projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
lib: objagg: Use struct_size() in kzalloc()
[linux-2.6-block.git] / net / ipv6 / tcp_ipv6.c
CommitLineData
1da177e4
LT		 1/*
2 * TCP over IPv6
1ab1457c 3 * Linux INET6 implementation
1da177e4
LT		 4 *
5 * Authors:
1ab1457c 6 * Pedro Roque <roque@di.fc.ul.pt>
1da177e4 7 *
1ab1457c 8 * Based on:
1da177e4
LT		 9 * linux/net/ipv4/tcp.c
10 * linux/net/ipv4/tcp_input.c
11 * linux/net/ipv4/tcp_output.c
12 *
13 * Fixes:
14 * Hideaki YOSHIFUJI : sin6_scope_id support
15 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
16 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
17 * a single port at the same time.
18 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
19 *
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
24 */
25
eb4dea58 26#include <linux/bottom_half.h>
1da177e4 27#include <linux/module.h>
1da177e4
LT		 28#include <linux/errno.h>
29#include <linux/types.h>
30#include <linux/socket.h>
31#include <linux/sockios.h>
32#include <linux/net.h>
33#include <linux/jiffies.h>
34#include <linux/in.h>
35#include <linux/in6.h>
36#include <linux/netdevice.h>
37#include <linux/init.h>
38#include <linux/jhash.h>
39#include <linux/ipsec.h>
40#include <linux/times.h>
5a0e3ad6 41#include <linux/slab.h>
4aa956d8 42#include <linux/uaccess.h>
1da177e4
LT		 43#include <linux/ipv6.h>
44#include <linux/icmpv6.h>
45#include <linux/random.h>
0e219ae4 46#include <linux/indirect_call_wrapper.h>
1da177e4
LT		 47
48#include <net/tcp.h>
49#include <net/ndisc.h>
5324a040 50#include <net/inet6_hashtables.h>
8129765a 51#include <net/inet6_connection_sock.h>
1da177e4
LT		 52#include <net/ipv6.h>
53#include <net/transp_v6.h>
54#include <net/addrconf.h>
55#include <net/ip6_route.h>
56#include <net/ip6_checksum.h>
57#include <net/inet_ecn.h>
58#include <net/protocol.h>
59#include <net/xfrm.h>
1da177e4
LT		 60#include <net/snmp.h>
61#include <net/dsfield.h>
6d6ee43e 62#include <net/timewait_sock.h>
3d58b5fa 63#include <net/inet_common.h>
6e5714ea 64#include <net/secure_seq.h>
076bb0c8 65#include <net/busy_poll.h>
1da177e4 66
1da177e4
LT		 67#include <linux/proc_fs.h>
68#include <linux/seq_file.h>
69
cf80e0e4 70#include <crypto/hash.h>
cfb6eeb4
YH		 71#include <linux/scatterlist.h>
72
c24b14c4
SL		 73#include <trace/events/tcp.h>
74
a00e7444
ED		 75static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
76static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
6edafaaf 77 struct request_sock *req);
1da177e4
LT		 78
79static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
1da177e4 80
3b401a81
SH		 81static const struct inet_connection_sock_af_ops ipv6_mapped;
82static const struct inet_connection_sock_af_ops ipv6_specific;
a928630a 83#ifdef CONFIG_TCP_MD5SIG
b2e4b3de
SH		 84static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
85static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
9501f972 86#else
51723935 87static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
b71d1d42 88 const struct in6_addr *addr)
9501f972
YH		 89{
90 return NULL;
91}
a928630a 92#endif
1da177e4 93
93a77c11
ED		 94/* Helper returning the inet6 address from a given tcp socket.
95 * It can be used in TCP stack instead of inet6_sk(sk).
96 * This avoids a dereference and allow compiler optimizations.
f5d54767 97 * It is a specialized version of inet6_sk_generic().
93a77c11
ED		 98 */
99static struct ipv6_pinfo *tcp_inet6_sk(const struct sock *sk)
100{
f5d54767 101 unsigned int offset = sizeof(struct tcp6_sock) - sizeof(struct ipv6_pinfo);
93a77c11 102
f5d54767 103 return (struct ipv6_pinfo *)(((u8 *)sk) + offset);
93a77c11
ED		 104}
105
fae6ef87
NC		 106static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
107{
108 struct dst_entry *dst = skb_dst(skb);
fae6ef87 109
5037e9ef 110 if (dst && dst_hold_safe(dst)) {
ca777eff
ED		 111 const struct rt6_info *rt = (const struct rt6_info *)dst;
112
ca777eff
ED		 113 sk->sk_rx_dst = dst;
114 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
93a77c11 115 tcp_inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt);
ca777eff 116 }
fae6ef87
NC		 117}
118
84b114b9 119static u32 tcp_v6_init_seq(const struct sk_buff *skb)
1da177e4 120{
84b114b9
ED		 121 return secure_tcpv6_seq(ipv6_hdr(skb)->daddr.s6_addr32,
122 ipv6_hdr(skb)->saddr.s6_addr32,
123 tcp_hdr(skb)->dest,
124 tcp_hdr(skb)->source);
125}
126
5d2ed052 127static u32 tcp_v6_init_ts_off(const struct net *net, const struct sk_buff *skb)
84b114b9 128{
5d2ed052 129 return secure_tcpv6_ts_off(net, ipv6_hdr(skb)->daddr.s6_addr32,
84b114b9 130 ipv6_hdr(skb)->saddr.s6_addr32);
1da177e4
LT		 131}
132
d74bad4e
AI		 133static int tcp_v6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
134 int addr_len)
135{
136 /* This check is replicated from tcp_v6_connect() and intended to
137 * prevent BPF program called below from accessing bytes that are out
138 * of the bound specified by user in addr_len.
139 */
140 if (addr_len < SIN6_LEN_RFC2133)
141 return -EINVAL;
142
143 sock_owned_by_me(sk);
144
145 return BPF_CGROUP_RUN_PROG_INET6_CONNECT(sk, uaddr);
146}
147
1ab1457c 148static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
1da177e4
LT		 149 int addr_len)
150{
151 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
1ab1457c 152 struct inet_sock *inet = inet_sk(sk);
d83d8461 153 struct inet_connection_sock *icsk = inet_csk(sk);
93a77c11 154 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1da177e4 155 struct tcp_sock *tp = tcp_sk(sk);
20c59de2 156 struct in6_addr *saddr = NULL, *final_p, final;
45f6fad8 157 struct ipv6_txoptions *opt;
4c9483b2 158 struct flowi6 fl6;
1da177e4
LT		 159 struct dst_entry *dst;
160 int addr_type;
161 int err;
1946e672 162 struct inet_timewait_death_row *tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row;
1da177e4 163
1ab1457c 164 if (addr_len < SIN6_LEN_RFC2133)
1da177e4
LT		 165 return -EINVAL;
166
1ab1457c 167 if (usin->sin6_family != AF_INET6)
a02cec21 168 return -EAFNOSUPPORT;
1da177e4 169
4c9483b2 170 memset(&fl6, 0, sizeof(fl6));
1da177e4
LT		 171
172 if (np->sndflow) {
4c9483b2
DM		 173 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
174 IP6_ECN_flow_init(fl6.flowlabel);
175 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
1da177e4 176 struct ip6_flowlabel *flowlabel;
4c9483b2 177 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
63159f29 178 if (!flowlabel)
1da177e4 179 return -EINVAL;
1da177e4
LT		 180 fl6_sock_release(flowlabel);
181 }
182 }
183
184 /*
1ab1457c
YH		 185 * connect() to INADDR_ANY means loopback (BSD'ism).
186 */
187
052d2369
JL		 188 if (ipv6_addr_any(&usin->sin6_addr)) {
189 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
190 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
191 &usin->sin6_addr);
192 else
193 usin->sin6_addr = in6addr_loopback;
194 }
1da177e4
LT		 195
196 addr_type = ipv6_addr_type(&usin->sin6_addr);
197
4c99aa40 198 if (addr_type & IPV6_ADDR_MULTICAST)
1da177e4
LT		 199 return -ENETUNREACH;
200
201 if (addr_type&IPV6_ADDR_LINKLOCAL) {
202 if (addr_len >= sizeof(struct sockaddr_in6) &&
203 usin->sin6_scope_id) {
204 /* If interface is set while binding, indices
205 * must coincide.
206 */
54dc3e33 207 if (!sk_dev_equal_l3scope(sk, usin->sin6_scope_id))
1da177e4
LT		 208 return -EINVAL;
209
210 sk->sk_bound_dev_if = usin->sin6_scope_id;
211 }
212
213 /* Connect to link-local address requires an interface */
214 if (!sk->sk_bound_dev_if)
215 return -EINVAL;
216 }
217
218 if (tp->rx_opt.ts_recent_stamp &&
efe4208f 219 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
1da177e4
LT		 220 tp->rx_opt.ts_recent = 0;
221 tp->rx_opt.ts_recent_stamp = 0;
222 tp->write_seq = 0;
223 }
224
efe4208f 225 sk->sk_v6_daddr = usin->sin6_addr;
4c9483b2 226 np->flow_label = fl6.flowlabel;
1da177e4
LT		 227
228 /*
229 * TCP over IPv4
230 */
231
052d2369 232 if (addr_type & IPV6_ADDR_MAPPED) {
d83d8461 233 u32 exthdrlen = icsk->icsk_ext_hdr_len;
1da177e4
LT		 234 struct sockaddr_in sin;
235
1da177e4
LT		 236 if (__ipv6_only_sock(sk))
237 return -ENETUNREACH;
238
239 sin.sin_family = AF_INET;
240 sin.sin_port = usin->sin6_port;
241 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
242
d83d8461 243 icsk->icsk_af_ops = &ipv6_mapped;
1da177e4 244 sk->sk_backlog_rcv = tcp_v4_do_rcv;
cfb6eeb4
YH		 245#ifdef CONFIG_TCP_MD5SIG
246 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
247#endif
1da177e4
LT		 248
249 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
250
251 if (err) {
d83d8461
ACM		 252 icsk->icsk_ext_hdr_len = exthdrlen;
253 icsk->icsk_af_ops = &ipv6_specific;
1da177e4 254 sk->sk_backlog_rcv = tcp_v6_do_rcv;
cfb6eeb4
YH		 255#ifdef CONFIG_TCP_MD5SIG
256 tp->af_specific = &tcp_sock_ipv6_specific;
257#endif
1da177e4 258 goto failure;
1da177e4 259 }
d1e559d0 260 np->saddr = sk->sk_v6_rcv_saddr;
1da177e4
LT		 261
262 return err;
263 }
264
efe4208f
ED		 265 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
266 saddr = &sk->sk_v6_rcv_saddr;
1da177e4 267
4c9483b2 268 fl6.flowi6_proto = IPPROTO_TCP;
efe4208f 269 fl6.daddr = sk->sk_v6_daddr;
4e3fd7a0 270 fl6.saddr = saddr ? *saddr : np->saddr;
4c9483b2
DM		 271 fl6.flowi6_oif = sk->sk_bound_dev_if;
272 fl6.flowi6_mark = sk->sk_mark;
1958b856
DM		 273 fl6.fl6_dport = usin->sin6_port;
274 fl6.fl6_sport = inet->inet_sport;
e2d118a1 275 fl6.flowi6_uid = sk->sk_uid;
1da177e4 276
1e1d04e6 277 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
45f6fad8 278 final_p = fl6_update_dst(&fl6, opt, &final);
1da177e4 279
4c9483b2 280 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
beb8d13b 281
0e0d44ab 282 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
68d0c6d3
DM		 283 if (IS_ERR(dst)) {
284 err = PTR_ERR(dst);
1da177e4 285 goto failure;
14e50e57 286 }
1da177e4 287
63159f29 288 if (!saddr) {
4c9483b2 289 saddr = &fl6.saddr;
efe4208f 290 sk->sk_v6_rcv_saddr = *saddr;
1da177e4
LT		 291 }
292
293 /* set the source address */
4e3fd7a0 294 np->saddr = *saddr;
c720c7e8 295 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 296
f83ef8c0 297 sk->sk_gso_type = SKB_GSO_TCPV6;
6bd4f355 298 ip6_dst_store(sk, dst, NULL, NULL);
1da177e4 299
d83d8461 300 icsk->icsk_ext_hdr_len = 0;
45f6fad8
ED		 301 if (opt)
302 icsk->icsk_ext_hdr_len = opt->opt_flen +
303 opt->opt_nflen;
1da177e4
LT		 304
305 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
306
c720c7e8 307 inet->inet_dport = usin->sin6_port;
1da177e4
LT		 308
309 tcp_set_state(sk, TCP_SYN_SENT);
1946e672 310 err = inet6_hash_connect(tcp_death_row, sk);
1da177e4
LT		 311 if (err)
312 goto late_failure;
313
877d1f62 314 sk_set_txhash(sk);
9e7ceb06 315
00355fa5 316 if (likely(!tp->repair)) {
00355fa5 317 if (!tp->write_seq)
84b114b9
ED		 318 tp->write_seq = secure_tcpv6_seq(np->saddr.s6_addr32,
319 sk->sk_v6_daddr.s6_addr32,
320 inet->inet_sport,
321 inet->inet_dport);
5d2ed052
ED		 322 tp->tsoffset = secure_tcpv6_ts_off(sock_net(sk),
323 np->saddr.s6_addr32,
84b114b9 324 sk->sk_v6_daddr.s6_addr32);
00355fa5 325 }
1da177e4 326
19f6d3f3
WW		 327 if (tcp_fastopen_defer_connect(sk, &err))
328 return err;
329 if (err)
330 goto late_failure;
331
1da177e4
LT		 332 err = tcp_connect(sk);
333 if (err)
334 goto late_failure;
335
336 return 0;
337
338late_failure:
339 tcp_set_state(sk, TCP_CLOSE);
1da177e4 340failure:
c720c7e8 341 inet->inet_dport = 0;
1da177e4
LT		 342 sk->sk_route_caps = 0;
343 return err;
344}
345
563d34d0
ED		 346static void tcp_v6_mtu_reduced(struct sock *sk)
347{
348 struct dst_entry *dst;
349
350 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
351 return;
352
353 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
354 if (!dst)
355 return;
356
357 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
358 tcp_sync_mss(sk, dst_mtu(dst));
359 tcp_simple_retransmit(sk);
360 }
361}
362
32bbd879 363static int tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
d5fdd6ba 364 u8 type, u8 code, int offset, __be32 info)
1da177e4 365{
4c99aa40 366 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
505cbfc5 367 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
2215089b
ED		 368 struct net *net = dev_net(skb->dev);
369 struct request_sock *fastopen;
1da177e4 370 struct ipv6_pinfo *np;
1ab1457c 371 struct tcp_sock *tp;
0a672f74 372 __u32 seq, snd_una;
2215089b 373 struct sock *sk;
9cf74903 374 bool fatal;
2215089b 375 int err;
1da177e4 376
2215089b
ED		 377 sk = __inet6_lookup_established(net, &tcp_hashinfo,
378 &hdr->daddr, th->dest,
379 &hdr->saddr, ntohs(th->source),
4297a0ef 380 skb->dev->ifindex, inet6_sdif(skb));
1da177e4 381
2215089b 382 if (!sk) {
a16292a0
ED		 383 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
384 ICMP6_MIB_INERRORS);
32bbd879 385 return -ENOENT;
1da177e4
LT		 386 }
387
388 if (sk->sk_state == TCP_TIME_WAIT) {
9469c7b4 389 inet_twsk_put(inet_twsk(sk));
32bbd879 390 return 0;
1da177e4 391 }
2215089b 392 seq = ntohl(th->seq);
9cf74903 393 fatal = icmpv6_err_convert(type, code, &err);
32bbd879
SB		 394 if (sk->sk_state == TCP_NEW_SYN_RECV) {
395 tcp_req_err(sk, seq, fatal);
396 return 0;
397 }
1da177e4
LT		 398
399 bh_lock_sock(sk);
563d34d0 400 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
02a1d6e7 401 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
1da177e4
LT		 402
403 if (sk->sk_state == TCP_CLOSE)
404 goto out;
405
93a77c11 406 if (ipv6_hdr(skb)->hop_limit < tcp_inet6_sk(sk)->min_hopcount) {
02a1d6e7 407 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
e802af9c
SH		 408 goto out;
409 }
410
1da177e4 411 tp = tcp_sk(sk);
0a672f74
YC		 412 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
413 fastopen = tp->fastopen_rsk;
414 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
1da177e4 415 if (sk->sk_state != TCP_LISTEN &&
0a672f74 416 !between(seq, snd_una, tp->snd_nxt)) {
02a1d6e7 417 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
1da177e4
LT		 418 goto out;
419 }
420
93a77c11 421 np = tcp_inet6_sk(sk);
1da177e4 422
ec18d9a2 423 if (type == NDISC_REDIRECT) {
45caeaa5
JM		 424 if (!sock_owned_by_user(sk)) {
425 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
ec18d9a2 426
45caeaa5
JM		 427 if (dst)
428 dst->ops->redirect(dst, sk, skb);
429 }
50a75a89 430 goto out;
ec18d9a2
DM		 431 }
432
1da177e4 433 if (type == ICMPV6_PKT_TOOBIG) {
0d4f0608
ED		 434 /* We are not interested in TCP_LISTEN and open_requests
435 * (SYN-ACKs send out by Linux are always <576bytes so
436 * they should go through unfragmented).
437 */
438 if (sk->sk_state == TCP_LISTEN)
439 goto out;
440
93b36cf3
HFS		 441 if (!ip6_sk_accept_pmtu(sk))
442 goto out;
443
563d34d0
ED		 444 tp->mtu_info = ntohl(info);
445 if (!sock_owned_by_user(sk))
446 tcp_v6_mtu_reduced(sk);
d013ef2a 447 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
7aa5470c 448 &sk->sk_tsq_flags))
d013ef2a 449 sock_hold(sk);
1da177e4
LT		 450 goto out;
451 }
452
1da177e4 453
60236fdd 454 /* Might be for an request_sock */
1da177e4 455 switch (sk->sk_state) {
1da177e4 456 case TCP_SYN_SENT:
0a672f74
YC		 457 case TCP_SYN_RECV:
458 /* Only in fast or simultaneous open. If a fast open socket is
459 * is already accepted it is treated as a connected one below.
460 */
63159f29 461 if (fastopen && !fastopen->sk)
0a672f74
YC		 462 break;
463
1da177e4 464 if (!sock_owned_by_user(sk)) {
1da177e4
LT		 465 sk->sk_err = err;
466 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
467
468 tcp_done(sk);
469 } else
470 sk->sk_err_soft = err;
471 goto out;
472 }
473
474 if (!sock_owned_by_user(sk) && np->recverr) {
475 sk->sk_err = err;
476 sk->sk_error_report(sk);
477 } else
478 sk->sk_err_soft = err;
479
480out:
481 bh_unlock_sock(sk);
482 sock_put(sk);
32bbd879 483 return 0;
1da177e4
LT		 484}
485
486
0f935dbe 487static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
d6274bd8 488 struct flowi *fl,
3840a06e 489 struct request_sock *req,
ca6fb065 490 struct tcp_fastopen_cookie *foc,
b3d05147 491 enum tcp_synack_type synack_type)
1da177e4 492{
634fb979 493 struct inet_request_sock *ireq = inet_rsk(req);
93a77c11 494 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
56ac42bc 495 struct ipv6_txoptions *opt;
d6274bd8 496 struct flowi6 *fl6 = &fl->u.ip6;
4c99aa40 497 struct sk_buff *skb;
9494218f 498 int err = -ENOMEM;
1da177e4 499
9f10d3f6 500 /* First, grab a route. */
f76b33c3
ED		 501 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
502 IPPROTO_TCP)) == NULL)
fd80eb94 503 goto done;
9494218f 504
b3d05147 505 skb = tcp_make_synack(sk, dst, req, foc, synack_type);
9494218f 506
1da177e4 507 if (skb) {
634fb979
ED		 508 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
509 &ireq->ir_v6_rmt_addr);
1da177e4 510
634fb979 511 fl6->daddr = ireq->ir_v6_rmt_addr;
53b24b8f 512 if (np->repflow && ireq->pktopts)
df3687ff
FF		 513 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
514
3e4006f0 515 rcu_read_lock();
56ac42bc
HD		 516 opt = ireq->ipv6_opt;
517 if (!opt)
518 opt = rcu_dereference(np->opt);
92e55f41 519 err = ip6_xmit(sk, skb, fl6, sk->sk_mark, opt, np->tclass);
3e4006f0 520 rcu_read_unlock();
b9df3cb8 521 err = net_xmit_eval(err);
1da177e4
LT		 522 }
523
524done:
1da177e4
LT		 525 return err;
526}
527
72659ecc 528
60236fdd 529static void tcp_v6_reqsk_destructor(struct request_sock *req)
1da177e4 530{
56ac42bc 531 kfree(inet_rsk(req)->ipv6_opt);
634fb979 532 kfree_skb(inet_rsk(req)->pktopts);
1da177e4
LT		 533}
534
cfb6eeb4 535#ifdef CONFIG_TCP_MD5SIG
b83e3deb 536static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
b71d1d42 537 const struct in6_addr *addr)
cfb6eeb4 538{
a915da9b 539 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
cfb6eeb4
YH		 540}
541
b83e3deb 542static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
fd3a154a 543 const struct sock *addr_sk)
cfb6eeb4 544{
efe4208f 545 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
cfb6eeb4
YH		 546}
547
8917a777
ID		 548static int tcp_v6_parse_md5_keys(struct sock *sk, int optname,
549 char __user *optval, int optlen)
cfb6eeb4
YH		 550{
551 struct tcp_md5sig cmd;
552 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
8917a777 553 u8 prefixlen;
cfb6eeb4
YH		 554
555 if (optlen < sizeof(cmd))
556 return -EINVAL;
557
558 if (copy_from_user(&cmd, optval, sizeof(cmd)))
559 return -EFAULT;
560
561 if (sin6->sin6_family != AF_INET6)
562 return -EINVAL;
563
8917a777
ID		 564 if (optname == TCP_MD5SIG_EXT &&
565 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
566 prefixlen = cmd.tcpm_prefixlen;
567 if (prefixlen > 128 || (ipv6_addr_v4mapped(&sin6->sin6_addr) &&
568 prefixlen > 32))
569 return -EINVAL;
570 } else {
571 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128;
572 }
573
cfb6eeb4 574 if (!cmd.tcpm_keylen) {
e773e4fa 575 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
a915da9b 576 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
8917a777 577 AF_INET, prefixlen);
a915da9b 578 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
8917a777 579 AF_INET6, prefixlen);
cfb6eeb4
YH		 580 }
581
582 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
583 return -EINVAL;
584
a915da9b
ED		 585 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
586 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
8917a777 587 AF_INET, prefixlen, cmd.tcpm_key,
6797318e 588 cmd.tcpm_keylen, GFP_KERNEL);
cfb6eeb4 589
a915da9b 590 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
8917a777
ID		 591 AF_INET6, prefixlen, cmd.tcpm_key,
592 cmd.tcpm_keylen, GFP_KERNEL);
cfb6eeb4
YH		 593}
594
19689e38
ED		 595static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp,
596 const struct in6_addr *daddr,
597 const struct in6_addr *saddr,
598 const struct tcphdr *th, int nbytes)
cfb6eeb4 599{
cfb6eeb4 600 struct tcp6_pseudohdr *bp;
49a72dfb 601 struct scatterlist sg;
19689e38 602 struct tcphdr *_th;
8d26d76d 603
19689e38 604 bp = hp->scratch;
cfb6eeb4 605 /* 1. TCP pseudo-header (RFC2460) */
4e3fd7a0
AD		 606 bp->saddr = *saddr;
607 bp->daddr = *daddr;
49a72dfb 608 bp->protocol = cpu_to_be32(IPPROTO_TCP);
00b1304c 609 bp->len = cpu_to_be32(nbytes);
cfb6eeb4 610
19689e38
ED		 611 _th = (struct tcphdr *)(bp + 1);
612 memcpy(_th, th, sizeof(*th));
613 _th->check = 0;
614
615 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
616 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
617 sizeof(*bp) + sizeof(*th));
cf80e0e4 618 return crypto_ahash_update(hp->md5_req);
49a72dfb 619}
c7da57a1 620
19689e38 621static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
b71d1d42 622 const struct in6_addr *daddr, struct in6_addr *saddr,
318cf7aa 623 const struct tcphdr *th)
49a72dfb
AL		 624{
625 struct tcp_md5sig_pool *hp;
cf80e0e4 626 struct ahash_request *req;
49a72dfb
AL		 627
628 hp = tcp_get_md5sig_pool();
629 if (!hp)
630 goto clear_hash_noput;
cf80e0e4 631 req = hp->md5_req;
49a72dfb 632
cf80e0e4 633 if (crypto_ahash_init(req))
49a72dfb 634 goto clear_hash;
19689e38 635 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
49a72dfb
AL		 636 goto clear_hash;
637 if (tcp_md5_hash_key(hp, key))
638 goto clear_hash;
cf80e0e4
HX		 639 ahash_request_set_crypt(req, NULL, md5_hash, 0);
640 if (crypto_ahash_final(req))
cfb6eeb4 641 goto clear_hash;
cfb6eeb4 642
cfb6eeb4 643 tcp_put_md5sig_pool();
cfb6eeb4 644 return 0;
49a72dfb 645
cfb6eeb4
YH		 646clear_hash:
647 tcp_put_md5sig_pool();
648clear_hash_noput:
649 memset(md5_hash, 0, 16);
49a72dfb 650 return 1;
cfb6eeb4
YH		 651}
652
39f8e58e
ED		 653static int tcp_v6_md5_hash_skb(char *md5_hash,
654 const struct tcp_md5sig_key *key,
318cf7aa 655 const struct sock *sk,
318cf7aa 656 const struct sk_buff *skb)
cfb6eeb4 657{
b71d1d42 658 const struct in6_addr *saddr, *daddr;
49a72dfb 659 struct tcp_md5sig_pool *hp;
cf80e0e4 660 struct ahash_request *req;
318cf7aa 661 const struct tcphdr *th = tcp_hdr(skb);
cfb6eeb4 662
39f8e58e
ED		 663 if (sk) { /* valid for establish/request sockets */
664 saddr = &sk->sk_v6_rcv_saddr;
efe4208f 665 daddr = &sk->sk_v6_daddr;
49a72dfb 666 } else {
b71d1d42 667 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
49a72dfb
AL		 668 saddr = &ip6h->saddr;
669 daddr = &ip6h->daddr;
cfb6eeb4 670 }
49a72dfb
AL		 671
672 hp = tcp_get_md5sig_pool();
673 if (!hp)
674 goto clear_hash_noput;
cf80e0e4 675 req = hp->md5_req;
49a72dfb 676
cf80e0e4 677 if (crypto_ahash_init(req))
49a72dfb
AL		 678 goto clear_hash;
679
19689e38 680 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len))
49a72dfb
AL		 681 goto clear_hash;
682 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
683 goto clear_hash;
684 if (tcp_md5_hash_key(hp, key))
685 goto clear_hash;
cf80e0e4
HX		 686 ahash_request_set_crypt(req, NULL, md5_hash, 0);
687 if (crypto_ahash_final(req))
49a72dfb
AL		 688 goto clear_hash;
689
690 tcp_put_md5sig_pool();
691 return 0;
692
693clear_hash:
694 tcp_put_md5sig_pool();
695clear_hash_noput:
696 memset(md5_hash, 0, 16);
697 return 1;
cfb6eeb4
YH		 698}
699
ba8e275a
ED		 700#endif
701
702static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
703 const struct sk_buff *skb)
cfb6eeb4 704{
ba8e275a 705#ifdef CONFIG_TCP_MD5SIG
cf533ea5 706 const __u8 *hash_location = NULL;
cfb6eeb4 707 struct tcp_md5sig_key *hash_expected;
b71d1d42 708 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
318cf7aa 709 const struct tcphdr *th = tcp_hdr(skb);
cfb6eeb4 710 int genhash;
cfb6eeb4
YH		 711 u8 newhash[16];
712
713 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
7d5d5525 714 hash_location = tcp_parse_md5sig_option(th);
cfb6eeb4 715
785957d3
DM		 716 /* We've parsed the options - do we have a hash? */
717 if (!hash_expected && !hash_location)
ff74e23f 718 return false;
785957d3
DM		 719
720 if (hash_expected && !hash_location) {
c10d9310 721 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
ff74e23f 722 return true;
cfb6eeb4
YH		 723 }
724
785957d3 725 if (!hash_expected && hash_location) {
c10d9310 726 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
ff74e23f 727 return true;
cfb6eeb4
YH		 728 }
729
730 /* check the signature */
49a72dfb
AL		 731 genhash = tcp_v6_md5_hash_skb(newhash,
732 hash_expected,
39f8e58e 733 NULL, skb);
49a72dfb 734
cfb6eeb4 735 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
72145a68 736 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE);
e87cc472
JP		 737 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
738 genhash ? "failed" : "mismatch",
739 &ip6h->saddr, ntohs(th->source),
740 &ip6h->daddr, ntohs(th->dest));
ff74e23f 741 return true;
cfb6eeb4 742 }
ba8e275a 743#endif
ff74e23f 744 return false;
cfb6eeb4 745}
cfb6eeb4 746
b40cf18e
ED		 747static void tcp_v6_init_req(struct request_sock *req,
748 const struct sock *sk_listener,
16bea70a
OP		 749 struct sk_buff *skb)
750{
c2027d1e 751 bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
16bea70a 752 struct inet_request_sock *ireq = inet_rsk(req);
93a77c11 753 const struct ipv6_pinfo *np = tcp_inet6_sk(sk_listener);
16bea70a
OP		 754
755 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
756 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
757
16bea70a 758 /* So that link locals have meaning */
c2027d1e 759 if ((!sk_listener->sk_bound_dev_if || l3_slave) &&
16bea70a 760 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
870c3151 761 ireq->ir_iif = tcp_v6_iif(skb);
16bea70a 762
04317daf 763 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
b40cf18e 764 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
a224772d 765 np->rxopt.bits.rxinfo ||
16bea70a
OP		 766 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
767 np->rxopt.bits.rxohlim || np->repflow)) {
63354797 768 refcount_inc(&skb->users);
16bea70a
OP		 769 ireq->pktopts = skb;
770 }
771}
772
f964629e
ED		 773static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
774 struct flowi *fl,
4396e461 775 const struct request_sock *req)
d94e0417 776{
f76b33c3 777 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
d94e0417
OP		 778}
779
c6aefafb 780struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
1da177e4 781 .family = AF_INET6,
2e6599cb 782 .obj_size = sizeof(struct tcp6_request_sock),
5db92c99 783 .rtx_syn_ack = tcp_rtx_synack,
60236fdd
ACM		 784 .send_ack = tcp_v6_reqsk_send_ack,
785 .destructor = tcp_v6_reqsk_destructor,
72659ecc 786 .send_reset = tcp_v6_send_reset,
4aa956d8 787 .syn_ack_timeout = tcp_syn_ack_timeout,
1da177e4
LT		 788};
789
b2e4b3de 790static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
2aec4a29
OP		 791 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
792 sizeof(struct ipv6hdr),
16bea70a 793#ifdef CONFIG_TCP_MD5SIG
fd3a154a 794 .req_md5_lookup = tcp_v6_md5_lookup,
e3afe7b7 795 .calc_md5_hash = tcp_v6_md5_hash_skb,
b6332e6c 796#endif
16bea70a 797 .init_req = tcp_v6_init_req,
fb7b37a7
OP		 798#ifdef CONFIG_SYN_COOKIES
799 .cookie_init_seq = cookie_v6_init_sequence,
800#endif
d94e0417 801 .route_req = tcp_v6_route_req,
84b114b9
ED		 802 .init_seq = tcp_v6_init_seq,
803 .init_ts_off = tcp_v6_init_ts_off,
d6274bd8 804 .send_synack = tcp_v6_send_synack,
16bea70a 805};
cfb6eeb4 806
a00e7444 807static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
0f85feae
ED		 808 u32 ack, u32 win, u32 tsval, u32 tsecr,
809 int oif, struct tcp_md5sig_key *key, int rst,
5119bd16 810 u8 tclass, __be32 label)
1da177e4 811{
cf533ea5
ED		 812 const struct tcphdr *th = tcp_hdr(skb);
813 struct tcphdr *t1;
1da177e4 814 struct sk_buff *buff;
4c9483b2 815 struct flowi6 fl6;
0f85feae 816 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
e5047992 817 struct sock *ctl_sk = net->ipv6.tcp_sk;
77c676da 818 unsigned int tot_len = sizeof(struct tcphdr);
adf30907 819 struct dst_entry *dst;
81ada62d 820 __be32 *topt;
00483690 821 __u32 mark = 0;
1da177e4 822
ee684b6f 823 if (tsecr)
626e264d 824 tot_len += TCPOLEN_TSTAMP_ALIGNED;
cfb6eeb4 825#ifdef CONFIG_TCP_MD5SIG
cfb6eeb4
YH		 826 if (key)
827 tot_len += TCPOLEN_MD5SIG_ALIGNED;
828#endif
829
cfb6eeb4 830 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1da177e4 831 GFP_ATOMIC);
63159f29 832 if (!buff)
1ab1457c 833 return;
1da177e4 834
cfb6eeb4 835 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1da177e4 836
d58ff351 837 t1 = skb_push(buff, tot_len);
6651ffc8 838 skb_reset_transport_header(buff);
1da177e4
LT		 839
840 /* Swap the send and the receive. */
841 memset(t1, 0, sizeof(*t1));
842 t1->dest = th->source;
843 t1->source = th->dest;
cfb6eeb4 844 t1->doff = tot_len / 4;
626e264d
IJ		 845 t1->seq = htonl(seq);
846 t1->ack_seq = htonl(ack);
847 t1->ack = !rst || !th->ack;
848 t1->rst = rst;
849 t1->window = htons(win);
1da177e4 850
81ada62d
IJ		 851 topt = (__be32 *)(t1 + 1);
852
ee684b6f 853 if (tsecr) {
626e264d
IJ		 854 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
855 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
ee684b6f
AV		 856 *topt++ = htonl(tsval);
857 *topt++ = htonl(tsecr);
626e264d
IJ		 858 }
859
cfb6eeb4
YH		 860#ifdef CONFIG_TCP_MD5SIG
861 if (key) {
81ada62d
IJ		 862 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
863 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
864 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
78e645cb
IJ		 865 &ipv6_hdr(skb)->saddr,
866 &ipv6_hdr(skb)->daddr, t1);
cfb6eeb4
YH		 867 }
868#endif
869
4c9483b2 870 memset(&fl6, 0, sizeof(fl6));
4e3fd7a0
AD		 871 fl6.daddr = ipv6_hdr(skb)->saddr;
872 fl6.saddr = ipv6_hdr(skb)->daddr;
1d13a96c 873 fl6.flowlabel = label;
1da177e4 874
e5700aff
DM		 875 buff->ip_summed = CHECKSUM_PARTIAL;
876 buff->csum = 0;
877
4c9483b2 878 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
1da177e4 879
4c9483b2 880 fl6.flowi6_proto = IPPROTO_TCP;
a36dbdb2 881 if (rt6_need_strict(&fl6.daddr) && !oif)
870c3151 882 fl6.flowi6_oif = tcp_v6_iif(skb);
9b6c14d5
DA		 883 else {
884 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
885 oif = skb->skb_iif;
886
887 fl6.flowi6_oif = oif;
888 }
1d2f7b2d 889
00483690
JM		 890 if (sk)
891 mark = (sk->sk_state == TCP_TIME_WAIT) ?
892 inet_twsk(sk)->tw_mark : sk->sk_mark;
893 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark) ?: mark;
1958b856
DM		 894 fl6.fl6_dport = t1->dest;
895 fl6.fl6_sport = t1->source;
e2d118a1 896 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
4c9483b2 897 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
1da177e4 898
c20121ae
DL		 899 /* Pass a socket to ip6_dst_lookup either it is for RST
900 * Underlying function will use this to retrieve the network
901 * namespace
902 */
0e0d44ab 903 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
68d0c6d3
DM		 904 if (!IS_ERR(dst)) {
905 skb_dst_set(buff, dst);
92e55f41 906 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL, tclass);
c10d9310 907 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
68d0c6d3 908 if (rst)
c10d9310 909 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
68d0c6d3 910 return;
1da177e4
LT		 911 }
912
913 kfree_skb(buff);
914}
915
a00e7444 916static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
1da177e4 917{
cf533ea5 918 const struct tcphdr *th = tcp_hdr(skb);
626e264d 919 u32 seq = 0, ack_seq = 0;
fa3e5b4e 920 struct tcp_md5sig_key *key = NULL;
658ddaaf
SL		 921#ifdef CONFIG_TCP_MD5SIG
922 const __u8 *hash_location = NULL;
923 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
924 unsigned char newhash[16];
925 int genhash;
926 struct sock *sk1 = NULL;
927#endif
c24b14c4 928 int oif = 0;
1da177e4 929
626e264d 930 if (th->rst)
1da177e4
LT		 931 return;
932
c3658e8d
ED		 933 /* If sk not NULL, it means we did a successful lookup and incoming
934 * route had to be correct. prequeue might have dropped our dst.
935 */
936 if (!sk && !ipv6_unicast_destination(skb))
626e264d 937 return;
1da177e4 938
cfb6eeb4 939#ifdef CONFIG_TCP_MD5SIG
3b24d854 940 rcu_read_lock();
658ddaaf 941 hash_location = tcp_parse_md5sig_option(th);
271c3b9b 942 if (sk && sk_fullsock(sk)) {
e46787f0
FW		 943 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr);
944 } else if (hash_location) {
658ddaaf
SL		 945 /*
946 * active side is lost. Try to find listening socket through
947 * source port, and then find md5 key through listening socket.
948 * we are not loose security here:
949 * Incoming packet is checked with md5 hash with finding key,
950 * no RST generated if md5 hash doesn't match.
951 */
952 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
a583636a
CG		 953 &tcp_hashinfo, NULL, 0,
954 &ipv6h->saddr,
5ba24953 955 th->source, &ipv6h->daddr,
24b711ed
DA		 956 ntohs(th->source),
957 tcp_v6_iif_l3_slave(skb),
4297a0ef 958 tcp_v6_sdif(skb));
658ddaaf 959 if (!sk1)
3b24d854 960 goto out;
658ddaaf 961
658ddaaf
SL		 962 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
963 if (!key)
3b24d854 964 goto out;
658ddaaf 965
39f8e58e 966 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
658ddaaf 967 if (genhash || memcmp(hash_location, newhash, 16) != 0)
3b24d854 968 goto out;
658ddaaf 969 }
cfb6eeb4
YH		 970#endif
971
626e264d
IJ		 972 if (th->ack)
973 seq = ntohl(th->ack_seq);
974 else
975 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
976 (th->doff << 2);
1da177e4 977
c24b14c4
SL		 978 if (sk) {
979 oif = sk->sk_bound_dev_if;
5c487bb9
SL		 980 if (sk_fullsock(sk))
981 trace_tcp_send_reset(sk, skb);
c24b14c4
SL		 982 }
983
0f85feae 984 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0);
658ddaaf
SL		 985
986#ifdef CONFIG_TCP_MD5SIG
3b24d854
ED		 987out:
988 rcu_read_unlock();
658ddaaf 989#endif
626e264d 990}
1da177e4 991
a00e7444 992static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
0f85feae 993 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
1d13a96c 994 struct tcp_md5sig_key *key, u8 tclass,
5119bd16 995 __be32 label)
626e264d 996{
0f85feae
ED		 997 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
998 tclass, label);
1da177e4
LT		 999}
1000
1001static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1002{
8feaf0c0 1003 struct inet_timewait_sock *tw = inet_twsk(sk);
cfb6eeb4 1004 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1da177e4 1005
0f85feae 1006 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
8feaf0c0 1007 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
9a568de4 1008 tcp_time_stamp_raw() + tcptw->tw_ts_offset,
9c76a114 1009 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
21858cd0 1010 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel));
1da177e4 1011
8feaf0c0 1012 inet_twsk_put(tw);
1da177e4
LT		 1013}
1014
a00e7444 1015static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
6edafaaf 1016 struct request_sock *req)
1da177e4 1017{
3a19ce0e
DL		 1018 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
1019 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
1020 */
20a2b49f
ED		 1021 /* RFC 7323 2.3
1022 * The window field (SEG.WND) of every outgoing segment, with the
1023 * exception of <SYN> segments, MUST be right-shifted by
1024 * Rcv.Wind.Shift bits:
1025 */
0f85feae 1026 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
3a19ce0e 1027 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
20a2b49f
ED		 1028 tcp_rsk(req)->rcv_nxt,
1029 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
9a568de4 1030 tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
95a22cae 1031 req->ts_recent, sk->sk_bound_dev_if,
30791ac4 1032 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr),
1d13a96c 1033 0, 0);
1da177e4
LT		 1034}
1035
1036
079096f1 1037static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
1da177e4 1038{
079096f1 1039#ifdef CONFIG_SYN_COOKIES
aa8223c7 1040 const struct tcphdr *th = tcp_hdr(skb);
1da177e4 1041
af9b4738 1042 if (!th->syn)
c6aefafb 1043 sk = cookie_v6_check(sk, skb);
1da177e4
LT		 1044#endif
1045 return sk;
1046}
1047
1da177e4
LT		 1048static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1049{
1da177e4
LT		 1050 if (skb->protocol == htons(ETH_P_IP))
1051 return tcp_v4_conn_request(sk, skb);
1052
1053 if (!ipv6_unicast_destination(skb))
1ab1457c 1054 goto drop;
1da177e4 1055
1fb6f159
OP		 1056 return tcp_conn_request(&tcp6_request_sock_ops,
1057 &tcp_request_sock_ipv6_ops, sk, skb);
1da177e4
LT		 1058
1059drop:
9caad864 1060 tcp_listendrop(sk);
1da177e4
LT		 1061 return 0; /* don't send reset */
1062}
1063
ebf6c9cb
ED		 1064static void tcp_v6_restore_cb(struct sk_buff *skb)
1065{
1066 /* We need to move header back to the beginning if xfrm6_policy_check()
1067 * and tcp_v6_fill_cb() are going to be called again.
1068 * ip6_datagram_recv_specific_ctl() also expects IP6CB to be there.
1069 */
1070 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1071 sizeof(struct inet6_skb_parm));
1072}
1073
0c27171e 1074static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
4c99aa40 1075 struct request_sock *req,
5e0724d0
ED		 1076 struct dst_entry *dst,
1077 struct request_sock *req_unhash,
1078 bool *own_req)
1da177e4 1079{
634fb979 1080 struct inet_request_sock *ireq;
0c27171e 1081 struct ipv6_pinfo *newnp;
93a77c11 1082 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
45f6fad8 1083 struct ipv6_txoptions *opt;
1da177e4
LT		 1084 struct inet_sock *newinet;
1085 struct tcp_sock *newtp;
1086 struct sock *newsk;
cfb6eeb4
YH		 1087#ifdef CONFIG_TCP_MD5SIG
1088 struct tcp_md5sig_key *key;
1089#endif
3840a06e 1090 struct flowi6 fl6;
1da177e4
LT		 1091
1092 if (skb->protocol == htons(ETH_P_IP)) {
1093 /*
1094 * v6 mapped
1095 */
1096
5e0724d0
ED		 1097 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1098 req_unhash, own_req);
1da177e4 1099
63159f29 1100 if (!newsk)
1da177e4
LT		 1101 return NULL;
1102
93a77c11 1103 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1da177e4
LT		 1104
1105 newinet = inet_sk(newsk);
93a77c11 1106 newnp = tcp_inet6_sk(newsk);
1da177e4
LT		 1107 newtp = tcp_sk(newsk);
1108
1109 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1110
d1e559d0 1111 newnp->saddr = newsk->sk_v6_rcv_saddr;
1da177e4 1112
8292a17a 1113 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1da177e4 1114 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
cfb6eeb4
YH		 1115#ifdef CONFIG_TCP_MD5SIG
1116 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1117#endif
1118
83eaddab 1119 newnp->ipv6_mc_list = NULL;
676a1184
YZ		 1120 newnp->ipv6_ac_list = NULL;
1121 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1122 newnp->pktoptions = NULL;
1123 newnp->opt = NULL;
89e41309
ED		 1124 newnp->mcast_oif = inet_iif(skb);
1125 newnp->mcast_hops = ip_hdr(skb)->ttl;
1126 newnp->rcv_flowinfo = 0;
df3687ff 1127 if (np->repflow)
89e41309 1128 newnp->flow_label = 0;
1da177e4 1129
e6848976
ACM		 1130 /*
1131 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1132 * here, tcp_create_openreq_child now does this for us, see the comment in
1133 * that function for the gory details. -acme
1da177e4 1134 */
1da177e4
LT		 1135
1136 /* It is tricky place. Until this moment IPv4 tcp
8292a17a 1137 worked with IPv6 icsk.icsk_af_ops.
1da177e4
LT		 1138 Sync it now.
1139 */
d83d8461 1140 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1da177e4
LT		 1141
1142 return newsk;
1143 }
1144
634fb979 1145 ireq = inet_rsk(req);
1da177e4
LT		 1146
1147 if (sk_acceptq_is_full(sk))
1148 goto out_overflow;
1149
493f377d 1150 if (!dst) {
f76b33c3 1151 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
493f377d 1152 if (!dst)
1da177e4 1153 goto out;
1ab1457c 1154 }
1da177e4
LT		 1155
1156 newsk = tcp_create_openreq_child(sk, req, skb);
63159f29 1157 if (!newsk)
093d2823 1158 goto out_nonewsk;
1da177e4 1159
e6848976
ACM		 1160 /*
1161 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1162 * count here, tcp_create_openreq_child now does this for us, see the
1163 * comment in that function for the gory details. -acme
1164 */
1da177e4 1165
59eed279 1166 newsk->sk_gso_type = SKB_GSO_TCPV6;
6bd4f355 1167 ip6_dst_store(newsk, dst, NULL, NULL);
fae6ef87 1168 inet6_sk_rx_dst_set(newsk, skb);
1da177e4 1169
93a77c11 1170 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1da177e4
LT		 1171
1172 newtp = tcp_sk(newsk);
1173 newinet = inet_sk(newsk);
93a77c11 1174 newnp = tcp_inet6_sk(newsk);
1da177e4
LT		 1175
1176 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1177
634fb979
ED		 1178 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1179 newnp->saddr = ireq->ir_v6_loc_addr;
1180 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1181 newsk->sk_bound_dev_if = ireq->ir_iif;
1da177e4 1182
1ab1457c 1183 /* Now IPv6 options...
1da177e4
LT		 1184
1185 First: no IPv4 options.
1186 */
f6d8bd05 1187 newinet->inet_opt = NULL;
83eaddab 1188 newnp->ipv6_mc_list = NULL;
676a1184 1189 newnp->ipv6_ac_list = NULL;
d35690be 1190 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1191
1192 /* Clone RX bits */
1193 newnp->rxopt.all = np->rxopt.all;
1194
1da177e4 1195 newnp->pktoptions = NULL;
1da177e4 1196 newnp->opt = NULL;
870c3151 1197 newnp->mcast_oif = tcp_v6_iif(skb);
0660e03f 1198 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1397ed35 1199 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
df3687ff
FF		 1200 if (np->repflow)
1201 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1da177e4
LT		 1202
1203 /* Clone native IPv6 options from listening socket (if any)
1204
1205 Yes, keeping reference count would be much more clever,
1206 but we make one more one thing there: reattach optmem
1207 to newsk.
1208 */
56ac42bc
HD		 1209 opt = ireq->ipv6_opt;
1210 if (!opt)
1211 opt = rcu_dereference(np->opt);
45f6fad8
ED		 1212 if (opt) {
1213 opt = ipv6_dup_options(newsk, opt);
1214 RCU_INIT_POINTER(newnp->opt, opt);
1215 }
d83d8461 1216 inet_csk(newsk)->icsk_ext_hdr_len = 0;
45f6fad8
ED		 1217 if (opt)
1218 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1219 opt->opt_flen;
1da177e4 1220
81164413
DB		 1221 tcp_ca_openreq_child(newsk, dst);
1222
1da177e4 1223 tcp_sync_mss(newsk, dst_mtu(dst));
3541f9e8 1224 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
d135c522 1225
1da177e4
LT		 1226 tcp_initialize_rcv_mss(newsk);
1227
c720c7e8
ED		 1228 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1229 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 1230
cfb6eeb4
YH		 1231#ifdef CONFIG_TCP_MD5SIG
1232 /* Copy over the MD5 key from the original socket */
4aa956d8 1233 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
53b24b8f 1234 if (key) {
cfb6eeb4
YH		 1235 /* We're using one, so create a matching key
1236 * on the newsk structure. If we fail to get
1237 * memory, then we end up not copying the key
1238 * across. Shucks.
1239 */
efe4208f 1240 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
6797318e 1241 AF_INET6, 128, key->key, key->keylen,
7450aaf6 1242 sk_gfp_mask(sk, GFP_ATOMIC));
cfb6eeb4
YH		 1243 }
1244#endif
1245
093d2823 1246 if (__inet_inherit_port(sk, newsk) < 0) {
e337e24d
CP		 1247 inet_csk_prepare_forced_close(newsk);
1248 tcp_done(newsk);
093d2823
BS		 1249 goto out;
1250 }
5e0724d0 1251 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
805c4bc0 1252 if (*own_req) {
49a496c9 1253 tcp_move_syn(newtp, req);
805c4bc0
ED		 1254
1255 /* Clone pktoptions received with SYN, if we own the req */
1256 if (ireq->pktopts) {
1257 newnp->pktoptions = skb_clone(ireq->pktopts,
7450aaf6 1258 sk_gfp_mask(sk, GFP_ATOMIC));
805c4bc0
ED		 1259 consume_skb(ireq->pktopts);
1260 ireq->pktopts = NULL;
ebf6c9cb
ED		 1261 if (newnp->pktoptions) {
1262 tcp_v6_restore_cb(newnp->pktoptions);
805c4bc0 1263 skb_set_owner_r(newnp->pktoptions, newsk);
ebf6c9cb 1264 }
805c4bc0 1265 }
ce105008 1266 }
1da177e4
LT		 1267
1268 return newsk;
1269
1270out_overflow:
02a1d6e7 1271 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
093d2823 1272out_nonewsk:
1da177e4 1273 dst_release(dst);
093d2823 1274out:
9caad864 1275 tcp_listendrop(sk);
1da177e4
LT		 1276 return NULL;
1277}
1278
1da177e4 1279/* The socket must have it's spinlock held when we get
e994b2f0 1280 * here, unless it is a TCP_LISTEN socket.
1da177e4
LT		 1281 *
1282 * We have a potential double-lock case here, so even when
1283 * doing backlog processing we use the BH locking scheme.
1284 * This is because we cannot sleep with the original spinlock
1285 * held.
1286 */
1287static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1288{
93a77c11 1289 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1da177e4 1290 struct sk_buff *opt_skb = NULL;
93a77c11 1291 struct tcp_sock *tp;
1da177e4
LT		 1292
1293 /* Imagine: socket is IPv6. IPv4 packet arrives,
1294 goes to IPv4 receive handler and backlogged.
1295 From backlog it always goes here. Kerboom...
1296 Fortunately, tcp_rcv_established and rcv_established
1297 handle them correctly, but it is not case with
1298 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1299 */
1300
1301 if (skb->protocol == htons(ETH_P_IP))
1302 return tcp_v4_do_rcv(sk, skb);
1303
1da177e4
LT		 1304 /*
1305 * socket locking is here for SMP purposes as backlog rcv
1306 * is currently called with bh processing disabled.
1307 */
1308
1309 /* Do Stevens' IPV6_PKTOPTIONS.
1310
1311 Yes, guys, it is the only place in our code, where we
1312 may make it not affecting IPv4.
1313 The rest of code is protocol independent,
1314 and I do not like idea to uglify IPv4.
1315
1316 Actually, all the idea behind IPV6_PKTOPTIONS
1317 looks not very well thought. For now we latch
1318 options, received in the last packet, enqueued
1319 by tcp. Feel free to propose better solution.
1ab1457c 1320 --ANK (980728)
1da177e4
LT		 1321 */
1322 if (np->rxopt.all)
7450aaf6 1323 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC));
1da177e4
LT		 1324
1325 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
5d299f3d
ED		 1326 struct dst_entry *dst = sk->sk_rx_dst;
1327
bdeab991 1328 sock_rps_save_rxhash(sk, skb);
3d97379a 1329 sk_mark_napi_id(sk, skb);
5d299f3d
ED		 1330 if (dst) {
1331 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1332 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1333 dst_release(dst);
1334 sk->sk_rx_dst = NULL;
1335 }
1336 }
1337
3d97d88e 1338 tcp_rcv_established(sk, skb);
1da177e4
LT		 1339 if (opt_skb)
1340 goto ipv6_pktoptions;
1341 return 0;
1342 }
1343
12e25e10 1344 if (tcp_checksum_complete(skb))
1da177e4
LT		 1345 goto csum_err;
1346
1ab1457c 1347 if (sk->sk_state == TCP_LISTEN) {
079096f1
ED		 1348 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1349
1da177e4
LT		 1350 if (!nsk)
1351 goto discard;
1352
4c99aa40 1353 if (nsk != sk) {
1da177e4
LT		 1354 if (tcp_child_process(sk, nsk, skb))
1355 goto reset;
1356 if (opt_skb)
1357 __kfree_skb(opt_skb);
1358 return 0;
1359 }
47482f13 1360 } else
bdeab991 1361 sock_rps_save_rxhash(sk, skb);
1da177e4 1362
72ab4a86 1363 if (tcp_rcv_state_process(sk, skb))
1da177e4 1364 goto reset;
1da177e4
LT		 1365 if (opt_skb)
1366 goto ipv6_pktoptions;
1367 return 0;
1368
1369reset:
cfb6eeb4 1370 tcp_v6_send_reset(sk, skb);
1da177e4
LT		 1371discard:
1372 if (opt_skb)
1373 __kfree_skb(opt_skb);
1374 kfree_skb(skb);
1375 return 0;
1376csum_err:
c10d9310
ED		 1377 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1378 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1da177e4
LT		 1379 goto discard;
1380
1381
1382ipv6_pktoptions:
1383 /* Do you ask, what is it?
1384
1385 1. skb was enqueued by tcp.
1386 2. skb is added to tail of read queue, rather than out of order.
1387 3. socket is not in passive state.
1388 4. Finally, it really contains options, which user wants to receive.
1389 */
1390 tp = tcp_sk(sk);
1391 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1392 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
333fad53 1393 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
870c3151 1394 np->mcast_oif = tcp_v6_iif(opt_skb);
333fad53 1395 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
0660e03f 1396 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
82e9f105 1397 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1397ed35 1398 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
df3687ff
FF		 1399 if (np->repflow)
1400 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
a224772d 1401 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1da177e4 1402 skb_set_owner_r(opt_skb, sk);
8ce48623 1403 tcp_v6_restore_cb(opt_skb);
1da177e4
LT		 1404 opt_skb = xchg(&np->pktoptions, opt_skb);
1405 } else {
1406 __kfree_skb(opt_skb);
1407 opt_skb = xchg(&np->pktoptions, NULL);
1408 }
1409 }
1410
800d55f1 1411 kfree_skb(opt_skb);
1da177e4
LT		 1412 return 0;
1413}
1414
2dc49d16
ND		 1415static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1416 const struct tcphdr *th)
1417{
1418 /* This is tricky: we move IP6CB at its correct location into
1419 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1420 * _decode_session6() uses IP6CB().
1421 * barrier() makes sure compiler won't play aliasing games.
1422 */
1423 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1424 sizeof(struct inet6_skb_parm));
1425 barrier();
1426
1427 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1428 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1429 skb->len - th->doff*4);
1430 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1431 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1432 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1433 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1434 TCP_SKB_CB(skb)->sacked = 0;
98aaa913
MM		 1435 TCP_SKB_CB(skb)->has_rxtstamp =
1436 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
2dc49d16
ND		 1437}
1438
0e219ae4 1439INDIRECT_CALLABLE_SCOPE int tcp_v6_rcv(struct sk_buff *skb)
1da177e4 1440{
8b27dae5 1441 struct sk_buff *skb_to_free;
4297a0ef 1442 int sdif = inet6_sdif(skb);
cf533ea5 1443 const struct tcphdr *th;
b71d1d42 1444 const struct ipv6hdr *hdr;
3b24d854 1445 bool refcounted;
1da177e4
LT		 1446 struct sock *sk;
1447 int ret;
a86b1e30 1448 struct net *net = dev_net(skb->dev);
1da177e4
LT		 1449
1450 if (skb->pkt_type != PACKET_HOST)
1451 goto discard_it;
1452
1453 /*
1454 * Count it even if it's bad.
1455 */
90bbcc60 1456 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1da177e4
LT		 1457
1458 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1459 goto discard_it;
1460
ea1627c2 1461 th = (const struct tcphdr *)skb->data;
1da177e4 1462
ea1627c2 1463 if (unlikely(th->doff < sizeof(struct tcphdr)/4))
1da177e4
LT		 1464 goto bad_packet;
1465 if (!pskb_may_pull(skb, th->doff*4))
1466 goto discard_it;
1467
e4f45b7f 1468 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
6a5dc9e5 1469 goto csum_error;
1da177e4 1470
ea1627c2 1471 th = (const struct tcphdr *)skb->data;
e802af9c 1472 hdr = ipv6_hdr(skb);
1da177e4 1473
4bdc3d66 1474lookup:
a583636a 1475 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th),
4297a0ef 1476 th->source, th->dest, inet6_iif(skb), sdif,
3b24d854 1477 &refcounted);
1da177e4
LT		 1478 if (!sk)
1479 goto no_tcp_socket;
1480
1481process:
1482 if (sk->sk_state == TCP_TIME_WAIT)
1483 goto do_time_wait;
1484
079096f1
ED		 1485 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1486 struct request_sock *req = inet_reqsk(sk);
e0f9759f 1487 bool req_stolen = false;
7716682c 1488 struct sock *nsk;
079096f1
ED		 1489
1490 sk = req->rsk_listener;
079096f1 1491 if (tcp_v6_inbound_md5_hash(sk, skb)) {
e65c332d 1492 sk_drops_add(sk, skb);
079096f1
ED		 1493 reqsk_put(req);
1494 goto discard_it;
1495 }
4fd44a98
FL		 1496 if (tcp_checksum_complete(skb)) {
1497 reqsk_put(req);
1498 goto csum_error;
1499 }
7716682c 1500 if (unlikely(sk->sk_state != TCP_LISTEN)) {
f03f2e15 1501 inet_csk_reqsk_queue_drop_and_put(sk, req);
4bdc3d66
ED		 1502 goto lookup;
1503 }
7716682c 1504 sock_hold(sk);
3b24d854 1505 refcounted = true;
1f3b359f 1506 nsk = NULL;
eeea10b8
ED		 1507 if (!tcp_filter(sk, skb)) {
1508 th = (const struct tcphdr *)skb->data;
1509 hdr = ipv6_hdr(skb);
1510 tcp_v6_fill_cb(skb, hdr, th);
e0f9759f 1511 nsk = tcp_check_req(sk, skb, req, false, &req_stolen);
eeea10b8 1512 }
079096f1
ED		 1513 if (!nsk) {
1514 reqsk_put(req);
e0f9759f
ED		 1515 if (req_stolen) {
1516 /* Another cpu got exclusive access to req
1517 * and created a full blown socket.
1518 * Try to feed this packet to this socket
1519 * instead of discarding it.
1520 */
1521 tcp_v6_restore_cb(skb);
1522 sock_put(sk);
1523 goto lookup;
1524 }
7716682c 1525 goto discard_and_relse;
079096f1
ED		 1526 }
1527 if (nsk == sk) {
079096f1
ED		 1528 reqsk_put(req);
1529 tcp_v6_restore_cb(skb);
1530 } else if (tcp_child_process(sk, nsk, skb)) {
1531 tcp_v6_send_reset(nsk, skb);
7716682c 1532 goto discard_and_relse;
079096f1 1533 } else {
7716682c 1534 sock_put(sk);
079096f1
ED		 1535 return 0;
1536 }
1537 }
93a77c11 1538 if (hdr->hop_limit < tcp_inet6_sk(sk)->min_hopcount) {
02a1d6e7 1539 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
e802af9c
SH		 1540 goto discard_and_relse;
1541 }
1542
1da177e4
LT		 1543 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1544 goto discard_and_relse;
1545
9ea88a15
DP		 1546 if (tcp_v6_inbound_md5_hash(sk, skb))
1547 goto discard_and_relse;
9ea88a15 1548
ac6e7800 1549 if (tcp_filter(sk, skb))
1da177e4 1550 goto discard_and_relse;
ac6e7800
ED		 1551 th = (const struct tcphdr *)skb->data;
1552 hdr = ipv6_hdr(skb);
eeea10b8 1553 tcp_v6_fill_cb(skb, hdr, th);
1da177e4
LT		 1554
1555 skb->dev = NULL;
1556
e994b2f0
ED		 1557 if (sk->sk_state == TCP_LISTEN) {
1558 ret = tcp_v6_do_rcv(sk, skb);
1559 goto put_and_return;
1560 }
1561
1562 sk_incoming_cpu_update(sk);
1563
293b9c42 1564 bh_lock_sock_nested(sk);
a44d6eac 1565 tcp_segs_in(tcp_sk(sk), skb);
1da177e4
LT		 1566 ret = 0;
1567 if (!sock_owned_by_user(sk)) {
8b27dae5
ED		 1568 skb_to_free = sk->sk_rx_skb_cache;
1569 sk->sk_rx_skb_cache = NULL;
e7942d06 1570 ret = tcp_v6_do_rcv(sk, skb);
8b27dae5
ED		 1571 } else {
1572 if (tcp_add_backlog(sk, skb))
1573 goto discard_and_relse;
1574 skb_to_free = NULL;
6b03a53a 1575 }
1da177e4 1576 bh_unlock_sock(sk);
8b27dae5
ED		 1577 if (skb_to_free)
1578 __kfree_skb(skb_to_free);
e994b2f0 1579put_and_return:
3b24d854
ED		 1580 if (refcounted)
1581 sock_put(sk);
1da177e4
LT		 1582 return ret ? -1 : 0;
1583
1584no_tcp_socket:
1585 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1586 goto discard_it;
1587
2dc49d16
ND		 1588 tcp_v6_fill_cb(skb, hdr, th);
1589
12e25e10 1590 if (tcp_checksum_complete(skb)) {
6a5dc9e5 1591csum_error:
90bbcc60 1592 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1da177e4 1593bad_packet:
90bbcc60 1594 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1da177e4 1595 } else {
cfb6eeb4 1596 tcp_v6_send_reset(NULL, skb);
1da177e4
LT		 1597 }
1598
1599discard_it:
1da177e4
LT		 1600 kfree_skb(skb);
1601 return 0;
1602
1603discard_and_relse:
532182cd 1604 sk_drops_add(sk, skb);
3b24d854
ED		 1605 if (refcounted)
1606 sock_put(sk);
1da177e4
LT		 1607 goto discard_it;
1608
1609do_time_wait:
1610 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
9469c7b4 1611 inet_twsk_put(inet_twsk(sk));
1da177e4
LT		 1612 goto discard_it;
1613 }
1614
2dc49d16
ND		 1615 tcp_v6_fill_cb(skb, hdr, th);
1616
6a5dc9e5
ED		 1617 if (tcp_checksum_complete(skb)) {
1618 inet_twsk_put(inet_twsk(sk));
1619 goto csum_error;
1da177e4
LT		 1620 }
1621
9469c7b4 1622 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1da177e4
LT		 1623 case TCP_TW_SYN:
1624 {
1625 struct sock *sk2;
1626
c346dca1 1627 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
a583636a 1628 skb, __tcp_hdrlen(th),
5ba24953 1629 &ipv6_hdr(skb)->saddr, th->source,
0660e03f 1630 &ipv6_hdr(skb)->daddr,
24b711ed
DA		 1631 ntohs(th->dest),
1632 tcp_v6_iif_l3_slave(skb),
4297a0ef 1633 sdif);
53b24b8f 1634 if (sk2) {
295ff7ed 1635 struct inet_timewait_sock *tw = inet_twsk(sk);
dbe7faa4 1636 inet_twsk_deschedule_put(tw);
1da177e4 1637 sk = sk2;
4ad19de8 1638 tcp_v6_restore_cb(skb);
3b24d854 1639 refcounted = false;
1da177e4
LT		 1640 goto process;
1641 }
1da177e4 1642 }
275757e6
GS		 1643 /* to ACK */
1644 /* fall through */
1da177e4
LT		 1645 case TCP_TW_ACK:
1646 tcp_v6_timewait_ack(sk, skb);
1647 break;
1648 case TCP_TW_RST:
271c3b9b
FW		 1649 tcp_v6_send_reset(sk, skb);
1650 inet_twsk_deschedule_put(inet_twsk(sk));
1651 goto discard_it;
4aa956d8
WY		 1652 case TCP_TW_SUCCESS:
1653 ;
1da177e4
LT		 1654 }
1655 goto discard_it;
1656}
1657
97ff7ffb 1658INDIRECT_CALLABLE_SCOPE void tcp_v6_early_demux(struct sk_buff *skb)
c7109986
ED		 1659{
1660 const struct ipv6hdr *hdr;
1661 const struct tcphdr *th;
1662 struct sock *sk;
1663
1664 if (skb->pkt_type != PACKET_HOST)
1665 return;
1666
1667 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1668 return;
1669
1670 hdr = ipv6_hdr(skb);
1671 th = tcp_hdr(skb);
1672
1673 if (th->doff < sizeof(struct tcphdr) / 4)
1674 return;
1675
870c3151 1676 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
c7109986
ED		 1677 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1678 &hdr->saddr, th->source,
1679 &hdr->daddr, ntohs(th->dest),
4297a0ef 1680 inet6_iif(skb), inet6_sdif(skb));
c7109986
ED		 1681 if (sk) {
1682 skb->sk = sk;
1683 skb->destructor = sock_edemux;
f7e4eb03 1684 if (sk_fullsock(sk)) {
d0c294c5 1685 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
f3f12135 1686
c7109986 1687 if (dst)
93a77c11 1688 dst = dst_check(dst, tcp_inet6_sk(sk)->rx_dst_cookie);
c7109986 1689 if (dst &&
f3f12135 1690 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
c7109986
ED		 1691 skb_dst_set_noref(skb, dst);
1692 }
1693 }
1694}
1695
ccb7c410
DM		 1696static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1697 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1698 .twsk_unique = tcp_twsk_unique,
4aa956d8 1699 .twsk_destructor = tcp_twsk_destructor,
ccb7c410
DM		 1700};
1701
3b401a81 1702static const struct inet_connection_sock_af_ops ipv6_specific = {
543d9cfe
ACM		 1703 .queue_xmit = inet6_csk_xmit,
1704 .send_check = tcp_v6_send_check,
1705 .rebuild_header = inet6_sk_rebuild_header,
5d299f3d 1706 .sk_rx_dst_set = inet6_sk_rx_dst_set,
543d9cfe
ACM		 1707 .conn_request = tcp_v6_conn_request,
1708 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe 1709 .net_header_len = sizeof(struct ipv6hdr),
67469601 1710 .net_frag_header_len = sizeof(struct frag_hdr),
543d9cfe
ACM		 1711 .setsockopt = ipv6_setsockopt,
1712 .getsockopt = ipv6_getsockopt,
1713 .addr2sockaddr = inet6_csk_addr2sockaddr,
1714 .sockaddr_len = sizeof(struct sockaddr_in6),
3fdadf7d 1715#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1716 .compat_setsockopt = compat_ipv6_setsockopt,
1717 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1718#endif
4fab9071 1719 .mtu_reduced = tcp_v6_mtu_reduced,
1da177e4
LT		 1720};
1721
cfb6eeb4 1722#ifdef CONFIG_TCP_MD5SIG
b2e4b3de 1723static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
cfb6eeb4 1724 .md5_lookup = tcp_v6_md5_lookup,
49a72dfb 1725 .calc_md5_hash = tcp_v6_md5_hash_skb,
cfb6eeb4 1726 .md5_parse = tcp_v6_parse_md5_keys,
cfb6eeb4 1727};
a928630a 1728#endif
cfb6eeb4 1729
1da177e4
LT		 1730/*
1731 * TCP over IPv4 via INET6 API
1732 */
3b401a81 1733static const struct inet_connection_sock_af_ops ipv6_mapped = {
543d9cfe
ACM		 1734 .queue_xmit = ip_queue_xmit,
1735 .send_check = tcp_v4_send_check,
1736 .rebuild_header = inet_sk_rebuild_header,
63d02d15 1737 .sk_rx_dst_set = inet_sk_rx_dst_set,
543d9cfe
ACM		 1738 .conn_request = tcp_v6_conn_request,
1739 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe
ACM		 1740 .net_header_len = sizeof(struct iphdr),
1741 .setsockopt = ipv6_setsockopt,
1742 .getsockopt = ipv6_getsockopt,
1743 .addr2sockaddr = inet6_csk_addr2sockaddr,
1744 .sockaddr_len = sizeof(struct sockaddr_in6),
3fdadf7d 1745#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1746 .compat_setsockopt = compat_ipv6_setsockopt,
1747 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1748#endif
4fab9071 1749 .mtu_reduced = tcp_v4_mtu_reduced,
1da177e4
LT		 1750};
1751
cfb6eeb4 1752#ifdef CONFIG_TCP_MD5SIG
b2e4b3de 1753static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
cfb6eeb4 1754 .md5_lookup = tcp_v4_md5_lookup,
49a72dfb 1755 .calc_md5_hash = tcp_v4_md5_hash_skb,
cfb6eeb4 1756 .md5_parse = tcp_v6_parse_md5_keys,
cfb6eeb4 1757};
a928630a 1758#endif
cfb6eeb4 1759
1da177e4
LT		 1760/* NOTE: A lot of things set to zero explicitly by call to
1761 * sk_alloc() so need not be done here.
1762 */
1763static int tcp_v6_init_sock(struct sock *sk)
1764{
6687e988 1765 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4 1766
900f65d3 1767 tcp_init_sock(sk);
1da177e4 1768
8292a17a 1769 icsk->icsk_af_ops = &ipv6_specific;
1da177e4 1770
cfb6eeb4 1771#ifdef CONFIG_TCP_MD5SIG
ac807fa8 1772 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
cfb6eeb4
YH		 1773#endif
1774
1da177e4
LT		 1775 return 0;
1776}
1777
7d06b2e0 1778static void tcp_v6_destroy_sock(struct sock *sk)
1da177e4 1779{
1da177e4 1780 tcp_v4_destroy_sock(sk);
7d06b2e0 1781 inet6_destroy_sock(sk);
1da177e4
LT		 1782}
1783
952a10be 1784#ifdef CONFIG_PROC_FS
1da177e4 1785/* Proc filesystem TCPv6 sock list dumping. */
1ab1457c 1786static void get_openreq6(struct seq_file *seq,
aa3a0c8c 1787 const struct request_sock *req, int i)
1da177e4 1788{
fa76ce73 1789 long ttd = req->rsk_timer.expires - jiffies;
634fb979
ED		 1790 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1791 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1da177e4
LT		 1792
1793 if (ttd < 0)
1794 ttd = 0;
1795
1da177e4
LT		 1796 seq_printf(seq,
1797 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
d14c5ab6 1798 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1da177e4
LT		 1799 i,
1800 src->s6_addr32[0], src->s6_addr32[1],
1801 src->s6_addr32[2], src->s6_addr32[3],
b44084c2 1802 inet_rsk(req)->ir_num,
1da177e4
LT		 1803 dest->s6_addr32[0], dest->s6_addr32[1],
1804 dest->s6_addr32[2], dest->s6_addr32[3],
634fb979 1805 ntohs(inet_rsk(req)->ir_rmt_port),
1da177e4 1806 TCP_SYN_RECV,
4c99aa40 1807 0, 0, /* could print option size, but that is af dependent. */
1ab1457c
YH		 1808 1, /* timers active (only the expire timer) */
1809 jiffies_to_clock_t(ttd),
e6c022a4 1810 req->num_timeout,
aa3a0c8c
ED		 1811 from_kuid_munged(seq_user_ns(seq),
1812 sock_i_uid(req->rsk_listener)),
1ab1457c 1813 0, /* non standard timer */
1da177e4
LT		 1814 0, /* open_requests have no inode */
1815 0, req);
1816}
1817
1818static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1819{
b71d1d42 1820 const struct in6_addr *dest, *src;
1da177e4
LT		 1821 __u16 destp, srcp;
1822 int timer_active;
1823 unsigned long timer_expires;
cf533ea5
ED		 1824 const struct inet_sock *inet = inet_sk(sp);
1825 const struct tcp_sock *tp = tcp_sk(sp);
463c84b9 1826 const struct inet_connection_sock *icsk = inet_csk(sp);
0536fcc0 1827 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
00fd38d9
ED		 1828 int rx_queue;
1829 int state;
1da177e4 1830
efe4208f
ED		 1831 dest = &sp->sk_v6_daddr;
1832 src = &sp->sk_v6_rcv_saddr;
c720c7e8
ED		 1833 destp = ntohs(inet->inet_dport);
1834 srcp = ntohs(inet->inet_sport);
463c84b9 1835
ce3cf4ec 1836 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
57dde7f7 1837 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
ce3cf4ec 1838 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
1da177e4 1839 timer_active = 1;
463c84b9
ACM		 1840 timer_expires = icsk->icsk_timeout;
1841 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1da177e4 1842 timer_active = 4;
463c84b9 1843 timer_expires = icsk->icsk_timeout;
1da177e4
LT		 1844 } else if (timer_pending(&sp->sk_timer)) {
1845 timer_active = 2;
1846 timer_expires = sp->sk_timer.expires;
1847 } else {
1848 timer_active = 0;
1849 timer_expires = jiffies;
1850 }
1851
986ffdfd 1852 state = inet_sk_state_load(sp);
00fd38d9
ED		 1853 if (state == TCP_LISTEN)
1854 rx_queue = sp->sk_ack_backlog;
1855 else
1856 /* Because we don't lock the socket,
1857 * we might find a transient negative value.
1858 */
1859 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
1860
1da177e4
LT		 1861 seq_printf(seq,
1862 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
d14c5ab6 1863 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1da177e4
LT		 1864 i,
1865 src->s6_addr32[0], src->s6_addr32[1],
1866 src->s6_addr32[2], src->s6_addr32[3], srcp,
1867 dest->s6_addr32[0], dest->s6_addr32[1],
1868 dest->s6_addr32[2], dest->s6_addr32[3], destp,
00fd38d9
ED		 1869 state,
1870 tp->write_seq - tp->snd_una,
1871 rx_queue,
1da177e4 1872 timer_active,
a399a805 1873 jiffies_delta_to_clock_t(timer_expires - jiffies),
463c84b9 1874 icsk->icsk_retransmits,
a7cb5a49 1875 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
6687e988 1876 icsk->icsk_probes_out,
1da177e4 1877 sock_i_ino(sp),
41c6d650 1878 refcount_read(&sp->sk_refcnt), sp,
7be87351
SH		 1879 jiffies_to_clock_t(icsk->icsk_rto),
1880 jiffies_to_clock_t(icsk->icsk_ack.ato),
31954cd8 1881 (icsk->icsk_ack.quick << 1) | inet_csk_in_pingpong_mode(sp),
0b6a05c1 1882 tp->snd_cwnd,
00fd38d9 1883 state == TCP_LISTEN ?
0536fcc0 1884 fastopenq->max_qlen :
0a672f74 1885 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1da177e4
LT		 1886 );
1887}
1888
1ab1457c 1889static void get_timewait6_sock(struct seq_file *seq,
8feaf0c0 1890 struct inet_timewait_sock *tw, int i)
1da177e4 1891{
789f558c 1892 long delta = tw->tw_timer.expires - jiffies;
b71d1d42 1893 const struct in6_addr *dest, *src;
1da177e4 1894 __u16 destp, srcp;
1da177e4 1895
efe4208f
ED		 1896 dest = &tw->tw_v6_daddr;
1897 src = &tw->tw_v6_rcv_saddr;
1da177e4
LT		 1898 destp = ntohs(tw->tw_dport);
1899 srcp = ntohs(tw->tw_sport);
1900
1901 seq_printf(seq,
1902 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
71338aa7 1903 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1da177e4
LT		 1904 i,
1905 src->s6_addr32[0], src->s6_addr32[1],
1906 src->s6_addr32[2], src->s6_addr32[3], srcp,
1907 dest->s6_addr32[0], dest->s6_addr32[1],
1908 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1909 tw->tw_substate, 0, 0,
a399a805 1910 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
41c6d650 1911 refcount_read(&tw->tw_refcnt), tw);
1da177e4
LT		 1912}
1913
1da177e4
LT		 1914static int tcp6_seq_show(struct seq_file *seq, void *v)
1915{
1916 struct tcp_iter_state *st;
05dbc7b5 1917 struct sock *sk = v;
1da177e4
LT		 1918
1919 if (v == SEQ_START_TOKEN) {
1920 seq_puts(seq,
1921 " sl "
1922 "local_address "
1923 "remote_address "
1924 "st tx_queue rx_queue tr tm->when retrnsmt"
1925 " uid timeout inode\n");
1926 goto out;
1927 }
1928 st = seq->private;
1929
079096f1
ED		 1930 if (sk->sk_state == TCP_TIME_WAIT)
1931 get_timewait6_sock(seq, v, st->num);
1932 else if (sk->sk_state == TCP_NEW_SYN_RECV)
aa3a0c8c 1933 get_openreq6(seq, v, st->num);
079096f1
ED		 1934 else
1935 get_tcp6_sock(seq, v, st->num);
1da177e4
LT		 1936out:
1937 return 0;
1938}
1939
37d849bb
CH		 1940static const struct seq_operations tcp6_seq_ops = {
1941 .show = tcp6_seq_show,
1942 .start = tcp_seq_start,
1943 .next = tcp_seq_next,
1944 .stop = tcp_seq_stop,
1945};
1946
1da177e4 1947static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1da177e4 1948 .family = AF_INET6,
1da177e4
LT		 1949};
1950
2c8c1e72 1951int __net_init tcp6_proc_init(struct net *net)
1da177e4 1952{
c3506372
CH		 1953 if (!proc_create_net_data("tcp6", 0444, net->proc_net, &tcp6_seq_ops,
1954 sizeof(struct tcp_iter_state), &tcp6_seq_afinfo))
37d849bb
CH		 1955 return -ENOMEM;
1956 return 0;
1da177e4
LT		 1957}
1958
6f8b13bc 1959void tcp6_proc_exit(struct net *net)
1da177e4 1960{
37d849bb 1961 remove_proc_entry("tcp6", net->proc_net);
1da177e4
LT		 1962}
1963#endif
1964
1965struct proto tcpv6_prot = {
1966 .name = "TCPv6",
1967 .owner = THIS_MODULE,
1968 .close = tcp_close,
d74bad4e 1969 .pre_connect = tcp_v6_pre_connect,
1da177e4
LT		 1970 .connect = tcp_v6_connect,
1971 .disconnect = tcp_disconnect,
463c84b9 1972 .accept = inet_csk_accept,
1da177e4
LT		 1973 .ioctl = tcp_ioctl,
1974 .init = tcp_v6_init_sock,
1975 .destroy = tcp_v6_destroy_sock,
1976 .shutdown = tcp_shutdown,
1977 .setsockopt = tcp_setsockopt,
1978 .getsockopt = tcp_getsockopt,
4b9d07a4 1979 .keepalive = tcp_set_keepalive,
1da177e4 1980 .recvmsg = tcp_recvmsg,
7ba42910
CG		 1981 .sendmsg = tcp_sendmsg,
1982 .sendpage = tcp_sendpage,
1da177e4 1983 .backlog_rcv = tcp_v6_do_rcv,
46d3ceab 1984 .release_cb = tcp_release_cb,
496611d7 1985 .hash = inet6_hash,
ab1e0a13
ACM		 1986 .unhash = inet_unhash,
1987 .get_port = inet_csk_get_port,
1da177e4 1988 .enter_memory_pressure = tcp_enter_memory_pressure,
06044751 1989 .leave_memory_pressure = tcp_leave_memory_pressure,
c9bee3b7 1990 .stream_memory_free = tcp_stream_memory_free,
1da177e4
LT		 1991 .sockets_allocated = &tcp_sockets_allocated,
1992 .memory_allocated = &tcp_memory_allocated,
1993 .memory_pressure = &tcp_memory_pressure,
0a5578cf 1994 .orphan_count = &tcp_orphan_count,
a4fe34bf 1995 .sysctl_mem = sysctl_tcp_mem,
356d1833
ED		 1996 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
1997 .sysctl_rmem_offset = offsetof(struct net, ipv4.sysctl_tcp_rmem),
1da177e4
LT		 1998 .max_header = MAX_TCP_HEADER,
1999 .obj_size = sizeof(struct tcp6_sock),
5f0d5a3a 2000 .slab_flags = SLAB_TYPESAFE_BY_RCU,
6d6ee43e 2001 .twsk_prot = &tcp6_timewait_sock_ops,
60236fdd 2002 .rsk_prot = &tcp6_request_sock_ops,
39d8cda7 2003 .h.hashinfo = &tcp_hashinfo,
7ba42910 2004 .no_autobind = true,
543d9cfe
ACM		 2005#ifdef CONFIG_COMPAT
2006 .compat_setsockopt = compat_tcp_setsockopt,
2007 .compat_getsockopt = compat_tcp_getsockopt,
d1a4c0b3 2008#endif
c1e64e29 2009 .diag_destroy = tcp_abort,
1da177e4
LT		 2010};
2011
a8e3bb34
DA		 2012/* thinking of making this const? Don't.
2013 * early_demux can change based on sysctl.
2014 */
39294c3d 2015static struct inet6_protocol tcpv6_protocol = {
c7109986 2016 .early_demux = tcp_v6_early_demux,
dddb64bc 2017 .early_demux_handler = tcp_v6_early_demux,
1da177e4
LT		 2018 .handler = tcp_v6_rcv,
2019 .err_handler = tcp_v6_err,
2020 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2021};
2022
1da177e4
LT		 2023static struct inet_protosw tcpv6_protosw = {
2024 .type = SOCK_STREAM,
2025 .protocol = IPPROTO_TCP,
2026 .prot = &tcpv6_prot,
2027 .ops = &inet6_stream_ops,
d83d8461
ACM		 2028 .flags = INET_PROTOSW_PERMANENT |
2029 INET_PROTOSW_ICSK,
1da177e4
LT		 2030};
2031
2c8c1e72 2032static int __net_init tcpv6_net_init(struct net *net)
93ec926b 2033{
5677242f
DL		 2034 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2035 SOCK_RAW, IPPROTO_TCP, net);
93ec926b
DL		 2036}
2037
2c8c1e72 2038static void __net_exit tcpv6_net_exit(struct net *net)
93ec926b 2039{
5677242f 2040 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
b099ce26
EB		 2041}
2042
2c8c1e72 2043static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
b099ce26 2044{
1946e672 2045 inet_twsk_purge(&tcp_hashinfo, AF_INET6);
93ec926b
DL		 2046}
2047
2048static struct pernet_operations tcpv6_net_ops = {
b099ce26
EB		 2049 .init = tcpv6_net_init,
2050 .exit = tcpv6_net_exit,
2051 .exit_batch = tcpv6_net_exit_batch,
93ec926b
DL		 2052};
2053
7f4e4868 2054int __init tcpv6_init(void)
1da177e4 2055{
7f4e4868
DL		 2056 int ret;
2057
3336288a
VY		 2058 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2059 if (ret)
c6b641a4 2060 goto out;
3336288a 2061
1da177e4 2062 /* register inet6 protocol */
7f4e4868
DL		 2063 ret = inet6_register_protosw(&tcpv6_protosw);
2064 if (ret)
2065 goto out_tcpv6_protocol;
2066
93ec926b 2067 ret = register_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2068 if (ret)
2069 goto out_tcpv6_protosw;
2070out:
2071 return ret;
ae0f7d5f 2072
7f4e4868
DL		 2073out_tcpv6_protosw:
2074 inet6_unregister_protosw(&tcpv6_protosw);
3336288a
VY		 2075out_tcpv6_protocol:
2076 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
7f4e4868
DL		 2077 goto out;
2078}
2079
09f7709f 2080void tcpv6_exit(void)
7f4e4868 2081{
93ec926b 2082 unregister_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2083 inet6_unregister_protosw(&tcpv6_protosw);
2084 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
1da177e4 2085}
Linux 6.x block layer and io_uring tree(s)