1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26#include <linux/bottom_half.h>
27#include <linux/module.h>
28#include <linux/errno.h>
29#include <linux/types.h>
30#include <linux/socket.h>
31#include <linux/sockios.h>
32#include <linux/net.h>
33#include <linux/jiffies.h>
34#include <linux/in.h>
35#include <linux/in6.h>
36#include <linux/netdevice.h>
37#include <linux/init.h>
38#include <linux/jhash.h>
39#include <linux/ipsec.h>
40#include <linux/times.h>
41#include <linux/slab.h>
42#include <linux/uaccess.h>
43#include <linux/ipv6.h>
44#include <linux/icmpv6.h>
45#include <linux/random.h>
46
47#include <net/tcp.h>
48#include <net/ndisc.h>
49#include <net/inet6_hashtables.h>
50#include <net/inet6_connection_sock.h>
51#include <net/ipv6.h>
52#include <net/transp_v6.h>
53#include <net/addrconf.h>
54#include <net/ip6_route.h>
55#include <net/ip6_checksum.h>
56#include <net/inet_ecn.h>
57#include <net/protocol.h>
58#include <net/xfrm.h>
59#include <net/snmp.h>
60#include <net/dsfield.h>
61#include <net/timewait_sock.h>
62#include <net/inet_common.h>
63#include <net/secure_seq.h>
64#include <net/busy_poll.h>
65
66#include <linux/proc_fs.h>
67#include <linux/seq_file.h>
68
69#include <crypto/hash.h>
70#include <linux/scatterlist.h>
71
72static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
73static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
74 struct request_sock *req);
75
76static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
77
78static const struct inet_connection_sock_af_ops ipv6_mapped;
79static const struct inet_connection_sock_af_ops ipv6_specific;
80#ifdef CONFIG_TCP_MD5SIG
81static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
82static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
83#else
84static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
85 const struct in6_addr *addr)
86{
87 return NULL;
88}
89#endif
90
91static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
92{
93 struct dst_entry *dst = skb_dst(skb);
94
95 if (dst && dst_hold_safe(dst)) {
96 const struct rt6_info *rt = (const struct rt6_info *)dst;
97
98 sk->sk_rx_dst = dst;
99 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
100 inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt);
101 }
102}
103
104static u32 tcp_v6_init_seq(const struct sk_buff *skb)
105{
106 return secure_tcpv6_seq(ipv6_hdr(skb)->daddr.s6_addr32,
107 ipv6_hdr(skb)->saddr.s6_addr32,
108 tcp_hdr(skb)->dest,
109 tcp_hdr(skb)->source);
110}
111
112static u32 tcp_v6_init_ts_off(const struct net *net, const struct sk_buff *skb)
113{
114 return secure_tcpv6_ts_off(net, ipv6_hdr(skb)->daddr.s6_addr32,
115 ipv6_hdr(skb)->saddr.s6_addr32);
116}
117
118static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
119 int addr_len)
120{
121 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
122 struct inet_sock *inet = inet_sk(sk);
123 struct inet_connection_sock *icsk = inet_csk(sk);
124 struct ipv6_pinfo *np = inet6_sk(sk);
125 struct tcp_sock *tp = tcp_sk(sk);
126 struct in6_addr *saddr = NULL, *final_p, final;
127 struct ipv6_txoptions *opt;
128 struct flowi6 fl6;
129 struct dst_entry *dst;
130 int addr_type;
131 int err;
132 struct inet_timewait_death_row *tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row;
133
134 if (addr_len < SIN6_LEN_RFC2133)
135 return -EINVAL;
136
137 if (usin->sin6_family != AF_INET6)
138 return -EAFNOSUPPORT;
139
140 memset(&fl6, 0, sizeof(fl6));
141
142 if (np->sndflow) {
143 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
144 IP6_ECN_flow_init(fl6.flowlabel);
145 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
146 struct ip6_flowlabel *flowlabel;
147 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
148 if (!flowlabel)
149 return -EINVAL;
150 fl6_sock_release(flowlabel);
151 }
152 }
153
154
155
156
157
158 if (ipv6_addr_any(&usin->sin6_addr)) {
159 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
160 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
161 &usin->sin6_addr);
162 else
163 usin->sin6_addr = in6addr_loopback;
164 }
165
166 addr_type = ipv6_addr_type(&usin->sin6_addr);
167
168 if (addr_type & IPV6_ADDR_MULTICAST)
169 return -ENETUNREACH;
170
171 if (addr_type&IPV6_ADDR_LINKLOCAL) {
172 if (addr_len >= sizeof(struct sockaddr_in6) &&
173 usin->sin6_scope_id) {
174
175
176
177 if (sk->sk_bound_dev_if &&
178 sk->sk_bound_dev_if != usin->sin6_scope_id)
179 return -EINVAL;
180
181 sk->sk_bound_dev_if = usin->sin6_scope_id;
182 }
183
184
185 if (!sk->sk_bound_dev_if)
186 return -EINVAL;
187 }
188
189 if (tp->rx_opt.ts_recent_stamp &&
190 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
191 tp->rx_opt.ts_recent = 0;
192 tp->rx_opt.ts_recent_stamp = 0;
193 tp->write_seq = 0;
194 }
195
196 sk->sk_v6_daddr = usin->sin6_addr;
197 np->flow_label = fl6.flowlabel;
198
199
200
201
202
203 if (addr_type & IPV6_ADDR_MAPPED) {
204 u32 exthdrlen = icsk->icsk_ext_hdr_len;
205 struct sockaddr_in sin;
206
207 SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
208
209 if (__ipv6_only_sock(sk))
210 return -ENETUNREACH;
211
212 sin.sin_family = AF_INET;
213 sin.sin_port = usin->sin6_port;
214 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
215
216 icsk->icsk_af_ops = &ipv6_mapped;
217 sk->sk_backlog_rcv = tcp_v4_do_rcv;
218#ifdef CONFIG_TCP_MD5SIG
219 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
220#endif
221
222 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
223
224 if (err) {
225 icsk->icsk_ext_hdr_len = exthdrlen;
226 icsk->icsk_af_ops = &ipv6_specific;
227 sk->sk_backlog_rcv = tcp_v6_do_rcv;
228#ifdef CONFIG_TCP_MD5SIG
229 tp->af_specific = &tcp_sock_ipv6_specific;
230#endif
231 goto failure;
232 }
233 np->saddr = sk->sk_v6_rcv_saddr;
234
235 return err;
236 }
237
238 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
239 saddr = &sk->sk_v6_rcv_saddr;
240
241 fl6.flowi6_proto = IPPROTO_TCP;
242 fl6.daddr = sk->sk_v6_daddr;
243 fl6.saddr = saddr ? *saddr : np->saddr;
244 fl6.flowi6_oif = sk->sk_bound_dev_if;
245 fl6.flowi6_mark = sk->sk_mark;
246 fl6.fl6_dport = usin->sin6_port;
247 fl6.fl6_sport = inet->inet_sport;
248 fl6.flowi6_uid = sk->sk_uid;
249
250 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
251 final_p = fl6_update_dst(&fl6, opt, &final);
252
253 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
254
255 dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
256 if (IS_ERR(dst)) {
257 err = PTR_ERR(dst);
258 goto failure;
259 }
260
261 if (!saddr) {
262 saddr = &fl6.saddr;
263 sk->sk_v6_rcv_saddr = *saddr;
264 }
265
266
267 np->saddr = *saddr;
268 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
269
270 sk->sk_gso_type = SKB_GSO_TCPV6;
271 ip6_dst_store(sk, dst, NULL, NULL);
272
273 icsk->icsk_ext_hdr_len = 0;
274 if (opt)
275 icsk->icsk_ext_hdr_len = opt->opt_flen +
276 opt->opt_nflen;
277
278 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
279
280 inet->inet_dport = usin->sin6_port;
281
282 tcp_set_state(sk, TCP_SYN_SENT);
283 err = inet6_hash_connect(tcp_death_row, sk);
284 if (err)
285 goto late_failure;
286
287 sk_set_txhash(sk);
288
289 if (likely(!tp->repair)) {
290 if (!tp->write_seq)
291 tp->write_seq = secure_tcpv6_seq(np->saddr.s6_addr32,
292 sk->sk_v6_daddr.s6_addr32,
293 inet->inet_sport,
294 inet->inet_dport);
295 tp->tsoffset = secure_tcpv6_ts_off(sock_net(sk),
296 np->saddr.s6_addr32,
297 sk->sk_v6_daddr.s6_addr32);
298 }
299
300 if (tcp_fastopen_defer_connect(sk, &err))
301 return err;
302 if (err)
303 goto late_failure;
304
305 err = tcp_connect(sk);
306 if (err)
307 goto late_failure;
308
309 return 0;
310
311late_failure:
312 tcp_set_state(sk, TCP_CLOSE);
313failure:
314 inet->inet_dport = 0;
315 sk->sk_route_caps = 0;
316 return err;
317}
318
319static void tcp_v6_mtu_reduced(struct sock *sk)
320{
321 struct dst_entry *dst;
322
323 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
324 return;
325
326 dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
327 if (!dst)
328 return;
329
330 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
331 tcp_sync_mss(sk, dst_mtu(dst));
332 tcp_simple_retransmit(sk);
333 }
334}
335
336static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
337 u8 type, u8 code, int offset, __be32 info)
338{
339 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
340 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
341 struct net *net = dev_net(skb->dev);
342 struct request_sock *fastopen;
343 struct ipv6_pinfo *np;
344 struct tcp_sock *tp;
345 __u32 seq, snd_una;
346 struct sock *sk;
347 bool fatal;
348 int err;
349
350 sk = __inet6_lookup_established(net, &tcp_hashinfo,
351 &hdr->daddr, th->dest,
352 &hdr->saddr, ntohs(th->source),
353 skb->dev->ifindex, inet6_sdif(skb));
354
355 if (!sk) {
356 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
357 ICMP6_MIB_INERRORS);
358 return;
359 }
360
361 if (sk->sk_state == TCP_TIME_WAIT) {
362 inet_twsk_put(inet_twsk(sk));
363 return;
364 }
365 seq = ntohl(th->seq);
366 fatal = icmpv6_err_convert(type, code, &err);
367 if (sk->sk_state == TCP_NEW_SYN_RECV)
368 return tcp_req_err(sk, seq, fatal);
369
370 bh_lock_sock(sk);
371 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
372 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
373
374 if (sk->sk_state == TCP_CLOSE)
375 goto out;
376
377 if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
378 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
379 goto out;
380 }
381
382 tp = tcp_sk(sk);
383
384 fastopen = tp->fastopen_rsk;
385 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
386 if (sk->sk_state != TCP_LISTEN &&
387 !between(seq, snd_una, tp->snd_nxt)) {
388 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
389 goto out;
390 }
391
392 np = inet6_sk(sk);
393
394 if (type == NDISC_REDIRECT) {
395 if (!sock_owned_by_user(sk)) {
396 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
397
398 if (dst)
399 dst->ops->redirect(dst, sk, skb);
400 }
401 goto out;
402 }
403
404 if (type == ICMPV6_PKT_TOOBIG) {
405
406
407
408
409 if (sk->sk_state == TCP_LISTEN)
410 goto out;
411
412 if (!ip6_sk_accept_pmtu(sk))
413 goto out;
414
415 tp->mtu_info = ntohl(info);
416 if (!sock_owned_by_user(sk))
417 tcp_v6_mtu_reduced(sk);
418 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
419 &sk->sk_tsq_flags))
420 sock_hold(sk);
421 goto out;
422 }
423
424
425
426 switch (sk->sk_state) {
427 case TCP_SYN_SENT:
428 case TCP_SYN_RECV:
429
430
431
432 if (fastopen && !fastopen->sk)
433 break;
434
435 if (!sock_owned_by_user(sk)) {
436 sk->sk_err = err;
437 sk->sk_error_report(sk);
438
439 tcp_done(sk);
440 } else
441 sk->sk_err_soft = err;
442 goto out;
443 }
444
445 if (!sock_owned_by_user(sk) && np->recverr) {
446 sk->sk_err = err;
447 sk->sk_error_report(sk);
448 } else
449 sk->sk_err_soft = err;
450
451out:
452 bh_unlock_sock(sk);
453 sock_put(sk);
454}
455
456
457static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
458 struct flowi *fl,
459 struct request_sock *req,
460 struct tcp_fastopen_cookie *foc,
461 enum tcp_synack_type synack_type)
462{
463 struct inet_request_sock *ireq = inet_rsk(req);
464 struct ipv6_pinfo *np = inet6_sk(sk);
465 struct ipv6_txoptions *opt;
466 struct flowi6 *fl6 = &fl->u.ip6;
467 struct sk_buff *skb;
468 int err = -ENOMEM;
469
470
471 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
472 IPPROTO_TCP)) == NULL)
473 goto done;
474
475 skb = tcp_make_synack(sk, dst, req, foc, synack_type);
476
477 if (skb) {
478 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
479 &ireq->ir_v6_rmt_addr);
480
481 fl6->daddr = ireq->ir_v6_rmt_addr;
482 if (np->repflow && ireq->pktopts)
483 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
484
485 rcu_read_lock();
486 opt = ireq->ipv6_opt;
487 if (!opt)
488 opt = rcu_dereference(np->opt);
489 err = ip6_xmit(sk, skb, fl6, sk->sk_mark, opt, np->tclass);
490 rcu_read_unlock();
491 err = net_xmit_eval(err);
492 }
493
494done:
495 return err;
496}
497
498
499static void tcp_v6_reqsk_destructor(struct request_sock *req)
500{
501 kfree(inet_rsk(req)->ipv6_opt);
502 kfree_skb(inet_rsk(req)->pktopts);
503}
504
505#ifdef CONFIG_TCP_MD5SIG
506static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
507 const struct in6_addr *addr)
508{
509 return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
510}
511
512static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
513 const struct sock *addr_sk)
514{
515 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
516}
517
518static int tcp_v6_parse_md5_keys(struct sock *sk, int optname,
519 char __user *optval, int optlen)
520{
521 struct tcp_md5sig cmd;
522 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
523 u8 prefixlen;
524
525 if (optlen < sizeof(cmd))
526 return -EINVAL;
527
528 if (copy_from_user(&cmd, optval, sizeof(cmd)))
529 return -EFAULT;
530
531 if (sin6->sin6_family != AF_INET6)
532 return -EINVAL;
533
534 if (optname == TCP_MD5SIG_EXT &&
535 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
536 prefixlen = cmd.tcpm_prefixlen;
537 if (prefixlen > 128 || (ipv6_addr_v4mapped(&sin6->sin6_addr) &&
538 prefixlen > 32))
539 return -EINVAL;
540 } else {
541 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128;
542 }
543
544 if (!cmd.tcpm_keylen) {
545 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
546 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
547 AF_INET, prefixlen);
548 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
549 AF_INET6, prefixlen);
550 }
551
552 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
553 return -EINVAL;
554
555 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
556 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
557 AF_INET, prefixlen, cmd.tcpm_key,
558 cmd.tcpm_keylen, GFP_KERNEL);
559
560 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
561 AF_INET6, prefixlen, cmd.tcpm_key,
562 cmd.tcpm_keylen, GFP_KERNEL);
563}
564
565static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp,
566 const struct in6_addr *daddr,
567 const struct in6_addr *saddr,
568 const struct tcphdr *th, int nbytes)
569{
570 struct tcp6_pseudohdr *bp;
571 struct scatterlist sg;
572 struct tcphdr *_th;
573
574 bp = hp->scratch;
575
576 bp->saddr = *saddr;
577 bp->daddr = *daddr;
578 bp->protocol = cpu_to_be32(IPPROTO_TCP);
579 bp->len = cpu_to_be32(nbytes);
580
581 _th = (struct tcphdr *)(bp + 1);
582 memcpy(_th, th, sizeof(*th));
583 _th->check = 0;
584
585 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
586 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
587 sizeof(*bp) + sizeof(*th));
588 return crypto_ahash_update(hp->md5_req);
589}
590
591static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
592 const struct in6_addr *daddr, struct in6_addr *saddr,
593 const struct tcphdr *th)
594{
595 struct tcp_md5sig_pool *hp;
596 struct ahash_request *req;
597
598 hp = tcp_get_md5sig_pool();
599 if (!hp)
600 goto clear_hash_noput;
601 req = hp->md5_req;
602
603 if (crypto_ahash_init(req))
604 goto clear_hash;
605 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
606 goto clear_hash;
607 if (tcp_md5_hash_key(hp, key))
608 goto clear_hash;
609 ahash_request_set_crypt(req, NULL, md5_hash, 0);
610 if (crypto_ahash_final(req))
611 goto clear_hash;
612
613 tcp_put_md5sig_pool();
614 return 0;
615
616clear_hash:
617 tcp_put_md5sig_pool();
618clear_hash_noput:
619 memset(md5_hash, 0, 16);
620 return 1;
621}
622
623static int tcp_v6_md5_hash_skb(char *md5_hash,
624 const struct tcp_md5sig_key *key,
625 const struct sock *sk,
626 const struct sk_buff *skb)
627{
628 const struct in6_addr *saddr, *daddr;
629 struct tcp_md5sig_pool *hp;
630 struct ahash_request *req;
631 const struct tcphdr *th = tcp_hdr(skb);
632
633 if (sk) {
634 saddr = &sk->sk_v6_rcv_saddr;
635 daddr = &sk->sk_v6_daddr;
636 } else {
637 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
638 saddr = &ip6h->saddr;
639 daddr = &ip6h->daddr;
640 }
641
642 hp = tcp_get_md5sig_pool();
643 if (!hp)
644 goto clear_hash_noput;
645 req = hp->md5_req;
646
647 if (crypto_ahash_init(req))
648 goto clear_hash;
649
650 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len))
651 goto clear_hash;
652 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
653 goto clear_hash;
654 if (tcp_md5_hash_key(hp, key))
655 goto clear_hash;
656 ahash_request_set_crypt(req, NULL, md5_hash, 0);
657 if (crypto_ahash_final(req))
658 goto clear_hash;
659
660 tcp_put_md5sig_pool();
661 return 0;
662
663clear_hash:
664 tcp_put_md5sig_pool();
665clear_hash_noput:
666 memset(md5_hash, 0, 16);
667 return 1;
668}
669
670#endif
671
672static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
673 const struct sk_buff *skb)
674{
675#ifdef CONFIG_TCP_MD5SIG
676 const __u8 *hash_location = NULL;
677 struct tcp_md5sig_key *hash_expected;
678 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
679 const struct tcphdr *th = tcp_hdr(skb);
680 int genhash;
681 u8 newhash[16];
682
683 hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
684 hash_location = tcp_parse_md5sig_option(th);
685
686
687 if (!hash_expected && !hash_location)
688 return false;
689
690 if (hash_expected && !hash_location) {
691 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
692 return true;
693 }
694
695 if (!hash_expected && hash_location) {
696 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
697 return true;
698 }
699
700
701 genhash = tcp_v6_md5_hash_skb(newhash,
702 hash_expected,
703 NULL, skb);
704
705 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
706 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE);
707 net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
708 genhash ? "failed" : "mismatch",
709 &ip6h->saddr, ntohs(th->source),
710 &ip6h->daddr, ntohs(th->dest));
711 return true;
712 }
713#endif
714 return false;
715}
716
717static void tcp_v6_init_req(struct request_sock *req,
718 const struct sock *sk_listener,
719 struct sk_buff *skb)
720{
721 struct inet_request_sock *ireq = inet_rsk(req);
722 const struct ipv6_pinfo *np = inet6_sk(sk_listener);
723
724 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
725 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
726
727
728 if (!sk_listener->sk_bound_dev_if &&
729 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
730 ireq->ir_iif = tcp_v6_iif(skb);
731
732 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
733 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
734 np->rxopt.bits.rxinfo ||
735 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
736 np->rxopt.bits.rxohlim || np->repflow)) {
737 refcount_inc(&skb->users);
738 ireq->pktopts = skb;
739 }
740}
741
742static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
743 struct flowi *fl,
744 const struct request_sock *req)
745{
746 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
747}
748
749struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
750 .family = AF_INET6,
751 .obj_size = sizeof(struct tcp6_request_sock),
752 .rtx_syn_ack = tcp_rtx_synack,
753 .send_ack = tcp_v6_reqsk_send_ack,
754 .destructor = tcp_v6_reqsk_destructor,
755 .send_reset = tcp_v6_send_reset,
756 .syn_ack_timeout = tcp_syn_ack_timeout,
757};
758
759static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
760 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
761 sizeof(struct ipv6hdr),
762#ifdef CONFIG_TCP_MD5SIG
763 .req_md5_lookup = tcp_v6_md5_lookup,
764 .calc_md5_hash = tcp_v6_md5_hash_skb,
765#endif
766 .init_req = tcp_v6_init_req,
767#ifdef CONFIG_SYN_COOKIES
768 .cookie_init_seq = cookie_v6_init_sequence,
769#endif
770 .route_req = tcp_v6_route_req,
771 .init_seq = tcp_v6_init_seq,
772 .init_ts_off = tcp_v6_init_ts_off,
773 .send_synack = tcp_v6_send_synack,
774};
775
776static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
777 u32 ack, u32 win, u32 tsval, u32 tsecr,
778 int oif, struct tcp_md5sig_key *key, int rst,
779 u8 tclass, __be32 label)
780{
781 const struct tcphdr *th = tcp_hdr(skb);
782 struct tcphdr *t1;
783 struct sk_buff *buff;
784 struct flowi6 fl6;
785 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
786 struct sock *ctl_sk = net->ipv6.tcp_sk;
787 unsigned int tot_len = sizeof(struct tcphdr);
788 struct dst_entry *dst;
789 __be32 *topt;
790
791 if (tsecr)
792 tot_len += TCPOLEN_TSTAMP_ALIGNED;
793#ifdef CONFIG_TCP_MD5SIG
794 if (key)
795 tot_len += TCPOLEN_MD5SIG_ALIGNED;
796#endif
797
798 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
799 GFP_ATOMIC);
800 if (!buff)
801 return;
802
803 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
804
805 t1 = skb_push(buff, tot_len);
806 skb_reset_transport_header(buff);
807
808
809 memset(t1, 0, sizeof(*t1));
810 t1->dest = th->source;
811 t1->source = th->dest;
812 t1->doff = tot_len / 4;
813 t1->seq = htonl(seq);
814 t1->ack_seq = htonl(ack);
815 t1->ack = !rst || !th->ack;
816 t1->rst = rst;
817 t1->window = htons(win);
818
819 topt = (__be32 *)(t1 + 1);
820
821 if (tsecr) {
822 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
823 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
824 *topt++ = htonl(tsval);
825 *topt++ = htonl(tsecr);
826 }
827
828#ifdef CONFIG_TCP_MD5SIG
829 if (key) {
830 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
831 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
832 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
833 &ipv6_hdr(skb)->saddr,
834 &ipv6_hdr(skb)->daddr, t1);
835 }
836#endif
837
838 memset(&fl6, 0, sizeof(fl6));
839 fl6.daddr = ipv6_hdr(skb)->saddr;
840 fl6.saddr = ipv6_hdr(skb)->daddr;
841 fl6.flowlabel = label;
842
843 buff->ip_summed = CHECKSUM_PARTIAL;
844 buff->csum = 0;
845
846 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
847
848 fl6.flowi6_proto = IPPROTO_TCP;
849 if (rt6_need_strict(&fl6.daddr) && !oif)
850 fl6.flowi6_oif = tcp_v6_iif(skb);
851 else {
852 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
853 oif = skb->skb_iif;
854
855 fl6.flowi6_oif = oif;
856 }
857
858 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark);
859 fl6.fl6_dport = t1->dest;
860 fl6.fl6_sport = t1->source;
861 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
862 security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
863
864
865
866
867
868 dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
869 if (!IS_ERR(dst)) {
870 skb_dst_set(buff, dst);
871 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL, tclass);
872 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
873 if (rst)
874 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
875 return;
876 }
877
878 kfree_skb(buff);
879}
880
881static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
882{
883 const struct tcphdr *th = tcp_hdr(skb);
884 u32 seq = 0, ack_seq = 0;
885 struct tcp_md5sig_key *key = NULL;
886#ifdef CONFIG_TCP_MD5SIG
887 const __u8 *hash_location = NULL;
888 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
889 unsigned char newhash[16];
890 int genhash;
891 struct sock *sk1 = NULL;
892#endif
893 int oif;
894
895 if (th->rst)
896 return;
897
898
899
900
901 if (!sk && !ipv6_unicast_destination(skb))
902 return;
903
904#ifdef CONFIG_TCP_MD5SIG
905 rcu_read_lock();
906 hash_location = tcp_parse_md5sig_option(th);
907 if (sk && sk_fullsock(sk)) {
908 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr);
909 } else if (hash_location) {
910
911
912
913
914
915
916
917 sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
918 &tcp_hashinfo, NULL, 0,
919 &ipv6h->saddr,
920 th->source, &ipv6h->daddr,
921 ntohs(th->source), tcp_v6_iif(skb),
922 tcp_v6_sdif(skb));
923 if (!sk1)
924 goto out;
925
926 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
927 if (!key)
928 goto out;
929
930 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
931 if (genhash || memcmp(hash_location, newhash, 16) != 0)
932 goto out;
933 }
934#endif
935
936 if (th->ack)
937 seq = ntohl(th->ack_seq);
938 else
939 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
940 (th->doff << 2);
941
942 oif = sk ? sk->sk_bound_dev_if : 0;
943 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0);
944
945#ifdef CONFIG_TCP_MD5SIG
946out:
947 rcu_read_unlock();
948#endif
949}
950
951static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
952 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
953 struct tcp_md5sig_key *key, u8 tclass,
954 __be32 label)
955{
956 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
957 tclass, label);
958}
959
960static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
961{
962 struct inet_timewait_sock *tw = inet_twsk(sk);
963 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
964
965 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
966 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
967 tcp_time_stamp_raw() + tcptw->tw_ts_offset,
968 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
969 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel));
970
971 inet_twsk_put(tw);
972}
973
974static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
975 struct request_sock *req)
976{
977
978
979
980
981
982
983
984
985 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
986 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
987 tcp_rsk(req)->rcv_nxt,
988 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
989 tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
990 req->ts_recent, sk->sk_bound_dev_if,
991 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr),
992 0, 0);
993}
994
995
996static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
997{
998#ifdef CONFIG_SYN_COOKIES
999 const struct tcphdr *th = tcp_hdr(skb);
1000
1001 if (!th->syn)
1002 sk = cookie_v6_check(sk, skb);
1003#endif
1004 return sk;
1005}
1006
1007static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1008{
1009 if (skb->protocol == htons(ETH_P_IP))
1010 return tcp_v4_conn_request(sk, skb);
1011
1012 if (!ipv6_unicast_destination(skb))
1013 goto drop;
1014
1015 return tcp_conn_request(&tcp6_request_sock_ops,
1016 &tcp_request_sock_ipv6_ops, sk, skb);
1017
1018drop:
1019 tcp_listendrop(sk);
1020 return 0;
1021}
1022
1023static void tcp_v6_restore_cb(struct sk_buff *skb)
1024{
1025
1026
1027
1028
1029 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1030 sizeof(struct inet6_skb_parm));
1031}
1032
1033static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
1034 struct request_sock *req,
1035 struct dst_entry *dst,
1036 struct request_sock *req_unhash,
1037 bool *own_req)
1038{
1039 struct inet_request_sock *ireq;
1040 struct ipv6_pinfo *newnp;
1041 const struct ipv6_pinfo *np = inet6_sk(sk);
1042 struct ipv6_txoptions *opt;
1043 struct tcp6_sock *newtcp6sk;
1044 struct inet_sock *newinet;
1045 struct tcp_sock *newtp;
1046 struct sock *newsk;
1047#ifdef CONFIG_TCP_MD5SIG
1048 struct tcp_md5sig_key *key;
1049#endif
1050 struct flowi6 fl6;
1051
1052 if (skb->protocol == htons(ETH_P_IP)) {
1053
1054
1055
1056
1057 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1058 req_unhash, own_req);
1059
1060 if (!newsk)
1061 return NULL;
1062
1063 newtcp6sk = (struct tcp6_sock *)newsk;
1064 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1065
1066 newinet = inet_sk(newsk);
1067 newnp = inet6_sk(newsk);
1068 newtp = tcp_sk(newsk);
1069
1070 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1071
1072 newnp->saddr = newsk->sk_v6_rcv_saddr;
1073
1074 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1075 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1076#ifdef CONFIG_TCP_MD5SIG
1077 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1078#endif
1079
1080 newnp->ipv6_mc_list = NULL;
1081 newnp->ipv6_ac_list = NULL;
1082 newnp->ipv6_fl_list = NULL;
1083 newnp->pktoptions = NULL;
1084 newnp->opt = NULL;
1085 newnp->mcast_oif = tcp_v6_iif(skb);
1086 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1087 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1088 if (np->repflow)
1089 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1102
1103 return newsk;
1104 }
1105
1106 ireq = inet_rsk(req);
1107
1108 if (sk_acceptq_is_full(sk))
1109 goto out_overflow;
1110
1111 if (!dst) {
1112 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
1113 if (!dst)
1114 goto out;
1115 }
1116
1117 newsk = tcp_create_openreq_child(sk, req, skb);
1118 if (!newsk)
1119 goto out_nonewsk;
1120
1121
1122
1123
1124
1125
1126
1127 newsk->sk_gso_type = SKB_GSO_TCPV6;
1128 ip6_dst_store(newsk, dst, NULL, NULL);
1129 inet6_sk_rx_dst_set(newsk, skb);
1130
1131 newtcp6sk = (struct tcp6_sock *)newsk;
1132 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1133
1134 newtp = tcp_sk(newsk);
1135 newinet = inet_sk(newsk);
1136 newnp = inet6_sk(newsk);
1137
1138 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1139
1140 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1141 newnp->saddr = ireq->ir_v6_loc_addr;
1142 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1143 newsk->sk_bound_dev_if = ireq->ir_iif;
1144
1145
1146
1147
1148
1149 newinet->inet_opt = NULL;
1150 newnp->ipv6_mc_list = NULL;
1151 newnp->ipv6_ac_list = NULL;
1152 newnp->ipv6_fl_list = NULL;
1153
1154
1155 newnp->rxopt.all = np->rxopt.all;
1156
1157 newnp->pktoptions = NULL;
1158 newnp->opt = NULL;
1159 newnp->mcast_oif = tcp_v6_iif(skb);
1160 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1161 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1162 if (np->repflow)
1163 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1164
1165
1166
1167
1168
1169
1170
1171 opt = ireq->ipv6_opt;
1172 if (!opt)
1173 opt = rcu_dereference(np->opt);
1174 if (opt) {
1175 opt = ipv6_dup_options(newsk, opt);
1176 RCU_INIT_POINTER(newnp->opt, opt);
1177 }
1178 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1179 if (opt)
1180 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1181 opt->opt_flen;
1182
1183 tcp_ca_openreq_child(newsk, dst);
1184
1185 tcp_sync_mss(newsk, dst_mtu(dst));
1186 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
1187
1188 tcp_initialize_rcv_mss(newsk);
1189
1190 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1191 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1192
1193#ifdef CONFIG_TCP_MD5SIG
1194
1195 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
1196 if (key) {
1197
1198
1199
1200
1201
1202 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
1203 AF_INET6, 128, key->key, key->keylen,
1204 sk_gfp_mask(sk, GFP_ATOMIC));
1205 }
1206#endif
1207
1208 if (__inet_inherit_port(sk, newsk) < 0) {
1209 inet_csk_prepare_forced_close(newsk);
1210 tcp_done(newsk);
1211 goto out;
1212 }
1213 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
1214 if (*own_req) {
1215 tcp_move_syn(newtp, req);
1216
1217
1218 if (ireq->pktopts) {
1219 newnp->pktoptions = skb_clone(ireq->pktopts,
1220 sk_gfp_mask(sk, GFP_ATOMIC));
1221 consume_skb(ireq->pktopts);
1222 ireq->pktopts = NULL;
1223 if (newnp->pktoptions) {
1224 tcp_v6_restore_cb(newnp->pktoptions);
1225 skb_set_owner_r(newnp->pktoptions, newsk);
1226 }
1227 }
1228 }
1229
1230 return newsk;
1231
1232out_overflow:
1233 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1234out_nonewsk:
1235 dst_release(dst);
1236out:
1237 tcp_listendrop(sk);
1238 return NULL;
1239}
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1250{
1251 struct ipv6_pinfo *np = inet6_sk(sk);
1252 struct tcp_sock *tp;
1253 struct sk_buff *opt_skb = NULL;
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263 if (skb->protocol == htons(ETH_P_IP))
1264 return tcp_v4_do_rcv(sk, skb);
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284 if (np->rxopt.all)
1285 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC));
1286
1287 if (sk->sk_state == TCP_ESTABLISHED) {
1288 struct dst_entry *dst = sk->sk_rx_dst;
1289
1290 sock_rps_save_rxhash(sk, skb);
1291 sk_mark_napi_id(sk, skb);
1292 if (dst) {
1293 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1294 dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1295 dst_release(dst);
1296 sk->sk_rx_dst = NULL;
1297 }
1298 }
1299
1300 tcp_rcv_established(sk, skb, tcp_hdr(skb));
1301 if (opt_skb)
1302 goto ipv6_pktoptions;
1303 return 0;
1304 }
1305
1306 if (tcp_checksum_complete(skb))
1307 goto csum_err;
1308
1309 if (sk->sk_state == TCP_LISTEN) {
1310 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1311
1312 if (!nsk)
1313 goto discard;
1314
1315 if (nsk != sk) {
1316 if (tcp_child_process(sk, nsk, skb))
1317 goto reset;
1318 if (opt_skb)
1319 __kfree_skb(opt_skb);
1320 return 0;
1321 }
1322 } else
1323 sock_rps_save_rxhash(sk, skb);
1324
1325 if (tcp_rcv_state_process(sk, skb))
1326 goto reset;
1327 if (opt_skb)
1328 goto ipv6_pktoptions;
1329 return 0;
1330
1331reset:
1332 tcp_v6_send_reset(sk, skb);
1333discard:
1334 if (opt_skb)
1335 __kfree_skb(opt_skb);
1336 kfree_skb(skb);
1337 return 0;
1338csum_err:
1339 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1340 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1341 goto discard;
1342
1343
1344ipv6_pktoptions:
1345
1346
1347
1348
1349
1350
1351
1352 tp = tcp_sk(sk);
1353 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1354 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1355 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1356 np->mcast_oif = tcp_v6_iif(opt_skb);
1357 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1358 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1359 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1360 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
1361 if (np->repflow)
1362 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
1363 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1364 skb_set_owner_r(opt_skb, sk);
1365 tcp_v6_restore_cb(opt_skb);
1366 opt_skb = xchg(&np->pktoptions, opt_skb);
1367 } else {
1368 __kfree_skb(opt_skb);
1369 opt_skb = xchg(&np->pktoptions, NULL);
1370 }
1371 }
1372
1373 kfree_skb(opt_skb);
1374 return 0;
1375}
1376
1377static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1378 const struct tcphdr *th)
1379{
1380
1381
1382
1383
1384
1385 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1386 sizeof(struct inet6_skb_parm));
1387 barrier();
1388
1389 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1390 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1391 skb->len - th->doff*4);
1392 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1393 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1394 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1395 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1396 TCP_SKB_CB(skb)->sacked = 0;
1397 TCP_SKB_CB(skb)->has_rxtstamp =
1398 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
1399}
1400
1401static int tcp_v6_rcv(struct sk_buff *skb)
1402{
1403 int sdif = inet6_sdif(skb);
1404 const struct tcphdr *th;
1405 const struct ipv6hdr *hdr;
1406 bool refcounted;
1407 struct sock *sk;
1408 int ret;
1409 struct net *net = dev_net(skb->dev);
1410
1411 if (skb->pkt_type != PACKET_HOST)
1412 goto discard_it;
1413
1414
1415
1416
1417 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1418
1419 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1420 goto discard_it;
1421
1422 th = (const struct tcphdr *)skb->data;
1423
1424 if (unlikely(th->doff < sizeof(struct tcphdr)/4))
1425 goto bad_packet;
1426 if (!pskb_may_pull(skb, th->doff*4))
1427 goto discard_it;
1428
1429 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
1430 goto csum_error;
1431
1432 th = (const struct tcphdr *)skb->data;
1433 hdr = ipv6_hdr(skb);
1434
1435lookup:
1436 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th),
1437 th->source, th->dest, inet6_iif(skb), sdif,
1438 &refcounted);
1439 if (!sk)
1440 goto no_tcp_socket;
1441
1442process:
1443 if (sk->sk_state == TCP_TIME_WAIT)
1444 goto do_time_wait;
1445
1446 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1447 struct request_sock *req = inet_reqsk(sk);
1448 struct sock *nsk;
1449
1450 sk = req->rsk_listener;
1451 tcp_v6_fill_cb(skb, hdr, th);
1452 if (tcp_v6_inbound_md5_hash(sk, skb)) {
1453 sk_drops_add(sk, skb);
1454 reqsk_put(req);
1455 goto discard_it;
1456 }
1457 if (unlikely(sk->sk_state != TCP_LISTEN)) {
1458 inet_csk_reqsk_queue_drop_and_put(sk, req);
1459 goto lookup;
1460 }
1461 sock_hold(sk);
1462 refcounted = true;
1463 nsk = NULL;
1464 if (!tcp_filter(sk, skb))
1465 nsk = tcp_check_req(sk, skb, req, false);
1466 if (!nsk) {
1467 reqsk_put(req);
1468 goto discard_and_relse;
1469 }
1470 if (nsk == sk) {
1471 reqsk_put(req);
1472 tcp_v6_restore_cb(skb);
1473 } else if (tcp_child_process(sk, nsk, skb)) {
1474 tcp_v6_send_reset(nsk, skb);
1475 goto discard_and_relse;
1476 } else {
1477 sock_put(sk);
1478 return 0;
1479 }
1480 }
1481 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1482 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
1483 goto discard_and_relse;
1484 }
1485
1486 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1487 goto discard_and_relse;
1488
1489 tcp_v6_fill_cb(skb, hdr, th);
1490
1491 if (tcp_v6_inbound_md5_hash(sk, skb))
1492 goto discard_and_relse;
1493
1494 if (tcp_filter(sk, skb))
1495 goto discard_and_relse;
1496 th = (const struct tcphdr *)skb->data;
1497 hdr = ipv6_hdr(skb);
1498
1499 skb->dev = NULL;
1500
1501 if (sk->sk_state == TCP_LISTEN) {
1502 ret = tcp_v6_do_rcv(sk, skb);
1503 goto put_and_return;
1504 }
1505
1506 sk_incoming_cpu_update(sk);
1507
1508 bh_lock_sock_nested(sk);
1509 tcp_segs_in(tcp_sk(sk), skb);
1510 ret = 0;
1511 if (!sock_owned_by_user(sk)) {
1512 ret = tcp_v6_do_rcv(sk, skb);
1513 } else if (tcp_add_backlog(sk, skb)) {
1514 goto discard_and_relse;
1515 }
1516 bh_unlock_sock(sk);
1517
1518put_and_return:
1519 if (refcounted)
1520 sock_put(sk);
1521 return ret ? -1 : 0;
1522
1523no_tcp_socket:
1524 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1525 goto discard_it;
1526
1527 tcp_v6_fill_cb(skb, hdr, th);
1528
1529 if (tcp_checksum_complete(skb)) {
1530csum_error:
1531 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1532bad_packet:
1533 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1534 } else {
1535 tcp_v6_send_reset(NULL, skb);
1536 }
1537
1538discard_it:
1539 kfree_skb(skb);
1540 return 0;
1541
1542discard_and_relse:
1543 sk_drops_add(sk, skb);
1544 if (refcounted)
1545 sock_put(sk);
1546 goto discard_it;
1547
1548do_time_wait:
1549 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1550 inet_twsk_put(inet_twsk(sk));
1551 goto discard_it;
1552 }
1553
1554 tcp_v6_fill_cb(skb, hdr, th);
1555
1556 if (tcp_checksum_complete(skb)) {
1557 inet_twsk_put(inet_twsk(sk));
1558 goto csum_error;
1559 }
1560
1561 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1562 case TCP_TW_SYN:
1563 {
1564 struct sock *sk2;
1565
1566 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1567 skb, __tcp_hdrlen(th),
1568 &ipv6_hdr(skb)->saddr, th->source,
1569 &ipv6_hdr(skb)->daddr,
1570 ntohs(th->dest), tcp_v6_iif(skb),
1571 sdif);
1572 if (sk2) {
1573 struct inet_timewait_sock *tw = inet_twsk(sk);
1574 inet_twsk_deschedule_put(tw);
1575 sk = sk2;
1576 tcp_v6_restore_cb(skb);
1577 refcounted = false;
1578 goto process;
1579 }
1580
1581 }
1582 case TCP_TW_ACK:
1583 tcp_v6_timewait_ack(sk, skb);
1584 break;
1585 case TCP_TW_RST:
1586 tcp_v6_restore_cb(skb);
1587 tcp_v6_send_reset(sk, skb);
1588 inet_twsk_deschedule_put(inet_twsk(sk));
1589 goto discard_it;
1590 case TCP_TW_SUCCESS:
1591 ;
1592 }
1593 goto discard_it;
1594}
1595
1596static void tcp_v6_early_demux(struct sk_buff *skb)
1597{
1598 const struct ipv6hdr *hdr;
1599 const struct tcphdr *th;
1600 struct sock *sk;
1601
1602 if (skb->pkt_type != PACKET_HOST)
1603 return;
1604
1605 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1606 return;
1607
1608 hdr = ipv6_hdr(skb);
1609 th = tcp_hdr(skb);
1610
1611 if (th->doff < sizeof(struct tcphdr) / 4)
1612 return;
1613
1614
1615 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1616 &hdr->saddr, th->source,
1617 &hdr->daddr, ntohs(th->dest),
1618 inet6_iif(skb), inet6_sdif(skb));
1619 if (sk) {
1620 skb->sk = sk;
1621 skb->destructor = sock_edemux;
1622 if (sk_fullsock(sk)) {
1623 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
1624
1625 if (dst)
1626 dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
1627 if (dst &&
1628 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1629 skb_dst_set_noref(skb, dst);
1630 }
1631 }
1632}
1633
1634static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1635 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1636 .twsk_unique = tcp_twsk_unique,
1637 .twsk_destructor = tcp_twsk_destructor,
1638};
1639
1640static const struct inet_connection_sock_af_ops ipv6_specific = {
1641 .queue_xmit = inet6_csk_xmit,
1642 .send_check = tcp_v6_send_check,
1643 .rebuild_header = inet6_sk_rebuild_header,
1644 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1645 .conn_request = tcp_v6_conn_request,
1646 .syn_recv_sock = tcp_v6_syn_recv_sock,
1647 .net_header_len = sizeof(struct ipv6hdr),
1648 .net_frag_header_len = sizeof(struct frag_hdr),
1649 .setsockopt = ipv6_setsockopt,
1650 .getsockopt = ipv6_getsockopt,
1651 .addr2sockaddr = inet6_csk_addr2sockaddr,
1652 .sockaddr_len = sizeof(struct sockaddr_in6),
1653#ifdef CONFIG_COMPAT
1654 .compat_setsockopt = compat_ipv6_setsockopt,
1655 .compat_getsockopt = compat_ipv6_getsockopt,
1656#endif
1657 .mtu_reduced = tcp_v6_mtu_reduced,
1658};
1659
1660#ifdef CONFIG_TCP_MD5SIG
1661static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1662 .md5_lookup = tcp_v6_md5_lookup,
1663 .calc_md5_hash = tcp_v6_md5_hash_skb,
1664 .md5_parse = tcp_v6_parse_md5_keys,
1665};
1666#endif
1667
1668
1669
1670
1671static const struct inet_connection_sock_af_ops ipv6_mapped = {
1672 .queue_xmit = ip_queue_xmit,
1673 .send_check = tcp_v4_send_check,
1674 .rebuild_header = inet_sk_rebuild_header,
1675 .sk_rx_dst_set = inet_sk_rx_dst_set,
1676 .conn_request = tcp_v6_conn_request,
1677 .syn_recv_sock = tcp_v6_syn_recv_sock,
1678 .net_header_len = sizeof(struct iphdr),
1679 .setsockopt = ipv6_setsockopt,
1680 .getsockopt = ipv6_getsockopt,
1681 .addr2sockaddr = inet6_csk_addr2sockaddr,
1682 .sockaddr_len = sizeof(struct sockaddr_in6),
1683#ifdef CONFIG_COMPAT
1684 .compat_setsockopt = compat_ipv6_setsockopt,
1685 .compat_getsockopt = compat_ipv6_getsockopt,
1686#endif
1687 .mtu_reduced = tcp_v4_mtu_reduced,
1688};
1689
1690#ifdef CONFIG_TCP_MD5SIG
1691static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1692 .md5_lookup = tcp_v4_md5_lookup,
1693 .calc_md5_hash = tcp_v4_md5_hash_skb,
1694 .md5_parse = tcp_v6_parse_md5_keys,
1695};
1696#endif
1697
1698
1699
1700
1701static int tcp_v6_init_sock(struct sock *sk)
1702{
1703 struct inet_connection_sock *icsk = inet_csk(sk);
1704
1705 tcp_init_sock(sk);
1706
1707 icsk->icsk_af_ops = &ipv6_specific;
1708
1709#ifdef CONFIG_TCP_MD5SIG
1710 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1711#endif
1712
1713 return 0;
1714}
1715
1716static void tcp_v6_destroy_sock(struct sock *sk)
1717{
1718 tcp_v4_destroy_sock(sk);
1719 inet6_destroy_sock(sk);
1720}
1721
1722#ifdef CONFIG_PROC_FS
1723
1724static void get_openreq6(struct seq_file *seq,
1725 const struct request_sock *req, int i)
1726{
1727 long ttd = req->rsk_timer.expires - jiffies;
1728 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1729 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1730
1731 if (ttd < 0)
1732 ttd = 0;
1733
1734 seq_printf(seq,
1735 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1736 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1737 i,
1738 src->s6_addr32[0], src->s6_addr32[1],
1739 src->s6_addr32[2], src->s6_addr32[3],
1740 inet_rsk(req)->ir_num,
1741 dest->s6_addr32[0], dest->s6_addr32[1],
1742 dest->s6_addr32[2], dest->s6_addr32[3],
1743 ntohs(inet_rsk(req)->ir_rmt_port),
1744 TCP_SYN_RECV,
1745 0, 0,
1746 1,
1747 jiffies_to_clock_t(ttd),
1748 req->num_timeout,
1749 from_kuid_munged(seq_user_ns(seq),
1750 sock_i_uid(req->rsk_listener)),
1751 0,
1752 0,
1753 0, req);
1754}
1755
1756static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1757{
1758 const struct in6_addr *dest, *src;
1759 __u16 destp, srcp;
1760 int timer_active;
1761 unsigned long timer_expires;
1762 const struct inet_sock *inet = inet_sk(sp);
1763 const struct tcp_sock *tp = tcp_sk(sp);
1764 const struct inet_connection_sock *icsk = inet_csk(sp);
1765 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
1766 int rx_queue;
1767 int state;
1768
1769 dest = &sp->sk_v6_daddr;
1770 src = &sp->sk_v6_rcv_saddr;
1771 destp = ntohs(inet->inet_dport);
1772 srcp = ntohs(inet->inet_sport);
1773
1774 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
1775 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
1776 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
1777 timer_active = 1;
1778 timer_expires = icsk->icsk_timeout;
1779 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1780 timer_active = 4;
1781 timer_expires = icsk->icsk_timeout;
1782 } else if (timer_pending(&sp->sk_timer)) {
1783 timer_active = 2;
1784 timer_expires = sp->sk_timer.expires;
1785 } else {
1786 timer_active = 0;
1787 timer_expires = jiffies;
1788 }
1789
1790 state = sk_state_load(sp);
1791 if (state == TCP_LISTEN)
1792 rx_queue = sp->sk_ack_backlog;
1793 else
1794
1795
1796
1797 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
1798
1799 seq_printf(seq,
1800 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1801 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
1802 i,
1803 src->s6_addr32[0], src->s6_addr32[1],
1804 src->s6_addr32[2], src->s6_addr32[3], srcp,
1805 dest->s6_addr32[0], dest->s6_addr32[1],
1806 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1807 state,
1808 tp->write_seq - tp->snd_una,
1809 rx_queue,
1810 timer_active,
1811 jiffies_delta_to_clock_t(timer_expires - jiffies),
1812 icsk->icsk_retransmits,
1813 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
1814 icsk->icsk_probes_out,
1815 sock_i_ino(sp),
1816 refcount_read(&sp->sk_refcnt), sp,
1817 jiffies_to_clock_t(icsk->icsk_rto),
1818 jiffies_to_clock_t(icsk->icsk_ack.ato),
1819 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
1820 tp->snd_cwnd,
1821 state == TCP_LISTEN ?
1822 fastopenq->max_qlen :
1823 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
1824 );
1825}
1826
1827static void get_timewait6_sock(struct seq_file *seq,
1828 struct inet_timewait_sock *tw, int i)
1829{
1830 long delta = tw->tw_timer.expires - jiffies;
1831 const struct in6_addr *dest, *src;
1832 __u16 destp, srcp;
1833
1834 dest = &tw->tw_v6_daddr;
1835 src = &tw->tw_v6_rcv_saddr;
1836 destp = ntohs(tw->tw_dport);
1837 srcp = ntohs(tw->tw_sport);
1838
1839 seq_printf(seq,
1840 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1841 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1842 i,
1843 src->s6_addr32[0], src->s6_addr32[1],
1844 src->s6_addr32[2], src->s6_addr32[3], srcp,
1845 dest->s6_addr32[0], dest->s6_addr32[1],
1846 dest->s6_addr32[2], dest->s6_addr32[3], destp,
1847 tw->tw_substate, 0, 0,
1848 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
1849 refcount_read(&tw->tw_refcnt), tw);
1850}
1851
1852static int tcp6_seq_show(struct seq_file *seq, void *v)
1853{
1854 struct tcp_iter_state *st;
1855 struct sock *sk = v;
1856
1857 if (v == SEQ_START_TOKEN) {
1858 seq_puts(seq,
1859 " sl "
1860 "local_address "
1861 "remote_address "
1862 "st tx_queue rx_queue tr tm->when retrnsmt"
1863 " uid timeout inode\n");
1864 goto out;
1865 }
1866 st = seq->private;
1867
1868 if (sk->sk_state == TCP_TIME_WAIT)
1869 get_timewait6_sock(seq, v, st->num);
1870 else if (sk->sk_state == TCP_NEW_SYN_RECV)
1871 get_openreq6(seq, v, st->num);
1872 else
1873 get_tcp6_sock(seq, v, st->num);
1874out:
1875 return 0;
1876}
1877
1878static const struct file_operations tcp6_afinfo_seq_fops = {
1879 .owner = THIS_MODULE,
1880 .open = tcp_seq_open,
1881 .read = seq_read,
1882 .llseek = seq_lseek,
1883 .release = seq_release_net
1884};
1885
1886static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1887 .name = "tcp6",
1888 .family = AF_INET6,
1889 .seq_fops = &tcp6_afinfo_seq_fops,
1890 .seq_ops = {
1891 .show = tcp6_seq_show,
1892 },
1893};
1894
1895int __net_init tcp6_proc_init(struct net *net)
1896{
1897 return tcp_proc_register(net, &tcp6_seq_afinfo);
1898}
1899
1900void tcp6_proc_exit(struct net *net)
1901{
1902 tcp_proc_unregister(net, &tcp6_seq_afinfo);
1903}
1904#endif
1905
1906struct proto tcpv6_prot = {
1907 .name = "TCPv6",
1908 .owner = THIS_MODULE,
1909 .close = tcp_close,
1910 .connect = tcp_v6_connect,
1911 .disconnect = tcp_disconnect,
1912 .accept = inet_csk_accept,
1913 .ioctl = tcp_ioctl,
1914 .init = tcp_v6_init_sock,
1915 .destroy = tcp_v6_destroy_sock,
1916 .shutdown = tcp_shutdown,
1917 .setsockopt = tcp_setsockopt,
1918 .getsockopt = tcp_getsockopt,
1919 .keepalive = tcp_set_keepalive,
1920 .recvmsg = tcp_recvmsg,
1921 .sendmsg = tcp_sendmsg,
1922 .sendpage = tcp_sendpage,
1923 .backlog_rcv = tcp_v6_do_rcv,
1924 .release_cb = tcp_release_cb,
1925 .hash = inet6_hash,
1926 .unhash = inet_unhash,
1927 .get_port = inet_csk_get_port,
1928 .enter_memory_pressure = tcp_enter_memory_pressure,
1929 .leave_memory_pressure = tcp_leave_memory_pressure,
1930 .stream_memory_free = tcp_stream_memory_free,
1931 .sockets_allocated = &tcp_sockets_allocated,
1932 .memory_allocated = &tcp_memory_allocated,
1933 .memory_pressure = &tcp_memory_pressure,
1934 .orphan_count = &tcp_orphan_count,
1935 .sysctl_mem = sysctl_tcp_mem,
1936 .sysctl_wmem = sysctl_tcp_wmem,
1937 .sysctl_rmem = sysctl_tcp_rmem,
1938 .max_header = MAX_TCP_HEADER,
1939 .obj_size = sizeof(struct tcp6_sock),
1940 .slab_flags = SLAB_TYPESAFE_BY_RCU,
1941 .twsk_prot = &tcp6_timewait_sock_ops,
1942 .rsk_prot = &tcp6_request_sock_ops,
1943 .h.hashinfo = &tcp_hashinfo,
1944 .no_autobind = true,
1945#ifdef CONFIG_COMPAT
1946 .compat_setsockopt = compat_tcp_setsockopt,
1947 .compat_getsockopt = compat_tcp_getsockopt,
1948#endif
1949 .diag_destroy = tcp_abort,
1950};
1951
1952
1953
1954
1955static struct inet6_protocol tcpv6_protocol = {
1956 .early_demux = tcp_v6_early_demux,
1957 .early_demux_handler = tcp_v6_early_demux,
1958 .handler = tcp_v6_rcv,
1959 .err_handler = tcp_v6_err,
1960 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
1961};
1962
1963static struct inet_protosw tcpv6_protosw = {
1964 .type = SOCK_STREAM,
1965 .protocol = IPPROTO_TCP,
1966 .prot = &tcpv6_prot,
1967 .ops = &inet6_stream_ops,
1968 .flags = INET_PROTOSW_PERMANENT |
1969 INET_PROTOSW_ICSK,
1970};
1971
1972static int __net_init tcpv6_net_init(struct net *net)
1973{
1974 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
1975 SOCK_RAW, IPPROTO_TCP, net);
1976}
1977
1978static void __net_exit tcpv6_net_exit(struct net *net)
1979{
1980 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
1981}
1982
1983static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
1984{
1985 inet_twsk_purge(&tcp_hashinfo, AF_INET6);
1986}
1987
1988static struct pernet_operations tcpv6_net_ops = {
1989 .init = tcpv6_net_init,
1990 .exit = tcpv6_net_exit,
1991 .exit_batch = tcpv6_net_exit_batch,
1992};
1993
1994int __init tcpv6_init(void)
1995{
1996 int ret;
1997
1998 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
1999 if (ret)
2000 goto out;
2001
2002
2003 ret = inet6_register_protosw(&tcpv6_protosw);
2004 if (ret)
2005 goto out_tcpv6_protocol;
2006
2007 ret = register_pernet_subsys(&tcpv6_net_ops);
2008 if (ret)
2009 goto out_tcpv6_protosw;
2010out:
2011 return ret;
2012
2013out_tcpv6_protosw:
2014 inet6_unregister_protosw(&tcpv6_protosw);
2015out_tcpv6_protocol:
2016 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2017 goto out;
2018}
2019
2020void tcpv6_exit(void)
2021{
2022 unregister_pernet_subsys(&tcpv6_net_ops);
2023 inet6_unregister_protosw(&tcpv6_protosw);
2024 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2025}
2026
