search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[IPV6] MIP6: Loadable module support for MIPv6.
[linux-2.6/linux-loongson.git] / net / ipv6 / tcp_ipv6.c
blob193d9d60bb7a8fabb0ab3eec481e1a7ce0ff1b86
1 /*
2 * TCP over IPv6
3 * Linux INET6 implementation
4 *
5 * Authors:
6 * Pedro Roque <roque@di.fc.ul.pt>
7 *
8 * $Id: tcp_ipv6.c,v 1.144 2002/02/01 22:01:04 davem Exp $
9 *
10 * Based on:
11 * linux/net/ipv4/tcp.c
12 * linux/net/ipv4/tcp_input.c
13 * linux/net/ipv4/tcp_output.c
14 *
15 * Fixes:
16 * Hideaki YOSHIFUJI : sin6_scope_id support
17 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
18 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
19 * a single port at the same time.
20 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
21 *
22 * This program is free software; you can redistribute it and/or
23 * modify it under the terms of the GNU General Public License
24 * as published by the Free Software Foundation; either version
25 * 2 of the License, or (at your option) any later version.
26 */
27
28 #include <linux/module.h>
29 #include <linux/errno.h>
30 #include <linux/types.h>
31 #include <linux/socket.h>
32 #include <linux/sockios.h>
33 #include <linux/net.h>
34 #include <linux/jiffies.h>
35 #include <linux/in.h>
36 #include <linux/in6.h>
37 #include <linux/netdevice.h>
38 #include <linux/init.h>
39 #include <linux/jhash.h>
40 #include <linux/ipsec.h>
41 #include <linux/times.h>
42
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
46
47 #include <net/tcp.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
51 #include <net/ipv6.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
58 #include <net/xfrm.h>
59 #include <net/addrconf.h>
60 #include <net/snmp.h>
61 #include <net/dsfield.h>
62 #include <net/timewait_sock.h>
63
64 #include <asm/uaccess.h>
65
66 #include <linux/proc_fs.h>
67 #include <linux/seq_file.h>
68
69 #include <linux/crypto.h>
70 #include <linux/scatterlist.h>
71
72 /* Socket used for sending RSTs and ACKs */
73 static struct socket *tcp6_socket;
74
75 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
76 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req);
77 static void tcp_v6_send_check(struct sock *sk, int len,
78 struct sk_buff *skb);
79
80 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
81
82 static struct inet_connection_sock_af_ops ipv6_mapped;
83 static struct inet_connection_sock_af_ops ipv6_specific;
84 #ifdef CONFIG_TCP_MD5SIG
85 static struct tcp_sock_af_ops tcp_sock_ipv6_specific;
86 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
87 #endif
88
89 static int tcp_v6_get_port(struct sock *sk, unsigned short snum)
90 {
91 return inet_csk_get_port(&tcp_hashinfo, sk, snum,
92 inet6_csk_bind_conflict);
93 }
94
95 static void tcp_v6_hash(struct sock *sk)
96 {
97 if (sk->sk_state != TCP_CLOSE) {
98 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
99 tcp_prot.hash(sk);
100 return;
101 }
102 local_bh_disable();
103 __inet6_hash(&tcp_hashinfo, sk);
104 local_bh_enable();
105 }
106 }
107
108 static __inline__ __sum16 tcp_v6_check(struct tcphdr *th, int len,
109 struct in6_addr *saddr,
110 struct in6_addr *daddr,
111 __wsum base)
112 {
113 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
114 }
115
116 static __u32 tcp_v6_init_sequence(struct sk_buff *skb)
117 {
118 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
119 ipv6_hdr(skb)->saddr.s6_addr32,
120 tcp_hdr(skb)->dest,
121 tcp_hdr(skb)->source);
122 }
123
124 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
125 int addr_len)
126 {
127 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
128 struct inet_sock *inet = inet_sk(sk);
129 struct inet_connection_sock *icsk = inet_csk(sk);
130 struct ipv6_pinfo *np = inet6_sk(sk);
131 struct tcp_sock *tp = tcp_sk(sk);
132 struct in6_addr *saddr = NULL, *final_p = NULL, final;
133 struct flowi fl;
134 struct dst_entry *dst;
135 int addr_type;
136 int err;
137
138 if (addr_len < SIN6_LEN_RFC2133)
139 return -EINVAL;
140
141 if (usin->sin6_family != AF_INET6)
142 return(-EAFNOSUPPORT);
143
144 memset(&fl, 0, sizeof(fl));
145
146 if (np->sndflow) {
147 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
148 IP6_ECN_flow_init(fl.fl6_flowlabel);
149 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) {
150 struct ip6_flowlabel *flowlabel;
151 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
152 if (flowlabel == NULL)
153 return -EINVAL;
154 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
155 fl6_sock_release(flowlabel);
156 }
157 }
158
159 /*
160 * connect() to INADDR_ANY means loopback (BSD'ism).
161 */
162
163 if(ipv6_addr_any(&usin->sin6_addr))
164 usin->sin6_addr.s6_addr[15] = 0x1;
165
166 addr_type = ipv6_addr_type(&usin->sin6_addr);
167
168 if(addr_type & IPV6_ADDR_MULTICAST)
169 return -ENETUNREACH;
170
171 if (addr_type&IPV6_ADDR_LINKLOCAL) {
172 if (addr_len >= sizeof(struct sockaddr_in6) &&
173 usin->sin6_scope_id) {
174 /* If interface is set while binding, indices
175 * must coincide.
176 */
177 if (sk->sk_bound_dev_if &&
178 sk->sk_bound_dev_if != usin->sin6_scope_id)
179 return -EINVAL;
180
181 sk->sk_bound_dev_if = usin->sin6_scope_id;
182 }
183
184 /* Connect to link-local address requires an interface */
185 if (!sk->sk_bound_dev_if)
186 return -EINVAL;
187 }
188
189 if (tp->rx_opt.ts_recent_stamp &&
190 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
191 tp->rx_opt.ts_recent = 0;
192 tp->rx_opt.ts_recent_stamp = 0;
193 tp->write_seq = 0;
194 }
195
196 ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
197 np->flow_label = fl.fl6_flowlabel;
198
199 /*
200 * TCP over IPv4
201 */
202
203 if (addr_type == IPV6_ADDR_MAPPED) {
204 u32 exthdrlen = icsk->icsk_ext_hdr_len;
205 struct sockaddr_in sin;
206
207 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
208
209 if (__ipv6_only_sock(sk))
210 return -ENETUNREACH;
211
212 sin.sin_family = AF_INET;
213 sin.sin_port = usin->sin6_port;
214 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
215
216 icsk->icsk_af_ops = &ipv6_mapped;
217 sk->sk_backlog_rcv = tcp_v4_do_rcv;
218 #ifdef CONFIG_TCP_MD5SIG
219 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
220 #endif
221
222 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
223
224 if (err) {
225 icsk->icsk_ext_hdr_len = exthdrlen;
226 icsk->icsk_af_ops = &ipv6_specific;
227 sk->sk_backlog_rcv = tcp_v6_do_rcv;
228 #ifdef CONFIG_TCP_MD5SIG
229 tp->af_specific = &tcp_sock_ipv6_specific;
230 #endif
231 goto failure;
232 } else {
233 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
234 inet->saddr);
235 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
236 inet->rcv_saddr);
237 }
238
239 return err;
240 }
241
242 if (!ipv6_addr_any(&np->rcv_saddr))
243 saddr = &np->rcv_saddr;
244
245 fl.proto = IPPROTO_TCP;
246 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
247 ipv6_addr_copy(&fl.fl6_src,
248 (saddr ? saddr : &np->saddr));
249 fl.oif = sk->sk_bound_dev_if;
250 fl.fl_ip_dport = usin->sin6_port;
251 fl.fl_ip_sport = inet->sport;
252
253 if (np->opt && np->opt->srcrt) {
254 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
255 ipv6_addr_copy(&final, &fl.fl6_dst);
256 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
257 final_p = &final;
258 }
259
260 security_sk_classify_flow(sk, &fl);
261
262 err = ip6_dst_lookup(sk, &dst, &fl);
263 if (err)
264 goto failure;
265 if (final_p)
266 ipv6_addr_copy(&fl.fl6_dst, final_p);
267
268 if ((err = __xfrm_lookup(&dst, &fl, sk, 1)) < 0) {
269 if (err == -EREMOTE)
270 err = ip6_dst_blackhole(sk, &dst, &fl);
271 if (err < 0)
272 goto failure;
273 }
274
275 if (saddr == NULL) {
276 saddr = &fl.fl6_src;
277 ipv6_addr_copy(&np->rcv_saddr, saddr);
278 }
279
280 /* set the source address */
281 ipv6_addr_copy(&np->saddr, saddr);
282 inet->rcv_saddr = LOOPBACK4_IPV6;
283
284 sk->sk_gso_type = SKB_GSO_TCPV6;
285 __ip6_dst_store(sk, dst, NULL, NULL);
286
287 icsk->icsk_ext_hdr_len = 0;
288 if (np->opt)
289 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
290 np->opt->opt_nflen);
291
292 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
293
294 inet->dport = usin->sin6_port;
295
296 tcp_set_state(sk, TCP_SYN_SENT);
297 err = inet6_hash_connect(&tcp_death_row, sk);
298 if (err)
299 goto late_failure;
300
301 if (!tp->write_seq)
302 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
303 np->daddr.s6_addr32,
304 inet->sport,
305 inet->dport);
306
307 err = tcp_connect(sk);
308 if (err)
309 goto late_failure;
310
311 return 0;
312
313 late_failure:
314 tcp_set_state(sk, TCP_CLOSE);
315 __sk_dst_reset(sk);
316 failure:
317 inet->dport = 0;
318 sk->sk_route_caps = 0;
319 return err;
320 }
321
322 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
323 int type, int code, int offset, __be32 info)
324 {
325 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data;
326 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
327 struct ipv6_pinfo *np;
328 struct sock *sk;
329 int err;
330 struct tcp_sock *tp;
331 __u32 seq;
332
333 sk = inet6_lookup(&tcp_hashinfo, &hdr->daddr, th->dest, &hdr->saddr,
334 th->source, skb->dev->ifindex);
335
336 if (sk == NULL) {
337 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
338 return;
339 }
340
341 if (sk->sk_state == TCP_TIME_WAIT) {
342 inet_twsk_put(inet_twsk(sk));
343 return;
344 }
345
346 bh_lock_sock(sk);
347 if (sock_owned_by_user(sk))
348 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
349
350 if (sk->sk_state == TCP_CLOSE)
351 goto out;
352
353 tp = tcp_sk(sk);
354 seq = ntohl(th->seq);
355 if (sk->sk_state != TCP_LISTEN &&
356 !between(seq, tp->snd_una, tp->snd_nxt)) {
357 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
358 goto out;
359 }
360
361 np = inet6_sk(sk);
362
363 if (type == ICMPV6_PKT_TOOBIG) {
364 struct dst_entry *dst = NULL;
365
366 if (sock_owned_by_user(sk))
367 goto out;
368 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
369 goto out;
370
371 /* icmp should have updated the destination cache entry */
372 dst = __sk_dst_check(sk, np->dst_cookie);
373
374 if (dst == NULL) {
375 struct inet_sock *inet = inet_sk(sk);
376 struct flowi fl;
377
378 /* BUGGG_FUTURE: Again, it is not clear how
379 to handle rthdr case. Ignore this complexity
380 for now.
381 */
382 memset(&fl, 0, sizeof(fl));
383 fl.proto = IPPROTO_TCP;
384 ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
385 ipv6_addr_copy(&fl.fl6_src, &np->saddr);
386 fl.oif = sk->sk_bound_dev_if;
387 fl.fl_ip_dport = inet->dport;
388 fl.fl_ip_sport = inet->sport;
389 security_skb_classify_flow(skb, &fl);
390
391 if ((err = ip6_dst_lookup(sk, &dst, &fl))) {
392 sk->sk_err_soft = -err;
393 goto out;
394 }
395
396 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) {
397 sk->sk_err_soft = -err;
398 goto out;
399 }
400
401 } else
402 dst_hold(dst);
403
404 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
405 tcp_sync_mss(sk, dst_mtu(dst));
406 tcp_simple_retransmit(sk);
407 } /* else let the usual retransmit timer handle it */
408 dst_release(dst);
409 goto out;
410 }
411
412 icmpv6_err_convert(type, code, &err);
413
414 /* Might be for an request_sock */
415 switch (sk->sk_state) {
416 struct request_sock *req, **prev;
417 case TCP_LISTEN:
418 if (sock_owned_by_user(sk))
419 goto out;
420
421 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
422 &hdr->saddr, inet6_iif(skb));
423 if (!req)
424 goto out;
425
426 /* ICMPs are not backlogged, hence we cannot get
427 * an established socket here.
428 */
429 BUG_TRAP(req->sk == NULL);
430
431 if (seq != tcp_rsk(req)->snt_isn) {
432 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
433 goto out;
434 }
435
436 inet_csk_reqsk_queue_drop(sk, req, prev);
437 goto out;
438
439 case TCP_SYN_SENT:
440 case TCP_SYN_RECV: /* Cannot happen.
441 It can, it SYNs are crossed. --ANK */
442 if (!sock_owned_by_user(sk)) {
443 sk->sk_err = err;
444 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
445
446 tcp_done(sk);
447 } else
448 sk->sk_err_soft = err;
449 goto out;
450 }
451
452 if (!sock_owned_by_user(sk) && np->recverr) {
453 sk->sk_err = err;
454 sk->sk_error_report(sk);
455 } else
456 sk->sk_err_soft = err;
457
458 out:
459 bh_unlock_sock(sk);
460 sock_put(sk);
461 }
462
463
464 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req,
465 struct dst_entry *dst)
466 {
467 struct inet6_request_sock *treq = inet6_rsk(req);
468 struct ipv6_pinfo *np = inet6_sk(sk);
469 struct sk_buff * skb;
470 struct ipv6_txoptions *opt = NULL;
471 struct in6_addr * final_p = NULL, final;
472 struct flowi fl;
473 int err = -1;
474
475 memset(&fl, 0, sizeof(fl));
476 fl.proto = IPPROTO_TCP;
477 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
478 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
479 fl.fl6_flowlabel = 0;
480 fl.oif = treq->iif;
481 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
482 fl.fl_ip_sport = inet_sk(sk)->sport;
483 security_req_classify_flow(req, &fl);
484
485 if (dst == NULL) {
486 opt = np->opt;
487 if (opt == NULL &&
488 np->rxopt.bits.osrcrt == 2 &&
489 treq->pktopts) {
490 struct sk_buff *pktopts = treq->pktopts;
491 struct inet6_skb_parm *rxopt = IP6CB(pktopts);
492 if (rxopt->srcrt)
493 opt = ipv6_invert_rthdr(sk,
494 (struct ipv6_rt_hdr *)(skb_network_header(pktopts) +
495 rxopt->srcrt));
496 }
497
498 if (opt && opt->srcrt) {
499 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
500 ipv6_addr_copy(&final, &fl.fl6_dst);
501 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
502 final_p = &final;
503 }
504
505 err = ip6_dst_lookup(sk, &dst, &fl);
506 if (err)
507 goto done;
508 if (final_p)
509 ipv6_addr_copy(&fl.fl6_dst, final_p);
510 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0)
511 goto done;
512 }
513
514 skb = tcp_make_synack(sk, dst, req);
515 if (skb) {
516 struct tcphdr *th = tcp_hdr(skb);
517
518 th->check = tcp_v6_check(th, skb->len,
519 &treq->loc_addr, &treq->rmt_addr,
520 csum_partial((char *)th, skb->len, skb->csum));
521
522 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
523 err = ip6_xmit(sk, skb, &fl, opt, 0);
524 err = net_xmit_eval(err);
525 }
526
527 done:
528 if (opt && opt != np->opt)
529 sock_kfree_s(sk, opt, opt->tot_len);
530 dst_release(dst);
531 return err;
532 }
533
534 static void tcp_v6_reqsk_destructor(struct request_sock *req)
535 {
536 if (inet6_rsk(req)->pktopts)
537 kfree_skb(inet6_rsk(req)->pktopts);
538 }
539
540 #ifdef CONFIG_TCP_MD5SIG
541 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
542 struct in6_addr *addr)
543 {
544 struct tcp_sock *tp = tcp_sk(sk);
545 int i;
546
547 BUG_ON(tp == NULL);
548
549 if (!tp->md5sig_info || !tp->md5sig_info->entries6)
550 return NULL;
551
552 for (i = 0; i < tp->md5sig_info->entries6; i++) {
553 if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, addr) == 0)
554 return (struct tcp_md5sig_key *)&tp->md5sig_info->keys6[i];
555 }
556 return NULL;
557 }
558
559 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
560 struct sock *addr_sk)
561 {
562 return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
563 }
564
565 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
566 struct request_sock *req)
567 {
568 return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
569 }
570
571 static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer,
572 char *newkey, u8 newkeylen)
573 {
574 /* Add key to the list */
575 struct tcp6_md5sig_key *key;
576 struct tcp_sock *tp = tcp_sk(sk);
577 struct tcp6_md5sig_key *keys;
578
579 key = (struct tcp6_md5sig_key*) tcp_v6_md5_do_lookup(sk, peer);
580 if (key) {
581 /* modify existing entry - just update that one */
582 kfree(key->key);
583 key->key = newkey;
584 key->keylen = newkeylen;
585 } else {
586 /* reallocate new list if current one is full. */
587 if (!tp->md5sig_info) {
588 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info), GFP_ATOMIC);
589 if (!tp->md5sig_info) {
590 kfree(newkey);
591 return -ENOMEM;
592 }
593 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
594 }
595 tcp_alloc_md5sig_pool();
596 if (tp->md5sig_info->alloced6 == tp->md5sig_info->entries6) {
597 keys = kmalloc((sizeof (tp->md5sig_info->keys6[0]) *
598 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
599
600 if (!keys) {
601 tcp_free_md5sig_pool();
602 kfree(newkey);
603 return -ENOMEM;
604 }
605
606 if (tp->md5sig_info->entries6)
607 memmove(keys, tp->md5sig_info->keys6,
608 (sizeof (tp->md5sig_info->keys6[0]) *
609 tp->md5sig_info->entries6));
610
611 kfree(tp->md5sig_info->keys6);
612 tp->md5sig_info->keys6 = keys;
613 tp->md5sig_info->alloced6++;
614 }
615
616 ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
617 peer);
618 tp->md5sig_info->keys6[tp->md5sig_info->entries6].key = newkey;
619 tp->md5sig_info->keys6[tp->md5sig_info->entries6].keylen = newkeylen;
620
621 tp->md5sig_info->entries6++;
622 }
623 return 0;
624 }
625
626 static int tcp_v6_md5_add_func(struct sock *sk, struct sock *addr_sk,
627 u8 *newkey, __u8 newkeylen)
628 {
629 return tcp_v6_md5_do_add(sk, &inet6_sk(addr_sk)->daddr,
630 newkey, newkeylen);
631 }
632
633 static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer)
634 {
635 struct tcp_sock *tp = tcp_sk(sk);
636 int i;
637
638 for (i = 0; i < tp->md5sig_info->entries6; i++) {
639 if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, peer) == 0) {
640 /* Free the key */
641 kfree(tp->md5sig_info->keys6[i].key);
642 tp->md5sig_info->entries6--;
643
644 if (tp->md5sig_info->entries6 == 0) {
645 kfree(tp->md5sig_info->keys6);
646 tp->md5sig_info->keys6 = NULL;
647
648 tcp_free_md5sig_pool();
649
650 return 0;
651 } else {
652 /* shrink the database */
653 if (tp->md5sig_info->entries6 != i)
654 memmove(&tp->md5sig_info->keys6[i],
655 &tp->md5sig_info->keys6[i+1],
656 (tp->md5sig_info->entries6 - i)
657 * sizeof (tp->md5sig_info->keys6[0]));
658 }
659 }
660 }
661 return -ENOENT;
662 }
663
664 static void tcp_v6_clear_md5_list (struct sock *sk)
665 {
666 struct tcp_sock *tp = tcp_sk(sk);
667 int i;
668
669 if (tp->md5sig_info->entries6) {
670 for (i = 0; i < tp->md5sig_info->entries6; i++)
671 kfree(tp->md5sig_info->keys6[i].key);
672 tp->md5sig_info->entries6 = 0;
673 tcp_free_md5sig_pool();
674 }
675
676 kfree(tp->md5sig_info->keys6);
677 tp->md5sig_info->keys6 = NULL;
678 tp->md5sig_info->alloced6 = 0;
679
680 if (tp->md5sig_info->entries4) {
681 for (i = 0; i < tp->md5sig_info->entries4; i++)
682 kfree(tp->md5sig_info->keys4[i].key);
683 tp->md5sig_info->entries4 = 0;
684 tcp_free_md5sig_pool();
685 }
686
687 kfree(tp->md5sig_info->keys4);
688 tp->md5sig_info->keys4 = NULL;
689 tp->md5sig_info->alloced4 = 0;
690 }
691
692 static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
693 int optlen)
694 {
695 struct tcp_md5sig cmd;
696 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
697 u8 *newkey;
698
699 if (optlen < sizeof(cmd))
700 return -EINVAL;
701
702 if (copy_from_user(&cmd, optval, sizeof(cmd)))
703 return -EFAULT;
704
705 if (sin6->sin6_family != AF_INET6)
706 return -EINVAL;
707
708 if (!cmd.tcpm_keylen) {
709 if (!tcp_sk(sk)->md5sig_info)
710 return -ENOENT;
711 if (ipv6_addr_type(&sin6->sin6_addr) & IPV6_ADDR_MAPPED)
712 return tcp_v4_md5_do_del(sk, sin6->sin6_addr.s6_addr32[3]);
713 return tcp_v6_md5_do_del(sk, &sin6->sin6_addr);
714 }
715
716 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
717 return -EINVAL;
718
719 if (!tcp_sk(sk)->md5sig_info) {
720 struct tcp_sock *tp = tcp_sk(sk);
721 struct tcp_md5sig_info *p;
722
723 p = kzalloc(sizeof(struct tcp_md5sig_info), GFP_KERNEL);
724 if (!p)
725 return -ENOMEM;
726
727 tp->md5sig_info = p;
728 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
729 }
730
731 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
732 if (!newkey)
733 return -ENOMEM;
734 if (ipv6_addr_type(&sin6->sin6_addr) & IPV6_ADDR_MAPPED) {
735 return tcp_v4_md5_do_add(sk, sin6->sin6_addr.s6_addr32[3],
736 newkey, cmd.tcpm_keylen);
737 }
738 return tcp_v6_md5_do_add(sk, &sin6->sin6_addr, newkey, cmd.tcpm_keylen);
739 }
740
741 static int tcp_v6_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
742 struct in6_addr *saddr,
743 struct in6_addr *daddr,
744 struct tcphdr *th, int protocol,
745 int tcplen)
746 {
747 struct scatterlist sg[4];
748 __u16 data_len;
749 int block = 0;
750 __sum16 cksum;
751 struct tcp_md5sig_pool *hp;
752 struct tcp6_pseudohdr *bp;
753 struct hash_desc *desc;
754 int err;
755 unsigned int nbytes = 0;
756
757 hp = tcp_get_md5sig_pool();
758 if (!hp) {
759 printk(KERN_WARNING "%s(): hash pool not found...\n", __FUNCTION__);
760 goto clear_hash_noput;
761 }
762 bp = &hp->md5_blk.ip6;
763 desc = &hp->md5_desc;
764
765 /* 1. TCP pseudo-header (RFC2460) */
766 ipv6_addr_copy(&bp->saddr, saddr);
767 ipv6_addr_copy(&bp->daddr, daddr);
768 bp->len = htonl(tcplen);
769 bp->protocol = htonl(protocol);
770
771 sg_set_buf(&sg[block++], bp, sizeof(*bp));
772 nbytes += sizeof(*bp);
773
774 /* 2. TCP header, excluding options */
775 cksum = th->check;
776 th->check = 0;
777 sg_set_buf(&sg[block++], th, sizeof(*th));
778 nbytes += sizeof(*th);
779
780 /* 3. TCP segment data (if any) */
781 data_len = tcplen - (th->doff << 2);
782 if (data_len > 0) {
783 u8 *data = (u8 *)th + (th->doff << 2);
784 sg_set_buf(&sg[block++], data, data_len);
785 nbytes += data_len;
786 }
787
788 /* 4. shared key */
789 sg_set_buf(&sg[block++], key->key, key->keylen);
790 nbytes += key->keylen;
791
792 /* Now store the hash into the packet */
793 err = crypto_hash_init(desc);
794 if (err) {
795 printk(KERN_WARNING "%s(): hash_init failed\n", __FUNCTION__);
796 goto clear_hash;
797 }
798 err = crypto_hash_update(desc, sg, nbytes);
799 if (err) {
800 printk(KERN_WARNING "%s(): hash_update failed\n", __FUNCTION__);
801 goto clear_hash;
802 }
803 err = crypto_hash_final(desc, md5_hash);
804 if (err) {
805 printk(KERN_WARNING "%s(): hash_final failed\n", __FUNCTION__);
806 goto clear_hash;
807 }
808
809 /* Reset header, and free up the crypto */
810 tcp_put_md5sig_pool();
811 th->check = cksum;
812 out:
813 return 0;
814 clear_hash:
815 tcp_put_md5sig_pool();
816 clear_hash_noput:
817 memset(md5_hash, 0, 16);
818 goto out;
819 }
820
821 static int tcp_v6_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
822 struct sock *sk,
823 struct dst_entry *dst,
824 struct request_sock *req,
825 struct tcphdr *th, int protocol,
826 int tcplen)
827 {
828 struct in6_addr *saddr, *daddr;
829
830 if (sk) {
831 saddr = &inet6_sk(sk)->saddr;
832 daddr = &inet6_sk(sk)->daddr;
833 } else {
834 saddr = &inet6_rsk(req)->loc_addr;
835 daddr = &inet6_rsk(req)->rmt_addr;
836 }
837 return tcp_v6_do_calc_md5_hash(md5_hash, key,
838 saddr, daddr,
839 th, protocol, tcplen);
840 }
841
842 static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
843 {
844 __u8 *hash_location = NULL;
845 struct tcp_md5sig_key *hash_expected;
846 struct ipv6hdr *ip6h = ipv6_hdr(skb);
847 struct tcphdr *th = tcp_hdr(skb);
848 int length = (th->doff << 2) - sizeof (*th);
849 int genhash;
850 u8 *ptr;
851 u8 newhash[16];
852
853 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
854
855 /* If the TCP option is too short, we can short cut */
856 if (length < TCPOLEN_MD5SIG)
857 return hash_expected ? 1 : 0;
858
859 /* parse options */
860 ptr = (u8*)(th + 1);
861 while (length > 0) {
862 int opcode = *ptr++;
863 int opsize;
864
865 switch(opcode) {
866 case TCPOPT_EOL:
867 goto done_opts;
868 case TCPOPT_NOP:
869 length--;
870 continue;
871 default:
872 opsize = *ptr++;
873 if (opsize < 2 || opsize > length)
874 goto done_opts;
875 if (opcode == TCPOPT_MD5SIG) {
876 hash_location = ptr;
877 goto done_opts;
878 }
879 }
880 ptr += opsize - 2;
881 length -= opsize;
882 }
883
884 done_opts:
885 /* do we have a hash as expected? */
886 if (!hash_expected) {
887 if (!hash_location)
888 return 0;
889 if (net_ratelimit()) {
890 printk(KERN_INFO "MD5 Hash NOT expected but found "
891 "(" NIP6_FMT ", %u)->"
892 "(" NIP6_FMT ", %u)\n",
893 NIP6(ip6h->saddr), ntohs(th->source),
894 NIP6(ip6h->daddr), ntohs(th->dest));
895 }
896 return 1;
897 }
898
899 if (!hash_location) {
900 if (net_ratelimit()) {
901 printk(KERN_INFO "MD5 Hash expected but NOT found "
902 "(" NIP6_FMT ", %u)->"
903 "(" NIP6_FMT ", %u)\n",
904 NIP6(ip6h->saddr), ntohs(th->source),
905 NIP6(ip6h->daddr), ntohs(th->dest));
906 }
907 return 1;
908 }
909
910 /* check the signature */
911 genhash = tcp_v6_do_calc_md5_hash(newhash,
912 hash_expected,
913 &ip6h->saddr, &ip6h->daddr,
914 th, sk->sk_protocol,
915 skb->len);
916 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
917 if (net_ratelimit()) {
918 printk(KERN_INFO "MD5 Hash %s for "
919 "(" NIP6_FMT ", %u)->"
920 "(" NIP6_FMT ", %u)\n",
921 genhash ? "failed" : "mismatch",
922 NIP6(ip6h->saddr), ntohs(th->source),
923 NIP6(ip6h->daddr), ntohs(th->dest));
924 }
925 return 1;
926 }
927 return 0;
928 }
929 #endif
930
931 static struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
932 .family = AF_INET6,
933 .obj_size = sizeof(struct tcp6_request_sock),
934 .rtx_syn_ack = tcp_v6_send_synack,
935 .send_ack = tcp_v6_reqsk_send_ack,
936 .destructor = tcp_v6_reqsk_destructor,
937 .send_reset = tcp_v6_send_reset
938 };
939
940 #ifdef CONFIG_TCP_MD5SIG
941 static struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
942 .md5_lookup = tcp_v6_reqsk_md5_lookup,
943 };
944 #endif
945
946 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
947 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
948 .twsk_unique = tcp_twsk_unique,
949 .twsk_destructor= tcp_twsk_destructor,
950 };
951
952 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb)
953 {
954 struct ipv6_pinfo *np = inet6_sk(sk);
955 struct tcphdr *th = tcp_hdr(skb);
956
957 if (skb->ip_summed == CHECKSUM_PARTIAL) {
958 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
959 skb->csum_start = skb_transport_header(skb) - skb->head;
960 skb->csum_offset = offsetof(struct tcphdr, check);
961 } else {
962 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
963 csum_partial((char *)th, th->doff<<2,
964 skb->csum));
965 }
966 }
967
968 static int tcp_v6_gso_send_check(struct sk_buff *skb)
969 {
970 struct ipv6hdr *ipv6h;
971 struct tcphdr *th;
972
973 if (!pskb_may_pull(skb, sizeof(*th)))
974 return -EINVAL;
975
976 ipv6h = ipv6_hdr(skb);
977 th = tcp_hdr(skb);
978
979 th->check = 0;
980 th->check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr, skb->len,
981 IPPROTO_TCP, 0);
982 skb->csum_start = skb_transport_header(skb) - skb->head;
983 skb->csum_offset = offsetof(struct tcphdr, check);
984 skb->ip_summed = CHECKSUM_PARTIAL;
985 return 0;
986 }
987
988 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
989 {
990 struct tcphdr *th = tcp_hdr(skb), *t1;
991 struct sk_buff *buff;
992 struct flowi fl;
993 int tot_len = sizeof(*th);
994 #ifdef CONFIG_TCP_MD5SIG
995 struct tcp_md5sig_key *key;
996 #endif
997
998 if (th->rst)
999 return;
1000
1001 if (!ipv6_unicast_destination(skb))
1002 return;
1003
1004 #ifdef CONFIG_TCP_MD5SIG
1005 if (sk)
1006 key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr);
1007 else
1008 key = NULL;
1009
1010 if (key)
1011 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1012 #endif
1013
1014 /*
1015 * We need to grab some memory, and put together an RST,
1016 * and then put it into the queue to be sent.
1017 */
1018
1019 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1020 GFP_ATOMIC);
1021 if (buff == NULL)
1022 return;
1023
1024 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1025
1026 t1 = (struct tcphdr *) skb_push(buff, tot_len);
1027
1028 /* Swap the send and the receive. */
1029 memset(t1, 0, sizeof(*t1));
1030 t1->dest = th->source;
1031 t1->source = th->dest;
1032 t1->doff = tot_len / 4;
1033 t1->rst = 1;
1034
1035 if(th->ack) {
1036 t1->seq = th->ack_seq;
1037 } else {
1038 t1->ack = 1;
1039 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin
1040 + skb->len - (th->doff<<2));
1041 }
1042
1043 #ifdef CONFIG_TCP_MD5SIG
1044 if (key) {
1045 __be32 *opt = (__be32*)(t1 + 1);
1046 opt[0] = htonl((TCPOPT_NOP << 24) |
1047 (TCPOPT_NOP << 16) |
1048 (TCPOPT_MD5SIG << 8) |
1049 TCPOLEN_MD5SIG);
1050 tcp_v6_do_calc_md5_hash((__u8 *)&opt[1], key,
1051 &ipv6_hdr(skb)->daddr,
1052 &ipv6_hdr(skb)->saddr,
1053 t1, IPPROTO_TCP, tot_len);
1054 }
1055 #endif
1056
1057 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0);
1058
1059 memset(&fl, 0, sizeof(fl));
1060 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1061 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1062
1063 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1064 sizeof(*t1), IPPROTO_TCP,
1065 buff->csum);
1066
1067 fl.proto = IPPROTO_TCP;
1068 fl.oif = inet6_iif(skb);
1069 fl.fl_ip_dport = t1->dest;
1070 fl.fl_ip_sport = t1->source;
1071 security_skb_classify_flow(skb, &fl);
1072
1073 /* sk = NULL, but it is safe for now. RST socket required. */
1074 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
1075
1076 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1077 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
1078 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1079 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
1080 return;
1081 }
1082 }
1083
1084 kfree_skb(buff);
1085 }
1086
1087 static void tcp_v6_send_ack(struct tcp_timewait_sock *tw,
1088 struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts)
1089 {
1090 struct tcphdr *th = tcp_hdr(skb), *t1;
1091 struct sk_buff *buff;
1092 struct flowi fl;
1093 int tot_len = sizeof(struct tcphdr);
1094 __be32 *topt;
1095 #ifdef CONFIG_TCP_MD5SIG
1096 struct tcp_md5sig_key *key;
1097 struct tcp_md5sig_key tw_key;
1098 #endif
1099
1100 #ifdef CONFIG_TCP_MD5SIG
1101 if (!tw && skb->sk) {
1102 key = tcp_v6_md5_do_lookup(skb->sk, &ipv6_hdr(skb)->daddr);
1103 } else if (tw && tw->tw_md5_keylen) {
1104 tw_key.key = tw->tw_md5_key;
1105 tw_key.keylen = tw->tw_md5_keylen;
1106 key = &tw_key;
1107 } else {
1108 key = NULL;
1109 }
1110 #endif
1111
1112 if (ts)
1113 tot_len += TCPOLEN_TSTAMP_ALIGNED;
1114 #ifdef CONFIG_TCP_MD5SIG
1115 if (key)
1116 tot_len += TCPOLEN_MD5SIG_ALIGNED;
1117 #endif
1118
1119 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1120 GFP_ATOMIC);
1121 if (buff == NULL)
1122 return;
1123
1124 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1125
1126 t1 = (struct tcphdr *) skb_push(buff,tot_len);
1127
1128 /* Swap the send and the receive. */
1129 memset(t1, 0, sizeof(*t1));
1130 t1->dest = th->source;
1131 t1->source = th->dest;
1132 t1->doff = tot_len/4;
1133 t1->seq = htonl(seq);
1134 t1->ack_seq = htonl(ack);
1135 t1->ack = 1;
1136 t1->window = htons(win);
1137
1138 topt = (__be32 *)(t1 + 1);
1139
1140 if (ts) {
1141 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1142 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
1143 *topt++ = htonl(tcp_time_stamp);
1144 *topt = htonl(ts);
1145 }
1146
1147 #ifdef CONFIG_TCP_MD5SIG
1148 if (key) {
1149 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
1150 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
1151 tcp_v6_do_calc_md5_hash((__u8 *)topt, key,
1152 &ipv6_hdr(skb)->daddr,
1153 &ipv6_hdr(skb)->saddr,
1154 t1, IPPROTO_TCP, tot_len);
1155 }
1156 #endif
1157
1158 buff->csum = csum_partial((char *)t1, tot_len, 0);
1159
1160 memset(&fl, 0, sizeof(fl));
1161 ipv6_addr_copy(&fl.fl6_dst, &ipv6_hdr(skb)->saddr);
1162 ipv6_addr_copy(&fl.fl6_src, &ipv6_hdr(skb)->daddr);
1163
1164 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst,
1165 tot_len, IPPROTO_TCP,
1166 buff->csum);
1167
1168 fl.proto = IPPROTO_TCP;
1169 fl.oif = inet6_iif(skb);
1170 fl.fl_ip_dport = t1->dest;
1171 fl.fl_ip_sport = t1->source;
1172 security_skb_classify_flow(skb, &fl);
1173
1174 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) {
1175 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) {
1176 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0);
1177 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
1178 return;
1179 }
1180 }
1181
1182 kfree_skb(buff);
1183 }
1184
1185 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1186 {
1187 struct inet_timewait_sock *tw = inet_twsk(sk);
1188 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1189
1190 tcp_v6_send_ack(tcptw, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1191 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1192 tcptw->tw_ts_recent);
1193
1194 inet_twsk_put(tw);
1195 }
1196
1197 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req)
1198 {
1199 tcp_v6_send_ack(NULL, skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent);
1200 }
1201
1202
1203 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
1204 {
1205 struct request_sock *req, **prev;
1206 const struct tcphdr *th = tcp_hdr(skb);
1207 struct sock *nsk;
1208
1209 /* Find possible connection requests. */
1210 req = inet6_csk_search_req(sk, &prev, th->source,
1211 &ipv6_hdr(skb)->saddr,
1212 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1213 if (req)
1214 return tcp_check_req(sk, skb, req, prev);
1215
1216 nsk = __inet6_lookup_established(&tcp_hashinfo, &ipv6_hdr(skb)->saddr,
1217 th->source, &ipv6_hdr(skb)->daddr,
1218 ntohs(th->dest), inet6_iif(skb));
1219
1220 if (nsk) {
1221 if (nsk->sk_state != TCP_TIME_WAIT) {
1222 bh_lock_sock(nsk);
1223 return nsk;
1224 }
1225 inet_twsk_put(inet_twsk(nsk));
1226 return NULL;
1227 }
1228
1229 #if 0 /*def CONFIG_SYN_COOKIES*/
1230 if (!th->rst && !th->syn && th->ack)
1231 sk = cookie_v6_check(sk, skb, &(IPCB(skb)->opt));
1232 #endif
1233 return sk;
1234 }
1235
1236 /* FIXME: this is substantially similar to the ipv4 code.
1237 * Can some kind of merge be done? -- erics
1238 */
1239 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1240 {
1241 struct inet6_request_sock *treq;
1242 struct ipv6_pinfo *np = inet6_sk(sk);
1243 struct tcp_options_received tmp_opt;
1244 struct tcp_sock *tp = tcp_sk(sk);
1245 struct request_sock *req = NULL;
1246 __u32 isn = TCP_SKB_CB(skb)->when;
1247
1248 if (skb->protocol == htons(ETH_P_IP))
1249 return tcp_v4_conn_request(sk, skb);
1250
1251 if (!ipv6_unicast_destination(skb))
1252 goto drop;
1253
1254 /*
1255 * There are no SYN attacks on IPv6, yet...
1256 */
1257 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1258 if (net_ratelimit())
1259 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n");
1260 goto drop;
1261 }
1262
1263 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1264 goto drop;
1265
1266 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1267 if (req == NULL)
1268 goto drop;
1269
1270 #ifdef CONFIG_TCP_MD5SIG
1271 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1272 #endif
1273
1274 tcp_clear_options(&tmp_opt);
1275 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1276 tmp_opt.user_mss = tp->rx_opt.user_mss;
1277
1278 tcp_parse_options(skb, &tmp_opt, 0);
1279
1280 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1281 tcp_openreq_init(req, &tmp_opt, skb);
1282
1283 treq = inet6_rsk(req);
1284 ipv6_addr_copy(&treq->rmt_addr, &ipv6_hdr(skb)->saddr);
1285 ipv6_addr_copy(&treq->loc_addr, &ipv6_hdr(skb)->daddr);
1286 TCP_ECN_create_request(req, tcp_hdr(skb));
1287 treq->pktopts = NULL;
1288 if (ipv6_opt_accepted(sk, skb) ||
1289 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1290 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1291 atomic_inc(&skb->users);
1292 treq->pktopts = skb;
1293 }
1294 treq->iif = sk->sk_bound_dev_if;
1295
1296 /* So that link locals have meaning */
1297 if (!sk->sk_bound_dev_if &&
1298 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1299 treq->iif = inet6_iif(skb);
1300
1301 if (isn == 0)
1302 isn = tcp_v6_init_sequence(skb);
1303
1304 tcp_rsk(req)->snt_isn = isn;
1305
1306 security_inet_conn_request(sk, skb, req);
1307
1308 if (tcp_v6_send_synack(sk, req, NULL))
1309 goto drop;
1310
1311 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1312 return 0;
1313
1314 drop:
1315 if (req)
1316 reqsk_free(req);
1317
1318 return 0; /* don't send reset */
1319 }
1320
1321 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1322 struct request_sock *req,
1323 struct dst_entry *dst)
1324 {
1325 struct inet6_request_sock *treq = inet6_rsk(req);
1326 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1327 struct tcp6_sock *newtcp6sk;
1328 struct inet_sock *newinet;
1329 struct tcp_sock *newtp;
1330 struct sock *newsk;
1331 struct ipv6_txoptions *opt;
1332 #ifdef CONFIG_TCP_MD5SIG
1333 struct tcp_md5sig_key *key;
1334 #endif
1335
1336 if (skb->protocol == htons(ETH_P_IP)) {
1337 /*
1338 * v6 mapped
1339 */
1340
1341 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1342
1343 if (newsk == NULL)
1344 return NULL;
1345
1346 newtcp6sk = (struct tcp6_sock *)newsk;
1347 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1348
1349 newinet = inet_sk(newsk);
1350 newnp = inet6_sk(newsk);
1351 newtp = tcp_sk(newsk);
1352
1353 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1354
1355 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
1356 newinet->daddr);
1357
1358 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
1359 newinet->saddr);
1360
1361 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
1362
1363 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1364 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1365 #ifdef CONFIG_TCP_MD5SIG
1366 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1367 #endif
1368
1369 newnp->pktoptions = NULL;
1370 newnp->opt = NULL;
1371 newnp->mcast_oif = inet6_iif(skb);
1372 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1373
1374 /*
1375 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1376 * here, tcp_create_openreq_child now does this for us, see the comment in
1377 * that function for the gory details. -acme
1378 */
1379
1380 /* It is tricky place. Until this moment IPv4 tcp
1381 worked with IPv6 icsk.icsk_af_ops.
1382 Sync it now.
1383 */
1384 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1385
1386 return newsk;
1387 }
1388
1389 opt = np->opt;
1390
1391 if (sk_acceptq_is_full(sk))
1392 goto out_overflow;
1393
1394 if (np->rxopt.bits.osrcrt == 2 &&
1395 opt == NULL && treq->pktopts) {
1396 struct inet6_skb_parm *rxopt = IP6CB(treq->pktopts);
1397 if (rxopt->srcrt)
1398 opt = ipv6_invert_rthdr(sk,
1399 (struct ipv6_rt_hdr *)(skb_network_header(treq->pktopts) +
1400 rxopt->srcrt));
1401 }
1402
1403 if (dst == NULL) {
1404 struct in6_addr *final_p = NULL, final;
1405 struct flowi fl;
1406
1407 memset(&fl, 0, sizeof(fl));
1408 fl.proto = IPPROTO_TCP;
1409 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr);
1410 if (opt && opt->srcrt) {
1411 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt;
1412 ipv6_addr_copy(&final, &fl.fl6_dst);
1413 ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
1414 final_p = &final;
1415 }
1416 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr);
1417 fl.oif = sk->sk_bound_dev_if;
1418 fl.fl_ip_dport = inet_rsk(req)->rmt_port;
1419 fl.fl_ip_sport = inet_sk(sk)->sport;
1420 security_req_classify_flow(req, &fl);
1421
1422 if (ip6_dst_lookup(sk, &dst, &fl))
1423 goto out;
1424
1425 if (final_p)
1426 ipv6_addr_copy(&fl.fl6_dst, final_p);
1427
1428 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
1429 goto out;
1430 }
1431
1432 newsk = tcp_create_openreq_child(sk, req, skb);
1433 if (newsk == NULL)
1434 goto out;
1435
1436 /*
1437 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1438 * count here, tcp_create_openreq_child now does this for us, see the
1439 * comment in that function for the gory details. -acme
1440 */
1441
1442 newsk->sk_gso_type = SKB_GSO_TCPV6;
1443 __ip6_dst_store(newsk, dst, NULL, NULL);
1444
1445 newtcp6sk = (struct tcp6_sock *)newsk;
1446 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1447
1448 newtp = tcp_sk(newsk);
1449 newinet = inet_sk(newsk);
1450 newnp = inet6_sk(newsk);
1451
1452 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1453
1454 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr);
1455 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr);
1456 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr);
1457 newsk->sk_bound_dev_if = treq->iif;
1458
1459 /* Now IPv6 options...
1460
1461 First: no IPv4 options.
1462 */
1463 newinet->opt = NULL;
1464 newnp->ipv6_fl_list = NULL;
1465
1466 /* Clone RX bits */
1467 newnp->rxopt.all = np->rxopt.all;
1468
1469 /* Clone pktoptions received with SYN */
1470 newnp->pktoptions = NULL;
1471 if (treq->pktopts != NULL) {
1472 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC);
1473 kfree_skb(treq->pktopts);
1474 treq->pktopts = NULL;
1475 if (newnp->pktoptions)
1476 skb_set_owner_r(newnp->pktoptions, newsk);
1477 }
1478 newnp->opt = NULL;
1479 newnp->mcast_oif = inet6_iif(skb);
1480 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1481
1482 /* Clone native IPv6 options from listening socket (if any)
1483
1484 Yes, keeping reference count would be much more clever,
1485 but we make one more one thing there: reattach optmem
1486 to newsk.
1487 */
1488 if (opt) {
1489 newnp->opt = ipv6_dup_options(newsk, opt);
1490 if (opt != np->opt)
1491 sock_kfree_s(sk, opt, opt->tot_len);
1492 }
1493
1494 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1495 if (newnp->opt)
1496 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1497 newnp->opt->opt_flen);
1498
1499 tcp_mtup_init(newsk);
1500 tcp_sync_mss(newsk, dst_mtu(dst));
1501 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1502 tcp_initialize_rcv_mss(newsk);
1503
1504 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
1505
1506 #ifdef CONFIG_TCP_MD5SIG
1507 /* Copy over the MD5 key from the original socket */
1508 if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1509 /* We're using one, so create a matching key
1510 * on the newsk structure. If we fail to get
1511 * memory, then we end up not copying the key
1512 * across. Shucks.
1513 */
1514 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1515 if (newkey != NULL)
1516 tcp_v6_md5_do_add(newsk, &inet6_sk(sk)->daddr,
1517 newkey, key->keylen);
1518 }
1519 #endif
1520
1521 __inet6_hash(&tcp_hashinfo, newsk);
1522 inet_inherit_port(&tcp_hashinfo, sk, newsk);
1523
1524 return newsk;
1525
1526 out_overflow:
1527 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
1528 out:
1529 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
1530 if (opt && opt != np->opt)
1531 sock_kfree_s(sk, opt, opt->tot_len);
1532 dst_release(dst);
1533 return NULL;
1534 }
1535
1536 static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1537 {
1538 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1539 if (!tcp_v6_check(tcp_hdr(skb), skb->len, &ipv6_hdr(skb)->saddr,
1540 &ipv6_hdr(skb)->daddr, skb->csum)) {
1541 skb->ip_summed = CHECKSUM_UNNECESSARY;
1542 return 0;
1543 }
1544 }
1545
1546 skb->csum = ~csum_unfold(tcp_v6_check(tcp_hdr(skb), skb->len,
1547 &ipv6_hdr(skb)->saddr,
1548 &ipv6_hdr(skb)->daddr, 0));
1549
1550 if (skb->len <= 76) {
1551 return __skb_checksum_complete(skb);
1552 }
1553 return 0;
1554 }
1555
1556 /* The socket must have it's spinlock held when we get
1557 * here.
1558 *
1559 * We have a potential double-lock case here, so even when
1560 * doing backlog processing we use the BH locking scheme.
1561 * This is because we cannot sleep with the original spinlock
1562 * held.
1563 */
1564 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1565 {
1566 struct ipv6_pinfo *np = inet6_sk(sk);
1567 struct tcp_sock *tp;
1568 struct sk_buff *opt_skb = NULL;
1569
1570 /* Imagine: socket is IPv6. IPv4 packet arrives,
1571 goes to IPv4 receive handler and backlogged.
1572 From backlog it always goes here. Kerboom...
1573 Fortunately, tcp_rcv_established and rcv_established
1574 handle them correctly, but it is not case with
1575 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1576 */
1577
1578 if (skb->protocol == htons(ETH_P_IP))
1579 return tcp_v4_do_rcv(sk, skb);
1580
1581 #ifdef CONFIG_TCP_MD5SIG
1582 if (tcp_v6_inbound_md5_hash (sk, skb))
1583 goto discard;
1584 #endif
1585
1586 if (sk_filter(sk, skb))
1587 goto discard;
1588
1589 /*
1590 * socket locking is here for SMP purposes as backlog rcv
1591 * is currently called with bh processing disabled.
1592 */
1593
1594 /* Do Stevens' IPV6_PKTOPTIONS.
1595
1596 Yes, guys, it is the only place in our code, where we
1597 may make it not affecting IPv4.
1598 The rest of code is protocol independent,
1599 and I do not like idea to uglify IPv4.
1600
1601 Actually, all the idea behind IPV6_PKTOPTIONS
1602 looks not very well thought. For now we latch
1603 options, received in the last packet, enqueued
1604 by tcp. Feel free to propose better solution.
1605 --ANK (980728)
1606 */
1607 if (np->rxopt.all)
1608 opt_skb = skb_clone(skb, GFP_ATOMIC);
1609
1610 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1611 TCP_CHECK_TIMER(sk);
1612 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1613 goto reset;
1614 TCP_CHECK_TIMER(sk);
1615 if (opt_skb)
1616 goto ipv6_pktoptions;
1617 return 0;
1618 }
1619
1620 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1621 goto csum_err;
1622
1623 if (sk->sk_state == TCP_LISTEN) {
1624 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1625 if (!nsk)
1626 goto discard;
1627
1628 /*
1629 * Queue it on the new socket if the new socket is active,
1630 * otherwise we just shortcircuit this and continue with
1631 * the new socket..
1632 */
1633 if(nsk != sk) {
1634 if (tcp_child_process(sk, nsk, skb))
1635 goto reset;
1636 if (opt_skb)
1637 __kfree_skb(opt_skb);
1638 return 0;
1639 }
1640 }
1641
1642 TCP_CHECK_TIMER(sk);
1643 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1644 goto reset;
1645 TCP_CHECK_TIMER(sk);
1646 if (opt_skb)
1647 goto ipv6_pktoptions;
1648 return 0;
1649
1650 reset:
1651 tcp_v6_send_reset(sk, skb);
1652 discard:
1653 if (opt_skb)
1654 __kfree_skb(opt_skb);
1655 kfree_skb(skb);
1656 return 0;
1657 csum_err:
1658 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1659 goto discard;
1660
1661
1662 ipv6_pktoptions:
1663 /* Do you ask, what is it?
1664
1665 1. skb was enqueued by tcp.
1666 2. skb is added to tail of read queue, rather than out of order.
1667 3. socket is not in passive state.
1668 4. Finally, it really contains options, which user wants to receive.
1669 */
1670 tp = tcp_sk(sk);
1671 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1672 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1673 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1674 np->mcast_oif = inet6_iif(opt_skb);
1675 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1676 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1677 if (ipv6_opt_accepted(sk, opt_skb)) {
1678 skb_set_owner_r(opt_skb, sk);
1679 opt_skb = xchg(&np->pktoptions, opt_skb);
1680 } else {
1681 __kfree_skb(opt_skb);
1682 opt_skb = xchg(&np->pktoptions, NULL);
1683 }
1684 }
1685
1686 if (opt_skb)
1687 kfree_skb(opt_skb);
1688 return 0;
1689 }
1690
1691 static int tcp_v6_rcv(struct sk_buff **pskb)
1692 {
1693 struct sk_buff *skb = *pskb;
1694 struct tcphdr *th;
1695 struct sock *sk;
1696 int ret;
1697
1698 if (skb->pkt_type != PACKET_HOST)
1699 goto discard_it;
1700
1701 /*
1702 * Count it even if it's bad.
1703 */
1704 TCP_INC_STATS_BH(TCP_MIB_INSEGS);
1705
1706 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1707 goto discard_it;
1708
1709 th = tcp_hdr(skb);
1710
1711 if (th->doff < sizeof(struct tcphdr)/4)
1712 goto bad_packet;
1713 if (!pskb_may_pull(skb, th->doff*4))
1714 goto discard_it;
1715
1716 if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1717 goto bad_packet;
1718
1719 th = tcp_hdr(skb);
1720 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1721 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1722 skb->len - th->doff*4);
1723 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1724 TCP_SKB_CB(skb)->when = 0;
1725 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(ipv6_hdr(skb));
1726 TCP_SKB_CB(skb)->sacked = 0;
1727
1728 sk = __inet6_lookup(&tcp_hashinfo, &ipv6_hdr(skb)->saddr, th->source,
1729 &ipv6_hdr(skb)->daddr, ntohs(th->dest),
1730 inet6_iif(skb));
1731
1732 if (!sk)
1733 goto no_tcp_socket;
1734
1735 process:
1736 if (sk->sk_state == TCP_TIME_WAIT)
1737 goto do_time_wait;
1738
1739 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1740 goto discard_and_relse;
1741
1742 if (sk_filter(sk, skb))
1743 goto discard_and_relse;
1744
1745 skb->dev = NULL;
1746
1747 bh_lock_sock_nested(sk);
1748 ret = 0;
1749 if (!sock_owned_by_user(sk)) {
1750 #ifdef CONFIG_NET_DMA
1751 struct tcp_sock *tp = tcp_sk(sk);
1752 if (tp->ucopy.dma_chan)
1753 ret = tcp_v6_do_rcv(sk, skb);
1754 else
1755 #endif
1756 {
1757 if (!tcp_prequeue(sk, skb))
1758 ret = tcp_v6_do_rcv(sk, skb);
1759 }
1760 } else
1761 sk_add_backlog(sk, skb);
1762 bh_unlock_sock(sk);
1763
1764 sock_put(sk);
1765 return ret ? -1 : 0;
1766
1767 no_tcp_socket:
1768 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1769 goto discard_it;
1770
1771 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1772 bad_packet:
1773 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1774 } else {
1775 tcp_v6_send_reset(NULL, skb);
1776 }
1777
1778 discard_it:
1779
1780 /*
1781 * Discard frame
1782 */
1783
1784 kfree_skb(skb);
1785 return 0;
1786
1787 discard_and_relse:
1788 sock_put(sk);
1789 goto discard_it;
1790
1791 do_time_wait:
1792 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1793 inet_twsk_put(inet_twsk(sk));
1794 goto discard_it;
1795 }
1796
1797 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1798 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1799 inet_twsk_put(inet_twsk(sk));
1800 goto discard_it;
1801 }
1802
1803 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1804 case TCP_TW_SYN:
1805 {
1806 struct sock *sk2;
1807
1808 sk2 = inet6_lookup_listener(&tcp_hashinfo,
1809 &ipv6_hdr(skb)->daddr,
1810 ntohs(th->dest), inet6_iif(skb));
1811 if (sk2 != NULL) {
1812 struct inet_timewait_sock *tw = inet_twsk(sk);
1813 inet_twsk_deschedule(tw, &tcp_death_row);
1814 inet_twsk_put(tw);
1815 sk = sk2;
1816 goto process;
1817 }
1818 /* Fall through to ACK */
1819 }
1820 case TCP_TW_ACK:
1821 tcp_v6_timewait_ack(sk, skb);
1822 break;
1823 case TCP_TW_RST:
1824 goto no_tcp_socket;
1825 case TCP_TW_SUCCESS:;
1826 }
1827 goto discard_it;
1828 }
1829
1830 static int tcp_v6_remember_stamp(struct sock *sk)
1831 {
1832 /* Alas, not yet... */
1833 return 0;
1834 }
1835
1836 static struct inet_connection_sock_af_ops ipv6_specific = {
1837 .queue_xmit = inet6_csk_xmit,
1838 .send_check = tcp_v6_send_check,
1839 .rebuild_header = inet6_sk_rebuild_header,
1840 .conn_request = tcp_v6_conn_request,
1841 .syn_recv_sock = tcp_v6_syn_recv_sock,
1842 .remember_stamp = tcp_v6_remember_stamp,
1843 .net_header_len = sizeof(struct ipv6hdr),
1844 .setsockopt = ipv6_setsockopt,
1845 .getsockopt = ipv6_getsockopt,
1846 .addr2sockaddr = inet6_csk_addr2sockaddr,
1847 .sockaddr_len = sizeof(struct sockaddr_in6),
1848 #ifdef CONFIG_COMPAT
1849 .compat_setsockopt = compat_ipv6_setsockopt,
1850 .compat_getsockopt = compat_ipv6_getsockopt,
1851 #endif
1852 };
1853
1854 #ifdef CONFIG_TCP_MD5SIG
1855 static struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1856 .md5_lookup = tcp_v6_md5_lookup,
1857 .calc_md5_hash = tcp_v6_calc_md5_hash,
1858 .md5_add = tcp_v6_md5_add_func,
1859 .md5_parse = tcp_v6_parse_md5_keys,
1860 };
1861 #endif
1862
1863 /*
1864 * TCP over IPv4 via INET6 API
1865 */
1866
1867 static struct inet_connection_sock_af_ops ipv6_mapped = {
1868 .queue_xmit = ip_queue_xmit,
1869 .send_check = tcp_v4_send_check,
1870 .rebuild_header = inet_sk_rebuild_header,
1871 .conn_request = tcp_v6_conn_request,
1872 .syn_recv_sock = tcp_v6_syn_recv_sock,
1873 .remember_stamp = tcp_v4_remember_stamp,
1874 .net_header_len = sizeof(struct iphdr),
1875 .setsockopt = ipv6_setsockopt,
1876 .getsockopt = ipv6_getsockopt,
1877 .addr2sockaddr = inet6_csk_addr2sockaddr,
1878 .sockaddr_len = sizeof(struct sockaddr_in6),
1879 #ifdef CONFIG_COMPAT
1880 .compat_setsockopt = compat_ipv6_setsockopt,
1881 .compat_getsockopt = compat_ipv6_getsockopt,
1882 #endif
1883 };
1884
1885 #ifdef CONFIG_TCP_MD5SIG
1886 static struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1887 .md5_lookup = tcp_v4_md5_lookup,
1888 .calc_md5_hash = tcp_v4_calc_md5_hash,
1889 .md5_add = tcp_v6_md5_add_func,
1890 .md5_parse = tcp_v6_parse_md5_keys,
1891 };
1892 #endif
1893
1894 /* NOTE: A lot of things set to zero explicitly by call to
1895 * sk_alloc() so need not be done here.
1896 */
1897 static int tcp_v6_init_sock(struct sock *sk)
1898 {
1899 struct inet_connection_sock *icsk = inet_csk(sk);
1900 struct tcp_sock *tp = tcp_sk(sk);
1901
1902 skb_queue_head_init(&tp->out_of_order_queue);
1903 tcp_init_xmit_timers(sk);
1904 tcp_prequeue_init(tp);
1905
1906 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1907 tp->mdev = TCP_TIMEOUT_INIT;
1908
1909 /* So many TCP implementations out there (incorrectly) count the
1910 * initial SYN frame in their delayed-ACK and congestion control
1911 * algorithms that we must have the following bandaid to talk
1912 * efficiently to them. -DaveM
1913 */
1914 tp->snd_cwnd = 2;
1915
1916 /* See draft-stevens-tcpca-spec-01 for discussion of the
1917 * initialization of these values.
1918 */
1919 tp->snd_ssthresh = 0x7fffffff;
1920 tp->snd_cwnd_clamp = ~0;
1921 tp->mss_cache = 536;
1922
1923 tp->reordering = sysctl_tcp_reordering;
1924
1925 sk->sk_state = TCP_CLOSE;
1926
1927 icsk->icsk_af_ops = &ipv6_specific;
1928 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1929 icsk->icsk_sync_mss = tcp_sync_mss;
1930 sk->sk_write_space = sk_stream_write_space;
1931 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1932
1933 #ifdef CONFIG_TCP_MD5SIG
1934 tp->af_specific = &tcp_sock_ipv6_specific;
1935 #endif
1936
1937 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1938 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1939
1940 atomic_inc(&tcp_sockets_allocated);
1941
1942 return 0;
1943 }
1944
1945 static int tcp_v6_destroy_sock(struct sock *sk)
1946 {
1947 #ifdef CONFIG_TCP_MD5SIG
1948 /* Clean up the MD5 key list */
1949 if (tcp_sk(sk)->md5sig_info)
1950 tcp_v6_clear_md5_list(sk);
1951 #endif
1952 tcp_v4_destroy_sock(sk);
1953 return inet6_destroy_sock(sk);
1954 }
1955
1956 #ifdef CONFIG_PROC_FS
1957 /* Proc filesystem TCPv6 sock list dumping. */
1958 static void get_openreq6(struct seq_file *seq,
1959 struct sock *sk, struct request_sock *req, int i, int uid)
1960 {
1961 int ttd = req->expires - jiffies;
1962 struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1963 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1964
1965 if (ttd < 0)
1966 ttd = 0;
1967
1968 seq_printf(seq,
1969 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1970 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
1971 i,
1972 src->s6_addr32[0], src->s6_addr32[1],
1973 src->s6_addr32[2], src->s6_addr32[3],
1974 ntohs(inet_sk(sk)->sport),
1975 dest->s6_addr32[0], dest->s6_addr32[1],
1976 dest->s6_addr32[2], dest->s6_addr32[3],
1977 ntohs(inet_rsk(req)->rmt_port),
1978 TCP_SYN_RECV,
1979 0,0, /* could print option size, but that is af dependent. */
1980 1, /* timers active (only the expire timer) */
1981 jiffies_to_clock_t(ttd),
1982 req->retrans,
1983 uid,
1984 0, /* non standard timer */
1985 0, /* open_requests have no inode */
1986 0, req);
1987 }
1988
1989 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1990 {
1991 struct in6_addr *dest, *src;
1992 __u16 destp, srcp;
1993 int timer_active;
1994 unsigned long timer_expires;
1995 struct inet_sock *inet = inet_sk(sp);
1996 struct tcp_sock *tp = tcp_sk(sp);
1997 const struct inet_connection_sock *icsk = inet_csk(sp);
1998 struct ipv6_pinfo *np = inet6_sk(sp);
1999
2000 dest = &np->daddr;
2001 src = &np->rcv_saddr;
2002 destp = ntohs(inet->dport);
2003 srcp = ntohs(inet->sport);
2004
2005 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
2006 timer_active = 1;
2007 timer_expires = icsk->icsk_timeout;
2008 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
2009 timer_active = 4;
2010 timer_expires = icsk->icsk_timeout;
2011 } else if (timer_pending(&sp->sk_timer)) {
2012 timer_active = 2;
2013 timer_expires = sp->sk_timer.expires;
2014 } else {
2015 timer_active = 0;
2016 timer_expires = jiffies;
2017 }
2018
2019 seq_printf(seq,
2020 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2021 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d\n",
2022 i,
2023 src->s6_addr32[0], src->s6_addr32[1],
2024 src->s6_addr32[2], src->s6_addr32[3], srcp,
2025 dest->s6_addr32[0], dest->s6_addr32[1],
2026 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2027 sp->sk_state,
2028 tp->write_seq-tp->snd_una,
2029 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
2030 timer_active,
2031 jiffies_to_clock_t(timer_expires - jiffies),
2032 icsk->icsk_retransmits,
2033 sock_i_uid(sp),
2034 icsk->icsk_probes_out,
2035 sock_i_ino(sp),
2036 atomic_read(&sp->sk_refcnt), sp,
2037 icsk->icsk_rto,
2038 icsk->icsk_ack.ato,
2039 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
2040 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh
2041 );
2042 }
2043
2044 static void get_timewait6_sock(struct seq_file *seq,
2045 struct inet_timewait_sock *tw, int i)
2046 {
2047 struct in6_addr *dest, *src;
2048 __u16 destp, srcp;
2049 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
2050 int ttd = tw->tw_ttd - jiffies;
2051
2052 if (ttd < 0)
2053 ttd = 0;
2054
2055 dest = &tw6->tw_v6_daddr;
2056 src = &tw6->tw_v6_rcv_saddr;
2057 destp = ntohs(tw->tw_dport);
2058 srcp = ntohs(tw->tw_sport);
2059
2060 seq_printf(seq,
2061 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2062 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n",
2063 i,
2064 src->s6_addr32[0], src->s6_addr32[1],
2065 src->s6_addr32[2], src->s6_addr32[3], srcp,
2066 dest->s6_addr32[0], dest->s6_addr32[1],
2067 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2068 tw->tw_substate, 0, 0,
2069 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2070 atomic_read(&tw->tw_refcnt), tw);
2071 }
2072
2073 static int tcp6_seq_show(struct seq_file *seq, void *v)
2074 {
2075 struct tcp_iter_state *st;
2076
2077 if (v == SEQ_START_TOKEN) {
2078 seq_puts(seq,
2079 " sl "
2080 "local_address "
2081 "remote_address "
2082 "st tx_queue rx_queue tr tm->when retrnsmt"
2083 " uid timeout inode\n");
2084 goto out;
2085 }
2086 st = seq->private;
2087
2088 switch (st->state) {
2089 case TCP_SEQ_STATE_LISTENING:
2090 case TCP_SEQ_STATE_ESTABLISHED:
2091 get_tcp6_sock(seq, v, st->num);
2092 break;
2093 case TCP_SEQ_STATE_OPENREQ:
2094 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
2095 break;
2096 case TCP_SEQ_STATE_TIME_WAIT:
2097 get_timewait6_sock(seq, v, st->num);
2098 break;
2099 }
2100 out:
2101 return 0;
2102 }
2103
2104 static struct file_operations tcp6_seq_fops;
2105 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2106 .owner = THIS_MODULE,
2107 .name = "tcp6",
2108 .family = AF_INET6,
2109 .seq_show = tcp6_seq_show,
2110 .seq_fops = &tcp6_seq_fops,
2111 };
2112
2113 int __init tcp6_proc_init(void)
2114 {
2115 return tcp_proc_register(&tcp6_seq_afinfo);
2116 }
2117
2118 void tcp6_proc_exit(void)
2119 {
2120 tcp_proc_unregister(&tcp6_seq_afinfo);
2121 }
2122 #endif
2123
2124 struct proto tcpv6_prot = {
2125 .name = "TCPv6",
2126 .owner = THIS_MODULE,
2127 .close = tcp_close,
2128 .connect = tcp_v6_connect,
2129 .disconnect = tcp_disconnect,
2130 .accept = inet_csk_accept,
2131 .ioctl = tcp_ioctl,
2132 .init = tcp_v6_init_sock,
2133 .destroy = tcp_v6_destroy_sock,
2134 .shutdown = tcp_shutdown,
2135 .setsockopt = tcp_setsockopt,
2136 .getsockopt = tcp_getsockopt,
2137 .sendmsg = tcp_sendmsg,
2138 .recvmsg = tcp_recvmsg,
2139 .backlog_rcv = tcp_v6_do_rcv,
2140 .hash = tcp_v6_hash,
2141 .unhash = tcp_unhash,
2142 .get_port = tcp_v6_get_port,
2143 .enter_memory_pressure = tcp_enter_memory_pressure,
2144 .sockets_allocated = &tcp_sockets_allocated,
2145 .memory_allocated = &tcp_memory_allocated,
2146 .memory_pressure = &tcp_memory_pressure,
2147 .orphan_count = &tcp_orphan_count,
2148 .sysctl_mem = sysctl_tcp_mem,
2149 .sysctl_wmem = sysctl_tcp_wmem,
2150 .sysctl_rmem = sysctl_tcp_rmem,
2151 .max_header = MAX_TCP_HEADER,
2152 .obj_size = sizeof(struct tcp6_sock),
2153 .twsk_prot = &tcp6_timewait_sock_ops,
2154 .rsk_prot = &tcp6_request_sock_ops,
2155 #ifdef CONFIG_COMPAT
2156 .compat_setsockopt = compat_tcp_setsockopt,
2157 .compat_getsockopt = compat_tcp_getsockopt,
2158 #endif
2159 };
2160
2161 static struct inet6_protocol tcpv6_protocol = {
2162 .handler = tcp_v6_rcv,
2163 .err_handler = tcp_v6_err,
2164 .gso_send_check = tcp_v6_gso_send_check,
2165 .gso_segment = tcp_tso_segment,
2166 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2167 };
2168
2169 static struct inet_protosw tcpv6_protosw = {
2170 .type = SOCK_STREAM,
2171 .protocol = IPPROTO_TCP,
2172 .prot = &tcpv6_prot,
2173 .ops = &inet6_stream_ops,
2174 .capability = -1,
2175 .no_check = 0,
2176 .flags = INET_PROTOSW_PERMANENT |
2177 INET_PROTOSW_ICSK,
2178 };
2179
2180 void __init tcpv6_init(void)
2181 {
2182 /* register inet6 protocol */
2183 if (inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP) < 0)
2184 printk(KERN_ERR "tcpv6_init: Could not register protocol\n");
2185 inet6_register_protosw(&tcpv6_protosw);
2186
2187 if (inet_csk_ctl_sock_create(&tcp6_socket, PF_INET6, SOCK_RAW,
2188 IPPROTO_TCP) < 0)
2189 panic("Failed to create the TCPv6 control socket.\n");
2190 }
linux kernel for loongson