projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge tag 'kbuild-fixes-v6.10' of git://git.kernel.org/pub/scm/linux/kernel/git/masah...
[linux-2.6-block.git] / net / ipv6 / tcp_ipv6.c
CommitLineData
2874c5fd 1// SPDX-License-Identifier: GPL-2.0-or-later
1da177e4
LT		 2/*
3 * TCP over IPv6
1ab1457c 4 * Linux INET6 implementation
1da177e4
LT		 5 *
6 * Authors:
1ab1457c 7 * Pedro Roque <roque@di.fc.ul.pt>
1da177e4 8 *
1ab1457c 9 * Based on:
1da177e4
LT		 10 * linux/net/ipv4/tcp.c
11 * linux/net/ipv4/tcp_input.c
12 * linux/net/ipv4/tcp_output.c
13 *
14 * Fixes:
15 * Hideaki YOSHIFUJI : sin6_scope_id support
16 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
17 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
18 * a single port at the same time.
19 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
1da177e4
LT		 20 */
21
eb4dea58 22#include <linux/bottom_half.h>
1da177e4 23#include <linux/module.h>
1da177e4
LT		 24#include <linux/errno.h>
25#include <linux/types.h>
26#include <linux/socket.h>
27#include <linux/sockios.h>
28#include <linux/net.h>
29#include <linux/jiffies.h>
30#include <linux/in.h>
31#include <linux/in6.h>
32#include <linux/netdevice.h>
33#include <linux/init.h>
34#include <linux/jhash.h>
35#include <linux/ipsec.h>
36#include <linux/times.h>
5a0e3ad6 37#include <linux/slab.h>
4aa956d8 38#include <linux/uaccess.h>
1da177e4
LT		 39#include <linux/ipv6.h>
40#include <linux/icmpv6.h>
41#include <linux/random.h>
0e219ae4 42#include <linux/indirect_call_wrapper.h>
1da177e4
LT		 43
44#include <net/tcp.h>
45#include <net/ndisc.h>
5324a040 46#include <net/inet6_hashtables.h>
8129765a 47#include <net/inet6_connection_sock.h>
1da177e4
LT		 48#include <net/ipv6.h>
49#include <net/transp_v6.h>
50#include <net/addrconf.h>
51#include <net/ip6_route.h>
52#include <net/ip6_checksum.h>
53#include <net/inet_ecn.h>
54#include <net/protocol.h>
55#include <net/xfrm.h>
1da177e4
LT		 56#include <net/snmp.h>
57#include <net/dsfield.h>
6d6ee43e 58#include <net/timewait_sock.h>
3d58b5fa 59#include <net/inet_common.h>
6e5714ea 60#include <net/secure_seq.h>
4ea0875b 61#include <net/hotdata.h>
076bb0c8 62#include <net/busy_poll.h>
6be49dea 63#include <net/rstreason.h>
1da177e4 64
1da177e4
LT		 65#include <linux/proc_fs.h>
66#include <linux/seq_file.h>
67
cf80e0e4 68#include <crypto/hash.h>
cfb6eeb4
YH		 69#include <linux/scatterlist.h>
70
c24b14c4
SL		 71#include <trace/events/tcp.h>
72
6be49dea
JX		 73static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb,
74 enum sk_rst_reason reason);
a00e7444 75static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
6edafaaf 76 struct request_sock *req);
1da177e4 77
d2489c7b 78INDIRECT_CALLABLE_SCOPE int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
1da177e4 79
3b401a81 80static const struct inet_connection_sock_af_ops ipv6_mapped;
35b2c321 81const struct inet_connection_sock_af_ops ipv6_specific;
4954f17d 82#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO)
b2e4b3de
SH		 83static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
84static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
a928630a 85#endif
1da177e4 86
93a77c11
ED		 87/* Helper returning the inet6 address from a given tcp socket.
88 * It can be used in TCP stack instead of inet6_sk(sk).
89 * This avoids a dereference and allow compiler optimizations.
f5d54767 90 * It is a specialized version of inet6_sk_generic().
93a77c11 91 */
fe79bd65
PB		 92#define tcp_inet6_sk(sk) (&container_of_const(tcp_sk(sk), \
93 struct tcp6_sock, tcp)->inet6)
93a77c11 94
fae6ef87
NC		 95static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
96{
97 struct dst_entry *dst = skb_dst(skb);
fae6ef87 98
5037e9ef 99 if (dst && dst_hold_safe(dst)) {
8f905c0e 100 rcu_assign_pointer(sk->sk_rx_dst, dst);
0c0a5ef8 101 sk->sk_rx_dst_ifindex = skb->skb_iif;
e8dfd42c 102 sk->sk_rx_dst_cookie = rt6_get_cookie(dst_rt6_info(dst));
ca777eff 103 }
fae6ef87
NC		 104}
105
84b114b9 106static u32 tcp_v6_init_seq(const struct sk_buff *skb)
1da177e4 107{
84b114b9
ED		 108 return secure_tcpv6_seq(ipv6_hdr(skb)->daddr.s6_addr32,
109 ipv6_hdr(skb)->saddr.s6_addr32,
110 tcp_hdr(skb)->dest,
111 tcp_hdr(skb)->source);
112}
113
5d2ed052 114static u32 tcp_v6_init_ts_off(const struct net *net, const struct sk_buff *skb)
84b114b9 115{
5d2ed052 116 return secure_tcpv6_ts_off(net, ipv6_hdr(skb)->daddr.s6_addr32,
84b114b9 117 ipv6_hdr(skb)->saddr.s6_addr32);
1da177e4
LT		 118}
119
d74bad4e
AI		 120static int tcp_v6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
121 int addr_len)
122{
123 /* This check is replicated from tcp_v6_connect() and intended to
124 * prevent BPF program called below from accessing bytes that are out
125 * of the bound specified by user in addr_len.
126 */
127 if (addr_len < SIN6_LEN_RFC2133)
128 return -EINVAL;
129
130 sock_owned_by_me(sk);
131
fefba7d1 132 return BPF_CGROUP_RUN_PROG_INET6_CONNECT(sk, uaddr, &addr_len);
d74bad4e
AI		 133}
134
1ab1457c 135static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
1da177e4
LT		 136 int addr_len)
137{
138 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
d83d8461 139 struct inet_connection_sock *icsk = inet_csk(sk);
08eaef90 140 struct in6_addr *saddr = NULL, *final_p, final;
fbb82952 141 struct inet_timewait_death_row *tcp_death_row;
93a77c11 142 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
08eaef90 143 struct inet_sock *inet = inet_sk(sk);
1da177e4 144 struct tcp_sock *tp = tcp_sk(sk);
08eaef90 145 struct net *net = sock_net(sk);
45f6fad8 146 struct ipv6_txoptions *opt;
1da177e4 147 struct dst_entry *dst;
08eaef90 148 struct flowi6 fl6;
1da177e4
LT		 149 int addr_type;
150 int err;
151
1ab1457c 152 if (addr_len < SIN6_LEN_RFC2133)
1da177e4
LT		 153 return -EINVAL;
154
1ab1457c 155 if (usin->sin6_family != AF_INET6)
a02cec21 156 return -EAFNOSUPPORT;
1da177e4 157
4c9483b2 158 memset(&fl6, 0, sizeof(fl6));
1da177e4 159
859f8b26 160 if (inet6_test_bit(SNDFLOW, sk)) {
4c9483b2
DM		 161 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
162 IP6_ECN_flow_init(fl6.flowlabel);
163 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
1da177e4 164 struct ip6_flowlabel *flowlabel;
4c9483b2 165 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
59c820b2 166 if (IS_ERR(flowlabel))
1da177e4 167 return -EINVAL;
1da177e4
LT		 168 fl6_sock_release(flowlabel);
169 }
170 }
171
172 /*
1ab1457c
YH		 173 * connect() to INADDR_ANY means loopback (BSD'ism).
174 */
175
052d2369
JL		 176 if (ipv6_addr_any(&usin->sin6_addr)) {
177 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
178 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
179 &usin->sin6_addr);
180 else
181 usin->sin6_addr = in6addr_loopback;
182 }
1da177e4
LT		 183
184 addr_type = ipv6_addr_type(&usin->sin6_addr);
185
4c99aa40 186 if (addr_type & IPV6_ADDR_MULTICAST)
1da177e4
LT		 187 return -ENETUNREACH;
188
189 if (addr_type&IPV6_ADDR_LINKLOCAL) {
190 if (addr_len >= sizeof(struct sockaddr_in6) &&
191 usin->sin6_scope_id) {
192 /* If interface is set while binding, indices
193 * must coincide.
194 */
54dc3e33 195 if (!sk_dev_equal_l3scope(sk, usin->sin6_scope_id))
1da177e4
LT		 196 return -EINVAL;
197
198 sk->sk_bound_dev_if = usin->sin6_scope_id;
199 }
200
201 /* Connect to link-local address requires an interface */
202 if (!sk->sk_bound_dev_if)
203 return -EINVAL;
204 }
205
206 if (tp->rx_opt.ts_recent_stamp &&
efe4208f 207 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
1da177e4
LT		 208 tp->rx_opt.ts_recent = 0;
209 tp->rx_opt.ts_recent_stamp = 0;
0f317464 210 WRITE_ONCE(tp->write_seq, 0);
1da177e4
LT		 211 }
212
efe4208f 213 sk->sk_v6_daddr = usin->sin6_addr;
4c9483b2 214 np->flow_label = fl6.flowlabel;
1da177e4
LT		 215
216 /*
217 * TCP over IPv4
218 */
219
052d2369 220 if (addr_type & IPV6_ADDR_MAPPED) {
d83d8461 221 u32 exthdrlen = icsk->icsk_ext_hdr_len;
1da177e4
LT		 222 struct sockaddr_in sin;
223
89e9c728 224 if (ipv6_only_sock(sk))
1da177e4
LT		 225 return -ENETUNREACH;
226
227 sin.sin_family = AF_INET;
228 sin.sin_port = usin->sin6_port;
229 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
230
f49cd2f4
KI		 231 /* Paired with READ_ONCE() in tcp_(get|set)sockopt() */
232 WRITE_ONCE(icsk->icsk_af_ops, &ipv6_mapped);
cec37a6e 233 if (sk_is_mptcp(sk))
31484d56 234 mptcpv6_handle_mapped(sk, true);
1da177e4 235 sk->sk_backlog_rcv = tcp_v4_do_rcv;
4954f17d 236#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO)
cfb6eeb4
YH		 237 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
238#endif
1da177e4
LT		 239
240 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
241
242 if (err) {
d83d8461 243 icsk->icsk_ext_hdr_len = exthdrlen;
f49cd2f4
KI		 244 /* Paired with READ_ONCE() in tcp_(get|set)sockopt() */
245 WRITE_ONCE(icsk->icsk_af_ops, &ipv6_specific);
cec37a6e 246 if (sk_is_mptcp(sk))
31484d56 247 mptcpv6_handle_mapped(sk, false);
1da177e4 248 sk->sk_backlog_rcv = tcp_v6_do_rcv;
4954f17d 249#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO)
cfb6eeb4
YH		 250 tp->af_specific = &tcp_sock_ipv6_specific;
251#endif
1da177e4 252 goto failure;
1da177e4 253 }
d1e559d0 254 np->saddr = sk->sk_v6_rcv_saddr;
1da177e4
LT		 255
256 return err;
257 }
258
efe4208f
ED		 259 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
260 saddr = &sk->sk_v6_rcv_saddr;
1da177e4 261
4c9483b2 262 fl6.flowi6_proto = IPPROTO_TCP;
efe4208f 263 fl6.daddr = sk->sk_v6_daddr;
4e3fd7a0 264 fl6.saddr = saddr ? *saddr : np->saddr;
8230680f 265 fl6.flowlabel = ip6_make_flowinfo(np->tclass, np->flow_label);
4c9483b2
DM		 266 fl6.flowi6_oif = sk->sk_bound_dev_if;
267 fl6.flowi6_mark = sk->sk_mark;
1958b856
DM		 268 fl6.fl6_dport = usin->sin6_port;
269 fl6.fl6_sport = inet->inet_sport;
e2d118a1 270 fl6.flowi6_uid = sk->sk_uid;
1da177e4 271
1e1d04e6 272 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
45f6fad8 273 final_p = fl6_update_dst(&fl6, opt, &final);
1da177e4 274
3df98d79 275 security_sk_classify_flow(sk, flowi6_to_flowi_common(&fl6));
beb8d13b 276
08eaef90 277 dst = ip6_dst_lookup_flow(net, sk, &fl6, final_p);
68d0c6d3
DM		 278 if (IS_ERR(dst)) {
279 err = PTR_ERR(dst);
1da177e4 280 goto failure;
14e50e57 281 }
1da177e4 282
614e8316 283 tp->tcp_usec_ts = dst_tcp_usec_ts(dst);
4461568a
KI		 284 tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row;
285
63159f29 286 if (!saddr) {
4c9483b2 287 saddr = &fl6.saddr;
8c5dae4c
KI		 288
289 err = inet_bhash2_update_saddr(sk, saddr, AF_INET6);
290 if (err)
291 goto failure;
1da177e4
LT		 292 }
293
294 /* set the source address */
4e3fd7a0 295 np->saddr = *saddr;
c720c7e8 296 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 297
f83ef8c0 298 sk->sk_gso_type = SKB_GSO_TCPV6;
6bd4f355 299 ip6_dst_store(sk, dst, NULL, NULL);
1da177e4 300
d83d8461 301 icsk->icsk_ext_hdr_len = 0;
45f6fad8
ED		 302 if (opt)
303 icsk->icsk_ext_hdr_len = opt->opt_flen +
304 opt->opt_nflen;
1da177e4
LT		 305
306 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
307
c720c7e8 308 inet->inet_dport = usin->sin6_port;
1da177e4
LT		 309
310 tcp_set_state(sk, TCP_SYN_SENT);
1946e672 311 err = inet6_hash_connect(tcp_death_row, sk);
1da177e4
LT		 312 if (err)
313 goto late_failure;
314
877d1f62 315 sk_set_txhash(sk);
9e7ceb06 316
00355fa5 317 if (likely(!tp->repair)) {
00355fa5 318 if (!tp->write_seq)
0f317464
ED		 319 WRITE_ONCE(tp->write_seq,
320 secure_tcpv6_seq(np->saddr.s6_addr32,
321 sk->sk_v6_daddr.s6_addr32,
322 inet->inet_sport,
323 inet->inet_dport));
08eaef90 324 tp->tsoffset = secure_tcpv6_ts_off(net, np->saddr.s6_addr32,
84b114b9 325 sk->sk_v6_daddr.s6_addr32);
00355fa5 326 }
1da177e4 327
19f6d3f3
WW		 328 if (tcp_fastopen_defer_connect(sk, &err))
329 return err;
330 if (err)
331 goto late_failure;
332
1da177e4
LT		 333 err = tcp_connect(sk);
334 if (err)
335 goto late_failure;
336
337 return 0;
338
339late_failure:
340 tcp_set_state(sk, TCP_CLOSE);
e0833d1f 341 inet_bhash2_reset_saddr(sk);
1da177e4 342failure:
c720c7e8 343 inet->inet_dport = 0;
1da177e4
LT		 344 sk->sk_route_caps = 0;
345 return err;
346}
347
563d34d0
ED		 348static void tcp_v6_mtu_reduced(struct sock *sk)
349{
350 struct dst_entry *dst;
c7bb4b89 351 u32 mtu;
563d34d0
ED		 352
353 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
354 return;
355
c7bb4b89
ED		 356 mtu = READ_ONCE(tcp_sk(sk)->mtu_info);
357
358 /* Drop requests trying to increase our current mss.
359 * Check done in __ip6_rt_update_pmtu() is too late.
360 */
361 if (tcp_mtu_to_mss(sk, mtu) >= tcp_sk(sk)->mss_cache)
362 return;
363
364 dst = inet6_csk_update_pmtu(sk, mtu);
563d34d0
ED		 365 if (!dst)
366 return;
367
368 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
369 tcp_sync_mss(sk, dst_mtu(dst));
370 tcp_simple_retransmit(sk);
371 }
372}
373
32bbd879 374static int tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
d5fdd6ba 375 u8 type, u8 code, int offset, __be32 info)
1da177e4 376{
4c99aa40 377 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
505cbfc5 378 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
2215089b
ED		 379 struct net *net = dev_net(skb->dev);
380 struct request_sock *fastopen;
1da177e4 381 struct ipv6_pinfo *np;
1ab1457c 382 struct tcp_sock *tp;
0a672f74 383 __u32 seq, snd_una;
2215089b 384 struct sock *sk;
b59db45d 385 bool fatal;
2215089b 386 int err;
1da177e4 387
4461568a 388 sk = __inet6_lookup_established(net, net->ipv4.tcp_death_row.hashinfo,
2215089b
ED		 389 &hdr->daddr, th->dest,
390 &hdr->saddr, ntohs(th->source),
4297a0ef 391 skb->dev->ifindex, inet6_sdif(skb));
1da177e4 392
2215089b 393 if (!sk) {
a16292a0
ED		 394 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
395 ICMP6_MIB_INERRORS);
32bbd879 396 return -ENOENT;
1da177e4
LT		 397 }
398
399 if (sk->sk_state == TCP_TIME_WAIT) {
953af8e3
DS		 400 /* To increase the counter of ignored icmps for TCP-AO */
401 tcp_ao_ignore_icmp(sk, AF_INET6, type, code);
9469c7b4 402 inet_twsk_put(inet_twsk(sk));
32bbd879 403 return 0;
1da177e4 404 }
2215089b 405 seq = ntohl(th->seq);
b59db45d 406 fatal = icmpv6_err_convert(type, code, &err);
32bbd879 407 if (sk->sk_state == TCP_NEW_SYN_RECV) {
b59db45d 408 tcp_req_err(sk, seq, fatal);
32bbd879
SB		 409 return 0;
410 }
1da177e4 411
953af8e3
DS		 412 if (tcp_ao_ignore_icmp(sk, AF_INET6, type, code)) {
413 sock_put(sk);
414 return 0;
415 }
416
1da177e4 417 bh_lock_sock(sk);
563d34d0 418 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
02a1d6e7 419 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
1da177e4
LT		 420
421 if (sk->sk_state == TCP_CLOSE)
422 goto out;
423
790eb673
ED		 424 if (static_branch_unlikely(&ip6_min_hopcount)) {
425 /* min_hopcount can be changed concurrently from do_ipv6_setsockopt() */
426 if (ipv6_hdr(skb)->hop_limit < READ_ONCE(tcp_inet6_sk(sk)->min_hopcount)) {
427 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
428 goto out;
429 }
e802af9c
SH		 430 }
431
1da177e4 432 tp = tcp_sk(sk);
0a672f74 433 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
d983ea6f 434 fastopen = rcu_dereference(tp->fastopen_rsk);
0a672f74 435 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
1da177e4 436 if (sk->sk_state != TCP_LISTEN &&
0a672f74 437 !between(seq, snd_una, tp->snd_nxt)) {
02a1d6e7 438 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
1da177e4
LT		 439 goto out;
440 }
441
93a77c11 442 np = tcp_inet6_sk(sk);
1da177e4 443
ec18d9a2 444 if (type == NDISC_REDIRECT) {
45caeaa5
JM		 445 if (!sock_owned_by_user(sk)) {
446 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
ec18d9a2 447
45caeaa5
JM		 448 if (dst)
449 dst->ops->redirect(dst, sk, skb);
450 }
50a75a89 451 goto out;
ec18d9a2
DM		 452 }
453
1da177e4 454 if (type == ICMPV6_PKT_TOOBIG) {
c7bb4b89
ED		 455 u32 mtu = ntohl(info);
456
0d4f0608
ED		 457 /* We are not interested in TCP_LISTEN and open_requests
458 * (SYN-ACKs send out by Linux are always <576bytes so
459 * they should go through unfragmented).
460 */
461 if (sk->sk_state == TCP_LISTEN)
462 goto out;
463
93b36cf3
HFS		 464 if (!ip6_sk_accept_pmtu(sk))
465 goto out;
466
c7bb4b89
ED		 467 if (mtu < IPV6_MIN_MTU)
468 goto out;
469
470 WRITE_ONCE(tp->mtu_info, mtu);
471
563d34d0
ED		 472 if (!sock_owned_by_user(sk))
473 tcp_v6_mtu_reduced(sk);
d013ef2a 474 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
7aa5470c 475 &sk->sk_tsq_flags))
d013ef2a 476 sock_hold(sk);
1da177e4
LT		 477 goto out;
478 }
479
1da177e4 480
60236fdd 481 /* Might be for an request_sock */
1da177e4 482 switch (sk->sk_state) {
1da177e4 483 case TCP_SYN_SENT:
0a672f74
YC		 484 case TCP_SYN_RECV:
485 /* Only in fast or simultaneous open. If a fast open socket is
634a63e7 486 * already accepted it is treated as a connected one below.
0a672f74 487 */
63159f29 488 if (fastopen && !fastopen->sk)
0a672f74
YC		 489 break;
490
45af29ca
ED		 491 ipv6_icmp_error(sk, skb, err, th->dest, ntohl(info), (u8 *)th);
492
1da177e4 493 if (!sock_owned_by_user(sk)) {
e13ec3da 494 WRITE_ONCE(sk->sk_err, err);
e3ae2365 495 sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
1da177e4
LT		 496
497 tcp_done(sk);
cee1af82
ED		 498 } else {
499 WRITE_ONCE(sk->sk_err_soft, err);
500 }
1da177e4 501 goto out;
d2924569
ED		 502 case TCP_LISTEN:
503 break;
504 default:
505 /* check if this ICMP message allows revert of backoff.
506 * (see RFC 6069)
507 */
508 if (!fastopen && type == ICMPV6_DEST_UNREACH &&
509 code == ICMPV6_NOROUTE)
510 tcp_ld_RTO_revert(sk, seq);
1da177e4
LT		 511 }
512
3fa29971 513 if (!sock_owned_by_user(sk) && inet6_test_bit(RECVERR6, sk)) {
e13ec3da 514 WRITE_ONCE(sk->sk_err, err);
e3ae2365 515 sk_error_report(sk);
cee1af82
ED		 516 } else {
517 WRITE_ONCE(sk->sk_err_soft, err);
518 }
1da177e4
LT		 519out:
520 bh_unlock_sock(sk);
521 sock_put(sk);
32bbd879 522 return 0;
1da177e4
LT		 523}
524
525
0f935dbe 526static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
d6274bd8 527 struct flowi *fl,
3840a06e 528 struct request_sock *req,
ca6fb065 529 struct tcp_fastopen_cookie *foc,
331fca43
MKL		 530 enum tcp_synack_type synack_type,
531 struct sk_buff *syn_skb)
1da177e4 532{
634fb979 533 struct inet_request_sock *ireq = inet_rsk(req);
fe79bd65 534 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
56ac42bc 535 struct ipv6_txoptions *opt;
d6274bd8 536 struct flowi6 *fl6 = &fl->u.ip6;
4c99aa40 537 struct sk_buff *skb;
9494218f 538 int err = -ENOMEM;
ac8f1710 539 u8 tclass;
1da177e4 540
9f10d3f6 541 /* First, grab a route. */
f76b33c3
ED		 542 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
543 IPPROTO_TCP)) == NULL)
fd80eb94 544 goto done;
9494218f 545
331fca43 546 skb = tcp_make_synack(sk, dst, req, foc, synack_type, syn_skb);
9494218f 547
1da177e4 548 if (skb) {
634fb979
ED		 549 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
550 &ireq->ir_v6_rmt_addr);
1da177e4 551
634fb979 552 fl6->daddr = ireq->ir_v6_rmt_addr;
3cccda8d 553 if (inet6_test_bit(REPFLOW, sk) && ireq->pktopts)
df3687ff
FF		 554 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
555
870e3a63 556 tclass = READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_reflect_tos) ?
8ef44b6f
WW		 557 (tcp_rsk(req)->syn_tos & ~INET_ECN_MASK) |
558 (np->tclass & INET_ECN_MASK) :
861602b5 559 np->tclass;
407c85c7
AD		 560
561 if (!INET_ECN_is_capable(tclass) &&
562 tcp_bpf_ca_needs_ecn((struct sock *)req))
563 tclass |= INET_ECN_ECT_0;
564
565 rcu_read_lock();
566 opt = ireq->ipv6_opt;
56ac42bc
HD		 567 if (!opt)
568 opt = rcu_dereference(np->opt);
3c5b4d69 569 err = ip6_xmit(sk, skb, fl6, skb->mark ? : READ_ONCE(sk->sk_mark),
10bbf165 570 opt, tclass, READ_ONCE(sk->sk_priority));
3e4006f0 571 rcu_read_unlock();
b9df3cb8 572 err = net_xmit_eval(err);
1da177e4
LT		 573 }
574
575done:
1da177e4
LT		 576 return err;
577}
578
72659ecc 579
60236fdd 580static void tcp_v6_reqsk_destructor(struct request_sock *req)
1da177e4 581{
56ac42bc 582 kfree(inet_rsk(req)->ipv6_opt);
12c8691d 583 consume_skb(inet_rsk(req)->pktopts);
1da177e4
LT		 584}
585
cfb6eeb4 586#ifdef CONFIG_TCP_MD5SIG
b83e3deb 587static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
dea53bb8
DA		 588 const struct in6_addr *addr,
589 int l3index)
cfb6eeb4 590{
dea53bb8
DA		 591 return tcp_md5_do_lookup(sk, l3index,
592 (union tcp_md5_addr *)addr, AF_INET6);
cfb6eeb4
YH		 593}
594
b83e3deb 595static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
fd3a154a 596 const struct sock *addr_sk)
cfb6eeb4 597{
dea53bb8
DA		 598 int l3index;
599
600 l3index = l3mdev_master_ifindex_by_index(sock_net(sk),
601 addr_sk->sk_bound_dev_if);
602 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr,
603 l3index);
cfb6eeb4
YH		 604}
605
8917a777 606static int tcp_v6_parse_md5_keys(struct sock *sk, int optname,
d4c19c49 607 sockptr_t optval, int optlen)
cfb6eeb4
YH		 608{
609 struct tcp_md5sig cmd;
610 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
0aadc739 611 union tcp_ao_addr *addr;
dea53bb8 612 int l3index = 0;
8917a777 613 u8 prefixlen;
248411b8 614 bool l3flag;
a76c2315 615 u8 flags;
cfb6eeb4
YH		 616
617 if (optlen < sizeof(cmd))
618 return -EINVAL;
619
d4c19c49 620 if (copy_from_sockptr(&cmd, optval, sizeof(cmd)))
cfb6eeb4
YH		 621 return -EFAULT;
622
623 if (sin6->sin6_family != AF_INET6)
624 return -EINVAL;
625
a76c2315 626 flags = cmd.tcpm_flags & TCP_MD5SIG_FLAG_IFINDEX;
248411b8 627 l3flag = cmd.tcpm_flags & TCP_MD5SIG_FLAG_IFINDEX;
a76c2315 628
8917a777
ID		 629 if (optname == TCP_MD5SIG_EXT &&
630 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
631 prefixlen = cmd.tcpm_prefixlen;
632 if (prefixlen > 128 || (ipv6_addr_v4mapped(&sin6->sin6_addr) &&
633 prefixlen > 32))
634 return -EINVAL;
635 } else {
636 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128;
637 }
638
a76c2315 639 if (optname == TCP_MD5SIG_EXT && cmd.tcpm_ifindex &&
6b102db5
DA		 640 cmd.tcpm_flags & TCP_MD5SIG_FLAG_IFINDEX) {
641 struct net_device *dev;
642
643 rcu_read_lock();
644 dev = dev_get_by_index_rcu(sock_net(sk), cmd.tcpm_ifindex);
645 if (dev && netif_is_l3_master(dev))
646 l3index = dev->ifindex;
647 rcu_read_unlock();
648
649 /* ok to reference set/not set outside of rcu;
650 * right now device MUST be an L3 master
651 */
652 if (!dev || !l3index)
653 return -EINVAL;
654 }
655
cfb6eeb4 656 if (!cmd.tcpm_keylen) {
e773e4fa 657 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
a915da9b 658 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
6b102db5 659 AF_INET, prefixlen,
a76c2315 660 l3index, flags);
a915da9b 661 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
a76c2315 662 AF_INET6, prefixlen, l3index, flags);
cfb6eeb4
YH		 663 }
664
665 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
666 return -EINVAL;
667
0aadc739
DS		 668 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) {
669 addr = (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3];
670
671 /* Don't allow keys for peers that have a matching TCP-AO key.
672 * See the comment in tcp_ao_add_cmd()
673 */
248411b8
DS		 674 if (tcp_ao_required(sk, addr, AF_INET,
675 l3flag ? l3index : -1, false))
0aadc739
DS		 676 return -EKEYREJECTED;
677 return tcp_md5_do_add(sk, addr,
a76c2315 678 AF_INET, prefixlen, l3index, flags,
459837b5 679 cmd.tcpm_key, cmd.tcpm_keylen);
0aadc739
DS		 680 }
681
682 addr = (union tcp_md5_addr *)&sin6->sin6_addr;
683
684 /* Don't allow keys for peers that have a matching TCP-AO key.
685 * See the comment in tcp_ao_add_cmd()
686 */
248411b8 687 if (tcp_ao_required(sk, addr, AF_INET6, l3flag ? l3index : -1, false))
0aadc739 688 return -EKEYREJECTED;
cfb6eeb4 689
0aadc739 690 return tcp_md5_do_add(sk, addr, AF_INET6, prefixlen, l3index, flags,
459837b5 691 cmd.tcpm_key, cmd.tcpm_keylen);
cfb6eeb4
YH		 692}
693
8c73b263 694static int tcp_v6_md5_hash_headers(struct tcp_sigpool *hp,
19689e38
ED		 695 const struct in6_addr *daddr,
696 const struct in6_addr *saddr,
697 const struct tcphdr *th, int nbytes)
cfb6eeb4 698{
cfb6eeb4 699 struct tcp6_pseudohdr *bp;
49a72dfb 700 struct scatterlist sg;
19689e38 701 struct tcphdr *_th;
8d26d76d 702
19689e38 703 bp = hp->scratch;
cfb6eeb4 704 /* 1. TCP pseudo-header (RFC2460) */
4e3fd7a0
AD		 705 bp->saddr = *saddr;
706 bp->daddr = *daddr;
49a72dfb 707 bp->protocol = cpu_to_be32(IPPROTO_TCP);
00b1304c 708 bp->len = cpu_to_be32(nbytes);
cfb6eeb4 709
19689e38
ED		 710 _th = (struct tcphdr *)(bp + 1);
711 memcpy(_th, th, sizeof(*th));
712 _th->check = 0;
713
714 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
8c73b263 715 ahash_request_set_crypt(hp->req, &sg, NULL,
19689e38 716 sizeof(*bp) + sizeof(*th));
8c73b263 717 return crypto_ahash_update(hp->req);
49a72dfb 718}
c7da57a1 719
19689e38 720static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
b71d1d42 721 const struct in6_addr *daddr, struct in6_addr *saddr,
318cf7aa 722 const struct tcphdr *th)
49a72dfb 723{
8c73b263 724 struct tcp_sigpool hp;
49a72dfb 725
8c73b263
DS		 726 if (tcp_sigpool_start(tcp_md5_sigpool_id, &hp))
727 goto clear_hash_nostart;
49a72dfb 728
8c73b263 729 if (crypto_ahash_init(hp.req))
49a72dfb 730 goto clear_hash;
8c73b263 731 if (tcp_v6_md5_hash_headers(&hp, daddr, saddr, th, th->doff << 2))
49a72dfb 732 goto clear_hash;
8c73b263 733 if (tcp_md5_hash_key(&hp, key))
49a72dfb 734 goto clear_hash;
8c73b263
DS		 735 ahash_request_set_crypt(hp.req, NULL, md5_hash, 0);
736 if (crypto_ahash_final(hp.req))
cfb6eeb4 737 goto clear_hash;
cfb6eeb4 738
8c73b263 739 tcp_sigpool_end(&hp);
cfb6eeb4 740 return 0;
49a72dfb 741
cfb6eeb4 742clear_hash:
8c73b263
DS		 743 tcp_sigpool_end(&hp);
744clear_hash_nostart:
cfb6eeb4 745 memset(md5_hash, 0, 16);
49a72dfb 746 return 1;
cfb6eeb4
YH		 747}
748
39f8e58e
ED		 749static int tcp_v6_md5_hash_skb(char *md5_hash,
750 const struct tcp_md5sig_key *key,
318cf7aa 751 const struct sock *sk,
318cf7aa 752 const struct sk_buff *skb)
cfb6eeb4 753{
318cf7aa 754 const struct tcphdr *th = tcp_hdr(skb);
8c73b263
DS		 755 const struct in6_addr *saddr, *daddr;
756 struct tcp_sigpool hp;
cfb6eeb4 757
39f8e58e
ED		 758 if (sk) { /* valid for establish/request sockets */
759 saddr = &sk->sk_v6_rcv_saddr;
efe4208f 760 daddr = &sk->sk_v6_daddr;
49a72dfb 761 } else {
b71d1d42 762 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
49a72dfb
AL		 763 saddr = &ip6h->saddr;
764 daddr = &ip6h->daddr;
cfb6eeb4 765 }
49a72dfb 766
8c73b263
DS		 767 if (tcp_sigpool_start(tcp_md5_sigpool_id, &hp))
768 goto clear_hash_nostart;
49a72dfb 769
8c73b263 770 if (crypto_ahash_init(hp.req))
49a72dfb
AL		 771 goto clear_hash;
772
8c73b263 773 if (tcp_v6_md5_hash_headers(&hp, daddr, saddr, th, skb->len))
49a72dfb 774 goto clear_hash;
8c73b263 775 if (tcp_sigpool_hash_skb_data(&hp, skb, th->doff << 2))
49a72dfb 776 goto clear_hash;
8c73b263 777 if (tcp_md5_hash_key(&hp, key))
49a72dfb 778 goto clear_hash;
8c73b263
DS		 779 ahash_request_set_crypt(hp.req, NULL, md5_hash, 0);
780 if (crypto_ahash_final(hp.req))
49a72dfb
AL		 781 goto clear_hash;
782
8c73b263 783 tcp_sigpool_end(&hp);
49a72dfb
AL		 784 return 0;
785
786clear_hash:
8c73b263
DS		 787 tcp_sigpool_end(&hp);
788clear_hash_nostart:
49a72dfb
AL		 789 memset(md5_hash, 0, 16);
790 return 1;
cfb6eeb4 791}
ba8e275a
ED		 792#endif
793
b40cf18e
ED		 794static void tcp_v6_init_req(struct request_sock *req,
795 const struct sock *sk_listener,
b9e81040
ED		 796 struct sk_buff *skb,
797 u32 tw_isn)
16bea70a 798{
c2027d1e 799 bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
16bea70a 800 struct inet_request_sock *ireq = inet_rsk(req);
93a77c11 801 const struct ipv6_pinfo *np = tcp_inet6_sk(sk_listener);
16bea70a
OP		 802
803 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
804 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
805
16bea70a 806 /* So that link locals have meaning */
c2027d1e 807 if ((!sk_listener->sk_bound_dev_if || l3_slave) &&
16bea70a 808 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
870c3151 809 ireq->ir_iif = tcp_v6_iif(skb);
16bea70a 810
b9e81040 811 if (!tw_isn &&
b40cf18e 812 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
a224772d 813 np->rxopt.bits.rxinfo ||
16bea70a 814 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
3cccda8d 815 np->rxopt.bits.rxohlim || inet6_test_bit(REPFLOW, sk_listener))) {
63354797 816 refcount_inc(&skb->users);
16bea70a
OP		 817 ireq->pktopts = skb;
818 }
819}
820
f964629e 821static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
7ea851d1 822 struct sk_buff *skb,
f964629e 823 struct flowi *fl,
b9e81040
ED		 824 struct request_sock *req,
825 u32 tw_isn)
d94e0417 826{
b9e81040 827 tcp_v6_init_req(req, sk, skb, tw_isn);
7ea851d1
FW		 828
829 if (security_inet_conn_request(sk, skb, req))
830 return NULL;
831
f76b33c3 832 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
d94e0417
OP		 833}
834
c6aefafb 835struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
1da177e4 836 .family = AF_INET6,
2e6599cb 837 .obj_size = sizeof(struct tcp6_request_sock),
5db92c99 838 .rtx_syn_ack = tcp_rtx_synack,
60236fdd
ACM		 839 .send_ack = tcp_v6_reqsk_send_ack,
840 .destructor = tcp_v6_reqsk_destructor,
72659ecc 841 .send_reset = tcp_v6_send_reset,
4aa956d8 842 .syn_ack_timeout = tcp_syn_ack_timeout,
1da177e4
LT		 843};
844
35b2c321 845const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
2aec4a29
OP		 846 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
847 sizeof(struct ipv6hdr),
16bea70a 848#ifdef CONFIG_TCP_MD5SIG
fd3a154a 849 .req_md5_lookup = tcp_v6_md5_lookup,
e3afe7b7 850 .calc_md5_hash = tcp_v6_md5_hash_skb,
b6332e6c 851#endif
06b22ef2
DS		 852#ifdef CONFIG_TCP_AO
853 .ao_lookup = tcp_v6_ao_lookup_rsk,
854 .ao_calc_key = tcp_v6_ao_calc_key_rsk,
9427c6aa 855 .ao_synack_hash = tcp_v6_ao_synack_hash,
06b22ef2 856#endif
fb7b37a7
OP		 857#ifdef CONFIG_SYN_COOKIES
858 .cookie_init_seq = cookie_v6_init_sequence,
859#endif
d94e0417 860 .route_req = tcp_v6_route_req,
84b114b9
ED		 861 .init_seq = tcp_v6_init_seq,
862 .init_ts_off = tcp_v6_init_ts_off,
d6274bd8 863 .send_synack = tcp_v6_send_synack,
16bea70a 864};
cfb6eeb4 865
a00e7444 866static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
0f85feae 867 u32 ack, u32 win, u32 tsval, u32 tsecr,
ba7783ad
DS		 868 int oif, int rst, u8 tclass, __be32 label,
869 u32 priority, u32 txhash, struct tcp_key *key)
1da177e4 870{
cf533ea5
ED		 871 const struct tcphdr *th = tcp_hdr(skb);
872 struct tcphdr *t1;
1da177e4 873 struct sk_buff *buff;
4c9483b2 874 struct flowi6 fl6;
0f85feae 875 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
e5047992 876 struct sock *ctl_sk = net->ipv6.tcp_sk;
77c676da 877 unsigned int tot_len = sizeof(struct tcphdr);
dc87efdb 878 __be32 mrst = 0, *topt;
adf30907 879 struct dst_entry *dst;
00483690 880 __u32 mark = 0;
1da177e4 881
ee684b6f 882 if (tsecr)
626e264d 883 tot_len += TCPOLEN_TSTAMP_ALIGNED;
ba7783ad 884 if (tcp_key_is_md5(key))
cfb6eeb4 885 tot_len += TCPOLEN_MD5SIG_ALIGNED;
ba7783ad 886 if (tcp_key_is_ao(key))
da7dfaa6 887 tot_len += tcp_ao_len_aligned(key->ao_key);
cfb6eeb4 888
dc87efdb 889#ifdef CONFIG_MPTCP
ba7783ad 890 if (rst && !tcp_key_is_md5(key)) {
dc87efdb
FW		 891 mrst = mptcp_reset_option(skb);
892
893 if (mrst)
894 tot_len += sizeof(__be32);
895 }
896#endif
897
0ebea8f9 898 buff = alloc_skb(MAX_TCP_HEADER, GFP_ATOMIC);
63159f29 899 if (!buff)
1ab1457c 900 return;
1da177e4 901
0ebea8f9 902 skb_reserve(buff, MAX_TCP_HEADER);
1da177e4 903
d58ff351 904 t1 = skb_push(buff, tot_len);
6651ffc8 905 skb_reset_transport_header(buff);
1da177e4
LT		 906
907 /* Swap the send and the receive. */
908 memset(t1, 0, sizeof(*t1));
909 t1->dest = th->source;
910 t1->source = th->dest;
cfb6eeb4 911 t1->doff = tot_len / 4;
626e264d
IJ		 912 t1->seq = htonl(seq);
913 t1->ack_seq = htonl(ack);
914 t1->ack = !rst || !th->ack;
915 t1->rst = rst;
916 t1->window = htons(win);
1da177e4 917
81ada62d
IJ		 918 topt = (__be32 *)(t1 + 1);
919
ee684b6f 920 if (tsecr) {
626e264d
IJ		 921 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
922 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
ee684b6f
AV		 923 *topt++ = htonl(tsval);
924 *topt++ = htonl(tsecr);
626e264d
IJ		 925 }
926
dc87efdb
FW		 927 if (mrst)
928 *topt++ = mrst;
929
cfb6eeb4 930#ifdef CONFIG_TCP_MD5SIG
ba7783ad 931 if (tcp_key_is_md5(key)) {
81ada62d
IJ		 932 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
933 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
ba7783ad 934 tcp_v6_md5_hash_hdr((__u8 *)topt, key->md5_key,
78e645cb
IJ		 935 &ipv6_hdr(skb)->saddr,
936 &ipv6_hdr(skb)->daddr, t1);
cfb6eeb4
YH		 937 }
938#endif
ba7783ad
DS		 939#ifdef CONFIG_TCP_AO
940 if (tcp_key_is_ao(key)) {
941 *topt++ = htonl((TCPOPT_AO << 24) |
942 (tcp_ao_len(key->ao_key) << 16) |
943 (key->ao_key->sndid << 8) |
944 (key->rcv_next));
945
946 tcp_ao_hash_hdr(AF_INET6, (char *)topt, key->ao_key,
947 key->traffic_key,
948 (union tcp_ao_addr *)&ipv6_hdr(skb)->saddr,
949 (union tcp_ao_addr *)&ipv6_hdr(skb)->daddr,
950 t1, key->sne);
951 }
952#endif
cfb6eeb4 953
4c9483b2 954 memset(&fl6, 0, sizeof(fl6));
4e3fd7a0
AD		 955 fl6.daddr = ipv6_hdr(skb)->saddr;
956 fl6.saddr = ipv6_hdr(skb)->daddr;
1d13a96c 957 fl6.flowlabel = label;
1da177e4 958
e5700aff 959 buff->ip_summed = CHECKSUM_PARTIAL;
e5700aff 960
4c9483b2 961 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
1da177e4 962
4c9483b2 963 fl6.flowi6_proto = IPPROTO_TCP;
a36dbdb2 964 if (rt6_need_strict(&fl6.daddr) && !oif)
870c3151 965 fl6.flowi6_oif = tcp_v6_iif(skb);
9b6c14d5
DA		 966 else {
967 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
968 oif = skb->skb_iif;
969
970 fl6.flowi6_oif = oif;
971 }
1d2f7b2d 972
c67b8555 973 if (sk) {
aa51b80e 974 if (sk->sk_state == TCP_TIME_WAIT)
c67b8555 975 mark = inet_twsk(sk)->tw_mark;
aa51b80e 976 else
3c5b4d69 977 mark = READ_ONCE(sk->sk_mark);
a1ac9c8a 978 skb_set_delivery_time(buff, tcp_transmit_time(sk), true);
c67b8555 979 }
aa51b80e
ED		 980 if (txhash) {
981 /* autoflowlabel/skb_get_hash_flowi6 rely on buff->hash */
982 skb_set_hash(buff, txhash, PKT_HASH_TYPE_L4);
983 }
00483690 984 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark) ?: mark;
1958b856
DM		 985 fl6.fl6_dport = t1->dest;
986 fl6.fl6_sport = t1->source;
e2d118a1 987 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
3df98d79 988 security_skb_classify_flow(skb, flowi6_to_flowi_common(&fl6));
1da177e4 989
c20121ae
DL		 990 /* Pass a socket to ip6_dst_lookup either it is for RST
991 * Underlying function will use this to retrieve the network
992 * namespace
993 */
e22aa148 994 if (sk && sk->sk_state != TCP_TIME_WAIT)
995 dst = ip6_dst_lookup_flow(net, sk, &fl6, NULL); /*sk's xfrm_policy can be referred*/
996 else
997 dst = ip6_dst_lookup_flow(net, ctl_sk, &fl6, NULL);
68d0c6d3
DM		 998 if (!IS_ERR(dst)) {
999 skb_dst_set(buff, dst);
e92dd77e
WW		 1000 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL,
1001 tclass & ~INET_ECN_MASK, priority);
c10d9310 1002 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
68d0c6d3 1003 if (rst)
c10d9310 1004 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
68d0c6d3 1005 return;
1da177e4
LT		 1006 }
1007
1008 kfree_skb(buff);
1009}
1010
6be49dea
JX		 1011static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb,
1012 enum sk_rst_reason reason)
1da177e4 1013{
cf533ea5 1014 const struct tcphdr *th = tcp_hdr(skb);
323a53c4 1015 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
f7dca36f 1016 const __u8 *md5_hash_location = NULL;
ba7783ad
DS		 1017#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO)
1018 bool allocated_traffic_key = false;
658ddaaf 1019#endif
ba7783ad
DS		 1020 const struct tcp_ao_hdr *aoh;
1021 struct tcp_key key = {};
1022 u32 seq = 0, ack_seq = 0;
323a53c4 1023 __be32 label = 0;
e9a5dcee 1024 u32 priority = 0;
323a53c4 1025 struct net *net;
9258b8b1 1026 u32 txhash = 0;
c24b14c4 1027 int oif = 0;
ba7783ad
DS		 1028#ifdef CONFIG_TCP_MD5SIG
1029 unsigned char newhash[16];
1030 int genhash;
1031 struct sock *sk1 = NULL;
1032#endif
1da177e4 1033
626e264d 1034 if (th->rst)
1da177e4
LT		 1035 return;
1036
c3658e8d
ED		 1037 /* If sk not NULL, it means we did a successful lookup and incoming
1038 * route had to be correct. prequeue might have dropped our dst.
1039 */
1040 if (!sk && !ipv6_unicast_destination(skb))
626e264d 1041 return;
1da177e4 1042
39209673 1043 net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
f7dca36f 1044 /* Invalid TCP option size or twice included auth */
ba7783ad 1045 if (tcp_parse_auth_options(th, &md5_hash_location, &aoh))
f7dca36f 1046 return;
ba7783ad 1047#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO)
3b24d854 1048 rcu_read_lock();
ba7783ad
DS		 1049#endif
1050#ifdef CONFIG_TCP_MD5SIG
271c3b9b 1051 if (sk && sk_fullsock(sk)) {
dea53bb8
DA		 1052 int l3index;
1053
1054 /* sdif set, means packet ingressed via a device
1055 * in an L3 domain and inet_iif is set to it.
1056 */
1057 l3index = tcp_v6_sdif(skb) ? tcp_v6_iif_l3_slave(skb) : 0;
ba7783ad
DS		 1058 key.md5_key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr, l3index);
1059 if (key.md5_key)
1060 key.type = TCP_KEY_MD5;
f7dca36f 1061 } else if (md5_hash_location) {
d14c77e0
DA		 1062 int dif = tcp_v6_iif_l3_slave(skb);
1063 int sdif = tcp_v6_sdif(skb);
dea53bb8 1064 int l3index;
d14c77e0 1065
658ddaaf
SL		 1066 /*
1067 * active side is lost. Try to find listening socket through
1068 * source port, and then find md5 key through listening socket.
1069 * we are not loose security here:
1070 * Incoming packet is checked with md5 hash with finding key,
1071 * no RST generated if md5 hash doesn't match.
1072 */
4461568a
KI		 1073 sk1 = inet6_lookup_listener(net, net->ipv4.tcp_death_row.hashinfo,
1074 NULL, 0, &ipv6h->saddr, th->source,
1075 &ipv6h->daddr, ntohs(th->source),
1076 dif, sdif);
658ddaaf 1077 if (!sk1)
3b24d854 1078 goto out;
658ddaaf 1079
dea53bb8
DA		 1080 /* sdif set, means packet ingressed via a device
1081 * in an L3 domain and dif is set to it.
1082 */
1083 l3index = tcp_v6_sdif(skb) ? dif : 0;
1084
ba7783ad
DS		 1085 key.md5_key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr, l3index);
1086 if (!key.md5_key)
3b24d854 1087 goto out;
ba7783ad 1088 key.type = TCP_KEY_MD5;
658ddaaf 1089
ba7783ad 1090 genhash = tcp_v6_md5_hash_skb(newhash, key.md5_key, NULL, skb);
f7dca36f 1091 if (genhash || memcmp(md5_hash_location, newhash, 16) != 0)
3b24d854 1092 goto out;
658ddaaf 1093 }
cfb6eeb4
YH		 1094#endif
1095
626e264d
IJ		 1096 if (th->ack)
1097 seq = ntohl(th->ack_seq);
1098 else
1099 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
1100 (th->doff << 2);
1da177e4 1101
ba7783ad
DS		 1102#ifdef CONFIG_TCP_AO
1103 if (aoh) {
1104 int l3index;
1105
1106 l3index = tcp_v6_sdif(skb) ? tcp_v6_iif_l3_slave(skb) : 0;
64382c71 1107 if (tcp_ao_prepare_reset(sk, skb, aoh, l3index, seq,
ba7783ad
DS		 1108 &key.ao_key, &key.traffic_key,
1109 &allocated_traffic_key,
1110 &key.rcv_next, &key.sne))
1111 goto out;
1112 key.type = TCP_KEY_AO;
1113 }
1114#endif
1115
c24b14c4
SL		 1116 if (sk) {
1117 oif = sk->sk_bound_dev_if;
052e0690 1118 if (sk_fullsock(sk)) {
3cccda8d 1119 if (inet6_test_bit(REPFLOW, sk))
052e0690 1120 label = ip6_flowlabel(ipv6h);
10bbf165 1121 priority = READ_ONCE(sk->sk_priority);
dc6456e9 1122 txhash = sk->sk_txhash;
052e0690 1123 }
f6c0f5d2 1124 if (sk->sk_state == TCP_TIME_WAIT) {
50a8accf 1125 label = cpu_to_be32(inet_twsk(sk)->tw_flowlabel);
f6c0f5d2 1126 priority = inet_twsk(sk)->tw_priority;
9258b8b1 1127 txhash = inet_twsk(sk)->tw_txhash;
f6c0f5d2 1128 }
323a53c4 1129 } else {
a346abe0 1130 if (net->ipv6.sysctl.flowlabel_reflect & FLOWLABEL_REFLECT_TCP_RESET)
323a53c4 1131 label = ip6_flowlabel(ipv6h);
c24b14c4
SL		 1132 }
1133
b533fb9c 1134 trace_tcp_send_reset(sk, skb, reason);
19822a98 1135
ba7783ad
DS		 1136 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, 1,
1137 ipv6_get_dsfield(ipv6h), label, priority, txhash,
1138 &key);
658ddaaf 1139
ba7783ad 1140#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO)
3b24d854 1141out:
ba7783ad
DS		 1142 if (allocated_traffic_key)
1143 kfree(key.traffic_key);
3b24d854 1144 rcu_read_unlock();
658ddaaf 1145#endif
626e264d 1146}
1da177e4 1147
a00e7444 1148static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
0f85feae 1149 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
decde258 1150 struct tcp_key *key, u8 tclass,
aa51b80e 1151 __be32 label, u32 priority, u32 txhash)
626e264d 1152{
ba7783ad 1153 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, 0,
decde258 1154 tclass, label, priority, txhash, key);
1da177e4
LT		 1155}
1156
1157static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1158{
8feaf0c0 1159 struct inet_timewait_sock *tw = inet_twsk(sk);
cfb6eeb4 1160 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
decde258
DS		 1161 struct tcp_key key = {};
1162#ifdef CONFIG_TCP_AO
1163 struct tcp_ao_info *ao_info;
1164
67fa83f7
DS		 1165 if (static_branch_unlikely(&tcp_ao_needed.key)) {
1166
1167 /* FIXME: the segment to-be-acked is not verified yet */
1168 ao_info = rcu_dereference(tcptw->ao_info);
1169 if (ao_info) {
1170 const struct tcp_ao_hdr *aoh;
1171
1172 /* Invalid TCP option size or twice included auth */
1173 if (tcp_parse_auth_options(tcp_hdr(skb), NULL, &aoh))
1174 goto out;
1175 if (aoh)
1176 key.ao_key = tcp_ao_established_key(ao_info,
1177 aoh->rnext_keyid, -1);
decde258
DS		 1178 }
1179 }
1180 if (key.ao_key) {
1181 struct tcp_ao_key *rnext_key;
1182
1183 key.traffic_key = snd_other_key(key.ao_key);
1184 /* rcv_next switches to our rcv_next */
1185 rnext_key = READ_ONCE(ao_info->rnext_key);
1186 key.rcv_next = rnext_key->rcvid;
64382c71 1187 key.sne = READ_ONCE(ao_info->snd_sne);
decde258
DS		 1188 key.type = TCP_KEY_AO;
1189#else
1190 if (0) {
1191#endif
1192#ifdef CONFIG_TCP_MD5SIG
1193 } else if (static_branch_unlikely(&tcp_md5_needed.key)) {
1194 key.md5_key = tcp_twsk_md5_key(tcptw);
1195 if (key.md5_key)
1196 key.type = TCP_KEY_MD5;
1197#endif
1198 }
1da177e4 1199
0f85feae 1200 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
8feaf0c0 1201 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
16cf6477 1202 tcp_tw_tsval(tcptw),
decde258 1203 tcptw->tw_ts_recent, tw->tw_bound_dev_if, &key,
aa51b80e
ED		 1204 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel), tw->tw_priority,
1205 tw->tw_txhash);
1da177e4 1206
decde258
DS		 1207#ifdef CONFIG_TCP_AO
1208out:
1209#endif
8feaf0c0 1210 inet_twsk_put(tw);
1da177e4
LT		 1211}
1212
a00e7444 1213static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
6edafaaf 1214 struct request_sock *req)
1da177e4 1215{
decde258
DS		 1216 struct tcp_key key = {};
1217
06b22ef2 1218#ifdef CONFIG_TCP_AO
67fa83f7
DS		 1219 if (static_branch_unlikely(&tcp_ao_needed.key) &&
1220 tcp_rsk_used_ao(req)) {
06b22ef2
DS		 1221 const struct in6_addr *addr = &ipv6_hdr(skb)->saddr;
1222 const struct tcp_ao_hdr *aoh;
1223 int l3index;
1224
1225 l3index = tcp_v6_sdif(skb) ? tcp_v6_iif_l3_slave(skb) : 0;
1226 /* Invalid TCP option size or twice included auth */
1227 if (tcp_parse_auth_options(tcp_hdr(skb), NULL, &aoh))
1228 return;
1229 if (!aoh)
1230 return;
248411b8
DS		 1231 key.ao_key = tcp_ao_do_lookup(sk, l3index,
1232 (union tcp_ao_addr *)addr,
1233 AF_INET6, aoh->rnext_keyid, -1);
06b22ef2
DS		 1234 if (unlikely(!key.ao_key)) {
1235 /* Send ACK with any matching MKT for the peer */
248411b8
DS		 1236 key.ao_key = tcp_ao_do_lookup(sk, l3index,
1237 (union tcp_ao_addr *)addr,
1238 AF_INET6, -1, -1);
06b22ef2
DS		 1239 /* Matching key disappeared (user removed the key?)
1240 * let the handshake timeout.
1241 */
1242 if (!key.ao_key) {
1243 net_info_ratelimited("TCP-AO key for (%pI6, %d)->(%pI6, %d) suddenly disappeared, won't ACK new connection\n",
1244 addr,
1245 ntohs(tcp_hdr(skb)->source),
1246 &ipv6_hdr(skb)->daddr,
1247 ntohs(tcp_hdr(skb)->dest));
1248 return;
1249 }
1250 }
1251 key.traffic_key = kmalloc(tcp_ao_digest_size(key.ao_key), GFP_ATOMIC);
1252 if (!key.traffic_key)
1253 return;
1254
1255 key.type = TCP_KEY_AO;
1256 key.rcv_next = aoh->keyid;
1257 tcp_v6_ao_calc_key_rsk(key.ao_key, key.traffic_key, req);
1258#else
1259 if (0) {
1260#endif
decde258 1261#ifdef CONFIG_TCP_MD5SIG
06b22ef2 1262 } else if (static_branch_unlikely(&tcp_md5_needed.key)) {
decde258 1263 int l3index = tcp_v6_sdif(skb) ? tcp_v6_iif_l3_slave(skb) : 0;
dea53bb8 1264
decde258
DS		 1265 key.md5_key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr,
1266 l3index);
1267 if (key.md5_key)
1268 key.type = TCP_KEY_MD5;
decde258 1269#endif
06b22ef2 1270 }
dea53bb8 1271
3a19ce0e
DL		 1272 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
1273 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
1274 */
0f85feae 1275 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
3a19ce0e 1276 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
20a2b49f 1277 tcp_rsk(req)->rcv_nxt,
f4dca95f 1278 tcp_synack_window(req) >> inet_rsk(req)->rcv_wscale,
16cf6477 1279 tcp_rsk_tsval(tcp_rsk(req)),
eba20811 1280 READ_ONCE(req->ts_recent), sk->sk_bound_dev_if,
decde258 1281 &key, ipv6_get_dsfield(ipv6_hdr(skb)), 0,
8bf43be7 1282 READ_ONCE(sk->sk_priority),
5e526552 1283 READ_ONCE(tcp_rsk(req)->txhash));
06b22ef2
DS		 1284 if (tcp_key_is_ao(&key))
1285 kfree(key.traffic_key);
1da177e4
LT		 1286}
1287
1288
079096f1 1289static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
1da177e4 1290{
079096f1 1291#ifdef CONFIG_SYN_COOKIES
aa8223c7 1292 const struct tcphdr *th = tcp_hdr(skb);
1da177e4 1293
af9b4738 1294 if (!th->syn)
c6aefafb 1295 sk = cookie_v6_check(sk, skb);
1da177e4
LT		 1296#endif
1297 return sk;
1298}
1299
9349d600
PP		 1300u16 tcp_v6_get_syncookie(struct sock *sk, struct ipv6hdr *iph,
1301 struct tcphdr *th, u32 *cookie)
1302{
1303 u16 mss = 0;
1304#ifdef CONFIG_SYN_COOKIES
1305 mss = tcp_get_syncookie_mss(&tcp6_request_sock_ops,
1306 &tcp_request_sock_ipv6_ops, sk, th);
1307 if (mss) {
1308 *cookie = __cookie_v6_init_sequence(iph, th, &mss);
1309 tcp_synq_overflow(sk);
1310 }
1311#endif
1312 return mss;
1313}
1314
1da177e4
LT		 1315static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1316{
1da177e4
LT		 1317 if (skb->protocol == htons(ETH_P_IP))
1318 return tcp_v4_conn_request(sk, skb);
1319
1320 if (!ipv6_unicast_destination(skb))
1ab1457c 1321 goto drop;
1da177e4 1322
dcc32f4f
JK		 1323 if (ipv6_addr_v4mapped(&ipv6_hdr(skb)->saddr)) {
1324 __IP6_INC_STATS(sock_net(sk), NULL, IPSTATS_MIB_INHDRERRORS);
1325 return 0;
1326 }
1327
1fb6f159
OP		 1328 return tcp_conn_request(&tcp6_request_sock_ops,
1329 &tcp_request_sock_ipv6_ops, sk, skb);
1da177e4
LT		 1330
1331drop:
9caad864 1332 tcp_listendrop(sk);
1da177e4
LT		 1333 return 0; /* don't send reset */
1334}
1335
ebf6c9cb
ED		 1336static void tcp_v6_restore_cb(struct sk_buff *skb)
1337{
1338 /* We need to move header back to the beginning if xfrm6_policy_check()
1339 * and tcp_v6_fill_cb() are going to be called again.
1340 * ip6_datagram_recv_specific_ctl() also expects IP6CB to be there.
1341 */
1342 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1343 sizeof(struct inet6_skb_parm));
1344}
1345
0c27171e 1346static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
4c99aa40 1347 struct request_sock *req,
5e0724d0
ED		 1348 struct dst_entry *dst,
1349 struct request_sock *req_unhash,
1350 bool *own_req)
1da177e4 1351{
634fb979 1352 struct inet_request_sock *ireq;
0c27171e 1353 struct ipv6_pinfo *newnp;
93a77c11 1354 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
45f6fad8 1355 struct ipv6_txoptions *opt;
1da177e4 1356 struct inet_sock *newinet;
01770a16 1357 bool found_dup_sk = false;
1da177e4
LT		 1358 struct tcp_sock *newtp;
1359 struct sock *newsk;
cfb6eeb4
YH		 1360#ifdef CONFIG_TCP_MD5SIG
1361 struct tcp_md5sig_key *key;
dea53bb8 1362 int l3index;
cfb6eeb4 1363#endif
3840a06e 1364 struct flowi6 fl6;
1da177e4
LT		 1365
1366 if (skb->protocol == htons(ETH_P_IP)) {
1367 /*
1368 * v6 mapped
1369 */
1370
5e0724d0
ED		 1371 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1372 req_unhash, own_req);
1da177e4 1373
63159f29 1374 if (!newsk)
1da177e4
LT		 1375 return NULL;
1376
93a77c11 1377 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1da177e4 1378
93a77c11 1379 newnp = tcp_inet6_sk(newsk);
1da177e4
LT		 1380 newtp = tcp_sk(newsk);
1381
1382 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1383
d1e559d0 1384 newnp->saddr = newsk->sk_v6_rcv_saddr;
1da177e4 1385
8292a17a 1386 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
cec37a6e 1387 if (sk_is_mptcp(newsk))
31484d56 1388 mptcpv6_handle_mapped(newsk, true);
1da177e4 1389 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
4954f17d 1390#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO)
cfb6eeb4
YH		 1391 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1392#endif
1393
83eaddab 1394 newnp->ipv6_mc_list = NULL;
676a1184
YZ		 1395 newnp->ipv6_ac_list = NULL;
1396 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1397 newnp->pktoptions = NULL;
1398 newnp->opt = NULL;
89e41309
ED		 1399 newnp->mcast_oif = inet_iif(skb);
1400 newnp->mcast_hops = ip_hdr(skb)->ttl;
1401 newnp->rcv_flowinfo = 0;
3cccda8d 1402 if (inet6_test_bit(REPFLOW, sk))
89e41309 1403 newnp->flow_label = 0;
1da177e4 1404
e6848976
ACM		 1405 /*
1406 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1407 * here, tcp_create_openreq_child now does this for us, see the comment in
1408 * that function for the gory details. -acme
1da177e4 1409 */
1da177e4
LT		 1410
1411 /* It is tricky place. Until this moment IPv4 tcp
8292a17a 1412 worked with IPv6 icsk.icsk_af_ops.
1da177e4
LT		 1413 Sync it now.
1414 */
d83d8461 1415 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1da177e4
LT		 1416
1417 return newsk;
1418 }
1419
634fb979 1420 ireq = inet_rsk(req);
1da177e4
LT		 1421
1422 if (sk_acceptq_is_full(sk))
1423 goto out_overflow;
1424
493f377d 1425 if (!dst) {
f76b33c3 1426 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
493f377d 1427 if (!dst)
1da177e4 1428 goto out;
1ab1457c 1429 }
1da177e4
LT		 1430
1431 newsk = tcp_create_openreq_child(sk, req, skb);
63159f29 1432 if (!newsk)
093d2823 1433 goto out_nonewsk;
1da177e4 1434
e6848976
ACM		 1435 /*
1436 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1437 * count here, tcp_create_openreq_child now does this for us, see the
1438 * comment in that function for the gory details. -acme
1439 */
1da177e4 1440
59eed279 1441 newsk->sk_gso_type = SKB_GSO_TCPV6;
6bd4f355 1442 ip6_dst_store(newsk, dst, NULL, NULL);
fae6ef87 1443 inet6_sk_rx_dst_set(newsk, skb);
1da177e4 1444
93a77c11 1445 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1da177e4
LT		 1446
1447 newtp = tcp_sk(newsk);
1448 newinet = inet_sk(newsk);
93a77c11 1449 newnp = tcp_inet6_sk(newsk);
1da177e4
LT		 1450
1451 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1452
634fb979
ED		 1453 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1454 newnp->saddr = ireq->ir_v6_loc_addr;
1455 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1456 newsk->sk_bound_dev_if = ireq->ir_iif;
1da177e4 1457
1ab1457c 1458 /* Now IPv6 options...
1da177e4
LT		 1459
1460 First: no IPv4 options.
1461 */
f6d8bd05 1462 newinet->inet_opt = NULL;
83eaddab 1463 newnp->ipv6_mc_list = NULL;
676a1184 1464 newnp->ipv6_ac_list = NULL;
d35690be 1465 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1466
1467 /* Clone RX bits */
1468 newnp->rxopt.all = np->rxopt.all;
1469
1da177e4 1470 newnp->pktoptions = NULL;
1da177e4 1471 newnp->opt = NULL;
870c3151 1472 newnp->mcast_oif = tcp_v6_iif(skb);
0660e03f 1473 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1397ed35 1474 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
3cccda8d 1475 if (inet6_test_bit(REPFLOW, sk))
df3687ff 1476 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1da177e4 1477
8ef44b6f
WW		 1478 /* Set ToS of the new socket based upon the value of incoming SYN.
1479 * ECT bits are set later in tcp_init_transfer().
1480 */
870e3a63 1481 if (READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_reflect_tos))
ac8f1710
WW		 1482 newnp->tclass = tcp_rsk(req)->syn_tos & ~INET_ECN_MASK;
1483
1da177e4
LT		 1484 /* Clone native IPv6 options from listening socket (if any)
1485
1486 Yes, keeping reference count would be much more clever,
1487 but we make one more one thing there: reattach optmem
1488 to newsk.
1489 */
56ac42bc
HD		 1490 opt = ireq->ipv6_opt;
1491 if (!opt)
1492 opt = rcu_dereference(np->opt);
45f6fad8
ED		 1493 if (opt) {
1494 opt = ipv6_dup_options(newsk, opt);
1495 RCU_INIT_POINTER(newnp->opt, opt);
1496 }
d83d8461 1497 inet_csk(newsk)->icsk_ext_hdr_len = 0;
45f6fad8
ED		 1498 if (opt)
1499 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1500 opt->opt_flen;
1da177e4 1501
81164413
DB		 1502 tcp_ca_openreq_child(newsk, dst);
1503
1da177e4 1504 tcp_sync_mss(newsk, dst_mtu(dst));
3541f9e8 1505 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
d135c522 1506
1da177e4
LT		 1507 tcp_initialize_rcv_mss(newsk);
1508
c720c7e8
ED		 1509 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1510 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 1511
cfb6eeb4 1512#ifdef CONFIG_TCP_MD5SIG
dea53bb8
DA		 1513 l3index = l3mdev_master_ifindex_by_index(sock_net(sk), ireq->ir_iif);
1514
06b22ef2
DS		 1515 if (!tcp_rsk_used_ao(req)) {
1516 /* Copy over the MD5 key from the original socket */
1517 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr, l3index);
1518 if (key) {
1519 const union tcp_md5_addr *addr;
1520
1521 addr = (union tcp_md5_addr *)&newsk->sk_v6_daddr;
1522 if (tcp_md5_key_copy(newsk, addr, AF_INET6, 128, l3index, key)) {
1523 inet_csk_prepare_forced_close(newsk);
1524 tcp_done(newsk);
1525 goto out;
1526 }
b389d1af 1527 }
cfb6eeb4
YH		 1528 }
1529#endif
06b22ef2
DS		 1530#ifdef CONFIG_TCP_AO
1531 /* Copy over tcp_ao_info if any */
1532 if (tcp_ao_copy_all_matching(sk, newsk, req, skb, AF_INET6))
1533 goto out; /* OOM */
1534#endif
cfb6eeb4 1535
093d2823 1536 if (__inet_inherit_port(sk, newsk) < 0) {
e337e24d
CP		 1537 inet_csk_prepare_forced_close(newsk);
1538 tcp_done(newsk);
093d2823
BS		 1539 goto out;
1540 }
01770a16
RD		 1541 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash),
1542 &found_dup_sk);
805c4bc0 1543 if (*own_req) {
49a496c9 1544 tcp_move_syn(newtp, req);
805c4bc0
ED		 1545
1546 /* Clone pktoptions received with SYN, if we own the req */
1547 if (ireq->pktopts) {
ca43ccf4 1548 newnp->pktoptions = skb_clone_and_charge_r(ireq->pktopts, newsk);
805c4bc0
ED		 1549 consume_skb(ireq->pktopts);
1550 ireq->pktopts = NULL;
ca43ccf4 1551 if (newnp->pktoptions)
ebf6c9cb 1552 tcp_v6_restore_cb(newnp->pktoptions);
805c4bc0 1553 }
01770a16
RD		 1554 } else {
1555 if (!req_unhash && found_dup_sk) {
1556 /* This code path should only be executed in the
1557 * syncookie case only
1558 */
1559 bh_unlock_sock(newsk);
1560 sock_put(newsk);
1561 newsk = NULL;
1562 }
ce105008 1563 }
1da177e4
LT		 1564
1565 return newsk;
1566
1567out_overflow:
02a1d6e7 1568 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
093d2823 1569out_nonewsk:
1da177e4 1570 dst_release(dst);
093d2823 1571out:
9caad864 1572 tcp_listendrop(sk);
1da177e4
LT		 1573 return NULL;
1574}
1575
bbd807df
BV		 1576INDIRECT_CALLABLE_DECLARE(struct dst_entry *ipv4_dst_check(struct dst_entry *,
1577 u32));
1da177e4 1578/* The socket must have it's spinlock held when we get
e994b2f0 1579 * here, unless it is a TCP_LISTEN socket.
1da177e4
LT		 1580 *
1581 * We have a potential double-lock case here, so even when
1582 * doing backlog processing we use the BH locking scheme.
1583 * This is because we cannot sleep with the original spinlock
1584 * held.
1585 */
d2489c7b
ED		 1586INDIRECT_CALLABLE_SCOPE
1587int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1da177e4 1588{
93a77c11 1589 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1da177e4 1590 struct sk_buff *opt_skb = NULL;
8eba65fa 1591 enum skb_drop_reason reason;
93a77c11 1592 struct tcp_sock *tp;
1da177e4
LT		 1593
1594 /* Imagine: socket is IPv6. IPv4 packet arrives,
1595 goes to IPv4 receive handler and backlogged.
1596 From backlog it always goes here. Kerboom...
1597 Fortunately, tcp_rcv_established and rcv_established
1598 handle them correctly, but it is not case with
1599 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1600 */
1601
1602 if (skb->protocol == htons(ETH_P_IP))
1603 return tcp_v4_do_rcv(sk, skb);
1604
1da177e4
LT		 1605 /*
1606 * socket locking is here for SMP purposes as backlog rcv
1607 * is currently called with bh processing disabled.
1608 */
1609
1610 /* Do Stevens' IPV6_PKTOPTIONS.
1611
1612 Yes, guys, it is the only place in our code, where we
1613 may make it not affecting IPv4.
1614 The rest of code is protocol independent,
1615 and I do not like idea to uglify IPv4.
1616
1617 Actually, all the idea behind IPV6_PKTOPTIONS
1618 looks not very well thought. For now we latch
1619 options, received in the last packet, enqueued
1620 by tcp. Feel free to propose better solution.
1ab1457c 1621 --ANK (980728)
1da177e4
LT		 1622 */
1623 if (np->rxopt.all)
ca43ccf4 1624 opt_skb = skb_clone_and_charge_r(skb, sk);
1da177e4
LT		 1625
1626 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
8f905c0e
ED		 1627 struct dst_entry *dst;
1628
1629 dst = rcu_dereference_protected(sk->sk_rx_dst,
1630 lockdep_sock_is_held(sk));
5d299f3d 1631
bdeab991 1632 sock_rps_save_rxhash(sk, skb);
3d97379a 1633 sk_mark_napi_id(sk, skb);
5d299f3d 1634 if (dst) {
0c0a5ef8 1635 if (sk->sk_rx_dst_ifindex != skb->skb_iif ||
bbd807df 1636 INDIRECT_CALL_1(dst->ops->check, ip6_dst_check,
ef57c161 1637 dst, sk->sk_rx_dst_cookie) == NULL) {
8f905c0e 1638 RCU_INIT_POINTER(sk->sk_rx_dst, NULL);
5d299f3d 1639 dst_release(dst);
5d299f3d
ED		 1640 }
1641 }
1642
3d97d88e 1643 tcp_rcv_established(sk, skb);
1da177e4
LT		 1644 if (opt_skb)
1645 goto ipv6_pktoptions;
1646 return 0;
1647 }
1648
12e25e10 1649 if (tcp_checksum_complete(skb))
1da177e4
LT		 1650 goto csum_err;
1651
1ab1457c 1652 if (sk->sk_state == TCP_LISTEN) {
079096f1
ED		 1653 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1654
4c99aa40 1655 if (nsk != sk) {
ee01defe
JX		 1656 if (nsk) {
1657 reason = tcp_child_process(sk, nsk, skb);
1658 if (reason)
1659 goto reset;
1660 }
1da177e4
LT		 1661 if (opt_skb)
1662 __kfree_skb(opt_skb);
1663 return 0;
1664 }
47482f13 1665 } else
bdeab991 1666 sock_rps_save_rxhash(sk, skb);
1da177e4 1667
b9825695
JX		 1668 reason = tcp_rcv_state_process(sk, skb);
1669 if (reason)
1da177e4 1670 goto reset;
1da177e4
LT		 1671 if (opt_skb)
1672 goto ipv6_pktoptions;
1673 return 0;
1674
1675reset:
120391ef 1676 tcp_v6_send_reset(sk, skb, sk_rst_convert_drop_reason(reason));
1da177e4
LT		 1677discard:
1678 if (opt_skb)
1679 __kfree_skb(opt_skb);
8eba65fa 1680 kfree_skb_reason(skb, reason);
1da177e4
LT		 1681 return 0;
1682csum_err:
8eba65fa 1683 reason = SKB_DROP_REASON_TCP_CSUM;
709c0314 1684 trace_tcp_bad_csum(skb);
c10d9310
ED		 1685 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1686 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1da177e4
LT		 1687 goto discard;
1688
1689
1690ipv6_pktoptions:
1691 /* Do you ask, what is it?
1692
1693 1. skb was enqueued by tcp.
1694 2. skb is added to tail of read queue, rather than out of order.
1695 3. socket is not in passive state.
1696 4. Finally, it really contains options, which user wants to receive.
1697 */
1698 tp = tcp_sk(sk);
1699 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1700 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
333fad53 1701 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
d2f011a0 1702 WRITE_ONCE(np->mcast_oif, tcp_v6_iif(opt_skb));
333fad53 1703 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
2da23eb0
ED		 1704 WRITE_ONCE(np->mcast_hops,
1705 ipv6_hdr(opt_skb)->hop_limit);
82e9f105 1706 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1397ed35 1707 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
3cccda8d 1708 if (inet6_test_bit(REPFLOW, sk))
df3687ff 1709 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
a224772d 1710 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
8ce48623 1711 tcp_v6_restore_cb(opt_skb);
1da177e4
LT		 1712 opt_skb = xchg(&np->pktoptions, opt_skb);
1713 } else {
1714 __kfree_skb(opt_skb);
1715 opt_skb = xchg(&np->pktoptions, NULL);
1716 }
1717 }
1718
12c8691d 1719 consume_skb(opt_skb);
1da177e4
LT		 1720 return 0;
1721}
1722
2dc49d16
ND		 1723static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1724 const struct tcphdr *th)
1725{
1726 /* This is tricky: we move IP6CB at its correct location into
1727 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1728 * _decode_session6() uses IP6CB().
1729 * barrier() makes sure compiler won't play aliasing games.
1730 */
1731 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1732 sizeof(struct inet6_skb_parm));
1733 barrier();
1734
1735 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1736 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1737 skb->len - th->doff*4);
1738 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1739 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
2dc49d16
ND		 1740 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1741 TCP_SKB_CB(skb)->sacked = 0;
98aaa913
MM		 1742 TCP_SKB_CB(skb)->has_rxtstamp =
1743 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
2dc49d16
ND		 1744}
1745
0e219ae4 1746INDIRECT_CALLABLE_SCOPE int tcp_v6_rcv(struct sk_buff *skb)
1da177e4 1747{
c0e3154d 1748 enum skb_drop_reason drop_reason;
4297a0ef 1749 int sdif = inet6_sdif(skb);
d14c77e0 1750 int dif = inet6_iif(skb);
cf533ea5 1751 const struct tcphdr *th;
b71d1d42 1752 const struct ipv6hdr *hdr;
3b24d854 1753 bool refcounted;
1da177e4
LT		 1754 struct sock *sk;
1755 int ret;
41eecbd7 1756 u32 isn;
a86b1e30 1757 struct net *net = dev_net(skb->dev);
1da177e4 1758
c0e3154d 1759 drop_reason = SKB_DROP_REASON_NOT_SPECIFIED;
1da177e4
LT		 1760 if (skb->pkt_type != PACKET_HOST)
1761 goto discard_it;
1762
1763 /*
1764 * Count it even if it's bad.
1765 */
90bbcc60 1766 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1da177e4
LT		 1767
1768 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1769 goto discard_it;
1770
ea1627c2 1771 th = (const struct tcphdr *)skb->data;
1da177e4 1772
c0e3154d
MD		 1773 if (unlikely(th->doff < sizeof(struct tcphdr) / 4)) {
1774 drop_reason = SKB_DROP_REASON_PKT_TOO_SMALL;
1da177e4 1775 goto bad_packet;
c0e3154d 1776 }
1da177e4
LT		 1777 if (!pskb_may_pull(skb, th->doff*4))
1778 goto discard_it;
1779
e4f45b7f 1780 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
6a5dc9e5 1781 goto csum_error;
1da177e4 1782
ea1627c2 1783 th = (const struct tcphdr *)skb->data;
e802af9c 1784 hdr = ipv6_hdr(skb);
1da177e4 1785
4bdc3d66 1786lookup:
4461568a 1787 sk = __inet6_lookup_skb(net->ipv4.tcp_death_row.hashinfo, skb, __tcp_hdrlen(th),
4297a0ef 1788 th->source, th->dest, inet6_iif(skb), sdif,
3b24d854 1789 &refcounted);
1da177e4
LT		 1790 if (!sk)
1791 goto no_tcp_socket;
1792
1da177e4
LT		 1793 if (sk->sk_state == TCP_TIME_WAIT)
1794 goto do_time_wait;
1795
079096f1
ED		 1796 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1797 struct request_sock *req = inet_reqsk(sk);
e0f9759f 1798 bool req_stolen = false;
7716682c 1799 struct sock *nsk;
079096f1
ED		 1800
1801 sk = req->rsk_listener;
9593c7cb
IM		 1802 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1803 drop_reason = SKB_DROP_REASON_XFRM_POLICY;
1804 else
0a3a8090
DS		 1805 drop_reason = tcp_inbound_hash(sk, req, skb,
1806 &hdr->saddr, &hdr->daddr,
1807 AF_INET6, dif, sdif);
1330b6ef 1808 if (drop_reason) {
e65c332d 1809 sk_drops_add(sk, skb);
079096f1
ED		 1810 reqsk_put(req);
1811 goto discard_it;
1812 }
4fd44a98
FL		 1813 if (tcp_checksum_complete(skb)) {
1814 reqsk_put(req);
1815 goto csum_error;
1816 }
7716682c 1817 if (unlikely(sk->sk_state != TCP_LISTEN)) {
d4f2c86b
KI		 1818 nsk = reuseport_migrate_sock(sk, req_to_sk(req), skb);
1819 if (!nsk) {
1820 inet_csk_reqsk_queue_drop_and_put(sk, req);
1821 goto lookup;
1822 }
1823 sk = nsk;
1824 /* reuseport_migrate_sock() has already held one sk_refcnt
1825 * before returning.
1826 */
1827 } else {
1828 sock_hold(sk);
4bdc3d66 1829 }
3b24d854 1830 refcounted = true;
1f3b359f 1831 nsk = NULL;
eeea10b8
ED		 1832 if (!tcp_filter(sk, skb)) {
1833 th = (const struct tcphdr *)skb->data;
1834 hdr = ipv6_hdr(skb);
1835 tcp_v6_fill_cb(skb, hdr, th);
e0f9759f 1836 nsk = tcp_check_req(sk, skb, req, false, &req_stolen);
c0e3154d
MD		 1837 } else {
1838 drop_reason = SKB_DROP_REASON_SOCKET_FILTER;
eeea10b8 1839 }
079096f1
ED		 1840 if (!nsk) {
1841 reqsk_put(req);
e0f9759f
ED		 1842 if (req_stolen) {
1843 /* Another cpu got exclusive access to req
1844 * and created a full blown socket.
1845 * Try to feed this packet to this socket
1846 * instead of discarding it.
1847 */
1848 tcp_v6_restore_cb(skb);
1849 sock_put(sk);
1850 goto lookup;
1851 }
7716682c 1852 goto discard_and_relse;
079096f1 1853 }
9593c7cb 1854 nf_reset_ct(skb);
079096f1 1855 if (nsk == sk) {
079096f1
ED		 1856 reqsk_put(req);
1857 tcp_v6_restore_cb(skb);
079096f1 1858 } else {
ee01defe
JX		 1859 drop_reason = tcp_child_process(sk, nsk, skb);
1860 if (drop_reason) {
120391ef
JX		 1861 enum sk_rst_reason rst_reason;
1862
1863 rst_reason = sk_rst_convert_drop_reason(drop_reason);
1864 tcp_v6_send_reset(nsk, skb, rst_reason);
ee01defe
JX		 1865 goto discard_and_relse;
1866 }
7716682c 1867 sock_put(sk);
079096f1
ED		 1868 return 0;
1869 }
1870 }
790eb673 1871
d13b0596 1872process:
790eb673
ED		 1873 if (static_branch_unlikely(&ip6_min_hopcount)) {
1874 /* min_hopcount can be changed concurrently from do_ipv6_setsockopt() */
2798e36d 1875 if (unlikely(hdr->hop_limit < READ_ONCE(tcp_inet6_sk(sk)->min_hopcount))) {
790eb673 1876 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
2798e36d 1877 drop_reason = SKB_DROP_REASON_TCP_MINTTL;
790eb673
ED		 1878 goto discard_and_relse;
1879 }
e802af9c
SH		 1880 }
1881
c0e3154d
MD		 1882 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) {
1883 drop_reason = SKB_DROP_REASON_XFRM_POLICY;
1da177e4 1884 goto discard_and_relse;
c0e3154d 1885 }
1da177e4 1886
0a3a8090
DS		 1887 drop_reason = tcp_inbound_hash(sk, NULL, skb, &hdr->saddr, &hdr->daddr,
1888 AF_INET6, dif, sdif);
1330b6ef 1889 if (drop_reason)
9ea88a15 1890 goto discard_and_relse;
9ea88a15 1891
b0e214d2
MK		 1892 nf_reset_ct(skb);
1893
c0e3154d
MD		 1894 if (tcp_filter(sk, skb)) {
1895 drop_reason = SKB_DROP_REASON_SOCKET_FILTER;
1da177e4 1896 goto discard_and_relse;
c0e3154d 1897 }
ac6e7800
ED		 1898 th = (const struct tcphdr *)skb->data;
1899 hdr = ipv6_hdr(skb);
eeea10b8 1900 tcp_v6_fill_cb(skb, hdr, th);
1da177e4
LT		 1901
1902 skb->dev = NULL;
1903
e994b2f0
ED		 1904 if (sk->sk_state == TCP_LISTEN) {
1905 ret = tcp_v6_do_rcv(sk, skb);
1906 goto put_and_return;
1907 }
1908
1909 sk_incoming_cpu_update(sk);
1910
293b9c42 1911 bh_lock_sock_nested(sk);
a44d6eac 1912 tcp_segs_in(tcp_sk(sk), skb);
1da177e4
LT		 1913 ret = 0;
1914 if (!sock_owned_by_user(sk)) {
e7942d06 1915 ret = tcp_v6_do_rcv(sk, skb);
8b27dae5 1916 } else {
7a26dc9e 1917 if (tcp_add_backlog(sk, skb, &drop_reason))
8b27dae5 1918 goto discard_and_relse;
6b03a53a 1919 }
1da177e4 1920 bh_unlock_sock(sk);
e994b2f0 1921put_and_return:
3b24d854
ED		 1922 if (refcounted)
1923 sock_put(sk);
1da177e4
LT		 1924 return ret ? -1 : 0;
1925
1926no_tcp_socket:
c0e3154d 1927 drop_reason = SKB_DROP_REASON_NO_SOCKET;
1da177e4
LT		 1928 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1929 goto discard_it;
1930
2dc49d16
ND		 1931 tcp_v6_fill_cb(skb, hdr, th);
1932
12e25e10 1933 if (tcp_checksum_complete(skb)) {
6a5dc9e5 1934csum_error:
c0e3154d 1935 drop_reason = SKB_DROP_REASON_TCP_CSUM;
709c0314 1936 trace_tcp_bad_csum(skb);
90bbcc60 1937 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1da177e4 1938bad_packet:
90bbcc60 1939 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1da177e4 1940 } else {
120391ef 1941 tcp_v6_send_reset(NULL, skb, sk_rst_convert_drop_reason(drop_reason));
1da177e4
LT		 1942 }
1943
1944discard_it:
dc776924 1945 SKB_DR_OR(drop_reason, NOT_SPECIFIED);
c0e3154d 1946 kfree_skb_reason(skb, drop_reason);
1da177e4
LT		 1947 return 0;
1948
1949discard_and_relse:
532182cd 1950 sk_drops_add(sk, skb);
3b24d854
ED		 1951 if (refcounted)
1952 sock_put(sk);
1da177e4
LT		 1953 goto discard_it;
1954
1955do_time_wait:
1956 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
c0e3154d 1957 drop_reason = SKB_DROP_REASON_XFRM_POLICY;
9469c7b4 1958 inet_twsk_put(inet_twsk(sk));
1da177e4
LT		 1959 goto discard_it;
1960 }
1961
2dc49d16
ND		 1962 tcp_v6_fill_cb(skb, hdr, th);
1963
6a5dc9e5
ED		 1964 if (tcp_checksum_complete(skb)) {
1965 inet_twsk_put(inet_twsk(sk));
1966 goto csum_error;
1da177e4
LT		 1967 }
1968
41eecbd7 1969 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th, &isn)) {
1da177e4
LT		 1970 case TCP_TW_SYN:
1971 {
1972 struct sock *sk2;
1973
4461568a 1974 sk2 = inet6_lookup_listener(net, net->ipv4.tcp_death_row.hashinfo,
a583636a 1975 skb, __tcp_hdrlen(th),
5ba24953 1976 &ipv6_hdr(skb)->saddr, th->source,
0660e03f 1977 &ipv6_hdr(skb)->daddr,
24b711ed
DA		 1978 ntohs(th->dest),
1979 tcp_v6_iif_l3_slave(skb),
4297a0ef 1980 sdif);
53b24b8f 1981 if (sk2) {
295ff7ed 1982 struct inet_timewait_sock *tw = inet_twsk(sk);
dbe7faa4 1983 inet_twsk_deschedule_put(tw);
1da177e4 1984 sk = sk2;
4ad19de8 1985 tcp_v6_restore_cb(skb);
3b24d854 1986 refcounted = false;
41eecbd7 1987 __this_cpu_write(tcp_tw_isn, isn);
1da177e4
LT		 1988 goto process;
1989 }
1da177e4 1990 }
275757e6 1991 /* to ACK */
a8eceea8 1992 fallthrough;
1da177e4
LT		 1993 case TCP_TW_ACK:
1994 tcp_v6_timewait_ack(sk, skb);
1995 break;
1996 case TCP_TW_RST:
22a32557 1997 tcp_v6_send_reset(sk, skb, SK_RST_REASON_TCP_TIMEWAIT_SOCKET);
271c3b9b
FW		 1998 inet_twsk_deschedule_put(inet_twsk(sk));
1999 goto discard_it;
4aa956d8
WY		 2000 case TCP_TW_SUCCESS:
2001 ;
1da177e4
LT		 2002 }
2003 goto discard_it;
2004}
2005
11052589 2006void tcp_v6_early_demux(struct sk_buff *skb)
c7109986 2007{
4461568a 2008 struct net *net = dev_net(skb->dev);
c7109986
ED		 2009 const struct ipv6hdr *hdr;
2010 const struct tcphdr *th;
2011 struct sock *sk;
2012
2013 if (skb->pkt_type != PACKET_HOST)
2014 return;
2015
2016 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
2017 return;
2018
2019 hdr = ipv6_hdr(skb);
2020 th = tcp_hdr(skb);
2021
2022 if (th->doff < sizeof(struct tcphdr) / 4)
2023 return;
2024
870c3151 2025 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
4461568a 2026 sk = __inet6_lookup_established(net, net->ipv4.tcp_death_row.hashinfo,
c7109986
ED		 2027 &hdr->saddr, th->source,
2028 &hdr->daddr, ntohs(th->dest),
4297a0ef 2029 inet6_iif(skb), inet6_sdif(skb));
c7109986
ED		 2030 if (sk) {
2031 skb->sk = sk;
2032 skb->destructor = sock_edemux;
f7e4eb03 2033 if (sk_fullsock(sk)) {
8f905c0e 2034 struct dst_entry *dst = rcu_dereference(sk->sk_rx_dst);
f3f12135 2035
c7109986 2036 if (dst)
ef57c161 2037 dst = dst_check(dst, sk->sk_rx_dst_cookie);
c7109986 2038 if (dst &&
0c0a5ef8 2039 sk->sk_rx_dst_ifindex == skb->skb_iif)
c7109986
ED		 2040 skb_dst_set_noref(skb, dst);
2041 }
2042 }
2043}
2044
ccb7c410
DM		 2045static struct timewait_sock_ops tcp6_timewait_sock_ops = {
2046 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
4aa956d8 2047 .twsk_destructor = tcp_twsk_destructor,
ccb7c410
DM		 2048};
2049
dd2e0b86
ED		 2050INDIRECT_CALLABLE_SCOPE void tcp_v6_send_check(struct sock *sk, struct sk_buff *skb)
2051{
37354402 2052 __tcp_v6_send_check(skb, &sk->sk_v6_rcv_saddr, &sk->sk_v6_daddr);
dd2e0b86
ED		 2053}
2054
35b2c321 2055const struct inet_connection_sock_af_ops ipv6_specific = {
543d9cfe
ACM		 2056 .queue_xmit = inet6_csk_xmit,
2057 .send_check = tcp_v6_send_check,
2058 .rebuild_header = inet6_sk_rebuild_header,
5d299f3d 2059 .sk_rx_dst_set = inet6_sk_rx_dst_set,
543d9cfe
ACM		 2060 .conn_request = tcp_v6_conn_request,
2061 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe
ACM		 2062 .net_header_len = sizeof(struct ipv6hdr),
2063 .setsockopt = ipv6_setsockopt,
2064 .getsockopt = ipv6_getsockopt,
2065 .addr2sockaddr = inet6_csk_addr2sockaddr,
2066 .sockaddr_len = sizeof(struct sockaddr_in6),
4fab9071 2067 .mtu_reduced = tcp_v6_mtu_reduced,
1da177e4
LT		 2068};
2069
4954f17d 2070#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO)
b2e4b3de 2071static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
4954f17d 2072#ifdef CONFIG_TCP_MD5SIG
cfb6eeb4 2073 .md5_lookup = tcp_v6_md5_lookup,
49a72dfb 2074 .calc_md5_hash = tcp_v6_md5_hash_skb,
cfb6eeb4 2075 .md5_parse = tcp_v6_parse_md5_keys,
4954f17d
DS		 2076#endif
2077#ifdef CONFIG_TCP_AO
0aadc739 2078 .ao_lookup = tcp_v6_ao_lookup,
1e03d32b 2079 .calc_ao_hash = tcp_v6_ao_hash_skb,
4954f17d 2080 .ao_parse = tcp_v6_parse_ao,
7c2ffaf2 2081 .ao_calc_key_sk = tcp_v6_ao_calc_key_sk,
4954f17d 2082#endif
cfb6eeb4 2083};
a928630a 2084#endif
cfb6eeb4 2085
1da177e4
LT		 2086/*
2087 * TCP over IPv4 via INET6 API
2088 */
3b401a81 2089static const struct inet_connection_sock_af_ops ipv6_mapped = {
543d9cfe
ACM		 2090 .queue_xmit = ip_queue_xmit,
2091 .send_check = tcp_v4_send_check,
2092 .rebuild_header = inet_sk_rebuild_header,
63d02d15 2093 .sk_rx_dst_set = inet_sk_rx_dst_set,
543d9cfe
ACM		 2094 .conn_request = tcp_v6_conn_request,
2095 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe
ACM		 2096 .net_header_len = sizeof(struct iphdr),
2097 .setsockopt = ipv6_setsockopt,
2098 .getsockopt = ipv6_getsockopt,
2099 .addr2sockaddr = inet6_csk_addr2sockaddr,
2100 .sockaddr_len = sizeof(struct sockaddr_in6),
4fab9071 2101 .mtu_reduced = tcp_v4_mtu_reduced,
1da177e4
LT		 2102};
2103
4954f17d 2104#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO)
b2e4b3de 2105static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
4954f17d 2106#ifdef CONFIG_TCP_MD5SIG
cfb6eeb4 2107 .md5_lookup = tcp_v4_md5_lookup,
49a72dfb 2108 .calc_md5_hash = tcp_v4_md5_hash_skb,
cfb6eeb4 2109 .md5_parse = tcp_v6_parse_md5_keys,
4954f17d
DS		 2110#endif
2111#ifdef CONFIG_TCP_AO
0aadc739 2112 .ao_lookup = tcp_v6_ao_lookup,
1e03d32b 2113 .calc_ao_hash = tcp_v4_ao_hash_skb,
4954f17d 2114 .ao_parse = tcp_v6_parse_ao,
0a3a8090 2115 .ao_calc_key_sk = tcp_v4_ao_calc_key_sk,
4954f17d 2116#endif
cfb6eeb4 2117};
a928630a 2118#endif
cfb6eeb4 2119
1da177e4
LT		 2120/* NOTE: A lot of things set to zero explicitly by call to
2121 * sk_alloc() so need not be done here.
2122 */
2123static int tcp_v6_init_sock(struct sock *sk)
2124{
6687e988 2125 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4 2126
900f65d3 2127 tcp_init_sock(sk);
1da177e4 2128
8292a17a 2129 icsk->icsk_af_ops = &ipv6_specific;
1da177e4 2130
4954f17d 2131#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO)
ac807fa8 2132 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
cfb6eeb4
YH		 2133#endif
2134
1da177e4
LT		 2135 return 0;
2136}
2137
952a10be 2138#ifdef CONFIG_PROC_FS
1da177e4 2139/* Proc filesystem TCPv6 sock list dumping. */
1ab1457c 2140static void get_openreq6(struct seq_file *seq,
aa3a0c8c 2141 const struct request_sock *req, int i)
1da177e4 2142{
fa76ce73 2143 long ttd = req->rsk_timer.expires - jiffies;
634fb979
ED		 2144 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
2145 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1da177e4
LT		 2146
2147 if (ttd < 0)
2148 ttd = 0;
2149
1da177e4
LT		 2150 seq_printf(seq,
2151 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
d14c5ab6 2152 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1da177e4
LT		 2153 i,
2154 src->s6_addr32[0], src->s6_addr32[1],
2155 src->s6_addr32[2], src->s6_addr32[3],
b44084c2 2156 inet_rsk(req)->ir_num,
1da177e4
LT		 2157 dest->s6_addr32[0], dest->s6_addr32[1],
2158 dest->s6_addr32[2], dest->s6_addr32[3],
634fb979 2159 ntohs(inet_rsk(req)->ir_rmt_port),
1da177e4 2160 TCP_SYN_RECV,
4c99aa40 2161 0, 0, /* could print option size, but that is af dependent. */
1ab1457c
YH		 2162 1, /* timers active (only the expire timer) */
2163 jiffies_to_clock_t(ttd),
e6c022a4 2164 req->num_timeout,
aa3a0c8c
ED		 2165 from_kuid_munged(seq_user_ns(seq),
2166 sock_i_uid(req->rsk_listener)),
1ab1457c 2167 0, /* non standard timer */
1da177e4
LT		 2168 0, /* open_requests have no inode */
2169 0, req);
2170}
2171
2172static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
2173{
b71d1d42 2174 const struct in6_addr *dest, *src;
1da177e4
LT		 2175 __u16 destp, srcp;
2176 int timer_active;
2177 unsigned long timer_expires;
cf533ea5
ED		 2178 const struct inet_sock *inet = inet_sk(sp);
2179 const struct tcp_sock *tp = tcp_sk(sp);
463c84b9 2180 const struct inet_connection_sock *icsk = inet_csk(sp);
0536fcc0 2181 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
00fd38d9
ED		 2182 int rx_queue;
2183 int state;
1da177e4 2184
efe4208f
ED		 2185 dest = &sp->sk_v6_daddr;
2186 src = &sp->sk_v6_rcv_saddr;
c720c7e8
ED		 2187 destp = ntohs(inet->inet_dport);
2188 srcp = ntohs(inet->inet_sport);
463c84b9 2189
ce3cf4ec 2190 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
57dde7f7 2191 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
ce3cf4ec 2192 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
1da177e4 2193 timer_active = 1;
463c84b9
ACM		 2194 timer_expires = icsk->icsk_timeout;
2195 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1da177e4 2196 timer_active = 4;
463c84b9 2197 timer_expires = icsk->icsk_timeout;
1da177e4
LT		 2198 } else if (timer_pending(&sp->sk_timer)) {
2199 timer_active = 2;
2200 timer_expires = sp->sk_timer.expires;
2201 } else {
2202 timer_active = 0;
2203 timer_expires = jiffies;
2204 }
2205
986ffdfd 2206 state = inet_sk_state_load(sp);
00fd38d9 2207 if (state == TCP_LISTEN)
288efe86 2208 rx_queue = READ_ONCE(sp->sk_ack_backlog);
00fd38d9
ED		 2209 else
2210 /* Because we don't lock the socket,
2211 * we might find a transient negative value.
2212 */
dba7d9b8 2213 rx_queue = max_t(int, READ_ONCE(tp->rcv_nxt) -
7db48e98 2214 READ_ONCE(tp->copied_seq), 0);
00fd38d9 2215
1da177e4
LT		 2216 seq_printf(seq,
2217 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
d14c5ab6 2218 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1da177e4
LT		 2219 i,
2220 src->s6_addr32[0], src->s6_addr32[1],
2221 src->s6_addr32[2], src->s6_addr32[3], srcp,
2222 dest->s6_addr32[0], dest->s6_addr32[1],
2223 dest->s6_addr32[2], dest->s6_addr32[3], destp,
00fd38d9 2224 state,
0f317464 2225 READ_ONCE(tp->write_seq) - tp->snd_una,
00fd38d9 2226 rx_queue,
1da177e4 2227 timer_active,
a399a805 2228 jiffies_delta_to_clock_t(timer_expires - jiffies),
463c84b9 2229 icsk->icsk_retransmits,
a7cb5a49 2230 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
6687e988 2231 icsk->icsk_probes_out,
1da177e4 2232 sock_i_ino(sp),
41c6d650 2233 refcount_read(&sp->sk_refcnt), sp,
7be87351
SH		 2234 jiffies_to_clock_t(icsk->icsk_rto),
2235 jiffies_to_clock_t(icsk->icsk_ack.ato),
31954cd8 2236 (icsk->icsk_ack.quick << 1) | inet_csk_in_pingpong_mode(sp),
40570375 2237 tcp_snd_cwnd(tp),
00fd38d9 2238 state == TCP_LISTEN ?
0536fcc0 2239 fastopenq->max_qlen :
0a672f74 2240 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1da177e4
LT		 2241 );
2242}
2243
1ab1457c 2244static void get_timewait6_sock(struct seq_file *seq,
8feaf0c0 2245 struct inet_timewait_sock *tw, int i)
1da177e4 2246{
789f558c 2247 long delta = tw->tw_timer.expires - jiffies;
b71d1d42 2248 const struct in6_addr *dest, *src;
1da177e4 2249 __u16 destp, srcp;
1da177e4 2250
efe4208f
ED		 2251 dest = &tw->tw_v6_daddr;
2252 src = &tw->tw_v6_rcv_saddr;
1da177e4
LT		 2253 destp = ntohs(tw->tw_dport);
2254 srcp = ntohs(tw->tw_sport);
2255
2256 seq_printf(seq,
2257 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
71338aa7 2258 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1da177e4
LT		 2259 i,
2260 src->s6_addr32[0], src->s6_addr32[1],
2261 src->s6_addr32[2], src->s6_addr32[3], srcp,
2262 dest->s6_addr32[0], dest->s6_addr32[1],
2263 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2264 tw->tw_substate, 0, 0,
a399a805 2265 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
41c6d650 2266 refcount_read(&tw->tw_refcnt), tw);
1da177e4
LT		 2267}
2268
1da177e4
LT		 2269static int tcp6_seq_show(struct seq_file *seq, void *v)
2270{
2271 struct tcp_iter_state *st;
05dbc7b5 2272 struct sock *sk = v;
1da177e4
LT		 2273
2274 if (v == SEQ_START_TOKEN) {
2275 seq_puts(seq,
2276 " sl "
2277 "local_address "
2278 "remote_address "
2279 "st tx_queue rx_queue tr tm->when retrnsmt"
2280 " uid timeout inode\n");
2281 goto out;
2282 }
2283 st = seq->private;
2284
079096f1
ED		 2285 if (sk->sk_state == TCP_TIME_WAIT)
2286 get_timewait6_sock(seq, v, st->num);
2287 else if (sk->sk_state == TCP_NEW_SYN_RECV)
aa3a0c8c 2288 get_openreq6(seq, v, st->num);
079096f1
ED		 2289 else
2290 get_tcp6_sock(seq, v, st->num);
1da177e4
LT		 2291out:
2292 return 0;
2293}
2294
37d849bb
CH		 2295static const struct seq_operations tcp6_seq_ops = {
2296 .show = tcp6_seq_show,
2297 .start = tcp_seq_start,
2298 .next = tcp_seq_next,
2299 .stop = tcp_seq_stop,
2300};
2301
1da177e4 2302static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1da177e4 2303 .family = AF_INET6,
1da177e4
LT		 2304};
2305
2c8c1e72 2306int __net_init tcp6_proc_init(struct net *net)
1da177e4 2307{
c3506372
CH		 2308 if (!proc_create_net_data("tcp6", 0444, net->proc_net, &tcp6_seq_ops,
2309 sizeof(struct tcp_iter_state), &tcp6_seq_afinfo))
37d849bb
CH		 2310 return -ENOMEM;
2311 return 0;
1da177e4
LT		 2312}
2313
6f8b13bc 2314void tcp6_proc_exit(struct net *net)
1da177e4 2315{
37d849bb 2316 remove_proc_entry("tcp6", net->proc_net);
1da177e4
LT		 2317}
2318#endif
2319
2320struct proto tcpv6_prot = {
2321 .name = "TCPv6",
2322 .owner = THIS_MODULE,
2323 .close = tcp_close,
d74bad4e 2324 .pre_connect = tcp_v6_pre_connect,
1da177e4
LT		 2325 .connect = tcp_v6_connect,
2326 .disconnect = tcp_disconnect,
463c84b9 2327 .accept = inet_csk_accept,
1da177e4
LT		 2328 .ioctl = tcp_ioctl,
2329 .init = tcp_v6_init_sock,
b5fc2923 2330 .destroy = tcp_v4_destroy_sock,
1da177e4
LT		 2331 .shutdown = tcp_shutdown,
2332 .setsockopt = tcp_setsockopt,
2333 .getsockopt = tcp_getsockopt,
9cacf81f 2334 .bpf_bypass_getsockopt = tcp_bpf_bypass_getsockopt,
4b9d07a4 2335 .keepalive = tcp_set_keepalive,
1da177e4 2336 .recvmsg = tcp_recvmsg,
7ba42910 2337 .sendmsg = tcp_sendmsg,
1d7e4538 2338 .splice_eof = tcp_splice_eof,
1da177e4 2339 .backlog_rcv = tcp_v6_do_rcv,
46d3ceab 2340 .release_cb = tcp_release_cb,
496611d7 2341 .hash = inet6_hash,
ab1e0a13
ACM		 2342 .unhash = inet_unhash,
2343 .get_port = inet_csk_get_port,
91a760b2 2344 .put_port = inet_put_port,
8a59f9d1
CW		 2345#ifdef CONFIG_BPF_SYSCALL
2346 .psock_update_sk_prot = tcp_bpf_update_proto,
2347#endif
1da177e4 2348 .enter_memory_pressure = tcp_enter_memory_pressure,
06044751 2349 .leave_memory_pressure = tcp_leave_memory_pressure,
c9bee3b7 2350 .stream_memory_free = tcp_stream_memory_free,
1da177e4 2351 .sockets_allocated = &tcp_sockets_allocated,
0defbb0a 2352
1da177e4 2353 .memory_allocated = &tcp_memory_allocated,
0defbb0a
ED		 2354 .per_cpu_fw_alloc = &tcp_memory_per_cpu_fw_alloc,
2355
1da177e4 2356 .memory_pressure = &tcp_memory_pressure,
0a5578cf 2357 .orphan_count = &tcp_orphan_count,
a4fe34bf 2358 .sysctl_mem = sysctl_tcp_mem,
356d1833
ED		 2359 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
2360 .sysctl_rmem_offset = offsetof(struct net, ipv4.sysctl_tcp_rmem),
1da177e4
LT		 2361 .max_header = MAX_TCP_HEADER,
2362 .obj_size = sizeof(struct tcp6_sock),
f5f80e32 2363 .ipv6_pinfo_offset = offsetof(struct tcp6_sock, inet6),
5f0d5a3a 2364 .slab_flags = SLAB_TYPESAFE_BY_RCU,
6d6ee43e 2365 .twsk_prot = &tcp6_timewait_sock_ops,
60236fdd 2366 .rsk_prot = &tcp6_request_sock_ops,
429e42c1 2367 .h.hashinfo = NULL,
7ba42910 2368 .no_autobind = true,
c1e64e29 2369 .diag_destroy = tcp_abort,
1da177e4 2370};
6abde0b2 2371EXPORT_SYMBOL_GPL(tcpv6_prot);
1da177e4 2372
1da177e4 2373
1da177e4
LT		 2374static struct inet_protosw tcpv6_protosw = {
2375 .type = SOCK_STREAM,
2376 .protocol = IPPROTO_TCP,
2377 .prot = &tcpv6_prot,
2378 .ops = &inet6_stream_ops,
d83d8461
ACM		 2379 .flags = INET_PROTOSW_PERMANENT |
2380 INET_PROTOSW_ICSK,
1da177e4
LT		 2381};
2382
2c8c1e72 2383static int __net_init tcpv6_net_init(struct net *net)
93ec926b 2384{
5677242f
DL		 2385 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2386 SOCK_RAW, IPPROTO_TCP, net);
93ec926b
DL		 2387}
2388
2c8c1e72 2389static void __net_exit tcpv6_net_exit(struct net *net)
93ec926b 2390{
5677242f 2391 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
b099ce26
EB		 2392}
2393
93ec926b 2394static struct pernet_operations tcpv6_net_ops = {
b099ce26
EB		 2395 .init = tcpv6_net_init,
2396 .exit = tcpv6_net_exit,
93ec926b
DL		 2397};
2398
7f4e4868 2399int __init tcpv6_init(void)
1da177e4 2400{
7f4e4868
DL		 2401 int ret;
2402
4ea0875b
ED		 2403 net_hotdata.tcpv6_protocol = (struct inet6_protocol) {
2404 .handler = tcp_v6_rcv,
2405 .err_handler = tcp_v6_err,
2406 .flags = INET6_PROTO_NOPOLICY | INET6_PROTO_FINAL,
2407 };
2408 ret = inet6_add_protocol(&net_hotdata.tcpv6_protocol, IPPROTO_TCP);
3336288a 2409 if (ret)
c6b641a4 2410 goto out;
3336288a 2411
1da177e4 2412 /* register inet6 protocol */
7f4e4868
DL		 2413 ret = inet6_register_protosw(&tcpv6_protosw);
2414 if (ret)
2415 goto out_tcpv6_protocol;
2416
93ec926b 2417 ret = register_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2418 if (ret)
2419 goto out_tcpv6_protosw;
f870fa0b
MM		 2420
2421 ret = mptcpv6_init();
2422 if (ret)
2423 goto out_tcpv6_pernet_subsys;
2424
7f4e4868
DL		 2425out:
2426 return ret;
ae0f7d5f 2427
f870fa0b
MM		 2428out_tcpv6_pernet_subsys:
2429 unregister_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2430out_tcpv6_protosw:
2431 inet6_unregister_protosw(&tcpv6_protosw);
3336288a 2432out_tcpv6_protocol:
4ea0875b 2433 inet6_del_protocol(&net_hotdata.tcpv6_protocol, IPPROTO_TCP);
7f4e4868
DL		 2434 goto out;
2435}
2436
09f7709f 2437void tcpv6_exit(void)
7f4e4868 2438{
93ec926b 2439 unregister_pernet_subsys(&tcpv6_net_ops);
7f4e4868 2440 inet6_unregister_protosw(&tcpv6_protosw);
4ea0875b 2441 inet6_del_protocol(&net_hotdata.tcpv6_protocol, IPPROTO_TCP);
1da177e4 2442}
Linux 6.x block layer and io_uring tree(s)