1/* 2 * TCP over IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on: 9 * linux/net/ipv4/tcp.c 10 * linux/net/ipv4/tcp_input.c 11 * linux/net/ipv4/tcp_output.c 12 * 13 * Fixes: 14 * Hideaki YOSHIFUJI : sin6_scope_id support 15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which 16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind 17 * a single port at the same time. 18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file. 19 * 20 * This program is free software; you can redistribute it and/or 21 * modify it under the terms of the GNU General Public License 22 * as published by the Free Software Foundation; either version 23 * 2 of the License, or (at your option) any later version. 24 */ 25 26#include <linux/bottom_half.h> 27#include <linux/module.h> 28#include <linux/errno.h> 29#include <linux/types.h> 30#include <linux/socket.h> 31#include <linux/sockios.h> 32#include <linux/net.h> 33#include <linux/jiffies.h> 34#include <linux/in.h> 35#include <linux/in6.h> 36#include <linux/netdevice.h> 37#include <linux/init.h> 38#include <linux/jhash.h> 39#include <linux/ipsec.h> 40#include <linux/times.h> 41#include <linux/slab.h> 42#include <linux/uaccess.h> 43#include <linux/ipv6.h> 44#include <linux/icmpv6.h> 45#include <linux/random.h> 46 47#include <net/tcp.h> 48#include <net/ndisc.h> 49#include <net/inet6_hashtables.h> 50#include <net/inet6_connection_sock.h> 51#include <net/ipv6.h> 52#include <net/transp_v6.h> 53#include <net/addrconf.h> 54#include <net/ip6_route.h> 55#include <net/ip6_checksum.h> 56#include <net/inet_ecn.h> 57#include <net/protocol.h> 58#include <net/xfrm.h> 59#include <net/snmp.h> 60#include <net/dsfield.h> 61#include <net/timewait_sock.h> 62#include <net/inet_common.h> 63#include <net/secure_seq.h> 64#include <net/tcp_memcontrol.h> 65#include <net/busy_poll.h> 66 67#include <linux/proc_fs.h> 68#include <linux/seq_file.h> 69 70#include <linux/crypto.h> 71#include <linux/scatterlist.h> 72 73static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb); 74static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb, 75 struct request_sock *req); 76 77static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb); 78 79static const struct inet_connection_sock_af_ops ipv6_mapped; 80static const struct inet_connection_sock_af_ops ipv6_specific; 81#ifdef CONFIG_TCP_MD5SIG 82static const struct tcp_sock_af_ops tcp_sock_ipv6_specific; 83static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific; 84#else 85static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk, 86 const struct in6_addr *addr) 87{ 88 return NULL; 89} 90#endif 91 92static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb) 93{ 94 struct dst_entry *dst = skb_dst(skb); 95 96 if (dst && dst_hold_safe(dst)) { 97 const struct rt6_info *rt = (const struct rt6_info *)dst; 98 99 sk->sk_rx_dst = dst; 100 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif; 101 if (rt->rt6i_node) 102 inet6_sk(sk)->rx_dst_cookie = rt->rt6i_node->fn_sernum; 103 } 104} 105 106static __u32 tcp_v6_init_sequence(const struct sk_buff *skb) 107{ 108 return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32, 109 ipv6_hdr(skb)->saddr.s6_addr32, 110 tcp_hdr(skb)->dest, 111 tcp_hdr(skb)->source); 112} 113 114static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, 115 int addr_len) 116{ 117 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; 118 struct inet_sock *inet = inet_sk(sk); 119 struct inet_connection_sock *icsk = inet_csk(sk); 120 struct ipv6_pinfo *np = inet6_sk(sk); 121 struct tcp_sock *tp = tcp_sk(sk); 122 struct in6_addr *saddr = NULL, *final_p, final; 123 struct ipv6_txoptions *opt; 124 struct rt6_info *rt; 125 struct flowi6 fl6; 126 struct dst_entry *dst; 127 int addr_type; 128 int err; 129 130 if (addr_len < SIN6_LEN_RFC2133) 131 return -EINVAL; 132 133 if (usin->sin6_family != AF_INET6) 134 return -EAFNOSUPPORT; 135 136 memset(&fl6, 0, sizeof(fl6)); 137 138 if (np->sndflow) { 139 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK; 140 IP6_ECN_flow_init(fl6.flowlabel); 141 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) { 142 struct ip6_flowlabel *flowlabel; 143 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel); 144 if (!flowlabel) 145 return -EINVAL; 146 fl6_sock_release(flowlabel); 147 } 148 } 149 150 /* 151 * connect() to INADDR_ANY means loopback (BSD'ism). 152 */ 153 154 if (ipv6_addr_any(&usin->sin6_addr)) 155 usin->sin6_addr.s6_addr[15] = 0x1; 156 157 addr_type = ipv6_addr_type(&usin->sin6_addr); 158 159 if (addr_type & IPV6_ADDR_MULTICAST) 160 return -ENETUNREACH; 161 162 if (addr_type&IPV6_ADDR_LINKLOCAL) { 163 if (addr_len >= sizeof(struct sockaddr_in6) && 164 usin->sin6_scope_id) { 165 /* If interface is set while binding, indices 166 * must coincide. 167 */ 168 if (sk->sk_bound_dev_if && 169 sk->sk_bound_dev_if != usin->sin6_scope_id) 170 return -EINVAL; 171 172 sk->sk_bound_dev_if = usin->sin6_scope_id; 173 } 174 175 /* Connect to link-local address requires an interface */ 176 if (!sk->sk_bound_dev_if) 177 return -EINVAL; 178 } 179 180 if (tp->rx_opt.ts_recent_stamp && 181 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) { 182 tp->rx_opt.ts_recent = 0; 183 tp->rx_opt.ts_recent_stamp = 0; 184 tp->write_seq = 0; 185 } 186 187 sk->sk_v6_daddr = usin->sin6_addr; 188 np->flow_label = fl6.flowlabel; 189 190 /* 191 * TCP over IPv4 192 */ 193 194 if (addr_type == IPV6_ADDR_MAPPED) { 195 u32 exthdrlen = icsk->icsk_ext_hdr_len; 196 struct sockaddr_in sin; 197 198 SOCK_DEBUG(sk, "connect: ipv4 mapped\n"); 199 200 if (__ipv6_only_sock(sk)) 201 return -ENETUNREACH; 202 203 sin.sin_family = AF_INET; 204 sin.sin_port = usin->sin6_port; 205 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3]; 206 207 icsk->icsk_af_ops = &ipv6_mapped; 208 sk->sk_backlog_rcv = tcp_v4_do_rcv; 209#ifdef CONFIG_TCP_MD5SIG 210 tp->af_specific = &tcp_sock_ipv6_mapped_specific; 211#endif 212 213 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin)); 214 215 if (err) { 216 icsk->icsk_ext_hdr_len = exthdrlen; 217 icsk->icsk_af_ops = &ipv6_specific; 218 sk->sk_backlog_rcv = tcp_v6_do_rcv; 219#ifdef CONFIG_TCP_MD5SIG 220 tp->af_specific = &tcp_sock_ipv6_specific; 221#endif 222 goto failure; 223 } 224 np->saddr = sk->sk_v6_rcv_saddr; 225 226 return err; 227 } 228 229 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr)) 230 saddr = &sk->sk_v6_rcv_saddr; 231 232 fl6.flowi6_proto = IPPROTO_TCP; 233 fl6.daddr = sk->sk_v6_daddr; 234 fl6.saddr = saddr ? *saddr : np->saddr; 235 fl6.flowi6_oif = sk->sk_bound_dev_if; 236 fl6.flowi6_mark = sk->sk_mark; 237 fl6.fl6_dport = usin->sin6_port; 238 fl6.fl6_sport = inet->inet_sport; 239 240 opt = rcu_dereference_protected(np->opt, sock_owned_by_user(sk)); 241 final_p = fl6_update_dst(&fl6, opt, &final); 242 243 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6)); 244 245 dst = ip6_dst_lookup_flow(sk, &fl6, final_p); 246 if (IS_ERR(dst)) { 247 err = PTR_ERR(dst); 248 goto failure; 249 } 250 251 if (!saddr) { 252 saddr = &fl6.saddr; 253 sk->sk_v6_rcv_saddr = *saddr; 254 } 255 256 /* set the source address */ 257 np->saddr = *saddr; 258 inet->inet_rcv_saddr = LOOPBACK4_IPV6; 259 260 sk->sk_gso_type = SKB_GSO_TCPV6; 261 __ip6_dst_store(sk, dst, NULL, NULL); 262 263 rt = (struct rt6_info *) dst; 264 if (tcp_death_row.sysctl_tw_recycle && 265 !tp->rx_opt.ts_recent_stamp && 266 ipv6_addr_equal(&rt->rt6i_dst.addr, &sk->sk_v6_daddr)) 267 tcp_fetch_timewait_stamp(sk, dst); 268 269 icsk->icsk_ext_hdr_len = 0; 270 if (opt) 271 icsk->icsk_ext_hdr_len = opt->opt_flen + 272 opt->opt_nflen; 273 274 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 275 276 inet->inet_dport = usin->sin6_port; 277 278 tcp_set_state(sk, TCP_SYN_SENT); 279 err = inet6_hash_connect(&tcp_death_row, sk); 280 if (err) 281 goto late_failure; 282 283 ip6_set_txhash(sk); 284 285 if (!tp->write_seq && likely(!tp->repair)) 286 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32, 287 sk->sk_v6_daddr.s6_addr32, 288 inet->inet_sport, 289 inet->inet_dport); 290 291 err = tcp_connect(sk); 292 if (err) 293 goto late_failure; 294 295 return 0; 296 297late_failure: 298 tcp_set_state(sk, TCP_CLOSE); 299 __sk_dst_reset(sk); 300failure: 301 inet->inet_dport = 0; 302 sk->sk_route_caps = 0; 303 return err; 304} 305 306static void tcp_v6_mtu_reduced(struct sock *sk) 307{ 308 struct dst_entry *dst; 309 310 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) 311 return; 312 313 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info); 314 if (!dst) 315 return; 316 317 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) { 318 tcp_sync_mss(sk, dst_mtu(dst)); 319 tcp_simple_retransmit(sk); 320 } 321} 322 323static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 324 u8 type, u8 code, int offset, __be32 info) 325{ 326 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data; 327 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset); 328 struct net *net = dev_net(skb->dev); 329 struct request_sock *fastopen; 330 struct ipv6_pinfo *np; 331 struct tcp_sock *tp; 332 __u32 seq, snd_una; 333 struct sock *sk; 334 int err; 335 336 sk = __inet6_lookup_established(net, &tcp_hashinfo, 337 &hdr->daddr, th->dest, 338 &hdr->saddr, ntohs(th->source), 339 skb->dev->ifindex); 340 341 if (!sk) { 342 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev), 343 ICMP6_MIB_INERRORS); 344 return; 345 } 346 347 if (sk->sk_state == TCP_TIME_WAIT) { 348 inet_twsk_put(inet_twsk(sk)); 349 return; 350 } 351 seq = ntohl(th->seq); 352 if (sk->sk_state == TCP_NEW_SYN_RECV) 353 return tcp_req_err(sk, seq); 354 355 bh_lock_sock(sk); 356 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG) 357 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS); 358 359 if (sk->sk_state == TCP_CLOSE) 360 goto out; 361 362 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) { 363 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); 364 goto out; 365 } 366 367 tp = tcp_sk(sk); 368 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */ 369 fastopen = tp->fastopen_rsk; 370 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una; 371 if (sk->sk_state != TCP_LISTEN && 372 !between(seq, snd_una, tp->snd_nxt)) { 373 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS); 374 goto out; 375 } 376 377 np = inet6_sk(sk); 378 379 if (type == NDISC_REDIRECT) { 380 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie); 381 382 if (dst) 383 dst->ops->redirect(dst, sk, skb); 384 goto out; 385 } 386 387 if (type == ICMPV6_PKT_TOOBIG) { 388 /* We are not interested in TCP_LISTEN and open_requests 389 * (SYN-ACKs send out by Linux are always <576bytes so 390 * they should go through unfragmented). 391 */ 392 if (sk->sk_state == TCP_LISTEN) 393 goto out; 394 395 if (!ip6_sk_accept_pmtu(sk)) 396 goto out; 397 398 tp->mtu_info = ntohl(info); 399 if (!sock_owned_by_user(sk)) 400 tcp_v6_mtu_reduced(sk); 401 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED, 402 &tp->tsq_flags)) 403 sock_hold(sk); 404 goto out; 405 } 406 407 icmpv6_err_convert(type, code, &err); 408 409 /* Might be for an request_sock */ 410 switch (sk->sk_state) { 411 case TCP_SYN_SENT: 412 case TCP_SYN_RECV: 413 /* Only in fast or simultaneous open. If a fast open socket is 414 * is already accepted it is treated as a connected one below. 415 */ 416 if (fastopen && !fastopen->sk) 417 break; 418 419 if (!sock_owned_by_user(sk)) { 420 sk->sk_err = err; 421 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */ 422 423 tcp_done(sk); 424 } else 425 sk->sk_err_soft = err; 426 goto out; 427 } 428 429 if (!sock_owned_by_user(sk) && np->recverr) { 430 sk->sk_err = err; 431 sk->sk_error_report(sk); 432 } else 433 sk->sk_err_soft = err; 434 435out: 436 bh_unlock_sock(sk); 437 sock_put(sk); 438} 439 440 441static int tcp_v6_send_synack(struct sock *sk, struct dst_entry *dst, 442 struct flowi *fl, 443 struct request_sock *req, 444 u16 queue_mapping, 445 struct tcp_fastopen_cookie *foc) 446{ 447 struct inet_request_sock *ireq = inet_rsk(req); 448 struct ipv6_pinfo *np = inet6_sk(sk); 449 struct flowi6 *fl6 = &fl->u.ip6; 450 struct sk_buff *skb; 451 int err = -ENOMEM; 452 453 /* First, grab a route. */ 454 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL) 455 goto done; 456 457 skb = tcp_make_synack(sk, dst, req, foc); 458 459 if (skb) { 460 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr, 461 &ireq->ir_v6_rmt_addr); 462 463 fl6->daddr = ireq->ir_v6_rmt_addr; 464 if (np->repflow && ireq->pktopts) 465 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts)); 466 467 skb_set_queue_mapping(skb, queue_mapping); 468 rcu_read_lock(); 469 err = ip6_xmit(sk, skb, fl6, rcu_dereference(np->opt), 470 np->tclass); 471 rcu_read_unlock(); 472 err = net_xmit_eval(err); 473 } 474 475done: 476 return err; 477} 478 479 480static void tcp_v6_reqsk_destructor(struct request_sock *req) 481{ 482 kfree_skb(inet_rsk(req)->pktopts); 483} 484 485#ifdef CONFIG_TCP_MD5SIG 486static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk, 487 const struct in6_addr *addr) 488{ 489 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6); 490} 491 492static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk, 493 const struct sock *addr_sk) 494{ 495 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr); 496} 497 498static int tcp_v6_parse_md5_keys(struct sock *sk, char __user *optval, 499 int optlen) 500{ 501 struct tcp_md5sig cmd; 502 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr; 503 504 if (optlen < sizeof(cmd)) 505 return -EINVAL; 506 507 if (copy_from_user(&cmd, optval, sizeof(cmd))) 508 return -EFAULT; 509 510 if (sin6->sin6_family != AF_INET6) 511 return -EINVAL; 512 513 if (!cmd.tcpm_keylen) { 514 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) 515 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3], 516 AF_INET); 517 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr, 518 AF_INET6); 519 } 520 521 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN) 522 return -EINVAL; 523 524 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) 525 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3], 526 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL); 527 528 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr, 529 AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL); 530} 531 532static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp, 533 const struct in6_addr *daddr, 534 const struct in6_addr *saddr, int nbytes) 535{ 536 struct tcp6_pseudohdr *bp; 537 struct scatterlist sg; 538 539 bp = &hp->md5_blk.ip6; 540 /* 1. TCP pseudo-header (RFC2460) */ 541 bp->saddr = *saddr; 542 bp->daddr = *daddr; 543 bp->protocol = cpu_to_be32(IPPROTO_TCP); 544 bp->len = cpu_to_be32(nbytes); 545 546 sg_init_one(&sg, bp, sizeof(*bp)); 547 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp)); 548} 549 550static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key, 551 const struct in6_addr *daddr, struct in6_addr *saddr, 552 const struct tcphdr *th) 553{ 554 struct tcp_md5sig_pool *hp; 555 struct hash_desc *desc; 556 557 hp = tcp_get_md5sig_pool(); 558 if (!hp) 559 goto clear_hash_noput; 560 desc = &hp->md5_desc; 561 562 if (crypto_hash_init(desc)) 563 goto clear_hash; 564 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2)) 565 goto clear_hash; 566 if (tcp_md5_hash_header(hp, th)) 567 goto clear_hash; 568 if (tcp_md5_hash_key(hp, key)) 569 goto clear_hash; 570 if (crypto_hash_final(desc, md5_hash)) 571 goto clear_hash; 572 573 tcp_put_md5sig_pool(); 574 return 0; 575 576clear_hash: 577 tcp_put_md5sig_pool(); 578clear_hash_noput: 579 memset(md5_hash, 0, 16); 580 return 1; 581} 582 583static int tcp_v6_md5_hash_skb(char *md5_hash, 584 const struct tcp_md5sig_key *key, 585 const struct sock *sk, 586 const struct sk_buff *skb) 587{ 588 const struct in6_addr *saddr, *daddr; 589 struct tcp_md5sig_pool *hp; 590 struct hash_desc *desc; 591 const struct tcphdr *th = tcp_hdr(skb); 592 593 if (sk) { /* valid for establish/request sockets */ 594 saddr = &sk->sk_v6_rcv_saddr; 595 daddr = &sk->sk_v6_daddr; 596 } else { 597 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 598 saddr = &ip6h->saddr; 599 daddr = &ip6h->daddr; 600 } 601 602 hp = tcp_get_md5sig_pool(); 603 if (!hp) 604 goto clear_hash_noput; 605 desc = &hp->md5_desc; 606 607 if (crypto_hash_init(desc)) 608 goto clear_hash; 609 610 if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len)) 611 goto clear_hash; 612 if (tcp_md5_hash_header(hp, th)) 613 goto clear_hash; 614 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2)) 615 goto clear_hash; 616 if (tcp_md5_hash_key(hp, key)) 617 goto clear_hash; 618 if (crypto_hash_final(desc, md5_hash)) 619 goto clear_hash; 620 621 tcp_put_md5sig_pool(); 622 return 0; 623 624clear_hash: 625 tcp_put_md5sig_pool(); 626clear_hash_noput: 627 memset(md5_hash, 0, 16); 628 return 1; 629} 630 631static bool tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb) 632{ 633 const __u8 *hash_location = NULL; 634 struct tcp_md5sig_key *hash_expected; 635 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 636 const struct tcphdr *th = tcp_hdr(skb); 637 int genhash; 638 u8 newhash[16]; 639 640 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr); 641 hash_location = tcp_parse_md5sig_option(th); 642 643 /* We've parsed the options - do we have a hash? */ 644 if (!hash_expected && !hash_location) 645 return false; 646 647 if (hash_expected && !hash_location) { 648 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND); 649 return true; 650 } 651 652 if (!hash_expected && hash_location) { 653 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED); 654 return true; 655 } 656 657 /* check the signature */ 658 genhash = tcp_v6_md5_hash_skb(newhash, 659 hash_expected, 660 NULL, skb); 661 662 if (genhash || memcmp(hash_location, newhash, 16) != 0) { 663 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n", 664 genhash ? "failed" : "mismatch", 665 &ip6h->saddr, ntohs(th->source), 666 &ip6h->daddr, ntohs(th->dest)); 667 return true; 668 } 669 return false; 670} 671#endif 672 673static void tcp_v6_init_req(struct request_sock *req, struct sock *sk, 674 struct sk_buff *skb) 675{ 676 struct inet_request_sock *ireq = inet_rsk(req); 677 struct ipv6_pinfo *np = inet6_sk(sk); 678 679 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr; 680 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr; 681 682 /* So that link locals have meaning */ 683 if (!sk->sk_bound_dev_if && 684 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL) 685 ireq->ir_iif = tcp_v6_iif(skb); 686 687 if (!TCP_SKB_CB(skb)->tcp_tw_isn && 688 (ipv6_opt_accepted(sk, skb, &TCP_SKB_CB(skb)->header.h6) || 689 np->rxopt.bits.rxinfo || 690 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim || 691 np->rxopt.bits.rxohlim || np->repflow)) { 692 atomic_inc(&skb->users); 693 ireq->pktopts = skb; 694 } 695} 696 697static struct dst_entry *tcp_v6_route_req(struct sock *sk, struct flowi *fl, 698 const struct request_sock *req, 699 bool *strict) 700{ 701 if (strict) 702 *strict = true; 703 return inet6_csk_route_req(sk, &fl->u.ip6, req); 704} 705 706struct request_sock_ops tcp6_request_sock_ops __read_mostly = { 707 .family = AF_INET6, 708 .obj_size = sizeof(struct tcp6_request_sock), 709 .rtx_syn_ack = tcp_rtx_synack, 710 .send_ack = tcp_v6_reqsk_send_ack, 711 .destructor = tcp_v6_reqsk_destructor, 712 .send_reset = tcp_v6_send_reset, 713 .syn_ack_timeout = tcp_syn_ack_timeout, 714}; 715 716static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = { 717 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - 718 sizeof(struct ipv6hdr), 719#ifdef CONFIG_TCP_MD5SIG 720 .req_md5_lookup = tcp_v6_md5_lookup, 721 .calc_md5_hash = tcp_v6_md5_hash_skb, 722#endif 723 .init_req = tcp_v6_init_req, 724#ifdef CONFIG_SYN_COOKIES 725 .cookie_init_seq = cookie_v6_init_sequence, 726#endif 727 .route_req = tcp_v6_route_req, 728 .init_seq = tcp_v6_init_sequence, 729 .send_synack = tcp_v6_send_synack, 730 .queue_hash_add = inet6_csk_reqsk_queue_hash_add, 731}; 732 733static void tcp_v6_send_response(struct sock *sk, struct sk_buff *skb, u32 seq, 734 u32 ack, u32 win, u32 tsval, u32 tsecr, 735 int oif, struct tcp_md5sig_key *key, int rst, 736 u8 tclass, u32 label) 737{ 738 const struct tcphdr *th = tcp_hdr(skb); 739 struct tcphdr *t1; 740 struct sk_buff *buff; 741 struct flowi6 fl6; 742 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev); 743 struct sock *ctl_sk = net->ipv6.tcp_sk; 744 unsigned int tot_len = sizeof(struct tcphdr); 745 struct dst_entry *dst; 746 __be32 *topt; 747 748 if (tsecr) 749 tot_len += TCPOLEN_TSTAMP_ALIGNED; 750#ifdef CONFIG_TCP_MD5SIG 751 if (key) 752 tot_len += TCPOLEN_MD5SIG_ALIGNED; 753#endif 754 755 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len, 756 GFP_ATOMIC); 757 if (!buff) 758 return; 759 760 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len); 761 762 t1 = (struct tcphdr *) skb_push(buff, tot_len); 763 skb_reset_transport_header(buff); 764 765 /* Swap the send and the receive. */ 766 memset(t1, 0, sizeof(*t1)); 767 t1->dest = th->source; 768 t1->source = th->dest; 769 t1->doff = tot_len / 4; 770 t1->seq = htonl(seq); 771 t1->ack_seq = htonl(ack); 772 t1->ack = !rst || !th->ack; 773 t1->rst = rst; 774 t1->window = htons(win); 775 776 topt = (__be32 *)(t1 + 1); 777 778 if (tsecr) { 779 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 780 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP); 781 *topt++ = htonl(tsval); 782 *topt++ = htonl(tsecr); 783 } 784 785#ifdef CONFIG_TCP_MD5SIG 786 if (key) { 787 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 788 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG); 789 tcp_v6_md5_hash_hdr((__u8 *)topt, key, 790 &ipv6_hdr(skb)->saddr, 791 &ipv6_hdr(skb)->daddr, t1); 792 } 793#endif 794 795 memset(&fl6, 0, sizeof(fl6)); 796 fl6.daddr = ipv6_hdr(skb)->saddr; 797 fl6.saddr = ipv6_hdr(skb)->daddr; 798 fl6.flowlabel = label; 799 800 buff->ip_summed = CHECKSUM_PARTIAL; 801 buff->csum = 0; 802 803 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr); 804 805 fl6.flowi6_proto = IPPROTO_TCP; 806 if (rt6_need_strict(&fl6.daddr) && !oif) 807 fl6.flowi6_oif = tcp_v6_iif(skb); 808 else 809 fl6.flowi6_oif = oif; 810 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark); 811 fl6.fl6_dport = t1->dest; 812 fl6.fl6_sport = t1->source; 813 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6)); 814 815 /* Pass a socket to ip6_dst_lookup either it is for RST 816 * Underlying function will use this to retrieve the network 817 * namespace 818 */ 819 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL); 820 if (!IS_ERR(dst)) { 821 skb_dst_set(buff, dst); 822 ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass); 823 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS); 824 if (rst) 825 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS); 826 return; 827 } 828 829 kfree_skb(buff); 830} 831 832static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb) 833{ 834 const struct tcphdr *th = tcp_hdr(skb); 835 u32 seq = 0, ack_seq = 0; 836 struct tcp_md5sig_key *key = NULL; 837#ifdef CONFIG_TCP_MD5SIG 838 const __u8 *hash_location = NULL; 839 struct ipv6hdr *ipv6h = ipv6_hdr(skb); 840 unsigned char newhash[16]; 841 int genhash; 842 struct sock *sk1 = NULL; 843#endif 844 int oif; 845 846 if (th->rst) 847 return; 848 849 /* If sk not NULL, it means we did a successful lookup and incoming 850 * route had to be correct. prequeue might have dropped our dst. 851 */ 852 if (!sk && !ipv6_unicast_destination(skb)) 853 return; 854 855#ifdef CONFIG_TCP_MD5SIG 856 hash_location = tcp_parse_md5sig_option(th); 857 if (!sk && hash_location) { 858 /* 859 * active side is lost. Try to find listening socket through 860 * source port, and then find md5 key through listening socket. 861 * we are not loose security here: 862 * Incoming packet is checked with md5 hash with finding key, 863 * no RST generated if md5 hash doesn't match. 864 */ 865 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev), 866 &tcp_hashinfo, &ipv6h->saddr, 867 th->source, &ipv6h->daddr, 868 ntohs(th->source), tcp_v6_iif(skb)); 869 if (!sk1) 870 return; 871 872 rcu_read_lock(); 873 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr); 874 if (!key) 875 goto release_sk1; 876 877 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb); 878 if (genhash || memcmp(hash_location, newhash, 16) != 0) 879 goto release_sk1; 880 } else { 881 key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL; 882 } 883#endif 884 885 if (th->ack) 886 seq = ntohl(th->ack_seq); 887 else 888 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len - 889 (th->doff << 2); 890 891 oif = sk ? sk->sk_bound_dev_if : 0; 892 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0); 893 894#ifdef CONFIG_TCP_MD5SIG 895release_sk1: 896 if (sk1) { 897 rcu_read_unlock(); 898 sock_put(sk1); 899 } 900#endif 901} 902 903static void tcp_v6_send_ack(struct sock *sk, struct sk_buff *skb, u32 seq, 904 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif, 905 struct tcp_md5sig_key *key, u8 tclass, 906 u32 label) 907{ 908 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0, 909 tclass, label); 910} 911 912static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb) 913{ 914 struct inet_timewait_sock *tw = inet_twsk(sk); 915 struct tcp_timewait_sock *tcptw = tcp_twsk(sk); 916 917 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt, 918 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale, 919 tcp_time_stamp + tcptw->tw_ts_offset, 920 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw), 921 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel)); 922 923 inet_twsk_put(tw); 924} 925 926static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb, 927 struct request_sock *req) 928{ 929 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV 930 * sk->sk_state == TCP_SYN_RECV -> for Fast Open. 931 */ 932 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ? 933 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt, 934 tcp_rsk(req)->rcv_nxt, req->rcv_wnd, 935 tcp_time_stamp, req->ts_recent, sk->sk_bound_dev_if, 936 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr), 937 0, 0); 938} 939 940 941static struct sock *tcp_v6_hnd_req(struct sock *sk, struct sk_buff *skb) 942{ 943 const struct tcphdr *th = tcp_hdr(skb); 944 struct request_sock *req; 945 struct sock *nsk; 946 947 /* Find possible connection requests. */ 948 req = inet6_csk_search_req(sk, th->source, 949 &ipv6_hdr(skb)->saddr, 950 &ipv6_hdr(skb)->daddr, tcp_v6_iif(skb)); 951 if (req) { 952 nsk = tcp_check_req(sk, skb, req, false); 953 if (!nsk || nsk == sk) 954 reqsk_put(req); 955 return nsk; 956 } 957 nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo, 958 &ipv6_hdr(skb)->saddr, th->source, 959 &ipv6_hdr(skb)->daddr, ntohs(th->dest), 960 tcp_v6_iif(skb)); 961 962 if (nsk) { 963 if (nsk->sk_state != TCP_TIME_WAIT) { 964 bh_lock_sock(nsk); 965 return nsk; 966 } 967 inet_twsk_put(inet_twsk(nsk)); 968 return NULL; 969 } 970 971#ifdef CONFIG_SYN_COOKIES 972 if (!th->syn) 973 sk = cookie_v6_check(sk, skb); 974#endif 975 return sk; 976} 977 978static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) 979{ 980 if (skb->protocol == htons(ETH_P_IP)) 981 return tcp_v4_conn_request(sk, skb); 982 983 if (!ipv6_unicast_destination(skb)) 984 goto drop; 985 986 return tcp_conn_request(&tcp6_request_sock_ops, 987 &tcp_request_sock_ipv6_ops, sk, skb); 988 989drop: 990 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS); 991 return 0; /* don't send reset */ 992} 993 994static struct sock *tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, 995 struct request_sock *req, 996 struct dst_entry *dst) 997{ 998 struct inet_request_sock *ireq; 999 struct ipv6_pinfo *newnp, *np = inet6_sk(sk); 1000 struct tcp6_sock *newtcp6sk; 1001 struct ipv6_txoptions *opt; 1002 struct inet_sock *newinet; 1003 struct tcp_sock *newtp; 1004 struct sock *newsk; 1005#ifdef CONFIG_TCP_MD5SIG 1006 struct tcp_md5sig_key *key; 1007#endif 1008 struct flowi6 fl6; 1009 1010 if (skb->protocol == htons(ETH_P_IP)) { 1011 /* 1012 * v6 mapped 1013 */ 1014 1015 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst); 1016 1017 if (!newsk) 1018 return NULL; 1019 1020 newtcp6sk = (struct tcp6_sock *)newsk; 1021 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1022 1023 newinet = inet_sk(newsk); 1024 newnp = inet6_sk(newsk); 1025 newtp = tcp_sk(newsk); 1026 1027 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1028 1029 newnp->saddr = newsk->sk_v6_rcv_saddr; 1030 1031 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped; 1032 newsk->sk_backlog_rcv = tcp_v4_do_rcv; 1033#ifdef CONFIG_TCP_MD5SIG 1034 newtp->af_specific = &tcp_sock_ipv6_mapped_specific; 1035#endif 1036 1037 newnp->ipv6_ac_list = NULL; 1038 newnp->ipv6_fl_list = NULL; 1039 newnp->pktoptions = NULL; 1040 newnp->opt = NULL; 1041 newnp->mcast_oif = tcp_v6_iif(skb); 1042 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit; 1043 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb)); 1044 if (np->repflow) 1045 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb)); 1046 1047 /* 1048 * No need to charge this sock to the relevant IPv6 refcnt debug socks count 1049 * here, tcp_create_openreq_child now does this for us, see the comment in 1050 * that function for the gory details. -acme 1051 */ 1052 1053 /* It is tricky place. Until this moment IPv4 tcp 1054 worked with IPv6 icsk.icsk_af_ops. 1055 Sync it now. 1056 */ 1057 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie); 1058 1059 return newsk; 1060 } 1061 1062 ireq = inet_rsk(req); 1063 1064 if (sk_acceptq_is_full(sk)) 1065 goto out_overflow; 1066 1067 if (!dst) { 1068 dst = inet6_csk_route_req(sk, &fl6, req); 1069 if (!dst) 1070 goto out; 1071 } 1072 1073 newsk = tcp_create_openreq_child(sk, req, skb); 1074 if (!newsk) 1075 goto out_nonewsk; 1076 1077 /* 1078 * No need to charge this sock to the relevant IPv6 refcnt debug socks 1079 * count here, tcp_create_openreq_child now does this for us, see the 1080 * comment in that function for the gory details. -acme 1081 */ 1082 1083 newsk->sk_gso_type = SKB_GSO_TCPV6; 1084 __ip6_dst_store(newsk, dst, NULL, NULL); 1085 inet6_sk_rx_dst_set(newsk, skb); 1086 1087 newtcp6sk = (struct tcp6_sock *)newsk; 1088 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 1089 1090 newtp = tcp_sk(newsk); 1091 newinet = inet_sk(newsk); 1092 newnp = inet6_sk(newsk); 1093 1094 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 1095 1096 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr; 1097 newnp->saddr = ireq->ir_v6_loc_addr; 1098 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr; 1099 newsk->sk_bound_dev_if = ireq->ir_iif; 1100 1101 ip6_set_txhash(newsk); 1102 1103 /* Now IPv6 options... 1104 1105 First: no IPv4 options. 1106 */ 1107 newinet->inet_opt = NULL; 1108 newnp->ipv6_ac_list = NULL; 1109 newnp->ipv6_fl_list = NULL; 1110 1111 /* Clone RX bits */ 1112 newnp->rxopt.all = np->rxopt.all; 1113 1114 /* Clone pktoptions received with SYN */ 1115 newnp->pktoptions = NULL; 1116 if (ireq->pktopts) { 1117 newnp->pktoptions = skb_clone(ireq->pktopts, 1118 sk_gfp_atomic(sk, GFP_ATOMIC)); 1119 consume_skb(ireq->pktopts); 1120 ireq->pktopts = NULL; 1121 if (newnp->pktoptions) 1122 skb_set_owner_r(newnp->pktoptions, newsk); 1123 } 1124 newnp->opt = NULL; 1125 newnp->mcast_oif = tcp_v6_iif(skb); 1126 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit; 1127 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb)); 1128 if (np->repflow) 1129 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb)); 1130 1131 /* Clone native IPv6 options from listening socket (if any) 1132 1133 Yes, keeping reference count would be much more clever, 1134 but we make one more one thing there: reattach optmem 1135 to newsk. 1136 */ 1137 opt = rcu_dereference(np->opt); 1138 if (opt) { 1139 opt = ipv6_dup_options(newsk, opt); 1140 RCU_INIT_POINTER(newnp->opt, opt); 1141 } 1142 inet_csk(newsk)->icsk_ext_hdr_len = 0; 1143 if (opt) 1144 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen + 1145 opt->opt_flen; 1146 1147 tcp_ca_openreq_child(newsk, dst); 1148 1149 tcp_sync_mss(newsk, dst_mtu(dst)); 1150 newtp->advmss = dst_metric_advmss(dst); 1151 if (tcp_sk(sk)->rx_opt.user_mss && 1152 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss) 1153 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss; 1154 1155 tcp_initialize_rcv_mss(newsk); 1156 1157 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6; 1158 newinet->inet_rcv_saddr = LOOPBACK4_IPV6; 1159 1160#ifdef CONFIG_TCP_MD5SIG 1161 /* Copy over the MD5 key from the original socket */ 1162 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr); 1163 if (key) { 1164 /* We're using one, so create a matching key 1165 * on the newsk structure. If we fail to get 1166 * memory, then we end up not copying the key 1167 * across. Shucks. 1168 */ 1169 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr, 1170 AF_INET6, key->key, key->keylen, 1171 sk_gfp_atomic(sk, GFP_ATOMIC)); 1172 } 1173#endif 1174 1175 if (__inet_inherit_port(sk, newsk) < 0) { 1176 inet_csk_prepare_forced_close(newsk); 1177 tcp_done(newsk); 1178 goto out; 1179 } 1180 __inet_hash(newsk, NULL); 1181 1182 return newsk; 1183 1184out_overflow: 1185 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS); 1186out_nonewsk: 1187 dst_release(dst); 1188out: 1189 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS); 1190 return NULL; 1191} 1192 1193/* The socket must have it's spinlock held when we get 1194 * here. 1195 * 1196 * We have a potential double-lock case here, so even when 1197 * doing backlog processing we use the BH locking scheme. 1198 * This is because we cannot sleep with the original spinlock 1199 * held. 1200 */ 1201static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) 1202{ 1203 struct ipv6_pinfo *np = inet6_sk(sk); 1204 struct tcp_sock *tp; 1205 struct sk_buff *opt_skb = NULL; 1206 1207 /* Imagine: socket is IPv6. IPv4 packet arrives, 1208 goes to IPv4 receive handler and backlogged. 1209 From backlog it always goes here. Kerboom... 1210 Fortunately, tcp_rcv_established and rcv_established 1211 handle them correctly, but it is not case with 1212 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK 1213 */ 1214 1215 if (skb->protocol == htons(ETH_P_IP)) 1216 return tcp_v4_do_rcv(sk, skb); 1217 1218 if (sk_filter(sk, skb)) 1219 goto discard; 1220 1221 /* 1222 * socket locking is here for SMP purposes as backlog rcv 1223 * is currently called with bh processing disabled. 1224 */ 1225 1226 /* Do Stevens' IPV6_PKTOPTIONS. 1227 1228 Yes, guys, it is the only place in our code, where we 1229 may make it not affecting IPv4. 1230 The rest of code is protocol independent, 1231 and I do not like idea to uglify IPv4. 1232 1233 Actually, all the idea behind IPV6_PKTOPTIONS 1234 looks not very well thought. For now we latch 1235 options, received in the last packet, enqueued 1236 by tcp. Feel free to propose better solution. 1237 --ANK (980728) 1238 */ 1239 if (np->rxopt.all) 1240 opt_skb = skb_clone(skb, sk_gfp_atomic(sk, GFP_ATOMIC)); 1241 1242 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */ 1243 struct dst_entry *dst = sk->sk_rx_dst; 1244 1245 sock_rps_save_rxhash(sk, skb); 1246 sk_mark_napi_id(sk, skb); 1247 if (dst) { 1248 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif || 1249 dst->ops->check(dst, np->rx_dst_cookie) == NULL) { 1250 dst_release(dst); 1251 sk->sk_rx_dst = NULL; 1252 } 1253 } 1254 1255 tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len); 1256 if (opt_skb) 1257 goto ipv6_pktoptions; 1258 return 0; 1259 } 1260 1261 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb)) 1262 goto csum_err; 1263 1264 if (sk->sk_state == TCP_LISTEN) { 1265 struct sock *nsk = tcp_v6_hnd_req(sk, skb); 1266 if (!nsk) 1267 goto discard; 1268 1269 /* 1270 * Queue it on the new socket if the new socket is active, 1271 * otherwise we just shortcircuit this and continue with 1272 * the new socket.. 1273 */ 1274 if (nsk != sk) { 1275 sock_rps_save_rxhash(nsk, skb); 1276 sk_mark_napi_id(sk, skb); 1277 if (tcp_child_process(sk, nsk, skb)) 1278 goto reset; 1279 if (opt_skb) 1280 __kfree_skb(opt_skb); 1281 return 0; 1282 } 1283 } else 1284 sock_rps_save_rxhash(sk, skb); 1285 1286 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) 1287 goto reset; 1288 if (opt_skb) 1289 goto ipv6_pktoptions; 1290 return 0; 1291 1292reset: 1293 tcp_v6_send_reset(sk, skb); 1294discard: 1295 if (opt_skb) 1296 __kfree_skb(opt_skb); 1297 kfree_skb(skb); 1298 return 0; 1299csum_err: 1300 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_CSUMERRORS); 1301 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS); 1302 goto discard; 1303 1304 1305ipv6_pktoptions: 1306 /* Do you ask, what is it? 1307 1308 1. skb was enqueued by tcp. 1309 2. skb is added to tail of read queue, rather than out of order. 1310 3. socket is not in passive state. 1311 4. Finally, it really contains options, which user wants to receive. 1312 */ 1313 tp = tcp_sk(sk); 1314 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt && 1315 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) { 1316 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo) 1317 np->mcast_oif = tcp_v6_iif(opt_skb); 1318 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) 1319 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit; 1320 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass) 1321 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb)); 1322 if (np->repflow) 1323 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb)); 1324 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) { 1325 skb_set_owner_r(opt_skb, sk); 1326 opt_skb = xchg(&np->pktoptions, opt_skb); 1327 } else { 1328 __kfree_skb(opt_skb); 1329 opt_skb = xchg(&np->pktoptions, NULL); 1330 } 1331 } 1332 1333 kfree_skb(opt_skb); 1334 return 0; 1335} 1336 1337static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr, 1338 const struct tcphdr *th) 1339{ 1340 /* This is tricky: we move IP6CB at its correct location into 1341 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because 1342 * _decode_session6() uses IP6CB(). 1343 * barrier() makes sure compiler won't play aliasing games. 1344 */ 1345 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb), 1346 sizeof(struct inet6_skb_parm)); 1347 barrier(); 1348 1349 TCP_SKB_CB(skb)->seq = ntohl(th->seq); 1350 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin + 1351 skb->len - th->doff*4); 1352 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq); 1353 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th); 1354 TCP_SKB_CB(skb)->tcp_tw_isn = 0; 1355 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr); 1356 TCP_SKB_CB(skb)->sacked = 0; 1357} 1358 1359static void tcp_v6_restore_cb(struct sk_buff *skb) 1360{ 1361 /* We need to move header back to the beginning if xfrm6_policy_check() 1362 * and tcp_v6_fill_cb() are going to be called again. 1363 */ 1364 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6, 1365 sizeof(struct inet6_skb_parm)); 1366} 1367 1368static int tcp_v6_rcv(struct sk_buff *skb) 1369{ 1370 const struct tcphdr *th; 1371 const struct ipv6hdr *hdr; 1372 struct sock *sk; 1373 int ret; 1374 struct net *net = dev_net(skb->dev); 1375 1376 if (skb->pkt_type != PACKET_HOST) 1377 goto discard_it; 1378 1379 /* 1380 * Count it even if it's bad. 1381 */ 1382 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS); 1383 1384 if (!pskb_may_pull(skb, sizeof(struct tcphdr))) 1385 goto discard_it; 1386 1387 th = tcp_hdr(skb); 1388 1389 if (th->doff < sizeof(struct tcphdr)/4) 1390 goto bad_packet; 1391 if (!pskb_may_pull(skb, th->doff*4)) 1392 goto discard_it; 1393 1394 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo)) 1395 goto csum_error; 1396 1397 th = tcp_hdr(skb); 1398 hdr = ipv6_hdr(skb); 1399 1400 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest, 1401 inet6_iif(skb)); 1402 if (!sk) 1403 goto no_tcp_socket; 1404 1405process: 1406 if (sk->sk_state == TCP_TIME_WAIT) 1407 goto do_time_wait; 1408 1409 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) { 1410 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); 1411 goto discard_and_relse; 1412 } 1413 1414 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) 1415 goto discard_and_relse; 1416 1417 tcp_v6_fill_cb(skb, hdr, th); 1418 1419#ifdef CONFIG_TCP_MD5SIG 1420 if (tcp_v6_inbound_md5_hash(sk, skb)) 1421 goto discard_and_relse; 1422#endif 1423 1424 if (sk_filter(sk, skb)) 1425 goto discard_and_relse; 1426 1427 sk_incoming_cpu_update(sk); 1428 skb->dev = NULL; 1429 1430 bh_lock_sock_nested(sk); 1431 ret = 0; 1432 if (!sock_owned_by_user(sk)) { 1433 if (!tcp_prequeue(sk, skb)) 1434 ret = tcp_v6_do_rcv(sk, skb); 1435 } else if (unlikely(sk_add_backlog(sk, skb, 1436 sk->sk_rcvbuf + sk->sk_sndbuf))) { 1437 bh_unlock_sock(sk); 1438 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP); 1439 goto discard_and_relse; 1440 } 1441 bh_unlock_sock(sk); 1442 1443 sock_put(sk); 1444 return ret ? -1 : 0; 1445 1446no_tcp_socket: 1447 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) 1448 goto discard_it; 1449 1450 tcp_v6_fill_cb(skb, hdr, th); 1451 1452 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1453csum_error: 1454 TCP_INC_STATS_BH(net, TCP_MIB_CSUMERRORS); 1455bad_packet: 1456 TCP_INC_STATS_BH(net, TCP_MIB_INERRS); 1457 } else { 1458 tcp_v6_send_reset(NULL, skb); 1459 } 1460 1461discard_it: 1462 kfree_skb(skb); 1463 return 0; 1464 1465discard_and_relse: 1466 sock_put(sk); 1467 goto discard_it; 1468 1469do_time_wait: 1470 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1471 inet_twsk_put(inet_twsk(sk)); 1472 goto discard_it; 1473 } 1474 1475 tcp_v6_fill_cb(skb, hdr, th); 1476 1477 if (skb->len < (th->doff<<2)) { 1478 inet_twsk_put(inet_twsk(sk)); 1479 goto bad_packet; 1480 } 1481 if (tcp_checksum_complete(skb)) { 1482 inet_twsk_put(inet_twsk(sk)); 1483 goto csum_error; 1484 } 1485 1486 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) { 1487 case TCP_TW_SYN: 1488 { 1489 struct sock *sk2; 1490 1491 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo, 1492 &ipv6_hdr(skb)->saddr, th->source, 1493 &ipv6_hdr(skb)->daddr, 1494 ntohs(th->dest), tcp_v6_iif(skb)); 1495 if (sk2) { 1496 struct inet_timewait_sock *tw = inet_twsk(sk); 1497 inet_twsk_deschedule(tw); 1498 inet_twsk_put(tw); 1499 sk = sk2; 1500 tcp_v6_restore_cb(skb); 1501 goto process; 1502 } 1503 /* Fall through to ACK */ 1504 } 1505 case TCP_TW_ACK: 1506 tcp_v6_timewait_ack(sk, skb); 1507 break; 1508 case TCP_TW_RST: 1509 tcp_v6_restore_cb(skb); 1510 goto no_tcp_socket; 1511 case TCP_TW_SUCCESS: 1512 ; 1513 } 1514 goto discard_it; 1515} 1516 1517static void tcp_v6_early_demux(struct sk_buff *skb) 1518{ 1519 const struct ipv6hdr *hdr; 1520 const struct tcphdr *th; 1521 struct sock *sk; 1522 1523 if (skb->pkt_type != PACKET_HOST) 1524 return; 1525 1526 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr))) 1527 return; 1528 1529 hdr = ipv6_hdr(skb); 1530 th = tcp_hdr(skb); 1531 1532 if (th->doff < sizeof(struct tcphdr) / 4) 1533 return; 1534 1535 /* Note : We use inet6_iif() here, not tcp_v6_iif() */ 1536 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo, 1537 &hdr->saddr, th->source, 1538 &hdr->daddr, ntohs(th->dest), 1539 inet6_iif(skb)); 1540 if (sk) { 1541 skb->sk = sk; 1542 skb->destructor = sock_edemux; 1543 if (sk_fullsock(sk)) { 1544 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst); 1545 1546 if (dst) 1547 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie); 1548 if (dst && 1549 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif) 1550 skb_dst_set_noref(skb, dst); 1551 } 1552 } 1553} 1554 1555static struct timewait_sock_ops tcp6_timewait_sock_ops = { 1556 .twsk_obj_size = sizeof(struct tcp6_timewait_sock), 1557 .twsk_unique = tcp_twsk_unique, 1558 .twsk_destructor = tcp_twsk_destructor, 1559}; 1560 1561static const struct inet_connection_sock_af_ops ipv6_specific = { 1562 .queue_xmit = inet6_csk_xmit, 1563 .send_check = tcp_v6_send_check, 1564 .rebuild_header = inet6_sk_rebuild_header, 1565 .sk_rx_dst_set = inet6_sk_rx_dst_set, 1566 .conn_request = tcp_v6_conn_request, 1567 .syn_recv_sock = tcp_v6_syn_recv_sock, 1568 .net_header_len = sizeof(struct ipv6hdr), 1569 .net_frag_header_len = sizeof(struct frag_hdr), 1570 .setsockopt = ipv6_setsockopt, 1571 .getsockopt = ipv6_getsockopt, 1572 .addr2sockaddr = inet6_csk_addr2sockaddr, 1573 .sockaddr_len = sizeof(struct sockaddr_in6), 1574 .bind_conflict = inet6_csk_bind_conflict, 1575#ifdef CONFIG_COMPAT 1576 .compat_setsockopt = compat_ipv6_setsockopt, 1577 .compat_getsockopt = compat_ipv6_getsockopt, 1578#endif 1579 .mtu_reduced = tcp_v6_mtu_reduced, 1580}; 1581 1582#ifdef CONFIG_TCP_MD5SIG 1583static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = { 1584 .md5_lookup = tcp_v6_md5_lookup, 1585 .calc_md5_hash = tcp_v6_md5_hash_skb, 1586 .md5_parse = tcp_v6_parse_md5_keys, 1587}; 1588#endif 1589 1590/* 1591 * TCP over IPv4 via INET6 API 1592 */ 1593static const struct inet_connection_sock_af_ops ipv6_mapped = { 1594 .queue_xmit = ip_queue_xmit, 1595 .send_check = tcp_v4_send_check, 1596 .rebuild_header = inet_sk_rebuild_header, 1597 .sk_rx_dst_set = inet_sk_rx_dst_set, 1598 .conn_request = tcp_v6_conn_request, 1599 .syn_recv_sock = tcp_v6_syn_recv_sock, 1600 .net_header_len = sizeof(struct iphdr), 1601 .setsockopt = ipv6_setsockopt, 1602 .getsockopt = ipv6_getsockopt, 1603 .addr2sockaddr = inet6_csk_addr2sockaddr, 1604 .sockaddr_len = sizeof(struct sockaddr_in6), 1605 .bind_conflict = inet6_csk_bind_conflict, 1606#ifdef CONFIG_COMPAT 1607 .compat_setsockopt = compat_ipv6_setsockopt, 1608 .compat_getsockopt = compat_ipv6_getsockopt, 1609#endif 1610 .mtu_reduced = tcp_v4_mtu_reduced, 1611}; 1612 1613#ifdef CONFIG_TCP_MD5SIG 1614static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = { 1615 .md5_lookup = tcp_v4_md5_lookup, 1616 .calc_md5_hash = tcp_v4_md5_hash_skb, 1617 .md5_parse = tcp_v6_parse_md5_keys, 1618}; 1619#endif 1620 1621/* NOTE: A lot of things set to zero explicitly by call to 1622 * sk_alloc() so need not be done here. 1623 */ 1624static int tcp_v6_init_sock(struct sock *sk) 1625{ 1626 struct inet_connection_sock *icsk = inet_csk(sk); 1627 1628 tcp_init_sock(sk); 1629 1630 icsk->icsk_af_ops = &ipv6_specific; 1631 1632#ifdef CONFIG_TCP_MD5SIG 1633 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific; 1634#endif 1635 1636 return 0; 1637} 1638 1639static void tcp_v6_destroy_sock(struct sock *sk) 1640{ 1641 tcp_v4_destroy_sock(sk); 1642 inet6_destroy_sock(sk); 1643} 1644 1645#ifdef CONFIG_PROC_FS 1646/* Proc filesystem TCPv6 sock list dumping. */ 1647static void get_openreq6(struct seq_file *seq, 1648 struct request_sock *req, int i, kuid_t uid) 1649{ 1650 long ttd = req->rsk_timer.expires - jiffies; 1651 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr; 1652 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr; 1653 1654 if (ttd < 0) 1655 ttd = 0; 1656 1657 seq_printf(seq, 1658 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1659 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n", 1660 i, 1661 src->s6_addr32[0], src->s6_addr32[1], 1662 src->s6_addr32[2], src->s6_addr32[3], 1663 inet_rsk(req)->ir_num, 1664 dest->s6_addr32[0], dest->s6_addr32[1], 1665 dest->s6_addr32[2], dest->s6_addr32[3], 1666 ntohs(inet_rsk(req)->ir_rmt_port), 1667 TCP_SYN_RECV, 1668 0, 0, /* could print option size, but that is af dependent. */ 1669 1, /* timers active (only the expire timer) */ 1670 jiffies_to_clock_t(ttd), 1671 req->num_timeout, 1672 from_kuid_munged(seq_user_ns(seq), uid), 1673 0, /* non standard timer */ 1674 0, /* open_requests have no inode */ 1675 0, req); 1676} 1677 1678static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) 1679{ 1680 const struct in6_addr *dest, *src; 1681 __u16 destp, srcp; 1682 int timer_active; 1683 unsigned long timer_expires; 1684 const struct inet_sock *inet = inet_sk(sp); 1685 const struct tcp_sock *tp = tcp_sk(sp); 1686 const struct inet_connection_sock *icsk = inet_csk(sp); 1687 struct fastopen_queue *fastopenq = icsk->icsk_accept_queue.fastopenq; 1688 1689 dest = &sp->sk_v6_daddr; 1690 src = &sp->sk_v6_rcv_saddr; 1691 destp = ntohs(inet->inet_dport); 1692 srcp = ntohs(inet->inet_sport); 1693 1694 if (icsk->icsk_pending == ICSK_TIME_RETRANS) { 1695 timer_active = 1; 1696 timer_expires = icsk->icsk_timeout; 1697 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) { 1698 timer_active = 4; 1699 timer_expires = icsk->icsk_timeout; 1700 } else if (timer_pending(&sp->sk_timer)) { 1701 timer_active = 2; 1702 timer_expires = sp->sk_timer.expires; 1703 } else { 1704 timer_active = 0; 1705 timer_expires = jiffies; 1706 } 1707 1708 seq_printf(seq, 1709 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1710 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n", 1711 i, 1712 src->s6_addr32[0], src->s6_addr32[1], 1713 src->s6_addr32[2], src->s6_addr32[3], srcp, 1714 dest->s6_addr32[0], dest->s6_addr32[1], 1715 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1716 sp->sk_state, 1717 tp->write_seq-tp->snd_una, 1718 (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq), 1719 timer_active, 1720 jiffies_delta_to_clock_t(timer_expires - jiffies), 1721 icsk->icsk_retransmits, 1722 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), 1723 icsk->icsk_probes_out, 1724 sock_i_ino(sp), 1725 atomic_read(&sp->sk_refcnt), sp, 1726 jiffies_to_clock_t(icsk->icsk_rto), 1727 jiffies_to_clock_t(icsk->icsk_ack.ato), 1728 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong, 1729 tp->snd_cwnd, 1730 sp->sk_state == TCP_LISTEN ? 1731 (fastopenq ? fastopenq->max_qlen : 0) : 1732 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh) 1733 ); 1734} 1735 1736static void get_timewait6_sock(struct seq_file *seq, 1737 struct inet_timewait_sock *tw, int i) 1738{ 1739 long delta = tw->tw_timer.expires - jiffies; 1740 const struct in6_addr *dest, *src; 1741 __u16 destp, srcp; 1742 1743 dest = &tw->tw_v6_daddr; 1744 src = &tw->tw_v6_rcv_saddr; 1745 destp = ntohs(tw->tw_dport); 1746 srcp = ntohs(tw->tw_sport); 1747 1748 seq_printf(seq, 1749 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1750 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n", 1751 i, 1752 src->s6_addr32[0], src->s6_addr32[1], 1753 src->s6_addr32[2], src->s6_addr32[3], srcp, 1754 dest->s6_addr32[0], dest->s6_addr32[1], 1755 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1756 tw->tw_substate, 0, 0, 1757 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0, 1758 atomic_read(&tw->tw_refcnt), tw); 1759} 1760 1761static int tcp6_seq_show(struct seq_file *seq, void *v) 1762{ 1763 struct tcp_iter_state *st; 1764 struct sock *sk = v; 1765 1766 if (v == SEQ_START_TOKEN) { 1767 seq_puts(seq, 1768 " sl " 1769 "local_address " 1770 "remote_address " 1771 "st tx_queue rx_queue tr tm->when retrnsmt" 1772 " uid timeout inode\n"); 1773 goto out; 1774 } 1775 st = seq->private; 1776 1777 switch (st->state) { 1778 case TCP_SEQ_STATE_LISTENING: 1779 case TCP_SEQ_STATE_ESTABLISHED: 1780 if (sk->sk_state == TCP_TIME_WAIT) 1781 get_timewait6_sock(seq, v, st->num); 1782 else 1783 get_tcp6_sock(seq, v, st->num); 1784 break; 1785 case TCP_SEQ_STATE_OPENREQ: 1786 get_openreq6(seq, v, st->num, st->uid); 1787 break; 1788 } 1789out: 1790 return 0; 1791} 1792 1793static const struct file_operations tcp6_afinfo_seq_fops = { 1794 .owner = THIS_MODULE, 1795 .open = tcp_seq_open, 1796 .read = seq_read, 1797 .llseek = seq_lseek, 1798 .release = seq_release_net 1799}; 1800 1801static struct tcp_seq_afinfo tcp6_seq_afinfo = { 1802 .name = "tcp6", 1803 .family = AF_INET6, 1804 .seq_fops = &tcp6_afinfo_seq_fops, 1805 .seq_ops = { 1806 .show = tcp6_seq_show, 1807 }, 1808}; 1809 1810int __net_init tcp6_proc_init(struct net *net) 1811{ 1812 return tcp_proc_register(net, &tcp6_seq_afinfo); 1813} 1814 1815void tcp6_proc_exit(struct net *net) 1816{ 1817 tcp_proc_unregister(net, &tcp6_seq_afinfo); 1818} 1819#endif 1820 1821static void tcp_v6_clear_sk(struct sock *sk, int size) 1822{ 1823 struct inet_sock *inet = inet_sk(sk); 1824 1825 /* we do not want to clear pinet6 field, because of RCU lookups */ 1826 sk_prot_clear_nulls(sk, offsetof(struct inet_sock, pinet6)); 1827 1828 size -= offsetof(struct inet_sock, pinet6) + sizeof(inet->pinet6); 1829 memset(&inet->pinet6 + 1, 0, size); 1830} 1831 1832struct proto tcpv6_prot = { 1833 .name = "TCPv6", 1834 .owner = THIS_MODULE, 1835 .close = tcp_close, 1836 .connect = tcp_v6_connect, 1837 .disconnect = tcp_disconnect, 1838 .accept = inet_csk_accept, 1839 .ioctl = tcp_ioctl, 1840 .init = tcp_v6_init_sock, 1841 .destroy = tcp_v6_destroy_sock, 1842 .shutdown = tcp_shutdown, 1843 .setsockopt = tcp_setsockopt, 1844 .getsockopt = tcp_getsockopt, 1845 .recvmsg = tcp_recvmsg, 1846 .sendmsg = tcp_sendmsg, 1847 .sendpage = tcp_sendpage, 1848 .backlog_rcv = tcp_v6_do_rcv, 1849 .release_cb = tcp_release_cb, 1850 .hash = inet_hash, 1851 .unhash = inet_unhash, 1852 .get_port = inet_csk_get_port, 1853 .enter_memory_pressure = tcp_enter_memory_pressure, 1854 .stream_memory_free = tcp_stream_memory_free, 1855 .sockets_allocated = &tcp_sockets_allocated, 1856 .memory_allocated = &tcp_memory_allocated, 1857 .memory_pressure = &tcp_memory_pressure, 1858 .orphan_count = &tcp_orphan_count, 1859 .sysctl_mem = sysctl_tcp_mem, 1860 .sysctl_wmem = sysctl_tcp_wmem, 1861 .sysctl_rmem = sysctl_tcp_rmem, 1862 .max_header = MAX_TCP_HEADER, 1863 .obj_size = sizeof(struct tcp6_sock), 1864 .slab_flags = SLAB_DESTROY_BY_RCU, 1865 .twsk_prot = &tcp6_timewait_sock_ops, 1866 .rsk_prot = &tcp6_request_sock_ops, 1867 .h.hashinfo = &tcp_hashinfo, 1868 .no_autobind = true, 1869#ifdef CONFIG_COMPAT 1870 .compat_setsockopt = compat_tcp_setsockopt, 1871 .compat_getsockopt = compat_tcp_getsockopt, 1872#endif 1873#ifdef CONFIG_MEMCG_KMEM 1874 .proto_cgroup = tcp_proto_cgroup, 1875#endif 1876 .clear_sk = tcp_v6_clear_sk, 1877}; 1878 1879static const struct inet6_protocol tcpv6_protocol = { 1880 .early_demux = tcp_v6_early_demux, 1881 .handler = tcp_v6_rcv, 1882 .err_handler = tcp_v6_err, 1883 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 1884}; 1885 1886static struct inet_protosw tcpv6_protosw = { 1887 .type = SOCK_STREAM, 1888 .protocol = IPPROTO_TCP, 1889 .prot = &tcpv6_prot, 1890 .ops = &inet6_stream_ops, 1891 .flags = INET_PROTOSW_PERMANENT | 1892 INET_PROTOSW_ICSK, 1893}; 1894 1895static int __net_init tcpv6_net_init(struct net *net) 1896{ 1897 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6, 1898 SOCK_RAW, IPPROTO_TCP, net); 1899} 1900 1901static void __net_exit tcpv6_net_exit(struct net *net) 1902{ 1903 inet_ctl_sock_destroy(net->ipv6.tcp_sk); 1904} 1905 1906static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list) 1907{ 1908 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6); 1909} 1910 1911static struct pernet_operations tcpv6_net_ops = { 1912 .init = tcpv6_net_init, 1913 .exit = tcpv6_net_exit, 1914 .exit_batch = tcpv6_net_exit_batch, 1915}; 1916 1917int __init tcpv6_init(void) 1918{ 1919 int ret; 1920 1921 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP); 1922 if (ret) 1923 goto out; 1924 1925 /* register inet6 protocol */ 1926 ret = inet6_register_protosw(&tcpv6_protosw); 1927 if (ret) 1928 goto out_tcpv6_protocol; 1929 1930 ret = register_pernet_subsys(&tcpv6_net_ops); 1931 if (ret) 1932 goto out_tcpv6_protosw; 1933out: 1934 return ret; 1935 1936out_tcpv6_protosw: 1937 inet6_unregister_protosw(&tcpv6_protosw); 1938out_tcpv6_protocol: 1939 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP); 1940 goto out; 1941} 1942 1943void tcpv6_exit(void) 1944{ 1945 unregister_pernet_subsys(&tcpv6_net_ops); 1946 inet6_unregister_protosw(&tcpv6_protosw); 1947 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP); 1948} 1949