projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ipv6: tcp: provide sk->sk_priority to ctl packets
[linux-2.6-block.git] / net / ipv6 / tcp_ipv6.c
CommitLineData
2874c5fd 1// SPDX-License-Identifier: GPL-2.0-or-later
1da177e4
LT		 2/*
3 * TCP over IPv6
1ab1457c 4 * Linux INET6 implementation
1da177e4
LT		 5 *
6 * Authors:
1ab1457c 7 * Pedro Roque <roque@di.fc.ul.pt>
1da177e4 8 *
1ab1457c 9 * Based on:
1da177e4
LT		 10 * linux/net/ipv4/tcp.c
11 * linux/net/ipv4/tcp_input.c
12 * linux/net/ipv4/tcp_output.c
13 *
14 * Fixes:
15 * Hideaki YOSHIFUJI : sin6_scope_id support
16 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
17 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
18 * a single port at the same time.
19 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
1da177e4
LT		 20 */
21
eb4dea58 22#include <linux/bottom_half.h>
1da177e4 23#include <linux/module.h>
1da177e4
LT		 24#include <linux/errno.h>
25#include <linux/types.h>
26#include <linux/socket.h>
27#include <linux/sockios.h>
28#include <linux/net.h>
29#include <linux/jiffies.h>
30#include <linux/in.h>
31#include <linux/in6.h>
32#include <linux/netdevice.h>
33#include <linux/init.h>
34#include <linux/jhash.h>
35#include <linux/ipsec.h>
36#include <linux/times.h>
5a0e3ad6 37#include <linux/slab.h>
4aa956d8 38#include <linux/uaccess.h>
1da177e4
LT		 39#include <linux/ipv6.h>
40#include <linux/icmpv6.h>
41#include <linux/random.h>
0e219ae4 42#include <linux/indirect_call_wrapper.h>
1da177e4
LT		 43
44#include <net/tcp.h>
45#include <net/ndisc.h>
5324a040 46#include <net/inet6_hashtables.h>
8129765a 47#include <net/inet6_connection_sock.h>
1da177e4
LT		 48#include <net/ipv6.h>
49#include <net/transp_v6.h>
50#include <net/addrconf.h>
51#include <net/ip6_route.h>
52#include <net/ip6_checksum.h>
53#include <net/inet_ecn.h>
54#include <net/protocol.h>
55#include <net/xfrm.h>
1da177e4
LT		 56#include <net/snmp.h>
57#include <net/dsfield.h>
6d6ee43e 58#include <net/timewait_sock.h>
3d58b5fa 59#include <net/inet_common.h>
6e5714ea 60#include <net/secure_seq.h>
076bb0c8 61#include <net/busy_poll.h>
1da177e4 62
1da177e4
LT		 63#include <linux/proc_fs.h>
64#include <linux/seq_file.h>
65
cf80e0e4 66#include <crypto/hash.h>
cfb6eeb4
YH		 67#include <linux/scatterlist.h>
68
c24b14c4
SL		 69#include <trace/events/tcp.h>
70
a00e7444
ED		 71static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
72static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
6edafaaf 73 struct request_sock *req);
1da177e4
LT		 74
75static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
1da177e4 76
3b401a81
SH		 77static const struct inet_connection_sock_af_ops ipv6_mapped;
78static const struct inet_connection_sock_af_ops ipv6_specific;
a928630a 79#ifdef CONFIG_TCP_MD5SIG
b2e4b3de
SH		 80static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
81static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
9501f972 82#else
51723935 83static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
b71d1d42 84 const struct in6_addr *addr)
9501f972
YH		 85{
86 return NULL;
87}
a928630a 88#endif
1da177e4 89
93a77c11
ED		 90/* Helper returning the inet6 address from a given tcp socket.
91 * It can be used in TCP stack instead of inet6_sk(sk).
92 * This avoids a dereference and allow compiler optimizations.
f5d54767 93 * It is a specialized version of inet6_sk_generic().
93a77c11
ED		 94 */
95static struct ipv6_pinfo *tcp_inet6_sk(const struct sock *sk)
96{
f5d54767 97 unsigned int offset = sizeof(struct tcp6_sock) - sizeof(struct ipv6_pinfo);
93a77c11 98
f5d54767 99 return (struct ipv6_pinfo *)(((u8 *)sk) + offset);
93a77c11
ED		 100}
101
fae6ef87
NC		 102static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
103{
104 struct dst_entry *dst = skb_dst(skb);
fae6ef87 105
5037e9ef 106 if (dst && dst_hold_safe(dst)) {
ca777eff
ED		 107 const struct rt6_info *rt = (const struct rt6_info *)dst;
108
ca777eff
ED		 109 sk->sk_rx_dst = dst;
110 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
93a77c11 111 tcp_inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt);
ca777eff 112 }
fae6ef87
NC		 113}
114
84b114b9 115static u32 tcp_v6_init_seq(const struct sk_buff *skb)
1da177e4 116{
84b114b9
ED		 117 return secure_tcpv6_seq(ipv6_hdr(skb)->daddr.s6_addr32,
118 ipv6_hdr(skb)->saddr.s6_addr32,
119 tcp_hdr(skb)->dest,
120 tcp_hdr(skb)->source);
121}
122
5d2ed052 123static u32 tcp_v6_init_ts_off(const struct net *net, const struct sk_buff *skb)
84b114b9 124{
5d2ed052 125 return secure_tcpv6_ts_off(net, ipv6_hdr(skb)->daddr.s6_addr32,
84b114b9 126 ipv6_hdr(skb)->saddr.s6_addr32);
1da177e4
LT		 127}
128
d74bad4e
AI		 129static int tcp_v6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
130 int addr_len)
131{
132 /* This check is replicated from tcp_v6_connect() and intended to
133 * prevent BPF program called below from accessing bytes that are out
134 * of the bound specified by user in addr_len.
135 */
136 if (addr_len < SIN6_LEN_RFC2133)
137 return -EINVAL;
138
139 sock_owned_by_me(sk);
140
141 return BPF_CGROUP_RUN_PROG_INET6_CONNECT(sk, uaddr);
142}
143
1ab1457c 144static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
1da177e4
LT		 145 int addr_len)
146{
147 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
1ab1457c 148 struct inet_sock *inet = inet_sk(sk);
d83d8461 149 struct inet_connection_sock *icsk = inet_csk(sk);
93a77c11 150 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1da177e4 151 struct tcp_sock *tp = tcp_sk(sk);
20c59de2 152 struct in6_addr *saddr = NULL, *final_p, final;
45f6fad8 153 struct ipv6_txoptions *opt;
4c9483b2 154 struct flowi6 fl6;
1da177e4
LT		 155 struct dst_entry *dst;
156 int addr_type;
157 int err;
1946e672 158 struct inet_timewait_death_row *tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row;
1da177e4 159
1ab1457c 160 if (addr_len < SIN6_LEN_RFC2133)
1da177e4
LT		 161 return -EINVAL;
162
1ab1457c 163 if (usin->sin6_family != AF_INET6)
a02cec21 164 return -EAFNOSUPPORT;
1da177e4 165
4c9483b2 166 memset(&fl6, 0, sizeof(fl6));
1da177e4
LT		 167
168 if (np->sndflow) {
4c9483b2
DM		 169 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
170 IP6_ECN_flow_init(fl6.flowlabel);
171 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
1da177e4 172 struct ip6_flowlabel *flowlabel;
4c9483b2 173 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
59c820b2 174 if (IS_ERR(flowlabel))
1da177e4 175 return -EINVAL;
1da177e4
LT		 176 fl6_sock_release(flowlabel);
177 }
178 }
179
180 /*
1ab1457c
YH		 181 * connect() to INADDR_ANY means loopback (BSD'ism).
182 */
183
052d2369
JL		 184 if (ipv6_addr_any(&usin->sin6_addr)) {
185 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
186 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
187 &usin->sin6_addr);
188 else
189 usin->sin6_addr = in6addr_loopback;
190 }
1da177e4
LT		 191
192 addr_type = ipv6_addr_type(&usin->sin6_addr);
193
4c99aa40 194 if (addr_type & IPV6_ADDR_MULTICAST)
1da177e4
LT		 195 return -ENETUNREACH;
196
197 if (addr_type&IPV6_ADDR_LINKLOCAL) {
198 if (addr_len >= sizeof(struct sockaddr_in6) &&
199 usin->sin6_scope_id) {
200 /* If interface is set while binding, indices
201 * must coincide.
202 */
54dc3e33 203 if (!sk_dev_equal_l3scope(sk, usin->sin6_scope_id))
1da177e4
LT		 204 return -EINVAL;
205
206 sk->sk_bound_dev_if = usin->sin6_scope_id;
207 }
208
209 /* Connect to link-local address requires an interface */
210 if (!sk->sk_bound_dev_if)
211 return -EINVAL;
212 }
213
214 if (tp->rx_opt.ts_recent_stamp &&
efe4208f 215 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
1da177e4
LT		 216 tp->rx_opt.ts_recent = 0;
217 tp->rx_opt.ts_recent_stamp = 0;
218 tp->write_seq = 0;
219 }
220
efe4208f 221 sk->sk_v6_daddr = usin->sin6_addr;
4c9483b2 222 np->flow_label = fl6.flowlabel;
1da177e4
LT		 223
224 /*
225 * TCP over IPv4
226 */
227
052d2369 228 if (addr_type & IPV6_ADDR_MAPPED) {
d83d8461 229 u32 exthdrlen = icsk->icsk_ext_hdr_len;
1da177e4
LT		 230 struct sockaddr_in sin;
231
1da177e4
LT		 232 if (__ipv6_only_sock(sk))
233 return -ENETUNREACH;
234
235 sin.sin_family = AF_INET;
236 sin.sin_port = usin->sin6_port;
237 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
238
d83d8461 239 icsk->icsk_af_ops = &ipv6_mapped;
1da177e4 240 sk->sk_backlog_rcv = tcp_v4_do_rcv;
cfb6eeb4
YH		 241#ifdef CONFIG_TCP_MD5SIG
242 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
243#endif
1da177e4
LT		 244
245 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
246
247 if (err) {
d83d8461
ACM		 248 icsk->icsk_ext_hdr_len = exthdrlen;
249 icsk->icsk_af_ops = &ipv6_specific;
1da177e4 250 sk->sk_backlog_rcv = tcp_v6_do_rcv;
cfb6eeb4
YH		 251#ifdef CONFIG_TCP_MD5SIG
252 tp->af_specific = &tcp_sock_ipv6_specific;
253#endif
1da177e4 254 goto failure;
1da177e4 255 }
d1e559d0 256 np->saddr = sk->sk_v6_rcv_saddr;
1da177e4
LT		 257
258 return err;
259 }
260
efe4208f
ED		 261 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
262 saddr = &sk->sk_v6_rcv_saddr;
1da177e4 263
4c9483b2 264 fl6.flowi6_proto = IPPROTO_TCP;
efe4208f 265 fl6.daddr = sk->sk_v6_daddr;
4e3fd7a0 266 fl6.saddr = saddr ? *saddr : np->saddr;
4c9483b2
DM		 267 fl6.flowi6_oif = sk->sk_bound_dev_if;
268 fl6.flowi6_mark = sk->sk_mark;
1958b856
DM		 269 fl6.fl6_dport = usin->sin6_port;
270 fl6.fl6_sport = inet->inet_sport;
e2d118a1 271 fl6.flowi6_uid = sk->sk_uid;
1da177e4 272
1e1d04e6 273 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
45f6fad8 274 final_p = fl6_update_dst(&fl6, opt, &final);
1da177e4 275
4c9483b2 276 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
beb8d13b 277
0e0d44ab 278 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
68d0c6d3
DM		 279 if (IS_ERR(dst)) {
280 err = PTR_ERR(dst);
1da177e4 281 goto failure;
14e50e57 282 }
1da177e4 283
63159f29 284 if (!saddr) {
4c9483b2 285 saddr = &fl6.saddr;
efe4208f 286 sk->sk_v6_rcv_saddr = *saddr;
1da177e4
LT		 287 }
288
289 /* set the source address */
4e3fd7a0 290 np->saddr = *saddr;
c720c7e8 291 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 292
f83ef8c0 293 sk->sk_gso_type = SKB_GSO_TCPV6;
6bd4f355 294 ip6_dst_store(sk, dst, NULL, NULL);
1da177e4 295
d83d8461 296 icsk->icsk_ext_hdr_len = 0;
45f6fad8
ED		 297 if (opt)
298 icsk->icsk_ext_hdr_len = opt->opt_flen +
299 opt->opt_nflen;
1da177e4
LT		 300
301 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
302
c720c7e8 303 inet->inet_dport = usin->sin6_port;
1da177e4
LT		 304
305 tcp_set_state(sk, TCP_SYN_SENT);
1946e672 306 err = inet6_hash_connect(tcp_death_row, sk);
1da177e4
LT		 307 if (err)
308 goto late_failure;
309
877d1f62 310 sk_set_txhash(sk);
9e7ceb06 311
00355fa5 312 if (likely(!tp->repair)) {
00355fa5 313 if (!tp->write_seq)
84b114b9
ED		 314 tp->write_seq = secure_tcpv6_seq(np->saddr.s6_addr32,
315 sk->sk_v6_daddr.s6_addr32,
316 inet->inet_sport,
317 inet->inet_dport);
5d2ed052
ED		 318 tp->tsoffset = secure_tcpv6_ts_off(sock_net(sk),
319 np->saddr.s6_addr32,
84b114b9 320 sk->sk_v6_daddr.s6_addr32);
00355fa5 321 }
1da177e4 322
19f6d3f3
WW		 323 if (tcp_fastopen_defer_connect(sk, &err))
324 return err;
325 if (err)
326 goto late_failure;
327
1da177e4
LT		 328 err = tcp_connect(sk);
329 if (err)
330 goto late_failure;
331
332 return 0;
333
334late_failure:
335 tcp_set_state(sk, TCP_CLOSE);
1da177e4 336failure:
c720c7e8 337 inet->inet_dport = 0;
1da177e4
LT		 338 sk->sk_route_caps = 0;
339 return err;
340}
341
563d34d0
ED		 342static void tcp_v6_mtu_reduced(struct sock *sk)
343{
344 struct dst_entry *dst;
345
346 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
347 return;
348
349 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
350 if (!dst)
351 return;
352
353 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
354 tcp_sync_mss(sk, dst_mtu(dst));
355 tcp_simple_retransmit(sk);
356 }
357}
358
32bbd879 359static int tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
d5fdd6ba 360 u8 type, u8 code, int offset, __be32 info)
1da177e4 361{
4c99aa40 362 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
505cbfc5 363 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
2215089b
ED		 364 struct net *net = dev_net(skb->dev);
365 struct request_sock *fastopen;
1da177e4 366 struct ipv6_pinfo *np;
1ab1457c 367 struct tcp_sock *tp;
0a672f74 368 __u32 seq, snd_una;
2215089b 369 struct sock *sk;
9cf74903 370 bool fatal;
2215089b 371 int err;
1da177e4 372
2215089b
ED		 373 sk = __inet6_lookup_established(net, &tcp_hashinfo,
374 &hdr->daddr, th->dest,
375 &hdr->saddr, ntohs(th->source),
4297a0ef 376 skb->dev->ifindex, inet6_sdif(skb));
1da177e4 377
2215089b 378 if (!sk) {
a16292a0
ED		 379 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
380 ICMP6_MIB_INERRORS);
32bbd879 381 return -ENOENT;
1da177e4
LT		 382 }
383
384 if (sk->sk_state == TCP_TIME_WAIT) {
9469c7b4 385 inet_twsk_put(inet_twsk(sk));
32bbd879 386 return 0;
1da177e4 387 }
2215089b 388 seq = ntohl(th->seq);
9cf74903 389 fatal = icmpv6_err_convert(type, code, &err);
32bbd879
SB		 390 if (sk->sk_state == TCP_NEW_SYN_RECV) {
391 tcp_req_err(sk, seq, fatal);
392 return 0;
393 }
1da177e4
LT		 394
395 bh_lock_sock(sk);
563d34d0 396 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
02a1d6e7 397 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
1da177e4
LT		 398
399 if (sk->sk_state == TCP_CLOSE)
400 goto out;
401
93a77c11 402 if (ipv6_hdr(skb)->hop_limit < tcp_inet6_sk(sk)->min_hopcount) {
02a1d6e7 403 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
e802af9c
SH		 404 goto out;
405 }
406
1da177e4 407 tp = tcp_sk(sk);
0a672f74
YC		 408 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
409 fastopen = tp->fastopen_rsk;
410 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
1da177e4 411 if (sk->sk_state != TCP_LISTEN &&
0a672f74 412 !between(seq, snd_una, tp->snd_nxt)) {
02a1d6e7 413 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
1da177e4
LT		 414 goto out;
415 }
416
93a77c11 417 np = tcp_inet6_sk(sk);
1da177e4 418
ec18d9a2 419 if (type == NDISC_REDIRECT) {
45caeaa5
JM		 420 if (!sock_owned_by_user(sk)) {
421 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
ec18d9a2 422
45caeaa5
JM		 423 if (dst)
424 dst->ops->redirect(dst, sk, skb);
425 }
50a75a89 426 goto out;
ec18d9a2
DM		 427 }
428
1da177e4 429 if (type == ICMPV6_PKT_TOOBIG) {
0d4f0608
ED		 430 /* We are not interested in TCP_LISTEN and open_requests
431 * (SYN-ACKs send out by Linux are always <576bytes so
432 * they should go through unfragmented).
433 */
434 if (sk->sk_state == TCP_LISTEN)
435 goto out;
436
93b36cf3
HFS		 437 if (!ip6_sk_accept_pmtu(sk))
438 goto out;
439
563d34d0
ED		 440 tp->mtu_info = ntohl(info);
441 if (!sock_owned_by_user(sk))
442 tcp_v6_mtu_reduced(sk);
d013ef2a 443 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
7aa5470c 444 &sk->sk_tsq_flags))
d013ef2a 445 sock_hold(sk);
1da177e4
LT		 446 goto out;
447 }
448
1da177e4 449
60236fdd 450 /* Might be for an request_sock */
1da177e4 451 switch (sk->sk_state) {
1da177e4 452 case TCP_SYN_SENT:
0a672f74
YC		 453 case TCP_SYN_RECV:
454 /* Only in fast or simultaneous open. If a fast open socket is
455 * is already accepted it is treated as a connected one below.
456 */
63159f29 457 if (fastopen && !fastopen->sk)
0a672f74
YC		 458 break;
459
1da177e4 460 if (!sock_owned_by_user(sk)) {
1da177e4
LT		 461 sk->sk_err = err;
462 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
463
464 tcp_done(sk);
465 } else
466 sk->sk_err_soft = err;
467 goto out;
468 }
469
470 if (!sock_owned_by_user(sk) && np->recverr) {
471 sk->sk_err = err;
472 sk->sk_error_report(sk);
473 } else
474 sk->sk_err_soft = err;
475
476out:
477 bh_unlock_sock(sk);
478 sock_put(sk);
32bbd879 479 return 0;
1da177e4
LT		 480}
481
482
0f935dbe 483static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
d6274bd8 484 struct flowi *fl,
3840a06e 485 struct request_sock *req,
ca6fb065 486 struct tcp_fastopen_cookie *foc,
b3d05147 487 enum tcp_synack_type synack_type)
1da177e4 488{
634fb979 489 struct inet_request_sock *ireq = inet_rsk(req);
93a77c11 490 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
56ac42bc 491 struct ipv6_txoptions *opt;
d6274bd8 492 struct flowi6 *fl6 = &fl->u.ip6;
4c99aa40 493 struct sk_buff *skb;
9494218f 494 int err = -ENOMEM;
1da177e4 495
9f10d3f6 496 /* First, grab a route. */
f76b33c3
ED		 497 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
498 IPPROTO_TCP)) == NULL)
fd80eb94 499 goto done;
9494218f 500
b3d05147 501 skb = tcp_make_synack(sk, dst, req, foc, synack_type);
9494218f 502
1da177e4 503 if (skb) {
634fb979
ED		 504 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
505 &ireq->ir_v6_rmt_addr);
1da177e4 506
634fb979 507 fl6->daddr = ireq->ir_v6_rmt_addr;
53b24b8f 508 if (np->repflow && ireq->pktopts)
df3687ff
FF		 509 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
510
3e4006f0 511 rcu_read_lock();
56ac42bc
HD		 512 opt = ireq->ipv6_opt;
513 if (!opt)
514 opt = rcu_dereference(np->opt);
4f6570d7
ED		 515 err = ip6_xmit(sk, skb, fl6, sk->sk_mark, opt, np->tclass,
516 sk->sk_priority);
3e4006f0 517 rcu_read_unlock();
b9df3cb8 518 err = net_xmit_eval(err);
1da177e4
LT		 519 }
520
521done:
1da177e4
LT		 522 return err;
523}
524
72659ecc 525
60236fdd 526static void tcp_v6_reqsk_destructor(struct request_sock *req)
1da177e4 527{
56ac42bc 528 kfree(inet_rsk(req)->ipv6_opt);
634fb979 529 kfree_skb(inet_rsk(req)->pktopts);
1da177e4
LT		 530}
531
cfb6eeb4 532#ifdef CONFIG_TCP_MD5SIG
b83e3deb 533static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
b71d1d42 534 const struct in6_addr *addr)
cfb6eeb4 535{
a915da9b 536 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
cfb6eeb4
YH		 537}
538
b83e3deb 539static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
fd3a154a 540 const struct sock *addr_sk)
cfb6eeb4 541{
efe4208f 542 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
cfb6eeb4
YH		 543}
544
8917a777
ID		 545static int tcp_v6_parse_md5_keys(struct sock *sk, int optname,
546 char __user *optval, int optlen)
cfb6eeb4
YH		 547{
548 struct tcp_md5sig cmd;
549 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
8917a777 550 u8 prefixlen;
cfb6eeb4
YH		 551
552 if (optlen < sizeof(cmd))
553 return -EINVAL;
554
555 if (copy_from_user(&cmd, optval, sizeof(cmd)))
556 return -EFAULT;
557
558 if (sin6->sin6_family != AF_INET6)
559 return -EINVAL;
560
8917a777
ID		 561 if (optname == TCP_MD5SIG_EXT &&
562 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
563 prefixlen = cmd.tcpm_prefixlen;
564 if (prefixlen > 128 || (ipv6_addr_v4mapped(&sin6->sin6_addr) &&
565 prefixlen > 32))
566 return -EINVAL;
567 } else {
568 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128;
569 }
570
cfb6eeb4 571 if (!cmd.tcpm_keylen) {
e773e4fa 572 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
a915da9b 573 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
8917a777 574 AF_INET, prefixlen);
a915da9b 575 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
8917a777 576 AF_INET6, prefixlen);
cfb6eeb4
YH		 577 }
578
579 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
580 return -EINVAL;
581
a915da9b
ED		 582 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
583 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
8917a777 584 AF_INET, prefixlen, cmd.tcpm_key,
6797318e 585 cmd.tcpm_keylen, GFP_KERNEL);
cfb6eeb4 586
a915da9b 587 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
8917a777
ID		 588 AF_INET6, prefixlen, cmd.tcpm_key,
589 cmd.tcpm_keylen, GFP_KERNEL);
cfb6eeb4
YH		 590}
591
19689e38
ED		 592static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp,
593 const struct in6_addr *daddr,
594 const struct in6_addr *saddr,
595 const struct tcphdr *th, int nbytes)
cfb6eeb4 596{
cfb6eeb4 597 struct tcp6_pseudohdr *bp;
49a72dfb 598 struct scatterlist sg;
19689e38 599 struct tcphdr *_th;
8d26d76d 600
19689e38 601 bp = hp->scratch;
cfb6eeb4 602 /* 1. TCP pseudo-header (RFC2460) */
4e3fd7a0
AD		 603 bp->saddr = *saddr;
604 bp->daddr = *daddr;
49a72dfb 605 bp->protocol = cpu_to_be32(IPPROTO_TCP);
00b1304c 606 bp->len = cpu_to_be32(nbytes);
cfb6eeb4 607
19689e38
ED		 608 _th = (struct tcphdr *)(bp + 1);
609 memcpy(_th, th, sizeof(*th));
610 _th->check = 0;
611
612 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
613 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
614 sizeof(*bp) + sizeof(*th));
cf80e0e4 615 return crypto_ahash_update(hp->md5_req);
49a72dfb 616}
c7da57a1 617
19689e38 618static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
b71d1d42 619 const struct in6_addr *daddr, struct in6_addr *saddr,
318cf7aa 620 const struct tcphdr *th)
49a72dfb
AL		 621{
622 struct tcp_md5sig_pool *hp;
cf80e0e4 623 struct ahash_request *req;
49a72dfb
AL		 624
625 hp = tcp_get_md5sig_pool();
626 if (!hp)
627 goto clear_hash_noput;
cf80e0e4 628 req = hp->md5_req;
49a72dfb 629
cf80e0e4 630 if (crypto_ahash_init(req))
49a72dfb 631 goto clear_hash;
19689e38 632 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
49a72dfb
AL		 633 goto clear_hash;
634 if (tcp_md5_hash_key(hp, key))
635 goto clear_hash;
cf80e0e4
HX		 636 ahash_request_set_crypt(req, NULL, md5_hash, 0);
637 if (crypto_ahash_final(req))
cfb6eeb4 638 goto clear_hash;
cfb6eeb4 639
cfb6eeb4 640 tcp_put_md5sig_pool();
cfb6eeb4 641 return 0;
49a72dfb 642
cfb6eeb4
YH		 643clear_hash:
644 tcp_put_md5sig_pool();
645clear_hash_noput:
646 memset(md5_hash, 0, 16);
49a72dfb 647 return 1;
cfb6eeb4
YH		 648}
649
39f8e58e
ED		 650static int tcp_v6_md5_hash_skb(char *md5_hash,
651 const struct tcp_md5sig_key *key,
318cf7aa 652 const struct sock *sk,
318cf7aa 653 const struct sk_buff *skb)
cfb6eeb4 654{
b71d1d42 655 const struct in6_addr *saddr, *daddr;
49a72dfb 656 struct tcp_md5sig_pool *hp;
cf80e0e4 657 struct ahash_request *req;
318cf7aa 658 const struct tcphdr *th = tcp_hdr(skb);
cfb6eeb4 659
39f8e58e
ED		 660 if (sk) { /* valid for establish/request sockets */
661 saddr = &sk->sk_v6_rcv_saddr;
efe4208f 662 daddr = &sk->sk_v6_daddr;
49a72dfb 663 } else {
b71d1d42 664 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
49a72dfb
AL		 665 saddr = &ip6h->saddr;
666 daddr = &ip6h->daddr;
cfb6eeb4 667 }
49a72dfb
AL		 668
669 hp = tcp_get_md5sig_pool();
670 if (!hp)
671 goto clear_hash_noput;
cf80e0e4 672 req = hp->md5_req;
49a72dfb 673
cf80e0e4 674 if (crypto_ahash_init(req))
49a72dfb
AL		 675 goto clear_hash;
676
19689e38 677 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len))
49a72dfb
AL		 678 goto clear_hash;
679 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
680 goto clear_hash;
681 if (tcp_md5_hash_key(hp, key))
682 goto clear_hash;
cf80e0e4
HX		 683 ahash_request_set_crypt(req, NULL, md5_hash, 0);
684 if (crypto_ahash_final(req))
49a72dfb
AL		 685 goto clear_hash;
686
687 tcp_put_md5sig_pool();
688 return 0;
689
690clear_hash:
691 tcp_put_md5sig_pool();
692clear_hash_noput:
693 memset(md5_hash, 0, 16);
694 return 1;
cfb6eeb4
YH		 695}
696
ba8e275a
ED		 697#endif
698
699static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
700 const struct sk_buff *skb)
cfb6eeb4 701{
ba8e275a 702#ifdef CONFIG_TCP_MD5SIG
cf533ea5 703 const __u8 *hash_location = NULL;
cfb6eeb4 704 struct tcp_md5sig_key *hash_expected;
b71d1d42 705 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
318cf7aa 706 const struct tcphdr *th = tcp_hdr(skb);
cfb6eeb4 707 int genhash;
cfb6eeb4
YH		 708 u8 newhash[16];
709
710 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
7d5d5525 711 hash_location = tcp_parse_md5sig_option(th);
cfb6eeb4 712
785957d3
DM		 713 /* We've parsed the options - do we have a hash? */
714 if (!hash_expected && !hash_location)
ff74e23f 715 return false;
785957d3
DM		 716
717 if (hash_expected && !hash_location) {
c10d9310 718 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
ff74e23f 719 return true;
cfb6eeb4
YH		 720 }
721
785957d3 722 if (!hash_expected && hash_location) {
c10d9310 723 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
ff74e23f 724 return true;
cfb6eeb4
YH		 725 }
726
727 /* check the signature */
49a72dfb
AL		 728 genhash = tcp_v6_md5_hash_skb(newhash,
729 hash_expected,
39f8e58e 730 NULL, skb);
49a72dfb 731
cfb6eeb4 732 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
72145a68 733 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE);
e87cc472
JP		 734 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
735 genhash ? "failed" : "mismatch",
736 &ip6h->saddr, ntohs(th->source),
737 &ip6h->daddr, ntohs(th->dest));
ff74e23f 738 return true;
cfb6eeb4 739 }
ba8e275a 740#endif
ff74e23f 741 return false;
cfb6eeb4 742}
cfb6eeb4 743
b40cf18e
ED		 744static void tcp_v6_init_req(struct request_sock *req,
745 const struct sock *sk_listener,
16bea70a
OP		 746 struct sk_buff *skb)
747{
c2027d1e 748 bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
16bea70a 749 struct inet_request_sock *ireq = inet_rsk(req);
93a77c11 750 const struct ipv6_pinfo *np = tcp_inet6_sk(sk_listener);
16bea70a
OP		 751
752 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
753 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
754
16bea70a 755 /* So that link locals have meaning */
c2027d1e 756 if ((!sk_listener->sk_bound_dev_if || l3_slave) &&
16bea70a 757 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
870c3151 758 ireq->ir_iif = tcp_v6_iif(skb);
16bea70a 759
04317daf 760 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
b40cf18e 761 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
a224772d 762 np->rxopt.bits.rxinfo ||
16bea70a
OP		 763 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
764 np->rxopt.bits.rxohlim || np->repflow)) {
63354797 765 refcount_inc(&skb->users);
16bea70a
OP		 766 ireq->pktopts = skb;
767 }
768}
769
f964629e
ED		 770static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
771 struct flowi *fl,
4396e461 772 const struct request_sock *req)
d94e0417 773{
f76b33c3 774 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
d94e0417
OP		 775}
776
c6aefafb 777struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
1da177e4 778 .family = AF_INET6,
2e6599cb 779 .obj_size = sizeof(struct tcp6_request_sock),
5db92c99 780 .rtx_syn_ack = tcp_rtx_synack,
60236fdd
ACM		 781 .send_ack = tcp_v6_reqsk_send_ack,
782 .destructor = tcp_v6_reqsk_destructor,
72659ecc 783 .send_reset = tcp_v6_send_reset,
4aa956d8 784 .syn_ack_timeout = tcp_syn_ack_timeout,
1da177e4
LT		 785};
786
b2e4b3de 787static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
2aec4a29
OP		 788 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
789 sizeof(struct ipv6hdr),
16bea70a 790#ifdef CONFIG_TCP_MD5SIG
fd3a154a 791 .req_md5_lookup = tcp_v6_md5_lookup,
e3afe7b7 792 .calc_md5_hash = tcp_v6_md5_hash_skb,
b6332e6c 793#endif
16bea70a 794 .init_req = tcp_v6_init_req,
fb7b37a7
OP		 795#ifdef CONFIG_SYN_COOKIES
796 .cookie_init_seq = cookie_v6_init_sequence,
797#endif
d94e0417 798 .route_req = tcp_v6_route_req,
84b114b9
ED		 799 .init_seq = tcp_v6_init_seq,
800 .init_ts_off = tcp_v6_init_ts_off,
d6274bd8 801 .send_synack = tcp_v6_send_synack,
16bea70a 802};
cfb6eeb4 803
a00e7444 804static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
0f85feae
ED		 805 u32 ack, u32 win, u32 tsval, u32 tsecr,
806 int oif, struct tcp_md5sig_key *key, int rst,
e9a5dcee 807 u8 tclass, __be32 label, u32 priority)
1da177e4 808{
cf533ea5
ED		 809 const struct tcphdr *th = tcp_hdr(skb);
810 struct tcphdr *t1;
1da177e4 811 struct sk_buff *buff;
4c9483b2 812 struct flowi6 fl6;
0f85feae 813 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
e5047992 814 struct sock *ctl_sk = net->ipv6.tcp_sk;
77c676da 815 unsigned int tot_len = sizeof(struct tcphdr);
adf30907 816 struct dst_entry *dst;
81ada62d 817 __be32 *topt;
00483690 818 __u32 mark = 0;
1da177e4 819
ee684b6f 820 if (tsecr)
626e264d 821 tot_len += TCPOLEN_TSTAMP_ALIGNED;
cfb6eeb4 822#ifdef CONFIG_TCP_MD5SIG
cfb6eeb4
YH		 823 if (key)
824 tot_len += TCPOLEN_MD5SIG_ALIGNED;
825#endif
826
cfb6eeb4 827 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
1da177e4 828 GFP_ATOMIC);
63159f29 829 if (!buff)
1ab1457c 830 return;
1da177e4 831
cfb6eeb4 832 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
1da177e4 833
d58ff351 834 t1 = skb_push(buff, tot_len);
6651ffc8 835 skb_reset_transport_header(buff);
1da177e4
LT		 836
837 /* Swap the send and the receive. */
838 memset(t1, 0, sizeof(*t1));
839 t1->dest = th->source;
840 t1->source = th->dest;
cfb6eeb4 841 t1->doff = tot_len / 4;
626e264d
IJ		 842 t1->seq = htonl(seq);
843 t1->ack_seq = htonl(ack);
844 t1->ack = !rst || !th->ack;
845 t1->rst = rst;
846 t1->window = htons(win);
1da177e4 847
81ada62d
IJ		 848 topt = (__be32 *)(t1 + 1);
849
ee684b6f 850 if (tsecr) {
626e264d
IJ		 851 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
852 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
ee684b6f
AV		 853 *topt++ = htonl(tsval);
854 *topt++ = htonl(tsecr);
626e264d
IJ		 855 }
856
cfb6eeb4
YH		 857#ifdef CONFIG_TCP_MD5SIG
858 if (key) {
81ada62d
IJ		 859 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
860 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
861 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
78e645cb
IJ		 862 &ipv6_hdr(skb)->saddr,
863 &ipv6_hdr(skb)->daddr, t1);
cfb6eeb4
YH		 864 }
865#endif
866
4c9483b2 867 memset(&fl6, 0, sizeof(fl6));
4e3fd7a0
AD		 868 fl6.daddr = ipv6_hdr(skb)->saddr;
869 fl6.saddr = ipv6_hdr(skb)->daddr;
1d13a96c 870 fl6.flowlabel = label;
1da177e4 871
e5700aff
DM		 872 buff->ip_summed = CHECKSUM_PARTIAL;
873 buff->csum = 0;
874
4c9483b2 875 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
1da177e4 876
4c9483b2 877 fl6.flowi6_proto = IPPROTO_TCP;
a36dbdb2 878 if (rt6_need_strict(&fl6.daddr) && !oif)
870c3151 879 fl6.flowi6_oif = tcp_v6_iif(skb);
9b6c14d5
DA		 880 else {
881 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
882 oif = skb->skb_iif;
883
884 fl6.flowi6_oif = oif;
885 }
1d2f7b2d 886
c67b8555
ED		 887 if (sk) {
888 if (sk->sk_state == TCP_TIME_WAIT) {
889 mark = inet_twsk(sk)->tw_mark;
890 /* autoflowlabel relies on buff->hash */
891 skb_set_hash(buff, inet_twsk(sk)->tw_txhash,
892 PKT_HASH_TYPE_L4);
893 } else {
894 mark = sk->sk_mark;
895 }
d6fb396c 896 buff->tstamp = tcp_transmit_time(sk);
c67b8555 897 }
00483690 898 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark) ?: mark;
1958b856
DM		 899 fl6.fl6_dport = t1->dest;
900 fl6.fl6_sport = t1->source;
e2d118a1 901 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
4c9483b2 902 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
1da177e4 903
c20121ae
DL		 904 /* Pass a socket to ip6_dst_lookup either it is for RST
905 * Underlying function will use this to retrieve the network
906 * namespace
907 */
0e0d44ab 908 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
68d0c6d3
DM		 909 if (!IS_ERR(dst)) {
910 skb_dst_set(buff, dst);
4f6570d7 911 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL, tclass,
e9a5dcee 912 priority);
c10d9310 913 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
68d0c6d3 914 if (rst)
c10d9310 915 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
68d0c6d3 916 return;
1da177e4
LT		 917 }
918
919 kfree_skb(buff);
920}
921
a00e7444 922static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
1da177e4 923{
cf533ea5 924 const struct tcphdr *th = tcp_hdr(skb);
323a53c4 925 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
626e264d 926 u32 seq = 0, ack_seq = 0;
fa3e5b4e 927 struct tcp_md5sig_key *key = NULL;
658ddaaf
SL		 928#ifdef CONFIG_TCP_MD5SIG
929 const __u8 *hash_location = NULL;
658ddaaf
SL		 930 unsigned char newhash[16];
931 int genhash;
932 struct sock *sk1 = NULL;
933#endif
323a53c4 934 __be32 label = 0;
e9a5dcee 935 u32 priority = 0;
323a53c4 936 struct net *net;
c24b14c4 937 int oif = 0;
1da177e4 938
626e264d 939 if (th->rst)
1da177e4
LT		 940 return;
941
c3658e8d
ED		 942 /* If sk not NULL, it means we did a successful lookup and incoming
943 * route had to be correct. prequeue might have dropped our dst.
944 */
945 if (!sk && !ipv6_unicast_destination(skb))
626e264d 946 return;
1da177e4 947
39209673 948 net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
cfb6eeb4 949#ifdef CONFIG_TCP_MD5SIG
3b24d854 950 rcu_read_lock();
658ddaaf 951 hash_location = tcp_parse_md5sig_option(th);
271c3b9b 952 if (sk && sk_fullsock(sk)) {
e46787f0
FW		 953 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr);
954 } else if (hash_location) {
658ddaaf
SL		 955 /*
956 * active side is lost. Try to find listening socket through
957 * source port, and then find md5 key through listening socket.
958 * we are not loose security here:
959 * Incoming packet is checked with md5 hash with finding key,
960 * no RST generated if md5 hash doesn't match.
961 */
323a53c4 962 sk1 = inet6_lookup_listener(net,
a583636a
CG		 963 &tcp_hashinfo, NULL, 0,
964 &ipv6h->saddr,
5ba24953 965 th->source, &ipv6h->daddr,
24b711ed
DA		 966 ntohs(th->source),
967 tcp_v6_iif_l3_slave(skb),
4297a0ef 968 tcp_v6_sdif(skb));
658ddaaf 969 if (!sk1)
3b24d854 970 goto out;
658ddaaf 971
658ddaaf
SL		 972 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
973 if (!key)
3b24d854 974 goto out;
658ddaaf 975
39f8e58e 976 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
658ddaaf 977 if (genhash || memcmp(hash_location, newhash, 16) != 0)
3b24d854 978 goto out;
658ddaaf 979 }
cfb6eeb4
YH		 980#endif
981
626e264d
IJ		 982 if (th->ack)
983 seq = ntohl(th->ack_seq);
984 else
985 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
986 (th->doff << 2);
1da177e4 987
c24b14c4
SL		 988 if (sk) {
989 oif = sk->sk_bound_dev_if;
052e0690
ED		 990 if (sk_fullsock(sk)) {
991 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
992
5c487bb9 993 trace_tcp_send_reset(sk, skb);
052e0690
ED		 994 if (np->repflow)
995 label = ip6_flowlabel(ipv6h);
e9a5dcee 996 priority = sk->sk_priority;
052e0690 997 }
50a8accf
ED		 998 if (sk->sk_state == TCP_TIME_WAIT)
999 label = cpu_to_be32(inet_twsk(sk)->tw_flowlabel);
323a53c4 1000 } else {
a346abe0 1001 if (net->ipv6.sysctl.flowlabel_reflect & FLOWLABEL_REFLECT_TCP_RESET)
323a53c4 1002 label = ip6_flowlabel(ipv6h);
c24b14c4
SL		 1003 }
1004
323a53c4 1005 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0,
e9a5dcee 1006 label, priority);
658ddaaf
SL		 1007
1008#ifdef CONFIG_TCP_MD5SIG
3b24d854
ED		 1009out:
1010 rcu_read_unlock();
658ddaaf 1011#endif
626e264d 1012}
1da177e4 1013
a00e7444 1014static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
0f85feae 1015 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
1d13a96c 1016 struct tcp_md5sig_key *key, u8 tclass,
e9a5dcee 1017 __be32 label, u32 priority)
626e264d 1018{
0f85feae 1019 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
e9a5dcee 1020 tclass, label, priority);
1da177e4
LT		 1021}
1022
1023static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1024{
8feaf0c0 1025 struct inet_timewait_sock *tw = inet_twsk(sk);
cfb6eeb4 1026 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1da177e4 1027
0f85feae 1028 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
8feaf0c0 1029 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
9a568de4 1030 tcp_time_stamp_raw() + tcptw->tw_ts_offset,
9c76a114 1031 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
e9a5dcee 1032 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel), 0);
1da177e4 1033
8feaf0c0 1034 inet_twsk_put(tw);
1da177e4
LT		 1035}
1036
a00e7444 1037static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
6edafaaf 1038 struct request_sock *req)
1da177e4 1039{
3a19ce0e
DL		 1040 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
1041 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
1042 */
20a2b49f
ED		 1043 /* RFC 7323 2.3
1044 * The window field (SEG.WND) of every outgoing segment, with the
1045 * exception of <SYN> segments, MUST be right-shifted by
1046 * Rcv.Wind.Shift bits:
1047 */
0f85feae 1048 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
3a19ce0e 1049 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
20a2b49f
ED		 1050 tcp_rsk(req)->rcv_nxt,
1051 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
9a568de4 1052 tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
95a22cae 1053 req->ts_recent, sk->sk_bound_dev_if,
30791ac4 1054 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr),
e9a5dcee 1055 0, 0, sk->sk_priority);
1da177e4
LT		 1056}
1057
1058
079096f1 1059static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
1da177e4 1060{
079096f1 1061#ifdef CONFIG_SYN_COOKIES
aa8223c7 1062 const struct tcphdr *th = tcp_hdr(skb);
1da177e4 1063
af9b4738 1064 if (!th->syn)
c6aefafb 1065 sk = cookie_v6_check(sk, skb);
1da177e4
LT		 1066#endif
1067 return sk;
1068}
1069
9349d600
PP		 1070u16 tcp_v6_get_syncookie(struct sock *sk, struct ipv6hdr *iph,
1071 struct tcphdr *th, u32 *cookie)
1072{
1073 u16 mss = 0;
1074#ifdef CONFIG_SYN_COOKIES
1075 mss = tcp_get_syncookie_mss(&tcp6_request_sock_ops,
1076 &tcp_request_sock_ipv6_ops, sk, th);
1077 if (mss) {
1078 *cookie = __cookie_v6_init_sequence(iph, th, &mss);
1079 tcp_synq_overflow(sk);
1080 }
1081#endif
1082 return mss;
1083}
1084
1da177e4
LT		 1085static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1086{
1da177e4
LT		 1087 if (skb->protocol == htons(ETH_P_IP))
1088 return tcp_v4_conn_request(sk, skb);
1089
1090 if (!ipv6_unicast_destination(skb))
1ab1457c 1091 goto drop;
1da177e4 1092
1fb6f159
OP		 1093 return tcp_conn_request(&tcp6_request_sock_ops,
1094 &tcp_request_sock_ipv6_ops, sk, skb);
1da177e4
LT		 1095
1096drop:
9caad864 1097 tcp_listendrop(sk);
1da177e4
LT		 1098 return 0; /* don't send reset */
1099}
1100
ebf6c9cb
ED		 1101static void tcp_v6_restore_cb(struct sk_buff *skb)
1102{
1103 /* We need to move header back to the beginning if xfrm6_policy_check()
1104 * and tcp_v6_fill_cb() are going to be called again.
1105 * ip6_datagram_recv_specific_ctl() also expects IP6CB to be there.
1106 */
1107 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1108 sizeof(struct inet6_skb_parm));
1109}
1110
0c27171e 1111static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
4c99aa40 1112 struct request_sock *req,
5e0724d0
ED		 1113 struct dst_entry *dst,
1114 struct request_sock *req_unhash,
1115 bool *own_req)
1da177e4 1116{
634fb979 1117 struct inet_request_sock *ireq;
0c27171e 1118 struct ipv6_pinfo *newnp;
93a77c11 1119 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
45f6fad8 1120 struct ipv6_txoptions *opt;
1da177e4
LT		 1121 struct inet_sock *newinet;
1122 struct tcp_sock *newtp;
1123 struct sock *newsk;
cfb6eeb4
YH		 1124#ifdef CONFIG_TCP_MD5SIG
1125 struct tcp_md5sig_key *key;
1126#endif
3840a06e 1127 struct flowi6 fl6;
1da177e4
LT		 1128
1129 if (skb->protocol == htons(ETH_P_IP)) {
1130 /*
1131 * v6 mapped
1132 */
1133
5e0724d0
ED		 1134 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1135 req_unhash, own_req);
1da177e4 1136
63159f29 1137 if (!newsk)
1da177e4
LT		 1138 return NULL;
1139
93a77c11 1140 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1da177e4
LT		 1141
1142 newinet = inet_sk(newsk);
93a77c11 1143 newnp = tcp_inet6_sk(newsk);
1da177e4
LT		 1144 newtp = tcp_sk(newsk);
1145
1146 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1147
d1e559d0 1148 newnp->saddr = newsk->sk_v6_rcv_saddr;
1da177e4 1149
8292a17a 1150 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1da177e4 1151 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
cfb6eeb4
YH		 1152#ifdef CONFIG_TCP_MD5SIG
1153 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1154#endif
1155
83eaddab 1156 newnp->ipv6_mc_list = NULL;
676a1184
YZ		 1157 newnp->ipv6_ac_list = NULL;
1158 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1159 newnp->pktoptions = NULL;
1160 newnp->opt = NULL;
89e41309
ED		 1161 newnp->mcast_oif = inet_iif(skb);
1162 newnp->mcast_hops = ip_hdr(skb)->ttl;
1163 newnp->rcv_flowinfo = 0;
df3687ff 1164 if (np->repflow)
89e41309 1165 newnp->flow_label = 0;
1da177e4 1166
e6848976
ACM		 1167 /*
1168 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1169 * here, tcp_create_openreq_child now does this for us, see the comment in
1170 * that function for the gory details. -acme
1da177e4 1171 */
1da177e4
LT		 1172
1173 /* It is tricky place. Until this moment IPv4 tcp
8292a17a 1174 worked with IPv6 icsk.icsk_af_ops.
1da177e4
LT		 1175 Sync it now.
1176 */
d83d8461 1177 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1da177e4
LT		 1178
1179 return newsk;
1180 }
1181
634fb979 1182 ireq = inet_rsk(req);
1da177e4
LT		 1183
1184 if (sk_acceptq_is_full(sk))
1185 goto out_overflow;
1186
493f377d 1187 if (!dst) {
f76b33c3 1188 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
493f377d 1189 if (!dst)
1da177e4 1190 goto out;
1ab1457c 1191 }
1da177e4
LT		 1192
1193 newsk = tcp_create_openreq_child(sk, req, skb);
63159f29 1194 if (!newsk)
093d2823 1195 goto out_nonewsk;
1da177e4 1196
e6848976
ACM		 1197 /*
1198 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1199 * count here, tcp_create_openreq_child now does this for us, see the
1200 * comment in that function for the gory details. -acme
1201 */
1da177e4 1202
59eed279 1203 newsk->sk_gso_type = SKB_GSO_TCPV6;
6bd4f355 1204 ip6_dst_store(newsk, dst, NULL, NULL);
fae6ef87 1205 inet6_sk_rx_dst_set(newsk, skb);
1da177e4 1206
93a77c11 1207 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1da177e4
LT		 1208
1209 newtp = tcp_sk(newsk);
1210 newinet = inet_sk(newsk);
93a77c11 1211 newnp = tcp_inet6_sk(newsk);
1da177e4
LT		 1212
1213 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1214
634fb979
ED		 1215 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1216 newnp->saddr = ireq->ir_v6_loc_addr;
1217 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1218 newsk->sk_bound_dev_if = ireq->ir_iif;
1da177e4 1219
1ab1457c 1220 /* Now IPv6 options...
1da177e4
LT		 1221
1222 First: no IPv4 options.
1223 */
f6d8bd05 1224 newinet->inet_opt = NULL;
83eaddab 1225 newnp->ipv6_mc_list = NULL;
676a1184 1226 newnp->ipv6_ac_list = NULL;
d35690be 1227 newnp->ipv6_fl_list = NULL;
1da177e4
LT		 1228
1229 /* Clone RX bits */
1230 newnp->rxopt.all = np->rxopt.all;
1231
1da177e4 1232 newnp->pktoptions = NULL;
1da177e4 1233 newnp->opt = NULL;
870c3151 1234 newnp->mcast_oif = tcp_v6_iif(skb);
0660e03f 1235 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1397ed35 1236 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
df3687ff
FF		 1237 if (np->repflow)
1238 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1da177e4
LT		 1239
1240 /* Clone native IPv6 options from listening socket (if any)
1241
1242 Yes, keeping reference count would be much more clever,
1243 but we make one more one thing there: reattach optmem
1244 to newsk.
1245 */
56ac42bc
HD		 1246 opt = ireq->ipv6_opt;
1247 if (!opt)
1248 opt = rcu_dereference(np->opt);
45f6fad8
ED		 1249 if (opt) {
1250 opt = ipv6_dup_options(newsk, opt);
1251 RCU_INIT_POINTER(newnp->opt, opt);
1252 }
d83d8461 1253 inet_csk(newsk)->icsk_ext_hdr_len = 0;
45f6fad8
ED		 1254 if (opt)
1255 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1256 opt->opt_flen;
1da177e4 1257
81164413
DB		 1258 tcp_ca_openreq_child(newsk, dst);
1259
1da177e4 1260 tcp_sync_mss(newsk, dst_mtu(dst));
3541f9e8 1261 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
d135c522 1262
1da177e4
LT		 1263 tcp_initialize_rcv_mss(newsk);
1264
c720c7e8
ED		 1265 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1266 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1da177e4 1267
cfb6eeb4
YH		 1268#ifdef CONFIG_TCP_MD5SIG
1269 /* Copy over the MD5 key from the original socket */
4aa956d8 1270 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
53b24b8f 1271 if (key) {
cfb6eeb4
YH		 1272 /* We're using one, so create a matching key
1273 * on the newsk structure. If we fail to get
1274 * memory, then we end up not copying the key
1275 * across. Shucks.
1276 */
efe4208f 1277 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
6797318e 1278 AF_INET6, 128, key->key, key->keylen,
7450aaf6 1279 sk_gfp_mask(sk, GFP_ATOMIC));
cfb6eeb4
YH		 1280 }
1281#endif
1282
093d2823 1283 if (__inet_inherit_port(sk, newsk) < 0) {
e337e24d
CP		 1284 inet_csk_prepare_forced_close(newsk);
1285 tcp_done(newsk);
093d2823
BS		 1286 goto out;
1287 }
5e0724d0 1288 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
805c4bc0 1289 if (*own_req) {
49a496c9 1290 tcp_move_syn(newtp, req);
805c4bc0
ED		 1291
1292 /* Clone pktoptions received with SYN, if we own the req */
1293 if (ireq->pktopts) {
1294 newnp->pktoptions = skb_clone(ireq->pktopts,
7450aaf6 1295 sk_gfp_mask(sk, GFP_ATOMIC));
805c4bc0
ED		 1296 consume_skb(ireq->pktopts);
1297 ireq->pktopts = NULL;
ebf6c9cb
ED		 1298 if (newnp->pktoptions) {
1299 tcp_v6_restore_cb(newnp->pktoptions);
805c4bc0 1300 skb_set_owner_r(newnp->pktoptions, newsk);
ebf6c9cb 1301 }
805c4bc0 1302 }
ce105008 1303 }
1da177e4
LT		 1304
1305 return newsk;
1306
1307out_overflow:
02a1d6e7 1308 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
093d2823 1309out_nonewsk:
1da177e4 1310 dst_release(dst);
093d2823 1311out:
9caad864 1312 tcp_listendrop(sk);
1da177e4
LT		 1313 return NULL;
1314}
1315
1da177e4 1316/* The socket must have it's spinlock held when we get
e994b2f0 1317 * here, unless it is a TCP_LISTEN socket.
1da177e4
LT		 1318 *
1319 * We have a potential double-lock case here, so even when
1320 * doing backlog processing we use the BH locking scheme.
1321 * This is because we cannot sleep with the original spinlock
1322 * held.
1323 */
1324static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1325{
93a77c11 1326 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1da177e4 1327 struct sk_buff *opt_skb = NULL;
93a77c11 1328 struct tcp_sock *tp;
1da177e4
LT		 1329
1330 /* Imagine: socket is IPv6. IPv4 packet arrives,
1331 goes to IPv4 receive handler and backlogged.
1332 From backlog it always goes here. Kerboom...
1333 Fortunately, tcp_rcv_established and rcv_established
1334 handle them correctly, but it is not case with
1335 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1336 */
1337
1338 if (skb->protocol == htons(ETH_P_IP))
1339 return tcp_v4_do_rcv(sk, skb);
1340
1da177e4
LT		 1341 /*
1342 * socket locking is here for SMP purposes as backlog rcv
1343 * is currently called with bh processing disabled.
1344 */
1345
1346 /* Do Stevens' IPV6_PKTOPTIONS.
1347
1348 Yes, guys, it is the only place in our code, where we
1349 may make it not affecting IPv4.
1350 The rest of code is protocol independent,
1351 and I do not like idea to uglify IPv4.
1352
1353 Actually, all the idea behind IPV6_PKTOPTIONS
1354 looks not very well thought. For now we latch
1355 options, received in the last packet, enqueued
1356 by tcp. Feel free to propose better solution.
1ab1457c 1357 --ANK (980728)
1da177e4
LT		 1358 */
1359 if (np->rxopt.all)
7450aaf6 1360 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC));
1da177e4
LT		 1361
1362 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
5d299f3d
ED		 1363 struct dst_entry *dst = sk->sk_rx_dst;
1364
bdeab991 1365 sock_rps_save_rxhash(sk, skb);
3d97379a 1366 sk_mark_napi_id(sk, skb);
5d299f3d
ED		 1367 if (dst) {
1368 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1369 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1370 dst_release(dst);
1371 sk->sk_rx_dst = NULL;
1372 }
1373 }
1374
3d97d88e 1375 tcp_rcv_established(sk, skb);
1da177e4
LT		 1376 if (opt_skb)
1377 goto ipv6_pktoptions;
1378 return 0;
1379 }
1380
12e25e10 1381 if (tcp_checksum_complete(skb))
1da177e4
LT		 1382 goto csum_err;
1383
1ab1457c 1384 if (sk->sk_state == TCP_LISTEN) {
079096f1
ED		 1385 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1386
1da177e4
LT		 1387 if (!nsk)
1388 goto discard;
1389
4c99aa40 1390 if (nsk != sk) {
1da177e4
LT		 1391 if (tcp_child_process(sk, nsk, skb))
1392 goto reset;
1393 if (opt_skb)
1394 __kfree_skb(opt_skb);
1395 return 0;
1396 }
47482f13 1397 } else
bdeab991 1398 sock_rps_save_rxhash(sk, skb);
1da177e4 1399
72ab4a86 1400 if (tcp_rcv_state_process(sk, skb))
1da177e4 1401 goto reset;
1da177e4
LT		 1402 if (opt_skb)
1403 goto ipv6_pktoptions;
1404 return 0;
1405
1406reset:
cfb6eeb4 1407 tcp_v6_send_reset(sk, skb);
1da177e4
LT		 1408discard:
1409 if (opt_skb)
1410 __kfree_skb(opt_skb);
1411 kfree_skb(skb);
1412 return 0;
1413csum_err:
c10d9310
ED		 1414 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1415 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1da177e4
LT		 1416 goto discard;
1417
1418
1419ipv6_pktoptions:
1420 /* Do you ask, what is it?
1421
1422 1. skb was enqueued by tcp.
1423 2. skb is added to tail of read queue, rather than out of order.
1424 3. socket is not in passive state.
1425 4. Finally, it really contains options, which user wants to receive.
1426 */
1427 tp = tcp_sk(sk);
1428 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1429 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
333fad53 1430 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
870c3151 1431 np->mcast_oif = tcp_v6_iif(opt_skb);
333fad53 1432 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
0660e03f 1433 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
82e9f105 1434 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1397ed35 1435 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
df3687ff
FF		 1436 if (np->repflow)
1437 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
a224772d 1438 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1da177e4 1439 skb_set_owner_r(opt_skb, sk);
8ce48623 1440 tcp_v6_restore_cb(opt_skb);
1da177e4
LT		 1441 opt_skb = xchg(&np->pktoptions, opt_skb);
1442 } else {
1443 __kfree_skb(opt_skb);
1444 opt_skb = xchg(&np->pktoptions, NULL);
1445 }
1446 }
1447
800d55f1 1448 kfree_skb(opt_skb);
1da177e4
LT		 1449 return 0;
1450}
1451
2dc49d16
ND		 1452static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1453 const struct tcphdr *th)
1454{
1455 /* This is tricky: we move IP6CB at its correct location into
1456 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1457 * _decode_session6() uses IP6CB().
1458 * barrier() makes sure compiler won't play aliasing games.
1459 */
1460 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1461 sizeof(struct inet6_skb_parm));
1462 barrier();
1463
1464 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1465 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1466 skb->len - th->doff*4);
1467 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1468 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1469 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1470 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1471 TCP_SKB_CB(skb)->sacked = 0;
98aaa913
MM		 1472 TCP_SKB_CB(skb)->has_rxtstamp =
1473 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
2dc49d16
ND		 1474}
1475
0e219ae4 1476INDIRECT_CALLABLE_SCOPE int tcp_v6_rcv(struct sk_buff *skb)
1da177e4 1477{
8b27dae5 1478 struct sk_buff *skb_to_free;
4297a0ef 1479 int sdif = inet6_sdif(skb);
cf533ea5 1480 const struct tcphdr *th;
b71d1d42 1481 const struct ipv6hdr *hdr;
3b24d854 1482 bool refcounted;
1da177e4
LT		 1483 struct sock *sk;
1484 int ret;
a86b1e30 1485 struct net *net = dev_net(skb->dev);
1da177e4
LT		 1486
1487 if (skb->pkt_type != PACKET_HOST)
1488 goto discard_it;
1489
1490 /*
1491 * Count it even if it's bad.
1492 */
90bbcc60 1493 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1da177e4
LT		 1494
1495 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1496 goto discard_it;
1497
ea1627c2 1498 th = (const struct tcphdr *)skb->data;
1da177e4 1499
ea1627c2 1500 if (unlikely(th->doff < sizeof(struct tcphdr)/4))
1da177e4
LT		 1501 goto bad_packet;
1502 if (!pskb_may_pull(skb, th->doff*4))
1503 goto discard_it;
1504
e4f45b7f 1505 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
6a5dc9e5 1506 goto csum_error;
1da177e4 1507
ea1627c2 1508 th = (const struct tcphdr *)skb->data;
e802af9c 1509 hdr = ipv6_hdr(skb);
1da177e4 1510
4bdc3d66 1511lookup:
a583636a 1512 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th),
4297a0ef 1513 th->source, th->dest, inet6_iif(skb), sdif,
3b24d854 1514 &refcounted);
1da177e4
LT		 1515 if (!sk)
1516 goto no_tcp_socket;
1517
1518process:
1519 if (sk->sk_state == TCP_TIME_WAIT)
1520 goto do_time_wait;
1521
079096f1
ED		 1522 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1523 struct request_sock *req = inet_reqsk(sk);
e0f9759f 1524 bool req_stolen = false;
7716682c 1525 struct sock *nsk;
079096f1
ED		 1526
1527 sk = req->rsk_listener;
079096f1 1528 if (tcp_v6_inbound_md5_hash(sk, skb)) {
e65c332d 1529 sk_drops_add(sk, skb);
079096f1
ED		 1530 reqsk_put(req);
1531 goto discard_it;
1532 }
4fd44a98
FL		 1533 if (tcp_checksum_complete(skb)) {
1534 reqsk_put(req);
1535 goto csum_error;
1536 }
7716682c 1537 if (unlikely(sk->sk_state != TCP_LISTEN)) {
f03f2e15 1538 inet_csk_reqsk_queue_drop_and_put(sk, req);
4bdc3d66
ED		 1539 goto lookup;
1540 }
7716682c 1541 sock_hold(sk);
3b24d854 1542 refcounted = true;
1f3b359f 1543 nsk = NULL;
eeea10b8
ED		 1544 if (!tcp_filter(sk, skb)) {
1545 th = (const struct tcphdr *)skb->data;
1546 hdr = ipv6_hdr(skb);
1547 tcp_v6_fill_cb(skb, hdr, th);
e0f9759f 1548 nsk = tcp_check_req(sk, skb, req, false, &req_stolen);
eeea10b8 1549 }
079096f1
ED		 1550 if (!nsk) {
1551 reqsk_put(req);
e0f9759f
ED		 1552 if (req_stolen) {
1553 /* Another cpu got exclusive access to req
1554 * and created a full blown socket.
1555 * Try to feed this packet to this socket
1556 * instead of discarding it.
1557 */
1558 tcp_v6_restore_cb(skb);
1559 sock_put(sk);
1560 goto lookup;
1561 }
7716682c 1562 goto discard_and_relse;
079096f1
ED		 1563 }
1564 if (nsk == sk) {
079096f1
ED		 1565 reqsk_put(req);
1566 tcp_v6_restore_cb(skb);
1567 } else if (tcp_child_process(sk, nsk, skb)) {
1568 tcp_v6_send_reset(nsk, skb);
7716682c 1569 goto discard_and_relse;
079096f1 1570 } else {
7716682c 1571 sock_put(sk);
079096f1
ED		 1572 return 0;
1573 }
1574 }
93a77c11 1575 if (hdr->hop_limit < tcp_inet6_sk(sk)->min_hopcount) {
02a1d6e7 1576 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
e802af9c
SH		 1577 goto discard_and_relse;
1578 }
1579
1da177e4
LT		 1580 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1581 goto discard_and_relse;
1582
9ea88a15
DP		 1583 if (tcp_v6_inbound_md5_hash(sk, skb))
1584 goto discard_and_relse;
9ea88a15 1585
ac6e7800 1586 if (tcp_filter(sk, skb))
1da177e4 1587 goto discard_and_relse;
ac6e7800
ED		 1588 th = (const struct tcphdr *)skb->data;
1589 hdr = ipv6_hdr(skb);
eeea10b8 1590 tcp_v6_fill_cb(skb, hdr, th);
1da177e4
LT		 1591
1592 skb->dev = NULL;
1593
e994b2f0
ED		 1594 if (sk->sk_state == TCP_LISTEN) {
1595 ret = tcp_v6_do_rcv(sk, skb);
1596 goto put_and_return;
1597 }
1598
1599 sk_incoming_cpu_update(sk);
1600
293b9c42 1601 bh_lock_sock_nested(sk);
a44d6eac 1602 tcp_segs_in(tcp_sk(sk), skb);
1da177e4
LT		 1603 ret = 0;
1604 if (!sock_owned_by_user(sk)) {
8b27dae5
ED		 1605 skb_to_free = sk->sk_rx_skb_cache;
1606 sk->sk_rx_skb_cache = NULL;
e7942d06 1607 ret = tcp_v6_do_rcv(sk, skb);
8b27dae5
ED		 1608 } else {
1609 if (tcp_add_backlog(sk, skb))
1610 goto discard_and_relse;
1611 skb_to_free = NULL;
6b03a53a 1612 }
1da177e4 1613 bh_unlock_sock(sk);
8b27dae5
ED		 1614 if (skb_to_free)
1615 __kfree_skb(skb_to_free);
e994b2f0 1616put_and_return:
3b24d854
ED		 1617 if (refcounted)
1618 sock_put(sk);
1da177e4
LT		 1619 return ret ? -1 : 0;
1620
1621no_tcp_socket:
1622 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1623 goto discard_it;
1624
2dc49d16
ND		 1625 tcp_v6_fill_cb(skb, hdr, th);
1626
12e25e10 1627 if (tcp_checksum_complete(skb)) {
6a5dc9e5 1628csum_error:
90bbcc60 1629 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1da177e4 1630bad_packet:
90bbcc60 1631 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1da177e4 1632 } else {
cfb6eeb4 1633 tcp_v6_send_reset(NULL, skb);
1da177e4
LT		 1634 }
1635
1636discard_it:
1da177e4
LT		 1637 kfree_skb(skb);
1638 return 0;
1639
1640discard_and_relse:
532182cd 1641 sk_drops_add(sk, skb);
3b24d854
ED		 1642 if (refcounted)
1643 sock_put(sk);
1da177e4
LT		 1644 goto discard_it;
1645
1646do_time_wait:
1647 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
9469c7b4 1648 inet_twsk_put(inet_twsk(sk));
1da177e4
LT		 1649 goto discard_it;
1650 }
1651
2dc49d16
ND		 1652 tcp_v6_fill_cb(skb, hdr, th);
1653
6a5dc9e5
ED		 1654 if (tcp_checksum_complete(skb)) {
1655 inet_twsk_put(inet_twsk(sk));
1656 goto csum_error;
1da177e4
LT		 1657 }
1658
9469c7b4 1659 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1da177e4
LT		 1660 case TCP_TW_SYN:
1661 {
1662 struct sock *sk2;
1663
c346dca1 1664 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
a583636a 1665 skb, __tcp_hdrlen(th),
5ba24953 1666 &ipv6_hdr(skb)->saddr, th->source,
0660e03f 1667 &ipv6_hdr(skb)->daddr,
24b711ed
DA		 1668 ntohs(th->dest),
1669 tcp_v6_iif_l3_slave(skb),
4297a0ef 1670 sdif);
53b24b8f 1671 if (sk2) {
295ff7ed 1672 struct inet_timewait_sock *tw = inet_twsk(sk);
dbe7faa4 1673 inet_twsk_deschedule_put(tw);
1da177e4 1674 sk = sk2;
4ad19de8 1675 tcp_v6_restore_cb(skb);
3b24d854 1676 refcounted = false;
1da177e4
LT		 1677 goto process;
1678 }
1da177e4 1679 }
275757e6
GS		 1680 /* to ACK */
1681 /* fall through */
1da177e4
LT		 1682 case TCP_TW_ACK:
1683 tcp_v6_timewait_ack(sk, skb);
1684 break;
1685 case TCP_TW_RST:
271c3b9b
FW		 1686 tcp_v6_send_reset(sk, skb);
1687 inet_twsk_deschedule_put(inet_twsk(sk));
1688 goto discard_it;
4aa956d8
WY		 1689 case TCP_TW_SUCCESS:
1690 ;
1da177e4
LT		 1691 }
1692 goto discard_it;
1693}
1694
97ff7ffb 1695INDIRECT_CALLABLE_SCOPE void tcp_v6_early_demux(struct sk_buff *skb)
c7109986
ED		 1696{
1697 const struct ipv6hdr *hdr;
1698 const struct tcphdr *th;
1699 struct sock *sk;
1700
1701 if (skb->pkt_type != PACKET_HOST)
1702 return;
1703
1704 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1705 return;
1706
1707 hdr = ipv6_hdr(skb);
1708 th = tcp_hdr(skb);
1709
1710 if (th->doff < sizeof(struct tcphdr) / 4)
1711 return;
1712
870c3151 1713 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
c7109986
ED		 1714 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1715 &hdr->saddr, th->source,
1716 &hdr->daddr, ntohs(th->dest),
4297a0ef 1717 inet6_iif(skb), inet6_sdif(skb));
c7109986
ED		 1718 if (sk) {
1719 skb->sk = sk;
1720 skb->destructor = sock_edemux;
f7e4eb03 1721 if (sk_fullsock(sk)) {
d0c294c5 1722 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
f3f12135 1723
c7109986 1724 if (dst)
93a77c11 1725 dst = dst_check(dst, tcp_inet6_sk(sk)->rx_dst_cookie);
c7109986 1726 if (dst &&
f3f12135 1727 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
c7109986
ED		 1728 skb_dst_set_noref(skb, dst);
1729 }
1730 }
1731}
1732
ccb7c410
DM		 1733static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1734 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1735 .twsk_unique = tcp_twsk_unique,
4aa956d8 1736 .twsk_destructor = tcp_twsk_destructor,
ccb7c410
DM		 1737};
1738
3b401a81 1739static const struct inet_connection_sock_af_ops ipv6_specific = {
543d9cfe
ACM		 1740 .queue_xmit = inet6_csk_xmit,
1741 .send_check = tcp_v6_send_check,
1742 .rebuild_header = inet6_sk_rebuild_header,
5d299f3d 1743 .sk_rx_dst_set = inet6_sk_rx_dst_set,
543d9cfe
ACM		 1744 .conn_request = tcp_v6_conn_request,
1745 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe 1746 .net_header_len = sizeof(struct ipv6hdr),
67469601 1747 .net_frag_header_len = sizeof(struct frag_hdr),
543d9cfe
ACM		 1748 .setsockopt = ipv6_setsockopt,
1749 .getsockopt = ipv6_getsockopt,
1750 .addr2sockaddr = inet6_csk_addr2sockaddr,
1751 .sockaddr_len = sizeof(struct sockaddr_in6),
3fdadf7d 1752#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1753 .compat_setsockopt = compat_ipv6_setsockopt,
1754 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1755#endif
4fab9071 1756 .mtu_reduced = tcp_v6_mtu_reduced,
1da177e4
LT		 1757};
1758
cfb6eeb4 1759#ifdef CONFIG_TCP_MD5SIG
b2e4b3de 1760static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
cfb6eeb4 1761 .md5_lookup = tcp_v6_md5_lookup,
49a72dfb 1762 .calc_md5_hash = tcp_v6_md5_hash_skb,
cfb6eeb4 1763 .md5_parse = tcp_v6_parse_md5_keys,
cfb6eeb4 1764};
a928630a 1765#endif
cfb6eeb4 1766
1da177e4
LT		 1767/*
1768 * TCP over IPv4 via INET6 API
1769 */
3b401a81 1770static const struct inet_connection_sock_af_ops ipv6_mapped = {
543d9cfe
ACM		 1771 .queue_xmit = ip_queue_xmit,
1772 .send_check = tcp_v4_send_check,
1773 .rebuild_header = inet_sk_rebuild_header,
63d02d15 1774 .sk_rx_dst_set = inet_sk_rx_dst_set,
543d9cfe
ACM		 1775 .conn_request = tcp_v6_conn_request,
1776 .syn_recv_sock = tcp_v6_syn_recv_sock,
543d9cfe
ACM		 1777 .net_header_len = sizeof(struct iphdr),
1778 .setsockopt = ipv6_setsockopt,
1779 .getsockopt = ipv6_getsockopt,
1780 .addr2sockaddr = inet6_csk_addr2sockaddr,
1781 .sockaddr_len = sizeof(struct sockaddr_in6),
3fdadf7d 1782#ifdef CONFIG_COMPAT
543d9cfe
ACM		 1783 .compat_setsockopt = compat_ipv6_setsockopt,
1784 .compat_getsockopt = compat_ipv6_getsockopt,
3fdadf7d 1785#endif
4fab9071 1786 .mtu_reduced = tcp_v4_mtu_reduced,
1da177e4
LT		 1787};
1788
cfb6eeb4 1789#ifdef CONFIG_TCP_MD5SIG
b2e4b3de 1790static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
cfb6eeb4 1791 .md5_lookup = tcp_v4_md5_lookup,
49a72dfb 1792 .calc_md5_hash = tcp_v4_md5_hash_skb,
cfb6eeb4 1793 .md5_parse = tcp_v6_parse_md5_keys,
cfb6eeb4 1794};
a928630a 1795#endif
cfb6eeb4 1796
1da177e4
LT		 1797/* NOTE: A lot of things set to zero explicitly by call to
1798 * sk_alloc() so need not be done here.
1799 */
1800static int tcp_v6_init_sock(struct sock *sk)
1801{
6687e988 1802 struct inet_connection_sock *icsk = inet_csk(sk);
1da177e4 1803
900f65d3 1804 tcp_init_sock(sk);
1da177e4 1805
8292a17a 1806 icsk->icsk_af_ops = &ipv6_specific;
1da177e4 1807
cfb6eeb4 1808#ifdef CONFIG_TCP_MD5SIG
ac807fa8 1809 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
cfb6eeb4
YH		 1810#endif
1811
1da177e4
LT		 1812 return 0;
1813}
1814
7d06b2e0 1815static void tcp_v6_destroy_sock(struct sock *sk)
1da177e4 1816{
1da177e4 1817 tcp_v4_destroy_sock(sk);
7d06b2e0 1818 inet6_destroy_sock(sk);
1da177e4
LT		 1819}
1820
952a10be 1821#ifdef CONFIG_PROC_FS
1da177e4 1822/* Proc filesystem TCPv6 sock list dumping. */
1ab1457c 1823static void get_openreq6(struct seq_file *seq,
aa3a0c8c 1824 const struct request_sock *req, int i)
1da177e4 1825{
fa76ce73 1826 long ttd = req->rsk_timer.expires - jiffies;
634fb979
ED		 1827 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1828 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1da177e4
LT		 1829
1830 if (ttd < 0)
1831 ttd = 0;
1832
1da177e4
LT		 1833 seq_printf(seq,
1834 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
d14c5ab6 1835 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1da177e4
LT		 1836 i,
1837 src->s6_addr32[0], src->s6_addr32[1],
1838 src->s6_addr32[2], src->s6_addr32[3],
b44084c2 1839 inet_rsk(req)->ir_num,
1da177e4
LT		 1840 dest->s6_addr32[0], dest->s6_addr32[1],
1841 dest->s6_addr32[2], dest->s6_addr32[3],
634fb979 1842 ntohs(inet_rsk(req)->ir_rmt_port),
1da177e4 1843 TCP_SYN_RECV,
4c99aa40 1844 0, 0, /* could print option size, but that is af dependent. */
1ab1457c
YH		 1845 1, /* timers active (only the expire timer) */
1846 jiffies_to_clock_t(ttd),
e6c022a4 1847 req->num_timeout,
aa3a0c8c
ED		 1848 from_kuid_munged(seq_user_ns(seq),
1849 sock_i_uid(req->rsk_listener)),
1ab1457c 1850 0, /* non standard timer */
1da177e4
LT		 1851 0, /* open_requests have no inode */
1852 0, req);
1853}
1854
1855static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1856{
b71d1d42 1857 const struct in6_addr *dest, *src;
1da177e4
LT		 1858 __u16 destp, srcp;
1859 int timer_active;
1860 unsigned long timer_expires;
cf533ea5
ED		 1861 const struct inet_sock *inet = inet_sk(sp);
1862 const struct tcp_sock *tp = tcp_sk(sp);
463c84b9 1863 const struct inet_connection_sock *icsk = inet_csk(sp);
0536fcc0 1864 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
00fd38d9
ED		 1865 int rx_queue;
1866 int state;
1da177e4 1867
efe4208f
ED		 1868 dest = &sp->sk_v6_daddr;
1869 src = &sp->sk_v6_rcv_saddr;
c720c7e8
ED		 1870 destp = ntohs(inet->inet_dport);
1871 srcp = ntohs(inet->inet_sport);
463c84b9 1872
ce3cf4ec 1873 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
57dde7f7 1874 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
ce3cf4ec 1875 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
1da177e4 1876 timer_active = 1;
463c84b9
ACM		 1877 timer_expires = icsk->icsk_timeout;
1878 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1da177e4 1879 timer_active = 4;
463c84b9 1880 timer_expires = icsk->icsk_timeout;
1da177e4
LT		 1881 } else if (timer_pending(&sp->sk_timer)) {
1882 timer_active = 2;
1883 timer_expires = sp->sk_timer.expires;
1884 } else {
1885 timer_active = 0;
1886 timer_expires = jiffies;
1887 }
1888
986ffdfd 1889 state = inet_sk_state_load(sp);
00fd38d9
ED		 1890 if (state == TCP_LISTEN)
1891 rx_queue = sp->sk_ack_backlog;
1892 else
1893 /* Because we don't lock the socket,
1894 * we might find a transient negative value.
1895 */
1896 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
1897
1da177e4
LT		 1898 seq_printf(seq,
1899 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
d14c5ab6 1900 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1da177e4
LT		 1901 i,
1902 src->s6_addr32[0], src->s6_addr32[1],
1903 src->s6_addr32[2], src->s6_addr32[3], srcp,
1904 dest->s6_addr32[0], dest->s6_addr32[1],
1905 dest->s6_addr32[2], dest->s6_addr32[3], destp,
00fd38d9
ED		 1906 state,
1907 tp->write_seq - tp->snd_una,
1908 rx_queue,
1da177e4 1909 timer_active,
a399a805 1910 jiffies_delta_to_clock_t(timer_expires - jiffies),
463c84b9 1911 icsk->icsk_retransmits,
a7cb5a49 1912 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
6687e988 1913 icsk->icsk_probes_out,
1da177e4 1914 sock_i_ino(sp),
41c6d650 1915 refcount_read(&sp->sk_refcnt), sp,
7be87351
SH		 1916 jiffies_to_clock_t(icsk->icsk_rto),
1917 jiffies_to_clock_t(icsk->icsk_ack.ato),
31954cd8 1918 (icsk->icsk_ack.quick << 1) | inet_csk_in_pingpong_mode(sp),
0b6a05c1 1919 tp->snd_cwnd,
00fd38d9 1920 state == TCP_LISTEN ?
0536fcc0 1921 fastopenq->max_qlen :
0a672f74 1922 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1da177e4
LT		 1923 );
1924}
1925
1ab1457c 1926static void get_timewait6_sock(struct seq_file *seq,
8feaf0c0 1927 struct inet_timewait_sock *tw, int i)
1da177e4 1928{
789f558c 1929 long delta = tw->tw_timer.expires - jiffies;
b71d1d42 1930 const struct in6_addr *dest, *src;
1da177e4 1931 __u16 destp, srcp;
1da177e4 1932
efe4208f
ED		 1933 dest = &tw->tw_v6_daddr;
1934 src = &tw->tw_v6_rcv_saddr;
1da177e4
LT		 1935 destp = ntohs(tw->tw_dport);
1936 srcp = ntohs(tw->tw_sport);
1937
1938 seq_printf(seq,
1939 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
71338aa7 1940 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1da177e4
LT		 1941 i,
1942 src->s6_addr32[0], src->s6_addr32[1],
1943 src->s6_addr32[2], src->s6_addr32[3], srcp,
1944 dest->s6_addr32[0], dest->s6_addr32[1],
1945 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1946 tw->tw_substate, 0, 0,
a399a805 1947 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
41c6d650 1948 refcount_read(&tw->tw_refcnt), tw);
1da177e4
LT		 1949}
1950
1da177e4
LT		 1951static int tcp6_seq_show(struct seq_file *seq, void *v)
1952{
1953 struct tcp_iter_state *st;
05dbc7b5 1954 struct sock *sk = v;
1da177e4
LT		 1955
1956 if (v == SEQ_START_TOKEN) {
1957 seq_puts(seq,
1958 " sl "
1959 "local_address "
1960 "remote_address "
1961 "st tx_queue rx_queue tr tm->when retrnsmt"
1962 " uid timeout inode\n");
1963 goto out;
1964 }
1965 st = seq->private;
1966
079096f1
ED		 1967 if (sk->sk_state == TCP_TIME_WAIT)
1968 get_timewait6_sock(seq, v, st->num);
1969 else if (sk->sk_state == TCP_NEW_SYN_RECV)
aa3a0c8c 1970 get_openreq6(seq, v, st->num);
079096f1
ED		 1971 else
1972 get_tcp6_sock(seq, v, st->num);
1da177e4
LT		 1973out:
1974 return 0;
1975}
1976
37d849bb
CH		 1977static const struct seq_operations tcp6_seq_ops = {
1978 .show = tcp6_seq_show,
1979 .start = tcp_seq_start,
1980 .next = tcp_seq_next,
1981 .stop = tcp_seq_stop,
1982};
1983
1da177e4 1984static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1da177e4 1985 .family = AF_INET6,
1da177e4
LT		 1986};
1987
2c8c1e72 1988int __net_init tcp6_proc_init(struct net *net)
1da177e4 1989{
c3506372
CH		 1990 if (!proc_create_net_data("tcp6", 0444, net->proc_net, &tcp6_seq_ops,
1991 sizeof(struct tcp_iter_state), &tcp6_seq_afinfo))
37d849bb
CH		 1992 return -ENOMEM;
1993 return 0;
1da177e4
LT		 1994}
1995
6f8b13bc 1996void tcp6_proc_exit(struct net *net)
1da177e4 1997{
37d849bb 1998 remove_proc_entry("tcp6", net->proc_net);
1da177e4
LT		 1999}
2000#endif
2001
2002struct proto tcpv6_prot = {
2003 .name = "TCPv6",
2004 .owner = THIS_MODULE,
2005 .close = tcp_close,
d74bad4e 2006 .pre_connect = tcp_v6_pre_connect,
1da177e4
LT		 2007 .connect = tcp_v6_connect,
2008 .disconnect = tcp_disconnect,
463c84b9 2009 .accept = inet_csk_accept,
1da177e4
LT		 2010 .ioctl = tcp_ioctl,
2011 .init = tcp_v6_init_sock,
2012 .destroy = tcp_v6_destroy_sock,
2013 .shutdown = tcp_shutdown,
2014 .setsockopt = tcp_setsockopt,
2015 .getsockopt = tcp_getsockopt,
4b9d07a4 2016 .keepalive = tcp_set_keepalive,
1da177e4 2017 .recvmsg = tcp_recvmsg,
7ba42910
CG		 2018 .sendmsg = tcp_sendmsg,
2019 .sendpage = tcp_sendpage,
1da177e4 2020 .backlog_rcv = tcp_v6_do_rcv,
46d3ceab 2021 .release_cb = tcp_release_cb,
496611d7 2022 .hash = inet6_hash,
ab1e0a13
ACM		 2023 .unhash = inet_unhash,
2024 .get_port = inet_csk_get_port,
1da177e4 2025 .enter_memory_pressure = tcp_enter_memory_pressure,
06044751 2026 .leave_memory_pressure = tcp_leave_memory_pressure,
c9bee3b7 2027 .stream_memory_free = tcp_stream_memory_free,
1da177e4
LT		 2028 .sockets_allocated = &tcp_sockets_allocated,
2029 .memory_allocated = &tcp_memory_allocated,
2030 .memory_pressure = &tcp_memory_pressure,
0a5578cf 2031 .orphan_count = &tcp_orphan_count,
a4fe34bf 2032 .sysctl_mem = sysctl_tcp_mem,
356d1833
ED		 2033 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
2034 .sysctl_rmem_offset = offsetof(struct net, ipv4.sysctl_tcp_rmem),
1da177e4
LT		 2035 .max_header = MAX_TCP_HEADER,
2036 .obj_size = sizeof(struct tcp6_sock),
5f0d5a3a 2037 .slab_flags = SLAB_TYPESAFE_BY_RCU,
6d6ee43e 2038 .twsk_prot = &tcp6_timewait_sock_ops,
60236fdd 2039 .rsk_prot = &tcp6_request_sock_ops,
39d8cda7 2040 .h.hashinfo = &tcp_hashinfo,
7ba42910 2041 .no_autobind = true,
543d9cfe
ACM		 2042#ifdef CONFIG_COMPAT
2043 .compat_setsockopt = compat_tcp_setsockopt,
2044 .compat_getsockopt = compat_tcp_getsockopt,
d1a4c0b3 2045#endif
c1e64e29 2046 .diag_destroy = tcp_abort,
1da177e4
LT		 2047};
2048
a8e3bb34
DA		 2049/* thinking of making this const? Don't.
2050 * early_demux can change based on sysctl.
2051 */
39294c3d 2052static struct inet6_protocol tcpv6_protocol = {
c7109986 2053 .early_demux = tcp_v6_early_demux,
dddb64bc 2054 .early_demux_handler = tcp_v6_early_demux,
1da177e4
LT		 2055 .handler = tcp_v6_rcv,
2056 .err_handler = tcp_v6_err,
2057 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2058};
2059
1da177e4
LT		 2060static struct inet_protosw tcpv6_protosw = {
2061 .type = SOCK_STREAM,
2062 .protocol = IPPROTO_TCP,
2063 .prot = &tcpv6_prot,
2064 .ops = &inet6_stream_ops,
d83d8461
ACM		 2065 .flags = INET_PROTOSW_PERMANENT |
2066 INET_PROTOSW_ICSK,
1da177e4
LT		 2067};
2068
2c8c1e72 2069static int __net_init tcpv6_net_init(struct net *net)
93ec926b 2070{
5677242f
DL		 2071 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2072 SOCK_RAW, IPPROTO_TCP, net);
93ec926b
DL		 2073}
2074
2c8c1e72 2075static void __net_exit tcpv6_net_exit(struct net *net)
93ec926b 2076{
5677242f 2077 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
b099ce26
EB		 2078}
2079
2c8c1e72 2080static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
b099ce26 2081{
1946e672 2082 inet_twsk_purge(&tcp_hashinfo, AF_INET6);
93ec926b
DL		 2083}
2084
2085static struct pernet_operations tcpv6_net_ops = {
b099ce26
EB		 2086 .init = tcpv6_net_init,
2087 .exit = tcpv6_net_exit,
2088 .exit_batch = tcpv6_net_exit_batch,
93ec926b
DL		 2089};
2090
7f4e4868 2091int __init tcpv6_init(void)
1da177e4 2092{
7f4e4868
DL		 2093 int ret;
2094
3336288a
VY		 2095 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2096 if (ret)
c6b641a4 2097 goto out;
3336288a 2098
1da177e4 2099 /* register inet6 protocol */
7f4e4868
DL		 2100 ret = inet6_register_protosw(&tcpv6_protosw);
2101 if (ret)
2102 goto out_tcpv6_protocol;
2103
93ec926b 2104 ret = register_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2105 if (ret)
2106 goto out_tcpv6_protosw;
2107out:
2108 return ret;
ae0f7d5f 2109
7f4e4868
DL		 2110out_tcpv6_protosw:
2111 inet6_unregister_protosw(&tcpv6_protosw);
3336288a
VY		 2112out_tcpv6_protocol:
2113 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
7f4e4868
DL		 2114 goto out;
2115}
2116
09f7709f 2117void tcpv6_exit(void)
7f4e4868 2118{
93ec926b 2119 unregister_pernet_subsys(&tcpv6_net_ops);
7f4e4868
DL		 2120 inet6_unregister_protosw(&tcpv6_protosw);
2121 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
1da177e4 2122}
Linux 6.x block layer and io_uring tree(s)