1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53#define pr_fmt(fmt) "TCP: " fmt
54
55#include <linux/bottom_half.h>
56#include <linux/types.h>
57#include <linux/fcntl.h>
58#include <linux/module.h>
59#include <linux/random.h>
60#include <linux/cache.h>
61#include <linux/jhash.h>
62#include <linux/init.h>
63#include <linux/times.h>
64#include <linux/slab.h>
65
66#include <net/net_namespace.h>
67#include <net/icmp.h>
68#include <net/inet_hashtables.h>
69#include <net/tcp.h>
70#include <net/transp_v6.h>
71#include <net/ipv6.h>
72#include <net/inet_common.h>
73#include <net/timewait_sock.h>
74#include <net/xfrm.h>
75#include <net/netdma.h>
76#include <net/secure_seq.h>
77#include <net/tcp_memcontrol.h>
78
79#include <linux/inet.h>
80#include <linux/ipv6.h>
81#include <linux/stddef.h>
82#include <linux/proc_fs.h>
83#include <linux/seq_file.h>
84
85#include <linux/crypto.h>
86#include <linux/scatterlist.h>
87
88int sysctl_tcp_tw_reuse __read_mostly;
89int sysctl_tcp_low_latency __read_mostly;
90EXPORT_SYMBOL(sysctl_tcp_low_latency);
91
92
93#ifdef CONFIG_TCP_MD5SIG
94static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
95 __be32 daddr, __be32 saddr, const struct tcphdr *th);
96#endif
97
98struct inet_hashinfo tcp_hashinfo;
99EXPORT_SYMBOL(tcp_hashinfo);
100
101static inline __u32 tcp_v4_init_sequence(const struct sk_buff *skb)
102{
103 return secure_tcp_sequence_number(ip_hdr(skb)->daddr,
104 ip_hdr(skb)->saddr,
105 tcp_hdr(skb)->dest,
106 tcp_hdr(skb)->source);
107}
108
109int tcp_twsk_unique(struct sock *sk, struct sock *sktw, void *twp)
110{
111 const struct tcp_timewait_sock *tcptw = tcp_twsk(sktw);
112 struct tcp_sock *tp = tcp_sk(sk);
113
114
115
116
117
118
119
120
121
122
123
124
125 if (tcptw->tw_ts_recent_stamp &&
126 (twp == NULL || (sysctl_tcp_tw_reuse &&
127 get_seconds() - tcptw->tw_ts_recent_stamp > 1))) {
128 tp->write_seq = tcptw->tw_snd_nxt + 65535 + 2;
129 if (tp->write_seq == 0)
130 tp->write_seq = 1;
131 tp->rx_opt.ts_recent = tcptw->tw_ts_recent;
132 tp->rx_opt.ts_recent_stamp = tcptw->tw_ts_recent_stamp;
133 sock_hold(sktw);
134 return 1;
135 }
136
137 return 0;
138}
139EXPORT_SYMBOL_GPL(tcp_twsk_unique);
140
141static int tcp_repair_connect(struct sock *sk)
142{
143 tcp_connect_init(sk);
144 tcp_finish_connect(sk, NULL);
145
146 return 0;
147}
148
149
150int tcp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
151{
152 struct sockaddr_in *usin = (struct sockaddr_in *)uaddr;
153 struct inet_sock *inet = inet_sk(sk);
154 struct tcp_sock *tp = tcp_sk(sk);
155 __be16 orig_sport, orig_dport;
156 __be32 daddr, nexthop;
157 struct flowi4 *fl4;
158 struct rtable *rt;
159 int err;
160 struct ip_options_rcu *inet_opt;
161
162 if (addr_len < sizeof(struct sockaddr_in))
163 return -EINVAL;
164
165 if (usin->sin_family != AF_INET)
166 return -EAFNOSUPPORT;
167
168 nexthop = daddr = usin->sin_addr.s_addr;
169 inet_opt = rcu_dereference_protected(inet->inet_opt,
170 sock_owned_by_user(sk));
171 if (inet_opt && inet_opt->opt.srr) {
172 if (!daddr)
173 return -EINVAL;
174 nexthop = inet_opt->opt.faddr;
175 }
176
177 orig_sport = inet->inet_sport;
178 orig_dport = usin->sin_port;
179 fl4 = &inet->cork.fl.u.ip4;
180 rt = ip_route_connect(fl4, nexthop, inet->inet_saddr,
181 RT_CONN_FLAGS(sk), sk->sk_bound_dev_if,
182 IPPROTO_TCP,
183 orig_sport, orig_dport, sk, true);
184 if (IS_ERR(rt)) {
185 err = PTR_ERR(rt);
186 if (err == -ENETUNREACH)
187 IP_INC_STATS_BH(sock_net(sk), IPSTATS_MIB_OUTNOROUTES);
188 return err;
189 }
190
191 if (rt->rt_flags & (RTCF_MULTICAST | RTCF_BROADCAST)) {
192 ip_rt_put(rt);
193 return -ENETUNREACH;
194 }
195
196 if (!inet_opt || !inet_opt->opt.srr)
197 daddr = fl4->daddr;
198
199 if (!inet->inet_saddr)
200 inet->inet_saddr = fl4->saddr;
201 inet->inet_rcv_saddr = inet->inet_saddr;
202
203 if (tp->rx_opt.ts_recent_stamp && inet->inet_daddr != daddr) {
204
205 tp->rx_opt.ts_recent = 0;
206 tp->rx_opt.ts_recent_stamp = 0;
207 if (likely(!tp->repair))
208 tp->write_seq = 0;
209 }
210
211 if (tcp_death_row.sysctl_tw_recycle &&
212 !tp->rx_opt.ts_recent_stamp && fl4->daddr == daddr)
213 tcp_fetch_timewait_stamp(sk, &rt->dst);
214
215 inet->inet_dport = usin->sin_port;
216 inet->inet_daddr = daddr;
217
218 inet_csk(sk)->icsk_ext_hdr_len = 0;
219 if (inet_opt)
220 inet_csk(sk)->icsk_ext_hdr_len = inet_opt->opt.optlen;
221
222 tp->rx_opt.mss_clamp = TCP_MSS_DEFAULT;
223
224
225
226
227
228
229 tcp_set_state(sk, TCP_SYN_SENT);
230 err = inet_hash_connect(&tcp_death_row, sk);
231 if (err)
232 goto failure;
233
234 rt = ip_route_newports(fl4, rt, orig_sport, orig_dport,
235 inet->inet_sport, inet->inet_dport, sk);
236 if (IS_ERR(rt)) {
237 err = PTR_ERR(rt);
238 rt = NULL;
239 goto failure;
240 }
241
242 sk->sk_gso_type = SKB_GSO_TCPV4;
243 sk_setup_caps(sk, &rt->dst);
244
245 if (!tp->write_seq && likely(!tp->repair))
246 tp->write_seq = secure_tcp_sequence_number(inet->inet_saddr,
247 inet->inet_daddr,
248 inet->inet_sport,
249 usin->sin_port);
250
251 inet->inet_id = tp->write_seq ^ jiffies;
252
253 if (likely(!tp->repair))
254 err = tcp_connect(sk);
255 else
256 err = tcp_repair_connect(sk);
257
258 rt = NULL;
259 if (err)
260 goto failure;
261
262 return 0;
263
264failure:
265
266
267
268
269 tcp_set_state(sk, TCP_CLOSE);
270 ip_rt_put(rt);
271 sk->sk_route_caps = 0;
272 inet->inet_dport = 0;
273 return err;
274}
275EXPORT_SYMBOL(tcp_v4_connect);
276
277
278
279
280
281
282static void tcp_v4_mtu_reduced(struct sock *sk)
283{
284 struct dst_entry *dst;
285 struct inet_sock *inet = inet_sk(sk);
286 u32 mtu = tcp_sk(sk)->mtu_info;
287
288
289
290
291
292 if (sk->sk_state == TCP_LISTEN)
293 return;
294
295 dst = inet_csk_update_pmtu(sk, mtu);
296 if (!dst)
297 return;
298
299
300
301
302 if (mtu < dst_mtu(dst) && ip_dont_fragment(sk, dst))
303 sk->sk_err_soft = EMSGSIZE;
304
305 mtu = dst_mtu(dst);
306
307 if (inet->pmtudisc != IP_PMTUDISC_DONT &&
308 inet_csk(sk)->icsk_pmtu_cookie > mtu) {
309 tcp_sync_mss(sk, mtu);
310
311
312
313
314
315
316 tcp_simple_retransmit(sk);
317 }
318}
319
320static void do_redirect(struct sk_buff *skb, struct sock *sk)
321{
322 struct dst_entry *dst = __sk_dst_check(sk, 0);
323
324 if (dst)
325 dst->ops->redirect(dst, sk, skb);
326}
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344void tcp_v4_err(struct sk_buff *icmp_skb, u32 info)
345{
346 const struct iphdr *iph = (const struct iphdr *)icmp_skb->data;
347 struct tcphdr *th = (struct tcphdr *)(icmp_skb->data + (iph->ihl << 2));
348 struct inet_connection_sock *icsk;
349 struct tcp_sock *tp;
350 struct inet_sock *inet;
351 const int type = icmp_hdr(icmp_skb)->type;
352 const int code = icmp_hdr(icmp_skb)->code;
353 struct sock *sk;
354 struct sk_buff *skb;
355 struct request_sock *req;
356 __u32 seq;
357 __u32 remaining;
358 int err;
359 struct net *net = dev_net(icmp_skb->dev);
360
361 if (icmp_skb->len < (iph->ihl << 2) + 8) {
362 ICMP_INC_STATS_BH(net, ICMP_MIB_INERRORS);
363 return;
364 }
365
366 sk = inet_lookup(net, &tcp_hashinfo, iph->daddr, th->dest,
367 iph->saddr, th->source, inet_iif(icmp_skb));
368 if (!sk) {
369 ICMP_INC_STATS_BH(net, ICMP_MIB_INERRORS);
370 return;
371 }
372 if (sk->sk_state == TCP_TIME_WAIT) {
373 inet_twsk_put(inet_twsk(sk));
374 return;
375 }
376
377 bh_lock_sock(sk);
378
379
380
381
382
383 if (sock_owned_by_user(sk) &&
384 type != ICMP_DEST_UNREACH &&
385 code != ICMP_FRAG_NEEDED)
386 NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
387
388 if (sk->sk_state == TCP_CLOSE)
389 goto out;
390
391 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) {
392 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
393 goto out;
394 }
395
396 icsk = inet_csk(sk);
397 tp = tcp_sk(sk);
398 req = tp->fastopen_rsk;
399 seq = ntohl(th->seq);
400 if (sk->sk_state != TCP_LISTEN &&
401 !between(seq, tp->snd_una, tp->snd_nxt) &&
402 (req == NULL || seq != tcp_rsk(req)->snt_isn)) {
403
404 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
405 goto out;
406 }
407
408 switch (type) {
409 case ICMP_REDIRECT:
410 do_redirect(icmp_skb, sk);
411 goto out;
412 case ICMP_SOURCE_QUENCH:
413
414 goto out;
415 case ICMP_PARAMETERPROB:
416 err = EPROTO;
417 break;
418 case ICMP_DEST_UNREACH:
419 if (code > NR_ICMP_UNREACH)
420 goto out;
421
422 if (code == ICMP_FRAG_NEEDED) {
423 tp->mtu_info = info;
424 if (!sock_owned_by_user(sk)) {
425 tcp_v4_mtu_reduced(sk);
426 } else {
427 if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED, &tp->tsq_flags))
428 sock_hold(sk);
429 }
430 goto out;
431 }
432
433 err = icmp_err_convert[code].errno;
434
435
436 if (code != ICMP_NET_UNREACH && code != ICMP_HOST_UNREACH)
437 break;
438 if (seq != tp->snd_una || !icsk->icsk_retransmits ||
439 !icsk->icsk_backoff)
440 break;
441
442
443
444 if (sock_owned_by_user(sk))
445 break;
446
447 icsk->icsk_backoff--;
448 inet_csk(sk)->icsk_rto = (tp->srtt ? __tcp_set_rto(tp) :
449 TCP_TIMEOUT_INIT) << icsk->icsk_backoff;
450 tcp_bound_rto(sk);
451
452 skb = tcp_write_queue_head(sk);
453 BUG_ON(!skb);
454
455 remaining = icsk->icsk_rto - min(icsk->icsk_rto,
456 tcp_time_stamp - TCP_SKB_CB(skb)->when);
457
458 if (remaining) {
459 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS,
460 remaining, TCP_RTO_MAX);
461 } else {
462
463
464 tcp_retransmit_timer(sk);
465 }
466
467 break;
468 case ICMP_TIME_EXCEEDED:
469 err = EHOSTUNREACH;
470 break;
471 default:
472 goto out;
473 }
474
475
476
477
478
479
480 if (req && req->sk == NULL)
481 goto out;
482
483 switch (sk->sk_state) {
484 struct request_sock *req, **prev;
485 case TCP_LISTEN:
486 if (sock_owned_by_user(sk))
487 goto out;
488
489 req = inet_csk_search_req(sk, &prev, th->dest,
490 iph->daddr, iph->saddr);
491 if (!req)
492 goto out;
493
494
495
496
497 WARN_ON(req->sk);
498
499 if (seq != tcp_rsk(req)->snt_isn) {
500 NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
501 goto out;
502 }
503
504
505
506
507
508
509
510 inet_csk_reqsk_queue_drop(sk, req, prev);
511 goto out;
512
513 case TCP_SYN_SENT:
514 case TCP_SYN_RECV:
515
516
517
518 if (!sock_owned_by_user(sk)) {
519 sk->sk_err = err;
520
521 sk->sk_error_report(sk);
522
523 tcp_done(sk);
524 } else {
525 sk->sk_err_soft = err;
526 }
527 goto out;
528 }
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546 inet = inet_sk(sk);
547 if (!sock_owned_by_user(sk) && inet->recverr) {
548 sk->sk_err = err;
549 sk->sk_error_report(sk);
550 } else {
551 sk->sk_err_soft = err;
552 }
553
554out:
555 bh_unlock_sock(sk);
556 sock_put(sk);
557}
558
559static void __tcp_v4_send_check(struct sk_buff *skb,
560 __be32 saddr, __be32 daddr)
561{
562 struct tcphdr *th = tcp_hdr(skb);
563
564 if (skb->ip_summed == CHECKSUM_PARTIAL) {
565 th->check = ~tcp_v4_check(skb->len, saddr, daddr, 0);
566 skb->csum_start = skb_transport_header(skb) - skb->head;
567 skb->csum_offset = offsetof(struct tcphdr, check);
568 } else {
569 th->check = tcp_v4_check(skb->len, saddr, daddr,
570 csum_partial(th,
571 th->doff << 2,
572 skb->csum));
573 }
574}
575
576
577void tcp_v4_send_check(struct sock *sk, struct sk_buff *skb)
578{
579 const struct inet_sock *inet = inet_sk(sk);
580
581 __tcp_v4_send_check(skb, inet->inet_saddr, inet->inet_daddr);
582}
583EXPORT_SYMBOL(tcp_v4_send_check);
584
585int tcp_v4_gso_send_check(struct sk_buff *skb)
586{
587 const struct iphdr *iph;
588 struct tcphdr *th;
589
590 if (!pskb_may_pull(skb, sizeof(*th)))
591 return -EINVAL;
592
593 iph = ip_hdr(skb);
594 th = tcp_hdr(skb);
595
596 th->check = 0;
597 skb->ip_summed = CHECKSUM_PARTIAL;
598 __tcp_v4_send_check(skb, iph->saddr, iph->daddr);
599 return 0;
600}
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615static void tcp_v4_send_reset(struct sock *sk, struct sk_buff *skb)
616{
617 const struct tcphdr *th = tcp_hdr(skb);
618 struct {
619 struct tcphdr th;
620#ifdef CONFIG_TCP_MD5SIG
621 __be32 opt[(TCPOLEN_MD5SIG_ALIGNED >> 2)];
622#endif
623 } rep;
624 struct ip_reply_arg arg;
625#ifdef CONFIG_TCP_MD5SIG
626 struct tcp_md5sig_key *key;
627 const __u8 *hash_location = NULL;
628 unsigned char newhash[16];
629 int genhash;
630 struct sock *sk1 = NULL;
631#endif
632 struct net *net;
633
634
635 if (th->rst)
636 return;
637
638 if (skb_rtable(skb)->rt_type != RTN_LOCAL)
639 return;
640
641
642 memset(&rep, 0, sizeof(rep));
643 rep.th.dest = th->source;
644 rep.th.source = th->dest;
645 rep.th.doff = sizeof(struct tcphdr) / 4;
646 rep.th.rst = 1;
647
648 if (th->ack) {
649 rep.th.seq = th->ack_seq;
650 } else {
651 rep.th.ack = 1;
652 rep.th.ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin +
653 skb->len - (th->doff << 2));
654 }
655
656 memset(&arg, 0, sizeof(arg));
657 arg.iov[0].iov_base = (unsigned char *)&rep;
658 arg.iov[0].iov_len = sizeof(rep.th);
659
660#ifdef CONFIG_TCP_MD5SIG
661 hash_location = tcp_parse_md5sig_option(th);
662 if (!sk && hash_location) {
663
664
665
666
667
668
669
670 sk1 = __inet_lookup_listener(dev_net(skb_dst(skb)->dev),
671 &tcp_hashinfo, ip_hdr(skb)->daddr,
672 ntohs(th->source), inet_iif(skb));
673
674 if (!sk1)
675 return;
676 rcu_read_lock();
677 key = tcp_md5_do_lookup(sk1, (union tcp_md5_addr *)
678 &ip_hdr(skb)->saddr, AF_INET);
679 if (!key)
680 goto release_sk1;
681
682 genhash = tcp_v4_md5_hash_skb(newhash, key, NULL, NULL, skb);
683 if (genhash || memcmp(hash_location, newhash, 16) != 0)
684 goto release_sk1;
685 } else {
686 key = sk ? tcp_md5_do_lookup(sk, (union tcp_md5_addr *)
687 &ip_hdr(skb)->saddr,
688 AF_INET) : NULL;
689 }
690
691 if (key) {
692 rep.opt[0] = htonl((TCPOPT_NOP << 24) |
693 (TCPOPT_NOP << 16) |
694 (TCPOPT_MD5SIG << 8) |
695 TCPOLEN_MD5SIG);
696
697 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED;
698 rep.th.doff = arg.iov[0].iov_len / 4;
699
700 tcp_v4_md5_hash_hdr((__u8 *) &rep.opt[1],
701 key, ip_hdr(skb)->saddr,
702 ip_hdr(skb)->daddr, &rep.th);
703 }
704#endif
705 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr,
706 ip_hdr(skb)->saddr,
707 arg.iov[0].iov_len, IPPROTO_TCP, 0);
708 arg.csumoffset = offsetof(struct tcphdr, check) / 2;
709 arg.flags = (sk && inet_sk(sk)->transparent) ? IP_REPLY_ARG_NOSRCCHECK : 0;
710
711
712
713
714 if (sk)
715 arg.bound_dev_if = sk->sk_bound_dev_if;
716
717 net = dev_net(skb_dst(skb)->dev);
718 arg.tos = ip_hdr(skb)->tos;
719 ip_send_unicast_reply(net, skb, ip_hdr(skb)->saddr,
720 ip_hdr(skb)->daddr, &arg, arg.iov[0].iov_len);
721
722 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
723 TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
724
725#ifdef CONFIG_TCP_MD5SIG
726release_sk1:
727 if (sk1) {
728 rcu_read_unlock();
729 sock_put(sk1);
730 }
731#endif
732}
733
734
735
736
737
738static void tcp_v4_send_ack(struct sk_buff *skb, u32 seq, u32 ack,
739 u32 win, u32 ts, int oif,
740 struct tcp_md5sig_key *key,
741 int reply_flags, u8 tos)
742{
743 const struct tcphdr *th = tcp_hdr(skb);
744 struct {
745 struct tcphdr th;
746 __be32 opt[(TCPOLEN_TSTAMP_ALIGNED >> 2)
747#ifdef CONFIG_TCP_MD5SIG
748 + (TCPOLEN_MD5SIG_ALIGNED >> 2)
749#endif
750 ];
751 } rep;
752 struct ip_reply_arg arg;
753 struct net *net = dev_net(skb_dst(skb)->dev);
754
755 memset(&rep.th, 0, sizeof(struct tcphdr));
756 memset(&arg, 0, sizeof(arg));
757
758 arg.iov[0].iov_base = (unsigned char *)&rep;
759 arg.iov[0].iov_len = sizeof(rep.th);
760 if (ts) {
761 rep.opt[0] = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
762 (TCPOPT_TIMESTAMP << 8) |
763 TCPOLEN_TIMESTAMP);
764 rep.opt[1] = htonl(tcp_time_stamp);
765 rep.opt[2] = htonl(ts);
766 arg.iov[0].iov_len += TCPOLEN_TSTAMP_ALIGNED;
767 }
768
769
770 rep.th.dest = th->source;
771 rep.th.source = th->dest;
772 rep.th.doff = arg.iov[0].iov_len / 4;
773 rep.th.seq = htonl(seq);
774 rep.th.ack_seq = htonl(ack);
775 rep.th.ack = 1;
776 rep.th.window = htons(win);
777
778#ifdef CONFIG_TCP_MD5SIG
779 if (key) {
780 int offset = (ts) ? 3 : 0;
781
782 rep.opt[offset++] = htonl((TCPOPT_NOP << 24) |
783 (TCPOPT_NOP << 16) |
784 (TCPOPT_MD5SIG << 8) |
785 TCPOLEN_MD5SIG);
786 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED;
787 rep.th.doff = arg.iov[0].iov_len/4;
788
789 tcp_v4_md5_hash_hdr((__u8 *) &rep.opt[offset],
790 key, ip_hdr(skb)->saddr,
791 ip_hdr(skb)->daddr, &rep.th);
792 }
793#endif
794 arg.flags = reply_flags;
795 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr,
796 ip_hdr(skb)->saddr,
797 arg.iov[0].iov_len, IPPROTO_TCP, 0);
798 arg.csumoffset = offsetof(struct tcphdr, check) / 2;
799 if (oif)
800 arg.bound_dev_if = oif;
801 arg.tos = tos;
802 ip_send_unicast_reply(net, skb, ip_hdr(skb)->saddr,
803 ip_hdr(skb)->daddr, &arg, arg.iov[0].iov_len);
804
805 TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
806}
807
808static void tcp_v4_timewait_ack(struct sock *sk, struct sk_buff *skb)
809{
810 struct inet_timewait_sock *tw = inet_twsk(sk);
811 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
812
813 tcp_v4_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
814 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
815 tcptw->tw_ts_recent,
816 tw->tw_bound_dev_if,
817 tcp_twsk_md5_key(tcptw),
818 tw->tw_transparent ? IP_REPLY_ARG_NOSRCCHECK : 0,
819 tw->tw_tos
820 );
821
822 inet_twsk_put(tw);
823}
824
825static void tcp_v4_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
826 struct request_sock *req)
827{
828
829
830
831 tcp_v4_send_ack(skb, (sk->sk_state == TCP_LISTEN) ?
832 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
833 tcp_rsk(req)->rcv_nxt, req->rcv_wnd,
834 req->ts_recent,
835 0,
836 tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&ip_hdr(skb)->daddr,
837 AF_INET),
838 inet_rsk(req)->no_srccheck ? IP_REPLY_ARG_NOSRCCHECK : 0,
839 ip_hdr(skb)->tos);
840}
841
842
843
844
845
846
847static int tcp_v4_send_synack(struct sock *sk, struct dst_entry *dst,
848 struct request_sock *req,
849 struct request_values *rvp,
850 u16 queue_mapping,
851 bool nocache)
852{
853 const struct inet_request_sock *ireq = inet_rsk(req);
854 struct flowi4 fl4;
855 int err = -1;
856 struct sk_buff * skb;
857
858
859 if (!dst && (dst = inet_csk_route_req(sk, &fl4, req)) == NULL)
860 return -1;
861
862 skb = tcp_make_synack(sk, dst, req, rvp, NULL);
863
864 if (skb) {
865 __tcp_v4_send_check(skb, ireq->loc_addr, ireq->rmt_addr);
866
867 skb_set_queue_mapping(skb, queue_mapping);
868 err = ip_build_and_send_pkt(skb, sk, ireq->loc_addr,
869 ireq->rmt_addr,
870 ireq->opt);
871 err = net_xmit_eval(err);
872 if (!tcp_rsk(req)->snt_synack && !err)
873 tcp_rsk(req)->snt_synack = tcp_time_stamp;
874 }
875
876 return err;
877}
878
879static int tcp_v4_rtx_synack(struct sock *sk, struct request_sock *req,
880 struct request_values *rvp)
881{
882 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
883 return tcp_v4_send_synack(sk, NULL, req, rvp, 0, false);
884}
885
886
887
888
889static void tcp_v4_reqsk_destructor(struct request_sock *req)
890{
891 kfree(inet_rsk(req)->opt);
892}
893
894
895
896
897bool tcp_syn_flood_action(struct sock *sk,
898 const struct sk_buff *skb,
899 const char *proto)
900{
901 const char *msg = "Dropping request";
902 bool want_cookie = false;
903 struct listen_sock *lopt;
904
905
906
907#ifdef CONFIG_SYN_COOKIES
908 if (sysctl_tcp_syncookies) {
909 msg = "Sending cookies";
910 want_cookie = true;
911 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPREQQFULLDOCOOKIES);
912 } else
913#endif
914 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPREQQFULLDROP);
915
916 lopt = inet_csk(sk)->icsk_accept_queue.listen_opt;
917 if (!lopt->synflood_warned) {
918 lopt->synflood_warned = 1;
919 pr_info("%s: Possible SYN flooding on port %d. %s. Check SNMP counters.\n",
920 proto, ntohs(tcp_hdr(skb)->dest), msg);
921 }
922 return want_cookie;
923}
924EXPORT_SYMBOL(tcp_syn_flood_action);
925
926
927
928
929static struct ip_options_rcu *tcp_v4_save_options(struct sk_buff *skb)
930{
931 const struct ip_options *opt = &(IPCB(skb)->opt);
932 struct ip_options_rcu *dopt = NULL;
933
934 if (opt && opt->optlen) {
935 int opt_size = sizeof(*dopt) + opt->optlen;
936
937 dopt = kmalloc(opt_size, GFP_ATOMIC);
938 if (dopt) {
939 if (ip_options_echo(&dopt->opt, skb)) {
940 kfree(dopt);
941 dopt = NULL;
942 }
943 }
944 }
945 return dopt;
946}
947
948#ifdef CONFIG_TCP_MD5SIG
949
950
951
952
953
954
955
956struct tcp_md5sig_key *tcp_md5_do_lookup(struct sock *sk,
957 const union tcp_md5_addr *addr,
958 int family)
959{
960 struct tcp_sock *tp = tcp_sk(sk);
961 struct tcp_md5sig_key *key;
962 struct hlist_node *pos;
963 unsigned int size = sizeof(struct in_addr);
964 struct tcp_md5sig_info *md5sig;
965
966
967 md5sig = rcu_dereference_check(tp->md5sig_info,
968 sock_owned_by_user(sk) ||
969 lockdep_is_held(&sk->sk_lock.slock));
970 if (!md5sig)
971 return NULL;
972#if IS_ENABLED(CONFIG_IPV6)
973 if (family == AF_INET6)
974 size = sizeof(struct in6_addr);
975#endif
976 hlist_for_each_entry_rcu(key, pos, &md5sig->head, node) {
977 if (key->family != family)
978 continue;
979 if (!memcmp(&key->addr, addr, size))
980 return key;
981 }
982 return NULL;
983}
984EXPORT_SYMBOL(tcp_md5_do_lookup);
985
986struct tcp_md5sig_key *tcp_v4_md5_lookup(struct sock *sk,
987 struct sock *addr_sk)
988{
989 union tcp_md5_addr *addr;
990
991 addr = (union tcp_md5_addr *)&inet_sk(addr_sk)->inet_daddr;
992 return tcp_md5_do_lookup(sk, addr, AF_INET);
993}
994EXPORT_SYMBOL(tcp_v4_md5_lookup);
995
996static struct tcp_md5sig_key *tcp_v4_reqsk_md5_lookup(struct sock *sk,
997 struct request_sock *req)
998{
999 union tcp_md5_addr *addr;
1000
1001 addr = (union tcp_md5_addr *)&inet_rsk(req)->rmt_addr;
1002 return tcp_md5_do_lookup(sk, addr, AF_INET);
1003}
1004
1005
1006int tcp_md5_do_add(struct sock *sk, const union tcp_md5_addr *addr,
1007 int family, const u8 *newkey, u8 newkeylen, gfp_t gfp)
1008{
1009
1010 struct tcp_md5sig_key *key;
1011 struct tcp_sock *tp = tcp_sk(sk);
1012 struct tcp_md5sig_info *md5sig;
1013
1014 key = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&addr, AF_INET);
1015 if (key) {
1016
1017 memcpy(key->key, newkey, newkeylen);
1018 key->keylen = newkeylen;
1019 return 0;
1020 }
1021
1022 md5sig = rcu_dereference_protected(tp->md5sig_info,
1023 sock_owned_by_user(sk));
1024 if (!md5sig) {
1025 md5sig = kmalloc(sizeof(*md5sig), gfp);
1026 if (!md5sig)
1027 return -ENOMEM;
1028
1029 sk_nocaps_add(sk, NETIF_F_GSO_MASK);
1030 INIT_HLIST_HEAD(&md5sig->head);
1031 rcu_assign_pointer(tp->md5sig_info, md5sig);
1032 }
1033
1034 key = sock_kmalloc(sk, sizeof(*key), gfp);
1035 if (!key)
1036 return -ENOMEM;
1037 if (hlist_empty(&md5sig->head) && !tcp_alloc_md5sig_pool(sk)) {
1038 sock_kfree_s(sk, key, sizeof(*key));
1039 return -ENOMEM;
1040 }
1041
1042 memcpy(key->key, newkey, newkeylen);
1043 key->keylen = newkeylen;
1044 key->family = family;
1045 memcpy(&key->addr, addr,
1046 (family == AF_INET6) ? sizeof(struct in6_addr) :
1047 sizeof(struct in_addr));
1048 hlist_add_head_rcu(&key->node, &md5sig->head);
1049 return 0;
1050}
1051EXPORT_SYMBOL(tcp_md5_do_add);
1052
1053int tcp_md5_do_del(struct sock *sk, const union tcp_md5_addr *addr, int family)
1054{
1055 struct tcp_sock *tp = tcp_sk(sk);
1056 struct tcp_md5sig_key *key;
1057 struct tcp_md5sig_info *md5sig;
1058
1059 key = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&addr, AF_INET);
1060 if (!key)
1061 return -ENOENT;
1062 hlist_del_rcu(&key->node);
1063 atomic_sub(sizeof(*key), &sk->sk_omem_alloc);
1064 kfree_rcu(key, rcu);
1065 md5sig = rcu_dereference_protected(tp->md5sig_info,
1066 sock_owned_by_user(sk));
1067 if (hlist_empty(&md5sig->head))
1068 tcp_free_md5sig_pool();
1069 return 0;
1070}
1071EXPORT_SYMBOL(tcp_md5_do_del);
1072
1073void tcp_clear_md5_list(struct sock *sk)
1074{
1075 struct tcp_sock *tp = tcp_sk(sk);
1076 struct tcp_md5sig_key *key;
1077 struct hlist_node *pos, *n;
1078 struct tcp_md5sig_info *md5sig;
1079
1080 md5sig = rcu_dereference_protected(tp->md5sig_info, 1);
1081
1082 if (!hlist_empty(&md5sig->head))
1083 tcp_free_md5sig_pool();
1084 hlist_for_each_entry_safe(key, pos, n, &md5sig->head, node) {
1085 hlist_del_rcu(&key->node);
1086 atomic_sub(sizeof(*key), &sk->sk_omem_alloc);
1087 kfree_rcu(key, rcu);
1088 }
1089}
1090
1091static int tcp_v4_parse_md5_keys(struct sock *sk, char __user *optval,
1092 int optlen)
1093{
1094 struct tcp_md5sig cmd;
1095 struct sockaddr_in *sin = (struct sockaddr_in *)&cmd.tcpm_addr;
1096
1097 if (optlen < sizeof(cmd))
1098 return -EINVAL;
1099
1100 if (copy_from_user(&cmd, optval, sizeof(cmd)))
1101 return -EFAULT;
1102
1103 if (sin->sin_family != AF_INET)
1104 return -EINVAL;
1105
1106 if (!cmd.tcpm_key || !cmd.tcpm_keylen)
1107 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin->sin_addr.s_addr,
1108 AF_INET);
1109
1110 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
1111 return -EINVAL;
1112
1113 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin->sin_addr.s_addr,
1114 AF_INET, cmd.tcpm_key, cmd.tcpm_keylen,
1115 GFP_KERNEL);
1116}
1117
1118static int tcp_v4_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
1119 __be32 daddr, __be32 saddr, int nbytes)
1120{
1121 struct tcp4_pseudohdr *bp;
1122 struct scatterlist sg;
1123
1124 bp = &hp->md5_blk.ip4;
1125
1126
1127
1128
1129
1130
1131 bp->saddr = saddr;
1132 bp->daddr = daddr;
1133 bp->pad = 0;
1134 bp->protocol = IPPROTO_TCP;
1135 bp->len = cpu_to_be16(nbytes);
1136
1137 sg_init_one(&sg, bp, sizeof(*bp));
1138 return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
1139}
1140
1141static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
1142 __be32 daddr, __be32 saddr, const struct tcphdr *th)
1143{
1144 struct tcp_md5sig_pool *hp;
1145 struct hash_desc *desc;
1146
1147 hp = tcp_get_md5sig_pool();
1148 if (!hp)
1149 goto clear_hash_noput;
1150 desc = &hp->md5_desc;
1151
1152 if (crypto_hash_init(desc))
1153 goto clear_hash;
1154 if (tcp_v4_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
1155 goto clear_hash;
1156 if (tcp_md5_hash_header(hp, th))
1157 goto clear_hash;
1158 if (tcp_md5_hash_key(hp, key))
1159 goto clear_hash;
1160 if (crypto_hash_final(desc, md5_hash))
1161 goto clear_hash;
1162
1163 tcp_put_md5sig_pool();
1164 return 0;
1165
1166clear_hash:
1167 tcp_put_md5sig_pool();
1168clear_hash_noput:
1169 memset(md5_hash, 0, 16);
1170 return 1;
1171}
1172
1173int tcp_v4_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
1174 const struct sock *sk, const struct request_sock *req,
1175 const struct sk_buff *skb)
1176{
1177 struct tcp_md5sig_pool *hp;
1178 struct hash_desc *desc;
1179 const struct tcphdr *th = tcp_hdr(skb);
1180 __be32 saddr, daddr;
1181
1182 if (sk) {
1183 saddr = inet_sk(sk)->inet_saddr;
1184 daddr = inet_sk(sk)->inet_daddr;
1185 } else if (req) {
1186 saddr = inet_rsk(req)->loc_addr;
1187 daddr = inet_rsk(req)->rmt_addr;
1188 } else {
1189 const struct iphdr *iph = ip_hdr(skb);
1190 saddr = iph->saddr;
1191 daddr = iph->daddr;
1192 }
1193
1194 hp = tcp_get_md5sig_pool();
1195 if (!hp)
1196 goto clear_hash_noput;
1197 desc = &hp->md5_desc;
1198
1199 if (crypto_hash_init(desc))
1200 goto clear_hash;
1201
1202 if (tcp_v4_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
1203 goto clear_hash;
1204 if (tcp_md5_hash_header(hp, th))
1205 goto clear_hash;
1206 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
1207 goto clear_hash;
1208 if (tcp_md5_hash_key(hp, key))
1209 goto clear_hash;
1210 if (crypto_hash_final(desc, md5_hash))
1211 goto clear_hash;
1212
1213 tcp_put_md5sig_pool();
1214 return 0;
1215
1216clear_hash:
1217 tcp_put_md5sig_pool();
1218clear_hash_noput:
1219 memset(md5_hash, 0, 16);
1220 return 1;
1221}
1222EXPORT_SYMBOL(tcp_v4_md5_hash_skb);
1223
1224static bool tcp_v4_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb)
1225{
1226
1227
1228
1229
1230
1231
1232
1233
1234 const __u8 *hash_location = NULL;
1235 struct tcp_md5sig_key *hash_expected;
1236 const struct iphdr *iph = ip_hdr(skb);
1237 const struct tcphdr *th = tcp_hdr(skb);
1238 int genhash;
1239 unsigned char newhash[16];
1240
1241 hash_expected = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&iph->saddr,
1242 AF_INET);
1243 hash_location = tcp_parse_md5sig_option(th);
1244
1245
1246 if (!hash_expected && !hash_location)
1247 return false;
1248
1249 if (hash_expected && !hash_location) {
1250 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
1251 return true;
1252 }
1253
1254 if (!hash_expected && hash_location) {
1255 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
1256 return true;
1257 }
1258
1259
1260
1261
1262 genhash = tcp_v4_md5_hash_skb(newhash,
1263 hash_expected,
1264 NULL, NULL, skb);
1265
1266 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
1267 net_info_ratelimited("MD5 Hash failed for (%pI4, %d)->(%pI4, %d)%s\n",
1268 &iph->saddr, ntohs(th->source),
1269 &iph->daddr, ntohs(th->dest),
1270 genhash ? " tcp_v4_calc_md5_hash failed"
1271 : "");
1272 return true;
1273 }
1274 return false;
1275}
1276
1277#endif
1278
1279struct request_sock_ops tcp_request_sock_ops __read_mostly = {
1280 .family = PF_INET,
1281 .obj_size = sizeof(struct tcp_request_sock),
1282 .rtx_syn_ack = tcp_v4_rtx_synack,
1283 .send_ack = tcp_v4_reqsk_send_ack,
1284 .destructor = tcp_v4_reqsk_destructor,
1285 .send_reset = tcp_v4_send_reset,
1286 .syn_ack_timeout = tcp_syn_ack_timeout,
1287};
1288
1289#ifdef CONFIG_TCP_MD5SIG
1290static const struct tcp_request_sock_ops tcp_request_sock_ipv4_ops = {
1291 .md5_lookup = tcp_v4_reqsk_md5_lookup,
1292 .calc_md5_hash = tcp_v4_md5_hash_skb,
1293};
1294#endif
1295
1296static bool tcp_fastopen_check(struct sock *sk, struct sk_buff *skb,
1297 struct request_sock *req,
1298 struct tcp_fastopen_cookie *foc,
1299 struct tcp_fastopen_cookie *valid_foc)
1300{
1301 bool skip_cookie = false;
1302 struct fastopen_queue *fastopenq;
1303
1304 if (likely(!fastopen_cookie_present(foc))) {
1305
1306 if ((sysctl_tcp_fastopen & TFO_SERVER_ALWAYS) ||
1307 ((sysctl_tcp_fastopen & TFO_SERVER_COOKIE_NOT_REQD) &&
1308 (TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq + 1)))
1309 skip_cookie = true;
1310 else
1311 return false;
1312 }
1313 fastopenq = inet_csk(sk)->icsk_accept_queue.fastopenq;
1314
1315 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPFASTOPENPASSIVE);
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327 if ((sysctl_tcp_fastopen & TFO_SERVER_ENABLE) == 0 ||
1328 fastopenq == NULL || fastopenq->max_qlen == 0)
1329 return false;
1330
1331 if (fastopenq->qlen >= fastopenq->max_qlen) {
1332 struct request_sock *req1;
1333 spin_lock(&fastopenq->lock);
1334 req1 = fastopenq->rskq_rst_head;
1335 if ((req1 == NULL) || time_after(req1->expires, jiffies)) {
1336 spin_unlock(&fastopenq->lock);
1337 NET_INC_STATS_BH(sock_net(sk),
1338 LINUX_MIB_TCPFASTOPENLISTENOVERFLOW);
1339
1340 foc->len = -1;
1341 return false;
1342 }
1343 fastopenq->rskq_rst_head = req1->dl_next;
1344 fastopenq->qlen--;
1345 spin_unlock(&fastopenq->lock);
1346 reqsk_free(req1);
1347 }
1348 if (skip_cookie) {
1349 tcp_rsk(req)->rcv_nxt = TCP_SKB_CB(skb)->end_seq;
1350 return true;
1351 }
1352 if (foc->len == TCP_FASTOPEN_COOKIE_SIZE) {
1353 if ((sysctl_tcp_fastopen & TFO_SERVER_COOKIE_NOT_CHKED) == 0) {
1354 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr, valid_foc);
1355 if ((valid_foc->len != TCP_FASTOPEN_COOKIE_SIZE) ||
1356 memcmp(&foc->val[0], &valid_foc->val[0],
1357 TCP_FASTOPEN_COOKIE_SIZE) != 0)
1358 return false;
1359 valid_foc->len = -1;
1360 }
1361
1362 tcp_rsk(req)->rcv_nxt = TCP_SKB_CB(skb)->end_seq;
1363 return true;
1364 } else if (foc->len == 0) {
1365 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr, valid_foc);
1366 NET_INC_STATS_BH(sock_net(sk),
1367 LINUX_MIB_TCPFASTOPENCOOKIEREQD);
1368 } else {
1369
1370
1371
1372 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr, valid_foc);
1373 }
1374 return false;
1375}
1376
1377static int tcp_v4_conn_req_fastopen(struct sock *sk,
1378 struct sk_buff *skb,
1379 struct sk_buff *skb_synack,
1380 struct request_sock *req,
1381 struct request_values *rvp)
1382{
1383 struct tcp_sock *tp = tcp_sk(sk);
1384 struct request_sock_queue *queue = &inet_csk(sk)->icsk_accept_queue;
1385 const struct inet_request_sock *ireq = inet_rsk(req);
1386 struct sock *child;
1387 int err;
1388
1389 req->retrans = 0;
1390 req->sk = NULL;
1391
1392 child = inet_csk(sk)->icsk_af_ops->syn_recv_sock(sk, skb, req, NULL);
1393 if (child == NULL) {
1394 NET_INC_STATS_BH(sock_net(sk),
1395 LINUX_MIB_TCPFASTOPENPASSIVEFAIL);
1396 kfree_skb(skb_synack);
1397 return -1;
1398 }
1399 err = ip_build_and_send_pkt(skb_synack, sk, ireq->loc_addr,
1400 ireq->rmt_addr, ireq->opt);
1401 err = net_xmit_eval(err);
1402 if (!err)
1403 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1404
1405
1406 spin_lock(&queue->fastopenq->lock);
1407 queue->fastopenq->qlen++;
1408 spin_unlock(&queue->fastopenq->lock);
1409
1410
1411
1412
1413
1414 tp = tcp_sk(child);
1415
1416 tp->fastopen_rsk = req;
1417
1418
1419
1420
1421 sock_hold(sk);
1422 tcp_rsk(req)->listener = sk;
1423
1424
1425
1426
1427 tp->snd_wnd = ntohs(tcp_hdr(skb)->window);
1428
1429
1430
1431
1432
1433 inet_csk_reset_xmit_timer(child, ICSK_TIME_RETRANS,
1434 TCP_TIMEOUT_INIT, TCP_RTO_MAX);
1435
1436
1437 inet_csk_reqsk_queue_add(sk, req, child);
1438
1439
1440 inet_csk(child)->icsk_af_ops->rebuild_header(child);
1441 tcp_init_congestion_control(child);
1442 tcp_mtup_init(child);
1443 tcp_init_buffer_space(child);
1444 tcp_init_metrics(child);
1445
1446
1447
1448
1449
1450
1451
1452 if (TCP_SKB_CB(skb)->end_seq == TCP_SKB_CB(skb)->seq + 1) {
1453
1454
1455
1456 tp->rcv_nxt = TCP_SKB_CB(skb)->end_seq;
1457 } else {
1458 skb = skb_get(skb);
1459 skb_dst_drop(skb);
1460 __skb_pull(skb, tcp_hdr(skb)->doff * 4);
1461 skb_set_owner_r(skb, child);
1462 __skb_queue_tail(&child->sk_receive_queue, skb);
1463 tp->rcv_nxt = TCP_SKB_CB(skb)->end_seq;
1464 tp->syn_data_acked = 1;
1465 }
1466 sk->sk_data_ready(sk, 0);
1467 bh_unlock_sock(child);
1468 sock_put(child);
1469 WARN_ON(req->sk == NULL);
1470 return 0;
1471}
1472
1473int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1474{
1475 struct tcp_extend_values tmp_ext;
1476 struct tcp_options_received tmp_opt;
1477 const u8 *hash_location;
1478 struct request_sock *req;
1479 struct inet_request_sock *ireq;
1480 struct tcp_sock *tp = tcp_sk(sk);
1481 struct dst_entry *dst = NULL;
1482 __be32 saddr = ip_hdr(skb)->saddr;
1483 __be32 daddr = ip_hdr(skb)->daddr;
1484 __u32 isn = TCP_SKB_CB(skb)->when;
1485 bool want_cookie = false;
1486 struct flowi4 fl4;
1487 struct tcp_fastopen_cookie foc = { .len = -1 };
1488 struct tcp_fastopen_cookie valid_foc = { .len = -1 };
1489 struct sk_buff *skb_synack;
1490 int do_fastopen;
1491
1492
1493 if (skb_rtable(skb)->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST))
1494 goto drop;
1495
1496
1497
1498
1499
1500 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1501 want_cookie = tcp_syn_flood_action(sk, skb, "TCP");
1502 if (!want_cookie)
1503 goto drop;
1504 }
1505
1506
1507
1508
1509
1510
1511 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1512 goto drop;
1513
1514 req = inet_reqsk_alloc(&tcp_request_sock_ops);
1515 if (!req)
1516 goto drop;
1517
1518#ifdef CONFIG_TCP_MD5SIG
1519 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv4_ops;
1520#endif
1521
1522 tcp_clear_options(&tmp_opt);
1523 tmp_opt.mss_clamp = TCP_MSS_DEFAULT;
1524 tmp_opt.user_mss = tp->rx_opt.user_mss;
1525 tcp_parse_options(skb, &tmp_opt, &hash_location, 0,
1526 want_cookie ? NULL : &foc);
1527
1528 if (tmp_opt.cookie_plus > 0 &&
1529 tmp_opt.saw_tstamp &&
1530 !tp->rx_opt.cookie_out_never &&
1531 (sysctl_tcp_cookie_size > 0 ||
1532 (tp->cookie_values != NULL &&
1533 tp->cookie_values->cookie_desired > 0))) {
1534 u8 *c;
1535 u32 *mess = &tmp_ext.cookie_bakery[COOKIE_DIGEST_WORDS];
1536 int l = tmp_opt.cookie_plus - TCPOLEN_COOKIE_BASE;
1537
1538 if (tcp_cookie_generator(&tmp_ext.cookie_bakery[0]) != 0)
1539 goto drop_and_release;
1540
1541
1542 *mess++ ^= (__force u32)daddr;
1543 *mess++ ^= (__force u32)saddr;
1544
1545
1546 c = (u8 *)mess;
1547 while (l-- > 0)
1548 *c++ ^= *hash_location++;
1549
1550 want_cookie = false;
1551 tmp_ext.cookie_out_never = 0;
1552 tmp_ext.cookie_plus = tmp_opt.cookie_plus;
1553 } else if (!tp->rx_opt.cookie_in_always) {
1554
1555 tmp_ext.cookie_out_never = 1;
1556 tmp_ext.cookie_plus = 0;
1557 } else {
1558 goto drop_and_release;
1559 }
1560 tmp_ext.cookie_in_always = tp->rx_opt.cookie_in_always;
1561
1562 if (want_cookie && !tmp_opt.saw_tstamp)
1563 tcp_clear_options(&tmp_opt);
1564
1565 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1566 tcp_openreq_init(req, &tmp_opt, skb);
1567
1568 ireq = inet_rsk(req);
1569 ireq->loc_addr = daddr;
1570 ireq->rmt_addr = saddr;
1571 ireq->no_srccheck = inet_sk(sk)->transparent;
1572 ireq->opt = tcp_v4_save_options(skb);
1573
1574 if (security_inet_conn_request(sk, skb, req))
1575 goto drop_and_free;
1576
1577 if (!want_cookie || tmp_opt.tstamp_ok)
1578 TCP_ECN_create_request(req, skb);
1579
1580 if (want_cookie) {
1581 isn = cookie_v4_init_sequence(sk, skb, &req->mss);
1582 req->cookie_ts = tmp_opt.tstamp_ok;
1583 } else if (!isn) {
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593 if (tmp_opt.saw_tstamp &&
1594 tcp_death_row.sysctl_tw_recycle &&
1595 (dst = inet_csk_route_req(sk, &fl4, req)) != NULL &&
1596 fl4.daddr == saddr) {
1597 if (!tcp_peer_is_proven(req, dst, true)) {
1598 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_PAWSPASSIVEREJECTED);
1599 goto drop_and_release;
1600 }
1601 }
1602
1603 else if (!sysctl_tcp_syncookies &&
1604 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
1605 (sysctl_max_syn_backlog >> 2)) &&
1606 !tcp_peer_is_proven(req, dst, false)) {
1607
1608
1609
1610
1611
1612
1613
1614 LIMIT_NETDEBUG(KERN_DEBUG pr_fmt("drop open request from %pI4/%u\n"),
1615 &saddr, ntohs(tcp_hdr(skb)->source));
1616 goto drop_and_release;
1617 }
1618
1619 isn = tcp_v4_init_sequence(skb);
1620 }
1621 tcp_rsk(req)->snt_isn = isn;
1622
1623 if (dst == NULL) {
1624 dst = inet_csk_route_req(sk, &fl4, req);
1625 if (dst == NULL)
1626 goto drop_and_free;
1627 }
1628 do_fastopen = tcp_fastopen_check(sk, skb, req, &foc, &valid_foc);
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641 skb_synack = tcp_make_synack(sk, dst, req,
1642 (struct request_values *)&tmp_ext,
1643 fastopen_cookie_present(&valid_foc) ? &valid_foc : NULL);
1644
1645 if (skb_synack) {
1646 __tcp_v4_send_check(skb_synack, ireq->loc_addr, ireq->rmt_addr);
1647 skb_set_queue_mapping(skb_synack, skb_get_queue_mapping(skb));
1648 } else
1649 goto drop_and_free;
1650
1651 if (likely(!do_fastopen)) {
1652 int err;
1653 err = ip_build_and_send_pkt(skb_synack, sk, ireq->loc_addr,
1654 ireq->rmt_addr, ireq->opt);
1655 err = net_xmit_eval(err);
1656 if (err || want_cookie)
1657 goto drop_and_free;
1658
1659 tcp_rsk(req)->snt_synack = tcp_time_stamp;
1660 tcp_rsk(req)->listener = NULL;
1661
1662 inet_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1663 if (fastopen_cookie_present(&foc) && foc.len != 0)
1664 NET_INC_STATS_BH(sock_net(sk),
1665 LINUX_MIB_TCPFASTOPENPASSIVEFAIL);
1666 } else if (tcp_v4_conn_req_fastopen(sk, skb, skb_synack, req,
1667 (struct request_values *)&tmp_ext))
1668 goto drop_and_free;
1669
1670 return 0;
1671
1672drop_and_release:
1673 dst_release(dst);
1674drop_and_free:
1675 reqsk_free(req);
1676drop:
1677 return 0;
1678}
1679EXPORT_SYMBOL(tcp_v4_conn_request);
1680
1681
1682
1683
1684
1685
1686struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1687 struct request_sock *req,
1688 struct dst_entry *dst)
1689{
1690 struct inet_request_sock *ireq;
1691 struct inet_sock *newinet;
1692 struct tcp_sock *newtp;
1693 struct sock *newsk;
1694#ifdef CONFIG_TCP_MD5SIG
1695 struct tcp_md5sig_key *key;
1696#endif
1697 struct ip_options_rcu *inet_opt;
1698
1699 if (sk_acceptq_is_full(sk))
1700 goto exit_overflow;
1701
1702 newsk = tcp_create_openreq_child(sk, req, skb);
1703 if (!newsk)
1704 goto exit_nonewsk;
1705
1706 newsk->sk_gso_type = SKB_GSO_TCPV4;
1707 inet_sk_rx_dst_set(newsk, skb);
1708
1709 newtp = tcp_sk(newsk);
1710 newinet = inet_sk(newsk);
1711 ireq = inet_rsk(req);
1712 newinet->inet_daddr = ireq->rmt_addr;
1713 newinet->inet_rcv_saddr = ireq->loc_addr;
1714 newinet->inet_saddr = ireq->loc_addr;
1715 inet_opt = ireq->opt;
1716 rcu_assign_pointer(newinet->inet_opt, inet_opt);
1717 ireq->opt = NULL;
1718 newinet->mc_index = inet_iif(skb);
1719 newinet->mc_ttl = ip_hdr(skb)->ttl;
1720 newinet->rcv_tos = ip_hdr(skb)->tos;
1721 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1722 if (inet_opt)
1723 inet_csk(newsk)->icsk_ext_hdr_len = inet_opt->opt.optlen;
1724 newinet->inet_id = newtp->write_seq ^ jiffies;
1725
1726 if (!dst) {
1727 dst = inet_csk_route_child_sock(sk, newsk, req);
1728 if (!dst)
1729 goto put_and_exit;
1730 } else {
1731
1732 }
1733 sk_setup_caps(newsk, dst);
1734
1735 tcp_mtup_init(newsk);
1736 tcp_sync_mss(newsk, dst_mtu(dst));
1737 newtp->advmss = dst_metric_advmss(dst);
1738 if (tcp_sk(sk)->rx_opt.user_mss &&
1739 tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1740 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1741
1742 tcp_initialize_rcv_mss(newsk);
1743 tcp_synack_rtt_meas(newsk, req);
1744 newtp->total_retrans = req->retrans;
1745
1746#ifdef CONFIG_TCP_MD5SIG
1747
1748 key = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&newinet->inet_daddr,
1749 AF_INET);
1750 if (key != NULL) {
1751
1752
1753
1754
1755
1756
1757 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newinet->inet_daddr,
1758 AF_INET, key->key, key->keylen, GFP_ATOMIC);
1759 sk_nocaps_add(newsk, NETIF_F_GSO_MASK);
1760 }
1761#endif
1762
1763 if (__inet_inherit_port(sk, newsk) < 0)
1764 goto put_and_exit;
1765 __inet_hash_nolisten(newsk, NULL);
1766
1767 return newsk;
1768
1769exit_overflow:
1770 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1771exit_nonewsk:
1772 dst_release(dst);
1773exit:
1774 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1775 return NULL;
1776put_and_exit:
1777 tcp_clear_xmit_timers(newsk);
1778 tcp_cleanup_congestion_control(newsk);
1779 bh_unlock_sock(newsk);
1780 sock_put(newsk);
1781 goto exit;
1782}
1783EXPORT_SYMBOL(tcp_v4_syn_recv_sock);
1784
1785static struct sock *tcp_v4_hnd_req(struct sock *sk, struct sk_buff *skb)
1786{
1787 struct tcphdr *th = tcp_hdr(skb);
1788 const struct iphdr *iph = ip_hdr(skb);
1789 struct sock *nsk;
1790 struct request_sock **prev;
1791
1792 struct request_sock *req = inet_csk_search_req(sk, &prev, th->source,
1793 iph->saddr, iph->daddr);
1794 if (req)
1795 return tcp_check_req(sk, skb, req, prev, false);
1796
1797 nsk = inet_lookup_established(sock_net(sk), &tcp_hashinfo, iph->saddr,
1798 th->source, iph->daddr, th->dest, inet_iif(skb));
1799
1800 if (nsk) {
1801 if (nsk->sk_state != TCP_TIME_WAIT) {
1802 bh_lock_sock(nsk);
1803 return nsk;
1804 }
1805 inet_twsk_put(inet_twsk(nsk));
1806 return NULL;
1807 }
1808
1809#ifdef CONFIG_SYN_COOKIES
1810 if (!th->syn)
1811 sk = cookie_v4_check(sk, skb, &(IPCB(skb)->opt));
1812#endif
1813 return sk;
1814}
1815
1816static __sum16 tcp_v4_checksum_init(struct sk_buff *skb)
1817{
1818 const struct iphdr *iph = ip_hdr(skb);
1819
1820 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1821 if (!tcp_v4_check(skb->len, iph->saddr,
1822 iph->daddr, skb->csum)) {
1823 skb->ip_summed = CHECKSUM_UNNECESSARY;
1824 return 0;
1825 }
1826 }
1827
1828 skb->csum = csum_tcpudp_nofold(iph->saddr, iph->daddr,
1829 skb->len, IPPROTO_TCP, 0);
1830
1831 if (skb->len <= 76) {
1832 return __skb_checksum_complete(skb);
1833 }
1834 return 0;
1835}
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
1847{
1848 struct sock *rsk;
1849#ifdef CONFIG_TCP_MD5SIG
1850
1851
1852
1853
1854
1855
1856 if (tcp_v4_inbound_md5_hash(sk, skb))
1857 goto discard;
1858#endif
1859
1860 if (sk->sk_state == TCP_ESTABLISHED) {
1861 struct dst_entry *dst = sk->sk_rx_dst;
1862
1863 sock_rps_save_rxhash(sk, skb);
1864 if (dst) {
1865 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1866 dst->ops->check(dst, 0) == NULL) {
1867 dst_release(dst);
1868 sk->sk_rx_dst = NULL;
1869 }
1870 }
1871 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len)) {
1872 rsk = sk;
1873 goto reset;
1874 }
1875 return 0;
1876 }
1877
1878 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1879 goto csum_err;
1880
1881 if (sk->sk_state == TCP_LISTEN) {
1882 struct sock *nsk = tcp_v4_hnd_req(sk, skb);
1883 if (!nsk)
1884 goto discard;
1885
1886 if (nsk != sk) {
1887 sock_rps_save_rxhash(nsk, skb);
1888 if (tcp_child_process(sk, nsk, skb)) {
1889 rsk = nsk;
1890 goto reset;
1891 }
1892 return 0;
1893 }
1894 } else
1895 sock_rps_save_rxhash(sk, skb);
1896
1897 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) {
1898 rsk = sk;
1899 goto reset;
1900 }
1901 return 0;
1902
1903reset:
1904 tcp_v4_send_reset(rsk, skb);
1905discard:
1906 kfree_skb(skb);
1907
1908
1909
1910
1911
1912 return 0;
1913
1914csum_err:
1915 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1916 goto discard;
1917}
1918EXPORT_SYMBOL(tcp_v4_do_rcv);
1919
1920void tcp_v4_early_demux(struct sk_buff *skb)
1921{
1922 struct net *net = dev_net(skb->dev);
1923 const struct iphdr *iph;
1924 const struct tcphdr *th;
1925 struct sock *sk;
1926
1927 if (skb->pkt_type != PACKET_HOST)
1928 return;
1929
1930 if (!pskb_may_pull(skb, ip_hdrlen(skb) + sizeof(struct tcphdr)))
1931 return;
1932
1933 iph = ip_hdr(skb);
1934 th = (struct tcphdr *) ((char *)iph + ip_hdrlen(skb));
1935
1936 if (th->doff < sizeof(struct tcphdr) / 4)
1937 return;
1938
1939 sk = __inet_lookup_established(net, &tcp_hashinfo,
1940 iph->saddr, th->source,
1941 iph->daddr, ntohs(th->dest),
1942 skb->skb_iif);
1943 if (sk) {
1944 skb->sk = sk;
1945 skb->destructor = sock_edemux;
1946 if (sk->sk_state != TCP_TIME_WAIT) {
1947 struct dst_entry *dst = sk->sk_rx_dst;
1948
1949 if (dst)
1950 dst = dst_check(dst, 0);
1951 if (dst &&
1952 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1953 skb_dst_set_noref(skb, dst);
1954 }
1955 }
1956}
1957
1958
1959
1960
1961
1962int tcp_v4_rcv(struct sk_buff *skb)
1963{
1964 const struct iphdr *iph;
1965 const struct tcphdr *th;
1966 struct sock *sk;
1967 int ret;
1968 struct net *net = dev_net(skb->dev);
1969
1970 if (skb->pkt_type != PACKET_HOST)
1971 goto discard_it;
1972
1973
1974 TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1975
1976 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1977 goto discard_it;
1978
1979 th = tcp_hdr(skb);
1980
1981 if (th->doff < sizeof(struct tcphdr) / 4)
1982 goto bad_packet;
1983 if (!pskb_may_pull(skb, th->doff * 4))
1984 goto discard_it;
1985
1986
1987
1988
1989
1990 if (!skb_csum_unnecessary(skb) && tcp_v4_checksum_init(skb))
1991 goto bad_packet;
1992
1993 th = tcp_hdr(skb);
1994 iph = ip_hdr(skb);
1995 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1996 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1997 skb->len - th->doff * 4);
1998 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1999 TCP_SKB_CB(skb)->when = 0;
2000 TCP_SKB_CB(skb)->ip_dsfield = ipv4_get_dsfield(iph);
2001 TCP_SKB_CB(skb)->sacked = 0;
2002
2003 sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
2004 if (!sk)
2005 goto no_tcp_socket;
2006
2007process:
2008 if (sk->sk_state == TCP_TIME_WAIT)
2009 goto do_time_wait;
2010
2011 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) {
2012 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
2013 goto discard_and_relse;
2014 }
2015
2016 if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb))
2017 goto discard_and_relse;
2018 nf_reset(skb);
2019
2020 if (sk_filter(sk, skb))
2021 goto discard_and_relse;
2022
2023 skb->dev = NULL;
2024
2025 bh_lock_sock_nested(sk);
2026 ret = 0;
2027 if (!sock_owned_by_user(sk)) {
2028#ifdef CONFIG_NET_DMA
2029 struct tcp_sock *tp = tcp_sk(sk);
2030 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
2031 tp->ucopy.dma_chan = net_dma_find_channel();
2032 if (tp->ucopy.dma_chan)
2033 ret = tcp_v4_do_rcv(sk, skb);
2034 else
2035#endif
2036 {
2037 if (!tcp_prequeue(sk, skb))
2038 ret = tcp_v4_do_rcv(sk, skb);
2039 }
2040 } else if (unlikely(sk_add_backlog(sk, skb,
2041 sk->sk_rcvbuf + sk->sk_sndbuf))) {
2042 bh_unlock_sock(sk);
2043 NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
2044 goto discard_and_relse;
2045 }
2046 bh_unlock_sock(sk);
2047
2048 sock_put(sk);
2049
2050 return ret;
2051
2052no_tcp_socket:
2053 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
2054 goto discard_it;
2055
2056 if (skb->len < (th->doff << 2) || tcp_checksum_complete(skb)) {
2057bad_packet:
2058 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
2059 } else {
2060 tcp_v4_send_reset(NULL, skb);
2061 }
2062
2063discard_it:
2064
2065 kfree_skb(skb);
2066 return 0;
2067
2068discard_and_relse:
2069 sock_put(sk);
2070 goto discard_it;
2071
2072do_time_wait:
2073 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) {
2074 inet_twsk_put(inet_twsk(sk));
2075 goto discard_it;
2076 }
2077
2078 if (skb->len < (th->doff << 2) || tcp_checksum_complete(skb)) {
2079 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
2080 inet_twsk_put(inet_twsk(sk));
2081 goto discard_it;
2082 }
2083 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
2084 case TCP_TW_SYN: {
2085 struct sock *sk2 = inet_lookup_listener(dev_net(skb->dev),
2086 &tcp_hashinfo,
2087 iph->daddr, th->dest,
2088 inet_iif(skb));
2089 if (sk2) {
2090 inet_twsk_deschedule(inet_twsk(sk), &tcp_death_row);
2091 inet_twsk_put(inet_twsk(sk));
2092 sk = sk2;
2093 goto process;
2094 }
2095
2096 }
2097 case TCP_TW_ACK:
2098 tcp_v4_timewait_ack(sk, skb);
2099 break;
2100 case TCP_TW_RST:
2101 goto no_tcp_socket;
2102 case TCP_TW_SUCCESS:;
2103 }
2104 goto discard_it;
2105}
2106
2107static struct timewait_sock_ops tcp_timewait_sock_ops = {
2108 .twsk_obj_size = sizeof(struct tcp_timewait_sock),
2109 .twsk_unique = tcp_twsk_unique,
2110 .twsk_destructor= tcp_twsk_destructor,
2111};
2112
2113void inet_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
2114{
2115 struct dst_entry *dst = skb_dst(skb);
2116
2117 dst_hold(dst);
2118 sk->sk_rx_dst = dst;
2119 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
2120}
2121EXPORT_SYMBOL(inet_sk_rx_dst_set);
2122
2123const struct inet_connection_sock_af_ops ipv4_specific = {
2124 .queue_xmit = ip_queue_xmit,
2125 .send_check = tcp_v4_send_check,
2126 .rebuild_header = inet_sk_rebuild_header,
2127 .sk_rx_dst_set = inet_sk_rx_dst_set,
2128 .conn_request = tcp_v4_conn_request,
2129 .syn_recv_sock = tcp_v4_syn_recv_sock,
2130 .net_header_len = sizeof(struct iphdr),
2131 .setsockopt = ip_setsockopt,
2132 .getsockopt = ip_getsockopt,
2133 .addr2sockaddr = inet_csk_addr2sockaddr,
2134 .sockaddr_len = sizeof(struct sockaddr_in),
2135 .bind_conflict = inet_csk_bind_conflict,
2136#ifdef CONFIG_COMPAT
2137 .compat_setsockopt = compat_ip_setsockopt,
2138 .compat_getsockopt = compat_ip_getsockopt,
2139#endif
2140};
2141EXPORT_SYMBOL(ipv4_specific);
2142
2143#ifdef CONFIG_TCP_MD5SIG
2144static const struct tcp_sock_af_ops tcp_sock_ipv4_specific = {
2145 .md5_lookup = tcp_v4_md5_lookup,
2146 .calc_md5_hash = tcp_v4_md5_hash_skb,
2147 .md5_parse = tcp_v4_parse_md5_keys,
2148};
2149#endif
2150
2151
2152
2153
2154static int tcp_v4_init_sock(struct sock *sk)
2155{
2156 struct inet_connection_sock *icsk = inet_csk(sk);
2157
2158 tcp_init_sock(sk);
2159
2160 icsk->icsk_af_ops = &ipv4_specific;
2161
2162#ifdef CONFIG_TCP_MD5SIG
2163 tcp_sk(sk)->af_specific = &tcp_sock_ipv4_specific;
2164#endif
2165
2166 return 0;
2167}
2168
2169void tcp_v4_destroy_sock(struct sock *sk)
2170{
2171 struct tcp_sock *tp = tcp_sk(sk);
2172
2173 tcp_clear_xmit_timers(sk);
2174
2175 tcp_cleanup_congestion_control(sk);
2176
2177
2178 tcp_write_queue_purge(sk);
2179
2180
2181 __skb_queue_purge(&tp->out_of_order_queue);
2182
2183#ifdef CONFIG_TCP_MD5SIG
2184
2185 if (tp->md5sig_info) {
2186 tcp_clear_md5_list(sk);
2187 kfree_rcu(tp->md5sig_info, rcu);
2188 tp->md5sig_info = NULL;
2189 }
2190#endif
2191
2192#ifdef CONFIG_NET_DMA
2193
2194 __skb_queue_purge(&sk->sk_async_wait_queue);
2195#endif
2196
2197
2198 __skb_queue_purge(&tp->ucopy.prequeue);
2199
2200
2201 if (inet_csk(sk)->icsk_bind_hash)
2202 inet_put_port(sk);
2203
2204
2205 if (tp->cookie_values != NULL) {
2206 kref_put(&tp->cookie_values->kref,
2207 tcp_cookie_values_release);
2208 tp->cookie_values = NULL;
2209 }
2210 BUG_ON(tp->fastopen_rsk != NULL);
2211
2212
2213 tcp_free_fastopen_req(tp);
2214
2215 sk_sockets_allocated_dec(sk);
2216 sock_release_memcg(sk);
2217}
2218EXPORT_SYMBOL(tcp_v4_destroy_sock);
2219
2220#ifdef CONFIG_PROC_FS
2221
2222
2223static inline struct inet_timewait_sock *tw_head(struct hlist_nulls_head *head)
2224{
2225 return hlist_nulls_empty(head) ? NULL :
2226 list_entry(head->first, struct inet_timewait_sock, tw_node);
2227}
2228
2229static inline struct inet_timewait_sock *tw_next(struct inet_timewait_sock *tw)
2230{
2231 return !is_a_nulls(tw->tw_node.next) ?
2232 hlist_nulls_entry(tw->tw_node.next, typeof(*tw), tw_node) : NULL;
2233}
2234
2235
2236
2237
2238
2239
2240static void *listening_get_next(struct seq_file *seq, void *cur)
2241{
2242 struct inet_connection_sock *icsk;
2243 struct hlist_nulls_node *node;
2244 struct sock *sk = cur;
2245 struct inet_listen_hashbucket *ilb;
2246 struct tcp_iter_state *st = seq->private;
2247 struct net *net = seq_file_net(seq);
2248
2249 if (!sk) {
2250 ilb = &tcp_hashinfo.listening_hash[st->bucket];
2251 spin_lock_bh(&ilb->lock);
2252 sk = sk_nulls_head(&ilb->head);
2253 st->offset = 0;
2254 goto get_sk;
2255 }
2256 ilb = &tcp_hashinfo.listening_hash[st->bucket];
2257 ++st->num;
2258 ++st->offset;
2259
2260 if (st->state == TCP_SEQ_STATE_OPENREQ) {
2261 struct request_sock *req = cur;
2262
2263 icsk = inet_csk(st->syn_wait_sk);
2264 req = req->dl_next;
2265 while (1) {
2266 while (req) {
2267 if (req->rsk_ops->family == st->family) {
2268 cur = req;
2269 goto out;
2270 }
2271 req = req->dl_next;
2272 }
2273 if (++st->sbucket >= icsk->icsk_accept_queue.listen_opt->nr_table_entries)
2274 break;
2275get_req:
2276 req = icsk->icsk_accept_queue.listen_opt->syn_table[st->sbucket];
2277 }
2278 sk = sk_nulls_next(st->syn_wait_sk);
2279 st->state = TCP_SEQ_STATE_LISTENING;
2280 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2281 } else {
2282 icsk = inet_csk(sk);
2283 read_lock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2284 if (reqsk_queue_len(&icsk->icsk_accept_queue))
2285 goto start_req;
2286 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2287 sk = sk_nulls_next(sk);
2288 }
2289get_sk:
2290 sk_nulls_for_each_from(sk, node) {
2291 if (!net_eq(sock_net(sk), net))
2292 continue;
2293 if (sk->sk_family == st->family) {
2294 cur = sk;
2295 goto out;
2296 }
2297 icsk = inet_csk(sk);
2298 read_lock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2299 if (reqsk_queue_len(&icsk->icsk_accept_queue)) {
2300start_req:
2301 st->uid = sock_i_uid(sk);
2302 st->syn_wait_sk = sk;
2303 st->state = TCP_SEQ_STATE_OPENREQ;
2304 st->sbucket = 0;
2305 goto get_req;
2306 }
2307 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2308 }
2309 spin_unlock_bh(&ilb->lock);
2310 st->offset = 0;
2311 if (++st->bucket < INET_LHTABLE_SIZE) {
2312 ilb = &tcp_hashinfo.listening_hash[st->bucket];
2313 spin_lock_bh(&ilb->lock);
2314 sk = sk_nulls_head(&ilb->head);
2315 goto get_sk;
2316 }
2317 cur = NULL;
2318out:
2319 return cur;
2320}
2321
2322static void *listening_get_idx(struct seq_file *seq, loff_t *pos)
2323{
2324 struct tcp_iter_state *st = seq->private;
2325 void *rc;
2326
2327 st->bucket = 0;
2328 st->offset = 0;
2329 rc = listening_get_next(seq, NULL);
2330
2331 while (rc && *pos) {
2332 rc = listening_get_next(seq, rc);
2333 --*pos;
2334 }
2335 return rc;
2336}
2337
2338static inline bool empty_bucket(struct tcp_iter_state *st)
2339{
2340 return hlist_nulls_empty(&tcp_hashinfo.ehash[st->bucket].chain) &&
2341 hlist_nulls_empty(&tcp_hashinfo.ehash[st->bucket].twchain);
2342}
2343
2344
2345
2346
2347
2348static void *established_get_first(struct seq_file *seq)
2349{
2350 struct tcp_iter_state *st = seq->private;
2351 struct net *net = seq_file_net(seq);
2352 void *rc = NULL;
2353
2354 st->offset = 0;
2355 for (; st->bucket <= tcp_hashinfo.ehash_mask; ++st->bucket) {
2356 struct sock *sk;
2357 struct hlist_nulls_node *node;
2358 struct inet_timewait_sock *tw;
2359 spinlock_t *lock = inet_ehash_lockp(&tcp_hashinfo, st->bucket);
2360
2361
2362 if (empty_bucket(st))
2363 continue;
2364
2365 spin_lock_bh(lock);
2366 sk_nulls_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
2367 if (sk->sk_family != st->family ||
2368 !net_eq(sock_net(sk), net)) {
2369 continue;
2370 }
2371 rc = sk;
2372 goto out;
2373 }
2374 st->state = TCP_SEQ_STATE_TIME_WAIT;
2375 inet_twsk_for_each(tw, node,
2376 &tcp_hashinfo.ehash[st->bucket].twchain) {
2377 if (tw->tw_family != st->family ||
2378 !net_eq(twsk_net(tw), net)) {
2379 continue;
2380 }
2381 rc = tw;
2382 goto out;
2383 }
2384 spin_unlock_bh(lock);
2385 st->state = TCP_SEQ_STATE_ESTABLISHED;
2386 }
2387out:
2388 return rc;
2389}
2390
2391static void *established_get_next(struct seq_file *seq, void *cur)
2392{
2393 struct sock *sk = cur;
2394 struct inet_timewait_sock *tw;
2395 struct hlist_nulls_node *node;
2396 struct tcp_iter_state *st = seq->private;
2397 struct net *net = seq_file_net(seq);
2398
2399 ++st->num;
2400 ++st->offset;
2401
2402 if (st->state == TCP_SEQ_STATE_TIME_WAIT) {
2403 tw = cur;
2404 tw = tw_next(tw);
2405get_tw:
2406 while (tw && (tw->tw_family != st->family || !net_eq(twsk_net(tw), net))) {
2407 tw = tw_next(tw);
2408 }
2409 if (tw) {
2410 cur = tw;
2411 goto out;
2412 }
2413 spin_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2414 st->state = TCP_SEQ_STATE_ESTABLISHED;
2415
2416
2417 st->offset = 0;
2418 while (++st->bucket <= tcp_hashinfo.ehash_mask &&
2419 empty_bucket(st))
2420 ;
2421 if (st->bucket > tcp_hashinfo.ehash_mask)
2422 return NULL;
2423
2424 spin_lock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2425 sk = sk_nulls_head(&tcp_hashinfo.ehash[st->bucket].chain);
2426 } else
2427 sk = sk_nulls_next(sk);
2428
2429 sk_nulls_for_each_from(sk, node) {
2430 if (sk->sk_family == st->family && net_eq(sock_net(sk), net))
2431 goto found;
2432 }
2433
2434 st->state = TCP_SEQ_STATE_TIME_WAIT;
2435 tw = tw_head(&tcp_hashinfo.ehash[st->bucket].twchain);
2436 goto get_tw;
2437found:
2438 cur = sk;
2439out:
2440 return cur;
2441}
2442
2443static void *established_get_idx(struct seq_file *seq, loff_t pos)
2444{
2445 struct tcp_iter_state *st = seq->private;
2446 void *rc;
2447
2448 st->bucket = 0;
2449 rc = established_get_first(seq);
2450
2451 while (rc && pos) {
2452 rc = established_get_next(seq, rc);
2453 --pos;
2454 }
2455 return rc;
2456}
2457
2458static void *tcp_get_idx(struct seq_file *seq, loff_t pos)
2459{
2460 void *rc;
2461 struct tcp_iter_state *st = seq->private;
2462
2463 st->state = TCP_SEQ_STATE_LISTENING;
2464 rc = listening_get_idx(seq, &pos);
2465
2466 if (!rc) {
2467 st->state = TCP_SEQ_STATE_ESTABLISHED;
2468 rc = established_get_idx(seq, pos);
2469 }
2470
2471 return rc;
2472}
2473
2474static void *tcp_seek_last_pos(struct seq_file *seq)
2475{
2476 struct tcp_iter_state *st = seq->private;
2477 int offset = st->offset;
2478 int orig_num = st->num;
2479 void *rc = NULL;
2480
2481 switch (st->state) {
2482 case TCP_SEQ_STATE_OPENREQ:
2483 case TCP_SEQ_STATE_LISTENING:
2484 if (st->bucket >= INET_LHTABLE_SIZE)
2485 break;
2486 st->state = TCP_SEQ_STATE_LISTENING;
2487 rc = listening_get_next(seq, NULL);
2488 while (offset-- && rc)
2489 rc = listening_get_next(seq, rc);
2490 if (rc)
2491 break;
2492 st->bucket = 0;
2493
2494 case TCP_SEQ_STATE_ESTABLISHED:
2495 case TCP_SEQ_STATE_TIME_WAIT:
2496 st->state = TCP_SEQ_STATE_ESTABLISHED;
2497 if (st->bucket > tcp_hashinfo.ehash_mask)
2498 break;
2499 rc = established_get_first(seq);
2500 while (offset-- && rc)
2501 rc = established_get_next(seq, rc);
2502 }
2503
2504 st->num = orig_num;
2505
2506 return rc;
2507}
2508
2509static void *tcp_seq_start(struct seq_file *seq, loff_t *pos)
2510{
2511 struct tcp_iter_state *st = seq->private;
2512 void *rc;
2513
2514 if (*pos && *pos == st->last_pos) {
2515 rc = tcp_seek_last_pos(seq);
2516 if (rc)
2517 goto out;
2518 }
2519
2520 st->state = TCP_SEQ_STATE_LISTENING;
2521 st->num = 0;
2522 st->bucket = 0;
2523 st->offset = 0;
2524 rc = *pos ? tcp_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2525
2526out:
2527 st->last_pos = *pos;
2528 return rc;
2529}
2530
2531static void *tcp_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2532{
2533 struct tcp_iter_state *st = seq->private;
2534 void *rc = NULL;
2535
2536 if (v == SEQ_START_TOKEN) {
2537 rc = tcp_get_idx(seq, 0);
2538 goto out;
2539 }
2540
2541 switch (st->state) {
2542 case TCP_SEQ_STATE_OPENREQ:
2543 case TCP_SEQ_STATE_LISTENING:
2544 rc = listening_get_next(seq, v);
2545 if (!rc) {
2546 st->state = TCP_SEQ_STATE_ESTABLISHED;
2547 st->bucket = 0;
2548 st->offset = 0;
2549 rc = established_get_first(seq);
2550 }
2551 break;
2552 case TCP_SEQ_STATE_ESTABLISHED:
2553 case TCP_SEQ_STATE_TIME_WAIT:
2554 rc = established_get_next(seq, v);
2555 break;
2556 }
2557out:
2558 ++*pos;
2559 st->last_pos = *pos;
2560 return rc;
2561}
2562
2563static void tcp_seq_stop(struct seq_file *seq, void *v)
2564{
2565 struct tcp_iter_state *st = seq->private;
2566
2567 switch (st->state) {
2568 case TCP_SEQ_STATE_OPENREQ:
2569 if (v) {
2570 struct inet_connection_sock *icsk = inet_csk(st->syn_wait_sk);
2571 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2572 }
2573 case TCP_SEQ_STATE_LISTENING:
2574 if (v != SEQ_START_TOKEN)
2575 spin_unlock_bh(&tcp_hashinfo.listening_hash[st->bucket].lock);
2576 break;
2577 case TCP_SEQ_STATE_TIME_WAIT:
2578 case TCP_SEQ_STATE_ESTABLISHED:
2579 if (v)
2580 spin_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2581 break;
2582 }
2583}
2584
2585int tcp_seq_open(struct inode *inode, struct file *file)
2586{
2587 struct tcp_seq_afinfo *afinfo = PDE(inode)->data;
2588 struct tcp_iter_state *s;
2589 int err;
2590
2591 err = seq_open_net(inode, file, &afinfo->seq_ops,
2592 sizeof(struct tcp_iter_state));
2593 if (err < 0)
2594 return err;
2595
2596 s = ((struct seq_file *)file->private_data)->private;
2597 s->family = afinfo->family;
2598 s->last_pos = 0;
2599 return 0;
2600}
2601EXPORT_SYMBOL(tcp_seq_open);
2602
2603int tcp_proc_register(struct net *net, struct tcp_seq_afinfo *afinfo)
2604{
2605 int rc = 0;
2606 struct proc_dir_entry *p;
2607
2608 afinfo->seq_ops.start = tcp_seq_start;
2609 afinfo->seq_ops.next = tcp_seq_next;
2610 afinfo->seq_ops.stop = tcp_seq_stop;
2611
2612 p = proc_create_data(afinfo->name, S_IRUGO, net->proc_net,
2613 afinfo->seq_fops, afinfo);
2614 if (!p)
2615 rc = -ENOMEM;
2616 return rc;
2617}
2618EXPORT_SYMBOL(tcp_proc_register);
2619
2620void tcp_proc_unregister(struct net *net, struct tcp_seq_afinfo *afinfo)
2621{
2622 proc_net_remove(net, afinfo->name);
2623}
2624EXPORT_SYMBOL(tcp_proc_unregister);
2625
2626static void get_openreq4(const struct sock *sk, const struct request_sock *req,
2627 struct seq_file *f, int i, kuid_t uid, int *len)
2628{
2629 const struct inet_request_sock *ireq = inet_rsk(req);
2630 long delta = req->expires - jiffies;
2631
2632 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
2633 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %pK%n",
2634 i,
2635 ireq->loc_addr,
2636 ntohs(inet_sk(sk)->inet_sport),
2637 ireq->rmt_addr,
2638 ntohs(ireq->rmt_port),
2639 TCP_SYN_RECV,
2640 0, 0,
2641 1,
2642 jiffies_delta_to_clock_t(delta),
2643 req->retrans,
2644 from_kuid_munged(seq_user_ns(f), uid),
2645 0,
2646 0,
2647 atomic_read(&sk->sk_refcnt),
2648 req,
2649 len);
2650}
2651
2652static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
2653{
2654 int timer_active;
2655 unsigned long timer_expires;
2656 const struct tcp_sock *tp = tcp_sk(sk);
2657 const struct inet_connection_sock *icsk = inet_csk(sk);
2658 const struct inet_sock *inet = inet_sk(sk);
2659 struct fastopen_queue *fastopenq = icsk->icsk_accept_queue.fastopenq;
2660 __be32 dest = inet->inet_daddr;
2661 __be32 src = inet->inet_rcv_saddr;
2662 __u16 destp = ntohs(inet->inet_dport);
2663 __u16 srcp = ntohs(inet->inet_sport);
2664 int rx_queue;
2665
2666 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
2667 timer_active = 1;
2668 timer_expires = icsk->icsk_timeout;
2669 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
2670 timer_active = 4;
2671 timer_expires = icsk->icsk_timeout;
2672 } else if (timer_pending(&sk->sk_timer)) {
2673 timer_active = 2;
2674 timer_expires = sk->sk_timer.expires;
2675 } else {
2676 timer_active = 0;
2677 timer_expires = jiffies;
2678 }
2679
2680 if (sk->sk_state == TCP_LISTEN)
2681 rx_queue = sk->sk_ack_backlog;
2682 else
2683
2684
2685
2686 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
2687
2688 seq_printf(f, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
2689 "%08X %5d %8d %lu %d %pK %lu %lu %u %u %d%n",
2690 i, src, srcp, dest, destp, sk->sk_state,
2691 tp->write_seq - tp->snd_una,
2692 rx_queue,
2693 timer_active,
2694 jiffies_delta_to_clock_t(timer_expires - jiffies),
2695 icsk->icsk_retransmits,
2696 from_kuid_munged(seq_user_ns(f), sock_i_uid(sk)),
2697 icsk->icsk_probes_out,
2698 sock_i_ino(sk),
2699 atomic_read(&sk->sk_refcnt), sk,
2700 jiffies_to_clock_t(icsk->icsk_rto),
2701 jiffies_to_clock_t(icsk->icsk_ack.ato),
2702 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
2703 tp->snd_cwnd,
2704 sk->sk_state == TCP_LISTEN ?
2705 (fastopenq ? fastopenq->max_qlen : 0) :
2706 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh),
2707 len);
2708}
2709
2710static void get_timewait4_sock(const struct inet_timewait_sock *tw,
2711 struct seq_file *f, int i, int *len)
2712{
2713 __be32 dest, src;
2714 __u16 destp, srcp;
2715 long delta = tw->tw_ttd - jiffies;
2716
2717 dest = tw->tw_daddr;
2718 src = tw->tw_rcv_saddr;
2719 destp = ntohs(tw->tw_dport);
2720 srcp = ntohs(tw->tw_sport);
2721
2722 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
2723 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK%n",
2724 i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
2725 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
2726 atomic_read(&tw->tw_refcnt), tw, len);
2727}
2728
2729#define TMPSZ 150
2730
2731static int tcp4_seq_show(struct seq_file *seq, void *v)
2732{
2733 struct tcp_iter_state *st;
2734 int len;
2735
2736 if (v == SEQ_START_TOKEN) {
2737 seq_printf(seq, "%-*s\n", TMPSZ - 1,
2738 " sl local_address rem_address st tx_queue "
2739 "rx_queue tr tm->when retrnsmt uid timeout "
2740 "inode");
2741 goto out;
2742 }
2743 st = seq->private;
2744
2745 switch (st->state) {
2746 case TCP_SEQ_STATE_LISTENING:
2747 case TCP_SEQ_STATE_ESTABLISHED:
2748 get_tcp4_sock(v, seq, st->num, &len);
2749 break;
2750 case TCP_SEQ_STATE_OPENREQ:
2751 get_openreq4(st->syn_wait_sk, v, seq, st->num, st->uid, &len);
2752 break;
2753 case TCP_SEQ_STATE_TIME_WAIT:
2754 get_timewait4_sock(v, seq, st->num, &len);
2755 break;
2756 }
2757 seq_printf(seq, "%*s\n", TMPSZ - 1 - len, "");
2758out:
2759 return 0;
2760}
2761
2762static const struct file_operations tcp_afinfo_seq_fops = {
2763 .owner = THIS_MODULE,
2764 .open = tcp_seq_open,
2765 .read = seq_read,
2766 .llseek = seq_lseek,
2767 .release = seq_release_net
2768};
2769
2770static struct tcp_seq_afinfo tcp4_seq_afinfo = {
2771 .name = "tcp",
2772 .family = AF_INET,
2773 .seq_fops = &tcp_afinfo_seq_fops,
2774 .seq_ops = {
2775 .show = tcp4_seq_show,
2776 },
2777};
2778
2779static int __net_init tcp4_proc_init_net(struct net *net)
2780{
2781 return tcp_proc_register(net, &tcp4_seq_afinfo);
2782}
2783
2784static void __net_exit tcp4_proc_exit_net(struct net *net)
2785{
2786 tcp_proc_unregister(net, &tcp4_seq_afinfo);
2787}
2788
2789static struct pernet_operations tcp4_net_ops = {
2790 .init = tcp4_proc_init_net,
2791 .exit = tcp4_proc_exit_net,
2792};
2793
2794int __init tcp4_proc_init(void)
2795{
2796 return register_pernet_subsys(&tcp4_net_ops);
2797}
2798
2799void tcp4_proc_exit(void)
2800{
2801 unregister_pernet_subsys(&tcp4_net_ops);
2802}
2803#endif
2804
2805struct sk_buff **tcp4_gro_receive(struct sk_buff **head, struct sk_buff *skb)
2806{
2807 const struct iphdr *iph = skb_gro_network_header(skb);
2808 __wsum wsum;
2809 __sum16 sum;
2810
2811 switch (skb->ip_summed) {
2812 case CHECKSUM_COMPLETE:
2813 if (!tcp_v4_check(skb_gro_len(skb), iph->saddr, iph->daddr,
2814 skb->csum)) {
2815 skb->ip_summed = CHECKSUM_UNNECESSARY;
2816 break;
2817 }
2818flush:
2819 NAPI_GRO_CB(skb)->flush = 1;
2820 return NULL;
2821
2822 case CHECKSUM_NONE:
2823 wsum = csum_tcpudp_nofold(iph->saddr, iph->daddr,
2824 skb_gro_len(skb), IPPROTO_TCP, 0);
2825 sum = csum_fold(skb_checksum(skb,
2826 skb_gro_offset(skb),
2827 skb_gro_len(skb),
2828 wsum));
2829 if (sum)
2830 goto flush;
2831
2832 skb->ip_summed = CHECKSUM_UNNECESSARY;
2833 break;
2834 }
2835
2836 return tcp_gro_receive(head, skb);
2837}
2838
2839int tcp4_gro_complete(struct sk_buff *skb)
2840{
2841 const struct iphdr *iph = ip_hdr(skb);
2842 struct tcphdr *th = tcp_hdr(skb);
2843
2844 th->check = ~tcp_v4_check(skb->len - skb_transport_offset(skb),
2845 iph->saddr, iph->daddr, 0);
2846 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV4;
2847
2848 return tcp_gro_complete(skb);
2849}
2850
2851struct proto tcp_prot = {
2852 .name = "TCP",
2853 .owner = THIS_MODULE,
2854 .close = tcp_close,
2855 .connect = tcp_v4_connect,
2856 .disconnect = tcp_disconnect,
2857 .accept = inet_csk_accept,
2858 .ioctl = tcp_ioctl,
2859 .init = tcp_v4_init_sock,
2860 .destroy = tcp_v4_destroy_sock,
2861 .shutdown = tcp_shutdown,
2862 .setsockopt = tcp_setsockopt,
2863 .getsockopt = tcp_getsockopt,
2864 .recvmsg = tcp_recvmsg,
2865 .sendmsg = tcp_sendmsg,
2866 .sendpage = tcp_sendpage,
2867 .backlog_rcv = tcp_v4_do_rcv,
2868 .release_cb = tcp_release_cb,
2869 .mtu_reduced = tcp_v4_mtu_reduced,
2870 .hash = inet_hash,
2871 .unhash = inet_unhash,
2872 .get_port = inet_csk_get_port,
2873 .enter_memory_pressure = tcp_enter_memory_pressure,
2874 .sockets_allocated = &tcp_sockets_allocated,
2875 .orphan_count = &tcp_orphan_count,
2876 .memory_allocated = &tcp_memory_allocated,
2877 .memory_pressure = &tcp_memory_pressure,
2878 .sysctl_wmem = sysctl_tcp_wmem,
2879 .sysctl_rmem = sysctl_tcp_rmem,
2880 .max_header = MAX_TCP_HEADER,
2881 .obj_size = sizeof(struct tcp_sock),
2882 .slab_flags = SLAB_DESTROY_BY_RCU,
2883 .twsk_prot = &tcp_timewait_sock_ops,
2884 .rsk_prot = &tcp_request_sock_ops,
2885 .h.hashinfo = &tcp_hashinfo,
2886 .no_autobind = true,
2887#ifdef CONFIG_COMPAT
2888 .compat_setsockopt = compat_tcp_setsockopt,
2889 .compat_getsockopt = compat_tcp_getsockopt,
2890#endif
2891#ifdef CONFIG_MEMCG_KMEM
2892 .init_cgroup = tcp_init_cgroup,
2893 .destroy_cgroup = tcp_destroy_cgroup,
2894 .proto_cgroup = tcp_proto_cgroup,
2895#endif
2896};
2897EXPORT_SYMBOL(tcp_prot);
2898
2899static int __net_init tcp_sk_init(struct net *net)
2900{
2901 return 0;
2902}
2903
2904static void __net_exit tcp_sk_exit(struct net *net)
2905{
2906}
2907
2908static void __net_exit tcp_sk_exit_batch(struct list_head *net_exit_list)
2909{
2910 inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET);
2911}
2912
2913static struct pernet_operations __net_initdata tcp_sk_ops = {
2914 .init = tcp_sk_init,
2915 .exit = tcp_sk_exit,
2916 .exit_batch = tcp_sk_exit_batch,
2917};
2918
2919void __init tcp_v4_init(void)
2920{
2921 inet_hashinfo_init(&tcp_hashinfo);
2922 if (register_pernet_subsys(&tcp_sk_ops))
2923 panic("Failed to create the TCP control socket.\n");
2924}
2925
