Lines Matching defs:sk
50 bool tcp_ao_ignore_icmp(const struct sock *sk, int family, int type, int code)
80 switch (sk->sk_state) {
82 ao = rcu_dereference(tcp_twsk(sk)->ao_info);
94 ao = rcu_dereference(tcp_sk(sk)->ao_info);
99 __NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPAODROPPEDICMPS);
192 static struct tcp_ao_key *__tcp_ao_do_lookup(const struct sock *sk, int l3index,
202 ao = rcu_dereference_check(tcp_sk(sk)->ao_info,
203 lockdep_sock_is_held(sk));
217 struct tcp_ao_key *tcp_ao_do_lookup(const struct sock *sk, int l3index,
221 return __tcp_ao_do_lookup(sk, l3index, addr, family, U8_MAX, sndid, rcvid);
242 static struct tcp_ao_key *tcp_ao_copy_key(struct sock *sk,
247 new_key = sock_kmalloc(sk, tcp_ao_sizeof_key(key),
269 void tcp_ao_destroy_sock(struct sock *sk, bool twsk)
276 ao = rcu_dereference_protected(tcp_twsk(sk)->ao_info, 1);
277 tcp_twsk(sk)->ao_info = NULL;
279 ao = rcu_dereference_protected(tcp_sk(sk)->ao_info, 1);
280 tcp_sk(sk)->ao_info = NULL;
289 atomic_sub(tcp_ao_sizeof_key(key), &sk->sk_omem_alloc);
356 const struct sock *sk,
360 return tcp_v4_ao_calc_key(mkt, key, sk->sk_rcv_saddr,
361 sk->sk_daddr, htons(sk->sk_num),
362 sk->sk_dport, sisn, disn);
364 return tcp_v4_ao_calc_key(mkt, key, sk->sk_daddr,
365 sk->sk_rcv_saddr, sk->sk_dport,
366 htons(sk->sk_num), disn, sisn);
370 const struct sock *sk,
374 return tcp_v4_ao_calc_key_sk(mkt, key, sk, sisn, disn, send);
377 return tcp_v6_ao_calc_key_sk(mkt, key, sk, sisn, disn, send);
439 const struct sock *sk,
448 return tcp_v4_ao_hash_pseudoheader(hp, sk->sk_daddr,
449 sk->sk_rcv_saddr, skb->len);
452 return tcp_v6_ao_hash_pseudoheader(hp, &sk->sk_v6_daddr,
453 &sk->sk_v6_rcv_saddr, skb->len);
604 const struct sock *sk, const struct sk_buff *skb,
628 if (tcp_ao_hash_pseudoheader(family, sk, skb, &hp, skb->len))
654 const struct sock *sk, const struct sk_buff *skb,
657 return tcp_ao_hash_skb(AF_INET, ao_hash, key, sk, skb,
683 struct tcp_ao_key *tcp_v4_ao_lookup_rsk(const struct sock *sk,
691 l3index = l3mdev_master_ifindex_by_index(sock_net(sk), ireq->ir_iif);
692 return tcp_ao_do_lookup(sk, l3index, addr, AF_INET, sndid, rcvid);
695 struct tcp_ao_key *tcp_v4_ao_lookup(const struct sock *sk, struct sock *addr_sk,
698 int l3index = l3mdev_master_ifindex_by_index(sock_net(sk),
702 return tcp_ao_do_lookup(sk, l3index, addr, AF_INET, sndid, rcvid);
705 int tcp_ao_prepare_reset(const struct sock *sk, struct sk_buff *skb,
721 if (!sk)
724 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_NEW_SYN_RECV)) {
725 unsigned int family = READ_ONCE(sk->sk_family);
729 if (sk->sk_state == TCP_NEW_SYN_RECV) {
730 struct request_sock *req = inet_reqsk(sk);
744 if (family == AF_INET6 && ipv6_addr_v4mapped(&sk->sk_v6_daddr))
748 sk = sk_const_to_full_sk(sk);
749 ao_info = rcu_dereference(tcp_sk(sk)->ao_info);
752 *key = tcp_ao_do_lookup(sk, l3index, addr, family,
768 if (sk->sk_state == TCP_TIME_WAIT) {
769 ao_info = rcu_dereference(tcp_twsk(sk)->ao_info);
770 snd_basis = tcp_twsk(sk)->tw_snd_nxt;
772 ao_info = rcu_dereference(tcp_sk(sk)->ao_info);
773 snd_basis = tcp_sk(sk)->snd_una;
790 int tcp_ao_transmit_skb(struct sock *sk, struct sk_buff *skb,
795 struct tcp_sock *tp = tcp_sk(sk);
801 ao = rcu_dereference_protected(tcp_sk(sk)->ao_info,
802 lockdep_sock_is_held(sk));
817 sk, ao->lisn, disn, true);
821 tp->af_specific->calc_ao_hash(hash_location, key, sk, skb, traffic_key,
828 const struct sock *sk, const struct sk_buff *skb,
834 return tcp_ao_do_lookup(sk, l3index,
840 return tcp_ao_do_lookup(sk, l3index,
846 void tcp_ao_syncookie(struct sock *sk, const struct sk_buff *skb,
870 l3index = l3mdev_master_ifindex_by_index(sock_net(sk), inet_rsk(req)->ir_iif);
871 key = tcp_ao_inbound_lookup(family, sk, skb, -1, aoh->keyid, l3index);
882 tcp_ao_verify_hash(const struct sock *sk, const struct sk_buff *skb,
892 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPAOBAD);
906 tcp_ao_hash_skb(family, hash_buf, key, sk, skb, traffic_key,
909 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPAOBAD);
917 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPAOGOOD);
925 tcp_inbound_ao_hash(struct sock *sk, const struct sk_buff *skb,
938 info = rcu_dereference(tcp_sk(sk)->ao_info);
940 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPAOKEYNOTFOUND);
952 if (likely((1 << sk->sk_state) & TCP_AO_ESTABLISHED)) {
971 sne = tcp_ao_compute_sne(info->rcv_sne, tcp_sk(sk)->rcv_nxt,
975 err = tcp_ao_verify_hash(sk, skb, family, info, aoh, key,
997 key = tcp_ao_inbound_lookup(family, sk, skb, -1, aoh->keyid, l3index);
1004 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_NEW_SYN_RECV)) {
1021 } else if ((1 << sk->sk_state) & (TCPF_SYN_SENT | TCPF_SYN_RECV)) {
1028 WARN_ONCE(1, "TCP-AO: Unexpected sk_state %d", sk->sk_state);
1036 ret = tcp_ao_verify_hash(sk, skb, family, info, aoh, key,
1042 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPAOKEYNOTFOUND);
1049 static int tcp_ao_cache_traffic_keys(const struct sock *sk,
1056 ret = tcp_ao_calc_key_sk(ao_key, traffic_key, sk,
1062 ret = tcp_ao_calc_key_sk(ao_key, traffic_key, sk,
1067 void tcp_ao_connect_init(struct sock *sk)
1069 struct tcp_sock *tp = tcp_sk(sk);
1077 lockdep_sock_is_held(sk));
1082 family = sk->sk_family;
1084 addr = (union tcp_ao_addr *)&sk->sk_daddr;
1087 addr = (union tcp_ao_addr *)&sk->sk_v6_daddr;
1091 l3index = l3mdev_master_ifindex_by_index(sock_net(sk),
1092 sk->sk_bound_dev_if);
1103 atomic_sub(tcp_ao_sizeof_key(key), &sk->sk_omem_alloc);
1107 key = tp->af_specific->ao_lookup(sk, sk, -1, -1);
1130 void tcp_ao_established(struct sock *sk)
1135 ao = rcu_dereference_protected(tcp_sk(sk)->ao_info,
1136 lockdep_sock_is_held(sk));
1141 tcp_ao_cache_traffic_keys(sk, ao, key);
1144 void tcp_ao_finish_connect(struct sock *sk, struct sk_buff *skb)
1149 ao = rcu_dereference_protected(tcp_sk(sk)->ao_info,
1150 lockdep_sock_is_held(sk));
1158 tcp_ao_cache_traffic_keys(sk, ao, key);
1161 int tcp_ao_copy_all_matching(const struct sock *sk, struct sock *newsk,
1172 ao = rcu_dereference(tcp_sk(sk)->ao_info);
1263 static bool tcp_ao_can_set_current_rnext(struct sock *sk)
1266 if (sk->sk_state == TCP_LISTEN)
1271 static int tcp_ao_verify_ipv4(struct sock *sk, struct tcp_ao_add *cmd,
1275 struct inet_sock *inet = inet_sk(sk);
1423 static int tcp_ao_verify_ipv6(struct sock *sk, struct tcp_ao_add *cmd,
1451 if (!ipv6_addr_any(&sk->sk_v6_daddr)) {
1452 __be32 daddr4 = sk->sk_v6_daddr.s6_addr32[3];
1454 if (!ipv6_addr_v4mapped(&sk->sk_v6_daddr))
1474 if (!ipv6_addr_any(&sk->sk_v6_daddr) &&
1475 !ipv6_prefix_equal(&sk->sk_v6_daddr, addr, prefix))
1487 static int tcp_ao_verify_ipv6(struct sock *sk, struct tcp_ao_add *cmd,
1495 static struct tcp_ao_info *setsockopt_ao_info(struct sock *sk)
1497 if (sk_fullsock(sk)) {
1498 return rcu_dereference_protected(tcp_sk(sk)->ao_info,
1499 lockdep_sock_is_held(sk));
1500 } else if (sk->sk_state == TCP_TIME_WAIT) {
1501 return rcu_dereference_protected(tcp_twsk(sk)->ao_info,
1502 lockdep_sock_is_held(sk));
1507 static struct tcp_ao_info *getsockopt_ao_info(struct sock *sk)
1509 if (sk_fullsock(sk))
1510 return rcu_dereference(tcp_sk(sk)->ao_info);
1511 else if (sk->sk_state == TCP_TIME_WAIT)
1512 return rcu_dereference(tcp_twsk(sk)->ao_info);
1520 static struct tcp_ao_key *tcp_ao_key_alloc(struct sock *sk,
1554 key = sock_kmalloc(sk, size, GFP_KERNEL);
1569 static int tcp_ao_add_cmd(struct sock *sk, unsigned short int family,
1593 ret = tcp_ao_verify_ipv4(sk, &cmd, &addr);
1595 ret = tcp_ao_verify_ipv6(sk, &cmd, &addr, &family);
1603 if (!tcp_ao_can_set_current_rnext(sk))
1612 int bound_dev_if = READ_ONCE(sk->sk_bound_dev_if);
1616 dev = dev_get_by_index_rcu(sock_net(sk), cmd.ifindex);
1629 if (!((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)))
1639 net_warn_ratelimited("AO key ifindex %d != sk bound ifindex %d\n",
1650 if (tcp_md5_do_lookup(sk, l3index, addr, family))
1653 if (tcp_md5_do_lookup_any_l3index(sk, addr, family))
1657 ao_info = setsockopt_ao_info(sk);
1672 if (__tcp_ao_do_lookup(sk, l3index, addr, family, cmd.prefix, -1, cmd.rcvid))
1674 if (__tcp_ao_do_lookup(sk, l3index, addr, family,
1679 key = tcp_ao_key_alloc(sk, &cmd);
1701 if (!((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))) {
1702 tcp_ao_cache_traffic_keys(sk, ao_info, key);
1715 sk_gso_disable(sk);
1716 rcu_assign_pointer(tcp_sk(sk)->ao_info, ao_info);
1726 atomic_sub(tcp_ao_sizeof_key(key), &sk->sk_omem_alloc);
1735 static int tcp_ao_delete_key(struct sock *sk, struct tcp_ao_info *ao_info,
1749 atomic_sub(tcp_ao_sizeof_key(key), &sk->sk_omem_alloc);
1775 atomic_sub(tcp_ao_sizeof_key(key), &sk->sk_omem_alloc);
1785 static int tcp_ao_del_cmd(struct sock *sk, unsigned short int family,
1807 if (!tcp_ao_can_set_current_rnext(sk))
1822 ao_info = setsockopt_ao_info(sk);
1843 if (cmd.del_async && sk->sk_state != TCP_LISTEN)
1899 return tcp_ao_delete_key(sk, ao_info, cmd.del_async, key,
1910 static int tcp_ao_required_verify(struct sock *sk)
1918 md5sig = rcu_dereference_check(tcp_sk(sk)->md5sig_info,
1919 lockdep_sock_is_held(sk));
1924 lockdep_sock_is_held(sk)))
1930 static int tcp_ao_info_cmd(struct sock *sk, unsigned short int family,
1947 if (!tcp_ao_can_set_current_rnext(sk))
1954 ao_info = setsockopt_ao_info(sk);
1958 if (!((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)))
1966 if (cmd.ao_required && tcp_ao_required_verify(sk))
2007 sk_gso_disable(sk);
2008 rcu_assign_pointer(tcp_sk(sk)->ao_info, ao_info);
2017 int tcp_parse_ao(struct sock *sk, int cmd, unsigned short int family,
2025 return tcp_ao_add_cmd(sk, family, optval, optlen);
2027 return tcp_ao_del_cmd(sk, family, optval, optlen);
2029 return tcp_ao_info_cmd(sk, family, optval, optlen);
2036 int tcp_v4_parse_ao(struct sock *sk, int cmd, sockptr_t optval, int optlen)
2038 return tcp_parse_ao(sk, cmd, AF_INET, optval, optlen);
2274 int tcp_ao_get_mkts(struct sock *sk, sockptr_t optval, sockptr_t optlen)
2278 ao_info = setsockopt_ao_info(sk);
2287 int tcp_ao_get_sock_info(struct sock *sk, sockptr_t optval, sockptr_t optlen)
2311 ao = setsockopt_ao_info(sk);
2342 int tcp_ao_set_repair(struct sock *sk, sockptr_t optval, unsigned int optlen)
2344 struct tcp_sock *tp = tcp_sk(sk);
2360 ao = setsockopt_ao_info(sk);
2372 tcp_ao_cache_traffic_keys(sk, ao, key);
2377 int tcp_ao_get_repair(struct sock *sk, sockptr_t optval, sockptr_t optlen)
2379 struct tcp_sock *tp = tcp_sk(sk);
2394 ao = getsockopt_ao_info(sk);