3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
26 #include <linux/bottom_half.h>
27 #include <linux/module.h>
28 #include <linux/errno.h>
29 #include <linux/types.h>
30 #include <linux/socket.h>
31 #include <linux/sockios.h>
32 #include <linux/net.h>
33 #include <linux/jiffies.h>
35 #include <linux/in6.h>
36 #include <linux/netdevice.h>
37 #include <linux/init.h>
38 #include <linux/jhash.h>
39 #include <linux/ipsec.h>
40 #include <linux/times.h>
41 #include <linux/slab.h>
42 #include <linux/uaccess.h>
43 #include <linux/ipv6.h>
44 #include <linux/icmpv6.h>
45 #include <linux/random.h>
48 #include <net/ndisc.h>
49 #include <net/inet6_hashtables.h>
50 #include <net/inet6_connection_sock.h>
52 #include <net/transp_v6.h>
53 #include <net/addrconf.h>
54 #include <net/ip6_route.h>
55 #include <net/ip6_checksum.h>
56 #include <net/inet_ecn.h>
57 #include <net/protocol.h>
60 #include <net/dsfield.h>
61 #include <net/timewait_sock.h>
62 #include <net/inet_common.h>
63 #include <net/secure_seq.h>
64 #include <net/tcp_memcontrol.h>
65 #include <net/busy_poll.h>
67 #include <linux/proc_fs.h>
68 #include <linux/seq_file.h>
70 #include <linux/crypto.h>
71 #include <linux/scatterlist.h>
73 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
74 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
75 struct request_sock *req);
77 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
79 static const struct inet_connection_sock_af_ops ipv6_mapped;
80 static const struct inet_connection_sock_af_ops ipv6_specific;
81 #ifdef CONFIG_TCP_MD5SIG
82 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
83 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
85 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
86 const struct in6_addr *addr)
92 static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
94 struct dst_entry *dst = skb_dst(skb);
95 const struct rt6_info *rt = (const struct rt6_info *)dst;
99 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
101 inet6_sk(sk)->rx_dst_cookie = rt->rt6i_node->fn_sernum;
104 static void tcp_v6_hash(struct sock *sk)
106 if (sk->sk_state != TCP_CLOSE) {
107 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
112 __inet6_hash(sk, NULL);
117 static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
119 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
120 ipv6_hdr(skb)->saddr.s6_addr32,
122 tcp_hdr(skb)->source);
125 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
128 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
129 struct inet_sock *inet = inet_sk(sk);
130 struct inet_connection_sock *icsk = inet_csk(sk);
131 struct ipv6_pinfo *np = inet6_sk(sk);
132 struct tcp_sock *tp = tcp_sk(sk);
133 struct in6_addr *saddr = NULL, *final_p, final;
136 struct dst_entry *dst;
140 if (addr_len < SIN6_LEN_RFC2133)
143 if (usin->sin6_family != AF_INET6)
144 return -EAFNOSUPPORT;
146 memset(&fl6, 0, sizeof(fl6));
149 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
150 IP6_ECN_flow_init(fl6.flowlabel);
151 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
152 struct ip6_flowlabel *flowlabel;
153 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
154 if (flowlabel == NULL)
156 fl6_sock_release(flowlabel);
161 * connect() to INADDR_ANY means loopback (BSD'ism).
164 if (ipv6_addr_any(&usin->sin6_addr))
165 usin->sin6_addr.s6_addr[15] = 0x1;
167 addr_type = ipv6_addr_type(&usin->sin6_addr);
169 if (addr_type & IPV6_ADDR_MULTICAST)
172 if (addr_type&IPV6_ADDR_LINKLOCAL) {
173 if (addr_len >= sizeof(struct sockaddr_in6) &&
174 usin->sin6_scope_id) {
175 /* If interface is set while binding, indices
178 if (sk->sk_bound_dev_if &&
179 sk->sk_bound_dev_if != usin->sin6_scope_id)
182 sk->sk_bound_dev_if = usin->sin6_scope_id;
185 /* Connect to link-local address requires an interface */
186 if (!sk->sk_bound_dev_if)
190 if (tp->rx_opt.ts_recent_stamp &&
191 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
192 tp->rx_opt.ts_recent = 0;
193 tp->rx_opt.ts_recent_stamp = 0;
197 sk->sk_v6_daddr = usin->sin6_addr;
198 np->flow_label = fl6.flowlabel;
206 if (addr_type == IPV6_ADDR_MAPPED) {
207 u32 exthdrlen = icsk->icsk_ext_hdr_len;
208 struct sockaddr_in sin;
210 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
212 if (__ipv6_only_sock(sk))
215 sin.sin_family = AF_INET;
216 sin.sin_port = usin->sin6_port;
217 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
219 icsk->icsk_af_ops = &ipv6_mapped;
220 sk->sk_backlog_rcv = tcp_v4_do_rcv;
221 #ifdef CONFIG_TCP_MD5SIG
222 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
225 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
228 icsk->icsk_ext_hdr_len = exthdrlen;
229 icsk->icsk_af_ops = &ipv6_specific;
230 sk->sk_backlog_rcv = tcp_v6_do_rcv;
231 #ifdef CONFIG_TCP_MD5SIG
232 tp->af_specific = &tcp_sock_ipv6_specific;
236 ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
237 ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
238 &sk->sk_v6_rcv_saddr);
244 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
245 saddr = &sk->sk_v6_rcv_saddr;
247 fl6.flowi6_proto = IPPROTO_TCP;
248 fl6.daddr = sk->sk_v6_daddr;
249 fl6.saddr = saddr ? *saddr : np->saddr;
250 fl6.flowi6_oif = sk->sk_bound_dev_if;
251 fl6.flowi6_mark = sk->sk_mark;
252 fl6.fl6_dport = usin->sin6_port;
253 fl6.fl6_sport = inet->inet_sport;
255 final_p = fl6_update_dst(&fl6, np->opt, &final);
257 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
259 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
267 sk->sk_v6_rcv_saddr = *saddr;
270 /* set the source address */
272 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
274 sk->sk_gso_type = SKB_GSO_TCPV6;
275 __ip6_dst_store(sk, dst, NULL, NULL);
277 rt = (struct rt6_info *) dst;
278 if (tcp_death_row.sysctl_tw_recycle &&
279 !tp->rx_opt.ts_recent_stamp &&
280 ipv6_addr_equal(&rt->rt6i_dst.addr, &sk->sk_v6_daddr))
281 tcp_fetch_timewait_stamp(sk, dst);
283 icsk->icsk_ext_hdr_len = 0;
285 icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
288 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
290 inet->inet_dport = usin->sin6_port;
292 tcp_set_state(sk, TCP_SYN_SENT);
293 err = inet6_hash_connect(&tcp_death_row, sk);
297 if (!tp->write_seq && likely(!tp->repair))
298 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
299 sk->sk_v6_daddr.s6_addr32,
303 err = tcp_connect(sk);
310 tcp_set_state(sk, TCP_CLOSE);
313 inet->inet_dport = 0;
314 sk->sk_route_caps = 0;
318 static void tcp_v6_mtu_reduced(struct sock *sk)
320 struct dst_entry *dst;
322 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
325 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
329 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
330 tcp_sync_mss(sk, dst_mtu(dst));
331 tcp_simple_retransmit(sk);
335 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
336 u8 type, u8 code, int offset, __be32 info)
338 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
339 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
340 struct ipv6_pinfo *np;
344 struct request_sock *fastopen;
346 struct net *net = dev_net(skb->dev);
348 sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
349 th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
352 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
357 if (sk->sk_state == TCP_TIME_WAIT) {
358 inet_twsk_put(inet_twsk(sk));
363 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
364 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
366 if (sk->sk_state == TCP_CLOSE)
369 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
370 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
375 seq = ntohl(th->seq);
376 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
377 fastopen = tp->fastopen_rsk;
378 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
379 if (sk->sk_state != TCP_LISTEN &&
380 !between(seq, snd_una, tp->snd_nxt)) {
381 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
387 if (type == NDISC_REDIRECT) {
388 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
391 dst->ops->redirect(dst, sk, skb);
395 if (type == ICMPV6_PKT_TOOBIG) {
396 /* We are not interested in TCP_LISTEN and open_requests
397 * (SYN-ACKs send out by Linux are always <576bytes so
398 * they should go through unfragmented).
400 if (sk->sk_state == TCP_LISTEN)
403 if (!ip6_sk_accept_pmtu(sk))
406 tp->mtu_info = ntohl(info);
407 if (!sock_owned_by_user(sk))
408 tcp_v6_mtu_reduced(sk);
409 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
415 icmpv6_err_convert(type, code, &err);
417 /* Might be for an request_sock */
418 switch (sk->sk_state) {
419 struct request_sock *req, **prev;
421 if (sock_owned_by_user(sk))
424 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
425 &hdr->saddr, inet6_iif(skb));
429 /* ICMPs are not backlogged, hence we cannot get
430 * an established socket here.
432 WARN_ON(req->sk != NULL);
434 if (seq != tcp_rsk(req)->snt_isn) {
435 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
439 inet_csk_reqsk_queue_drop(sk, req, prev);
440 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
445 /* Only in fast or simultaneous open. If a fast open socket is
446 * is already accepted it is treated as a connected one below.
448 if (fastopen && fastopen->sk == NULL)
451 if (!sock_owned_by_user(sk)) {
453 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
457 sk->sk_err_soft = err;
461 if (!sock_owned_by_user(sk) && np->recverr) {
463 sk->sk_error_report(sk);
465 sk->sk_err_soft = err;
473 static int tcp_v6_send_synack(struct sock *sk, struct dst_entry *dst,
475 struct request_sock *req,
477 struct tcp_fastopen_cookie *foc)
479 struct inet_request_sock *ireq = inet_rsk(req);
480 struct ipv6_pinfo *np = inet6_sk(sk);
481 struct flowi6 *fl6 = &fl->u.ip6;
485 /* First, grab a route. */
486 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL)
489 skb = tcp_make_synack(sk, dst, req, foc);
492 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
493 &ireq->ir_v6_rmt_addr);
495 fl6->daddr = ireq->ir_v6_rmt_addr;
496 if (np->repflow && (ireq->pktopts != NULL))
497 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
499 skb_set_queue_mapping(skb, queue_mapping);
500 err = ip6_xmit(sk, skb, fl6, np->opt, np->tclass);
501 err = net_xmit_eval(err);
509 static void tcp_v6_reqsk_destructor(struct request_sock *req)
511 kfree_skb(inet_rsk(req)->pktopts);
514 #ifdef CONFIG_TCP_MD5SIG
515 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
516 const struct in6_addr *addr)
518 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
521 static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
522 struct sock *addr_sk)
524 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
527 static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
528 struct request_sock *req)
530 return tcp_v6_md5_do_lookup(sk, &inet_rsk(req)->ir_v6_rmt_addr);
533 static int tcp_v6_parse_md5_keys(struct sock *sk, char __user *optval,
536 struct tcp_md5sig cmd;
537 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
539 if (optlen < sizeof(cmd))
542 if (copy_from_user(&cmd, optval, sizeof(cmd)))
545 if (sin6->sin6_family != AF_INET6)
548 if (!cmd.tcpm_keylen) {
549 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
550 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
552 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
556 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
559 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
560 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
561 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
563 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
564 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
567 static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
568 const struct in6_addr *daddr,
569 const struct in6_addr *saddr, int nbytes)
571 struct tcp6_pseudohdr *bp;
572 struct scatterlist sg;
574 bp = &hp->md5_blk.ip6;
575 /* 1. TCP pseudo-header (RFC2460) */
578 bp->protocol = cpu_to_be32(IPPROTO_TCP);
579 bp->len = cpu_to_be32(nbytes);
581 sg_init_one(&sg, bp, sizeof(*bp));
582 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
585 static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
586 const struct in6_addr *daddr, struct in6_addr *saddr,
587 const struct tcphdr *th)
589 struct tcp_md5sig_pool *hp;
590 struct hash_desc *desc;
592 hp = tcp_get_md5sig_pool();
594 goto clear_hash_noput;
595 desc = &hp->md5_desc;
597 if (crypto_hash_init(desc))
599 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
601 if (tcp_md5_hash_header(hp, th))
603 if (tcp_md5_hash_key(hp, key))
605 if (crypto_hash_final(desc, md5_hash))
608 tcp_put_md5sig_pool();
612 tcp_put_md5sig_pool();
614 memset(md5_hash, 0, 16);
618 static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
619 const struct sock *sk,
620 const struct request_sock *req,
621 const struct sk_buff *skb)
623 const struct in6_addr *saddr, *daddr;
624 struct tcp_md5sig_pool *hp;
625 struct hash_desc *desc;
626 const struct tcphdr *th = tcp_hdr(skb);
629 saddr = &inet6_sk(sk)->saddr;
630 daddr = &sk->sk_v6_daddr;
632 saddr = &inet_rsk(req)->ir_v6_loc_addr;
633 daddr = &inet_rsk(req)->ir_v6_rmt_addr;
635 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
636 saddr = &ip6h->saddr;
637 daddr = &ip6h->daddr;
640 hp = tcp_get_md5sig_pool();
642 goto clear_hash_noput;
643 desc = &hp->md5_desc;
645 if (crypto_hash_init(desc))
648 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
650 if (tcp_md5_hash_header(hp, th))
652 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
654 if (tcp_md5_hash_key(hp, key))
656 if (crypto_hash_final(desc, md5_hash))
659 tcp_put_md5sig_pool();
663 tcp_put_md5sig_pool();
665 memset(md5_hash, 0, 16);
669 static int __tcp_v6_inbound_md5_hash(struct sock *sk,
670 const struct sk_buff *skb)
672 const __u8 *hash_location = NULL;
673 struct tcp_md5sig_key *hash_expected;
674 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
675 const struct tcphdr *th = tcp_hdr(skb);
679 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
680 hash_location = tcp_parse_md5sig_option(th);
682 /* We've parsed the options - do we have a hash? */
683 if (!hash_expected && !hash_location)
686 if (hash_expected && !hash_location) {
687 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
691 if (!hash_expected && hash_location) {
692 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
696 /* check the signature */
697 genhash = tcp_v6_md5_hash_skb(newhash,
701 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
702 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
703 genhash ? "failed" : "mismatch",
704 &ip6h->saddr, ntohs(th->source),
705 &ip6h->daddr, ntohs(th->dest));
711 static int tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb)
716 ret = __tcp_v6_inbound_md5_hash(sk, skb);
724 static void tcp_v6_init_req(struct request_sock *req, struct sock *sk,
727 struct inet_request_sock *ireq = inet_rsk(req);
728 struct ipv6_pinfo *np = inet6_sk(sk);
730 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
731 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
733 ireq->ir_iif = sk->sk_bound_dev_if;
735 /* So that link locals have meaning */
736 if (!sk->sk_bound_dev_if &&
737 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
738 ireq->ir_iif = inet6_iif(skb);
740 if (!TCP_SKB_CB(skb)->when &&
741 (ipv6_opt_accepted(sk, skb) || np->rxopt.bits.rxinfo ||
742 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
743 np->rxopt.bits.rxohlim || np->repflow)) {
744 atomic_inc(&skb->users);
749 static struct dst_entry *tcp_v6_route_req(struct sock *sk, struct flowi *fl,
750 const struct request_sock *req,
755 return inet6_csk_route_req(sk, &fl->u.ip6, req);
758 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
760 .obj_size = sizeof(struct tcp6_request_sock),
761 .rtx_syn_ack = tcp_rtx_synack,
762 .send_ack = tcp_v6_reqsk_send_ack,
763 .destructor = tcp_v6_reqsk_destructor,
764 .send_reset = tcp_v6_send_reset,
765 .syn_ack_timeout = tcp_syn_ack_timeout,
768 static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
769 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
770 sizeof(struct ipv6hdr),
771 #ifdef CONFIG_TCP_MD5SIG
772 .md5_lookup = tcp_v6_reqsk_md5_lookup,
773 .calc_md5_hash = tcp_v6_md5_hash_skb,
775 .init_req = tcp_v6_init_req,
776 #ifdef CONFIG_SYN_COOKIES
777 .cookie_init_seq = cookie_v6_init_sequence,
779 .route_req = tcp_v6_route_req,
780 .init_seq = tcp_v6_init_sequence,
781 .send_synack = tcp_v6_send_synack,
782 .queue_hash_add = inet6_csk_reqsk_queue_hash_add,
785 static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
786 u32 tsval, u32 tsecr, int oif,
787 struct tcp_md5sig_key *key, int rst, u8 tclass,
790 const struct tcphdr *th = tcp_hdr(skb);
792 struct sk_buff *buff;
794 struct net *net = dev_net(skb_dst(skb)->dev);
795 struct sock *ctl_sk = net->ipv6.tcp_sk;
796 unsigned int tot_len = sizeof(struct tcphdr);
797 struct dst_entry *dst;
801 tot_len += TCPOLEN_TSTAMP_ALIGNED;
802 #ifdef CONFIG_TCP_MD5SIG
804 tot_len += TCPOLEN_MD5SIG_ALIGNED;
807 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
812 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
814 t1 = (struct tcphdr *) skb_push(buff, tot_len);
815 skb_reset_transport_header(buff);
817 /* Swap the send and the receive. */
818 memset(t1, 0, sizeof(*t1));
819 t1->dest = th->source;
820 t1->source = th->dest;
821 t1->doff = tot_len / 4;
822 t1->seq = htonl(seq);
823 t1->ack_seq = htonl(ack);
824 t1->ack = !rst || !th->ack;
826 t1->window = htons(win);
828 topt = (__be32 *)(t1 + 1);
831 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
832 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
833 *topt++ = htonl(tsval);
834 *topt++ = htonl(tsecr);
837 #ifdef CONFIG_TCP_MD5SIG
839 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
840 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
841 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
842 &ipv6_hdr(skb)->saddr,
843 &ipv6_hdr(skb)->daddr, t1);
847 memset(&fl6, 0, sizeof(fl6));
848 fl6.daddr = ipv6_hdr(skb)->saddr;
849 fl6.saddr = ipv6_hdr(skb)->daddr;
850 fl6.flowlabel = label;
852 buff->ip_summed = CHECKSUM_PARTIAL;
855 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
857 fl6.flowi6_proto = IPPROTO_TCP;
858 if (rt6_need_strict(&fl6.daddr) && !oif)
859 fl6.flowi6_oif = inet6_iif(skb);
861 fl6.flowi6_oif = oif;
862 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark);
863 fl6.fl6_dport = t1->dest;
864 fl6.fl6_sport = t1->source;
865 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
867 /* Pass a socket to ip6_dst_lookup either it is for RST
868 * Underlying function will use this to retrieve the network
871 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
873 skb_dst_set(buff, dst);
874 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
875 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
877 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
884 static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
886 const struct tcphdr *th = tcp_hdr(skb);
887 u32 seq = 0, ack_seq = 0;
888 struct tcp_md5sig_key *key = NULL;
889 #ifdef CONFIG_TCP_MD5SIG
890 const __u8 *hash_location = NULL;
891 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
892 unsigned char newhash[16];
894 struct sock *sk1 = NULL;
901 if (!ipv6_unicast_destination(skb))
904 #ifdef CONFIG_TCP_MD5SIG
905 hash_location = tcp_parse_md5sig_option(th);
906 if (!sk && hash_location) {
908 * active side is lost. Try to find listening socket through
909 * source port, and then find md5 key through listening socket.
910 * we are not loose security here:
911 * Incoming packet is checked with md5 hash with finding key,
912 * no RST generated if md5 hash doesn't match.
914 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
915 &tcp_hashinfo, &ipv6h->saddr,
916 th->source, &ipv6h->daddr,
917 ntohs(th->source), inet6_iif(skb));
922 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
926 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, NULL, skb);
927 if (genhash || memcmp(hash_location, newhash, 16) != 0)
930 key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL;
935 seq = ntohl(th->ack_seq);
937 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
940 oif = sk ? sk->sk_bound_dev_if : 0;
941 tcp_v6_send_response(skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0);
943 #ifdef CONFIG_TCP_MD5SIG
952 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack,
953 u32 win, u32 tsval, u32 tsecr, int oif,
954 struct tcp_md5sig_key *key, u8 tclass,
957 tcp_v6_send_response(skb, seq, ack, win, tsval, tsecr, oif, key, 0, tclass,
961 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
963 struct inet_timewait_sock *tw = inet_twsk(sk);
964 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
966 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
967 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
968 tcp_time_stamp + tcptw->tw_ts_offset,
969 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
970 tw->tw_tclass, (tw->tw_flowlabel << 12));
975 static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
976 struct request_sock *req)
978 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
979 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
981 tcp_v6_send_ack(skb, (sk->sk_state == TCP_LISTEN) ?
982 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
983 tcp_rsk(req)->rcv_nxt,
984 req->rcv_wnd, tcp_time_stamp, req->ts_recent, sk->sk_bound_dev_if,
985 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr),
990 static struct sock *tcp_v6_hnd_req(struct sock *sk, struct sk_buff *skb)
992 struct request_sock *req, **prev;
993 const struct tcphdr *th = tcp_hdr(skb);
996 /* Find possible connection requests. */
997 req = inet6_csk_search_req(sk, &prev, th->source,
998 &ipv6_hdr(skb)->saddr,
999 &ipv6_hdr(skb)->daddr, inet6_iif(skb));
1001 return tcp_check_req(sk, skb, req, prev, false);
1003 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
1004 &ipv6_hdr(skb)->saddr, th->source,
1005 &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
1008 if (nsk->sk_state != TCP_TIME_WAIT) {
1012 inet_twsk_put(inet_twsk(nsk));
1016 #ifdef CONFIG_SYN_COOKIES
1018 sk = cookie_v6_check(sk, skb);
1023 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1025 if (skb->protocol == htons(ETH_P_IP))
1026 return tcp_v4_conn_request(sk, skb);
1028 if (!ipv6_unicast_destination(skb))
1031 return tcp_conn_request(&tcp6_request_sock_ops,
1032 &tcp_request_sock_ipv6_ops, sk, skb);
1035 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1036 return 0; /* don't send reset */
1039 static struct sock *tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1040 struct request_sock *req,
1041 struct dst_entry *dst)
1043 struct inet_request_sock *ireq;
1044 struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1045 struct tcp6_sock *newtcp6sk;
1046 struct inet_sock *newinet;
1047 struct tcp_sock *newtp;
1049 #ifdef CONFIG_TCP_MD5SIG
1050 struct tcp_md5sig_key *key;
1054 if (skb->protocol == htons(ETH_P_IP)) {
1059 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1064 newtcp6sk = (struct tcp6_sock *)newsk;
1065 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1067 newinet = inet_sk(newsk);
1068 newnp = inet6_sk(newsk);
1069 newtp = tcp_sk(newsk);
1071 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1073 ipv6_addr_set_v4mapped(newinet->inet_daddr, &newsk->sk_v6_daddr);
1075 ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr);
1077 newsk->sk_v6_rcv_saddr = newnp->saddr;
1079 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1080 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1081 #ifdef CONFIG_TCP_MD5SIG
1082 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1085 newnp->ipv6_ac_list = NULL;
1086 newnp->ipv6_fl_list = NULL;
1087 newnp->pktoptions = NULL;
1089 newnp->mcast_oif = inet6_iif(skb);
1090 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1091 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1093 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1096 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1097 * here, tcp_create_openreq_child now does this for us, see the comment in
1098 * that function for the gory details. -acme
1101 /* It is tricky place. Until this moment IPv4 tcp
1102 worked with IPv6 icsk.icsk_af_ops.
1105 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1110 ireq = inet_rsk(req);
1112 if (sk_acceptq_is_full(sk))
1116 dst = inet6_csk_route_req(sk, &fl6, req);
1121 newsk = tcp_create_openreq_child(sk, req, skb);
1126 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1127 * count here, tcp_create_openreq_child now does this for us, see the
1128 * comment in that function for the gory details. -acme
1131 newsk->sk_gso_type = SKB_GSO_TCPV6;
1132 __ip6_dst_store(newsk, dst, NULL, NULL);
1133 inet6_sk_rx_dst_set(newsk, skb);
1135 newtcp6sk = (struct tcp6_sock *)newsk;
1136 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1138 newtp = tcp_sk(newsk);
1139 newinet = inet_sk(newsk);
1140 newnp = inet6_sk(newsk);
1142 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1144 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1145 newnp->saddr = ireq->ir_v6_loc_addr;
1146 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1147 newsk->sk_bound_dev_if = ireq->ir_iif;
1149 ip6_set_txhash(newsk);
1151 /* Now IPv6 options...
1153 First: no IPv4 options.
1155 newinet->inet_opt = NULL;
1156 newnp->ipv6_ac_list = NULL;
1157 newnp->ipv6_fl_list = NULL;
1160 newnp->rxopt.all = np->rxopt.all;
1162 /* Clone pktoptions received with SYN */
1163 newnp->pktoptions = NULL;
1164 if (ireq->pktopts != NULL) {
1165 newnp->pktoptions = skb_clone(ireq->pktopts,
1166 sk_gfp_atomic(sk, GFP_ATOMIC));
1167 consume_skb(ireq->pktopts);
1168 ireq->pktopts = NULL;
1169 if (newnp->pktoptions)
1170 skb_set_owner_r(newnp->pktoptions, newsk);
1173 newnp->mcast_oif = inet6_iif(skb);
1174 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1175 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1177 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1179 /* Clone native IPv6 options from listening socket (if any)
1181 Yes, keeping reference count would be much more clever,
1182 but we make one more one thing there: reattach optmem
1186 newnp->opt = ipv6_dup_options(newsk, np->opt);
1188 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1190 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1191 newnp->opt->opt_flen);
1193 tcp_sync_mss(newsk, dst_mtu(dst));
1194 newtp->advmss = dst_metric_advmss(dst);
1195 if (tcp_sk(sk)->rx_opt.user_mss &&
1196 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1197 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1199 tcp_initialize_rcv_mss(newsk);
1201 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1202 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1204 #ifdef CONFIG_TCP_MD5SIG
1205 /* Copy over the MD5 key from the original socket */
1206 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
1208 /* We're using one, so create a matching key
1209 * on the newsk structure. If we fail to get
1210 * memory, then we end up not copying the key
1213 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
1214 AF_INET6, key->key, key->keylen,
1215 sk_gfp_atomic(sk, GFP_ATOMIC));
1219 if (__inet_inherit_port(sk, newsk) < 0) {
1220 inet_csk_prepare_forced_close(newsk);
1224 __inet6_hash(newsk, NULL);
1229 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1233 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1237 /* The socket must have it's spinlock held when we get
1240 * We have a potential double-lock case here, so even when
1241 * doing backlog processing we use the BH locking scheme.
1242 * This is because we cannot sleep with the original spinlock
1245 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1247 struct ipv6_pinfo *np = inet6_sk(sk);
1248 struct tcp_sock *tp;
1249 struct sk_buff *opt_skb = NULL;
1251 /* Imagine: socket is IPv6. IPv4 packet arrives,
1252 goes to IPv4 receive handler and backlogged.
1253 From backlog it always goes here. Kerboom...
1254 Fortunately, tcp_rcv_established and rcv_established
1255 handle them correctly, but it is not case with
1256 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1259 if (skb->protocol == htons(ETH_P_IP))
1260 return tcp_v4_do_rcv(sk, skb);
1262 if (sk_filter(sk, skb))
1266 * socket locking is here for SMP purposes as backlog rcv
1267 * is currently called with bh processing disabled.
1270 /* Do Stevens' IPV6_PKTOPTIONS.
1272 Yes, guys, it is the only place in our code, where we
1273 may make it not affecting IPv4.
1274 The rest of code is protocol independent,
1275 and I do not like idea to uglify IPv4.
1277 Actually, all the idea behind IPV6_PKTOPTIONS
1278 looks not very well thought. For now we latch
1279 options, received in the last packet, enqueued
1280 by tcp. Feel free to propose better solution.
1284 opt_skb = skb_clone(skb, sk_gfp_atomic(sk, GFP_ATOMIC));
1286 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1287 struct dst_entry *dst = sk->sk_rx_dst;
1289 sock_rps_save_rxhash(sk, skb);
1291 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1292 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1294 sk->sk_rx_dst = NULL;
1298 tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len);
1300 goto ipv6_pktoptions;
1304 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1307 if (sk->sk_state == TCP_LISTEN) {
1308 struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1313 * Queue it on the new socket if the new socket is active,
1314 * otherwise we just shortcircuit this and continue with
1318 sock_rps_save_rxhash(nsk, skb);
1319 if (tcp_child_process(sk, nsk, skb))
1322 __kfree_skb(opt_skb);
1326 sock_rps_save_rxhash(sk, skb);
1328 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1331 goto ipv6_pktoptions;
1335 tcp_v6_send_reset(sk, skb);
1338 __kfree_skb(opt_skb);
1342 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_CSUMERRORS);
1343 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1348 /* Do you ask, what is it?
1350 1. skb was enqueued by tcp.
1351 2. skb is added to tail of read queue, rather than out of order.
1352 3. socket is not in passive state.
1353 4. Finally, it really contains options, which user wants to receive.
1356 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1357 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1358 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1359 np->mcast_oif = inet6_iif(opt_skb);
1360 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1361 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1362 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1363 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
1365 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
1366 if (ipv6_opt_accepted(sk, opt_skb)) {
1367 skb_set_owner_r(opt_skb, sk);
1368 opt_skb = xchg(&np->pktoptions, opt_skb);
1370 __kfree_skb(opt_skb);
1371 opt_skb = xchg(&np->pktoptions, NULL);
1379 static int tcp_v6_rcv(struct sk_buff *skb)
1381 const struct tcphdr *th;
1382 const struct ipv6hdr *hdr;
1385 struct net *net = dev_net(skb->dev);
1387 if (skb->pkt_type != PACKET_HOST)
1391 * Count it even if it's bad.
1393 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1395 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1400 if (th->doff < sizeof(struct tcphdr)/4)
1402 if (!pskb_may_pull(skb, th->doff*4))
1405 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
1409 hdr = ipv6_hdr(skb);
1410 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1411 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1412 skb->len - th->doff*4);
1413 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1414 TCP_SKB_CB(skb)->when = 0;
1415 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1416 TCP_SKB_CB(skb)->sacked = 0;
1418 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1423 if (sk->sk_state == TCP_TIME_WAIT)
1426 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1427 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1428 goto discard_and_relse;
1431 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1432 goto discard_and_relse;
1434 #ifdef CONFIG_TCP_MD5SIG
1435 if (tcp_v6_inbound_md5_hash(sk, skb))
1436 goto discard_and_relse;
1439 if (sk_filter(sk, skb))
1440 goto discard_and_relse;
1442 sk_mark_napi_id(sk, skb);
1445 bh_lock_sock_nested(sk);
1447 if (!sock_owned_by_user(sk)) {
1448 if (!tcp_prequeue(sk, skb))
1449 ret = tcp_v6_do_rcv(sk, skb);
1450 } else if (unlikely(sk_add_backlog(sk, skb,
1451 sk->sk_rcvbuf + sk->sk_sndbuf))) {
1453 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
1454 goto discard_and_relse;
1459 return ret ? -1 : 0;
1462 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1465 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1467 TCP_INC_STATS_BH(net, TCP_MIB_CSUMERRORS);
1469 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1471 tcp_v6_send_reset(NULL, skb);
1483 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1484 inet_twsk_put(inet_twsk(sk));
1488 if (skb->len < (th->doff<<2)) {
1489 inet_twsk_put(inet_twsk(sk));
1492 if (tcp_checksum_complete(skb)) {
1493 inet_twsk_put(inet_twsk(sk));
1497 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1502 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1503 &ipv6_hdr(skb)->saddr, th->source,
1504 &ipv6_hdr(skb)->daddr,
1505 ntohs(th->dest), inet6_iif(skb));
1507 struct inet_timewait_sock *tw = inet_twsk(sk);
1508 inet_twsk_deschedule(tw, &tcp_death_row);
1513 /* Fall through to ACK */
1516 tcp_v6_timewait_ack(sk, skb);
1520 case TCP_TW_SUCCESS:
1526 static void tcp_v6_early_demux(struct sk_buff *skb)
1528 const struct ipv6hdr *hdr;
1529 const struct tcphdr *th;
1532 if (skb->pkt_type != PACKET_HOST)
1535 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1538 hdr = ipv6_hdr(skb);
1541 if (th->doff < sizeof(struct tcphdr) / 4)
1544 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1545 &hdr->saddr, th->source,
1546 &hdr->daddr, ntohs(th->dest),
1550 skb->destructor = sock_edemux;
1551 if (sk->sk_state != TCP_TIME_WAIT) {
1552 struct dst_entry *dst = sk->sk_rx_dst;
1555 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
1557 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1558 skb_dst_set_noref(skb, dst);
1563 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1564 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1565 .twsk_unique = tcp_twsk_unique,
1566 .twsk_destructor = tcp_twsk_destructor,
1569 static const struct inet_connection_sock_af_ops ipv6_specific = {
1570 .queue_xmit = inet6_csk_xmit,
1571 .send_check = tcp_v6_send_check,
1572 .rebuild_header = inet6_sk_rebuild_header,
1573 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1574 .conn_request = tcp_v6_conn_request,
1575 .syn_recv_sock = tcp_v6_syn_recv_sock,
1576 .net_header_len = sizeof(struct ipv6hdr),
1577 .net_frag_header_len = sizeof(struct frag_hdr),
1578 .setsockopt = ipv6_setsockopt,
1579 .getsockopt = ipv6_getsockopt,
1580 .addr2sockaddr = inet6_csk_addr2sockaddr,
1581 .sockaddr_len = sizeof(struct sockaddr_in6),
1582 .bind_conflict = inet6_csk_bind_conflict,
1583 #ifdef CONFIG_COMPAT
1584 .compat_setsockopt = compat_ipv6_setsockopt,
1585 .compat_getsockopt = compat_ipv6_getsockopt,
1587 .mtu_reduced = tcp_v6_mtu_reduced,
1590 #ifdef CONFIG_TCP_MD5SIG
1591 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1592 .md5_lookup = tcp_v6_md5_lookup,
1593 .calc_md5_hash = tcp_v6_md5_hash_skb,
1594 .md5_parse = tcp_v6_parse_md5_keys,
1599 * TCP over IPv4 via INET6 API
1601 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1602 .queue_xmit = ip_queue_xmit,
1603 .send_check = tcp_v4_send_check,
1604 .rebuild_header = inet_sk_rebuild_header,
1605 .sk_rx_dst_set = inet_sk_rx_dst_set,
1606 .conn_request = tcp_v6_conn_request,
1607 .syn_recv_sock = tcp_v6_syn_recv_sock,
1608 .net_header_len = sizeof(struct iphdr),
1609 .setsockopt = ipv6_setsockopt,
1610 .getsockopt = ipv6_getsockopt,
1611 .addr2sockaddr = inet6_csk_addr2sockaddr,
1612 .sockaddr_len = sizeof(struct sockaddr_in6),
1613 .bind_conflict = inet6_csk_bind_conflict,
1614 #ifdef CONFIG_COMPAT
1615 .compat_setsockopt = compat_ipv6_setsockopt,
1616 .compat_getsockopt = compat_ipv6_getsockopt,
1618 .mtu_reduced = tcp_v4_mtu_reduced,
1621 #ifdef CONFIG_TCP_MD5SIG
1622 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1623 .md5_lookup = tcp_v4_md5_lookup,
1624 .calc_md5_hash = tcp_v4_md5_hash_skb,
1625 .md5_parse = tcp_v6_parse_md5_keys,
1629 /* NOTE: A lot of things set to zero explicitly by call to
1630 * sk_alloc() so need not be done here.
1632 static int tcp_v6_init_sock(struct sock *sk)
1634 struct inet_connection_sock *icsk = inet_csk(sk);
1638 icsk->icsk_af_ops = &ipv6_specific;
1640 #ifdef CONFIG_TCP_MD5SIG
1641 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1647 static void tcp_v6_destroy_sock(struct sock *sk)
1649 tcp_v4_destroy_sock(sk);
1650 inet6_destroy_sock(sk);
1653 #ifdef CONFIG_PROC_FS
1654 /* Proc filesystem TCPv6 sock list dumping. */
1655 static void get_openreq6(struct seq_file *seq,
1656 const struct sock *sk, struct request_sock *req, int i, kuid_t uid)
1658 int ttd = req->expires - jiffies;
1659 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1660 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1666 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1667 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1669 src->s6_addr32[0], src->s6_addr32[1],
1670 src->s6_addr32[2], src->s6_addr32[3],
1671 inet_rsk(req)->ir_num,
1672 dest->s6_addr32[0], dest->s6_addr32[1],
1673 dest->s6_addr32[2], dest->s6_addr32[3],
1674 ntohs(inet_rsk(req)->ir_rmt_port),
1676 0, 0, /* could print option size, but that is af dependent. */
1677 1, /* timers active (only the expire timer) */
1678 jiffies_to_clock_t(ttd),
1680 from_kuid_munged(seq_user_ns(seq), uid),
1681 0, /* non standard timer */
1682 0, /* open_requests have no inode */
1686 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1688 const struct in6_addr *dest, *src;
1691 unsigned long timer_expires;
1692 const struct inet_sock *inet = inet_sk(sp);
1693 const struct tcp_sock *tp = tcp_sk(sp);
1694 const struct inet_connection_sock *icsk = inet_csk(sp);
1695 struct fastopen_queue *fastopenq = icsk->icsk_accept_queue.fastopenq;
1697 dest = &sp->sk_v6_daddr;
1698 src = &sp->sk_v6_rcv_saddr;
1699 destp = ntohs(inet->inet_dport);
1700 srcp = ntohs(inet->inet_sport);
1702 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1704 timer_expires = icsk->icsk_timeout;
1705 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1707 timer_expires = icsk->icsk_timeout;
1708 } else if (timer_pending(&sp->sk_timer)) {
1710 timer_expires = sp->sk_timer.expires;
1713 timer_expires = jiffies;
1717 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1718 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1720 src->s6_addr32[0], src->s6_addr32[1],
1721 src->s6_addr32[2], src->s6_addr32[3], srcp,
1722 dest->s6_addr32[0], dest->s6_addr32[1],
1723 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1725 tp->write_seq-tp->snd_una,
1726 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1728 jiffies_delta_to_clock_t(timer_expires - jiffies),
1729 icsk->icsk_retransmits,
1730 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1731 icsk->icsk_probes_out,
1733 atomic_read(&sp->sk_refcnt), sp,
1734 jiffies_to_clock_t(icsk->icsk_rto),
1735 jiffies_to_clock_t(icsk->icsk_ack.ato),
1736 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
1738 sp->sk_state == TCP_LISTEN ?
1739 (fastopenq ? fastopenq->max_qlen : 0) :
1740 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1744 static void get_timewait6_sock(struct seq_file *seq,
1745 struct inet_timewait_sock *tw, int i)
1747 const struct in6_addr *dest, *src;
1749 s32 delta = tw->tw_ttd - inet_tw_time_stamp();
1751 dest = &tw->tw_v6_daddr;
1752 src = &tw->tw_v6_rcv_saddr;
1753 destp = ntohs(tw->tw_dport);
1754 srcp = ntohs(tw->tw_sport);
1757 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1758 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1760 src->s6_addr32[0], src->s6_addr32[1],
1761 src->s6_addr32[2], src->s6_addr32[3], srcp,
1762 dest->s6_addr32[0], dest->s6_addr32[1],
1763 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1764 tw->tw_substate, 0, 0,
1765 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1766 atomic_read(&tw->tw_refcnt), tw);
1769 static int tcp6_seq_show(struct seq_file *seq, void *v)
1771 struct tcp_iter_state *st;
1772 struct sock *sk = v;
1774 if (v == SEQ_START_TOKEN) {
1779 "st tx_queue rx_queue tr tm->when retrnsmt"
1780 " uid timeout inode\n");
1785 switch (st->state) {
1786 case TCP_SEQ_STATE_LISTENING:
1787 case TCP_SEQ_STATE_ESTABLISHED:
1788 if (sk->sk_state == TCP_TIME_WAIT)
1789 get_timewait6_sock(seq, v, st->num);
1791 get_tcp6_sock(seq, v, st->num);
1793 case TCP_SEQ_STATE_OPENREQ:
1794 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
1801 static const struct file_operations tcp6_afinfo_seq_fops = {
1802 .owner = THIS_MODULE,
1803 .open = tcp_seq_open,
1805 .llseek = seq_lseek,
1806 .release = seq_release_net
1809 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1812 .seq_fops = &tcp6_afinfo_seq_fops,
1814 .show = tcp6_seq_show,
1818 int __net_init tcp6_proc_init(struct net *net)
1820 return tcp_proc_register(net, &tcp6_seq_afinfo);
1823 void tcp6_proc_exit(struct net *net)
1825 tcp_proc_unregister(net, &tcp6_seq_afinfo);
1829 static void tcp_v6_clear_sk(struct sock *sk, int size)
1831 struct inet_sock *inet = inet_sk(sk);
1833 /* we do not want to clear pinet6 field, because of RCU lookups */
1834 sk_prot_clear_nulls(sk, offsetof(struct inet_sock, pinet6));
1836 size -= offsetof(struct inet_sock, pinet6) + sizeof(inet->pinet6);
1837 memset(&inet->pinet6 + 1, 0, size);
1840 struct proto tcpv6_prot = {
1842 .owner = THIS_MODULE,
1844 .connect = tcp_v6_connect,
1845 .disconnect = tcp_disconnect,
1846 .accept = inet_csk_accept,
1848 .init = tcp_v6_init_sock,
1849 .destroy = tcp_v6_destroy_sock,
1850 .shutdown = tcp_shutdown,
1851 .setsockopt = tcp_setsockopt,
1852 .getsockopt = tcp_getsockopt,
1853 .recvmsg = tcp_recvmsg,
1854 .sendmsg = tcp_sendmsg,
1855 .sendpage = tcp_sendpage,
1856 .backlog_rcv = tcp_v6_do_rcv,
1857 .release_cb = tcp_release_cb,
1858 .hash = tcp_v6_hash,
1859 .unhash = inet_unhash,
1860 .get_port = inet_csk_get_port,
1861 .enter_memory_pressure = tcp_enter_memory_pressure,
1862 .stream_memory_free = tcp_stream_memory_free,
1863 .sockets_allocated = &tcp_sockets_allocated,
1864 .memory_allocated = &tcp_memory_allocated,
1865 .memory_pressure = &tcp_memory_pressure,
1866 .orphan_count = &tcp_orphan_count,
1867 .sysctl_mem = sysctl_tcp_mem,
1868 .sysctl_wmem = sysctl_tcp_wmem,
1869 .sysctl_rmem = sysctl_tcp_rmem,
1870 .max_header = MAX_TCP_HEADER,
1871 .obj_size = sizeof(struct tcp6_sock),
1872 .slab_flags = SLAB_DESTROY_BY_RCU,
1873 .twsk_prot = &tcp6_timewait_sock_ops,
1874 .rsk_prot = &tcp6_request_sock_ops,
1875 .h.hashinfo = &tcp_hashinfo,
1876 .no_autobind = true,
1877 #ifdef CONFIG_COMPAT
1878 .compat_setsockopt = compat_tcp_setsockopt,
1879 .compat_getsockopt = compat_tcp_getsockopt,
1881 #ifdef CONFIG_MEMCG_KMEM
1882 .proto_cgroup = tcp_proto_cgroup,
1884 .clear_sk = tcp_v6_clear_sk,
1887 static const struct inet6_protocol tcpv6_protocol = {
1888 .early_demux = tcp_v6_early_demux,
1889 .handler = tcp_v6_rcv,
1890 .err_handler = tcp_v6_err,
1891 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1894 static struct inet_protosw tcpv6_protosw = {
1895 .type = SOCK_STREAM,
1896 .protocol = IPPROTO_TCP,
1897 .prot = &tcpv6_prot,
1898 .ops = &inet6_stream_ops,
1899 .flags = INET_PROTOSW_PERMANENT |
1903 static int __net_init tcpv6_net_init(struct net *net)
1905 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
1906 SOCK_RAW, IPPROTO_TCP, net);
1909 static void __net_exit tcpv6_net_exit(struct net *net)
1911 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
1914 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
1916 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
1919 static struct pernet_operations tcpv6_net_ops = {
1920 .init = tcpv6_net_init,
1921 .exit = tcpv6_net_exit,
1922 .exit_batch = tcpv6_net_exit_batch,
1925 int __init tcpv6_init(void)
1929 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
1933 /* register inet6 protocol */
1934 ret = inet6_register_protosw(&tcpv6_protosw);
1936 goto out_tcpv6_protocol;
1938 ret = register_pernet_subsys(&tcpv6_net_ops);
1940 goto out_tcpv6_protosw;
1945 inet6_unregister_protosw(&tcpv6_protosw);
1947 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
1951 void tcpv6_exit(void)
1953 unregister_pernet_subsys(&tcpv6_net_ops);
1954 inet6_unregister_protosw(&tcpv6_protosw);
1955 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);