824 inet->cork.opt = kmalloc(sizeof(struct ip_options) + 40, sk->sk_allocation);
825 if (unlikely(inet->cork.opt == NULL))
826 return -ENOBUFS;
827 }
828 memcpy(inet->cork.opt, opt, sizeof(struct ip_options)+opt->optlen);
829 inet->cork.flags |= IPCORK_OPT;
830 inet->cork.addr = ipc->addr;
831 }
832 rt = *rtp;
833 if (unlikely(!rt))
834 return -EFAULT;
835 /*
836 * We steal reference to this route, caller should not release it
837 */
838 *rtp = NULL;
839 inet->cork.fragsize = mtu = inet->pmtudisc == IP_PMTUDISC_PROBE ?
840 rt->dst.dev->mtu :
841 dst_mtu(rt->dst.path);
842 inet->cork.dst = &rt->dst;
843 inet->cork.length = 0;
844 sk->sk_sndmsg_page = NULL;
845 sk->sk_sndmsg_off = 0;
846 exthdrlen = rt->dst.header_len;
847 length += exthdrlen;
848 transhdrlen += exthdrlen;
849 } else {
850 rt = (struct rtable *)inet->cork.dst;
851 if (inet->cork.flags & IPCORK_OPT)
852 opt = inet->cork.opt;
853
854 transhdrlen = 0;
855 exthdrlen = 0;
856 mtu = inet->cork.fragsize;
857 }
858 hh_len = LL_RESERVED_SPACE(rt->dst.dev);
859
860 fragheaderlen = sizeof(struct iphdr) + (opt ? opt->optlen : 0);
861 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen;
862
863 if (inet->cork.length + length > 0xFFFF - fragheaderlen) {
864 ip_local_error(sk, EMSGSIZE, rt->rt_dst, inet->inet_dport,
865 mtu-exthdrlen);
866 return -EMSGSIZE;
867 }
868
869 /*
870 * transhdrlen > 0 means that this is the first fragment and we wish
871 * it won't be fragmented in the future.
872 */
873 if (transhdrlen &&
874 length + fragheaderlen <= mtu &&
875 rt->dst.dev->features & NETIF_F_V4_CSUM &&
876 !exthdrlen)
877 csummode = CHECKSUM_PARTIAL;
878
879 skb = skb_peek_tail(&sk->sk_write_queue);
880
881 inet->cork.length += length;
882 if (((length > mtu) || (skb && skb_is_gso(skb))) &&
883 (sk->sk_protocol == IPPROTO_UDP) &&
884 (rt->dst.dev->features & NETIF_F_UFO)) {
885 err = ip_ufo_append_data(sk, getfrag, from, length, hh_len,
886 fragheaderlen, transhdrlen, mtu,
887 flags);
888 if (err)
889 goto error;
890 return 0;
891 }
892
893 /* So, what's going on in the loop below?
894 *
895 * We use calculated fragment length to generate chained skb,
896 * each of segments is IP fragment ready for sending to network after
897 * adding appropriate IP header.
898 */
899
900 if (!skb)
901 goto alloc_new_skb;
902
903 while (length > 0) {
904 /* Check if the remaining data fits into current packet. */
905 copy = mtu - skb->len;
906 if (copy < length)
907 copy = maxfraglen - skb->len;
908 if (copy <= 0) {
909 char *data;
910 unsigned int datalen;
911 unsigned int fraglen;
912 unsigned int fraggap;
913 unsigned int alloclen;
914 struct sk_buff *skb_prev;
915 alloc_new_skb:
916 skb_prev = skb;
917 if (skb_prev)
918 fraggap = skb_prev->len - maxfraglen;
919 else
920 fraggap = 0;
921
922 /*
923 * If remaining data exceeds the mtu,
924 * we know we need more fragment(s).
925 */
926 datalen = length + fraggap;
927 if (datalen > mtu - fragheaderlen)
928 datalen = maxfraglen - fragheaderlen;
929 fraglen = datalen + fragheaderlen;
930
931 if ((flags & MSG_MORE) &&
932 !(rt->dst.dev->features&NETIF_F_SG))
933 alloclen = mtu;
934 else
935 alloclen = fraglen;
936
937 /* The last fragment gets additional space at tail.
938 * Note, with MSG_MORE we overallocate on fragments,
939 * because we have no idea what fragment will be
940 * the last.
941 */
942 if (datalen == length + fraggap) {
943 alloclen += rt->dst.trailer_len;
944 /* make sure mtu is not reached */
945 if (datalen > mtu - fragheaderlen - rt->dst.trailer_len)
946 datalen -= ALIGN(rt->dst.trailer_len, 8);
947 }
948 if (transhdrlen) {
949 skb = sock_alloc_send_skb(sk,
950 alloclen + hh_len + 15,
951 (flags & MSG_DONTWAIT), &err);
952 } else {
953 skb = NULL;
954 if (atomic_read(&sk->sk_wmem_alloc) <=
955 2 * sk->sk_sndbuf)
956 skb = sock_wmalloc(sk,
957 alloclen + hh_len + 15, 1,
958 sk->sk_allocation);
959 if (unlikely(skb == NULL))
960 err = -ENOBUFS;
961 else
962 /* only the initial fragment is
963 time stamped */
964 ipc->tx_flags = 0;
965 }
966 if (skb == NULL)
967 goto error;
968
969 /*
970 * Fill in the control structures
971 */
972 skb->ip_summed = csummode;
973 skb->csum = 0;
974 skb_reserve(skb, hh_len);
975 skb_shinfo(skb)->tx_flags = ipc->tx_flags;
976
977 /*
978 * Find where to start putting bytes.
979 */
980 data = skb_put(skb, fraglen);
981 skb_set_network_header(skb, exthdrlen);
982 skb->transport_header = (skb->network_header +
983 fragheaderlen);
984 data += fragheaderlen;
985
986 if (fraggap) {
987 skb->csum = skb_copy_and_csum_bits(
988 skb_prev, maxfraglen,
989 data + transhdrlen, fraggap, 0);
990 skb_prev->csum = csum_sub(skb_prev->csum,
991 skb->csum);
992 data += fraggap;
993 pskb_trim_unique(skb_prev, maxfraglen);
994 }
995
996 copy = datalen - transhdrlen - fraggap;
997 if (copy > 0 && getfrag(from, data + transhdrlen, offset, copy, fraggap, skb) < 0) {
998 err = -EFAULT;
999 kfree_skb(skb);
1000 goto error;
1001 }
1002
1003 offset += copy;
1004 length -= datalen - fraggap;
1005 transhdrlen = 0;
1006 exthdrlen = 0;
1007 csummode = CHECKSUM_NONE;
1008
1009 /*
1010 * Put the packet on the pending queue.
1011 */
1012 __skb_queue_tail(&sk->sk_write_queue, skb);
1013 continue;
1014 }
1015
1016 if (copy > length)
1017 copy = length;
1018
1019 if (!(rt->dst.dev->features&NETIF_F_SG)) {
1020 unsigned int off;
1021
1022 off = skb->len;
1023 if (getfrag(from, skb_put(skb, copy),
1024 offset, copy, off, skb) < 0) {
1025 __skb_trim(skb, off);
1026 err = -EFAULT;
1027 goto error;
1028 }
1029 } else {
1030 int i = skb_shinfo(skb)->nr_frags;
1031 skb_frag_t *frag = &skb_shinfo(skb)->frags[i-1];
1032 struct page *page = sk->sk_sndmsg_page;
1033 int off = sk->sk_sndmsg_off;
1034 unsigned int left;
1035
1036 if (page && (left = PAGE_SIZE - off) > 0) {
1037 if (copy >= left)
1038 copy = left;
1039 if (page != frag->page) {
1040 if (i == MAX_SKB_FRAGS) {
1041 err = -EMSGSIZE;
1042 goto error;
1043 }
1044 get_page(page);
1045 skb_fill_page_desc(skb, i, page, sk->sk_sndmsg_off, 0);
1046 frag = &skb_shinfo(skb)->frags[i];
1047 }
1048 } else if (i < MAX_SKB_FRAGS) {
1049 if (copy > PAGE_SIZE)
1050 copy = PAGE_SIZE;
1051 page = alloc_pages(sk->sk_allocation, 0);
1052 if (page == NULL) {
1053 err = -ENOMEM;
1054 goto error;
1055 }
1056 sk->sk_sndmsg_page = page;
1057 sk->sk_sndmsg_off = 0;
1058
1059 skb_fill_page_desc(skb, i, page, 0, 0);
1060 frag = &skb_shinfo(skb)->frags[i];
1061 } else {
1062 err = -EMSGSIZE;
1063 goto error;
1064 }
1065 if (getfrag(from, page_address(frag->page)+frag->page_offset+frag->size, offset, copy, skb->len, skb) < 0) {
1066 err = -EFAULT;
1067 goto error;
1068 }
1069 sk->sk_sndmsg_off += copy;
1070 frag->size += copy;
1071 skb->len += copy;
1072 skb->data_len += copy;
1073 skb->truesize += copy;
1074 atomic_add(copy, &sk->sk_wmem_alloc);
1075 }
1076 offset += copy;
1077 length -= copy;
1078 }
1079
1080 return 0;
1081
1082 error:
1083 inet->cork.length -= length;
1084 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTDISCARDS);
1085 return err;
1086 }
1087
1088 ssize_t ip_append_page(struct sock *sk, struct page *page,
1089 int offset, size_t size, int flags)
1090 {
1091 struct inet_sock *inet = inet_sk(sk);
1092 struct sk_buff *skb;
1093 struct rtable *rt;
1094 struct ip_options *opt = NULL;
1095 int hh_len;
1096 int mtu;
1097 int len;
1098 int err;
1099 unsigned int maxfraglen, fragheaderlen, fraggap;
1100
1101 if (inet->hdrincl)
1102 return -EPERM;
1103
1104 if (flags&MSG_PROBE)
1105 return 0;
1106
1107 if (skb_queue_empty(&sk->sk_write_queue))
1108 return -EINVAL;
1109
1110 rt = (struct rtable *)inet->cork.dst;
1111 if (inet->cork.flags & IPCORK_OPT)
1112 opt = inet->cork.opt;
1113
1114 if (!(rt->dst.dev->features&NETIF_F_SG))
1115 return -EOPNOTSUPP;
1116
1117 hh_len = LL_RESERVED_SPACE(rt->dst.dev);
1118 mtu = inet->cork.fragsize;
1119
1120 fragheaderlen = sizeof(struct iphdr) + (opt ? opt->optlen : 0);
1121 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen;
1122
1123 if (inet->cork.length + size > 0xFFFF - fragheaderlen) {
1124 ip_local_error(sk, EMSGSIZE, rt->rt_dst, inet->inet_dport, mtu);
1125 return -EMSGSIZE;
1126 }
1127
1128 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL)
1129 return -EINVAL;
1130
1131 inet->cork.length += size;
1132 if ((size + skb->len > mtu) &&
1133 (sk->sk_protocol == IPPROTO_UDP) &&
1134 (rt->dst.dev->features & NETIF_F_UFO)) {
1135 skb_shinfo(skb)->gso_size = mtu - fragheaderlen;
1136 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
1137 }
1138
1139
1140 while (size > 0) {
1141 int i;
1142
1143 if (skb_is_gso(skb))
1144 len = size;
1145 else {
1146
1147 /* Check if the remaining data fits into current packet. */
1148 len = mtu - skb->len;
1149 if (len < size)
1150 len = maxfraglen - skb->len;
1151 }
1152 if (len <= 0) {
1153 struct sk_buff *skb_prev;
1154 int alloclen;
1155
1156 skb_prev = skb;
1157 fraggap = skb_prev->len - maxfraglen;
1158
1159 alloclen = fragheaderlen + hh_len + fraggap + 15;
1160 skb = sock_wmalloc(sk, alloclen, 1, sk->sk_allocation);
1161 if (unlikely(!skb)) {
1162 err = -ENOBUFS;
1163 goto error;
1164 }
1165
1166 /*
1167 * Fill in the control structures
1168 */
1169 skb->ip_summed = CHECKSUM_NONE;
1170 skb->csum = 0;
1171 skb_reserve(skb, hh_len);
1172
1173 /*
1174 * Find where to start putting bytes.
1175 */
1176 skb_put(skb, fragheaderlen + fraggap);
1177 skb_reset_network_header(skb);
1178 skb->transport_header = (skb->network_header +
1179 fragheaderlen);
1180 if (fraggap) {
1181 skb->csum = skb_copy_and_csum_bits(skb_prev,
1182 maxfraglen,
1183 skb_transport_header(skb),
1184 fraggap, 0);
1185 skb_prev->csum = csum_sub(skb_prev->csum,
1186 skb->csum);
1187 pskb_trim_unique(skb_prev, maxfraglen);
1188 }
1189
1190 /*
1191 * Put the packet on the pending queue.
1192 */
1193 __skb_queue_tail(&sk->sk_write_queue, skb);
1194 continue;
1195 }
1196
1197 i = skb_shinfo(skb)->nr_frags;
1198 if (len > size)
1199 len = size;
1200 if (skb_can_coalesce(skb, i, page, offset)) {
1201 skb_shinfo(skb)->frags[i-1].size += len;
1202 } else if (i < MAX_SKB_FRAGS) {
1203 get_page(page);
1204 skb_fill_page_desc(skb, i, page, offset, len);
1205 } else {
1206 err = -EMSGSIZE;
1207 goto error;
1208 }
1209
1210 if (skb->ip_summed == CHECKSUM_NONE) {
1211 __wsum csum;
1212 csum = csum_page(page, offset, len);
1213 skb->csum = csum_block_add(skb->csum, csum, skb->len);
1214 }
1215
1216 skb->len += len;
1217 skb->data_len += len;
1218 skb->truesize += len;
1219 atomic_add(len, &sk->sk_wmem_alloc);
1220 offset += len;
1221 size -= len;
1222 }
1223 return 0;
1224
1225 error:
1226 inet->cork.length -= size;
1227 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTDISCARDS);
1228 return err;
1229 }
1230
1231 static void ip_cork_release(struct inet_sock *inet)
1232 {
1233 inet->cork.flags &= ~IPCORK_OPT;
1234 kfree(inet->cork.opt);
1235 inet->cork.opt = NULL;
1236 dst_release(inet->cork.dst);
1237 inet->cork.dst = NULL;
1238 }
1239
1240 /*
1241 * Combined all pending IP fragments on the socket as one IP datagram
1242 * and push them out.
1243 */
1244 int ip_push_pending_frames(struct sock *sk)
1245 {
1246 struct sk_buff *skb, *tmp_skb;
1247 struct sk_buff **tail_skb;
1248 struct inet_sock *inet = inet_sk(sk);
1249 struct net *net = sock_net(sk);
1250 struct ip_options *opt = NULL;
1251 struct rtable *rt = (struct rtable *)inet->cork.dst;
1252 struct iphdr *iph;
1253 __be16 df = 0;
1254 __u8 ttl;
1255 int err = 0;
1256
1257 if ((skb = __skb_dequeue(&sk->sk_write_queue)) == NULL)
1258 goto out;
1259 tail_skb = &(skb_shinfo(skb)->frag_list);
1260
1261 /* move skb->data to ip header from ext header */
1262 if (skb->data < skb_network_header(skb))
1263 __skb_pull(skb, skb_network_offset(skb));
1264 while ((tmp_skb = __skb_dequeue(&sk->sk_write_queue)) != NULL) {
1265 __skb_pull(tmp_skb, skb_network_header_len(skb));
1266 *tail_skb = tmp_skb;
1267 tail_skb = &(tmp_skb->next);
1268 skb->len += tmp_skb->len;
1269 skb->data_len += tmp_skb->len;
1270 skb->truesize += tmp_skb->truesize;
1271 tmp_skb->destructor = NULL;
1272 tmp_skb->sk = NULL;
1273 }
1274
1275 /* Unless user demanded real pmtu discovery (IP_PMTUDISC_DO), we allow
1276 * to fragment the frame generated here. No matter, what transforms
1277 * how transforms change size of the packet, it will come out.
1278 */
1279 if (inet->pmtudisc < IP_PMTUDISC_DO)
1280 skb->local_df = 1;
1281
1282 /* DF bit is set when we want to see DF on outgoing frames.
1283 * If local_df is set too, we still allow to fragment this frame
1284 * locally. */
1285 if (inet->pmtudisc >= IP_PMTUDISC_DO ||
1286 (skb->len <= dst_mtu(&rt->dst) &&
1287 ip_dont_fragment(sk, &rt->dst)))
1288 df = htons(IP_DF);
1289
1290 if (inet->cork.flags & IPCORK_OPT)
1291 opt = inet->cork.opt;
1292
1293 if (rt->rt_type == RTN_MULTICAST)
1294 ttl = inet->mc_ttl;
1295 else
1296 ttl = ip_select_ttl(inet, &rt->dst);
1297
1298 iph = (struct iphdr *)skb->data;
1299 iph->version = 4;
1300 iph->ihl = 5;
1301 if (opt) {
1302 iph->ihl += opt->optlen>>2;
1303 ip_options_build(skb, opt, inet->cork.addr, rt, 0);
1304 }
1305 iph->tos = inet->tos;
1306 iph->frag_off = df;
1307 ip_select_ident(iph, &rt->dst, sk);
1308 iph->ttl = ttl;
1309 iph->protocol = sk->sk_protocol;
1310 iph->saddr = rt->rt_src;
1311 iph->daddr = rt->rt_dst;
1312
1313 skb->priority = sk->sk_priority;
1314 skb->mark = sk->sk_mark;
1315 /*
1316 * Steal rt from cork.dst to avoid a pair of atomic_inc/atomic_dec
1317 * on dst refcount
1318 */
1319 inet->cork.dst = NULL;
1320 skb_dst_set(skb, &rt->dst);
1321
1322 if (iph->protocol == IPPROTO_ICMP)
1323 icmp_out_count(net, ((struct icmphdr *)
1324 skb_transport_header(skb))->type);
1325
1326 /* Netfilter gets whole the not fragmented skb. */
1327 err = ip_local_out(skb);
1328 if (err) {
1329 if (err > 0)
1330 err = net_xmit_errno(err);
1331 if (err)
1332 goto error;
1333 }
1334
1335 out:
1336 ip_cork_release(inet);
1337 return err;
1338
1339 error:
1340 IP_INC_STATS(net, IPSTATS_MIB_OUTDISCARDS);
1341 goto out;
1342 }
1343
1344 /*
1345 * Throw away all pending data on the socket.
1346 */
1347 void ip_flush_pending_frames(struct sock *sk)
1348 {
1349 struct sk_buff *skb;
1350
1351 while ((skb = __skb_dequeue_tail(&sk->sk_write_queue)) != NULL)
1352 kfree_skb(skb);
1353
1354 ip_cork_release(inet_sk(sk));
1355 }
1356
1357
1358 /*
1359 * Fetch data from kernel space and fill in checksum if needed.
1360 */
1361 static int ip_reply_glue_bits(void *dptr, char *to, int offset,
1362 int len, int odd, struct sk_buff *skb)
1363 {
1364 __wsum csum;
1365
1366 csum = csum_partial_copy_nocheck(dptr+offset, to, len, 0);
1367 skb->csum = csum_block_add(skb->csum, csum, odd);
1368 return 0;
1369 }
1370
1371 /*
1372 * Generic function to send a packet as reply to another packet.
1373 * Used to send TCP resets so far. ICMP should use this function too.
1374 *
1375 * Should run single threaded per socket because it uses the sock
1376 * structure to pass arguments.
1377 */
1378 void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *arg,
1379 unsigned int len)
1380 {
1381 struct inet_sock *inet = inet_sk(sk);
1382 struct {
1383 struct ip_options opt;
1384 char data[40];
1385 } replyopts;
1386 struct ipcm_cookie ipc;
1387 __be32 daddr;
1388 struct rtable *rt = skb_rtable(skb);
1389
1390 if (ip_options_echo(&replyopts.opt, skb))
1391 return;
1392
1393 daddr = ipc.addr = rt->rt_src;
1394 ipc.opt = NULL;
1395 ipc.tx_flags = 0;
1396
1397 if (replyopts.opt.optlen) {
1398 ipc.opt = &replyopts.opt;
1399
1400 if (ipc.opt->srr)
1401 daddr = replyopts.opt.faddr;
1402 }
1403
1404 {
1405 struct flowi fl = { .oif = arg->bound_dev_if,
1406 .fl4_dst = daddr,
1407 .fl4_src = rt->rt_spec_dst,
1408 .fl4_tos = RT_TOS(ip_hdr(skb)->tos),
1409 .fl_ip_sport = tcp_hdr(skb)->dest,
1410 .fl_ip_dport = tcp_hdr(skb)->source,
1411 .proto = sk->sk_protocol,
1412 .flags = ip_reply_arg_flowi_flags(arg) };
1413 security_skb_classify_flow(skb, &fl);
1414 if (ip_route_output_key(sock_net(sk), &rt, &fl))
1415 return;
1416 }
1417
1418 /* And let IP do all the hard work.
1419
1420 This chunk is not reenterable, hence spinlock.
1421 Note that it uses the fact, that this function is called
1422 with locally disabled BH and that sk cannot be already spinlocked.
1423 */
1424 bh_lock_sock(sk);
1425 inet->tos = ip_hdr(skb)->tos;
1426 sk->sk_priority = skb->priority;
1427 sk->sk_protocol = ip_hdr(skb)->protocol;
1428 sk->sk_bound_dev_if = arg->bound_dev_if;
1429 ip_append_data(sk, ip_reply_glue_bits, arg->iov->iov_base, len, 0,
1430 &ipc, &rt, MSG_DONTWAIT);
1431 if ((skb = skb_peek(&sk->sk_write_queue)) != NULL) {
1432 if (arg->csumoffset >= 0)
1433 *((__sum16 *)skb_transport_header(skb) +
1434 arg->csumoffset) = csum_fold(csum_add(skb->csum,
1435 arg->csum));
1436 skb->ip_summed = CHECKSUM_NONE;
1437 ip_push_pending_frames(sk);
1438 }
1439
1440 bh_unlock_sock(sk);
1441
1442 ip_rt_put(rt);
1443 }
1444
1445 void __init ip_init(void)
1446 {
1447 ip_rt_init();
1448 inet_initpeers();
1449
1450 #if defined(CONFIG_IP_MULTICAST) && defined(CONFIG_PROC_FS)
1451 igmp_mc_proc_init();
1452 #endif
1453 }
Linus' kernel tree