1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22#include <linux/bottom_half.h>
23#include <linux/module.h>
24#include <linux/errno.h>
25#include <linux/types.h>
26#include <linux/socket.h>
27#include <linux/sockios.h>
28#include <linux/net.h>
29#include <linux/jiffies.h>
30#include <linux/in.h>
31#include <linux/in6.h>
32#include <linux/netdevice.h>
33#include <linux/init.h>
34#include <linux/jhash.h>
35#include <linux/ipsec.h>
36#include <linux/times.h>
37#include <linux/slab.h>
38#include <linux/uaccess.h>
39#include <linux/ipv6.h>
40#include <linux/icmpv6.h>
41#include <linux/random.h>
42#include <linux/indirect_call_wrapper.h>
43
44#include <net/tcp.h>
45#include <net/ndisc.h>
46#include <net/inet6_hashtables.h>
47#include <net/inet6_connection_sock.h>
48#include <net/ipv6.h>
49#include <net/transp_v6.h>
50#include <net/addrconf.h>
51#include <net/ip6_route.h>
52#include <net/ip6_checksum.h>
53#include <net/inet_ecn.h>
54#include <net/protocol.h>
55#include <net/xfrm.h>
56#include <net/snmp.h>
57#include <net/dsfield.h>
58#include <net/timewait_sock.h>
59#include <net/inet_common.h>
60#include <net/secure_seq.h>
61#include <net/busy_poll.h>
62
63#include <linux/proc_fs.h>
64#include <linux/seq_file.h>
65
66#include <crypto/hash.h>
67#include <linux/scatterlist.h>
68
69#include <trace/events/tcp.h>
70
71static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
72static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
73 struct request_sock *req);
74
75static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
76
77static const struct inet_connection_sock_af_ops ipv6_mapped;
78static const struct inet_connection_sock_af_ops ipv6_specific;
79#ifdef CONFIG_TCP_MD5SIG
80static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
81static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
82#else
83static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
84 const struct in6_addr *addr)
85{
86 return NULL;
87}
88#endif
89
90
91
92
93
94
95static struct ipv6_pinfo *tcp_inet6_sk(const struct sock *sk)
96{
97 unsigned int offset = sizeof(struct tcp6_sock) - sizeof(struct ipv6_pinfo);
98
99 return (struct ipv6_pinfo *)(((u8 *)sk) + offset);
100}
101
102static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
103{
104 struct dst_entry *dst = skb_dst(skb);
105
106 if (dst && dst_hold_safe(dst)) {
107 const struct rt6_info *rt = (const struct rt6_info *)dst;
108
109 sk->sk_rx_dst = dst;
110 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
111 tcp_inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt);
112 }
113}
114
115static u32 tcp_v6_init_seq(const struct sk_buff *skb)
116{
117 return secure_tcpv6_seq(ipv6_hdr(skb)->daddr.s6_addr32,
118 ipv6_hdr(skb)->saddr.s6_addr32,
119 tcp_hdr(skb)->dest,
120 tcp_hdr(skb)->source);
121}
122
123static u32 tcp_v6_init_ts_off(const struct net *net, const struct sk_buff *skb)
124{
125 return secure_tcpv6_ts_off(net, ipv6_hdr(skb)->daddr.s6_addr32,
126 ipv6_hdr(skb)->saddr.s6_addr32);
127}
128
129static int tcp_v6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
130 int addr_len)
131{
132
133
134
135
136 if (addr_len < SIN6_LEN_RFC2133)
137 return -EINVAL;
138
139 sock_owned_by_me(sk);
140
141 return BPF_CGROUP_RUN_PROG_INET6_CONNECT(sk, uaddr);
142}
143
144static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
145 int addr_len)
146{
147 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
148 struct inet_sock *inet = inet_sk(sk);
149 struct inet_connection_sock *icsk = inet_csk(sk);
150 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
151 struct tcp_sock *tp = tcp_sk(sk);
152 struct in6_addr *saddr = NULL, *final_p, final;
153 struct ipv6_txoptions *opt;
154 struct flowi6 fl6;
155 struct dst_entry *dst;
156 int addr_type;
157 int err;
158 struct inet_timewait_death_row *tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row;
159
160 if (addr_len < SIN6_LEN_RFC2133)
161 return -EINVAL;
162
163 if (usin->sin6_family != AF_INET6)
164 return -EAFNOSUPPORT;
165
166 memset(&fl6, 0, sizeof(fl6));
167
168 if (np->sndflow) {
169 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
170 IP6_ECN_flow_init(fl6.flowlabel);
171 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
172 struct ip6_flowlabel *flowlabel;
173 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
174 if (IS_ERR(flowlabel))
175 return -EINVAL;
176 fl6_sock_release(flowlabel);
177 }
178 }
179
180
181
182
183
184 if (ipv6_addr_any(&usin->sin6_addr)) {
185 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
186 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
187 &usin->sin6_addr);
188 else
189 usin->sin6_addr = in6addr_loopback;
190 }
191
192 addr_type = ipv6_addr_type(&usin->sin6_addr);
193
194 if (addr_type & IPV6_ADDR_MULTICAST)
195 return -ENETUNREACH;
196
197 if (addr_type&IPV6_ADDR_LINKLOCAL) {
198 if (addr_len >= sizeof(struct sockaddr_in6) &&
199 usin->sin6_scope_id) {
200
201
202
203 if (!sk_dev_equal_l3scope(sk, usin->sin6_scope_id))
204 return -EINVAL;
205
206 sk->sk_bound_dev_if = usin->sin6_scope_id;
207 }
208
209
210 if (!sk->sk_bound_dev_if)
211 return -EINVAL;
212 }
213
214 if (tp->rx_opt.ts_recent_stamp &&
215 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
216 tp->rx_opt.ts_recent = 0;
217 tp->rx_opt.ts_recent_stamp = 0;
218 tp->write_seq = 0;
219 }
220
221 sk->sk_v6_daddr = usin->sin6_addr;
222 np->flow_label = fl6.flowlabel;
223
224
225
226
227
228 if (addr_type & IPV6_ADDR_MAPPED) {
229 u32 exthdrlen = icsk->icsk_ext_hdr_len;
230 struct sockaddr_in sin;
231
232 if (__ipv6_only_sock(sk))
233 return -ENETUNREACH;
234
235 sin.sin_family = AF_INET;
236 sin.sin_port = usin->sin6_port;
237 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
238
239 icsk->icsk_af_ops = &ipv6_mapped;
240 sk->sk_backlog_rcv = tcp_v4_do_rcv;
241#ifdef CONFIG_TCP_MD5SIG
242 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
243#endif
244
245 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
246
247 if (err) {
248 icsk->icsk_ext_hdr_len = exthdrlen;
249 icsk->icsk_af_ops = &ipv6_specific;
250 sk->sk_backlog_rcv = tcp_v6_do_rcv;
251#ifdef CONFIG_TCP_MD5SIG
252 tp->af_specific = &tcp_sock_ipv6_specific;
253#endif
254 goto failure;
255 }
256 np->saddr = sk->sk_v6_rcv_saddr;
257
258 return err;
259 }
260
261 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
262 saddr = &sk->sk_v6_rcv_saddr;
263
264 fl6.flowi6_proto = IPPROTO_TCP;
265 fl6.daddr = sk->sk_v6_daddr;
266 fl6.saddr = saddr ? *saddr : np->saddr;
267 fl6.flowi6_oif = sk->sk_bound_dev_if;
268 fl6.flowi6_mark = sk->sk_mark;
269 fl6.fl6_dport = usin->sin6_port;
270 fl6.fl6_sport = inet->inet_sport;
271 fl6.flowi6_uid = sk->sk_uid;
272
273 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
274 final_p = fl6_update_dst(&fl6, opt, &final);
275
276 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
277
278 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
279 if (IS_ERR(dst)) {
280 err = PTR_ERR(dst);
281 goto failure;
282 }
283
284 if (!saddr) {
285 saddr = &fl6.saddr;
286 sk->sk_v6_rcv_saddr = *saddr;
287 }
288
289
290 np->saddr = *saddr;
291 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
292
293 sk->sk_gso_type = SKB_GSO_TCPV6;
294 ip6_dst_store(sk, dst, NULL, NULL);
295
296 icsk->icsk_ext_hdr_len = 0;
297 if (opt)
298 icsk->icsk_ext_hdr_len = opt->opt_flen +
299 opt->opt_nflen;
300
301 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
302
303 inet->inet_dport = usin->sin6_port;
304
305 tcp_set_state(sk, TCP_SYN_SENT);
306 err = inet6_hash_connect(tcp_death_row, sk);
307 if (err)
308 goto late_failure;
309
310 sk_set_txhash(sk);
311
312 if (likely(!tp->repair)) {
313 if (!tp->write_seq)
314 tp->write_seq = secure_tcpv6_seq(np->saddr.s6_addr32,
315 sk->sk_v6_daddr.s6_addr32,
316 inet->inet_sport,
317 inet->inet_dport);
318 tp->tsoffset = secure_tcpv6_ts_off(sock_net(sk),
319 np->saddr.s6_addr32,
320 sk->sk_v6_daddr.s6_addr32);
321 }
322
323 if (tcp_fastopen_defer_connect(sk, &err))
324 return err;
325 if (err)
326 goto late_failure;
327
328 err = tcp_connect(sk);
329 if (err)
330 goto late_failure;
331
332 return 0;
333
334late_failure:
335 tcp_set_state(sk, TCP_CLOSE);
336failure:
337 inet->inet_dport = 0;
338 sk->sk_route_caps = 0;
339 return err;
340}
341
342static void tcp_v6_mtu_reduced(struct sock *sk)
343{
344 struct dst_entry *dst;
345
346 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
347 return;
348
349 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
350 if (!dst)
351 return;
352
353 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
354 tcp_sync_mss(sk, dst_mtu(dst));
355 tcp_simple_retransmit(sk);
356 }
357}
358
359static int tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
360 u8 type, u8 code, int offset, __be32 info)
361{
362 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
363 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
364 struct net *net = dev_net(skb->dev);
365 struct request_sock *fastopen;
366 struct ipv6_pinfo *np;
367 struct tcp_sock *tp;
368 __u32 seq, snd_una;
369 struct sock *sk;
370 bool fatal;
371 int err;
372
373 sk = __inet6_lookup_established(net, &tcp_hashinfo,
374 &hdr->daddr, th->dest,
375 &hdr->saddr, ntohs(th->source),
376 skb->dev->ifindex, inet6_sdif(skb));
377
378 if (!sk) {
379 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
380 ICMP6_MIB_INERRORS);
381 return -ENOENT;
382 }
383
384 if (sk->sk_state == TCP_TIME_WAIT) {
385 inet_twsk_put(inet_twsk(sk));
386 return 0;
387 }
388 seq = ntohl(th->seq);
389 fatal = icmpv6_err_convert(type, code, &err);
390 if (sk->sk_state == TCP_NEW_SYN_RECV) {
391 tcp_req_err(sk, seq, fatal);
392 return 0;
393 }
394
395 bh_lock_sock(sk);
396 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
397 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
398
399 if (sk->sk_state == TCP_CLOSE)
400 goto out;
401
402 if (ipv6_hdr(skb)->hop_limit < tcp_inet6_sk(sk)->min_hopcount) {
403 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
404 goto out;
405 }
406
407 tp = tcp_sk(sk);
408
409 fastopen = tp->fastopen_rsk;
410 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
411 if (sk->sk_state != TCP_LISTEN &&
412 !between(seq, snd_una, tp->snd_nxt)) {
413 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
414 goto out;
415 }
416
417 np = tcp_inet6_sk(sk);
418
419 if (type == NDISC_REDIRECT) {
420 if (!sock_owned_by_user(sk)) {
421 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
422
423 if (dst)
424 dst->ops->redirect(dst, sk, skb);
425 }
426 goto out;
427 }
428
429 if (type == ICMPV6_PKT_TOOBIG) {
430
431
432
433
434 if (sk->sk_state == TCP_LISTEN)
435 goto out;
436
437 if (!ip6_sk_accept_pmtu(sk))
438 goto out;
439
440 tp->mtu_info = ntohl(info);
441 if (!sock_owned_by_user(sk))
442 tcp_v6_mtu_reduced(sk);
443 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
444 &sk->sk_tsq_flags))
445 sock_hold(sk);
446 goto out;
447 }
448
449
450
451 switch (sk->sk_state) {
452 case TCP_SYN_SENT:
453 case TCP_SYN_RECV:
454
455
456
457 if (fastopen && !fastopen->sk)
458 break;
459
460 if (!sock_owned_by_user(sk)) {
461 sk->sk_err = err;
462 sk->sk_error_report(sk);
463
464 tcp_done(sk);
465 } else
466 sk->sk_err_soft = err;
467 goto out;
468 }
469
470 if (!sock_owned_by_user(sk) && np->recverr) {
471 sk->sk_err = err;
472 sk->sk_error_report(sk);
473 } else
474 sk->sk_err_soft = err;
475
476out:
477 bh_unlock_sock(sk);
478 sock_put(sk);
479 return 0;
480}
481
482
483static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
484 struct flowi *fl,
485 struct request_sock *req,
486 struct tcp_fastopen_cookie *foc,
487 enum tcp_synack_type synack_type)
488{
489 struct inet_request_sock *ireq = inet_rsk(req);
490 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
491 struct ipv6_txoptions *opt;
492 struct flowi6 *fl6 = &fl->u.ip6;
493 struct sk_buff *skb;
494 int err = -ENOMEM;
495
496
497 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
498 IPPROTO_TCP)) == NULL)
499 goto done;
500
501 skb = tcp_make_synack(sk, dst, req, foc, synack_type);
502
503 if (skb) {
504 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
505 &ireq->ir_v6_rmt_addr);
506
507 fl6->daddr = ireq->ir_v6_rmt_addr;
508 if (np->repflow && ireq->pktopts)
509 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
510
511 rcu_read_lock();
512 opt = ireq->ipv6_opt;
513 if (!opt)
514 opt = rcu_dereference(np->opt);
515 err = ip6_xmit(sk, skb, fl6, sk->sk_mark, opt, np->tclass);
516 rcu_read_unlock();
517 err = net_xmit_eval(err);
518 }
519
520done:
521 return err;
522}
523
524
525static void tcp_v6_reqsk_destructor(struct request_sock *req)
526{
527 kfree(inet_rsk(req)->ipv6_opt);
528 kfree_skb(inet_rsk(req)->pktopts);
529}
530
531#ifdef CONFIG_TCP_MD5SIG
532static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
533 const struct in6_addr *addr)
534{
535 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
536}
537
538static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
539 const struct sock *addr_sk)
540{
541 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
542}
543
544static int tcp_v6_parse_md5_keys(struct sock *sk, int optname,
545 char __user *optval, int optlen)
546{
547 struct tcp_md5sig cmd;
548 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
549 u8 prefixlen;
550
551 if (optlen < sizeof(cmd))
552 return -EINVAL;
553
554 if (copy_from_user(&cmd, optval, sizeof(cmd)))
555 return -EFAULT;
556
557 if (sin6->sin6_family != AF_INET6)
558 return -EINVAL;
559
560 if (optname == TCP_MD5SIG_EXT &&
561 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
562 prefixlen = cmd.tcpm_prefixlen;
563 if (prefixlen > 128 || (ipv6_addr_v4mapped(&sin6->sin6_addr) &&
564 prefixlen > 32))
565 return -EINVAL;
566 } else {
567 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128;
568 }
569
570 if (!cmd.tcpm_keylen) {
571 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
572 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
573 AF_INET, prefixlen);
574 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
575 AF_INET6, prefixlen);
576 }
577
578 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
579 return -EINVAL;
580
581 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
582 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
583 AF_INET, prefixlen, cmd.tcpm_key,
584 cmd.tcpm_keylen, GFP_KERNEL);
585
586 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
587 AF_INET6, prefixlen, cmd.tcpm_key,
588 cmd.tcpm_keylen, GFP_KERNEL);
589}
590
591static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp,
592 const struct in6_addr *daddr,
593 const struct in6_addr *saddr,
594 const struct tcphdr *th, int nbytes)
595{
596 struct tcp6_pseudohdr *bp;
597 struct scatterlist sg;
598 struct tcphdr *_th;
599
600 bp = hp->scratch;
601
602 bp->saddr = *saddr;
603 bp->daddr = *daddr;
604 bp->protocol = cpu_to_be32(IPPROTO_TCP);
605 bp->len = cpu_to_be32(nbytes);
606
607 _th = (struct tcphdr *)(bp + 1);
608 memcpy(_th, th, sizeof(*th));
609 _th->check = 0;
610
611 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
612 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
613 sizeof(*bp) + sizeof(*th));
614 return crypto_ahash_update(hp->md5_req);
615}
616
617static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
618 const struct in6_addr *daddr, struct in6_addr *saddr,
619 const struct tcphdr *th)
620{
621 struct tcp_md5sig_pool *hp;
622 struct ahash_request *req;
623
624 hp = tcp_get_md5sig_pool();
625 if (!hp)
626 goto clear_hash_noput;
627 req = hp->md5_req;
628
629 if (crypto_ahash_init(req))
630 goto clear_hash;
631 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
632 goto clear_hash;
633 if (tcp_md5_hash_key(hp, key))
634 goto clear_hash;
635 ahash_request_set_crypt(req, NULL, md5_hash, 0);
636 if (crypto_ahash_final(req))
637 goto clear_hash;
638
639 tcp_put_md5sig_pool();
640 return 0;
641
642clear_hash:
643 tcp_put_md5sig_pool();
644clear_hash_noput:
645 memset(md5_hash, 0, 16);
646 return 1;
647}
648
649static int tcp_v6_md5_hash_skb(char *md5_hash,
650 const struct tcp_md5sig_key *key,
651 const struct sock *sk,
652 const struct sk_buff *skb)
653{
654 const struct in6_addr *saddr, *daddr;
655 struct tcp_md5sig_pool *hp;
656 struct ahash_request *req;
657 const struct tcphdr *th = tcp_hdr(skb);
658
659 if (sk) {
660 saddr = &sk->sk_v6_rcv_saddr;
661 daddr = &sk->sk_v6_daddr;
662 } else {
663 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
664 saddr = &ip6h->saddr;
665 daddr = &ip6h->daddr;
666 }
667
668 hp = tcp_get_md5sig_pool();
669 if (!hp)
670 goto clear_hash_noput;
671 req = hp->md5_req;
672
673 if (crypto_ahash_init(req))
674 goto clear_hash;
675
676 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len))
677 goto clear_hash;
678 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
679 goto clear_hash;
680 if (tcp_md5_hash_key(hp, key))
681 goto clear_hash;
682 ahash_request_set_crypt(req, NULL, md5_hash, 0);
683 if (crypto_ahash_final(req))
684 goto clear_hash;
685
686 tcp_put_md5sig_pool();
687 return 0;
688
689clear_hash:
690 tcp_put_md5sig_pool();
691clear_hash_noput:
692 memset(md5_hash, 0, 16);
693 return 1;
694}
695
696#endif
697
698static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
699 const struct sk_buff *skb)
700{
701#ifdef CONFIG_TCP_MD5SIG
702 const __u8 *hash_location = NULL;
703 struct tcp_md5sig_key *hash_expected;
704 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
705 const struct tcphdr *th = tcp_hdr(skb);
706 int genhash;
707 u8 newhash[16];
708
709 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
710 hash_location = tcp_parse_md5sig_option(th);
711
712
713 if (!hash_expected && !hash_location)
714 return false;
715
716 if (hash_expected && !hash_location) {
717 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
718 return true;
719 }
720
721 if (!hash_expected && hash_location) {
722 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
723 return true;
724 }
725
726
727 genhash = tcp_v6_md5_hash_skb(newhash,
728 hash_expected,
729 NULL, skb);
730
731 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
732 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE);
733 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
734 genhash ? "failed" : "mismatch",
735 &ip6h->saddr, ntohs(th->source),
736 &ip6h->daddr, ntohs(th->dest));
737 return true;
738 }
739#endif
740 return false;
741}
742
743static void tcp_v6_init_req(struct request_sock *req,
744 const struct sock *sk_listener,
745 struct sk_buff *skb)
746{
747 bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
748 struct inet_request_sock *ireq = inet_rsk(req);
749 const struct ipv6_pinfo *np = tcp_inet6_sk(sk_listener);
750
751 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
752 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
753
754
755 if ((!sk_listener->sk_bound_dev_if || l3_slave) &&
756 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
757 ireq->ir_iif = tcp_v6_iif(skb);
758
759 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
760 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
761 np->rxopt.bits.rxinfo ||
762 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
763 np->rxopt.bits.rxohlim || np->repflow)) {
764 refcount_inc(&skb->users);
765 ireq->pktopts = skb;
766 }
767}
768
769static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
770 struct flowi *fl,
771 const struct request_sock *req)
772{
773 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
774}
775
776struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
777 .family = AF_INET6,
778 .obj_size = sizeof(struct tcp6_request_sock),
779 .rtx_syn_ack = tcp_rtx_synack,
780 .send_ack = tcp_v6_reqsk_send_ack,
781 .destructor = tcp_v6_reqsk_destructor,
782 .send_reset = tcp_v6_send_reset,
783 .syn_ack_timeout = tcp_syn_ack_timeout,
784};
785
786static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
787 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
788 sizeof(struct ipv6hdr),
789#ifdef CONFIG_TCP_MD5SIG
790 .req_md5_lookup = tcp_v6_md5_lookup,
791 .calc_md5_hash = tcp_v6_md5_hash_skb,
792#endif
793 .init_req = tcp_v6_init_req,
794#ifdef CONFIG_SYN_COOKIES
795 .cookie_init_seq = cookie_v6_init_sequence,
796#endif
797 .route_req = tcp_v6_route_req,
798 .init_seq = tcp_v6_init_seq,
799 .init_ts_off = tcp_v6_init_ts_off,
800 .send_synack = tcp_v6_send_synack,
801};
802
803static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
804 u32 ack, u32 win, u32 tsval, u32 tsecr,
805 int oif, struct tcp_md5sig_key *key, int rst,
806 u8 tclass, __be32 label)
807{
808 const struct tcphdr *th = tcp_hdr(skb);
809 struct tcphdr *t1;
810 struct sk_buff *buff;
811 struct flowi6 fl6;
812 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
813 struct sock *ctl_sk = net->ipv6.tcp_sk;
814 unsigned int tot_len = sizeof(struct tcphdr);
815 struct dst_entry *dst;
816 __be32 *topt;
817 __u32 mark = 0;
818
819 if (tsecr)
820 tot_len += TCPOLEN_TSTAMP_ALIGNED;
821#ifdef CONFIG_TCP_MD5SIG
822 if (key)
823 tot_len += TCPOLEN_MD5SIG_ALIGNED;
824#endif
825
826 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
827 GFP_ATOMIC);
828 if (!buff)
829 return;
830
831 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
832
833 t1 = skb_push(buff, tot_len);
834 skb_reset_transport_header(buff);
835
836
837 memset(t1, 0, sizeof(*t1));
838 t1->dest = th->source;
839 t1->source = th->dest;
840 t1->doff = tot_len / 4;
841 t1->seq = htonl(seq);
842 t1->ack_seq = htonl(ack);
843 t1->ack = !rst || !th->ack;
844 t1->rst = rst;
845 t1->window = htons(win);
846
847 topt = (__be32 *)(t1 + 1);
848
849 if (tsecr) {
850 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
851 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
852 *topt++ = htonl(tsval);
853 *topt++ = htonl(tsecr);
854 }
855
856#ifdef CONFIG_TCP_MD5SIG
857 if (key) {
858 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
859 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
860 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
861 &ipv6_hdr(skb)->saddr,
862 &ipv6_hdr(skb)->daddr, t1);
863 }
864#endif
865
866 memset(&fl6, 0, sizeof(fl6));
867 fl6.daddr = ipv6_hdr(skb)->saddr;
868 fl6.saddr = ipv6_hdr(skb)->daddr;
869 fl6.flowlabel = label;
870
871 buff->ip_summed = CHECKSUM_PARTIAL;
872 buff->csum = 0;
873
874 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
875
876 fl6.flowi6_proto = IPPROTO_TCP;
877 if (rt6_need_strict(&fl6.daddr) && !oif)
878 fl6.flowi6_oif = tcp_v6_iif(skb);
879 else {
880 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
881 oif = skb->skb_iif;
882
883 fl6.flowi6_oif = oif;
884 }
885
886 if (sk) {
887 if (sk->sk_state == TCP_TIME_WAIT) {
888 mark = inet_twsk(sk)->tw_mark;
889
890 skb_set_hash(buff, inet_twsk(sk)->tw_txhash,
891 PKT_HASH_TYPE_L4);
892 } else {
893 mark = sk->sk_mark;
894 }
895 buff->tstamp = tcp_transmit_time(sk);
896 }
897 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark) ?: mark;
898 fl6.fl6_dport = t1->dest;
899 fl6.fl6_sport = t1->source;
900 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
901 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
902
903
904
905
906
907 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
908 if (!IS_ERR(dst)) {
909 skb_dst_set(buff, dst);
910 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL, tclass);
911 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
912 if (rst)
913 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
914 return;
915 }
916
917 kfree_skb(buff);
918}
919
920static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
921{
922 const struct tcphdr *th = tcp_hdr(skb);
923 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
924 u32 seq = 0, ack_seq = 0;
925 struct tcp_md5sig_key *key = NULL;
926#ifdef CONFIG_TCP_MD5SIG
927 const __u8 *hash_location = NULL;
928 unsigned char newhash[16];
929 int genhash;
930 struct sock *sk1 = NULL;
931#endif
932 __be32 label = 0;
933 struct net *net;
934 int oif = 0;
935
936 if (th->rst)
937 return;
938
939
940
941
942 if (!sk && !ipv6_unicast_destination(skb))
943 return;
944
945 net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
946#ifdef CONFIG_TCP_MD5SIG
947 rcu_read_lock();
948 hash_location = tcp_parse_md5sig_option(th);
949 if (sk && sk_fullsock(sk)) {
950 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr);
951 } else if (hash_location) {
952
953
954
955
956
957
958
959 sk1 = inet6_lookup_listener(net,
960 &tcp_hashinfo, NULL, 0,
961 &ipv6h->saddr,
962 th->source, &ipv6h->daddr,
963 ntohs(th->source),
964 tcp_v6_iif_l3_slave(skb),
965 tcp_v6_sdif(skb));
966 if (!sk1)
967 goto out;
968
969 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
970 if (!key)
971 goto out;
972
973 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
974 if (genhash || memcmp(hash_location, newhash, 16) != 0)
975 goto out;
976 }
977#endif
978
979 if (th->ack)
980 seq = ntohl(th->ack_seq);
981 else
982 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
983 (th->doff << 2);
984
985 if (sk) {
986 oif = sk->sk_bound_dev_if;
987 if (sk_fullsock(sk)) {
988 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
989
990 trace_tcp_send_reset(sk, skb);
991 if (np->repflow)
992 label = ip6_flowlabel(ipv6h);
993 }
994 if (sk->sk_state == TCP_TIME_WAIT)
995 label = cpu_to_be32(inet_twsk(sk)->tw_flowlabel);
996 } else {
997 if (net->ipv6.sysctl.flowlabel_reflect & FLOWLABEL_REFLECT_TCP_RESET)
998 label = ip6_flowlabel(ipv6h);
999 }
1000
1001 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0,
1002 label);
1003
1004#ifdef CONFIG_TCP_MD5SIG
1005out:
1006 rcu_read_unlock();
1007#endif
1008}
1009
1010static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
1011 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
1012 struct tcp_md5sig_key *key, u8 tclass,
1013 __be32 label)
1014{
1015 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
1016 tclass, label);
1017}
1018
1019static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1020{
1021 struct inet_timewait_sock *tw = inet_twsk(sk);
1022 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1023
1024 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1025 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1026 tcp_time_stamp_raw() + tcptw->tw_ts_offset,
1027 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
1028 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel));
1029
1030 inet_twsk_put(tw);
1031}
1032
1033static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
1034 struct request_sock *req)
1035{
1036
1037
1038
1039
1040
1041
1042
1043
1044 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
1045 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
1046 tcp_rsk(req)->rcv_nxt,
1047 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
1048 tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
1049 req->ts_recent, sk->sk_bound_dev_if,
1050 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr),
1051 0, 0);
1052}
1053
1054
1055static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
1056{
1057#ifdef CONFIG_SYN_COOKIES
1058 const struct tcphdr *th = tcp_hdr(skb);
1059
1060 if (!th->syn)
1061 sk = cookie_v6_check(sk, skb);
1062#endif
1063 return sk;
1064}
1065
1066static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1067{
1068 if (skb->protocol == htons(ETH_P_IP))
1069 return tcp_v4_conn_request(sk, skb);
1070
1071 if (!ipv6_unicast_destination(skb))
1072 goto drop;
1073
1074 return tcp_conn_request(&tcp6_request_sock_ops,
1075 &tcp_request_sock_ipv6_ops, sk, skb);
1076
1077drop:
1078 tcp_listendrop(sk);
1079 return 0;
1080}
1081
1082static void tcp_v6_restore_cb(struct sk_buff *skb)
1083{
1084
1085
1086
1087
1088 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1089 sizeof(struct inet6_skb_parm));
1090}
1091
1092static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
1093 struct request_sock *req,
1094 struct dst_entry *dst,
1095 struct request_sock *req_unhash,
1096 bool *own_req)
1097{
1098 struct inet_request_sock *ireq;
1099 struct ipv6_pinfo *newnp;
1100 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1101 struct ipv6_txoptions *opt;
1102 struct inet_sock *newinet;
1103 struct tcp_sock *newtp;
1104 struct sock *newsk;
1105#ifdef CONFIG_TCP_MD5SIG
1106 struct tcp_md5sig_key *key;
1107#endif
1108 struct flowi6 fl6;
1109
1110 if (skb->protocol == htons(ETH_P_IP)) {
1111
1112
1113
1114
1115 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1116 req_unhash, own_req);
1117
1118 if (!newsk)
1119 return NULL;
1120
1121 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1122
1123 newinet = inet_sk(newsk);
1124 newnp = tcp_inet6_sk(newsk);
1125 newtp = tcp_sk(newsk);
1126
1127 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1128
1129 newnp->saddr = newsk->sk_v6_rcv_saddr;
1130
1131 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1132 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1133#ifdef CONFIG_TCP_MD5SIG
1134 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1135#endif
1136
1137 newnp->ipv6_mc_list = NULL;
1138 newnp->ipv6_ac_list = NULL;
1139 newnp->ipv6_fl_list = NULL;
1140 newnp->pktoptions = NULL;
1141 newnp->opt = NULL;
1142 newnp->mcast_oif = inet_iif(skb);
1143 newnp->mcast_hops = ip_hdr(skb)->ttl;
1144 newnp->rcv_flowinfo = 0;
1145 if (np->repflow)
1146 newnp->flow_label = 0;
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1159
1160 return newsk;
1161 }
1162
1163 ireq = inet_rsk(req);
1164
1165 if (sk_acceptq_is_full(sk))
1166 goto out_overflow;
1167
1168 if (!dst) {
1169 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
1170 if (!dst)
1171 goto out;
1172 }
1173
1174 newsk = tcp_create_openreq_child(sk, req, skb);
1175 if (!newsk)
1176 goto out_nonewsk;
1177
1178
1179
1180
1181
1182
1183
1184 newsk->sk_gso_type = SKB_GSO_TCPV6;
1185 ip6_dst_store(newsk, dst, NULL, NULL);
1186 inet6_sk_rx_dst_set(newsk, skb);
1187
1188 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1189
1190 newtp = tcp_sk(newsk);
1191 newinet = inet_sk(newsk);
1192 newnp = tcp_inet6_sk(newsk);
1193
1194 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1195
1196 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1197 newnp->saddr = ireq->ir_v6_loc_addr;
1198 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1199 newsk->sk_bound_dev_if = ireq->ir_iif;
1200
1201
1202
1203
1204
1205 newinet->inet_opt = NULL;
1206 newnp->ipv6_mc_list = NULL;
1207 newnp->ipv6_ac_list = NULL;
1208 newnp->ipv6_fl_list = NULL;
1209
1210
1211 newnp->rxopt.all = np->rxopt.all;
1212
1213 newnp->pktoptions = NULL;
1214 newnp->opt = NULL;
1215 newnp->mcast_oif = tcp_v6_iif(skb);
1216 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1217 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1218 if (np->repflow)
1219 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1220
1221
1222
1223
1224
1225
1226
1227 opt = ireq->ipv6_opt;
1228 if (!opt)
1229 opt = rcu_dereference(np->opt);
1230 if (opt) {
1231 opt = ipv6_dup_options(newsk, opt);
1232 RCU_INIT_POINTER(newnp->opt, opt);
1233 }
1234 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1235 if (opt)
1236 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1237 opt->opt_flen;
1238
1239 tcp_ca_openreq_child(newsk, dst);
1240
1241 tcp_sync_mss(newsk, dst_mtu(dst));
1242 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
1243
1244 tcp_initialize_rcv_mss(newsk);
1245
1246 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1247 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1248
1249#ifdef CONFIG_TCP_MD5SIG
1250
1251 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
1252 if (key) {
1253
1254
1255
1256
1257
1258 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
1259 AF_INET6, 128, key->key, key->keylen,
1260 sk_gfp_mask(sk, GFP_ATOMIC));
1261 }
1262#endif
1263
1264 if (__inet_inherit_port(sk, newsk) < 0) {
1265 inet_csk_prepare_forced_close(newsk);
1266 tcp_done(newsk);
1267 goto out;
1268 }
1269 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
1270 if (*own_req) {
1271 tcp_move_syn(newtp, req);
1272
1273
1274 if (ireq->pktopts) {
1275 newnp->pktoptions = skb_clone(ireq->pktopts,
1276 sk_gfp_mask(sk, GFP_ATOMIC));
1277 consume_skb(ireq->pktopts);
1278 ireq->pktopts = NULL;
1279 if (newnp->pktoptions) {
1280 tcp_v6_restore_cb(newnp->pktoptions);
1281 skb_set_owner_r(newnp->pktoptions, newsk);
1282 }
1283 }
1284 }
1285
1286 return newsk;
1287
1288out_overflow:
1289 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1290out_nonewsk:
1291 dst_release(dst);
1292out:
1293 tcp_listendrop(sk);
1294 return NULL;
1295}
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1306{
1307 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1308 struct sk_buff *opt_skb = NULL;
1309 struct tcp_sock *tp;
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319 if (skb->protocol == htons(ETH_P_IP))
1320 return tcp_v4_do_rcv(sk, skb);
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340 if (np->rxopt.all)
1341 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC));
1342
1343 if (sk->sk_state == TCP_ESTABLISHED) {
1344 struct dst_entry *dst = sk->sk_rx_dst;
1345
1346 sock_rps_save_rxhash(sk, skb);
1347 sk_mark_napi_id(sk, skb);
1348 if (dst) {
1349 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1350 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1351 dst_release(dst);
1352 sk->sk_rx_dst = NULL;
1353 }
1354 }
1355
1356 tcp_rcv_established(sk, skb);
1357 if (opt_skb)
1358 goto ipv6_pktoptions;
1359 return 0;
1360 }
1361
1362 if (tcp_checksum_complete(skb))
1363 goto csum_err;
1364
1365 if (sk->sk_state == TCP_LISTEN) {
1366 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1367
1368 if (!nsk)
1369 goto discard;
1370
1371 if (nsk != sk) {
1372 if (tcp_child_process(sk, nsk, skb))
1373 goto reset;
1374 if (opt_skb)
1375 __kfree_skb(opt_skb);
1376 return 0;
1377 }
1378 } else
1379 sock_rps_save_rxhash(sk, skb);
1380
1381 if (tcp_rcv_state_process(sk, skb))
1382 goto reset;
1383 if (opt_skb)
1384 goto ipv6_pktoptions;
1385 return 0;
1386
1387reset:
1388 tcp_v6_send_reset(sk, skb);
1389discard:
1390 if (opt_skb)
1391 __kfree_skb(opt_skb);
1392 kfree_skb(skb);
1393 return 0;
1394csum_err:
1395 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1396 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1397 goto discard;
1398
1399
1400ipv6_pktoptions:
1401
1402
1403
1404
1405
1406
1407
1408 tp = tcp_sk(sk);
1409 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1410 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1411 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1412 np->mcast_oif = tcp_v6_iif(opt_skb);
1413 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1414 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1415 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1416 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
1417 if (np->repflow)
1418 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
1419 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1420 skb_set_owner_r(opt_skb, sk);
1421 tcp_v6_restore_cb(opt_skb);
1422 opt_skb = xchg(&np->pktoptions, opt_skb);
1423 } else {
1424 __kfree_skb(opt_skb);
1425 opt_skb = xchg(&np->pktoptions, NULL);
1426 }
1427 }
1428
1429 kfree_skb(opt_skb);
1430 return 0;
1431}
1432
1433static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1434 const struct tcphdr *th)
1435{
1436
1437
1438
1439
1440
1441 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1442 sizeof(struct inet6_skb_parm));
1443 barrier();
1444
1445 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1446 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1447 skb->len - th->doff*4);
1448 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1449 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1450 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1451 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1452 TCP_SKB_CB(skb)->sacked = 0;
1453 TCP_SKB_CB(skb)->has_rxtstamp =
1454 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
1455}
1456
1457INDIRECT_CALLABLE_SCOPE int tcp_v6_rcv(struct sk_buff *skb)
1458{
1459 struct sk_buff *skb_to_free;
1460 int sdif = inet6_sdif(skb);
1461 const struct tcphdr *th;
1462 const struct ipv6hdr *hdr;
1463 bool refcounted;
1464 struct sock *sk;
1465 int ret;
1466 struct net *net = dev_net(skb->dev);
1467
1468 if (skb->pkt_type != PACKET_HOST)
1469 goto discard_it;
1470
1471
1472
1473
1474 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1475
1476 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1477 goto discard_it;
1478
1479 th = (const struct tcphdr *)skb->data;
1480
1481 if (unlikely(th->doff < sizeof(struct tcphdr)/4))
1482 goto bad_packet;
1483 if (!pskb_may_pull(skb, th->doff*4))
1484 goto discard_it;
1485
1486 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
1487 goto csum_error;
1488
1489 th = (const struct tcphdr *)skb->data;
1490 hdr = ipv6_hdr(skb);
1491
1492lookup:
1493 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th),
1494 th->source, th->dest, inet6_iif(skb), sdif,
1495 &refcounted);
1496 if (!sk)
1497 goto no_tcp_socket;
1498
1499process:
1500 if (sk->sk_state == TCP_TIME_WAIT)
1501 goto do_time_wait;
1502
1503 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1504 struct request_sock *req = inet_reqsk(sk);
1505 bool req_stolen = false;
1506 struct sock *nsk;
1507
1508 sk = req->rsk_listener;
1509 if (tcp_v6_inbound_md5_hash(sk, skb)) {
1510 sk_drops_add(sk, skb);
1511 reqsk_put(req);
1512 goto discard_it;
1513 }
1514 if (tcp_checksum_complete(skb)) {
1515 reqsk_put(req);
1516 goto csum_error;
1517 }
1518 if (unlikely(sk->sk_state != TCP_LISTEN)) {
1519 inet_csk_reqsk_queue_drop_and_put(sk, req);
1520 goto lookup;
1521 }
1522 sock_hold(sk);
1523 refcounted = true;
1524 nsk = NULL;
1525 if (!tcp_filter(sk, skb)) {
1526 th = (const struct tcphdr *)skb->data;
1527 hdr = ipv6_hdr(skb);
1528 tcp_v6_fill_cb(skb, hdr, th);
1529 nsk = tcp_check_req(sk, skb, req, false, &req_stolen);
1530 }
1531 if (!nsk) {
1532 reqsk_put(req);
1533 if (req_stolen) {
1534
1535
1536
1537
1538
1539 tcp_v6_restore_cb(skb);
1540 sock_put(sk);
1541 goto lookup;
1542 }
1543 goto discard_and_relse;
1544 }
1545 if (nsk == sk) {
1546 reqsk_put(req);
1547 tcp_v6_restore_cb(skb);
1548 } else if (tcp_child_process(sk, nsk, skb)) {
1549 tcp_v6_send_reset(nsk, skb);
1550 goto discard_and_relse;
1551 } else {
1552 sock_put(sk);
1553 return 0;
1554 }
1555 }
1556 if (hdr->hop_limit < tcp_inet6_sk(sk)->min_hopcount) {
1557 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
1558 goto discard_and_relse;
1559 }
1560
1561 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1562 goto discard_and_relse;
1563
1564 if (tcp_v6_inbound_md5_hash(sk, skb))
1565 goto discard_and_relse;
1566
1567 if (tcp_filter(sk, skb))
1568 goto discard_and_relse;
1569 th = (const struct tcphdr *)skb->data;
1570 hdr = ipv6_hdr(skb);
1571 tcp_v6_fill_cb(skb, hdr, th);
1572
1573 skb->dev = NULL;
1574
1575 if (sk->sk_state == TCP_LISTEN) {
1576 ret = tcp_v6_do_rcv(sk, skb);
1577 goto put_and_return;
1578 }
1579
1580 sk_incoming_cpu_update(sk);
1581
1582 bh_lock_sock_nested(sk);
1583 tcp_segs_in(tcp_sk(sk), skb);
1584 ret = 0;
1585 if (!sock_owned_by_user(sk)) {
1586 skb_to_free = sk->sk_rx_skb_cache;
1587 sk->sk_rx_skb_cache = NULL;
1588 ret = tcp_v6_do_rcv(sk, skb);
1589 } else {
1590 if (tcp_add_backlog(sk, skb))
1591 goto discard_and_relse;
1592 skb_to_free = NULL;
1593 }
1594 bh_unlock_sock(sk);
1595 if (skb_to_free)
1596 __kfree_skb(skb_to_free);
1597put_and_return:
1598 if (refcounted)
1599 sock_put(sk);
1600 return ret ? -1 : 0;
1601
1602no_tcp_socket:
1603 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1604 goto discard_it;
1605
1606 tcp_v6_fill_cb(skb, hdr, th);
1607
1608 if (tcp_checksum_complete(skb)) {
1609csum_error:
1610 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1611bad_packet:
1612 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1613 } else {
1614 tcp_v6_send_reset(NULL, skb);
1615 }
1616
1617discard_it:
1618 kfree_skb(skb);
1619 return 0;
1620
1621discard_and_relse:
1622 sk_drops_add(sk, skb);
1623 if (refcounted)
1624 sock_put(sk);
1625 goto discard_it;
1626
1627do_time_wait:
1628 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1629 inet_twsk_put(inet_twsk(sk));
1630 goto discard_it;
1631 }
1632
1633 tcp_v6_fill_cb(skb, hdr, th);
1634
1635 if (tcp_checksum_complete(skb)) {
1636 inet_twsk_put(inet_twsk(sk));
1637 goto csum_error;
1638 }
1639
1640 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1641 case TCP_TW_SYN:
1642 {
1643 struct sock *sk2;
1644
1645 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1646 skb, __tcp_hdrlen(th),
1647 &ipv6_hdr(skb)->saddr, th->source,
1648 &ipv6_hdr(skb)->daddr,
1649 ntohs(th->dest),
1650 tcp_v6_iif_l3_slave(skb),
1651 sdif);
1652 if (sk2) {
1653 struct inet_timewait_sock *tw = inet_twsk(sk);
1654 inet_twsk_deschedule_put(tw);
1655 sk = sk2;
1656 tcp_v6_restore_cb(skb);
1657 refcounted = false;
1658 goto process;
1659 }
1660 }
1661
1662
1663 case TCP_TW_ACK:
1664 tcp_v6_timewait_ack(sk, skb);
1665 break;
1666 case TCP_TW_RST:
1667 tcp_v6_send_reset(sk, skb);
1668 inet_twsk_deschedule_put(inet_twsk(sk));
1669 goto discard_it;
1670 case TCP_TW_SUCCESS:
1671 ;
1672 }
1673 goto discard_it;
1674}
1675
1676INDIRECT_CALLABLE_SCOPE void tcp_v6_early_demux(struct sk_buff *skb)
1677{
1678 const struct ipv6hdr *hdr;
1679 const struct tcphdr *th;
1680 struct sock *sk;
1681
1682 if (skb->pkt_type != PACKET_HOST)
1683 return;
1684
1685 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1686 return;
1687
1688 hdr = ipv6_hdr(skb);
1689 th = tcp_hdr(skb);
1690
1691 if (th->doff < sizeof(struct tcphdr) / 4)
1692 return;
1693
1694
1695 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1696 &hdr->saddr, th->source,
1697 &hdr->daddr, ntohs(th->dest),
1698 inet6_iif(skb), inet6_sdif(skb));
1699 if (sk) {
1700 skb->sk = sk;
1701 skb->destructor = sock_edemux;
1702 if (sk_fullsock(sk)) {
1703 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
1704
1705 if (dst)
1706 dst = dst_check(dst, tcp_inet6_sk(sk)->rx_dst_cookie);
1707 if (dst &&
1708 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1709 skb_dst_set_noref(skb, dst);
1710 }
1711 }
1712}
1713
1714static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1715 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1716 .twsk_unique = tcp_twsk_unique,
1717 .twsk_destructor = tcp_twsk_destructor,
1718};
1719
1720static const struct inet_connection_sock_af_ops ipv6_specific = {
1721 .queue_xmit = inet6_csk_xmit,
1722 .send_check = tcp_v6_send_check,
1723 .rebuild_header = inet6_sk_rebuild_header,
1724 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1725 .conn_request = tcp_v6_conn_request,
1726 .syn_recv_sock = tcp_v6_syn_recv_sock,
1727 .net_header_len = sizeof(struct ipv6hdr),
1728 .net_frag_header_len = sizeof(struct frag_hdr),
1729 .setsockopt = ipv6_setsockopt,
1730 .getsockopt = ipv6_getsockopt,
1731 .addr2sockaddr = inet6_csk_addr2sockaddr,
1732 .sockaddr_len = sizeof(struct sockaddr_in6),
1733#ifdef CONFIG_COMPAT
1734 .compat_setsockopt = compat_ipv6_setsockopt,
1735 .compat_getsockopt = compat_ipv6_getsockopt,
1736#endif
1737 .mtu_reduced = tcp_v6_mtu_reduced,
1738};
1739
1740#ifdef CONFIG_TCP_MD5SIG
1741static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1742 .md5_lookup = tcp_v6_md5_lookup,
1743 .calc_md5_hash = tcp_v6_md5_hash_skb,
1744 .md5_parse = tcp_v6_parse_md5_keys,
1745};
1746#endif
1747
1748
1749
1750
1751static const struct inet_connection_sock_af_ops ipv6_mapped = {
1752 .queue_xmit = ip_queue_xmit,
1753 .send_check = tcp_v4_send_check,
1754 .rebuild_header = inet_sk_rebuild_header,
1755 .sk_rx_dst_set = inet_sk_rx_dst_set,
1756 .conn_request = tcp_v6_conn_request,
1757 .syn_recv_sock = tcp_v6_syn_recv_sock,
1758 .net_header_len = sizeof(struct iphdr),
1759 .setsockopt = ipv6_setsockopt,
1760 .getsockopt = ipv6_getsockopt,
1761 .addr2sockaddr = inet6_csk_addr2sockaddr,
1762 .sockaddr_len = sizeof(struct sockaddr_in6),
1763#ifdef CONFIG_COMPAT
1764 .compat_setsockopt = compat_ipv6_setsockopt,
1765 .compat_getsockopt = compat_ipv6_getsockopt,
1766#endif
1767 .mtu_reduced = tcp_v4_mtu_reduced,
1768};
1769
1770#ifdef CONFIG_TCP_MD5SIG
1771static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1772 .md5_lookup = tcp_v4_md5_lookup,
1773 .calc_md5_hash = tcp_v4_md5_hash_skb,
1774 .md5_parse = tcp_v6_parse_md5_keys,
1775};
1776#endif
1777
1778
1779
1780
1781static int tcp_v6_init_sock(struct sock *sk)
1782{
1783 struct inet_connection_sock *icsk = inet_csk(sk);
1784
1785 tcp_init_sock(sk);
1786
1787 icsk->icsk_af_ops = &ipv6_specific;
1788
1789#ifdef CONFIG_TCP_MD5SIG
1790 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1791#endif
1792
1793 return 0;
1794}
1795
1796static void tcp_v6_destroy_sock(struct sock *sk)
1797{
1798 tcp_v4_destroy_sock(sk);
1799 inet6_destroy_sock(sk);
1800}
1801
1802#ifdef CONFIG_PROC_FS
1803
1804static void get_openreq6(struct seq_file *seq,
1805 const struct request_sock *req, int i)
1806{
1807 long ttd = req->rsk_timer.expires - jiffies;
1808 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1809 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1810
1811 if (ttd < 0)
1812 ttd = 0;
1813
1814 seq_printf(seq,
1815 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1816 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1817 i,
1818 src->s6_addr32[0], src->s6_addr32[1],
1819 src->s6_addr32[2], src->s6_addr32[3],
1820 inet_rsk(req)->ir_num,
1821 dest->s6_addr32[0], dest->s6_addr32[1],
1822 dest->s6_addr32[2], dest->s6_addr32[3],
1823 ntohs(inet_rsk(req)->ir_rmt_port),
1824 TCP_SYN_RECV,
1825 0, 0,
1826 1,
1827 jiffies_to_clock_t(ttd),
1828 req->num_timeout,
1829 from_kuid_munged(seq_user_ns(seq),
1830 sock_i_uid(req->rsk_listener)),
1831 0,
1832 0,
1833 0, req);
1834}
1835
1836static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1837{
1838 const struct in6_addr *dest, *src;
1839 __u16 destp, srcp;
1840 int timer_active;
1841 unsigned long timer_expires;
1842 const struct inet_sock *inet = inet_sk(sp);
1843 const struct tcp_sock *tp = tcp_sk(sp);
1844 const struct inet_connection_sock *icsk = inet_csk(sp);
1845 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
1846 int rx_queue;
1847 int state;
1848
1849 dest = &sp->sk_v6_daddr;
1850 src = &sp->sk_v6_rcv_saddr;
1851 destp = ntohs(inet->inet_dport);
1852 srcp = ntohs(inet->inet_sport);
1853
1854 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
1855 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
1856 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
1857 timer_active = 1;
1858 timer_expires = icsk->icsk_timeout;
1859 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1860 timer_active = 4;
1861 timer_expires = icsk->icsk_timeout;
1862 } else if (timer_pending(&sp->sk_timer)) {
1863 timer_active = 2;
1864 timer_expires = sp->sk_timer.expires;
1865 } else {
1866 timer_active = 0;
1867 timer_expires = jiffies;
1868 }
1869
1870 state = inet_sk_state_load(sp);
1871 if (state == TCP_LISTEN)
1872 rx_queue = sp->sk_ack_backlog;
1873 else
1874
1875
1876
1877 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
1878
1879 seq_printf(seq,
1880 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1881 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1882 i,
1883 src->s6_addr32[0], src->s6_addr32[1],
1884 src->s6_addr32[2], src->s6_addr32[3], srcp,
1885 dest->s6_addr32[0], dest->s6_addr32[1],
1886 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1887 state,
1888 tp->write_seq - tp->snd_una,
1889 rx_queue,
1890 timer_active,
1891 jiffies_delta_to_clock_t(timer_expires - jiffies),
1892 icsk->icsk_retransmits,
1893 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1894 icsk->icsk_probes_out,
1895 sock_i_ino(sp),
1896 refcount_read(&sp->sk_refcnt), sp,
1897 jiffies_to_clock_t(icsk->icsk_rto),
1898 jiffies_to_clock_t(icsk->icsk_ack.ato),
1899 (icsk->icsk_ack.quick << 1) | inet_csk_in_pingpong_mode(sp),
1900 tp->snd_cwnd,
1901 state == TCP_LISTEN ?
1902 fastopenq->max_qlen :
1903 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1904 );
1905}
1906
1907static void get_timewait6_sock(struct seq_file *seq,
1908 struct inet_timewait_sock *tw, int i)
1909{
1910 long delta = tw->tw_timer.expires - jiffies;
1911 const struct in6_addr *dest, *src;
1912 __u16 destp, srcp;
1913
1914 dest = &tw->tw_v6_daddr;
1915 src = &tw->tw_v6_rcv_saddr;
1916 destp = ntohs(tw->tw_dport);
1917 srcp = ntohs(tw->tw_sport);
1918
1919 seq_printf(seq,
1920 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1921 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1922 i,
1923 src->s6_addr32[0], src->s6_addr32[1],
1924 src->s6_addr32[2], src->s6_addr32[3], srcp,
1925 dest->s6_addr32[0], dest->s6_addr32[1],
1926 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1927 tw->tw_substate, 0, 0,
1928 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1929 refcount_read(&tw->tw_refcnt), tw);
1930}
1931
1932static int tcp6_seq_show(struct seq_file *seq, void *v)
1933{
1934 struct tcp_iter_state *st;
1935 struct sock *sk = v;
1936
1937 if (v == SEQ_START_TOKEN) {
1938 seq_puts(seq,
1939 " sl "
1940 "local_address "
1941 "remote_address "
1942 "st tx_queue rx_queue tr tm->when retrnsmt"
1943 " uid timeout inode\n");
1944 goto out;
1945 }
1946 st = seq->private;
1947
1948 if (sk->sk_state == TCP_TIME_WAIT)
1949 get_timewait6_sock(seq, v, st->num);
1950 else if (sk->sk_state == TCP_NEW_SYN_RECV)
1951 get_openreq6(seq, v, st->num);
1952 else
1953 get_tcp6_sock(seq, v, st->num);
1954out:
1955 return 0;
1956}
1957
1958static const struct seq_operations tcp6_seq_ops = {
1959 .show = tcp6_seq_show,
1960 .start = tcp_seq_start,
1961 .next = tcp_seq_next,
1962 .stop = tcp_seq_stop,
1963};
1964
1965static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1966 .family = AF_INET6,
1967};
1968
1969int __net_init tcp6_proc_init(struct net *net)
1970{
1971 if (!proc_create_net_data("tcp6", 0444, net->proc_net, &tcp6_seq_ops,
1972 sizeof(struct tcp_iter_state), &tcp6_seq_afinfo))
1973 return -ENOMEM;
1974 return 0;
1975}
1976
1977void tcp6_proc_exit(struct net *net)
1978{
1979 remove_proc_entry("tcp6", net->proc_net);
1980}
1981#endif
1982
1983struct proto tcpv6_prot = {
1984 .name = "TCPv6",
1985 .owner = THIS_MODULE,
1986 .close = tcp_close,
1987 .pre_connect = tcp_v6_pre_connect,
1988 .connect = tcp_v6_connect,
1989 .disconnect = tcp_disconnect,
1990 .accept = inet_csk_accept,
1991 .ioctl = tcp_ioctl,
1992 .init = tcp_v6_init_sock,
1993 .destroy = tcp_v6_destroy_sock,
1994 .shutdown = tcp_shutdown,
1995 .setsockopt = tcp_setsockopt,
1996 .getsockopt = tcp_getsockopt,
1997 .keepalive = tcp_set_keepalive,
1998 .recvmsg = tcp_recvmsg,
1999 .sendmsg = tcp_sendmsg,
2000 .sendpage = tcp_sendpage,
2001 .backlog_rcv = tcp_v6_do_rcv,
2002 .release_cb = tcp_release_cb,
2003 .hash = inet6_hash,
2004 .unhash = inet_unhash,
2005 .get_port = inet_csk_get_port,
2006 .enter_memory_pressure = tcp_enter_memory_pressure,
2007 .leave_memory_pressure = tcp_leave_memory_pressure,
2008 .stream_memory_free = tcp_stream_memory_free,
2009 .sockets_allocated = &tcp_sockets_allocated,
2010 .memory_allocated = &tcp_memory_allocated,
2011 .memory_pressure = &tcp_memory_pressure,
2012 .orphan_count = &tcp_orphan_count,
2013 .sysctl_mem = sysctl_tcp_mem,
2014 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
2015 .sysctl_rmem_offset = offsetof(struct net, ipv4.sysctl_tcp_rmem),
2016 .max_header = MAX_TCP_HEADER,
2017 .obj_size = sizeof(struct tcp6_sock),
2018 .slab_flags = SLAB_TYPESAFE_BY_RCU,
2019 .twsk_prot = &tcp6_timewait_sock_ops,
2020 .rsk_prot = &tcp6_request_sock_ops,
2021 .h.hashinfo = &tcp_hashinfo,
2022 .no_autobind = true,
2023#ifdef CONFIG_COMPAT
2024 .compat_setsockopt = compat_tcp_setsockopt,
2025 .compat_getsockopt = compat_tcp_getsockopt,
2026#endif
2027 .diag_destroy = tcp_abort,
2028};
2029
2030
2031
2032
2033static struct inet6_protocol tcpv6_protocol = {
2034 .early_demux = tcp_v6_early_demux,
2035 .early_demux_handler = tcp_v6_early_demux,
2036 .handler = tcp_v6_rcv,
2037 .err_handler = tcp_v6_err,
2038 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2039};
2040
2041static struct inet_protosw tcpv6_protosw = {
2042 .type = SOCK_STREAM,
2043 .protocol = IPPROTO_TCP,
2044 .prot = &tcpv6_prot,
2045 .ops = &inet6_stream_ops,
2046 .flags = INET_PROTOSW_PERMANENT |
2047 INET_PROTOSW_ICSK,
2048};
2049
2050static int __net_init tcpv6_net_init(struct net *net)
2051{
2052 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2053 SOCK_RAW, IPPROTO_TCP, net);
2054}
2055
2056static void __net_exit tcpv6_net_exit(struct net *net)
2057{
2058 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2059}
2060
2061static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2062{
2063 inet_twsk_purge(&tcp_hashinfo, AF_INET6);
2064}
2065
2066static struct pernet_operations tcpv6_net_ops = {
2067 .init = tcpv6_net_init,
2068 .exit = tcpv6_net_exit,
2069 .exit_batch = tcpv6_net_exit_batch,
2070};
2071
2072int __init tcpv6_init(void)
2073{
2074 int ret;
2075
2076 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2077 if (ret)
2078 goto out;
2079
2080
2081 ret = inet6_register_protosw(&tcpv6_protosw);
2082 if (ret)
2083 goto out_tcpv6_protocol;
2084
2085 ret = register_pernet_subsys(&tcpv6_net_ops);
2086 if (ret)
2087 goto out_tcpv6_protosw;
2088out:
2089 return ret;
2090
2091out_tcpv6_protosw:
2092 inet6_unregister_protosw(&tcpv6_protosw);
2093out_tcpv6_protocol:
2094 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2095 goto out;
2096}
2097
2098void tcpv6_exit(void)
2099{
2100 unregister_pernet_subsys(&tcpv6_net_ops);
2101 inet6_unregister_protosw(&tcpv6_protosw);
2102 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2103}
2104
