2 * IPv6 output functions
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * Based on linux/net/ipv4/ip_output.c
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version
13 * 2 of the License, or (at your option) any later version.
16 * A.N.Kuznetsov : airthmetics in fragmentation.
17 * extension headers are implemented.
18 * route changes now work.
19 * ip6_forward does not confuse sniffers.
22 * H. von Brand : Added missing #include <linux/string.h>
23 * Imran Patel : frag id should be in NBO
24 * Kazunori MIYAZAWA @USAGI
25 * : add ip6_append_data and related functions
29 #include <linux/errno.h>
30 #include <linux/kernel.h>
31 #include <linux/string.h>
32 #include <linux/socket.h>
33 #include <linux/net.h>
34 #include <linux/netdevice.h>
35 #include <linux/if_arp.h>
36 #include <linux/in6.h>
37 #include <linux/tcp.h>
38 #include <linux/route.h>
39 #include <linux/module.h>
40 #include <linux/slab.h>
42 #include <linux/netfilter.h>
43 #include <linux/netfilter_ipv6.h>
49 #include <net/ndisc.h>
50 #include <net/protocol.h>
51 #include <net/ip6_route.h>
52 #include <net/addrconf.h>
53 #include <net/rawv6.h>
56 #include <net/checksum.h>
57 #include <linux/mroute6.h>
59 int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *));
61 int __ip6_local_out(struct sk_buff *skb)
65 len = skb->len - sizeof(struct ipv6hdr);
66 if (len > IPV6_MAXPLEN)
68 ipv6_hdr(skb)->payload_len = htons(len);
70 return nf_hook(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL,
71 skb_dst(skb)->dev, dst_output);
74 int ip6_local_out(struct sk_buff *skb)
78 err = __ip6_local_out(skb);
80 err = dst_output(skb);
84 EXPORT_SYMBOL_GPL(ip6_local_out);
86 /* dev_loopback_xmit for use with netfilter. */
87 static int ip6_dev_loopback_xmit(struct sk_buff *newskb)
89 skb_reset_mac_header(newskb);
90 __skb_pull(newskb, skb_network_offset(newskb));
91 newskb->pkt_type = PACKET_LOOPBACK;
92 newskb->ip_summed = CHECKSUM_UNNECESSARY;
93 WARN_ON(!skb_dst(newskb));
99 static int ip6_finish_output2(struct sk_buff *skb)
101 struct dst_entry *dst = skb_dst(skb);
102 struct net_device *dev = dst->dev;
103 struct neighbour *neigh;
105 skb->protocol = htons(ETH_P_IPV6);
108 if (ipv6_addr_is_multicast(&ipv6_hdr(skb)->daddr)) {
109 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
111 if (!(dev->flags & IFF_LOOPBACK) && sk_mc_loop(skb->sk) &&
112 ((mroute6_socket(dev_net(dev), skb) &&
113 !(IP6CB(skb)->flags & IP6SKB_FORWARDED)) ||
114 ipv6_chk_mcast_addr(dev, &ipv6_hdr(skb)->daddr,
115 &ipv6_hdr(skb)->saddr))) {
116 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
118 /* Do not check for IFF_ALLMULTI; multicast routing
119 is not supported in any case.
122 NF_HOOK(NFPROTO_IPV6, NF_INET_POST_ROUTING,
123 newskb, NULL, newskb->dev,
124 ip6_dev_loopback_xmit);
126 if (ipv6_hdr(skb)->hop_limit == 0) {
127 IP6_INC_STATS(dev_net(dev), idev,
128 IPSTATS_MIB_OUTDISCARDS);
134 IP6_UPD_PO_STATS(dev_net(dev), idev, IPSTATS_MIB_OUTMCAST,
138 neigh = dst->neighbour;
140 struct hh_cache *hh = &neigh->hh;
142 return neigh_hh_output(hh, skb);
144 return dst->neighbour->output(skb);
146 IP6_INC_STATS_BH(dev_net(dst->dev),
147 ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);
152 static int ip6_finish_output(struct sk_buff *skb)
154 if ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) ||
155 dst_allfrag(skb_dst(skb)))
156 return ip6_fragment(skb, ip6_finish_output2);
158 return ip6_finish_output2(skb);
161 int ip6_output(struct sk_buff *skb)
163 struct net_device *dev = skb_dst(skb)->dev;
164 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
165 if (unlikely(idev->cnf.disable_ipv6)) {
166 IP6_INC_STATS(dev_net(dev), idev,
167 IPSTATS_MIB_OUTDISCARDS);
172 return NF_HOOK_COND(NFPROTO_IPV6, NF_INET_POST_ROUTING, skb, NULL, dev,
174 !(IP6CB(skb)->flags & IP6SKB_REROUTED));
178 * xmit an sk_buff (used by TCP, SCTP and DCCP)
181 int ip6_xmit(struct sock *sk, struct sk_buff *skb, struct flowi6 *fl6,
182 struct ipv6_txoptions *opt)
184 struct net *net = sock_net(sk);
185 struct ipv6_pinfo *np = inet6_sk(sk);
186 struct in6_addr *first_hop = &fl6->daddr;
187 struct dst_entry *dst = skb_dst(skb);
189 u8 proto = fl6->flowi6_proto;
190 int seg_len = skb->len;
196 unsigned int head_room;
198 /* First: exthdrs may take lots of space (~8K for now)
199 MAX_HEADER is not enough.
201 head_room = opt->opt_nflen + opt->opt_flen;
202 seg_len += head_room;
203 head_room += sizeof(struct ipv6hdr) + LL_RESERVED_SPACE(dst->dev);
205 if (skb_headroom(skb) < head_room) {
206 struct sk_buff *skb2 = skb_realloc_headroom(skb, head_room);
208 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
209 IPSTATS_MIB_OUTDISCARDS);
215 skb_set_owner_w(skb, sk);
218 ipv6_push_frag_opts(skb, opt, &proto);
220 ipv6_push_nfrag_opts(skb, opt, &proto, &first_hop);
223 skb_push(skb, sizeof(struct ipv6hdr));
224 skb_reset_network_header(skb);
228 * Fill in the IPv6 header
232 hlimit = np->hop_limit;
235 hlimit = ip6_dst_hoplimit(dst);
237 *(__be32 *)hdr = htonl(0x60000000 | (tclass << 20)) | fl6->flowlabel;
239 hdr->payload_len = htons(seg_len);
240 hdr->nexthdr = proto;
241 hdr->hop_limit = hlimit;
243 ipv6_addr_copy(&hdr->saddr, &fl6->saddr);
244 ipv6_addr_copy(&hdr->daddr, first_hop);
246 skb->priority = sk->sk_priority;
247 skb->mark = sk->sk_mark;
250 if ((skb->len <= mtu) || skb->local_df || skb_is_gso(skb)) {
251 IP6_UPD_PO_STATS(net, ip6_dst_idev(skb_dst(skb)),
252 IPSTATS_MIB_OUT, skb->len);
253 return NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL,
254 dst->dev, dst_output);
258 printk(KERN_DEBUG "IPv6: sending pkt_too_big to self\n");
260 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
261 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), IPSTATS_MIB_FRAGFAILS);
266 EXPORT_SYMBOL(ip6_xmit);
269 * To avoid extra problems ND packets are send through this
270 * routine. It's code duplication but I really want to avoid
271 * extra checks since ipv6_build_header is used by TCP (which
272 * is for us performance critical)
275 int ip6_nd_hdr(struct sock *sk, struct sk_buff *skb, struct net_device *dev,
276 const struct in6_addr *saddr, const struct in6_addr *daddr,
279 struct ipv6_pinfo *np = inet6_sk(sk);
282 skb->protocol = htons(ETH_P_IPV6);
285 skb_reset_network_header(skb);
286 skb_put(skb, sizeof(struct ipv6hdr));
289 *(__be32*)hdr = htonl(0x60000000);
291 hdr->payload_len = htons(len);
292 hdr->nexthdr = proto;
293 hdr->hop_limit = np->hop_limit;
295 ipv6_addr_copy(&hdr->saddr, saddr);
296 ipv6_addr_copy(&hdr->daddr, daddr);
301 static int ip6_call_ra_chain(struct sk_buff *skb, int sel)
303 struct ip6_ra_chain *ra;
304 struct sock *last = NULL;
306 read_lock(&ip6_ra_lock);
307 for (ra = ip6_ra_chain; ra; ra = ra->next) {
308 struct sock *sk = ra->sk;
309 if (sk && ra->sel == sel &&
310 (!sk->sk_bound_dev_if ||
311 sk->sk_bound_dev_if == skb->dev->ifindex)) {
313 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
315 rawv6_rcv(last, skb2);
322 rawv6_rcv(last, skb);
323 read_unlock(&ip6_ra_lock);
326 read_unlock(&ip6_ra_lock);
330 static int ip6_forward_proxy_check(struct sk_buff *skb)
332 struct ipv6hdr *hdr = ipv6_hdr(skb);
333 u8 nexthdr = hdr->nexthdr;
336 if (ipv6_ext_hdr(nexthdr)) {
337 offset = ipv6_skip_exthdr(skb, sizeof(*hdr), &nexthdr);
341 offset = sizeof(struct ipv6hdr);
343 if (nexthdr == IPPROTO_ICMPV6) {
344 struct icmp6hdr *icmp6;
346 if (!pskb_may_pull(skb, (skb_network_header(skb) +
347 offset + 1 - skb->data)))
350 icmp6 = (struct icmp6hdr *)(skb_network_header(skb) + offset);
352 switch (icmp6->icmp6_type) {
353 case NDISC_ROUTER_SOLICITATION:
354 case NDISC_ROUTER_ADVERTISEMENT:
355 case NDISC_NEIGHBOUR_SOLICITATION:
356 case NDISC_NEIGHBOUR_ADVERTISEMENT:
358 /* For reaction involving unicast neighbor discovery
359 * message destined to the proxied address, pass it to
369 * The proxying router can't forward traffic sent to a link-local
370 * address, so signal the sender and discard the packet. This
371 * behavior is clarified by the MIPv6 specification.
373 if (ipv6_addr_type(&hdr->daddr) & IPV6_ADDR_LINKLOCAL) {
374 dst_link_failure(skb);
381 static inline int ip6_forward_finish(struct sk_buff *skb)
383 return dst_output(skb);
386 int ip6_forward(struct sk_buff *skb)
388 struct dst_entry *dst = skb_dst(skb);
389 struct ipv6hdr *hdr = ipv6_hdr(skb);
390 struct inet6_skb_parm *opt = IP6CB(skb);
391 struct net *net = dev_net(dst->dev);
394 if (net->ipv6.devconf_all->forwarding == 0)
397 if (skb_warn_if_lro(skb))
400 if (!xfrm6_policy_check(NULL, XFRM_POLICY_FWD, skb)) {
401 IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_INDISCARDS);
405 if (skb->pkt_type != PACKET_HOST)
408 skb_forward_csum(skb);
411 * We DO NOT make any processing on
412 * RA packets, pushing them to user level AS IS
413 * without ane WARRANTY that application will be able
414 * to interpret them. The reason is that we
415 * cannot make anything clever here.
417 * We are not end-node, so that if packet contains
418 * AH/ESP, we cannot make anything.
419 * Defragmentation also would be mistake, RA packets
420 * cannot be fragmented, because there is no warranty
421 * that different fragments will go along one path. --ANK
424 u8 *ptr = skb_network_header(skb) + opt->ra;
425 if (ip6_call_ra_chain(skb, (ptr[2]<<8) + ptr[3]))
430 * check and decrement ttl
432 if (hdr->hop_limit <= 1) {
433 /* Force OUTPUT device used as source address */
435 icmpv6_send(skb, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT, 0);
436 IP6_INC_STATS_BH(net,
437 ip6_dst_idev(dst), IPSTATS_MIB_INHDRERRORS);
443 /* XXX: idev->cnf.proxy_ndp? */
444 if (net->ipv6.devconf_all->proxy_ndp &&
445 pneigh_lookup(&nd_tbl, net, &hdr->daddr, skb->dev, 0)) {
446 int proxied = ip6_forward_proxy_check(skb);
448 return ip6_input(skb);
449 else if (proxied < 0) {
450 IP6_INC_STATS(net, ip6_dst_idev(dst),
451 IPSTATS_MIB_INDISCARDS);
456 if (!xfrm6_route_forward(skb)) {
457 IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_INDISCARDS);
462 /* IPv6 specs say nothing about it, but it is clear that we cannot
463 send redirects to source routed frames.
464 We don't send redirects to frames decapsulated from IPsec.
466 if (skb->dev == dst->dev && dst->neighbour && opt->srcrt == 0 &&
467 !skb_sec_path(skb)) {
468 struct in6_addr *target = NULL;
470 struct neighbour *n = dst->neighbour;
473 * incoming and outgoing devices are the same
477 rt = (struct rt6_info *) dst;
478 if ((rt->rt6i_flags & RTF_GATEWAY))
479 target = (struct in6_addr*)&n->primary_key;
481 target = &hdr->daddr;
484 rt6_bind_peer(rt, 1);
486 /* Limit redirects both by destination (here)
487 and by source (inside ndisc_send_redirect)
489 if (inet_peer_xrlim_allow(rt->rt6i_peer, 1*HZ))
490 ndisc_send_redirect(skb, n, target);
492 int addrtype = ipv6_addr_type(&hdr->saddr);
494 /* This check is security critical. */
495 if (addrtype == IPV6_ADDR_ANY ||
496 addrtype & (IPV6_ADDR_MULTICAST | IPV6_ADDR_LOOPBACK))
498 if (addrtype & IPV6_ADDR_LINKLOCAL) {
499 icmpv6_send(skb, ICMPV6_DEST_UNREACH,
500 ICMPV6_NOT_NEIGHBOUR, 0);
506 if (mtu < IPV6_MIN_MTU)
509 if (skb->len > mtu && !skb_is_gso(skb)) {
510 /* Again, force OUTPUT device used as source address */
512 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
513 IP6_INC_STATS_BH(net,
514 ip6_dst_idev(dst), IPSTATS_MIB_INTOOBIGERRORS);
515 IP6_INC_STATS_BH(net,
516 ip6_dst_idev(dst), IPSTATS_MIB_FRAGFAILS);
521 if (skb_cow(skb, dst->dev->hard_header_len)) {
522 IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTDISCARDS);
528 /* Mangling hops number delayed to point after skb COW */
532 IP6_INC_STATS_BH(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTFORWDATAGRAMS);
533 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD, skb, skb->dev, dst->dev,
537 IP6_INC_STATS_BH(net, ip6_dst_idev(dst), IPSTATS_MIB_INADDRERRORS);
543 static void ip6_copy_metadata(struct sk_buff *to, struct sk_buff *from)
545 to->pkt_type = from->pkt_type;
546 to->priority = from->priority;
547 to->protocol = from->protocol;
549 skb_dst_set(to, dst_clone(skb_dst(from)));
551 to->mark = from->mark;
553 #ifdef CONFIG_NET_SCHED
554 to->tc_index = from->tc_index;
557 #if defined(CONFIG_NETFILTER_XT_TARGET_TRACE) || \
558 defined(CONFIG_NETFILTER_XT_TARGET_TRACE_MODULE)
559 to->nf_trace = from->nf_trace;
561 skb_copy_secmark(to, from);
564 int ip6_find_1stfragopt(struct sk_buff *skb, u8 **nexthdr)
566 u16 offset = sizeof(struct ipv6hdr);
567 struct ipv6_opt_hdr *exthdr =
568 (struct ipv6_opt_hdr *)(ipv6_hdr(skb) + 1);
569 unsigned int packet_len = skb->tail - skb->network_header;
571 *nexthdr = &ipv6_hdr(skb)->nexthdr;
573 while (offset + 1 <= packet_len) {
579 case NEXTHDR_ROUTING:
583 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
584 if (ipv6_find_tlv(skb, offset, IPV6_TLV_HAO) >= 0)
594 offset += ipv6_optlen(exthdr);
595 *nexthdr = &exthdr->nexthdr;
596 exthdr = (struct ipv6_opt_hdr *)(skb_network_header(skb) +
603 int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
605 struct sk_buff *frag;
606 struct rt6_info *rt = (struct rt6_info*)skb_dst(skb);
607 struct ipv6_pinfo *np = skb->sk ? inet6_sk(skb->sk) : NULL;
608 struct ipv6hdr *tmp_hdr;
610 unsigned int mtu, hlen, left, len;
612 int ptr, offset = 0, err=0;
613 u8 *prevhdr, nexthdr = 0;
614 struct net *net = dev_net(skb_dst(skb)->dev);
616 hlen = ip6_find_1stfragopt(skb, &prevhdr);
619 mtu = ip6_skb_dst_mtu(skb);
621 /* We must not fragment if the socket is set to force MTU discovery
622 * or if the skb it not generated by a local socket.
624 if (!skb->local_df && skb->len > mtu) {
625 skb->dev = skb_dst(skb)->dev;
626 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
627 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
628 IPSTATS_MIB_FRAGFAILS);
633 if (np && np->frag_size < mtu) {
637 mtu -= hlen + sizeof(struct frag_hdr);
639 if (skb_has_frag_list(skb)) {
640 int first_len = skb_pagelen(skb);
641 struct sk_buff *frag2;
643 if (first_len - hlen > mtu ||
644 ((first_len - hlen) & 7) ||
648 skb_walk_frags(skb, frag) {
649 /* Correct geometry. */
650 if (frag->len > mtu ||
651 ((frag->len & 7) && frag->next) ||
652 skb_headroom(frag) < hlen)
653 goto slow_path_clean;
655 /* Partially cloned skb? */
656 if (skb_shared(frag))
657 goto slow_path_clean;
662 frag->destructor = sock_wfree;
664 skb->truesize -= frag->truesize;
669 frag = skb_shinfo(skb)->frag_list;
670 skb_frag_list_init(skb);
673 *prevhdr = NEXTHDR_FRAGMENT;
674 tmp_hdr = kmemdup(skb_network_header(skb), hlen, GFP_ATOMIC);
676 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
677 IPSTATS_MIB_FRAGFAILS);
681 __skb_pull(skb, hlen);
682 fh = (struct frag_hdr*)__skb_push(skb, sizeof(struct frag_hdr));
683 __skb_push(skb, hlen);
684 skb_reset_network_header(skb);
685 memcpy(skb_network_header(skb), tmp_hdr, hlen);
687 ipv6_select_ident(fh);
688 fh->nexthdr = nexthdr;
690 fh->frag_off = htons(IP6_MF);
691 frag_id = fh->identification;
693 first_len = skb_pagelen(skb);
694 skb->data_len = first_len - skb_headlen(skb);
695 skb->len = first_len;
696 ipv6_hdr(skb)->payload_len = htons(first_len -
697 sizeof(struct ipv6hdr));
702 /* Prepare header of the next frame,
703 * before previous one went down. */
705 frag->ip_summed = CHECKSUM_NONE;
706 skb_reset_transport_header(frag);
707 fh = (struct frag_hdr*)__skb_push(frag, sizeof(struct frag_hdr));
708 __skb_push(frag, hlen);
709 skb_reset_network_header(frag);
710 memcpy(skb_network_header(frag), tmp_hdr,
712 offset += skb->len - hlen - sizeof(struct frag_hdr);
713 fh->nexthdr = nexthdr;
715 fh->frag_off = htons(offset);
716 if (frag->next != NULL)
717 fh->frag_off |= htons(IP6_MF);
718 fh->identification = frag_id;
719 ipv6_hdr(frag)->payload_len =
721 sizeof(struct ipv6hdr));
722 ip6_copy_metadata(frag, skb);
727 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
728 IPSTATS_MIB_FRAGCREATES);
741 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
742 IPSTATS_MIB_FRAGOKS);
743 dst_release(&rt->dst);
753 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
754 IPSTATS_MIB_FRAGFAILS);
755 dst_release(&rt->dst);
759 skb_walk_frags(skb, frag2) {
763 frag2->destructor = NULL;
764 skb->truesize += frag2->truesize;
769 left = skb->len - hlen; /* Space per frame */
770 ptr = hlen; /* Where to start from */
773 * Fragment the datagram.
776 *prevhdr = NEXTHDR_FRAGMENT;
779 * Keep copying data until we run out.
783 /* IF: it doesn't fit, use 'mtu' - the data space left */
786 /* IF: we are not sending up to and including the packet end
787 then align the next start on an eight byte boundary */
795 if ((frag = alloc_skb(len+hlen+sizeof(struct frag_hdr)+LL_ALLOCATED_SPACE(rt->dst.dev), GFP_ATOMIC)) == NULL) {
796 NETDEBUG(KERN_INFO "IPv6: frag: no memory for new fragment!\n");
797 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
798 IPSTATS_MIB_FRAGFAILS);
804 * Set up data on packet
807 ip6_copy_metadata(frag, skb);
808 skb_reserve(frag, LL_RESERVED_SPACE(rt->dst.dev));
809 skb_put(frag, len + hlen + sizeof(struct frag_hdr));
810 skb_reset_network_header(frag);
811 fh = (struct frag_hdr *)(skb_network_header(frag) + hlen);
812 frag->transport_header = (frag->network_header + hlen +
813 sizeof(struct frag_hdr));
816 * Charge the memory for the fragment to any owner
820 skb_set_owner_w(frag, skb->sk);
823 * Copy the packet header into the new buffer.
825 skb_copy_from_linear_data(skb, skb_network_header(frag), hlen);
828 * Build fragment header.
830 fh->nexthdr = nexthdr;
833 ipv6_select_ident(fh);
834 frag_id = fh->identification;
836 fh->identification = frag_id;
839 * Copy a block of the IP datagram.
841 if (skb_copy_bits(skb, ptr, skb_transport_header(frag), len))
845 fh->frag_off = htons(offset);
847 fh->frag_off |= htons(IP6_MF);
848 ipv6_hdr(frag)->payload_len = htons(frag->len -
849 sizeof(struct ipv6hdr));
855 * Put this fragment into the sending queue.
861 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
862 IPSTATS_MIB_FRAGCREATES);
864 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
865 IPSTATS_MIB_FRAGOKS);
870 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
871 IPSTATS_MIB_FRAGFAILS);
876 static inline int ip6_rt_check(const struct rt6key *rt_key,
877 const struct in6_addr *fl_addr,
878 const struct in6_addr *addr_cache)
880 return (rt_key->plen != 128 || !ipv6_addr_equal(fl_addr, &rt_key->addr)) &&
881 (addr_cache == NULL || !ipv6_addr_equal(fl_addr, addr_cache));
884 static struct dst_entry *ip6_sk_dst_check(struct sock *sk,
885 struct dst_entry *dst,
886 const struct flowi6 *fl6)
888 struct ipv6_pinfo *np = inet6_sk(sk);
889 struct rt6_info *rt = (struct rt6_info *)dst;
894 /* Yes, checking route validity in not connected
895 * case is not very simple. Take into account,
896 * that we do not support routing by source, TOS,
897 * and MSG_DONTROUTE --ANK (980726)
899 * 1. ip6_rt_check(): If route was host route,
900 * check that cached destination is current.
901 * If it is network route, we still may
902 * check its validity using saved pointer
903 * to the last used address: daddr_cache.
904 * We do not want to save whole address now,
905 * (because main consumer of this service
906 * is tcp, which has not this problem),
907 * so that the last trick works only on connected
909 * 2. oif also should be the same.
911 if (ip6_rt_check(&rt->rt6i_dst, &fl6->daddr, np->daddr_cache) ||
912 #ifdef CONFIG_IPV6_SUBTREES
913 ip6_rt_check(&rt->rt6i_src, &fl6->saddr, np->saddr_cache) ||
915 (fl6->flowi6_oif && fl6->flowi6_oif != dst->dev->ifindex)) {
924 static int ip6_dst_lookup_tail(struct sock *sk,
925 struct dst_entry **dst, struct flowi6 *fl6)
928 struct net *net = sock_net(sk);
931 *dst = ip6_route_output(net, sk, fl6);
933 if ((err = (*dst)->error))
934 goto out_err_release;
936 if (ipv6_addr_any(&fl6->saddr)) {
937 struct rt6_info *rt = (struct rt6_info *) *dst;
938 err = ip6_route_get_saddr(net, rt, &fl6->daddr,
939 sk ? inet6_sk(sk)->srcprefs : 0,
942 goto out_err_release;
945 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
947 * Here if the dst entry we've looked up
948 * has a neighbour entry that is in the INCOMPLETE
949 * state and the src address from the flow is
950 * marked as OPTIMISTIC, we release the found
951 * dst entry and replace it instead with the
952 * dst entry of the nexthop router
954 if ((*dst)->neighbour && !((*dst)->neighbour->nud_state & NUD_VALID)) {
955 struct inet6_ifaddr *ifp;
956 struct flowi6 fl_gw6;
959 ifp = ipv6_get_ifaddr(net, &fl6->saddr,
962 redirect = (ifp && ifp->flags & IFA_F_OPTIMISTIC);
968 * We need to get the dst entry for the
969 * default router instead
972 memcpy(&fl_gw6, fl6, sizeof(struct flowi6));
973 memset(&fl_gw6.daddr, 0, sizeof(struct in6_addr));
974 *dst = ip6_route_output(net, sk, &fl_gw6);
975 if ((err = (*dst)->error))
976 goto out_err_release;
984 if (err == -ENETUNREACH)
985 IP6_INC_STATS_BH(net, NULL, IPSTATS_MIB_OUTNOROUTES);
992 * ip6_dst_lookup - perform route lookup on flow
993 * @sk: socket which provides route info
994 * @dst: pointer to dst_entry * for result
995 * @fl6: flow to lookup
997 * This function performs a route lookup on the given flow.
999 * It returns zero on success, or a standard errno code on error.
1001 int ip6_dst_lookup(struct sock *sk, struct dst_entry **dst, struct flowi6 *fl6)
1004 return ip6_dst_lookup_tail(sk, dst, fl6);
1006 EXPORT_SYMBOL_GPL(ip6_dst_lookup);
1009 * ip6_dst_lookup_flow - perform route lookup on flow with ipsec
1010 * @sk: socket which provides route info
1011 * @fl6: flow to lookup
1012 * @final_dst: final destination address for ipsec lookup
1013 * @can_sleep: we are in a sleepable context
1015 * This function performs a route lookup on the given flow.
1017 * It returns a valid dst pointer on success, or a pointer encoded
1020 struct dst_entry *ip6_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1021 const struct in6_addr *final_dst,
1024 struct dst_entry *dst = NULL;
1027 err = ip6_dst_lookup_tail(sk, &dst, fl6);
1029 return ERR_PTR(err);
1031 ipv6_addr_copy(&fl6->daddr, final_dst);
1033 fl6->flowi6_flags |= FLOWI_FLAG_CAN_SLEEP;
1035 return xfrm_lookup(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0);
1037 EXPORT_SYMBOL_GPL(ip6_dst_lookup_flow);
1040 * ip6_sk_dst_lookup_flow - perform socket cached route lookup on flow
1041 * @sk: socket which provides the dst cache and route info
1042 * @fl6: flow to lookup
1043 * @final_dst: final destination address for ipsec lookup
1044 * @can_sleep: we are in a sleepable context
1046 * This function performs a route lookup on the given flow with the
1047 * possibility of using the cached route in the socket if it is valid.
1048 * It will take the socket dst lock when operating on the dst cache.
1049 * As a result, this function can only be used in process context.
1051 * It returns a valid dst pointer on success, or a pointer encoded
1054 struct dst_entry *ip6_sk_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1055 const struct in6_addr *final_dst,
1058 struct dst_entry *dst = sk_dst_check(sk, inet6_sk(sk)->dst_cookie);
1061 dst = ip6_sk_dst_check(sk, dst, fl6);
1063 err = ip6_dst_lookup_tail(sk, &dst, fl6);
1065 return ERR_PTR(err);
1067 ipv6_addr_copy(&fl6->daddr, final_dst);
1069 fl6->flowi6_flags |= FLOWI_FLAG_CAN_SLEEP;
1071 return xfrm_lookup(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0);
1073 EXPORT_SYMBOL_GPL(ip6_sk_dst_lookup_flow);
1075 static inline int ip6_ufo_append_data(struct sock *sk,
1076 int getfrag(void *from, char *to, int offset, int len,
1077 int odd, struct sk_buff *skb),
1078 void *from, int length, int hh_len, int fragheaderlen,
1079 int transhdrlen, int mtu,unsigned int flags)
1082 struct sk_buff *skb;
1085 /* There is support for UDP large send offload by network
1086 * device, so create one single skb packet containing complete
1089 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL) {
1090 skb = sock_alloc_send_skb(sk,
1091 hh_len + fragheaderlen + transhdrlen + 20,
1092 (flags & MSG_DONTWAIT), &err);
1096 /* reserve space for Hardware header */
1097 skb_reserve(skb, hh_len);
1099 /* create space for UDP/IP header */
1100 skb_put(skb,fragheaderlen + transhdrlen);
1102 /* initialize network header pointer */
1103 skb_reset_network_header(skb);
1105 /* initialize protocol header pointer */
1106 skb->transport_header = skb->network_header + fragheaderlen;
1108 skb->ip_summed = CHECKSUM_PARTIAL;
1112 err = skb_append_datato_frags(sk,skb, getfrag, from,
1113 (length - transhdrlen));
1115 struct frag_hdr fhdr;
1117 /* Specify the length of each IPv6 datagram fragment.
1118 * It has to be a multiple of 8.
1120 skb_shinfo(skb)->gso_size = (mtu - fragheaderlen -
1121 sizeof(struct frag_hdr)) & ~7;
1122 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
1123 ipv6_select_ident(&fhdr);
1124 skb_shinfo(skb)->ip6_frag_id = fhdr.identification;
1125 __skb_queue_tail(&sk->sk_write_queue, skb);
1129 /* There is not enough support do UPD LSO,
1130 * so follow normal path
1137 static inline struct ipv6_opt_hdr *ip6_opt_dup(struct ipv6_opt_hdr *src,
1140 return src ? kmemdup(src, (src->hdrlen + 1) * 8, gfp) : NULL;
1143 static inline struct ipv6_rt_hdr *ip6_rthdr_dup(struct ipv6_rt_hdr *src,
1146 return src ? kmemdup(src, (src->hdrlen + 1) * 8, gfp) : NULL;
1149 int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to,
1150 int offset, int len, int odd, struct sk_buff *skb),
1151 void *from, int length, int transhdrlen,
1152 int hlimit, int tclass, struct ipv6_txoptions *opt, struct flowi6 *fl6,
1153 struct rt6_info *rt, unsigned int flags, int dontfrag)
1155 struct inet_sock *inet = inet_sk(sk);
1156 struct ipv6_pinfo *np = inet6_sk(sk);
1157 struct inet_cork *cork;
1158 struct sk_buff *skb;
1159 unsigned int maxfraglen, fragheaderlen;
1166 int csummode = CHECKSUM_NONE;
1169 if (flags&MSG_PROBE)
1171 cork = &inet->cork.base;
1172 if (skb_queue_empty(&sk->sk_write_queue)) {
1177 if (WARN_ON(np->cork.opt))
1180 np->cork.opt = kmalloc(opt->tot_len, sk->sk_allocation);
1181 if (unlikely(np->cork.opt == NULL))
1184 np->cork.opt->tot_len = opt->tot_len;
1185 np->cork.opt->opt_flen = opt->opt_flen;
1186 np->cork.opt->opt_nflen = opt->opt_nflen;
1188 np->cork.opt->dst0opt = ip6_opt_dup(opt->dst0opt,
1190 if (opt->dst0opt && !np->cork.opt->dst0opt)
1193 np->cork.opt->dst1opt = ip6_opt_dup(opt->dst1opt,
1195 if (opt->dst1opt && !np->cork.opt->dst1opt)
1198 np->cork.opt->hopopt = ip6_opt_dup(opt->hopopt,
1200 if (opt->hopopt && !np->cork.opt->hopopt)
1203 np->cork.opt->srcrt = ip6_rthdr_dup(opt->srcrt,
1205 if (opt->srcrt && !np->cork.opt->srcrt)
1208 /* need source address above miyazawa*/
1211 cork->dst = &rt->dst;
1212 inet->cork.fl.u.ip6 = *fl6;
1213 np->cork.hop_limit = hlimit;
1214 np->cork.tclass = tclass;
1215 mtu = np->pmtudisc == IPV6_PMTUDISC_PROBE ?
1216 rt->dst.dev->mtu : dst_mtu(rt->dst.path);
1217 if (np->frag_size < mtu) {
1219 mtu = np->frag_size;
1221 cork->fragsize = mtu;
1222 if (dst_allfrag(rt->dst.path))
1223 cork->flags |= IPCORK_ALLFRAG;
1225 sk->sk_sndmsg_page = NULL;
1226 sk->sk_sndmsg_off = 0;
1227 exthdrlen = rt->dst.header_len + (opt ? opt->opt_flen : 0) -
1228 rt->rt6i_nfheader_len;
1229 length += exthdrlen;
1230 transhdrlen += exthdrlen;
1232 rt = (struct rt6_info *)cork->dst;
1233 fl6 = &inet->cork.fl.u.ip6;
1237 mtu = cork->fragsize;
1240 hh_len = LL_RESERVED_SPACE(rt->dst.dev);
1242 fragheaderlen = sizeof(struct ipv6hdr) + rt->rt6i_nfheader_len +
1243 (opt ? opt->opt_nflen : 0);
1244 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen - sizeof(struct frag_hdr);
1246 if (mtu <= sizeof(struct ipv6hdr) + IPV6_MAXPLEN) {
1247 if (cork->length + length > sizeof(struct ipv6hdr) + IPV6_MAXPLEN - fragheaderlen) {
1248 ipv6_local_error(sk, EMSGSIZE, fl6, mtu-exthdrlen);
1253 /* For UDP, check if TX timestamp is enabled */
1254 if (sk->sk_type == SOCK_DGRAM) {
1255 err = sock_tx_timestamp(sk, &tx_flags);
1261 * Let's try using as much space as possible.
1262 * Use MTU if total length of the message fits into the MTU.
1263 * Otherwise, we need to reserve fragment header and
1264 * fragment alignment (= 8-15 octects, in total).
1266 * Note that we may need to "move" the data from the tail of
1267 * of the buffer to the new fragment when we split
1270 * FIXME: It may be fragmented into multiple chunks
1271 * at once if non-fragmentable extension headers
1276 cork->length += length;
1278 int proto = sk->sk_protocol;
1279 if (dontfrag && (proto == IPPROTO_UDP || proto == IPPROTO_RAW)){
1280 ipv6_local_rxpmtu(sk, fl6, mtu-exthdrlen);
1284 if (proto == IPPROTO_UDP &&
1285 (rt->dst.dev->features & NETIF_F_UFO)) {
1287 err = ip6_ufo_append_data(sk, getfrag, from, length,
1288 hh_len, fragheaderlen,
1289 transhdrlen, mtu, flags);
1296 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL)
1299 while (length > 0) {
1300 /* Check if the remaining data fits into current packet. */
1301 copy = (cork->length <= mtu && !(cork->flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - skb->len;
1303 copy = maxfraglen - skb->len;
1307 unsigned int datalen;
1308 unsigned int fraglen;
1309 unsigned int fraggap;
1310 unsigned int alloclen;
1311 struct sk_buff *skb_prev;
1315 /* There's no room in the current skb */
1317 fraggap = skb_prev->len - maxfraglen;
1322 * If remaining data exceeds the mtu,
1323 * we know we need more fragment(s).
1325 datalen = length + fraggap;
1326 if (datalen > (cork->length <= mtu && !(cork->flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - fragheaderlen)
1327 datalen = maxfraglen - fragheaderlen;
1329 fraglen = datalen + fragheaderlen;
1330 if ((flags & MSG_MORE) &&
1331 !(rt->dst.dev->features&NETIF_F_SG))
1334 alloclen = datalen + fragheaderlen;
1337 * The last fragment gets additional space at tail.
1338 * Note: we overallocate on fragments with MSG_MODE
1339 * because we have no idea if we're the last one.
1341 if (datalen == length + fraggap)
1342 alloclen += rt->dst.trailer_len;
1345 * We just reserve space for fragment header.
1346 * Note: this may be overallocation if the message
1347 * (without MSG_MORE) fits into the MTU.
1349 alloclen += sizeof(struct frag_hdr);
1352 skb = sock_alloc_send_skb(sk,
1354 (flags & MSG_DONTWAIT), &err);
1357 if (atomic_read(&sk->sk_wmem_alloc) <=
1359 skb = sock_wmalloc(sk,
1360 alloclen + hh_len, 1,
1362 if (unlikely(skb == NULL))
1365 /* Only the initial fragment
1374 * Fill in the control structures
1376 skb->ip_summed = csummode;
1378 /* reserve for fragmentation */
1379 skb_reserve(skb, hh_len+sizeof(struct frag_hdr));
1381 if (sk->sk_type == SOCK_DGRAM)
1382 skb_shinfo(skb)->tx_flags = tx_flags;
1385 * Find where to start putting bytes
1387 data = skb_put(skb, fraglen);
1388 skb_set_network_header(skb, exthdrlen);
1389 data += fragheaderlen;
1390 skb->transport_header = (skb->network_header +
1393 skb->csum = skb_copy_and_csum_bits(
1394 skb_prev, maxfraglen,
1395 data + transhdrlen, fraggap, 0);
1396 skb_prev->csum = csum_sub(skb_prev->csum,
1399 pskb_trim_unique(skb_prev, maxfraglen);
1401 copy = datalen - transhdrlen - fraggap;
1406 } else if (copy > 0 && getfrag(from, data + transhdrlen, offset, copy, fraggap, skb) < 0) {
1413 length -= datalen - fraggap;
1416 csummode = CHECKSUM_NONE;
1419 * Put the packet on the pending queue
1421 __skb_queue_tail(&sk->sk_write_queue, skb);
1428 if (!(rt->dst.dev->features&NETIF_F_SG)) {
1432 if (getfrag(from, skb_put(skb, copy),
1433 offset, copy, off, skb) < 0) {
1434 __skb_trim(skb, off);
1439 int i = skb_shinfo(skb)->nr_frags;
1440 skb_frag_t *frag = &skb_shinfo(skb)->frags[i-1];
1441 struct page *page = sk->sk_sndmsg_page;
1442 int off = sk->sk_sndmsg_off;
1445 if (page && (left = PAGE_SIZE - off) > 0) {
1448 if (page != frag->page) {
1449 if (i == MAX_SKB_FRAGS) {
1454 skb_fill_page_desc(skb, i, page, sk->sk_sndmsg_off, 0);
1455 frag = &skb_shinfo(skb)->frags[i];
1457 } else if(i < MAX_SKB_FRAGS) {
1458 if (copy > PAGE_SIZE)
1460 page = alloc_pages(sk->sk_allocation, 0);
1465 sk->sk_sndmsg_page = page;
1466 sk->sk_sndmsg_off = 0;
1468 skb_fill_page_desc(skb, i, page, 0, 0);
1469 frag = &skb_shinfo(skb)->frags[i];
1474 if (getfrag(from, page_address(frag->page)+frag->page_offset+frag->size, offset, copy, skb->len, skb) < 0) {
1478 sk->sk_sndmsg_off += copy;
1481 skb->data_len += copy;
1482 skb->truesize += copy;
1483 atomic_add(copy, &sk->sk_wmem_alloc);
1490 cork->length -= length;
1491 IP6_INC_STATS(sock_net(sk), rt->rt6i_idev, IPSTATS_MIB_OUTDISCARDS);
1495 static void ip6_cork_release(struct inet_sock *inet, struct ipv6_pinfo *np)
1498 kfree(np->cork.opt->dst0opt);
1499 kfree(np->cork.opt->dst1opt);
1500 kfree(np->cork.opt->hopopt);
1501 kfree(np->cork.opt->srcrt);
1502 kfree(np->cork.opt);
1503 np->cork.opt = NULL;
1506 if (inet->cork.base.dst) {
1507 dst_release(inet->cork.base.dst);
1508 inet->cork.base.dst = NULL;
1509 inet->cork.base.flags &= ~IPCORK_ALLFRAG;
1511 memset(&inet->cork.fl, 0, sizeof(inet->cork.fl));
1514 int ip6_push_pending_frames(struct sock *sk)
1516 struct sk_buff *skb, *tmp_skb;
1517 struct sk_buff **tail_skb;
1518 struct in6_addr final_dst_buf, *final_dst = &final_dst_buf;
1519 struct inet_sock *inet = inet_sk(sk);
1520 struct ipv6_pinfo *np = inet6_sk(sk);
1521 struct net *net = sock_net(sk);
1522 struct ipv6hdr *hdr;
1523 struct ipv6_txoptions *opt = np->cork.opt;
1524 struct rt6_info *rt = (struct rt6_info *)inet->cork.base.dst;
1525 struct flowi6 *fl6 = &inet->cork.fl.u.ip6;
1526 unsigned char proto = fl6->flowi6_proto;
1529 if ((skb = __skb_dequeue(&sk->sk_write_queue)) == NULL)
1531 tail_skb = &(skb_shinfo(skb)->frag_list);
1533 /* move skb->data to ip header from ext header */
1534 if (skb->data < skb_network_header(skb))
1535 __skb_pull(skb, skb_network_offset(skb));
1536 while ((tmp_skb = __skb_dequeue(&sk->sk_write_queue)) != NULL) {
1537 __skb_pull(tmp_skb, skb_network_header_len(skb));
1538 *tail_skb = tmp_skb;
1539 tail_skb = &(tmp_skb->next);
1540 skb->len += tmp_skb->len;
1541 skb->data_len += tmp_skb->len;
1542 skb->truesize += tmp_skb->truesize;
1543 tmp_skb->destructor = NULL;
1547 /* Allow local fragmentation. */
1548 if (np->pmtudisc < IPV6_PMTUDISC_DO)
1551 ipv6_addr_copy(final_dst, &fl6->daddr);
1552 __skb_pull(skb, skb_network_header_len(skb));
1553 if (opt && opt->opt_flen)
1554 ipv6_push_frag_opts(skb, opt, &proto);
1555 if (opt && opt->opt_nflen)
1556 ipv6_push_nfrag_opts(skb, opt, &proto, &final_dst);
1558 skb_push(skb, sizeof(struct ipv6hdr));
1559 skb_reset_network_header(skb);
1560 hdr = ipv6_hdr(skb);
1562 *(__be32*)hdr = fl6->flowlabel |
1563 htonl(0x60000000 | ((int)np->cork.tclass << 20));
1565 hdr->hop_limit = np->cork.hop_limit;
1566 hdr->nexthdr = proto;
1567 ipv6_addr_copy(&hdr->saddr, &fl6->saddr);
1568 ipv6_addr_copy(&hdr->daddr, final_dst);
1570 skb->priority = sk->sk_priority;
1571 skb->mark = sk->sk_mark;
1573 skb_dst_set(skb, dst_clone(&rt->dst));
1574 IP6_UPD_PO_STATS(net, rt->rt6i_idev, IPSTATS_MIB_OUT, skb->len);
1575 if (proto == IPPROTO_ICMPV6) {
1576 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
1578 ICMP6MSGOUT_INC_STATS_BH(net, idev, icmp6_hdr(skb)->icmp6_type);
1579 ICMP6_INC_STATS_BH(net, idev, ICMP6_MIB_OUTMSGS);
1582 err = ip6_local_out(skb);
1585 err = net_xmit_errno(err);
1591 ip6_cork_release(inet, np);
1594 IP6_INC_STATS(net, rt->rt6i_idev, IPSTATS_MIB_OUTDISCARDS);
1598 void ip6_flush_pending_frames(struct sock *sk)
1600 struct sk_buff *skb;
1602 while ((skb = __skb_dequeue_tail(&sk->sk_write_queue)) != NULL) {
1604 IP6_INC_STATS(sock_net(sk), ip6_dst_idev(skb_dst(skb)),
1605 IPSTATS_MIB_OUTDISCARDS);
1609 ip6_cork_release(inet_sk(sk), inet6_sk(sk));
projects / linux-2.6-block.git / blob